diff -Nru juju-core-2.0~beta7/debian/changelog juju-core-2.0~beta12/debian/changelog
--- juju-core-2.0~beta7/debian/changelog	2016-05-17 20:14:16.000000000 +0000
+++ juju-core-2.0~beta12/debian/changelog	2016-07-22 14:31:32.000000000 +0000
@@ -1,4 +1,31 @@
-juju-core (2.0~beta7-0ubuntu1.16.04.1) xenial-proposed; urgency=medium
+juju-core (2.0~beta12-0ubuntu1.16.04.1) xenial-proposed; urgency=medium
+
+  [ Nicholas Skaggs ]
+  * New upstream release 2.0-beta12 (LP: #1604137).
+  * Update debian/copyright.
+  * Add skip to current-manual-provider for bug 1605313 and bug 1605050
+  * Fix adt test for manual-provider
+
+  [ Martin Packman ]
+  * Allow stripping of go binaries (LP: #1564662).
+  * Mark juju-2.0 as conflicting and replacing old ppas (LP: #1600257).
+  * Adjust where bash completion script is installed (LP: #1588403).
+
+ -- Nicholas Skaggs <nicholas.skaggs@canonical.com>  Mon, 18 Jul 2016 14:00:19 -0400
+
+juju-core (2.0~beta10-0ubuntu1.16.10.1) yakkety; urgency=medium
+
+  * New upstream release 2.0-beta10 (LP: #1596920).
+  * Update debian/copyright for licence changes.
+  * Depend on golang-go >1.6 on all architectures.
+  * Drop golang-github-lxc-lxd-dev dependency temporarily as a post-1.0 version
+    is required but not yet released in the archive.
+  * Drop golang-gopkg-lxc-go-lxc.v2-dev dependency as old lxc support is gone.
+  * Update name of controller in lxd test.
+
+ -- Martin Packman <martin.packman@canonical.com>  Tue, 28 Jun 2016 11:16:58 +0000
+
+juju-core (2.0~beta7-0ubuntu1.16.10.1) yakkety; urgency=medium
 
   * New upstream release 2.0-beta7 (LP: #1581645)
 
diff -Nru juju-core-2.0~beta7/debian/control juju-core-2.0~beta12/debian/control
--- juju-core-2.0~beta7/debian/control	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/debian/control	2016-07-18 19:45:44.000000000 +0000
@@ -8,13 +8,10 @@
                golang-check.v1-dev,
                golang-github-bmizerany-pat-dev,
                golang-github-coreos-go-systemd-dev,
-               golang-github-lxc-lxd-dev,
-               golang-go (>= 2:1.2) [amd64 i386 armhf],
-               golang-go (>= 2:1.6) [!amd64 !i386 !armhf] | gccgo-5 [!amd64 !i386 !armhf] | gccgo-go [!amd64 !i386 !armhf],
+               golang-go (>= 2:1.6),
                golang-go-dbus-dev,
                golang-golang-x-crypto-dev,
                golang-golang-x-net-dev,
-               golang-gopkg-lxc-go-lxc.v2-dev,
                golang-gopkg-tomb.v2-dev,
                golang-juju-loggo-dev,
                golang-websocket-dev,
@@ -31,7 +28,8 @@
 Depends: distro-info, ${misc:Depends}, ${shlibs:Depends}
 Recommends: lxd, bash-completion
 Breaks: juju-core (<= 1.25.4)
-Conflicts: juju2
+Conflicts: juju2, juju-core2
+Replaces: juju2, juju-core2
 Built-Using: ${misc:Built-Using}
 Description: Juju is devops distilled - client
  Through the use of charms, juju provides you with shareable, re-usable,
diff -Nru juju-core-2.0~beta7/debian/copyright juju-core-2.0~beta12/debian/copyright
--- juju-core-2.0~beta7/debian/copyright	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/debian/copyright	2016-07-18 19:45:44.000000000 +0000
@@ -43,12 +43,12 @@
 Files: src/github.com/bmizerany/pat/*
 Copyright: 2012 Keith Rarick, Blake Mizerany
 License: Expat
-Comment: Last verified commit 48be7df2c27e1cec821a3284a683ce6ef90d9052
+Comment: Last verified commit c068ca2f0aacee5ac3681d68e4d0a003b7d1fd2c
 
 Files: src/github.com/coreos/go-systemd/*
 Copyright: 2015 CoreOS, Inc.
 License: Apache-2.0
-Comment: Last verified commit 2d21675230a81a503f4363f4aa3490af06d52bb8
+Comment: Last verified commit 7b2428fec40033549c68f54e26e89e7ca9a9ce31
          File src/github.com/coreos/go-systemd/daemon/sdnotify.go
          forked from Docker project, also under Apache-2.0.
 
@@ -65,15 +65,27 @@
          issues in golang 1.2.x.
 
 Files: src/github.com/godbus/dbus/*
-Copyright: 2013, Georg Reinke (<guelfey at gmail dot com>)
+Copyright: 2013 Georg Reinke (<guelfey at gmail dot com>), Google
 License: BSD-2-clause
-Comment: Last verified commit 88765d85c0fdadcd98a54e30694fa4e4f5b51133
+Comment: Last verified commit 32c6cc29c14570de4cf6d7e7737d68fb2d01ad15
+
+Files: src/github.com/google/go-querystring/*
+Copyright: 2013 The Go Authors. All rights reserved.
+           Copyright 2013 Google.
+License: BSD-3-clause
+Comment: Last verified commit 9235644dd9e52eeae6fa48efd539fdc351a0af53
 
 Files: src/github.com/gorilla/websocket/*
 Copyright: 2013, 2014, 2015 The Gorilla WebSocket Authors. All rights reserved.
 License: BSD-2-clause
 Comment: Last verified commit 13e4d0621caa4d77fd9aa470ef6d7ab63d1a5e41
 
+Files: src/github.com/gorilla/schema/*
+Copyright: 2012 The Gorilla Authors. All rights reserved.
+           2012 Rodrigo Moraes. All rights reserved.
+License: BSD-3-clause
+Comment: Last verified commit 08023a0215e7fc27a9aecd8b8c50913c40019478
+
 Files: src/github.com/gosuri/uitable/*
 Copyright: 2015 Greg Osuri
 License: Expat
@@ -84,9 +96,9 @@
 License: Expat
 
 Files: src/github.com/joyent/gocommon/*
-Copyright: 2013, Joyent Inc.
-License: LGPL-3+
-Comment: Last verified commit 40c7818502f7c1ebbb13dab185a26e77b746ff40
+Copyright: 2013, 2016, Joyent Inc.
+License: MPL-2.0
+Comment: Last verified commit ade826b8b54e81a779ccb29d358a45ba24b7809c
 
 Files: src/github.com/joyent/gosdc/*
 Copyright: 2013, Joyent Inc.
@@ -106,12 +118,12 @@
 Files: src/github.com/juju/bundlechanges/*
 Copyright: 2015 Canonical Ltd.
 License: LGPL-3+
-Comment: Last verified commit a1fcaa2fc3b55305d064d16cb56bf87541efb8a4
+Comment: Last verified commit 8d99dd2a94d7b4fd975a152238d0e19d0c4a6cf1
 
 Files: src/github.com/juju/cmd/*
 Copyright: 2012-2016 Canonical Ltd.
 License: LGPL-3 with linking exception
-Comment: Last verified commit ca63dd8ba13f8fbbbe16a917696a7ce68cc3dc0b
+Comment: Last verified commit a11ae7a7436c133e799f025998cbbefd3f6eef7e
 
 Files: src/github.com/juju/errors/*
 Copyright: 2013-2015 Canonical Ltd.
@@ -219,7 +231,7 @@
 Files: src/github.com/juju/idmclient/*
 Copyright: 2014, 2015, 2016 Canonical Ltd.
 License: LGPL-3 with linking exception
-Comment: Last verified commit 1995850da11150fb9247e43c6089e54eaeaae44a
+Comment: Last verified commit 3dda079a75cccb85083d4c3877e638f5d6ab79c2
 
 Files: src/github.com/juju/mempool/*
 Copyright: 2012 The Go Authors.
@@ -265,7 +277,7 @@
          The original Apache-2.0 license for the external source can be found
          inside src/github.com/juju/juju/cloudconfig/Apache-License.txt.
 
-Files: src/github.com/juju/juju/etc/bash_completion.d/juju2
+Files: src/github.com/juju/juju/etc/bash_completion.d/juju
 Copyright: 2013+ Canonical Ltd.
 License: GPL-3
 
@@ -284,21 +296,16 @@
 License: LGPL-3 with linking exception
 Comment: Last verified commit 8477fc936adf0e382d680310047ca27e128a309a
 
-Files: src/github.com/juju/names/*
-Copyright: 2013-2016 Canonical Ltd.
+Files: src/github.com/juju/mutex/*
+Copyright: 2016 Canonical Ltd.
 License: LGPL-3 with linking exception
-Comment: Last verified commit 8a0aa0963bbacdc790914892e9ff942e94d6f795
+Comment: Last verified commit 59c26ee163447c5c57f63ff71610d433862013de
 
 Files: src/github.com/juju/persistent-cookiejar/*
 Copyright: 2012, 2013, 2015 The Go Authors. All rights reserved.
 License: BSD-3-clause
 Comment: Last verified commit e710b897c13ca52828ca2fc9769465186fd6d15c
 
-Files: src/github.com/juju/ratelimit/*
-Copyright: 2014, 2015 Canonical Ltd
-License: LGPL-3 with linking exception
-Comment: Last verified commit aa5bb718d4d435629821789cb90970319f57bfe5
-
 Files: src/github.com/juju/replicaset/*
 Copyright: 2013-2015 Canonical Ltd
 License: LGPL-3 with linking exception
@@ -309,10 +316,15 @@
 License: LGPL-3 with linking exception
 Comment: Last verified commit 62c62032529169c7ec02fa48f93349604c345e1f
 
+Files: src/github.com/juju/rfc/*
+Copyright: 2015 Canonical Ltd.
+License: LGPL-3 with linking exception
+Comment: Last verified commit ebdbbdb950cd039a531d15cdc2ac2cbd94f068ee
+
 Files: src/github.com/juju/romulus/*
 Copyright: 2016 Canonical Ltd.
 License: AGPL-3
-Comment: Last verified commit 767a53ef0929d969a3c81c53c6b9f8e94a95dae5
+Comment: Last verified commit 6b52a14d619315a31ad4d7069db654c883d6f562
 
 Files: src/github.com/juju/schema/*
 Copyright: 2011-2016 Canonical Ltd.
@@ -322,7 +334,7 @@
 Files: src/github.com/juju/testing/*
 Copyright: 2011-2016 Canonical Ltd.
 License: LGPL-3 with linking exception
-Comment: Last verified commit 3ea8417b3125018f678eb9159731917d01121445
+Comment: Last verified commit ccf839b5a07a7a05009f8fa3ec41cd05fb2e0b08
 
 Files: src/github.com/juju/testing/checkers/file_test.go
        src/github.com/juju/testing/mgo_windows.go
@@ -351,7 +363,7 @@
 Copyright: 2011-2016 Canonical Ltd.
            2014, 2015, 2016 Cloudbase Solutions SRL
 License: LGPL-3 with linking exception
-Comment: Last verified commit d5423ca3ec0b0cc8ccf093fab1365b1c9f93eb2d
+Comment: Last verified commit 6219812829a3542c827c76cc75f416d4e6c94335
 
 Files: src/github.com/juju/utils/du/diskusage.go
        src/github.com/juju/utils/du/diskusage_windows.go
@@ -367,10 +379,9 @@
 Comment: See src/github.com/juju/utils/LICENSE.golang.
 
 Files: src/github.com/juju/version/*
-Copyright: 2015 Canonical Ltd.
-License: LGPL-3
-Comment: Last verified commit ef897ad7f130870348ce306f61332f5335355063
-         (should have a linking exception, doesn't currently)
+Copyright: 2012, 2013, 2015 Canonical Ltd.
+License: LGPL-3 with linking exception
+Comment: Last verified commit 4ae6172c00626779a5a462c3e3d22fc0e889431a
 
 Files: src/github.com/juju/webbrowser/*
 Copyright: 2015 Canonical Ltd.
@@ -429,6 +440,11 @@
 License: Expat
 Comment: Last verified commit d96d1bd051f2bd9e7e43d602782b37b93b1b5666
 
+Files: src/github.com/rogpeppe/fastuuid/*
+Copyright: 2014 Roger Peppe
+License: BSD-3-clause
+Comment: Last verified commit 6724a57986aff9bff1a1770e9347036def7c89f6
+
 Files: src/golang.org/x/crypto/*
 Copyright: 2009-2015 The Go Authors. All rights reserved.
 License: BSD-3-clause
@@ -507,17 +523,17 @@
 Files: src/gopkg.in/juju/charm.v6-unstable/*
 Copyright: 2011-2016 Canonical Ltd.
 License: LGPL-3 with linking exception
-Comment: Last verified commit 9857751ba31e81773bbb42557e85054d6b4de4dd
+Comment: Last verified commit 8796be6021c9ecb20630950498ec515f7dd24575
 
 Files: src/gopkg.in/juju/charmrepo.v2-unstable/*
 Copyright: 2012-2016 Canonical Ltd.
 License: LGPL-3 with linking exception
-Comment: Last verified commit c457416da598dffa665fc75aeb5c7265ff1273c0
+Comment: Last verified commit 6e6733987fb03100f30e494cc1134351fe4a593b
 
 Files: src/gopkg.in/juju/charmstore.v5-unstable/*
 Copyright: 2012-2016 Canonical Ltd.
 License: AGPL-3
-Comment: Last verified commit 745fa1ca2260cdc9dd5a6df6282da51776baa59f
+Comment: Last verified commit 2cb9f80553dddaae8c5e2161ea45f4be5d9afc00
 
 Files: src/gopkg.in/juju/environschema.v1/*
 Copyright: 2015 Canonical Ltd.
@@ -527,12 +543,12 @@
 Files: src/gopkg.in/juju/jujusvg.v1/*
 Copyright: 2014, 2015 Canonical Ltd.
 License: LGPL-3 with linking exception
-Comment: Last verified commit a60359df348ef2ca40ec3bcd58a01de54f05658e
+Comment: Last verified commit cc128825adce31ea13020d24e7b3302bac86a8c3
 
 Files: src/gopkg.in/macaroon-bakery.v1/*
 Copyright: 2014, Roger Peppe, Canonical Inc.
 License: LGPL-3 with linking exception
-Comment: Last verified commit c8e0209b0f4e48e8603ab0ae2477445f9443fbdc
+Comment: Last verified commit b097c9d99b2537efaf54492e08f7e148f956ba51
 
 Files: src/gopkg.in/macaroon.v1/*
 Copyright: 2014, Roger Peppe
@@ -552,6 +568,11 @@
          https://github.com/christkv/kerberos/tree/master/lib/win32/kerberos_sspi.c
          https://github.com/christkv/kerberos/tree/master/lib/win32/kerberos_sspi.h
 
+Files: src/gopkg.in/juju/names.v2/*
+Copyright: 2013-2016 Canonical Ltd.
+License: LGPL-3 with linking exception
+Comment: Last verified commit 5426d66579afd36fc63d809dd58806806c2f161f
+
 Files: src/gopkg.in/natefinch/lumberjack.v2/*
 Copyright: 2014 Nate Finch
 License: Expat
@@ -561,7 +582,7 @@
 Copyright: 2013 npipe authors
            2013 Nate Finch
 License: Expat
-Comment: Last verified commit e562d4ae5c2f838f9e7e406f7d9890d5b02467a9
+Comment: Last verified commit c1b8fa8bdccecb0b8db834ee0b92fdbcfa606dd6
 
 Files: src/gopkg.in/yaml.v1/*
 Copyright: 2011-2014 Canonical Inc.
@@ -823,3 +844,8 @@
  CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
  TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
  SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+License: MPL-2.0
+ This Software is subject to the terms of the Mozilla Public
+ License, v. 2.0. If a copy of the MPL was not distributed with this
+ software, you can obtain one at http://mozilla.org/MPL/2.0/.
diff -Nru juju-core-2.0~beta7/debian/juju-2.0.lintian-overrides juju-core-2.0~beta12/debian/juju-2.0.lintian-overrides
--- juju-core-2.0~beta7/debian/juju-2.0.lintian-overrides	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/debian/juju-2.0.lintian-overrides	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,3 @@
-# golang binaries should not be stripped
-unstripped-binary-or-object usr/lib/juju-*/bin/*
 # false positive from golang port of libyaml
 embedded-library usr/lib/juju-*/bin/*: libyaml
 hardening-no-relro usr/lib/juju-*/bin/juju-upgrade-mongo
diff -Nru juju-core-2.0~beta7/debian/rules juju-core-2.0~beta12/debian/rules
--- juju-core-2.0~beta7/debian/rules	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/debian/rules	2016-07-18 19:45:44.000000000 +0000
@@ -50,15 +50,18 @@
 override_dh_auto_install:
 	echo '#!/bin/sh\nexport PATH=/usr/lib/juju-$(VERSION)/bin:"$$PATH"\nexec juju "$$@"' > _build/bin/juju-$(VERSION)
 	chmod 755 _build/bin/juju-$(VERSION)
-	mkdir -p debian/home
-	HOME=debian/home $(CURDIR)/src/github.com/juju/juju/scripts/generate-docs.py man -o juju.1
+	mkdir -p _build/home
+	HOME=_build/home $(CURDIR)/src/github.com/juju/juju/scripts/generate-docs.py man -o _build/juju.1
 	dh_install _build/bin/juju usr/lib/juju-$(VERSION)/bin
 	dh_install _build/bin/juju-metadata usr/lib/juju-$(VERSION)/bin
 	dh_install _build/bin/juju-upgrade-mongo usr/lib/juju-$(VERSION)/bin
 	dh_install _build/bin/jujud usr/lib/juju-$(VERSION)/bin
 	dh_install _build/bin/juju-$(VERSION) usr/bin
-	dh_install juju.1 usr/lib/juju-$(VERSION)/man/man1
-	dh_install src/github.com/juju/juju/etc/bash_completion.d/juju2 \
+	dh_install _build/juju.1 usr/lib/juju-$(VERSION)/man/man1
+	# Install version switching bash completion script under 'juju' so first load picks
+	# it up, and we have already made sure we remove earlier clashing 1.X packages.
+	cp src/github.com/juju/juju/etc/bash_completion.d/juju-version _build/juju
+	dh_install _build/juju src/github.com/juju/juju/etc/bash_completion.d/juju-2.0 \
 	           usr/share/bash-completion/completions
 
 override_dh_link:
@@ -72,16 +75,10 @@
 	dh_compress
 
 override_dh_auto_clean:
-	rm -rf bin juju.1
-	rm -rf pkg bin debian/home debian/gocode
+	rm -rf _build
 	find . -name "*.pyc" -delete || :
 	dh_auto_clean
 
-# Don't strip golang compiled binaries as this does
-# not function correctly
-override_dh_strip:
-	:
-
 override_dh_builddeb:
 	dh_builddeb -- -Zxz
 
diff -Nru juju-core-2.0~beta7/debian/tests/current-manual-provider juju-core-2.0~beta12/debian/tests/current-manual-provider
--- juju-core-2.0~beta7/debian/tests/current-manual-provider	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/debian/tests/current-manual-provider	2016-07-21 19:14:52.000000000 +0000
@@ -1,6 +1,9 @@
 #!/bin/sh
 set -ex
 
+echo "SKIP: bug 1605313 and bug 1605050"
+exit 0
+
 if ! apt-cache show juju-mongodb3.2 >/dev/null 2>&1; then
     echo "SKIP: 32-bit state servers not supported after xenial."
     exit 0
diff -Nru juju-core-2.0~beta7/debian/tests/lxd-provider juju-core-2.0~beta12/debian/tests/lxd-provider
--- juju-core-2.0~beta7/debian/tests/lxd-provider	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/debian/tests/lxd-provider	2016-07-18 19:45:44.000000000 +0000
@@ -18,7 +18,7 @@
 echo "OK"
 
 echo "Waiting for environment to bootstrap: "
-juju status --debug -m admin
+juju status --debug -m controller
 juju status --debug
 echo "OK"
 
diff -Nru juju-core-2.0~beta7/debian/tests/manual-provider juju-core-2.0~beta12/debian/tests/manual-provider
--- juju-core-2.0~beta7/debian/tests/manual-provider	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/debian/tests/manual-provider	2016-07-20 01:53:06.000000000 +0000
@@ -14,11 +14,4 @@
 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
 ssh-keyscan "$ip" >> ~/.ssh/known_hosts
 
-mkdir -p ~/.local/share/juju/
-cat > ~/.local/share/juju/clouds.yaml <<EOT
-clouds:
-  manual:
-    type: manual
-EOT
-cat ~/.local/share/juju/clouds.yaml
 juju bootstrap my-controller manual/$ip --upload-tools --debug
diff -Nru juju-core-2.0~beta7/src/github.com/bmizerany/pat/bench_test.go juju-core-2.0~beta12/src/github.com/bmizerany/pat/bench_test.go
--- juju-core-2.0~beta7/src/github.com/bmizerany/pat/bench_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/bmizerany/pat/bench_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,10 +10,7 @@
 	p.Get("/hello/:name", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
 	for n := 0; n < b.N; n++ {
 		b.StopTimer()
-		r, err := http.NewRequest("GET", "/hello/blake", nil)
-		if err != nil {
-			panic(err)
-		}
+		r := newRequest("GET", "/hello/blake", nil)
 		b.StartTimer()
 		p.ServeHTTP(nil, r)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/bmizerany/pat/example/hello_appengine.go juju-core-2.0~beta12/src/github.com/bmizerany/pat/example/hello_appengine.go
--- juju-core-2.0~beta7/src/github.com/bmizerany/pat/example/hello_appengine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/bmizerany/pat/example/hello_appengine.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,29 +0,0 @@
-// hello.go ported for appengine
-//
-// this differs from the standard hello.go example in two ways: appengine
-// already provides an http server for you, obviating the need for the
-// ListenAndServe call (with associated logging), and the package must not be
-// called main (appengine reserves package 'main' for the underlying program).
-
-package patexample
-
-import (
-	"io"
-	"net/http"
-
-	"github.com/bmizerany/pat"
-)
-
-// hello world, the web server
-func HelloServer(w http.ResponseWriter, req *http.Request) {
-	io.WriteString(w, "hello, "+req.URL.Query().Get(":name")+"!\n")
-}
-
-func init() {
-	m := pat.New()
-	m.Get("/hello/:name", http.HandlerFunc(HelloServer))
-
-	// Register this pat with the default serve mux so that other packages
-	// may also be exported. (i.e. /debug/pprof/*)
-	http.Handle("/", m)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/bmizerany/pat/example/patexample/hello_appengine.go juju-core-2.0~beta12/src/github.com/bmizerany/pat/example/patexample/hello_appengine.go
--- juju-core-2.0~beta7/src/github.com/bmizerany/pat/example/patexample/hello_appengine.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/bmizerany/pat/example/patexample/hello_appengine.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,29 @@
+// hello.go ported for appengine
+//
+// this differs from the standard hello.go example in two ways: appengine
+// already provides an http server for you, obviating the need for the
+// ListenAndServe call (with associated logging), and the package must not be
+// called main (appengine reserves package 'main' for the underlying program).
+
+package patexample
+
+import (
+	"io"
+	"net/http"
+
+	"github.com/bmizerany/pat"
+)
+
+// hello world, the web server
+func HelloServer(w http.ResponseWriter, req *http.Request) {
+	io.WriteString(w, "hello, "+req.URL.Query().Get(":name")+"!\n")
+}
+
+func init() {
+	m := pat.New()
+	m.Get("/hello/:name", http.HandlerFunc(HelloServer))
+
+	// Register this pat with the default serve mux so that other packages
+	// may also be exported. (i.e. /debug/pprof/*)
+	http.Handle("/", m)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/bmizerany/pat/mux.go juju-core-2.0~beta12/src/github.com/bmizerany/pat/mux.go
--- juju-core-2.0~beta7/src/github.com/bmizerany/pat/mux.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/bmizerany/pat/mux.go	2016-07-18 19:45:44.000000000 +0000
@@ -44,9 +44,9 @@
 //   /foo
 //   /foo/bar
 //
-// A pattern ending with a slash will get an implicit redirect to it's
-// non-slash version.  For example: Get("/foo/", handler) will implicitly
-// register Get("/foo", handler). You may override it by registering
+// A pattern ending with a slash will add an implicit redirect for its non-slash
+// version. For example: Get("/foo/", handler) also registers
+// Get("/foo", handler) as a redirect. You may override it by registering
 // Get("/foo", anotherhandler) before the slash version.
 //
 // Retrieve the capture from the r.URL.Query().Get(":name") in a handler (note
@@ -89,13 +89,21 @@
 // convenience, PatternServeMux will add the Allow header for requests that
 // match a pattern for a method other than the method requested and set the
 // Status to "405 Method Not Allowed".
+//
+// If the NotFound handler is set, then it is used whenever the pattern doesn't
+// match the request path for the current method (and the Allow header is not
+// altered).
 type PatternServeMux struct {
+	// NotFound, if set, is used whenever the request doesn't match any
+	// pattern for its method. NotFound should be set before serving any
+	// requests.
+	NotFound http.Handler
 	handlers map[string][]*patHandler
 }
 
 // New returns a new PatternServeMux.
 func New() *PatternServeMux {
-	return &PatternServeMux{make(map[string][]*patHandler)}
+	return &PatternServeMux{handlers: make(map[string][]*patHandler)}
 }
 
 // ServeHTTP matches r.URL.Path against its routing table using the rules
@@ -103,7 +111,7 @@
 func (p *PatternServeMux) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	for _, ph := range p.handlers[r.Method] {
 		if params, ok := ph.try(r.URL.Path); ok {
-			if len(params) > 0 {
+			if len(params) > 0 && !ph.redirect {
 				r.URL.RawQuery = url.Values(params).Encode() + "&" + r.URL.RawQuery
 			}
 			ph.ServeHTTP(w, r)
@@ -111,6 +119,11 @@
 		}
 	}
 
+	if p.NotFound != nil {
+		p.NotFound.ServeHTTP(w, r)
+		return
+	}
+
 	allowed := make([]string, 0, len(p.handlers))
 	for meth, handlers := range p.handlers {
 		if meth == r.Method {
@@ -166,16 +179,42 @@
 	p.Add("OPTIONS", pat, h)
 }
 
+// Patch will register a pattern with a handler for PATCH requests.
+func (p *PatternServeMux) Patch(pat string, h http.Handler) {
+	p.Add("PATCH", pat, h)
+}
+
 // Add will register a pattern with a handler for meth requests.
 func (p *PatternServeMux) Add(meth, pat string, h http.Handler) {
-	p.handlers[meth] = append(p.handlers[meth], &patHandler{pat, h})
+	p.add(meth, pat, h, false)
+}
+
+func (p *PatternServeMux) add(meth, pat string, h http.Handler, redirect bool) {
+	handlers := p.handlers[meth]
+	for _, p1 := range handlers {
+		if p1.pat == pat {
+			return // found existing pattern; do nothing
+		}
+	}
+	handler := &patHandler{
+		pat:      pat,
+		Handler:  h,
+		redirect: redirect,
+	}
+	p.handlers[meth] = append(handlers, handler)
 
 	n := len(pat)
 	if n > 0 && pat[n-1] == '/' {
-		p.Add(meth, pat[:n-1], http.RedirectHandler(pat, http.StatusMovedPermanently))
+		p.add(meth, pat[:n-1], http.HandlerFunc(addSlashRedirect), true)
 	}
 }
 
+func addSlashRedirect(w http.ResponseWriter, r *http.Request) {
+	u := *r.URL
+	u.Path += "/"
+	http.Redirect(w, r, u.String(), http.StatusMovedPermanently)
+}
+
 // Tail returns the trailing string in path after the final slash for a pat ending with a slash.
 //
 // Examples:
@@ -209,6 +248,7 @@
 type patHandler struct {
 	pat string
 	http.Handler
+	redirect bool
 }
 
 func (ph *patHandler) try(path string) (url.Values, bool) {
diff -Nru juju-core-2.0~beta7/src/github.com/bmizerany/pat/mux_test.go juju-core-2.0~beta12/src/github.com/bmizerany/pat/mux_test.go
--- juju-core-2.0~beta7/src/github.com/bmizerany/pat/mux_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/bmizerany/pat/mux_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,93 +1,65 @@
 package pat
 
 import (
+	"io"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
+	"reflect"
 	"sort"
 	"strings"
 	"testing"
-
-	"github.com/bmizerany/assert"
 )
 
 func TestPatMatch(t *testing.T) {
-	params, ok := (&patHandler{"/", nil}).try("/")
-	assert.Equal(t, true, ok)
-
-	params, ok = (&patHandler{"/", nil}).try("/wrong_url")
-	assert.Equal(t, false, ok)
-
-	params, ok = (&patHandler{"/foo/:name", nil}).try("/foo/bar")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"bar"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name/baz", nil}).try("/foo/bar")
-	assert.Equal(t, false, ok)
-
-	params, ok = (&patHandler{"/foo/:name/bar/", nil}).try("/foo/keith/bar/baz")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"keith"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name/bar/", nil}).try("/foo/keith/bar/")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"keith"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name/bar/", nil}).try("/foo/keith/bar")
-	assert.Equal(t, false, ok)
-
-	params, ok = (&patHandler{"/foo/:name/baz", nil}).try("/foo/bar/baz")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"bar"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name/baz/:id", nil}).try("/foo/bar/baz")
-	assert.Equal(t, false, ok)
-
-	params, ok = (&patHandler{"/foo/:name/baz/:id", nil}).try("/foo/bar/baz/123")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"bar"}, ":id": {"123"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name/baz/:name", nil}).try("/foo/bar/baz/123")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"bar", "123"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name.txt", nil}).try("/foo/bar.txt")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"bar"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name", nil}).try("/foo/:bar")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {":bar"}}, params)
-
-	params, ok = (&patHandler{"/foo/:a:b", nil}).try("/foo/val1:val2")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":a": {"val1"}, ":b": {":val2"}}, params)
-
-	params, ok = (&patHandler{"/foo/:a.", nil}).try("/foo/.")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":a": {""}}, params)
-
-	params, ok = (&patHandler{"/foo/:a:b", nil}).try("/foo/:bar")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":a": {""}, ":b": {":bar"}}, params)
-
-	params, ok = (&patHandler{"/foo/:a:b:c", nil}).try("/foo/:bar")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":a": {""}, ":b": {""}, ":c": {":bar"}}, params)
-
-	params, ok = (&patHandler{"/foo/::name", nil}).try("/foo/val1:val2")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":": {"val1"}, ":name": {":val2"}}, params)
-
-	params, ok = (&patHandler{"/foo/:name.txt", nil}).try("/foo/bar/baz.txt")
-	assert.Equal(t, false, ok)
-
-	params, ok = (&patHandler{"/foo/x:name", nil}).try("/foo/bar")
-	assert.Equal(t, false, ok)
-
-	params, ok = (&patHandler{"/foo/x:name", nil}).try("/foo/xbar")
-	assert.Equal(t, true, ok)
-	assert.Equal(t, url.Values{":name": {"bar"}}, params)
+	for i, tt := range []struct {
+		pat   string
+		u     string
+		match bool
+		vals  url.Values
+	}{
+		{"/", "/", true, nil},
+		{"/", "/wrong_url", false, nil},
+		{"/foo/:name", "/foo/bar", true, url.Values{":name": {"bar"}}},
+		{"/foo/:name/baz", "/foo/bar", false, nil},
+		{"/foo/:name/bar/", "/foo/keith/bar/baz", true, url.Values{":name": {"keith"}}},
+		{"/foo/:name/bar/", "/foo/keith/bar/", true, url.Values{":name": {"keith"}}},
+		{"/foo/:name/bar/", "/foo/keith/bar", false, nil},
+		{"/foo/:name/baz", "/foo/bar/baz", true, url.Values{":name": {"bar"}}},
+		{"/foo/:name/baz/:id", "/foo/bar/baz", false, nil},
+		{"/foo/:name/baz/:id", "/foo/bar/baz/123", true, url.Values{":name": {"bar"}, ":id": {"123"}}},
+		{"/foo/:name/baz/:name", "/foo/bar/baz/123", true, url.Values{":name": {"bar", "123"}}},
+		{"/foo/:name.txt", "/foo/bar.txt", true, url.Values{":name": {"bar"}}},
+		{"/foo/:name", "/foo/:bar", true, url.Values{":name": {":bar"}}},
+		{"/foo/:a:b", "/foo/val1:val2", true, url.Values{":a": {"val1"}, ":b": {":val2"}}},
+		{"/foo/:a.", "/foo/.", true, url.Values{":a": {""}}},
+		{"/foo/:a:b", "/foo/:bar", true, url.Values{":a": {""}, ":b": {":bar"}}},
+		{"/foo/:a:b:c", "/foo/:bar", true, url.Values{":a": {""}, ":b": {""}, ":c": {":bar"}}},
+		{"/foo/::name", "/foo/val1:val2", true, url.Values{":": {"val1"}, ":name": {":val2"}}},
+		{"/foo/:name.txt", "/foo/bar/baz.txt", false, nil},
+		{"/foo/x:name", "/foo/bar", false, nil},
+		{"/foo/x:name", "/foo/xbar", true, url.Values{":name": {"bar"}}},
+	} {
+		params, ok := (&patHandler{pat: tt.pat}).try(tt.u)
+		if !tt.match {
+			if ok {
+				t.Errorf("[%d] url %q matched pattern %q", i, tt.u, tt.pat)
+			}
+			continue
+		}
+		if !ok {
+			t.Errorf("[%d] url %q did not match pattern %q", i, tt.u, tt.pat)
+			continue
+		}
+		if tt.vals != nil {
+			if !reflect.DeepEqual(params, tt.vals) {
+				t.Errorf(
+					"[%d] for url %q, pattern %q: got %v; want %v",
+					i, tt.u, tt.pat, params, tt.vals,
+				)
+			}
+		}
+	}
 }
 
 func TestPatRoutingHit(t *testing.T) {
@@ -97,17 +69,15 @@
 	p.Get("/foo/:name", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		ok = true
 		t.Logf("%#v", r.URL.Query())
-		assert.Equal(t, "keith", r.URL.Query().Get(":name"))
+		if got, want := r.URL.Query().Get(":name"), "keith"; got != want {
+			t.Errorf("got %q, want %q", got, want)
+		}
 	}))
 
-	r, err := http.NewRequest("GET", "/foo/keith?a=b", nil)
-	if err != nil {
-		t.Fatal(err)
+	p.ServeHTTP(nil, newRequest("GET", "/foo/keith?a=b", nil))
+	if !ok {
+		t.Error("handler not called")
 	}
-
-	p.ServeHTTP(nil, r)
-
-	assert.T(t, ok)
 }
 
 func TestPatRoutingMethodNotAllowed(t *testing.T) {
@@ -122,20 +92,22 @@
 		ok = true
 	}))
 
-	r, err := http.NewRequest("GET", "/foo/keith", nil)
-	if err != nil {
-		t.Fatal(err)
-	}
+	r := httptest.NewRecorder()
+	p.ServeHTTP(r, newRequest("GET", "/foo/keith", nil))
 
-	rr := httptest.NewRecorder()
-	p.ServeHTTP(rr, r)
-
-	assert.T(t, !ok)
-	assert.Equal(t, http.StatusMethodNotAllowed, rr.Code)
+	if ok {
+		t.Fatal("handler called when it should have not been allowed")
+	}
+	if r.Code != http.StatusMethodNotAllowed {
+		t.Fatalf("got status %d; expected %d", r.Code, http.StatusMethodNotAllowed)
+	}
 
-	allowed := strings.Split(rr.Header().Get("Allow"), ", ")
-	sort.Strings(allowed)
-	assert.Equal(t, allowed, []string{"POST", "PUT"})
+	got := strings.Split(r.Header().Get("Allow"), ", ")
+	sort.Strings(got)
+	want := []string{"POST", "PUT"}
+	if !reflect.DeepEqual(got, want) {
+		t.Fatalf("got Allow header %v; want %v", got, want)
+	}
 }
 
 // Check to make sure we don't pollute the Raw Query when we have no parameters
@@ -146,17 +118,15 @@
 	p.Get("/foo/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		ok = true
 		t.Logf("%#v", r.URL.RawQuery)
-		assert.Equal(t, "", r.URL.RawQuery)
+		if r.URL.RawQuery != "" {
+			t.Errorf("RawQuery was %q; should be empty", r.URL.RawQuery)
+		}
 	}))
 
-	r, err := http.NewRequest("GET", "/foo/", nil)
-	if err != nil {
-		t.Fatal(err)
+	p.ServeHTTP(nil, newRequest("GET", "/foo/", nil))
+	if !ok {
+		t.Error("handler not called")
 	}
-
-	p.ServeHTTP(nil, r)
-
-	assert.T(t, ok)
 }
 
 // Check to make sure we don't pollute the Raw Query when there are parameters but no pattern variables
@@ -167,54 +137,50 @@
 	p.Get("/foo/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		ok = true
 		t.Logf("%#v", r.URL.RawQuery)
-		assert.Equal(t, "a=b", r.URL.RawQuery)
+		if got, want := r.URL.RawQuery, "a=b"; got != want {
+			t.Errorf("for RawQuery: got %q; want %q", got, want)
+		}
 	}))
 
-	r, err := http.NewRequest("GET", "/foo/?a=b", nil)
-	if err != nil {
-		t.Fatal(err)
+	p.ServeHTTP(nil, newRequest("GET", "/foo/?a=b", nil))
+	if !ok {
+		t.Error("handler not called")
 	}
-
-	p.ServeHTTP(nil, r)
-
-	assert.T(t, ok)
 }
 
 func TestPatImplicitRedirect(t *testing.T) {
 	p := New()
 	p.Get("/foo/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
 
-	r, err := http.NewRequest("GET", "/foo", nil)
-	if err != nil {
-		t.Fatal(err)
-	}
-
 	res := httptest.NewRecorder()
-	p.ServeHTTP(res, r)
-
+	p.ServeHTTP(res, newRequest("GET", "/foo", nil))
 	if res.Code != 301 {
-		t.Errorf("expected Code 301, was %d", res.Code)
+		t.Errorf("got Code %d; want 301", res.Code)
 	}
-
 	if loc := res.Header().Get("Location"); loc != "/foo/" {
-		t.Errorf("expected %q, got %q", "/foo/", loc)
+		t.Errorf("got %q; want %q", loc, "/foo/")
 	}
 
 	p = New()
 	p.Get("/foo", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
 	p.Get("/foo/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
 
-	r, err = http.NewRequest("GET", "/foo", nil)
-	if err != nil {
-		t.Fatal(err)
+	res = httptest.NewRecorder()
+	p.ServeHTTP(res, newRequest("GET", "/foo", nil))
+	if res.Code != 200 {
+		t.Errorf("got %d; want Code 200", res.Code)
 	}
 
-	res = httptest.NewRecorder()
-	res.Code = 200
-	p.ServeHTTP(res, r)
+	p = New()
+	p.Get("/hello/:name/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
 
-	if res.Code != 200 {
-		t.Errorf("expected Code 200, was %d", res.Code)
+	res = httptest.NewRecorder()
+	p.ServeHTTP(res, newRequest("GET", "/hello/bob?a=b#f", nil))
+	if res.Code != 301 {
+		t.Errorf("got code %d; want 301", res.Code)
+	}
+	if got, want := res.Header().Get("Location"), "/hello/bob/?a=b#f"; got != want {
+		t.Errorf("got %q; want %q", got, want)
 	}
 }
 
@@ -239,3 +205,49 @@
 		}
 	}
 }
+
+func TestNotFound(t *testing.T) {
+	p := New()
+	p.NotFound = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(123)
+	})
+	p.Post("/bar", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
+
+	for _, path := range []string{"/foo", "/bar"} {
+		res := httptest.NewRecorder()
+		p.ServeHTTP(res, newRequest("GET", path, nil))
+		if res.Code != 123 {
+			t.Errorf("for path %q: got code %d; want 123", path, res.Code)
+		}
+	}
+}
+
+func TestMethodPatch(t *testing.T) {
+	p := New()
+	p.Patch("/foo/bar", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
+
+	// Test to see if we get a 405 Method Not Allowed errors from trying to
+	// issue a GET request to a handler that only supports the PATCH method.
+	res := httptest.NewRecorder()
+	res.Code = http.StatusMethodNotAllowed
+	p.ServeHTTP(res, newRequest("GET", "/foo/bar", nil))
+	if res.Code != http.StatusMethodNotAllowed {
+		t.Errorf("got Code %d; want 405", res.Code)
+	}
+
+	// Now, test to see if we get a 200 OK from issuing a PATCH request to
+	// the same handler.
+	res = httptest.NewRecorder()
+	p.ServeHTTP(res, newRequest("PATCH", "/foo/bar", nil))
+	if res.Code != http.StatusOK {
+		t.Errorf("Expected code %d, got %d", http.StatusOK, res.Code)
+	}
+}
+
+func newRequest(method, urlStr string, body io.Reader) *http.Request {
+	req, err := http.NewRequest(method, urlStr, body)
+	if err != nil {
+		panic(err)
+	}
+	return req
+}
diff -Nru juju-core-2.0~beta7/src/github.com/bmizerany/pat/README.md juju-core-2.0~beta12/src/github.com/bmizerany/pat/README.md
--- juju-core-2.0~beta7/src/github.com/bmizerany/pat/README.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/bmizerany/pat/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -1,37 +1,41 @@
 # pat (formerly pat.go) - A Sinatra style pattern muxer for Go's net/http library
 
+[![GoDoc](https://godoc.org/github.com/bmizerany/pat?status.svg)](https://godoc.org/github.com/bmizerany/pat) 
+
 ## INSTALL
 
 	$ go get github.com/bmizerany/pat
 
 ## USE
 
-	package main
-
-	import (
-		"io"
-		"net/http"
-		"github.com/bmizerany/pat"
-		"log"
-	)
-
-	// hello world, the web server
-	func HelloServer(w http.ResponseWriter, req *http.Request) {
-		io.WriteString(w, "hello, "+req.URL.Query().Get(":name")+"!\n")
-	}
+```go
+package main
 
-	func main() {
-		m := pat.New()
-		m.Get("/hello/:name", http.HandlerFunc(HelloServer))
-
-		// Register this pat with the default serve mux so that other packages
-		// may also be exported. (i.e. /debug/pprof/*)
-		http.Handle("/", m)
-		err := http.ListenAndServe(":12345", nil)
-		if err != nil {
-			log.Fatal("ListenAndServe: ", err)
-		}
+import (
+	"io"
+	"net/http"
+	"github.com/bmizerany/pat"
+	"log"
+)
+
+// hello world, the web server
+func HelloServer(w http.ResponseWriter, req *http.Request) {
+	io.WriteString(w, "hello, "+req.URL.Query().Get(":name")+"!\n")
+}
+
+func main() {
+	m := pat.New()
+	m.Get("/hello/:name", http.HandlerFunc(HelloServer))
+
+	// Register this pat with the default serve mux so that other packages
+	// may also be exported. (i.e. /debug/pprof/*)
+	http.Handle("/", m)
+	err := http.ListenAndServe(":12345", nil)
+	if err != nil {
+		log.Fatal("ListenAndServe: ", err)
 	}
+}
+```
 
 It's that simple.
 
@@ -40,10 +44,20 @@
 
 ## CONTRIBUTORS
 
-* Keith Rarick (@krarick) - github.com/kr
-* Blake Mizerany (@bmizerany) - github.com/bmizerany
-* Evan Shaw
-* George Rogers
+* Alexis Svinartchouk (@zvin)
+* Blake Mizerany (@bmizerany)
+* Brian Ketelsen (@bketelsen)
+* Bryan Matsuo (@bmatsuo)
+* Caleb Spare (@cespare)
+* Evan Shaw (@edsrzf)
+* Gary Burd (@garyburd)
+* George Rogers (@georgerogers42)
+* Keith Rarick (@kr)
+* Matt Williams (@mattyw)
+* Mike Stipicevic (@wickedchicken)
+* Nick Saika (@nesv)
+* Timothy Cyrus (@tcyrus)
+* binqin (@binku87)
 
 ## LICENSE
 
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/activation/files.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/activation/files.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/activation/files.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/activation/files.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,10 +28,8 @@
 
 func Files(unsetEnv bool) []*os.File {
 	if unsetEnv {
-		// there is no way to unset env in golang os package for now
-		// https://code.google.com/p/go/issues/detail?id=6423
-		defer os.Setenv("LISTEN_PID", "")
-		defer os.Setenv("LISTEN_FDS", "")
+		defer os.Unsetenv("LISTEN_PID")
+		defer os.Unsetenv("LISTEN_FDS")
 	}
 
 	pid, err := strconv.Atoi(os.Getenv("LISTEN_PID"))
@@ -44,7 +42,7 @@
 		return nil
 	}
 
-	var files []*os.File
+	files := make([]*os.File, 0, nfds)
 	for fd := listenFdsStart; fd < listenFdsStart+nfds; fd++ {
 		syscall.CloseOnExec(fd)
 		files = append(files, os.NewFile(uintptr(fd), "LISTEN_FD_"+strconv.Itoa(fd)))
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/activation/listeners.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/activation/listeners.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/activation/listeners.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/activation/listeners.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,6 +15,7 @@
 package activation
 
 import (
+	"crypto/tls"
 	"net"
 )
 
@@ -26,15 +27,36 @@
 // corresponding with "udp, tcp, tcp", then the slice would contain {nil, net.Listener, net.Listener}
 func Listeners(unsetEnv bool) ([]net.Listener, error) {
 	files := Files(unsetEnv)
-	listeners := make([]net.Listener, 0)
+	listeners := make([]net.Listener, len(files))
 
-	for i := 0; i < len(files); i++ {
-		if pc, err := net.FileListener(files[i]); err == nil {
-			listeners = append(listeners, pc)
-			continue
-		} else {
-			listeners = append(listeners, nil)
+	for i, f := range files {
+		if pc, err := net.FileListener(f); err == nil {
+			listeners[i] = pc
 		}
 	}
 	return listeners, nil
 }
+
+// TLSListeners returns a slice containing a net.listener for each matching TCP socket type
+// passed to this process.
+// It uses default Listeners func and forces TCP sockets handlers to use TLS based on tlsConfig.
+func TLSListeners(unsetEnv bool, tlsConfig *tls.Config) ([]net.Listener, error) {
+	listeners, err := Listeners(unsetEnv)
+
+	if listeners == nil || err != nil {
+		return nil, err
+	}
+
+	if tlsConfig != nil && err == nil {
+		tlsConfig.NextProtos = []string{"http/1.1"}
+
+		for i, l := range listeners {
+			// Activate TLS only for TCP sockets
+			if l.Addr().Network() == "tcp" {
+				listeners[i] = tls.NewListener(l, tlsConfig)
+			}
+		}
+	}
+
+	return listeners, err
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/activation/packetconns.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/activation/packetconns.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/activation/packetconns.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/activation/packetconns.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,13 +26,11 @@
 // corresponding with "udp, tcp, udp", then the slice would contain {net.PacketConn, nil, net.PacketConn}
 func PacketConns(unsetEnv bool) ([]net.PacketConn, error) {
 	files := Files(unsetEnv)
-	conns := make([]net.PacketConn, 0)
-	for i := 0; i < len(files); i++ {
-		if pc, err := net.FilePacketConn(files[i]); err == nil {
-			conns = append(conns, pc)
-			continue
-		} else {
-			conns = append(conns, nil)
+	conns := make([]net.PacketConn, len(files))
+
+	for i, f := range files {
+		if pc, err := net.FilePacketConn(f); err == nil {
+			conns[i] = pc
 		}
 	}
 	return conns, nil
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/CONTRIBUTING.md juju-core-2.0~beta12/src/github.com/coreos/go-systemd/CONTRIBUTING.md
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/CONTRIBUTING.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/CONTRIBUTING.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,77 @@
+# How to Contribute
+
+CoreOS projects are [Apache 2.0 licensed](LICENSE) and accept contributions via
+GitHub pull requests.  This document outlines some of the conventions on
+development workflow, commit message formatting, contact points and other
+resources to make it easier to get your contribution accepted.
+
+# Certificate of Origin
+
+By contributing to this project you agree to the Developer Certificate of
+Origin (DCO). This document was created by the Linux Kernel community and is a
+simple statement that you, as a contributor, have the legal right to make the
+contribution. See the [DCO](DCO) file for details.
+
+# Email and Chat
+
+The project currently uses the general CoreOS email list and IRC channel:
+- Email: [coreos-dev](https://groups.google.com/forum/#!forum/coreos-dev)
+- IRC: #[coreos](irc://irc.freenode.org:6667/#coreos) IRC channel on freenode.org
+
+Please avoid emailing maintainers found in the MAINTAINERS file directly. They
+are very busy and read the mailing lists.
+
+## Getting Started
+
+- Fork the repository on GitHub
+- Read the [README](README.md) for build and test instructions
+- Play with the project, submit bugs, submit patches!
+
+## Contribution Flow
+
+This is a rough outline of what a contributor's workflow looks like:
+
+- Create a topic branch from where you want to base your work (usually master).
+- Make commits of logical units.
+- Make sure your commit messages are in the proper format (see below).
+- Push your changes to a topic branch in your fork of the repository.
+- Make sure the tests pass, and add any new tests as appropriate.
+- Submit a pull request to the original repository.
+
+Thanks for your contributions!
+
+### Coding Style
+
+CoreOS projects written in Go follow a set of style guidelines that we've documented 
+[here](https://github.com/coreos/docs/tree/master/golang). Please follow them when 
+working on your contributions.
+
+### Format of the Commit Message
+
+We follow a rough convention for commit messages that is designed to answer two
+questions: what changed and why. The subject line should feature the what and
+the body of the commit should describe the why.
+
+```
+scripts: add the test-cluster command
+
+this uses tmux to setup a test cluster that you can easily kill and
+start for debugging.
+
+Fixes #38
+```
+
+The format can be described more formally as follows:
+
+```
+<subsystem>: <what changed>
+<BLANK LINE>
+<why this change was made>
+<BLANK LINE>
+<footer>
+```
+
+The first line is the subject and should be no longer than 70 characters, the
+second line is always blank, and other lines should be wrapped at 80 characters.
+This allows the message to be easier to read on GitHub as well as in various
+git tools.
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/dbus.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/dbus.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/dbus.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/dbus.go	2016-07-18 19:45:44.000000000 +0000
@@ -64,11 +64,11 @@
 type Conn struct {
 	// sysconn/sysobj are only used to call dbus methods
 	sysconn *dbus.Conn
-	sysobj  *dbus.Object
+	sysobj  dbus.BusObject
 
 	// sigconn/sigobj are only used to receive dbus signals
 	sigconn *dbus.Conn
-	sigobj  *dbus.Object
+	sigobj  dbus.BusObject
 
 	jobListener struct {
 		jobs map[dbus.ObjectPath]chan<- string
@@ -86,14 +86,30 @@
 // New establishes a connection to the system bus and authenticates.
 // Callers should call Close() when done with the connection.
 func New() (*Conn, error) {
-	return newConnection(dbus.SystemBusPrivate)
+	return newConnection(func() (*dbus.Conn, error) {
+		return dbusAuthHelloConnection(dbus.SystemBusPrivate)
+	})
 }
 
 // NewUserConnection establishes a connection to the session bus and
 // authenticates. This can be used to connect to systemd user instances.
 // Callers should call Close() when done with the connection.
 func NewUserConnection() (*Conn, error) {
-	return newConnection(dbus.SessionBusPrivate)
+	return newConnection(func() (*dbus.Conn, error) {
+		return dbusAuthHelloConnection(dbus.SessionBusPrivate)
+	})
+}
+
+// NewSystemdConnection establishes a private, direct connection to systemd.
+// This can be used for communicating with systemd without a dbus daemon.
+// Callers should call Close() when done with the connection.
+func NewSystemdConnection() (*Conn, error) {
+	return newConnection(func() (*dbus.Conn, error) {
+		// We skip Hello when talking directly to systemd.
+		return dbusAuthConnection(func() (*dbus.Conn, error) {
+			return dbus.Dial("unix:path=/run/systemd/private")
+		})
+	})
 }
 
 // Close closes an established connection
@@ -103,12 +119,12 @@
 }
 
 func newConnection(createBus func() (*dbus.Conn, error)) (*Conn, error) {
-	sysconn, err := dbusConnection(createBus)
+	sysconn, err := createBus()
 	if err != nil {
 		return nil, err
 	}
 
-	sigconn, err := dbusConnection(createBus)
+	sigconn, err := createBus()
 	if err != nil {
 		sysconn.Close()
 		return nil, err
@@ -132,7 +148,18 @@
 	return c, nil
 }
 
-func dbusConnection(createBus func() (*dbus.Conn, error)) (*dbus.Conn, error) {
+// GetManagerProperty returns the value of a property on the org.freedesktop.systemd1.Manager
+// interface. The value is returned in its string representation, as defined at
+// https://developer.gnome.org/glib/unstable/gvariant-text.html
+func (c *Conn) GetManagerProperty(prop string) (string, error) {
+	variant, err := c.sysobj.GetProperty("org.freedesktop.systemd1.Manager." + prop)
+	if err != nil {
+		return "", err
+	}
+	return variant.String(), nil
+}
+
+func dbusAuthConnection(createBus func() (*dbus.Conn, error)) (*dbus.Conn, error) {
 	conn, err := createBus()
 	if err != nil {
 		return nil, err
@@ -149,8 +176,16 @@
 		return nil, err
 	}
 
-	err = conn.Hello()
+	return conn, nil
+}
+
+func dbusAuthHelloConnection(createBus func() (*dbus.Conn, error)) (*dbus.Conn, error) {
+	conn, err := dbusAuthConnection(createBus)
 	if err != nil {
+		return nil, err
+	}
+
+	if err = conn.Hello(); err != nil {
 		conn.Close()
 		return nil, err
 	}
@@ -158,6 +193,6 @@
 	return conn, nil
 }
 
-func systemdObject(conn *dbus.Conn) *dbus.Object {
+func systemdObject(conn *dbus.Conn) dbus.BusObject {
 	return conn.Object("org.freedesktop.systemd1", dbus.ObjectPath("/org/freedesktop/systemd1"))
 }
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/methods.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/methods.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/methods.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/methods.go	2016-07-18 19:45:44.000000000 +0000
@@ -221,6 +221,19 @@
 	return c.getProperty(unit, "org.freedesktop.systemd1."+unitType, propertyName)
 }
 
+type UnitStatus struct {
+	Name        string          // The primary unit name as string
+	Description string          // The human readable description string
+	LoadState   string          // The load state (i.e. whether the unit file has been loaded successfully)
+	ActiveState string          // The active state (i.e. whether the unit is currently started or not)
+	SubState    string          // The sub state (a more fine-grained version of the active state that is specific to the unit type, which the active state is not)
+	Followed    string          // A unit that is being followed in its state by this unit, if there is any, otherwise the empty string.
+	Path        dbus.ObjectPath // The unit object path
+	JobId       uint32          // If there is a job queued for the job unit the numeric job id, 0 otherwise
+	JobType     string          // The job type as string
+	JobPath     dbus.ObjectPath // The job object path
+}
+
 // ListUnits returns an array with all currently loaded units. Note that
 // units may be known by multiple names at the same time, and hence there might
 // be more unit names loaded than actual units behind them.
@@ -250,17 +263,36 @@
 	return status, nil
 }
 
-type UnitStatus struct {
-	Name        string          // The primary unit name as string
-	Description string          // The human readable description string
-	LoadState   string          // The load state (i.e. whether the unit file has been loaded successfully)
-	ActiveState string          // The active state (i.e. whether the unit is currently started or not)
-	SubState    string          // The sub state (a more fine-grained version of the active state that is specific to the unit type, which the active state is not)
-	Followed    string          // A unit that is being followed in its state by this unit, if there is any, otherwise the empty string.
-	Path        dbus.ObjectPath // The unit object path
-	JobId       uint32          // If there is a job queued for the job unit the numeric job id, 0 otherwise
-	JobType     string          // The job type as string
-	JobPath     dbus.ObjectPath // The job object path
+type UnitFile struct {
+	Path string
+	Type string
+}
+
+// ListUnitFiles returns an array of all available units on disk.
+func (c *Conn) ListUnitFiles() ([]UnitFile, error) {
+	result := make([][]interface{}, 0)
+	err := c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitFiles", 0).Store(&result)
+	if err != nil {
+		return nil, err
+	}
+
+	resultInterface := make([]interface{}, len(result))
+	for i := range result {
+		resultInterface[i] = result[i]
+	}
+
+	files := make([]UnitFile, len(result))
+	fileInterface := make([]interface{}, len(files))
+	for i := range files {
+		fileInterface[i] = &files[i]
+	}
+
+	err = dbus.Store(resultInterface, fileInterface...)
+	if err != nil {
+		return nil, err
+	}
+
+	return files, nil
 }
 
 type LinkUnitFileChange EnableUnitFileChange
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/set.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/set.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/set.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/set.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,17 +31,17 @@
 	return
 }
 
-func (s *set) Length() (int) {
+func (s *set) Length() int {
 	return len(s.data)
 }
 
 func (s *set) Values() (values []string) {
-	 for val, _ := range s.data {
+	for val, _ := range s.data {
 		values = append(values, val)
-	 }
-	 return
+	}
+	return
 }
 
-func newSet() (*set) {
-	return &set{make(map[string] bool)}
+func newSet() *set {
+	return &set{make(map[string]bool)}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/subscription.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/subscription.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/dbus/subscription.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/dbus/subscription.go	2016-07-18 19:45:44.000000000 +0000
@@ -105,7 +105,7 @@
 // SubscribeUnitsCustom is like SubscribeUnits but lets you specify the buffer
 // size of the channels, the comparison function for detecting changes and a filter
 // function for cutting down on the noise that your channel receives.
-func (c *Conn) SubscribeUnitsCustom(interval time.Duration, buffer int, isChanged func(*UnitStatus, *UnitStatus) bool, filterUnit func (string) bool) (<-chan map[string]*UnitStatus, <-chan error) {
+func (c *Conn) SubscribeUnitsCustom(interval time.Duration, buffer int, isChanged func(*UnitStatus, *UnitStatus) bool, filterUnit func(string) bool) (<-chan map[string]*UnitStatus, <-chan error) {
 	old := make(map[string]*UnitStatus)
 	statusChan := make(chan map[string]*UnitStatus, buffer)
 	errChan := make(chan error, buffer)
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/DCO juju-core-2.0~beta12/src/github.com/coreos/go-systemd/DCO
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/DCO	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/DCO	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,36 @@
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/journal/journal.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/journal/journal.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/journal/journal.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/journal/journal.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,179 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package journal provides write bindings to the local systemd journal.
+// It is implemented in pure Go and connects to the journal directly over its
+// unix socket.
+//
+// To read from the journal, see the "sdjournal" package, which wraps the
+// sd-journal a C API.
+//
+// http://www.freedesktop.org/software/systemd/man/systemd-journald.service.html
+package journal
+
+import (
+	"bytes"
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"os"
+	"strconv"
+	"strings"
+	"syscall"
+)
+
+// Priority of a journal message
+type Priority int
+
+const (
+	PriEmerg Priority = iota
+	PriAlert
+	PriCrit
+	PriErr
+	PriWarning
+	PriNotice
+	PriInfo
+	PriDebug
+)
+
+var conn net.Conn
+
+func init() {
+	var err error
+	conn, err = net.Dial("unixgram", "/run/systemd/journal/socket")
+	if err != nil {
+		conn = nil
+	}
+}
+
+// Enabled returns true if the local systemd journal is available for logging
+func Enabled() bool {
+	return conn != nil
+}
+
+// Send a message to the local systemd journal. vars is a map of journald
+// fields to values.  Fields must be composed of uppercase letters, numbers,
+// and underscores, but must not start with an underscore. Within these
+// restrictions, any arbitrary field name may be used.  Some names have special
+// significance: see the journalctl documentation
+// (http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html)
+// for more details.  vars may be nil.
+func Send(message string, priority Priority, vars map[string]string) error {
+	if conn == nil {
+		return journalError("could not connect to journald socket")
+	}
+
+	data := new(bytes.Buffer)
+	appendVariable(data, "PRIORITY", strconv.Itoa(int(priority)))
+	appendVariable(data, "MESSAGE", message)
+	for k, v := range vars {
+		appendVariable(data, k, v)
+	}
+
+	_, err := io.Copy(conn, data)
+	if err != nil && isSocketSpaceError(err) {
+		file, err := tempFd()
+		if err != nil {
+			return journalError(err.Error())
+		}
+		defer file.Close()
+		_, err = io.Copy(file, data)
+		if err != nil {
+			return journalError(err.Error())
+		}
+
+		rights := syscall.UnixRights(int(file.Fd()))
+
+		/* this connection should always be a UnixConn, but better safe than sorry */
+		unixConn, ok := conn.(*net.UnixConn)
+		if !ok {
+			return journalError("can't send file through non-Unix connection")
+		}
+		unixConn.WriteMsgUnix([]byte{}, rights, nil)
+	} else if err != nil {
+		return journalError(err.Error())
+	}
+	return nil
+}
+
+// Print prints a message to the local systemd journal using Send().
+func Print(priority Priority, format string, a ...interface{}) error {
+	return Send(fmt.Sprintf(format, a...), priority, nil)
+}
+
+func appendVariable(w io.Writer, name, value string) {
+	if !validVarName(name) {
+		journalError("variable name contains invalid character, ignoring")
+	}
+	if strings.ContainsRune(value, '\n') {
+		/* When the value contains a newline, we write:
+		 * - the variable name, followed by a newline
+		 * - the size (in 64bit little endian format)
+		 * - the data, followed by a newline
+		 */
+		fmt.Fprintln(w, name)
+		binary.Write(w, binary.LittleEndian, uint64(len(value)))
+		fmt.Fprintln(w, value)
+	} else {
+		/* just write the variable and value all on one line */
+		fmt.Fprintf(w, "%s=%s\n", name, value)
+	}
+}
+
+func validVarName(name string) bool {
+	/* The variable name must be in uppercase and consist only of characters,
+	 * numbers and underscores, and may not begin with an underscore. (from the docs)
+	 */
+
+	valid := name[0] != '_'
+	for _, c := range name {
+		valid = valid && ('A' <= c && c <= 'Z') || ('0' <= c && c <= '9') || c == '_'
+	}
+	return valid
+}
+
+func isSocketSpaceError(err error) bool {
+	opErr, ok := err.(*net.OpError)
+	if !ok {
+		return false
+	}
+
+	sysErr, ok := opErr.Err.(syscall.Errno)
+	if !ok {
+		return false
+	}
+
+	return sysErr == syscall.EMSGSIZE || sysErr == syscall.ENOBUFS
+}
+
+func tempFd() (*os.File, error) {
+	file, err := ioutil.TempFile("/dev/shm/", "journal.XXXXX")
+	if err != nil {
+		return nil, err
+	}
+	syscall.Unlink(file.Name())
+	if err != nil {
+		return nil, err
+	}
+	return file, nil
+}
+
+func journalError(s string) error {
+	s = "journal error: " + s
+	fmt.Fprintln(os.Stderr, s)
+	return errors.New(s)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/journal/send.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/journal/send.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/journal/send.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/journal/send.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,166 +0,0 @@
-// Copyright 2015 CoreOS, Inc.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// Package journal provides write bindings to the systemd journal
-package journal
-
-import (
-	"bytes"
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net"
-	"os"
-	"strconv"
-	"strings"
-	"syscall"
-)
-
-// Priority of a journal message
-type Priority int
-
-const (
-	PriEmerg Priority = iota
-	PriAlert
-	PriCrit
-	PriErr
-	PriWarning
-	PriNotice
-	PriInfo
-	PriDebug
-)
-
-var conn net.Conn
-
-func init() {
-	var err error
-	conn, err = net.Dial("unixgram", "/run/systemd/journal/socket")
-	if err != nil {
-		conn = nil
-	}
-}
-
-// Enabled returns true iff the systemd journal is available for logging
-func Enabled() bool {
-	return conn != nil
-}
-
-// Send a message to the systemd journal. vars is a map of journald fields to
-// values.  Fields must be composed of uppercase letters, numbers, and
-// underscores, but must not start with an underscore. Within these
-// restrictions, any arbitrary field name may be used.  Some names have special
-// significance: see the journalctl documentation
-// (http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html)
-// for more details.  vars may be nil.
-func Send(message string, priority Priority, vars map[string]string) error {
-	if conn == nil {
-		return journalError("could not connect to journald socket")
-	}
-
-	data := new(bytes.Buffer)
-	appendVariable(data, "PRIORITY", strconv.Itoa(int(priority)))
-	appendVariable(data, "MESSAGE", message)
-	for k, v := range vars {
-		appendVariable(data, k, v)
-	}
-
-	_, err := io.Copy(conn, data)
-	if err != nil && isSocketSpaceError(err) {
-		file, err := tempFd()
-		if err != nil {
-			return journalError(err.Error())
-		}
-		_, err = io.Copy(file, data)
-		if err != nil {
-			return journalError(err.Error())
-		}
-
-		rights := syscall.UnixRights(int(file.Fd()))
-
-		/* this connection should always be a UnixConn, but better safe than sorry */
-		unixConn, ok := conn.(*net.UnixConn)
-		if !ok {
-			return journalError("can't send file through non-Unix connection")
-		}
-		unixConn.WriteMsgUnix([]byte{}, rights, nil)
-	} else if err != nil {
-		return journalError(err.Error())
-	}
-	return nil
-}
-
-func appendVariable(w io.Writer, name, value string) {
-	if !validVarName(name) {
-		journalError("variable name contains invalid character, ignoring")
-	}
-	if strings.ContainsRune(value, '\n') {
-		/* When the value contains a newline, we write:
-		 * - the variable name, followed by a newline
-		 * - the size (in 64bit little endian format)
-		 * - the data, followed by a newline
-		 */
-		fmt.Fprintln(w, name)
-		binary.Write(w, binary.LittleEndian, uint64(len(value)))
-		fmt.Fprintln(w, value)
-	} else {
-		/* just write the variable and value all on one line */
-		fmt.Fprintf(w, "%s=%s\n", name, value)
-	}
-}
-
-func validVarName(name string) bool {
-	/* The variable name must be in uppercase and consist only of characters,
-	 * numbers and underscores, and may not begin with an underscore. (from the docs)
-	 */
-
-	valid := name[0] != '_'
-	for _, c := range name {
-		valid = valid && ('A' <= c && c <= 'Z') || ('0' <= c && c <= '9') || c == '_'
-	}
-	return valid
-}
-
-func isSocketSpaceError(err error) bool {
-	opErr, ok := err.(*net.OpError)
-	if !ok {
-		return false
-	}
-
-	sysErr, ok := opErr.Err.(syscall.Errno)
-	if !ok {
-		return false
-	}
-
-	return sysErr == syscall.EMSGSIZE || sysErr == syscall.ENOBUFS
-}
-
-func tempFd() (*os.File, error) {
-	file, err := ioutil.TempFile("/dev/shm/", "journal.XXXXX")
-	if err != nil {
-		return nil, err
-	}
-	syscall.Unlink(file.Name())
-	if err != nil {
-		return nil, err
-	}
-	return file, nil
-}
-
-func journalError(s string) error {
-	s = "journal error: " + s
-	fmt.Fprintln(os.Stderr, s)
-	return errors.New(s)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/login1/dbus.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/login1/dbus.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/login1/dbus.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/login1/dbus.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,6 +16,7 @@
 package login1
 
 import (
+	"fmt"
 	"os"
 	"strconv"
 
@@ -30,7 +31,7 @@
 // Conn is a connection to systemds dbus endpoint.
 type Conn struct {
 	conn   *dbus.Conn
-	object *dbus.Object
+	object dbus.BusObject
 }
 
 // New() establishes a connection to the system bus and authenticates.
@@ -77,3 +78,31 @@
 func (c *Conn) Reboot(askForAuth bool) {
 	c.object.Call(dbusInterface+".Reboot", 0, askForAuth)
 }
+
+// Inhibit takes inhibition lock in logind.
+func (c *Conn) Inhibit(what, who, why, mode string) (*os.File, error) {
+	var fd dbus.UnixFD
+
+	err := c.object.Call(dbusInterface+".Inhibit", 0, what, who, why, mode).Store(&fd)
+	if err != nil {
+		return nil, err
+	}
+
+	return os.NewFile(uintptr(fd), "inhibit"), nil
+}
+
+// Subscribe to signals on the logind dbus
+func (c *Conn) Subscribe(members ...string) chan *dbus.Signal {
+	for _, member := range members {
+		c.conn.BusObject().Call("org.freedesktop.DBus.AddMatch", 0,
+			fmt.Sprintf("type='signal',interface='org.freedesktop.login1.Manager',member='%s'", member))
+	}
+	ch := make(chan *dbus.Signal, 10)
+	c.conn.Signal(ch)
+	return ch
+}
+
+// PowerOff asks logind for a power off optionally asking for auth.
+func (c *Conn) PowerOff(askForAuth bool) {
+	c.object.Call(dbusInterface+".PowerOff", 0, askForAuth)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/machine1/dbus.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/machine1/dbus.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/machine1/dbus.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/machine1/dbus.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,81 @@
+/*
+Copyright 2015 CoreOS Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Integration with the systemd machined API.  See http://www.freedesktop.org/wiki/Software/systemd/machined/
+package machine1
+
+import (
+	"os"
+	"strconv"
+
+	"github.com/godbus/dbus"
+)
+
+const (
+	dbusInterface = "org.freedesktop.machine1.Manager"
+	dbusPath      = "/org/freedesktop/machine1"
+)
+
+// Conn is a connection to systemds dbus endpoint.
+type Conn struct {
+	conn   *dbus.Conn
+	object dbus.BusObject
+}
+
+// New() establishes a connection to the system bus and authenticates.
+func New() (*Conn, error) {
+	c := new(Conn)
+
+	if err := c.initConnection(); err != nil {
+		return nil, err
+	}
+
+	return c, nil
+}
+
+func (c *Conn) initConnection() error {
+	var err error
+	c.conn, err = dbus.SystemBusPrivate()
+	if err != nil {
+		return err
+	}
+
+	// Only use EXTERNAL method, and hardcode the uid (not username)
+	// to avoid a username lookup (which requires a dynamically linked
+	// libc)
+	methods := []dbus.Auth{dbus.AuthExternal(strconv.Itoa(os.Getuid()))}
+
+	err = c.conn.Auth(methods)
+	if err != nil {
+		c.conn.Close()
+		return err
+	}
+
+	err = c.conn.Hello()
+	if err != nil {
+		c.conn.Close()
+		return err
+	}
+
+	c.object = c.conn.Object("org.freedesktop.machine1", dbus.ObjectPath(dbusPath))
+
+	return nil
+}
+
+// RegisterMachine registers the container with the systemd-machined
+func (c *Conn) RegisterMachine(name string, id []byte, service string, class string, pid int, root_directory string) error {
+	return c.object.Call(dbusInterface+".RegisterMachine", 0, name, id, service, class, uint32(pid), root_directory).Err
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/machine1/dbus_test.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/machine1/dbus_test.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/machine1/dbus_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/machine1/dbus_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,30 @@
+/*
+Copyright 2015 CoreOS Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package machine1
+
+import (
+	"testing"
+)
+
+// TestNew ensures that New() works without errors.
+func TestNew(t *testing.T) {
+	_, err := New()
+
+	if err != nil {
+		t.Fatal(err)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/README.md juju-core-2.0~beta12/src/github.com/coreos/go-systemd/README.md
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/README.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -1,30 +1,31 @@
 # go-systemd
 
-Go bindings to systemd. The project has three packages:
+[![Build Status](https://travis-ci.org/coreos/go-systemd.png?branch=master)](https://travis-ci.org/coreos/go-systemd)
+[![godoc](https://godoc.org/github.com/coreos/go-systemd?status.svg)](http://godoc.org/github.com/coreos/go-systemd)
 
-- activation - for writing and using socket activation from Go
-- dbus - for starting/stopping/inspecting running services and units
-- journal - for writing to systemd's logging service, journal
-- unit - for (de)serialization and comparison of unit files
+Go bindings to systemd. The project has several packages:
 
-Go docs for the entire project are here:
-
-http://godoc.org/github.com/coreos/go-systemd
+- `activation` - for writing and using socket activation from Go
+- `dbus` - for starting/stopping/inspecting running services and units
+- `journal` - for writing to systemd's logging service, journald
+- `sdjournal` - for reading from journald by wrapping its C API
+- `machine1` - for registering machines/containers with systemd
+- `unit` - for (de)serialization and comparison of unit files
 
 ## Socket Activation
 
-An example HTTP server using socket activation can be quickly setup by
-following this README on a Linux machine running systemd:
+An example HTTP server using socket activation can be quickly set up by following this README on a Linux machine running systemd:
 
 https://github.com/coreos/go-systemd/tree/master/examples/activation/httpserver
 
 ## Journal
 
-Using this package you can submit journal entries directly to systemd's journal taking advantage of features like indexed key/value pairs for each log entry.
+Using the pure-Go `journal` package you can submit journal entries directly to systemd's journal, taking advantage of features like indexed key/value pairs for each log entry.
+The `sdjournal` package provides read access to the journal by wrapping around journald's native C API; consequently it requires cgo and the journal headers to be available.
 
 ## D-Bus
 
-The D-Bus API lets you start, stop and introspect systemd units. The API docs are here:
+The `dbus` package connects to the [systemd D-Bus API](http://www.freedesktop.org/wiki/Software/systemd/dbus/) and lets you start, stop and introspect systemd units. The API docs are here:
 
 http://godoc.org/github.com/coreos/go-systemd/dbus
 
@@ -43,3 +44,11 @@
     </policy>
 </busconfig>
 ```
+
+## machined
+
+The `machine1` package allows interaction with the [systemd machined D-Bus API](http://www.freedesktop.org/wiki/Software/systemd/machined/).
+
+## Units
+
+The `unit` package provides various functions for working with [systemd unit files](http://www.freedesktop.org/software/systemd/man/systemd.unit.html).
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/sdjournal/journal.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/sdjournal/journal.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/sdjournal/journal.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/sdjournal/journal.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,357 @@
+// Copyright 2015 RedHat, Inc.
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package sdjournal provides a low-level Go interface to the
+// systemd journal wrapped around the sd-journal C API.
+//
+// All public read methods map closely to the sd-journal API functions. See the
+// sd-journal.h documentation[1] for information about each function.
+//
+// To write to the journal, see the pure-Go "journal" package
+//
+// [1] http://www.freedesktop.org/software/systemd/man/sd-journal.html
+package sdjournal
+
+/*
+#cgo pkg-config: libsystemd
+#include <systemd/sd-journal.h>
+#include <stdlib.h>
+#include <syslog.h>
+*/
+import "C"
+import (
+	"fmt"
+	"path/filepath"
+	"strings"
+	"sync"
+	"time"
+	"unsafe"
+)
+
+// Journal entry field strings which correspond to:
+// http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html
+const (
+	SD_JOURNAL_FIELD_SYSTEMD_UNIT = "_SYSTEMD_UNIT"
+	SD_JOURNAL_FIELD_MESSAGE      = "MESSAGE"
+	SD_JOURNAL_FIELD_PID          = "_PID"
+	SD_JOURNAL_FIELD_UID          = "_UID"
+	SD_JOURNAL_FIELD_GID          = "_GID"
+	SD_JOURNAL_FIELD_HOSTNAME     = "_HOSTNAME"
+	SD_JOURNAL_FIELD_MACHINE_ID   = "_MACHINE_ID"
+)
+
+// Journal event constants
+const (
+	SD_JOURNAL_NOP        = int(C.SD_JOURNAL_NOP)
+	SD_JOURNAL_APPEND     = int(C.SD_JOURNAL_APPEND)
+	SD_JOURNAL_INVALIDATE = int(C.SD_JOURNAL_INVALIDATE)
+)
+
+const (
+	// IndefiniteWait is a sentinel value that can be passed to
+	// sdjournal.Wait() to signal an indefinite wait for new journal
+	// events. It is implemented as the maximum value for a time.Duration:
+	// https://github.com/golang/go/blob/e4dcf5c8c22d98ac9eac7b9b226596229624cb1d/src/time/time.go#L434
+	IndefiniteWait time.Duration = 1<<63 - 1
+)
+
+// Journal is a Go wrapper of an sd_journal structure.
+type Journal struct {
+	cjournal *C.sd_journal
+	mu       sync.Mutex
+}
+
+// Match is a convenience wrapper to describe filters supplied to AddMatch.
+type Match struct {
+	Field string
+	Value string
+}
+
+// String returns a string representation of a Match suitable for use with AddMatch.
+func (m *Match) String() string {
+	return m.Field + "=" + m.Value
+}
+
+// NewJournal returns a new Journal instance pointing to the local journal
+func NewJournal() (*Journal, error) {
+	j := &Journal{}
+	r := C.sd_journal_open(&j.cjournal, C.SD_JOURNAL_LOCAL_ONLY)
+
+	if r < 0 {
+		return nil, fmt.Errorf("failed to open journal: %d", r)
+	}
+
+	return j, nil
+}
+
+// NewJournalFromDir returns a new Journal instance pointing to a journal residing
+// in a given directory. The supplied path may be relative or absolute; if
+// relative, it will be converted to an absolute path before being opened.
+func NewJournalFromDir(path string) (*Journal, error) {
+	path, err := filepath.Abs(path)
+	if err != nil {
+		return nil, err
+	}
+
+	p := C.CString(path)
+	defer C.free(unsafe.Pointer(p))
+
+	j := &Journal{}
+	r := C.sd_journal_open_directory(&j.cjournal, p, 0)
+	if r < 0 {
+		return nil, fmt.Errorf("failed to open journal in directory %q: %d", path, r)
+	}
+
+	return j, nil
+}
+
+// Close closes a journal opened with NewJournal.
+func (j *Journal) Close() error {
+	j.mu.Lock()
+	C.sd_journal_close(j.cjournal)
+	j.mu.Unlock()
+
+	return nil
+}
+
+// AddMatch adds a match by which to filter the entries of the journal.
+func (j *Journal) AddMatch(match string) error {
+	m := C.CString(match)
+	defer C.free(unsafe.Pointer(m))
+
+	j.mu.Lock()
+	r := C.sd_journal_add_match(j.cjournal, unsafe.Pointer(m), C.size_t(len(match)))
+	j.mu.Unlock()
+
+	if r < 0 {
+		return fmt.Errorf("failed to add match: %d", r)
+	}
+
+	return nil
+}
+
+// AddDisjunction inserts a logical OR in the match list.
+func (j *Journal) AddDisjunction() error {
+	j.mu.Lock()
+	r := C.sd_journal_add_disjunction(j.cjournal)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return fmt.Errorf("failed to add a disjunction in the match list: %d", r)
+	}
+
+	return nil
+}
+
+// AddConjunction inserts a logical AND in the match list.
+func (j *Journal) AddConjunction() error {
+	j.mu.Lock()
+	r := C.sd_journal_add_conjunction(j.cjournal)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return fmt.Errorf("failed to add a conjunction in the match list: %d", r)
+	}
+
+	return nil
+}
+
+// FlushMatches flushes all matches, disjunctions and conjunctions.
+func (j *Journal) FlushMatches() {
+	j.mu.Lock()
+	C.sd_journal_flush_matches(j.cjournal)
+	j.mu.Unlock()
+}
+
+// Next advances the read pointer into the journal by one entry.
+func (j *Journal) Next() (int, error) {
+	j.mu.Lock()
+	r := C.sd_journal_next(j.cjournal)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return int(r), fmt.Errorf("failed to iterate journal: %d", r)
+	}
+
+	return int(r), nil
+}
+
+// NextSkip advances the read pointer by multiple entries at once,
+// as specified by the skip parameter.
+func (j *Journal) NextSkip(skip uint64) (uint64, error) {
+	j.mu.Lock()
+	r := C.sd_journal_next_skip(j.cjournal, C.uint64_t(skip))
+	j.mu.Unlock()
+
+	if r < 0 {
+		return uint64(r), fmt.Errorf("failed to iterate journal: %d", r)
+	}
+
+	return uint64(r), nil
+}
+
+// Previous sets the read pointer into the journal back by one entry.
+func (j *Journal) Previous() (uint64, error) {
+	j.mu.Lock()
+	r := C.sd_journal_previous(j.cjournal)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return uint64(r), fmt.Errorf("failed to iterate journal: %d", r)
+	}
+
+	return uint64(r), nil
+}
+
+// PreviousSkip sets back the read pointer by multiple entries at once,
+// as specified by the skip parameter.
+func (j *Journal) PreviousSkip(skip uint64) (uint64, error) {
+	j.mu.Lock()
+	r := C.sd_journal_previous_skip(j.cjournal, C.uint64_t(skip))
+	j.mu.Unlock()
+
+	if r < 0 {
+		return uint64(r), fmt.Errorf("failed to iterate journal: %d", r)
+	}
+
+	return uint64(r), nil
+}
+
+// GetData gets the data object associated with a specific field from the
+// current journal entry.
+func (j *Journal) GetData(field string) (string, error) {
+	f := C.CString(field)
+	defer C.free(unsafe.Pointer(f))
+
+	var d unsafe.Pointer
+	var l C.size_t
+
+	j.mu.Lock()
+	r := C.sd_journal_get_data(j.cjournal, f, &d, &l)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return "", fmt.Errorf("failed to read message: %d", r)
+	}
+
+	msg := C.GoStringN((*C.char)(d), C.int(l))
+
+	return msg, nil
+}
+
+// GetDataValue gets the data object associated with a specific field from the
+// current journal entry, returning only the value of the object.
+func (j *Journal) GetDataValue(field string) (string, error) {
+	val, err := j.GetData(field)
+	if err != nil {
+		return "", err
+	}
+	return strings.SplitN(val, "=", 2)[1], nil
+}
+
+// SetDataThresold sets the data field size threshold for data returned by
+// GetData. To retrieve the complete data fields this threshold should be
+// turned off by setting it to 0, so that the library always returns the
+// complete data objects.
+func (j *Journal) SetDataThreshold(threshold uint64) error {
+	j.mu.Lock()
+	r := C.sd_journal_set_data_threshold(j.cjournal, C.size_t(threshold))
+	j.mu.Unlock()
+
+	if r < 0 {
+		return fmt.Errorf("failed to set data threshold: %d", r)
+	}
+
+	return nil
+}
+
+// GetRealtimeUsec gets the realtime (wallclock) timestamp of the current
+// journal entry.
+func (j *Journal) GetRealtimeUsec() (uint64, error) {
+	var usec C.uint64_t
+
+	j.mu.Lock()
+	r := C.sd_journal_get_realtime_usec(j.cjournal, &usec)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return 0, fmt.Errorf("error getting timestamp for entry: %d", r)
+	}
+
+	return uint64(usec), nil
+}
+
+// SeekTail may be used to seek to the end of the journal, i.e. the most recent
+// available entry.
+func (j *Journal) SeekTail() error {
+	j.mu.Lock()
+	r := C.sd_journal_seek_tail(j.cjournal)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return fmt.Errorf("failed to seek to tail of journal: %d", r)
+	}
+
+	return nil
+}
+
+// SeekRealtimeUsec seeks to the entry with the specified realtime (wallclock)
+// timestamp, i.e. CLOCK_REALTIME.
+func (j *Journal) SeekRealtimeUsec(usec uint64) error {
+	j.mu.Lock()
+	r := C.sd_journal_seek_realtime_usec(j.cjournal, C.uint64_t(usec))
+	j.mu.Unlock()
+
+	if r < 0 {
+		return fmt.Errorf("failed to seek to %d: %d", usec, r)
+	}
+
+	return nil
+}
+
+// Wait will synchronously wait until the journal gets changed. The maximum time
+// this call sleeps may be controlled with the timeout parameter.  If
+// sdjournal.IndefiniteWait is passed as the timeout parameter, Wait will
+// wait indefinitely for a journal change.
+func (j *Journal) Wait(timeout time.Duration) int {
+	var to uint64
+	if timeout == IndefiniteWait {
+		// sd_journal_wait(3) calls for a (uint64_t) -1 to be passed to signify
+		// indefinite wait, but using a -1 overflows our C.uint64_t, so we use an
+		// equivalent hex value.
+		to = 0xffffffffffffffff
+	} else {
+		to = uint64(time.Now().Add(timeout).Unix() / 1000)
+	}
+	j.mu.Lock()
+	r := C.sd_journal_wait(j.cjournal, C.uint64_t(to))
+	j.mu.Unlock()
+
+	return int(r)
+}
+
+// GetUsage returns the journal disk space usage, in bytes.
+func (j *Journal) GetUsage() (uint64, error) {
+	var out C.uint64_t
+	j.mu.Lock()
+	r := C.sd_journal_get_usage(j.cjournal, &out)
+	j.mu.Unlock()
+
+	if r < 0 {
+		return 0, fmt.Errorf("failed to get journal disk space usage: %d", r)
+	}
+
+	return uint64(out), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/sdjournal/journal_test.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/sdjournal/journal_test.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/sdjournal/journal_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/sdjournal/journal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,90 @@
+// Copyright 2015 RedHat, Inc.
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sdjournal
+
+import (
+	"os"
+	"testing"
+	"time"
+
+	"github.com/coreos/go-systemd/journal"
+)
+
+func TestJournalFollow(t *testing.T) {
+	r, err := NewJournalReader(JournalReaderConfig{
+		Since: time.Duration(-15) * time.Second,
+		Matches: []Match{
+			{
+				Field: SD_JOURNAL_FIELD_SYSTEMD_UNIT,
+				Value: "NetworkManager.service",
+			},
+		},
+	})
+
+	if err != nil {
+		t.Fatalf("Error opening journal: %s", err)
+	}
+
+	if r == nil {
+		t.Fatal("Got a nil reader")
+	}
+
+	defer r.Close()
+
+	// start writing some test entries
+	done := make(chan struct{}, 1)
+	defer close(done)
+	go func() {
+		for {
+			select {
+			case <-done:
+				return
+			default:
+				if err = journal.Print(journal.PriInfo, "test message %s", time.Now()); err != nil {
+					t.Fatalf("Error writing to journal: %s", err)
+				}
+
+				time.Sleep(time.Second)
+			}
+		}
+	}()
+
+	// and follow the reader synchronously
+	timeout := time.Duration(5) * time.Second
+	if err = r.Follow(time.After(timeout), os.Stdout); err != ErrExpired {
+		t.Fatalf("Error during follow: %s", err)
+	}
+}
+
+func TestJournalGetUsage(t *testing.T) {
+	j, err := NewJournal()
+
+	if err != nil {
+		t.Fatalf("Error opening journal: %s", err)
+	}
+
+	if j == nil {
+		t.Fatal("Got a nil journal")
+	}
+
+	defer j.Close()
+
+	_, err = j.GetUsage()
+
+	if err != nil {
+		t.Fatalf("Error getting journal size: %s", err)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/sdjournal/read.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/sdjournal/read.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/sdjournal/read.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/sdjournal/read.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,209 @@
+// Copyright 2015 RedHat, Inc.
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sdjournal
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"log"
+	"time"
+)
+
+var (
+	ErrExpired = errors.New("Timeout expired")
+)
+
+// JournalReaderConfig represents options to drive the behavior of a JournalReader.
+type JournalReaderConfig struct {
+	// The Since and NumFromTail options are mutually exclusive and determine
+	// where the reading begins within the journal.
+	Since       time.Duration // start relative to a Duration from now
+	NumFromTail uint64        // start relative to the tail
+
+	// Show only journal entries whose fields match the supplied values. If
+	// the array is empty, entries will not be filtered.
+	Matches []Match
+
+	// If not empty, the journal instance will point to a journal residing
+	// in this directory. The supplied path may be relative or absolute.
+	Path string
+}
+
+// JournalReader is an io.ReadCloser which provides a simple interface for iterating through the
+// systemd journal.
+type JournalReader struct {
+	journal *Journal
+}
+
+// NewJournalReader creates a new JournalReader with configuration options that are similar to the
+// systemd journalctl tool's iteration and filtering features.
+func NewJournalReader(config JournalReaderConfig) (*JournalReader, error) {
+	r := &JournalReader{}
+
+	// Open the journal
+	var err error
+	if config.Path != "" {
+		r.journal, err = NewJournalFromDir(config.Path)
+	} else {
+		r.journal, err = NewJournal()
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	// Add any supplied matches
+	for _, m := range config.Matches {
+		r.journal.AddMatch(m.String())
+	}
+
+	// Set the start position based on options
+	if config.Since != 0 {
+		// Start based on a relative time
+		start := time.Now().Add(config.Since)
+		if err := r.journal.SeekRealtimeUsec(uint64(start.UnixNano() / 1000)); err != nil {
+			return nil, err
+		}
+	} else if config.NumFromTail != 0 {
+		// Start based on a number of lines before the tail
+		if err := r.journal.SeekTail(); err != nil {
+			return nil, err
+		}
+
+		// Move the read pointer into position near the tail. Go one further than
+		// the option so that the initial cursor advancement positions us at the
+		// correct starting point.
+		if _, err := r.journal.PreviousSkip(config.NumFromTail + 1); err != nil {
+			return nil, err
+		}
+	}
+
+	return r, nil
+}
+
+func (r *JournalReader) Read(b []byte) (int, error) {
+	var err error
+	var c int
+
+	// Advance the journal cursor
+	c, err = r.journal.Next()
+
+	// An unexpected error
+	if err != nil {
+		return 0, err
+	}
+
+	// EOF detection
+	if c == 0 {
+		return 0, io.EOF
+	}
+
+	// Build a message
+	var msg string
+	msg, err = r.buildMessage()
+
+	if err != nil {
+		return 0, err
+	}
+
+	// Copy and return the message
+	copy(b, []byte(msg))
+
+	return len(msg), nil
+}
+
+func (r *JournalReader) Close() error {
+	return r.journal.Close()
+}
+
+// Follow synchronously follows the JournalReader, writing each new journal entry to writer. The
+// follow will continue until a single time.Time is received on the until channel.
+func (r *JournalReader) Follow(until <-chan time.Time, writer io.Writer) (err error) {
+
+	// Process journal entries and events. Entries are flushed until the tail or
+	// timeout is reached, and then we wait for new events or the timeout.
+	var msg = make([]byte, 64*1<<(10))
+process:
+	for {
+		c, err := r.Read(msg)
+		if err != nil && err != io.EOF {
+			break process
+		}
+
+		select {
+		case <-until:
+			return ErrExpired
+		default:
+			if c > 0 {
+				writer.Write(msg[:c])
+				continue process
+			}
+		}
+
+		// We're at the tail, so wait for new events or time out.
+		// Holds journal events to process. Tightly bounded for now unless there's a
+		// reason to unblock the journal watch routine more quickly.
+		events := make(chan int, 1)
+		pollDone := make(chan bool, 1)
+		go func() {
+			for {
+				select {
+				case <-pollDone:
+					return
+				default:
+					events <- r.journal.Wait(time.Duration(1) * time.Second)
+				}
+			}
+		}()
+
+		select {
+		case <-until:
+			pollDone <- true
+			return ErrExpired
+		case e := <-events:
+			pollDone <- true
+			switch e {
+			case SD_JOURNAL_NOP, SD_JOURNAL_APPEND, SD_JOURNAL_INVALIDATE:
+				// TODO: need to account for any of these?
+			default:
+				log.Printf("Received unknown event: %d\n", e)
+			}
+			continue process
+		}
+	}
+
+	return
+}
+
+// buildMessage returns a string representing the current journal entry in a simple format which
+// includes the entry timestamp and MESSAGE field.
+func (r *JournalReader) buildMessage() (string, error) {
+	var msg string
+	var usec uint64
+	var err error
+
+	if msg, err = r.journal.GetData("MESSAGE"); err != nil {
+		return "", err
+	}
+
+	if usec, err = r.journal.GetRealtimeUsec(); err != nil {
+		return "", err
+	}
+
+	timestamp := time.Unix(0, int64(usec)*int64(time.Microsecond))
+
+	return fmt.Sprintf("%s %s\n", timestamp, msg), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/test juju-core-2.0~beta12/src/github.com/coreos/go-systemd/test
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/test	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/test	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,76 @@
-#!/bin/sh -e
+#!/bin/bash -e
+#
+# Run all tests
+#   ./test
+#   ./test -v
+#
+# Run tests for one package
+#   PKG=./foo ./test
+#   PKG=bar ./test
+#
 
-go test -v ./...
+# Invoke ./cover for HTML output
+COVER=${COVER:-"-cover"}
+
+PROJ="go-systemd"
+ORG_PATH="github.com/coreos"
+REPO_PATH="${ORG_PATH}/${PROJ}"
+
+# As a convenience, set up a self-contained GOPATH if none set
+if [ -z "$GOPATH" ]; then
+	if [ ! -h gopath/src/${REPO_PATH} ]; then
+		mkdir -p gopath/src/${ORG_PATH}
+		ln -s ../../../.. gopath/src/${REPO_PATH} || exit 255
+	fi
+	export GOPATH=${PWD}/gopath
+	go get -u github.com/godbus/dbus
+fi
+
+TESTABLE="activation journal login1 machine1 unit"
+FORMATTABLE="$TESTABLE sdjournal dbus"
+if [ -e "/run/systemd/system/" ]; then
+	TESTABLE="${TESTABLE} sdjournal"
+	if [ "$EUID" == "0" ]; then
+		# testing actual systemd behaviour requires root
+		TESTABLE="${TESTABLE} dbus"
+	fi
+fi
+
+
+# user has not provided PKG override
+if [ -z "$PKG" ]; then
+	TEST=$TESTABLE
+	FMT=$FORMATTABLE
+
+# user has provided PKG override
+else
+	# strip out slashes and dots from PKG=./foo/
+	TEST=${PKG//\//}
+	TEST=${TEST//./}
+
+	# only run gofmt on packages provided by user
+	FMT="$TEST"
+fi
+
+# split TEST into an array and prepend REPO_PATH to each local package
+split=(${TEST// / })
+TEST=${split[@]/#/${REPO_PATH}/}
+
+echo "Running tests..."
+go test ${COVER} $@ ${TEST}
+
+echo "Checking gofmt..."
+fmtRes=$(gofmt -l $FMT)
+if [ -n "${fmtRes}" ]; then
+	echo -e "gofmt checking failed:\n${fmtRes}"
+	exit 255
+fi
+
+echo "Checking govet..."
+vetRes=$(go vet $TEST)
+if [ -n "${vetRes}" ]; then
+	echo -e "govet checking failed:\n${vetRes}"
+	exit 255
+fi
+
+echo "Success"
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/.travis.yml juju-core-2.0~beta12/src/github.com/coreos/go-systemd/.travis.yml
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/.travis.yml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/.travis.yml	2016-07-18 19:45:44.000000000 +0000
@@ -1,8 +1,8 @@
 language: go
-go: 1.2
+go: 1.4
 
 install:
- - echo "Skip install"
+ - go get github.com/godbus/dbus
 
 script:
  - ./test
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/deserialize.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/deserialize.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/deserialize.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/deserialize.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,6 +24,23 @@
 	"unicode"
 )
 
+const (
+	// SYSTEMD_LINE_MAX mimics the maximum line length that systemd can use.
+	// On typical systemd platforms (i.e. modern Linux), this will most
+	// commonly be 2048, so let's use that as a sanity check.
+	// Technically, we should probably pull this at runtime:
+	//    SYSTEMD_LINE_MAX = int(C.sysconf(C.__SC_LINE_MAX))
+	// but this would introduce an (unfortunate) dependency on cgo
+	SYSTEMD_LINE_MAX = 2048
+
+	// characters that systemd considers indicate a newline
+	SYSTEMD_NEWLINE = "\r\n"
+)
+
+var (
+	ErrLineTooLong = fmt.Errorf("line too long (max %d bytes)", SYSTEMD_LINE_MAX)
+)
+
 // Deserialize parses a systemd unit file into a list of UnitOption objects.
 func Deserialize(f io.Reader) (opts []*UnitOption, err error) {
 	lexer, optchan, errchan := newLexer(f)
@@ -54,17 +71,34 @@
 
 func (l *lexer) lex() {
 	var err error
+	defer func() {
+		close(l.optchan)
+		close(l.errchan)
+	}()
 	next := l.lexNextSection
 	for next != nil {
+		if l.buf.Buffered() >= SYSTEMD_LINE_MAX {
+			// systemd truncates lines longer than LINE_MAX
+			// https://bugs.freedesktop.org/show_bug.cgi?id=85308
+			// Rather than allowing this to pass silently, let's
+			// explicitly gate people from encountering this
+			line, err := l.buf.Peek(SYSTEMD_LINE_MAX)
+			if err != nil {
+				l.errchan <- err
+				return
+			}
+			if bytes.IndexAny(line, SYSTEMD_NEWLINE) == -1 {
+				l.errchan <- ErrLineTooLong
+				return
+			}
+		}
+
 		next, err = next()
 		if err != nil {
 			l.errchan <- err
-			break
+			return
 		}
 	}
-
-	close(l.optchan)
-	close(l.errchan)
 }
 
 type lexStep func() (lexStep, error)
@@ -80,7 +114,7 @@
 
 func (l *lexer) lexSectionSuffixFunc(section string) lexStep {
 	return func() (lexStep, error) {
-		garbage, err := l.toEOL()
+		garbage, _, err := l.toEOL()
 		if err != nil {
 			return nil, err
 		}
@@ -97,7 +131,7 @@
 func (l *lexer) ignoreLineFunc(next lexStep) lexStep {
 	return func() (lexStep, error) {
 		for {
-			line, err := l.toEOL()
+			line, _, err := l.toEOL()
 			if err != nil {
 				return nil, err
 			}
@@ -177,49 +211,64 @@
 		}
 
 		name := strings.TrimSpace(partial.String())
-		return l.lexOptionValueFunc(section, name), nil
+		return l.lexOptionValueFunc(section, name, bytes.Buffer{}), nil
 	}
 }
 
-func (l *lexer) lexOptionValueFunc(section, name string) lexStep {
+func (l *lexer) lexOptionValueFunc(section, name string, partial bytes.Buffer) lexStep {
 	return func() (lexStep, error) {
-		var partial bytes.Buffer
-
 		for {
-			line, err := l.toEOL()
+			line, eof, err := l.toEOL()
 			if err != nil {
 				return nil, err
 			}
 
+			if len(bytes.TrimSpace(line)) == 0 {
+				break
+			}
+
+			partial.Write(line)
+
 			// lack of continuation means this value has been exhausted
 			idx := bytes.LastIndex(line, []byte{'\\'})
 			if idx == -1 || idx != (len(line)-1) {
-				partial.Write(line)
 				break
 			}
 
-			partial.Write(line[0:idx])
-			partial.WriteRune(' ')
+			if !eof {
+				partial.WriteRune('\n')
+			}
+
+			return l.lexOptionValueFunc(section, name, partial), nil
 		}
 
-		val := strings.TrimSpace(partial.String())
+		val := partial.String()
+		if strings.HasSuffix(val, "\n") {
+			// A newline was added to the end, so the file didn't end with a backslash.
+			// => Keep the newline
+			val = strings.TrimSpace(val) + "\n"
+		} else {
+			val = strings.TrimSpace(val)
+		}
 		l.optchan <- &UnitOption{Section: section, Name: name, Value: val}
 
 		return l.lexNextSectionOrOptionFunc(section), nil
 	}
 }
 
-func (l *lexer) toEOL() ([]byte, error) {
+// toEOL reads until the end-of-line or end-of-file.
+// Returns (data, EOFfound, error)
+func (l *lexer) toEOL() ([]byte, bool, error) {
 	line, err := l.buf.ReadBytes('\n')
 	// ignore EOF here since it's roughly equivalent to EOL
 	if err != nil && err != io.EOF {
-		return nil, err
+		return nil, false, err
 	}
 
 	line = bytes.TrimSuffix(line, []byte{'\r'})
 	line = bytes.TrimSuffix(line, []byte{'\n'})
 
-	return line, nil
+	return line, err == io.EOF, nil
 }
 
 func isComment(r rune) bool {
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/deserialize_test.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/deserialize_test.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/deserialize_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/deserialize_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -80,14 +80,15 @@
 			},
 		},
 
-		// line continuations respected
+		// line continuations unmodified
 		{
 			[]byte(`[Unit]
 Description= Unnecessarily wrapped \
     words here
 `),
 			[]*UnitOption{
-				&UnitOption{"Unit", "Description", "Unnecessarily wrapped      words here"},
+				&UnitOption{"Unit", "Description", `Unnecessarily wrapped \
+    words here`},
 			},
 		},
 
@@ -119,8 +120,8 @@
 Baz
 `),
 			[]*UnitOption{
-				&UnitOption{"Unit", "Description", "Bar # comment alpha"},
-				&UnitOption{"Unit", "Description", "Bar # comment bravo  Baz"},
+				&UnitOption{"Unit", "Description", "Bar\\\n# comment alpha"},
+				&UnitOption{"Unit", "Description", "Bar\\\n# comment bravo \\\nBaz"},
 			},
 		},
 
@@ -180,7 +181,7 @@
 			[]byte(`[Unit]
 Description=Bar \`),
 			[]*UnitOption{
-				&UnitOption{"Unit", "Description", "Bar"},
+				&UnitOption{"Unit", "Description", "Bar \\"},
 			},
 		},
 
@@ -218,7 +219,7 @@
 Description= words here \
   `),
 			[]*UnitOption{
-				&UnitOption{"Unit", "Description", "words here"},
+				&UnitOption{"Unit", "Description", "words here \\\n"},
 			},
 		},
 
@@ -240,6 +241,25 @@
 				&UnitOption{"Service", "ExecStart", `/bin/bash echo poof \`},
 			},
 		},
+		// a long unit file line that's just equal to the maximum permitted length
+		{
+			[]byte(`[Service]
+ExecStart=/bin/bash -c "echo ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................."`),
+			[]*UnitOption{
+				&UnitOption{"Service", "ExecStart", `/bin/bash -c "echo ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................."`},
+			},
+		},
+		// the same, but with a trailing newline
+		{
+			[]byte(`[Service]
+ExecStart=/bin/bash -c "echo ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................."
+Option=value
+`),
+			[]*UnitOption{
+				&UnitOption{"Service", "ExecStart", `/bin/bash -c "echo ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................."`},
+				&UnitOption{"Service", "Option", "value"},
+			},
+		},
 	}
 
 	assert := func(expect, output []*UnitOption) error {
@@ -301,7 +321,7 @@
 	for i, tt := range tests {
 		output, err := Deserialize(bytes.NewReader(tt))
 		if err == nil {
-			t.Errorf("case %d: unexpected non-nil error, received nil", i)
+			t.Errorf("case %d: unexpected nil error", i)
 			t.Log("Output:")
 			logUnitOptionSlice(t, output)
 		}
@@ -313,3 +333,49 @@
 		t.Logf("%d: %v", idx, opt)
 	}
 }
+
+func TestDeserializeLineTooLong(t *testing.T) {
+	tests := [][]byte{
+		// section header that's far too long
+		[]byte(`[Seeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeervice]
+`),
+		// sane-looking unit file with a line just greater than the maximum allowed (currently, 2048)
+		[]byte(`[Service]
+ExecStart=/bin/bash -c "echo ..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................."
+`),
+		// sane-looking unit file with option value way too long
+		[]byte(`
+# test unit file
+
+[Service]
+ExecStartPre=-/usr/bin/docker rm %p
+ExecStartPre=-/usr/bin/docker pull busybox
+ExecStart=/usr/bin/docker run --rm --name %p --net=host \
+  -e "test=1123t" \
+  -e "test=1123t" \
+  -e "fiz=1123t" \
+  -e "buz=1123t" \
+  -e "FOO=BARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBABARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARRBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBAR"BARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBABARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARRBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBARBAR" \
+  busybox sleep 10
+ExecStop=-/usr/bin/docker kill %p
+SyslogIdentifier=busybox
+Restart=always
+RestartSec=10s
+`),
+		// single arbitrary line that's way too long
+		[]byte(`arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 character arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 character arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 character arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 character arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters arbitrary and extraordinarily long line that is far greater than 2048 characters`),
+		// sane-looking unit file with option name way too long
+		[]byte(`[Service]
+ExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStartExecStart=/bin/true
+`),
+	}
+
+	for i, tt := range tests {
+		output, err := Deserialize(bytes.NewReader(tt))
+		if err != ErrLineTooLong {
+			t.Errorf("case %d: unexpected err: %v", i, err)
+			t.Log("Output:")
+			logUnitOptionSlice(t, output)
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/end_to_end_test.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/end_to_end_test.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/end_to_end_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/end_to_end_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,88 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package unit
+
+import (
+	"bytes"
+	"io/ioutil"
+	"testing"
+)
+
+func TestDeserializeAndReserialize(t *testing.T) {
+	tests := []struct {
+		in   string
+		wout string
+	}{
+		{
+			`[Service]
+ExecStart=/bin/bash -c "while true; do echo \"ping\"; sleep 1; done"
+`,
+			`[Service]
+ExecStart=/bin/bash -c "while true; do echo \"ping\"; sleep 1; done"
+`},
+		{
+			`[Unit]
+Description= Unnecessarily wrapped \
+    words here`,
+			`[Unit]
+Description=Unnecessarily wrapped \
+    words here
+`,
+		},
+		{
+			`[Unit]
+Description=Demo \
+
+Requires=docker.service
+`,
+			`[Unit]
+Description=Demo \
+
+Requires=docker.service
+`,
+		},
+		{
+			`; comment alpha
+# comment bravo
+[Unit]
+; comment charlie
+# comment delta
+#Description=Foo
+Description=Bar
+; comment echo
+# comment foxtrot
+`,
+			`[Unit]
+Description=Bar
+`},
+	}
+	for i, tt := range tests {
+		ds, err := Deserialize(bytes.NewBufferString(tt.in))
+		if err != nil {
+			t.Errorf("case %d: unexpected error parsing unit: %v", i, err)
+			continue
+		}
+		out, err := ioutil.ReadAll(Serialize(ds))
+		if err != nil {
+			t.Errorf("case %d: unexpected error serializing unit: %v", i, err)
+			continue
+		}
+		if g := string(out); g != tt.wout {
+			t.Errorf("case %d: incorrect output", i)
+			t.Logf("Expected:\n%#v", tt.wout)
+			t.Logf("Actual:\n%#v", g)
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/escape.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/escape.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/escape.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/escape.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,116 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Implements systemd-escape [--unescape] [--path]
+
+package unit
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+)
+
+const (
+	allowed = `:_.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789`
+)
+
+// If isPath is true:
+//   We remove redundant '/'s, the leading '/', and trailing '/'.
+//   If the result is empty, a '/' is inserted.
+//
+// We always:
+//  Replace the following characters with `\x%x`:
+//   Leading `.`
+//   `-`, `\`, and anything not in this set: `:-_.\[0-9a-zA-Z]`
+//  Replace '/' with '-'.
+func escape(unescaped string, isPath bool) string {
+	e := []byte{}
+	inSlashes := false
+	start := true
+	for i := 0; i < len(unescaped); i++ {
+		c := unescaped[i]
+		if isPath {
+			if c == '/' {
+				inSlashes = true
+				continue
+			} else if inSlashes {
+				inSlashes = false
+				if !start {
+					e = append(e, '-')
+				}
+			}
+		}
+
+		if c == '/' {
+			e = append(e, '-')
+		} else if start && c == '.' || strings.IndexByte(allowed, c) == -1 {
+			e = append(e, []byte(fmt.Sprintf(`\x%x`, c))...)
+		} else {
+			e = append(e, c)
+		}
+		start = false
+	}
+	if isPath && len(e) == 0 {
+		e = append(e, '-')
+	}
+	return string(e)
+}
+
+// If isPath is true:
+//   We always return a string beginning with '/'.
+//
+// We always:
+//  Replace '-' with '/'.
+//  Replace `\x%x` with the value represented in hex.
+func unescape(escaped string, isPath bool) string {
+	u := []byte{}
+	for i := 0; i < len(escaped); i++ {
+		c := escaped[i]
+		if c == '-' {
+			c = '/'
+		} else if c == '\\' && len(escaped)-i >= 4 && escaped[i+1] == 'x' {
+			n, err := strconv.ParseInt(escaped[i+2:i+4], 16, 8)
+			if err == nil {
+				c = byte(n)
+				i += 3
+			}
+		}
+		u = append(u, c)
+	}
+	if isPath && (len(u) == 0 || u[0] != '/') {
+		u = append([]byte("/"), u...)
+	}
+	return string(u)
+}
+
+// UnitNameEscape escapes a string as `systemd-escape` would
+func UnitNameEscape(unescaped string) string {
+	return escape(unescaped, false)
+}
+
+// UnitNameUnescape unescapes a string as `systemd-escape --unescape` would
+func UnitNameUnescape(escaped string) string {
+	return unescape(escaped, false)
+}
+
+// UnitNamePathEscape escapes a string as `systemd-escape --path` would
+func UnitNamePathEscape(unescaped string) string {
+	return escape(unescaped, true)
+}
+
+// UnitNamePathUnescape unescapes a string as `systemd-escape --path --unescape` would
+func UnitNamePathUnescape(escaped string) string {
+	return unescape(escaped, true)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/escape_test.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/escape_test.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/escape_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/escape_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,211 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package unit
+
+import (
+	"testing"
+)
+
+func TestUnitNameEscape(t *testing.T) {
+	tests := []struct {
+		in     string
+		out    string
+		isPath bool
+	}{
+		// turn empty string path into escaped /
+		{
+			in:     "",
+			out:    "-",
+			isPath: true,
+		},
+		// turn redundant ////s into single escaped /
+		{
+			in:     "/////////",
+			out:    "-",
+			isPath: true,
+		},
+		// remove all redundant ////s
+		{
+			in:     "///foo////bar/////tail//////",
+			out:    "foo-bar-tail",
+			isPath: true,
+		},
+		// leave empty string empty
+		{
+			in:     "",
+			out:    "",
+			isPath: false,
+		},
+		// escape leading dot
+		{
+			in:     ".",
+			out:    `\x2e`,
+			isPath: true,
+		},
+		// escape leading dot
+		{
+			in:     "/.",
+			out:    `\x2e`,
+			isPath: true,
+		},
+		// escape leading dot
+		{
+			in:     "/////////.",
+			out:    `\x2e`,
+			isPath: true,
+		},
+		// escape leading dot
+		{
+			in:     "/////////.///////////////",
+			out:    `\x2e`,
+			isPath: true,
+		},
+		// escape leading dot
+		{
+			in:     ".....",
+			out:    `\x2e....`,
+			isPath: true,
+		},
+		// escape leading dot
+		{
+			in:     "/.foo/.bar",
+			out:    `\x2efoo-.bar`,
+			isPath: true,
+		},
+		// escape leading dot
+		{
+			in:     ".foo/.bar",
+			out:    `\x2efoo-.bar`,
+			isPath: true,
+		},
+		// escape leading dot
+		{
+			in:     ".foo/.bar",
+			out:    `\x2efoo-.bar`,
+			isPath: false,
+		},
+		// escape disallowed
+		{
+			in:     `///..\-!#??///`,
+			out:    `---..\x5c\x2d\x21\x23\x3f\x3f---`,
+			isPath: false,
+		},
+		// escape disallowed
+		{
+			in:     `///..\-!#??///`,
+			out:    `\x2e.\x5c\x2d\x21\x23\x3f\x3f`,
+			isPath: true,
+		},
+		// escape real-world example
+		{
+			in:     `user-cloudinit@/var/lib/coreos/vagrant/vagrantfile-user-data.service`,
+			out:    `user\x2dcloudinit\x40-var-lib-coreos-vagrant-vagrantfile\x2duser\x2ddata.service`,
+			isPath: false,
+		},
+	}
+
+	for i, tt := range tests {
+		var s string
+		if tt.isPath {
+			s = UnitNamePathEscape(tt.in)
+		} else {
+			s = UnitNameEscape(tt.in)
+		}
+		if s != tt.out {
+			t.Errorf("case %d: failed escaping %v isPath: %v - expected %v, got %v", i, tt.in, tt.isPath, tt.out, s)
+		}
+	}
+}
+
+func TestUnitNameUnescape(t *testing.T) {
+	tests := []struct {
+		in     string
+		out    string
+		isPath bool
+	}{
+		// turn empty string path into /
+		{
+			in:     "",
+			out:    "/",
+			isPath: true,
+		},
+		// leave empty string empty
+		{
+			in:     "",
+			out:    "",
+			isPath: false,
+		},
+		// turn ////s into
+		{
+			in:     "---------",
+			out:    "/////////",
+			isPath: true,
+		},
+		// unescape hex
+		{
+			in:     `---..\x5c\x2d\x21\x23\x3f\x3f---`,
+			out:    `///..\-!#??///`,
+			isPath: false,
+		},
+		// unescape hex
+		{
+			in:     `\x2e.\x5c\x2d\x21\x23\x3f\x3f`,
+			out:    `/..\-!#??`,
+			isPath: true,
+		},
+		// unescape hex, retain invalids
+		{
+			in:     `\x2e.\x5c\x2d\xaZ\x.o\x21\x23\x3f\x3f`,
+			out:    `/..\-\xaZ\x.o!#??`,
+			isPath: true,
+		},
+		// unescape hex, retain invalids, partial tail
+		{
+			in:     `\x2e.\x5c\x\x2d\xaZ\x.o\x21\x23\x3f\x3f\x3`,
+			out:    `/..\\x-\xaZ\x.o!#??\x3`,
+			isPath: true,
+		},
+		// unescape hex, retain invalids, partial tail
+		{
+			in:     `\x2e.\x5c\x\x2d\xaZ\x.o\x21\x23\x3f\x3f\x`,
+			out:    `/..\\x-\xaZ\x.o!#??\x`,
+			isPath: true,
+		},
+		// unescape hex, retain invalids, partial tail
+		{
+			in:     `\x2e.\x5c\x\x2d\xaZ\x.o\x21\x23\x3f\x3f\`,
+			out:    `/..\\x-\xaZ\x.o!#??\`,
+			isPath: true,
+		},
+		// unescape real-world example
+		{
+			in:     `user\x2dcloudinit\x40-var-lib-coreos-vagrant-vagrantfile\x2duser\x2ddata.service`,
+			out:    `user-cloudinit@/var/lib/coreos/vagrant/vagrantfile-user-data.service`,
+			isPath: false,
+		},
+	}
+
+	for i, tt := range tests {
+		var s string
+		if tt.isPath {
+			s = UnitNamePathUnescape(tt.in)
+		} else {
+			s = UnitNameUnescape(tt.in)
+		}
+		if s != tt.out {
+			t.Errorf("case %d: failed unescaping %v isPath: %v - expected %v, got %v", i, tt.in, tt.isPath, tt.out, s)
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/option.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/option.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/option.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/option.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,6 +24,10 @@
 	Value   string
 }
 
+func NewUnitOption(section, name, value string) *UnitOption {
+	return &UnitOption{Section: section, Name: name, Value: value}
+}
+
 func (uo *UnitOption) String() string {
 	return fmt.Sprintf("{Section: %q, Name: %q, Value: %q}", uo.Section, uo.Name, uo.Value)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/serialize.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/serialize.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/serialize.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/serialize.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,9 @@
 	"io"
 )
 
-// Serialize encodes all of the given UnitOption objects into a unit file
+// Serialize encodes all of the given UnitOption objects into a
+// unit file. When serialized the options are sorted in their
+// supplied order but grouped by section.
 func Serialize(opts []*UnitOption) io.Reader {
 	var buf bytes.Buffer
 
@@ -27,20 +29,30 @@
 		return &buf
 	}
 
+	// Index of sections -> ordered options
 	idx := map[string][]*UnitOption{}
+	// Separately preserve order in which sections were seen
+	sections := []string{}
 	for _, opt := range opts {
-		idx[opt.Section] = append(idx[opt.Section], opt)
+		sec := opt.Section
+		if _, ok := idx[sec]; !ok {
+			sections = append(sections, sec)
+		}
+		idx[sec] = append(idx[sec], opt)
 	}
 
-	for curSection, curOpts := range idx {
-		writeSectionHeader(&buf, curSection)
+	for i, sect := range sections {
+		writeSectionHeader(&buf, sect)
 		writeNewline(&buf)
 
-		for _, opt := range curOpts {
+		opts := idx[sect]
+		for _, opt := range opts {
 			writeOption(&buf, opt)
 			writeNewline(&buf)
 		}
-		writeNewline(&buf)
+		if i < len(sections)-1 {
+			writeNewline(&buf)
+		}
 	}
 
 	return &buf
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/serialize_test.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/serialize_test.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/unit/serialize_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/unit/serialize_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -68,7 +68,7 @@
 `,
 		},
 
-		// no optimization for unsorted options
+		// options are grouped into sections
 		{
 			[]*UnitOption{
 				&UnitOption{"Unit", "Description", "Foo"},
@@ -77,12 +77,34 @@
 			},
 			`[Unit]
 Description=Foo
+BindsTo=bar.service
 
 [Service]
 ExecStart=/usr/bin/sleep infinity
+`,
+		},
 
-[Unit]
+		// options are ordered within groups, and sections are ordered in the order in which they were first seen
+		{
+			[]*UnitOption{
+				&UnitOption{"Unit", "Description", "Foo"},
+				&UnitOption{"Service", "ExecStart", "/usr/bin/sleep infinity"},
+				&UnitOption{"Unit", "BindsTo", "bar.service"},
+				&UnitOption{"X-Foo", "Bar", "baz"},
+				&UnitOption{"Service", "ExecStop", "/usr/bin/sleep 1"},
+				&UnitOption{"Unit", "Documentation", "https://foo.com"},
+			},
+			`[Unit]
+Description=Foo
 BindsTo=bar.service
+Documentation=https://foo.com
+
+[Service]
+ExecStart=/usr/bin/sleep infinity
+ExecStop=/usr/bin/sleep 1
+
+[X-Foo]
+Bar=baz
 `,
 		},
 
@@ -140,7 +162,7 @@
 
 		output := string(outBytes)
 		if tt.output != output {
-			t.Errorf("case %d: incorrect output")
+			t.Errorf("case %d: incorrect output", i)
 			t.Logf("Expected:\n%s", tt.output)
 			t.Logf("Actual:\n%s", output)
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/coreos/go-systemd/util/util.go juju-core-2.0~beta12/src/github.com/coreos/go-systemd/util/util.go
--- juju-core-2.0~beta7/src/github.com/coreos/go-systemd/util/util.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/coreos/go-systemd/util/util.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,270 @@
+// Copyright 2015 CoreOS, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package util contains utility functions related to systemd that applications
+// can use to check things like whether systemd is running.  Note that some of
+// these functions attempt to manually load systemd libraries at runtime rather
+// than linking against them.
+package util
+
+// #cgo LDFLAGS: -ldl
+// #include <stdlib.h>
+// #include <dlfcn.h>
+// #include <sys/types.h>
+// #include <unistd.h>
+//
+// int
+// my_sd_pid_get_owner_uid(void *f, pid_t pid, uid_t *uid)
+// {
+//   int (*sd_pid_get_owner_uid)(pid_t, uid_t *);
+//
+//   sd_pid_get_owner_uid = (int (*)(pid_t, uid_t *))f;
+//   return sd_pid_get_owner_uid(pid, uid);
+// }
+//
+// int
+// my_sd_pid_get_unit(void *f, pid_t pid, char **unit)
+// {
+//   int (*sd_pid_get_unit)(pid_t, char **);
+//
+//   sd_pid_get_unit = (int (*)(pid_t, char **))f;
+//   return sd_pid_get_unit(pid, unit);
+// }
+//
+// int
+// my_sd_pid_get_slice(void *f, pid_t pid, char **slice)
+// {
+//   int (*sd_pid_get_slice)(pid_t, char **);
+//
+//   sd_pid_get_slice = (int (*)(pid_t, char **))f;
+//   return sd_pid_get_slice(pid, slice);
+// }
+//
+// int
+// am_session_leader()
+// {
+//   return (getsid(0) == getpid());
+// }
+import "C"
+import (
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+	"syscall"
+	"unsafe"
+)
+
+var ErrSoNotFound = errors.New("unable to open a handle to libsystemd")
+
+// libHandle represents an open handle to the systemd C library
+type libHandle struct {
+	handle  unsafe.Pointer
+	libname string
+}
+
+func (h *libHandle) Close() error {
+	if r := C.dlclose(h.handle); r != 0 {
+		return fmt.Errorf("error closing %v: %d", h.libname, r)
+	}
+	return nil
+}
+
+// getHandle tries to get a handle to a systemd library (.so), attempting to
+// access it by several different names and returning the first that is
+// successfully opened. Callers are responsible for closing the handler.
+// If no library can be successfully opened, an error is returned.
+func getHandle() (*libHandle, error) {
+	for _, name := range []string{
+		// systemd < 209
+		"libsystemd-login.so",
+		"libsystemd-login.so.0",
+
+		// systemd >= 209 merged libsystemd-login into libsystemd proper
+		"libsystemd.so",
+		"libsystemd.so.0",
+	} {
+		libname := C.CString(name)
+		defer C.free(unsafe.Pointer(libname))
+		handle := C.dlopen(libname, C.RTLD_LAZY)
+		if handle != nil {
+			h := &libHandle{
+				handle:  handle,
+				libname: name,
+			}
+			return h, nil
+		}
+	}
+	return nil, ErrSoNotFound
+}
+
+// GetRunningSlice attempts to retrieve the name of the systemd slice in which
+// the current process is running.
+// This function is a wrapper around the libsystemd C library; if it cannot be
+// opened, an error is returned.
+func GetRunningSlice() (slice string, err error) {
+	var h *libHandle
+	h, err = getHandle()
+	if err != nil {
+		return
+	}
+	defer func() {
+		if err1 := h.Close(); err1 != nil {
+			err = err1
+		}
+	}()
+
+	sym := C.CString("sd_pid_get_slice")
+	defer C.free(unsafe.Pointer(sym))
+	sd_pid_get_slice := C.dlsym(h.handle, sym)
+	if sd_pid_get_slice == nil {
+		err = fmt.Errorf("error resolving sd_pid_get_slice function")
+		return
+	}
+
+	var s string
+	sl := C.CString(s)
+	defer C.free(unsafe.Pointer(sl))
+
+	ret := C.my_sd_pid_get_slice(sd_pid_get_slice, 0, &sl)
+	if ret < 0 {
+		err = fmt.Errorf("error calling sd_pid_get_slice: %v", syscall.Errno(-ret))
+		return
+	}
+
+	return C.GoString(sl), nil
+}
+
+// RunningFromSystemService tries to detect whether the current process has
+// been invoked from a system service. The condition for this is whether the
+// process is _not_ a user process. User processes are those running in session
+// scopes or under per-user `systemd --user` instances.
+//
+// To avoid false positives on systems without `pam_systemd` (which is
+// responsible for creating user sessions), this function also uses a heuristic
+// to detect whether it's being invoked from a session leader process. This is
+// the case if the current process is executed directly from a service file
+// (e.g. with `ExecStart=/this/cmd`). Note that this heuristic will fail if the
+// command is instead launched in a subshell or similar so that it is not
+// session leader (e.g. `ExecStart=/bin/bash -c "/this/cmd"`)
+//
+// This function is a wrapper around the libsystemd C library; if this is
+// unable to successfully open a handle to the library for any reason (e.g. it
+// cannot be found), an errr will be returned
+func RunningFromSystemService() (ret bool, err error) {
+	var h *libHandle
+	h, err = getHandle()
+	if err != nil {
+		return
+	}
+	defer func() {
+		if err1 := h.Close(); err1 != nil {
+			err = err1
+		}
+	}()
+
+	sym := C.CString("sd_pid_get_owner_uid")
+	defer C.free(unsafe.Pointer(sym))
+	sd_pid_get_owner_uid := C.dlsym(h.handle, sym)
+	if sd_pid_get_owner_uid == nil {
+		err = fmt.Errorf("error resolving sd_pid_get_owner_uid function")
+		return
+	}
+
+	var uid C.uid_t
+	errno := C.my_sd_pid_get_owner_uid(sd_pid_get_owner_uid, 0, &uid)
+	serrno := syscall.Errno(-errno)
+	// when we're running from a unit file, sd_pid_get_owner_uid returns
+	// ENOENT (systemd <220) or ENXIO (systemd >=220)
+	switch {
+	case errno >= 0:
+		ret = false
+	case serrno == syscall.ENOENT, serrno == syscall.ENXIO:
+		// Since the implementation of sessions in systemd relies on
+		// the `pam_systemd` module, using the sd_pid_get_owner_uid
+		// heuristic alone can result in false positives if that module
+		// (or PAM itself) is not present or properly configured on the
+		// system. As such, we also check if we're the session leader,
+		// which should be the case if we're invoked from a unit file,
+		// but not if e.g. we're invoked from the command line from a
+		// user's login session
+		ret = C.am_session_leader() == 1
+	default:
+		err = fmt.Errorf("error calling sd_pid_get_owner_uid: %v", syscall.Errno(-errno))
+	}
+	return
+}
+
+// CurrentUnitName attempts to retrieve the name of the systemd system unit
+// from which the calling process has been invoked. It wraps the systemd
+// `sd_pid_get_unit` call, with the same caveat: for processes not part of a
+// systemd system unit, this function will return an error.
+func CurrentUnitName() (unit string, err error) {
+	var h *libHandle
+	h, err = getHandle()
+	if err != nil {
+		return
+	}
+	defer func() {
+		if err1 := h.Close(); err1 != nil {
+			err = err1
+		}
+	}()
+
+	sym := C.CString("sd_pid_get_unit")
+	defer C.free(unsafe.Pointer(sym))
+	sd_pid_get_unit := C.dlsym(h.handle, sym)
+	if sd_pid_get_unit == nil {
+		err = fmt.Errorf("error resolving sd_pid_get_unit function")
+		return
+	}
+
+	var s string
+	u := C.CString(s)
+	defer C.free(unsafe.Pointer(u))
+
+	ret := C.my_sd_pid_get_unit(sd_pid_get_unit, 0, &u)
+	if ret < 0 {
+		err = fmt.Errorf("error calling sd_pid_get_unit: %v", syscall.Errno(-ret))
+		return
+	}
+
+	unit = C.GoString(u)
+	return
+}
+
+// IsRunningSystemd checks whether the host was booted with systemd as its init
+// system. This functions similarly to systemd's `sd_booted(3)`: internally, it
+// checks whether /run/systemd/system/ exists and is a directory.
+// http://www.freedesktop.org/software/systemd/man/sd_booted.html
+func IsRunningSystemd() bool {
+	fi, err := os.Lstat("/run/systemd/system")
+	if err != nil {
+		return false
+	}
+	return fi.IsDir()
+}
+
+// GetMachineID returns a host's 128-bit machine ID as a string. This functions
+// similarly to systemd's `sd_id128_get_machine`: internally, it simply reads
+// the contents of /etc/machine-id
+// http://www.freedesktop.org/software/systemd/man/sd_id128_get_machine.html
+func GetMachineID() (string, error) {
+	machineID, err := ioutil.ReadFile("/etc/machine-id")
+	if err != nil {
+		return "", fmt.Errorf("failed to read /etc/machine-id: %v", err)
+	}
+	return strings.TrimSpace(string(machineID)), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/call.go juju-core-2.0~beta12/src/github.com/godbus/dbus/call.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/call.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/call.go	2016-07-18 19:45:44.000000000 +0000
@@ -2,7 +2,6 @@
 
 import (
 	"errors"
-	"strings"
 )
 
 // Call represents a pending or completed method call.
@@ -35,113 +34,3 @@
 
 	return Store(c.Body, retvalues...)
 }
-
-// Object represents a remote object on which methods can be invoked.
-type Object struct {
-	conn *Conn
-	dest string
-	path ObjectPath
-}
-
-// Call calls a method with (*Object).Go and waits for its reply.
-func (o *Object) Call(method string, flags Flags, args ...interface{}) *Call {
-	return <-o.Go(method, flags, make(chan *Call, 1), args...).Done
-}
-
-// GetProperty calls org.freedesktop.DBus.Properties.GetProperty on the given
-// object. The property name must be given in interface.member notation.
-func (o *Object) GetProperty(p string) (Variant, error) {
-	idx := strings.LastIndex(p, ".")
-	if idx == -1 || idx+1 == len(p) {
-		return Variant{}, errors.New("dbus: invalid property " + p)
-	}
-
-	iface := p[:idx]
-	prop := p[idx+1:]
-
-	result := Variant{}
-	err := o.Call("org.freedesktop.DBus.Properties.Get", 0, iface, prop).Store(&result)
-
-	if err != nil {
-		return Variant{}, err
-	}
-
-	return result, nil
-}
-
-// Go calls a method with the given arguments asynchronously. It returns a
-// Call structure representing this method call. The passed channel will
-// return the same value once the call is done. If ch is nil, a new channel
-// will be allocated. Otherwise, ch has to be buffered or Go will panic.
-//
-// If the flags include FlagNoReplyExpected, ch is ignored and a Call structure
-// is returned of which only the Err member is valid.
-//
-// If the method parameter contains a dot ('.'), the part before the last dot
-// specifies the interface on which the method is called.
-func (o *Object) Go(method string, flags Flags, ch chan *Call, args ...interface{}) *Call {
-	iface := ""
-	i := strings.LastIndex(method, ".")
-	if i != -1 {
-		iface = method[:i]
-	}
-	method = method[i+1:]
-	msg := new(Message)
-	msg.Type = TypeMethodCall
-	msg.serial = o.conn.getSerial()
-	msg.Flags = flags & (FlagNoAutoStart | FlagNoReplyExpected)
-	msg.Headers = make(map[HeaderField]Variant)
-	msg.Headers[FieldPath] = MakeVariant(o.path)
-	msg.Headers[FieldDestination] = MakeVariant(o.dest)
-	msg.Headers[FieldMember] = MakeVariant(method)
-	if iface != "" {
-		msg.Headers[FieldInterface] = MakeVariant(iface)
-	}
-	msg.Body = args
-	if len(args) > 0 {
-		msg.Headers[FieldSignature] = MakeVariant(SignatureOf(args...))
-	}
-	if msg.Flags&FlagNoReplyExpected == 0 {
-		if ch == nil {
-			ch = make(chan *Call, 10)
-		} else if cap(ch) == 0 {
-			panic("dbus: unbuffered channel passed to (*Object).Go")
-		}
-		call := &Call{
-			Destination: o.dest,
-			Path:        o.path,
-			Method:      method,
-			Args:        args,
-			Done:        ch,
-		}
-		o.conn.callsLck.Lock()
-		o.conn.calls[msg.serial] = call
-		o.conn.callsLck.Unlock()
-		o.conn.outLck.RLock()
-		if o.conn.closed {
-			call.Err = ErrClosed
-			call.Done <- call
-		} else {
-			o.conn.out <- msg
-		}
-		o.conn.outLck.RUnlock()
-		return call
-	}
-	o.conn.outLck.RLock()
-	defer o.conn.outLck.RUnlock()
-	if o.conn.closed {
-		return &Call{Err: ErrClosed}
-	}
-	o.conn.out <- msg
-	return &Call{Err: nil}
-}
-
-// Destination returns the destination that calls on o are sent to.
-func (o *Object) Destination() string {
-	return o.dest
-}
-
-// Path returns the path that calls on o are sent to.
-func (o *Object) Path() ObjectPath {
-	return o.path
-}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/conn.go juju-core-2.0~beta12/src/github.com/godbus/dbus/conn.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/conn.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/conn.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,6 +16,7 @@
 	systemBusLck  sync.Mutex
 	sessionBus    *Conn
 	sessionBusLck sync.Mutex
+	sessionEnvLck sync.Mutex
 )
 
 // ErrClosed is the error returned by calls on a closed connection.
@@ -32,7 +33,7 @@
 type Conn struct {
 	transport
 
-	busObj *Object
+	busObj BusObject
 	unixFD bool
 	uuid   string
 
@@ -46,15 +47,16 @@
 	calls    map[uint32]*Call
 	callsLck sync.RWMutex
 
-	handlers    map[ObjectPath]map[string]interface{}
+	handlers    map[ObjectPath]map[string]exportedObj
 	handlersLck sync.RWMutex
 
 	out    chan *Message
 	closed bool
 	outLck sync.RWMutex
 
-	signals    []chan<- *Signal
-	signalsLck sync.Mutex
+	signals       []chan<- *Signal
+	signalsClosed bool
+	signalsLck    sync.Mutex
 
 	eavesdropped    chan<- *Message
 	eavesdroppedLck sync.Mutex
@@ -91,6 +93,8 @@
 
 // SessionBusPrivate returns a new private connection to the session bus.
 func SessionBusPrivate() (*Conn, error) {
+	sessionEnvLck.Lock()
+	defer sessionEnvLck.Unlock()
 	address := os.Getenv("DBUS_SESSION_BUS_ADDRESS")
 	if address != "" && address != "autolaunch:" {
 		return Dial(address)
@@ -157,7 +161,7 @@
 	conn.transport = tr
 	conn.calls = make(map[uint32]*Call)
 	conn.out = make(chan *Message, 10)
-	conn.handlers = make(map[ObjectPath]map[string]interface{})
+	conn.handlers = make(map[ObjectPath]map[string]exportedObj)
 	conn.nextSerial = 1
 	conn.serialUsed = map[uint32]bool{0: true}
 	conn.busObj = conn.Object("org.freedesktop.DBus", "/org/freedesktop/DBus")
@@ -166,7 +170,7 @@
 
 // BusObject returns the object owned by the bus daemon which handles
 // administrative requests.
-func (conn *Conn) BusObject() *Object {
+func (conn *Conn) BusObject() BusObject {
 	return conn.busObj
 }
 
@@ -186,6 +190,7 @@
 	conn.closed = true
 	conn.outLck.Unlock()
 	conn.signalsLck.Lock()
+	conn.signalsClosed = true
 	for _, ch := range conn.signals {
 		close(ch)
 	}
@@ -303,18 +308,33 @@
 				// as per http://dbus.freedesktop.org/doc/dbus-specification.html ,
 				// sender is optional for signals.
 				sender, _ := msg.Headers[FieldSender].value.(string)
-				if iface == "org.freedesktop.DBus" && member == "NameLost" &&
-					sender == "org.freedesktop.DBus" {
-
-					name, _ := msg.Body[0].(string)
-					conn.namesLck.Lock()
-					for i, v := range conn.names {
-						if v == name {
-							copy(conn.names[i:], conn.names[i+1:])
-							conn.names = conn.names[:len(conn.names)-1]
+				if iface == "org.freedesktop.DBus" && sender == "org.freedesktop.DBus" {
+					if member == "NameLost" {
+						// If we lost the name on the bus, remove it from our
+						// tracking list.
+						name, ok := msg.Body[0].(string)
+						if !ok {
+							panic("Unable to read the lost name")
+						}
+						conn.namesLck.Lock()
+						for i, v := range conn.names {
+							if v == name {
+								conn.names = append(conn.names[:i],
+									conn.names[i+1:]...)
+							}
+						}
+						conn.namesLck.Unlock()
+					} else if member == "NameAcquired" {
+						// If we acquired the name on the bus, add it to our
+						// tracking list.
+						name, ok := msg.Body[0].(string)
+						if !ok {
+							panic("Unable to read the acquired name")
 						}
+						conn.namesLck.Lock()
+						conn.names = append(conn.names, name)
+						conn.namesLck.Unlock()
 					}
-					conn.namesLck.Unlock()
 				}
 				signal := &Signal{
 					Sender: sender,
@@ -323,6 +343,10 @@
 					Body:   msg.Body,
 				}
 				conn.signalsLck.Lock()
+				if conn.signalsClosed {
+					conn.signalsLck.Unlock()
+					return
+				}
 				for _, ch := range conn.signals {
 					ch <- signal
 				}
@@ -360,7 +384,7 @@
 }
 
 // Object returns the object identified by the given destination name and path.
-func (conn *Conn) Object(dest string, path ObjectPath) *Object {
+func (conn *Conn) Object(dest string, path ObjectPath) BusObject {
 	return &Object{conn, dest, path}
 }
 
@@ -484,9 +508,7 @@
 // The caller has to make sure that ch is sufficiently buffered; if a message
 // arrives when a write to c is not possible, it is discarded.
 //
-// Multiple of these channels can be registered at the same time. Passing a
-// channel that already is registered will remove it from the list of the
-// registered channels.
+// Multiple of these channels can be registered at the same time.
 //
 // These channels are "overwritten" by Eavesdrop; i.e., if there currently is a
 // channel for eavesdropped messages, this channel receives all signals, and
@@ -497,6 +519,19 @@
 	conn.signalsLck.Unlock()
 }
 
+// RemoveSignal removes the given channel from the list of the registered channels.
+func (conn *Conn) RemoveSignal(ch chan<- *Signal) {
+	conn.signalsLck.Lock()
+	for i := len(conn.signals) - 1; i >= 0; i-- {
+		if ch == conn.signals[i] {
+			copy(conn.signals[i:], conn.signals[i+1:])
+			conn.signals[len(conn.signals)-1] = nil
+			conn.signals = conn.signals[:len(conn.signals)-1]
+		}
+	}
+	conn.signalsLck.Unlock()
+}
+
 // SupportsUnixFDs returns whether the underlying transport supports passing of
 // unix file descriptors. If this is false, method calls containing unix file
 // descriptors will return an error and emitted signals containing them will
@@ -554,7 +589,7 @@
 }
 
 var (
-	transports map[string]func(string) (transport, error) = make(map[string]func(string) (transport, error))
+	transports = make(map[string]func(string) (transport, error))
 )
 
 func getTransport(address string) (transport, error) {
@@ -571,6 +606,7 @@
 		f := transports[v[:i]]
 		if f == nil {
 			err = errors.New("dbus: invalid bus address (invalid or unsupported transport)")
+			continue
 		}
 		t, err = f(v[i+1:])
 		if err == nil {
@@ -594,16 +630,11 @@
 
 // getKey gets a key from a the list of keys. Returns "" on error / not found...
 func getKey(s, key string) string {
-	i := strings.Index(s, key)
-	if i == -1 {
-		return ""
-	}
-	if i+len(key)+1 >= len(s) || s[i+len(key)] != '=' {
-		return ""
-	}
-	j := strings.Index(s, ",")
-	if j == -1 {
-		j = len(s)
+	for _, keyEqualsValue := range strings.Split(s, ",") {
+		keyValue := strings.SplitN(keyEqualsValue, "=", 2)
+		if len(keyValue) == 2 && keyValue[0] == key {
+			return keyValue[1]
+		}
 	}
-	return s[i+len(key)+1 : j]
+	return ""
 }
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/conn_other.go juju-core-2.0~beta12/src/github.com/godbus/dbus/conn_other.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/conn_other.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/conn_other.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,6 +5,7 @@
 import (
 	"bytes"
 	"errors"
+	"os"
 	"os/exec"
 )
 
@@ -23,5 +24,8 @@
 		return nil, errors.New("dbus: couldn't determine address of session bus")
 	}
 
-	return Dial(string(b[i+1 : j]))
+	env, addr := string(b[0:i]), string(b[i+1:j])
+	os.Setenv(env, addr)
+
+	return Dial(addr)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/conn_test.go juju-core-2.0~beta12/src/github.com/godbus/dbus/conn_test.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/conn_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/conn_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,6 +1,11 @@
 package dbus
 
-import "testing"
+import (
+	"encoding/binary"
+	"io"
+	"io/ioutil"
+	"testing"
+)
 
 func TestSessionBus(t *testing.T) {
 	_, err := SessionBus()
@@ -19,7 +24,7 @@
 func TestSend(t *testing.T) {
 	bus, err := SessionBus()
 	if err != nil {
-		t.Error(err)
+		t.Fatal(err)
 	}
 	ch := make(chan *Call, 1)
 	msg := &Message{
@@ -39,6 +44,92 @@
 	}
 }
 
+func TestRemoveSignal(t *testing.T) {
+	bus, err := NewConn(nil)
+	if err != nil {
+		t.Error(err)
+	}
+	ch := make(chan *Signal)
+	ch2 := make(chan *Signal)
+	for _, ch := range []chan *Signal{ch, ch2, ch, ch2, ch2, ch} {
+		bus.Signal(ch)
+	}
+	if len(bus.signals) != 6 {
+		t.Errorf("remove signal: signals length not equal: got '%d', want '6'", len(bus.signals))
+	}
+	bus.RemoveSignal(ch)
+	if len(bus.signals) != 3 {
+		t.Errorf("remove signal: signals length not equal: got '%d', want '3'", len(bus.signals))
+	}
+	for _, bch := range bus.signals {
+		if bch != ch2 {
+			t.Errorf("remove signal: removed signal present: got '%v', want '%v'", bch, ch2)
+		}
+	}
+}
+
+type rwc struct {
+	io.Reader
+	io.Writer
+}
+
+func (rwc) Close() error { return nil }
+
+type fakeAuth struct {
+}
+
+func (fakeAuth) FirstData() (name, resp []byte, status AuthStatus) {
+	return []byte("name"), []byte("resp"), AuthOk
+}
+
+func (fakeAuth) HandleData(data []byte) (resp []byte, status AuthStatus) {
+	return nil, AuthOk
+}
+
+func TestCloseBeforeSignal(t *testing.T) {
+	reader, pipewriter := io.Pipe()
+	defer pipewriter.Close()
+	defer reader.Close()
+
+	bus, err := NewConn(rwc{Reader: reader, Writer: ioutil.Discard})
+	if err != nil {
+		t.Fatal(err)
+	}
+	// give ch a buffer so sends won't block
+	ch := make(chan *Signal, 1)
+	bus.Signal(ch)
+
+	go func() {
+		_, err := pipewriter.Write([]byte("REJECTED name\r\nOK myuuid\r\n"))
+		if err != nil {
+			t.Errorf("error writing to pipe: %v", err)
+		}
+	}()
+
+	err = bus.Auth([]Auth{fakeAuth{}})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = bus.Close()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	msg := &Message{
+		Type: TypeSignal,
+		Headers: map[HeaderField]Variant{
+			FieldInterface: MakeVariant("foo.bar"),
+			FieldMember:    MakeVariant("bar"),
+			FieldPath:      MakeVariant(ObjectPath("/baz")),
+		},
+	}
+	err = msg.EncodeTo(pipewriter, binary.LittleEndian)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
 type server struct{}
 
 func (server) Double(i int64) (int64, *Error) {
@@ -197,3 +288,16 @@
 	}
 	<-done
 }
+
+func TestGetKey(t *testing.T) {
+	keys := "host=1.2.3.4,port=5678,family=ipv4"
+	if host := getKey(keys, "host"); host != "1.2.3.4" {
+		t.Error(`Expected "1.2.3.4", got`, host)
+	}
+	if port := getKey(keys, "port"); port != "5678" {
+		t.Error(`Expected "5678", got`, port)
+	}
+	if family := getKey(keys, "family"); family != "ipv4" {
+		t.Error(`Expected "ipv4", got`, family)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/encoder.go juju-core-2.0~beta12/src/github.com/godbus/dbus/encoder.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/encoder.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/encoder.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,24 +16,43 @@
 
 // NewEncoder returns a new encoder that writes to out in the given byte order.
 func newEncoder(out io.Writer, order binary.ByteOrder) *encoder {
+	return newEncoderAtOffset(out, 0, order)
+}
+
+// newEncoderAtOffset returns a new encoder that writes to out in the given
+// byte order. Specify the offset to initialize pos for proper alignment
+// computation.
+func newEncoderAtOffset(out io.Writer, offset int, order binary.ByteOrder) *encoder {
 	enc := new(encoder)
 	enc.out = out
 	enc.order = order
+	enc.pos = offset
 	return enc
 }
 
 // Aligns the next output to be on a multiple of n. Panics on write errors.
 func (enc *encoder) align(n int) {
-	if enc.pos%n != 0 {
-		newpos := (enc.pos + n - 1) & ^(n - 1)
-		empty := make([]byte, newpos-enc.pos)
+	pad := enc.padding(0, n)
+	if pad > 0 {
+		empty := make([]byte, pad)
 		if _, err := enc.out.Write(empty); err != nil {
 			panic(err)
 		}
-		enc.pos = newpos
+		enc.pos += pad
 	}
 }
 
+// pad returns the number of bytes of padding, based on current position and additional offset.
+// and alignment.
+func (enc *encoder) padding(offset, algn int) int {
+	abs := enc.pos + offset
+	if abs%algn != 0 {
+		newabs := (abs + algn - 1) & ^(algn - 1)
+		return newabs - abs
+	}
+	return 0
+}
+
 // Calls binary.Write(enc.out, enc.order, v) and panics on write errors.
 func (enc *encoder) binwrite(v interface{}) {
 	if err := binary.Write(enc.out, enc.order, v); err != nil {
@@ -108,8 +127,13 @@
 		if depth >= 64 {
 			panic(FormatError("input exceeds container depth limit"))
 		}
+		// Lookahead offset: 4 bytes for uint32 length (with alignment),
+		// plus alignment for elements.
+		n := enc.padding(0, 4) + 4
+		offset := enc.pos + n + enc.padding(n, alignment(v.Type().Elem()))
+
 		var buf bytes.Buffer
-		bufenc := newEncoder(&buf, enc.order)
+		bufenc := newEncoderAtOffset(&buf, offset, enc.order)
 
 		for i := 0; i < v.Len(); i++ {
 			bufenc.encode(v.Index(i), depth+1)
@@ -159,8 +183,13 @@
 			panic(InvalidTypeError{v.Type()})
 		}
 		keys := v.MapKeys()
+		// Lookahead offset: 4 bytes for uint32 length (with alignment),
+		// plus 8-byte alignment
+		n := enc.padding(0, 4) + 4
+		offset := enc.pos + n + enc.padding(n, 8)
+
 		var buf bytes.Buffer
-		bufenc := newEncoder(&buf, enc.order)
+		bufenc := newEncoderAtOffset(&buf, offset, enc.order)
 		for _, k := range keys {
 			bufenc.align(8)
 			bufenc.encode(k, depth+2)
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/encoder_test.go juju-core-2.0~beta12/src/github.com/godbus/dbus/encoder_test.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/encoder_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/encoder_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,58 @@
+package dbus
+
+import (
+	"bytes"
+	"encoding/binary"
+	"reflect"
+	"testing"
+)
+
+func TestEncodeArrayOfMaps(t *testing.T) {
+	tests := []struct {
+		name string
+		vs   []interface{}
+	}{
+		{
+			"aligned at 8 at start of array",
+			[]interface{}{
+				"12345",
+				[]map[string]Variant{
+					{
+						"abcdefg": MakeVariant("foo"),
+						"cdef":    MakeVariant(uint32(2)),
+					},
+				},
+			},
+		},
+		{
+			"not aligned at 8 for start of array",
+			[]interface{}{
+				"1234567890",
+				[]map[string]Variant{
+					{
+						"abcdefg": MakeVariant("foo"),
+						"cdef":    MakeVariant(uint32(2)),
+					},
+				},
+			},
+		},
+	}
+	for _, order := range []binary.ByteOrder{binary.LittleEndian, binary.BigEndian} {
+		for _, tt := range tests {
+			buf := new(bytes.Buffer)
+			enc := newEncoder(buf, order)
+			enc.Encode(tt.vs...)
+
+			dec := newDecoder(buf, order)
+			v, err := dec.Decode(SignatureOf(tt.vs...))
+			if err != nil {
+				t.Errorf("%q: decode (%v) failed: %v", tt.name, order, err)
+				continue
+			}
+			if !reflect.DeepEqual(v, tt.vs) {
+				t.Errorf("%q: (%v) not equal: got '%v', want '%v'", tt.name, order, v, tt.vs)
+				continue
+			}
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/export.go juju-core-2.0~beta12/src/github.com/godbus/dbus/export.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/export.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/export.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,10 +1,11 @@
 package dbus
 
 import (
+	"bytes"
 	"errors"
+	"fmt"
 	"reflect"
 	"strings"
-	"unicode"
 )
 
 var (
@@ -22,25 +23,90 @@
 	}
 )
 
+// exportedObj represents an exported object. It stores a precomputed
+// method table that represents the methods exported on the bus.
+type exportedObj struct {
+	methods map[string]reflect.Value
+
+	// Whether or not this export is for the entire subtree
+	includeSubtree bool
+}
+
+func (obj exportedObj) Method(name string) (reflect.Value, bool) {
+	out, exists := obj.methods[name]
+	return out, exists
+}
+
 // Sender is a type which can be used in exported methods to receive the message
 // sender.
 type Sender string
 
-func exportedMethod(v interface{}, name string) reflect.Value {
-	if v == nil {
-		return reflect.Value{}
-	}
-	m := reflect.ValueOf(v).MethodByName(name)
-	if !m.IsValid() {
-		return reflect.Value{}
+func computeMethodName(name string, mapping map[string]string) string {
+	newname, ok := mapping[name]
+	if ok {
+		name = newname
 	}
-	t := m.Type()
-	if t.NumOut() == 0 ||
-		t.Out(t.NumOut()-1) != reflect.TypeOf(&errmsgInvalidArg) {
+	return name
+}
+
+func getMethods(in interface{}, mapping map[string]string) map[string]reflect.Value {
+	if in == nil {
+		return nil
+	}
+	methods := make(map[string]reflect.Value)
+	val := reflect.ValueOf(in)
+	typ := val.Type()
+	for i := 0; i < typ.NumMethod(); i++ {
+		methtype := typ.Method(i)
+		method := val.Method(i)
+		t := method.Type()
+		// only track valid methods must return *Error as last arg
+		// and must be exported
+		if t.NumOut() == 0 ||
+			t.Out(t.NumOut()-1) != reflect.TypeOf(&errmsgInvalidArg) ||
+			methtype.PkgPath != "" {
+			continue
+		}
+		// map names while building table
+		methods[computeMethodName(methtype.Name, mapping)] = method
+	}
+	return methods
+}
+
+// searchHandlers will look through all registered handlers looking for one
+// to handle the given path. If a verbatim one isn't found, it will check for
+// a subtree registration for the path as well.
+func (conn *Conn) searchHandlers(path ObjectPath) (map[string]exportedObj, bool) {
+	conn.handlersLck.RLock()
+	defer conn.handlersLck.RUnlock()
+
+	handlers, ok := conn.handlers[path]
+	if ok {
+		return handlers, ok
+	}
+
+	// If handlers weren't found for this exact path, look for a matching subtree
+	// registration
+	handlers = make(map[string]exportedObj)
+	path = path[:strings.LastIndex(string(path), "/")]
+	for len(path) > 0 {
+		var subtreeHandlers map[string]exportedObj
+		subtreeHandlers, ok = conn.handlers[path]
+		if ok {
+			for iface, handler := range subtreeHandlers {
+				// Only include this handler if it registered for the subtree
+				if handler.includeSubtree {
+					handlers[iface] = handler
+				}
+			}
+
+			break
+		}
 
-		return reflect.Value{}
+		path = path[:strings.LastIndex(string(path), "/")]
 	}
-	return m
+
+	return handlers, ok
 }
 
 // handleCall handles the given method call (i.e. looks if it's one of the
@@ -61,41 +127,59 @@
 			conn.sendError(errmsgUnknownMethod, sender, serial)
 		}
 		return
+	} else if ifaceName == "org.freedesktop.DBus.Introspectable" && name == "Introspect" {
+		if _, ok := conn.handlers[path]; !ok {
+			subpath := make(map[string]struct{})
+			var xml bytes.Buffer
+			xml.WriteString("<node>")
+			for h, _ := range conn.handlers {
+				p := string(path)
+				if p != "/" {
+					p += "/"
+				}
+				if strings.HasPrefix(string(h), p) {
+					node_name := strings.Split(string(h[len(p):]), "/")[0]
+					subpath[node_name] = struct{}{}
+				}
+			}
+			for s, _ := range subpath {
+				xml.WriteString("\n\t<node name=\"" + s + "\"/>")
+			}
+			xml.WriteString("\n</node>")
+			conn.sendReply(sender, serial, xml.String())
+			return
+		}
 	}
-	if len(name) == 0 || unicode.IsLower([]rune(name)[0]) {
+	if len(name) == 0 {
 		conn.sendError(errmsgUnknownMethod, sender, serial)
 	}
+
+	// Find the exported handler (if any) for this path
+	handlers, ok := conn.searchHandlers(path)
+	if !ok {
+		conn.sendError(errmsgNoObject, sender, serial)
+		return
+	}
+
 	var m reflect.Value
+	var exists bool
 	if hasIface {
-		conn.handlersLck.RLock()
-		obj, ok := conn.handlers[path]
-		if !ok {
-			conn.sendError(errmsgNoObject, sender, serial)
-			conn.handlersLck.RUnlock()
-			return
-		}
-		iface := obj[ifaceName]
-		conn.handlersLck.RUnlock()
-		m = exportedMethod(iface, name)
+		iface := handlers[ifaceName]
+		m, exists = iface.Method(name)
 	} else {
-		conn.handlersLck.RLock()
-		if _, ok := conn.handlers[path]; !ok {
-			conn.sendError(errmsgNoObject, sender, serial)
-			conn.handlersLck.RUnlock()
-			return
-		}
-		for _, v := range conn.handlers[path] {
-			m = exportedMethod(v, name)
-			if m.IsValid() {
+		for _, v := range handlers {
+			m, exists = v.Method(name)
+			if exists {
 				break
 			}
 		}
-		conn.handlersLck.RUnlock()
 	}
-	if !m.IsValid() {
+
+	if !exists {
 		conn.sendError(errmsgUnknownMethod, sender, serial)
 		return
 	}
+
 	t := m.Type()
 	vs := msg.Body
 	pointers := make([]interface{}, t.NumIn())
@@ -106,27 +190,36 @@
 		pointers[i] = val.Interface()
 		if tp == reflect.TypeOf((*Sender)(nil)).Elem() {
 			val.Elem().SetString(sender)
+		} else if tp == reflect.TypeOf((*Message)(nil)).Elem() {
+			val.Elem().Set(reflect.ValueOf(*msg))
 		} else {
 			decode = append(decode, pointers[i])
 		}
 	}
+
 	if len(decode) != len(vs) {
 		conn.sendError(errmsgInvalidArg, sender, serial)
 		return
 	}
+
 	if err := Store(vs, decode...); err != nil {
 		conn.sendError(errmsgInvalidArg, sender, serial)
 		return
 	}
+
+	// Extract parameters
 	params := make([]reflect.Value, len(pointers))
 	for i := 0; i < len(pointers); i++ {
 		params[i] = reflect.ValueOf(pointers[i]).Elem()
 	}
+
+	// Call method
 	ret := m.Call(params)
 	if em := ret[t.NumOut()-1].Interface().(*Error); em != nil {
 		conn.sendError(*em, sender, serial)
 		return
 	}
+
 	if msg.Flags&FlagNoReplyExpected == 0 {
 		reply := new(Message)
 		reply.Type = TypeMethodReply
@@ -203,6 +296,10 @@
 // contribute to the dbus signature of the method (i.e. the method is exposed
 // as if the parameters of type Sender were not there).
 //
+// Similarly, any parameters with the type Message are set to the raw message
+// received on the bus. Again, parameters of this type do not contribute to the
+// dbus signature of the method.
+//
 // Every method call is executed in a new goroutine, so the method may be called
 // in multiple goroutines at once.
 //
@@ -214,62 +311,131 @@
 //
 // Export returns an error if path is not a valid path name.
 func (conn *Conn) Export(v interface{}, path ObjectPath, iface string) error {
+	return conn.ExportWithMap(v, nil, path, iface)
+}
+
+// ExportWithMap works exactly like Export but provides the ability to remap
+// method names (e.g. export a lower-case method).
+//
+// The keys in the map are the real method names (exported on the struct), and
+// the values are the method names to be exported on DBus.
+func (conn *Conn) ExportWithMap(v interface{}, mapping map[string]string, path ObjectPath, iface string) error {
+	return conn.export(getMethods(v, mapping), path, iface, false)
+}
+
+// ExportSubtree works exactly like Export but registers the given value for
+// an entire subtree rather under the root path provided.
+//
+// In order to make this useful, one parameter in each of the value's exported
+// methods should be a Message, in which case it will contain the raw message
+// (allowing one to get access to the path that caused the method to be called).
+//
+// Note that more specific export paths take precedence over less specific. For
+// example, a method call using the ObjectPath /foo/bar/baz will call a method
+// exported on /foo/bar before a method exported on /foo.
+func (conn *Conn) ExportSubtree(v interface{}, path ObjectPath, iface string) error {
+	return conn.ExportSubtreeWithMap(v, nil, path, iface)
+}
+
+// ExportSubtreeWithMap works exactly like ExportSubtree but provides the
+// ability to remap method names (e.g. export a lower-case method).
+//
+// The keys in the map are the real method names (exported on the struct), and
+// the values are the method names to be exported on DBus.
+func (conn *Conn) ExportSubtreeWithMap(v interface{}, mapping map[string]string, path ObjectPath, iface string) error {
+	return conn.export(getMethods(v, mapping), path, iface, true)
+}
+
+// ExportMethodTable like Export registers the given methods as an object
+// on the message bus. Unlike Export the it uses a method table to define
+// the object instead of a native go object.
+//
+// The method table is a map from method name to function closure
+// representing the method. This allows an object exported on the bus to not
+// necessarily be a native go object. It can be useful for generating exposed
+// methods on the fly.
+//
+// Any non-function objects in the method table are ignored.
+func (conn *Conn) ExportMethodTable(methods map[string]interface{}, path ObjectPath, iface string) error {
+	return conn.exportMethodTable(methods, path, iface, false)
+}
+
+// Like ExportSubtree, but with the same caveats as ExportMethodTable.
+func (conn *Conn) ExportSubtreeMethodTable(methods map[string]interface{}, path ObjectPath, iface string) error {
+	return conn.exportMethodTable(methods, path, iface, true)
+}
+
+func (conn *Conn) exportMethodTable(methods map[string]interface{}, path ObjectPath, iface string, includeSubtree bool) error {
+	out := make(map[string]reflect.Value)
+	for name, method := range methods {
+		rval := reflect.ValueOf(method)
+		if rval.Kind() != reflect.Func {
+			continue
+		}
+		t := rval.Type()
+		// only track valid methods must return *Error as last arg
+		if t.NumOut() == 0 ||
+			t.Out(t.NumOut()-1) != reflect.TypeOf(&errmsgInvalidArg) {
+			continue
+		}
+		out[name] = rval
+	}
+	return conn.export(out, path, iface, includeSubtree)
+}
+
+// exportWithMap is the worker function for all exports/registrations.
+func (conn *Conn) export(methods map[string]reflect.Value, path ObjectPath, iface string, includeSubtree bool) error {
 	if !path.IsValid() {
-		return errors.New("dbus: invalid path name")
+		return fmt.Errorf(`dbus: Invalid path name: "%s"`, path)
 	}
+
 	conn.handlersLck.Lock()
-	if v == nil {
+	defer conn.handlersLck.Unlock()
+
+	// Remove a previous export if the interface is nil
+	if methods == nil {
 		if _, ok := conn.handlers[path]; ok {
 			delete(conn.handlers[path], iface)
 			if len(conn.handlers[path]) == 0 {
 				delete(conn.handlers, path)
 			}
 		}
+
 		return nil
 	}
+
+	// If this is the first handler for this path, make a new map to hold all
+	// handlers for this path.
 	if _, ok := conn.handlers[path]; !ok {
-		conn.handlers[path] = make(map[string]interface{})
+		conn.handlers[path] = make(map[string]exportedObj)
 	}
-	conn.handlers[path][iface] = v
-	conn.handlersLck.Unlock()
+
+	// Finally, save this handler
+	conn.handlers[path][iface] = exportedObj{
+		methods:        methods,
+		includeSubtree: includeSubtree,
+	}
+
 	return nil
 }
 
-// ReleaseName calls org.freedesktop.DBus.ReleaseName. You should use only this
-// method to release a name (see below).
+// ReleaseName calls org.freedesktop.DBus.ReleaseName and awaits a response.
 func (conn *Conn) ReleaseName(name string) (ReleaseNameReply, error) {
 	var r uint32
 	err := conn.busObj.Call("org.freedesktop.DBus.ReleaseName", 0, name).Store(&r)
 	if err != nil {
 		return 0, err
 	}
-	if r == uint32(ReleaseNameReplyReleased) {
-		conn.namesLck.Lock()
-		for i, v := range conn.names {
-			if v == name {
-				copy(conn.names[i:], conn.names[i+1:])
-				conn.names = conn.names[:len(conn.names)-1]
-			}
-		}
-		conn.namesLck.Unlock()
-	}
 	return ReleaseNameReply(r), nil
 }
 
-// RequestName calls org.freedesktop.DBus.RequestName. You should use only this
-// method to request a name because package dbus needs to keep track of all
-// names that the connection has.
+// RequestName calls org.freedesktop.DBus.RequestName and awaits a response.
 func (conn *Conn) RequestName(name string, flags RequestNameFlags) (RequestNameReply, error) {
 	var r uint32
 	err := conn.busObj.Call("org.freedesktop.DBus.RequestName", 0, name, flags).Store(&r)
 	if err != nil {
 		return 0, err
 	}
-	if r == uint32(RequestNameReplyPrimaryOwner) {
-		conn.namesLck.Lock()
-		conn.names = append(conn.names, name)
-		conn.namesLck.Unlock()
-	}
 	return RequestNameReply(r), nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/export_test.go juju-core-2.0~beta12/src/github.com/godbus/dbus/export_test.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/export_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,635 @@
+package dbus
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+	"testing"
+)
+
+type lowerCaseExport struct{}
+
+func (export lowerCaseExport) foo() (string, *Error) {
+	return "bar", nil
+}
+
+type fooExport struct {
+	message Message
+}
+
+func (export *fooExport) Foo(message Message, param string) (string, *Error) {
+	export.message = message
+	return "foo", nil
+}
+
+type barExport struct{}
+
+func (export barExport) Foo(param string) (string, *Error) {
+	return "bar", nil
+}
+
+type badExport struct{}
+
+func (export badExport) Foo(param string) string {
+	return "bar"
+}
+
+// Test typical Export usage.
+func TestExport(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	connection.Export(server{}, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+	subtreeObject := connection.Object(name, "/org/guelfey/DBus/Test/Foo")
+
+	var response int64
+	err = object.Call("org.guelfey.DBus.Test.Double", 0, int64(2)).Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Double: %s", err)
+	}
+
+	if response != 4 {
+		t.Errorf("Response was %d, expected 4", response)
+	}
+
+	// Verify that calling a subtree of a regular export does not result in a
+	// valid method call.
+	err = subtreeObject.Call("org.guelfey.DBus.Test.Double", 0, int64(2)).Store(&response)
+	if err == nil {
+		t.Error("Expected error due to no object being exported on that path")
+	}
+
+	// Now remove export
+	connection.Export(nil, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	err = object.Call("org.guelfey.DBus.Test.Double", 0, int64(2)).Store(&response)
+	if err == nil {
+		t.Error("Expected an error since the export was removed")
+	}
+}
+
+// Test that Exported handlers can obtain raw message.
+func TestExport_message(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	export := &fooExport{}
+	connection.Export(export, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response string
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	if export.message.serial == 0 {
+		t.Error("Expected a valid message to be given to handler")
+	}
+}
+
+// Test Export with an invalid path.
+func TestExport_invalidPath(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	err = connection.Export(nil, "foo", "bar")
+	if err == nil {
+		t.Error("Expected an error due to exporting with an invalid path")
+	}
+}
+
+// Test Export with an un-exported method. This should not panic, but rather
+// result in an invalid method call.
+func TestExport_unexportedMethod(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	connection.Export(lowerCaseExport{}, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response string
+	call := object.Call("org.guelfey.DBus.Test.foo", 0)
+	err = call.Store(&response)
+	if err == nil {
+		t.Errorf("Expected an error due to calling unexported method")
+	}
+}
+
+// Test Export with a method lacking the correct return signature. This should
+// result in an invalid method call.
+func TestExport_badSignature(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	connection.Export(badExport{}, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response string
+	call := object.Call("org.guelfey.DBus.Test.Foo", 0)
+	err = call.Store(&response)
+	if err == nil {
+		t.Errorf("Expected an error due to the method lacking the right signature")
+	}
+}
+
+// Test typical ExportWithMap usage.
+func TestExportWithMap(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	mapping := make(map[string]string)
+	mapping["Double"] = "double" // Export this method as lower-case
+
+	connection.ExportWithMap(server{}, mapping, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response int64
+	err = object.Call("org.guelfey.DBus.Test.double", 0, int64(2)).Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling double: %s", err)
+	}
+
+	if response != 4 {
+		t.Errorf("Response was %d, expected 4", response)
+	}
+}
+
+// Test that ExportWithMap does not export both method alias and method.
+func TestExportWithMap_bypassAlias(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	mapping := make(map[string]string)
+	mapping["Double"] = "double" // Export this method as lower-case
+
+	connection.ExportWithMap(server{}, mapping, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response int64
+	// Call upper-case Double (i.e. the real method, not the alias)
+	err = object.Call("org.guelfey.DBus.Test.Double", 0, int64(2)).Store(&response)
+	if err == nil {
+		t.Error("Expected an error due to calling actual method, not alias")
+	}
+}
+
+// Test typical ExportSubtree usage.
+func TestExportSubtree(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	export := &fooExport{}
+	connection.ExportSubtree(export, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+
+	// Call a subpath of the exported path
+	object := connection.Object(name, "/org/guelfey/DBus/Test/Foo")
+
+	var response string
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	if export.message.serial == 0 {
+		t.Error("Expected the raw message, got an invalid one")
+	}
+
+	// Now remove export
+	connection.Export(nil, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err == nil {
+		t.Error("Expected an error since the export was removed")
+	}
+}
+
+// Test that using ExportSubtree with exported methods that don't contain a
+// Message still work, they just don't get the message.
+func TestExportSubtree_noMessage(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	connection.ExportSubtree(server{}, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+
+	// Call a subpath of the exported path
+	object := connection.Object(name, "/org/guelfey/DBus/Test/Foo")
+
+	var response int64
+	err = object.Call("org.guelfey.DBus.Test.Double", 0, int64(2)).Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Double: %s", err)
+	}
+
+	if response != 4 {
+		t.Errorf("Response was %d, expected 4", response)
+	}
+
+	// Now remove export
+	connection.Export(nil, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	err = object.Call("org.guelfey.DBus.Test.Double", 0, int64(2)).Store(&response)
+	if err == nil {
+		t.Error("Expected an error since the export was removed")
+	}
+}
+
+// Test that a regular Export takes precedence over ExportSubtree.
+func TestExportSubtree_exportPrecedence(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	// Register for the entire subtree of /org/guelfey/DBus/Test
+	connection.ExportSubtree(&fooExport{},
+		"/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+
+	// Explicitly register for /org/guelfey/DBus/Test/Foo, a subpath of above
+	connection.Export(&barExport{}, "/org/guelfey/DBus/Test/Foo",
+		"org.guelfey.DBus.Test")
+
+	// Call the explicitly exported path
+	object := connection.Object(name, "/org/guelfey/DBus/Test/Foo")
+
+	var response string
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "bar" {
+		t.Errorf(`Response was %s, expected "bar"`, response)
+	}
+
+	response = "" // Reset response so errors aren't confusing
+
+	// Now remove explicit export
+	connection.Export(nil, "/org/guelfey/DBus/Test/Foo", "org.guelfey.DBus.Test")
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	// Now the subtree export should handle the call
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+}
+
+// Test typical ExportSubtreeWithMap usage.
+func TestExportSubtreeWithMap(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	mapping := make(map[string]string)
+	mapping["Foo"] = "foo" // Export this method as lower-case
+
+	connection.ExportSubtreeWithMap(&fooExport{}, mapping, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+
+	// Call a subpath of the exported path
+	object := connection.Object(name, "/org/guelfey/DBus/Test/Foo")
+
+	var response string
+	// Call the lower-case method
+	err = object.Call("org.guelfey.DBus.Test.foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	// Now remove export
+	connection.Export(nil, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	err = object.Call("org.guelfey.DBus.Test.foo", 0, "qux").Store(&response)
+	if err == nil {
+		t.Error("Expected an error since the export was removed")
+	}
+}
+
+// Test that ExportSubtreeWithMap does not export both method alias and method.
+func TestExportSubtreeWithMap_bypassAlias(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	mapping := make(map[string]string)
+	mapping["Foo"] = "foo" // Export this method as lower-case
+
+	connection.ExportSubtreeWithMap(&fooExport{}, mapping, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test/Foo")
+
+	var response string
+	// Call upper-case Foo (i.e. the real method, not the alias)
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err == nil {
+		t.Error("Expected an error due to calling actual method, not alias")
+	}
+}
+
+func TestExportMethodTable(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+	export := &fooExport{}
+	tbl := make(map[string]interface{})
+	tbl["Foo"] = func(message Message, param string) (string, *Error) {
+		return export.Foo(message, param)
+	}
+	tbl["Foo2"] = export.Foo
+	connection.ExportMethodTable(tbl, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response string
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	if export.message.serial == 0 {
+		t.Error("Expected the raw message, got an invalid one")
+	}
+
+	err = object.Call("org.guelfey.DBus.Test.Foo2", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	if export.message.serial == 0 {
+		t.Error("Expected the raw message, got an invalid one")
+	}
+
+	// Now remove export
+	connection.Export(nil, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err == nil {
+		t.Error("Expected an error since the export was removed")
+	}
+}
+
+func TestExportSubtreeMethodTable(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	export := &fooExport{}
+	tbl := make(map[string]interface{})
+	tbl["Foo"] = func(message Message, param string) (string, *Error) {
+		return export.Foo(message, param)
+	}
+	tbl["Foo2"] = export.Foo
+	connection.ExportSubtreeMethodTable(tbl, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+
+	// Call a subpath of the exported path
+	object := connection.Object(name, "/org/guelfey/DBus/Test/Foo")
+
+	var response string
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	if export.message.serial == 0 {
+		t.Error("Expected the raw message, got an invalid one")
+	}
+
+	err = object.Call("org.guelfey.DBus.Test.Foo2", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	if export.message.serial == 0 {
+		t.Error("Expected the raw message, got an invalid one")
+	}
+
+	// Now remove export
+	connection.Export(nil, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err == nil {
+		t.Error("Expected an error since the export was removed")
+	}
+}
+
+func TestExportMethodTable_NotFunc(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+	export := &fooExport{}
+	tbl := make(map[string]interface{})
+	tbl["Foo"] = func(message Message, param string) (string, *Error) {
+		return export.Foo(message, param)
+	}
+	tbl["Foo2"] = "foobar"
+
+	connection.ExportMethodTable(tbl, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response string
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Foo: %s", err)
+	}
+
+	if response != "foo" {
+		t.Errorf(`Response was %s, expected "foo"`, response)
+	}
+
+	if export.message.serial == 0 {
+		t.Error("Expected the raw message, got an invalid one")
+	}
+
+	err = object.Call("org.guelfey.DBus.Test.Foo2", 0, "qux").Store(&response)
+	if err == nil {
+		t.Errorf("Expected an error since the Foo2 was not a function")
+	}
+}
+
+func TestExportMethodTable_ReturnNotError(t *testing.T) {
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+	export := &fooExport{}
+	tbl := make(map[string]interface{})
+	tbl["Foo"] = func(message Message, param string) (string, string) {
+		out, _ := export.Foo(message, param)
+		return out, out
+	}
+
+	connection.ExportMethodTable(tbl, "/org/guelfey/DBus/Test", "org.guelfey.DBus.Test")
+	object := connection.Object(name, "/org/guelfey/DBus/Test")
+
+	var response string
+	err = object.Call("org.guelfey.DBus.Test.Foo", 0, "qux").Store(&response)
+	if err == nil {
+		t.Errorf("Expected an error since the Foo did not have a final return as *dbus.Error")
+	}
+}
+
+// Test that introspection works on sub path of every exported object
+func TestExportSubPathIntrospection(t *testing.T) {
+	const (
+		introIntf    = "org.freedesktop.DBus.Introspectable"
+		respTmpl     = `^<node>\s*<node\s+name="%s"\s*/>\s*</node>$`
+		pathstr      = "/org/guelfey/DBus/Test"
+		foopathstr   = pathstr + "/Foo"
+		barpathstr   = pathstr + "/Bar"
+		test1intfstr = "org.guelfey.DBus.Test1"
+		test2intfstr = "org.guelfey.DBus.Test2"
+		intro        = `
+			<node>
+			<interface name="` + test1intfstr + `">
+				<method name="Foo">
+					<arg direction="out" type="s"/>
+				</method>
+			</interface>
+			<interface name="` + test2intfstr + `">
+				<method name="Foo">
+					<arg direction="out" type="s"/>
+				</method>
+				<method name="Bar">
+					<arg direction="out" type="s"/>
+				</method>
+			</interface>
+			<interface name="` + introIntf + `">
+				<method name="Introspect">
+					<arg name="out" direction="out" type="s"/>
+				</method>
+			</interface>
+			</node>`
+	)
+	connection, err := SessionBus()
+	if err != nil {
+		t.Fatalf("Unexpected error connecting to session bus: %s", err)
+	}
+
+	name := connection.Names()[0]
+
+	foo := &fooExport{}
+	bar := &barExport{}
+	connection.Export(foo, foopathstr, test1intfstr)
+	connection.Export(foo, foopathstr, test2intfstr)
+	connection.Export(bar, barpathstr, test2intfstr)
+	connection.Export(intro, pathstr, introIntf)
+
+	var response string
+	var match bool
+	path := strings.Split(pathstr, "/")
+	for i := 0; i < len(path)-1; i++ {
+		var subpath string
+		if i == 0 {
+			subpath = "/"
+		} else {
+			subpath = strings.Join(path[:i+1], "/")
+		}
+
+		object := connection.Object(name, ObjectPath(subpath))
+		err = object.Call(introIntf+".Introspect", 0).Store(&response)
+		if err != nil {
+			t.Errorf("Unexpected error calling Introspect on %s: %s", subpath, err)
+		}
+
+		exp := fmt.Sprintf(respTmpl, path[i+1])
+		match, err = regexp.MatchString(exp, response)
+		if err != nil {
+			t.Fatalf("Error calling MatchString: %s", err)
+		}
+		if !match {
+			t.Errorf("Unexpected introspection response for %s: %s", subpath, response)
+		}
+	}
+
+	// Test invalid subpath
+	invalSubpath := "/org/guelfey/DBus/Test/Nonexistent"
+	object := connection.Object(name, ObjectPath(invalSubpath))
+	err = object.Call(introIntf+".Introspect", 0).Store(&response)
+	if err != nil {
+		t.Errorf("Unexpected error calling Introspect on %s: %s", invalSubpath, err)
+	}
+	match, err = regexp.MatchString(`^<node>\s*</node>$`, response)
+	if err != nil {
+		t.Fatalf("Error calling MatchString: %s", err)
+	}
+	if !match {
+		t.Errorf("Unexpected introspection response for %s: %s", invalSubpath, response)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/introspect/call.go juju-core-2.0~beta12/src/github.com/godbus/dbus/introspect/call.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/introspect/call.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/introspect/call.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 // Call calls org.freedesktop.Introspectable.Introspect on a remote object
 // and returns the introspection data.
-func Call(o *dbus.Object) (*Node, error) {
+func Call(o dbus.BusObject) (*Node, error) {
 	var xmldata string
 	var node Node
 
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/introspect/introspectable.go juju-core-2.0~beta12/src/github.com/godbus/dbus/introspect/introspectable.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/introspect/introspectable.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/introspect/introspectable.go	2016-07-18 19:45:44.000000000 +0000
@@ -59,7 +59,8 @@
 		m.Name = t.Method(i).Name
 		m.Args = make([]Arg, 0, mt.NumIn()+mt.NumOut()-2)
 		for j := 1; j < mt.NumIn(); j++ {
-			if mt.In(j) != reflect.TypeOf((*dbus.Sender)(nil)).Elem() {
+			if mt.In(j) != reflect.TypeOf((*dbus.Sender)(nil)).Elem() &&
+				mt.In(j) != reflect.TypeOf((*dbus.Message)(nil)).Elem() {
 				arg := Arg{"", dbus.SignatureOfType(mt.In(j)).String(), "in"}
 				m.Args = append(m.Args, arg)
 			}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/LICENSE juju-core-2.0~beta12/src/github.com/godbus/dbus/LICENSE
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/LICENSE	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-Copyright (c) 2013, Georg Reinke (<guelfey at gmail dot com>)
+Copyright (c) 2013, Georg Reinke (<guelfey at gmail dot com>), Google
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/message.go juju-core-2.0~beta12/src/github.com/godbus/dbus/message.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/message.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/message.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,6 +22,13 @@
 	// FlagNoAutoStart signals that the message bus should not automatically
 	// start an application when handling this message.
 	FlagNoAutoStart
+	// FlagAllowInteractiveAuthorization may be set on a method call
+	// message to inform the receiving side that the caller is prepared
+	// to wait for interactive authorization, which might take a
+	// considerable time to complete. For instance, if this flag is set,
+	// it would be appropriate to query the user for passwords or
+	// confirmation via Polkit or a similar framework.
+	FlagAllowInteractiveAuthorization
 )
 
 // Type represents the possible types of a D-Bus message.
@@ -248,7 +255,7 @@
 // IsValid checks whether msg is a valid message and returns an
 // InvalidMessageError if it is not.
 func (msg *Message) IsValid() error {
-	if msg.Flags & ^(FlagNoAutoStart|FlagNoReplyExpected) != 0 {
+	if msg.Flags & ^(FlagNoAutoStart|FlagNoReplyExpected|FlagAllowInteractiveAuthorization) != 0 {
 		return InvalidMessageError("invalid flags")
 	}
 	if msg.Type == 0 || msg.Type >= typeMax {
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/object.go juju-core-2.0~beta12/src/github.com/godbus/dbus/object.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/object.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/object.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,136 @@
+package dbus
+
+import (
+	"errors"
+	"strings"
+)
+
+// BusObject is the interface of a remote object on which methods can be
+// invoked.
+type BusObject interface {
+	Call(method string, flags Flags, args ...interface{}) *Call
+	Go(method string, flags Flags, ch chan *Call, args ...interface{}) *Call
+	GetProperty(p string) (Variant, error)
+	Destination() string
+	Path() ObjectPath
+}
+
+// Object represents a remote object on which methods can be invoked.
+type Object struct {
+	conn *Conn
+	dest string
+	path ObjectPath
+}
+
+// Call calls a method with (*Object).Go and waits for its reply.
+func (o *Object) Call(method string, flags Flags, args ...interface{}) *Call {
+	return <-o.Go(method, flags, make(chan *Call, 1), args...).Done
+}
+
+// AddMatchSignal subscribes BusObject to signals from specified interface and
+// method (member).
+func (o *Object) AddMatchSignal(iface, member string) *Call {
+	return o.Call(
+		"org.freedesktop.DBus.AddMatch",
+		0,
+		"type='signal',interface='"+iface+"',member='"+member+"'",
+	)
+}
+
+// Go calls a method with the given arguments asynchronously. It returns a
+// Call structure representing this method call. The passed channel will
+// return the same value once the call is done. If ch is nil, a new channel
+// will be allocated. Otherwise, ch has to be buffered or Go will panic.
+//
+// If the flags include FlagNoReplyExpected, ch is ignored and a Call structure
+// is returned of which only the Err member is valid.
+//
+// If the method parameter contains a dot ('.'), the part before the last dot
+// specifies the interface on which the method is called.
+func (o *Object) Go(method string, flags Flags, ch chan *Call, args ...interface{}) *Call {
+	iface := ""
+	i := strings.LastIndex(method, ".")
+	if i != -1 {
+		iface = method[:i]
+	}
+	method = method[i+1:]
+	msg := new(Message)
+	msg.Type = TypeMethodCall
+	msg.serial = o.conn.getSerial()
+	msg.Flags = flags & (FlagNoAutoStart | FlagNoReplyExpected)
+	msg.Headers = make(map[HeaderField]Variant)
+	msg.Headers[FieldPath] = MakeVariant(o.path)
+	msg.Headers[FieldDestination] = MakeVariant(o.dest)
+	msg.Headers[FieldMember] = MakeVariant(method)
+	if iface != "" {
+		msg.Headers[FieldInterface] = MakeVariant(iface)
+	}
+	msg.Body = args
+	if len(args) > 0 {
+		msg.Headers[FieldSignature] = MakeVariant(SignatureOf(args...))
+	}
+	if msg.Flags&FlagNoReplyExpected == 0 {
+		if ch == nil {
+			ch = make(chan *Call, 10)
+		} else if cap(ch) == 0 {
+			panic("dbus: unbuffered channel passed to (*Object).Go")
+		}
+		call := &Call{
+			Destination: o.dest,
+			Path:        o.path,
+			Method:      method,
+			Args:        args,
+			Done:        ch,
+		}
+		o.conn.callsLck.Lock()
+		o.conn.calls[msg.serial] = call
+		o.conn.callsLck.Unlock()
+		o.conn.outLck.RLock()
+		if o.conn.closed {
+			call.Err = ErrClosed
+			call.Done <- call
+		} else {
+			o.conn.out <- msg
+		}
+		o.conn.outLck.RUnlock()
+		return call
+	}
+	o.conn.outLck.RLock()
+	defer o.conn.outLck.RUnlock()
+	if o.conn.closed {
+		return &Call{Err: ErrClosed}
+	}
+	o.conn.out <- msg
+	return &Call{Err: nil}
+}
+
+// GetProperty calls org.freedesktop.DBus.Properties.GetProperty on the given
+// object. The property name must be given in interface.member notation.
+func (o *Object) GetProperty(p string) (Variant, error) {
+	idx := strings.LastIndex(p, ".")
+	if idx == -1 || idx+1 == len(p) {
+		return Variant{}, errors.New("dbus: invalid property " + p)
+	}
+
+	iface := p[:idx]
+	prop := p[idx+1:]
+
+	result := Variant{}
+	err := o.Call("org.freedesktop.DBus.Properties.Get", 0, iface, prop).Store(&result)
+
+	if err != nil {
+		return Variant{}, err
+	}
+
+	return result, nil
+}
+
+// Destination returns the destination that calls on o are sent to.
+func (o *Object) Destination() string {
+	return o.dest
+}
+
+// Path returns the path that calls on o are sent to.
+func (o *Object) Path() ObjectPath {
+	return o.path
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/prop/prop.go juju-core-2.0~beta12/src/github.com/godbus/dbus/prop/prop.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/prop/prop.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/prop/prop.go	2016-07-18 19:45:44.000000000 +0000
@@ -79,7 +79,7 @@
 // The introspection data for the org.freedesktop.DBus.Properties interface, as
 // a string.
 const IntrospectDataString = `
-	<interface name="org.freedesktop.DBus.Introspectable">
+	<interface name="org.freedesktop.DBus.Properties">
 		<method name="Get">
 			<arg name="interface" direction="in" type="s"/>
 			<arg name="property" direction="in" type="s"/>
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/README.markdown juju-core-2.0~beta12/src/github.com/godbus/dbus/README.markdown
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/README.markdown	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/README.markdown	2016-07-18 19:45:44.000000000 +0000
@@ -27,6 +27,9 @@
 [_examples](https://github.com/godbus/dbus/tree/master/_examples) directory
 gives a short overview over the basic usage. 
 
+#### Projects using godbus
+- [notify](https://github.com/esiqveland/notify) provides desktop notifications over dbus into a library.
+
 Please note that the API is considered unstable for now and may change without
 further notice.
 
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_tcp.go juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_tcp.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_tcp.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_tcp.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,43 @@
+//+build !windows
+
+package dbus
+
+import (
+	"errors"
+	"net"
+)
+
+func init() {
+	transports["tcp"] = newTcpTransport
+}
+
+func tcpFamily(keys string) (string, error) {
+	switch getKey(keys, "family") {
+	case "":
+		return "tcp", nil
+	case "ipv4":
+		return "tcp4", nil
+	case "ipv6":
+		return "tcp6", nil
+	default:
+		return "", errors.New("dbus: invalid tcp family (must be ipv4 or ipv6)")
+	}
+}
+
+func newTcpTransport(keys string) (transport, error) {
+	host := getKey(keys, "host")
+	port := getKey(keys, "port")
+	if host == "" || port == "" {
+		return nil, errors.New("dbus: unsupported address (must set host and port)")
+	}
+
+	protocol, err := tcpFamily(keys)
+	if err != nil {
+		return nil, err
+	}
+	socket, err := net.Dial(protocol, net.JoinHostPort(host, port))
+	if err != nil {
+		return nil, err
+	}
+	return NewConn(socket)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_tcp_test.go juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_tcp_test.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_tcp_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_tcp_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,26 @@
+package dbus
+
+import (
+	"fmt"
+	"net"
+	"testing"
+)
+
+func TestTcpConnection(t *testing.T) {
+	listener, err := net.Listen("tcp", "127.0.0.1:0")
+	if err != nil {
+		t.Fatal("Failed to create listener")
+	}
+	host, port, err := net.SplitHostPort(listener.Addr().String())
+	if err != nil {
+		t.Fatal("Failed to parse host/port")
+	}
+
+	conn, err := Dial(fmt.Sprintf("tcp:host=%s,port=%s", host, port))
+	if err != nil {
+		t.Error("Expected no error, got", err)
+	}
+	if conn == nil {
+		t.Error("Expected connection, got nil")
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_unixcred_openbsd.go juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_unixcred_openbsd.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_unixcred_openbsd.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_unixcred_openbsd.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+package dbus
+
+import "io"
+
+func (t *unixTransport) SendNullByte() error {
+	n, _, err := t.UnixConn.WriteMsgUnix([]byte{0}, nil, nil)
+	if err != nil {
+		return err
+	}
+	if n != 1 {
+		return io.ErrShortWrite
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_unix.go juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_unix.go
--- juju-core-2.0~beta7/src/github.com/godbus/dbus/transport_unix.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/godbus/dbus/transport_unix.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-//+build !windows
+//+build !windows,!solaris
 
 package dbus
 
diff -Nru juju-core-2.0~beta7/src/github.com/google/go-querystring/CONTRIBUTING.md juju-core-2.0~beta12/src/github.com/google/go-querystring/CONTRIBUTING.md
--- juju-core-2.0~beta7/src/github.com/google/go-querystring/CONTRIBUTING.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/google/go-querystring/CONTRIBUTING.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,67 @@
+# How to contribute #
+
+We'd love to accept your patches and contributions to this project.  There are
+a just a few small guidelines you need to follow.
+
+
+## Contributor License Agreement ##
+
+Contributions to any Google project must be accompanied by a Contributor
+License Agreement.  This is not a copyright **assignment**, it simply gives
+Google permission to use and redistribute your contributions as part of the
+project.
+
+  * If you are an individual writing original source code and you're sure you
+    own the intellectual property, then you'll need to sign an [individual
+    CLA][].
+
+  * If you work for a company that wants to allow you to contribute your work,
+    then you'll need to sign a [corporate CLA][].
+
+You generally only need to submit a CLA once, so if you've already submitted
+one (even if it was for a different project), you probably don't need to do it
+again.
+
+[individual CLA]: https://developers.google.com/open-source/cla/individual
+[corporate CLA]: https://developers.google.com/open-source/cla/corporate
+
+
+## Submitting a patch ##
+
+  1. It's generally best to start by opening a new issue describing the bug or
+     feature you're intending to fix.  Even if you think it's relatively minor,
+     it's helpful to know what people are working on.  Mention in the initial
+     issue that you are planning to work on that bug or feature so that it can
+     be assigned to you.
+
+  1. Follow the normal process of [forking][] the project, and setup a new
+     branch to work in.  It's important that each group of changes be done in
+     separate branches in order to ensure that a pull request only includes the
+     commits related to that bug or feature.
+
+  1. Go makes it very simple to ensure properly formatted code, so always run
+     `go fmt` on your code before committing it.  You should also run
+     [golint][] over your code.  As noted in the [golint readme][], it's not
+     strictly necessary that your code be completely "lint-free", but this will
+     help you find common style issues.
+
+  1. Any significant changes should almost always be accompanied by tests.  The
+     project already has good test coverage, so look at some of the existing
+     tests if you're unsure how to go about it.  [gocov][] and [gocov-html][]
+     are invaluable tools for seeing which parts of your code aren't being
+     exercised by your tests.
+
+  1. Do your best to have [well-formed commit messages][] for each change.
+     This provides consistency throughout the project, and ensures that commit
+     messages are able to be formatted properly by various git tools.
+
+  1. Finally, push the commits to your fork and submit a [pull request][].
+
+[forking]: https://help.github.com/articles/fork-a-repo
+[golint]: https://github.com/golang/lint
+[golint readme]: https://github.com/golang/lint/blob/master/README
+[gocov]: https://github.com/axw/gocov
+[gocov-html]: https://github.com/matm/gocov-html
+[well-formed commit messages]: http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
+[squash]: http://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits
+[pull request]: https://help.github.com/articles/creating-a-pull-request
diff -Nru juju-core-2.0~beta7/src/github.com/google/go-querystring/LICENSE juju-core-2.0~beta12/src/github.com/google/go-querystring/LICENSE
--- juju-core-2.0~beta7/src/github.com/google/go-querystring/LICENSE	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/google/go-querystring/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,27 @@
+Copyright (c) 2013 Google. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff -Nru juju-core-2.0~beta7/src/github.com/google/go-querystring/query/encode.go juju-core-2.0~beta12/src/github.com/google/go-querystring/query/encode.go
--- juju-core-2.0~beta7/src/github.com/google/go-querystring/query/encode.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/google/go-querystring/query/encode.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,320 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package query implements encoding of structs into URL query parameters.
+//
+// As a simple example:
+//
+// 	type Options struct {
+// 		Query   string `url:"q"`
+// 		ShowAll bool   `url:"all"`
+// 		Page    int    `url:"page"`
+// 	}
+//
+// 	opt := Options{ "foo", true, 2 }
+// 	v, _ := query.Values(opt)
+// 	fmt.Print(v.Encode()) // will output: "q=foo&all=true&page=2"
+//
+// The exact mapping between Go values and url.Values is described in the
+// documentation for the Values() function.
+package query
+
+import (
+	"bytes"
+	"fmt"
+	"net/url"
+	"reflect"
+	"strconv"
+	"strings"
+	"time"
+)
+
+var timeType = reflect.TypeOf(time.Time{})
+
+var encoderType = reflect.TypeOf(new(Encoder)).Elem()
+
+// Encoder is an interface implemented by any type that wishes to encode
+// itself into URL values in a non-standard way.
+type Encoder interface {
+	EncodeValues(key string, v *url.Values) error
+}
+
+// Values returns the url.Values encoding of v.
+//
+// Values expects to be passed a struct, and traverses it recursively using the
+// following encoding rules.
+//
+// Each exported struct field is encoded as a URL parameter unless
+//
+//	- the field's tag is "-", or
+//	- the field is empty and its tag specifies the "omitempty" option
+//
+// The empty values are false, 0, any nil pointer or interface value, any array
+// slice, map, or string of length zero, and any time.Time that returns true
+// for IsZero().
+//
+// The URL parameter name defaults to the struct field name but can be
+// specified in the struct field's tag value.  The "url" key in the struct
+// field's tag value is the key name, followed by an optional comma and
+// options.  For example:
+//
+// 	// Field is ignored by this package.
+// 	Field int `url:"-"`
+//
+// 	// Field appears as URL parameter "myName".
+// 	Field int `url:"myName"`
+//
+// 	// Field appears as URL parameter "myName" and the field is omitted if
+// 	// its value is empty
+// 	Field int `url:"myName,omitempty"`
+//
+// 	// Field appears as URL parameter "Field" (the default), but the field
+// 	// is skipped if empty.  Note the leading comma.
+// 	Field int `url:",omitempty"`
+//
+// For encoding individual field values, the following type-dependent rules
+// apply:
+//
+// Boolean values default to encoding as the strings "true" or "false".
+// Including the "int" option signals that the field should be encoded as the
+// strings "1" or "0".
+//
+// time.Time values default to encoding as RFC3339 timestamps.  Including the
+// "unix" option signals that the field should be encoded as a Unix time (see
+// time.Unix())
+//
+// Slice and Array values default to encoding as multiple URL values of the
+// same name.  Including the "comma" option signals that the field should be
+// encoded as a single comma-delimited value.  Including the "space" option
+// similarly encodes the value as a single space-delimited string. Including
+// the "semicolon" option will encode the value as a semicolon-delimited string.
+// Including the "brackets" option signals that the multiple URL values should
+// have "[]" appended to the value name. "numbered" will append a number to
+// the end of each incidence of the value name, example:
+// name0=value0&name1=value1, etc.
+//
+// Anonymous struct fields are usually encoded as if their inner exported
+// fields were fields in the outer struct, subject to the standard Go
+// visibility rules.  An anonymous struct field with a name given in its URL
+// tag is treated as having that name, rather than being anonymous.
+//
+// Non-nil pointer values are encoded as the value pointed to.
+//
+// Nested structs are encoded including parent fields in value names for
+// scoping. e.g:
+//
+// 	"user[name]=acme&user[addr][postcode]=1234&user[addr][city]=SFO"
+//
+// All other values are encoded using their default string representation.
+//
+// Multiple fields that encode to the same URL parameter name will be included
+// as multiple URL values of the same name.
+func Values(v interface{}) (url.Values, error) {
+	values := make(url.Values)
+	val := reflect.ValueOf(v)
+	for val.Kind() == reflect.Ptr {
+		if val.IsNil() {
+			return values, nil
+		}
+		val = val.Elem()
+	}
+
+	if v == nil {
+		return values, nil
+	}
+
+	if val.Kind() != reflect.Struct {
+		return nil, fmt.Errorf("query: Values() expects struct input. Got %v", val.Kind())
+	}
+
+	err := reflectValue(values, val, "")
+	return values, err
+}
+
+// reflectValue populates the values parameter from the struct fields in val.
+// Embedded structs are followed recursively (using the rules defined in the
+// Values function documentation) breadth-first.
+func reflectValue(values url.Values, val reflect.Value, scope string) error {
+	var embedded []reflect.Value
+
+	typ := val.Type()
+	for i := 0; i < typ.NumField(); i++ {
+		sf := typ.Field(i)
+		if sf.PkgPath != "" && !sf.Anonymous { // unexported
+			continue
+		}
+
+		sv := val.Field(i)
+		tag := sf.Tag.Get("url")
+		if tag == "-" {
+			continue
+		}
+		name, opts := parseTag(tag)
+		if name == "" {
+			if sf.Anonymous && sv.Kind() == reflect.Struct {
+				// save embedded struct for later processing
+				embedded = append(embedded, sv)
+				continue
+			}
+
+			name = sf.Name
+		}
+
+		if scope != "" {
+			name = scope + "[" + name + "]"
+		}
+
+		if opts.Contains("omitempty") && isEmptyValue(sv) {
+			continue
+		}
+
+		if sv.Type().Implements(encoderType) {
+			if !reflect.Indirect(sv).IsValid() {
+				sv = reflect.New(sv.Type().Elem())
+			}
+
+			m := sv.Interface().(Encoder)
+			if err := m.EncodeValues(name, &values); err != nil {
+				return err
+			}
+			continue
+		}
+
+		if sv.Kind() == reflect.Slice || sv.Kind() == reflect.Array {
+			var del byte
+			if opts.Contains("comma") {
+				del = ','
+			} else if opts.Contains("space") {
+				del = ' '
+			} else if opts.Contains("semicolon") {
+				del = ';'
+			} else if opts.Contains("brackets") {
+				name = name + "[]"
+			}
+
+			if del != 0 {
+				s := new(bytes.Buffer)
+				first := true
+				for i := 0; i < sv.Len(); i++ {
+					if first {
+						first = false
+					} else {
+						s.WriteByte(del)
+					}
+					s.WriteString(valueString(sv.Index(i), opts))
+				}
+				values.Add(name, s.String())
+			} else {
+				for i := 0; i < sv.Len(); i++ {
+					k := name
+					if opts.Contains("numbered") {
+						k = fmt.Sprintf("%s%d", name, i)
+					}
+					values.Add(k, valueString(sv.Index(i), opts))
+				}
+			}
+			continue
+		}
+
+		if sv.Type() == timeType {
+			values.Add(name, valueString(sv, opts))
+			continue
+		}
+
+		for sv.Kind() == reflect.Ptr {
+			if sv.IsNil() {
+				break
+			}
+			sv = sv.Elem()
+		}
+
+		if sv.Kind() == reflect.Struct {
+			reflectValue(values, sv, name)
+			continue
+		}
+
+		values.Add(name, valueString(sv, opts))
+	}
+
+	for _, f := range embedded {
+		if err := reflectValue(values, f, scope); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// valueString returns the string representation of a value.
+func valueString(v reflect.Value, opts tagOptions) string {
+	for v.Kind() == reflect.Ptr {
+		if v.IsNil() {
+			return ""
+		}
+		v = v.Elem()
+	}
+
+	if v.Kind() == reflect.Bool && opts.Contains("int") {
+		if v.Bool() {
+			return "1"
+		}
+		return "0"
+	}
+
+	if v.Type() == timeType {
+		t := v.Interface().(time.Time)
+		if opts.Contains("unix") {
+			return strconv.FormatInt(t.Unix(), 10)
+		}
+		return t.Format(time.RFC3339)
+	}
+
+	return fmt.Sprint(v.Interface())
+}
+
+// isEmptyValue checks if a value should be considered empty for the purposes
+// of omitting fields with the "omitempty" option.
+func isEmptyValue(v reflect.Value) bool {
+	switch v.Kind() {
+	case reflect.Array, reflect.Map, reflect.Slice, reflect.String:
+		return v.Len() == 0
+	case reflect.Bool:
+		return !v.Bool()
+	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+		return v.Int() == 0
+	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+		return v.Uint() == 0
+	case reflect.Float32, reflect.Float64:
+		return v.Float() == 0
+	case reflect.Interface, reflect.Ptr:
+		return v.IsNil()
+	}
+
+	if v.Type() == timeType {
+		return v.Interface().(time.Time).IsZero()
+	}
+
+	return false
+}
+
+// tagOptions is the string following a comma in a struct field's "url" tag, or
+// the empty string. It does not include the leading comma.
+type tagOptions []string
+
+// parseTag splits a struct field's url tag into its name and comma-separated
+// options.
+func parseTag(tag string) (string, tagOptions) {
+	s := strings.Split(tag, ",")
+	return s[0], s[1:]
+}
+
+// Contains checks whether the tagOptions contains the specified option.
+func (o tagOptions) Contains(option string) bool {
+	for _, s := range o {
+		if s == option {
+			return true
+		}
+	}
+	return false
+}
diff -Nru juju-core-2.0~beta7/src/github.com/google/go-querystring/query/encode_test.go juju-core-2.0~beta12/src/github.com/google/go-querystring/query/encode_test.go
--- juju-core-2.0~beta7/src/github.com/google/go-querystring/query/encode_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/google/go-querystring/query/encode_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,321 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package query
+
+import (
+	"fmt"
+	"net/url"
+	"reflect"
+	"testing"
+	"time"
+)
+
+type Nested struct {
+	A   SubNested  `url:"a"`
+	B   *SubNested `url:"b"`
+	Ptr *SubNested `url:"ptr,omitempty"`
+}
+
+type SubNested struct {
+	Value string `url:"value"`
+}
+
+func TestValues_types(t *testing.T) {
+	str := "string"
+	strPtr := &str
+
+	tests := []struct {
+		in   interface{}
+		want url.Values
+	}{
+		{
+			// basic primitives
+			struct {
+				A string
+				B int
+				C uint
+				D float32
+				E bool
+			}{},
+			url.Values{
+				"A": {""},
+				"B": {"0"},
+				"C": {"0"},
+				"D": {"0"},
+				"E": {"false"},
+			},
+		},
+		{
+			// pointers
+			struct {
+				A *string
+				B *int
+				C **string
+			}{A: strPtr, C: &strPtr},
+			url.Values{
+				"A": {str},
+				"B": {""},
+				"C": {str},
+			},
+		},
+		{
+			// slices and arrays
+			struct {
+				A []string
+				B []string `url:",comma"`
+				C []string `url:",space"`
+				D [2]string
+				E [2]string `url:",comma"`
+				F [2]string `url:",space"`
+				G []*string `url:",space"`
+				H []bool    `url:",int,space"`
+				I []string  `url:",brackets"`
+				J []string  `url:",semicolon"`
+				K []string  `url:",numbered"`
+			}{
+				A: []string{"a", "b"},
+				B: []string{"a", "b"},
+				C: []string{"a", "b"},
+				D: [2]string{"a", "b"},
+				E: [2]string{"a", "b"},
+				F: [2]string{"a", "b"},
+				G: []*string{&str, &str},
+				H: []bool{true, false},
+				I: []string{"a", "b"},
+				J: []string{"a", "b"},
+				K: []string{"a", "b"},
+			},
+			url.Values{
+				"A":   {"a", "b"},
+				"B":   {"a,b"},
+				"C":   {"a b"},
+				"D":   {"a", "b"},
+				"E":   {"a,b"},
+				"F":   {"a b"},
+				"G":   {"string string"},
+				"H":   {"1 0"},
+				"I[]": {"a", "b"},
+				"J":   {"a;b"},
+				"K0":  {"a"},
+				"K1":  {"b"},
+			},
+		},
+		{
+			// other types
+			struct {
+				A time.Time
+				B time.Time `url:",unix"`
+				C bool      `url:",int"`
+				D bool      `url:",int"`
+			}{
+				A: time.Date(2000, 1, 1, 12, 34, 56, 0, time.UTC),
+				B: time.Date(2000, 1, 1, 12, 34, 56, 0, time.UTC),
+				C: true,
+				D: false,
+			},
+			url.Values{
+				"A": {"2000-01-01T12:34:56Z"},
+				"B": {"946730096"},
+				"C": {"1"},
+				"D": {"0"},
+			},
+		},
+		{
+			struct {
+				Nest Nested `url:"nest"`
+			}{
+				Nested{
+					A: SubNested{
+						Value: "that",
+					},
+				},
+			},
+			url.Values{
+				"nest[a][value]": {"that"},
+				"nest[b]":        {""},
+			},
+		},
+		{
+			struct {
+				Nest Nested `url:"nest"`
+			}{
+				Nested{
+					Ptr: &SubNested{
+						Value: "that",
+					},
+				},
+			},
+			url.Values{
+				"nest[a][value]":   {""},
+				"nest[b]":          {""},
+				"nest[ptr][value]": {"that"},
+			},
+		},
+		{
+			nil,
+			url.Values{},
+		},
+	}
+
+	for i, tt := range tests {
+		v, err := Values(tt.in)
+		if err != nil {
+			t.Errorf("%d. Values(%q) returned error: %v", i, tt.in, err)
+		}
+
+		if !reflect.DeepEqual(tt.want, v) {
+			t.Errorf("%d. Values(%q) returned %v, want %v", i, tt.in, v, tt.want)
+		}
+	}
+}
+
+func TestValues_omitEmpty(t *testing.T) {
+	str := ""
+	s := struct {
+		a string
+		A string
+		B string  `url:",omitempty"`
+		C string  `url:"-"`
+		D string  `url:"omitempty"` // actually named omitempty, not an option
+		E *string `url:",omitempty"`
+	}{E: &str}
+
+	v, err := Values(s)
+	if err != nil {
+		t.Errorf("Values(%q) returned error: %v", s, err)
+	}
+
+	want := url.Values{
+		"A":         {""},
+		"omitempty": {""},
+		"E":         {""}, // E is included because the pointer is not empty, even though the string being pointed to is
+	}
+	if !reflect.DeepEqual(want, v) {
+		t.Errorf("Values(%q) returned %v, want %v", s, v, want)
+	}
+}
+
+type A struct {
+	B
+}
+
+type B struct {
+	C string
+}
+
+type D struct {
+	B
+	C string
+}
+
+type e struct {
+	B
+	C string
+}
+
+type F struct {
+	e
+}
+
+func TestValues_embeddedStructs(t *testing.T) {
+	tests := []struct {
+		in   interface{}
+		want url.Values
+	}{
+		{
+			A{B{C: "foo"}},
+			url.Values{"C": {"foo"}},
+		},
+		{
+			D{B: B{C: "bar"}, C: "foo"},
+			url.Values{"C": {"foo", "bar"}},
+		},
+		{
+			F{e{B: B{C: "bar"}, C: "foo"}}, // With unexported embed
+			url.Values{"C": {"foo", "bar"}},
+		},
+	}
+
+	for i, tt := range tests {
+		v, err := Values(tt.in)
+		if err != nil {
+			t.Errorf("%d. Values(%q) returned error: %v", i, tt.in, err)
+		}
+
+		if !reflect.DeepEqual(tt.want, v) {
+			t.Errorf("%d. Values(%q) returned %v, want %v", i, tt.in, v, tt.want)
+		}
+	}
+}
+
+func TestValues_invalidInput(t *testing.T) {
+	_, err := Values("")
+	if err == nil {
+		t.Errorf("expected Values() to return an error on invalid input")
+	}
+}
+
+type EncodedArgs []string
+
+func (m EncodedArgs) EncodeValues(key string, v *url.Values) error {
+	for i, arg := range m {
+		v.Set(fmt.Sprintf("%s.%d", key, i), arg)
+	}
+	return nil
+}
+
+func TestValues_Marshaler(t *testing.T) {
+	s := struct {
+		Args EncodedArgs `url:"arg"`
+	}{[]string{"a", "b", "c"}}
+	v, err := Values(s)
+	if err != nil {
+		t.Errorf("Values(%q) returned error: %v", s, err)
+	}
+
+	want := url.Values{
+		"arg.0": {"a"},
+		"arg.1": {"b"},
+		"arg.2": {"c"},
+	}
+	if !reflect.DeepEqual(want, v) {
+		t.Errorf("Values(%q) returned %v, want %v", s, v, want)
+	}
+}
+
+func TestValues_MarshalerWithNilPointer(t *testing.T) {
+	s := struct {
+		Args *EncodedArgs `url:"arg"`
+	}{}
+	v, err := Values(s)
+	if err != nil {
+		t.Errorf("Values(%q) returned error: %v", s, err)
+	}
+
+	want := url.Values{}
+	if !reflect.DeepEqual(want, v) {
+		t.Errorf("Values(%q) returned %v, want %v", s, v, want)
+	}
+}
+
+func TestTagParsing(t *testing.T) {
+	name, opts := parseTag("field,foobar,foo")
+	if name != "field" {
+		t.Fatalf("name = %q, want field", name)
+	}
+	for _, tt := range []struct {
+		opt  string
+		want bool
+	}{
+		{"foobar", true},
+		{"foo", true},
+		{"bar", false},
+		{"field", false},
+	} {
+		if opts.Contains(tt.opt) != tt.want {
+			t.Errorf("Contains(%q) = %v", tt.opt, !tt.want)
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/google/go-querystring/README.md juju-core-2.0~beta12/src/github.com/google/go-querystring/README.md
--- juju-core-2.0~beta7/src/github.com/google/go-querystring/README.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/google/go-querystring/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,39 @@
+# go-querystring #
+
+go-querystring is Go library for encoding structs into URL query parameters.
+
+
+**Documentation:** <http://godoc.org/github.com/google/go-querystring/query>  
+**Build Status:** [![Build Status](https://drone.io/github.com/google/go-querystring/status.png)](https://drone.io/github.com/google/go-querystring/latest)  
+
+## Usage ##
+
+```go
+import "github.com/google/go-querystring/query"
+```
+
+go-querystring is designed to assist in scenarios where you want to construct a
+URL using a struct that represents the URL query parameters.  You might do this
+to enforce the type safety of your parameters, for example, as is done in the
+[go-github][] library.
+
+The query package exports a single `Values()` function.  A simple example:
+
+```go
+type Options struct {
+  Query   string `url:"q"`
+  ShowAll bool   `url:"all"`
+  Page    int    `url:"page"`
+}
+
+opt := Options{ "foo", true, 2 }
+v, _ := query.Values(opt)
+fmt.Print(v.Encode()) // will output: "q=foo&all=true&page=2"
+```
+
+[go-github]: https://github.com/google/go-github/commit/994f6f8405f052a117d2d0b500054341048fbb08
+
+## License ##
+
+This library is distributed under the BSD-style license found in the [LICENSE](./LICENSE)
+file.
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/cache.go juju-core-2.0~beta12/src/github.com/gorilla/schema/cache.go
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/cache.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/cache.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,245 @@
+// Copyright 2012 The Gorilla Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package schema
+
+import (
+	"errors"
+	"reflect"
+	"strconv"
+	"strings"
+	"sync"
+)
+
+var invalidPath = errors.New("schema: invalid path")
+
+// newCache returns a new cache.
+func newCache() *cache {
+	c := cache{
+		m:       make(map[reflect.Type]*structInfo),
+		conv:    make(map[reflect.Kind]Converter),
+		regconv: make(map[reflect.Type]Converter),
+		tag:     "schema",
+	}
+	for k, v := range converters {
+		c.conv[k] = v
+	}
+	return &c
+}
+
+// cache caches meta-data about a struct.
+type cache struct {
+	l       sync.RWMutex
+	m       map[reflect.Type]*structInfo
+	conv    map[reflect.Kind]Converter
+	regconv map[reflect.Type]Converter
+	tag     string
+}
+
+// parsePath parses a path in dotted notation verifying that it is a valid
+// path to a struct field.
+//
+// It returns "path parts" which contain indices to fields to be used by
+// reflect.Value.FieldByString(). Multiple parts are required for slices of
+// structs.
+func (c *cache) parsePath(p string, t reflect.Type) ([]pathPart, error) {
+	var struc *structInfo
+	var field *fieldInfo
+	var index64 int64
+	var err error
+	parts := make([]pathPart, 0)
+	path := make([]string, 0)
+	keys := strings.Split(p, ".")
+	for i := 0; i < len(keys); i++ {
+		if t.Kind() != reflect.Struct {
+			return nil, invalidPath
+		}
+		if struc = c.get(t); struc == nil {
+			return nil, invalidPath
+		}
+		if field = struc.get(keys[i]); field == nil {
+			return nil, invalidPath
+		}
+		// Valid field. Append index.
+		path = append(path, field.name)
+		if field.ss {
+			// Parse a special case: slices of structs.
+			// i+1 must be the slice index.
+			//
+			// Now that struct can implements TextUnmarshaler interface,
+			// we don't need to force the struct's fields to appear in the path.
+			// So checking i+2 is not necessary anymore.
+			i++
+			if i+1 > len(keys) {
+				return nil, invalidPath
+			}
+			if index64, err = strconv.ParseInt(keys[i], 10, 0); err != nil {
+				return nil, invalidPath
+			}
+			parts = append(parts, pathPart{
+				path:  path,
+				field: field,
+				index: int(index64),
+			})
+			path = make([]string, 0)
+
+			// Get the next struct type, dropping ptrs.
+			if field.typ.Kind() == reflect.Ptr {
+				t = field.typ.Elem()
+			} else {
+				t = field.typ
+			}
+			if t.Kind() == reflect.Slice {
+				t = t.Elem()
+				if t.Kind() == reflect.Ptr {
+					t = t.Elem()
+				}
+			}
+		} else if field.typ.Kind() == reflect.Ptr {
+			t = field.typ.Elem()
+		} else {
+			t = field.typ
+		}
+	}
+	// Add the remaining.
+	parts = append(parts, pathPart{
+		path:  path,
+		field: field,
+		index: -1,
+	})
+	return parts, nil
+}
+
+// get returns a cached structInfo, creating it if necessary.
+func (c *cache) get(t reflect.Type) *structInfo {
+	c.l.RLock()
+	info := c.m[t]
+	c.l.RUnlock()
+	if info == nil {
+		info = c.create(t, nil)
+		c.l.Lock()
+		c.m[t] = info
+		c.l.Unlock()
+	}
+	return info
+}
+
+// create creates a structInfo with meta-data about a struct.
+func (c *cache) create(t reflect.Type, info *structInfo) *structInfo {
+	if info == nil {
+		info = &structInfo{fields: []*fieldInfo{}}
+	}
+	for i := 0; i < t.NumField(); i++ {
+		field := t.Field(i)
+		if field.Anonymous {
+			ft := field.Type
+			if ft.Kind() == reflect.Ptr {
+				ft = ft.Elem()
+			}
+			if ft.Kind() == reflect.Struct {
+				c.create(ft, info)
+			}
+		}
+		c.createField(field, info)
+	}
+	return info
+}
+
+// createField creates a fieldInfo for the given field.
+func (c *cache) createField(field reflect.StructField, info *structInfo) {
+	alias := fieldAlias(field, c.tag)
+	if alias == "-" {
+		// Ignore this field.
+		return
+	}
+	// Check if the type is supported and don't cache it if not.
+	// First let's get the basic type.
+	isSlice, isStruct := false, false
+	ft := field.Type
+	if ft.Kind() == reflect.Ptr {
+		ft = ft.Elem()
+	}
+	if isSlice = ft.Kind() == reflect.Slice; isSlice {
+		ft = ft.Elem()
+		if ft.Kind() == reflect.Ptr {
+			ft = ft.Elem()
+		}
+	}
+	if ft.Kind() == reflect.Array {
+		ft = ft.Elem()
+		if ft.Kind() == reflect.Ptr {
+			ft = ft.Elem()
+		}
+	}
+	if isStruct = ft.Kind() == reflect.Struct; !isStruct {
+		if conv := c.conv[ft.Kind()]; conv == nil {
+			// Type is not supported.
+			return
+		}
+	}
+
+	info.fields = append(info.fields, &fieldInfo{
+		typ:   field.Type,
+		name:  field.Name,
+		ss:    isSlice && isStruct,
+		alias: alias,
+	})
+}
+
+// converter returns the converter for a type.
+func (c *cache) converter(t reflect.Type) Converter {
+	conv := c.regconv[t]
+	if conv == nil {
+		conv = c.conv[t.Kind()]
+	}
+	return conv
+}
+
+// ----------------------------------------------------------------------------
+
+type structInfo struct {
+	fields []*fieldInfo
+}
+
+func (i *structInfo) get(alias string) *fieldInfo {
+	for _, field := range i.fields {
+		if strings.EqualFold(field.alias, alias) {
+			return field
+		}
+	}
+	return nil
+}
+
+type fieldInfo struct {
+	typ   reflect.Type
+	name  string // field name in the struct.
+	ss    bool   // true if this is a slice of structs.
+	alias string
+}
+
+type pathPart struct {
+	field *fieldInfo
+	path  []string // path to the field: walks structs using field names.
+	index int      // struct index in slices of structs.
+}
+
+// ----------------------------------------------------------------------------
+
+// fieldAlias parses a field tag to get a field alias.
+func fieldAlias(field reflect.StructField, tagName string) string {
+	var alias string
+	if tag := field.Tag.Get(tagName); tag != "" {
+		// For now tags only support the name but let's follow the
+		// comma convention from encoding/json and others.
+		if idx := strings.Index(tag, ","); idx == -1 {
+			alias = tag
+		} else {
+			alias = tag[:idx]
+		}
+	}
+	if alias == "" {
+		alias = field.Name
+	}
+	return alias
+}
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/converter.go juju-core-2.0~beta12/src/github.com/gorilla/schema/converter.go
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/converter.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/converter.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,145 @@
+// Copyright 2012 The Gorilla Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package schema
+
+import (
+	"reflect"
+	"strconv"
+)
+
+type Converter func(string) reflect.Value
+
+var (
+	invalidValue = reflect.Value{}
+	boolType     = reflect.Bool
+	float32Type  = reflect.Float32
+	float64Type  = reflect.Float64
+	intType      = reflect.Int
+	int8Type     = reflect.Int8
+	int16Type    = reflect.Int16
+	int32Type    = reflect.Int32
+	int64Type    = reflect.Int64
+	stringType   = reflect.String
+	uintType     = reflect.Uint
+	uint8Type    = reflect.Uint8
+	uint16Type   = reflect.Uint16
+	uint32Type   = reflect.Uint32
+	uint64Type   = reflect.Uint64
+)
+
+// Default converters for basic types.
+var converters = map[reflect.Kind]Converter{
+	boolType:    convertBool,
+	float32Type: convertFloat32,
+	float64Type: convertFloat64,
+	intType:     convertInt,
+	int8Type:    convertInt8,
+	int16Type:   convertInt16,
+	int32Type:   convertInt32,
+	int64Type:   convertInt64,
+	stringType:  convertString,
+	uintType:    convertUint,
+	uint8Type:   convertUint8,
+	uint16Type:  convertUint16,
+	uint32Type:  convertUint32,
+	uint64Type:  convertUint64,
+}
+
+func convertBool(value string) reflect.Value {
+	if value == "on" {
+		return reflect.ValueOf(true)
+	} else if v, err := strconv.ParseBool(value); err == nil {
+		return reflect.ValueOf(v)
+	}
+	return invalidValue
+}
+
+func convertFloat32(value string) reflect.Value {
+	if v, err := strconv.ParseFloat(value, 32); err == nil {
+		return reflect.ValueOf(float32(v))
+	}
+	return invalidValue
+}
+
+func convertFloat64(value string) reflect.Value {
+	if v, err := strconv.ParseFloat(value, 64); err == nil {
+		return reflect.ValueOf(v)
+	}
+	return invalidValue
+}
+
+func convertInt(value string) reflect.Value {
+	if v, err := strconv.ParseInt(value, 10, 0); err == nil {
+		return reflect.ValueOf(int(v))
+	}
+	return invalidValue
+}
+
+func convertInt8(value string) reflect.Value {
+	if v, err := strconv.ParseInt(value, 10, 8); err == nil {
+		return reflect.ValueOf(int8(v))
+	}
+	return invalidValue
+}
+
+func convertInt16(value string) reflect.Value {
+	if v, err := strconv.ParseInt(value, 10, 16); err == nil {
+		return reflect.ValueOf(int16(v))
+	}
+	return invalidValue
+}
+
+func convertInt32(value string) reflect.Value {
+	if v, err := strconv.ParseInt(value, 10, 32); err == nil {
+		return reflect.ValueOf(int32(v))
+	}
+	return invalidValue
+}
+
+func convertInt64(value string) reflect.Value {
+	if v, err := strconv.ParseInt(value, 10, 64); err == nil {
+		return reflect.ValueOf(v)
+	}
+	return invalidValue
+}
+
+func convertString(value string) reflect.Value {
+	return reflect.ValueOf(value)
+}
+
+func convertUint(value string) reflect.Value {
+	if v, err := strconv.ParseUint(value, 10, 0); err == nil {
+		return reflect.ValueOf(uint(v))
+	}
+	return invalidValue
+}
+
+func convertUint8(value string) reflect.Value {
+	if v, err := strconv.ParseUint(value, 10, 8); err == nil {
+		return reflect.ValueOf(uint8(v))
+	}
+	return invalidValue
+}
+
+func convertUint16(value string) reflect.Value {
+	if v, err := strconv.ParseUint(value, 10, 16); err == nil {
+		return reflect.ValueOf(uint16(v))
+	}
+	return invalidValue
+}
+
+func convertUint32(value string) reflect.Value {
+	if v, err := strconv.ParseUint(value, 10, 32); err == nil {
+		return reflect.ValueOf(uint32(v))
+	}
+	return invalidValue
+}
+
+func convertUint64(value string) reflect.Value {
+	if v, err := strconv.ParseUint(value, 10, 64); err == nil {
+		return reflect.ValueOf(v)
+	}
+	return invalidValue
+}
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/decoder.go juju-core-2.0~beta12/src/github.com/gorilla/schema/decoder.go
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/decoder.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/decoder.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,299 @@
+// Copyright 2012 The Gorilla Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package schema
+
+import (
+	"encoding"
+	"errors"
+	"fmt"
+	"reflect"
+	"strings"
+)
+
+// NewDecoder returns a new Decoder.
+func NewDecoder() *Decoder {
+	return &Decoder{cache: newCache()}
+}
+
+// Decoder decodes values from a map[string][]string to a struct.
+type Decoder struct {
+	cache             *cache
+	zeroEmpty         bool
+	ignoreUnknownKeys bool
+}
+
+// SetAliasTag changes the tag used to locate custom field aliases.
+// The default tag is "schema".
+func (d *Decoder) SetAliasTag(tag string) {
+	d.cache.tag = tag
+}
+
+// ZeroEmpty controls the behaviour when the decoder encounters empty values
+// in a map.
+// If z is true and a key in the map has the empty string as a value
+// then the corresponding struct field is set to the zero value.
+// If z is false then empty strings are ignored.
+//
+// The default value is false, that is empty values do not change
+// the value of the struct field.
+func (d *Decoder) ZeroEmpty(z bool) {
+	d.zeroEmpty = z
+}
+
+// IgnoreUnknownKeys controls the behaviour when the decoder encounters unknown
+// keys in the map.
+// If i is true and an unknown field is encountered, it is ignored. This is
+// similar to how unknown keys are handled by encoding/json.
+// If i is false then Decode will return an error. Note that any valid keys
+// will still be decoded in to the target struct.
+//
+// To preserve backwards compatibility, the default value is false.
+func (d *Decoder) IgnoreUnknownKeys(i bool) {
+	d.ignoreUnknownKeys = i
+}
+
+// RegisterConverter registers a converter function for a custom type.
+func (d *Decoder) RegisterConverter(value interface{}, converterFunc Converter) {
+	d.cache.regconv[reflect.TypeOf(value)] = converterFunc
+}
+
+// Decode decodes a map[string][]string to a struct.
+//
+// The first parameter must be a pointer to a struct.
+//
+// The second parameter is a map, typically url.Values from an HTTP request.
+// Keys are "paths" in dotted notation to the struct fields and nested structs.
+//
+// See the package documentation for a full explanation of the mechanics.
+func (d *Decoder) Decode(dst interface{}, src map[string][]string) error {
+	v := reflect.ValueOf(dst)
+	if v.Kind() != reflect.Ptr || v.Elem().Kind() != reflect.Struct {
+		return errors.New("schema: interface must be a pointer to struct")
+	}
+	v = v.Elem()
+	t := v.Type()
+	errors := MultiError{}
+	for path, values := range src {
+		if parts, err := d.cache.parsePath(path, t); err == nil {
+			if err = d.decode(v, path, parts, values); err != nil {
+				errors[path] = err
+			}
+		} else if !d.ignoreUnknownKeys {
+			errors[path] = fmt.Errorf("schema: invalid path %q", path)
+		}
+	}
+	if len(errors) > 0 {
+		return errors
+	}
+	return nil
+}
+
+// decode fills a struct field using a parsed path.
+func (d *Decoder) decode(v reflect.Value, path string, parts []pathPart, values []string) error {
+	// Get the field walking the struct fields by index.
+	for _, name := range parts[0].path {
+		if v.Type().Kind() == reflect.Ptr {
+			if v.IsNil() {
+				v.Set(reflect.New(v.Type().Elem()))
+			}
+			v = v.Elem()
+		}
+		v = v.FieldByName(name)
+	}
+
+	// Don't even bother for unexported fields.
+	if !v.CanSet() {
+		return nil
+	}
+
+	// Dereference if needed.
+	t := v.Type()
+	if t.Kind() == reflect.Ptr {
+		t = t.Elem()
+		if v.IsNil() {
+			v.Set(reflect.New(t))
+		}
+		v = v.Elem()
+	}
+
+	// Slice of structs. Let's go recursive.
+	if len(parts) > 1 {
+		idx := parts[0].index
+		if v.IsNil() || v.Len() < idx+1 {
+			value := reflect.MakeSlice(t, idx+1, idx+1)
+			if v.Len() < idx+1 {
+				// Resize it.
+				reflect.Copy(value, v)
+			}
+			v.Set(value)
+		}
+		return d.decode(v.Index(idx), path, parts[1:], values)
+	}
+
+	// Get the converter early in case there is one for a slice type.
+	conv := d.cache.converter(t)
+	if conv == nil && t.Kind() == reflect.Slice {
+		var items []reflect.Value
+		elemT := t.Elem()
+		isPtrElem := elemT.Kind() == reflect.Ptr
+		if isPtrElem {
+			elemT = elemT.Elem()
+		}
+
+		// Try to get a converter for the element type.
+		conv := d.cache.converter(elemT)
+		if conv == nil {
+			// As we are not dealing with slice of structs here, we don't need to check if the type
+			// implements TextUnmarshaler interface
+			return fmt.Errorf("schema: converter not found for %v", elemT)
+		}
+
+		for key, value := range values {
+			if value == "" {
+				if d.zeroEmpty {
+					items = append(items, reflect.Zero(elemT))
+				}
+			} else if item := conv(value); item.IsValid() {
+				if isPtrElem {
+					ptr := reflect.New(elemT)
+					ptr.Elem().Set(item)
+					item = ptr
+				}
+				if item.Type() != elemT && !isPtrElem {
+					item = item.Convert(elemT)
+				}
+				items = append(items, item)
+			} else {
+				if strings.Contains(value, ",") {
+					values := strings.Split(value, ",")
+					for _, value := range values {
+						if value == "" {
+							if d.zeroEmpty {
+								items = append(items, reflect.Zero(elemT))
+							}
+						} else if item := conv(value); item.IsValid() {
+							if isPtrElem {
+								ptr := reflect.New(elemT)
+								ptr.Elem().Set(item)
+								item = ptr
+							}
+							if item.Type() != elemT && !isPtrElem {
+								item = item.Convert(elemT)
+							}
+							items = append(items, item)
+						} else {
+							return ConversionError{
+								Key:   path,
+								Type:  elemT,
+								Index: key,
+							}
+						}
+					}
+				} else {
+					return ConversionError{
+						Key:   path,
+						Type:  elemT,
+						Index: key,
+					}
+				}
+			}
+		}
+		value := reflect.Append(reflect.MakeSlice(t, 0, 0), items...)
+		v.Set(value)
+	} else {
+		val := ""
+		// Use the last value provided if any values were provided
+		if len(values) > 0 {
+			val = values[len(values)-1]
+		}
+
+		if val == "" {
+			if d.zeroEmpty {
+				v.Set(reflect.Zero(t))
+			}
+		} else if conv != nil {
+			if value := conv(val); value.IsValid() {
+				v.Set(value.Convert(t))
+			} else {
+				return ConversionError{
+					Key:   path,
+					Type:  t,
+					Index: -1,
+				}
+			}
+		} else {
+			// When there's no registered conversion for the custom type, we will check if the type
+			// implements the TextUnmarshaler interface. As the UnmarshalText function should be applied
+			// to the pointer of the type, we convert the value to pointer.
+			if v.CanAddr() {
+				v = v.Addr()
+			}
+
+			if u, ok := v.Interface().(encoding.TextUnmarshaler); ok {
+				if err := u.UnmarshalText([]byte(val)); err != nil {
+					return ConversionError{
+						Key:   path,
+						Type:  t,
+						Index: -1,
+						Err:   err,
+					}
+				}
+
+			} else {
+				return fmt.Errorf("schema: converter not found for %v", t)
+			}
+		}
+	}
+	return nil
+}
+
+// Errors ---------------------------------------------------------------------
+
+// ConversionError stores information about a failed conversion.
+type ConversionError struct {
+	Key   string       // key from the source map.
+	Type  reflect.Type // expected type of elem
+	Index int          // index for multi-value fields; -1 for single-value fields.
+	Err   error        // low-level error (when it exists)
+}
+
+func (e ConversionError) Error() string {
+	var output string
+
+	if e.Index < 0 {
+		output = fmt.Sprintf("schema: error converting value for %q", e.Key)
+	} else {
+		output = fmt.Sprintf("schema: error converting value for index %d of %q",
+			e.Index, e.Key)
+	}
+
+	if e.Err != nil {
+		output = fmt.Sprintf("%s. Details: %s", output, e.Err)
+	}
+
+	return output
+}
+
+// MultiError stores multiple decoding errors.
+//
+// Borrowed from the App Engine SDK.
+type MultiError map[string]error
+
+func (e MultiError) Error() string {
+	s := ""
+	for _, err := range e {
+		s = err.Error()
+		break
+	}
+	switch len(e) {
+	case 0:
+		return "(0 errors)"
+	case 1:
+		return s
+	case 2:
+		return s + " (and 1 other error)"
+	}
+	return fmt.Sprintf("%s (and %d other errors)", s, len(e)-1)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/decoder_test.go juju-core-2.0~beta12/src/github.com/gorilla/schema/decoder_test.go
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/decoder_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/decoder_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,1391 @@
+// Copyright 2012 The Gorilla Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package schema
+
+import (
+	"encoding/hex"
+	"errors"
+	"reflect"
+	"strings"
+	"testing"
+	"time"
+)
+
+type IntAlias int
+
+// All cases we want to cover, in a nutshell.
+type S1 struct {
+	F01 int        `schema:"f1"`
+	F02 *int       `schema:"f2"`
+	F03 []int      `schema:"f3"`
+	F04 []*int     `schema:"f4"`
+	F05 *[]int     `schema:"f5"`
+	F06 *[]*int    `schema:"f6"`
+	F07 S2         `schema:"f7"`
+	F08 *S1        `schema:"f8"`
+	F09 int        `schema:"-"`
+	F10 []S1       `schema:"f10"`
+	F11 []*S1      `schema:"f11"`
+	F12 *[]S1      `schema:"f12"`
+	F13 *[]*S1     `schema:"f13"`
+	F14 int        `schema:"f14"`
+	F15 IntAlias   `schema:"f15"`
+	F16 []IntAlias `schema:"f16"`
+	F17 S19        `schema:"f17"`
+}
+
+type S2 struct {
+	F01 *[]*int `schema:"f1"`
+}
+
+type S19 [2]byte
+
+func (id *S19) UnmarshalText(text []byte) error {
+	buf, err := hex.DecodeString(string(text))
+	if err != nil {
+		return err
+	}
+	if len(buf) > len(*id) {
+		return errors.New("out of range")
+	}
+	for i := range buf {
+		(*id)[i] = buf[i]
+	}
+	return nil
+}
+
+func TestAll(t *testing.T) {
+	v := map[string][]string{
+		"f1":             {"1"},
+		"f2":             {"2"},
+		"f3":             {"31", "32"},
+		"f4":             {"41", "42"},
+		"f5":             {"51", "52"},
+		"f6":             {"61", "62"},
+		"f7.f1":          {"71", "72"},
+		"f8.f8.f7.f1":    {"81", "82"},
+		"f9":             {"9"},
+		"f10.0.f10.0.f6": {"101", "102"},
+		"f10.0.f10.1.f6": {"103", "104"},
+		"f11.0.f11.0.f6": {"111", "112"},
+		"f11.0.f11.1.f6": {"113", "114"},
+		"f12.0.f12.0.f6": {"121", "122"},
+		"f12.0.f12.1.f6": {"123", "124"},
+		"f13.0.f13.0.f6": {"131", "132"},
+		"f13.0.f13.1.f6": {"133", "134"},
+		"f14":            {},
+		"f15":            {"151"},
+		"f16":            {"161", "162"},
+		"f17":            {"1a2b"},
+	}
+	f2 := 2
+	f41, f42 := 41, 42
+	f61, f62 := 61, 62
+	f71, f72 := 71, 72
+	f81, f82 := 81, 82
+	f101, f102, f103, f104 := 101, 102, 103, 104
+	f111, f112, f113, f114 := 111, 112, 113, 114
+	f121, f122, f123, f124 := 121, 122, 123, 124
+	f131, f132, f133, f134 := 131, 132, 133, 134
+	var f151 IntAlias = 151
+	var f161, f162 IntAlias = 161, 162
+	e := S1{
+		F01: 1,
+		F02: &f2,
+		F03: []int{31, 32},
+		F04: []*int{&f41, &f42},
+		F05: &[]int{51, 52},
+		F06: &[]*int{&f61, &f62},
+		F07: S2{
+			F01: &[]*int{&f71, &f72},
+		},
+		F08: &S1{
+			F08: &S1{
+				F07: S2{
+					F01: &[]*int{&f81, &f82},
+				},
+			},
+		},
+		F09: 0,
+		F10: []S1{
+			S1{
+				F10: []S1{
+					S1{F06: &[]*int{&f101, &f102}},
+					S1{F06: &[]*int{&f103, &f104}},
+				},
+			},
+		},
+		F11: []*S1{
+			&S1{
+				F11: []*S1{
+					&S1{F06: &[]*int{&f111, &f112}},
+					&S1{F06: &[]*int{&f113, &f114}},
+				},
+			},
+		},
+		F12: &[]S1{
+			S1{
+				F12: &[]S1{
+					S1{F06: &[]*int{&f121, &f122}},
+					S1{F06: &[]*int{&f123, &f124}},
+				},
+			},
+		},
+		F13: &[]*S1{
+			&S1{
+				F13: &[]*S1{
+					&S1{F06: &[]*int{&f131, &f132}},
+					&S1{F06: &[]*int{&f133, &f134}},
+				},
+			},
+		},
+		F14: 0,
+		F15: f151,
+		F16: []IntAlias{f161, f162},
+		F17: S19{0x1a, 0x2b},
+	}
+
+	s := &S1{}
+	_ = NewDecoder().Decode(s, v)
+
+	vals := func(values []*int) []int {
+		r := make([]int, len(values))
+		for k, v := range values {
+			r[k] = *v
+		}
+		return r
+	}
+
+	if s.F01 != e.F01 {
+		t.Errorf("f1: expected %v, got %v", e.F01, s.F01)
+	}
+	if s.F02 == nil {
+		t.Errorf("f2: expected %v, got nil", *e.F02)
+	} else if *s.F02 != *e.F02 {
+		t.Errorf("f2: expected %v, got %v", *e.F02, *s.F02)
+	}
+	if s.F03 == nil {
+		t.Errorf("f3: expected %v, got nil", e.F03)
+	} else if len(s.F03) != 2 || s.F03[0] != e.F03[0] || s.F03[1] != e.F03[1] {
+		t.Errorf("f3: expected %v, got %v", e.F03, s.F03)
+	}
+	if s.F04 == nil {
+		t.Errorf("f4: expected %v, got nil", e.F04)
+	} else {
+		if len(s.F04) != 2 || *(s.F04)[0] != *(e.F04)[0] || *(s.F04)[1] != *(e.F04)[1] {
+			t.Errorf("f4: expected %v, got %v", vals(e.F04), vals(s.F04))
+		}
+	}
+	if s.F05 == nil {
+		t.Errorf("f5: expected %v, got nil", e.F05)
+	} else {
+		sF05, eF05 := *s.F05, *e.F05
+		if len(sF05) != 2 || sF05[0] != eF05[0] || sF05[1] != eF05[1] {
+			t.Errorf("f5: expected %v, got %v", eF05, sF05)
+		}
+	}
+	if s.F06 == nil {
+		t.Errorf("f6: expected %v, got nil", vals(*e.F06))
+	} else {
+		sF06, eF06 := *s.F06, *e.F06
+		if len(sF06) != 2 || *(sF06)[0] != *(eF06)[0] || *(sF06)[1] != *(eF06)[1] {
+			t.Errorf("f6: expected %v, got %v", vals(eF06), vals(sF06))
+		}
+	}
+	if s.F07.F01 == nil {
+		t.Errorf("f7.f1: expected %v, got nil", vals(*e.F07.F01))
+	} else {
+		sF07, eF07 := *s.F07.F01, *e.F07.F01
+		if len(sF07) != 2 || *(sF07)[0] != *(eF07)[0] || *(sF07)[1] != *(eF07)[1] {
+			t.Errorf("f7.f1: expected %v, got %v", vals(eF07), vals(sF07))
+		}
+	}
+	if s.F08 == nil {
+		t.Errorf("f8: got nil")
+	} else if s.F08.F08 == nil {
+		t.Errorf("f8.f8: got nil")
+	} else if s.F08.F08.F07.F01 == nil {
+		t.Errorf("f8.f8.f7.f1: expected %v, got nil", vals(*e.F08.F08.F07.F01))
+	} else {
+		sF08, eF08 := *s.F08.F08.F07.F01, *e.F08.F08.F07.F01
+		if len(sF08) != 2 || *(sF08)[0] != *(eF08)[0] || *(sF08)[1] != *(eF08)[1] {
+			t.Errorf("f8.f8.f7.f1: expected %v, got %v", vals(eF08), vals(sF08))
+		}
+	}
+	if s.F09 != e.F09 {
+		t.Errorf("f9: expected %v, got %v", e.F09, s.F09)
+	}
+	if s.F10 == nil {
+		t.Errorf("f10: got nil")
+	} else if len(s.F10) != 1 {
+		t.Errorf("f10: expected 1 element, got %v", s.F10)
+	} else {
+		if len(s.F10[0].F10) != 2 {
+			t.Errorf("f10.0.f10: expected 1 element, got %v", s.F10[0].F10)
+		} else {
+			sF10, eF10 := *s.F10[0].F10[0].F06, *e.F10[0].F10[0].F06
+			if sF10 == nil {
+				t.Errorf("f10.0.f10.0.f6: expected %v, got nil", vals(eF10))
+			} else {
+				if len(sF10) != 2 || *(sF10)[0] != *(eF10)[0] || *(sF10)[1] != *(eF10)[1] {
+					t.Errorf("f10.0.f10.0.f6: expected %v, got %v", vals(eF10), vals(sF10))
+				}
+			}
+			sF10, eF10 = *s.F10[0].F10[1].F06, *e.F10[0].F10[1].F06
+			if sF10 == nil {
+				t.Errorf("f10.0.f10.0.f6: expected %v, got nil", vals(eF10))
+			} else {
+				if len(sF10) != 2 || *(sF10)[0] != *(eF10)[0] || *(sF10)[1] != *(eF10)[1] {
+					t.Errorf("f10.0.f10.0.f6: expected %v, got %v", vals(eF10), vals(sF10))
+				}
+			}
+		}
+	}
+	if s.F11 == nil {
+		t.Errorf("f11: got nil")
+	} else if len(s.F11) != 1 {
+		t.Errorf("f11: expected 1 element, got %v", s.F11)
+	} else {
+		if len(s.F11[0].F11) != 2 {
+			t.Errorf("f11.0.f11: expected 1 element, got %v", s.F11[0].F11)
+		} else {
+			sF11, eF11 := *s.F11[0].F11[0].F06, *e.F11[0].F11[0].F06
+			if sF11 == nil {
+				t.Errorf("f11.0.f11.0.f6: expected %v, got nil", vals(eF11))
+			} else {
+				if len(sF11) != 2 || *(sF11)[0] != *(eF11)[0] || *(sF11)[1] != *(eF11)[1] {
+					t.Errorf("f11.0.f11.0.f6: expected %v, got %v", vals(eF11), vals(sF11))
+				}
+			}
+			sF11, eF11 = *s.F11[0].F11[1].F06, *e.F11[0].F11[1].F06
+			if sF11 == nil {
+				t.Errorf("f11.0.f11.0.f6: expected %v, got nil", vals(eF11))
+			} else {
+				if len(sF11) != 2 || *(sF11)[0] != *(eF11)[0] || *(sF11)[1] != *(eF11)[1] {
+					t.Errorf("f11.0.f11.0.f6: expected %v, got %v", vals(eF11), vals(sF11))
+				}
+			}
+		}
+	}
+	if s.F12 == nil {
+		t.Errorf("f12: got nil")
+	} else if len(*s.F12) != 1 {
+		t.Errorf("f12: expected 1 element, got %v", *s.F12)
+	} else {
+		sF12, eF12 := *(s.F12), *(e.F12)
+		if len(*sF12[0].F12) != 2 {
+			t.Errorf("f12.0.f12: expected 1 element, got %v", *sF12[0].F12)
+		} else {
+			sF122, eF122 := *(*sF12[0].F12)[0].F06, *(*eF12[0].F12)[0].F06
+			if sF122 == nil {
+				t.Errorf("f12.0.f12.0.f6: expected %v, got nil", vals(eF122))
+			} else {
+				if len(sF122) != 2 || *(sF122)[0] != *(eF122)[0] || *(sF122)[1] != *(eF122)[1] {
+					t.Errorf("f12.0.f12.0.f6: expected %v, got %v", vals(eF122), vals(sF122))
+				}
+			}
+			sF122, eF122 = *(*sF12[0].F12)[1].F06, *(*eF12[0].F12)[1].F06
+			if sF122 == nil {
+				t.Errorf("f12.0.f12.0.f6: expected %v, got nil", vals(eF122))
+			} else {
+				if len(sF122) != 2 || *(sF122)[0] != *(eF122)[0] || *(sF122)[1] != *(eF122)[1] {
+					t.Errorf("f12.0.f12.0.f6: expected %v, got %v", vals(eF122), vals(sF122))
+				}
+			}
+		}
+	}
+	if s.F13 == nil {
+		t.Errorf("f13: got nil")
+	} else if len(*s.F13) != 1 {
+		t.Errorf("f13: expected 1 element, got %v", *s.F13)
+	} else {
+		sF13, eF13 := *(s.F13), *(e.F13)
+		if len(*sF13[0].F13) != 2 {
+			t.Errorf("f13.0.f13: expected 1 element, got %v", *sF13[0].F13)
+		} else {
+			sF132, eF132 := *(*sF13[0].F13)[0].F06, *(*eF13[0].F13)[0].F06
+			if sF132 == nil {
+				t.Errorf("f13.0.f13.0.f6: expected %v, got nil", vals(eF132))
+			} else {
+				if len(sF132) != 2 || *(sF132)[0] != *(eF132)[0] || *(sF132)[1] != *(eF132)[1] {
+					t.Errorf("f13.0.f13.0.f6: expected %v, got %v", vals(eF132), vals(sF132))
+				}
+			}
+			sF132, eF132 = *(*sF13[0].F13)[1].F06, *(*eF13[0].F13)[1].F06
+			if sF132 == nil {
+				t.Errorf("f13.0.f13.0.f6: expected %v, got nil", vals(eF132))
+			} else {
+				if len(sF132) != 2 || *(sF132)[0] != *(eF132)[0] || *(sF132)[1] != *(eF132)[1] {
+					t.Errorf("f13.0.f13.0.f6: expected %v, got %v", vals(eF132), vals(sF132))
+				}
+			}
+		}
+	}
+	if s.F14 != e.F14 {
+		t.Errorf("f14: expected %v, got %v", e.F14, s.F14)
+	}
+	if s.F15 != e.F15 {
+		t.Errorf("f15: expected %v, got %v", e.F15, s.F15)
+	}
+	if s.F16 == nil {
+		t.Errorf("f16: nil")
+	} else if len(s.F16) != len(e.F16) {
+		t.Errorf("f16: expected len %d, got %d", len(e.F16), len(s.F16))
+	} else if !reflect.DeepEqual(s.F16, e.F16) {
+		t.Errorf("f16: expected %v, got %v", e.F16, s.F16)
+	}
+	if s.F17 != e.F17 {
+		t.Errorf("f17: expected %v, got %v", e.F17, s.F17)
+	}
+}
+
+func BenchmarkAll(b *testing.B) {
+	v := map[string][]string{
+		"f1":             {"1"},
+		"f2":             {"2"},
+		"f3":             {"31", "32"},
+		"f4":             {"41", "42"},
+		"f5":             {"51", "52"},
+		"f6":             {"61", "62"},
+		"f7.f1":          {"71", "72"},
+		"f8.f8.f7.f1":    {"81", "82"},
+		"f9":             {"9"},
+		"f10.0.f10.0.f6": {"101", "102"},
+		"f10.0.f10.1.f6": {"103", "104"},
+		"f11.0.f11.0.f6": {"111", "112"},
+		"f11.0.f11.1.f6": {"113", "114"},
+		"f12.0.f12.0.f6": {"121", "122"},
+		"f12.0.f12.1.f6": {"123", "124"},
+		"f13.0.f13.0.f6": {"131", "132"},
+		"f13.0.f13.1.f6": {"133", "134"},
+	}
+
+	b.ResetTimer()
+
+	for i := 0; i < b.N; i++ {
+		s := &S1{}
+		_ = NewDecoder().Decode(s, v)
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S3 struct {
+	F01 bool
+	F02 float32
+	F03 float64
+	F04 int
+	F05 int8
+	F06 int16
+	F07 int32
+	F08 int64
+	F09 string
+	F10 uint
+	F11 uint8
+	F12 uint16
+	F13 uint32
+	F14 uint64
+}
+
+func TestDefaultConverters(t *testing.T) {
+	v := map[string][]string{
+		"F01": {"true"},
+		"F02": {"4.2"},
+		"F03": {"4.3"},
+		"F04": {"-42"},
+		"F05": {"-43"},
+		"F06": {"-44"},
+		"F07": {"-45"},
+		"F08": {"-46"},
+		"F09": {"foo"},
+		"F10": {"42"},
+		"F11": {"43"},
+		"F12": {"44"},
+		"F13": {"45"},
+		"F14": {"46"},
+	}
+	e := S3{
+		F01: true,
+		F02: 4.2,
+		F03: 4.3,
+		F04: -42,
+		F05: -43,
+		F06: -44,
+		F07: -45,
+		F08: -46,
+		F09: "foo",
+		F10: 42,
+		F11: 43,
+		F12: 44,
+		F13: 45,
+		F14: 46,
+	}
+	s := &S3{}
+	_ = NewDecoder().Decode(s, v)
+	if s.F01 != e.F01 {
+		t.Errorf("F01: expected %v, got %v", e.F01, s.F01)
+	}
+	if s.F02 != e.F02 {
+		t.Errorf("F02: expected %v, got %v", e.F02, s.F02)
+	}
+	if s.F03 != e.F03 {
+		t.Errorf("F03: expected %v, got %v", e.F03, s.F03)
+	}
+	if s.F04 != e.F04 {
+		t.Errorf("F04: expected %v, got %v", e.F04, s.F04)
+	}
+	if s.F05 != e.F05 {
+		t.Errorf("F05: expected %v, got %v", e.F05, s.F05)
+	}
+	if s.F06 != e.F06 {
+		t.Errorf("F06: expected %v, got %v", e.F06, s.F06)
+	}
+	if s.F07 != e.F07 {
+		t.Errorf("F07: expected %v, got %v", e.F07, s.F07)
+	}
+	if s.F08 != e.F08 {
+		t.Errorf("F08: expected %v, got %v", e.F08, s.F08)
+	}
+	if s.F09 != e.F09 {
+		t.Errorf("F09: expected %v, got %v", e.F09, s.F09)
+	}
+	if s.F10 != e.F10 {
+		t.Errorf("F10: expected %v, got %v", e.F10, s.F10)
+	}
+	if s.F11 != e.F11 {
+		t.Errorf("F11: expected %v, got %v", e.F11, s.F11)
+	}
+	if s.F12 != e.F12 {
+		t.Errorf("F12: expected %v, got %v", e.F12, s.F12)
+	}
+	if s.F13 != e.F13 {
+		t.Errorf("F13: expected %v, got %v", e.F13, s.F13)
+	}
+	if s.F14 != e.F14 {
+		t.Errorf("F14: expected %v, got %v", e.F14, s.F14)
+	}
+}
+
+func TestOn(t *testing.T) {
+	v := map[string][]string{
+		"F01": {"on"},
+	}
+	s := S3{}
+	err := NewDecoder().Decode(&s, v)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !s.F01 {
+		t.Fatal("Value was not set to true")
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+func TestInlineStruct(t *testing.T) {
+	s1 := &struct {
+		F01 bool
+	}{}
+	s2 := &struct {
+		F01 int
+	}{}
+	v1 := map[string][]string{
+		"F01": {"true"},
+	}
+	v2 := map[string][]string{
+		"F01": {"42"},
+	}
+	decoder := NewDecoder()
+	_ = decoder.Decode(s1, v1)
+	if s1.F01 != true {
+		t.Errorf("s1: expected %v, got %v", true, s1.F01)
+	}
+	_ = decoder.Decode(s2, v2)
+	if s2.F01 != 42 {
+		t.Errorf("s2: expected %v, got %v", 42, s2.F01)
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type Foo struct {
+	F01 int
+	F02 Bar
+	Bif []Baz
+}
+
+type Bar struct {
+	F01 string
+	F02 string
+	F03 string
+	F14 string
+	S05 string
+	Str string
+}
+
+type Baz struct {
+	F99 []string
+}
+
+func TestSimpleExample(t *testing.T) {
+	data := map[string][]string{
+		"F01":       {"1"},
+		"F02.F01":   {"S1"},
+		"F02.F02":   {"S2"},
+		"F02.F03":   {"S3"},
+		"F02.F14":   {"S4"},
+		"F02.S05":   {"S5"},
+		"F02.Str":   {"Str"},
+		"Bif.0.F99": {"A", "B", "C"},
+	}
+
+	e := &Foo{
+		F01: 1,
+		F02: Bar{
+			F01: "S1",
+			F02: "S2",
+			F03: "S3",
+			F14: "S4",
+			S05: "S5",
+			Str: "Str",
+		},
+		Bif: []Baz{{
+			F99: []string{"A", "B", "C"}},
+		},
+	}
+
+	s := &Foo{}
+	_ = NewDecoder().Decode(s, data)
+
+	if s.F01 != e.F01 {
+		t.Errorf("F01: expected %v, got %v", e.F01, s.F01)
+	}
+	if s.F02.F01 != e.F02.F01 {
+		t.Errorf("F02.F01: expected %v, got %v", e.F02.F01, s.F02.F01)
+	}
+	if s.F02.F02 != e.F02.F02 {
+		t.Errorf("F02.F02: expected %v, got %v", e.F02.F02, s.F02.F02)
+	}
+	if s.F02.F03 != e.F02.F03 {
+		t.Errorf("F02.F03: expected %v, got %v", e.F02.F03, s.F02.F03)
+	}
+	if s.F02.F14 != e.F02.F14 {
+		t.Errorf("F02.F14: expected %v, got %v", e.F02.F14, s.F02.F14)
+	}
+	if s.F02.S05 != e.F02.S05 {
+		t.Errorf("F02.S05: expected %v, got %v", e.F02.S05, s.F02.S05)
+	}
+	if s.F02.Str != e.F02.Str {
+		t.Errorf("F02.Str: expected %v, got %v", e.F02.Str, s.F02.Str)
+	}
+	if len(s.Bif) != len(e.Bif) {
+		t.Errorf("Bif len: expected %d, got %d", len(e.Bif), len(s.Bif))
+	} else {
+		if len(s.Bif[0].F99) != len(e.Bif[0].F99) {
+			t.Errorf("Bif[0].F99 len: expected %d, got %d", len(e.Bif[0].F99), len(s.Bif[0].F99))
+		}
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S4 struct {
+	F01 int64
+	F02 float64
+	F03 bool
+}
+
+func TestConversionError(t *testing.T) {
+	data := map[string][]string{
+		"F01": {"foo"},
+		"F02": {"bar"},
+		"F03": {"baz"},
+	}
+	s := &S4{}
+	e := NewDecoder().Decode(s, data)
+
+	m := e.(MultiError)
+	if len(m) != 3 {
+		t.Errorf("Expected 3 errors, got %v", m)
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S5 struct {
+	F01 []string
+}
+
+func TestEmptyValue(t *testing.T) {
+	data := map[string][]string{
+		"F01": {"", "foo"},
+	}
+	s := &S5{}
+	NewDecoder().Decode(s, data)
+	if len(s.F01) != 1 {
+		t.Errorf("Expected 1 values in F01")
+	}
+}
+
+func TestEmptyValueZeroEmpty(t *testing.T) {
+	data := map[string][]string{
+		"F01": {"", "foo"},
+	}
+	s := S5{}
+	d := NewDecoder()
+	d.ZeroEmpty(true)
+	err := d.Decode(&s, data)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(s.F01) != 2 {
+		t.Errorf("Expected 1 values in F01")
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S6 struct {
+	id string
+}
+
+func TestUnexportedField(t *testing.T) {
+	data := map[string][]string{
+		"id": {"identifier"},
+	}
+	s := &S6{}
+	NewDecoder().Decode(s, data)
+	if s.id != "" {
+		t.Errorf("Unexported field expected to be ignored")
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S7 struct {
+	ID string
+}
+
+func TestMultipleValues(t *testing.T) {
+	data := map[string][]string{
+		"ID": {"0", "1"},
+	}
+
+	s := S7{}
+	NewDecoder().Decode(&s, data)
+	if s.ID != "1" {
+		t.Errorf("Last defined value must be used when multiple values for same field are provided")
+	}
+}
+
+type S8 struct {
+	ID string `json:"id"`
+}
+
+func TestSetAliasTag(t *testing.T) {
+	data := map[string][]string{
+		"id": {"foo"},
+	}
+
+	s := S8{}
+	dec := NewDecoder()
+	dec.SetAliasTag("json")
+	dec.Decode(&s, data)
+	if s.ID != "foo" {
+		t.Fatalf("Bad value: got %q, want %q", s.ID, "foo")
+	}
+}
+
+func TestZeroEmpty(t *testing.T) {
+	data := map[string][]string{
+		"F01": {""},
+		"F03": {"true"},
+	}
+	s := S4{1, 1, false}
+	d := NewDecoder()
+	d.ZeroEmpty(true)
+
+	err := d.Decode(&s, data)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if s.F01 != 0 {
+		t.Errorf("F01: got %v, want %v", s.F01, 0)
+	}
+	if s.F02 != 1 {
+		t.Errorf("F02: got %v, want %v", s.F02, 1)
+	}
+	if s.F03 != true {
+		t.Errorf("F03: got %v, want %v", s.F03, true)
+	}
+}
+
+func TestNoZeroEmpty(t *testing.T) {
+	data := map[string][]string{
+		"F01": {""},
+		"F03": {"true"},
+	}
+	s := S4{1, 1, false}
+	d := NewDecoder()
+	d.ZeroEmpty(false)
+	err := d.Decode(&s, data)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if s.F01 != 1 {
+		t.Errorf("F01: got %v, want %v", s.F01, 1)
+	}
+	if s.F02 != 1 {
+		t.Errorf("F02: got %v, want %v", s.F02, 1)
+	}
+	if s.F03 != true {
+		t.Errorf("F03: got %v, want %v", s.F03, true)
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S9 struct {
+	Id string
+}
+
+type S10 struct {
+	S9
+}
+
+func TestEmbeddedField(t *testing.T) {
+	data := map[string][]string{
+		"Id": {"identifier"},
+	}
+	s := &S10{}
+	NewDecoder().Decode(s, data)
+	if s.Id != "identifier" {
+		t.Errorf("Missing support for embedded fields")
+	}
+}
+
+type S11 struct {
+	S10
+}
+
+func TestMultipleLevelEmbeddedField(t *testing.T) {
+	data := map[string][]string{
+		"Id": {"identifier"},
+	}
+	s := &S11{}
+	err := NewDecoder().Decode(s, data)
+	if s.Id != "identifier" {
+		t.Errorf("Missing support for multiple-level embedded fields (%v)", err)
+	}
+}
+
+func TestInvalidPath(t *testing.T) {
+	data := map[string][]string{
+		"Foo.Bar": {"baz"},
+	}
+	s := S9{}
+	err := NewDecoder().Decode(&s, data)
+	expectedErr := `schema: invalid path "Foo.Bar"`
+	if err.Error() != expectedErr {
+		t.Fatalf("got %q, want %q", err, expectedErr)
+	}
+}
+
+func TestInvalidPathIgnoreUnknownKeys(t *testing.T) {
+	data := map[string][]string{
+		"Foo.Bar": {"baz"},
+	}
+	s := S9{}
+	dec := NewDecoder()
+	dec.IgnoreUnknownKeys(true)
+	err := dec.Decode(&s, data)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S1NT struct {
+	F1  int
+	F2  *int
+	F3  []int
+	F4  []*int
+	F5  *[]int
+	F6  *[]*int
+	F7  S2
+	F8  *S1
+	F9  int `schema:"-"`
+	F10 []S1
+	F11 []*S1
+	F12 *[]S1
+	F13 *[]*S1
+}
+
+func TestAllNT(t *testing.T) {
+	v := map[string][]string{
+		"f1":             {"1"},
+		"f2":             {"2"},
+		"f3":             {"31", "32"},
+		"f4":             {"41", "42"},
+		"f5":             {"51", "52"},
+		"f6":             {"61", "62"},
+		"f7.f1":          {"71", "72"},
+		"f8.f8.f7.f1":    {"81", "82"},
+		"f9":             {"9"},
+		"f10.0.f10.0.f6": {"101", "102"},
+		"f10.0.f10.1.f6": {"103", "104"},
+		"f11.0.f11.0.f6": {"111", "112"},
+		"f11.0.f11.1.f6": {"113", "114"},
+		"f12.0.f12.0.f6": {"121", "122"},
+		"f12.0.f12.1.f6": {"123", "124"},
+		"f13.0.f13.0.f6": {"131", "132"},
+		"f13.0.f13.1.f6": {"133", "134"},
+	}
+	f2 := 2
+	f41, f42 := 41, 42
+	f61, f62 := 61, 62
+	f71, f72 := 71, 72
+	f81, f82 := 81, 82
+	f101, f102, f103, f104 := 101, 102, 103, 104
+	f111, f112, f113, f114 := 111, 112, 113, 114
+	f121, f122, f123, f124 := 121, 122, 123, 124
+	f131, f132, f133, f134 := 131, 132, 133, 134
+	e := S1NT{
+		F1: 1,
+		F2: &f2,
+		F3: []int{31, 32},
+		F4: []*int{&f41, &f42},
+		F5: &[]int{51, 52},
+		F6: &[]*int{&f61, &f62},
+		F7: S2{
+			F01: &[]*int{&f71, &f72},
+		},
+		F8: &S1{
+			F08: &S1{
+				F07: S2{
+					F01: &[]*int{&f81, &f82},
+				},
+			},
+		},
+		F9: 0,
+		F10: []S1{
+			S1{
+				F10: []S1{
+					S1{F06: &[]*int{&f101, &f102}},
+					S1{F06: &[]*int{&f103, &f104}},
+				},
+			},
+		},
+		F11: []*S1{
+			&S1{
+				F11: []*S1{
+					&S1{F06: &[]*int{&f111, &f112}},
+					&S1{F06: &[]*int{&f113, &f114}},
+				},
+			},
+		},
+		F12: &[]S1{
+			S1{
+				F12: &[]S1{
+					S1{F06: &[]*int{&f121, &f122}},
+					S1{F06: &[]*int{&f123, &f124}},
+				},
+			},
+		},
+		F13: &[]*S1{
+			&S1{
+				F13: &[]*S1{
+					&S1{F06: &[]*int{&f131, &f132}},
+					&S1{F06: &[]*int{&f133, &f134}},
+				},
+			},
+		},
+	}
+
+	s := &S1NT{}
+	_ = NewDecoder().Decode(s, v)
+
+	vals := func(values []*int) []int {
+		r := make([]int, len(values))
+		for k, v := range values {
+			r[k] = *v
+		}
+		return r
+	}
+
+	if s.F1 != e.F1 {
+		t.Errorf("f1: expected %v, got %v", e.F1, s.F1)
+	}
+	if s.F2 == nil {
+		t.Errorf("f2: expected %v, got nil", *e.F2)
+	} else if *s.F2 != *e.F2 {
+		t.Errorf("f2: expected %v, got %v", *e.F2, *s.F2)
+	}
+	if s.F3 == nil {
+		t.Errorf("f3: expected %v, got nil", e.F3)
+	} else if len(s.F3) != 2 || s.F3[0] != e.F3[0] || s.F3[1] != e.F3[1] {
+		t.Errorf("f3: expected %v, got %v", e.F3, s.F3)
+	}
+	if s.F4 == nil {
+		t.Errorf("f4: expected %v, got nil", e.F4)
+	} else {
+		if len(s.F4) != 2 || *(s.F4)[0] != *(e.F4)[0] || *(s.F4)[1] != *(e.F4)[1] {
+			t.Errorf("f4: expected %v, got %v", vals(e.F4), vals(s.F4))
+		}
+	}
+	if s.F5 == nil {
+		t.Errorf("f5: expected %v, got nil", e.F5)
+	} else {
+		sF5, eF5 := *s.F5, *e.F5
+		if len(sF5) != 2 || sF5[0] != eF5[0] || sF5[1] != eF5[1] {
+			t.Errorf("f5: expected %v, got %v", eF5, sF5)
+		}
+	}
+	if s.F6 == nil {
+		t.Errorf("f6: expected %v, got nil", vals(*e.F6))
+	} else {
+		sF6, eF6 := *s.F6, *e.F6
+		if len(sF6) != 2 || *(sF6)[0] != *(eF6)[0] || *(sF6)[1] != *(eF6)[1] {
+			t.Errorf("f6: expected %v, got %v", vals(eF6), vals(sF6))
+		}
+	}
+	if s.F7.F01 == nil {
+		t.Errorf("f7.f1: expected %v, got nil", vals(*e.F7.F01))
+	} else {
+		sF7, eF7 := *s.F7.F01, *e.F7.F01
+		if len(sF7) != 2 || *(sF7)[0] != *(eF7)[0] || *(sF7)[1] != *(eF7)[1] {
+			t.Errorf("f7.f1: expected %v, got %v", vals(eF7), vals(sF7))
+		}
+	}
+	if s.F8 == nil {
+		t.Errorf("f8: got nil")
+	} else if s.F8.F08 == nil {
+		t.Errorf("f8.f8: got nil")
+	} else if s.F8.F08.F07.F01 == nil {
+		t.Errorf("f8.f8.f7.f1: expected %v, got nil", vals(*e.F8.F08.F07.F01))
+	} else {
+		sF8, eF8 := *s.F8.F08.F07.F01, *e.F8.F08.F07.F01
+		if len(sF8) != 2 || *(sF8)[0] != *(eF8)[0] || *(sF8)[1] != *(eF8)[1] {
+			t.Errorf("f8.f8.f7.f1: expected %v, got %v", vals(eF8), vals(sF8))
+		}
+	}
+	if s.F9 != e.F9 {
+		t.Errorf("f9: expected %v, got %v", e.F9, s.F9)
+	}
+	if s.F10 == nil {
+		t.Errorf("f10: got nil")
+	} else if len(s.F10) != 1 {
+		t.Errorf("f10: expected 1 element, got %v", s.F10)
+	} else {
+		if len(s.F10[0].F10) != 2 {
+			t.Errorf("f10.0.f10: expected 1 element, got %v", s.F10[0].F10)
+		} else {
+			sF10, eF10 := *s.F10[0].F10[0].F06, *e.F10[0].F10[0].F06
+			if sF10 == nil {
+				t.Errorf("f10.0.f10.0.f6: expected %v, got nil", vals(eF10))
+			} else {
+				if len(sF10) != 2 || *(sF10)[0] != *(eF10)[0] || *(sF10)[1] != *(eF10)[1] {
+					t.Errorf("f10.0.f10.0.f6: expected %v, got %v", vals(eF10), vals(sF10))
+				}
+			}
+			sF10, eF10 = *s.F10[0].F10[1].F06, *e.F10[0].F10[1].F06
+			if sF10 == nil {
+				t.Errorf("f10.0.f10.0.f6: expected %v, got nil", vals(eF10))
+			} else {
+				if len(sF10) != 2 || *(sF10)[0] != *(eF10)[0] || *(sF10)[1] != *(eF10)[1] {
+					t.Errorf("f10.0.f10.0.f6: expected %v, got %v", vals(eF10), vals(sF10))
+				}
+			}
+		}
+	}
+	if s.F11 == nil {
+		t.Errorf("f11: got nil")
+	} else if len(s.F11) != 1 {
+		t.Errorf("f11: expected 1 element, got %v", s.F11)
+	} else {
+		if len(s.F11[0].F11) != 2 {
+			t.Errorf("f11.0.f11: expected 1 element, got %v", s.F11[0].F11)
+		} else {
+			sF11, eF11 := *s.F11[0].F11[0].F06, *e.F11[0].F11[0].F06
+			if sF11 == nil {
+				t.Errorf("f11.0.f11.0.f6: expected %v, got nil", vals(eF11))
+			} else {
+				if len(sF11) != 2 || *(sF11)[0] != *(eF11)[0] || *(sF11)[1] != *(eF11)[1] {
+					t.Errorf("f11.0.f11.0.f6: expected %v, got %v", vals(eF11), vals(sF11))
+				}
+			}
+			sF11, eF11 = *s.F11[0].F11[1].F06, *e.F11[0].F11[1].F06
+			if sF11 == nil {
+				t.Errorf("f11.0.f11.0.f6: expected %v, got nil", vals(eF11))
+			} else {
+				if len(sF11) != 2 || *(sF11)[0] != *(eF11)[0] || *(sF11)[1] != *(eF11)[1] {
+					t.Errorf("f11.0.f11.0.f6: expected %v, got %v", vals(eF11), vals(sF11))
+				}
+			}
+		}
+	}
+	if s.F12 == nil {
+		t.Errorf("f12: got nil")
+	} else if len(*s.F12) != 1 {
+		t.Errorf("f12: expected 1 element, got %v", *s.F12)
+	} else {
+		sF12, eF12 := *(s.F12), *(e.F12)
+		if len(*sF12[0].F12) != 2 {
+			t.Errorf("f12.0.f12: expected 1 element, got %v", *sF12[0].F12)
+		} else {
+			sF122, eF122 := *(*sF12[0].F12)[0].F06, *(*eF12[0].F12)[0].F06
+			if sF122 == nil {
+				t.Errorf("f12.0.f12.0.f6: expected %v, got nil", vals(eF122))
+			} else {
+				if len(sF122) != 2 || *(sF122)[0] != *(eF122)[0] || *(sF122)[1] != *(eF122)[1] {
+					t.Errorf("f12.0.f12.0.f6: expected %v, got %v", vals(eF122), vals(sF122))
+				}
+			}
+			sF122, eF122 = *(*sF12[0].F12)[1].F06, *(*eF12[0].F12)[1].F06
+			if sF122 == nil {
+				t.Errorf("f12.0.f12.0.f6: expected %v, got nil", vals(eF122))
+			} else {
+				if len(sF122) != 2 || *(sF122)[0] != *(eF122)[0] || *(sF122)[1] != *(eF122)[1] {
+					t.Errorf("f12.0.f12.0.f6: expected %v, got %v", vals(eF122), vals(sF122))
+				}
+			}
+		}
+	}
+	if s.F13 == nil {
+		t.Errorf("f13: got nil")
+	} else if len(*s.F13) != 1 {
+		t.Errorf("f13: expected 1 element, got %v", *s.F13)
+	} else {
+		sF13, eF13 := *(s.F13), *(e.F13)
+		if len(*sF13[0].F13) != 2 {
+			t.Errorf("f13.0.f13: expected 1 element, got %v", *sF13[0].F13)
+		} else {
+			sF132, eF132 := *(*sF13[0].F13)[0].F06, *(*eF13[0].F13)[0].F06
+			if sF132 == nil {
+				t.Errorf("f13.0.f13.0.f6: expected %v, got nil", vals(eF132))
+			} else {
+				if len(sF132) != 2 || *(sF132)[0] != *(eF132)[0] || *(sF132)[1] != *(eF132)[1] {
+					t.Errorf("f13.0.f13.0.f6: expected %v, got %v", vals(eF132), vals(sF132))
+				}
+			}
+			sF132, eF132 = *(*sF13[0].F13)[1].F06, *(*eF13[0].F13)[1].F06
+			if sF132 == nil {
+				t.Errorf("f13.0.f13.0.f6: expected %v, got nil", vals(eF132))
+			} else {
+				if len(sF132) != 2 || *(sF132)[0] != *(eF132)[0] || *(sF132)[1] != *(eF132)[1] {
+					t.Errorf("f13.0.f13.0.f6: expected %v, got %v", vals(eF132), vals(sF132))
+				}
+			}
+		}
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S12A struct {
+	ID []int
+}
+
+func TestCSVSlice(t *testing.T) {
+	data := map[string][]string{
+		"ID": {"0,1"},
+	}
+
+	s := S12A{}
+	NewDecoder().Decode(&s, data)
+	if len(s.ID) != 2 {
+		t.Errorf("Expected two values in the result list, got %+v", s.ID)
+	}
+	if s.ID[0] != 0 || s.ID[1] != 1 {
+		t.Errorf("Expected []{0, 1} got %+v", s)
+	}
+}
+
+type S12B struct {
+	ID []string
+}
+
+//Decode should not split on , into a slice for string only
+func TestCSVStringSlice(t *testing.T) {
+	data := map[string][]string{
+		"ID": {"0,1"},
+	}
+
+	s := S12B{}
+	NewDecoder().Decode(&s, data)
+	if len(s.ID) != 1 {
+		t.Errorf("Expected one value in the result list, got %+v", s.ID)
+	}
+	if s.ID[0] != "0,1" {
+		t.Errorf("Expected []{0, 1} got %+v", s)
+	}
+}
+
+//Invalid data provided by client should not panic (github issue 33)
+func TestInvalidDataProvidedByClient(t *testing.T) {
+	defer func() {
+		if r := recover(); r != nil {
+			t.Errorf("Panicked calling decoder.Decode: %v", r)
+		}
+	}()
+
+	type S struct {
+		f string
+	}
+
+	data := map[string][]string{
+		"f.f": {"v"},
+	}
+
+	err := NewDecoder().Decode(new(S), data)
+	if err == nil {
+		t.Errorf("invalid path in decoder.Decode should return an error.")
+	}
+}
+
+// underlying cause of error in issue 33
+func TestInvalidPathInCacheParsePath(t *testing.T) {
+	type S struct {
+		f string
+	}
+
+	typ := reflect.ValueOf(new(S)).Elem().Type()
+	c := newCache()
+	_, err := c.parsePath("f.f", typ)
+	if err == nil {
+		t.Errorf("invalid path in cache.parsePath should return an error.")
+	}
+}
+
+// issue 32
+func TestDecodeToTypedField(t *testing.T) {
+	type Aa bool
+	s1 := &struct{ Aa }{}
+	v1 := map[string][]string{"Aa": {"true"}}
+	NewDecoder().Decode(s1, v1)
+	if s1.Aa != Aa(true) {
+		t.Errorf("s1: expected %v, got %v", true, s1.Aa)
+	}
+}
+
+// issue 37
+func TestRegisterConverter(t *testing.T) {
+	type Aa int
+	type Bb int
+	s1 := &struct {
+		Aa
+		Bb
+	}{}
+	decoder := NewDecoder()
+
+	decoder.RegisterConverter(s1.Aa, func(s string) reflect.Value { return reflect.ValueOf(1) })
+	decoder.RegisterConverter(s1.Bb, func(s string) reflect.Value { return reflect.ValueOf(2) })
+
+	v1 := map[string][]string{"Aa": {"4"}, "Bb": {"5"}}
+	decoder.Decode(s1, v1)
+
+	if s1.Aa != Aa(1) {
+		t.Errorf("s1.Aa: expected %v, got %v", 1, s1.Aa)
+	}
+	if s1.Bb != Bb(2) {
+		t.Errorf("s1.Bb: expected %v, got %v", 2, s1.Bb)
+	}
+}
+
+// Issue #40
+func TestRegisterConverterSlice(t *testing.T) {
+	decoder := NewDecoder()
+	decoder.RegisterConverter([]string{}, func(input string) reflect.Value {
+		return reflect.ValueOf(strings.Split(input, ","))
+	})
+
+	result := struct {
+		Multiple []string `schema:"multiple"`
+	}{}
+
+	expected := []string{"one", "two", "three"}
+	decoder.Decode(&result, map[string][]string{
+		"multiple": []string{"one,two,three"},
+	})
+	for i := range expected {
+		if got, want := expected[i], result.Multiple[i]; got != want {
+			t.Errorf("%d: got %s, want %s", i, got, want)
+		}
+	}
+}
+
+type S13 struct {
+	Value []S14
+}
+
+type S14 struct {
+	F1 string
+	F2 string
+}
+
+func (n *S14) UnmarshalText(text []byte) error {
+	textParts := strings.Split(string(text), " ")
+	if len(textParts) < 2 {
+		return errors.New("Not a valid name!")
+	}
+
+	n.F1, n.F2 = textParts[0], textParts[len(textParts)-1]
+	return nil
+}
+
+type S15 struct {
+	Value []S16
+}
+
+type S16 struct {
+	F1 string
+	F2 string
+}
+
+func TestCustomTypeSlice(t *testing.T) {
+	data := map[string][]string{
+		"Value.0": []string{"Louisa May Alcott"},
+		"Value.1": []string{"Florence Nightingale"},
+		"Value.2": []string{"Clara Barton"},
+	}
+
+	s := S13{}
+	decoder := NewDecoder()
+
+	if err := decoder.Decode(&s, data); err != nil {
+		t.Fatal(err)
+	}
+
+	if len(s.Value) != 3 {
+		t.Fatalf("Expected 3 values in the result list, got %+v", s.Value)
+	}
+	if s.Value[0].F1 != "Louisa" || s.Value[0].F2 != "Alcott" {
+		t.Errorf("Expected S14{'Louisa', 'Alcott'} got %+v", s.Value[0])
+	}
+	if s.Value[1].F1 != "Florence" || s.Value[1].F2 != "Nightingale" {
+		t.Errorf("Expected S14{'Florence', 'Nightingale'} got %+v", s.Value[1])
+	}
+	if s.Value[2].F1 != "Clara" || s.Value[2].F2 != "Barton" {
+		t.Errorf("Expected S14{'Clara', 'Barton'} got %+v", s.Value[2])
+	}
+}
+
+func TestCustomTypeSliceWithError(t *testing.T) {
+	data := map[string][]string{
+		"Value.0": []string{"Louisa May Alcott"},
+		"Value.1": []string{"Florence Nightingale"},
+		"Value.2": []string{"Clara"},
+	}
+
+	s := S13{}
+	decoder := NewDecoder()
+
+	if err := decoder.Decode(&s, data); err == nil {
+		t.Error("Not detecting error in conversion")
+	}
+}
+
+func TestNoTextUnmarshalerTypeSlice(t *testing.T) {
+	data := map[string][]string{
+		"Value.0": []string{"Louisa May Alcott"},
+		"Value.1": []string{"Florence Nightingale"},
+		"Value.2": []string{"Clara Barton"},
+	}
+
+	s := S15{}
+	decoder := NewDecoder()
+
+	if err := decoder.Decode(&s, data); err == nil {
+		t.Error("Not detecting when there's no converter")
+	}
+}
+
+// ----------------------------------------------------------------------------
+
+type S17 struct {
+	Value S14
+}
+
+type S18 struct {
+	Value S16
+}
+
+func TestCustomType(t *testing.T) {
+	data := map[string][]string{
+		"Value": []string{"Louisa May Alcott"},
+	}
+
+	s := S17{}
+	decoder := NewDecoder()
+
+	if err := decoder.Decode(&s, data); err != nil {
+		t.Fatal(err)
+	}
+
+	if s.Value.F1 != "Louisa" || s.Value.F2 != "Alcott" {
+		t.Errorf("Expected S14{'Louisa', 'Alcott'} got %+v", s.Value)
+	}
+}
+
+func TestCustomTypeWithError(t *testing.T) {
+	data := map[string][]string{
+		"Value": []string{"Louisa"},
+	}
+
+	s := S17{}
+	decoder := NewDecoder()
+
+	if err := decoder.Decode(&s, data); err == nil {
+		t.Error("Not detecting error in conversion")
+	}
+}
+
+func TestNoTextUnmarshalerType(t *testing.T) {
+	data := map[string][]string{
+		"Value": []string{"Louisa May Alcott"},
+	}
+
+	s := S18{}
+	decoder := NewDecoder()
+
+	if err := decoder.Decode(&s, data); err == nil {
+		t.Error("Not detecting when there's no converter")
+	}
+}
+
+func TestExpectedType(t *testing.T) {
+	data := map[string][]string{
+		"bools":   []string{"1", "a"},
+		"date":    []string{"invalid"},
+		"Foo.Bar": []string{"a", "b"},
+	}
+
+	type B struct {
+		Bar *int
+	}
+	type A struct {
+		Bools []bool    `schema:"bools"`
+		Date  time.Time `schema:"date"`
+		Foo   B
+	}
+
+	a := A{}
+
+	err := NewDecoder().Decode(&a, data)
+
+	e := err.(MultiError)["bools"].(ConversionError)
+	if e.Type != reflect.TypeOf(false) && e.Index == 1 {
+		t.Errorf("Expected bool, index: 1 got %+v, index: %d", e.Type, e.Index)
+	}
+	e = err.(MultiError)["date"].(ConversionError)
+	if e.Type != reflect.TypeOf(time.Time{}) {
+		t.Errorf("Expected time.Time got %+v", e.Type)
+	}
+	e = err.(MultiError)["Foo.Bar"].(ConversionError)
+	if e.Type != reflect.TypeOf(0) {
+		t.Errorf("Expected int got %+v", e.Type)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/doc.go juju-core-2.0~beta12/src/github.com/gorilla/schema/doc.go
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,148 @@
+// Copyright 2012 The Gorilla Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+/*
+Package gorilla/schema fills a struct with form values.
+
+The basic usage is really simple. Given this struct:
+
+	type Person struct {
+		Name  string
+		Phone string
+	}
+
+...we can fill it passing a map to the Load() function:
+
+	values := map[string][]string{
+		"Name":  {"John"},
+		"Phone": {"999-999-999"},
+	}
+	person := new(Person)
+	decoder := schema.NewDecoder()
+	decoder.Decode(person, values)
+
+This is just a simple example and it doesn't make a lot of sense to create
+the map manually. Typically it will come from a http.Request object and
+will be of type url.Values: http.Request.Form or http.Request.MultipartForm:
+
+	func MyHandler(w http.ResponseWriter, r *http.Request) {
+		err := r.ParseForm()
+
+		if err != nil {
+			// Handle error
+		}
+
+		decoder := schema.NewDecoder()
+		// r.PostForm is a map of our POST form values
+		err := decoder.Decode(person, r.PostForm)
+
+		if err != nil {
+			// Handle error
+		}
+
+		// Do something with person.Name or person.Phone
+	}
+
+Note: it is a good idea to set a Decoder instance as a package global,
+because it caches meta-data about structs, and a instance can be shared safely:
+
+	var decoder = schema.NewDecoder()
+
+To define custom names for fields, use a struct tag "schema". To not populate
+certain fields, use a dash for the name and it will be ignored:
+
+	type Person struct {
+		Name  string `schema:"name"`  // custom name
+		Phone string `schema:"phone"` // custom name
+		Admin bool   `schema:"-"`     // this field is never set
+	}
+
+The supported field types in the destination struct are:
+
+	* bool
+	* float variants (float32, float64)
+	* int variants (int, int8, int16, int32, int64)
+	* string
+	* uint variants (uint, uint8, uint16, uint32, uint64)
+	* struct
+	* a pointer to one of the above types
+	* a slice or a pointer to a slice of one of the above types
+
+Non-supported types are simply ignored, however custom types can be registered
+to be converted.
+
+To fill nested structs, keys must use a dotted notation as the "path" for the
+field. So for example, to fill the struct Person below:
+
+	type Phone struct {
+		Label  string
+		Number string
+	}
+
+	type Person struct {
+		Name  string
+		Phone Phone
+	}
+
+...the source map must have the keys "Name", "Phone.Label" and "Phone.Number".
+This means that an HTML form to fill a Person struct must look like this:
+
+	<form>
+		<input type="text" name="Name">
+		<input type="text" name="Phone.Label">
+		<input type="text" name="Phone.Number">
+	</form>
+
+Single values are filled using the first value for a key from the source map.
+Slices are filled using all values for a key from the source map. So to fill
+a Person with multiple Phone values, like:
+
+	type Person struct {
+		Name   string
+		Phones []Phone
+	}
+
+...an HTML form that accepts three Phone values would look like this:
+
+	<form>
+		<input type="text" name="Name">
+		<input type="text" name="Phones.0.Label">
+		<input type="text" name="Phones.0.Number">
+		<input type="text" name="Phones.1.Label">
+		<input type="text" name="Phones.1.Number">
+		<input type="text" name="Phones.2.Label">
+		<input type="text" name="Phones.2.Number">
+	</form>
+
+Notice that only for slices of structs the slice index is required.
+This is needed for disambiguation: if the nested struct also had a slice
+field, we could not translate multiple values to it if we did not use an
+index for the parent struct.
+
+There's also the possibility to create a custom type that implements the
+TextUnmarshaler interface, and in this case there's no need to registry
+a converter, like:
+
+	type Person struct {
+	  Emails []Email
+	}
+
+	type Email struct {
+	  *mail.Address
+	}
+
+	func (e *Email) UnmarshalText(text []byte) (err error) {
+		e.Address, err = mail.ParseAddress(string(text))
+		return
+	}
+
+...an HTML form that accepts three Email values would look like this:
+
+	<form>
+		<input type="email" name="Emails.0">
+		<input type="email" name="Emails.1">
+		<input type="email" name="Emails.2">
+	</form>
+*/
+package schema
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/LICENSE juju-core-2.0~beta12/src/github.com/gorilla/schema/LICENSE
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/LICENSE	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,27 @@
+Copyright (c) 2012 Rodrigo Moraes. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+	 * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+	 * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+	 * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/README.md juju-core-2.0~beta12/src/github.com/gorilla/schema/README.md
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/README.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,69 @@
+schema
+======
+[![GoDoc](https://godoc.org/github.com/gorilla/schema?status.svg)](https://godoc.org/github.com/gorilla/schema) [![Build Status](https://travis-ci.org/gorilla/schema.png?branch=master)](https://travis-ci.org/gorilla/schema)
+
+Package gorilla/schema fills a struct with form values.
+
+## Example
+
+Here's a quick example: we parse POST form values and then decode them into a struct:
+
+```go
+// Set a Decoder instance as a package global, because it caches 
+// meta-data about structs, and an instance can be shared safely.
+var decoder = schema.NewDecoder()
+
+type Person struct {
+    Name  string
+    Phone string
+}
+
+func MyHandler(w http.ResponseWriter, r *http.Request) {
+    err := r.ParseForm()
+
+    if err != nil {
+        // Handle error
+    }
+
+    person := &Person{}
+    decoder := schema.NewDecoder()
+
+    // r.PostForm is a map of our POST form values
+    err := decoder.Decode(person, r.PostForm)
+
+    if err != nil {
+        // Handle error
+    }
+
+    // Do something with person.Name or person.Phone
+}
+```
+
+To define custom names for fields, use a struct tag "schema". To not populate certain fields, use a dash for the name and it will be ignored:
+
+```go
+type Person struct {
+    Name  string `schema:"name"`  // custom name
+    Phone string `schema:"phone"` // custom name
+    Admin bool   `schema:"-"`     // this field is never set
+}
+```
+
+The supported field types in the destination struct are:
+
+* bool
+* float variants (float32, float64)
+* int variants (int, int8, int16, int32, int64)
+* string
+* uint variants (uint, uint8, uint16, uint32, uint64)
+* struct
+* a pointer to one of the above types
+* a slice or a pointer to a slice of one of the above types
+
+Unsupported types are simply ignored, however custom types can be registered to be converted.
+
+More examples are available on the Gorilla website: http://www.gorillatoolkit.org/pkg/schema
+
+## License 
+
+BSD licensed. See the LICENSE file for details.
diff -Nru juju-core-2.0~beta7/src/github.com/gorilla/schema/.travis.yml juju-core-2.0~beta12/src/github.com/gorilla/schema/.travis.yml
--- juju-core-2.0~beta7/src/github.com/gorilla/schema/.travis.yml	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/gorilla/schema/.travis.yml	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,18 @@
+language: go
+sudo: false
+
+matrix:
+  include:
+    - go: 1.3
+    - go: 1.4
+    - go: 1.5
+    - go: 1.6
+    - go: tip
+  allow_failures:
+    - go: tip
+
+script:
+  - go get -t -v ./...
+  - diff -u <(echo -n) <(gofmt -d .)
+  - go vet $(go list ./... | grep -v /vendor/)
+  - go test -v -race ./...
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/client/client.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/client/client.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/client/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/client/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,13 +11,12 @@
 
 import (
 	"fmt"
+	"log"
 	"net/url"
 	"strings"
 	"sync"
 	"time"
 
-	"github.com/juju/loggo"
-
 	joyenthttp "github.com/joyent/gocommon/http"
 	"github.com/joyent/gosign/auth"
 )
@@ -44,7 +43,7 @@
 // This client sends requests without authenticating.
 type client struct {
 	mu         sync.Mutex
-	logger     *loggo.Logger
+	logger     *log.Logger
 	baseURL    string
 	creds      *auth.Credentials
 	httpClient *joyenthttp.Client
@@ -52,12 +51,12 @@
 
 var _ Client = (*client)(nil)
 
-func newClient(baseURL string, credentials *auth.Credentials, httpClient *joyenthttp.Client, logger *loggo.Logger) Client {
+func newClient(baseURL string, credentials *auth.Credentials, httpClient *joyenthttp.Client, logger *log.Logger) Client {
 	client := client{baseURL: baseURL, logger: logger, creds: credentials, httpClient: httpClient}
 	return &client
 }
 
-func NewClient(baseURL, apiVersion string, credentials *auth.Credentials, logger *loggo.Logger) Client {
+func NewClient(baseURL, apiVersion string, credentials *auth.Credentials, logger *log.Logger) Client {
 	sharedHttpClient := joyenthttp.New(credentials, apiVersion, logger)
 	return newClient(baseURL, credentials, sharedHttpClient, logger)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/COPYING juju-core-2.0~beta12/src/github.com/joyent/gocommon/COPYING
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/COPYING	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/COPYING	1970-01-01 00:00:00.000000000 +0000
@@ -1,674 +0,0 @@
-                    GNU GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
-  The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users.  We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors.  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
-  To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights.  Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received.  You must make sure that they, too, receive
-or can get the source code.  And you must show them these terms so they
-know their rights.
-
-  Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
-  For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software.  For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
-  Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so.  This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software.  The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable.  Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products.  If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
-  Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary.  To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                       TERMS AND CONDITIONS
-
-  0. Definitions.
-
-  "This License" refers to version 3 of the GNU General Public License.
-
-  "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
-  "The Program" refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as "you".  "Licensees" and
-"recipients" may be individuals or organizations.
-
-  To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy.  The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
-  A "covered work" means either the unmodified Program or a work based
-on the Program.
-
-  To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
-  To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
-  An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
-  1. Source Code.
-
-  The "source code" for a work means the preferred form of the work
-for making modifications to it.  "Object code" means any non-source
-form of a work.
-
-  A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
-  The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
-  The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
-  The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
-  The Corresponding Source for a work in source code form is that
-same work.
-
-  2. Basic Permissions.
-
-  All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
-  You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force.  You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright.  Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
-  Conveying under any other circumstances is permitted solely under
-the conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-
-  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-  No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
-  When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
-  4. Conveying Verbatim Copies.
-
-  You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
-  You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
-  5. Conveying Modified Source Versions.
-
-  You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
-    a) The work must carry prominent notices stating that you modified
-    it, and giving a relevant date.
-
-    b) The work must carry prominent notices stating that it is
-    released under this License and any conditions added under section
-    7.  This requirement modifies the requirement in section 4 to
-    "keep intact all notices".
-
-    c) You must license the entire work, as a whole, under this
-    License to anyone who comes into possession of a copy.  This
-    License will therefore apply, along with any applicable section 7
-    additional terms, to the whole of the work, and all its parts,
-    regardless of how they are packaged.  This License gives no
-    permission to license the work in any other way, but it does not
-    invalidate such permission if you have separately received it.
-
-    d) If the work has interactive user interfaces, each must display
-    Appropriate Legal Notices; however, if the Program has interactive
-    interfaces that do not display Appropriate Legal Notices, your
-    work need not make them do so.
-
-  A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
-  6. Conveying Non-Source Forms.
-
-  You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
-    a) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by the
-    Corresponding Source fixed on a durable physical medium
-    customarily used for software interchange.
-
-    b) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by a
-    written offer, valid for at least three years and valid for as
-    long as you offer spare parts or customer support for that product
-    model, to give anyone who possesses the object code either (1) a
-    copy of the Corresponding Source for all the software in the
-    product that is covered by this License, on a durable physical
-    medium customarily used for software interchange, for a price no
-    more than your reasonable cost of physically performing this
-    conveying of source, or (2) access to copy the
-    Corresponding Source from a network server at no charge.
-
-    c) Convey individual copies of the object code with a copy of the
-    written offer to provide the Corresponding Source.  This
-    alternative is allowed only occasionally and noncommercially, and
-    only if you received the object code with such an offer, in accord
-    with subsection 6b.
-
-    d) Convey the object code by offering access from a designated
-    place (gratis or for a charge), and offer equivalent access to the
-    Corresponding Source in the same way through the same place at no
-    further charge.  You need not require recipients to copy the
-    Corresponding Source along with the object code.  If the place to
-    copy the object code is a network server, the Corresponding Source
-    may be on a different server (operated by you or a third party)
-    that supports equivalent copying facilities, provided you maintain
-    clear directions next to the object code saying where to find the
-    Corresponding Source.  Regardless of what server hosts the
-    Corresponding Source, you remain obligated to ensure that it is
-    available for as long as needed to satisfy these requirements.
-
-    e) Convey the object code using peer-to-peer transmission, provided
-    you inform other peers where the object code and Corresponding
-    Source of the work are being offered to the general public at no
-    charge under subsection 6d.
-
-  A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
-  A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling.  In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage.  For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product.  A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
-  "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source.  The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
-  If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
-  The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed.  Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
-  Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
-  7. Additional Terms.
-
-  "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
-  When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
-  Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
-    a) Disclaiming warranty or limiting liability differently from the
-    terms of sections 15 and 16 of this License; or
-
-    b) Requiring preservation of specified reasonable legal notices or
-    author attributions in that material or in the Appropriate Legal
-    Notices displayed by works containing it; or
-
-    c) Prohibiting misrepresentation of the origin of that material, or
-    requiring that modified versions of such material be marked in
-    reasonable ways as different from the original version; or
-
-    d) Limiting the use for publicity purposes of names of licensors or
-    authors of the material; or
-
-    e) Declining to grant rights under trademark law for use of some
-    trade names, trademarks, or service marks; or
-
-    f) Requiring indemnification of licensors and authors of that
-    material by anyone who conveys the material (or modified versions of
-    it) with contractual assumptions of liability to the recipient, for
-    any liability that these contractual assumptions directly impose on
-    those licensors and authors.
-
-  All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
-  If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
-  Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
-  8. Termination.
-
-  You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
-  However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
-  Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
-  Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
-  9. Acceptance Not Required for Having Copies.
-
-  You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
-  10. Automatic Licensing of Downstream Recipients.
-
-  Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-
-  An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
-  You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
-  11. Patents.
-
-  A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's "contributor version".
-
-  A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
-  Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
-  In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
-  If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
-  If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
-  A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License.  You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
-  Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
-  12. No Surrender of Others' Freedom.
-
-  If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all.  For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
-  13. Use with the GNU Affero General Public License.
-
-  Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
-  14. Revised Versions of this License.
-
-  The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-  Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation.  If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
-  If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
-  Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
-  15. Disclaimer of Warranty.
-
-  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. Limitation of Liability.
-
-  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
-  17. Interpretation of Sections 15 and 16.
-
-  If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-Also add information on how to contact you by electronic and paper mail.
-
-  If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
-    <program>  Copyright (C) <year>  <name of author>
-    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
-  You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
-
-  The GNU General Public License does not permit incorporating your program
-into proprietary programs.  If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.  But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/COPYING.LESSER juju-core-2.0~beta12/src/github.com/joyent/gocommon/COPYING.LESSER
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/COPYING.LESSER	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/COPYING.LESSER	1970-01-01 00:00:00.000000000 +0000
@@ -1,165 +0,0 @@
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/gocommon.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/gocommon.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/gocommon.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/gocommon.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,18 +1,21 @@
 /*
-The gocommon package collects common packages to interact with the Joyent Public Cloud and Joyent Manta services.
+ * The gocommon package collects common packages to interact with the Joyent Public Cloud and Joyent Manta services.
+ *
+ * The gocommon package is structured as follow:
+ *
+ * 	- gocommon/client. Client for sending requests.
+ * 	- gocommon/errors. Joyent specific errors.
+ * 	- gocommon/http. HTTP client for sending requests.
+ * 	- gocommon/jpc. This package provides common structures and functions across packages.
+ * 	- gocommon/testing. Testing Suite for local testing.
+ *
+ * Copyright (c) 2016 Joyent Inc.
+ * Written by Daniele Stroppa <daniele.stroppa@joyent.com>
+ *
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
 
-The gocommon package is structured as follow:
-
-	- gocommon/client. Client for sending requests.
-	- gocommon/errors. Joyent specific errors.
-	- gocommon/http. HTTP client for sending requests.
-	- gocommon/jpc. This package provides common structures and functions across packages.
-	- gocommon/testing. Testing Suite for local testing.
-
-Licensed under LGPL v3.
-
-Copyright (c) 2013 Joyent Inc.
-Written by Daniele Stroppa <daniele.stroppa@joyent.com>
-
-*/
 package gocommon
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/gocommon_test.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/gocommon_test.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/gocommon_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/gocommon_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,17 @@
-//
-// gocommon - Go library to interact with the JoyentCloud
-//
-//
-// Copyright (c) 2013 Joyent Inc.
-//
-// Written by Daniele Stroppa <daniele.stroppa@joyent.com>
-//
+/*
+ *
+ * gocommon - Go library to interact with the JoyentCloud
+ *
+ *
+ * Copyright (c) 2016 Joyent Inc.
+ *
+ * Written by Daniele Stroppa <daniele.stroppa@joyent.com>
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
 
 package gocommon
 
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/http/client.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/http/client.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/http/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/http/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,6 +15,7 @@
 	"fmt"
 	"io"
 	"io/ioutil"
+	"log"
 	"net/http"
 	"net/url"
 	"reflect"
@@ -22,8 +23,6 @@
 	"strings"
 	"time"
 
-	"github.com/juju/loggo"
-
 	"github.com/joyent/gocommon"
 	"github.com/joyent/gocommon/errors"
 	"github.com/joyent/gocommon/jpc"
@@ -40,7 +39,8 @@
 	maxSendAttempts int
 	credentials     *auth.Credentials
 	apiVersion      string
-	logger          *loggo.Logger
+	logger          *log.Logger
+	trace           bool
 }
 
 type ErrorResponse struct {
@@ -78,8 +78,15 @@
 )
 
 // New returns a new http *Client using the default net/http client.
-func New(credentials *auth.Credentials, apiVersion string, logger *loggo.Logger) *Client {
-	return &Client{*http.DefaultClient, MaxSendAttempts, credentials, apiVersion, logger}
+func New(credentials *auth.Credentials, apiVersion string, logger *log.Logger) *Client {
+	return &Client{*http.DefaultClient, MaxSendAttempts, credentials, apiVersion, logger, false}
+}
+
+// SetTrace allows control over whether requests will write their
+// contents to the logger supplied during construction. Note that this
+// is not safe to call from multiple go-routines.
+func (client *Client) SetTrace(traceEnabled bool) {
+	client.trace = traceEnabled
 }
 
 func gojoyentAgent() string {
@@ -169,8 +176,8 @@
 
 	if len(respData) > 0 {
 		if response.RespValue != nil {
-			if _, ok := response.RespValue.(*[]byte); ok {
-				response.RespValue = respData
+			if dest, ok := response.RespValue.(*[]byte); ok {
+				*dest = respData
 				//err = decodeJSON(bytes.NewReader(respData), false, response.RespValue)
 				//if err != nil {
 				//	err = errors.Newf(err, "failed unmarshaling/decoding the response body: %s", respData)
@@ -260,7 +267,7 @@
 // headers: HTTP headers to include with the request.
 // expectedStatus: a slice of allowed response status codes.
 func (c *Client) sendRequest(method, URL string, reqReader io.Reader, length int, headers http.Header,
-	expectedStatus []int, logger *loggo.Logger) (rc io.ReadCloser, respHeader *http.Header, err error) {
+	expectedStatus []int, logger *log.Logger) (rc io.ReadCloser, respHeader *http.Header, err error) {
 	reqData := make([]byte, length)
 	if reqReader != nil {
 		nrRead, err := io.ReadFull(reqReader, reqData)
@@ -274,14 +281,14 @@
 		return
 	}
 
-	if logger != nil && logger.IsTraceEnabled() {
-		logger.Tracef("Request: %s %s\n", method, URL)
-		logger.Tracef("Request header: %s\n", headers)
-		logger.Tracef("Request body: %s\n", reqData)
-		logger.Tracef("Response: %s\n", rawResp.Status)
-		logger.Tracef("Response header: %s\n", rawResp.Header)
-		logger.Tracef("Response body: %s\n", rawResp.Body)
-		logger.Tracef("Response error: %s\n", err)
+	if logger != nil && c.trace {
+		logger.Printf("Request: %s %s\n", method, URL)
+		logger.Printf("Request header: %s\n", headers)
+		logger.Printf("Request body: %s\n", reqData)
+		logger.Printf("Response: %s\n", rawResp.Status)
+		logger.Printf("Response header: %s\n", rawResp.Header)
+		logger.Printf("Response body: %s\n", rawResp.Body)
+		logger.Printf("Response error: %s\n", err)
 	}
 
 	foundStatus := false
@@ -303,7 +310,7 @@
 }
 
 func (c *Client) sendRateLimitedRequest(method, URL string, headers http.Header, reqData []byte,
-	logger *loggo.Logger) (resp *http.Response, err error) {
+	logger *log.Logger) (resp *http.Response, err error) {
 	for i := 0; i < c.maxSendAttempts; i++ {
 		var reqReader io.Reader
 		if reqData != nil {
@@ -339,7 +346,7 @@
 			return nil, errors.Newf(err, "Resource limit exeeded at URL %s", URL)
 		}
 		if logger != nil {
-			logger.Warningf("Too many requests, retrying in %dms.", int(retryAfter*1000))
+			logger.Println("Too many requests, retrying in %dms.", int(retryAfter*1000))
 		}
 		time.Sleep(time.Duration(retryAfter) * time.Second)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/jpc/jpc.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/jpc/jpc.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/jpc/jpc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/jpc/jpc.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,16 @@
-//
-// gocommon - Go library to interact with the JoyentCloud
-//
-//
-// Copyright (c) 2013 Joyent Inc.
-//
-// Written by Daniele Stroppa <daniele.stroppa@joyent.com>
-//
+/*
+ *
+ * gocommon - Go library to interact with the JoyentCloud
+ *
+ *
+ * Copyright (c) 2016 Joyent Inc.
+ *
+ * Written by Daniele Stroppa <daniele.stroppa@joyent.com>
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
 
 package jpc
 
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/LICENSE juju-core-2.0~beta12/src/github.com/joyent/gocommon/LICENSE
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/LICENSE	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -1,15 +1,373 @@
-GoCommon - Go Common Library for the Joyent Public Cloud and Joyent Manta
+Mozilla Public License Version 2.0
+==================================
 
-Copyright (c) 2013, Joyent Inc.
+1. Definitions
+--------------
 
-This program is free software: you can redistribute it and/or modify it under
-the terms of the GNU Lesser General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.
+1.1. "Contributor"
+    means each individual or legal entity that creates, contributes to
+    the creation of, or owns Covered Software.
 
-This program is distributed in the hope that it will be useful, but WITHOUT ANY
-WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+1.2. "Contributor Version"
+    means the combination of the Contributions of others (if any) used
+    by a Contributor and that particular Contributor's Contribution.
 
-See both COPYING and COPYING.LESSER for the full terms of the GNU Lesser
-General Public License.
+1.3. "Contribution"
+    means Covered Software of a particular Contributor.
+
+1.4. "Covered Software"
+    means Source Code Form to which the initial Contributor has attached
+    the notice in Exhibit A, the Executable Form of such Source Code
+    Form, and Modifications of such Source Code Form, in each case
+    including portions thereof.
+
+1.5. "Incompatible With Secondary Licenses"
+    means
+
+    (a) that the initial Contributor has attached the notice described
+        in Exhibit B to the Covered Software; or
+
+    (b) that the Covered Software was made available under the terms of
+        version 1.1 or earlier of the License, but not also under the
+        terms of a Secondary License.
+
+1.6. "Executable Form"
+    means any form of the work other than Source Code Form.
+
+1.7. "Larger Work"
+    means a work that combines Covered Software with other material, in 
+    a separate file or files, that is not Covered Software.
+
+1.8. "License"
+    means this document.
+
+1.9. "Licensable"
+    means having the right to grant, to the maximum extent possible,
+    whether at the time of the initial grant or subsequently, any and
+    all of the rights conveyed by this License.
+
+1.10. "Modifications"
+    means any of the following:
+
+    (a) any file in Source Code Form that results from an addition to,
+        deletion from, or modification of the contents of Covered
+        Software; or
+
+    (b) any new file in Source Code Form that contains any Covered
+        Software.
+
+1.11. "Patent Claims" of a Contributor
+    means any patent claim(s), including without limitation, method,
+    process, and apparatus claims, in any patent Licensable by such
+    Contributor that would be infringed, but for the grant of the
+    License, by the making, using, selling, offering for sale, having
+    made, import, or transfer of either its Contributions or its
+    Contributor Version.
+
+1.12. "Secondary License"
+    means either the GNU General Public License, Version 2.0, the GNU
+    Lesser General Public License, Version 2.1, the GNU Affero General
+    Public License, Version 3.0, or any later versions of those
+    licenses.
+
+1.13. "Source Code Form"
+    means the form of the work preferred for making modifications.
+
+1.14. "You" (or "Your")
+    means an individual or a legal entity exercising rights under this
+    License. For legal entities, "You" includes any entity that
+    controls, is controlled by, or is under common control with You. For
+    purposes of this definition, "control" means (a) the power, direct
+    or indirect, to cause the direction or management of such entity,
+    whether by contract or otherwise, or (b) ownership of more than
+    fifty percent (50%) of the outstanding shares or beneficial
+    ownership of such entity.
+
+2. License Grants and Conditions
+--------------------------------
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+    Licensable by such Contributor to use, reproduce, make available,
+    modify, display, perform, distribute, and otherwise exploit its
+    Contributions, either on an unmodified basis, with Modifications, or
+    as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+    for sale, have made, import, and otherwise transfer either its
+    Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+    or
+
+(b) for infringements caused by: (i) Your and any other third party's
+    modifications of Covered Software, or (ii) the combination of its
+    Contributions with other software (except as part of its Contributor
+    Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+    its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+-------------------
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients' rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+    Form, as described in Section 3.1, and You must inform recipients of
+    the Executable Form how they can obtain a copy of such Source Code
+    Form by reasonable means in a timely manner, at a charge no more
+    than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+    License, or sublicense it under different terms, provided that the
+    license for the Executable Form does not attempt to limit or alter
+    the recipients' rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+---------------------------------------------------
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+--------------
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+*                                                                      *
+*  6. Disclaimer of Warranty                                           *
+*  -------------------------                                           *
+*                                                                      *
+*  Covered Software is provided under this License on an "as is"       *
+*  basis, without warranty of any kind, either expressed, implied, or  *
+*  statutory, including, without limitation, warranties that the       *
+*  Covered Software is free of defects, merchantable, fit for a        *
+*  particular purpose or non-infringing. The entire risk as to the     *
+*  quality and performance of the Covered Software is with You.        *
+*  Should any Covered Software prove defective in any respect, You     *
+*  (not any Contributor) assume the cost of any necessary servicing,   *
+*  repair, or correction. This disclaimer of warranty constitutes an   *
+*  essential part of this License. No use of any Covered Software is   *
+*  authorized under this License except under this disclaimer.         *
+*                                                                      *
+************************************************************************
+
+************************************************************************
+*                                                                      *
+*  7. Limitation of Liability                                          *
+*  --------------------------                                          *
+*                                                                      *
+*  Under no circumstances and under no legal theory, whether tort      *
+*  (including negligence), contract, or otherwise, shall any           *
+*  Contributor, or anyone who distributes Covered Software as          *
+*  permitted above, be liable to You for any direct, indirect,         *
+*  special, incidental, or consequential damages of any character      *
+*  including, without limitation, damages for lost profits, loss of    *
+*  goodwill, work stoppage, computer failure or malfunction, or any    *
+*  and all other commercial damages or losses, even if such party      *
+*  shall have been informed of the possibility of such damages. This   *
+*  limitation of liability shall not apply to liability for death or   *
+*  personal injury resulting from such party's negligence to the       *
+*  extent applicable law prohibits such limitation. Some               *
+*  jurisdictions do not allow the exclusion or limitation of           *
+*  incidental or consequential damages, so this exclusion and          *
+*  limitation may not apply to You.                                    *
+*                                                                      *
+************************************************************************
+
+8. Litigation
+-------------
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party's ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+----------------
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+---------------------------
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+-------------------------------------------
+
+  This Source Code Form is subject to the terms of the Mozilla Public
+  License, v. 2.0. If a copy of the MPL was not distributed with this
+  file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
+
+Exhibit B - "Incompatible With Secondary Licenses" Notice
+---------------------------------------------------------
+
+  This Source Code Form is "Incompatible With Secondary Licenses", as
+  defined by the Mozilla Public License, v. 2.0.
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/testing/httpsuite.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/testing/httpsuite.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/testing/httpsuite.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/testing/httpsuite.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,6 +6,7 @@
 // server is shut down at the end of the test suite.
 
 import (
+	"github.com/julienschmidt/httprouter"
 	gc "launchpad.net/gocheck"
 	"net/http"
 	"net/http/httptest"
@@ -15,7 +16,7 @@
 
 type HTTPSuite struct {
 	Server     *httptest.Server
-	Mux        *http.ServeMux
+	Mux        *httprouter.Router
 	oldHandler http.Handler
 	UseTLS     bool
 }
@@ -30,7 +31,7 @@
 
 func (s *HTTPSuite) SetUpTest(c *gc.C) {
 	s.oldHandler = s.Server.Config.Handler
-	s.Mux = http.NewServeMux()
+	s.Mux = httprouter.New()
 	s.Server.Config.Handler = s.Mux
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/version.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/version.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/version.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/version.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,16 @@
-//
-// gocommon - Go library to interact with the JoyentCloud
-//
-//
-// Copyright (c) 2013 Joyent Inc.
-//
-// Written by Daniele Stroppa <daniele.stroppa@joyent.com>
-//
+/*
+ *
+ * gocommon - Go library to interact with the JoyentCloud
+ *
+ *
+ * Copyright (c) 2016 Joyent Inc.
+ *
+ * Written by Daniele Stroppa <daniele.stroppa@joyent.com>
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
 
 package gocommon
 
diff -Nru juju-core-2.0~beta7/src/github.com/joyent/gocommon/version_test.go juju-core-2.0~beta12/src/github.com/joyent/gocommon/version_test.go
--- juju-core-2.0~beta7/src/github.com/joyent/gocommon/version_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/joyent/gocommon/version_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,16 @@
-//
-// gocommon - Go library to interact with the JoyentCloud
-//
-//
-// Copyright (c) 2013 Joyent Inc.
-//
-// Written by Daniele Stroppa <daniele.stroppa@joyent.com>
-//
+/*
+ *
+ * gocommon - Go library to interact with the JoyentCloud
+ *
+ *
+ * Copyright (c) 2016 Joyent Inc.
+ *
+ * Written by Daniele Stroppa <daniele.stroppa@joyent.com>
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
 
 package gocommon
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/bundlechanges/changes.go juju-core-2.0~beta12/src/github.com/juju/bundlechanges/changes.go
--- juju-core-2.0~beta7/src/github.com/juju/bundlechanges/changes.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/bundlechanges/changes.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,10 +14,10 @@
 // be applied in order. The bundle data is assumed to be already verified.
 func FromData(data *charm.BundleData) []Change {
 	cs := &changeset{}
-	addedServices := handleServices(cs.add, data.Services, data.Series)
+	addedApplications := handleApplications(cs.add, data.Applications, data.Series)
 	addedMachines := handleMachines(cs.add, data.Machines, data.Series)
-	handleRelations(cs.add, data.Relations, addedServices)
-	handleUnits(cs.add, data.Services, addedServices, addedMachines, data.Series)
+	handleRelations(cs.add, data.Relations, addedApplications)
+	handleUnits(cs.add, data.Applications, addedApplications, addedMachines, data.Series)
 	return cs.sorted()
 }
 
@@ -169,7 +169,7 @@
 	}
 }
 
-// AddRelationChange holds a change for adding a relation between two services.
+// AddRelationChange holds a change for adding a relation between two applications.
 type AddRelationChange struct {
 	changeInfo
 	// Params holds parameters for adding a relation.
@@ -181,19 +181,19 @@
 	return []interface{}{ch.Params.Endpoint1, ch.Params.Endpoint2}
 }
 
-// AddRelationParams holds parameters for adding a relation between two services.
+// AddRelationParams holds parameters for adding a relation between two applications.
 type AddRelationParams struct {
 	// Endpoint1 and Endpoint2 hold relation endpoints in the
-	// "service:interface" form, where the service is always a placeholder
-	// pointing to a service change, and the interface is optional. Examples
+	// "application:interface" form, where the application is always a placeholder
+	// pointing to an application change, and the interface is optional. Examples
 	// are "$deploy-42:web" or just "$deploy-42".
 	Endpoint1 string
 	Endpoint2 string
 }
 
-// newAddServiceChange creates a new change for adding a service.
-func newAddServiceChange(params AddServiceParams, requires ...string) *AddServiceChange {
-	return &AddServiceChange{
+// newAddApplicationChange creates a new change for adding an application.
+func newAddApplicationChange(params AddApplicationParams, requires ...string) *AddApplicationChange {
+	return &AddApplicationChange{
 		changeInfo: changeInfo{
 			requires: requires,
 			method:   "deploy",
@@ -202,15 +202,15 @@
 	}
 }
 
-// AddServiceChange holds a change for deploying a Juju service.
-type AddServiceChange struct {
+// AddApplicationChange holds a change for deploying a Juju application.
+type AddApplicationChange struct {
 	changeInfo
-	// Params holds parameters for adding a service.
-	Params AddServiceParams
+	// Params holds parameters for adding an application.
+	Params AddApplicationParams
 }
 
 // GUIArgs implements Change.GUIArgs.
-func (ch *AddServiceChange) GUIArgs() []interface{} {
+func (ch *AddApplicationChange) GUIArgs() []interface{} {
 	options := ch.Params.Options
 	if options == nil {
 		options = make(map[string]interface{}, 0)
@@ -225,32 +225,32 @@
 	}
 	// TODO(ericsnow) Add resources to the result (from
 	// ch.Params.Resources) once the GUI is ready.
-	return []interface{}{ch.Params.Charm, ch.Params.Service, options, ch.Params.Constraints, storage, endpointBindings}
+	return []interface{}{ch.Params.Charm, ch.Params.Application, options, ch.Params.Constraints, storage, endpointBindings}
 }
 
-// AddServiceParams holds parameters for deploying a Juju service.
-type AddServiceParams struct {
-	// Charm holds the URL of the charm to be used to deploy this service.
+// AddApplicationParams holds parameters for deploying a Juju application.
+type AddApplicationParams struct {
+	// Charm holds the URL of the charm to be used to deploy this application.
 	Charm string
-	// Series holds the series of the service to be deployed
+	// Series holds the series of the application to be deployed
 	// if the charm default is not sufficient.
 	Series string
-	// Service holds the service name.
-	Service string
-	// Options holds service options.
+	// Application holds the application name.
+	Application string
+	// Options holds application options.
 	Options map[string]interface{}
-	// Constraints holds the optional service constraints.
+	// Constraints holds the optional application constraints.
 	Constraints string
 	// Storage holds the optional storage constraints.
 	Storage map[string]string
 	// EndpointBindings holds the optional endpoint bindings
 	EndpointBindings map[string]string
 	// Resources identifies the revision to use for each resource
-	// of the service's charm.
+	// of the application's charm.
 	Resources map[string]int
 }
 
-// newAddUnitChange creates a new change for adding a service unit.
+// newAddUnitChange creates a new change for adding an application unit.
 func newAddUnitChange(params AddUnitParams, requires ...string) *AddUnitChange {
 	return &AddUnitChange{
 		changeInfo: changeInfo{
@@ -261,7 +261,7 @@
 	}
 }
 
-// AddUnitChange holds a change for adding a service unit.
+// AddUnitChange holds a change for adding an application unit.
 type AddUnitChange struct {
 	changeInfo
 	// Params holds parameters for adding a unit.
@@ -270,23 +270,23 @@
 
 // GUIArgs implements Change.GUIArgs.
 func (ch *AddUnitChange) GUIArgs() []interface{} {
-	args := []interface{}{ch.Params.Service, nil}
+	args := []interface{}{ch.Params.Application, nil}
 	if ch.Params.To != "" {
 		args[1] = ch.Params.To
 	}
 	return args
 }
 
-// AddUnitParams holds parameters for adding a service unit.
+// AddUnitParams holds parameters for adding an application unit.
 type AddUnitParams struct {
-	// Service holds the service placeholder name for which a unit is added.
-	Service string
+	// Application holds the application placeholder name for which a unit is added.
+	Application string
 	// To holds the optional location where to add the unit, as a placeholder
 	// pointing to another unit change or to a machine change.
 	To string
 }
 
-// newExposeChange creates a new change for exposing a service.
+// newExposeChange creates a new change for exposing an application.
 func newExposeChange(params ExposeParams, requires ...string) *ExposeChange {
 	return &ExposeChange{
 		changeInfo: changeInfo{
@@ -297,22 +297,22 @@
 	}
 }
 
-// ExposeChange holds a change for exposing a service.
+// ExposeChange holds a change for exposing an application.
 type ExposeChange struct {
 	changeInfo
-	// Params holds parameters for exposing a service.
+	// Params holds parameters for exposing an application.
 	Params ExposeParams
 }
 
 // GUIArgs implements Change.GUIArgs.
 func (ch *ExposeChange) GUIArgs() []interface{} {
-	return []interface{}{ch.Params.Service}
+	return []interface{}{ch.Params.Application}
 }
 
-// ExposeParams holds parameters for exposing a service.
+// ExposeParams holds parameters for exposing an application.
 type ExposeParams struct {
-	// Service holds the placeholder name of the service that must be exposed.
-	Service string
+	// Application holds the placeholder name of the application that must be exposed.
+	Application string
 }
 
 // newSetAnnotationsChange creates a new change for setting annotations.
@@ -326,7 +326,7 @@
 	}
 }
 
-// SetAnnotationsChange holds a change for setting service and machine
+// SetAnnotationsChange holds a change for setting application and machine
 // annotations.
 type SetAnnotationsChange struct {
 	changeInfo
@@ -339,20 +339,20 @@
 	return []interface{}{ch.Params.Id, string(ch.Params.EntityType), ch.Params.Annotations}
 }
 
-// EntityType holds entity types ("service" or "machine").
+// EntityType holds entity types ("application" or "machine").
 type EntityType string
 
 const (
-	ServiceType EntityType = "service"
-	MachineType EntityType = "machine"
+	ApplicationType EntityType = "application"
+	MachineType     EntityType = "machine"
 )
 
 // SetAnnotationsParams holds parameters for setting annotations.
 type SetAnnotationsParams struct {
-	// Id is the placeholder for the service or machine change corresponding to
+	// Id is the placeholder for the application or machine change corresponding to
 	// the entity to be annotated.
 	Id string
-	// EntityType holds the type of the entity, "service" or "machine".
+	// EntityType holds the type of the entity, "application" or "machine".
 	EntityType EntityType
 	// Annotations holds the annotations as key/value pairs.
 	Annotations map[string]string
@@ -379,7 +379,7 @@
 mainloop:
 	for len(changes) != 0 {
 		// Note that all valid bundles have at least two changes
-		// (add one charm and deploy one service).
+		// (add one charm and deploy one application).
 		change := changes[0]
 		changes = changes[1:]
 		for _, r := range change.Requires() {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/bundlechanges/changes_test.go juju-core-2.0~beta12/src/github.com/juju/bundlechanges/changes_test.go
--- juju-core-2.0~beta7/src/github.com/juju/bundlechanges/changes_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/bundlechanges/changes_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -60,9 +60,9 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "django",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "django",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -108,12 +108,12 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:     "$addCharm-0",
-			Service:   "mediawiki",
-			Series:    "precise",
-			Options:   map[string]interface{}{"debug": false},
-			Resources: map[string]int{"data": 3},
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "mediawiki",
+			Series:      "precise",
+			Options:     map[string]interface{}{"debug": false},
+			Resources:   map[string]int{"data": 3},
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -128,7 +128,7 @@
 		Id:     "expose-2",
 		Method: "expose",
 		Params: bundlechanges.ExposeParams{
-			Service: "$deploy-1",
+			Application: "$deploy-1",
 		},
 		GUIArgs:  []interface{}{"$deploy-1"},
 		Requires: []string{"deploy-1"},
@@ -137,12 +137,12 @@
 		Method: "setAnnotations",
 		Params: bundlechanges.SetAnnotationsParams{
 			Id:          "$deploy-1",
-			EntityType:  bundlechanges.ServiceType,
+			EntityType:  bundlechanges.ApplicationType,
 			Annotations: map[string]string{"gui-x": "609", "gui-y": "-15"},
 		},
 		GUIArgs: []interface{}{
 			"$deploy-1",
-			"service",
+			"application",
 			map[string]string{"gui-x": "609", "gui-y": "-15"},
 		},
 		Requires: []string{"deploy-1"},
@@ -157,10 +157,10 @@
 	}, {
 		Id:     "deploy-5",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-4",
-			Service: "mysql",
-			Series:  "precise",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-4",
+			Application: "mysql",
+			Series:      "precise",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-4",
@@ -184,7 +184,7 @@
 		Id:     "addUnit-7",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
+			Application: "$deploy-1",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", nil},
 		Requires: []string{"deploy-1"},
@@ -192,7 +192,7 @@
 		Id:     "addUnit-8",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-5",
+			Application: "$deploy-5",
 		},
 		GUIArgs:  []interface{}{"$deploy-5", nil},
 		Requires: []string{"deploy-5"},
@@ -218,10 +218,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "mediawiki",
-			Series:  "precise",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "mediawiki",
+			Series:      "precise",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -235,10 +235,10 @@
 	}, {
 		Id:     "deploy-2",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "otherwiki",
-			Series:  "precise",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "otherwiki",
+			Series:      "precise",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -253,7 +253,7 @@
 		Id:     "addUnit-3",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
+			Application: "$deploy-1",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", nil},
 		Requires: []string{"deploy-1"},
@@ -295,9 +295,9 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
+		Params: bundlechanges.AddApplicationParams{
 			Charm:       "$addCharm-0",
-			Service:     "django",
+			Application: "django",
 			Series:      "trusty",
 			Constraints: "cpu-cores=4 cpu-power=42",
 		},
@@ -321,11 +321,11 @@
 	}, {
 		Id:     "deploy-3",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-2",
-			Service: "haproxy",
-			Series:  "trusty",
-			Options: map[string]interface{}{"bad": "wolf", "number": 42.47},
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-2",
+			Application: "haproxy",
+			Series:      "trusty",
+			Options:     map[string]interface{}{"bad": "wolf", "number": 42.47},
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-2",
@@ -340,7 +340,7 @@
 		Id:     "expose-4",
 		Method: "expose",
 		Params: bundlechanges.ExposeParams{
-			Service: "$deploy-3",
+			Application: "$deploy-3",
 		},
 		GUIArgs:  []interface{}{"$deploy-3"},
 		Requires: []string{"deploy-3"},
@@ -364,8 +364,8 @@
 		Id:     "addUnit-7",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-5",
+			Application: "$deploy-1",
+			To:          "$addMachines-5",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-5"},
 		Requires: []string{"deploy-1", "addMachines-5"},
@@ -416,8 +416,8 @@
 		Id:     "addUnit-8",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-11",
+			Application: "$deploy-1",
+			To:          "$addMachines-11",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-11"},
 		Requires: []string{"deploy-1", "addMachines-11"},
@@ -425,8 +425,8 @@
 		Id:     "addUnit-9",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
-			To:      "$addMachines-12",
+			Application: "$deploy-3",
+			To:          "$addMachines-12",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", "$addMachines-12"},
 		Requires: []string{"deploy-3", "addMachines-12"},
@@ -434,8 +434,8 @@
 		Id:     "addUnit-10",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
-			To:      "$addMachines-13",
+			Application: "$deploy-3",
+			To:          "$addMachines-13",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", "$addMachines-13"},
 		Requires: []string{"deploy-3", "addMachines-13"},
@@ -467,10 +467,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "django",
-			Series:  "trusty",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "django",
+			Series:      "trusty",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -510,8 +510,8 @@
 		Id:     "addUnit-4",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-2",
+			Application: "$deploy-1",
+			To:          "$addMachines-2",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-2"},
 		Requires: []string{"deploy-1", "addMachines-2"},
@@ -530,8 +530,8 @@
 		Id:     "addUnit-5",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-6",
+			Application: "$deploy-1",
+			To:          "$addMachines-6",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-6"},
 		Requires: []string{"deploy-1", "addMachines-6"},
@@ -560,10 +560,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "mediawiki",
-			Series:  "precise",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "mediawiki",
+			Series:      "precise",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -585,9 +585,9 @@
 	}, {
 		Id:     "deploy-3",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
+		Params: bundlechanges.AddApplicationParams{
 			Charm:       "$addCharm-2",
-			Service:     "mysql",
+			Application: "mysql",
 			Series:      "precise",
 			Constraints: "mem=42G",
 		},
@@ -611,7 +611,7 @@
 		Requires: []string{"deploy-1", "deploy-3"},
 	}},
 }, {
-	about: "unit placed in service",
+	about: "unit placed in application",
 	content: `
         services:
             wordpress:
@@ -633,10 +633,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "django",
-			Series:  "trusty",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "django",
+			Series:      "trusty",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -657,9 +657,9 @@
 	}, {
 		Id:     "deploy-3",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-2",
-			Service: "wordpress",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-2",
+			Application: "wordpress",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-2",
@@ -674,7 +674,7 @@
 		Id:     "addUnit-6",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
+			Application: "$deploy-3",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", nil},
 		Requires: []string{"deploy-3"},
@@ -682,7 +682,7 @@
 		Id:     "addUnit-7",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
+			Application: "$deploy-3",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", nil},
 		Requires: []string{"deploy-3"},
@@ -690,7 +690,7 @@
 		Id:     "addUnit-8",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
+			Application: "$deploy-3",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", nil},
 		Requires: []string{"deploy-3"},
@@ -698,8 +698,8 @@
 		Id:     "addUnit-4",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addUnit-6",
+			Application: "$deploy-1",
+			To:          "$addUnit-6",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addUnit-6"},
 		Requires: []string{"deploy-1", "addUnit-6"},
@@ -707,8 +707,8 @@
 		Id:     "addUnit-5",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addUnit-7",
+			Application: "$deploy-1",
+			To:          "$addUnit-7",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addUnit-7"},
 		Requires: []string{"deploy-1", "addUnit-7"},
@@ -750,10 +750,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "django",
-			Series:  "trusty",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "django",
+			Series:      "trusty",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -775,10 +775,10 @@
 	}, {
 		Id:     "deploy-3",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-2",
-			Service: "memcached",
-			Series:  "trusty",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-2",
+			Application: "memcached",
+			Series:      "trusty",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-2",
@@ -800,10 +800,10 @@
 	}, {
 		Id:     "deploy-5",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-4",
-			Service: "ror",
-			Series:  "vivid",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-4",
+			Application: "ror",
+			Series:      "vivid",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-4",
@@ -830,8 +830,8 @@
 		Id:     "addUnit-12",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
-			To:      "$addMachines-6",
+			Application: "$deploy-3",
+			To:          "$addMachines-6",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", "$addMachines-6"},
 		Requires: []string{"deploy-3", "addMachines-6"},
@@ -839,8 +839,8 @@
 		Id:     "addUnit-16",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-5",
-			To:      "$addMachines-6",
+			Application: "$deploy-5",
+			To:          "$addMachines-6",
 		},
 		GUIArgs:  []interface{}{"$deploy-5", "$addMachines-6"},
 		Requires: []string{"deploy-5", "addMachines-6"},
@@ -897,8 +897,8 @@
 		Id:     "addUnit-7",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addUnit-12",
+			Application: "$deploy-1",
+			To:          "$addUnit-12",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addUnit-12"},
 		Requires: []string{"deploy-1", "addUnit-12"},
@@ -906,8 +906,8 @@
 		Id:     "addUnit-11",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-20",
+			Application: "$deploy-1",
+			To:          "$addMachines-20",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-20"},
 		Requires: []string{"deploy-1", "addMachines-20"},
@@ -915,8 +915,8 @@
 		Id:     "addUnit-13",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
-			To:      "$addMachines-21",
+			Application: "$deploy-3",
+			To:          "$addMachines-21",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", "$addMachines-21"},
 		Requires: []string{"deploy-3", "addMachines-21"},
@@ -924,8 +924,8 @@
 		Id:     "addUnit-14",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-3",
-			To:      "$addMachines-22",
+			Application: "$deploy-3",
+			To:          "$addMachines-22",
 		},
 		GUIArgs:  []interface{}{"$deploy-3", "$addMachines-22"},
 		Requires: []string{"deploy-3", "addMachines-22"},
@@ -933,8 +933,8 @@
 		Id:     "addUnit-15",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-5",
-			To:      "$addMachines-23",
+			Application: "$deploy-5",
+			To:          "$addMachines-23",
 		},
 		GUIArgs:  []interface{}{"$deploy-5", "$addMachines-23"},
 		Requires: []string{"deploy-5", "addMachines-23"},
@@ -990,8 +990,8 @@
 		Id:     "addUnit-8",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-17",
+			Application: "$deploy-1",
+			To:          "$addMachines-17",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-17"},
 		Requires: []string{"deploy-1", "addMachines-17"},
@@ -999,8 +999,8 @@
 		Id:     "addUnit-9",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-18",
+			Application: "$deploy-1",
+			To:          "$addMachines-18",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-18"},
 		Requires: []string{"deploy-1", "addMachines-18"},
@@ -1008,8 +1008,8 @@
 		Id:     "addUnit-10",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-19",
+			Application: "$deploy-1",
+			To:          "$addMachines-19",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-19"},
 		Requires: []string{"deploy-1", "addMachines-19"},
@@ -1043,10 +1043,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "django",
-			Series:  "trusty",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "django",
+			Series:      "trusty",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -1083,8 +1083,8 @@
 		Id:     "addUnit-5",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-2",
+			Application: "$deploy-1",
+			To:          "$addMachines-2",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-2"},
 		Requires: []string{"deploy-1", "addMachines-2"},
@@ -1145,8 +1145,8 @@
 		Id:     "addUnit-4",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-9",
+			Application: "$deploy-1",
+			To:          "$addMachines-9",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-9"},
 		Requires: []string{"deploy-1", "addMachines-9"},
@@ -1154,8 +1154,8 @@
 		Id:     "addUnit-6",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-10",
+			Application: "$deploy-1",
+			To:          "$addMachines-10",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-10"},
 		Requires: []string{"deploy-1", "addMachines-10"},
@@ -1163,8 +1163,8 @@
 		Id:     "addUnit-7",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-11",
+			Application: "$deploy-1",
+			To:          "$addMachines-11",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-11"},
 		Requires: []string{"deploy-1", "addMachines-11"},
@@ -1172,14 +1172,14 @@
 		Id:     "addUnit-8",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-12",
+			Application: "$deploy-1",
+			To:          "$addMachines-12",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", "$addMachines-12"},
 		Requires: []string{"deploy-1", "addMachines-12"},
 	}},
 }, {
-	about: "service with storage",
+	about: "application with storage",
 	content: `
         services:
             django:
@@ -1200,10 +1200,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "django",
-			Series:  "trusty",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "django",
+			Series:      "trusty",
 			Storage: map[string]string{
 				"osd-devices": "3,30G",
 				"tmpfs":       "tmpfs,1G",
@@ -1225,7 +1225,7 @@
 		Id:     "addUnit-2",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
+			Application: "$deploy-1",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", nil},
 		Requires: []string{"deploy-1"},
@@ -1233,13 +1233,13 @@
 		Id:     "addUnit-3",
 		Method: "addUnit",
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
+			Application: "$deploy-1",
 		},
 		GUIArgs:  []interface{}{"$deploy-1", nil},
 		Requires: []string{"deploy-1"},
 	}},
 }, {
-	about: "service with endpoint bindings",
+	about: "application with endpoint bindings",
 	content: `
         services:
             django:
@@ -1257,9 +1257,9 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
+		Params: bundlechanges.AddApplicationParams{
 			Charm:            "$addCharm-0",
-			Service:          "django",
+			Application:      "django",
 			EndpointBindings: map[string]string{"foo": "bar"},
 		},
 		GUIArgs: []interface{}{
@@ -1273,7 +1273,7 @@
 		Requires: []string{"addCharm-0"},
 	}},
 }, {
-	about: "service with non-default series and placements ",
+	about: "application with non-default series and placements ",
 	content: `
 series: trusty
 services:
@@ -1297,10 +1297,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "gui3",
-			Series:  "precise",
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "gui3",
+			Series:      "precise",
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
@@ -1354,8 +1354,8 @@
 		Method:   "addUnit",
 		Requires: []string{"deploy-1", "addMachines-5"},
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-5",
+			Application: "$deploy-1",
+			To:          "$addMachines-5",
 		},
 		GUIArgs: []interface{}{
 			"$deploy-1",
@@ -1366,8 +1366,8 @@
 		Method:   "addUnit",
 		Requires: []string{"deploy-1", "addMachines-6"},
 		Params: bundlechanges.AddUnitParams{
-			Service: "$deploy-1",
-			To:      "$addMachines-6",
+			Application: "$deploy-1",
+			To:          "$addMachines-6",
 		},
 		GUIArgs: []interface{}{
 			"$deploy-1",
@@ -1425,10 +1425,10 @@
 	}, {
 		Id:     "deploy-1",
 		Method: "deploy",
-		Params: bundlechanges.AddServiceParams{
-			Charm:   "$addCharm-0",
-			Service: "django",
-			Series:  series,
+		Params: bundlechanges.AddApplicationParams{
+			Charm:       "$addCharm-0",
+			Application: "django",
+			Series:      series,
 		},
 		GUIArgs: []interface{}{
 			"$addCharm-0",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/bundlechanges/dependencies.tsv juju-core-2.0~beta12/src/github.com/juju/bundlechanges/dependencies.tsv
--- juju-core-2.0~beta7/src/github.com/juju/bundlechanges/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/bundlechanges/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -5,21 +5,21 @@
 github.com/juju/httpprof	git	14bf14c307672fd2456bdbf35d19cf0ccd3cf565	2014-12-17T16:00:36Z
 github.com/juju/httprequest	git	89d547093c45e293599088cc63e805c6f1205dc0	2016-03-02T10:09:58Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
-github.com/juju/names	git	0fa6e46604f432b3064b02b2160fc5e6056131b8	2016-01-22T05:59:08Z
 github.com/juju/schema	git	1e25943f8c6fd6815282d6f1ac87091d21e14e19	2016-03-01T11:16:46Z
-github.com/juju/testing	git	321edad6b2d1ccac4af9ee05c25b8ad734d40546	2016-02-03T23:31:10Z
-github.com/juju/utils	git	0cac78a34dd1c42d2f2dc718c345fd13e3a264fc	2016-01-29T15:50:19Z
+github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
+github.com/juju/utils	git	ffea6ead0c374583e876c8357c9db6e98bc71476	2016-05-26T02:52:51Z
 github.com/juju/version	git	ef897ad7f130870348ce306f61332f5335355063	2015-11-27T20:34:00Z
 github.com/juju/webbrowser	git	54b8c57083b4afb7dc75da7f13e2967b2606a507	2016-03-09T14:36:29Z
 github.com/julienschmidt/httprouter	git	77a895ad01ebc98a4dc95d8355bc825ce80a56f6	2015-10-13T22:55:20Z
+github.com/rogpeppe/fastuuid	git	6724a57986aff9bff1a1770e9347036def7c89f6	2015-01-06T09:32:20Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
 golang.org/x/net	git	ea47fc708ee3e20177f3ca3716217c4ab75942cb	2015-08-29T23:03:18Z
 gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
 gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
-gopkg.in/juju/charm.v6-unstable	git	bd14aa9815cd1988c93991f4ac390622562a520e	2016-03-16T18:40:18Z
-gopkg.in/juju/charmrepo.v2-unstable	git	c457416da598dffa665fc75aeb5c7265ff1273c0	2016-04-13T10:03:17Z
-gopkg.in/macaroon-bakery.v1	git	fddb3dcd74806133259879d033fdfe92f9e67a8a	2016-04-01T12:14:21Z
+gopkg.in/juju/charm.v6-unstable	git	503191ddf2590b15db9669c424660ed612d0a30a	2016-05-27T01:46:20Z
+gopkg.in/juju/charmrepo.v2-unstable	git	6e6733987fb03100f30e494cc1134351fe4a593b	2016-05-30T23:07:41Z
+gopkg.in/juju/names.v2	git	e38bc90539f22af61a9c656d35068bd5f0a5b30a	2016-05-25T23:07:23Z
+gopkg.in/macaroon-bakery.v1	git	b097c9d99b2537efaf54492e08f7e148f956ba51	2016-05-24T09:38:11Z
 gopkg.in/macaroon.v1	git	ab3940c6c16510a850e1c2dd628b919f0f3f1464	2015-01-21T11:42:31Z
 gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
-gopkg.in/yaml.v1	git	9f9df34309c04878acc86042b16630b0f696e1de	2014-09-24T16:16:07Z
-gopkg.in/yaml.v2	git	53feefa2559fb8dfa8d81baad31be332c97d6c77	2015-09-24T14:23:14Z
+gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
diff -Nru juju-core-2.0~beta7/src/github.com/juju/bundlechanges/handlers.go juju-core-2.0~beta12/src/github.com/juju/bundlechanges/handlers.go
--- juju-core-2.0~beta7/src/github.com/juju/bundlechanges/handlers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/bundlechanges/handlers.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,9 +12,9 @@
 	"gopkg.in/juju/charmrepo.v2-unstable"
 )
 
-// handleServices populates the change set with "addCharm"/"addService" records.
-// This function also handles adding service annotations.
-func handleServices(add func(Change), services map[string]*charm.ServiceSpec, defaultSeries string) map[string]string {
+// handleServices populates the change set with "addCharm"/"addApplication" records.
+// This function also handles adding application annotations.
+func handleApplications(add func(Change), services map[string]*charm.ApplicationSpec, defaultSeries string) map[string]string {
 	charms := make(map[string]string, len(services))
 	addedServices := make(map[string]string, len(services))
 	// Iterate over the map using its sorted keys so that results are
@@ -26,46 +26,46 @@
 	sort.Strings(names)
 	var change Change
 	for _, name := range names {
-		service := services[name]
-		series := getSeries(service, defaultSeries)
+		application := services[name]
+		series := getSeries(application, defaultSeries)
 		// Add the addCharm record if one hasn't been added yet.
-		if charms[service.Charm] == "" {
+		if charms[application.Charm] == "" {
 			change = newAddCharmChange(AddCharmParams{
-				Charm:  service.Charm,
+				Charm:  application.Charm,
 				Series: series,
 			})
 			add(change)
-			charms[service.Charm] = change.Id()
+			charms[application.Charm] = change.Id()
 		}
 
-		// Add the addService record for this service.
-		change = newAddServiceChange(AddServiceParams{
-			Charm:            "$" + charms[service.Charm],
+		// Add the addApplication record for this application.
+		change = newAddApplicationChange(AddApplicationParams{
+			Charm:            "$" + charms[application.Charm],
 			Series:           series,
-			Service:          name,
-			Options:          service.Options,
-			Constraints:      service.Constraints,
-			Storage:          service.Storage,
-			EndpointBindings: service.EndpointBindings,
-			Resources:        service.Resources,
-		}, charms[service.Charm])
+			Application:      name,
+			Options:          application.Options,
+			Constraints:      application.Constraints,
+			Storage:          application.Storage,
+			EndpointBindings: application.EndpointBindings,
+			Resources:        application.Resources,
+		}, charms[application.Charm])
 		add(change)
 		id := change.Id()
 		addedServices[name] = id
 
-		// Expose the service if required.
-		if service.Expose {
+		// Expose the application if required.
+		if application.Expose {
 			add(newExposeChange(ExposeParams{
-				Service: "$" + id,
+				Application: "$" + id,
 			}, id))
 		}
 
-		// Add service annotations.
-		if len(service.Annotations) > 0 {
+		// Add application annotations.
+		if len(application.Annotations) > 0 {
 			add(newSetAnnotationsChange(SetAnnotationsParams{
-				EntityType:  ServiceType,
+				EntityType:  ApplicationType,
 				Id:          "$" + id,
-				Annotations: service.Annotations,
+				Annotations: application.Annotations,
 			}, id))
 		}
 	}
@@ -121,9 +121,9 @@
 		requires := make([]string, 2)
 		for i, endpoint := range relation {
 			ep := parseEndpoint(endpoint)
-			service := addedServices[ep.service]
-			requires[i] = service
-			ep.service = service
+			application := addedServices[ep.application]
+			requires[i] = application
+			ep.application = application
 			args[i] = "$" + ep.String()
 		}
 		add(newAddRelationChange(AddRelationParams{
@@ -135,7 +135,7 @@
 
 // handleUnits populates the change set with "addUnit" records.
 // It also handles adding machine containers where to place units if required.
-func handleUnits(add func(Change), services map[string]*charm.ServiceSpec, addedServices, addedMachines map[string]string, defaultSeries string) {
+func handleUnits(add func(Change), services map[string]*charm.ApplicationSpec, addedServices, addedMachines map[string]string, defaultSeries string) {
 	records := make(map[string]*AddUnitChange)
 	// Iterate over the map using its sorted keys so that results are
 	// deterministic and easier to test.
@@ -147,41 +147,41 @@
 	// Collect and add all unit changes. These records are likely to be
 	// modified later in order to handle unit placement.
 	for _, name := range names {
-		service := services[name]
-		for i := 0; i < service.NumUnits; i++ {
-			addedService := addedServices[name]
+		application := services[name]
+		for i := 0; i < application.NumUnits; i++ {
+			addedApplication := addedServices[name]
 			change := newAddUnitChange(AddUnitParams{
-				Service: "$" + addedService,
-			}, addedService)
+				Application: "$" + addedApplication,
+			}, addedApplication)
 			add(change)
 			records[fmt.Sprintf("%s/%d", name, i)] = change
 		}
 	}
-	// Now handle unit placement for each added service unit.
+	// Now handle unit placement for each added application unit.
 	for _, name := range names {
-		service := services[name]
-		numPlaced := len(service.To)
+		application := services[name]
+		numPlaced := len(application.To)
 		if numPlaced == 0 {
 			// If there are no placement directives it means that either the
-			// service has no units (in which case there is no need to
+			// application has no units (in which case there is no need to
 			// proceed), or the units are not placed (in which case there is no
 			// need to modify the change already added above).
 			continue
 		}
-		// servicePlacedUnits holds, for each service, the number of units of
-		// the current service already placed to that service.
+		// servicePlacedUnits holds, for each application, the number of units of
+		// the current application already placed to that application.
 		servicePlacedUnits := make(map[string]int)
 		// At this point we know that we have at least one placement directive.
 		// Fill the other ones if required.
-		lastPlacement := service.To[numPlaced-1]
-		for i := 0; i < service.NumUnits; i++ {
+		lastPlacement := application.To[numPlaced-1]
+		for i := 0; i < application.NumUnits; i++ {
 			p := lastPlacement
 			if i < numPlaced {
-				p = service.To[i]
+				p = application.To[i]
 			}
 			// Generate the changes required in order to place this unit, and
 			// retrieve the identifier of the parent change.
-			parentId := unitParent(add, p, records, addedMachines, servicePlacedUnits, getSeries(service, defaultSeries))
+			parentId := unitParent(add, p, records, addedMachines, servicePlacedUnits, getSeries(application, defaultSeries))
 			// Retrieve and modify the original "addUnit" change to add the
 			// new parent requirement and placement target.
 			change := records[fmt.Sprintf("%s/%d", name, i)]
@@ -214,19 +214,19 @@
 		}
 		return parentId
 	}
-	// The unit is placed to another unit or to a service.
+	// The unit is placed to another unit or to an application.
 	number := placement.Unit
 	if number == -1 {
-		// The unit is placed to a service. Calculate the unit number to be
+		// The unit is placed to an application. Calculate the unit number to be
 		// used for unit co-location.
-		if n, ok := servicePlacedUnits[placement.Service]; ok {
+		if n, ok := servicePlacedUnits[placement.Application]; ok {
 			number = n + 1
 		} else {
 			number = 0
 		}
-		servicePlacedUnits[placement.Service] = number
+		servicePlacedUnits[placement.Application] = number
 	}
-	otherUnit := fmt.Sprintf("%s/%d", placement.Service, number)
+	otherUnit := fmt.Sprintf("%s/%d", placement.Application, number)
 	parentId = records[otherUnit].Id()
 	if placement.ContainerType != "" {
 		parentId = addContainer(add, placement.ContainerType, parentId, series)
@@ -244,14 +244,14 @@
 	return change.Id()
 }
 
-// getSeries retrieves the series of a service from the ServiceSpec or from the
+// getSeries retrieves the series of a application from the ApplicationSpec or from the
 // charm path or URL if provided, otherwise falling back on a default series.
-func getSeries(service *charm.ServiceSpec, defaultSeries string) string {
-	if service.Series != "" {
-		return service.Series
+func getSeries(application *charm.ApplicationSpec, defaultSeries string) string {
+	if application.Series != "" {
+		return application.Series
 	}
 	// We may have a local charm path.
-	_, curl, err := charmrepo.NewCharmAtPath(service.Charm, "")
+	_, curl, err := charmrepo.NewCharmAtPath(application.Charm, "")
 	if charm.IsMissingSeriesError(err) {
 		// local charm path is valid but the charm doesn't declare a default series.
 		return defaultSeries
@@ -262,7 +262,7 @@
 	}
 	// The following is safe because the bundle data is assumed to be already
 	// verified, and therefore this must be a valid charm URL.
-	series := charm.MustParseURL(service.Charm).Series
+	series := charm.MustParseURL(application.Charm).Series
 	if series != "" {
 		return series
 	}
@@ -273,7 +273,7 @@
 func parseEndpoint(e string) *endpoint {
 	parts := strings.SplitN(e, ":", 2)
 	ep := &endpoint{
-		service: parts[0],
+		application: parts[0],
 	}
 	if len(parts) == 2 {
 		ep.relation = parts[1]
@@ -283,14 +283,14 @@
 
 // endpoint holds a relation endpoint.
 type endpoint struct {
-	service  string
-	relation string
+	application string
+	relation    string
 }
 
 // String returns the string representation of an endpoint.
 func (ep endpoint) String() string {
 	if ep.relation == "" {
-		return ep.service
+		return ep.application
 	}
-	return fmt.Sprintf("%s:%s", ep.service, ep.relation)
+	return fmt.Sprintf("%s:%s", ep.application, ep.relation)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/cmd/help.go juju-core-2.0~beta12/src/github.com/juju/cmd/help.go
--- juju-core-2.0~beta7/src/github.com/juju/cmd/help.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/cmd/help.go	2016-07-18 19:45:44.000000000 +0000
@@ -105,6 +105,9 @@
 }
 
 func (c *helpCommand) Init(args []string) error {
+	if c.super.notifyHelp != nil {
+		c.super.notifyHelp(args)
+	}
 	logger.Tracef("helpCommand.Init: %#v", args)
 	if len(args) == 0 {
 		// If there is no help topic specified, print basic usage if it is
diff -Nru juju-core-2.0~beta7/src/github.com/juju/cmd/help_test.go juju-core-2.0~beta12/src/github.com/juju/cmd/help_test.go
--- juju-core-2.0~beta7/src/github.com/juju/cmd/help_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/cmd/help_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -159,3 +159,21 @@
 		c.Check(cmdtesting.Stdout(ctx), gc.Equals, help)
 	}
 }
+
+func (s *HelpCommandSuite) TestNotifyHelp(c *gc.C) {
+	var called [][]string
+	super := cmd.NewSuperCommand(cmd.SuperCommandParams{
+		Name: "super",
+		NotifyHelp: func(args []string) {
+			called = append(called, args)
+		},
+	})
+	super.Register(&TestCommand{
+		Name: "blah",
+	})
+	ctx := cmdtesting.Context(c)
+	code := cmd.Main(super, ctx, []string{"help", "blah"})
+	c.Assert(code, gc.Equals, 0)
+
+	c.Assert(called, jc.DeepEquals, [][]string{{"blah"}})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/cmd/logging.go juju-core-2.0~beta12/src/github.com/juju/cmd/logging.go
--- juju-core-2.0~beta7/src/github.com/juju/cmd/logging.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/cmd/logging.go	2016-07-18 19:45:44.000000000 +0000
@@ -100,7 +100,8 @@
 		}
 	}
 	// Set the level on the root logger.
-	loggo.GetLogger("").SetLogLevel(level)
+	root := loggo.GetLogger("")
+	root.SetLogLevel(level)
 	// Override the logging config with specified logging config.
 	loggo.ConfigureLoggers(log.Config)
 	return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/cmd/supercommand.go juju-core-2.0~beta12/src/github.com/juju/cmd/supercommand.go
--- juju-core-2.0~beta7/src/github.com/juju/cmd/supercommand.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/cmd/supercommand.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,6 +9,7 @@
 	"sort"
 	"strings"
 
+	"github.com/juju/errors"
 	"github.com/juju/loggo"
 	"launchpad.net/gnuflag"
 )
@@ -48,6 +49,13 @@
 	// is about to run a sub-command.
 	NotifyRun func(cmdName string)
 
+	// NotifyHelp is called just before help is printed, with the
+	// arguments received by the help command. This can be
+	// used, for example, to load command information for external
+	// "plugin" commands, so that their documentation will show up
+	// in the help output.
+	NotifyHelp func([]string)
+
 	Name            string
 	Purpose         string
 	Doc             string
@@ -76,6 +84,7 @@
 		Aliases:             params.Aliases,
 		version:             params.Version,
 		notifyRun:           params.NotifyRun,
+		notifyHelp:          params.NotifyHelp,
 		userAliasesFilename: params.UserAliasesFilename,
 	}
 	command.init()
@@ -129,6 +138,7 @@
 	noAlias             bool
 	missingCallback     MissingCallback
 	notifyRun           func(string)
+	notifyHelp          func([]string)
 }
 
 // IsSuperCommand implements Command.IsSuperCommand
@@ -285,7 +295,7 @@
 		info := action.command.Info()
 		purpose := info.Purpose
 		if action.alias != "" {
-			purpose = "alias for '" + action.alias + "'"
+			purpose = "Alias for '" + action.alias + "'."
 		}
 		result = append(result, fmt.Sprintf(lineFormat, longest, name, purpose))
 	}
@@ -446,6 +456,7 @@
 	err := c.action.command.Run(ctx)
 	if err != nil && !IsErrSilent(err) {
 		logger.Errorf("%v", err)
+		logger.Debugf("(error details: %v)", errors.Details(err))
 		// Now that this has been logged, don't log again in cmd.Main.
 		if !IsRcPassthroughError(err) {
 			err = ErrSilent
diff -Nru juju-core-2.0~beta7/src/github.com/juju/cmd/supercommand_test.go juju-core-2.0~beta12/src/github.com/juju/cmd/supercommand_test.go
--- juju-core-2.0~beta7/src/github.com/juju/cmd/supercommand_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/cmd/supercommand_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -131,9 +131,9 @@
 
 	info := jc.Info()
 	c.Assert(info.Doc, gc.Equals, `commands:
-    flap - alias for 'flip'
+    flap - Alias for 'flip'.
     flip - flip the juju
-    flop - alias for 'flip'
+    flop - Alias for 'flip'.
     help - show help on a command or other topic`)
 }
 
@@ -258,7 +258,7 @@
 	ctx := cmdtesting.Context(c)
 	code := cmd.Main(sc, ctx, []string{"blah", "--option", "error", "--debug"})
 	c.Assert(code, gc.Equals, 1)
-	c.Assert(bufferString(ctx.Stderr), gc.Matches, `^.* ERROR .* BAM!\n`)
+	c.Assert(bufferString(ctx.Stderr), gc.Matches, `^.* ERROR .* BAM!\n.* DEBUG .* \(error details.*\).*\n`)
 }
 
 func (s *SuperCommandSuite) TestNotifyRun(c *gc.C) {
@@ -429,7 +429,7 @@
 	info := jc.Info()
 	// NOTE: deprecated `bar` not shown in commands.
 	c.Assert(info.Doc, gc.Equals, `commands:
-    foo  - alias for 'test'
+    foo  - Alias for 'test'.
     help - show help on a command or other topic
     test - to be simple`)
 
@@ -494,7 +494,7 @@
 	// NOTE: deprecated `bar` not shown in commands.
 	c.Assert(info.Doc, gc.Equals, `commands:
     bar     - bar functions
-    bar-foo - alias for 'bar foo'
+    bar-foo - Alias for 'bar foo'.
     help    - show help on a command or other topic
     test    - to be simple`)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/dependencies.tsv juju-core-2.0~beta12/src/github.com/juju/idmclient/dependencies.tsv
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -1,19 +1,20 @@
 github.com/juju/errors	git	1b5e39b83d1835fa480e0c2ddefb040ee82d58b3	2015-09-16T12:56:42Z
 github.com/juju/httprequest	git	89d547093c45e293599088cc63e805c6f1205dc0	2016-03-02T10:09:58Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
-github.com/juju/names	git	e287fe4ae0dbda220cace3ed0e35cda4796c1aa3	2015-10-22T17:21:35Z
-github.com/juju/schema	git	47d9b102199f4c67e5bfb28eb07bbe39411754fe	2016-01-19T21:19:26Z
-github.com/juju/testing	git	ee18040b46bb1f8c93438383bd51ec77eb8c02ab	2016-01-12T21:04:04Z
+github.com/juju/schema	git	1e25943f8c6fd6815282d6f1ac87091d21e14e19	2016-03-01T11:16:46Z
+github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
 github.com/juju/usso	git	68a59c96c178fbbad65926e7f93db50a2cd14f33	2016-04-01T10:44:24Z
-github.com/juju/utils	git	0cac78a34dd1c42d2f2dc718c345fd13e3a264fc	2016-01-29T15:50:19Z
+github.com/juju/utils	git	ffea6ead0c374583e876c8357c9db6e98bc71476	2016-05-26T02:52:51Z
 github.com/juju/webbrowser	git	54b8c57083b4afb7dc75da7f13e2967b2606a507	2016-03-09T14:36:29Z
 github.com/julienschmidt/httprouter	git	77a895ad01ebc98a4dc95d8355bc825ce80a56f6	2015-10-13T22:55:20Z
+github.com/rogpeppe/fastuuid	git	6724a57986aff9bff1a1770e9347036def7c89f6	2015-01-06T09:32:20Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
 golang.org/x/net	git	ea47fc708ee3e20177f3ca3716217c4ab75942cb	2015-08-29T23:03:18Z
 gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
 gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
 gopkg.in/juju/environschema.v1	git	7359fc7857abe2b11b5b3e23811a9c64cb6b01e0	2015-11-04T11:58:10Z
-gopkg.in/macaroon-bakery.v1	git	fddb3dcd74806133259879d033fdfe92f9e67a8a	2016-04-01T12:14:21Z
+gopkg.in/juju/names.v2	git	e38bc90539f22af61a9c656d35068bd5f0a5b30a	2016-05-25T23:07:23Z
+gopkg.in/macaroon-bakery.v1	git	b097c9d99b2537efaf54492e08f7e148f956ba51	2016-05-24T09:38:11Z
 gopkg.in/macaroon.v1	git	ab3940c6c16510a850e1c2dd628b919f0f3f1464	2015-01-21T11:42:31Z
 gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
-gopkg.in/yaml.v2	git	53feefa2559fb8dfa8d81baad31be332c97d6c77	2015-09-24T14:23:14Z
+gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/groupcache.go juju-core-2.0~beta12/src/github.com/juju/idmclient/groupcache.go
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/groupcache.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/groupcache.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package idmclient
+
+import (
+	"sort"
+	"time"
+
+	"github.com/juju/utils/cache"
+	"gopkg.in/errgo.v1"
+
+	"github.com/juju/idmclient/params"
+)
+
+// GroupCache holds a cache of group membership information.
+type GroupCache struct {
+	cache  *cache.Cache
+	client *Client
+}
+
+// NewGroupCache returns a GroupCache that will cache
+// group membership information.
+//
+// It will cache results for at most cacheTime.
+//
+// Note that use of this type should be avoided when possible - in
+// the future it may not be possible to enumerate group membership
+// for a user.
+func NewGroupCache(c *Client, cacheTime time.Duration) *GroupCache {
+	return &GroupCache{
+		cache:  cache.New(cacheTime),
+		client: c,
+	}
+}
+
+// Groups returns the set of groups that the user is a member of.
+func (gc *GroupCache) Groups(username string) ([]string, error) {
+	groupMap, err := gc.groupMap(username)
+	if err != nil {
+		return nil, errgo.Mask(err)
+	}
+	groups := make([]string, 0, len(groupMap))
+	for g := range groupMap {
+		groups = append(groups, g)
+	}
+	sort.Strings(groups)
+	return groups, nil
+}
+
+func (gc *GroupCache) groupMap(username string) (map[string]bool, error) {
+	groups0, err := gc.cache.Get(username, func() (interface{}, error) {
+		groups, err := gc.client.UserGroups(&params.UserGroupsRequest{
+			Username: params.Username(username),
+		})
+		if err != nil && errgo.Cause(err) != params.ErrNotFound {
+			return nil, errgo.Mask(err)
+		}
+		groupMap := make(map[string]bool)
+		for _, g := range groups {
+			groupMap[g] = true
+		}
+		return groupMap, nil
+	})
+	if err != nil {
+		return nil, errgo.Notef(err, "cannot fetch groups")
+	}
+	return groups0.(map[string]bool), nil
+}
+
+// CacheEvict evicts username from the cache.
+func (c *GroupCache) CacheEvict(username string) {
+	c.cache.Evict(username)
+}
+
+// CacheEvictAll evicts everything from the cache.
+func (c *GroupCache) CacheEvictAll() {
+	c.cache.EvictAll()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/idmtest/idmtest.go juju-core-2.0~beta12/src/github.com/juju/idmclient/idmtest/idmtest.go
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/idmtest/idmtest.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/idmtest/idmtest.go	2016-07-18 19:45:44.000000000 +0000
@@ -180,16 +180,34 @@
 }
 
 // AddUser adds a new user that's in the given set of groups.
+// If the user already exists, the given groups are
+// added to that user's groups.
 func (srv *Server) AddUser(name string, groups ...string) {
-	key, err := bakery.GenerateKey()
-	if err != nil {
-		panic(err)
-	}
 	srv.mu.Lock()
 	defer srv.mu.Unlock()
-	srv.users[name] = &user{
-		groups: groups,
-		key:    key,
+	u := srv.users[name]
+	if u == nil {
+		key, err := bakery.GenerateKey()
+		if err != nil {
+			panic(err)
+		}
+		srv.users[name] = &user{
+			groups: groups,
+			key:    key,
+		}
+		return
+	}
+	for _, g := range groups {
+		found := false
+		for _, ug := range u.groups {
+			if ug == g {
+				found = true
+				break
+			}
+		}
+		if !found {
+			u.groups = append(u.groups, g)
+		}
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/idmtest/idmtest_test.go juju-core-2.0~beta12/src/github.com/juju/idmclient/idmtest/idmtest_test.go
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/idmtest/idmtest_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/idmtest/idmtest_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -94,3 +94,20 @@
 	c.Assert(err, gc.IsNil)
 	c.Assert(groups, gc.HasLen, 0)
 }
+
+func (s *suite) TestAddUserWithExistingGroups(c *gc.C) {
+	srv := idmtest.NewServer()
+	srv.AddUser("alice", "anteaters")
+	srv.AddUser("alice")
+	srv.AddUser("alice", "goof", "anteaters")
+
+	client := idmclient.New(idmclient.NewParams{
+		BaseURL: srv.URL.String(),
+		Client:  srv.Client("alice"),
+	})
+	groups, err := client.UserGroups(&idmparams.UserGroupsRequest{
+		Username: "alice",
+	})
+	c.Assert(err, gc.IsNil)
+	c.Assert(groups, jc.DeepEquals, []string{"anteaters", "goof"})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/params/params.go juju-core-2.0~beta12/src/github.com/juju/idmclient/params/params.go
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/params/params.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/params/params.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,8 +8,8 @@
 	"unicode/utf8"
 
 	"github.com/juju/httprequest"
-	"github.com/juju/names"
 	"gopkg.in/errgo.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon.v1"
 )
@@ -102,6 +102,7 @@
 	IDPGroups  []string            `json:"idpgroups"`
 	Owner      Username            `json:"owner,omitempty"`
 	PublicKeys []*bakery.PublicKey `json:"public_keys"`
+	SSHKeys    []string            `json:"ssh_keys"`
 }
 
 // SetUserRequest is request to set the details of a user.
@@ -138,6 +139,46 @@
 	Macaroons         macaroon.Slice `httprequest:",body"`
 }
 
+// SSHKeysRequest is a request for the list of ssh keys associated
+// with the specified user.
+type SSHKeysRequest struct {
+	httprequest.Route `httprequest:"GET /v1/u/:username/ssh-keys"`
+	Username          Username `httprequest:"username,path"`
+}
+
+// UserSSHKeysResponse holds a response to the GET /v1/u/:username/ssh-keys
+// containing list of ssh keys associated with the user.
+type SSHKeysResponse struct {
+	SSHKeys []string `json:"ssh_keys"`
+}
+
+// PutSSHKeysRequest is a request to set ssh keys to the list of ssh keys
+// associated with the user.
+type PutSSHKeysRequest struct {
+	httprequest.Route `httprequest:"PUT /v1/u/:username/ssh-keys"`
+	Username          Username       `httprequest:"username,path"`
+	Body              PutSSHKeysBody `httprequest:",body"`
+}
+
+// PutSSHKeysBody holds the body of a PutSSHKeysRequest.
+type PutSSHKeysBody struct {
+	SSHKeys []string `json:"ssh-keys"`
+	Add     bool     `json:"add,omitempty"`
+}
+
+// DeleteSSHKeysRequest is a request to remove ssh keys from the list of ssh keys
+// associated with the user.
+type DeleteSSHKeysRequest struct {
+	httprequest.Route `httprequest:"DELETE /v1/u/:username/ssh-keys"`
+	Username          Username          `httprequest:"username,path"`
+	Body              DeleteSSHKeysBody `httprequest:",body"`
+}
+
+// DeleteSSHKeysBody holds the body of a DeleteSSHKeysRequest.
+type DeleteSSHKeysBody struct {
+	SSHKeys []string `json:"ssh-keys"`
+}
+
 // UserExtraInfoRequest is a request for the arbitrary extra information
 // stored about the user.
 type UserExtraInfoRequest struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/permcheck.go juju-core-2.0~beta12/src/github.com/juju/idmclient/permcheck.go
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/permcheck.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/permcheck.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,16 +6,12 @@
 import (
 	"time"
 
-	"github.com/juju/utils/cache"
 	"gopkg.in/errgo.v1"
-
-	"github.com/juju/idmclient/params"
 )
 
 // PermChecker provides a way to query ACLs using the identity client.
 type PermChecker struct {
-	cache  *cache.Cache
-	client *Client
+	cache *GroupCache
 }
 
 // NewPermChecker returns a permission checker
@@ -24,8 +20,15 @@
 // It will cache results for at most cacheTime.
 func NewPermChecker(c *Client, cacheTime time.Duration) *PermChecker {
 	return &PermChecker{
-		cache:  cache.New(cacheTime),
-		client: c,
+		cache: NewGroupCache(c, cacheTime),
+	}
+}
+
+// NewPermCheckerWithCache returns a new PermChecker using
+// the given cache for its group queries.
+func NewPermCheckerWithCache(cache *GroupCache) *PermChecker {
+	return &PermChecker{
+		cache: cache,
 	}
 }
 
@@ -41,23 +44,10 @@
 			return true, nil
 		}
 	}
-	groups0, err := c.cache.Get(username, func() (interface{}, error) {
-		groups, err := c.client.UserGroups(&params.UserGroupsRequest{
-			Username: params.Username(username),
-		})
-		if err != nil && errgo.Cause(err) != params.ErrNotFound {
-			return nil, errgo.Mask(err)
-		}
-		groupMap := make(map[string]bool)
-		for _, g := range groups {
-			groupMap[g] = true
-		}
-		return groupMap, nil
-	})
+	groups, err := c.cache.groupMap(username)
 	if err != nil {
-		return false, errgo.Notef(err, "cannot fetch groups")
+		return false, errgo.Mask(err)
 	}
-	groups := groups0.(map[string]bool)
 	for _, a := range acl {
 		if groups[a] {
 			return true, nil
@@ -68,10 +58,10 @@
 
 // CacheEvict evicts username from the cache.
 func (c *PermChecker) CacheEvict(username string) {
-	c.cache.Evict(username)
+	c.cache.CacheEvict(username)
 }
 
 // CacheEvictAll evicts everything from the cache.
 func (c *PermChecker) CacheEvictAll() {
-	c.cache.EvictAll()
+	c.cache.CacheEvictAll()
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/permcheck_test.go juju-core-2.0~beta12/src/github.com/juju/idmclient/permcheck_test.go
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/permcheck_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/permcheck_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,6 +6,7 @@
 import (
 	"time"
 
+	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/idmclient"
@@ -62,3 +63,38 @@
 	c.Assert(err, gc.IsNil)
 	c.Assert(ok, gc.Equals, true)
 }
+
+func (s *permCheckerSuite) TestGroupCache(c *gc.C) {
+	srv := idmtest.NewServer()
+	srv.AddUser("alice", "somegroup", "othergroup")
+
+	client := idmclient.New(idmclient.NewParams{
+		BaseURL: srv.URL.String(),
+		Client:  srv.Client("alice"),
+	})
+
+	cache := idmclient.NewGroupCache(client, time.Hour)
+
+	// If the user isn't found, we retturn no groups.
+	g, err := cache.Groups("bob")
+	c.Assert(err, gc.IsNil)
+	c.Assert(g, gc.HasLen, 0)
+
+	g, err = cache.Groups("alice")
+	c.Assert(err, gc.IsNil)
+	c.Assert(g, jc.DeepEquals, []string{"othergroup", "somegroup"})
+
+	srv.AddUser("bob", "beatles")
+
+	// The group details are currently cached by the client,
+	// so we'll still see the original group membership.
+	g, err = cache.Groups("bob")
+	c.Assert(err, gc.IsNil)
+	c.Assert(g, gc.HasLen, 0)
+
+	// Clearing the cache allows it to succeed.
+	cache.CacheEvictAll()
+	g, err = cache.Groups("bob")
+	c.Assert(err, gc.IsNil)
+	c.Assert(g, jc.DeepEquals, []string{"beatles"})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/idmclient/ussologin/ussologin.go juju-core-2.0~beta12/src/github.com/juju/idmclient/ussologin/ussologin.go
--- juju-core-2.0~beta7/src/github.com/juju/idmclient/ussologin/ussologin.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/idmclient/ussologin/ussologin.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,7 +28,7 @@
 var server tokenGetter = usso.ProductionUbuntuSSOServer
 
 var (
-	userKey = "Username"
+	userKey = "E-Mail"
 	passKey = "Password"
 	otpKey  = "Two-factor auth (Enter for none)"
 )
@@ -59,6 +59,7 @@
 
 // loginForm contains the fields required for login.
 var loginForm = form.Form{
+	Title: "Login to Ubuntu SSO",
 	Fields: environschema.Fields{
 		userKey: environschema.Attr{
 			Description: "Username",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/agentbootstrap/bootstrap.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/agentbootstrap/bootstrap.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/agentbootstrap/bootstrap.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/agentbootstrap/bootstrap.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,13 +6,14 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/series"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/controller/modelmanager"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
@@ -24,27 +25,17 @@
 
 var logger = loggo.GetLogger("juju.agent.agentbootstrap")
 
-// BootstrapMachineConfig holds configuration information
-// to attach to the bootstrap machine.
-type BootstrapMachineConfig struct {
-	// Addresses holds the bootstrap machine's addresses.
-	Addresses []network.Address
-
-	// BootstrapConstraints holds the bootstrap machine's constraints.
-	BootstrapConstraints constraints.Value
-
-	// ModelConstraints holds the model-level constraints.
-	ModelConstraints constraints.Value
-
-	// Jobs holds the jobs that the machine agent will run.
-	Jobs []multiwatcher.MachineJob
-
-	// InstanceId holds the instance id of the bootstrap machine.
-	InstanceId instance.Id
-
-	// Characteristics holds hardware information on the
-	// bootstrap machine.
-	Characteristics instance.HardwareCharacteristics
+// InitializeStateParams holds parameters used for initializing the state
+// database.
+type InitializeStateParams struct {
+	instancecfg.StateInitializationParams
+
+	// BootstrapMachineAddresses holds the bootstrap machine's addresses.
+	BootstrapMachineAddresses []network.Address
+
+	// BootstrapMachineJobs holds the jobs that the bootstrap machine
+	// agent will run.
+	BootstrapMachineJobs []multiwatcher.MachineJob
 
 	// SharedSecret is the Mongo replica set shared secret (keyfile).
 	SharedSecret string
@@ -66,9 +57,7 @@
 func InitializeState(
 	adminUser names.UserTag,
 	c agent.ConfigSetter,
-	cfg *config.Config,
-	hostedModelConfigAttrs map[string]interface{},
-	machineCfg BootstrapMachineConfig,
+	args InitializeStateParams,
 	dialOpts mongo.DialOpts,
 	policy state.Policy,
 ) (_ *state.State, _ *state.Machine, resultErr error) {
@@ -92,8 +81,30 @@
 		return nil, nil, errors.Annotate(err, "failed to initialize mongo admin user")
 	}
 
+	cloudCredentials := make(map[string]cloud.Credential)
+	if args.ControllerCloudCredential != nil {
+		cloudCredentials[args.ControllerCloudCredentialName] = *args.ControllerCloudCredential
+	}
+
 	logger.Debugf("initializing address %v", info.Addrs)
-	st, err := state.Initialize(adminUser, info, cfg, dialOpts, policy)
+	st, err := state.Initialize(state.InitializeParams{
+		ControllerModelArgs: state.ModelArgs{
+			Owner:           adminUser,
+			Config:          args.ControllerModelConfig,
+			Constraints:     args.ModelConstraints,
+			CloudName:       args.ControllerCloudName,
+			CloudRegion:     args.ControllerCloudRegion,
+			CloudCredential: args.ControllerCloudCredentialName,
+		},
+		CloudName:                 args.ControllerCloudName,
+		Cloud:                     args.ControllerCloud,
+		CloudCredentials:          cloudCredentials,
+		ControllerConfig:          args.ControllerConfig,
+		ControllerInheritedConfig: args.ControllerInheritedConfig,
+		MongoInfo:                 info,
+		MongoDialOpts:             dialOpts,
+		Policy:                    policy,
+	})
 	if err != nil {
 		return nil, nil, errors.Errorf("failed to initialize state: %v", err)
 	}
@@ -103,45 +114,58 @@
 			st.Close()
 		}
 	}()
-	servingInfo.SharedSecret = machineCfg.SharedSecret
+	servingInfo.SharedSecret = args.SharedSecret
 	c.SetStateServingInfo(servingInfo)
 
-	// Filter out any LXC bridge addresses from the machine addresses.
-	machineCfg.Addresses = network.FilterLXCAddresses(machineCfg.Addresses)
+	// Filter out any LXC or LXD bridge addresses from the machine addresses.
+	args.BootstrapMachineAddresses = network.FilterBridgeAddresses(args.BootstrapMachineAddresses)
 
-	if err = initAPIHostPorts(c, st, machineCfg.Addresses, servingInfo.APIPort); err != nil {
+	if err = initAPIHostPorts(c, st, args.BootstrapMachineAddresses, servingInfo.APIPort); err != nil {
 		return nil, nil, err
 	}
 	ssi := paramsStateServingInfoToStateStateServingInfo(servingInfo)
 	if err := st.SetStateServingInfo(ssi); err != nil {
 		return nil, nil, errors.Errorf("cannot set state serving info: %v", err)
 	}
-	m, err := initConstraintsAndBootstrapMachine(c, st, machineCfg)
+	m, err := initBootstrapMachine(c, st, args)
 	if err != nil {
-		return nil, nil, err
+		return nil, nil, errors.Annotate(err, "cannot initialize bootstrap machine")
 	}
 
 	// Create the initial hosted model, with the model config passed to
 	// bootstrap, which contains the UUID, name for the hosted model,
-	// and any user supplied config.
+	// and any user supplied config. We also copy the authorized-keys
+	// from the controller model.
 	attrs := make(map[string]interface{})
-	for k, v := range hostedModelConfigAttrs {
+	for k, v := range args.HostedModelConfig {
 		attrs[k] = v
 	}
-	hostedModelConfig, err := modelmanager.ModelConfigCreator{}.NewModelConfig(modelmanager.IsAdmin, cfg, attrs)
+	attrs[config.AuthorizedKeysKey] = args.ControllerModelConfig.AuthorizedKeys()
+
+	// TODO(axw) we shouldn't be adding credentials to model config.
+	if args.ControllerCloudCredential != nil {
+		for k, v := range args.ControllerCloudCredential.Attributes() {
+			attrs[k] = v
+		}
+	}
+	controllerUUID := args.ControllerConfig.ControllerUUID()
+	hostedModelConfig, err := modelmanager.ModelConfigCreator{}.NewModelConfig(
+		modelmanager.IsAdmin, controllerUUID, args.ControllerModelConfig, attrs,
+	)
 	if err != nil {
 		return nil, nil, errors.Annotate(err, "creating hosted model config")
 	}
 	_, hostedModelState, err := st.NewModel(state.ModelArgs{
-		Config: hostedModelConfig,
-		Owner:  adminUser,
+		Owner:           adminUser,
+		Config:          hostedModelConfig,
+		Constraints:     args.ModelConstraints,
+		CloudName:       args.ControllerCloudName,
+		CloudRegion:     args.ControllerCloudRegion,
+		CloudCredential: args.ControllerCloudCredentialName,
 	})
 	if err != nil {
 		return nil, nil, errors.Annotate(err, "creating hosted model")
 	}
-	if err := hostedModelState.SetModelConstraints(machineCfg.ModelConstraints); err != nil {
-		return nil, nil, errors.Annotate(err, "cannot set initial hosted model constraints")
-	}
 	hostedModelState.Close()
 
 	return st, m, nil
@@ -159,17 +183,6 @@
 	}
 }
 
-func initConstraintsAndBootstrapMachine(c agent.ConfigSetter, st *state.State, cfg BootstrapMachineConfig) (*state.Machine, error) {
-	if err := st.SetModelConstraints(cfg.ModelConstraints); err != nil {
-		return nil, errors.Annotate(err, "cannot set initial model constraints")
-	}
-	m, err := initBootstrapMachine(c, st, cfg)
-	if err != nil {
-		return nil, errors.Annotate(err, "cannot initialize bootstrap machine")
-	}
-	return m, nil
-}
-
 // initMongoAdminUser adds the admin user with the specified
 // password to the admin database in Mongo.
 func initMongoAdminUser(info mongo.Info, dialOpts mongo.DialOpts, password string) error {
@@ -182,24 +195,28 @@
 }
 
 // initBootstrapMachine initializes the initial bootstrap machine in state.
-func initBootstrapMachine(c agent.ConfigSetter, st *state.State, cfg BootstrapMachineConfig) (*state.Machine, error) {
-	logger.Infof("initialising bootstrap machine with config: %+v", cfg)
+func initBootstrapMachine(c agent.ConfigSetter, st *state.State, args InitializeStateParams) (*state.Machine, error) {
+	logger.Infof("initialising bootstrap machine with config: %+v", args)
 
-	jobs := make([]state.MachineJob, len(cfg.Jobs))
-	for i, job := range cfg.Jobs {
+	jobs := make([]state.MachineJob, len(args.BootstrapMachineJobs))
+	for i, job := range args.BootstrapMachineJobs {
 		machineJob, err := machineJobFromParams(job)
 		if err != nil {
 			return nil, errors.Errorf("invalid bootstrap machine job %q: %v", job, err)
 		}
 		jobs[i] = machineJob
 	}
+	var hardware instance.HardwareCharacteristics
+	if args.BootstrapMachineHardwareCharacteristics != nil {
+		hardware = *args.BootstrapMachineHardwareCharacteristics
+	}
 	m, err := st.AddOneMachine(state.MachineTemplate{
-		Addresses:               cfg.Addresses,
+		Addresses:               args.BootstrapMachineAddresses,
 		Series:                  series.HostSeries(),
 		Nonce:                   agent.BootstrapNonce,
-		Constraints:             cfg.BootstrapConstraints,
-		InstanceId:              cfg.InstanceId,
-		HardwareCharacteristics: cfg.Characteristics,
+		Constraints:             args.BootstrapMachineConstraints,
+		InstanceId:              args.BootstrapMachineInstanceId,
+		HardwareCharacteristics: hardware,
 		Jobs: jobs,
 	})
 	if err != nil {
@@ -253,8 +270,6 @@
 		return state.JobHostUnits, nil
 	case multiwatcher.JobManageModel:
 		return state.JobManageModel, nil
-	case multiwatcher.JobManageNetworking:
-		return state.JobManageNetworking, nil
 	default:
 		return -1, errors.Errorf("invalid machine job %q", job)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/agentbootstrap/bootstrap_test.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/agentbootstrap/bootstrap_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/agentbootstrap/bootstrap_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/agentbootstrap/bootstrap_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,17 +8,20 @@
 	"net"
 	"path/filepath"
 
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/agent/agentbootstrap"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
@@ -66,12 +69,23 @@
 LXC_BRIDGE="ignored"`[1:])
 	err := ioutil.WriteFile(lxcFakeNetConfig, netConf, 0644)
 	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(err, jc.ErrorIsNil)
 	s.PatchValue(&network.InterfaceByNameAddrs, func(name string) ([]net.Addr, error) {
-		c.Assert(name, gc.Equals, "foobar")
-		return []net.Addr{
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
-		}, nil
+		if name == "foobar" {
+			// The addresses on the LXC bridge
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
+			}, nil
+		} else if name == network.DefaultLXDBridge {
+			// The addresses on the LXD bridge
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 4, 1)},
+				&net.IPAddr{IP: net.IPv4(10, 0, 4, 4)},
+			}, nil
+		}
+		c.Fatalf("unknown bridge in testing: %v", name)
+		return nil, nil
 	})
 	s.PatchValue(&network.LXCNetDefaultConfig, lxcFakeNetConfig)
 
@@ -107,33 +121,35 @@
 		"10.0.3.1", // lxc bridge address filtered.
 		"10.0.3.4", // lxc bridge address filtered (-"-).
 		"10.0.3.3", // not a lxc bridge address
+		"10.0.4.1", // lxd bridge address filtered.
+		"10.0.4.4", // lxd bridge address filtered.
+		"10.0.4.5", // not an lxd bridge address
 	)
-	mcfg := agentbootstrap.BootstrapMachineConfig{
-		Addresses:            initialAddrs,
-		BootstrapConstraints: expectBootstrapConstraints,
-		ModelConstraints:     expectModelConstraints,
-		Jobs:                 []multiwatcher.MachineJob{multiwatcher.JobManageModel},
-		InstanceId:           "i-bootstrap",
-		Characteristics:      expectHW,
-		SharedSecret:         "abc123",
-	}
 	filteredAddrs := network.NewAddresses(
 		"zeroonetwothree",
 		"0.1.2.3",
 		"10.0.3.3",
+		"10.0.4.5",
 	)
 
 	// Prepare bootstrap config, so we can use it in the state policy.
 	provider, err := environs.Provider("dummy")
 	c.Assert(err, jc.ErrorIsNil)
-	envAttrs := dummy.SampleConfig().Delete("admin-secret").Merge(testing.Attrs{
+	modelAttrs := dummy.SampleConfig().Delete("admin-secret").Merge(testing.Attrs{
 		"agent-version":  jujuversion.Current.String(),
 		"not-for-hosted": "foo",
 	})
-	envCfg, err := config.New(config.NoDefaults, envAttrs)
+	modelCfg, err := config.New(config.NoDefaults, modelAttrs)
 	c.Assert(err, jc.ErrorIsNil)
-	envCfg, err = provider.BootstrapConfig(environs.BootstrapConfigParams{Config: envCfg})
+	controllerCfg := testing.FakeControllerConfig()
+	modelCfg, err = provider.BootstrapConfig(environs.BootstrapConfigParams{
+		ControllerUUID: controllerCfg.ControllerUUID(),
+		Config:         modelCfg,
+	})
 	c.Assert(err, jc.ErrorIsNil)
+	// Dummy provider uses a random port, which is added to cfg used to create environment.
+	apiPort := dummy.ApiPort(provider)
+	controllerCfg["api-port"] = apiPort
 	defer dummy.Reset(c)
 
 	hostedModelUUID := utils.MustNewUUID().String()
@@ -141,11 +157,36 @@
 		"name": "hosted",
 		"uuid": hostedModelUUID,
 	}
+	controllerInheritedConfig := map[string]interface{}{
+		"apt-mirror": "http://mirror",
+	}
+
+	args := agentbootstrap.InitializeStateParams{
+		StateInitializationParams: instancecfg.StateInitializationParams{
+			BootstrapMachineConstraints:             expectBootstrapConstraints,
+			BootstrapMachineInstanceId:              "i-bootstrap",
+			BootstrapMachineHardwareCharacteristics: &expectHW,
+			ControllerCloud: cloud.Cloud{
+				Type:      "dummy",
+				AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+				Regions:   []cloud.Region{{Name: "some-region"}},
+			},
+			ControllerCloudName:       "dummy",
+			ControllerCloudRegion:     "some-region",
+			ControllerConfig:          controllerCfg,
+			ControllerModelConfig:     modelCfg,
+			ModelConstraints:          expectModelConstraints,
+			ControllerInheritedConfig: controllerInheritedConfig,
+			HostedModelConfig:         hostedModelConfigAttrs,
+		},
+		BootstrapMachineAddresses: initialAddrs,
+		BootstrapMachineJobs:      []multiwatcher.MachineJob{multiwatcher.JobManageModel},
+		SharedSecret:              "abc123",
+	}
 
 	adminUser := names.NewLocalUserTag("agent-admin")
 	st, m, err := agentbootstrap.InitializeState(
-		adminUser, cfg, envCfg, hostedModelConfigAttrs, mcfg,
-		mongotest.DialOpts(), environs.NewStatePolicy(),
+		adminUser, cfg, args, mongotest.DialOpts(), environs.NewStatePolicy(),
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	defer st.Close()
@@ -154,28 +195,44 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Check that the environment has been set up.
-	env, err := st.Model()
+	model, err := st.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.UUID(), gc.Equals, envCfg.UUID())
+	c.Assert(model.UUID(), gc.Equals, modelCfg.UUID())
 
 	// Check that initial admin user has been set up correctly.
-	modelTag := env.Tag().(names.ModelTag)
+	modelTag := model.Tag().(names.ModelTag)
 	s.assertCanLogInAsAdmin(c, modelTag, testing.DefaultMongoPassword)
-	user, err := st.User(env.Owner())
+	user, err := st.User(model.Owner())
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(user.PasswordValid(testing.DefaultMongoPassword), jc.IsTrue)
 
+	// Check controller config
+	controllerCfg, err = st.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(controllerCfg, jc.DeepEquals, controller.Config{
+		"controller-uuid":         testing.ModelTag.Id(),
+		"ca-cert":                 testing.CACert,
+		"state-port":              1234,
+		"api-port":                apiPort,
+		"set-numa-control-policy": false,
+	})
+
 	// Check that controller model configuration has been added, and
 	// model constraints set.
-	newEnvCfg, err := st.ModelConfig()
+	newModelCfg, err := st.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(newEnvCfg.AllAttrs(), gc.DeepEquals, envCfg.AllAttrs())
+	// Add in the cloud attributes.
+	expectedAttrs := modelCfg.AllAttrs()
+	expectedAttrs["apt-mirror"] = "http://mirror"
+	c.Assert(newModelCfg.AllAttrs(), jc.DeepEquals, expectedAttrs)
+
 	gotModelConstraints, err := st.ModelConstraints()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(gotModelConstraints, gc.DeepEquals, expectModelConstraints)
 
-	// Check that the hosted model has been added, and model constraints
-	// set.
+	// Check that the hosted model has been added, model constraints
+	// set, and its config contains the same authorized-keys as the
+	// controller model.
 	hostedModelSt, err := st.ForModel(names.NewModelTag(hostedModelUUID))
 	c.Assert(err, jc.ErrorIsNil)
 	defer hostedModelSt.Close()
@@ -185,10 +242,12 @@
 	hostedModel, err := hostedModelSt.Model()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(hostedModel.Name(), gc.Equals, "hosted")
+	c.Assert(hostedModel.CloudRegion(), gc.Equals, "some-region")
 	hostedCfg, err := hostedModelSt.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
 	_, hasUnexpected := hostedCfg.AllAttrs()["not-for-hosted"]
 	c.Assert(hasUnexpected, jc.IsFalse)
+	c.Assert(hostedCfg.AuthorizedKeys(), gc.Equals, newModelCfg.AuthorizedKeys())
 
 	// Check that the bootstrap machine looks correct.
 	c.Assert(m.Id(), gc.Equals, "0")
@@ -254,8 +313,10 @@
 	_, available := cfg.StateServingInfo()
 	c.Assert(available, jc.IsFalse)
 
+	args := agentbootstrap.InitializeStateParams{}
+
 	adminUser := names.NewLocalUserTag("agent-admin")
-	_, _, err = agentbootstrap.InitializeState(adminUser, cfg, nil, nil, agentbootstrap.BootstrapMachineConfig{}, mongotest.DialOpts(), environs.NewStatePolicy())
+	_, _, err = agentbootstrap.InitializeState(adminUser, cfg, args, mongotest.DialOpts(), environs.NewStatePolicy())
 	// InitializeState will fail attempting to get the api port information
 	c.Assert(err, gc.ErrorMatches, "state serving information not available")
 }
@@ -282,17 +343,10 @@
 		SharedSecret:   "baz",
 		SystemIdentity: "qux",
 	})
-	expectHW := instance.MustParseHardware("mem=2048M")
-	mcfg := agentbootstrap.BootstrapMachineConfig{
-		BootstrapConstraints: constraints.MustParse("mem=1024M"),
-		Jobs:                 []multiwatcher.MachineJob{multiwatcher.JobManageModel},
-		InstanceId:           "i-bootstrap",
-		Characteristics:      expectHW,
-	}
-	envAttrs := dummy.SampleConfig().Delete("admin-secret").Merge(testing.Attrs{
+	modelAttrs := dummy.SampleConfig().Delete("admin-secret").Merge(testing.Attrs{
 		"agent-version": jujuversion.Current.String(),
 	})
-	envCfg, err := config.New(config.NoDefaults, envAttrs)
+	modelCfg, err := config.New(config.NoDefaults, modelAttrs)
 	c.Assert(err, jc.ErrorIsNil)
 
 	hostedModelConfigAttrs := map[string]interface{}{
@@ -300,15 +354,32 @@
 		"uuid": utils.MustNewUUID().String(),
 	}
 
+	args := agentbootstrap.InitializeStateParams{
+		StateInitializationParams: instancecfg.StateInitializationParams{
+			BootstrapMachineInstanceId: "i-bootstrap",
+			ControllerCloud: cloud.Cloud{
+				Type:      "dummy",
+				AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+			},
+			ControllerCloudName:   "dummy",
+			ControllerConfig:      testing.FakeControllerConfig(),
+			ControllerModelConfig: modelCfg,
+			HostedModelConfig:     hostedModelConfigAttrs,
+		},
+		BootstrapMachineJobs: []multiwatcher.MachineJob{multiwatcher.JobManageModel},
+		SharedSecret:         "abc123",
+	}
+
 	adminUser := names.NewLocalUserTag("agent-admin")
 	st, _, err := agentbootstrap.InitializeState(
-		adminUser, cfg, envCfg, hostedModelConfigAttrs, mcfg,
-		mongotest.DialOpts(), state.Policy(nil),
+		adminUser, cfg, args, mongotest.DialOpts(), state.Policy(nil),
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	st.Close()
 
-	st, _, err = agentbootstrap.InitializeState(adminUser, cfg, envCfg, nil, mcfg, mongotest.DialOpts(), environs.NewStatePolicy())
+	st, _, err = agentbootstrap.InitializeState(
+		adminUser, cfg, args, mongotest.DialOpts(), state.Policy(nil),
+	)
 	if err == nil {
 		st.Close()
 	}
@@ -327,9 +398,6 @@
 		name: multiwatcher.JobManageModel,
 		want: state.JobManageModel,
 	}, {
-		name: multiwatcher.JobManageNetworking,
-		want: state.JobManageNetworking,
-	}, {
 		name: "invalid",
 		want: -1,
 		err:  `invalid machine job "invalid"`,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/agent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/agent.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,11 +16,11 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/series"
 	"github.com/juju/utils/shell"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
@@ -38,6 +38,11 @@
 
 	// BootstrapMachineId is the ID of the initial controller machine.
 	BootstrapMachineId = "0"
+
+	// MachineLockName is the name of the mutex that the agent creates to
+	// ensure serialization of tasks such as uniter hook executions, juju-run,
+	// and others.
+	MachineLockName = "machine-lock"
 )
 
 // These are base values used for the corresponding defaults.
@@ -239,10 +244,6 @@
 	// the key is not found.
 	Value(key string) string
 
-	// PreferIPv6 returns whether to prefer using IPv6 addresses (if
-	// available) when connecting to the state or API server.
-	PreferIPv6() bool
-
 	// Model returns the tag for the model that the agent belongs to.
 	Model() names.ModelTag
 
@@ -372,7 +373,6 @@
 	oldPassword       string
 	servingInfo       *params.StateServingInfo
 	values            map[string]string
-	preferIPv6        bool
 	mongoVersion      string
 }
 
@@ -390,7 +390,6 @@
 	APIAddresses      []string
 	CACert            string
 	Values            map[string]string
-	PreferIPv6        bool
 	MongoVersion      mongo.Version
 }
 
@@ -424,7 +423,11 @@
 		return nil, errors.Trace(requiredError("CA certificate"))
 	}
 	// Note that the password parts of the state and api information are
-	// blank.  This is by design.
+	// blank.  This is by design: we want to generate a secure password
+	// for new agents. So, we create this config without a current password
+	// which signals to apicaller worker that it should try to connect using old password.
+	// When/if this connection is successful, apicaller worker will generate
+	// a new secure password and update this agent's config.
 	config := &configInternal{
 		paths:             NewPathsWithDefaults(configParams.Paths),
 		jobs:              configParams.Jobs,
@@ -435,7 +438,6 @@
 		caCert:            configParams.CACert,
 		oldPassword:       configParams.Password,
 		values:            configParams.Values,
-		preferIPv6:        configParams.PreferIPv6,
 		mongoVersion:      configParams.MongoVersion.String(),
 	}
 
@@ -664,10 +666,6 @@
 	return c.values[key]
 }
 
-func (c *configInternal) PreferIPv6() bool {
-	return c.preferIPv6
-}
-
 func (c *configInternal) StateServingInfo() (params.StateServingInfo, bool) {
 	if c.servingInfo == nil {
 		return params.StateServingInfo{}, false
@@ -781,9 +779,6 @@
 	if isController {
 		port := servingInfo.APIPort
 		localAPIAddr := net.JoinHostPort("localhost", strconv.Itoa(port))
-		if c.preferIPv6 {
-			localAPIAddr = net.JoinHostPort("::1", strconv.Itoa(port))
-		}
 		addrInAddrs := false
 		for _, addr := range addrs {
 			if addr == localAPIAddr {
@@ -812,9 +807,6 @@
 		return nil, false
 	}
 	addr := net.JoinHostPort("127.0.0.1", strconv.Itoa(ssi.StatePort))
-	if c.preferIPv6 {
-		addr = net.JoinHostPort("::1", strconv.Itoa(ssi.StatePort))
-	}
 	return &mongo.MongoInfo{
 		Info: mongo.Info{
 			Addrs:  []string{addr},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/agent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/agent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/agent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/agent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 	"path/filepath"
 	"reflect"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
@@ -245,39 +245,6 @@
 	inspectConfig: func(c *gc.C, cfg agent.Config) {
 		c.Check(cfg.Dir(), gc.Equals, "/data/dir/agents/unit-ubuntu-1")
 	},
-}, {
-	about: "prefer-ipv6 parsed when set",
-	params: agent.AgentConfigParams{
-		Paths:             agent.Paths{DataDir: "/data/dir"},
-		Tag:               names.NewMachineTag("1"),
-		Password:          "sekrit",
-		UpgradedToVersion: jujuversion.Current,
-		CACert:            "ca cert",
-		Model:             testing.ModelTag,
-		StateAddresses:    []string{"localhost:1234"},
-		APIAddresses:      []string{"localhost:1235"},
-		Nonce:             "a nonce",
-		PreferIPv6:        true,
-	},
-	inspectConfig: func(c *gc.C, cfg agent.Config) {
-		c.Check(cfg.PreferIPv6(), jc.IsTrue)
-	},
-}, {
-	about: "missing prefer-ipv6 defaults to false",
-	params: agent.AgentConfigParams{
-		Paths:             agent.Paths{DataDir: "/data/dir"},
-		Tag:               names.NewMachineTag("1"),
-		Password:          "sekrit",
-		UpgradedToVersion: jujuversion.Current,
-		CACert:            "ca cert",
-		Model:             testing.ModelTag,
-		StateAddresses:    []string{"localhost:1234"},
-		APIAddresses:      []string{"localhost:1235"},
-		Nonce:             "a nonce",
-	},
-	inspectConfig: func(c *gc.C, cfg agent.Config) {
-		c.Check(cfg.PreferIPv6(), jc.IsFalse)
-	},
 }}
 
 func (*suite) TestNewAgentConfig(c *gc.C) {
@@ -609,57 +576,18 @@
 	c.Assert(localhostAddressFound, jc.IsTrue)
 }
 
-func (*suite) TestAPIInfoAddsLocalhostWhenServingInfoPresentAndPreferIPv6On(c *gc.C) {
+func (*suite) TestMongoInfo(c *gc.C) {
 	attrParams := attributeParams
-	attrParams.PreferIPv6 = true
-	servingInfo := stateServingInfo()
-	conf, err := agent.NewStateMachineConfig(attrParams, servingInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	apiinfo, ok := conf.APIInfo()
-	c.Assert(ok, jc.IsTrue)
-	c.Check(apiinfo.Addrs, gc.HasLen, len(attrParams.APIAddresses)+1)
-	localhostAddressFound := false
-	for _, eachApiAddress := range apiinfo.Addrs {
-		if eachApiAddress == "[::1]:47" {
-			localhostAddressFound = true
-			break
-		}
-		c.Check(eachApiAddress, gc.Not(gc.Equals), "localhost:47")
-	}
-	c.Assert(localhostAddressFound, jc.IsTrue)
-}
-
-func (*suite) TestMongoInfoHonorsPreferIPv6(c *gc.C) {
-	attrParams := attributeParams
-	attrParams.PreferIPv6 = true
 	servingInfo := stateServingInfo()
 	conf, err := agent.NewStateMachineConfig(attrParams, servingInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	mongoInfo, ok := conf.MongoInfo()
 	c.Assert(ok, jc.IsTrue)
-	c.Check(mongoInfo.Info.Addrs, jc.DeepEquals, []string{"[::1]:69"})
-
-	attrParams.PreferIPv6 = false
-	conf, err = agent.NewStateMachineConfig(attrParams, servingInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	mongoInfo, ok = conf.MongoInfo()
-	c.Assert(ok, jc.IsTrue)
 	c.Check(mongoInfo.Info.Addrs, jc.DeepEquals, []string{"127.0.0.1:69"})
 }
 
-func (*suite) TestAPIInfoDoesntAddLocalhostWhenNoServingInfoPreferIPv6Off(c *gc.C) {
-	attrParams := attributeParams
-	attrParams.PreferIPv6 = false
-	conf, err := agent.NewAgentConfig(attrParams)
-	c.Assert(err, jc.ErrorIsNil)
-	apiinfo, ok := conf.APIInfo()
-	c.Assert(ok, jc.IsTrue)
-	c.Assert(apiinfo.Addrs, gc.DeepEquals, attrParams.APIAddresses)
-}
-
-func (*suite) TestAPIInfoDoesntAddLocalhostWhenNoServingInfoPreferIPv6On(c *gc.C) {
+func (*suite) TestAPIInfoDoesntAddLocalhostWhenNoServingInfo(c *gc.C) {
 	attrParams := attributeParams
-	attrParams.PreferIPv6 = true
 	conf, err := agent.NewAgentConfig(attrParams)
 	c.Assert(err, jc.ErrorIsNil)
 	apiinfo, ok := conf.APIInfo()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-1.18.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-1.18.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-1.18.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-1.18.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,199 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package agent
-
-import (
-	"fmt"
-	"net"
-	"strconv"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"github.com/juju/version"
-	goyaml "gopkg.in/yaml.v2"
-
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/state/multiwatcher"
-)
-
-var format_1_18 = formatter_1_18{}
-
-// formatter_1_18 is the formatter for the 1.18 format.
-type formatter_1_18 struct {
-}
-
-// Ensure that the formatter_1_18 struct implements the formatter interface.
-var _ formatter = formatter_1_18{}
-
-// format_1_18Serialization holds information for a given agent.
-type format_1_18Serialization struct {
-	Tag               string
-	DataDir           string
-	LogDir            string
-	MetricsSpoolDir   string
-	Nonce             string
-	Jobs              []multiwatcher.MachineJob `yaml:",omitempty"`
-	UpgradedToVersion *version.Number           `yaml:"upgradedToVersion"`
-
-	CACert         string
-	StateAddresses []string `yaml:",omitempty"`
-	StatePassword  string   `yaml:",omitempty"`
-
-	Model        string   `yaml:",omitempty"`
-	APIAddresses []string `yaml:",omitempty"`
-	APIPassword  string   `yaml:",omitempty"`
-
-	OldPassword string
-	Values      map[string]string
-
-	PreferIPv6 bool `yaml:"prefer-ipv6,omitempty"`
-
-	// Only controller machines have these next items set.
-	ControllerCert string `yaml:",omitempty"`
-	ControllerKey  string `yaml:",omitempty"`
-	CAPrivateKey   string `yaml:",omitempty"`
-	APIPort        int    `yaml:",omitempty"`
-	StatePort      int    `yaml:",omitempty"`
-	SharedSecret   string `yaml:",omitempty"`
-	SystemIdentity string `yaml:",omitempty"`
-	MongoVersion   string `yaml:",omitempty"`
-}
-
-func init() {
-	registerFormat(format_1_18)
-}
-
-func (formatter_1_18) version() string {
-	return "1.18"
-}
-
-func (formatter_1_18) unmarshal(data []byte) (*configInternal, error) {
-	// NOTE: this needs to handle the absence of StatePort and get it from the
-	// address
-	var format format_1_18Serialization
-	if err := goyaml.Unmarshal(data, &format); err != nil {
-		return nil, err
-	}
-	if format.UpgradedToVersion == nil || *format.UpgradedToVersion == version.Zero {
-		// Assume we upgrade from 1.16.
-		upgradedToVersion := version.MustParse("1.16.0")
-		format.UpgradedToVersion = &upgradedToVersion
-	}
-	tag, err := names.ParseTag(format.Tag)
-	if err != nil {
-		return nil, err
-	}
-	var modelTag names.ModelTag
-	if format.Model != "" {
-		modelTag, err = names.ParseModelTag(format.Model)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-	}
-	config := &configInternal{
-		tag: tag,
-		paths: NewPathsWithDefaults(Paths{
-			DataDir:         format.DataDir,
-			LogDir:          format.LogDir,
-			MetricsSpoolDir: format.MetricsSpoolDir,
-		}),
-		jobs:              format.Jobs,
-		upgradedToVersion: *format.UpgradedToVersion,
-		nonce:             format.Nonce,
-		model:             modelTag,
-		caCert:            format.CACert,
-		oldPassword:       format.OldPassword,
-		values:            format.Values,
-		preferIPv6:        format.PreferIPv6,
-	}
-	if len(format.StateAddresses) > 0 {
-		config.stateDetails = &connectionDetails{
-			format.StateAddresses,
-			format.StatePassword,
-		}
-	}
-	if len(format.APIAddresses) > 0 {
-		config.apiDetails = &connectionDetails{
-			format.APIAddresses,
-			format.APIPassword,
-		}
-	}
-	if len(format.ControllerKey) != 0 {
-		config.servingInfo = &params.StateServingInfo{
-			Cert:           format.ControllerCert,
-			PrivateKey:     format.ControllerKey,
-			CAPrivateKey:   format.CAPrivateKey,
-			APIPort:        format.APIPort,
-			StatePort:      format.StatePort,
-			SharedSecret:   format.SharedSecret,
-			SystemIdentity: format.SystemIdentity,
-		}
-		// There's a private key, then we need the state port,
-		// which wasn't always in the  1.18 format. If it's not present
-		// we can infer it from the ports in the state addresses.
-		if config.servingInfo.StatePort == 0 {
-			if len(format.StateAddresses) == 0 {
-				return nil, fmt.Errorf("server key found but no state port")
-			}
-
-			_, portString, err := net.SplitHostPort(format.StateAddresses[0])
-			if err != nil {
-				return nil, err
-			}
-			statePort, err := strconv.Atoi(portString)
-			if err != nil {
-				return nil, err
-			}
-			config.servingInfo.StatePort = statePort
-		}
-
-	}
-	// Mongo version is set, we might be running a version other than default.
-	if format.MongoVersion != "" {
-		config.mongoVersion = format.MongoVersion
-	}
-	return config, nil
-}
-
-func (formatter_1_18) marshal(config *configInternal) ([]byte, error) {
-	var modelTag string
-	if config.model.Id() != "" {
-		modelTag = config.model.String()
-	}
-	format := &format_1_18Serialization{
-		Tag:               config.tag.String(),
-		DataDir:           config.paths.DataDir,
-		LogDir:            config.paths.LogDir,
-		MetricsSpoolDir:   config.paths.MetricsSpoolDir,
-		Jobs:              config.jobs,
-		UpgradedToVersion: &config.upgradedToVersion,
-		Nonce:             config.nonce,
-		Model:             modelTag,
-		CACert:            string(config.caCert),
-		OldPassword:       config.oldPassword,
-		Values:            config.values,
-		PreferIPv6:        config.preferIPv6,
-	}
-	if config.servingInfo != nil {
-		format.ControllerCert = config.servingInfo.Cert
-		format.ControllerKey = config.servingInfo.PrivateKey
-		format.CAPrivateKey = config.servingInfo.CAPrivateKey
-		format.APIPort = config.servingInfo.APIPort
-		format.StatePort = config.servingInfo.StatePort
-		format.SharedSecret = config.servingInfo.SharedSecret
-		format.SystemIdentity = config.servingInfo.SystemIdentity
-	}
-	if config.stateDetails != nil {
-		format.StateAddresses = config.stateDetails.addresses
-		format.StatePassword = config.stateDetails.password
-	}
-	if config.apiDetails != nil {
-		format.APIAddresses = config.apiDetails.addresses
-		format.APIPassword = config.apiDetails.password
-	}
-	if config.mongoVersion != "" {
-		format.MongoVersion = string(config.mongoVersion)
-	}
-	return goyaml.Marshal(format)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-1.18_whitebox_test.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-1.18_whitebox_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-1.18_whitebox_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-1.18_whitebox_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,259 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Copyright 2014 Cloudbase Solutions SRL
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// The format tests are white box tests, meaning that the tests are in the
-// same package as the code, as all the format details are internal to the
-// package.
-
-package agent
-
-import (
-	"path/filepath"
-
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	"github.com/juju/version"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/state/multiwatcher"
-	"github.com/juju/juju/testing"
-)
-
-type format_1_18Suite struct {
-	testing.BaseSuite
-}
-
-var _ = gc.Suite(&format_1_18Suite{})
-
-func (s *format_1_18Suite) TestStatePortNotParsedWithoutSecret(c *gc.C) {
-	dataDir := c.MkDir()
-	configPath := filepath.Join(dataDir, agentConfigFilename)
-	err := utils.AtomicWriteFile(configPath, []byte(agentConfig1_18NotStateMachine), 0600)
-	c.Assert(err, jc.ErrorIsNil)
-	readConfig, err := ReadConfig(configPath)
-	c.Assert(err, jc.ErrorIsNil)
-	_, available := readConfig.StateServingInfo()
-	c.Assert(available, jc.IsFalse)
-}
-
-func (*format_1_18Suite) TestReadConfWithExisting1_18ConfigFileContents(c *gc.C) {
-	dataDir := c.MkDir()
-	configPath := filepath.Join(dataDir, agentConfigFilename)
-	err := utils.AtomicWriteFile(configPath, []byte(agentConfig1_18Contents), 0600)
-	c.Assert(err, jc.ErrorIsNil)
-
-	config, err := ReadConfig(configPath)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(config.UpgradedToVersion(), jc.DeepEquals, version.MustParse("1.17.5.1"))
-	c.Assert(config.Jobs(), jc.DeepEquals, []multiwatcher.MachineJob{multiwatcher.JobManageModel})
-	c.Assert(config.PreferIPv6(), jc.IsTrue)
-}
-
-var agentConfig1_18Contents = `
-# format 1.18
-tag: machine-0
-datadir: /home/user/.local/share/juju/local
-logdir: /var/log/juju-user-local
-nonce: user-admin:bootstrap
-jobs:
-- JobManageModel
-upgradedToVersion: 1.17.5.1
-cacert: '-----BEGIN CERTIFICATE-----
-
-  MIICWzCCAcagAwIBAgIBADALBgkqhkiG9w0BAQUwQzENMAsGA1UEChMEanVqdTEy
-
-  MDAGA1UEAwwpanVqdS1nZW5lcmF0ZWQgQ0EgZm9yIGVudmlyb25tZW50ICJsb2Nh
-
-  bCIwHhcNMTQwMzA1MTQxOTA3WhcNMjQwMzA1MTQyNDA3WjBDMQ0wCwYDVQQKEwRq
-
-  dWp1MTIwMAYDVQQDDClqdWp1LWdlbmVyYXRlZCBDQSBmb3IgZW52aXJvbm1lbnQg
-
-  ImxvY2FsIjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwHsKV7fKfmSQt2QL
-
-  P4+hrqQJhDTMifgNkIY9nTlLHegV5jl5XJ8lRYjZBXJEMz0AzW/RbrDElkn5+4Do
-
-  pIWPNDAT0eztXBvVwL6qQOUtiBsA7vHQJMQaLVAmZNKvrHyuhcoG+hpf8EMaLdbA
-
-  iCGKifs+Y0MFt5AeriVDH5lGlzcCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgCkMA8G
-
-  A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB3Td3SP66UToZkOjVh3Wy8b6HR6MB8G
-
-  A1UdIwQYMBaAFB3Td3SP66UToZkOjVh3Wy8b6HR6MAsGCSqGSIb3DQEBBQOBgQB4
-
-  izvSRSpimi40aEOnZIsSMHVBiSCclpBg5cq7lGyiUSsDROTIbsRAKPBmrflB/qbf
-
-  J70rWFwh/d/5ssCAYrZviFL6WvpuLD3j3m4PYampNMmvJf2s6zVRIMotEY+bVwfU
-
-  z4jGaVpODac0i0bE0/Uh9qXK1UXcYY57vNNAgkaYAQ==
-
-  -----END CERTIFICATE-----
-
-'
-stateaddresses:
-- localhost:37017
-statepassword: NB5imrDaWCCRW/4akSSvUxhX
-apiaddresses:
-- localhost:17070
-apipassword: NB5imrDaWCCRW/4akSSvUxhX
-oldpassword: oBlMbFUGvCb2PMFgYVzjS6GD
-values:
-  AGENT_SERVICE_NAME: juju-agent-user-local
-  CONTAINER_TYPE: ""
-  NAMESPACE: user-local
-  PROVIDER_TYPE: local
-  STORAGE_ADDR: 10.0.3.1:8040
-  STORAGE_DIR: /home/user/.local/share/juju/local/storage
-controllercert: '-----BEGIN CERTIFICATE-----
-
-  MIICNzCCAaKgAwIBAgIBADALBgkqhkiG9w0BAQUwQzENMAsGA1UEChMEanVqdTEy
-
-  MDAGA1UEAwwpanVqdS1nZW5lcmF0ZWQgQ0EgZm9yIGVudmlyb25tZW50ICJsb2Nh
-
-  bCIwHhcNMTQwMzA1MTQxOTE1WhcNMjQwMzA1MTQyNDE1WjAbMQ0wCwYDVQQKEwRq
-
-  dWp1MQowCAYDVQQDEwEqMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJnbuN
-
-  L3m/oY7Er2lEF6ye1SodepvpI0CLCdLwrYP52cRxbVzoD1jbXveclolg2xoUquga
-
-  qxsAhvVzzGaoLux1BoBD+G0N637fnY4XSIC9IuSkPOAdReKJkOvTL4nTjpzgfeHR
-
-  hRin6Xckvp96L4Prmki7sYQ8PG9Q7TBcOf4yowIDAQABo2cwZTAOBgNVHQ8BAf8E
-
-  BAMCAKgwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFE1MB3d+5BW+n066
-
-  lWcVkhta1etlMB8GA1UdIwQYMBaAFB3Td3SP66UToZkOjVh3Wy8b6HR6MAsGCSqG
-
-  SIb3DQEBBQOBgQBnsBvl3hfIQbHhAlqritDBCWGpaXywlHe4PvyVL3LZTLiAZ9a/
-
-  BOSBfovs81sjUe5l60j+1vgRQgvT2Pnw6WGWmYWhSyxW7upEUl1LuZxnw3AVGVFO
-
-  r140iBNUtTfGUf3PmyBXHSotqgMime+rNSjl25qSoYwnuQXdFdCKJoutYg==
-
-  -----END CERTIFICATE-----
-
-'
-controllerkey: '-----BEGIN RSA PRIVATE KEY-----
-
-  MIICXAIBAAKBgQDJnbuNL3m/oY7Er2lEF6ye1SodepvpI0CLCdLwrYP52cRxbVzo
-
-  D1jbXveclolg2xoUqugaqxsAhvVzzGaoLux1BoBD+G0N637fnY4XSIC9IuSkPOAd
-
-  ReKJkOvTL4nTjpzgfeHRhRin6Xckvp96L4Prmki7sYQ8PG9Q7TBcOf4yowIDAQAB
-
-  AoGASEtzETFQ6tI3q3dqu6vxjhLJw0BP381wO2sOZJcTl+fqdPHOOrgmGKN5DoE8
-
-  SarHM1oFWGq6h/nc0eUdenk4+CokpbKRgUU9hB1TKGYMbN3bUTKPOqTMHbnrhWdT
-
-  P/fqa+nXhvg7igMT3Rk7l9DsSxoYB5xZmiLaXqynVE5MNoECQQDRsgDDUrUOeMH6
-
-  1+GO+afb8beRzR8mnaBvja6XLlZB6SUcGet9bMgAiGH3arH6ARfNNsWrDAmvArah
-
-  SKeqRB5TAkEA9iMEQDkcybCmxu4Y3YLeQuT9r3h26QhQjc+eRINS/3ZLN+lxKnXG
-
-  N019ZUlsyL97lJBDzTMPsBqfXJ2pbqXwcQJBAJNLuPN63kl7E68zA3Ld9UYvBWY6
-
-  Mp56bJ7PZAs39kk4DuQtZNhmmBqfskkMPlZBfEmfJrxeqVKw0j56faPBU5cCQFYU
-
-  mP/8+VxwM2OPEZMmmaS7gR1E/BEznzh5S9iaNQSy0kuTkMhQuCnPJ/OsYiczEH08
-
-  lvnEyc/E/8bcPM09q4ECQCFwMWzw2Jx9VOBGm60yiOKIdLgdDZOY/tP0jigNCMJF
-
-  47/BJx3FCgW3io81a4KOc445LxgiPUJyyCNlY1dW70o=
-
-  -----END RSA PRIVATE KEY-----
-
-'
-caprivatekey: '-----BEGIN RSA PRIVATE KEY-----
-
-  MIICXAIBAAKBgQDJnbuNL3m/oY7Er2lEF6ye1SodepvpI0CLCdLwrYP52cRxbVzo
-
-  D1jbXveclolg2xoUqugaqxsAhvVzzGaoLux1BoBD+G0N637fnY4XSIC9IuSkPOAd
-
-  ReKJkOvTL4nTjpzgfeHRhRin6Xckvp96L4Prmki7sYQ8PG9Q7TBcOf4yowIDAQAB
-
-  AoGASEtzETFQ6tI3q3dqu6vxjhLJw0BP381wO2sOZJcTl+fqdPHOOrgmGKN5DoE8
-
-  SarHM1oFWGq6h/nc0eUdenk4+CokpbKRgUU9hB1TKGYMbN3bUTKPOqTMHbnrhWdT
-
-  P/fqa+nXhvg7igMT3Rk7l9DsSxoYB5xZmiLaXqynVE5MNoECQQDRsgDDUrUOeMH6
-
-  1+GO+afb8beRzR8mnaBvja6XLlZB6SUcGet9bMgAiGH3arH6ARfNNsWrDAmvArah
-
-  SKeqRB5TAkEA9iMEQDkcybCmxu4Y3YLeQuT9r3h26QhQjc+eRINS/3ZLN+lxKnXG
-
-  N019ZUlsyL97lJBDzTMPsBqfXJ2pbqXwcQJBAJNLuPN63kl7E68zA3Ld9UYvBWY6
-
-  Mp56bJ7PZAs39kk4DuQtZNhmmBqfskkMPlZBfEmfJrxeqVKw0j56faPBU5cCQFYU
-
-  mP/8+VxwM2OPEZMmmaS7gR1E/BEznzh5S9iaNQSy0kuTkMhQuCnPJ/OsYiczEH08
-
-  lvnEyc/E/8bcPM09q4ECQCFwMWzw2Jx9VOBGm60yiOKIdLgdDZOY/tP0jigNCMJF
-
-  47/BJx3FCgW3io81a4KOc445LxgiPUJyyCNlY1dW70o=
-
-  -----END RSA PRIVATE KEY-----
-
-'
-apiport: 17070
-prefer-ipv6: true
-`[1:]
-
-var agentConfig1_18NotStateMachine = `
-# format 1.18
-tag: machine-1
-datadir: /home/user/.local/share/juju/local
-logdir: /var/log/juju-user-local
-nonce: user-admin:bootstrap
-jobs:
-- JobManageModel
-upgradedToVersion: 1.17.5.1
-cacert: '-----BEGIN CERTIFICATE-----
-
-  MIICWzCCAcagAwIBAgIBADALBgkqhkiG9w0BAQUwQzENMAsGA1UEChMEanVqdTEy
-
-  MDAGA1UEAwwpanVqdS1nZW5lcmF0ZWQgQ0EgZm9yIGVudmlyb25tZW50ICJsb2Nh
-
-  bCIwHhcNMTQwMzA1MTQxOTA3WhcNMjQwMzA1MTQyNDA3WjBDMQ0wCwYDVQQKEwRq
-
-  dWp1MTIwMAYDVQQDDClqdWp1LWdlbmVyYXRlZCBDQSBmb3IgZW52aXJvbm1lbnQg
-
-  ImxvY2FsIjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwHsKV7fKfmSQt2QL
-
-  P4+hrqQJhDTMifgNkIY9nTlLHegV5jl5XJ8lRYjZBXJEMz0AzW/RbrDElkn5+4Do
-
-  pIWPNDAT0eztXBvVwL6qQOUtiBsA7vHQJMQaLVAmZNKvrHyuhcoG+hpf8EMaLdbA
-
-  iCGKifs+Y0MFt5AeriVDH5lGlzcCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgCkMA8G
-
-  A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB3Td3SP66UToZkOjVh3Wy8b6HR6MB8G
-
-  A1UdIwQYMBaAFB3Td3SP66UToZkOjVh3Wy8b6HR6MAsGCSqGSIb3DQEBBQOBgQB4
-
-  izvSRSpimi40aEOnZIsSMHVBiSCclpBg5cq7lGyiUSsDROTIbsRAKPBmrflB/qbf
-
-  J70rWFwh/d/5ssCAYrZviFL6WvpuLD3j3m4PYampNMmvJf2s6zVRIMotEY+bVwfU
-
-  z4jGaVpODac0i0bE0/Uh9qXK1UXcYY57vNNAgkaYAQ==
-
-  -----END CERTIFICATE-----
-
-'
-stateaddresses:
-- localhost:37017
-statepassword: NB5imrDaWCCRW/4akSSvUxhX
-apiaddresses:
-- localhost:17070
-apipassword: NB5imrDaWCCRW/4akSSvUxhX
-oldpassword: oBlMbFUGvCb2PMFgYVzjS6GD
-values:
-  AGENT_SERVICE_NAME: juju-agent-user-local
-  CONTAINER_TYPE: ""
-  MONGO_SERVICE_NAME: juju-db-user-local
-  NAMESPACE: user-local
-  PROVIDER_TYPE: local
-  STORAGE_ADDR: 10.0.3.1:8040
-  STORAGE_DIR: /home/user/.local/share/juju/local/storage
-apiport: 17070
-prefer-ipv6: true
-`[1:]
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-2.0.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-2.0.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-2.0.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-2.0.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,198 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package agent
+
+import (
+	"fmt"
+	"net"
+	"strconv"
+
+	"github.com/juju/errors"
+	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
+	goyaml "gopkg.in/yaml.v2"
+
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state/multiwatcher"
+)
+
+var format_2_0 = formatter_2_0{}
+
+// formatter_2_0 is the formatter for the 2.0 format.
+type formatter_2_0 struct {
+}
+
+// Ensure that the formatter_2_0 struct implements the formatter interface.
+var _ formatter = formatter_2_0{}
+
+// format_2_0Serialization holds information for a given agent.
+type format_2_0Serialization struct {
+	Tag               string                    `yaml:"tag,omitempty"`
+	DataDir           string                    `yaml:"datadir,omitempty"`
+	LogDir            string                    `yaml:"logdir,omitempty"`
+	MetricsSpoolDir   string                    `yaml:"metricsspooldir,omitempty"`
+	Nonce             string                    `yaml:"nonce,omitempty"`
+	Jobs              []multiwatcher.MachineJob `yaml:"jobs,omitempty"`
+	UpgradedToVersion *version.Number           `yaml:"upgradedToVersion"`
+
+	CACert         string   `yaml:"cacert,omitempty"`
+	StateAddresses []string `yaml:"stateaddresses,omitempty"`
+	StatePassword  string   `yaml:"statepassword,omitempty"`
+
+	Model        string   `yaml:"model,omitempty"`
+	APIAddresses []string `yaml:"apiaddresses,omitempty"`
+	APIPassword  string   `yaml:"apipassword,omitempty"`
+
+	OldPassword string            `yaml:"oldpassword,omitempty"`
+	Values      map[string]string `yaml:"values"`
+
+	// Only controller machines have these next items set.
+	ControllerCert string `yaml:"controllercert,omitempty"`
+	ControllerKey  string `yaml:"controllerkey,omitempty"`
+	CAPrivateKey   string `yaml:"caprivatekey,omitempty"`
+	APIPort        int    `yaml:"apiport,omitempty"`
+	StatePort      int    `yaml:"stateport,omitempty"`
+	SharedSecret   string `yaml:"sharedsecret,omitempty"`
+	SystemIdentity string `yaml:"systemidentity,omitempty"`
+	MongoVersion   string `yaml:"mongoversion,omitempty"`
+}
+
+func init() {
+	registerFormat(format_2_0)
+}
+
+func (formatter_2_0) version() string {
+	return "2.0"
+}
+
+func (formatter_2_0) unmarshal(data []byte) (*configInternal, error) {
+	// NOTE: this needs to handle the absence of StatePort and get it from the
+	// address
+	var format format_2_0Serialization
+	if err := goyaml.Unmarshal(data, &format); err != nil {
+		return nil, err
+	}
+	tag, err := names.ParseTag(format.Tag)
+	if err != nil {
+		return nil, err
+	}
+	var modelTag names.ModelTag
+	if format.Model != "" {
+		modelTag, err = names.ParseModelTag(format.Model)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+	}
+	config := &configInternal{
+		tag: tag,
+		paths: NewPathsWithDefaults(Paths{
+			DataDir:         format.DataDir,
+			LogDir:          format.LogDir,
+			MetricsSpoolDir: format.MetricsSpoolDir,
+		}),
+		jobs:              format.Jobs,
+		upgradedToVersion: *format.UpgradedToVersion,
+		nonce:             format.Nonce,
+		model:             modelTag,
+		caCert:            format.CACert,
+		oldPassword:       format.OldPassword,
+		values:            format.Values,
+	}
+	if len(format.StateAddresses) > 0 {
+		config.stateDetails = &connectionDetails{
+			format.StateAddresses,
+			format.StatePassword,
+		}
+	}
+	if len(format.APIAddresses) > 0 {
+		config.apiDetails = &connectionDetails{
+			format.APIAddresses,
+			format.APIPassword,
+		}
+	}
+	if len(format.ControllerKey) != 0 {
+		config.servingInfo = &params.StateServingInfo{
+			Cert:           format.ControllerCert,
+			PrivateKey:     format.ControllerKey,
+			CAPrivateKey:   format.CAPrivateKey,
+			APIPort:        format.APIPort,
+			StatePort:      format.StatePort,
+			SharedSecret:   format.SharedSecret,
+			SystemIdentity: format.SystemIdentity,
+		}
+		// If private key is not present, infer it from the ports in the state addresses.
+		if config.servingInfo.StatePort == 0 {
+			if len(format.StateAddresses) == 0 {
+				return nil, fmt.Errorf("server key found but no state port")
+			}
+
+			_, portString, err := net.SplitHostPort(format.StateAddresses[0])
+			if err != nil {
+				return nil, err
+			}
+			statePort, err := strconv.Atoi(portString)
+			if err != nil {
+				return nil, err
+			}
+			config.servingInfo.StatePort = statePort
+		}
+
+	}
+
+	// TODO (anastasiamac 2016-06-17) Mongo version must be set.
+	// For scenarios where mongo version is not set, we should still
+	// be explicit about what "default" mongo version is. After these lines,
+	// config.mongoVersion should not be empty under any circumstance.
+	// Bug# 1593855
+	if format.MongoVersion != "" {
+		// Mongo version is set, we might be running a version other than default.
+		config.mongoVersion = format.MongoVersion
+	}
+	return config, nil
+}
+
+func (formatter_2_0) marshal(config *configInternal) ([]byte, error) {
+	var modelTag string
+	if config.model.Id() != "" {
+		modelTag = config.model.String()
+	}
+	format := &format_2_0Serialization{
+		Tag:               config.tag.String(),
+		DataDir:           config.paths.DataDir,
+		LogDir:            config.paths.LogDir,
+		MetricsSpoolDir:   config.paths.MetricsSpoolDir,
+		Jobs:              config.jobs,
+		UpgradedToVersion: &config.upgradedToVersion,
+		Nonce:             config.nonce,
+		Model:             modelTag,
+		CACert:            string(config.caCert),
+		OldPassword:       config.oldPassword,
+		Values:            config.values,
+	}
+	if config.servingInfo != nil {
+		format.ControllerCert = config.servingInfo.Cert
+		format.ControllerKey = config.servingInfo.PrivateKey
+		format.CAPrivateKey = config.servingInfo.CAPrivateKey
+		format.APIPort = config.servingInfo.APIPort
+		format.StatePort = config.servingInfo.StatePort
+		format.SharedSecret = config.servingInfo.SharedSecret
+		format.SystemIdentity = config.servingInfo.SystemIdentity
+	}
+	if config.stateDetails != nil {
+		if len(config.stateDetails.addresses) > 0 {
+			format.StateAddresses = config.stateDetails.addresses
+			format.StatePassword = config.stateDetails.password
+		}
+	}
+	if config.apiDetails != nil {
+		if len(config.apiDetails.addresses) > 0 {
+			format.APIAddresses = config.apiDetails.addresses
+			format.APIPassword = config.apiDetails.password
+		}
+	}
+	if config.mongoVersion != "" {
+		format.MongoVersion = string(config.mongoVersion)
+	}
+	return goyaml.Marshal(format)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-2.0_whitebox_test.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-2.0_whitebox_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/format-2.0_whitebox_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/format-2.0_whitebox_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,256 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// The format tests are white box tests, meaning that the tests are in the
+// same package as the code, as all the format details are internal to the
+// package.
+
+package agent
+
+import (
+	"path/filepath"
+
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	"github.com/juju/version"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/state/multiwatcher"
+	"github.com/juju/juju/testing"
+)
+
+type format_2_0Suite struct {
+	testing.BaseSuite
+}
+
+var _ = gc.Suite(&format_2_0Suite{})
+
+func (s *format_2_0Suite) TestStatePortNotParsedWithoutSecret(c *gc.C) {
+	dataDir := c.MkDir()
+	configPath := filepath.Join(dataDir, agentConfigFilename)
+	err := utils.AtomicWriteFile(configPath, []byte(agentConfig2_0NotStateMachine), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+	readConfig, err := ReadConfig(configPath)
+	c.Assert(err, jc.ErrorIsNil)
+	_, available := readConfig.StateServingInfo()
+	c.Assert(available, jc.IsFalse)
+}
+
+func (*format_2_0Suite) TestReadConfWithExisting2_0ConfigFileContents(c *gc.C) {
+	dataDir := c.MkDir()
+	configPath := filepath.Join(dataDir, agentConfigFilename)
+	err := utils.AtomicWriteFile(configPath, []byte(agentConfig2_0Contents), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+
+	config, err := ReadConfig(configPath)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(config.UpgradedToVersion(), jc.DeepEquals, version.MustParse("1.17.5.1"))
+	c.Assert(config.Jobs(), jc.DeepEquals, []multiwatcher.MachineJob{multiwatcher.JobManageModel})
+}
+
+var agentConfig2_0Contents = `
+# format 2.0
+tag: machine-0
+datadir: /home/user/.local/share/juju/local
+logdir: /var/log/juju-user-local
+nonce: user-admin:bootstrap
+jobs:
+- JobManageModel
+upgradedToVersion: 1.17.5.1
+cacert: '-----BEGIN CERTIFICATE-----
+
+  MIICWzCCAcagAwIBAgIBADALBgkqhkiG9w0BAQUwQzENMAsGA1UEChMEanVqdTEy
+
+  MDAGA1UEAwwpanVqdS1nZW5lcmF0ZWQgQ0EgZm9yIGVudmlyb25tZW50ICJsb2Nh
+
+  bCIwHhcNMTQwMzA1MTQxOTA3WhcNMjQwMzA1MTQyNDA3WjBDMQ0wCwYDVQQKEwRq
+
+  dWp1MTIwMAYDVQQDDClqdWp1LWdlbmVyYXRlZCBDQSBmb3IgZW52aXJvbm1lbnQg
+
+  ImxvY2FsIjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwHsKV7fKfmSQt2QL
+
+  P4+hrqQJhDTMifgNkIY9nTlLHegV5jl5XJ8lRYjZBXJEMz0AzW/RbrDElkn5+4Do
+
+  pIWPNDAT0eztXBvVwL6qQOUtiBsA7vHQJMQaLVAmZNKvrHyuhcoG+hpf8EMaLdbA
+
+  iCGKifs+Y0MFt5AeriVDH5lGlzcCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgCkMA8G
+
+  A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB3Td3SP66UToZkOjVh3Wy8b6HR6MB8G
+
+  A1UdIwQYMBaAFB3Td3SP66UToZkOjVh3Wy8b6HR6MAsGCSqGSIb3DQEBBQOBgQB4
+
+  izvSRSpimi40aEOnZIsSMHVBiSCclpBg5cq7lGyiUSsDROTIbsRAKPBmrflB/qbf
+
+  J70rWFwh/d/5ssCAYrZviFL6WvpuLD3j3m4PYampNMmvJf2s6zVRIMotEY+bVwfU
+
+  z4jGaVpODac0i0bE0/Uh9qXK1UXcYY57vNNAgkaYAQ==
+
+  -----END CERTIFICATE-----
+
+'
+stateaddresses:
+- localhost:37017
+statepassword: NB5imrDaWCCRW/4akSSvUxhX
+apiaddresses:
+- localhost:17070
+apipassword: NB5imrDaWCCRW/4akSSvUxhX
+oldpassword: oBlMbFUGvCb2PMFgYVzjS6GD
+values:
+  AGENT_SERVICE_NAME: juju-agent-user-local
+  CONTAINER_TYPE: ""
+  NAMESPACE: user-local
+  PROVIDER_TYPE: local
+  STORAGE_ADDR: 10.0.3.1:8040
+  STORAGE_DIR: /home/user/.local/share/juju/local/storage
+controllercert: '-----BEGIN CERTIFICATE-----
+
+  MIICNzCCAaKgAwIBAgIBADALBgkqhkiG9w0BAQUwQzENMAsGA1UEChMEanVqdTEy
+
+  MDAGA1UEAwwpanVqdS1nZW5lcmF0ZWQgQ0EgZm9yIGVudmlyb25tZW50ICJsb2Nh
+
+  bCIwHhcNMTQwMzA1MTQxOTE1WhcNMjQwMzA1MTQyNDE1WjAbMQ0wCwYDVQQKEwRq
+
+  dWp1MQowCAYDVQQDEwEqMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJnbuN
+
+  L3m/oY7Er2lEF6ye1SodepvpI0CLCdLwrYP52cRxbVzoD1jbXveclolg2xoUquga
+
+  qxsAhvVzzGaoLux1BoBD+G0N637fnY4XSIC9IuSkPOAdReKJkOvTL4nTjpzgfeHR
+
+  hRin6Xckvp96L4Prmki7sYQ8PG9Q7TBcOf4yowIDAQABo2cwZTAOBgNVHQ8BAf8E
+
+  BAMCAKgwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFE1MB3d+5BW+n066
+
+  lWcVkhta1etlMB8GA1UdIwQYMBaAFB3Td3SP66UToZkOjVh3Wy8b6HR6MAsGCSqG
+
+  SIb3DQEBBQOBgQBnsBvl3hfIQbHhAlqritDBCWGpaXywlHe4PvyVL3LZTLiAZ9a/
+
+  BOSBfovs81sjUe5l60j+1vgRQgvT2Pnw6WGWmYWhSyxW7upEUl1LuZxnw3AVGVFO
+
+  r140iBNUtTfGUf3PmyBXHSotqgMime+rNSjl25qSoYwnuQXdFdCKJoutYg==
+
+  -----END CERTIFICATE-----
+
+'
+controllerkey: '-----BEGIN RSA PRIVATE KEY-----
+
+  MIICXAIBAAKBgQDJnbuNL3m/oY7Er2lEF6ye1SodepvpI0CLCdLwrYP52cRxbVzo
+
+  D1jbXveclolg2xoUqugaqxsAhvVzzGaoLux1BoBD+G0N637fnY4XSIC9IuSkPOAd
+
+  ReKJkOvTL4nTjpzgfeHRhRin6Xckvp96L4Prmki7sYQ8PG9Q7TBcOf4yowIDAQAB
+
+  AoGASEtzETFQ6tI3q3dqu6vxjhLJw0BP381wO2sOZJcTl+fqdPHOOrgmGKN5DoE8
+
+  SarHM1oFWGq6h/nc0eUdenk4+CokpbKRgUU9hB1TKGYMbN3bUTKPOqTMHbnrhWdT
+
+  P/fqa+nXhvg7igMT3Rk7l9DsSxoYB5xZmiLaXqynVE5MNoECQQDRsgDDUrUOeMH6
+
+  1+GO+afb8beRzR8mnaBvja6XLlZB6SUcGet9bMgAiGH3arH6ARfNNsWrDAmvArah
+
+  SKeqRB5TAkEA9iMEQDkcybCmxu4Y3YLeQuT9r3h26QhQjc+eRINS/3ZLN+lxKnXG
+
+  N019ZUlsyL97lJBDzTMPsBqfXJ2pbqXwcQJBAJNLuPN63kl7E68zA3Ld9UYvBWY6
+
+  Mp56bJ7PZAs39kk4DuQtZNhmmBqfskkMPlZBfEmfJrxeqVKw0j56faPBU5cCQFYU
+
+  mP/8+VxwM2OPEZMmmaS7gR1E/BEznzh5S9iaNQSy0kuTkMhQuCnPJ/OsYiczEH08
+
+  lvnEyc/E/8bcPM09q4ECQCFwMWzw2Jx9VOBGm60yiOKIdLgdDZOY/tP0jigNCMJF
+
+  47/BJx3FCgW3io81a4KOc445LxgiPUJyyCNlY1dW70o=
+
+  -----END RSA PRIVATE KEY-----
+
+'
+caprivatekey: '-----BEGIN RSA PRIVATE KEY-----
+
+  MIICXAIBAAKBgQDJnbuNL3m/oY7Er2lEF6ye1SodepvpI0CLCdLwrYP52cRxbVzo
+
+  D1jbXveclolg2xoUqugaqxsAhvVzzGaoLux1BoBD+G0N637fnY4XSIC9IuSkPOAd
+
+  ReKJkOvTL4nTjpzgfeHRhRin6Xckvp96L4Prmki7sYQ8PG9Q7TBcOf4yowIDAQAB
+
+  AoGASEtzETFQ6tI3q3dqu6vxjhLJw0BP381wO2sOZJcTl+fqdPHOOrgmGKN5DoE8
+
+  SarHM1oFWGq6h/nc0eUdenk4+CokpbKRgUU9hB1TKGYMbN3bUTKPOqTMHbnrhWdT
+
+  P/fqa+nXhvg7igMT3Rk7l9DsSxoYB5xZmiLaXqynVE5MNoECQQDRsgDDUrUOeMH6
+
+  1+GO+afb8beRzR8mnaBvja6XLlZB6SUcGet9bMgAiGH3arH6ARfNNsWrDAmvArah
+
+  SKeqRB5TAkEA9iMEQDkcybCmxu4Y3YLeQuT9r3h26QhQjc+eRINS/3ZLN+lxKnXG
+
+  N019ZUlsyL97lJBDzTMPsBqfXJ2pbqXwcQJBAJNLuPN63kl7E68zA3Ld9UYvBWY6
+
+  Mp56bJ7PZAs39kk4DuQtZNhmmBqfskkMPlZBfEmfJrxeqVKw0j56faPBU5cCQFYU
+
+  mP/8+VxwM2OPEZMmmaS7gR1E/BEznzh5S9iaNQSy0kuTkMhQuCnPJ/OsYiczEH08
+
+  lvnEyc/E/8bcPM09q4ECQCFwMWzw2Jx9VOBGm60yiOKIdLgdDZOY/tP0jigNCMJF
+
+  47/BJx3FCgW3io81a4KOc445LxgiPUJyyCNlY1dW70o=
+
+  -----END RSA PRIVATE KEY-----
+
+'
+apiport: 17070
+`[1:]
+
+var agentConfig2_0NotStateMachine = `
+# format 2.0
+tag: machine-1
+datadir: /home/user/.local/share/juju/local
+logdir: /var/log/juju-user-local
+nonce: user-admin:bootstrap
+jobs:
+- JobManageModel
+upgradedToVersion: 1.17.5.1
+cacert: '-----BEGIN CERTIFICATE-----
+
+  MIICWzCCAcagAwIBAgIBADALBgkqhkiG9w0BAQUwQzENMAsGA1UEChMEanVqdTEy
+
+  MDAGA1UEAwwpanVqdS1nZW5lcmF0ZWQgQ0EgZm9yIGVudmlyb25tZW50ICJsb2Nh
+
+  bCIwHhcNMTQwMzA1MTQxOTA3WhcNMjQwMzA1MTQyNDA3WjBDMQ0wCwYDVQQKEwRq
+
+  dWp1MTIwMAYDVQQDDClqdWp1LWdlbmVyYXRlZCBDQSBmb3IgZW52aXJvbm1lbnQg
+
+  ImxvY2FsIjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwHsKV7fKfmSQt2QL
+
+  P4+hrqQJhDTMifgNkIY9nTlLHegV5jl5XJ8lRYjZBXJEMz0AzW/RbrDElkn5+4Do
+
+  pIWPNDAT0eztXBvVwL6qQOUtiBsA7vHQJMQaLVAmZNKvrHyuhcoG+hpf8EMaLdbA
+
+  iCGKifs+Y0MFt5AeriVDH5lGlzcCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgCkMA8G
+
+  A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFB3Td3SP66UToZkOjVh3Wy8b6HR6MB8G
+
+  A1UdIwQYMBaAFB3Td3SP66UToZkOjVh3Wy8b6HR6MAsGCSqGSIb3DQEBBQOBgQB4
+
+  izvSRSpimi40aEOnZIsSMHVBiSCclpBg5cq7lGyiUSsDROTIbsRAKPBmrflB/qbf
+
+  J70rWFwh/d/5ssCAYrZviFL6WvpuLD3j3m4PYampNMmvJf2s6zVRIMotEY+bVwfU
+
+  z4jGaVpODac0i0bE0/Uh9qXK1UXcYY57vNNAgkaYAQ==
+
+  -----END CERTIFICATE-----
+
+'
+stateaddresses:
+- localhost:37017
+statepassword: NB5imrDaWCCRW/4akSSvUxhX
+apiaddresses:
+- localhost:17070
+apipassword: NB5imrDaWCCRW/4akSSvUxhX
+oldpassword: oBlMbFUGvCb2PMFgYVzjS6GD
+values:
+  AGENT_SERVICE_NAME: juju-agent-user-local
+  CONTAINER_TYPE: ""
+  MONGO_SERVICE_NAME: juju-db-user-local
+  NAMESPACE: user-local
+  PROVIDER_TYPE: local
+  STORAGE_ADDR: 10.0.3.1:8040
+  STORAGE_DIR: /home/user/.local/share/juju/local/storage
+apiport: 17070
+`[1:]
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/format.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/format.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/format.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/format.go	2016-07-18 19:45:44.000000000 +0000
@@ -46,7 +46,7 @@
 // - Remove the marshal() method from the old format;
 
 // currentFormat holds the current agent config version's formatter.
-var currentFormat = format_1_18
+var currentFormat = format_2_0
 
 // agentConfigFilename is the default file name of used for the agent
 // config.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/format_whitebox_test.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/format_whitebox_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/format_whitebox_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/format_whitebox_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"path/filepath"
 	"runtime"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cloudconfig/cloudinit"
@@ -37,7 +37,6 @@
 	StateAddresses:    []string{"localhost:1234"},
 	APIAddresses:      []string{"localhost:1235"},
 	Nonce:             "a nonce",
-	PreferIPv6:        false,
 	Model:             testing.ModelTag,
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/identity_test.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/identity_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/identity_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/identity_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"os"
 	"runtime"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/tools/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/tools/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/tools/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/tools/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package tools
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/tools/toolsdir.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/tools/toolsdir.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/tools/toolsdir.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/tools/toolsdir.go	2016-07-18 19:45:44.000000000 +0000
@@ -152,7 +152,7 @@
 	if err == nil || os.IsNotExist(err) {
 		return
 	}
-	logger.Warningf("cannot remove %q: %v", dir, err)
+	logger.Errorf("cannot remove %q: %v", dir, err)
 }
 
 func writeFile(name string, mode os.FileMode, r io.Reader) error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/agent/uninstall.go juju-core-2.0~beta12/src/github.com/juju/juju/agent/uninstall.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/agent/uninstall.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/agent/uninstall.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"os"
 	"path/filepath"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 const (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/action/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/action/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/action/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/action/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,6 @@
 
 import (
 	"github.com/juju/errors"
-	"gopkg.in/juju/charm.v6-unstable"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
@@ -91,32 +90,31 @@
 	return results, err
 }
 
-// servicesCharmActions is a batched query for the charm.Actions for a slice
+// applicationsCharmActions is a batched query for the charm.Actions for a slice
 // of services by Entity.
-func (c *Client) servicesCharmActions(arg params.Entities) (params.ServicesCharmActionsResults, error) {
-	results := params.ServicesCharmActionsResults{}
-	err := c.facade.FacadeCall("ServicesCharmActions", arg, &results)
+func (c *Client) applicationsCharmActions(arg params.Entities) (params.ApplicationsCharmActionsResults, error) {
+	results := params.ApplicationsCharmActionsResults{}
+	err := c.facade.FacadeCall("ApplicationsCharmsActions", arg, &results)
 	return results, err
 }
 
-// ServiceCharmActions is a single query which uses ServicesCharmActions to
+// ApplicationCharmActions is a single query which uses ApplicationsCharmsActions to
 // get the charm.Actions for a single Service by tag.
-func (c *Client) ServiceCharmActions(arg params.Entity) (*charm.Actions, error) {
-	none := &charm.Actions{}
+func (c *Client) ApplicationCharmActions(arg params.Entity) (map[string]params.ActionSpec, error) {
 	tags := params.Entities{Entities: []params.Entity{{Tag: arg.Tag}}}
-	results, err := c.servicesCharmActions(tags)
+	results, err := c.applicationsCharmActions(tags)
 	if err != nil {
-		return none, err
+		return nil, errors.Trace(err)
 	}
 	if len(results.Results) != 1 {
-		return none, errors.Errorf("%d results, expected 1", len(results.Results))
+		return nil, errors.Errorf("%d results, expected 1", len(results.Results))
 	}
 	result := results.Results[0]
 	if result.Error != nil {
-		return none, result.Error
+		return nil, result.Error
 	}
-	if result.ServiceTag != arg.Tag {
-		return none, errors.Errorf("action results received for wrong service %q", result.ServiceTag)
+	if result.ApplicationTag != arg.Tag {
+		return nil, errors.Errorf("action results received for wrong application %q", result.ApplicationTag)
 	}
 	return result.Actions, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/action/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/action/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/action/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/action/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/action"
 	"github.com/juju/juju/apiserver/params"
@@ -27,26 +26,26 @@
 	c.Check(facade.Name(), gc.Equals, "Action")
 }
 
-func (s *actionSuite) TestServiceCharmActions(c *gc.C) {
+func (s *actionSuite) TestApplicationCharmActions(c *gc.C) {
 	tests := []struct {
 		description    string
-		patchResults   []params.ServiceCharmActionsResult
+		patchResults   []params.ApplicationCharmActionsResult
 		patchErr       string
 		expectedErr    string
-		expectedResult *charm.Actions
+		expectedResult map[string]params.ActionSpec
 	}{{
 		description: "result from wrong service",
-		patchResults: []params.ServiceCharmActionsResult{
+		patchResults: []params.ApplicationCharmActionsResult{
 			{
-				ServiceTag: names.NewServiceTag("bar").String(),
+				ApplicationTag: names.NewApplicationTag("bar").String(),
 			},
 		},
-		expectedErr: `action results received for wrong service "service-bar"`,
+		expectedErr: `action results received for wrong application "application-bar"`,
 	}, {
 		description: "some other error",
-		patchResults: []params.ServiceCharmActionsResult{
+		patchResults: []params.ApplicationCharmActionsResult{
 			{
-				ServiceTag: names.NewServiceTag("foo").String(),
+				ApplicationTag: names.NewApplicationTag("foo").String(),
 				Error: &params.Error{
 					Message: "something bad",
 				},
@@ -55,14 +54,14 @@
 		expectedErr: `something bad`,
 	}, {
 		description: "more than one result",
-		patchResults: []params.ServiceCharmActionsResult{
+		patchResults: []params.ApplicationCharmActionsResult{
 			{},
 			{},
 		},
 		expectedErr: "2 results, expected 1",
 	}, {
 		description:  "no results",
-		patchResults: []params.ServiceCharmActionsResult{},
+		patchResults: []params.ApplicationCharmActionsResult{},
 		expectedErr:  "0 results, expected 1",
 	}, {
 		description: "error on facade call",
@@ -70,28 +69,24 @@
 		expectedErr: "something went wrong",
 	}, {
 		description: "normal result",
-		patchResults: []params.ServiceCharmActionsResult{
+		patchResults: []params.ApplicationCharmActionsResult{
 			{
-				ServiceTag: names.NewServiceTag("foo").String(),
-				Actions: &charm.Actions{
-					ActionSpecs: map[string]charm.ActionSpec{
-						"action": {
-							Description: "description",
-							Params: map[string]interface{}{
-								"foo": "bar",
-							},
+				ApplicationTag: names.NewApplicationTag("foo").String(),
+				Actions: map[string]params.ActionSpec{
+					"action": {
+						Description: "description",
+						Params: map[string]interface{}{
+							"foo": "bar",
 						},
 					},
 				},
 			},
 		},
-		expectedResult: &charm.Actions{
-			ActionSpecs: map[string]charm.ActionSpec{
-				"action": {
-					Description: "description",
-					Params: map[string]interface{}{
-						"foo": "bar",
-					},
+		expectedResult: map[string]params.ActionSpec{
+			"action": {
+				Description: "description",
+				Params: map[string]interface{}{
+					"foo": "bar",
 				},
 			},
 		},
@@ -101,9 +96,9 @@
 		// anonymous func to properly trigger defer
 		func() {
 			c.Logf("test %d: %s", i, t.description)
-			cleanup := patchServiceCharmActions(c, s.client, t.patchResults, t.patchErr)
+			cleanup := patchApplicationCharmActions(c, s.client, t.patchResults, t.patchErr)
 			defer cleanup()
-			result, err := s.client.ServiceCharmActions(params.Entity{Tag: names.NewServiceTag("foo").String()})
+			result, err := s.client.ApplicationCharmActions(params.Entity{Tag: names.NewApplicationTag("foo").String()})
 			if t.expectedErr != "" {
 				c.Check(err, gc.ErrorMatches, t.expectedErr)
 			} else {
@@ -114,16 +109,16 @@
 	}
 }
 
-// replace "ServicesCharmActions" facade call with required results and error
+// replace sCharmActions" facade call with required results and error
 // if desired
-func patchServiceCharmActions(c *gc.C, apiCli *action.Client, patchResults []params.ServiceCharmActionsResult, err string) func() {
+func patchApplicationCharmActions(c *gc.C, apiCli *action.Client, patchResults []params.ApplicationCharmActionsResult, err string) func() {
 	return action.PatchClientFacadeCall(apiCli,
 		func(req string, paramsIn interface{}, resp interface{}) error {
-			c.Assert(req, gc.Equals, "ServicesCharmActions")
+			c.Assert(req, gc.Equals, "ApplicationsCharmsActions")
 			c.Assert(paramsIn, gc.FitsTypeOf, params.Entities{})
 			p := paramsIn.(params.Entities)
 			c.Check(p.Entities, gc.HasLen, 1)
-			result := resp.(*params.ServicesCharmActionsResults)
+			result := resp.(*params.ApplicationsCharmActionsResults)
 			result.Results = patchResults
 			if err != "" {
 				return errors.New(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/addresser.go juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/addresser.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/addresser.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/addresser.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,76 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/api/base"
-	apiwatcher "github.com/juju/juju/api/watcher"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/watcher"
-)
-
-const addresserFacade = "Addresser"
-
-// API provides access to the InstancePoller API facade.
-type API struct {
-	facade base.FacadeCaller
-}
-
-// NewAPI creates a new client-side Addresser facade.
-func NewAPI(caller base.APICaller) *API {
-	if caller == nil {
-		panic("caller is nil")
-	}
-	return &API{
-		facade: base.NewFacadeCaller(caller, addresserFacade),
-	}
-}
-
-// CanDeallocateAddresses checks if the current model can
-// deallocate IP addresses.
-func (api *API) CanDeallocateAddresses() (bool, error) {
-	var result params.BoolResult
-	if err := api.facade.FacadeCall("CanDeallocateAddresses", nil, &result); err != nil {
-		return false, errors.Trace(err)
-	}
-	if result.Error == nil {
-		return result.Result, nil
-	}
-	return false, errors.Trace(result.Error)
-}
-
-// CleanupIPAddresses releases and removes the dead IP addresses. If not
-// all IP addresses could be released and removed a params.ErrTryAgain
-// is returned.
-func (api *API) CleanupIPAddresses() error {
-	var result params.ErrorResult
-	if err := api.facade.FacadeCall("CleanupIPAddresses", nil, &result); err != nil {
-		return errors.Trace(err)
-	}
-	if result.Error == nil {
-		return nil
-	}
-	return errors.Trace(result.Error)
-}
-
-var newEntitiesWatcher = apiwatcher.NewEntitiesWatcher
-
-// WatchIPAddresses returns a EntitiesWatcher for observing the
-// tags of IP addresses with changes in life cycle.
-// The initial event will contain the tags of any IP addresses
-// which are no longer Alive.
-func (api *API) WatchIPAddresses() (watcher.EntitiesWatcher, error) {
-	var result params.EntitiesWatchResult
-	err := api.facade.FacadeCall("WatchIPAddresses", nil, &result)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if result.Error == nil {
-		w := newEntitiesWatcher(api.facade.RawAPICaller(), result)
-		return w, nil
-	}
-	return nil, errors.Trace(result.Error)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/addresser_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/addresser_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/addresser_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/addresser_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,172 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser_test
-
-import (
-	"errors"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/api/addresser"
-	"github.com/juju/juju/api/base"
-	apitesting "github.com/juju/juju/api/base/testing"
-	"github.com/juju/juju/apiserver/params"
-	apiservertesting "github.com/juju/juju/apiserver/testing"
-	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/juju/watcher"
-)
-
-type AddresserSuite struct {
-	coretesting.BaseSuite
-}
-
-var _ = gc.Suite(&AddresserSuite{})
-
-func (s *AddresserSuite) TestNewAPI(c *gc.C) {
-	var called int
-	apiCaller := clientErrorAPICaller(c, "CleanupIPAddresses", nil, &called)
-	api := addresser.NewAPI(apiCaller)
-	c.Check(api, gc.NotNil)
-	c.Check(called, gc.Equals, 0)
-
-	// Make a call so that an error will be returned.
-	err := api.CleanupIPAddresses()
-	c.Assert(err, gc.ErrorMatches, "client error!")
-	c.Assert(called, gc.Equals, 1)
-}
-
-func (s *AddresserSuite) TestNewAPIWithNilCaller(c *gc.C) {
-	panicFunc := func() { addresser.NewAPI(nil) }
-	c.Assert(panicFunc, gc.PanicMatches, "caller is nil")
-}
-
-func (s *AddresserSuite) TestCanDeallocateAddressesSuccess(c *gc.C) {
-	var called int
-	expectedResult := params.BoolResult{
-		Result: true,
-	}
-	apiCaller := successAPICaller(c, "CanDeallocateAddresses", nil, expectedResult, &called)
-	api := addresser.NewAPI(apiCaller)
-
-	ok, err := api.CanDeallocateAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ok, jc.IsTrue)
-	c.Assert(called, gc.Equals, 1)
-}
-
-func (s *AddresserSuite) TestCanDeallocateAddressesServerError(c *gc.C) {
-	var called int
-	expectedResult := params.BoolResult{
-		Error: apiservertesting.ServerError("server boom!"),
-	}
-	apiCaller := successAPICaller(c, "CanDeallocateAddresses", nil, expectedResult, &called)
-	api := addresser.NewAPI(apiCaller)
-
-	ok, err := api.CanDeallocateAddresses()
-	c.Assert(err, gc.ErrorMatches, "server boom!")
-	c.Assert(ok, jc.IsFalse)
-	c.Assert(called, gc.Equals, 1)
-}
-
-func (s *AddresserSuite) TestCleanupIPAddressesSuccess(c *gc.C) {
-	var called int
-	expectedResult := params.ErrorResult{}
-	apiCaller := successAPICaller(c, "CleanupIPAddresses", nil, expectedResult, &called)
-	api := addresser.NewAPI(apiCaller)
-
-	err := api.CleanupIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(called, gc.Equals, 1)
-}
-
-func (s *AddresserSuite) TestCleanupIPAddressesServerError(c *gc.C) {
-	var called int
-	expectedResult := params.ErrorResult{
-		Error: apiservertesting.ServerError("server boom!"),
-	}
-	apiCaller := successAPICaller(c, "CleanupIPAddresses", nil, expectedResult, &called)
-	api := addresser.NewAPI(apiCaller)
-
-	err := api.CleanupIPAddresses()
-	c.Assert(err, gc.ErrorMatches, "server boom!")
-	c.Assert(called, gc.Equals, 1)
-}
-
-func (s *AddresserSuite) TestWatchIPAddressesSuccess(c *gc.C) {
-	var numFacadeCalls int
-	var numWatcherCalls int
-	expectedResult := params.EntitiesWatchResult{
-		EntitiesWatcherId: "42",
-		Changes: []string{
-			"ipaddress-11111111-0000-0000-0000-000000000000",
-			"ipaddress-22222222-0000-0000-0000-000000000000",
-		},
-	}
-	watcherFunc := func(caller base.APICaller, result params.EntitiesWatchResult) watcher.EntitiesWatcher {
-		numWatcherCalls++
-		c.Check(caller, gc.NotNil)
-		c.Check(result, jc.DeepEquals, expectedResult)
-		return nil
-	}
-	s.PatchValue(addresser.NewEntitiesWatcher, watcherFunc)
-
-	apiCaller := successAPICaller(c, "WatchIPAddresses", nil, expectedResult, &numFacadeCalls)
-	api := addresser.NewAPI(apiCaller)
-
-	w, err := api.WatchIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(numFacadeCalls, gc.Equals, 1)
-	c.Assert(numWatcherCalls, gc.Equals, 1)
-	c.Assert(w, gc.IsNil)
-}
-
-func (s *AddresserSuite) TestWatchIPAddressesClientError(c *gc.C) {
-	var called int
-	apiCaller := clientErrorAPICaller(c, "WatchIPAddresses", nil, &called)
-
-	api := addresser.NewAPI(apiCaller)
-	w, err := api.WatchIPAddresses()
-
-	c.Assert(w, jc.ErrorIsNil)
-	c.Assert(err, gc.ErrorMatches, "client error!")
-	c.Assert(called, gc.Equals, 1)
-}
-
-func (s *AddresserSuite) TestWatchIPAddressesServerError(c *gc.C) {
-	var called int
-	expectedResult := params.EntitiesWatchResult{
-		Error: apiservertesting.ServerError("server boom!"),
-	}
-	apiCaller := successAPICaller(c, "WatchIPAddresses", nil, expectedResult, &called)
-	api := addresser.NewAPI(apiCaller)
-
-	w, err := api.WatchIPAddresses()
-	c.Assert(w, jc.ErrorIsNil)
-	c.Assert(err, gc.ErrorMatches, "server boom!")
-	c.Assert(called, gc.Equals, 1)
-}
-
-func successAPICaller(c *gc.C, method string, expectArgs, useResults interface{}, numCalls *int) base.APICaller {
-	args := &apitesting.CheckArgs{
-		Facade:        "Addresser",
-		VersionIsZero: true,
-		IdIsEmpty:     true,
-		Method:        method,
-		Args:          expectArgs,
-		Results:       useResults,
-	}
-	return apitesting.CheckingAPICaller(c, args, numCalls, nil)
-}
-
-func clientErrorAPICaller(c *gc.C, method string, expectArgs interface{}, numCalls *int) base.APICaller {
-	args := &apitesting.CheckArgs{
-		Facade:        "Addresser",
-		VersionIsZero: true,
-		IdIsEmpty:     true,
-		Method:        method,
-		Args:          expectArgs,
-	}
-	return apitesting.CheckingAPICaller(c, args, numCalls, errors.New("client error!"))
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,6 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-var NewEntitiesWatcher = &newEntitiesWatcher
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/addresser/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/addresser/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser_test
-
-import (
-	stdtesting "testing"
-
-	"github.com/juju/juju/testing"
-)
-
-func TestAll(t *stdtesting.T) {
-	testing.MgoTestPackage(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/facade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/facade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/agent"
 	"github.com/juju/juju/api/base"
@@ -27,7 +27,7 @@
 		c.Check(request, gc.Equals, "GetEntities")
 		c.Check(arg, jc.DeepEquals, params.Entities{
 			Entities: []params.Entity{{
-				Tag: "service-omg",
+				Tag: "application-omg",
 			}},
 		})
 		return errors.New("splat")
@@ -35,7 +35,7 @@
 	facade, err := agent.NewConnFacade(apiCaller)
 	c.Assert(err, jc.ErrorIsNil)
 
-	life, err := facade.Life(names.NewServiceTag("omg"))
+	life, err := facade.Life(names.NewApplicationTag("omg"))
 	c.Check(err, gc.ErrorMatches, "splat")
 	c.Check(life, gc.Equals, agent.Life(""))
 }
@@ -45,7 +45,7 @@
 	facade, err := agent.NewConnFacade(lifeChecker(c, result))
 	c.Assert(err, jc.ErrorIsNil)
 
-	life, err := facade.Life(names.NewServiceTag("omg"))
+	life, err := facade.Life(names.NewApplicationTag("omg"))
 	c.Check(err, gc.ErrorMatches, "expected 1 result, got 0")
 	c.Check(life, gc.Equals, agent.Life(""))
 }
@@ -57,7 +57,7 @@
 	facade, err := agent.NewConnFacade(lifeChecker(c, result))
 	c.Assert(err, jc.ErrorIsNil)
 
-	life, err := facade.Life(names.NewServiceTag("omg"))
+	life, err := facade.Life(names.NewApplicationTag("omg"))
 	c.Check(err, gc.ErrorMatches, "expected 1 result, got 2")
 	c.Check(life, gc.Equals, agent.Life(""))
 }
@@ -130,7 +130,7 @@
 		c.Check(request, gc.Equals, "SetPasswords")
 		c.Check(arg, jc.DeepEquals, params.EntityPasswords{
 			Changes: []params.EntityPassword{{
-				Tag:      "service-omg",
+				Tag:      "application-omg",
 				Password: "seekr1t",
 			}},
 		})
@@ -139,7 +139,7 @@
 	facade, err := agent.NewConnFacade(apiCaller)
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = facade.SetPassword(names.NewServiceTag("omg"), "seekr1t")
+	err = facade.SetPassword(names.NewApplicationTag("omg"), "seekr1t")
 	c.Check(err, gc.ErrorMatches, "splat")
 }
 
@@ -148,7 +148,7 @@
 	facade, err := agent.NewConnFacade(passwordChecker(c, result))
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = facade.SetPassword(names.NewServiceTag("omg"), "blah")
+	err = facade.SetPassword(names.NewApplicationTag("omg"), "blah")
 	c.Check(err, gc.ErrorMatches, "expected 1 result, got 0")
 }
 
@@ -159,7 +159,7 @@
 	facade, err := agent.NewConnFacade(passwordChecker(c, result))
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = facade.SetPassword(names.NewServiceTag("omg"), "blah")
+	err = facade.SetPassword(names.NewApplicationTag("omg"), "blah")
 	c.Check(err, gc.ErrorMatches, "expected 1 result, got 2")
 }
 
@@ -207,7 +207,7 @@
 	}))
 	c.Assert(err, jc.ErrorIsNil)
 
-	return facade.Life(names.NewServiceTag("omg"))
+	return facade.Life(names.NewApplicationTag("omg"))
 }
 
 func lifeChecker(c *gc.C, result params.AgentGetEntitiesResults) base.APICaller {
@@ -225,7 +225,7 @@
 	}))
 	c.Assert(err, jc.ErrorIsNil)
 
-	return facade.SetPassword(names.NewServiceTag("omg"), "blah")
+	return facade.SetPassword(names.NewApplicationTag("omg"), "blah")
 }
 
 func passwordChecker(c *gc.C, result params.ErrorResults) base.APICaller {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	stdtesting "testing"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/api"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/state.go juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
@@ -19,6 +19,7 @@
 type State struct {
 	facade base.FacadeCaller
 	*common.ModelWatcher
+	*common.ControllerConfigAPI
 }
 
 // NewState returns a version of the state that provides functionality
@@ -26,8 +27,9 @@
 func NewState(caller base.APICaller) *State {
 	facadeCaller := base.NewFacadeCaller(caller, "Agent")
 	return &State{
-		facade:       facadeCaller,
-		ModelWatcher: common.NewModelWatcher(facadeCaller),
+		facade:              facadeCaller,
+		ModelWatcher:        common.NewModelWatcher(facadeCaller),
+		ControllerConfigAPI: common.NewControllerConfig(facadeCaller),
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/agent/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/agent/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apiagent "github.com/juju/juju/api/agent"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/apiclient.go juju-core-2.0~beta12/src/github.com/juju/juju/api/apiclient.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/apiclient.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/apiclient.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,15 +18,16 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/parallel"
 	"github.com/juju/version"
 	"golang.org/x/net/websocket"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/apiserver/observer"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/rpc"
@@ -83,6 +84,10 @@
 	// authTag holds the authenticated entity's tag after login.
 	authTag names.Tag
 
+	// readOnly holds whether the user has read-only access for the
+	// connected model.
+	readOnly bool
+
 	// broken is a channel that gets closed when the connection is
 	// broken.
 	broken chan struct{}
@@ -122,10 +127,30 @@
 	bakeryClient *httpbakery.Client
 }
 
+// RedirectError is returned from Open when the controller
+// needs to inform the client that the model is hosted
+// on a different set of API addresses.
+type RedirectError struct {
+	// Servers holds the sets of addresses of the redirected
+	// servers.
+	Servers [][]network.HostPort
+
+	// CACert holds the certificate of the remote server.
+	CACert string
+}
+
+func (e *RedirectError) Error() string {
+	return fmt.Sprintf("redirection to alternative server required")
+}
+
 // Open establishes a connection to the API server using the Info
 // given, returning a State instance which can be used to make API
 // requests.
 //
+// If the model is hosted on a different server, Open
+// will return an error with a *RedirectError cause
+// holding the details of another server to connect to.
+//
 // See Connect for details of the connection mechanics.
 func Open(info *Info, opts DialOpts) (Connection, error) {
 	return open(info, opts, (*state).Login)
@@ -148,15 +173,14 @@
 		return nil, errors.Trace(err)
 	}
 
-	client := rpc.NewConn(jsoncodec.NewWebsocket(conn), nil)
+	client := rpc.NewConn(jsoncodec.NewWebsocket(conn), observer.None())
 	client.Start()
 
 	bakeryClient := opts.BakeryClient
 	if bakeryClient == nil {
 		bakeryClient = httpbakery.NewClient()
 	} else {
-		// Make a copy of the bakery client and its
-		// HTTP client
+		// Make a copy of the bakery client and its HTTP client
 		c := *opts.BakeryClient
 		bakeryClient = &c
 		httpc := *bakeryClient.Client
@@ -180,8 +204,10 @@
 		},
 		serverScheme:      "https",
 		serverRootAddress: conn.Config().Location.Host,
-		// why are the contents of the tag (username and password) written into the
-		// state structure BEFORE login ?!?
+		// We populate the username and password before
+		// login because, when doing HTTP requests, we'll want
+		// to use the same username and password for authenticating
+		// those. If login fails, we discard the connection.
 		tag:          tagToString(info.Tag),
 		password:     info.Password,
 		macaroons:    info.Macaroons,
@@ -192,7 +218,7 @@
 	if !info.SkipLogin {
 		if err := loginFunc(st, info.Tag, info.Password, info.Nonce, info.Macaroons); err != nil {
 			conn.Close()
-			return nil, err
+			return nil, errors.Trace(err)
 		}
 	}
 	st.broken = make(chan struct{})
@@ -301,7 +327,7 @@
 	return result.(*websocket.Conn), nil
 }
 
-// ConnectStream implements Connection.ConnectStream.
+// ConnectStream implements Connection.ConnectStream, whatever that is..
 func (st *state) ConnectStream(path string, attrs url.Values) (base.Stream, error) {
 	if !st.isLoggedIn() {
 		return nil, errors.New("cannot use ConnectStream without logging in")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/apiclient_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/apiclient_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/apiclient_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/apiclient_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,22 +8,25 @@
 	"sync/atomic"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/parallel"
 	"golang.org/x/net/websocket"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
-	jujutesting "github.com/juju/juju/juju/testing"
+	apiservertesting "github.com/juju/juju/apiserver/testing"
+	jjtesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/network"
 	"github.com/juju/juju/rpc"
+	jtesting "github.com/juju/juju/testing"
 	jujuversion "github.com/juju/juju/version"
 )
 
 type apiclientSuite struct {
-	jujutesting.JujuConnSuite
+	jjtesting.JujuConnSuite
 }
 
 var _ = gc.Suite(&apiclientSuite{})
@@ -155,6 +158,73 @@
 	c.Assert(result, gc.IsNil)
 }
 
+func (s *apiclientSuite) TestOpenWithRedirect(c *gc.C) {
+	redirectToHosts := []string{"0.1.2.3:1234", "0.1.2.4:1235"}
+	redirectToCACert := "fake CA cert"
+
+	srv := apiservertesting.NewAPIServer(func(modelUUID string) interface{} {
+		return &redirectAPI{
+			modelUUID:        modelUUID,
+			redirectToHosts:  redirectToHosts,
+			redirectToCACert: redirectToCACert,
+		}
+	})
+	defer srv.Close()
+
+	_, err := api.Open(&api.Info{
+		Addrs:    srv.Addrs,
+		CACert:   jtesting.CACert,
+		ModelTag: names.NewModelTag("beef1beef1-0000-0000-000011112222"),
+	}, api.DialOpts{})
+	c.Assert(err, gc.ErrorMatches, `redirection to alternative server required`)
+
+	hps, _ := network.ParseHostPorts(redirectToHosts...)
+	c.Assert(errors.Cause(err), jc.DeepEquals, &api.RedirectError{
+		Servers: [][]network.HostPort{hps},
+		CACert:  redirectToCACert,
+	})
+}
+
+type redirectAPI struct {
+	redirected       bool
+	modelUUID        string
+	redirectToHosts  []string
+	redirectToCACert string
+}
+
+func (r *redirectAPI) Admin(id string) (*redirectAPIAdmin, error) {
+	return &redirectAPIAdmin{r}, nil
+}
+
+type redirectAPIAdmin struct {
+	r *redirectAPI
+}
+
+func (a *redirectAPIAdmin) Login(req params.LoginRequest) (params.LoginResultV1, error) {
+	if a.r.modelUUID != "beef1beef1-0000-0000-000011112222" {
+		return params.LoginResultV1{}, errors.New("logged into unexpected model")
+	}
+	a.r.redirected = true
+	return params.LoginResultV1{}, params.Error{
+		Message: "redirect",
+		Code:    params.CodeRedirect,
+	}
+}
+
+func (a *redirectAPIAdmin) RedirectInfo() (params.RedirectInfoResult, error) {
+	if !a.r.redirected {
+		return params.RedirectInfoResult{}, errors.New("not redirected")
+	}
+	hps, err := network.ParseHostPorts(a.r.redirectToHosts...)
+	if err != nil {
+		panic(err)
+	}
+	return params.RedirectInfoResult{
+		Servers: [][]params.HostPort{params.FromNetworkHostPorts(hps)},
+		CACert:  a.r.redirectToCACert,
+	}, nil
+}
+
 func assertConnAddrForEnv(c *gc.C, conn *websocket.Conn, addr, modelUUID, tail string) {
 	c.Assert(conn.RemoteAddr(), gc.Matches, "^wss://"+addr+"/model/"+modelUUID+tail+"$")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/application/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/application/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/application/client.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/application/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,273 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// Package application provides access to the application api facade.
+// This facade contains api calls that are specific to applications.
+// As a rule of thumb, if the argument for an api requires an application name
+// and affects only that application then the call belongs here.
+package application
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"gopkg.in/juju/charm.v6-unstable"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/charmstore"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/instance"
+	"github.com/juju/juju/storage"
+)
+
+var logger = loggo.GetLogger("juju.api.application")
+
+// Client allows access to the service API end point.
+type Client struct {
+	base.ClientFacade
+	st     api.Connection
+	facade base.FacadeCaller
+}
+
+// NewClient creates a new client for accessing the application api.
+func NewClient(st api.Connection) *Client {
+	frontend, backend := base.NewClientFacade(st, "Application")
+	return &Client{ClientFacade: frontend, st: st, facade: backend}
+}
+
+// SetMetricCredentials sets the metric credentials for the application specified.
+func (c *Client) SetMetricCredentials(service string, credentials []byte) error {
+	creds := []params.ApplicationMetricCredential{
+		{service, credentials},
+	}
+	p := params.ApplicationMetricCredentials{creds}
+	results := new(params.ErrorResults)
+	err := c.facade.FacadeCall("SetMetricCredentials", p, results)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return errors.Trace(results.OneError())
+}
+
+// ModelUUID returns the model UUID from the client connection.
+func (c *Client) ModelUUID() string {
+	tag, err := c.st.ModelTag()
+	if err != nil {
+		logger.Warningf("model tag not an model: %v", err)
+		return ""
+	}
+	return tag.Id()
+}
+
+// DeployArgs holds the arguments to be sent to Client.ServiceDeploy.
+type DeployArgs struct {
+	// CharmID identifies the charm to deploy.
+	CharmID charmstore.CharmID
+	// ApplicationName is the name to give the application.
+	ApplicationName string
+	// Series to be used for the machine.
+	Series string
+	// NumUnits is the number of units to deploy.
+	NumUnits int
+	// ConfigYAML is a string that overrides the default config.yml.
+	ConfigYAML string
+	// Cons contains constraints on where units of this application may be
+	// placed.
+	Cons constraints.Value
+	// Placement directives on where the machines for the unit must be
+	// created.
+	Placement []*instance.Placement
+	// Storage contains Constraints specifying how storage should be
+	// handled.
+	Storage map[string]storage.Constraints
+	// EndpointBindings
+	EndpointBindings map[string]string
+	// Collection of resource names for the application, with the value being the
+	// unique ID of a pre-uploaded resources in storage.
+	Resources map[string]string
+}
+
+// Deploy obtains the charm, either locally or from the charm store, and deploys
+// it. Placement directives, if provided, specify the machine on which the charm
+// is deployed.
+func (c *Client) Deploy(args DeployArgs) error {
+	deployArgs := params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			ApplicationName:  args.ApplicationName,
+			Series:           args.Series,
+			CharmUrl:         args.CharmID.URL.String(),
+			Channel:          string(args.CharmID.Channel),
+			NumUnits:         args.NumUnits,
+			ConfigYAML:       args.ConfigYAML,
+			Constraints:      args.Cons,
+			Placement:        args.Placement,
+			Storage:          args.Storage,
+			EndpointBindings: args.EndpointBindings,
+			Resources:        args.Resources,
+		}},
+	}
+	var results params.ErrorResults
+	var err error
+	err = c.facade.FacadeCall("Deploy", deployArgs, &results)
+	if err != nil {
+		return err
+	}
+	return results.OneError()
+}
+
+// GetCharmURL returns the charm URL the given service is
+// running at present.
+func (c *Client) GetCharmURL(serviceName string) (*charm.URL, error) {
+	result := new(params.StringResult)
+	args := params.ApplicationGet{ApplicationName: serviceName}
+	err := c.facade.FacadeCall("GetCharmURL", args, result)
+	if err != nil {
+		return nil, err
+	}
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	return charm.ParseURL(result.Result)
+}
+
+// SetCharmConfig holds the configuration for setting a new revision of a charm
+// on a service.
+type SetCharmConfig struct {
+	// ApplicationName is the name of the application to set the charm on.
+	ApplicationName string
+	// CharmID identifies the charm.
+	CharmID charmstore.CharmID
+	// ForceSeries forces the use of the charm even if it doesn't match the
+	// series of the unit.
+	ForceSeries bool
+	// ForceUnits forces the upgrade on units in an error state.
+	ForceUnits bool
+	// ResourceIDs is a map of resource names to resource IDs to activate during
+	// the upgrade.
+	ResourceIDs map[string]string
+}
+
+// SetCharm sets the charm for a given service.
+func (c *Client) SetCharm(cfg SetCharmConfig) error {
+	args := params.ApplicationSetCharm{
+		ApplicationName: cfg.ApplicationName,
+		CharmUrl:        cfg.CharmID.URL.String(),
+		Channel:         string(cfg.CharmID.Channel),
+		ForceSeries:     cfg.ForceSeries,
+		ForceUnits:      cfg.ForceUnits,
+		ResourceIDs:     cfg.ResourceIDs,
+	}
+	return c.facade.FacadeCall("SetCharm", args, nil)
+}
+
+// Update updates the application attributes, including charm URL,
+// minimum number of units, settings and constraints.
+func (c *Client) Update(args params.ApplicationUpdate) error {
+	return c.facade.FacadeCall("Update", args, nil)
+}
+
+// AddUnits adds a given number of units to an application using the specified
+// placement directives to assign units to machines.
+func (c *Client) AddUnits(application string, numUnits int, placement []*instance.Placement) ([]string, error) {
+	args := params.AddApplicationUnits{
+		ApplicationName: application,
+		NumUnits:        numUnits,
+		Placement:       placement,
+	}
+	results := new(params.AddApplicationUnitsResults)
+	err := c.facade.FacadeCall("AddUnits", args, results)
+	return results.Units, err
+}
+
+// DestroyUnits decreases the number of units dedicated to an application.
+func (c *Client) DestroyUnits(unitNames ...string) error {
+	params := params.DestroyApplicationUnits{unitNames}
+	return c.facade.FacadeCall("DestroyUnits", params, nil)
+}
+
+// Destroy destroys a given application.
+func (c *Client) Destroy(application string) error {
+	params := params.ApplicationDestroy{
+		ApplicationName: application,
+	}
+	return c.facade.FacadeCall("Destroy", params, nil)
+}
+
+// GetConstraints returns the constraints for the given application.
+func (c *Client) GetConstraints(service string) (constraints.Value, error) {
+	results := new(params.GetConstraintsResults)
+	err := c.facade.FacadeCall("GetConstraints", params.GetApplicationConstraints{service}, results)
+	return results.Constraints, err
+}
+
+// SetConstraints specifies the constraints for the given application.
+func (c *Client) SetConstraints(application string, constraints constraints.Value) error {
+	params := params.SetConstraints{
+		ApplicationName: application,
+		Constraints:     constraints,
+	}
+	return c.facade.FacadeCall("SetConstraints", params, nil)
+}
+
+// Expose changes the juju-managed firewall to expose any ports that
+// were also explicitly marked by units as open.
+func (c *Client) Expose(application string) error {
+	params := params.ApplicationExpose{ApplicationName: application}
+	return c.facade.FacadeCall("Expose", params, nil)
+}
+
+// Unexpose changes the juju-managed firewall to unexpose any ports that
+// were also explicitly marked by units as open.
+func (c *Client) Unexpose(application string) error {
+	params := params.ApplicationUnexpose{ApplicationName: application}
+	return c.facade.FacadeCall("Unexpose", params, nil)
+}
+
+// Get returns the configuration for the named application.
+func (c *Client) Get(application string) (*params.ApplicationGetResults, error) {
+	var results params.ApplicationGetResults
+	params := params.ApplicationGet{ApplicationName: application}
+	err := c.facade.FacadeCall("Get", params, &results)
+	return &results, err
+}
+
+// Set sets configuration options on an application.
+func (c *Client) Set(application string, options map[string]string) error {
+	p := params.ApplicationSet{
+		ApplicationName: application,
+		Options:         options,
+	}
+	return c.facade.FacadeCall("Set", p, nil)
+}
+
+// Unset resets configuration options on an application.
+func (c *Client) Unset(application string, options []string) error {
+	p := params.ApplicationUnset{
+		ApplicationName: application,
+		Options:         options,
+	}
+	return c.facade.FacadeCall("Unset", p, nil)
+}
+
+// CharmRelations returns the application's charms relation names.
+func (c *Client) CharmRelations(application string) ([]string, error) {
+	var results params.ApplicationCharmRelationsResults
+	params := params.ApplicationCharmRelations{ApplicationName: application}
+	err := c.facade.FacadeCall("CharmRelations", params, &results)
+	return results.CharmRelations, err
+}
+
+// AddRelation adds a relation between the specified endpoints and returns the relation info.
+func (c *Client) AddRelation(endpoints ...string) (*params.AddRelationResults, error) {
+	var addRelRes params.AddRelationResults
+	params := params.AddRelation{Endpoints: endpoints}
+	err := c.facade.FacadeCall("AddRelation", params, &addRelRes)
+	return &addRelRes, err
+}
+
+// DestroyRelation removes the relation between the specified endpoints.
+func (c *Client) DestroyRelation(endpoints ...string) error {
+	params := params.DestroyRelation{Endpoints: endpoints}
+	return c.facade.FacadeCall("DestroyRelation", params, nil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/application/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/application/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/application/client_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/application/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,165 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/charmstore"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/instance"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/storage"
+)
+
+type serviceSuite struct {
+	jujutesting.JujuConnSuite
+
+	client *application.Client
+}
+
+var _ = gc.Suite(&serviceSuite{})
+
+func (s *serviceSuite) SetUpTest(c *gc.C) {
+	s.JujuConnSuite.SetUpTest(c)
+	s.client = application.NewClient(s.APIState)
+	c.Assert(s.client, gc.NotNil)
+}
+
+func (s *serviceSuite) TestSetServiceMetricCredentials(c *gc.C) {
+	var called bool
+	application.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
+		called = true
+		c.Assert(request, gc.Equals, "SetMetricCredentials")
+		args, ok := a.(params.ApplicationMetricCredentials)
+		c.Assert(ok, jc.IsTrue)
+		c.Assert(args.Creds, gc.HasLen, 1)
+		c.Assert(args.Creds[0].ApplicationName, gc.Equals, "serviceA")
+		c.Assert(args.Creds[0].MetricCredentials, gc.DeepEquals, []byte("creds 1"))
+
+		result := response.(*params.ErrorResults)
+		result.Results = make([]params.ErrorResult, 1)
+		return nil
+	})
+	err := s.client.SetMetricCredentials("serviceA", []byte("creds 1"))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(called, jc.IsTrue)
+}
+
+func (s *serviceSuite) TestSetServiceMetricCredentialsFails(c *gc.C) {
+	var called bool
+	application.PatchFacadeCall(s, s.client, func(request string, args, response interface{}) error {
+		called = true
+		c.Assert(request, gc.Equals, "SetMetricCredentials")
+		result := response.(*params.ErrorResults)
+		result.Results = make([]params.ErrorResult, 1)
+		result.Results[0].Error = common.ServerError(common.ErrPerm)
+		return result.OneError()
+	})
+	err := s.client.SetMetricCredentials("application", []byte("creds"))
+	c.Assert(err, gc.ErrorMatches, "permission denied")
+	c.Assert(called, jc.IsTrue)
+}
+
+func (s *serviceSuite) TestSetServiceMetricCredentialsNoMocks(c *gc.C) {
+	application := s.Factory.MakeApplication(c, nil)
+	err := s.client.SetMetricCredentials(application.Name(), []byte("creds"))
+	c.Assert(err, jc.ErrorIsNil)
+	err = application.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(application.MetricCredentials(), gc.DeepEquals, []byte("creds"))
+}
+
+func (s *serviceSuite) TestSetServiceDeploy(c *gc.C) {
+	var called bool
+	application.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
+		called = true
+		c.Assert(request, gc.Equals, "Deploy")
+		args, ok := a.(params.ApplicationsDeploy)
+		c.Assert(ok, jc.IsTrue)
+		c.Assert(args.Applications, gc.HasLen, 1)
+		c.Assert(args.Applications[0].CharmUrl, gc.Equals, "cs:trusty/a-charm-1")
+		c.Assert(args.Applications[0].ApplicationName, gc.Equals, "serviceA")
+		c.Assert(args.Applications[0].Series, gc.Equals, "series")
+		c.Assert(args.Applications[0].NumUnits, gc.Equals, 2)
+		c.Assert(args.Applications[0].ConfigYAML, gc.Equals, "configYAML")
+		c.Assert(args.Applications[0].Constraints, gc.DeepEquals, constraints.MustParse("mem=4G"))
+		c.Assert(args.Applications[0].Placement, gc.DeepEquals, []*instance.Placement{{"scope", "directive"}})
+		c.Assert(args.Applications[0].EndpointBindings, gc.DeepEquals, map[string]string{"foo": "bar"})
+		c.Assert(args.Applications[0].Storage, gc.DeepEquals, map[string]storage.Constraints{"data": storage.Constraints{Pool: "pool"}})
+		c.Assert(args.Applications[0].Resources, gc.DeepEquals, map[string]string{"foo": "bar"})
+
+		result := response.(*params.ErrorResults)
+		result.Results = make([]params.ErrorResult, 1)
+		return nil
+	})
+
+	args := application.DeployArgs{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("trusty/a-charm-1"),
+		},
+		ApplicationName:  "serviceA",
+		Series:           "series",
+		NumUnits:         2,
+		ConfigYAML:       "configYAML",
+		Cons:             constraints.MustParse("mem=4G"),
+		Placement:        []*instance.Placement{{"scope", "directive"}},
+		Storage:          map[string]storage.Constraints{"data": storage.Constraints{Pool: "pool"}},
+		Resources:        map[string]string{"foo": "bar"},
+		EndpointBindings: map[string]string{"foo": "bar"},
+	}
+	err := s.client.Deploy(args)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(called, jc.IsTrue)
+}
+
+func (s *serviceSuite) TestServiceGetCharmURL(c *gc.C) {
+	var called bool
+	application.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
+		called = true
+		c.Assert(request, gc.Equals, "GetCharmURL")
+		args, ok := a.(params.ApplicationGet)
+		c.Assert(ok, jc.IsTrue)
+		c.Assert(args.ApplicationName, gc.Equals, "application")
+
+		result := response.(*params.StringResult)
+		result.Result = "curl"
+		return nil
+	})
+	curl, err := s.client.GetCharmURL("application")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(curl, gc.DeepEquals, charm.MustParseURL("curl"))
+	c.Assert(called, jc.IsTrue)
+}
+
+func (s *serviceSuite) TestServiceSetCharm(c *gc.C) {
+	var called bool
+	application.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
+		called = true
+		c.Assert(request, gc.Equals, "SetCharm")
+		args, ok := a.(params.ApplicationSetCharm)
+		c.Assert(ok, jc.IsTrue)
+		c.Assert(args.ApplicationName, gc.Equals, "application")
+		c.Assert(args.CharmUrl, gc.Equals, "cs:trusty/application-1")
+		c.Assert(args.ForceSeries, gc.Equals, true)
+		c.Assert(args.ForceUnits, gc.Equals, true)
+		return nil
+	})
+	cfg := application.SetCharmConfig{
+		ApplicationName: "application",
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("trusty/application-1"),
+		},
+		ForceSeries: true,
+		ForceUnits:  true,
+	}
+	err := s.client.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(called, jc.IsTrue)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/application/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/application/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/application/export_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/application/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,15 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/juju/api/base/testing"
+)
+
+// PatchFacadeCall patches the State's facade such that
+// FacadeCall method calls are diverted to the provided
+// function.
+func PatchFacadeCall(p testing.Patcher, client *Client, f func(request string, params, response interface{}) error) {
+	testing.PatchFacadeCall(p, &client.facade, f)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/application/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/application/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/application/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/application/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	stdtesting "testing"
+
+	"github.com/juju/juju/testing"
+)
+
+func TestAll(t *stdtesting.T) {
+	testing.MgoTestPackage(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/applicationscaler/api.go juju-core-2.0~beta12/src/github.com/juju/juju/api/applicationscaler/api.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/applicationscaler/api.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/applicationscaler/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/watcher"
+)
+
+var logger = loggo.GetLogger("juju.api.applicationscaler")
+
+// NewWatcherFunc exists to let us test Watch properly.
+type NewWatcherFunc func(base.APICaller, params.StringsWatchResult) watcher.StringsWatcher
+
+// API makes calls to the ApplicationScaler facade.
+type API struct {
+	caller     base.FacadeCaller
+	newWatcher NewWatcherFunc
+}
+
+// NewAPI returns a new API using the supplied caller.
+func NewAPI(caller base.APICaller, newWatcher NewWatcherFunc) *API {
+	return &API{
+		caller:     base.NewFacadeCaller(caller, "ApplicationScaler"),
+		newWatcher: newWatcher,
+	}
+}
+
+// Watch returns a StringsWatcher that delivers the names of services
+// that may need to be rescaled.
+func (api *API) Watch() (watcher.StringsWatcher, error) {
+	var result params.StringsWatchResult
+	err := api.caller.FacadeCall("Watch", nil, &result)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if result.Error != nil {
+		return nil, errors.Trace(result.Error)
+	}
+	w := api.newWatcher(api.caller.RawAPICaller(), result)
+	return w, nil
+}
+
+// Rescale requests that all supplied service names be rescaled to
+// their minimum configured sizes. It returns the first error it
+// encounters.
+func (api *API) Rescale(services []string) error {
+	args := params.Entities{
+		Entities: make([]params.Entity, len(services)),
+	}
+	for i, service := range services {
+		if !names.IsValidApplication(service) {
+			return errors.NotValidf("application name %q", service)
+		}
+		tag := names.NewApplicationTag(service)
+		args.Entities[i].Tag = tag.String()
+	}
+	var results params.ErrorResults
+	err := api.caller.FacadeCall("Rescale", args, &results)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	for _, result := range results.Results {
+		if result.Error != nil {
+			if err == nil {
+				err = result.Error
+			} else {
+				logger.Errorf("additional rescale error: %v", err)
+			}
+		}
+	}
+	return errors.Trace(err)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/applicationscaler/api_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/applicationscaler/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/applicationscaler/api_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/applicationscaler/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,172 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/api/applicationscaler"
+	"github.com/juju/juju/api/base"
+	apitesting "github.com/juju/juju/api/base/testing"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/watcher"
+)
+
+type APISuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&APISuite{})
+
+func (s *APISuite) TestRescaleMethodName(c *gc.C) {
+	var called bool
+	caller := apiCaller(c, func(request string, _, _ interface{}) error {
+		called = true
+		c.Check(request, gc.Equals, "Rescale")
+		return nil
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	api.Rescale(nil)
+	c.Check(called, jc.IsTrue)
+}
+
+func (s *APISuite) TestRescaleBadArgs(c *gc.C) {
+	caller := apiCaller(c, func(_ string, _, _ interface{}) error {
+		panic("should not be called")
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	err := api.Rescale([]string{"good-name", "bad/name"})
+	c.Check(err, gc.ErrorMatches, `application name "bad/name" not valid`)
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+}
+
+func (s *APISuite) TestRescaleConvertArgs(c *gc.C) {
+	var called bool
+	caller := apiCaller(c, func(_ string, arg, _ interface{}) error {
+		called = true
+		c.Check(arg, gc.DeepEquals, params.Entities{
+			Entities: []params.Entity{{
+				"application-foo",
+			}, {
+				"application-bar-baz",
+			}},
+		})
+		return nil
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	api.Rescale([]string{"foo", "bar-baz"})
+	c.Check(called, jc.IsTrue)
+}
+
+func (s *APISuite) TestRescaleCallError(c *gc.C) {
+	caller := apiCaller(c, func(_ string, _, _ interface{}) error {
+		return errors.New("snorble flip")
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	err := api.Rescale(nil)
+	c.Check(err, gc.ErrorMatches, "snorble flip")
+}
+
+func (s *APISuite) TestRescaleFirstError(c *gc.C) {
+	caller := apiCaller(c, func(_ string, _, result interface{}) error {
+		resultPtr, ok := result.(*params.ErrorResults)
+		c.Assert(ok, jc.IsTrue)
+		*resultPtr = params.ErrorResults{Results: []params.ErrorResult{{
+			nil,
+		}, {
+			&params.Error{Message: "expect this error"},
+		}, {
+			&params.Error{Message: "not this one"},
+		}, {
+			nil,
+		}}}
+		return nil
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	err := api.Rescale(nil)
+	c.Check(err, gc.ErrorMatches, "expect this error")
+}
+
+func (s *APISuite) TestRescaleNoError(c *gc.C) {
+	caller := apiCaller(c, func(_ string, _, _ interface{}) error {
+		return nil
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	err := api.Rescale(nil)
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *APISuite) TestWatchMethodName(c *gc.C) {
+	var called bool
+	caller := apiCaller(c, func(request string, _, _ interface{}) error {
+		called = true
+		c.Check(request, gc.Equals, "Watch")
+		return errors.New("irrelevant")
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	api.Watch()
+	c.Check(called, jc.IsTrue)
+}
+
+func (s *APISuite) TestWatchError(c *gc.C) {
+	var called bool
+	caller := apiCaller(c, func(request string, _, _ interface{}) error {
+		called = true
+		c.Check(request, gc.Equals, "Watch")
+		return errors.New("blam pow")
+	})
+	api := applicationscaler.NewAPI(caller, nil)
+
+	watcher, err := api.Watch()
+	c.Check(watcher, gc.IsNil)
+	c.Check(err, gc.ErrorMatches, "blam pow")
+	c.Check(called, jc.IsTrue)
+}
+
+func (s *APISuite) TestWatchSuccess(c *gc.C) {
+	expectResult := params.StringsWatchResult{
+		StringsWatcherId: "123",
+		Changes:          []string{"ping", "pong", "pung"},
+	}
+	caller := apiCaller(c, func(_ string, _, result interface{}) error {
+		resultPtr, ok := result.(*params.StringsWatchResult)
+		c.Assert(ok, jc.IsTrue)
+		*resultPtr = expectResult
+		return nil
+	})
+	expectWatcher := &stubWatcher{}
+	newWatcher := func(gotCaller base.APICaller, gotResult params.StringsWatchResult) watcher.StringsWatcher {
+		c.Check(gotCaller, gc.NotNil) // uncomparable
+		c.Check(gotResult, jc.DeepEquals, expectResult)
+		return expectWatcher
+	}
+	api := applicationscaler.NewAPI(caller, newWatcher)
+
+	watcher, err := api.Watch()
+	c.Check(watcher, gc.Equals, expectWatcher)
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func apiCaller(c *gc.C, check func(request string, arg, result interface{}) error) base.APICaller {
+	return apitesting.APICallerFunc(func(facade string, version int, id, request string, arg, result interface{}) error {
+		c.Check(facade, gc.Equals, "ApplicationScaler")
+		c.Check(version, gc.Equals, 0)
+		c.Check(id, gc.Equals, "")
+		return check(request, arg, result)
+	})
+}
+
+type stubWatcher struct {
+	watcher.StringsWatcher
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/applicationscaler/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/applicationscaler/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/applicationscaler/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/applicationscaler/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestPackage(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/download_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/download_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/download_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/download_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,7 +27,7 @@
 	backupsState := backups.NewBackups(store)
 
 	r := strings.NewReader("<compressed archive data>")
-	meta, err := backups.NewMetadataState(s.State, "0")
+	meta, err := backups.NewMetadataState(s.State, "0", "xenial")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(meta.CACert, gc.Equals, testing.CACert)
 	c.Assert(meta.CAPrivateKey, gc.Equals, testing.CAKey)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package backups_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/restore.go juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/restore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/restore.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/restore.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,7 +23,7 @@
 	// the server is upgrading.
 	restoreStrategy = utils.AttemptStrategy{
 		Delay: 10 * time.Second,
-		Min:   10,
+		Min:   1,
 	}
 )
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/upload.go juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/upload.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/backups/upload.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/backups/upload.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,7 +29,7 @@
 		return "", errors.Annotatef(err, "cannot create multipart body")
 	}
 	req.Header.Set("Content-Type", contentType)
-	var result params.BackupsMetadataResult
+	var result params.BackupsUploadResult
 	if err := c.client.Do(req, body, &result); err != nil {
 		return "", errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/base/caller.go juju-core-2.0~beta12/src/github.com/juju/juju/api/base/caller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/base/caller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/base/caller.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/httprequest"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // OldAgentError is returned when an api call is not supported
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/base/testing/apicaller.go juju-core-2.0~beta12/src/github.com/juju/juju/api/base/testing/apicaller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/base/testing/apicaller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/base/testing/apicaller.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/httprequest"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	coretesting "github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/charms/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/charms/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/charms/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/charms/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,6 +5,11 @@
 package charms
 
 import (
+	"github.com/juju/errors"
+	"github.com/juju/version"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charm.v6-unstable/resource"
+
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
 )
@@ -23,10 +28,255 @@
 
 // IsMetered returns whether or not the charm is metered.
 func (c *Client) IsMetered(charmURL string) (bool, error) {
-	args := params.CharmInfo{CharmURL: charmURL}
+	args := params.CharmURL{URL: charmURL}
 	var metered params.IsMeteredResult
 	if err := c.facade.FacadeCall("IsMetered", args, &metered); err != nil {
-		return false, err
+		return false, errors.Trace(err)
 	}
 	return metered.Metered, nil
 }
+
+// CharmInfo holds information about a charm.
+type CharmInfo struct {
+	Revision int
+	URL      string
+	Config   *charm.Config
+	Meta     *charm.Meta
+	Actions  *charm.Actions
+	Metrics  *charm.Metrics
+}
+
+// CharmInfo returns information about the requested charm.
+func (c *Client) CharmInfo(charmURL string) (*CharmInfo, error) {
+	args := params.CharmURL{URL: charmURL}
+	info := new(params.CharmInfo)
+	if err := c.facade.FacadeCall("CharmInfo", args, info); err != nil {
+		return nil, errors.Trace(err)
+	}
+	meta, err := convertCharmMeta(info.Meta)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	result := &CharmInfo{
+		Revision: info.Revision,
+		URL:      info.URL,
+		Config:   convertCharmConfig(info.Config),
+		Meta:     meta,
+		Actions:  convertCharmActions(info.Actions),
+		Metrics:  convertCharmMetrics(info.Metrics),
+	}
+	return result, nil
+}
+
+func convertCharmConfig(config map[string]params.CharmOption) *charm.Config {
+	if len(config) == 0 {
+		return nil
+	}
+	result := &charm.Config{
+		Options: make(map[string]charm.Option),
+	}
+	for key, value := range config {
+		result.Options[key] = convertCharmOption(value)
+	}
+	return result
+}
+
+func convertCharmOption(opt params.CharmOption) charm.Option {
+	return charm.Option{
+		Type:        opt.Type,
+		Description: opt.Description,
+		Default:     opt.Default,
+	}
+}
+
+func convertCharmMeta(meta *params.CharmMeta) (*charm.Meta, error) {
+	if meta == nil {
+		return nil, nil
+	}
+	minVersion, err := version.Parse(meta.MinJujuVersion)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	resources, err := convertCharmResourceMetaMap(meta.Resources)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	result := &charm.Meta{
+		Name:           meta.Name,
+		Summary:        meta.Summary,
+		Description:    meta.Description,
+		Subordinate:    meta.Subordinate,
+		Provides:       convertCharmRelationMap(meta.Provides),
+		Requires:       convertCharmRelationMap(meta.Requires),
+		Peers:          convertCharmRelationMap(meta.Peers),
+		ExtraBindings:  convertCharmExtraBindingMap(meta.ExtraBindings),
+		Categories:     meta.Categories,
+		Tags:           meta.Tags,
+		Series:         meta.Series,
+		Storage:        convertCharmStorageMap(meta.Storage),
+		PayloadClasses: convertCharmPayloadClassMap(meta.PayloadClasses),
+		Resources:      resources,
+		Terms:          meta.Terms,
+		MinJujuVersion: minVersion,
+	}
+	return result, nil
+}
+
+func convertCharmRelationMap(relations map[string]params.CharmRelation) map[string]charm.Relation {
+	if len(relations) == 0 {
+		return nil
+	}
+	result := make(map[string]charm.Relation)
+	for key, value := range relations {
+		result[key] = convertCharmRelation(value)
+	}
+	return result
+}
+
+func convertCharmRelation(relation params.CharmRelation) charm.Relation {
+	return charm.Relation{
+		Name:      relation.Name,
+		Role:      charm.RelationRole(relation.Role),
+		Interface: relation.Interface,
+		Optional:  relation.Optional,
+		Limit:     relation.Limit,
+		Scope:     charm.RelationScope(relation.Scope),
+	}
+}
+
+func convertCharmStorageMap(storage map[string]params.CharmStorage) map[string]charm.Storage {
+	if len(storage) == 0 {
+		return nil
+	}
+	result := make(map[string]charm.Storage)
+	for key, value := range storage {
+		result[key] = convertCharmStorage(value)
+	}
+	return result
+}
+
+func convertCharmStorage(storage params.CharmStorage) charm.Storage {
+	return charm.Storage{
+		Name:        storage.Name,
+		Description: storage.Description,
+		Type:        charm.StorageType(storage.Type),
+		Shared:      storage.Shared,
+		ReadOnly:    storage.ReadOnly,
+		CountMin:    storage.CountMin,
+		CountMax:    storage.CountMax,
+		MinimumSize: storage.MinimumSize,
+		Location:    storage.Location,
+		Properties:  storage.Properties,
+	}
+}
+
+func convertCharmPayloadClassMap(payload map[string]params.CharmPayloadClass) map[string]charm.PayloadClass {
+	if len(payload) == 0 {
+		return nil
+	}
+	result := make(map[string]charm.PayloadClass)
+	for key, value := range payload {
+		result[key] = convertCharmPayloadClass(value)
+	}
+	return result
+}
+
+func convertCharmPayloadClass(payload params.CharmPayloadClass) charm.PayloadClass {
+	return charm.PayloadClass{
+		Name: payload.Name,
+		Type: payload.Type,
+	}
+}
+
+func convertCharmResourceMetaMap(resources map[string]params.CharmResourceMeta) (map[string]resource.Meta, error) {
+	if len(resources) == 0 {
+		return nil, nil
+	}
+	result := make(map[string]resource.Meta)
+	for key, value := range resources {
+		converted, err := convertCharmResourceMeta(value)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		result[key] = converted
+	}
+	return result, nil
+}
+
+func convertCharmResourceMeta(meta params.CharmResourceMeta) (resource.Meta, error) {
+	resourceType, err := resource.ParseType(meta.Type)
+	if err != nil {
+		return resource.Meta{}, errors.Trace(err)
+	}
+	return resource.Meta{
+		Name:        meta.Name,
+		Type:        resourceType,
+		Path:        meta.Path,
+		Description: meta.Description,
+	}, nil
+}
+
+func convertCharmActions(actions *params.CharmActions) *charm.Actions {
+	if actions == nil {
+		return nil
+	}
+	return &charm.Actions{
+		ActionSpecs: convertCharmActionSpecMap(actions.ActionSpecs),
+	}
+}
+
+func convertCharmActionSpecMap(specs map[string]params.CharmActionSpec) map[string]charm.ActionSpec {
+	if len(specs) == 0 {
+		return nil
+	}
+	result := make(map[string]charm.ActionSpec)
+	for key, value := range specs {
+		result[key] = convertCharmActionSpec(value)
+	}
+	return result
+}
+
+func convertCharmActionSpec(spec params.CharmActionSpec) charm.ActionSpec {
+	return charm.ActionSpec{
+		Description: spec.Description,
+		Params:      spec.Params,
+	}
+}
+
+func convertCharmMetrics(metrics *params.CharmMetrics) *charm.Metrics {
+	if metrics == nil {
+		return nil
+	}
+	return &charm.Metrics{
+		Metrics: convertCharmMetricMap(metrics.Metrics),
+	}
+}
+
+func convertCharmMetricMap(metrics map[string]params.CharmMetric) map[string]charm.Metric {
+	if len(metrics) == 0 {
+		return nil
+	}
+	result := make(map[string]charm.Metric)
+	for key, value := range metrics {
+		result[key] = convertCharmMetric(value)
+	}
+	return result
+}
+
+func convertCharmMetric(metric params.CharmMetric) charm.Metric {
+	return charm.Metric{
+		Type:        charm.MetricType(metric.Type),
+		Description: metric.Description,
+	}
+}
+
+func convertCharmExtraBindingMap(bindings map[string]string) map[string]charm.ExtraBinding {
+	if len(bindings) == 0 {
+		return nil
+	}
+	result := make(map[string]charm.ExtraBinding)
+	for key, value := range bindings {
+		result[key] = charm.ExtraBinding{value}
+	}
+	return result
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/charms/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/charms/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/charms/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/charms/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,9 +36,9 @@
 			c.Check(id, gc.Equals, "")
 			c.Check(request, gc.Equals, "IsMetered")
 
-			args, ok := a.(params.CharmInfo)
+			args, ok := a.(params.CharmURL)
 			c.Assert(ok, jc.IsTrue)
-			c.Assert(args.CharmURL, gc.DeepEquals, curl)
+			c.Assert(args.URL, gc.DeepEquals, curl)
 			return nil
 		})
 	charmsClient := charms.NewClient(apiCaller)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,18 +14,20 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/version"
 	"golang.org/x/net/websocket"
 	"gopkg.in/juju/charm.v6-unstable"
 	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/downloader"
+	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/network"
+	"github.com/juju/juju/status"
 	"github.com/juju/juju/tools"
 )
 
@@ -49,18 +51,50 @@
 // StatusHistory retrieves the last <size> results of
 // <kind:combined|agent|workload|machine|machineinstance|container|containerinstance> status
 // for <name> unit
-func (c *Client) StatusHistory(kind params.HistoryKind, name string, size int) (*params.StatusHistoryResults, error) {
+func (c *Client) StatusHistory(kind status.HistoryKind, tag names.Tag, filter status.StatusHistoryFilter) (status.History, error) {
 	var results params.StatusHistoryResults
-	args := params.StatusHistoryArgs{
-		Kind: kind,
-		Size: size,
-		Name: name,
+	args := params.StatusHistoryRequest{
+		Kind: string(kind),
+		Filter: params.StatusHistoryFilter{
+			Size:  filter.Size,
+			Date:  filter.Date,
+			Delta: filter.Delta,
+		},
+		Tag: tag.String(),
 	}
-	err := c.facade.FacadeCall("StatusHistory", args, &results)
+	bulkArgs := params.StatusHistoryRequests{Requests: []params.StatusHistoryRequest{args}}
+	err := c.facade.FacadeCall("StatusHistory", bulkArgs, &results)
 	if err != nil {
-		return &params.StatusHistoryResults{}, errors.Trace(err)
+		return status.History{}, errors.Trace(err)
+	}
+	if len(results.Results) != 1 {
+		return status.History{}, errors.Errorf("expected 1 result got %d", len(results.Results))
+	}
+	if results.Results[0].Error != nil {
+		return status.History{}, errors.Annotatef(results.Results[0].Error, "while processing the request")
+	}
+	history := make(status.History, len(results.Results[0].History.Statuses))
+	if results.Results[0].History.Error != nil {
+		return status.History{}, results.Results[0].History.Error
+	}
+	for i, h := range results.Results[0].History.Statuses {
+		history[i] = status.DetailedStatus{
+			Status:  status.Status(h.Status),
+			Info:    h.Info,
+			Data:    h.Data,
+			Since:   h.Since,
+			Kind:    status.HistoryKind(h.Kind),
+			Version: h.Version,
+			// TODO(perrito666) make sure these are still used.
+			Life: h.Life,
+			Err:  h.Err,
+		}
+		// TODO(perrito666) https://launchpad.net/bugs/1577589
+		if !history[i].Kind.Valid() {
+			logger.Errorf("history returned an unknown status kind %q", h.Kind)
+		}
 	}
-	return &results, nil
+	return history, nil
 }
 
 // Resolved clears errors on a unit.
@@ -150,25 +184,6 @@
 	return c.facade.FacadeCall("SetModelConstraints", params, nil)
 }
 
-// CharmInfo holds information about a charm.
-type CharmInfo struct {
-	Revision int
-	URL      string
-	Config   *charm.Config
-	Meta     *charm.Meta
-	Actions  *charm.Actions
-}
-
-// CharmInfo returns information about the requested charm.
-func (c *Client) CharmInfo(charmURL string) (*CharmInfo, error) {
-	args := params.CharmInfo{CharmURL: charmURL}
-	info := new(CharmInfo)
-	if err := c.facade.FacadeCall("CharmInfo", args, info); err != nil {
-		return nil, err
-	}
-	return info, nil
-}
-
 // ModelInfo returns details about the Juju model.
 func (c *Client) ModelInfo() (params.ModelInfo, error) {
 	var info params.ModelInfo
@@ -177,13 +192,12 @@
 }
 
 // ModelUUID returns the model UUID from the client connection.
-func (c *Client) ModelUUID() string {
+func (c *Client) ModelUUID() (string, error) {
 	tag, err := c.st.ModelTag()
 	if err != nil {
-		logger.Warningf("model tag not an model: %v", err)
-		return ""
+		return "", errors.Annotate(err, "model tag not an model")
 	}
-	return tag.Id()
+	return tag.Id(), nil
 }
 
 // ModelUserInfo returns information on all users in the model.
@@ -204,16 +218,11 @@
 	return info, nil
 }
 
-// WatchAll holds the id of the newly-created AllWatcher/AllModelWatcher.
-type WatchAll struct {
-	AllWatcherId string
-}
-
 // WatchAll returns an AllWatcher, from which you can request the Next
 // collection of Deltas.
 func (c *Client) WatchAll() (*AllWatcher, error) {
-	info := new(WatchAll)
-	if err := c.facade.FacadeCall("WatchAll", nil, info); err != nil {
+	var info params.AllWatcherId
+	if err := c.facade.FacadeCall("WatchAll", nil, &info); err != nil {
 		return nil, err
 	}
 	return NewAllWatcher(c.st, &info.AllWatcherId), nil
@@ -231,7 +240,26 @@
 func (c *Client) ModelGet() (map[string]interface{}, error) {
 	result := params.ModelConfigResults{}
 	err := c.facade.FacadeCall("ModelGet", nil, &result)
-	return result.Config, err
+	values := make(map[string]interface{})
+	for name, val := range result.Config {
+		values[name] = val.Value
+	}
+	return values, err
+}
+
+// ModelGetWithMetadata returns all model settings along with extra
+// metadata like the source of the setting value.
+func (c *Client) ModelGetWithMetadata() (config.ConfigValues, error) {
+	result := params.ModelConfigResults{}
+	err := c.facade.FacadeCall("ModelGet", nil, &result)
+	values := make(config.ConfigValues)
+	for name, val := range result.Config {
+		values[name] = config.ConfigValue{
+			Value:  val.Value,
+			Source: val.Source,
+		}
+	}
+	return values, err
 }
 
 // ModelSet sets the given key-value pairs in the model.
@@ -271,14 +299,6 @@
 	return result, err
 }
 
-// DestroyModel puts the model into a "dying" state,
-// and removes all non-manager machine instances. DestroyModel
-// will fail if there are any manually-provisioned non-manager machines
-// in state.
-func (c *Client) DestroyModel() error {
-	return c.facade.FacadeCall("DestroyModel", nil, nil)
-}
-
 // AddLocalCharm prepares the given charm with a local: schema in its
 // URL, and uploads it via the API server, returning the assigned
 // charm URL.
@@ -411,7 +431,7 @@
 // ResolveCharm resolves the best available charm URLs with series, for charm
 // locations without a series specified.
 func (c *Client) ResolveCharm(ref *charm.URL) (*charm.URL, error) {
-	args := params.ResolveCharms{References: []charm.URL{*ref}}
+	args := params.ResolveCharms{References: []string{ref.String()}}
 	result := new(params.ResolveCharmResults)
 	if err := c.facade.FacadeCall("ResolveCharms", args, result); err != nil {
 		return nil, err
@@ -423,7 +443,11 @@
 	if urlInfo.Error != "" {
 		return nil, errors.New(urlInfo.Error)
 	}
-	return urlInfo.URL, nil
+	url, err := charm.ParseURL(urlInfo.URL)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return url, nil
 }
 
 // OpenCharm streams out the identified charm from the controller via
@@ -543,6 +567,8 @@
 	return websocket.JSON.Send(c.Conn, v)
 }
 
+// TODO(ericsnow) Fold DebugLogParams into params.LogStreamConfig.
+
 // DebugLogParams holds parameters for WatchDebugLog that control the
 // filtering of the log messages. If the structure is zero initialized, the
 // entire log file is sent back starting from the end, and until the user
@@ -580,20 +606,7 @@
 	NoTail bool
 }
 
-// WatchDebugLog returns a ReadCloser that the caller can read the log
-// lines from. Only log lines that match the filtering specified in
-// the DebugLogParams are returned. It returns an error that satisfies
-// errors.IsNotImplemented when the API server does not support the
-// end-point.
-func (c *Client) WatchDebugLog(args DebugLogParams) (io.ReadCloser, error) {
-	// The websocket connection just hangs if the server doesn't have the log
-	// end point. So do a version check, as version was added at the same time
-	// as the remote end point.
-	_, err := c.AgentVersion()
-	if err != nil {
-		return nil, errors.NotSupportedf("WatchDebugLog")
-	}
-	// Prepare URL query attributes.
+func (args DebugLogParams) URLQuery() url.Values {
 	attrs := url.Values{
 		"includeEntity": args.IncludeEntity,
 		"includeModule": args.IncludeModule,
@@ -615,6 +628,24 @@
 	if args.Level != loggo.UNSPECIFIED {
 		attrs.Set("level", fmt.Sprint(args.Level))
 	}
+	return attrs
+}
+
+// WatchDebugLog returns a ReadCloser that the caller can read the log
+// lines from. Only log lines that match the filtering specified in
+// the DebugLogParams are returned. It returns an error that satisfies
+// errors.IsNotImplemented when the API server does not support the
+// end-point.
+func (c *Client) WatchDebugLog(args DebugLogParams) (io.ReadCloser, error) {
+	// The websocket connection just hangs if the server doesn't have the log
+	// end point. So do a version check, as version was added at the same time
+	// as the remote end point.
+	_, err := c.AgentVersion()
+	if err != nil {
+		return nil, errors.NotSupportedf("WatchDebugLog")
+	}
+	// Prepare URL query attributes.
+	attrs := args.URLQuery()
 
 	connection, err := c.st.ConnectStream("/log", attrs)
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,12 +18,12 @@
 	"github.com/juju/errors"
 	"github.com/juju/httprequest"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	"golang.org/x/net/websocket"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
@@ -295,7 +295,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	client := s.APIState.Client()
-	c.Assert(client.ModelUUID(), gc.Equals, environ.Tag().Id())
+	uuid, err := client.ModelUUID()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(uuid, gc.Equals, environ.Tag().Id())
 }
 
 func (s *clientSuite) TestClientEnvironmentUsers(c *gc.C) {
@@ -328,22 +330,6 @@
 	})
 }
 
-func (s *clientSuite) TestDestroyEnvironment(c *gc.C) {
-	client := s.APIState.Client()
-	var called bool
-	cleanup := api.PatchClientFacadeCall(client,
-		func(req string, args interface{}, resp interface{}) error {
-			c.Assert(req, gc.Equals, "DestroyModel")
-			called = true
-			return nil
-		})
-	defer cleanup()
-
-	err := client.DestroyModel()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(called, jc.IsTrue)
-}
-
 func (s *clientSuite) TestWatchDebugLogConnected(c *gc.C) {
 	client := s.APIState.Client()
 	// Use the no tail option so we don't try to start a tailing cursor
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/cloud/cloud.go juju-core-2.0~beta12/src/github.com/juju/juju/api/cloud/cloud.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/cloud/cloud.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/cloud/cloud.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,142 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud
+
+import (
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/errors"
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/apiserver/params"
+	jujucloud "github.com/juju/juju/cloud"
+)
+
+// Client provides methods that the Juju client command uses to interact
+// with models stored in the Juju Server.
+type Client struct {
+	base.ClientFacade
+	facade base.FacadeCaller
+}
+
+// NewClient creates a new `Client` based on an existing authenticated API
+// connection.
+func NewClient(st base.APICallCloser) *Client {
+	frontend, backend := base.NewClientFacade(st, "Cloud")
+	return &Client{ClientFacade: frontend, facade: backend}
+}
+
+// Cloud returns the details of the cloud with the given tag.
+func (c *Client) Cloud(tag names.CloudTag) (jujucloud.Cloud, error) {
+	var results params.CloudResults
+	args := params.Entities{[]params.Entity{{tag.String()}}}
+	if err := c.facade.FacadeCall("Cloud", args, &results); err != nil {
+		return jujucloud.Cloud{}, errors.Trace(err)
+	}
+	if len(results.Results) != 1 {
+		return jujucloud.Cloud{}, errors.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	if results.Results[0].Error != nil {
+		return jujucloud.Cloud{}, results.Results[0].Error
+	}
+	result := results.Results[0].Cloud
+	authTypes := make([]jujucloud.AuthType, len(result.AuthTypes))
+	for i, authType := range result.AuthTypes {
+		authTypes[i] = jujucloud.AuthType(authType)
+	}
+	regions := make([]jujucloud.Region, len(result.Regions))
+	for i, region := range result.Regions {
+		regions[i] = jujucloud.Region{
+			Name:            region.Name,
+			Endpoint:        region.Endpoint,
+			StorageEndpoint: region.StorageEndpoint,
+		}
+	}
+	return jujucloud.Cloud{
+		Type:            result.Type,
+		AuthTypes:       authTypes,
+		Endpoint:        result.Endpoint,
+		StorageEndpoint: result.StorageEndpoint,
+		Regions:         regions,
+	}, nil
+}
+
+// CloudDefaults returns the cloud defaults for the given users.
+func (c *Client) CloudDefaults(user names.UserTag) (jujucloud.Defaults, error) {
+	var results params.CloudDefaultsResults
+	args := params.Entities{[]params.Entity{{user.String()}}}
+	if err := c.facade.FacadeCall("CloudDefaults", args, &results); err != nil {
+		return jujucloud.Defaults{}, errors.Trace(err)
+	}
+	if len(results.Results) != 1 {
+		return jujucloud.Defaults{}, errors.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	if results.Results[0].Error != nil {
+		return jujucloud.Defaults{}, results.Results[0].Error
+	}
+	result := results.Results[0].Result
+	cloudTag, err := names.ParseCloudTag(result.CloudTag)
+	if err != nil {
+		return jujucloud.Defaults{}, errors.Trace(err)
+	}
+	return jujucloud.Defaults{
+		Cloud:      cloudTag.Id(),
+		Region:     result.CloudRegion,
+		Credential: result.CloudCredential,
+	}, nil
+}
+
+// Credentials returns the cloud credentials for the user and cloud with
+// the given tags.
+func (c *Client) Credentials(user names.UserTag, cloud names.CloudTag) (map[string]jujucloud.Credential, error) {
+	var results params.CloudCredentialsResults
+	args := params.UserClouds{[]params.UserCloud{
+		{UserTag: user.String(), CloudTag: cloud.String()},
+	}}
+	if err := c.facade.FacadeCall("Credentials", args, &results); err != nil {
+		return nil, errors.Trace(err)
+	}
+	if len(results.Results) != 1 {
+		return nil, errors.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	if results.Results[0].Error != nil {
+		return nil, results.Results[0].Error
+	}
+	credentials := make(map[string]jujucloud.Credential)
+	for name, credential := range results.Results[0].Credentials {
+		credentials[name] = jujucloud.NewCredential(
+			jujucloud.AuthType(credential.AuthType),
+			credential.Attributes,
+		)
+	}
+	return credentials, nil
+}
+
+// UpdateCredentials updates the cloud credentials for the user and cloud with
+// the given tags. Exiting credentials that are not named in the map will be
+// untouched.
+func (c *Client) UpdateCredentials(user names.UserTag, cloud names.CloudTag, credentials map[string]jujucloud.Credential) error {
+	var results params.ErrorResults
+	paramsCredentials := make(map[string]params.CloudCredential)
+	for name, credential := range credentials {
+		paramsCredentials[name] = params.CloudCredential{
+			AuthType:   string(credential.AuthType()),
+			Attributes: credential.Attributes(),
+		}
+	}
+	args := params.UsersCloudCredentials{[]params.UserCloudCredentials{{
+		UserTag:     user.String(),
+		CloudTag:    cloud.String(),
+		Credentials: paramsCredentials,
+	}}}
+	if err := c.facade.FacadeCall("UpdateCredentials", args, &results); err != nil {
+		return errors.Trace(err)
+	}
+	if len(results.Results) != 1 {
+		return errors.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	if results.Results[0].Error != nil {
+		return results.Results[0].Error
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/cloud/cloud_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/cloud/cloud_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/cloud/cloud_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/cloud/cloud_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,189 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud_test
+
+import (
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	basetesting "github.com/juju/juju/api/base/testing"
+	cloudapi "github.com/juju/juju/api/cloud"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloud"
+)
+
+type cloudSuite struct {
+	gitjujutesting.IsolationSuite
+}
+
+var _ = gc.Suite(&cloudSuite{})
+
+func (s *cloudSuite) TestCloud(c *gc.C) {
+	apiCaller := basetesting.APICallerFunc(
+		func(objType string,
+			version int,
+			id, request string,
+			a, result interface{},
+		) error {
+			c.Check(objType, gc.Equals, "Cloud")
+			c.Check(id, gc.Equals, "")
+			c.Check(request, gc.Equals, "Cloud")
+			c.Check(a, jc.DeepEquals, params.Entities{
+				[]params.Entity{{"cloud-foo"}},
+			})
+			c.Assert(result, gc.FitsTypeOf, &params.CloudResults{})
+			results := result.(*params.CloudResults)
+			results.Results = append(results.Results, params.CloudResult{
+				Cloud: &params.Cloud{
+					Type:      "dummy",
+					AuthTypes: []string{"empty", "userpass"},
+					Regions:   []params.CloudRegion{{Name: "nether", Endpoint: "endpoint"}},
+				},
+			})
+			return nil
+		},
+	)
+
+	client := cloudapi.NewClient(apiCaller)
+	result, err := client.Cloud(names.NewCloudTag("foo"))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result, jc.DeepEquals, cloud.Cloud{
+		Type:      "dummy",
+		AuthTypes: []cloud.AuthType{cloud.EmptyAuthType, cloud.UserPassAuthType},
+		Regions:   []cloud.Region{{Name: "nether", Endpoint: "endpoint"}},
+	})
+}
+
+func (s *cloudSuite) TestCloudDefaults(c *gc.C) {
+	apiCaller := basetesting.APICallerFunc(
+		func(objType string,
+			version int,
+			id, request string,
+			a, result interface{},
+		) error {
+			c.Check(objType, gc.Equals, "Cloud")
+			c.Check(id, gc.Equals, "")
+			c.Check(request, gc.Equals, "CloudDefaults")
+			c.Check(a, jc.DeepEquals, params.Entities{
+				[]params.Entity{{"user-bob"}},
+			})
+			c.Assert(result, gc.FitsTypeOf, &params.CloudDefaultsResults{})
+			results := result.(*params.CloudDefaultsResults)
+			results.Results = append(results.Results, params.CloudDefaultsResult{
+				Result: &params.CloudDefaults{
+					CloudTag:        "cloud-foo",
+					CloudRegion:     "some-region",
+					CloudCredential: "some-credential",
+				},
+			})
+			return nil
+		},
+	)
+
+	client := cloudapi.NewClient(apiCaller)
+	result, err := client.CloudDefaults(names.NewUserTag("bob"))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result, jc.DeepEquals, cloud.Defaults{
+		Cloud:      "foo",
+		Region:     "some-region",
+		Credential: "some-credential",
+	})
+}
+
+func (s *cloudSuite) TestCredentials(c *gc.C) {
+	apiCaller := basetesting.APICallerFunc(
+		func(objType string,
+			version int,
+			id, request string,
+			a, result interface{},
+		) error {
+			c.Check(objType, gc.Equals, "Cloud")
+			c.Check(id, gc.Equals, "")
+			c.Check(request, gc.Equals, "Credentials")
+			c.Assert(result, gc.FitsTypeOf, &params.CloudCredentialsResults{})
+			c.Assert(a, jc.DeepEquals, params.UserClouds{[]params.UserCloud{{
+				UserTag:  "user-bob@local",
+				CloudTag: "cloud-foo",
+			}}})
+			*result.(*params.CloudCredentialsResults) = params.CloudCredentialsResults{
+				Results: []params.CloudCredentialsResult{{
+					Credentials: map[string]params.CloudCredential{
+						"one": {
+							AuthType: "empty",
+						},
+						"two": {
+							AuthType: "userpass",
+							Attributes: map[string]string{
+								"username": "admin",
+								"password": "adm1n",
+							},
+						},
+					},
+				}},
+			}
+			return nil
+		},
+	)
+
+	client := cloudapi.NewClient(apiCaller)
+	result, err := client.Credentials(names.NewUserTag("bob@local"), names.NewCloudTag("foo"))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result, jc.DeepEquals, map[string]cloud.Credential{
+		"one": cloud.NewEmptyCredential(),
+		"two": cloud.NewCredential(cloud.UserPassAuthType, map[string]string{
+			"username": "admin",
+			"password": "adm1n",
+		}),
+	})
+}
+
+func (s *cloudSuite) TestUpdateCredentials(c *gc.C) {
+	var called bool
+	apiCaller := basetesting.APICallerFunc(
+		func(objType string,
+			version int,
+			id, request string,
+			a, result interface{},
+		) error {
+			c.Check(objType, gc.Equals, "Cloud")
+			c.Check(id, gc.Equals, "")
+			c.Check(request, gc.Equals, "UpdateCredentials")
+			c.Assert(result, gc.FitsTypeOf, &params.ErrorResults{})
+			c.Assert(a, jc.DeepEquals, params.UsersCloudCredentials{[]params.UserCloudCredentials{{
+				UserTag:  "user-bob@local",
+				CloudTag: "cloud-foo",
+				Credentials: map[string]params.CloudCredential{
+					"one": {
+						AuthType: "empty",
+					},
+					"two": {
+						AuthType: "userpass",
+						Attributes: map[string]string{
+							"username": "admin",
+							"password": "adm1n",
+						},
+					},
+				},
+			}}})
+			*result.(*params.ErrorResults) = params.ErrorResults{
+				Results: []params.ErrorResult{{}},
+			}
+			called = true
+			return nil
+		},
+	)
+
+	client := cloudapi.NewClient(apiCaller)
+	err := client.UpdateCredentials(names.NewUserTag("bob@local"), names.NewCloudTag("foo"), map[string]cloud.Credential{
+		"one": cloud.NewEmptyCredential(),
+		"two": cloud.NewCredential(cloud.UserPassAuthType, map[string]string{
+			"username": "admin",
+			"password": "adm1n",
+		}),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(called, jc.IsTrue)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/cloud/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/cloud/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/cloud/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/cloud/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/common/controllerconfig.go juju-core-2.0~beta12/src/github.com/juju/juju/api/common/controllerconfig.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/common/controllerconfig.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/common/controllerconfig.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,32 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package common
+
+import (
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/controller"
+)
+
+// ControllerConfigAPI provides common client-side API functions
+// to call into apiserver.common.ControllerConfig.
+type ControllerConfigAPI struct {
+	facade base.FacadeCaller
+}
+
+// NewControllerConfig creates a ControllerConfig on the specified facade,
+// and uses this name when calling through the caller.
+func NewControllerConfig(facade base.FacadeCaller) *ControllerConfigAPI {
+	return &ControllerConfigAPI{facade}
+}
+
+// ControllerConfig returns the current controller configuration.
+func (e *ControllerConfigAPI) ControllerConfig() (controller.Config, error) {
+	var result params.ControllerConfigResult
+	err := e.facade.FacadeCall("ControllerConfig", nil, &result)
+	if err != nil {
+		return nil, err
+	}
+	return controller.Config(result.Config), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/common/life.go juju-core-2.0~beta12/src/github.com/juju/juju/api/common/life.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/common/life.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/common/life.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/common/modelwatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/api/common/modelwatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/common/modelwatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/common/modelwatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,7 @@
 	apiwatcher "github.com/juju/juju/api/watcher"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/logfwd/syslog"
 	"github.com/juju/juju/watcher"
 )
 
@@ -47,3 +48,23 @@
 	}
 	return conf, nil
 }
+
+// WatchForLogForwardConfigChanges return a NotifyWatcher waiting for the
+// log forward syslog configuration to change.
+func (e *ModelWatcher) WatchForLogForwardConfigChanges() (watcher.NotifyWatcher, error) {
+	// TODO(wallyworld) - lp:1602237 - this needs to have it's own backend implementation.
+	// For now, we'll piggyback off the ModelConfig API.
+	return e.WatchForModelConfigChanges()
+}
+
+// LogForwardConfig returns the current log forward syslog configuration.
+func (e *ModelWatcher) LogForwardConfig() (*syslog.RawConfig, bool, error) {
+	// TODO(wallyworld) - lp:1602237 - this needs to have it's own backend implementation.
+	// For now, we'll piggyback off the ModelConfig API.
+	modelConfig, err := e.ModelConfig()
+	if err != nil {
+		return nil, false, err
+	}
+	cfg, ok := modelConfig.LogFwdSyslog()
+	return cfg, ok, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/common/stream/stream.go juju-core-2.0~beta12/src/github.com/juju/juju/api/common/stream/stream.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/common/stream/stream.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/common/stream/stream.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,25 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package stream
+
+import (
+	"github.com/google/go-querystring/query"
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/api/base"
+)
+
+// Open opens a streaming connection to the endpoint path that conforms
+// to the provided config.
+func Open(conn base.StreamConnector, path string, cfg interface{}) (base.Stream, error) {
+	attrs, err := query.Values(cfg)
+	if err != nil {
+		return nil, errors.Annotate(err, "failed to generate URL query from config")
+	}
+	stream, err := conn.ConnectStream(path, attrs)
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot connect to %s", path)
+	}
+	return stream, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/common/watch.go juju-core-2.0~beta12/src/github.com/juju/juju/api/common/watch.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/common/watch.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/common/watch.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/controller/controller.go juju-core-2.0~beta12/src/github.com/juju/juju/api/controller/controller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/controller/controller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/controller/controller.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,28 +5,31 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/api/common"
 	"github.com/juju/juju/apiserver/params"
 )
 
-var logger = loggo.GetLogger("juju.api.controller")
-
 // Client provides methods that the Juju client command uses to interact
 // with the Juju controller.
 type Client struct {
 	base.ClientFacade
 	facade base.FacadeCaller
+	*common.ControllerConfigAPI
 }
 
 // NewClient creates a new `Client` based on an existing authenticated API
 // connection.
 func NewClient(st base.APICallCloser) *Client {
 	frontend, backend := base.NewClientFacade(st, "Controller")
-	return &Client{ClientFacade: frontend, facade: backend}
+	return &Client{
+		ClientFacade:        frontend,
+		facade:              backend,
+		ControllerConfigAPI: common.NewControllerConfig(backend),
+	}
 }
 
 // AllModels allows controller administrators to get the list of all the
@@ -58,7 +61,11 @@
 func (c *Client) ModelConfig() (map[string]interface{}, error) {
 	result := params.ModelConfigResults{}
 	err := c.facade.FacadeCall("ModelConfig", nil, &result)
-	return result.Config, err
+	values := make(map[string]interface{})
+	for name, val := range result.Config {
+		values[name] = val.Value
+	}
+	return values, err
 }
 
 // DestroyController puts the controller model into a "dying" state,
@@ -89,8 +96,8 @@
 // WatchAllModels returns an AllWatcher, from which you can request
 // the Next collection of Deltas (for all models).
 func (c *Client) WatchAllModels() (*api.AllWatcher, error) {
-	info := new(api.WatchAll)
-	if err := c.facade.FacadeCall("WatchAllModels", nil, info); err != nil {
+	var info params.AllWatcherId
+	if err := c.facade.FacadeCall("WatchAllModels", nil, &info); err != nil {
 		return nil, err
 	}
 	return api.NewAllModelWatcher(c.facade.RawAPICaller(), &info.AllWatcherId), nil
@@ -126,7 +133,7 @@
 			Life:               r.Life,
 			Owner:              owner.Canonical(),
 			HostedMachineCount: r.HostedMachineCount,
-			ServiceCount:       r.ServiceCount,
+			ServiceCount:       r.ApplicationCount,
 		}
 
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/controller/controller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/controller/controller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/controller/controller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/controller/controller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/controller"
@@ -56,7 +56,7 @@
 		obtained = append(obtained, fmt.Sprintf("%s/%s", env.Owner, env.Name))
 	}
 	expected := []string{
-		"admin@local/admin",
+		"admin@local/controller",
 		"user@remote/first",
 		"user@remote/second",
 	}
@@ -65,9 +65,20 @@
 
 func (s *controllerSuite) TestModelConfig(c *gc.C) {
 	sysManager := s.OpenAPI(c)
-	env, err := sysManager.ModelConfig()
+	cfg, err := sysManager.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env["name"], gc.Equals, "admin")
+	c.Assert(cfg["name"], gc.Equals, "controller")
+}
+
+func (s *controllerSuite) TestControllerConfig(c *gc.C) {
+	sysManager := s.OpenAPI(c)
+	cfg, err := sysManager.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	cfgFromDB, err := s.State.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg["controller-uuid"], gc.Equals, cfgFromDB.ControllerUUID())
+	c.Assert(int(cfg["state-port"].(float64)), gc.Equals, cfgFromDB.StatePort())
+	c.Assert(int(cfg["api-port"].(float64)), gc.Equals, cfgFromDB.APIPort())
 }
 
 func (s *controllerSuite) TestDestroyController(c *gc.C) {
@@ -89,8 +100,8 @@
 	results, err := sysManager.ListBlockedModels()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(results, jc.DeepEquals, []params.ModelBlockInfo{
-		params.ModelBlockInfo{
-			Name:     "admin",
+		{
+			Name:     "controller",
 			UUID:     s.State.ModelUUID(),
 			OwnerTag: s.AdminUserTag(c).String(),
 			Blocks: []string{
@@ -145,7 +156,7 @@
 		c.Assert(modelInfo.Name, gc.Equals, env.Name())
 		c.Assert(modelInfo.Life, gc.Equals, multiwatcher.Life("alive"))
 		c.Assert(modelInfo.Owner, gc.Equals, env.Owner().Id())
-		c.Assert(modelInfo.ServerUUID, gc.Equals, env.ControllerUUID())
+		c.Assert(modelInfo.ControllerUUID, gc.Equals, env.ControllerUUID())
 	case <-time.After(testing.LongWait):
 		c.Fatal("timed out")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/deployer.go juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/deployer.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/deployer.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/deployer.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package deployer
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/deployer_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/deployer_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/deployer_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/deployer_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/deployer"
@@ -34,8 +34,8 @@
 	// These are raw State objects. Use them for setup and assertions, but
 	// should never be touched by the API calls themselves
 	machine     *state.Machine
-	service0    *state.Service
-	service1    *state.Service
+	service0    *state.Application
+	service1    *state.Application
 	principal   *state.Unit
 	subordinate *state.Unit
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	apiwatcher "github.com/juju/juju/api/watcher"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/deployer/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/deployer/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package deployer
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/diskmanager/diskmanager.go juju-core-2.0~beta12/src/github.com/juju/juju/api/diskmanager/diskmanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/diskmanager/diskmanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/diskmanager/diskmanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package diskmanager
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/diskmanager/diskmanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/diskmanager/diskmanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/diskmanager/diskmanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/diskmanager/diskmanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"errors"
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/diskmanager"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/facadeversions.go juju-core-2.0~beta12/src/github.com/juju/juju/api/facadeversions.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/facadeversions.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/facadeversions.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,10 +3,6 @@
 
 package api
 
-import (
-	"github.com/juju/errors"
-)
-
 // facadeVersions lists the best version of facades that we know about. This
 // will be used to pick out a default version for communication, given the list
 // of known versions that the API server tells us it is capable of supporting.
@@ -15,42 +11,45 @@
 // New facades should start at 1.
 // Facades that existed before versioning start at 0.
 var facadeVersions = map[string]int{
-	"Action":                       1,
-	"Addresser":                    2,
+	"Action":                       2,
 	"Agent":                        2,
 	"AgentTools":                   1,
 	"AllModelWatcher":              2,
 	"AllWatcher":                   1,
 	"Annotations":                  2,
+	"Application":                  1,
+	"ApplicationScaler":            1,
 	"Backups":                      1,
 	"Block":                        2,
-	"CharmRevisionUpdater":         1,
+	"CharmRevisionUpdater":         2,
 	"Charms":                       2,
 	"Cleaner":                      2,
 	"Client":                       1,
-	"Controller":                   2,
+	"Cloud":                        1,
+	"Controller":                   3,
 	"Deployer":                     1,
 	"DiscoverSpaces":               2,
 	"DiskManager":                  2,
 	"EntityWatcher":                2,
 	"FilesystemAttachmentsWatcher": 2,
-	"Firewaller":                   2,
+	"Firewaller":                   3,
 	"HighAvailability":             2,
 	"HostKeyReporter":              1,
 	"ImageManager":                 2,
 	"ImageMetadata":                2,
-	"InstancePoller":               2,
+	"InstancePoller":               3,
 	"KeyManager":                   1,
 	"KeyUpdater":                   1,
 	"LeadershipService":            2,
 	"LifeFlag":                     1,
+	"LogForwarding":                1,
 	"Logger":                       1,
 	"MachineActions":               1,
 	"MachineManager":               2,
 	"Machiner":                     1,
 	"MeterStatus":                  1,
 	"MetricsAdder":                 2,
-	"MetricsDebug":                 1,
+	"MetricsDebug":                 2,
 	"MetricsManager":               1,
 	"MigrationFlag":                1,
 	"MigrationMaster":              1,
@@ -59,15 +58,17 @@
 	"MigrationTarget":              1,
 	"ModelManager":                 2,
 	"NotifyWatcher":                1,
+	"Payloads":                     1,
+	"PayloadsHookContext":          1,
 	"Pinger":                       1,
-	"Provisioner":                  2,
+	"Provisioner":                  3,
 	"ProxyUpdater":                 1,
 	"Reboot":                       2,
 	"RelationUnitsWatcher":         1,
+	"Resources":                    1,
+	"ResourcesHookContext":         1,
 	"Resumer":                      2,
 	"RetryStrategy":                1,
-	"Service":                      3,
-	"ServiceScaler":                1,
 	"Singular":                     1,
 	"Spaces":                       2,
 	"SSHClient":                    1,
@@ -78,22 +79,12 @@
 	"Subnets":                      2,
 	"Undertaker":                   1,
 	"UnitAssigner":                 1,
-	"Uniter":                       3,
+	"Uniter":                       4,
 	"Upgrader":                     1,
 	"UserManager":                  1,
 	"VolumeAttachmentsWatcher":     2,
 }
 
-// RegisterFacadeVersion sets the API client to prefer the given version
-// for the facade.
-func RegisterFacadeVersion(name string, version int) error {
-	if ver, ok := facadeVersions[name]; ok && ver != version {
-		return errors.Errorf("facade %q already registered", name)
-	}
-	facadeVersions[name] = version
-	return nil
-}
-
 // bestVersion tries to find the newest version in the version list that we can
 // use.
 func bestVersion(desiredVersion int, versions []int) int {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/facadeversions_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/facadeversions_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/facadeversions_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/facadeversions_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,6 +10,7 @@
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/component/all"
 	coretesting "github.com/juju/juju/testing"
 )
 
@@ -24,9 +25,13 @@
 	// code just to list out what versions are available. However, we do
 	// want to make sure that the two sides are kept in sync.
 	clientFacadeNames := set.NewStrings()
-	for name := range *api.FacadeVersions {
+	for name, version := range *api.FacadeVersions {
 		clientFacadeNames.Add(name)
+		// All versions should now be non-zero.
+		c.Check(version, jc.GreaterThan, 0)
 	}
+	// Register the components.
+	all.RegisterForServer()
 	allServerFacades := common.Facades.List()
 	serverFacadeNames := set.NewStrings()
 	serverFacadeBestVersions := make(map[string]int, len(allServerFacades))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/firewaller.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/firewaller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/firewaller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/firewaller.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/firewaller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/firewaller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/firewaller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/firewaller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,11 +20,11 @@
 type firewallerSuite struct {
 	testing.JujuConnSuite
 
-	st       api.Connection
-	machines []*state.Machine
-	service  *state.Service
-	charm    *state.Charm
-	units    []*state.Unit
+	st          api.Connection
+	machines    []*state.Machine
+	application *state.Application
+	charm       *state.Charm
+	units       []*state.Unit
 
 	firewaller *firewaller.State
 }
@@ -59,10 +59,10 @@
 	}
 	// Create a service and three units for these machines.
 	s.charm = s.AddTestingCharm(c, "wordpress")
-	s.service = s.AddTestingService(c, "wordpress", s.charm)
+	s.application = s.AddTestingService(c, "wordpress", s.charm)
 	// Add the rest of the units and assign them.
 	for i := 0; i <= 2; i++ {
-		s.units[i], err = s.service.AddUnit()
+		s.units[i], err = s.application.AddUnit()
 		c.Check(err, jc.ErrorIsNil)
 		err = s.units[i].AssignToMachine(s.machines[i])
 		c.Check(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,4 @@
+// Copyright 2014 Canonical Ltd.
 // Licensed under the AGPLv3, see LICENCE file for details.
 
 package firewaller
@@ -5,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	apiwatcher "github.com/juju/juju/api/watcher"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package firewaller_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/firewaller"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/service.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/common"
 	"github.com/juju/juju/apiserver/params"
@@ -14,35 +14,35 @@
 )
 
 // Service represents the state of a service.
-type Service struct {
+type Application struct {
 	st   *State
-	tag  names.ServiceTag
+	tag  names.ApplicationTag
 	life params.Life
 }
 
 // Name returns the service name.
-func (s *Service) Name() string {
+func (s *Application) Name() string {
 	return s.tag.Id()
 }
 
 // Tag returns the service tag.
-func (s *Service) Tag() names.ServiceTag {
+func (s *Application) Tag() names.ApplicationTag {
 	return s.tag
 }
 
 // Watch returns a watcher for observing changes to a service.
-func (s *Service) Watch() (watcher.NotifyWatcher, error) {
+func (s *Application) Watch() (watcher.NotifyWatcher, error) {
 	return common.Watch(s.st.facade, s.tag)
 }
 
 // Life returns the service's current life state.
-func (s *Service) Life() params.Life {
+func (s *Application) Life() params.Life {
 	return s.life
 }
 
 // Refresh refreshes the contents of the Service from the underlying
 // state.
-func (s *Service) Refresh() error {
+func (s *Application) Refresh() error {
 	life, err := s.st.life(s.tag)
 	if err != nil {
 		return err
@@ -57,7 +57,7 @@
 //
 // NOTE: This differs from state.Service.IsExposed() by returning
 // an error as well, because it needs to make an API call.
-func (s *Service) IsExposed() (bool, error) {
+func (s *Application) IsExposed() (bool, error) {
 	var results params.BoolResults
 	args := params.Entities{
 		Entities: []params.Entity{{Tag: s.tag.String()}},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package firewaller_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/firewaller"
 	"github.com/juju/juju/apiserver/params"
@@ -16,7 +16,7 @@
 type serviceSuite struct {
 	firewallerSuite
 
-	apiService *firewaller.Service
+	apiApplication *firewaller.Application
 }
 
 var _ = gc.Suite(&serviceSuite{})
@@ -26,7 +26,7 @@
 
 	var err error
 	apiUnit, err := s.firewaller.Unit(s.units[0].Tag().(names.UnitTag))
-	s.apiService, err = apiUnit.Service()
+	s.apiApplication, err = apiUnit.Application()
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -35,17 +35,17 @@
 }
 
 func (s *serviceSuite) TestName(c *gc.C) {
-	c.Assert(s.apiService.Name(), gc.Equals, s.service.Name())
+	c.Assert(s.apiApplication.Name(), gc.Equals, s.application.Name())
 }
 
 func (s *serviceSuite) TestTag(c *gc.C) {
-	c.Assert(s.apiService.Tag(), gc.Equals, names.NewServiceTag(s.service.Name()))
+	c.Assert(s.apiApplication.Tag(), gc.Equals, names.NewApplicationTag(s.application.Name()))
 }
 
 func (s *serviceSuite) TestWatch(c *gc.C) {
-	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
+	c.Assert(s.apiApplication.Life(), gc.Equals, params.Alive)
 
-	w, err := s.apiService.Watch()
+	w, err := s.apiApplication.Watch()
 	c.Assert(err, jc.ErrorIsNil)
 	wc := watchertest.NewNotifyWatcherC(c, w, s.BackingState.StartSync)
 	defer wc.AssertStops()
@@ -54,40 +54,40 @@
 	wc.AssertOneChange()
 
 	// Change something and check it's detected.
-	err = s.service.SetExposed()
+	err = s.application.SetExposed()
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertOneChange()
 
 	// Destroy the service and check it's detected.
-	err = s.service.Destroy()
+	err = s.application.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertOneChange()
 }
 
 func (s *serviceSuite) TestRefresh(c *gc.C) {
-	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
+	c.Assert(s.apiApplication.Life(), gc.Equals, params.Alive)
 
-	err := s.service.Destroy()
+	err := s.application.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
+	c.Assert(s.apiApplication.Life(), gc.Equals, params.Alive)
 
-	err = s.apiService.Refresh()
+	err = s.apiApplication.Refresh()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.apiService.Life(), gc.Equals, params.Dying)
+	c.Assert(s.apiApplication.Life(), gc.Equals, params.Dying)
 }
 
 func (s *serviceSuite) TestIsExposed(c *gc.C) {
-	err := s.service.SetExposed()
+	err := s.application.SetExposed()
 	c.Assert(err, jc.ErrorIsNil)
 
-	isExposed, err := s.apiService.IsExposed()
+	isExposed, err := s.apiApplication.IsExposed()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(isExposed, jc.IsTrue)
 
-	err = s.service.ClearExposed()
+	err = s.application.ClearExposed()
 	c.Assert(err, jc.ErrorIsNil)
 
-	isExposed, err = s.apiService.IsExposed()
+	isExposed, err = s.apiApplication.IsExposed()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(isExposed, jc.IsFalse)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/state_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/state_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/state_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/state_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -53,7 +53,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	_, err = s.State.AddMachineInsideMachine(template, s.machines[0].Id(), instance.LXC)
+	_, err = s.State.AddMachineInsideMachine(template, s.machines[0].Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 )
@@ -42,16 +42,16 @@
 	return nil
 }
 
-// Service returns the service.
-func (u *Unit) Service() (*Service, error) {
-	serviceName, err := names.UnitService(u.Name())
+// Application returns the application.
+func (u *Unit) Application() (*Application, error) {
+	serviceName, err := names.UnitApplication(u.Name())
 	if err != nil {
 		return nil, err
 	}
-	serviceTag := names.NewServiceTag(serviceName)
-	service := &Service{
+	applicationTag := names.NewApplicationTag(serviceName)
+	service := &Application{
 		st:  u.st,
-		tag: serviceTag,
+		tag: applicationTag,
 	}
 	// Call Refresh() immediately to get the up-to-date
 	// life and other needed locally cached fields.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/firewaller/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/firewaller/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package firewaller_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/firewaller"
 	"github.com/juju/juju/apiserver/params"
@@ -71,9 +71,9 @@
 }
 
 func (s *unitSuite) TestService(c *gc.C) {
-	service, err := s.apiUnit.Service()
+	service, err := s.apiUnit.Application()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(service.Name(), gc.Equals, s.service.Name())
+	c.Assert(service.Name(), gc.Equals, s.application.Name())
 }
 
 func (s *unitSuite) TestName(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/highavailability/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/highavailability/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/highavailability/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/highavailability/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/hostkeyreporter/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/api/hostkeyreporter/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/hostkeyreporter/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/hostkeyreporter/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 package hostkeyreporter
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/hostkeyreporter/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/hostkeyreporter/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/hostkeyreporter/facade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/hostkeyreporter/facade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	basetesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/hostkeyreporter"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/http.go juju-core-2.0~beta12/src/github.com/juju/juju/api/http.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/http.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/http.go	2016-07-18 19:45:44.000000000 +0000
@@ -126,7 +126,7 @@
 	// and determine the expected error type from that, but that
 	// seems more fragile than this approach.
 	type genericErrorResponse struct {
-		Error json.RawMessage
+		Error json.RawMessage `json:"error"`
 	}
 	var generic genericErrorResponse
 	if err := json.Unmarshal(body, &generic); err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/http_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/http_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/http_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/http_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -73,8 +73,8 @@
 	about: "bad charms error response",
 	handler: func(w http.ResponseWriter, req *http.Request) {
 		type badResponse struct {
-			Error    string
-			CharmURL map[string]int
+			Error    string         `json:"error"`
+			CharmURL map[string]int `json:"charm-url"`
 		}
 		httprequest.WriteJSON(w, http.StatusUnauthorized, badResponse{
 			Error:    "something",
@@ -150,17 +150,17 @@
 		}
 		err := s.client.Get("/", resp)
 		if test.expectError != "" {
-			c.Assert(err, gc.ErrorMatches, test.expectError)
-			c.Assert(params.ErrCode(err), gc.Equals, test.expectErrorCode)
+			c.Check(err, gc.ErrorMatches, test.expectError)
+			c.Check(params.ErrCode(err), gc.Equals, test.expectErrorCode)
 			if err, ok := errors.Cause(err).(*params.Error); ok {
-				c.Assert(err.Info, jc.DeepEquals, test.expectErrorInfo)
+				c.Check(err.Info, jc.DeepEquals, test.expectErrorInfo)
 			} else if test.expectErrorInfo != nil {
 				c.Fatalf("no error info found in error")
 			}
 			continue
 		}
-		c.Assert(err, gc.IsNil)
-		c.Assert(resp, jc.DeepEquals, test.expectResponse)
+		c.Check(err, gc.IsNil)
+		c.Check(resp, jc.DeepEquals, test.expectResponse)
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package instancepoller
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/instancepoller.go juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/instancepoller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/instancepoller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/instancepoller.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/instancepoller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/instancepoller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/instancepoller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/instancepoller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apitesting "github.com/juju/juju/api/base/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
@@ -142,7 +142,7 @@
 func (m *Machine) SetInstanceStatus(status status.Status, message string, data map[string]interface{}) error {
 	var result params.ErrorResults
 	args := params.SetStatus{Entities: []params.EntityStatusArgs{
-		{Tag: m.tag.String(), Status: status, Info: message, Data: data},
+		{Tag: m.tag.String(), Status: status.String(), Info: message, Data: data},
 	}}
 	err := m.facade.FacadeCall("SetInstanceStatus", args, &result)
 	if err != nil {
@@ -170,7 +170,7 @@
 	if result.Error != nil {
 		return nil, result.Error
 	}
-	return params.NetworkAddresses(result.Addresses), nil
+	return params.NetworkAddresses(result.Addresses...), nil
 }
 
 // SetProviderAddresses sets the cached provider addresses for the
@@ -180,7 +180,7 @@
 	args := params.SetMachinesAddresses{
 		MachineAddresses: []params.MachineAddresses{{
 			Tag:       m.tag.String(),
-			Addresses: params.FromNetworkAddresses(addrs),
+			Addresses: params.FromNetworkAddresses(addrs...),
 		}}}
 	err := m.facade.FacadeCall("SetProviderAddresses", args, &result)
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/instancepoller/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/instancepoller/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"reflect"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/instancepoller"
@@ -208,14 +208,14 @@
 	var called int
 	results := params.StatusResults{
 		Results: []params.StatusResult{{
-			Status: status.StatusProvisioning,
+			Status: status.StatusProvisioning.String(),
 		}},
 	}
 	apiCaller := successAPICaller(c, "InstanceStatus", entitiesArgs, results, &called)
 	machine := instancepoller.NewMachine(apiCaller, s.tag, params.Alive)
 	statusResult, err := machine.InstanceStatus()
 	c.Check(err, jc.ErrorIsNil)
-	c.Check(statusResult.Status, gc.DeepEquals, status.StatusProvisioning)
+	c.Check(statusResult.Status, gc.DeepEquals, status.StatusProvisioning.String())
 	c.Check(called, gc.Equals, 1)
 }
 
@@ -241,7 +241,7 @@
 	addresses := network.NewAddresses("2001:db8::1", "0.1.2.3")
 	results := params.MachineAddressesResults{
 		Results: []params.MachineAddressesResult{{
-			Addresses: params.FromNetworkAddresses(addresses),
+			Addresses: params.FromNetworkAddresses(addresses...),
 		}}}
 	apiCaller := successAPICaller(c, "ProviderAddresses", entitiesArgs, results, &called)
 	machine := instancepoller.NewMachine(apiCaller, s.tag, params.Alive)
@@ -257,7 +257,7 @@
 	expectArgs := params.SetMachinesAddresses{
 		MachineAddresses: []params.MachineAddresses{{
 			Tag:       "machine-42",
-			Addresses: params.FromNetworkAddresses(addresses),
+			Addresses: params.FromNetworkAddresses(addresses...),
 		}}}
 	results := params.ErrorResults{
 		Results: []params.ErrorResult{{Error: nil}},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/api/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,12 +7,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 	"gopkg.in/macaroon.v1"
 
-	"github.com/juju/juju/api/addresser"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/charmrevisionupdater"
 	"github.com/juju/juju/api/cleaner"
@@ -27,6 +26,7 @@
 	"github.com/juju/juju/api/upgrader"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/rpc"
+	"github.com/juju/utils/set"
 )
 
 // Info encapsulates information about a server holding juju state and
@@ -54,9 +54,8 @@
 	SkipLogin bool `yaml:"-"`
 
 	// Tag holds the name of the entity that is connecting.
-	// If this is nil, and the password is empty, no login attempt will be made.
-	// (this is to allow tests to access the API to check that operations
-	// fail when not logged in).
+	// If this is nil, and the password is empty, macaroon authentication
+	// will be used to log in unless SkipLogin is true.
 	Tag names.Tag
 
 	// Password holds the password for the administrator or connecting entity.
@@ -71,11 +70,28 @@
 	Nonce string `yaml:",omitempty"`
 }
 
+// Ports returns the unique ports for the api addresses.
+func (info *Info) Ports() []int {
+	ports := set.NewInts()
+	hostPorts, err := network.ParseHostPorts(info.Addrs...)
+	if err != nil {
+		// Addresses have already been validated.
+		panic(err)
+	}
+	for _, hp := range hostPorts {
+		ports.Add(hp.Port)
+	}
+	return ports.Values()
+}
+
 // Validate validates the API info.
 func (info *Info) Validate() error {
 	if len(info.Addrs) == 0 {
 		return errors.NotValidf("missing addresses")
 	}
+	if _, err := network.ParseHostPorts(info.Addrs...); err != nil {
+		return errors.NotValidf("host addresses: %v", err)
+	}
 	if info.CACert == "" {
 		return errors.NotValidf("missing CA certificate")
 	}
@@ -184,6 +200,10 @@
 	// connection.
 	AuthTag() names.Tag
 
+	// ReadOnly returns whether the authorized user is connected to the model
+	// in read-only mode.
+	ReadOnly() bool
+
 	// These methods expose a bunch of worker-specific facades, and basically
 	// just should not exist; but removing them is too noisy for a single CL.
 	// Client in particular is intimately coupled with State -- and the others
@@ -195,7 +215,6 @@
 	Firewaller() *firewaller.State
 	Upgrader() *upgrader.State
 	Reboot() (reboot.State, error)
-	Addresser() *addresser.API
 	DiscoverSpaces() *discoverspaces.API
 	InstancePoller() *instancepoller.API
 	CharmRevisionUpdater() *charmrevisionupdater.State
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/keyupdater/authorisedkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/api/keyupdater/authorisedkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/keyupdater/authorisedkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/keyupdater/authorisedkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/keyupdater/authorisedkeys_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/keyupdater/authorisedkeys_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/keyupdater/authorisedkeys_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/keyupdater/authorisedkeys_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package keyupdater_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/keyupdater"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/leadership/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/leadership/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/leadership/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/leadership/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
@@ -51,7 +51,7 @@
 func (c *client) BlockUntilLeadershipReleased(serviceId string) error {
 	const friendlyErrMsg = "error blocking on leadership release"
 	var result params.ErrorResult
-	err := c.FacadeCall("BlockUntilLeadershipReleased", names.NewServiceTag(serviceId), &result)
+	err := c.FacadeCall("BlockUntilLeadershipReleased", names.NewApplicationTag(serviceId), &result)
 	if err != nil {
 		return errors.Annotate(err, friendlyErrMsg)
 	} else if result.Error != nil {
@@ -68,7 +68,7 @@
 // preperation for making a bulk call.
 func (c *client) prepareClaimLeadership(serviceId, unitId string, duration time.Duration) params.ClaimLeadershipParams {
 	return params.ClaimLeadershipParams{
-		names.NewServiceTag(serviceId).String(),
+		names.NewApplicationTag(serviceId).String(),
 		names.NewUnitTag(unitId).String(),
 		duration.Seconds(),
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/leadership/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/leadership/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/leadership/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/leadership/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apitesting "github.com/juju/juju/api/base/testing"
@@ -55,7 +55,7 @@
 		c.Check(request, gc.Equals, "ClaimLeadership")
 		c.Check(arg, jc.DeepEquals, params.ClaimLeadershipBulkParams{
 			Params: []params.ClaimLeadershipParams{{
-				ServiceTag:      "service-stub-service",
+				ApplicationTag:  "application-stub-service",
 				UnitTag:         "unit-stub-unit-0",
 				DurationSeconds: claimTime.Seconds(),
 			}},
@@ -141,7 +141,7 @@
 	apiCaller := s.apiCaller(c, func(request string, arg, result interface{}) error {
 		numStubCalls++
 		c.Check(request, gc.Equals, "BlockUntilLeadershipReleased")
-		c.Check(arg, jc.DeepEquals, names.NewServiceTag(StubServiceNm))
+		c.Check(arg, jc.DeepEquals, names.NewApplicationTag(StubServiceNm))
 		switch result := result.(type) {
 		case *params.ErrorResult:
 		default:
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/lifeflag/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/api/lifeflag/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/lifeflag/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/lifeflag/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/lifeflag/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/lifeflag/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/lifeflag/facade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/lifeflag/facade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apitesting "github.com/juju/juju/api/base/testing"
@@ -30,13 +30,13 @@
 		called = true
 		c.Check(request, gc.Equals, "Life")
 		c.Check(args, jc.DeepEquals, params.Entities{
-			Entities: []params.Entity{{Tag: "service-blah"}},
+			Entities: []params.Entity{{Tag: "application-blah"}},
 		})
 		return nil
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	facade.Life(names.NewServiceTag("blah"))
+	facade.Life(names.NewApplicationTag("blah"))
 	c.Check(called, jc.IsTrue)
 }
 
@@ -46,7 +46,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	result, err := facade.Life(names.NewServiceTag("blah"))
+	result, err := facade.Life(names.NewApplicationTag("blah"))
 	c.Check(err, gc.ErrorMatches, "crunch belch")
 	c.Check(result, gc.Equals, life.Value(""))
 }
@@ -57,7 +57,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	result, err := facade.Life(names.NewServiceTag("blah"))
+	result, err := facade.Life(names.NewApplicationTag("blah"))
 	c.Check(err, gc.ErrorMatches, "expected 1 Life result, got 0")
 	c.Check(result, gc.Equals, life.Value(""))
 }
@@ -73,7 +73,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	result, err := facade.Life(names.NewServiceTag("blah"))
+	result, err := facade.Life(names.NewApplicationTag("blah"))
 	c.Check(err, gc.ErrorMatches, "expected 1 Life result, got 2")
 	c.Check(result, gc.Equals, life.Value(""))
 }
@@ -91,7 +91,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	result, err := facade.Life(names.NewServiceTag("blah"))
+	result, err := facade.Life(names.NewApplicationTag("blah"))
 	c.Check(err, gc.Equals, lifeflag.ErrNotFound)
 	c.Check(result, gc.Equals, life.Value(""))
 }
@@ -107,7 +107,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	result, err := facade.Life(names.NewServiceTag("blah"))
+	result, err := facade.Life(names.NewApplicationTag("blah"))
 	c.Check(err, gc.ErrorMatches, `life value "decomposed" not valid`)
 	c.Check(result, gc.Equals, life.Value(""))
 }
@@ -123,7 +123,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	result, err := facade.Life(names.NewServiceTag("blah"))
+	result, err := facade.Life(names.NewApplicationTag("blah"))
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(result, gc.Equals, life.Dying)
 }
@@ -134,13 +134,13 @@
 		called = true
 		c.Check(request, gc.Equals, "Watch")
 		c.Check(args, jc.DeepEquals, params.Entities{
-			Entities: []params.Entity{{Tag: "service-blah"}},
+			Entities: []params.Entity{{Tag: "application-blah"}},
 		})
 		return nil
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	facade.Watch(names.NewServiceTag("blah"))
+	facade.Watch(names.NewApplicationTag("blah"))
 	c.Check(called, jc.IsTrue)
 }
 
@@ -150,7 +150,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	watcher, err := facade.Watch(names.NewServiceTag("blah"))
+	watcher, err := facade.Watch(names.NewApplicationTag("blah"))
 	c.Check(err, gc.ErrorMatches, "crunch belch")
 	c.Check(watcher, gc.IsNil)
 }
@@ -161,7 +161,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	watcher, err := facade.Watch(names.NewServiceTag("blah"))
+	watcher, err := facade.Watch(names.NewApplicationTag("blah"))
 	c.Check(err, gc.ErrorMatches, "expected 1 Watch result, got 0")
 	c.Check(watcher, gc.IsNil)
 }
@@ -177,7 +177,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	watcher, err := facade.Watch(names.NewServiceTag("blah"))
+	watcher, err := facade.Watch(names.NewApplicationTag("blah"))
 	c.Check(err, gc.ErrorMatches, "expected 1 Watch result, got 2")
 	c.Check(watcher, gc.IsNil)
 }
@@ -195,7 +195,7 @@
 	})
 	facade := lifeflag.NewFacade(caller, nil)
 
-	watcher, err := facade.Watch(names.NewServiceTag("blah"))
+	watcher, err := facade.Watch(names.NewApplicationTag("blah"))
 	c.Check(err, gc.Equals, lifeflag.ErrNotFound)
 	c.Check(watcher, gc.IsNil)
 }
@@ -221,7 +221,7 @@
 	}
 	facade := lifeflag.NewFacade(caller, newWatcher)
 
-	watcher, err := facade.Watch(names.NewServiceTag("blah"))
+	watcher, err := facade.Watch(names.NewApplicationTag("blah"))
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(watcher, gc.Equals, expectWatcher)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logfwd/lastsent.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logfwd/lastsent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logfwd/lastsent.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logfwd/lastsent.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,135 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+)
+
+// LastSentID is the data that identifies a log forwarding
+// "last sent" value. The controller has a mapping from a set of IDs
+// to a record ID (for each ID). The record ID corresponds to the last
+// log record that the specific log forwarding machinery sent to the
+// identified "sink" (for a given model).
+type LastSentID struct {
+	// ModelTag identifies the model associated with the log record.
+	Model names.ModelTag
+
+	// Sink is the name of the log forwarding target to which a log
+	// record was last sent.
+	Sink string
+}
+
+// LastSentInfo holds the info about a "last sent" value.
+type LastSentInfo struct {
+	LastSentID
+
+	// RecordID identifies the last log record that was forwarded
+	// for a given model and sink.
+	RecordID int64
+
+	// RecordTimestamp identifies the last log record that was forwarded
+	// for a given model and sink.
+	RecordTimestamp time.Time
+}
+
+// LastSentResult holds a single result from a bulk API call.
+type LastSentResult struct {
+	LastSentInfo
+
+	// Error holds the error, if any, that resulted while handling the
+	// request for the ID.
+	Error error
+}
+
+// FacadeCaller provides the functionality to call methods on a facade.
+type FacadeCaller interface {
+	// FacadeCall is the same method as on base.FacadeCaller.
+	FacadeCall(request string, params, response interface{}) error
+}
+
+// LastSentClient exposes the "last sent" methods of the LogForwarding
+// API facade.
+type LastSentClient struct {
+	caller FacadeCaller
+}
+
+// NewLastSentClient creates a new API client for the facade.
+func NewLastSentClient(newFacadeCaller func(string) FacadeCaller) *LastSentClient {
+	return &LastSentClient{
+		caller: newFacadeCaller("LogForwarding"),
+	}
+}
+
+// GetLastSent makes a "GetLastSent" call on the facade and returns the
+// results in the same order.
+func (c LastSentClient) GetLastSent(ids []LastSentID) ([]LastSentResult, error) {
+	var args params.LogForwardingGetLastSentParams
+	args.IDs = make([]params.LogForwardingID, len(ids))
+	for i, id := range ids {
+		args.IDs[i] = params.LogForwardingID{
+			ModelTag: id.Model.String(),
+			Sink:     id.Sink,
+		}
+	}
+
+	var apiResults params.LogForwardingGetLastSentResults
+	err := c.caller.FacadeCall("GetLastSent", args, &apiResults)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	results := make([]LastSentResult, len(ids))
+	for i, apiRes := range apiResults.Results {
+		results[i] = LastSentResult{
+			LastSentInfo: LastSentInfo{
+				LastSentID: ids[i],
+				RecordID:   apiRes.RecordID,
+			},
+			Error: common.RestoreError(apiRes.Error),
+		}
+		if apiRes.RecordTimestamp > 0 {
+			results[i].RecordTimestamp = time.Unix(0, apiRes.RecordTimestamp)
+		}
+	}
+	return results, nil
+}
+
+// SetLastSent makes a "SetLastSent" call on the facade and returns the
+// results in the same order.
+func (c LastSentClient) SetLastSent(reqs []LastSentInfo) ([]LastSentResult, error) {
+	var args params.LogForwardingSetLastSentParams
+	args.Params = make([]params.LogForwardingSetLastSentParam, len(reqs))
+	for i, req := range reqs {
+		args.Params[i] = params.LogForwardingSetLastSentParam{
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: req.Model.String(),
+				Sink:     req.Sink,
+			},
+			RecordID:        req.RecordID,
+			RecordTimestamp: req.RecordTimestamp.UnixNano(),
+		}
+	}
+
+	var apiResults params.ErrorResults
+	err := c.caller.FacadeCall("SetLastSent", args, &apiResults)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	results := make([]LastSentResult, len(reqs))
+	for i, apiRes := range apiResults.Results {
+		results[i] = LastSentResult{
+			LastSentInfo: reqs[i],
+			Error:        common.RestoreError(apiRes.Error),
+		}
+	}
+	return results, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logfwd/lastsent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logfwd/lastsent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logfwd/lastsent_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logfwd/lastsent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,229 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api/logfwd"
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+	"time"
+)
+
+type LastSentSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&LastSentSuite{})
+
+func (s *LastSentSuite) TestGetLastSent(c *gc.C) {
+	stub := &testing.Stub{}
+	caller := &stubFacadeCaller{stub: stub}
+	caller.ReturnFacadeCallGet = params.LogForwardingGetLastSentResults{
+		Results: []params.LogForwardingGetLastSentResult{{
+			RecordID:        10,
+			RecordTimestamp: 100,
+		}, {
+			RecordID:        20,
+			RecordTimestamp: 200,
+		}, {
+			Error: common.ServerError(errors.NewNotFound(state.ErrNeverForwarded, "")),
+		}},
+	}
+	client := logfwd.NewLastSentClient(caller.newFacadeCaller)
+	model := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	modelTag := names.NewModelTag(model)
+
+	results, err := client.GetLastSent([]logfwd.LastSentID{{
+		Model: modelTag,
+		Sink:  "spam",
+	}, {
+		Model: modelTag,
+		Sink:  "eggs",
+	}, {
+		Model: modelTag,
+		Sink:  "ham",
+	}})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(results, jc.DeepEquals, []logfwd.LastSentResult{{
+		LastSentInfo: logfwd.LastSentInfo{
+			LastSentID: logfwd.LastSentID{
+				Model: modelTag,
+				Sink:  "spam",
+			},
+			RecordID:        10,
+			RecordTimestamp: time.Unix(0, 100),
+		},
+	}, {
+		LastSentInfo: logfwd.LastSentInfo{
+			LastSentID: logfwd.LastSentID{
+				Model: modelTag,
+				Sink:  "eggs",
+			},
+			RecordID:        20,
+			RecordTimestamp: time.Unix(0, 200),
+		},
+	}, {
+		LastSentInfo: logfwd.LastSentInfo{
+			LastSentID: logfwd.LastSentID{
+				Model: modelTag,
+				Sink:  "ham",
+			},
+		},
+		Error: common.RestoreError(&params.Error{
+			Message: `cannot find ID of the last forwarded record`,
+			Code:    params.CodeNotFound,
+		}),
+	}})
+	stub.CheckCallNames(c, "newFacadeCaller", "FacadeCall")
+	stub.CheckCall(c, 0, "newFacadeCaller", "LogForwarding")
+	stub.CheckCall(c, 1, "FacadeCall", "GetLastSent", params.LogForwardingGetLastSentParams{
+		IDs: []params.LogForwardingID{{
+			ModelTag: modelTag.String(),
+			Sink:     "spam",
+		}, {
+			ModelTag: modelTag.String(),
+			Sink:     "eggs",
+		}, {
+			ModelTag: modelTag.String(),
+			Sink:     "ham",
+		}},
+	})
+}
+
+func (s *LastSentSuite) TestSetLastSent(c *gc.C) {
+	stub := &testing.Stub{}
+	caller := &stubFacadeCaller{stub: stub}
+	apiError := common.ServerError(errors.New("<failed>"))
+	caller.ReturnFacadeCallSet = params.ErrorResults{
+		Results: []params.ErrorResult{{
+			Error: nil,
+		}, {
+			Error: nil,
+		}, {
+			Error: apiError,
+		}},
+	}
+	client := logfwd.NewLastSentClient(caller.newFacadeCaller)
+	model := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	modelTag := names.NewModelTag(model)
+
+	results, err := client.SetLastSent([]logfwd.LastSentInfo{{
+		LastSentID: logfwd.LastSentID{
+			Model: modelTag,
+			Sink:  "spam",
+		},
+		RecordID:        10,
+		RecordTimestamp: time.Unix(0, 100),
+	}, {
+		LastSentID: logfwd.LastSentID{
+			Model: modelTag,
+			Sink:  "eggs",
+		},
+		RecordID:        20,
+		RecordTimestamp: time.Unix(0, 200),
+	}, {
+		LastSentID: logfwd.LastSentID{
+			Model: modelTag,
+			Sink:  "ham",
+		},
+		RecordID:        15,
+		RecordTimestamp: time.Unix(0, 150),
+	}})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(results, jc.DeepEquals, []logfwd.LastSentResult{{
+		LastSentInfo: logfwd.LastSentInfo{
+			LastSentID: logfwd.LastSentID{
+				Model: modelTag,
+				Sink:  "spam",
+			},
+			RecordID:        10,
+			RecordTimestamp: time.Unix(0, 100),
+		},
+	}, {
+		LastSentInfo: logfwd.LastSentInfo{
+			LastSentID: logfwd.LastSentID{
+				Model: modelTag,
+				Sink:  "eggs",
+			},
+			RecordID:        20,
+			RecordTimestamp: time.Unix(0, 200),
+		},
+	}, {
+		LastSentInfo: logfwd.LastSentInfo{
+			LastSentID: logfwd.LastSentID{
+				Model: modelTag,
+				Sink:  "ham",
+			},
+			RecordID:        15,
+			RecordTimestamp: time.Unix(0, 150),
+		},
+		Error: common.RestoreError(apiError),
+	}})
+	stub.CheckCallNames(c, "newFacadeCaller", "FacadeCall")
+	stub.CheckCall(c, 0, "newFacadeCaller", "LogForwarding")
+	stub.CheckCall(c, 1, "FacadeCall", "SetLastSent", params.LogForwardingSetLastSentParams{
+		Params: []params.LogForwardingSetLastSentParam{{
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: modelTag.String(),
+				Sink:     "spam",
+			},
+			RecordID:        10,
+			RecordTimestamp: 100,
+		}, {
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: modelTag.String(),
+				Sink:     "eggs",
+			},
+			RecordID:        20,
+			RecordTimestamp: 200,
+		}, {
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: modelTag.String(),
+				Sink:     "ham",
+			},
+			RecordID:        15,
+			RecordTimestamp: 150,
+		}},
+	})
+}
+
+type stubFacadeCaller struct {
+	stub *testing.Stub
+
+	ReturnFacadeCallGet params.LogForwardingGetLastSentResults
+	ReturnFacadeCallSet params.ErrorResults
+}
+
+func (s *stubFacadeCaller) newFacadeCaller(facade string) logfwd.FacadeCaller {
+	s.stub.AddCall("newFacadeCaller", facade)
+	s.stub.NextErr()
+
+	return s
+}
+
+func (s *stubFacadeCaller) FacadeCall(request string, args, response interface{}) error {
+	s.stub.AddCall("FacadeCall", request, args)
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	switch request {
+	case "GetLastSent":
+		actual := response.(*params.LogForwardingGetLastSentResults)
+		*actual = s.ReturnFacadeCallGet
+	case "SetLastSent":
+		actual := response.(*params.ErrorResults)
+		*actual = s.ReturnFacadeCallSet
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logfwd/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logfwd/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logfwd/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logfwd/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logger/logger.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logger/logger.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logger/logger.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logger/logger.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logger/logger_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logger/logger_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logger/logger_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logger/logger_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package logger_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/logger"
@@ -20,10 +20,10 @@
 
 	// These are raw State objects. Use them for setup and assertions, but
 	// should never be touched by the API calls themselves
-	rawMachine *state.Machine
-	rawCharm   *state.Charm
-	rawService *state.Service
-	rawUnit    *state.Unit
+	rawMachine     *state.Machine
+	rawCharm       *state.Charm
+	rawApplication *state.Application
+	rawUnit        *state.Unit
 
 	logger *logger.State
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logsender/logsender.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logsender/logsender.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logsender/logsender.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logsender/logsender.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,13 @@
 
 import (
 	"io"
+	"net/url"
 
 	"github.com/juju/errors"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/version"
 )
 
 // LogWriter is the interface that allows sending log
@@ -36,7 +38,9 @@
 // LogWriter returns a new log writer interface value
 // which must be closed when finished with.
 func (api *API) LogWriter() (LogWriter, error) {
-	conn, err := api.connector.ConnectStream("/logsink", nil)
+	attrs := make(url.Values)
+	attrs.Set("jujuclientversion", version.Current.String())
+	conn, err := api.connector.ConnectStream("/logsink", attrs)
 	if err != nil {
 		return nil, errors.Annotatef(err, "cannot connect to /logsink")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logsender/logsender_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logsender/logsender_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logsender/logsender_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logsender/logsender_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,12 +7,14 @@
 	"errors"
 	"net/url"
 
+	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/logsender"
 	"github.com/juju/juju/apiserver/params"
 	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/version"
 )
 
 type LogSenderSuite struct {
@@ -78,7 +80,9 @@
 
 func (c *mockConnector) ConnectStream(path string, values url.Values) (base.Stream, error) {
 	c.c.Assert(path, gc.Equals, "/logsink")
-	c.c.Assert(values, gc.HasLen, 0)
+	c.c.Assert(values, jc.DeepEquals, url.Values{
+		"jujuclientversion": []string{version.Current.String()},
+	})
 	if c.connectError != nil {
 		return nil, c.connectError
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logstream/logstream.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logstream/logstream.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logstream/logstream.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logstream/logstream.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,190 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logstream
+
+import (
+	"io"
+	"sync"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/api/common/stream"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/logfwd"
+)
+
+// jsonReadCloser provides the functionality to send JSON-serialized
+// values over a streaming connection.
+type jsonReadCloser interface {
+	io.Closer
+
+	// ReadJSON decodes the next JSON value from the connection and
+	// sets the value at the provided pointer to that newly decoded one.
+	ReadJSON(interface{}) error
+}
+
+// LogStream streams log entries of the /logstream API endpoint over
+// a websocket connection.
+type LogStream struct {
+	mu             sync.Mutex
+	stream         jsonReadCloser
+	controllerUUID string
+}
+
+// Open opens a websocket to the API's /logstream endpoint and returns
+// a stream of log records from that connection.
+func Open(conn base.StreamConnector, cfg params.LogStreamConfig, controllerUUID string) (*LogStream, error) {
+	wsStream, err := stream.Open(conn, "/logstream", &cfg)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	ls := &LogStream{
+		stream:         wsStream,
+		controllerUUID: controllerUUID,
+	}
+	return ls, nil
+}
+
+// Next returns the next batch of log records from the server. The records are
+// converted from the wire format into logfwd.Record. The first returned
+// record will be the one after the last successfully sent record. If no
+// records have been sent yet then it will be the oldest log record.
+//
+// An error indicates either the streaming connection is closed, the
+// connection failed, or the data read from the connection is corrupted.
+// In each of these cases the stream should be re-opened. It will start
+// at the record after the one marked as successfully sent. So the
+// the record at which Next() failed previously will be streamed again.
+//
+// That is only a problem when the same record is consistently streamed
+// as invalid data. This will happen only if the record was invalid
+// before being stored in the DB or if the DB on-disk storage for the
+// record becomes corrupted. Both scenarios are highly unlikely and
+// the respective systems are managed such that neither should happen.
+func (ls *LogStream) Next() ([]logfwd.Record, error) {
+	apiRecords, err := ls.next()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	records, err := recordsFromAPI(apiRecords, ls.controllerUUID)
+	if err != nil {
+		// This should only happen if the data got corrupted over the
+		// network. Any other cause should be addressed by fixing the
+		// code that resulted in the bad data that caused the error
+		// here. If that code is between the DB on-disk storage and
+		// the server-side stream then care should be taken to not
+		// block on a consistently invalid record or to throw away
+		// a record. The log stream needs to maintain a high level
+		// of reliable delivery.
+		return nil, errors.Trace(err)
+	}
+	return records, nil
+}
+
+func (ls *LogStream) next() (params.LogStreamRecords, error) {
+	ls.mu.Lock()
+	defer ls.mu.Unlock()
+
+	var result params.LogStreamRecords
+	if ls.stream == nil {
+		return result, errors.Errorf("cannot read from closed stream")
+	}
+
+	err := ls.stream.ReadJSON(&result)
+	if err != nil {
+		return result, errors.Trace(err)
+	}
+	return result, nil
+}
+
+// Close closes the stream.
+func (ls *LogStream) Close() error {
+	ls.mu.Lock()
+	defer ls.mu.Unlock()
+
+	if ls.stream == nil {
+		return nil
+	}
+	if err := ls.stream.Close(); err != nil {
+		return errors.Trace(err)
+	}
+	ls.stream = nil
+	return nil
+}
+
+// See the counterpart in apiserver/logstream.go.
+func recordsFromAPI(apiRecords params.LogStreamRecords, controllerUUID string) ([]logfwd.Record, error) {
+	result := make([]logfwd.Record, len(apiRecords.Records))
+	for i, apiRec := range apiRecords.Records {
+		rec, err := recordFromAPI(apiRec, controllerUUID)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		result[i] = rec
+	}
+	return result, nil
+}
+
+func recordFromAPI(apiRec params.LogStreamRecord, controllerUUID string) (logfwd.Record, error) {
+	rec := logfwd.Record{
+		ID:        apiRec.ID,
+		Timestamp: apiRec.Timestamp,
+		Message:   apiRec.Message,
+	}
+
+	origin, err := originFromAPI(apiRec, controllerUUID)
+	if err != nil {
+		return rec, errors.Trace(err)
+	}
+	rec.Origin = origin
+
+	loc, err := logfwd.ParseLocation(apiRec.Module, apiRec.Location)
+	if err != nil {
+		return rec, errors.Trace(err)
+	}
+	rec.Location = loc
+
+	level, ok := loggo.ParseLevel(apiRec.Level)
+	if !ok {
+		return rec, errors.Errorf("unrecognized log level %q", apiRec.Level)
+	}
+	rec.Level = level
+
+	if err := rec.Validate(); err != nil {
+		return rec, errors.Trace(err)
+	}
+
+	return rec, nil
+}
+
+func originFromAPI(apiRec params.LogStreamRecord, controllerUUID string) (logfwd.Origin, error) {
+	var origin logfwd.Origin
+
+	tag, err := names.ParseTag(apiRec.Entity)
+	if err != nil {
+		return origin, errors.Annotate(err, "invalid entity")
+	}
+
+	ver, err := version.Parse(apiRec.Version)
+	if err != nil {
+		return origin, errors.Annotatef(err, "invalid version %q", apiRec.Version)
+	}
+
+	switch tag := tag.(type) {
+	case names.MachineTag:
+		origin = logfwd.OriginForMachineAgent(tag, controllerUUID, apiRec.ModelUUID, ver)
+	case names.UnitTag:
+		origin = logfwd.OriginForUnitAgent(tag, controllerUUID, apiRec.ModelUUID, ver)
+	default:
+		origin, err = logfwd.OriginForJuju(tag, controllerUUID, apiRec.ModelUUID, ver)
+		if err != nil {
+			return origin, errors.Annotate(err, "could not extract origin")
+		}
+	}
+	return origin, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logstream/logstream_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logstream/logstream_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logstream/logstream_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logstream/logstream_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,237 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logstream_test
+
+import (
+	"net/url"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/api/base"
+	basetesting "github.com/juju/juju/api/base/testing"
+	"github.com/juju/juju/api/logstream"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/logfwd"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/version"
+)
+
+type LogReaderSuite struct {
+	coretesting.BaseSuite
+}
+
+var _ = gc.Suite(&LogReaderSuite{})
+
+func (s *LogReaderSuite) TestOpenFullConfig(c *gc.C) {
+	cUUID := "feebdaed-2f18-4fd2-967d-db9663db7bea"
+	stub := &testing.Stub{}
+	conn := &mockConnector{stub: stub}
+	stream := mockStream{stub: stub}
+	conn.ReturnConnectStream = stream
+	cfg := params.LogStreamConfig{
+		AllModels: true,
+		Sink:      "spam",
+	}
+
+	_, err := logstream.Open(conn, cfg, cUUID)
+	c.Assert(err, gc.IsNil)
+
+	stub.CheckCallNames(c, "ConnectStream")
+	stub.CheckCall(c, 0, "ConnectStream", `/logstream`, url.Values{
+		"all":  []string{"true"},
+		"sink": []string{"spam"},
+	})
+}
+
+func (s *LogReaderSuite) TestOpenError(c *gc.C) {
+	cUUID := "feebdaed-2f18-4fd2-967d-db9663db7bea"
+	stub := &testing.Stub{}
+	conn := &mockConnector{stub: stub}
+	failure := errors.New("foo")
+	stub.SetErrors(failure)
+	var cfg params.LogStreamConfig
+
+	_, err := logstream.Open(conn, cfg, cUUID)
+
+	c.Check(err, gc.ErrorMatches, "cannot connect to /logstream: foo")
+	stub.CheckCallNames(c, "ConnectStream")
+}
+
+func (s *LogReaderSuite) TestNextOneRecord(c *gc.C) {
+	ts := time.Now()
+	apiRec := params.LogStreamRecord{
+		ModelUUID: "deadbeef-2f18-4fd2-967d-db9663db7bea",
+		Entity:    "machine-99",
+		Version:   version.Current.String(),
+		Timestamp: ts,
+		Module:    "api.logstream.test",
+		Location:  "test.go:42",
+		Level:     loggo.INFO.String(),
+		Message:   "test message",
+	}
+	apiRecords := params.LogStreamRecords{
+		Records: []params.LogStreamRecord{apiRec},
+	}
+	cUUID := "feebdaed-2f18-4fd2-967d-db9663db7bea"
+	stub := &testing.Stub{}
+	conn := &mockConnector{stub: stub}
+	jsonReader := mockStream{stub: stub}
+	logsCh := make(chan params.LogStreamRecords, 1)
+	logsCh <- apiRecords
+	jsonReader.ReturnReadJSON = logsCh
+	conn.ReturnConnectStream = jsonReader
+	var cfg params.LogStreamConfig
+	stream, err := logstream.Open(conn, cfg, cUUID)
+	c.Assert(err, gc.IsNil)
+	stub.ResetCalls()
+
+	// Check the record we injected into the stream.
+	var records []logfwd.Record
+	done := make(chan struct{})
+	go func() {
+		records, err = stream.Next()
+		c.Assert(err, jc.ErrorIsNil)
+		close(done)
+	}()
+	select {
+	case <-done:
+	case <-time.After(coretesting.LongWait):
+		c.Errorf("timed out waiting for record")
+	}
+	c.Assert(records, gc.HasLen, 1)
+	c.Check(records[0], jc.DeepEquals, logfwd.Record{
+		Origin: logfwd.Origin{
+			ControllerUUID: cUUID,
+			ModelUUID:      "deadbeef-2f18-4fd2-967d-db9663db7bea",
+			Hostname:       "machine-99.deadbeef-2f18-4fd2-967d-db9663db7bea",
+			Type:           logfwd.OriginTypeMachine,
+			Name:           "99",
+			Software: logfwd.Software{
+				PrivateEnterpriseNumber: 28978,
+				Name:    "jujud-machine-agent",
+				Version: version.Current,
+			},
+		},
+		Timestamp: ts,
+		Level:     loggo.INFO,
+		Location: logfwd.SourceLocation{
+			Module:   "api.logstream.test",
+			Filename: "test.go",
+			Line:     42,
+		},
+		Message: "test message",
+	})
+	stub.CheckCallNames(c, "ReadJSON")
+
+	// Make sure we don't get extras.
+	done = make(chan struct{})
+	go func() {
+		records, err = stream.Next()
+		c.Assert(err, jc.ErrorIsNil)
+		close(done)
+	}()
+	select {
+	case <-done:
+		c.Errorf("got extra record: %#v", records)
+	case <-time.After(coretesting.ShortWait):
+	}
+}
+
+func (s *LogReaderSuite) TestNextError(c *gc.C) {
+	cUUID := "feebdaed-2f18-4fd2-967d-db9663db7bea"
+	stub := &testing.Stub{}
+	conn := &mockConnector{stub: stub}
+	jsonReader := mockStream{stub: stub}
+	conn.ReturnConnectStream = jsonReader
+	failure := errors.New("an error")
+	stub.SetErrors(nil, failure)
+	var cfg params.LogStreamConfig
+	stream, err := logstream.Open(conn, cfg, cUUID)
+	c.Assert(err, gc.IsNil)
+
+	var nextErr error
+	done := make(chan struct{})
+	go func() {
+		_, nextErr = stream.Next()
+		c.Check(errors.Cause(nextErr), gc.Equals, failure)
+		close(done)
+	}()
+	select {
+	case <-done:
+	case <-time.After(coretesting.LongWait):
+		c.Errorf("timed out waiting for record")
+	}
+	stub.CheckCallNames(c, "ConnectStream", "ReadJSON")
+}
+
+func (s *LogReaderSuite) TestClose(c *gc.C) {
+	cUUID := "feebdaed-2f18-4fd2-967d-db9663db7bea"
+	stub := &testing.Stub{}
+	conn := &mockConnector{stub: stub}
+	jsonReader := mockStream{stub: stub}
+	conn.ReturnConnectStream = jsonReader
+	var cfg params.LogStreamConfig
+	stream, err := logstream.Open(conn, cfg, cUUID)
+	c.Assert(err, gc.IsNil)
+	stub.ResetCalls()
+
+	err = stream.Close()
+	c.Assert(err, jc.ErrorIsNil)
+	err = stream.Close() // idempotent
+	c.Assert(err, jc.ErrorIsNil)
+
+	_, err = stream.Next()
+	c.Check(err, gc.ErrorMatches, `cannot read from closed stream`)
+	stub.CheckCallNames(c, "Close")
+}
+
+type mockConnector struct {
+	basetesting.APICallerFunc
+	stub *testing.Stub
+
+	ReturnConnectStream base.Stream
+}
+
+func (c *mockConnector) ConnectStream(path string, values url.Values) (base.Stream, error) {
+	c.stub.AddCall("ConnectStream", path, values)
+	if err := c.stub.NextErr(); err != nil {
+		return nil, errors.Trace(err)
+	}
+	return c.ReturnConnectStream, nil
+}
+
+type mockStream struct {
+	base.Stream
+	stub *testing.Stub
+
+	ReturnReadJSON chan params.LogStreamRecords
+}
+
+func (s mockStream) ReadJSON(v interface{}) error {
+	s.stub.AddCall("ReadJSON", v)
+	if err := s.stub.NextErr(); err != nil {
+		return errors.Trace(err)
+	}
+
+	switch vt := v.(type) {
+	case *params.LogStreamRecords:
+		*vt = <-s.ReturnReadJSON
+		return nil
+	default:
+		return errors.Errorf("unexpected output type: %T", v)
+	}
+}
+
+func (s mockStream) Close() error {
+	s.stub.AddCall("Close")
+	if err := s.stub.NextErr(); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/logstream/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/logstream/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/logstream/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/logstream/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logstream_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/machineactions/machineactions.go juju-core-2.0~beta12/src/github.com/juju/juju/api/machineactions/machineactions.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/machineactions/machineactions.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/machineactions/machineactions.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 	apiwatcher "github.com/juju/juju/api/watcher"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/watcher"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 type Client struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/machineactions/machineactions_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/machineactions/machineactions_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/machineactions/machineactions_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/machineactions/machineactions_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,11 +6,11 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/machineactions"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/machiner/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/api/machiner/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/machiner/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/machiner/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/common"
 	"github.com/juju/juju/apiserver/params"
@@ -46,7 +46,7 @@
 	var result params.ErrorResults
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: m.tag.String(), Status: status, Info: info, Data: data},
+			{Tag: m.tag.String(), Status: status.String(), Info: info, Data: data},
 		},
 	}
 	err := m.st.facade.FacadeCall("SetStatus", args, &result)
@@ -61,7 +61,7 @@
 	var result params.ErrorResults
 	args := params.SetMachinesAddresses{
 		MachineAddresses: []params.MachineAddresses{
-			{Tag: m.Tag().String(), Addresses: params.FromNetworkAddresses(addresses)},
+			{Tag: m.Tag().String(), Addresses: params.FromNetworkAddresses(addresses...)},
 		},
 	}
 	err := m.st.facade.FacadeCall("SetMachineAddresses", args, &result)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/machiner/machiner.go juju-core-2.0~beta12/src/github.com/juju/juju/api/machiner/machiner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/machiner/machiner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/machiner/machiner.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/machiner/machiner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/machiner/machiner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/machiner/machiner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/machiner/machiner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	stdtesting "testing"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/machiner"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/meterstatus/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/meterstatus/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/meterstatus/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/meterstatus/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/meterstatus/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/meterstatus/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/meterstatus/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/meterstatus/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/meterstatus"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/metricsadder/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/metricsadder/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/metricsadder/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/metricsadder/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,17 +6,17 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/metricsadder"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/state"
-	factory "github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/testing/factory"
 )
 
 type metricsAdderSuite struct {
@@ -115,11 +115,11 @@
 		Name: "metered",
 		URL:  "cs:quantal/metered",
 	})
-	meteredService := f.MakeService(c, &factory.ServiceParams{
+	meteredService := f.MakeApplication(c, &factory.ApplicationParams{
 		Charm: meteredCharm,
 	})
 	meteredUnit := f.MakeUnit(c, &factory.UnitParams{
-		Service:     meteredService,
+		Application: meteredService,
 		SetCharmURL: true,
 		Machine:     machine0,
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/metricsdebug/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/metricsdebug/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/metricsdebug/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/metricsdebug/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -196,8 +196,8 @@
 
 func (s *metricsdebugSuite) TestFeatureGetMetrics(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	metric := s.Factory.MakeMetric(c, &factory.MetricParams{Unit: unit})
 	metrics, err := s.manager.GetMetrics("unit-metered/0")
 	c.Assert(err, jc.ErrorIsNil)
@@ -207,11 +207,11 @@
 
 func (s *metricsdebugSuite) TestFeatureGetMultipleMetrics(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: meteredCharm,
 	})
-	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
-	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
+	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 
 	metricUnit0 := s.Factory.MakeMetric(c, &factory.MetricParams{
 		Unit: unit0,
@@ -233,11 +233,11 @@
 
 func (s *metricsdebugSuite) TestFeatureGetMultipleMetricsWithService(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: meteredCharm,
 	})
-	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
-	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
+	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 
 	metricUnit0 := s.Factory.MakeMetric(c, &factory.MetricParams{
 		Unit: unit0,
@@ -246,7 +246,7 @@
 		Unit: unit1,
 	})
 
-	metrics, err := s.manager.GetMetrics("service-metered")
+	metrics, err := s.manager.GetMetrics("application-metered")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(metrics, gc.HasLen, 2)
 	assertSameMetric(c, metrics[0], metricUnit0)
@@ -255,13 +255,13 @@
 
 func (s *metricsdebugSuite) TestSetMeterStatus(c *gc.C) {
 	testCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	testService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: testCharm})
-	testUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: testService, SetCharmURL: true})
-	testUnit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: testService, SetCharmURL: true})
+	testService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: testCharm})
+	testUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: testService, SetCharmURL: true})
+	testUnit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: testService, SetCharmURL: true})
 
 	csCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	csService := s.Factory.MakeService(c, &factory.ServiceParams{Name: "cs-service", Charm: csCharm})
-	csUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: csService, SetCharmURL: true})
+	csService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "cs-service", Charm: csCharm})
+	csUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: csService, SetCharmURL: true})
 
 	tests := []struct {
 		about  string
@@ -322,10 +322,10 @@
 		err:   "invalid meter status \"NOT AVAILABLE\"",
 	}, {
 		about: "not such service",
-		tag:   "service-missing",
+		tag:   "application-missing",
 		code:  "AMBER",
 		info:  "test",
-		err:   "service \"missing\" not found",
+		err:   "application \"missing\" not found",
 	},
 	}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/metricsmanager/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/metricsmanager/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/metricsmanager/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/metricsmanager/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationflag/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationflag/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationflag/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationflag/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationmaster/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationmaster/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationmaster/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationmaster/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationmaster/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationmaster/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationmaster/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationmaster/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/migrationmaster"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationtarget/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationtarget/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationtarget/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationtarget/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package migrationtarget
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationtarget/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationtarget/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/migrationtarget/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/migrationtarget/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/migrationtarget"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/access_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/access_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/access_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/access_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package modelmanager_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	basetesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/modelmanager"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/modelinfo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/modelinfo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/modelinfo_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/modelinfo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package modelmanager_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	basetesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/modelmanager"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/modelmanager.go juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/modelmanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/modelmanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/modelmanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
@@ -34,34 +34,21 @@
 	return c.ClientFacade.Close()
 }
 
-// ConfigSkeleton returns config values to be used as a starting point for the
-// API caller to construct a valid model specific config.  The provider
-// and region params are there for future use, and current behaviour expects
-// both of these to be empty.
-func (c *Client) ConfigSkeleton(provider, region string) (params.ModelConfig, error) {
-	var result params.ModelConfigResult
-	args := params.ModelSkeletonConfigArgs{
-		Provider: provider,
-		Region:   region,
-	}
-	err := c.facade.FacadeCall("ConfigSkeleton", args, &result)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return result.Config, nil
-}
-
-// CreateModel creates a new model using the account and
-// model config specified in the args.
-func (c *Client) CreateModel(owner string, account, config map[string]interface{}) (params.Model, error) {
-	var result params.Model
+// CreateModel creates a new model using the model config,
+// cloud region and credential specified in the args.
+func (c *Client) CreateModel(
+	name, owner, cloudRegion, cloudCredential string, config map[string]interface{},
+) (params.ModelInfo, error) {
+	var result params.ModelInfo
 	if !names.IsValidUser(owner) {
 		return result, errors.Errorf("invalid owner name %q", owner)
 	}
 	createArgs := params.ModelCreateArgs{
-		OwnerTag: names.NewUserTag(owner).String(),
-		Account:  account,
-		Config:   config,
+		Name:            name,
+		OwnerTag:        names.NewUserTag(owner).String(),
+		Config:          config,
+		CloudRegion:     cloudRegion,
+		CloudCredential: cloudCredential,
 	}
 	err := c.facade.FacadeCall("CreateModel", createArgs, &result)
 	if err != nil {
@@ -118,6 +105,14 @@
 	return results.Results, nil
 }
 
+// DestroyModel puts the model into a "dying" state,
+// and removes all non-manager machine instances. DestroyModel
+// will fail if there are any manually-provisioned non-manager machines
+// in state.
+func (c *Client) DestroyModel() error {
+	return c.facade.FacadeCall("DestroyModel", nil, nil)
+}
+
 // ParseModelAccess parses an access permission argument into
 // a type suitable for making an API facade call.
 func ParseModelAccess(access string) (params.ModelAccessPermission, error) {
@@ -133,6 +128,8 @@
 		accessPermission = params.ModelReadAccess
 	case permission.ModelWriteAccess:
 		accessPermission = params.ModelWriteAccess
+	case permission.ModelAdminAccess:
+		accessPermission = params.ModelAdminAccess
 	default:
 		return fail, errors.Errorf("unsupported model access permission %v", modelAccess)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/modelmanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/modelmanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/modelmanager/modelmanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/modelmanager/modelmanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,15 +4,13 @@
 package modelmanager_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/modelmanager"
-	"github.com/juju/juju/apiserver/params"
 	jujutesting "github.com/juju/juju/juju/testing"
-	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
 )
 
@@ -30,52 +28,26 @@
 	return modelmanager.NewClient(s.APIState)
 }
 
-func (s *modelmanagerSuite) TestConfigSkeleton(c *gc.C) {
-	modelManager := s.OpenAPI(c)
-	result, err := modelManager.ConfigSkeleton("", "")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// The apiPort changes every test run as the dummy provider
-	// looks for a random open port.
-	apiPort := s.Environ.Config().APIPort()
-
-	// Numbers coming over the api are floats, not ints.
-	c.Assert(result, jc.DeepEquals, params.ModelConfig{
-		"type":            "dummy",
-		"controller-uuid": coretesting.ModelTag.Id(),
-		"ca-cert":         coretesting.CACert,
-		"state-port":      float64(1234),
-		"api-port":        float64(apiPort),
-	})
-
-}
-
 func (s *modelmanagerSuite) TestCreateModelBadUser(c *gc.C) {
 	modelManager := s.OpenAPI(c)
-	_, err := modelManager.CreateModel("not a user", nil, nil)
+	_, err := modelManager.CreateModel("mymodel", "not a user", "", "", nil)
 	c.Assert(err, gc.ErrorMatches, `invalid owner name "not a user"`)
 }
 
-func (s *modelmanagerSuite) TestCreateModelMissingConfig(c *gc.C) {
-	modelManager := s.OpenAPI(c)
-	_, err := modelManager.CreateModel("owner", nil, nil)
-	c.Assert(err, gc.ErrorMatches, `failed to create config: creating config from values failed: name: expected string, got nothing`)
-}
-
 func (s *modelmanagerSuite) TestCreateModel(c *gc.C) {
 	modelManager := s.OpenAPI(c)
 	user := s.Factory.MakeUser(c, nil)
 	owner := user.UserTag().Canonical()
-	newEnv, err := modelManager.CreateModel(owner, nil, map[string]interface{}{
-		"name":            "new-model",
+	newModel, err := modelManager.CreateModel("new-model", owner, "", "", map[string]interface{}{
 		"authorized-keys": "ssh-key",
 		// dummy needs controller
 		"controller": false,
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(newEnv.Name, gc.Equals, "new-model")
-	c.Assert(newEnv.OwnerTag, gc.Equals, user.Tag().String())
-	c.Assert(utils.IsValidUUIDString(newEnv.UUID), jc.IsTrue)
+	c.Assert(newModel.Name, gc.Equals, "new-model")
+	c.Assert(newModel.OwnerTag, gc.Equals, user.Tag().String())
+	c.Assert(newModel.CloudRegion, gc.Equals, "")
+	c.Assert(utils.IsValidUUIDString(newModel.UUID), jc.IsTrue)
 }
 
 func (s *modelmanagerSuite) TestListModelsBadUser(c *gc.C) {
@@ -96,8 +68,23 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(models, gc.HasLen, 2)
 
-	envNames := []string{models[0].Name, models[1].Name}
-	c.Assert(envNames, jc.DeepEquals, []string{"first", "second"})
+	modelNames := []string{models[0].Name, models[1].Name}
+	c.Assert(modelNames, jc.DeepEquals, []string{"first", "second"})
 	ownerNames := []string{models[0].Owner, models[1].Owner}
 	c.Assert(ownerNames, jc.DeepEquals, []string{"user@remote", "user@remote"})
 }
+
+func (s *modelmanagerSuite) TestDestroyEnvironment(c *gc.C) {
+	modelManagerClient := s.OpenAPI(c)
+	var called bool
+	modelmanager.PatchFacadeCall(&s.CleanupSuite, modelManagerClient,
+		func(req string, args interface{}, resp interface{}) error {
+			c.Assert(req, gc.Equals, "DestroyModel")
+			called = true
+			return nil
+		})
+
+	err := modelManagerClient.DestroyModel()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(called, jc.IsTrue)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/provisioner/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/api/provisioner/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/provisioner/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/provisioner/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	apiwatcher "github.com/juju/juju/api/watcher"
 	"github.com/juju/juju/apiserver/params"
@@ -74,7 +74,7 @@
 func (m *Machine) SetInstanceStatus(status status.Status, message string, data map[string]interface{}) error {
 	var result params.ErrorResults
 	args := params.SetStatus{Entities: []params.EntityStatusArgs{
-		{Tag: m.tag.String(), Status: status, Info: message, Data: data},
+		{Tag: m.tag.String(), Status: status.String(), Info: message, Data: data},
 	}}
 	err := m.st.facade.FacadeCall("SetInstanceStatus", args, &result)
 	if err != nil {
@@ -100,7 +100,8 @@
 	if result.Error != nil {
 		return "", "", result.Error
 	}
-	return result.Status, result.Info, nil
+	// TODO(perrito666) add status validation.
+	return status.Status(result.Status), result.Info, nil
 }
 
 // SetStatus sets the status of the machine.
@@ -108,7 +109,7 @@
 	var result params.ErrorResults
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: m.tag.String(), Status: status, Info: info, Data: data},
+			{Tag: m.tag.String(), Status: status.String(), Info: info, Data: data},
 		},
 	}
 	err := m.st.facade.FacadeCall("SetStatus", args, &result)
@@ -135,7 +136,8 @@
 	if result.Error != nil {
 		return "", "", result.Error
 	}
-	return result.Status, result.Info, nil
+	// TODO(perrito666) add status validation.
+	return status.Status(result.Status), result.Info, nil
 }
 
 // EnsureDead sets the machine lifecycle to Dead if it is Alive or
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/provisioner/provisioner.go juju-core-2.0~beta12/src/github.com/juju/juju/api/provisioner/provisioner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/provisioner/provisioner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/provisioner/provisioner.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
@@ -21,6 +21,7 @@
 type State struct {
 	*common.ModelWatcher
 	*common.APIAddresser
+	*common.ControllerConfigAPI
 
 	facade base.FacadeCaller
 }
@@ -31,9 +32,10 @@
 func NewState(caller base.APICaller) *State {
 	facadeCaller := base.NewFacadeCaller(caller, provisionerFacade)
 	return &State{
-		ModelWatcher: common.NewModelWatcher(facadeCaller),
-		APIAddresser: common.NewAPIAddresser(facadeCaller),
-		facade:       facadeCaller}
+		ModelWatcher:        common.NewModelWatcher(facadeCaller),
+		APIAddresser:        common.NewAPIAddresser(facadeCaller),
+		ControllerConfigAPI: common.NewControllerConfig(facadeCaller),
+		facade:              facadeCaller}
 }
 
 // machineLife requests the lifecycle of the given machine from the server.
@@ -165,17 +167,14 @@
 	return result.OneError()
 }
 
-// PrepareContainerInterfaceInfo allocates an address and returns
-// information to configure networking for a container. It accepts
-// container tags as arguments. If the address allocation feature flag
-// is not enabled, it returns a NotSupported error.
+// PrepareContainerInterfaceInfo allocates an address and returns information to
+// configure networking for a container. It accepts container tags as arguments.
 func (st *State) PrepareContainerInterfaceInfo(containerTag names.MachineTag) ([]network.InterfaceInfo, error) {
 	return st.prepareOrGetContainerInterfaceInfo(containerTag, true)
 }
 
 // GetContainerInterfaceInfo returns information to configure networking
-// for a container. It accepts container tags as arguments. If the address
-// allocation feature flag is not enabled, it returns a NotSupported error.
+// for a container. It accepts container tags as arguments.
 func (st *State) GetContainerInterfaceInfo(containerTag names.MachineTag) ([]network.InterfaceInfo, error) {
 	return st.prepareOrGetContainerInterfaceInfo(containerTag, false)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/provisioner/provisioner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/provisioner/provisioner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/provisioner/provisioner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/provisioner/provisioner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,16 +9,16 @@
 package provisioner_test
 
 import (
-	"fmt"
+	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/provisioner"
@@ -27,15 +27,14 @@
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/container"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/mongo/mongotest"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/status"
 	"github.com/juju/juju/storage/poolmanager"
 	"github.com/juju/juju/storage/provider"
+	coretesting "github.com/juju/juju/testing"
 	coretools "github.com/juju/juju/tools"
 	jujuversion "github.com/juju/juju/version"
 	"github.com/juju/juju/watcher/watchertest"
@@ -56,10 +55,6 @@
 
 func (s *provisionerSuite) SetUpTest(c *gc.C) {
 	s.JujuConnSuite.SetUpTest(c)
-	// We're testing with address allocation on by default. There are
-	// separate tests to check the behavior when the flag is not
-	// enabled.
-	s.SetFeatureFlags(feature.AddressAllocation)
 
 	var err error
 	s.machine, err = s.State.AddMachine("quantal", state.JobManageModel)
@@ -83,26 +78,6 @@
 	s.APIAddresserTests = apitesting.NewAPIAddresserTests(s.provisioner, s.BackingState)
 }
 
-func (s *provisionerSuite) TestPrepareContainerInterfaceInfoNoFeatureFlag(c *gc.C) {
-	c.Skip("dimitern: test disabled as no longer relevant in the face of removing address-allocation feature flag")
-	s.SetFeatureFlags() // clear the flag
-	ifaceInfo, err := s.provisioner.PrepareContainerInterfaceInfo(names.NewMachineTag("42"))
-	// We'll still attempt to reserve an address, in case we're running on MAAS
-	// 1.8+ and have registered the container as a device.
-	c.Assert(err, gc.ErrorMatches, "machine 42 not found")
-	c.Assert(ifaceInfo, gc.HasLen, 0)
-}
-
-func (s *provisionerSuite) TestReleaseContainerAddressNoFeatureFlag(c *gc.C) {
-	s.SetFeatureFlags() // clear the flag
-	err := s.provisioner.ReleaseContainerAddresses(names.NewMachineTag("42"))
-	// We'll still attempt to release all addresses, in case we're running on
-	// MAAS 1.8+ and have registered the container as a device.
-	c.Assert(err, gc.ErrorMatches,
-		`cannot release static addresses for "42": machine 42 not found`,
-	)
-}
-
 func (s *provisionerSuite) TestMachineTagAndId(c *gc.C) {
 	apiMachine, err := s.provisioner.Machine(names.NewMachineTag("42"))
 	c.Assert(err, gc.ErrorMatches, "machine 42 not found")
@@ -175,7 +150,14 @@
 func (s *provisionerSuite) TestMachinesWithTransientErrors(c *gc.C) {
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	err = machine.SetStatus(status.StatusError, "blah", map[string]interface{}{"transient": true})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "blah",
+		Data:    map[string]interface{}{"transient": true},
+		Since:   &now,
+	}
+	err = machine.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	machines, info, err := s.provisioner.MachinesWithTransientErrors()
 	c.Assert(err, jc.ErrorIsNil)
@@ -404,15 +386,12 @@
 	_, err = s.State.AddSpace("space2", "", nil, false)
 	c.Assert(err, jc.ErrorIsNil)
 	// Add 2 subnets into each space.
-	// Only the first subnet of space2 has AllocatableIPLow|High set.
 	// Each subnet is in a matching zone (e.g "subnet-#" in "zone#").
 	testing.AddSubnetsWithTemplate(c, s.State, 4, state.SubnetInfo{
-		CIDR:              "10.{{.}}.0.0/16",
-		ProviderId:        "subnet-{{.}}",
-		AllocatableIPLow:  "{{if (eq . 2)}}10.{{.}}.0.5{{end}}",
-		AllocatableIPHigh: "{{if (eq . 2)}}10.{{.}}.254.254{{end}}",
-		AvailabilityZone:  "zone{{.}}",
-		SpaceName:         "{{if (lt . 2)}}space1{{else}}space2{{end}}",
+		CIDR:             "10.{{.}}.0.0/16",
+		ProviderId:       "subnet-{{.}}",
+		AvailabilityZone: "zone{{.}}",
+		SpaceName:        "{{if (lt . 2)}}space1{{else}}space2{{end}}",
 	})
 
 	cons := constraints.MustParse("cpu-cores=12 mem=8G spaces=^space1,space2")
@@ -456,15 +435,15 @@
 	apiMachine, err := s.provisioner.Machine(s.machine.Tag().(names.MachineTag))
 	c.Assert(err, jc.ErrorIsNil)
 
-	// Add one LXC container.
+	// Add one LXD container.
 	template := state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	container, err := s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
-	w, err := apiMachine.WatchContainers(instance.LXC)
+	w, err := apiMachine.WatchContainers(instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	wc := watchertest.NewStringsWatcherC(c, w, s.BackingState.StartSync)
 	defer wc.AssertStops()
@@ -483,8 +462,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 
-	// Add another LXC container and make sure it's detected.
-	container, err = s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXC)
+	// Add another LXD container and make sure it's detected.
+	container, err = s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertChange(container.Id())
 }
@@ -537,7 +516,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	_, err = s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXC)
+	_, err = s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 }
@@ -561,136 +540,41 @@
 	return result.ManagerConfig
 }
 
-func (s *provisionerSuite) TestContainerManagerConfigKNoIPForwarding(c *gc.C) {
-	// Break dummy provider's SupportsAddressAllocation method to
-	// ensure ConfigIPForwarding is not set below.
-	s.AssertConfigParameterUpdated(c, "broken", "SupportsAddressAllocation")
-
-	cfg := s.getManagerConfig(c, instance.KVM)
-	c.Assert(cfg, jc.DeepEquals, map[string]string{
-		container.ConfigName: "juju",
-	})
-}
-
 func (s *provisionerSuite) TestContainerManagerConfigKVM(c *gc.C) {
 	cfg := s.getManagerConfig(c, instance.KVM)
 	c.Assert(cfg, jc.DeepEquals, map[string]string{
-		container.ConfigName: "juju",
-
-		// dummy provider supports both networking and address
-		// allocation by default, so IP forwarding should be enabled.
-		container.ConfigIPForwarding: "true",
+		container.ConfigModelUUID: coretesting.ModelTag.Id(),
 	})
 }
 
-func (s *provisionerSuite) TestContainerManagerConfigLXC(c *gc.C) {
-	args := params.ContainerManagerConfigParams{Type: instance.LXC}
-	st, err := state.Open(s.State.ModelTag(), s.MongoInfo(c), mongotest.DialOpts(), state.Policy(nil))
-	c.Assert(err, jc.ErrorIsNil)
-	defer st.Close()
-
-	tests := []struct {
-		lxcUseClone          bool
-		lxcUseCloneAufs      bool
-		expectedUseClone     string
-		expectedUseCloneAufs string
-	}{{
-		lxcUseClone:          true,
-		expectedUseClone:     "true",
-		expectedUseCloneAufs: "false",
-	}, {
-		lxcUseClone:          false,
-		expectedUseClone:     "false",
-		expectedUseCloneAufs: "false",
-	}, {
-		lxcUseCloneAufs:      false,
-		expectedUseClone:     "false",
-		expectedUseCloneAufs: "false",
-	}, {
-		lxcUseClone:          true,
-		lxcUseCloneAufs:      true,
-		expectedUseClone:     "true",
-		expectedUseCloneAufs: "true",
-	}}
-
-	result, err := s.provisioner.ContainerManagerConfig(args)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.ManagerConfig[container.ConfigName], gc.Equals, "juju")
-	c.Assert(result.ManagerConfig["use-clone"], gc.Equals, "")
-
-	// Change lxc-clone, and ensure it gets picked up.
-	for i, t := range tests {
-		c.Logf("test %d: %+v", i, t)
-		err = st.UpdateModelConfig(map[string]interface{}{
-			"lxc-clone":      t.lxcUseClone,
-			"lxc-clone-aufs": t.lxcUseCloneAufs,
-		}, nil, nil)
-		c.Assert(err, jc.ErrorIsNil)
-		result, err := s.provisioner.ContainerManagerConfig(args)
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(result.ManagerConfig[container.ConfigName], gc.Equals, "juju")
-		c.Assert(result.ManagerConfig["use-clone"], gc.Equals, t.expectedUseClone)
-		c.Assert(result.ManagerConfig["use-aufs"], gc.Equals, t.expectedUseCloneAufs)
-	}
-}
-
 func (s *provisionerSuite) TestContainerManagerConfigPermissive(c *gc.C) {
 	// ContainerManagerConfig is permissive of container types, and
 	// will just return the basic type-independent configuration.
 	cfg := s.getManagerConfig(c, "invalid")
 	c.Assert(cfg, jc.DeepEquals, map[string]string{
-		container.ConfigName: "juju",
-
-		// dummy provider supports both networking and address
-		// allocation by default, so IP forwarding should be enabled.
-		container.ConfigIPForwarding: "true",
+		container.ConfigModelUUID: coretesting.ModelTag.Id(),
 	})
 }
 
-func (s *provisionerSuite) TestContainerManagerConfigLXCDefaultMTU(c *gc.C) {
-	var resultConfig = map[string]string{
-		"lxc-default-mtu": "9000",
-	}
-	var called bool
-	provisioner.PatchFacadeCall(s, s.provisioner, func(request string, args, response interface{}) error {
-		called = true
-		c.Assert(request, gc.Equals, "ContainerManagerConfig")
-		expected := params.ContainerManagerConfigParams{
-			Type: instance.LXC,
-		}
-		c.Assert(args, gc.Equals, expected)
-		result := response.(*params.ContainerManagerConfig)
-		result.ManagerConfig = resultConfig
-		return nil
-	})
-
-	args := params.ContainerManagerConfigParams{Type: instance.LXC}
-	result, err := s.provisioner.ContainerManagerConfig(args)
-	c.Assert(called, jc.IsTrue)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.ManagerConfig, jc.DeepEquals, resultConfig)
-}
-
 func (s *provisionerSuite) TestContainerConfig(c *gc.C) {
 	result, err := s.provisioner.ContainerConfig()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.ProviderType, gc.Equals, "dummy")
 	c.Assert(result.AuthorizedKeys, gc.Equals, s.Environ.Config().AuthorizedKeys())
 	c.Assert(result.SSLHostnameVerification, jc.IsTrue)
-	c.Assert(result.PreferIPv6, jc.IsFalse)
 }
 
 func (s *provisionerSuite) TestSetSupportedContainers(c *gc.C) {
 	apiMachine, err := s.provisioner.Machine(s.machine.Tag().(names.MachineTag))
 	c.Assert(err, jc.ErrorIsNil)
-	err = apiMachine.SetSupportedContainers(instance.LXC, instance.KVM)
+	err = apiMachine.SetSupportedContainers(instance.LXD, instance.KVM)
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = s.machine.Refresh()
 	c.Assert(err, jc.ErrorIsNil)
 	containers, ok := s.machine.SupportedContainers()
 	c.Assert(ok, jc.IsTrue)
-	c.Assert(containers, gc.DeepEquals, []instance.ContainerType{instance.LXC, instance.KVM})
+	c.Assert(containers, gc.DeepEquals, []instance.ContainerType{instance.LXD, instance.KVM})
 }
 
 func (s *provisionerSuite) TestSupportsNoContainers(c *gc.C) {
@@ -768,88 +652,3 @@
 		c.Assert(apiList, jc.SameContents, toolsList)
 	}
 }
-
-func (s *provisionerSuite) TestPrepareContainerInterfaceInfo(c *gc.C) {
-	c.Skip("dimitern: test disabled as it needs proper fixing in the face of removing address-allocation feature flag")
-	// This test exercises just the success path, all the other cases
-	// are already tested in the apiserver package.
-	template := state.MachineTemplate{
-		Series: "quantal",
-		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}
-	container, err := s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXC)
-	c.Assert(err, jc.ErrorIsNil)
-
-	ifaceInfo, err := s.provisioner.PrepareContainerInterfaceInfo(container.MachineTag())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ifaceInfo, gc.HasLen, 1)
-
-	expectInfo := []network.InterfaceInfo{{
-		DeviceIndex:      0,
-		CIDR:             "0.10.0.0/24",
-		ProviderId:       "dummy-eth0",
-		ProviderSubnetId: "dummy-private",
-		VLANTag:          0,
-		InterfaceName:    "eth0",
-		InterfaceType:    "ethernet",
-		Disabled:         false,
-		NoAutoStart:      false,
-		ConfigType:       network.ConfigStatic,
-		DNSServers:       network.NewAddresses("ns1.dummy", "ns2.dummy"),
-		GatewayAddress:   network.NewAddress("0.10.0.2"),
-		// Overwrite Address and MACAddress fields below with the actual ones,
-		// as they are chosen randomly.
-		Address:    network.Address{},
-		MACAddress: "",
-	}}
-	c.Assert(ifaceInfo[0].Address, gc.Not(gc.DeepEquals), network.Address{})
-	c.Assert(ifaceInfo[0].MACAddress, gc.Not(gc.DeepEquals), "")
-	expectInfo[0].Address = ifaceInfo[0].Address
-	expectInfo[0].MACAddress = ifaceInfo[0].MACAddress
-	c.Assert(ifaceInfo, jc.DeepEquals, expectInfo)
-}
-
-func (s *provisionerSuite) TestReleaseContainerAddresses(c *gc.C) {
-	// This test exercises just the success path, all the other cases
-	// are already tested in the apiserver package.
-	template := state.MachineTemplate{
-		Series: "quantal",
-		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}
-	container, err := s.State.AddMachineInsideMachine(template, s.machine.Id(), instance.LXC)
-
-	// allocate some addresses to release
-	subInfo := state.SubnetInfo{
-		ProviderId:        "dummy-private",
-		CIDR:              "0.10.0.0/24",
-		VLANTag:           0,
-		AllocatableIPLow:  "0.10.0.0",
-		AllocatableIPHigh: "0.10.0.10",
-	}
-	sub, err := s.State.AddSubnet(subInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	for i := 0; i < 3; i++ {
-		addr := network.NewAddress(fmt.Sprintf("0.10.0.%d", i))
-		ipaddr, err := s.State.AddIPAddress(addr, sub.ID())
-		c.Check(err, jc.ErrorIsNil)
-		err = ipaddr.AllocateTo(container.Id(), "nic42", "aa:bb:cc:dd:ee:f0")
-		c.Check(err, jc.ErrorIsNil)
-	}
-	c.Assert(err, jc.ErrorIsNil)
-	password, err := utils.RandomPassword()
-	c.Assert(err, jc.ErrorIsNil)
-	err = container.SetPassword(password)
-	c.Assert(err, jc.ErrorIsNil)
-	err = container.SetProvisioned("foo", "fake_nonce", nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.provisioner.ReleaseContainerAddresses(container.MachineTag())
-	c.Assert(err, jc.ErrorIsNil)
-
-	addresses, err := s.State.AllocatedIPAddresses(container.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addresses, gc.HasLen, 3)
-	for _, addr := range addresses {
-		c.Assert(addr.Life(), gc.Equals, state.Dead)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/proxyupdater/proxyupdater.go juju-core-2.0~beta12/src/github.com/juju/juju/api/proxyupdater/proxyupdater.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/proxyupdater/proxyupdater.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/proxyupdater/proxyupdater.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,8 +11,8 @@
 	apiwatcher "github.com/juju/juju/api/watcher"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/watcher"
-	"github.com/juju/names"
 	"github.com/juju/utils/proxy"
+	"gopkg.in/juju/names.v2"
 )
 
 const proxyUpdaterFacade = "ProxyUpdater"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/proxyupdater/proxyupdater_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/proxyupdater/proxyupdater_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/proxyupdater/proxyupdater_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/proxyupdater/proxyupdater_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,7 @@
 	"github.com/juju/juju/apiserver/params"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/watcher"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 type ProxyUpdaterSuite struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/reboot/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/reboot/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/reboot/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/reboot/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/reboot/reboot.go juju-core-2.0~beta12/src/github.com/juju/juju/api/reboot/reboot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/reboot/reboot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/reboot/reboot.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/retrystrategy/retrystrategy.go juju-core-2.0~beta12/src/github.com/juju/juju/api/retrystrategy/retrystrategy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/retrystrategy/retrystrategy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/retrystrategy/retrystrategy.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/retrystrategy/retrystrategy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/retrystrategy/retrystrategy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/retrystrategy/retrystrategy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/retrystrategy/retrystrategy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/retrystrategy"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/service/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/service/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/service/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/service/client.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,273 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// Package service provides access to the service api facade.
-// This facade contains api calls that are specific to services.
-// As a rule of thumb, if the argument for an api requries a service name
-// and affects only that service then the call belongs here.
-package service
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/api"
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/charmstore"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/storage"
-)
-
-var logger = loggo.GetLogger("juju.api.service")
-
-// Client allows access to the service API end point.
-type Client struct {
-	base.ClientFacade
-	st     api.Connection
-	facade base.FacadeCaller
-}
-
-// NewClient creates a new client for accessing the service api.
-func NewClient(st api.Connection) *Client {
-	frontend, backend := base.NewClientFacade(st, "Service")
-	return &Client{ClientFacade: frontend, st: st, facade: backend}
-}
-
-// SetMetricCredentials sets the metric credentials for the service specified.
-func (c *Client) SetMetricCredentials(service string, credentials []byte) error {
-	creds := []params.ServiceMetricCredential{
-		{service, credentials},
-	}
-	p := params.ServiceMetricCredentials{creds}
-	results := new(params.ErrorResults)
-	err := c.facade.FacadeCall("SetMetricCredentials", p, results)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	return errors.Trace(results.OneError())
-}
-
-// ModelUUID returns the model UUID from the client connection.
-func (c *Client) ModelUUID() string {
-	tag, err := c.st.ModelTag()
-	if err != nil {
-		logger.Warningf("model tag not an model: %v", err)
-		return ""
-	}
-	return tag.Id()
-}
-
-// DeployArgs holds the arguments to be sent to Client.ServiceDeploy.
-type DeployArgs struct {
-	// CharmID identifies the charm to deploy.
-	CharmID charmstore.CharmID
-	// ServiceName is the name to give the service.
-	ServiceName string
-	// Series to be used for the machine.
-	Series string
-	// NumUnits is the number of units to deploy.
-	NumUnits int
-	// ConfigYAML is a string that overrides the default config.yml.
-	ConfigYAML string
-	// Cons contains constraints on where units of this service may be
-	// placed.
-	Cons constraints.Value
-	// Placement directives on where the machines for the unit must be
-	// created.
-	Placement []*instance.Placement
-	// Storage contains Constraints specifying how storage should be
-	// handled.
-	Storage map[string]storage.Constraints
-	// EndpointBindings
-	EndpointBindings map[string]string
-	// Collection of resource names for the service, with the value being the
-	// unique ID of a pre-uploaded resources in storage.
-	Resources map[string]string
-}
-
-// Deploy obtains the charm, either locally or from the charm store, and deploys
-// it. Placement directives, if provided, specify the machine on which the charm
-// is deployed.
-func (c *Client) Deploy(args DeployArgs) error {
-	deployArgs := params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			ServiceName:      args.ServiceName,
-			Series:           args.Series,
-			CharmUrl:         args.CharmID.URL.String(),
-			Channel:          string(args.CharmID.Channel),
-			NumUnits:         args.NumUnits,
-			ConfigYAML:       args.ConfigYAML,
-			Constraints:      args.Cons,
-			Placement:        args.Placement,
-			Storage:          args.Storage,
-			EndpointBindings: args.EndpointBindings,
-			Resources:        args.Resources,
-		}},
-	}
-	var results params.ErrorResults
-	var err error
-	err = c.facade.FacadeCall("Deploy", deployArgs, &results)
-	if err != nil {
-		return err
-	}
-	return results.OneError()
-}
-
-// GetCharmURL returns the charm URL the given service is
-// running at present.
-func (c *Client) GetCharmURL(serviceName string) (*charm.URL, error) {
-	result := new(params.StringResult)
-	args := params.ServiceGet{ServiceName: serviceName}
-	err := c.facade.FacadeCall("GetCharmURL", args, result)
-	if err != nil {
-		return nil, err
-	}
-	if result.Error != nil {
-		return nil, result.Error
-	}
-	return charm.ParseURL(result.Result)
-}
-
-// SetCharmConfig holds the configuration for setting a new revision of a charm
-// on a service.
-type SetCharmConfig struct {
-	// ServiceName is the name of the service to set the charm on.
-	ServiceName string
-	// CharmID identifies the charm.
-	CharmID charmstore.CharmID
-	// ForceSeries forces the use of the charm even if it doesn't match the
-	// series of the unit.
-	ForceSeries bool
-	// ForceUnits forces the upgrade on units in an error state.
-	ForceUnits bool
-	// ResourceIDs is a map of resource names to resource IDs to activate during
-	// the upgrade.
-	ResourceIDs map[string]string
-}
-
-// SetCharm sets the charm for a given service.
-func (c *Client) SetCharm(cfg SetCharmConfig) error {
-	args := params.ServiceSetCharm{
-		ServiceName: cfg.ServiceName,
-		CharmUrl:    cfg.CharmID.URL.String(),
-		Channel:     string(cfg.CharmID.Channel),
-		ForceSeries: cfg.ForceSeries,
-		ForceUnits:  cfg.ForceUnits,
-		ResourceIDs: cfg.ResourceIDs,
-	}
-	return c.facade.FacadeCall("SetCharm", args, nil)
-}
-
-// Update updates the service attributes, including charm URL,
-// minimum number of units, settings and constraints.
-func (c *Client) Update(args params.ServiceUpdate) error {
-	return c.facade.FacadeCall("Update", args, nil)
-}
-
-// AddUnits adds a given number of units to a service using the specified
-// placement directives to assign units to machines.
-func (c *Client) AddUnits(service string, numUnits int, placement []*instance.Placement) ([]string, error) {
-	args := params.AddServiceUnits{
-		ServiceName: service,
-		NumUnits:    numUnits,
-		Placement:   placement,
-	}
-	results := new(params.AddServiceUnitsResults)
-	err := c.facade.FacadeCall("AddUnits", args, results)
-	return results.Units, err
-}
-
-// DestroyUnits decreases the number of units dedicated to a service.
-func (c *Client) DestroyUnits(unitNames ...string) error {
-	params := params.DestroyServiceUnits{unitNames}
-	return c.facade.FacadeCall("DestroyUnits", params, nil)
-}
-
-// Destroy destroys a given service.
-func (c *Client) Destroy(service string) error {
-	params := params.ServiceDestroy{
-		ServiceName: service,
-	}
-	return c.facade.FacadeCall("Destroy", params, nil)
-}
-
-// GetConstraints returns the constraints for the given service.
-func (c *Client) GetConstraints(service string) (constraints.Value, error) {
-	results := new(params.GetConstraintsResults)
-	err := c.facade.FacadeCall("GetConstraints", params.GetServiceConstraints{service}, results)
-	return results.Constraints, err
-}
-
-// SetConstraints specifies the constraints for the given service.
-func (c *Client) SetConstraints(service string, constraints constraints.Value) error {
-	params := params.SetConstraints{
-		ServiceName: service,
-		Constraints: constraints,
-	}
-	return c.facade.FacadeCall("SetConstraints", params, nil)
-}
-
-// Expose changes the juju-managed firewall to expose any ports that
-// were also explicitly marked by units as open.
-func (c *Client) Expose(service string) error {
-	params := params.ServiceExpose{ServiceName: service}
-	return c.facade.FacadeCall("Expose", params, nil)
-}
-
-// Unexpose changes the juju-managed firewall to unexpose any ports that
-// were also explicitly marked by units as open.
-func (c *Client) Unexpose(service string) error {
-	params := params.ServiceUnexpose{ServiceName: service}
-	return c.facade.FacadeCall("Unexpose", params, nil)
-}
-
-// Get returns the configuration for the named service.
-func (c *Client) Get(service string) (*params.ServiceGetResults, error) {
-	var results params.ServiceGetResults
-	params := params.ServiceGet{ServiceName: service}
-	err := c.facade.FacadeCall("Get", params, &results)
-	return &results, err
-}
-
-// Set sets configuration options on a service.
-func (c *Client) Set(service string, options map[string]string) error {
-	p := params.ServiceSet{
-		ServiceName: service,
-		Options:     options,
-	}
-	return c.facade.FacadeCall("Set", p, nil)
-}
-
-// Unset resets configuration options on a service.
-func (c *Client) Unset(service string, options []string) error {
-	p := params.ServiceUnset{
-		ServiceName: service,
-		Options:     options,
-	}
-	return c.facade.FacadeCall("Unset", p, nil)
-}
-
-// CharmRelations returns the service's charms relation names.
-func (c *Client) CharmRelations(service string) ([]string, error) {
-	var results params.ServiceCharmRelationsResults
-	params := params.ServiceCharmRelations{ServiceName: service}
-	err := c.facade.FacadeCall("CharmRelations", params, &results)
-	return results.CharmRelations, err
-}
-
-// AddRelation adds a relation between the specified endpoints and returns the relation info.
-func (c *Client) AddRelation(endpoints ...string) (*params.AddRelationResults, error) {
-	var addRelRes params.AddRelationResults
-	params := params.AddRelation{Endpoints: endpoints}
-	err := c.facade.FacadeCall("AddRelation", params, &addRelRes)
-	return &addRelRes, err
-}
-
-// DestroyRelation removes the relation between the specified endpoints.
-func (c *Client) DestroyRelation(endpoints ...string) error {
-	params := params.DestroyRelation{Endpoints: endpoints}
-	return c.facade.FacadeCall("DestroyRelation", params, nil)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/service/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/service/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/service/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/service/client_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,165 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/api/service"
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/charmstore"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/instance"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/storage"
-)
-
-type serviceSuite struct {
-	jujutesting.JujuConnSuite
-
-	client *service.Client
-}
-
-var _ = gc.Suite(&serviceSuite{})
-
-func (s *serviceSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-	s.client = service.NewClient(s.APIState)
-	c.Assert(s.client, gc.NotNil)
-}
-
-func (s *serviceSuite) TestSetServiceMetricCredentials(c *gc.C) {
-	var called bool
-	service.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
-		called = true
-		c.Assert(request, gc.Equals, "SetMetricCredentials")
-		args, ok := a.(params.ServiceMetricCredentials)
-		c.Assert(ok, jc.IsTrue)
-		c.Assert(args.Creds, gc.HasLen, 1)
-		c.Assert(args.Creds[0].ServiceName, gc.Equals, "serviceA")
-		c.Assert(args.Creds[0].MetricCredentials, gc.DeepEquals, []byte("creds 1"))
-
-		result := response.(*params.ErrorResults)
-		result.Results = make([]params.ErrorResult, 1)
-		return nil
-	})
-	err := s.client.SetMetricCredentials("serviceA", []byte("creds 1"))
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(called, jc.IsTrue)
-}
-
-func (s *serviceSuite) TestSetServiceMetricCredentialsFails(c *gc.C) {
-	var called bool
-	service.PatchFacadeCall(s, s.client, func(request string, args, response interface{}) error {
-		called = true
-		c.Assert(request, gc.Equals, "SetMetricCredentials")
-		result := response.(*params.ErrorResults)
-		result.Results = make([]params.ErrorResult, 1)
-		result.Results[0].Error = common.ServerError(common.ErrPerm)
-		return result.OneError()
-	})
-	err := s.client.SetMetricCredentials("service", []byte("creds"))
-	c.Assert(err, gc.ErrorMatches, "permission denied")
-	c.Assert(called, jc.IsTrue)
-}
-
-func (s *serviceSuite) TestSetServiceMetricCredentialsNoMocks(c *gc.C) {
-	service := s.Factory.MakeService(c, nil)
-	err := s.client.SetMetricCredentials(service.Name(), []byte("creds"))
-	c.Assert(err, jc.ErrorIsNil)
-	err = service.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(service.MetricCredentials(), gc.DeepEquals, []byte("creds"))
-}
-
-func (s *serviceSuite) TestSetServiceDeploy(c *gc.C) {
-	var called bool
-	service.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
-		called = true
-		c.Assert(request, gc.Equals, "Deploy")
-		args, ok := a.(params.ServicesDeploy)
-		c.Assert(ok, jc.IsTrue)
-		c.Assert(args.Services, gc.HasLen, 1)
-		c.Assert(args.Services[0].CharmUrl, gc.Equals, "cs:trusty/a-charm-1")
-		c.Assert(args.Services[0].ServiceName, gc.Equals, "serviceA")
-		c.Assert(args.Services[0].Series, gc.Equals, "series")
-		c.Assert(args.Services[0].NumUnits, gc.Equals, 2)
-		c.Assert(args.Services[0].ConfigYAML, gc.Equals, "configYAML")
-		c.Assert(args.Services[0].Constraints, gc.DeepEquals, constraints.MustParse("mem=4G"))
-		c.Assert(args.Services[0].Placement, gc.DeepEquals, []*instance.Placement{{"scope", "directive"}})
-		c.Assert(args.Services[0].EndpointBindings, gc.DeepEquals, map[string]string{"foo": "bar"})
-		c.Assert(args.Services[0].Storage, gc.DeepEquals, map[string]storage.Constraints{"data": storage.Constraints{Pool: "pool"}})
-		c.Assert(args.Services[0].Resources, gc.DeepEquals, map[string]string{"foo": "bar"})
-
-		result := response.(*params.ErrorResults)
-		result.Results = make([]params.ErrorResult, 1)
-		return nil
-	})
-
-	args := service.DeployArgs{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("trusty/a-charm-1"),
-		},
-		ServiceName:      "serviceA",
-		Series:           "series",
-		NumUnits:         2,
-		ConfigYAML:       "configYAML",
-		Cons:             constraints.MustParse("mem=4G"),
-		Placement:        []*instance.Placement{{"scope", "directive"}},
-		Storage:          map[string]storage.Constraints{"data": storage.Constraints{Pool: "pool"}},
-		Resources:        map[string]string{"foo": "bar"},
-		EndpointBindings: map[string]string{"foo": "bar"},
-	}
-	err := s.client.Deploy(args)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(called, jc.IsTrue)
-}
-
-func (s *serviceSuite) TestServiceGetCharmURL(c *gc.C) {
-	var called bool
-	service.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
-		called = true
-		c.Assert(request, gc.Equals, "GetCharmURL")
-		args, ok := a.(params.ServiceGet)
-		c.Assert(ok, jc.IsTrue)
-		c.Assert(args.ServiceName, gc.Equals, "service")
-
-		result := response.(*params.StringResult)
-		result.Result = "curl"
-		return nil
-	})
-	curl, err := s.client.GetCharmURL("service")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(curl, gc.DeepEquals, charm.MustParseURL("curl"))
-	c.Assert(called, jc.IsTrue)
-}
-
-func (s *serviceSuite) TestServiceSetCharm(c *gc.C) {
-	var called bool
-	service.PatchFacadeCall(s, s.client, func(request string, a, response interface{}) error {
-		called = true
-		c.Assert(request, gc.Equals, "SetCharm")
-		args, ok := a.(params.ServiceSetCharm)
-		c.Assert(ok, jc.IsTrue)
-		c.Assert(args.ServiceName, gc.Equals, "service")
-		c.Assert(args.CharmUrl, gc.Equals, "cs:trusty/service-1")
-		c.Assert(args.ForceSeries, gc.Equals, true)
-		c.Assert(args.ForceUnits, gc.Equals, true)
-		return nil
-	})
-	cfg := service.SetCharmConfig{
-		ServiceName: "service",
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("trusty/service-1"),
-		},
-		ForceSeries: true,
-		ForceUnits:  true,
-	}
-	err := s.client.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(called, jc.IsTrue)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/service/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/service/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/service/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/service/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,15 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/juju/api/base/testing"
-)
-
-// PatchFacadeCall patches the State's facade such that
-// FacadeCall method calls are diverted to the provided
-// function.
-func PatchFacadeCall(p testing.Patcher, client *Client, f func(request string, params, response interface{}) error) {
-	testing.PatchFacadeCall(p, &client.facade, f)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/service/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/service/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/service/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/service/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	stdtesting "testing"
-
-	"github.com/juju/juju/testing"
-)
-
-func TestAll(t *stdtesting.T) {
-	testing.MgoTestPackage(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/servicescaler/api.go juju-core-2.0~beta12/src/github.com/juju/juju/api/servicescaler/api.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/servicescaler/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/servicescaler/api.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"github.com/juju/names"
-
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/watcher"
-)
-
-var logger = loggo.GetLogger("juju.api.servicescaler")
-
-// NewWatcherFunc exists to let us test Watch properly.
-type NewWatcherFunc func(base.APICaller, params.StringsWatchResult) watcher.StringsWatcher
-
-// API makes calls to the ServiceScaler facade.
-type API struct {
-	caller     base.FacadeCaller
-	newWatcher NewWatcherFunc
-}
-
-// NewAPI returns a new API using the supplied caller.
-func NewAPI(caller base.APICaller, newWatcher NewWatcherFunc) *API {
-	return &API{
-		caller:     base.NewFacadeCaller(caller, "ServiceScaler"),
-		newWatcher: newWatcher,
-	}
-}
-
-// Watch returns a StringsWatcher that delivers the names of services
-// that may need to be rescaled.
-func (api *API) Watch() (watcher.StringsWatcher, error) {
-	var result params.StringsWatchResult
-	err := api.caller.FacadeCall("Watch", nil, &result)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if result.Error != nil {
-		return nil, errors.Trace(result.Error)
-	}
-	w := api.newWatcher(api.caller.RawAPICaller(), result)
-	return w, nil
-}
-
-// Rescale requests that all supplied service names be rescaled to
-// their minimum configured sizes. It returns the first error it
-// encounters.
-func (api *API) Rescale(services []string) error {
-	args := params.Entities{
-		Entities: make([]params.Entity, len(services)),
-	}
-	for i, service := range services {
-		if !names.IsValidService(service) {
-			return errors.NotValidf("service name %q", service)
-		}
-		tag := names.NewServiceTag(service)
-		args.Entities[i].Tag = tag.String()
-	}
-	var results params.ErrorResults
-	err := api.caller.FacadeCall("Rescale", args, &results)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	for _, result := range results.Results {
-		if result.Error != nil {
-			if err == nil {
-				err = result.Error
-			} else {
-				logger.Errorf("additional rescale error: %v", err)
-			}
-		}
-	}
-	return errors.Trace(err)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/servicescaler/api_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/servicescaler/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/servicescaler/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/servicescaler/api_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,172 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/api/base"
-	apitesting "github.com/juju/juju/api/base/testing"
-	"github.com/juju/juju/api/servicescaler"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/watcher"
-)
-
-type APISuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&APISuite{})
-
-func (s *APISuite) TestRescaleMethodName(c *gc.C) {
-	var called bool
-	caller := apiCaller(c, func(request string, _, _ interface{}) error {
-		called = true
-		c.Check(request, gc.Equals, "Rescale")
-		return nil
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	api.Rescale(nil)
-	c.Check(called, jc.IsTrue)
-}
-
-func (s *APISuite) TestRescaleBadArgs(c *gc.C) {
-	caller := apiCaller(c, func(_ string, _, _ interface{}) error {
-		panic("should not be called")
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	err := api.Rescale([]string{"good-name", "bad/name"})
-	c.Check(err, gc.ErrorMatches, `service name "bad/name" not valid`)
-	c.Check(err, jc.Satisfies, errors.IsNotValid)
-}
-
-func (s *APISuite) TestRescaleConvertArgs(c *gc.C) {
-	var called bool
-	caller := apiCaller(c, func(_ string, arg, _ interface{}) error {
-		called = true
-		c.Check(arg, gc.DeepEquals, params.Entities{
-			Entities: []params.Entity{{
-				"service-foo",
-			}, {
-				"service-bar-baz",
-			}},
-		})
-		return nil
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	api.Rescale([]string{"foo", "bar-baz"})
-	c.Check(called, jc.IsTrue)
-}
-
-func (s *APISuite) TestRescaleCallError(c *gc.C) {
-	caller := apiCaller(c, func(_ string, _, _ interface{}) error {
-		return errors.New("snorble flip")
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	err := api.Rescale(nil)
-	c.Check(err, gc.ErrorMatches, "snorble flip")
-}
-
-func (s *APISuite) TestRescaleFirstError(c *gc.C) {
-	caller := apiCaller(c, func(_ string, _, result interface{}) error {
-		resultPtr, ok := result.(*params.ErrorResults)
-		c.Assert(ok, jc.IsTrue)
-		*resultPtr = params.ErrorResults{Results: []params.ErrorResult{{
-			nil,
-		}, {
-			&params.Error{Message: "expect this error"},
-		}, {
-			&params.Error{Message: "not this one"},
-		}, {
-			nil,
-		}}}
-		return nil
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	err := api.Rescale(nil)
-	c.Check(err, gc.ErrorMatches, "expect this error")
-}
-
-func (s *APISuite) TestRescaleNoError(c *gc.C) {
-	caller := apiCaller(c, func(_ string, _, _ interface{}) error {
-		return nil
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	err := api.Rescale(nil)
-	c.Check(err, jc.ErrorIsNil)
-}
-
-func (s *APISuite) TestWatchMethodName(c *gc.C) {
-	var called bool
-	caller := apiCaller(c, func(request string, _, _ interface{}) error {
-		called = true
-		c.Check(request, gc.Equals, "Watch")
-		return errors.New("irrelevant")
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	api.Watch()
-	c.Check(called, jc.IsTrue)
-}
-
-func (s *APISuite) TestWatchError(c *gc.C) {
-	var called bool
-	caller := apiCaller(c, func(request string, _, _ interface{}) error {
-		called = true
-		c.Check(request, gc.Equals, "Watch")
-		return errors.New("blam pow")
-	})
-	api := servicescaler.NewAPI(caller, nil)
-
-	watcher, err := api.Watch()
-	c.Check(watcher, gc.IsNil)
-	c.Check(err, gc.ErrorMatches, "blam pow")
-	c.Check(called, jc.IsTrue)
-}
-
-func (s *APISuite) TestWatchSuccess(c *gc.C) {
-	expectResult := params.StringsWatchResult{
-		StringsWatcherId: "123",
-		Changes:          []string{"ping", "pong", "pung"},
-	}
-	caller := apiCaller(c, func(_ string, _, result interface{}) error {
-		resultPtr, ok := result.(*params.StringsWatchResult)
-		c.Assert(ok, jc.IsTrue)
-		*resultPtr = expectResult
-		return nil
-	})
-	expectWatcher := &stubWatcher{}
-	newWatcher := func(gotCaller base.APICaller, gotResult params.StringsWatchResult) watcher.StringsWatcher {
-		c.Check(gotCaller, gc.NotNil) // uncomparable
-		c.Check(gotResult, jc.DeepEquals, expectResult)
-		return expectWatcher
-	}
-	api := servicescaler.NewAPI(caller, newWatcher)
-
-	watcher, err := api.Watch()
-	c.Check(watcher, gc.Equals, expectWatcher)
-	c.Check(err, jc.ErrorIsNil)
-}
-
-func apiCaller(c *gc.C, check func(request string, arg, result interface{}) error) base.APICaller {
-	return apitesting.APICallerFunc(func(facade string, version int, id, request string, arg, result interface{}) error {
-		c.Check(facade, gc.Equals, "ServiceScaler")
-		c.Check(version, gc.Equals, 0)
-		c.Check(id, gc.Equals, "")
-		return check(request, arg, result)
-	})
-}
-
-type stubWatcher struct {
-	watcher.StringsWatcher
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/servicescaler/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/servicescaler/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/servicescaler/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/servicescaler/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/singular/api.go juju-core-2.0~beta12/src/github.com/juju/juju/api/singular/api.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/singular/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/singular/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/singular/api_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/singular/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/singular/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/singular/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	basetesting "github.com/juju/juju/api/base/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/spaces/spaces.go juju-core-2.0~beta12/src/github.com/juju/juju/api/spaces/spaces.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/spaces/spaces.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/spaces/spaces.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/spaces/spaces_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/spaces/spaces_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/spaces/spaces_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/spaces/spaces_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"fmt"
 	"math/rand"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apitesting "github.com/juju/juju/api/base/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/sshclient/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/api/sshclient/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/sshclient/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/sshclient/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,18 +5,23 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
 )
 
 // NewFacade returns a new Facade based on an existing API connection.
-func NewFacade(caller base.APICaller) *Facade {
-	return &Facade{base.NewFacadeCaller(caller, "SSHClient")}
+func NewFacade(callCloser base.APICallCloser) *Facade {
+	clientFacade, caller := base.NewClientFacade(callCloser, "SSHClient")
+	return &Facade{
+		ClientFacade: clientFacade,
+		caller:       caller,
+	}
 }
 
 type Facade struct {
+	base.ClientFacade
 	caller base.FacadeCaller
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/sshclient/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/sshclient/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/sshclient/facade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/sshclient/facade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/sshclient"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/state.go juju-core-2.0~beta12/src/github.com/juju/juju/api/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,12 +8,11 @@
 	"strconv"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 	"gopkg.in/macaroon.v1"
 
-	"github.com/juju/juju/api/addresser"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/charmrevisionupdater"
 	"github.com/juju/juju/api/cleaner"
@@ -66,6 +65,20 @@
 	}
 	err := st.APICall("Admin", vers, "", "Login", request, &result)
 	if err != nil {
+		var resp params.RedirectInfoResult
+		if params.IsRedirect(err) {
+			// We've been asked to redirect. Find out the redirection info.
+			// If the rpc packet allowed us to return arbitrary information in
+			// an error, we'd probably put this information in the Login response,
+			// but we can't do that currently.
+			if err := st.APICall("Admin", 3, "", "RedirectInfo", nil, &resp); err != nil {
+				return errors.Annotatef(err, "cannot get redirect addresses")
+			}
+			return &RedirectError{
+				Servers: params.NetworkHostsPorts(resp.Servers),
+				CACert:  resp.CACert,
+			}
+		}
 		return errors.Trace(err)
 	}
 	if result.DischargeRequired != nil {
@@ -98,16 +111,23 @@
 		}
 	}
 
+	var readOnly bool
 	if result.UserInfo != nil {
-		// This was a macaroon based user authentication.
 		tag, err = names.ParseTag(result.UserInfo.Identity)
 		if err != nil {
 			return errors.Trace(err)
 		}
+		readOnly = result.UserInfo.ReadOnly
 	}
 	servers := params.NetworkHostsPorts(result.Servers)
-	err = st.setLoginResult(tag, result.ModelTag, result.ControllerTag, servers, result.Facades)
-	if err != nil {
+	if err = st.setLoginResult(loginResultParams{
+		tag:           tag,
+		modelTag:      result.ModelTag,
+		controllerTag: result.ControllerTag,
+		servers:       servers,
+		facades:       result.Facades,
+		readOnly:      readOnly,
+	}); err != nil {
 		return errors.Trace(err)
 	}
 	st.serverVersion, err = version.Parse(result.ServerVersion)
@@ -117,12 +137,22 @@
 	return nil
 }
 
-func (st *state) setLoginResult(tag names.Tag, modelTag, controllerTag string, servers [][]network.HostPort, facades []params.FacadeVersions) error {
-	st.authTag = tag
-	st.modelTag = modelTag
-	st.controllerTag = controllerTag
+type loginResultParams struct {
+	tag           names.Tag
+	modelTag      string
+	controllerTag string
+	readOnly      bool
+	servers       [][]network.HostPort
+	facades       []params.FacadeVersions
+}
+
+func (st *state) setLoginResult(p loginResultParams) error {
+	st.authTag = p.tag
+	st.modelTag = p.modelTag
+	st.controllerTag = p.controllerTag
+	st.readOnly = p.readOnly
 
-	hostPorts, err := addAddress(servers, st.addr)
+	hostPorts, err := addAddress(p.servers, st.addr)
 	if err != nil {
 		if clerr := st.Close(); clerr != nil {
 			err = errors.Annotatef(err, "error closing state: %v", clerr)
@@ -131,8 +161,8 @@
 	}
 	st.hostPorts = hostPorts
 
-	st.facadeVersions = make(map[string][]int, len(facades))
-	for _, facade := range facades {
+	st.facadeVersions = make(map[string][]int, len(p.facades))
+	for _, facade := range p.facades {
 		st.facadeVersions[facade.Name] = facade.Versions
 	}
 
@@ -145,6 +175,12 @@
 	return st.authTag
 }
 
+// ReadOnly returns whether the authorized user is connected to the model in
+// read-only mode.
+func (st *state) ReadOnly() bool {
+	return st.readOnly
+}
+
 // slideAddressToFront moves the address at the location (serverIndex, addrIndex) to be
 // the first address of the first server.
 func slideAddressToFront(servers [][]network.HostPort, serverIndex, addrIndex int) {
@@ -237,11 +273,6 @@
 	}
 }
 
-// Addresser returns access to the Addresser API.
-func (st *state) Addresser() *addresser.API {
-	return addresser.NewAPI(st)
-}
-
 // DiscoverSpaces returns access to the DiscoverSpacesAPI.
 func (st *state) DiscoverSpaces() *discoverspaces.API {
 	return discoverspaces.NewAPI(st)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/state_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/state_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/state_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/state_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/api"
@@ -110,6 +110,20 @@
 	c.Assert(apistate.AuthTag(), gc.Equals, tag)
 }
 
+func (s *stateSuite) TestLoginReadOnly(c *gc.C) {
+	// The default user has read and write access.
+	c.Assert(s.APIState.ReadOnly(), jc.IsFalse)
+
+	// Check with an user in read-only mode.
+	modeltag, err := s.APIState.ModelTag()
+	c.Assert(err, jc.ErrorIsNil)
+	manager := usermanager.NewClient(s.APIState)
+	usertag, _, err := manager.AddUser("ro", "ro", "ro-password", "read", modeltag.Id())
+	c.Assert(err, jc.ErrorIsNil)
+	conn := s.OpenAPIAs(c, usertag, "ro-password")
+	c.Assert(conn.ReadOnly(), jc.IsTrue)
+}
+
 func (s *stateSuite) TestLoginMacaroonInvalidId(c *gc.C) {
 	apistate, tag, _ := s.OpenAPIWithoutLogin(c)
 	defer apistate.Close()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/statushistory/pruner.go juju-core-2.0~beta12/src/github.com/juju/juju/api/statushistory/pruner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/statushistory/pruner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/statushistory/pruner.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package statushistory
 
 import (
+	"time"
+
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
 )
@@ -22,9 +24,10 @@
 }
 
 // Prune calls "StatusHistory.Prune"
-func (s *Facade) Prune(maxLogsPerEntity int) error {
+func (s *Facade) Prune(maxHistoryTime time.Duration, maxHistoryMB int) error {
 	p := params.StatusHistoryPruneArgs{
-		MaxLogsPerEntity: maxLogsPerEntity,
+		MaxHistoryTime: maxHistoryTime,
+		MaxHistoryMB:   maxHistoryMB,
 	}
 	return s.facade.FacadeCall("Prune", p, nil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/storage/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/storage/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/storage/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/storage/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/storage/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/storage/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/storage/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/storage/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	basetesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/storage"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/storageprovisioner/provisioner.go juju-core-2.0~beta12/src/github.com/juju/juju/api/storageprovisioner/provisioner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/storageprovisioner/provisioner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/storageprovisioner/provisioner.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/storageprovisioner/provisioner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/storageprovisioner/provisioner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/storageprovisioner/provisioner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/storageprovisioner/provisioner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/storageprovisioner"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/subnets/subnets.go juju-core-2.0~beta12/src/github.com/juju/juju/api/subnets/subnets.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/subnets/subnets.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/subnets/subnets.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/subnets/subnets_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/subnets/subnets_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/subnets/subnets_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/subnets/subnets_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apitesting "github.com/juju/juju/api/base/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/testing/macaroonsuite.go juju-core-2.0~beta12/src/github.com/juju/juju/api/testing/macaroonsuite.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/testing/macaroonsuite.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/testing/macaroonsuite.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,14 +9,14 @@
 	"net/url"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
 	"gopkg.in/macaroon-bakery.v1/bakerytest"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 
 	"github.com/juju/juju/api"
-	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/controller"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
 )
@@ -52,8 +52,8 @@
 		}
 		return []checkers.Caveat{checkers.DeclaredCaveat("username", username)}, nil
 	})
-	s.JujuConnSuite.ConfigAttrs = map[string]interface{}{
-		config.IdentityURL: s.discharger.Location(),
+	s.JujuConnSuite.ControllerConfigAttrs = map[string]interface{}{
+		controller.IdentityURL: s.discharger.Location(),
 	}
 	s.JujuConnSuite.SetUpTest(c)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/undertaker/undertaker.go juju-core-2.0~beta12/src/github.com/juju/juju/api/undertaker/undertaker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/undertaker/undertaker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/undertaker/undertaker.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
@@ -58,7 +58,7 @@
 func (c *Client) SetStatus(status status.Status, message string, data map[string]interface{}) error {
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{c.modelTag.String(), status, message, data},
+			{c.modelTag.String(), status.String(), message, data},
 		},
 	}
 	var results params.ErrorResults
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/unitassigner/unitassigner.go juju-core-2.0~beta12/src/github.com/juju/juju/api/unitassigner/unitassigner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/unitassigner/unitassigner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/unitassigner/unitassigner.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/unitassigner/unitassigner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/unitassigner/unitassigner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/unitassigner/unitassigner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/unitassigner/unitassigner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"sync"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/action_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/action_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/action_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/action_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package uniter_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/application.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/application.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/application.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/application.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,192 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package uniter
+
+import (
+	"fmt"
+
+	"github.com/juju/errors"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api/common"
+	apiwatcher "github.com/juju/juju/api/watcher"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/status"
+	"github.com/juju/juju/watcher"
+)
+
+// This module implements a subset of the interface provided by
+// state.Application, as needed by the uniter API.
+
+// Application represents the state of an application.
+type Application struct {
+	st   *State
+	tag  names.ApplicationTag
+	life params.Life
+}
+
+// Tag returns the application's tag.
+func (s *Application) Tag() names.ApplicationTag {
+	return s.tag
+}
+
+// Name returns the application name.
+func (s *Application) Name() string {
+	return s.tag.Id()
+}
+
+// String returns the application as a string.
+func (s *Application) String() string {
+	return s.Name()
+}
+
+// Watch returns a watcher for observing changes to an application.
+func (s *Application) Watch() (watcher.NotifyWatcher, error) {
+	return common.Watch(s.st.facade, s.tag)
+}
+
+// WatchRelations returns a StringsWatcher that notifies of changes to
+// the lifecycles of relations involving s.
+func (s *Application) WatchRelations() (watcher.StringsWatcher, error) {
+	var results params.StringsWatchResults
+	args := params.Entities{
+		Entities: []params.Entity{{Tag: s.tag.String()}},
+	}
+	err := s.st.facade.FacadeCall("WatchApplicationRelations", args, &results)
+	if err != nil {
+		return nil, err
+	}
+	if len(results.Results) != 1 {
+		return nil, fmt.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	result := results.Results[0]
+	if result.Error != nil {
+		return nil, result.Error
+	}
+	w := apiwatcher.NewStringsWatcher(s.st.facade.RawAPICaller(), result)
+	return w, nil
+}
+
+// Life returns the application's current life state.
+func (s *Application) Life() params.Life {
+	return s.life
+}
+
+// Refresh refreshes the contents of the Service from the underlying
+// state.
+func (s *Application) Refresh() error {
+	life, err := s.st.life(s.tag)
+	if err != nil {
+		return err
+	}
+	s.life = life
+	return nil
+}
+
+// CharmModifiedVersion increments every time the charm, or any part of it, is
+// changed in some way.
+func (s *Application) CharmModifiedVersion() (int, error) {
+	var results params.IntResults
+	args := params.Entities{
+		Entities: []params.Entity{{Tag: s.tag.String()}},
+	}
+	err := s.st.facade.FacadeCall("CharmModifiedVersion", args, &results)
+	if err != nil {
+		return -1, err
+	}
+
+	if len(results.Results) != 1 {
+		return -1, fmt.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	result := results.Results[0]
+	if result.Error != nil {
+		return -1, result.Error
+	}
+
+	return result.Result, nil
+}
+
+// CharmURL returns the service's charm URL, and whether units should
+// upgrade to the charm with that URL even if they are in an error
+// state (force flag).
+//
+// NOTE: This differs from state.Service.CharmURL() by returning
+// an error instead as well, because it needs to make an API call.
+func (s *Application) CharmURL() (*charm.URL, bool, error) {
+	var results params.StringBoolResults
+	args := params.Entities{
+		Entities: []params.Entity{{Tag: s.tag.String()}},
+	}
+	err := s.st.facade.FacadeCall("CharmURL", args, &results)
+	if err != nil {
+		return nil, false, err
+	}
+	if len(results.Results) != 1 {
+		return nil, false, fmt.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	result := results.Results[0]
+	if result.Error != nil {
+		return nil, false, result.Error
+	}
+	if result.Result != "" {
+		curl, err := charm.ParseURL(result.Result)
+		if err != nil {
+			return nil, false, err
+		}
+		return curl, result.Ok, nil
+	}
+	return nil, false, fmt.Errorf("%q has no charm url set", s.tag)
+}
+
+// SetStatus sets the status of the service if the passed unitName,
+// corresponding to the calling unit, is of the leader.
+func (s *Application) SetStatus(unitName string, serviceStatus status.Status, info string, data map[string]interface{}) error {
+	tag := names.NewUnitTag(unitName)
+	var result params.ErrorResults
+	args := params.SetStatus{
+		Entities: []params.EntityStatusArgs{
+			{
+				Tag:    tag.String(),
+				Status: serviceStatus.String(),
+				Info:   info,
+				Data:   data,
+			},
+		},
+	}
+	err := s.st.facade.FacadeCall("SetApplicationStatus", args, &result)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return result.OneError()
+}
+
+// Status returns the status of the service if the passed unitName,
+// corresponding to the calling unit, is of the leader.
+func (s *Application) Status(unitName string) (params.ApplicationStatusResult, error) {
+	tag := names.NewUnitTag(unitName)
+	var results params.ApplicationStatusResults
+	args := params.Entities{
+		Entities: []params.Entity{
+			{
+				Tag: tag.String(),
+			},
+		},
+	}
+	err := s.st.facade.FacadeCall("ApplicationStatus", args, &results)
+	if err != nil {
+		return params.ApplicationStatusResult{}, errors.Trace(err)
+	}
+	result := results.Results[0]
+	if result.Error != nil {
+		return params.ApplicationStatusResult{}, result.Error
+	}
+	return result, nil
+}
+
+// WatchLeadershipSettings returns a watcher which can be used to wait
+// for leadership settings changes to be made for the application.
+func (s *Application) WatchLeadershipSettings() (watcher.NotifyWatcher, error) {
+	return s.st.LeadershipSettings.WatchLeadershipSettings(s.tag.Id())
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/application_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/application_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/application_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/application_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,181 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package uniter_test
+
+import (
+	"time"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api/uniter"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/status"
+	"github.com/juju/juju/watcher/watchertest"
+)
+
+type serviceSuite struct {
+	uniterSuite
+
+	apiService *uniter.Application
+}
+
+var _ = gc.Suite(&serviceSuite{})
+
+func (s *serviceSuite) SetUpTest(c *gc.C) {
+	s.uniterSuite.SetUpTest(c)
+
+	var err error
+	s.apiService, err = s.uniter.Application(s.wordpressService.Tag().(names.ApplicationTag))
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) TestNameTagAndString(c *gc.C) {
+	c.Assert(s.apiService.Name(), gc.Equals, s.wordpressService.Name())
+	c.Assert(s.apiService.String(), gc.Equals, s.wordpressService.String())
+	c.Assert(s.apiService.Tag(), gc.Equals, s.wordpressService.Tag().(names.ApplicationTag))
+}
+
+func (s *serviceSuite) TestWatch(c *gc.C) {
+	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
+
+	w, err := s.apiService.Watch()
+	c.Assert(err, jc.ErrorIsNil)
+	wc := watchertest.NewNotifyWatcherC(c, w, s.BackingState.StartSync)
+	defer wc.AssertStops()
+
+	// Initial event.
+	wc.AssertOneChange()
+
+	// Change something and check it's detected.
+	err = s.wordpressService.SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertOneChange()
+
+	// Destroy the service and check it's detected.
+	err = s.wordpressService.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertOneChange()
+}
+
+func (s *serviceSuite) TestWatchRelations(c *gc.C) {
+	w, err := s.apiService.WatchRelations()
+	c.Assert(err, jc.ErrorIsNil)
+	wc := watchertest.NewStringsWatcherC(c, w, s.BackingState.StartSync)
+	defer wc.AssertStops()
+
+	// Initial event.
+	wc.AssertChange()
+	wc.AssertNoChange()
+
+	// Change something other than the lifecycle and make sure it's
+	// not detected.
+	err = s.wordpressService.SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertNoChange()
+
+	// Add another service and relate it to wordpress,
+	// check it's detected.
+	s.addMachineServiceCharmAndUnit(c, "mysql")
+	rel := s.addRelation(c, "wordpress", "mysql")
+	wc.AssertChange(rel.String())
+
+	// Destroy the relation and check it's detected.
+	err = rel.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(rel.String())
+	wc.AssertNoChange()
+}
+
+func (s *serviceSuite) TestRefresh(c *gc.C) {
+	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
+
+	err := s.wordpressService.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
+
+	err = s.apiService.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.apiService.Life(), gc.Equals, params.Dying)
+}
+
+func (s *serviceSuite) TestCharmURL(c *gc.C) {
+	// Get the charm URL through state calls.
+	curl, force := s.wordpressService.CharmURL()
+	c.Assert(curl, gc.DeepEquals, s.wordpressCharm.URL())
+	c.Assert(force, jc.IsFalse)
+
+	// Now check the same through the API.
+	curl, force, err := s.apiService.CharmURL()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(curl, gc.DeepEquals, s.wordpressCharm.URL())
+	c.Assert(force, jc.IsFalse)
+}
+
+func (s *serviceSuite) TestCharmModifiedVersion(c *gc.C) {
+	// Get the charm URL through state calls.
+	ver, err := s.apiService.CharmModifiedVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ver, gc.Equals, s.wordpressService.CharmModifiedVersion())
+}
+
+func (s *serviceSuite) TestSetServiceStatus(c *gc.C) {
+	message := "a test message"
+	stat, err := s.wordpressService.Status()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(stat.Status, gc.Not(gc.Equals), status.StatusActive)
+	c.Assert(stat.Message, gc.Not(gc.Equals), message)
+
+	err = s.apiService.SetStatus(s.wordpressUnit.Name(), status.StatusActive, message, map[string]interface{}{})
+	c.Check(err, gc.ErrorMatches, `"wordpress/0" is not leader of "wordpress"`)
+
+	s.claimLeadership(c, s.wordpressUnit, s.wordpressService)
+
+	err = s.apiService.SetStatus(s.wordpressUnit.Name(), status.StatusActive, message, map[string]interface{}{})
+	c.Check(err, jc.ErrorIsNil)
+
+	stat, err = s.wordpressService.Status()
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(stat.Status, gc.Equals, status.StatusActive)
+	c.Check(stat.Message, gc.Equals, message)
+}
+
+func (s *serviceSuite) TestServiceStatus(c *gc.C) {
+	message := "a test message"
+	stat, err := s.wordpressService.Status()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(stat.Status, gc.Not(gc.Equals), status.StatusActive)
+	c.Assert(stat.Message, gc.Not(gc.Equals), message)
+
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: message,
+		Data:    map[string]interface{}{},
+		Since:   &now,
+	}
+	err = s.wordpressService.SetStatus(sInfo)
+	c.Check(err, jc.ErrorIsNil)
+
+	stat, err = s.wordpressService.Status()
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(stat.Status, gc.Equals, status.StatusActive)
+	c.Check(stat.Message, gc.Equals, message)
+
+	result, err := s.apiService.Status(s.wordpressUnit.Name())
+	c.Check(err, gc.ErrorMatches, `"wordpress/0" is not leader of "wordpress"`)
+
+	s.claimLeadership(c, s.wordpressUnit, s.wordpressService)
+	result, err = s.apiService.Status(s.wordpressUnit.Name())
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(result.Application.Status, gc.Equals, status.StatusActive.String())
+}
+
+func (s *serviceSuite) claimLeadership(c *gc.C, unit *state.Unit, service *state.Application) {
+	claimer := s.State.LeadershipClaimer()
+	err := claimer.ClaimLeadership(service.Name(), unit.Name(), time.Minute)
+	c.Assert(err, jc.ErrorIsNil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/leadership.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/leadership.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/leadership.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/leadership.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/watcher"
@@ -85,7 +85,7 @@
 	var results params.NotifyWatchResults
 	if err := lsa.facadeCaller(
 		"WatchLeadershipSettings",
-		params.Entities{[]params.Entity{{names.NewServiceTag(serviceId).String()}}},
+		params.Entities{[]params.Entity{{names.NewApplicationTag(serviceId).String()}}},
 		&results,
 	); err != nil {
 		return nil, errors.Annotate(err, "failed to call leadership api")
@@ -105,13 +105,13 @@
 
 func (lsa *LeadershipSettingsAccessor) prepareMerge(serviceId string, settings map[string]string) params.MergeLeadershipSettingsParam {
 	return params.MergeLeadershipSettingsParam{
-		ServiceTag: names.NewServiceTag(serviceId).String(),
-		Settings:   settings,
+		ApplicationTag: names.NewApplicationTag(serviceId).String(),
+		Settings:       settings,
 	}
 }
 
 func (lsa *LeadershipSettingsAccessor) prepareRead(serviceId string) params.Entity {
-	return params.Entity{Tag: names.NewServiceTag(serviceId).String()}
+	return params.Entity{Tag: names.NewApplicationTag(serviceId).String()}
 }
 
 //
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/leadership_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/leadership_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/leadership_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/leadership_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -86,7 +86,7 @@
 		Args: []interface{}{
 			"Read",
 			params.Entities{Entities: []params.Entity{{
-				Tag: "service-foobar",
+				Tag: "application-foobar",
 			}}},
 		},
 	}}
@@ -168,7 +168,7 @@
 			"Merge",
 			params.MergeLeadershipSettingsBulkParams{
 				Params: []params.MergeLeadershipSettingsParam{{
-					ServiceTag: "service-foobar",
+					ApplicationTag: "application-foobar",
 					Settings: map[string]string{
 						"foo": "bar",
 						"baz": "qux",
@@ -257,7 +257,7 @@
 		Args: []interface{}{
 			"WatchLeadershipSettings",
 			params.Entities{Entities: []params.Entity{{
-				Tag: "service-foobar",
+				Tag: "application-foobar",
 			}}},
 		},
 	}}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relation.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relation.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,11 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state/multiwatcher"
 )
 
 // This module implements a subset of the interface provided by
@@ -62,7 +64,18 @@
 	return nil
 }
 
-// Endpoint returns the endpoint of the relation for the service the
+func (r *Relation) toCharmRelation(cr multiwatcher.CharmRelation) charm.Relation {
+	return charm.Relation{
+		Name:      cr.Name,
+		Role:      charm.RelationRole(cr.Role),
+		Interface: cr.Interface,
+		Optional:  cr.Optional,
+		Limit:     cr.Limit,
+		Scope:     charm.RelationScope(cr.Scope),
+	}
+}
+
+// Endpoint returns the endpoint of the relation for the application the
 // uniter's managed unit belongs to.
 func (r *Relation) Endpoint() (*Endpoint, error) {
 	// NOTE: This differs from state.Relation.Endpoint(), because when
@@ -72,7 +85,7 @@
 	if err != nil {
 		return nil, err
 	}
-	return &Endpoint{result.Endpoint.Relation}, nil
+	return &Endpoint{r.toCharmRelation(result.Endpoint.Relation)}, nil
 }
 
 // Unit returns a RelationUnit for the supplied unit.
@@ -87,7 +100,7 @@
 	return &RelationUnit{
 		relation: r,
 		unit:     u,
-		endpoint: Endpoint{result.Endpoint.Relation},
+		endpoint: Endpoint{r.toCharmRelation(result.Endpoint.Relation)},
 		st:       r.st,
 	}, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package uniter_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relationunit.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relationunit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relationunit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relationunit.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relationunit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relationunit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/relationunit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/relationunit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package uniter_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
@@ -21,7 +21,7 @@
 // into relationSuite to avoid running the former's tests twice.
 type commonRelationSuiteMixin struct {
 	mysqlMachine *state.Machine
-	mysqlService *state.Service
+	mysqlService *state.Application
 	mysqlCharm   *state.Charm
 	mysqlUnit    *state.Unit
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/service.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/service.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,217 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package uniter
-
-import (
-	"fmt"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/api/common"
-	apiwatcher "github.com/juju/juju/api/watcher"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/status"
-	"github.com/juju/juju/watcher"
-)
-
-// This module implements a subset of the interface provided by
-// state.Service, as needed by the uniter API.
-
-// Service represents the state of a service.
-type Service struct {
-	st   *State
-	tag  names.ServiceTag
-	life params.Life
-}
-
-// Tag returns the service's tag.
-func (s *Service) Tag() names.ServiceTag {
-	return s.tag
-}
-
-// Name returns the service name.
-func (s *Service) Name() string {
-	return s.tag.Id()
-}
-
-// String returns the service as a string.
-func (s *Service) String() string {
-	return s.Name()
-}
-
-// Watch returns a watcher for observing changes to a service.
-func (s *Service) Watch() (watcher.NotifyWatcher, error) {
-	return common.Watch(s.st.facade, s.tag)
-}
-
-// WatchRelations returns a StringsWatcher that notifies of changes to
-// the lifecycles of relations involving s.
-func (s *Service) WatchRelations() (watcher.StringsWatcher, error) {
-	var results params.StringsWatchResults
-	args := params.Entities{
-		Entities: []params.Entity{{Tag: s.tag.String()}},
-	}
-	err := s.st.facade.FacadeCall("WatchServiceRelations", args, &results)
-	if err != nil {
-		return nil, err
-	}
-	if len(results.Results) != 1 {
-		return nil, fmt.Errorf("expected 1 result, got %d", len(results.Results))
-	}
-	result := results.Results[0]
-	if result.Error != nil {
-		return nil, result.Error
-	}
-	w := apiwatcher.NewStringsWatcher(s.st.facade.RawAPICaller(), result)
-	return w, nil
-}
-
-// Life returns the service's current life state.
-func (s *Service) Life() params.Life {
-	return s.life
-}
-
-// Refresh refreshes the contents of the Service from the underlying
-// state.
-func (s *Service) Refresh() error {
-	life, err := s.st.life(s.tag)
-	if err != nil {
-		return err
-	}
-	s.life = life
-	return nil
-}
-
-// CharmModifiedVersion increments every time the charm, or any part of it, is
-// changed in some way.
-func (s *Service) CharmModifiedVersion() (int, error) {
-	var results params.IntResults
-	args := params.Entities{
-		Entities: []params.Entity{{Tag: s.tag.String()}},
-	}
-	err := s.st.facade.FacadeCall("CharmModifiedVersion", args, &results)
-	if err != nil {
-		return -1, err
-	}
-
-	if len(results.Results) != 1 {
-		return -1, fmt.Errorf("expected 1 result, got %d", len(results.Results))
-	}
-	result := results.Results[0]
-	if result.Error != nil {
-		return -1, result.Error
-	}
-
-	return result.Result, nil
-}
-
-// CharmURL returns the service's charm URL, and whether units should
-// upgrade to the charm with that URL even if they are in an error
-// state (force flag).
-//
-// NOTE: This differs from state.Service.CharmURL() by returning
-// an error instead as well, because it needs to make an API call.
-func (s *Service) CharmURL() (*charm.URL, bool, error) {
-	var results params.StringBoolResults
-	args := params.Entities{
-		Entities: []params.Entity{{Tag: s.tag.String()}},
-	}
-	err := s.st.facade.FacadeCall("CharmURL", args, &results)
-	if err != nil {
-		return nil, false, err
-	}
-	if len(results.Results) != 1 {
-		return nil, false, fmt.Errorf("expected 1 result, got %d", len(results.Results))
-	}
-	result := results.Results[0]
-	if result.Error != nil {
-		return nil, false, result.Error
-	}
-	if result.Result != "" {
-		curl, err := charm.ParseURL(result.Result)
-		if err != nil {
-			return nil, false, err
-		}
-		return curl, result.Ok, nil
-	}
-	return nil, false, fmt.Errorf("%q has no charm url set", s.tag)
-}
-
-// OwnerTag returns the service's owner user tag.
-func (s *Service) OwnerTag() (names.UserTag, error) {
-	return s.serviceOwnerTag()
-}
-
-func (s *Service) serviceOwnerTag() (names.UserTag, error) {
-	var invalidTag names.UserTag
-	var results params.StringResults
-	args := params.Entities{
-		Entities: []params.Entity{{Tag: s.tag.String()}},
-	}
-	err := s.st.facade.FacadeCall("ServiceOwner", args, &results)
-	if err != nil {
-		return invalidTag, err
-	}
-	if len(results.Results) != 1 {
-		return invalidTag, fmt.Errorf("expected 1 result, got %d", len(results.Results))
-	}
-	result := results.Results[0]
-	if result.Error != nil {
-		return invalidTag, result.Error
-	}
-	return names.ParseUserTag(result.Result)
-}
-
-// SetStatus sets the status of the service if the passed unitName,
-// corresponding to the calling unit, is of the leader.
-func (s *Service) SetStatus(unitName string, serviceStatus status.Status, info string, data map[string]interface{}) error {
-	tag := names.NewUnitTag(unitName)
-	var result params.ErrorResults
-	args := params.SetStatus{
-		Entities: []params.EntityStatusArgs{
-			{
-				Tag:    tag.String(),
-				Status: serviceStatus,
-				Info:   info,
-				Data:   data,
-			},
-		},
-	}
-	err := s.st.facade.FacadeCall("SetServiceStatus", args, &result)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	return result.OneError()
-}
-
-// Status returns the status of the service if the passed unitName,
-// corresponding to the calling unit, is of the leader.
-func (s *Service) Status(unitName string) (params.ServiceStatusResult, error) {
-	tag := names.NewUnitTag(unitName)
-	var results params.ServiceStatusResults
-	args := params.Entities{
-		Entities: []params.Entity{
-			{
-				Tag: tag.String(),
-			},
-		},
-	}
-	err := s.st.facade.FacadeCall("ServiceStatus", args, &results)
-	if err != nil {
-		return params.ServiceStatusResult{}, errors.Trace(err)
-	}
-	result := results.Results[0]
-	if result.Error != nil {
-		return params.ServiceStatusResult{}, result.Error
-	}
-	return result, nil
-}
-
-// WatchLeadershipSettings returns a watcher which can be used to wait
-// for leadership settings changes to be made for the service.
-func (s *Service) WatchLeadershipSettings() (watcher.NotifyWatcher, error) {
-	return s.st.LeadershipSettings.WatchLeadershipSettings(s.tag.Id())
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/service_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,180 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package uniter_test
-
-import (
-	"time"
-
-	"github.com/juju/names"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/api/uniter"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/status"
-	"github.com/juju/juju/watcher/watchertest"
-)
-
-type serviceSuite struct {
-	uniterSuite
-
-	apiService *uniter.Service
-}
-
-var _ = gc.Suite(&serviceSuite{})
-
-func (s *serviceSuite) SetUpTest(c *gc.C) {
-	s.uniterSuite.SetUpTest(c)
-
-	var err error
-	s.apiService, err = s.uniter.Service(s.wordpressService.Tag().(names.ServiceTag))
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) TestNameTagAndString(c *gc.C) {
-	c.Assert(s.apiService.Name(), gc.Equals, s.wordpressService.Name())
-	c.Assert(s.apiService.String(), gc.Equals, s.wordpressService.String())
-	c.Assert(s.apiService.Tag(), gc.Equals, s.wordpressService.Tag().(names.ServiceTag))
-}
-
-func (s *serviceSuite) TestWatch(c *gc.C) {
-	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
-
-	w, err := s.apiService.Watch()
-	c.Assert(err, jc.ErrorIsNil)
-	wc := watchertest.NewNotifyWatcherC(c, w, s.BackingState.StartSync)
-	defer wc.AssertStops()
-
-	// Initial event.
-	wc.AssertOneChange()
-
-	// Change something and check it's detected.
-	err = s.wordpressService.SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertOneChange()
-
-	// Destroy the service and check it's detected.
-	err = s.wordpressService.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertOneChange()
-}
-
-func (s *serviceSuite) TestWatchRelations(c *gc.C) {
-	w, err := s.apiService.WatchRelations()
-	c.Assert(err, jc.ErrorIsNil)
-	wc := watchertest.NewStringsWatcherC(c, w, s.BackingState.StartSync)
-	defer wc.AssertStops()
-
-	// Initial event.
-	wc.AssertChange()
-	wc.AssertNoChange()
-
-	// Change something other than the lifecycle and make sure it's
-	// not detected.
-	err = s.wordpressService.SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertNoChange()
-
-	// Add another service and relate it to wordpress,
-	// check it's detected.
-	s.addMachineServiceCharmAndUnit(c, "mysql")
-	rel := s.addRelation(c, "wordpress", "mysql")
-	wc.AssertChange(rel.String())
-
-	// Destroy the relation and check it's detected.
-	err = rel.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(rel.String())
-	wc.AssertNoChange()
-}
-
-func (s *serviceSuite) TestRefresh(c *gc.C) {
-	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
-
-	err := s.wordpressService.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.apiService.Life(), gc.Equals, params.Alive)
-
-	err = s.apiService.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.apiService.Life(), gc.Equals, params.Dying)
-}
-
-func (s *serviceSuite) TestCharmURL(c *gc.C) {
-	// Get the charm URL through state calls.
-	curl, force := s.wordpressService.CharmURL()
-	c.Assert(curl, gc.DeepEquals, s.wordpressCharm.URL())
-	c.Assert(force, jc.IsFalse)
-
-	// Now check the same through the API.
-	curl, force, err := s.apiService.CharmURL()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(curl, gc.DeepEquals, s.wordpressCharm.URL())
-	c.Assert(force, jc.IsFalse)
-}
-
-func (s *serviceSuite) TestCharmModifiedVersion(c *gc.C) {
-	// Get the charm URL through state calls.
-	ver, err := s.apiService.CharmModifiedVersion()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ver, gc.Equals, s.wordpressService.CharmModifiedVersion())
-}
-
-func (s *serviceSuite) TestOwnerTag(c *gc.C) {
-	tag, err := s.apiService.OwnerTag()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(tag, gc.Equals, s.AdminUserTag(c))
-}
-
-func (s *serviceSuite) TestSetServiceStatus(c *gc.C) {
-	message := "a test message"
-	stat, err := s.wordpressService.Status()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(stat.Status, gc.Not(gc.Equals), status.StatusActive)
-	c.Assert(stat.Message, gc.Not(gc.Equals), message)
-
-	err = s.apiService.SetStatus(s.wordpressUnit.Name(), status.StatusActive, message, map[string]interface{}{})
-	c.Check(err, gc.ErrorMatches, `"wordpress/0" is not leader of "wordpress"`)
-
-	s.claimLeadership(c, s.wordpressUnit, s.wordpressService)
-
-	err = s.apiService.SetStatus(s.wordpressUnit.Name(), status.StatusActive, message, map[string]interface{}{})
-	c.Check(err, jc.ErrorIsNil)
-
-	stat, err = s.wordpressService.Status()
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(stat.Status, gc.Equals, status.StatusActive)
-	c.Check(stat.Message, gc.Equals, message)
-}
-
-func (s *serviceSuite) TestServiceStatus(c *gc.C) {
-	message := "a test message"
-	stat, err := s.wordpressService.Status()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(stat.Status, gc.Not(gc.Equals), status.StatusActive)
-	c.Assert(stat.Message, gc.Not(gc.Equals), message)
-
-	err = s.wordpressService.SetStatus(status.StatusActive, message, map[string]interface{}{})
-	c.Check(err, jc.ErrorIsNil)
-
-	stat, err = s.wordpressService.Status()
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(stat.Status, gc.Equals, status.StatusActive)
-	c.Check(stat.Message, gc.Equals, message)
-
-	result, err := s.apiService.Status(s.wordpressUnit.Name())
-	c.Check(err, gc.ErrorMatches, `"wordpress/0" is not leader of "wordpress"`)
-
-	s.claimLeadership(c, s.wordpressUnit, s.wordpressService)
-	result, err = s.apiService.Status(s.wordpressUnit.Name())
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(result.Service.Status, gc.Equals, status.StatusActive)
-}
-
-func (s *serviceSuite) claimLeadership(c *gc.C, unit *state.Unit, service *state.Service) {
-	claimer := s.State.LeadershipClaimer()
-	err := claimer.ClaimLeadership(service.Name(), unit.Name(), time.Minute)
-	c.Assert(err, jc.ErrorIsNil)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/settings_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/settings_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/settings_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/settings_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package uniter_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/state_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/state_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/state_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/state_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package uniter_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/testing"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	apiwatcher "github.com/juju/juju/api/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/storage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/uniter"
@@ -30,7 +30,7 @@
 	var called bool
 	apiCaller := testing.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Check(objType, gc.Equals, "Uniter")
-		c.Check(version, gc.Equals, 3)
+		c.Check(version, gc.Equals, 4)
 		c.Check(id, gc.Equals, "")
 		c.Check(request, gc.Equals, "UnitStorageAttachments")
 		c.Check(arg, gc.DeepEquals, params.Entities{
@@ -57,7 +57,7 @@
 	var called bool
 	apiCaller := testing.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Check(objType, gc.Equals, "Uniter")
-		c.Check(version, gc.Equals, 3)
+		c.Check(version, gc.Equals, 4)
 		c.Check(id, gc.Equals, "")
 		c.Check(request, gc.Equals, "DestroyUnitStorageAttachments")
 		c.Check(arg, gc.DeepEquals, params.Entities{
@@ -103,7 +103,7 @@
 	var called bool
 	apiCaller := testing.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Check(objType, gc.Equals, "Uniter")
-		c.Check(version, gc.Equals, 3)
+		c.Check(version, gc.Equals, 4)
 		c.Check(id, gc.Equals, "")
 		c.Check(request, gc.Equals, "WatchUnitStorageAttachments")
 		c.Check(arg, gc.DeepEquals, params.Entities{
@@ -129,7 +129,7 @@
 	var called bool
 	apiCaller := testing.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Check(objType, gc.Equals, "Uniter")
-		c.Check(version, gc.Equals, 3)
+		c.Check(version, gc.Equals, 4)
 		c.Check(id, gc.Equals, "")
 		c.Check(request, gc.Equals, "WatchStorageAttachments")
 		c.Check(arg, gc.DeepEquals, params.StorageAttachmentIds{
@@ -157,7 +157,7 @@
 func (s *storageSuite) TestStorageAttachments(c *gc.C) {
 	storageAttachment := params.StorageAttachment{
 		StorageTag: "storage-whatever-0",
-		OwnerTag:   "service-mysql",
+		OwnerTag:   "application-mysql",
 		UnitTag:    "unit-mysql-0",
 		Kind:       params.StorageKindBlock,
 		Location:   "/dev/sda",
@@ -166,7 +166,7 @@
 	var called bool
 	apiCaller := testing.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Check(objType, gc.Equals, "Uniter")
-		c.Check(version, gc.Equals, 3)
+		c.Check(version, gc.Equals, 4)
 		c.Check(id, gc.Equals, "")
 		c.Check(request, gc.Equals, "StorageAttachments")
 		c.Check(arg, gc.DeepEquals, params.StorageAttachmentIds{
@@ -195,7 +195,7 @@
 func (s *storageSuite) TestStorageAttachmentLife(c *gc.C) {
 	apiCaller := testing.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Check(objType, gc.Equals, "Uniter")
-		c.Check(version, gc.Equals, 3)
+		c.Check(version, gc.Equals, 4)
 		c.Check(id, gc.Equals, "")
 		c.Check(request, gc.Equals, "StorageAttachmentLife")
 		c.Check(arg, gc.DeepEquals, params.StorageAttachmentIds{
@@ -225,7 +225,7 @@
 func (s *storageSuite) TestRemoveStorageAttachment(c *gc.C) {
 	apiCaller := testing.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Check(objType, gc.Equals, "Uniter")
-		c.Check(version, gc.Equals, 3)
+		c.Check(version, gc.Equals, 4)
 		c.Check(id, gc.Equals, "")
 		c.Check(request, gc.Equals, "RemoveStorageAttachments")
 		c.Check(arg, gc.DeepEquals, params.StorageAttachmentIds{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/uniter.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/uniter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/uniter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/uniter.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/common"
@@ -69,12 +69,12 @@
 	}
 }
 
-// newStateV3 creates a new client-side Uniter facade, version 3.
-var newStateV3 = newStateForVersionFn(3)
+// newStateV4 creates a new client-side Uniter facade, version 4.
+var newStateV4 = newStateForVersionFn(4)
 
 // NewState creates a new client-side Uniter facade.
 // Defined like this to allow patching during tests.
-var NewState = newStateV3
+var NewState = newStateV4
 
 // BestAPIVersion returns the API version that we were able to
 // determine is supported by both the client and the API Server.
@@ -156,13 +156,13 @@
 	}, nil
 }
 
-// Service returns a service state by tag.
-func (st *State) Service(tag names.ServiceTag) (*Service, error) {
+// Application returns an application state by tag.
+func (st *State) Application(tag names.ApplicationTag) (*Application, error) {
 	life, err := st.life(tag)
 	if err != nil {
 		return nil, err
 	}
-	return &Service{
+	return &Application{
 		tag:  tag,
 		life: life,
 		st:   st,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/uniter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/uniter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/uniter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/uniter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package uniter_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
@@ -25,7 +25,7 @@
 	st                api.Connection
 	controllerMachine *state.Machine
 	wordpressMachine  *state.Machine
-	wordpressService  *state.Service
+	wordpressService  *state.Application
 	wordpressCharm    *state.Charm
 	wordpressUnit     *state.Unit
 
@@ -71,15 +71,13 @@
 	c.Assert(s.uniter, gc.NotNil)
 }
 
-func (s *uniterSuite) addMachineBoundServiceCharmAndUnit(c *gc.C, serviceName string, bindings map[string]string) (*state.Machine, *state.Service, *state.Charm, *state.Unit) {
+func (s *uniterSuite) addMachineBoundServiceCharmAndUnit(c *gc.C, serviceName string, bindings map[string]string) (*state.Machine, *state.Application, *state.Charm, *state.Unit) {
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 	charm := s.AddTestingCharm(c, serviceName)
 
-	owner := s.AdminUserTag(c).String()
-	service, err := s.State.AddService(state.AddServiceArgs{
+	service, err := s.State.AddApplication(state.AddApplicationArgs{
 		Name:             serviceName,
-		Owner:            owner,
 		Charm:            charm,
 		EndpointBindings: bindings,
 	})
@@ -94,7 +92,7 @@
 	return machine, service, charm, unit
 }
 
-func (s *uniterSuite) addMachineServiceCharmAndUnit(c *gc.C, serviceName string) (*state.Machine, *state.Service, *state.Charm, *state.Unit) {
+func (s *uniterSuite) addMachineServiceCharmAndUnit(c *gc.C, serviceName string) (*state.Machine, *state.Application, *state.Charm, *state.Unit) {
 	return s.addMachineBoundServiceCharmAndUnit(c, serviceName, nil)
 }
 
@@ -106,7 +104,7 @@
 	return rel
 }
 
-func (s *uniterSuite) addRelatedService(c *gc.C, firstSvc, relatedSvc string, unit *state.Unit) (*state.Relation, *state.Service, *state.Unit) {
+func (s *uniterSuite) addRelatedService(c *gc.C, firstSvc, relatedSvc string, unit *state.Unit) (*state.Relation, *state.Application, *state.Unit) {
 	relatedService := s.AddTestingService(c, relatedSvc, s.AddTestingCharm(c, relatedSvc))
 	rel := s.addRelation(c, firstSvc, relatedSvc)
 	relUnit, err := rel.Unit(unit)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/common"
 	apiwatcher "github.com/juju/juju/api/watcher"
@@ -62,7 +62,7 @@
 	var result params.ErrorResults
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: u.tag.String(), Status: unitStatus, Info: info, Data: data},
+			{Tag: u.tag.String(), Status: unitStatus.String(), Info: info, Data: data},
 		},
 	}
 	err := u.st.facade.FacadeCall("SetUnitStatus", args, &result)
@@ -99,7 +99,7 @@
 	var result params.ErrorResults
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: u.tag.String(), Status: agentStatus, Info: info, Data: data},
+			{Tag: u.tag.String(), Status: agentStatus.String(), Info: info, Data: data},
 		},
 	}
 	setStatusFacadeCall := "SetAgentStatus"
@@ -174,10 +174,10 @@
 }
 
 // Service returns the service.
-func (u *Unit) Service() (*Service, error) {
-	service := &Service{
+func (u *Unit) Application() (*Application, error) {
+	service := &Application{
 		st:  u.st,
-		tag: u.ServiceTag(),
+		tag: u.ApplicationTag(),
 	}
 	// Call Refresh() immediately to get the up-to-date
 	// life and other needed locally cached fields.
@@ -211,18 +211,18 @@
 	return charm.Settings(result.Settings), nil
 }
 
-// ServiceName returns the service name.
-func (u *Unit) ServiceName() string {
-	service, err := names.UnitService(u.Name())
+// ApplicationName returns the service name.
+func (u *Unit) ApplicationName() string {
+	application, err := names.UnitApplication(u.Name())
 	if err != nil {
 		panic(err)
 	}
-	return service
+	return application
 }
 
-// ServiceTag returns the service tag.
-func (u *Unit) ServiceTag() names.ServiceTag {
-	return names.NewServiceTag(u.ServiceName())
+// ApplicationTag returns the service tag.
+func (u *Unit) ApplicationTag() names.ApplicationTag {
+	return names.NewApplicationTag(u.ApplicationName())
 }
 
 // Destroy, when called on a Alive unit, advances its lifecycle as far as
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/unitstorage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/unitstorage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/unitstorage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/unitstorage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	basetesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/uniter"
@@ -42,7 +42,7 @@
 
 	apiCaller := basetesting.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Assert(objType, gc.Equals, "Uniter")
-		c.Assert(version, gc.Equals, 3)
+		c.Assert(version, gc.Equals, 4)
 		c.Assert(id, gc.Equals, "")
 		c.Assert(request, gc.Equals, "AddUnitStorage")
 		c.Assert(arg, gc.DeepEquals, expected)
@@ -75,7 +75,7 @@
 	msg := "yoink"
 	apiCaller := basetesting.APICallerFunc(func(objType string, version int, id, request string, arg, result interface{}) error {
 		c.Assert(objType, gc.Equals, "Uniter")
-		c.Assert(version, gc.Equals, 3)
+		c.Assert(version, gc.Equals, 4)
 		c.Assert(id, gc.Equals, "")
 		c.Assert(request, gc.Equals, "AddUnitStorage")
 		c.Assert(arg, gc.DeepEquals, expected)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/uniter/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/uniter/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
@@ -123,7 +123,13 @@
 }
 
 func (s *unitSuite) TestUnitStatus(c *gc.C) {
-	err := s.wordpressUnit.SetStatus(status.StatusMaintenance, "blah", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusMaintenance,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.wordpressUnit.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	result, err := s.apiUnit.UnitStatus()
@@ -131,7 +137,7 @@
 	c.Assert(result.Since, gc.NotNil)
 	result.Since = nil
 	c.Assert(result, gc.DeepEquals, params.StatusResult{
-		Status: status.StatusMaintenance,
+		Status: status.StatusMaintenance.String(),
 		Info:   "blah",
 		Data:   map[string]interface{}{},
 	})
@@ -563,8 +569,8 @@
 }
 
 func (s *unitSuite) TestServiceNameAndTag(c *gc.C) {
-	c.Assert(s.apiUnit.ServiceName(), gc.Equals, s.wordpressService.Name())
-	c.Assert(s.apiUnit.ServiceTag(), gc.Equals, s.wordpressService.Tag())
+	c.Assert(s.apiUnit.ApplicationName(), gc.Equals, s.wordpressService.Name())
+	c.Assert(s.apiUnit.ApplicationTag(), gc.Equals, s.wordpressService.Tag())
 }
 
 func (s *unitSuite) TestJoinedRelations(c *gc.C) {
@@ -778,11 +784,11 @@
 		Name: "metered",
 		URL:  "cs:quantal/metered",
 	})
-	service := s.Factory.MakeService(c, &jujufactory.ServiceParams{
+	service := s.Factory.MakeApplication(c, &jujufactory.ApplicationParams{
 		Charm: s.charm,
 	})
 	unit := s.Factory.MakeUnit(c, &jujufactory.UnitParams{
-		Service:     service,
+		Application: service,
 		SetCharmURL: true,
 	})
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/upgrader/unitupgrader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/upgrader/unitupgrader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/upgrader/unitupgrader_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/upgrader/unitupgrader_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -58,7 +58,7 @@
 	c.Assert(s.st, gc.NotNil)
 }
 
-func (s *unitUpgraderSuite) addMachineServiceCharmAndUnit(c *gc.C, serviceName string) (*state.Machine, *state.Service, *state.Charm, *state.Unit) {
+func (s *unitUpgraderSuite) addMachineServiceCharmAndUnit(c *gc.C, serviceName string) (*state.Machine, *state.Application, *state.Charm, *state.Unit) {
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 	charm := s.AddTestingCharm(c, serviceName)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/usermanager/client.go juju-core-2.0~beta12/src/github.com/juju/juju/api/usermanager/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/usermanager/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/usermanager/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/modelmanager"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/usermanager/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/usermanager/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/usermanager/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/usermanager/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/usermanager"
 	"github.com/juju/juju/apiserver/params"
@@ -60,9 +60,9 @@
 	for i, u := range users {
 		modelUserTags[i] = u.UserTag()
 		if u.UserTag().Name() == "foobar" {
-			c.Assert(u.ReadOnly(), jc.IsTrue)
+			c.Assert(u.IsReadOnly(), jc.IsTrue)
 		} else {
-			c.Assert(u.ReadOnly(), jc.IsFalse)
+			c.Assert(u.IsReadOnly(), jc.IsFalse)
 		}
 	}
 	c.Assert(modelUserTags, jc.SameContents, []names.UserTag{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/api/watcher/watcher_test.go juju-core-2.0~beta12/src/github.com/juju/juju/api/watcher/watcher_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/api/watcher/watcher_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/api/watcher/watcher_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/migrationminion"
@@ -278,7 +278,7 @@
 	const nonce = "noncey"
 
 	// Create a model to migrate.
-	hostedState := s.Factory.MakeModel(c, &factory.ModelParams{Prepare: true})
+	hostedState := s.Factory.MakeModel(c, &factory.ModelParams{})
 	defer hostedState.Close()
 	hostedFactory := factory.NewFactory(hostedState)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/action.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/action.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/action.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/action.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -13,7 +13,7 @@
 )
 
 func init() {
-	common.RegisterStandardFacade("Action", 1, NewActionAPI)
+	common.RegisterStandardFacade("Action", 2, NewActionAPI)
 }
 
 // ActionAPI implements the client API for interacting with Actions
@@ -205,19 +205,19 @@
 	return response, nil
 }
 
-// ServicesCharmActions returns a slice of charm Actions for a slice of
+// ApplicationsCharmsActions returns a slice of charm Actions for a slice of
 // services.
-func (a *ActionAPI) ServicesCharmActions(args params.Entities) (params.ServicesCharmActionsResults, error) {
-	result := params.ServicesCharmActionsResults{Results: make([]params.ServiceCharmActionsResult, len(args.Entities))}
+func (a *ActionAPI) ApplicationsCharmsActions(args params.Entities) (params.ApplicationsCharmActionsResults, error) {
+	result := params.ApplicationsCharmActionsResults{Results: make([]params.ApplicationCharmActionsResult, len(args.Entities))}
 	for i, entity := range args.Entities {
 		currentResult := &result.Results[i]
-		svcTag, err := names.ParseServiceTag(entity.Tag)
+		svcTag, err := names.ParseApplicationTag(entity.Tag)
 		if err != nil {
 			currentResult.Error = common.ServerError(common.ErrBadId)
 			continue
 		}
-		currentResult.ServiceTag = svcTag.String()
-		svc, err := a.state.Service(svcTag.Id())
+		currentResult.ApplicationTag = svcTag.String()
+		svc, err := a.state.Application(svcTag.Id())
 		if err != nil {
 			currentResult.Error = common.ServerError(err)
 			continue
@@ -227,7 +227,16 @@
 			currentResult.Error = common.ServerError(err)
 			continue
 		}
-		currentResult.Actions = ch.Actions()
+		if actions := ch.Actions(); actions != nil {
+			charmActions := make(map[string]params.ActionSpec)
+			for key, value := range actions.ActionSpecs {
+				charmActions[key] = params.ActionSpec{
+					Description: value.Description,
+					Params:      value.Params,
+				}
+			}
+			currentResult.Actions = charmActions
+		}
 	}
 	return result, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/action_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/action_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/action_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/action_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,9 @@
 	"testing"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/action"
 	"github.com/juju/juju/apiserver/common"
@@ -39,9 +38,9 @@
 	charm         *state.Charm
 	machine0      *state.Machine
 	machine1      *state.Machine
-	dummy         *state.Service
-	wordpress     *state.Service
-	mysql         *state.Service
+	dummy         *state.Application
+	wordpress     *state.Application
+	mysql         *state.Application
 	wordpressUnit *state.Unit
 	mysqlUnit     *state.Unit
 }
@@ -66,42 +65,39 @@
 		Name: "wordpress",
 	})
 
-	s.dummy = factory.MakeService(c, &jujuFactory.ServiceParams{
+	s.dummy = factory.MakeApplication(c, &jujuFactory.ApplicationParams{
 		Name: "dummy",
 		Charm: factory.MakeCharm(c, &jujuFactory.CharmParams{
 			Name: "dummy",
 		}),
-		Creator: s.AdminUserTag(c),
 	})
-	s.wordpress = factory.MakeService(c, &jujuFactory.ServiceParams{
-		Name:    "wordpress",
-		Charm:   s.charm,
-		Creator: s.AdminUserTag(c),
+	s.wordpress = factory.MakeApplication(c, &jujuFactory.ApplicationParams{
+		Name:  "wordpress",
+		Charm: s.charm,
 	})
 	s.machine0 = factory.MakeMachine(c, &jujuFactory.MachineParams{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits, state.JobManageModel},
 	})
 	s.wordpressUnit = factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.wordpress,
-		Machine: s.machine0,
+		Application: s.wordpress,
+		Machine:     s.machine0,
 	})
 
 	mysqlCharm := factory.MakeCharm(c, &jujuFactory.CharmParams{
 		Name: "mysql",
 	})
-	s.mysql = factory.MakeService(c, &jujuFactory.ServiceParams{
-		Name:    "mysql",
-		Charm:   mysqlCharm,
-		Creator: s.AdminUserTag(c),
+	s.mysql = factory.MakeApplication(c, &jujuFactory.ApplicationParams{
+		Name:  "mysql",
+		Charm: mysqlCharm,
 	})
 	s.machine1 = factory.MakeMachine(c, &jujuFactory.MachineParams{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	})
 	s.mysqlUnit = factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.mysql,
-		Machine: s.machine1,
+		Application: s.mysql,
+		Machine:     s.machine1,
 	})
 	s.resources = common.NewResources()
 	s.AddCleanup(func(_ *gc.C) { s.resources.StopAll() })
@@ -190,8 +186,8 @@
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	})
 	dummyUnit := s.JujuConnSuite.Factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.dummy,
-		Machine: machine,
+		Application: s.dummy,
+		Machine:     machine,
 	})
 	// NOTE: full testing with multiple matches has been moved to state package.
 	arg := params.Actions{Actions: []params.Action{
@@ -297,7 +293,7 @@
 	Groups: []receiverGroup{
 		{
 			ExpectedError: &params.Error{Message: "id not found", Code: "not found"},
-			Receiver:      names.NewServiceTag("wordpress"),
+			Receiver:      names.NewApplicationTag("wordpress"),
 			Actions:       []testCaseAction{},
 		}, {
 			Receiver: names.NewUnitTag("wordpress/0"),
@@ -634,7 +630,7 @@
 	c.Assert(myActions[1].Status, gc.Equals, params.ActionCancelled)
 }
 
-func (s *actionSuite) TestServicesCharmActions(c *gc.C) {
+func (s *actionSuite) TestApplicationsCharmsActions(c *gc.C) {
 	actionSchemas := map[string]map[string]interface{}{
 		"snapshot": {
 			"type":        "object",
@@ -657,19 +653,17 @@
 	}
 	tests := []struct {
 		serviceNames    []string
-		expectedResults params.ServicesCharmActionsResults
+		expectedResults params.ApplicationsCharmActionsResults
 	}{{
 		serviceNames: []string{"dummy"},
-		expectedResults: params.ServicesCharmActionsResults{
-			Results: []params.ServiceCharmActionsResult{
+		expectedResults: params.ApplicationsCharmActionsResults{
+			Results: []params.ApplicationCharmActionsResult{
 				{
-					ServiceTag: names.NewServiceTag("dummy").String(),
-					Actions: &charm.Actions{
-						ActionSpecs: map[string]charm.ActionSpec{
-							"snapshot": {
-								Description: "Take a snapshot of the database.",
-								Params:      actionSchemas["snapshot"],
-							},
+					ApplicationTag: names.NewApplicationTag("dummy").String(),
+					Actions: map[string]params.ActionSpec{
+						"snapshot": {
+							Description: "Take a snapshot of the database.",
+							Params:      actionSchemas["snapshot"],
 						},
 					},
 				},
@@ -677,16 +671,14 @@
 		},
 	}, {
 		serviceNames: []string{"wordpress"},
-		expectedResults: params.ServicesCharmActionsResults{
-			Results: []params.ServiceCharmActionsResult{
+		expectedResults: params.ApplicationsCharmActionsResults{
+			Results: []params.ApplicationCharmActionsResult{
 				{
-					ServiceTag: names.NewServiceTag("wordpress").String(),
-					Actions: &charm.Actions{
-						ActionSpecs: map[string]charm.ActionSpec{
-							"fakeaction": {
-								Description: "No description",
-								Params:      actionSchemas["fakeaction"],
-							},
+					ApplicationTag: names.NewApplicationTag("wordpress").String(),
+					Actions: map[string]params.ActionSpec{
+						"fakeaction": {
+							Description: "No description",
+							Params:      actionSchemas["fakeaction"],
 						},
 					},
 				},
@@ -694,12 +686,12 @@
 		},
 	}, {
 		serviceNames: []string{"nonsense"},
-		expectedResults: params.ServicesCharmActionsResults{
-			Results: []params.ServiceCharmActionsResult{
+		expectedResults: params.ApplicationsCharmActionsResults{
+			Results: []params.ApplicationCharmActionsResult{
 				{
-					ServiceTag: names.NewServiceTag("nonsense").String(),
+					ApplicationTag: names.NewApplicationTag("nonsense").String(),
 					Error: &params.Error{
-						Message: `service "nonsense" not found`,
+						Message: `application "nonsense" not found`,
 						Code:    "not found",
 					},
 				},
@@ -715,11 +707,11 @@
 		}
 
 		for j, svc := range t.serviceNames {
-			svcTag := names.NewServiceTag(svc)
+			svcTag := names.NewApplicationTag(svc)
 			svcTags.Entities[j] = params.Entity{Tag: svcTag.String()}
 		}
 
-		results, err := s.action.ServicesCharmActions(svcTags)
+		results, err := s.action.ApplicationsCharmsActions(svcTags)
 		c.Assert(err, jc.ErrorIsNil)
 		c.Check(results.Results, jc.DeepEquals, t.expectedResults.Results)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/run.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/run.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/run.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/run.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/core/actions"
@@ -20,7 +20,7 @@
 func getAllUnitNames(st *state.State, units, services []string) (result []names.Tag, err error) {
 	unitsSet := set.NewStrings(units...)
 	for _, name := range services {
-		service, err := st.Service(name)
+		service, err := st.Application(name)
 		if err != nil {
 			return nil, err
 		}
@@ -33,6 +33,9 @@
 		}
 	}
 	for _, unitName := range unitsSet.SortedValues() {
+		if !names.IsValidUnit(unitName) {
+			return nil, errors.Errorf("invalid unit name %q", unitName)
+		}
 		result = append(result, names.NewUnitTag(unitName))
 	}
 	return result, nil
@@ -45,7 +48,7 @@
 		return results, errors.Trace(err)
 	}
 
-	units, err := getAllUnitNames(a.state, run.Units, run.Services)
+	units, err := getAllUnitNames(a.state, run.Units, run.Applications)
 	if err != nil {
 		return results, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/run_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/run_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/action/run_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/action/run_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -45,7 +45,7 @@
 	return machine
 }
 
-func (s *runSuite) addUnit(c *gc.C, service *state.Service) *state.Unit {
+func (s *runSuite) addUnit(c *gc.C, service *state.Application) *state.Unit {
 	unit, err := service.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	err = unit.AssignToNewMachine()
@@ -55,23 +55,22 @@
 
 func (s *runSuite) TestGetAllUnitNames(c *gc.C) {
 	charm := s.AddTestingCharm(c, "dummy")
-	owner := s.AdminUserTag(c)
-	magic, err := s.State.AddService(state.AddServiceArgs{Name: "magic", Owner: owner.String(), Charm: charm})
+	magic, err := s.State.AddApplication(state.AddApplicationArgs{Name: "magic", Charm: charm})
 	s.addUnit(c, magic)
 	s.addUnit(c, magic)
 
-	notAssigned, err := s.State.AddService(state.AddServiceArgs{Name: "not-assigned", Owner: owner.String(), Charm: charm})
+	notAssigned, err := s.State.AddApplication(state.AddApplicationArgs{Name: "not-assigned", Charm: charm})
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = notAssigned.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "no-units", Owner: owner.String(), Charm: charm})
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "no-units", Charm: charm})
 	c.Assert(err, jc.ErrorIsNil)
 
-	wordpress, err := s.State.AddService(state.AddServiceArgs{Name: "wordpress", Owner: owner.String(), Charm: s.AddTestingCharm(c, "wordpress")})
+	wordpress, err := s.State.AddApplication(state.AddApplicationArgs{Name: "wordpress", Charm: s.AddTestingCharm(c, "wordpress")})
 	c.Assert(err, jc.ErrorIsNil)
 	wordpress0 := s.addUnit(c, wordpress)
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "logging", Owner: owner.String(), Charm: s.AddTestingCharm(c, "logging")})
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "logging", Charm: s.AddTestingCharm(c, "logging")})
 	c.Assert(err, jc.ErrorIsNil)
 
 	eps, err := s.State.InferEndpoints("logging", "wordpress")
@@ -92,9 +91,17 @@
 	}{{
 		message: "no units, expected nil slice",
 	}, {
+		message:  "asking for an empty string service",
+		services: []string{""},
+		error:    `"" is not a valid application name`,
+	}, {
+		message: "asking for an empty string unit",
+		units:   []string{""},
+		error:   `invalid unit name ""`,
+	}, {
 		message:  "asking for a service that isn't there",
 		services: []string{"foo"},
-		error:    `service "foo" not found`,
+		error:    `application "foo" not found`,
 	}, {
 		message:  "service with no units is not really an error",
 		services: []string{"no-units"},
@@ -155,10 +162,10 @@
 	s.BlockAllChanges(c, "TestBlockRunMachineAndService")
 	_, err := s.client.Run(
 		params.RunParams{
-			Commands: "hostname",
-			Timeout:  testing.LongWait,
-			Machines: []string{"0"},
-			Services: []string{"magic"},
+			Commands:     "hostname",
+			Timeout:      testing.LongWait,
+			Machines:     []string{"0"},
+			Applications: []string{"magic"},
 		})
 	s.AssertBlocked(c, err, "TestBlockRunMachineAndService")
 }
@@ -187,17 +194,16 @@
 	s.addMachine(c)
 
 	charm := s.AddTestingCharm(c, "dummy")
-	owner := s.Factory.MakeUser(c, nil).Tag()
-	magic, err := s.State.AddService(state.AddServiceArgs{Name: "magic", Owner: owner.String(), Charm: charm})
+	magic, err := s.State.AddApplication(state.AddApplicationArgs{Name: "magic", Charm: charm})
 	c.Assert(err, jc.ErrorIsNil)
 	s.addUnit(c, magic)
 	s.addUnit(c, magic)
 
 	s.client.Run(
 		params.RunParams{
-			Commands: "hostname",
-			Machines: []string{"0"},
-			Services: []string{"magic"},
+			Commands:     "hostname",
+			Machines:     []string{"0"},
+			Applications: []string{"magic"},
 		})
 	c.Assert(called, jc.IsTrue)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/addresser.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/addresser.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/addresser.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/addresser.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,171 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/watcher"
-)
-
-func init() {
-	common.RegisterStandardFacade("Addresser", 2, NewAddresserAPI)
-}
-
-var logger = loggo.GetLogger("juju.apiserver.addresser")
-
-// AddresserAPI provides access to the Addresser API facade.
-type AddresserAPI struct {
-	st         StateInterface
-	resources  *common.Resources
-	authorizer common.Authorizer
-}
-
-// NewAddresserAPI creates a new server-side Addresser API facade.
-func NewAddresserAPI(
-	st *state.State,
-	resources *common.Resources,
-	authorizer common.Authorizer,
-) (*AddresserAPI, error) {
-	isModelManager := authorizer.AuthModelManager()
-	if !isModelManager {
-		// Addresser must run as model manager.
-		return nil, common.ErrPerm
-	}
-	sti := getState(st)
-	return &AddresserAPI{
-		st:         sti,
-		resources:  resources,
-		authorizer: authorizer,
-	}, nil
-}
-
-// getNetworkingEnviron checks if the environment implements NetworkingEnviron
-// and also if it supports IP address allocation.
-func (api *AddresserAPI) getNetworkingEnviron() (environs.NetworkingEnviron, bool, error) {
-	config, err := api.st.ModelConfig()
-	if err != nil {
-		return nil, false, errors.Annotate(err, "getting model config")
-	}
-	env, err := environs.New(config)
-	if err != nil {
-		return nil, false, errors.Annotate(err, "validating model config")
-	}
-	netEnv, ok := environs.SupportsNetworking(env)
-	if !ok {
-		return nil, false, nil
-	}
-	ok, err = netEnv.SupportsAddressAllocation(network.AnySubnet)
-	if err != nil && !errors.IsNotSupported(err) {
-		return nil, false, errors.Annotate(err, "checking allocation support")
-	}
-	return netEnv, ok, nil
-}
-
-// CanDeallocateAddresses checks if the current environment can
-// deallocate IP addresses.
-func (api *AddresserAPI) CanDeallocateAddresses() params.BoolResult {
-	result := params.BoolResult{}
-	_, ok, err := api.getNetworkingEnviron()
-	if err != nil {
-		result.Error = common.ServerError(err)
-		return result
-	}
-	result.Result = ok
-	return result
-}
-
-// CleanupIPAddresses releases and removes the dead IP addresses.
-func (api *AddresserAPI) CleanupIPAddresses() params.ErrorResult {
-	result := params.ErrorResult{}
-	netEnv, ok, err := api.getNetworkingEnviron()
-	if err != nil {
-		result.Error = common.ServerError(err)
-		return result
-	}
-	if !ok {
-		result.Error = common.ServerError(errors.NotSupportedf("IP address deallocation"))
-		return result
-	}
-	// Retrieve dead addresses, release and remove them.
-	logger.Debugf("retrieving dead IP addresses")
-	ipAddresses, err := api.st.DeadIPAddresses()
-	if err != nil {
-		err = errors.Annotate(err, "getting dead addresses")
-		result.Error = common.ServerError(err)
-		return result
-	}
-	canRetry := false
-	for _, ipAddress := range ipAddresses {
-		ipAddressValue := ipAddress.Value()
-		logger.Debugf("releasing dead IP address %q", ipAddressValue)
-		err := api.releaseIPAddress(netEnv, ipAddress)
-		if err != nil {
-			logger.Warningf("cannot release IP address %q: %v (will retry)", ipAddressValue, err)
-			canRetry = true
-			continue
-		}
-		logger.Debugf("removing released IP address %q", ipAddressValue)
-		err = ipAddress.Remove()
-		if errors.IsNotFound(err) {
-			continue
-		}
-		if err != nil {
-			logger.Warningf("failed to remove released IP address %q: %v (will retry)", ipAddressValue, err)
-			canRetry = true
-			continue
-		}
-	}
-	if canRetry {
-		result.Error = common.ServerError(common.ErrTryAgain)
-	}
-	return result
-}
-
-// netEnvReleaseAddress is used for testability.
-var netEnvReleaseAddress = func(env environs.NetworkingEnviron,
-	instId instance.Id, subnetId network.Id, addr network.Address, macAddress, hostname string) error {
-	return env.ReleaseAddress(instId, subnetId, addr, macAddress, hostname)
-}
-
-// releaseIPAddress releases one IP address.
-func (api *AddresserAPI) releaseIPAddress(netEnv environs.NetworkingEnviron, ipAddress StateIPAddress) (err error) {
-	defer errors.DeferredAnnotatef(&err, "failed to release IP address %q", ipAddress.Value())
-	logger.Tracef("attempting to release dead IP address %q", ipAddress.Value())
-	// Final check if IP address is really dead.
-	if ipAddress.Life() != state.Dead {
-		return errors.New("IP address not dead")
-	}
-	// Now release the IP address.
-	subnetId := network.Id(ipAddress.SubnetId())
-	err = netEnvReleaseAddress(netEnv, ipAddress.InstanceId(), subnetId, ipAddress.Address(), ipAddress.MACAddress(), "")
-	if err != nil {
-		return errors.Trace(err)
-	}
-	return nil
-}
-
-// WatchIPAddresses observes changes to the IP addresses.
-func (api *AddresserAPI) WatchIPAddresses() (params.EntitiesWatchResult, error) {
-	watch := &ipAddressesWatcher{api.st.WatchIPAddresses(), api.st}
-
-	if changes, ok := <-watch.Changes(); ok {
-		mappedChanges, err := watch.MapChanges(changes)
-		if err != nil {
-			return params.EntitiesWatchResult{}, errors.Trace(err)
-		}
-		return params.EntitiesWatchResult{
-			EntitiesWatcherId: api.resources.Register(watch),
-			Changes:           mappedChanges,
-		}, nil
-	}
-	return params.EntitiesWatchResult{}, watcher.EnsureErr(watch)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/addresser_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/addresser_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/addresser_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/addresser_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,310 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser_test
-
-import (
-	"github.com/juju/errors"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/addresser"
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/apiserver/params"
-	apiservertesting "github.com/juju/juju/apiserver/testing"
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/feature"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/jujuclient/jujuclienttesting"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/dummy"
-	"github.com/juju/juju/state"
-	statetesting "github.com/juju/juju/state/testing"
-	coretesting "github.com/juju/juju/testing"
-)
-
-type AddresserSuite struct {
-	coretesting.BaseSuite
-
-	st         *mockState
-	api        *addresser.AddresserAPI
-	authoriser apiservertesting.FakeAuthorizer
-	resources  *common.Resources
-}
-
-var _ = gc.Suite(&AddresserSuite{})
-
-func (s *AddresserSuite) SetUpSuite(c *gc.C) {
-	s.BaseSuite.SetUpSuite(c)
-	environs.RegisterProvider("mock", mockEnvironProvider{})
-}
-
-func (s *AddresserSuite) SetUpTest(c *gc.C) {
-	s.BaseSuite.SetUpTest(c)
-	s.SetFeatureFlags(feature.AddressAllocation)
-
-	s.authoriser = apiservertesting.FakeAuthorizer{
-		EnvironManager: true,
-	}
-	s.resources = common.NewResources()
-	s.AddCleanup(func(*gc.C) { s.resources.StopAll() })
-
-	s.st = newMockState()
-	addresser.PatchState(s, s.st)
-
-	var err error
-	s.api, err = addresser.NewAddresserAPI(nil, s.resources, s.authoriser)
-	c.Assert(err, jc.ErrorIsNil)
-	s.AddCleanup(dummy.Reset)
-}
-
-func (s *AddresserSuite) TestCanDeallocateAddressesEnabled(c *gc.C) {
-	config := testingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	result := s.api.CanDeallocateAddresses()
-	c.Assert(result, jc.DeepEquals, params.BoolResult{
-		Error:  nil,
-		Result: true,
-	})
-}
-
-func (s *AddresserSuite) TestCanDeallocateAddressesDisabled(c *gc.C) {
-	config := testingEnvConfig(c)
-	s.st.setConfig(c, config)
-	s.SetFeatureFlags()
-
-	result := s.api.CanDeallocateAddresses()
-	c.Assert(result, jc.DeepEquals, params.BoolResult{
-		Error:  nil,
-		Result: false,
-	})
-}
-
-func (s *AddresserSuite) TestCanDeallocateAddressesConfigGetFailure(c *gc.C) {
-	config := testingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	s.st.stub.SetErrors(errors.New("ouch"))
-
-	result := s.api.CanDeallocateAddresses()
-	c.Assert(result.Error, gc.ErrorMatches, "getting model config: ouch")
-	c.Assert(result.Result, jc.IsFalse)
-}
-
-func (s *AddresserSuite) TestCanDeallocateAddressesEnvironmentNewFailure(c *gc.C) {
-	config := nonexTestingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	result := s.api.CanDeallocateAddresses()
-	c.Assert(result.Error, gc.ErrorMatches, `validating model config: no registered provider for "nonex"`)
-	c.Assert(result.Result, jc.IsFalse)
-}
-
-func (s *AddresserSuite) TestCanDeallocateAddressesNotSupportedFailure(c *gc.C) {
-	config := mockTestingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	result := s.api.CanDeallocateAddresses()
-	c.Assert(result, jc.DeepEquals, params.BoolResult{
-		Error:  nil,
-		Result: false,
-	})
-}
-
-func (s *AddresserSuite) TestCleanupIPAddressesSuccess(c *gc.C) {
-	config := testingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	dead, err := s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-
-	apiErr := s.api.CleanupIPAddresses()
-	c.Assert(apiErr, jc.DeepEquals, params.ErrorResult{})
-
-	dead, err = s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 0)
-}
-
-func (s *AddresserSuite) TestReleaseAddress(c *gc.C) {
-	config := testingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	// Cleanup initial dead IP addresses.
-	dead, err := s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-
-	apiErr := s.api.CleanupIPAddresses()
-	c.Assert(apiErr, jc.DeepEquals, params.ErrorResult{})
-
-	dead, err = s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 0)
-
-	// Prepare tests.
-	called := 0
-	s.PatchValue(addresser.NetEnvReleaseAddress, func(
-		env environs.NetworkingEnviron,
-		instId instance.Id,
-		subnetId network.Id,
-		addr network.Address,
-		macAddress, hostname string,
-	) error {
-		called++
-		c.Assert(instId, gc.Equals, instance.Id("a3"))
-		c.Assert(subnetId, gc.Equals, network.Id("a"))
-		c.Assert(addr, gc.Equals, network.NewAddress("0.1.2.3"))
-		c.Assert(macAddress, gc.Equals, "fff3")
-		c.Assert(hostname, gc.Equals, "")
-		return nil
-	})
-
-	// Set address 0.1.2.3 to dead.
-	s.st.setDead(c, "0.1.2.3")
-
-	dead, err = s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 1)
-
-	apiErr = s.api.CleanupIPAddresses()
-	c.Assert(apiErr, jc.DeepEquals, params.ErrorResult{})
-	c.Assert(called, gc.Equals, 1)
-
-	dead, err = s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 0)
-}
-
-func (s *AddresserSuite) TestCleanupIPAddressesConfigGetFailure(c *gc.C) {
-	config := testingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	dead, err := s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-
-	s.st.stub.SetErrors(errors.New("ouch"))
-
-	// First action is getting the environment configuration,
-	// so the injected error is returned here.
-	apiErr := s.api.CleanupIPAddresses()
-	c.Assert(apiErr.Error, gc.ErrorMatches, "getting model config: ouch")
-
-	// Still has two dead addresses.
-	dead, err = s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-}
-
-func (s *AddresserSuite) TestCleanupIPAddressesEnvironmentNewFailure(c *gc.C) {
-	config := nonexTestingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	dead, err := s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-
-	// Validation of configuration fails due to illegal provider.
-	apiErr := s.api.CleanupIPAddresses()
-	c.Assert(apiErr.Error, gc.ErrorMatches, `validating model config: no registered provider for "nonex"`)
-
-	// Still has two dead addresses.
-	dead, err = s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-}
-
-func (s *AddresserSuite) TestCleanupIPAddressesNotSupportedFailure(c *gc.C) {
-	config := mockTestingEnvConfig(c)
-	s.st.setConfig(c, config)
-
-	dead, err := s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-
-	// The tideland environment does not support networking.
-	apiErr := s.api.CleanupIPAddresses()
-	c.Assert(apiErr.Error, gc.ErrorMatches, "IP address deallocation not supported")
-
-	// Still has two dead addresses.
-	dead, err = s.st.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dead, gc.HasLen, 2)
-}
-
-func (s *AddresserSuite) TestWatchIPAddresses(c *gc.C) {
-	c.Assert(s.resources.Count(), gc.Equals, 0)
-
-	s.st.addIPAddressWatcher("0.1.2.3", "0.1.2.4", "0.1.2.7")
-
-	result, err := s.api.WatchIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, gc.DeepEquals, params.EntitiesWatchResult{
-		EntitiesWatcherId: "1",
-		Changes: []string{
-			"ipaddress-00000000-1111-2222-3333-0123456789ab",
-			"ipaddress-00000000-1111-2222-4444-0123456789ab",
-			"ipaddress-00000000-1111-2222-7777-0123456789ab",
-		},
-		Error: nil,
-	})
-
-	// Verify the resource was registered and stop when done.
-	c.Assert(s.resources.Count(), gc.Equals, 1)
-	resource := s.resources.Get("1")
-	defer statetesting.AssertStop(c, resource)
-
-	// Check that the Watch has consumed the initial event ("returned" in
-	// the Watch call)
-	wc := statetesting.NewStringsWatcherC(c, s.st, resource.(state.StringsWatcher))
-	wc.AssertNoChange()
-}
-
-// testingEnvConfig prepares an environment configuration using
-// the dummy provider.
-func testingEnvConfig(c *gc.C) *config.Config {
-	env, err := environs.Prepare(
-		modelcmd.BootstrapContext(coretesting.Context(c)),
-		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: "dummycontroller",
-			BaseConfig:     dummy.SampleConfig(),
-			CloudName:      "dummy",
-		},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	return env.Config()
-}
-
-// nonexTestingEnvConfig prepares an environment configuration using
-// a non-existent provider.
-func nonexTestingEnvConfig(c *gc.C) *config.Config {
-	attrs := dummy.SampleConfig().Merge(coretesting.Attrs{
-		"type": "nonex",
-	})
-	cfg, err := config.New(config.NoDefaults, attrs)
-	c.Assert(err, jc.ErrorIsNil)
-	return cfg
-}
-
-// mockTestingEnvConfig prepares an environment configuration using
-// the mock provider which does not support networking.
-func mockTestingEnvConfig(c *gc.C) *config.Config {
-	env, err := environs.Prepare(
-		modelcmd.BootstrapContext(coretesting.Context(c)),
-		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: "dummycontroller",
-			BaseConfig:     mockConfig(),
-			CloudName:      "dummy",
-		},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	return env.Config()
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,20 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-import (
-	"github.com/juju/juju/state"
-)
-
-var NetEnvReleaseAddress = &netEnvReleaseAddress
-
-type Patcher interface {
-	PatchValue(ptr, value interface{})
-}
-
-func PatchState(p Patcher, st StateInterface) {
-	p.PatchValue(&getState, func(*state.State) StateInterface {
-		return st
-	})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/mock_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,403 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser_test
-
-import (
-	"sort"
-	"sync"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"github.com/juju/testing"
-	jujutxn "github.com/juju/txn"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/addresser"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/dummy"
-	"github.com/juju/juju/state"
-	coretesting "github.com/juju/juju/testing"
-)
-
-// mockState implements StateInterface and allows inspection of called
-// methods.
-type mockState struct {
-	mu   sync.Mutex
-	stub *testing.Stub
-
-	config      *config.Config
-	ipAddresses map[string]*mockIPAddress
-
-	ipAddressWatchers []*mockIPAddressWatcher
-}
-
-func newMockState() *mockState {
-	mst := &mockState{
-		stub:        &testing.Stub{},
-		ipAddresses: make(map[string]*mockIPAddress),
-	}
-	mst.setUpState()
-	return mst
-}
-
-func (mst *mockState) setUpState() {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	ips := []struct {
-		value      string
-		uuid       string
-		life       state.Life
-		subnetId   string
-		instanceId string
-		macaddr    string
-	}{
-		{"0.1.2.3", "00000000-1111-2222-3333-0123456789ab", state.Alive, "a", "a3", "fff3"},
-		{"0.1.2.4", "00000000-1111-2222-4444-0123456789ab", state.Alive, "b", "b4", "fff4"},
-		{"0.1.2.5", "00000000-1111-2222-5555-0123456789ab", state.Alive, "b", "b5", "fff5"},
-		{"0.1.2.6", "00000000-1111-2222-6666-0123456789ab", state.Dead, "c", "c6", "fff6"},
-		{"0.1.2.7", "00000000-1111-2222-7777-0123456789ab", state.Dead, "c", "c7", "fff7"},
-	}
-	for _, ip := range ips {
-		mst.ipAddresses[ip.value] = &mockIPAddress{
-			stub:       mst.stub,
-			st:         mst,
-			value:      ip.value,
-			tag:        names.NewIPAddressTag(ip.uuid),
-			life:       ip.life,
-			subnetId:   ip.subnetId,
-			instanceId: instance.Id(ip.instanceId),
-			addr:       network.NewAddress(ip.value),
-			macaddr:    ip.macaddr,
-		}
-	}
-}
-
-var _ addresser.StateInterface = (*mockState)(nil)
-
-// ModelConfig implements StateInterface.
-func (mst *mockState) ModelConfig() (*config.Config, error) {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	mst.stub.MethodCall(mst, "ModelConfig")
-
-	if err := mst.stub.NextErr(); err != nil {
-		return nil, err
-	}
-	return mst.config, nil
-}
-
-// setConfig updates the environ config stored internally. Triggers a
-// change event for all created config watchers.
-func (mst *mockState) setConfig(c *gc.C, newConfig *config.Config) {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	mst.config = newConfig
-}
-
-// IPAddress implements StateInterface.
-func (mst *mockState) IPAddress(value string) (addresser.StateIPAddress, error) {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	mst.stub.MethodCall(mst, "IPAddress", value)
-	if err := mst.stub.NextErr(); err != nil {
-		return nil, err
-	}
-	ipAddress, found := mst.ipAddresses[value]
-	if !found {
-		return nil, errors.NotFoundf("IP address %s", value)
-	}
-	return ipAddress, nil
-}
-
-// setDead sets a mock IP address in state to dead.
-func (mst *mockState) setDead(c *gc.C, value string) {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	ipAddress, found := mst.ipAddresses[value]
-	c.Assert(found, gc.Equals, true)
-
-	ipAddress.life = state.Dead
-}
-
-// DeadIPAddresses implements StateInterface.
-func (mst *mockState) DeadIPAddresses() ([]addresser.StateIPAddress, error) {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	mst.stub.MethodCall(mst, "DeadIPAddresses")
-	if err := mst.stub.NextErr(); err != nil {
-		return nil, err
-	}
-	var deadIPAddresses []addresser.StateIPAddress
-	for _, ipAddress := range mst.ipAddresses {
-		if ipAddress.life == state.Dead {
-			deadIPAddresses = append(deadIPAddresses, ipAddress)
-		}
-	}
-	return deadIPAddresses, nil
-}
-
-// WatchIPAddresses implements StateInterface.
-func (mst *mockState) WatchIPAddresses() state.StringsWatcher {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	mst.stub.MethodCall(mst, "WatchIPAddresses")
-	mst.stub.NextErr()
-	return mst.nextIPAddressWatcher()
-}
-
-// addIPAddressWatcher adds an IP address watcher with the given IDs.
-func (mst *mockState) addIPAddressWatcher(ids ...string) *mockIPAddressWatcher {
-	w := newMockIPAddressWatcher(ids)
-	mst.ipAddressWatchers = append(mst.ipAddressWatchers, w)
-	return w
-}
-
-// nextIPAddressWatcher returns an IP address watcher .
-func (mst *mockState) nextIPAddressWatcher() *mockIPAddressWatcher {
-	if len(mst.ipAddressWatchers) == 0 {
-		panic("ran out of watchers")
-	}
-
-	w := mst.ipAddressWatchers[0]
-	mst.ipAddressWatchers = mst.ipAddressWatchers[1:]
-	if len(w.initial) == 0 {
-		ids := make([]string, 0, len(mst.ipAddresses))
-		// Initial event - all IP address ids, sorted.
-		for id := range mst.ipAddresses {
-			ids = append(ids, id)
-		}
-		sort.Strings(ids)
-		w.initial = ids
-	}
-	w.start()
-	return w
-}
-
-// removeIPAddress is used by mockIPAddress.Remove()
-func (mst *mockState) removeIPAddress(value string) error {
-	mst.mu.Lock()
-	defer mst.mu.Unlock()
-
-	ipAddr, ok := mst.ipAddresses[value]
-	if !ok {
-		return jujutxn.ErrNoOperations
-	}
-	if ipAddr.life != state.Dead {
-		return errors.Errorf("cannot remove IP address %q: IP address is not dead", ipAddr.value)
-	}
-	delete(mst.ipAddresses, value)
-	return nil
-}
-
-// StartSync implements statetesting.SyncStarter, so mockState can be
-// used with watcher helpers/checkers.
-func (mst *mockState) StartSync() {}
-
-// mockIPAddress implements StateIPAddress for testing.
-type mockIPAddress struct {
-	addresser.StateIPAddress
-
-	stub       *testing.Stub
-	st         *mockState
-	value      string
-	tag        names.Tag
-	life       state.Life
-	subnetId   string
-	instanceId instance.Id
-	addr       network.Address
-	macaddr    string
-}
-
-var _ addresser.StateIPAddress = (*mockIPAddress)(nil)
-
-// Value implements StateIPAddress.
-func (mip *mockIPAddress) Value() string {
-	mip.stub.MethodCall(mip, "Value")
-	mip.stub.NextErr() // Consume the unused error.
-	return mip.value
-}
-
-// Tag implements StateIPAddress.
-func (mip *mockIPAddress) Tag() names.Tag {
-	mip.stub.MethodCall(mip, "Tag")
-	mip.stub.NextErr() // Consume the unused error.
-	return mip.tag
-}
-
-// Life implements StateIPAddress.
-func (mip *mockIPAddress) Life() state.Life {
-	mip.stub.MethodCall(mip, "Life")
-	mip.stub.NextErr() // Consume the unused error.
-	return mip.life
-}
-
-// Remove implements StateIPAddress.
-func (mip *mockIPAddress) Remove() error {
-	mip.stub.MethodCall(mip, "Remove")
-	if err := mip.stub.NextErr(); err != nil {
-		return err
-	}
-	return mip.st.removeIPAddress(mip.value)
-}
-
-// SubnetId implements StateIPAddress.
-func (mip *mockIPAddress) SubnetId() string {
-	mip.stub.MethodCall(mip, "SubnetId")
-	mip.stub.NextErr() // Consume the unused error.
-	return mip.subnetId
-}
-
-// InstanceId implements StateIPAddress.
-func (mip *mockIPAddress) InstanceId() instance.Id {
-	mip.stub.MethodCall(mip, "InstanceId")
-	mip.stub.NextErr() // Consume the unused error.
-	return mip.instanceId
-}
-
-// Address implements StateIPAddress.
-func (mip *mockIPAddress) Address() network.Address {
-	mip.stub.MethodCall(mip, "Address")
-	mip.stub.NextErr() // Consume the unused error.
-	return mip.addr
-}
-
-// MACAddress implements StateIPAddress.
-func (mip *mockIPAddress) MACAddress() string {
-	mip.stub.MethodCall(mip, "MACAddress")
-	mip.stub.NextErr() // Consume the unused error.
-	return mip.macaddr
-}
-
-// mockIPAddressWatcher notifies about IP address changes.
-type mockIPAddressWatcher struct {
-	err       error
-	initial   []string
-	wontStart bool
-	incoming  chan []string
-	changes   chan []string
-	done      chan struct{}
-}
-
-var _ state.StringsWatcher = (*mockIPAddressWatcher)(nil)
-
-func newMockIPAddressWatcher(initial []string) *mockIPAddressWatcher {
-	mipw := &mockIPAddressWatcher{
-		initial:   initial,
-		wontStart: false,
-		incoming:  make(chan []string),
-		changes:   make(chan []string),
-		done:      make(chan struct{}),
-	}
-	return mipw
-}
-
-// Kill implements state.Watcher.
-func (mipw *mockIPAddressWatcher) Kill() {}
-
-// Stop implements state.Watcher.
-func (mipw *mockIPAddressWatcher) Stop() error {
-	select {
-	case <-mipw.done:
-		// Closed.
-	default:
-		// Signal the loop we want to stop.
-		close(mipw.done)
-		// Signal the clients we've closed.
-		close(mipw.changes)
-	}
-	return mipw.err
-}
-
-// Wait implements state.Watcher.
-func (mipw *mockIPAddressWatcher) Wait() error {
-	return mipw.Stop()
-}
-
-// Err implements state.Watcher.
-func (mipw *mockIPAddressWatcher) Err() error {
-	return mipw.err
-}
-
-// start starts the backend loop depending on a field setting.
-func (mipw *mockIPAddressWatcher) start() {
-	if mipw.wontStart {
-		// Set manually by tests that need it.
-		mipw.Stop()
-		return
-	}
-	go mipw.loop()
-}
-
-func (mipw *mockIPAddressWatcher) loop() {
-	// Prepare initial event.
-	unsent := mipw.initial
-	outChanges := mipw.changes
-	// Forward any incoming changes until stopped.
-	for {
-		select {
-		case <-mipw.done:
-			return
-		case outChanges <- unsent:
-			outChanges = nil
-			unsent = nil
-		case ids := <-mipw.incoming:
-			unsent = append(unsent, ids...)
-			outChanges = mipw.changes
-		}
-	}
-}
-
-// Changes implements state.StringsWatcher.
-func (mipw *mockIPAddressWatcher) Changes() <-chan []string {
-	return mipw.changes
-}
-
-// mockConfig returns a configuration for the usage of the
-// mock provider below.
-func mockConfig() coretesting.Attrs {
-	return dummy.SampleConfig().Merge(coretesting.Attrs{
-		"type": "mock",
-	})
-}
-
-// mockEnviron is an environment without networking support.
-type mockEnviron struct {
-	environs.Environ
-}
-
-func (e mockEnviron) Config() *config.Config {
-	cfg, err := config.New(config.NoDefaults, mockConfig())
-	if err != nil {
-		panic("invalid configuration for testing")
-	}
-	return cfg
-}
-
-// mockEnvironProvider is the smallest possible provider to
-// test the addresses without networking support.
-type mockEnvironProvider struct {
-	environs.EnvironProvider
-}
-
-func (p mockEnvironProvider) BootstrapConfig(args environs.BootstrapConfigParams) (*config.Config, error) {
-	return args.Config, nil
-}
-
-func (p mockEnvironProvider) PrepareForBootstrap(environs.BootstrapContext, *config.Config) (environs.Environ, error) {
-	return &mockEnviron{}, nil
-}
-
-func (p mockEnvironProvider) Open(*config.Config) (environs.Environ, error) {
-	return &mockEnviron{}, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/state.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,69 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-import (
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-)
-
-// StateIPAddress defines the needed methods of state.IPAddress
-// for the work of the Addresser API.
-type StateIPAddress interface {
-	state.Entity
-	state.EnsureDeader
-	state.Remover
-
-	Value() string
-	Life() state.Life
-	SubnetId() string
-	InstanceId() instance.Id
-	Address() network.Address
-	MACAddress() string
-}
-
-// StateInterface defines the needed methods of state.State
-// for the work of the Addresser API.
-type StateInterface interface {
-	// ModelConfig retrieves the model configuration.
-	ModelConfig() (*config.Config, error)
-
-	// DeadIPAddresses retrieves all dead IP addresses.
-	DeadIPAddresses() ([]StateIPAddress, error)
-
-	// IPAddress retrieves an IP address by its value.
-	IPAddress(value string) (StateIPAddress, error)
-
-	// WatchIPAddresses notifies about lifecycle changes
-	// of IP addresses.
-	WatchIPAddresses() state.StringsWatcher
-}
-
-type stateShim struct {
-	*state.State
-}
-
-func (s stateShim) DeadIPAddresses() ([]StateIPAddress, error) {
-	ipAddresses, err := s.State.DeadIPAddresses()
-	if err != nil {
-		return nil, err
-	}
-	// Convert []*state.IPAddress into []StateIPAddress. Direct
-	// casts of complete slices are not possible.
-	stateIPAddresses := make([]StateIPAddress, len(ipAddresses))
-	for i, ipAddress := range ipAddresses {
-		stateIPAddresses[i] = StateIPAddress(ipAddress)
-	}
-	return stateIPAddresses, nil
-}
-
-func (s stateShim) IPAddress(value string) (StateIPAddress, error) {
-	return s.State.IPAddress(value)
-}
-
-var getState = func(st *state.State) StateInterface {
-	return stateShim{st}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/watcher.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/watcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/addresser/watcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/addresser/watcher.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,34 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/state"
-)
-
-// ipAddressesWatcher implements an entity watcher with the transformation
-// of the received document ids of IP addresses into their according tags.
-type ipAddressesWatcher struct {
-	state.StringsWatcher
-
-	st StateInterface
-}
-
-// MapChanges converts IP address values to tags.
-func (w *ipAddressesWatcher) MapChanges(in []string) ([]string, error) {
-	if len(in) == 0 {
-		return in, nil
-	}
-	mapped := make([]string, len(in))
-	for i, v := range in {
-		ipAddr, err := w.st.IPAddress(v)
-		if err != nil {
-			return nil, errors.Annotate(err, "cannot fetch address")
-		}
-		mapped[i] = ipAddr.Tag().String()
-	}
-	return mapped, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/admin.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/admin.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/admin.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/admin.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,12 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/authentication"
 	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/observer"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/apiserver/presence"
 	"github.com/juju/juju/rpc"
@@ -22,14 +23,14 @@
 	jujuversion "github.com/juju/juju/version"
 )
 
-type adminApiFactory func(srv *Server, root *apiHandler, reqNotifier *requestNotifier) interface{}
+type adminApiFactory func(*Server, *apiHandler, observer.Observer) interface{}
 
 // admin is the only object that unlogged-in clients can access. It holds any
 // methods that are needed to log in.
 type admin struct {
 	srv         *Server
 	root        *apiHandler
-	reqNotifier *requestNotifier
+	apiObserver observer.Observer
 
 	mu       sync.Mutex
 	loggedIn bool
@@ -131,9 +132,7 @@
 	}
 	a.root.entity = entity
 
-	if a.reqNotifier != nil {
-		a.reqNotifier.login(entity.Tag().String())
-	}
+	a.apiObserver.Login(entity.Tag().String())
 
 	// We have authenticated the user; enable the appropriate API
 	// to serve to them.
@@ -146,18 +145,19 @@
 	}
 
 	var maybeUserInfo *params.AuthUserInfo
-	var envUser *state.ModelUser
+	var modelUser *state.ModelUser
 	// Send back user info if user
 	if isUser && !serverOnlyLogin {
 		maybeUserInfo = &params.AuthUserInfo{
 			Identity:       entity.Tag().String(),
 			LastConnection: lastConnection,
 		}
-		envUser, err = a.root.state.ModelUser(entity.Tag().(names.UserTag))
+		modelUser, err = a.root.state.ModelUser(entity.Tag().(names.UserTag))
 		if err != nil {
 			return fail, errors.Annotatef(err, "missing ModelUser for logged in user %s", entity.Tag())
 		}
-		if envUser.ReadOnly() {
+		maybeUserInfo.ReadOnly = modelUser.IsReadOnly()
+		if maybeUserInfo.ReadOnly {
 			logger.Debugf("model user %s is READ ONLY", entity.Tag())
 		}
 	}
@@ -200,8 +200,8 @@
 		loginResult.Facades = facades
 	}
 
-	if envUser != nil {
-		authedApi = newClientAuthRoot(authedApi, envUser)
+	if modelUser != nil {
+		authedApi = newClientAuthRoot(authedApi, modelUser)
 	}
 
 	a.root.rpcConn.ServeFinder(authedApi, serverError)
@@ -229,7 +229,7 @@
 	}
 	// The machine does exist in the controller model, but it
 	// doesn't manage models, so reject it.
-	return nil, errors.Trace(common.ErrBadCreds)
+	return nil, errors.Trace(common.ErrPerm)
 }
 
 func (a *admin) maintenanceInProgress() bool {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/admin_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/admin_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/admin_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/admin_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,15 +12,17 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apimachiner "github.com/juju/juju/api/machiner"
 	apitesting "github.com/juju/juju/api/testing"
 	"github.com/juju/juju/apiserver"
+	"github.com/juju/juju/apiserver/observer"
+	"github.com/juju/juju/apiserver/observer/fakeobserver"
 	"github.com/juju/juju/apiserver/params"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/network"
@@ -489,7 +491,7 @@
 
 		// Ensure an API call that would be restricted during
 		// upgrades works after a normal login.
-		err := st.APICall("Client", 1, "", "DestroyModel", nil, nil)
+		err := st.APICall("Client", 1, "", "ModelSet", params.ModelSet{}, nil)
 		c.Assert(err, jc.ErrorIsNil)
 	}
 	s.checkLoginWithValidator(c, validator, checker)
@@ -517,7 +519,7 @@
 		err := st.APICall("Client", 1, "", "FullStatus", params.StatusParams{}, &statusResult)
 		c.Assert(err, jc.ErrorIsNil)
 
-		err = st.APICall("Client", 1, "", "DestroyModel", nil, nil)
+		err = st.APICall("Client", 1, "", "ModelSet", params.ModelSet{}, nil)
 		c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{Message: params.CodeUpgradeInProgress, Code: params.CodeUpgradeInProgress})
 	}
 	s.checkLoginWithValidator(c, validator, checker)
@@ -576,11 +578,12 @@
 		s.State,
 		listener,
 		apiserver.ServerConfig{
-			Cert:      []byte(coretesting.ServerCert),
-			Key:       []byte(coretesting.ServerKey),
-			Validator: validator,
-			Tag:       names.NewMachineTag("0"),
-			LogDir:    c.MkDir(),
+			Cert:        []byte(coretesting.ServerCert),
+			Key:         []byte(coretesting.ServerKey),
+			Validator:   validator,
+			Tag:         names.NewMachineTag("0"),
+			LogDir:      c.MkDir(),
+			NewObserver: func() observer.Observer { return &fakeobserver.Instance{} },
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -753,7 +756,7 @@
 
 	err := st.Login(machine.Tag(), password, "nonce", nil)
 	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-		Message: "invalid entity name or password",
+		Message: "permission denied",
 		Code:    "unauthorized access",
 	})
 }
@@ -767,7 +770,9 @@
 	client := st.Client()
 
 	// ModelUUID looks at the env tag on the api state connection.
-	c.Assert(client.ModelUUID(), gc.Equals, expected.Id())
+	uuid, err := client.ModelUUID()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(uuid, gc.Equals, expected.Id())
 
 	// ModelInfo calls a remote method that looks up the environment.
 	info, err := client.ModelInfo()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/adminv3.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/adminv3.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/adminv3.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/adminv3.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,10 @@
 package apiserver
 
 import (
+	"fmt"
+
 	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/observer"
 	"github.com/juju/juju/apiserver/params"
 )
 
@@ -12,12 +15,12 @@
 	*admin
 }
 
-func newAdminApiV3(srv *Server, root *apiHandler, reqNotifier *requestNotifier) interface{} {
+func newAdminApiV3(srv *Server, root *apiHandler, apiObserver observer.Observer) interface{} {
 	return &adminApiV3{
 		&admin{
 			srv:         srv,
 			root:        root,
-			reqNotifier: reqNotifier,
+			apiObserver: apiObserver,
 		},
 	}
 }
@@ -37,3 +40,10 @@
 func (a *adminApiV3) Login(req params.LoginRequest) (params.LoginResultV1, error) {
 	return a.doLogin(req, 3)
 }
+
+// RedirectInfo returns redirected host information for the model.
+// In Juju it always returns an error because the Juju controller
+// does not multiplex controllers.
+func (a *adminApiV3) RedirectInfo() (params.RedirectInfoResult, error) {
+	return params.RedirectInfoResult{}, fmt.Errorf("not redirected")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/adminv3_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/adminv3_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/adminv3_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/adminv3_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agent/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agent/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agent/agent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agent/agent.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -26,6 +26,7 @@
 	*common.PasswordChanger
 	*common.RebootFlagClearer
 	*common.ModelWatcher
+	*common.ControllerConfigAPI
 
 	st   *state.State
 	auth common.Authorizer
@@ -42,11 +43,12 @@
 		return auth.AuthOwner, nil
 	}
 	return &AgentAPIV2{
-		PasswordChanger:   common.NewPasswordChanger(st, getCanChange),
-		RebootFlagClearer: common.NewRebootFlagClearer(st, getCanChange),
-		ModelWatcher:      common.NewModelWatcher(st, resources, auth),
-		st:                st,
-		auth:              auth,
+		PasswordChanger:     common.NewPasswordChanger(st, getCanChange),
+		RebootFlagClearer:   common.NewRebootFlagClearer(st, getCanChange),
+		ModelWatcher:        common.NewModelWatcher(st, resources, auth),
+		ControllerConfigAPI: common.NewControllerConfig(st),
+		st:                  st,
+		auth:                auth,
 	}, nil
 }
 
@@ -92,12 +94,26 @@
 	return
 }
 
-func (api *AgentAPIV2) StateServingInfo() (result state.StateServingInfo, err error) {
+func (api *AgentAPIV2) StateServingInfo() (result params.StateServingInfo, err error) {
 	if !api.auth.AuthModelManager() {
 		err = common.ErrPerm
 		return
 	}
-	return api.st.StateServingInfo()
+	info, err := api.st.StateServingInfo()
+	if err != nil {
+		return params.StateServingInfo{}, errors.Trace(err)
+	}
+	result = params.StateServingInfo{
+		APIPort:        info.APIPort,
+		StatePort:      info.StatePort,
+		Cert:           info.Cert,
+		PrivateKey:     info.PrivateKey,
+		CAPrivateKey:   info.CAPrivateKey,
+		SharedSecret:   info.SharedSecret,
+		SystemIdentity: info.SystemIdentity,
+	}
+
+	return result, nil
 }
 
 // MongoIsMaster is called by the IsMaster API call
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agent/agent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agent/agent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agent/agent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agent/agent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,14 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package agent_test
 
 import (
 	stdtesting "testing"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/agent"
 	"github.com/juju/juju/apiserver/common"
@@ -49,7 +52,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	s.container, err = s.State.AddMachineInsideMachine(template, s.machine1.Id(), instance.LXC)
+	s.container, err = s.State.AddMachineInsideMachine(template, s.machine1.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.resources = common.NewResources()
@@ -85,7 +88,7 @@
 		Entities: []params.Entity{
 			{Tag: "machine-1"},
 			{Tag: "machine-0"},
-			{Tag: "machine-1-lxc-0"},
+			{Tag: "machine-1-lxd-0"},
 			{Tag: "machine-42"},
 		},
 	}
@@ -117,7 +120,7 @@
 		Entities: []params.Entity{
 			{Tag: "machine-1"},
 			{Tag: "machine-0"},
-			{Tag: "machine-1-lxc-0"},
+			{Tag: "machine-1-lxd-0"},
 			{Tag: "machine-42"},
 		},
 	}
@@ -129,7 +132,7 @@
 			{
 				Life:          "dying",
 				Jobs:          []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
-				ContainerType: instance.LXC,
+				ContainerType: instance.LXD,
 			},
 			{Error: apiservertesting.ErrUnauthorized},
 		},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agenttools/agenttools.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agenttools/agenttools.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agenttools/agenttools.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agenttools/agenttools.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,9 +26,14 @@
 	findTools = tools.FindTools
 )
 
+type stateInterface interface {
+	ModelGetter
+	environs.EnvironConfigGetter
+}
+
 // AgentToolsAPI implements the API used by the machine model worker.
 type AgentToolsAPI struct {
-	st         EnvironGetter
+	st         stateInterface
 	authorizer common.Authorizer
 	// tools lookup
 	findTools        toolsFinder
@@ -45,8 +50,8 @@
 	}, nil
 }
 
-// EnvironGetter represents a struct that can provide a state.Environment.
-type EnvironGetter interface {
+// ModelGetter represents a struct that can provide a state.Model.
+type ModelGetter interface {
 	Model() (*state.Model, error)
 }
 
@@ -55,13 +60,13 @@
 
 var newEnvirons = environs.New
 
-func checkToolsAvailability(cfg *config.Config, finder toolsFinder) (version.Number, error) {
-	currentVersion, ok := cfg.AgentVersion()
+func checkToolsAvailability(getter environs.EnvironConfigGetter, modelCfg *config.Config, finder toolsFinder) (version.Number, error) {
+	currentVersion, ok := modelCfg.AgentVersion()
 	if !ok || currentVersion == version.Zero {
 		return version.Zero, nil
 	}
 
-	env, err := newEnvirons(cfg)
+	env, err := environs.GetEnviron(getter, newEnvirons)
 	if err != nil {
 		return version.Zero, errors.Annotatef(err, "cannot make model")
 	}
@@ -71,7 +76,7 @@
 	// We'll try the released stream first, then fall back to the current configured stream
 	// if no released tools are found.
 	vers, err := finder(env, currentVersion.Major, currentVersion.Minor, tools.ReleasedStream, coretools.Filter{})
-	preferredStream := tools.PreferredStream(&currentVersion, cfg.Development(), cfg.AgentStream())
+	preferredStream := tools.PreferredStream(&currentVersion, modelCfg.Development(), modelCfg.AgentStream())
 	if preferredStream != tools.ReleasedStream && errors.Cause(err) == coretools.ErrNoMatches {
 		vers, err = finder(env, currentVersion.Major, currentVersion.Minor, preferredStream, coretools.Filter{})
 	}
@@ -84,7 +89,7 @@
 	return newest, nil
 }
 
-var envConfig = func(e *state.Model) (*config.Config, error) {
+var modelConfig = func(e *state.Model) (*config.Config, error) {
 	return e.Config()
 }
 
@@ -93,16 +98,16 @@
 	return env.UpdateLatestToolsVersion(ver)
 }
 
-func updateToolsAvailability(st EnvironGetter, finder toolsFinder, update envVersionUpdater) error {
-	env, err := st.Model()
+func updateToolsAvailability(st stateInterface, finder toolsFinder, update envVersionUpdater) error {
+	model, err := st.Model()
 	if err != nil {
 		return errors.Annotate(err, "cannot get model")
 	}
-	cfg, err := envConfig(env)
+	cfg, err := modelConfig(model)
 	if err != nil {
 		return errors.Annotate(err, "cannot get config")
 	}
-	ver, err := checkToolsAvailability(cfg, finder)
+	ver, err := checkToolsAvailability(st, cfg, finder)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			// No newer tools, so exit silently.
@@ -114,7 +119,7 @@
 		logger.Debugf("tools lookup returned version Zero, this should only happen during bootstrap.")
 		return nil
 	}
-	return update(env, ver)
+	return update(model, ver)
 }
 
 // UpdateToolsAvailable invokes a lookup and further update in environ
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agenttools/agenttools_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agenttools/agenttools_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/agenttools/agenttools_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/agenttools/agenttools_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,6 +26,14 @@
 	environs.Environ
 }
 
+type configGetter struct {
+	cfg *config.Config
+}
+
+func (s *configGetter) ModelConfig() (*config.Config, error) {
+	return s.cfg, nil
+}
+
 func (s *AgentToolsSuite) TestCheckTools(c *gc.C) {
 	sConfig := coretesting.FakeConfig()
 	sConfig = sConfig.Merge(coretesting.Attrs{
@@ -51,7 +59,7 @@
 		return coretools.List{&t}, nil
 	}
 
-	ver, err := checkToolsAvailability(cfg, fakeToolFinder)
+	ver, err := checkToolsAvailability(&configGetter{cfg: cfg}, cfg, fakeToolFinder)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(ver, gc.Not(gc.Equals), version.Zero)
 	c.Assert(ver, gc.Equals, version.Number{Major: 2, Minor: 5, Patch: 0})
@@ -86,17 +94,18 @@
 		c.Assert(calledWithMinor, gc.Equals, 5)
 		return coretools.List{&t}, nil
 	}
-	ver, err := checkToolsAvailability(cfg, fakeToolFinder)
+	ver, err := checkToolsAvailability(&configGetter{cfg: cfg}, cfg, fakeToolFinder)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(calledWithStreams, gc.DeepEquals, []string{"released", "proposed"})
 	c.Assert(ver, gc.Not(gc.Equals), version.Zero)
 	c.Assert(ver, gc.Equals, version.Number{Major: 2, Minor: 5, Patch: 0})
 }
 
-type modelGetter struct {
+type mockState struct {
+	configGetter
 }
 
-func (e *modelGetter) Model() (*state.Model, error) {
+func (e *mockState) Model() (*state.Model, error) {
 	return &state.Model{}, nil
 }
 
@@ -106,14 +115,14 @@
 	}
 	s.PatchValue(&newEnvirons, fakeNewEnvirons)
 
-	fakeEnvConfig := func(_ *state.Model) (*config.Config, error) {
+	fakeModelConfig := func(_ *state.Model) (*config.Config, error) {
 		sConfig := coretesting.FakeConfig()
 		sConfig = sConfig.Merge(coretesting.Attrs{
 			"agent-version": "2.5.0",
 		})
 		return config.New(config.NoDefaults, sConfig)
 	}
-	s.PatchValue(&envConfig, fakeEnvConfig)
+	s.PatchValue(&modelConfig, fakeModelConfig)
 
 	fakeToolFinder := func(_ environs.Environ, _ int, _ int, _ string, _ coretools.Filter) (coretools.List, error) {
 		ver := version.Binary{Number: version.Number{Major: 2, Minor: 5, Patch: 2}}
@@ -129,7 +138,9 @@
 		return nil
 	}
 
-	err := updateToolsAvailability(&modelGetter{}, fakeToolFinder, fakeUpdate)
+	cfg, err := config.New(config.NoDefaults, coretesting.FakeConfig())
+	c.Assert(err, jc.ErrorIsNil)
+	err = updateToolsAvailability(&mockState{configGetter{cfg}}, fakeToolFinder, fakeUpdate)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(ver, gc.Not(gc.Equals), version.Zero)
@@ -142,14 +153,14 @@
 	}
 	s.PatchValue(&newEnvirons, fakeNewEnvirons)
 
-	fakeEnvConfig := func(_ *state.Model) (*config.Config, error) {
+	fakeModelConfig := func(_ *state.Model) (*config.Config, error) {
 		sConfig := coretesting.FakeConfig()
 		sConfig = sConfig.Merge(coretesting.Attrs{
 			"agent-version": "2.5.0",
 		})
 		return config.New(config.NoDefaults, sConfig)
 	}
-	s.PatchValue(&envConfig, fakeEnvConfig)
+	s.PatchValue(&modelConfig, fakeModelConfig)
 
 	// No new tools available.
 	fakeToolFinder := func(_ environs.Environ, _ int, _ int, _ string, _ coretools.Filter) (coretools.List, error) {
@@ -162,6 +173,8 @@
 		return nil
 	}
 
-	err := updateToolsAvailability(&modelGetter{}, fakeToolFinder, fakeUpdate)
+	cfg, err := config.New(config.NoDefaults, coretesting.FakeConfig())
+	c.Assert(err, jc.ErrorIsNil)
+	err = updateToolsAvailability(&mockState{configGetter{cfg}}, fakeToolFinder, fakeUpdate)
 	c.Assert(err, jc.ErrorIsNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/allfacades.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/allfacades.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/allfacades.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/allfacades.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,16 +11,18 @@
 // place, not scattering it across packages and depending on magic import lists.
 import (
 	_ "github.com/juju/juju/apiserver/action"
-	_ "github.com/juju/juju/apiserver/addresser"
 	_ "github.com/juju/juju/apiserver/agent"
 	_ "github.com/juju/juju/apiserver/agenttools"
 	_ "github.com/juju/juju/apiserver/annotations"
+	_ "github.com/juju/juju/apiserver/application"
+	_ "github.com/juju/juju/apiserver/applicationscaler"
 	_ "github.com/juju/juju/apiserver/backups"
 	_ "github.com/juju/juju/apiserver/block"
 	_ "github.com/juju/juju/apiserver/charmrevisionupdater"
 	_ "github.com/juju/juju/apiserver/charms"
 	_ "github.com/juju/juju/apiserver/cleaner"
 	_ "github.com/juju/juju/apiserver/client"
+	_ "github.com/juju/juju/apiserver/cloud"
 	_ "github.com/juju/juju/apiserver/controller"
 	_ "github.com/juju/juju/apiserver/deployer"
 	_ "github.com/juju/juju/apiserver/discoverspaces"
@@ -33,7 +35,9 @@
 	_ "github.com/juju/juju/apiserver/instancepoller"
 	_ "github.com/juju/juju/apiserver/keymanager"
 	_ "github.com/juju/juju/apiserver/keyupdater"
+	_ "github.com/juju/juju/apiserver/leadership"
 	_ "github.com/juju/juju/apiserver/lifeflag"
+	_ "github.com/juju/juju/apiserver/logfwd"
 	_ "github.com/juju/juju/apiserver/logger"
 	_ "github.com/juju/juju/apiserver/machine"
 	_ "github.com/juju/juju/apiserver/machineactions"
@@ -52,8 +56,6 @@
 	_ "github.com/juju/juju/apiserver/reboot"
 	_ "github.com/juju/juju/apiserver/resumer"
 	_ "github.com/juju/juju/apiserver/retrystrategy"
-	_ "github.com/juju/juju/apiserver/service"
-	_ "github.com/juju/juju/apiserver/servicescaler"
 	_ "github.com/juju/juju/apiserver/singular"
 	_ "github.com/juju/juju/apiserver/spaces"
 	_ "github.com/juju/juju/apiserver/sshclient"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/annotations/client.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/annotations/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/annotations/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/annotations/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/annotations/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/annotations/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/annotations/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/annotations/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/annotations"
 	"github.com/juju/juju/apiserver/params"
@@ -65,7 +65,7 @@
 
 func (s *annotationSuite) TestServiceAnnotations(c *gc.C) {
 	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-	wordpress := s.Factory.MakeService(c, &factory.ServiceParams{
+	wordpress := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: charm,
 	})
 	s.testSetGetEntitiesAnnotations(c, wordpress.Tag())
@@ -109,12 +109,12 @@
 		Jobs: []state.MachineJob{state.JobHostUnits},
 	})
 	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-	wordpress := s.Factory.MakeService(c, &factory.ServiceParams{
+	wordpress := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: charm,
 	})
 	unit := s.Factory.MakeUnit(c, &factory.UnitParams{
-		Service: wordpress,
-		Machine: machine,
+		Application: wordpress,
+		Machine:     machine,
 	})
 	s.testSetGetEntitiesAnnotations(c, unit.Tag())
 
@@ -126,8 +126,8 @@
 	s.assertAnnotationsRemoval(c, wordpress.Tag())
 }
 
-func (s *annotationSuite) makeRelation(c *gc.C) (*state.Service, *state.Relation) {
-	s1 := s.Factory.MakeService(c, &factory.ServiceParams{
+func (s *annotationSuite) makeRelation(c *gc.C) (*state.Application, *state.Relation) {
+	s1 := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Name: "service1",
 		Charm: s.Factory.MakeCharm(c, &factory.CharmParams{
 			Name: "wordpress",
@@ -136,7 +136,7 @@
 	e1, err := s1.Endpoint("db")
 	c.Assert(err, jc.ErrorIsNil)
 
-	s2 := s.Factory.MakeService(c, &factory.ServiceParams{
+	s2 := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Name: "service2",
 		Charm: s.Factory.MakeCharm(c, &factory.CharmParams{
 			Name: "mysql",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/annotations/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/annotations/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/annotations/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/annotations/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package annotations
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/apiserver.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/apiserver.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/apiserver.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/apiserver.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,19 +10,19 @@
 	"net/http"
 	"strings"
 	"sync"
-	"sync/atomic"
 	"time"
 
 	"github.com/bmizerany/pat"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"golang.org/x/net/websocket"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/apihttp"
+	"github.com/juju/juju/apiserver/observer"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/rpc"
 	"github.com/juju/juju/rpc/jsoncodec"
@@ -50,7 +50,11 @@
 	adminApiFactories map[int]adminApiFactory
 	modelUUID         string
 	authCtxt          *authContext
-	connections       int32 // count of active websocket connections
+	newObserver       observer.ObserverFactory
+	connCount         struct {
+		sync.RWMutex
+		value int64
+	}
 }
 
 // LoginValidator functions are used to decide whether login requests
@@ -68,10 +72,23 @@
 	Validator   LoginValidator
 	CertChanged chan params.StateServingInfo
 
-	// This field only exists to support testing.
+	// NewObserver is a function which will return an observer. This
+	// is used per-connection to instantiate a new observer to be
+	// notified of key events during API requests.
+	NewObserver observer.ObserverFactory
+
+	// StatePool only exists to support testing.
 	StatePool *state.StatePool
 }
 
+func (c *ServerConfig) Validate() error {
+	if c.NewObserver == nil {
+		return errors.NotAssignedf("NewObserver")
+	}
+
+	return nil
+}
+
 // changeCertListener wraps a TLS net.Listener.
 // It allows connection handshakes to be
 // blocked while the TLS certificate is updated.
@@ -110,8 +127,11 @@
 	}
 	cl.m.Lock()
 	defer cl.m.Unlock()
-	config := cl.config
-	return tls.Server(conn, config), nil
+
+	// make a copy of cl.config so that update certificate does not mutate
+	// the config passed to the tls.Server for this conn.
+	config := *cl.config
+	return tls.Server(conn, &config), nil
 }
 
 // Close closes the listener.
@@ -162,6 +182,10 @@
 //
 // The Server will close the listener when it exits, even if returns an error.
 func NewServer(s *state.State, lis net.Listener, cfg ServerConfig) (*Server, error) {
+	if err := cfg.Validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
 	// Important note:
 	// Do not manipulate the state within NewServer as the API
 	// server needs to run before mongo upgrades have happened and
@@ -196,14 +220,15 @@
 	}
 
 	srv := &Server{
-		state:     s,
-		statePool: stPool,
-		lis:       newChangeCertListener(lis, cfg.CertChanged, tlsConfig),
-		tag:       cfg.Tag,
-		dataDir:   cfg.DataDir,
-		logDir:    cfg.LogDir,
-		limiter:   utils.NewLimiter(loginRateLimit),
-		validator: cfg.Validator,
+		newObserver: cfg.NewObserver,
+		state:       s,
+		statePool:   stPool,
+		lis:         newChangeCertListener(lis, cfg.CertChanged, tlsConfig),
+		tag:         cfg.Tag,
+		dataDir:     cfg.DataDir,
+		logDir:      cfg.LogDir,
+		limiter:     utils.NewLimiter(loginRateLimit),
+		validator:   cfg.Validator,
 		adminApiFactories: map[int]adminApiFactory{
 			3: newAdminApiV3,
 		},
@@ -216,6 +241,12 @@
 	return srv, nil
 }
 
+func (srv *Server) ConnectionCount() int64 {
+	srv.connCount.RLock()
+	defer srv.connCount.Unlock()
+	return srv.connCount.value
+}
+
 // Dead returns a channel that signals when the server has exited.
 func (srv *Server) Dead() <-chan struct{} {
 	return srv.tomb.Dead()
@@ -238,87 +269,6 @@
 	return srv.tomb.Wait()
 }
 
-type requestNotifier struct {
-	id    int64
-	start time.Time
-
-	mu   sync.Mutex
-	tag_ string
-
-	// count is incremented by calls to join, and deincremented
-	// by calls to leave.
-	count *int32
-}
-
-var globalCounter int64
-
-func newRequestNotifier(count *int32) *requestNotifier {
-	return &requestNotifier{
-		id:   atomic.AddInt64(&globalCounter, 1),
-		tag_: "<unknown>",
-		// TODO(fwereade): 2016-03-17 lp:1558657
-		start: time.Now(),
-		count: count,
-	}
-}
-
-func (n *requestNotifier) login(tag string) {
-	n.mu.Lock()
-	n.tag_ = tag
-	n.mu.Unlock()
-}
-
-func (n *requestNotifier) tag() (tag string) {
-	n.mu.Lock()
-	tag = n.tag_
-	n.mu.Unlock()
-	return
-}
-
-func (n *requestNotifier) ServerRequest(hdr *rpc.Header, body interface{}) {
-	if hdr.Request.Type == "Pinger" && hdr.Request.Action == "Ping" {
-		return
-	}
-	// TODO(rog) 2013-10-11 remove secrets from some requests.
-	// Until secrets are removed, we only log the body of the requests at trace level
-	// which is below the default level of debug.
-	if logger.IsTraceEnabled() {
-		logger.Tracef("<- [%X] %s %s", n.id, n.tag(), jsoncodec.DumpRequest(hdr, body))
-	} else {
-		logger.Debugf("<- [%X] %s %s", n.id, n.tag(), jsoncodec.DumpRequest(hdr, "'params redacted'"))
-	}
-}
-
-func (n *requestNotifier) ServerReply(req rpc.Request, hdr *rpc.Header, body interface{}, timeSpent time.Duration) {
-	if req.Type == "Pinger" && req.Action == "Ping" {
-		return
-	}
-	// TODO(rog) 2013-10-11 remove secrets from some responses.
-	// Until secrets are removed, we only log the body of the requests at trace level
-	// which is below the default level of debug.
-	if logger.IsTraceEnabled() {
-		logger.Tracef("-> [%X] %s %s", n.id, n.tag(), jsoncodec.DumpRequest(hdr, body))
-	} else {
-		logger.Debugf("-> [%X] %s %s %s %s[%q].%s", n.id, n.tag(), timeSpent, jsoncodec.DumpRequest(hdr, "'body redacted'"), req.Type, req.Id, req.Action)
-	}
-}
-
-func (n *requestNotifier) join(req *http.Request) {
-	active := atomic.AddInt32(n.count, 1)
-	logger.Infof("[%X] API connection from %s, active connections: %d", n.id, req.RemoteAddr, active)
-}
-
-func (n *requestNotifier) leave() {
-	active := atomic.AddInt32(n.count, -1)
-	logger.Infof("[%X] %s API connection terminated after %v, active connections: %d", n.id, n.tag(), time.Since(n.start), active)
-}
-
-func (n *requestNotifier) ClientRequest(hdr *rpc.Header, body interface{}) {
-}
-
-func (n *requestNotifier) ClientReply(req rpc.Request, hdr *rpc.Header, body interface{}) {
-}
-
 func (srv *Server) run() {
 	logger.Infof("listening on %q", srv.lis.Addr())
 
@@ -384,11 +334,17 @@
 		}
 	}
 
+	strictCtxt := httpCtxt
+	strictCtxt.strictValidation = true
+	strictCtxt.controllerModelOnly = true
+
 	mainAPIHandler := srv.trackRequests(http.HandlerFunc(srv.apiHandler))
 	logSinkHandler := srv.trackRequests(newLogSinkHandler(httpCtxt, srv.logDir))
+	logStreamHandler := srv.trackRequests(newLogStreamEndpointHandler(strictCtxt))
 	debugLogHandler := srv.trackRequests(newDebugLogDBHandler(httpCtxt))
 
 	add("/model/:modeluuid/logsink", logSinkHandler)
+	add("/model/:modeluuid/logstream", logStreamHandler)
 	add("/model/:modeluuid/log", debugLogHandler)
 	add("/model/:modeluuid/charms",
 		&charmsHandler{
@@ -405,9 +361,6 @@
 			ctxt: httpCtxt,
 		},
 	)
-	strictCtxt := httpCtxt
-	strictCtxt.strictValidation = true
-	strictCtxt.controllerModelOnly = true
 	add("/model/:modeluuid/backups",
 		&backupHandler{
 			ctxt: strictCtxt,
@@ -415,14 +368,6 @@
 	)
 	add("/model/:modeluuid/api", mainAPIHandler)
 
-	add("/model/:modeluuid/images/:kind/:series/:arch/:filename",
-		&imagesDownloadHandler{
-			ctxt:    httpCtxt,
-			dataDir: srv.dataDir,
-			state:   srv.state,
-		},
-	)
-
 	endpoints = append(endpoints, guiEndpoints("/gui/:modeluuid/", srv.dataDir, httpCtxt)...)
 	add("/gui-archive", &guiArchiveHandler{
 		ctxt: httpCtxt,
@@ -481,7 +426,7 @@
 			return st, nil, err
 		}
 	default:
-		logger.Warningf(`unrecognized access level %q; proceeding with "unauthenticated"`, spec.AuthKind)
+		logger.Infof(`unrecognized access level %q; proceeding with "unauthenticated"`, spec.AuthKind)
 		args.Connect = func(req *http.Request) (*state.State, state.Entity, error) {
 			st, err := ctxt.stateForRequestUnauthenticated(req)
 			return st, nil, err
@@ -501,46 +446,56 @@
 // shutdown will be blocked until the API handler returns.
 func (srv *Server) trackRequests(handler http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		srv.wg.Add(1)
-		defer srv.wg.Done()
-		// If we've got to this stage and the tomb is still
-		// alive, we know that any tomb.Kill must occur after we
-		// have called wg.Add, so we avoid the possibility of a
-		// handler goroutine running after Stop has returned.
-		if srv.tomb.Err() != tomb.ErrStillAlive {
-			return
+		// Care must be taken to not increment the waitgroup count
+		// after the listener has closed.
+		//
+		// First we check to see if the tomb has not yet been killed
+		// because the closure of the listener depends on the tomb being
+		// killed to trigger the defer block in srv.run.
+		select {
+		case <-srv.tomb.Dying():
+			// This request was accepted before the listener was closed
+			// but after the tomb was killed. As we're in the process of
+			// shutting down, do not consider this request as in progress,
+			// just send a 503 and return.
+			http.Error(w, "apiserver shutdown in progress", 503)
+		default:
+			// If we get here then the tomb was not killed therefore the
+			// listener is still open. It is safe to increment the
+			// wg counter as wg.Wait in srv.run has not yet been called.
+			srv.wg.Add(1)
+			defer srv.wg.Done()
+			handler.ServeHTTP(w, r)
 		}
-
-		handler.ServeHTTP(w, r)
 	})
 }
 
 func registerEndpoint(ep apihttp.Endpoint, mux *pat.PatternServeMux) {
-	switch ep.Method {
-	case "GET":
-		mux.Get(ep.Pattern, ep.Handler)
-	case "POST":
-		mux.Post(ep.Pattern, ep.Handler)
-	case "HEAD":
-		mux.Head(ep.Pattern, ep.Handler)
-	case "PUT":
-		mux.Put(ep.Pattern, ep.Handler)
-	case "DEL":
-		mux.Del(ep.Pattern, ep.Handler)
-	case "OPTIONS":
-		mux.Options(ep.Pattern, ep.Handler)
+	mux.Add(ep.Method, ep.Pattern, ep.Handler)
+	if ep.Method == "GET" {
+		mux.Add("HEAD", ep.Pattern, ep.Handler)
 	}
 }
 
 func (srv *Server) apiHandler(w http.ResponseWriter, req *http.Request) {
-	reqNotifier := newRequestNotifier(&srv.connections)
-	reqNotifier.join(req)
-	defer reqNotifier.leave()
+	addCount := func(delta int64) {
+		srv.connCount.Lock()
+		srv.connCount.value += delta
+		srv.connCount.Unlock()
+	}
+
+	addCount(1)
+	defer addCount(-1)
+
+	apiObserver := srv.newObserver()
+	apiObserver.Join(req)
+	defer apiObserver.Leave()
+
 	wsServer := websocket.Server{
 		Handler: func(conn *websocket.Conn) {
 			modelUUID := req.URL.Query().Get(":modeluuid")
 			logger.Tracef("got a request for model %q", modelUUID)
-			if err := srv.serveConn(conn, reqNotifier, modelUUID); err != nil {
+			if err := srv.serveConn(conn, modelUUID, apiObserver); err != nil {
 				logger.Errorf("error serving RPCs: %v", err)
 			}
 		},
@@ -548,26 +503,18 @@
 	wsServer.ServeHTTP(w, req)
 }
 
-func (srv *Server) serveConn(wsConn *websocket.Conn, reqNotifier *requestNotifier, modelUUID string) error {
+func (srv *Server) serveConn(wsConn *websocket.Conn, modelUUID string, apiObserver observer.Observer) error {
 	codec := jsoncodec.NewWebsocket(wsConn)
-	if loggo.GetLogger("juju.rpc.jsoncodec").EffectiveLogLevel() <= loggo.TRACE {
-		codec.SetLogging(true)
-	}
-	var notifier rpc.RequestNotifier
-	if logger.EffectiveLogLevel() <= loggo.DEBUG {
-		// Incur request monitoring overhead only if we
-		// know we'll need it.
-		notifier = reqNotifier
-	}
-	conn := rpc.NewConn(codec, notifier)
 
-	h, err := srv.newAPIHandler(conn, reqNotifier, modelUUID)
+	conn := rpc.NewConn(codec, apiObserver)
+
+	h, err := srv.newAPIHandler(conn, modelUUID)
 	if err != nil {
 		conn.ServeFinder(&errRoot{err}, serverError)
 	} else {
 		adminApis := make(map[int]interface{})
 		for apiVersion, factory := range srv.adminApiFactories {
-			adminApis[apiVersion] = factory(srv, h, reqNotifier)
+			adminApis[apiVersion] = factory(srv, h, apiObserver)
 		}
 		conn.ServeFinder(newAnonRoot(h, adminApis), serverError)
 	}
@@ -579,7 +526,7 @@
 	return conn.Close()
 }
 
-func (srv *Server) newAPIHandler(conn *rpc.Conn, reqNotifier *requestNotifier, modelUUID string) (*apiHandler, error) {
+func (srv *Server) newAPIHandler(conn *rpc.Conn, modelUUID string) (*apiHandler, error) {
 	// Note that we don't overwrite modelUUID here because
 	// newAPIHandler treats an empty modelUUID as signifying
 	// the API version used.
@@ -594,7 +541,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	return newApiHandler(srv, st, conn, reqNotifier, modelUUID)
+	return newApiHandler(srv, st, conn, modelUUID)
 }
 
 func (srv *Server) mongoPinger() error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/application.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/application.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/application.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/application.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,580 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// Package application contains api calls for functionality
+// related to deploying and managing applications and their
+// related charms.
+package application
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"gopkg.in/juju/charm.v6-unstable"
+	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	goyaml "gopkg.in/yaml.v2"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/instance"
+	jjj "github.com/juju/juju/juju"
+	"github.com/juju/juju/state"
+	statestorage "github.com/juju/juju/state/storage"
+)
+
+var (
+	logger = loggo.GetLogger("juju.apiserver.application")
+
+	newStateStorage = statestorage.NewStorage
+)
+
+func init() {
+	common.RegisterStandardFacade("Application", 1, NewAPI)
+}
+
+// Application defines the methods on the application API end point.
+type Application interface {
+	SetMetricCredentials(args params.ApplicationMetricCredentials) (params.ErrorResults, error)
+}
+
+// API implements the application interface and is the concrete
+// implementation of the api end point.
+type API struct {
+	check      *common.BlockChecker
+	state      *state.State
+	authorizer common.Authorizer
+}
+
+// NewAPI returns a new application API facade.
+func NewAPI(
+	st *state.State,
+	resources *common.Resources,
+	authorizer common.Authorizer,
+) (*API, error) {
+	if !authorizer.AuthClient() {
+		return nil, common.ErrPerm
+	}
+
+	return &API{
+		state:      st,
+		authorizer: authorizer,
+		check:      common.NewBlockChecker(st),
+	}, nil
+}
+
+// SetMetricCredentials sets credentials on the application.
+func (api *API) SetMetricCredentials(args params.ApplicationMetricCredentials) (params.ErrorResults, error) {
+	result := params.ErrorResults{
+		Results: make([]params.ErrorResult, len(args.Creds)),
+	}
+	if len(args.Creds) == 0 {
+		return result, nil
+	}
+	for i, a := range args.Creds {
+		application, err := api.state.Application(a.ApplicationName)
+		if err != nil {
+			result.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		err = application.SetMetricCredentials(a.MetricCredentials)
+		if err != nil {
+			result.Results[i].Error = common.ServerError(err)
+		}
+	}
+	return result, nil
+}
+
+// Deploy fetches the charms from the charm store and deploys them
+// using the specified placement directives.
+func (api *API) Deploy(args params.ApplicationsDeploy) (params.ErrorResults, error) {
+	result := params.ErrorResults{
+		Results: make([]params.ErrorResult, len(args.Applications)),
+	}
+	if err := api.check.ChangeAllowed(); err != nil {
+		return result, errors.Trace(err)
+	}
+	for i, arg := range args.Applications {
+		err := deployApplication(api.state, arg)
+		result.Results[i].Error = common.ServerError(err)
+	}
+	return result, nil
+}
+
+// deployApplication fetches the charm from the charm store and deploys it.
+// The logic has been factored out into a common function which is called by
+// both the legacy API on the client facade, as well as the new application facade.
+func deployApplication(st *state.State, args params.ApplicationDeploy) error {
+	curl, err := charm.ParseURL(args.CharmUrl)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if curl.Revision < 0 {
+		return errors.Errorf("charm url must include revision")
+	}
+
+	// Do a quick but not complete validation check before going any further.
+	for _, p := range args.Placement {
+		if p.Scope != instance.MachineScope {
+			continue
+		}
+		_, err = st.Machine(p.Directive)
+		if err != nil {
+			return errors.Annotatef(err, `cannot deploy "%v" to machine %v`, args.ApplicationName, p.Directive)
+		}
+	}
+
+	// Try to find the charm URL in state first.
+	ch, err := st.Charm(curl)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	if err := checkMinVersion(ch); err != nil {
+		return errors.Trace(err)
+	}
+
+	var settings charm.Settings
+	if len(args.ConfigYAML) > 0 {
+		settings, err = ch.Config().ParseSettingsYAML([]byte(args.ConfigYAML), args.ApplicationName)
+	} else if len(args.Config) > 0 {
+		// Parse config in a compatible way (see function comment).
+		settings, err = parseSettingsCompatible(ch, args.Config)
+	}
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	channel := csparams.Channel(args.Channel)
+
+	_, err = jjj.DeployApplication(st,
+		jjj.DeployApplicationParams{
+			ApplicationName:  args.ApplicationName,
+			Series:           args.Series,
+			Charm:            ch,
+			Channel:          channel,
+			NumUnits:         args.NumUnits,
+			ConfigSettings:   settings,
+			Constraints:      args.Constraints,
+			Placement:        args.Placement,
+			Storage:          args.Storage,
+			EndpointBindings: args.EndpointBindings,
+			Resources:        args.Resources,
+		})
+	return errors.Trace(err)
+}
+
+// ApplicationSetSettingsStrings updates the settings for the given application,
+// taking the configuration from a map of strings.
+func ApplicationSetSettingsStrings(application *state.Application, settings map[string]string) error {
+	ch, _, err := application.Charm()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	// Parse config in a compatible way (see function comment).
+	changes, err := parseSettingsCompatible(ch, settings)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return application.UpdateConfigSettings(changes)
+}
+
+// parseSettingsCompatible parses setting strings in a way that is
+// compatible with the behavior before this CL based on the issue
+// http://pad.lv/1194945. Until then setting an option to an empty
+// string caused it to reset to the default value. We now allow
+// empty strings as actual values, but we want to preserve the API
+// behavior.
+func parseSettingsCompatible(ch *state.Charm, settings map[string]string) (charm.Settings, error) {
+	setSettings := map[string]string{}
+	unsetSettings := charm.Settings{}
+	// Split settings into those which set and those which unset a value.
+	for name, value := range settings {
+		if value == "" {
+			unsetSettings[name] = nil
+			continue
+		}
+		setSettings[name] = value
+	}
+	// Validate the settings.
+	changes, err := ch.Config().ParseSettingsStrings(setSettings)
+	if err != nil {
+		return nil, err
+	}
+	// Validate the unsettings and merge them into the changes.
+	unsetSettings, err = ch.Config().ValidateSettings(unsetSettings)
+	if err != nil {
+		return nil, err
+	}
+	for name := range unsetSettings {
+		changes[name] = nil
+	}
+	return changes, nil
+}
+
+// Update updates the application attributes, including charm URL,
+// minimum number of units, settings and constraints.
+// All parameters in params.ApplicationUpdate except the application name are optional.
+func (api *API) Update(args params.ApplicationUpdate) error {
+	if !args.ForceCharmUrl {
+		if err := api.check.ChangeAllowed(); err != nil {
+			return errors.Trace(err)
+		}
+	}
+	svc, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	// Set the charm for the given application.
+	if args.CharmUrl != "" {
+		// For now we do not support changing the channel through Update().
+		// TODO(ericsnow) Support it?
+		channel := svc.Channel()
+		if err = api.applicationSetCharm(svc, args.CharmUrl, channel, args.ForceSeries, args.ForceCharmUrl, nil); err != nil {
+			return errors.Trace(err)
+		}
+	}
+	// Set the minimum number of units for the given application.
+	if args.MinUnits != nil {
+		if err = svc.SetMinUnits(*args.MinUnits); err != nil {
+			return errors.Trace(err)
+		}
+	}
+	// Set up application's settings.
+	if args.SettingsYAML != "" {
+		if err = applicationSetSettingsYAML(svc, args.SettingsYAML); err != nil {
+			return errors.Annotate(err, "setting configuration from YAML")
+		}
+	} else if len(args.SettingsStrings) > 0 {
+		if err = ApplicationSetSettingsStrings(svc, args.SettingsStrings); err != nil {
+			return errors.Trace(err)
+		}
+	}
+	// Update application's constraints.
+	if args.Constraints != nil {
+		return svc.SetConstraints(*args.Constraints)
+	}
+	return nil
+}
+
+// SetCharm sets the charm for a given for the application.
+func (api *API) SetCharm(args params.ApplicationSetCharm) error {
+	// when forced units in error, don't block
+	if !args.ForceUnits {
+		if err := api.check.ChangeAllowed(); err != nil {
+			return errors.Trace(err)
+		}
+	}
+	application, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	channel := csparams.Channel(args.Channel)
+	return api.applicationSetCharm(application, args.CharmUrl, channel, args.ForceSeries, args.ForceUnits, args.ResourceIDs)
+}
+
+// applicationSetCharm sets the charm for the given for the application.
+func (api *API) applicationSetCharm(application *state.Application, url string, channel csparams.Channel, forceSeries, forceUnits bool, resourceIDs map[string]string) error {
+	curl, err := charm.ParseURL(url)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	sch, err := api.state.Charm(curl)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	cfg := state.SetCharmConfig{
+		Charm:       sch,
+		Channel:     channel,
+		ForceSeries: forceSeries,
+		ForceUnits:  forceUnits,
+		ResourceIDs: resourceIDs,
+	}
+	return application.SetCharm(cfg)
+}
+
+// settingsYamlFromGetYaml will parse a yaml produced by juju get and generate
+// charm.Settings from it that can then be sent to the application.
+func settingsFromGetYaml(yamlContents map[string]interface{}) (charm.Settings, error) {
+	onlySettings := charm.Settings{}
+	settingsMap, ok := yamlContents["settings"].(map[interface{}]interface{})
+	if !ok {
+		return nil, errors.New("unknown format for settings")
+	}
+
+	for setting := range settingsMap {
+		s, ok := settingsMap[setting].(map[interface{}]interface{})
+		if !ok {
+			return nil, errors.Errorf("unknown format for settings section %v", setting)
+		}
+		// some keys might not have a value, we don't care about those.
+		v, ok := s["value"]
+		if !ok {
+			continue
+		}
+		stringSetting, ok := setting.(string)
+		if !ok {
+			return nil, errors.Errorf("unexpected setting key, expected string got %T", setting)
+		}
+		onlySettings[stringSetting] = v
+	}
+	return onlySettings, nil
+}
+
+// applicationSetSettingsYAML updates the settings for the given application,
+// taking the configuration from a YAML string.
+func applicationSetSettingsYAML(application *state.Application, settings string) error {
+	b := []byte(settings)
+	var all map[string]interface{}
+	if err := goyaml.Unmarshal(b, &all); err != nil {
+		return errors.Annotate(err, "parsing settings data")
+	}
+	// The file is already in the right format.
+	if _, ok := all[application.Name()]; !ok {
+		changes, err := settingsFromGetYaml(all)
+		if err != nil {
+			return errors.Annotate(err, "processing YAML generated by get")
+		}
+		return errors.Annotate(application.UpdateConfigSettings(changes), "updating settings with application YAML")
+	}
+
+	ch, _, err := application.Charm()
+	if err != nil {
+		return errors.Annotate(err, "obtaining charm for this application")
+	}
+
+	changes, err := ch.Config().ParseSettingsYAML(b, application.Name())
+	if err != nil {
+		return errors.Annotate(err, "creating config from YAML")
+	}
+	return errors.Annotate(application.UpdateConfigSettings(changes), "updating settings")
+}
+
+// GetCharmURL returns the charm URL the given application is
+// running at present.
+func (api *API) GetCharmURL(args params.ApplicationGet) (params.StringResult, error) {
+	application, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return params.StringResult{}, err
+	}
+	charmURL, _ := application.CharmURL()
+	return params.StringResult{Result: charmURL.String()}, nil
+}
+
+// Set implements the server side of Application.Set.
+// It does not unset values that are set to an empty string.
+// Unset should be used for that.
+func (api *API) Set(p params.ApplicationSet) error {
+	if err := api.check.ChangeAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	svc, err := api.state.Application(p.ApplicationName)
+	if err != nil {
+		return err
+	}
+	ch, _, err := svc.Charm()
+	if err != nil {
+		return err
+	}
+	// Validate the settings.
+	changes, err := ch.Config().ParseSettingsStrings(p.Options)
+	if err != nil {
+		return err
+	}
+
+	return svc.UpdateConfigSettings(changes)
+
+}
+
+// Unset implements the server side of Client.Unset.
+func (api *API) Unset(p params.ApplicationUnset) error {
+	if err := api.check.ChangeAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	svc, err := api.state.Application(p.ApplicationName)
+	if err != nil {
+		return err
+	}
+	settings := make(charm.Settings)
+	for _, option := range p.Options {
+		settings[option] = nil
+	}
+	return svc.UpdateConfigSettings(settings)
+}
+
+// CharmRelations implements the server side of Application.CharmRelations.
+func (api *API) CharmRelations(p params.ApplicationCharmRelations) (params.ApplicationCharmRelationsResults, error) {
+	var results params.ApplicationCharmRelationsResults
+	application, err := api.state.Application(p.ApplicationName)
+	if err != nil {
+		return results, err
+	}
+	endpoints, err := application.Endpoints()
+	if err != nil {
+		return results, err
+	}
+	results.CharmRelations = make([]string, len(endpoints))
+	for i, endpoint := range endpoints {
+		results.CharmRelations[i] = endpoint.Relation.Name
+	}
+	return results, nil
+}
+
+// Expose changes the juju-managed firewall to expose any ports that
+// were also explicitly marked by units as open.
+func (api *API) Expose(args params.ApplicationExpose) error {
+	if err := api.check.ChangeAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	svc, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return err
+	}
+	return svc.SetExposed()
+}
+
+// Unexpose changes the juju-managed firewall to unexpose any ports that
+// were also explicitly marked by units as open.
+func (api *API) Unexpose(args params.ApplicationUnexpose) error {
+	if err := api.check.ChangeAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	svc, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return err
+	}
+	return svc.ClearExposed()
+}
+
+// addApplicationUnits adds a given number of units to an application.
+func addApplicationUnits(st *state.State, args params.AddApplicationUnits) ([]*state.Unit, error) {
+	application, err := st.Application(args.ApplicationName)
+	if err != nil {
+		return nil, err
+	}
+	if args.NumUnits < 1 {
+		return nil, errors.New("must add at least one unit")
+	}
+	return jjj.AddUnits(st, application, args.NumUnits, args.Placement)
+}
+
+// AddUnits adds a given number of units to an application.
+func (api *API) AddUnits(args params.AddApplicationUnits) (params.AddApplicationUnitsResults, error) {
+	if err := api.check.ChangeAllowed(); err != nil {
+		return params.AddApplicationUnitsResults{}, errors.Trace(err)
+	}
+	units, err := addApplicationUnits(api.state, args)
+	if err != nil {
+		return params.AddApplicationUnitsResults{}, err
+	}
+	unitNames := make([]string, len(units))
+	for i, unit := range units {
+		unitNames[i] = unit.String()
+	}
+	return params.AddApplicationUnitsResults{Units: unitNames}, nil
+}
+
+// DestroyUnits removes a given set of application units.
+func (api *API) DestroyUnits(args params.DestroyApplicationUnits) error {
+	if err := api.check.RemoveAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	var errs []string
+	for _, name := range args.UnitNames {
+		unit, err := api.state.Unit(name)
+		switch {
+		case errors.IsNotFound(err):
+			err = errors.Errorf("unit %q does not exist", name)
+		case err != nil:
+		case unit.Life() != state.Alive:
+			continue
+		case unit.IsPrincipal():
+			err = unit.Destroy()
+		default:
+			err = errors.Errorf("unit %q is a subordinate", name)
+		}
+		if err != nil {
+			errs = append(errs, err.Error())
+		}
+	}
+	return common.DestroyErr("units", args.UnitNames, errs)
+}
+
+// Destroy destroys a given application.
+func (api *API) Destroy(args params.ApplicationDestroy) error {
+	if err := api.check.RemoveAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	svc, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return err
+	}
+	return svc.Destroy()
+}
+
+// GetConstraints returns the constraints for a given application.
+func (api *API) GetConstraints(args params.GetApplicationConstraints) (params.GetConstraintsResults, error) {
+	svc, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return params.GetConstraintsResults{}, err
+	}
+	cons, err := svc.Constraints()
+	return params.GetConstraintsResults{cons}, err
+}
+
+// SetConstraints sets the constraints for a given application.
+func (api *API) SetConstraints(args params.SetConstraints) error {
+	if err := api.check.ChangeAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	svc, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return err
+	}
+	return svc.SetConstraints(args.Constraints)
+}
+
+// AddRelation adds a relation between the specified endpoints and returns the relation info.
+func (api *API) AddRelation(args params.AddRelation) (params.AddRelationResults, error) {
+	if err := api.check.ChangeAllowed(); err != nil {
+		return params.AddRelationResults{}, errors.Trace(err)
+	}
+	inEps, err := api.state.InferEndpoints(args.Endpoints...)
+	if err != nil {
+		return params.AddRelationResults{}, err
+	}
+	rel, err := api.state.AddRelation(inEps...)
+	if err != nil {
+		return params.AddRelationResults{}, err
+	}
+	outEps := make(map[string]params.CharmRelation)
+	for _, inEp := range inEps {
+		outEp, err := rel.Endpoint(inEp.ApplicationName)
+		if err != nil {
+			return params.AddRelationResults{}, err
+		}
+		outEps[inEp.ApplicationName] = params.CharmRelation{
+			Name:      outEp.Relation.Name,
+			Role:      string(outEp.Relation.Role),
+			Interface: outEp.Relation.Interface,
+			Optional:  outEp.Relation.Optional,
+			Limit:     outEp.Relation.Limit,
+			Scope:     string(outEp.Relation.Scope),
+		}
+	}
+	return params.AddRelationResults{Endpoints: outEps}, nil
+}
+
+// DestroyRelation removes the relation between the specified endpoints.
+func (api *API) DestroyRelation(args params.DestroyRelation) error {
+	if err := api.check.RemoveAllowed(); err != nil {
+		return errors.Trace(err)
+	}
+	eps, err := api.state.InferEndpoints(args.Endpoints...)
+	if err != nil {
+		return err
+	}
+	rel, err := api.state.EndpointsRelation(eps...)
+	if err != nil {
+		return err
+	}
+	return rel.Destroy()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/application_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/application_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/application_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/application_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,2732 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"fmt"
+	"io"
+	"regexp"
+	"runtime"
+	"sync"
+	"time"
+
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/macaroon.v1"
+	"gopkg.in/mgo.v2"
+
+	"github.com/juju/juju/apiserver/application"
+	commontesting "github.com/juju/juju/apiserver/common/testing"
+	"github.com/juju/juju/apiserver/params"
+	apiservertesting "github.com/juju/juju/apiserver/testing"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/instance"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/state"
+	statestorage "github.com/juju/juju/state/storage"
+	"github.com/juju/juju/status"
+	"github.com/juju/juju/storage"
+	"github.com/juju/juju/storage/poolmanager"
+	"github.com/juju/juju/storage/provider"
+	"github.com/juju/juju/storage/provider/registry"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing/factory"
+	jujuversion "github.com/juju/juju/version"
+)
+
+type serviceSuite struct {
+	jujutesting.JujuConnSuite
+	apiservertesting.CharmStoreSuite
+	commontesting.BlockHelper
+
+	applicationApi *application.API
+	application    *state.Application
+	authorizer     apiservertesting.FakeAuthorizer
+}
+
+var _ = gc.Suite(&serviceSuite{})
+
+var _ application.Application = (*application.API)(nil)
+
+func (s *serviceSuite) SetUpSuite(c *gc.C) {
+	s.CharmStoreSuite.SetUpSuite(c)
+	s.JujuConnSuite.SetUpSuite(c)
+}
+
+func (s *serviceSuite) TearDownSuite(c *gc.C) {
+	s.CharmStoreSuite.TearDownSuite(c)
+	s.JujuConnSuite.TearDownSuite(c)
+}
+
+func (s *serviceSuite) SetUpTest(c *gc.C) {
+	s.JujuConnSuite.SetUpTest(c)
+	s.CharmStoreSuite.Session = s.JujuConnSuite.Session
+	s.CharmStoreSuite.SetUpTest(c)
+	s.BlockHelper = commontesting.NewBlockHelper(s.APIState)
+	s.AddCleanup(func(*gc.C) { s.BlockHelper.Close() })
+
+	s.application = s.Factory.MakeApplication(c, nil)
+
+	s.authorizer = apiservertesting.FakeAuthorizer{
+		Tag: s.AdminUserTag(c),
+	}
+	var err error
+	s.applicationApi, err = application.NewAPI(s.State, nil, s.authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) TearDownTest(c *gc.C) {
+	s.CharmStoreSuite.TearDownTest(c)
+	s.JujuConnSuite.TearDownTest(c)
+}
+
+func (s *serviceSuite) TestSetMetricCredentials(c *gc.C) {
+	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
+	wordpress := s.Factory.MakeApplication(c, &factory.ApplicationParams{
+		Charm: charm,
+	})
+	tests := []struct {
+		about   string
+		args    params.ApplicationMetricCredentials
+		results params.ErrorResults
+	}{
+		{
+			"test one argument and it passes",
+			params.ApplicationMetricCredentials{[]params.ApplicationMetricCredential{{
+				s.application.Name(),
+				[]byte("creds 1234"),
+			}}},
+			params.ErrorResults{[]params.ErrorResult{{Error: nil}}},
+		},
+		{
+			"test two arguments and both pass",
+			params.ApplicationMetricCredentials{[]params.ApplicationMetricCredential{
+				{
+					s.application.Name(),
+					[]byte("creds 1234"),
+				},
+				{
+					wordpress.Name(),
+					[]byte("creds 4567"),
+				},
+			}},
+			params.ErrorResults{[]params.ErrorResult{
+				{Error: nil},
+				{Error: nil},
+			}},
+		},
+		{
+			"test two arguments and second one fails",
+			params.ApplicationMetricCredentials{[]params.ApplicationMetricCredential{
+				{
+					s.application.Name(),
+					[]byte("creds 1234"),
+				},
+				{
+					"not-a-application",
+					[]byte("creds 4567"),
+				},
+			}},
+			params.ErrorResults{[]params.ErrorResult{
+				{Error: nil},
+				{Error: &params.Error{Message: `application "not-a-application" not found`, Code: "not found"}},
+			}},
+		},
+	}
+	for i, t := range tests {
+		c.Logf("Running test %d %v", i, t.about)
+		results, err := s.applicationApi.SetMetricCredentials(t.args)
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(results.Results, gc.HasLen, len(t.results.Results))
+		c.Assert(results, gc.DeepEquals, t.results)
+
+		for i, a := range t.args.Creds {
+			if t.results.Results[i].Error == nil {
+				svc, err := s.State.Application(a.ApplicationName)
+				c.Assert(err, jc.ErrorIsNil)
+				creds := svc.MetricCredentials()
+				c.Assert(creds, gc.DeepEquals, a.MetricCredentials)
+			}
+		}
+	}
+}
+
+func (s *serviceSuite) TestCompatibleSettingsParsing(c *gc.C) {
+	// Test the exported settings parsing in a compatible way.
+	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	svc, err := s.State.Application("dummy")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, _, err := svc.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL().String(), gc.Equals, "local:quantal/dummy-1")
+
+	// Empty string will be returned as nil.
+	options := map[string]string{
+		"title":    "foobar",
+		"username": "",
+	}
+	settings, err := application.ParseSettingsCompatible(ch, options)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title":    "foobar",
+		"username": nil,
+	})
+
+	// Illegal settings lead to an error.
+	options = map[string]string{
+		"yummy": "didgeridoo",
+	}
+	_, err = application.ParseSettingsCompatible(ch, options)
+	c.Assert(err, gc.ErrorMatches, `unknown option "yummy"`)
+}
+
+func setupStoragePool(c *gc.C, st *state.State) {
+	pm := poolmanager.New(state.NewStateSettings(st))
+	_, err := pm.Create("loop-pool", provider.LoopProviderType, map[string]interface{}{})
+	c.Assert(err, jc.ErrorIsNil)
+	err = st.UpdateModelConfig(map[string]interface{}{
+		"storage-default-block-source": "loop-pool",
+	}, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) TestServiceDeployWithStorage(c *gc.C) {
+	setupStoragePool(c, s.State)
+	curl, ch := s.UploadCharm(c, "utopic/storage-block-10", "storage-block")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	storageConstraints := map[string]storage.Constraints{
+		"data": {
+			Count: 1,
+			Size:  1024,
+			Pool:  "loop-pool",
+		},
+	}
+
+	var cons constraints.Value
+	args := params.ApplicationDeploy{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		NumUnits:        1,
+		Constraints:     cons,
+		Storage:         storageConstraints,
+	}
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{args}},
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results, gc.DeepEquals, params.ErrorResults{
+		Results: []params.ErrorResult{{Error: nil}},
+	})
+	svc := apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "application", curl, false, ch, cons)
+	storageConstraintsOut, err := svc.StorageConstraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(storageConstraintsOut, gc.DeepEquals, map[string]state.StorageConstraints{
+		"data": {
+			Count: 1,
+			Size:  1024,
+			Pool:  "loop-pool",
+		},
+		"allecto": {
+			Count: 0,
+			Size:  1024,
+			Pool:  "loop",
+		},
+	})
+}
+
+func (s *serviceSuite) TestMinJujuVersionTooHigh(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "quantal/minjujuversion-0", "minjujuversion")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	match := fmt.Sprintf(`charm's min version (999.999.999) is higher than this juju environment's version (%s)`, jujuversion.Current)
+	c.Assert(err, gc.ErrorMatches, regexp.QuoteMeta(match))
+}
+
+func (s *serviceSuite) TestServiceDeployWithInvalidStoragePool(c *gc.C) {
+	setupStoragePool(c, s.State)
+	curl, _ := s.UploadCharm(c, "utopic/storage-block-0", "storage-block")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	storageConstraints := map[string]storage.Constraints{
+		"data": storage.Constraints{
+			Pool:  "foo",
+			Count: 1,
+			Size:  1024,
+		},
+	}
+
+	var cons constraints.Value
+	args := params.ApplicationDeploy{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		NumUnits:        1,
+		Constraints:     cons,
+		Storage:         storageConstraints,
+	}
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{args}},
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.ErrorMatches, `.* pool "foo" not found`)
+}
+
+func (s *serviceSuite) TestServiceDeployWithUnsupportedStoragePool(c *gc.C) {
+	registry.RegisterProvider("hostloop", &mockStorageProvider{kind: storage.StorageKindBlock})
+	pm := poolmanager.New(state.NewStateSettings(s.State))
+	_, err := pm.Create("host-loop-pool", provider.HostLoopProviderType, map[string]interface{}{})
+	c.Assert(err, jc.ErrorIsNil)
+
+	curl, _ := s.UploadCharm(c, "utopic/storage-block-0", "storage-block")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	storageConstraints := map[string]storage.Constraints{
+		"data": storage.Constraints{
+			Pool:  "host-loop-pool",
+			Count: 1,
+			Size:  1024,
+		},
+	}
+
+	var cons constraints.Value
+	args := params.ApplicationDeploy{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		NumUnits:        1,
+		Constraints:     cons,
+		Storage:         storageConstraints,
+	}
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{args}},
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.ErrorMatches,
+		`.*pool "host-loop-pool" uses storage provider "hostloop" which is not supported for models of type "dummy"`)
+}
+
+func (s *serviceSuite) TestServiceDeployDefaultFilesystemStorage(c *gc.C) {
+	setupStoragePool(c, s.State)
+	curl, ch := s.UploadCharm(c, "trusty/storage-filesystem-1", "storage-filesystem")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	var cons constraints.Value
+	args := params.ApplicationDeploy{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		NumUnits:        1,
+		Constraints:     cons,
+	}
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{args}},
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results, gc.DeepEquals, params.ErrorResults{
+		Results: []params.ErrorResult{{Error: nil}},
+	})
+	svc := apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "application", curl, false, ch, cons)
+	storageConstraintsOut, err := svc.StorageConstraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(storageConstraintsOut, gc.DeepEquals, map[string]state.StorageConstraints{
+		"data": {
+			Count: 1,
+			Size:  1024,
+			Pool:  "rootfs",
+		},
+	})
+}
+
+func (s *serviceSuite) TestServiceDeploy(c *gc.C) {
+	curl, ch := s.UploadCharm(c, "precise/dummy-42", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	var cons constraints.Value
+	args := params.ApplicationDeploy{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		NumUnits:        1,
+		Constraints:     cons,
+		Placement: []*instance.Placement{
+			{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "valid"},
+		},
+	}
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{args}},
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results, gc.DeepEquals, params.ErrorResults{
+		Results: []params.ErrorResult{{Error: nil}},
+	})
+	svc := apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "application", curl, false, ch, cons)
+	units, err := svc.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(units, gc.HasLen, 1)
+}
+
+func (s *serviceSuite) TestServiceDeployWithInvalidPlacement(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "precise/dummy-42", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	var cons constraints.Value
+	args := params.ApplicationDeploy{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		NumUnits:        1,
+		Constraints:     cons,
+		Placement: []*instance.Placement{
+			{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "invalid"},
+		},
+	}
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{args}},
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.NotNil)
+	c.Assert(results.Results[0].Error.Error(), gc.Matches, ".* invalid placement is invalid")
+}
+
+func (s *serviceSuite) testClientServicesDeployWithBindings(c *gc.C, endpointBindings, expected map[string]string) {
+	curl, _ := s.UploadCharm(c, "utopic/riak-42", "riak")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	var cons constraints.Value
+	args := params.ApplicationDeploy{
+		ApplicationName:  "application",
+		CharmUrl:         curl.String(),
+		NumUnits:         1,
+		Constraints:      cons,
+		EndpointBindings: endpointBindings,
+	}
+
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{args}},
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+
+	application, err := s.State.Application(args.ApplicationName)
+	c.Assert(err, jc.ErrorIsNil)
+
+	retrievedBindings, err := application.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(retrievedBindings, jc.DeepEquals, expected)
+}
+
+func (s *serviceSuite) TestClientServicesDeployWithBindings(c *gc.C) {
+	s.State.AddSpace("a-space", "", nil, true)
+	expected := map[string]string{
+		"endpoint": "a-space",
+		"ring":     "",
+		"admin":    "",
+	}
+	endpointBindings := map[string]string{"endpoint": "a-space"}
+	s.testClientServicesDeployWithBindings(c, endpointBindings, expected)
+}
+
+func (s *serviceSuite) TestClientServicesDeployWithDefaultBindings(c *gc.C) {
+	expected := map[string]string{
+		"endpoint": "",
+		"ring":     "",
+		"admin":    "",
+	}
+	s.testClientServicesDeployWithBindings(c, nil, expected)
+}
+
+// TODO(wallyworld) - the following charm tests have been moved from the apiserver/client
+// package in order to use the fake charm store testing infrastructure. They are legacy tests
+// written to use the api client instead of the apiserver logic. They need to be rewritten and
+// feature tests added.
+
+func (s *serviceSuite) TestAddCharm(c *gc.C) {
+	var blobs blobs
+	s.PatchValue(application.NewStateStorage, func(uuid string, session *mgo.Session) statestorage.Storage {
+		storage := statestorage.NewStorage(uuid, session)
+		return &recordingStorage{Storage: storage, blobs: &blobs}
+	})
+
+	client := s.APIState.Client()
+	// First test the sanity checks.
+	err := client.AddCharm(&charm.URL{Name: "nonsense"}, csparams.StableChannel)
+	c.Assert(err, gc.ErrorMatches, `cannot parse charm or bundle URL: ":nonsense-0"`)
+	err = client.AddCharm(charm.MustParseURL("local:precise/dummy"), csparams.StableChannel)
+	c.Assert(err, gc.ErrorMatches, "only charm store charm URLs are supported, with cs: schema")
+	err = client.AddCharm(charm.MustParseURL("cs:precise/wordpress"), csparams.StableChannel)
+	c.Assert(err, gc.ErrorMatches, "charm URL must include revision")
+
+	// Add a charm, without uploading it to storage, to
+	// check that AddCharm does not try to do it.
+	charmDir := testcharms.Repo.CharmDir("dummy")
+	ident := fmt.Sprintf("%s-%d", charmDir.Meta().Name, charmDir.Revision())
+	curl := charm.MustParseURL("cs:quantal/" + ident)
+	info := state.CharmInfo{
+		Charm:       charmDir,
+		ID:          curl,
+		StoragePath: "",
+		SHA256:      ident + "-sha256",
+	}
+	sch, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// AddCharm should see the charm in state and not upload it.
+	err = client.AddCharm(sch.URL(), csparams.StableChannel)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(blobs.m, gc.HasLen, 0)
+
+	// Now try adding another charm completely.
+	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
+	err = client.AddCharm(curl, csparams.StableChannel)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Verify it's in state and it got uploaded.
+	storage := statestorage.NewStorage(s.State.ModelUUID(), s.State.MongoSession())
+	sch, err = s.State.Charm(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertUploaded(c, storage, sch.StoragePath(), sch.BundleSha256())
+}
+
+func (s *serviceSuite) TestAddCharmWithAuthorization(c *gc.C) {
+	// Upload a new charm to the charm store.
+	curl, _ := s.UploadCharm(c, "cs:~restricted/precise/wordpress-3", "wordpress")
+
+	// Change permissions on the new charm such that only bob
+	// can read from it.
+	s.DischargeUser = "restricted"
+	err := s.Client.Put("/"+curl.Path()+"/meta/perm/read", []string{"bob"})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Try to add a charm to the environment without authorization.
+	s.DischargeUser = ""
+	err = s.APIState.Client().AddCharm(curl, csparams.StableChannel)
+	c.Assert(err, gc.ErrorMatches, `cannot retrieve charm "cs:~restricted/precise/wordpress-3": cannot get archive: cannot get discharge from "https://.*": third party refused discharge: cannot discharge: discharge denied \(unauthorized access\)`)
+
+	tryAs := func(user string) error {
+		client := csclient.New(csclient.Params{
+			URL: s.Srv.URL,
+		})
+		s.DischargeUser = user
+		var m *macaroon.Macaroon
+		err = client.Get("/delegatable-macaroon", &m)
+		c.Assert(err, gc.IsNil)
+
+		return application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+			URL:     curl.String(),
+			Channel: string(csparams.StableChannel),
+		})
+	}
+	// Try again with authorization for the wrong user.
+	err = tryAs("joe")
+	c.Assert(err, gc.ErrorMatches, `cannot retrieve charm "cs:~restricted/precise/wordpress-3": cannot get archive: unauthorized: access denied for user "joe"`)
+
+	// Try again with the correct authorization this time.
+	err = tryAs("bob")
+	c.Assert(err, gc.IsNil)
+
+	// Verify that it has actually been uploaded.
+	_, err = s.State.Charm(curl)
+	c.Assert(err, gc.IsNil)
+}
+
+func (s *serviceSuite) TestAddCharmConcurrently(c *gc.C) {
+	if runtime.GOOS == "windows" {
+		c.Skip("bug 1596960: Skipping this on windows for now")
+	}
+	var putBarrier sync.WaitGroup
+	var blobs blobs
+	s.PatchValue(application.NewStateStorage, func(uuid string, session *mgo.Session) statestorage.Storage {
+		storage := statestorage.NewStorage(uuid, session)
+		return &recordingStorage{Storage: storage, blobs: &blobs, putBarrier: &putBarrier}
+	})
+
+	client := s.APIState.Client()
+	curl, _ := s.UploadCharm(c, "trusty/wordpress-3", "wordpress")
+
+	// Try adding the same charm concurrently from multiple goroutines
+	// to test no "duplicate key errors" are reported (see lp bug
+	// #1067979) and also at the end only one charm document is
+	// created.
+
+	var wg sync.WaitGroup
+	// We don't add them 1-by-1 because that would allow each goroutine to
+	// finish separately without actually synchronizing between them
+	putBarrier.Add(10)
+	for i := 0; i < 10; i++ {
+		wg.Add(1)
+		go func(index int) {
+			defer wg.Done()
+
+			c.Assert(client.AddCharm(curl, csparams.StableChannel), gc.IsNil, gc.Commentf("goroutine %d", index))
+			sch, err := s.State.Charm(curl)
+			c.Assert(err, gc.IsNil, gc.Commentf("goroutine %d", index))
+			c.Assert(sch.URL(), jc.DeepEquals, curl, gc.Commentf("goroutine %d", index))
+		}(i)
+	}
+	wg.Wait()
+
+	blobs.Lock()
+
+	c.Assert(blobs.m, gc.HasLen, 10)
+
+	// Verify there is only a single uploaded charm remains and it
+	// contains the correct data.
+	sch, err := s.State.Charm(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	storagePath := sch.StoragePath()
+	c.Assert(blobs.m[storagePath], jc.IsTrue)
+	for path, exists := range blobs.m {
+		if path != storagePath {
+			c.Assert(exists, jc.IsFalse)
+		}
+	}
+
+	storage := statestorage.NewStorage(s.State.ModelUUID(), s.State.MongoSession())
+	s.assertUploaded(c, storage, sch.StoragePath(), sch.BundleSha256())
+}
+
+func (s *serviceSuite) assertUploaded(c *gc.C, storage statestorage.Storage, storagePath, expectedSHA256 string) {
+	reader, _, err := storage.Get(storagePath)
+	c.Assert(err, jc.ErrorIsNil)
+	defer reader.Close()
+	downloadedSHA256, _, err := utils.ReadSHA256(reader)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(downloadedSHA256, gc.Equals, expectedSHA256)
+}
+
+func (s *serviceSuite) TestAddCharmOverwritesPlaceholders(c *gc.C) {
+	client := s.APIState.Client()
+	curl, _ := s.UploadCharm(c, "trusty/wordpress-42", "wordpress")
+
+	// Add a placeholder with the same charm URL.
+	err := s.State.AddStoreCharmPlaceholder(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.Charm(curl)
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+
+	// Now try to add the charm, which will convert the placeholder to
+	// a pending charm.
+	err = client.AddCharm(curl, csparams.StableChannel)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Make sure the document's flags were reset as expected.
+	sch, err := s.State.Charm(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sch.URL(), jc.DeepEquals, curl)
+	c.Assert(sch.IsPlaceholder(), jc.IsFalse)
+	c.Assert(sch.IsUploaded(), jc.IsTrue)
+}
+
+func (s *serviceSuite) TestServiceGetCharmURL(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	result, err := s.applicationApi.GetCharmURL(params.ApplicationGet{"wordpress"})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result.Error, gc.IsNil)
+	c.Assert(result.Result, gc.Equals, "local:quantal/wordpress-3")
+}
+
+func (s *serviceSuite) TestServiceSetCharm(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			NumUnits:        3,
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure that the charm is not marked as forced.
+	application, err := s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+	charm, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(charm.URL().String(), gc.Equals, curl.String())
+	c.Assert(force, jc.IsFalse)
+}
+
+func (s *serviceSuite) setupServiceSetCharm(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			NumUnits:        3,
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) assertServiceSetCharm(c *gc.C, forceUnits bool) {
+	err := s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        "cs:~who/precise/wordpress-3",
+		ForceUnits:      forceUnits,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	// Ensure that the charm is not marked as forced.
+	application, err := s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+	charm, _, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(charm.URL().String(), gc.Equals, "cs:~who/precise/wordpress-3")
+}
+
+func (s *serviceSuite) assertServiceSetCharmBlocked(c *gc.C, msg string) {
+	err := s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        "cs:~who/precise/wordpress-3",
+	})
+	s.AssertBlocked(c, err, msg)
+}
+
+func (s *serviceSuite) TestBlockDestroyServiceSetCharm(c *gc.C) {
+	s.setupServiceSetCharm(c)
+	s.BlockDestroyModel(c, "TestBlockDestroyServiceSetCharm")
+	s.assertServiceSetCharm(c, false)
+}
+
+func (s *serviceSuite) TestBlockRemoveServiceSetCharm(c *gc.C) {
+	s.setupServiceSetCharm(c)
+	s.BlockRemoveObject(c, "TestBlockRemoveServiceSetCharm")
+	s.assertServiceSetCharm(c, false)
+}
+
+func (s *serviceSuite) TestBlockChangesServiceSetCharm(c *gc.C) {
+	s.setupServiceSetCharm(c)
+	s.BlockAllChanges(c, "TestBlockChangesServiceSetCharm")
+	s.assertServiceSetCharmBlocked(c, "TestBlockChangesServiceSetCharm")
+}
+
+func (s *serviceSuite) TestServiceSetCharmForceUnits(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			NumUnits:        3,
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		ForceUnits:      true,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure that the charm is marked as forced.
+	application, err := s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+	charm, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(charm.URL().String(), gc.Equals, curl.String())
+	c.Assert(force, jc.IsTrue)
+}
+
+func (s *serviceSuite) TestBlockServiceSetCharmForce(c *gc.C) {
+	s.setupServiceSetCharm(c)
+
+	// block all changes
+	s.BlockAllChanges(c, "TestBlockServiceSetCharmForce")
+	s.BlockRemoveObject(c, "TestBlockServiceSetCharmForce")
+	s.BlockDestroyModel(c, "TestBlockServiceSetCharmForce")
+
+	s.assertServiceSetCharm(c, true)
+}
+
+func (s *serviceSuite) TestServiceSetCharmInvalidService(c *gc.C) {
+	err := s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "badservice",
+		CharmUrl:        "cs:precise/wordpress-3",
+		ForceSeries:     true,
+		ForceUnits:      true,
+	})
+	c.Assert(err, gc.ErrorMatches, `application "badservice" not found`)
+}
+
+func (s *serviceSuite) TestServiceAddCharmErrors(c *gc.C) {
+	for url, expect := range map[string]string{
+		"wordpress":                   "charm URL must include revision",
+		"cs:wordpress":                "charm URL must include revision",
+		"cs:precise/wordpress":        "charm URL must include revision",
+		"cs:precise/wordpress-999999": `cannot retrieve "cs:precise/wordpress-999999": charm not found`,
+	} {
+		c.Logf("test %s", url)
+		err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+			URL: url,
+		})
+		c.Check(err, gc.ErrorMatches, expect)
+	}
+}
+
+func (s *serviceSuite) TestServiceSetCharmLegacy(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	curl, _ = s.UploadCharm(c, "trusty/dummy-1", "dummy")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Even with forceSeries = true, we can't change a charm where
+	// the series is sepcified in the URL.
+	err = s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		ForceSeries:     true,
+	})
+	c.Assert(err, gc.ErrorMatches, "cannot change a service's series")
+}
+
+func (s *serviceSuite) TestServiceSetCharmUnsupportedSeries(c *gc.C) {
+	curl, _ := s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			Series:          "precise",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	curl, _ = s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series2")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+	})
+	c.Assert(err, gc.ErrorMatches, "cannot upgrade charm, only these series are supported: trusty, wily")
+}
+
+func (s *serviceSuite) assertServiceSetCharmSeries(c *gc.C, upgradeCharm, series string) {
+	curl, _ := s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			Series:          "precise",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+
+	url := upgradeCharm
+	if series != "" {
+		url = series + "/" + upgradeCharm
+	}
+	curl, _ = s.UploadCharmMultiSeries(c, "~who/"+url, upgradeCharm)
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		ForceSeries:     true,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	svc, err := s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, _, err := svc.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL().String(), gc.Equals, "cs:~who/"+url+"-0")
+}
+
+func (s *serviceSuite) TestServiceSetCharmUnsupportedSeriesForce(c *gc.C) {
+	s.assertServiceSetCharmSeries(c, "multi-series2", "")
+}
+
+func (s *serviceSuite) TestServiceSetCharmNoExplicitSupportedSeries(c *gc.C) {
+	s.assertServiceSetCharmSeries(c, "dummy", "precise")
+}
+
+func (s *serviceSuite) TestServiceSetCharmWrongOS(c *gc.C) {
+	curl, _ := s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			Series:          "precise",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	curl, _ = s.UploadCharmMultiSeries(c, "~who/multi-series-windows", "multi-series-windows")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		ForceSeries:     true,
+	})
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade charm, OS "Ubuntu" not supported by charm`)
+}
+
+type testModeCharmRepo struct {
+	*charmrepo.CharmStore
+	testMode bool
+}
+
+// WithTestMode returns a repository Interface where test mode is enabled.
+func (s *testModeCharmRepo) WithTestMode() charmrepo.Interface {
+	s.testMode = true
+	return s.CharmStore.WithTestMode()
+}
+
+func (s *serviceSuite) TestSpecializeStoreOnDeployServiceSetCharmAndAddCharm(c *gc.C) {
+	repo := &testModeCharmRepo{}
+	s.PatchValue(&csclient.ServerURL, s.Srv.URL)
+	newCharmStoreRepo := application.NewCharmStoreRepo
+	s.PatchValue(&application.NewCharmStoreRepo, func(c *csclient.Client) charmrepo.Interface {
+		repo.CharmStore = newCharmStoreRepo(c).(*charmrepo.CharmStore)
+		return repo
+	})
+	attrs := map[string]interface{}{"test-mode": true}
+	err := s.State.UpdateModelConfig(attrs, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check that the store's test mode is enabled when calling service Deploy.
+	curl, _ := s.UploadCharm(c, "trusty/dummy-1", "dummy")
+	err = application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			NumUnits:        3,
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	c.Assert(repo.testMode, jc.IsTrue)
+
+	// Check that the store's test mode is enabled when calling SetCharm.
+	curl, _ = s.UploadCharm(c, "trusty/wordpress-2", "wordpress")
+	err = s.applicationApi.SetCharm(params.ApplicationSetCharm{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+	})
+	c.Assert(repo.testMode, jc.IsTrue)
+
+	// Check that the store's test mode is enabled when calling AddCharm.
+	curl, _ = s.UploadCharm(c, "utopic/riak-42", "riak")
+	err = s.APIState.Client().AddCharm(curl, csparams.StableChannel)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(repo.testMode, jc.IsTrue)
+}
+
+func (s *serviceSuite) setupServiceDeploy(c *gc.C, args string) (*charm.URL, charm.Charm, constraints.Value) {
+	curl, ch := s.UploadCharm(c, "precise/dummy-42", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	cons := constraints.MustParse(args)
+	return curl, ch, cons
+}
+
+func (s *serviceSuite) assertServiceDeployPrincipal(c *gc.C, curl *charm.URL, ch charm.Charm, mem4g constraints.Value) {
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			NumUnits:        3,
+			Constraints:     mem4g,
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "application", curl, false, ch, mem4g)
+}
+
+func (s *serviceSuite) assertServiceDeployPrincipalBlocked(c *gc.C, msg string, curl *charm.URL, mem4g constraints.Value) {
+	_, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			NumUnits:        3,
+			Constraints:     mem4g,
+		}}})
+	s.AssertBlocked(c, err, msg)
+}
+
+func (s *serviceSuite) TestBlockDestroyServiceDeployPrincipal(c *gc.C) {
+	curl, bundle, cons := s.setupServiceDeploy(c, "mem=4G")
+	s.BlockDestroyModel(c, "TestBlockDestroyServiceDeployPrincipal")
+	s.assertServiceDeployPrincipal(c, curl, bundle, cons)
+}
+
+func (s *serviceSuite) TestBlockRemoveServiceDeployPrincipal(c *gc.C) {
+	curl, bundle, cons := s.setupServiceDeploy(c, "mem=4G")
+	s.BlockRemoveObject(c, "TestBlockRemoveServiceDeployPrincipal")
+	s.assertServiceDeployPrincipal(c, curl, bundle, cons)
+}
+
+func (s *serviceSuite) TestBlockChangesServiceDeployPrincipal(c *gc.C) {
+	curl, _, cons := s.setupServiceDeploy(c, "mem=4G")
+	s.BlockAllChanges(c, "TestBlockChangesServiceDeployPrincipal")
+	s.assertServiceDeployPrincipalBlocked(c, "TestBlockChangesServiceDeployPrincipal", curl, cons)
+}
+
+func (s *serviceSuite) TestServiceDeploySubordinate(c *gc.C) {
+	curl, ch := s.UploadCharm(c, "utopic/logging-47", "logging")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application-name",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+
+	application, err := s.State.Application("application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	charm, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(force, jc.IsFalse)
+	c.Assert(charm.URL(), gc.DeepEquals, curl)
+	c.Assert(charm.Meta(), gc.DeepEquals, ch.Meta())
+	c.Assert(charm.Config(), gc.DeepEquals, ch.Config())
+
+	units, err := application.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(units, gc.HasLen, 0)
+}
+
+func (s *serviceSuite) TestServiceDeployConfig(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application-name",
+			NumUnits:        1,
+			ConfigYAML:      "application-name:\n  username: fred",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+
+	application, err := s.State.Application("application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err := application.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{"username": "fred"})
+}
+
+func (s *serviceSuite) TestServiceDeployConfigError(c *gc.C) {
+	// TODO(fwereade): test Config/ConfigYAML handling directly on srvClient.
+	// Can't be done cleanly until it's extracted similarly to Machiner.
+	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application-name",
+			NumUnits:        1,
+			ConfigYAML:      "application-name:\n  skill-level: fred",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.ErrorMatches, `option "skill-level" expected int, got "fred"`)
+	_, err = s.State.Application("application-name")
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *serviceSuite) TestServiceDeployToMachine(c *gc.C) {
+	curl, ch := s.UploadCharm(c, "precise/dummy-0", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	machine, err := s.State.AddMachine("precise", state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application-name",
+			NumUnits:        1,
+			ConfigYAML:      "application-name:\n  username: fred",
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+
+	application, err := s.State.Application("application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	charm, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(force, jc.IsFalse)
+	c.Assert(charm.URL(), gc.DeepEquals, curl)
+	c.Assert(charm.Meta(), gc.DeepEquals, ch.Meta())
+	c.Assert(charm.Config(), gc.DeepEquals, ch.Config())
+
+	errs, err := s.APIState.UnitAssigner().AssignUnits([]names.UnitTag{names.NewUnitTag("application-name/0")})
+	c.Assert(errs, gc.DeepEquals, []error{nil})
+	c.Assert(err, jc.ErrorIsNil)
+
+	units, err := application.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(units, gc.HasLen, 1)
+
+	mid, err := units[0].AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(mid, gc.Equals, machine.Id())
+}
+
+func (s *serviceSuite) TestServiceDeployToMachineNotFound(c *gc.C) {
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        "cs:precise/application-name-1",
+			ApplicationName: "application-name",
+			NumUnits:        1,
+			Placement:       []*instance.Placement{instance.MustParsePlacement("42")},
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.ErrorMatches, `cannot deploy "application-name" to machine 42: machine 42 not found`)
+
+	_, err = s.State.Application("application-name")
+	c.Assert(err, gc.ErrorMatches, `application "application-name" not found`)
+}
+
+func (s *serviceSuite) deployServiceForUpdateTests(c *gc.C) {
+	curl, _ := s.UploadCharm(c, "precise/dummy-1", "dummy")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	results, err := s.applicationApi.Deploy(params.ApplicationsDeploy{
+		Applications: []params.ApplicationDeploy{{
+			CharmUrl:        curl.String(),
+			ApplicationName: "application",
+			NumUnits:        1,
+		}}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+}
+
+func (s *serviceSuite) checkClientServiceUpdateSetCharm(c *gc.C, forceCharmUrl bool) {
+	s.deployServiceForUpdateTests(c)
+	curl, _ := s.UploadCharm(c, "precise/wordpress-3", "wordpress")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Update the charm for the application.
+	args := params.ApplicationUpdate{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		ForceCharmUrl:   forceCharmUrl,
+	}
+	err = s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the charm has been updated and and the force flag correctly set.
+	application, err := s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL().String(), gc.Equals, curl.String())
+	c.Assert(force, gc.Equals, forceCharmUrl)
+}
+
+func (s *serviceSuite) TestServiceUpdateSetCharm(c *gc.C) {
+	s.checkClientServiceUpdateSetCharm(c, false)
+}
+
+func (s *serviceSuite) TestBlockDestroyServiceUpdate(c *gc.C) {
+	s.BlockDestroyModel(c, "TestBlockDestroyServiceUpdate")
+	s.checkClientServiceUpdateSetCharm(c, false)
+}
+
+func (s *serviceSuite) TestBlockRemoveServiceUpdate(c *gc.C) {
+	s.BlockRemoveObject(c, "TestBlockRemoveServiceUpdate")
+	s.checkClientServiceUpdateSetCharm(c, false)
+}
+
+func (s *serviceSuite) setupServiceUpdate(c *gc.C) string {
+	s.deployServiceForUpdateTests(c)
+	curl, _ := s.UploadCharm(c, "precise/wordpress-3", "wordpress")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	return curl.String()
+}
+
+func (s *serviceSuite) TestBlockChangeServiceUpdate(c *gc.C) {
+	curl := s.setupServiceUpdate(c)
+	s.BlockAllChanges(c, "TestBlockChangeServiceUpdate")
+	// Update the charm for the application.
+	args := params.ApplicationUpdate{
+		ApplicationName: "application",
+		CharmUrl:        curl,
+		ForceCharmUrl:   false,
+	}
+	err := s.applicationApi.Update(args)
+	s.AssertBlocked(c, err, "TestBlockChangeServiceUpdate")
+}
+
+func (s *serviceSuite) TestServiceUpdateForceSetCharm(c *gc.C) {
+	s.checkClientServiceUpdateSetCharm(c, true)
+}
+
+func (s *serviceSuite) TestBlockServiceUpdateForced(c *gc.C) {
+	curl := s.setupServiceUpdate(c)
+
+	// block all changes. Force should ignore block :)
+	s.BlockAllChanges(c, "TestBlockServiceUpdateForced")
+	s.BlockDestroyModel(c, "TestBlockServiceUpdateForced")
+	s.BlockRemoveObject(c, "TestBlockServiceUpdateForced")
+
+	// Update the charm for the application.
+	args := params.ApplicationUpdate{
+		ApplicationName: "application",
+		CharmUrl:        curl,
+		ForceCharmUrl:   true,
+	}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the charm has been updated and and the force flag correctly set.
+	application, err := s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL().String(), gc.Equals, curl)
+	c.Assert(force, jc.IsTrue)
+}
+
+func (s *serviceSuite) TestServiceUpdateSetCharmNotFound(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	args := params.ApplicationUpdate{
+		ApplicationName: "wordpress",
+		CharmUrl:        "cs:precise/wordpress-999999",
+	}
+	err := s.applicationApi.Update(args)
+	c.Check(err, gc.ErrorMatches, `charm "cs:precise/wordpress-999999" not found`)
+}
+
+func (s *serviceSuite) TestServiceUpdateSetMinUnits(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Set minimum units for the application.
+	minUnits := 2
+	args := params.ApplicationUpdate{
+		ApplicationName: "dummy",
+		MinUnits:        &minUnits,
+	}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the minimum number of units has been set.
+	c.Assert(application.Refresh(), gc.IsNil)
+	c.Assert(application.MinUnits(), gc.Equals, minUnits)
+}
+
+func (s *serviceSuite) TestServiceUpdateSetMinUnitsError(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Set a negative minimum number of units for the application.
+	minUnits := -1
+	args := params.ApplicationUpdate{
+		ApplicationName: "dummy",
+		MinUnits:        &minUnits,
+	}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, gc.ErrorMatches,
+		`cannot set minimum units for application "dummy": cannot set a negative minimum number of units`)
+
+	// Ensure the minimum number of units has not been set.
+	c.Assert(application.Refresh(), gc.IsNil)
+	c.Assert(application.MinUnits(), gc.Equals, 0)
+}
+
+func (s *serviceSuite) TestServiceUpdateSetSettingsStrings(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Update settings for the application.
+	args := params.ApplicationUpdate{
+		ApplicationName: "dummy",
+		SettingsStrings: map[string]string{"title": "s-title", "username": "s-user"},
+	}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the settings have been correctly updated.
+	expected := charm.Settings{"title": "s-title", "username": "s-user"}
+	obtained, err := application.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtained, gc.DeepEquals, expected)
+}
+
+func (s *serviceSuite) TestServiceUpdateSetSettingsYAML(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Update settings for the application.
+	args := params.ApplicationUpdate{
+		ApplicationName: "dummy",
+		SettingsYAML:    "dummy:\n  title: y-title\n  username: y-user",
+	}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the settings have been correctly updated.
+	expected := charm.Settings{"title": "y-title", "username": "y-user"}
+	obtained, err := application.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtained, gc.DeepEquals, expected)
+}
+
+func (s *serviceSuite) TestClientServiceUpdateSetSettingsGetYAML(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Update settings for the application.
+	args := params.ApplicationUpdate{
+		ApplicationName: "dummy",
+		SettingsYAML:    "charm: dummy\napplication: dummy\nsettings:\n  title:\n    value: y-title\n    type: string\n  username:\n    value: y-user\n  ignore:\n    blah: true",
+	}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the settings have been correctly updated.
+	expected := charm.Settings{"title": "y-title", "username": "y-user"}
+	obtained, err := application.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtained, gc.DeepEquals, expected)
+}
+
+func (s *serviceSuite) TestServiceUpdateSetConstraints(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Update constraints for the application.
+	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
+	c.Assert(err, jc.ErrorIsNil)
+	args := params.ApplicationUpdate{
+		ApplicationName: "dummy",
+		Constraints:     &cons,
+	}
+	err = s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the constraints have been correctly updated.
+	obtained, err := application.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtained, gc.DeepEquals, cons)
+}
+
+func (s *serviceSuite) TestServiceUpdateAllParams(c *gc.C) {
+	s.deployServiceForUpdateTests(c)
+	curl, _ := s.UploadCharm(c, "precise/wordpress-3", "wordpress")
+	err := application.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
+		URL: curl.String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Update all the service attributes.
+	minUnits := 3
+	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
+	c.Assert(err, jc.ErrorIsNil)
+	args := params.ApplicationUpdate{
+		ApplicationName: "application",
+		CharmUrl:        curl.String(),
+		ForceCharmUrl:   true,
+		MinUnits:        &minUnits,
+		SettingsStrings: map[string]string{"blog-title": "string-title"},
+		SettingsYAML:    "application:\n  blog-title: yaml-title\n",
+		Constraints:     &cons,
+	}
+	err = s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the service has been correctly updated.
+	application, err := s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check the charm.
+	ch, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL().String(), gc.Equals, curl.String())
+	c.Assert(force, jc.IsTrue)
+
+	// Check the minimum number of units.
+	c.Assert(application.MinUnits(), gc.Equals, minUnits)
+
+	// Check the settings: also ensure the YAML settings take precedence
+	// over strings ones.
+	expectedSettings := charm.Settings{"blog-title": "yaml-title"}
+	obtainedSettings, err := application.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtainedSettings, gc.DeepEquals, expectedSettings)
+
+	// Check the constraints.
+	obtainedConstraints, err := application.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtainedConstraints, gc.DeepEquals, cons)
+}
+
+func (s *serviceSuite) TestServiceUpdateNoParams(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+
+	// Calling Update with no parameters set is a no-op.
+	args := params.ApplicationUpdate{ApplicationName: "wordpress"}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) TestServiceUpdateNoService(c *gc.C) {
+	err := s.applicationApi.Update(params.ApplicationUpdate{})
+	c.Assert(err, gc.ErrorMatches, `"" is not a valid application name`)
+}
+
+func (s *serviceSuite) TestServiceUpdateInvalidService(c *gc.C) {
+	args := params.ApplicationUpdate{ApplicationName: "no-such-service"}
+	err := s.applicationApi.Update(args)
+	c.Assert(err, gc.ErrorMatches, `application "no-such-service" not found`)
+}
+
+var (
+	validSetTestValue = "a value with spaces\nand newline\nand UTF-8 characters: \U0001F604 / \U0001F44D"
+)
+
+func (s *serviceSuite) TestServiceSet(c *gc.C) {
+	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	err := s.applicationApi.Set(params.ApplicationSet{ApplicationName: "dummy", Options: map[string]string{
+		"title":    "foobar",
+		"username": validSetTestValue,
+	}})
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err := dummy.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title":    "foobar",
+		"username": validSetTestValue,
+	})
+
+	err = s.applicationApi.Set(params.ApplicationSet{ApplicationName: "dummy", Options: map[string]string{
+		"title":    "barfoo",
+		"username": "",
+	}})
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err = dummy.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title":    "barfoo",
+		"username": "",
+	})
+}
+
+func (s *serviceSuite) assertServiceSetBlocked(c *gc.C, dummy *state.Application, msg string) {
+	err := s.applicationApi.Set(params.ApplicationSet{
+		ApplicationName: "dummy",
+		Options: map[string]string{
+			"title":    "foobar",
+			"username": validSetTestValue}})
+	s.AssertBlocked(c, err, msg)
+}
+
+func (s *serviceSuite) assertServiceSet(c *gc.C, dummy *state.Application) {
+	err := s.applicationApi.Set(params.ApplicationSet{
+		ApplicationName: "dummy",
+		Options: map[string]string{
+			"title":    "foobar",
+			"username": validSetTestValue}})
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err := dummy.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title":    "foobar",
+		"username": validSetTestValue,
+	})
+}
+
+func (s *serviceSuite) TestBlockDestroyServiceSet(c *gc.C) {
+	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	s.BlockDestroyModel(c, "TestBlockDestroyServiceSet")
+	s.assertServiceSet(c, dummy)
+}
+
+func (s *serviceSuite) TestBlockRemoveServiceSet(c *gc.C) {
+	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	s.BlockRemoveObject(c, "TestBlockRemoveServiceSet")
+	s.assertServiceSet(c, dummy)
+}
+
+func (s *serviceSuite) TestBlockChangesServiceSet(c *gc.C) {
+	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	s.BlockAllChanges(c, "TestBlockChangesServiceSet")
+	s.assertServiceSetBlocked(c, dummy, "TestBlockChangesServiceSet")
+}
+
+func (s *serviceSuite) TestServerUnset(c *gc.C) {
+	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	err := s.applicationApi.Set(params.ApplicationSet{ApplicationName: "dummy", Options: map[string]string{
+		"title":    "foobar",
+		"username": "user name",
+	}})
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err := dummy.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title":    "foobar",
+		"username": "user name",
+	})
+
+	err = s.applicationApi.Unset(params.ApplicationUnset{ApplicationName: "dummy", Options: []string{"username"}})
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err = dummy.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title": "foobar",
+	})
+}
+
+func (s *serviceSuite) setupServerUnsetBlocked(c *gc.C) *state.Application {
+	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	err := s.applicationApi.Set(params.ApplicationSet{
+		ApplicationName: "dummy",
+		Options: map[string]string{
+			"title":    "foobar",
+			"username": "user name",
+		}})
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err := dummy.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title":    "foobar",
+		"username": "user name",
+	})
+	return dummy
+}
+
+func (s *serviceSuite) assertServerUnset(c *gc.C, dummy *state.Application) {
+	err := s.applicationApi.Unset(params.ApplicationUnset{
+		ApplicationName: "dummy",
+		Options:         []string{"username"},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err := dummy.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"title": "foobar",
+	})
+}
+
+func (s *serviceSuite) assertServerUnsetBlocked(c *gc.C, dummy *state.Application, msg string) {
+	err := s.applicationApi.Unset(params.ApplicationUnset{
+		ApplicationName: "dummy",
+		Options:         []string{"username"},
+	})
+	s.AssertBlocked(c, err, msg)
+}
+
+func (s *serviceSuite) TestBlockDestroyServerUnset(c *gc.C) {
+	dummy := s.setupServerUnsetBlocked(c)
+	s.BlockDestroyModel(c, "TestBlockDestroyServerUnset")
+	s.assertServerUnset(c, dummy)
+}
+
+func (s *serviceSuite) TestBlockRemoveServerUnset(c *gc.C) {
+	dummy := s.setupServerUnsetBlocked(c)
+	s.BlockRemoveObject(c, "TestBlockRemoveServerUnset")
+	s.assertServerUnset(c, dummy)
+}
+
+func (s *serviceSuite) TestBlockChangesServerUnset(c *gc.C) {
+	dummy := s.setupServerUnsetBlocked(c)
+	s.BlockAllChanges(c, "TestBlockChangesServerUnset")
+	s.assertServerUnsetBlocked(c, dummy, "TestBlockChangesServerUnset")
+}
+
+var clientAddServiceUnitsTests = []struct {
+	about    string
+	service  string // if not set, defaults to 'dummy'
+	expected []string
+	to       string
+	err      string
+}{
+	{
+		about:    "returns unit names",
+		expected: []string{"dummy/0", "dummy/1", "dummy/2"},
+	},
+	{
+		about: "fails trying to add zero units",
+		err:   "must add at least one unit",
+	},
+	{
+		// Note: chained-state, we add 1 unit here, but the 3 units
+		// from the first condition still exist
+		about:    "force the unit onto bootstrap machine",
+		expected: []string{"dummy/3"},
+		to:       "0",
+	},
+	{
+		about:   "unknown service name",
+		service: "unknown-service",
+		err:     `application "unknown-service" not found`,
+	},
+}
+
+func (s *serviceSuite) TestClientAddServiceUnits(c *gc.C) {
+	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	for i, t := range clientAddServiceUnitsTests {
+		c.Logf("test %d. %s", i, t.about)
+		serviceName := t.service
+		if serviceName == "" {
+			serviceName = "dummy"
+		}
+		args := params.AddApplicationUnits{
+			ApplicationName: serviceName,
+			NumUnits:        len(t.expected),
+		}
+		if t.to != "" {
+			args.Placement = []*instance.Placement{instance.MustParsePlacement(t.to)}
+		}
+		result, err := s.applicationApi.AddUnits(args)
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+			continue
+		}
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(result.Units, gc.DeepEquals, t.expected)
+	}
+	// Test that we actually assigned the unit to machine 0
+	forcedUnit, err := s.BackingState.Unit("dummy/3")
+	c.Assert(err, jc.ErrorIsNil)
+	assignedMachine, err := forcedUnit.AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(assignedMachine, gc.Equals, "0")
+}
+
+func (s *serviceSuite) TestAddServiceUnitsToNewContainer(c *gc.C) {
+	svc := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+
+	_, err = s.applicationApi.AddUnits(params.AddApplicationUnits{
+		ApplicationName: "dummy",
+		NumUnits:        1,
+		Placement:       []*instance.Placement{instance.MustParsePlacement("lxd:" + machine.Id())},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	units, err := svc.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	mid, err := units[0].AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(mid, gc.Equals, machine.Id()+"/lxd/0")
+}
+
+var addServiceUnitTests = []struct {
+	about      string
+	service    string // if not set, defaults to 'dummy'
+	expected   []string
+	machineIds []string
+	placement  []*instance.Placement
+	err        string
+}{
+	{
+		about:      "valid placement directives",
+		expected:   []string{"dummy/0"},
+		placement:  []*instance.Placement{{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "valid"}},
+		machineIds: []string{"1"},
+	}, {
+		about:      "direct machine assignment placement directive",
+		expected:   []string{"dummy/1", "dummy/2"},
+		placement:  []*instance.Placement{{"#", "1"}, {"lxd", "1"}},
+		machineIds: []string{"1", "1/lxd/0"},
+	}, {
+		about:     "invalid placement directive",
+		err:       ".* invalid placement is invalid",
+		expected:  []string{"dummy/3"},
+		placement: []*instance.Placement{{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "invalid"}},
+	},
+}
+
+func (s *serviceSuite) TestAddServiceUnits(c *gc.C) {
+	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	// Add a machine for the units to be placed on.
+	_, err := s.State.AddMachine("quantal", state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+	for i, t := range addServiceUnitTests {
+		c.Logf("test %d. %s", i, t.about)
+		serviceName := t.service
+		if serviceName == "" {
+			serviceName = "dummy"
+		}
+		result, err := s.applicationApi.AddUnits(params.AddApplicationUnits{
+			ApplicationName: serviceName,
+			NumUnits:        len(t.expected),
+			Placement:       t.placement,
+		})
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+			continue
+		}
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(result.Units, gc.DeepEquals, t.expected)
+		for i, unitName := range result.Units {
+			u, err := s.BackingState.Unit(unitName)
+			c.Assert(err, jc.ErrorIsNil)
+			assignedMachine, err := u.AssignedMachineId()
+			c.Assert(err, jc.ErrorIsNil)
+			c.Assert(assignedMachine, gc.Equals, t.machineIds[i])
+		}
+	}
+}
+
+func (s *serviceSuite) assertAddServiceUnits(c *gc.C) {
+	result, err := s.applicationApi.AddUnits(params.AddApplicationUnits{
+		ApplicationName: "dummy",
+		NumUnits:        3,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result.Units, gc.DeepEquals, []string{"dummy/0", "dummy/1", "dummy/2"})
+
+	// Test that we actually assigned the unit to machine 0
+	forcedUnit, err := s.BackingState.Unit("dummy/0")
+	c.Assert(err, jc.ErrorIsNil)
+	assignedMachine, err := forcedUnit.AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(assignedMachine, gc.Equals, "0")
+}
+
+func (s *serviceSuite) TestServiceCharmRelations(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	eps, err := s.State.InferEndpoints("logging", "wordpress")
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+
+	_, err = s.applicationApi.CharmRelations(params.ApplicationCharmRelations{"blah"})
+	c.Assert(err, gc.ErrorMatches, `application "blah" not found`)
+
+	result, err := s.applicationApi.CharmRelations(params.ApplicationCharmRelations{"wordpress"})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result.CharmRelations, gc.DeepEquals, []string{
+		"cache", "db", "juju-info", "logging-dir", "monitoring-port", "url",
+	})
+}
+
+func (s *serviceSuite) assertAddServiceUnitsBlocked(c *gc.C, msg string) {
+	_, err := s.applicationApi.AddUnits(params.AddApplicationUnits{
+		ApplicationName: "dummy",
+		NumUnits:        3,
+	})
+	s.AssertBlocked(c, err, msg)
+}
+
+func (s *serviceSuite) TestBlockDestroyAddServiceUnits(c *gc.C) {
+	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	s.BlockDestroyModel(c, "TestBlockDestroyAddServiceUnits")
+	s.assertAddServiceUnits(c)
+}
+
+func (s *serviceSuite) TestBlockRemoveAddServiceUnits(c *gc.C) {
+	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	s.BlockRemoveObject(c, "TestBlockRemoveAddServiceUnits")
+	s.assertAddServiceUnits(c)
+}
+
+func (s *serviceSuite) TestBlockChangeAddServiceUnits(c *gc.C) {
+	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	s.BlockAllChanges(c, "TestBlockChangeAddServiceUnits")
+	s.assertAddServiceUnitsBlocked(c, "TestBlockChangeAddServiceUnits")
+}
+
+func (s *serviceSuite) TestAddUnitToMachineNotFound(c *gc.C) {
+	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	_, err := s.applicationApi.AddUnits(params.AddApplicationUnits{
+		ApplicationName: "dummy",
+		NumUnits:        3,
+		Placement:       []*instance.Placement{instance.MustParsePlacement("42")},
+	})
+	c.Assert(err, gc.ErrorMatches, `adding new machine to host unit "dummy/0": machine 42 not found`)
+}
+
+func (s *serviceSuite) TestServiceExpose(c *gc.C) {
+	charm := s.AddTestingCharm(c, "dummy")
+	serviceNames := []string{"dummy-service", "exposed-service"}
+	svcs := make([]*state.Application, len(serviceNames))
+	var err error
+	for i, name := range serviceNames {
+		svcs[i] = s.AddTestingService(c, name, charm)
+		c.Assert(svcs[i].IsExposed(), jc.IsFalse)
+	}
+	err = svcs[1].SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(svcs[1].IsExposed(), jc.IsTrue)
+	for i, t := range serviceExposeTests {
+		c.Logf("test %d. %s", i, t.about)
+		err = s.applicationApi.Expose(params.ApplicationExpose{t.service})
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+		} else {
+			c.Assert(err, jc.ErrorIsNil)
+			application, err := s.State.Application(t.service)
+			c.Assert(err, jc.ErrorIsNil)
+			c.Assert(application.IsExposed(), gc.Equals, t.exposed)
+		}
+	}
+}
+
+func (s *serviceSuite) setupServiceExpose(c *gc.C) {
+	charm := s.AddTestingCharm(c, "dummy")
+	serviceNames := []string{"dummy-service", "exposed-service"}
+	svcs := make([]*state.Application, len(serviceNames))
+	var err error
+	for i, name := range serviceNames {
+		svcs[i] = s.AddTestingService(c, name, charm)
+		c.Assert(svcs[i].IsExposed(), jc.IsFalse)
+	}
+	err = svcs[1].SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(svcs[1].IsExposed(), jc.IsTrue)
+}
+
+var serviceExposeTests = []struct {
+	about   string
+	service string
+	err     string
+	exposed bool
+}{
+	{
+		about:   "unknown service name",
+		service: "unknown-service",
+		err:     `application "unknown-service" not found`,
+	},
+	{
+		about:   "expose a service",
+		service: "dummy-service",
+		exposed: true,
+	},
+	{
+		about:   "expose an already exposed service",
+		service: "exposed-service",
+		exposed: true,
+	},
+}
+
+func (s *serviceSuite) assertServiceExpose(c *gc.C) {
+	for i, t := range serviceExposeTests {
+		c.Logf("test %d. %s", i, t.about)
+		err := s.applicationApi.Expose(params.ApplicationExpose{t.service})
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+		} else {
+			c.Assert(err, jc.ErrorIsNil)
+			application, err := s.State.Application(t.service)
+			c.Assert(err, jc.ErrorIsNil)
+			c.Assert(application.IsExposed(), gc.Equals, t.exposed)
+		}
+	}
+}
+
+func (s *serviceSuite) assertServiceExposeBlocked(c *gc.C, msg string) {
+	for i, t := range serviceExposeTests {
+		c.Logf("test %d. %s", i, t.about)
+		err := s.applicationApi.Expose(params.ApplicationExpose{t.service})
+		s.AssertBlocked(c, err, msg)
+	}
+}
+
+func (s *serviceSuite) TestBlockDestroyServiceExpose(c *gc.C) {
+	s.setupServiceExpose(c)
+	s.BlockDestroyModel(c, "TestBlockDestroyServiceExpose")
+	s.assertServiceExpose(c)
+}
+
+func (s *serviceSuite) TestBlockRemoveServiceExpose(c *gc.C) {
+	s.setupServiceExpose(c)
+	s.BlockRemoveObject(c, "TestBlockRemoveServiceExpose")
+	s.assertServiceExpose(c)
+}
+
+func (s *serviceSuite) TestBlockChangesServiceExpose(c *gc.C) {
+	s.setupServiceExpose(c)
+	s.BlockAllChanges(c, "TestBlockChangesServiceExpose")
+	s.assertServiceExposeBlocked(c, "TestBlockChangesServiceExpose")
+}
+
+var serviceUnexposeTests = []struct {
+	about    string
+	service  string
+	err      string
+	initial  bool
+	expected bool
+}{
+	{
+		about:   "unknown service name",
+		service: "unknown-service",
+		err:     `application "unknown-service" not found`,
+	},
+	{
+		about:    "unexpose a service",
+		service:  "dummy-service",
+		initial:  true,
+		expected: false,
+	},
+	{
+		about:    "unexpose an already unexposed service",
+		service:  "dummy-service",
+		initial:  false,
+		expected: false,
+	},
+}
+
+func (s *serviceSuite) TestServiceUnexpose(c *gc.C) {
+	charm := s.AddTestingCharm(c, "dummy")
+	for i, t := range serviceUnexposeTests {
+		c.Logf("test %d. %s", i, t.about)
+		svc := s.AddTestingService(c, "dummy-service", charm)
+		if t.initial {
+			svc.SetExposed()
+		}
+		c.Assert(svc.IsExposed(), gc.Equals, t.initial)
+		err := s.applicationApi.Unexpose(params.ApplicationUnexpose{t.service})
+		if t.err == "" {
+			c.Assert(err, jc.ErrorIsNil)
+			svc.Refresh()
+			c.Assert(svc.IsExposed(), gc.Equals, t.expected)
+		} else {
+			c.Assert(err, gc.ErrorMatches, t.err)
+		}
+		err = svc.Destroy()
+		c.Assert(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *serviceSuite) setupServiceUnexpose(c *gc.C) *state.Application {
+	charm := s.AddTestingCharm(c, "dummy")
+	svc := s.AddTestingService(c, "dummy-service", charm)
+	svc.SetExposed()
+	c.Assert(svc.IsExposed(), gc.Equals, true)
+	return svc
+}
+
+func (s *serviceSuite) assertServiceUnexpose(c *gc.C, svc *state.Application) {
+	err := s.applicationApi.Unexpose(params.ApplicationUnexpose{"dummy-service"})
+	c.Assert(err, jc.ErrorIsNil)
+	svc.Refresh()
+	c.Assert(svc.IsExposed(), gc.Equals, false)
+	err = svc.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) assertServiceUnexposeBlocked(c *gc.C, svc *state.Application, msg string) {
+	err := s.applicationApi.Unexpose(params.ApplicationUnexpose{"dummy-service"})
+	s.AssertBlocked(c, err, msg)
+	err = svc.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) TestBlockDestroyServiceUnexpose(c *gc.C) {
+	svc := s.setupServiceUnexpose(c)
+	s.BlockDestroyModel(c, "TestBlockDestroyServiceUnexpose")
+	s.assertServiceUnexpose(c, svc)
+}
+
+func (s *serviceSuite) TestBlockRemoveServiceUnexpose(c *gc.C) {
+	svc := s.setupServiceUnexpose(c)
+	s.BlockRemoveObject(c, "TestBlockRemoveServiceUnexpose")
+	s.assertServiceUnexpose(c, svc)
+}
+
+func (s *serviceSuite) TestBlockChangesServiceUnexpose(c *gc.C) {
+	svc := s.setupServiceUnexpose(c)
+	s.BlockAllChanges(c, "TestBlockChangesServiceUnexpose")
+	s.assertServiceUnexposeBlocked(c, svc, "TestBlockChangesServiceUnexpose")
+}
+
+var serviceDestroyTests = []struct {
+	about   string
+	service string
+	err     string
+}{
+	{
+		about:   "unknown service name",
+		service: "unknown-service",
+		err:     `application "unknown-service" not found`,
+	},
+	{
+		about:   "destroy a service",
+		service: "dummy-service",
+	},
+	{
+		about:   "destroy an already destroyed service",
+		service: "dummy-service",
+		err:     `application "dummy-service" not found`,
+	},
+}
+
+func (s *serviceSuite) TestServiceDestroy(c *gc.C) {
+	s.AddTestingService(c, "dummy-service", s.AddTestingCharm(c, "dummy"))
+	for i, t := range serviceDestroyTests {
+		c.Logf("test %d. %s", i, t.about)
+		err := s.applicationApi.Destroy(params.ApplicationDestroy{t.service})
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+		} else {
+			c.Assert(err, jc.ErrorIsNil)
+		}
+	}
+
+	// Now do Destroy on a service with units. Destroy will
+	// cause the service to be not-Alive, but will not remove its
+	// document.
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	serviceName := "wordpress"
+	application, err := s.State.Application(serviceName)
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.applicationApi.Destroy(params.ApplicationDestroy{serviceName})
+	c.Assert(err, jc.ErrorIsNil)
+	err = application.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func assertLife(c *gc.C, entity state.Living, life state.Life) {
+	err := entity.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(entity.Life(), gc.Equals, life)
+}
+
+func (s *serviceSuite) TestBlockServiceDestroy(c *gc.C) {
+	s.AddTestingService(c, "dummy-service", s.AddTestingCharm(c, "dummy"))
+
+	// block remove-objects
+	s.BlockRemoveObject(c, "TestBlockServiceDestroy")
+	err := s.applicationApi.Destroy(params.ApplicationDestroy{"dummy-service"})
+	s.AssertBlocked(c, err, "TestBlockServiceDestroy")
+	// Tests may have invalid service names.
+	application, err := s.State.Application("dummy-service")
+	if err == nil {
+		// For valid service names, check that service is alive :-)
+		assertLife(c, application, state.Alive)
+	}
+}
+
+func (s *serviceSuite) TestDestroyPrincipalUnits(c *gc.C) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	units := make([]*state.Unit, 5)
+	for i := range units {
+		unit, err := wordpress.AddUnit()
+		c.Assert(err, jc.ErrorIsNil)
+		now := time.Now()
+		sInfo := status.StatusInfo{
+			Status:  status.StatusIdle,
+			Message: "",
+			Since:   &now,
+		}
+		err = unit.SetAgentStatus(sInfo)
+		c.Assert(err, jc.ErrorIsNil)
+		units[i] = unit
+	}
+	s.assertDestroyPrincipalUnits(c, units)
+}
+
+func (s *serviceSuite) TestDestroySubordinateUnits(c *gc.C) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	wordpress0, err := wordpress.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	eps, err := s.State.InferEndpoints("logging", "wordpress")
+	c.Assert(err, jc.ErrorIsNil)
+	rel, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+	ru, err := rel.Unit(wordpress0)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ru.EnterScope(nil)
+	c.Assert(err, jc.ErrorIsNil)
+	logging0, err := s.State.Unit("logging/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Try to destroy the subordinate alone; check it fails.
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"logging/0"},
+	})
+	c.Assert(err, gc.ErrorMatches, `no units were destroyed: unit "logging/0" is a subordinate`)
+	assertLife(c, logging0, state.Alive)
+
+	s.assertDestroySubordinateUnits(c, wordpress0, logging0)
+}
+
+func (s *serviceSuite) assertDestroyPrincipalUnits(c *gc.C, units []*state.Unit) {
+	// Destroy 2 of them; check they become Dying.
+	err := s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "wordpress/1"},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	assertLife(c, units[0], state.Dying)
+	assertLife(c, units[1], state.Dying)
+
+	// Try to destroy an Alive one and a Dying one; check
+	// it destroys the Alive one and ignores the Dying one.
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/2", "wordpress/0"},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	assertLife(c, units[2], state.Dying)
+
+	// Try to destroy an Alive one along with a nonexistent one; check that
+	// the valid instruction is followed but the invalid one is warned about.
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"boojum/123", "wordpress/3"},
+	})
+	c.Assert(err, gc.ErrorMatches, `some units were not destroyed: unit "boojum/123" does not exist`)
+	assertLife(c, units[3], state.Dying)
+
+	// Make one Dead, and destroy an Alive one alongside it; check no errors.
+	wp0, err := s.State.Unit("wordpress/0")
+	c.Assert(err, jc.ErrorIsNil)
+	err = wp0.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "wordpress/4"},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	assertLife(c, units[0], state.Dead)
+	assertLife(c, units[4], state.Dying)
+}
+
+func (s *serviceSuite) setupDestroyPrincipalUnits(c *gc.C) []*state.Unit {
+	units := make([]*state.Unit, 5)
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	for i := range units {
+		unit, err := wordpress.AddUnit()
+		c.Assert(err, jc.ErrorIsNil)
+		now := time.Now()
+		sInfo := status.StatusInfo{
+			Status:  status.StatusIdle,
+			Message: "",
+			Since:   &now,
+		}
+		err = unit.SetAgentStatus(sInfo)
+		c.Assert(err, jc.ErrorIsNil)
+		units[i] = unit
+	}
+	return units
+}
+
+func (s *serviceSuite) assertBlockedErrorAndLiveliness(
+	c *gc.C,
+	err error,
+	msg string,
+	living1 state.Living,
+	living2 state.Living,
+	living3 state.Living,
+	living4 state.Living,
+) {
+	s.AssertBlocked(c, err, msg)
+	assertLife(c, living1, state.Alive)
+	assertLife(c, living2, state.Alive)
+	assertLife(c, living3, state.Alive)
+	assertLife(c, living4, state.Alive)
+}
+
+func (s *serviceSuite) TestBlockChangesDestroyPrincipalUnits(c *gc.C) {
+	units := s.setupDestroyPrincipalUnits(c)
+	s.BlockAllChanges(c, "TestBlockChangesDestroyPrincipalUnits")
+	err := s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "wordpress/1"},
+	})
+	s.assertBlockedErrorAndLiveliness(c, err, "TestBlockChangesDestroyPrincipalUnits", units[0], units[1], units[2], units[3])
+}
+
+func (s *serviceSuite) TestBlockRemoveDestroyPrincipalUnits(c *gc.C) {
+	units := s.setupDestroyPrincipalUnits(c)
+	s.BlockRemoveObject(c, "TestBlockRemoveDestroyPrincipalUnits")
+	err := s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "wordpress/1"},
+	})
+	s.assertBlockedErrorAndLiveliness(c, err, "TestBlockRemoveDestroyPrincipalUnits", units[0], units[1], units[2], units[3])
+}
+
+func (s *serviceSuite) TestBlockDestroyDestroyPrincipalUnits(c *gc.C) {
+	units := s.setupDestroyPrincipalUnits(c)
+	s.BlockDestroyModel(c, "TestBlockDestroyDestroyPrincipalUnits")
+	err := s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "wordpress/1"},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	assertLife(c, units[0], state.Dying)
+	assertLife(c, units[1], state.Dying)
+}
+
+func (s *serviceSuite) assertDestroySubordinateUnits(c *gc.C, wordpress0, logging0 *state.Unit) {
+	// Try to destroy the principal and the subordinate together; check it warns
+	// about the subordinate, but destroys the one it can. (The principal unit
+	// agent will be responsible for destroying the subordinate.)
+	err := s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "logging/0"},
+	})
+	c.Assert(err, gc.ErrorMatches, `some units were not destroyed: unit "logging/0" is a subordinate`)
+	assertLife(c, wordpress0, state.Dying)
+	assertLife(c, logging0, state.Alive)
+}
+
+func (s *serviceSuite) TestBlockRemoveDestroySubordinateUnits(c *gc.C) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	wordpress0, err := wordpress.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	eps, err := s.State.InferEndpoints("logging", "wordpress")
+	c.Assert(err, jc.ErrorIsNil)
+	rel, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+	ru, err := rel.Unit(wordpress0)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ru.EnterScope(nil)
+	c.Assert(err, jc.ErrorIsNil)
+	logging0, err := s.State.Unit("logging/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.BlockRemoveObject(c, "TestBlockRemoveDestroySubordinateUnits")
+	// Try to destroy the subordinate alone; check it fails.
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"logging/0"},
+	})
+	s.AssertBlocked(c, err, "TestBlockRemoveDestroySubordinateUnits")
+	assertLife(c, rel, state.Alive)
+	assertLife(c, wordpress0, state.Alive)
+	assertLife(c, logging0, state.Alive)
+
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "logging/0"},
+	})
+	s.AssertBlocked(c, err, "TestBlockRemoveDestroySubordinateUnits")
+	assertLife(c, wordpress0, state.Alive)
+	assertLife(c, logging0, state.Alive)
+	assertLife(c, rel, state.Alive)
+}
+
+func (s *serviceSuite) TestBlockChangesDestroySubordinateUnits(c *gc.C) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	wordpress0, err := wordpress.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	eps, err := s.State.InferEndpoints("logging", "wordpress")
+	c.Assert(err, jc.ErrorIsNil)
+	rel, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+	ru, err := rel.Unit(wordpress0)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ru.EnterScope(nil)
+	c.Assert(err, jc.ErrorIsNil)
+	logging0, err := s.State.Unit("logging/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.BlockAllChanges(c, "TestBlockChangesDestroySubordinateUnits")
+	// Try to destroy the subordinate alone; check it fails.
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"logging/0"},
+	})
+	s.AssertBlocked(c, err, "TestBlockChangesDestroySubordinateUnits")
+	assertLife(c, rel, state.Alive)
+	assertLife(c, wordpress0, state.Alive)
+	assertLife(c, logging0, state.Alive)
+
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"wordpress/0", "logging/0"},
+	})
+	s.AssertBlocked(c, err, "TestBlockChangesDestroySubordinateUnits")
+	assertLife(c, wordpress0, state.Alive)
+	assertLife(c, logging0, state.Alive)
+	assertLife(c, rel, state.Alive)
+}
+
+func (s *serviceSuite) TestBlockDestroyDestroySubordinateUnits(c *gc.C) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	wordpress0, err := wordpress.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	eps, err := s.State.InferEndpoints("logging", "wordpress")
+	c.Assert(err, jc.ErrorIsNil)
+	rel, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+	ru, err := rel.Unit(wordpress0)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ru.EnterScope(nil)
+	c.Assert(err, jc.ErrorIsNil)
+	logging0, err := s.State.Unit("logging/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.BlockDestroyModel(c, "TestBlockDestroyDestroySubordinateUnits")
+	// Try to destroy the subordinate alone; check it fails.
+	err = s.applicationApi.DestroyUnits(params.DestroyApplicationUnits{
+		UnitNames: []string{"logging/0"},
+	})
+	c.Assert(err, gc.ErrorMatches, `no units were destroyed: unit "logging/0" is a subordinate`)
+	assertLife(c, logging0, state.Alive)
+
+	s.assertDestroySubordinateUnits(c, wordpress0, logging0)
+}
+
+func (s *serviceSuite) TestClientSetServiceConstraints(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Update constraints for the application.
+	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.applicationApi.SetConstraints(params.SetConstraints{ApplicationName: "dummy", Constraints: cons})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Ensure the constraints have been correctly updated.
+	obtained, err := application.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtained, gc.DeepEquals, cons)
+}
+
+func (s *serviceSuite) setupSetServiceConstraints(c *gc.C) (*state.Application, constraints.Value) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+	// Update constraints for the application.
+	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
+	c.Assert(err, jc.ErrorIsNil)
+	return application, cons
+}
+
+func (s *serviceSuite) assertSetServiceConstraints(c *gc.C, application *state.Application, cons constraints.Value) {
+	err := s.applicationApi.SetConstraints(params.SetConstraints{ApplicationName: "dummy", Constraints: cons})
+	c.Assert(err, jc.ErrorIsNil)
+	// Ensure the constraints have been correctly updated.
+	obtained, err := application.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(obtained, gc.DeepEquals, cons)
+}
+
+func (s *serviceSuite) assertSetServiceConstraintsBlocked(c *gc.C, msg string, service *state.Application, cons constraints.Value) {
+	err := s.applicationApi.SetConstraints(params.SetConstraints{ApplicationName: "dummy", Constraints: cons})
+	s.AssertBlocked(c, err, msg)
+}
+
+func (s *serviceSuite) TestBlockDestroySetServiceConstraints(c *gc.C) {
+	svc, cons := s.setupSetServiceConstraints(c)
+	s.BlockDestroyModel(c, "TestBlockDestroySetServiceConstraints")
+	s.assertSetServiceConstraints(c, svc, cons)
+}
+
+func (s *serviceSuite) TestBlockRemoveSetServiceConstraints(c *gc.C) {
+	svc, cons := s.setupSetServiceConstraints(c)
+	s.BlockRemoveObject(c, "TestBlockRemoveSetServiceConstraints")
+	s.assertSetServiceConstraints(c, svc, cons)
+}
+
+func (s *serviceSuite) TestBlockChangesSetServiceConstraints(c *gc.C) {
+	svc, cons := s.setupSetServiceConstraints(c)
+	s.BlockAllChanges(c, "TestBlockChangesSetServiceConstraints")
+	s.assertSetServiceConstraintsBlocked(c, "TestBlockChangesSetServiceConstraints", svc, cons)
+}
+
+func (s *serviceSuite) TestClientGetServiceConstraints(c *gc.C) {
+	application := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
+
+	// Set constraints for the application.
+	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
+	c.Assert(err, jc.ErrorIsNil)
+	err = application.SetConstraints(cons)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check we can get the constraints.
+	result, err := s.applicationApi.GetConstraints(params.GetApplicationConstraints{"dummy"})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result.Constraints, gc.DeepEquals, cons)
+}
+
+func (s *serviceSuite) checkEndpoints(c *gc.C, endpoints map[string]params.CharmRelation) {
+	c.Assert(endpoints["wordpress"], gc.DeepEquals, params.CharmRelation{
+		Name:      "db",
+		Role:      "requirer",
+		Interface: "mysql",
+		Optional:  false,
+		Limit:     1,
+		Scope:     "global",
+	})
+	c.Assert(endpoints["mysql"], gc.DeepEquals, params.CharmRelation{
+		Name:      "server",
+		Role:      "provider",
+		Interface: "mysql",
+		Optional:  false,
+		Limit:     0,
+		Scope:     "global",
+	})
+}
+
+func (s *serviceSuite) setupRelationScenario(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	eps, err := s.State.InferEndpoints("logging", "wordpress")
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *serviceSuite) assertAddRelation(c *gc.C, endpoints []string) {
+	s.setupRelationScenario(c)
+	res, err := s.applicationApi.AddRelation(params.AddRelation{Endpoints: endpoints})
+	c.Assert(err, jc.ErrorIsNil)
+	s.checkEndpoints(c, res.Endpoints)
+	// Show that the relation was added.
+	wpSvc, err := s.State.Application("wordpress")
+	c.Assert(err, jc.ErrorIsNil)
+	rels, err := wpSvc.Relations()
+	// There are 2 relations - the logging-wordpress one set up in the
+	// scenario and the one created in this test.
+	c.Assert(len(rels), gc.Equals, 2)
+	mySvc, err := s.State.Application("mysql")
+	c.Assert(err, jc.ErrorIsNil)
+	rels, err = mySvc.Relations()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(len(rels), gc.Equals, 1)
+}
+
+func (s *serviceSuite) TestSuccessfullyAddRelation(c *gc.C) {
+	endpoints := []string{"wordpress", "mysql"}
+	s.assertAddRelation(c, endpoints)
+}
+
+func (s *serviceSuite) TestBlockDestroyAddRelation(c *gc.C) {
+	s.BlockDestroyModel(c, "TestBlockDestroyAddRelation")
+	s.assertAddRelation(c, []string{"wordpress", "mysql"})
+}
+func (s *serviceSuite) TestBlockRemoveAddRelation(c *gc.C) {
+	s.BlockRemoveObject(c, "TestBlockRemoveAddRelation")
+	s.assertAddRelation(c, []string{"wordpress", "mysql"})
+}
+
+func (s *serviceSuite) TestBlockChangesAddRelation(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	s.BlockAllChanges(c, "TestBlockChangesAddRelation")
+	_, err := s.applicationApi.AddRelation(params.AddRelation{Endpoints: []string{"wordpress", "mysql"}})
+	s.AssertBlocked(c, err, "TestBlockChangesAddRelation")
+}
+
+func (s *serviceSuite) TestSuccessfullyAddRelationSwapped(c *gc.C) {
+	// Show that the order of the services listed in the AddRelation call
+	// does not matter.  This is a repeat of the previous test with the service
+	// names swapped.
+	endpoints := []string{"mysql", "wordpress"}
+	s.assertAddRelation(c, endpoints)
+}
+
+func (s *serviceSuite) TestCallWithOnlyOneEndpoint(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	endpoints := []string{"wordpress"}
+	_, err := s.applicationApi.AddRelation(params.AddRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, "no relations found")
+}
+
+func (s *serviceSuite) TestCallWithOneEndpointTooMany(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	endpoints := []string{"wordpress", "mysql", "logging"}
+	_, err := s.applicationApi.AddRelation(params.AddRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, "cannot relate 3 endpoints")
+}
+
+func (s *serviceSuite) TestAddAlreadyAddedRelation(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	// Add a relation between wordpress and mysql.
+	endpoints := []string{"wordpress", "mysql"}
+	eps, err := s.State.InferEndpoints(endpoints...)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+	// And try to add it again.
+	_, err = s.applicationApi.AddRelation(params.AddRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, `cannot add relation "wordpress:db mysql:server": relation already exists`)
+}
+
+func (s *serviceSuite) setupDestroyRelationScenario(c *gc.C, endpoints []string) *state.Relation {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	// Add a relation between the endpoints.
+	eps, err := s.State.InferEndpoints(endpoints...)
+	c.Assert(err, jc.ErrorIsNil)
+	relation, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+	return relation
+}
+
+func (s *serviceSuite) assertDestroyRelation(c *gc.C, endpoints []string) {
+	s.assertDestroyRelationSuccess(
+		c,
+		s.setupDestroyRelationScenario(c, endpoints),
+		endpoints)
+}
+
+func (s *serviceSuite) assertDestroyRelationSuccess(c *gc.C, relation *state.Relation, endpoints []string) {
+	err := s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	c.Assert(err, jc.ErrorIsNil)
+	// Show that the relation was removed.
+	c.Assert(relation.Refresh(), jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *serviceSuite) TestSuccessfulDestroyRelation(c *gc.C) {
+	endpoints := []string{"wordpress", "mysql"}
+	s.assertDestroyRelation(c, endpoints)
+}
+
+func (s *serviceSuite) TestSuccessfullyDestroyRelationSwapped(c *gc.C) {
+	// Show that the order of the services listed in the DestroyRelation call
+	// does not matter.  This is a repeat of the previous test with the service
+	// names swapped.
+	endpoints := []string{"mysql", "wordpress"}
+	s.assertDestroyRelation(c, endpoints)
+}
+
+func (s *serviceSuite) TestNoRelation(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	endpoints := []string{"wordpress", "mysql"}
+	err := s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, `relation "wordpress:db mysql:server" not found`)
+}
+
+func (s *serviceSuite) TestAttemptDestroyingNonExistentRelation(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	s.AddTestingService(c, "riak", s.AddTestingCharm(c, "riak"))
+	endpoints := []string{"riak", "wordpress"}
+	err := s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, "no relations found")
+}
+
+func (s *serviceSuite) TestAttemptDestroyingWithOnlyOneEndpoint(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	endpoints := []string{"wordpress"}
+	err := s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, "no relations found")
+}
+
+func (s *serviceSuite) TestAttemptDestroyingPeerRelation(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	s.AddTestingService(c, "riak", s.AddTestingCharm(c, "riak"))
+
+	endpoints := []string{"riak:ring"}
+	err := s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, `cannot destroy relation "riak:ring": is a peer relation`)
+}
+
+func (s *serviceSuite) TestAttemptDestroyingAlreadyDestroyedRelation(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+
+	// Add a relation between wordpress and mysql.
+	eps, err := s.State.InferEndpoints("wordpress", "mysql")
+	c.Assert(err, jc.ErrorIsNil)
+	rel, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+
+	endpoints := []string{"wordpress", "mysql"}
+	err = s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	// Show that the relation was removed.
+	c.Assert(rel.Refresh(), jc.Satisfies, errors.IsNotFound)
+
+	// And try to destroy it again.
+	err = s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	c.Assert(err, gc.ErrorMatches, `relation "wordpress:db mysql:server" not found`)
+}
+
+func (s *serviceSuite) TestBlockRemoveDestroyRelation(c *gc.C) {
+	endpoints := []string{"wordpress", "mysql"}
+	relation := s.setupDestroyRelationScenario(c, endpoints)
+	// block remove-objects
+	s.BlockRemoveObject(c, "TestBlockRemoveDestroyRelation")
+	err := s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	s.AssertBlocked(c, err, "TestBlockRemoveDestroyRelation")
+	assertLife(c, relation, state.Alive)
+}
+
+func (s *serviceSuite) TestBlockChangeDestroyRelation(c *gc.C) {
+	endpoints := []string{"wordpress", "mysql"}
+	relation := s.setupDestroyRelationScenario(c, endpoints)
+	s.BlockAllChanges(c, "TestBlockChangeDestroyRelation")
+	err := s.applicationApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
+	s.AssertBlocked(c, err, "TestBlockChangeDestroyRelation")
+	assertLife(c, relation, state.Alive)
+}
+
+func (s *serviceSuite) TestBlockDestroyDestroyRelation(c *gc.C) {
+	s.BlockDestroyModel(c, "TestBlockDestroyDestroyRelation")
+	endpoints := []string{"wordpress", "mysql"}
+	s.assertDestroyRelation(c, endpoints)
+}
+
+type mockStorageProvider struct {
+	storage.Provider
+	kind storage.StorageKind
+}
+
+func (m *mockStorageProvider) Scope() storage.Scope {
+	return storage.ScopeMachine
+}
+
+func (m *mockStorageProvider) Supports(k storage.StorageKind) bool {
+	return k == m.kind
+}
+
+func (m *mockStorageProvider) ValidateConfig(*storage.Config) error {
+	return nil
+}
+
+type blobs struct {
+	sync.Mutex
+	m map[string]bool // maps path to added (true), or deleted (false)
+}
+
+// Add adds a path to the list of known paths.
+func (b *blobs) Add(path string) {
+	b.Lock()
+	defer b.Unlock()
+	b.check()
+	b.m[path] = true
+}
+
+// Remove marks a path as deleted, even if it was not previously Added.
+func (b *blobs) Remove(path string) {
+	b.Lock()
+	defer b.Unlock()
+	b.check()
+	b.m[path] = false
+}
+
+func (b *blobs) check() {
+	if b.m == nil {
+		b.m = make(map[string]bool)
+	}
+}
+
+type recordingStorage struct {
+	statestorage.Storage
+	putBarrier *sync.WaitGroup
+	blobs      *blobs
+}
+
+func (s *recordingStorage) Put(path string, r io.Reader, size int64) error {
+	if s.putBarrier != nil {
+		// This goroutine has gotten to Put() so mark it Done() and
+		// wait for the other goroutines to get to this point.
+		s.putBarrier.Done()
+		s.putBarrier.Wait()
+	}
+	if err := s.Storage.Put(path, r, size); err != nil {
+		return errors.Trace(err)
+	}
+	s.blobs.Add(path)
+	return nil
+}
+
+func (s *recordingStorage) Remove(path string) error {
+	if err := s.Storage.Remove(path); err != nil {
+		return errors.Trace(err)
+	}
+	s.blobs.Remove(path)
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/charmstore.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/charmstore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/charmstore.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/charmstore.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,296 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"io"
+	"net/url"
+	"os"
+
+	"github.com/juju/errors"
+	"github.com/juju/utils"
+	"github.com/juju/version"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+	"gopkg.in/macaroon.v1"
+
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/state"
+	jujuversion "github.com/juju/juju/version"
+)
+
+// TODO - we really want to avoid this, which we can do by refactoring code requiring this
+// to use interfaces.
+// NewCharmStoreRepo instantiates a new charm store repository.
+// It is exported for testing purposes.
+var NewCharmStoreRepo = newCharmStoreFromClient
+
+func newCharmStoreFromClient(csClient *csclient.Client) charmrepo.Interface {
+	return charmrepo.NewCharmStoreFromClient(csClient)
+}
+
+// AddCharmWithAuthorization adds the given charm URL (which must include revision) to
+// the environment, if it does not exist yet. Local charms are not
+// supported, only charm store URLs. See also AddLocalCharm().
+//
+// The authorization macaroon, args.CharmStoreMacaroon, may be
+// omitted, in which case this call is equivalent to AddCharm.
+func AddCharmWithAuthorization(st *state.State, args params.AddCharmWithAuthorization) error {
+	charmURL, err := charm.ParseURL(args.URL)
+	if err != nil {
+		return err
+	}
+	if charmURL.Schema != "cs" {
+		return fmt.Errorf("only charm store charm URLs are supported, with cs: schema")
+	}
+	if charmURL.Revision < 0 {
+		return fmt.Errorf("charm URL must include revision")
+	}
+
+	// First, check if a pending or a real charm exists in state.
+	stateCharm, err := st.PrepareStoreCharmUpload(charmURL)
+	if err != nil {
+		return err
+	}
+	if stateCharm.IsUploaded() {
+		// Charm already in state (it was uploaded already).
+		return nil
+	}
+
+	// Open a charm store client.
+	repo, err := openCSRepo(args)
+	if err != nil {
+		return err
+	}
+	modelConfig, err := st.ModelConfig()
+	if err != nil {
+		return err
+	}
+	repo = config.SpecializeCharmRepo(repo, modelConfig).(*charmrepo.CharmStore)
+
+	// Get the charm and its information from the store.
+	downloadedCharm, err := repo.Get(charmURL)
+	if err != nil {
+		cause := errors.Cause(err)
+		if httpbakery.IsDischargeError(cause) || httpbakery.IsInteractionError(cause) {
+			return errors.NewUnauthorized(err, "")
+		}
+		return errors.Trace(err)
+	}
+
+	if err := checkMinVersion(downloadedCharm); err != nil {
+		return errors.Trace(err)
+	}
+
+	// Open it and calculate the SHA256 hash.
+	downloadedBundle, ok := downloadedCharm.(*charm.CharmArchive)
+	if !ok {
+		return errors.Errorf("expected a charm archive, got %T", downloadedCharm)
+	}
+	archive, err := os.Open(downloadedBundle.Path)
+	if err != nil {
+		return errors.Annotate(err, "cannot read downloaded charm")
+	}
+	defer archive.Close()
+	bundleSHA256, size, err := utils.ReadSHA256(archive)
+	if err != nil {
+		return errors.Annotate(err, "cannot calculate SHA256 hash of charm")
+	}
+	if _, err := archive.Seek(0, 0); err != nil {
+		return errors.Annotate(err, "cannot rewind charm archive")
+	}
+
+	ca := CharmArchive{
+		ID:     charmURL,
+		Charm:  downloadedCharm,
+		Data:   archive,
+		Size:   size,
+		SHA256: bundleSHA256,
+	}
+	if args.CharmStoreMacaroon != nil {
+		ca.Macaroon = macaroon.Slice{args.CharmStoreMacaroon}
+	}
+
+	// Store the charm archive in environment storage.
+	return StoreCharmArchive(st, ca)
+}
+
+func openCSRepo(args params.AddCharmWithAuthorization) (charmrepo.Interface, error) {
+	csClient, err := openCSClient(args)
+	if err != nil {
+		return nil, err
+	}
+	repo := NewCharmStoreRepo(csClient)
+	return repo, nil
+}
+
+func openCSClient(args params.AddCharmWithAuthorization) (*csclient.Client, error) {
+	csURL, err := url.Parse(csclient.ServerURL)
+	if err != nil {
+		return nil, err
+	}
+	csParams := csclient.Params{
+		URL:        csURL.String(),
+		HTTPClient: httpbakery.NewHTTPClient(),
+	}
+
+	if args.CharmStoreMacaroon != nil {
+		// Set the provided charmstore authorizing macaroon
+		// as a cookie in the HTTP client.
+		// TODO(cmars) discharge any third party caveats in the macaroon.
+		ms := []*macaroon.Macaroon{args.CharmStoreMacaroon}
+		httpbakery.SetCookie(csParams.HTTPClient.Jar, csURL, ms)
+	}
+	csClient := csclient.New(csParams)
+	channel := csparams.Channel(args.Channel)
+	if channel != csparams.NoChannel {
+		csClient = csClient.WithChannel(channel)
+	}
+	return csClient, nil
+}
+
+func checkMinVersion(ch charm.Charm) error {
+	minver := ch.Meta().MinJujuVersion
+	if minver != version.Zero && minver.Compare(jujuversion.Current) > 0 {
+		return minVersionError(minver, jujuversion.Current)
+	}
+	return nil
+}
+
+type minJujuVersionErr struct {
+	*errors.Err
+}
+
+func minVersionError(minver, jujuver version.Number) error {
+	err := errors.NewErr("charm's min version (%s) is higher than this juju environment's version (%s)",
+		minver, jujuver)
+	err.SetLocation(1)
+	return minJujuVersionErr{&err}
+}
+
+// CharmArchive is the data that needs to be stored for a charm archive in
+// state.
+type CharmArchive struct {
+	// ID is the charm URL for which we're storing the archive.
+	ID *charm.URL
+
+	// Charm is the metadata about the charm for the archive.
+	Charm charm.Charm
+
+	// Data contains the bytes of the archive.
+	Data io.Reader
+
+	// Size is the number of bytes in Data.
+	Size int64
+
+	// SHA256 is the hash of the bytes in Data.
+	SHA256 string
+
+	// Macaroon is the authorization macaroon for accessing the charmstore.
+	Macaroon macaroon.Slice
+}
+
+// StoreCharmArchive stores a charm archive in environment storage.
+func StoreCharmArchive(st *state.State, archive CharmArchive) error {
+	storage := newStateStorage(st.ModelUUID(), st.MongoSession())
+	storagePath, err := charmArchiveStoragePath(archive.ID)
+	if err != nil {
+		return errors.Annotate(err, "cannot generate charm archive name")
+	}
+	if err := storage.Put(storagePath, archive.Data, archive.Size); err != nil {
+		return errors.Annotate(err, "cannot add charm to storage")
+	}
+
+	info := state.CharmInfo{
+		Charm:       archive.Charm,
+		ID:          archive.ID,
+		StoragePath: storagePath,
+		SHA256:      archive.SHA256,
+		Macaroon:    archive.Macaroon,
+	}
+
+	// Now update the charm data in state and mark it as no longer pending.
+	_, err = st.UpdateUploadedCharm(info)
+	if err != nil {
+		alreadyUploaded := err == state.ErrCharmRevisionAlreadyModified ||
+			errors.Cause(err) == state.ErrCharmRevisionAlreadyModified ||
+			state.IsCharmAlreadyUploadedError(err)
+		if err := storage.Remove(storagePath); err != nil {
+			if alreadyUploaded {
+				logger.Errorf("cannot remove duplicated charm archive from storage: %v", err)
+			} else {
+				logger.Errorf("cannot remove unsuccessfully recorded charm archive from storage: %v", err)
+			}
+		}
+		if alreadyUploaded {
+			// Somebody else managed to upload and update the charm in
+			// state before us. This is not an error.
+			return nil
+		}
+	}
+	return nil
+}
+
+// charmArchiveStoragePath returns a string that is suitable as a
+// storage path, using a random UUID to avoid colliding with concurrent
+// uploads.
+func charmArchiveStoragePath(curl *charm.URL) (string, error) {
+	uuid, err := utils.NewUUID()
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("charms/%s-%s", curl.String(), uuid), nil
+}
+
+// ResolveCharm resolves the best available charm URLs with series, for charm
+// locations without a series specified.
+func ResolveCharms(st *state.State, args params.ResolveCharms) (params.ResolveCharmResults, error) {
+	var results params.ResolveCharmResults
+
+	envConfig, err := st.ModelConfig()
+	if err != nil {
+		return params.ResolveCharmResults{}, err
+	}
+	repo := config.SpecializeCharmRepo(
+		NewCharmStoreRepo(csclient.New(csclient.Params{})),
+		envConfig)
+
+	for _, ref := range args.References {
+		result := params.ResolveCharmResult{}
+		curl, err := charm.ParseURL(ref)
+		if err != nil {
+			result.Error = err.Error()
+		} else {
+			curl, err := resolveCharm(curl, repo)
+			if err != nil {
+				result.Error = err.Error()
+			} else {
+				result.URL = curl.String()
+			}
+		}
+		results.URLs = append(results.URLs, result)
+	}
+	return results, nil
+}
+
+func resolveCharm(ref *charm.URL, repo charmrepo.Interface) (*charm.URL, error) {
+	if ref.Schema != "cs" {
+		return nil, fmt.Errorf("only charm store charm references are supported, with cs: schema")
+	}
+
+	// Resolve the charm location with the repository.
+	resolved, _, err := repo.Resolve(ref)
+	if err != nil {
+		return nil, err
+	}
+	if resolved.Series == "" {
+		return nil, errors.Errorf("no series found in charm URL %q", resolved)
+	}
+	return resolved.WithRevision(ref.Revision), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/export_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,16 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import "github.com/juju/errors"
+
+var (
+	ParseSettingsCompatible = parseSettingsCompatible
+	NewStateStorage         = &newStateStorage
+)
+
+func IsMinJujuVersionError(err error) bool {
+	_, ok := errors.Cause(err).(minJujuVersionErr)
+	return ok
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/get.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/get.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/get.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,62 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"gopkg.in/juju/charm.v6-unstable"
+
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/constraints"
+)
+
+// Get returns the configuration for a service.
+func (api *API) Get(args params.ApplicationGet) (params.ApplicationGetResults, error) {
+	app, err := api.state.Application(args.ApplicationName)
+	if err != nil {
+		return params.ApplicationGetResults{}, err
+	}
+	settings, err := app.ConfigSettings()
+	if err != nil {
+		return params.ApplicationGetResults{}, err
+	}
+	charm, _, err := app.Charm()
+	if err != nil {
+		return params.ApplicationGetResults{}, err
+	}
+	configInfo := describe(settings, charm.Config())
+	var constraints constraints.Value
+	if app.IsPrincipal() {
+		constraints, err = app.Constraints()
+		if err != nil {
+			return params.ApplicationGetResults{}, err
+		}
+	}
+	return params.ApplicationGetResults{
+		Application: args.ApplicationName,
+		Charm:       charm.Meta().Name,
+		Config:      configInfo,
+		Constraints: constraints,
+		Series:      app.Series(),
+	}, nil
+}
+
+func describe(settings charm.Settings, config *charm.Config) map[string]interface{} {
+	results := make(map[string]interface{})
+	for name, option := range config.Options {
+		info := map[string]interface{}{
+			"description": option.Description,
+			"type":        option.Type,
+		}
+		if value := settings[name]; value != nil {
+			info["value"] = value
+		} else {
+			if option.Default != nil {
+				info["value"] = option.Default
+			}
+			info["default"] = true
+		}
+		results[name] = info
+	}
+	return results
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/get_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/get_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/get_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/get_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,213 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"fmt"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+
+	apiapplication "github.com/juju/juju/api/application"
+	"github.com/juju/juju/apiserver/application"
+	"github.com/juju/juju/apiserver/params"
+	apiservertesting "github.com/juju/juju/apiserver/testing"
+	"github.com/juju/juju/constraints"
+	jujutesting "github.com/juju/juju/juju/testing"
+)
+
+type getSuite struct {
+	jujutesting.JujuConnSuite
+
+	serviceApi *application.API
+	authorizer apiservertesting.FakeAuthorizer
+}
+
+var _ = gc.Suite(&getSuite{})
+
+func (s *getSuite) SetUpTest(c *gc.C) {
+	s.JujuConnSuite.SetUpTest(c)
+
+	s.authorizer = apiservertesting.FakeAuthorizer{
+		Tag: s.AdminUserTag(c),
+	}
+	var err error
+	s.serviceApi, err = application.NewAPI(s.State, nil, s.authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *getSuite) TestClientServiceGetSmoketest(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	results, err := s.serviceApi.Get(params.ApplicationGet{"wordpress"})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(results, gc.DeepEquals, params.ApplicationGetResults{
+		Application: "wordpress",
+		Charm:       "wordpress",
+		Config: map[string]interface{}{
+			"blog-title": map[string]interface{}{
+				"type":        "string",
+				"value":       "My Title",
+				"description": "A descriptive title used for the blog.",
+				"default":     true,
+			},
+		},
+		Series: "quantal",
+	})
+}
+
+func (s *getSuite) TestServiceGetUnknownService(c *gc.C) {
+	_, err := s.serviceApi.Get(params.ApplicationGet{"unknown"})
+	c.Assert(err, gc.ErrorMatches, `application "unknown" not found`)
+}
+
+var getTests = []struct {
+	about       string
+	charm       string
+	constraints string
+	config      charm.Settings
+	expect      params.ApplicationGetResults
+}{{
+	about:       "deployed service",
+	charm:       "dummy",
+	constraints: "mem=2G cpu-power=400",
+	config: charm.Settings{
+		// Different from default.
+		"title": "Look To Windward",
+		// Same as default.
+		"username": "admin001",
+		// Use default (but there's no charm default)
+		"skill-level": nil,
+		// Outlook is left unset.
+	},
+	expect: params.ApplicationGetResults{
+		Config: map[string]interface{}{
+			"title": map[string]interface{}{
+				"description": "A descriptive title used for the application.",
+				"type":        "string",
+				"value":       "Look To Windward",
+			},
+			"outlook": map[string]interface{}{
+				"description": "No default outlook.",
+				"type":        "string",
+				"default":     true,
+			},
+			"username": map[string]interface{}{
+				"description": "The name of the initial account (given admin permissions).",
+				"type":        "string",
+				"value":       "admin001",
+			},
+			"skill-level": map[string]interface{}{
+				"description": "A number indicating skill.",
+				"type":        "int",
+				"default":     true,
+			},
+		},
+		Series: "quantal",
+	},
+}, {
+	about: "deployed service  #2",
+	charm: "dummy",
+	config: charm.Settings{
+		// Set title to default.
+		"title": nil,
+		// Value when there's a default.
+		"username": "foobie",
+		// Numeric value.
+		"skill-level": 0,
+		// String value.
+		"outlook": "phlegmatic",
+	},
+	expect: params.ApplicationGetResults{
+		Config: map[string]interface{}{
+			"title": map[string]interface{}{
+				"description": "A descriptive title used for the application.",
+				"type":        "string",
+				"value":       "My Title",
+				"default":     true,
+			},
+			"outlook": map[string]interface{}{
+				"description": "No default outlook.",
+				"type":        "string",
+				"value":       "phlegmatic",
+			},
+			"username": map[string]interface{}{
+				"description": "The name of the initial account (given admin permissions).",
+				"type":        "string",
+				"value":       "foobie",
+			},
+			"skill-level": map[string]interface{}{
+				"description": "A number indicating skill.",
+				"type":        "int",
+				// TODO(jam): 2013-08-28 bug #1217742
+				// we have to use float64() here, because the
+				// API does not preserve int types. This used
+				// to be int64() but we end up with a type
+				// mismatch when comparing the content
+				"value": float64(0),
+			},
+		},
+		Series: "quantal",
+	},
+}, {
+	about: "subordinate service",
+	charm: "logging",
+	expect: params.ApplicationGetResults{
+		Config: map[string]interface{}{},
+		Series: "quantal",
+	},
+}}
+
+func (s *getSuite) TestServiceGet(c *gc.C) {
+	for i, t := range getTests {
+		c.Logf("test %d. %s", i, t.about)
+		ch := s.AddTestingCharm(c, t.charm)
+		svc := s.AddTestingService(c, fmt.Sprintf("test%d", i), ch)
+
+		var constraintsv constraints.Value
+		if t.constraints != "" {
+			constraintsv = constraints.MustParse(t.constraints)
+			err := svc.SetConstraints(constraintsv)
+			c.Assert(err, jc.ErrorIsNil)
+		}
+		if t.config != nil {
+			err := svc.UpdateConfigSettings(t.config)
+			c.Assert(err, jc.ErrorIsNil)
+		}
+		expect := t.expect
+		expect.Constraints = constraintsv
+		expect.Application = svc.Name()
+		expect.Charm = ch.Meta().Name
+		client := apiapplication.NewClient(s.APIState)
+		got, err := client.Get(svc.Name())
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(*got, gc.DeepEquals, expect)
+	}
+}
+
+func (s *getSuite) TestGetMaxResolutionInt(c *gc.C) {
+	// See the bug http://pad.lv/1217742
+	// Get ends up pushing a map[string]interface{} which containts
+	// an int64 through a JSON Marshal & Unmarshal which ends up changing
+	// the int64 into a float64. We will fix it if we find it is actually a
+	// problem.
+	const nonFloatInt = (int64(1) << 54) + 1
+	const asFloat = float64(nonFloatInt)
+	c.Assert(int64(asFloat), gc.Not(gc.Equals), nonFloatInt)
+	c.Assert(int64(asFloat)+1, gc.Equals, nonFloatInt)
+
+	ch := s.AddTestingCharm(c, "dummy")
+	svc := s.AddTestingService(c, "test-service", ch)
+
+	err := svc.UpdateConfigSettings(map[string]interface{}{"skill-level": nonFloatInt})
+	c.Assert(err, jc.ErrorIsNil)
+	client := apiapplication.NewClient(s.APIState)
+	got, err := client.Get(svc.Name())
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(got.Config["skill-level"], jc.DeepEquals, map[string]interface{}{
+		"description": "A number indicating skill.",
+		"type":        "int",
+		"value":       asFloat,
+	})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/application/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/application/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	stdtesting "testing"
+
+	"github.com/juju/juju/testing"
+)
+
+func TestAll(t *stdtesting.T) {
+	testing.MgoTestPackage(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/facade.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,83 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/state/watcher"
+	"gopkg.in/juju/names.v2"
+)
+
+// Backend exposes functionality required by Facade.
+type Backend interface {
+
+	// WatchScaledServices returns a watcher that sends service ids
+	// that might not have enough units.
+	WatchScaledServices() state.StringsWatcher
+
+	// RescaleService ensures that the named service has at least its
+	// configured minimum unit count.
+	RescaleService(name string) error
+}
+
+// Facade allows model-manager clients to watch and rescale services.
+type Facade struct {
+	backend   Backend
+	resources *common.Resources
+}
+
+// NewFacade creates a new authorized Facade.
+func NewFacade(backend Backend, res *common.Resources, auth common.Authorizer) (*Facade, error) {
+	if !auth.AuthModelManager() {
+		return nil, common.ErrPerm
+	}
+	return &Facade{
+		backend:   backend,
+		resources: res,
+	}, nil
+}
+
+// Watch returns a watcher that sends the names of services whose
+// unit count may be below their configured minimum.
+func (facade *Facade) Watch() (params.StringsWatchResult, error) {
+	watch := facade.backend.WatchScaledServices()
+	if changes, ok := <-watch.Changes(); ok {
+		id := facade.resources.Register(watch)
+		return params.StringsWatchResult{
+			StringsWatcherId: id,
+			Changes:          changes,
+		}, nil
+	}
+	return params.StringsWatchResult{}, watcher.EnsureErr(watch)
+}
+
+// Rescale causes any supplied services to be scaled up to their
+// minimum size.
+func (facade *Facade) Rescale(args params.Entities) params.ErrorResults {
+	result := params.ErrorResults{
+		Results: make([]params.ErrorResult, len(args.Entities)),
+	}
+	for i, entity := range args.Entities {
+		err := facade.rescaleOne(entity.Tag)
+		result.Results[i].Error = common.ServerError(err)
+	}
+	return result
+}
+
+// rescaleOne scales up the supplied service, if necessary; or returns a
+// suitable error.
+func (facade *Facade) rescaleOne(tagString string) error {
+	tag, err := names.ParseTag(tagString)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	ApplicationTag, ok := tag.(names.ApplicationTag)
+	if !ok {
+		return common.ErrPerm
+	}
+	return facade.backend.RescaleService(ApplicationTag.Id())
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/facade_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/facade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,102 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/apiserver/applicationscaler"
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+)
+
+type FacadeSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&FacadeSuite{})
+
+func (s *FacadeSuite) TestModelManager(c *gc.C) {
+	facade, err := applicationscaler.NewFacade(nil, nil, auth(true))
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(facade, gc.NotNil)
+}
+
+func (s *FacadeSuite) TestNotModelManager(c *gc.C) {
+	facade, err := applicationscaler.NewFacade(nil, nil, auth(false))
+	c.Check(err, gc.Equals, common.ErrPerm)
+	c.Check(facade, gc.IsNil)
+}
+
+func (s *FacadeSuite) TestWatchError(c *gc.C) {
+	fix := newWatchFixture(c, false)
+	result, err := fix.Facade.Watch()
+	c.Check(err, gc.ErrorMatches, "blammo")
+	c.Check(result, gc.DeepEquals, params.StringsWatchResult{})
+	c.Check(fix.Resources.Count(), gc.Equals, 0)
+}
+
+func (s *FacadeSuite) TestWatchSuccess(c *gc.C) {
+	fix := newWatchFixture(c, true)
+	result, err := fix.Facade.Watch()
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(result.Changes, jc.DeepEquals, []string{"pow", "zap", "kerblooie"})
+	c.Check(fix.Resources.Count(), gc.Equals, 1)
+	resource := fix.Resources.Get(result.StringsWatcherId)
+	c.Check(resource, gc.NotNil)
+}
+
+func (s *FacadeSuite) TestRescaleNonsense(c *gc.C) {
+	fix := newRescaleFixture(c)
+	result := fix.Facade.Rescale(entities("burble plink"))
+	c.Assert(result.Results, gc.HasLen, 1)
+	err := result.Results[0].Error
+	c.Check(err, gc.ErrorMatches, `"burble plink" is not a valid tag`)
+}
+
+func (s *FacadeSuite) TestRescaleUnauthorized(c *gc.C) {
+	fix := newRescaleFixture(c)
+	result := fix.Facade.Rescale(entities("unit-foo-27"))
+	c.Assert(result.Results, gc.HasLen, 1)
+	err := result.Results[0].Error
+	c.Check(err, gc.ErrorMatches, "permission denied")
+	c.Check(err, jc.Satisfies, params.IsCodeUnauthorized)
+}
+
+func (s *FacadeSuite) TestRescaleNotFound(c *gc.C) {
+	fix := newRescaleFixture(c)
+	result := fix.Facade.Rescale(entities("application-missing"))
+	c.Assert(result.Results, gc.HasLen, 1)
+	err := result.Results[0].Error
+	c.Check(err, gc.ErrorMatches, "application not found")
+	c.Check(err, jc.Satisfies, params.IsCodeNotFound)
+}
+
+func (s *FacadeSuite) TestRescaleError(c *gc.C) {
+	fix := newRescaleFixture(c)
+	result := fix.Facade.Rescale(entities("application-error"))
+	c.Assert(result.Results, gc.HasLen, 1)
+	err := result.Results[0].Error
+	c.Check(err, gc.ErrorMatches, "blammo")
+}
+
+func (s *FacadeSuite) TestRescaleSuccess(c *gc.C) {
+	fix := newRescaleFixture(c)
+	result := fix.Facade.Rescale(entities("application-expected"))
+	c.Assert(result.Results, gc.HasLen, 1)
+	err := result.Results[0].Error
+	c.Check(err, gc.IsNil)
+}
+
+func (s *FacadeSuite) TestRescaleMultiple(c *gc.C) {
+	fix := newRescaleFixture(c)
+	result := fix.Facade.Rescale(entities("application-error", "application-expected"))
+	c.Assert(result.Results, gc.HasLen, 2)
+	err0 := result.Results[0].Error
+	c.Check(err0, gc.ErrorMatches, "blammo")
+	err1 := result.Results[1].Error
+	c.Check(err1, gc.IsNil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestPackage(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/shim.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/shim.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,50 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/state"
+)
+
+// This file contains untested shims to let us wrap state in a sensible
+// interface and avoid writing tests that depend on mongodb. If you were
+// to change any part of it so that it were no longer *obviously* and
+// *trivially* correct, you would be Doing It Wrong.
+
+func init() {
+	common.RegisterStandardFacade("ApplicationScaler", 1, newFacade)
+}
+
+// newFacade wraps the supplied *state.State for the use of the Facade.
+func newFacade(st *state.State, res *common.Resources, auth common.Authorizer) (*Facade, error) {
+	return NewFacade(backendShim{st}, res, auth)
+}
+
+// backendShim wraps a *State to implement Backend without pulling in direct
+// mongodb dependencies. It would be awesome if we were to put this in state
+// and test it properly there, where we have no choice but to test against
+// mongodb anyway, but that's relatively low priority...
+//
+// ...so long as it stays simple, and the full functionality remains tested
+// elsewhere.
+type backendShim struct {
+	st *state.State
+}
+
+// WatchScaledServices is part of the Backend interface.
+func (shim backendShim) WatchScaledServices() state.StringsWatcher {
+	return shim.st.WatchMinUnits()
+}
+
+// RescaleService is part of the Backend interface.
+func (shim backendShim) RescaleService(name string) error {
+	service, err := shim.st.Application(name)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return service.EnsureMinUnits()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/applicationscaler/util_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/applicationscaler/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,112 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/apiserver/applicationscaler"
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+)
+
+// mockAuth implements common.Authorizer for the tests' convenience.
+type mockAuth struct {
+	common.Authorizer
+	modelManager bool
+}
+
+func (mock mockAuth) AuthModelManager() bool {
+	return mock.modelManager
+}
+
+// auth is a convenience constructor for a mockAuth.
+func auth(modelManager bool) common.Authorizer {
+	return mockAuth{modelManager: modelManager}
+}
+
+// mockWatcher implements state.StringsWatcher for the tests' convenience.
+type mockWatcher struct {
+	state.StringsWatcher
+	working bool
+}
+
+func (mock *mockWatcher) Changes() <-chan []string {
+	ch := make(chan []string, 1)
+	if mock.working {
+		ch <- []string{"pow", "zap", "kerblooie"}
+	} else {
+		close(ch)
+	}
+	return ch
+}
+
+func (mock *mockWatcher) Err() error {
+	return errors.New("blammo")
+}
+
+// watchBackend implements applicationscaler.Backend for the convenience of
+// the tests for the Watch method.
+type watchBackend struct {
+	applicationscaler.Backend
+	working bool
+}
+
+func (backend *watchBackend) WatchScaledServices() state.StringsWatcher {
+	return &mockWatcher{working: backend.working}
+}
+
+// watchFixture collects components needed to test the Watch method.
+type watchFixture struct {
+	Facade    *applicationscaler.Facade
+	Resources *common.Resources
+}
+
+func newWatchFixture(c *gc.C, working bool) *watchFixture {
+	backend := &watchBackend{working: working}
+	resources := common.NewResources()
+	facade, err := applicationscaler.NewFacade(backend, resources, auth(true))
+	c.Assert(err, jc.ErrorIsNil)
+	return &watchFixture{facade, resources}
+}
+
+// rescaleBackend implements applicationscaler.Backend for the convenience of
+// the tests for the Rescale method.
+type rescaleBackend struct {
+	applicationscaler.Backend
+}
+
+func (rescaleBackend) RescaleService(name string) error {
+	switch name {
+	case "expected":
+		return nil
+	case "missing":
+		return errors.NotFoundf("application")
+	default:
+		return errors.New("blammo")
+	}
+}
+
+// rescaleFixture collects components needed to test the Rescale method.
+type rescaleFixture struct {
+	Facade *applicationscaler.Facade
+}
+
+func newRescaleFixture(c *gc.C) *rescaleFixture {
+	facade, err := applicationscaler.NewFacade(rescaleBackend{}, nil, auth(true))
+	c.Assert(err, jc.ErrorIsNil)
+	return &rescaleFixture{facade}
+}
+
+// entities is a convenience constructor for params.Entities.
+func entities(tags ...string) params.Entities {
+	entities := params.Entities{Entities: make([]params.Entity, len(tags))}
+	for i, tag := range tags {
+		entities.Entities[i].Tag = tag
+	}
+	return entities
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authcontext.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authcontext.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authcontext.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authcontext.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 
@@ -107,17 +107,17 @@
 // macaroon-based logins for external users. This is just a helper function
 // for authCtxt.macaroonAuth.
 func newExternalMacaroonAuth(st *state.State) (*authentication.ExternalMacaroonAuthenticator, error) {
-	envCfg, err := st.ModelConfig()
+	controllerCfg, err := st.ControllerConfig()
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot get model config")
 	}
-	idURL := envCfg.IdentityURL()
+	idURL := controllerCfg.IdentityURL()
 	if idURL == "" {
 		return nil, errMacaroonAuthNotConfigured
 	}
 	// The identity server has been configured,
 	// so configure the bakery service appropriately.
-	idPK := envCfg.IdentityPublicKey()
+	idPK := controllerCfg.IdentityPublicKey()
 	if idPK == nil {
 		// No public key supplied - retrieve it from the identity manager.
 		idPK, err = httpbakery.PublicKeyForLocation(http.DefaultClient, idURL)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/agent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/agent.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/interfaces.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/interfaces.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/interfaces.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/interfaces.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package authentication
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package authentication_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/user.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/user.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/user.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/user.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,8 +8,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
 	"gopkg.in/macaroon.v1"
@@ -76,10 +76,9 @@
 // for invalid users.
 func (u *UserAuthenticator) CreateLocalLoginMacaroon(tag names.UserTag) (*macaroon.Macaroon, error) {
 
-	expiryTime := u.Clock.Now().Add(localLoginExpiryTime)
-
 	// Ensure that the private key that we generate and store will be
 	// removed from storage once the expiry time has elapsed.
+	expiryTime := u.Clock.Now().Add(localLoginExpiryTime)
 	bakeryService, err := u.Service.ExpireStorageAt(expiryTime)
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -110,6 +109,9 @@
 	_, err := u.Service.CheckAny(req.Macaroons, assert, checkers.New(checkers.TimeBefore))
 	if err != nil {
 		logger.Debugf("local-login macaroon authentication failed: %v", err)
+		if allMacaroonsExpired(u.Clock.Now(), req.Macaroons) {
+			return nil, common.ErrLoginExpired
+		}
 		return nil, errors.Trace(common.ErrBadCreds)
 	}
 	entity, err := entityFinder.FindEntity(tag)
@@ -121,6 +123,41 @@
 	return entity, nil
 }
 
+// allMacaroonsExpired reports whether or not all of the macaroon
+// slices' primary macaroons have expired.
+func allMacaroonsExpired(now time.Time, ms []macaroon.Slice) bool {
+	for _, ms := range ms {
+		if len(ms) == 0 {
+			continue
+		}
+		m := ms[0]
+		var expired bool
+		for _, c := range m.Caveats() {
+			if c.Location != "" {
+				continue
+			}
+			cond, arg, err := checkers.ParseCaveat(c.Id)
+			if err != nil {
+				continue
+			}
+			if cond != checkers.CondTimeBefore {
+				continue
+			}
+			t, err := time.Parse(time.RFC3339Nano, arg)
+			if err != nil {
+				return false
+			}
+			if !now.Before(t) {
+				expired = true
+			}
+		}
+		if !expired {
+			return false
+		}
+	}
+	return true
+}
+
 // ExternalMacaroonAuthenticator performs authentication for external users using
 // macaroons. If the authentication fails because provided macaroons are invalid,
 // and macaroon authentiction is enabled, it will return a *common.DischargeRequiredError
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/user_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/user_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authentication/user_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authentication/user_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,11 +9,11 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
 	"gopkg.in/macaroon-bakery.v1/bakerytest"
@@ -167,6 +167,35 @@
 	// no check for checker function, can't compare functions
 }
 
+func (s *userAuthenticatorSuite) TestMacaroonUserLoginExpired(c *gc.C) {
+	user := s.Factory.MakeUser(c, &factory.UserParams{
+		Name: "bobbrown",
+	})
+	clock := coretesting.NewClock(time.Now())
+
+	m := &macaroon.Macaroon{}
+	err := m.AddFirstPartyCaveat(
+		checkers.TimeBeforeCaveat(clock.Now().Add(-time.Second)).Condition,
+	)
+	c.Assert(err, jc.ErrorIsNil)
+
+	macaroons := []macaroon.Slice{{m}}
+	service := mockBakeryService{}
+	service.SetErrors(errors.New("auth failed"))
+
+	// User login
+	authenticator := &authentication.UserAuthenticator{
+		Service: &service,
+		Clock:   clock,
+	}
+	_, err = authenticator.Authenticate(s.State, user.Tag(), params.LoginRequest{
+		Credentials: "",
+		Nonce:       "",
+		Macaroons:   macaroons,
+	})
+	c.Assert(err, gc.Equals, common.ErrLoginExpired)
+}
+
 func (s *userAuthenticatorSuite) TestCreateLocalLoginMacaroon(c *gc.C) {
 	service := mockBakeryService{}
 	clock := coretesting.NewClock(time.Time{})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authenticator_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authenticator_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authenticator_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authenticator_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package apiserver_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver"
 	"github.com/juju/juju/apiserver/authentication"
@@ -68,7 +68,7 @@
 func (s *agentAuthenticatorSuite) TestNotSupportedTag(c *gc.C) {
 	srv := newServer(c, s.State)
 	defer srv.Stop()
-	authenticator, err := apiserver.ServerAuthenticatorForTag(srv, names.NewServiceTag("not-support"))
+	authenticator, err := apiserver.ServerAuthenticatorForTag(srv, names.NewApplicationTag("not-support"))
 	c.Assert(err, gc.ErrorMatches, "unexpected login entity tag: invalid request")
 	c.Assert(authenticator, gc.IsNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authhttp_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authhttp_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/authhttp_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/authhttp_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,12 +14,12 @@
 	"os"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/testing/httptesting"
 	"github.com/juju/utils"
 	"golang.org/x/net/websocket"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 
 	apitesting "github.com/juju/juju/api/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/backups.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/backups.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/backups.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/backups.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,36 +8,51 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/backups"
 )
 
-func init() {
-	common.RegisterStandardFacade("Backups", 1, NewAPI)
-}
-
 var logger = loggo.GetLogger("juju.apiserver.backups")
 
+// Backend exposes state.State functionality needed by the backups Facade.
+type Backend interface {
+	IsController() bool
+	Machine(id string) (*state.Machine, error)
+	MachineSeries(id string) (string, error)
+	MongoConnectionInfo() *mongo.MongoInfo
+	MongoSession() *mgo.Session
+	ModelTag() names.ModelTag
+	ModelConfig() (*config.Config, error)
+	ControllerConfig() (controller.Config, error)
+	StateServingInfo() (state.StateServingInfo, error)
+	RestoreInfo() *state.RestoreInfo
+}
+
 // API serves backup-specific API methods.
 type API struct {
-	st    *state.State
-	paths *backups.Paths
+	backend Backend
+	paths   *backups.Paths
 
 	// machineID is the ID of the machine where the API server is running.
 	machineID string
 }
 
 // NewAPI creates a new instance of the Backups API facade.
-func NewAPI(st *state.State, resources *common.Resources, authorizer common.Authorizer) (*API, error) {
+func NewAPI(backend Backend, resources *common.Resources, authorizer common.Authorizer) (*API, error) {
 	if !authorizer.AuthClient() {
 		return nil, errors.Trace(common.ErrPerm)
 	}
 
 	// For now, backup operations are only permitted on the controller environment.
-	if !st.IsController() {
+	if !backend.IsController() {
 		return nil, errors.New("backups are not supported for hosted models")
 	}
 
@@ -61,7 +76,7 @@
 		return nil, errors.Trace(err)
 	}
 	b := API{
-		st:        st,
+		backend:   backend,
 		paths:     &paths,
 		machineID: machineID,
 	}
@@ -81,8 +96,8 @@
 	return strRes.String(), nil
 }
 
-var newBackups = func(st *state.State) (backups.Backups, io.Closer) {
-	stor := backups.NewStorage(st)
+var newBackups = func(backend Backend) (backups.Backups, io.Closer) {
+	stor := backups.NewStorage(backend)
 	return backups.NewBackups(stor), stor
 }
 
@@ -110,6 +125,7 @@
 	result.Machine = meta.Origin.Machine
 	result.Hostname = meta.Origin.Hostname
 	result.Version = meta.Origin.Version
+	result.Series = meta.Origin.Series
 
 	// TODO(wallyworld) - remove these ASAP
 	// These are only used by the restore CLI when re-bootstrapping.
@@ -136,6 +152,7 @@
 	meta.Origin.Machine = result.Machine
 	meta.Origin.Hostname = result.Hostname
 	meta.Origin.Version = result.Version
+	meta.Origin.Series = result.Series
 	meta.Notes = result.Notes
 	meta.SetFileInfo(result.Size, result.Checksum, result.ChecksumFormat)
 	return meta
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/backups_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/backups_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/backups_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/backups_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,15 +8,14 @@
 	"io/ioutil"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	backupsAPI "github.com/juju/juju/apiserver/backups"
 	"github.com/juju/juju/apiserver/common"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
 	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/backups"
 	backupstesting "github.com/juju/juju/state/backups/testing"
 	"github.com/juju/juju/testing/factory"
@@ -39,7 +38,7 @@
 	tag := names.NewLocalUserTag("spam")
 	s.authorizer = &apiservertesting.FakeAuthorizer{Tag: tag}
 	var err error
-	s.api, err = backupsAPI.NewAPI(s.State, s.resources, s.authorizer)
+	s.api, err = backupsAPI.NewAPI(&stateShim{s.State}, s.resources, s.authorizer)
 	c.Assert(err, jc.ErrorIsNil)
 	s.meta = backupstesting.NewMetadataStarted()
 }
@@ -55,7 +54,7 @@
 		fake.Error = errors.Errorf(err)
 	}
 	s.PatchValue(backupsAPI.NewBackups,
-		func(*state.State) (backups.Backups, io.Closer) {
+		func(backupsAPI.Backend) (backups.Backups, io.Closer) {
 			return &fake, ioutil.NopCloser(nil)
 		},
 	)
@@ -68,13 +67,13 @@
 }
 
 func (s *backupsSuite) TestNewAPIOkay(c *gc.C) {
-	_, err := backupsAPI.NewAPI(s.State, s.resources, s.authorizer)
+	_, err := backupsAPI.NewAPI(&stateShim{s.State}, s.resources, s.authorizer)
 	c.Check(err, jc.ErrorIsNil)
 }
 
 func (s *backupsSuite) TestNewAPINotAuthorized(c *gc.C) {
-	s.authorizer.Tag = names.NewServiceTag("eggs")
-	_, err := backupsAPI.NewAPI(s.State, s.resources, s.authorizer)
+	s.authorizer.Tag = names.NewApplicationTag("eggs")
+	_, err := backupsAPI.NewAPI(&stateShim{s.State}, s.resources, s.authorizer)
 
 	c.Check(errors.Cause(err), gc.Equals, common.ErrPerm)
 }
@@ -82,6 +81,6 @@
 func (s *backupsSuite) TestNewAPIHostedEnvironmentFails(c *gc.C) {
 	otherState := factory.NewFactory(s.State).MakeModel(c, nil)
 	defer otherState.Close()
-	_, err := backupsAPI.NewAPI(otherState, s.resources, s.authorizer)
+	_, err := backupsAPI.NewAPI(&stateShim{otherState}, s.resources, s.authorizer)
 	c.Check(err, gc.ErrorMatches, "backups are not supported for hosted models")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/create.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/create.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/create.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/create.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,10 +16,10 @@
 // Create is the API method that requests juju to create a new backup
 // of its state.  It returns the metadata for that backup.
 func (a *API) Create(args params.BackupsCreateArgs) (p params.BackupsMetadataResult, err error) {
-	backupsMethods, closer := newBackups(a.st)
+	backupsMethods, closer := newBackups(a.backend)
 	defer closer.Close()
 
-	session := a.st.MongoSession().Copy()
+	session := a.backend.MongoSession().Copy()
 	defer session.Close()
 
 	// Don't go if HA isn't ready.
@@ -28,13 +28,17 @@
 		return p, errors.Annotatef(err, "HA not ready; try again later")
 	}
 
-	mgoInfo := a.st.MongoConnectionInfo()
+	mgoInfo := a.backend.MongoConnectionInfo()
 	dbInfo, err := backups.NewDBInfo(mgoInfo, session)
 	if err != nil {
 		return p, errors.Trace(err)
 	}
+	mSeries, err := a.backend.MachineSeries(a.machineID)
+	if err != nil {
+		return p, errors.Trace(err)
+	}
 
-	meta, err := backups.NewMetadataState(a.st, a.machineID)
+	meta, err := backups.NewMetadataState(a.backend, a.machineID, mSeries)
 	if err != nil {
 		return p, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/create_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/create_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/create_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/create_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -50,5 +50,6 @@
 	var args params.BackupsCreateArgs
 	_, err := s.api.Create(args)
 
+	c.Logf("%v", err)
 	c.Check(err, gc.ErrorMatches, "failed!")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/info.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/info.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/info.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/info.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 
 // Info provides the implementation of the API method.
 func (a *API) Info(args params.BackupsInfoArgs) (params.BackupsMetadataResult, error) {
-	backups, closer := newBackups(a.st)
+	backups, closer := newBackups(a.backend)
 	defer closer.Close()
 
 	meta, file, err := backups.Get(args.ID)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/list.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 func (a *API) List(args params.BackupsListArgs) (params.BackupsListResult, error) {
 	var result params.BackupsListResult
 
-	backups, closer := newBackups(a.st)
+	backups, closer := newBackups(a.backend)
 	defer closer.Close()
 
 	metaList, err := backups.List()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/mock_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package backups_test
+
+import "github.com/juju/juju/state"
+
+type stateShim struct {
+	*state.State
+}
+
+func (s *stateShim) MachineSeries(id string) (string, error) {
+	return "xenial", nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/remove.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 )
 
 func (a *API) Remove(args params.BackupsRemoveArgs) error {
-	backups, closer := newBackups(a.st)
+	backups, closer := newBackups(a.backend)
 	defer closer.Close()
 
 	err := backups.Remove(args.ID)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/restore.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/restore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/restore.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/restore.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"os"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/service"
@@ -21,13 +21,14 @@
 
 // Restore implements the server side of Backups.Restore.
 func (a *API) Restore(p params.RestoreArgs) error {
+	logger.Infof("Starting server side restore")
 
 	// Get hold of a backup file Reader
-	backup, closer := newBackups(a.st)
+	backup, closer := newBackups(a.backend)
 	defer closer.Close()
 
 	// Obtain the address of current machine, where we will be performing restore.
-	machine, err := a.st.Machine(a.machineID)
+	machine, err := a.backend.Machine(a.machineID)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -44,7 +45,7 @@
 
 	}
 
-	info := a.st.RestoreInfo()
+	info := a.backend.RestoreInfo()
 	// Signal to current state and api server that restore will begin
 	err = info.SetStatus(state.RestoreInProgress)
 	if err != nil {
@@ -69,13 +70,29 @@
 		NewInstSeries:  machine.Series(),
 	}
 
-	oldTagString, err := backup.Restore(p.BackupId, restoreArgs)
+	session := a.backend.MongoSession().Copy()
+	defer session.Close()
+
+	// Don't go if HA isn't ready.
+	err = waitUntilReady(session, 60)
+	if err != nil {
+		return errors.Annotatef(err, "HA not ready; try again later")
+	}
+
+	mgoInfo := a.backend.MongoConnectionInfo()
+	logger.Debugf("mongo info from state %+v", mgoInfo)
+	dbInfo, err := backups.NewDBInfo(mgoInfo, session)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	oldTagString, err := backup.Restore(p.BackupId, dbInfo, restoreArgs)
 	if err != nil {
 		return errors.Annotate(err, "restore failed")
 	}
 
 	// A backup can be made of any component of an ha array.
-	// The files in a backup dont contain purely relativized paths.
+	// The files in a backup don't contain purely relativized paths.
 	// If the backup is made of the bootstrap node (machine 0) the
 	// recently created machine will have the same paths and therefore
 	// the startup scripts will fit the new juju. If the backup belongs
@@ -114,14 +131,14 @@
 
 // PrepareRestore implements the server side of Backups.PrepareRestore.
 func (a *API) PrepareRestore() error {
-	info := a.st.RestoreInfo()
+	info := a.backend.RestoreInfo()
 	logger.Infof("entering restore preparation mode")
 	return info.SetStatus(state.RestorePending)
 }
 
 // FinishRestore implements the server side of Backups.FinishRestore.
 func (a *API) FinishRestore() error {
-	info := a.st.RestoreInfo()
+	info := a.backend.RestoreInfo()
 	currentStatus, err := info.Status()
 	if err != nil {
 		return errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backups/shim.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backups/shim.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,36 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package backups
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/state"
+)
+
+// This file contains untested shims to let us wrap state in a sensible
+// interface and avoid writing tests that depend on mongodb. If you were
+// to change any part of it so that it were no longer *obviously* and
+// *trivially* correct, you would be Doing It Wrong.
+
+func init() {
+	common.RegisterStandardFacade("Backups", 1, newAPI)
+}
+
+type stateShim struct {
+	*state.State
+}
+
+// MachineSeries implements backups.Backend
+func (s *stateShim) MachineSeries(id string) (string, error) {
+	m, err := s.State.Machine(id)
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+	return m.Series(), nil
+}
+
+func newAPI(st *state.State, resources *common.Resources, authorizer common.Authorizer) (*API, error) {
+	return NewAPI(&stateShim{st}, resources, authorizer)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backup_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backup_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/backup_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/backup_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -57,7 +57,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(resp.StatusCode, gc.Equals, statusCode, gc.Commentf("body: %s", body))
-	c.Assert(resp.Header.Get("Content-Type"), gc.Equals, params.ContentTypeJSON)
+	c.Assert(resp.Header.Get("Content-Type"), gc.Equals, params.ContentTypeJSON, gc.Commentf("body: %q", body))
 
 	var failure params.Error
 	err = json.Unmarshal(body, &failure)
@@ -108,7 +108,7 @@
 		url:      s.backupURL(c),
 		nonce:    "fake_nonce",
 	})
-	s.assertErrorResponse(c, resp, http.StatusUnauthorized, "invalid entity name or password")
+	s.assertErrorResponse(c, resp, http.StatusInternalServerError, "tag kind machine not valid")
 
 	// Now try a user login.
 	resp = s.authRequest(c, httpRequestParams{method: "POST", url: s.backupURL(c)})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/handlers.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/handlers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/handlers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/handlers.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/charmstore"
 	"github.com/juju/juju/state"
@@ -18,7 +18,7 @@
 type LatestCharmHandler interface {
 	// HandleLatest deals with the given charm info, treating it as the
 	// most up-to-date information for the charms most recent revision.
-	HandleLatest(names.ServiceTag, charmstore.CharmInfo) error
+	HandleLatest(names.ApplicationTag, charmstore.CharmInfo) error
 }
 
 type newHandlerFunc func(*state.State) (LatestCharmHandler, error)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/testing/suite.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/testing/suite.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/testing/suite.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/testing/suite.go	2016-07-18 19:45:44.000000000 +0000
@@ -91,7 +91,9 @@
 	c.Assert(m.Id(), gc.Equals, machineId)
 	cons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
-	inst, hc := jujutesting.AssertStartInstanceWithConstraints(c, s.jcSuite.Environ, m.Id(), cons)
+	controllerCfg, err := s.jcSuite.State.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	inst, hc := jujutesting.AssertStartInstanceWithConstraints(c, s.jcSuite.Environ, controllerCfg.ControllerUUID(), m.Id(), cons)
 	err = m.SetProvisioned(inst.Id(), "fake_nonce", hc)
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -117,14 +119,13 @@
 func (s *CharmSuite) AddService(c *gc.C, charmName, serviceName string) {
 	ch, ok := s.charms[charmName]
 	c.Assert(ok, jc.IsTrue)
-	owner := s.jcSuite.AdminUserTag(c)
-	_, err := s.jcSuite.State.AddService(state.AddServiceArgs{Name: serviceName, Owner: owner.String(), Charm: ch})
+	_, err := s.jcSuite.State.AddApplication(state.AddApplicationArgs{Name: serviceName, Charm: ch})
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-// AddUnit adds a new unit for service to the specified machine.
+// AddUnit adds a new unit for application to the specified machine.
 func (s *CharmSuite) AddUnit(c *gc.C, serviceName, machineId string) {
-	svc, err := s.jcSuite.State.Service(serviceName)
+	svc, err := s.jcSuite.State.Application(serviceName)
 	c.Assert(err, jc.ErrorIsNil)
 	u, err := svc.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
@@ -138,7 +139,7 @@
 func (s *CharmSuite) SetUnitRevision(c *gc.C, unitName string, rev int) {
 	u, err := s.jcSuite.State.Unit(unitName)
 	c.Assert(err, jc.ErrorIsNil)
-	svc, err := u.Service()
+	svc, err := u.Application()
 	c.Assert(err, jc.ErrorIsNil)
 	curl := charm.MustParseURL(fmt.Sprintf("cs:quantal/%s-%d", svc.Name(), rev))
 	err = u.SetCharmURL(curl)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,7 +16,7 @@
 var logger = loggo.GetLogger("juju.apiserver.charmrevisionupdater")
 
 func init() {
-	common.RegisterStandardFacade("CharmRevisionUpdater", 1, NewCharmRevisionUpdaterAPI)
+	common.RegisterStandardFacade("CharmRevisionUpdater", 2, NewCharmRevisionUpdaterAPI)
 }
 
 // CharmRevisionUpdater defines the methods on the charmrevisionupdater API end point.
@@ -78,7 +78,7 @@
 		}
 
 		// Then run through the handlers.
-		serviceID := info.service.ServiceTag()
+		serviceID := info.service.ApplicationTag()
 		for _, handler := range handlers {
 			if err := handler.HandleLatest(serviceID, info.CharmInfo); err != nil {
 				return err
@@ -97,7 +97,7 @@
 
 type latestCharmInfo struct {
 	charmstore.CharmInfo
-	service *state.Service
+	service *state.Application
 }
 
 // retrieveLatestCharmInfo looks up the charm store to return the charm URLs for the
@@ -109,7 +109,7 @@
 		return nil, err
 	}
 
-	services, err := st.AllServices()
+	services, err := st.AllApplications()
 	if err != nil {
 		return nil, err
 	}
@@ -120,7 +120,7 @@
 	}
 
 	var charms []charmstore.CharmID
-	var resultsIndexedServices []*state.Service
+	var resultsIndexedServices []*state.Application
 	for _, service := range services {
 		curl, _ := service.CharmURL()
 		if curl.Schema == "local" {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charmrevisionupdater/updater_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -108,7 +108,7 @@
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 
 	// Update mysql version and run update again.
-	svc, err := s.State.Service("mysql")
+	svc, err := s.State.Application("mysql")
 	c.Assert(err, jc.ErrorIsNil)
 	ch := s.AddCharmWithRevision(c, "mysql", 23)
 	cfg := state.SetCharmConfig{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms/client.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"github.com/juju/errors"
 	"github.com/juju/utils/set"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charm.v6-unstable/resource"
 
-	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
@@ -25,8 +25,8 @@
 // Charms defines the methods on the charms API end point.
 type Charms interface {
 	List(args params.CharmsList) (params.CharmsListResult, error)
-	CharmInfo(args params.CharmInfo) (api.CharmInfo, error)
-	IsMetered(args params.CharmInfo) (bool, error)
+	CharmInfo(args params.CharmURL) (params.CharmInfo, error)
+	IsMetered(args params.CharmURL) (bool, error)
 }
 
 // API implements the charms interface and is the concrete
@@ -53,21 +53,23 @@
 }
 
 // CharmInfo returns information about the requested charm.
-func (a *API) CharmInfo(args params.CharmInfo) (api.CharmInfo, error) {
-	curl, err := charm.ParseURL(args.CharmURL)
+// NOTE: thumper 2016-06-29, this is not a bulk call and probably should be.
+func (a *API) CharmInfo(args params.CharmURL) (params.CharmInfo, error) {
+	curl, err := charm.ParseURL(args.URL)
 	if err != nil {
-		return api.CharmInfo{}, err
+		return params.CharmInfo{}, err
 	}
 	aCharm, err := a.access.Charm(curl)
 	if err != nil {
-		return api.CharmInfo{}, err
+		return params.CharmInfo{}, err
 	}
-	info := api.CharmInfo{
+	info := params.CharmInfo{
 		Revision: aCharm.Revision(),
 		URL:      curl.String(),
-		Config:   aCharm.Config(),
-		Meta:     aCharm.Meta(),
-		Actions:  aCharm.Actions(),
+		Config:   convertCharmConfig(aCharm.Config()),
+		Meta:     convertCharmMeta(aCharm.Meta()),
+		Actions:  convertCharmActions(aCharm.Actions()),
+		Metrics:  convertCharmMetrics(aCharm.Metrics()),
 	}
 	return info, nil
 }
@@ -97,8 +99,8 @@
 }
 
 // IsMetered returns whether or not the charm is metered.
-func (a *API) IsMetered(args params.CharmInfo) (params.IsMeteredResult, error) {
-	curl, err := charm.ParseURL(args.CharmURL)
+func (a *API) IsMetered(args params.CharmURL) (params.IsMeteredResult, error) {
+	curl, err := charm.ParseURL(args.URL)
 	if err != nil {
 		return params.IsMeteredResult{false}, err
 	}
@@ -111,3 +113,201 @@
 	}
 	return params.IsMeteredResult{false}, nil
 }
+
+func convertCharmConfig(config *charm.Config) map[string]params.CharmOption {
+	if config == nil {
+		return nil
+	}
+	result := make(map[string]params.CharmOption)
+	for key, value := range config.Options {
+		result[key] = convertCharmOption(value)
+	}
+	return result
+}
+
+func convertCharmOption(opt charm.Option) params.CharmOption {
+	return params.CharmOption{
+		Type:        opt.Type,
+		Description: opt.Description,
+		Default:     opt.Default,
+	}
+}
+
+func convertCharmMeta(meta *charm.Meta) *params.CharmMeta {
+	if meta == nil {
+		return nil
+	}
+	result := &params.CharmMeta{
+		Name:           meta.Name,
+		Summary:        meta.Summary,
+		Description:    meta.Description,
+		Subordinate:    meta.Subordinate,
+		Provides:       convertCharmRelationMap(meta.Provides),
+		Requires:       convertCharmRelationMap(meta.Requires),
+		Peers:          convertCharmRelationMap(meta.Peers),
+		ExtraBindings:  convertCharmExtraBindingMap(meta.ExtraBindings),
+		Categories:     meta.Categories,
+		Tags:           meta.Tags,
+		Series:         meta.Series,
+		Storage:        convertCharmStorageMap(meta.Storage),
+		PayloadClasses: convertCharmPayloadClassMap(meta.PayloadClasses),
+		Resources:      convertCharmResourceMetaMap(meta.Resources),
+		Terms:          meta.Terms,
+		MinJujuVersion: meta.MinJujuVersion.String(),
+	}
+
+	return result
+}
+
+func convertCharmRelationMap(relations map[string]charm.Relation) map[string]params.CharmRelation {
+	if len(relations) == 0 {
+		return nil
+	}
+	result := make(map[string]params.CharmRelation)
+	for key, value := range relations {
+		result[key] = convertCharmRelation(value)
+	}
+	return result
+}
+
+func convertCharmRelation(relation charm.Relation) params.CharmRelation {
+	return params.CharmRelation{
+		Name:      relation.Name,
+		Role:      string(relation.Role),
+		Interface: relation.Interface,
+		Optional:  relation.Optional,
+		Limit:     relation.Limit,
+		Scope:     string(relation.Scope),
+	}
+}
+
+func convertCharmStorageMap(storage map[string]charm.Storage) map[string]params.CharmStorage {
+	if len(storage) == 0 {
+		return nil
+	}
+	result := make(map[string]params.CharmStorage)
+	for key, value := range storage {
+		result[key] = convertCharmStorage(value)
+	}
+	return result
+}
+
+func convertCharmStorage(storage charm.Storage) params.CharmStorage {
+	return params.CharmStorage{
+		Name:        storage.Name,
+		Description: storage.Description,
+		Type:        string(storage.Type),
+		Shared:      storage.Shared,
+		ReadOnly:    storage.ReadOnly,
+		CountMin:    storage.CountMin,
+		CountMax:    storage.CountMax,
+		MinimumSize: storage.MinimumSize,
+		Location:    storage.Location,
+		Properties:  storage.Properties,
+	}
+}
+
+func convertCharmPayloadClassMap(payload map[string]charm.PayloadClass) map[string]params.CharmPayloadClass {
+	if len(payload) == 0 {
+		return nil
+	}
+	result := make(map[string]params.CharmPayloadClass)
+	for key, value := range payload {
+		result[key] = convertCharmPayloadClass(value)
+	}
+	return result
+}
+
+func convertCharmPayloadClass(payload charm.PayloadClass) params.CharmPayloadClass {
+	return params.CharmPayloadClass{
+		Name: payload.Name,
+		Type: payload.Type,
+	}
+}
+
+func convertCharmResourceMetaMap(resources map[string]resource.Meta) map[string]params.CharmResourceMeta {
+	if len(resources) == 0 {
+		return nil
+	}
+	result := make(map[string]params.CharmResourceMeta)
+	for key, value := range resources {
+		result[key] = convertCharmResourceMeta(value)
+	}
+	return result
+}
+
+func convertCharmResourceMeta(meta resource.Meta) params.CharmResourceMeta {
+	return params.CharmResourceMeta{
+		Name:        meta.Name,
+		Type:        meta.Type.String(),
+		Path:        meta.Path,
+		Description: meta.Description,
+	}
+}
+
+func convertCharmActions(actions *charm.Actions) *params.CharmActions {
+	if actions == nil {
+		return nil
+	}
+	result := &params.CharmActions{
+		ActionSpecs: convertCharmActionSpecMap(actions.ActionSpecs),
+	}
+
+	return result
+}
+
+func convertCharmActionSpecMap(specs map[string]charm.ActionSpec) map[string]params.CharmActionSpec {
+	if len(specs) == 0 {
+		return nil
+	}
+	result := make(map[string]params.CharmActionSpec)
+	for key, value := range specs {
+		result[key] = convertCharmActionSpec(value)
+	}
+	return result
+}
+
+func convertCharmActionSpec(spec charm.ActionSpec) params.CharmActionSpec {
+	return params.CharmActionSpec{
+		Description: spec.Description,
+		Params:      spec.Params,
+	}
+}
+
+func convertCharmMetrics(metrics *charm.Metrics) *params.CharmMetrics {
+	if metrics == nil {
+		return nil
+	}
+	return &params.CharmMetrics{
+		Metrics: convertCharmMetricMap(metrics.Metrics),
+	}
+}
+
+func convertCharmMetricMap(metrics map[string]charm.Metric) map[string]params.CharmMetric {
+	if len(metrics) == 0 {
+		return nil
+	}
+	result := make(map[string]params.CharmMetric)
+	for key, value := range metrics {
+		result[key] = convertCharmMetric(value)
+	}
+	return result
+}
+
+func convertCharmMetric(metric charm.Metric) params.CharmMetric {
+	return params.CharmMetric{
+		Type:        string(metric.Type),
+		Description: metric.Description,
+	}
+}
+
+func convertCharmExtraBindingMap(bindings map[string]charm.ExtraBinding) map[string]string {
+	if len(bindings) == 0 {
+		return nil
+	}
+	result := make(map[string]string)
+	for key, value := range bindings {
+		result[key] = value.Name
+	}
+	return result
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,7 @@
 import (
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
 
-	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/charms"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -17,20 +15,16 @@
 	"github.com/juju/juju/testing/factory"
 )
 
-type baseCharmsSuite struct {
+type charmsSuite struct {
 	// TODO(anastasiamac) mock to remove JujuConnSuite
 	jujutesting.JujuConnSuite
-}
-
-type charmsSuite struct {
-	baseCharmsSuite
 	api *charms.API
 }
 
 var _ = gc.Suite(&charmsSuite{})
 
 func (s *charmsSuite) SetUpTest(c *gc.C) {
-	s.baseCharmsSuite.SetUpTest(c)
+	s.JujuConnSuite.SetUpTest(c)
 
 	var err error
 	auth := testing.FakeAuthorizer{
@@ -41,33 +35,58 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-var _ = gc.Suite(&baseCharmsSuite{})
-
-func (s *baseCharmsSuite) TestClientCharmInfo(c *gc.C) {
+func (s *charmsSuite) TestClientCharmInfo(c *gc.C) {
 	var clientCharmInfoTests = []struct {
-		about           string
-		charm           string
-		url             string
-		expectedActions *charm.Actions
-		err             string
+		about    string
+		charm    string
+		url      string
+		expected params.CharmInfo
+		err      string
 	}{
 		{
 			about: "dummy charm which contains an expectedActions spec",
 			charm: "dummy",
 			url:   "local:quantal/dummy-1",
-			expectedActions: &charm.Actions{
-				ActionSpecs: map[string]charm.ActionSpec{
-					"snapshot": {
-						Description: "Take a snapshot of the database.",
-						Params: map[string]interface{}{
-							"type":        "object",
-							"title":       "snapshot",
-							"description": "Take a snapshot of the database.",
-							"properties": map[string]interface{}{
-								"outfile": map[string]interface{}{
-									"default":     "foo.bz2",
-									"description": "The file to write out to.",
-									"type":        "string",
+			expected: params.CharmInfo{
+				Revision: 1,
+				URL:      "local:quantal/dummy-1",
+				Config: map[string]params.CharmOption{
+					"skill-level": params.CharmOption{
+						Type:        "int",
+						Description: "A number indicating skill."},
+					"title": params.CharmOption{
+						Type:        "string",
+						Description: "A descriptive title used for the application.",
+						Default:     "My Title"},
+					"outlook": params.CharmOption{
+						Type:        "string",
+						Description: "No default outlook."},
+					"username": params.CharmOption{
+						Type:        "string",
+						Description: "The name of the initial account (given admin permissions).",
+						Default:     "admin001"},
+				},
+				Meta: &params.CharmMeta{
+					Name:           "dummy",
+					Summary:        "That's a dummy charm.",
+					Description:    "This is a longer description which\npotentially contains multiple lines.\n",
+					Subordinate:    false,
+					MinJujuVersion: "0.0.0",
+				},
+				Actions: &params.CharmActions{
+					ActionSpecs: map[string]params.CharmActionSpec{
+						"snapshot": params.CharmActionSpec{
+							Description: "Take a snapshot of the database.",
+							Params: map[string]interface{}{
+								"title":       "snapshot",
+								"description": "Take a snapshot of the database.",
+								"type":        "object",
+								"properties": map[string]interface{}{
+									"outfile": map[string]interface{}{
+										"type":        "string",
+										"description": "The file to write out to.",
+										"default":     "foo.bz2",
+									},
 								},
 							},
 						},
@@ -79,18 +98,74 @@
 			about: "retrieves charm info",
 			// Use wordpress for tests so that we can compare Provides and Requires.
 			charm: "wordpress",
-			expectedActions: &charm.Actions{ActionSpecs: map[string]charm.ActionSpec{
-				"fakeaction": {
-					Description: "No description",
-					Params: map[string]interface{}{
-						"type":        "object",
-						"title":       "fakeaction",
-						"description": "No description",
-						"properties":  map[string]interface{}{},
+			url:   "local:quantal/wordpress-3",
+			expected: params.CharmInfo{
+				Revision: 3,
+				URL:      "local:quantal/wordpress-3",
+				Config: map[string]params.CharmOption{
+					"blog-title": params.CharmOption{Type: "string", Description: "A descriptive title used for the blog.", Default: "My Title"}},
+				Meta: &params.CharmMeta{
+					Name:        "wordpress",
+					Summary:     "Blog engine",
+					Description: "A pretty popular blog engine",
+					Subordinate: false,
+					Provides: map[string]params.CharmRelation{
+						"logging-dir": params.CharmRelation{
+							Name:      "logging-dir",
+							Role:      "provider",
+							Interface: "logging",
+							Scope:     "container",
+						},
+						"monitoring-port": params.CharmRelation{
+							Name:      "monitoring-port",
+							Role:      "provider",
+							Interface: "monitoring",
+							Scope:     "container",
+						},
+						"url": params.CharmRelation{
+							Name:      "url",
+							Role:      "provider",
+							Interface: "http",
+							Scope:     "global",
+						},
+					},
+					Requires: map[string]params.CharmRelation{
+						"cache": params.CharmRelation{
+							Name:      "cache",
+							Role:      "requirer",
+							Interface: "varnish",
+							Optional:  true,
+							Limit:     2,
+							Scope:     "global",
+						},
+						"db": params.CharmRelation{
+							Name:      "db",
+							Role:      "requirer",
+							Interface: "mysql",
+							Limit:     1,
+							Scope:     "global",
+						},
+					},
+					ExtraBindings: map[string]string{
+						"admin-api": "admin-api",
+						"foo-bar":   "foo-bar",
+						"db-client": "db-client",
+					},
+					MinJujuVersion: "0.0.0",
+				},
+				Actions: &params.CharmActions{
+					ActionSpecs: map[string]params.CharmActionSpec{
+						"fakeaction": params.CharmActionSpec{
+							Description: "No description",
+							Params: map[string]interface{}{
+								"properties":  map[string]interface{}{},
+								"description": "No description",
+								"type":        "object",
+								"title":       "fakeaction"},
+						},
 					},
 				},
-			}},
-			url: "local:quantal/wordpress-3",
+			},
 		},
 		{
 			about: "invalid URL",
@@ -108,30 +183,41 @@
 			about: "unknown charm",
 			charm: "wordpress",
 			url:   "cs:missing/one-1",
-			err:   `charm "cs:missing/one-1" not found \(not found\)`,
+			err:   `charm "cs:missing/one-1" not found`,
 		},
 	}
 
 	for i, t := range clientCharmInfoTests {
 		c.Logf("test %d. %s", i, t.about)
-		aCharm := s.AddTestingCharm(c, t.charm)
-		info, err := s.APIState.Client().CharmInfo(t.url)
+		s.AddTestingCharm(c, t.charm)
+		info, err := s.api.CharmInfo(params.CharmURL{t.url})
 		if t.err != "" {
 			c.Check(err, gc.ErrorMatches, t.err)
 			continue
 		}
 		c.Assert(err, jc.ErrorIsNil)
-		expected := &api.CharmInfo{
-			Revision: aCharm.Revision(),
-			URL:      aCharm.URL().String(),
-			Config:   aCharm.Config(),
-			Meta:     aCharm.Meta(),
-			Actions:  aCharm.Actions(),
-		}
-		c.Check(info, jc.DeepEquals, expected)
-		c.Check(info.Actions, jc.DeepEquals, t.expectedActions)
+		c.Check(info, jc.DeepEquals, t.expected)
 	}
 }
+
+func (s *charmsSuite) TestMeteredCharmInfo(c *gc.C) {
+	meteredCharm := s.Factory.MakeCharm(
+		c, &factory.CharmParams{Name: "metered", URL: "cs:xenial/metered"})
+	info, err := s.api.CharmInfo(params.CharmURL{
+		URL: meteredCharm.URL().String(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	expected := &params.CharmMetrics{
+		Metrics: map[string]params.CharmMetric{
+			"pings": params.CharmMetric{
+				Type:        "gauge",
+				Description: "Description of the metric."},
+			"juju-units": params.CharmMetric{
+				Type:        "",
+				Description: ""}}}
+	c.Assert(info.Metrics, jc.DeepEquals, expected)
+}
+
 func (s *charmsSuite) TestListCharmsNoFilter(c *gc.C) {
 	s.assertListCharms(c, []string{"dummy"}, []string{}, []string{"local:quantal/dummy-1"})
 }
@@ -156,8 +242,8 @@
 
 func (s *charmsSuite) TestIsMeteredFalse(c *gc.C) {
 	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-	metered, err := s.api.IsMetered(params.CharmInfo{
-		CharmURL: charm.URL().String(),
+	metered, err := s.api.IsMetered(params.CharmURL{
+		URL: charm.URL().String(),
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(metered.Metered, jc.IsFalse)
@@ -165,8 +251,8 @@
 
 func (s *charmsSuite) TestIsMeteredTrue(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	metered, err := s.api.IsMetered(params.CharmInfo{
-		CharmURL: meteredCharm.URL().String(),
+	metered, err := s.api.IsMetered(params.CharmURL{
+		URL: meteredCharm.URL().String(),
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(metered.Metered, jc.IsTrue)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,9 +24,9 @@
 	ziputil "github.com/juju/utils/zip"
 	"gopkg.in/juju/charm.v6-unstable"
 
+	"github.com/juju/juju/apiserver/application"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/apiserver/service"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/storage"
 )
@@ -375,7 +375,7 @@
 	}
 	bundleSHA256 := hex.EncodeToString(hash.Sum(nil))
 
-	info := service.CharmArchive{
+	info := application.CharmArchive{
 		ID:     curl,
 		Charm:  archive,
 		Data:   &repackagedArchive,
@@ -383,7 +383,7 @@
 		SHA256: bundleSHA256,
 	}
 	// Store the charm archive in environment storage.
-	return service.StoreCharmArchive(st, info)
+	return application.StoreCharmArchive(st, info)
 }
 
 // processGet handles a charm file GET request after authentication.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/charms_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/charms_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -139,7 +139,7 @@
 		url:      s.charmsURI(c, ""),
 		nonce:    "fake_nonce",
 	})
-	s.assertErrorResponse(c, resp, http.StatusUnauthorized, "invalid entity name or password")
+	s.assertErrorResponse(c, resp, http.StatusInternalServerError, "tag kind machine not valid")
 
 	// Now try a user login.
 	resp = s.authRequest(c, httpRequestParams{method: "POST", url: s.charmsURI(c, "")})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/api_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
@@ -28,6 +28,7 @@
 	"github.com/juju/juju/storage/provider"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/worker"
 )
 
 type baseSuite struct {
@@ -73,8 +74,8 @@
 	panic("unreachable")
 }
 
-func removeServiceAndUnits(c *gc.C, service *state.Service) {
-	// Destroy all units for the service.
+func removeServiceAndUnits(c *gc.C, service *state.Application) {
+	// Destroy all units for the application.
 	units, err := service.AllUnits()
 	c.Assert(err, jc.ErrorIsNil)
 	for _, unit := range units {
@@ -108,11 +109,17 @@
 }
 
 type setStatuser interface {
-	SetStatus(statuSettable status.Status, info string, data map[string]interface{}) error
+	SetStatus(status.StatusInfo) error
 }
 
 func setDefaultStatus(c *gc.C, entity setStatuser) {
-	err := entity.SetStatus(status.StatusStarted, "", nil)
+	now := time.Now()
+	s := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "",
+		Since:   &now,
+	}
+	err := entity.SetStatus(s)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -154,7 +161,11 @@
 // but this behavior is already tested in cmd/juju/status_test.go and
 // also tested live and it works.
 var scenarioStatus = &params.FullStatus{
-	ModelName: "admin",
+	Model: params.ModelStatusInfo{
+		Name:    "controller",
+		Cloud:   "dummy",
+		Version: "1.2.3",
+	},
 	Machines: map[string]params.MachineStatus{
 		"0": {
 			Id:         "0",
@@ -164,7 +175,7 @@
 				Data:   make(map[string]interface{}),
 			},
 			InstanceStatus: params.DetailedStatus{
-				Status: status.StatusPending,
+				Status: status.StatusPending.String(),
 				Data:   make(map[string]interface{}),
 			},
 			Series:     "quantal",
@@ -181,7 +192,7 @@
 				Data:   make(map[string]interface{}),
 			},
 			InstanceStatus: params.DetailedStatus{
-				Status: status.StatusPending,
+				Status: status.StatusPending.String(),
 				Data:   make(map[string]interface{}),
 			},
 			Series:     "quantal",
@@ -198,7 +209,7 @@
 				Data:   make(map[string]interface{}),
 			},
 			InstanceStatus: params.DetailedStatus{
-				Status: status.StatusPending,
+				Status: status.StatusPending.String(),
 				Data:   make(map[string]interface{}),
 			},
 			Series:     "quantal",
@@ -208,9 +219,10 @@
 			WantsVote:  false,
 		},
 	},
-	Services: map[string]params.ServiceStatus{
+	Applications: map[string]params.ApplicationStatus{
 		"logging": {
-			Charm: "local:quantal/logging-1",
+			Charm:  "local:quantal/logging-1",
+			Series: "quantal",
 			Relations: map[string][]string{
 				"logging-directory": {"wordpress"},
 			},
@@ -219,6 +231,7 @@
 		},
 		"mysql": {
 			Charm:         "local:quantal/mysql-1",
+			Series:        "quantal",
 			Relations:     map[string][]string{},
 			SubordinateTo: []string{},
 			Units:         map[string]params.UnitStatus{},
@@ -229,7 +242,8 @@
 			},
 		},
 		"wordpress": {
-			Charm: "local:quantal/wordpress-3",
+			Charm:  "local:quantal/wordpress-3",
+			Series: "quantal",
 			Relations: map[string][]string{
 				"logging-dir": {"logging"},
 			},
@@ -302,16 +316,16 @@
 			Key: "logging:logging-directory wordpress:logging-dir",
 			Endpoints: []params.EndpointStatus{
 				{
-					ServiceName: "logging",
-					Name:        "logging-directory",
-					Role:        "requirer",
-					Subordinate: true,
+					ApplicationName: "logging",
+					Name:            "logging-directory",
+					Role:            "requirer",
+					Subordinate:     true,
 				},
 				{
-					ServiceName: "wordpress",
-					Name:        "logging-dir",
-					Role:        "provider",
-					Subordinate: false,
+					ApplicationName: "wordpress",
+					Name:            "logging-dir",
+					Role:            "provider",
+					Subordinate:     false,
 				},
 			},
 			Interface: "logging",
@@ -343,8 +357,8 @@
 //  nonce="fake_nonce"
 //  jobs=host-units
 //  status=started, info=""
-// service-wordpress
-// service-logging
+// application-wordpress
+// application-logging
 // unit-wordpress-0
 //  deployer-name=machine-1
 //  status=down with error and status data attached
@@ -371,6 +385,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 	setDefaultPassword(c, u)
 	add(u)
+	err = s.State.UpdateModelConfig(map[string]interface{}{
+		config.AgentVersionKey: "1.2.3"}, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
 
 	u = s.Factory.MakeUser(c, &factory.UserParams{Name: "other"})
 	setDefaultPassword(c, u)
@@ -431,7 +448,14 @@
 				"remote-unit": "logging/0",
 				"foo":         "bar",
 			}
-			err := wu.SetAgentStatus(status.StatusError, "blam", sd)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusError,
+				Message: "blam",
+				Data:    sd,
+				Since:   &now,
+			}
+			err := wu.SetAgentStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 		}
 
@@ -464,8 +488,12 @@
 }
 
 func (s *baseSuite) setAgentPresence(c *gc.C, u *state.Unit) {
-	_, err := u.SetAgentPresence()
+	pinger, err := u.SetAgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
+	s.AddCleanup(func(c *gc.C) {
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
+	})
+
 	s.State.StartSync()
 	s.BackingState.StartSync()
 	err = u.WaitAgentPresence(coretesting.LongWait)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/bundles_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/bundles_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/bundles_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/bundles_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,14 +15,14 @@
 		BundleDataYAML: ":",
 	}
 	r, err := s.client.GetBundleChanges(args)
-	c.Assert(err, gc.ErrorMatches, `cannot read bundle YAML: cannot unmarshal bundle data: YAML error: did not find expected key`)
+	c.Assert(err, gc.ErrorMatches, `cannot read bundle YAML: cannot unmarshal bundle data: yaml: did not find expected key`)
 	c.Assert(r, gc.DeepEquals, params.GetBundleChangesResults{})
 }
 
 func (s *serverSuite) TestGetBundleChangesBundleVerificationErrors(c *gc.C) {
 	args := params.GetBundleChangesParams{
 		BundleDataYAML: `
-            services:
+            applications:
                 django:
                     charm: django
                     to: [1]
@@ -36,16 +36,16 @@
 	c.Assert(r.Changes, gc.IsNil)
 	c.Assert(r.Errors, jc.SameContents, []string{
 		`placement "1" refers to a machine not defined in this bundle`,
-		`too many units specified in unit placement for service "django"`,
-		`invalid charm URL in service "haproxy": URL has invalid charm or bundle name: "42"`,
-		`negative number of units specified on service "haproxy"`,
+		`too many units specified in unit placement for application "django"`,
+		`invalid charm URL in application "haproxy": URL has invalid charm or bundle name: "42"`,
+		`negative number of units specified on application "haproxy"`,
 	})
 }
 
 func (s *serverSuite) TestGetBundleChangesBundleConstraintsError(c *gc.C) {
 	args := params.GetBundleChangesParams{
 		BundleDataYAML: `
-            services:
+            applications:
                 django:
                     charm: django
                     num_units: 1
@@ -56,14 +56,14 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(r.Changes, gc.IsNil)
 	c.Assert(r.Errors, jc.SameContents, []string{
-		`invalid constraints "bad=wolf" in service "django": unknown constraint "bad"`,
+		`invalid constraints "bad=wolf" in application "django": unknown constraint "bad"`,
 	})
 }
 
 func (s *serverSuite) TestGetBundleChangesBundleStorageError(c *gc.C) {
 	args := params.GetBundleChangesParams{
 		BundleDataYAML: `
-            services:
+            applications:
                 django:
                     charm: django
                     num_units: 1
@@ -75,14 +75,14 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(r.Changes, gc.IsNil)
 	c.Assert(r.Errors, jc.SameContents, []string{
-		`invalid storage "bad" in service "django": cannot parse count: count must be greater than zero, got "0"`,
+		`invalid storage "bad" in application "django": cannot parse count: count must be greater than zero, got "0"`,
 	})
 }
 
 func (s *serverSuite) TestGetBundleChangesSuccess(c *gc.C) {
 	args := params.GetBundleChangesParams{
 		BundleDataYAML: `
-            services:
+            applications:
                 django:
                     charm: django
                     options:
@@ -138,7 +138,7 @@
 func (s *serverSuite) TestGetBundleChangesBundleEndpointBindingsSuccess(c *gc.C) {
 	args := params.GetBundleChangesParams{
 		BundleDataYAML: `
-            services:
+            applications:
                 django:
                     charm: django
                     num_units: 1
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/client.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,13 +8,11 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
-	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
-	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/application"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/apiserver/service"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/manual"
@@ -258,7 +256,7 @@
 		Jobs:        jobs,
 		Nonce:       p.Nonce,
 		HardwareCharacteristics: p.HardwareCharacteristics,
-		Addresses:               params.NetworkAddresses(p.Addrs),
+		Addresses:               params.NetworkAddresses(p.Addrs...),
 		Placement:               placementDirective,
 	}
 	if p.ContainerType == "" {
@@ -317,26 +315,6 @@
 	return common.DestroyMachines(c.api.stateAccessor, args.Force, args.MachineNames...)
 }
 
-// CharmInfo returns information about the requested charm.
-func (c *Client) CharmInfo(args params.CharmInfo) (api.CharmInfo, error) {
-	curl, err := charm.ParseURL(args.CharmURL)
-	if err != nil {
-		return api.CharmInfo{}, err
-	}
-	charm, err := c.api.stateAccessor.Charm(curl)
-	if err != nil {
-		return api.CharmInfo{}, err
-	}
-	info := api.CharmInfo{
-		Revision: charm.Revision(),
-		URL:      curl.String(),
-		Config:   charm.Config(),
-		Meta:     charm.Meta(),
-		Actions:  charm.Actions(),
-	}
-	return info, nil
-}
-
 // ModelInfo returns information about the current model (default
 // series and type).
 func (c *Client) ModelInfo() (params.ModelInfo, error) {
@@ -345,17 +323,20 @@
 	if err != nil {
 		return params.ModelInfo{}, err
 	}
-	env, err := state.Model()
+	model, err := state.Model()
 	if err != nil {
 		return params.ModelInfo{}, err
 	}
 
 	info := params.ModelInfo{
-		DefaultSeries:  config.PreferredSeries(conf),
-		ProviderType:   conf.Type(),
-		Name:           conf.Name(),
-		UUID:           env.UUID(),
-		ControllerUUID: env.ControllerUUID(),
+		DefaultSeries:   config.PreferredSeries(conf),
+		Cloud:           model.Cloud(),
+		CloudRegion:     model.CloudRegion(),
+		CloudCredential: model.CloudCredential(),
+		ProviderType:    conf.Type(),
+		Name:            conf.Name(),
+		UUID:            model.UUID(),
+		ControllerUUID:  model.ControllerUUID(),
 	}
 	return info, nil
 }
@@ -394,12 +375,17 @@
 // get-model-config CLI command.
 func (c *Client) ModelGet() (params.ModelConfigResults, error) {
 	result := params.ModelConfigResults{}
-	// Get the existing environment config from the state.
-	config, err := c.api.stateAccessor.ModelConfig()
+	values, err := c.api.stateAccessor.ModelConfigValues()
 	if err != nil {
 		return result, err
 	}
-	result.Config = config.AllAttrs()
+	result.Config = make(map[string]params.ConfigValue)
+	for attr, val := range values {
+		result.Config[attr] = params.ConfigValue{
+			Value:  val.Value,
+			Source: val.Source,
+		}
+	}
 	return result, nil
 }
 
@@ -483,7 +469,7 @@
 }
 
 func (c *Client) AddCharm(args params.AddCharm) error {
-	return service.AddCharmWithAuthorization(c.api.state(), params.AddCharmWithAuthorization{
+	return application.AddCharmWithAuthorization(c.api.state(), params.AddCharmWithAuthorization{
 		URL:     args.URL,
 		Channel: args.Channel,
 	})
@@ -496,13 +482,13 @@
 // The authorization macaroon, args.CharmStoreMacaroon, may be
 // omitted, in which case this call is equivalent to AddCharm.
 func (c *Client) AddCharmWithAuthorization(args params.AddCharmWithAuthorization) error {
-	return service.AddCharmWithAuthorization(c.api.state(), args)
+	return application.AddCharmWithAuthorization(c.api.state(), args)
 }
 
 // ResolveCharm resolves the best available charm URLs with series, for charm
 // locations without a series specified.
 func (c *Client) ResolveCharms(args params.ResolveCharms) (params.ResolveCharmResults, error) {
-	return service.ResolveCharms(c.api.state(), args)
+	return application.ResolveCharms(c.api.state(), args)
 }
 
 // RetryProvisioning marks a provisioning error as transient on the machines.
@@ -528,14 +514,3 @@
 	result.Servers = params.FromNetworkHostsPorts(servers)
 	return result, nil
 }
-
-// DestroyModel will try to destroy the current model.
-// If there is a block on destruction, this method will return an error.
-func (c *Client) DestroyModel() (err error) {
-	if err := c.check.DestroyAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-
-	modelTag := c.api.stateAccessor.ModelTag()
-	return errors.Trace(common.DestroyModel(c.api.state(), modelTag))
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,15 +11,15 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"github.com/juju/loggo"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
-	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/client"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -39,12 +39,9 @@
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
 	jujuversion "github.com/juju/juju/version"
+	"github.com/juju/juju/worker"
 )
 
-type Killer interface {
-	Kill() error
-}
-
 type serverSuite struct {
 	baseSuite
 	client *client.Client
@@ -69,6 +66,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 	pinger, err := m.SetAgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
+	s.AddCleanup(func(c *gc.C) {
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
+	})
 	s.State.StartSync()
 	err = m.WaitAgentPresence(coretesting.LongWait)
 	c.Assert(err, jc.ErrorIsNil)
@@ -82,8 +82,8 @@
 
 	localUser1 := s.makeLocalModelUser(c, "ralphdoe", "Ralph Doe")
 	localUser2 := s.makeLocalModelUser(c, "samsmith", "Sam Smith")
-	remoteUser1 := s.Factory.MakeModelUser(c, &factory.ModelUserParams{User: "bobjohns@ubuntuone", DisplayName: "Bob Johns"})
-	remoteUser2 := s.Factory.MakeModelUser(c, &factory.ModelUserParams{User: "nicshaw@idprovider", DisplayName: "Nic Shaw"})
+	remoteUser1 := s.Factory.MakeModelUser(c, &factory.ModelUserParams{User: "bobjohns@ubuntuone", DisplayName: "Bob Johns", Access: state.WriteAccess})
+	remoteUser2 := s.Factory.MakeModelUser(c, &factory.ModelUserParams{User: "nicshaw@idprovider", DisplayName: "Nic Shaw", Access: state.WriteAccess})
 
 	results, err := s.client.ModelUserInfo()
 	c.Assert(err, jc.ErrorIsNil)
@@ -97,21 +97,21 @@
 			&params.ModelUserInfo{
 				UserName:    owner.UserName(),
 				DisplayName: owner.DisplayName(),
-				Access:      "write",
+				Access:      "admin",
 			},
 		}, {
 			localUser1,
 			&params.ModelUserInfo{
 				UserName:    "ralphdoe@local",
 				DisplayName: "Ralph Doe",
-				Access:      "write",
+				Access:      "admin",
 			},
 		}, {
 			localUser2,
 			&params.ModelUserInfo{
 				UserName:    "samsmith@local",
 				DisplayName: "Sam Smith",
-				Access:      "write",
+				Access:      "admin",
 			},
 		}, {
 			remoteUser1,
@@ -172,9 +172,9 @@
 	err := s.client.SetModelAgentVersion(args)
 	c.Assert(err, jc.ErrorIsNil)
 
-	envConfig, err := s.State.ModelConfig()
+	modelConfig, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	agentVersion, found := envConfig.AllAttrs()["agent-version"]
+	agentVersion, found := modelConfig.AllAttrs()["agent-version"]
 	c.Assert(found, jc.IsTrue)
 	c.Assert(agentVersion, gc.Equals, "9.8.7")
 }
@@ -223,9 +223,9 @@
 	}
 	err := s.client.SetModelAgentVersion(args)
 	c.Assert(err, jc.ErrorIsNil)
-	envConfig, err := s.State.ModelConfig()
+	modelConfig, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	agentVersion, found := envConfig.AllAttrs()["agent-version"]
+	agentVersion, found := modelConfig.AllAttrs()["agent-version"]
 	c.Assert(found, jc.IsTrue)
 	c.Assert(agentVersion, gc.Equals, "9.8.7")
 }
@@ -339,7 +339,7 @@
 // clearSinceTimes zeros out the updated timestamps inside status
 // so we can easily check the results.
 func clearSinceTimes(status *params.FullStatus) {
-	for serviceId, service := range status.Services {
+	for applicationId, service := range status.Applications {
 		for unitId, unit := range service.Units {
 			unit.WorkloadStatus.Since = nil
 			unit.AgentStatus.Since = nil
@@ -351,7 +351,7 @@
 			service.Units[unitId] = unit
 		}
 		service.Status.Since = nil
-		status.Services[serviceId] = service
+		status.Applications[applicationId] = service
 	}
 	for id, machine := range status.Machines {
 		machine.AgentStatus.Since = nil
@@ -368,107 +368,18 @@
 	c.Assert(status, jc.DeepEquals, scenarioStatus)
 }
 
-func (s *clientSuite) TestClientCharmInfo(c *gc.C) {
-	var clientCharmInfoTests = []struct {
-		about           string
-		charm           string
-		url             string
-		expectedActions *charm.Actions
-		err             string
-	}{
-		{
-			about: "dummy charm which contains an expectedActions spec",
-			charm: "dummy",
-			url:   "local:quantal/dummy-1",
-			expectedActions: &charm.Actions{
-				ActionSpecs: map[string]charm.ActionSpec{
-					"snapshot": {
-						Description: "Take a snapshot of the database.",
-						Params: map[string]interface{}{
-							"type":        "object",
-							"title":       "snapshot",
-							"description": "Take a snapshot of the database.",
-							"properties": map[string]interface{}{
-								"outfile": map[string]interface{}{
-									"default":     "foo.bz2",
-									"description": "The file to write out to.",
-									"type":        "string",
-								},
-							},
-						},
-					},
-				},
-			},
-		},
-		{
-			about: "retrieves charm info",
-			// Use wordpress for tests so that we can compare Provides and Requires.
-			charm: "wordpress",
-			expectedActions: &charm.Actions{ActionSpecs: map[string]charm.ActionSpec{
-				"fakeaction": {
-					Description: "No description",
-					Params: map[string]interface{}{
-						"type":        "object",
-						"title":       "fakeaction",
-						"description": "No description",
-						"properties":  map[string]interface{}{},
-					},
-				},
-			}},
-			url: "local:quantal/wordpress-3",
-		},
-		{
-			about: "invalid URL",
-			charm: "wordpress",
-			url:   "not-valid!",
-			err:   `URL has invalid charm or bundle name: "not-valid!"`,
-		},
-		{
-			about: "invalid schema",
-			charm: "wordpress",
-			url:   "not-valid:your-arguments",
-			err:   `charm or bundle URL has invalid schema: "not-valid:your-arguments"`,
-		},
-		{
-			about: "unknown charm",
-			charm: "wordpress",
-			url:   "cs:missing/one-1",
-			err:   `charm "cs:missing/one-1" not found \(not found\)`,
-		},
-	}
-
-	for i, t := range clientCharmInfoTests {
-		c.Logf("test %d. %s", i, t.about)
-		charm := s.AddTestingCharm(c, t.charm)
-		info, err := s.APIState.Client().CharmInfo(t.url)
-		if t.err != "" {
-			c.Check(err, gc.ErrorMatches, t.err)
-			continue
-		}
-		c.Assert(err, jc.ErrorIsNil)
-		expected := &api.CharmInfo{
-			Revision: charm.Revision(),
-			URL:      charm.URL().String(),
-			Config:   charm.Config(),
-			Meta:     charm.Meta(),
-			Actions:  charm.Actions(),
-		}
-		c.Check(info, jc.DeepEquals, expected)
-		c.Check(info.Actions, jc.DeepEquals, t.expectedActions)
-	}
-}
-
 func (s *clientSuite) TestClientModelInfo(c *gc.C) {
+	model, err := s.State.Model()
+	c.Assert(err, jc.ErrorIsNil)
 	conf, _ := s.State.ModelConfig()
 	info, err := s.APIState.Client().ModelInfo()
 	c.Assert(err, jc.ErrorIsNil)
-	env, err := s.State.Model()
-	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(info.DefaultSeries, gc.Equals, config.PreferredSeries(conf))
+	c.Assert(info.CloudRegion, gc.Equals, model.CloudRegion())
 	c.Assert(info.ProviderType, gc.Equals, conf.Type())
 	c.Assert(info.Name, gc.Equals, conf.Name())
-	c.Assert(info.UUID, gc.Equals, env.UUID())
-	c.Assert(info.ControllerUUID, gc.Equals, env.ControllerUUID())
+	c.Assert(info.UUID, gc.Equals, model.UUID())
+	c.Assert(info.ControllerUUID, gc.Equals, model.ControllerUUID())
 }
 
 func assertLife(c *gc.C, entity state.Living, life state.Life) {
@@ -482,10 +393,6 @@
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
-func assertKill(c *gc.C, killer Killer) {
-	c.Assert(killer.Kill(), gc.IsNil)
-}
-
 func (s *clientSuite) setupDestroyMachinesTest(c *gc.C) (*state.Machine, *state.Machine, *state.Machine, *state.Unit) {
 	m0, err := s.State.AddMachine("quantal", state.JobManageModel)
 	c.Assert(err, jc.ErrorIsNil)
@@ -518,7 +425,13 @@
 	s.setUpScenario(c)
 	u, err := s.State.Unit("wordpress/0")
 	c.Assert(err, jc.ErrorIsNil)
-	err = u.SetAgentStatus(status.StatusError, "gaaah", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "gaaah",
+		Since:   &now,
+	}
+	err = u.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	// Code under test:
 	err = s.APIState.Client().Resolved("wordpress/0", retry)
@@ -544,7 +457,13 @@
 	s.setUpScenario(c)
 	u, err := s.State.Unit("wordpress/0")
 	c.Assert(err, jc.ErrorIsNil)
-	err = u.SetAgentStatus(status.StatusError, "gaaah", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "gaaah",
+		Since:   &now,
+	}
+	err = u.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	return u
 }
@@ -616,6 +535,7 @@
 }
 
 func (s *clientSuite) TestClientWatchAll(c *gc.C) {
+	loggo.GetLogger("juju.apiserver").SetLogLevel(loggo.TRACE)
 	// A very simple end-to-end test, because
 	// all the logic is tested elsewhere.
 	m, err := s.State.AddMachine("quantal", state.JobManageModel)
@@ -633,25 +553,23 @@
 	c.Assert(len(deltas), gc.Equals, 1)
 	d0, ok := deltas[0].Entity.(*multiwatcher.MachineInfo)
 	c.Assert(ok, jc.IsTrue)
-	d0.JujuStatus.Since = nil
-	d0.MachineStatus.Since = nil
-	if !c.Check(deltas, gc.DeepEquals, []multiwatcher.Delta{{
+	d0.AgentStatus.Since = nil
+	d0.InstanceStatus.Since = nil
+	if !c.Check(deltas, jc.DeepEquals, []multiwatcher.Delta{{
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID:  s.State.ModelUUID(),
 			Id:         m.Id(),
 			InstanceId: "i-0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
-				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
-				Data:    map[string]interface{}{},
 			},
 			Life:                    multiwatcher.Life("alive"),
 			Series:                  "quantal",
 			Jobs:                    []multiwatcher.MachineJob{state.JobManageModel.ToParams()},
-			Addresses:               []network.Address{},
+			Addresses:               []multiwatcher.Address{},
 			HardwareCharacteristics: &instance.HardwareCharacteristics{},
 			HasVote:                 false,
 			WantsVote:               true,
@@ -730,14 +648,13 @@
 	_, err := s.APIState.Client().PublicAddress("wordpress")
 	c.Assert(err, gc.ErrorMatches, `unknown unit or machine "wordpress"`)
 	_, err = s.APIState.Client().PublicAddress("0")
-	c.Assert(err, gc.ErrorMatches, `error fetching address for machine "0": public no address`)
+	c.Assert(err, gc.ErrorMatches, `error fetching address for machine "0": no public address`)
 	_, err = s.APIState.Client().PublicAddress("wordpress/0")
-	c.Assert(err, gc.ErrorMatches, `error fetching address for unit "wordpress/0": public no address`)
+	c.Assert(err, gc.ErrorMatches, `error fetching address for unit "wordpress/0": no public address`)
 }
 
 func (s *clientSuite) TestClientPublicAddressMachine(c *gc.C) {
 	s.setUpScenario(c)
-	network.SetPreferIPv6(false)
 
 	// Internally, network.SelectPublicAddress is used; the "most public"
 	// address is returned.
@@ -773,14 +690,13 @@
 	_, err := s.APIState.Client().PrivateAddress("wordpress")
 	c.Assert(err, gc.ErrorMatches, `unknown unit or machine "wordpress"`)
 	_, err = s.APIState.Client().PrivateAddress("0")
-	c.Assert(err, gc.ErrorMatches, `error fetching address for machine "0": private no address`)
+	c.Assert(err, gc.ErrorMatches, `error fetching address for machine "0": no private address`)
 	_, err = s.APIState.Client().PrivateAddress("wordpress/0")
-	c.Assert(err, gc.ErrorMatches, `error fetching address for unit "wordpress/0": private no address`)
+	c.Assert(err, gc.ErrorMatches, `error fetching address for unit "wordpress/0": no private address`)
 }
 
 func (s *clientSuite) TestClientPrivateAddress(c *gc.C) {
 	s.setUpScenario(c)
-	network.SetPreferIPv6(false)
 
 	// Internally, network.SelectInternalAddress is used; the public
 	// address if no cloud-local one is available.
@@ -812,32 +728,39 @@
 }
 
 func (s *serverSuite) TestClientModelGet(c *gc.C) {
-	envConfig, err := s.State.ModelConfig()
+	modelConfig, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
 	result, err := s.client.ModelGet()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.Config, gc.DeepEquals, envConfig.AllAttrs())
+	cfg := make(map[string]params.ConfigValue)
+	for name, val := range modelConfig.AllAttrs() {
+		cfg[name] = params.ConfigValue{
+			Value:  val,
+			Source: "model",
+		}
+	}
+	c.Assert(result.Config, gc.DeepEquals, cfg)
 }
 
 func (s *serverSuite) assertEnvValue(c *gc.C, key string, expected interface{}) {
-	envConfig, err := s.State.ModelConfig()
+	modelConfig, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	value, found := envConfig.AllAttrs()[key]
+	value, found := modelConfig.AllAttrs()[key]
 	c.Assert(found, jc.IsTrue)
 	c.Assert(value, gc.Equals, expected)
 }
 
 func (s *serverSuite) assertEnvValueMissing(c *gc.C, key string) {
-	envConfig, err := s.State.ModelConfig()
+	modelConfig, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	_, found := envConfig.AllAttrs()[key]
+	_, found := modelConfig.AllAttrs()[key]
 	c.Assert(found, jc.IsFalse)
 }
 
 func (s *serverSuite) TestClientModelSet(c *gc.C) {
-	envConfig, err := s.State.ModelConfig()
+	modelConfig, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	_, found := envConfig.AllAttrs()["some-key"]
+	_, found := modelConfig.AllAttrs()["some-key"]
 	c.Assert(found, jc.IsFalse)
 
 	params := params.ModelSet{
@@ -855,10 +778,10 @@
 	// The various immutable config values are tested in
 	// environs/config/config_test.go, so just choosing one here.
 	params := params.ModelSet{
-		Config: map[string]interface{}{"state-port": "1"},
+		Config: map[string]interface{}{"firewall-mode": "global"},
 	}
 	err := s.client.ModelSet(params)
-	c.Check(err, gc.ErrorMatches, `cannot change state-port from .* to 1`)
+	c.Check(err, gc.ErrorMatches, `cannot change firewall-mode from .* to "global"`)
 }
 
 func (s *serverSuite) assertModelSetBlocked(c *gc.C, args map[string]interface{}, msg string) {
@@ -872,21 +795,6 @@
 	s.assertModelSetBlocked(c, args, "TestBlockChangesClientModelSet")
 }
 
-func (s *serverSuite) TestClientModelSetDeprecated(c *gc.C) {
-	envConfig, err := s.State.ModelConfig()
-	c.Assert(err, jc.ErrorIsNil)
-	url := envConfig.AllAttrs()["agent-metadata-url"]
-	c.Assert(url, gc.Equals, "")
-
-	args := params.ModelSet{
-		Config: map[string]interface{}{"tools-metadata-url": "value"},
-	}
-	err = s.client.ModelSet(args)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertEnvValue(c, "agent-metadata-url", "value")
-	s.assertEnvValue(c, "tools-metadata-url", "value")
-}
-
 func (s *serverSuite) TestClientModelSetCannotChangeAgentVersion(c *gc.C) {
 	args := params.ModelSet{
 		map[string]interface{}{"agent-version": "9.9.9"},
@@ -898,7 +806,7 @@
 	result, err := s.client.ModelGet()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Config["agent-version"], gc.NotNil)
-	args.Config["agent-version"] = result.Config["agent-version"]
+	args.Config["agent-version"] = result.Config["agent-version"].Value
 	err = s.client.ModelSet(args)
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -1050,13 +958,13 @@
 
 	machines, err := s.APIState.Client().AddMachines([]params.AddMachineParams{{
 		Jobs:          []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
-		ContainerType: instance.LXC,
+		ContainerType: instance.LXD,
 		ParentId:      "0",
 		Series:        "quantal",
 	}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(machines, gc.HasLen, 1)
-	c.Assert(machines[0].Machine, gc.Equals, "0/lxc/0")
+	c.Assert(machines[0].Machine, gc.Equals, "0/lxd/0")
 }
 
 // updateConfig sets config variable with given key to a given value
@@ -1091,15 +999,15 @@
 			Jobs: []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 		}
 	}
-	apiParams[0].Placement = instance.MustParsePlacement("lxc")
-	apiParams[1].Placement = instance.MustParsePlacement("lxc:0")
-	apiParams[1].ContainerType = instance.LXC
-	apiParams[2].Placement = instance.MustParsePlacement("admin:invalid")
-	apiParams[3].Placement = instance.MustParsePlacement("admin:valid")
+	apiParams[0].Placement = instance.MustParsePlacement("lxd")
+	apiParams[1].Placement = instance.MustParsePlacement("lxd:0")
+	apiParams[1].ContainerType = instance.LXD
+	apiParams[2].Placement = instance.MustParsePlacement("controller:invalid")
+	apiParams[3].Placement = instance.MustParsePlacement("controller:valid")
 	machines, err := s.APIState.Client().AddMachines(apiParams)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(len(machines), gc.Equals, 4)
-	c.Assert(machines[0].Machine, gc.Equals, "0/lxc/0")
+	c.Assert(machines[0].Machine, gc.Equals, "0/lxd/0")
 	c.Assert(machines[1].Error, gc.ErrorMatches, "container type and placement are mutually exclusive")
 	c.Assert(machines[2].Error, gc.ErrorMatches, "cannot add a new machine: invalid placement is invalid")
 	c.Assert(machines[3].Machine, gc.Equals, "1")
@@ -1120,8 +1028,8 @@
 	// Create a machine to host the requested containers.
 	host, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	// The host only supports lxc containers.
-	err = host.SetSupportedContainers([]instance.ContainerType{instance.LXC})
+	// The host only supports lxd containers.
+	err = host.SetSupportedContainers([]instance.ContainerType{instance.LXD})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Set up params for adding 3 containers.
@@ -1156,7 +1064,7 @@
 			InstanceId: instance.Id(fmt.Sprintf("1234-%d", i)),
 			Nonce:      "foo",
 			HardwareCharacteristics: hc,
-			Addrs: params.FromNetworkAddresses(addrs),
+			Addrs: params.FromNetworkAddresses(addrs...),
 		}
 	}
 	// This will cause the last add-machine to fail.
@@ -1400,7 +1308,13 @@
 func (s *clientSuite) TestRetryProvisioning(c *gc.C) {
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	err = machine.SetStatus(status.StatusError, "error", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "error",
+		Since:   &now,
+	}
+	err = machine.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = s.APIState.Client().RetryProvisioning(machine.Tag().(names.MachineTag))
 	c.Assert(err, jc.ErrorIsNil)
@@ -1415,7 +1329,13 @@
 func (s *clientSuite) setupRetryProvisioning(c *gc.C) *state.Machine {
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	err = machine.SetStatus(status.StatusError, "error", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "error",
+		Since:   &now,
+	}
+	err = machine.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	return machine
 }
@@ -1573,15 +1493,3 @@
 	assertLife(c, m2, state.Dead)
 	assertRemoved(c, u)
 }
-
-func (s *clientSuite) TestDestroyModel(c *gc.C) {
-	// The full tests for DestroyModel are in modelmanager.
-	// Here we just test that things are hooked up such that we can destroy
-	// the model through the client endpoint to support older juju clients.
-	err := s.APIState.Client().DestroyModel()
-	c.Assert(err, jc.ErrorIsNil)
-
-	env, err := s.State.Model()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Life(), gc.Equals, state.Dying)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/filtering.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/filtering.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/filtering.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/filtering.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
@@ -99,7 +99,7 @@
 	return func(i interface{}) (bool, error) {
 		switch i.(type) {
 		default:
-			panic(errors.Errorf("Programming error. We should only ever pass in machines, services, or units. Received %T.", i))
+			panic(errors.Errorf("Programming error. We should only ever pass in machines, applications, or units. Received %T.", i))
 		case *state.Machine:
 			shims, err := buildMachineMatcherShims(i.(*state.Machine), patterns)
 			if err != nil {
@@ -108,8 +108,8 @@
 			return or(shims...)
 		case *state.Unit:
 			return or(buildUnitMatcherShims(i.(*state.Unit), patterns)...)
-		case *state.Service:
-			shims, err := buildServiceMatcherShims(i.(*state.Service), patterns...)
+		case *state.Application:
+			shims, err := buildServiceMatcherShims(i.(*state.Application), patterns...)
 			if err != nil {
 				return false, err
 			}
@@ -176,7 +176,7 @@
 }
 
 func unitMatchExposure(u *state.Unit, patterns []string) (bool, bool, error) {
-	s, err := u.Service()
+	s, err := u.Application()
 	if err != nil {
 		return false, false, err
 	}
@@ -191,7 +191,7 @@
 	return matchPortRanges(patterns, portRanges...)
 }
 
-func buildServiceMatcherShims(s *state.Service, patterns ...string) (shims []closurePredicate, _ error) {
+func buildServiceMatcherShims(s *state.Application, patterns ...string) (shims []closurePredicate, _ error) {
 	// Match on name.
 	shims = append(shims, func() (bool, bool, error) {
 		for _, p := range patterns {
@@ -307,7 +307,7 @@
 	return false, oneValidPattern, nil
 }
 
-func matchExposure(patterns []string, s *state.Service) (bool, bool, error) {
+func matchExposure(patterns []string, s *state.Application) (bool, bool, error) {
 	if len(patterns) >= 1 && patterns[0] == "exposed" {
 		return s.IsExposed(), true, nil
 	} else if len(patterns) >= 2 && patterns[0] == "not" && patterns[1] == "exposed" {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/instanceconfig.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/instanceconfig.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/instanceconfig.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/instanceconfig.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,7 +22,7 @@
 // is exposed for testing purposes.
 // TODO(rog) fix environs/manual tests so they do not need to call this, or move this elsewhere.
 func InstanceConfig(st *state.State, machineId, nonce, dataDir string) (*instancecfg.InstanceConfig, error) {
-	environConfig, err := st.ModelConfig()
+	modelConfig, err := st.ModelConfig()
 	if err != nil {
 		return nil, errors.Annotate(err, "getting model config")
 	}
@@ -43,7 +43,7 @@
 	}
 
 	// Find the appropriate tools information.
-	agentVersion, ok := environConfig.AgentVersion()
+	agentVersion, ok := modelConfig.AgentVersion()
 	if !ok {
 		return nil, errors.New("no agent version set in model configuration")
 	}
@@ -86,7 +86,7 @@
 	}
 
 	auth := authentication.NewAuthenticator(st.MongoConnectionInfo(), apiInfo)
-	mongoInfo, apiInfo, err := auth.SetupAuthentication(machine)
+	_, apiInfo, err = auth.SetupAuthentication(machine)
 	if err != nil {
 		return nil, errors.Annotate(err, "setting up machine authentication")
 	}
@@ -97,8 +97,8 @@
 		return nil, errors.Annotate(err, "getting state serving info")
 	}
 	secureServerConnection := info.CAPrivateKey != ""
-	icfg, err := instancecfg.NewInstanceConfig(machineId, nonce, environConfig.ImageStream(), machine.Series(), "",
-		secureServerConnection, mongoInfo, apiInfo,
+	icfg, err := instancecfg.NewInstanceConfig(machineId, nonce, modelConfig.ImageStream(), machine.Series(),
+		secureServerConnection, apiInfo,
 	)
 	if err != nil {
 		return nil, errors.Annotate(err, "initializing instance config")
@@ -109,7 +109,7 @@
 	if err := icfg.SetTools(toolsList); err != nil {
 		return nil, errors.Trace(err)
 	}
-	err = instancecfg.FinishInstanceConfig(icfg, environConfig)
+	err = instancecfg.FinishInstanceConfig(icfg, modelConfig)
 	if err != nil {
 		return nil, errors.Annotate(err, "finishing instance config")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/instanceconfig_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/instanceconfig_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/instanceconfig_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/instanceconfig_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,7 +39,7 @@
 		InstanceId: instance.Id("1234"),
 		Nonce:      "foo",
 		HardwareCharacteristics: hc,
-		Addrs: params.FromNetworkAddresses(addrs),
+		Addrs: params.FromNetworkAddresses(addrs...),
 	}
 	machines, err := s.APIState.Client().AddMachines([]params.AddMachineParams{apiParams})
 	c.Assert(err, jc.ErrorIsNil)
@@ -49,19 +49,16 @@
 	instanceConfig, err := client.InstanceConfig(s.State, machineId, apiParams.Nonce, "")
 	c.Assert(err, jc.ErrorIsNil)
 
-	envConfig, err := s.State.ModelConfig()
+	cfg, err := s.State.ControllerConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	mongoAddrs := s.State.MongoConnectionInfo().Addrs
-	apiAddrs := []string{net.JoinHostPort("localhost", strconv.Itoa(envConfig.APIPort()))}
+	apiAddrs := []string{net.JoinHostPort("localhost", strconv.Itoa(cfg.APIPort()))}
 
-	c.Check(instanceConfig.MongoInfo.Addrs, gc.DeepEquals, mongoAddrs)
 	c.Check(instanceConfig.APIInfo.Addrs, gc.DeepEquals, apiAddrs)
 	toolsURL := fmt.Sprintf("https://%s/model/%s/tools/%s",
 		apiAddrs[0], jujutesting.ModelTag.Id(), instanceConfig.AgentVersion())
 	c.Assert(instanceConfig.ToolsList().URLs(), jc.DeepEquals, map[version.Binary][]string{
 		instanceConfig.AgentVersion(): []string{toolsURL},
 	})
-	//c.Assert(instanceConfig.ToolsList()[0].URL, gc.Equals, toolsURL)
 	c.Assert(instanceConfig.AgentEnvironment[agent.AllowsSecureConnection], gc.Equals, "true")
 }
 
@@ -115,7 +112,7 @@
 		InstanceId: instance.Id("1234"),
 		Nonce:      "foo",
 		HardwareCharacteristics: hc,
-		Addrs: params.FromNetworkAddresses(addrs),
+		Addrs: params.FromNetworkAddresses(addrs...),
 	}
 	machines, err := s.APIState.Client().AddMachines([]params.AddMachineParams{apiParams})
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,14 +6,9 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/testing"
-
 	coretesting "github.com/juju/juju/testing"
 )
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1518807")
-	}
 	coretesting.MgoTestPackage(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/perm_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/perm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/perm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/perm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,21 +7,20 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/annotations"
-	"github.com/juju/juju/api/service"
+	"github.com/juju/juju/api/application"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/charmstore"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/rpc"
 	"github.com/juju/juju/state"
-	jujuversion "github.com/juju/juju/version"
 )
 
 type permSuite struct {
@@ -78,11 +77,11 @@
 		op:    opClientStatus,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.Set",
+		about: "Application.Set",
 		op:    opClientServiceSet,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.Get",
+		about: "Application.Get",
 		op:    opClientServiceGet,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
@@ -90,19 +89,19 @@
 		op:    opClientResolved,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.Expose",
+		about: "Application.Expose",
 		op:    opClientServiceExpose,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.Unexpose",
+		about: "Application.Unexpose",
 		op:    opClientServiceUnexpose,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.Update",
+		about: "Application.Update",
 		op:    opClientServiceUpdate,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.SetCharm",
+		about: "Application.SetCharm",
 		op:    opClientServiceSetCharm,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
@@ -114,23 +113,23 @@
 		op:    opClientSetAnnotations,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.AddUnits",
+		about: "Application.AddUnits",
 		op:    opClientAddServiceUnits,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.DestroyUnits",
+		about: "Application.DestroyUnits",
 		op:    opClientDestroyServiceUnits,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.Destroy",
+		about: "Application.Destroy",
 		op:    opClientServiceDestroy,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.GetConstraints",
+		about: "Application.GetConstraints",
 		op:    opClientGetServiceConstraints,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.SetConstraints",
+		about: "Application.SetConstraints",
 		op:    opClientSetServiceConstraints,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
@@ -154,15 +153,11 @@
 		op:    opClientWatchAll,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Client.CharmInfo",
-		op:    opClientCharmInfo,
-		allow: []names.Tag{userAdmin, userOther},
-	}, {
-		about: "Service.AddRelation",
+		about: "Application.AddRelation",
 		op:    opClientAddRelation,
 		allow: []names.Tag{userAdmin, userOther},
 	}, {
-		about: "Service.DestroyRelation",
+		about: "Application.DestroyRelation",
 		op:    opClientDestroyRelation,
 		allow: []names.Tag{userAdmin, userOther},
 	}} {
@@ -186,33 +181,8 @@
 	}
 }
 
-func opClientCharmInfo(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	info, err := st.Client().CharmInfo("local:quantal/wordpress-3")
-	if err != nil {
-		c.Check(info, gc.IsNil)
-		return func() {}, err
-	}
-	c.Assert(info.URL, gc.Equals, "local:quantal/wordpress-3")
-	c.Assert(info.Meta.Name, gc.Equals, "wordpress")
-	c.Assert(info.Revision, gc.Equals, 3)
-	c.Assert(info.Actions, jc.DeepEquals, &charm.Actions{
-		ActionSpecs: map[string]charm.ActionSpec{
-			"fakeaction": {
-				Description: "No description",
-				Params: map[string]interface{}{
-					"type":        "object",
-					"description": "No description",
-					"properties":  map[string]interface{}{},
-					"title":       "fakeaction",
-				},
-			},
-		},
-	})
-	return func() {}, nil
-}
-
 func opClientAddRelation(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	_, err := service.NewClient(st).AddRelation("nosuch1", "nosuch2")
+	_, err := application.NewClient(st).AddRelation("nosuch1", "nosuch2")
 	if params.IsCodeNotFound(err) {
 		err = nil
 	}
@@ -220,7 +190,7 @@
 }
 
 func opClientDestroyRelation(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	err := service.NewClient(st).DestroyRelation("nosuch1", "nosuch2")
+	err := application.NewClient(st).DestroyRelation("nosuch1", "nosuch2")
 	if params.IsCodeNotFound(err) {
 		err = nil
 	}
@@ -240,7 +210,7 @@
 
 func resetBlogTitle(c *gc.C, st api.Connection) func() {
 	return func() {
-		err := service.NewClient(st).Set("wordpress", map[string]string{
+		err := application.NewClient(st).Set("wordpress", map[string]string{
 			"blog-title": "",
 		})
 		c.Assert(err, jc.ErrorIsNil)
@@ -248,7 +218,7 @@
 }
 
 func opClientServiceSet(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	err := service.NewClient(st).Set("wordpress", map[string]string{
+	err := application.NewClient(st).Set("wordpress", map[string]string{
 		"blog-title": "foo",
 	})
 	if err != nil {
@@ -258,7 +228,7 @@
 }
 
 func opClientServiceGet(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	_, err := service.NewClient(st).Get("wordpress")
+	_, err := application.NewClient(st).Get("wordpress")
 	if err != nil {
 		return func() {}, err
 	}
@@ -266,19 +236,19 @@
 }
 
 func opClientServiceExpose(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	err := service.NewClient(st).Expose("wordpress")
+	err := application.NewClient(st).Expose("wordpress")
 	if err != nil {
 		return func() {}, err
 	}
 	return func() {
-		svc, err := mst.Service("wordpress")
+		svc, err := mst.Application("wordpress")
 		c.Assert(err, jc.ErrorIsNil)
 		svc.ClearExposed()
 	}, nil
 }
 
 func opClientServiceUnexpose(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	err := service.NewClient(st).Unexpose("wordpress")
+	err := application.NewClient(st).Unexpose("wordpress")
 	if err != nil {
 		return func() {}, err
 	}
@@ -304,12 +274,12 @@
 }
 
 func opClientGetAnnotations(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	ann, err := annotations.NewClient(st).Get([]string{"service-wordpress"})
+	ann, err := annotations.NewClient(st).Get([]string{"application-wordpress"})
 	if err != nil {
 		return func() {}, err
 	}
 	c.Assert(ann, gc.DeepEquals, []params.AnnotationsGetResult{{
-		EntityTag:   "service-wordpress",
+		EntityTag:   "application-wordpress",
 		Annotations: map[string]string{},
 	}})
 	return func() {}, nil
@@ -318,7 +288,7 @@
 func opClientSetAnnotations(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
 	pairs := map[string]string{"key1": "value1", "key2": "value2"}
 	setParams := map[string]map[string]string{
-		"service-wordpress": pairs,
+		"application-wordpress": pairs,
 	}
 	_, err := annotations.NewClient(st).Set(setParams)
 	if err != nil {
@@ -327,21 +297,21 @@
 	return func() {
 		pairs := map[string]string{"key1": "", "key2": ""}
 		setParams := map[string]map[string]string{
-			"service-wordpress": pairs,
+			"application-wordpress": pairs,
 		}
 		annotations.NewClient(st).Set(setParams)
 	}, nil
 }
 
 func opClientServiceUpdate(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	args := params.ServiceUpdate{
-		ServiceName:     "no-such-charm",
+	args := params.ApplicationUpdate{
+		ApplicationName: "no-such-charm",
 		CharmUrl:        "cs:quantal/wordpress-42",
 		ForceCharmUrl:   true,
 		SettingsStrings: map[string]string{"blog-title": "foo"},
 		SettingsYAML:    `"wordpress": {"blog-title": "foo"}`,
 	}
-	err := service.NewClient(st).Update(args)
+	err := application.NewClient(st).Update(args)
 	if params.IsCodeNotFound(err) {
 		err = nil
 	}
@@ -349,13 +319,13 @@
 }
 
 func opClientServiceSetCharm(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	cfg := service.SetCharmConfig{
-		ServiceName: "nosuch",
+	cfg := application.SetCharmConfig{
+		ApplicationName: "nosuch",
 		CharmID: charmstore.CharmID{
 			URL: charm.MustParseURL("local:quantal/wordpress"),
 		},
 	}
-	err := service.NewClient(st).SetCharm(cfg)
+	err := application.NewClient(st).SetCharm(cfg)
 	if params.IsCodeNotFound(err) {
 		err = nil
 	}
@@ -363,7 +333,7 @@
 }
 
 func opClientAddServiceUnits(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	_, err := service.NewClient(st).AddUnits("nosuch", 1, nil)
+	_, err := application.NewClient(st).AddUnits("nosuch", 1, nil)
 	if params.IsCodeNotFound(err) {
 		err = nil
 	}
@@ -371,7 +341,7 @@
 }
 
 func opClientDestroyServiceUnits(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	err := service.NewClient(st).DestroyUnits("wordpress/99")
+	err := application.NewClient(st).DestroyUnits("wordpress/99")
 	if err != nil && strings.HasPrefix(err.Error(), "no units were destroyed") {
 		err = nil
 	}
@@ -379,7 +349,7 @@
 }
 
 func opClientServiceDestroy(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	err := service.NewClient(st).Destroy("non-existent")
+	err := application.NewClient(st).Destroy("non-existent")
 	if params.IsCodeNotFound(err) {
 		err = nil
 	}
@@ -387,13 +357,13 @@
 }
 
 func opClientGetServiceConstraints(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
-	_, err := service.NewClient(st).GetConstraints("wordpress")
+	_, err := application.NewClient(st).GetConstraints("wordpress")
 	return func() {}, err
 }
 
 func opClientSetServiceConstraints(c *gc.C, st api.Connection, mst *state.State) (func(), error) {
 	nullConstraints := constraints.Value{}
-	err := service.NewClient(st).SetConstraints("wordpress", nullConstraints)
+	err := application.NewClient(st).SetConstraints("wordpress", nullConstraints)
 	if err != nil {
 		return func() {}, err
 	}
@@ -434,7 +404,8 @@
 	if err != nil {
 		return func() {}, err
 	}
-	err = st.Client().SetModelAgentVersion(jujuversion.Current)
+	ver := version.Number{Major: 1, Minor: 2, Patch: 3}
+	err = st.Client().SetModelAgentVersion(ver)
 	if err != nil {
 		return func() {}, err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package client
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/version"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/config"
@@ -33,16 +33,17 @@
 type stateInterface interface {
 	FindEntity(names.Tag) (state.Entity, error)
 	Unit(string) (Unit, error)
-	Service(string) (*state.Service, error)
+	Application(string) (*state.Application, error)
 	Machine(string) (*state.Machine, error)
 	AllMachines() ([]*state.Machine, error)
-	AllServices() ([]*state.Service, error)
+	AllApplications() ([]*state.Application, error)
 	AllRelations() ([]*state.Relation, error)
 	AddOneMachine(state.MachineTemplate) (*state.Machine, error)
 	AddMachineInsideMachine(state.MachineTemplate, string, instance.ContainerType) (*state.Machine, error)
 	AddMachineInsideNewMachine(template, parentTemplate state.MachineTemplate, containerType instance.ContainerType) (*state.Machine, error)
 	ModelConstraints() (constraints.Value, error)
 	ModelConfig() (*config.Config, error)
+	ModelConfigValues() (config.ConfigValues, error)
 	UpdateModelConfig(map[string]interface{}, []string, state.ValidateConfigFunc) error
 	SetModelConstraints(constraints.Value) error
 	ModelUUID() string
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/status.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,9 @@
 	"github.com/juju/utils/set"
 	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
@@ -21,86 +23,78 @@
 	"github.com/juju/juju/worker/uniter/operation"
 )
 
-func agentStatusFromStatusInfo(s []status.StatusInfo, kind params.HistoryKind) []params.DetailedStatus {
+func agentStatusFromStatusInfo(s []status.StatusInfo, kind status.HistoryKind) []params.DetailedStatus {
 	result := []params.DetailedStatus{}
 	for _, v := range s {
 		result = append(result, params.DetailedStatus{
-			Status: v.Status,
+			Status: string(v.Status),
 			Info:   v.Message,
 			Data:   v.Data,
 			Since:  v.Since,
-			Kind:   kind,
+			Kind:   string(kind),
 		})
 	}
 	return result
 
 }
 
-type sortableStatuses []params.DetailedStatus
+type byTime []params.DetailedStatus
 
-func (s sortableStatuses) Len() int {
+func (s byTime) Len() int {
 	return len(s)
 }
-func (s sortableStatuses) Swap(i, j int) {
+func (s byTime) Swap(i, j int) {
 	s[i], s[j] = s[j], s[i]
 }
-func (s sortableStatuses) Less(i, j int) bool {
+func (s byTime) Less(i, j int) bool {
 	return s[i].Since.Before(*s[j].Since)
 }
 
 // unitStatusHistory returns a list of status history entries for unit agents or workloads.
-func (c *Client) unitStatusHistory(unitName string, size int, kind params.HistoryKind) ([]params.DetailedStatus, error) {
-	unit, err := c.api.stateAccessor.Unit(unitName)
+func (c *Client) unitStatusHistory(unitTag names.UnitTag, filter status.StatusHistoryFilter, kind status.HistoryKind) ([]params.DetailedStatus, error) {
+	unit, err := c.api.stateAccessor.Unit(unitTag.Id())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 	statuses := []params.DetailedStatus{}
-	if kind == params.KindUnit || kind == params.KindWorkload {
-		unitStatuses, err := unit.StatusHistory(size)
+	if kind == status.KindUnit || kind == status.KindWorkload {
+		unitStatuses, err := unit.StatusHistory(filter)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
-		statuses = agentStatusFromStatusInfo(unitStatuses, params.KindWorkload)
+		statuses = agentStatusFromStatusInfo(unitStatuses, status.KindWorkload)
 
 	}
-	if kind == params.KindUnit || kind == params.KindUnitAgent {
-		agentStatuses, err := unit.AgentHistory().StatusHistory(size)
+	if kind == status.KindUnit || kind == status.KindUnitAgent {
+		agentStatuses, err := unit.AgentHistory().StatusHistory(filter)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
-		statuses = append(statuses, agentStatusFromStatusInfo(agentStatuses, params.KindUnitAgent)...)
+		statuses = append(statuses, agentStatusFromStatusInfo(agentStatuses, status.KindUnitAgent)...)
 	}
 
-	sort.Sort(sortableStatuses(statuses))
-	if kind == params.KindUnit {
-		if len(statuses) > size {
-			statuses = statuses[len(statuses)-size:]
+	sort.Sort(byTime(statuses))
+	if kind == status.KindUnit && filter.Size > 0 {
+		if len(statuses) > filter.Size {
+			statuses = statuses[len(statuses)-filter.Size:]
 		}
 	}
 
 	return statuses, nil
 }
 
-// machineInstanceStatusHistory returns status history for the instance of a given machine.
-func (c *Client) machineInstanceStatusHistory(machineName string, size int, kind params.HistoryKind) ([]params.DetailedStatus, error) {
-	machine, err := c.api.stateAccessor.Machine(machineName)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	sInfo, err := machine.InstanceStatusHistory(size)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return agentStatusFromStatusInfo(sInfo, kind), nil
-}
-
 // machineStatusHistory returns status history for the given machine.
-func (c *Client) machineStatusHistory(machineName string, size int, kind params.HistoryKind) ([]params.DetailedStatus, error) {
-	machine, err := c.api.stateAccessor.Machine(machineName)
+func (c *Client) machineStatusHistory(machineTag names.MachineTag, filter status.StatusHistoryFilter, kind status.HistoryKind) ([]params.DetailedStatus, error) {
+	machine, err := c.api.stateAccessor.Machine(machineTag.Id())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	sInfo, err := machine.StatusHistory(size)
+	var sInfo []status.StatusInfo
+	if kind == status.KindMachineInstance || kind == status.KindContainerInstance {
+		sInfo, err = machine.InstanceStatusHistory(filter)
+	} else {
+		sInfo, err = machine.StatusHistory(filter)
+	}
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -108,59 +102,63 @@
 }
 
 // StatusHistory returns a slice of past statuses for several entities.
-func (c *Client) StatusHistory(args params.StatusHistoryArgs) (params.StatusHistoryResults, error) {
-	if args.Size < 1 {
-		return params.StatusHistoryResults{}, errors.Errorf("invalid history size: %d", args.Size)
-	}
-	history := params.StatusHistoryResults{}
-	statuses := []params.DetailedStatus{}
-	var err error
-	switch args.Kind {
-	case params.KindUnit, params.KindWorkload, params.KindUnitAgent:
-		statuses, err = c.unitStatusHistory(args.Name, args.Size, args.Kind)
-		if err != nil {
-			return params.StatusHistoryResults{}, errors.Annotatef(err, "fetching unit status history for %q", args.Name)
-		}
-	case params.KindMachineInstance:
-		mIStatuses, err := c.machineInstanceStatusHistory(args.Name, args.Size, params.KindMachineInstance)
-		if err != nil {
-			return params.StatusHistoryResults{}, errors.Annotate(err, "fetching machine instance status history")
-		}
-		statuses = mIStatuses
-	case params.KindMachine:
-		mStatuses, err := c.machineStatusHistory(args.Name, args.Size, params.KindMachine)
-		if err != nil {
-			return params.StatusHistoryResults{}, errors.Annotate(err, "fetching juju agent status history for machine")
+func (c *Client) StatusHistory(request params.StatusHistoryRequests) params.StatusHistoryResults {
+	results := params.StatusHistoryResults{}
+	// TODO(perrito666) the contents of the loop could be split into
+	// a oneHistory method for clarity.
+	for _, request := range request.Requests {
+		filter := status.StatusHistoryFilter{
+			Size:  request.Filter.Size,
+			Date:  request.Filter.Date,
+			Delta: request.Filter.Delta,
+		}
+		if err := filter.Validate(); err != nil {
+			history := params.StatusHistoryResult{
+				Error: common.ServerError(errors.Annotate(err, "cannot validate status history filter")),
+			}
+			results.Results = append(results.Results, history)
+			continue
 		}
-		statuses = mStatuses
-	case params.KindContainerInstance:
-		cIStatuses, err := c.machineStatusHistory(args.Name, args.Size, params.KindContainerInstance)
-		if err != nil {
-			return params.StatusHistoryResults{}, errors.Annotate(err, "fetching container status history")
+
+		var (
+			err  error
+			hist []params.DetailedStatus
+		)
+		kind := status.HistoryKind(request.Kind)
+		err = errors.NotValidf("%q requires a unit, got %t", kind, request.Tag)
+		switch kind {
+		case status.KindUnit, status.KindWorkload, status.KindUnitAgent:
+			var u names.UnitTag
+			if u, err = names.ParseUnitTag(request.Tag); err == nil {
+				hist, err = c.unitStatusHistory(u, filter, kind)
+			}
+		default:
+			var m names.MachineTag
+			if m, err = names.ParseMachineTag(request.Tag); err == nil {
+				hist, err = c.machineStatusHistory(m, filter, kind)
+			}
 		}
-		statuses = cIStatuses
-	case params.KindContainer:
-		cStatuses, err := c.machineStatusHistory(args.Name, args.Size, params.KindContainer)
-		if err != nil {
-			return params.StatusHistoryResults{}, errors.Annotate(err, "fetching juju agent status history for container")
+
+		if err == nil {
+			sort.Sort(byTime(hist))
 		}
-		statuses = cStatuses
+
+		results.Results = append(results.Results,
+			params.StatusHistoryResult{
+				History: params.History{Statuses: hist},
+				Error:   common.ServerError(errors.Annotatef(err, "fetching status history for %q", request.Tag)),
+			})
 	}
-	history.Statuses = statuses
-	sort.Sort(sortableStatuses(history.Statuses))
-	return history, nil
+	return results
 }
 
 // FullStatus gives the information needed for juju status over the api
 func (c *Client) FullStatus(args params.StatusParams) (params.FullStatus, error) {
-	cfg, err := c.api.stateAccessor.ModelConfig()
-	if err != nil {
-		return params.FullStatus{}, errors.Annotate(err, "could not get environ config")
-	}
 	var noStatus params.FullStatus
 	var context statusContext
+	var err error
 	if context.services, context.units, context.latestCharms, err =
-		fetchAllServicesAndUnits(c.api.stateAccessor, len(args.Patterns) <= 0); err != nil {
+		fetchAllApplicationsAndUnits(c.api.stateAccessor, len(args.Patterns) <= 0); err != nil {
 		return noStatus, errors.Annotate(err, "could not fetch services and units")
 	} else if context.machines, err = fetchMachines(c.api.stateAccessor, nil); err != nil {
 		return noStatus, errors.Annotate(err, "could not fetch machines")
@@ -168,7 +166,7 @@
 		return noStatus, errors.Annotate(err, "could not fetch relations")
 	}
 
-	logger.Debugf("Services: %v", context.services)
+	logger.Debugf("Applications: %v", context.services)
 
 	if len(args.Patterns) > 0 {
 		predicate := BuildPredicateFor(args.Patterns)
@@ -200,7 +198,7 @@
 					machineId = ""
 				} else if matchedMachines.Contains(machineId) {
 					// Unit is on a matching machine.
-					matchedSvcs.Add(unit.ServiceName())
+					matchedSvcs.Add(unit.ApplicationName())
 					continue
 				}
 
@@ -215,7 +213,7 @@
 					delete(unitMap, name)
 					continue
 				}
-				matchedSvcs.Add(unit.ServiceName())
+				matchedSvcs.Add(unit.ApplicationName())
 				if machineId != "" {
 					matchedMachines.Add(machineId)
 				}
@@ -228,7 +226,7 @@
 				// There are matched units for this service.
 				continue
 			} else if matches, err := predicate(svc); err != nil {
-				return noStatus, errors.Annotate(err, "could not filter services")
+				return noStatus, errors.Annotate(err, "could not filter applications")
 			} else if !matches {
 				delete(context.services, svcName)
 			}
@@ -256,44 +254,46 @@
 		}
 	}
 
-	newToolsVersion, err := c.newToolsVersionAvailable()
-	if err != nil {
-		return noStatus, errors.Annotate(err, "cannot determine if there is a new tools version available")
-	}
+	modelStatus, err := c.modelStatus()
 	if err != nil {
-		return noStatus, errors.Annotate(err, "cannot determine mongo information")
+		return noStatus, errors.Annotate(err, "cannot determine model status")
 	}
 	return params.FullStatus{
-		ModelName:        cfg.Name(),
-		AvailableVersion: newToolsVersion,
-		Machines:         processMachines(context.machines),
-		Services:         context.processServices(),
-		Relations:        context.processRelations(),
+		Model:        modelStatus,
+		Machines:     processMachines(context.machines),
+		Applications: context.processApplications(),
+		Relations:    context.processRelations(),
 	}, nil
 }
 
 // newToolsVersionAvailable will return a string representing a tools
 // version only if the latest check is newer than current tools.
-func (c *Client) newToolsVersionAvailable() (string, error) {
-	env, err := c.api.stateAccessor.Model()
+func (c *Client) modelStatus() (params.ModelStatusInfo, error) {
+	var info params.ModelStatusInfo
+
+	m, err := c.api.stateAccessor.Model()
 	if err != nil {
-		return "", errors.Annotate(err, "cannot get model")
+		return info, errors.Annotate(err, "cannot get model")
 	}
+	info.Name = m.Name()
+	info.Cloud = m.Cloud()
+	info.CloudRegion = m.CloudRegion()
 
-	latestVersion := env.LatestToolsVersion()
-
-	envConfig, err := c.api.stateAccessor.ModelConfig()
+	cfg, err := m.Config()
 	if err != nil {
-		return "", errors.Annotate(err, "cannot obtain current environ config")
-	}
-	oldV, ok := envConfig.AgentVersion()
-	if !ok {
-		return "", nil
+		return info, errors.Annotate(err, "cannot obtain current model config")
 	}
-	if oldV.Compare(latestVersion) < 0 {
-		return latestVersion.String(), nil
+
+	latestVersion := m.LatestToolsVersion()
+	current, ok := cfg.AgentVersion()
+	if ok {
+		info.Version = current.String()
+		if current.Compare(latestVersion) < 0 {
+			info.AvailableVersion = latestVersion.String()
+		}
 	}
-	return "", nil
+
+	return info, nil
 }
 
 type statusContext struct {
@@ -301,7 +301,7 @@
 	// this machine.
 	machines map[string][]*state.Machine
 	// services: service name -> service
-	services     map[string]*state.Service
+	services     map[string]*state.Application
 	relations    map[string][]*state.Relation
 	units        map[string]map[string]*state.Unit
 	latestCharms map[charm.URL]*state.Charm
@@ -339,17 +339,17 @@
 	return v, nil
 }
 
-// fetchAllServicesAndUnits returns a map from service name to service,
+// fetchAllApplicationsAndUnits returns a map from service name to service,
 // a map from service name to unit name to unit, and a map from base charm URL to latest URL.
-func fetchAllServicesAndUnits(
+func fetchAllApplicationsAndUnits(
 	st stateInterface,
 	matchAny bool,
-) (map[string]*state.Service, map[string]map[string]*state.Unit, map[charm.URL]*state.Charm, error) {
+) (map[string]*state.Application, map[string]map[string]*state.Unit, map[charm.URL]*state.Charm, error) {
 
-	svcMap := make(map[string]*state.Service)
+	svcMap := make(map[string]*state.Application)
 	unitMap := make(map[string]map[string]*state.Unit)
 	latestCharms := make(map[charm.URL]*state.Charm)
-	services, err := st.AllServices()
+	services, err := st.AllApplications()
 	if err != nil {
 		return nil, nil, nil, err
 	}
@@ -365,7 +365,7 @@
 		if matchAny || len(svcUnitMap) > 0 {
 			unitMap[s.Name()] = svcUnitMap
 			svcMap[s.Name()] = s
-			// Record the base URL for the service's charm so that
+			// Record the base URL for the application's charm so that
 			// the latest store revision can be looked up.
 			charmURL, _ := s.CharmURL()
 			if charmURL.Schema == "cs" {
@@ -401,7 +401,7 @@
 	out := make(map[string][]*state.Relation)
 	for _, relation := range relations {
 		for _, ep := range relation.Endpoints() {
-			out[ep.ServiceName] = append(out[ep.ServiceName], relation)
+			out[ep.ApplicationName] = append(out[ep.ApplicationName], relation)
 		}
 	}
 	return out, nil
@@ -498,10 +498,10 @@
 		var relationInterface string
 		for _, ep := range relation.Endpoints() {
 			eps = append(eps, params.EndpointStatus{
-				ServiceName: ep.ServiceName,
-				Name:        ep.Name,
-				Role:        ep.Role,
-				Subordinate: context.isSubordinate(&ep),
+				ApplicationName: ep.ApplicationName,
+				Name:            ep.Name,
+				Role:            string(ep.Role),
+				Subordinate:     context.isSubordinate(&ep),
 			})
 			// these should match on both sides so use the last
 			relationInterface = ep.Interface
@@ -511,7 +511,7 @@
 			Id:        relation.Id(),
 			Key:       relation.String(),
 			Interface: relationInterface,
-			Scope:     scope,
+			Scope:     string(scope),
 			Endpoints: eps,
 		}
 		out = append(out, relStatus)
@@ -536,14 +536,14 @@
 }
 
 func (context *statusContext) isSubordinate(ep *state.Endpoint) bool {
-	service := context.services[ep.ServiceName]
+	service := context.services[ep.ApplicationName]
 	if service == nil {
 		return false
 	}
 	return isSubordinate(ep, service)
 }
 
-func isSubordinate(ep *state.Endpoint, service *state.Service) bool {
+func isSubordinate(ep *state.Endpoint, service *state.Application) bool {
 	return ep.Scope == charm.ScopeContainer && !service.IsPrincipal()
 }
 
@@ -556,18 +556,19 @@
 	return paramsJobs
 }
 
-func (context *statusContext) processServices() map[string]params.ServiceStatus {
-	servicesMap := make(map[string]params.ServiceStatus)
+func (context *statusContext) processApplications() map[string]params.ApplicationStatus {
+	servicesMap := make(map[string]params.ApplicationStatus)
 	for _, s := range context.services {
-		servicesMap[s.Name()] = context.processService(s)
+		servicesMap[s.Name()] = context.processApplication(s)
 	}
 	return servicesMap
 }
 
-func (context *statusContext) processService(service *state.Service) params.ServiceStatus {
+func (context *statusContext) processApplication(service *state.Application) params.ApplicationStatus {
 	serviceCharmURL, _ := service.CharmURL()
-	var processedStatus = params.ServiceStatus{
+	var processedStatus = params.ApplicationStatus{
 		Charm:   serviceCharmURL.String(),
+		Series:  service.Series(),
 		Exposed: service.IsExposed(),
 		Life:    processLife(service),
 	}
@@ -584,20 +585,38 @@
 		processedStatus.Err = err
 		return processedStatus
 	}
+	units := context.units[service.Name()]
 	if service.IsPrincipal() {
-		processedStatus.Units = context.processUnits(context.units[service.Name()], serviceCharmURL.String())
-		serviceStatus, err := service.Status()
+		processedStatus.Units = context.processUnits(units, serviceCharmURL.String())
+		applicationStatus, err := service.Status()
 		if err != nil {
 			processedStatus.Err = err
 			return processedStatus
 		}
-		processedStatus.Status.Status = serviceStatus.Status
-		processedStatus.Status.Info = serviceStatus.Message
-		processedStatus.Status.Data = serviceStatus.Data
-		processedStatus.Status.Since = serviceStatus.Since
+		processedStatus.Status.Status = applicationStatus.Status.String()
+		processedStatus.Status.Info = applicationStatus.Message
+		processedStatus.Status.Data = applicationStatus.Data
+		processedStatus.Status.Since = applicationStatus.Since
 
-		processedStatus.MeterStatuses = context.processUnitMeterStatuses(context.units[service.Name()])
+		processedStatus.MeterStatuses = context.processUnitMeterStatuses(units)
 	}
+
+	versions := make([]status.StatusInfo, 0, len(units))
+	for _, unit := range units {
+		statuses, err := unit.WorkloadVersionHistory().StatusHistory(
+			status.StatusHistoryFilter{Size: 1},
+		)
+		if err != nil {
+			processedStatus.Err = err
+			return processedStatus
+		}
+		versions = append(versions, statuses[0])
+	}
+	if len(versions) > 0 {
+		sort.Sort(bySinceDescending(versions))
+		processedStatus.WorkloadVersion = versions[0].Message
+	}
+
 	return processedStatus
 }
 
@@ -651,6 +670,13 @@
 	if serviceCharm != "" && curl != nil && curl.String() != serviceCharm {
 		result.Charm = curl.String()
 	}
+	workloadVersion, err := unit.WorkloadVersion()
+	if err == nil {
+		result.WorkloadVersion = workloadVersion
+	} else {
+		logger.Debugf("error fetching workload version: %v", err)
+	}
+
 	processUnitAndAgentStatus(unit, &result)
 
 	if subUnits := unit.SubordinateNames(); len(subUnits) > 0 {
@@ -671,7 +697,7 @@
 	return context.units[serviceName][name]
 }
 
-func (context *statusContext) processServiceRelations(service *state.Service) (related map[string][]string, subord []string, err error) {
+func (context *statusContext) processServiceRelations(service *state.Application) (related map[string][]string, subord []string, err error) {
 	subordSet := make(set.Strings)
 	related = make(map[string][]string)
 	relations := context.relations[service.Name()]
@@ -687,9 +713,9 @@
 		}
 		for _, ep := range eps {
 			if isSubordinate(&ep, service) {
-				subordSet.Add(ep.ServiceName)
+				subordSet.Add(ep.ApplicationName)
 			}
-			related[relationName] = append(related[relationName], ep.ServiceName)
+			related[relationName] = append(related[relationName], ep.ApplicationName)
 		}
 	}
 	for relationName, serviceNames := range related {
@@ -719,7 +745,7 @@
 // of a status getter.
 func populateStatusFromStatusInfoAndErr(agent *params.DetailedStatus, statusInfo status.StatusInfo, err error) {
 	agent.Err = err
-	agent.Status = statusInfo.Status
+	agent.Status = statusInfo.Status.String()
 	agent.Info = statusInfo.Message
 	agent.Data = filterStatusData(statusInfo.Data)
 	agent.Since = statusInfo.Since
@@ -739,7 +765,9 @@
 	if out.Err != nil {
 		return
 	}
-	if out.Status == status.StatusPending || out.Status == status.StatusAllocating {
+	// TODO(perrito666) add status validation.
+	outSt := status.Status(out.Status)
+	if outSt == status.StatusPending || outSt == status.StatusAllocating {
 		// The status is pending - there's no point
 		// in enquiring about the agent liveness.
 		return
@@ -764,7 +792,8 @@
 }
 
 func canBeLost(unitStatus *params.UnitStatus) bool {
-	switch unitStatus.AgentStatus.Status {
+	// TODO(perrito666) add status validation.
+	switch status.Status(unitStatus.AgentStatus.Status) {
 	case status.StatusAllocating:
 		return false
 	case status.StatusExecuting:
@@ -773,7 +802,9 @@
 	// TODO(fwereade/wallyworld): we should have an explicit place in the model
 	// to tell us when we've hit this point, instead of piggybacking on top of
 	// status and/or status history.
-	isInstalled := unitStatus.WorkloadStatus.Status != status.StatusMaintenance || unitStatus.WorkloadStatus.Info != status.MessageInstalling
+	// TODO(perrito666) add status validation.
+	wlStatus := status.Status(unitStatus.WorkloadStatus.Status)
+	isInstalled := wlStatus != status.StatusMaintenance || unitStatus.WorkloadStatus.Info != status.MessageInstalling
 	return isInstalled
 }
 
@@ -795,11 +826,14 @@
 		// If the unit is in error, it would be bad to throw away
 		// the error information as when the agent reconnects, that
 		// error information would then be lost.
-		if unitStatus.WorkloadStatus.Status != status.StatusError {
-			unitStatus.WorkloadStatus.Status = status.StatusUnknown
+		// TODO(perrito666) add status validation.
+		wlStatus := status.Status(unitStatus.WorkloadStatus.Status)
+
+		if wlStatus != status.StatusError {
+			unitStatus.WorkloadStatus.Status = status.StatusUnknown.String()
 			unitStatus.WorkloadStatus.Info = fmt.Sprintf("agent is lost, sorry! See 'juju status-history %s'", unit.Name())
 		}
-		unitStatus.AgentStatus.Status = status.StatusLost
+		unitStatus.AgentStatus.Status = status.StatusLost.String()
 		unitStatus.AgentStatus.Info = "agent is not communicating with the server"
 	}
 }
@@ -824,3 +858,14 @@
 	}
 	return ""
 }
+
+type bySinceDescending []status.StatusInfo
+
+// Len implements sort.Interface.
+func (s bySinceDescending) Len() int { return len(s) }
+
+// Swap implements sort.Interface.
+func (s bySinceDescending) Swap(a, b int) { s[a], s[b] = s[b], s[a] }
+
+// Less implements sort.Interface.
+func (s bySinceDescending) Less(a, b int) bool { return s[a].Since.After(*s[b].Since) }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/statushistory_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/statushistory_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/statushistory_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/statushistory_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/client"
 	"github.com/juju/juju/apiserver/params"
@@ -67,18 +67,51 @@
 		c.Assert(thisTimeStamp >= lastTimestamp, jc.IsTrue)
 		lastTimestamp = thisTimeStamp
 		obtainedInfo.Since = nil
-		c.Assert(obtainedInfo.Status, gc.Equals, status.Status(expected[i].Status))
+		c.Assert(obtainedInfo.Status, gc.Equals, expected[i].Status.String())
 		c.Assert(obtainedInfo.Info, gc.Equals, expected[i].Message)
 	}
 }
 
 func (s *statusHistoryTestSuite) TestSizeRequired(c *gc.C) {
-	_, err := s.api.StatusHistory(params.StatusHistoryArgs{
-		Name: "unit",
-		Kind: params.KindUnit,
-		Size: 0,
-	})
-	c.Assert(err, gc.ErrorMatches, "invalid history size: 0")
+	r := s.api.StatusHistory(params.StatusHistoryRequests{
+		Requests: []params.StatusHistoryRequest{{
+			Tag:    "unit-unit-1",
+			Kind:   status.KindUnit.String(),
+			Filter: params.StatusHistoryFilter{Size: 0},
+		}}})
+	c.Assert(r.Results, gc.HasLen, 1)
+	c.Assert(r.Results[0].Error.Message, gc.Equals, "cannot validate status history filter: empty struct not valid")
+}
+
+func (s *statusHistoryTestSuite) TestNoConflictingFilters(c *gc.C) {
+	now := time.Now()
+	r := s.api.StatusHistory(params.StatusHistoryRequests{
+		Requests: []params.StatusHistoryRequest{{
+			Tag:    "unit-unit-1",
+			Kind:   status.KindUnit.String(),
+			Filter: params.StatusHistoryFilter{Size: 1, Date: &now},
+		}}})
+	c.Assert(r.Results, gc.HasLen, 1)
+	c.Assert(r.Results[0].Error.Message, gc.Equals, "cannot validate status history filter: Size and Date together not valid")
+
+	yesterday := time.Hour * 24
+	r = s.api.StatusHistory(params.StatusHistoryRequests{
+		Requests: []params.StatusHistoryRequest{{
+			Tag:    "unit-unit-1",
+			Kind:   status.KindUnit.String(),
+			Filter: params.StatusHistoryFilter{Size: 1, Delta: &yesterday},
+		}}})
+	c.Assert(r.Results, gc.HasLen, 1)
+	c.Assert(r.Results[0].Error.Message, gc.Equals, "cannot validate status history filter: Size and Delta together not valid")
+
+	r = s.api.StatusHistory(params.StatusHistoryRequests{
+		Requests: []params.StatusHistoryRequest{{
+			Tag:    "unit-unit-1",
+			Kind:   status.KindUnit.String(),
+			Filter: params.StatusHistoryFilter{Date: &now, Delta: &yesterday},
+		}}})
+	c.Assert(r.Results, gc.HasLen, 1)
+	c.Assert(r.Results[0].Error.Message, gc.Equals, "cannot validate status history filter: Date and Delta together not valid")
 }
 
 func (s *statusHistoryTestSuite) TestStatusHistoryUnitOnly(c *gc.C) {
@@ -97,13 +130,15 @@
 			Status: status.StatusIdle,
 		},
 	})
-	h, err := s.api.StatusHistory(params.StatusHistoryArgs{
-		Name: "unit/0",
-		Kind: params.KindWorkload,
-		Size: 10,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	checkStatusInfo(c, h.Statuses, reverseStatusInfo(s.st.unitHistory))
+	h := s.api.StatusHistory(params.StatusHistoryRequests{
+		Requests: []params.StatusHistoryRequest{{
+			Tag:    "unit-unit-0",
+			Kind:   status.KindWorkload.String(),
+			Filter: params.StatusHistoryFilter{Size: 10},
+		}}})
+	c.Assert(h.Results, gc.HasLen, 1)
+	c.Assert(h.Results[0].Error, gc.IsNil)
+	checkStatusInfo(c, h.Results[0].History.Statuses, reverseStatusInfo(s.st.unitHistory))
 }
 
 func (s *statusHistoryTestSuite) TestStatusHistoryAgentOnly(c *gc.C) {
@@ -125,13 +160,15 @@
 			Status: status.StatusIdle,
 		},
 	})
-	h, err := s.api.StatusHistory(params.StatusHistoryArgs{
-		Name: "unit/0",
-		Kind: params.KindUnitAgent,
-		Size: 10,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	checkStatusInfo(c, h.Statuses, reverseStatusInfo(s.st.agentHistory))
+	h := s.api.StatusHistory(params.StatusHistoryRequests{
+		Requests: []params.StatusHistoryRequest{{
+			Tag:    "unit-unit-0",
+			Kind:   status.KindUnitAgent.String(),
+			Filter: params.StatusHistoryFilter{Size: 10},
+		}}})
+	c.Assert(h.Results, gc.HasLen, 1)
+	c.Assert(h.Results[0].Error, gc.IsNil)
+	checkStatusInfo(c, h.Results[0].History.Statuses, reverseStatusInfo(s.st.agentHistory))
 }
 
 func (s *statusHistoryTestSuite) TestStatusHistoryCombined(c *gc.C) {
@@ -157,18 +194,20 @@
 			Status: status.StatusIdle,
 		},
 	})
-	h, err := s.api.StatusHistory(params.StatusHistoryArgs{
-		Name: "unit/0",
-		Kind: params.KindUnit,
-		Size: 3,
-	})
-	c.Assert(err, jc.ErrorIsNil)
+	h := s.api.StatusHistory(params.StatusHistoryRequests{
+		Requests: []params.StatusHistoryRequest{{
+			Tag:    "unit-unit-0",
+			Kind:   status.KindUnit.String(),
+			Filter: params.StatusHistoryFilter{Size: 3},
+		}}})
+	c.Assert(h.Results, gc.HasLen, 1)
+	c.Assert(h.Results[0].Error, gc.IsNil)
 	expected := []status.StatusInfo{
 		s.st.agentHistory[1],
 		s.st.unitHistory[0],
 		s.st.agentHistory[0],
 	}
-	checkStatusInfo(c, h.Statuses, expected)
+	checkStatusInfo(c, h.Results[0].History.Statuses, expected)
 }
 
 type mockState struct {
@@ -197,8 +236,8 @@
 	client.Unit
 }
 
-func (m *mockUnit) StatusHistory(size int) ([]status.StatusInfo, error) {
-	return m.status.StatusHistory(size)
+func (m *mockUnit) StatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	return m.status.StatusHistory(filter)
 }
 
 func (m *mockUnit) AgentHistory() status.StatusHistoryGetter {
@@ -211,9 +250,9 @@
 
 type statuses []status.StatusInfo
 
-func (s statuses) StatusHistory(size int) ([]status.StatusInfo, error) {
-	if size > len(s) {
-		size = len(s)
+func (s statuses) StatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	if filter.Size > len(s) {
+		filter.Size = len(s)
 	}
-	return s[:size], nil
+	return s[:filter.Size], nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/status_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/status_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client/status_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client/status_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package client_test
 
 import (
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -39,8 +41,9 @@
 	client := s.APIState.Client()
 	status, err := client.Status(nil)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Check(status.ModelName, gc.Equals, "admin")
-	c.Check(status.Services, gc.HasLen, 0)
+	c.Check(status.Model.Name, gc.Equals, "controller")
+	c.Check(status.Model.Cloud, gc.Equals, "dummy")
+	c.Check(status.Applications, gc.HasLen, 0)
 	c.Check(status.Machines, gc.HasLen, 1)
 	resultMachine, ok := status.Machines[machine.Id()]
 	if !ok {
@@ -79,12 +82,12 @@
 
 func (s *statusUnitTestSuite) TestProcessMachinesWithEmbeddedContainers(c *gc.C) {
 	host := s.MakeMachine(c, &factory.MachineParams{InstanceId: instance.Id("1")})
-	lxcHost := s.MakeMachineNested(c, host.Id(), nil)
+	lxdHost := s.MakeMachineNested(c, host.Id(), nil)
 	machines := map[string][]*state.Machine{
 		host.Id(): {
 			host,
-			lxcHost,
-			s.MakeMachineNested(c, lxcHost.Id(), nil),
+			lxdHost,
+			s.MakeMachineNested(c, lxdHost.Id(), nil),
 			s.MakeMachineNested(c, host.Id(), nil),
 		},
 	}
@@ -94,7 +97,7 @@
 
 	hostContainer := statuses[host.Id()].Containers
 	c.Check(hostContainer, gc.HasLen, 2)
-	c.Check(hostContainer[lxcHost.Id()].Containers, gc.HasLen, 1)
+	c.Check(hostContainer[lxdHost.Id()].Containers, gc.HasLen, 1)
 }
 
 var testUnits = []struct {
@@ -117,7 +120,7 @@
 }
 
 func (s *statusUnitTestSuite) TestMeterStatus(c *gc.C) {
-	service := s.MakeService(c, nil)
+	service := s.MakeApplication(c, nil)
 
 	units, err := service.AllUnits()
 	c.Assert(err, jc.ErrorIsNil)
@@ -137,7 +140,7 @@
 	status, err := client.Status(nil)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(status, gc.NotNil)
-	serviceStatus, ok := status.Services[service.Name()]
+	serviceStatus, ok := status.Applications[service.Name()]
 	c.Assert(ok, gc.Equals, true)
 
 	c.Assert(serviceStatus.MeterStatuses, gc.HasLen, len(testUnits)-1)
@@ -153,6 +156,78 @@
 	}
 }
 
+func addUnitWithVersion(c *gc.C, application *state.Application, version string) *state.Unit {
+	unit, err := application.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	// Ensure that the timestamp on this version record is different
+	// from the previous one.
+	// TODO(babbageclunk): when Application and Unit have clocks, change
+	// that instead of sleeping (lp:1558657)
+	time.Sleep(time.Millisecond * 1)
+	err = unit.SetWorkloadVersion(version)
+	c.Assert(err, jc.ErrorIsNil)
+	return unit
+}
+
+func (s *statusUnitTestSuite) checkAppVersion(c *gc.C, application *state.Application, expectedVersion string) params.ApplicationStatus {
+	client := s.APIState.Client()
+	status, err := client.Status(nil)
+	c.Assert(err, jc.ErrorIsNil)
+	appStatus, found := status.Applications[application.Name()]
+	c.Assert(found, jc.IsTrue)
+	c.Check(appStatus.WorkloadVersion, gc.Equals, expectedVersion)
+	return appStatus
+}
+
+func checkUnitVersion(c *gc.C, appStatus params.ApplicationStatus, unit *state.Unit, expectedVersion string) {
+	unitStatus, found := appStatus.Units[unit.Name()]
+	c.Check(found, jc.IsTrue)
+	c.Check(unitStatus.WorkloadVersion, gc.Equals, expectedVersion)
+}
+
+func (s *statusUnitTestSuite) TestWorkloadVersionLastWins(c *gc.C) {
+	application := s.MakeApplication(c, nil)
+	unit1 := addUnitWithVersion(c, application, "voltron")
+	unit2 := addUnitWithVersion(c, application, "voltron")
+	unit3 := addUnitWithVersion(c, application, "zarkon")
+
+	appStatus := s.checkAppVersion(c, application, "zarkon")
+	checkUnitVersion(c, appStatus, unit1, "voltron")
+	checkUnitVersion(c, appStatus, unit2, "voltron")
+	checkUnitVersion(c, appStatus, unit3, "zarkon")
+}
+
+func (s *statusUnitTestSuite) TestWorkloadVersionSimple(c *gc.C) {
+	application := s.MakeApplication(c, nil)
+	unit1 := addUnitWithVersion(c, application, "voltron")
+
+	appStatus := s.checkAppVersion(c, application, "voltron")
+	checkUnitVersion(c, appStatus, unit1, "voltron")
+}
+
+func (s *statusUnitTestSuite) TestWorkloadVersionBlanksCanWin(c *gc.C) {
+	application := s.MakeApplication(c, nil)
+	unit1 := addUnitWithVersion(c, application, "voltron")
+	unit2 := addUnitWithVersion(c, application, "")
+
+	appStatus := s.checkAppVersion(c, application, "")
+	checkUnitVersion(c, appStatus, unit1, "voltron")
+	checkUnitVersion(c, appStatus, unit2, "")
+}
+
+func (s *statusUnitTestSuite) TestWorkloadVersionNoUnits(c *gc.C) {
+	application := s.MakeApplication(c, nil)
+	s.checkAppVersion(c, application, "")
+}
+
+func (s *statusUnitTestSuite) TestWorkloadVersionOkWithUnset(c *gc.C) {
+	application := s.MakeApplication(c, nil)
+	unit, err := application.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	appStatus := s.checkAppVersion(c, application, "")
+	checkUnitVersion(c, appStatus, unit, "")
+}
+
 type statusUpgradeUnitSuite struct {
 	testing.CharmSuite
 	jujutesting.JujuConnSuite
@@ -198,7 +273,7 @@
 	client := s.APIState.Client()
 	status, _ := client.Status(nil)
 
-	serviceStatus, ok := status.Services["mysql"]
+	serviceStatus, ok := status.Applications["mysql"]
 	c.Assert(ok, gc.Equals, true)
 	c.Assert(serviceStatus.CanUpgradeTo, gc.Equals, "")
 
@@ -209,7 +284,7 @@
 
 	// Check if CanUpgradeTo suggest the latest revision.
 	status, _ = client.Status(nil)
-	serviceStatus, ok = status.Services["mysql"]
+	serviceStatus, ok = status.Applications["mysql"]
 	c.Assert(ok, gc.Equals, true)
 	c.Assert(serviceStatus.CanUpgradeTo, gc.Equals, "cs:quantal/mysql-23")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client_auth_root.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client_auth_root.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client_auth_root.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client_auth_root.go	2016-07-18 19:45:44.000000000 +0000
@@ -34,7 +34,8 @@
 	if err != nil {
 		return nil, err
 	}
-	if r.user.ReadOnly() {
+	// ReadOnly User
+	if r.user.IsReadOnly() {
 		canCall := isCallAllowableByReadOnlyUser(rootName, methodName) ||
 			isCallReadOnly(rootName, methodName)
 		if !canCall {
@@ -42,6 +43,11 @@
 		}
 	}
 
+	// Check if our call requires higher access than the user has.
+	if doesCallRequireAdmin(rootName, methodName) && !r.user.IsAdmin() {
+		return nil, errors.Trace(common.ErrPerm)
+	}
+
 	return caller, nil
 }
 
@@ -54,3 +60,12 @@
 	// endpoint rather than a model oriented one.
 	return restrictedRootNames.Contains(facade)
 }
+
+func doesCallRequireAdmin(facade, method string) bool {
+	// TODO(perrito666) This should filter adding users to controllers.
+	// TODO(perrito666) Add an exaustive list of facades/methods that are
+	// admin only and put them in an authoritative source to be re-used.
+	// TODO(perrito666) This is a stub, the idea is to maintain the current
+	// status of permissions until we decide what goes to admin only.
+	return false
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client_auth_root_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client_auth_root_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/client_auth_root_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/client_auth_root_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -43,19 +43,19 @@
 }
 
 func (s *clientAuthRootSuite) TestNormalUser(c *gc.C) {
-	envUser := s.Factory.MakeModelUser(c, nil)
-	client := newClientAuthRoot(&fakeFinder{}, envUser)
-	s.AssertCallGood(c, client, "Service", 3, "Deploy")
+	modelUser := s.Factory.MakeModelUser(c, nil)
+	client := newClientAuthRoot(&fakeFinder{}, modelUser)
+	s.AssertCallGood(c, client, "Application", 1, "Deploy")
 	s.AssertCallGood(c, client, "UserManager", 1, "UserInfo")
 	s.AssertCallNotImplemented(c, client, "Client", 1, "Unknown")
 	s.AssertCallNotImplemented(c, client, "Unknown", 1, "Method")
 }
 
 func (s *clientAuthRootSuite) TestReadOnlyUser(c *gc.C) {
-	envUser := s.Factory.MakeModelUser(c, &factory.ModelUserParams{Access: state.ModelReadAccess})
-	client := newClientAuthRoot(&fakeFinder{}, envUser)
+	modelUser := s.Factory.MakeModelUser(c, &factory.ModelUserParams{Access: state.ReadAccess})
+	client := newClientAuthRoot(&fakeFinder{}, modelUser)
 	// deploys are bad
-	s.AssertCallErrPerm(c, client, "Service", 3, "Deploy")
+	s.AssertCallErrPerm(c, client, "Application", 1, "Deploy")
 	// read only commands are fine
 	s.AssertCallGood(c, client, "Client", 1, "FullStatus")
 	// calls on the restricted root is also fine
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/backend.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/backend.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/backend.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/backend.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,44 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud
+
+import (
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/state"
+)
+
+type Backend interface {
+	Cloud(cloudName string) (cloud.Cloud, error)
+	CloudCredentials(user names.UserTag, cloudName string) (map[string]cloud.Credential, error)
+	ControllerModel() (Model, error)
+	UpdateCloudCredentials(user names.UserTag, cloudName string, credentials map[string]cloud.Credential) error
+
+	IsControllerAdministrator(names.UserTag) (bool, error)
+
+	Close() error
+}
+
+type stateShim struct {
+	*state.State
+}
+
+func NewStateBackend(st *state.State) Backend {
+	return stateShim{st}
+}
+
+func (s stateShim) ControllerModel() (Model, error) {
+	m, err := s.State.ControllerModel()
+	if err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+type Model interface {
+	Cloud() string
+	CloudCredential() string
+	CloudRegion() string
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/cloud.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/cloud.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/cloud.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/cloud.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,230 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// Package cloud defines an API end point for functions dealing with
+// the controller's cloud definition, and cloud credentials.
+package cloud
+
+import (
+	"github.com/juju/loggo"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/state"
+)
+
+var logger = loggo.GetLogger("juju.apiserver.cloud")
+
+func init() {
+	common.RegisterStandardFacade("Cloud", 1, newFacade)
+}
+
+// CloudAPI implements the model manager interface and is
+// the concrete implementation of the api end point.
+type CloudAPI struct {
+	backend                  Backend
+	authorizer               common.Authorizer
+	apiUser                  names.UserTag
+	getCredentialsAuthFunc   common.GetAuthFunc
+	getCloudDefaultsAuthFunc common.GetAuthFunc
+}
+
+func newFacade(st *state.State, resources *common.Resources, auth common.Authorizer) (*CloudAPI, error) {
+	return NewCloudAPI(NewStateBackend(st), auth)
+}
+
+// NewCloudAPI creates a new API server endpoint for managing the controller's
+// cloud definition and cloud credentials.
+func NewCloudAPI(backend Backend, authorizer common.Authorizer) (*CloudAPI, error) {
+	if !authorizer.AuthClient() {
+		return nil, common.ErrPerm
+	}
+	getUserAuthFunc := func() (common.AuthFunc, error) {
+		authUser, _ := authorizer.GetAuthTag().(names.UserTag)
+		isAdmin, err := backend.IsControllerAdministrator(authUser)
+		if err != nil {
+			return nil, err
+		}
+		return func(tag names.Tag) bool {
+			userTag, ok := tag.(names.UserTag)
+			if !ok {
+				return false
+			}
+			return isAdmin || userTag.Canonical() == authUser.Canonical()
+		}, nil
+	}
+	return &CloudAPI{
+		backend:                  backend,
+		authorizer:               authorizer,
+		getCredentialsAuthFunc:   getUserAuthFunc,
+		getCloudDefaultsAuthFunc: getUserAuthFunc,
+	}, nil
+}
+
+// Cloud returns the cloud definitions for the specified clouds.
+func (mm *CloudAPI) Cloud(args params.Entities) (params.CloudResults, error) {
+	results := params.CloudResults{
+		Results: make([]params.CloudResult, len(args.Entities)),
+	}
+	one := func(arg params.Entity) (*params.Cloud, error) {
+		tag, err := names.ParseCloudTag(arg.Tag)
+		if err != nil {
+			return nil, err
+		}
+		cloud, err := mm.backend.Cloud(tag.Id())
+		if err != nil {
+			return nil, err
+		}
+		authTypes := make([]string, len(cloud.AuthTypes))
+		for i, authType := range cloud.AuthTypes {
+			authTypes[i] = string(authType)
+		}
+		regions := make([]params.CloudRegion, len(cloud.Regions))
+		for i, region := range cloud.Regions {
+			regions[i] = params.CloudRegion{
+				Name:            region.Name,
+				Endpoint:        region.Endpoint,
+				StorageEndpoint: region.StorageEndpoint,
+			}
+		}
+		return &params.Cloud{
+			Type:            cloud.Type,
+			AuthTypes:       authTypes,
+			Endpoint:        cloud.Endpoint,
+			StorageEndpoint: cloud.StorageEndpoint,
+			Regions:         regions,
+		}, nil
+	}
+	for i, arg := range args.Entities {
+		cloud, err := one(arg)
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+		} else {
+			results.Results[i].Cloud = cloud
+		}
+	}
+	return results, nil
+}
+
+// CloudDefaults returns the cloud defaults for a set of users.
+func (mm *CloudAPI) CloudDefaults(args params.Entities) (params.CloudDefaultsResults, error) {
+	results := params.CloudDefaultsResults{
+		Results: make([]params.CloudDefaultsResult, len(args.Entities)),
+	}
+	authFunc, err := mm.getCloudDefaultsAuthFunc()
+	if err != nil {
+		return results, err
+	}
+	controllerModel, err := mm.backend.ControllerModel()
+	if err != nil {
+		return results, err
+	}
+	for i, arg := range args.Entities {
+		userTag, err := names.ParseUserTag(arg.Tag)
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		if !authFunc(userTag) {
+			results.Results[i].Error = common.ServerError(common.ErrPerm)
+			continue
+		}
+		isAdmin, err := mm.backend.IsControllerAdministrator(userTag)
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		cloudDefaults := params.CloudDefaults{
+			CloudTag:    names.NewCloudTag(controllerModel.Cloud()).String(),
+			CloudRegion: controllerModel.CloudRegion(),
+		}
+		if isAdmin {
+			// As a special case, controller admins will default to
+			// using the same credential that was used to bootstrap.
+			cloudDefaults.CloudCredential = controllerModel.CloudCredential()
+		}
+		results.Results[i].Result = &cloudDefaults
+	}
+	return results, nil
+}
+
+// Credentials returns the cloud credentials for a set of users.
+func (mm *CloudAPI) Credentials(args params.UserClouds) (params.CloudCredentialsResults, error) {
+	results := params.CloudCredentialsResults{
+		Results: make([]params.CloudCredentialsResult, len(args.UserClouds)),
+	}
+	authFunc, err := mm.getCredentialsAuthFunc()
+	if err != nil {
+		return results, err
+	}
+	for i, arg := range args.UserClouds {
+		userTag, err := names.ParseUserTag(arg.UserTag)
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		if !authFunc(userTag) {
+			results.Results[i].Error = common.ServerError(common.ErrPerm)
+			continue
+		}
+		cloudTag, err := names.ParseCloudTag(arg.CloudTag)
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		cloudCredentials, err := mm.backend.CloudCredentials(userTag, cloudTag.Id())
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		out := make(map[string]params.CloudCredential)
+		for name, credential := range cloudCredentials {
+			out[name] = params.CloudCredential{
+				string(credential.AuthType()),
+				credential.Attributes(),
+			}
+		}
+		results.Results[i].Credentials = out
+	}
+	return results, nil
+}
+
+// UpdateCredentials updates the cloud credentials for a set of users.
+func (mm *CloudAPI) UpdateCredentials(args params.UsersCloudCredentials) (params.ErrorResults, error) {
+	results := params.ErrorResults{
+		Results: make([]params.ErrorResult, len(args.Users)),
+	}
+	authFunc, err := mm.getCredentialsAuthFunc()
+	if err != nil {
+		return results, err
+	}
+	for i, arg := range args.Users {
+		userTag, err := names.ParseUserTag(arg.UserTag)
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		if !authFunc(userTag) {
+			results.Results[i].Error = common.ServerError(common.ErrPerm)
+			continue
+		}
+		cloudTag, err := names.ParseCloudTag(arg.CloudTag)
+		if err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+		in := make(map[string]cloud.Credential)
+		for name, credential := range arg.Credentials {
+			in[name] = cloud.NewCredential(
+				cloud.AuthType(credential.AuthType), credential.Attributes,
+			)
+		}
+		if err := mm.backend.UpdateCloudCredentials(userTag, cloudTag.Id(), in); err != nil {
+			results.Results[i].Error = common.ServerError(err)
+			continue
+		}
+	}
+	return results, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/cloud_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/cloud_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/cloud_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/cloud_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,291 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud_test
+
+import (
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	cloudfacade "github.com/juju/juju/apiserver/cloud"
+	"github.com/juju/juju/apiserver/params"
+	apiservertesting "github.com/juju/juju/apiserver/testing"
+	"github.com/juju/juju/cloud"
+)
+
+type cloudSuite struct {
+	gitjujutesting.IsolationSuite
+	backend    mockBackend
+	authorizer apiservertesting.FakeAuthorizer
+	api        *cloudfacade.CloudAPI
+}
+
+var _ = gc.Suite(&cloudSuite{})
+
+func (s *cloudSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+	s.authorizer = apiservertesting.FakeAuthorizer{
+		Tag: names.NewUserTag("bruce@local"),
+	}
+	s.backend = mockBackend{
+		cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType, cloud.UserPassAuthType},
+			Regions:   []cloud.Region{{Name: "nether", Endpoint: "endpoint"}},
+		},
+		creds: map[string]cloud.Credential{
+			"one": cloud.NewEmptyCredential(),
+			"two": cloud.NewCredential(cloud.UserPassAuthType, map[string]string{
+				"username": "admin",
+				"password": "adm1n",
+			}),
+		},
+	}
+	var err error
+	s.api, err = cloudfacade.NewCloudAPI(&s.backend, &s.authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *cloudSuite) TestCloud(c *gc.C) {
+	results, err := s.api.Cloud(params.Entities{
+		[]params.Entity{{"cloud-my-cloud"}, {"machine-0"}},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	s.backend.CheckCalls(c, []gitjujutesting.StubCall{
+		{"Cloud", []interface{}{"my-cloud"}},
+	})
+	c.Assert(results.Results, gc.HasLen, 2)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	c.Assert(results.Results[0].Cloud, jc.DeepEquals, &params.Cloud{
+		Type:      "dummy",
+		AuthTypes: []string{"empty", "userpass"},
+		Regions:   []params.CloudRegion{{Name: "nether", Endpoint: "endpoint"}},
+	})
+	c.Assert(results.Results[1].Error, jc.DeepEquals, &params.Error{
+		Message: `"machine-0" is not a valid cloud tag`,
+	})
+}
+
+func (s *cloudSuite) TestCloudDefaults(c *gc.C) {
+	results, err := s.api.CloudDefaults(params.Entities{[]params.Entity{
+		{"machine-0"},
+		{"user-admin"},
+		{"user-bruce"},
+	}})
+	c.Assert(err, jc.ErrorIsNil)
+	s.backend.CheckCallNames(c,
+		"IsControllerAdministrator", // for auth-checking
+		"ControllerModel",
+		"IsControllerAdministrator", // to get default credential
+	)
+	c.Assert(results.Results, gc.HasLen, 3)
+	c.Assert(results.Results[0].Error, jc.DeepEquals, &params.Error{
+		Message: `"machine-0" is not a valid user tag`,
+	})
+	c.Assert(results.Results[1].Error, jc.DeepEquals, &params.Error{
+		Message: "permission denied", Code: params.CodeUnauthorized,
+	})
+	c.Assert(results.Results[2].Error, gc.IsNil)
+	c.Assert(results.Results[2].Result, jc.DeepEquals, &params.CloudDefaults{
+		CloudTag:        "cloud-some-cloud",
+		CloudRegion:     "some-region",
+		CloudCredential: "",
+	})
+}
+
+func (s *cloudSuite) TestCloudDefaultsAdminAccess(c *gc.C) {
+	s.authorizer.Tag = names.NewUserTag("admin@local")
+	results, err := s.api.CloudDefaults(params.Entities{[]params.Entity{
+		{"user-admin"},
+	}})
+	c.Assert(err, jc.ErrorIsNil)
+	s.backend.CheckCallNames(c,
+		"IsControllerAdministrator", // for auth-checking
+		"ControllerModel",
+		"IsControllerAdministrator", // to get default credential
+	)
+	c.Assert(results.Results, gc.HasLen, 1)
+	c.Assert(results.Results[0].Error, gc.IsNil)
+	c.Assert(results.Results[0].Result, jc.DeepEquals, &params.CloudDefaults{
+		CloudTag:        "cloud-some-cloud",
+		CloudRegion:     "some-region",
+		CloudCredential: "some-credential",
+	})
+}
+
+func (s *cloudSuite) TestCredentials(c *gc.C) {
+	results, err := s.api.Credentials(params.UserClouds{[]params.UserCloud{{
+		UserTag:  "machine-0",
+		CloudTag: "cloud-meep",
+	}, {
+		UserTag:  "user-admin",
+		CloudTag: "cloud-meep",
+	}, {
+		UserTag:  "user-bruce",
+		CloudTag: "cloud-meep",
+	}}})
+	c.Assert(err, jc.ErrorIsNil)
+	s.backend.CheckCallNames(c, "IsControllerAdministrator", "CloudCredentials")
+	s.backend.CheckCall(c, 1, "CloudCredentials", names.NewUserTag("bruce"), "meep")
+
+	c.Assert(results.Results, gc.HasLen, 3)
+	c.Assert(results.Results[0].Error, jc.DeepEquals, &params.Error{
+		Message: `"machine-0" is not a valid user tag`,
+	})
+	c.Assert(results.Results[1].Error, jc.DeepEquals, &params.Error{
+		Message: "permission denied", Code: params.CodeUnauthorized,
+	})
+	c.Assert(results.Results[2].Error, gc.IsNil)
+	c.Assert(results.Results[2].Credentials, jc.DeepEquals, map[string]params.CloudCredential{
+		"one": {
+			AuthType: "empty",
+		},
+		"two": {
+			AuthType: "userpass",
+			Attributes: map[string]string{
+				"username": "admin",
+				"password": "adm1n",
+			},
+		},
+	})
+}
+
+func (s *cloudSuite) TestCredentialsAdminAccess(c *gc.C) {
+	s.authorizer.Tag = names.NewUserTag("admin@local")
+	results, err := s.api.Credentials(params.UserClouds{[]params.UserCloud{{
+		UserTag:  "user-julia",
+		CloudTag: "cloud-meep",
+	}}})
+	c.Assert(err, jc.ErrorIsNil)
+	s.backend.CheckCallNames(c, "IsControllerAdministrator", "CloudCredentials")
+	c.Assert(results.Results, gc.HasLen, 1)
+	// admin can access others' credentials
+	c.Assert(results.Results[0].Error, gc.IsNil)
+}
+
+func (s *cloudSuite) TestUpdateCredentials(c *gc.C) {
+	results, err := s.api.UpdateCredentials(params.UsersCloudCredentials{[]params.UserCloudCredentials{{
+		UserTag:  "machine-0",
+		CloudTag: "cloud-meep",
+	}, {
+		UserTag:  "user-admin",
+		CloudTag: "cloud-meep",
+	}, {
+		UserTag:  "user-bruce",
+		CloudTag: "cloud-meep",
+		Credentials: map[string]params.CloudCredential{
+			"three": {
+				AuthType:   "oauth1",
+				Attributes: map[string]string{"token": "foo:bar:baz"},
+			},
+			"four": {
+				AuthType: "access-key",
+				Attributes: map[string]string{
+					"access-key": "foo",
+					"secret-key": "bar",
+				},
+			},
+		},
+	}}})
+	c.Assert(err, jc.ErrorIsNil)
+	s.backend.CheckCallNames(c, "IsControllerAdministrator", "UpdateCloudCredentials")
+	c.Assert(results.Results, gc.HasLen, 3)
+	c.Assert(results.Results[0].Error, jc.DeepEquals, &params.Error{
+		Message: `"machine-0" is not a valid user tag`,
+	})
+	c.Assert(results.Results[1].Error, jc.DeepEquals, &params.Error{
+		Message: "permission denied", Code: params.CodeUnauthorized,
+	})
+	c.Assert(results.Results[2].Error, gc.IsNil)
+
+	s.backend.CheckCall(
+		c, 1, "UpdateCloudCredentials",
+		names.NewUserTag("bruce"),
+		"meep",
+		map[string]cloud.Credential{
+			"three": cloud.NewCredential(
+				cloud.OAuth1AuthType,
+				map[string]string{"token": "foo:bar:baz"},
+			),
+			"four": cloud.NewCredential(
+				cloud.AccessKeyAuthType,
+				map[string]string{"access-key": "foo", "secret-key": "bar"},
+			),
+		},
+	)
+}
+
+func (s *cloudSuite) TestUpdateCredentialsAdminAccess(c *gc.C) {
+	s.authorizer.Tag = names.NewUserTag("admin@local")
+	results, err := s.api.UpdateCredentials(params.UsersCloudCredentials{[]params.UserCloudCredentials{{
+		UserTag:  "user-julia",
+		CloudTag: "cloud-meep",
+		Credentials: map[string]params.CloudCredential{
+			"three": {
+				AuthType:   "oauth1",
+				Attributes: map[string]string{"token": "foo:bar:baz"},
+			},
+		},
+	}}})
+	c.Assert(err, jc.ErrorIsNil)
+	s.backend.CheckCallNames(c, "IsControllerAdministrator", "UpdateCloudCredentials")
+	c.Assert(results.Results, gc.HasLen, 1)
+	// admin can update others' credentials
+	c.Assert(results.Results[0].Error, gc.IsNil)
+}
+
+type mockBackend struct {
+	gitjujutesting.Stub
+	cloud cloud.Cloud
+	creds map[string]cloud.Credential
+}
+
+func (st *mockBackend) IsControllerAdministrator(user names.UserTag) (bool, error) {
+	st.MethodCall(st, "IsControllerAdministrator", user)
+	return user.Canonical() == "admin@local", st.NextErr()
+}
+
+func (st *mockBackend) ControllerModel() (cloudfacade.Model, error) {
+	st.MethodCall(st, "ControllerModel")
+	return &mockModel{"some-cloud", "some-region", "some-credential"}, st.NextErr()
+}
+
+func (st *mockBackend) Cloud(name string) (cloud.Cloud, error) {
+	st.MethodCall(st, "Cloud", name)
+	return st.cloud, st.NextErr()
+}
+
+func (st *mockBackend) CloudCredentials(user names.UserTag, cloudName string) (map[string]cloud.Credential, error) {
+	st.MethodCall(st, "CloudCredentials", user, cloudName)
+	return st.creds, st.NextErr()
+}
+
+func (st *mockBackend) UpdateCloudCredentials(user names.UserTag, cloudName string, creds map[string]cloud.Credential) error {
+	st.MethodCall(st, "UpdateCloudCredentials", user, cloudName, creds)
+	return st.NextErr()
+}
+
+func (st *mockBackend) Close() error {
+	st.MethodCall(st, "Close")
+	return st.NextErr()
+}
+
+type mockModel struct {
+	cloud           string
+	cloudRegion     string
+	cloudCredential string
+}
+
+func (m *mockModel) Cloud() string {
+	return m.cloud
+}
+
+func (m *mockModel) CloudRegion() string {
+	return m.cloudRegion
+}
+
+func (m *mockModel) CloudCredential() string {
+	return m.cloudCredential
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/cloud/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/cloud/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/action.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/action.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/action.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/action.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/action_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/action_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/action_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/action_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/block_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/block_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/block_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/block_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/common_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/common_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"fmt"
 	stdtesting "testing"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	coretesting "github.com/juju/juju/testing"
@@ -95,7 +95,7 @@
 	about:  "tag quxx - both return false",
 	a:      fooAuth,
 	b:      barAuth,
-	tag:    names.NewServiceTag("quxx"),
+	tag:    names.NewApplicationTag("quxx"),
 	expect: false,
 }}
 
@@ -115,9 +115,9 @@
 	}
 }
 
-func u(unit string) names.Tag             { return names.NewUnitTag(unit) }
-func serviceTag(service string) names.Tag { return names.NewServiceTag(service) }
-func m(machine string) names.Tag          { return names.NewMachineTag(machine) }
+func u(unit string) names.Tag                 { return names.NewUnitTag(unit) }
+func ApplicationTag(service string) names.Tag { return names.NewApplicationTag(service) }
+func m(machine string) names.Tag              { return names.NewMachineTag(machine) }
 
 func (s *commonSuite) TestAuthFuncForTagKind(c *gc.C) {
 	// TODO(dimitern): This list of all supported tags and kinds needs
@@ -134,7 +134,7 @@
 		names.NewLocalUserTag("user"),
 		names.NewMachineTag("42"),
 		names.NewRelationTag("wordpress:mysql mysql:db"),
-		names.NewServiceTag("wordpress"),
+		names.NewApplicationTag("wordpress"),
 		names.NewSpaceTag("apps"),
 		names.NewStorageTag("foo/42"),
 		names.NewUnitTag("wordpress/5"),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/controllerconfig.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/controllerconfig.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/controllerconfig.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/controllerconfig.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,33 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package common
+
+import (
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+)
+
+// ControllerConfigAPI implements two common methods for use by various
+// facades - eg Provisioner and ControllerConfig.
+type ControllerConfigAPI struct {
+	st state.ControllerAccessor
+}
+
+// NewControllerConfig returns a new NewControllerConfigAPI.
+func NewControllerConfig(st state.ControllerAccessor) *ControllerConfigAPI {
+	return &ControllerConfigAPI{
+		st: st,
+	}
+}
+
+// ControllerConfig returns the controller's configuration.
+func (s *ControllerConfigAPI) ControllerConfig() (params.ControllerConfigResult, error) {
+	result := params.ControllerConfigResult{}
+	config, err := s.st.ControllerConfig()
+	if err != nil {
+		return result, err
+	}
+	result.Config = params.ControllerConfig(config)
+	return result, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/controllerconfig_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/controllerconfig_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/controllerconfig_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/controllerconfig_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,70 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package common_test
+
+import (
+	"fmt"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/provider/dummy"
+	"github.com/juju/juju/testing"
+)
+
+type controllerConfigSuite struct {
+	testing.BaseSuite
+
+	testingEnvConfig *config.Config
+}
+
+var _ = gc.Suite(&controllerConfigSuite{})
+
+type fakeControllerAccessor struct {
+	controllerConfigError error
+}
+
+func (f *fakeControllerAccessor) ControllerConfig() (controller.Config, error) {
+	if f.controllerConfigError != nil {
+		return nil, f.controllerConfigError
+	}
+	return map[string]interface{}{
+		controller.ControllerUUIDKey: testing.ModelTag.Id(),
+		controller.CACertKey:         testing.CACert,
+		controller.ApiPort:           4321,
+		controller.StatePort:         1234,
+	}, nil
+}
+
+func (s *controllerConfigSuite) TearDownTest(c *gc.C) {
+	dummy.Reset(c)
+	s.BaseSuite.TearDownTest(c)
+}
+
+func (*controllerConfigSuite) TestControllerConfigSuccess(c *gc.C) {
+	cc := common.NewControllerConfig(
+		&fakeControllerAccessor{},
+	)
+	result, err := cc.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(map[string]interface{}(result.Config), jc.DeepEquals, map[string]interface{}{
+		"ca-cert":         testing.CACert,
+		"controller-uuid": "deadbeef-0bad-400d-8000-4b1d0d06f00d",
+		"state-port":      1234,
+		"api-port":        4321,
+	})
+}
+
+func (*controllerConfigSuite) TestControllerConfigFetchError(c *gc.C) {
+	cc := common.NewControllerConfig(
+		&fakeControllerAccessor{
+			controllerConfigError: fmt.Errorf("pow"),
+		},
+	)
+	_, err := cc.ControllerConfig()
+	c.Assert(err, gc.ErrorMatches, "pow")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/ensuredead.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/ensuredead.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/ensuredead.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/ensuredead.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/ensuredead_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/ensuredead_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/ensuredead_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/ensuredead_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/errors.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/errors.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/errors.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/errors.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/apiserver/params"
@@ -89,6 +89,7 @@
 var (
 	ErrBadId              = errors.New("id not found")
 	ErrBadCreds           = errors.New("invalid entity name or password")
+	ErrLoginExpired       = errors.New("login expired")
 	ErrPerm               = errors.New("permission denied")
 	ErrNotLoggedIn        = errors.New("not logged in")
 	ErrUnknownWatcher     = errors.New("unknown watcher id")
@@ -122,6 +123,7 @@
 	lease.ErrClaimDenied:         params.CodeLeaseClaimDenied,
 	ErrBadId:                     params.CodeNotFound,
 	ErrBadCreds:                  params.CodeUnauthorized,
+	ErrLoginExpired:              params.CodeLoginExpired,
 	ErrPerm:                      params.CodeUnauthorized,
 	ErrNotLoggedIn:               params.CodeUnauthorized,
 	ErrUnknownWatcher:            params.CodeNotFound,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/errors_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/errors_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/errors_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/errors_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"net/http"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/txn"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/apiserver/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/getstatus.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/getstatus.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/getstatus.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/getstatus.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
@@ -49,7 +49,7 @@
 	switch getter := entity.(type) {
 	case status.StatusGetter:
 		statusInfo, err := getter.Status()
-		result.Status = statusInfo.Status
+		result.Status = statusInfo.Status.String()
 		result.Info = statusInfo.Message
 		result.Data = statusInfo.Data
 		result.Since = statusInfo.Since
@@ -103,13 +103,13 @@
 }
 
 // Status returns the status of the Service for each given Unit tag.
-func (s *ServiceStatusGetter) Status(args params.Entities) (params.ServiceStatusResults, error) {
-	result := params.ServiceStatusResults{
-		Results: make([]params.ServiceStatusResult, len(args.Entities)),
+func (s *ServiceStatusGetter) Status(args params.Entities) (params.ApplicationStatusResults, error) {
+	result := params.ApplicationStatusResults{
+		Results: make([]params.ApplicationStatusResult, len(args.Entities)),
 	}
 	canAccess, err := s.getCanAccess()
 	if err != nil {
-		return params.ServiceStatusResults{}, err
+		return params.ApplicationStatusResults{}, err
 	}
 
 	for i, arg := range args.Entities {
@@ -142,12 +142,12 @@
 
 		// Now we have the unit, we can get the service that should have been
 		// specified in the first place...
-		serviceId, err := names.UnitService(unitId)
+		serviceId, err := names.UnitApplication(unitId)
 		if err != nil {
 			result.Results[i].Error = ServerError(err)
 			continue
 		}
-		service, err := s.st.Service(serviceId)
+		service, err := s.st.Application(serviceId)
 		if err != nil {
 			result.Results[i].Error = ServerError(err)
 			continue
@@ -167,19 +167,19 @@
 		// ...and collect the results.
 		serviceStatus, unitStatuses, err := service.ServiceAndUnitsStatus()
 		if err != nil {
-			result.Results[i].Service.Error = ServerError(err)
+			result.Results[i].Application.Error = ServerError(err)
 			result.Results[i].Error = ServerError(err)
 			continue
 		}
-		result.Results[i].Service.Status = serviceStatus.Status
-		result.Results[i].Service.Info = serviceStatus.Message
-		result.Results[i].Service.Data = serviceStatus.Data
-		result.Results[i].Service.Since = serviceStatus.Since
+		result.Results[i].Application.Status = serviceStatus.Status.String()
+		result.Results[i].Application.Info = serviceStatus.Message
+		result.Results[i].Application.Data = serviceStatus.Data
+		result.Results[i].Application.Since = serviceStatus.Since
 
 		result.Results[i].Units = make(map[string]params.StatusResult, len(unitStatuses))
 		for uTag, r := range unitStatuses {
 			ur := params.StatusResult{
-				Status: r.Status,
+				Status: r.Status.String(),
 				Info:   r.Message,
 				Data:   r.Data,
 				Since:  r.Since,
@@ -191,11 +191,11 @@
 }
 
 // EntityStatusFromState converts a state.StatusInfo into a params.EntityStatus.
-func EntityStatusFromState(status status.StatusInfo) params.EntityStatus {
+func EntityStatusFromState(statusInfo status.StatusInfo) params.EntityStatus {
 	return params.EntityStatus{
-		status.Status,
-		status.Message,
-		status.Data,
-		status.Since,
+		Status: statusInfo.Status,
+		Info:   statusInfo.Message,
+		Data:   statusInfo.Data,
+		Since:  statusInfo.Since,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/getstatus_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/getstatus_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/getstatus_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/getstatus_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -70,7 +70,7 @@
 	c.Assert(result.Results, gc.HasLen, 1)
 	machineStatus := result.Results[0]
 	c.Assert(machineStatus.Error, gc.IsNil)
-	c.Assert(machineStatus.Status, gc.Equals, status.StatusPending)
+	c.Assert(machineStatus.Status, gc.Equals, status.StatusPending.String())
 }
 
 func (s *statusGetterSuite) TestGetUnitStatus(c *gc.C) {
@@ -87,11 +87,11 @@
 	c.Assert(result.Results, gc.HasLen, 1)
 	unitStatus := result.Results[0]
 	c.Assert(unitStatus.Error, gc.IsNil)
-	c.Assert(unitStatus.Status, gc.Equals, status.StatusMaintenance)
+	c.Assert(unitStatus.Status, gc.Equals, status.StatusMaintenance.String())
 }
 
 func (s *statusGetterSuite) TestGetServiceStatus(c *gc.C) {
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Status: &status.StatusInfo{
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Status: &status.StatusInfo{
 		Status: status.StatusMaintenance,
 	}})
 	result, err := s.getter.Status(params.Entities{[]params.Entity{{
@@ -101,7 +101,7 @@
 	c.Assert(result.Results, gc.HasLen, 1)
 	serviceStatus := result.Results[0]
 	c.Assert(serviceStatus.Error, gc.IsNil)
-	c.Assert(serviceStatus.Status, gc.Equals, status.StatusMaintenance)
+	c.Assert(serviceStatus.Status, gc.Equals, status.StatusMaintenance.String())
 }
 
 func (s *statusGetterSuite) TestBulk(c *gc.C) {
@@ -118,7 +118,7 @@
 	c.Assert(result.Results, gc.HasLen, 3)
 	c.Assert(result.Results[0].Error, jc.Satisfies, params.IsCodeUnauthorized)
 	c.Assert(result.Results[1].Error, gc.IsNil)
-	c.Assert(result.Results[1].Status, gc.Equals, status.StatusPending)
+	c.Assert(result.Results[1].Status, gc.Equals, status.StatusPending.String())
 	c.Assert(result.Results[2].Error, gc.ErrorMatches, `"bad-tag" is not a valid tag`)
 }
 
@@ -179,7 +179,7 @@
 }
 
 func (s *serviceStatusGetterSuite) TestGetServiceStatus(c *gc.C) {
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Status: &status.StatusInfo{
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Status: &status.StatusInfo{
 		Status: status.StatusMaintenance,
 	}})
 	result, err := s.getter.Status(params.Entities{[]params.Entity{{
@@ -210,7 +210,7 @@
 	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Status: &status.StatusInfo{
 		Status: status.StatusMaintenance,
 	}})
-	service, err := unit.Service()
+	service, err := unit.Application()
 	c.Assert(err, jc.ErrorIsNil)
 	s.State.LeadershipClaimer().ClaimLeadership(
 		service.Name(),
@@ -223,14 +223,14 @@
 	c.Assert(result.Results, gc.HasLen, 1)
 	r := result.Results[0]
 	c.Assert(r.Error, gc.IsNil)
-	c.Assert(r.Service.Error, gc.IsNil)
-	c.Assert(r.Service.Status, gc.Equals, status.StatusMaintenance)
+	c.Assert(r.Application.Error, gc.IsNil)
+	c.Assert(r.Application.Status, gc.Equals, status.StatusMaintenance.String())
 	units := r.Units
 	c.Assert(units, gc.HasLen, 1)
 	unitStatus, ok := units[unit.Name()]
 	c.Assert(ok, jc.IsTrue)
 	c.Assert(unitStatus.Error, gc.IsNil)
-	c.Assert(unitStatus.Status, gc.Equals, status.StatusMaintenance)
+	c.Assert(unitStatus.Status, gc.Equals, status.StatusMaintenance.String())
 }
 
 func (s *serviceStatusGetterSuite) TestBulk(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/instanceidgetter.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/instanceidgetter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/instanceidgetter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/instanceidgetter.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package common
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/instanceidgetter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/instanceidgetter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/instanceidgetter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/instanceidgetter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/interfaces.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/interfaces.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/interfaces.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/interfaces.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // AuthFunc returns whether the given entity is available to some operation.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/life.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/life.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/life.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/life.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/life_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/life_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/life_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/life_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,8 +30,6 @@
 		return state.JobHostUnits, nil
 	case multiwatcher.JobManageModel:
 		return state.JobManageModel, nil
-	case multiwatcher.JobManageNetworking:
-		return state.JobManageNetworking, nil
 	default:
 		return -1, errors.Errorf("invalid machine job %q", job)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,9 +29,6 @@
 		name: multiwatcher.JobManageModel,
 		want: state.JobManageModel,
 	}, {
-		name: multiwatcher.JobManageNetworking,
-		want: state.JobManageNetworking,
-	}, {
 		name: "invalid",
 		want: -1,
 		err:  `invalid machine job "invalid"`,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modeldestroy.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modeldestroy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modeldestroy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modeldestroy.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,13 +5,12 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/metricsender"
-	"github.com/juju/juju/state"
 )
 
-var sendMetrics = func(st *state.State) error {
+var sendMetrics = func(st metricsender.MetricsSenderBackend) error {
 	err := metricsender.SendMetrics(st, metricsender.DefaultMetricSender(), metricsender.DefaultMaxBatchesPerSend())
 	return errors.Trace(err)
 }
@@ -21,8 +20,8 @@
 // model. This function assumes that all necessary authentication checks
 // have been done. If the model is a controller hosting other
 // models, they will also be destroyed.
-func DestroyModelIncludingHosted(st *state.State, modelTag names.ModelTag) error {
-	return destroyModel(st, modelTag, true)
+func DestroyModelIncludingHosted(st ModelManagerBackend, systemTag names.ModelTag) error {
+	return destroyModel(st, systemTag, true)
 }
 
 // DestroyModel sets the environment to dying. Cleanup jobs then destroy
@@ -30,11 +29,11 @@
 // model. This function assumes that all necessary authentication checks
 // have been done. An error will be returned if this model is a
 // controller hosting other model.
-func DestroyModel(st *state.State, modelTag names.ModelTag) error {
+func DestroyModel(st ModelManagerBackend, modelTag names.ModelTag) error {
 	return destroyModel(st, modelTag, false)
 }
 
-func destroyModel(st *state.State, modelTag names.ModelTag, destroyHostedModels bool) error {
+func destroyModel(st ModelManagerBackend, modelTag names.ModelTag, destroyHostedModels bool) error {
 	var err error
 	if modelTag != st.ModelTag() {
 		if st, err = st.ForModel(modelTag); err != nil {
@@ -44,17 +43,25 @@
 	}
 
 	if destroyHostedModels {
-		envs, err := st.AllModels()
+		// Check we are operating on the controller state.
+		controllerCfg, err := st.ControllerConfig()
 		if err != nil {
 			return errors.Trace(err)
 		}
-		for _, env := range envs {
-			envSt, err := st.ForModel(env.ModelTag())
-			defer envSt.Close()
+		if modelTag.Id() != controllerCfg.ControllerUUID() {
+			return errors.Errorf("expected controller model UUID %v, got %v", modelTag.Id(), controllerCfg.ControllerUUID())
+		}
+		models, err := st.AllModels()
+		if err != nil {
+			return errors.Trace(err)
+		}
+		for _, model := range models {
+			modelSt, err := st.ForModel(model.ModelTag())
+			defer modelSt.Close()
 			if err != nil {
 				return errors.Trace(err)
 			}
-			check := NewBlockChecker(envSt)
+			check := NewBlockChecker(modelSt)
 			if err = check.DestroyAllowed(); err != nil {
 				return errors.Trace(err)
 			}
@@ -66,24 +73,24 @@
 		}
 	}
 
-	env, err := st.Model()
+	model, err := st.Model()
 	if err != nil {
 		return errors.Trace(err)
 	}
 
 	if destroyHostedModels {
-		if err := env.DestroyIncludingHosted(); err != nil {
+		if err := model.DestroyIncludingHosted(); err != nil {
 			return err
 		}
 	} else {
-		if err = env.Destroy(); err != nil {
+		if err = model.Destroy(); err != nil {
 			return errors.Trace(err)
 		}
 	}
 
 	err = sendMetrics(st)
 	if err != nil {
-		logger.Warningf("failed to send leftover metrics: %v", err)
+		logger.Errorf("failed to send leftover metrics: %v", err)
 	}
 
 	// Return to the caller. If it's the CLI, it will finish up by calling the
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modeldestroy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modeldestroy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modeldestroy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modeldestroy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,15 +7,16 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jtesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/client"
 	"github.com/juju/juju/apiserver/common"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
+	"github.com/juju/juju/apiserver/metricsender"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/juju/testing"
@@ -27,6 +28,7 @@
 type destroyModelSuite struct {
 	testing.JujuConnSuite
 	commontesting.BlockHelper
+	modelManager common.ModelManagerBackend
 }
 
 var _ = gc.Suite(&destroyModelSuite{})
@@ -34,6 +36,7 @@
 func (s *destroyModelSuite) SetUpTest(c *gc.C) {
 	s.JujuConnSuite.SetUpTest(c)
 	s.BlockHelper = commontesting.NewBlockHelper(s.APIState)
+	s.modelManager = common.NewModelManagerBackend(s.State)
 	s.AddCleanup(func(*gc.C) { s.BlockHelper.Close() })
 }
 
@@ -57,20 +60,20 @@
 func (s *destroyModelSuite) setUpInstances(c *gc.C) (m0, m1, m2 *state.Machine) {
 	m0, err := s.State.AddMachine("precise", state.JobManageModel)
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := testing.AssertStartInstance(c, s.Environ, m0.Id())
+	inst, _ := testing.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), m0.Id())
 	err = m0.SetProvisioned(inst.Id(), "fake_nonce", nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	m1, err = s.State.AddMachine("precise", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ = testing.AssertStartInstance(c, s.Environ, m1.Id())
+	inst, _ = testing.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), m1.Id())
 	err = m1.SetProvisioned(inst.Id(), "fake_nonce", nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	m2, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "precise",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, m1.Id(), instance.LXC)
+	}, m1.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	err = m2.SetProvisioned("container0", "fake_nonce", nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -82,7 +85,7 @@
 	jtesting.Stub
 }
 
-func (t *testMetricSender) SendMetrics(st *state.State) error {
+func (t *testMetricSender) SendMetrics(st metricsender.MetricsSenderBackend) error {
 	t.AddCall("SendMetrics")
 	return nil
 }
@@ -91,7 +94,7 @@
 	metricSender := &testMetricSender{}
 	s.PatchValue(common.SendMetrics, metricSender.SendMetrics)
 
-	err := common.DestroyModel(s.State, s.State.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.State.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	metricSender.CheckCalls(c, []jtesting.StubCall{{FuncName: "SendMetrics"}})
@@ -102,11 +105,11 @@
 
 	// If there are any non-manager manual machines in state, DestroyModel will
 	// error. It will not set the Dying flag on the environment.
-	err := common.DestroyModel(s.State, s.State.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.State.ModelTag())
 	c.Assert(err, gc.ErrorMatches, fmt.Sprintf("failed to destroy model: manually provisioned machines must first be destroyed with `juju destroy-machine %s`", nonManager.Id()))
-	env, err := s.State.Model()
+	model, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Life(), gc.Equals, state.Alive)
+	c.Assert(model.Life(), gc.Equals, state.Alive)
 
 	// If we remove the non-manager machine, it should pass.
 	// Manager machines will remain.
@@ -114,11 +117,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = nonManager.Remove()
 	c.Assert(err, jc.ErrorIsNil)
-	err = common.DestroyModel(s.State, s.State.ModelTag())
+	err = common.DestroyModel(s.modelManager, s.State.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
-	err = env.Refresh()
+	err = model.Refresh()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Life(), gc.Equals, state.Dying)
+	c.Assert(model.Life(), gc.Equals, state.Dying)
 
 }
 
@@ -133,10 +136,10 @@
 		c.Assert(inst, gc.NotNil)
 	}
 
-	services, err := s.State.AllServices()
+	services, err := s.State.AllApplications()
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = common.DestroyModel(s.State, s.State.ModelTag())
+	err = common.DestroyModel(s.modelManager, s.State.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	runAllCleanups(c, s.State)
@@ -146,7 +149,7 @@
 	assertLife(c, manager, state.Alive)
 	// Note: we leave the machine in a dead state and rely on the provisioner
 	// to stop the backing instances, remove the dead machines and finally
-	// remove all environment docs from state.
+	// remove all model docs from state.
 	assertLife(c, nonManager, state.Dead)
 
 	//   - all services in state are Dying or Dead (or removed altogether),
@@ -159,10 +162,10 @@
 			c.Assert(s.Life(), gc.Not(gc.Equals), state.Alive)
 		}
 	}
-	//   - environment is Dying or Dead.
-	env, err := s.State.Model()
+	//   - model is Dying or Dead.
+	model, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Life(), gc.Not(gc.Equals), state.Alive)
+	c.Assert(model.Life(), gc.Not(gc.Equals), state.Alive)
 }
 
 func assertLife(c *gc.C, entity state.Living, life state.Life) {
@@ -172,10 +175,10 @@
 }
 
 func (s *destroyModelSuite) TestBlockDestroyDestroyEnvironment(c *gc.C) {
-	// Setup environment
+	// Setup model
 	s.setUpInstances(c)
 	s.BlockDestroyModel(c, "TestBlockDestroyDestroyModel")
-	err := common.DestroyModel(s.State, s.State.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.State.ModelTag())
 	s.AssertBlocked(c, err, "TestBlockDestroyDestroyModel")
 }
 
@@ -190,7 +193,7 @@
 	defer block.Close()
 
 	block.BlockDestroyModel(c, "TestBlockDestroyDestroyModel")
-	err = common.DestroyModelIncludingHosted(s.State, s.State.ModelTag())
+	err = common.DestroyModelIncludingHosted(s.modelManager, s.State.ModelTag())
 	s.AssertBlocked(c, err, "TestBlockDestroyDestroyModel")
 }
 
@@ -198,7 +201,7 @@
 	// Setup model
 	s.setUpInstances(c)
 	s.BlockRemoveObject(c, "TestBlockRemoveDestroyModel")
-	err := common.DestroyModel(s.State, s.State.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.State.ModelTag())
 	s.AssertBlocked(c, err, "TestBlockRemoveDestroyModel")
 }
 
@@ -207,15 +210,18 @@
 	s.setUpInstances(c)
 	// lock model: can't destroy locked model
 	s.BlockAllChanges(c, "TestBlockChangesDestroyModel")
-	err := common.DestroyModel(s.State, s.State.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.State.ModelTag())
 	s.AssertBlocked(c, err, "TestBlockChangesDestroyModel")
 }
 
 type destroyTwoModelsSuite struct {
 	testing.JujuConnSuite
-	otherState     *state.State
-	otherEnvOwner  names.UserTag
-	otherEnvClient *client.Client
+	otherState       *state.State
+	otherModelOwner  names.UserTag
+	otherModelClient *client.Client
+
+	modelManager      common.ModelManagerBackend
+	otherModelManager common.ModelManagerBackend
 }
 
 var _ = gc.Suite(&destroyTwoModelsSuite{})
@@ -224,21 +230,23 @@
 	s.JujuConnSuite.SetUpTest(c)
 	_, err := s.State.AddUser("jess", "jess", "", "test")
 	c.Assert(err, jc.ErrorIsNil)
-	s.otherEnvOwner = names.NewUserTag("jess")
+	s.otherModelOwner = names.NewUserTag("jess")
 	s.otherState = factory.NewFactory(s.State).MakeModel(c, &factory.ModelParams{
-		Owner: s.otherEnvOwner,
+		Owner: s.otherModelOwner,
 		ConfigAttrs: jujutesting.Attrs{
 			"controller": false,
 		},
 	})
+	s.modelManager = common.NewModelManagerBackend(s.State)
+	s.otherModelManager = common.NewModelManagerBackend(s.otherState)
 	s.AddCleanup(func(*gc.C) { s.otherState.Close() })
 
 	// get the client for the other model
 	auth := apiservertesting.FakeAuthorizer{
-		Tag:            s.otherEnvOwner,
+		Tag:            s.otherModelOwner,
 		EnvironManager: false,
 	}
-	s.otherEnvClient, err = client.NewClient(s.otherState, common.NewResources(), auth)
+	s.otherModelClient, err = client.NewClient(s.otherState, common.NewResources(), auth)
 	c.Assert(err, jc.ErrorIsNil)
 
 }
@@ -248,7 +256,7 @@
 	m := otherFactory.MakeMachine(c, nil)
 	otherFactory.MakeMachineNested(c, m.Id(), nil)
 
-	err := common.DestroyModel(s.otherState, s.otherState.ModelTag())
+	err := common.DestroyModel(s.otherModelManager, s.otherState.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Assert that the machines are not removed until the cleanup runs.
@@ -257,13 +265,13 @@
 	runAllCleanups(c, s.otherState)
 	assertAllMachinesDeadAndRemove(c, s.otherState)
 
-	otherEnv, err := s.otherState.Model()
+	otherModel, err := s.otherState.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(otherEnv.Life(), gc.Equals, state.Dying)
+	c.Assert(otherModel.Life(), gc.Equals, state.Dying)
 
 	c.Assert(s.otherState.ProcessDyingModel(), jc.ErrorIsNil)
-	c.Assert(otherEnv.Refresh(), jc.ErrorIsNil)
-	c.Assert(otherEnv.Life(), gc.Equals, state.Dead)
+	c.Assert(otherModel.Refresh(), jc.ErrorIsNil)
+	c.Assert(otherModel.Life(), gc.Equals, state.Dead)
 
 }
 
@@ -298,21 +306,21 @@
 
 	// NOTE: pass in the main test State instance, which is 'bound'
 	// to the controller model.
-	err := common.DestroyModel(s.State, s.otherState.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.otherState.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	runAllCleanups(c, s.otherState)
 	assertAllMachinesDeadAndRemove(c, s.otherState)
 
-	otherEnv, err := s.otherState.Model()
+	otherModel, err := s.otherState.Model()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.otherState.ProcessDyingModel(), jc.ErrorIsNil)
-	c.Assert(otherEnv.Refresh(), jc.ErrorIsNil)
-	c.Assert(otherEnv.Life(), gc.Equals, state.Dead)
+	c.Assert(otherModel.Refresh(), jc.ErrorIsNil)
+	c.Assert(otherModel.Life(), gc.Equals, state.Dead)
 
-	env, err := s.State.Model()
+	model, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Life(), gc.Equals, state.Alive)
+	c.Assert(model.Life(), gc.Equals, state.Alive)
 }
 
 func (s *destroyTwoModelsSuite) TestDestroyControllerAfterNonControllerIsDestroyed(c *gc.C) {
@@ -321,19 +329,19 @@
 	m := otherFactory.MakeMachine(c, nil)
 	otherFactory.MakeMachineNested(c, m.Id(), nil)
 
-	err := common.DestroyModel(s.State, s.State.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.State.ModelTag())
 	c.Assert(err, gc.ErrorMatches, "failed to destroy model: hosting 1 other models")
 
 	needsCleanup, err := s.State.NeedsCleanup()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(needsCleanup, jc.IsFalse)
 
-	err = common.DestroyModel(s.State, s.otherState.ModelTag())
+	err = common.DestroyModel(s.modelManager, s.otherState.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	// The hosted model is Dying, not Dead; we cannot destroy
 	// the controller model until all hosted models are Dead.
-	err = common.DestroyModel(s.State, s.State.ModelTag())
+	err = common.DestroyModel(s.modelManager, s.State.ModelTag())
 	c.Assert(err, gc.ErrorMatches, "failed to destroy model: hosting 1 other models")
 
 	// Continue to take the hosted model down so we can
@@ -342,7 +350,7 @@
 	assertAllMachinesDeadAndRemove(c, s.otherState)
 	c.Assert(s.otherState.ProcessDyingModel(), jc.ErrorIsNil)
 
-	err = common.DestroyModel(s.State, s.State.ModelTag())
+	err = common.DestroyModel(s.modelManager, s.State.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	otherEnv, err := s.otherState.Model()
@@ -363,7 +371,7 @@
 	m := otherFactory.MakeMachine(c, nil)
 	otherFactory.MakeMachineNested(c, m.Id(), nil)
 
-	err := common.DestroyModelIncludingHosted(s.State, s.State.ModelTag())
+	err := common.DestroyModelIncludingHosted(s.modelManager, s.State.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	runAllCleanups(c, s.State)
@@ -381,10 +389,10 @@
 
 	bh.BlockDestroyModel(c, "TestBlockDestroyDestroyModel")
 
-	err := common.DestroyModel(s.State, s.otherState.ModelTag())
+	err := common.DestroyModel(s.modelManager, s.otherState.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = common.DestroyModel(s.State, s.State.ModelTag())
+	err = common.DestroyModel(s.modelManager, s.State.ModelTag())
 	bh.AssertBlocked(c, err, "TestBlockDestroyDestroyModel")
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelmachineswatcher_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelmachineswatcher_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelmachineswatcher_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelmachineswatcher_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package common_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelmanagerinterface.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelmanagerinterface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelmanagerinterface.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelmanagerinterface.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,131 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package common
+
+import (
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/metricsender"
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/status"
+)
+
+// ModelManagerBackend defines methods provided by a state
+// instance used by the model manager apiserver implementation.
+// All the interface methods are defined directly on state.State
+// and are reproduced here for use in tests.
+type ModelManagerBackend interface {
+	environs.EnvironConfigGetter
+	APIHostPortsGetter
+	ToolsStorageGetter
+	BlockGetter
+	metricsender.MetricsSenderBackend
+
+	Cloud(name string) (cloud.Cloud, error)
+	CloudCredentials(user names.UserTag, cloudName string) (map[string]cloud.Credential, error)
+	ModelUUID() string
+	ModelsForUser(names.UserTag) ([]*state.UserModel, error)
+	IsControllerAdministrator(user names.UserTag) (bool, error)
+	NewModel(state.ModelArgs) (Model, ModelManagerBackend, error)
+
+	ControllerModel() (Model, error)
+	ControllerConfig() (controller.Config, error)
+	ForModel(tag names.ModelTag) (ModelManagerBackend, error)
+	Model() (Model, error)
+	AllModels() ([]Model, error)
+	AddModelUser(state.ModelUserSpec) (*state.ModelUser, error)
+	RemoveModelUser(names.UserTag) error
+	ModelUser(names.UserTag) (*state.ModelUser, error)
+	ModelTag() names.ModelTag
+	Close() error
+}
+
+// Model defines methods provided by a state.Model instance.
+// All the interface methods are defined directly on state.Model
+// and are reproduced here for use in tests.
+type Model interface {
+	Config() (*config.Config, error)
+	Life() state.Life
+	ModelTag() names.ModelTag
+	Owner() names.UserTag
+	Status() (status.StatusInfo, error)
+	Cloud() string
+	CloudCredential() string
+	CloudRegion() string
+	Users() ([]ModelUser, error)
+	Destroy() error
+	DestroyIncludingHosted() error
+}
+
+type modelManagerStateShim struct {
+	*state.State
+}
+
+func NewModelManagerBackend(st *state.State) ModelManagerBackend {
+	return modelManagerStateShim{st}
+}
+
+func (st modelManagerStateShim) ControllerModel() (Model, error) {
+	m, err := st.State.ControllerModel()
+	if err != nil {
+		return nil, err
+	}
+	return modelShim{m}, nil
+}
+
+func (st modelManagerStateShim) NewModel(args state.ModelArgs) (Model, ModelManagerBackend, error) {
+	m, otherState, err := st.State.NewModel(args)
+	if err != nil {
+		return nil, nil, err
+	}
+	return modelShim{m}, modelManagerStateShim{otherState}, nil
+}
+
+func (st modelManagerStateShim) ForModel(tag names.ModelTag) (ModelManagerBackend, error) {
+	otherState, err := st.State.ForModel(tag)
+	if err != nil {
+		return nil, err
+	}
+	return modelManagerStateShim{otherState}, nil
+}
+
+func (st modelManagerStateShim) Model() (Model, error) {
+	m, err := st.State.Model()
+	if err != nil {
+		return nil, err
+	}
+	return modelShim{m}, nil
+}
+
+func (st modelManagerStateShim) AllModels() ([]Model, error) {
+	allStateModels, err := st.State.AllModels()
+	if err != nil {
+		return nil, err
+	}
+	all := make([]Model, len(allStateModels))
+	for i, m := range allStateModels {
+		all[i] = modelShim{m}
+	}
+	return all, nil
+}
+
+type modelShim struct {
+	*state.Model
+}
+
+func (m modelShim) Users() ([]ModelUser, error) {
+	stateUsers, err := m.Model.Users()
+	if err != nil {
+		return nil, err
+	}
+	users := make([]ModelUser, len(stateUsers))
+	for i, user := range stateUsers {
+		users[i] = user
+	}
+	return users, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modeluser.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modeluser.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modeluser.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modeluser.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
@@ -16,20 +16,17 @@
 // ModelUser defines the subset of the state.ModelUser type
 // that we require to convert to a params.ModelUserInfo.
 type ModelUser interface {
-	Access() state.ModelAccess
 	DisplayName() string
 	LastConnection() (time.Time, error)
 	UserName() string
 	UserTag() names.UserTag
+	IsReadOnly() bool
+	IsReadWrite() bool
+	IsAdmin() bool
 }
 
 // ModelUserInfo converts *state.ModelUser to params.ModelUserInfo.
 func ModelUserInfo(user ModelUser) (params.ModelUserInfo, error) {
-	access, err := StateToParamsModelAccess(user.Access())
-	if err != nil {
-		return params.ModelUserInfo{}, errors.Trace(err)
-	}
-
 	var lastConn *time.Time
 	userLastConn, err := user.LastConnection()
 	if err == nil {
@@ -38,6 +35,14 @@
 		return params.ModelUserInfo{}, errors.Trace(err)
 	}
 
+	access := params.ModelReadAccess
+	switch {
+	case user.IsAdmin():
+		access = params.ModelAdminAccess
+	case user.IsReadWrite():
+		access = params.ModelWriteAccess
+	}
+
 	userInfo := params.ModelUserInfo{
 		UserName:       user.UserName(),
 		DisplayName:    user.DisplayName(),
@@ -46,14 +51,3 @@
 	}
 	return userInfo, nil
 }
-
-// StateToParamsModelAccess converts state.ModelAccess to params.ModelAccessPermission.
-func StateToParamsModelAccess(stateAccess state.ModelAccess) (params.ModelAccessPermission, error) {
-	switch stateAccess {
-	case state.ModelReadAccess:
-		return params.ModelReadAccess, nil
-	case state.ModelAdminAccess:
-		return params.ModelWriteAccess, nil
-	}
-	return "", errors.Errorf("invalid model access permission %q", stateAccess)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelwatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelwatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelwatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelwatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -37,15 +37,15 @@
 // Note that although the NotifyWatchResult contains an Error field,
 // it's not used because we are only returning a single watcher,
 // so we use the regular error return.
-func (e *ModelWatcher) WatchForModelConfigChanges() (params.NotifyWatchResult, error) {
+func (m *ModelWatcher) WatchForModelConfigChanges() (params.NotifyWatchResult, error) {
 	result := params.NotifyWatchResult{}
-	watch := e.st.WatchForModelConfigChanges()
+	watch := m.st.WatchForModelConfigChanges()
 	// Consume the initial event. Technically, API
 	// calls to Watch 'transmit' the initial event
 	// in the Watch response. But NotifyWatchers
 	// have no state to transmit.
 	if _, ok := <-watch.Changes(); ok {
-		result.NotifyWatcherId = e.resources.Register(watch)
+		result.NotifyWatcherId = m.resources.Register(watch)
 	} else {
 		return result, watcher.EnsureErr(watch)
 	}
@@ -53,16 +53,16 @@
 }
 
 // ModelConfig returns the current environment's configuration.
-func (e *ModelWatcher) ModelConfig() (params.ModelConfigResult, error) {
+func (m *ModelWatcher) ModelConfig() (params.ModelConfigResult, error) {
 	result := params.ModelConfigResult{}
 
-	config, err := e.st.ModelConfig()
+	config, err := m.st.ModelConfig()
 	if err != nil {
 		return result, err
 	}
 	allAttrs := config.AllAttrs()
 
-	if !e.authorizer.AuthModelManager() {
+	if !m.authorizer.AuthModelManager() {
 		// Mask out any secrets in the environment configuration
 		// with values of the same type, so it'll pass validation.
 		//
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelwatcher_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelwatcher_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/modelwatcher_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/modelwatcher_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,15 +6,15 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
 	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
@@ -36,10 +36,7 @@
 }
 
 func (*fakeModelAccessor) WatchForModelConfigChanges() state.NotifyWatcher {
-	w := apiservertesting.NewFakeNotifyWatcher()
-	// Simulate initial event.
-	w.C <- struct{}{}
-	return w
+	return apiservertesting.NewFakeNotifyWatcher()
 }
 
 func (f *fakeModelAccessor) ModelConfig() (*config.Config, error) {
@@ -123,13 +120,15 @@
 }
 
 func testingEnvConfig(c *gc.C) *config.Config {
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		modelcmd.BootstrapContext(testing.Context(c)),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: "dummycontroller",
-			BaseConfig:     dummy.SampleConfig(),
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			ControllerName:   "dummycontroller",
+			BaseConfig:       dummy.SampleConfig(),
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/shims.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/shims.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/shims.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/shims.go	2016-07-18 19:45:44.000000000 +0000
@@ -141,11 +141,6 @@
 	return subnets, nil
 }
 
-type availZoneShim struct{}
-
-func (availZoneShim) Name() string    { return "not-set" }
-func (availZoneShim) Available() bool { return true }
-
 func (s *stateShim) AvailabilityZones() ([]providercommon.AvailabilityZone, error) {
 	// TODO(dimitern): Fix this to get them from state when available!
 	return nil, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/spaces.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/spaces.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/spaces.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/spaces.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,18 +5,17 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/worker/environ"
 )
 
 // SupportsSpaces checks if the environment implements NetworkingEnviron
 // and also if it supports spaces.
-func SupportsSpaces(backing environ.ConfigGetter) error {
+func SupportsSpaces(backing environs.EnvironConfigGetter) error {
 	config, err := backing.ModelConfig()
 	if err != nil {
 		return errors.Annotate(err, "getting model config")
@@ -32,7 +31,7 @@
 	ok, err = netEnv.SupportsSpaces()
 	if !ok {
 		if err != nil && !errors.IsNotSupported(err) {
-			logger.Warningf("checking model spaces support failed with: %v", err)
+			logger.Errorf("checking model spaces support failed with: %v", err)
 		}
 		return errors.NotSupportedf("spaces")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -354,12 +354,6 @@
 		AvailabilityZones: zones,
 		SpaceName:         spaceTag.Id(),
 	}
-	if subnetInfo.AllocatableIPLow != nil {
-		backingInfo.AllocatableIPLow = subnetInfo.AllocatableIPLow.String()
-	}
-	if subnetInfo.AllocatableIPHigh != nil {
-		backingInfo.AllocatableIPHigh = subnetInfo.AllocatableIPHigh.String()
-	}
 	if _, err := api.AddSubnet(backingInfo); err != nil {
 		return errors.Trace(err)
 	}
@@ -439,14 +433,9 @@
 // environs.Networking, an error satisfying errors.IsNotSupported() will be
 // returned.
 func networkingEnviron(api NetworkBacking) (environs.NetworkingEnviron, error) {
-	envConfig, err := api.ModelConfig()
-	if err != nil {
-		return nil, errors.Annotate(err, "getting model config")
-	}
-
-	env, err := environs.New(envConfig)
+	env, err := environs.GetEnviron(api, environs.New)
 	if err != nil {
-		return nil, errors.Annotate(err, "opening model")
+		return nil, errors.Annotate(err, "opening environment")
 	}
 	if netEnv, ok := environs.SupportsNetworking(env); ok {
 		return netEnv, nil
@@ -517,14 +506,9 @@
 // model config. If the model does not support zones, an error satisfying
 // errors.IsNotSupported() will be returned.
 func zonedEnviron(api NetworkBacking) (providercommon.ZonedEnviron, error) {
-	envConfig, err := api.ModelConfig()
-	if err != nil {
-		return nil, errors.Annotate(err, "getting model config")
-	}
-
-	env, err := environs.New(envConfig)
+	env, err := environs.GetEnviron(api, environs.New)
 	if err != nil {
-		return nil, errors.Annotate(err, "opening model")
+		return nil, errors.Annotate(err, "opening environment")
 	}
 	if zonedEnv, ok := env.(providercommon.ZonedEnviron); ok {
 		return zonedEnv, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/subnets_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -181,7 +181,7 @@
 
 	results, err := networkingcommon.AllZones(apiservertesting.BackingInstance)
 	c.Assert(err, gc.ErrorMatches,
-		`cannot update known zones: getting model config: config not found`,
+		`cannot update known zones: opening environment: config not found`,
 	)
 	// Verify the cause is not obscured.
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
@@ -209,7 +209,7 @@
 
 	results, err := networkingcommon.AllZones(apiservertesting.BackingInstance)
 	c.Assert(err, gc.ErrorMatches,
-		`cannot update known zones: opening model: config not valid`,
+		`cannot update known zones: opening environment: config not valid`,
 	)
 	// Verify the cause is not obscured.
 	c.Assert(err, jc.Satisfies, errors.IsNotValid)
@@ -296,7 +296,7 @@
 		SubnetTag: "invalid",
 	}, {
 		// invalid subnet tag (another kind): same as above
-		SubnetTag: "service-bar",
+		SubnetTag: "application-bar",
 	}, {
 		// cached lookup by missing CIDR: not found error
 		SubnetTag: "subnet-1.2.3.0/24",
@@ -433,8 +433,8 @@
 		{"either SubnetTag or SubnetProviderId is required", nil},
 		{"either SubnetTag or SubnetProviderId is required", nil},
 		{"SubnetTag and SubnetProviderId cannot be both set", nil},
-		{"getting model config: config not found", params.IsCodeNotFound},
-		{"opening model: provider not found", params.IsCodeNotFound},
+		{"opening environment: config not found", params.IsCodeNotFound},
+		{"opening environment: provider not found", params.IsCodeNotFound},
 		{"cannot get provider subnets: subnets not found", params.IsCodeNotFound},
 		{`subnet with CIDR "" and ProviderId "missing" not found`, params.IsCodeNotFound},
 		{`subnet with CIDR "" and ProviderId "void" not found`, params.IsCodeNotFound},
@@ -442,7 +442,7 @@
 		{`given SpaceTag is invalid: "unit-foo" is not a valid unit tag`, nil},
 		{`given SpaceTag is invalid: "unit-foo-0" is not a valid space tag`, nil},
 		{`given SubnetTag is invalid: "invalid" is not a valid tag`, nil},
-		{`given SubnetTag is invalid: "service-bar" is not a valid subnet tag`, nil},
+		{`given SubnetTag is invalid: "application-bar" is not a valid subnet tag`, nil},
 		{`subnet with CIDR "1.2.3.0/24" not found`, params.IsCodeNotFound},
 		{
 			`multiple subnets with CIDR "10.10.0.0/24": ` +
@@ -474,24 +474,18 @@
 		ProviderId:        "sn-ipv6",
 		CIDR:              "2001:db8::/32",
 		VLANTag:           0,
-		AllocatableIPHigh: "",
-		AllocatableIPLow:  "",
 		AvailabilityZones: []string{"zone1"},
 		SpaceName:         "dmz",
 	}, {
 		ProviderId:        "vlan-42",
 		CIDR:              "10.30.1.0/24",
 		VLANTag:           42,
-		AllocatableIPHigh: "",
-		AllocatableIPLow:  "",
 		AvailabilityZones: []string{"zone3"},
 		SpaceName:         "private",
 	}, {
 		ProviderId:        "sn-zadf00d",
 		CIDR:              "10.10.0.0/24",
 		VLANTag:           0,
-		AllocatableIPHigh: "10.10.0.100",
-		AllocatableIPLow:  "10.10.0.10",
 		AvailabilityZones: []string{"zone1"},
 		SpaceName:         "private",
 	}}
@@ -541,7 +535,7 @@
 		apiservertesting.BackingCall("AllSpaces"),
 		apiservertesting.BackingCall("AllSpaces"),
 
-		// cacing zones (1st and 2nd attempts)
+		// caching zones (1st and 2nd attempts)
 		apiservertesting.BackingCall("AvailabilityZones"),
 		apiservertesting.BackingCall("AvailabilityZones"),
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/types.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/types.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/types.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/types.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,8 +11,8 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -64,14 +64,6 @@
 	// networks. It's defined by IEEE 802.1Q standard.
 	VLANTag int
 
-	// AllocatableIPHigh and Low describe the allocatable portion of the
-	// subnet. The remainder, if any, is reserved by the provider.
-	// Either both of these must be set or neither, if they're empty it
-	// means that none of the subnet is allocatable. If present they must
-	// be valid IP addresses within the subnet CIDR.
-	AllocatableIPHigh string
-	AllocatableIPLow  string
-
 	// AvailabilityZones describes which availability zone(s) this
 	// subnet is in. It can be empty if the provider does not support
 	// availability zones.
@@ -358,16 +350,11 @@
 	return devicesArgs, devicesAddrs
 }
 
-// ModelConfigGetter is used to get the current model configuration.
-type ModelConfigGetter interface {
-	ModelConfig() (*config.Config, error)
-}
-
 // NetworkingEnvironFromModelConfig constructs and returns
 // environs.NetworkingEnviron using the given configGetter. Returns an error
 // satisfying errors.IsNotSupported() if the model config does not support
 // networking features.
-func NetworkingEnvironFromModelConfig(configGetter ModelConfigGetter) (environs.NetworkingEnviron, error) {
+func NetworkingEnvironFromModelConfig(configGetter environs.EnvironConfigGetter) (environs.NetworkingEnviron, error) {
 	modelConfig, err := configGetter.ModelConfig()
 	if err != nil {
 		return nil, errors.Annotate(err, "failed to get model config")
@@ -375,11 +362,11 @@
 	if modelConfig.Type() == "dummy" {
 		return nil, errors.NotSupportedf("dummy provider network config")
 	}
-	model, err := environs.New(modelConfig)
+	env, err := environs.GetEnviron(configGetter, environs.New)
 	if err != nil {
 		return nil, errors.Annotate(err, "failed to construct a model from config")
 	}
-	netEnviron, supported := environs.SupportsNetworking(model)
+	netEnviron, supported := environs.SupportsNetworking(env)
 	if !supported {
 		// " not supported" will be appended to the message below.
 		return nil, errors.NotSupportedf("model %q networking", modelConfig.Name())
@@ -480,7 +467,7 @@
 
 // MergeProviderAndObservedNetworkConfigs returns the effective, sorted, network
 // configs after merging providerConfig with observedConfig.
-func MergeProviderAndObservedNetworkConfigs(providerConfigs, observedConfigs []params.NetworkConfig) []params.NetworkConfig {
+func MergeProviderAndObservedNetworkConfigs(providerConfigs, observedConfigs []params.NetworkConfig) ([]params.NetworkConfig, error) {
 	providerConfigsByName := make(map[string][]params.NetworkConfig)
 	sortedProviderConfigs := SortNetworkConfigsByParents(providerConfigs)
 	for _, config := range sortedProviderConfigs {
@@ -490,19 +477,16 @@
 
 	jsonProviderConfig, err := NetworkConfigsToIndentedJSON(sortedProviderConfigs)
 	if err != nil {
-		logger.Warningf("cannot serialize provider config %#v as JSON: %v", sortedProviderConfigs, err)
-	} else {
-		logger.Debugf("provider network config of machine:\n%s", jsonProviderConfig)
+		return nil, errors.Annotatef(err, "cannot serialize provider config %#v as JSON", sortedProviderConfigs)
 	}
+	logger.Debugf("provider network config of machine:\n%s", jsonProviderConfig)
 
 	sortedObservedConfigs := SortNetworkConfigsByParents(observedConfigs)
-
 	jsonObservedConfig, err := NetworkConfigsToIndentedJSON(sortedObservedConfigs)
 	if err != nil {
-		logger.Warningf("cannot serialize observed config %#v as JSON: %v", sortedObservedConfigs, err)
-	} else {
-		logger.Debugf("observed network config of machine:\n%s", jsonObservedConfig)
+		return nil, errors.Annotatef(err, "cannot serialize observed config %#v as JSON", sortedObservedConfigs)
 	}
+	logger.Debugf("observed network config of machine:\n%s", jsonObservedConfig)
 
 	var mergedConfigs []params.NetworkConfig
 	for _, config := range sortedObservedConfigs {
@@ -591,10 +575,9 @@
 
 	jsonMergedConfig, err := NetworkConfigsToIndentedJSON(sortedMergedConfigs)
 	if err != nil {
-		logger.Warningf("cannot serialize merged config %#v as JSON: %v", sortedMergedConfigs, err)
-	} else {
-		logger.Debugf("combined machine network config:\n%s", jsonMergedConfig)
+		errors.Annotatef(err, "cannot serialize merged config %#v as JSON", sortedMergedConfigs)
 	}
+	logger.Debugf("combined machine network config:\n%s", jsonMergedConfig)
 
-	return mergedConfigs
+	return mergedConfigs, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/types_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/types_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/networkingcommon/types_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/networkingcommon/types_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -940,7 +940,8 @@
 		for j := 0; j < providerConfigsLength; j++ {
 			shuffledProviderConfigs := shuffleNetworkConfigs(expectedSortedProviderNetworkConfigs)
 
-			mergedConfigs := networkingcommon.MergeProviderAndObservedNetworkConfigs(shuffledProviderConfigs, shuffledObservedConfigs)
+			mergedConfigs, err := networkingcommon.MergeProviderAndObservedNetworkConfigs(shuffledProviderConfigs, shuffledObservedConfigs)
+			c.Assert(err, jc.ErrorIsNil)
 			jsonResult := s.networkConfigsAsJSON(c, mergedConfigs)
 			c.Check(jsonResult, gc.Equals, jsonExpected)
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/password.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/password.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/password.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/password.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/password_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/password_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/password_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/password_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/reboot.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/reboot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/reboot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/reboot.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,8 +1,12 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package common
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/registry.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/registry.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/registry.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/registry.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,8 +11,8 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/featureflag"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common/apihttp"
 	"github.com/juju/juju/state"
@@ -334,7 +334,7 @@
 }
 
 // DefaultHTTPMethods are the HTTP methods supported by default by the API.
-var DefaultHTTPMethods = []string{"GET", "POST", "HEAD", "PUT", "DEL", "OPTIONS"}
+var DefaultHTTPMethods = []string{"GET", "POST", "HEAD", "PUT", "DELETE", "OPTIONS"}
 
 // ResolveAPIEndpoints builds the set of endpoint handlers for all
 // registered API endpoints.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/remove.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/remove_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/remove_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/remove_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/remove_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/resource_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/resource_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/resource_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/resource_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package common_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/setstatus.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/setstatus.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/setstatus.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/setstatus.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,16 +5,17 @@
 
 import (
 	"fmt"
+	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/status"
 )
 
-// ServiceStatusSetter implements a SetServiceStatus method to be
+// ServiceStatusSetter implements a SetApplicationStatus method to be
 // used by facades that can change a service status.
 // This is only slightly less evil than ServiceStatusGetter. We have
 // StatusSetter already; all this does is set the status for the wrong
@@ -76,12 +77,12 @@
 
 		// Now we have the unit, we can get the service that should have been
 		// specified in the first place...
-		serviceId, err := names.UnitService(unitId)
+		serviceId, err := names.UnitApplication(unitId)
 		if err != nil {
 			result.Results[i].Error = ServerError(err)
 			continue
 		}
-		service, err := s.st.Service(serviceId)
+		service, err := s.st.Application(serviceId)
 		if err != nil {
 			result.Results[i].Error = ServerError(err)
 			continue
@@ -100,8 +101,15 @@
 			result.Results[i].Error = ServerError(err)
 			continue
 		}
-
-		if err := service.SetStatus(status.Status(arg.Status), arg.Info, arg.Data); err != nil {
+		// TODO(perrito666) 2016-05-02 lp:1558657
+		now := time.Now()
+		sInfo := status.StatusInfo{
+			Status:  status.Status(arg.Status),
+			Message: arg.Info,
+			Data:    arg.Data,
+			Since:   &now,
+		}
+		if err := service.SetStatus(sInfo); err != nil {
 			result.Results[i].Error = ServerError(err)
 		}
 
@@ -126,16 +134,22 @@
 	}
 }
 
-func (s *StatusSetter) setEntityStatus(tag names.Tag, entityStatus status.Status, info string, data map[string]interface{}) error {
+func (s *StatusSetter) setEntityStatus(tag names.Tag, entityStatus status.Status, info string, data map[string]interface{}, updated *time.Time) error {
 	entity, err := s.st.FindEntity(tag)
 	if err != nil {
 		return err
 	}
 	switch entity := entity.(type) {
-	case *state.Service:
+	case *state.Application:
 		return ErrPerm
 	case status.StatusSetter:
-		return entity.SetStatus(entityStatus, info, data)
+		sInfo := status.StatusInfo{
+			Status:  entityStatus,
+			Message: info,
+			Data:    data,
+			Since:   updated,
+		}
+		return entity.SetStatus(sInfo)
 	default:
 		return NotSupportedError(tag, fmt.Sprintf("setting status, %T", entity))
 	}
@@ -153,6 +167,8 @@
 	if err != nil {
 		return params.ErrorResults{}, err
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
+	now := time.Now()
 	for i, arg := range args.Entities {
 		tag, err := names.ParseTag(arg.Tag)
 		if err != nil {
@@ -161,7 +177,7 @@
 		}
 		err = ErrPerm
 		if canModify(tag) {
-			err = s.setEntityStatus(tag, arg.Status, arg.Info, arg.Data)
+			err = s.setEntityStatus(tag, status.Status(arg.Status), arg.Info, arg.Data, &now)
 		}
 		result.Results[i].Error = ServerError(err)
 	}
@@ -196,7 +212,15 @@
 	if len(newData) > 0 && existingStatusInfo.Status != status.StatusError {
 		return fmt.Errorf("%s is not in an error state", names.ReadableString(tag))
 	}
-	return entity.SetStatus(existingStatusInfo.Status, existingStatusInfo.Message, newData)
+	// TODO(perrito666) 2016-05-02 lp:1558657
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  existingStatusInfo.Status,
+		Message: existingStatusInfo.Message,
+		Data:    newData,
+		Since:   &now,
+	}
+	return entity.SetStatus(sInfo)
 }
 
 // UpdateStatus updates the status data of each given entity.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/setstatus_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/setstatus_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/setstatus_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/setstatus_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -38,7 +38,7 @@
 	s.badTag = tag
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    tag.String(),
-		Status: status.StatusExecuting,
+		Status: status.StatusExecuting.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -48,7 +48,7 @@
 func (s *statusSetterSuite) TestNotATag(c *gc.C) {
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    "not a tag",
-		Status: status.StatusExecuting,
+		Status: status.StatusExecuting.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -58,7 +58,7 @@
 func (s *statusSetterSuite) TestNotFound(c *gc.C) {
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    names.NewMachineTag("42").String(),
-		Status: status.StatusDown,
+		Status: status.StatusDown.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -69,7 +69,7 @@
 	machine := s.Factory.MakeMachine(c, nil)
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    machine.Tag().String(),
-		Status: status.StatusStarted,
+		Status: status.StatusStarted.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -91,7 +91,7 @@
 	}})
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    unit.Tag().String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -108,12 +108,12 @@
 	// Calls to set the status of a service should be going through the
 	// ServiceStatusSetter that checks for leadership, so permission denied
 	// here.
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Status: &status.StatusInfo{
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Status: &status.StatusInfo{
 		Status: status.StatusMaintenance,
 	}})
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    service.Tag().String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -130,10 +130,10 @@
 	s.badTag = names.NewMachineTag("42")
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    s.badTag.String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}, {
 		Tag:    "bad-tag",
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 2)
@@ -162,7 +162,7 @@
 	s.badTag = tag
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    tag.String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -172,7 +172,7 @@
 func (s *serviceStatusSetterSuite) TestNotATag(c *gc.C) {
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    "not a tag",
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -182,7 +182,7 @@
 func (s *serviceStatusSetterSuite) TestNotFound(c *gc.C) {
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    names.NewUnitTag("foo/0").String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -193,7 +193,7 @@
 	machine := s.Factory.MakeMachine(c, nil)
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    machine.Tag().String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -205,12 +205,12 @@
 	// TODO: the correct way to fix this is to have the authorizer on the
 	// simple status setter to check to see if the unit (authTag) is a leader
 	// and able to set the service status. However, that is for another day.
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Status: &status.StatusInfo{
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Status: &status.StatusInfo{
 		Status: status.StatusMaintenance,
 	}})
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    service.Tag().String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -226,7 +226,7 @@
 	}})
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    unit.Tag().String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 1)
@@ -235,11 +235,11 @@
 }
 
 func (s *serviceStatusSetterSuite) TestSetUnitStatusIsLeader(c *gc.C) {
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Status: &status.StatusInfo{
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Status: &status.StatusInfo{
 		Status: status.StatusMaintenance,
 	}})
 	unit := s.Factory.MakeUnit(c, &factory.UnitParams{
-		Service: service,
+		Application: service,
 		Status: &status.StatusInfo{
 			Status: status.StatusMaintenance,
 		}})
@@ -249,7 +249,7 @@
 		time.Minute)
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    unit.Tag().String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 
 	c.Assert(err, jc.ErrorIsNil)
@@ -268,13 +268,13 @@
 	machine := s.Factory.MakeMachine(c, nil)
 	result, err := s.setter.SetStatus(params.SetStatus{[]params.EntityStatusArgs{{
 		Tag:    s.badTag.String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}, {
 		Tag:    machine.Tag().String(),
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}, {
 		Tag:    "bad-tag",
-		Status: status.StatusActive,
+		Status: status.StatusActive.String(),
 	}}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Results, gc.HasLen, 3)
@@ -301,7 +301,7 @@
 
 func (unitAgentFinderSuite) TestFindEntityBadTag(c *gc.C) {
 	ua := &common.UnitAgentFinder{fakeEntityFinder{}}
-	_, err := ua.FindEntity(names.NewServiceTag("foo"))
+	_, err := ua.FindEntity(names.NewApplicationTag("foo"))
 	c.Assert(err, gc.ErrorMatches, "unsupported tag.*")
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/filesystems.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/filesystems.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/filesystems.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/filesystems.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
@@ -18,6 +18,7 @@
 func FilesystemParams(
 	f state.Filesystem,
 	storageInstance state.StorageInstance,
+	modelUUID, controllerUUID string,
 	environConfig *config.Config,
 	poolManager poolmanager.PoolManager,
 ) (params.FilesystemParams, error) {
@@ -36,7 +37,7 @@
 		size = filesystemInfo.Size
 	}
 
-	filesystemTags, err := storageTags(storageInstance, environConfig)
+	filesystemTags, err := storageTags(storageInstance, modelUUID, controllerUUID, environConfig)
 	if err != nil {
 		return params.FilesystemParams{}, errors.Annotate(err, "computing storage tags")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common/storagecommon"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/storage"
@@ -254,12 +253,13 @@
 // if the provider supports them.
 func storageTags(
 	storageInstance state.StorageInstance,
-	cfg *config.Config,
+	modelUUID, controllerUUID string,
+	tagger tags.ResourceTagger,
 ) (map[string]string, error) {
 	storageTags := tags.ResourceTags(
-		names.NewModelTag(cfg.UUID()),
-		names.NewModelTag(cfg.ControllerUUID()),
-		cfg,
+		names.NewModelTag(modelUUID),
+		names.NewModelTag(controllerUUID),
+		tagger,
 	)
 	if storageInstance != nil {
 		storageTags[tags.JujuStorageInstance] = storageInstance.Tag().Id()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/storage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common/storagecommon"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
@@ -174,11 +174,8 @@
 	}
 	s.volume = &fakeVolume{tag: names.NewVolumeTag("0")}
 	s.volumeAttachmentWatcher = apiservertesting.NewFakeNotifyWatcher()
-	s.volumeAttachmentWatcher.C <- struct{}{}
 	s.blockDevicesWatcher = apiservertesting.NewFakeNotifyWatcher()
-	s.blockDevicesWatcher.C <- struct{}{}
 	s.storageAttachmentWatcher = apiservertesting.NewFakeNotifyWatcher()
-	s.storageAttachmentWatcher.C <- struct{}{}
 	s.st = &fakeStorage{
 		storageInstance: func(tag names.StorageTag) (state.StorageInstance, error) {
 			return s.storageInstance, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/volumes.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/volumes.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/volumes.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/volumes.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
@@ -31,6 +31,7 @@
 func VolumeParams(
 	v state.Volume,
 	storageInstance state.StorageInstance,
+	modelUUID, controllerUUID string,
 	environConfig *config.Config,
 	poolManager poolmanager.PoolManager,
 ) (params.VolumeParams, error) {
@@ -49,7 +50,7 @@
 		size = volumeInfo.Size
 	}
 
-	volumeTags, err := storageTags(storageInstance, environConfig)
+	volumeTags, err := storageTags(storageInstance, modelUUID, controllerUUID, environConfig)
 	if err != nil {
 		return params.VolumeParams{}, errors.Annotate(err, "computing storage tags")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/volumes_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/volumes_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/storagecommon/volumes_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/storagecommon/volumes_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package storagecommon_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common/storagecommon"
 	"github.com/juju/juju/apiserver/params"
@@ -38,6 +38,8 @@
 	p, err := storagecommon.VolumeParams(
 		&fakeVolume{tag: tag, params: volumeParams, info: info},
 		nil, // StorageInstance
+		testing.ModelTag.Id(),
+		testing.ModelTag.Id(),
 		testing.CustomModelConfig(c, testing.Attrs{
 			"resource-tags": "a=b c=",
 		}),
@@ -66,6 +68,8 @@
 			Pool: "loop", Size: 1024,
 		}},
 		&fakeStorageInstance{tag: storageTag, owner: unitTag},
+		testing.ModelTag.Id(),
+		testing.ModelTag.Id(),
 		testing.CustomModelConfig(c, nil),
 		&fakePoolManager{},
 	)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/tools.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/tools.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/tools.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/tools.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,12 +8,11 @@
 	"sort"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/config"
 	envtools "github.com/juju/juju/environs/tools"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
@@ -30,10 +29,6 @@
 	ToolsURLs(v version.Binary) ([]string, error)
 }
 
-type ModelConfigGetter interface {
-	ModelConfig() (*config.Config, error)
-}
-
 // APIHostPortsGetter is an interface providing the APIHostPorts method.
 type APIHostPortsGetter interface {
 	// APIHostPorst returns the HostPorts for each API server.
@@ -50,7 +45,7 @@
 // facades.
 type ToolsGetter struct {
 	entityFinder       state.EntityFinder
-	configGetter       ModelConfigGetter
+	configGetter       environs.EnvironConfigGetter
 	toolsStorageGetter ToolsStorageGetter
 	urlGetter          ToolsURLGetter
 	getCanRead         GetAuthFunc
@@ -58,7 +53,7 @@
 
 // NewToolsGetter returns a new ToolsGetter. The GetAuthFunc will be
 // used on each invocation of Tools to determine current permissions.
-func NewToolsGetter(f state.EntityFinder, c ModelConfigGetter, s ToolsStorageGetter, t ToolsURLGetter, getCanRead GetAuthFunc) *ToolsGetter {
+func NewToolsGetter(f state.EntityFinder, c environs.EnvironConfigGetter, s ToolsStorageGetter, t ToolsURLGetter, getCanRead GetAuthFunc) *ToolsGetter {
 	return &ToolsGetter{f, c, s, t, getCanRead}
 }
 
@@ -196,14 +191,14 @@
 }
 
 type ToolsFinder struct {
-	configGetter       ModelConfigGetter
+	configGetter       environs.EnvironConfigGetter
 	toolsStorageGetter ToolsStorageGetter
 	urlGetter          ToolsURLGetter
 }
 
 // NewToolsFinder returns a new ToolsFinder, returning tools
 // with their URLs pointing at the API server.
-func NewToolsFinder(c ModelConfigGetter, s ToolsStorageGetter, t ToolsURLGetter) *ToolsFinder {
+func NewToolsFinder(c environs.EnvironConfigGetter, s ToolsStorageGetter, t ToolsURLGetter) *ToolsFinder {
 	return &ToolsFinder{c, s, t}
 }
 
@@ -258,15 +253,12 @@
 
 	// Look for tools in simplestreams too, but don't replace
 	// any versions found in storage.
-	cfg, err := f.configGetter.ModelConfig()
-	if err != nil {
-		return nil, err
-	}
-	env, err := environs.New(cfg)
+	env, err := environs.GetEnviron(f.configGetter, environs.New)
 	if err != nil {
 		return nil, err
 	}
 	filter := toolsFilter(args)
+	cfg := env.Config()
 	stream := envtools.PreferredStream(&args.Number, cfg.Development(), cfg.AgentStream())
 	simplestreamsList, err := envtoolsFindTools(
 		env, args.MajorVersion, args.MinorVersion, stream, filter,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/tools_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/tools_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/tools_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/tools_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,12 +7,12 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/unitswatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/unitswatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/unitswatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/unitswatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/unitswatcher_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/unitswatcher_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/unitswatcher_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/unitswatcher_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/watch.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/watch.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/watch.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/watch.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/watch_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/watch_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/common/watch_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/common/watch_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -27,10 +27,7 @@
 }
 
 func (a *fakeAgentEntityWatcher) Watch() state.NotifyWatcher {
-	w := apiservertesting.NewFakeNotifyWatcher()
-	// Simulate initial event.
-	w.C <- struct{}{}
-	return w
+	return apiservertesting.NewFakeNotifyWatcher()
 }
 
 func (*agentEntityWatcherSuite) TestWatch(c *gc.C) {
@@ -100,9 +97,7 @@
 
 func (*multiNotifyWatcherSuite) TestMultiNotifyWatcher(c *gc.C) {
 	w0 := apiservertesting.NewFakeNotifyWatcher()
-	w0.C <- struct{}{}
 	w1 := apiservertesting.NewFakeNotifyWatcher()
-	w1.C <- struct{}{}
 
 	mw := common.NewMultiNotifyWatcher(w0, w1)
 	defer statetesting.AssertStop(c, mw)
@@ -122,9 +117,7 @@
 
 func (*multiNotifyWatcherSuite) TestMultiNotifyWatcherStop(c *gc.C) {
 	w0 := apiservertesting.NewFakeNotifyWatcher()
-	w0.C <- struct{}{}
 	w1 := apiservertesting.NewFakeNotifyWatcher()
-	w1.C <- struct{}{}
 
 	mw := common.NewMultiNotifyWatcher(w0, w1)
 	wc := statetesting.NewNotifyWatcherC(c, nopSyncStarter{}, mw)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/controller.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/controller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/controller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/controller.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -22,7 +22,7 @@
 var logger = loggo.GetLogger("juju.apiserver.controller")
 
 func init() {
-	common.RegisterStandardFacade("Controller", 2, NewControllerAPI)
+	common.RegisterStandardFacade("Controller", 3, NewControllerAPI)
 }
 
 // Controller defines the methods on the controller API end point.
@@ -30,6 +30,7 @@
 	AllModels() (params.UserModelList, error)
 	DestroyController(args params.DestroyControllerArgs) error
 	ModelConfig() (params.ModelConfigResults, error)
+	ControllerConfig() (params.ControllerConfigResult, error)
 	ListBlockedModels() (params.ModelBlockInfoList, error)
 	RemoveBlocks(args params.RemoveBlocksArgs) error
 	WatchAllModels() (params.AllWatcherId, error)
@@ -40,6 +41,7 @@
 // ControllerAPI implements the environment manager interface and is
 // the concrete implementation of the api end point.
 type ControllerAPI struct {
+	*common.ControllerConfigAPI
 	state      *state.State
 	authorizer common.Authorizer
 	apiUser    names.UserTag
@@ -72,10 +74,11 @@
 	}
 
 	return &ControllerAPI{
-		state:      st,
-		authorizer: authorizer,
-		apiUser:    apiUser,
-		resources:  resources,
+		ControllerConfigAPI: common.NewControllerConfig(st),
+		state:               st,
+		authorizer:          authorizer,
+		apiUser:             apiUser,
+		resources:           resources,
 	}, nil
 }
 
@@ -184,17 +187,22 @@
 func (s *ControllerAPI) ModelConfig() (params.ModelConfigResults, error) {
 	result := params.ModelConfigResults{}
 
-	controllerEnv, err := s.state.ControllerModel()
+	controllerModel, err := s.state.ControllerModel()
 	if err != nil {
 		return result, errors.Trace(err)
 	}
 
-	config, err := controllerEnv.Config()
+	cfg, err := controllerModel.Config()
 	if err != nil {
 		return result, errors.Trace(err)
 	}
 
-	result.Config = config.AllAttrs()
+	result.Config = make(map[string]params.ConfigValue)
+	for name, val := range cfg.AllAttrs() {
+		result.Config[name] = params.ConfigValue{
+			Value: val,
+		}
+	}
 	return result, nil
 }
 
@@ -351,7 +359,7 @@
 		}
 	}
 
-	services, err := st.AllServices()
+	services, err := st.AllApplications()
 	if err != nil {
 		return status, errors.Trace(err)
 	}
@@ -369,7 +377,7 @@
 		OwnerTag:           env.Owner().String(),
 		Life:               params.Life(env.Life().String()),
 		HostedMachineCount: len(hostedMachines),
-		ServiceCount:       len(services),
+		ApplicationCount:   len(services),
 	}, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/controller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/controller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/controller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/controller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver"
 	"github.com/juju/juju/apiserver/common"
@@ -95,7 +95,7 @@
 	response, err := s.controller.AllModels()
 	c.Assert(err, jc.ErrorIsNil)
 	// The results are sorted.
-	expected := []string{"admin", "no-access", "owned", "user"}
+	expected := []string{"controller", "no-access", "owned", "user"}
 	var obtained []string
 	for _, env := range response.UserModels {
 		obtained = append(obtained, env.Name)
@@ -121,7 +121,7 @@
 
 	c.Assert(list.Models, jc.DeepEquals, []params.ModelBlockInfo{
 		params.ModelBlockInfo{
-			Name:     "admin",
+			Name:     "controller",
 			UUID:     s.State.ModelUUID(),
 			OwnerTag: s.AdminUserTag(c).String(),
 			Blocks: []string{
@@ -151,7 +151,7 @@
 func (s *controllerSuite) TestModelConfig(c *gc.C) {
 	env, err := s.controller.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Config["name"], gc.Equals, "admin")
+	c.Assert(env.Config["name"], jc.DeepEquals, params.ConfigValue{Value: "controller"})
 }
 
 func (s *controllerSuite) TestModelConfigFromNonController(c *gc.C) {
@@ -162,9 +162,36 @@
 	authorizer := &apiservertesting.FakeAuthorizer{Tag: s.AdminUserTag(c)}
 	controller, err := controller.NewControllerAPI(st, common.NewResources(), authorizer)
 	c.Assert(err, jc.ErrorIsNil)
-	env, err := controller.ModelConfig()
+	cfg, err := controller.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Config["name"], gc.Equals, "admin")
+	c.Assert(cfg.Config["name"], jc.DeepEquals, params.ConfigValue{Value: "controller"})
+}
+
+func (s *controllerSuite) TestControllerConfig(c *gc.C) {
+	cfg, err := s.controller.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	cfgFromDB, err := s.State.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg.Config["controller-uuid"], gc.Equals, cfgFromDB.ControllerUUID())
+	c.Assert(cfg.Config["state-port"], gc.Equals, cfgFromDB.StatePort())
+	c.Assert(cfg.Config["api-port"], gc.Equals, cfgFromDB.APIPort())
+}
+
+func (s *controllerSuite) TestControllerConfigFromNonController(c *gc.C) {
+	st := s.Factory.MakeModel(c, &factory.ModelParams{
+		Name: "test"})
+	defer st.Close()
+
+	authorizer := &apiservertesting.FakeAuthorizer{Tag: s.AdminUserTag(c)}
+	controller, err := controller.NewControllerAPI(st, common.NewResources(), authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+	cfg, err := controller.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	cfgFromDB, err := s.State.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg.Config["controller-uuid"], gc.Equals, cfgFromDB.ControllerUUID())
+	c.Assert(cfg.Config["state-port"], gc.Equals, cfgFromDB.StatePort())
+	c.Assert(cfg.Config["api-port"], gc.Equals, cfgFromDB.APIPort())
 }
 
 func (s *controllerSuite) TestRemoveBlocks(c *gc.C) {
@@ -234,14 +261,14 @@
 
 	s.Factory.MakeMachine(c, &factory.MachineParams{Jobs: []state.MachineJob{state.JobManageModel}})
 	s.Factory.MakeMachine(c, &factory.MachineParams{Jobs: []state.MachineJob{state.JobHostUnits}})
-	s.Factory.MakeService(c, &factory.ServiceParams{
+	s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: s.Factory.MakeCharm(c, nil),
 	})
 
 	otherFactory := factory.NewFactory(otherSt)
 	otherFactory.MakeMachine(c, nil)
 	otherFactory.MakeMachine(c, nil)
-	otherFactory.MakeService(c, &factory.ServiceParams{
+	otherFactory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: otherFactory.MakeCharm(c, nil),
 	})
 
@@ -256,13 +283,13 @@
 	c.Assert(results.Results, gc.DeepEquals, []params.ModelStatus{{
 		ModelTag:           controllerEnvTag,
 		HostedMachineCount: 1,
-		ServiceCount:       1,
+		ApplicationCount:   1,
 		OwnerTag:           "user-admin@local",
 		Life:               params.Alive,
 	}, {
 		ModelTag:           hostedEnvTag,
 		HostedMachineCount: 2,
-		ServiceCount:       1,
+		ApplicationCount:   1,
 		OwnerTag:           otherEnvOwner.UserTag().String(),
 		Life:               params.Alive,
 	}})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/destroy.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/destroy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/destroy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/destroy.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,11 +20,12 @@
 // that it should wait for hosted models to be completely cleaned up
 // before proceeding.
 func (s *ControllerAPI) DestroyController(args params.DestroyControllerArgs) error {
-	controllerEnv, err := s.state.ControllerModel()
+	st := common.NewModelManagerBackend(s.state)
+	controllerModel, err := st.ControllerModel()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	systemTag := controllerEnv.ModelTag()
+	systemTag := controllerModel.ModelTag()
 
 	if err = s.ensureNotBlocked(args); err != nil {
 		return errors.Trace(err)
@@ -35,9 +36,9 @@
 	// models sneaking in. If we are not destroying hosted models,
 	// this will fail if any hosted models are found.
 	if args.DestroyModels {
-		return errors.Trace(common.DestroyModelIncludingHosted(s.state, systemTag))
+		return errors.Trace(common.DestroyModelIncludingHosted(st, systemTag))
 	}
-	if err := common.DestroyModel(s.state, systemTag); err != nil {
+	if err := common.DestroyModel(st, systemTag); err != nil {
 		return errors.Trace(err)
 	}
 	return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/destroy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/destroy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/controller/destroy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/controller/destroy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package controller_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
@@ -31,9 +31,10 @@
 
 	controller *controller.ControllerAPI
 
-	otherState     *state.State
-	otherEnvOwner  names.UserTag
-	otherModelUUID string
+	otherState          *state.State
+	otherEnvOwner       names.UserTag
+	otherModelUUID      string
+	modelManagerBackend common.ModelManagerBackend
 }
 
 var _ = gc.Suite(&destroyControllerSuite{})
@@ -64,6 +65,7 @@
 	})
 	s.AddCleanup(func(c *gc.C) { s.otherState.Close() })
 	s.otherModelUUID = s.otherState.ModelUUID()
+	s.modelManagerBackend = common.NewModelManagerBackend(s.State)
 }
 
 func (s *destroyControllerSuite) TestDestroyControllerKillErrsOnHostedEnvsWithBlocks(c *gc.C) {
@@ -127,7 +129,7 @@
 }
 
 func (s *destroyControllerSuite) TestDestroyControllerNoHostedEnvs(c *gc.C) {
-	err := common.DestroyModel(s.State, s.otherState.ModelTag())
+	err := common.DestroyModel(s.modelManagerBackend, s.otherState.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = s.controller.DestroyController(params.DestroyControllerArgs{})
@@ -139,7 +141,7 @@
 }
 
 func (s *destroyControllerSuite) TestDestroyControllerErrsOnNoHostedEnvsWithBlock(c *gc.C) {
-	err := common.DestroyModel(s.State, s.otherState.ModelTag())
+	err := common.DestroyModel(s.modelManagerBackend, s.otherState.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.BlockDestroyModel(c, "TestBlockDestroyModel")
@@ -153,7 +155,7 @@
 }
 
 func (s *destroyControllerSuite) TestDestroyControllerNoHostedEnvsWithBlockFail(c *gc.C) {
-	err := common.DestroyModel(s.State, s.otherState.ModelTag())
+	err := common.DestroyModel(s.modelManagerBackend, s.otherState.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.BlockDestroyModel(c, "TestBlockDestroyModel")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog_db.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog_db.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog_db.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog_db.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,7 +18,7 @@
 }
 
 func handleDebugLogDBRequest(
-	st state.LoggingState,
+	st state.LogTailerState,
 	reqParams *debugLogParams,
 	socket debugLogSocket,
 	stop <-chan struct{},
@@ -90,6 +90,6 @@
 
 var newLogTailer = _newLogTailer // For replacing in tests
 
-func _newLogTailer(st state.LoggingState, params *state.LogTailerParams) (state.LogTailer, error) {
+func _newLogTailer(st state.LogTailerState, params *state.LogTailerParams) (state.LogTailer, error) {
 	return state.NewLogTailer(st, params)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog_db_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog_db_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog_db_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog_db_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,6 +10,7 @@
 	"github.com/juju/loggo"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	coretesting "github.com/juju/juju/testing"
@@ -40,7 +41,7 @@
 	}
 
 	called := false
-	s.PatchValue(&newLogTailer, func(_ state.LoggingState, params *state.LogTailerParams) (state.LogTailer, error) {
+	s.PatchValue(&newLogTailer, func(_ state.LogTailerState, params *state.LogTailerParams) (state.LogTailer, error) {
 		called = true
 
 		// Start time will be used once the client is extended to send
@@ -71,7 +72,7 @@
 	}
 
 	called := false
-	s.PatchValue(&newLogTailer, func(_ state.LoggingState, params *state.LogTailerParams) (state.LogTailer, error) {
+	s.PatchValue(&newLogTailer, func(_ state.LogTailerState, params *state.LogTailerParams) (state.LogTailer, error) {
 		called = true
 
 		c.Assert(params.StartTime.IsZero(), jc.IsTrue)
@@ -92,7 +93,7 @@
 	tailer := newFakeLogTailer()
 	tailer.logsCh <- &state.LogRecord{
 		Time:     time.Date(2015, 6, 19, 15, 34, 37, 0, time.UTC),
-		Entity:   "machine-99",
+		Entity:   names.NewMachineTag("99"),
 		Module:   "some.where",
 		Location: "code.go:42",
 		Level:    loggo.INFO,
@@ -100,13 +101,13 @@
 	}
 	tailer.logsCh <- &state.LogRecord{
 		Time:     time.Date(2015, 6, 19, 15, 36, 40, 0, time.UTC),
-		Entity:   "unit-foo-2",
+		Entity:   names.NewUnitTag("foo/2"),
 		Module:   "else.where",
 		Location: "go.go:22",
 		Level:    loggo.ERROR,
 		Message:  "whoops",
 	}
-	s.PatchValue(&newLogTailer, func(_ state.LoggingState, params *state.LogTailerParams) (state.LogTailer, error) {
+	s.PatchValue(&newLogTailer, func(_ state.LogTailerState, params *state.LogTailerParams) (state.LogTailer, error) {
 		return tailer, nil
 	})
 
@@ -126,7 +127,7 @@
 
 func (s *debugLogDBIntSuite) TestRequestStopsWhenTailerStops(c *gc.C) {
 	tailer := newFakeLogTailer()
-	s.PatchValue(&newLogTailer, func(_ state.LoggingState, params *state.LogTailerParams) (state.LogTailer, error) {
+	s.PatchValue(&newLogTailer, func(_ state.LogTailerState, params *state.LogTailerParams) (state.LogTailer, error) {
 		close(tailer.logsCh) // make the request stop immediately
 		return tailer, nil
 	})
@@ -142,14 +143,14 @@
 	for i := 0; i < 5; i++ {
 		tailer.logsCh <- &state.LogRecord{
 			Time:     time.Date(2015, 6, 19, 15, 34, 37, 0, time.UTC),
-			Entity:   "machine-99",
+			Entity:   names.NewMachineTag("99"),
 			Module:   "some.where",
 			Location: "code.go:42",
 			Level:    loggo.INFO,
 			Message:  "stuff happened",
 		}
 	}
-	s.PatchValue(&newLogTailer, func(_ state.LoggingState, params *state.LogTailerParams) (state.LogTailer, error) {
+	s.PatchValue(&newLogTailer, func(_ state.LogTailerState, params *state.LogTailerParams) (state.LogTailer, error) {
 		return tailer, nil
 	})
 
@@ -197,7 +198,7 @@
 }
 
 type fakeState struct {
-	state.LoggingState
+	state.LogTailerState
 }
 
 func newFakeLogTailer() *fakeLogTailer {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,7 +31,7 @@
 }
 
 type debugLogHandlerFunc func(
-	state.LoggingState,
+	state.LogTailerState,
 	*debugLogParams,
 	debugLogSocket,
 	<-chan struct{},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/debuglog_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/debuglog_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -62,7 +62,7 @@
 	defer conn.Close()
 	reader := bufio.NewReader(conn)
 
-	assertJSONError(c, reader, "invalid entity name or password")
+	assertJSONError(c, reader, "tag kind machine not valid")
 	s.assertWebsocketClosed(c, reader)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/deployer/deployer.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/deployer/deployer.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/deployer/deployer.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/deployer/deployer.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/deployer/deployer_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/deployer/deployer_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/deployer/deployer_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/deployer/deployer_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,8 +31,8 @@
 
 	authorizer apiservertesting.FakeAuthorizer
 
-	service0     *state.Service
-	service1     *state.Service
+	service0     *state.Application
+	service1     *state.Application
 	machine0     *state.Machine
 	machine1     *state.Machine
 	principal0   *state.Unit
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/discoverspaces/discoverspaces_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/discoverspaces/discoverspaces_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/discoverspaces/discoverspaces_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/discoverspaces/discoverspaces_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/discoverspaces"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/diskmanager/diskmanager.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/diskmanager/diskmanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/diskmanager/diskmanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/diskmanager/diskmanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package diskmanager
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/diskmanager/diskmanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/diskmanager/diskmanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/diskmanager/diskmanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/diskmanager/diskmanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/diskmanager"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,13 +8,14 @@
 	"net"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/apiserver/authentication"
 	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/observer"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/rpc"
 	"github.com/juju/juju/state"
@@ -98,7 +99,7 @@
 		state:    srvSt,
 		tag:      names.NewMachineTag("0"),
 	}
-	h, err := newApiHandler(srv, st, nil, nil, st.ModelUUID())
+	h, err := newApiHandler(srv, st, nil, st.ModelUUID())
 	c.Assert(err, jc.ErrorIsNil)
 	return h, h.getResources()
 }
@@ -111,7 +112,7 @@
 }
 
 // TestingRestrictedApiHandler returns a restricted srvRoot as if accessed
-// from the root of the API path with a recent (verison > 1) login.
+// from the root of the API path.
 func TestingRestrictedApiHandler(st *state.State) rpc.MethodFinder {
 	r := TestingApiRoot(st)
 	return newRestrictedRoot(r)
@@ -119,7 +120,7 @@
 
 type preFacadeAdminApi struct{}
 
-func newPreFacadeAdminApi(srv *Server, root *apiHandler, reqNotifier *requestNotifier) interface{} {
+func newPreFacadeAdminApi(srv *Server, root *apiHandler, observer observer.Observer) interface{} {
 	return &preFacadeAdminApi{}
 }
 
@@ -137,7 +138,7 @@
 
 type failAdminApi struct{}
 
-func newFailAdminApi(srv *Server, root *apiHandler, reqNotifier *requestNotifier) interface{} {
+func newFailAdminApi(srv *Server, root *apiHandler, observer observer.Observer) interface{} {
 	return &failAdminApi{}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/firewaller/firewaller_base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/firewaller/firewaller_base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/firewaller/firewaller_base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/firewaller/firewaller_base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,7 +24,7 @@
 	testing.JujuConnSuite
 
 	machines []*state.Machine
-	service  *state.Service
+	service  *state.Application
 	charm    *state.Charm
 	units    []*state.Unit
 
@@ -110,7 +110,7 @@
 			{Life: "alive"},
 			{Error: apiservertesting.NotFoundError("machine 42")},
 			{Error: apiservertesting.NotFoundError(`unit "foo/0"`)},
-			{Error: apiservertesting.NotFoundError(`service "bar"`)},
+			{Error: apiservertesting.NotFoundError(`application "bar"`)},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
@@ -233,7 +233,7 @@
 				{NotifyWatcherId: "2"},
 				{Error: apiservertesting.ErrUnauthorized},
 				{Error: apiservertesting.NotFoundError(`unit "foo/0"`)},
-				{Error: apiservertesting.NotFoundError(`service "bar"`)},
+				{Error: apiservertesting.NotFoundError(`application "bar"`)},
 				{Error: apiservertesting.ErrUnauthorized},
 				{Error: apiservertesting.ErrUnauthorized},
 				{Error: apiservertesting.ErrUnauthorized},
@@ -247,7 +247,7 @@
 				{Error: apiservertesting.ErrUnauthorized},
 				{Error: apiservertesting.ErrUnauthorized},
 				{Error: apiservertesting.ErrUnauthorized},
-				{Error: apiservertesting.NotFoundError(`service "bar"`)},
+				{Error: apiservertesting.NotFoundError(`application "bar"`)},
 				{Error: apiservertesting.ErrUnauthorized},
 				{Error: apiservertesting.ErrUnauthorized},
 				{Error: apiservertesting.ErrUnauthorized},
@@ -342,14 +342,14 @@
 			{Result: true},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
-			{Error: apiservertesting.NotFoundError(`service "bar"`)},
+			{Error: apiservertesting.NotFoundError(`application "bar"`)},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
 		},
 	})
 
-	// Now reset the exposed flag for the service and check again.
+	// Now reset the exposed flag for the application and check again.
 	err = s.service.ClearExposed()
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -421,7 +421,7 @@
 var commonFakeEntities = []params.Entity{
 	{Tag: "machine-42"},
 	{Tag: "unit-foo-0"},
-	{Tag: "service-bar"},
+	{Tag: "application-bar"},
 	{Tag: "user-foo"},
 	{Tag: "foo-bar"},
 	{Tag: ""},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/firewaller/firewaller.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/firewaller/firewaller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/firewaller/firewaller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/firewaller/firewaller.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -16,7 +16,7 @@
 
 func init() {
 	// Version 0 is no longer supported.
-	common.RegisterStandardFacade("Firewaller", 2, NewFirewallerAPI)
+	common.RegisterStandardFacade("Firewaller", 3, NewFirewallerAPI)
 }
 
 // FirewallerAPI provides access to the Firewaller API facade.
@@ -50,7 +50,7 @@
 	// Set up the various authorization checkers.
 	accessEnviron := common.AuthFuncForTagKind(names.ModelTagKind)
 	accessUnit := common.AuthFuncForTagKind(names.UnitTagKind)
-	accessService := common.AuthFuncForTagKind(names.ServiceTagKind)
+	accessService := common.AuthFuncForTagKind(names.ApplicationTagKind)
 	accessMachine := common.AuthFuncForTagKind(names.MachineTagKind)
 	accessUnitOrService := common.AuthEither(accessUnit, accessService)
 	accessUnitServiceOrMachine := common.AuthEither(accessUnitOrService, accessMachine)
@@ -67,7 +67,7 @@
 		resources,
 		authorizer,
 	)
-	// Watch() is supported for services only.
+	// Watch() is supported for applications only.
 	entityWatcher := common.NewAgentEntityWatcher(
 		st,
 		resources,
@@ -265,7 +265,7 @@
 		return params.BoolResults{}, err
 	}
 	for i, entity := range args.Entities {
-		tag, err := names.ParseServiceTag(entity.Tag)
+		tag, err := names.ParseApplicationTag(entity.Tag)
 		if err != nil {
 			result.Results[i].Error = common.ServerError(common.ErrPerm)
 			continue
@@ -325,14 +325,14 @@
 	return entity.(*state.Unit), nil
 }
 
-func (f *FirewallerAPI) getService(canAccess common.AuthFunc, tag names.ServiceTag) (*state.Service, error) {
+func (f *FirewallerAPI) getService(canAccess common.AuthFunc, tag names.ApplicationTag) (*state.Application, error) {
 	entity, err := f.getEntity(canAccess, tag)
 	if err != nil {
 		return nil, err
 	}
 	// The authorization function guarantees that the tag represents a
 	// service.
-	return entity.(*state.Service), nil
+	return entity.(*state.Application), nil
 }
 
 func (f *FirewallerAPI) getMachine(canAccess common.AuthFunc, tag names.MachineTag) (*state.Machine, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/firewaller/firewaller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/firewaller/firewaller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/firewaller/firewaller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/firewaller/firewaller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"sort"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
@@ -206,11 +206,11 @@
 			{Result: expectResultsMachine0},
 			{Result: nil, Error: nil},
 			{Result: expectResultsMachine2},
-			{Error: apiservertesting.ServerError(`"service-wordpress" is not a valid machine tag`)},
+			{Error: apiservertesting.ServerError(`"application-wordpress" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"unit-wordpress-0" is not a valid machine tag`)},
 			{Error: apiservertesting.NotFoundError("machine 42")},
 			{Error: apiservertesting.ServerError(`"unit-foo-0" is not a valid machine tag`)},
-			{Error: apiservertesting.ServerError(`"service-bar" is not a valid machine tag`)},
+			{Error: apiservertesting.ServerError(`"application-bar" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"user-foo" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"foo-bar" is not a valid tag`)},
 			{Error: apiservertesting.ServerError(`"" is not a valid tag`)},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/highavailability/highavailability.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/highavailability/highavailability.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/highavailability/highavailability.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/highavailability/highavailability.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/highavailability/highavailability_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/highavailability/highavailability_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/highavailability/highavailability_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/highavailability/highavailability_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,6 +21,7 @@
 	"github.com/juju/juju/state/presence"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/worker"
 )
 
 func TestAll(t *stdtesting.T) {
@@ -33,7 +34,6 @@
 	resources  *common.Resources
 	authoriser apiservertesting.FakeAuthorizer
 	haServer   *highavailability.HighAvailabilityAPI
-	pingers    []*presence.Pinger
 
 	commontesting.BlockHelper
 }
@@ -76,23 +76,20 @@
 	c.Assert(err, jc.ErrorIsNil)
 	// We have to ensure the agents are alive, or EnableHA will
 	// create more to replace them.
-	s.pingers = []*presence.Pinger{s.setAgentPresence(c, "0")}
+	s.setAgentPresence(c, "0")
 	s.BlockHelper = commontesting.NewBlockHelper(s.APIState)
 	s.AddCleanup(func(*gc.C) { s.BlockHelper.Close() })
 }
 
-func (s *clientSuite) TearDownTest(c *gc.C) {
-	for _, pinger := range s.pingers {
-		assertKill(c, pinger)
-	}
-	s.JujuConnSuite.TearDownTest(c)
-}
-
 func (s *clientSuite) setAgentPresence(c *gc.C, machineId string) *presence.Pinger {
 	m, err := s.State.Machine(machineId)
 	c.Assert(err, jc.ErrorIsNil)
 	pinger, err := m.SetAgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
+	s.AddCleanup(func(c *gc.C) {
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
+	})
+
 	s.State.StartSync()
 	err = m.WaitAgentPresence(coretesting.LongWait)
 	c.Assert(err, jc.ErrorIsNil)
@@ -148,11 +145,8 @@
 	c.Assert(machines[1].Series(), gc.Equals, "quantal")
 	c.Assert(machines[2].Series(), gc.Equals, "quantal")
 
-	pingerB := s.setAgentPresence(c, "1")
-	defer assertKill(c, pingerB)
-
-	pingerC := s.setAgentPresence(c, "2")
-	defer assertKill(c, pingerC)
+	s.setAgentPresence(c, "1")
+	s.setAgentPresence(c, "2")
 
 	enableHAResult, err = s.enableHA(c, 5, emptyCons, "non-default", nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -263,11 +257,11 @@
 		Jobs:        []state.MachineJob{state.JobHostUnits},
 		Constraints: machine1Cons,
 	})
-	s.pingers = append(s.pingers, s.setAgentPresence(c, "1"))
+	s.setAgentPresence(c, "1")
 
 	_, err = s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	s.pingers = append(s.pingers, s.setAgentPresence(c, "2"))
+	s.setAgentPresence(c, "2")
 
 	placement := []string{"1", "2"}
 	enableHAResult, err := s.enableHA(c, 3, emptyCons, defaultSeries, placement)
@@ -307,8 +301,7 @@
 	machines, err := s.State.AllMachines()
 	c.Assert(machines, gc.HasLen, 3)
 
-	pingerB := s.setAgentPresence(c, "1")
-	defer assertKill(c, pingerB)
+	s.setAgentPresence(c, "1")
 
 	// Now, we keep agent 1 alive, but not agent 2, calling
 	// EnableHA(0) again will cause us to start another machine
@@ -335,14 +328,9 @@
 
 	machines, err := s.State.AllMachines()
 	c.Assert(machines, gc.HasLen, 5)
-	pingerB := s.setAgentPresence(c, "1")
-	defer assertKill(c, pingerB)
-
-	pingerC := s.setAgentPresence(c, "2")
-	defer assertKill(c, pingerC)
-
-	pingerD := s.setAgentPresence(c, "3")
-	defer assertKill(c, pingerD)
+	s.setAgentPresence(c, "1")
+	s.setAgentPresence(c, "2")
+	s.setAgentPresence(c, "3")
 	// Keeping all alive but one, will bring up 1 more server to preserve 5
 	enableHAResult, err = s.enableHA(c, 0, emptyCons, defaultSeries, nil)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/hostkeyreporter/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/hostkeyreporter/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/hostkeyreporter/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/hostkeyreporter/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 package hostkeyreporter
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/hostkeyreporter/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/hostkeyreporter/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/hostkeyreporter/facade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/hostkeyreporter/facade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package hostkeyreporter_test
 
 import (
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/hostkeyreporter"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/httpcontext.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/httpcontext.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/httpcontext.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/httpcontext.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 
 	"github.com/juju/juju/apiserver/common"
@@ -74,6 +74,19 @@
 	return st, entity, nil
 }
 
+// checkPermissions verifies that given tag passes authentication check.
+// For example, if only user tags are accepted, all other tags will be denied access.
+func checkPermissions(tag names.Tag, acceptFunc common.GetAuthFunc) (bool, error) {
+	accept, err := acceptFunc()
+	if err != nil {
+		return false, errors.Trace(err)
+	}
+	if accept(tag) {
+		return true, nil
+	}
+	return false, errors.NotValidf("tag kind %v", tag.Kind())
+}
+
 // stateForRequestAuthenticatedUser is like stateForRequestAuthenticated
 // except that it also verifies that the authenticated entity is a user.
 func (ctxt *httpContext) stateForRequestAuthenticatedUser(r *http.Request) (*state.State, state.Entity, error) {
@@ -81,28 +94,27 @@
 	if err != nil {
 		return nil, nil, errors.Trace(err)
 	}
-	switch entity.Tag().(type) {
-	case names.UserTag:
-		return st, entity, nil
-	default:
-		return nil, nil, errors.Trace(common.ErrBadCreds)
+	if ok, err := checkPermissions(entity.Tag(), common.AuthFuncForTagKind(names.UserTagKind)); !ok {
+		return nil, nil, err
 	}
+	return st, entity, nil
 }
 
 // stateForRequestAuthenticatedUser is like stateForRequestAuthenticated
 // except that it also verifies that the authenticated entity is a user.
 func (ctxt *httpContext) stateForRequestAuthenticatedAgent(r *http.Request) (*state.State, state.Entity, error) {
+	authFunc := common.AuthEither(
+		common.AuthFuncForTagKind(names.MachineTagKind),
+		common.AuthFuncForTagKind(names.UnitTagKind),
+	)
 	st, entity, err := ctxt.stateForRequestAuthenticated(r)
 	if err != nil {
 		return nil, nil, errors.Trace(err)
 	}
-	switch entity.Tag().(type) {
-	case names.MachineTag, names.UnitTag:
-		return st, entity, nil
-	default:
-		logger.Errorf("attempt to log in as an agent by %v", entity.Tag())
-		return nil, nil, errors.Trace(common.ErrBadCreds)
+	if ok, err := checkPermissions(entity.Tag(), authFunc); !ok {
+		return nil, nil, err
 	}
+	return st, entity, nil
 }
 
 // loginRequest forms a LoginRequest from the information
@@ -119,22 +131,22 @@
 	parts := strings.Fields(authHeader)
 	if len(parts) != 2 || parts[0] != "Basic" {
 		// Invalid header format or no header provided.
-		return params.LoginRequest{}, errors.New("invalid request format")
+		return params.LoginRequest{}, errors.NotValidf("request format")
 	}
 	// Challenge is a base64-encoded "tag:pass" string.
 	// See RFC 2617, Section 2.
 	challenge, err := base64.StdEncoding.DecodeString(parts[1])
 	if err != nil {
-		return params.LoginRequest{}, errors.New("invalid request format")
+		return params.LoginRequest{}, errors.NotValidf("request format")
 	}
 	tagPass := strings.SplitN(string(challenge), ":", 2)
 	if len(tagPass) != 2 {
-		return params.LoginRequest{}, errors.New("invalid request format")
+		return params.LoginRequest{}, errors.NotValidf("request format")
 	}
 	// Ensure that a sensible tag was passed.
 	_, err = names.ParseTag(tagPass[0])
 	if err != nil {
-		return params.LoginRequest{}, errors.Trace(common.ErrBadCreds)
+		return params.LoginRequest{}, errors.Trace(err)
 	}
 	return params.LoginRequest{
 		AuthTag:     tagPass[0],
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemanager/imagemanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemanager/imagemanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemanager/imagemanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemanager/imagemanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"io"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemetadata/functions_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemetadata/functions_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemetadata/functions_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemetadata/functions_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	"github.com/juju/juju/apiserver/imagemetadata"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/state/cloudimagemetadata"
@@ -32,13 +33,15 @@
 	s.baseImageMetadataSuite.SetUpTest(c)
 
 	var err error
-	s.env, err = environs.Prepare(
+	s.env, err = bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: "dummycontroller",
-			BaseConfig:     mockConfig(),
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			ControllerName:   "dummycontroller",
+			BaseConfig:       mockConfig(),
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemetadata/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemetadata/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemetadata/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemetadata/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,15 +6,16 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/imagemetadata"
 	"github.com/juju/juju/apiserver/testing"
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
 	imagetesting "github.com/juju/juju/environs/imagemetadata/testing"
 	envtesting "github.com/juju/juju/environs/testing"
@@ -122,13 +123,15 @@
 		"type":       "mock",
 		"controller": true,
 	})
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: "dummycontroller",
-			BaseConfig:     attrs,
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: coretesting.FakeControllerConfig(),
+			ControllerName:   "dummycontroller",
+			BaseConfig:       attrs,
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemetadata/updatefrompublished_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemetadata/updatefrompublished_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/imagemetadata/updatefrompublished_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/imagemetadata/updatefrompublished_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,11 +14,13 @@
 
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/imagemetadata"
 	imagetesting "github.com/juju/juju/environs/imagemetadata/testing"
 	"github.com/juju/juju/environs/simplestreams"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/state/cloudimagemetadata"
@@ -163,13 +165,15 @@
 	// testingEnvConfig prepares an environment configuration using
 	// the dummy provider since it doesn't implement simplestreams.HasRegion.
 	s.state.environConfig = func() (*config.Config, error) {
-		env, err := environs.Prepare(
+		env, err := bootstrap.Prepare(
 			modelcmd.BootstrapContext(testing.Context(c)),
 			jujuclienttesting.NewMemStore(),
-			environs.PrepareParams{
-				ControllerName: "dummycontroller",
-				BaseConfig:     dummy.SampleConfig(),
-				CloudName:      "dummy",
+			bootstrap.PrepareParams{
+				ControllerConfig: testing.FakeControllerConfig(),
+				ControllerName:   "dummycontroller",
+				BaseConfig:       dummy.SampleConfig(),
+				CloudName:        "dummy",
+				AdminSecret:      "admin-secret",
 			},
 		)
 		c.Assert(err, jc.ErrorIsNil)
@@ -251,6 +255,7 @@
 	s.env = &mockEnviron{}
 
 	s.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	// Prepare mock http transport for overriding metadata and images output in tests.
 	useTestImageData(c, testImagesData)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/images.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/images.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/images.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/images.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,196 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package apiserver
-
-import (
-	"crypto/sha256"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"path"
-	"path/filepath"
-	"strings"
-
-	"github.com/juju/errors"
-	"github.com/juju/utils/fslock"
-
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/container"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/imagestorage"
-)
-
-// imagesDownloadHandler handles image download through HTTPS in the API server.
-type imagesDownloadHandler struct {
-	ctxt    httpContext
-	dataDir string
-	state   *state.State
-}
-
-func (h *imagesDownloadHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	st, err := h.ctxt.stateForRequestUnauthenticated(r)
-	if err != nil {
-		sendError(w, err)
-		return
-	}
-	switch r.Method {
-	case "GET":
-		err := h.processGet(r, w, st)
-		if err != nil {
-			logger.Errorf("GET(%s) failed: %v", r.URL, err)
-			sendError(w, err)
-			return
-		}
-	default:
-		sendError(w, errors.MethodNotAllowedf("unsupported method: %q", r.Method))
-	}
-}
-
-// processGet handles an image GET request.
-func (h *imagesDownloadHandler) processGet(r *http.Request, resp http.ResponseWriter, st *state.State) error {
-	// Get the parameters from the query.
-	kind := r.URL.Query().Get(":kind")
-	series := r.URL.Query().Get(":series")
-	arch := r.URL.Query().Get(":arch")
-	modelUUID := r.URL.Query().Get(":modeluuid")
-
-	// Get the image details from storage.
-	metadata, imageReader, err := h.loadImage(st, modelUUID, kind, series, arch)
-	if err != nil {
-		return errors.Annotate(err, "error getting image from storage")
-	}
-	defer imageReader.Close()
-
-	// Stream the image to the caller.
-	logger.Debugf("streaming image from state blobstore: %+v", metadata)
-	resp.Header().Set("Content-Type", "application/x-tar-gz")
-	resp.Header().Set("Digest", params.EncodeChecksum(metadata.SHA256))
-	resp.Header().Set("Content-Length", fmt.Sprint(metadata.Size))
-	resp.WriteHeader(http.StatusOK)
-	if _, err := io.Copy(resp, imageReader); err != nil {
-		return errors.Annotate(err, "while streaming image")
-	}
-	return nil
-}
-
-// loadImage loads an os image from the blobstore,
-// downloading and caching it if necessary.
-func (h *imagesDownloadHandler) loadImage(st *state.State, modeluuid, kind, series, arch string) (
-	*imagestorage.Metadata, io.ReadCloser, error,
-) {
-	// We want to ensure that if an image needs to be downloaded and cached,
-	// this only happens once.
-	imageIdent := fmt.Sprintf("image-%s-%s-%s-%s", modeluuid, kind, series, arch)
-	lockDir := filepath.Join(h.dataDir, "locks")
-	lock, err := fslock.NewLock(lockDir, imageIdent, fslock.Defaults())
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-	lock.Lock("fetch and cache image " + imageIdent)
-	defer lock.Unlock()
-	storage := st.ImageStorage()
-	metadata, imageReader, err := storage.Image(kind, series, arch)
-	// Not in storage, so go fetch it.
-	if errors.IsNotFound(err) {
-		if err := h.fetchAndCacheLxcImage(storage, modeluuid, series, arch); err != nil {
-			return nil, nil, errors.Annotate(err, "error fetching and caching image")
-		}
-		err = networkOperationWitDefaultRetries(func() error {
-			metadata, imageReader, err = storage.Image(string(instance.LXC), series, arch)
-			return err
-		}, "streaming os image from blobstore")()
-	}
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-	return metadata, imageReader, nil
-}
-
-// fetchAndCacheLxcImage fetches an lxc image tarball from http://cloud-images.ubuntu.com
-// and caches it in the state blobstore.
-func (h *imagesDownloadHandler) fetchAndCacheLxcImage(storage imagestorage.Storage, modeluuid, series, arch string) error {
-	cfg, err := h.state.ModelConfig()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	imageURL, err := container.ImageDownloadURL(instance.LXC, series, arch, cfg.ImageStream(), cfg.CloudImageBaseURL())
-	if err != nil {
-		return errors.Annotatef(err, "cannot determine LXC image URL: %v", err)
-	}
-
-	// Fetch the image checksum.
-	imageFilename := path.Base(imageURL)
-	shafile := strings.Replace(imageURL, imageFilename, "SHA256SUMS", -1)
-	shaResp, err := http.Get(shafile)
-	if err != nil {
-		return errors.Annotatef(err, "cannot get sha256 data from %v", shafile)
-	}
-	defer shaResp.Body.Close()
-	shaInfo, err := ioutil.ReadAll(shaResp.Body)
-	if err != nil {
-		return errors.Annotatef(err, "cannot read sha256 data from %v", shafile)
-	}
-
-	// The sha file has lines like:
-	// "<checksum> *<imageFilename>"
-	checksum := ""
-	for _, line := range strings.Split(string(shaInfo), "\n") {
-		parts := strings.Split(line, "*")
-		if len(parts) != 2 {
-			continue
-		}
-		if parts[1] == imageFilename {
-			checksum = strings.TrimSpace(parts[0])
-			break
-		}
-	}
-	if checksum == "" {
-		return errors.Errorf("cannot find sha256 checksum for %v", imageFilename)
-	}
-
-	// Fetch the image.
-	logger.Debugf("fetching LXC image from: %v", imageURL)
-	resp, err := http.Get(imageURL)
-	if err != nil {
-		return errors.Annotatef(err, "cannot get image from %v", imageURL)
-	}
-	logger.Debugf("lxc image has size: %v bytes", resp.ContentLength)
-	defer resp.Body.Close()
-
-	hash := sha256.New()
-	// Set up a chain of readers to pull in the data and calculate the checksum.
-	rdr := io.TeeReader(resp.Body, hash)
-
-	metadata := &imagestorage.Metadata{
-		ModelUUID: modeluuid,
-		Kind:      string(instance.LXC),
-		Series:    series,
-		Arch:      arch,
-		Size:      resp.ContentLength,
-		SHA256:    checksum,
-		SourceURL: imageURL,
-	}
-
-	// Stream the image to storage.
-	err = networkOperationWitDefaultRetries(func() error {
-		return storage.AddImage(rdr, metadata)
-	}, "add os image to blobstore")()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	// Better check the downloaded image checksum.
-	downloadChecksum := fmt.Sprintf("%x", hash.Sum(nil))
-	if downloadChecksum != checksum {
-		err := networkOperationWitDefaultRetries(func() error {
-			return storage.DeleteImage(metadata)
-		}, "delete os image from blobstore")()
-		if err != nil {
-			logger.Errorf("checksum mismatch, failed to delete image from storage: %v", err)
-		}
-		return errors.Errorf("download checksum mismatch %s != %s", downloadChecksum, checksum)
-	}
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/images_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/images_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/images_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/images_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,273 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// +build !windows
-
-package apiserver_test
-
-import (
-	"crypto/sha256"
-	"encoding/base64"
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"net/url"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/params"
-	containertesting "github.com/juju/juju/container/testing"
-	sstesting "github.com/juju/juju/environs/simplestreams/testing"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/imagestorage"
-	coretesting "github.com/juju/juju/testing"
-)
-
-const testImageData = "abc"
-
-var testImageChecksum = fmt.Sprintf("%x", sha256.Sum256([]byte(testImageData)))
-
-type imageSuite struct {
-	authHttpSuite
-}
-
-var _ = gc.Suite(&imageSuite{})
-
-func (s *imageSuite) SetUpSuite(c *gc.C) {
-	s.authHttpSuite.SetUpSuite(c)
-}
-
-func (s *imageSuite) TestDownloadMissingModelUUIDPath(c *gc.C) {
-	s.storeFakeImage(c, s.State, "lxc", "trusty", "amd64")
-
-	s.modelUUID = ""
-	url := s.imageURL(c, "lxc", "trusty", "amd64")
-	c.Assert(url.Path, jc.HasPrefix, "/model//images")
-
-	response := s.downloadRequest(c, url)
-	s.testDownload(c, response)
-}
-
-func (s *imageSuite) TestDownloadEnvironmentPath(c *gc.C) {
-	s.storeFakeImage(c, s.State, "lxc", "trusty", "amd64")
-
-	url := s.imageURL(c, "lxc", "trusty", "amd64")
-	c.Assert(url.Path, jc.HasPrefix, fmt.Sprintf("/model/%s/", s.State.ModelUUID()))
-
-	response := s.downloadRequest(c, url)
-	s.testDownload(c, response)
-}
-
-func (s *imageSuite) TestDownloadOtherEnvironmentPath(c *gc.C) {
-	envState := s.setupOtherModel(c)
-	s.storeFakeImage(c, envState, "lxc", "trusty", "amd64")
-
-	url := s.imageURL(c, "lxc", "trusty", "amd64")
-	c.Assert(url.Path, jc.HasPrefix, fmt.Sprintf("/model/%s/", envState.ModelUUID()))
-
-	response := s.downloadRequest(c, url)
-	s.testDownload(c, response)
-}
-
-func (s *imageSuite) TestDownloadRejectsWrongModelUUIDPath(c *gc.C) {
-	s.modelUUID = "dead-beef-123456"
-	url := s.imageURL(c, "lxc", "trusty", "amd64")
-	response := s.downloadRequest(c, url)
-	s.assertErrorResponse(c, response, http.StatusNotFound, `unknown model: "dead-beef-123456"`)
-}
-
-type CountingRoundTripper struct {
-	count int
-	*coretesting.CannedRoundTripper
-}
-
-func (v *CountingRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
-	v.count += 1
-	return v.CannedRoundTripper.RoundTrip(req)
-}
-
-func useTestImageData(files map[string]string) {
-	if files != nil {
-		sstesting.TestRoundTripper.Sub = &CountingRoundTripper{
-			CannedRoundTripper: coretesting.NewCannedRoundTripper(files, nil),
-		}
-	} else {
-		sstesting.TestRoundTripper.Sub = nil
-	}
-}
-
-func (s *imageSuite) TestDownloadFetchesAndCaches(c *gc.C) {
-	// Set up some image data for a fake server.
-	testing.PatchExecutable(c, s, "ubuntu-cloudimg-query", containertesting.FakeLxcURLScript)
-	useTestImageData(map[string]string{
-		"/trusty-released-amd64-root.tar.gz": testImageData,
-		"/SHA256SUMS":                        testImageChecksum + " *trusty-released-amd64-root.tar.gz",
-	})
-	defer func() {
-		useTestImageData(nil)
-	}()
-
-	// The image is not in imagestorage, so the download request causes
-	// the API server to search for the image on cloud-images, fetches it,
-	// and then cache it in imagestorage.
-	url := s.imageURL(c, "lxc", "trusty", "amd64")
-	response := s.downloadRequest(c, url)
-	data := s.testDownload(c, response)
-
-	metadata, cachedData := s.getImageFromStorage(c, s.State, "lxc", "trusty", "amd64")
-	c.Assert(metadata.Size, gc.Equals, int64(len(testImageData)))
-	c.Assert(metadata.SHA256, gc.Equals, testImageChecksum)
-	c.Assert(metadata.SourceURL, gc.Equals, "test://cloud-images/trusty-released-amd64-root.tar.gz")
-	c.Assert(string(data), gc.Equals, string(testImageData))
-	c.Assert(string(data), gc.Equals, string(cachedData))
-}
-
-func (s *imageSuite) TestDownloadFetchesAndCachesConcurrent(c *gc.C) {
-	// Set up some image data for a fake server.
-	testing.PatchExecutable(c, s, "ubuntu-cloudimg-query", containertesting.FakeLxcURLScript)
-	useTestImageData(map[string]string{
-		"/trusty-released-amd64-root.tar.gz": testImageData,
-		"/SHA256SUMS":                        testImageChecksum + " *trusty-released-amd64-root.tar.gz",
-	})
-	defer func() {
-		useTestImageData(nil)
-	}()
-
-	// Fetch the same image multiple times concurrently and ensure that
-	// it is only downloaded from the external URL once.
-	done := make(chan struct{})
-	go func() {
-		var wg sync.WaitGroup
-		wg.Add(10)
-		for i := 0; i < 10; i++ {
-			go func() {
-				defer wg.Done()
-				url := s.imageURL(c, "lxc", "trusty", "amd64")
-				response := s.downloadRequest(c, url)
-				data := s.testDownload(c, response)
-				c.Assert(string(data), gc.Equals, string(testImageData))
-			}()
-		}
-		wg.Wait()
-		done <- struct{}{}
-	}()
-	select {
-	case <-done:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timed out waiting for images to be fetced")
-	}
-
-	// Downloading an image is 2 requests - one for image, one for SA256.
-	c.Assert(sstesting.TestRoundTripper.Sub.(*CountingRoundTripper).count, gc.Equals, 2)
-
-	// Check that the image is correctly cached.
-	metadata, cachedData := s.getImageFromStorage(c, s.State, "lxc", "trusty", "amd64")
-	c.Assert(metadata.Size, gc.Equals, int64(len(testImageData)))
-	c.Assert(metadata.SHA256, gc.Equals, testImageChecksum)
-	c.Assert(metadata.SourceURL, gc.Equals, "test://cloud-images/trusty-released-amd64-root.tar.gz")
-	c.Assert(testImageData, gc.Equals, string(cachedData))
-}
-
-func (s *imageSuite) TestDownloadFetchChecksumMismatch(c *gc.C) {
-	// Set up some image data for a fake server.
-	testing.PatchExecutable(c, s, "ubuntu-cloudimg-query", containertesting.FakeLxcURLScript)
-	useTestImageData(map[string]string{
-		"/trusty-released-amd64-root.tar.gz": testImageData,
-		"/SHA256SUMS":                        "different-checksum *trusty-released-amd64-root.tar.gz",
-	})
-	defer func() {
-		useTestImageData(nil)
-	}()
-
-	resp := s.downloadRequest(c, s.imageURL(c, "lxc", "trusty", "amd64"))
-	defer resp.Body.Close()
-	s.assertErrorResponse(c, resp, http.StatusInternalServerError, ".* download checksum mismatch .*")
-}
-
-func (s *imageSuite) TestDownloadFetchNoSHA256File(c *gc.C) {
-	// Set up some image data for a fake server.
-	testing.PatchExecutable(c, s, "ubuntu-cloudimg-query", containertesting.FakeLxcURLScript)
-	useTestImageData(map[string]string{
-		"/trusty-released-amd64-root.tar.gz": testImageData,
-	})
-	defer func() {
-		useTestImageData(nil)
-	}()
-
-	resp := s.downloadRequest(c, s.imageURL(c, "lxc", "trusty", "amd64"))
-	defer resp.Body.Close()
-	s.assertErrorResponse(c, resp, http.StatusInternalServerError, ".* cannot find sha256 checksum .*")
-}
-
-func (s *imageSuite) testDownload(c *gc.C, resp *http.Response) []byte {
-	c.Check(resp.StatusCode, gc.Equals, http.StatusOK)
-	expectedChecksum := base64.StdEncoding.EncodeToString([]byte(testImageChecksum))
-	c.Check(resp.Header.Get("Digest"), gc.Equals, string(params.DigestSHA256)+"="+expectedChecksum)
-	c.Check(resp.Header.Get("Content-Type"), gc.Equals, "application/x-tar-gz")
-	c.Check(resp.Header.Get("Content-Length"), gc.Equals, fmt.Sprintf("%v", len(testImageData)))
-
-	defer resp.Body.Close()
-	data, err := ioutil.ReadAll(resp.Body)
-	c.Assert(err, gc.IsNil)
-
-	c.Assert(data, gc.HasLen, len(testImageData))
-
-	hash := sha256.New()
-	hash.Write(data)
-	c.Assert(fmt.Sprintf("%x", hash.Sum(nil)), gc.Equals, testImageChecksum)
-	return data
-}
-
-func (s *imageSuite) downloadRequest(c *gc.C, url *url.URL) *http.Response {
-	return s.sendRequest(c, httpRequestParams{method: "GET", url: url.String()})
-}
-
-func (s *imageSuite) storeFakeImage(c *gc.C, st *state.State, kind, series, arch string) {
-	storage := st.ImageStorage()
-	metadata := &imagestorage.Metadata{
-		ModelUUID: st.ModelUUID(),
-		Kind:      kind,
-		Series:    series,
-		Arch:      arch,
-		Size:      int64(len(testImageData)),
-		SHA256:    testImageChecksum,
-		SourceURL: "http://path",
-	}
-	err := storage.AddImage(strings.NewReader(testImageData), metadata)
-	c.Assert(err, gc.IsNil)
-}
-
-func (s *imageSuite) getImageFromStorage(c *gc.C, st *state.State, kind, series, arch string) (*imagestorage.Metadata, []byte) {
-	storage := st.ImageStorage()
-	metadata, r, err := storage.Image(kind, series, arch)
-	c.Assert(err, gc.IsNil)
-	data, err := ioutil.ReadAll(r)
-	r.Close()
-	c.Assert(err, gc.IsNil)
-	return metadata, data
-}
-
-func (s *imageSuite) imageURL(c *gc.C, kind, series, arch string) *url.URL {
-	uri := s.baseURL(c)
-	uri.Path = fmt.Sprintf("/model/%s/images/%s/%s/%s/trusty-released-amd64-root.tar.gz", s.modelUUID, kind, series, arch)
-	return uri
-}
-
-func (s *imageSuite) assertErrorResponse(c *gc.C, resp *http.Response, expCode int, expError string) {
-	body := assertResponse(c, resp, expCode, "application/json")
-	err := jsonImageResponse(c, body).Error
-	c.Assert(err, gc.NotNil)
-	c.Assert(err, gc.ErrorMatches, expError)
-}
-
-func jsonImageResponse(c *gc.C, body []byte) (jsonResponse params.ErrorResult) {
-	err := json.Unmarshal(body, &jsonResponse)
-	c.Assert(err, gc.IsNil)
-	return
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,9 +3,7 @@
 
 package instancepoller
 
-import (
-	"github.com/juju/juju/state"
-)
+import "github.com/juju/juju/state"
 
 type Patcher interface {
 	PatchValue(ptr, value interface{})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/instancepoller.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/instancepoller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/instancepoller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/instancepoller.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,8 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -15,7 +16,7 @@
 )
 
 func init() {
-	common.RegisterStandardFacade("InstancePoller", 2, NewInstancePollerAPI)
+	common.RegisterStandardFacade("InstancePoller", 3, newInstancePollerAPI)
 }
 
 // InstancePollerAPI provides access to the InstancePoller API facade.
@@ -30,6 +31,16 @@
 	resources     *common.Resources
 	authorizer    common.Authorizer
 	accessMachine common.GetAuthFunc
+	clock         clock.Clock
+}
+
+// newInstancePollerAPI wraps NewInstancePollerAPI for RegisterStandardFacade.
+func newInstancePollerAPI(
+	st *state.State,
+	resources *common.Resources,
+	authorizer common.Authorizer,
+) (*InstancePollerAPI, error) {
+	return NewInstancePollerAPI(st, resources, authorizer, clock.WallClock)
 }
 
 // NewInstancePollerAPI creates a new server-side InstancePoller API
@@ -38,6 +49,7 @@
 	st *state.State,
 	resources *common.Resources,
 	authorizer common.Authorizer,
+	clock clock.Clock,
 ) (*InstancePollerAPI, error) {
 
 	if !authorizer.AuthModelManager() {
@@ -86,6 +98,7 @@
 		resources:            resources,
 		authorizer:           authorizer,
 		accessMachine:        accessMachine,
+		clock:                clock,
 	}, nil
 }
 
@@ -124,7 +137,7 @@
 		machine, err := a.getOneMachine(arg.Tag, canAccess)
 		if err == nil {
 			addrs := machine.ProviderAddresses()
-			result.Results[i].Addresses = params.FromNetworkAddresses(addrs)
+			result.Results[i].Addresses = params.FromNetworkAddresses(addrs...)
 		}
 		result.Results[i].Error = common.ServerError(err)
 	}
@@ -144,7 +157,7 @@
 	for i, arg := range args.MachineAddresses {
 		machine, err := a.getOneMachine(arg.Tag, canAccess)
 		if err == nil {
-			addrsToSet := params.NetworkAddresses(arg.Addresses)
+			addrsToSet := params.NetworkAddresses(arg.Addresses...)
 			err = machine.SetProviderAddresses(addrsToSet...)
 		}
 		result.Results[i].Error = common.ServerError(err)
@@ -167,7 +180,7 @@
 		if err == nil {
 			var statusInfo status.StatusInfo
 			statusInfo, err = machine.InstanceStatus()
-			result.Results[i].Status = statusInfo.Status
+			result.Results[i].Status = statusInfo.Status.String()
 			result.Results[i].Info = statusInfo.Message
 			result.Results[i].Data = statusInfo.Data
 			result.Results[i].Since = statusInfo.Since
@@ -190,7 +203,14 @@
 	for i, arg := range args.Entities {
 		machine, err := a.getOneMachine(arg.Tag, canAccess)
 		if err == nil {
-			err = machine.SetInstanceStatus(arg.Status, arg.Info, arg.Data)
+			now := a.clock.Now()
+			s := status.StatusInfo{
+				Status:  status.Status(arg.Status),
+				Message: arg.Info,
+				Data:    arg.Data,
+				Since:   &now,
+			}
+			err = machine.SetInstanceStatus(s)
 		}
 		result.Results[i].Error = common.ServerError(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/instancepoller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/instancepoller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/instancepoller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/instancepoller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,7 @@
 
 	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/apiserver/common"
@@ -34,6 +35,8 @@
 
 	mixedEntities     params.Entities
 	mixedErrorResults params.ErrorResults
+
+	clock clock.Clock
 }
 
 var _ = gc.Suite(&InstancePollerSuite{})
@@ -51,7 +54,8 @@
 	instancepoller.PatchState(s, s.st)
 
 	var err error
-	s.api, err = instancepoller.NewInstancePollerAPI(nil, s.resources, s.authoriser)
+	s.clock = coretesting.NewClock(time.Now())
+	s.api, err = instancepoller.NewInstancePollerAPI(nil, s.resources, s.authoriser, s.clock)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.machineEntities = params.Entities{
@@ -72,7 +76,7 @@
 			{Tag: "machine-1"},
 			{Tag: "machine-2"},
 			{Tag: "machine-42"},
-			{Tag: "service-unknown"},
+			{Tag: "application-unknown"},
 			{Tag: "invalid-tag"},
 			{Tag: "unit-missing-1"},
 			{Tag: ""},
@@ -83,7 +87,7 @@
 			{Error: nil},
 			{Error: nil},
 			{Error: apiservertesting.NotFoundError("machine 42")},
-			{Error: apiservertesting.ServerError(`"service-unknown" is not a valid machine tag`)},
+			{Error: apiservertesting.ServerError(`"application-unknown" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"invalid-tag" is not a valid tag`)},
 			{Error: apiservertesting.ServerError(`"unit-missing-1" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"" is not a valid tag`)},
@@ -94,7 +98,7 @@
 func (s *InstancePollerSuite) TestNewInstancePollerAPIRequiresEnvironManager(c *gc.C) {
 	anAuthoriser := s.authoriser
 	anAuthoriser.EnvironManager = false
-	api, err := instancepoller.NewInstancePollerAPI(nil, s.resources, anAuthoriser)
+	api, err := instancepoller.NewInstancePollerAPI(nil, s.resources, anAuthoriser, s.clock)
 	c.Assert(api, gc.IsNil)
 	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
@@ -356,7 +360,7 @@
 	c.Assert(result, jc.DeepEquals, params.StatusResults{
 		Results: []params.StatusResult{
 			{
-				Status: status.StatusError,
+				Status: status.StatusError.String(),
 				Info:   s1.Message,
 				Data:   s1.Data,
 				Since:  s1.Since,
@@ -406,7 +410,7 @@
 
 func (s *InstancePollerSuite) TestProviderAddressesSuccess(c *gc.C) {
 	addrs := network.NewAddresses("0.1.2.3", "127.0.0.1", "8.8.8.8")
-	expectedAddresses := params.FromNetworkAddresses(addrs)
+	expectedAddresses := params.FromNetworkAddresses(addrs...)
 	s.st.SetMachineInfo(c, machineInfo{id: "1", providerAddresses: addrs})
 	s.st.SetMachineInfo(c, machineInfo{id: "2", providerAddresses: nil})
 
@@ -417,7 +421,7 @@
 			{Addresses: expectedAddresses},
 			{Addresses: nil},
 			{Error: apiservertesting.NotFoundError("machine 42")},
-			{Error: apiservertesting.ServerError(`"service-unknown" is not a valid machine tag`)},
+			{Error: apiservertesting.ServerError(`"application-unknown" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"invalid-tag" is not a valid tag`)},
 			{Error: apiservertesting.ServerError(`"unit-missing-1" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"" is not a valid tag`)},
@@ -467,9 +471,9 @@
 	result, err := s.api.SetProviderAddresses(params.SetMachinesAddresses{
 		MachineAddresses: []params.MachineAddresses{
 			{Tag: "machine-1", Addresses: nil},
-			{Tag: "machine-2", Addresses: params.FromNetworkAddresses(newAddrs)},
+			{Tag: "machine-2", Addresses: params.FromNetworkAddresses(newAddrs...)},
 			{Tag: "machine-42"},
-			{Tag: "service-unknown"},
+			{Tag: "application-unknown"},
 			{Tag: "invalid-tag"},
 			{Tag: "unit-missing-1"},
 			{Tag: ""},
@@ -509,8 +513,8 @@
 
 	result, err := s.api.SetProviderAddresses(params.SetMachinesAddresses{
 		MachineAddresses: []params.MachineAddresses{
-			{Tag: "machine-1", Addresses: nil},
-			{Tag: "machine-2", Addresses: params.FromNetworkAddresses(newAddrs)},
+			{Tag: "machine-1"},
+			{Tag: "machine-2", Addresses: params.FromNetworkAddresses(newAddrs...)},
 			{Tag: "machine-3"},
 		}},
 	)
@@ -536,10 +540,10 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result, jc.DeepEquals, params.StatusResults{
 		Results: []params.StatusResult{
-			{Status: status.Status("foo")},
-			{Status: status.Status("")},
+			{Status: "foo"},
+			{Status: ""},
 			{Error: apiservertesting.NotFoundError("machine 42")},
-			{Error: apiservertesting.ServerError(`"service-unknown" is not a valid machine tag`)},
+			{Error: apiservertesting.ServerError(`"application-unknown" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"invalid-tag" is not a valid tag`)},
 			{Error: apiservertesting.ServerError(`"unit-missing-1" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"" is not a valid tag`)},
@@ -587,36 +591,41 @@
 
 	result, err := s.api.SetInstanceStatus(params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: "machine-1", Status: status.Status("")},
-			{Tag: "machine-2", Status: status.Status("new status")},
-			{Tag: "machine-42", Status: status.Status("")},
-			{Tag: "service-unknown", Status: status.Status("")},
-			{Tag: "invalid-tag", Status: status.Status("")},
-			{Tag: "unit-missing-1", Status: status.Status("")},
-			{Tag: "", Status: status.Status("")},
-			{Tag: "42", Status: status.Status("")},
+			{Tag: "machine-1", Status: ""},
+			{Tag: "machine-2", Status: "new status"},
+			{Tag: "machine-42", Status: ""},
+			{Tag: "application-unknown", Status: ""},
+			{Tag: "invalid-tag", Status: ""},
+			{Tag: "unit-missing-1", Status: ""},
+			{Tag: "", Status: ""},
+			{Tag: "42", Status: ""},
 		}},
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result, jc.DeepEquals, s.mixedErrorResults)
 
+	now := s.clock.Now()
 	s.st.CheckFindEntityCall(c, 0, "1")
-	s.st.CheckCall(c, 1, "SetInstanceStatus", status.Status(""))
+	s.st.CheckCall(c, 1, "SetInstanceStatus", status.StatusInfo{Status: status.Status(""), Since: &now})
 	s.st.CheckFindEntityCall(c, 2, "2")
-	s.st.CheckCall(c, 3, "SetInstanceStatus", status.Status("new status"))
+	s.st.CheckCall(c, 3, "SetInstanceStatus", status.StatusInfo{Status: status.Status("new status"), Since: &now})
 	s.st.CheckFindEntityCall(c, 4, "42")
 
 	// Ensure machines were updated.
 	machine, err := s.st.Machine("1")
 	c.Assert(err, jc.ErrorIsNil)
+	// TODO (perrito666) there should not be an empty StatusInfo here,
+	// this is certainly a smell.
 	setStatus, err := machine.InstanceStatus()
 	c.Assert(err, jc.ErrorIsNil)
+	setStatus.Since = nil
 	c.Assert(setStatus, gc.DeepEquals, status.StatusInfo{})
 
 	machine, err = s.st.Machine("2")
 	c.Assert(err, jc.ErrorIsNil)
 	setStatus, err = machine.InstanceStatus()
 	c.Assert(err, jc.ErrorIsNil)
+	setStatus.Since = nil
 	c.Assert(setStatus, gc.DeepEquals, status.StatusInfo{Status: "new status"})
 }
 
@@ -632,9 +641,9 @@
 
 	result, err := s.api.SetInstanceStatus(params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: "machine-1", Status: status.Status("new")},
-			{Tag: "machine-2", Status: status.Status("invalid")},
-			{Tag: "machine-3", Status: status.Status("")},
+			{Tag: "machine-1", Status: "new"},
+			{Tag: "machine-2", Status: "invalid"},
+			{Tag: "machine-3", Status: ""},
 		}},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -642,7 +651,8 @@
 
 	s.st.CheckFindEntityCall(c, 0, "1")
 	s.st.CheckFindEntityCall(c, 1, "2")
-	s.st.CheckCall(c, 2, "SetInstanceStatus", status.Status("invalid"))
+	now := s.clock.Now()
+	s.st.CheckCall(c, 2, "SetInstanceStatus", status.StatusInfo{Status: "invalid", Since: &now})
 	s.st.CheckFindEntityCall(c, 3, "3")
 }
 
@@ -657,7 +667,7 @@
 			{Result: true},
 			{Result: false},
 			{Error: apiservertesting.NotFoundError("machine 42")},
-			{Error: apiservertesting.ServerError(`"service-unknown" is not a valid machine tag`)},
+			{Error: apiservertesting.ServerError(`"application-unknown" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"invalid-tag" is not a valid tag`)},
 			{Error: apiservertesting.ServerError(`"unit-missing-1" is not a valid machine tag`)},
 			{Error: apiservertesting.ServerError(`"" is not a valid tag`)},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"sync"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/instancepoller"
 	"github.com/juju/juju/environs/config"
@@ -277,7 +277,7 @@
 }
 
 // SetInstanceStatus implements StateMachine.
-func (m *mockMachine) SetInstanceStatus(instanceStatus status.Status, info string, data map[string]interface{}) error {
+func (m *mockMachine) SetInstanceStatus(instanceStatus status.StatusInfo) error {
 	m.mu.Lock()
 	defer m.mu.Unlock()
 
@@ -285,11 +285,7 @@
 	if err := m.NextErr(); err != nil {
 		return err
 	}
-	m.instanceStatus = status.StatusInfo{
-		Status:  instanceStatus,
-		Message: info,
-		Data:    data,
-	}
+	m.instanceStatus = instanceStatus
 	return nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/instancepoller/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/instancepoller/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,6 +10,7 @@
 	"github.com/juju/juju/status"
 )
 
+// StateMachine represents a machine from state package.
 type StateMachine interface {
 	state.Entity
 
@@ -18,7 +19,7 @@
 	ProviderAddresses() []network.Address
 	SetProviderAddresses(...network.Address) error
 	InstanceStatus() (status.StatusInfo, error)
-	SetInstanceStatus(status.Status, string, map[string]interface{}) error
+	SetInstanceStatus(status.StatusInfo) error
 	String() string
 	Refresh() error
 	Life() state.Life
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keymanager/keymanager.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keymanager/keymanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keymanager/keymanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keymanager/keymanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/set"
 	"github.com/juju/utils/ssh"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -145,7 +145,7 @@
 func (api *KeyManagerAPI) writeSSHKeys(sshKeys []string) error {
 	// Write out the new keys.
 	keyStr := strings.Join(sshKeys, "\n")
-	attrs := map[string]interface{}{config.AuthKeysConfig: keyStr}
+	attrs := map[string]interface{}{config.AuthorizedKeysKey: keyStr}
 	// TODO(waigani) 2014-03-17 bug #1293324
 	// Pass in validation to ensure SSH keys
 	// have not changed underfoot
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keymanager/keymanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keymanager/keymanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keymanager/keymanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keymanager/keymanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,11 @@
 	"fmt"
 	"strings"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/ssh"
 	sshtesting "github.com/juju/utils/ssh/testing"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
@@ -205,6 +205,7 @@
 	}
 	_, err = s.keymanager.AddKeys(args)
 	c.Assert(err, gc.ErrorMatches, "permission denied")
+	c.Assert(params.ErrCode(err), gc.Equals, params.CodeUnauthorized)
 	s.assertEnvironKeys(c, []string{key1})
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/ssh"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/keyupdater/authorisedkeys_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package keyupdater_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/keyupdater"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package leadership
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 )
@@ -18,5 +18,5 @@
 
 	// BlockUntilLeadershipReleased blocks the caller until leadership is
 	// released for the given service.
-	BlockUntilLeadershipReleased(serviceTag names.ServiceTag) (params.ErrorResult, error)
+	BlockUntilLeadershipReleased(ApplicationTag names.ApplicationTag) (params.ErrorResult, error)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/leadership.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/leadership.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/leadership.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/leadership.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -75,7 +75,7 @@
 	for pIdx, p := range args.Params {
 
 		result := &results[pIdx]
-		serviceTag, unitTag, err := parseServiceAndUnitTags(p.ServiceTag, p.UnitTag)
+		ApplicationTag, unitTag, err := parseServiceAndUnitTags(p.ApplicationTag, p.UnitTag)
 		if err != nil {
 			result.Error = common.ServerError(err)
 			continue
@@ -89,12 +89,12 @@
 		// In the future, situations may arise wherein units will make
 		// leadership claims for other units. For now, units can only
 		// claim leadership for themselves, for their own service.
-		if !m.authorizer.AuthOwner(unitTag) || !m.authMember(serviceTag) {
+		if !m.authorizer.AuthOwner(unitTag) || !m.authMember(ApplicationTag) {
 			result.Error = common.ServerError(common.ErrPerm)
 			continue
 		}
 
-		err = m.claimer.ClaimLeadership(serviceTag.Id(), unitTag.Id(), duration)
+		err = m.claimer.ClaimLeadership(ApplicationTag.Id(), unitTag.Id(), duration)
 		if err != nil {
 			result.Error = common.ServerError(err)
 		}
@@ -104,51 +104,51 @@
 }
 
 // BlockUntilLeadershipReleased implements the LeadershipService interface.
-func (m *leadershipService) BlockUntilLeadershipReleased(serviceTag names.ServiceTag) (params.ErrorResult, error) {
-	if !m.authMember(serviceTag) {
+func (m *leadershipService) BlockUntilLeadershipReleased(ApplicationTag names.ApplicationTag) (params.ErrorResult, error) {
+	if !m.authMember(ApplicationTag) {
 		return params.ErrorResult{Error: common.ServerError(common.ErrPerm)}, nil
 	}
 
-	if err := m.claimer.BlockUntilLeadershipReleased(serviceTag.Id()); err != nil {
+	if err := m.claimer.BlockUntilLeadershipReleased(ApplicationTag.Id()); err != nil {
 		return params.ErrorResult{Error: common.ServerError(err)}, nil
 	}
 	return params.ErrorResult{}, nil
 }
 
-func (m *leadershipService) authMember(serviceTag names.ServiceTag) bool {
+func (m *leadershipService) authMember(ApplicationTag names.ApplicationTag) bool {
 	ownerTag := m.authorizer.GetAuthTag()
 	unitTag, ok := ownerTag.(names.UnitTag)
 	if !ok {
 		return false
 	}
 	unitId := unitTag.Id()
-	requireServiceId, err := names.UnitService(unitId)
+	requireServiceId, err := names.UnitApplication(unitId)
 	if err != nil {
 		return false
 	}
-	return serviceTag.Id() == requireServiceId
+	return ApplicationTag.Id() == requireServiceId
 }
 
 // parseServiceAndUnitTags takes in string representations of service
 // and unit tags and returns their corresponding tags.
 func parseServiceAndUnitTags(
-	serviceTagString, unitTagString string,
+	ApplicationTagString, unitTagString string,
 ) (
-	names.ServiceTag, names.UnitTag, error,
+	names.ApplicationTag, names.UnitTag, error,
 ) {
 	// TODO(fwereade) 2015-02-25 bug #1425506
 	// These permissions errors are not appropriate -- there's no permission or
 	// security issue in play here, because our tag format is public, and the
 	// error only triggers when the strings fail to match that format.
-	serviceTag, err := names.ParseServiceTag(serviceTagString)
+	ApplicationTag, err := names.ParseApplicationTag(ApplicationTagString)
 	if err != nil {
-		return names.ServiceTag{}, names.UnitTag{}, common.ErrPerm
+		return names.ApplicationTag{}, names.UnitTag{}, common.ErrPerm
 	}
 
 	unitTag, err := names.ParseUnitTag(unitTagString)
 	if err != nil {
-		return names.ServiceTag{}, names.UnitTag{}, common.ErrPerm
+		return names.ApplicationTag{}, names.UnitTag{}, common.ErrPerm
 	}
 
-	return serviceTag, unitTag, nil
+	return ApplicationTag, unitTag, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/leadership_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/leadership_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/leadership_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/leadership_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,10 +13,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/leadership"
@@ -31,8 +31,8 @@
 var _ = gc.Suite(&leadershipSuite{})
 
 const (
-	StubServiceNm = "stub-service"
-	StubUnitNm    = "stub-service/0"
+	StubServiceNm = "stub-application"
+	StubUnitNm    = "stub-application/0"
 )
 
 type stubClaimer struct {
@@ -105,7 +105,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      names.NewServiceTag(StubServiceNm).String(),
+				ApplicationTag:  names.NewApplicationTag(StubServiceNm).String(),
 				UnitTag:         names.NewUnitTag(StubUnitNm).String(),
 				DurationSeconds: 299.9,
 			},
@@ -132,7 +132,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      names.NewServiceTag(StubServiceNm).String(),
+				ApplicationTag:  names.NewApplicationTag(StubServiceNm).String(),
 				UnitTag:         names.NewUnitTag(StubUnitNm).String(),
 				DurationSeconds: 5.001,
 			},
@@ -150,7 +150,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      "service-bad/0",
+				ApplicationTag:  "application-bad/0",
 				UnitTag:         names.NewUnitTag(StubUnitNm).String(),
 				DurationSeconds: 123.45,
 			},
@@ -167,7 +167,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      names.NewServiceTag(StubServiceNm).String(),
+				ApplicationTag:  names.NewApplicationTag(StubServiceNm).String(),
 				UnitTag:         "unit-bad",
 				DurationSeconds: 123.45,
 			},
@@ -184,7 +184,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      names.NewServiceTag(StubServiceNm).String(),
+				ApplicationTag:  names.NewApplicationTag(StubServiceNm).String(),
 				UnitTag:         names.NewUnitTag(StubUnitNm).String(),
 				DurationSeconds: 4.99,
 			},
@@ -201,7 +201,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      names.NewServiceTag(StubServiceNm).String(),
+				ApplicationTag:  names.NewApplicationTag(StubServiceNm).String(),
 				UnitTag:         names.NewUnitTag(StubUnitNm).String(),
 				DurationSeconds: 300.1,
 			},
@@ -221,7 +221,7 @@
 	}
 
 	ldrSvc := newLeadershipService(c, claimer, nil)
-	result, err := ldrSvc.BlockUntilLeadershipReleased(names.NewServiceTag(StubServiceNm))
+	result, err := ldrSvc.BlockUntilLeadershipReleased(names.NewApplicationTag(StubServiceNm))
 
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(result.Error, gc.IsNil)
@@ -236,7 +236,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      names.NewServiceTag(StubServiceNm).String(),
+				ApplicationTag:  names.NewApplicationTag(StubServiceNm).String(),
 				UnitTag:         names.NewUnitTag(StubUnitNm).String(),
 				DurationSeconds: 123.45,
 			},
@@ -254,7 +254,7 @@
 	results, err := ldrSvc.ClaimLeadership(params.ClaimLeadershipBulkParams{
 		Params: []params.ClaimLeadershipParams{
 			{
-				ServiceTag:      names.NewServiceTag("lol-different").String(),
+				ApplicationTag:  names.NewApplicationTag("lol-different").String(),
 				UnitTag:         names.NewUnitTag(StubUnitNm).String(),
 				DurationSeconds: 123.45,
 			},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/settings.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/settings.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/settings.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/settings.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package leadership
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -64,7 +64,7 @@
 func (lsa *LeadershipSettingsAccessor) Merge(bulkArgs params.MergeLeadershipSettingsBulkParams) (params.ErrorResults, error) {
 
 	callerUnitId := lsa.authorizer.GetAuthTag().Id()
-	requireServiceId, err := names.UnitService(callerUnitId)
+	requireServiceId, err := names.UnitApplication(callerUnitId)
 	if err != nil {
 		return params.ErrorResults{}, err
 	}
@@ -73,15 +73,15 @@
 	for i, arg := range bulkArgs.Params {
 		result := &results[i]
 
-		// TODO(fwereade): we shoudn't assume a ServiceTag: we should
+		// TODO(fwereade): we shoudn't assume a ApplicationTag: we should
 		// use an actual auth func to determine permissions.
-		serviceTag, err := names.ParseServiceTag(arg.ServiceTag)
+		ApplicationTag, err := names.ParseApplicationTag(arg.ApplicationTag)
 		if err != nil {
 			result.Error = common.ServerError(err)
 			continue
 		}
 
-		serviceId := serviceTag.Id()
+		serviceId := ApplicationTag.Id()
 		if serviceId != requireServiceId {
 			result.Error = common.ServerError(common.ErrPerm)
 			continue
@@ -102,7 +102,7 @@
 func (lsa *LeadershipSettingsAccessor) Read(bulkArgs params.Entities) (params.GetLeadershipSettingsBulkResults, error) {
 
 	callerUnitId := lsa.authorizer.GetAuthTag().Id()
-	requireServiceId, err := names.UnitService(callerUnitId)
+	requireServiceId, err := names.UnitApplication(callerUnitId)
 	if err != nil {
 		return params.GetLeadershipSettingsBulkResults{}, err
 	}
@@ -111,15 +111,15 @@
 	for i, arg := range bulkArgs.Entities {
 		result := &results[i]
 
-		// TODO(fwereade): we shoudn't assume a ServiceTag: we should
+		// TODO(fwereade): we shoudn't assume a ApplicationTag: we should
 		// use an actual auth func to determine permissions.
-		serviceTag, err := names.ParseServiceTag(arg.Tag)
+		ApplicationTag, err := names.ParseApplicationTag(arg.Tag)
 		if err != nil {
 			result.Error = common.ServerError(err)
 			continue
 		}
 
-		serviceId := serviceTag.Id()
+		serviceId := ApplicationTag.Id()
 		if serviceId != requireServiceId {
 			result.Error = common.ServerError(common.ErrPerm)
 			continue
@@ -142,7 +142,7 @@
 func (lsa *LeadershipSettingsAccessor) WatchLeadershipSettings(bulkArgs params.Entities) (params.NotifyWatchResults, error) {
 
 	callerUnitId := lsa.authorizer.GetAuthTag().Id()
-	requireServiceId, err := names.UnitService(callerUnitId)
+	requireServiceId, err := names.UnitApplication(callerUnitId)
 	if err != nil {
 		return params.NotifyWatchResults{}, err
 	}
@@ -151,15 +151,15 @@
 	for i, arg := range bulkArgs.Entities {
 		result := &results[i]
 
-		// TODO(fwereade): we shoudn't assume a ServiceTag: we should
+		// TODO(fwereade): we shoudn't assume a ApplicationTag: we should
 		// use an actual auth func to determine permissions.
-		serviceTag, err := names.ParseServiceTag(arg.Tag)
+		ApplicationTag, err := names.ParseApplicationTag(arg.Tag)
 		if err != nil {
 			result.Error = common.ServerError(err)
 			continue
 		}
 
-		serviceId := serviceTag.Id()
+		serviceId := ApplicationTag.Id()
 		if serviceId != requireServiceId {
 			result.Error = common.ServerError(common.ErrPerm)
 			continue
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/settings_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/settings_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/leadership/settings_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/leadership/settings_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/leadership"
 	"github.com/juju/juju/apiserver/params"
@@ -36,7 +36,7 @@
 
 	results, err := accessor.Read(params.Entities{
 		[]params.Entity{
-			{Tag: names.NewServiceTag(StubServiceNm).String()},
+			{Tag: names.NewApplicationTag(StubServiceNm).String()},
 		},
 	})
 	c.Assert(err, gc.IsNil)
@@ -73,8 +73,8 @@
 	results, err := accessor.Merge(params.MergeLeadershipSettingsBulkParams{
 		[]params.MergeLeadershipSettingsParam{
 			{
-				ServiceTag: names.NewServiceTag(StubServiceNm).String(),
-				Settings:   map[string]string{"baz": "biz"},
+				ApplicationTag: names.NewApplicationTag(StubServiceNm).String(),
+				Settings:       map[string]string{"baz": "biz"},
 			},
 		},
 	})
@@ -112,8 +112,8 @@
 	results, err := accessor.Merge(params.MergeLeadershipSettingsBulkParams{
 		[]params.MergeLeadershipSettingsParam{
 			{
-				ServiceTag: names.NewServiceTag(StubServiceNm).String(),
-				Settings:   map[string]string{"baz": "biz"},
+				ApplicationTag: names.NewApplicationTag(StubServiceNm).String(),
+				Settings:       map[string]string{"baz": "biz"},
 			},
 		},
 	})
@@ -137,7 +137,7 @@
 	accessor := leadership.NewLeadershipSettingsAccessor(authorizer, registerWatcher, nil, nil, nil)
 
 	results, err := accessor.WatchLeadershipSettings(params.Entities{[]params.Entity{
-		{names.NewServiceTag(StubServiceNm).String()},
+		{names.NewApplicationTag(StubServiceNm).String()},
 	}})
 	c.Assert(err, gc.IsNil)
 	c.Assert(results.Results, gc.HasLen, 1)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/lifeflag/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/lifeflag/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/lifeflag/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/lifeflag/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package lifeflag
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/lifeflag/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/lifeflag/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/lifeflag/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/lifeflag/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logfwd/lastsent.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logfwd/lastsent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logfwd/lastsent.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logfwd/lastsent.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,131 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd
+
+import (
+	"io"
+
+	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+)
+
+func init() {
+	common.RegisterStandardFacade("LogForwarding", 1, func(st *state.State, _ *common.Resources, auth common.Authorizer) (*LogForwardingAPI, error) {
+		return NewLogForwardingAPI(&stateAdapter{st}, auth)
+	})
+}
+
+// LastSentTracker exposes the functionality of state.LastSentTracker.
+type LastSentTracker interface {
+	io.Closer
+
+	// Get retrieves the record ID and timestamp.
+	Get() (recID int64, recTimestamp int64, err error)
+
+	// Set records the record ID and timestamp.
+	Set(recID int64, recTimestamp int64) error
+}
+
+// LogForwardingState supports interacting with state for the
+// LogForwarding facade.
+type LogForwardingState interface {
+	// NewLastSentTracker creates a new tracker for the given model
+	// and log sink.
+	NewLastSentTracker(tag names.ModelTag, sink string) LastSentTracker
+}
+
+// LogForwardingAPI is the concrete implementation of the api end point.
+type LogForwardingAPI struct {
+	state LogForwardingState
+}
+
+// NewLogForwardingAPI creates a new server-side logger API end point.
+func NewLogForwardingAPI(st LogForwardingState, auth common.Authorizer) (*LogForwardingAPI, error) {
+	if !auth.AuthMachineAgent() { // the controller's machine agent
+		return nil, common.ErrPerm
+	}
+	api := &LogForwardingAPI{
+		state: st,
+	}
+	return api, nil
+}
+
+// GetLastSent is a bulk call that gets the log forwarding "last sent"
+// record ID for each requested target.
+func (api *LogForwardingAPI) GetLastSent(args params.LogForwardingGetLastSentParams) params.LogForwardingGetLastSentResults {
+	results := make([]params.LogForwardingGetLastSentResult, len(args.IDs))
+	for i, id := range args.IDs {
+		results[i] = api.get(id)
+	}
+	return params.LogForwardingGetLastSentResults{
+		Results: results,
+	}
+}
+
+func (api *LogForwardingAPI) get(id params.LogForwardingID) params.LogForwardingGetLastSentResult {
+	var res params.LogForwardingGetLastSentResult
+	lst, err := api.newLastSentTracker(id)
+	if err != nil {
+		res.Error = common.ServerError(err)
+		return res
+	}
+	defer lst.Close()
+
+	recID, recTimestamp, err := lst.Get()
+	if err != nil {
+		res.Error = common.ServerError(err)
+		if errors.Cause(err) == state.ErrNeverForwarded {
+			res.Error.Code = params.CodeNotFound
+		}
+		return res
+	}
+	res.RecordID = recID
+	res.RecordTimestamp = recTimestamp
+	return res
+}
+
+// SetLastSent is a bulk call that sets the log forwarding "last sent"
+// record ID for each requested target.
+func (api *LogForwardingAPI) SetLastSent(args params.LogForwardingSetLastSentParams) params.ErrorResults {
+	results := make([]params.ErrorResult, len(args.Params), len(args.Params))
+	for i, arg := range args.Params {
+		results[i].Error = api.set(arg)
+	}
+	return params.ErrorResults{
+		Results: results,
+	}
+}
+
+func (api *LogForwardingAPI) set(arg params.LogForwardingSetLastSentParam) *params.Error {
+	lst, err := api.newLastSentTracker(arg.LogForwardingID)
+	if err != nil {
+		return common.ServerError(err)
+	}
+	defer lst.Close()
+
+	err = lst.Set(arg.RecordID, arg.RecordTimestamp)
+	return common.ServerError(err)
+}
+
+func (api *LogForwardingAPI) newLastSentTracker(id params.LogForwardingID) (LastSentTracker, error) {
+	tag, err := names.ParseModelTag(id.ModelTag)
+	if err != nil {
+		return nil, err
+	}
+	tracker := api.state.NewLastSentTracker(tag, id.Sink)
+	return tracker, nil
+}
+
+type stateAdapter struct {
+	*state.State
+}
+
+// NewLastSentTracker implements LogForwardingState.
+func (st stateAdapter) NewLastSentTracker(tag names.ModelTag, sink string) LastSentTracker {
+	return state.NewLastSentLogTracker(st, tag.Id(), sink)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logfwd/lastsent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logfwd/lastsent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logfwd/lastsent_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logfwd/lastsent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,265 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/logfwd"
+	"github.com/juju/juju/apiserver/params"
+	apiservertesting "github.com/juju/juju/apiserver/testing"
+	"github.com/juju/juju/state"
+)
+
+type LastSentSuite struct {
+	testing.IsolationSuite
+
+	stub       *testing.Stub
+	state      *stubState
+	machineTag names.MachineTag
+	authorizer apiservertesting.FakeAuthorizer
+}
+
+var _ = gc.Suite(&LastSentSuite{})
+
+func (s *LastSentSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+
+	s.stub = &testing.Stub{}
+	s.state = &stubState{stub: s.stub}
+	s.machineTag = names.NewMachineTag("99")
+	// The default auth is as the machine agent
+	s.authorizer = apiservertesting.FakeAuthorizer{
+		Tag: s.machineTag,
+	}
+}
+
+func (s *LastSentSuite) TestAuthRefusesUser(c *gc.C) {
+	anAuthorizer := s.authorizer
+	anAuthorizer.Tag = names.NewUserTag("bob")
+
+	_, err := logfwd.NewLogForwardingAPI(s.state, anAuthorizer)
+
+	c.Check(err, gc.ErrorMatches, "permission denied")
+}
+
+func (s *LastSentSuite) TestGetLastSentOne(c *gc.C) {
+	tracker := s.state.addTracker()
+	tracker.ReturnGet = 10
+	api, err := logfwd.NewLogForwardingAPI(s.state, s.authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+	model := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	modelTag := names.NewModelTag(model)
+
+	res := api.GetLastSent(params.LogForwardingGetLastSentParams{
+		IDs: []params.LogForwardingID{{
+			ModelTag: modelTag.String(),
+			Sink:     "spam",
+		}},
+	})
+
+	c.Check(res, jc.DeepEquals, params.LogForwardingGetLastSentResults{
+		Results: []params.LogForwardingGetLastSentResult{{
+			RecordID:        10,
+			RecordTimestamp: 100,
+		}},
+	})
+	s.stub.CheckCallNames(c, "NewLastSentTracker", "Get", "Close")
+	s.stub.CheckCall(c, 0, "NewLastSentTracker", modelTag, "spam")
+}
+
+func (s *LastSentSuite) TestGetLastSentBulk(c *gc.C) {
+	trackerSpam := s.state.addTracker()
+	trackerSpam.ReturnGet = 10
+	trackerEggs := s.state.addTracker()
+	trackerEggs.ReturnGet = 20
+	s.state.addTracker() // ham
+	s.stub.SetErrors(nil, nil, nil, nil, state.ErrNeverForwarded)
+	api, err := logfwd.NewLogForwardingAPI(s.state, s.authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+	model := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	modelTag := names.NewModelTag(model)
+
+	res := api.GetLastSent(params.LogForwardingGetLastSentParams{
+		IDs: []params.LogForwardingID{{
+			ModelTag: modelTag.String(),
+			Sink:     "spam",
+		}, {
+			ModelTag: modelTag.String(),
+			Sink:     "eggs",
+		}, {
+			ModelTag: modelTag.String(),
+			Sink:     "ham",
+		}},
+	})
+
+	c.Check(res, jc.DeepEquals, params.LogForwardingGetLastSentResults{
+		Results: []params.LogForwardingGetLastSentResult{{
+			RecordID:        10,
+			RecordTimestamp: 100,
+		}, {
+			RecordID:        20,
+			RecordTimestamp: 200,
+		}, {
+			Error: &params.Error{
+				Message: `cannot find ID of the last forwarded record`,
+				Code:    params.CodeNotFound,
+			},
+		}},
+	})
+	s.stub.CheckCallNames(c,
+		"NewLastSentTracker", "Get", "Close",
+		"NewLastSentTracker", "Get", "Close",
+		"NewLastSentTracker", "Get", "Close",
+	)
+	s.stub.CheckCall(c, 0, "NewLastSentTracker", modelTag, "spam")
+	s.stub.CheckCall(c, 3, "NewLastSentTracker", modelTag, "eggs")
+	s.stub.CheckCall(c, 6, "NewLastSentTracker", modelTag, "ham")
+}
+
+func (s *LastSentSuite) TestSetLastSentOne(c *gc.C) {
+	s.state.addTracker()
+	api, err := logfwd.NewLogForwardingAPI(s.state, s.authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+	model := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	modelTag := names.NewModelTag(model)
+
+	res := api.SetLastSent(params.LogForwardingSetLastSentParams{
+		Params: []params.LogForwardingSetLastSentParam{{
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: modelTag.String(),
+				Sink:     "spam",
+			},
+			RecordID:        10,
+			RecordTimestamp: 100,
+		}},
+	})
+
+	c.Check(res, jc.DeepEquals, params.ErrorResults{
+		Results: []params.ErrorResult{{
+			Error: nil,
+		}},
+	})
+	s.stub.CheckCallNames(c, "NewLastSentTracker", "Set", "Close")
+	s.stub.CheckCall(c, 0, "NewLastSentTracker", modelTag, "spam")
+	s.stub.CheckCall(c, 1, "Set", int64(10), int64(100))
+}
+
+func (s *LastSentSuite) TestSetLastSentBulk(c *gc.C) {
+	s.state.addTracker() // spam
+	s.state.addTracker() // eggs
+	s.state.addTracker() // ham
+	failure := errors.New("<failed>")
+	s.stub.SetErrors(nil, nil, failure)
+	api, err := logfwd.NewLogForwardingAPI(s.state, s.authorizer)
+	c.Assert(err, jc.ErrorIsNil)
+	model := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	modelTag := names.NewModelTag(model)
+
+	res := api.SetLastSent(params.LogForwardingSetLastSentParams{
+		Params: []params.LogForwardingSetLastSentParam{{
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: modelTag.String(),
+				Sink:     "spam",
+			},
+			RecordID:        10,
+			RecordTimestamp: 100,
+		}, {
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: modelTag.String(),
+				Sink:     "eggs",
+			},
+			RecordID:        20,
+			RecordTimestamp: 200,
+		}, {
+			LogForwardingID: params.LogForwardingID{
+				ModelTag: modelTag.String(),
+				Sink:     "ham",
+			},
+			RecordID:        15,
+			RecordTimestamp: 150,
+		}},
+	})
+
+	c.Check(res, jc.DeepEquals, params.ErrorResults{
+		Results: []params.ErrorResult{{
+			Error: nil,
+		}, {
+			Error: common.ServerError(failure),
+		}, {
+			Error: nil,
+		}},
+	})
+	s.stub.CheckCallNames(c,
+		"NewLastSentTracker", "Set", "Close",
+		"NewLastSentTracker", "Set", "Close",
+		"NewLastSentTracker", "Set", "Close",
+	)
+	s.stub.CheckCall(c, 0, "NewLastSentTracker", modelTag, "spam")
+	s.stub.CheckCall(c, 1, "Set", int64(10), int64(100))
+	s.stub.CheckCall(c, 3, "NewLastSentTracker", modelTag, "eggs")
+	s.stub.CheckCall(c, 4, "Set", int64(20), int64(200))
+	s.stub.CheckCall(c, 6, "NewLastSentTracker", modelTag, "ham")
+	s.stub.CheckCall(c, 7, "Set", int64(15), int64(150))
+}
+
+type stubState struct {
+	stub *testing.Stub
+
+	ReturnNewLastSentTracker []logfwd.LastSentTracker
+}
+
+func (s *stubState) addTracker() *stubTracker {
+	tracker := &stubTracker{stub: s.stub}
+	s.ReturnNewLastSentTracker = append(s.ReturnNewLastSentTracker, tracker)
+	return tracker
+}
+
+func (s *stubState) NewLastSentTracker(tag names.ModelTag, sink string) logfwd.LastSentTracker {
+	s.stub.AddCall("NewLastSentTracker", tag, sink)
+	if len(s.ReturnNewLastSentTracker) == 0 {
+		panic("ran out of trackers")
+	}
+	tracker := s.ReturnNewLastSentTracker[0]
+	s.ReturnNewLastSentTracker = s.ReturnNewLastSentTracker[1:]
+	return tracker
+}
+
+type stubTracker struct {
+	stub *testing.Stub
+
+	ReturnGet int64
+}
+
+func (s *stubTracker) Get() (int64, int64, error) {
+	s.stub.AddCall("Get")
+	if err := s.stub.NextErr(); err != nil {
+		return 0, 0, err
+	}
+
+	return s.ReturnGet, s.ReturnGet * 10, nil
+}
+
+func (s *stubTracker) Set(recID int64, recTimestamp int64) error {
+	s.stub.AddCall("Set", recID, recTimestamp)
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (s *stubTracker) Close() error {
+	s.stub.AddCall("Close")
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logfwd/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logfwd/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logfwd/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logfwd/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logger/logger.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logger/logger.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logger/logger.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logger/logger.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package logger
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logger/logger_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logger/logger_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logger/logger_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logger/logger_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package logger_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/logger"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logsink.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logsink.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logsink.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logsink.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,9 @@
 	"time"
 
 	"github.com/juju/errors"
+	"github.com/juju/loggo"
 	"github.com/juju/utils"
+	"github.com/juju/version"
 	"golang.org/x/net/websocket"
 	"gopkg.in/natefinch/lumberjack.v2"
 
@@ -70,8 +72,22 @@
 			}
 			tag := entity.Tag()
 
+			// Note that this endpoint is agent-only. Thus the only
+			// callers will necessarily provide their Juju version.
+			//
+			// This would be a problem if non-Juju clients (e.g. the
+			// GUI) could use this endpoint since we require that the
+			// *Juju* version be provided as part of the request. Any
+			// attempt to open this endpoint to broader access must
+			// address this caveat appropriately.
+			ver, err := jujuClientVersionFromReq(req)
+			if err != nil {
+				h.sendError(socket, req, err)
+				return
+			}
+
 			filePrefix := st.ModelUUID() + " " + tag.String() + ":"
-			dbLogger := state.NewDbLogger(st, tag)
+			dbLogger := state.NewDbLogger(st, tag, ver)
 			defer dbLogger.Close()
 
 			// If we get to here, no more errors to report, so we report a nil
@@ -89,7 +105,8 @@
 					if fileErr != nil {
 						logger.Errorf("logging to logsink.log failed: %v", fileErr)
 					}
-					dbErr := dbLogger.Log(m.Time, m.Module, m.Location, m.Level, m.Message)
+					level, _ := loggo.ParseLevel(m.Level)
+					dbErr := dbLogger.Log(m.Time, m.Module, m.Location, level, m.Message)
 					if dbErr != nil {
 						logger.Errorf("logging to DB failed: %v", err)
 					}
@@ -103,6 +120,18 @@
 	server.ServeHTTP(w, req)
 }
 
+func jujuClientVersionFromReq(req *http.Request) (version.Number, error) {
+	verStr := req.URL.Query().Get("jujuclientversion")
+	if verStr == "" {
+		return version.Zero, errors.New(`missing "jujuclientversion" in URL query`)
+	}
+	ver, err := version.Parse(verStr)
+	if err != nil {
+		return version.Zero, errors.Annotatef(err, "invalid jujuclientversion %q", verStr)
+	}
+	return ver, nil
+}
+
 func (h *logSinkHandler) receiveLogs(socket *websocket.Conn) <-chan params.LogRecord {
 	logCh := make(chan params.LogRecord)
 
@@ -144,7 +173,7 @@
 	_, err := h.fileLogger.Write([]byte(strings.Join([]string{
 		prefix,
 		m.Time.In(time.UTC).Format("2006-01-02 15:04:05"),
-		m.Level.String(),
+		m.Level,
 		m.Module,
 		m.Location,
 		m.Message,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logsink_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logsink_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logsink_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logsink_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,16 +14,17 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"golang.org/x/net/websocket"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/apiserver/params"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/version"
 )
 
 // logsinkBaseSuite has functionality that's shared between the the 2 logsink related suites
@@ -32,7 +33,11 @@
 }
 
 func (s *logsinkBaseSuite) logsinkURL(c *gc.C, scheme string) *url.URL {
-	return s.makeURL(c, scheme, "/model/"+s.State.ModelUUID()+"/logsink", nil)
+	server := s.makeURL(c, scheme, "/model/"+s.State.ModelUUID()+"/logsink", nil)
+	query := server.Query()
+	query.Set("jujuclientversion", version.Current.String())
+	server.RawQuery = query.Encode()
+	return server
 }
 
 type logsinkSuite struct {
@@ -71,13 +76,13 @@
 func (s *logsinkSuite) TestRejectsUserLogins(c *gc.C) {
 	user := s.Factory.MakeUser(c, &factory.UserParams{Password: "sekrit"})
 	header := utils.BasicAuthHeader(user.Tag().String(), "sekrit")
-	s.checkAuthFailsWithEntityError(c, header)
+	s.checkAuthFailsWithEntityError(c, header, "tag kind user not valid")
 }
 
 func (s *logsinkSuite) TestRejectsBadPassword(c *gc.C) {
 	header := utils.BasicAuthHeader(s.machineTag.String(), "wrong")
 	header.Add(params.MachineNonceHeader, s.nonce)
-	s.checkAuthFailsWithEntityError(c, header)
+	s.checkAuthFailsWithEntityError(c, header, "invalid entity name or password")
 }
 
 func (s *logsinkSuite) TestRejectsIncorrectNonce(c *gc.C) {
@@ -86,8 +91,8 @@
 	s.checkAuthFails(c, header, "machine 0 not provisioned")
 }
 
-func (s *logsinkSuite) checkAuthFailsWithEntityError(c *gc.C, header http.Header) {
-	s.checkAuthFails(c, header, "invalid entity name or password")
+func (s *logsinkSuite) checkAuthFailsWithEntityError(c *gc.C, header http.Header, msg string) {
+	s.checkAuthFails(c, header, msg)
 }
 
 func (s *logsinkSuite) checkAuthFails(c *gc.C, header http.Header, message string) {
@@ -112,7 +117,7 @@
 		Time:     t0,
 		Module:   "some.where",
 		Location: "foo.go:42",
-		Level:    loggo.INFO,
+		Level:    loggo.INFO.String(),
 		Message:  "all is well",
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -122,7 +127,7 @@
 		Time:     t1,
 		Module:   "else.where",
 		Location: "bar.go:99",
-		Level:    loggo.ERROR,
+		Level:    loggo.ERROR.String(),
 		Message:  "oh noes",
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -146,7 +151,7 @@
 
 	// Check the recorded logs are correct.
 	modelUUID := s.State.ModelUUID()
-	c.Assert(docs[0]["t"].(time.Time).Sub(t0), gc.Equals, time.Duration(0))
+	c.Assert(docs[0]["t"], gc.Equals, t0.UnixNano())
 	c.Assert(docs[0]["e"], gc.Equals, modelUUID)
 	c.Assert(docs[0]["n"], gc.Equals, s.machineTag.String())
 	c.Assert(docs[0]["m"], gc.Equals, "some.where")
@@ -154,7 +159,7 @@
 	c.Assert(docs[0]["v"], gc.Equals, int(loggo.INFO))
 	c.Assert(docs[0]["x"], gc.Equals, "all is well")
 
-	c.Assert(docs[1]["t"].(time.Time).Sub(t1), gc.Equals, time.Duration(0))
+	c.Assert(docs[1]["t"], gc.Equals, t1.UnixNano())
 	c.Assert(docs[1]["e"], gc.Equals, modelUUID)
 	c.Assert(docs[1]["n"], gc.Equals, s.machineTag.String())
 	c.Assert(docs[1]["m"], gc.Equals, "else.where")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logstream.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logstream.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logstream.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logstream.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,273 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package apiserver
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/gorilla/schema"
+	"github.com/juju/errors"
+	"github.com/juju/utils/clock"
+	"golang.org/x/net/websocket"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+)
+
+type logStreamSource interface {
+	getStart(sink string, allModels bool) (time.Time, error)
+	newTailer(*state.LogTailerParams) (state.LogTailer, error)
+}
+
+// logStreamEndpointHandler takes requests to stream logs from the DB.
+type logStreamEndpointHandler struct {
+	stopCh    <-chan struct{}
+	newSource func(*http.Request) (logStreamSource, error)
+}
+
+func newLogStreamEndpointHandler(ctxt httpContext) *logStreamEndpointHandler {
+	newSource := func(req *http.Request) (logStreamSource, error) {
+		st, _, err := ctxt.stateForRequestAuthenticatedAgent(req)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		return &logStreamState{st}, nil
+	}
+	return &logStreamEndpointHandler{
+		stopCh:    ctxt.stop(),
+		newSource: newSource,
+	}
+}
+
+// ServeHTTP will serve up connections as a websocket for the logstream API.
+//
+// Args for the HTTP request are as follows:
+//   all -> string - one of [true, false], if true, include records from all models
+//   sink -> string - the name of the the log forwarding target
+func (eph *logStreamEndpointHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+	logger.Infof("log stream request handler starting")
+	server := websocket.Server{
+		Handler: func(conn *websocket.Conn) {
+			defer conn.Close()
+			reqHandler, err := eph.newLogStreamRequestHandler(req, clock.WallClock)
+			if err == nil {
+				defer reqHandler.tailer.Stop()
+			}
+			stream, initErr := initStream(conn, err)
+			if initErr != nil {
+				logger.Debugf("failed to send initial error (%v): %v", err, initErr)
+				return
+			}
+			if err != nil {
+				return
+			}
+			reqHandler.serveWebsocket(conn, stream, eph.stopCh)
+		},
+	}
+	server.ServeHTTP(w, req)
+}
+
+func (eph *logStreamEndpointHandler) newLogStreamRequestHandler(req *http.Request, clock clock.Clock) (*logStreamRequestHandler, error) {
+	// Validate before authenticate because the authentication is
+	// dependent on the state connection that is determined during the
+	// validation.
+	source, err := eph.newSource(req)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	var cfg params.LogStreamConfig
+	query := req.URL.Query()
+	query.Del(":modeluuid")
+	if err := schema.NewDecoder().Decode(&cfg, query); err != nil {
+		return nil, errors.Annotate(err, "decoding schema")
+	}
+
+	tailer, err := eph.newTailer(source, cfg, clock)
+	if err != nil {
+		return nil, errors.Annotate(err, "creating new tailer")
+	}
+
+	reqHandler := &logStreamRequestHandler{
+		req:           req,
+		tailer:        tailer,
+		sendModelUUID: cfg.AllModels,
+	}
+	return reqHandler, nil
+}
+
+func (eph logStreamEndpointHandler) newTailer(source logStreamSource, cfg params.LogStreamConfig, clock clock.Clock) (state.LogTailer, error) {
+	start, err := source.getStart(cfg.Sink, cfg.AllModels)
+	if err != nil {
+		return nil, errors.Annotate(err, "getting log start position")
+	}
+	if cfg.MaxLookbackDuration != "" {
+		d, err := time.ParseDuration(cfg.MaxLookbackDuration)
+		if err != nil {
+			return nil, errors.Annotatef(err, "invalid lookback duration")
+		}
+		now := clock.Now()
+		if now.Sub(start) > d {
+			start = now.Add(-1 * d)
+		}
+	}
+
+	tailerArgs := &state.LogTailerParams{
+		StartTime:    start,
+		InitialLines: cfg.MaxLookbackRecords,
+		AllModels:    cfg.AllModels,
+	}
+	tailer, err := source.newTailer(tailerArgs)
+	if err != nil {
+		return nil, errors.Annotate(err, "tailing logs")
+	}
+	return tailer, nil
+}
+
+// logStreamState is an implementation of logStreamSource.
+type logStreamState struct {
+	state.LogTailerState
+}
+
+func (st logStreamState) getStart(sink string, allModels bool) (time.Time, error) {
+	var tracker *state.LastSentLogTracker
+	if allModels {
+		var err error
+		tracker, err = state.NewAllLastSentLogTracker(st, sink)
+		if err != nil {
+			return time.Time{}, errors.Trace(err)
+		}
+	} else {
+		tracker = state.NewLastSentLogTracker(st, st.ModelUUID(), sink)
+	}
+	defer tracker.Close()
+
+	// Resume for the sink...
+	_, lastSentTimestamp, err := tracker.Get()
+	if errors.Cause(err) == state.ErrNeverForwarded {
+		// If we've never forwarded a message, we start from
+		// position zero.
+		lastSentTimestamp = 0
+	} else if err != nil {
+		return time.Time{}, errors.Trace(err)
+	}
+
+	// Using the same timestamp will cause at least 1 duplicate
+	// entry, but that is better than dropping records.
+	// TODO(ericsnow) Add 1 to start once we track by sequential int ID
+	// instead of by timestamp.
+	return time.Unix(0, lastSentTimestamp), nil
+}
+
+func (st logStreamState) newTailer(args *state.LogTailerParams) (state.LogTailer, error) {
+	tailer, err := state.NewLogTailer(st, args)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return tailer, nil
+}
+
+type logStreamRequestHandler struct {
+	req           *http.Request
+	tailer        state.LogTailer
+	sendModelUUID bool
+
+	stream *apiLogStream
+}
+
+func (rh *logStreamRequestHandler) serveWebsocket(conn *websocket.Conn, stream *apiLogStream, stop <-chan struct{}) {
+	logger.Infof("log stream request handler starting")
+
+	// TODO(wallyworld) - we currently only send one record at a time, but the API allows for
+	// sending batches of records, so we need to batch up the output from tailer.Logs().
+	for {
+		select {
+		case <-stop:
+			return
+		case rec, ok := <-rh.tailer.Logs():
+			if !ok {
+				logger.Errorf("tailer stopped: %v", rh.tailer.Err())
+				return
+			}
+			if err := stream.sendRecords([]*state.LogRecord{rec}, rh.sendModelUUID); err != nil {
+				if isBrokenPipe(err) {
+					logger.Tracef("logstream handler stopped (client disconnected)")
+				} else {
+					logger.Errorf("logstream handler error: %v", err)
+				}
+			}
+		}
+	}
+}
+
+func initStream(conn *websocket.Conn, initial error) (*apiLogStream, error) {
+	stream := &apiLogStream{
+		conn:  conn,
+		codec: websocket.JSON,
+	}
+	if err := stream.sendInitial(initial); err != nil {
+		return nil, errors.Trace(err)
+	}
+	return stream, nil
+}
+
+type apiLogStream struct {
+	conn  *websocket.Conn
+	codec websocket.Codec
+}
+
+func (als *apiLogStream) sendInitial(err error) error {
+	// The client is waiting for an indication that the stream
+	// is ready (or that it failed).
+	// See api/apiclient.go:readInitialStreamError().
+	initialCodec := websocket.Codec{
+		Marshal: func(v interface{}) (data []byte, payloadType byte, err error) {
+			data, payloadType, err = websocket.JSON.Marshal(v)
+			if err != nil {
+				return data, payloadType, err
+			}
+			// readInitialStreamError() looks for LF.
+			return append(data, '\n'), payloadType, nil
+		},
+	}
+	return initialCodec.Send(als.conn, &params.ErrorResult{
+		Error: common.ServerError(err),
+	})
+}
+
+func (als *apiLogStream) sendRecords(rec []*state.LogRecord, sendModelUUID bool) error {
+	apiRec := als.apiFromRecords(rec, sendModelUUID)
+	if err := als.send(apiRec); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+func (als *apiLogStream) send(rec params.LogStreamRecords) error {
+	return als.codec.Send(als.conn, rec)
+}
+
+func (als *apiLogStream) apiFromRecords(records []*state.LogRecord, sendModelUUID bool) params.LogStreamRecords {
+	var result params.LogStreamRecords
+	result.Records = make([]params.LogStreamRecord, len(records))
+	for i, rec := range records {
+		apiRec := params.LogStreamRecord{
+			ID:        rec.ID,
+			Version:   rec.Version.String(),
+			Entity:    rec.Entity.String(),
+			Timestamp: rec.Time,
+			Module:    rec.Module,
+			Location:  rec.Location,
+			Level:     rec.Level.String(),
+			Message:   rec.Message,
+		}
+		if sendModelUUID {
+			apiRec.ModelUUID = rec.ModelUUID
+		}
+		result.Records[i] = apiRec
+	}
+	return result
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logstream_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logstream_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/logstream_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/logstream_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,366 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package apiserver
+
+import (
+	"io"
+	"net"
+	"net/http"
+	"net/url"
+	"time"
+
+	"github.com/google/go-querystring/query"
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/clock"
+	"golang.org/x/net/websocket"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/state"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/version"
+)
+
+type LogStreamIntSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&LogStreamIntSuite{})
+
+func (s *LogStreamIntSuite) TestParamConversion(c *gc.C) {
+	cfg := params.LogStreamConfig{
+		AllModels:          true,
+		Sink:               "spam",
+		MaxLookbackRecords: 100,
+	}
+	req := s.newReq(c, cfg)
+
+	stub := &testing.Stub{}
+	source := &stubSource{stub: stub}
+	source.ReturnGetStart = 10
+	handler := logStreamEndpointHandler{
+		stopCh:    nil,
+		newSource: source.newSource,
+	}
+
+	reqHandler, err := handler.newLogStreamRequestHandler(req, clock.WallClock)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(reqHandler.sendModelUUID, jc.IsTrue)
+	stub.CheckCallNames(c, "newSource", "getStart", "newTailer")
+	stub.CheckCall(c, 1, "getStart", "spam", true)
+	stub.CheckCall(c, 2, "newTailer", &state.LogTailerParams{
+		StartTime:    time.Unix(10, 0),
+		AllModels:    true,
+		InitialLines: 100,
+	})
+}
+
+type mockClock struct {
+	clock.Clock
+	now time.Time
+}
+
+func (m *mockClock) Now() time.Time {
+	return m.now
+}
+
+func (s *LogStreamIntSuite) TestParamStartTruncate(c *gc.C) {
+	cfg := params.LogStreamConfig{
+		Sink:                "spam",
+		MaxLookbackDuration: "2h",
+	}
+	req := s.newReq(c, cfg)
+
+	stub := &testing.Stub{}
+	source := &stubSource{stub: stub}
+	source.ReturnGetStart = 0
+	handler := logStreamEndpointHandler{
+		stopCh:    nil,
+		newSource: source.newSource,
+	}
+
+	now := time.Now()
+	clock := &mockClock{now: now}
+
+	reqHandler, err := handler.newLogStreamRequestHandler(req, clock)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(reqHandler.sendModelUUID, jc.IsFalse)
+	stub.CheckCallNames(c, "newSource", "getStart", "newTailer")
+	stub.CheckCall(c, 1, "getStart", "spam", false)
+	stub.CheckCall(c, 2, "newTailer", &state.LogTailerParams{
+		StartTime: now.Add(-2 * time.Hour),
+	})
+}
+
+func (s *LogStreamIntSuite) TestFullRequest(c *gc.C) {
+
+	// Create test data: i.e. log records for tailing...
+	logs := []state.LogRecord{{
+		ID:        10,
+		ModelUUID: "deadbeef-...",
+		Version:   version.Current,
+		Time:      time.Date(2015, 6, 19, 15, 34, 37, 0, time.UTC),
+		Entity:    names.NewMachineTag("99"),
+		Module:    "some.where",
+		Location:  "code.go:42",
+		Level:     loggo.INFO,
+		Message:   "stuff happened",
+	}, {
+		ID:        20,
+		ModelUUID: "deadbeef-...",
+		Version:   version.Current,
+		Time:      time.Date(2015, 6, 19, 15, 36, 40, 0, time.UTC),
+		Entity:    names.NewUnitTag("foo/2"),
+		Module:    "else.where",
+		Location:  "go.go:22",
+		Level:     loggo.ERROR,
+		Message:   "whoops",
+	}}
+
+	// ...and transform them into the records we expect to see.
+	// (It would be better to create those records explicitly --
+	// this is altogether too close to a violation of don't-copy-
+	// the-implementation-into-the-tests.)
+	var expected []params.LogStreamRecords
+	for _, rec := range logs {
+		expected = append(expected, params.LogStreamRecords{
+			Records: []params.LogStreamRecord{{
+				ID:        rec.ID,
+				ModelUUID: rec.ModelUUID,
+				Entity:    rec.Entity.String(),
+				Version:   version.Current.String(),
+				Timestamp: rec.Time,
+				Module:    rec.Module,
+				Location:  rec.Location,
+				Level:     rec.Level.String(),
+				Message:   rec.Message,
+			}}})
+	}
+
+	// Create a tailer that will supply the source log records,
+	// defined above, to the request handler we're (primarily)
+	// testing, as set up in the next block; and create the
+	// http request that the handler's execution is (purportedly)
+	// caused by.
+	tailer := &stubLogTailer{stub: &testing.Stub{}}
+	tailer.ReturnLogs = tailer.newChannel(logs)
+	req := s.newReq(c, params.LogStreamConfig{
+		AllModels: true,
+		Sink:      "eggs",
+	})
+
+	// Start the websocket server, which apes expected apiserver
+	// behaviour by calling `initStream` and then handing over to
+	// the `logStreamRequestHandler` as configured. That is to say:
+	// this server callback holds everything that's *actually* being
+	// tested here.
+	serverDone := make(chan struct{})
+	abortServer := make(chan struct{})
+	client := newWebsocketServer(c, func(conn *websocket.Conn) {
+		defer close(serverDone)
+		defer conn.Close()
+
+		stream, err := initStream(conn, nil)
+		if !c.Check(err, jc.ErrorIsNil) {
+			return
+		}
+		handler := &logStreamRequestHandler{
+			req:           req,
+			tailer:        tailer,
+			sendModelUUID: true,
+		}
+		handler.serveWebsocket(conn, stream, abortServer)
+	})
+	defer waitFor(c, serverDone)
+	defer close(abortServer)
+
+	// Stream out the results from the client. This whole block is
+	// just scaffolding to get the results back out on the records
+	// channel, and should probably be replaced by something more
+	// direct. The goroutine is needed here because the JSON Receive
+	// call will block waiting on the server to send the next message.
+	clientDone := make(chan struct{})
+	records := make(chan params.LogStreamRecords)
+	go func() {
+		defer close(clientDone)
+
+		var result params.ErrorResult
+		err := websocket.JSON.Receive(client, &result)
+		ok := c.Check(err, jc.ErrorIsNil)
+		if ok && c.Check(result, jc.DeepEquals, params.ErrorResult{}) {
+			for {
+				var apiRec params.LogStreamRecords
+				err = websocket.JSON.Receive(client, &apiRec)
+				if err != nil {
+					break
+				}
+				records <- apiRec
+			}
+		}
+
+		c.Logf("client stopped: %v", err)
+		if err == io.EOF {
+			return // this is fine
+		}
+		if _, ok := err.(*net.OpError); ok {
+			return // so is this, probably
+		}
+		// anything else is a problem
+		c.Check(err, jc.ErrorIsNil)
+	}()
+	defer waitFor(c, clientDone)
+	defer client.Close()
+
+	// Check the client produces the expected records. (This is the
+	// actual *test* bit of the test, vs the scaffolding that
+	// accounts for just about everything else.)
+	for i, expectedRec := range expected {
+		c.Logf("trying #%d: %#v", i, expectedRec)
+		select {
+		case apiRec := <-records:
+			c.Check(apiRec, jc.DeepEquals, expectedRec)
+		case <-time.After(coretesting.LongWait):
+			c.Fatal("timed out waiting for log record")
+		}
+	}
+
+	// Wait a moment to be sure there aren't any extra records.
+	select {
+	case apiRec := <-records:
+		c.Errorf("got unexpected record: %#v", apiRec)
+	case <-time.After(coretesting.ShortWait):
+		// All good, let the defers handle teardown.
+	}
+}
+
+func (s *LogStreamIntSuite) newReq(c *gc.C, cfg params.LogStreamConfig) *http.Request {
+	attrs, err := query.Values(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	URL, err := url.Parse("https://a.b.c/logstream")
+	c.Assert(err, jc.ErrorIsNil)
+	URL.RawQuery = attrs.Encode()
+	req, err := http.NewRequest("GET", URL.String(), nil)
+	c.Assert(err, jc.ErrorIsNil)
+	return req
+}
+
+type stubSource struct {
+	stub *testing.Stub
+
+	ReturnGetStart  int64
+	ReturnNewTailer state.LogTailer
+}
+
+func (s *stubSource) newSource(req *http.Request) (logStreamSource, error) {
+	s.stub.AddCall("newSource", req)
+	if err := s.stub.NextErr(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	return s, nil
+}
+
+func (s *stubSource) getStart(sink string, allModels bool) (time.Time, error) {
+	s.stub.AddCall("getStart", sink, allModels)
+	if err := s.stub.NextErr(); err != nil {
+		return time.Time{}, errors.Trace(err)
+	}
+
+	return time.Unix(s.ReturnGetStart, 0), nil
+}
+
+func (s *stubSource) newTailer(args *state.LogTailerParams) (state.LogTailer, error) {
+	s.stub.AddCall("newTailer", args)
+	if err := s.stub.NextErr(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	return s.ReturnNewTailer, nil
+}
+
+type stubLogTailer struct {
+	state.LogTailer
+	stub *testing.Stub
+
+	ReturnLogs <-chan *state.LogRecord
+}
+
+func (s *stubLogTailer) newChannel(logs []state.LogRecord) <-chan *state.LogRecord {
+	ch := make(chan *state.LogRecord)
+	go func() {
+		for i := range logs {
+			rec := logs[i]
+			ch <- &rec
+		}
+	}()
+	return ch
+}
+
+func (s *stubLogTailer) Logs() <-chan *state.LogRecord {
+	s.stub.AddCall("Logs")
+	s.stub.NextErr() // pop one off
+
+	return s.ReturnLogs
+}
+
+func (s *stubLogTailer) Err() error {
+	s.stub.AddCall("Err")
+	if err := s.stub.NextErr(); err != nil {
+		return errors.Trace(err)
+	}
+
+	return nil
+}
+
+func newWebsocketServer(c *gc.C, h websocket.Handler) *websocket.Conn {
+	cfg, err := websocket.NewConfig("ws://localhost:12345/", "http://localhost/")
+	c.Assert(err, jc.ErrorIsNil)
+
+	go func() {
+		err = http.ListenAndServe(":12345", websocket.Server{
+			Config:  *cfg,
+			Handler: h,
+		})
+		c.Assert(err, jc.ErrorIsNil)
+	}()
+
+	return newWebsocketClient(c, cfg)
+}
+
+func newWebsocketClient(c *gc.C, cfg *websocket.Config) *websocket.Conn {
+	client, err := websocket.DialConfig(cfg)
+	if err == nil {
+		return client
+	}
+
+	timeoutCh := time.After(coretesting.LongWait)
+	for {
+		select {
+		case <-timeoutCh:
+			c.Assert(err, jc.ErrorIsNil)
+		case <-time.After(coretesting.ShortWait):
+		}
+
+		client, err = websocket.DialConfig(cfg)
+		if _, ok := err.(*websocket.DialError); ok {
+			continue
+		}
+		c.Assert(err, jc.ErrorIsNil)
+		return client
+	}
+}
+
+func waitFor(c *gc.C, done <-chan struct{}) {
+	select {
+	case <-done:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("channel never closed")
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machine/common_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machine/common_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machine/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machine/common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package machine_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machine/machiner.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machine/machiner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machine/machiner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machine/machiner.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/networkingcommon"
@@ -88,7 +88,7 @@
 			var m *state.Machine
 			m, err = api.getMachine(tag)
 			if err == nil {
-				addresses := params.NetworkAddresses(arg.Addresses)
+				addresses := params.NetworkAddresses(arg.Addresses...)
 				err = m.SetMachineAddresses(addresses...)
 			} else if errors.IsNotFound(err) {
 				err = common.ErrPerm
@@ -156,7 +156,8 @@
 	if errors.IsNotProvisioned(err) {
 		logger.Infof("not updating provider network config: %v", err)
 		return nil
-	} else if err != nil {
+	}
+	if err != nil {
 		return errors.Trace(err)
 	}
 	if len(providerConfig) == 0 {
@@ -164,7 +165,10 @@
 		return nil
 	}
 
-	mergedConfig := networkingcommon.MergeProviderAndObservedNetworkConfigs(providerConfig, observedConfig)
+	mergedConfig, err := networkingcommon.MergeProviderAndObservedNetworkConfigs(providerConfig, observedConfig)
+	if err != nil {
+		return errors.Trace(err)
+	}
 	logger.Tracef("merged observed and provider network config: %+v", mergedConfig)
 
 	return api.setOneMachineNetworkConfig(m, mergedConfig)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machine/machiner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machine/machiner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machine/machiner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machine/machiner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,11 @@
 package machine_test
 
 import (
-	"github.com/juju/names"
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/machine"
@@ -55,16 +57,27 @@
 }
 
 func (s *machinerSuite) TestSetStatus(c *gc.C) {
-	err := s.machine0.SetStatus(status.StatusStarted, "blah", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.machine0.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.machine1.SetStatus(status.StatusStopped, "foo", nil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusStopped,
+		Message: "foo",
+		Since:   &now,
+	}
+	err = s.machine1.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: "machine-1", Status: status.StatusError, Info: "not really"},
-			{Tag: "machine-0", Status: status.StatusStopped, Info: "foobar"},
-			{Tag: "machine-42", Status: status.StatusStarted, Info: "blah"},
+			{Tag: "machine-1", Status: status.StatusError.String(), Info: "not really"},
+			{Tag: "machine-0", Status: status.StatusStopped.String(), Info: "foobar"},
+			{Tag: "machine-42", Status: status.StatusStarted.String(), Info: "blah"},
 		}}
 	result, err := s.machiner.SetStatus(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -160,9 +173,9 @@
 	addresses := network.NewAddresses("127.0.0.1", "8.8.8.8")
 
 	args := params.SetMachinesAddresses{MachineAddresses: []params.MachineAddresses{
-		{Tag: "machine-1", Addresses: params.FromNetworkAddresses(addresses)},
-		{Tag: "machine-0", Addresses: params.FromNetworkAddresses(addresses)},
-		{Tag: "machine-42", Addresses: params.FromNetworkAddresses(addresses)},
+		{Tag: "machine-1", Addresses: params.FromNetworkAddresses(addresses...)},
+		{Tag: "machine-0", Addresses: params.FromNetworkAddresses(addresses...)},
+		{Tag: "machine-42", Addresses: params.FromNetworkAddresses(addresses...)},
 	}}
 
 	result, err := s.machiner.SetMachineAddresses(args)
@@ -189,7 +202,7 @@
 	// Set some addresses so we can ensure they are removed.
 	addresses := network.NewAddresses("127.0.0.1", "8.8.8.8")
 	args := params.SetMachinesAddresses{MachineAddresses: []params.MachineAddresses{
-		{Tag: "machine-1", Addresses: params.FromNetworkAddresses(addresses)},
+		{Tag: "machine-1", Addresses: params.FromNetworkAddresses(addresses...)},
 	}}
 	result, err := s.machiner.SetMachineAddresses(args)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machineactions/machineactions.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machineactions/machineactions.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machineactions/machineactions.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machineactions/machineactions.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 type Backend interface {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machineactions/machineactions_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machineactions/machineactions_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machineactions/machineactions_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machineactions/machineactions_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/machineactions"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machineactions/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machineactions/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machineactions/shim.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machineactions/shim.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 func init() {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machinemanager/machinemanager.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machinemanager/machinemanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machinemanager/machinemanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machinemanager/machinemanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -146,7 +146,7 @@
 		Jobs:        jobs,
 		Nonce:       p.Nonce,
 		HardwareCharacteristics: p.HardwareCharacteristics,
-		Addresses:               params.NetworkAddresses(p.Addrs),
+		Addresses:               params.NetworkAddresses(p.Addrs...),
 		Placement:               placementDirective,
 	}
 	if p.ContainerType == "" {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machinemanager/machinemanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machinemanager/machinemanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/machinemanager/machinemanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/machinemanager/machinemanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/machinemanager"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/meterstatus/meterstatus.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/meterstatus/meterstatus.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/meterstatus/meterstatus.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/meterstatus/meterstatus.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 package meterstatus
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/meterstatus/meterstatus_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/meterstatus/meterstatus_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/meterstatus/meterstatus_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/meterstatus/meterstatus_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -55,9 +55,9 @@
 }
 
 func (s *meterStatusSuite) TestGetMeterStatusUnauthenticated(c *gc.C) {
-	service, err := s.unit.Service()
+	application, err := s.unit.Application()
 	c.Assert(err, jc.ErrorIsNil)
-	otherunit := s.factory.MakeUnit(c, &jujufactory.UnitParams{Service: service})
+	otherunit := s.factory.MakeUnit(c, &jujufactory.UnitParams{Application: application})
 	args := params.Entities{Entities: []params.Entity{{otherunit.Tag().String()}}}
 	result, err := s.status.GetMeterStatus(args)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsadder/metricsadder.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsadder/metricsadder.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsadder/metricsadder.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsadder/metricsadder.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package metricsadder
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsadder/metricsadder_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsadder/metricsadder_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsadder/metricsadder_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsadder/metricsadder_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/metricsadder"
@@ -33,10 +33,10 @@
 
 	machine0       *state.Machine
 	machine1       *state.Machine
-	mysqlService   *state.Service
-	mysql          *state.Service
+	mysqlService   *state.Application
+	mysql          *state.Application
 	mysqlUnit      *state.Unit
-	meteredService *state.Service
+	meteredService *state.Application
 	meteredCharm   *state.Charm
 	meteredUnit    *state.Unit
 
@@ -58,25 +58,24 @@
 	mysqlCharm := s.factory.MakeCharm(c, &jujuFactory.CharmParams{
 		Name: "mysql",
 	})
-	s.mysql = s.factory.MakeService(c, &jujuFactory.ServiceParams{
-		Name:    "mysql",
-		Charm:   mysqlCharm,
-		Creator: s.AdminUserTag(c),
+	s.mysql = s.factory.MakeApplication(c, &jujuFactory.ApplicationParams{
+		Name:  "mysql",
+		Charm: mysqlCharm,
 	})
 	s.mysqlUnit = s.factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.mysql,
-		Machine: s.machine0,
+		Application: s.mysql,
+		Machine:     s.machine0,
 	})
 
 	s.meteredCharm = s.factory.MakeCharm(c, &jujuFactory.CharmParams{
 		Name: "metered",
 		URL:  "cs:quantal/metered",
 	})
-	s.meteredService = s.factory.MakeService(c, &jujuFactory.ServiceParams{
+	s.meteredService = s.factory.MakeApplication(c, &jujuFactory.ApplicationParams{
 		Charm: s.meteredCharm,
 	})
 	s.meteredUnit = s.factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service:     s.meteredService,
+		Application: s.meteredService,
 		SetCharmURL: true,
 		Machine:     s.machine1,
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -15,7 +15,7 @@
 )
 
 func init() {
-	common.RegisterStandardFacade("MetricsDebug", 1, NewMetricsDebugAPI)
+	common.RegisterStandardFacade("MetricsDebug", 2, NewMetricsDebugAPI)
 }
 
 type metricsDebug interface {
@@ -28,8 +28,8 @@
 	// Unit returns the unit based on its name.
 	Unit(string) (*state.Unit, error)
 
-	// Service returns the service based on its name.
-	Service(string) (*state.Service, error)
+	// Application returns the application based on its name.
+	Application(string) (*state.Application, error)
 }
 
 // MetricsDebug defines the methods on the metricsdebug API end point.
@@ -87,7 +87,7 @@
 				results.Results[i].Error = common.ServerError(err)
 				continue
 			}
-		case names.ServiceTagKind:
+		case names.ApplicationTagKind:
 			batches, err = api.state.MetricBatchesForService(tag.Id())
 			if err != nil {
 				err = errors.Annotate(err, "failed to get metrics")
@@ -160,8 +160,8 @@
 		if err != nil {
 			return errors.Trace(err)
 		}
-	case names.ServiceTag:
-		service, err := api.state.Service(entity.Id())
+	case names.ApplicationTag:
+		service, err := api.state.Application(entity.Id())
 		if err != nil {
 			return errors.Trace(err)
 		}
@@ -180,7 +180,7 @@
 			}
 		}
 	default:
-		return errors.Errorf("expected service or unit tag, got %T", entity)
+		return errors.Errorf("expected application or unit tag, got %T", entity)
 	}
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsdebug/metricsdebug_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,13 +39,13 @@
 
 func (s *metricsDebugSuite) TestSetMeterStatus(c *gc.C) {
 	testCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	testService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: testCharm})
-	testUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: testService, SetCharmURL: true})
-	testUnit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: testService, SetCharmURL: true})
+	testService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: testCharm})
+	testUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: testService, SetCharmURL: true})
+	testUnit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: testService, SetCharmURL: true})
 
 	csCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	csService := s.Factory.MakeService(c, &factory.ServiceParams{Name: "cs-service", Charm: csCharm})
-	csUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: csService, SetCharmURL: true})
+	csService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "cs-service", Charm: csCharm})
+	csUnit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: csService, SetCharmURL: true})
 
 	tests := []struct {
 		about  string
@@ -53,7 +53,7 @@
 		err    string
 		assert func(*gc.C, params.ErrorResults)
 	}{{
-		about: "set service meter status",
+		about: "set application meter status",
 		params: params.MeterStatusParams{
 			Statuses: []params.MeterStatusParam{{
 				Tag:  testService.Tag().String(),
@@ -99,7 +99,7 @@
 			})
 		},
 	}, {
-		about: "not a local charm - service",
+		about: "not a local charm - application",
 		params: params.MeterStatusParams{
 			Statuses: []params.MeterStatusParam{{
 				Tag:  csService.Tag().String(),
@@ -141,10 +141,10 @@
 			c.Assert(err, gc.DeepEquals, &params.Error{Message: "invalid meter status \"NOT AVAILABLE\""})
 		},
 	}, {
-		about: "not such service",
+		about: "not such application",
 		params: params.MeterStatusParams{
 			Statuses: []params.MeterStatusParam{{
-				Tag:  "service-missing",
+				Tag:  "application-missing",
 				Code: "AMBER",
 				Info: "test",
 			},
@@ -152,7 +152,7 @@
 		},
 		assert: func(c *gc.C, results params.ErrorResults) {
 			err := results.OneError()
-			c.Assert(err, gc.DeepEquals, &params.Error{Message: "service \"missing\" not found", Code: "not found"})
+			c.Assert(err, gc.DeepEquals, &params.Error{Message: "application \"missing\" not found", Code: "not found"})
 		},
 	},
 	}
@@ -171,8 +171,8 @@
 
 func (s *metricsDebugSuite) TestGetMetrics(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	newTime := time.Now().Round(time.Second)
 	metricA := state.Metric{"pings", "5", newTime}
 	metricB := state.Metric{"pings", "10.5", newTime}
@@ -209,11 +209,11 @@
 
 func (s *metricsDebugSuite) TestGetMultipleMetricsNoMocks(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: meteredCharm,
 	})
-	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
-	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
+	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 
 	metricUnit0 := s.Factory.MakeMetric(c, &factory.MetricParams{
 		Unit: unit0,
@@ -246,11 +246,11 @@
 
 func (s *metricsDebugSuite) TestGetMultipleMetricsNoMocksWithService(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Charm: meteredCharm,
 	})
-	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
-	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	unit0 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
+	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 
 	metricUnit0 := s.Factory.MakeMetric(c, &factory.MetricParams{
 		Unit: unit0,
@@ -260,7 +260,7 @@
 	})
 
 	args := params.Entities{Entities: []params.Entity{
-		{"service-metered"},
+		{"application-metered"},
 	}}
 
 	metrics, err := s.metricsdebug.GetMetrics(args)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/metricsender.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/metricsender.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/metricsender.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/metricsender.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,7 +28,7 @@
 	defaultSender            MetricSender = &HttpSender{}
 )
 
-func handleResponse(mm *state.MetricsManager, st *state.State, response wireformat.Response) {
+func handleResponse(mm *state.MetricsManager, st MetricsSenderBackend, response wireformat.Response) {
 	for _, envResp := range response.EnvResponses {
 		err := st.SetMetricBatchesSent(envResp.AcknowledgedBatches)
 		if err != nil {
@@ -57,7 +57,7 @@
 // SendMetrics will send any unsent metrics
 // over the MetricSender interface in batches
 // no larger than batchSize.
-func SendMetrics(st *state.State, sender MetricSender, batchSize int) error {
+func SendMetrics(st MetricsSenderBackend, sender MetricSender, batchSize int) error {
 	metricsManager, err := st.MetricsManager()
 	if err != nil {
 		return errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/metricsender_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/metricsender_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/metricsender_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/metricsender_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,8 +32,8 @@
 func (s *MetricSenderSuite) SetUpTest(c *gc.C) {
 	s.JujuConnSuite.SetUpTest(c)
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 }
 
 func (s *MetricSenderSuite) TestToWire(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/sender_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/sender_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/sender_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/sender_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,7 +26,7 @@
 type SenderSuite struct {
 	jujutesting.JujuConnSuite
 	unit           *state.Unit
-	meteredService *state.Service
+	meteredService *state.Application
 }
 
 var _ = gc.Suite(&SenderSuite{})
@@ -46,8 +46,8 @@
 func (s *SenderSuite) SetUpTest(c *gc.C) {
 	s.JujuConnSuite.SetUpTest(c)
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	s.meteredService = s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.meteredService, SetCharmURL: true})
+	s.meteredService = s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.meteredService, SetCharmURL: true})
 }
 
 // startServer starts a test HTTP server, returning a function that should be
@@ -201,9 +201,9 @@
 // TestMeterStatusInvalid checks that the metric sender deals with invalid
 // meter status data properly.
 func (s *SenderSuite) TestMeterStatusInvalid(c *gc.C) {
-	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.meteredService, SetCharmURL: true})
-	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.meteredService, SetCharmURL: true})
-	unit3 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.meteredService, SetCharmURL: true})
+	unit1 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.meteredService, SetCharmURL: true})
+	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.meteredService, SetCharmURL: true})
+	unit3 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.meteredService, SetCharmURL: true})
 
 	statusFunc := func(unitName string) (string, string, string) {
 		switch unitName {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/stateinterface.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/stateinterface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsender/stateinterface.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsender/stateinterface.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,23 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// Package metricsender contains functions for sending
+// metrics from a controller to a remote metric collector.
+package metricsender
+
+import (
+	"github.com/juju/juju/state"
+)
+
+// MetricsSenderBackend defines methods provided by a state
+// instance used by the metrics sender apiserver implementation.
+// All the interface methods are defined directly on state.State
+// and are reproduced here for use in tests.
+type MetricsSenderBackend interface {
+	MetricsManager() (*state.MetricsManager, error)
+	MetricsToSend(batchSize int) ([]*state.MetricBatch, error)
+	SetMetricBatchesSent(batchUUIDs []string) error
+	CountOfUnsentMetrics() (int, error)
+	CountOfSentMetrics() (int, error)
+	Unit(name string) (*state.Unit, error)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/metricsender"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/metricsmanager/metricsmanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/metricsender/testing"
@@ -41,8 +41,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	s.metricsmanager = manager
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 }
 
 func (s *metricsManagerSuite) TestNewMetricsManagerAPIRefusesNonMachine(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationflag/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationflag/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationflag/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationflag/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,13 +5,14 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	coremigration "github.com/juju/juju/core/migration"
 	"github.com/juju/juju/migration"
 	"github.com/juju/juju/state"
+	"github.com/juju/juju/state/watcher"
 )
 
 func init() {
@@ -46,14 +47,16 @@
 // Watch starts watching for an active migration for the model
 // associated with the API connection. The returned id should be used
 // with the NotifyWatcher facade to receive events.
-func (api *API) Watch() (params.NotifyWatchResult, error) {
-	w, err := api.backend.WatchForModelMigration()
-	if err != nil {
-		return params.NotifyWatchResult{}, errors.Trace(err)
+func (api *API) Watch() params.NotifyWatchResult {
+	watch := api.backend.WatchForModelMigration()
+	if _, ok := <-watch.Changes(); ok {
+		return params.NotifyWatchResult{
+			NotifyWatcherId: api.resources.Register(watch),
+		}
 	}
 	return params.NotifyWatchResult{
-		NotifyWatcherId: api.resources.Register(w),
-	}, nil
+		Error: common.ServerError(watcher.EnsureErr(watch)),
+	}
 }
 
 // GetMigrationStatus returns the details and progress of the latest
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationmaster/migrationmaster_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,13 @@
 package migrationmaster_test
 
 import (
+	"time"
+
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/migrationmaster"
@@ -60,18 +62,18 @@
 func (s *Suite) TestWatch(c *gc.C) {
 	api := s.mustMakeAPI(c)
 
-	watchResult, err := api.Watch()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(watchResult.NotifyWatcherId, gc.Not(gc.Equals), "")
-}
+	result := api.Watch()
+	c.Assert(result.Error, gc.IsNil)
 
-func (s *Suite) TestWatchError(c *gc.C) {
-	s.backend.watchError = errors.New("boom")
-	api := s.mustMakeAPI(c)
-
-	w, err := api.Watch()
-	c.Assert(w, gc.Equals, params.NotifyWatchResult{})
-	c.Assert(err, gc.ErrorMatches, "boom")
+	resource := s.resources.Get(result.NotifyWatcherId)
+	watcher, _ := resource.(state.NotifyWatcher)
+	c.Assert(watcher, gc.NotNil)
+
+	select {
+	case <-watcher.Changes():
+		c.Fatalf("initial event not consumed")
+	case <-time.After(testing.ShortWait):
+	}
 }
 
 func (s *Suite) TestGetMigrationStatus(c *gc.C) {
@@ -155,16 +157,12 @@
 type stubBackend struct {
 	migrationmaster.Backend
 
-	watchError error
-	getErr     error
-	migration  *stubMigration
+	getErr    error
+	migration *stubMigration
 }
 
-func (b *stubBackend) WatchForModelMigration() (state.NotifyWatcher, error) {
-	if b.watchError != nil {
-		return nil, b.watchError
-	}
-	return apiservertesting.NewFakeNotifyWatcher(), nil
+func (b *stubBackend) WatchForModelMigration() state.NotifyWatcher {
+	return apiservertesting.NewFakeNotifyWatcher()
 }
 
 func (b *stubBackend) GetModelMigration() (state.ModelMigration, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationmaster/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationmaster/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationmaster/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationmaster/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 type Backend interface {
 	migration.StateExporter
 
-	WatchForModelMigration() (state.NotifyWatcher, error)
+	WatchForModelMigration() state.NotifyWatcher
 	GetModelMigration() (state.ModelMigration, error)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationminion/migrationminion_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationminion/migrationminion_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationminion/migrationminion_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationminion/migrationminion_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/migrationminion"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/migrationtarget/migrationtarget_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/migrationtarget"
@@ -16,7 +16,7 @@
 	apiservertesting "github.com/juju/juju/apiserver/testing"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/core/description"
-	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/state"
@@ -35,13 +35,15 @@
 func (s *Suite) SetUpTest(c *gc.C) {
 	// Set up InitialConfig with a dummy provider configuration. This
 	// is required to allow model import test to work.
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		modelcmd.BootstrapContext(testing.Context(c)),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: "dummycontroller",
-			BaseConfig:     dummy.SampleConfig(),
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			ControllerName:   "dummycontroller",
+			BaseConfig:       dummy.SampleConfig(),
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -186,9 +188,8 @@
 
 	newUUID := utils.MustNewUUID().String()
 	model.UpdateConfig(map[string]interface{}{
-		"name":    "some-model",
-		"uuid":    newUUID,
-		"ca-cert": "not really a cert",
+		"name": "some-model",
+		"uuid": newUUID,
 	})
 
 	bytes, err := description.Serialize(model)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 func AuthCheck(c *gc.C, mm *ModelManagerAPI, user names.UserTag) bool {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/modelinfo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/modelinfo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/modelinfo_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/modelinfo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,16 +7,20 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/apiserver/metricsender"
 	"github.com/juju/juju/apiserver/modelmanager"
 	"github.com/juju/juju/apiserver/params"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/status"
@@ -39,6 +43,10 @@
 	}
 	s.st = &mockState{
 		uuid: coretesting.ModelTag.Id(),
+		cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
 	}
 	s.st.model = &mockModel{
 		owner: names.NewUserTag("bob@local"),
@@ -50,15 +58,15 @@
 		},
 		users: []*mockModelUser{{
 			userName: "admin",
-			access:   state.ModelAdminAccess,
+			access:   state.AdminAccess,
 		}, {
 			userName:    "bob@local",
 			displayName: "Bob",
-			access:      state.ModelReadAccess,
+			access:      state.ReadAccess,
 		}, {
 			userName:    "charlotte@local",
 			displayName: "Charlotte",
-			access:      state.ModelReadAccess,
+			access:      state.ReadAccess,
 		}},
 	}
 	var err error
@@ -75,17 +83,21 @@
 
 func (s *modelInfoSuite) TestModelInfo(c *gc.C) {
 	s.st.model.users[1].SetErrors(
-		nil, state.NeverConnectedError("never connected"),
+		state.NeverConnectedError("never connected"),
+		nil, nil, nil, nil,
 	)
 	info := s.getModelInfo(c)
 	c.Assert(info, jc.DeepEquals, params.ModelInfo{
-		Name:           "testenv",
-		UUID:           s.st.model.cfg.UUID(),
-		ControllerUUID: coretesting.ModelTag.Id(),
-		OwnerTag:       "user-bob@local",
-		ProviderType:   "someprovider",
-		DefaultSeries:  series.LatestLts(),
-		Life:           params.Dying,
+		Name:            "testenv",
+		UUID:            s.st.model.cfg.UUID(),
+		ControllerUUID:  "deadbeef-0bad-400d-8000-4b1d0d06f00d",
+		OwnerTag:        "user-bob@local",
+		ProviderType:    "someprovider",
+		Cloud:           "some-cloud",
+		CloudRegion:     "some-region",
+		CloudCredential: "some-credential",
+		DefaultSeries:   series.LatestLts(),
+		Life:            params.Dying,
 		Status: params.EntityStatus{
 			Status: status.StatusDestroying,
 			Since:  &time.Time{},
@@ -93,7 +105,7 @@
 		Users: []params.ModelUserInfo{{
 			UserName:       "admin",
 			LastConnection: &time.Time{},
-			Access:         params.ModelWriteAccess,
+			Access:         params.ModelAdminAccess,
 		}, {
 			UserName:       "bob@local",
 			DisplayName:    "Bob",
@@ -111,6 +123,7 @@
 		{"ModelUUID", nil},
 		{"ForModel", []interface{}{names.NewModelTag(s.st.model.cfg.UUID())}},
 		{"Model", nil},
+		{"ControllerConfig", nil},
 		{"Close", nil},
 	})
 	s.st.model.CheckCalls(c, []gitjujutesting.StubCall{
@@ -119,6 +132,9 @@
 		{"Status", nil},
 		{"Owner", nil},
 		{"Life", nil},
+		{"Cloud", nil},
+		{"CloudRegion", nil},
+		{"CloudCredential", nil},
 	})
 }
 
@@ -190,14 +206,18 @@
 type mockState struct {
 	gitjujutesting.Stub
 
+	environs.EnvironConfigGetter
 	common.APIHostPortsGetter
-	common.ModelConfigGetter
 	common.ToolsStorageGetter
+	common.BlockGetter
+	metricsender.MetricsSenderBackend
 
-	uuid  string
-	model *mockModel
-	owner names.UserTag
-	users []*state.ModelUser
+	uuid            string
+	cloud           cloud.Cloud
+	model           *mockModel
+	controllerModel *mockModel
+	users           []*state.ModelUser
+	creds           map[string]cloud.Credential
 }
 
 func (st *mockState) ModelUUID() string {
@@ -212,29 +232,73 @@
 
 func (st *mockState) IsControllerAdministrator(user names.UserTag) (bool, error) {
 	st.MethodCall(st, "IsControllerAdministrator", user)
-	return user.Canonical() == "admin@local", st.NextErr()
+	if st.controllerModel == nil {
+		return user.Canonical() == "admin@local", st.NextErr()
+	}
+	if st.controllerModel.users == nil {
+		return user.Canonical() == "admin@local", st.NextErr()
+	}
+
+	for _, u := range st.controllerModel.users {
+		if user.Name() == u.UserName() && u.access == state.AdminAccess {
+			nextErr := st.NextErr()
+			if user.Name() != "admin" {
+				panic(user.Name())
+			}
+			return true, nextErr
+		}
+	}
+	return false, st.NextErr()
 }
 
-func (st *mockState) NewModel(args state.ModelArgs) (*state.Model, *state.State, error) {
+func (st *mockState) NewModel(args state.ModelArgs) (common.Model, common.ModelManagerBackend, error) {
 	st.MethodCall(st, "NewModel", args)
-	return nil, nil, st.NextErr()
+	st.model.tag = names.NewModelTag(args.Config.UUID())
+	return st.model, st, st.NextErr()
 }
 
-func (st *mockState) ControllerModel() (*state.Model, error) {
+func (st *mockState) ControllerModel() (common.Model, error) {
 	st.MethodCall(st, "ControllerModel")
-	return nil, st.NextErr()
+	return st.controllerModel, st.NextErr()
+}
+
+func (st *mockState) ControllerConfig() (controller.Config, error) {
+	st.MethodCall(st, "ControllerConfig")
+	return controller.Config{
+		controller.ControllerUUIDKey: "deadbeef-0bad-400d-8000-4b1d0d06f00d",
+	}, st.NextErr()
 }
 
-func (st *mockState) ForModel(tag names.ModelTag) (modelmanager.Backend, error) {
+func (st *mockState) ForModel(tag names.ModelTag) (common.ModelManagerBackend, error) {
 	st.MethodCall(st, "ForModel", tag)
 	return st, st.NextErr()
 }
 
-func (st *mockState) Model() (modelmanager.Model, error) {
+func (st *mockState) Model() (common.Model, error) {
 	st.MethodCall(st, "Model")
 	return st.model, st.NextErr()
 }
 
+func (st *mockState) ModelTag() names.ModelTag {
+	st.MethodCall(st, "ModelTag")
+	return st.model.ModelTag()
+}
+
+func (st *mockState) AllModels() ([]common.Model, error) {
+	st.MethodCall(st, "AllModels")
+	return []common.Model{st.model}, st.NextErr()
+}
+
+func (st *mockState) Cloud(name string) (cloud.Cloud, error) {
+	st.MethodCall(st, "Cloud", name)
+	return st.cloud, st.NextErr()
+}
+
+func (st *mockState) CloudCredentials(user names.UserTag, cloudName string) (map[string]cloud.Credential, error) {
+	st.MethodCall(st, "CloudCredentials", user, cloudName)
+	return st.creds, st.NextErr()
+}
+
 func (st *mockState) Close() error {
 	st.MethodCall(st, "Close")
 	return st.NextErr()
@@ -259,6 +323,7 @@
 	gitjujutesting.Stub
 	owner  names.UserTag
 	life   state.Life
+	tag    names.ModelTag
 	status status.StatusInfo
 	cfg    *config.Config
 	users  []*mockModelUser
@@ -275,6 +340,12 @@
 	return m.owner
 }
 
+func (m *mockModel) ModelTag() names.ModelTag {
+	m.MethodCall(m, "ModelTag")
+	m.PopNoErr()
+	return m.tag
+}
+
 func (m *mockModel) Life() state.Life {
 	m.MethodCall(m, "Life")
 	m.PopNoErr()
@@ -286,6 +357,24 @@
 	return m.status, m.NextErr()
 }
 
+func (m *mockModel) Cloud() string {
+	m.MethodCall(m, "Cloud")
+	m.PopNoErr()
+	return "some-cloud"
+}
+
+func (m *mockModel) CloudRegion() string {
+	m.MethodCall(m, "CloudRegion")
+	m.PopNoErr()
+	return "some-region"
+}
+
+func (m *mockModel) CloudCredential() string {
+	m.MethodCall(m, "CloudCredential")
+	m.PopNoErr()
+	return "some-credential"
+}
+
 func (m *mockModel) Users() ([]common.ModelUser, error) {
 	m.MethodCall(m, "Users")
 	if err := m.NextErr(); err != nil {
@@ -298,18 +387,40 @@
 	return users, nil
 }
 
+func (m *mockModel) Destroy() error {
+	m.MethodCall(m, "Destroy")
+	return m.NextErr()
+}
+
+func (m *mockModel) DestroyIncludingHosted() error {
+	m.MethodCall(m, "DestroyIncludingHosted")
+	return m.NextErr()
+}
+
 type mockModelUser struct {
 	gitjujutesting.Stub
 	userName       string
 	displayName    string
-	access         state.ModelAccess
 	lastConnection time.Time
+	access         state.Access
+}
+
+func (u *mockModelUser) IsAdmin() bool {
+	u.MethodCall(u, "IsAdmin")
+	u.PopNoErr()
+	return u.access == state.AdminAccess
+}
+
+func (u *mockModelUser) IsReadOnly() bool {
+	u.MethodCall(u, "IsReadOnly")
+	u.PopNoErr()
+	return u.access == state.ReadAccess
 }
 
-func (u *mockModelUser) Access() state.ModelAccess {
-	u.MethodCall(u, "Access")
+func (u *mockModelUser) IsReadWrite() bool {
+	u.MethodCall(u, "IsReadWrite")
 	u.PopNoErr()
-	return u.access
+	return u.access == state.WriteAccess
 }
 
 func (u *mockModelUser) DisplayName() string {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/modelmanager.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/modelmanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/modelmanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/modelmanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,16 +8,18 @@
 package modelmanager
 
 import (
+	"fmt"
 	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/txn"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/controller/modelmanager"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/juju/permission"
@@ -33,15 +35,15 @@
 
 // ModelManager defines the methods on the modelmanager API endpoint.
 type ModelManager interface {
-	ConfigSkeleton(args params.ModelSkeletonConfigArgs) (params.ModelConfigResult, error)
-	CreateModel(args params.ModelCreateArgs) (params.Model, error)
+	CreateModel(args params.ModelCreateArgs) (params.ModelInfo, error)
 	ListModels(user params.Entity) (params.UserModelList, error)
+	DestroyModel() error
 }
 
 // ModelManagerAPI implements the model manager interface and is
 // the concrete implementation of the api end point.
 type ModelManagerAPI struct {
-	state       Backend
+	state       common.ModelManagerBackend
 	authorizer  common.Authorizer
 	toolsFinder *common.ToolsFinder
 	apiUser     names.UserTag
@@ -50,13 +52,13 @@
 
 var _ ModelManager = (*ModelManagerAPI)(nil)
 
-func newFacade(st *state.State, resources *common.Resources, auth common.Authorizer) (*ModelManagerAPI, error) {
-	return NewModelManagerAPI(NewStateBackend(st), auth)
+func newFacade(st *state.State, _ *common.Resources, auth common.Authorizer) (*ModelManagerAPI, error) {
+	return NewModelManagerAPI(common.NewModelManagerBackend(st), auth)
 }
 
 // NewModelManagerAPI creates a new api server endpoint for managing
 // models.
-func NewModelManagerAPI(st Backend, authorizer common.Authorizer) (*ModelManagerAPI, error) {
+func NewModelManagerAPI(st common.ModelManagerBackend, authorizer common.Authorizer) (*ModelManagerAPI, error) {
 	if !authorizer.AuthClient() {
 		return nil, common.ErrPerm
 	}
@@ -102,56 +104,9 @@
 	Config() (*config.Config, error)
 }
 
-// ConfigSkeleton returns config values to be used as a starting point for the
-// API caller to construct a valid model specific config.  The provider
-// and region params are there for future use, and current behaviour expects
-// both of these to be empty.
-func (mm *ModelManagerAPI) ConfigSkeleton(args params.ModelSkeletonConfigArgs) (params.ModelConfigResult, error) {
-	var result params.ModelConfigResult
-	if args.Region != "" {
-		return result, errors.NotValidf("region value %q", args.Region)
-	}
-
-	controllerEnv, err := mm.state.ControllerModel()
-	if err != nil {
-		return result, errors.Trace(err)
-	}
-	config, err := mm.configSkeleton(controllerEnv, args.Provider)
-	if err != nil {
-		return result, errors.Trace(err)
-	}
-
-	result.Config = config
-	return result, nil
-}
-
-func (mm *ModelManagerAPI) configSkeleton(source ConfigSource, requestedProviderType string) (map[string]interface{}, error) {
-	baseConfig, err := source.Config()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if requestedProviderType != "" && baseConfig.Type() != requestedProviderType {
-		return nil, errors.Errorf(
-			"cannot create new model with credentials for provider type %q on controller with provider type %q",
-			requestedProviderType, baseConfig.Type())
-	}
-	baseMap := baseConfig.AllAttrs()
-
-	fields, err := modelmanager.RestrictedProviderFields(baseConfig.Type())
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	var result = make(map[string]interface{})
-	for _, field := range fields {
-		if value, found := baseMap[field]; found {
-			result[field] = value
-		}
-	}
-	return result, nil
-}
-
-func (mm *ModelManagerAPI) newModelConfig(args params.ModelCreateArgs, source ConfigSource) (*config.Config, error) {
+func (mm *ModelManagerAPI) newModelConfig(
+	args params.ModelCreateArgs, controllerUUID string, source ConfigSource, credential *cloud.Credential,
+) (*config.Config, error) {
 	// For now, we just smash to the two maps together as we store
 	// the account values and the model config together in the
 	// *config.Config instance.
@@ -159,13 +114,25 @@
 	for key, value := range args.Config {
 		joint[key] = value
 	}
-	// Account info overrides any config values.
-	for key, value := range args.Account {
-		joint[key] = value
-	}
 	if _, ok := joint["uuid"]; ok {
 		return nil, errors.New("uuid is generated, you cannot specify one")
 	}
+	if args.Name == "" {
+		return nil, errors.NewNotValid(nil, "Name must be specified")
+	}
+	if _, ok := joint[config.NameKey]; ok {
+		return nil, errors.New("name must not be specified in config")
+	}
+	joint[config.NameKey] = args.Name
+
+	// Copy credential attributes across to model config.
+	// TODO(axw) credentials should not be going into model config.
+	if credential != nil {
+		for key, value := range credential.Attributes() {
+			joint[key] = value
+		}
+	}
+
 	baseConfig, err := source.Config()
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -181,13 +148,18 @@
 			return result.List, nil
 		},
 	}
-	return creator.NewModelConfig(mm.isAdmin, baseConfig, joint)
+	return creator.NewModelConfig(mm.isAdmin, controllerUUID, baseConfig, joint)
 }
 
 // CreateModel creates a new model using the account and
 // model config specified in the args.
-func (mm *ModelManagerAPI) CreateModel(args params.ModelCreateArgs) (params.Model, error) {
-	result := params.Model{}
+func (mm *ModelManagerAPI) CreateModel(args params.ModelCreateArgs) (params.ModelInfo, error) {
+	result := params.ModelInfo{}
+	// TODO(perrito666) this check should be part of the authCheck, without this check
+	// any user in the controller may create models.
+	if !mm.isAdmin {
+		return result, errors.Trace(common.ErrPerm)
+	}
 	// Get the controller model first. We need it both for the state
 	// server owner and the ability to get the config.
 	controllerModel, err := mm.state.ControllerModel()
@@ -208,24 +180,80 @@
 		return result, errors.Trace(err)
 	}
 
-	newConfig, err := mm.newModelConfig(args, controllerModel)
+	cloudName := controllerModel.Cloud()
+	cloudCredentialName := args.CloudCredential
+	if cloudCredentialName == "" {
+		if ownerTag.Canonical() == controllerModel.Owner().Canonical() {
+			cloudCredentialName = controllerModel.CloudCredential()
+		} else {
+			// TODO(axw) check if the user has one and only one
+			// cloud credential, and if so, use it? For now, we
+			// require the user to specify a credential unless
+			// the cloud does not require one.
+			controllerCloud, err := mm.state.Cloud(controllerModel.Cloud())
+			if err != nil {
+				return result, errors.Trace(err)
+			}
+			var hasEmpty bool
+			for _, authType := range controllerCloud.AuthTypes {
+				if authType != cloud.EmptyAuthType {
+					continue
+				}
+				hasEmpty = true
+				break
+			}
+			if !hasEmpty {
+				return result, errors.NewNotValid(nil, "no credential specified")
+			}
+		}
+	}
+
+	cloudRegion := args.CloudRegion
+	if cloudRegion == "" {
+		cloudRegion = controllerModel.CloudRegion()
+	}
+
+	var credential *cloud.Credential
+	if cloudCredentialName != "" {
+		ownerCredentials, err := mm.state.CloudCredentials(ownerTag, controllerModel.Cloud())
+		if err != nil {
+			return result, errors.Annotate(err, "getting credentials")
+		}
+		elem, ok := ownerCredentials[cloudCredentialName]
+		if !ok {
+			return result, errors.NewNotValid(nil, fmt.Sprintf(
+				"no such credential %q", cloudCredentialName,
+			))
+		}
+		credential = &elem
+	}
+
+	controllerCfg, err := mm.state.ControllerConfig()
+	if err != nil {
+		return result, errors.Trace(err)
+	}
+
+	newConfig, err := mm.newModelConfig(args, controllerCfg.ControllerUUID(), controllerModel, credential)
 	if err != nil {
 		return result, errors.Annotate(err, "failed to create config")
 	}
+
 	// NOTE: check the agent-version of the config, and if it is > the current
 	// version, it is not supported, also check existing tools, and if we don't
 	// have tools for that version, also die.
-	model, st, err := mm.state.NewModel(state.ModelArgs{Config: newConfig, Owner: ownerTag})
+	model, st, err := mm.state.NewModel(state.ModelArgs{
+		CloudName:       cloudName,
+		CloudRegion:     cloudRegion,
+		CloudCredential: cloudCredentialName,
+		Config:          newConfig,
+		Owner:           ownerTag,
+	})
 	if err != nil {
 		return result, errors.Annotate(err, "failed to create new model")
 	}
 	defer st.Close()
 
-	result.Name = model.Name()
-	result.UUID = model.UUID()
-	result.OwnerTag = model.Owner().String()
-
-	return result, nil
+	return mm.getModelInfo(model.ModelTag())
 }
 
 // ListModels returns the models that the specified user
@@ -273,6 +301,23 @@
 	return result, nil
 }
 
+// DestroyModel will try to destroy the current model.
+// If there is a block on destruction, this method will return an error.
+func (m *ModelManagerAPI) DestroyModel() error {
+	// Any user is able to delete their own model (until real fine
+	// grain permissions are available), and admins (the creator of the state
+	// server model) are able to delete models for other people.
+	model, err := m.state.Model()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	err = m.authCheck(model.Owner())
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return errors.Trace(common.DestroyModel(m.state, model.ModelTag()))
+}
+
 // ModelInfo returns information about the specified models.
 func (m *ModelManagerAPI) ModelInfo(args params.Entities) (params.ModelInfoResults, error) {
 	results := params.ModelInfoResults{
@@ -284,69 +329,7 @@
 		if err != nil {
 			return params.ModelInfo{}, err
 		}
-
-		st, err := m.state.ForModel(tag)
-		if errors.IsNotFound(err) {
-			return params.ModelInfo{}, common.ErrPerm
-		} else if err != nil {
-			return params.ModelInfo{}, err
-		}
-		defer st.Close()
-
-		model, err := st.Model()
-		if errors.IsNotFound(err) {
-			return params.ModelInfo{}, common.ErrPerm
-		} else if err != nil {
-			return params.ModelInfo{}, err
-		}
-
-		cfg, err := model.Config()
-		if err != nil {
-			return params.ModelInfo{}, err
-		}
-		users, err := model.Users()
-		if err != nil {
-			return params.ModelInfo{}, err
-		}
-		status, err := model.Status()
-		if err != nil {
-			return params.ModelInfo{}, err
-		}
-
-		owner := model.Owner()
-		info := params.ModelInfo{
-			Name:           cfg.Name(),
-			UUID:           cfg.UUID(),
-			ControllerUUID: cfg.ControllerUUID(),
-			OwnerTag:       owner.String(),
-			Life:           params.Life(model.Life().String()),
-			Status:         common.EntityStatusFromState(status),
-			ProviderType:   cfg.Type(),
-			DefaultSeries:  config.PreferredSeries(cfg),
-		}
-
-		authorizedOwner := m.authCheck(owner) == nil
-		for _, user := range users {
-			if !authorizedOwner && m.authCheck(user.UserTag()) != nil {
-				// The authenticated user is neither the owner
-				// nor administrator, nor the model user, so
-				// has no business knowing about the model user.
-				continue
-			}
-			userInfo, err := common.ModelUserInfo(user)
-			if err != nil {
-				return params.ModelInfo{}, errors.Trace(err)
-			}
-			info.Users = append(info.Users, userInfo)
-		}
-
-		if len(info.Users) == 0 {
-			// No users, which means the authenticated user doesn't
-			// have access to the model.
-			return params.ModelInfo{}, common.ErrPerm
-		}
-
-		return info, nil
+		return m.getModelInfo(tag)
 	}
 
 	for i, arg := range args.Entities {
@@ -360,8 +343,80 @@
 	return results, nil
 }
 
+func (m *ModelManagerAPI) getModelInfo(tag names.ModelTag) (params.ModelInfo, error) {
+	st, err := m.state.ForModel(tag)
+	if errors.IsNotFound(err) {
+		return params.ModelInfo{}, common.ErrPerm
+	} else if err != nil {
+		return params.ModelInfo{}, err
+	}
+	defer st.Close()
+
+	model, err := st.Model()
+	if errors.IsNotFound(err) {
+		return params.ModelInfo{}, common.ErrPerm
+	} else if err != nil {
+		return params.ModelInfo{}, err
+	}
+
+	cfg, err := model.Config()
+	if err != nil {
+		return params.ModelInfo{}, err
+	}
+	controllerCfg, err := st.ControllerConfig()
+	if err != nil {
+		return params.ModelInfo{}, err
+	}
+	users, err := model.Users()
+	if err != nil {
+		return params.ModelInfo{}, err
+	}
+	status, err := model.Status()
+	if err != nil {
+		return params.ModelInfo{}, err
+	}
+
+	owner := model.Owner()
+	info := params.ModelInfo{
+		Name:            cfg.Name(),
+		UUID:            cfg.UUID(),
+		ControllerUUID:  controllerCfg.ControllerUUID(),
+		OwnerTag:        owner.String(),
+		Life:            params.Life(model.Life().String()),
+		Status:          common.EntityStatusFromState(status),
+		ProviderType:    cfg.Type(),
+		DefaultSeries:   config.PreferredSeries(cfg),
+		Cloud:           model.Cloud(),
+		CloudRegion:     model.CloudRegion(),
+		CloudCredential: model.CloudCredential(),
+	}
+
+	authorizedOwner := m.authCheck(owner) == nil
+	for _, user := range users {
+		if !authorizedOwner && m.authCheck(user.UserTag()) != nil {
+			// The authenticated user is neither the owner
+			// nor administrator, nor the model user, so
+			// has no business knowing about the model user.
+			continue
+		}
+		userInfo, err := common.ModelUserInfo(user)
+		if err != nil {
+			return params.ModelInfo{}, errors.Trace(err)
+		}
+		info.Users = append(info.Users, userInfo)
+	}
+
+	if len(info.Users) == 0 {
+		// No users, which means the authenticated user doesn't
+		// have access to the model.
+		return params.ModelInfo{}, common.ErrPerm
+	}
+
+	return info, nil
+}
+
 // ModifyModelAccess changes the model access granted to users.
-func (m *ModelManagerAPI) ModifyModelAccess(args params.ModifyModelAccessRequest) (result params.ErrorResults, err error) {
+func (m *ModelManagerAPI) ModifyModelAccess(args params.ModifyModelAccessRequest) (result params.ErrorResults, _ error) {
 	result = params.ErrorResults{
 		Results: make([]params.ErrorResult, len(args.Changes)),
 	}
@@ -396,35 +451,21 @@
 
 // resolveStateAccess returns the state representation of the logical model
 // access type.
-func resolveStateAccess(access permission.ModelAccess) (state.ModelAccess, error) {
-	var fail state.ModelAccess
+func resolveStateAccess(access permission.ModelAccess) (state.Access, error) {
+	var fail state.Access
 	switch access {
+	case permission.ModelAdminAccess:
+		return state.AdminAccess, nil
 	case permission.ModelReadAccess:
-		return state.ModelReadAccess, nil
+		return state.ReadAccess, nil
 	case permission.ModelWriteAccess:
-		// TODO: Initially, we'll map "write" access to admin-level access.
-		// Post Juju-2.0, support for more nuanced access will be added to the
-		// permission business logic and state model.
-		return state.ModelAdminAccess, nil
+		return state.WriteAccess, nil
 	}
 	logger.Errorf("invalid access permission: %+v", access)
 	return fail, errors.Errorf("invalid access permission")
 }
 
-// isGreaterAccess returns whether the new access provides more permissions
-// than the current access.
-// TODO(cmars): If/when more access types are implemented in state,
-//   the implementation of this function will certainly need to change, and it
-//   should be abstracted away to juju/permission as pure business logic
-//   instead of operating on state values.
-func isGreaterAccess(currentAccess, newAccess state.ModelAccess) bool {
-	if currentAccess == state.ModelReadAccess && newAccess == state.ModelAdminAccess {
-		return true
-	}
-	return false
-}
-
-func userAuthorizedToChangeAccess(st Backend, userIsAdmin bool, userTag names.UserTag) error {
+func userAuthorizedToChangeAccess(st common.ModelManagerBackend, userIsAdmin bool, userTag names.UserTag) error {
 	if userIsAdmin {
 		// Just confirm that the model that has been given is a valid model.
 		_, err := st.Model()
@@ -444,7 +485,7 @@
 		}
 		return errors.Annotate(err, "could not retrieve user")
 	}
-	if currentUser.Access() != state.ModelAdminAccess {
+	if !currentUser.IsAdmin() {
 		return common.ErrPerm
 	}
 	return nil
@@ -452,7 +493,7 @@
 
 // ChangeModelAccess performs the requested access grant or revoke action for the
 // specified user on the specified model.
-func ChangeModelAccess(accessor Backend, modelTag names.ModelTag, apiUser, targetUserTag names.UserTag, action params.ModelAction, access permission.ModelAccess, userIsAdmin bool) error {
+func ChangeModelAccess(accessor common.ModelManagerBackend, modelTag names.ModelTag, apiUser, targetUserTag names.UserTag, action params.ModelAction, access permission.ModelAccess, userIsAdmin bool) error {
 	st, err := accessor.ForModel(modelTag)
 	if err != nil {
 		return errors.Annotate(err, "could not lookup model")
@@ -482,34 +523,42 @@
 			}
 
 			// Only set access if greater access is being granted.
-			if isGreaterAccess(modelUser.Access(), stateAccess) {
+			if modelUser.IsGreaterAccess(stateAccess) {
 				err = modelUser.SetAccess(stateAccess)
 				if err != nil {
 					return errors.Annotate(err, "could not set model access for user")
 				}
 			} else {
-				return errors.Errorf("user already has %q access", modelUser.Access())
+				return errors.Errorf("user already has %q access or greater", stateAccess)
 			}
 			return nil
 		}
 		return errors.Annotate(err, "could not grant model access")
 
 	case params.RevokeModelAccess:
-		if stateAccess == state.ModelReadAccess {
+		switch stateAccess {
+		case state.ReadAccess:
 			// Revoking read access removes all access.
 			err := st.RemoveModelUser(targetUserTag)
 			return errors.Annotate(err, "could not revoke model access")
-
-		} else if stateAccess == state.ModelAdminAccess {
-			// Revoking admin access sets read-only.
+		case state.WriteAccess:
+			// Revoking write access sets read-only.
 			modelUser, err := st.ModelUser(targetUserTag)
 			if err != nil {
 				return errors.Annotate(err, "could not look up model access for user")
 			}
-			err = modelUser.SetAccess(state.ModelReadAccess)
+			err = modelUser.SetAccess(state.ReadAccess)
 			return errors.Annotate(err, "could not set model access to read-only")
+		case state.AdminAccess:
+			// Revoking admin access sets read-write.
+			modelUser, err := st.ModelUser(targetUserTag)
+			if err != nil {
+				return errors.Annotate(err, "could not look up model access for user")
+			}
+			err = modelUser.SetAccess(state.WriteAccess)
+			return errors.Annotate(err, "could not set model access to read-write")
 
-		} else {
+		default:
 			return errors.Errorf("don't know how to revoke %q access", stateAccess)
 		}
 
@@ -526,6 +575,8 @@
 		return permission.ModelReadAccess, nil
 	case params.ModelWriteAccess:
 		return permission.ModelWriteAccess, nil
+	case params.ModelAdminAccess:
+		return permission.ModelAdminAccess, nil
 	}
 	return fail, errors.Errorf("invalid model access permission %q", paramAccess)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/modelmanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/modelmanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/modelmanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/modelmanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,22 +5,29 @@
 
 import (
 	"regexp"
+	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/modelmanager"
 	"github.com/juju/juju/apiserver/params"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/status"
 	jujuversion "github.com/juju/juju/version"
 	// Register the providers for the field check test
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/controller"
 	_ "github.com/juju/juju/provider/azure"
+	"github.com/juju/juju/provider/dummy"
 	_ "github.com/juju/juju/provider/ec2"
 	_ "github.com/juju/juju/provider/joyent"
 	_ "github.com/juju/juju/provider/maas"
@@ -31,13 +38,209 @@
 )
 
 type modelManagerBaseSuite struct {
-	jujutesting.JujuConnSuite
+}
+
+type modelManagerSuite struct {
+	gitjujutesting.IsolationSuite
+	st         mockState
+	authoriser apiservertesting.FakeAuthorizer
+	api        *modelmanager.ModelManagerAPI
+}
+
+var _ = gc.Suite(&modelManagerSuite{})
+
+func (s *modelManagerSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+
+	attrs := dummy.SampleConfig()
+	attrs["agent-version"] = jujuversion.Current.String()
+	cfg, err := config.New(config.UseDefaults, attrs)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.st = mockState{
+		uuid: coretesting.ModelTag.Id(),
+		cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		controllerModel: &mockModel{
+			owner: names.NewUserTag("admin@local"),
+			life:  state.Alive,
+			cfg:   cfg,
+			status: status.StatusInfo{
+				Status: status.StatusAvailable,
+				Since:  &time.Time{},
+			},
+			users: []*mockModelUser{{
+				userName: "admin",
+				access:   state.AdminAccess,
+			}, {
+				userName: "otheruser",
+				access:   state.AdminAccess,
+			}},
+		},
+		model: &mockModel{
+			owner: names.NewUserTag("admin@local"),
+			life:  state.Alive,
+			cfg:   cfg,
+			status: status.StatusInfo{
+				Status: status.StatusAvailable,
+				Since:  &time.Time{},
+			},
+			users: []*mockModelUser{{
+				userName: "admin",
+				access:   state.AdminAccess,
+			}, {
+				userName: "otheruser",
+				access:   state.AdminAccess,
+			}},
+		},
+		creds: map[string]cloud.Credential{
+			"some-credential": cloud.NewEmptyCredential(),
+		},
+	}
+	s.authoriser = apiservertesting.FakeAuthorizer{
+		Tag: names.NewUserTag("admin@local"),
+	}
+	api, err := modelmanager.NewModelManagerAPI(&s.st, s.authoriser)
+	c.Assert(err, jc.ErrorIsNil)
+	s.api = api
+}
+
+func (s *modelManagerSuite) TestCreateModelArgs(c *gc.C) {
+	args := params.ModelCreateArgs{
+		Name:     "foo",
+		OwnerTag: "user-admin@local",
+		Config: map[string]interface{}{
+			"bar": "baz",
+		},
+		CloudRegion:     "qux",
+		CloudCredential: "some-credential",
+	}
+	_, err := s.api.CreateModel(args)
+	c.Assert(err, jc.ErrorIsNil)
+	s.st.CheckCallNames(c,
+		"IsControllerAdministrator",
+		"ModelUUID",
+		"ControllerModel",
+		"CloudCredentials",
+		"ControllerConfig",
+		"NewModel",
+		"ForModel",
+		"Model",
+		"ControllerConfig",
+		"Close", // close new model's state
+		"Close", // close controller model's state
+	)
+
+	// We cannot predict the UUID, because it's generated,
+	// so we just extract it and ensure that it's not the
+	// same as the controller UUID.
+	newModelArgs := s.st.Calls()[5].Args[0].(state.ModelArgs)
+	uuid := newModelArgs.Config.UUID()
+	c.Assert(uuid, gc.Not(gc.Equals), s.st.controllerModel.cfg.UUID())
+
+	cfg, err := config.New(config.UseDefaults, map[string]interface{}{
+		"name":          "foo",
+		"type":          "dummy",
+		"uuid":          uuid,
+		"agent-version": jujuversion.Current.String(),
+		"bar":           "baz",
+		"controller":    false,
+		"broken":        "",
+		"secret":        "pork",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	// TODO(wallyworld) - we need to separate controller and model schemas
+	// Remove any remaining controller attributes from the env config.
+	cfg, err = cfg.Remove(controller.ControllerOnlyConfigAttributes)
+	c.Assert(err, jc.ErrorIsNil)
 
+	c.Assert(newModelArgs, jc.DeepEquals, state.ModelArgs{
+		Owner:           names.NewUserTag("admin@local"),
+		CloudName:       "some-cloud",
+		CloudRegion:     "qux",
+		CloudCredential: "some-credential",
+		Config:          cfg,
+	})
+}
+
+func (s *modelManagerSuite) TestCreateModelDefaultRegion(c *gc.C) {
+	args := params.ModelCreateArgs{
+		Name:     "foo",
+		OwnerTag: "user-admin@local",
+	}
+	_, err := s.api.CreateModel(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	newModelArgs := s.st.Calls()[5].Args[0].(state.ModelArgs)
+	c.Assert(newModelArgs.CloudRegion, gc.Equals, "some-region")
+}
+
+func (s *modelManagerSuite) TestCreateModelDefaultCredentialAdmin(c *gc.C) {
+	s.testCreateModelDefaultCredentialAdmin(c, "user-admin@local")
+}
+
+func (s *modelManagerSuite) TestCreateModelDefaultCredentialAdminNoDomain(c *gc.C) {
+	s.testCreateModelDefaultCredentialAdmin(c, "user-admin")
+}
+
+func (s *modelManagerSuite) testCreateModelDefaultCredentialAdmin(c *gc.C, ownerTag string) {
+	s.st.cloud.AuthTypes = []cloud.AuthType{"userpass"}
+	args := params.ModelCreateArgs{
+		Name:     "foo",
+		OwnerTag: ownerTag,
+	}
+	_, err := s.api.CreateModel(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	newModelArgs := s.st.Calls()[5].Args[0].(state.ModelArgs)
+	c.Assert(newModelArgs.CloudCredential, gc.Equals, "some-credential")
+}
+
+func (s *modelManagerSuite) TestCreateModelEmptyCredentialNonAdmin(c *gc.C) {
+	args := params.ModelCreateArgs{
+		Name:     "foo",
+		OwnerTag: "user-bob@local",
+	}
+	_, err := s.api.CreateModel(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	newModelArgs := s.st.Calls()[5].Args[0].(state.ModelArgs)
+	c.Assert(newModelArgs.CloudCredential, gc.Equals, "")
+}
+
+func (s *modelManagerSuite) TestCreateModelNoDefaultCredentialNonAdmin(c *gc.C) {
+	s.st.cloud.AuthTypes = nil
+	args := params.ModelCreateArgs{
+		Name:     "foo",
+		OwnerTag: "user-bob@local",
+	}
+	_, err := s.api.CreateModel(args)
+	c.Assert(err, gc.ErrorMatches, "no credential specified")
+}
+
+func (s *modelManagerSuite) TestCreateModelUnknownCredential(c *gc.C) {
+	args := params.ModelCreateArgs{
+		Name:            "foo",
+		OwnerTag:        "user-admin@local",
+		CloudCredential: "bar",
+	}
+	_, err := s.api.CreateModel(args)
+	c.Assert(err, gc.ErrorMatches, `no such credential "bar"`)
+}
+
+// modelManagerStateSuite contains end-to-end tests.
+// Prefer adding tests to modelManagerSuite above.
+type modelManagerStateSuite struct {
+	jujutesting.JujuConnSuite
 	modelmanager *modelmanager.ModelManagerAPI
 	authoriser   apiservertesting.FakeAuthorizer
 }
 
-func (s *modelManagerBaseSuite) SetUpTest(c *gc.C) {
+var _ = gc.Suite(&modelManagerStateSuite{})
+
+func (s *modelManagerStateSuite) SetUpTest(c *gc.C) {
 	s.JujuConnSuite.SetUpTest(c)
 	s.authoriser = apiservertesting.FakeAuthorizer{
 		Tag: s.AdminUserTag(c),
@@ -45,47 +248,40 @@
 	loggo.GetLogger("juju.apiserver.modelmanager").SetLogLevel(loggo.TRACE)
 }
 
-func (s *modelManagerBaseSuite) setAPIUser(c *gc.C, user names.UserTag) {
+func (s *modelManagerStateSuite) setAPIUser(c *gc.C, user names.UserTag) {
 	s.authoriser.Tag = user
 	modelmanager, err := modelmanager.NewModelManagerAPI(
-		modelmanager.NewStateBackend(s.State), s.authoriser,
+		common.NewModelManagerBackend(s.State), s.authoriser,
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	s.modelmanager = modelmanager
 }
 
-type modelManagerSuite struct {
-	modelManagerBaseSuite
-}
-
-var _ = gc.Suite(&modelManagerSuite{})
-
-func (s *modelManagerSuite) TestNewAPIAcceptsClient(c *gc.C) {
+func (s *modelManagerStateSuite) TestNewAPIAcceptsClient(c *gc.C) {
 	anAuthoriser := s.authoriser
 	anAuthoriser.Tag = names.NewUserTag("external@remote")
 	endPoint, err := modelmanager.NewModelManagerAPI(
-		modelmanager.NewStateBackend(s.State), anAuthoriser,
+		common.NewModelManagerBackend(s.State), anAuthoriser,
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(endPoint, gc.NotNil)
 }
 
-func (s *modelManagerSuite) TestNewAPIRefusesNonClient(c *gc.C) {
+func (s *modelManagerStateSuite) TestNewAPIRefusesNonClient(c *gc.C) {
 	anAuthoriser := s.authoriser
 	anAuthoriser.Tag = names.NewUnitTag("mysql/0")
 	endPoint, err := modelmanager.NewModelManagerAPI(
-		modelmanager.NewStateBackend(s.State), anAuthoriser,
+		common.NewModelManagerBackend(s.State), anAuthoriser,
 	)
 	c.Assert(endPoint, gc.IsNil)
 	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
 
-func (s *modelManagerSuite) createArgs(c *gc.C, owner names.UserTag) params.ModelCreateArgs {
+func (s *modelManagerStateSuite) createArgs(c *gc.C, owner names.UserTag) params.ModelCreateArgs {
 	return params.ModelCreateArgs{
+		Name:     "test-model",
 		OwnerTag: owner.String(),
-		Account:  make(map[string]interface{}),
 		Config: map[string]interface{}{
-			"name":            "test-model",
 			"authorized-keys": "ssh-key",
 			// And to make it a valid dummy config
 			"controller": false,
@@ -93,14 +289,14 @@
 	}
 }
 
-func (s *modelManagerSuite) createArgsForVersion(c *gc.C, owner names.UserTag, ver interface{}) params.ModelCreateArgs {
+func (s *modelManagerStateSuite) createArgsForVersion(c *gc.C, owner names.UserTag, ver interface{}) params.ModelCreateArgs {
 	params := s.createArgs(c, owner)
 	params.Config["agent-version"] = ver
 	return params
 }
 
-func (s *modelManagerSuite) TestUserCanCreateModel(c *gc.C) {
-	owner := names.NewUserTag("external@remote")
+func (s *modelManagerStateSuite) TestUserCanCreateModel(c *gc.C) {
+	owner := names.NewUserTag("admin@local")
 	s.setAPIUser(c, owner)
 	model, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
 	c.Assert(err, jc.ErrorIsNil)
@@ -108,7 +304,7 @@
 	c.Assert(model.Name, gc.Equals, "test-model")
 }
 
-func (s *modelManagerSuite) TestAdminCanCreateModelForSomeoneElse(c *gc.C) {
+func (s *modelManagerStateSuite) TestAdminCanCreateModelForSomeoneElse(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	owner := names.NewUserTag("external@remote")
 	model, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
@@ -128,40 +324,21 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *modelManagerSuite) TestNonAdminCannotCreateModelForSomeoneElse(c *gc.C) {
+func (s *modelManagerStateSuite) TestNonAdminCannotCreateModelForSomeoneElse(c *gc.C) {
 	s.setAPIUser(c, names.NewUserTag("non-admin@remote"))
 	owner := names.NewUserTag("external@remote")
 	_, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
 	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
 
-func (s *modelManagerSuite) TestConfigSkeleton(c *gc.C) {
-	s.setAPIUser(c, names.NewUserTag("non-admin@remote"))
-
-	_, err := s.modelmanager.ConfigSkeleton(
-		params.ModelSkeletonConfigArgs{Provider: "ec2"})
-	c.Check(err, gc.ErrorMatches, `cannot create new model with credentials for provider type "ec2" on controller with provider type "dummy"`)
-	_, err = s.modelmanager.ConfigSkeleton(
-		params.ModelSkeletonConfigArgs{Region: "the sun"})
-	c.Check(err, gc.ErrorMatches, `region value "the sun" not valid`)
-
-	skeleton, err := s.modelmanager.ConfigSkeleton(params.ModelSkeletonConfigArgs{})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// The apiPort changes every test run as the dummy provider
-	// looks for a random open port.
-	apiPort := s.Environ.Config().APIPort()
-
-	c.Assert(skeleton.Config, jc.DeepEquals, params.ModelConfig{
-		"type":            "dummy",
-		"controller-uuid": coretesting.ModelTag.Id(),
-		"ca-cert":         coretesting.CACert,
-		"state-port":      1234,
-		"api-port":        apiPort,
-	})
+func (s *modelManagerStateSuite) TestNonAdminCannotCreateModelForSelf(c *gc.C) {
+	owner := names.NewUserTag("non-admin@remote")
+	s.setAPIUser(c, owner)
+	_, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
+	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
 
-func (s *modelManagerSuite) TestCreateModelValidatesConfig(c *gc.C) {
+func (s *modelManagerStateSuite) TestCreateModelValidatesConfig(c *gc.C) {
 	admin := s.AdminUserTag(c)
 	s.setAPIUser(c, admin)
 	args := s.createArgs(c, admin)
@@ -172,8 +349,8 @@
 	)
 }
 
-func (s *modelManagerSuite) TestCreateModelBadConfig(c *gc.C) {
-	owner := names.NewUserTag("external@remote")
+func (s *modelManagerStateSuite) TestCreateModelBadConfig(c *gc.C) {
+	owner := names.NewUserTag("admin@local")
 	s.setAPIUser(c, owner)
 	for i, test := range []struct {
 		key      string
@@ -188,19 +365,6 @@
 			key:      "type",
 			value:    "fake",
 			errMatch: `failed to create config: specified type "fake" does not match controller "dummy"`,
-		}, {
-			key:      "ca-cert",
-			value:    coretesting.OtherCACert,
-			errMatch: `failed to create config: (?s)specified ca-cert ".*" does not match controller ".*"`,
-		}, {
-			key:      "state-port",
-			value:    9876,
-			errMatch: `failed to create config: specified state-port "9876" does not match controller "1234"`,
-		}, {
-			// The api-port is dynamic, but always in user-space, so > 1024.
-			key:      "api-port",
-			value:    123,
-			errMatch: `failed to create config: specified api-port "123" does not match controller ".*"`,
 		},
 	} {
 		c.Logf("%d: %s", i, test.key)
@@ -212,7 +376,7 @@
 	}
 }
 
-func (s *modelManagerSuite) TestCreateModelSameAgentVersion(c *gc.C) {
+func (s *modelManagerStateSuite) TestCreateModelSameAgentVersion(c *gc.C) {
 	admin := s.AdminUserTag(c)
 	s.setAPIUser(c, admin)
 	args := s.createArgsForVersion(c, admin, jujuversion.Current.String())
@@ -220,7 +384,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *modelManagerSuite) TestCreateModelBadAgentVersion(c *gc.C) {
+func (s *modelManagerStateSuite) TestCreateModelBadAgentVersion(c *gc.C) {
 	err := s.BackingState.SetModelAgentVersion(coretesting.FakeVersionNumber)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -258,7 +422,7 @@
 	}
 }
 
-func (s *modelManagerSuite) TestListModelsForSelf(c *gc.C) {
+func (s *modelManagerStateSuite) TestListModelsForSelf(c *gc.C) {
 	user := names.NewUserTag("external@remote")
 	s.setAPIUser(c, user)
 	result, err := s.modelmanager.ListModels(params.Entity{Tag: user.String()})
@@ -266,7 +430,7 @@
 	c.Assert(result.UserModels, gc.HasLen, 0)
 }
 
-func (s *modelManagerSuite) TestListModelsForSelfLocalUser(c *gc.C) {
+func (s *modelManagerStateSuite) TestListModelsForSelfLocalUser(c *gc.C) {
 	// When the user's credentials cache stores the simple name, but the
 	// api server converts it to a fully qualified name.
 	user := names.NewUserTag("local-user")
@@ -276,13 +440,13 @@
 	c.Assert(result.UserModels, gc.HasLen, 0)
 }
 
-func (s *modelManagerSuite) checkModelMatches(c *gc.C, env params.Model, expected *state.Model) {
+func (s *modelManagerStateSuite) checkModelMatches(c *gc.C, env params.Model, expected *state.Model) {
 	c.Check(env.Name, gc.Equals, expected.Name())
 	c.Check(env.UUID, gc.Equals, expected.UUID())
 	c.Check(env.OwnerTag, gc.Equals, expected.Owner().String())
 }
 
-func (s *modelManagerSuite) TestListModelsAdminSelf(c *gc.C) {
+func (s *modelManagerStateSuite) TestListModelsAdminSelf(c *gc.C) {
 	user := s.AdminUserTag(c)
 	s.setAPIUser(c, user)
 	result, err := s.modelmanager.ListModels(params.Entity{Tag: user.String()})
@@ -293,7 +457,7 @@
 	s.checkModelMatches(c, result.UserModels[0].Model, expected)
 }
 
-func (s *modelManagerSuite) TestListModelsAdminListsOther(c *gc.C) {
+func (s *modelManagerStateSuite) TestListModelsAdminListsOther(c *gc.C) {
 	user := s.AdminUserTag(c)
 	s.setAPIUser(c, user)
 	other := names.NewUserTag("external@remote")
@@ -302,7 +466,7 @@
 	c.Assert(result.UserModels, gc.HasLen, 0)
 }
 
-func (s *modelManagerSuite) TestListModelsDenied(c *gc.C) {
+func (s *modelManagerStateSuite) TestListModelsDenied(c *gc.C) {
 	user := names.NewUserTag("external@remote")
 	s.setAPIUser(c, user)
 	other := names.NewUserTag("other@remote")
@@ -310,19 +474,96 @@
 	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
 
-func (s *modelManagerSuite) TestAdminModelManager(c *gc.C) {
+func (s *modelManagerStateSuite) TestAdminModelManager(c *gc.C) {
 	user := s.AdminUserTag(c)
 	s.setAPIUser(c, user)
 	c.Assert(modelmanager.AuthCheck(c, s.modelmanager, user), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestNonAdminModelManager(c *gc.C) {
+func (s *modelManagerStateSuite) TestNonAdminModelManager(c *gc.C) {
 	user := names.NewUserTag("external@remote")
 	s.setAPIUser(c, user)
 	c.Assert(modelmanager.AuthCheck(c, s.modelmanager, user), jc.IsFalse)
 }
 
-func (s *modelManagerSuite) modifyAccess(c *gc.C, user names.UserTag, action params.ModelAction, access params.ModelAccessPermission, model names.ModelTag) error {
+func (s *modelManagerStateSuite) TestDestroyOwnModel(c *gc.C) {
+	// TODO(perrito666) this test is not valid until we have
+	// proper controller permission since the only users that
+	// can create models are controller admins.
+	owner := names.NewUserTag("admin@local")
+	s.setAPIUser(c, owner)
+	m, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
+	c.Assert(err, jc.ErrorIsNil)
+	st, err := s.State.ForModel(names.NewModelTag(m.UUID))
+	c.Assert(err, jc.ErrorIsNil)
+	defer st.Close()
+
+	s.modelmanager, err = modelmanager.NewModelManagerAPI(
+		common.NewModelManagerBackend(st), s.authoriser,
+	)
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.modelmanager.DestroyModel()
+	c.Assert(err, jc.ErrorIsNil)
+
+	model, err := st.Model()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(model.Life(), gc.Not(gc.Equals), state.Alive)
+}
+
+func (s *modelManagerStateSuite) TestAdminDestroysOtherModel(c *gc.C) {
+	// TODO(perrito666) Both users are admins in this case, this tesst is of dubious
+	// usefulness until proper controller permissions are in place.
+	owner := names.NewUserTag("admin@local")
+	s.setAPIUser(c, owner)
+	m, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
+	c.Assert(err, jc.ErrorIsNil)
+	st, err := s.State.ForModel(names.NewModelTag(m.UUID))
+	c.Assert(err, jc.ErrorIsNil)
+	defer st.Close()
+
+	s.modelmanager, err = modelmanager.NewModelManagerAPI(
+		common.NewModelManagerBackend(st), s.authoriser,
+	)
+	c.Assert(err, jc.ErrorIsNil)
+
+	other := s.AdminUserTag(c)
+	s.setAPIUser(c, other)
+	err = s.modelmanager.DestroyModel()
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.setAPIUser(c, owner)
+	model, err := st.Model()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(model.Life(), gc.Not(gc.Equals), state.Alive)
+}
+
+func (s *modelManagerStateSuite) TestUserDestroysOtherModelDenied(c *gc.C) {
+	owner := names.NewUserTag("admin@local")
+	s.setAPIUser(c, owner)
+	m, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
+	c.Assert(err, jc.ErrorIsNil)
+	st, err := s.State.ForModel(names.NewModelTag(m.UUID))
+	c.Assert(err, jc.ErrorIsNil)
+	defer st.Close()
+
+	s.modelmanager, err = modelmanager.NewModelManagerAPI(
+		common.NewModelManagerBackend(st), s.authoriser,
+	)
+	c.Assert(err, jc.ErrorIsNil)
+
+	user := names.NewUserTag("other@remote")
+	s.setAPIUser(c, user)
+	err = s.modelmanager.DestroyModel()
+	c.Assert(err, gc.ErrorMatches, "permission denied")
+
+	s.setAPIUser(c, owner)
+	model, err := st.Model()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(model.Life(), gc.Equals, state.Alive)
+}
+
+func (s *modelManagerStateSuite) modifyAccess(c *gc.C, user names.UserTag, action params.ModelAction, access params.ModelAccessPermission, model names.ModelTag) error {
 	args := params.ModifyModelAccessRequest{
 		Changes: []params.ModifyModelAccess{{
 			UserTag:  user.String(),
@@ -335,15 +576,15 @@
 	return result.OneError()
 }
 
-func (s *modelManagerSuite) grant(c *gc.C, user names.UserTag, access params.ModelAccessPermission, model names.ModelTag) error {
+func (s *modelManagerStateSuite) grant(c *gc.C, user names.UserTag, access params.ModelAccessPermission, model names.ModelTag) error {
 	return s.modifyAccess(c, user, params.GrantModelAccess, access, model)
 }
 
-func (s *modelManagerSuite) revoke(c *gc.C, user names.UserTag, access params.ModelAccessPermission, model names.ModelTag) error {
+func (s *modelManagerStateSuite) revoke(c *gc.C, user names.UserTag, access params.ModelAccessPermission, model names.ModelTag) error {
 	return s.modifyAccess(c, user, params.RevokeModelAccess, access, model)
 }
 
-func (s *modelManagerSuite) TestGrantMissingUserFails(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantMissingUserFails(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	st := s.Factory.MakeModel(c, nil)
 	defer st.Close()
@@ -354,28 +595,28 @@
 	c.Assert(err, gc.ErrorMatches, expectedErr)
 }
 
-func (s *modelManagerSuite) TestGrantMissingModelFails(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantMissingModelFails(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	user := s.Factory.MakeModelUser(c, nil)
 	model := names.NewModelTag("17e4bd2d-3e08-4f3d-b945-087be7ebdce4")
 	err := s.grant(c, user.UserTag(), params.ModelReadAccess, model)
-	expectedErr := `model not found`
+	expectedErr := `.*model not found`
 	c.Assert(err, gc.ErrorMatches, expectedErr)
 }
 
-func (s *modelManagerSuite) TestRevokeAdminLeavesReadAccess(c *gc.C) {
+func (s *modelManagerStateSuite) TestRevokeAdminLeavesReadAccess(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
-	user := s.Factory.MakeModelUser(c, &factory.ModelUserParams{Access: state.ModelAdminAccess})
+	user := s.Factory.MakeModelUser(c, &factory.ModelUserParams{Access: state.WriteAccess})
 
 	err := s.revoke(c, user.UserTag(), params.ModelWriteAccess, user.ModelTag())
 	c.Assert(err, gc.IsNil)
 
 	modelUser, err := s.State.ModelUser(user.UserTag())
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	c.Assert(modelUser.IsReadOnly(), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestRevokeReadRemovesModelUser(c *gc.C) {
+func (s *modelManagerStateSuite) TestRevokeReadRemovesModelUser(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	user := s.Factory.MakeModelUser(c, nil)
 
@@ -386,7 +627,7 @@
 	c.Assert(errors.IsNotFound(err), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestRevokeModelMissingUser(c *gc.C) {
+func (s *modelManagerStateSuite) TestRevokeModelMissingUser(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	st := s.Factory.MakeModel(c, nil)
 	defer st.Close()
@@ -399,7 +640,7 @@
 	c.Assert(errors.IsNotFound(err), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestGrantOnlyGreaterAccess(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantOnlyGreaterAccess(c *gc.C) {
 	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "foobar", NoModelUser: true})
 	s.setAPIUser(c, s.AdminUserTag(c))
 	st := s.Factory.MakeModel(c, nil)
@@ -409,17 +650,17 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = s.grant(c, user.UserTag(), params.ModelReadAccess, st.ModelTag())
-	c.Assert(err, gc.ErrorMatches, `user already has "read" access`)
+	c.Assert(err, gc.ErrorMatches, `user already has "read" access or greater`)
 }
 
-func (s *modelManagerSuite) assertNewUser(c *gc.C, modelUser *state.ModelUser, userTag, creatorTag names.UserTag) {
+func (s *modelManagerStateSuite) assertNewUser(c *gc.C, modelUser *state.ModelUser, userTag, creatorTag names.UserTag) {
 	c.Assert(modelUser.UserTag(), gc.Equals, userTag)
 	c.Assert(modelUser.CreatedBy(), gc.Equals, creatorTag.Canonical())
 	_, err := modelUser.LastConnection()
 	c.Assert(err, jc.Satisfies, state.IsNeverConnectedError)
 }
 
-func (s *modelManagerSuite) TestGrantModelAddLocalUser(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantModelAddLocalUser(c *gc.C) {
 	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "foobar", NoModelUser: true})
 	apiUser := s.AdminUserTag(c)
 	s.setAPIUser(c, apiUser)
@@ -432,10 +673,10 @@
 	modelUser, err := st.ModelUser(user.UserTag())
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertNewUser(c, modelUser, user.UserTag(), apiUser)
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	c.Assert(modelUser.IsReadOnly(), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestGrantModelAddRemoteUser(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantModelAddRemoteUser(c *gc.C) {
 	userTag := names.NewUserTag("foobar@ubuntuone")
 	apiUser := s.AdminUserTag(c)
 	s.setAPIUser(c, apiUser)
@@ -449,10 +690,10 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.assertNewUser(c, modelUser, userTag, apiUser)
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	c.Assert(modelUser.IsReadOnly(), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestGrantModelAddAdminUser(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantModelAddAdminUser(c *gc.C) {
 	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "foobar", NoModelUser: true})
 	apiUser := s.AdminUserTag(c)
 	s.setAPIUser(c, apiUser)
@@ -464,25 +705,25 @@
 	modelUser, err := st.ModelUser(user.UserTag())
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertNewUser(c, modelUser, user.UserTag(), apiUser)
-	c.Assert(modelUser.ReadOnly(), jc.IsFalse)
+	c.Assert(modelUser.IsReadOnly(), jc.IsFalse)
 }
 
-func (s *modelManagerSuite) TestGrantModelIncreaseAccess(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantModelIncreaseAccess(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	st := s.Factory.MakeModel(c, nil)
 	defer st.Close()
 	stFactory := factory.NewFactory(st)
-	user := stFactory.MakeModelUser(c, &factory.ModelUserParams{Access: state.ModelReadAccess})
+	user := stFactory.MakeModelUser(c, &factory.ModelUserParams{Access: state.ReadAccess})
 
 	err := s.grant(c, user.UserTag(), params.ModelWriteAccess, st.ModelTag())
 	c.Assert(err, jc.ErrorIsNil)
 
 	modelUser, err := st.ModelUser(user.UserTag())
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(modelUser.Access(), gc.Equals, state.ModelAdminAccess)
+	c.Assert(modelUser.IsReadWrite(), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestGrantToModelNoAccess(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantToModelNoAccess(c *gc.C) {
 	apiUser := names.NewUserTag("bob@remote")
 	s.setAPIUser(c, apiUser)
 
@@ -494,7 +735,7 @@
 	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
 
-func (s *modelManagerSuite) TestGrantToModelReadAccess(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantToModelReadAccess(c *gc.C) {
 	apiUser := names.NewUserTag("bob@remote")
 	s.setAPIUser(c, apiUser)
 
@@ -502,14 +743,14 @@
 	defer st.Close()
 	stFactory := factory.NewFactory(st)
 	stFactory.MakeModelUser(c, &factory.ModelUserParams{
-		User: apiUser.Canonical(), Access: state.ModelReadAccess})
+		User: apiUser.Canonical(), Access: state.ReadAccess})
 
 	other := names.NewUserTag("other@remote")
 	err := s.grant(c, other, params.ModelReadAccess, st.ModelTag())
 	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
 
-func (s *modelManagerSuite) TestGrantToModelWriteAccess(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantToModelWriteAccess(c *gc.C) {
 	apiUser := names.NewUserTag("bob@remote")
 	s.setAPIUser(c, apiUser)
 
@@ -517,7 +758,7 @@
 	defer st.Close()
 	stFactory := factory.NewFactory(st)
 	stFactory.MakeModelUser(c, &factory.ModelUserParams{
-		User: apiUser.Canonical(), Access: state.ModelAdminAccess})
+		User: apiUser.Canonical(), Access: state.AdminAccess})
 
 	other := names.NewUserTag("other@remote")
 	err := s.grant(c, other, params.ModelReadAccess, st.ModelTag())
@@ -526,10 +767,10 @@
 	modelUser, err := st.ModelUser(other)
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertNewUser(c, modelUser, other, apiUser)
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	c.Assert(modelUser.IsReadOnly(), jc.IsTrue)
 }
 
-func (s *modelManagerSuite) TestGrantModelInvalidUserTag(c *gc.C) {
+func (s *modelManagerStateSuite) TestGrantModelInvalidUserTag(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	for _, testParam := range []struct {
 		tag      string
@@ -538,7 +779,7 @@
 		tag:      "unit-foo/0",
 		validTag: true,
 	}, {
-		tag:      "service-foo",
+		tag:      "application-foo",
 		validTag: true,
 	}, {
 		tag:      "relation-wordpress:db mysql:db",
@@ -596,7 +837,7 @@
 	}
 }
 
-func (s *modelManagerSuite) TestModifyModelAccessEmptyArgs(c *gc.C) {
+func (s *modelManagerStateSuite) TestModifyModelAccessEmptyArgs(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	args := params.ModifyModelAccessRequest{Changes: []params.ModifyModelAccess{{}}}
 
@@ -606,7 +847,7 @@
 	c.Assert(result.OneError(), gc.ErrorMatches, expectedErr)
 }
 
-func (s *modelManagerSuite) TestModifyModelAccessInvalidAction(c *gc.C) {
+func (s *modelManagerStateSuite) TestModifyModelAccessInvalidAction(c *gc.C) {
 	s.setAPIUser(c, s.AdminUserTag(c))
 	var dance params.ModelAction = "dance"
 	args := params.ModifyModelAccessRequest{
@@ -631,7 +872,7 @@
 	return cfg, nil
 }
 
-func (*fakeProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (*fakeProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	return cfg, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/modelmanager/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/modelmanager/state.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package modelmanager
-
-import (
-	"github.com/juju/names"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/status"
-)
-
-type Backend interface {
-	common.APIHostPortsGetter
-	common.ModelConfigGetter
-	common.ToolsStorageGetter
-
-	ModelUUID() string
-	ModelsForUser(names.UserTag) ([]*state.UserModel, error)
-	IsControllerAdministrator(user names.UserTag) (bool, error)
-	NewModel(state.ModelArgs) (*state.Model, *state.State, error)
-	ControllerModel() (*state.Model, error)
-	ForModel(tag names.ModelTag) (Backend, error)
-	Model() (Model, error)
-	AddModelUser(state.ModelUserSpec) (*state.ModelUser, error)
-	RemoveModelUser(names.UserTag) error
-	ModelUser(names.UserTag) (*state.ModelUser, error)
-	Close() error
-}
-
-type Model interface {
-	Config() (*config.Config, error)
-	Life() state.Life
-	Owner() names.UserTag
-	Status() (status.StatusInfo, error)
-	Users() ([]common.ModelUser, error)
-}
-
-type stateShim struct {
-	*state.State
-}
-
-func NewStateBackend(st *state.State) Backend {
-	return stateShim{st}
-}
-
-func (st stateShim) ForModel(tag names.ModelTag) (Backend, error) {
-	otherState, err := st.State.ForModel(tag)
-	if err != nil {
-		return nil, err
-	}
-	return stateShim{otherState}, nil
-}
-
-func (st stateShim) Model() (Model, error) {
-	m, err := st.State.Model()
-	if err != nil {
-		return nil, err
-	}
-	return modelShim{m}, nil
-}
-
-type modelShim struct {
-	*state.Model
-}
-
-func (m modelShim) Users() ([]common.ModelUser, error) {
-	stateUsers, err := m.Model.Users()
-	if err != nil {
-		return nil, err
-	}
-	users := make([]common.ModelUser, len(stateUsers))
-	for i, user := range stateUsers {
-		users[i] = user
-	}
-	return users, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/audit.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/audit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/audit.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/audit.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,128 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+package observer
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/version"
+
+	"github.com/juju/juju/audit"
+	"github.com/juju/juju/rpc"
+)
+
+// Context defines things an Audit observer need know about to operate
+// correctly.
+type AuditContext struct {
+
+	// JujuServerVersion is the version of jujud.
+	JujuServerVersion version.Number
+
+	// ModelUUID is the UUID of the model the audit observer is
+	// currently running on.
+	ModelUUID string
+}
+
+type ErrorHandler func(error)
+
+// NewAudit creates a new Audit with the information provided via the Context.
+func NewAudit(ctx *AuditContext, handleAuditEntry audit.AuditEntrySinkFn, errorHandler ErrorHandler) *Audit {
+	return &Audit{
+		jujuServerVersion: ctx.JujuServerVersion,
+		modelUUID:         ctx.ModelUUID,
+		errorHandler:      errorHandler,
+		handleAuditEntry:  handleAuditEntry,
+	}
+}
+
+// Audit is an observer which will log APIServer requests using the
+// function provided.
+type Audit struct {
+	jujuServerVersion version.Number
+	modelUUID         string
+	errorHandler      ErrorHandler
+	handleAuditEntry  audit.AuditEntrySinkFn
+
+	// state represents information that's built up as methods on this
+	// type are called. We segregate this to ensure it's clear what
+	// information is transient in case we want to extract it
+	// later. It's an anonymous struct so this doesn't leak outside
+	// this type.
+	state struct {
+		remoteAddress    string
+		authenticatedTag string
+	}
+}
+
+// Login implements Observer.
+func (a *Audit) Login(tag string) {
+	a.state.authenticatedTag = tag
+}
+
+// Join implements Observer.
+func (a *Audit) Join(req *http.Request) {
+	a.state.remoteAddress = req.RemoteAddr
+}
+
+// Leave implements Observer.
+func (a *Audit) Leave() {
+	a.state.remoteAddress = ""
+	a.state.authenticatedTag = ""
+}
+
+// RPCObserver implements Observer.
+func (a *Audit) RPCObserver() rpc.Observer {
+	return &AuditRPCObserver{
+		jujuServerVersion: a.jujuServerVersion,
+		modelUUID:         a.modelUUID,
+		errorHandler:      a.errorHandler,
+		handleAuditEntry:  a.handleAuditEntry,
+		authenticatedTag:  a.state.authenticatedTag,
+		remoteAddress:     a.state.remoteAddress,
+	}
+}
+
+// AuditRPCObserver is an observer which will log RPC requests using
+// the function provided.
+type AuditRPCObserver struct {
+	jujuServerVersion version.Number
+	modelUUID         string
+	errorHandler      ErrorHandler
+	handleAuditEntry  audit.AuditEntrySinkFn
+	authenticatedTag  string
+	remoteAddress     string
+}
+
+// ServerRequest implements Observer.
+func (a *AuditRPCObserver) ServerRequest(hdr *rpc.Header, body interface{}) {
+	auditEntry := a.boilerplateAuditEntry()
+	auditEntry.OriginName = a.authenticatedTag
+
+	auditEntry.OriginType = "API request"
+	auditEntry.Operation = rpcRequestToOperation(hdr.Request)
+	auditEntry.Data = map[string]interface{}{"request-body": body}
+	err := a.handleAuditEntry(auditEntry)
+	if err != nil {
+		a.errorHandler(errors.Trace(err))
+	}
+}
+
+// ServerReply implements Observer.
+func (a *AuditRPCObserver) ServerReply(rpc.Request, *rpc.Header, interface{}) {}
+
+func (a *AuditRPCObserver) boilerplateAuditEntry() audit.AuditEntry {
+	return audit.AuditEntry{
+		JujuServerVersion: a.jujuServerVersion,
+		ModelUUID:         a.modelUUID,
+		Timestamp:         time.Now().UTC(),
+		RemoteAddress:     a.remoteAddress,
+		OriginName:        a.authenticatedTag,
+	}
+}
+
+func rpcRequestToOperation(req rpc.Request) string {
+	return fmt.Sprintf("%s:v%d - %s", req.Type, req.Version, req.Action)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/fakeobserver/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/fakeobserver/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/fakeobserver/instance.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/fakeobserver/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,66 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package fakeobserver
+
+import (
+	"net/http"
+	"runtime"
+
+	"strings"
+
+	"github.com/juju/juju/rpc"
+	"github.com/juju/testing"
+)
+
+// Instance is a fake Observer used for testing.
+type Instance struct {
+	testing.Stub
+}
+
+// Join implements Observer.
+func (f *Instance) Join(req *http.Request) {
+	f.AddCall(funcName(), req)
+}
+
+// Leave implements Observer.
+func (f *Instance) Leave() {
+	f.AddCall(funcName())
+}
+
+// Login implements Observer.
+func (f *Instance) Login(entityName string) {
+	f.AddCall(funcName(), entityName)
+}
+
+// RPCObserver implements Observer.
+func (f *Instance) RPCObserver() rpc.Observer {
+	f.AddCall(funcName())
+	return &RPCInstance{}
+}
+
+// RPCInstance is a fake RPCObserver used for testing.
+type RPCInstance struct {
+	testing.Stub
+}
+
+// ServerReply implements Observer.
+func (f *RPCInstance) ServerReply(req rpc.Request, hdr *rpc.Header, body interface{}) {
+	f.AddCall(funcName(), req, hdr, body)
+}
+
+// ServerRequest implements Observer.
+func (f *RPCInstance) ServerRequest(hdr *rpc.Header, body interface{}) {
+	f.AddCall(funcName(), hdr, body)
+}
+
+// funcName returns the name of the function/method that called
+// funcName() It panics if this is not possible.
+func funcName() string {
+	if pc, _, _, ok := runtime.Caller(1); ok == false {
+		panic("could not find function name")
+	} else {
+		parts := strings.Split(runtime.FuncForPC(pc).Name(), ".")
+		return parts[len(parts)-1]
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/observer.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/observer.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/observer.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/observer.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,116 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package observer
+
+import (
+	"net/http"
+	"sync"
+
+	"github.com/juju/juju/rpc"
+)
+
+// Observer defines a type which will observe API server events as
+// they happen.
+type Observer interface {
+	rpc.ObserverFactory
+
+	// Login informs an Observer that an entity has logged in.
+	Login(string)
+
+	// Join is called when the connection to the API server's
+	// WebSocket is opened.
+	Join(req *http.Request)
+
+	// Leave is called when the connection to the API server's
+	// WebSocket is closed.
+	Leave()
+}
+
+// ObserverFactory is a function which creates an Observer.
+type ObserverFactory func() Observer
+
+// ObserverFactoryMultiplexer returns an ObserverFactory which will
+// return a Multiplexer of all the observers instantiated from the
+// factories passed in.
+func ObserverFactoryMultiplexer(factories ...ObserverFactory) ObserverFactory {
+	return func() Observer {
+		observers := make([]Observer, 0, len(factories))
+		for _, newObserver := range factories {
+			observers = append(observers, newObserver())
+		}
+		return NewMultiplexer(observers...)
+	}
+}
+
+// None is a wrapper around the Multiplexer factory to add clarity to
+// code that doesn't need any observers.
+func None() *Multiplexer {
+	return NewMultiplexer()
+}
+
+// NewMultiplexer creates a new Multiplexer with the provided
+// observers.
+func NewMultiplexer(observers ...Observer) *Multiplexer {
+	return &Multiplexer{
+		observers: removeNilObservers(observers),
+	}
+}
+
+func removeNilObservers(observers []Observer) []Observer {
+	var validatedObservers []Observer
+	for _, o := range observers {
+		if o == nil {
+			continue
+		}
+		validatedObservers = append(validatedObservers, o)
+	}
+	return validatedObservers
+}
+
+// Multiplexer multiplexes calls to an arbitray number of observers.
+type Multiplexer struct {
+	observers []Observer
+}
+
+// Join is called when the connection to the API server's WebSocket is
+// opened.
+func (m *Multiplexer) Join(req *http.Request) {
+	mapConcurrent(func(o Observer) { o.Join(req) }, m.observers)
+}
+
+// Leave implements Observer.
+func (m *Multiplexer) Leave() {
+	mapConcurrent(Observer.Leave, m.observers)
+}
+
+// Login implements Observer.
+func (m *Multiplexer) Login(entityName string) {
+	mapConcurrent(func(o Observer) { o.Login(entityName) }, m.observers)
+}
+
+// RPCObserver implements Observer. It will create an
+// rpc.ObserverMultiplexer by calling all the Observer's RPCObserver
+// methods.
+func (m *Multiplexer) RPCObserver() rpc.Observer {
+	rpcObservers := make([]rpc.Observer, len(m.observers))
+	for i, o := range m.observers {
+		rpcObservers[i] = o.RPCObserver()
+	}
+	return rpc.NewObserverMultiplexer(rpcObservers...)
+}
+
+// mapConcurrent calls fn on all observers concurrently and then waits
+// for all calls to exit before returning.
+func mapConcurrent(fn func(Observer), observers []Observer) {
+	var wg sync.WaitGroup
+	wg.Add(len(observers))
+	defer wg.Wait()
+
+	for _, o := range observers {
+		go func(obs Observer) {
+			defer wg.Done()
+			fn(obs)
+		}(o)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/observer_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/observer_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/observer_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/observer_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,93 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package observer_test
+
+import (
+	"net/http"
+
+	"github.com/juju/testing"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/apiserver/observer"
+	"github.com/juju/juju/apiserver/observer/fakeobserver"
+)
+
+type multiplexerSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&multiplexerSuite{})
+
+func (*multiplexerSuite) TestObserverFactoryMultiplexer_CallsAllFactories(c *gc.C) {
+	callCount := 0
+	factories := []observer.ObserverFactory{
+		func() observer.Observer { callCount++; return nil },
+		func() observer.Observer { callCount++; return nil },
+	}
+
+	newMultiplexObserver := observer.ObserverFactoryMultiplexer(factories...)
+	c.Assert(callCount, gc.Equals, 0)
+
+	multiplexedObserver := newMultiplexObserver()
+	c.Check(multiplexedObserver, gc.NotNil)
+	c.Check(callCount, gc.Equals, 2)
+}
+
+func (*multiplexerSuite) TestJoin_CallsAllObservers(c *gc.C) {
+	observers := []*fakeobserver.Instance{
+		&fakeobserver.Instance{},
+		&fakeobserver.Instance{},
+	}
+
+	o := observer.NewMultiplexer(observers[0], observers[1])
+	var req http.Request
+	o.Join(&req)
+
+	for _, f := range observers {
+		f.CheckCall(c, 0, "Join", &req)
+	}
+}
+
+func (*multiplexerSuite) TestLeave_CallsAllObservers(c *gc.C) {
+	observers := []*fakeobserver.Instance{
+		&fakeobserver.Instance{},
+		&fakeobserver.Instance{},
+	}
+
+	o := observer.NewMultiplexer(observers[0], observers[1])
+	o.Leave()
+
+	for _, f := range observers {
+		f.CheckCall(c, 0, "Leave")
+	}
+}
+
+func (*multiplexerSuite) TestRPCObserver_CallsAllObservers(c *gc.C) {
+	observers := []*fakeobserver.Instance{
+		&fakeobserver.Instance{},
+		&fakeobserver.Instance{},
+	}
+
+	o := observer.NewMultiplexer(observers[0], observers[1])
+	o.RPCObserver()
+
+	for _, f := range observers {
+		f.CheckCall(c, 0, "RPCObserver")
+	}
+}
+
+func (*multiplexerSuite) TestLogin_CallsAllObservers(c *gc.C) {
+	observers := []*fakeobserver.Instance{
+		&fakeobserver.Instance{},
+		&fakeobserver.Instance{},
+	}
+
+	o := observer.NewMultiplexer(observers[0], observers[1])
+	tag := "foo"
+	o.Login(tag)
+
+	for _, f := range observers {
+		f.CheckCall(c, 0, "Login", tag)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package observer_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/request_notifier.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/request_notifier.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/observer/request_notifier.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/observer/request_notifier.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,140 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+package observer
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/juju/loggo"
+	"github.com/juju/utils/clock"
+
+	"github.com/juju/juju/rpc"
+	"github.com/juju/juju/rpc/jsoncodec"
+)
+
+// RequestObserver serves as a sink for API server requests and
+// responses.
+type RequestObserver struct {
+	clock              clock.Clock
+	logger             loggo.Logger
+	apiConnectionCount func() int64
+	id                 int64
+
+	// state represents information that's built up as methods on this
+	// type are called. We segregate this to ensure it's clear what
+	// information is transient in case we want to extract it
+	// later. It's an anonymous struct so this doesn't leak outside
+	// this type.
+	state struct {
+		websocketConnected time.Time
+		tag                string
+	}
+}
+
+// RequestObservercontext provides information needed for a
+// RequestObserverContext to operate correctly.
+type RequestObserverContext struct {
+
+	// Clock is the clock to use for all time operations on this type.
+	Clock clock.Clock
+
+	// Logger is the log to use to write log statements.
+	Logger loggo.Logger
+}
+
+// NewRequestObserver returns a new RPCObserver.
+func NewRequestObserver(ctx RequestObserverContext, id int64) *RequestObserver {
+	return &RequestObserver{
+		clock:  ctx.Clock,
+		logger: ctx.Logger,
+		id:     id,
+	}
+}
+
+// Login implements Observer.
+func (n *RequestObserver) Login(tag string) {
+	n.state.tag = tag
+}
+
+// Join implements Observer.
+func (n *RequestObserver) Join(req *http.Request) {
+	n.state.websocketConnected = n.clock.Now()
+
+	n.logger.Infof(
+		"[%X] API connection from %s",
+		n.id,
+		req.RemoteAddr,
+	)
+}
+
+// Leave implements Observer.
+func (n *RequestObserver) Leave() {
+	n.logger.Infof(
+		"[%X] %s API connection terminated after %v",
+		n.id,
+		n.state.tag,
+		time.Since(n.state.websocketConnected),
+	)
+}
+
+// RPCObserver implements Observer.
+func (n *RequestObserver) RPCObserver() rpc.Observer {
+	return &rpcObserver{
+		clock:  n.clock,
+		logger: n.logger,
+		id:     n.id,
+		tag:    n.state.tag,
+	}
+}
+
+// rpcObserver serves as a sink for RPC requests and responses.
+type rpcObserver struct {
+	clock        clock.Clock
+	logger       loggo.Logger
+	id           int64
+	tag          string
+	requestStart time.Time
+}
+
+// ServerReques timplements rpc.Observer.
+func (n *rpcObserver) ServerRequest(hdr *rpc.Header, body interface{}) {
+	n.requestStart = n.clock.Now()
+
+	if hdr.Request.Type == "Pinger" && hdr.Request.Action == "Ping" {
+		return
+	}
+	// TODO(rog) 2013-10-11 remove secrets from some requests.
+	// Until secrets are removed, we only log the body of the requests at trace level
+	// which is below the default level of debug.
+	if n.logger.IsTraceEnabled() {
+		n.logger.Tracef("<- [%X] %s %s", n.id, n.tag, jsoncodec.DumpRequest(hdr, body))
+	} else {
+		n.logger.Debugf("<- [%X] %s %s", n.id, n.tag, jsoncodec.DumpRequest(hdr, "'params redacted'"))
+	}
+}
+
+// ServerReply implements rpc.Observer.
+func (n *rpcObserver) ServerReply(req rpc.Request, hdr *rpc.Header, body interface{}) {
+	if req.Type == "Pinger" && req.Action == "Ping" {
+		return
+	}
+
+	// TODO(rog) 2013-10-11 remove secrets from some responses.
+	// Until secrets are removed, we only log the body of the requests at trace level
+	// which is below the default level of debug.
+	if n.logger.IsTraceEnabled() {
+		n.logger.Tracef("-> [%X] %s %s", n.id, n.tag, jsoncodec.DumpRequest(hdr, body))
+	} else {
+		n.logger.Debugf(
+			"-> [%X] %s %s %s %s[%q].%s",
+			n.id,
+			n.tag,
+			time.Since(n.requestStart),
+			jsoncodec.DumpRequest(hdr, "'body redacted'"),
+			req.Type,
+			req.Id,
+			req.Action,
+		)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,14 +6,9 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/testing"
-
 	coretesting "github.com/juju/juju/testing"
 )
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1518806")
-	}
 	coretesting.MgoTestPackage(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/actions.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/actions.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/actions.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/actions.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,12 +3,7 @@
 
 package params
 
-import (
-	"time"
-
-	// TODO(jcw4) per fwereade 2014-11-21 remove this dependency
-	"gopkg.in/juju/charm.v6-unstable"
-)
+import "time"
 
 const (
 	// ActionCancelled is the status for an Action that has been
@@ -115,23 +110,31 @@
 // ActionExecutionResult holds the action tag and output used when
 // recording the result of an action.
 type ActionExecutionResult struct {
-	ActionTag string                 `json:"actiontag"`
+	ActionTag string                 `json:"action-tag"`
 	Status    string                 `json:"status"`
 	Results   map[string]interface{} `json:"results,omitempty"`
 	Message   string                 `json:"message,omitempty"`
 }
 
-// ServicesCharmActionsResults holds a slice of ServiceCharmActionsResult for
-// a bulk result of charm Actions for Services.
-type ServicesCharmActionsResults struct {
-	Results []ServiceCharmActionsResult `json:"results,omitempty"`
+// ApplicationsCharmActionsResults holds a slice of ApplicationCharmActionsResult for
+// a bulk result of charm Actions for Applications.
+type ApplicationsCharmActionsResults struct {
+	Results []ApplicationCharmActionsResult `json:"results,omitempty"`
 }
 
-// ServiceCharmActionsResult holds service name and charm.Actions for the service.
-// If an error such as a missing charm or malformed service name occurs, it
+// ApplicationCharmActionsResult holds application name and charm.Actions for the application.
+// If an error such as a missing charm or malformed application name occurs, it
 // is encapsulated in this type.
-type ServiceCharmActionsResult struct {
-	ServiceTag string         `json:"servicetag,omitempty"`
-	Actions    *charm.Actions `json:"actions,omitempty"`
-	Error      *Error         `json:"error,omitempty"`
+type ApplicationCharmActionsResult struct {
+	ApplicationTag string                `json:"application-tag,omitempty"`
+	Actions        map[string]ActionSpec `json:"actions,omitempty"`
+	Error          *Error                `json:"error,omitempty"`
+}
+
+// ActionSpec is a definition of the parameters and traits of an Action.
+// The Params map is expected to conform to JSON-Schema Draft 4 as defined at
+// http://json-schema.org/draft-04/schema# (see http://json-schema.org/latest/json-schema-core.html)
+type ActionSpec struct {
+	Description string                 `json:"description"`
+	Params      map[string]interface{} `json:"params"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/annotations.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/annotations.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/annotations.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/annotations.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,23 +5,23 @@
 
 // AnnotationsGetResult holds entity annotations or retrieval error.
 type AnnotationsGetResult struct {
-	EntityTag   string
-	Annotations map[string]string
-	Error       ErrorResult
+	EntityTag   string            `json:"entity"`
+	Annotations map[string]string `json:"annotations"`
+	Error       ErrorResult       `json:"error,omitempty"`
 }
 
 // AnnotationsGetResults holds annotations associated with entities.
 type AnnotationsGetResults struct {
-	Results []AnnotationsGetResult
+	Results []AnnotationsGetResult `json:"results"`
 }
 
 // AnnotationsSet stores parameters for making Set call on Annotations client.
 type AnnotationsSet struct {
-	Annotations []EntityAnnotations
+	Annotations []EntityAnnotations `json:"annotations"`
 }
 
 // EntityAnnotations stores annotations for an entity.
 type EntityAnnotations struct {
-	EntityTag   string
-	Annotations map[string]string
+	EntityTag   string            `json:"entity"`
+	Annotations map[string]string `json:"annotations"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/apierror.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/apierror.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/apierror.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/apierror.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,9 +15,9 @@
 
 // Error is the type of error returned by any call to the state API.
 type Error struct {
-	Message string
-	Code    string
-	Info    *ErrorInfo `json:",omitempty"`
+	Message string     `json:"message"`
+	Code    string     `json:"code"`
+	Info    *ErrorInfo `json:"info,omitempty"`
 }
 
 // ErrorInfo holds additional information provided by an error.
@@ -31,14 +31,14 @@
 	// discharged, may allow access to the juju API.
 	// This field is associated with the ErrDischargeRequired
 	// error code.
-	Macaroon *macaroon.Macaroon `json:",omitempty"`
+	Macaroon *macaroon.Macaroon `json:"macaroon,omitempty"`
 
 	// MacaroonPath holds the URL path to be associated
 	// with the macaroon. The macaroon is potentially
 	// valid for all URLs under the given path.
 	// If it is empty, the macaroon will be associated with
 	// the original URL from which the error was returned.
-	MacaroonPath string `json:",omitempty"`
+	MacaroonPath string `json:"macaroon-path,omitempty"`
 }
 
 func (e Error) Error() string {
@@ -59,6 +59,7 @@
 const (
 	CodeNotFound                  = "not found"
 	CodeUnauthorized              = "unauthorized access"
+	CodeLoginExpired              = "login expired"
 	CodeCannotEnterScope          = "cannot enter scope"
 	CodeCannotEnterScopeYet       = "cannot enter scope yet"
 	CodeExcessiveContention       = "excessive contention"
@@ -84,6 +85,7 @@
 	CodeMethodNotAllowed          = "method not allowed"
 	CodeForbidden                 = "forbidden"
 	CodeDischargeRequired         = "macaroon discharge required"
+	CodeRedirect                  = "redirection required"
 )
 
 // ErrCode returns the error code associated with
@@ -113,6 +115,10 @@
 	return ErrCode(err) == CodeUnauthorized
 }
 
+func IsCodeLoginExpired(err error) bool {
+	return ErrCode(err) == CodeLoginExpired
+}
+
 // IsCodeNotFoundOrCodeUnauthorized is used in API clients which,
 // pre-API, used errors.IsNotFound; this is because an API client is
 // not necessarily privileged to know about the existence or otherwise
@@ -209,3 +215,7 @@
 func IsMethodNotAllowed(err error) bool {
 	return ErrCode(err) == CodeMethodNotAllowed
 }
+
+func IsRedirect(err error) bool {
+	return ErrCode(err) == CodeRedirect
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/backups.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/backups.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/backups.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/backups.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,12 +11,12 @@
 
 // BackupsCreateArgs holds the args for the API Create method.
 type BackupsCreateArgs struct {
-	Notes string
+	Notes string `json:"notes"`
 }
 
 // BackupsInfoArgs holds the args for the API Info method.
 type BackupsInfoArgs struct {
-	ID string
+	ID string `json:"id"`
 }
 
 // BackupsListArgs holds the args for the API List method.
@@ -25,54 +25,55 @@
 
 // BackupsDownloadArgs holds the args for the API Download method.
 type BackupsDownloadArgs struct {
-	ID string
+	ID string `json:"id"`
 }
 
 // BackupsUploadArgs holds the args for the API Upload method.
 type BackupsUploadArgs struct {
-	Data     []byte
-	Metadata BackupsMetadataResult
+	Data     []byte                `json:"data"`
+	Metadata BackupsMetadataResult `json:"metadata"`
 }
 
 // BackupsRemoveArgs holds the args for the API Remove method.
 type BackupsRemoveArgs struct {
-	ID string
+	ID string `json:"id"`
 }
 
 // BackupsListResult holds the list of all stored backups.
 type BackupsListResult struct {
-	List []BackupsMetadataResult
+	List []BackupsMetadataResult `json:"list"`
 }
 
 // BackupsListResult holds the list of all stored backups.
 type BackupsUploadResult struct {
-	ID string
+	ID string `json:"id"`
 }
 
 // BackupsMetadataResult holds the metadata for a backup as returned by
 // an API backups method (such as Create).
 type BackupsMetadataResult struct {
-	ID string
+	ID string `json:"id"`
 
-	Checksum       string
-	ChecksumFormat string
-	Size           int64
-	Stored         time.Time // May be zero...
-
-	Started  time.Time
-	Finished time.Time // May be zero...
-	Notes    string
-	Model    string
-	Machine  string
-	Hostname string
-	Version  version.Number
+	Checksum       string    `json:"checksum"`
+	ChecksumFormat string    `json:"checksum-format"`
+	Size           int64     `json:"size"`
+	Stored         time.Time `json:"stored"` // May be zero...
+
+	Started  time.Time      `json:"started"`
+	Finished time.Time      `json:"finished"` // May be zero...
+	Notes    string         `json:"notes"`
+	Model    string         `json:"model"`
+	Machine  string         `json:"machine"`
+	Hostname string         `json:"hostname"`
+	Version  version.Number `json:"version"`
+	Series   string         `json:"series"`
 
-	CACert       string
-	CAPrivateKey string
+	CACert       string `json:"ca-cert"`
+	CAPrivateKey string `json:"ca-private-key"`
 }
 
 // RestoreArgs Holds the backup file or id
 type RestoreArgs struct {
 	// BackupId holds the id of the backup in server if any
-	BackupId string
+	BackupId string `json:"backup-id"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/charms.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/charms.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/charms.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/charms.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,22 +3,115 @@
 
 package params
 
-// CharmInfo stores parameters for a charms.CharmInfo call.
-type CharmInfo struct {
-	CharmURL string
-}
-
 // CharmsList stores parameters for a charms.List call
 type CharmsList struct {
-	Names []string
+	Names []string `json:"names"`
 }
 
 // CharmsListResult stores result from a charms.List call
 type CharmsListResult struct {
-	CharmURLs []string
+	CharmURLs []string `json:"charm-urls"`
 }
 
 // IsMeteredResult stores result from a charms.IsMetered call
 type IsMeteredResult struct {
-	Metered bool
+	Metered bool `json:"metered"`
+}
+
+// CharmOption mirrors charm.Option
+type CharmOption struct {
+	Type        string      `json:"type"`
+	Description string      `json:"description,omitempty"`
+	Default     interface{} `json:"default,omitempty"`
+}
+
+// CharmRelation mirrors charm.Relation.
+type CharmRelation struct {
+	Name      string `json:"name"`
+	Role      string `json:"role"`
+	Interface string `json:"interface"`
+	Optional  bool   `json:"optional"`
+	Limit     int    `json:"limit"`
+	Scope     string `json:"scope"`
+}
+
+// CharmStorage mirrors charm.Storage.
+type CharmStorage struct {
+	Name        string   `json:"name"`
+	Description string   `json:"description"`
+	Type        string   `json:"type"`
+	Shared      bool     `json:"shared"`
+	ReadOnly    bool     `json:"read-only"`
+	CountMin    int      `json:"count-min"`
+	CountMax    int      `json:"count-max"`
+	MinimumSize uint64   `json:"minimum-size"`
+	Location    string   `json:"location,omitempty"`
+	Properties  []string `json:"properties,omitempty"`
+}
+
+// CharmPayloadClass mirrors charm.PayloadClass.
+type CharmPayloadClass struct {
+	Name string `json:"name"`
+	Type string `json:"type"`
+}
+
+// CharmResourceMeta mirrors charm.ResourceMeta.
+type CharmResourceMeta struct {
+	Name        string `json:"name"`
+	Type        string `json:"type"`
+	Path        string `json:"path"`
+	Description string `json:"description"`
+}
+
+// CharmMeta mirrors charm.Meta.
+type CharmMeta struct {
+	Name           string                       `json:"name"`
+	Summary        string                       `json:"summary"`
+	Description    string                       `json:"description"`
+	Subordinate    bool                         `json:"subordinate"`
+	Provides       map[string]CharmRelation     `json:"provides,omitempty"`
+	Requires       map[string]CharmRelation     `json:"requires,omitempty"`
+	Peers          map[string]CharmRelation     `json:"peers,omitempty"`
+	ExtraBindings  map[string]string            `json:"extra-bindings,omitempty"`
+	Categories     []string                     `json:"categories,omitempty"`
+	Tags           []string                     `json:"tags,omitempty"`
+	Series         []string                     `json:"series,omitempty"`
+	Storage        map[string]CharmStorage      `json:"storage,omitempty"`
+	PayloadClasses map[string]CharmPayloadClass `json:"payload-classes,omitempty"`
+	Resources      map[string]CharmResourceMeta `json:"resources,omitempty"`
+	Terms          []string                     `json:"terms,omitempty"`
+	MinJujuVersion string                       `json:"min-juju-version,omitempty"`
+}
+
+// CharmInfo holds all the charm data that the client needs.
+// To be honest, it probably returns way more than what is actually needed.
+type CharmInfo struct {
+	Revision int                    `json:"revision"`
+	URL      string                 `json:"url"`
+	Config   map[string]CharmOption `json:"config"`
+	Meta     *CharmMeta             `json:"meta,omitempty"`
+	Actions  *CharmActions          `json:"actions,omitempty"`
+	Metrics  *CharmMetrics          `json:"metrics,omitempty"`
+}
+
+// CharmActions mirrors charm.Actions.
+type CharmActions struct {
+	ActionSpecs map[string]CharmActionSpec `json:"specs,omitempty"`
+}
+
+// CharmActionSpec mirrors charm.ActionSpec.
+type CharmActionSpec struct {
+	Description string                 `json:"description"`
+	Params      map[string]interface{} `json:"params"`
+}
+
+// CharmMetric mirrors charm.Metric.
+type CharmMetric struct {
+	Type        string `json:"type"`
+	Description string `json:"description"`
+}
+
+// CharmMetrics mirrors charm.Metrics.
+type CharmMetrics struct {
+	Metrics map[string]CharmMetric `json:"metrics"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/cloud.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/cloud.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/cloud.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/cloud.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,92 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package params
+
+// Cloud holds information about a cloud.
+type Cloud struct {
+	Type            string        `json:"type"`
+	AuthTypes       []string      `json:"auth-types,omitempty"`
+	Endpoint        string        `json:"endpoint,omitempty"`
+	StorageEndpoint string        `json:"endpoint,omitempty"`
+	Regions         []CloudRegion `json:"regions,omitempty"`
+}
+
+// CloudRegion holds information about a cloud region.
+type CloudRegion struct {
+	Name            string `json:"name"`
+	Endpoint        string `json:"endpoint,omitempty"`
+	StorageEndpoint string `json:"endpoint,omitempty"`
+}
+
+// CloudResult contains a cloud definition or an error.
+type CloudResult struct {
+	Cloud *Cloud `json:"cloud,omitempty"`
+	Error *Error `json:"error,omitempty"`
+}
+
+// CloudResults contains a set of CloudResults.
+type CloudResults struct {
+	Results []CloudResult `json:"results,omitempty"`
+}
+
+// CloudCredential contains a cloud credential.
+type CloudCredential struct {
+	AuthType   string            `json:"auth-type"`
+	Attributes map[string]string `json:"attrs,omitempty"`
+}
+
+// CloudCredentialsResult contains a set of credentials for a user and cloud,
+// or an error.
+type CloudCredentialsResult struct {
+	Error       *Error                     `json:"error,omitempty"`
+	Credentials map[string]CloudCredential `json:"credentials,omitempty"`
+}
+
+// CloudCredentialsResults contains a set of CloudCredentialsResults.
+type CloudCredentialsResults struct {
+	Results []CloudCredentialsResult `json:"results,omitempty"`
+}
+
+// UserCloud contains a user/cloud tag pair, typically used for identifying
+// a user's credentials for a cloud.
+type UserCloud struct {
+	UserTag  string `json:"user-tag"`
+	CloudTag string `json:"cloud-tag"`
+}
+
+// UserClouds contains a set of USerClouds.
+type UserClouds struct {
+	UserClouds []UserCloud `json:"user-clouds,omitempty"`
+}
+
+// UserCloudCredentials contains a user's credentials for a cloud.
+type UserCloudCredentials struct {
+	UserTag     string                     `json:"user-tag"`
+	CloudTag    string                     `json:"cloud-tag"`
+	Credentials map[string]CloudCredential `json:"credentials"`
+}
+
+// UsersCloudCredentials contains a set of UserCloudCredentials.
+type UsersCloudCredentials struct {
+	Users []UserCloudCredentials `json:"users"`
+}
+
+// CloudDefaults contains defaults for cloud name, region, and
+// credential for a user.
+type CloudDefaults struct {
+	CloudTag        string `json:"cloud-tag"`
+	CloudRegion     string `json:"region,omitempty"`
+	CloudCredential string `json:"credential,omitempty"`
+}
+
+// CloudDefaultsResult contains a CloudDefaults or an error.
+type CloudDefaultsResult struct {
+	Result *CloudDefaults `json:"result,omitempty"`
+	Error  *Error         `json:"error"`
+}
+
+// CloudDefaultsResults contains a set of CloudDefaultsResults.
+type CloudDefaultsResults struct {
+	Results []CloudDefaultsResult `json:"results,omitempty"`
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/controller.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/controller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/controller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/controller.go	2016-07-18 19:45:44.000000000 +0000
@@ -38,7 +38,7 @@
 	ModelTag           string `json:"model-tag"`
 	Life               Life   `json:"life"`
 	HostedMachineCount int    `json:"hosted-machine-count"`
-	ServiceCount       int    `json:"service-count"`
+	ApplicationCount   int    `json:"application-count"`
 	OwnerTag           string `json:"owner-tag"`
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/image_metadata.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/image_metadata.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/image_metadata.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/image_metadata.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,7 +22,7 @@
 	Stream string `json:"stream,omitempty"`
 
 	// VirtType stores virtualisation type.
-	VirtType string `json:"virt_type,omitempty"`
+	VirtType string `json:"virt-type,omitempty"`
 
 	// RootStorageType stores storage type.
 	RootStorageType string `json:"root-storage-type,omitempty"`
@@ -31,7 +31,7 @@
 // CloudImageMetadata holds cloud image metadata properties.
 type CloudImageMetadata struct {
 	// ImageId is an image identifier.
-	ImageId string `json:"image_id"`
+	ImageId string `json:"image-id"`
 
 	// Stream contains reference to a particular stream,
 	// for e.g. "daily" or "released"
@@ -50,13 +50,13 @@
 	Arch string `json:"arch"`
 
 	// VirtType contains the virtualisation type of the cloud image, for e.g. "pv", "hvm". "kvm".
-	VirtType string `json:"virt_type,omitempty"`
+	VirtType string `json:"virt-type,omitempty"`
 
 	// RootStorageType contains type of root storage, for e.g. "ebs", "instance".
-	RootStorageType string `json:"root_storage_type,omitempty"`
+	RootStorageType string `json:"root-storage-type,omitempty"`
 
 	// RootStorageSize contains size of root storage in gigabytes (GB).
-	RootStorageSize *uint64 `json:"root_storage_size,omitempty"`
+	RootStorageSize *uint64 `json:"root-storage-size,omitempty"`
 
 	// Source describes where this image is coming from: is it public? custom?
 	Source string `json:"source"`
@@ -85,5 +85,5 @@
 
 // MetadataImageIds holds image ids and can be used to identify related image metadata.
 type MetadataImageIds struct {
-	Ids []string `json:"image_ids"`
+	Ids []string `json:"image-ids"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/internal.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/internal.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/internal.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/internal.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,6 @@
 import (
 	"time"
 
-	"github.com/juju/utils/exec"
 	"github.com/juju/version"
 
 	"github.com/juju/juju/constraints"
@@ -19,167 +18,173 @@
 // MachineContainersParams holds the arguments for making a SetSupportedContainers
 // API call.
 type MachineContainersParams struct {
-	Params []MachineContainers
+	Params []MachineContainers `json:"params"`
 }
 
 // MachineContainers holds the arguments for making an SetSupportedContainers call
 // on a given machine.
 type MachineContainers struct {
-	MachineTag     string
-	ContainerTypes []instance.ContainerType
+	MachineTag     string                   `json:"machine-tag"`
+	ContainerTypes []instance.ContainerType `json:"container-types"`
 }
 
 // WatchContainer identifies a single container type within a machine.
 type WatchContainer struct {
-	MachineTag    string
-	ContainerType string
+	MachineTag    string `json:"machine-tag"`
+	ContainerType string `json:"container-type"`
 }
 
 // WatchContainers holds the arguments for making a WatchContainers
 // API call.
 type WatchContainers struct {
-	Params []WatchContainer
+	Params []WatchContainer `json:"params"`
 }
 
 // CharmURL identifies a single charm URL.
 type CharmURL struct {
-	URL string
+	URL string `json:"url"`
 }
 
 // CharmURLs identifies multiple charm URLs.
 type CharmURLs struct {
-	URLs []CharmURL
+	URLs []CharmURL `json:"urls"`
 }
 
 // StringsResult holds the result of an API call that returns a slice
 // of strings or an error.
 type StringsResult struct {
-	Error  *Error
-	Result []string
+	Error  *Error   `json:"error,omitempty"`
+	Result []string `json:"result,omitempty"`
 }
 
 // StringsResults holds the bulk operation result of an API call
 // that returns a slice of strings or an error.
 type StringsResults struct {
-	Results []StringsResult
+	Results []StringsResult `json:"results"`
 }
 
 // StringResult holds a string or an error.
 type StringResult struct {
-	Error  *Error
-	Result string
+	Error  *Error `json:"error,omitempty"`
+	Result string `json:"result"`
 }
 
 // StringResults holds the bulk operation result of an API call
 // that returns a string or an error.
 type StringResults struct {
-	Results []StringResult
+	Results []StringResult `json:"results"`
 }
 
 // ModelResult holds the result of an API call returning a name and UUID
 // for a model.
 type ModelResult struct {
-	Error *Error
-	Name  string
-	UUID  string
-}
-
-// ModelSkeletonConfigArgs wraps the args for modelmanager.SkeletonConfig.
-type ModelSkeletonConfigArgs struct {
-	Provider string
-	Region   string
+	Error *Error `json:"error,omitempty"`
+	Name  string `json:"name"`
+	UUID  string `json:"uuid"`
 }
 
 // ModelCreateArgs holds the arguments that are necessary to create
 // a model.
 type ModelCreateArgs struct {
+	// Name is the name for the new model.
+	Name string `json:"name"`
+
 	// OwnerTag represents the user that will own the new model.
 	// The OwnerTag must be a valid user tag.  If the user tag represents
 	// a local user, that user must exist.
-	OwnerTag string
-
-	// Account holds the provider specific account details necessary to
-	// interact with the provider to create, list and destroy machines.
-	Account map[string]interface{}
+	OwnerTag string `json:"owner-tag"`
 
 	// Config defines the model config, which includes the name of the
-	// model.  An model UUID is allocated by the API server during
-	// the creation of the model.
-	Config map[string]interface{}
+	// model. A model UUID is allocated by the API server during the
+	// creation of the model.
+	Config map[string]interface{} `json:"config,omitempty"`
+
+	// CloudRegion is the name of the cloud region to create the
+	// model in. If the cloud does not support regions, this must
+	// be empty. If this is empty, the model will be created in
+	// the same region as the controller model.
+	CloudRegion string `json:"region,omitempty"`
+
+	// CloudCredential is the name of the cloud credential to use
+	// for managing the model's resources. If the cloud does not
+	// require credentials, this may be empty. If this is empty,
+	// and the owner is the controller owner, the same credential
+	// used for the controller model will be used.
+	CloudCredential string `json:"credential,omitempty"`
 }
 
 // Model holds the result of an API call returning a name and UUID
 // for a model and the tag of the server in which it is running.
 type Model struct {
-	Name     string `json:"Name"`
-	UUID     string `json:"UUID"`
-	OwnerTag string `json:"OwnerTag"`
+	Name     string `json:"name"`
+	UUID     string `json:"uuid"`
+	OwnerTag string `json:"owner-tag"`
 }
 
 // UserModel holds information about a model and the last
 // time the model was accessed for a particular user.
 type UserModel struct {
-	Model
-	LastConnection *time.Time
+	Model          `json:"model"`
+	LastConnection *time.Time `json:"last-connection"`
 }
 
 // UserModelList holds information about a list of models
 // for a particular user.
 type UserModelList struct {
-	UserModels []UserModel
+	UserModels []UserModel `json:"user-models"`
 }
 
 // ResolvedModeResult holds a resolved mode or an error.
 type ResolvedModeResult struct {
-	Error *Error
-	Mode  ResolvedMode
+	Error *Error       `json:"error,omitempty"`
+	Mode  ResolvedMode `json:"mode"`
 }
 
 // ResolvedModeResults holds the bulk operation result of an API call
 // that returns a resolved mode or an error.
 type ResolvedModeResults struct {
-	Results []ResolvedModeResult
+	Results []ResolvedModeResult `json:"results"`
 }
 
 // StringBoolResult holds the result of an API call that returns a
 // string and a boolean.
 type StringBoolResult struct {
-	Error  *Error
-	Result string
-	Ok     bool
+	Error  *Error `json:"error,omitempty"`
+	Result string `json:"result"`
+	Ok     bool   `json:"ok"`
 }
 
 // StringBoolResults holds multiple results with a string and a bool
 // each.
 type StringBoolResults struct {
-	Results []StringBoolResult
+	Results []StringBoolResult `json:"results"`
 }
 
 // BoolResult holds the result of an API call that returns a
 // a boolean or an error.
 type BoolResult struct {
-	Error  *Error
-	Result bool
+	Error  *Error `json:"error,omitempty"`
+	Result bool   `json:"result"`
 }
 
 // BoolResults holds multiple results with BoolResult each.
 type BoolResults struct {
-	Results []BoolResult
+	Results []BoolResult `json:"results"`
 }
 
 // IntResults holds multiple results with an int in each.
 type IntResults struct {
 	// Results holds a list of results for calls that return an int or error.
-	Results []IntResult
+	Results []IntResult `json:"results"`
 }
 
 // IntResult holds the result of an API call that returns a
 // int or an error.
 type IntResult struct {
 	// Error holds the error (if any) of this call.
-	Error *Error
+	Error *Error `json:"error,omitempty"`
 	// Result holds the integer result of the call (if Error is nil).
-	Result int
+	Result int `json:"result"`
 }
 
 // Settings holds relation settings names and values.
@@ -187,285 +192,305 @@
 
 // SettingsResult holds a relation settings map or an error.
 type SettingsResult struct {
-	Error    *Error
-	Settings Settings
+	Error    *Error   `json:"error,omitempty"`
+	Settings Settings `json:"settings"`
 }
 
 // SettingsResults holds the result of an API calls that
 // returns settings for multiple relations.
 type SettingsResults struct {
-	Results []SettingsResult
+	Results []SettingsResult `json:"results"`
 }
 
-// ConfigSettings holds unit, service or cham configuration settings
+// ConfigSettings holds unit, application or cham configuration settings
 // with string keys and arbitrary values.
 type ConfigSettings map[string]interface{}
 
 // ConfigSettingsResult holds a configuration map or an error.
 type ConfigSettingsResult struct {
-	Error    *Error
-	Settings ConfigSettings
+	Error    *Error         `json:"error,omitempty"`
+	Settings ConfigSettings `json:"settings"`
 }
 
 // ConfigSettingsResults holds multiple configuration maps or errors.
 type ConfigSettingsResults struct {
-	Results []ConfigSettingsResult
+	Results []ConfigSettingsResult `json:"results"`
 }
 
-// ModelConfig holds an model configuration.
+// ModelConfig holds a model configuration.
 type ModelConfig map[string]interface{}
 
-// ModelConfigResult holds model configuration or an error.
+// ControllerConfig holds a controller configuration.
+type ControllerConfig map[string]interface{}
+
+// ModelConfigResult holds model configuration.
 type ModelConfigResult struct {
-	Config ModelConfig
+	Config ModelConfig `json:"config"`
+}
+
+// ControllerConfigResult holds controller configuration.
+type ControllerConfigResult struct {
+	Config ControllerConfig `json:"config"`
 }
 
 // RelationUnit holds a relation and a unit tag.
 type RelationUnit struct {
-	Relation string
-	Unit     string
+	Relation string `json:"relation"`
+	Unit     string `json:"unit"`
 }
 
 // RelationUnits holds the parameters for API calls expecting a pair
 // of relation and unit tags.
 type RelationUnits struct {
-	RelationUnits []RelationUnit
+	RelationUnits []RelationUnit `json:"relation-units"`
 }
 
 // RelationIds holds multiple relation ids.
 type RelationIds struct {
-	RelationIds []int
+	RelationIds []int `json:"relation-ids"`
 }
 
 // RelationUnitPair holds a relation tag, a local and remote unit tags.
 type RelationUnitPair struct {
-	Relation   string
-	LocalUnit  string
-	RemoteUnit string
+	Relation   string `json:"relation"`
+	LocalUnit  string `json:"local-unit"`
+	RemoteUnit string `json:"remote-unit"`
 }
 
 // RelationUnitPairs holds the parameters for API calls expecting
 // multiple sets of a relation tag, a local and remote unit tags.
 type RelationUnitPairs struct {
-	RelationUnitPairs []RelationUnitPair
+	RelationUnitPairs []RelationUnitPair `json:"relation-unit-pairs"`
 }
 
 // RelationUnitSettings holds a relation tag, a unit tag and local
 // unit settings.
 type RelationUnitSettings struct {
-	Relation string
-	Unit     string
-	Settings Settings
+	Relation string   `json:"relation"`
+	Unit     string   `json:"unit"`
+	Settings Settings `json:"settings"`
 }
 
 // RelationUnitsSettings holds the arguments for making a EnterScope
 // or WriteSettings API calls.
 type RelationUnitsSettings struct {
-	RelationUnits []RelationUnitSettings
+	RelationUnits []RelationUnitSettings `json:"relation-units"`
 }
 
 // RelationResult returns information about a single relation,
 // or an error.
 type RelationResult struct {
-	Error    *Error
-	Life     Life
-	Id       int
-	Key      string
-	Endpoint multiwatcher.Endpoint
+	Error    *Error                `json:"error,omitempty"`
+	Life     Life                  `json:"life"`
+	Id       int                   `json:"id"`
+	Key      string                `json:"key"`
+	Endpoint multiwatcher.Endpoint `json:"endpoint"`
 }
 
 // RelationResults holds the result of an API call that returns
 // information about multiple relations.
 type RelationResults struct {
-	Results []RelationResult
+	Results []RelationResult `json:"results"`
 }
 
 // EntityCharmURL holds an entity's tag and a charm URL.
 type EntityCharmURL struct {
-	Tag      string
-	CharmURL string
+	Tag      string `json:"tag"`
+	CharmURL string `json:"charm-url"`
 }
 
 // EntitiesCharmURL holds the parameters for making a SetCharmURL API
 // call.
 type EntitiesCharmURL struct {
-	Entities []EntityCharmURL
+	Entities []EntityCharmURL `json:"entities"`
+}
+
+// EntityWorkloadVersion holds the workload version for an entity.
+type EntityWorkloadVersion struct {
+	Tag             string `json:"tag"`
+	WorkloadVersion string `json:"workload-version"`
+}
+
+// EntityWorkloadVersions holds the parameters for setting the
+// workload version for a set of entities.
+type EntityWorkloadVersions struct {
+	Entities []EntityWorkloadVersion `json:"entities"`
 }
 
 // BytesResult holds the result of an API call that returns a slice
 // of bytes.
 type BytesResult struct {
-	Result []byte
+	Result []byte `json:"result"`
 }
 
 // LifeResult holds the life status of a single entity, or an error
 // indicating why it is not available.
 type LifeResult struct {
-	Life  Life
-	Error *Error
+	Life  Life   `json:"life"`
+	Error *Error `json:"error,omitempty"`
 }
 
 // LifeResults holds the life or error status of multiple entities.
 type LifeResults struct {
-	Results []LifeResult
+	Results []LifeResult `json:"results"`
 }
 
 // InstanceInfo holds a machine tag, provider-specific instance id, a nonce, and
 // network config.
 type InstanceInfo struct {
-	Tag             string
-	InstanceId      instance.Id
-	Nonce           string
-	Characteristics *instance.HardwareCharacteristics
-	Volumes         []Volume
+	Tag             string                            `json:"tag"`
+	InstanceId      instance.Id                       `json:"instance-id"`
+	Nonce           string                            `json:"nonce"`
+	Characteristics *instance.HardwareCharacteristics `json:"characteristics"`
+	Volumes         []Volume                          `json:"volumes"`
 	// VolumeAttachments is a mapping from volume tag to
 	// volume attachment info.
-	VolumeAttachments map[string]VolumeAttachmentInfo
+	VolumeAttachments map[string]VolumeAttachmentInfo `json:"volume-attachments"`
 
-	NetworkConfig []NetworkConfig
+	NetworkConfig []NetworkConfig `json:"network-config"`
 }
 
 // InstancesInfo holds the parameters for making a SetInstanceInfo
 // call for multiple machines.
 type InstancesInfo struct {
-	Machines []InstanceInfo
+	Machines []InstanceInfo `json:"machines"`
 }
 
 // EntityStatus holds the status of an entity.
 type EntityStatus struct {
-	Status status.Status
-	Info   string
-	Data   map[string]interface{}
-	Since  *time.Time
+	Status status.Status          `json:"status"`
+	Info   string                 `json:"info"`
+	Data   map[string]interface{} `json:"data,omitempty"`
+	Since  *time.Time             `json:"since"`
 }
 
-// EntityStatus holds parameters for setting the status of a single entity.
+// EntityStatusArgs holds parameters for setting the status of a single entity.
 type EntityStatusArgs struct {
-	Tag    string
-	Status status.Status
-	Info   string
-	Data   map[string]interface{}
+	Tag    string                 `json:"tag"`
+	Status string                 `json:"status"`
+	Info   string                 `json:"info"`
+	Data   map[string]interface{} `json:"data"`
 }
 
 // SetStatus holds the parameters for making a SetStatus/UpdateStatus call.
 type SetStatus struct {
-	Entities []EntityStatusArgs
+	Entities []EntityStatusArgs `json:"entities"`
 }
 
 // ConstraintsResult holds machine constraints or an error.
 type ConstraintsResult struct {
-	Error       *Error
-	Constraints constraints.Value
+	Error       *Error            `json:"error,omitempty"`
+	Constraints constraints.Value `json:"constraints"`
 }
 
 // ConstraintsResults holds multiple constraints results.
 type ConstraintsResults struct {
-	Results []ConstraintsResult
+	Results []ConstraintsResult `json:"results"`
 }
 
 // AgentGetEntitiesResults holds the results of a
 // agent.API.GetEntities call.
 type AgentGetEntitiesResults struct {
-	Entities []AgentGetEntitiesResult
+	Entities []AgentGetEntitiesResult `json:"entities"`
 }
 
 // AgentGetEntitiesResult holds the results of a
 // machineagent.API.GetEntities call for a single entity.
 type AgentGetEntitiesResult struct {
-	Life          Life
-	Jobs          []multiwatcher.MachineJob
-	ContainerType instance.ContainerType
-	Error         *Error
+	Life          Life                      `json:"life"`
+	Jobs          []multiwatcher.MachineJob `json:"jobs"`
+	ContainerType instance.ContainerType    `json:"container-type"`
+	Error         *Error                    `json:"error,omitempty"`
 }
 
 // VersionResult holds the version and possibly error for a given
 // DesiredVersion() API call.
 type VersionResult struct {
-	Version *version.Number
-	Error   *Error
+	Version *version.Number `json:"version,omitempty"`
+	Error   *Error          `json:"error,omitempty"`
 }
 
 // VersionResults is a list of versions for the requested entities.
 type VersionResults struct {
-	Results []VersionResult
+	Results []VersionResult `json:"results"`
 }
 
 // ToolsResult holds the tools and possibly error for a given
 // Tools() API call.
 type ToolsResult struct {
-	ToolsList                      tools.List
-	DisableSSLHostnameVerification bool
-	Error                          *Error
+	ToolsList                      tools.List `json:"tools"`
+	DisableSSLHostnameVerification bool       `json:"disable-ssl-hostname-verification"`
+	Error                          *Error     `json:"error,omitempty"`
 }
 
 // ToolsResults is a list of tools for various requested agents.
 type ToolsResults struct {
-	Results []ToolsResult
+	Results []ToolsResult `json:"results"`
 }
 
 // Version holds a specific binary version.
 type Version struct {
-	Version version.Binary
+	Version version.Binary `json:"version"`
 }
 
 // EntityVersion specifies the tools version to be set for an entity
 // with the given tag.
 // version.Binary directly.
 type EntityVersion struct {
-	Tag   string
-	Tools *Version
+	Tag   string   `json:"tag"`
+	Tools *Version `json:"tools"`
 }
 
 // EntitiesVersion specifies what tools are being run for
 // multiple entities.
 type EntitiesVersion struct {
-	AgentTools []EntityVersion
+	AgentTools []EntityVersion `json:"agent-tools"`
 }
 
 // NotifyWatchResult holds a NotifyWatcher id and an error (if any).
 type NotifyWatchResult struct {
 	NotifyWatcherId string
-	Error           *Error
+	Error           *Error `json:"error,omitempty"`
 }
 
 // NotifyWatchResults holds the results for any API call which ends up
 // returning a list of NotifyWatchers
 type NotifyWatchResults struct {
-	Results []NotifyWatchResult
+	Results []NotifyWatchResult `json:"results"`
 }
 
 // StringsWatchResult holds a StringsWatcher id, changes and an error
 // (if any).
 type StringsWatchResult struct {
-	StringsWatcherId string
-	Changes          []string
-	Error            *Error
+	StringsWatcherId string   `json:"watcher-id"`
+	Changes          []string `json:"changes,omitempty"`
+	Error            *Error   `json:"error,omitempty"`
 }
 
 // StringsWatchResults holds the results for any API call which ends up
 // returning a list of StringsWatchers.
 type StringsWatchResults struct {
-	Results []StringsWatchResult
+	Results []StringsWatchResult `json:"results"`
 }
 
 // EntitiesWatchResult holds a EntitiesWatcher id, changes and an error
 // (if any).
 type EntitiesWatchResult struct {
 	// Note legacy serialization tag.
-	EntitiesWatcherId string   `json:"EntityWatcherId"`
-	Changes           []string `json:"Changes"`
-	Error             *Error   `json:"Error"`
+	EntitiesWatcherId string   `json:"watcher-id"`
+	Changes           []string `json:"changes,omitempty"`
+	Error             *Error   `json:"error,omitempty"`
 }
 
 // EntitiesWatchResults holds the results for any API call which ends up
 // returning a list of EntitiesWatchers.
 type EntitiesWatchResults struct {
-	Results []EntitiesWatchResult `json:"Results"`
+	Results []EntitiesWatchResult `json:"results"`
 }
 
 // UnitSettings specifies the version of some unit's settings in some relation.
 type UnitSettings struct {
-	Version int64 `json:"Version"`
+	Version int64 `json:"version"`
 }
 
 // RelationUnitsChange describes the membership and settings of; or changes to;
@@ -474,175 +499,179 @@
 
 	// Changed holds a set of units that are known to be in scope, and the
 	// latest known settings version for each.
-	Changed map[string]UnitSettings `json:"Changed"`
+	Changed map[string]UnitSettings `json:"changed"`
 
 	// Departed holds a set of units that have previously been reported to
 	// be in scope, but which no longer are.
-	Departed []string `json:"Departed"`
+	Departed []string `json:"departed,omitempty"`
 }
 
 // RelationUnitsWatchResult holds a RelationUnitsWatcher id, baseline state
 // (in the Changes field), and an error (if any).
 type RelationUnitsWatchResult struct {
-	RelationUnitsWatcherId string              `json:"RelationUnitsWatcherId"`
-	Changes                RelationUnitsChange `json:"Changes"`
-	Error                  *Error              `json:"Error"`
+	RelationUnitsWatcherId string              `json:"watcher-id"`
+	Changes                RelationUnitsChange `json:"changes"`
+	Error                  *Error              `json:"error,omitempty"`
 }
 
 // RelationUnitsWatchResults holds the results for any API call which ends up
 // returning a list of RelationUnitsWatchers.
 type RelationUnitsWatchResults struct {
-	Results []RelationUnitsWatchResult
+	Results []RelationUnitsWatchResult `json:"results"`
 }
 
 // MachineStorageIdsWatchResult holds a MachineStorageIdsWatcher id,
 // changes and an error (if any).
 type MachineStorageIdsWatchResult struct {
-	MachineStorageIdsWatcherId string
-	Changes                    []MachineStorageId
-	Error                      *Error
+	MachineStorageIdsWatcherId string             `json:"watcher-id"`
+	Changes                    []MachineStorageId `json:"changes"`
+	Error                      *Error             `json:"error,omitempty"`
 }
 
 // MachineStorageIdsWatchResults holds the results for any API call which ends
 // up returning a list of MachineStorageIdsWatchers.
 type MachineStorageIdsWatchResults struct {
-	Results []MachineStorageIdsWatchResult
+	Results []MachineStorageIdsWatchResult `json:"results"`
 }
 
 // CharmsResponse is the server response to charm upload or GET requests.
 type CharmsResponse struct {
-	Error string `json:",omitempty"`
+	Error string `json:"error,omitempty"`
 
 	// ErrorCode holds the code associated with the error.
 	// Ideally, Error would hold an Error object and the
 	// code would be in that, but for backward compatibility,
 	// we cannot do that.
-	ErrorCode string `json:",omitempty"`
+	ErrorCode string `json:"error-code,omitempty"`
 
 	// ErrorInfo holds extra information associated with the error.
 	// Like ErrorCode, this should really be in an Error object.
-	ErrorInfo *ErrorInfo
+	ErrorInfo *ErrorInfo `json:"error-info,omitempty"`
 
-	CharmURL string   `json:",omitempty"`
-	Files    []string `json:",omitempty"`
+	CharmURL string   `json:"charm-url,omitempty"`
+	Files    []string `json:"files,omitempty"`
 }
 
 // RunParams is used to provide the parameters to the Run method.
 // Commands and Timeout are expected to have values, and one or more
-// values should be in the Machines, Services, or Units slices.
+// values should be in the Machines, Applications, or Units slices.
 type RunParams struct {
-	Commands string
-	Timeout  time.Duration
-	Machines []string
-	Services []string
-	Units    []string
+	Commands     string        `json:"commands"`
+	Timeout      time.Duration `json:"timeout"`
+	Machines     []string      `json:"machines,omitempty"`
+	Applications []string      `json:"applications,omitempty"`
+	Units        []string      `json:"units,omitempty"`
 }
 
 // RunResult contains the result from an individual run call on a machine.
 // UnitId is populated if the command was run inside the unit context.
 type RunResult struct {
-	exec.ExecResponse
-	MachineId string
-	UnitId    string
-	Error     string
+	Code   int    `json:"code-id"`
+	Stdout []byte `json:"stdout,omitempty"`
+	Stderr []byte `json:"stderr,omitempty"`
+	// FIXME: should be tags not id strings
+	MachineId string `json:"machine-id"`
+	UnitId    string `json:"unit-id"`
+	Error     string `json:"error"`
 }
 
 // RunResults is used to return the slice of results.  API server side calls
 // need to return single structure values.
 type RunResults struct {
-	Results []RunResult
+	Results []RunResult `json:"results"`
 }
 
 // AgentVersionResult is used to return the current version number of the
 // agent running the API server.
 type AgentVersionResult struct {
-	Version version.Number
+	Version version.Number `json:"version"`
 }
 
 // ProvisioningInfo holds machine provisioning info.
 type ProvisioningInfo struct {
-	Constraints      constraints.Value
-	Series           string
-	Placement        string
-	Jobs             []multiwatcher.MachineJob
-	Volumes          []VolumeParams
-	Tags             map[string]string
-	SubnetsToZones   map[string][]string
-	ImageMetadata    []CloudImageMetadata
-	EndpointBindings map[string]string
+	Constraints      constraints.Value         `json:"constraints"`
+	Series           string                    `json:"series"`
+	Placement        string                    `json:"placement"`
+	Jobs             []multiwatcher.MachineJob `json:"jobs"`
+	Volumes          []VolumeParams            `json:"volumes,omitempty"`
+	Tags             map[string]string         `json:"tags,omitempty"`
+	SubnetsToZones   map[string][]string       `json:"subnets-to-zones,omitempty"`
+	ImageMetadata    []CloudImageMetadata      `json:"image-metadata,omitempty"`
+	EndpointBindings map[string]string         `json:"endpoint-bindings,omitempty"`
+	ControllerConfig map[string]interface{}    `json:"controller-config,omitempty"`
 }
 
 // ProvisioningInfoResult holds machine provisioning info or an error.
 type ProvisioningInfoResult struct {
-	Error  *Error
-	Result *ProvisioningInfo
+	Error  *Error            `json:"error,omitempty"`
+	Result *ProvisioningInfo `json:"result"`
 }
 
 // ProvisioningInfoResults holds multiple machine provisioning info results.
 type ProvisioningInfoResults struct {
-	Results []ProvisioningInfoResult
+	Results []ProvisioningInfoResult `json:"results"`
 }
 
 // Metric holds a single metric.
 type Metric struct {
-	Key   string
-	Value string
-	Time  time.Time
+	Key   string    `json:"key"`
+	Value string    `json:"value"`
+	Time  time.Time `json:"time"`
 }
 
 // MetricsParam contains the metrics for a single unit.
 type MetricsParam struct {
-	Tag     string
-	Metrics []Metric
+	Tag     string   `json:"tag"`
+	Metrics []Metric `json:"metrics"`
 }
 
 // MetricsParams contains the metrics for multiple units.
 type MetricsParams struct {
-	Metrics []MetricsParam
+	Metrics []MetricsParam `json:"metrics"`
 }
 
 // MetricBatch is a list of metrics with metadata.
 type MetricBatch struct {
-	UUID     string
-	CharmURL string
-	Created  time.Time
-	Metrics  []Metric
+	UUID     string    `json:"uuid"`
+	CharmURL string    `json:"charm-url"`
+	Created  time.Time `json:"created"`
+	Metrics  []Metric  `json:"metrics"`
 }
 
 // MetricBatchParam contains a single metric batch.
 type MetricBatchParam struct {
-	Tag   string
-	Batch MetricBatch
+	Tag   string      `json:"tag"`
+	Batch MetricBatch `json:"batch"`
 }
 
 // MetricBatchParams contains multiple metric batches.
 type MetricBatchParams struct {
-	Batches []MetricBatchParam
+	Batches []MetricBatchParam `json:"batches"`
 }
 
 // MeterStatusResult holds unit meter status or error.
 type MeterStatusResult struct {
-	Code  string
-	Info  string
-	Error *Error
+	Code  string `json:"code"`
+	Info  string `json:"info"`
+	Error *Error `json:"error,omitempty"`
 }
 
 // MeterStatusResults holds meter status results for multiple units.
 type MeterStatusResults struct {
-	Results []MeterStatusResult
+	Results []MeterStatusResult `json:"results"`
 }
 
 // SingularClaim represents a request for exclusive model administration access
 // on the part of some controller.
 type SingularClaim struct {
-	ModelTag      string        `json:"ModelTag"`
-	ControllerTag string        `json:"ControllerTag"`
-	Duration      time.Duration `json:"Duration"`
+	ModelTag      string        `json:"model-tag"`
+	ControllerTag string        `json:"controller-tag"`
+	Duration      time.Duration `json:"duration"`
 }
 
 // SingularClaims holds any number of SingularClaim~s.
 type SingularClaims struct {
-	Claims []SingularClaim `json:"Claims"`
+	Claims []SingularClaim `json:"claims"`
 }
 
 // GUIArchiveVersion holds information on a specific GUI archive version.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/leadership.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/leadership.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/leadership.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/leadership.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,22 +8,22 @@
 type ClaimLeadershipBulkParams struct {
 
 	// Params are the parameters for making a bulk leadership claim.
-	Params []ClaimLeadershipParams
+	Params []ClaimLeadershipParams `json:"params"`
 }
 
 // ClaimLeadershipParams are the parameters needed for making a
 // leadership claim.
 type ClaimLeadershipParams struct {
 
-	// ServiceTag is the service for which you want to make a
+	// ApplicationTag is the application for which you want to make a
 	// leadership claim.
-	ServiceTag string
+	ApplicationTag string `json:"application-tag"`
 
 	// UnitTag is the unit which is making the leadership claim.
-	UnitTag string
+	UnitTag string `json:"unit-tag"`
 
 	// DurationSeconds is the number of seconds for which the lease is required.
-	DurationSeconds float64
+	DurationSeconds float64 `json:"duration"`
 }
 
 // ClaimLeadershipBulkResults is the collection of results from a bulk
@@ -33,19 +33,19 @@
 // ReleaseLeadershipBulkParams is a collection of parameters needed to
 // make a bulk release leadership call.
 type ReleaseLeadershipBulkParams struct {
-	Params []ReleaseLeadershipParams
+	Params []ReleaseLeadershipParams `json:"params"`
 }
 
 // ReleaseLeadershipParams are the parameters needed to release a
 // leadership claim.
 type ReleaseLeadershipParams struct {
 
-	// ServiceTag is the service for which you want to make a
+	// ApplicationTag is the application for which you want to make a
 	// leadership claim.
-	ServiceTag string
+	ApplicationTag string `json:"application-tag"`
 
 	// UnitTag is the unit which is making the leadership claim.
-	UnitTag string
+	UnitTag string `json:"unit-tag"`
 }
 
 // ReleaseLeadershipBulkResults is a type which contains results from
@@ -55,14 +55,14 @@
 // GetLeadershipSettingsBulkResults is the collection of results from
 // a bulk request for leadership settings.
 type GetLeadershipSettingsBulkResults struct {
-	Results []GetLeadershipSettingsResult
+	Results []GetLeadershipSettingsResult `json:"results"`
 }
 
 // GetLeadershipSettingsResult is the results from requesting
 // leadership settings.
 type GetLeadershipSettingsResult struct {
-	Settings Settings
-	Error    *Error
+	Settings Settings `json:"settings"`
+	Error    *Error   `json:"error,omitempty"`
 }
 
 // MergeLeadershipSettingsBulkParams is a collection of parameters for
@@ -71,16 +71,16 @@
 
 	// Params are the parameters for making a bulk leadership settings
 	// merge.
-	Params []MergeLeadershipSettingsParam
+	Params []MergeLeadershipSettingsParam `json:"params"`
 }
 
 // MergeLeadershipSettingsParam are the parameters needed for merging
 // in leadership settings.
 type MergeLeadershipSettingsParam struct {
-	// ServiceTag is the service for which you want to merge
+	// ApplicationTag is the application for which you want to merge
 	// leadership settings.
-	ServiceTag string
+	ApplicationTag string `json:"application-tag"`
 
 	// Settings are the Leadership settings you wish to merge in.
-	Settings Settings
+	Settings Settings `json:"settings"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/logfwd.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/logfwd.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/logfwd.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/logfwd.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,72 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package params
+
+// LogForwardingID is the API data that identifies a log forwarding
+// "last sent" value. The controller has a mapping from a set of IDs
+// to a timestamp (for each ID). The timestamp corresponds to the last
+// log record that the specific log forwarding machinery sent to the
+// identified "sink" (for a given model).
+type LogForwardingID struct {
+	// ModelTag identifies the model associated with the log record.
+	ModelTag string `json:"model"`
+
+	// Sink is the name of the log forwarding target to which a log
+	// record was last sent.
+	Sink string `json:"sink"`
+}
+
+// LogForwardingGetLastSentParams holds the arguments for a call
+// to the GetLastSent method of the LogForwarding facade.
+type LogForwardingGetLastSentParams struct {
+	// IDs holds the list of IDs for which individual "last sent"
+	// timestamps should be returned (in the same order).
+	IDs []LogForwardingID `json:"ids"`
+}
+
+// LogForwardingGetLastSentResults holds the results of a call
+// to the GetLastSent method of the LogForwarding facade.
+type LogForwardingGetLastSentResults struct {
+	// Results holds the list of results that correspond to the IDs
+	// sent in a GetLastSent call.
+	Results []LogForwardingGetLastSentResult `json:"results"`
+}
+
+// LogForwardingGetLastSentResult holds a single result from a call
+// to the GetLastSent method of the LogForwarding facade.
+type LogForwardingGetLastSentResult struct {
+	// RecordID is the ID of the last log record that was
+	// forwarded for a given model and sink. If Error is set then the
+	// meaning of this value is undefined.
+	RecordID int64 `json:"record-id"`
+
+	// RecordTimestamp is the timestamp of the last log record that was
+	// forwarded for a given model and sink. If Error is set then the
+	// meaning of this value is undefined.
+	RecordTimestamp int64 `json:"record-timestamp"`
+
+	// Error holds the error, if any, that resulted while handling the
+	// request for a specific ID.
+	Error *Error `json:"err"`
+}
+
+// LogForwardingSetLastSentParams holds the arguments for a call
+// to the SetLastSent method of the LogForwarding facade.
+type LogForwardingSetLastSentParams struct {
+	// Params holds the list of individual requests for "last sent" info.
+	Params []LogForwardingSetLastSentParam `json:"params"`
+}
+
+// LogForwardingSetLastSentParams holds holds the info needed to set
+// a new "last sent" value via a call to the SetLastSent method of the
+// LogForwarding facade.
+type LogForwardingSetLastSentParam struct {
+	LogForwardingID
+
+	// RecordID identifies the record ID to set for the given ID.
+	RecordID int64 `json:"record-id"`
+
+	// RecordTimestamp identifies the record timestamp to set for the given ID.
+	RecordTimestamp int64 `json:"record-timestamp"`
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/logstream.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/logstream.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/logstream.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/logstream.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,54 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package params
+
+import (
+	"time"
+)
+
+// LogStreamRecord contains a slice of LogStreamRecords.
+type LogStreamRecords struct {
+	Records []LogStreamRecord `json:"records"`
+}
+
+// LogStreamRecord describes a single log record being streamed from
+// the server.
+type LogStreamRecord struct {
+	ID        int64     `json:"id"`
+	ModelUUID string    `json:"mid"`
+	Entity    string    `json:"ent"`
+	Version   string    `json:"ver,omitempty"`
+	Timestamp time.Time `json:"ts"`
+	Module    string    `json:"mod"`
+	Location  string    `json:"lo"`
+	Level     string    `json:"lv"`
+	Message   string    `json:"msg"`
+}
+
+// LogStreamConfig holds all the information necessary to open a
+// streaming connection to the API endpoint for reading log records.
+//
+// The field tags relate to the following 2 libraries:
+//   github.com/google/go-querystring/query (encoding)
+//   github.com/gorilla/schema (decoding)
+//
+// See apiserver/debuglog.go:debugLogParams for additional things we
+// may consider supporting here.
+type LogStreamConfig struct {
+	// AllModels indicates whether logs for all the controller's models
+	// should be included or just those of the connection's model.
+	AllModels bool `schema:"all" url:"all,omitempty"`
+
+	// Sink identifies the target to which log records will be streamed.
+	// This is used as a bookmark for where to start the next time logs
+	// are streamed for the same sink.
+	Sink string `schema:"sink" url:"sink,omitempty"`
+
+	// MaxLookbackDuration is the maximum time duration from the past to stream.
+	// It must be a valid time duration string.
+	MaxLookbackDuration string `schema:"maxlookbackduration" url:"maxlookbackduration,omitempty"`
+
+	// MaxLookbackRecords is the maximum number of log records to stream from the past.
+	MaxLookbackRecords int `schema:"maxlookbackrecords" url:"maxlookbackrecords,omitempty"`
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/migration.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/migration.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/migration.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/migration.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,7 +36,7 @@
 // model migration initiation attempt.
 type InitiateModelMigrationResult struct {
 	ModelTag string `json:"model-tag"`
-	Error    *Error `json:"error"`
+	Error    *Error `json:"error,omitempty"`
 	Id       string `json:"id"` // the ID for the migration attempt
 }
 
@@ -80,9 +80,9 @@
 
 type PhaseResult struct {
 	Phase string `json:"phase"`
-	Error *Error
+	Error *Error `json:"error,omitempty"`
 }
 
 type PhaseResults struct {
-	Results []PhaseResult `json:"Results"`
+	Results []PhaseResult `json:"results"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/model.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/model.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/model.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/model.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,54 +9,64 @@
 	"github.com/juju/version"
 )
 
+// ConfigValue encapsulates a configuration
+// value and its source.
+type ConfigValue struct {
+	Value  interface{} `json:"value"`
+	Source string      `json:"source"`
+}
+
 // ModelConfigResults contains the result of client API calls
 // to get model config values.
 type ModelConfigResults struct {
-	Config map[string]interface{}
+	Config map[string]ConfigValue `json:"config"`
 }
 
 // ModelSet contains the arguments for ModelSet client API
 // call.
 type ModelSet struct {
-	Config map[string]interface{}
+	Config map[string]interface{} `json:"config"`
 }
 
 // ModelUnset contains the arguments for ModelUnset client API
 // call.
 type ModelUnset struct {
-	Keys []string
+	Keys []string `json:"keys"`
 }
 
 // SetModelAgentVersion contains the arguments for
 // SetModelAgentVersion client API call.
 type SetModelAgentVersion struct {
-	Version version.Number
+	Version version.Number `json:"version"`
 }
 
 // ModelInfo holds information about the Juju model.
 type ModelInfo struct {
 	// The json names for the fields below are as per the older
-	// field names for backward compatability. New fields are
+	// field names for backward compatibility. New fields are
 	// camel-cased for consistency within this type only.
-	Name           string `json:"Name"`
-	UUID           string `json:"UUID"`
-	ControllerUUID string `json:"ServerUUID"`
-	ProviderType   string `json:"ProviderType"`
-	DefaultSeries  string `json:"DefaultSeries"`
+	Name            string `json:"name"`
+	UUID            string `json:"uuid"`
+	ControllerUUID  string `json:"controller-uuid"`
+	ProviderType    string `json:"provider-type"`
+	DefaultSeries   string `json:"default-series"`
+	Cloud           string `json:"cloud"`
+	CloudRegion     string `json:"cloud-region,omitempty"`
+	CloudCredential string `json:"cloud-credential,omitempty"`
 
 	// OwnerTag is the tag of the user that owns the model.
-	OwnerTag string `json:"OwnerTag"`
+	OwnerTag string `json:"owner-tag"`
 
 	// Life is the current lifecycle state of the model.
-	Life Life `json:"Life"`
+	Life Life `json:"life"`
 
 	// Status is the current status of the model.
-	Status EntityStatus `json:"Status"`
+	Status EntityStatus `json:"status"`
 
 	// Users contains information about the users that have access
 	// to the model. Owners and administrators can see all users
 	// that have access; other users can only see their own details.
-	Users []ModelUserInfo `json:"Users"`
+	Users []ModelUserInfo `json:"users"`
 }
 
 // ModelInfoResult holds the result of a ModelInfo call.
@@ -93,8 +103,8 @@
 // who have access, so it should not include sensitive information.
 type ModelUserInfo struct {
 	UserName       string                `json:"user"`
-	DisplayName    string                `json:"displayname"`
-	LastConnection *time.Time            `json:"lastconnection"`
+	DisplayName    string                `json:"display-name"`
+	LastConnection *time.Time            `json:"last-connection"`
 	Access         ModelAccessPermission `json:"access"`
 }
 
@@ -136,6 +146,7 @@
 
 // Model access permissions that may be set on a user.
 const (
+	ModelAdminAccess ModelAccessPermission = "admin"
 	ModelReadAccess  ModelAccessPermission = "read"
 	ModelWriteAccess ModelAccessPermission = "write"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/network.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/network.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/network.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,8 +4,6 @@
 package params
 
 import (
-	"net"
-
 	"github.com/juju/juju/network"
 )
 
@@ -16,39 +14,31 @@
 // Subnet describes a single subnet within a network.
 type Subnet struct {
 	// CIDR of the subnet in IPv4 or IPv6 notation.
-	CIDR string `json:"CIDR"`
+	CIDR string `json:"cidr"`
 
 	// ProviderId is the provider-specific subnet ID (if applicable).
-	ProviderId string `json:"ProviderId,omitempty"`
+	ProviderId string `json:"provider-id,omitempty"`
 
 	// VLANTag needs to be between 1 and 4094 for VLANs and 0 for
 	// normal networks. It's defined by IEEE 802.1Q standard.
-	VLANTag int `json:"VLANTag"`
+	VLANTag int `json:"vlan-tag"`
 
 	// Life is the subnet's life cycle value - Alive means the subnet
 	// is in use by one or more machines, Dying or Dead means the
 	// subnet is about to be removed.
-	Life Life `json:"Life"`
+	Life Life `json:"life"`
 
 	// SpaceTag is the Juju network space this subnet is associated
 	// with.
-	SpaceTag string `json:"SpaceTag"`
+	SpaceTag string `json:"space-tag"`
 
 	// Zones contain one or more availability zones this subnet is
 	// associated with.
-	Zones []string `json:"Zones"`
-
-	// StaticRangeLowIP (if available) is the lower bound of the
-	// subnet's static IP allocation range.
-	StaticRangeLowIP net.IP `json:"StaticRangeLowIP,omitempty"`
-
-	// StaticRangeHighIP (if available) is the higher bound of the
-	// subnet's static IP allocation range.
-	StaticRangeHighIP net.IP `json:"StaticRangeHighIP,omitempty"`
+	Zones []string `json:"zones"`
 
 	// Status returns the status of the subnet, whether it is in use, not
 	// in use or terminating.
-	Status string `json:"Status,omitempty"`
+	Status string `json:"status,omitempty"`
 }
 
 // NetworkConfig describes the necessary information to configure
@@ -59,101 +49,101 @@
 type NetworkConfig struct {
 	// DeviceIndex specifies the order in which the network interface
 	// appears on the host. The primary interface has an index of 0.
-	DeviceIndex int `json:"DeviceIndex"`
+	DeviceIndex int `json:"device-index"`
 
 	// MACAddress is the network interface's hardware MAC address
 	// (e.g. "aa:bb:cc:dd:ee:ff").
-	MACAddress string `json:"MACAddress"`
+	MACAddress string `json:"mac-address"`
 
 	// CIDR of the network, in 123.45.67.89/24 format.
-	CIDR string `json:"CIDR"`
+	CIDR string `json:"cidr"`
 
 	// MTU is the Maximum Transmission Unit controlling the maximum size of the
 	// protocol packats that the interface can pass through. It is only used
 	// when > 0.
-	MTU int `json:"MTU"`
+	MTU int `json:"mtu"`
 
 	// ProviderId is a provider-specific network interface id.
-	ProviderId string `json:"ProviderId"`
+	ProviderId string `json:"provider-id"`
 
 	// ProviderSubnetId is a provider-specific subnet id, to which the
 	// interface is attached to.
-	ProviderSubnetId string `json:"ProviderSubnetId"`
+	ProviderSubnetId string `json:"provider-subnet-id"`
 
 	// ProviderSpaceId is a provider-specific space id, to which the interface
 	// is attached to, if known and supported.
-	ProviderSpaceId string `json:"ProviderSpaceId"`
+	ProviderSpaceId string `json:"provider-space-id"`
 
 	// ProviderAddressId is the provider-specific id of the assigned address, if
 	// supported and known.
-	ProviderAddressId string `json:"ProviderAddressId"`
+	ProviderAddressId string `json:"provider-address-id"`
 
 	// ProviderVLANId is the provider-specific id of the assigned address's
 	// VLAN, if supported and known.
-	ProviderVLANId string `json:"ProviderVLANId"`
+	ProviderVLANId string `json:"provider-vlan-id"`
 
 	// VLANTag needs to be between 1 and 4094 for VLANs and 0 for
 	// normal networks. It's defined by IEEE 802.1Q standard.
-	VLANTag int `json:"VLANTag"`
+	VLANTag int `json:"vlan-tag"`
 
 	// InterfaceName is the raw OS-specific network device name (e.g.
 	// "eth1", even for a VLAN eth1.42 virtual interface).
-	InterfaceName string `json:"InterfaceName"`
+	InterfaceName string `json:"interface-name"`
 
 	// ParentInterfaceName is the name of the parent interface to use, if known.
-	ParentInterfaceName string `json:"ParentInterfaceName"`
+	ParentInterfaceName string `json:"parent-interface-name"`
 
 	// InterfaceType is the type of the interface.
-	InterfaceType string `json:"InterfaceType"`
+	InterfaceType string `json:"interface-type"`
 
 	// Disabled is true when the interface needs to be disabled on the
 	// machine, e.g. not to configure it at all or stop it if running.
-	Disabled bool `json:"Disabled"`
+	Disabled bool `json:"disabled"`
 
 	// NoAutoStart is true when the interface should not be configured
 	// to start automatically on boot. By default and for
 	// backwards-compatibility, interfaces are configured to
 	// auto-start.
-	NoAutoStart bool `json:"NoAutoStart,omitempty"`
+	NoAutoStart bool `json:"no-auto-start,omitempty"`
 
 	// ConfigType, if set, defines what type of configuration to use.
 	// See network.InterfaceConfigType for more info. If not set, for
 	// backwards-compatibility, "dhcp" is assumed.
-	ConfigType string `json:"ConfigType,omitempty"`
+	ConfigType string `json:"config-type,omitempty"`
 
 	// Address contains an optional static IP address to configure for
 	// this network interface. The subnet mask to set will be inferred
 	// from the CIDR value.
-	Address string `json:"Address,omitempty"`
+	Address string `json:"address,omitempty"`
 
 	// DNSServers contains an optional list of IP addresses and/or
 	// hostnames to configure as DNS servers for this network
 	// interface.
-	DNSServers []string `json:"DNSServers,omitempty"`
+	DNSServers []string `json:"dns-servers,omitempty"`
 
 	// DNSServers contains an optional list of IP addresses and/or
 	// hostnames to configure as DNS servers for this network
 	// interface.
-	DNSSearchDomains []string `json:"DNSSearchDomains,omitempty"`
+	DNSSearchDomains []string `json:"dns-search-domains,omitempty"`
 
 	// Gateway address, if set, defines the default gateway to
 	// configure for this network interface. For containers this
 	// usually (one of) the host address(es).
-	GatewayAddress string `json:"GatewayAddress,omitempty"`
+	GatewayAddress string `json:"gateway-address,omitempty"`
 }
 
 // NetworkConfigs holds the network configuration for multiple networks
 type NetworkConfigs struct {
-	Results []NetworkConfig
-	Errors  []error
+	Results []NetworkConfig `json:"results"`
+	Errors  []error         `json:"errors,omitempty"`
 }
 
 // Port encapsulates a protocol and port number. It is used in API
 // requests/responses. See also network.Port, from/to which this is
 // transformed.
 type Port struct {
-	Protocol string `json:"Protocol"`
-	Number   int    `json:"Number"`
+	Protocol string `json:"protocol"`
+	Number   int    `json:"number"`
 }
 
 // FromNetworkPort is a convenience helper to create a parameter
@@ -178,9 +168,9 @@
 // requests/responses. See also network.PortRange, from/to which this is
 // transformed.
 type PortRange struct {
-	FromPort int    `json:"FromPort"`
-	ToPort   int    `json:"ToPort"`
-	Protocol string `json:"Protocol"`
+	FromPort int    `json:"from-port"`
+	ToPort   int    `json:"to-port"`
+	Protocol string `json:"protocol"`
 }
 
 // FromNetworkPortRange is a convenience helper to create a parameter
@@ -205,29 +195,29 @@
 
 // EntityPort holds an entity's tag, a protocol and a port.
 type EntityPort struct {
-	Tag      string `json:"Tag"`
-	Protocol string `json:"Protocol"`
-	Port     int    `json:"Port"`
+	Tag      string `json:"tag"`
+	Protocol string `json:"protocol"`
+	Port     int    `json:"port"`
 }
 
 // EntitiesPorts holds the parameters for making an OpenPort or
 // ClosePort on some entities.
 type EntitiesPorts struct {
-	Entities []EntityPort `json:"Entities"`
+	Entities []EntityPort `json:"entities"`
 }
 
 // EntityPortRange holds an entity's tag, a protocol and a port range.
 type EntityPortRange struct {
-	Tag      string `json:"Tag"`
-	Protocol string `json:"Protocol"`
-	FromPort int    `json:"FromPort"`
-	ToPort   int    `json:"ToPort"`
+	Tag      string `json:"tag"`
+	Protocol string `json:"protocol"`
+	FromPort int    `json:"from-port"`
+	ToPort   int    `json:"to-port"`
 }
 
 // EntitiesPortRanges holds the parameters for making an OpenPorts or
 // ClosePorts on some entities.
 type EntitiesPortRanges struct {
-	Entities []EntityPortRange `json:"Entities"`
+	Entities []EntityPortRange `json:"entities"`
 }
 
 // Address represents the location of a machine, including metadata
@@ -235,10 +225,10 @@
 // the API requests/responses. See also network.Address, from/to
 // which this is transformed.
 type Address struct {
-	Value     string `json:"Value"`
-	Type      string `json:"Type"`
-	Scope     string `json:"Scope"`
-	SpaceName string `json:"SpaceName,omitempty"`
+	Value     string `json:"value"`
+	Type      string `json:"type"`
+	Scope     string `json:"scope"`
+	SpaceName string `json:"space-name,omitempty"`
 }
 
 // FromNetworkAddress is a convenience helper to create a parameter
@@ -265,7 +255,7 @@
 
 // FromNetworkAddresses is a convenience helper to create a parameter
 // out of the network type, here for a slice of Address.
-func FromNetworkAddresses(naddrs []network.Address) []Address {
+func FromNetworkAddresses(naddrs ...network.Address) []Address {
 	addrs := make([]Address, len(naddrs))
 	for i, naddr := range naddrs {
 		addrs[i] = FromNetworkAddress(naddr)
@@ -275,7 +265,7 @@
 
 // NetworkAddresses is a convenience helper to return the parameter
 // as network type, here for a slice of Address.
-func NetworkAddresses(addrs []Address) []network.Address {
+func NetworkAddresses(addrs ...Address) []network.Address {
 	naddrs := make([]network.Address, len(addrs))
 	for i, addr := range addrs {
 		naddrs[i] = addr.NetworkAddress()
@@ -288,7 +278,7 @@
 // which this is transformed.
 type HostPort struct {
 	Address
-	Port int `json:"Port"`
+	Port int `json:"port"`
 }
 
 // FromNetworkHostPort is a convenience helper to create a parameter
@@ -346,60 +336,60 @@
 // UnitsNetworkConfig holds the parameters for calling Uniter.NetworkConfig()
 // API.
 type UnitsNetworkConfig struct {
-	Args []UnitNetworkConfig `json:"Args"`
+	Args []UnitNetworkConfig `json:"args"`
 }
 
 // UnitNetworkConfig holds a unit tag and an endpoint binding name.
 type UnitNetworkConfig struct {
-	UnitTag     string `json:"UnitTag"`
-	BindingName string `json:"BindingName"`
+	UnitTag     string `json:"unit-tag"`
+	BindingName string `json:"binding-name"`
 }
 
 // MachineAddresses holds an machine tag and addresses.
 type MachineAddresses struct {
-	Tag       string    `json:"Tag"`
-	Addresses []Address `json:"Addresses"`
+	Tag       string    `json:"tag"`
+	Addresses []Address `json:"addresses"`
 }
 
 // SetMachinesAddresses holds the parameters for making an
 // API call to update machine addresses.
 type SetMachinesAddresses struct {
-	MachineAddresses []MachineAddresses `json:"MachineAddresses"`
+	MachineAddresses []MachineAddresses `json:"machine-addresses"`
 }
 
 // SetMachineNetworkConfig holds the parameters for making an API call to update
 // machine network config.
 type SetMachineNetworkConfig struct {
-	Tag    string          `json:"Tag"`
-	Config []NetworkConfig `json:"Config"`
+	Tag    string          `json:"tag"`
+	Config []NetworkConfig `json:"config"`
 }
 
 // MachineAddressesResult holds a list of machine addresses or an
 // error.
 type MachineAddressesResult struct {
-	Error     *Error    `json:"Error"`
-	Addresses []Address `json:"Addresses"`
+	Error     *Error    `json:"error,omitempty"`
+	Addresses []Address `json:"addresses"`
 }
 
 // MachineAddressesResults holds the results of calling an API method
 // returning a list of addresses per machine.
 type MachineAddressesResults struct {
-	Results []MachineAddressesResult `json:"Results"`
+	Results []MachineAddressesResult `json:"results"`
 }
 
 // MachinePortRange holds a single port range open on a machine for
 // the given unit and relation tags.
 type MachinePortRange struct {
-	UnitTag     string    `json:"UnitTag"`
-	RelationTag string    `json:"RelationTag"`
-	PortRange   PortRange `json:"PortRange"`
+	UnitTag     string    `json:"unit-tag"`
+	RelationTag string    `json:"relation-tag"`
+	PortRange   PortRange `json:"port-range"`
 }
 
 // MachinePorts holds a machine and subnet tags. It's used when referring to
 // opened ports on the machine for a subnet.
 type MachinePorts struct {
-	MachineTag string `json:"MachineTag"`
-	SubnetTag  string `json:"SubnetTag"`
+	MachineTag string `json:"machine-tag"`
+	SubnetTag  string `json:"subnet-tag"`
 }
 
 // -----
@@ -409,68 +399,68 @@
 // PortsResults holds the bulk operation result of an API call
 // that returns a slice of Port.
 type PortsResults struct {
-	Results []PortsResult `json:"Results"`
+	Results []PortsResult `json:"results"`
 }
 
 // PortsResult holds the result of an API call that returns a slice
 // of Port or an error.
 type PortsResult struct {
-	Error *Error `json:"Error"`
-	Ports []Port `json:"Ports"`
+	Error *Error `json:"error,omitempty"`
+	Ports []Port `json:"ports"`
 }
 
 // UnitNetworkConfigResult holds network configuration for a single unit.
 type UnitNetworkConfigResult struct {
-	Error *Error `json:"Error"`
+	Error *Error `json:"error,omitempty"`
 
 	// Tagged to Info due to compatibility reasons.
-	Config []NetworkConfig `json:"Info"`
+	Config []NetworkConfig `json:"info"`
 }
 
 // UnitNetworkConfigResults holds network configuration for multiple machines.
 type UnitNetworkConfigResults struct {
-	Results []UnitNetworkConfigResult `json:"Results"`
+	Results []UnitNetworkConfigResult `json:"results"`
 }
 
 // MachineNetworkConfigResult holds network configuration for a single machine.
 type MachineNetworkConfigResult struct {
-	Error *Error `json:"Error"`
+	Error *Error `json:"error,omitempty"`
 
 	// Tagged to Info due to compatibility reasons.
-	Config []NetworkConfig `json:"Info"`
+	Config []NetworkConfig `json:"info"`
 }
 
 // MachineNetworkConfigResults holds network configuration for multiple machines.
 type MachineNetworkConfigResults struct {
-	Results []MachineNetworkConfigResult `json:"Results"`
+	Results []MachineNetworkConfigResult `json:"results"`
 }
 
 // MachinePortsParams holds the arguments for making a
 // FirewallerAPIV1.GetMachinePorts() API call.
 type MachinePortsParams struct {
-	Params []MachinePorts `json:"Params"`
+	Params []MachinePorts `json:"params"`
 }
 
 // MachinePortsResult holds a single result of the
 // FirewallerAPIV1.GetMachinePorts() and UniterAPI.AllMachinePorts()
 // API calls.
 type MachinePortsResult struct {
-	Error *Error             `json:"Error"`
-	Ports []MachinePortRange `json:"Ports"`
+	Error *Error             `json:"error,omitempty"`
+	Ports []MachinePortRange `json:"ports"`
 }
 
 // MachinePortsResults holds all the results of the
 // FirewallerAPIV1.GetMachinePorts() and UniterAPI.AllMachinePorts()
 // API calls.
 type MachinePortsResults struct {
-	Results []MachinePortsResult `json:"Results"`
+	Results []MachinePortsResult `json:"results"`
 }
 
 // APIHostPortsResult holds the result of an APIHostPorts
 // call. Each element in the top level slice holds
 // the addresses for one API server.
 type APIHostPortsResult struct {
-	Servers [][]HostPort `json:"Servers"`
+	Servers [][]HostPort `json:"servers"`
 }
 
 // NetworkHostsPorts is a convenience helper to return the contained
@@ -482,43 +472,43 @@
 // ZoneResult holds the result of an API call that returns an
 // availability zone name and whether it's available for use.
 type ZoneResult struct {
-	Error     *Error `json:"Error"`
-	Name      string `json:"Name"`
-	Available bool   `json:"Available"`
+	Error     *Error `json:"error,omitempty"`
+	Name      string `json:"name"`
+	Available bool   `json:"available"`
 }
 
 // ZoneResults holds multiple ZoneResult results
 type ZoneResults struct {
-	Results []ZoneResult `json:"Results"`
+	Results []ZoneResult `json:"results"`
 }
 
 // SpaceResult holds a single space tag or an error.
 type SpaceResult struct {
-	Error *Error `json:"Error"`
-	Tag   string `json:"Tag"`
+	Error *Error `json:"error,omitempty"`
+	Tag   string `json:"tag"`
 }
 
 // SpaceResults holds the bulk operation result of an API call
 // that returns space tags or an errors.
 type SpaceResults struct {
-	Results []SpaceResult `json:"Results"`
+	Results []SpaceResult `json:"results"`
 }
 
 // ListSubnetsResults holds the result of a ListSubnets API call.
 type ListSubnetsResults struct {
-	Results []Subnet `json:"Results"`
+	Results []Subnet `json:"results"`
 }
 
 // SubnetsFilters holds an optional SpaceTag and Zone for filtering
 // the subnets returned by a ListSubnets call.
 type SubnetsFilters struct {
-	SpaceTag string `json:"SpaceTag,omitempty"`
-	Zone     string `json:"Zone,omitempty"`
+	SpaceTag string `json:"space-tag,omitempty"`
+	Zone     string `json:"zone,omitempty"`
 }
 
 // AddSubnetsParams holds the arguments of AddSubnets API call.
 type AddSubnetsParams struct {
-	Subnets []AddSubnetParams `json:"Subnets"`
+	Subnets []AddSubnetParams `json:"subnets"`
 }
 
 // AddSubnetParams holds a subnet and space tags, subnet provider ID,
@@ -526,81 +516,81 @@
 // SubnetProviderId must be set, but not both. Zones can be empty if
 // they can be discovered
 type AddSubnetParams struct {
-	SubnetTag        string   `json:"SubnetTag,omitempty"`
-	SubnetProviderId string   `json:"SubnetProviderId,omitempty"`
-	SpaceTag         string   `json:"SpaceTag"`
-	Zones            []string `json:"Zones,omitempty"`
+	SubnetTag        string   `json:"subnet-tag,omitempty"`
+	SubnetProviderId string   `json:"subnet-provider-id,omitempty"`
+	SpaceTag         string   `json:"space-tag"`
+	Zones            []string `json:"zones,omitempty"`
 }
 
 // CreateSubnetsParams holds the arguments of CreateSubnets API call.
 type CreateSubnetsParams struct {
-	Subnets []CreateSubnetParams `json:"Subnets"`
+	Subnets []CreateSubnetParams `json:"subnets"`
 }
 
 // CreateSubnetParams holds a subnet and space tags, vlan tag,
 // and a list of zones to associate the subnet to.
 type CreateSubnetParams struct {
-	SubnetTag string   `json:"SubnetTag,omitempty"`
-	SpaceTag  string   `json:"SpaceTag"`
-	Zones     []string `json:"Zones,omitempty"`
-	VLANTag   int      `json:"VLANTag,omitempty"`
-	IsPublic  bool     `json:"IsPublic"`
+	SubnetTag string   `json:"subnet-tag,omitempty"`
+	SpaceTag  string   `json:"space-tag"`
+	Zones     []string `json:"zones,omitempty"`
+	VLANTag   int      `json:"vlan-tag,omitempty"`
+	IsPublic  bool     `json:"is-public"`
 }
 
 // CreateSpacesParams olds the arguments of the AddSpaces API call.
 type CreateSpacesParams struct {
-	Spaces []CreateSpaceParams `json:"Spaces"`
+	Spaces []CreateSpaceParams `json:"spaces"`
 }
 
 // CreateSpaceParams holds the space tag and at least one subnet
 // tag required to create a new space.
 type CreateSpaceParams struct {
-	SubnetTags []string `json:"SubnetTags"`
-	SpaceTag   string   `json:"SpaceTag"`
-	Public     bool     `json:"Public"`
-	ProviderId string   `json:"ProviderId,omitempty"`
+	SubnetTags []string `json:"subnet-tags"`
+	SpaceTag   string   `json:"space-tag"`
+	Public     bool     `json:"public"`
+	ProviderId string   `json:"provider-id,omitempty"`
 }
 
 // ListSpacesResults holds the list of all available spaces.
 type ListSpacesResults struct {
-	Results []Space `json:"Results"`
+	Results []Space `json:"results"`
 }
 
 // Space holds the information about a single space and its associated subnets.
 type Space struct {
-	Name    string   `json:"Name"`
-	Subnets []Subnet `json:"Subnets"`
-	Error   *Error   `json:"Error,omitempty"`
+	Name    string   `json:"name"`
+	Subnets []Subnet `json:"subnets"`
+	Error   *Error   `json:"error,omitempty"`
 }
 
 // DiscoverSpacesResults holds the list of all provider spaces.
 type DiscoverSpacesResults struct {
-	Results []ProviderSpace `json:"Results"`
+	Results []ProviderSpace `json:"results"`
 }
 
 // ProviderSpace holds the information about a single space and its associated subnets.
 type ProviderSpace struct {
-	Name       string   `json:"Name"`
-	ProviderId string   `json:"ProviderId"`
-	Subnets    []Subnet `json:"Subnets"`
-	Error      *Error   `json:"Error,omitempty"`
+	Name       string   `json:"name"`
+	ProviderId string   `json:"provider-id"`
+	Subnets    []Subnet `json:"subnets"`
+	Error      *Error   `json:"error,omitempty"`
 }
 
 type ProxyConfig struct {
-	HTTP    string `json:"HTTP"`
-	HTTPS   string `json:"HTTPS"`
-	FTP     string `json:"FTP"`
-	NoProxy string `json:"NoProxy"`
+	HTTP    string `json:"http"`
+	HTTPS   string `json:"https"`
+	FTP     string `json:"ftp"`
+	NoProxy string `json:"no-proxy"`
 }
 
 // ProxyConfigResult contains information needed to configure a clients proxy settings
 type ProxyConfigResult struct {
-	ProxySettings    ProxyConfig `json:"ProxySettings"`
-	APTProxySettings ProxyConfig `json:"APTProxySettings"`
-	Error            *Error      `json:"Error,omitempty"`
+	ProxySettings    ProxyConfig `json:"proxy-settings"`
+	APTProxySettings ProxyConfig `json:"apt-proxy-settings"`
+	Error            *Error      `json:"error,omitempty"`
 }
 
 // ProxyConfigResults contains information needed to configure multiple clients proxy settings
 type ProxyConfigResults struct {
-	Results []ProxyConfigResult `json:"Results"`
+	Results []ProxyConfigResult `json:"results"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/network_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/network_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/network_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/network_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -44,16 +44,20 @@
 		return pr
 	}
 	mkResults := func(rs ...interface{}) M {
-		return M{"Results": rs}
+		return M{"results": rs}
 	}
 	mkResult := func(err, ports interface{}) M {
-		return M{"Error": err, "Ports": ports}
+		result := M{"ports": ports}
+		if err != nil {
+			result["error"] = err
+		}
+		return result
 	}
 	mkError := func(msg, code string) M {
-		return M{"Message": msg, "Code": code}
+		return M{"message": msg, "code": code}
 	}
 	mkPort := func(prot string, num int) M {
-		return M{"Protocol": prot, "Number": num}
+		return M{"protocol": prot, "number": num}
 	}
 	// Tests.
 	tests := []struct {
@@ -99,10 +103,10 @@
 func (s *NetworkSuite) TestHostPort(c *gc.C) {
 	mkHostPort := func(v, t, s string, p int) M {
 		return M{
-			"Value": v,
-			"Type":  t,
-			"Scope": s,
-			"Port":  p,
+			"value": v,
+			"type":  t,
+			"scope": s,
+			"port":  p,
 		}
 	}
 	tests := []struct {
@@ -175,12 +179,12 @@
 func (s *NetworkSuite) TestMachinePortRange(c *gc.C) {
 	mkPortRange := func(u, r string, f, t int, p string) M {
 		return M{
-			"UnitTag":     u,
-			"RelationTag": r,
-			"PortRange": M{
-				"FromPort": f,
-				"ToPort":   t,
-				"Protocol": p,
+			"unit-tag":     u,
+			"relation-tag": r,
+			"port-range": M{
+				"from-port": f,
+				"to-port":   t,
+				"protocol":  p,
 			},
 		}
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/params.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/params.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/params.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/params.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,12 +9,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/loggo"
 	"github.com/juju/replicaset"
 	"github.com/juju/utils/proxy"
 	"github.com/juju/utils/ssh"
 	"github.com/juju/version"
-	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/constraints"
@@ -40,24 +38,24 @@
 
 // Entity identifies a single entity.
 type Entity struct {
-	Tag string
+	Tag string `json:"tag"`
 }
 
 // Entities identifies multiple entities.
 type Entities struct {
-	Entities []Entity
+	Entities []Entity `json:"entities"`
 }
 
 // EntityPasswords holds the parameters for making a SetPasswords call.
 type EntityPasswords struct {
-	Changes []EntityPassword
+	Changes []EntityPassword `json:"changes"`
 }
 
 // EntityPassword specifies a password change for the entity
 // with the given tag.
 type EntityPassword struct {
-	Tag      string
-	Password string
+	Tag      string `json:"tag"`
+	Password string `json:"password"`
 }
 
 // ErrorResults holds the results of calling a bulk operation which
@@ -65,7 +63,7 @@
 // number of elements matches the operations specified in the request.
 type ErrorResults struct {
 	// Results contains the error results from each operation.
-	Results []ErrorResult
+	Results []ErrorResult `json:"results"`
 }
 
 // OneError returns the error from the result
@@ -98,61 +96,61 @@
 
 // ErrorResult holds the error status of a single operation.
 type ErrorResult struct {
-	Error *Error
+	Error *Error `json:"error,omitempty"`
 }
 
 // AddRelation holds the parameters for making the AddRelation call.
 // The endpoints specified are unordered.
 type AddRelation struct {
-	Endpoints []string
+	Endpoints []string `json:"endpoints"`
 }
 
 // AddRelationResults holds the results of a AddRelation call. The Endpoints
-// field maps service names to the involved endpoints.
+// field maps application names to the involved endpoints.
 type AddRelationResults struct {
-	Endpoints map[string]charm.Relation
+	Endpoints map[string]CharmRelation `json:"endpoints"`
 }
 
 // DestroyRelation holds the parameters for making the DestroyRelation call.
 // The endpoints specified are unordered.
 type DestroyRelation struct {
-	Endpoints []string
+	Endpoints []string `json:"endpoints"`
 }
 
 // AddCharm holds the arguments for making an AddCharm API call.
 type AddCharm struct {
-	URL     string
-	Channel string
+	URL     string `json:"url"`
+	Channel string `json:"channel"`
 }
 
 // AddCharmWithAuthorization holds the arguments for making an AddCharmWithAuthorization API call.
 type AddCharmWithAuthorization struct {
-	URL                string
-	Channel            string
-	CharmStoreMacaroon *macaroon.Macaroon
+	URL                string             `json:"url"`
+	Channel            string             `json:"channel"`
+	CharmStoreMacaroon *macaroon.Macaroon `json:"macaroon"`
 }
 
 // AddMachineParams encapsulates the parameters used to create a new machine.
 type AddMachineParams struct {
 	// The following fields hold attributes that will be given to the
 	// new machine when it is created.
-	Series      string                    `json:"Series"`
-	Constraints constraints.Value         `json:"Constraints"`
-	Jobs        []multiwatcher.MachineJob `json:"Jobs"`
+	Series      string                    `json:"series"`
+	Constraints constraints.Value         `json:"constraints"`
+	Jobs        []multiwatcher.MachineJob `json:"jobs"`
 
 	// Disks describes constraints for disks that must be attached to
 	// the machine when it is provisioned.
-	Disks []storage.Constraints `json:"Disks"`
+	Disks []storage.Constraints `json:"disks,omitempty"`
 
 	// If Placement is non-nil, it contains a placement directive
 	// that will be used to decide how to instantiate the machine.
-	Placement *instance.Placement `json:"Placement"`
+	Placement *instance.Placement `json:"placement,omitempty"`
 
 	// If ParentId is non-empty, it specifies the id of the
 	// parent machine within which the new machine will
 	// be created. In that case, ContainerType must also be
 	// set.
-	ParentId string `json:"ParentId"`
+	ParentId string `json:"parent-id"`
 
 	// ContainerType optionally gives the container type of the
 	// new machine. If it is non-empty, the new machine
@@ -160,214 +158,215 @@
 	// but ParentId is empty, a new top level machine will
 	// be created to hold the container with given series,
 	// constraints and jobs.
-	ContainerType instance.ContainerType `json:"ContainerType"`
+	ContainerType instance.ContainerType `json:"container-type"`
 
 	// If InstanceId is non-empty, it will be associated with
 	// the new machine along with the given nonce,
 	// hardware characteristics and addresses.
 	// All the following fields will be ignored if ContainerType
 	// is set.
-	InstanceId              instance.Id                      `json:"InstanceId"`
-	Nonce                   string                           `json:"Nonce"`
-	HardwareCharacteristics instance.HardwareCharacteristics `json:"HardwareCharacteristics"`
-	Addrs                   []Address                        `json:"Addrs"`
+	InstanceId              instance.Id                      `json:"instance-id"`
+	Nonce                   string                           `json:"nonce"`
+	HardwareCharacteristics instance.HardwareCharacteristics `json:"hardware-characteristics"`
+	Addrs                   []Address                        `json:"addresses"`
 }
 
 // AddMachines holds the parameters for making the AddMachines call.
 type AddMachines struct {
-	MachineParams []AddMachineParams `json:"MachineParams"`
+	MachineParams []AddMachineParams `json:"params"`
 }
 
 // AddMachinesResults holds the results of an AddMachines call.
 type AddMachinesResults struct {
-	Machines []AddMachinesResult `json:"Machines"`
+	Machines []AddMachinesResult `json:"machines"`
 }
 
 // AddMachinesResult holds the name of a machine added by the
 // api.client.AddMachine call for a single machine.
 type AddMachinesResult struct {
-	Machine string `json:"Machine"`
-	Error   *Error `json:"Error"`
+	Machine string `json:"machine"`
+	Error   *Error `json:"error,omitempty"`
 }
 
 // DestroyMachines holds parameters for the DestroyMachines call.
 type DestroyMachines struct {
-	MachineNames []string
-	Force        bool
+	MachineNames []string `json:"machine-names"`
+	Force        bool     `json:"force"`
 }
 
-// ServicesDeploy holds the parameters for deploying one or more services.
-type ServicesDeploy struct {
-	Services []ServiceDeploy
-}
-
-// ServiceDeploy holds the parameters for making the service Deploy call.
-type ServiceDeploy struct {
-	ServiceName      string
-	Series           string
-	CharmUrl         string
-	Channel          string
-	NumUnits         int
-	Config           map[string]string
-	ConfigYAML       string // Takes precedence over config if both are present.
-	Constraints      constraints.Value
-	Placement        []*instance.Placement
-	Storage          map[string]storage.Constraints
-	EndpointBindings map[string]string
-	Resources        map[string]string
-}
-
-// ServiceUpdate holds the parameters for making the service Update call.
-type ServiceUpdate struct {
-	ServiceName     string
-	CharmUrl        string
-	ForceCharmUrl   bool
-	ForceSeries     bool
-	MinUnits        *int
-	SettingsStrings map[string]string
-	SettingsYAML    string // Takes precedence over SettingsStrings if both are present.
-	Constraints     *constraints.Value
-}
-
-// ServiceSetCharm sets the charm for a given service.
-type ServiceSetCharm struct {
-	// ServiceName is the name of the service to set the charm on.
-	ServiceName string `json:"servicename"`
+// ApplicationsDeploy holds the parameters for deploying one or more applications.
+type ApplicationsDeploy struct {
+	Applications []ApplicationDeploy `json:"applications"`
+}
+
+// ApplicationDeploy holds the parameters for making the application Deploy call.
+type ApplicationDeploy struct {
+	ApplicationName  string                         `json:"application"`
+	Series           string                         `json:"series"`
+	CharmUrl         string                         `json:"charm-url"`
+	Channel          string                         `json:"channel"`
+	NumUnits         int                            `json:"num-units"`
+	Config           map[string]string              `json:"config,omitempty"`
+	ConfigYAML       string                         `json:"config-yaml"` // Takes precedence over config if both are present.
+	Constraints      constraints.Value              `json:"constraints"`
+	Placement        []*instance.Placement          `json:"placement,omitempty"`
+	Storage          map[string]storage.Constraints `json:"storage,omitempty"`
+	EndpointBindings map[string]string              `json:"endpoint-bindings,omitempty"`
+	Resources        map[string]string              `json:"resources,omitempty"`
+}
+
+// ApplicationUpdate holds the parameters for making the application Update call.
+type ApplicationUpdate struct {
+	ApplicationName string             `json:"application"`
+	CharmUrl        string             `json:"charm-url"`
+	ForceCharmUrl   bool               `json:"force-charm-url"`
+	ForceSeries     bool               `json:"force-series"`
+	MinUnits        *int               `json:"min-units,omitempty"`
+	SettingsStrings map[string]string  `json:"settings,omitempty"`
+	SettingsYAML    string             `json:"settings-yaml"` // Takes precedence over SettingsStrings if both are present.
+	Constraints     *constraints.Value `json:"constraints,omitempty"`
+}
+
+// ApplicationSetCharm sets the charm for a given application.
+type ApplicationSetCharm struct {
+	// ApplicationName is the name of the application to set the charm on.
+	ApplicationName string `json:"application"`
 	// CharmUrl is the new url for the charm.
-	CharmUrl string `json:"charmurl"`
+	CharmUrl string `json:"charm-url"`
 	// Channel is the charm store channel from which the charm came.
-	Channel string `json:"cs-channel"`
+	Channel string `json:"channel"`
 	// ForceUnits forces the upgrade on units in an error state.
-	ForceUnits bool `json:"forceunits"`
+	ForceUnits bool `json:"force-units"`
 	// ForceSeries forces the use of the charm even if it doesn't match the
 	// series of the unit.
-	ForceSeries bool `json:"forceseries"`
+	ForceSeries bool `json:"force-series"`
 	// ResourceIDs is a map of resource names to resource IDs to activate during
 	// the upgrade.
-	ResourceIDs map[string]string `json:"resourceids"`
+	ResourceIDs map[string]string `json:"resource-ids,omitempty"`
 }
 
-// ServiceExpose holds the parameters for making the service Expose call.
-type ServiceExpose struct {
-	ServiceName string
+// ApplicationExpose holds the parameters for making the application Expose call.
+type ApplicationExpose struct {
+	ApplicationName string `json:"application"`
 }
 
-// ServiceSet holds the parameters for a service Set
+// ApplicationSet holds the parameters for an application Set
 // command. Options contains the configuration data.
-type ServiceSet struct {
-	ServiceName string
-	Options     map[string]string
+type ApplicationSet struct {
+	ApplicationName string            `json:"application"`
+	Options         map[string]string `json:"options"`
 }
 
-// ServiceUnset holds the parameters for a service Unset
+// ApplicationUnset holds the parameters for an application Unset
 // command. Options contains the option attribute names
 // to unset.
-type ServiceUnset struct {
-	ServiceName string
-	Options     []string
+type ApplicationUnset struct {
+	ApplicationName string   `json:"application"`
+	Options         []string `json:"options"`
 }
 
-// ServiceGet holds parameters for making the Get or
+// ApplicationGet holds parameters for making the Get or
 // GetCharmURL calls.
-type ServiceGet struct {
-	ServiceName string
+type ApplicationGet struct {
+	ApplicationName string `json:"application"`
 }
 
-// ServiceGetResults holds results of the service Get call.
-type ServiceGetResults struct {
-	Service     string
-	Charm       string
-	Config      map[string]interface{}
-	Constraints constraints.Value
+// ApplicationGetResults holds results of the application Get call.
+type ApplicationGetResults struct {
+	Application string                 `json:"application"`
+	Charm       string                 `json:"charm"`
+	Config      map[string]interface{} `json:"config"`
+	Constraints constraints.Value      `json:"constraints"`
+	Series      string                 `json:"series"`
 }
 
-// ServiceCharmRelations holds parameters for making the service CharmRelations call.
-type ServiceCharmRelations struct {
-	ServiceName string
+// ApplicationCharmRelations holds parameters for making the application CharmRelations call.
+type ApplicationCharmRelations struct {
+	ApplicationName string `json:"application"`
 }
 
-// ServiceCharmRelationsResults holds the results of the service CharmRelations call.
-type ServiceCharmRelationsResults struct {
-	CharmRelations []string
+// ApplicationCharmRelationsResults holds the results of the application CharmRelations call.
+type ApplicationCharmRelationsResults struct {
+	CharmRelations []string `json:"charm-relations"`
 }
 
-// ServiceUnexpose holds parameters for the service Unexpose call.
-type ServiceUnexpose struct {
-	ServiceName string
+// ApplicationUnexpose holds parameters for the application Unexpose call.
+type ApplicationUnexpose struct {
+	ApplicationName string `json:"application"`
 }
 
-// ServiceMetricCredential holds parameters for the SetServiceCredentials call.
-type ServiceMetricCredential struct {
-	ServiceName       string
-	MetricCredentials []byte
+// ApplicationMetricCredential holds parameters for the SetApplicationCredentials call.
+type ApplicationMetricCredential struct {
+	ApplicationName   string `json:"application"`
+	MetricCredentials []byte `json:"metrics-credentials"`
 }
 
-// ServiceMetricCredentials holds multiple ServiceMetricCredential parameters.
-type ServiceMetricCredentials struct {
-	Creds []ServiceMetricCredential
+// ApplicationMetricCredentials holds multiple ApplicationMetricCredential parameters.
+type ApplicationMetricCredentials struct {
+	Creds []ApplicationMetricCredential `json:"creds"`
 }
 
 // PublicAddress holds parameters for the PublicAddress call.
 type PublicAddress struct {
-	Target string
+	Target string `json:"target"`
 }
 
 // PublicAddressResults holds results of the PublicAddress call.
 type PublicAddressResults struct {
-	PublicAddress string
+	PublicAddress string `json:"public-address"`
 }
 
 // PrivateAddress holds parameters for the PrivateAddress call.
 type PrivateAddress struct {
-	Target string
+	Target string `json:"target"`
 }
 
 // PrivateAddressResults holds results of the PrivateAddress call.
 type PrivateAddressResults struct {
-	PrivateAddress string
+	PrivateAddress string `json:"private-address"`
 }
 
 // Resolved holds parameters for the Resolved call.
 type Resolved struct {
-	UnitName string
-	Retry    bool
+	UnitName string `json:"unit-name"`
+	Retry    bool   `json:"retry"`
 }
 
 // ResolvedResults holds results of the Resolved call.
 type ResolvedResults struct {
-	Service  string
-	Charm    string
-	Settings map[string]interface{}
+	Application string                 `json:"application"`
+	Charm       string                 `json:"charm"`
+	Settings    map[string]interface{} `json:"settings"`
 }
 
-// AddServiceUnitsResults holds the names of the units added by the
+// AddApplicationUnitsResults holds the names of the units added by the
 // AddUnits call.
-type AddServiceUnitsResults struct {
-	Units []string
+type AddApplicationUnitsResults struct {
+	Units []string `json:"units"`
 }
 
-// AddServiceUnits holds parameters for the AddUnits call.
-type AddServiceUnits struct {
-	ServiceName string
-	NumUnits    int
-	Placement   []*instance.Placement
+// AddApplicationUnits holds parameters for the AddUnits call.
+type AddApplicationUnits struct {
+	ApplicationName string                `json:"application"`
+	NumUnits        int                   `json:"num-units"`
+	Placement       []*instance.Placement `json:"placement"`
 }
 
-// DestroyServiceUnits holds parameters for the DestroyUnits call.
-type DestroyServiceUnits struct {
-	UnitNames []string
+// DestroyApplicationUnits holds parameters for the DestroyUnits call.
+type DestroyApplicationUnits struct {
+	UnitNames []string `json:"unit-names"`
 }
 
-// ServiceDestroy holds the parameters for making the service Destroy call.
-type ServiceDestroy struct {
-	ServiceName string
+// ApplicationDestroy holds the parameters for making the application Destroy call.
+type ApplicationDestroy struct {
+	ApplicationName string `json:"application"`
 }
 
 // Creds holds credentials for identifying an entity.
 type Creds struct {
-	AuthTag  string
-	Password string
-	Nonce    string
+	AuthTag  string `json:"auth-tag"`
+	Password string `json:"password"`
+	Nonce    string `json:"nonce"`
 }
 
 // LoginRequest holds credentials for identifying an entity to the Login v1
@@ -387,94 +386,95 @@
 // LoginRequestCompat holds credentials for identifying an entity to the Login v1
 // or earlier (v0 or even pre-facade).
 type LoginRequestCompat struct {
-	LoginRequest
-	Creds
+	LoginRequest `json:"login-request"`
+	Creds        `json:"creds"`
 }
 
 // GetAnnotationsResults holds annotations associated with an entity.
 type GetAnnotationsResults struct {
-	Annotations map[string]string
+	Annotations map[string]string `json:"annotations"`
 }
 
 // GetAnnotations stores parameters for making the GetAnnotations call.
 type GetAnnotations struct {
-	Tag string
+	Tag string `json:"tag"`
 }
 
 // SetAnnotations stores parameters for making the SetAnnotations call.
 type SetAnnotations struct {
-	Tag   string
-	Pairs map[string]string
+	Tag   string            `json:"tag"`
+	Pairs map[string]string `json:"annotations"`
 }
 
-// GetServiceConstraints stores parameters for making the GetServiceConstraints call.
-type GetServiceConstraints struct {
-	ServiceName string
+// GetApplicationConstraints stores parameters for making the GetApplicationConstraints call.
+type GetApplicationConstraints struct {
+	ApplicationName string `json:"application"`
 }
 
 // GetConstraintsResults holds results of the GetConstraints call.
 type GetConstraintsResults struct {
-	Constraints constraints.Value
+	Constraints constraints.Value `json:"constraints"`
 }
 
 // SetConstraints stores parameters for making the SetConstraints call.
 type SetConstraints struct {
-	ServiceName string //optional, if empty, model constraints are set.
-	Constraints constraints.Value
+	ApplicationName string            `json:"application"` //optional, if empty, model constraints are set.
+	Constraints     constraints.Value `json:"constraints"`
 }
 
 // ResolveCharms stores charm references for a ResolveCharms call.
 type ResolveCharms struct {
-	References []charm.URL
+	References []string `json:"references"`
 }
 
 // ResolveCharmResult holds the result of resolving a charm reference to a URL, or any error that occurred.
 type ResolveCharmResult struct {
-	URL   *charm.URL `json:",omitempty"`
-	Error string     `json:",omitempty"`
+	// URL is a string representation of charm.URL.
+	URL   string `json:"url,omitempty"`
+	Error string `json:"error,omitempty"`
 }
 
 // ResolveCharmResults holds results of the ResolveCharms call.
 type ResolveCharmResults struct {
-	URLs []ResolveCharmResult
+	URLs []ResolveCharmResult `json:"urls"`
 }
 
 // AllWatcherId holds the id of an AllWatcher.
 type AllWatcherId struct {
-	AllWatcherId string
+	AllWatcherId string `json:"watcher-id"`
 }
 
 // AllWatcherNextResults holds deltas returned from calling AllWatcher.Next().
 type AllWatcherNextResults struct {
-	Deltas []multiwatcher.Delta
+	Deltas []multiwatcher.Delta `json:"deltas"`
 }
 
 // ListSSHKeys stores parameters used for a KeyManager.ListKeys call.
 type ListSSHKeys struct {
-	Entities
-	Mode ssh.ListMode
+	Entities `json:"entities"`
+	Mode     ssh.ListMode `json:"mode"`
 }
 
 // ModifyUserSSHKeys stores parameters used for a KeyManager.Add|Delete|Import call for a user.
 type ModifyUserSSHKeys struct {
-	User string
-	Keys []string
+	User string   `json:"user"`
+	Keys []string `json:"ssh-keys"`
 }
 
 // StateServingInfo holds information needed by a state
 // server.
 type StateServingInfo struct {
-	APIPort   int
-	StatePort int
+	APIPort   int `json:"api-port"`
+	StatePort int `json:"state-port"`
 	// The controller cert and corresponding private key.
-	Cert       string
-	PrivateKey string
+	Cert       string `json:"cert"`
+	PrivateKey string `json:"private-key"`
 	// The private key for the CA cert so that a new controller
 	// cert can be generated when needed.
-	CAPrivateKey string
+	CAPrivateKey string `json:"ca-private-key"`
 	// this will be passed as the KeyFile argument to MongoDB
-	SharedSecret   string
-	SystemIdentity string
+	SharedSecret   string `json:"shared-secret"`
+	SystemIdentity string `json:"system-identity"`
 }
 
 // IsMasterResult holds the result of an IsMaster API call.
@@ -482,108 +482,118 @@
 	// Master reports whether the connected agent
 	// lives on the same instance as the mongo replica
 	// set master.
-	Master bool
+	Master bool `json:"master"`
 }
 
 // ContainerManagerConfigParams contains the parameters for the
 // ContainerManagerConfig provisioner API call.
 type ContainerManagerConfigParams struct {
-	Type instance.ContainerType
+	Type instance.ContainerType `json:"type"`
 }
 
 // ContainerManagerConfig contains information from the model config
 // that is needed for configuring the container manager.
 type ContainerManagerConfig struct {
-	ManagerConfig map[string]string
+	ManagerConfig map[string]string `json:"config"`
 }
 
 // UpdateBehavior contains settings that are duplicated in several
 // places. Let's just embed this instead.
 type UpdateBehavior struct {
-	EnableOSRefreshUpdate bool
-	EnableOSUpgrade       bool
+	EnableOSRefreshUpdate bool `json:"enable-os-refresh-update"`
+	EnableOSUpgrade       bool `json:"enable-os-upgrade"`
 }
 
 // ContainerConfig contains information from the model config that is
 // needed for container cloud-init.
 type ContainerConfig struct {
-	ProviderType            string
-	AuthorizedKeys          string
-	SSLHostnameVerification bool
-	Proxy                   proxy.Settings
-	AptProxy                proxy.Settings
-	AptMirror               string
-	PreferIPv6              bool
-	AllowLXCLoopMounts      bool
+	ProviderType            string         `json:"provider-type"`
+	AuthorizedKeys          string         `json:"authorized-keys"`
+	SSLHostnameVerification bool           `json:"ssl-hostname-verification"`
+	Proxy                   proxy.Settings `json:"proxy"`
+	AptProxy                proxy.Settings `json:"apt-proxy"`
+	AptMirror               string         `json:"apt-mirror"`
 	*UpdateBehavior
 }
 
 // ProvisioningScriptParams contains the parameters for the
 // ProvisioningScript client API call.
 type ProvisioningScriptParams struct {
-	MachineId string
-	Nonce     string
+	MachineId string `json:"machine-id"`
+	Nonce     string `json:"nonce"`
 
 	// DataDir may be "", in which case the default will be used.
-	DataDir string
+	DataDir string `json:"data-dir"`
 
 	// DisablePackageCommands may be set to disable all
 	// package-related commands. It is then the responsibility of the
 	// provisioner to ensure that all the packages required by Juju
 	// are available.
-	DisablePackageCommands bool
+	DisablePackageCommands bool `json:"disable-package-commands"`
 }
 
 // ProvisioningScriptResult contains the result of the
 // ProvisioningScript client API call.
 type ProvisioningScriptResult struct {
-	Script string
+	Script string `json:"script"`
 }
 
 // DeployerConnectionValues containers the result of deployer.ConnectionInfo
 // API call.
 type DeployerConnectionValues struct {
-	StateAddresses []string
-	APIAddresses   []string
+	StateAddresses []string `json:"state-addresses"`
+	APIAddresses   []string `json:"api-addresses"`
 }
 
 // JobsResult holds the jobs for a machine that are returned by a call to Jobs.
 type JobsResult struct {
-	Jobs  []multiwatcher.MachineJob `json:"Jobs"`
-	Error *Error                    `json:"Error"`
+	Jobs  []multiwatcher.MachineJob `json:"jobs"`
+	Error *Error                    `json:"error,omitempty"`
 }
 
 // JobsResults holds the result of a call to Jobs.
 type JobsResults struct {
-	Results []JobsResult `json:"Results"`
+	Results []JobsResult `json:"results"`
 }
 
 // DistributionGroupResult contains the result of
 // the DistributionGroup provisioner API call.
 type DistributionGroupResult struct {
-	Error  *Error
-	Result []instance.Id
+	Error  *Error        `json:"error,omitempty"`
+	Result []instance.Id `json:"result"`
 }
 
 // DistributionGroupResults is the bulk form of
 // DistributionGroupResult.
 type DistributionGroupResults struct {
-	Results []DistributionGroupResult
+	Results []DistributionGroupResult `json:"results"`
 }
 
 // FacadeVersions describes the available Facades and what versions of each one
 // are available
 type FacadeVersions struct {
-	Name     string
-	Versions []int
+	Name     string `json:"name"`
+	Versions []int  `json:"versions"`
 }
 
 // LoginResult holds the result of a Login call.
 type LoginResult struct {
-	Servers        [][]HostPort     `json:"Servers"`
-	ModelTag       string           `json:"ModelTag"`
-	LastConnection *time.Time       `json:"LastConnection"`
-	Facades        []FacadeVersions `json:"Facades"`
+	Servers        [][]HostPort     `json:"servers"`
+	ModelTag       string           `json:"model-tag"`
+	LastConnection *time.Time       `json:"last-connection"`
+	Facades        []FacadeVersions `json:"facades"`
+}
+
+// RedirectInfoResult holds the result of a RedirectInfo call.
+type RedirectInfoResult struct {
+	// Servers holds an entry for each server that holds the
+	// addresses for the server.
+	Servers [][]HostPort `json:"servers"`
+
+	// CACert holds the CA certificate for the server.
+	// TODO(rogpeppe) allow this to be empty if the
+	// server has a globally trusted certificate?
+	CACert string `json:"ca-cert"`
 }
 
 // ReauthRequest holds a challenge/response token meaningful to the identity
@@ -602,6 +612,10 @@
 	// Credentials contains an optional opaque credential value to be held by
 	// the client, if any.
 	Credentials *string `json:"credentials,omitempty"`
+
+	// ReadOnly holds whether the user has read-only access for the
+	// connected model.
+	ReadOnly bool `json:"read-only"`
 }
 
 // LoginResultV1 holds the result of an Admin v1 Login call.
@@ -645,7 +659,7 @@
 // ControllersServersSpec contains arguments for
 // the EnableHA client API call.
 type ControllersSpec struct {
-	ModelTag       string
+	ModelTag       string            `json:"model-tag"`
 	NumControllers int               `json:"num-controllers"`
 	Constraints    constraints.Value `json:"constraints,omitempty"`
 	// Series is the series to associate with new controller machines.
@@ -658,21 +672,21 @@
 // ControllersServersSpecs contains all the arguments
 // for the EnableHA API call.
 type ControllersSpecs struct {
-	Specs []ControllersSpec
+	Specs []ControllersSpec `json:"specs"`
 }
 
 // ControllersChangeResult contains the results
 // of a single EnableHA API call or
 // an error.
 type ControllersChangeResult struct {
-	Result ControllersChanges
-	Error  *Error
+	Result ControllersChanges `json:"result"`
+	Error  *Error             `json:"error,omitempty"`
 }
 
 // ControllersChangeResults contains the results
 // of the EnableHA API call.
 type ControllersChangeResults struct {
-	Results []ControllersChangeResult
+	Results []ControllersChangeResult `json:"results"`
 }
 
 // ControllersChanges lists the servers
@@ -690,26 +704,26 @@
 // FindToolsParams defines parameters for the FindTools method.
 type FindToolsParams struct {
 	// Number will be used to match tools versions exactly if non-zero.
-	Number version.Number
+	Number version.Number `json:"number"`
 
 	// MajorVersion will be used to match the major version if non-zero.
-	MajorVersion int
+	MajorVersion int `json:"major"`
 
 	// MinorVersion will be used to match the major version if greater
 	// than or equal to zero, and Number is zero.
-	MinorVersion int
+	MinorVersion int `json:"minor"`
 
 	// Arch will be used to match tools by architecture if non-empty.
-	Arch string
+	Arch string `json:"arch"`
 
 	// Series will be used to match tools by series if non-empty.
-	Series string
+	Series string `json:"series"`
 }
 
 // FindToolsResult holds a list of tools from FindTools and any error.
 type FindToolsResult struct {
-	List  tools.List
-	Error *Error
+	List  tools.List `json:"list"`
+	Error *Error     `json:"error,omitempty"`
 }
 
 // ImageFilterParams holds the parameters used to specify images to delete.
@@ -754,11 +768,11 @@
 // endpoint.  Single character field names are used for serialisation
 // to keep the size down. These messages are going to be sent a lot.
 type LogRecord struct {
-	Time     time.Time   `json:"t"`
-	Module   string      `json:"m"`
-	Location string      `json:"l"`
-	Level    loggo.Level `json:"v"`
-	Message  string      `json:"x"`
+	Time     time.Time `json:"t"`
+	Module   string    `json:"m"`
+	Location string    `json:"l"`
+	Level    string    `json:"v"`
+	Message  string    `json:"x"`
 }
 
 // GetBundleChangesParams holds parameters for making GetBundleChanges calls.
@@ -794,29 +808,29 @@
 // UpgradeMongoParams holds the arguments required to
 // enter upgrade mongo mode.
 type UpgradeMongoParams struct {
-	Target mongo.Version
+	Target mongo.Version `json:"target"`
 }
 
 // HAMember holds information that identifies one member
 // of HA.
 type HAMember struct {
-	Tag           string
-	PublicAddress network.Address
-	Series        string
+	Tag           string          `json:"tag"`
+	PublicAddress network.Address `json:"public-address"`
+	Series        string          `json:"series"`
 }
 
 // MongoUpgradeResults holds the results of an attempt
 // to enter upgrade mongo mode.
 type MongoUpgradeResults struct {
-	RsMembers []replicaset.Member
-	Master    HAMember
-	Members   []HAMember
+	RsMembers []replicaset.Member `json:"rs-members"`
+	Master    HAMember            `json:"master"`
+	Members   []HAMember          `json:"ha-members"`
 }
 
 // ResumeReplicationParams holds the members of a HA that
 // must be resumed.
 type ResumeReplicationParams struct {
-	Members []replicaset.Member
+	Members []replicaset.Member `json:"members"`
 }
 
 // MeterStatusParam holds meter status information to be set for the specified tag.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/params_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/params_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/params_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/params_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,6 @@
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/status"
@@ -43,26 +42,26 @@
 			ModelUUID:  "uuid",
 			Id:         "Benji",
 			InstanceId: "Shazam",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusError,
 				Message: "foo",
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 			},
 			Life:                    multiwatcher.Life("alive"),
 			Series:                  "trusty",
-			SupportedContainers:     []instance.ContainerType{instance.LXC},
+			SupportedContainers:     []instance.ContainerType{instance.LXD},
 			Jobs:                    []multiwatcher.MachineJob{state.JobManageModel.ToParams()},
-			Addresses:               []network.Address{},
+			Addresses:               []multiwatcher.Address{},
 			HardwareCharacteristics: &instance.HardwareCharacteristics{},
 		},
 	},
-	json: `["machine","change",{"ModelUUID":"uuid","Id":"Benji","InstanceId":"Shazam","JujuStatus":{"Err":null,"Current":"error","Message":"foo","Since":null,"Version":"","Data":null},"MachineStatus":{"Err":null,"Current":"pending","Message":"","Since":null,"Version":"","Data":null},"Life":"alive","Series":"trusty","SupportedContainers":["lxc"],"SupportedContainersKnown":false,"HardwareCharacteristics":{},"Jobs":["JobManageModel"],"Addresses":[],"HasVote":false,"WantsVote":false}]`,
+	json: `["machine","change",{"model-uuid":"uuid","id":"Benji","instance-id":"Shazam","agent-status":{"current":"error","message":"foo","version":""},"instance-status":{"current":"pending","message":"","version":""},"life":"alive","series":"trusty","supported-containers":["lxd"],"supported-containers-known":false,"hardware-characteristics":{},"jobs":["JobManageModel"],"addresses":[],"has-vote":false,"wants-vote":false}]`,
 }, {
-	about: "ServiceInfo Delta",
+	about: "ApplicationInfo Delta",
 	value: multiwatcher.Delta{
-		Entity: &multiwatcher.ServiceInfo{
+		Entity: &multiwatcher.ApplicationInfo{
 			ModelUUID:   "uuid",
 			Name:        "Benji",
 			Exposed:     true,
@@ -81,21 +80,21 @@
 			},
 		},
 	},
-	json: `["service","change",{"ModelUUID": "uuid", "CharmURL": "cs:quantal/name","Name":"Benji","Exposed":true,"Life":"dying","OwnerTag":"test-owner","MinUnits":42,"Constraints":{"arch":"armhf", "mem": 1024},"Config": {"hello":"goodbye","foo":false},"Subordinate":false,"Status":{"Current":"active", "Message":"all good", "Version": "", "Err": null, "Data": null, "Since": null}}]`,
+	json: `["application","change",{"model-uuid": "uuid", "charm-url": "cs:quantal/name","name":"Benji","exposed":true,"life":"dying","owner-tag":"test-owner","min-units":42,"constraints":{"arch":"armhf", "mem": 1024},"config": {"hello":"goodbye","foo":false},"subordinate":false,"status":{"current":"active", "message":"all good", "version": ""}}]`,
 }, {
 	about: "UnitInfo Delta",
 	value: multiwatcher.Delta{
 		Entity: &multiwatcher.UnitInfo{
-			ModelUUID: "uuid",
-			Name:      "Benji",
-			Service:   "Shazam",
-			Series:    "precise",
-			CharmURL:  "cs:~user/precise/wordpress-42",
-			Ports: []network.Port{{
+			ModelUUID:   "uuid",
+			Name:        "Benji",
+			Application: "Shazam",
+			Series:      "precise",
+			CharmURL:    "cs:~user/precise/wordpress-42",
+			Ports: []multiwatcher.Port{{
 				Protocol: "http",
 				Number:   80,
 			}},
-			PortRanges: []network.PortRange{{
+			PortRanges: []multiwatcher.PortRange{{
 				FromPort: 80,
 				ToPort:   80,
 				Protocol: "http",
@@ -107,12 +106,12 @@
 				Current: status.StatusActive,
 				Message: "all good",
 			},
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusIdle,
 			},
 		},
 	},
-	json: `["unit","change",{"ModelUUID":"uuid","Name":"Benji","Service":"Shazam","Series":"precise","CharmURL":"cs:~user/precise/wordpress-42","PublicAddress":"testing.invalid","PrivateAddress":"10.0.0.1","MachineId":"1","Ports":[{"Protocol":"http","Number":80}],"PortRanges":[{"FromPort":80,"ToPort":80,"Protocol":"http"}],"Subordinate":false,"WorkloadStatus":{"Err":null,"Current":"active","Message":"all good","Since":null,"Version":"","Data":null},"JujuStatus":{"Err":null,"Current":"idle","Message":"","Since":null,"Version":"","Data":null}}]`,
+	json: `["unit","change",{"model-uuid":"uuid","name":"Benji","application":"Shazam","series":"precise","charm-url":"cs:~user/precise/wordpress-42","public-address":"testing.invalid","private-address":"10.0.0.1","machine-id":"1","ports":[{"protocol":"http","number":80}],"port-ranges":[{"from-port":80,"to-port":80,"protocol":"http"}],"subordinate":false,"workload-status":{"current":"active","message":"all good","version":""},"agent-status":{"current":"idle","message":"","version":""}}]`,
 }, {
 	about: "RelationInfo Delta",
 	value: multiwatcher.Delta{
@@ -121,11 +120,30 @@
 			Key:       "Benji",
 			Id:        4711,
 			Endpoints: []multiwatcher.Endpoint{
-				{ServiceName: "logging", Relation: charm.Relation{Name: "logging-directory", Role: "requirer", Interface: "logging", Optional: false, Limit: 1, Scope: "container"}},
-				{ServiceName: "wordpress", Relation: charm.Relation{Name: "logging-dir", Role: "provider", Interface: "logging", Optional: false, Limit: 0, Scope: "container"}}},
+				{
+					ApplicationName: "logging",
+					Relation: multiwatcher.CharmRelation{
+						Name:      "logging-directory",
+						Role:      "requirer",
+						Interface: "logging",
+						Optional:  false,
+						Limit:     1,
+						Scope:     "container"},
+				},
+				{
+					ApplicationName: "wordpress",
+					Relation: multiwatcher.CharmRelation{
+						Name:      "logging-dir",
+						Role:      "provider",
+						Interface: "logging",
+						Optional:  false,
+						Limit:     0,
+						Scope:     "container"},
+				},
+			},
 		},
 	},
-	json: `["relation","change",{"ModelUUID": "uuid", "Key":"Benji", "Id": 4711, "Endpoints": [{"ServiceName":"logging", "Relation":{"Name":"logging-directory", "Role":"requirer", "Interface":"logging", "Optional":false, "Limit":1, "Scope":"container"}}, {"ServiceName":"wordpress", "Relation":{"Name":"logging-dir", "Role":"provider", "Interface":"logging", "Optional":false, "Limit":0, "Scope":"container"}}]}]`,
+	json: `["relation","change",{"model-uuid": "uuid", "key":"Benji", "id": 4711, "endpoints": [{"application-name":"logging", "relation":{"name":"logging-directory", "role":"requirer", "interface":"logging", "optional":false, "limit":1, "scope":"container"}}, {"application-name":"wordpress", "relation":{"name":"logging-dir", "role":"provider", "interface":"logging", "optional":false, "limit":0, "scope":"container"}}]}]`,
 }, {
 	about: "AnnotationInfo Delta",
 	value: multiwatcher.Delta{
@@ -138,7 +156,7 @@
 			},
 		},
 	},
-	json: `["annotation","change",{"ModelUUID": "uuid", "Tag":"machine-0","Annotations":{"foo":"bar","arble":"2 4"}}]`,
+	json: `["annotation","change",{"model-uuid": "uuid", "tag":"machine-0","annotations":{"foo":"bar","arble":"2 4"}}]`,
 }, {
 	about: "Delta Removed True",
 	value: multiwatcher.Delta{
@@ -148,7 +166,7 @@
 			Key:       "Benji",
 		},
 	},
-	json: `["relation","remove",{"ModelUUID": "uuid", "Key":"Benji", "Id": 0, "Endpoints": null}]`,
+	json: `["relation","remove",{"model-uuid": "uuid", "key":"Benji", "id": 0, "endpoints": null}]`,
 }}
 
 func (s *MarshalSuite) TestDeltaMarshalJSON(c *gc.C) {
@@ -175,7 +193,7 @@
 		var unmarshalled multiwatcher.Delta
 		err := json.Unmarshal([]byte(t.json), &unmarshalled)
 		c.Check(err, jc.ErrorIsNil)
-		c.Check(unmarshalled, gc.DeepEquals, t.value)
+		c.Check(unmarshalled, jc.DeepEquals, t.value)
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/registration.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/registration.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/registration.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/registration.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,7 +24,7 @@
 	// PayloadCiphertext is the encrypted and authenticated
 	// payload. The payload is encrypted/authenticated using
 	// NaCl Secretbox.
-	PayloadCiphertext []byte `json:"ciphertext"`
+	PayloadCiphertext []byte `json:"cipher-text"`
 }
 
 // SecretKeyLoginRequestPayload is JSON-encoded and then encrypted
@@ -45,7 +45,7 @@
 
 	// PayloadCiphertext is the encrypted and authenticated
 	// payload, which is a JSON-encoded SecretKeyLoginResponsePayload.
-	PayloadCiphertext []byte `json:"ciphertext"`
+	PayloadCiphertext []byte `json:"cipher-text"`
 }
 
 // SecretKeyLoginResponsePayload is JSON-encoded and then encrypted
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/retrystrategy.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/retrystrategy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/retrystrategy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/retrystrategy.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,21 +10,21 @@
 
 // RetryStrategy holds the necessary information to configure retries.
 type RetryStrategy struct {
-	ShouldRetry     bool
-	MinRetryTime    time.Duration
-	MaxRetryTime    time.Duration
-	JitterRetryTime bool
-	RetryTimeFactor int64
+	ShouldRetry     bool          `json:"should-retry"`
+	MinRetryTime    time.Duration `json:"min-retry-time"`
+	MaxRetryTime    time.Duration `json:"max-retry-time"`
+	JitterRetryTime bool          `json:"jitter-retry-time"`
+	RetryTimeFactor int64         `json:"retry-time-factor"`
 }
 
 // RetryStrategyResult holds a RetryStrategy or an error.
 type RetryStrategyResult struct {
-	Error  *Error
-	Result *RetryStrategy
+	Error  *Error         `json:"error,omitempty"`
+	Result *RetryStrategy `json:"result,omitempty"`
 }
 
 // RetryStrategyResults holds the bulk operation result of an API call
 // that returns a RetryStrategy or an error.
 type RetryStrategyResults struct {
-	Results []RetryStrategyResult
+	Results []RetryStrategyResult `json:"results"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/status.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,182 +8,195 @@
 import (
 	"time"
 
-	"gopkg.in/juju/charm.v6-unstable"
-
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/state/multiwatcher"
-	"github.com/juju/juju/status"
 )
 
 // StatusParams holds parameters for the Status call.
 type StatusParams struct {
-	Patterns []string
+	Patterns []string `json:"patterns"`
 }
 
 // TODO(ericsnow) Add FullStatusResult.
 
 // FullStatus holds information about the status of a juju model.
 type FullStatus struct {
-	ModelName        string
-	AvailableVersion string
-	Machines         map[string]MachineStatus
-	Services         map[string]ServiceStatus
-	Relations        []RelationStatus
+	Model        ModelStatusInfo              `json:"model"`
+	Machines     map[string]MachineStatus     `json:"machines"`
+	Applications map[string]ApplicationStatus `json:"applications"`
+	Relations    []RelationStatus             `json:"relations"`
+}
+
+// ModelStatusInfo holds status information about the model itself.
+type ModelStatusInfo struct {
+	Name             string `json:"name"`
+	Cloud            string `json:"cloud"`
+	CloudRegion      string `json:"region,omitempty"`
+	Version          string `json:"version"`
+	AvailableVersion string `json:"available-version"`
 }
 
 // MachineStatus holds status info about a machine.
 type MachineStatus struct {
-	AgentStatus    DetailedStatus
-	InstanceStatus DetailedStatus
+	AgentStatus    DetailedStatus `json:"agent-status"`
+	InstanceStatus DetailedStatus `json:"instance-status"`
 
-	DNSName    string
-	InstanceId instance.Id
-	Series     string
-	Id         string
-	Containers map[string]MachineStatus
-	Hardware   string
-	Jobs       []multiwatcher.MachineJob
-	HasVote    bool
-	WantsVote  bool
-}
-
-// ServiceStatus holds status info about a service.
-type ServiceStatus struct {
-	Err           error
-	Charm         string
-	Exposed       bool
-	Life          string
-	Relations     map[string][]string
-	CanUpgradeTo  string
-	SubordinateTo []string
-	Units         map[string]UnitStatus
-	MeterStatuses map[string]MeterStatus
-	Status        DetailedStatus
+	DNSName    string                    `json:"dns-name"`
+	InstanceId instance.Id               `json:"instance-id"`
+	Series     string                    `json:"series"`
+	Id         string                    `json:"id"`
+	Containers map[string]MachineStatus  `json:"containers"`
+	Hardware   string                    `json:"hardware"`
+	Jobs       []multiwatcher.MachineJob `json:"jobs"`
+	HasVote    bool                      `json:"has-vote"`
+	WantsVote  bool                      `json:"wants-vote"`
+}
+
+// ApplicationStatus holds status info about an application.
+type ApplicationStatus struct {
+	Err             error                  `json:"err,omitempty"`
+	Charm           string                 `json:"charm"`
+	Series          string                 `json:"series"`
+	Exposed         bool                   `json:"exposed"`
+	Life            string                 `json:"life"`
+	Relations       map[string][]string    `json:"relations"`
+	CanUpgradeTo    string                 `json:"can-upgrade-to"`
+	SubordinateTo   []string               `json:"subordinate-to"`
+	Units           map[string]UnitStatus  `json:"units"`
+	MeterStatuses   map[string]MeterStatus `json:"meter-statuses"`
+	Status          DetailedStatus         `json:"status"`
+	WorkloadVersion string                 `json:"workload-version"`
 }
 
 // MeterStatus represents the meter status of a unit.
 type MeterStatus struct {
-	Color   string
-	Message string
+	Color   string `json:"color"`
+	Message string `json:"message"`
 }
 
 // UnitStatus holds status info about a unit.
 type UnitStatus struct {
 	// AgentStatus holds the status for a unit's agent.
-	AgentStatus DetailedStatus
+	AgentStatus DetailedStatus `json:"agent-status"`
 
 	// WorkloadStatus holds the status for a unit's workload
-	WorkloadStatus DetailedStatus
+	WorkloadStatus  DetailedStatus `json:"workload-status"`
+	WorkloadVersion string         `json:"workload-version"`
 
-	Machine       string
-	OpenedPorts   []string
-	PublicAddress string
-	Charm         string
-	Subordinates  map[string]UnitStatus
+	Machine       string                `json:"machine"`
+	OpenedPorts   []string              `json:"opened-ports"`
+	PublicAddress string                `json:"public-address"`
+	Charm         string                `json:"charm"`
+	Subordinates  map[string]UnitStatus `json:"subordinates"`
 }
 
 // RelationStatus holds status info about a relation.
 type RelationStatus struct {
-	Id        int
-	Key       string
-	Interface string
-	Scope     charm.RelationScope
-	Endpoints []EndpointStatus
+	Id        int              `json:"id"`
+	Key       string           `json:"key"`
+	Interface string           `json:"interface"`
+	Scope     string           `json:"scope"`
+	Endpoints []EndpointStatus `json:"endpoints"`
 }
 
 // EndpointStatus holds status info about a single endpoint
 type EndpointStatus struct {
-	ServiceName string
-	Name        string
-	Role        charm.RelationRole
-	Subordinate bool
+	ApplicationName string `json:"application"`
+	Name            string `json:"name"`
+	Role            string `json:"role"`
+	Subordinate     bool   `json:"subordinate"`
 }
 
 // TODO(ericsnow) Eliminate the String method.
 
 func (epStatus *EndpointStatus) String() string {
-	return epStatus.ServiceName + ":" + epStatus.Name
+	return epStatus.ApplicationName + ":" + epStatus.Name
 }
 
 // DetailedStatus holds status info about a machine or unit agent.
 type DetailedStatus struct {
-	Status  status.Status
-	Info    string
-	Data    map[string]interface{}
-	Since   *time.Time
-	Kind    HistoryKind
-	Version string
-	Life    string
-	Err     error
-}
-
-// StatusHistoryArgs holds the parameters to filter a status history query.
-type StatusHistoryArgs struct {
-	Kind HistoryKind
-	Size int
-	Name string
+	Status  string                 `json:"status"`
+	Info    string                 `json:"info"`
+	Data    map[string]interface{} `json:"data"`
+	Since   *time.Time             `json:"since"`
+	Kind    string                 `json:"kind"`
+	Version string                 `json:"version"`
+	Life    string                 `json:"life"`
+	Err     error                  `json:"err,omitempty"`
+}
+
+// History holds many DetailedStatus,
+type History struct {
+	Statuses []DetailedStatus `json:"statuses"`
+	Error    *Error           `json:"error,omitempty"`
+}
+
+// StatusHistoryFilter holds arguments that can be use to filter a status history backlog.
+type StatusHistoryFilter struct {
+	Size  int            `json:"size"`
+	Date  *time.Time     `json:"date"`
+	Delta *time.Duration `json:"delta"`
+}
+
+// StatusHistoryRequest holds the parameters to filter a status history query.
+type StatusHistoryRequest struct {
+	Kind   string              `json:"historyKind"`
+	Size   int                 `json:"size"`
+	Filter StatusHistoryFilter `json:"filter"`
+	Tag    string              `json:"tag"`
 }
 
-// StatusHistoryResults holds a slice of statuses.
+// StatusHistoryRequests holds a slice of StatusHistoryArgs
+type StatusHistoryRequests struct {
+	Requests []StatusHistoryRequest `json:"requests"`
+}
+
+// StatusHistoryResult holds a slice of statuses.
+type StatusHistoryResult struct {
+	History History `json:"history"`
+	Error   *Error  `json:"error,omitempty"`
+}
+
+// StatusHistoryResults holds a slice of StatusHistoryResult.
 type StatusHistoryResults struct {
-	Statuses []DetailedStatus
+	Results []StatusHistoryResult `json:"results"`
 }
 
 // StatusHistoryPruneArgs holds arguments for status history
 // prunning process.
 type StatusHistoryPruneArgs struct {
-	MaxLogsPerEntity int
+	MaxHistoryTime time.Duration `json:"max-history-time"`
+	MaxHistoryMB   int           `json:"max-history-mb"`
 }
 
 // StatusResult holds an entity status, extra information, or an
 // error.
 type StatusResult struct {
-	Error  *Error
-	Id     string
-	Life   Life
-	Status status.Status
-	Info   string
-	Data   map[string]interface{}
-	Since  *time.Time
+	Error  *Error                 `json:"error,omitempty"`
+	Id     string                 `json:"id"`
+	Life   Life                   `json:"life"`
+	Status string                 `json:"status"`
+	Info   string                 `json:"info"`
+	Data   map[string]interface{} `json:"data"`
+	Since  *time.Time             `json:"since"`
 }
 
 // StatusResults holds multiple status results.
 type StatusResults struct {
-	Results []StatusResult
+	Results []StatusResult `json:"results"`
 }
 
-// ServiceStatusResult holds results for a service Full Status
-type ServiceStatusResult struct {
-	Service StatusResult
-	Units   map[string]StatusResult
-	Error   *Error
-}
-
-// ServiceStatusResults holds multiple StatusResult.
-type ServiceStatusResults struct {
-	Results []ServiceStatusResult
-}
-
-// HistoryKind represents the possible types of
-// status history entries.
-type HistoryKind string
-
-const (
-	// KindUnit represents agent and workload combined.
-	KindUnit HistoryKind = "unit"
-	// KindUnitAgent represent a unit agent status history entry.
-	KindUnitAgent HistoryKind = "juju-unit"
-	// KindWorkload represents a charm workload status history entry.
-	KindWorkload HistoryKind = "workload"
-	// KindMachineInstance represents an entry for a machine instance.
-	KindMachineInstance = "machine"
-	// KindMachine represents an entry for a machine agent.
-	KindMachine = "juju-machine"
-	// KindContainerInstance represents an entry for a container instance.
-	KindContainerInstance = "container"
-	// KindContainer represents an entry for a container agent.
-	KindContainer = "juju-container"
-)
+// ApplicationStatusResult holds results for an application Full Status
+type ApplicationStatusResult struct {
+	Application StatusResult            `json:"application"`
+	Units       map[string]StatusResult `json:"units"`
+	Error       *Error                  `json:"error,omitempty"`
+}
+
+// ApplicationStatusResults holds multiple StatusResult.
+type ApplicationStatusResults struct {
+	Results []ApplicationStatusResult `json:"results"`
+}
 
 // Life describes the lifecycle state of an entity ("alive", "dying" or "dead").
 type Life multiwatcher.Life
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,13 +9,13 @@
 // on that machine.
 type MachineBlockDevices struct {
 	Machine      string                `json:"machine"`
-	BlockDevices []storage.BlockDevice `json:"blockdevices,omitempty"`
+	BlockDevices []storage.BlockDevice `json:"block-devices,omitempty"`
 }
 
 // SetMachineBlockDevices holds the arguments for recording the block
 // devices present on a set of machines.
 type SetMachineBlockDevices struct {
-	MachineBlockDevices []MachineBlockDevices `json:"machineblockdevices"`
+	MachineBlockDevices []MachineBlockDevices `json:"machine-block-devices"`
 }
 
 // BlockDeviceResult holds the result of an API call to retrieve details
@@ -46,9 +46,9 @@
 
 // StorageInstance describes a storage instance.
 type StorageInstance struct {
-	StorageTag string
-	OwnerTag   string
-	Kind       StorageKind
+	StorageTag string      `json:"storage-tag"`
+	OwnerTag   string      `json:"owner-tag"`
+	Kind       StorageKind `json:"kind"`
 }
 
 // StorageKind is the kind of a storage instance.
@@ -87,20 +87,20 @@
 
 // StorageAttachment describes a unit's attached storage instance.
 type StorageAttachment struct {
-	StorageTag string
-	OwnerTag   string
-	UnitTag    string
-
-	Kind     StorageKind
-	Location string
-	Life     Life
+	StorageTag string `json:"storage-tag"`
+	OwnerTag   string `json:"owner-tag"`
+	UnitTag    string `json:"unit-tag"`
+
+	Kind     StorageKind `json:"kind"`
+	Location string      `json:"location"`
+	Life     Life        `json:"life"`
 }
 
 // StorageAttachmentId identifies a storage attachment by the tags of the
 // related unit and storage instance.
 type StorageAttachmentId struct {
-	StorageTag string `json:"storagetag"`
-	UnitTag    string `json:"unittag"`
+	StorageTag string `json:"storage-tag"`
+	UnitTag    string `json:"unit-tag"`
 }
 
 // StorageAttachmentIds holds a set of storage attachment identifiers.
@@ -150,10 +150,10 @@
 // MachineStorageId identifies the attachment of a storage entity
 // to a machine, by their tags.
 type MachineStorageId struct {
-	MachineTag string `json:"machinetag"`
+	MachineTag string `json:"machine-tag"`
 	// AttachmentTag is the tag of the volume or filesystem whose
 	// attachment to the machine is represented.
-	AttachmentTag string `json:"attachmenttag"`
+	AttachmentTag string `json:"attachment-tag"`
 }
 
 // MachineStorageIds holds a set of machine/storage-entity
@@ -164,14 +164,14 @@
 
 // Volume identifies and describes a storage volume in the model.
 type Volume struct {
-	VolumeTag string     `json:"volumetag"`
+	VolumeTag string     `json:"volume-tag"`
 	Info      VolumeInfo `json:"info"`
 }
 
 // Volume describes a storage volume in the model.
 type VolumeInfo struct {
-	VolumeId   string `json:"volumeid"`
-	HardwareId string `json:"hardwareid,omitempty"`
+	VolumeId   string `json:"volume-id"`
+	HardwareId string `json:"hardware-id,omitempty"`
 	// Size is the size of the volume in MiB.
 	Size       uint64 `json:"size"`
 	Persistent bool   `json:"persistent"`
@@ -184,27 +184,27 @@
 
 // VolumeAttachment identifies and describes a volume attachment.
 type VolumeAttachment struct {
-	VolumeTag  string               `json:"volumetag"`
-	MachineTag string               `json:"machinetag"`
+	VolumeTag  string               `json:"volume-tag"`
+	MachineTag string               `json:"machine-tag"`
 	Info       VolumeAttachmentInfo `json:"info"`
 }
 
 // VolumeAttachmentInfo describes a volume attachment.
 type VolumeAttachmentInfo struct {
-	DeviceName string `json:"devicename,omitempty"`
-	DeviceLink string `json:"devicelink,omitempty"`
-	BusAddress string `json:"busaddress,omitempty"`
+	DeviceName string `json:"device-name,omitempty"`
+	DeviceLink string `json:"device-link,omitempty"`
+	BusAddress string `json:"bus-address,omitempty"`
 	ReadOnly   bool   `json:"read-only,omitempty"`
 }
 
 // VolumeAttachments describes a set of storage volume attachments.
 type VolumeAttachments struct {
-	VolumeAttachments []VolumeAttachment `json:"volumeattachments"`
+	VolumeAttachments []VolumeAttachment `json:"volume-attachments"`
 }
 
 // VolumeParams holds the parameters for creating a storage volume.
 type VolumeParams struct {
-	VolumeTag  string                  `json:"volumetag"`
+	VolumeTag  string                  `json:"volume-tag"`
 	Size       uint64                  `json:"size"`
 	Provider   string                  `json:"provider"`
 	Attributes map[string]interface{}  `json:"attributes,omitempty"`
@@ -215,10 +215,10 @@
 // VolumeAttachmentParams holds the parameters for creating a volume
 // attachment.
 type VolumeAttachmentParams struct {
-	VolumeTag  string `json:"volumetag"`
-	MachineTag string `json:"machinetag"`
-	VolumeId   string `json:"volumeid,omitempty"`
-	InstanceId string `json:"instanceid,omitempty"`
+	VolumeTag  string `json:"volume-tag"`
+	MachineTag string `json:"machine-tag"`
+	VolumeId   string `json:"volume-id,omitempty"`
+	InstanceId string `json:"instance-id,omitempty"`
 	Provider   string `json:"provider"`
 	ReadOnly   bool   `json:"read-only,omitempty"`
 }
@@ -285,14 +285,14 @@
 
 // Filesystem identifies and describes a storage filesystem in the model.
 type Filesystem struct {
-	FilesystemTag string         `json:"filesystemtag"`
-	VolumeTag     string         `json:"volumetag,omitempty"`
+	FilesystemTag string         `json:"filesystem-tag"`
+	VolumeTag     string         `json:"volume-tag,omitempty"`
 	Info          FilesystemInfo `json:"info"`
 }
 
 // Filesystem describes a storage filesystem in the model.
 type FilesystemInfo struct {
-	FilesystemId string `json:"filesystemid"`
+	FilesystemId string `json:"filesystem-id"`
 	// Size is the size of the filesystem in MiB.
 	Size uint64 `json:"size"`
 }
@@ -304,26 +304,26 @@
 
 // FilesystemAttachment identifies and describes a filesystem attachment.
 type FilesystemAttachment struct {
-	FilesystemTag string                   `json:"filesystemtag"`
-	MachineTag    string                   `json:"machinetag"`
+	FilesystemTag string                   `json:"filesystem-tag"`
+	MachineTag    string                   `json:"machine-tag"`
 	Info          FilesystemAttachmentInfo `json:"info"`
 }
 
 // FilesystemAttachmentInfo describes a filesystem attachment.
 type FilesystemAttachmentInfo struct {
-	MountPoint string `json:"mountpoint,omitempty"`
+	MountPoint string `json:"mount-point,omitempty"`
 	ReadOnly   bool   `json:"read-only,omitempty"`
 }
 
 // FilesystemAttachments describes a set of storage filesystem attachments.
 type FilesystemAttachments struct {
-	FilesystemAttachments []FilesystemAttachment `json:"filesystemattachments"`
+	FilesystemAttachments []FilesystemAttachment `json:"filesystem-attachments"`
 }
 
 // FilesystemParams holds the parameters for creating a storage filesystem.
 type FilesystemParams struct {
-	FilesystemTag string                      `json:"filesystemtag"`
-	VolumeTag     string                      `json:"volumetag,omitempty"`
+	FilesystemTag string                      `json:"filesystem-tag"`
+	VolumeTag     string                      `json:"volume-tag,omitempty"`
 	Size          uint64                      `json:"size"`
 	Provider      string                      `json:"provider"`
 	Attributes    map[string]interface{}      `json:"attributes,omitempty"`
@@ -334,12 +334,12 @@
 // FilesystemAttachmentParams holds the parameters for creating a filesystem
 // attachment.
 type FilesystemAttachmentParams struct {
-	FilesystemTag string `json:"filesystemtag"`
-	MachineTag    string `json:"machinetag"`
-	FilesystemId  string `json:"filesystemid,omitempty"`
-	InstanceId    string `json:"instanceid,omitempty"`
+	FilesystemTag string `json:"filesystem-tag"`
+	MachineTag    string `json:"machine-tag"`
+	FilesystemId  string `json:"filesystem-id,omitempty"`
+	InstanceId    string `json:"instance-id,omitempty"`
 	Provider      string `json:"provider"`
-	MountPoint    string `json:"mountpoint,omitempty"`
+	MountPoint    string `json:"mount-point,omitempty"`
 	ReadOnly      bool   `json:"read-only,omitempty"`
 }
 
@@ -393,10 +393,10 @@
 // StorageDetails holds information about storage.
 type StorageDetails struct {
 	// StorageTag holds tag for this storage.
-	StorageTag string `json:"storagetag"`
+	StorageTag string `json:"storage-tag"`
 
-	// OwnerTag holds tag for the owner of this storage, unit or service.
-	OwnerTag string `json:"ownertag"`
+	// OwnerTag holds tag for the owner of this storage, unit or application.
+	OwnerTag string `json:"owner-tag"`
 
 	// Kind holds what kind of storage this instance is.
 	Kind StorageKind `json:"kind"`
@@ -407,7 +407,7 @@
 	// Persistent reports whether or not the underlying volume or
 	// filesystem is persistent; i.e. whether or not it outlives
 	// the machine that it is attached to.
-	Persistent bool
+	Persistent bool `json:"persistent"`
 
 	// Attachments contains a mapping from unit tag to
 	// storage attachment details.
@@ -451,13 +451,13 @@
 // StorageAttachmentDetails holds detailed information about a storage attachment.
 type StorageAttachmentDetails struct {
 	// StorageTag is the tag of the storage instance.
-	StorageTag string `json:"storagetag"`
+	StorageTag string `json:"storage-tag"`
 
 	// UnitTag is the tag of the unit attached to the storage instance.
-	UnitTag string `json:"unittag"`
+	UnitTag string `json:"unit-tag"`
 
 	// MachineTag is the tag of the machine that the attached unit is assigned to.
-	MachineTag string `json:"machinetag"`
+	MachineTag string `json:"machine-tag"`
 
 	// Location holds location (mount point/device path) of
 	// the attached storage.
@@ -492,7 +492,7 @@
 
 // StoragePoolsResult holds a collection of storage pools.
 type StoragePoolsResult struct {
-	Result []StoragePool `json:"storagepools,omitempty"`
+	Result []StoragePool `json:"storage-pools,omitempty"`
 	Error  *Error        `json:"error,omitempty"`
 }
 
@@ -542,7 +542,7 @@
 // information (status, attachments, storage).
 type VolumeDetails struct {
 	// VolumeTag is the tag for the volume.
-	VolumeTag string `json:"volumetag"`
+	VolumeTag string `json:"volume-tag"`
 
 	// Info contains information about the volume.
 	Info VolumeInfo `json:"info"`
@@ -552,7 +552,7 @@
 
 	// MachineAttachments contains a mapping from
 	// machine tag to volume attachment information.
-	MachineAttachments map[string]VolumeAttachmentInfo `json:"machineattachments,omitempty"`
+	MachineAttachments map[string]VolumeAttachmentInfo `json:"machine-attachments,omitempty"`
 
 	// Storage contains details about the storage instance
 	// that the volume is assigned to, if any.
@@ -594,11 +594,11 @@
 // information (status, attachments, storage).
 type FilesystemDetails struct {
 	// FilesystemTag is the tag for the filesystem.
-	FilesystemTag string `json:"filesystemtag"`
+	FilesystemTag string `json:"filesystem-tag"`
 
 	// VolumeTag is the tag for the volume backing the
 	// filesystem, if any.
-	VolumeTag string `json:"volumetag,omitempty"`
+	VolumeTag string `json:"volume-tag,omitempty"`
 
 	// Info contains information about the filesystem.
 	Info FilesystemInfo `json:"info"`
@@ -608,7 +608,7 @@
 
 	// MachineAttachments contains a mapping from
 	// machine tag to filesystem attachment information.
-	MachineAttachments map[string]FilesystemAttachmentInfo `json:"machineattachments,omitempty"`
+	MachineAttachments map[string]FilesystemAttachmentInfo `json:"machine-attachments,omitempty"`
 
 	// Storage contains details about the storage instance
 	// that the volume is assigned to, if any.
@@ -643,13 +643,13 @@
 type StorageConstraints struct {
 	// Pool is the name of the storage pool from which to provision the
 	// storage instance.
-	Pool string `bson:"pool,omitempty"`
+	Pool string `json:"pool,omitempty"`
 
 	// Size is the required size of the storage instance, in MiB.
-	Size *uint64 `bson:"size,omitempty"`
+	Size *uint64 `json:"size,omitempty"`
 
 	// Count is the required number of storage instances.
-	Count *uint64 `bson:"count,omitempty"`
+	Count *uint64 `json:"count,omitempty"`
 }
 
 // StorageAddParams holds storage details to add to a unit dynamically.
@@ -658,7 +658,7 @@
 	UnitTag string `json:"unit"`
 
 	// StorageName is the name of the storage as specified in the charm.
-	StorageName string `bson:"name"`
+	StorageName string `json:"name"`
 
 	// Constraints are specified storage constraints.
 	Constraints StorageConstraints `json:"storage"`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/undertaker.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/undertaker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/params/undertaker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/params/undertaker.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,16 +5,16 @@
 
 // UndertakerModelInfo returns information on an model needed by the undertaker worker.
 type UndertakerModelInfo struct {
-	UUID       string
-	Name       string
-	GlobalName string
-	IsSystem   bool
-	Life       Life
+	UUID       string `json:"uuid"`
+	Name       string `json:"name"`
+	GlobalName string `json:"global-name"`
+	IsSystem   bool   `json:"is-system"`
+	Life       Life   `json:"life"`
 }
 
 // UndertakerModelInfoResult holds the result of an API call that returns an
 // UndertakerModelInfoResult or an error.
 type UndertakerModelInfoResult struct {
-	Error  *Error
-	Result UndertakerModelInfo
+	Error  *Error              `json:"error,omitempty"`
+	Result UndertakerModelInfo `json:"result"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/presence/pinger.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/presence/pinger.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/presence/pinger.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/presence/pinger.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,8 +11,8 @@
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/catacomb"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 )
 
 // Pinger exposes some methods implemented by state/presence.Pinger.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/presence/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/presence/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/presence/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/presence/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/presence"
 	coretesting "github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/container_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/container_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/container_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/container_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,837 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package provisioner_test
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/apiserver/provisioner"
-	apiservertesting "github.com/juju/juju/apiserver/testing"
-	"github.com/juju/juju/feature"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-)
-
-// containerSuite has methods useful to tests working with containers. Notably
-// around testing PrepareContainerInterfaceInfo and ReleaseContainerAddresses.
-type containerSuite struct {
-	provisionerSuite
-
-	provAPI *provisioner.ProvisionerAPI
-}
-
-const regexpMACAddress = "([a-f0-9]{2}:){5}[a-f0-9]{2}"
-
-func (s *containerSuite) SetUpTest(c *gc.C) {
-	c.Skip("dimitern: test disabled as it needs fixing and/or removal with address-allocation feature flag")
-	s.setUpTest(c, false)
-	// Reset any "broken" dummy provider methods.
-	s.breakEnvironMethods(c)
-}
-
-func (s *containerSuite) newCustomAPI(c *gc.C, hostInstId instance.Id, addContainer, provisionContainer bool) *state.Machine {
-	anAuthorizer := s.authorizer
-	anAuthorizer.EnvironManager = false
-	anAuthorizer.Tag = s.machines[0].Tag()
-	aProvisioner, err := provisioner.NewProvisionerAPI(s.State, s.resources, anAuthorizer)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(aProvisioner, gc.NotNil)
-	s.provAPI = aProvisioner
-
-	if hostInstId != "" {
-		err = s.machines[0].SetProvisioned(hostInstId, "fake_nonce", nil)
-		c.Assert(err, jc.ErrorIsNil)
-	}
-
-	if !addContainer {
-		return nil
-	}
-	container, err := s.State.AddMachineInsideMachine(
-		state.MachineTemplate{
-			Series: "quantal",
-			Jobs:   []state.MachineJob{state.JobHostUnits},
-		},
-		s.machines[0].Id(),
-		instance.LXC,
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	if provisionContainer {
-		password, err := utils.RandomPassword()
-		c.Assert(err, jc.ErrorIsNil)
-		err = container.SetPassword(password)
-		c.Assert(err, jc.ErrorIsNil)
-		err = container.SetProvisioned("foo", "fake_nonce", nil)
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	return container
-}
-
-func (s *containerSuite) makeArgs(machines ...*state.Machine) params.Entities {
-	args := params.Entities{Entities: make([]params.Entity, len(machines))}
-	for i, m := range machines {
-		args.Entities[i].Tag = m.Tag().String()
-	}
-	return args
-}
-
-func (s *containerSuite) breakEnvironMethods(c *gc.C, methods ...string) {
-	s.AssertConfigParameterUpdated(c, "broken", strings.Join(methods, " "))
-}
-
-// prepareSuite contains only tests around
-// PrepareContainerInterfaceInfo method.
-type prepareSuite struct {
-	containerSuite
-}
-
-var _ = gc.Suite(&prepareSuite{})
-
-func (s *prepareSuite) newAPI(c *gc.C, provisionHost, addContainer bool) *state.Machine {
-	var hostInstId instance.Id
-	if provisionHost {
-		hostInstId = "i-host"
-	}
-	return s.newCustomAPI(c, hostInstId, addContainer, false)
-}
-
-func (s *prepareSuite) makeErrors(errors ...*params.Error) *params.MachineNetworkConfigResults {
-	results := &params.MachineNetworkConfigResults{
-		Results: make([]params.MachineNetworkConfigResult, len(errors)),
-	}
-	for i, err := range errors {
-		results.Results[i].Error = err
-	}
-	return results
-}
-
-func (s *prepareSuite) makeResults(cfgs ...[]params.NetworkConfig) *params.MachineNetworkConfigResults {
-	results := &params.MachineNetworkConfigResults{
-		Results: make([]params.MachineNetworkConfigResult, len(cfgs)),
-	}
-	for i, cfg := range cfgs {
-		results.Results[i].Config = cfg
-	}
-	return results
-}
-
-func (s *prepareSuite) assertCall(c *gc.C, args params.Entities, expectResults *params.MachineNetworkConfigResults, expectErr string) (error, []loggo.TestLogValues) {
-
-	// Capture the logs for later inspection.
-	logger := loggo.GetLogger("juju.apiserver.provisioner")
-	defer logger.SetLogLevel(logger.LogLevel())
-	logger.SetLogLevel(loggo.TRACE)
-	var tw loggo.TestWriter
-	c.Assert(loggo.RegisterWriter("test", &tw, loggo.TRACE), gc.IsNil)
-	defer loggo.RemoveWriter("test")
-
-	results, err := s.provAPI.PrepareContainerInterfaceInfo(args)
-	c.Logf("PrepareContainerInterfaceInfo returned: err=%v, results=%v", err, results)
-	c.Assert(results.Results, gc.HasLen, len(args.Entities))
-	if expectErr == "" {
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(expectResults, gc.NotNil)
-		c.Assert(results.Results, gc.HasLen, len(expectResults.Results))
-		// Check for any "regex:" prefixes first. Then replace
-		// addresses in expected with the actual ones, so we can use
-		// jc.DeepEquals on the whole result below.
-		// Also check MAC addresses are valid, but as they're randomly
-		// generated we can't test specific values.
-		for i, expect := range expectResults.Results {
-			cfg := results.Results[i].Config
-			c.Assert(cfg, gc.HasLen, len(expect.Config))
-			for j, expCfg := range expect.Config {
-				if strings.HasPrefix(expCfg.Address, "regex:") {
-					rex := strings.TrimPrefix(expCfg.Address, "regex:")
-					c.Assert(cfg[j].Address, gc.Matches, rex)
-					expectResults.Results[i].Config[j].Address = cfg[j].Address
-				}
-				if strings.HasPrefix(expCfg.MACAddress, "regex:") {
-					rex := strings.TrimPrefix(expCfg.MACAddress, "regex:")
-					c.Assert(cfg[j].MACAddress, gc.Matches, rex)
-					expectResults.Results[i].Config[j].MACAddress = cfg[j].MACAddress
-				}
-			}
-		}
-
-		c.Assert(results, jc.DeepEquals, *expectResults)
-	} else {
-		c.Assert(err, gc.ErrorMatches, expectErr)
-		if len(args.Entities) > 0 {
-			result := results.Results[0]
-			// Not using jc.ErrorIsNil below because
-			// (*params.Error)(nil) does not satisfy the error
-			// interface.
-			c.Assert(result.Error, gc.IsNil)
-			c.Assert(result.Config, gc.IsNil)
-		}
-	}
-	return err, tw.Log()
-}
-
-func (s *prepareSuite) TestErrorWithNoFeatureFlag(c *gc.C) {
-	s.SetFeatureFlags() // clear the flags.
-	container := s.newAPI(c, true, true)
-	args := s.makeArgs(container)
-	expectedError := &params.Error{
-		Message: `container address allocation not supported`,
-		Code:    params.CodeNotSupported,
-	}
-	s.assertCall(c, args, &params.MachineNetworkConfigResults{
-		Results: []params.MachineNetworkConfigResult{
-			{Error: expectedError},
-		},
-	}, "")
-}
-
-func (s *prepareSuite) TestErrorWithNonProvisionedHost(c *gc.C) {
-	container := s.newAPI(c, false, true)
-	args := s.makeArgs(container)
-	s.assertCall(c, args, nil,
-		`cannot allocate addresses: host machine "0" not provisioned`,
-	)
-}
-
-func (s *prepareSuite) TestErrorWithProvisionedContainer(c *gc.C) {
-	container := s.newAPI(c, true, true)
-	err := container.SetProvisioned("i-foo", "fake_nonce", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	args := s.makeArgs(container)
-	s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ServerError(
-			`container "0/lxc/0" already provisioned as "i-foo"`,
-		),
-	), "")
-}
-
-func (s *prepareSuite) TestErrorWithHostInsteadOfContainer(c *gc.C) {
-	s.newAPI(c, true, false)
-	args := s.makeArgs(s.machines[0])
-	s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ServerError(
-			`cannot allocate address for "machine-0": not a container`,
-		),
-	), "")
-}
-
-func (s *prepareSuite) TestErrorsWithDifferentHosts(c *gc.C) {
-	s.newAPI(c, true, false)
-	args := s.makeArgs(s.machines[1], s.machines[2])
-	s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-	), "")
-}
-
-func (s *prepareSuite) TestErrorsWithContainersOnDifferentHost(c *gc.C) {
-	s.newAPI(c, true, false)
-	var containers []*state.Machine
-	for i := 0; i < 2; i++ {
-		container, err := s.State.AddMachineInsideMachine(
-			state.MachineTemplate{
-				Series: "quantal",
-				Jobs:   []state.MachineJob{state.JobHostUnits},
-			},
-			s.machines[1].Id(),
-			instance.LXC,
-		)
-		c.Assert(err, jc.ErrorIsNil)
-		containers = append(containers, container)
-	}
-	args := s.makeArgs(containers...)
-	s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-	), "")
-}
-
-func (s *prepareSuite) TestErrorsWithNonMachineOrInvalidTags(c *gc.C) {
-	s.newAPI(c, true, false)
-	args := params.Entities{Entities: []params.Entity{
-		{Tag: "unit-wordpress-0"},
-		{Tag: "service-wordpress"},
-		{Tag: "network-foo"},
-		{Tag: "anything-invalid"},
-		{Tag: "42"},
-		{Tag: "machine-42"},
-		{Tag: ""},
-	}}
-
-	s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ServerError(
-			`"unit-wordpress-0" is not a valid machine tag`),
-		apiservertesting.ServerError(
-			`"service-wordpress" is not a valid machine tag`),
-		apiservertesting.ServerError(
-			`"network-foo" is not a valid machine tag`),
-		apiservertesting.ServerError(
-			`"anything-invalid" is not a valid tag`),
-		apiservertesting.ServerError(
-			`"42" is not a valid tag`),
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ServerError(
-			`"" is not a valid tag`),
-	), "")
-}
-
-func (s *prepareSuite) fillSubnet(c *gc.C, numAllocated int) {
-	// Create the 0.10.0.0/24 subnet in state and pre-allocate up to
-	// numAllocated of the range. This ensures the tests will run
-	// quickly, rather than retrying potentiallu until the full /24
-	// range is exhausted.
-	subInfo := state.SubnetInfo{
-		ProviderId:        "dummy-private",
-		CIDR:              "0.10.0.0/24",
-		VLANTag:           0,
-		AllocatableIPLow:  "0.10.0.0",
-		AllocatableIPHigh: "0.10.0.10", // Intentionally use shorter range.
-	}
-	sub, err := s.BackingState.AddSubnet(subInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	for i := 0; i <= numAllocated; i++ {
-		addr := network.NewAddress(fmt.Sprintf("0.10.0.%d", i))
-		ipaddr, err := s.BackingState.AddIPAddress(addr, sub.ID())
-		c.Check(err, jc.ErrorIsNil)
-		err = ipaddr.SetState(state.AddressStateAllocated)
-		c.Check(err, jc.ErrorIsNil)
-	}
-}
-
-func (s *prepareSuite) TestErrorWithEnvironMethodsFailing(c *gc.C) {
-	container := s.newAPI(c, true, true)
-	args := s.makeArgs(container)
-
-	s.fillSubnet(c, 10)
-
-	// NOTE: We're testing AllocateAddress and ReleaseAddress separately.
-	for i, test := range []struct {
-		method   string
-		err      string
-		errCheck func(error) bool
-	}{{
-		method: "NetworkInterfaces",
-		err:    "cannot allocate addresses: dummy.NetworkInterfaces is broken",
-	}, {
-		method: "Subnets",
-		err:    "cannot allocate addresses: dummy.Subnets is broken",
-	}, {
-		method:   "SupportsAddressAllocation",
-		err:      "cannot allocate addresses: address allocation on any available subnets is not supported",
-		errCheck: errors.IsNotSupported,
-	}} {
-		c.Logf("test %d: broken %q", i, test.method)
-		s.breakEnvironMethods(c, test.method)
-		var err error
-		if test.err != "" {
-			err, _ = s.assertCall(c, args, nil, test.err)
-		}
-		if test.errCheck != nil {
-			c.Check(err, jc.Satisfies, test.errCheck)
-		}
-	}
-}
-
-func (s *prepareSuite) TestRetryingOnAllocateAddressFailure(c *gc.C) {
-	s.SetFeatureFlags(feature.AddressAllocation)
-
-	// This test verifies the retrying logic when AllocateAddress
-	// and/or setAddrState return errors.
-
-	// Pre-allocate the first 5 addresses.
-	s.fillSubnet(c, 5)
-
-	// Now break AllocateAddress so it returns an error to verify the
-	// retry logic kicks in. Because it will always fail, the end
-	// result will always be an address exhaustion error.
-	s.breakEnvironMethods(c, "AllocateAddress")
-
-	container := s.newAPI(c, true, true)
-	args := s.makeArgs(container)
-
-	// Record each time setAddrState is called along with the address
-	// to verify the logs later.
-	var addresses []string
-	origSetAddrState := *provisioner.SetAddrState
-	s.PatchValue(provisioner.SetAddrState, func(ip *state.IPAddress, st state.AddressState) error {
-		c.Logf("setAddrState called for address %q, state %q", ip.String(), st)
-		c.Assert(st, gc.Equals, state.AddressStateUnavailable)
-		addresses = append(addresses, ip.Value())
-
-		// Return an error every other call to test it's handled ok.
-		if len(addresses)%2 == 0 {
-			return errors.New("pow!")
-		}
-		return origSetAddrState(ip, st)
-	})
-
-	_, testLog := s.assertCall(c, args, s.makeErrors(apiservertesting.ServerError(
-		`failed to allocate an address for "0/lxc/0": `+
-			`allocatable IP addresses exhausted for subnet "0.10.0.0/24"`,
-	)), "")
-
-	// Verify the expected addresses, ignoring the order as the
-	// addresses are picked at random.
-	c.Assert(addresses, jc.SameContents, []string{
-		"0.10.0.6",
-		"0.10.0.7",
-		"0.10.0.8",
-		"0.10.0.9",
-		"0.10.0.10",
-	})
-
-	// Now verify the logs.
-	c.Assert(testLog, jc.LogMatches, jc.SimpleMessages{{
-		loggo.WARNING,
-		`allocating address ".+" on instance ".+" and subnet ".+" failed: ` +
-			`dummy.AllocateAddress is broken \(retrying\)`,
-	}, {
-		loggo.TRACE,
-		`setting address ".+" to "unavailable" and retrying`,
-	}, {
-		loggo.TRACE,
-		`picked new address ".+" on subnet ".+"`,
-	}, {
-		loggo.WARNING,
-		`allocating address ".+" on instance ".+" and subnet ".+" failed: ` +
-			`dummy.AllocateAddress is broken \(retrying\)`,
-	}, {
-		loggo.WARNING,
-		`cannot set address ".+" to "unavailable": pow! \(ignoring and retrying\)`,
-	}})
-}
-
-func (s *prepareSuite) TestReleaseAndCleanupWhenAllocateAndOrSetFail(c *gc.C) {
-	// This test verifies the retrying, releasing, and cleanup logic
-	// when AllocateAddress succeeds, but both ReleaseAddress and
-	// setAddrsTo fail, and allocateAddrTo either succeeds or fails.
-
-	// Pre-allocate the first 5 addresses.
-	s.fillSubnet(c, 5)
-
-	// Now break ReleaseAddress to test the how it's handled during
-	// the release/cleanup loop.
-	s.breakEnvironMethods(c, "ReleaseAddress")
-
-	container := s.newAPI(c, true, true)
-	args := s.makeArgs(container)
-
-	// Record each time allocateAddrTo, setAddrsTo, and setAddrState
-	// are called along with the addresses to verify the logs later.
-	var allocAttemptedAddrs, allocAddrsOK, setAddrs, releasedAddrs []string
-	s.PatchValue(provisioner.AllocateAddrTo, func(ip *state.IPAddress, m *state.Machine, mac string) error {
-		c.Logf("allocateAddrTo called for address %q, machine %q, mac %q", ip.String(), m, mac)
-		c.Assert(m.Id(), gc.Equals, container.Id())
-		c.Assert(mac, gc.Matches, regexpMACAddress)
-		allocAttemptedAddrs = append(allocAttemptedAddrs, ip.Value())
-
-		// Succeed on every other call to give a chance to call
-		// setAddrsTo as well.
-		if len(allocAttemptedAddrs)%2 == 0 {
-			allocAddrsOK = append(allocAddrsOK, ip.Value())
-			return nil
-		}
-		return errors.New("crash!")
-	})
-	s.PatchValue(provisioner.SetAddrsTo, func(ip *state.IPAddress, m *state.Machine) error {
-		c.Logf("setAddrsTo called for address %q, machine %q", ip.String(), m)
-		c.Assert(m.Id(), gc.Equals, container.Id())
-		setAddrs = append(setAddrs, ip.Value())
-		return errors.New("boom!")
-	})
-	s.PatchValue(provisioner.SetAddrState, func(ip *state.IPAddress, st state.AddressState) error {
-		c.Logf("setAddrState called for address %q, state %q", ip.String(), st)
-		c.Assert(st, gc.Equals, state.AddressStateUnavailable)
-		releasedAddrs = append(releasedAddrs, ip.Value())
-		return nil
-	})
-
-	_, testLog := s.assertCall(c, args, s.makeErrors(apiservertesting.ServerError(
-		`failed to allocate an address for "0/lxc/0": `+
-			`allocatable IP addresses exhausted for subnet "0.10.0.0/24"`,
-	)), "")
-
-	// Verify the expected addresses, ignoring the order as the
-	// addresses are picked at random.
-	expectAddrs := []string{
-		"0.10.0.6",
-		"0.10.0.7",
-		"0.10.0.8",
-		"0.10.0.9",
-		"0.10.0.10",
-	}
-	// Verify that for each allocated address an attempt is made to
-	// assign it to the container by calling allocateAddrTo
-	// (successful or not doesn't matter).
-	c.Check(allocAttemptedAddrs, jc.SameContents, expectAddrs)
-
-	// Verify that for each allocated address an attempt is made to do
-	// release/cleanup by calling setAddrState(unavailable), after
-	// either allocateAddrTo or setAddrsTo fails.
-	c.Check(releasedAddrs, jc.SameContents, expectAddrs)
-
-	// Verify that for every allocateAddrTo call that passed, the
-	// corresponding setAddrsTo was also called.
-	c.Check(allocAddrsOK, jc.SameContents, setAddrs)
-
-	// Now verify the logs.
-	c.Assert(testLog, jc.LogMatches, jc.SimpleMessages{{
-		loggo.INFO,
-		`allocated address "public:.+" on instance "i-host" and subnet "dummy-private"`,
-	}, {
-		loggo.WARNING,
-		`failed to mark address ".+" as "allocated" to container ".*": crash! \(releasing and retrying\)`,
-	}, {
-		loggo.WARNING,
-		`failed to release address ".+" on instance "i-host" and subnet ".+": ` +
-			`dummy.ReleaseAddress is broken \(ignoring and retrying\)`,
-	}, {
-		loggo.INFO,
-		`allocated address "public:.+" on instance "i-host" and subnet "dummy-private"`,
-	}})
-}
-
-func (s *prepareSuite) TestReleaseAndRetryWhenSetOnlyFails(c *gc.C) {
-	// This test verifies the releasing, and cleanup, as well as
-	// retrying logic when AllocateAddress and allocateAddrTo succeed,
-	// but then both setAddrsTo and setAddrState fail.
-
-	// Pre-allocate the first 9 addresses, so the only address left
-	// will be 0.10.0.10.
-	s.fillSubnet(c, 9)
-
-	container := s.newAPI(c, true, true)
-	args := s.makeArgs(container)
-
-	s.PatchValue(provisioner.SetAddrsTo, func(ip *state.IPAddress, m *state.Machine) error {
-		c.Logf("setAddrsTo called for address %q, machine %q", ip.String(), m)
-		c.Assert(m.Id(), gc.Equals, container.Id())
-		c.Assert(ip.Value(), gc.Equals, "0.10.0.10")
-		return errors.New("boom!")
-	})
-	s.PatchValue(provisioner.SetAddrState, func(ip *state.IPAddress, st state.AddressState) error {
-		c.Logf("setAddrState called for address %q, state %q", ip.String(), st)
-		c.Assert(st, gc.Equals, state.AddressStateUnavailable)
-		c.Assert(ip.Value(), gc.Equals, "0.10.0.10")
-		return errors.New("pow!")
-	})
-
-	// After failing twice, we'll successfully release the address and retry to succeed.
-	_, testLog := s.assertCall(c, args, s.makeResults([]params.NetworkConfig{{
-		ProviderId:       "dummy-eth0",
-		ProviderSubnetId: "dummy-private",
-		CIDR:             "0.10.0.0/24",
-		DeviceIndex:      0,
-		InterfaceName:    "eth0",
-		InterfaceType:    "ethernet",
-		VLANTag:          0,
-		MACAddress:       "regex:" + regexpMACAddress,
-		Disabled:         false,
-		NoAutoStart:      false,
-		ConfigType:       "static",
-		Address:          "0.10.0.10",
-		DNSServers:       []string{"ns1.dummy", "ns2.dummy"},
-		GatewayAddress:   "0.10.0.2",
-	}}), "")
-
-	c.Assert(testLog, jc.LogMatches, jc.SimpleMessages{{
-		loggo.INFO,
-		`allocated address "public:0.10.0.10" on instance "i-host" and subnet "dummy-private"`,
-	}, {
-		loggo.WARNING,
-		`failed to mark address ".+" as "allocated" to container ".*": boom! \(releasing and retrying\)`,
-	}, {
-		loggo.WARNING,
-		`cannot set address "public:0.10.0.10" to "unavailable": pow! \(ignoring and releasing\)`,
-	}, {
-		loggo.INFO,
-		`address "public:0.10.0.10" released; trying to allocate new`,
-	}})
-}
-
-func (s *prepareSuite) TestErrorWhenNoSubnetsAvailable(c *gc.C) {
-	// The magic "i-no-subnets-" instance id prefix for the host
-	// causes the dummy provider to return no results and no errors
-	// from Subnets().
-	container := s.newCustomAPI(c, "i-no-subnets-here", true, false)
-	args := s.makeArgs(container)
-	s.assertCall(c, args, nil, "cannot allocate addresses: no subnets available")
-}
-
-func (s *prepareSuite) TestErrorWithDisabledNIC(c *gc.C) {
-	// The magic "i-disabled-nic-" instance id prefix for the host
-	// causes the dummy provider to return a disabled NIC from
-	// NetworkInterfaces(), which should not be used for the container.
-	container := s.newCustomAPI(c, "i-no-subnets-here", true, false)
-	args := s.makeArgs(container)
-	s.assertCall(c, args, nil, "cannot allocate addresses: no subnets available")
-}
-
-func (s *prepareSuite) TestErrorWhenNoAllocatableSubnetsAvailable(c *gc.C) {
-	// The magic "i-no-alloc-all" instance id for the host causes the
-	// dummy provider's Subnets() method to return all subnets without
-	// an allocatable range
-	container := s.newCustomAPI(c, "i-no-alloc-all", true, false)
-	args := s.makeArgs(container)
-	err, _ := s.assertCall(c, args, nil, "cannot allocate addresses: address allocation on any available subnets is not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-}
-
-func (s *prepareSuite) TestErrorWhenNoNICSAvailable(c *gc.C) {
-	// The magic "i-no-nics-" instance id prefix for the host
-	// causes the dummy provider to return no results and no errors
-	// from NetworkInterfaces().
-	container := s.newCustomAPI(c, "i-no-nics-here", true, false)
-	args := s.makeArgs(container)
-	s.assertCall(c, args, nil, "cannot allocate addresses: no interfaces available")
-}
-
-func (s *prepareSuite) TestErrorWithNICNoSubnetAvailable(c *gc.C) {
-	// The magic "i-nic-no-subnet-" instance id prefix for the host
-	// causes the dummy provider to return a nic that has no associated
-	// subnet from NetworkInterfaces().
-	container := s.newCustomAPI(c, "i-nic-no-subnet-here", true, false)
-	args := s.makeArgs(container)
-	s.assertCall(c, args, nil, "cannot allocate addresses: no subnets available")
-}
-
-func (s *prepareSuite) TestSuccessWithSingleContainer(c *gc.C) {
-	container := s.newAPI(c, true, true)
-	args := s.makeArgs(container)
-	_, testLog := s.assertCall(c, args, s.makeResults([]params.NetworkConfig{{
-		ProviderId:       "dummy-eth0",
-		ProviderSubnetId: "dummy-private",
-		CIDR:             "0.10.0.0/24",
-		DeviceIndex:      0,
-		InterfaceName:    "eth0",
-		InterfaceType:    "ethernet",
-		VLANTag:          0,
-		MACAddress:       "regex:" + regexpMACAddress,
-		Disabled:         false,
-		NoAutoStart:      false,
-		ConfigType:       "static",
-		Address:          "regex:0.10.0.[0-9]{1,3}", // we don't care about the actual value.
-		DNSServers:       []string{"ns1.dummy", "ns2.dummy"},
-		GatewayAddress:   "0.10.0.2",
-	}}), "")
-
-	c.Assert(testLog, jc.LogMatches, jc.SimpleMessages{{
-		loggo.INFO,
-		`allocated address ".+" on instance "i-host" and subnet "dummy-private"`,
-	}, {
-		loggo.INFO,
-		`assigned address ".+" to container "0/lxc/0"`,
-	}})
-}
-
-func (s *prepareSuite) TestSuccessWhenFirstSubnetNotAllocatable(c *gc.C) {
-	// Using "i-no-alloc-0" for the host instance id will cause the
-	// dummy provider to change the Subnets() results to return no
-	// allocatable range for the first subnet (dummy-private), and
-	// also change its ProviderId to "noalloc-private", which in turn
-	// will cause SupportsAddressAllocation() to return false for it.
-	// We test here that we keep looking for other allocatable
-	// subnets.
-	container := s.newCustomAPI(c, "i-no-alloc-0", true, false)
-	args := s.makeArgs(container)
-	_, testLog := s.assertCall(c, args, s.makeResults([]params.NetworkConfig{{
-		ProviderId:       "dummy-eth1",
-		ProviderSubnetId: "dummy-public",
-		CIDR:             "0.20.0.0/24",
-		DeviceIndex:      1,
-		InterfaceName:    "eth1",
-		InterfaceType:    "ethernet",
-		VLANTag:          1,
-		MACAddress:       "regex:" + regexpMACAddress,
-		Disabled:         false,
-		NoAutoStart:      true,
-		ConfigType:       "static",
-		Address:          "regex:0.20.0.[0-9]{1,3}", // we don't care about the actual value.
-		DNSServers:       []string{"ns1.dummy", "ns2.dummy"},
-		GatewayAddress:   "0.20.0.2",
-	}}), "")
-
-	c.Assert(testLog, jc.LogMatches, jc.SimpleMessages{{
-		loggo.TRACE,
-		`ignoring subnet "noalloc-private" - no allocatable range set`,
-	}, {
-		loggo.INFO,
-		`allocated address ".+" on instance "i-no-alloc-0" and subnet "dummy-public"`,
-	}, {
-		loggo.INFO,
-		`assigned address ".+" to container "0/lxc/0"`,
-	}})
-}
-
-// releaseSuite contains only tests around
-// ReleaseContainerAddresses method.
-type releaseSuite struct {
-	containerSuite
-}
-
-var _ = gc.Suite(&releaseSuite{})
-
-func (s *releaseSuite) newAPI(c *gc.C, provisionHost, addContainer bool) *state.Machine {
-	var hostInstId instance.Id
-	if provisionHost {
-		hostInstId = "i-host"
-	}
-	return s.newCustomAPI(c, hostInstId, addContainer, true)
-}
-
-func (s *releaseSuite) makeErrors(errors ...*params.Error) *params.ErrorResults {
-	results := &params.ErrorResults{
-		Results: make([]params.ErrorResult, len(errors)),
-	}
-	for i, err := range errors {
-		results.Results[i].Error = err
-	}
-	return results
-}
-
-func (s *releaseSuite) assertCall(c *gc.C, args params.Entities, expectResults *params.ErrorResults, expectErr string) error {
-	results, err := s.provAPI.ReleaseContainerAddresses(args)
-	c.Logf("ReleaseContainerAddresses returned: err=%v, results=%v", err, results)
-	c.Assert(results.Results, gc.HasLen, len(args.Entities))
-	if expectErr == "" {
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(expectResults, gc.NotNil)
-		c.Assert(results.Results, gc.HasLen, len(expectResults.Results))
-		c.Assert(results, jc.DeepEquals, *expectResults)
-	} else {
-		c.Assert(err, gc.ErrorMatches, expectErr)
-		if len(args.Entities) > 0 {
-			result := results.Results[0]
-			// Not using jc.ErrorIsNil below because
-			// (*params.Error)(nil) does not satisfy the error
-			// interface.
-			c.Assert(result.Error, gc.IsNil)
-		}
-	}
-	return err
-}
-
-func (s *releaseSuite) TestErrorWithNoFeatureFlag(c *gc.C) {
-	s.SetFeatureFlags() // clear the flags.
-	s.newAPI(c, true, false)
-	args := s.makeArgs(s.machines[0])
-	expectedError := `cannot mark addresses for removal for "machine-0": not a container`
-	s.assertCall(c, args, &params.ErrorResults{
-		Results: []params.ErrorResult{{
-			Error: apiservertesting.ServerError(expectedError),
-		}},
-	}, "")
-}
-
-func (s *releaseSuite) TestErrorWithHostInsteadOfContainer(c *gc.C) {
-	s.newAPI(c, true, false)
-	args := s.makeArgs(s.machines[0])
-	err := s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ServerError(
-			`cannot mark addresses for removal for "machine-0": not a container`,
-		),
-	), "")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *releaseSuite) TestErrorsWithDifferentHosts(c *gc.C) {
-	s.newAPI(c, true, false)
-	args := s.makeArgs(s.machines[1], s.machines[2])
-	err := s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-	), "")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *releaseSuite) TestErrorsWithContainersOnDifferentHost(c *gc.C) {
-	s.newAPI(c, true, false)
-	var containers []*state.Machine
-	for i := 0; i < 2; i++ {
-		container, err := s.State.AddMachineInsideMachine(
-			state.MachineTemplate{
-				Series: "quantal",
-				Jobs:   []state.MachineJob{state.JobHostUnits},
-			},
-			s.machines[1].Id(),
-			instance.LXC,
-		)
-		c.Assert(err, jc.ErrorIsNil)
-		containers = append(containers, container)
-	}
-	args := s.makeArgs(containers...)
-	err := s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-	), "")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *releaseSuite) TestErrorsWithNonMachineOrInvalidTags(c *gc.C) {
-	s.newAPI(c, true, false)
-	args := params.Entities{Entities: []params.Entity{
-		{Tag: "unit-wordpress-0"},
-		{Tag: "service-wordpress"},
-		{Tag: "network-foo"},
-		{Tag: "anything-invalid"},
-		{Tag: "42"},
-		{Tag: "machine-42"},
-		{Tag: ""},
-	}}
-
-	err := s.assertCall(c, args, s.makeErrors(
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-		apiservertesting.ErrUnauthorized,
-	), "")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *releaseSuite) allocateAddresses(c *gc.C, containerId string, numAllocated int) {
-	// Create the 0.10.0.0/24 subnet in state and pre-allocate up to
-	// numAllocated of the range. It also allocates them to the specified
-	// container.
-	subInfo := state.SubnetInfo{
-		ProviderId:        "dummy-private",
-		CIDR:              "0.10.0.0/24",
-		VLANTag:           0,
-		AllocatableIPLow:  "0.10.0.0",
-		AllocatableIPHigh: "0.10.0.10",
-	}
-	sub, err := s.BackingState.AddSubnet(subInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	for i := 0; i < numAllocated; i++ {
-		addr := network.NewAddress(fmt.Sprintf("0.10.0.%d", i))
-		ipaddr, err := s.BackingState.AddIPAddress(addr, sub.ID())
-		c.Check(err, jc.ErrorIsNil)
-		err = ipaddr.AllocateTo(containerId, "", "")
-		c.Check(err, jc.ErrorIsNil)
-	}
-}
-
-func (s *releaseSuite) TestSuccess(c *gc.C) {
-	container := s.newAPI(c, true, true)
-	args := s.makeArgs(container)
-
-	s.allocateAddresses(c, container.Id(), 2)
-	err := s.assertCall(c, args, s.makeErrors(nil), "")
-	c.Assert(err, jc.ErrorIsNil)
-	addresses, err := s.BackingState.AllocatedIPAddresses(container.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addresses, gc.HasLen, 2)
-	for _, addr := range addresses {
-		c.Assert(addr.Life(), gc.Equals, state.Dead)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,10 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package provisioner
-
-var (
-	AllocateAddrTo = &allocateAddrTo
-	SetAddrsTo     = &setAddrsTo
-	SetAddrState   = &setAddrState
-)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/imagemetadata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/imagemetadata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/imagemetadata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/imagemetadata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	"github.com/juju/juju/environs/imagemetadata"
 	imagetesting "github.com/juju/juju/environs/imagemetadata/testing"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/state/cloudimagemetadata"
 )
 
@@ -38,6 +39,7 @@
 	// Each individual tests will decide if it needs metadata there.
 	imagetesting.PatchOfficialDataSources(&s.CleanupSuite, "test:/daily")
 	s.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	useTestImageData(c, nil)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioner.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioner.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,13 +4,12 @@
 package provisioner
 
 import (
-	"fmt"
-	"math/rand"
+	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/networkingcommon"
@@ -21,7 +20,6 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/watcher"
 	"github.com/juju/juju/status"
@@ -30,18 +28,12 @@
 var logger = loggo.GetLogger("juju.apiserver.provisioner")
 
 func init() {
-	common.RegisterStandardFacade("Provisioner", 1, NewProvisionerAPI)
-
-	// Version 1 has the same set of methods as 0, with the same
-	// signatures, but its ProvisioningInfo returns additional
-	// information. Clients may require version 1 so that they
-	// receive this additional information; otherwise they are
-	// compatible.
-	common.RegisterStandardFacade("Provisioner", 2, NewProvisionerAPI)
+	common.RegisterStandardFacade("Provisioner", 3, NewProvisionerAPI)
 }
 
 // ProvisionerAPI provides access to the Provisioner API facade.
 type ProvisionerAPI struct {
+	*common.ControllerConfigAPI
 	*common.Remover
 	*common.StatusSetter
 	*common.StatusGetter
@@ -115,6 +107,7 @@
 		APIAddresser:         common.NewAPIAddresser(st, resources),
 		ModelWatcher:         common.NewModelWatcher(st, resources, authorizer),
 		ModelMachinesWatcher: common.NewModelMachinesWatcher(st, resources, authorizer),
+		ControllerConfigAPI:  common.NewControllerConfig(st),
 		InstanceIdGetter:     common.NewInstanceIdGetter(st, getAuthFunc),
 		ToolsFinder:          common.NewToolsFinder(st, st, urlGetter),
 		ToolsGetter:          common.NewToolsGetter(st, st, st, urlGetter, getAuthOwner),
@@ -228,25 +221,10 @@
 // needed for configuring the container manager.
 func (p *ProvisionerAPI) ContainerManagerConfig(args params.ContainerManagerConfigParams) (params.ContainerManagerConfig, error) {
 	var result params.ContainerManagerConfig
-	config, err := p.st.ModelConfig()
-	if err != nil {
-		return result, err
-	}
 	cfg := make(map[string]string)
-	cfg[container.ConfigName] = container.DefaultNamespace
+	cfg[container.ConfigModelUUID] = p.st.ModelUUID()
 
 	switch args.Type {
-	case instance.LXC:
-		if useLxcClone, ok := config.LXCUseClone(); ok {
-			cfg["use-clone"] = fmt.Sprint(useLxcClone)
-		}
-		if useLxcCloneAufs, ok := config.LXCUseCloneAUFS(); ok {
-			cfg["use-aufs"] = fmt.Sprint(useLxcCloneAufs)
-		}
-		if lxcDefaultMTU, ok := config.LXCDefaultMTU(); ok {
-			logger.Debugf("using default MTU %v for all LXC containers NICs", lxcDefaultMTU)
-			cfg[container.ConfigLXCDefaultMTU] = fmt.Sprintf("%d", lxcDefaultMTU)
-		}
 	case instance.LXD:
 		// TODO(jam): DefaultMTU needs to be handled here
 		// TODO(jam): Do we want to handle ImageStream here, or do we
@@ -254,36 +232,6 @@
 		// same image stream?)
 	}
 
-	if !environs.AddressAllocationEnabled(config.Type()) {
-		// No need to even try checking the environ for support.
-		logger.Debugf("address allocation feature flag not enabled")
-		result.ManagerConfig = cfg
-		return result, nil
-	}
-
-	// Create an environment to verify networking support.
-	env, err := environs.New(config)
-	if err != nil {
-		return result, err
-	}
-	if netEnv, ok := environs.SupportsNetworking(env); ok {
-		// Passing network.AnySubnet below should be interpreted by
-		// the provider as "does ANY subnet support this".
-		supported, err := netEnv.SupportsAddressAllocation(network.AnySubnet)
-		if err == nil && supported {
-			cfg[container.ConfigIPForwarding] = "true"
-		} else if err != nil {
-			// We log the error, but it's safe to ignore as it's not
-			// critical.
-			logger.Debugf("address allocation not supported (%v)", err)
-		}
-		// AWS requires NAT in place in order for hosted containers to
-		// reach outside.
-		if config.Type() == provider.EC2 {
-			cfg[container.ConfigEnableNAT] = "true"
-		}
-	}
-
 	result.ManagerConfig = cfg
 	return result, nil
 }
@@ -307,8 +255,6 @@
 	result.Proxy = config.ProxySettings()
 	result.AptProxy = config.AptProxySettings()
 	result.AptMirror = config.AptMirror()
-	result.PreferIPv6 = config.PreferIPv6()
-	result.AllowLXCLoopMounts, _ = config.AllowLXCLoopMounts()
 
 	return result, nil
 }
@@ -340,10 +286,10 @@
 		if err != nil {
 			continue
 		}
-		result.Status = status.Status(statusInfo.Status)
+		result.Status = statusInfo.Status.String()
 		result.Info = statusInfo.Message
 		result.Data = statusInfo.Data
-		if result.Status != status.StatusError {
+		if statusInfo.Status != status.StatusError {
 			continue
 		}
 		// Transient errors are marked as such in the status data.
@@ -450,7 +396,7 @@
 		if !unit.IsPrincipal() {
 			continue
 		}
-		instanceIds, err := state.ServiceInstances(st, unit.ServiceName())
+		instanceIds, err := state.ServiceInstances(st, unit.ApplicationName())
 		if err != nil {
 			return nil, err
 		}
@@ -559,14 +505,9 @@
 	return result, nil
 }
 
-func containerHostname(containerTag names.Tag) string {
-	return fmt.Sprintf("%s-%s", container.DefaultNamespace, containerTag.String())
-}
-
-// ReleaseContainerAddresses finds addresses allocated to a container
-// and marks them as Dead, to be released and removed. It accepts
-// container tags as arguments. If address allocation feature flag is
-// not enabled, it will return a NotSupported error.
+// ReleaseContainerAddresses finds addresses allocated to a container and marks
+// them as Dead, to be released and removed. It accepts container tags as
+// arguments.
 func (p *ProvisionerAPI) ReleaseContainerAddresses(args params.Entities) (params.ErrorResults, error) {
 	result := params.ErrorResults{
 		Results: make([]params.ErrorResult, len(args.Entities)),
@@ -600,93 +541,35 @@
 			continue
 		}
 
-		id := container.Id()
-		addresses, err := p.st.AllocatedIPAddresses(id)
+		// TODO(dimitern): Release those via the provider once we have
+		// Environ.ReleaseContainerAddresses. See LP bug http://pad.lv/1585878
+		err = container.RemoveAllAddresses()
 		if err != nil {
-			logger.Warningf("failed to get Id for container %q: %v", tag, err)
+			logger.Warningf("failed to remove container %q addresses: %v", tag, err)
 			result.Results[i].Error = common.ServerError(err)
 			continue
 		}
-
-		deadErrors := []error{}
-		logger.Debugf("for container %q found addresses %v", tag, addresses)
-		for _, addr := range addresses {
-			err = addr.EnsureDead()
-			if err != nil {
-				deadErrors = append(deadErrors, err)
-				continue
-			}
-		}
-		if len(deadErrors) != 0 {
-			err = errors.Errorf("failed to mark all addresses for removal for %q: %v", tag, deadErrors)
-			result.Results[i].Error = common.ServerError(err)
-		}
 	}
 
 	return result, nil
 }
 
-func (p *ProvisionerAPI) legacyAddressAllocationSupported() (bool, error) {
-	config, err := p.st.ModelConfig()
-	if err != nil {
-		return false, errors.Trace(err)
-	}
-	return environs.AddressAllocationEnabled(config.Type()), nil
-}
-
-// PrepareContainerInterfaceInfo allocates an address and returns
-// information to configure networking for a container. It accepts
-// container tags as arguments. If the address allocation feature flag
-// is not enabled, it returns a NotSupported error.
+// PrepareContainerInterfaceInfo allocates an address and returns information to
+// configure networking for a container. It accepts container tags as arguments.
 func (p *ProvisionerAPI) PrepareContainerInterfaceInfo(args params.Entities) (
 	params.MachineNetworkConfigResults,
 	error,
 ) {
-	supported, err := p.legacyAddressAllocationSupported()
-	if err != nil {
-		return params.MachineNetworkConfigResults{}, errors.Trace(err)
-	}
-	if supported {
-		logger.Warningf("address allocation enabled - using legacyPrepareOrGetContainerInterfaceInfo(true)")
-		return p.legacyPrepareOrGetContainerInterfaceInfo(args, true)
-	}
-	return p.prepareOrGetContainerInterfaceInfo(args, true)
+	return p.prepareOrGetContainerInterfaceInfo(args, false)
 }
 
-// GetContainerInterfaceInfo returns information to configure networking
-// for a container. It accepts container tags as arguments. If the address
-// allocation feature flag is not enabled, it returns a NotSupported error.
+// GetContainerInterfaceInfo returns information to configure networking for a
+// container. It accepts container tags as arguments.
 func (p *ProvisionerAPI) GetContainerInterfaceInfo(args params.Entities) (
 	params.MachineNetworkConfigResults,
 	error,
 ) {
-	supported, err := p.legacyAddressAllocationSupported()
-	if err != nil {
-		return params.MachineNetworkConfigResults{}, errors.Trace(err)
-	}
-	if supported {
-		logger.Warningf("address allocation enabled - using legacyPrepareOrGetContainerInterfaceInfo(false)")
-		return p.legacyPrepareOrGetContainerInterfaceInfo(args, false)
-	}
-	return p.prepareOrGetContainerInterfaceInfo(args, false)
-}
-
-// MACAddressTemplate is used to generate a unique MAC address for a
-// container. Every '%x' is replaced by a random hexadecimal digit,
-// while the rest is kept as-is.
-const MACAddressTemplate = "00:16:3e:%02x:%02x:%02x"
-
-// generateMACAddress creates a random MAC address within the space defined by
-// MACAddressTemplate above.
-//
-// TODO(dimitern): We should make a best effort to ensure the MAC address we
-// generate is unique at least within the current environment.
-func generateMACAddress() string {
-	digits := make([]interface{}, 3)
-	for i := range digits {
-		digits[i] = rand.Intn(256)
-	}
-	return fmt.Sprintf(MACAddressTemplate, digits...)
+	return p.prepareOrGetContainerInterfaceInfo(args, true)
 }
 
 func (p *ProvisionerAPI) prepareOrGetContainerInterfaceInfo(args params.Entities, maintain bool) (params.MachineNetworkConfigResults, error) {
@@ -707,7 +590,7 @@
 	}
 
 	for i, entity := range args.Entities {
-		tag, err := names.ParseMachineTag(entity.Tag)
+		machineTag, err := names.ParseMachineTag(entity.Tag)
 		if err != nil {
 			result.Results[i].Error = common.ServerError(err)
 			continue
@@ -715,12 +598,12 @@
 		// The auth function (canAccess) checks that the machine is a
 		// top level machine (we filter those out next) or that the
 		// machine has the host as a parent.
-		container, err := p.getMachine(canAccess, tag)
+		container, err := p.getMachine(canAccess, machineTag)
 		if err != nil {
 			result.Results[i].Error = common.ServerError(err)
 			continue
 		} else if !container.IsContainer() {
-			err = errors.Errorf("cannot prepare network config for %q: not a container", tag)
+			err = errors.Errorf("cannot prepare network config for %q: not a container", machineTag)
 			result.Results[i].Error = common.ServerError(err)
 			continue
 		} else if ciid, cerr := container.InstanceId(); maintain == true && cerr == nil {
@@ -807,7 +690,7 @@
 			continue
 		}
 
-		allocatedInfo, err := netEnviron.AllocateContainerAddresses(instId, preparedInfo)
+		allocatedInfo, err := netEnviron.AllocateContainerAddresses(instId, machineTag, preparedInfo)
 		if err != nil {
 			result.Results[i].Error = common.ServerError(err)
 			continue
@@ -822,157 +705,6 @@
 	return result, nil
 }
 
-// legacyPrepareOrGetContainerInterfaceInfo optionally allocates an address and
-// returns information for configuring networking on a container. It accepts
-// container tags as arguments.
-func (p *ProvisionerAPI) legacyPrepareOrGetContainerInterfaceInfo(
-	args params.Entities,
-	provisionContainer bool,
-) (
-	params.MachineNetworkConfigResults,
-	error,
-) {
-	result := params.MachineNetworkConfigResults{
-		Results: make([]params.MachineNetworkConfigResult, len(args.Entities)),
-	}
-
-	// Some preparations first.
-	environ, host, canAccess, err := p.prepareContainerAccessEnvironment()
-	if err != nil {
-		return result, errors.Trace(err)
-	}
-	instId, err := host.InstanceId()
-	if err != nil && errors.IsNotProvisioned(err) {
-		// If the host machine is not provisioned yet, we have nothing
-		// to do. NotProvisionedf will append " not provisioned" to
-		// the message.
-		err = errors.NotProvisionedf("cannot allocate addresses: host machine %q", host)
-		return result, err
-	}
-	var subnet *state.Subnet
-	var subnetInfo network.SubnetInfo
-	var interfaceInfo network.InterfaceInfo
-	if environs.AddressAllocationEnabled(environ.Config().Type()) {
-		// We don't need a subnet unless we need to allocate a static IP.
-		subnet, subnetInfo, interfaceInfo, err = p.prepareAllocationNetwork(environ, instId)
-		if err != nil {
-			return result, errors.Annotate(err, "cannot allocate addresses")
-		}
-	} else {
-		var allInterfaceInfos []network.InterfaceInfo
-		allInterfaceInfos, err = environ.NetworkInterfaces(instId)
-		if err != nil {
-			return result, errors.Annotatef(err, "cannot instance %q interfaces", instId)
-		} else if len(allInterfaceInfos) == 0 {
-			return result, errors.New("no interfaces available")
-		}
-		// Currently we only support a single NIC per container, so we only need
-		// the information from the host instance's first NIC.
-		logger.Tracef("interfaces for instance %q: %v", instId, allInterfaceInfos)
-		interfaceInfo = allInterfaceInfos[0]
-	}
-
-	// Loop over the passed container tags.
-	for i, entity := range args.Entities {
-		tag, err := names.ParseMachineTag(entity.Tag)
-		if err != nil {
-			result.Results[i].Error = common.ServerError(err)
-			continue
-		}
-
-		// The auth function (canAccess) checks that the machine is a
-		// top level machine (we filter those out next) or that the
-		// machine has the host as a parent.
-		container, err := p.getMachine(canAccess, tag)
-		if err != nil {
-			result.Results[i].Error = common.ServerError(err)
-			continue
-		} else if !container.IsContainer() {
-			err = errors.Errorf("cannot allocate address for %q: not a container", tag)
-			result.Results[i].Error = common.ServerError(err)
-			continue
-		} else if ciid, cerr := container.InstanceId(); provisionContainer == true && cerr == nil {
-			// Since we want to configure and create NICs on the
-			// container before it starts, it must also be not
-			// provisioned yet.
-			err = errors.Errorf("container %q already provisioned as %q", container, ciid)
-			result.Results[i].Error = common.ServerError(err)
-			continue
-		} else if cerr != nil && !errors.IsNotProvisioned(cerr) {
-			// Any other error needs to be reported.
-			result.Results[i].Error = common.ServerError(cerr)
-			continue
-		}
-
-		var macAddress string
-		var address *state.IPAddress
-		if provisionContainer {
-			// Allocate and set an address.
-			macAddress = generateMACAddress()
-			address, err = p.allocateAddress(environ, subnet, host, container, instId, macAddress)
-			if err != nil {
-				err = errors.Annotatef(err, "failed to allocate an address for %q", container)
-				result.Results[i].Error = common.ServerError(err)
-				continue
-			}
-		} else {
-			id := container.Id()
-			addresses, err := p.st.AllocatedIPAddresses(id)
-			if err != nil {
-				logger.Warningf("failed to get Id for container %q: %v", tag, err)
-				result.Results[i].Error = common.ServerError(err)
-				continue
-			}
-			// TODO(dooferlad): if we get more than 1 address back, we ignore everything after
-			// the first. The calling function expects exactly one result though,
-			// so we don't appear to have a way of allocating >1 address to a
-			// container...
-			if len(addresses) != 1 {
-				logger.Warningf("got %d addresses for container %q - expected 1: %v", len(addresses), tag, err)
-				result.Results[i].Error = common.ServerError(err)
-				continue
-			}
-			address = addresses[0]
-			macAddress = address.MACAddress()
-		}
-
-		// Store it on the machine, construct and set an interface result.
-		dnsServers := make([]string, len(interfaceInfo.DNSServers))
-		for l, dns := range interfaceInfo.DNSServers {
-			dnsServers[l] = dns.Value
-		}
-
-		if macAddress == "" {
-			macAddress = interfaceInfo.MACAddress
-		}
-
-		interfaceType := string(interfaceInfo.InterfaceType)
-		if interfaceType == "" {
-			interfaceType = string(network.EthernetInterface)
-		}
-
-		result.Results[i] = params.MachineNetworkConfigResult{
-			Config: []params.NetworkConfig{{
-				DeviceIndex:      interfaceInfo.DeviceIndex,
-				MACAddress:       macAddress,
-				CIDR:             subnetInfo.CIDR,
-				ProviderId:       string(interfaceInfo.ProviderId),
-				ProviderSubnetId: string(subnetInfo.ProviderId),
-				VLANTag:          interfaceInfo.VLANTag,
-				InterfaceType:    interfaceType,
-				InterfaceName:    interfaceInfo.InterfaceName,
-				Disabled:         interfaceInfo.Disabled,
-				NoAutoStart:      interfaceInfo.NoAutoStart,
-				DNSServers:       dnsServers,
-				ConfigType:       string(network.ConfigStatic),
-				Address:          address.Value(),
-				GatewayAddress:   interfaceInfo.GatewayAddress.Value,
-			}},
-		}
-	}
-	return result, nil
-}
-
 // prepareContainerAccessEnvironment retrieves the environment, host machine, and access
 // for working with containers.
 func (p *ProvisionerAPI) prepareContainerAccessEnvironment() (environs.NetworkingEnviron, *state.Machine, common.AuthFunc, error) {
@@ -1000,281 +732,6 @@
 	return netEnviron, host, canAccess, nil
 }
 
-// prepareAllocationNetwork retrieves the subnet, its info, and the interface info
-// for the allocations.
-func (p *ProvisionerAPI) prepareAllocationNetwork(
-	environ environs.NetworkingEnviron,
-	instId instance.Id,
-) (
-	*state.Subnet,
-	network.SubnetInfo,
-	network.InterfaceInfo,
-	error,
-) {
-	var subnetInfo network.SubnetInfo
-	var interfaceInfo network.InterfaceInfo
-
-	interfaces, err := environ.NetworkInterfaces(instId)
-	if err != nil {
-		return nil, subnetInfo, interfaceInfo, errors.Trace(err)
-	} else if len(interfaces) == 0 {
-		return nil, subnetInfo, interfaceInfo, errors.New("no interfaces available")
-	}
-	logger.Tracef("interfaces for instance %q: %v", instId, interfaces)
-
-	subnetSet := make(set.Strings)
-	subnetIds := []network.Id{}
-	subnetIdToInterface := make(map[network.Id]network.InterfaceInfo)
-	for _, iface := range interfaces {
-		if iface.ProviderSubnetId == "" {
-			logger.Debugf("no subnet associated with interface %#v (skipping)", iface)
-			continue
-		} else if iface.Disabled {
-			logger.Debugf("interface %#v disabled (skipping)", iface)
-			continue
-		}
-		if !subnetSet.Contains(string(iface.ProviderSubnetId)) {
-			subnetIds = append(subnetIds, iface.ProviderSubnetId)
-			subnetSet.Add(string(iface.ProviderSubnetId))
-
-			// This means that multiple interfaces on the same subnet will
-			// only appear once.
-			subnetIdToInterface[iface.ProviderSubnetId] = iface
-		}
-	}
-	subnets, err := environ.Subnets(instId, subnetIds)
-	if err != nil {
-		return nil, subnetInfo, interfaceInfo, errors.Trace(err)
-	} else if len(subnets) == 0 {
-		return nil, subnetInfo, interfaceInfo, errors.Errorf("no subnets available")
-	}
-	logger.Tracef("subnets for instance %q: %v", instId, subnets)
-
-	// TODO(mfoord): we need a better strategy for picking a subnet to
-	// allocate an address on. (dimitern): Right now we just pick the
-	// first subnet with allocatable range set. Instead, we should
-	// allocate an address per interface, assuming each interface is
-	// on a subnet with allocatable range set, and skipping those
-	// which do not have a range set.
-	var success bool
-	for _, sub := range subnets {
-		logger.Tracef("trying to allocate a static IP on subnet %q", sub.ProviderId)
-		if sub.AllocatableIPHigh == nil {
-			logger.Tracef("ignoring subnet %q - no allocatable range set", sub.ProviderId)
-			// this subnet has no allocatable IPs
-			continue
-		}
-		if sub.AllocatableIPLow != nil && sub.AllocatableIPLow.To4() == nil {
-			logger.Tracef("ignoring IPv6 subnet %q - allocating IPv6 addresses not yet supported", sub.ProviderId)
-			// Until we change the way we pick addresses, IPv6 subnets with
-			// their *huge* ranges (/64 being the default), there is no point in
-			// allowing such subnets (it won't even work as PickNewAddress()
-			// assumes IPv4 allocatable range anyway).
-			continue
-		}
-		ok, err := environ.SupportsAddressAllocation(sub.ProviderId)
-		if err == nil && ok {
-			subnetInfo = sub
-			interfaceInfo = subnetIdToInterface[sub.ProviderId]
-
-			// Since with addressable containers the host acts like a gateway
-			// for the containers, instead of using the same gateway for the
-			// containers as their host's
-			interfaceInfo.GatewayAddress.Value = interfaceInfo.Address.Value
-
-			success = true
-			break
-		}
-		logger.Tracef(
-			"subnet %q supports address allocation: %v (error: %v)",
-			sub.ProviderId, ok, err,
-		)
-	}
-	if !success {
-		// " not supported" will be appended to the message below.
-		return nil, subnetInfo, interfaceInfo, errors.NotSupportedf(
-			"address allocation on any available subnets is",
-		)
-	}
-	subnet, err := p.createOrFetchStateSubnet(subnetInfo)
-
-	return subnet, subnetInfo, interfaceInfo, nil
-}
-
-// These are defined like this to allow mocking in tests.
-var (
-	allocateAddrTo = func(a *state.IPAddress, m *state.Machine, macAddress string) error {
-		// TODO(mfoord): populate proper interface ID (in state).
-		return a.AllocateTo(m.Id(), "", macAddress)
-	}
-	setAddrsTo = func(a *state.IPAddress, m *state.Machine) error {
-		return m.SetProviderAddresses(a.Address())
-	}
-	setAddrState = func(a *state.IPAddress, st state.AddressState) error {
-		return a.SetState(st)
-	}
-)
-
-// allocateAddress tries to pick an address out of the given subnet and
-// allocates it to the container.
-func (p *ProvisionerAPI) allocateAddress(
-	environ environs.NetworkingEnviron,
-	subnet *state.Subnet,
-	host, container *state.Machine,
-	instId instance.Id,
-	macAddress string,
-) (*state.IPAddress, error) {
-	hostname := containerHostname(container.Tag())
-
-	if !environs.AddressAllocationEnabled(environ.Config().Type()) {
-		// Even if the address allocation feature flag is not enabled, we might
-		// be running on MAAS 1.8+ with devices support, which we can use to
-		// register containers getting IPs via DHCP. However, most of the usual
-		// allocation code can be bypassed, we just need the parent instance ID
-		// and a MAC address (no subnet or IP address).
-		allocatedAddress := network.Address{}
-		err := environ.AllocateAddress(instId, network.AnySubnet, &allocatedAddress, macAddress, hostname)
-		if err != nil {
-			// Not using MAAS 1.8+ or some other error.
-			return nil, errors.Trace(err)
-		}
-
-		logger.Infof(
-			"allocated address %q on instance %q for container %q",
-			allocatedAddress.String(), instId, hostname,
-		)
-
-		// Add the address to state, so we can look it up later by MAC address.
-		stateAddr, err := p.st.AddIPAddress(allocatedAddress, string(network.AnySubnet))
-		if err != nil {
-			return nil, errors.Annotatef(err, "failed to save address %q", allocatedAddress)
-		}
-
-		err = p.setAllocatedOrRelease(stateAddr, environ, instId, container, network.AnySubnet, macAddress)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-
-		return stateAddr, nil
-	}
-
-	subnetId := network.Id(subnet.ProviderId())
-	for {
-		addr, err := subnet.PickNewAddress()
-		if err != nil {
-			return nil, err
-		}
-		netAddr := addr.Address()
-		logger.Tracef("picked new address %q on subnet %q", addr.String(), subnetId)
-		// Attempt to allocate with environ.
-		err = environ.AllocateAddress(instId, subnetId, &netAddr, macAddress, hostname)
-		if err != nil {
-			logger.Warningf(
-				"allocating address %q on instance %q and subnet %q failed: %v (retrying)",
-				addr.String(), instId, subnetId, err,
-			)
-			// It's as good as unavailable for us, so mark it as
-			// such.
-			err = setAddrState(addr, state.AddressStateUnavailable)
-			if err != nil {
-				logger.Warningf(
-					"cannot set address %q to %q: %v (ignoring and retrying)",
-					addr.String(), state.AddressStateUnavailable, err,
-				)
-				continue
-			}
-			logger.Tracef(
-				"setting address %q to %q and retrying",
-				addr.String(), state.AddressStateUnavailable,
-			)
-			continue
-		}
-		logger.Infof(
-			"allocated address %q on instance %q and subnet %q",
-			addr.String(), instId, subnetId,
-		)
-		err = p.setAllocatedOrRelease(addr, environ, instId, container, subnetId, macAddress)
-		if err != nil {
-			// Something went wrong - retry.
-			continue
-		}
-		return addr, nil
-	}
-}
-
-// setAllocatedOrRelease tries to associate the newly allocated
-// address addr with the container. On failure it makes the best
-// effort to cleanup and release addr, logging issues along the way.
-func (p *ProvisionerAPI) setAllocatedOrRelease(
-	addr *state.IPAddress,
-	environ environs.NetworkingEnviron,
-	instId instance.Id,
-	container *state.Machine,
-	subnetId network.Id,
-	macAddress string,
-) (err error) {
-	defer func() {
-		if errors.Cause(err) == nil {
-			// Success!
-			return
-		}
-		logger.Warningf(
-			"failed to mark address %q as %q to container %q: %v (releasing and retrying)",
-			addr.String(), state.AddressStateAllocated, container, err,
-		)
-		// It's as good as unavailable for us, so mark it as
-		// such.
-		err = setAddrState(addr, state.AddressStateUnavailable)
-		if err != nil {
-			logger.Warningf(
-				"cannot set address %q to %q: %v (ignoring and releasing)",
-				addr.String(), state.AddressStateUnavailable, err,
-			)
-		}
-		err = environ.ReleaseAddress(instId, subnetId, addr.Address(), addr.MACAddress(), "")
-		if err == nil {
-			logger.Infof("address %q released; trying to allocate new", addr.String())
-			return
-		}
-		logger.Warningf(
-			"failed to release address %q on instance %q and subnet %q: %v (ignoring and retrying)",
-			addr.String(), instId, subnetId, err,
-		)
-	}()
-
-	// Any errors returned below will trigger the release/cleanup
-	// steps above.
-	if err = allocateAddrTo(addr, container, macAddress); err != nil {
-		return errors.Trace(err)
-	}
-	if err = setAddrsTo(addr, container); err != nil {
-		return errors.Trace(err)
-	}
-
-	logger.Infof("assigned address %q to container %q", addr.String(), container)
-	return nil
-}
-
-func (p *ProvisionerAPI) createOrFetchStateSubnet(subnetInfo network.SubnetInfo) (*state.Subnet, error) {
-	stateSubnetInfo := state.SubnetInfo{
-		ProviderId:        subnetInfo.ProviderId,
-		CIDR:              subnetInfo.CIDR,
-		VLANTag:           subnetInfo.VLANTag,
-		AllocatableIPHigh: subnetInfo.AllocatableIPHigh.String(),
-		AllocatableIPLow:  subnetInfo.AllocatableIPLow.String(),
-	}
-	subnet, err := p.st.AddSubnet(stateSubnetInfo)
-	if err != nil {
-		if errors.IsAlreadyExists(err) {
-			subnet, err = p.st.Subnet(subnetInfo.CIDR)
-		}
-		if err != nil {
-			return subnet, errors.Trace(err)
-		}
-	}
-	return subnet, nil
-}
-
 // InstanceStatus returns the instance status for each given entity.
 // Only machine tags are accepted.
 func (p *ProvisionerAPI) InstanceStatus(args params.Entities) (params.StatusResults, error) {
@@ -1296,7 +753,7 @@
 		if err == nil {
 			var statusInfo status.StatusInfo
 			statusInfo, err = machine.InstanceStatus()
-			result.Results[i].Status = statusInfo.Status
+			result.Results[i].Status = statusInfo.Status.String()
 			result.Results[i].Info = statusInfo.Message
 			result.Results[i].Data = statusInfo.Data
 			result.Results[i].Since = statusInfo.Since
@@ -1325,7 +782,15 @@
 		}
 		machine, err := p.getMachine(canAccess, mTag)
 		if err == nil {
-			err = machine.SetInstanceStatus(arg.Status, arg.Info, arg.Data)
+			// TODO(perrito666) 2016-05-02 lp:1558657
+			now := time.Now()
+			s := status.StatusInfo{
+				Status:  status.Status(arg.Status),
+				Message: arg.Info,
+				Data:    arg.Data,
+				Since:   &now,
+			}
+			err = machine.SetInstanceStatus(s)
 		}
 		result.Results[i].Error = common.ServerError(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,13 +6,13 @@
 import (
 	"fmt"
 	stdtesting "testing"
+	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
-	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/proxy"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
@@ -21,11 +21,9 @@
 	apiservertesting "github.com/juju/juju/apiserver/testing"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/container"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/state"
 	statetesting "github.com/juju/juju/state/testing"
 	"github.com/juju/juju/status"
@@ -34,9 +32,6 @@
 )
 
 func TestPackage(t *stdtesting.T) {
-	if jujutesting.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1517632")
-	}
 	coretesting.MgoTestPackage(t)
 }
 
@@ -61,10 +56,6 @@
 		"image-stream": "daily",
 	}
 	s.JujuConnSuite.SetUpTest(c)
-	// We're testing with address allocation on by default. There are
-	// separate tests to check the behavior when the flag is not
-	// enabled.
-	s.SetFeatureFlags(feature.AddressAllocation)
 
 	// Reset previous machines (if any) and create 3 machines
 	// for the tests, plus an optional controller machine.
@@ -138,7 +129,7 @@
 			{Tag: s.machines[4].Tag().String(), Password: "xxx4-1234567890123457890"},
 			{Tag: "machine-42", Password: "foo"},
 			{Tag: "unit-foo-0", Password: "zzz"},
-			{Tag: "service-bar", Password: "abc"},
+			{Tag: "application-bar", Password: "abc"},
 		},
 	}
 	results, err := s.provisioner.SetPasswords(args)
@@ -208,7 +199,7 @@
 	}
 	var containers []*state.Machine
 	for i := 0; i < 3; i++ {
-		container, err := s.State.AddMachineInsideMachine(template, s.machines[0].Id(), instance.LXC)
+		container, err := s.State.AddMachineInsideMachine(template, s.machines[0].Id(), instance.LXD)
 		c.Check(err, jc.ErrorIsNil)
 		containers = append(containers, container)
 	}
@@ -224,7 +215,7 @@
 		{Tag: containers[2].Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := aProvisioner.Life(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -257,7 +248,7 @@
 		{Tag: s.machines[2].Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.Life(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -304,7 +295,7 @@
 		{Tag: s.machines[2].Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.Remove(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -327,22 +318,38 @@
 }
 
 func (s *withoutControllerSuite) TestSetStatus(c *gc.C) {
-	err := s.machines[0].SetStatus(status.StatusStarted, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[1].SetStatus(status.StatusStopped, "foo", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[2].SetStatus(status.StatusError, "not really", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.machines[0].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusStopped,
+		Message: "foo",
+		Since:   &now,
+	}
+	err = s.machines[1].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "not really",
+		Since:   &now,
+	}
+	err = s.machines[2].SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: s.machines[0].Tag().String(), Status: status.StatusError, Info: "not really",
+			{Tag: s.machines[0].Tag().String(), Status: status.StatusError.String(), Info: "not really",
 				Data: map[string]interface{}{"foo": "bar"}},
-			{Tag: s.machines[1].Tag().String(), Status: status.StatusStopped, Info: "foobar"},
-			{Tag: s.machines[2].Tag().String(), Status: status.StatusStarted, Info: "again"},
-			{Tag: "machine-42", Status: status.StatusStarted, Info: "blah"},
-			{Tag: "unit-foo-0", Status: status.StatusStopped, Info: "foobar"},
-			{Tag: "service-bar", Status: status.StatusStopped, Info: "foobar"},
+			{Tag: s.machines[1].Tag().String(), Status: status.StatusStopped.String(), Info: "foobar"},
+			{Tag: s.machines[2].Tag().String(), Status: status.StatusStarted.String(), Info: "again"},
+			{Tag: "machine-42", Status: status.StatusStarted.String(), Info: "blah"},
+			{Tag: "unit-foo-0", Status: status.StatusStopped.String(), Info: "foobar"},
+			{Tag: "application-bar", Status: status.StatusStopped.String(), Info: "foobar"},
 		}}
 	result, err := s.provisioner.SetStatus(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -364,18 +371,45 @@
 }
 
 func (s *withoutControllerSuite) TestMachinesWithTransientErrors(c *gc.C) {
-	err := s.machines[0].SetStatus(status.StatusStarted, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[1].SetStatus(status.StatusError, "transient error",
-		map[string]interface{}{"transient": true, "foo": "bar"})
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[2].SetStatus(status.StatusError, "error", map[string]interface{}{"transient": false})
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[3].SetStatus(status.StatusError, "error", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.machines[0].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "transient error",
+		Data:    map[string]interface{}{"transient": true, "foo": "bar"},
+		Since:   &now,
+	}
+	err = s.machines[1].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "error",
+		Data:    map[string]interface{}{"transient": false},
+		Since:   &now,
+	}
+	err = s.machines[2].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "error",
+		Since:   &now,
+	}
+	err = s.machines[3].SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	// Machine 4 is provisioned but error not reset yet.
-	err = s.machines[4].SetStatus(status.StatusError, "transient error",
-		map[string]interface{}{"transient": true, "foo": "bar"})
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "transient error",
+		Data:    map[string]interface{}{"transient": true, "foo": "bar"},
+		Since:   &now,
+	}
+	err = s.machines[4].SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	hwChars := instance.MustParseHardware("arch=i386", "mem=4G")
 	err = s.machines[4].SetProvisioned("i-am", "fake_nonce", &hwChars)
@@ -398,14 +432,36 @@
 	anAuthorizer.Tag = names.NewMachineTag("1")
 	aProvisioner, err := provisioner.NewProvisionerAPI(s.State, s.resources,
 		anAuthorizer)
-	err = s.machines[0].SetStatus(status.StatusStarted, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[1].SetStatus(status.StatusError, "transient error",
-		map[string]interface{}{"transient": true, "foo": "bar"})
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[2].SetStatus(status.StatusError, "error", map[string]interface{}{"transient": false})
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[3].SetStatus(status.StatusError, "error", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "blah",
+		Since:   &now,
+	}
+	err = s.machines[0].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "transient error",
+		Data:    map[string]interface{}{"transient": true, "foo": "bar"},
+		Since:   &now,
+	}
+	err = s.machines[1].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "error",
+		Data:    map[string]interface{}{"transient": false},
+		Since:   &now,
+	}
+	err = s.machines[2].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "error",
+		Since:   &now,
+	}
+	err = s.machines[3].SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	result, err := aProvisioner.MachinesWithTransientErrors()
@@ -431,7 +487,7 @@
 		{Tag: s.machines[2].Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.EnsureDead(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -472,11 +528,11 @@
 	c.Assert(s.resources.Count(), gc.Equals, 0)
 
 	args := params.WatchContainers{Params: []params.WatchContainer{
-		{MachineTag: s.machines[0].Tag().String(), ContainerType: string(instance.LXC)},
+		{MachineTag: s.machines[0].Tag().String(), ContainerType: string(instance.LXD)},
 		{MachineTag: s.machines[1].Tag().String(), ContainerType: string(instance.KVM)},
 		{MachineTag: "machine-42", ContainerType: ""},
 		{MachineTag: "unit-foo-0", ContainerType: ""},
-		{MachineTag: "service-bar", ContainerType: ""},
+		{MachineTag: "application-bar", ContainerType: ""},
 	}}
 	result, err := s.provisioner.WatchContainers(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -513,7 +569,7 @@
 		{MachineTag: s.machines[1].Tag().String()},
 		{MachineTag: "machine-42"},
 		{MachineTag: "unit-foo-0"},
-		{MachineTag: "service-bar"},
+		{MachineTag: "application-bar"},
 	}}
 	result, err := s.provisioner.WatchAllContainers(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -555,11 +611,28 @@
 }
 
 func (s *withoutControllerSuite) TestStatus(c *gc.C) {
-	err := s.machines[0].SetStatus(status.StatusStarted, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[1].SetStatus(status.StatusStopped, "foo", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machines[2].SetStatus(status.StatusError, "not really", map[string]interface{}{"foo": "bar"})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.machines[0].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusStopped,
+		Message: "foo",
+		Since:   &now,
+	}
+	err = s.machines[1].SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "not really",
+		Data:    map[string]interface{}{"foo": "bar"},
+		Since:   &now,
+	}
+	err = s.machines[2].SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	args := params.Entities{Entities: []params.Entity{
@@ -568,7 +641,7 @@
 		{Tag: s.machines[2].Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.Status(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -583,9 +656,9 @@
 	}
 	c.Assert(result, gc.DeepEquals, params.StatusResults{
 		Results: []params.StatusResult{
-			{Status: status.StatusStarted, Info: "blah", Data: map[string]interface{}{}},
-			{Status: status.StatusStopped, Info: "foo", Data: map[string]interface{}{}},
-			{Status: status.StatusError, Info: "not really", Data: map[string]interface{}{"foo": "bar"}},
+			{Status: status.StatusStarted.String(), Info: "blah", Data: map[string]interface{}{}},
+			{Status: status.StatusStopped.String(), Info: "foo", Data: map[string]interface{}{}},
+			{Status: status.StatusError.String(), Info: "not really", Data: map[string]interface{}{"foo": "bar"}},
 			{Error: apiservertesting.NotFoundError("machine 42")},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
@@ -604,7 +677,7 @@
 		{Tag: s.machines[2].Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.Series(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -695,9 +768,9 @@
 	args := params.Entities{Entities: []params.Entity{
 		{Tag: "machine-0"},
 		{Tag: "machine-42"},
-		{Tag: "machine-0-lxc-99"},
+		{Tag: "machine-0-lxd-99"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.DistributionGroup(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -726,9 +799,9 @@
 		{Tag: "machine-0"},
 		{Tag: "machine-1"},
 		{Tag: "machine-42"},
-		{Tag: "machine-0-lxc-99"},
-		{Tag: "machine-1-lxc-99"},
-		{Tag: "machine-1-lxc-99-lxc-100"},
+		{Tag: "machine-0-lxd-99"},
+		{Tag: "machine-1-lxd-99"},
+		{Tag: "machine-1-lxd-99-lxd-100"},
 	}}
 	result, err := provisioner.DistributionGroup(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -740,7 +813,7 @@
 			// only a machine agent for the container or its
 			// parent may access it.
 			{Error: apiservertesting.ErrUnauthorized},
-			{Error: apiservertesting.NotFoundError("machine 1/lxc/99")},
+			{Error: apiservertesting.NotFoundError("machine 1/lxd/99")},
 			{Error: apiservertesting.ErrUnauthorized},
 		},
 	})
@@ -765,7 +838,7 @@
 		{Tag: consMachine.Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.Constraints(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -838,7 +911,7 @@
 	},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.SetInstanceInfo(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -907,7 +980,7 @@
 		{Tag: s.machines[2].Tag().String()},
 		{Tag: "machine-42"},
 		{Tag: "unit-foo-0"},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 	result, err := s.provisioner.InstanceId(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -967,39 +1040,14 @@
 func (s *withoutControllerSuite) TestContainerManagerConfig(c *gc.C) {
 	cfg := s.getManagerConfig(c, instance.KVM)
 	c.Assert(cfg, jc.DeepEquals, map[string]string{
-		container.ConfigName: "juju",
-
-		// dummy provider supports both networking and address
-		// allocation by default, so IP forwarding should be enabled.
-		container.ConfigIPForwarding: "true",
-	})
-}
-
-func (s *withoutControllerSuite) TestContainerManagerConfigNoFeatureFlagNoIPForwarding(c *gc.C) {
-	s.SetFeatureFlags() // clear the flags.
-
-	cfg := s.getManagerConfig(c, instance.KVM)
-	c.Assert(cfg, jc.DeepEquals, map[string]string{
-		container.ConfigName: "juju",
-		// ConfigIPForwarding should be missing.
-	})
-}
-
-func (s *withoutControllerSuite) TestContainerManagerConfigNoIPForwarding(c *gc.C) {
-	// Break dummy provider's SupportsAddressAllocation method to
-	// ensure ConfigIPForwarding is not set below.
-	s.AssertConfigParameterUpdated(c, "broken", "SupportsAddressAllocation")
-
-	cfg := s.getManagerConfig(c, instance.KVM)
-	c.Assert(cfg, jc.DeepEquals, map[string]string{
-		container.ConfigName: "juju",
+		container.ConfigModelUUID: coretesting.ModelTag.Id(),
 	})
 }
 
 func (s *withoutControllerSuite) TestContainerConfig(c *gc.C) {
 	attrs := map[string]interface{}{
 		"http-proxy":            "http://proxy.example.com:9000",
-		"allow-lxc-loop-mounts": true,
+		"allow-lxd-loop-mounts": true,
 		"apt-mirror":            "http://example.mirror.com",
 	}
 	err := s.State.UpdateModelConfig(attrs, nil, nil)
@@ -1017,17 +1065,15 @@
 	c.Check(results.Proxy, gc.DeepEquals, expectedProxy)
 	c.Check(results.AptProxy, gc.DeepEquals, expectedProxy)
 	c.Check(results.AptMirror, gc.DeepEquals, "http://example.mirror.com")
-	c.Check(results.PreferIPv6, jc.IsFalse)
-	c.Check(results.AllowLXCLoopMounts, jc.IsTrue)
 }
 
 func (s *withoutControllerSuite) TestSetSupportedContainers(c *gc.C) {
 	args := params.MachineContainersParams{Params: []params.MachineContainers{{
 		MachineTag:     "machine-0",
-		ContainerTypes: []instance.ContainerType{instance.LXC},
+		ContainerTypes: []instance.ContainerType{instance.LXD},
 	}, {
 		MachineTag:     "machine-1",
-		ContainerTypes: []instance.ContainerType{instance.LXC, instance.KVM},
+		ContainerTypes: []instance.ContainerType{instance.LXD, instance.KVM},
 	}}}
 	results, err := s.provisioner.SetSupportedContainers(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -1039,12 +1085,12 @@
 	c.Assert(err, jc.ErrorIsNil)
 	containers, ok := m0.SupportedContainers()
 	c.Assert(ok, jc.IsTrue)
-	c.Assert(containers, gc.DeepEquals, []instance.ContainerType{instance.LXC})
+	c.Assert(containers, gc.DeepEquals, []instance.ContainerType{instance.LXD})
 	m1, err := s.State.Machine("1")
 	c.Assert(err, jc.ErrorIsNil)
 	containers, ok = m1.SupportedContainers()
 	c.Assert(ok, jc.IsTrue)
-	c.Assert(containers, gc.DeepEquals, []instance.ContainerType{instance.LXC, instance.KVM})
+	c.Assert(containers, gc.DeepEquals, []instance.ContainerType{instance.LXD, instance.KVM})
 }
 
 func (s *withoutControllerSuite) TestSetSupportedContainersPermissions(c *gc.C) {
@@ -1059,13 +1105,13 @@
 	args := params.MachineContainersParams{
 		Params: []params.MachineContainers{{
 			MachineTag:     "machine-0",
-			ContainerTypes: []instance.ContainerType{instance.LXC},
+			ContainerTypes: []instance.ContainerType{instance.LXD},
 		}, {
 			MachineTag:     "machine-1",
-			ContainerTypes: []instance.ContainerType{instance.LXC},
+			ContainerTypes: []instance.ContainerType{instance.LXD},
 		}, {
 			MachineTag:     "machine-42",
-			ContainerTypes: []instance.ContainerType{instance.LXC},
+			ContainerTypes: []instance.ContainerType{instance.LXD},
 		},
 		},
 	}
@@ -1190,43 +1236,3 @@
 		c.Assert(tools.URL, gc.Equals, url)
 	}
 }
-
-type lxcDefaultMTUSuite struct {
-	provisionerSuite
-}
-
-var _ = gc.Suite(&lxcDefaultMTUSuite{})
-
-func (s *lxcDefaultMTUSuite) SetUpTest(c *gc.C) {
-	// Because lxc-default-mtu is an immutable setting, we need to set
-	// it in the default config JujuConnSuite uses, before the
-	// environment is "created".
-	s.DummyConfig = dummy.SampleConfig()
-	s.DummyConfig["lxc-default-mtu"] = 9000
-	s.provisionerSuite.SetUpTest(c)
-
-	stateConfig, err := s.State.ModelConfig()
-	c.Assert(err, jc.ErrorIsNil)
-	value, ok := stateConfig.LXCDefaultMTU()
-	c.Assert(ok, jc.IsTrue)
-	c.Assert(value, gc.Equals, 9000)
-	c.Logf("environ config lxc-default-mtu set to %v", value)
-}
-
-func (s *lxcDefaultMTUSuite) TestContainerManagerConfigLXCDefaultMTU(c *gc.C) {
-	managerConfig := s.getManagerConfig(c, instance.LXC)
-	c.Assert(managerConfig, jc.DeepEquals, map[string]string{
-		container.ConfigName:          "juju",
-		container.ConfigLXCDefaultMTU: "9000",
-
-		"use-aufs":                   "false",
-		container.ConfigIPForwarding: "true",
-	})
-
-	// KVM instances are not affected.
-	managerConfig = s.getManagerConfig(c, instance.KVM)
-	c.Assert(managerConfig, jc.DeepEquals, map[string]string{
-		container.ConfigName:         "juju",
-		container.ConfigIPForwarding: "true",
-	})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/series"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/storagecommon"
@@ -88,6 +88,10 @@
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot get available image metadata")
 	}
+	controllerCfg, err := p.st.ControllerConfig()
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot get controller configuration")
+	}
 
 	return &params.ProvisioningInfo{
 		Constraints:      cons,
@@ -99,6 +103,7 @@
 		SubnetsToZones:   subnetsToZones,
 		EndpointBindings: endpointBindings,
 		ImageMetadata:    imageMetadata,
+		ControllerConfig: controllerCfg,
 	}, nil
 }
 
@@ -113,7 +118,11 @@
 	if len(volumeAttachments) == 0 {
 		return nil, nil
 	}
-	envConfig, err := p.st.ModelConfig()
+	modelConfig, err := p.st.ModelConfig()
+	if err != nil {
+		return nil, err
+	}
+	controllerCfg, err := p.st.ControllerConfig()
 	if err != nil {
 		return nil, err
 	}
@@ -131,7 +140,8 @@
 		if err != nil {
 			return nil, errors.Annotatef(err, "getting volume %q storage instance", volumeTag.Id())
 		}
-		volumeParams, err := storagecommon.VolumeParams(volume, storageInstance, envConfig, poolManager)
+		volumeParams, err := storagecommon.VolumeParams(
+			volume, storageInstance, modelConfig.UUID(), controllerCfg.ControllerUUID(), modelConfig, poolManager)
 		if err != nil {
 			return nil, errors.Annotatef(err, "getting volume %q parameters", volumeTag.Id())
 		}
@@ -190,7 +200,11 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	machineTags := instancecfg.InstanceTags(cfg, jobs)
+	controllerCfg, err := p.st.ControllerConfig()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	machineTags := instancecfg.InstanceTags(cfg.UUID(), controllerCfg.ControllerUUID(), cfg, jobs)
 	if len(unitNames) > 0 {
 		machineTags[tags.JujuUnitsDeployed] = strings.Join(unitNames, " ")
 	}
@@ -276,7 +290,7 @@
 		if !unit.IsPrincipal() {
 			continue
 		}
-		service, err := unit.Service()
+		service, err := unit.Application()
 		if err != nil {
 			return nil, err
 		}
@@ -395,7 +409,7 @@
 		return nil, nil, nil, errors.Annotate(err, "could not get model config")
 	}
 
-	env, err := environs.New(cfg)
+	env, err := environs.GetEnviron(p.st, environs.New)
 	if err != nil {
 		return nil, nil, nil, errors.Annotate(err, "could not get model")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/provisioner/provisioninginfo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/storage"
@@ -50,21 +51,27 @@
 	result, err := s.provisioner.ProvisioningInfo(args)
 	c.Assert(err, jc.ErrorIsNil)
 
+	controllerCfg := coretesting.FakeControllerConfig()
+	// Dummy provider uses a random port, which is added to cfg used to create environment.
+	apiPort := dummy.ApiPort(s.Environ.Provider())
+	controllerCfg["api-port"] = apiPort
 	expected := params.ProvisioningInfoResults{
 		Results: []params.ProvisioningInfoResult{
 			{Result: &params.ProvisioningInfo{
-				Series: "quantal",
-				Jobs:   []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
+				ControllerConfig: controllerCfg,
+				Series:           "quantal",
+				Jobs:             []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 				Tags: map[string]string{
 					tags.JujuController: coretesting.ModelTag.Id(),
 					tags.JujuModel:      coretesting.ModelTag.Id(),
 				},
 			}},
 			{Result: &params.ProvisioningInfo{
-				Series:      "quantal",
-				Constraints: template.Constraints,
-				Placement:   template.Placement,
-				Jobs:        []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
+				ControllerConfig: controllerCfg,
+				Series:           "quantal",
+				Constraints:      template.Constraints,
+				Placement:        template.Placement,
+				Jobs:             []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 				Tags: map[string]string{
 					tags.JujuController: coretesting.ModelTag.Id(),
 					tags.JujuModel:      coretesting.ModelTag.Id(),
@@ -159,13 +166,18 @@
 	result, err := s.provisioner.ProvisioningInfo(args)
 	c.Assert(err, jc.ErrorIsNil)
 
+	controllerCfg := coretesting.FakeControllerConfig()
+	// Dummy provider uses a random port, which is added to cfg used to create environment.
+	apiPort := dummy.ApiPort(s.Environ.Provider())
+	controllerCfg["api-port"] = apiPort
 	expected := params.ProvisioningInfoResults{
 		Results: []params.ProvisioningInfoResult{{
 			Result: &params.ProvisioningInfo{
-				Series:      "quantal",
-				Constraints: template.Constraints,
-				Placement:   template.Placement,
-				Jobs:        []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
+				ControllerConfig: controllerCfg,
+				Series:           "quantal",
+				Constraints:      template.Constraints,
+				Placement:        template.Placement,
+				Jobs:             []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 				Tags: map[string]string{
 					tags.JujuController: coretesting.ModelTag.Id(),
 					tags.JujuModel:      coretesting.ModelTag.Id(),
@@ -186,16 +198,13 @@
 	_, err = s.State.AddSpace("space2", "", nil, false) // no provider ID
 	c.Assert(err, jc.ErrorIsNil)
 	// Add 1 subnet into space1, and 2 into space2.
-	// Only the first subnet of space2 has AllocatableIPLow|High set.
 	// Each subnet is in a matching zone (e.g "subnet-#" in "zone#").
 	testing.AddSubnetsWithTemplate(c, s.State, 3, state.SubnetInfo{
-		CIDR:              "10.10.{{.}}.0/24",
-		ProviderId:        "subnet-{{.}}",
-		AllocatableIPLow:  "{{if (eq . 1)}}10.10.{{.}}.5{{end}}",
-		AllocatableIPHigh: "{{if (eq . 1)}}10.10.{{.}}.254{{end}}",
-		AvailabilityZone:  "zone{{.}}",
-		SpaceName:         "{{if (eq . 0)}}space1{{else}}space2{{end}}",
-		VLANTag:           42,
+		CIDR:             "10.10.{{.}}.0/24",
+		ProviderId:       "subnet-{{.}}",
+		AvailabilityZone: "zone{{.}}",
+		SpaceName:        "{{if (eq . 0)}}space1{{else}}space2{{end}}",
+		VLANTag:          42,
 	})
 }
 
@@ -227,11 +236,16 @@
 	result, err := s.provisioner.ProvisioningInfo(args)
 	c.Assert(err, jc.ErrorIsNil)
 
+	controllerCfg := coretesting.FakeControllerConfig()
+	// Dummy provider uses a random port, which is added to cfg used to create environment.
+	apiPort := dummy.ApiPort(s.Environ.Provider())
+	controllerCfg["api-port"] = apiPort
 	expected := params.ProvisioningInfoResults{
 		Results: []params.ProvisioningInfoResult{{
 			Result: &params.ProvisioningInfo{
-				Series: "quantal",
-				Jobs:   []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
+				ControllerConfig: controllerCfg,
+				Series:           "quantal",
+				Jobs:             []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 				Tags: map[string]string{
 					tags.JujuController:    coretesting.ModelTag.Id(),
 					tags.JujuModel:         coretesting.ModelTag.Id(),
@@ -310,13 +324,18 @@
 	result, err := s.provisioner.ProvisioningInfo(args)
 	c.Assert(err, jc.ErrorIsNil)
 
+	controllerCfg := coretesting.FakeControllerConfig()
+	// Dummy provider uses a random port, which is added to cfg used to create environment.
+	apiPort := dummy.ApiPort(s.Environ.Provider())
+	controllerCfg["api-port"] = apiPort
 	c.Assert(result, jc.DeepEquals, params.ProvisioningInfoResults{
 		Results: []params.ProvisioningInfoResult{
 			{Result: &params.ProvisioningInfo{
-				Series:      "quantal",
-				Constraints: template.Constraints,
-				Placement:   template.Placement,
-				Jobs:        []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
+				ControllerConfig: controllerCfg,
+				Series:           "quantal",
+				Constraints:      template.Constraints,
+				Placement:        template.Placement,
+				Jobs:             []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 				Tags: map[string]string{
 					tags.JujuController: coretesting.ModelTag.Id(),
 					tags.JujuModel:      coretesting.ModelTag.Id(),
@@ -352,25 +371,30 @@
 
 	args := params.Entities{Entities: []params.Entity{
 		{Tag: s.machines[0].Tag().String()},
-		{Tag: s.machines[0].Tag().String() + "-lxc-0"},
+		{Tag: s.machines[0].Tag().String() + "-lxd-0"},
 		{Tag: "machine-42"},
 		{Tag: s.machines[1].Tag().String()},
-		{Tag: "service-bar"},
+		{Tag: "application-bar"},
 	}}
 
 	// Only machine 0 and containers therein can be accessed.
 	results, err := aProvisioner.ProvisioningInfo(args)
+	controllerCfg := coretesting.FakeControllerConfig()
+	// Dummy provider uses a random port, which is added to cfg used to create environment.
+	apiPort := dummy.ApiPort(s.Environ.Provider())
+	controllerCfg["api-port"] = apiPort
 	c.Assert(results, jc.DeepEquals, params.ProvisioningInfoResults{
 		Results: []params.ProvisioningInfoResult{
 			{Result: &params.ProvisioningInfo{
-				Series: "quantal",
-				Jobs:   []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
+				ControllerConfig: controllerCfg,
+				Series:           "quantal",
+				Jobs:             []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 				Tags: map[string]string{
 					tags.JujuController: coretesting.ModelTag.Id(),
 					tags.JujuModel:      coretesting.ModelTag.Id(),
 				},
 			}},
-			{Error: apiservertesting.NotFoundError("machine 0/lxc/0")},
+			{Error: apiservertesting.NotFoundError("machine 0/lxd/0")},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,9 +12,9 @@
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/watcher"
-	"github.com/juju/names"
 	"github.com/juju/utils/proxy"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 )
 
 // Backend defines the state methods this facade needs, so they can be
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/proxyupdater/proxyupdater_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/read_only_calls.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/read_only_calls.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/read_only_calls.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/read_only_calls.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,15 +17,18 @@
 	"Action.ListPending",
 	"Action.ListRunning",
 	"Action.ListCompleted",
-	"Action.ServicesCharmActions",
+	"Action.ApplicationsCharmsActions",
+	"AllWatcher.Next",
 	"Annotations.Get",
+	"Application.GetConstraints",
+	"Application.CharmRelations",
+	"Application.Get",
 	"Block.List",
 	"Charms.CharmInfo",
 	"Charms.IsMetered",
 	"Charms.List",
 	"Client.AgentVersion",
 	"Client.APIHostPorts",
-	"Client.CharmInfo",
 	"Client.ModelGet",
 	"Client.ModelInfo",
 	"Client.ModelUserInfo",
@@ -43,12 +46,12 @@
 	// Status is so old it shouldn't be used.
 	"Client.StatusHistory",
 	"Client.WatchAll",
+	"Cloud.Cloud",
+	"Cloud.Credentials",
 	// TODO: add controller work.
 	"KeyManager.ListKeys",
 	"ModelManager.ModelInfo",
-	"Service.GetConstraints",
-	"Service.CharmRelations",
-	"Service.Get",
+	"Pinger.Ping",
 	"Spaces.ListSpaces",
 	"Storage.ListStorageDetails",
 	"Storage.ListFilesystems",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/read_only_calls_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/read_only_calls_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/read_only_calls_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/read_only_calls_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -50,7 +50,7 @@
 	}{
 		{"Action", "Actions"},
 		{"Client", "FullStatus"},
-		{"Service", "Get"},
+		{"Application", "Get"},
 		{"Storage", "ListStorageDetails"},
 	} {
 		c.Logf("check %s.%s", test.facade, test.method)
@@ -64,7 +64,7 @@
 		method string
 	}{
 		{"Client", "UnknownMethod"},
-		{"Service", "Deploy"},
+		{"Application", "Deploy"},
 		{"UnknownFacade", "List"},
 	} {
 		c.Logf("check %s.%s", test.facade, test.method)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/reboot/reboot.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/reboot/reboot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/reboot/reboot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/reboot/reboot.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/reboot/reboot_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/reboot/reboot_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/reboot/reboot_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/reboot/reboot_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -90,7 +90,7 @@
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 
-	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	nestedContainer, err := s.State.AddMachineInsideMachine(template, container.Id(), instance.KVM)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/registration.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/registration.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/registration.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/registration.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,8 +12,8 @@
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"golang.org/x/crypto/nacl/secretbox"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/registration_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/registration_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/registration_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/registration_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -133,7 +133,7 @@
 
 func (s *registrationSuite) TestRegisterInvalidUserTag(c *gc.C) {
 	s.testInvalidRequest(
-		c, `{"user": "service-bob"}`, `"service-bob" is not a valid user tag`, "",
+		c, `{"user": "application-bob"}`, `"application-bob" is not a valid user tag`, "",
 		http.StatusInternalServerError,
 	)
 }
@@ -174,7 +174,7 @@
 	ciphertext := s.sealBox(c, validNonce, s.bob.SecretKey(), "[]")
 	s.testInvalidRequest(c,
 		fmt.Sprintf(
-			`{"user": "user-bob", "nonce": "%s", "ciphertext": "%s"}`,
+			`{"user": "user-bob", "nonce": "%s", "cipher-text": "%s"}`,
 			base64.StdEncoding.EncodeToString(validNonce),
 			base64.StdEncoding.EncodeToString(ciphertext),
 		),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/restoring_root_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/restoring_root_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/restoring_root_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/restoring_root_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,7 +30,7 @@
 func (r *restoreRootSuite) TestNothingAllowedMethodWhenPreparing(c *gc.C) {
 	root := apiserver.TestingRestoreInProgressRoot(nil)
 
-	caller, err := root.FindMethod("Service", 3, "Deploy")
+	caller, err := root.FindMethod("Application", 1, "Deploy")
 
 	c.Assert(err, gc.ErrorMatches, "juju restore is in progress - Juju api is off to prevent data loss")
 	c.Assert(caller, gc.IsNil)
@@ -39,7 +39,7 @@
 func (r *restoreRootSuite) TestFindDisallowedMethodWhenPreparing(c *gc.C) {
 	root := apiserver.TestingAboutToRestoreRoot(nil)
 
-	caller, err := root.FindMethod("Service", 3, "Deploy")
+	caller, err := root.FindMethod("Application", 1, "Deploy")
 
 	c.Assert(err, gc.ErrorMatches, "juju restore is in progress - Juju functionality is limited to avoid data loss")
 	c.Assert(caller, gc.IsNil)
@@ -48,7 +48,7 @@
 func (r *restoreRootSuite) TestFindDisallowedMethodWhenRestoring(c *gc.C) {
 	root := apiserver.TestingRestoreInProgressRoot(nil)
 
-	caller, err := root.FindMethod("Service", 3, "Deploy")
+	caller, err := root.FindMethod("Application", 1, "Deploy")
 
 	c.Assert(err, gc.ErrorMatches, "juju restore is in progress - Juju api is off to prevent data loss")
 	c.Assert(caller, gc.IsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/restricted_root.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/restricted_root.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/restricted_root.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/restricted_root.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,9 @@
 
 // newRestrictedRoot returns a new restrictedRoot.
 func newRestrictedRoot(finder rpc.MethodFinder) *restrictedRoot {
-	return &restrictedRoot{finder}
+	return &restrictedRoot{
+		MethodFinder: finder,
+	}
 }
 
 // The restrictedRootNames are the root names that can be accessed at the root
@@ -28,6 +30,7 @@
 var restrictedRootNames = set.NewStrings(
 	"AllModelWatcher",
 	"Controller",
+	"Cloud",
 	"MigrationTarget",
 	"ModelManager",
 	"UserManager",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/restricted_root_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/restricted_root_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/restricted_root_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/restricted_root_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -43,10 +43,10 @@
 	r.assertMethodAllowed(c, "UserManager", 1, "SetPassword")
 	r.assertMethodAllowed(c, "UserManager", 1, "UserInfo")
 
-	r.assertMethodAllowed(c, "Controller", 2, "AllModels")
-	r.assertMethodAllowed(c, "Controller", 2, "DestroyController")
-	r.assertMethodAllowed(c, "Controller", 2, "ModelConfig")
-	r.assertMethodAllowed(c, "Controller", 2, "ListBlockedModels")
+	r.assertMethodAllowed(c, "Controller", 3, "AllModels")
+	r.assertMethodAllowed(c, "Controller", 3, "DestroyController")
+	r.assertMethodAllowed(c, "Controller", 3, "ModelConfig")
+	r.assertMethodAllowed(c, "Controller", 3, "ListBlockedModels")
 }
 
 func (r *restrictedRootSuite) TestFindDisallowedMethod(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/retrystrategy/retrystrategy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -66,9 +66,9 @@
 }
 
 func (s *retryStrategySuite) TestRetryStrategyUnauthenticated(c *gc.C) {
-	svc, err := s.unit.Service()
+	svc, err := s.unit.Application()
 	c.Assert(err, jc.ErrorIsNil)
-	otherUnit := s.factory.MakeUnit(c, &jujufactory.UnitParams{Service: svc})
+	otherUnit := s.factory.MakeUnit(c, &jujufactory.UnitParams{Application: svc})
 	args := params.Entities{Entities: []params.Entity{{otherUnit.Tag().String()}}}
 
 	res, err := s.strategy.RetryStrategy(args)
@@ -127,9 +127,9 @@
 }
 
 func (s *retryStrategySuite) TestWatchRetryStrategyUnauthenticated(c *gc.C) {
-	svc, err := s.unit.Service()
+	svc, err := s.unit.Application()
 	c.Assert(err, jc.ErrorIsNil)
-	otherUnit := s.factory.MakeUnit(c, &jujufactory.UnitParams{Service: svc})
+	otherUnit := s.factory.MakeUnit(c, &jujufactory.UnitParams{Application: svc})
 	args := params.Entities{Entities: []params.Entity{{otherUnit.Tag().String()}}}
 
 	res, err := s.strategy.WatchRetryStrategy(args)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/root.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/root.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/root.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/root.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -56,7 +56,7 @@
 var _ = (*apiHandler)(nil)
 
 // newApiHandler returns a new apiHandler.
-func newApiHandler(srv *Server, st *state.State, rpcConn *rpc.Conn, reqNotifier *requestNotifier, modelUUID string) (*apiHandler, error) {
+func newApiHandler(srv *Server, st *state.State, rpcConn *rpc.Conn, modelUUID string) (*apiHandler, error) {
 	r := &apiHandler{
 		state:     st,
 		resources: common.NewResources(),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/root_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/root_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/root_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/root_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"sync"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver"
 	"github.com/juju/juju/apiserver/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/server_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/server_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/server_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/server_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,18 +7,16 @@
 	"crypto/tls"
 	"crypto/x509"
 	"fmt"
-	"io"
 	"net"
 	"net/http"
 
-	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"golang.org/x/net/websocket"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
 	"gopkg.in/macaroon-bakery.v1/bakerytest"
@@ -27,13 +25,14 @@
 	"github.com/juju/juju/api"
 	apimachiner "github.com/juju/juju/api/machiner"
 	"github.com/juju/juju/apiserver"
+	"github.com/juju/juju/apiserver/observer"
+	"github.com/juju/juju/apiserver/observer/fakeobserver"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cert"
-	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/controller"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/mongo/mongotest"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/rpc"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/presence"
 	coretesting "github.com/juju/juju/testing"
@@ -80,12 +79,10 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	_, err = apimachiner.NewState(st).Machine(machine.MachineTag())
-	err = errors.Cause(err)
-	// The client has not necessarily seen the server shutdown yet,
-	// so there are two possible errors.
-	if err != rpc.ErrShutdown && err != io.ErrUnexpectedEOF {
-		c.Fatalf("unexpected error from request: %#v, expected rpc.ErrShutdown or io.ErrUnexpectedEOF", err)
-	}
+	// The client has not necessarily seen the server shutdown yet, so there
+	// are multiple possible errors. All we should care about is that there is
+	// an error, not what the error actually is.
+	c.Assert(err, gc.NotNil)
 
 	// Check it can be stopped twice.
 	err = srv.Stop()
@@ -334,8 +331,8 @@
 
 func (s *macaroonServerSuite) SetUpTest(c *gc.C) {
 	s.discharger = bakerytest.NewDischarger(nil, noCheck)
-	s.ConfigAttrs = map[string]interface{}{
-		config.IdentityURL: s.discharger.Location(),
+	s.ControllerConfigAttrs = map[string]interface{}{
+		controller.IdentityURL: s.discharger.Location(),
 	}
 	s.JujuConnSuite.SetUpTest(c)
 }
@@ -384,9 +381,9 @@
 	s.discharger = bakerytest.NewDischarger(nil, noCheck)
 	wrongKey, err := bakery.GenerateKey()
 	c.Assert(err, gc.IsNil)
-	s.ConfigAttrs = map[string]interface{}{
-		config.IdentityURL:       s.discharger.Location(),
-		config.IdentityPublicKey: wrongKey.Public.String(),
+	s.ControllerConfigAttrs = map[string]interface{}{
+		controller.IdentityURL:       s.discharger.Location(),
+		controller.IdentityPublicKey: wrongKey.Public.String(),
 	}
 	s.JujuConnSuite.SetUpTest(c)
 }
@@ -453,10 +450,11 @@
 	listener, err := net.Listen("tcp", ":0")
 	c.Assert(err, jc.ErrorIsNil)
 	srv, err := apiserver.NewServer(st, listener, apiserver.ServerConfig{
-		Cert:   []byte(coretesting.ServerCert),
-		Key:    []byte(coretesting.ServerKey),
-		Tag:    names.NewMachineTag("0"),
-		LogDir: c.MkDir(),
+		Cert:        []byte(coretesting.ServerCert),
+		Key:         []byte(coretesting.ServerKey),
+		Tag:         names.NewMachineTag("0"),
+		LogDir:      c.MkDir(),
+		NewObserver: func() observer.Observer { return &fakeobserver.Instance{} },
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	return srv
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/charmstore.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/charmstore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/charmstore.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/charmstore.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,291 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"io"
-	"net/url"
-	"os"
-
-	"github.com/juju/errors"
-	"github.com/juju/utils"
-	"github.com/juju/version"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-	"gopkg.in/macaroon.v1"
-
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/state"
-	jujuversion "github.com/juju/juju/version"
-)
-
-// TODO - we really want to avoid this, which we can do by refactoring code requiring this
-// to use interfaces.
-// NewCharmStoreRepo instantiates a new charm store repository.
-// It is exported for testing purposes.
-var NewCharmStoreRepo = newCharmStoreFromClient
-
-func newCharmStoreFromClient(csClient *csclient.Client) charmrepo.Interface {
-	return charmrepo.NewCharmStoreFromClient(csClient)
-}
-
-// AddCharmWithAuthorization adds the given charm URL (which must include revision) to
-// the environment, if it does not exist yet. Local charms are not
-// supported, only charm store URLs. See also AddLocalCharm().
-//
-// The authorization macaroon, args.CharmStoreMacaroon, may be
-// omitted, in which case this call is equivalent to AddCharm.
-func AddCharmWithAuthorization(st *state.State, args params.AddCharmWithAuthorization) error {
-	charmURL, err := charm.ParseURL(args.URL)
-	if err != nil {
-		return err
-	}
-	if charmURL.Schema != "cs" {
-		return fmt.Errorf("only charm store charm URLs are supported, with cs: schema")
-	}
-	if charmURL.Revision < 0 {
-		return fmt.Errorf("charm URL must include revision")
-	}
-
-	// First, check if a pending or a real charm exists in state.
-	stateCharm, err := st.PrepareStoreCharmUpload(charmURL)
-	if err != nil {
-		return err
-	}
-	if stateCharm.IsUploaded() {
-		// Charm already in state (it was uploaded already).
-		return nil
-	}
-
-	// Open a charm store client.
-	repo, err := openCSRepo(args)
-	if err != nil {
-		return err
-	}
-	envConfig, err := st.ModelConfig()
-	if err != nil {
-		return err
-	}
-	repo = config.SpecializeCharmRepo(repo, envConfig).(*charmrepo.CharmStore)
-
-	// Get the charm and its information from the store.
-	downloadedCharm, err := repo.Get(charmURL)
-	if err != nil {
-		cause := errors.Cause(err)
-		if httpbakery.IsDischargeError(cause) || httpbakery.IsInteractionError(cause) {
-			return errors.NewUnauthorized(err, "")
-		}
-		return errors.Trace(err)
-	}
-
-	if err := checkMinVersion(downloadedCharm); err != nil {
-		return errors.Trace(err)
-	}
-
-	// Open it and calculate the SHA256 hash.
-	downloadedBundle, ok := downloadedCharm.(*charm.CharmArchive)
-	if !ok {
-		return errors.Errorf("expected a charm archive, got %T", downloadedCharm)
-	}
-	archive, err := os.Open(downloadedBundle.Path)
-	if err != nil {
-		return errors.Annotate(err, "cannot read downloaded charm")
-	}
-	defer archive.Close()
-	bundleSHA256, size, err := utils.ReadSHA256(archive)
-	if err != nil {
-		return errors.Annotate(err, "cannot calculate SHA256 hash of charm")
-	}
-	if _, err := archive.Seek(0, 0); err != nil {
-		return errors.Annotate(err, "cannot rewind charm archive")
-	}
-
-	ca := CharmArchive{
-		ID:     charmURL,
-		Charm:  downloadedCharm,
-		Data:   archive,
-		Size:   size,
-		SHA256: bundleSHA256,
-	}
-	if args.CharmStoreMacaroon != nil {
-		ca.Macaroon = macaroon.Slice{args.CharmStoreMacaroon}
-	}
-
-	// Store the charm archive in environment storage.
-	return StoreCharmArchive(st, ca)
-}
-
-func openCSRepo(args params.AddCharmWithAuthorization) (charmrepo.Interface, error) {
-	csClient, err := openCSClient(args)
-	if err != nil {
-		return nil, err
-	}
-	repo := NewCharmStoreRepo(csClient)
-	return repo, nil
-}
-
-func openCSClient(args params.AddCharmWithAuthorization) (*csclient.Client, error) {
-	csURL, err := url.Parse(csclient.ServerURL)
-	if err != nil {
-		return nil, err
-	}
-	csParams := csclient.Params{
-		URL:        csURL.String(),
-		HTTPClient: httpbakery.NewHTTPClient(),
-	}
-
-	if args.CharmStoreMacaroon != nil {
-		// Set the provided charmstore authorizing macaroon
-		// as a cookie in the HTTP client.
-		// TODO(cmars) discharge any third party caveats in the macaroon.
-		ms := []*macaroon.Macaroon{args.CharmStoreMacaroon}
-		httpbakery.SetCookie(csParams.HTTPClient.Jar, csURL, ms)
-	}
-	csClient := csclient.New(csParams)
-	channel := csparams.Channel(args.Channel)
-	if channel != csparams.NoChannel {
-		csClient = csClient.WithChannel(channel)
-	}
-	return csClient, nil
-}
-
-func checkMinVersion(ch charm.Charm) error {
-	minver := ch.Meta().MinJujuVersion
-	if minver != version.Zero && minver.Compare(jujuversion.Current) > 0 {
-		return minVersionError(minver, jujuversion.Current)
-	}
-	return nil
-}
-
-type minJujuVersionErr struct {
-	*errors.Err
-}
-
-func minVersionError(minver, jujuver version.Number) error {
-	err := errors.NewErr("charm's min version (%s) is higher than this juju environment's version (%s)",
-		minver, jujuver)
-	err.SetLocation(1)
-	return minJujuVersionErr{&err}
-}
-
-// CharmArchive is the data that needs to be stored for a charm archive in
-// state.
-type CharmArchive struct {
-	// ID is the charm URL for which we're storing the archive.
-	ID *charm.URL
-
-	// Charm is the metadata about the charm for the archive.
-	Charm charm.Charm
-
-	// Data contains the bytes of the archive.
-	Data io.Reader
-
-	// Size is the number of bytes in Data.
-	Size int64
-
-	// SHA256 is the hash of the bytes in Data.
-	SHA256 string
-
-	// Macaroon is the authorization macaroon for accessing the charmstore.
-	Macaroon macaroon.Slice
-}
-
-// StoreCharmArchive stores a charm archive in environment storage.
-func StoreCharmArchive(st *state.State, archive CharmArchive) error {
-	storage := newStateStorage(st.ModelUUID(), st.MongoSession())
-	storagePath, err := charmArchiveStoragePath(archive.ID)
-	if err != nil {
-		return errors.Annotate(err, "cannot generate charm archive name")
-	}
-	if err := storage.Put(storagePath, archive.Data, archive.Size); err != nil {
-		return errors.Annotate(err, "cannot add charm to storage")
-	}
-
-	info := state.CharmInfo{
-		Charm:       archive.Charm,
-		ID:          archive.ID,
-		StoragePath: storagePath,
-		SHA256:      archive.SHA256,
-		Macaroon:    archive.Macaroon,
-	}
-
-	// Now update the charm data in state and mark it as no longer pending.
-	_, err = st.UpdateUploadedCharm(info)
-	if err != nil {
-		alreadyUploaded := err == state.ErrCharmRevisionAlreadyModified ||
-			errors.Cause(err) == state.ErrCharmRevisionAlreadyModified ||
-			state.IsCharmAlreadyUploadedError(err)
-		if err := storage.Remove(storagePath); err != nil {
-			if alreadyUploaded {
-				logger.Errorf("cannot remove duplicated charm archive from storage: %v", err)
-			} else {
-				logger.Errorf("cannot remove unsuccessfully recorded charm archive from storage: %v", err)
-			}
-		}
-		if alreadyUploaded {
-			// Somebody else managed to upload and update the charm in
-			// state before us. This is not an error.
-			return nil
-		}
-	}
-	return nil
-}
-
-// charmArchiveStoragePath returns a string that is suitable as a
-// storage path, using a random UUID to avoid colliding with concurrent
-// uploads.
-func charmArchiveStoragePath(curl *charm.URL) (string, error) {
-	uuid, err := utils.NewUUID()
-	if err != nil {
-		return "", err
-	}
-	return fmt.Sprintf("charms/%s-%s", curl.String(), uuid), nil
-}
-
-// ResolveCharm resolves the best available charm URLs with series, for charm
-// locations without a series specified.
-func ResolveCharms(st *state.State, args params.ResolveCharms) (params.ResolveCharmResults, error) {
-	var results params.ResolveCharmResults
-
-	envConfig, err := st.ModelConfig()
-	if err != nil {
-		return params.ResolveCharmResults{}, err
-	}
-	repo := config.SpecializeCharmRepo(
-		NewCharmStoreRepo(csclient.New(csclient.Params{})),
-		envConfig)
-
-	for _, ref := range args.References {
-		result := params.ResolveCharmResult{}
-		curl, err := resolveCharm(&ref, repo)
-		if err != nil {
-			result.Error = err.Error()
-		} else {
-			result.URL = curl
-		}
-		results.URLs = append(results.URLs, result)
-	}
-	return results, nil
-}
-
-func resolveCharm(ref *charm.URL, repo charmrepo.Interface) (*charm.URL, error) {
-	if ref.Schema != "cs" {
-		return nil, fmt.Errorf("only charm store charm references are supported, with cs: schema")
-	}
-
-	// Resolve the charm location with the repository.
-	resolved, _, err := repo.Resolve(ref)
-	if err != nil {
-		return nil, err
-	}
-	if resolved.Series == "" {
-		return nil, errors.Errorf("no series found in charm URL %q", resolved)
-	}
-	return resolved.WithRevision(ref.Revision), nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,16 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import "github.com/juju/errors"
-
-var (
-	ParseSettingsCompatible = parseSettingsCompatible
-	NewStateStorage         = &newStateStorage
-)
-
-func IsMinJujuVersionError(err error) bool {
-	_, ok := errors.Cause(err).(minJujuVersionErr)
-	return ok
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/get.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/get.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/get.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,61 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/constraints"
-)
-
-// Get returns the configuration for a service.
-func (api *API) Get(args params.ServiceGet) (params.ServiceGetResults, error) {
-	service, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return params.ServiceGetResults{}, err
-	}
-	settings, err := service.ConfigSettings()
-	if err != nil {
-		return params.ServiceGetResults{}, err
-	}
-	charm, _, err := service.Charm()
-	if err != nil {
-		return params.ServiceGetResults{}, err
-	}
-	configInfo := describe(settings, charm.Config())
-	var constraints constraints.Value
-	if service.IsPrincipal() {
-		constraints, err = service.Constraints()
-		if err != nil {
-			return params.ServiceGetResults{}, err
-		}
-	}
-	return params.ServiceGetResults{
-		Service:     args.ServiceName,
-		Charm:       charm.Meta().Name,
-		Config:      configInfo,
-		Constraints: constraints,
-	}, nil
-}
-
-func describe(settings charm.Settings, config *charm.Config) map[string]interface{} {
-	results := make(map[string]interface{})
-	for name, option := range config.Options {
-		info := map[string]interface{}{
-			"description": option.Description,
-			"type":        option.Type,
-		}
-		if value := settings[name]; value != nil {
-			info["value"] = value
-		} else {
-			if option.Default != nil {
-				info["value"] = option.Default
-			}
-			info["default"] = true
-		}
-		results[name] = info
-	}
-	return results
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/get_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/get_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/get_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/get_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,209 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"fmt"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/apiserver/service"
-	apiservertesting "github.com/juju/juju/apiserver/testing"
-	"github.com/juju/juju/constraints"
-	jujutesting "github.com/juju/juju/juju/testing"
-)
-
-type getSuite struct {
-	jujutesting.JujuConnSuite
-
-	serviceApi *service.API
-	authorizer apiservertesting.FakeAuthorizer
-}
-
-var _ = gc.Suite(&getSuite{})
-
-func (s *getSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-
-	s.authorizer = apiservertesting.FakeAuthorizer{
-		Tag: s.AdminUserTag(c),
-	}
-	var err error
-	s.serviceApi, err = service.NewAPI(s.State, nil, s.authorizer)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *getSuite) TestClientServiceGetSmoketest(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	results, err := s.serviceApi.Get(params.ServiceGet{"wordpress"})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results, gc.DeepEquals, params.ServiceGetResults{
-		Service: "wordpress",
-		Charm:   "wordpress",
-		Config: map[string]interface{}{
-			"blog-title": map[string]interface{}{
-				"type":        "string",
-				"value":       "My Title",
-				"description": "A descriptive title used for the blog.",
-				"default":     true,
-			},
-		},
-	})
-}
-
-func (s *getSuite) TestServiceGetUnknownService(c *gc.C) {
-	_, err := s.serviceApi.Get(params.ServiceGet{"unknown"})
-	c.Assert(err, gc.ErrorMatches, `service "unknown" not found`)
-}
-
-var getTests = []struct {
-	about       string
-	charm       string
-	constraints string
-	config      charm.Settings
-	expect      params.ServiceGetResults
-}{{
-	about:       "deployed service",
-	charm:       "dummy",
-	constraints: "mem=2G cpu-power=400",
-	config: charm.Settings{
-		// Different from default.
-		"title": "Look To Windward",
-		// Same as default.
-		"username": "admin001",
-		// Use default (but there's no charm default)
-		"skill-level": nil,
-		// Outlook is left unset.
-	},
-	expect: params.ServiceGetResults{
-		Config: map[string]interface{}{
-			"title": map[string]interface{}{
-				"description": "A descriptive title used for the service.",
-				"type":        "string",
-				"value":       "Look To Windward",
-			},
-			"outlook": map[string]interface{}{
-				"description": "No default outlook.",
-				"type":        "string",
-				"default":     true,
-			},
-			"username": map[string]interface{}{
-				"description": "The name of the initial account (given admin permissions).",
-				"type":        "string",
-				"value":       "admin001",
-			},
-			"skill-level": map[string]interface{}{
-				"description": "A number indicating skill.",
-				"type":        "int",
-				"default":     true,
-			},
-		},
-	},
-}, {
-	about: "deployed service  #2",
-	charm: "dummy",
-	config: charm.Settings{
-		// Set title to default.
-		"title": nil,
-		// Value when there's a default.
-		"username": "foobie",
-		// Numeric value.
-		"skill-level": 0,
-		// String value.
-		"outlook": "phlegmatic",
-	},
-	expect: params.ServiceGetResults{
-		Config: map[string]interface{}{
-			"title": map[string]interface{}{
-				"description": "A descriptive title used for the service.",
-				"type":        "string",
-				"value":       "My Title",
-				"default":     true,
-			},
-			"outlook": map[string]interface{}{
-				"description": "No default outlook.",
-				"type":        "string",
-				"value":       "phlegmatic",
-			},
-			"username": map[string]interface{}{
-				"description": "The name of the initial account (given admin permissions).",
-				"type":        "string",
-				"value":       "foobie",
-			},
-			"skill-level": map[string]interface{}{
-				"description": "A number indicating skill.",
-				"type":        "int",
-				// TODO(jam): 2013-08-28 bug #1217742
-				// we have to use float64() here, because the
-				// API does not preserve int types. This used
-				// to be int64() but we end up with a type
-				// mismatch when comparing the content
-				"value": float64(0),
-			},
-		},
-	},
-}, {
-	about: "subordinate service",
-	charm: "logging",
-	expect: params.ServiceGetResults{
-		Config: map[string]interface{}{},
-	},
-}}
-
-func (s *getSuite) TestServiceGet(c *gc.C) {
-	for i, t := range getTests {
-		c.Logf("test %d. %s", i, t.about)
-		ch := s.AddTestingCharm(c, t.charm)
-		svc := s.AddTestingService(c, fmt.Sprintf("test%d", i), ch)
-
-		var constraintsv constraints.Value
-		if t.constraints != "" {
-			constraintsv = constraints.MustParse(t.constraints)
-			err := svc.SetConstraints(constraintsv)
-			c.Assert(err, jc.ErrorIsNil)
-		}
-		if t.config != nil {
-			err := svc.UpdateConfigSettings(t.config)
-			c.Assert(err, jc.ErrorIsNil)
-		}
-		expect := t.expect
-		expect.Constraints = constraintsv
-		expect.Service = svc.Name()
-		expect.Charm = ch.Meta().Name
-		client := apiservice.NewClient(s.APIState)
-		got, err := client.Get(svc.Name())
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(*got, gc.DeepEquals, expect)
-	}
-}
-
-func (s *getSuite) TestGetMaxResolutionInt(c *gc.C) {
-	// See the bug http://pad.lv/1217742
-	// Get ends up pushing a map[string]interface{} which containts
-	// an int64 through a JSON Marshal & Unmarshal which ends up changing
-	// the int64 into a float64. We will fix it if we find it is actually a
-	// problem.
-	const nonFloatInt = (int64(1) << 54) + 1
-	const asFloat = float64(nonFloatInt)
-	c.Assert(int64(asFloat), gc.Not(gc.Equals), nonFloatInt)
-	c.Assert(int64(asFloat)+1, gc.Equals, nonFloatInt)
-
-	ch := s.AddTestingCharm(c, "dummy")
-	svc := s.AddTestingService(c, "test-service", ch)
-
-	err := svc.UpdateConfigSettings(map[string]interface{}{"skill-level": nonFloatInt})
-	c.Assert(err, jc.ErrorIsNil)
-	client := apiservice.NewClient(s.APIState)
-	got, err := client.Get(svc.Name())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(got.Config["skill-level"], jc.DeepEquals, map[string]interface{}{
-		"description": "A number indicating skill.",
-		"type":        "int",
-		"value":       asFloat,
-	})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	stdtesting "testing"
-
-	"github.com/juju/juju/testing"
-)
-
-func TestAll(t *stdtesting.T) {
-	testing.MgoTestPackage(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/service.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/service.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,588 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// Package service contains api calls for functionality
-// related to deploying and managing services and their
-// related charms.
-package service
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"gopkg.in/juju/charm.v6-unstable"
-	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	goyaml "gopkg.in/yaml.v2"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/instance"
-	jjj "github.com/juju/juju/juju"
-	"github.com/juju/juju/state"
-	statestorage "github.com/juju/juju/state/storage"
-)
-
-var (
-	logger = loggo.GetLogger("juju.apiserver.service")
-
-	newStateStorage = statestorage.NewStorage
-)
-
-func init() {
-	common.RegisterStandardFacade("Service", 3, NewAPI)
-}
-
-// Service defines the methods on the service API end point.
-type Service interface {
-	SetMetricCredentials(args params.ServiceMetricCredentials) (params.ErrorResults, error)
-}
-
-// API implements the service interface and is the concrete
-// implementation of the api end point.
-type API struct {
-	check      *common.BlockChecker
-	state      *state.State
-	authorizer common.Authorizer
-}
-
-// NewAPI returns a new service API facade.
-func NewAPI(
-	st *state.State,
-	resources *common.Resources,
-	authorizer common.Authorizer,
-) (*API, error) {
-	if !authorizer.AuthClient() {
-		return nil, common.ErrPerm
-	}
-
-	return &API{
-		state:      st,
-		authorizer: authorizer,
-		check:      common.NewBlockChecker(st),
-	}, nil
-}
-
-// SetMetricCredentials sets credentials on the service.
-func (api *API) SetMetricCredentials(args params.ServiceMetricCredentials) (params.ErrorResults, error) {
-	result := params.ErrorResults{
-		Results: make([]params.ErrorResult, len(args.Creds)),
-	}
-	if len(args.Creds) == 0 {
-		return result, nil
-	}
-	for i, a := range args.Creds {
-		service, err := api.state.Service(a.ServiceName)
-		if err != nil {
-			result.Results[i].Error = common.ServerError(err)
-			continue
-		}
-		err = service.SetMetricCredentials(a.MetricCredentials)
-		if err != nil {
-			result.Results[i].Error = common.ServerError(err)
-		}
-	}
-	return result, nil
-}
-
-// Deploy fetches the charms from the charm store and deploys them
-// using the specified placement directives.
-func (api *API) Deploy(args params.ServicesDeploy) (params.ErrorResults, error) {
-	result := params.ErrorResults{
-		Results: make([]params.ErrorResult, len(args.Services)),
-	}
-	if err := api.check.ChangeAllowed(); err != nil {
-		return result, errors.Trace(err)
-	}
-	owner := api.authorizer.GetAuthTag().String()
-	for i, arg := range args.Services {
-		err := deployService(api.state, owner, arg)
-		result.Results[i].Error = common.ServerError(err)
-	}
-	return result, nil
-}
-
-// DeployService fetches the charm from the charm store and deploys it.
-// The logic has been factored out into a common function which is called by
-// both the legacy API on the client facade, as well as the new service facade.
-func deployService(st *state.State, owner string, args params.ServiceDeploy) error {
-	curl, err := charm.ParseURL(args.CharmUrl)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	if curl.Revision < 0 {
-		return errors.Errorf("charm url must include revision")
-	}
-
-	// Do a quick but not complete validation check before going any further.
-	for _, p := range args.Placement {
-		if p.Scope != instance.MachineScope {
-			continue
-		}
-		_, err = st.Machine(p.Directive)
-		if err != nil {
-			return errors.Annotatef(err, `cannot deploy "%v" to machine %v`, args.ServiceName, p.Directive)
-		}
-	}
-
-	// Try to find the charm URL in state first.
-	ch, err := st.Charm(curl)
-	// TODO(wallyworld) - remove for 2.0 beta4
-	if errors.IsNotFound(err) {
-		// Clients written to expect 1.16 compatibility require this next block.
-		if curl.Schema != "cs" {
-			return errors.Errorf(`charm url has unsupported schema %q`, curl.Schema)
-		}
-		if err = AddCharmWithAuthorization(st, params.AddCharmWithAuthorization{
-			URL: args.CharmUrl,
-		}); err == nil {
-			ch, err = st.Charm(curl)
-		}
-	}
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	if err := checkMinVersion(ch); err != nil {
-		return errors.Trace(err)
-	}
-
-	var settings charm.Settings
-	if len(args.ConfigYAML) > 0 {
-		settings, err = ch.Config().ParseSettingsYAML([]byte(args.ConfigYAML), args.ServiceName)
-	} else if len(args.Config) > 0 {
-		// Parse config in a compatible way (see function comment).
-		settings, err = parseSettingsCompatible(ch, args.Config)
-	}
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	channel := csparams.Channel(args.Channel)
-
-	_, err = jjj.DeployService(st,
-		jjj.DeployServiceParams{
-			ServiceName: args.ServiceName,
-			Series:      args.Series,
-			// TODO(dfc) ServiceOwner should be a tag
-			ServiceOwner:     owner,
-			Charm:            ch,
-			Channel:          channel,
-			NumUnits:         args.NumUnits,
-			ConfigSettings:   settings,
-			Constraints:      args.Constraints,
-			Placement:        args.Placement,
-			Storage:          args.Storage,
-			EndpointBindings: args.EndpointBindings,
-			Resources:        args.Resources,
-		})
-	return errors.Trace(err)
-}
-
-// ServiceSetSettingsStrings updates the settings for the given service,
-// taking the configuration from a map of strings.
-func ServiceSetSettingsStrings(service *state.Service, settings map[string]string) error {
-	ch, _, err := service.Charm()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	// Parse config in a compatible way (see function comment).
-	changes, err := parseSettingsCompatible(ch, settings)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	return service.UpdateConfigSettings(changes)
-}
-
-// parseSettingsCompatible parses setting strings in a way that is
-// compatible with the behavior before this CL based on the issue
-// http://pad.lv/1194945. Until then setting an option to an empty
-// string caused it to reset to the default value. We now allow
-// empty strings as actual values, but we want to preserve the API
-// behavior.
-func parseSettingsCompatible(ch *state.Charm, settings map[string]string) (charm.Settings, error) {
-	setSettings := map[string]string{}
-	unsetSettings := charm.Settings{}
-	// Split settings into those which set and those which unset a value.
-	for name, value := range settings {
-		if value == "" {
-			unsetSettings[name] = nil
-			continue
-		}
-		setSettings[name] = value
-	}
-	// Validate the settings.
-	changes, err := ch.Config().ParseSettingsStrings(setSettings)
-	if err != nil {
-		return nil, err
-	}
-	// Validate the unsettings and merge them into the changes.
-	unsetSettings, err = ch.Config().ValidateSettings(unsetSettings)
-	if err != nil {
-		return nil, err
-	}
-	for name := range unsetSettings {
-		changes[name] = nil
-	}
-	return changes, nil
-}
-
-// Update updates the service attributes, including charm URL,
-// minimum number of units, settings and constraints.
-// All parameters in params.ServiceUpdate except the service name are optional.
-func (api *API) Update(args params.ServiceUpdate) error {
-	if !args.ForceCharmUrl {
-		if err := api.check.ChangeAllowed(); err != nil {
-			return errors.Trace(err)
-		}
-	}
-	svc, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	// Set the charm for the given service.
-	if args.CharmUrl != "" {
-		// For now we do not support changing the channel through Update().
-		// TODO(ericsnow) Support it?
-		channel := svc.Channel()
-		if err = api.serviceSetCharm(svc, args.CharmUrl, channel, args.ForceSeries, args.ForceCharmUrl, nil); err != nil {
-			return errors.Trace(err)
-		}
-	}
-	// Set the minimum number of units for the given service.
-	if args.MinUnits != nil {
-		if err = svc.SetMinUnits(*args.MinUnits); err != nil {
-			return errors.Trace(err)
-		}
-	}
-	// Set up service's settings.
-	if args.SettingsYAML != "" {
-		if err = serviceSetSettingsYAML(svc, args.SettingsYAML); err != nil {
-			return errors.Annotate(err, "setting configuration from YAML")
-		}
-	} else if len(args.SettingsStrings) > 0 {
-		if err = ServiceSetSettingsStrings(svc, args.SettingsStrings); err != nil {
-			return errors.Trace(err)
-		}
-	}
-	// Update service's constraints.
-	if args.Constraints != nil {
-		return svc.SetConstraints(*args.Constraints)
-	}
-	return nil
-}
-
-// SetCharm sets the charm for a given service.
-func (api *API) SetCharm(args params.ServiceSetCharm) error {
-	// when forced units in error, don't block
-	if !args.ForceUnits {
-		if err := api.check.ChangeAllowed(); err != nil {
-			return errors.Trace(err)
-		}
-	}
-	service, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	channel := csparams.Channel(args.Channel)
-	return api.serviceSetCharm(service, args.CharmUrl, channel, args.ForceSeries, args.ForceUnits, args.ResourceIDs)
-}
-
-// serviceSetCharm sets the charm for the given service.
-func (api *API) serviceSetCharm(service *state.Service, url string, channel csparams.Channel, forceSeries, forceUnits bool, resourceIDs map[string]string) error {
-	curl, err := charm.ParseURL(url)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	sch, err := api.state.Charm(curl)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	cfg := state.SetCharmConfig{
-		Charm:       sch,
-		Channel:     channel,
-		ForceSeries: forceSeries,
-		ForceUnits:  forceUnits,
-		ResourceIDs: resourceIDs,
-	}
-	return service.SetCharm(cfg)
-}
-
-// settingsYamlFromGetYaml will parse a yaml produced by juju get and generate
-// charm.Settings from it that can then be sent to the service.
-func settingsFromGetYaml(yamlContents map[string]interface{}) (charm.Settings, error) {
-	onlySettings := charm.Settings{}
-	settingsMap, ok := yamlContents["settings"].(map[interface{}]interface{})
-	if !ok {
-		return nil, errors.New("unknown format for settings")
-	}
-
-	for setting := range settingsMap {
-		s, ok := settingsMap[setting].(map[interface{}]interface{})
-		if !ok {
-			return nil, errors.Errorf("unknown format for settings section %v", setting)
-		}
-		// some keys might not have a value, we don't care about those.
-		v, ok := s["value"]
-		if !ok {
-			continue
-		}
-		stringSetting, ok := setting.(string)
-		if !ok {
-			return nil, errors.Errorf("unexpected setting key, expected string got %T", setting)
-		}
-		onlySettings[stringSetting] = v
-	}
-	return onlySettings, nil
-}
-
-// serviceSetSettingsYAML updates the settings for the given service,
-// taking the configuration from a YAML string.
-func serviceSetSettingsYAML(service *state.Service, settings string) error {
-	b := []byte(settings)
-	var all map[string]interface{}
-	if err := goyaml.Unmarshal(b, &all); err != nil {
-		return errors.Annotate(err, "parsing settings data")
-	}
-	// The file is already in the right format.
-	if _, ok := all[service.Name()]; !ok {
-		changes, err := settingsFromGetYaml(all)
-		if err != nil {
-			return errors.Annotate(err, "processing YAML generated by get")
-		}
-		return errors.Annotate(service.UpdateConfigSettings(changes), "updating settings with service YAML")
-	}
-
-	ch, _, err := service.Charm()
-	if err != nil {
-		return errors.Annotate(err, "obtaining charm for this service")
-	}
-
-	changes, err := ch.Config().ParseSettingsYAML(b, service.Name())
-	if err != nil {
-		return errors.Annotate(err, "creating config from YAML")
-	}
-	return errors.Annotate(service.UpdateConfigSettings(changes), "updating settings")
-}
-
-// GetCharmURL returns the charm URL the given service is
-// running at present.
-func (api *API) GetCharmURL(args params.ServiceGet) (params.StringResult, error) {
-	service, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return params.StringResult{}, err
-	}
-	charmURL, _ := service.CharmURL()
-	return params.StringResult{Result: charmURL.String()}, nil
-}
-
-// Set implements the server side of Service.Set.
-// It does not unset values that are set to an empty string.
-// Unset should be used for that.
-func (api *API) Set(p params.ServiceSet) error {
-	if err := api.check.ChangeAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	svc, err := api.state.Service(p.ServiceName)
-	if err != nil {
-		return err
-	}
-	ch, _, err := svc.Charm()
-	if err != nil {
-		return err
-	}
-	// Validate the settings.
-	changes, err := ch.Config().ParseSettingsStrings(p.Options)
-	if err != nil {
-		return err
-	}
-
-	return svc.UpdateConfigSettings(changes)
-
-}
-
-// Unset implements the server side of Client.Unset.
-func (api *API) Unset(p params.ServiceUnset) error {
-	if err := api.check.ChangeAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	svc, err := api.state.Service(p.ServiceName)
-	if err != nil {
-		return err
-	}
-	settings := make(charm.Settings)
-	for _, option := range p.Options {
-		settings[option] = nil
-	}
-	return svc.UpdateConfigSettings(settings)
-}
-
-// CharmRelations implements the server side of Service.CharmRelations.
-func (api *API) CharmRelations(p params.ServiceCharmRelations) (params.ServiceCharmRelationsResults, error) {
-	var results params.ServiceCharmRelationsResults
-	service, err := api.state.Service(p.ServiceName)
-	if err != nil {
-		return results, err
-	}
-	endpoints, err := service.Endpoints()
-	if err != nil {
-		return results, err
-	}
-	results.CharmRelations = make([]string, len(endpoints))
-	for i, endpoint := range endpoints {
-		results.CharmRelations[i] = endpoint.Relation.Name
-	}
-	return results, nil
-}
-
-// Expose changes the juju-managed firewall to expose any ports that
-// were also explicitly marked by units as open.
-func (api *API) Expose(args params.ServiceExpose) error {
-	if err := api.check.ChangeAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	svc, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return err
-	}
-	return svc.SetExposed()
-}
-
-// Unexpose changes the juju-managed firewall to unexpose any ports that
-// were also explicitly marked by units as open.
-func (api *API) Unexpose(args params.ServiceUnexpose) error {
-	if err := api.check.ChangeAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	svc, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return err
-	}
-	return svc.ClearExposed()
-}
-
-// addServiceUnits adds a given number of units to a service.
-func addServiceUnits(st *state.State, args params.AddServiceUnits) ([]*state.Unit, error) {
-	service, err := st.Service(args.ServiceName)
-	if err != nil {
-		return nil, err
-	}
-	if args.NumUnits < 1 {
-		return nil, errors.New("must add at least one unit")
-	}
-	return jjj.AddUnits(st, service, args.NumUnits, args.Placement)
-}
-
-// AddUnits adds a given number of units to a service.
-func (api *API) AddUnits(args params.AddServiceUnits) (params.AddServiceUnitsResults, error) {
-	if err := api.check.ChangeAllowed(); err != nil {
-		return params.AddServiceUnitsResults{}, errors.Trace(err)
-	}
-	units, err := addServiceUnits(api.state, args)
-	if err != nil {
-		return params.AddServiceUnitsResults{}, err
-	}
-	unitNames := make([]string, len(units))
-	for i, unit := range units {
-		unitNames[i] = unit.String()
-	}
-	return params.AddServiceUnitsResults{Units: unitNames}, nil
-}
-
-// DestroyUnits removes a given set of service units.
-func (api *API) DestroyUnits(args params.DestroyServiceUnits) error {
-	if err := api.check.RemoveAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	var errs []string
-	for _, name := range args.UnitNames {
-		unit, err := api.state.Unit(name)
-		switch {
-		case errors.IsNotFound(err):
-			err = errors.Errorf("unit %q does not exist", name)
-		case err != nil:
-		case unit.Life() != state.Alive:
-			continue
-		case unit.IsPrincipal():
-			err = unit.Destroy()
-		default:
-			err = errors.Errorf("unit %q is a subordinate", name)
-		}
-		if err != nil {
-			errs = append(errs, err.Error())
-		}
-	}
-	return common.DestroyErr("units", args.UnitNames, errs)
-}
-
-// Destroy destroys a given service.
-func (api *API) Destroy(args params.ServiceDestroy) error {
-	if err := api.check.RemoveAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	svc, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return err
-	}
-	return svc.Destroy()
-}
-
-// GetConstraints returns the constraints for a given service.
-func (api *API) GetConstraints(args params.GetServiceConstraints) (params.GetConstraintsResults, error) {
-	svc, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return params.GetConstraintsResults{}, err
-	}
-	cons, err := svc.Constraints()
-	return params.GetConstraintsResults{cons}, err
-}
-
-// SetConstraints sets the constraints for a given service.
-func (api *API) SetConstraints(args params.SetConstraints) error {
-	if err := api.check.ChangeAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	svc, err := api.state.Service(args.ServiceName)
-	if err != nil {
-		return err
-	}
-	return svc.SetConstraints(args.Constraints)
-}
-
-// AddRelation adds a relation between the specified endpoints and returns the relation info.
-func (api *API) AddRelation(args params.AddRelation) (params.AddRelationResults, error) {
-	if err := api.check.ChangeAllowed(); err != nil {
-		return params.AddRelationResults{}, errors.Trace(err)
-	}
-	inEps, err := api.state.InferEndpoints(args.Endpoints...)
-	if err != nil {
-		return params.AddRelationResults{}, err
-	}
-	rel, err := api.state.AddRelation(inEps...)
-	if err != nil {
-		return params.AddRelationResults{}, err
-	}
-	outEps := make(map[string]charm.Relation)
-	for _, inEp := range inEps {
-		outEp, err := rel.Endpoint(inEp.ServiceName)
-		if err != nil {
-			return params.AddRelationResults{}, err
-		}
-		outEps[inEp.ServiceName] = outEp.Relation
-	}
-	return params.AddRelationResults{Endpoints: outEps}, nil
-}
-
-// DestroyRelation removes the relation between the specified endpoints.
-func (api *API) DestroyRelation(args params.DestroyRelation) error {
-	if err := api.check.RemoveAllowed(); err != nil {
-		return errors.Trace(err)
-	}
-	eps, err := api.state.InferEndpoints(args.Endpoints...)
-	if err != nil {
-		return err
-	}
-	rel, err := api.state.EndpointsRelation(eps...)
-	if err != nil {
-		return err
-	}
-	return rel.Destroy()
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/service/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/service/service_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,2737 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"fmt"
-	"io"
-	"regexp"
-	"sync"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/macaroon.v1"
-	"gopkg.in/mgo.v2"
-
-	commontesting "github.com/juju/juju/apiserver/common/testing"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/apiserver/service"
-	apiservertesting "github.com/juju/juju/apiserver/testing"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/instance"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/state"
-	statestorage "github.com/juju/juju/state/storage"
-	"github.com/juju/juju/status"
-	"github.com/juju/juju/storage"
-	"github.com/juju/juju/storage/poolmanager"
-	"github.com/juju/juju/storage/provider"
-	"github.com/juju/juju/storage/provider/registry"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing/factory"
-	jujuversion "github.com/juju/juju/version"
-)
-
-type serviceSuite struct {
-	jujutesting.JujuConnSuite
-	apiservertesting.CharmStoreSuite
-	commontesting.BlockHelper
-
-	serviceApi *service.API
-	service    *state.Service
-	authorizer apiservertesting.FakeAuthorizer
-}
-
-var _ = gc.Suite(&serviceSuite{})
-
-var _ service.Service = (*service.API)(nil)
-
-func (s *serviceSuite) SetUpSuite(c *gc.C) {
-	s.CharmStoreSuite.SetUpSuite(c)
-	s.JujuConnSuite.SetUpSuite(c)
-}
-
-func (s *serviceSuite) TearDownSuite(c *gc.C) {
-	s.CharmStoreSuite.TearDownSuite(c)
-	s.JujuConnSuite.TearDownSuite(c)
-}
-
-func (s *serviceSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-	s.CharmStoreSuite.Session = s.JujuConnSuite.Session
-	s.CharmStoreSuite.SetUpTest(c)
-	s.BlockHelper = commontesting.NewBlockHelper(s.APIState)
-	s.AddCleanup(func(*gc.C) { s.BlockHelper.Close() })
-
-	s.service = s.Factory.MakeService(c, nil)
-
-	s.authorizer = apiservertesting.FakeAuthorizer{
-		Tag: s.AdminUserTag(c),
-	}
-	var err error
-	s.serviceApi, err = service.NewAPI(s.State, nil, s.authorizer)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) TearDownTest(c *gc.C) {
-	s.CharmStoreSuite.TearDownTest(c)
-	s.JujuConnSuite.TearDownTest(c)
-}
-
-func (s *serviceSuite) TestSetMetricCredentials(c *gc.C) {
-	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-	wordpress := s.Factory.MakeService(c, &factory.ServiceParams{
-		Charm: charm,
-	})
-	tests := []struct {
-		about   string
-		args    params.ServiceMetricCredentials
-		results params.ErrorResults
-	}{
-		{
-			"test one argument and it passes",
-			params.ServiceMetricCredentials{[]params.ServiceMetricCredential{{
-				s.service.Name(),
-				[]byte("creds 1234"),
-			}}},
-			params.ErrorResults{[]params.ErrorResult{{Error: nil}}},
-		},
-		{
-			"test two arguments and both pass",
-			params.ServiceMetricCredentials{[]params.ServiceMetricCredential{
-				{
-					s.service.Name(),
-					[]byte("creds 1234"),
-				},
-				{
-					wordpress.Name(),
-					[]byte("creds 4567"),
-				},
-			}},
-			params.ErrorResults{[]params.ErrorResult{
-				{Error: nil},
-				{Error: nil},
-			}},
-		},
-		{
-			"test two arguments and second one fails",
-			params.ServiceMetricCredentials{[]params.ServiceMetricCredential{
-				{
-					s.service.Name(),
-					[]byte("creds 1234"),
-				},
-				{
-					"not-a-service",
-					[]byte("creds 4567"),
-				},
-			}},
-			params.ErrorResults{[]params.ErrorResult{
-				{Error: nil},
-				{Error: &params.Error{Message: `service "not-a-service" not found`, Code: "not found"}},
-			}},
-		},
-	}
-	for i, t := range tests {
-		c.Logf("Running test %d %v", i, t.about)
-		results, err := s.serviceApi.SetMetricCredentials(t.args)
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(results.Results, gc.HasLen, len(t.results.Results))
-		c.Assert(results, gc.DeepEquals, t.results)
-
-		for i, a := range t.args.Creds {
-			if t.results.Results[i].Error == nil {
-				svc, err := s.State.Service(a.ServiceName)
-				c.Assert(err, jc.ErrorIsNil)
-				creds := svc.MetricCredentials()
-				c.Assert(creds, gc.DeepEquals, a.MetricCredentials)
-			}
-		}
-	}
-}
-
-func (s *serviceSuite) TestCompatibleSettingsParsing(c *gc.C) {
-	// Test the exported settings parsing in a compatible way.
-	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	svc, err := s.State.Service("dummy")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, _, err := svc.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL().String(), gc.Equals, "local:quantal/dummy-1")
-
-	// Empty string will be returned as nil.
-	options := map[string]string{
-		"title":    "foobar",
-		"username": "",
-	}
-	settings, err := service.ParseSettingsCompatible(ch, options)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title":    "foobar",
-		"username": nil,
-	})
-
-	// Illegal settings lead to an error.
-	options = map[string]string{
-		"yummy": "didgeridoo",
-	}
-	_, err = service.ParseSettingsCompatible(ch, options)
-	c.Assert(err, gc.ErrorMatches, `unknown option "yummy"`)
-}
-
-func setupStoragePool(c *gc.C, st *state.State) {
-	pm := poolmanager.New(state.NewStateSettings(st))
-	_, err := pm.Create("loop-pool", provider.LoopProviderType, map[string]interface{}{})
-	c.Assert(err, jc.ErrorIsNil)
-	err = st.UpdateModelConfig(map[string]interface{}{
-		"storage-default-block-source": "loop-pool",
-	}, nil, nil)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) TestServiceDeployWithStorage(c *gc.C) {
-	setupStoragePool(c, s.State)
-	curl, ch := s.UploadCharm(c, "utopic/storage-block-10", "storage-block")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	storageConstraints := map[string]storage.Constraints{
-		"data": {
-			Count: 1,
-			Size:  1024,
-			Pool:  "loop-pool",
-		},
-	}
-
-	var cons constraints.Value
-	args := params.ServiceDeploy{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		NumUnits:    1,
-		Constraints: cons,
-		Storage:     storageConstraints,
-	}
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{args}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results, gc.DeepEquals, params.ErrorResults{
-		Results: []params.ErrorResult{{Error: nil}},
-	})
-	svc := apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "service", curl, false, ch, cons)
-	storageConstraintsOut, err := svc.StorageConstraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(storageConstraintsOut, gc.DeepEquals, map[string]state.StorageConstraints{
-		"data": {
-			Count: 1,
-			Size:  1024,
-			Pool:  "loop-pool",
-		},
-		"allecto": {
-			Count: 0,
-			Size:  1024,
-			Pool:  "loop",
-		},
-	})
-}
-
-func (s *serviceSuite) TestMinJujuVersionTooHigh(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "quantal/minjujuversion-0", "minjujuversion")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	match := fmt.Sprintf(`charm's min version (999.999.999) is higher than this juju environment's version (%s)`, jujuversion.Current)
-	c.Assert(err, gc.ErrorMatches, regexp.QuoteMeta(match))
-}
-
-func (s *serviceSuite) TestServiceDeployWithInvalidStoragePool(c *gc.C) {
-	setupStoragePool(c, s.State)
-	curl, _ := s.UploadCharm(c, "utopic/storage-block-0", "storage-block")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	storageConstraints := map[string]storage.Constraints{
-		"data": storage.Constraints{
-			Pool:  "foo",
-			Count: 1,
-			Size:  1024,
-		},
-	}
-
-	var cons constraints.Value
-	args := params.ServiceDeploy{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		NumUnits:    1,
-		Constraints: cons,
-		Storage:     storageConstraints,
-	}
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{args}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.ErrorMatches, `.* pool "foo" not found`)
-}
-
-func (s *serviceSuite) TestServiceDeployWithUnsupportedStoragePool(c *gc.C) {
-	registry.RegisterProvider("hostloop", &mockStorageProvider{kind: storage.StorageKindBlock})
-	pm := poolmanager.New(state.NewStateSettings(s.State))
-	_, err := pm.Create("host-loop-pool", provider.HostLoopProviderType, map[string]interface{}{})
-	c.Assert(err, jc.ErrorIsNil)
-
-	curl, _ := s.UploadCharm(c, "utopic/storage-block-0", "storage-block")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	storageConstraints := map[string]storage.Constraints{
-		"data": storage.Constraints{
-			Pool:  "host-loop-pool",
-			Count: 1,
-			Size:  1024,
-		},
-	}
-
-	var cons constraints.Value
-	args := params.ServiceDeploy{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		NumUnits:    1,
-		Constraints: cons,
-		Storage:     storageConstraints,
-	}
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{args}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.ErrorMatches,
-		`.*pool "host-loop-pool" uses storage provider "hostloop" which is not supported for models of type "dummy"`)
-}
-
-func (s *serviceSuite) TestServiceDeployDefaultFilesystemStorage(c *gc.C) {
-	setupStoragePool(c, s.State)
-	curl, ch := s.UploadCharm(c, "trusty/storage-filesystem-1", "storage-filesystem")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	var cons constraints.Value
-	args := params.ServiceDeploy{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		NumUnits:    1,
-		Constraints: cons,
-	}
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{args}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results, gc.DeepEquals, params.ErrorResults{
-		Results: []params.ErrorResult{{Error: nil}},
-	})
-	svc := apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "service", curl, false, ch, cons)
-	storageConstraintsOut, err := svc.StorageConstraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(storageConstraintsOut, gc.DeepEquals, map[string]state.StorageConstraints{
-		"data": {
-			Count: 1,
-			Size:  1024,
-			Pool:  "rootfs",
-		},
-	})
-}
-
-func (s *serviceSuite) TestServiceDeploy(c *gc.C) {
-	curl, ch := s.UploadCharm(c, "precise/dummy-42", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	var cons constraints.Value
-	args := params.ServiceDeploy{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		NumUnits:    1,
-		Constraints: cons,
-		Placement: []*instance.Placement{
-			{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "valid"},
-		},
-	}
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{args}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results, gc.DeepEquals, params.ErrorResults{
-		Results: []params.ErrorResult{{Error: nil}},
-	})
-	svc := apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "service", curl, false, ch, cons)
-	units, err := svc.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(units, gc.HasLen, 1)
-}
-
-func (s *serviceSuite) TestServiceDeployWithInvalidPlacement(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-42", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	var cons constraints.Value
-	args := params.ServiceDeploy{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		NumUnits:    1,
-		Constraints: cons,
-		Placement: []*instance.Placement{
-			{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "invalid"},
-		},
-	}
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{args}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.NotNil)
-	c.Assert(results.Results[0].Error.Error(), gc.Matches, ".* invalid placement is invalid")
-}
-
-func (s *serviceSuite) testClientServicesDeployWithBindings(c *gc.C, endpointBindings, expected map[string]string) {
-	curl, _ := s.UploadCharm(c, "utopic/riak-42", "riak")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	var cons constraints.Value
-	args := params.ServiceDeploy{
-		ServiceName:      "service",
-		CharmUrl:         curl.String(),
-		NumUnits:         1,
-		Constraints:      cons,
-		EndpointBindings: endpointBindings,
-	}
-
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{args}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-
-	service, err := s.State.Service(args.ServiceName)
-	c.Assert(err, jc.ErrorIsNil)
-
-	retrievedBindings, err := service.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(retrievedBindings, jc.DeepEquals, expected)
-}
-
-func (s *serviceSuite) TestClientServicesDeployWithBindings(c *gc.C) {
-	s.State.AddSpace("a-space", "", nil, true)
-	expected := map[string]string{
-		"endpoint": "a-space",
-		"ring":     "",
-		"admin":    "",
-	}
-	endpointBindings := map[string]string{"endpoint": "a-space"}
-	s.testClientServicesDeployWithBindings(c, endpointBindings, expected)
-}
-
-func (s *serviceSuite) TestClientServicesDeployWithDefaultBindings(c *gc.C) {
-	expected := map[string]string{
-		"endpoint": "",
-		"ring":     "",
-		"admin":    "",
-	}
-	s.testClientServicesDeployWithBindings(c, nil, expected)
-}
-
-// TODO(wallyworld) - the following charm tests have been moved from the apiserver/client
-// package in order to use the fake charm store testing infrastructure. They are legacy tests
-// written to use the api client instead of the apiserver logic. They need to be rewritten and
-// feature tests added.
-
-func (s *serviceSuite) TestAddCharm(c *gc.C) {
-	var blobs blobs
-	s.PatchValue(service.NewStateStorage, func(uuid string, session *mgo.Session) statestorage.Storage {
-		storage := statestorage.NewStorage(uuid, session)
-		return &recordingStorage{Storage: storage, blobs: &blobs}
-	})
-
-	client := s.APIState.Client()
-	// First test the sanity checks.
-	err := client.AddCharm(&charm.URL{Name: "nonsense"}, csparams.StableChannel)
-	c.Assert(err, gc.ErrorMatches, `cannot parse charm or bundle URL: ":nonsense-0"`)
-	err = client.AddCharm(charm.MustParseURL("local:precise/dummy"), csparams.StableChannel)
-	c.Assert(err, gc.ErrorMatches, "only charm store charm URLs are supported, with cs: schema")
-	err = client.AddCharm(charm.MustParseURL("cs:precise/wordpress"), csparams.StableChannel)
-	c.Assert(err, gc.ErrorMatches, "charm URL must include revision")
-
-	// Add a charm, without uploading it to storage, to
-	// check that AddCharm does not try to do it.
-	charmDir := testcharms.Repo.CharmDir("dummy")
-	ident := fmt.Sprintf("%s-%d", charmDir.Meta().Name, charmDir.Revision())
-	curl := charm.MustParseURL("cs:quantal/" + ident)
-	info := state.CharmInfo{
-		Charm:       charmDir,
-		ID:          curl,
-		StoragePath: "",
-		SHA256:      ident + "-sha256",
-	}
-	sch, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// AddCharm should see the charm in state and not upload it.
-	err = client.AddCharm(sch.URL(), csparams.StableChannel)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(blobs.m, gc.HasLen, 0)
-
-	// Now try adding another charm completely.
-	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
-	err = client.AddCharm(curl, csparams.StableChannel)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Verify it's in state and it got uploaded.
-	storage := statestorage.NewStorage(s.State.ModelUUID(), s.State.MongoSession())
-	sch, err = s.State.Charm(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertUploaded(c, storage, sch.StoragePath(), sch.BundleSha256())
-}
-
-func (s *serviceSuite) TestAddCharmWithAuthorization(c *gc.C) {
-	// Upload a new charm to the charm store.
-	curl, _ := s.UploadCharm(c, "cs:~restricted/precise/wordpress-3", "wordpress")
-
-	// Change permissions on the new charm such that only bob
-	// can read from it.
-	s.DischargeUser = "restricted"
-	err := s.Client.Put("/"+curl.Path()+"/meta/perm/read", []string{"bob"})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Try to add a charm to the environment without authorization.
-	s.DischargeUser = ""
-	err = s.APIState.Client().AddCharm(curl, csparams.StableChannel)
-	c.Assert(err, gc.ErrorMatches, `cannot retrieve charm "cs:~restricted/precise/wordpress-3": cannot get archive: cannot get discharge from "https://.*": third party refused discharge: cannot discharge: discharge denied \(unauthorized access\)`)
-
-	tryAs := func(user string) error {
-		client := csclient.New(csclient.Params{
-			URL: s.Srv.URL,
-		})
-		s.DischargeUser = user
-		var m *macaroon.Macaroon
-		err = client.Get("/delegatable-macaroon", &m)
-		c.Assert(err, gc.IsNil)
-
-		return service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-			URL:     curl.String(),
-			Channel: string(csparams.StableChannel),
-		})
-	}
-	// Try again with authorization for the wrong user.
-	err = tryAs("joe")
-	c.Assert(err, gc.ErrorMatches, `cannot retrieve charm "cs:~restricted/precise/wordpress-3": cannot get archive: unauthorized: access denied for user "joe"`)
-
-	// Try again with the correct authorization this time.
-	err = tryAs("bob")
-	c.Assert(err, gc.IsNil)
-
-	// Verify that it has actually been uploaded.
-	_, err = s.State.Charm(curl)
-	c.Assert(err, gc.IsNil)
-}
-
-func (s *serviceSuite) TestAddCharmConcurrently(c *gc.C) {
-	var putBarrier sync.WaitGroup
-	var blobs blobs
-	s.PatchValue(service.NewStateStorage, func(uuid string, session *mgo.Session) statestorage.Storage {
-		storage := statestorage.NewStorage(uuid, session)
-		return &recordingStorage{Storage: storage, blobs: &blobs, putBarrier: &putBarrier}
-	})
-
-	client := s.APIState.Client()
-	curl, _ := s.UploadCharm(c, "trusty/wordpress-3", "wordpress")
-
-	// Try adding the same charm concurrently from multiple goroutines
-	// to test no "duplicate key errors" are reported (see lp bug
-	// #1067979) and also at the end only one charm document is
-	// created.
-
-	var wg sync.WaitGroup
-	// We don't add them 1-by-1 because that would allow each goroutine to
-	// finish separately without actually synchronizing between them
-	putBarrier.Add(10)
-	for i := 0; i < 10; i++ {
-		wg.Add(1)
-		go func(index int) {
-			defer wg.Done()
-
-			c.Assert(client.AddCharm(curl, csparams.StableChannel), gc.IsNil, gc.Commentf("goroutine %d", index))
-			sch, err := s.State.Charm(curl)
-			c.Assert(err, gc.IsNil, gc.Commentf("goroutine %d", index))
-			c.Assert(sch.URL(), jc.DeepEquals, curl, gc.Commentf("goroutine %d", index))
-		}(i)
-	}
-	wg.Wait()
-
-	blobs.Lock()
-
-	c.Assert(blobs.m, gc.HasLen, 10)
-
-	// Verify there is only a single uploaded charm remains and it
-	// contains the correct data.
-	sch, err := s.State.Charm(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	storagePath := sch.StoragePath()
-	c.Assert(blobs.m[storagePath], jc.IsTrue)
-	for path, exists := range blobs.m {
-		if path != storagePath {
-			c.Assert(exists, jc.IsFalse)
-		}
-	}
-
-	storage := statestorage.NewStorage(s.State.ModelUUID(), s.State.MongoSession())
-	s.assertUploaded(c, storage, sch.StoragePath(), sch.BundleSha256())
-}
-
-func (s *serviceSuite) assertUploaded(c *gc.C, storage statestorage.Storage, storagePath, expectedSHA256 string) {
-	reader, _, err := storage.Get(storagePath)
-	c.Assert(err, jc.ErrorIsNil)
-	defer reader.Close()
-	downloadedSHA256, _, err := utils.ReadSHA256(reader)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(downloadedSHA256, gc.Equals, expectedSHA256)
-}
-
-func (s *serviceSuite) TestAddCharmOverwritesPlaceholders(c *gc.C) {
-	client := s.APIState.Client()
-	curl, _ := s.UploadCharm(c, "trusty/wordpress-42", "wordpress")
-
-	// Add a placeholder with the same charm URL.
-	err := s.State.AddStoreCharmPlaceholder(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.Charm(curl)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-
-	// Now try to add the charm, which will convert the placeholder to
-	// a pending charm.
-	err = client.AddCharm(curl, csparams.StableChannel)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Make sure the document's flags were reset as expected.
-	sch, err := s.State.Charm(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(sch.URL(), jc.DeepEquals, curl)
-	c.Assert(sch.IsPlaceholder(), jc.IsFalse)
-	c.Assert(sch.IsUploaded(), jc.IsTrue)
-}
-
-func (s *serviceSuite) TestServiceGetCharmURL(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	result, err := s.serviceApi.GetCharmURL(params.ServiceGet{"wordpress"})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.Error, gc.IsNil)
-	c.Assert(result.Result, gc.Equals, "local:quantal/wordpress-3")
-}
-
-func (s *serviceSuite) TestServiceSetCharm(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    3,
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure that the charm is not marked as forced.
-	service, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	charm, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(charm.URL().String(), gc.Equals, curl.String())
-	c.Assert(force, jc.IsFalse)
-}
-
-func (s *serviceSuite) setupServiceSetCharm(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    3,
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) assertServiceSetCharm(c *gc.C, forceUnits bool) {
-	err := s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    "cs:~who/precise/wordpress-3",
-		ForceUnits:  forceUnits,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	// Ensure that the charm is not marked as forced.
-	service, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	charm, _, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(charm.URL().String(), gc.Equals, "cs:~who/precise/wordpress-3")
-}
-
-func (s *serviceSuite) assertServiceSetCharmBlocked(c *gc.C, msg string) {
-	err := s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    "cs:~who/precise/wordpress-3",
-	})
-	s.AssertBlocked(c, err, msg)
-}
-
-func (s *serviceSuite) TestBlockDestroyServiceSetCharm(c *gc.C) {
-	s.setupServiceSetCharm(c)
-	s.BlockDestroyModel(c, "TestBlockDestroyServiceSetCharm")
-	s.assertServiceSetCharm(c, false)
-}
-
-func (s *serviceSuite) TestBlockRemoveServiceSetCharm(c *gc.C) {
-	s.setupServiceSetCharm(c)
-	s.BlockRemoveObject(c, "TestBlockRemoveServiceSetCharm")
-	s.assertServiceSetCharm(c, false)
-}
-
-func (s *serviceSuite) TestBlockChangesServiceSetCharm(c *gc.C) {
-	s.setupServiceSetCharm(c)
-	s.BlockAllChanges(c, "TestBlockChangesServiceSetCharm")
-	s.assertServiceSetCharmBlocked(c, "TestBlockChangesServiceSetCharm")
-}
-
-func (s *serviceSuite) TestServiceSetCharmForceUnits(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    3,
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	curl, _ = s.UploadCharm(c, "precise/wordpress-3", "wordpress")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		ForceUnits:  true,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure that the charm is marked as forced.
-	service, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	charm, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(charm.URL().String(), gc.Equals, curl.String())
-	c.Assert(force, jc.IsTrue)
-}
-
-func (s *serviceSuite) TestBlockServiceSetCharmForce(c *gc.C) {
-	s.setupServiceSetCharm(c)
-
-	// block all changes
-	s.BlockAllChanges(c, "TestBlockServiceSetCharmForce")
-	s.BlockRemoveObject(c, "TestBlockServiceSetCharmForce")
-	s.BlockDestroyModel(c, "TestBlockServiceSetCharmForce")
-
-	s.assertServiceSetCharm(c, true)
-}
-
-func (s *serviceSuite) TestServiceSetCharmInvalidService(c *gc.C) {
-	err := s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "badservice",
-		CharmUrl:    "cs:precise/wordpress-3",
-		ForceSeries: true,
-		ForceUnits:  true,
-	})
-	c.Assert(err, gc.ErrorMatches, `service "badservice" not found`)
-}
-
-func (s *serviceSuite) TestServiceAddCharmErrors(c *gc.C) {
-	for url, expect := range map[string]string{
-		"wordpress":                   "charm URL must include revision",
-		"cs:wordpress":                "charm URL must include revision",
-		"cs:precise/wordpress":        "charm URL must include revision",
-		"cs:precise/wordpress-999999": `cannot retrieve "cs:precise/wordpress-999999": charm not found`,
-	} {
-		c.Logf("test %s", url)
-		err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-			URL: url,
-		})
-		c.Check(err, gc.ErrorMatches, expect)
-	}
-}
-
-func (s *serviceSuite) TestServiceSetCharmLegacy(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	curl, _ = s.UploadCharm(c, "trusty/dummy-1", "dummy")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Even with forceSeries = true, we can't change a charm where
-	// the series is sepcified in the URL.
-	err = s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		ForceSeries: true,
-	})
-	c.Assert(err, gc.ErrorMatches, "cannot change a service's series")
-}
-
-func (s *serviceSuite) TestServiceSetCharmUnsupportedSeries(c *gc.C) {
-	curl, _ := s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			Series:      "precise",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	curl, _ = s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series2")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-	})
-	c.Assert(err, gc.ErrorMatches, "cannot upgrade charm, only these series are supported: trusty, wily")
-}
-
-func (s *serviceSuite) assertServiceSetCharmSeries(c *gc.C, upgradeCharm, series string) {
-	curl, _ := s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			Series:      "precise",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-
-	url := upgradeCharm
-	if series != "" {
-		url = series + "/" + upgradeCharm
-	}
-	curl, _ = s.UploadCharmMultiSeries(c, "~who/"+url, upgradeCharm)
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		ForceSeries: true,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	svc, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, _, err := svc.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL().String(), gc.Equals, "cs:~who/"+url+"-0")
-}
-
-func (s *serviceSuite) TestServiceSetCharmUnsupportedSeriesForce(c *gc.C) {
-	s.assertServiceSetCharmSeries(c, "multi-series2", "")
-}
-
-func (s *serviceSuite) TestServiceSetCharmNoExplicitSupportedSeries(c *gc.C) {
-	s.assertServiceSetCharmSeries(c, "dummy", "precise")
-}
-
-func (s *serviceSuite) TestServiceSetCharmWrongOS(c *gc.C) {
-	curl, _ := s.UploadCharmMultiSeries(c, "~who/multi-series", "multi-series")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			Series:      "precise",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	curl, _ = s.UploadCharmMultiSeries(c, "~who/multi-series-windows", "multi-series-windows")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-		ForceSeries: true,
-	})
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade charm, OS "Ubuntu" not supported by charm`)
-}
-
-type testModeCharmRepo struct {
-	*charmrepo.CharmStore
-	testMode bool
-}
-
-// WithTestMode returns a repository Interface where test mode is enabled.
-func (s *testModeCharmRepo) WithTestMode() charmrepo.Interface {
-	s.testMode = true
-	return s.CharmStore.WithTestMode()
-}
-
-func (s *serviceSuite) TestSpecializeStoreOnDeployServiceSetCharmAndAddCharm(c *gc.C) {
-	repo := &testModeCharmRepo{}
-	s.PatchValue(&csclient.ServerURL, s.Srv.URL)
-	newCharmStoreRepo := service.NewCharmStoreRepo
-	s.PatchValue(&service.NewCharmStoreRepo, func(c *csclient.Client) charmrepo.Interface {
-		repo.CharmStore = newCharmStoreRepo(c).(*charmrepo.CharmStore)
-		return repo
-	})
-	attrs := map[string]interface{}{"test-mode": true}
-	err := s.State.UpdateModelConfig(attrs, nil, nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check that the store's test mode is enabled when calling service Deploy.
-	curl, _ := s.UploadCharm(c, "trusty/dummy-1", "dummy")
-	err = service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    3,
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	c.Assert(repo.testMode, jc.IsTrue)
-
-	// Check that the store's test mode is enabled when calling SetCharm.
-	curl, _ = s.UploadCharm(c, "trusty/wordpress-2", "wordpress")
-	err = s.serviceApi.SetCharm(params.ServiceSetCharm{
-		ServiceName: "service",
-		CharmUrl:    curl.String(),
-	})
-	c.Assert(repo.testMode, jc.IsTrue)
-
-	// Check that the store's test mode is enabled when calling AddCharm.
-	curl, _ = s.UploadCharm(c, "utopic/riak-42", "riak")
-	err = s.APIState.Client().AddCharm(curl, csparams.StableChannel)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(repo.testMode, jc.IsTrue)
-}
-
-func (s *serviceSuite) setupServiceDeploy(c *gc.C, args string) (*charm.URL, charm.Charm, constraints.Value) {
-	curl, ch := s.UploadCharm(c, "precise/dummy-42", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	cons := constraints.MustParse(args)
-	return curl, ch, cons
-}
-
-func (s *serviceSuite) assertServiceDeployPrincipal(c *gc.C, curl *charm.URL, ch charm.Charm, mem4g constraints.Value) {
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    3,
-			Constraints: mem4g,
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-	apiservertesting.AssertPrincipalServiceDeployed(c, s.State, "service", curl, false, ch, mem4g)
-}
-
-func (s *serviceSuite) assertServiceDeployPrincipalBlocked(c *gc.C, msg string, curl *charm.URL, mem4g constraints.Value) {
-	_, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    3,
-			Constraints: mem4g,
-		}}})
-	s.AssertBlocked(c, err, msg)
-}
-
-func (s *serviceSuite) TestBlockDestroyServiceDeployPrincipal(c *gc.C) {
-	curl, bundle, cons := s.setupServiceDeploy(c, "mem=4G")
-	s.BlockDestroyModel(c, "TestBlockDestroyServiceDeployPrincipal")
-	s.assertServiceDeployPrincipal(c, curl, bundle, cons)
-}
-
-func (s *serviceSuite) TestBlockRemoveServiceDeployPrincipal(c *gc.C) {
-	curl, bundle, cons := s.setupServiceDeploy(c, "mem=4G")
-	s.BlockRemoveObject(c, "TestBlockRemoveServiceDeployPrincipal")
-	s.assertServiceDeployPrincipal(c, curl, bundle, cons)
-}
-
-func (s *serviceSuite) TestBlockChangesServiceDeployPrincipal(c *gc.C) {
-	curl, _, cons := s.setupServiceDeploy(c, "mem=4G")
-	s.BlockAllChanges(c, "TestBlockChangesServiceDeployPrincipal")
-	s.assertServiceDeployPrincipalBlocked(c, "TestBlockChangesServiceDeployPrincipal", curl, cons)
-}
-
-func (s *serviceSuite) TestServiceDeploySubordinate(c *gc.C) {
-	curl, ch := s.UploadCharm(c, "utopic/logging-47", "logging")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service-name",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-
-	service, err := s.State.Service("service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	charm, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(force, jc.IsFalse)
-	c.Assert(charm.URL(), gc.DeepEquals, curl)
-	c.Assert(charm.Meta(), gc.DeepEquals, ch.Meta())
-	c.Assert(charm.Config(), gc.DeepEquals, ch.Config())
-
-	units, err := service.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(units, gc.HasLen, 0)
-}
-
-func (s *serviceSuite) TestServiceDeployConfig(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service-name",
-			NumUnits:    1,
-			ConfigYAML:  "service-name:\n  username: fred",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-
-	service, err := s.State.Service("service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err := service.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{"username": "fred"})
-}
-
-func (s *serviceSuite) TestServiceDeployConfigError(c *gc.C) {
-	// TODO(fwereade): test Config/ConfigYAML handling directly on srvClient.
-	// Can't be done cleanly until it's extracted similarly to Machiner.
-	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service-name",
-			NumUnits:    1,
-			ConfigYAML:  "service-name:\n  skill-level: fred",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.ErrorMatches, `option "skill-level" expected int, got "fred"`)
-	_, err = s.State.Service("service-name")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *serviceSuite) TestServiceDeployToMachine(c *gc.C) {
-	curl, ch := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	machine, err := s.State.AddMachine("precise", state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service-name",
-			NumUnits:    1,
-			ConfigYAML:  "service-name:\n  username: fred",
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-
-	service, err := s.State.Service("service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	charm, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(force, jc.IsFalse)
-	c.Assert(charm.URL(), gc.DeepEquals, curl)
-	c.Assert(charm.Meta(), gc.DeepEquals, ch.Meta())
-	c.Assert(charm.Config(), gc.DeepEquals, ch.Config())
-
-	errs, err := s.APIState.UnitAssigner().AssignUnits([]names.UnitTag{names.NewUnitTag("service-name/0")})
-	c.Assert(errs, gc.DeepEquals, []error{nil})
-	c.Assert(err, jc.ErrorIsNil)
-
-	units, err := service.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(units, gc.HasLen, 1)
-
-	mid, err := units[0].AssignedMachineId()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mid, gc.Equals, machine.Id())
-}
-
-func (s *serviceSuite) TestServiceDeployToMachineNotFound(c *gc.C) {
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    "cs:precise/service-name-1",
-			ServiceName: "service-name",
-			NumUnits:    1,
-			Placement:   []*instance.Placement{instance.MustParsePlacement("42")},
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.ErrorMatches, `cannot deploy "service-name" to machine 42: machine 42 not found`)
-
-	_, err = s.State.Service("service-name")
-	c.Assert(err, gc.ErrorMatches, `service "service-name" not found`)
-}
-
-func (s *serviceSuite) TestServiceDeployServiceOwner(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-0", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    3,
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-
-	service, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(service.GetOwnerTag(), gc.Equals, s.authorizer.GetAuthTag().String())
-}
-
-func (s *serviceSuite) deployServiceForUpdateTests(c *gc.C) {
-	curl, _ := s.UploadCharm(c, "precise/dummy-1", "dummy")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	results, err := s.serviceApi.Deploy(params.ServicesDeploy{
-		Services: []params.ServiceDeploy{{
-			CharmUrl:    curl.String(),
-			ServiceName: "service",
-			NumUnits:    1,
-		}}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(results.Results, gc.HasLen, 1)
-	c.Assert(results.Results[0].Error, gc.IsNil)
-}
-
-func (s *serviceSuite) checkClientServiceUpdateSetCharm(c *gc.C, forceCharmUrl bool) {
-	s.deployServiceForUpdateTests(c)
-	curl, _ := s.UploadCharm(c, "precise/wordpress-3", "wordpress")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Update the charm for the service.
-	args := params.ServiceUpdate{
-		ServiceName:   "service",
-		CharmUrl:      curl.String(),
-		ForceCharmUrl: forceCharmUrl,
-	}
-	err = s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the charm has been updated and and the force flag correctly set.
-	service, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL().String(), gc.Equals, curl.String())
-	c.Assert(force, gc.Equals, forceCharmUrl)
-}
-
-func (s *serviceSuite) TestServiceUpdateSetCharm(c *gc.C) {
-	s.checkClientServiceUpdateSetCharm(c, false)
-}
-
-func (s *serviceSuite) TestBlockDestroyServiceUpdate(c *gc.C) {
-	s.BlockDestroyModel(c, "TestBlockDestroyServiceUpdate")
-	s.checkClientServiceUpdateSetCharm(c, false)
-}
-
-func (s *serviceSuite) TestBlockRemoveServiceUpdate(c *gc.C) {
-	s.BlockRemoveObject(c, "TestBlockRemoveServiceUpdate")
-	s.checkClientServiceUpdateSetCharm(c, false)
-}
-
-func (s *serviceSuite) setupServiceUpdate(c *gc.C) string {
-	s.deployServiceForUpdateTests(c)
-	curl, _ := s.UploadCharm(c, "precise/wordpress-3", "wordpress")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	return curl.String()
-}
-
-func (s *serviceSuite) TestBlockChangeServiceUpdate(c *gc.C) {
-	curl := s.setupServiceUpdate(c)
-	s.BlockAllChanges(c, "TestBlockChangeServiceUpdate")
-	// Update the charm for the service.
-	args := params.ServiceUpdate{
-		ServiceName:   "service",
-		CharmUrl:      curl,
-		ForceCharmUrl: false,
-	}
-	err := s.serviceApi.Update(args)
-	s.AssertBlocked(c, err, "TestBlockChangeServiceUpdate")
-}
-
-func (s *serviceSuite) TestServiceUpdateForceSetCharm(c *gc.C) {
-	s.checkClientServiceUpdateSetCharm(c, true)
-}
-
-func (s *serviceSuite) TestBlockServiceUpdateForced(c *gc.C) {
-	curl := s.setupServiceUpdate(c)
-
-	// block all changes. Force should ignore block :)
-	s.BlockAllChanges(c, "TestBlockServiceUpdateForced")
-	s.BlockDestroyModel(c, "TestBlockServiceUpdateForced")
-	s.BlockRemoveObject(c, "TestBlockServiceUpdateForced")
-
-	// Update the charm for the service.
-	args := params.ServiceUpdate{
-		ServiceName:   "service",
-		CharmUrl:      curl,
-		ForceCharmUrl: true,
-	}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the charm has been updated and and the force flag correctly set.
-	service, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL().String(), gc.Equals, curl)
-	c.Assert(force, jc.IsTrue)
-}
-
-func (s *serviceSuite) TestServiceUpdateSetCharmNotFound(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	args := params.ServiceUpdate{
-		ServiceName: "wordpress",
-		CharmUrl:    "cs:precise/wordpress-999999",
-	}
-	err := s.serviceApi.Update(args)
-	c.Check(err, gc.ErrorMatches, `charm "cs:precise/wordpress-999999" not found`)
-}
-
-func (s *serviceSuite) TestServiceUpdateSetMinUnits(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Set minimum units for the service.
-	minUnits := 2
-	args := params.ServiceUpdate{
-		ServiceName: "dummy",
-		MinUnits:    &minUnits,
-	}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the minimum number of units has been set.
-	c.Assert(service.Refresh(), gc.IsNil)
-	c.Assert(service.MinUnits(), gc.Equals, minUnits)
-}
-
-func (s *serviceSuite) TestServiceUpdateSetMinUnitsError(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Set a negative minimum number of units for the service.
-	minUnits := -1
-	args := params.ServiceUpdate{
-		ServiceName: "dummy",
-		MinUnits:    &minUnits,
-	}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, gc.ErrorMatches,
-		`cannot set minimum units for service "dummy": cannot set a negative minimum number of units`)
-
-	// Ensure the minimum number of units has not been set.
-	c.Assert(service.Refresh(), gc.IsNil)
-	c.Assert(service.MinUnits(), gc.Equals, 0)
-}
-
-func (s *serviceSuite) TestServiceUpdateSetSettingsStrings(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Update settings for the service.
-	args := params.ServiceUpdate{
-		ServiceName:     "dummy",
-		SettingsStrings: map[string]string{"title": "s-title", "username": "s-user"},
-	}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the settings have been correctly updated.
-	expected := charm.Settings{"title": "s-title", "username": "s-user"}
-	obtained, err := service.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtained, gc.DeepEquals, expected)
-}
-
-func (s *serviceSuite) TestServiceUpdateSetSettingsYAML(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Update settings for the service.
-	args := params.ServiceUpdate{
-		ServiceName:  "dummy",
-		SettingsYAML: "dummy:\n  title: y-title\n  username: y-user",
-	}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the settings have been correctly updated.
-	expected := charm.Settings{"title": "y-title", "username": "y-user"}
-	obtained, err := service.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtained, gc.DeepEquals, expected)
-}
-
-func (s *serviceSuite) TestClientServiceUpdateSetSettingsGetYAML(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Update settings for the service.
-	args := params.ServiceUpdate{
-		ServiceName:  "dummy",
-		SettingsYAML: "charm: dummy\nservice: dummy\nsettings:\n  title:\n    value: y-title\n    type: string\n  username:\n    value: y-user\n  ignore:\n    blah: true",
-	}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the settings have been correctly updated.
-	expected := charm.Settings{"title": "y-title", "username": "y-user"}
-	obtained, err := service.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtained, gc.DeepEquals, expected)
-}
-
-func (s *serviceSuite) TestServiceUpdateSetConstraints(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Update constraints for the service.
-	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
-	c.Assert(err, jc.ErrorIsNil)
-	args := params.ServiceUpdate{
-		ServiceName: "dummy",
-		Constraints: &cons,
-	}
-	err = s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the constraints have been correctly updated.
-	obtained, err := service.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtained, gc.DeepEquals, cons)
-}
-
-func (s *serviceSuite) TestServiceUpdateAllParams(c *gc.C) {
-	s.deployServiceForUpdateTests(c)
-	curl, _ := s.UploadCharm(c, "precise/wordpress-3", "wordpress")
-	err := service.AddCharmWithAuthorization(s.State, params.AddCharmWithAuthorization{
-		URL: curl.String(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Update all the service attributes.
-	minUnits := 3
-	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
-	c.Assert(err, jc.ErrorIsNil)
-	args := params.ServiceUpdate{
-		ServiceName:     "service",
-		CharmUrl:        curl.String(),
-		ForceCharmUrl:   true,
-		MinUnits:        &minUnits,
-		SettingsStrings: map[string]string{"blog-title": "string-title"},
-		SettingsYAML:    "service:\n  blog-title: yaml-title\n",
-		Constraints:     &cons,
-	}
-	err = s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the service has been correctly updated.
-	service, err := s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check the charm.
-	ch, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL().String(), gc.Equals, curl.String())
-	c.Assert(force, jc.IsTrue)
-
-	// Check the minimum number of units.
-	c.Assert(service.MinUnits(), gc.Equals, minUnits)
-
-	// Check the settings: also ensure the YAML settings take precedence
-	// over strings ones.
-	expectedSettings := charm.Settings{"blog-title": "yaml-title"}
-	obtainedSettings, err := service.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtainedSettings, gc.DeepEquals, expectedSettings)
-
-	// Check the constraints.
-	obtainedConstraints, err := service.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtainedConstraints, gc.DeepEquals, cons)
-}
-
-func (s *serviceSuite) TestServiceUpdateNoParams(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-
-	// Calling Update with no parameters set is a no-op.
-	args := params.ServiceUpdate{ServiceName: "wordpress"}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) TestServiceUpdateNoService(c *gc.C) {
-	err := s.serviceApi.Update(params.ServiceUpdate{})
-	c.Assert(err, gc.ErrorMatches, `"" is not a valid service name`)
-}
-
-func (s *serviceSuite) TestServiceUpdateInvalidService(c *gc.C) {
-	args := params.ServiceUpdate{ServiceName: "no-such-service"}
-	err := s.serviceApi.Update(args)
-	c.Assert(err, gc.ErrorMatches, `service "no-such-service" not found`)
-}
-
-var (
-	validSetTestValue = "a value with spaces\nand newline\nand UTF-8 characters: \U0001F604 / \U0001F44D"
-)
-
-func (s *serviceSuite) TestServiceSet(c *gc.C) {
-	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	err := s.serviceApi.Set(params.ServiceSet{ServiceName: "dummy", Options: map[string]string{
-		"title":    "foobar",
-		"username": validSetTestValue,
-	}})
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err := dummy.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title":    "foobar",
-		"username": validSetTestValue,
-	})
-
-	err = s.serviceApi.Set(params.ServiceSet{ServiceName: "dummy", Options: map[string]string{
-		"title":    "barfoo",
-		"username": "",
-	}})
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err = dummy.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title":    "barfoo",
-		"username": "",
-	})
-}
-
-func (s *serviceSuite) assertServiceSetBlocked(c *gc.C, dummy *state.Service, msg string) {
-	err := s.serviceApi.Set(params.ServiceSet{
-		ServiceName: "dummy",
-		Options: map[string]string{
-			"title":    "foobar",
-			"username": validSetTestValue}})
-	s.AssertBlocked(c, err, msg)
-}
-
-func (s *serviceSuite) assertServiceSet(c *gc.C, dummy *state.Service) {
-	err := s.serviceApi.Set(params.ServiceSet{
-		ServiceName: "dummy",
-		Options: map[string]string{
-			"title":    "foobar",
-			"username": validSetTestValue}})
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err := dummy.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title":    "foobar",
-		"username": validSetTestValue,
-	})
-}
-
-func (s *serviceSuite) TestBlockDestroyServiceSet(c *gc.C) {
-	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	s.BlockDestroyModel(c, "TestBlockDestroyServiceSet")
-	s.assertServiceSet(c, dummy)
-}
-
-func (s *serviceSuite) TestBlockRemoveServiceSet(c *gc.C) {
-	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	s.BlockRemoveObject(c, "TestBlockRemoveServiceSet")
-	s.assertServiceSet(c, dummy)
-}
-
-func (s *serviceSuite) TestBlockChangesServiceSet(c *gc.C) {
-	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	s.BlockAllChanges(c, "TestBlockChangesServiceSet")
-	s.assertServiceSetBlocked(c, dummy, "TestBlockChangesServiceSet")
-}
-
-func (s *serviceSuite) TestServerUnset(c *gc.C) {
-	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	err := s.serviceApi.Set(params.ServiceSet{ServiceName: "dummy", Options: map[string]string{
-		"title":    "foobar",
-		"username": "user name",
-	}})
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err := dummy.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title":    "foobar",
-		"username": "user name",
-	})
-
-	err = s.serviceApi.Unset(params.ServiceUnset{ServiceName: "dummy", Options: []string{"username"}})
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err = dummy.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title": "foobar",
-	})
-}
-
-func (s *serviceSuite) setupServerUnsetBlocked(c *gc.C) *state.Service {
-	dummy := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	err := s.serviceApi.Set(params.ServiceSet{
-		ServiceName: "dummy",
-		Options: map[string]string{
-			"title":    "foobar",
-			"username": "user name",
-		}})
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err := dummy.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title":    "foobar",
-		"username": "user name",
-	})
-	return dummy
-}
-
-func (s *serviceSuite) assertServerUnset(c *gc.C, dummy *state.Service) {
-	err := s.serviceApi.Unset(params.ServiceUnset{
-		ServiceName: "dummy",
-		Options:     []string{"username"},
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err := dummy.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"title": "foobar",
-	})
-}
-
-func (s *serviceSuite) assertServerUnsetBlocked(c *gc.C, dummy *state.Service, msg string) {
-	err := s.serviceApi.Unset(params.ServiceUnset{
-		ServiceName: "dummy",
-		Options:     []string{"username"},
-	})
-	s.AssertBlocked(c, err, msg)
-}
-
-func (s *serviceSuite) TestBlockDestroyServerUnset(c *gc.C) {
-	dummy := s.setupServerUnsetBlocked(c)
-	s.BlockDestroyModel(c, "TestBlockDestroyServerUnset")
-	s.assertServerUnset(c, dummy)
-}
-
-func (s *serviceSuite) TestBlockRemoveServerUnset(c *gc.C) {
-	dummy := s.setupServerUnsetBlocked(c)
-	s.BlockRemoveObject(c, "TestBlockRemoveServerUnset")
-	s.assertServerUnset(c, dummy)
-}
-
-func (s *serviceSuite) TestBlockChangesServerUnset(c *gc.C) {
-	dummy := s.setupServerUnsetBlocked(c)
-	s.BlockAllChanges(c, "TestBlockChangesServerUnset")
-	s.assertServerUnsetBlocked(c, dummy, "TestBlockChangesServerUnset")
-}
-
-var clientAddServiceUnitsTests = []struct {
-	about    string
-	service  string // if not set, defaults to 'dummy'
-	expected []string
-	to       string
-	err      string
-}{
-	{
-		about:    "returns unit names",
-		expected: []string{"dummy/0", "dummy/1", "dummy/2"},
-	},
-	{
-		about: "fails trying to add zero units",
-		err:   "must add at least one unit",
-	},
-	{
-		// Note: chained-state, we add 1 unit here, but the 3 units
-		// from the first condition still exist
-		about:    "force the unit onto bootstrap machine",
-		expected: []string{"dummy/3"},
-		to:       "0",
-	},
-	{
-		about:   "unknown service name",
-		service: "unknown-service",
-		err:     `service "unknown-service" not found`,
-	},
-}
-
-func (s *serviceSuite) TestClientAddServiceUnits(c *gc.C) {
-	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	for i, t := range clientAddServiceUnitsTests {
-		c.Logf("test %d. %s", i, t.about)
-		serviceName := t.service
-		if serviceName == "" {
-			serviceName = "dummy"
-		}
-		args := params.AddServiceUnits{
-			ServiceName: serviceName,
-			NumUnits:    len(t.expected),
-		}
-		if t.to != "" {
-			args.Placement = []*instance.Placement{instance.MustParsePlacement(t.to)}
-		}
-		result, err := s.serviceApi.AddUnits(args)
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-			continue
-		}
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(result.Units, gc.DeepEquals, t.expected)
-	}
-	// Test that we actually assigned the unit to machine 0
-	forcedUnit, err := s.BackingState.Unit("dummy/3")
-	c.Assert(err, jc.ErrorIsNil)
-	assignedMachine, err := forcedUnit.AssignedMachineId()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(assignedMachine, gc.Equals, "0")
-}
-
-func (s *serviceSuite) TestAddServiceUnitsToNewContainer(c *gc.C) {
-	svc := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-
-	_, err = s.serviceApi.AddUnits(params.AddServiceUnits{
-		ServiceName: "dummy",
-		NumUnits:    1,
-		Placement:   []*instance.Placement{instance.MustParsePlacement("lxc:" + machine.Id())},
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	units, err := svc.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	mid, err := units[0].AssignedMachineId()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mid, gc.Equals, machine.Id()+"/lxc/0")
-}
-
-var addServiceUnitTests = []struct {
-	about      string
-	service    string // if not set, defaults to 'dummy'
-	expected   []string
-	machineIds []string
-	placement  []*instance.Placement
-	err        string
-}{
-	{
-		about:      "valid placement directives",
-		expected:   []string{"dummy/0"},
-		placement:  []*instance.Placement{{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "valid"}},
-		machineIds: []string{"1"},
-	}, {
-		about:      "direct machine assignment placement directive",
-		expected:   []string{"dummy/1", "dummy/2"},
-		placement:  []*instance.Placement{{"#", "1"}, {"lxc", "1"}},
-		machineIds: []string{"1", "1/lxc/0"},
-	}, {
-		about:     "invalid placement directive",
-		err:       ".* invalid placement is invalid",
-		expected:  []string{"dummy/3"},
-		placement: []*instance.Placement{{"deadbeef-0bad-400d-8000-4b1d0d06f00d", "invalid"}},
-	},
-}
-
-func (s *serviceSuite) TestAddServiceUnits(c *gc.C) {
-	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	// Add a machine for the units to be placed on.
-	_, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	for i, t := range addServiceUnitTests {
-		c.Logf("test %d. %s", i, t.about)
-		serviceName := t.service
-		if serviceName == "" {
-			serviceName = "dummy"
-		}
-		result, err := s.serviceApi.AddUnits(params.AddServiceUnits{
-			ServiceName: serviceName,
-			NumUnits:    len(t.expected),
-			Placement:   t.placement,
-		})
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-			continue
-		}
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(result.Units, gc.DeepEquals, t.expected)
-		for i, unitName := range result.Units {
-			u, err := s.BackingState.Unit(unitName)
-			c.Assert(err, jc.ErrorIsNil)
-			assignedMachine, err := u.AssignedMachineId()
-			c.Assert(err, jc.ErrorIsNil)
-			c.Assert(assignedMachine, gc.Equals, t.machineIds[i])
-		}
-	}
-}
-
-func (s *serviceSuite) assertAddServiceUnits(c *gc.C) {
-	result, err := s.serviceApi.AddUnits(params.AddServiceUnits{
-		ServiceName: "dummy",
-		NumUnits:    3,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.Units, gc.DeepEquals, []string{"dummy/0", "dummy/1", "dummy/2"})
-
-	// Test that we actually assigned the unit to machine 0
-	forcedUnit, err := s.BackingState.Unit("dummy/0")
-	c.Assert(err, jc.ErrorIsNil)
-	assignedMachine, err := forcedUnit.AssignedMachineId()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(assignedMachine, gc.Equals, "0")
-}
-
-func (s *serviceSuite) TestServiceCharmRelations(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	eps, err := s.State.InferEndpoints("logging", "wordpress")
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-
-	_, err = s.serviceApi.CharmRelations(params.ServiceCharmRelations{"blah"})
-	c.Assert(err, gc.ErrorMatches, `service "blah" not found`)
-
-	result, err := s.serviceApi.CharmRelations(params.ServiceCharmRelations{"wordpress"})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.CharmRelations, gc.DeepEquals, []string{
-		"cache", "db", "juju-info", "logging-dir", "monitoring-port", "url",
-	})
-}
-
-func (s *serviceSuite) assertAddServiceUnitsBlocked(c *gc.C, msg string) {
-	_, err := s.serviceApi.AddUnits(params.AddServiceUnits{
-		ServiceName: "dummy",
-		NumUnits:    3,
-	})
-	s.AssertBlocked(c, err, msg)
-}
-
-func (s *serviceSuite) TestBlockDestroyAddServiceUnits(c *gc.C) {
-	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	s.BlockDestroyModel(c, "TestBlockDestroyAddServiceUnits")
-	s.assertAddServiceUnits(c)
-}
-
-func (s *serviceSuite) TestBlockRemoveAddServiceUnits(c *gc.C) {
-	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	s.BlockRemoveObject(c, "TestBlockRemoveAddServiceUnits")
-	s.assertAddServiceUnits(c)
-}
-
-func (s *serviceSuite) TestBlockChangeAddServiceUnits(c *gc.C) {
-	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	s.BlockAllChanges(c, "TestBlockChangeAddServiceUnits")
-	s.assertAddServiceUnitsBlocked(c, "TestBlockChangeAddServiceUnits")
-}
-
-func (s *serviceSuite) TestAddUnitToMachineNotFound(c *gc.C) {
-	s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	_, err := s.serviceApi.AddUnits(params.AddServiceUnits{
-		ServiceName: "dummy",
-		NumUnits:    3,
-		Placement:   []*instance.Placement{instance.MustParsePlacement("42")},
-	})
-	c.Assert(err, gc.ErrorMatches, `adding new machine to host unit "dummy/0": machine 42 not found`)
-}
-
-func (s *serviceSuite) TestServiceExpose(c *gc.C) {
-	charm := s.AddTestingCharm(c, "dummy")
-	serviceNames := []string{"dummy-service", "exposed-service"}
-	svcs := make([]*state.Service, len(serviceNames))
-	var err error
-	for i, name := range serviceNames {
-		svcs[i] = s.AddTestingService(c, name, charm)
-		c.Assert(svcs[i].IsExposed(), jc.IsFalse)
-	}
-	err = svcs[1].SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(svcs[1].IsExposed(), jc.IsTrue)
-	for i, t := range serviceExposeTests {
-		c.Logf("test %d. %s", i, t.about)
-		err = s.serviceApi.Expose(params.ServiceExpose{t.service})
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-		} else {
-			c.Assert(err, jc.ErrorIsNil)
-			service, err := s.State.Service(t.service)
-			c.Assert(err, jc.ErrorIsNil)
-			c.Assert(service.IsExposed(), gc.Equals, t.exposed)
-		}
-	}
-}
-
-func (s *serviceSuite) setupServiceExpose(c *gc.C) {
-	charm := s.AddTestingCharm(c, "dummy")
-	serviceNames := []string{"dummy-service", "exposed-service"}
-	svcs := make([]*state.Service, len(serviceNames))
-	var err error
-	for i, name := range serviceNames {
-		svcs[i] = s.AddTestingService(c, name, charm)
-		c.Assert(svcs[i].IsExposed(), jc.IsFalse)
-	}
-	err = svcs[1].SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(svcs[1].IsExposed(), jc.IsTrue)
-}
-
-var serviceExposeTests = []struct {
-	about   string
-	service string
-	err     string
-	exposed bool
-}{
-	{
-		about:   "unknown service name",
-		service: "unknown-service",
-		err:     `service "unknown-service" not found`,
-	},
-	{
-		about:   "expose a service",
-		service: "dummy-service",
-		exposed: true,
-	},
-	{
-		about:   "expose an already exposed service",
-		service: "exposed-service",
-		exposed: true,
-	},
-}
-
-func (s *serviceSuite) assertServiceExpose(c *gc.C) {
-	for i, t := range serviceExposeTests {
-		c.Logf("test %d. %s", i, t.about)
-		err := s.serviceApi.Expose(params.ServiceExpose{t.service})
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-		} else {
-			c.Assert(err, jc.ErrorIsNil)
-			service, err := s.State.Service(t.service)
-			c.Assert(err, jc.ErrorIsNil)
-			c.Assert(service.IsExposed(), gc.Equals, t.exposed)
-		}
-	}
-}
-
-func (s *serviceSuite) assertServiceExposeBlocked(c *gc.C, msg string) {
-	for i, t := range serviceExposeTests {
-		c.Logf("test %d. %s", i, t.about)
-		err := s.serviceApi.Expose(params.ServiceExpose{t.service})
-		s.AssertBlocked(c, err, msg)
-	}
-}
-
-func (s *serviceSuite) TestBlockDestroyServiceExpose(c *gc.C) {
-	s.setupServiceExpose(c)
-	s.BlockDestroyModel(c, "TestBlockDestroyServiceExpose")
-	s.assertServiceExpose(c)
-}
-
-func (s *serviceSuite) TestBlockRemoveServiceExpose(c *gc.C) {
-	s.setupServiceExpose(c)
-	s.BlockRemoveObject(c, "TestBlockRemoveServiceExpose")
-	s.assertServiceExpose(c)
-}
-
-func (s *serviceSuite) TestBlockChangesServiceExpose(c *gc.C) {
-	s.setupServiceExpose(c)
-	s.BlockAllChanges(c, "TestBlockChangesServiceExpose")
-	s.assertServiceExposeBlocked(c, "TestBlockChangesServiceExpose")
-}
-
-var serviceUnexposeTests = []struct {
-	about    string
-	service  string
-	err      string
-	initial  bool
-	expected bool
-}{
-	{
-		about:   "unknown service name",
-		service: "unknown-service",
-		err:     `service "unknown-service" not found`,
-	},
-	{
-		about:    "unexpose a service",
-		service:  "dummy-service",
-		initial:  true,
-		expected: false,
-	},
-	{
-		about:    "unexpose an already unexposed service",
-		service:  "dummy-service",
-		initial:  false,
-		expected: false,
-	},
-}
-
-func (s *serviceSuite) TestServiceUnexpose(c *gc.C) {
-	charm := s.AddTestingCharm(c, "dummy")
-	for i, t := range serviceUnexposeTests {
-		c.Logf("test %d. %s", i, t.about)
-		svc := s.AddTestingService(c, "dummy-service", charm)
-		if t.initial {
-			svc.SetExposed()
-		}
-		c.Assert(svc.IsExposed(), gc.Equals, t.initial)
-		err := s.serviceApi.Unexpose(params.ServiceUnexpose{t.service})
-		if t.err == "" {
-			c.Assert(err, jc.ErrorIsNil)
-			svc.Refresh()
-			c.Assert(svc.IsExposed(), gc.Equals, t.expected)
-		} else {
-			c.Assert(err, gc.ErrorMatches, t.err)
-		}
-		err = svc.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
-func (s *serviceSuite) setupServiceUnexpose(c *gc.C) *state.Service {
-	charm := s.AddTestingCharm(c, "dummy")
-	svc := s.AddTestingService(c, "dummy-service", charm)
-	svc.SetExposed()
-	c.Assert(svc.IsExposed(), gc.Equals, true)
-	return svc
-}
-
-func (s *serviceSuite) assertServiceUnexpose(c *gc.C, svc *state.Service) {
-	err := s.serviceApi.Unexpose(params.ServiceUnexpose{"dummy-service"})
-	c.Assert(err, jc.ErrorIsNil)
-	svc.Refresh()
-	c.Assert(svc.IsExposed(), gc.Equals, false)
-	err = svc.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) assertServiceUnexposeBlocked(c *gc.C, svc *state.Service, msg string) {
-	err := s.serviceApi.Unexpose(params.ServiceUnexpose{"dummy-service"})
-	s.AssertBlocked(c, err, msg)
-	err = svc.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) TestBlockDestroyServiceUnexpose(c *gc.C) {
-	svc := s.setupServiceUnexpose(c)
-	s.BlockDestroyModel(c, "TestBlockDestroyServiceUnexpose")
-	s.assertServiceUnexpose(c, svc)
-}
-
-func (s *serviceSuite) TestBlockRemoveServiceUnexpose(c *gc.C) {
-	svc := s.setupServiceUnexpose(c)
-	s.BlockRemoveObject(c, "TestBlockRemoveServiceUnexpose")
-	s.assertServiceUnexpose(c, svc)
-}
-
-func (s *serviceSuite) TestBlockChangesServiceUnexpose(c *gc.C) {
-	svc := s.setupServiceUnexpose(c)
-	s.BlockAllChanges(c, "TestBlockChangesServiceUnexpose")
-	s.assertServiceUnexposeBlocked(c, svc, "TestBlockChangesServiceUnexpose")
-}
-
-var serviceDestroyTests = []struct {
-	about   string
-	service string
-	err     string
-}{
-	{
-		about:   "unknown service name",
-		service: "unknown-service",
-		err:     `service "unknown-service" not found`,
-	},
-	{
-		about:   "destroy a service",
-		service: "dummy-service",
-	},
-	{
-		about:   "destroy an already destroyed service",
-		service: "dummy-service",
-		err:     `service "dummy-service" not found`,
-	},
-}
-
-func (s *serviceSuite) TestServiceDestroy(c *gc.C) {
-	s.AddTestingService(c, "dummy-service", s.AddTestingCharm(c, "dummy"))
-	for i, t := range serviceDestroyTests {
-		c.Logf("test %d. %s", i, t.about)
-		err := s.serviceApi.Destroy(params.ServiceDestroy{t.service})
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-		} else {
-			c.Assert(err, jc.ErrorIsNil)
-		}
-	}
-
-	// Now do Destroy on a service with units. Destroy will
-	// cause the service to be not-Alive, but will not remove its
-	// document.
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	serviceName := "wordpress"
-	service, err := s.State.Service(serviceName)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.serviceApi.Destroy(params.ServiceDestroy{serviceName})
-	c.Assert(err, jc.ErrorIsNil)
-	err = service.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func assertLife(c *gc.C, entity state.Living, life state.Life) {
-	err := entity.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(entity.Life(), gc.Equals, life)
-}
-
-func (s *serviceSuite) TestBlockServiceDestroy(c *gc.C) {
-	s.AddTestingService(c, "dummy-service", s.AddTestingCharm(c, "dummy"))
-
-	// block remove-objects
-	s.BlockRemoveObject(c, "TestBlockServiceDestroy")
-	err := s.serviceApi.Destroy(params.ServiceDestroy{"dummy-service"})
-	s.AssertBlocked(c, err, "TestBlockServiceDestroy")
-	// Tests may have invalid service names.
-	service, err := s.State.Service("dummy-service")
-	if err == nil {
-		// For valid service names, check that service is alive :-)
-		assertLife(c, service, state.Alive)
-	}
-}
-
-func (s *serviceSuite) TestDestroyPrincipalUnits(c *gc.C) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	units := make([]*state.Unit, 5)
-	for i := range units {
-		unit, err := wordpress.AddUnit()
-		c.Assert(err, jc.ErrorIsNil)
-		err = unit.SetAgentStatus(status.StatusIdle, "", nil)
-		c.Assert(err, jc.ErrorIsNil)
-		units[i] = unit
-	}
-	s.assertDestroyPrincipalUnits(c, units)
-}
-
-func (s *serviceSuite) TestDestroySubordinateUnits(c *gc.C) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	wordpress0, err := wordpress.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	eps, err := s.State.InferEndpoints("logging", "wordpress")
-	c.Assert(err, jc.ErrorIsNil)
-	rel, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-	ru, err := rel.Unit(wordpress0)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ru.EnterScope(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	logging0, err := s.State.Unit("logging/0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Try to destroy the subordinate alone; check it fails.
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"logging/0"},
-	})
-	c.Assert(err, gc.ErrorMatches, `no units were destroyed: unit "logging/0" is a subordinate`)
-	assertLife(c, logging0, state.Alive)
-
-	s.assertDestroySubordinateUnits(c, wordpress0, logging0)
-}
-
-func (s *serviceSuite) assertDestroyPrincipalUnits(c *gc.C, units []*state.Unit) {
-	// Destroy 2 of them; check they become Dying.
-	err := s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "wordpress/1"},
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	assertLife(c, units[0], state.Dying)
-	assertLife(c, units[1], state.Dying)
-
-	// Try to destroy an Alive one and a Dying one; check
-	// it destroys the Alive one and ignores the Dying one.
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/2", "wordpress/0"},
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	assertLife(c, units[2], state.Dying)
-
-	// Try to destroy an Alive one along with a nonexistent one; check that
-	// the valid instruction is followed but the invalid one is warned about.
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"boojum/123", "wordpress/3"},
-	})
-	c.Assert(err, gc.ErrorMatches, `some units were not destroyed: unit "boojum/123" does not exist`)
-	assertLife(c, units[3], state.Dying)
-
-	// Make one Dead, and destroy an Alive one alongside it; check no errors.
-	wp0, err := s.State.Unit("wordpress/0")
-	c.Assert(err, jc.ErrorIsNil)
-	err = wp0.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "wordpress/4"},
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	assertLife(c, units[0], state.Dead)
-	assertLife(c, units[4], state.Dying)
-}
-
-func (s *serviceSuite) setupDestroyPrincipalUnits(c *gc.C) []*state.Unit {
-	units := make([]*state.Unit, 5)
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	for i := range units {
-		unit, err := wordpress.AddUnit()
-		c.Assert(err, jc.ErrorIsNil)
-		err = unit.SetAgentStatus(status.StatusIdle, "", nil)
-		c.Assert(err, jc.ErrorIsNil)
-		units[i] = unit
-	}
-	return units
-}
-
-func (s *serviceSuite) assertBlockedErrorAndLiveliness(
-	c *gc.C,
-	err error,
-	msg string,
-	living1 state.Living,
-	living2 state.Living,
-	living3 state.Living,
-	living4 state.Living,
-) {
-	s.AssertBlocked(c, err, msg)
-	assertLife(c, living1, state.Alive)
-	assertLife(c, living2, state.Alive)
-	assertLife(c, living3, state.Alive)
-	assertLife(c, living4, state.Alive)
-}
-
-func (s *serviceSuite) TestBlockChangesDestroyPrincipalUnits(c *gc.C) {
-	units := s.setupDestroyPrincipalUnits(c)
-	s.BlockAllChanges(c, "TestBlockChangesDestroyPrincipalUnits")
-	err := s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "wordpress/1"},
-	})
-	s.assertBlockedErrorAndLiveliness(c, err, "TestBlockChangesDestroyPrincipalUnits", units[0], units[1], units[2], units[3])
-}
-
-func (s *serviceSuite) TestBlockRemoveDestroyPrincipalUnits(c *gc.C) {
-	units := s.setupDestroyPrincipalUnits(c)
-	s.BlockRemoveObject(c, "TestBlockRemoveDestroyPrincipalUnits")
-	err := s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "wordpress/1"},
-	})
-	s.assertBlockedErrorAndLiveliness(c, err, "TestBlockRemoveDestroyPrincipalUnits", units[0], units[1], units[2], units[3])
-}
-
-func (s *serviceSuite) TestBlockDestroyDestroyPrincipalUnits(c *gc.C) {
-	units := s.setupDestroyPrincipalUnits(c)
-	s.BlockDestroyModel(c, "TestBlockDestroyDestroyPrincipalUnits")
-	err := s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "wordpress/1"},
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	assertLife(c, units[0], state.Dying)
-	assertLife(c, units[1], state.Dying)
-}
-
-func (s *serviceSuite) assertDestroySubordinateUnits(c *gc.C, wordpress0, logging0 *state.Unit) {
-	// Try to destroy the principal and the subordinate together; check it warns
-	// about the subordinate, but destroys the one it can. (The principal unit
-	// agent will be responsible for destroying the subordinate.)
-	err := s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "logging/0"},
-	})
-	c.Assert(err, gc.ErrorMatches, `some units were not destroyed: unit "logging/0" is a subordinate`)
-	assertLife(c, wordpress0, state.Dying)
-	assertLife(c, logging0, state.Alive)
-}
-
-func (s *serviceSuite) TestBlockRemoveDestroySubordinateUnits(c *gc.C) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	wordpress0, err := wordpress.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	eps, err := s.State.InferEndpoints("logging", "wordpress")
-	c.Assert(err, jc.ErrorIsNil)
-	rel, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-	ru, err := rel.Unit(wordpress0)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ru.EnterScope(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	logging0, err := s.State.Unit("logging/0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.BlockRemoveObject(c, "TestBlockRemoveDestroySubordinateUnits")
-	// Try to destroy the subordinate alone; check it fails.
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"logging/0"},
-	})
-	s.AssertBlocked(c, err, "TestBlockRemoveDestroySubordinateUnits")
-	assertLife(c, rel, state.Alive)
-	assertLife(c, wordpress0, state.Alive)
-	assertLife(c, logging0, state.Alive)
-
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "logging/0"},
-	})
-	s.AssertBlocked(c, err, "TestBlockRemoveDestroySubordinateUnits")
-	assertLife(c, wordpress0, state.Alive)
-	assertLife(c, logging0, state.Alive)
-	assertLife(c, rel, state.Alive)
-}
-
-func (s *serviceSuite) TestBlockChangesDestroySubordinateUnits(c *gc.C) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	wordpress0, err := wordpress.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	eps, err := s.State.InferEndpoints("logging", "wordpress")
-	c.Assert(err, jc.ErrorIsNil)
-	rel, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-	ru, err := rel.Unit(wordpress0)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ru.EnterScope(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	logging0, err := s.State.Unit("logging/0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.BlockAllChanges(c, "TestBlockChangesDestroySubordinateUnits")
-	// Try to destroy the subordinate alone; check it fails.
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"logging/0"},
-	})
-	s.AssertBlocked(c, err, "TestBlockChangesDestroySubordinateUnits")
-	assertLife(c, rel, state.Alive)
-	assertLife(c, wordpress0, state.Alive)
-	assertLife(c, logging0, state.Alive)
-
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"wordpress/0", "logging/0"},
-	})
-	s.AssertBlocked(c, err, "TestBlockChangesDestroySubordinateUnits")
-	assertLife(c, wordpress0, state.Alive)
-	assertLife(c, logging0, state.Alive)
-	assertLife(c, rel, state.Alive)
-}
-
-func (s *serviceSuite) TestBlockDestroyDestroySubordinateUnits(c *gc.C) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	wordpress0, err := wordpress.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	eps, err := s.State.InferEndpoints("logging", "wordpress")
-	c.Assert(err, jc.ErrorIsNil)
-	rel, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-	ru, err := rel.Unit(wordpress0)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ru.EnterScope(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	logging0, err := s.State.Unit("logging/0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.BlockDestroyModel(c, "TestBlockDestroyDestroySubordinateUnits")
-	// Try to destroy the subordinate alone; check it fails.
-	err = s.serviceApi.DestroyUnits(params.DestroyServiceUnits{
-		UnitNames: []string{"logging/0"},
-	})
-	c.Assert(err, gc.ErrorMatches, `no units were destroyed: unit "logging/0" is a subordinate`)
-	assertLife(c, logging0, state.Alive)
-
-	s.assertDestroySubordinateUnits(c, wordpress0, logging0)
-}
-
-func (s *serviceSuite) TestClientSetServiceConstraints(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Update constraints for the service.
-	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.serviceApi.SetConstraints(params.SetConstraints{ServiceName: "dummy", Constraints: cons})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Ensure the constraints have been correctly updated.
-	obtained, err := service.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtained, gc.DeepEquals, cons)
-}
-
-func (s *serviceSuite) setupSetServiceConstraints(c *gc.C) (*state.Service, constraints.Value) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-	// Update constraints for the service.
-	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
-	c.Assert(err, jc.ErrorIsNil)
-	return service, cons
-}
-
-func (s *serviceSuite) assertSetServiceConstraints(c *gc.C, service *state.Service, cons constraints.Value) {
-	err := s.serviceApi.SetConstraints(params.SetConstraints{ServiceName: "dummy", Constraints: cons})
-	c.Assert(err, jc.ErrorIsNil)
-	// Ensure the constraints have been correctly updated.
-	obtained, err := service.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(obtained, gc.DeepEquals, cons)
-}
-
-func (s *serviceSuite) assertSetServiceConstraintsBlocked(c *gc.C, msg string, service *state.Service, cons constraints.Value) {
-	err := s.serviceApi.SetConstraints(params.SetConstraints{ServiceName: "dummy", Constraints: cons})
-	s.AssertBlocked(c, err, msg)
-}
-
-func (s *serviceSuite) TestBlockDestroySetServiceConstraints(c *gc.C) {
-	svc, cons := s.setupSetServiceConstraints(c)
-	s.BlockDestroyModel(c, "TestBlockDestroySetServiceConstraints")
-	s.assertSetServiceConstraints(c, svc, cons)
-}
-
-func (s *serviceSuite) TestBlockRemoveSetServiceConstraints(c *gc.C) {
-	svc, cons := s.setupSetServiceConstraints(c)
-	s.BlockRemoveObject(c, "TestBlockRemoveSetServiceConstraints")
-	s.assertSetServiceConstraints(c, svc, cons)
-}
-
-func (s *serviceSuite) TestBlockChangesSetServiceConstraints(c *gc.C) {
-	svc, cons := s.setupSetServiceConstraints(c)
-	s.BlockAllChanges(c, "TestBlockChangesSetServiceConstraints")
-	s.assertSetServiceConstraintsBlocked(c, "TestBlockChangesSetServiceConstraints", svc, cons)
-}
-
-func (s *serviceSuite) TestClientGetServiceConstraints(c *gc.C) {
-	service := s.AddTestingService(c, "dummy", s.AddTestingCharm(c, "dummy"))
-
-	// Set constraints for the service.
-	cons, err := constraints.Parse("mem=4096", "cpu-cores=2")
-	c.Assert(err, jc.ErrorIsNil)
-	err = service.SetConstraints(cons)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check we can get the constraints.
-	result, err := s.serviceApi.GetConstraints(params.GetServiceConstraints{"dummy"})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.Constraints, gc.DeepEquals, cons)
-}
-
-func (s *serviceSuite) checkEndpoints(c *gc.C, endpoints map[string]charm.Relation) {
-	c.Assert(endpoints["wordpress"], gc.DeepEquals, charm.Relation{
-		Name:      "db",
-		Role:      charm.RelationRole("requirer"),
-		Interface: "mysql",
-		Optional:  false,
-		Limit:     1,
-		Scope:     charm.RelationScope("global"),
-	})
-	c.Assert(endpoints["mysql"], gc.DeepEquals, charm.Relation{
-		Name:      "server",
-		Role:      charm.RelationRole("provider"),
-		Interface: "mysql",
-		Optional:  false,
-		Limit:     0,
-		Scope:     charm.RelationScope("global"),
-	})
-}
-
-func (s *serviceSuite) setupRelationScenario(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	eps, err := s.State.InferEndpoints("logging", "wordpress")
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *serviceSuite) assertAddRelation(c *gc.C, endpoints []string) {
-	s.setupRelationScenario(c)
-	res, err := s.serviceApi.AddRelation(params.AddRelation{Endpoints: endpoints})
-	c.Assert(err, jc.ErrorIsNil)
-	s.checkEndpoints(c, res.Endpoints)
-	// Show that the relation was added.
-	wpSvc, err := s.State.Service("wordpress")
-	c.Assert(err, jc.ErrorIsNil)
-	rels, err := wpSvc.Relations()
-	// There are 2 relations - the logging-wordpress one set up in the
-	// scenario and the one created in this test.
-	c.Assert(len(rels), gc.Equals, 2)
-	mySvc, err := s.State.Service("mysql")
-	c.Assert(err, jc.ErrorIsNil)
-	rels, err = mySvc.Relations()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(len(rels), gc.Equals, 1)
-}
-
-func (s *serviceSuite) TestSuccessfullyAddRelation(c *gc.C) {
-	endpoints := []string{"wordpress", "mysql"}
-	s.assertAddRelation(c, endpoints)
-}
-
-func (s *serviceSuite) TestBlockDestroyAddRelation(c *gc.C) {
-	s.BlockDestroyModel(c, "TestBlockDestroyAddRelation")
-	s.assertAddRelation(c, []string{"wordpress", "mysql"})
-}
-func (s *serviceSuite) TestBlockRemoveAddRelation(c *gc.C) {
-	s.BlockRemoveObject(c, "TestBlockRemoveAddRelation")
-	s.assertAddRelation(c, []string{"wordpress", "mysql"})
-}
-
-func (s *serviceSuite) TestBlockChangesAddRelation(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	s.BlockAllChanges(c, "TestBlockChangesAddRelation")
-	_, err := s.serviceApi.AddRelation(params.AddRelation{Endpoints: []string{"wordpress", "mysql"}})
-	s.AssertBlocked(c, err, "TestBlockChangesAddRelation")
-}
-
-func (s *serviceSuite) TestSuccessfullyAddRelationSwapped(c *gc.C) {
-	// Show that the order of the services listed in the AddRelation call
-	// does not matter.  This is a repeat of the previous test with the service
-	// names swapped.
-	endpoints := []string{"mysql", "wordpress"}
-	s.assertAddRelation(c, endpoints)
-}
-
-func (s *serviceSuite) TestCallWithOnlyOneEndpoint(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	endpoints := []string{"wordpress"}
-	_, err := s.serviceApi.AddRelation(params.AddRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, "no relations found")
-}
-
-func (s *serviceSuite) TestCallWithOneEndpointTooMany(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	endpoints := []string{"wordpress", "mysql", "logging"}
-	_, err := s.serviceApi.AddRelation(params.AddRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, "cannot relate 3 endpoints")
-}
-
-func (s *serviceSuite) TestAddAlreadyAddedRelation(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	// Add a relation between wordpress and mysql.
-	endpoints := []string{"wordpress", "mysql"}
-	eps, err := s.State.InferEndpoints(endpoints...)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-	// And try to add it again.
-	_, err = s.serviceApi.AddRelation(params.AddRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, `cannot add relation "wordpress:db mysql:server": relation already exists`)
-}
-
-func (s *serviceSuite) setupDestroyRelationScenario(c *gc.C, endpoints []string) *state.Relation {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	// Add a relation between the endpoints.
-	eps, err := s.State.InferEndpoints(endpoints...)
-	c.Assert(err, jc.ErrorIsNil)
-	relation, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-	return relation
-}
-
-func (s *serviceSuite) assertDestroyRelation(c *gc.C, endpoints []string) {
-	s.assertDestroyRelationSuccess(
-		c,
-		s.setupDestroyRelationScenario(c, endpoints),
-		endpoints)
-}
-
-func (s *serviceSuite) assertDestroyRelationSuccess(c *gc.C, relation *state.Relation, endpoints []string) {
-	err := s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	c.Assert(err, jc.ErrorIsNil)
-	// Show that the relation was removed.
-	c.Assert(relation.Refresh(), jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *serviceSuite) TestSuccessfulDestroyRelation(c *gc.C) {
-	endpoints := []string{"wordpress", "mysql"}
-	s.assertDestroyRelation(c, endpoints)
-}
-
-func (s *serviceSuite) TestSuccessfullyDestroyRelationSwapped(c *gc.C) {
-	// Show that the order of the services listed in the DestroyRelation call
-	// does not matter.  This is a repeat of the previous test with the service
-	// names swapped.
-	endpoints := []string{"mysql", "wordpress"}
-	s.assertDestroyRelation(c, endpoints)
-}
-
-func (s *serviceSuite) TestNoRelation(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	endpoints := []string{"wordpress", "mysql"}
-	err := s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, `relation "wordpress:db mysql:server" not found`)
-}
-
-func (s *serviceSuite) TestAttemptDestroyingNonExistentRelation(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	s.AddTestingService(c, "riak", s.AddTestingCharm(c, "riak"))
-	endpoints := []string{"riak", "wordpress"}
-	err := s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, "no relations found")
-}
-
-func (s *serviceSuite) TestAttemptDestroyingWithOnlyOneEndpoint(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	endpoints := []string{"wordpress"}
-	err := s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, "no relations found")
-}
-
-func (s *serviceSuite) TestAttemptDestroyingPeerRelation(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	s.AddTestingService(c, "riak", s.AddTestingCharm(c, "riak"))
-
-	endpoints := []string{"riak:ring"}
-	err := s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, `cannot destroy relation "riak:ring": is a peer relation`)
-}
-
-func (s *serviceSuite) TestAttemptDestroyingAlreadyDestroyedRelation(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-
-	// Add a relation between wordpress and mysql.
-	eps, err := s.State.InferEndpoints("wordpress", "mysql")
-	c.Assert(err, jc.ErrorIsNil)
-	rel, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-
-	endpoints := []string{"wordpress", "mysql"}
-	err = s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	// Show that the relation was removed.
-	c.Assert(rel.Refresh(), jc.Satisfies, errors.IsNotFound)
-
-	// And try to destroy it again.
-	err = s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	c.Assert(err, gc.ErrorMatches, `relation "wordpress:db mysql:server" not found`)
-}
-
-func (s *serviceSuite) TestBlockRemoveDestroyRelation(c *gc.C) {
-	endpoints := []string{"wordpress", "mysql"}
-	relation := s.setupDestroyRelationScenario(c, endpoints)
-	// block remove-objects
-	s.BlockRemoveObject(c, "TestBlockRemoveDestroyRelation")
-	err := s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	s.AssertBlocked(c, err, "TestBlockRemoveDestroyRelation")
-	assertLife(c, relation, state.Alive)
-}
-
-func (s *serviceSuite) TestBlockChangeDestroyRelation(c *gc.C) {
-	endpoints := []string{"wordpress", "mysql"}
-	relation := s.setupDestroyRelationScenario(c, endpoints)
-	s.BlockAllChanges(c, "TestBlockChangeDestroyRelation")
-	err := s.serviceApi.DestroyRelation(params.DestroyRelation{Endpoints: endpoints})
-	s.AssertBlocked(c, err, "TestBlockChangeDestroyRelation")
-	assertLife(c, relation, state.Alive)
-}
-
-func (s *serviceSuite) TestBlockDestroyDestroyRelation(c *gc.C) {
-	s.BlockDestroyModel(c, "TestBlockDestroyDestroyRelation")
-	endpoints := []string{"wordpress", "mysql"}
-	s.assertDestroyRelation(c, endpoints)
-}
-
-type mockStorageProvider struct {
-	storage.Provider
-	kind storage.StorageKind
-}
-
-func (m *mockStorageProvider) Scope() storage.Scope {
-	return storage.ScopeMachine
-}
-
-func (m *mockStorageProvider) Supports(k storage.StorageKind) bool {
-	return k == m.kind
-}
-
-func (m *mockStorageProvider) ValidateConfig(*storage.Config) error {
-	return nil
-}
-
-type blobs struct {
-	sync.Mutex
-	m map[string]bool // maps path to added (true), or deleted (false)
-}
-
-// Add adds a path to the list of known paths.
-func (b *blobs) Add(path string) {
-	b.Lock()
-	defer b.Unlock()
-	b.check()
-	b.m[path] = true
-}
-
-// Remove marks a path as deleted, even if it was not previously Added.
-func (b *blobs) Remove(path string) {
-	b.Lock()
-	defer b.Unlock()
-	b.check()
-	b.m[path] = false
-}
-
-func (b *blobs) check() {
-	if b.m == nil {
-		b.m = make(map[string]bool)
-	}
-}
-
-type recordingStorage struct {
-	statestorage.Storage
-	putBarrier *sync.WaitGroup
-	blobs      *blobs
-}
-
-func (s *recordingStorage) Put(path string, r io.Reader, size int64) error {
-	if s.putBarrier != nil {
-		// This goroutine has gotten to Put() so mark it Done() and
-		// wait for the other goroutines to get to this point.
-		s.putBarrier.Done()
-		s.putBarrier.Wait()
-	}
-	if err := s.Storage.Put(path, r, size); err != nil {
-		return errors.Trace(err)
-	}
-	s.blobs.Add(path)
-	return nil
-}
-
-func (s *recordingStorage) Remove(path string) error {
-	if err := s.Storage.Remove(path); err != nil {
-		return errors.Trace(err)
-	}
-	s.blobs.Remove(path)
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/facade.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,83 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/watcher"
-	"github.com/juju/names"
-)
-
-// Backend exposes functionality required by Facade.
-type Backend interface {
-
-	// WatchScaledServices returns a watcher that sends service ids
-	// that might not have enough units.
-	WatchScaledServices() state.StringsWatcher
-
-	// RescaleService ensures that the named service has at least its
-	// configured minimum unit count.
-	RescaleService(name string) error
-}
-
-// Facade allows model-manager clients to watch and rescale services.
-type Facade struct {
-	backend   Backend
-	resources *common.Resources
-}
-
-// NewFacade creates a new authorized Facade.
-func NewFacade(backend Backend, res *common.Resources, auth common.Authorizer) (*Facade, error) {
-	if !auth.AuthModelManager() {
-		return nil, common.ErrPerm
-	}
-	return &Facade{
-		backend:   backend,
-		resources: res,
-	}, nil
-}
-
-// Watch returns a watcher that sends the names of services whose
-// unit count may be below their configured minimum.
-func (facade *Facade) Watch() (params.StringsWatchResult, error) {
-	watch := facade.backend.WatchScaledServices()
-	if changes, ok := <-watch.Changes(); ok {
-		id := facade.resources.Register(watch)
-		return params.StringsWatchResult{
-			StringsWatcherId: id,
-			Changes:          changes,
-		}, nil
-	}
-	return params.StringsWatchResult{}, watcher.EnsureErr(watch)
-}
-
-// Rescale causes any supplied services to be scaled up to their
-// minimum size.
-func (facade *Facade) Rescale(args params.Entities) params.ErrorResults {
-	result := params.ErrorResults{
-		Results: make([]params.ErrorResult, len(args.Entities)),
-	}
-	for i, entity := range args.Entities {
-		err := facade.rescaleOne(entity.Tag)
-		result.Results[i].Error = common.ServerError(err)
-	}
-	return result
-}
-
-// rescaleOne scales up the supplied service, if necessary; or returns a
-// suitable error.
-func (facade *Facade) rescaleOne(tagString string) error {
-	tag, err := names.ParseTag(tagString)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	serviceTag, ok := tag.(names.ServiceTag)
-	if !ok {
-		return common.ErrPerm
-	}
-	return facade.backend.RescaleService(serviceTag.Id())
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/facade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/facade_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,102 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/apiserver/servicescaler"
-)
-
-type FacadeSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&FacadeSuite{})
-
-func (s *FacadeSuite) TestModelManager(c *gc.C) {
-	facade, err := servicescaler.NewFacade(nil, nil, auth(true))
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(facade, gc.NotNil)
-}
-
-func (s *FacadeSuite) TestNotModelManager(c *gc.C) {
-	facade, err := servicescaler.NewFacade(nil, nil, auth(false))
-	c.Check(err, gc.Equals, common.ErrPerm)
-	c.Check(facade, gc.IsNil)
-}
-
-func (s *FacadeSuite) TestWatchError(c *gc.C) {
-	fix := newWatchFixture(c, false)
-	result, err := fix.Facade.Watch()
-	c.Check(err, gc.ErrorMatches, "blammo")
-	c.Check(result, gc.DeepEquals, params.StringsWatchResult{})
-	c.Check(fix.Resources.Count(), gc.Equals, 0)
-}
-
-func (s *FacadeSuite) TestWatchSuccess(c *gc.C) {
-	fix := newWatchFixture(c, true)
-	result, err := fix.Facade.Watch()
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(result.Changes, jc.DeepEquals, []string{"pow", "zap", "kerblooie"})
-	c.Check(fix.Resources.Count(), gc.Equals, 1)
-	resource := fix.Resources.Get(result.StringsWatcherId)
-	c.Check(resource, gc.NotNil)
-}
-
-func (s *FacadeSuite) TestRescaleNonsense(c *gc.C) {
-	fix := newRescaleFixture(c)
-	result := fix.Facade.Rescale(entities("burble plink"))
-	c.Assert(result.Results, gc.HasLen, 1)
-	err := result.Results[0].Error
-	c.Check(err, gc.ErrorMatches, `"burble plink" is not a valid tag`)
-}
-
-func (s *FacadeSuite) TestRescaleUnauthorized(c *gc.C) {
-	fix := newRescaleFixture(c)
-	result := fix.Facade.Rescale(entities("unit-foo-27"))
-	c.Assert(result.Results, gc.HasLen, 1)
-	err := result.Results[0].Error
-	c.Check(err, gc.ErrorMatches, "permission denied")
-	c.Check(err, jc.Satisfies, params.IsCodeUnauthorized)
-}
-
-func (s *FacadeSuite) TestRescaleNotFound(c *gc.C) {
-	fix := newRescaleFixture(c)
-	result := fix.Facade.Rescale(entities("service-missing"))
-	c.Assert(result.Results, gc.HasLen, 1)
-	err := result.Results[0].Error
-	c.Check(err, gc.ErrorMatches, "service not found")
-	c.Check(err, jc.Satisfies, params.IsCodeNotFound)
-}
-
-func (s *FacadeSuite) TestRescaleError(c *gc.C) {
-	fix := newRescaleFixture(c)
-	result := fix.Facade.Rescale(entities("service-error"))
-	c.Assert(result.Results, gc.HasLen, 1)
-	err := result.Results[0].Error
-	c.Check(err, gc.ErrorMatches, "blammo")
-}
-
-func (s *FacadeSuite) TestRescaleSuccess(c *gc.C) {
-	fix := newRescaleFixture(c)
-	result := fix.Facade.Rescale(entities("service-expected"))
-	c.Assert(result.Results, gc.HasLen, 1)
-	err := result.Results[0].Error
-	c.Check(err, gc.IsNil)
-}
-
-func (s *FacadeSuite) TestRescaleMultiple(c *gc.C) {
-	fix := newRescaleFixture(c)
-	result := fix.Facade.Rescale(entities("service-error", "service-expected"))
-	c.Assert(result.Results, gc.HasLen, 2)
-	err0 := result.Results[0].Error
-	c.Check(err0, gc.ErrorMatches, "blammo")
-	err1 := result.Results[1].Error
-	c.Check(err1, gc.IsNil)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/shim.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/shim.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,50 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/state"
-)
-
-// This file contains untested shims to let us wrap state in a sensible
-// interface and avoid writing tests that depend on mongodb. If you were
-// to change any part of it so that it were no longer *obviously* and
-// *trivially* correct, you would be Doing It Wrong.
-
-func init() {
-	common.RegisterStandardFacade("ServiceScaler", 1, newFacade)
-}
-
-// newFacade wraps the supplied *state.State for the use of the Facade.
-func newFacade(st *state.State, res *common.Resources, auth common.Authorizer) (*Facade, error) {
-	return NewFacade(backendShim{st}, res, auth)
-}
-
-// backendShim wraps a *State to implement Backend without pulling in direct
-// mongodb dependencies. It would be awesome if we were to put this in state
-// and test it properly there, where we have no choice but to test against
-// mongodb anyway, but that's relatively low priority...
-//
-// ...so long as it stays simple, and the full functionality remains tested
-// elsewhere.
-type backendShim struct {
-	st *state.State
-}
-
-// WatchScaledServices is part of the Backend interface.
-func (shim backendShim) WatchScaledServices() state.StringsWatcher {
-	return shim.st.WatchMinUnits()
-}
-
-// RescaleService is part of the Backend interface.
-func (shim backendShim) RescaleService(name string) error {
-	service, err := shim.st.Service(name)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	return service.EnsureMinUnits()
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/servicescaler/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/servicescaler/util_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,112 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/apiserver/servicescaler"
-	"github.com/juju/juju/state"
-)
-
-// mockAuth implements common.Authorizer for the tests' convenience.
-type mockAuth struct {
-	common.Authorizer
-	modelManager bool
-}
-
-func (mock mockAuth) AuthModelManager() bool {
-	return mock.modelManager
-}
-
-// auth is a convenience constructor for a mockAuth.
-func auth(modelManager bool) common.Authorizer {
-	return mockAuth{modelManager: modelManager}
-}
-
-// mockWatcher implements state.StringsWatcher for the tests' convenience.
-type mockWatcher struct {
-	state.StringsWatcher
-	working bool
-}
-
-func (mock *mockWatcher) Changes() <-chan []string {
-	ch := make(chan []string, 1)
-	if mock.working {
-		ch <- []string{"pow", "zap", "kerblooie"}
-	} else {
-		close(ch)
-	}
-	return ch
-}
-
-func (mock *mockWatcher) Err() error {
-	return errors.New("blammo")
-}
-
-// watchBackend implements servicescaler.Backend for the convenience of
-// the tests for the Watch method.
-type watchBackend struct {
-	servicescaler.Backend
-	working bool
-}
-
-func (backend *watchBackend) WatchScaledServices() state.StringsWatcher {
-	return &mockWatcher{working: backend.working}
-}
-
-// watchFixture collects components needed to test the Watch method.
-type watchFixture struct {
-	Facade    *servicescaler.Facade
-	Resources *common.Resources
-}
-
-func newWatchFixture(c *gc.C, working bool) *watchFixture {
-	backend := &watchBackend{working: working}
-	resources := common.NewResources()
-	facade, err := servicescaler.NewFacade(backend, resources, auth(true))
-	c.Assert(err, jc.ErrorIsNil)
-	return &watchFixture{facade, resources}
-}
-
-// rescaleBackend implements servicescaler.Backend for the convenience of
-// the tests for the Rescale method.
-type rescaleBackend struct {
-	servicescaler.Backend
-}
-
-func (rescaleBackend) RescaleService(name string) error {
-	switch name {
-	case "expected":
-		return nil
-	case "missing":
-		return errors.NotFoundf("service")
-	default:
-		return errors.New("blammo")
-	}
-}
-
-// rescaleFixture collects components needed to test the Rescale method.
-type rescaleFixture struct {
-	Facade *servicescaler.Facade
-}
-
-func newRescaleFixture(c *gc.C) *rescaleFixture {
-	facade, err := servicescaler.NewFacade(rescaleBackend{}, nil, auth(true))
-	c.Assert(err, jc.ErrorIsNil)
-	return &rescaleFixture{facade}
-}
-
-// entities is a convenience constructor for params.Entities.
-func entities(tags ...string) params.Entities {
-	entities := params.Entities{Entities: make([]params.Entity, len(tags))}
-	for i, tag := range tags {
-		entities.Entities[i].Tag = tag
-	}
-	return entities
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/singular/fixture_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/singular/fixture_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/singular/fixture_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/singular/fixture_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/core/lease"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/singular/singular.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/singular/singular.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/singular/singular.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/singular/singular.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"time"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/spaces/spaces_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/spaces/spaces_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/spaces/spaces_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/spaces/spaces_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/sshclient/facade.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/sshclient/facade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/sshclient/facade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/sshclient/facade.go	2016-07-18 19:45:44.000000000 +0000
@@ -51,7 +51,7 @@
 	for i, entity := range args.Entities {
 		machine, err := facade.backend.GetMachineForEntity(entity.Tag)
 		if err != nil {
-			out.Results[i].Error = common.ServerError(common.ErrPerm)
+			out.Results[i].Error = common.ServerError(err)
 		} else {
 			address, err := getter(machine)
 			if err != nil {
@@ -73,7 +73,7 @@
 	for i, entity := range args.Entities {
 		machine, err := facade.backend.GetMachineForEntity(entity.Tag)
 		if err != nil {
-			out.Results[i].Error = common.ServerError(common.ErrPerm)
+			out.Results[i].Error = common.ServerError(err)
 		} else {
 			keys, err := facade.backend.GetSSHHostKeys(machine.MachineTag())
 			if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/sshclient/facade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/sshclient/facade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/sshclient/facade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/sshclient/facade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -71,7 +71,7 @@
 		Results: []params.SSHAddressResult{
 			{Address: "1.1.1.1"},
 			{Address: "3.3.3.3"},
-			{Error: apiservertesting.ErrUnauthorized},
+			{Error: apiservertesting.NotFoundError("entity")},
 		},
 	})
 	s.backend.stub.CheckCalls(c, []jujutesting.StubCall{
@@ -90,7 +90,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(results, gc.DeepEquals, params.SSHAddressResults{
 		Results: []params.SSHAddressResult{
-			{Error: apiservertesting.ErrUnauthorized},
+			{Error: apiservertesting.NotFoundError("entity")},
 			{Address: "2.2.2.2"},
 			{Address: "4.4.4.4"},
 		},
@@ -112,7 +112,7 @@
 	c.Check(results, gc.DeepEquals, params.SSHPublicKeysResults{
 		Results: []params.SSHPublicKeysResult{
 			{PublicKeys: []string{"rsa0", "dsa0"}},
-			{Error: apiservertesting.ErrUnauthorized},
+			{Error: apiservertesting.NotFoundError("entity")},
 			{PublicKeys: []string{"rsa1", "dsa1"}},
 		},
 	})
@@ -177,7 +177,7 @@
 			privateAddress: "4.4.4.4",
 		}, nil
 	}
-	return nil, errors.New("unknown entity")
+	return nil, errors.NotFoundf("entity")
 }
 
 func (backend *mockBackend) GetSSHHostKeys(tag names.MachineTag) (state.SSHHostKeys, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/sshclient/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/sshclient/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/sshclient/shim.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/sshclient/shim.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/environs/config"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/statushistory/pruner.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/statushistory/pruner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/statushistory/pruner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/statushistory/pruner.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,10 +28,11 @@
 }
 
 // Prune endpoint removes status history entries until
-// only the N newest records per unit remain.
+// only the ones newer than now - p.MaxHistoryTime remain and
+// the history is smaller than p.MaxHistoryMB.
 func (api *API) Prune(p params.StatusHistoryPruneArgs) error {
 	if !api.authorizer.AuthModelManager() {
 		return common.ErrPerm
 	}
-	return state.PruneStatusHistory(api.st, p.MaxLogsPerEntity)
+	return state.PruneStatusHistory(api.st, p.MaxHistoryTime, p.MaxHistoryMB)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/status"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/storageadd_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/storageadd_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/storageadd_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/storageadd_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
@@ -73,14 +73,15 @@
 	s.assertCalls(c, []string{getBlockForTypeCall, addStorageForUnitCall})
 }
 
-func (s *storageAddSuite) TestStorageAddUnitError(c *gc.C) {
+func (s *storageAddSuite) TestStorageAddUnitInvalidName(c *gc.C) {
 	args := params.StorageAddParams{
+		UnitTag:     "invalid-unit-name",
 		StorageName: "data",
 	}
 	failures, err := s.api.AddToUnit(params.StoragesAddParams{[]params.StorageAddParams{args}})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(failures.Results, gc.HasLen, 1)
-	c.Assert(failures.Results[0].Error.Error(), gc.Matches, ".*is not a valid tag.*")
+	c.Assert(failures.Results[0].Error.Error(), gc.Matches, "\"invalid-unit-name\" is not a valid tag")
 
 	expectedCalls := []string{getBlockForTypeCall}
 	s.assertCalls(c, expectedCalls)
@@ -105,25 +106,6 @@
 	s.assertCalls(c, []string{getBlockForTypeCall, addStorageForUnitCall})
 }
 
-func (s *storageAddSuite) TestStorageAddUnitPermError(c *gc.C) {
-	msg := "add test directive error"
-	s.state.addStorageForUnit = func(u names.UnitTag, name string, cons state.StorageConstraints) error {
-		s.calls = append(s.calls, addStorageForUnitCall)
-		return errors.NotFoundf(msg)
-	}
-
-	args := params.StorageAddParams{
-		UnitTag:     s.unitTag.String(),
-		StorageName: "data",
-	}
-	failures, err := s.api.AddToUnit(params.StoragesAddParams{[]params.StorageAddParams{args}})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(failures.Results, gc.HasLen, 1)
-	c.Assert(failures.Results[0].Error.Error(), gc.Matches, ".*permission denied.*")
-
-	s.assertCalls(c, []string{getBlockForTypeCall, addStorageForUnitCall})
-}
-
 func (s *storageAddSuite) TestStorageAddUnitResultOrder(c *gc.C) {
 	wrong0 := params.StorageAddParams{
 		StorageName: "data",
@@ -156,3 +138,21 @@
 
 	s.assertCalls(c, []string{getBlockForTypeCall, addStorageForUnitCall, addStorageForUnitCall})
 }
+
+func (s *storageAddSuite) TestStorageAddUnitNotFoundErr(c *gc.C) {
+	msg := "sanity"
+	s.state.addStorageForUnit = func(u names.UnitTag, name string, cons state.StorageConstraints) error {
+		s.calls = append(s.calls, addStorageForUnitCall)
+		return errors.NotFoundf(msg)
+	}
+
+	args := params.StorageAddParams{
+		UnitTag:     s.unitTag.String(),
+		StorageName: "data",
+	}
+	failures, err := s.api.AddToUnit(params.StoragesAddParams{[]params.StorageAddParams{args}})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(failures.Results, gc.HasLen, 1)
+	c.Assert(failures.Results[0].Error.Error(), gc.Matches, "sanity not found")
+	c.Assert(failures.Results[0].Error, jc.Satisfies, params.IsCodeNotFound)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/storagecommon"
@@ -42,7 +42,6 @@
 	if !authorizer.AuthClient() {
 		return nil, common.ErrPerm
 	}
-
 	return &API{
 		storage:     st,
 		poolManager: pm,
@@ -668,13 +667,6 @@
 		return params.ErrorResults{}, nil
 	}
 
-	serverErr := func(err error) params.ErrorResult {
-		if errors.IsNotFound(err) {
-			err = common.ErrPerm
-		}
-		return params.ErrorResult{Error: common.ServerError(err)}
-	}
-
 	paramsToState := func(p params.StorageConstraints) state.StorageConstraints {
 		s := state.StorageConstraints{Pool: p.Pool}
 		if p.Size != nil {
@@ -690,17 +682,13 @@
 	for i, one := range args.Storages {
 		u, err := names.ParseUnitTag(one.UnitTag)
 		if err != nil {
-			result[i] = serverErr(
-				errors.Annotatef(err, "parsing unit tag %v", one.UnitTag))
+			result[i] = params.ErrorResult{Error: common.ServerError(err)}
 			continue
 		}
 
-		err = a.storage.AddStorageForUnit(u,
-			one.StorageName,
-			paramsToState(one.Constraints))
+		err = a.storage.AddStorageForUnit(u, one.StorageName, paramsToState(one.Constraints))
 		if err != nil {
-			result[i] = serverErr(
-				errors.Annotatef(err, "adding storage %v for %v", one.StorageName, one.UnitTag))
+			result[i] = params.ErrorResult{Error: common.ServerError(err)}
 		}
 	}
 	return params.ErrorResults{Results: result}, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/storage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/volumelist_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/volumelist_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storage/volumelist_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storage/volumelist_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storageprovisioner/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storageprovisioner/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storageprovisioner/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storageprovisioner/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/state"
 )
@@ -15,6 +16,7 @@
 	state.EntityFinder
 	state.ModelAccessor
 
+	ControllerConfig() (controller.Config, error)
 	MachineInstanceId(names.MachineTag) (instance.Id, error)
 	BlockDevices(names.MachineTag) ([]state.BlockDeviceInfo, error)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/storagecommon"
@@ -544,7 +544,11 @@
 	if err != nil {
 		return params.VolumeParamsResults{}, err
 	}
-	envConfig, err := s.st.ModelConfig()
+	modelCfg, err := s.st.ModelConfig()
+	if err != nil {
+		return params.VolumeParamsResults{}, err
+	}
+	controllerCfg, err := s.st.ControllerConfig()
 	if err != nil {
 		return params.VolumeParamsResults{}, err
 	}
@@ -574,7 +578,8 @@
 		if err != nil {
 			return params.VolumeParams{}, err
 		}
-		volumeParams, err := storagecommon.VolumeParams(volume, storageInstance, envConfig, poolManager)
+		volumeParams, err := storagecommon.VolumeParams(
+			volume, storageInstance, modelCfg.UUID(), controllerCfg.ControllerUUID(), modelCfg, poolManager)
 		if err != nil {
 			return params.VolumeParams{}, err
 		}
@@ -630,7 +635,11 @@
 	if err != nil {
 		return params.FilesystemParamsResults{}, err
 	}
-	envConfig, err := s.st.ModelConfig()
+	modelConfig, err := s.st.ModelConfig()
+	if err != nil {
+		return params.FilesystemParamsResults{}, err
+	}
+	controllerCfg, err := s.st.ControllerConfig()
 	if err != nil {
 		return params.FilesystemParamsResults{}, err
 	}
@@ -657,7 +666,7 @@
 			return params.FilesystemParams{}, err
 		}
 		filesystemParams, err := storagecommon.FilesystemParams(
-			filesystem, storageInstance, envConfig, poolManager,
+			filesystem, storageInstance, modelConfig.UUID(), controllerCfg.ControllerUUID(), modelConfig, poolManager,
 		)
 		if err != nil {
 			return params.FilesystemParams{}, err
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/storageprovisioner/storageprovisioner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"sort"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -893,7 +893,7 @@
 
 	args := params.Entities{Entities: []params.Entity{
 		{"machine-0"},
-		{"service-mysql"},
+		{"application-mysql"},
 		{"machine-1"},
 		{"machine-42"}},
 	}
@@ -902,7 +902,7 @@
 	c.Assert(results, jc.DeepEquals, params.NotifyWatchResults{
 		Results: []params.NotifyWatchResult{
 			{NotifyWatcherId: "1"},
-			{Error: &params.Error{Message: `"service-mysql" is not a valid machine tag`}},
+			{Error: &params.Error{Message: `"application-mysql" is not a valid machine tag`}},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
 		},
@@ -953,7 +953,7 @@
 		{MachineTag: "machine-0", AttachmentTag: "volume-0-2"},
 		{MachineTag: "machine-1", AttachmentTag: "volume-1"},
 		{MachineTag: "machine-42", AttachmentTag: "volume-42"},
-		{MachineTag: "service-mysql", AttachmentTag: "volume-1"},
+		{MachineTag: "application-mysql", AttachmentTag: "volume-1"},
 	}}
 	results, err := s.api.VolumeBlockDevices(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -968,7 +968,7 @@
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
-			{Error: &params.Error{Message: `"service-mysql" is not a valid machine tag`}},
+			{Error: &params.Error{Message: `"application-mysql" is not a valid machine tag`}},
 		},
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/subnets/subnets.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/subnets/subnets.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/subnets/subnets.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/subnets/subnets.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/networkingcommon"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/subnets/subnets_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/subnets/subnets_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/subnets/subnets_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/subnets/subnets_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/networkingcommon"
@@ -215,7 +215,7 @@
 
 	results, err := s.facade.AllZones()
 	c.Assert(err, gc.ErrorMatches,
-		`cannot update known zones: getting model config: config not found`,
+		`cannot update known zones: opening environment: config not found`,
 	)
 	// Verify the cause is not obscured.
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
@@ -237,7 +237,7 @@
 
 	results, err := s.facade.AllZones()
 	c.Assert(err, gc.ErrorMatches,
-		`cannot update known zones: opening model: config not valid`,
+		`cannot update known zones: opening environment: config not valid`,
 	)
 	// Verify the cause is not obscured.
 	c.Assert(err, jc.Satisfies, errors.IsNotValid)
@@ -348,7 +348,7 @@
 		SubnetTag: "invalid",
 	}, {
 		// invalid subnet tag (another kind): same as above
-		SubnetTag: "service-bar",
+		SubnetTag: "application-bar",
 	}, {
 		// cached lookup by missing CIDR: not found error
 		SubnetTag: "subnet-1.2.3.0/24",
@@ -485,8 +485,8 @@
 		{"either SubnetTag or SubnetProviderId is required", nil},
 		{"either SubnetTag or SubnetProviderId is required", nil},
 		{"SubnetTag and SubnetProviderId cannot be both set", nil},
-		{"getting model config: config not found", params.IsCodeNotFound},
-		{"opening model: provider not found", params.IsCodeNotFound},
+		{"opening environment: config not found", params.IsCodeNotFound},
+		{"opening environment: provider not found", params.IsCodeNotFound},
 		{"cannot get provider subnets: subnets not found", params.IsCodeNotFound},
 		{`subnet with CIDR "" and ProviderId "missing" not found`, params.IsCodeNotFound},
 		{`subnet with CIDR "" and ProviderId "void" not found`, params.IsCodeNotFound},
@@ -494,7 +494,7 @@
 		{`given SpaceTag is invalid: "unit-foo" is not a valid unit tag`, nil},
 		{`given SpaceTag is invalid: "unit-foo-0" is not a valid space tag`, nil},
 		{`given SubnetTag is invalid: "invalid" is not a valid tag`, nil},
-		{`given SubnetTag is invalid: "service-bar" is not a valid subnet tag`, nil},
+		{`given SubnetTag is invalid: "application-bar" is not a valid subnet tag`, nil},
 		{`subnet with CIDR "1.2.3.0/24" not found`, params.IsCodeNotFound},
 		{
 			`multiple subnets with CIDR "10.10.0.0/24": ` +
@@ -526,24 +526,18 @@
 		ProviderId:        "sn-ipv6",
 		CIDR:              "2001:db8::/32",
 		VLANTag:           0,
-		AllocatableIPHigh: "",
-		AllocatableIPLow:  "",
 		AvailabilityZones: []string{"zone1"},
 		SpaceName:         "dmz",
 	}, {
 		ProviderId:        "vlan-42",
 		CIDR:              "10.30.1.0/24",
 		VLANTag:           42,
-		AllocatableIPHigh: "",
-		AllocatableIPLow:  "",
 		AvailabilityZones: []string{"zone3"},
 		SpaceName:         "private",
 	}, {
 		ProviderId:        "sn-zadf00d",
 		CIDR:              "10.10.0.0/24",
 		VLANTag:           0,
-		AllocatableIPHigh: "10.10.0.100",
-		AllocatableIPLow:  "10.10.0.10",
 		AvailabilityZones: []string{"zone1"},
 		SpaceName:         "private",
 	}}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakeapi.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakeapi.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakeapi.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakeapi.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,99 @@
+package testing
+
+import (
+	"crypto/tls"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"reflect"
+
+	"github.com/bmizerany/pat"
+	"github.com/juju/utils"
+	"golang.org/x/net/websocket"
+
+	"github.com/juju/juju/apiserver/observer/fakeobserver"
+	"github.com/juju/juju/rpc"
+	"github.com/juju/juju/rpc/jsoncodec"
+	"github.com/juju/juju/rpc/rpcreflect"
+	"github.com/juju/juju/testing"
+)
+
+// Server represents a fake API server. It must be closed
+// after use.
+type Server struct {
+	// Addrs holds the address used for the
+	// server, suitable for including in api.Info.Addrs
+	Addrs []string
+
+	*httptest.Server
+	newRoot func(modelUUID string) interface{}
+}
+
+// NewAPIServer serves RPC methods on a localhost HTTP server.
+// When a connection is made to the API, the newRoot function
+// is called with the requested model UUID and the returned
+// value defines the API (see the juju/rpc package).
+//
+// Note that the root value accepts any facade version number - it
+// is not currently possible to use this to serve several different
+// facade versions.
+//
+// The server uses testing.ServerCert and testing.ServerKey
+// to host the server.
+//
+// The returned server must be closed after use.
+func NewAPIServer(newRoot func(modelUUID string) interface{}) *Server {
+	tlsCert, err := tls.X509KeyPair([]byte(testing.ServerCert), []byte(testing.ServerKey))
+	if err != nil {
+		panic("bad key pair")
+	}
+
+	srv := &Server{
+		newRoot: newRoot,
+	}
+	pmux := pat.New()
+	pmux.Get("/model/:modeluuid/api", http.HandlerFunc(srv.serveAPI))
+
+	srv.Server = httptest.NewUnstartedServer(pmux)
+
+	tlsConfig := utils.SecureTLSConfig()
+	tlsConfig.Certificates = []tls.Certificate{tlsCert}
+	srv.Server.TLS = tlsConfig
+
+	srv.StartTLS()
+	u, _ := url.Parse(srv.URL)
+	srv.Addrs = []string{u.Host}
+	return srv
+}
+
+func (srv *Server) serveAPI(w http.ResponseWriter, req *http.Request) {
+	wsServer := websocket.Server{
+		Handler: func(conn *websocket.Conn) {
+			srv.serveConn(conn, req.URL.Query().Get(":modeluuid"))
+		},
+	}
+	wsServer.ServeHTTP(w, req)
+}
+
+func (srv *Server) serveConn(wsConn *websocket.Conn, modelUUID string) {
+	codec := jsoncodec.NewWebsocket(wsConn)
+	conn := rpc.NewConn(codec, &fakeobserver.Instance{})
+
+	root := allVersions{
+		rpcreflect.ValueOf(reflect.ValueOf(srv.newRoot(modelUUID))),
+	}
+	conn.ServeFinder(root, nil)
+	conn.Start()
+	<-conn.Dead()
+	conn.Close()
+}
+
+// allVersions serves the same methods as would be served
+// by rpc.Conn.Serve except that the facade version is ignored.
+type allVersions struct {
+	x rpcreflect.Value
+}
+
+func (av allVersions) FindMethod(rootMethodName string, version int, objMethodName string) (rpcreflect.MethodCaller, error) {
+	return av.x.FindMethod(rootMethodName, 0, objMethodName)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakeapi_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakeapi_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakeapi_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakeapi_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,63 @@
+package testing_test
+
+import (
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/params"
+	apiservertesting "github.com/juju/juju/apiserver/testing"
+	jtesting "github.com/juju/juju/testing"
+)
+
+var _ = gc.Suite(&fakeAPISuite{})
+
+type fakeAPISuite struct {
+	testing.IsolationSuite
+}
+
+func (*fakeAPISuite) TestFakeAPI(c *gc.C) {
+	var r root
+	fakeUUID := "dead-beef"
+	srv := apiservertesting.NewAPIServer(func(modelUUID string) interface{} {
+		c.Check(modelUUID, gc.Equals, fakeUUID)
+		return &r
+	})
+	defer srv.Close()
+	info := &api.Info{
+		Addrs:    srv.Addrs,
+		CACert:   jtesting.CACert,
+		ModelTag: names.NewModelTag("dead-beef"),
+	}
+	_, err := api.Open(info, api.DialOpts{})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(r.calledMethods, jc.DeepEquals, []string{"Login"})
+}
+
+type root struct {
+	calledMethods []string
+}
+
+type facade struct {
+	r *root
+}
+
+func (r *root) Admin(id string) (facade, error) {
+	return facade{r}, nil
+}
+
+func (f facade) Login(req params.LoginRequest) (params.LoginResultV1, error) {
+	f.r.calledMethods = append(f.r.calledMethods, "Login")
+	return params.LoginResultV1{
+		ModelTag:      names.NewModelTag("dead-beef").String(),
+		ControllerTag: names.NewModelTag("dead-beef").String(),
+		UserInfo: &params.AuthUserInfo{
+			DisplayName: "foo",
+			Identity:    "user-bar",
+		},
+		ServerVersion: "1.0.0",
+	}, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakeauthorizer.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakeauthorizer.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakeauthorizer.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakeauthorizer.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package testing
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // FakeAuthorizer implements the common.Authorizer interface.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakenotifywatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakenotifywatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/fakenotifywatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/fakenotifywatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,44 +4,41 @@
 package testing
 
 import (
-	"launchpad.net/tomb"
-
 	"github.com/juju/juju/state"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/workertest"
 )
 
 // FakeNotifyWatcher is an implementation of state.NotifyWatcher which
 // is useful in tests.
 type FakeNotifyWatcher struct {
-	tomb tomb.Tomb
-	C    chan struct{}
+	worker.Worker
+	C chan struct{}
 }
 
 var _ state.NotifyWatcher = (*FakeNotifyWatcher)(nil)
 
 func NewFakeNotifyWatcher() *FakeNotifyWatcher {
+	ch := make(chan struct{}, 1)
+	ch <- struct{}{}
 	return &FakeNotifyWatcher{
-		C: make(chan struct{}, 1),
+		Worker: workertest.NewErrorWorker(nil),
+		C:      ch,
 	}
 }
 
+// Stop is part of the state.NotifyWatcher interface.
 func (w *FakeNotifyWatcher) Stop() error {
-	w.Kill()
-	return w.Wait()
-}
-
-func (w *FakeNotifyWatcher) Kill() {
-	w.tomb.Kill(nil)
-	w.tomb.Done()
-}
-
-func (w *FakeNotifyWatcher) Wait() error {
-	return w.tomb.Wait()
+	return worker.Stop(w)
 }
 
+// Err is part of the state.NotifyWatcher interface.
 func (w *FakeNotifyWatcher) Err() error {
-	return w.tomb.Err()
+	// this is silly, but it's what it always returned anyway
+	return nil
 }
 
+// Changes is part of the state.NotifyWatcher interface.
 func (w *FakeNotifyWatcher) Changes() <-chan struct{} {
 	return w.C
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,11 @@
+package testing_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestPackage(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/service.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,8 +13,8 @@
 	coretesting "github.com/juju/juju/testing"
 )
 
-func AssertPrincipalServiceDeployed(c *gc.C, st *state.State, serviceName string, curl *charm.URL, forced bool, bundle charm.Charm, cons constraints.Value) *state.Service {
-	service, err := st.Service(serviceName)
+func AssertPrincipalServiceDeployed(c *gc.C, st *state.State, serviceName string, curl *charm.URL, forced bool, bundle charm.Charm, cons constraints.Value) *state.Application {
+	service, err := st.Application(serviceName)
 	c.Assert(err, jc.ErrorIsNil)
 	charm, force, err := service.Charm()
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/stub_network.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/stub_network.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/testing/stub_network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/testing/stub_network.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,8 +1,10 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package testing
 
 import (
 	"fmt"
-	"net"
 	"strconv"
 	"strings"
 
@@ -62,8 +64,6 @@
 		CIDR:              "10.10.0.0/24",
 		ProviderId:        "sn-zadf00d",
 		AvailabilityZones: []string{"zone1"},
-		AllocatableIPLow:  net.ParseIP("10.10.0.10"),
-		AllocatableIPHigh: net.ParseIP("10.10.0.100"),
 	}, {
 		CIDR:              "2001:db8::/32",
 		ProviderId:        "sn-ipv6",
@@ -401,8 +401,6 @@
 		info0 := networkingcommon.BackingSubnetInfo{
 			CIDR:              ProviderInstance.Subnets[0].CIDR,
 			ProviderId:        ProviderInstance.Subnets[0].ProviderId,
-			AllocatableIPLow:  ProviderInstance.Subnets[0].AllocatableIPLow.String(),
-			AllocatableIPHigh: ProviderInstance.Subnets[0].AllocatableIPHigh.String(),
 			AvailabilityZones: ProviderInstance.Subnets[0].AvailabilityZones,
 			SpaceName:         "private",
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/tools.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/tools.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/tools.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/tools.go	2016-07-18 19:45:44.000000000 +0000
@@ -119,11 +119,7 @@
 // in simplestreams and GETting it, caching the result in tools storage before returning
 // to the caller.
 func (h *toolsDownloadHandler) fetchAndCacheTools(v version.Binary, stor binarystorage.Storage, st *state.State) (io.ReadCloser, error) {
-	envcfg, err := st.ModelConfig()
-	if err != nil {
-		return nil, err
-	}
-	env, err := environs.New(envcfg)
+	env, err := environs.GetEnviron(st, environs.New)
 	if err != nil {
 		return nil, err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/undertaker"
 	"github.com/juju/juju/environs/config"
@@ -82,7 +82,7 @@
 	return m.machines, nil
 }
 
-func (m *mockState) AllServices() ([]undertaker.Service, error) {
+func (m *mockState) AllApplications() ([]undertaker.Service, error) {
 	return m.services, nil
 }
 
@@ -146,10 +146,10 @@
 	return nil
 }
 
-func (m *mockModel) SetStatus(status status.Status, info string, data map[string]interface{}) error {
-	m.status = status
-	m.statusInfo = info
-	m.statusData = data
+func (m *mockModel) SetStatus(sInfo status.StatusInfo) error {
+	m.status = sInfo.Status
+	m.statusInfo = sInfo.Message
+	m.statusData = sInfo.Data
 	return nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/state"
@@ -34,8 +34,8 @@
 	// AllMachines returns all machines in the model ordered by id.
 	AllMachines() ([]Machine, error)
 
-	// AllServices returns all deployed services in the model.
-	AllServices() ([]Service, error)
+	// AllApplications returns all deployed services in the model.
+	AllApplications() ([]Service, error)
 
 	// ModelConfig retrieves the model configuration.
 	ModelConfig() (*config.Config, error)
@@ -66,8 +66,8 @@
 	Watch() state.NotifyWatcher
 }
 
-func (s *stateShim) AllServices() ([]Service, error) {
-	stateServices, err := s.State.AllServices()
+func (s *stateShim) AllApplications() ([]Service, error) {
+	stateServices, err := s.State.AllApplications()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/undertaker.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/undertaker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/undertaker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/undertaker.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -102,7 +102,7 @@
 		nothing.Error = common.ServerError(err)
 		return nothing
 	}
-	services, err := u.st.AllServices()
+	services, err := u.st.AllApplications()
 	if err != nil {
 		nothing.Error = common.ServerError(err)
 		return nothing
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/undertaker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/undertaker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/undertaker/undertaker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/undertaker/undertaker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package undertaker_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
@@ -161,7 +161,7 @@
 
 	results, err := hostedAPI.SetStatus(params.SetStatus{
 		Entities: []params.EntityStatusArgs{{
-			mock.env.Tag().String(), status.StatusDestroying,
+			mock.env.Tag().String(), status.StatusDestroying.String(),
 			"woop", map[string]interface{}{"da": "ta"},
 		}},
 	})
@@ -177,7 +177,7 @@
 	_, hostedAPI := s.setupStateAndAPI(c, true, "hostedenv")
 	results, err := hostedAPI.SetStatus(params.SetStatus{
 		Entities: []params.EntityStatusArgs{{
-			"model-6ada782f-bcd4-454b-a6da-d1793fbcb35e", status.StatusDestroying,
+			"model-6ada782f-bcd4-454b-a6da-d1793fbcb35e", status.StatusDestroying.String(),
 			"woop", map[string]interface{}{"da": "ta"},
 		}},
 	})
@@ -190,7 +190,7 @@
 	_, hostedAPI := s.setupStateAndAPI(c, false, "hostedenv")
 	results, err := hostedAPI.SetStatus(params.SetStatus{
 		Entities: []params.EntityStatusArgs{{
-			"model-6ada782f-bcd4-454b-a6da-d1793fbcb35e", status.StatusDestroying,
+			"model-6ada782f-bcd4-454b-a6da-d1793fbcb35e", status.StatusDestroying.String(),
 			"woop", map[string]interface{}{"da": "ta"},
 		}},
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/unitassigner/unitassigner.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/unitassigner/unitassigner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/unitassigner/unitassigner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/unitassigner/unitassigner.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,8 +1,11 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package unitassigner
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,14 +6,9 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/testing"
-
 	coretesting "github.com/juju/juju/testing"
 )
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1518809")
-	}
 	coretesting.MgoTestPackage(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/state.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/status.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -60,9 +60,9 @@
 	return s.unitSetter.SetStatus(args)
 }
 
-// SetServiceStatus sets the status for all the Services in args if the given Unit is
+// SetApplicationStatus sets the status for all the Services in args if the given Unit is
 // the leader.
-func (s *StatusAPI) SetServiceStatus(args params.SetStatus) (params.ErrorResults, error) {
+func (s *StatusAPI) SetApplicationStatus(args params.SetStatus) (params.ErrorResults, error) {
 	return s.serviceSetter.SetStatus(args)
 }
 
@@ -71,8 +71,8 @@
 	return s.unitGetter.Status(args)
 }
 
-// ServiceStatus returns the status of the Services and its workloads
+// ApplicationStatus returns the status of the Applications and its workloads
 // if the given unit is the leader.
-func (s *StatusAPI) ServiceStatus(args params.Entities) (params.ServiceStatusResults, error) {
+func (s *StatusAPI) ApplicationStatus(args params.Entities) (params.ApplicationStatusResults, error) {
 	return s.serviceGetter.Status(args)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/storagecommon"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/storage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/apiserver/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/uniter.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/uniter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/uniter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/uniter.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	leadershipapiserver "github.com/juju/juju/apiserver/leadership"
@@ -27,7 +27,7 @@
 var logger = loggo.GetLogger("juju.apiserver.uniter")
 
 func init() {
-	common.RegisterStandardFacade("Uniter", 3, NewUniterAPIV3)
+	common.RegisterStandardFacade("Uniter", 4, NewUniterAPIV4)
 }
 
 // UniterAPIV3 implements the API version 3, used by the uniter worker.
@@ -52,8 +52,8 @@
 	StorageAPI
 }
 
-// NewUniterAPIV3 creates a new instance of the Uniter API, version 3.
-func NewUniterAPIV3(st *state.State, resources *common.Resources, authorizer common.Authorizer) (*UniterAPIV3, error) {
+// NewUniterAPIV4 creates a new instance of the Uniter API, version 3.
+func NewUniterAPIV4(st *state.State, resources *common.Resources, authorizer common.Authorizer) (*UniterAPIV3, error) {
 	if !authorizer.AuthUnitAgent() {
 		return nil, common.ErrPerm
 	}
@@ -78,10 +78,10 @@
 			if err != nil {
 				return nil, errors.Trace(err)
 			}
-			serviceName := entity.ServiceName()
-			serviceTag := names.NewServiceTag(serviceName)
+			applicationName := entity.ApplicationName()
+			applicationTag := names.NewApplicationTag(applicationName)
 			return func(tag names.Tag) bool {
-				return tag == serviceTag
+				return tag == applicationTag
 			}, nil
 		default:
 			return nil, errors.Errorf("expected names.UnitTag, got %T", tag)
@@ -155,35 +155,6 @@
 	return result, nil
 }
 
-// ServiceOwner returns the owner user for each given service tag.
-func (u *UniterAPIV3) ServiceOwner(args params.Entities) (params.StringResults, error) {
-	result := params.StringResults{
-		Results: make([]params.StringResult, len(args.Entities)),
-	}
-	canAccess, err := u.accessService()
-	if err != nil {
-		return params.StringResults{}, err
-	}
-	for i, entity := range args.Entities {
-		tag, err := names.ParseServiceTag(entity.Tag)
-		if err != nil {
-			result.Results[i].Error = common.ServerError(common.ErrPerm)
-			continue
-		}
-		if !canAccess(tag) {
-			result.Results[i].Error = common.ServerError(common.ErrPerm)
-			continue
-		}
-		service, err := u.getService(tag)
-		if err != nil {
-			result.Results[i].Error = common.ServerError(err)
-			continue
-		}
-		result.Results[i].Result = service.GetOwnerTag()
-	}
-	return result, nil
-}
-
 // AssignedMachine returns the machine tag for each given unit tag, or
 // an error satisfying params.IsCodeNotAssigned when a unit has no
 // assigned machine.
@@ -287,7 +258,7 @@
 				address, err = unit.PublicAddress()
 				if err == nil {
 					result.Results[i].Result = address.Value
-				} else if network.IsNoAddress(err) {
+				} else if network.IsNoAddressError(err) {
 					err = common.NoAddressSetError(tag, "public")
 				}
 			}
@@ -321,7 +292,7 @@
 				address, err = unit.PrivateAddress()
 				if err == nil {
 					result.Results[i].Result = address.Value
-				} else if network.IsNoAddress(err) {
+				} else if network.IsNoAddressError(err) {
 					err = common.NoAddressSetError(tag, "private")
 				}
 			}
@@ -589,12 +560,12 @@
 	if err != nil {
 		return -1, err
 	}
-	var service *state.Service
+	var service *state.Application
 	switch entity := unitOrService.(type) {
-	case *state.Service:
+	case *state.Application:
 		service = entity
 	case *state.Unit:
-		service, err = entity.Service()
+		service, err = entity.Application()
 		if err != nil {
 			return -1, err
 		}
@@ -673,6 +644,75 @@
 	return result, nil
 }
 
+// WorkloadVersion returns the workload version for all given units or services.
+func (u *UniterAPIV3) WorkloadVersion(args params.Entities) (params.StringResults, error) {
+	result := params.StringResults{
+		Results: make([]params.StringResult, len(args.Entities)),
+	}
+	canAccess, err := u.accessUnit()
+	if err != nil {
+		return params.StringResults{}, err
+	}
+	for i, entity := range args.Entities {
+		resultItem := &result.Results[i]
+		tag, err := names.ParseUnitTag(entity.Tag)
+		if err != nil {
+			resultItem.Error = common.ServerError(err)
+			continue
+		}
+		if !canAccess(tag) {
+			resultItem.Error = common.ServerError(common.ErrPerm)
+			continue
+		}
+		unit, err := u.getUnit(tag)
+		if err != nil {
+			resultItem.Error = common.ServerError(err)
+			continue
+		}
+		version, err := unit.WorkloadVersion()
+		if err != nil {
+			resultItem.Error = common.ServerError(err)
+			continue
+		}
+		resultItem.Result = version
+	}
+	return result, nil
+}
+
+// SetWorkloadVersion sets the workload version for each given unit. An error will
+// be returned if a unit is dead.
+func (u *UniterAPIV3) SetWorkloadVersion(args params.EntityWorkloadVersions) (params.ErrorResults, error) {
+	result := params.ErrorResults{
+		Results: make([]params.ErrorResult, len(args.Entities)),
+	}
+	canAccess, err := u.accessUnit()
+	if err != nil {
+		return params.ErrorResults{}, err
+	}
+	for i, entity := range args.Entities {
+		resultItem := &result.Results[i]
+		tag, err := names.ParseUnitTag(entity.Tag)
+		if err != nil {
+			resultItem.Error = common.ServerError(err)
+			continue
+		}
+		if !canAccess(tag) {
+			resultItem.Error = common.ServerError(common.ErrPerm)
+			continue
+		}
+		unit, err := u.getUnit(tag)
+		if err != nil {
+			resultItem.Error = common.ServerError(err)
+			continue
+		}
+		err = unit.SetWorkloadVersion(entity.WorkloadVersion)
+		if err != nil {
+			resultItem.Error = common.ServerError(err)
+		}
+	}
+	return result, nil
+}
+
 // OpenPorts sets the policy of the port range with protocol to be
 // opened, for all given units.
 func (u *UniterAPIV3) OpenPorts(args params.EntitiesPortRanges) (params.ErrorResults, error) {
@@ -806,10 +846,10 @@
 	return result, nil
 }
 
-// WatchServiceRelations returns a StringsWatcher, for each given
+// WatchApplicationRelations returns a StringsWatcher, for each given
 // service, that notifies of changes to the lifecycles of relations
 // involving that service.
-func (u *UniterAPIV3) WatchServiceRelations(args params.Entities) (params.StringsWatchResults, error) {
+func (u *UniterAPIV3) WatchApplicationRelations(args params.Entities) (params.StringsWatchResults, error) {
 	result := params.StringsWatchResults{
 		Results: make([]params.StringsWatchResult, len(args.Entities)),
 	}
@@ -818,7 +858,7 @@
 		return params.StringsWatchResults{}, err
 	}
 	for i, entity := range args.Entities {
-		tag, err := names.ParseServiceTag(entity.Tag)
+		tag, err := names.ParseApplicationTag(entity.Tag)
 		if err != nil {
 			result.Results[i].Error = common.ServerError(common.ErrPerm)
 			continue
@@ -1202,8 +1242,8 @@
 	return u.st.Unit(tag.Id())
 }
 
-func (u *UniterAPIV3) getService(tag names.ServiceTag) (*state.Service, error) {
-	return u.st.Service(tag.Id())
+func (u *UniterAPIV3) getService(tag names.ApplicationTag) (*state.Application, error) {
+	return u.st.Application(tag.Id())
 }
 
 func (u *UniterAPIV3) getRelationUnit(canAccess common.AuthFunc, relTag string, unitTag names.UnitTag) (*state.RelationUnit, error) {
@@ -1265,7 +1305,7 @@
 
 func (u *UniterAPIV3) prepareRelationResult(rel *state.Relation, unit *state.Unit) (params.RelationResult, error) {
 	nothing := params.RelationResult{}
-	ep, err := rel.Endpoint(unit.ServiceName())
+	ep, err := rel.Endpoint(unit.ApplicationName())
 	if err != nil {
 		// An error here means the unit's service is not part of the
 		// relation.
@@ -1276,8 +1316,8 @@
 		Key:  rel.String(),
 		Life: params.Life(rel.Life().String()),
 		Endpoint: multiwatcher.Endpoint{
-			ServiceName: ep.ServiceName,
-			Relation:    ep.Relation,
+			ApplicationName: ep.ApplicationName,
+			Relation:        multiwatcher.NewCharmRelation(ep.Relation),
 		},
 	}, nil
 }
@@ -1309,7 +1349,7 @@
 	return nil
 }
 
-func (u *UniterAPIV3) watchOneServiceRelations(tag names.ServiceTag) (params.StringsWatchResult, error) {
+func (u *UniterAPIV3) watchOneServiceRelations(tag names.ApplicationTag) (params.StringsWatchResult, error) {
 	nothing := params.StringsWatchResult{}
 	service, err := u.getService(tag)
 	if err != nil {
@@ -1395,7 +1435,7 @@
 		return "", common.ErrPerm
 	}
 	remoteUnitName := tag.Id()
-	remoteServiceName, err := names.UnitService(remoteUnitName)
+	remoteServiceName, err := names.UnitApplication(remoteUnitName)
 	if err != nil {
 		return "", common.ErrPerm
 	}
@@ -1438,7 +1478,7 @@
 	auth common.Authorizer,
 ) *leadershipapiserver.LeadershipSettingsAccessor {
 	registerWatcher := func(serviceId string) (string, error) {
-		service, err := st.Service(serviceId)
+		service, err := st.Application(serviceId)
 		if err != nil {
 			return "", err
 		}
@@ -1449,14 +1489,14 @@
 		return "", watcher.EnsureErr(w)
 	}
 	getSettings := func(serviceId string) (map[string]string, error) {
-		service, err := st.Service(serviceId)
+		service, err := st.Application(serviceId)
 		if err != nil {
 			return nil, err
 		}
 		return service.LeaderSettings()
 	}
 	writeSettings := func(token leadership.Token, serviceId string, settings map[string]string) error {
-		service, err := st.Service(serviceId)
+		service, err := st.Application(serviceId)
 		if err != nil {
 			return err
 		}
@@ -1553,7 +1593,7 @@
 		return nil, errors.Trace(err)
 	}
 
-	service, err := unit.Service()
+	service, err := unit.Application()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -1585,7 +1625,7 @@
 		)
 
 		privateAddress, err := machine.PrivateAddress()
-		if err != nil && !network.IsNoAddress(err) {
+		if err != nil {
 			return nil, errors.Annotatef(err, "getting machine %q preferred private address", machineID)
 		}
 
@@ -1607,19 +1647,19 @@
 		return nil, errors.Annotate(err, "cannot get devices addresses")
 	}
 	logger.Infof(
-		"geting network config for machine %q with addresses %+v, hosting unit %q of service %q, with bindings %+v",
+		"geting network config for machine %q with addresses %+v, hosting unit %q of application %q, with bindings %+v",
 		machineID, addresses, unit.Name(), service.Name(), bindings,
 	)
 
 	for _, addr := range addresses {
 		subnet, err := addr.Subnet()
-		if err != nil {
-			return nil, errors.Annotatef(err, "cannot get subnet for address %q", addr)
-		}
-		if subnet == nil {
-			logger.Debugf("skipping %s: not linked to a known subnet", addr)
+		if errors.IsNotFound(err) {
+			logger.Debugf("skipping %s: not linked to a known subnet (%v)", addr, err)
 			continue
+		} else if err != nil {
+			return nil, errors.Annotatef(err, "cannot get subnet for address %q", addr)
 		}
+
 		if space := subnet.SpaceName(); space != boundSpace {
 			logger.Debugf("skipping %s: want bound to space %q, got space %q", addr, boundSpace, space)
 			continue
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/uniter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/uniter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/uniter/uniter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/uniter/uniter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	commontesting "github.com/juju/juju/apiserver/common/testing"
@@ -41,13 +41,13 @@
 
 	machine0      *state.Machine
 	machine1      *state.Machine
-	wordpress     *state.Service
+	wordpress     *state.Application
 	wpCharm       *state.Charm
-	mysql         *state.Service
+	mysql         *state.Application
 	wordpressUnit *state.Unit
 	mysqlUnit     *state.Unit
 
-	meteredService *state.Service
+	meteredService *state.Application
 	meteredCharm   *state.Charm
 	meteredUnit    *state.Unit
 }
@@ -71,37 +71,35 @@
 		Name: "wordpress",
 		URL:  "cs:quantal/wordpress-3",
 	})
-	s.wordpress = factory.MakeService(c, &jujuFactory.ServiceParams{
-		Name:    "wordpress",
-		Charm:   s.wpCharm,
-		Creator: s.AdminUserTag(c),
+	s.wordpress = factory.MakeApplication(c, &jujuFactory.ApplicationParams{
+		Name:  "wordpress",
+		Charm: s.wpCharm,
 	})
 	mysqlCharm := factory.MakeCharm(c, &jujuFactory.CharmParams{
 		Name: "mysql",
 	})
-	s.mysql = factory.MakeService(c, &jujuFactory.ServiceParams{
-		Name:    "mysql",
-		Charm:   mysqlCharm,
-		Creator: s.AdminUserTag(c),
+	s.mysql = factory.MakeApplication(c, &jujuFactory.ApplicationParams{
+		Name:  "mysql",
+		Charm: mysqlCharm,
 	})
 	s.wordpressUnit = factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.wordpress,
-		Machine: s.machine0,
+		Application: s.wordpress,
+		Machine:     s.machine0,
 	})
 	s.mysqlUnit = factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.mysql,
-		Machine: s.machine1,
+		Application: s.mysql,
+		Machine:     s.machine1,
 	})
 
 	s.meteredCharm = s.Factory.MakeCharm(c, &jujuFactory.CharmParams{
 		Name: "metered",
 		URL:  "cs:quantal/metered",
 	})
-	s.meteredService = s.Factory.MakeService(c, &jujuFactory.ServiceParams{
+	s.meteredService = s.Factory.MakeApplication(c, &jujuFactory.ApplicationParams{
 		Charm: s.meteredCharm,
 	})
 	s.meteredUnit = s.Factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service:     s.meteredService,
+		Application: s.meteredService,
 		SetCharmURL: true,
 	})
 
@@ -116,7 +114,7 @@
 	s.resources = common.NewResources()
 	s.AddCleanup(func(_ *gc.C) { s.resources.StopAll() })
 
-	uniterAPIV3, err := uniter.NewUniterAPIV3(
+	uniterAPIV3, err := uniter.NewUniterAPIV4(
 		s.State,
 		s.resources,
 		s.authorizer,
@@ -128,22 +126,33 @@
 func (s *uniterSuite) TestUniterFailsWithNonUnitAgentUser(c *gc.C) {
 	anAuthorizer := s.authorizer
 	anAuthorizer.Tag = names.NewMachineTag("9")
-	_, err := uniter.NewUniterAPIV3(s.State, s.resources, anAuthorizer)
+	_, err := uniter.NewUniterAPIV4(s.State, s.resources, anAuthorizer)
 	c.Assert(err, gc.NotNil)
 	c.Assert(err, gc.ErrorMatches, "permission denied")
 }
 
 func (s *uniterSuite) TestSetStatus(c *gc.C) {
-	err := s.wordpressUnit.SetAgentStatus(status.StatusExecuting, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysqlUnit.SetAgentStatus(status.StatusExecuting, "foo", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusExecuting,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.wordpressUnit.SetAgentStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusExecuting,
+		Message: "foo",
+		Since:   &now,
+	}
+	err = s.mysqlUnit.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: "unit-mysql-0", Status: status.StatusError, Info: "not really"},
-			{Tag: "unit-wordpress-0", Status: status.StatusRebooting, Info: "foobar"},
-			{Tag: "unit-foo-42", Status: status.StatusActive, Info: "blah"},
+			{Tag: "unit-mysql-0", Status: status.StatusError.String(), Info: "not really"},
+			{Tag: "unit-wordpress-0", Status: status.StatusRebooting.String(), Info: "foobar"},
+			{Tag: "unit-foo-42", Status: status.StatusActive.String(), Info: "blah"},
 		}}
 	result, err := s.uniter.SetStatus(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -168,16 +177,27 @@
 }
 
 func (s *uniterSuite) TestSetAgentStatus(c *gc.C) {
-	err := s.wordpressUnit.SetAgentStatus(status.StatusExecuting, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysqlUnit.SetAgentStatus(status.StatusExecuting, "foo", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusExecuting,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.wordpressUnit.SetAgentStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusExecuting,
+		Message: "foo",
+		Since:   &now,
+	}
+	err = s.mysqlUnit.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: "unit-mysql-0", Status: status.StatusError, Info: "not really"},
-			{Tag: "unit-wordpress-0", Status: status.StatusExecuting, Info: "foobar"},
-			{Tag: "unit-foo-42", Status: status.StatusRebooting, Info: "blah"},
+			{Tag: "unit-mysql-0", Status: status.StatusError.String(), Info: "not really"},
+			{Tag: "unit-wordpress-0", Status: status.StatusExecuting.String(), Info: "foobar"},
+			{Tag: "unit-foo-42", Status: status.StatusRebooting.String(), Info: "blah"},
 		}}
 	result, err := s.uniter.SetAgentStatus(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -202,16 +222,27 @@
 }
 
 func (s *uniterSuite) TestSetUnitStatus(c *gc.C) {
-	err := s.wordpressUnit.SetStatus(status.StatusActive, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysqlUnit.SetStatus(status.StatusTerminated, "foo", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.wordpressUnit.SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusTerminated,
+		Message: "foo",
+		Since:   &now,
+	}
+	err = s.mysqlUnit.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	args := params.SetStatus{
 		Entities: []params.EntityStatusArgs{
-			{Tag: "unit-mysql-0", Status: status.StatusError, Info: "not really"},
-			{Tag: "unit-wordpress-0", Status: status.StatusTerminated, Info: "foobar"},
-			{Tag: "unit-foo-42", Status: status.StatusActive, Info: "blah"},
+			{Tag: "unit-mysql-0", Status: status.StatusError.String(), Info: "not really"},
+			{Tag: "unit-wordpress-0", Status: status.StatusTerminated.String(), Info: "foobar"},
+			{Tag: "unit-foo-42", Status: status.StatusActive.String(), Info: "blah"},
 		}}
 	result, err := s.uniter.SetUnitStatus(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -268,12 +299,12 @@
 		{Tag: "unit-mysql-0"},
 		{Tag: "unit-wordpress-0"},
 		{Tag: "unit-foo-42"},
-		{Tag: "service-mysql"},
-		{Tag: "service-wordpress"},
+		{Tag: "application-mysql"},
+		{Tag: "application-wordpress"},
 		{Tag: "machine-0"},
 		{Tag: "machine-1"},
 		{Tag: "machine-42"},
-		{Tag: "service-foo"},
+		{Tag: "application-foo"},
 		// TODO(dfc) these aren't valid tags any more
 		// but I hope to restore this test when params.Entity takes
 		// tags, not strings, which is coming soon.
@@ -353,9 +384,9 @@
 		{Tag: "unit-mysql-0"},
 		{Tag: "unit-wordpress-0"},
 		{Tag: "unit-foo-42"},
-		{Tag: "service-mysql"},
-		{Tag: "service-wordpress"},
-		{Tag: "service-foo"},
+		{Tag: "application-mysql"},
+		{Tag: "application-wordpress"},
+		{Tag: "application-foo"},
 		// TODO(dfc) these aren't valid tags any more
 		// but I hope to restore this test when params.Entity takes
 		// tags, not strings, which is coming soon.
@@ -569,7 +600,7 @@
 	// Now try as subordinate's agent.
 	subAuthorizer := s.authorizer
 	subAuthorizer.Tag = subordinate.Tag()
-	subUniter, err := uniter.NewUniterAPIV3(s.State, s.resources, subAuthorizer)
+	subUniter, err := uniter.NewUniterAPIV4(s.State, s.resources, subAuthorizer)
 	c.Assert(err, jc.ErrorIsNil)
 
 	result, err = subUniter.GetPrincipal(args)
@@ -695,9 +726,9 @@
 		{Tag: "unit-mysql-0"},
 		{Tag: "unit-wordpress-0"},
 		{Tag: "unit-foo-42"},
-		{Tag: "service-mysql"},
-		{Tag: "service-wordpress"},
-		{Tag: "service-foo"},
+		{Tag: "application-mysql"},
+		{Tag: "application-wordpress"},
+		{Tag: "application-foo"},
 		// TODO(dfc) these aren't valid tags any more
 		// but I hope to restore this test when params.Entity takes
 		// tags, not strings, which is coming soon.
@@ -724,7 +755,7 @@
 	c.Assert(ok, jc.IsFalse)
 
 	args := params.EntitiesCharmURL{Entities: []params.EntityCharmURL{
-		{Tag: "unit-mysql-0", CharmURL: "cs:quantal/service-42"},
+		{Tag: "unit-mysql-0", CharmURL: "cs:quantal/application-42"},
 		{Tag: "unit-wordpress-0", CharmURL: s.wpCharm.String()},
 		{Tag: "unit-foo-42", CharmURL: "cs:quantal/foo-321"},
 	}}
@@ -747,12 +778,69 @@
 	c.Assert(needsUpgrade, jc.IsTrue)
 }
 
+func (s *uniterSuite) TestWorkloadVersion(c *gc.C) {
+	// Set wordpressUnit's workload version first.
+	err := s.wordpressUnit.SetWorkloadVersion("capulet")
+	c.Assert(err, jc.ErrorIsNil)
+	version, err := s.wordpressUnit.WorkloadVersion()
+	c.Assert(version, gc.Equals, "capulet")
+	c.Assert(err, jc.ErrorIsNil)
+
+	args := params.Entities{Entities: []params.Entity{
+		{Tag: "unit-mysql-0"},
+		{Tag: "unit-wordpress-0"},
+		{Tag: "unit-foo-42"},
+		{Tag: "application-wordpress"},
+		{Tag: "just-foo"},
+	}}
+
+	result, err := s.uniter.WorkloadVersion(args)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result, gc.DeepEquals, params.StringResults{
+		Results: []params.StringResult{
+			{Error: apiservertesting.ErrUnauthorized},
+			{Result: "capulet"},
+			{Error: apiservertesting.ErrUnauthorized},
+			{Error: common.ServerError(errors.New(`"application-wordpress" is not a valid unit tag`))},
+			{Error: common.ServerError(errors.New(`"just-foo" is not a valid tag`))},
+		},
+	})
+}
+
+func (s *uniterSuite) TestSetWorkloadVersion(c *gc.C) {
+	currentVersion, err := s.wordpressUnit.WorkloadVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(currentVersion, gc.Equals, "")
+
+	args := params.EntityWorkloadVersions{Entities: []params.EntityWorkloadVersion{
+		{Tag: "unit-mysql-0", WorkloadVersion: "allura"},
+		{Tag: "unit-wordpress-0", WorkloadVersion: "shiro"},
+		{Tag: "unit-foo-42", WorkloadVersion: "pidge"},
+	}}
+	result, err := s.uniter.SetWorkloadVersion(args)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result, gc.DeepEquals, params.ErrorResults{
+		Results: []params.ErrorResult{
+			{apiservertesting.ErrUnauthorized},
+			{nil},
+			{apiservertesting.ErrUnauthorized},
+		},
+	})
+
+	// Verify the workload version was set.
+	err = s.wordpressUnit.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	newVersion, err := s.wordpressUnit.WorkloadVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(newVersion, gc.Equals, "shiro")
+}
+
 func (s *uniterSuite) TestCharmModifiedVersion(c *gc.C) {
 	args := params.Entities{Entities: []params.Entity{
-		{Tag: "service-mysql"},
-		{Tag: "service-wordpress"},
+		{Tag: "application-mysql"},
+		{Tag: "application-wordpress"},
 		{Tag: "unit-wordpress-0"},
-		{Tag: "service-foo"},
+		{Tag: "application-foo"},
 	}}
 	result, err := s.uniter.CharmModifiedVersion(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -1008,15 +1096,15 @@
 	})
 }
 
-func (s *uniterSuite) TestWatchServiceRelations(c *gc.C) {
+func (s *uniterSuite) TestWatchApplicationRelations(c *gc.C) {
 	c.Assert(s.resources.Count(), gc.Equals, 0)
 
 	args := params.Entities{Entities: []params.Entity{
-		{Tag: "service-mysql"},
-		{Tag: "service-wordpress"},
-		{Tag: "service-foo"},
+		{Tag: "application-mysql"},
+		{Tag: "application-wordpress"},
+		{Tag: "application-foo"},
 	}}
-	result, err := s.uniter.WatchServiceRelations(args)
+	result, err := s.uniter.WatchApplicationRelations(args)
 	s.assertOneStringsWatcher(c, result, err)
 }
 
@@ -1128,7 +1216,7 @@
 	mysqlUnitAuthorizer := apiservertesting.FakeAuthorizer{
 		Tag: s.mysqlUnit.Tag(),
 	}
-	mysqlUnitFacade, err := uniter.NewUniterAPIV3(s.State, s.resources, mysqlUnitAuthorizer)
+	mysqlUnitFacade, err := uniter.NewUniterAPIV4(s.State, s.resources, mysqlUnitAuthorizer)
 	c.Assert(err, jc.ErrorIsNil)
 
 	action, err := s.wordpressUnit.AddAction("fakeaction", nil)
@@ -1300,7 +1388,7 @@
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
 		{Relation: rel.Tag().String(), Unit: "unit-foo-0"},
 		{Relation: "relation-blah", Unit: "unit-wordpress-0"},
-		{Relation: "service-foo", Unit: "user-foo"},
+		{Relation: "application-foo", Unit: "user-foo"},
 		{Relation: "foo", Unit: "bar"},
 		{Relation: "unit-wordpress-0", Unit: rel.Tag().String()},
 	}}
@@ -1314,8 +1402,8 @@
 				Key:  rel.String(),
 				Life: params.Life(rel.Life().String()),
 				Endpoint: multiwatcher.Endpoint{
-					ServiceName: wpEp.ServiceName,
-					Relation:    wpEp.Relation,
+					ApplicationName: wpEp.ApplicationName,
+					Relation:        multiwatcher.NewCharmRelation(wpEp.Relation),
 				},
 			},
 			{Error: apiservertesting.ErrUnauthorized},
@@ -1351,8 +1439,8 @@
 				Key:  rel.String(),
 				Life: params.Life(rel.Life().String()),
 				Endpoint: multiwatcher.Endpoint{
-					ServiceName: wpEp.ServiceName,
-					Relation:    wpEp.Relation,
+					ApplicationName: wpEp.ApplicationName,
+					Relation:        multiwatcher.NewCharmRelation(wpEp.Relation),
 				},
 			},
 			{Error: apiservertesting.ErrUnauthorized},
@@ -1389,11 +1477,11 @@
 		{Relation: rel.Tag().String(), Unit: "unit-wordpress-0"},
 		{Relation: "relation-42", Unit: "unit-wordpress-0"},
 		{Relation: "relation-foo", Unit: "unit-wordpress-0"},
-		{Relation: "service-wordpress", Unit: "unit-foo-0"},
+		{Relation: "application-wordpress", Unit: "unit-foo-0"},
 		{Relation: "foo", Unit: "bar"},
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
-		{Relation: rel.Tag().String(), Unit: "service-wordpress"},
-		{Relation: rel.Tag().String(), Unit: "service-mysql"},
+		{Relation: rel.Tag().String(), Unit: "application-wordpress"},
+		{Relation: rel.Tag().String(), Unit: "application-mysql"},
 		{Relation: rel.Tag().String(), Unit: "user-foo"},
 	}}
 	result, err := s.uniter.EnterScope(args)
@@ -1440,11 +1528,11 @@
 		{Relation: rel.Tag().String(), Unit: "unit-wordpress-0"},
 		{Relation: "relation-42", Unit: "unit-wordpress-0"},
 		{Relation: "relation-foo", Unit: "unit-wordpress-0"},
-		{Relation: "service-wordpress", Unit: "unit-foo-0"},
+		{Relation: "application-wordpress", Unit: "unit-foo-0"},
 		{Relation: "foo", Unit: "bar"},
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
-		{Relation: rel.Tag().String(), Unit: "service-wordpress"},
-		{Relation: rel.Tag().String(), Unit: "service-mysql"},
+		{Relation: rel.Tag().String(), Unit: "application-wordpress"},
+		{Relation: rel.Tag().String(), Unit: "application-mysql"},
 		{Relation: rel.Tag().String(), Unit: "user-foo"},
 	}}
 	result, err := s.uniter.LeaveScope(args)
@@ -1484,7 +1572,7 @@
 			{s.wordpressUnit.Tag().String()},
 			{s.mysqlUnit.Tag().String()},
 			{"unit-unknown-1"},
-			{"service-wordpress"},
+			{"application-wordpress"},
 			{"machine-0"},
 			{rel.Tag().String()},
 		},
@@ -1527,11 +1615,11 @@
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
 		{Relation: "relation-42", Unit: "unit-wordpress-0"},
 		{Relation: "relation-foo", Unit: ""},
-		{Relation: "service-wordpress", Unit: "unit-foo-0"},
+		{Relation: "application-wordpress", Unit: "unit-foo-0"},
 		{Relation: "foo", Unit: "bar"},
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
-		{Relation: rel.Tag().String(), Unit: "service-wordpress"},
-		{Relation: rel.Tag().String(), Unit: "service-mysql"},
+		{Relation: rel.Tag().String(), Unit: "application-wordpress"},
+		{Relation: rel.Tag().String(), Unit: "application-mysql"},
 		{Relation: rel.Tag().String(), Unit: "user-foo"},
 	}}
 	result, err := s.uniter.ReadSettings(args)
@@ -1599,11 +1687,11 @@
 		{Relation: rel.Tag().String(), LocalUnit: "unit-wordpress-0", RemoteUnit: "unit-mysql-0"},
 		{Relation: "relation-42", LocalUnit: "unit-wordpress-0", RemoteUnit: ""},
 		{Relation: "relation-foo", LocalUnit: "", RemoteUnit: ""},
-		{Relation: "service-wordpress", LocalUnit: "unit-foo-0", RemoteUnit: "user-foo"},
+		{Relation: "application-wordpress", LocalUnit: "unit-foo-0", RemoteUnit: "user-foo"},
 		{Relation: "foo", LocalUnit: "bar", RemoteUnit: "baz"},
 		{Relation: rel.Tag().String(), LocalUnit: "unit-mysql-0", RemoteUnit: "unit-wordpress-0"},
-		{Relation: rel.Tag().String(), LocalUnit: "service-wordpress", RemoteUnit: "service-mysql"},
-		{Relation: rel.Tag().String(), LocalUnit: "service-mysql", RemoteUnit: "foo"},
+		{Relation: rel.Tag().String(), LocalUnit: "application-wordpress", RemoteUnit: "application-mysql"},
+		{Relation: rel.Tag().String(), LocalUnit: "application-mysql", RemoteUnit: "foo"},
 		{Relation: rel.Tag().String(), LocalUnit: "user-foo", RemoteUnit: "unit-wordpress-0"},
 	}}
 	result, err := s.uniter.ReadRemoteSettings(args)
@@ -1717,11 +1805,11 @@
 		{Relation: rel.Tag().String(), Unit: "unit-wordpress-0", Settings: newSettings},
 		{Relation: "relation-42", Unit: "unit-wordpress-0", Settings: nil},
 		{Relation: "relation-foo", Unit: "unit-wordpress-0", Settings: nil},
-		{Relation: "service-wordpress", Unit: "unit-foo-0", Settings: nil},
+		{Relation: "application-wordpress", Unit: "unit-foo-0", Settings: nil},
 		{Relation: "foo", Unit: "bar", Settings: nil},
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0", Settings: nil},
-		{Relation: rel.Tag().String(), Unit: "service-wordpress", Settings: nil},
-		{Relation: rel.Tag().String(), Unit: "service-mysql", Settings: nil},
+		{Relation: rel.Tag().String(), Unit: "application-wordpress", Settings: nil},
+		{Relation: rel.Tag().String(), Unit: "application-mysql", Settings: nil},
 		{Relation: rel.Tag().String(), Unit: "user-foo", Settings: nil},
 	}}
 	result, err := s.uniter.UpdateSettings(args)
@@ -1768,11 +1856,11 @@
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
 		{Relation: "relation-42", Unit: "unit-wordpress-0"},
 		{Relation: "relation-foo", Unit: ""},
-		{Relation: "service-wordpress", Unit: "unit-foo-0"},
+		{Relation: "application-wordpress", Unit: "unit-foo-0"},
 		{Relation: "foo", Unit: "bar"},
 		{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
-		{Relation: rel.Tag().String(), Unit: "service-wordpress"},
-		{Relation: rel.Tag().String(), Unit: "service-mysql"},
+		{Relation: rel.Tag().String(), Unit: "application-wordpress"},
+		{Relation: rel.Tag().String(), Unit: "application-mysql"},
 		{Relation: rel.Tag().String(), Unit: "user-foo"},
 	}}
 	result, err := s.uniter.WatchRelationUnits(args)
@@ -1849,7 +1937,7 @@
 		{Tag: "unit-wordpress-0"},
 		{Tag: "unit-foo-42"},
 		{Tag: "machine-0"},
-		{Tag: "service-wordpress"},
+		{Tag: "application-wordpress"},
 	}}
 	result, err := s.uniter.WatchUnitAddresses(args)
 	c.Assert(err, jc.ErrorIsNil)
@@ -1941,7 +2029,7 @@
 	return rel
 }
 
-func (s *uniterSuite) addRelatedService(c *gc.C, firstSvc, relatedSvc string, unit *state.Unit) (*state.Relation, *state.Service, *state.Unit) {
+func (s *uniterSuite) addRelatedService(c *gc.C, firstSvc, relatedSvc string, unit *state.Unit) (*state.Relation, *state.Application, *state.Unit) {
 	relatedService := s.AddTestingService(c, relatedSvc, s.AddTestingCharm(c, relatedSvc))
 	rel := s.addRelation(c, firstSvc, relatedSvc)
 	relUnit, err := rel.Unit(unit)
@@ -2049,9 +2137,20 @@
 }
 
 func (s *uniterSuite) TestUnitStatus(c *gc.C) {
-	err := s.wordpressUnit.SetStatus(status.StatusMaintenance, "blah", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysqlUnit.SetStatus(status.StatusTerminated, "foo", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusMaintenance,
+		Message: "blah",
+		Since:   &now,
+	}
+	err := s.wordpressUnit.SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusTerminated,
+		Message: "foo",
+		Since:   &now,
+	}
+	err = s.mysqlUnit.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	args := params.Entities{
@@ -2076,7 +2175,7 @@
 	c.Assert(result, gc.DeepEquals, params.StatusResults{
 		Results: []params.StatusResult{
 			{Error: apiservertesting.ErrUnauthorized},
-			{Status: status.StatusMaintenance, Info: "blah", Data: map[string]interface{}{}},
+			{Status: status.StatusMaintenance.String(), Info: "blah", Data: map[string]interface{}{}},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ErrUnauthorized},
 			{Error: apiservertesting.ServerError(`"invalid" is not a valid tag`)},
@@ -2084,40 +2183,17 @@
 	})
 }
 
-func (s *uniterSuite) TestServiceOwner(c *gc.C) {
-	args := params.Entities{Entities: []params.Entity{
-		{Tag: "unit-mysql-0"},
-		{Tag: "service-wordpress"},
-		{Tag: "unit-wordpress-0"},
-		{Tag: "unit-foo-42"},
-		{Tag: "machine-0"},
-		{Tag: "service-foo"},
-	}}
-	result, err := s.uniter.ServiceOwner(args)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, jc.DeepEquals, params.StringResults{
-		Results: []params.StringResult{
-			{Error: apiservertesting.ErrUnauthorized},
-			{Result: s.AdminUserTag(c).String()},
-			{Error: apiservertesting.ErrUnauthorized},
-			{Error: apiservertesting.ErrUnauthorized},
-			{Error: apiservertesting.ErrUnauthorized},
-			{Error: apiservertesting.ErrUnauthorized},
-		},
-	})
-}
-
 func (s *uniterSuite) TestAssignedMachine(c *gc.C) {
 	args := params.Entities{Entities: []params.Entity{
 		{Tag: "unit-mysql-0"},
 		{Tag: "unit-wordpress-0"},
 		{Tag: "unit-foo-42"},
-		{Tag: "service-mysql"},
-		{Tag: "service-wordpress"},
+		{Tag: "application-mysql"},
+		{Tag: "application-wordpress"},
 		{Tag: "machine-0"},
 		{Tag: "machine-1"},
 		{Tag: "machine-42"},
-		{Tag: "service-foo"},
+		{Tag: "application-foo"},
 		{Tag: "relation-svc1.rel1#svc2.rel2"},
 	}}
 	result, err := s.uniter.AssignedMachine(args)
@@ -2169,7 +2245,7 @@
 		{Tag: "machine-1"},
 		{Tag: "unit-foo-42"},
 		{Tag: "machine-42"},
-		{Tag: "service-wordpress"},
+		{Tag: "application-wordpress"},
 	}}
 	expectPorts := []params.MachinePortRange{
 		{UnitTag: "unit-wordpress-0", PortRange: params.PortRange{100, 200, "tcp"}},
@@ -2206,7 +2282,7 @@
 		Tag: s.meteredUnit.Tag(),
 	}
 	var err error
-	s.uniter, err = uniter.NewUniterAPIV3(
+	s.uniter, err = uniter.NewUniterAPIV4(
 		s.State,
 		s.resources,
 		meteredAuthorizer,
@@ -2283,7 +2359,7 @@
 }
 
 func (s *unitMetricBatchesSuite) TestAddMetricsBatchDiffTag(c *gc.C) {
-	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.meteredService, SetCharmURL: true})
+	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.meteredService, SetCharmURL: true})
 
 	metrics := []params.Metric{{Key: "pings", Value: "5", Time: time.Now().UTC()}}
 	uuid := utils.MustNewUUID().String()
@@ -2370,10 +2446,9 @@
 		URL:  "cs:quantal/wordpress-extra-bindings-4",
 	})
 	var err error
-	s.base.wordpress, err = s.base.State.AddService(state.AddServiceArgs{
+	s.base.wordpress, err = s.base.State.AddApplication(state.AddApplicationArgs{
 		Name:  "wordpress",
 		Charm: s.base.wpCharm,
-		Owner: s.base.AdminUserTag(c).String(),
 		EndpointBindings: map[string]string{
 			"db":        "internal", // relation name
 			"admin-api": "public",   // extra-binding name
@@ -2381,8 +2456,8 @@
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	s.base.wordpressUnit = factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.base.wordpress,
-		Machine: s.base.machine0,
+		Application: s.base.wordpress,
+		Machine:     s.base.machine0,
 	})
 
 	s.base.machine1 = s.addProvisionedMachineWithDevicesAndAddresses(c, 20)
@@ -2390,18 +2465,17 @@
 	mysqlCharm := factory.MakeCharm(c, &jujuFactory.CharmParams{
 		Name: "mysql",
 	})
-	s.base.mysql = factory.MakeService(c, &jujuFactory.ServiceParams{
-		Name:    "mysql",
-		Charm:   mysqlCharm,
-		Creator: s.base.AdminUserTag(c),
+	s.base.mysql = factory.MakeApplication(c, &jujuFactory.ApplicationParams{
+		Name:  "mysql",
+		Charm: mysqlCharm,
 	})
 	s.base.wordpressUnit = factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.base.wordpress,
-		Machine: s.base.machine0,
+		Application: s.base.wordpress,
+		Machine:     s.base.machine0,
 	})
 	s.base.mysqlUnit = factory.MakeUnit(c, &jujuFactory.UnitParams{
-		Service: s.base.mysql,
-		Machine: s.base.machine1,
+		Application: s.base.mysql,
+		Machine:     s.base.machine1,
 	})
 
 	// Create the resource registry separately to track invocations to
@@ -2479,7 +2553,7 @@
 	}
 
 	var err error
-	s.base.uniter, err = uniter.NewUniterAPIV3(
+	s.base.uniter, err = uniter.NewUniterAPIV4(
 		s.base.State,
 		s.base.resources,
 		s.base.authorizer,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/unitupgrader.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/unitupgrader.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/unitupgrader.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/unitupgrader.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,8 +4,8 @@
 package upgrader
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/unitupgrader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/unitupgrader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/unitupgrader_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/unitupgrader_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,12 +5,12 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/upgrader.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/upgrader.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/upgrader.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/upgrader.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/upgrader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/upgrader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrader/upgrader_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrader/upgrader_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,12 +7,12 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrading_root.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrading_root.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrading_root.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrading_root.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,15 +31,22 @@
 var allowedMethodsDuringUpgrades = map[string]set.Strings{
 	"Client": set.NewStrings(
 		"FullStatus",          // for "juju status"
-		"ModelGet",            // for "juju ssh"
-		"PrivateAddress",      // for "juju ssh"
-		"PublicAddress",       // for "juju ssh"
 		"FindTools",           // for "juju upgrade-juju", before we can reset upgrade to re-run
 		"AbortCurrentUpgrade", // for "juju upgrade-juju", so that we can reset upgrade to re-run
+
+	),
+	"SSHClient": set.NewStrings( // allow all SSH client related calls
+		"PublicAddress",
+		"PrivateAddress",
+		"PublicKeys",
+		"Proxy",
 	),
 	"Pinger": set.NewStrings(
 		"Ping",
 	),
+	"Backups": set.NewStrings(
+		"FinishRestore",
+	),
 }
 
 func IsMethodAllowedDuringUpgrade(rootName, methodName string) bool {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrading_root_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrading_root_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/upgrading_root_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/upgrading_root_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,43 +19,37 @@
 
 var _ = gc.Suite(&upgradingRootSuite{})
 
-func (r *upgradingRootSuite) TestClientMethods(c *gc.C) {
+func (r *upgradingRootSuite) TestAllowedMethods(c *gc.C) {
 	root := apiserver.TestingUpgradingRoot(nil)
-
-	for facadeName, methods := range apiserver.AllowedMethodsDuringUpgrades {
-		for _, method := range methods.Values() {
-			// for now all of the api calls of interest,
-			// reside on version 1 of their respective facade.
-			caller, err := root.FindMethod(facadeName, 1, method)
-			c.Check(err, jc.ErrorIsNil)
-			c.Check(caller, gc.NotNil)
-		}
+	checkAllowed := func(facade, method string) {
+		caller, err := root.FindMethod(facade, 1, method)
+		c.Check(err, jc.ErrorIsNil)
+		c.Check(caller, gc.NotNil)
 	}
+	checkAllowed("Client", "FullStatus")
+	checkAllowed("Client", "AbortCurrentUpgrade")
+	checkAllowed("SSHClient", "PublicAddress")
+	checkAllowed("SSHClient", "Proxy")
+	checkAllowed("Pinger", "Ping")
 }
 
 func (r *upgradingRootSuite) TestFindDisallowedMethod(c *gc.C) {
 	root := apiserver.TestingUpgradingRoot(nil)
-
 	caller, err := root.FindMethod("Client", 1, "ModelSet")
-
 	c.Assert(errors.Cause(err), gc.Equals, params.UpgradeInProgressError)
 	c.Assert(caller, gc.IsNil)
 }
 
 func (r *upgradingRootSuite) TestFindNonExistentMethod(c *gc.C) {
 	root := apiserver.TestingUpgradingRoot(nil)
-
 	caller, err := root.FindMethod("Foo", 0, "Bar")
-
 	c.Assert(err, gc.ErrorMatches, "unknown object type \"Foo\"")
 	c.Assert(caller, gc.IsNil)
 }
 
 func (r *upgradingRootSuite) TestFindMethodNonExistentVersion(c *gc.C) {
 	root := apiserver.TestingUpgradingRoot(nil)
-
 	caller, err := root.FindMethod("Client", 99999999, "FullStatus")
-
 	c.Assert(err, gc.ErrorMatches, "unknown version \\(99999999\\) of interface \"Client\"")
 	c.Assert(caller, gc.IsNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/usermanager/usermanager.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/usermanager/usermanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/usermanager/usermanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/usermanager/usermanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/modelmanager"
@@ -125,7 +125,7 @@
 					break
 				}
 				err = modelmanager.ChangeModelAccess(
-					modelmanager.NewStateBackend(api.state), modelTag, api.apiUser,
+					common.NewModelManagerBackend(api.state), modelTag, api.apiUser,
 					userTag, params.GrantModelAccess, modelAccess, api.isAdmin)
 				if err != nil {
 					err = errors.Annotatef(err, "user %q created but model %q not shared", arg.Username, modelTagStr)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/usermanager/usermanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/usermanager/usermanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/usermanager/usermanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/usermanager/usermanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/apiserver/common"
@@ -156,9 +156,9 @@
 	for i, u := range users {
 		modelUserTags[i] = u.UserTag()
 		if u.UserName() == "foobar" {
-			c.Assert(u.ReadOnly(), gc.Equals, access == params.ModelReadAccess)
+			c.Assert(u.IsReadOnly(), gc.Equals, access == params.ModelReadAccess)
 		} else if u.UserName() == "admin" {
-			c.Assert(u.ReadOnly(), gc.Equals, false)
+			c.Assert(u.IsReadOnly(), gc.Equals, false)
 		}
 	}
 	c.Assert(modelUserTags, jc.SameContents, []names.UserTag{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/utils.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/utils.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/utils.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/utils.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/state"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/watcher.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/watcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/watcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/watcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,6 +11,7 @@
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/storagecommon"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/core/migration"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
@@ -387,7 +388,7 @@
 type migrationBackend interface {
 	GetModelMigration() (state.ModelMigration, error)
 	APIHostPorts() ([][]network.HostPort, error)
-	ControllerModel() (*state.Model, error)
+	ControllerConfig() (controller.Config, error)
 }
 
 func newMigrationStatusWatcher(
@@ -498,17 +499,12 @@
 // This is a shim to avoid the need to use a working State into the
 // unit tests. It is tested as part of the client side API tests.
 var getControllerCACert = func(st migrationBackend) (string, error) {
-	model, err := st.ControllerModel()
+	cfg, err := st.ControllerConfig()
 	if err != nil {
 		return "", errors.Trace(err)
 	}
 
-	config, err := model.Config()
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-
-	cacert, ok := config.CACert()
+	cacert, ok := cfg.CACert()
 	if !ok {
 		return "", errors.New("missing CA cert for controller model")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/watcher_test.go juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/watcher_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/apiserver/watcher_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/apiserver/watcher_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,14 +5,15 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	apiservertesting "github.com/juju/juju/apiserver/testing"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/core/migration"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
@@ -87,7 +88,6 @@
 	apiserver.PatchGetMigrationBackend(s, new(fakeMigrationBackend))
 	apiserver.PatchGetControllerCACert(s, "no worries")
 
-	w.C <- struct{}{}
 	facade := s.getFacade(c, "MigrationStatusWatcher", 1, id).(migrationStatusWatcher)
 	defer c.Check(facade.Stop(), jc.ErrorIsNil)
 	result, err := facade.Next()
@@ -108,7 +108,6 @@
 	s.authorizer.Tag = names.NewMachineTag("12")
 	apiserver.PatchGetMigrationBackend(s, &fakeMigrationBackend{noMigration: true})
 
-	w.C <- struct{}{}
 	facade := s.getFacade(c, "MigrationStatusWatcher", 1, id).(migrationStatusWatcher)
 	defer c.Check(facade.Stop(), jc.ErrorIsNil)
 	result, err := facade.Next()
@@ -167,6 +166,10 @@
 	return nil, nil
 }
 
+func (b *fakeMigrationBackend) ControllerConfig() (controller.Config, error) {
+	return nil, nil
+}
+
 func MustParseHostPorts(hostports ...string) []network.HostPort {
 	out, err := network.ParseHostPorts(hostports...)
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/audit/audit.go juju-core-2.0~beta12/src/github.com/juju/juju/audit/audit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/audit/audit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/audit/audit.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,35 +1,80 @@
-// Copyright 2013, 2014 Canonical Ltd.
+// Copyright 2016 Canonical Ltd.
 // Licensed under the AGPLv3, see LICENCE file for details.
 
 // Package audit records auditable events
 package audit
 
 import (
-	"fmt"
+	"time"
 
-	"github.com/juju/loggo"
+	"github.com/juju/errors"
+	"github.com/juju/utils"
+	"github.com/juju/version"
 )
 
-var logger = loggo.GetLogger("audit")
-
-// Tagger represents anything that implements a Tag method.
-type Tagger interface {
-	Tag() string
+// AuditEntrySinkFn defines a function which will send an
+// AuditEntry to a backing store and return an error upon failure.
+type AuditEntrySinkFn func(AuditEntry) error
+
+// AuditEntry represents an auditted event.
+type AuditEntry struct {
+	// JujuServerVersion is the version of the jujud that recorded
+	// this AuditEntry.
+	JujuServerVersion version.Number
+	// ModelUUID is the ID of the model the audit entry was written
+	// on.
+	ModelUUID string
+	// Timestamp is when the audit entry was generated. It must be
+	// stored with the UTC locale.
+	Timestamp time.Time
+	// RemoteAddress is the IP of the machine from which the
+	// audit-event was triggered.
+	RemoteAddress string
+	// OriginType is the type of entity (e.g. model, user, action)
+	// which triggered the audit event.
+	OriginType string
+	// OriginName is the name of the origin which triggered the
+	// audit-event.
+	OriginName string
+	// Operation is the operation that was performed that triggered
+	// the audit event.
+	Operation string
+	// Data is a catch-all for storing random data.
+	Data map[string]interface{}
 }
 
-// Audit records an auditable event against the tagged entity that performed the action.
-func Audit(user Tagger, format string, args ...interface{}) {
-	if user == nil {
-		panic("user cannot be nil")
-	}
-	if user.Tag() == "" {
-		panic("user tag cannot be blank")
+// Validate ensures that the entry considers itself to be in a
+// complete and valid state.
+func (e AuditEntry) Validate() error {
+	if e.JujuServerVersion == version.Zero {
+		return errors.NewNotValid(errors.NotAssignedf("JujuServerVersion"), "")
+	}
+	if e.ModelUUID == "" {
+		return errors.NewNotValid(errors.NotAssignedf("ModelUUID"), "")
+	}
+	if utils.IsValidUUIDString(e.ModelUUID) == false {
+		return errors.NotValidf("ModelUUID")
+	}
+	if e.Timestamp.IsZero() {
+		return errors.NewNotValid(errors.NotAssignedf("Timestamp"), "")
+	}
+	if e.Timestamp.Location() != time.UTC {
+		return errors.NewNotValid(errors.NotValidf("Timestamp"), "must be set to UTC")
 	}
+	if e.RemoteAddress == "" {
+		return errors.NewNotValid(errors.NotAssignedf("RemoteAddress"), "")
+	}
+	if e.OriginType == "" {
+		return errors.NewNotValid(errors.NotAssignedf("OriginType"), "")
+	}
+	if e.OriginName == "" {
+		return errors.NewNotValid(errors.NotAssignedf("OriginName"), "")
+	}
+	if e.Operation == "" {
+		return errors.NewNotValid(errors.NotAssignedf("Operation"), "")
+	}
+
+	// Data remains unchecked as it is always optional.
 
-	// LogCallf is called directly, rather than Infof so that the caller
-	// of Audit is recorded, not Audit itself.
-	// Also, we're using LogCallf instead of Logf to work around a bug
-	// in the go1.4 version of go vet (https://github.com/golang/go/issues/9080)
-	// which incorrectly flags the Logf call.
-	logger.LogCallf(1, loggo.INFO, fmt.Sprintf("%s: %s", user.Tag(), format), args...)
+	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/audit/auditlogfile.go juju-core-2.0~beta12/src/github.com/juju/juju/audit/auditlogfile.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/audit/auditlogfile.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/audit/auditlogfile.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,71 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package audit
+
+import (
+	"io"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"fmt"
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/utils"
+	"gopkg.in/natefinch/lumberjack.v2"
+)
+
+var logger = loggo.GetLogger("juju.audit")
+
+// NewLogFileSink returns an audit entry sink which writes
+// to an audit.log file in the specified directory.
+func NewLogFileSink(logDir string) AuditEntrySinkFn {
+	logPath := filepath.Join(logDir, "audit.log")
+	if err := primeLogFile(logPath); err != nil {
+		// This isn't a fatal error so log and continue if priming
+		// fails.
+		logger.Errorf("Unable to prime %s (proceeding anyway): %v", logPath, err)
+	}
+
+	handler := &auditLogFileSink{
+		fileLogger: &lumberjack.Logger{
+			Filename:   logPath,
+			MaxSize:    300, // MB
+			MaxBackups: 10,
+		},
+	}
+	return handler.handle
+}
+
+// primeLogFile ensures the logsink log file is created with the
+// correct mode and ownership.
+func primeLogFile(path string) error {
+	f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, 0600)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if err := f.Close(); err != nil {
+		return errors.Trace(err)
+	}
+	err = utils.ChownPath(path, "syslog")
+	return errors.Trace(err)
+}
+
+type auditLogFileSink struct {
+	fileLogger io.WriteCloser
+}
+
+func (a *auditLogFileSink) handle(entry AuditEntry) error {
+	_, err := a.fileLogger.Write([]byte(strings.Join([]string{
+		entry.Timestamp.In(time.UTC).Format("2006-01-02 15:04:05"),
+		entry.ModelUUID,
+		entry.RemoteAddress,
+		entry.OriginName,
+		entry.OriginType,
+		entry.Operation,
+		fmt.Sprintf("%v", entry.Data),
+	}, ",") + "\n"))
+	return err
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/audit/auditlogfile_test.go juju-core-2.0~beta12/src/github.com/juju/juju/audit/auditlogfile_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/audit/auditlogfile_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/audit/auditlogfile_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,71 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package audit_test
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"runtime"
+	"time"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/audit"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/testing"
+)
+
+type auditLogFileSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&auditLogFileSuite{})
+
+func (s *auditLogFileSuite) TestLogging(c *gc.C) {
+	dir := c.MkDir()
+	sink := audit.NewLogFileSink(dir)
+
+	modelUUID := coretesting.ModelTag.Id()
+	t0 := time.Date(2015, time.June, 1, 23, 2, 1, 0, time.UTC)
+	t1 := time.Date(2015, time.June, 1, 23, 2, 2, 0, time.UTC)
+
+	err := sink(audit.AuditEntry{
+		Timestamp:     t0,
+		ModelUUID:     modelUUID,
+		RemoteAddress: "10.0.0.1",
+		OriginType:    "API",
+		OriginName:    "user-admin",
+		Operation:     "deploy",
+		Data:          map[string]interface{}{"foo": "bar"},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	err = sink(audit.AuditEntry{
+		Timestamp:     t1,
+		ModelUUID:     modelUUID,
+		RemoteAddress: "10.0.0.2",
+		OriginType:    "API",
+		OriginName:    "user-admin",
+		Operation:     "status",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check that the audit log file was populated as expected
+	logPath := filepath.Join(dir, "audit.log")
+	logContents, err := ioutil.ReadFile(logPath)
+	c.Assert(err, jc.ErrorIsNil)
+	line0 := "2015-06-01 23:02:01," + modelUUID + ",10.0.0.1,user-admin,API,deploy,map[foo:bar]\n"
+	line1 := "2015-06-01 23:02:02," + modelUUID + ",10.0.0.2,user-admin,API,status,map[]\n"
+	c.Assert(string(logContents), gc.Equals, line0+line1)
+
+	// Check the file mode is as expected. This doesn't work on
+	// Windows (but this code is very unlikely to run on Windows so
+	// it's ok).
+	if runtime.GOOS != "windows" {
+		info, err := os.Stat(logPath)
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(info.Mode(), gc.Equals, os.FileMode(0600))
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/audit/audit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/audit/audit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/audit/audit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/audit/audit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,58 +1,116 @@
-// Copyright 2013, 2014 Canonical Ltd.
+// Copyright 2016 Canonical Ltd.
 // Licensed under the AGPLv3, see LICENCE file for details.
 
-package audit
+package audit_test
 
 import (
-	"testing"
+	"time"
 
-	"github.com/juju/loggo"
+	"github.com/juju/errors"
+	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/audit"
 )
 
-func Test(t *testing.T) {
-	gc.TestingT(t)
+type auditSuite struct {
+	testing.IsolationSuite
 }
 
-type auditSuite struct{}
-
 var _ = gc.Suite(&auditSuite{})
 
-func (*auditSuite) SetUpTest(c *gc.C) {
-	loggo.ResetLoggers()
-	loggo.ResetWriters()
-	err := loggo.ConfigureLoggers(`<root>=ERROR; audit=INFO`)
-	c.Assert(err, jc.ErrorIsNil)
+func (s *auditSuite) TestValidate_EmptyModelUUIDErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.ModelUUID = ""
+
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "ModelUUID not assigned")
 }
 
-type mockUser struct {
-	tag string
+func (s *auditSuite) TestValidate_InvalidModelUUIDErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.ModelUUID = "."
+
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "ModelUUID not valid")
 }
 
-func (u *mockUser) Tag() string { return u.tag }
+func (s *auditSuite) TestValidate_EmptyTimestampErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.Timestamp = time.Time{}
+
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "Timestamp not assigned")
+}
 
-func (*auditSuite) TestAuditEventWrittenToAuditLogger(c *gc.C) {
-	var tw loggo.TestWriter
-	c.Assert(loggo.RegisterWriter("audit-log", &tw, loggo.DEBUG), gc.IsNil)
+func (s *auditSuite) TestValidate_NonUTCTimestampInvalid(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.Timestamp = invalidEntry.Timestamp.In(time.FixedZone("x", 3600))
 
-	u := &mockUser{tag: "user-agnus"}
-	Audit(u, "donut eaten, %v donut(s) remain", 7)
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "must be set to UTC: Timestamp not valid")
+}
 
-	// Add deprecated message to be checked.
-	messages := []jc.SimpleMessage{
-		{loggo.INFO, `user-agnus: donut eaten, 7 donut\(s\) remain`},
-	}
+func (s *auditSuite) TestValidate_NilOriginIPErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.RemoteAddress = ""
 
-	c.Check(tw.Log(), jc.LogMatches, messages)
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "RemoteAddress not assigned")
 }
 
-func (*auditSuite) TestAuditWithNilUserWillPanic(c *gc.C) {
-	f := func() { Audit(nil, "should never be written") }
-	c.Assert(f, gc.PanicMatches, "user cannot be nil")
+func (s *auditSuite) TestValidate_EmptyOriginTypeErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.OriginType = ""
+
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "OriginType not assigned")
 }
 
-func (*auditSuite) TestAuditWithEmptyTagWillPanic(c *gc.C) {
-	f := func() { Audit(&mockUser{}, "should never be written") }
-	c.Assert(f, gc.PanicMatches, "user tag cannot be blank")
+func (s *auditSuite) TestValidate_EmptyOriginNameErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.OriginName = ""
+
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "OriginName not assigned")
+}
+
+func (s *auditSuite) TestValidate_EmptyOperationErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.Operation = ""
+
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "Operation not assigned")
+}
+
+func (s *auditSuite) TestValidate_EmptyJujuServerVersionErrors(c *gc.C) {
+	invalidEntry := validEntry()
+	invalidEntry.JujuServerVersion = version.Zero
+
+	validationErr := invalidEntry.Validate()
+	c.Check(validationErr, jc.Satisfies, errors.IsNotValid)
+	c.Check(validationErr, gc.ErrorMatches, "JujuServerVersion not assigned")
+}
+
+func validEntry() audit.AuditEntry {
+	return audit.AuditEntry{
+		JujuServerVersion: version.MustParse("1.0.0"),
+		ModelUUID:         utils.MustNewUUID().String(),
+		Timestamp:         time.Now().UTC(),
+		RemoteAddress:     "8.8.8.8",
+		OriginType:        ".",
+		OriginName:        ".",
+		Operation:         ".",
+	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/audit/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/audit/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/audit/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/audit/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package audit_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cert/cert.go juju-core-2.0~beta12/src/github.com/juju/juju/cert/cert.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cert/cert.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cert/cert.go	2016-07-18 19:45:44.000000000 +0000
@@ -87,6 +87,7 @@
 	if err != nil {
 		return "", "", err
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	now := time.Now()
 
 	// A serial number can be up to 20 octets in size.
@@ -129,6 +130,7 @@
 // NewServer generates a certificate/key pair suitable for use by a server, with an
 // expiry time of 10 years.
 func NewDefaultServer(caCertPEM, caKeyPEM string, hostnames []string) (certPEM, keyPEM string, err error) {
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	expiry := time.Now().UTC().AddDate(10, 0, 0)
 	return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames, []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})
 }
@@ -138,35 +140,31 @@
 	return newLeaf(caCertPEM, caKeyPEM, expiry, hostnames, []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth})
 }
 
-// NewClient generates a certificate/key pair suitable for client authentication.
-func NewClient(caCertPEM, caKeyPEM string, expiry time.Time) (certPEM, keyPEM string, err error) {
-	return newLeaf(caCertPEM, caKeyPEM, expiry, nil, []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth})
-}
-
 // newLeaf generates a certificate/key pair suitable for use by a leaf node.
 func newLeaf(caCertPEM, caKeyPEM string, expiry time.Time, hostnames []string, extKeyUsage []x509.ExtKeyUsage) (certPEM, keyPEM string, err error) {
 	tlsCert, err := tls.X509KeyPair([]byte(caCertPEM), []byte(caKeyPEM))
 	if err != nil {
-		return "", "", err
+		return "", "", errors.Trace(err)
 	}
 	if len(tlsCert.Certificate) != 1 {
 		return "", "", fmt.Errorf("more than one certificate for CA")
 	}
 	caCert, err := x509.ParseCertificate(tlsCert.Certificate[0])
 	if err != nil {
-		return "", "", err
+		return "", "", errors.Trace(err)
 	}
 	if !caCert.BasicConstraintsValid || !caCert.IsCA {
-		return "", "", fmt.Errorf("CA certificate is not a valid CA")
+		return "", "", errors.Errorf("CA certificate is not a valid CA")
 	}
 	caKey, ok := tlsCert.PrivateKey.(*rsa.PrivateKey)
 	if !ok {
-		return "", "", fmt.Errorf("CA private key has unexpected type %T", tlsCert.PrivateKey)
+		return "", "", errors.Errorf("CA private key has unexpected type %T", tlsCert.PrivateKey)
 	}
 	key, err := rsa.GenerateKey(rand.Reader, KeyBits)
 	if err != nil {
-		return "", "", fmt.Errorf("cannot generate key: %v", err)
+		return "", "", errors.Errorf("cannot generate key: %v", err)
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	now := time.Now()
 	template := &x509.Certificate{
 		SerialNumber: new(big.Int),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/charmid.go juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/charmid.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/charmid.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/charmid.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package charmstore
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package charmstore
 
 import (
@@ -89,7 +92,6 @@
 		Type:        "file",
 		Path:        "foo.zip",
 		Description: "something",
-		Origin:      "store",
 		Revision:    5,
 		Fingerprint: fp.Bytes(),
 		Size:        4,
@@ -99,7 +101,6 @@
 		Type:        "file",
 		Path:        "bar.zip",
 		Description: "something",
-		Origin:      "store",
 		Revision:    7,
 		Fingerprint: fp.Bytes(),
 		Size:        4,
@@ -109,7 +110,6 @@
 		Type:        "file",
 		Path:        "bar.zip",
 		Description: "something",
-		Origin:      "store",
 		Revision:    8,
 		Fingerprint: fp.Bytes(),
 		Size:        4,
@@ -183,7 +183,6 @@
 		Type:        "file",
 		Path:        "foo.zip",
 		Description: "something",
-		Origin:      "store",
 		Revision:    5,
 		Fingerprint: fp.Bytes(),
 		Size:        4,
@@ -218,7 +217,6 @@
 		Type:        "file",
 		Path:        "foo.zip",
 		Description: "something",
-		Origin:      "store",
 		Revision:    5,
 		Fingerprint: fp.Bytes(),
 		Size:        4,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/jar.go juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/jar.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/jar.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/jar.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package charmstore
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/jar_test.go juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/jar_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/jar_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/jar_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package charmstore
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/latest.go juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/latest.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/latest.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/latest.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,6 +18,7 @@
 // use in any further requests.  Note that this map may be non-empty even if
 // this method returns an error (and the macaroons should be stored).
 func LatestCharmInfo(client Client, charms []CharmID, modelUUID string) ([]CharmInfoResult, error) {
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	now := time.Now().UTC()
 	// Do a bulk call to get the revision info for all charms.
 	logger.Infof("retrieving revision information for %d charms", len(charms))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/stub_test.go juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/stub_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/charmstore/stub_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/charmstore/stub_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package charmstore
 
 import (
@@ -109,7 +112,6 @@
 		Type:        "file",
 		Path:        name + ".tgz",
 		Description: "something about " + name,
-		Origin:      "store",
 		Revision:    len(name),
 		Fingerprint: fp.Bytes(),
 		Size:        int64(len(data)),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloud/clouds.go juju-core-2.0~beta12/src/github.com/juju/juju/cloud/clouds.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloud/clouds.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloud/clouds.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,7 +3,6 @@
 
 // Package cloud provides functionality to parse information
 // describing clouds, including regions, supported auth types etc.
-
 package cloud
 
 import (
@@ -20,7 +19,7 @@
 	"github.com/juju/juju/juju/osenv"
 )
 
-//go:generate go run ../generate/filetoconst.go fallbackPublicCloudInfo fallback-public-cloud.yaml fallback_public_cloud.go 2015
+//go:generate go run ../generate/filetoconst/filetoconst.go fallbackPublicCloudInfo fallback-public-cloud.yaml fallback_public_cloud.go 2015 cloud
 
 // AuthType is the type of authentication used by the cloud.
 type AuthType string
@@ -69,6 +68,12 @@
 	// The first region in the slice is the default region for the
 	// cloud.
 	Regions []Region
+
+	// Config contains optional cloud-specific configuration to use
+	// when bootstrapping Juju in this cloud. The cloud configuration
+	// will be combined with Juju-generated, and user-supplied values;
+	// user-supplied values taking precedence.
+	Config map[string]interface{}
 }
 
 // Region is a cloud region.
@@ -94,11 +99,12 @@
 
 // cloud is equivalent to Cloud, for marshalling and unmarshalling.
 type cloud struct {
-	Type            string     `yaml:"type"`
-	AuthTypes       []AuthType `yaml:"auth-types,omitempty,flow"`
-	Endpoint        string     `yaml:"endpoint,omitempty"`
-	StorageEndpoint string     `yaml:"storage-endpoint,omitempty"`
-	Regions         regions    `yaml:"regions,omitempty"`
+	Type            string                 `yaml:"type"`
+	AuthTypes       []AuthType             `yaml:"auth-types,omitempty,flow"`
+	Endpoint        string                 `yaml:"endpoint,omitempty"`
+	StorageEndpoint string                 `yaml:"storage-endpoint,omitempty"`
+	Regions         regions                `yaml:"regions,omitempty"`
+	Config          map[string]interface{} `yaml:"config,omitempty"`
 }
 
 // regions is a collection of regions, either as a map and/or
@@ -158,6 +164,29 @@
 	return nil, errors.NotFoundf("cloud %s", name)
 }
 
+// RegionByName finds the region in the given slice with the
+// specified name, with case folding.
+func RegionByName(regions []Region, name string) (*Region, error) {
+	for _, region := range regions {
+		if !strings.EqualFold(region.Name, name) {
+			continue
+		}
+		return &region, nil
+	}
+	return nil, errors.NewNotFound(nil, fmt.Sprintf(
+		"region %q not found (expected one of %q)",
+		name, cloudRegionNames(regions),
+	))
+}
+
+func cloudRegionNames(regions []Region) []string {
+	names := make([]string, len(regions))
+	for i, region := range regions {
+		names[i] = region.Name
+	}
+	return names
+}
+
 // JujuPublicCloudsPath is the location where public cloud information is
 // expected to be found. Requires JUJU_HOME to be set.
 func JujuPublicCloudsPath() string {
@@ -196,31 +225,7 @@
 	// the first region for the cloud as its default region.
 	clouds := make(map[string]Cloud)
 	for name, cloud := range metadata.Clouds {
-		var regions []Region
-		if len(cloud.Regions.Map) > 0 {
-			for _, item := range cloud.Regions.Slice {
-				name := fmt.Sprint(item.Key)
-				r := cloud.Regions.Map[name]
-				if r == nil {
-					// r will be nil if none of the fields in
-					// the YAML are set.
-					regions = append(regions, Region{Name: name})
-				} else {
-					regions = append(regions, Region{
-						name, r.Endpoint, r.StorageEndpoint,
-					})
-				}
-			}
-		}
-		meta := Cloud{
-			Type:            cloud.Type,
-			AuthTypes:       cloud.AuthTypes,
-			Endpoint:        cloud.Endpoint,
-			StorageEndpoint: cloud.StorageEndpoint,
-			Regions:         regions,
-		}
-		meta.denormaliseMetadata()
-		clouds[name] = meta
+		clouds[name] = cloudFromInternal(cloud)
 	}
 	return clouds, nil
 }
@@ -254,19 +259,7 @@
 func marshalCloudMetadata(cloudsMap map[string]Cloud) ([]byte, error) {
 	clouds := cloudSet{make(map[string]*cloud)}
 	for name, metadata := range cloudsMap {
-		var regions regions
-		for _, r := range metadata.Regions {
-			regions.Slice = append(regions.Slice, yaml.MapItem{
-				r.Name, region{r.Endpoint, r.StorageEndpoint},
-			})
-		}
-		clouds.Clouds[name] = &cloud{
-			Type:            metadata.Type,
-			AuthTypes:       metadata.AuthTypes,
-			Endpoint:        metadata.Endpoint,
-			StorageEndpoint: metadata.StorageEndpoint,
-			Regions:         regions,
-		}
+		clouds.Clouds[name] = cloudToInternal(metadata)
 	}
 	data, err := yaml.Marshal(clouds)
 	if err != nil {
@@ -275,6 +268,66 @@
 	return data, nil
 }
 
+// MarshalCloud marshals a Cloud to an opaque byte array.
+func MarshalCloud(cloud Cloud) ([]byte, error) {
+	return yaml.Marshal(cloudToInternal(cloud))
+}
+
+// UnmarshalCloud unmarshals a Cloud from a byte array produced by MarshalCloud.
+func UnmarshalCloud(in []byte) (Cloud, error) {
+	var internal cloud
+	if err := yaml.Unmarshal(in, &internal); err != nil {
+		return Cloud{}, errors.Annotate(err, "cannot unmarshal yaml cloud metadata")
+	}
+	return cloudFromInternal(&internal), nil
+}
+
+func cloudToInternal(in Cloud) *cloud {
+	var regions regions
+	for _, r := range in.Regions {
+		regions.Slice = append(regions.Slice, yaml.MapItem{
+			r.Name, region{r.Endpoint, r.StorageEndpoint},
+		})
+	}
+	return &cloud{
+		Type:            in.Type,
+		AuthTypes:       in.AuthTypes,
+		Endpoint:        in.Endpoint,
+		StorageEndpoint: in.StorageEndpoint,
+		Regions:         regions,
+		Config:          in.Config,
+	}
+}
+
+func cloudFromInternal(in *cloud) Cloud {
+	var regions []Region
+	if len(in.Regions.Map) > 0 {
+		for _, item := range in.Regions.Slice {
+			name := fmt.Sprint(item.Key)
+			r := in.Regions.Map[name]
+			if r == nil {
+				// r will be nil if none of the fields in
+				// the YAML are set.
+				regions = append(regions, Region{Name: name})
+			} else {
+				regions = append(regions, Region{
+					name, r.Endpoint, r.StorageEndpoint,
+				})
+			}
+		}
+	}
+	meta := Cloud{
+		Type:            in.Type,
+		AuthTypes:       in.AuthTypes,
+		Endpoint:        in.Endpoint,
+		StorageEndpoint: in.StorageEndpoint,
+		Regions:         regions,
+		Config:          in.Config,
+	}
+	meta.denormaliseMetadata()
+	return meta
+}
+
 // MarshalYAML implements the yaml.Marshaler interface.
 func (r regions) MarshalYAML() (interface{}, error) {
 	return r.Slice, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloud/clouds_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloud/clouds_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloud/clouds_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloud/clouds_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -64,6 +64,26 @@
 	c.Assert(rackspace.AuthTypes, jc.SameContents, []cloud.AuthType{"access-key", "userpass"})
 }
 
+func (s *cloudSuite) TestParseCloudsConfig(c *gc.C) {
+	clouds, err := cloud.ParseCloudMetadata([]byte(`clouds:
+  testing:
+    type: dummy
+    config:
+      k1: v1
+      k2: 2.0
+`))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(clouds, gc.HasLen, 1)
+	testingCloud := clouds["testing"]
+	c.Assert(testingCloud, jc.DeepEquals, cloud.Cloud{
+		Type: "dummy",
+		Config: map[string]interface{}{
+			"k1": "v1",
+			"k2": float64(2.0),
+		},
+	})
+}
+
 func (s *cloudSuite) TestPublicCloudsMetadataFallback(c *gc.C) {
 	clouds, fallbackUsed, err := cloud.PublicCloudMetadata("badfile.yaml")
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloud/credentials.go juju-core-2.0~beta12/src/github.com/juju/juju/cloud/credentials.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloud/credentials.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloud/credentials.go	2016-07-18 19:45:44.000000000 +0000
@@ -43,6 +43,9 @@
 }
 
 func copyStringMap(in map[string]string) map[string]string {
+	if in == nil {
+		return nil
+	}
 	out := make(map[string]string)
 	for k, v := range in {
 		out[k] = v
@@ -55,12 +58,24 @@
 	return copyStringMap(c.attributes)
 }
 
+type credentialInternal struct {
+	AuthType   AuthType          `yaml:"auth-type"`
+	Attributes map[string]string `yaml:",omitempty,inline"`
+}
+
 // MarshalYAML implements the yaml.Marshaler interface.
 func (c Credential) MarshalYAML() (interface{}, error) {
-	return struct {
-		AuthType   AuthType          `yaml:"auth-type"`
-		Attributes map[string]string `yaml:",omitempty,inline"`
-	}{c.authType, c.attributes}, nil
+	return credentialInternal{c.authType, c.attributes}, nil
+}
+
+// UnmarshalYAML implements the yaml.Marshaler interface.
+func (c *Credential) UnmarshalYAML(unmarshal func(interface{}) error) error {
+	var internal credentialInternal
+	if err := unmarshal(&internal); err != nil {
+		return err
+	}
+	*c = Credential{authType: internal.AuthType, attributes: internal.Attributes}
+	return nil
 }
 
 // NewCredential returns a new, immutable, Credential with the supplied
@@ -345,6 +360,9 @@
 	for k, v := range mapv {
 		attrs[k] = v.(string)
 	}
+	if len(attrs) == 0 {
+		attrs = nil
+	}
 	return Credential{authType: AuthType(authType), attributes: attrs}, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloud/defaults.go juju-core-2.0~beta12/src/github.com/juju/juju/cloud/defaults.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloud/defaults.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloud/defaults.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,19 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud
+
+// Defaults describes a set of defaults for cloud, region,
+// and credential to use.
+type Defaults struct {
+	// Cloud is the name of the cloud to use by default.
+	Cloud string
+
+	// Region is the name of the cloud region to use by default,
+	// if the cloud supports regions.
+	Region string
+
+	// Credential is the name of the cloud credential to use
+	// by default, if the cloud requires credentials.
+	Credential string
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/cloudinit/helpers_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/cloudinit/helpers_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/cloudinit/helpers_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/cloudinit/helpers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package cloudinit
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/cloudinit/renderscript_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/cloudinit/renderscript_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/cloudinit/renderscript_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/cloudinit/renderscript_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,6 +11,8 @@
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cloudconfig"
 	"github.com/juju/juju/cloudconfig/cloudinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -18,6 +20,7 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/imagemetadata"
+	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/state/multiwatcher"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/tools"
@@ -56,19 +59,44 @@
 func (s *configureSuite) getCloudConfig(c *gc.C, controller bool, vers version.Binary) cloudinit.CloudConfig {
 	var icfg *instancecfg.InstanceConfig
 	var err error
+	modelConfig := testConfig(c, controller, vers)
 	if controller {
 		icfg, err = instancecfg.NewBootstrapInstanceConfig(
+			coretesting.FakeControllerConfig(),
 			constraints.Value{}, constraints.Value{},
 			vers.Series, "",
 		)
 		c.Assert(err, jc.ErrorIsNil)
-		icfg.InstanceId = "instance-id"
-		icfg.HostedModelConfig = map[string]interface{}{
+		icfg.APIInfo = &api.Info{
+			Password: "password",
+			CACert:   coretesting.CACert,
+			ModelTag: coretesting.ModelTag,
+		}
+		icfg.Controller.MongoInfo = &mongo.MongoInfo{
+			Password: "password", Info: mongo.Info{CACert: coretesting.CACert},
+		}
+		icfg.Bootstrap.ControllerModelConfig = modelConfig
+		icfg.Bootstrap.BootstrapMachineInstanceId = "instance-id"
+		icfg.Bootstrap.HostedModelConfig = map[string]interface{}{
 			"name": "hosted-model",
 		}
+		icfg.Bootstrap.StateServingInfo = params.StateServingInfo{
+			Cert:         coretesting.ServerCert,
+			PrivateKey:   coretesting.ServerKey,
+			CAPrivateKey: coretesting.CAKey,
+			StatePort:    123,
+			APIPort:      456,
+		}
 		icfg.Jobs = []multiwatcher.MachineJob{multiwatcher.JobManageModel, multiwatcher.JobHostUnits}
+		icfg.Bootstrap.StateServingInfo = params.StateServingInfo{
+			Cert:         coretesting.ServerCert,
+			PrivateKey:   coretesting.ServerKey,
+			CAPrivateKey: coretesting.CAKey,
+			StatePort:    123,
+			APIPort:      456,
+		}
 	} else {
-		icfg, err = instancecfg.NewInstanceConfig("0", "ya", imagemetadata.ReleasedStream, vers.Series, "", true, nil, nil)
+		icfg, err = instancecfg.NewInstanceConfig("0", "ya", imagemetadata.ReleasedStream, vers.Series, true, nil)
 		c.Assert(err, jc.ErrorIsNil)
 		icfg.Jobs = []multiwatcher.MachineJob{multiwatcher.JobHostUnits}
 	}
@@ -78,8 +106,7 @@
 			URL:     "http://testing.invalid/tools.tar.gz",
 		},
 	})
-	environConfig := testConfig(c, controller, vers)
-	err = instancecfg.FinishInstanceConfig(icfg, environConfig)
+	err = instancecfg.FinishInstanceConfig(icfg, modelConfig)
 	c.Assert(err, jc.ErrorIsNil)
 	cloudcfg, err := cloudinit.New(icfg.Series)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,21 +6,19 @@
 
 import (
 	"bytes"
-	"fmt"
 	"io/ioutil"
 	"path/filepath"
 	"strings"
-	"text/template"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
 	"github.com/juju/utils/proxy"
+	"github.com/juju/utils/set"
 
 	"github.com/juju/juju/cloudconfig"
 	"github.com/juju/juju/cloudconfig/cloudinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/container"
-	"github.com/juju/juju/environs"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/service"
 	"github.com/juju/juju/service/common"
@@ -58,107 +56,143 @@
 	return userDataFilename, nil
 }
 
-// networkConfigTemplate defines how to render /etc/network/interfaces
-// file for a container with one or more NICs.
-const networkConfigTemplate = `
-# loopback interface
-auto lo
-iface lo inet loopback{{define "static"}}
-{{.InterfaceName | printf "# interface %q"}}{{if not .NoAutoStart}}
-auto {{.InterfaceName}}{{end}}
-iface {{.InterfaceName}} inet manual{{if gt (len .DNSServers) 0}}
-    dns-nameservers{{range $dns := .DNSServers}} {{$dns.Value}}{{end}}{{end}}{{if gt (len .DNSSearch) 0}}
-    dns-search {{.DNSSearch}}{{end}}
-    pre-up ip address add {{.Address.Value}}/32 dev {{.InterfaceName}} &> /dev/null || true
-    up ip route replace {{.GatewayAddress.Value}} dev {{.InterfaceName}}
-    up ip route replace default via {{.GatewayAddress.Value}}
-    down ip route del default via {{.GatewayAddress.Value}} &> /dev/null || true
-    down ip route del {{.GatewayAddress.Value}} dev {{.InterfaceName}} &> /dev/null || true
-    post-down ip address del {{.Address.Value}}/32 dev {{.InterfaceName}} &> /dev/null || true
-{{end}}{{define "dhcp"}}
-{{.InterfaceName | printf "# interface %q"}}{{if not .NoAutoStart}}
-auto {{.InterfaceName}}{{end}}
-iface {{.InterfaceName}} inet dhcp
-{{end}}{{range $nic := . }}{{if eq $nic.ConfigType "static"}}
-{{template "static" $nic}}{{else}}{{template "dhcp" $nic}}{{end}}{{end}}`
-
-// multiBridgeNetworkConfigTemplate defines how to render /etc/network/interfaces
-// file for a multi-NIC container.
-const multiBridgeNetworkConfigTemplate = `
-auto lo
-iface lo inet loopback
-{{range $nic := .}}{{template "single" $nic}}{{end}}
-{{define "single"}}{{if not .NoAutoStart}}
-auto {{.InterfaceName}}{{end}}
-iface {{.InterfaceName}} inet manual{{if .DNSServers}}
-  dns-nameservers{{range $srv := .DNSServers}} {{$srv.Value}}{{end}}{{end}}{{if .DNSSearchDomains}}
-  dns-search{{range $dom := .DNSSearchDomains}} {{$dom}}{{end}}{{end}}
-  pre-up ip address add {{.CIDRAddress}} dev {{.InterfaceName}} || true
-  up ip route replace {{.CIDR}} dev {{.InterfaceName}} || true
-  down ip route del {{.CIDR}} dev {{.InterfaceName}} || true
-  post-down address del {{.CIDRAddress}} dev {{.InterfaceName}} || true{{if .GatewayAddress.Value}}
-  up ip route replace default via {{.GatewayAddress.Value}} || true
-  down ip route del default via {{.GatewayAddress.Value}} || true{{end}}
-{{end}}`
-
-var networkInterfacesFile = "/etc/network/interfaces.d/00-juju.cfg"
-
-// GenerateNetworkConfig renders a network config for one or more
-// network interfaces, using the given non-nil networkConfig
-// containing a non-empty Interfaces field.
+var networkInterfacesFile = "/etc/network/interfaces"
+
+// GenerateNetworkConfig renders a network config for one or more network
+// interfaces, using the given non-nil networkConfig containing a non-empty
+// Interfaces field.
 func GenerateNetworkConfig(networkConfig *container.NetworkConfig) (string, error) {
 	if networkConfig == nil || len(networkConfig.Interfaces) == 0 {
-		// Don't generate networking config.
-		logger.Tracef("no network config to generate")
-		return "", nil
+		return "", errors.Errorf("missing container network config")
 	}
 	logger.Debugf("generating network config from %#v", *networkConfig)
 
-	// Copy the InterfaceInfo before modifying the original.
-	interfacesCopy := make([]network.InterfaceInfo, len(networkConfig.Interfaces))
-	copy(interfacesCopy, networkConfig.Interfaces)
-	for i, info := range interfacesCopy {
-		if info.MACAddress != "" {
-			info.MACAddress = ""
+	prepared := PrepareNetworkConfigFromInterfaces(networkConfig.Interfaces)
+
+	var output bytes.Buffer
+	gatewayWritten := false
+	for _, name := range prepared.InterfaceNames {
+		output.WriteString("\n")
+		if name == "lo" {
+			output.WriteString("auto ")
+			autoStarted := strings.Join(prepared.AutoStarted, " ")
+			output.WriteString(autoStarted + "\n\n")
+			output.WriteString("iface lo inet loopback\n")
+
+			dnsServers := strings.Join(prepared.DNSServers, " ")
+			if dnsServers != "" {
+				output.WriteString("  dns-nameservers ")
+				output.WriteString(dnsServers + "\n")
+			}
+
+			dnsSearchDomains := strings.Join(prepared.DNSSearchDomains, " ")
+			if dnsSearchDomains != "" {
+				output.WriteString("  dns-search ")
+				output.WriteString(dnsSearchDomains + "\n")
+			}
+			continue
 		}
-		if info.InterfaceName != "eth0" {
-			info.GatewayAddress = network.Address{}
+
+		address, hasAddress := prepared.NameToAddress[name]
+		if !hasAddress {
+			output.WriteString("iface " + name + " inet manual\n")
+			continue
+		} else if address == string(network.ConfigDHCP) {
+			output.WriteString("iface " + name + " inet dhcp\n")
+			continue
 		}
-		interfacesCopy[i] = info
-	}
 
-	// Render the config first.
-	tmpl, err := template.New("config").Parse(multiBridgeNetworkConfigTemplate)
-	if err != nil {
-		return "", errors.Annotate(err, "cannot parse network config template")
+		output.WriteString("iface " + name + " inet static\n")
+		output.WriteString("  address " + address + "\n")
+		if !gatewayWritten && prepared.GatewayAddress != "" {
+			output.WriteString("  gateway " + prepared.GatewayAddress + "\n")
+			gatewayWritten = true // write it only once
+		}
 	}
 
-	var buf bytes.Buffer
-	if err := tmpl.Execute(&buf, interfacesCopy); err != nil {
-		return "", errors.Annotate(err, "cannot render network config")
+	generatedConfig := output.String()
+	logger.Debugf("generated network config:\n%s", generatedConfig)
+
+	return generatedConfig, nil
+}
+
+// PreparedConfig holds all the necessary information to render a persistent
+// network config to a file.
+type PreparedConfig struct {
+	InterfaceNames   []string
+	AutoStarted      []string
+	DNSServers       []string
+	DNSSearchDomains []string
+	NameToAddress    map[string]string
+	GatewayAddress   string
+}
+
+// PrepareNetworkConfigFromInterfaces collects the necessary information to
+// render a persistent network config from the given slice of
+// network.InterfaceInfo. The result always includes the loopback interface.
+func PrepareNetworkConfigFromInterfaces(interfaces []network.InterfaceInfo) *PreparedConfig {
+	dnsServers := set.NewStrings()
+	dnsSearchDomains := set.NewStrings()
+	gatewayAddress := ""
+	namesInOrder := make([]string, 1, len(interfaces)+1)
+	nameToAddress := make(map[string]string)
+
+	// Always include the loopback.
+	namesInOrder[0] = "lo"
+	autoStarted := set.NewStrings("lo")
+
+	for _, info := range interfaces {
+		if !info.NoAutoStart {
+			autoStarted.Add(info.InterfaceName)
+		}
+
+		if cidr := info.CIDRAddress(); cidr != "" {
+			nameToAddress[info.InterfaceName] = cidr
+		} else if info.ConfigType == network.ConfigDHCP {
+			nameToAddress[info.InterfaceName] = string(network.ConfigDHCP)
+		}
+
+		for _, dns := range info.DNSServers {
+			dnsServers.Add(dns.Value)
+		}
+
+		dnsSearchDomains = dnsSearchDomains.Union(set.NewStrings(info.DNSSearchDomains...))
+
+		if info.InterfaceName == "eth0" && gatewayAddress == "" {
+			// Only set gateway once for the primary NIC.
+			gatewayAddress = info.GatewayAddress.Value
+		}
+
+		namesInOrder = append(namesInOrder, info.InterfaceName)
 	}
 
-	generatedConfig := buf.String()
-	logger.Debugf("generated network config from %#v\nusing%#v:\n%s", interfacesCopy, networkConfig.Interfaces, generatedConfig)
+	prepared := &PreparedConfig{
+		InterfaceNames:   namesInOrder,
+		NameToAddress:    nameToAddress,
+		AutoStarted:      autoStarted.SortedValues(),
+		DNSServers:       dnsServers.SortedValues(),
+		DNSSearchDomains: dnsSearchDomains.SortedValues(),
+		GatewayAddress:   gatewayAddress,
+	}
 
-	return generatedConfig, nil
+	logger.Debugf("prepared network config for rendering: %+v", prepared)
+	return prepared
 }
 
 // newCloudInitConfigWithNetworks creates a cloud-init config which
 // might include per-interface networking config if both networkConfig
 // is not nil and its Interfaces field is not empty.
 func newCloudInitConfigWithNetworks(series string, networkConfig *container.NetworkConfig) (cloudinit.CloudConfig, error) {
-	cloudConfig, err := cloudinit.New(series)
+	config, err := GenerateNetworkConfig(networkConfig)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	config, err := GenerateNetworkConfig(networkConfig)
-	if err != nil || len(config) == 0 {
-		return cloudConfig, errors.Trace(err)
+	cloudConfig, err := cloudinit.New(series)
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
 
 	cloudConfig.AddBootTextFile(networkInterfacesFile, config, 0644)
-	cloudConfig.AddRunCmd("ifup -a || true")
 	return cloudConfig, nil
 }
 
@@ -226,7 +260,7 @@
 	// we need to enable apt-get update regardless of the environ
 	// setting, otherwise provisioning will fail.
 	if series == "precise" && !enablePackageUpdates {
-		logger.Warningf("series %q requires cloud-tools archive: enabling updates", series)
+		logger.Infof("series %q requires cloud-tools archive: enabling updates", series)
 		enablePackageUpdates = true
 	}
 
@@ -252,53 +286,12 @@
 	return data, nil
 }
 
-// defaultEtcNetworkInterfaces is the contents of
-// /etc/network/interfaces file which is left on the template LXC
-// container on shutdown. This is needed to allow cloned containers to
-// start in case no network config is provided during cloud-init, e.g.
-// when AUFS is used.
-const defaultEtcNetworkInterfaces = `
-# loopback interface
-auto lo
-iface lo inet loopback
-
-# primary interface
-auto eth0
-iface eth0 inet dhcp
-`
-
 func shutdownInitCommands(initSystem, series string) ([]string, error) {
-	// These files are removed just before the template shuts down.
-	cleanupOnShutdown := []string{
-		// We remove any dhclient lease files so there's no chance a
-		// clone to reuse a lease from the template it was cloned
-		// from.
-		"/var/lib/dhcp/dhclient*",
-		// Both of these sets of files below are recreated on boot and
-		// if we leave them in the template's rootfs boot logs coming
-		// from cloned containers will be appended. It's better to
-		// keep clean logs for diagnosing issues / debugging.
-		"/var/log/cloud-init*.log",
-	}
-
-	// Using EOC below as the template shutdown script is itself
-	// passed through cat > ... < EOF.
-	replaceNetConfCmd := fmt.Sprintf(
-		"/bin/cat > /etc/network/interfaces << EOC%sEOC\n  ",
-		defaultEtcNetworkInterfaces,
-	)
-	paths := strings.Join(cleanupOnShutdown, " ")
-	removeCmd := fmt.Sprintf("/bin/rm -fr %s\n  ", paths)
 	shutdownCmd := "/sbin/shutdown -h now"
 	name := "juju-template-restart"
 	desc := "juju shutdown job"
 
 	execStart := shutdownCmd
-	if environs.AddressAllocationEnabled("") { // we only care the provider is not MAAS here.
-		// Only do the cleanup and replacement of /e/n/i when address
-		// allocation feature flag is enabled.
-		execStart = replaceNetConfCmd + removeCmd + shutdownCmd
-	}
 
 	conf := common.Conf{
 		Desc:         desc,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/containerinit/container_userdata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,6 +5,7 @@
 package containerinit_test
 
 import (
+	"fmt"
 	"path/filepath"
 	"strings"
 	stdtesting "testing"
@@ -17,10 +18,7 @@
 	"github.com/juju/juju/cloudconfig/containerinit"
 	"github.com/juju/juju/container"
 	containertesting "github.com/juju/juju/container/testing"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/service"
-	systemdtesting "github.com/juju/juju/service/systemd/testing"
 	"github.com/juju/juju/testing"
 )
 
@@ -33,7 +31,11 @@
 
 	networkInterfacesFile string
 	fakeInterfaces        []network.InterfaceInfo
-	expectedNetConfig     string
+
+	expectedSampleConfig     string
+	expectedSampleUserData   string
+	expectedFallbackConfig   string
+	expectedFallbackUserData string
 }
 
 var _ = gc.Suite(&UserDataSuite{})
@@ -65,103 +67,163 @@
 		InterfaceName: "eth2",
 		ConfigType:    network.ConfigDHCP,
 		NoAutoStart:   true,
+	}, {
+		InterfaceName: "eth3",
+		ConfigType:    network.ConfigDHCP,
+		NoAutoStart:   false,
+	}, {
+		InterfaceName: "eth4",
+		ConfigType:    network.ConfigManual,
+		NoAutoStart:   true,
 	}}
-	s.expectedNetConfig = `
-auto lo
-iface lo inet loopback
+	s.expectedSampleConfig = `
+auto eth0 eth1 eth3 lo
 
-auto eth0
-iface eth0 inet manual
+iface lo inet loopback
   dns-nameservers ns1.invalid ns2.invalid
-  dns-search foo bar
-  pre-up ip address add 0.1.2.3/24 dev eth0 || true
-  up ip route replace 0.1.2.0/24 dev eth0 || true
-  down ip route del 0.1.2.0/24 dev eth0 || true
-  post-down address del 0.1.2.3/24 dev eth0 || true
-  up ip route replace default via 0.1.2.1 || true
-  down ip route del default via 0.1.2.1 || true
+  dns-search bar foo
 
-auto eth1
-iface eth1 inet manual
-  dns-nameservers ns1.invalid ns2.invalid
-  dns-search foo bar
-  pre-up ip address add 0.1.2.4/24 dev eth1 || true
-  up ip route replace 0.1.2.0/24 dev eth1 || true
-  down ip route del 0.1.2.0/24 dev eth1 || true
-  post-down address del 0.1.2.4/24 dev eth1 || true
-
-iface eth2 inet manual
-  pre-up ip address add  dev eth2 || true
-  up ip route replace  dev eth2 || true
-  down ip route del  dev eth2 || true
-  post-down address del  dev eth2 || true
+iface eth0 inet static
+  address 0.1.2.3/24
+  gateway 0.1.2.1
+
+iface eth1 inet static
+  address 0.1.2.4/24
 
+iface eth2 inet dhcp
+
+iface eth3 inet dhcp
+
+iface eth4 inet manual
 `
+	s.expectedSampleUserData = `
+#cloud-config
+bootcmd:
+- install -D -m 644 /dev/null '%[1]s'
+- |-
+  printf '%%s\n' '
+  auto eth0 eth1 eth3 lo
+
+  iface lo inet loopback
+    dns-nameservers ns1.invalid ns2.invalid
+    dns-search bar foo
+
+  iface eth0 inet static
+    address 0.1.2.3/24
+    gateway 0.1.2.1
+
+  iface eth1 inet static
+    address 0.1.2.4/24
+
+  iface eth2 inet dhcp
+
+  iface eth3 inet dhcp
+
+  iface eth4 inet manual
+  ' > '%[1]s'
+`[1:]
+
+	s.expectedFallbackConfig = `
+auto eth0 lo
+
+iface lo inet loopback
+
+iface eth0 inet dhcp
+`
+	s.expectedFallbackUserData = `
+#cloud-config
+bootcmd:
+- install -D -m 644 /dev/null '%[1]s'
+- |-
+  printf '%%s\n' '
+  auto eth0 lo
+
+  iface lo inet loopback
+
+  iface eth0 inet dhcp
+  ' > '%[1]s'
+`[1:]
+
 	s.PatchValue(containerinit.NetworkInterfacesFile, s.networkInterfacesFile)
 }
 
 func (s *UserDataSuite) TestGenerateNetworkConfig(c *gc.C) {
-	// No config or no interfaces - no error, but also noting to generate.
 	data, err := containerinit.GenerateNetworkConfig(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(data, gc.HasLen, 0)
+	c.Assert(err, gc.ErrorMatches, "missing container network config")
+	c.Assert(data, gc.Equals, "")
+
 	netConfig := container.BridgeNetworkConfig("foo", 0, nil)
 	data, err = containerinit.GenerateNetworkConfig(netConfig)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(data, gc.HasLen, 0)
+	c.Assert(data, gc.Equals, s.expectedFallbackConfig)
 
 	// Test with all interface types.
 	netConfig = container.BridgeNetworkConfig("foo", 0, s.fakeInterfaces)
 	data, err = containerinit.GenerateNetworkConfig(netConfig)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(data, gc.Equals, s.expectedNetConfig)
+	c.Assert(data, gc.Equals, s.expectedSampleConfig)
 }
 
-func (s *UserDataSuite) TestNewCloudInitConfigWithNetworks(c *gc.C) {
+func (s *UserDataSuite) TestNewCloudInitConfigWithNetworksSampleConfig(c *gc.C) {
 	netConfig := container.BridgeNetworkConfig("foo", 0, s.fakeInterfaces)
 	cloudConf, err := containerinit.NewCloudInitConfigWithNetworks("quantal", netConfig)
 	c.Assert(err, jc.ErrorIsNil)
-	// We need to indent expectNetConfig to make it valid YAML,
-	// dropping the last new line and using unindented blank lines.
-	lines := strings.Split(s.expectedNetConfig, "\n")
-	indentedNetConfig := strings.Join(lines[:len(lines)-2], "\n  ")
-	indentedNetConfig = strings.Replace(indentedNetConfig, "\n  \n", "\n\n", -1) + "\n"
-	expected := `
-#cloud-config
-bootcmd:
-- install -D -m 644 /dev/null '`[1:] + s.networkInterfacesFile + `'
-- |-
-  printf '%s\n' '` + indentedNetConfig + `
-  ' > '` + s.networkInterfacesFile + `'
-runcmd:
-- ifup -a || true
-`
+	c.Assert(cloudConf, gc.NotNil)
+
+	expected := fmt.Sprintf(s.expectedSampleUserData, s.networkInterfacesFile)
 	assertUserData(c, cloudConf, expected)
 }
 
-func (s *UserDataSuite) TestNewCloudInitConfigWithNetworksNoConfig(c *gc.C) {
+func (s *UserDataSuite) TestNewCloudInitConfigWithNetworksFallbackConfig(c *gc.C) {
 	netConfig := container.BridgeNetworkConfig("foo", 0, nil)
 	cloudConf, err := containerinit.NewCloudInitConfigWithNetworks("quantal", netConfig)
 	c.Assert(err, jc.ErrorIsNil)
-	expected := "#cloud-config\n{}\n"
+	c.Assert(cloudConf, gc.NotNil)
+
+	expected := fmt.Sprintf(s.expectedFallbackUserData, s.networkInterfacesFile)
 	assertUserData(c, cloudConf, expected)
 }
 
-func (s *UserDataSuite) TestCloudInitUserData(c *gc.C) {
-	instanceConfig, err := containertesting.MockMachineConfig("1/lxc/0")
+func (s *UserDataSuite) TestCloudInitUserDataFallbackConfig(c *gc.C) {
+	instanceConfig, err := containertesting.MockMachineConfig("1/lxd/0")
 	c.Assert(err, jc.ErrorIsNil)
 	networkConfig := container.BridgeNetworkConfig("foo", 0, nil)
 	data, err := containerinit.CloudInitUserData(instanceConfig, networkConfig)
 	c.Assert(err, jc.ErrorIsNil)
-	// No need to test the exact contents here, as they are already
-	// tested separately.
-	c.Assert(string(data), jc.HasPrefix, "#cloud-config\n")
+	c.Assert(data, gc.NotNil)
+
+	// Extract the "#cloud-config" header and all lines between from the
+	// "bootcmd" section up to (but not including) the "output" sections to
+	// match against expected.
+	var linesToMatch []string
+	seenBootcmd := false
+	for _, line := range strings.Split(string(data), "\n") {
+		if strings.HasPrefix(line, "#cloud-config") {
+			linesToMatch = append(linesToMatch, line)
+			continue
+		}
+
+		if strings.HasPrefix(line, "bootcmd:") {
+			seenBootcmd = true
+		}
+
+		if strings.HasPrefix(line, "output:") && seenBootcmd {
+			break
+		}
+
+		if seenBootcmd {
+			linesToMatch = append(linesToMatch, line)
+		}
+	}
+	expected := fmt.Sprintf(s.expectedFallbackUserData, s.networkInterfacesFile)
+	c.Assert(strings.Join(linesToMatch, "\n")+"\n", gc.Equals, expected)
 }
 
 func assertUserData(c *gc.C, cloudConf cloudinit.CloudConfig, expected string) {
 	data, err := cloudConf.RenderYAML()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(string(data), gc.Equals, expected)
+
 	// Make sure it's valid YAML as well.
 	out := make(map[string]interface{})
 	err = yaml.Unmarshal(data, &out)
@@ -177,75 +239,3 @@
 		c.Assert(out["bootcmd"], gc.IsNil)
 	}
 }
-
-func (s *UserDataSuite) TestShutdownInitCommandsUpstart(c *gc.C) {
-	s.SetFeatureFlags(feature.AddressAllocation)
-	cmds, err := containerinit.ShutdownInitCommands(service.InitSystemUpstart, "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-
-	filename := "/etc/init/juju-template-restart.conf"
-	script := `
-description "juju shutdown job"
-author "Juju Team <juju@lists.ubuntu.com>"
-start on stopped cloud-final
-
-script
-  /bin/cat > /etc/network/interfaces << EOC
-# loopback interface
-auto lo
-iface lo inet loopback
-
-# primary interface
-auto eth0
-iface eth0 inet dhcp
-EOC
-  /bin/rm -fr /var/lib/dhcp/dhclient* /var/log/cloud-init*.log
-  /sbin/shutdown -h now
-end script
-
-post-stop script
-  rm /etc/init/juju-template-restart.conf
-end script
-`[1:]
-	c.Check(cmds, gc.HasLen, 1)
-	testing.CheckWriteFileCommand(c, cmds[0], filename, script, nil)
-}
-
-func (s *UserDataSuite) TestShutdownInitCommandsSystemd(c *gc.C) {
-	s.SetFeatureFlags(feature.AddressAllocation)
-	commands, err := containerinit.ShutdownInitCommands(service.InitSystemSystemd, "vivid")
-	c.Assert(err, jc.ErrorIsNil)
-
-	test := systemdtesting.WriteConfTest{
-		Service: "juju-template-restart",
-		DataDir: "/var/lib/juju",
-		Expected: `
-[Unit]
-Description=juju shutdown job
-After=syslog.target
-After=network.target
-After=systemd-user-sessions.service
-After=cloud-config.target
-
-[Service]
-ExecStart=/var/lib/juju/init/juju-template-restart/exec-start.sh
-ExecStopPost=/bin/systemctl disable juju-template-restart.service
-
-[Install]
-WantedBy=multi-user.target
-`[1:],
-		Script: `
-/bin/cat > /etc/network/interfaces << EOC
-# loopback interface
-auto lo
-iface lo inet loopback
-
-# primary interface
-auto eth0
-iface eth0 inet dhcp
-EOC
-  /bin/rm -fr /var/lib/dhcp/dhclient* /var/log/cloud-init*.log
-  /sbin/shutdown -h now`[1:],
-	}
-	test.CheckInstallAndStartCommands(c, commands)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/containerinit/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/containerinit/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/containerinit/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/containerinit/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,5 +7,4 @@
 var (
 	NetworkInterfacesFile          = &networkInterfacesFile
 	NewCloudInitConfigWithNetworks = newCloudInitConfigWithNetworks
-	ShutdownInitCommands           = shutdownInitCommands
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,28 +1,33 @@
-// Copyright 2012, 2013, 2015 Canonical Ltd.
+// Copyright 2012, 2013, 2015, 2016 Canonical Ltd.
 // Copyright 2015 Cloudbase Solutions SRL
 // Licensed under the AGPLv3, see LICENCE file for details.
 
 package instancecfg
 
 import (
+	"encoding/json"
 	"fmt"
 	"net"
 	"path"
 	"reflect"
 	"strconv"
+	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/proxy"
 	"github.com/juju/utils/shell"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/agent"
 	agenttools "github.com/juju/juju/agent/tools"
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/tags"
@@ -43,23 +48,13 @@
 	// should be populated using the InstanceTags method in this package.
 	Tags map[string]string
 
-	// Bootstrap specifies whether the new instance is the bootstrap
-	// instance. When this is true, StateServingInfo should be set
-	// and filled out.
-	Bootstrap bool
-
-	// StateServingInfo holds the information for serving the state.
-	// This must only be set if the Bootstrap field is true
-	// (controllers started subsequently will acquire their serving info
-	// from another server)
-	StateServingInfo *params.StateServingInfo
-
-	// MongoInfo holds the means for the new instance to communicate with the
-	// juju state database. Unless the new instance is running a controller
-	// (Controller is set), there must be at least one controller address supplied.
-	// The entity name must match that of the instance being started,
-	// or be empty when starting a controller.
-	MongoInfo *mongo.MongoInfo
+	// Bootstrap contains bootstrap-specific configuration. If this is set,
+	// Controller must also be set.
+	Bootstrap *BootstrapConfig
+
+	// Controller contains controller-specific configuration. If this is
+	// set, then the instance will be configured as a controller machine.
+	Controller *ControllerConfig
 
 	// APIInfo holds the means for the new instance to communicate with the
 	// juju state API. Unless the new instance is running a controller (Controller is
@@ -68,15 +63,6 @@
 	// or be empty when starting a controller.
 	APIInfo *api.Info
 
-	// InstanceId is the instance ID of the instance being initialised.
-	// This is required when bootstrapping, and ignored otherwise.
-	InstanceId instance.Id
-
-	// HardwareCharacteristics contains the harrdware characteristics of
-	// the instance being initialised. This optional, and is only used by
-	// the bootstrap agent during state initialisation.
-	HardwareCharacteristics *instance.HardwareCharacteristics
-
 	// MachineNonce is set at provisioning/bootstrap time and used to
 	// ensure the agent is running on the correct instance.
 	MachineNonce string
@@ -86,9 +72,6 @@
 	// identical versions and hashes, but may have different URLs.
 	tools coretools.List
 
-	// GUI is the Juju GUI archive to be installed in the new instance.
-	GUI *coretools.GUIArchive
-
 	// DataDir holds the directory that juju state will be put in the new
 	// instance.
 	DataDir string
@@ -130,23 +113,6 @@
 	// the instance agent config.
 	AgentEnvironment map[string]string
 
-	// WARNING: this is only set if the instance being configured is
-	// a controller node.
-	//
-	// Config holds the initial environment configuration.
-	Config *config.Config
-
-	// HostedModelConfig is a set of config attributes to be overlaid
-	// on the controller model config (Config, above) to construct the
-	// initial hosted model config.
-	HostedModelConfig map[string]interface{}
-
-	// Constraints holds the machine constraints.
-	Constraints constraints.Value
-
-	// ModelConstraints holds the initial model constraints.
-	ModelConstraints constraints.Value
-
 	// DisableSSLHostnameVerification can be set to true to tell cloud-init
 	// that it shouldn't verify SSL certificates
 	DisableSSLHostnameVerification bool
@@ -168,22 +134,9 @@
 	// override the default APT sources.
 	AptMirror string
 
-	// PreferIPv6 mirrors the value of prefer-ipv6 environment setting
-	// and when set IPv6 addresses for connecting to the API/state
-	// servers will be preferred over IPv4 ones.
-	PreferIPv6 bool
-
 	// The type of Simple Stream to download and deploy on this instance.
 	ImageStream string
 
-	// The public key used to sign Juju simplestreams image metadata.
-	PublicImageSigningKey string
-
-	// CustomImageMetadata is optional custom simplestreams image metadata
-	// to store in environment storage at bootstrap time. This is ignored
-	// in non-bootstrap instances.
-	CustomImageMetadata []*imagemetadata.ImageMetadata
-
 	// EnableOSRefreshUpdate specifies whether Juju will refresh its
 	// respective OS's updates list.
 	EnableOSRefreshUpdate bool
@@ -194,6 +147,188 @@
 	EnableOSUpgrade bool
 }
 
+// ControllerConfig represents controller-specific initialization information
+// for a new juju instance. This is only relevant for controller machines.
+type ControllerConfig struct {
+	// MongoInfo holds the means for the new instance to communicate with the
+	// juju state database. Unless the new instance is running a controller
+	// (Controller is set), there must be at least one controller address supplied.
+	// The entity name must match that of the instance being started,
+	// or be empty when starting a controller.
+	MongoInfo *mongo.MongoInfo
+
+	// Config contains controller config attributes.
+	Config controller.Config
+
+	// The public key used to sign Juju simplestreams image metadata.
+	PublicImageSigningKey string
+}
+
+// BootstrapConfig represents bootstrap-specific initialization information
+// for a new juju instance. This is only relevant for the bootstrap machine.
+type BootstrapConfig struct {
+	StateInitializationParams
+
+	// GUI is the Juju GUI archive to be installed in the new instance.
+	GUI *coretools.GUIArchive
+
+	// Timeout is the amount of time to wait for bootstrap to complete.
+	Timeout time.Duration
+
+	// StateServingInfo holds the information for serving the state.
+	// This is only specified for bootstrap; controllers started
+	// subsequently will acquire their serving info from another
+	// server.
+	StateServingInfo params.StateServingInfo
+}
+
+// StateInitializationParams contains parameters for initializing the
+// state database.
+//
+// This structure will be passed to the bootstrap agent. To do so, the
+// Marshal and Unmarshal methods must be used.
+type StateInitializationParams struct {
+	// ControllerModelConfig holds the initial controller model configuration.
+	ControllerModelConfig *config.Config
+
+	// ControllerCloudName is the name of the cloud that Juju will be
+	// bootstrapped in.
+	ControllerCloudName string
+
+	// ControllerCloud contains the properties of the cloud that Juju will
+	// be bootstrapped in.
+	ControllerCloud cloud.Cloud
+
+	// ControllerCloudRegion is the name of the cloud region that Juju will be
+	// bootstrapped in.
+	ControllerCloudRegion string
+
+	// ControllerCloudCredentialName is the name of the cloud credential that
+	// Juju will be bootstrapped with.
+	ControllerCloudCredentialName string
+
+	// ControllerCloudCredential contains the cloud credential that Juju will
+	// be bootstrapped with.
+	ControllerCloudCredential *cloud.Credential
+
+	// ControllerConfig is the set of config attributes relevant
+	// to a controller.
+	ControllerConfig controller.Config
+
+	// ControllerInheritedConfig is a set of config attributes to be shared by all
+	// models managed by this controller.
+	ControllerInheritedConfig map[string]interface{}
+
+	// HostedModelConfig is a set of config attributes to be overlaid
+	// on the controller model config (Config, above) to construct the
+	// initial hosted model config.
+	HostedModelConfig map[string]interface{}
+
+	// BootstrapMachineInstanceId is the instance ID of the bootstrap
+	// machine instance being initialized.
+	BootstrapMachineInstanceId instance.Id
+
+	// BootstrapMachineConstraints holds the constraints for the bootstrap
+	// machine.
+	BootstrapMachineConstraints constraints.Value
+
+	// BootstrapMachineHardwareCharacteristics contains the harrdware
+	// characteristics of the bootstrap machine instance being initialized.
+	BootstrapMachineHardwareCharacteristics *instance.HardwareCharacteristics
+
+	// ModelConstraints holds the initial model constraints.
+	ModelConstraints constraints.Value
+
+	// CustomImageMetadata is optional custom simplestreams image metadata
+	// to store in environment storage at bootstrap time. This is ignored
+	// in non-bootstrap instances.
+	CustomImageMetadata []*imagemetadata.ImageMetadata
+}
+
+type stateInitializationParamsInternal struct {
+	ControllerConfig                        map[string]interface{}            `yaml:"controller-config"`
+	ControllerModelConfig                   map[string]interface{}            `yaml:"controller-model-config"`
+	ControllerInheritedConfig               map[string]interface{}            `yaml:"controller-config-defaults,omitempty"`
+	HostedModelConfig                       map[string]interface{}            `yaml:"hosted-model-config,omitempty"`
+	BootstrapMachineInstanceId              instance.Id                       `yaml:"bootstrap-machine-instance-id"`
+	BootstrapMachineConstraints             constraints.Value                 `yaml:"bootstrap-machine-constraints"`
+	BootstrapMachineHardwareCharacteristics *instance.HardwareCharacteristics `yaml:"bootstrap-machine-hardware,omitempty"`
+	ModelConstraints                        constraints.Value                 `yaml:"model-constraints"`
+	CustomImageMetadataJSON                 string                            `yaml:"custom-image-metadata,omitempty"`
+	ControllerCloudName                     string                            `yaml:"controller-cloud-name"`
+	ControllerCloud                         string                            `yaml:"controller-cloud"`
+	ControllerCloudRegion                   string                            `yaml:"controller-cloud-region"`
+	ControllerCloudCredentialName           string                            `yaml:"controller-cloud-credential-name,omitempty"`
+	ControllerCloudCredential               *cloud.Credential                 `yaml:"controller-cloud-credential,omitempty"`
+}
+
+// Marshal marshals StateInitializationParams to an opaque byte array.
+func (p *StateInitializationParams) Marshal() ([]byte, error) {
+	customImageMetadataJSON, err := json.Marshal(p.CustomImageMetadata)
+	if err != nil {
+		return nil, errors.Annotate(err, "marshalling custom image metadata")
+	}
+	controllerCloud, err := cloud.MarshalCloud(p.ControllerCloud)
+	if err != nil {
+		return nil, errors.Annotate(err, "marshalling cloud definition")
+	}
+	internal := stateInitializationParamsInternal{
+		p.ControllerConfig,
+		p.ControllerModelConfig.AllAttrs(),
+		p.ControllerInheritedConfig,
+		p.HostedModelConfig,
+		p.BootstrapMachineInstanceId,
+		p.BootstrapMachineConstraints,
+		p.BootstrapMachineHardwareCharacteristics,
+		p.ModelConstraints,
+		string(customImageMetadataJSON),
+		p.ControllerCloudName,
+		string(controllerCloud),
+		p.ControllerCloudRegion,
+		p.ControllerCloudCredentialName,
+		p.ControllerCloudCredential,
+	}
+	return yaml.Marshal(&internal)
+}
+
+// Unmarshal unmarshals StateInitializationParams from a byte array that
+// was generated with StateInitializationParams.Marshal.
+func (p *StateInitializationParams) Unmarshal(data []byte) error {
+	var internal stateInitializationParamsInternal
+	if err := yaml.Unmarshal(data, &internal); err != nil {
+		return errors.Annotate(err, "unmarshalling state initialization params")
+	}
+	var imageMetadata []*imagemetadata.ImageMetadata
+	if err := json.Unmarshal([]byte(internal.CustomImageMetadataJSON), &imageMetadata); err != nil {
+		return errors.Trace(err)
+	}
+	cfg, err := config.New(config.NoDefaults, internal.ControllerModelConfig)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	controllerCloud, err := cloud.UnmarshalCloud([]byte(internal.ControllerCloud))
+	if err != nil {
+		return errors.Trace(err)
+	}
+	*p = StateInitializationParams{
+		ControllerConfig:                        internal.ControllerConfig,
+		ControllerModelConfig:                   cfg,
+		ControllerInheritedConfig:               internal.ControllerInheritedConfig,
+		HostedModelConfig:                       internal.HostedModelConfig,
+		BootstrapMachineInstanceId:              internal.BootstrapMachineInstanceId,
+		BootstrapMachineConstraints:             internal.BootstrapMachineConstraints,
+		BootstrapMachineHardwareCharacteristics: internal.BootstrapMachineHardwareCharacteristics,
+		ModelConstraints:                        internal.ModelConstraints,
+		CustomImageMetadata:                     imageMetadata,
+		ControllerCloudName:                     internal.ControllerCloudName,
+		ControllerCloud:                         controllerCloud,
+		ControllerCloudRegion:                   internal.ControllerCloudRegion,
+		ControllerCloudCredentialName:           internal.ControllerCloudCredentialName,
+		ControllerCloudCredential:               internal.ControllerCloudCredential,
+	}
+	return nil
+}
+
 func (cfg *InstanceConfig) agentInfo() service.AgentInfo {
 	return service.NewMachineAgentInfo(
 		cfg.MachineId,
@@ -225,11 +360,13 @@
 	// TODO for HAState: the stateHostAddrs and apiHostAddrs here assume that
 	// if the instance is a controller then to use localhost.  This may be
 	// sufficient, but needs thought in the new world order.
-	var password string
-	if cfg.MongoInfo == nil {
+	var password, cacert string
+	if cfg.Controller == nil {
 		password = cfg.APIInfo.Password
+		cacert = cfg.APIInfo.CACert
 	} else {
-		password = cfg.MongoInfo.Password
+		password = cfg.Controller.MongoInfo.Password
+		cacert = cfg.Controller.MongoInfo.CACert
 	}
 	configParams := agent.AgentConfigParams{
 		Paths: agent.Paths{
@@ -244,15 +381,14 @@
 		Nonce:             cfg.MachineNonce,
 		StateAddresses:    cfg.stateHostAddrs(),
 		APIAddresses:      cfg.ApiHostAddrs(),
-		CACert:            cfg.MongoInfo.CACert,
+		CACert:            cacert,
 		Values:            cfg.AgentEnvironment,
-		PreferIPv6:        cfg.PreferIPv6,
 		Model:             cfg.APIInfo.ModelTag,
 	}
-	if !cfg.Bootstrap {
+	if cfg.Bootstrap == nil {
 		return agent.NewAgentConfig(configParams)
 	}
-	return agent.NewStateMachineConfig(configParams, *cfg.StateServingInfo)
+	return agent.NewStateMachineConfig(configParams, cfg.Bootstrap.StateServingInfo)
 }
 
 // JujuTools returns the directory where Juju tools are stored.
@@ -267,27 +403,23 @@
 
 func (cfg *InstanceConfig) stateHostAddrs() []string {
 	var hosts []string
-	if cfg.Bootstrap {
-		if cfg.PreferIPv6 {
-			hosts = append(hosts, net.JoinHostPort("::1", strconv.Itoa(cfg.StateServingInfo.StatePort)))
-		} else {
-			hosts = append(hosts, net.JoinHostPort("localhost", strconv.Itoa(cfg.StateServingInfo.StatePort)))
-		}
+	if cfg.Bootstrap != nil {
+		hosts = append(hosts, net.JoinHostPort(
+			"localhost", strconv.Itoa(cfg.Bootstrap.StateServingInfo.StatePort)),
+		)
 	}
-	if cfg.MongoInfo != nil {
-		hosts = append(hosts, cfg.MongoInfo.Addrs...)
+	if cfg.Controller != nil {
+		hosts = append(hosts, cfg.Controller.MongoInfo.Addrs...)
 	}
 	return hosts
 }
 
 func (cfg *InstanceConfig) ApiHostAddrs() []string {
 	var hosts []string
-	if cfg.Bootstrap {
-		if cfg.PreferIPv6 {
-			hosts = append(hosts, net.JoinHostPort("::1", strconv.Itoa(cfg.StateServingInfo.APIPort)))
-		} else {
-			hosts = append(hosts, net.JoinHostPort("localhost", strconv.Itoa(cfg.StateServingInfo.APIPort)))
-		}
+	if cfg.Bootstrap != nil {
+		hosts = append(hosts, net.JoinHostPort(
+			"localhost", strconv.Itoa(cfg.Bootstrap.StateServingInfo.APIPort)),
+		)
 	}
 	if cfg.APIInfo != nil {
 		hosts = append(hosts, cfg.APIInfo.Addrs...)
@@ -359,6 +491,7 @@
 	return "invalid machine configuration: missing " + string(e)
 }
 
+// VerifyConfig verifies that the InstanceConfig is valid.
 func (cfg *InstanceConfig) VerifyConfig() (err error) {
 	defer errors.DeferredAnnotatef(&err, "invalid machine configuration")
 	if !names.IsValidMachine(cfg.MachineId) {
@@ -384,12 +517,6 @@
 		return errors.New("missing tools")
 	}
 	// We don't need to check cfg.toolsURLs since SetTools() does.
-	if cfg.MongoInfo == nil {
-		return errors.New("missing state info")
-	}
-	if len(cfg.MongoInfo.CACert) == 0 {
-		return errors.New("missing CA certificate")
-	}
 	if cfg.APIInfo == nil {
 		return errors.New("missing API info")
 	}
@@ -402,62 +529,95 @@
 	if cfg.MachineAgentServiceName == "" {
 		return errors.New("missing machine agent service name")
 	}
-	if cfg.Bootstrap {
-		if cfg.Config == nil {
-			return errors.New("missing model configuration")
-		}
-		if cfg.MongoInfo.Tag != nil {
-			return errors.New("entity tag must be nil when starting a controller")
-		}
-		if cfg.APIInfo.Tag != nil {
-			return errors.New("entity tag must be nil when starting a controller")
-		}
-		if cfg.StateServingInfo == nil {
-			return errors.New("missing state serving info")
-		}
-		if len(cfg.StateServingInfo.Cert) == 0 {
-			return errors.New("missing controller certificate")
-		}
-		if len(cfg.StateServingInfo.PrivateKey) == 0 {
-			return errors.New("missing controller private key")
-		}
-		if len(cfg.StateServingInfo.CAPrivateKey) == 0 {
-			return errors.New("missing ca cert private key")
-		}
-		if cfg.StateServingInfo.StatePort == 0 {
-			return errors.New("missing state port")
-		}
-		if cfg.StateServingInfo.APIPort == 0 {
-			return errors.New("missing API port")
-		}
-		if cfg.InstanceId == "" {
-			return errors.New("missing instance-id")
+	if cfg.MachineNonce == "" {
+		return errors.New("missing machine nonce")
+	}
+	if cfg.Controller != nil {
+		if err := cfg.verifyControllerConfig(); err != nil {
+			return errors.Trace(err)
 		}
-		if len(cfg.HostedModelConfig) == 0 {
-			return errors.New("missing hosted model config")
+	}
+	if cfg.Bootstrap != nil {
+		if err := cfg.verifyBootstrapConfig(); err != nil {
+			return errors.Trace(err)
 		}
 	} else {
-		if len(cfg.MongoInfo.Addrs) == 0 {
-			return errors.New("missing state hosts")
-		}
-		if cfg.MongoInfo.Tag != names.NewMachineTag(cfg.MachineId) {
-			return errors.New("entity tag must match started machine")
+		if cfg.APIInfo.Tag != names.NewMachineTag(cfg.MachineId) {
+			return errors.New("API entity tag must match started machine")
 		}
 		if len(cfg.APIInfo.Addrs) == 0 {
 			return errors.New("missing API hosts")
 		}
-		if cfg.APIInfo.Tag != names.NewMachineTag(cfg.MachineId) {
-			return errors.New("entity tag must match started machine")
-		}
-		if cfg.StateServingInfo != nil {
-			return errors.New("state serving info unexpectedly present")
+	}
+	return nil
+}
+
+func (cfg *InstanceConfig) verifyBootstrapConfig() (err error) {
+	defer errors.DeferredAnnotatef(&err, "invalid bootstrap configuration")
+	if cfg.Controller == nil {
+		return errors.New("bootstrap config supplied without controller config")
+	}
+	if err := cfg.Bootstrap.VerifyConfig(); err != nil {
+		return errors.Trace(err)
+	}
+	if cfg.APIInfo.Tag != nil || cfg.Controller.MongoInfo.Tag != nil {
+		return errors.New("entity tag must be nil when bootstrapping")
+	}
+	return nil
+}
+
+func (cfg *InstanceConfig) verifyControllerConfig() (err error) {
+	defer errors.DeferredAnnotatef(&err, "invalid controller configuration")
+	if err := cfg.Controller.VerifyConfig(); err != nil {
+		return errors.Trace(err)
+	}
+	if cfg.Bootstrap == nil {
+		if len(cfg.Controller.MongoInfo.Addrs) == 0 {
+			return errors.New("missing state hosts")
 		}
-		if len(cfg.HostedModelConfig) != 0 {
-			return errors.New("hosted model config unexpectedly present")
+		if cfg.Controller.MongoInfo.Tag != names.NewMachineTag(cfg.MachineId) {
+			return errors.New("entity tag must match started machine")
 		}
 	}
-	if cfg.MachineNonce == "" {
-		return errors.New("missing machine nonce")
+	return nil
+}
+
+// VerifyConfig verifies that the BootstrapConfig is valid.
+func (cfg *BootstrapConfig) VerifyConfig() (err error) {
+	if cfg.ControllerModelConfig == nil {
+		return errors.New("missing model configuration")
+	}
+	if len(cfg.StateServingInfo.Cert) == 0 {
+		return errors.New("missing controller certificate")
+	}
+	if len(cfg.StateServingInfo.PrivateKey) == 0 {
+		return errors.New("missing controller private key")
+	}
+	if len(cfg.StateServingInfo.CAPrivateKey) == 0 {
+		return errors.New("missing ca cert private key")
+	}
+	if cfg.StateServingInfo.StatePort == 0 {
+		return errors.New("missing state port")
+	}
+	if cfg.StateServingInfo.APIPort == 0 {
+		return errors.New("missing API port")
+	}
+	if cfg.BootstrapMachineInstanceId == "" {
+		return errors.New("missing bootstrap machine instance ID")
+	}
+	if len(cfg.HostedModelConfig) == 0 {
+		return errors.New("missing hosted model config")
+	}
+	return nil
+}
+
+// VerifyConfig verifies that the ControllerConfig is valid.
+func (cfg *ControllerConfig) VerifyConfig() error {
+	if cfg.MongoInfo == nil {
+		return errors.New("missing state info")
+	}
+	if len(cfg.MongoInfo.CACert) == 0 {
+		return errors.New("missing CA certificate")
 	}
 	return nil
 }
@@ -478,10 +638,8 @@
 	machineID,
 	machineNonce,
 	imageStream,
-	series,
-	publicImageSigningKey string,
+	series string,
 	secureServerConnections bool,
-	mongoInfo *mongo.MongoInfo,
 	apiInfo *api.Info,
 ) (*InstanceConfig, error) {
 	dataDir, err := paths.DataDir(series)
@@ -509,12 +667,10 @@
 		Tags:                    map[string]string{},
 
 		// Parameter entries.
-		MachineId:             machineID,
-		MachineNonce:          machineNonce,
-		MongoInfo:             mongoInfo,
-		APIInfo:               apiInfo,
-		ImageStream:           imageStream,
-		PublicImageSigningKey: publicImageSigningKey,
+		MachineId:    machineID,
+		MachineNonce: machineNonce,
+		APIInfo:      apiInfo,
+		ImageStream:  imageStream,
 		AgentEnvironment: map[string]string{
 			agent.AllowsSecureConnection: strconv.FormatBool(secureServerConnections),
 		},
@@ -526,22 +682,33 @@
 // bootstrap node.  You'll still need to supply more information, but this
 // takes care of the fixed entries and the ones that are always needed.
 func NewBootstrapInstanceConfig(
+	config controller.Config,
 	cons, modelCons constraints.Value,
 	series, publicImageSigningKey string,
 ) (*InstanceConfig, error) {
-	// For a bootstrap instance, FinishInstanceConfig will provide the
-	// state.Info and the api.Info. The machine id must *always* be "0".
-	icfg, err := NewInstanceConfig("0", agent.BootstrapNonce, "", series, publicImageSigningKey, true, nil, nil)
+	// For a bootstrap instance, the caller must provide the state.Info
+	// and the api.Info. The machine id must *always* be "0".
+	icfg, err := NewInstanceConfig("0", agent.BootstrapNonce, "", series, true, nil)
 	if err != nil {
 		return nil, err
 	}
-	icfg.Bootstrap = true
+	icfg.Controller = &ControllerConfig{
+		PublicImageSigningKey: publicImageSigningKey,
+	}
+	icfg.Controller.Config = make(map[string]interface{})
+	for k, v := range config {
+		icfg.Controller.Config[k] = v
+	}
+	icfg.Bootstrap = &BootstrapConfig{
+		StateInitializationParams: StateInitializationParams{
+			BootstrapMachineConstraints: cons,
+			ModelConstraints:            modelCons,
+		},
+	}
 	icfg.Jobs = []multiwatcher.MachineJob{
 		multiwatcher.JobManageModel,
 		multiwatcher.JobHostUnits,
 	}
-	icfg.Constraints = cons
-	icfg.ModelConstraints = modelCons
 	return icfg, nil
 }
 
@@ -556,13 +723,9 @@
 	sslHostnameVerification bool,
 	proxySettings, aptProxySettings proxy.Settings,
 	aptMirror string,
-	preferIPv6 bool,
 	enableOSRefreshUpdates bool,
 	enableOSUpgrade bool,
 ) error {
-	if authorizedKeys == "" {
-		return fmt.Errorf("model configuration has no authorized-keys")
-	}
 	icfg.AuthorizedKeys = authorizedKeys
 	if icfg.AgentEnvironment == nil {
 		icfg.AgentEnvironment = make(map[string]string)
@@ -573,7 +736,6 @@
 	icfg.ProxySettings = proxySettings
 	icfg.AptProxySettings = aptProxySettings
 	icfg.AptMirror = aptMirror
-	icfg.PreferIPv6 = preferIPv6
 	icfg.EnableOSRefreshUpdate = enableOSRefreshUpdates
 	icfg.EnableOSUpgrade = enableOSUpgrade
 	return nil
@@ -581,8 +743,8 @@
 
 // FinishInstanceConfig sets fields on a InstanceConfig that can be determined by
 // inspecting a plain config.Config and the machine constraints at the last
-// moment before bootstrapping. It assumes that the supplied Config comes from
-// an environment that has passed through all the validation checks in the
+// moment before creating the user-data. It assumes that the supplied Config comes
+// from an environment that has passed through all the validation checks in the
 // Bootstrap func, and that has set an agent-version (via finding the tools to,
 // use for bootstrap, or otherwise).
 // TODO(fwereade) This function is not meant to be "good" in any serious way:
@@ -591,7 +753,6 @@
 // redeeming feature.
 func FinishInstanceConfig(icfg *InstanceConfig, cfg *config.Config) (err error) {
 	defer errors.DeferredAnnotatef(&err, "cannot complete machine configuration")
-
 	if err := PopulateInstanceConfig(
 		icfg,
 		cfg.Type(),
@@ -600,113 +761,31 @@
 		cfg.ProxySettings(),
 		cfg.AptProxySettings(),
 		cfg.AptMirror(),
-		cfg.PreferIPv6(),
 		cfg.EnableOSRefreshUpdate(),
 		cfg.EnableOSUpgrade(),
 	); err != nil {
 		return errors.Trace(err)
 	}
-
-	if isStateInstanceConfig(icfg) {
+	if icfg.Controller != nil {
 		// Add NUMACTL preference. Needed to work for both bootstrap and high availability
 		// Only makes sense for controller
-		logger.Debugf("Setting numa ctl preference to %v", cfg.NumaCtlPreference())
+		logger.Debugf("Setting numa ctl preference to %v", icfg.Controller.Config.NumaCtlPreference())
 		// Unfortunately, AgentEnvironment can only take strings as values
-		icfg.AgentEnvironment[agent.NumaCtlPreference] = fmt.Sprintf("%v", cfg.NumaCtlPreference())
-	}
-	// The following settings are only appropriate at bootstrap time. At the
-	// moment, the only controller is the bootstrap node, but this
-	// will probably change.
-	if !icfg.Bootstrap {
-		return nil
-	}
-	if icfg.APIInfo != nil || icfg.MongoInfo != nil {
-		return errors.New("machine configuration already has api/state info")
-	}
-	caCert, hasCACert := cfg.CACert()
-	if !hasCACert {
-		return errors.New("model configuration has no ca-cert")
-	}
-	password := cfg.AdminSecret()
-	if password == "" {
-		return errors.New("model configuration has no admin-secret")
-	}
-	icfg.APIInfo = &api.Info{
-		Password: password,
-		CACert:   caCert,
-		ModelTag: names.NewModelTag(cfg.UUID()),
-	}
-	icfg.MongoInfo = &mongo.MongoInfo{Password: password, Info: mongo.Info{CACert: caCert}}
-
-	// These really are directly relevant to running a controller.
-	// Initially, generate a controller certificate with no host IP
-	// addresses in the SAN field. Once the controller is up and the
-	// NIC addresses become known, the certificate can be regenerated.
-	cert, key, err := cfg.GenerateControllerCertAndKey(nil)
-	if err != nil {
-		return errors.Annotate(err, "cannot generate controller certificate")
-	}
-	caPrivateKey, hasCAPrivateKey := cfg.CAPrivateKey()
-	if !hasCAPrivateKey {
-		return errors.New("model configuration has no ca-private-key")
-	}
-	srvInfo := params.StateServingInfo{
-		StatePort:    cfg.StatePort(),
-		APIPort:      cfg.APIPort(),
-		Cert:         string(cert),
-		PrivateKey:   string(key),
-		CAPrivateKey: caPrivateKey,
-	}
-	icfg.StateServingInfo = &srvInfo
-	if icfg.Config, err = bootstrapConfig(cfg); err != nil {
-		return errors.Trace(err)
+		icfg.AgentEnvironment[agent.NumaCtlPreference] = fmt.Sprintf("%v", icfg.Controller.Config.NumaCtlPreference())
 	}
-
 	return nil
 }
 
 // InstanceTags returns the minimum set of tags that should be set on a
 // machine instance, if the provider supports them.
-func InstanceTags(cfg *config.Config, jobs []multiwatcher.MachineJob) map[string]string {
+func InstanceTags(modelUUID, controllerUUID string, tagger tags.ResourceTagger, jobs []multiwatcher.MachineJob) map[string]string {
 	instanceTags := tags.ResourceTags(
-		names.NewModelTag(cfg.UUID()),
-		names.NewModelTag(cfg.ControllerUUID()),
-		cfg,
+		names.NewModelTag(modelUUID),
+		names.NewModelTag(controllerUUID),
+		tagger,
 	)
 	if multiwatcher.AnyJobNeedsState(jobs...) {
 		instanceTags[tags.JujuIsController] = "true"
 	}
 	return instanceTags
 }
-
-// bootstrapConfig returns a copy of the supplied configuration with the
-// admin-secret and ca-private-key attributes removed. If the resulting
-// config is not suitable for bootstrapping an environment, an error is
-// returned.
-// This function is copied from environs in here so we can avoid an import loop
-func bootstrapConfig(cfg *config.Config) (*config.Config, error) {
-	m := cfg.AllAttrs()
-	// We never want to push admin-secret or the root CA private key to the cloud.
-	delete(m, "admin-secret")
-	delete(m, "ca-private-key")
-	cfg, err := config.New(config.NoDefaults, m)
-	if err != nil {
-		return nil, err
-	}
-	if _, ok := cfg.AgentVersion(); !ok {
-		return nil, fmt.Errorf("model configuration has no agent-version")
-	}
-	return cfg, nil
-}
-
-// isStateInstanceConfig determines if given machine configuration
-// is for controller by iterating over machine's jobs.
-// If JobManageModel is present, this is a controller.
-func isStateInstanceConfig(icfg *InstanceConfig) bool {
-	for _, aJob := range icfg.Jobs {
-		if aJob == multiwatcher.JobManageModel {
-			return true
-		}
-	}
-	return false
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/instancecfg/instancecfg_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,7 +49,7 @@
 }
 
 func testInstanceTags(c *gc.C, cfg *config.Config, jobs []multiwatcher.MachineJob, expectTags map[string]string) {
-	tags := instancecfg.InstanceTags(cfg, jobs)
+	tags := instancecfg.InstanceTags(testing.ModelTag.Id(), testing.ModelTag.Id(), cfg, jobs)
 	c.Assert(tags, jc.DeepEquals, expectTags)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/powershell_helpers.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/powershell_helpers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/powershell_helpers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/powershell_helpers.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,747 +0,0 @@
-// Copyright 2014, 2015 Canonical Ltd.
-// Copyright 2014, 2015 Cloudbase Solutions
-// Copyright 2012 Aaron Jensen
-// Copyright (c) 2009, Vladimir Vasiltsov All rights reserved.
-//
-// Licensed under the AGPLv3, see LICENCE file for details.
-//
-// This file borrowed some code from https://bitbucket.org/splatteredbits/carbon
-// (see Source/Security/Privilege.cs). This external source is licensed under
-// Apache-2.0 license which is compatible with AGPLv3 license. Because it's
-// compatible we can and have licensed this derived work under AGPLv3. The original
-// Apache-2.0 license for the external source can be found inside Apache-License.txt.
-// Copyright statement of the external source: Copyright 2012 Aaron Jensen
-//
-// This file borrowed some code from https://code.google.com/p/tar-cs/ which is
-// This external source is licensed under BSD3 License which is compatible with
-// AGPLv3 license. Because it's compatible we can have have licensed this
-// derived work under AGPLv3. The original BSD3 license for the external source
-// can be found inside BSD3-License.txt.
-// Copyright statement of the external source:
-// Copyright (c) 2009, Vladimir Vasiltsov All rights reserved.
-
-package cloudconfig
-
-const addJujudUser = `
-function create-account ([string]$accountName, [string]$accountDescription, [string]$password) {
-	$hostname = hostname
-	$comp = [adsi]"WinNT://$hostname"
-	$user = $comp.Create("User", $accountName)
-	$user.SetPassword($password)
-	$user.SetInfo()
-	$user.description = $accountDescription
-	$user.SetInfo()
-	$User.UserFlags[0] = $User.UserFlags[0] -bor 0x10000
-	$user.SetInfo()
-
-	# This gets the Administrator group name that is localized on different windows versions. 
-	# However the SID S-1-5-32-544 is the same on all versions.
-	$adminGroup = (New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")).Translate([System.Security.Principal.NTAccount]).Value.Split("\")[1]
-
-	$objOU = [ADSI]"WinNT://$hostname/$adminGroup,group"
-	$objOU.add("WinNT://$hostname/$accountName")
-}
-
-$Source = @"
-using System;
-using System.Text;
-using System.Runtime.InteropServices;
-
-namespace PSCloudbase
-{
-	public sealed class Win32CryptApi
-	{
-		public static long CRYPT_SILENT = 0x00000040;
-		public static long CRYPT_VERIFYCONTEXT = 0xF0000000;
-		public static int PROV_RSA_FULL = 1;
-
-		[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
-		[return : MarshalAs(UnmanagedType.Bool)]
-		public static extern bool CryptAcquireContext(ref IntPtr hProv,
-													  StringBuilder pszContainer, // Don't use string, as Powershell replaces $null with an empty string
-													  StringBuilder pszProvider, // Don't use string, as Powershell replaces $null with an empty string
-													  uint dwProvType,
-													  uint dwFlags);
-
-		[DllImport("Advapi32.dll", EntryPoint = "CryptReleaseContext", CharSet = CharSet.Unicode, SetLastError = true)]
-		public static extern bool CryptReleaseContext(IntPtr hProv, Int32 dwFlags);
-
-		[DllImport("advapi32.dll", SetLastError=true)]
-		public static extern bool CryptGenRandom(IntPtr hProv, uint dwLen, byte[] pbBuffer);
-
-		[DllImport("Kernel32.dll")]
-		public static extern uint GetLastError();
-	}
-}
-"@
-
-Add-Type -TypeDefinition $Source -Language CSharp
-
-function Get-RandomPassword
-{
-	[CmdletBinding()]
-	param
-	(
-		[parameter(Mandatory=$true)]
-		[int]$Length
-	)
-	process
-	{
-		$hProvider = 0
-		try
-		{
-			if(![PSCloudbase.Win32CryptApi]::CryptAcquireContext([ref]$hProvider, $null, $null,
-																 [PSCloudbase.Win32CryptApi]::PROV_RSA_FULL,
-																 ([PSCloudbase.Win32CryptApi]::CRYPT_VERIFYCONTEXT -bor
-																  [PSCloudbase.Win32CryptApi]::CRYPT_SILENT)))
-			{
-				throw "CryptAcquireContext failed with error: 0x" + "{0:X0}" -f [PSCloudbase.Win32CryptApi]::GetLastError()
-			}
-
-			$buffer = New-Object byte[] $Length
-			if(![PSCloudbase.Win32CryptApi]::CryptGenRandom($hProvider, $Length, $buffer))
-			{
-				throw "CryptGenRandom failed with error: 0x" + "{0:X0}" -f [PSCloudbase.Win32CryptApi]::GetLastError()
-			}
-
-			$buffer | ForEach-Object { $password += "{0:X0}" -f $_ }
-			return $password
-		}
-		finally
-		{
-			if($hProvider)
-			{
-				$retVal = [PSCloudbase.Win32CryptApi]::CryptReleaseContext($hProvider, 0)
-			}
-		}
-	}
-}
-
-$SourcePolicy = @"
-/*
-Original sources available at: https://bitbucket.org/splatteredbits/carbon
-*/
-
-using System;
-using System.Collections.Generic;
-using System.ComponentModel;
-using System.Runtime.InteropServices;
-using System.Security.Principal;
-using System.Text;
-
-namespace PSCarbon
-{
-	public sealed class Lsa
-	{
-		// ReSharper disable InconsistentNaming
-		[StructLayout(LayoutKind.Sequential)]
-		internal struct LSA_UNICODE_STRING
-		{
-			internal LSA_UNICODE_STRING(string inputString)
-			{
-				if (inputString == null)
-				{
-					Buffer = IntPtr.Zero;
-					Length = 0;
-					MaximumLength = 0;
-				}
-				else
-				{
-					Buffer = Marshal.StringToHGlobalAuto(inputString);
-					Length = (ushort)(inputString.Length * UnicodeEncoding.CharSize);
-					MaximumLength = (ushort)((inputString.Length + 1) * UnicodeEncoding.CharSize);
-				}
-			}
-
-			internal ushort Length;
-			internal ushort MaximumLength;
-			internal IntPtr Buffer;
-		}
-
-		[StructLayout(LayoutKind.Sequential)]
-		internal struct LSA_OBJECT_ATTRIBUTES
-		{
-			internal uint Length;
-			internal IntPtr RootDirectory;
-			internal LSA_UNICODE_STRING ObjectName;
-			internal uint Attributes;
-			internal IntPtr SecurityDescriptor;
-			internal IntPtr SecurityQualityOfService;
-		}
-
-		[StructLayout(LayoutKind.Sequential)]
-		public struct LUID
-		{
-			public uint LowPart;
-			public int HighPart;
-		}
-
-		// ReSharper disable UnusedMember.Local
-		private const uint POLICY_VIEW_LOCAL_INFORMATION = 0x00000001;
-		private const uint POLICY_VIEW_AUDIT_INFORMATION = 0x00000002;
-		private const uint POLICY_GET_PRIVATE_INFORMATION = 0x00000004;
-		private const uint POLICY_TRUST_ADMIN = 0x00000008;
-		private const uint POLICY_CREATE_ACCOUNT = 0x00000010;
-		private const uint POLICY_CREATE_SECRET = 0x00000014;
-		private const uint POLICY_CREATE_PRIVILEGE = 0x00000040;
-		private const uint POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080;
-		private const uint POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100;
-		private const uint POLICY_AUDIT_LOG_ADMIN = 0x00000200;
-		private const uint POLICY_SERVER_ADMIN = 0x00000400;
-		private const uint POLICY_LOOKUP_NAMES = 0x00000800;
-		private const uint POLICY_NOTIFICATION = 0x00001000;
-		// ReSharper restore UnusedMember.Local
-
-		[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
-		public static extern bool LookupPrivilegeValue(
-			[MarshalAs(UnmanagedType.LPTStr)] string lpSystemName,
-			[MarshalAs(UnmanagedType.LPTStr)] string lpName,
-			out LUID lpLuid);
-
-		[DllImport("advapi32.dll", CharSet = CharSet.Unicode)]
-		private static extern uint LsaAddAccountRights(
-			IntPtr PolicyHandle,
-			IntPtr AccountSid,
-			LSA_UNICODE_STRING[] UserRights,
-			uint CountOfRights);
-
-		[DllImport("advapi32.dll", CharSet = CharSet.Unicode, SetLastError = false)]
-		private static extern uint LsaClose(IntPtr ObjectHandle);
-
-		[DllImport("advapi32.dll", SetLastError = true)]
-		private static extern uint LsaEnumerateAccountRights(IntPtr PolicyHandle,
-			IntPtr AccountSid,
-			out IntPtr UserRights,
-			out uint CountOfRights
-			);
-
-		[DllImport("advapi32.dll", SetLastError = true)]
-		private static extern uint LsaFreeMemory(IntPtr pBuffer);
-
-		[DllImport("advapi32.dll")]
-		private static extern int LsaNtStatusToWinError(long status);
-
-		[DllImport("advapi32.dll", SetLastError = true, PreserveSig = true)]
-		private static extern uint LsaOpenPolicy(ref LSA_UNICODE_STRING SystemName, ref LSA_OBJECT_ATTRIBUTES ObjectAttributes, uint DesiredAccess, out IntPtr PolicyHandle );
-
-		[DllImport("advapi32.dll", SetLastError = true, PreserveSig = true)]
-		static extern uint LsaRemoveAccountRights(
-			IntPtr PolicyHandle,
-			IntPtr AccountSid,
-			[MarshalAs(UnmanagedType.U1)]
-			bool AllRights,
-			LSA_UNICODE_STRING[] UserRights,
-			uint CountOfRights);
-		// ReSharper restore InconsistentNaming
-
-		private static IntPtr GetIdentitySid(string identity)
-		{
-			SecurityIdentifier sid =
-				new NTAccount(identity).Translate(typeof (SecurityIdentifier)) as SecurityIdentifier;
-			if (sid == null)
-			{
-				throw new ArgumentException(string.Format("Account {0} not found.", identity));
-			}
-			byte[] sidBytes = new byte[sid.BinaryLength];
-			sid.GetBinaryForm(sidBytes, 0);
-			System.IntPtr sidPtr = Marshal.AllocHGlobal(sidBytes.Length);
-			Marshal.Copy(sidBytes, 0, sidPtr, sidBytes.Length);
-			return sidPtr;
-		}
-
-		private static IntPtr GetLsaPolicyHandle()
-		{
-			string computerName = Environment.MachineName;
-			IntPtr hPolicy;
-			LSA_OBJECT_ATTRIBUTES objectAttributes = new LSA_OBJECT_ATTRIBUTES();
-			objectAttributes.Length = 0;
-			objectAttributes.RootDirectory = IntPtr.Zero;
-			objectAttributes.Attributes = 0;
-			objectAttributes.SecurityDescriptor = IntPtr.Zero;
-			objectAttributes.SecurityQualityOfService = IntPtr.Zero;
-
-			const uint ACCESS_MASK = POLICY_CREATE_SECRET | POLICY_LOOKUP_NAMES | POLICY_VIEW_LOCAL_INFORMATION;
-			LSA_UNICODE_STRING machineNameLsa = new LSA_UNICODE_STRING(computerName);
-			uint result = LsaOpenPolicy(ref machineNameLsa, ref objectAttributes, ACCESS_MASK, out hPolicy);
-			HandleLsaResult(result);
-			return hPolicy;
-		}
-
-		public static string[] GetPrivileges(string identity)
-		{
-			IntPtr sidPtr = GetIdentitySid(identity);
-			IntPtr hPolicy = GetLsaPolicyHandle();
-			IntPtr rightsPtr = IntPtr.Zero;
-
-			try
-			{
-
-				List<string> privileges = new List<string>();
-
-				uint rightsCount;
-				uint result = LsaEnumerateAccountRights(hPolicy, sidPtr, out rightsPtr, out rightsCount);
-				int win32ErrorCode = LsaNtStatusToWinError(result);
-				// the user has no privileges
-				if( win32ErrorCode == STATUS_OBJECT_NAME_NOT_FOUND )
-				{
-					return new string[0];
-				}
-				HandleLsaResult(result);
-
-				LSA_UNICODE_STRING myLsaus = new LSA_UNICODE_STRING();
-				for (ulong i = 0; i < rightsCount; i++)
-				{
-					IntPtr itemAddr = new IntPtr(rightsPtr.ToInt64() + (long) (i*(ulong) Marshal.SizeOf(myLsaus)));
-					myLsaus = (LSA_UNICODE_STRING) Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
-					char[] cvt = new char[myLsaus.Length/UnicodeEncoding.CharSize];
-					Marshal.Copy(myLsaus.Buffer, cvt, 0, myLsaus.Length/UnicodeEncoding.CharSize);
-					string thisRight = new string(cvt);
-					privileges.Add(thisRight);
-				}
-				return privileges.ToArray();
-			}
-			finally
-			{
-				Marshal.FreeHGlobal(sidPtr);
-				uint result = LsaClose(hPolicy);
-				HandleLsaResult(result);
-				result = LsaFreeMemory(rightsPtr);
-				HandleLsaResult(result);
-			}
-		}
-
-		public static void GrantPrivileges(string identity, string[] privileges)
-		{
-			IntPtr sidPtr = GetIdentitySid(identity);
-			IntPtr hPolicy = GetLsaPolicyHandle();
-
-			try
-			{
-				LSA_UNICODE_STRING[] lsaPrivileges = StringsToLsaStrings(privileges);
-				uint result = LsaAddAccountRights(hPolicy, sidPtr, lsaPrivileges, (uint)lsaPrivileges.Length);
-				HandleLsaResult(result);
-			}
-			finally
-			{
-				Marshal.FreeHGlobal(sidPtr);
-				uint result = LsaClose(hPolicy);
-				HandleLsaResult(result);
-			}
-		}
-
-		const int STATUS_SUCCESS = 0x0;
-		const int STATUS_OBJECT_NAME_NOT_FOUND = 0x00000002;
-		const int STATUS_ACCESS_DENIED = 0x00000005;
-		const int STATUS_INVALID_HANDLE = 0x00000006;
-		const int STATUS_UNSUCCESSFUL = 0x0000001F;
-		const int STATUS_INVALID_PARAMETER = 0x00000057;
-		const int STATUS_NO_SUCH_PRIVILEGE = 0x00000521;
-		const int STATUS_INVALID_SERVER_STATE = 0x00000548;
-		const int STATUS_INTERNAL_DB_ERROR = 0x00000567;
-		const int STATUS_INSUFFICIENT_RESOURCES = 0x000005AA;
-
-		private static Dictionary<int, string> ErrorMessages = new Dictionary<int, string>();
-		public Lsa () {
-			ErrorMessages.Add(STATUS_ACCESS_DENIED, "Access denied. Caller does not have the appropriate access to complete the operation.");
-			ErrorMessages.Add(STATUS_INVALID_HANDLE, "Invalid handle. Indicates an object or RPC handle is not valid in the context used.");
-			ErrorMessages.Add(STATUS_UNSUCCESSFUL, "Unsuccessful. Generic failure, such as RPC connection failure.");
-			ErrorMessages.Add(STATUS_INVALID_PARAMETER, "Invalid parameter. One of the parameters is not valid.");
-			ErrorMessages.Add(STATUS_NO_SUCH_PRIVILEGE, "No such privilege. Indicates a specified privilege does not exist.");
-			ErrorMessages.Add(STATUS_INVALID_SERVER_STATE, "Invalid server state. Indicates the LSA server is currently disabled.");
-			ErrorMessages.Add(STATUS_INTERNAL_DB_ERROR, "Internal database error. The LSA database contains an internal inconsistency.");
-			ErrorMessages.Add(STATUS_INSUFFICIENT_RESOURCES, "Insufficient resources. There are not enough system resources (such as memory to allocate buffers) to complete the call.");
-			ErrorMessages.Add(STATUS_OBJECT_NAME_NOT_FOUND, "Object name not found. An object in the LSA policy database was not found. The object may have been specified either by SID or by name, depending on its type.");
-		}
-
-		private static void HandleLsaResult(uint returnCode)
-		{
-			int win32ErrorCode = LsaNtStatusToWinError(returnCode);
-
-			if( win32ErrorCode == STATUS_SUCCESS)
-				return;
-
-			if( ErrorMessages.ContainsKey(win32ErrorCode) )
-			{
-				throw new Win32Exception(win32ErrorCode, ErrorMessages[win32ErrorCode]);
-			}
-
-			throw new Win32Exception(win32ErrorCode);
-		}
-
-		public static void RevokePrivileges(string identity, string[] privileges)
-		{
-			IntPtr sidPtr = GetIdentitySid(identity);
-			IntPtr hPolicy = GetLsaPolicyHandle();
-
-			try
-			{
-				string[] currentPrivileges = GetPrivileges(identity);
-				if (currentPrivileges.Length == 0)
-				{
-					return;
-				}
-				LSA_UNICODE_STRING[] lsaPrivileges = StringsToLsaStrings(privileges);
-				uint result = LsaRemoveAccountRights(hPolicy, sidPtr, false, lsaPrivileges, (uint)lsaPrivileges.Length);
-				HandleLsaResult(result);
-			}
-			finally
-			{
-				Marshal.FreeHGlobal(sidPtr);
-				uint result = LsaClose(hPolicy);
-				HandleLsaResult(result);
-			}
-
-		}
-
-		private static LSA_UNICODE_STRING[] StringsToLsaStrings(string[] privileges)
-		{
-			LSA_UNICODE_STRING[] lsaPrivileges = new LSA_UNICODE_STRING[privileges.Length];
-			for (int idx = 0; idx < privileges.Length; ++idx)
-			{
-				lsaPrivileges[idx] = new LSA_UNICODE_STRING(privileges[idx]);
-			}
-			return lsaPrivileges;
-		}
-	}
-}
-"@
-
-Add-Type -TypeDefinition $SourcePolicy -Language CSharp
-
-function SetAssignPrimaryTokenPrivilege($UserName)
-{
-	$privilege = "SeAssignPrimaryTokenPrivilege"
-	if (!([PSCarbon.Lsa]::GetPrivileges($UserName) -contains $privilege))
-	{
-		[PSCarbon.Lsa]::GrantPrivileges($UserName, $privilege)
-	}
-}
-
-function SetUserLogonAsServiceRights($UserName)
-{
-	$privilege = "SeServiceLogonRight"
-	if (!([PSCarbon.Lsa]::GetPrivileges($UserName) -Contains $privilege))
-	{
-		[PSCarbon.Lsa]::GrantPrivileges($UserName, $privilege)
-	}
-}
-
-$juju_passwd = Get-RandomPassword 20
-$juju_passwd += "^"
-create-account jujud "Juju Admin user" $juju_passwd
-$hostname = hostname
-$juju_user = "$hostname\jujud"
-
-SetUserLogonAsServiceRights $juju_user
-SetAssignPrimaryTokenPrivilege $juju_user
-
-$path = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"
-if(!(Test-Path $path)){
-	New-Item -Path $path -force
-}
-New-ItemProperty $path -Name "jujud" -Value 0 -PropertyType "DWord"
-
-$secpasswd = ConvertTo-SecureString $juju_passwd -AsPlainText -Force
-$jujuCreds = New-Object System.Management.Automation.PSCredential ($juju_user, $secpasswd)
-`
-
-const winPowershellHelperFunctions = `
-
-$ErrorActionPreference = "Stop"
-
-function ExecRetry($command, $retryInterval = 15)
-{
-	$currErrorActionPreference = $ErrorActionPreference
-	$ErrorActionPreference = "Continue"
-
-	while ($true)
-	{
-		try
-		{
-			& $command
-			break
-		}
-		catch [System.Exception]
-		{
-			Write-Error $_.Exception
-			Start-Sleep $retryInterval
-		}
-	}
-
-	$ErrorActionPreference = $currErrorActionPreference
-}
-
-# TryExecAll attempts all of the commands in the supplied array until
-# one can be executed without throwing an exception. If none of the
-# commands succeeds, an exception will be raised.
-function TryExecAll($commands)
-{
-	$currErrorActionPreference = $ErrorActionPreference
-	$ErrorActionPreference = "Continue"
-
-	foreach ($command in $commands)
-	{
-		try
-		{
-			& $command
-			$ErrorActionPreference = $currErrorActionPreference
-			return
-		}
-		catch [System.Exception]
-		{
-			Write-Error $_.Exception
-		}
-	}
-
-	$ErrorActionPreference = $currErrorActionPreference
-	throw "All commands failed"
-}
-
-Function GUnZip-File{
-    Param(
-        $infile,
-        $outdir
-        )
-
-    $input = New-Object System.IO.FileStream $inFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
-    $tempFile = "$env:TEMP\jujud.tar"
-    $tempOut = New-Object System.IO.FileStream $tempFile, ([IO.FileMode]::Create), ([IO.FileAccess]::Write), ([IO.FileShare]::None)
-    $gzipStream = New-Object System.IO.Compression.GzipStream $input, ([IO.Compression.CompressionMode]::Decompress)
-
-    $buffer = New-Object byte[](1024)
-    while($true) {
-        $read = $gzipstream.Read($buffer, 0, 1024)
-        if ($read -le 0){break}
-        $tempOut.Write($buffer, 0, $read)
-    }
-    $gzipStream.Close()
-    $tempOut.Close()
-    $input.Close()
-
-    $in = New-Object System.IO.FileStream $tempFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
-    Untar-File $in $outdir
-    $in.Close()
-    rm $tempFile
-}
-
-$HEADERSIZE = 512
-
-Function Untar-File {
-    Param(
-        $inStream,
-        $outdir
-        )
-    $DirectoryEntryType = 0x35
-    $headerBytes = New-Object byte[]($HEADERSIZE)
-
-    # $headerBytes is written inside, function returns whether we've reached the end
-    while(GetHeaderBytes $inStream $headerBytes) {
-        $fileName, $entryType, $sizeInBytes = GetFileInfoFromHeader $headerBytes
-
-        $totalPath = Join-Path $outDir $fileName
-        if ($entryType -eq $DirectoryEntryType) {
-            [System.IO.Directory]::CreateDirectory($totalPath)
-            continue;
-        }
-
-        $fName = [System.IO.Path]::GetFileName($totalPath)
-        $dirName = [System.IO.Path]::GetDirectoryName($totalPath)
-        [System.IO.Directory]::CreateDirectory($dirName)
-        $file = [System.IO.File]::Create($totalPath)
-        WriteTarEntryToFile $inStream $file $sizeInBytes
-        $file.Close()
-    }
-}
-
-Function WriteTarEntryToFile {
-    Param(
-        $inStream,
-        $outFile,
-        $sizeInBytes
-        )
-    $moveToAlign512 = 0
-    $toRead = 0
-    $buf = New-Object byte[](512)
-
-    $remainingBytesInFile = $sizeInBytes
-    while ($remainingBytesInFile -ne 0) {
-        if ($remainingBytesInFile - 512 -lt 0) {
-            $moveToAlign512 = 512 - $remainingBytesInFile
-            $toRead = $remainingBytesInFile
-        } else {
-            $toRead = 512
-        }
-
-        $bytesRead = 0
-        $bytesRemainingToRead = $toRead
-        while ($bytesRead -lt $toRead -and $bytesRemainingToRead -gt 0) {
-            $bytesRead = $inStream.Read($buf, $toRead - $bytesRemainingToRead, $bytesRemainingToRead)
-            $bytesRemainingToRead = $bytesRemainingToRead - $bytesRead
-            $remainingBytesInFile = $remainingBytesInFile - $bytesRead
-            $outFile.Write($buf, 0, $bytesRead)
-        }
-
-        if ($moveToAlign512 -ne 0) {
-            $inStream.Seek($moveToAlign512, [System.IO.SeekOrigin]::Current)
-        }
-    }
-}
-
-Function GetHeaderBytes {
-    Param($inStream, $headerBytes)
-
-    $headerRead = 0
-    $bytesRemaining = $HEADERSIZE
-    while ($bytesRemaining -gt 0) {
-        $headerRead = $inStream.Read($headerBytes, $HEADERSIZE - $bytesRemaining, $bytesRemaining)
-        $bytesRemaining -= $headerRead
-        if ($headerRead -le 0 -and $bytesRemaining -gt 0) {
-            throw "Error reading tar header. Header size invalid"
-        }
-    }
-
-    # Proper end of archive is 2 empty headers
-    if (IsEmptyByteArray $headerBytes) {
-        $bytesRemaining = $HEADERSIZE
-        while ($bytesRemaining -gt 0) {
-            $headerRead = $inStream.Read($headerBytes, $HEADERSIZE - $bytesRemaining, $bytesRemaining)
-            $bytesRemaining -= $headerRead
-            if ($headerRead -le 0 -and $bytesRemaining -gt 0) {
-                throw "Broken end archive"
-            }
-        }
-        if ($bytesRemaining -eq 0 -and (IsEmptyByteArray($headerBytes))) {
-            return $false
-        }
-        throw "Error occurred: expected end of archive"
-    }
-
-    return $true
-}
-
-Function GetFileInfoFromHeader {
-    Param($headerBytes)
-
-    $FileName = [System.Text.Encoding]::UTF8.GetString($headerBytes, 0, 100);
-    $EntryType = $headerBytes[156];
-    $SizeInBytes = [Convert]::ToInt64([System.Text.Encoding]::ASCII.GetString($headerBytes, 124, 11).Trim(), 8);
-    Return $FileName.replace("` + "`" + `0", [String].Empty), $EntryType, $SizeInBytes
-}
-
-Function IsEmptyByteArray {
-    Param ($bytes)
-    foreach($b in $bytes) {
-        if ($b -ne 0) {
-            return $false
-        }
-    }
-    return $true
-}
-
-Function Get-FileSHA256{
-	Param(
-		$FilePath
-	)
-	try {
-		$hash = [Security.Cryptography.HashAlgorithm]::Create( "SHA256" )
-		$stream = ([IO.StreamReader]$FilePath).BaseStream
-		$res = -join ($hash.ComputeHash($stream) | ForEach { "{0:x2}" -f $_ })
-		$stream.Close()
-		return $res
-	} catch [System.Management.Automation.RuntimeException] {
-		return (Get-FileHash -Path $FilePath).Hash
-	}
-}
-
-Function Invoke-FastWebRequest {
-	Param(
-		$URI,
-		$OutFile
-	)
-
-	if(!([System.Management.Automation.PSTypeName]'System.Net.Http.HttpClient').Type)
-	{
-		$assembly = [System.Reflection.Assembly]::LoadWithPartialName("System.Net.Http")
-	}
-
-	$client = new-object System.Net.Http.HttpClient
-
-	$task = $client.GetStreamAsync($URI)
-	$response = $task.Result
-	$outStream = New-Object IO.FileStream $OutFile, Create, Write, None
-
-	try {
-		$totRead = 0
-		$buffer = New-Object Byte[] 1MB
-		while (($read = $response.Read($buffer, 0, $buffer.Length)) -gt 0) {
-		$totRead += $read
-		$outStream.Write($buffer, 0, $read);
-		}
-	}
-	finally {
-		$outStream.Close()
-	}
-}
-
-`
-
-const UserdataScript = `#ps1_sysnative
-$userdata=@"
-%s
-"@
-
-Function Decode-Base64 {
-	Param(
-		$inFile,
-		$outFile
-	)
-	$bufferSize = 9000 # should be a multiplier of 4
-	$buffer = New-Object char[] $bufferSize
-
-	$reader = [System.IO.File]::OpenText($inFile)
-	$writer = [System.IO.File]::OpenWrite($outFile)
-
-	$bytesRead = 0
-	do
-	{
-		$bytesRead = $reader.Read($buffer, 0, $bufferSize);
-		$bytes = [Convert]::FromBase64CharArray($buffer, 0, $bytesRead);
-		$writer.Write($bytes, 0, $bytes.Length);
-	} while ($bytesRead -eq $bufferSize);
-
-	$reader.Dispose()
-	$writer.Dispose()
-}
-
-Function GUnZip-File {
-	Param(
-		$inFile,
-		$outFile
-	)
-	$in = New-Object System.IO.FileStream $inFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
-	$out = New-Object System.IO.FileStream $outFile, ([IO.FileMode]::Create), ([IO.FileAccess]::Write), ([IO.FileShare]::None)
-	$gzipStream = New-Object System.IO.Compression.GZipStream $in, ([IO.Compression.CompressionMode]::Decompress)
-	$buffer = New-Object byte[](1024)
-	while($true){
-		$read = $gzipstream.Read($buffer, 0, 1024)
-		if ($read -le 0){break}
-		$out.Write($buffer, 0, $read)
-	}
-	$gzipStream.Close()
-	$out.Close()
-	$in.Close()
-}
-
-$b64File = "$env:TEMP\juju\udata.b64"
-$gzFile = "$env:TEMP\juju\udata.gz"
-$udataScript = "$env:TEMP\juju\udata.ps1"
-mkdir "$env:TEMP\juju"
-
-Set-Content $b64File $userdata
-Decode-Base64 -inFile $b64File -outFile $gzFile
-GUnZip-File -inFile $gzFile -outFile $udataScript
-
-& $udataScript
-
-rm -Recurse "$env:TEMP\juju"
-`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/providerinit.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/providerinit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/providerinit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/providerinit.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,7 +26,7 @@
 	if err != nil {
 		return nil, err
 	}
-	if icfg.Bootstrap {
+	if icfg.Bootstrap != nil {
 		err = udata.ConfigureBasic()
 		if err != nil {
 			return nil, err
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/providerinit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/providerinit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/providerinit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/providerinit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,19 +8,17 @@
 	"encoding/base64"
 	"fmt"
 	"path"
-	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cert"
 	"github.com/juju/juju/cloudconfig"
 	"github.com/juju/juju/cloudconfig/cloudinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -70,10 +68,8 @@
 			agent.ProviderType:  "dummy",
 			agent.ContainerType: "",
 		},
-		MongoInfo: &mongo.MongoInfo{Tag: userTag},
-		APIInfo:   &api.Info{Tag: userTag},
+		APIInfo: &api.Info{Tag: userTag},
 		DisableSSLHostnameVerification: false,
-		PreferIPv6:                     false,
 		EnableOSRefreshUpdate:          true,
 		EnableOSUpgrade:                true,
 	}
@@ -84,8 +80,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	icfg := &instancecfg.InstanceConfig{
-		MongoInfo: &mongo.MongoInfo{Tag: userTag},
-		APIInfo:   &api.Info{Tag: userTag},
+		APIInfo: &api.Info{Tag: userTag},
 	}
 	err = instancecfg.FinishInstanceConfig(icfg, cfg)
 
@@ -115,8 +110,7 @@
 	cfg, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 	icfg := &instancecfg.InstanceConfig{
-		MongoInfo: &mongo.MongoInfo{Tag: userTag},
-		APIInfo:   &api.Info{Tag: userTag},
+		APIInfo: &api.Info{Tag: userTag},
 	}
 	err = instancecfg.FinishInstanceConfig(icfg, cfg)
 	c.Assert(err, jc.ErrorIsNil)
@@ -126,60 +120,13 @@
 			agent.ProviderType:  "dummy",
 			agent.ContainerType: "",
 		},
-		MongoInfo: &mongo.MongoInfo{Tag: userTag},
-		APIInfo:   &api.Info{Tag: userTag},
+		APIInfo: &api.Info{Tag: userTag},
 		DisableSSLHostnameVerification: true,
-		PreferIPv6:                     false,
 		EnableOSRefreshUpdate:          true,
 		EnableOSUpgrade:                true,
 	})
 }
 
-func (s *CloudInitSuite) TestFinishBootstrapConfig(c *gc.C) {
-	attrs := dummySampleConfig().Merge(testing.Attrs{
-		"authorized-keys": "we-are-the-keys",
-		"admin-secret":    "lisboan-pork",
-		"agent-version":   "1.2.3",
-		"controller":      false,
-	})
-	cfg, err := config.New(config.NoDefaults, attrs)
-	c.Assert(err, jc.ErrorIsNil)
-	oldAttrs := cfg.AllAttrs()
-	icfg := &instancecfg.InstanceConfig{
-		Bootstrap: true,
-	}
-	err = instancecfg.FinishInstanceConfig(icfg, cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Check(icfg.AuthorizedKeys, gc.Equals, "we-are-the-keys")
-	c.Check(icfg.DisableSSLHostnameVerification, jc.IsFalse)
-	password := "lisboan-pork"
-	c.Check(icfg.APIInfo, gc.DeepEquals, &api.Info{
-		Password: password, CACert: testing.CACert,
-		ModelTag: testing.ModelTag,
-	})
-	c.Check(icfg.MongoInfo, gc.DeepEquals, &mongo.MongoInfo{
-		Password: password, Info: mongo.Info{CACert: testing.CACert},
-	})
-	c.Check(icfg.StateServingInfo.StatePort, gc.Equals, cfg.StatePort())
-	c.Check(icfg.StateServingInfo.APIPort, gc.Equals, cfg.APIPort())
-	c.Check(icfg.StateServingInfo.CAPrivateKey, gc.Equals, oldAttrs["ca-private-key"])
-
-	oldAttrs["ca-private-key"] = ""
-	oldAttrs["admin-secret"] = ""
-	c.Check(icfg.Config.AllAttrs(), gc.DeepEquals, oldAttrs)
-	srvCertPEM := icfg.StateServingInfo.Cert
-	srvKeyPEM := icfg.StateServingInfo.PrivateKey
-	_, _, err = cert.ParseCertAndKey(srvCertPEM, srvKeyPEM)
-	c.Check(err, jc.ErrorIsNil)
-
-	err = cert.Verify(srvCertPEM, testing.CACert, time.Now())
-	c.Assert(err, jc.ErrorIsNil)
-	err = cert.Verify(srvCertPEM, testing.CACert, time.Now().AddDate(9, 0, 0))
-	c.Assert(err, jc.ErrorIsNil)
-	err = cert.Verify(srvCertPEM, testing.CACert, time.Now().AddDate(10, 0, 1))
-	c.Assert(err, gc.NotNil)
-}
-
 func (s *CloudInitSuite) TestUserData(c *gc.C) {
 	s.testUserData(c, "quantal", false)
 }
@@ -211,20 +158,11 @@
 	allJobs := []multiwatcher.MachineJob{
 		multiwatcher.JobManageModel,
 		multiwatcher.JobHostUnits,
-		multiwatcher.JobManageNetworking,
 	}
 	cfg := &instancecfg.InstanceConfig{
 		MachineId:    "10",
 		MachineNonce: "5432",
 		Series:       series,
-		MongoInfo: &mongo.MongoInfo{
-			Info: mongo.Info{
-				Addrs:  []string{"127.0.0.1:1234"},
-				CACert: "CA CERT\n" + testing.CACert,
-			},
-			Password: "pw1",
-			Tag:      names.NewMachineTag("10"),
-		},
 		APIInfo: &api.Info{
 			Addrs:    []string{"127.0.0.1:1234"},
 			Password: "pw2",
@@ -237,7 +175,6 @@
 		MetricsSpoolDir:         metricsSpoolDir,
 		Jobs:                    allJobs,
 		CloudInitOutputLog:      path.Join(logDir, "cloud-init-output.log"),
-		Config:                  envConfig,
 		AgentEnvironment:        map[string]string{agent.ProviderType: "dummy"},
 		AuthorizedKeys:          "wheredidileavemykeys",
 		MachineAgentServiceName: "jujud-machine-10",
@@ -246,13 +183,29 @@
 	err = cfg.SetTools(toolsList)
 	c.Assert(err, jc.ErrorIsNil)
 	if bootstrap {
-		cfg.Bootstrap = true
-		cfg.StateServingInfo = &params.StateServingInfo{
-			StatePort:    envConfig.StatePort(),
-			APIPort:      envConfig.APIPort(),
-			Cert:         testing.ServerCert,
-			PrivateKey:   testing.ServerKey,
-			CAPrivateKey: testing.CAKey,
+		controllerCfg := testing.FakeControllerConfig()
+		cfg.Bootstrap = &instancecfg.BootstrapConfig{
+			StateInitializationParams: instancecfg.StateInitializationParams{
+				ControllerConfig:      controllerCfg,
+				ControllerModelConfig: envConfig,
+			},
+			StateServingInfo: params.StateServingInfo{
+				StatePort:    controllerCfg.StatePort(),
+				APIPort:      controllerCfg.APIPort(),
+				Cert:         testing.ServerCert,
+				PrivateKey:   testing.ServerKey,
+				CAPrivateKey: testing.CAKey,
+			},
+		}
+		cfg.Controller = &instancecfg.ControllerConfig{
+			MongoInfo: &mongo.MongoInfo{
+				Info: mongo.Info{
+					Addrs:  []string{"127.0.0.1:1234"},
+					CACert: "CA CERT\n" + testing.CACert,
+				},
+				Password: "pw1",
+				Tag:      names.NewMachineTag("10"),
+			},
 		}
 	}
 	script1 := "script1"
@@ -349,17 +302,8 @@
 		MachineId:        "10",
 		AgentEnvironment: map[string]string{agent.ProviderType: "dummy"},
 		Series:           series,
-		Bootstrap:        false,
 		Jobs:             []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 		MachineNonce:     "FAKE_NONCE",
-		MongoInfo: &mongo.MongoInfo{
-			Tag:      names.NewMachineTag("10"),
-			Password: "arble",
-			Info: mongo.Info{
-				CACert: "CA CERT\n" + testing.CACert,
-				Addrs:  []string{"state-addr.testing.invalid:12345"},
-			},
-		},
 		APIInfo: &api.Info{
 			Addrs:    []string{"state-addr.testing.invalid:54321"},
 			Password: "bletch",
@@ -381,17 +325,19 @@
 
 	udata, err := cloudconfig.NewUserdataConfig(&cfg, ci)
 	c.Assert(err, jc.ErrorIsNil)
+
 	err = udata.Configure()
 	c.Assert(err, jc.ErrorIsNil)
+
 	data, err := ci.RenderYAML()
 	c.Assert(err, jc.ErrorIsNil)
-	base64Data := base64.StdEncoding.EncodeToString(utils.Gzip(data))
-	got := []byte(fmt.Sprintf(cloudconfig.UserdataScript, base64Data))
 
 	cicompose, err := cloudinit.New("win8")
 	c.Assert(err, jc.ErrorIsNil)
+
+	base64Data := base64.StdEncoding.EncodeToString(utils.Gzip(data))
+	got := []byte(fmt.Sprintf(cloudconfig.UserDataScript, base64Data))
 	expected, err := providerinit.ComposeUserData(&cfg, cicompose, openstack.OpenstackRenderer{})
 	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(string(expected), gc.Equals, string(got))
+	c.Assert(string(got), gc.Equals, string(expected))
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,7 +24,8 @@
 // which has the userdata embedded as base64(gzip(userdata))
 func WinEmbedInScript(udata []byte) []byte {
 	encUserdata := ToBase64(utils.Gzip(udata))
-	return []byte(fmt.Sprintf(cloudconfig.UserdataScript, encUserdata))
+	// place the encUseData inside the "%s" marked sign
+	return []byte(fmt.Sprintf(cloudconfig.UserDataScript, encUserdata))
 }
 
 // AddPowershellTags adds <powershell>...</powershell> to it's input
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/providerinit/renderers/common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,8 +33,9 @@
 
 func (s *RenderersSuite) TestWinEmbedInScript(c *gc.C) {
 	in := []byte("test")
-	expected := []byte(fmt.Sprintf(cloudconfig.UserdataScript, renderers.ToBase64(utils.Gzip(in))))
-	out := renderers.WinEmbedInScript(in)
+	out := string(renderers.WinEmbedInScript(in))
+	encUserdata := renderers.ToBase64(utils.Gzip(in))
+	expected := fmt.Sprintf(cloudconfig.UserDataScript, encUserdata)
 	c.Assert(out, jc.DeepEquals, expected)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/os"
 	"github.com/juju/utils/series"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/cloudconfig/cloudinit"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,14 +13,15 @@
 	"path/filepath"
 	"regexp"
 	"strings"
+	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	pacconf "github.com/juju/utils/packaging/config"
 	"github.com/juju/utils/set"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/agent"
@@ -53,7 +54,6 @@
 	allMachineJobs = []multiwatcher.MachineJob{
 		multiwatcher.JobManageModel,
 		multiwatcher.JobHostUnits,
-		multiwatcher.JobManageNetworking,
 	}
 	normalMachineJobs = []multiwatcher.MachineJob{
 		multiwatcher.JobHostUnits,
@@ -84,7 +84,7 @@
 	return s
 }
 
-var stateServingInfo = &params.StateServingInfo{
+var stateServingInfo = params.StateServingInfo{
 	Cert:         string(serverCert),
 	PrivateKey:   string(serverKey),
 	CAPrivateKey: "ca-private-key",
@@ -109,18 +109,9 @@
 		agent.ProviderType: "dummy",
 	}
 	cfg.MachineNonce = "FAKE_NONCE"
-	cfg.InstanceId = "i-machine"
 	cfg.Jobs = normalMachineJobs
 	cfg.MetricsSpoolDir = metricsSpoolDir(series)
-	// MongoInfo and APIInfo (sans Tag) must be initialized before
-	// calling setMachineID().
-	cfg.MongoInfo = &mongo.MongoInfo{
-		Password: "arble",
-		Info: mongo.Info{
-			Addrs:  []string{"state-addr.testing.invalid:12345"},
-			CACert: "CA CERT\n" + testing.CACert,
-		},
-	}
+	// APIInfo (sans Tag) must be initialized before calling setMachineID().
 	cfg.APIInfo = &api.Info{
 		Addrs:    []string{"state-addr.testing.invalid:54321"},
 		Password: "bletch",
@@ -170,9 +161,6 @@
 func (cfg *testInstanceConfig) setMachineID(id string) *testInstanceConfig {
 	cfg.MachineId = id
 	cfg.MachineAgentServiceName = fmt.Sprintf("jujud-%s", names.NewMachineTag(id).String())
-	if cfg.MongoInfo != nil {
-		cfg.MongoInfo.Tag = names.NewMachineTag(id)
-	}
 	if cfg.APIInfo != nil {
 		cfg.APIInfo.Tag = names.NewMachineTag(id)
 	}
@@ -181,7 +169,7 @@
 
 // setGUI populates the configuration with the Juju GUI tools.
 func (cfg *testInstanceConfig) setGUI(url string) *testInstanceConfig {
-	cfg.GUI = &tools.GUIArchive{
+	cfg.Bootstrap.GUI = &tools.GUIArchive{
 		URL:     url,
 		Version: version.MustParse("1.2.3"),
 		Size:    42,
@@ -191,13 +179,11 @@
 }
 
 // maybeSetModelConfig sets the Config field to the given envConfig, if not
-// nil.
+// nil, and the instance config is for a bootstrap machine.
 func (cfg *testInstanceConfig) maybeSetModelConfig(envConfig *config.Config) *testInstanceConfig {
-	if envConfig != nil {
-		cfg.Config = envConfig
-		if cfg.Bootstrap {
-			cfg.HostedModelConfig = map[string]interface{}{"name": "hosted-model"}
-		}
+	if envConfig != nil && cfg.Bootstrap != nil {
+		cfg.Bootstrap.ControllerModelConfig = envConfig
+		cfg.Bootstrap.HostedModelConfig = map[string]interface{}{"name": "hosted-model"}
 	}
 	return cfg
 }
@@ -230,13 +216,25 @@
 // a controller instance.
 func (cfg *testInstanceConfig) setController() *testInstanceConfig {
 	cfg.setMachineID("0")
-	cfg.Constraints = bootstrapConstraints
-	cfg.ModelConstraints = envConstraints
-	cfg.Bootstrap = true
-	cfg.StateServingInfo = stateServingInfo
+	cfg.Controller = &instancecfg.ControllerConfig{
+		MongoInfo: &mongo.MongoInfo{
+			Password: "arble",
+			Info: mongo.Info{
+				Addrs:  []string{"state-addr.testing.invalid:12345"},
+				CACert: "CA CERT\n" + testing.CACert,
+			},
+		},
+	}
+	cfg.Bootstrap = &instancecfg.BootstrapConfig{
+		StateInitializationParams: instancecfg.StateInitializationParams{
+			BootstrapMachineInstanceId:  "i-bootstrap",
+			BootstrapMachineConstraints: bootstrapConstraints,
+			ModelConstraints:            envConstraints,
+		},
+		StateServingInfo: stateServingInfo,
+		Timeout:          time.Minute * 10,
+	}
 	cfg.Jobs = allMachineJobs
-	cfg.InstanceId = "i-bootstrap"
-	cfg.MongoInfo.Tag = nil
 	cfg.APIInfo.Tag = nil
 	return cfg.setEnableOSUpdateAndUpgrade(true, false)
 }
@@ -269,7 +267,7 @@
 }
 
 func minimalModelConfig(c *gc.C) *config.Config {
-	cfg, err := config.New(config.NoDefaults, testing.FakeConfig())
+	cfg, err := config.New(config.NoDefaults, testing.FakeConfig().Delete("authorized-keys"))
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(cfg, gc.NotNil)
 	return cfg
@@ -347,8 +345,10 @@
 mkdir -p '/var/lib/juju/agents/machine-0'
 cat > '/var/lib/juju/agents/machine-0/agent\.conf' << 'EOF'\\n.*\\nEOF
 chmod 0600 '/var/lib/juju/agents/machine-0/agent\.conf'
+install -D -m 600 /dev/null '/var/lib/juju/bootstrap-params'
+printf '%s\\n' '.*' > '/var/lib/juju/bootstrap-params'
 echo 'Bootstrapping Juju machine agent'.*
-/var/lib/juju/tools/1\.2\.3-precise-amd64/jujud bootstrap-state --data-dir '/var/lib/juju' --model-config '[^']*' --hosted-model-config '[^']*' --instance-id 'i-bootstrap' --bootstrap-constraints 'mem=4096M' --constraints 'mem=2048M' --debug
+/var/lib/juju/tools/1\.2\.3-precise-amd64/jujud bootstrap-state --timeout 10m0s --data-dir '/var/lib/juju' --debug '/var/lib/juju/bootstrap-params'
 ln -s 1\.2\.3-precise-amd64 '/var/lib/juju/tools/machine-0'
 echo 'Starting Juju machine agent \(jujud-machine-0\)'.*
 cat > /etc/init/jujud-machine-0\.conf << 'EOF'\\ndescription "juju agent for machine-0"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 20000 20000\\n\\nscript\\n\\n\\n  # Ensure log files are properly protected\\n  touch /var/log/juju/machine-0\.log\\n  chown syslog:syslog /var/log/juju/machine-0\.log\\n  chmod 0600 /var/log/juju/machine-0\.log\\n\\n  exec '/var/lib/juju/tools/machine-0/jujud' machine --data-dir '/var/lib/juju' --machine-id 0 --debug >> /var/log/juju/machine-0\.log 2>&1\\nend script\\nEOF\\n
@@ -368,7 +368,9 @@
 sha256sum \$bin/tools\.tar\.gz > \$bin/juju1\.2\.3-raring-amd64\.sha256
 grep '1234' \$bin/juju1\.2\.3-raring-amd64.sha256 \|\| \(echo "Tools checksum mismatch"; exit 1\)
 printf %s '{"version":"1\.2\.3-raring-amd64","url":"http://foo\.com/tools/released/juju1\.2\.3-raring-amd64\.tgz","sha256":"1234","size":10}' > \$bin/downloaded-tools\.txt
-/var/lib/juju/tools/1\.2\.3-raring-amd64/jujud bootstrap-state --data-dir '/var/lib/juju' --model-config '[^']*' --hosted-model-config '[^']*' --instance-id 'i-bootstrap' --bootstrap-constraints 'mem=4096M' --constraints 'mem=2048M' --debug
+install -D -m 600 /dev/null '/var/lib/juju/bootstrap-params'
+printf '%s\\n' '.*' > '/var/lib/juju/bootstrap-params'
+/var/lib/juju/tools/1\.2\.3-raring-amd64/jujud bootstrap-state --timeout 10m0s --data-dir '/var/lib/juju' --debug '/var/lib/juju/bootstrap-params'
 ln -s 1\.2\.3-raring-amd64 '/var/lib/juju/tools/machine-0'
 rm \$bin/tools\.tar\.gz && rm \$bin/juju1\.2\.3-raring-amd64\.sha256
 `,
@@ -423,40 +425,6 @@
 `,
 	},
 
-	// non controller with GUI (the GUI is not installed)
-	{
-		cfg: makeNormalConfig("quantal").setGUI("file:///path/to/gui.tar.bz2"),
-		expectScripts: `
-set -xe
-install -D -m 644 /dev/null '/etc/init/juju-clean-shutdown\.conf'
-printf '%s\\n' '.*"Stop all network interfaces on shutdown".*' > '/etc/init/juju-clean-shutdown\.conf'
-install -D -m 644 /dev/null '/var/lib/juju/nonce.txt'
-printf '%s\\n' 'FAKE_NONCE' > '/var/lib/juju/nonce.txt'
-test -e /proc/self/fd/9 \|\| exec 9>&2
-\(\[ ! -e /home/ubuntu/\.profile \] \|\| grep -q '.juju-proxy' /home/ubuntu/.profile\) \|\| printf .* >> /home/ubuntu/.profile
-mkdir -p /var/lib/juju/locks
-\(id ubuntu &> /dev/null\) && chown ubuntu:ubuntu /var/lib/juju/locks
-mkdir -p /var/log/juju
-chown syslog:adm /var/log/juju
-bin='/var/lib/juju/tools/1\.2\.3-quantal-amd64'
-mkdir -p \$bin
-echo 'Fetching tools.*
-curl .* --noproxy "\*" --insecure -o \$bin/tools\.tar\.gz 'https://state-addr\.testing\.invalid:54321/deadbeef-0bad-400d-8000-4b1d0d06f00d/tools/1\.2\.3-quantal-amd64'
-sha256sum \$bin/tools\.tar\.gz > \$bin/juju1\.2\.3-quantal-amd64\.sha256
-grep '1234' \$bin/juju1\.2\.3-quantal-amd64.sha256 \|\| \(echo "Tools checksum mismatch"; exit 1\)
-tar zxf \$bin/tools.tar.gz -C \$bin
-printf %s '{"version":"1\.2\.3-quantal-amd64","url":"https://state-addr\.testing\.invalid:54321/deadbeef-0bad-400d-8000-4b1d0d06f00d/tools/1\.2\.3-quantal-amd64","sha256":"1234","size":10}' > \$bin/downloaded-tools\.txt
-mkdir -p '/var/lib/juju/agents/machine-99'
-cat > '/var/lib/juju/agents/machine-99/agent\.conf' << 'EOF'\\n.*\\nEOF
-chmod 0600 '/var/lib/juju/agents/machine-99/agent\.conf'
-ln -s 1\.2\.3-quantal-amd64 '/var/lib/juju/tools/machine-99'
-echo 'Starting Juju machine agent \(jujud-machine-99\)'.*
-cat > /etc/init/jujud-machine-99\.conf << 'EOF'\\ndescription "juju agent for machine-99"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 20000 20000\\n\\nscript\\n\\n\\n  # Ensure log files are properly protected\\n  touch /var/log/juju/machine-99\.log\\n  chown syslog:syslog /var/log/juju/machine-99\.log\\n  chmod 0600 /var/log/juju/machine-99\.log\\n\\n  exec '/var/lib/juju/tools/machine-99/jujud' machine --data-dir '/var/lib/juju' --machine-id 99 --debug >> /var/log/juju/machine-99\.log 2>&1\\nend script\\nEOF\\n
-start jujud-machine-99
-rm \$bin/tools\.tar\.gz && rm \$bin/juju1\.2\.3-quantal-amd64\.sha256
-`,
-	},
-
 	// CentOS non controller with systemd
 	{
 		cfg:          makeNormalConfig("centos7"),
@@ -471,16 +439,16 @@
 	// check that it works ok with compound machine ids.
 	{
 		cfg: makeNormalConfig("quantal").mutate(func(cfg *testInstanceConfig) {
-			cfg.MachineContainerType = "lxc"
-		}).setMachineID("2/lxc/1"),
+			cfg.MachineContainerType = "lxd"
+		}).setMachineID("2/lxd/1"),
 		inexactMatch: true,
 		expectScripts: `
-mkdir -p '/var/lib/juju/agents/machine-2-lxc-1'
-cat > '/var/lib/juju/agents/machine-2-lxc-1/agent\.conf' << 'EOF'\\n.*\\nEOF
-chmod 0600 '/var/lib/juju/agents/machine-2-lxc-1/agent\.conf'
-ln -s 1\.2\.3-quantal-amd64 '/var/lib/juju/tools/machine-2-lxc-1'
-cat > /etc/init/jujud-machine-2-lxc-1\.conf << 'EOF'\\ndescription "juju agent for machine-2-lxc-1"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 20000 20000\\n\\nscript\\n\\n\\n  # Ensure log files are properly protected\\n  touch /var/log/juju/machine-2-lxc-1\.log\\n  chown syslog:syslog /var/log/juju/machine-2-lxc-1\.log\\n  chmod 0600 /var/log/juju/machine-2-lxc-1\.log\\n\\n  exec '/var/lib/juju/tools/machine-2-lxc-1/jujud' machine --data-dir '/var/lib/juju' --machine-id 2/lxc/1 --debug >> /var/log/juju/machine-2-lxc-1\.log 2>&1\\nend script\\nEOF\\n
-start jujud-machine-2-lxc-1
+mkdir -p '/var/lib/juju/agents/machine-2-lxd-1'
+cat > '/var/lib/juju/agents/machine-2-lxd-1/agent\.conf' << 'EOF'\\n.*\\nEOF
+chmod 0600 '/var/lib/juju/agents/machine-2-lxd-1/agent\.conf'
+ln -s 1\.2\.3-quantal-amd64 '/var/lib/juju/tools/machine-2-lxd-1'
+cat > /etc/init/jujud-machine-2-lxd-1\.conf << 'EOF'\\ndescription "juju agent for machine-2-lxd-1"\\nauthor "Juju Team <juju@lists\.ubuntu\.com>"\\nstart on runlevel \[2345\]\\nstop on runlevel \[!2345\]\\nrespawn\\nnormal exit 0\\n\\nlimit nofile 20000 20000\\n\\nscript\\n\\n\\n  # Ensure log files are properly protected\\n  touch /var/log/juju/machine-2-lxd-1\.log\\n  chown syslog:syslog /var/log/juju/machine-2-lxd-1\.log\\n  chmod 0600 /var/log/juju/machine-2-lxd-1\.log\\n\\n  exec '/var/lib/juju/tools/machine-2-lxd-1/jujud' machine --data-dir '/var/lib/juju' --machine-id 2/lxd/1 --debug >> /var/log/juju/machine-2-lxd-1\.log 2>&1\\nend script\\nEOF\\n
+start jujud-machine-2-lxd-1
 `,
 	},
 
@@ -498,31 +466,31 @@
 	// empty bootstrap contraints.
 	{
 		cfg: makeBootstrapConfig("precise").mutate(func(cfg *testInstanceConfig) {
-			cfg.Constraints = constraints.Value{}
+			cfg.Bootstrap.BootstrapMachineConstraints = constraints.Value{}
 		}),
 		setEnvConfig: true,
 		inexactMatch: true,
 		expectScripts: `
-/var/lib/juju/tools/1\.2\.3-precise-amd64/jujud bootstrap-state --data-dir '/var/lib/juju' --model-config '[^']*' --hosted-model-config '[^']*' --instance-id 'i-bootstrap' --constraints 'mem=2048M' --debug
+printf '%s\\n' '.*bootstrap-machine-constraints: {}.*' > '/var/lib/juju/bootstrap-params'
 `,
 	},
 
 	// empty environ contraints.
 	{
 		cfg: makeBootstrapConfig("precise").mutate(func(cfg *testInstanceConfig) {
-			cfg.ModelConstraints = constraints.Value{}
+			cfg.Bootstrap.ModelConstraints = constraints.Value{}
 		}),
 		setEnvConfig: true,
 		inexactMatch: true,
 		expectScripts: `
-/var/lib/juju/tools/1\.2\.3-precise-amd64/jujud bootstrap-state --data-dir '/var/lib/juju' --model-config '[^']*' --hosted-model-config '[^']*' --instance-id 'i-bootstrap' --bootstrap-constraints 'mem=4096M' --debug
+printf '%s\\n' '.*model-constraints: {}.*' > '/var/lib/juju/bootstrap-params'
 `,
 	},
 
 	// custom image metadata (at bootstrap).
 	{
 		cfg: makeBootstrapConfig("trusty").mutate(func(cfg *testInstanceConfig) {
-			cfg.CustomImageMetadata = []*imagemetadata.ImageMetadata{{
+			cfg.Bootstrap.CustomImageMetadata = []*imagemetadata.ImageMetadata{{
 				Id:         "image-id",
 				Storage:    "ebs",
 				VirtType:   "pv",
@@ -534,15 +502,14 @@
 		setEnvConfig: true,
 		inexactMatch: true,
 		expectScripts: `
-printf '%s\\n' '.*' > '/var/lib/juju/simplestreams/images/streams/v1/index\.json'
-printf '%s\\n' '.*' > '/var/lib/juju/simplestreams/images/streams/v1/com.ubuntu.cloud-released-imagemetadata\.json'
+printf '%s\\n' '.*custom-image-metadata:.*us-east1.*.*' > '/var/lib/juju/bootstrap-params'
 `,
 	},
 
 	// custom image metadata signing key.
 	{
 		cfg: makeBootstrapConfig("trusty").mutate(func(cfg *testInstanceConfig) {
-			cfg.PublicImageSigningKey = "publickey"
+			cfg.Controller.PublicImageSigningKey = "publickey"
 		}),
 		setEnvConfig: true,
 		inexactMatch: true,
@@ -585,24 +552,27 @@
 }
 
 // check that any --model-config $base64 is valid and matches t.cfg.Config
-func checkEnvConfig(c *gc.C, cfg *config.Config, x map[interface{}]interface{}, scripts []string) {
+func checkEnvConfig(c *gc.C, cfg *config.Config, scripts []string) {
+	args := getStateInitializationParams(c, scripts)
+	c.Assert(cfg.AllAttrs(), jc.DeepEquals, args.ControllerModelConfig.AllAttrs())
+}
+
+func getStateInitializationParams(c *gc.C, scripts []string) instancecfg.StateInitializationParams {
+	var args instancecfg.StateInitializationParams
 	c.Assert(scripts, gc.Not(gc.HasLen), 0)
-	re := regexp.MustCompile(`--model-config '([^']+)'`)
-	found := false
+	re := regexp.MustCompile(`printf '%s\\n' '(?s:(.+))' > '/var/lib/juju/bootstrap-params'`)
 	for _, s := range scripts {
 		m := re.FindStringSubmatch(s)
 		if m == nil {
 			continue
 		}
-		found = true
-		buf, err := base64.StdEncoding.DecodeString(m[1])
-		c.Assert(err, jc.ErrorIsNil)
-		var actual map[string]interface{}
-		err = goyaml.Unmarshal(buf, &actual)
+		str := strings.Replace(m[1], "'\"'\"'", "'", -1)
+		err := args.Unmarshal([]byte(str))
 		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(cfg.AllAttrs(), jc.DeepEquals, actual)
+		return args
 	}
-	c.Assert(found, jc.IsTrue)
+	c.Fatal("could not find state initialization params")
+	panic("unreachable")
 }
 
 // TestCloudInit checks that the output from the various tests
@@ -649,8 +619,8 @@
 
 		scripts := getScripts(configKeyValues)
 		assertScriptMatch(c, scripts, test.expectScripts, !test.inexactMatch)
-		if testConfig.Config != nil {
-			checkEnvConfig(c, testConfig.Config, configKeyValues, scripts)
+		if testConfig.Bootstrap != nil {
+			checkEnvConfig(c, testConfig.Bootstrap.ControllerModelConfig, scripts)
 		}
 
 		// curl should always be installed, since it's required by jujud.
@@ -672,7 +642,7 @@
 	err := ioutil.WriteFile(guiPath, content, 0644)
 	c.Assert(err, jc.ErrorIsNil)
 	cfg := makeBootstrapConfig("precise").setGUI("file://" + filepath.ToSlash(guiPath))
-	guiJson, err := json.Marshal(cfg.GUI)
+	guiJson, err := json.Marshal(cfg.Bootstrap.GUI)
 	c.Assert(err, jc.ErrorIsNil)
 	base64Content := base64.StdEncoding.EncodeToString(content)
 	expectedScripts := regexp.QuoteMeta(fmt.Sprintf(`gui='/var/lib/juju/gui'
@@ -688,7 +658,7 @@
 
 func (*cloudinitSuite) TestCloudInitWithRemoteGUI(c *gc.C) {
 	cfg := makeBootstrapConfig("precise").setGUI("https://1.2.3.4/gui.tar.bz2")
-	guiJson, err := json.Marshal(cfg.GUI)
+	guiJson, err := json.Marshal(cfg.Bootstrap.GUI)
 	c.Assert(err, jc.ErrorIsNil)
 	expectedScripts := regexp.QuoteMeta(fmt.Sprintf(`gui='/var/lib/juju/gui'
 mkdir -p $gui
@@ -779,10 +749,7 @@
 
 func (s *cloudinitSuite) TestCloudInitConfigureBootstrapLogging(c *gc.C) {
 	scripts := s.bootstrapConfigScripts(c)
-	expected := "jujud bootstrap-state --data-dir '.*' --model-config '.*'" +
-		" --hosted-model-config '[^']*'" +
-		" --instance-id '.*' --bootstrap-constraints 'mem=4096M'" +
-		" --constraints 'mem=2048M' --show-log"
+	expected := "jujud bootstrap-state .* --show-log .*"
 	assertScriptMatch(c, scripts, expected, false)
 }
 
@@ -957,11 +924,11 @@
 	{"invalid machine id", func(cfg *instancecfg.InstanceConfig) {
 		cfg.MachineId = "-1"
 	}},
-	{"missing model configuration", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Config = nil
+	{"invalid bootstrap configuration: missing model configuration", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap.ControllerModelConfig = nil
 	}},
-	{"missing state info", func(cfg *instancecfg.InstanceConfig) {
-		cfg.MongoInfo = nil
+	{"invalid controller configuration: missing state info", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Controller.MongoInfo = nil
 	}},
 	{"missing API info", func(cfg *instancecfg.InstanceConfig) {
 		cfg.APIInfo = nil
@@ -973,72 +940,41 @@
 			CACert: testing.CACert,
 		}
 	}},
-	{"missing state hosts", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		cfg.MongoInfo = &mongo.MongoInfo{
+	{"invalid controller configuration: missing state hosts", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap = nil
+		cfg.Controller.MongoInfo = &mongo.MongoInfo{
 			Tag: names.NewMachineTag("99"),
 			Info: mongo.Info{
 				CACert: testing.CACert,
 			},
 		}
-		cfg.APIInfo = &api.Info{
-			Addrs:    []string{"foo:35"},
-			Tag:      names.NewMachineTag("99"),
-			CACert:   testing.CACert,
-			ModelTag: testing.ModelTag,
-		}
 	}},
 	{"missing API hosts", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		cfg.MongoInfo = &mongo.MongoInfo{
-			Info: mongo.Info{
-				Addrs:  []string{"foo:35"},
-				CACert: testing.CACert,
-			},
-			Tag: names.NewMachineTag("99"),
-		}
+		cfg.Bootstrap = nil
+		cfg.Controller.MongoInfo.Tag = names.NewMachineTag("99")
 		cfg.APIInfo = &api.Info{
 			Tag:      names.NewMachineTag("99"),
 			CACert:   testing.CACert,
 			ModelTag: testing.ModelTag,
 		}
 	}},
-	{"missing CA certificate", func(cfg *instancecfg.InstanceConfig) {
-		cfg.MongoInfo = &mongo.MongoInfo{Info: mongo.Info{Addrs: []string{"host:98765"}}}
+	{"invalid controller configuration: missing CA certificate", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Controller.MongoInfo.CACert = ""
 	}},
-	{"missing CA certificate", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		cfg.MongoInfo = &mongo.MongoInfo{
-			Tag: names.NewMachineTag("99"),
-			Info: mongo.Info{
-				Addrs: []string{"host:98765"},
-			},
-		}
+	{"invalid bootstrap configuration: missing controller certificate", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap.StateServingInfo.Cert = ""
+	}},
+	{"invalid bootstrap configuration: missing controller private key", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap.StateServingInfo.PrivateKey = ""
 	}},
-	{"missing controller certificate", func(cfg *instancecfg.InstanceConfig) {
-		info := *cfg.StateServingInfo
-		info.Cert = ""
-		cfg.StateServingInfo = &info
-	}},
-	{"missing controller private key", func(cfg *instancecfg.InstanceConfig) {
-		info := *cfg.StateServingInfo
-		info.PrivateKey = ""
-		cfg.StateServingInfo = &info
-	}},
-	{"missing ca cert private key", func(cfg *instancecfg.InstanceConfig) {
-		info := *cfg.StateServingInfo
-		info.CAPrivateKey = ""
-		cfg.StateServingInfo = &info
-	}},
-	{"missing state port", func(cfg *instancecfg.InstanceConfig) {
-		info := *cfg.StateServingInfo
-		info.StatePort = 0
-		cfg.StateServingInfo = &info
-	}},
-	{"missing API port", func(cfg *instancecfg.InstanceConfig) {
-		info := *cfg.StateServingInfo
-		info.APIPort = 0
-		cfg.StateServingInfo = &info
+	{"invalid bootstrap configuration: missing ca cert private key", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap.StateServingInfo.CAPrivateKey = ""
+	}},
+	{"invalid bootstrap configuration: missing state port", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap.StateServingInfo.StatePort = 0
+	}},
+	{"invalid bootstrap configuration: missing API port", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap.StateServingInfo.APIPort = 0
 	}},
 	{"missing var directory", func(cfg *instancecfg.InstanceConfig) {
 		cfg.DataDir = ""
@@ -1049,42 +985,29 @@
 	{"missing cloud-init output log path", func(cfg *instancecfg.InstanceConfig) {
 		cfg.CloudInitOutputLog = ""
 	}},
-	{"missing tools", func(cfg *instancecfg.InstanceConfig) {
-		// This is handled directly in the loop.
+	{"invalid controller configuration: entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap = nil
+		cfg.Controller.MongoInfo.Tag = names.NewMachineTag("0")
+	}},
+	{"invalid controller configuration: entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap = nil
+		cfg.Controller.MongoInfo.Tag = nil // admin user
+	}},
+	{"API entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap = nil
+		cfg.Controller.MongoInfo.Tag = names.NewMachineTag("99")
+		cfg.APIInfo.Tag = names.NewMachineTag("0")
+	}},
+	{"API entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap = nil
+		cfg.Controller.MongoInfo.Tag = names.NewMachineTag("99")
+		cfg.APIInfo.Tag = nil
+	}},
+	{"invalid bootstrap configuration: entity tag must be nil when bootstrapping", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Controller.MongoInfo.Tag = names.NewMachineTag("0")
 	}},
-	{"entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		info := *cfg.MongoInfo
-		info.Tag = names.NewMachineTag("0")
-		cfg.MongoInfo = &info
-	}},
-	{"entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		info := *cfg.MongoInfo
-		info.Tag = nil // admin user
-		cfg.MongoInfo = &info
-	}},
-	{"entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		info := *cfg.APIInfo
-		info.Tag = names.NewMachineTag("0")
-		cfg.APIInfo = &info
-	}},
-	{"entity tag must match started machine", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		info := *cfg.APIInfo
-		info.Tag = nil
-		cfg.APIInfo = &info
-	}},
-	{"entity tag must be nil when starting a controller", func(cfg *instancecfg.InstanceConfig) {
-		info := *cfg.MongoInfo
-		info.Tag = names.NewMachineTag("0")
-		cfg.MongoInfo = &info
-	}},
-	{"entity tag must be nil when starting a controller", func(cfg *instancecfg.InstanceConfig) {
-		info := *cfg.APIInfo
-		info.Tag = names.NewMachineTag("0")
-		cfg.APIInfo = &info
+	{"invalid bootstrap configuration: entity tag must be nil when bootstrapping", func(cfg *instancecfg.InstanceConfig) {
+		cfg.APIInfo.Tag = names.NewMachineTag("0")
 	}},
 	{"missing machine nonce", func(cfg *instancecfg.InstanceConfig) {
 		cfg.MachineNonce = ""
@@ -1092,17 +1015,8 @@
 	{"missing machine agent service name", func(cfg *instancecfg.InstanceConfig) {
 		cfg.MachineAgentServiceName = ""
 	}},
-	{"missing instance-id", func(cfg *instancecfg.InstanceConfig) {
-		cfg.InstanceId = ""
-	}},
-	{"state serving info unexpectedly present", func(cfg *instancecfg.InstanceConfig) {
-		cfg.Bootstrap = false
-		apiInfo := *cfg.APIInfo
-		apiInfo.Tag = names.NewMachineTag("99")
-		cfg.APIInfo = &apiInfo
-		stateInfo := *cfg.MongoInfo
-		stateInfo.Tag = names.NewMachineTag("99")
-		cfg.MongoInfo = &stateInfo
+	{"invalid bootstrap configuration: missing bootstrap machine instance ID", func(cfg *instancecfg.InstanceConfig) {
+		cfg.Bootstrap.BootstrapMachineInstanceId = ""
 	}},
 }
 
@@ -1112,61 +1026,70 @@
 	toolsList := tools.List{
 		newSimpleTools("9.9.9-quantal-arble"),
 	}
-	cfgWithoutTools := &instancecfg.InstanceConfig{
-		Bootstrap:        true,
-		StateServingInfo: stateServingInfo,
-		MachineId:        "99",
-		AuthorizedKeys:   "sshkey1",
-		Series:           "quantal",
-		AgentEnvironment: map[string]string{agent.ProviderType: "dummy"},
-		MongoInfo: &mongo.MongoInfo{
-			Info: mongo.Info{
-				Addrs:  []string{"host:98765"},
-				CACert: testing.CACert,
+
+	makeCfgWithoutTools := func() instancecfg.InstanceConfig {
+		return instancecfg.InstanceConfig{
+			Bootstrap: &instancecfg.BootstrapConfig{
+				StateInitializationParams: instancecfg.StateInitializationParams{
+					BootstrapMachineInstanceId: "i-bootstrap",
+					ControllerModelConfig:      minimalModelConfig(c),
+					HostedModelConfig:          map[string]interface{}{"name": "hosted-model"},
+				},
+				StateServingInfo: stateServingInfo,
 			},
-			Password: "password",
-		},
-		APIInfo: &api.Info{
-			Addrs:    []string{"host:9999"},
-			CACert:   testing.CACert,
-			ModelTag: testing.ModelTag,
-		},
-		Config:                  minimalModelConfig(c),
-		HostedModelConfig:       map[string]interface{}{"name": "hosted-model"},
-		DataDir:                 jujuDataDir("quantal"),
-		LogDir:                  jujuLogDir("quantal"),
-		MetricsSpoolDir:         metricsSpoolDir("quantal"),
-		Jobs:                    normalMachineJobs,
-		CloudInitOutputLog:      cloudInitOutputLog("quantal"),
-		InstanceId:              "i-bootstrap",
-		MachineNonce:            "FAKE_NONCE",
-		MachineAgentServiceName: "jujud-machine-99",
-	}
-	copied := *cfgWithoutTools
-	cfg := &copied
-	err := cfg.SetTools(toolsList)
-	c.Assert(err, jc.ErrorIsNil)
+			Controller: &instancecfg.ControllerConfig{
+				MongoInfo: &mongo.MongoInfo{
+					Info: mongo.Info{
+						Addrs:  []string{"host:98765"},
+						CACert: testing.CACert,
+					},
+					Password: "password",
+				},
+			},
+			MachineId:        "99",
+			AuthorizedKeys:   "sshkey1",
+			Series:           "quantal",
+			AgentEnvironment: map[string]string{agent.ProviderType: "dummy"},
+			APIInfo: &api.Info{
+				Addrs:    []string{"host:9999"},
+				CACert:   testing.CACert,
+				ModelTag: testing.ModelTag,
+			},
+			DataDir:                 jujuDataDir("quantal"),
+			LogDir:                  jujuLogDir("quantal"),
+			MetricsSpoolDir:         metricsSpoolDir("quantal"),
+			Jobs:                    normalMachineJobs,
+			CloudInitOutputLog:      cloudInitOutputLog("quantal"),
+			MachineNonce:            "FAKE_NONCE",
+			MachineAgentServiceName: "jujud-machine-99",
+		}
+	}
+
 	// check that the base configuration does not give an error
 	ci, err := cloudinit.New("quantal")
 	c.Assert(err, jc.ErrorIsNil)
 
+	// check that missing tools causes an error.
+	cfg := makeCfgWithoutTools()
+	udata, err := cloudconfig.NewUserdataConfig(&cfg, ci)
+	c.Assert(err, jc.ErrorIsNil)
+	err = udata.Configure()
+	c.Assert(err, gc.ErrorMatches, "invalid machine configuration: missing tools")
+
 	for i, test := range verifyTests {
+		c.Logf("test %d. %s", i, test.err)
+		cfg := makeCfgWithoutTools()
+		err := cfg.SetTools(toolsList)
+		c.Assert(err, jc.ErrorIsNil)
+
 		// check that the base configuration does not give an error
-		// and that a previous test hasn't mutated it accidentially.
-		udata, err := cloudconfig.NewUserdataConfig(cfg, ci)
+		udata, err := cloudconfig.NewUserdataConfig(&cfg, ci)
 		c.Assert(err, jc.ErrorIsNil)
 		err = udata.Configure()
 		c.Assert(err, jc.ErrorIsNil)
 
-		c.Logf("test %d. %s", i, test.err)
-
-		cfg1 := *cfg
-		if test.err == "missing tools" {
-			cfg1 = *cfgWithoutTools
-		}
-		test.mutate(&cfg1)
-
-		udata, err = cloudconfig.NewUserdataConfig(&cfg1, ci)
+		test.mutate(&cfg)
+		udata, err = cloudconfig.NewUserdataConfig(&cfg, ci)
 		c.Assert(err, jc.ErrorIsNil)
 		err = udata.Configure()
 		c.Check(err, gc.ErrorMatches, "invalid machine configuration: "+test.err)
@@ -1176,9 +1099,8 @@
 func (*cloudinitSuite) createInstanceConfig(c *gc.C, environConfig *config.Config) *instancecfg.InstanceConfig {
 	machineId := "42"
 	machineNonce := "fake-nonce"
-	stateInfo := jujutesting.FakeStateInfo(machineId)
 	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, imagemetadata.ReleasedStream, "quantal", "", true, stateInfo, apiInfo)
+	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, imagemetadata.ReleasedStream, "quantal", true, apiInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	instanceConfig.SetTools(tools.List{
 		&tools.Tools{
@@ -1319,7 +1241,6 @@
 
 var windowsCloudinitTests = []cloudinitTest{{
 	cfg: makeNormalConfig("win8").setMachineID("10").mutate(func(cfg *testInstanceConfig) {
-		cfg.MongoInfo.Info.CACert = "CA CERT\n" + string(serverCert)
 		cfg.APIInfo.CACert = "CA CERT\n" + string(serverCert)
 	}),
 	setEnvConfig:  false,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg_unix.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg_unix.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg_unix.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg_unix.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,20 +15,18 @@
 	"path/filepath"
 	"strings"
 	"text/template"
-	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/featureflag"
 	"github.com/juju/utils/os"
 	"github.com/juju/utils/proxy"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/cloudconfig/cloudinit"
-	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/service"
@@ -207,9 +205,9 @@
 				shquote(w.icfg.ProxySettings.AsScriptEnvironment())))
 	}
 
-	if w.icfg.PublicImageSigningKey != "" {
+	if w.icfg.Controller != nil && w.icfg.Controller.PublicImageSigningKey != "" {
 		keyFile := filepath.Join(agent.DefaultPaths.ConfDir, simplestreams.SimplestreamsPublicKeyFile)
-		w.conf.AddRunTextFile(keyFile, w.icfg.PublicImageSigningKey, 0644)
+		w.conf.AddRunTextFile(keyFile, w.icfg.Controller.PublicImageSigningKey, 0644)
 	}
 
 	// Make the lock dir and change the ownership of the lock dir itself to
@@ -262,74 +260,56 @@
 		w.conf.AddCloudArchiveCloudTools()
 	}
 
-	if w.icfg.Bootstrap {
-		// Add the Juju GUI to the bootstrap node.
-		cleanup, err := w.setUpGUI()
-		if err != nil {
-			return errors.Annotate(err, "cannot set up Juju GUI")
-		}
-		if cleanup != nil {
-			defer cleanup()
+	if w.icfg.Bootstrap != nil {
+		if err := w.configureBootstrap(); err != nil {
+			return errors.Trace(err)
 		}
+	}
+	return w.addMachineAgentToBoot()
+}
 
-		var metadataDir string
-		if len(w.icfg.CustomImageMetadata) > 0 {
-			metadataDir = path.Join(w.icfg.DataDir, "simplestreams")
-			index, products, err := imagemetadata.MarshalImageMetadataJSON(w.icfg.CustomImageMetadata, nil, time.Now())
-			if err != nil {
-				return err
-			}
-			indexFile := path.Join(metadataDir, imagemetadata.IndexStoragePath())
-			productFile := path.Join(metadataDir, imagemetadata.ProductMetadataStoragePath())
-			w.conf.AddRunTextFile(indexFile, string(index), 0644)
-			w.conf.AddRunTextFile(productFile, string(products), 0644)
-			metadataDir = "  --image-metadata " + shquote(metadataDir)
-		}
+func (w *unixConfigure) configureBootstrap() error {
+	// Add the Juju GUI to the bootstrap node.
+	cleanup, err := w.setUpGUI()
+	if err != nil {
+		return errors.Annotate(err, "cannot set up Juju GUI")
+	}
+	if cleanup != nil {
+		defer cleanup()
+	}
 
-		bootstrapCons := w.icfg.Constraints.String()
-		if bootstrapCons != "" {
-			bootstrapCons = " --bootstrap-constraints " + shquote(bootstrapCons)
-		}
-		modelCons := w.icfg.ModelConstraints.String()
-		if modelCons != "" {
-			modelCons = " --constraints " + shquote(modelCons)
-		}
-		var hardware string
-		if w.icfg.HardwareCharacteristics != nil {
-			if hardware = w.icfg.HardwareCharacteristics.String(); hardware != "" {
-				hardware = " --hardware " + shquote(hardware)
-			}
-		}
-		w.conf.AddRunCmd(cloudinit.LogProgressCmd("Bootstrapping Juju machine agent"))
-		loggingOption := " --show-log"
-		// If the bootstrap command was requsted with --debug, then the root
-		// logger will be set to DEBUG.  If it is, then we use --debug here too.
-		if loggo.GetLogger("").LogLevel() == loggo.DEBUG {
-			loggingOption = " --debug"
-		}
-		featureFlags := featureflag.AsEnvironmentValue()
-		if featureFlags != "" {
-			featureFlags = fmt.Sprintf("%s=%s ", osenv.JujuFeatureFlagEnvKey, featureFlags)
-		}
-		w.conf.AddScripts(
-			// The bootstrapping is always run with debug on.
-			featureFlags + w.icfg.JujuTools() + "/jujud bootstrap-state" +
-				" --data-dir " + shquote(w.icfg.DataDir) +
-				" --model-config " + shquote(base64yaml(w.icfg.Config.AllAttrs())) +
-				" --hosted-model-config " + shquote(base64yaml(w.icfg.HostedModelConfig)) +
-				" --instance-id " + shquote(string(w.icfg.InstanceId)) +
-				hardware +
-				bootstrapCons +
-				modelCons +
-				metadataDir +
-				loggingOption,
-		)
+	bootstrapParamsFile := path.Join(w.icfg.DataDir, "bootstrap-params")
+	bootstrapParams, err := w.icfg.Bootstrap.StateInitializationParams.Marshal()
+	if err != nil {
+		return errors.Annotate(err, "marshalling bootstrap params")
 	}
+	w.conf.AddRunTextFile(bootstrapParamsFile, string(bootstrapParams), 0600)
 
-	return w.addMachineAgentToBoot()
+	loggingOption := "--show-log"
+	if loggo.GetLogger("").LogLevel() == loggo.DEBUG {
+		// If the bootstrap command was requested with --debug, then the root
+		// logger will be set to DEBUG. If it is, then we use --debug here too.
+		loggingOption = "--debug"
+	}
+	featureFlags := featureflag.AsEnvironmentValue()
+	if featureFlags != "" {
+		featureFlags = fmt.Sprintf("%s=%s ", osenv.JujuFeatureFlagEnvKey, featureFlags)
+	}
+	bootstrapAgentArgs := []string{
+		featureFlags + w.icfg.JujuTools() + "/jujud",
+		"bootstrap-state",
+		"--timeout", w.icfg.Bootstrap.Timeout.String(),
+		"--data-dir", shquote(w.icfg.DataDir),
+		loggingOption,
+		shquote(bootstrapParamsFile),
+	}
+	w.conf.AddRunCmd(cloudinit.LogProgressCmd("Bootstrapping Juju machine agent"))
+	w.conf.AddScripts(strings.Join(bootstrapAgentArgs, " "))
+
+	return nil
 }
 
-func (w unixConfigure) addDownloadToolsCmds() error {
+func (w *unixConfigure) addDownloadToolsCmds() error {
 	tools := w.icfg.ToolsList()[0]
 	if strings.HasPrefix(tools.URL, fileSchemePrefix) {
 		toolsData, err := ioutil.ReadFile(tools.URL[len(fileSchemePrefix):])
@@ -343,7 +323,7 @@
 		for _, tools := range w.icfg.ToolsList() {
 			urls = append(urls, tools.URL)
 		}
-		if w.icfg.Bootstrap {
+		if w.icfg.Bootstrap != nil {
 			curlCommand += " --retry 10"
 			if w.icfg.DisableSSLHostnameVerification {
 				curlCommand += " --insecure"
@@ -385,16 +365,16 @@
 // The returned clean up function must be called when the bootstrapping
 // process is completed.
 func (w *unixConfigure) setUpGUI() (func(), error) {
-	if w.icfg.GUI == nil {
+	if w.icfg.Bootstrap.GUI == nil {
 		// No GUI archives were found on simplestreams, and no development
 		// GUI path has been passed with the JUJU_GUI environment variable.
 		return nil, nil
 	}
-	u, err := url.Parse(w.icfg.GUI.URL)
+	u, err := url.Parse(w.icfg.Bootstrap.GUI.URL)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot parse Juju GUI URL")
 	}
-	guiJson, err := json.Marshal(w.icfg.GUI)
+	guiJson, err := json.Marshal(w.icfg.Bootstrap.GUI)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -426,7 +406,7 @@
 		"[ -f $gui/gui.tar.bz2 ] && sha256sum $gui/gui.tar.bz2 > $gui/jujugui.sha256",
 		fmt.Sprintf(
 			`[ -f $gui/jujugui.sha256 ] && (grep '%s' $gui/jujugui.sha256 && printf %%s %s > $gui/downloaded-gui.txt || echo Juju GUI checksum mismatch)`,
-			w.icfg.GUI.SHA256, shquote(string(guiJson))),
+			w.icfg.Bootstrap.GUI.SHA256, shquote(string(guiJson))),
 	)
 	return func() {
 		// Don't remove the GUI archive until after bootstrap agent runs,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg_win.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg_win.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/userdatacfg_win.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/userdatacfg_win.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,9 +12,9 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/featureflag"
 	"github.com/juju/utils/series"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cert"
 	"github.com/juju/juju/juju/osenv"
@@ -22,6 +22,9 @@
 	"github.com/juju/juju/tools"
 )
 
+//go:generate go run ../generate/filetoconst/filetoconst.go UserDataScript windowsuserdatafiles/userdata.ps1 winuserdatawrapper.go 2016 cloudconfig
+//go:generate go run ../generate/winuserdata/winuserdata.go 2016 winuserdata.go cloudconfig
+
 type aclType string
 
 const (
@@ -48,16 +51,17 @@
 	if err != nil {
 		return err
 	}
+
 	renderer := w.conf.ShellRenderer()
 	dataDir := renderer.FromSlash(w.icfg.DataDir)
 	baseDir := renderer.FromSlash(filepath.Dir(tmpDir))
 	binDir := renderer.Join(baseDir, "bin")
 
-	w.conf.AddScripts(fmt.Sprintf(`%s`, winPowershellHelperFunctions))
+	w.conf.AddScripts(windowsPowershellHelpers)
 
 	// The jujud user only gets created on non-nano versions for now.
 	if !series.IsWindowsNano(w.icfg.Series) {
-		w.conf.AddScripts(fmt.Sprintf(`%s`, addJujudUser))
+		w.conf.AddScripts(addJujuUser)
 	}
 
 	w.conf.AddScripts(
@@ -90,9 +94,8 @@
 	if err := w.icfg.VerifyConfig(); err != nil {
 		return errors.Trace(err)
 	}
-	if w.icfg.Bootstrap == true {
-		// Bootstrap machine not supported on windows
-		return errors.Errorf("bootstrapping is not supported on windows")
+	if w.icfg.Controller != nil {
+		return errors.Errorf("controllers not supported on windows")
 	}
 
 	tools := w.icfg.ToolsList()[0]
@@ -109,7 +112,7 @@
 	)
 
 	toolsDownloadCmds, err := addDownloadToolsCmds(
-		w.icfg.Series, w.icfg.MongoInfo.CACert, w.icfg.ToolsList(),
+		w.icfg.Series, w.icfg.APIInfo.CACert, w.icfg.ToolsList(),
 	)
 	if err != nil {
 		return errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/addJujuUser.ps1 juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/addJujuUser.ps1
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/addJujuUser.ps1	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/addJujuUser.ps1	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,104 @@
+function create-account ([string]$accountName, [string]$accountDescription, [string]$password) {
+	$hostname = hostname
+	$comp = [adsi]"WinNT://$hostname"
+	$user = $comp.Create("User", $accountName)
+	$user.SetPassword($password)
+	$user.SetInfo()
+	$user.description = $accountDescription
+	$user.SetInfo()
+	$User.UserFlags[0] = $User.UserFlags[0] -bor 0x10000
+	$user.SetInfo()
+
+	# This gets the Administrator group name that is localized on different windows versions. 
+	# However the SID S-1-5-32-544 is the same on all versions.
+	$adminGroup = (New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")).Translate([System.Security.Principal.NTAccount]).Value.Split("\")[1]
+
+	$objOU = [ADSI]"WinNT://$hostname/$adminGroup,group"
+	$objOU.add("WinNT://$hostname/$accountName")
+}
+
+$Source = @"
+%s"@
+
+Add-Type -TypeDefinition $Source -Language CSharp
+
+function Get-RandomPassword
+{
+	[CmdletBinding()]
+	param
+	(
+		[parameter(Mandatory=$true)]
+		[int]$Length
+	)
+	process
+	{
+		$hProvider = 0
+		try
+		{
+			if(![PSCloudbase.Win32CryptApi]::CryptAcquireContext([ref]$hProvider, $null, $null,
+																 [PSCloudbase.Win32CryptApi]::PROV_RSA_FULL,
+																 ([PSCloudbase.Win32CryptApi]::CRYPT_VERIFYCONTEXT -bor
+																  [PSCloudbase.Win32CryptApi]::CRYPT_SILENT)))
+			{
+				throw "CryptAcquireContext failed with error: 0x" + "{0:X0}" -f [PSCloudbase.Win32CryptApi]::GetLastError()
+			}
+
+			$buffer = New-Object byte[] $Length
+			if(![PSCloudbase.Win32CryptApi]::CryptGenRandom($hProvider, $Length, $buffer))
+			{
+				throw "CryptGenRandom failed with error: 0x" + "{0:X0}" -f [PSCloudbase.Win32CryptApi]::GetLastError()
+			}
+
+			$buffer | ForEach-Object { $password += "{0:X0}" -f $_ }
+			return $password
+		}
+		finally
+		{
+			if($hProvider)
+			{
+				$retVal = [PSCloudbase.Win32CryptApi]::CryptReleaseContext($hProvider, 0)
+			}
+		}
+	}
+}
+
+$SourcePolicy = @"
+%s"@
+
+Add-Type -TypeDefinition $SourcePolicy -Language CSharp
+
+function SetAssignPrimaryTokenPrivilege($UserName)
+{
+	$privilege = "SeAssignPrimaryTokenPrivilege"
+	if (!([PSCarbon.Lsa]::GetPrivileges($UserName) -contains $privilege))
+	{
+		[PSCarbon.Lsa]::GrantPrivileges($UserName, $privilege)
+	}
+}
+
+function SetUserLogonAsServiceRights($UserName)
+{
+	$privilege = "SeServiceLogonRight"
+	if (!([PSCarbon.Lsa]::GetPrivileges($UserName) -Contains $privilege))
+	{
+		[PSCarbon.Lsa]::GrantPrivileges($UserName, $privilege)
+	}
+}
+
+$juju_passwd = Get-RandomPassword 20
+$juju_passwd += "^"
+create-account jujud "Juju Admin user" $juju_passwd
+$hostname = hostname
+$juju_user = "$hostname\jujud"
+
+SetUserLogonAsServiceRights $juju_user
+SetAssignPrimaryTokenPrivilege $juju_user
+
+$path = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"
+if(!(Test-Path $path)){
+	New-Item -Path $path -force
+}
+New-ItemProperty $path -Name "jujud" -Value 0 -PropertyType "DWord"
+
+$secpasswd = ConvertTo-SecureString $juju_passwd -AsPlainText -Force
+$jujuCreds = New-Object System.Management.Automation.PSCredential ($juju_user, $secpasswd)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/Carbon.cs juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/Carbon.cs
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/Carbon.cs	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/Carbon.cs	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,286 @@
+/*
+Original sources available at: https://bitbucket.org/splatteredbits/carbon
+*/
+
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Runtime.InteropServices;
+using System.Security.Principal;
+using System.Text;
+
+namespace PSCarbon
+{
+	public sealed class Lsa
+	{
+		// ReSharper disable InconsistentNaming
+		[StructLayout(LayoutKind.Sequential)]
+		internal struct LSA_UNICODE_STRING
+		{
+			internal LSA_UNICODE_STRING(string inputString)
+			{
+				if (inputString == null)
+				{
+					Buffer = IntPtr.Zero;
+					Length = 0;
+					MaximumLength = 0;
+				}
+				else
+				{
+					Buffer = Marshal.StringToHGlobalAuto(inputString);
+					Length = (ushort)(inputString.Length * UnicodeEncoding.CharSize);
+					MaximumLength = (ushort)((inputString.Length + 1) * UnicodeEncoding.CharSize);
+				}
+			}
+
+			internal ushort Length;
+			internal ushort MaximumLength;
+			internal IntPtr Buffer;
+		}
+
+		[StructLayout(LayoutKind.Sequential)]
+		internal struct LSA_OBJECT_ATTRIBUTES
+		{
+			internal uint Length;
+			internal IntPtr RootDirectory;
+			internal LSA_UNICODE_STRING ObjectName;
+			internal uint Attributes;
+			internal IntPtr SecurityDescriptor;
+			internal IntPtr SecurityQualityOfService;
+		}
+
+		[StructLayout(LayoutKind.Sequential)]
+		public struct LUID
+		{
+			public uint LowPart;
+			public int HighPart;
+		}
+
+		// ReSharper disable UnusedMember.Local
+		private const uint POLICY_VIEW_LOCAL_INFORMATION = 0x00000001;
+		private const uint POLICY_VIEW_AUDIT_INFORMATION = 0x00000002;
+		private const uint POLICY_GET_PRIVATE_INFORMATION = 0x00000004;
+		private const uint POLICY_TRUST_ADMIN = 0x00000008;
+		private const uint POLICY_CREATE_ACCOUNT = 0x00000010;
+		private const uint POLICY_CREATE_SECRET = 0x00000014;
+		private const uint POLICY_CREATE_PRIVILEGE = 0x00000040;
+		private const uint POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080;
+		private const uint POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100;
+		private const uint POLICY_AUDIT_LOG_ADMIN = 0x00000200;
+		private const uint POLICY_SERVER_ADMIN = 0x00000400;
+		private const uint POLICY_LOOKUP_NAMES = 0x00000800;
+		private const uint POLICY_NOTIFICATION = 0x00001000;
+		// ReSharper restore UnusedMember.Local
+
+		[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+		public static extern bool LookupPrivilegeValue(
+			[MarshalAs(UnmanagedType.LPTStr)] string lpSystemName,
+			[MarshalAs(UnmanagedType.LPTStr)] string lpName,
+			out LUID lpLuid);
+
+		[DllImport("advapi32.dll", CharSet = CharSet.Unicode)]
+		private static extern uint LsaAddAccountRights(
+			IntPtr PolicyHandle,
+			IntPtr AccountSid,
+			LSA_UNICODE_STRING[] UserRights,
+			uint CountOfRights);
+
+		[DllImport("advapi32.dll", CharSet = CharSet.Unicode, SetLastError = false)]
+		private static extern uint LsaClose(IntPtr ObjectHandle);
+
+		[DllImport("advapi32.dll", SetLastError = true)]
+		private static extern uint LsaEnumerateAccountRights(IntPtr PolicyHandle,
+			IntPtr AccountSid,
+			out IntPtr UserRights,
+			out uint CountOfRights
+			);
+
+		[DllImport("advapi32.dll", SetLastError = true)]
+		private static extern uint LsaFreeMemory(IntPtr pBuffer);
+
+		[DllImport("advapi32.dll")]
+		private static extern int LsaNtStatusToWinError(long status);
+
+		[DllImport("advapi32.dll", SetLastError = true, PreserveSig = true)]
+		private static extern uint LsaOpenPolicy(ref LSA_UNICODE_STRING SystemName, ref LSA_OBJECT_ATTRIBUTES ObjectAttributes, uint DesiredAccess, out IntPtr PolicyHandle );
+
+		[DllImport("advapi32.dll", SetLastError = true, PreserveSig = true)]
+		static extern uint LsaRemoveAccountRights(
+			IntPtr PolicyHandle,
+			IntPtr AccountSid,
+			[MarshalAs(UnmanagedType.U1)]
+			bool AllRights,
+			LSA_UNICODE_STRING[] UserRights,
+			uint CountOfRights);
+		// ReSharper restore InconsistentNaming
+
+		private static IntPtr GetIdentitySid(string identity)
+		{
+			SecurityIdentifier sid =
+				new NTAccount(identity).Translate(typeof (SecurityIdentifier)) as SecurityIdentifier;
+			if (sid == null)
+			{
+				throw new ArgumentException(string.Format("Account {0} not found.", identity));
+			}
+			byte[] sidBytes = new byte[sid.BinaryLength];
+			sid.GetBinaryForm(sidBytes, 0);
+			System.IntPtr sidPtr = Marshal.AllocHGlobal(sidBytes.Length);
+			Marshal.Copy(sidBytes, 0, sidPtr, sidBytes.Length);
+			return sidPtr;
+		}
+
+		private static IntPtr GetLsaPolicyHandle()
+		{
+			string computerName = Environment.MachineName;
+			IntPtr hPolicy;
+			LSA_OBJECT_ATTRIBUTES objectAttributes = new LSA_OBJECT_ATTRIBUTES();
+			objectAttributes.Length = 0;
+			objectAttributes.RootDirectory = IntPtr.Zero;
+			objectAttributes.Attributes = 0;
+			objectAttributes.SecurityDescriptor = IntPtr.Zero;
+			objectAttributes.SecurityQualityOfService = IntPtr.Zero;
+
+			const uint ACCESS_MASK = POLICY_CREATE_SECRET | POLICY_LOOKUP_NAMES | POLICY_VIEW_LOCAL_INFORMATION;
+			LSA_UNICODE_STRING machineNameLsa = new LSA_UNICODE_STRING(computerName);
+			uint result = LsaOpenPolicy(ref machineNameLsa, ref objectAttributes, ACCESS_MASK, out hPolicy);
+			HandleLsaResult(result);
+			return hPolicy;
+		}
+
+		public static string[] GetPrivileges(string identity)
+		{
+			IntPtr sidPtr = GetIdentitySid(identity);
+			IntPtr hPolicy = GetLsaPolicyHandle();
+			IntPtr rightsPtr = IntPtr.Zero;
+
+			try
+			{
+
+				List<string> privileges = new List<string>();
+
+				uint rightsCount;
+				uint result = LsaEnumerateAccountRights(hPolicy, sidPtr, out rightsPtr, out rightsCount);
+				int win32ErrorCode = LsaNtStatusToWinError(result);
+				// the user has no privileges
+				if( win32ErrorCode == STATUS_OBJECT_NAME_NOT_FOUND )
+				{
+					return new string[0];
+				}
+				HandleLsaResult(result);
+
+				LSA_UNICODE_STRING myLsaus = new LSA_UNICODE_STRING();
+				for (ulong i = 0; i < rightsCount; i++)
+				{
+					IntPtr itemAddr = new IntPtr(rightsPtr.ToInt64() + (long) (i*(ulong) Marshal.SizeOf(myLsaus)));
+					myLsaus = (LSA_UNICODE_STRING) Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
+					char[] cvt = new char[myLsaus.Length/UnicodeEncoding.CharSize];
+					Marshal.Copy(myLsaus.Buffer, cvt, 0, myLsaus.Length/UnicodeEncoding.CharSize);
+					string thisRight = new string(cvt);
+					privileges.Add(thisRight);
+				}
+				return privileges.ToArray();
+			}
+			finally
+			{
+				Marshal.FreeHGlobal(sidPtr);
+				uint result = LsaClose(hPolicy);
+				HandleLsaResult(result);
+				result = LsaFreeMemory(rightsPtr);
+				HandleLsaResult(result);
+			}
+		}
+
+		public static void GrantPrivileges(string identity, string[] privileges)
+		{
+			IntPtr sidPtr = GetIdentitySid(identity);
+			IntPtr hPolicy = GetLsaPolicyHandle();
+
+			try
+			{
+				LSA_UNICODE_STRING[] lsaPrivileges = StringsToLsaStrings(privileges);
+				uint result = LsaAddAccountRights(hPolicy, sidPtr, lsaPrivileges, (uint)lsaPrivileges.Length);
+				HandleLsaResult(result);
+			}
+			finally
+			{
+				Marshal.FreeHGlobal(sidPtr);
+				uint result = LsaClose(hPolicy);
+				HandleLsaResult(result);
+			}
+		}
+
+		const int STATUS_SUCCESS = 0x0;
+		const int STATUS_OBJECT_NAME_NOT_FOUND = 0x00000002;
+		const int STATUS_ACCESS_DENIED = 0x00000005;
+		const int STATUS_INVALID_HANDLE = 0x00000006;
+		const int STATUS_UNSUCCESSFUL = 0x0000001F;
+		const int STATUS_INVALID_PARAMETER = 0x00000057;
+		const int STATUS_NO_SUCH_PRIVILEGE = 0x00000521;
+		const int STATUS_INVALID_SERVER_STATE = 0x00000548;
+		const int STATUS_INTERNAL_DB_ERROR = 0x00000567;
+		const int STATUS_INSUFFICIENT_RESOURCES = 0x000005AA;
+
+		private static Dictionary<int, string> ErrorMessages = new Dictionary<int, string>();
+		public Lsa () {
+			ErrorMessages.Add(STATUS_ACCESS_DENIED, "Access denied. Caller does not have the appropriate access to complete the operation.");
+			ErrorMessages.Add(STATUS_INVALID_HANDLE, "Invalid handle. Indicates an object or RPC handle is not valid in the context used.");
+			ErrorMessages.Add(STATUS_UNSUCCESSFUL, "Unsuccessful. Generic failure, such as RPC connection failure.");
+			ErrorMessages.Add(STATUS_INVALID_PARAMETER, "Invalid parameter. One of the parameters is not valid.");
+			ErrorMessages.Add(STATUS_NO_SUCH_PRIVILEGE, "No such privilege. Indicates a specified privilege does not exist.");
+			ErrorMessages.Add(STATUS_INVALID_SERVER_STATE, "Invalid server state. Indicates the LSA server is currently disabled.");
+			ErrorMessages.Add(STATUS_INTERNAL_DB_ERROR, "Internal database error. The LSA database contains an internal inconsistency.");
+			ErrorMessages.Add(STATUS_INSUFFICIENT_RESOURCES, "Insufficient resources. There are not enough system resources (such as memory to allocate buffers) to complete the call.");
+			ErrorMessages.Add(STATUS_OBJECT_NAME_NOT_FOUND, "Object name not found. An object in the LSA policy database was not found. The object may have been specified either by SID or by name, depending on its type.");
+		}
+
+		private static void HandleLsaResult(uint returnCode)
+		{
+			int win32ErrorCode = LsaNtStatusToWinError(returnCode);
+
+			if( win32ErrorCode == STATUS_SUCCESS)
+				return;
+
+			if( ErrorMessages.ContainsKey(win32ErrorCode) )
+			{
+				throw new Win32Exception(win32ErrorCode, ErrorMessages[win32ErrorCode]);
+			}
+
+			throw new Win32Exception(win32ErrorCode);
+		}
+
+		public static void RevokePrivileges(string identity, string[] privileges)
+		{
+			IntPtr sidPtr = GetIdentitySid(identity);
+			IntPtr hPolicy = GetLsaPolicyHandle();
+
+			try
+			{
+				string[] currentPrivileges = GetPrivileges(identity);
+				if (currentPrivileges.Length == 0)
+				{
+					return;
+				}
+				LSA_UNICODE_STRING[] lsaPrivileges = StringsToLsaStrings(privileges);
+				uint result = LsaRemoveAccountRights(hPolicy, sidPtr, false, lsaPrivileges, (uint)lsaPrivileges.Length);
+				HandleLsaResult(result);
+			}
+			finally
+			{
+				Marshal.FreeHGlobal(sidPtr);
+				uint result = LsaClose(hPolicy);
+				HandleLsaResult(result);
+			}
+
+		}
+
+		private static LSA_UNICODE_STRING[] StringsToLsaStrings(string[] privileges)
+		{
+			LSA_UNICODE_STRING[] lsaPrivileges = new LSA_UNICODE_STRING[privileges.Length];
+			for (int idx = 0; idx < privileges.Length; ++idx)
+			{
+				lsaPrivileges[idx] = new LSA_UNICODE_STRING(privileges[idx]);
+			}
+			return lsaPrivileges;
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/CryptoApi.cs juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/CryptoApi.cs
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/CryptoApi.cs	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/CryptoApi.cs	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,30 @@
+using System;
+using System.Text;
+using System.Runtime.InteropServices;
+
+namespace PSCloudbase
+{
+	public sealed class Win32CryptApi
+	{
+		public static long CRYPT_SILENT = 0x00000040;
+		public static long CRYPT_VERIFYCONTEXT = 0xF0000000;
+		public static int PROV_RSA_FULL = 1;
+
+		[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
+		[return : MarshalAs(UnmanagedType.Bool)]
+		public static extern bool CryptAcquireContext(ref IntPtr hProv,
+													  StringBuilder pszContainer, // Don't use string, as Powershell replaces $null with an empty string
+													  StringBuilder pszProvider, // Don't use string, as Powershell replaces $null with an empty string
+													  uint dwProvType,
+													  uint dwFlags);
+
+		[DllImport("Advapi32.dll", EntryPoint = "CryptReleaseContext", CharSet = CharSet.Unicode, SetLastError = true)]
+		public static extern bool CryptReleaseContext(IntPtr hProv, Int32 dwFlags);
+
+		[DllImport("advapi32.dll", SetLastError=true)]
+		public static extern bool CryptGenRandom(IntPtr hProv, uint dwLen, byte[] pbBuffer);
+
+		[DllImport("Kernel32.dll")]
+		public static extern uint GetLastError();
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/filesha256.ps1 juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/filesha256.ps1
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/filesha256.ps1	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/filesha256.ps1	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,15 @@
+
+Function Get-FileSHA256{
+	Param(
+		$FilePath
+	)
+	try {
+		$hash = [Security.Cryptography.HashAlgorithm]::Create( "SHA256" )
+		$stream = ([IO.StreamReader]$FilePath).BaseStream
+		$res = -join ($hash.ComputeHash($stream) | ForEach { "{0:x2}" -f $_ })
+		$stream.Close()
+		return $res
+	} catch [System.Management.Automation.RuntimeException] {
+		return (Get-FileHash -Path $FilePath).Hash
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/invokewebrequest.ps1 juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/invokewebrequest.ps1
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/invokewebrequest.ps1	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/invokewebrequest.ps1	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,31 @@
+
+Function Invoke-FastWebRequest {
+	Param(
+		$URI,
+		$OutFile
+	)
+
+	if(!([System.Management.Automation.PSTypeName]'System.Net.Http.HttpClient').Type)
+	{
+		$assembly = [System.Reflection.Assembly]::LoadWithPartialName("System.Net.Http")
+	}
+
+	$client = new-object System.Net.Http.HttpClient
+
+	$task = $client.GetStreamAsync($URI)
+	$response = $task.Result
+	$outStream = New-Object IO.FileStream $OutFile, Create, Write, None
+
+	try {
+		$totRead = 0
+		$buffer = New-Object Byte[] 1MB
+		while (($read = $response.Read($buffer, 0, $buffer.Length)) -gt 0) {
+		$totRead += $read
+		$outStream.Write($buffer, 0, $read);
+		}
+	}
+	finally {
+		$outStream.Close()
+	}
+}
+
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/retry.ps1 juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/retry.ps1
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/retry.ps1	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/retry.ps1	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,50 @@
+
+$ErrorActionPreference = "Stop"
+
+function ExecRetry($command, $retryInterval = 15)
+{
+	$currErrorActionPreference = $ErrorActionPreference
+	$ErrorActionPreference = "Continue"
+
+	while ($true)
+	{
+		try
+		{
+			& $command
+			break
+		}
+		catch [System.Exception]
+		{
+			Write-Error $_.Exception
+			Start-Sleep $retryInterval
+		}
+	}
+
+	$ErrorActionPreference = $currErrorActionPreference
+}
+
+# TryExecAll attempts all of the commands in the supplied array until
+# one can be executed without throwing an exception. If none of the
+# commands succeeds, an exception will be raised.
+function TryExecAll($commands)
+{
+	$currErrorActionPreference = $ErrorActionPreference
+	$ErrorActionPreference = "Continue"
+
+	foreach ($command in $commands)
+	{
+		try
+		{
+			& $command
+			$ErrorActionPreference = $currErrorActionPreference
+			return
+		}
+		catch [System.Exception]
+		{
+			Write-Error $_.Exception
+		}
+	}
+
+	$ErrorActionPreference = $currErrorActionPreference
+	throw "All commands failed"
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/untar.ps1 juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/untar.ps1
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/untar.ps1	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/untar.ps1	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,141 @@
+
+Function GUnZip-File{
+    Param(
+        $infile,
+        $outdir
+        )
+
+    $input = New-Object System.IO.FileStream $inFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
+    $tempFile = "$env:TEMP\jujud.tar"
+    $tempOut = New-Object System.IO.FileStream $tempFile, ([IO.FileMode]::Create), ([IO.FileAccess]::Write), ([IO.FileShare]::None)
+    $gzipStream = New-Object System.IO.Compression.GzipStream $input, ([IO.Compression.CompressionMode]::Decompress)
+
+    $buffer = New-Object byte[](1024)
+    while($true) {
+        $read = $gzipstream.Read($buffer, 0, 1024)
+        if ($read -le 0){break}
+        $tempOut.Write($buffer, 0, $read)
+    }
+    $gzipStream.Close()
+    $tempOut.Close()
+    $input.Close()
+
+    $in = New-Object System.IO.FileStream $tempFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
+    Untar-File $in $outdir
+    $in.Close()
+    rm $tempFile
+}
+
+$HEADERSIZE = 512
+
+Function Untar-File {
+    Param(
+        $inStream,
+        $outdir
+        )
+    $DirectoryEntryType = 0x35
+    $headerBytes = New-Object byte[]($HEADERSIZE)
+
+    # $headerBytes is written inside, function returns whether we've reached the end
+    while(GetHeaderBytes $inStream $headerBytes) {
+        $fileName, $entryType, $sizeInBytes = GetFileInfoFromHeader $headerBytes
+
+        $totalPath = Join-Path $outDir $fileName
+        if ($entryType -eq $DirectoryEntryType) {
+            [System.IO.Directory]::CreateDirectory($totalPath)
+            continue;
+        }
+
+        $fName = [System.IO.Path]::GetFileName($totalPath)
+        $dirName = [System.IO.Path]::GetDirectoryName($totalPath)
+        [System.IO.Directory]::CreateDirectory($dirName)
+        $file = [System.IO.File]::Create($totalPath)
+        WriteTarEntryToFile $inStream $file $sizeInBytes
+        $file.Close()
+    }
+}
+
+Function WriteTarEntryToFile {
+    Param(
+        $inStream,
+        $outFile,
+        $sizeInBytes
+        )
+    $moveToAlign512 = 0
+    $toRead = 0
+    $buf = New-Object byte[](512)
+
+    $remainingBytesInFile = $sizeInBytes
+    while ($remainingBytesInFile -ne 0) {
+        if ($remainingBytesInFile - 512 -lt 0) {
+            $moveToAlign512 = 512 - $remainingBytesInFile
+            $toRead = $remainingBytesInFile
+        } else {
+            $toRead = 512
+        }
+
+        $bytesRead = 0
+        $bytesRemainingToRead = $toRead
+        while ($bytesRead -lt $toRead -and $bytesRemainingToRead -gt 0) {
+            $bytesRead = $inStream.Read($buf, $toRead - $bytesRemainingToRead, $bytesRemainingToRead)
+            $bytesRemainingToRead = $bytesRemainingToRead - $bytesRead
+            $remainingBytesInFile = $remainingBytesInFile - $bytesRead
+            $outFile.Write($buf, 0, $bytesRead)
+        }
+
+        if ($moveToAlign512 -ne 0) {
+            $inStream.Seek($moveToAlign512, [System.IO.SeekOrigin]::Current)
+        }
+    }
+}
+
+Function GetHeaderBytes {
+    Param($inStream, $headerBytes)
+
+    $headerRead = 0
+    $bytesRemaining = $HEADERSIZE
+    while ($bytesRemaining -gt 0) {
+        $headerRead = $inStream.Read($headerBytes, $HEADERSIZE - $bytesRemaining, $bytesRemaining)
+        $bytesRemaining -= $headerRead
+        if ($headerRead -le 0 -and $bytesRemaining -gt 0) {
+            throw "Error reading tar header. Header size invalid"
+        }
+    }
+
+    # Proper end of archive is 2 empty headers
+    if (IsEmptyByteArray $headerBytes) {
+        $bytesRemaining = $HEADERSIZE
+        while ($bytesRemaining -gt 0) {
+            $headerRead = $inStream.Read($headerBytes, $HEADERSIZE - $bytesRemaining, $bytesRemaining)
+            $bytesRemaining -= $headerRead
+            if ($headerRead -le 0 -and $bytesRemaining -gt 0) {
+                throw "Broken end archive"
+            }
+        }
+        if ($bytesRemaining -eq 0 -and (IsEmptyByteArray($headerBytes))) {
+            return $false
+        }
+        throw "Error occurred: expected end of archive"
+    }
+
+    return $true
+}
+
+Function GetFileInfoFromHeader {
+    Param($headerBytes)
+
+    $FileName = [System.Text.Encoding]::UTF8.GetString($headerBytes, 0, 100);
+    $EntryType = $headerBytes[156];
+    $SizeInBytes = [Convert]::ToInt64([System.Text.Encoding]::ASCII.GetString($headerBytes, 124, 11).Trim(), 8);
+    Return $FileName.replace("`0", [String].Empty), $EntryType, $SizeInBytes
+}
+
+Function IsEmptyByteArray {
+    Param ($bytes)
+    foreach($b in $bytes) {
+        if ($b -ne 0) {
+            return $false
+        }
+    }
+    return $true
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/userdata.ps1 juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/userdata.ps1
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/userdata.ps1	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windowsuserdatafiles/userdata.ps1	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,61 @@
+#ps1_sysnative
+$ErrorActionPreference = "Stop"
+$userdata=@"
+%s
+"@
+
+Function Decode-Base64 {
+	Param(
+		$inFile,
+		$outFile
+	)
+	$bufferSize = 9000 # should be a multiplier of 4
+	$buffer = New-Object char[] $bufferSize
+
+	$reader = [System.IO.File]::OpenText($inFile)
+	$writer = [System.IO.File]::OpenWrite($outFile)
+
+	$bytesRead = 0
+	do
+	{
+		$bytesRead = $reader.Read($buffer, 0, $bufferSize);
+		$bytes = [Convert]::FromBase64CharArray($buffer, 0, $bytesRead);
+		$writer.Write($bytes, 0, $bytes.Length);
+	} while ($bytesRead -eq $bufferSize);
+
+	$reader.Dispose()
+	$writer.Dispose()
+}
+
+Function GUnZip-File {
+	Param(
+		$inFile,
+		$outFile
+	)
+	$in = New-Object System.IO.FileStream $inFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
+	$out = New-Object System.IO.FileStream $outFile, ([IO.FileMode]::Create), ([IO.FileAccess]::Write), ([IO.FileShare]::None)
+	$gzipStream = New-Object System.IO.Compression.GZipStream $in, ([IO.Compression.CompressionMode]::Decompress)
+	$buffer = New-Object byte[](1024)
+	while($true){
+		$read = $gzipstream.Read($buffer, 0, 1024)
+		if ($read -le 0){break}
+		$out.Write($buffer, 0, $read)
+	}
+	$gzipStream.Close()
+	$out.Close()
+	$in.Close()
+}
+
+$b64File = "$env:TEMP\juju\udata.b64"
+$gzFile = "$env:TEMP\juju\udata.gz"
+$udataScript = "$env:TEMP\juju\udata.ps1"
+mkdir "$env:TEMP\juju"
+
+Set-Content $b64File $userdata
+Decode-Base64 -inFile $b64File -outFile $gzFile
+GUnZip-File -inFile $gzFile -outFile $udataScript
+
+& $udataScript
+
+rm -Recurse "$env:TEMP\juju"
+
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windows_userdata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windows_userdata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/windows_userdata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/windows_userdata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -712,7 +712,7 @@
 Set-ItemProperty -Path 'HKLM:\SOFTWARE\juju-core' -Name 'JUJU_DEV_FEATURE_FLAGS' -Value ''
 mkdir 'C:\Juju\lib\juju\agents\machine-10'
 Set-Content 'C:/Juju/lib/juju/agents/machine-10/agent.conf' @"
-# format 1.18
+# format 2.0
 tag: machine-10
 datadir: C:/Juju/lib/juju
 logdir: C:/Juju/log/juju
@@ -734,12 +734,10 @@
   fR+gLQjslxf64w0wCwYJKoZIhvcNAQEFA0EAbn0MaxWVgGYBomeLYfDdb8vCq/5/
   G/2iCUQCXsVrBparMLFnor/iKOkJB5n3z3rtu70rFt+DpX6L8uBR3LB3+A==
   -----END CERTIFICATE-----
-stateaddresses:
-- state-addr.testing.invalid:12345
 model: model-deadbeef-0bad-400d-8000-4b1d0d06f00d
 apiaddresses:
 - state-addr.testing.invalid:54321
-oldpassword: arble
+oldpassword: bletch
 values:
   AGENT_SERVICE_NAME: jujud-machine-10
   PROVIDER_TYPE: dummy
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/winuserdata.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/winuserdata.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/winuserdata.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/winuserdata.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,669 @@
+// Copyright 2016 Canonical Ltd.
+// Copyright 2016 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloudconfig
+
+// Generated code - do not edit.
+
+const addJujuUser = `
+function create-account ([string]$accountName, [string]$accountDescription, [string]$password) {
+	$hostname = hostname
+	$comp = [adsi]"WinNT://$hostname"
+	$user = $comp.Create("User", $accountName)
+	$user.SetPassword($password)
+	$user.SetInfo()
+	$user.description = $accountDescription
+	$user.SetInfo()
+	$User.UserFlags[0] = $User.UserFlags[0] -bor 0x10000
+	$user.SetInfo()
+
+	# This gets the Administrator group name that is localized on different windows versions. 
+	# However the SID S-1-5-32-544 is the same on all versions.
+	$adminGroup = (New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")).Translate([System.Security.Principal.NTAccount]).Value.Split("\")[1]
+
+	$objOU = [ADSI]"WinNT://$hostname/$adminGroup,group"
+	$objOU.add("WinNT://$hostname/$accountName")
+}
+
+$Source = @"
+using System;
+using System.Text;
+using System.Runtime.InteropServices;
+
+namespace PSCloudbase
+{
+	public sealed class Win32CryptApi
+	{
+		public static long CRYPT_SILENT = 0x00000040;
+		public static long CRYPT_VERIFYCONTEXT = 0xF0000000;
+		public static int PROV_RSA_FULL = 1;
+
+		[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
+		[return : MarshalAs(UnmanagedType.Bool)]
+		public static extern bool CryptAcquireContext(ref IntPtr hProv,
+													  StringBuilder pszContainer, // Don't use string, as Powershell replaces $null with an empty string
+													  StringBuilder pszProvider, // Don't use string, as Powershell replaces $null with an empty string
+													  uint dwProvType,
+													  uint dwFlags);
+
+		[DllImport("Advapi32.dll", EntryPoint = "CryptReleaseContext", CharSet = CharSet.Unicode, SetLastError = true)]
+		public static extern bool CryptReleaseContext(IntPtr hProv, Int32 dwFlags);
+
+		[DllImport("advapi32.dll", SetLastError=true)]
+		public static extern bool CryptGenRandom(IntPtr hProv, uint dwLen, byte[] pbBuffer);
+
+		[DllImport("Kernel32.dll")]
+		public static extern uint GetLastError();
+	}
+}
+"@
+
+Add-Type -TypeDefinition $Source -Language CSharp
+
+function Get-RandomPassword
+{
+	[CmdletBinding()]
+	param
+	(
+		[parameter(Mandatory=$true)]
+		[int]$Length
+	)
+	process
+	{
+		$hProvider = 0
+		try
+		{
+			if(![PSCloudbase.Win32CryptApi]::CryptAcquireContext([ref]$hProvider, $null, $null,
+																 [PSCloudbase.Win32CryptApi]::PROV_RSA_FULL,
+																 ([PSCloudbase.Win32CryptApi]::CRYPT_VERIFYCONTEXT -bor
+																  [PSCloudbase.Win32CryptApi]::CRYPT_SILENT)))
+			{
+				throw "CryptAcquireContext failed with error: 0x" + "{0:X0}" -f [PSCloudbase.Win32CryptApi]::GetLastError()
+			}
+
+			$buffer = New-Object byte[] $Length
+			if(![PSCloudbase.Win32CryptApi]::CryptGenRandom($hProvider, $Length, $buffer))
+			{
+				throw "CryptGenRandom failed with error: 0x" + "{0:X0}" -f [PSCloudbase.Win32CryptApi]::GetLastError()
+			}
+
+			$buffer | ForEach-Object { $password += "{0:X0}" -f $_ }
+			return $password
+		}
+		finally
+		{
+			if($hProvider)
+			{
+				$retVal = [PSCloudbase.Win32CryptApi]::CryptReleaseContext($hProvider, 0)
+			}
+		}
+	}
+}
+
+$SourcePolicy = @"
+/*
+Original sources available at: https://bitbucket.org/splatteredbits/carbon
+*/
+
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Runtime.InteropServices;
+using System.Security.Principal;
+using System.Text;
+
+namespace PSCarbon
+{
+	public sealed class Lsa
+	{
+		// ReSharper disable InconsistentNaming
+		[StructLayout(LayoutKind.Sequential)]
+		internal struct LSA_UNICODE_STRING
+		{
+			internal LSA_UNICODE_STRING(string inputString)
+			{
+				if (inputString == null)
+				{
+					Buffer = IntPtr.Zero;
+					Length = 0;
+					MaximumLength = 0;
+				}
+				else
+				{
+					Buffer = Marshal.StringToHGlobalAuto(inputString);
+					Length = (ushort)(inputString.Length * UnicodeEncoding.CharSize);
+					MaximumLength = (ushort)((inputString.Length + 1) * UnicodeEncoding.CharSize);
+				}
+			}
+
+			internal ushort Length;
+			internal ushort MaximumLength;
+			internal IntPtr Buffer;
+		}
+
+		[StructLayout(LayoutKind.Sequential)]
+		internal struct LSA_OBJECT_ATTRIBUTES
+		{
+			internal uint Length;
+			internal IntPtr RootDirectory;
+			internal LSA_UNICODE_STRING ObjectName;
+			internal uint Attributes;
+			internal IntPtr SecurityDescriptor;
+			internal IntPtr SecurityQualityOfService;
+		}
+
+		[StructLayout(LayoutKind.Sequential)]
+		public struct LUID
+		{
+			public uint LowPart;
+			public int HighPart;
+		}
+
+		// ReSharper disable UnusedMember.Local
+		private const uint POLICY_VIEW_LOCAL_INFORMATION = 0x00000001;
+		private const uint POLICY_VIEW_AUDIT_INFORMATION = 0x00000002;
+		private const uint POLICY_GET_PRIVATE_INFORMATION = 0x00000004;
+		private const uint POLICY_TRUST_ADMIN = 0x00000008;
+		private const uint POLICY_CREATE_ACCOUNT = 0x00000010;
+		private const uint POLICY_CREATE_SECRET = 0x00000014;
+		private const uint POLICY_CREATE_PRIVILEGE = 0x00000040;
+		private const uint POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080;
+		private const uint POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100;
+		private const uint POLICY_AUDIT_LOG_ADMIN = 0x00000200;
+		private const uint POLICY_SERVER_ADMIN = 0x00000400;
+		private const uint POLICY_LOOKUP_NAMES = 0x00000800;
+		private const uint POLICY_NOTIFICATION = 0x00001000;
+		// ReSharper restore UnusedMember.Local
+
+		[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+		public static extern bool LookupPrivilegeValue(
+			[MarshalAs(UnmanagedType.LPTStr)] string lpSystemName,
+			[MarshalAs(UnmanagedType.LPTStr)] string lpName,
+			out LUID lpLuid);
+
+		[DllImport("advapi32.dll", CharSet = CharSet.Unicode)]
+		private static extern uint LsaAddAccountRights(
+			IntPtr PolicyHandle,
+			IntPtr AccountSid,
+			LSA_UNICODE_STRING[] UserRights,
+			uint CountOfRights);
+
+		[DllImport("advapi32.dll", CharSet = CharSet.Unicode, SetLastError = false)]
+		private static extern uint LsaClose(IntPtr ObjectHandle);
+
+		[DllImport("advapi32.dll", SetLastError = true)]
+		private static extern uint LsaEnumerateAccountRights(IntPtr PolicyHandle,
+			IntPtr AccountSid,
+			out IntPtr UserRights,
+			out uint CountOfRights
+			);
+
+		[DllImport("advapi32.dll", SetLastError = true)]
+		private static extern uint LsaFreeMemory(IntPtr pBuffer);
+
+		[DllImport("advapi32.dll")]
+		private static extern int LsaNtStatusToWinError(long status);
+
+		[DllImport("advapi32.dll", SetLastError = true, PreserveSig = true)]
+		private static extern uint LsaOpenPolicy(ref LSA_UNICODE_STRING SystemName, ref LSA_OBJECT_ATTRIBUTES ObjectAttributes, uint DesiredAccess, out IntPtr PolicyHandle );
+
+		[DllImport("advapi32.dll", SetLastError = true, PreserveSig = true)]
+		static extern uint LsaRemoveAccountRights(
+			IntPtr PolicyHandle,
+			IntPtr AccountSid,
+			[MarshalAs(UnmanagedType.U1)]
+			bool AllRights,
+			LSA_UNICODE_STRING[] UserRights,
+			uint CountOfRights);
+		// ReSharper restore InconsistentNaming
+
+		private static IntPtr GetIdentitySid(string identity)
+		{
+			SecurityIdentifier sid =
+				new NTAccount(identity).Translate(typeof (SecurityIdentifier)) as SecurityIdentifier;
+			if (sid == null)
+			{
+				throw new ArgumentException(string.Format("Account {0} not found.", identity));
+			}
+			byte[] sidBytes = new byte[sid.BinaryLength];
+			sid.GetBinaryForm(sidBytes, 0);
+			System.IntPtr sidPtr = Marshal.AllocHGlobal(sidBytes.Length);
+			Marshal.Copy(sidBytes, 0, sidPtr, sidBytes.Length);
+			return sidPtr;
+		}
+
+		private static IntPtr GetLsaPolicyHandle()
+		{
+			string computerName = Environment.MachineName;
+			IntPtr hPolicy;
+			LSA_OBJECT_ATTRIBUTES objectAttributes = new LSA_OBJECT_ATTRIBUTES();
+			objectAttributes.Length = 0;
+			objectAttributes.RootDirectory = IntPtr.Zero;
+			objectAttributes.Attributes = 0;
+			objectAttributes.SecurityDescriptor = IntPtr.Zero;
+			objectAttributes.SecurityQualityOfService = IntPtr.Zero;
+
+			const uint ACCESS_MASK = POLICY_CREATE_SECRET | POLICY_LOOKUP_NAMES | POLICY_VIEW_LOCAL_INFORMATION;
+			LSA_UNICODE_STRING machineNameLsa = new LSA_UNICODE_STRING(computerName);
+			uint result = LsaOpenPolicy(ref machineNameLsa, ref objectAttributes, ACCESS_MASK, out hPolicy);
+			HandleLsaResult(result);
+			return hPolicy;
+		}
+
+		public static string[] GetPrivileges(string identity)
+		{
+			IntPtr sidPtr = GetIdentitySid(identity);
+			IntPtr hPolicy = GetLsaPolicyHandle();
+			IntPtr rightsPtr = IntPtr.Zero;
+
+			try
+			{
+
+				List<string> privileges = new List<string>();
+
+				uint rightsCount;
+				uint result = LsaEnumerateAccountRights(hPolicy, sidPtr, out rightsPtr, out rightsCount);
+				int win32ErrorCode = LsaNtStatusToWinError(result);
+				// the user has no privileges
+				if( win32ErrorCode == STATUS_OBJECT_NAME_NOT_FOUND )
+				{
+					return new string[0];
+				}
+				HandleLsaResult(result);
+
+				LSA_UNICODE_STRING myLsaus = new LSA_UNICODE_STRING();
+				for (ulong i = 0; i < rightsCount; i++)
+				{
+					IntPtr itemAddr = new IntPtr(rightsPtr.ToInt64() + (long) (i*(ulong) Marshal.SizeOf(myLsaus)));
+					myLsaus = (LSA_UNICODE_STRING) Marshal.PtrToStructure(itemAddr, myLsaus.GetType());
+					char[] cvt = new char[myLsaus.Length/UnicodeEncoding.CharSize];
+					Marshal.Copy(myLsaus.Buffer, cvt, 0, myLsaus.Length/UnicodeEncoding.CharSize);
+					string thisRight = new string(cvt);
+					privileges.Add(thisRight);
+				}
+				return privileges.ToArray();
+			}
+			finally
+			{
+				Marshal.FreeHGlobal(sidPtr);
+				uint result = LsaClose(hPolicy);
+				HandleLsaResult(result);
+				result = LsaFreeMemory(rightsPtr);
+				HandleLsaResult(result);
+			}
+		}
+
+		public static void GrantPrivileges(string identity, string[] privileges)
+		{
+			IntPtr sidPtr = GetIdentitySid(identity);
+			IntPtr hPolicy = GetLsaPolicyHandle();
+
+			try
+			{
+				LSA_UNICODE_STRING[] lsaPrivileges = StringsToLsaStrings(privileges);
+				uint result = LsaAddAccountRights(hPolicy, sidPtr, lsaPrivileges, (uint)lsaPrivileges.Length);
+				HandleLsaResult(result);
+			}
+			finally
+			{
+				Marshal.FreeHGlobal(sidPtr);
+				uint result = LsaClose(hPolicy);
+				HandleLsaResult(result);
+			}
+		}
+
+		const int STATUS_SUCCESS = 0x0;
+		const int STATUS_OBJECT_NAME_NOT_FOUND = 0x00000002;
+		const int STATUS_ACCESS_DENIED = 0x00000005;
+		const int STATUS_INVALID_HANDLE = 0x00000006;
+		const int STATUS_UNSUCCESSFUL = 0x0000001F;
+		const int STATUS_INVALID_PARAMETER = 0x00000057;
+		const int STATUS_NO_SUCH_PRIVILEGE = 0x00000521;
+		const int STATUS_INVALID_SERVER_STATE = 0x00000548;
+		const int STATUS_INTERNAL_DB_ERROR = 0x00000567;
+		const int STATUS_INSUFFICIENT_RESOURCES = 0x000005AA;
+
+		private static Dictionary<int, string> ErrorMessages = new Dictionary<int, string>();
+		public Lsa () {
+			ErrorMessages.Add(STATUS_ACCESS_DENIED, "Access denied. Caller does not have the appropriate access to complete the operation.");
+			ErrorMessages.Add(STATUS_INVALID_HANDLE, "Invalid handle. Indicates an object or RPC handle is not valid in the context used.");
+			ErrorMessages.Add(STATUS_UNSUCCESSFUL, "Unsuccessful. Generic failure, such as RPC connection failure.");
+			ErrorMessages.Add(STATUS_INVALID_PARAMETER, "Invalid parameter. One of the parameters is not valid.");
+			ErrorMessages.Add(STATUS_NO_SUCH_PRIVILEGE, "No such privilege. Indicates a specified privilege does not exist.");
+			ErrorMessages.Add(STATUS_INVALID_SERVER_STATE, "Invalid server state. Indicates the LSA server is currently disabled.");
+			ErrorMessages.Add(STATUS_INTERNAL_DB_ERROR, "Internal database error. The LSA database contains an internal inconsistency.");
+			ErrorMessages.Add(STATUS_INSUFFICIENT_RESOURCES, "Insufficient resources. There are not enough system resources (such as memory to allocate buffers) to complete the call.");
+			ErrorMessages.Add(STATUS_OBJECT_NAME_NOT_FOUND, "Object name not found. An object in the LSA policy database was not found. The object may have been specified either by SID or by name, depending on its type.");
+		}
+
+		private static void HandleLsaResult(uint returnCode)
+		{
+			int win32ErrorCode = LsaNtStatusToWinError(returnCode);
+
+			if( win32ErrorCode == STATUS_SUCCESS)
+				return;
+
+			if( ErrorMessages.ContainsKey(win32ErrorCode) )
+			{
+				throw new Win32Exception(win32ErrorCode, ErrorMessages[win32ErrorCode]);
+			}
+
+			throw new Win32Exception(win32ErrorCode);
+		}
+
+		public static void RevokePrivileges(string identity, string[] privileges)
+		{
+			IntPtr sidPtr = GetIdentitySid(identity);
+			IntPtr hPolicy = GetLsaPolicyHandle();
+
+			try
+			{
+				string[] currentPrivileges = GetPrivileges(identity);
+				if (currentPrivileges.Length == 0)
+				{
+					return;
+				}
+				LSA_UNICODE_STRING[] lsaPrivileges = StringsToLsaStrings(privileges);
+				uint result = LsaRemoveAccountRights(hPolicy, sidPtr, false, lsaPrivileges, (uint)lsaPrivileges.Length);
+				HandleLsaResult(result);
+			}
+			finally
+			{
+				Marshal.FreeHGlobal(sidPtr);
+				uint result = LsaClose(hPolicy);
+				HandleLsaResult(result);
+			}
+
+		}
+
+		private static LSA_UNICODE_STRING[] StringsToLsaStrings(string[] privileges)
+		{
+			LSA_UNICODE_STRING[] lsaPrivileges = new LSA_UNICODE_STRING[privileges.Length];
+			for (int idx = 0; idx < privileges.Length; ++idx)
+			{
+				lsaPrivileges[idx] = new LSA_UNICODE_STRING(privileges[idx]);
+			}
+			return lsaPrivileges;
+		}
+	}
+}
+"@
+
+Add-Type -TypeDefinition $SourcePolicy -Language CSharp
+
+function SetAssignPrimaryTokenPrivilege($UserName)
+{
+	$privilege = "SeAssignPrimaryTokenPrivilege"
+	if (!([PSCarbon.Lsa]::GetPrivileges($UserName) -contains $privilege))
+	{
+		[PSCarbon.Lsa]::GrantPrivileges($UserName, $privilege)
+	}
+}
+
+function SetUserLogonAsServiceRights($UserName)
+{
+	$privilege = "SeServiceLogonRight"
+	if (!([PSCarbon.Lsa]::GetPrivileges($UserName) -Contains $privilege))
+	{
+		[PSCarbon.Lsa]::GrantPrivileges($UserName, $privilege)
+	}
+}
+
+$juju_passwd = Get-RandomPassword 20
+$juju_passwd += "^"
+create-account jujud "Juju Admin user" $juju_passwd
+$hostname = hostname
+$juju_user = "$hostname\jujud"
+
+SetUserLogonAsServiceRights $juju_user
+SetAssignPrimaryTokenPrivilege $juju_user
+
+$path = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"
+if(!(Test-Path $path)){
+	New-Item -Path $path -force
+}
+New-ItemProperty $path -Name "jujud" -Value 0 -PropertyType "DWord"
+
+$secpasswd = ConvertTo-SecureString $juju_passwd -AsPlainText -Force
+$jujuCreds = New-Object System.Management.Automation.PSCredential ($juju_user, $secpasswd)
+`
+const windowsPowershellHelpers = `
+
+$ErrorActionPreference = "Stop"
+
+function ExecRetry($command, $retryInterval = 15)
+{
+	$currErrorActionPreference = $ErrorActionPreference
+	$ErrorActionPreference = "Continue"
+
+	while ($true)
+	{
+		try
+		{
+			& $command
+			break
+		}
+		catch [System.Exception]
+		{
+			Write-Error $_.Exception
+			Start-Sleep $retryInterval
+		}
+	}
+
+	$ErrorActionPreference = $currErrorActionPreference
+}
+
+# TryExecAll attempts all of the commands in the supplied array until
+# one can be executed without throwing an exception. If none of the
+# commands succeeds, an exception will be raised.
+function TryExecAll($commands)
+{
+	$currErrorActionPreference = $ErrorActionPreference
+	$ErrorActionPreference = "Continue"
+
+	foreach ($command in $commands)
+	{
+		try
+		{
+			& $command
+			$ErrorActionPreference = $currErrorActionPreference
+			return
+		}
+		catch [System.Exception]
+		{
+			Write-Error $_.Exception
+		}
+	}
+
+	$ErrorActionPreference = $currErrorActionPreference
+	throw "All commands failed"
+}
+
+Function GUnZip-File{
+    Param(
+        $infile,
+        $outdir
+        )
+
+    $input = New-Object System.IO.FileStream $inFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
+    $tempFile = "$env:TEMP\jujud.tar"
+    $tempOut = New-Object System.IO.FileStream $tempFile, ([IO.FileMode]::Create), ([IO.FileAccess]::Write), ([IO.FileShare]::None)
+    $gzipStream = New-Object System.IO.Compression.GzipStream $input, ([IO.Compression.CompressionMode]::Decompress)
+
+    $buffer = New-Object byte[](1024)
+    while($true) {
+        $read = $gzipstream.Read($buffer, 0, 1024)
+        if ($read -le 0){break}
+        $tempOut.Write($buffer, 0, $read)
+    }
+    $gzipStream.Close()
+    $tempOut.Close()
+    $input.Close()
+
+    $in = New-Object System.IO.FileStream $tempFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
+    Untar-File $in $outdir
+    $in.Close()
+    rm $tempFile
+}
+
+$HEADERSIZE = 512
+
+Function Untar-File {
+    Param(
+        $inStream,
+        $outdir
+        )
+    $DirectoryEntryType = 0x35
+    $headerBytes = New-Object byte[]($HEADERSIZE)
+
+    # $headerBytes is written inside, function returns whether we've reached the end
+    while(GetHeaderBytes $inStream $headerBytes) {
+        $fileName, $entryType, $sizeInBytes = GetFileInfoFromHeader $headerBytes
+
+        $totalPath = Join-Path $outDir $fileName
+        if ($entryType -eq $DirectoryEntryType) {
+            [System.IO.Directory]::CreateDirectory($totalPath)
+            continue;
+        }
+
+        $fName = [System.IO.Path]::GetFileName($totalPath)
+        $dirName = [System.IO.Path]::GetDirectoryName($totalPath)
+        [System.IO.Directory]::CreateDirectory($dirName)
+        $file = [System.IO.File]::Create($totalPath)
+        WriteTarEntryToFile $inStream $file $sizeInBytes
+        $file.Close()
+    }
+}
+
+Function WriteTarEntryToFile {
+    Param(
+        $inStream,
+        $outFile,
+        $sizeInBytes
+        )
+    $moveToAlign512 = 0
+    $toRead = 0
+    $buf = New-Object byte[](512)
+
+    $remainingBytesInFile = $sizeInBytes
+    while ($remainingBytesInFile -ne 0) {
+        if ($remainingBytesInFile - 512 -lt 0) {
+            $moveToAlign512 = 512 - $remainingBytesInFile
+            $toRead = $remainingBytesInFile
+        } else {
+            $toRead = 512
+        }
+
+        $bytesRead = 0
+        $bytesRemainingToRead = $toRead
+        while ($bytesRead -lt $toRead -and $bytesRemainingToRead -gt 0) {
+            $bytesRead = $inStream.Read($buf, $toRead - $bytesRemainingToRead, $bytesRemainingToRead)
+            $bytesRemainingToRead = $bytesRemainingToRead - $bytesRead
+            $remainingBytesInFile = $remainingBytesInFile - $bytesRead
+            $outFile.Write($buf, 0, $bytesRead)
+        }
+
+        if ($moveToAlign512 -ne 0) {
+            $inStream.Seek($moveToAlign512, [System.IO.SeekOrigin]::Current)
+        }
+    }
+}
+
+Function GetHeaderBytes {
+    Param($inStream, $headerBytes)
+
+    $headerRead = 0
+    $bytesRemaining = $HEADERSIZE
+    while ($bytesRemaining -gt 0) {
+        $headerRead = $inStream.Read($headerBytes, $HEADERSIZE - $bytesRemaining, $bytesRemaining)
+        $bytesRemaining -= $headerRead
+        if ($headerRead -le 0 -and $bytesRemaining -gt 0) {
+            throw "Error reading tar header. Header size invalid"
+        }
+    }
+
+    # Proper end of archive is 2 empty headers
+    if (IsEmptyByteArray $headerBytes) {
+        $bytesRemaining = $HEADERSIZE
+        while ($bytesRemaining -gt 0) {
+            $headerRead = $inStream.Read($headerBytes, $HEADERSIZE - $bytesRemaining, $bytesRemaining)
+            $bytesRemaining -= $headerRead
+            if ($headerRead -le 0 -and $bytesRemaining -gt 0) {
+                throw "Broken end archive"
+            }
+        }
+        if ($bytesRemaining -eq 0 -and (IsEmptyByteArray($headerBytes))) {
+            return $false
+        }
+        throw "Error occurred: expected end of archive"
+    }
+
+    return $true
+}
+
+Function GetFileInfoFromHeader {
+    Param($headerBytes)
+
+    $FileName = [System.Text.Encoding]::UTF8.GetString($headerBytes, 0, 100);
+    $EntryType = $headerBytes[156];
+    $SizeInBytes = [Convert]::ToInt64([System.Text.Encoding]::ASCII.GetString($headerBytes, 124, 11).Trim(), 8);
+    Return $FileName.replace("` + "`" + `0", [String].Empty), $EntryType, $SizeInBytes
+}
+
+Function IsEmptyByteArray {
+    Param ($bytes)
+    foreach($b in $bytes) {
+        if ($b -ne 0) {
+            return $false
+        }
+    }
+    return $true
+}
+
+Function Get-FileSHA256{
+	Param(
+		$FilePath
+	)
+	try {
+		$hash = [Security.Cryptography.HashAlgorithm]::Create( "SHA256" )
+		$stream = ([IO.StreamReader]$FilePath).BaseStream
+		$res = -join ($hash.ComputeHash($stream) | ForEach { "{0:x2}" -f $_ })
+		$stream.Close()
+		return $res
+	} catch [System.Management.Automation.RuntimeException] {
+		return (Get-FileHash -Path $FilePath).Hash
+	}
+}
+
+Function Invoke-FastWebRequest {
+	Param(
+		$URI,
+		$OutFile
+	)
+
+	if(!([System.Management.Automation.PSTypeName]'System.Net.Http.HttpClient').Type)
+	{
+		$assembly = [System.Reflection.Assembly]::LoadWithPartialName("System.Net.Http")
+	}
+
+	$client = new-object System.Net.Http.HttpClient
+
+	$task = $client.GetStreamAsync($URI)
+	$response = $task.Result
+	$outStream = New-Object IO.FileStream $OutFile, Create, Write, None
+
+	try {
+		$totRead = 0
+		$buffer = New-Object Byte[] 1MB
+		while (($read = $response.Read($buffer, 0, $buffer.Length)) -gt 0) {
+		$totRead += $read
+		$outStream.Write($buffer, 0, $read);
+		}
+	}
+	finally {
+		$outStream.Close()
+	}
+}
+
+`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/winuserdatawrapper.go juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/winuserdatawrapper.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cloudconfig/winuserdatawrapper.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cloudconfig/winuserdatawrapper.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,69 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloudconfig
+
+// Generated code - do not edit.
+
+const UserDataScript = `#ps1_sysnative
+$ErrorActionPreference = "Stop"
+$userdata=@"
+%s
+"@
+
+Function Decode-Base64 {
+	Param(
+		$inFile,
+		$outFile
+	)
+	$bufferSize = 9000 # should be a multiplier of 4
+	$buffer = New-Object char[] $bufferSize
+
+	$reader = [System.IO.File]::OpenText($inFile)
+	$writer = [System.IO.File]::OpenWrite($outFile)
+
+	$bytesRead = 0
+	do
+	{
+		$bytesRead = $reader.Read($buffer, 0, $bufferSize);
+		$bytes = [Convert]::FromBase64CharArray($buffer, 0, $bytesRead);
+		$writer.Write($bytes, 0, $bytes.Length);
+	} while ($bytesRead -eq $bufferSize);
+
+	$reader.Dispose()
+	$writer.Dispose()
+}
+
+Function GUnZip-File {
+	Param(
+		$inFile,
+		$outFile
+	)
+	$in = New-Object System.IO.FileStream $inFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read)
+	$out = New-Object System.IO.FileStream $outFile, ([IO.FileMode]::Create), ([IO.FileAccess]::Write), ([IO.FileShare]::None)
+	$gzipStream = New-Object System.IO.Compression.GZipStream $in, ([IO.Compression.CompressionMode]::Decompress)
+	$buffer = New-Object byte[](1024)
+	while($true){
+		$read = $gzipstream.Read($buffer, 0, 1024)
+		if ($read -le 0){break}
+		$out.Write($buffer, 0, $read)
+	}
+	$gzipStream.Close()
+	$out.Close()
+	$in.Close()
+}
+
+$b64File = "$env:TEMP\juju\udata.b64"
+$gzFile = "$env:TEMP\juju\udata.gz"
+$udataScript = "$env:TEMP\juju\udata.ps1"
+mkdir "$env:TEMP\juju"
+
+Set-Content $b64File $userdata
+Decode-Base64 -inFile $b64File -outFile $gzFile
+GUnZip-File -inFile $gzFile -outFile $udataScript
+
+& $udataScript
+
+rm -Recurse "$env:TEMP\juju"
+
+`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/action.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/action.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/action.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/action.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,6 @@
 	"io"
 
 	"github.com/juju/errors"
-	"gopkg.in/juju/charm.v6-unstable"
 
 	"github.com/juju/juju/api/action"
 	"github.com/juju/juju/apiserver/params"
@@ -42,9 +41,9 @@
 	// Cancel attempts to cancel a queued up Action from running.
 	Cancel(params.Actions) (params.ActionResults, error)
 
-	// ServiceCharmActions is a single query which uses ServicesCharmActions to
+	// ApplicationCharmActions is a single query which uses ApplicationsCharmsActions to
 	// get the charm.Actions for a single Service by tag.
-	ServiceCharmActions(params.Entity) (*charm.Actions, error)
+	ApplicationCharmActions(params.Entity) (map[string]params.ActionSpec, error)
 
 	// Actions fetches actions by tag.  These Actions can be used to get
 	// the ActionReceiver if necessary.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/common.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/common.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/common.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/common.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/cmd"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/modelcmd"
@@ -53,8 +53,8 @@
 	*listCommand
 }
 
-func (c *ListCommand) ServiceTag() names.ServiceTag {
-	return c.serviceTag
+func (c *ListCommand) ApplicationTag() names.ApplicationTag {
+	return c.applicationTag
 }
 
 func (c *ListCommand) FullSchema() bool {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,12 +4,18 @@
 package action
 
 import (
+	"bytes"
+	"fmt"
+	"strings"
+	"text/tabwriter"
+
 	"github.com/juju/cmd"
 	errors "github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/juju/common"
 	"github.com/juju/juju/cmd/modelcmd"
 )
 
@@ -20,13 +26,13 @@
 // listCommand lists actions defined by the charm of a given service.
 type listCommand struct {
 	ActionCommandBase
-	serviceTag names.ServiceTag
-	fullSchema bool
-	out        cmd.Output
+	applicationTag names.ApplicationTag
+	fullSchema     bool
+	out            cmd.Output
 }
 
 const listDoc = `
-List the actions available to run on the target service, with a short
+List the actions available to run on the target application, with a short
 description.  To show the full schema for the actions, use --schema.
 
 For more information, see also the 'run-ation' command, which executes actions.
@@ -35,16 +41,16 @@
 // Set up the output.
 func (c *listCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
-	f.BoolVar(&c.fullSchema, "schema", false, "display the full action schema")
+	f.BoolVar(&c.fullSchema, "schema", false, "Display the full action schema")
 }
 
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-actions",
-		Args:    "<service name>",
-		Purpose: "list actions defined for a service",
+		Name:    "actions",
+		Args:    "<application name>",
+		Purpose: "List actions defined for a service.",
 		Doc:     listDoc,
-		Aliases: []string{"actions"},
+		Aliases: []string{"list-actions"},
 	}
 }
 
@@ -52,13 +58,13 @@
 func (c *listCommand) Init(args []string) error {
 	switch len(args) {
 	case 0:
-		return errors.New("no service name specified")
+		return errors.New("no application name specified")
 	case 1:
 		svcName := args[0]
-		if !names.IsValidService(svcName) {
-			return errors.Errorf("invalid service name %q", svcName)
+		if !names.IsValidApplication(svcName) {
+			return errors.Errorf("invalid application name %q", svcName)
 		}
-		c.serviceTag = names.NewServiceTag(svcName)
+		c.applicationTag = names.NewApplicationTag(svcName)
 		return nil
 	default:
 		return cmd.CheckEmpty(args[1:])
@@ -74,19 +80,18 @@
 	}
 	defer api.Close()
 
-	actions, err := api.ServiceCharmActions(params.Entity{c.serviceTag.String()})
+	actions, err := api.ApplicationCharmActions(params.Entity{c.applicationTag.String()})
 	if err != nil {
 		return err
 	}
 
-	output := actions.ActionSpecs
-	if len(output) == 0 {
-		return c.out.Write(ctx, "No actions defined for "+c.serviceTag.Id())
+	if len(actions) == 0 {
+		return c.out.Write(ctx, "No actions defined for "+c.applicationTag.Id())
 	}
 
 	if c.fullSchema {
 		verboseSpecs := make(map[string]interface{})
-		for k, v := range output {
+		for k, v := range actions {
 			verboseSpecs[k] = v.Params
 		}
 
@@ -94,11 +99,34 @@
 	}
 
 	shortOutput := make(map[string]string)
-	for name, action := range actions.ActionSpecs {
+	var sortedNames []string
+	for name, action := range actions {
 		shortOutput[name] = action.Description
 		if shortOutput[name] == "" {
 			shortOutput[name] = "No description"
 		}
+		sortedNames = append(sortedNames, name)
+	}
+	sortedNames = common.SortStringsNaturally(sortedNames)
+	return c.printTabular(ctx, shortOutput, sortedNames)
+}
+
+// printTabular prints the list of actions in tabular format
+func (c *listCommand) printTabular(ctx *cmd.Context, actions map[string]string, sortedNames []string) error {
+	var out bytes.Buffer
+	const (
+		// To format things into columns.
+		minwidth = 0
+		tabwidth = 2
+		padding  = 2
+		padchar  = ' '
+		flags    = 0
+	)
+	tw := tabwriter.NewWriter(&out, minwidth, tabwidth, padding, padchar, flags)
+	fmt.Fprintf(tw, "%s\t%s\n", "ACTION", "DESCRIPTION")
+	for _, name := range sortedNames {
+		fmt.Fprintf(tw, "%s\t%s\n", name, strings.TrimSpace(actions[name]))
 	}
-	return c.out.Write(ctx, shortOutput)
+	tw.Flush()
+	return c.out.Write(ctx, string(out.Bytes()))
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/list_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/list_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/list_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/list_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,12 +9,11 @@
 	"strings"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/yaml.v2"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/action"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing"
@@ -22,7 +21,7 @@
 
 type ListSuite struct {
 	BaseActionSuite
-	svc            *state.Service
+	svc            *state.Application
 	wrappedCommand cmd.Command
 	command        *action.ListCommand
 }
@@ -38,30 +37,30 @@
 	tests := []struct {
 		should               string
 		args                 []string
-		expectedSvc          names.ServiceTag
+		expectedSvc          names.ApplicationTag
 		expectedOutputSchema bool
 		expectedErr          string
 	}{{
-		should:      "fail with missing service name",
+		should:      "fail with missing application name",
 		args:        []string{},
-		expectedErr: "no service name specified",
+		expectedErr: "no application name specified",
 	}, {
-		should:      "fail with invalid service name",
+		should:      "fail with invalid application name",
 		args:        []string{invalidServiceId},
-		expectedErr: "invalid service name \"" + invalidServiceId + "\"",
+		expectedErr: "invalid application name \"" + invalidServiceId + "\"",
 	}, {
 		should:      "fail with too many args",
 		args:        []string{"two", "things"},
 		expectedErr: "unrecognized args: \\[\"things\"\\]",
 	}, {
-		should:      "init properly with valid service name",
+		should:      "init properly with valid application name",
 		args:        []string{validServiceId},
-		expectedSvc: names.NewServiceTag(validServiceId),
+		expectedSvc: names.NewApplicationTag(validServiceId),
 	}, {
-		should:               "init properly with valid service name and --schema",
+		should:               "init properly with valid application name and --schema",
 		args:                 []string{"--schema", validServiceId},
 		expectedOutputSchema: true,
-		expectedSvc:          names.NewServiceTag(validServiceId),
+		expectedSvc:          names.NewApplicationTag(validServiceId),
 	}}
 
 	for i, t := range tests {
@@ -72,7 +71,7 @@
 			args := append([]string{modelFlag, "admin"}, t.args...)
 			err := testing.InitCommand(s.wrappedCommand, args)
 			if t.expectedErr == "" {
-				c.Check(s.command.ServiceTag(), gc.Equals, t.expectedSvc)
+				c.Check(s.command.ApplicationTag(), gc.Equals, t.expectedSvc)
 				c.Check(s.command.FullSchema(), gc.Equals, t.expectedOutputSchema)
 			} else {
 				c.Check(err, gc.ErrorMatches, t.expectedErr)
@@ -82,6 +81,15 @@
 }
 
 func (s *ListSuite) TestRun(c *gc.C) {
+	simpleOutput := `
+ACTION          DESCRIPTION
+kill            Kill the database.
+no-description  No description
+no-params       An action with no parameters.
+snapshot        Take a snapshot of the database.
+
+`[1:]
+
 	tests := []struct {
 		should           string
 		expectFullSchema bool
@@ -89,7 +97,7 @@
 		expectMessage    string
 		withArgs         []string
 		withAPIErr       string
-		withCharmActions *charm.Actions
+		withCharmActions map[string]params.ActionSpec
 		expectedErr      string
 	}{{
 		should:      "pass back API error correctly",
@@ -106,11 +114,10 @@
 		expectFullSchema: true,
 		withCharmActions: someCharmActions,
 	}, {
-		should:           "work properly when no results found",
-		withArgs:         []string{validServiceId},
-		expectNoResults:  true,
-		expectMessage:    "No actions defined for " + validServiceId,
-		withCharmActions: &charm.Actions{ActionSpecs: map[string]charm.ActionSpec{}},
+		should:          "work properly when no results found",
+		withArgs:        []string{validServiceId},
+		expectNoResults: true,
+		expectMessage:   "No actions defined for " + validServiceId,
 	}}
 
 	for i, t := range tests {
@@ -139,7 +146,7 @@
 					} else if t.expectNoResults {
 						c.Check(string(result), gc.Matches, t.expectMessage+"(?sm).*")
 					} else {
-						checkSimpleSchema(c, t.withCharmActions, result)
+						c.Check(testing.Stdout(ctx), gc.Equals, simpleOutput)
 					}
 				}
 
@@ -148,25 +155,10 @@
 	}
 }
 
-func checkFullSchema(c *gc.C, expected *charm.Actions, actual []byte) {
+func checkFullSchema(c *gc.C, expected map[string]params.ActionSpec, actual []byte) {
 	expectedOutput := make(map[string]interface{})
-	for k, v := range expected.ActionSpecs {
+	for k, v := range expected {
 		expectedOutput[k] = v.Params
 	}
 	c.Check(string(actual), jc.YAMLEquals, expectedOutput)
 }
-
-func checkSimpleSchema(c *gc.C, expected *charm.Actions, actualOutput []byte) {
-	specs := expected.ActionSpecs
-	expectedSpecs := make(map[string]string)
-	for name, spec := range specs {
-		expectedSpecs[name] = spec.Description
-		if expectedSpecs[name] == "" {
-			expectedSpecs[name] = "No description"
-		}
-	}
-	actual := make(map[string]string)
-	err := yaml.Unmarshal(actualOutput, &actual)
-	c.Assert(err, gc.IsNil)
-	c.Check(actual, jc.DeepEquals, expectedSpecs)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,11 +13,9 @@
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/action"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	coretesting "github.com/juju/juju/testing"
@@ -51,11 +49,10 @@
 
 	s.modelFlags = []string{"-m", "--model"}
 
-	err := modelcmd.WriteCurrentController("ctrl")
-	c.Assert(err, jc.ErrorIsNil)
 	s.store = jujuclienttesting.NewMemStore()
-	s.store.Accounts["ctrl"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.CurrentControllerName = "ctrl"
+	s.store.Accounts["ctrl"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 }
 
@@ -67,37 +64,35 @@
 	)
 }
 
-var someCharmActions = &charm.Actions{
-	ActionSpecs: map[string]charm.ActionSpec{
-		"snapshot": {
-			Description: "Take a snapshot of the database.",
-			Params: map[string]interface{}{
-				"foo": map[string]interface{}{
-					"bar": "baz",
-				},
-				"baz": "bar",
+var someCharmActions = map[string]params.ActionSpec{
+	"snapshot": {
+		Description: "Take a snapshot of the database.",
+		Params: map[string]interface{}{
+			"foo": map[string]interface{}{
+				"bar": "baz",
 			},
+			"baz": "bar",
 		},
-		"kill": {
-			Description: "Kill the database.",
-			Params: map[string]interface{}{
-				"bar": map[string]interface{}{
-					"baz": "foo",
-				},
-				"foo": "baz",
+	},
+	"kill": {
+		Description: "Kill the database.",
+		Params: map[string]interface{}{
+			"bar": map[string]interface{}{
+				"baz": "foo",
 			},
+			"foo": "baz",
 		},
-		"no-description": {
-			Params: map[string]interface{}{
-				"bar": map[string]interface{}{
-					"baz": "foo",
-				},
-				"foo": "baz",
+	},
+	"no-description": {
+		Params: map[string]interface{}{
+			"bar": map[string]interface{}{
+				"baz": "foo",
 			},
+			"foo": "baz",
 		},
-		"no-params": {
-			Description: "An action with no parameters.",
-		},
+	},
+	"no-params": {
+		Description: "An action with no parameters.\n",
 	},
 }
 
@@ -131,7 +126,7 @@
 	actionsByReceivers []params.ActionsByReceiver
 	actionTagMatches   params.FindTagsResults
 	actionsByNames     params.ActionsByNames
-	charmActions       *charm.Actions
+	charmActions       map[string]params.ActionSpec
 	apiErr             error
 }
 
@@ -176,7 +171,7 @@
 	}, c.apiErr
 }
 
-func (c *fakeAPIClient) ServiceCharmActions(params.Entity) (*charm.Actions, error) {
+func (c *fakeAPIClient) ApplicationCharmActions(params.Entity) (map[string]params.ActionSpec, error) {
 	return c.charmActions, c.apiErr
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/run.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/run.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/run.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/run.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	yaml "gopkg.in/yaml.v2"
 	"launchpad.net/gnuflag"
 
@@ -39,10 +39,11 @@
 
 const runDoc = `
 Queue an Action for execution on a given unit, with a given set of params.
-Displays the ID of the Action for use with 'juju kill', 'juju status', etc.
-
-Params are validated according to the charm for the unit's service.  The 
-valid params can be seen using "juju action defined <service> --schema".
+The Action ID is returned for use with 'juju show-action-output <ID>' or
+'juju show-action-status <ID>'.
+ 
+Params are validated according to the charm for the unit's application.  The 
+valid params can be seen using "juju action defined <application> --schema".
 Params may be in a yaml file which is passed with the --params flag, or they
 may be specified by a key.key.key...=value format (see examples below.)
 
@@ -111,15 +112,15 @@
 // SetFlags offers an option for YAML output.
 func (c *runCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
-	f.Var(&c.paramsYAML, "params", "path to yaml-formatted params file")
-	f.BoolVar(&c.parseStrings, "string-args", false, "use raw string values of CLI args")
+	f.Var(&c.paramsYAML, "params", "Path to yaml-formatted params file")
+	f.BoolVar(&c.parseStrings, "string-args", false, "Use raw string values of CLI args")
 }
 
 func (c *runCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "run-action",
 		Args:    "<unit> <action name> [key.key.key...=value]",
-		Purpose: "queue an action for execution",
+		Purpose: "Queue an action for execution.",
 		Doc:     runDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/run_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/run_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/run_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/run_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 	"strings"
 	"unicode/utf8"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/apiserver/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/showoutput.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/showoutput.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/showoutput.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/showoutput.go	2016-07-18 19:45:44.000000000 +0000
@@ -42,14 +42,14 @@
 // Set up the output.
 func (c *showOutputCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
-	f.StringVar(&c.wait, "wait", "-1s", "wait for results")
+	f.StringVar(&c.wait, "wait", "-1s", "Wait for results")
 }
 
 func (c *showOutputCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "show-action-output",
 		Args:    "<action ID>",
-		Purpose: "show results of an action by ID",
+		Purpose: "Show results of an action by ID.",
 		Doc:     showOutputDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/status.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/action/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/action/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/cmd"
 	errors "github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/apiserver/params"
@@ -33,14 +33,14 @@
 // Set up the output.
 func (c *statusCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
-	f.StringVar(&c.name, "name", "", "an action name")
+	f.StringVar(&c.name, "name", "", "Action name")
 }
 
 func (c *statusCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "show-action-status",
 		Args:    "[<action ID>|<action ID prefix>]",
-		Purpose: "show results of all actions filtered by optional ID prefix",
+		Purpose: "Show results of all actions filtered by optional ID prefix.",
 		Doc:     statusDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addrelation.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addrelation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addrelation.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addrelation.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,67 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+// NewAddRelationCommand returns a command to add a relation between 2 services.
+func NewAddRelationCommand() cmd.Command {
+	return modelcmd.Wrap(&addRelationCommand{})
+}
+
+// addRelationCommand adds a relation between two application endpoints.
+type addRelationCommand struct {
+	modelcmd.ModelCommandBase
+	Endpoints []string
+}
+
+func (c *addRelationCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "add-relation",
+		Aliases: []string{"relate"},
+		Args:    "<application1>[:<relation name1>] <application2>[:<relation name2>]",
+		Purpose: "Add a relation between two applications.",
+	}
+}
+
+func (c *addRelationCommand) Init(args []string) error {
+	if len(args) != 2 {
+		return fmt.Errorf("a relation must involve two applications")
+	}
+	c.Endpoints = args
+	return nil
+}
+
+type serviceAddRelationAPI interface {
+	Close() error
+	AddRelation(endpoints ...string) (*params.AddRelationResults, error)
+}
+
+func (c *addRelationCommand) getAPI() (serviceAddRelationAPI, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+func (c *addRelationCommand) Run(_ *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+	_, err = client.AddRelation(c.Endpoints...)
+	return block.ProcessBlockedError(err, block.BlockChange)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addrelation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addrelation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addrelation_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addrelation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,190 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/juju/common"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+)
+
+type AddRelationSuite struct {
+	jujutesting.RepoSuite
+	common.CmdBlockHelper
+}
+
+func (s *AddRelationSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+}
+
+var _ = gc.Suite(&AddRelationSuite{})
+
+func runAddRelation(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, NewAddRelationCommand(), args...)
+	return err
+}
+
+var msWpAlreadyExists = `cannot add relation "wp:db ms:server": relation already exists`
+var msLgAlreadyExists = `cannot add relation "lg:info ms:juju-info": relation already exists`
+var wpLgAlreadyExists = `cannot add relation "lg:logging-directory wp:logging-dir": relation already exists`
+var wpLgAlreadyExistsJuju = `cannot add relation "lg:info wp:juju-info": relation already exists`
+
+var addRelationTests = []struct {
+	args []string
+	err  string
+}{
+	{
+		args: []string{"rk", "ms"},
+		err:  "no relations found",
+	}, {
+		err: "a relation must involve two applications",
+	}, {
+		args: []string{"rk"},
+		err:  "a relation must involve two applications",
+	}, {
+		args: []string{"rk:ring"},
+		err:  "a relation must involve two applications",
+	}, {
+		args: []string{"ping:pong", "tic:tac", "icki:wacki"},
+		err:  "a relation must involve two applications",
+	},
+
+	// Add a real relation, and check various ways of failing to re-add it.
+	{
+		args: []string{"ms", "wp"},
+	}, {
+		args: []string{"ms", "wp"},
+		err:  msWpAlreadyExists,
+	}, {
+		args: []string{"wp", "ms"},
+		err:  msWpAlreadyExists,
+	}, {
+		args: []string{"ms", "wp:db"},
+		err:  msWpAlreadyExists,
+	}, {
+		args: []string{"ms:server", "wp"},
+		err:  msWpAlreadyExists,
+	}, {
+		args: []string{"ms:server", "wp:db"},
+		err:  msWpAlreadyExists,
+	},
+
+	// Add a real relation using an implicit endpoint.
+	{
+		args: []string{"ms", "lg"},
+	}, {
+		args: []string{"ms", "lg"},
+		err:  msLgAlreadyExists,
+	}, {
+		args: []string{"lg", "ms"},
+		err:  msLgAlreadyExists,
+	}, {
+		args: []string{"ms:juju-info", "lg"},
+		err:  msLgAlreadyExists,
+	}, {
+		args: []string{"ms", "lg:info"},
+		err:  msLgAlreadyExists,
+	}, {
+		args: []string{"ms:juju-info", "lg:info"},
+		err:  msLgAlreadyExists,
+	},
+
+	// Add a real relation using an explicit endpoint, avoiding the potential implicit one.
+	{
+		args: []string{"wp", "lg"},
+	}, {
+		args: []string{"wp", "lg"},
+		err:  wpLgAlreadyExists,
+	}, {
+		args: []string{"lg", "wp"},
+		err:  wpLgAlreadyExists,
+	}, {
+		args: []string{"wp:logging-dir", "lg"},
+		err:  wpLgAlreadyExists,
+	}, {
+		args: []string{"wp", "lg:logging-directory"},
+		err:  wpLgAlreadyExists,
+	}, {
+		args: []string{"wp:logging-dir", "lg:logging-directory"},
+		err:  wpLgAlreadyExists,
+	},
+
+	// Check we can still use the implicit endpoint if specified explicitly.
+	{
+		args: []string{"wp:juju-info", "lg"},
+	}, {
+		args: []string{"wp:juju-info", "lg"},
+		err:  wpLgAlreadyExistsJuju,
+	}, {
+		args: []string{"lg", "wp:juju-info"},
+		err:  wpLgAlreadyExistsJuju,
+	}, {
+		args: []string{"wp:juju-info", "lg"},
+		err:  wpLgAlreadyExistsJuju,
+	}, {
+		args: []string{"wp", "lg:info"},
+		err:  wpLgAlreadyExistsJuju,
+	}, {
+		args: []string{"wp:juju-info", "lg:info"},
+		err:  wpLgAlreadyExistsJuju,
+	},
+}
+
+func (s *AddRelationSuite) TestAddRelation(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "wordpress")
+	err := runDeploy(c, ch, "wp", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "mysql")
+	err = runDeploy(c, ch, "ms", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
+	err = runDeploy(c, ch, "rk", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
+	err = runDeploy(c, ch, "lg", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+
+	for i, t := range addRelationTests {
+		c.Logf("test %d: %v", i, t.args)
+		err := runAddRelation(c, t.args...)
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+		}
+	}
+}
+
+func (s *AddRelationSuite) TestBlockAddRelation(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "wordpress")
+	err := runDeploy(c, ch, "wp", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "mysql")
+	err = runDeploy(c, ch, "ms", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
+	err = runDeploy(c, ch, "rk", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
+	err = runDeploy(c, ch, "lg", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Block operation
+	s.BlockAllChanges(c, "TestBlockAddRelation")
+
+	for i, t := range addRelationTests {
+		c.Logf("test %d: %v", i, t.args)
+		err := runAddRelation(c, t.args...)
+		if len(t.args) == 2 {
+			// Only worry about Run being blocked.
+			// For len(t.args) != 2, an Init will fail
+			s.AssertBlocked(c, err, ".*TestBlockAddRelation.*")
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addunit.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addunit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addunit.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addunit.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,195 @@
+// Copyright 2012-2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"regexp"
+	"strings"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/instance"
+)
+
+var usageAddUnitSummary = `
+Adds one or more units to a deployed application.`[1:]
+
+var usageAddUnitDetails = `
+Adding units to an existing application is a way to scale out that application. 
+Many charms will seamlessly support horizontal scaling, others may need an
+additional application to facilitate load-balancing (check the individual 
+charm documentation).
+This command is applied to applications that have already been deployed.
+By default, applications are deployed to newly provisioned machines in
+accordance with any application or model constraints. Alternatively, this 
+command also supports the placement directive ("--to") for targeting
+specific machines or containers, which will bypass any existing
+constraints.
+
+Examples:
+Add five units of wordpress on five new machines:
+
+    juju add-unit wordpress -n 5
+
+Add one unit of mysql to the existing machine 23:
+
+    juju add-unit mysql --to 23
+
+Create a new LXD container on machine 7 and add one unit of mysql:
+
+    juju add-unit mysql --to lxd:7
+
+Add a unit of mariadb to LXD container number 3 on machine 24:
+
+    juju add-unit mariadb --to 24/lxd/3
+
+See also: 
+    remove-unit`[1:]
+
+// UnitCommandBase provides support for commands which deploy units. It handles the parsing
+// and validation of --to and --num-units arguments.
+type UnitCommandBase struct {
+	// PlacementSpec is the raw string command arg value used to specify placement directives.
+	PlacementSpec string
+	// Placement is the result of parsing the PlacementSpec arg value.
+	Placement []*instance.Placement
+	NumUnits  int
+}
+
+func (c *UnitCommandBase) SetFlags(f *gnuflag.FlagSet) {
+	f.IntVar(&c.NumUnits, "num-units", 1, "")
+	f.StringVar(&c.PlacementSpec, "to", "", "The machine and/or container to deploy the unit in (bypasses constraints)")
+}
+
+func (c *UnitCommandBase) Init(args []string) error {
+	if c.NumUnits < 1 {
+		return errors.New("--num-units must be a positive integer")
+	}
+	if c.PlacementSpec != "" {
+		placementSpecs := strings.Split(c.PlacementSpec, ",")
+		c.Placement = make([]*instance.Placement, len(placementSpecs))
+		for i, spec := range placementSpecs {
+			placement, err := parsePlacement(spec)
+			if err != nil {
+				return errors.Errorf("invalid --to parameter %q", spec)
+			}
+			c.Placement[i] = placement
+		}
+	}
+	if len(c.Placement) > c.NumUnits {
+		logger.Warningf("%d unit(s) will be deployed, extra placement directives will be ignored", c.NumUnits)
+	}
+	return nil
+}
+
+func parsePlacement(spec string) (*instance.Placement, error) {
+	if spec == "" {
+		return nil, nil
+	}
+	placement, err := instance.ParsePlacement(spec)
+	if err == instance.ErrPlacementScopeMissing {
+		spec = "model-uuid" + ":" + spec
+		placement, err = instance.ParsePlacement(spec)
+	}
+	if err != nil {
+		return nil, errors.Errorf("invalid --to parameter %q", spec)
+	}
+	return placement, nil
+}
+
+// NewAddUnitCommand returns a command that adds a unit[s] to an application.
+func NewAddUnitCommand() cmd.Command {
+	return modelcmd.Wrap(&addUnitCommand{})
+}
+
+// addUnitCommand is responsible adding additional units to an application.
+type addUnitCommand struct {
+	modelcmd.ModelCommandBase
+	UnitCommandBase
+	ApplicationName string
+	api             serviceAddUnitAPI
+}
+
+func (c *addUnitCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "add-unit",
+		Args:    "<application name>",
+		Purpose: usageAddUnitSummary,
+		Doc:     usageAddUnitDetails,
+		Aliases: []string{"add-units"},
+	}
+}
+
+func (c *addUnitCommand) SetFlags(f *gnuflag.FlagSet) {
+	c.UnitCommandBase.SetFlags(f)
+	f.IntVar(&c.NumUnits, "n", 1, "Number of units to add")
+}
+
+func (c *addUnitCommand) Init(args []string) error {
+	switch len(args) {
+	case 1:
+		c.ApplicationName = args[0]
+	case 0:
+		return errors.New("no application specified")
+	}
+	if err := cmd.CheckEmpty(args[1:]); err != nil {
+		return err
+	}
+	return c.UnitCommandBase.Init(args)
+}
+
+// serviceAddUnitAPI defines the methods on the client API
+// that the application add-unit command calls.
+type serviceAddUnitAPI interface {
+	Close() error
+	ModelUUID() string
+	AddUnits(application string, numUnits int, placement []*instance.Placement) ([]string, error)
+}
+
+func (c *addUnitCommand) getAPI() (serviceAddUnitAPI, error) {
+	if c.api != nil {
+		return c.api, nil
+	}
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+// Run connects to the environment specified on the command line
+// and calls AddUnits for the given application.
+func (c *addUnitCommand) Run(_ *cmd.Context) error {
+	apiclient, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer apiclient.Close()
+
+	for i, p := range c.Placement {
+		if p.Scope == "model-uuid" {
+			p.Scope = apiclient.ModelUUID()
+		}
+		c.Placement[i] = p
+	}
+	_, err = apiclient.AddUnits(c.ApplicationName, c.NumUnits, c.Placement)
+	return block.ProcessBlockedError(err, block.BlockChange)
+}
+
+// deployTarget describes the format a machine or container target must match to be valid.
+const deployTarget = "^(" + names.ContainerTypeSnippet + ":)?" + names.MachineSnippet + "$"
+
+var validMachineOrNewContainer = regexp.MustCompile(deployTarget)
+
+// IsMachineOrNewContainer returns whether spec is a valid machine id
+// or new container definition.
+func IsMachineOrNewContainer(spec string) bool {
+	return validMachineOrNewContainer.MatchString(spec)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addunit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addunit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/addunit_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/addunit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,178 @@
+// Copyright 2012-2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"strings"
+
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/cmd/juju/application"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/instance"
+	"github.com/juju/juju/testing"
+)
+
+type AddUnitSuite struct {
+	testing.FakeJujuXDGDataHomeSuite
+	fake *fakeServiceAddUnitAPI
+}
+
+type fakeServiceAddUnitAPI struct {
+	envType     string
+	application string
+	numUnits    int
+	placement   []*instance.Placement
+	err         error
+}
+
+func (f *fakeServiceAddUnitAPI) Close() error {
+	return nil
+}
+
+func (f *fakeServiceAddUnitAPI) ModelUUID() string {
+	return "fake-uuid"
+}
+
+func (f *fakeServiceAddUnitAPI) AddUnits(application string, numUnits int, placement []*instance.Placement) ([]string, error) {
+	if f.err != nil {
+		return nil, f.err
+	}
+	if application != f.application {
+		return nil, errors.NotFoundf("application %q", application)
+	}
+
+	f.numUnits += numUnits
+	f.placement = placement
+	return nil, nil
+}
+
+func (f *fakeServiceAddUnitAPI) ModelGet() (map[string]interface{}, error) {
+	cfg, err := config.New(config.UseDefaults, map[string]interface{}{
+		"type": f.envType,
+		"name": "dummy",
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return cfg.AllAttrs(), nil
+}
+
+func (s *AddUnitSuite) SetUpTest(c *gc.C) {
+	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
+	s.fake = &fakeServiceAddUnitAPI{application: "some-application-name", numUnits: 1, envType: "dummy"}
+}
+
+var _ = gc.Suite(&AddUnitSuite{})
+
+var initAddUnitErrorTests = []struct {
+	args []string
+	err  string
+}{
+	{
+		args: []string{"some-application-name", "-n", "0"},
+		err:  `--num-units must be a positive integer`,
+	}, {
+		args: []string{},
+		err:  `no application specified`,
+	}, {
+		args: []string{"some-application-name", "--to", "1,#:foo"},
+		err:  `invalid --to parameter "#:foo"`,
+	},
+}
+
+func (s *AddUnitSuite) TestInitErrors(c *gc.C) {
+	for i, t := range initAddUnitErrorTests {
+		c.Logf("test %d", i)
+		err := testing.InitCommand(application.NewAddUnitCommandForTest(s.fake), t.args)
+		c.Check(err, gc.ErrorMatches, t.err)
+	}
+}
+
+func (s *AddUnitSuite) runAddUnit(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, application.NewAddUnitCommandForTest(s.fake), args...)
+	return err
+}
+
+func (s *AddUnitSuite) TestAddUnit(c *gc.C) {
+	err := s.runAddUnit(c, "some-application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.fake.numUnits, gc.Equals, 2)
+
+	err = s.runAddUnit(c, "--num-units", "2", "some-application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.fake.numUnits, gc.Equals, 4)
+}
+
+func (s *AddUnitSuite) TestAddUnitWithPlacement(c *gc.C) {
+	err := s.runAddUnit(c, "some-application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.fake.numUnits, gc.Equals, 2)
+
+	err = s.runAddUnit(c, "--num-units", "2", "--to", "123,lxd:1,1/lxd/2,foo", "some-application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.fake.numUnits, gc.Equals, 4)
+	c.Assert(s.fake.placement, jc.DeepEquals, []*instance.Placement{
+		{"#", "123"},
+		{"lxd", "1"},
+		{"#", "1/lxd/2"},
+		{"fake-uuid", "foo"},
+	})
+}
+
+func (s *AddUnitSuite) TestBlockAddUnit(c *gc.C) {
+	// Block operation
+	s.fake.err = common.OperationBlockedError("TestBlockAddUnit")
+	s.runAddUnit(c, "some-application-name")
+
+	// msg is logged
+	stripped := strings.Replace(c.GetTestLog(), "\n", "", -1)
+	c.Check(stripped, gc.Matches, ".*TestBlockAddUnit.*")
+}
+
+func (s *AddUnitSuite) TestForceMachine(c *gc.C) {
+	err := s.runAddUnit(c, "some-application-name", "--to", "3")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.fake.numUnits, gc.Equals, 2)
+	c.Assert(s.fake.placement[0].Directive, gc.Equals, "3")
+
+	err = s.runAddUnit(c, "some-application-name", "--to", "23")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.fake.numUnits, gc.Equals, 3)
+	c.Assert(s.fake.placement[0].Directive, gc.Equals, "23")
+}
+
+func (s *AddUnitSuite) TestForceMachineNewContainer(c *gc.C) {
+	err := s.runAddUnit(c, "some-application-name", "--to", "lxd:1")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.fake.numUnits, gc.Equals, 2)
+	c.Assert(s.fake.placement[0].Directive, gc.Equals, "1")
+	c.Assert(s.fake.placement[0].Scope, gc.Equals, "lxd")
+}
+
+func (s *AddUnitSuite) TestNameChecks(c *gc.C) {
+	assertMachineOrNewContainer := func(s string, expect bool) {
+		c.Logf("%s -> %v", s, expect)
+		c.Assert(application.IsMachineOrNewContainer(s), gc.Equals, expect)
+	}
+	assertMachineOrNewContainer("0", true)
+	assertMachineOrNewContainer("00", false)
+	assertMachineOrNewContainer("1", true)
+	assertMachineOrNewContainer("0/lxd/0", true)
+	assertMachineOrNewContainer("lxd:0", true)
+	assertMachineOrNewContainer("lxd:lxd:0", false)
+	assertMachineOrNewContainer("kvm:0/lxd/1", true)
+	assertMachineOrNewContainer("lxd:", false)
+	assertMachineOrNewContainer(":lxd", false)
+	assertMachineOrNewContainer("0/lxd/", false)
+	assertMachineOrNewContainer("0/lxd", false)
+	assertMachineOrNewContainer("kvm:0/lxd", false)
+	assertMachineOrNewContainer("0/lxd/01", false)
+	assertMachineOrNewContainer("0/lxd/10", true)
+	assertMachineOrNewContainer("0/kvm/4", true)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/application.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/application.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/application.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/application.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,11 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/loggo"
+)
+
+// Logger for all commands in the application package
+var logger = loggo.GetLogger("juju.cmd.juju.application")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/bundle.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/bundle.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/bundle.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/bundle.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,879 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/juju/bundlechanges"
+	"github.com/juju/errors"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/macaroon.v1"
+	"gopkg.in/yaml.v1"
+
+	"github.com/juju/juju/api"
+	apiannotations "github.com/juju/juju/api/annotations"
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/api/charms"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/charmstore"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/instance"
+	"github.com/juju/juju/state/multiwatcher"
+	"github.com/juju/juju/state/watcher"
+	"github.com/juju/juju/storage"
+)
+
+var watchAll = func(c *api.Client) (allWatcher, error) {
+	return c.WatchAll()
+}
+
+type allWatcher interface {
+	Next() ([]multiwatcher.Delta, error)
+	Stop() error
+}
+
+// deploymentLogger is used to notify clients about the bundle deployment
+// progress.
+type deploymentLogger interface {
+	// Infof formats and logs the given message.
+	Infof(string, ...interface{})
+}
+
+// deployBundle deploys the given bundle data using the given API client and
+// charm store client. The deployment is not transactional, and its progress is
+// notified using the given deployment logger.
+func deployBundle(
+	bundleFilePath string,
+	data *charm.BundleData,
+	channel csparams.Channel,
+	client *api.Client,
+	serviceDeployer *applicationDeployer,
+	resolver *charmURLResolver,
+	log deploymentLogger,
+	bundleStorage map[string]map[string]storage.Constraints,
+) (map[*charm.URL]*macaroon.Macaroon, error) {
+	verifyConstraints := func(s string) error {
+		_, err := constraints.Parse(s)
+		return err
+	}
+	verifyStorage := func(s string) error {
+		_, err := storage.ParseConstraints(s)
+		return err
+	}
+	var verifyError error
+	if bundleFilePath == "" {
+		verifyError = data.Verify(verifyConstraints, verifyStorage)
+	} else {
+		verifyError = data.VerifyLocal(bundleFilePath, verifyConstraints, verifyStorage)
+	}
+	if verifyError != nil {
+		if verr, ok := verifyError.(*charm.VerificationError); ok {
+			errs := make([]string, len(verr.Errors))
+			for i, err := range verr.Errors {
+				errs[i] = err.Error()
+			}
+			return nil, errors.New("the provided bundle has the following errors:\n" + strings.Join(errs, "\n"))
+		}
+		return nil, errors.Annotate(verifyError, "cannot deploy bundle")
+	}
+
+	// Retrieve bundle changes.
+	changes := bundlechanges.FromData(data)
+	numChanges := len(changes)
+
+	// Initialize the unit status.
+	status, err := client.Status(nil)
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot get model status")
+	}
+	unitStatus := make(map[string]string, numChanges)
+	for _, serviceData := range status.Applications {
+		for unit, unitData := range serviceData.Units {
+			unitStatus[unit] = unitData.Machine
+		}
+	}
+
+	// Instantiate a watcher used to follow the deployment progress.
+	watcher, err := watchAll(client)
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot watch model")
+	}
+	defer watcher.Stop()
+
+	serviceClient, err := serviceDeployer.newApplicationAPIClient()
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot get application client")
+	}
+
+	annotationsClient, err := serviceDeployer.newAnnotationsAPIClient()
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot get annotations client")
+	}
+
+	charmsClient, err := serviceDeployer.newCharmsAPIClient()
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot get charms client")
+	}
+	// Instantiate the bundle handler.
+	h := &bundleHandler{
+		bundleDir:         bundleFilePath,
+		changes:           changes,
+		results:           make(map[string]string, numChanges),
+		channel:           channel,
+		client:            client,
+		serviceClient:     serviceClient,
+		annotationsClient: annotationsClient,
+		charmsClient:      charmsClient,
+		serviceDeployer:   serviceDeployer,
+		bundleStorage:     bundleStorage,
+		resolver:          resolver,
+		log:               log,
+		data:              data,
+		unitStatus:        unitStatus,
+		ignoredMachines:   make(map[string]bool, len(data.Applications)),
+		ignoredUnits:      make(map[string]bool, len(data.Applications)),
+		watcher:           watcher,
+	}
+
+	// Deploy the bundle.
+	csMacs := make(map[*charm.URL]*macaroon.Macaroon)
+	channels := make(map[*charm.URL]csparams.Channel)
+	for _, change := range changes {
+		switch change := change.(type) {
+		case *bundlechanges.AddCharmChange:
+			cURL, channel, csMac, err2 := h.addCharm(change.Id(), change.Params)
+			if err2 == nil {
+				csMacs[cURL] = csMac
+				channels[cURL] = channel
+			}
+			err = err2
+		case *bundlechanges.AddMachineChange:
+			err = h.addMachine(change.Id(), change.Params)
+		case *bundlechanges.AddRelationChange:
+			err = h.addRelation(change.Id(), change.Params)
+		case *bundlechanges.AddApplicationChange:
+			var cURL *charm.URL
+			cURL, err = charm.ParseURL(resolve(change.Params.Charm, h.results))
+			if err == nil {
+				chID := charmstore.CharmID{
+					URL:     cURL,
+					Channel: channels[cURL],
+				}
+				csMac := csMacs[cURL]
+				err = h.addService(change.Id(), change.Params, chID, csMac)
+			}
+		case *bundlechanges.AddUnitChange:
+			err = h.addUnit(change.Id(), change.Params)
+		case *bundlechanges.ExposeChange:
+			err = h.exposeService(change.Id(), change.Params)
+		case *bundlechanges.SetAnnotationsChange:
+			err = h.setAnnotations(change.Id(), change.Params)
+		default:
+			return nil, errors.Errorf("unknown change type: %T", change)
+		}
+		if err != nil {
+			return nil, errors.Annotate(err, "cannot deploy bundle")
+		}
+	}
+	return csMacs, nil
+}
+
+// bundleHandler provides helpers and the state required to deploy a bundle.
+type bundleHandler struct {
+	// bundleDir is the path where the bundle file is located for local bundles.
+	bundleDir string
+	// changes holds the changes to be applied in order to deploy the bundle.
+	changes []bundlechanges.Change
+
+	// results collects data resulting from applying changes. Keys identify
+	// changes, values result from interacting with the environment, and are
+	// stored so that they can be potentially reused later, for instance for
+	// resolving a dynamic placeholder included in a change. Specifically, the
+	// following values are stored:
+	// - when adding a charm, the fully resolved charm is stored;
+	// - when deploying an application, the application name is stored;
+	// - when adding a machine, the resulting machine id is stored;
+	// - when adding a unit, either the id of the machine holding the unit or
+	//   the unit name can be stored. The latter happens when a machine is
+	//   implicitly created by adding a unit without a machine spec.
+	results map[string]string
+
+	// channel identifies the default channel to use for the bundle.
+	channel csparams.Channel
+
+	// client is used to interact with the environment.
+	client *api.Client
+
+	// charmsClient is used to get charm information.
+	charmsClient *charms.Client
+
+	// serviceClient is used to interact with services.
+	serviceClient *application.Client
+
+	// annotationsClient is used to interact with annotations.
+	annotationsClient *apiannotations.Client
+
+	// serviceDeployer is used to deploy services.
+	serviceDeployer *applicationDeployer
+
+	// bundleStorage contains a mapping of application-specific storage
+	// constraints. For each application, the storage constraints in the
+	// map will replace or augment the storage constraints specified
+	// in the bundle itself.
+	bundleStorage map[string]map[string]storage.Constraints
+
+	// resolver is used to resolve charm and bundle URLs.
+	resolver *charmURLResolver
+
+	// log is used to output messages to the user, so that the user can keep
+	// track of the bundle deployment progress.
+	log deploymentLogger
+
+	// data is the original bundle data that we want to deploy.
+	data *charm.BundleData
+
+	// unitStatus reflects the environment status and maps unit names to their
+	// corresponding machine identifiers. This is kept updated by both change
+	// handlers (addCharm, addService etc.) and by updateUnitStatus.
+	unitStatus map[string]string
+
+	// ignoredMachines and ignoredUnits map application names to whether a machine
+	// or a unit creation has been skipped during the bundle deployment because
+	// the current status of the environment does not require them to be added.
+	ignoredMachines map[string]bool
+	ignoredUnits    map[string]bool
+
+	// watcher holds an environment mega-watcher used to keep the environment
+	// status up to date.
+	watcher allWatcher
+
+	// warnedLXC indicates whether or not we have warned the user that the
+	// bundle they're deploying uses lxc containers, which will be treated as
+	// LXD.  This flag keeps us from writing the warning more than once per
+	// bundle.
+	warnedLXC bool
+}
+
+// addCharm adds a charm to the environment.
+func (h *bundleHandler) addCharm(id string, p bundlechanges.AddCharmParams) (*charm.URL, csparams.Channel, *macaroon.Macaroon, error) {
+	// First attempt to interpret as a local path.
+	if strings.HasPrefix(p.Charm, ".") || filepath.IsAbs(p.Charm) {
+		charmPath := p.Charm
+		if !filepath.IsAbs(charmPath) {
+			charmPath = filepath.Join(h.bundleDir, charmPath)
+		}
+
+		var noChannel csparams.Channel
+		series := p.Series
+		if series == "" {
+			series = h.data.Series
+		}
+		ch, curl, err := charmrepo.NewCharmAtPath(charmPath, series)
+		if err != nil && !os.IsNotExist(err) {
+			return nil, noChannel, nil, errors.Annotatef(err, "cannot deploy local charm at %q", charmPath)
+		}
+		if err == nil {
+			if curl, err = h.client.AddLocalCharm(curl, ch); err != nil {
+				return nil, noChannel, nil, err
+			}
+			h.log.Infof("added charm %s", curl)
+			h.results[id] = curl.String()
+			return curl, noChannel, nil, nil
+		}
+	}
+
+	// Not a local charm, so grab from the store.
+	ch, err := charm.ParseURL(p.Charm)
+	if err != nil {
+		return nil, "", nil, errors.Trace(err)
+	}
+	url, channel, _, store, err := h.resolver.resolve(ch)
+	if err != nil {
+		return nil, channel, nil, errors.Annotatef(err, "cannot resolve URL %q", p.Charm)
+	}
+	if url.Series == "bundle" {
+		return nil, channel, nil, errors.Errorf("expected charm URL, got bundle URL %q", p.Charm)
+	}
+	var csMac *macaroon.Macaroon
+	url, csMac, err = addCharmFromURL(h.client, url, channel, store.Client())
+	if err != nil {
+		return nil, channel, nil, errors.Annotatef(err, "cannot add charm %q", p.Charm)
+	}
+	h.log.Infof("added charm %s", url)
+	h.results[id] = url.String()
+	return url, channel, csMac, nil
+}
+
+// addService deploys or update an application with no units. Service options are
+// also set or updated.
+func (h *bundleHandler) addService(id string, p bundlechanges.AddApplicationParams, chID charmstore.CharmID, csMac *macaroon.Macaroon) error {
+	h.results[id] = p.Application
+	ch := chID.URL.String()
+	// Handle application configuration.
+	configYAML := ""
+	if len(p.Options) > 0 {
+		config, err := yaml.Marshal(map[string]map[string]interface{}{p.Application: p.Options})
+		if err != nil {
+			return errors.Annotatef(err, "cannot marshal options for application %q", p.Application)
+		}
+		configYAML = string(config)
+	}
+	// Handle application constraints.
+	cons, err := constraints.Parse(p.Constraints)
+	if err != nil {
+		// This should never happen, as the bundle is already verified.
+		return errors.Annotate(err, "invalid constraints for application")
+	}
+	storageConstraints := h.bundleStorage[p.Application]
+	if len(p.Storage) > 0 {
+		if storageConstraints == nil {
+			storageConstraints = make(map[string]storage.Constraints)
+		}
+		for k, v := range p.Storage {
+			if _, ok := storageConstraints[k]; ok {
+				// Storage constraints overridden
+				// on the command line.
+				continue
+			}
+			cons, err := storage.ParseConstraints(v)
+			if err != nil {
+				return errors.Annotate(err, "invalid storage constraints")
+			}
+			storageConstraints[k] = cons
+		}
+	}
+	resources := make(map[string]string)
+	for resName, revision := range p.Resources {
+		resources[resName] = fmt.Sprint(revision)
+	}
+	charmInfo, err := h.charmsClient.CharmInfo(ch)
+	if err != nil {
+		return err
+	}
+	resNames2IDs, err := handleResources(h.serviceDeployer.api, resources, p.Application, chID, csMac, charmInfo.Meta.Resources)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	// Figure out what series we need to deploy with.
+	conf, err := getClientConfig(h.client)
+	if err != nil {
+		return err
+	}
+	supportedSeries := charmInfo.Meta.Series
+	if len(supportedSeries) == 0 && chID.URL.Series != "" {
+		supportedSeries = []string{chID.URL.Series}
+	}
+	selector := seriesSelector{
+		seriesFlag:      p.Series,
+		charmURLSeries:  chID.URL.Series,
+		supportedSeries: supportedSeries,
+		conf:            conf,
+		fromBundle:      true,
+	}
+	series, message, err := selector.charmSeries()
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	// Deploy the application.
+	if err := h.serviceDeployer.applicationDeploy(applicationDeployParams{
+		charmID:         chID,
+		applicationName: p.Application,
+		series:          series,
+		configYAML:      configYAML,
+		constraints:     cons,
+		storage:         storageConstraints,
+		spaceBindings:   p.EndpointBindings,
+		resources:       resNames2IDs,
+	}); err == nil {
+		h.log.Infof("application %s deployed (charm %s %v)", p.Application, ch, fmt.Sprintf(message, series))
+		for resName := range resNames2IDs {
+			h.log.Infof("added resource %s", resName)
+		}
+		return nil
+	} else if !isErrServiceExists(err) {
+		return errors.Annotatef(err, "cannot deploy application %q", p.Application)
+	}
+	// The application is already deployed in the environment: check that its
+	// charm is compatible with the one declared in the bundle. If it is,
+	// reuse the existing application or upgrade to a specified revision.
+	// Exit with an error otherwise.
+	if err := h.upgradeCharm(p.Application, chID, csMac, resources); err != nil {
+		return errors.Annotatef(err, "cannot upgrade application %q", p.Application)
+	}
+	// Update application configuration.
+	if configYAML != "" {
+		if err := h.serviceClient.Update(params.ApplicationUpdate{
+			ApplicationName: p.Application,
+			SettingsYAML:    configYAML,
+		}); err != nil {
+			// This should never happen as possible errors are already returned
+			// by the application Deploy call above.
+			return errors.Annotatef(err, "cannot update options for application %q", p.Application)
+		}
+		h.log.Infof("configuration updated for application %s", p.Application)
+	}
+	// Update application constraints.
+	if p.Constraints != "" {
+		if err := h.serviceClient.SetConstraints(p.Application, cons); err != nil {
+			// This should never happen, as the bundle is already verified.
+			return errors.Annotatef(err, "cannot update constraints for application %q", p.Application)
+		}
+		h.log.Infof("constraints applied for application %s", p.Application)
+	}
+	return nil
+}
+
+// addMachine creates a new top-level machine or container in the environment.
+func (h *bundleHandler) addMachine(id string, p bundlechanges.AddMachineParams) error {
+	services := h.servicesForMachineChange(id)
+	// Note that we always have at least one application that justifies the
+	// creation of this machine.
+	msg := services[0] + " unit"
+	svcLen := len(services)
+	if svcLen != 1 {
+		msg = strings.Join(services[:svcLen-1], ", ") + " and " + services[svcLen-1] + " units"
+	}
+	// Check whether the desired number of units already exist in the
+	// environment, in which case avoid adding other machines to host those
+	// application units.
+	machine := h.chooseMachine(services...)
+	if machine != "" {
+		h.results[id] = machine
+		notify := make([]string, 0, svcLen)
+		for _, application := range services {
+			if !h.ignoredMachines[application] {
+				h.ignoredMachines[application] = true
+				notify = append(notify, application)
+			}
+		}
+		svcLen = len(notify)
+		switch svcLen {
+		case 0:
+			return nil
+		case 1:
+			msg = notify[0]
+		default:
+			msg = strings.Join(notify[:svcLen-1], ", ") + " and " + notify[svcLen-1]
+		}
+		h.log.Infof("avoid creating other machines to host %s units", msg)
+		return nil
+	}
+	cons, err := constraints.Parse(p.Constraints)
+	if err != nil {
+		// This should never happen, as the bundle is already verified.
+		return errors.Annotate(err, "invalid constraints for machine")
+	}
+	machineParams := params.AddMachineParams{
+		Constraints: cons,
+		Series:      p.Series,
+		Jobs:        []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
+	}
+	if ct := p.ContainerType; ct != "" {
+		// for backwards compatibility with 1.x bundles, we treat lxc
+		// placement directives as lxd.
+		if ct == "lxc" {
+			if !h.warnedLXC {
+				h.log.Infof("Bundle has one or more containers specified as lxc. lxc containers are deprecated in Juju 2.0. lxd containers will be deployed instead.")
+				h.warnedLXC = true
+			}
+			ct = string(instance.LXD)
+		}
+		containerType, err := instance.ParseContainerType(ct)
+		if err != nil {
+			return errors.Annotatef(err, "cannot create machine for holding %s", msg)
+		}
+		machineParams.ContainerType = containerType
+		if p.ParentId != "" {
+			machineParams.ParentId, err = h.resolveMachine(p.ParentId)
+			if err != nil {
+				return errors.Annotatef(err, "cannot retrieve parent placement for %s", msg)
+			}
+		}
+	}
+	r, err := h.client.AddMachines([]params.AddMachineParams{machineParams})
+	if err != nil {
+		return errors.Annotatef(err, "cannot create machine for holding %s", msg)
+	}
+	if r[0].Error != nil {
+		return errors.Annotatef(r[0].Error, "cannot create machine for holding %s", msg)
+	}
+	machine = r[0].Machine
+	if p.ContainerType == "" {
+		h.log.Infof("created new machine %s for holding %s", machine, msg)
+	} else if p.ParentId == "" {
+		h.log.Infof("created %s container in new machine for holding %s", machine, msg)
+	} else {
+		h.log.Infof("created %s container in machine %s for holding %s", machine, machineParams.ParentId, msg)
+	}
+	h.results[id] = machine
+	return nil
+}
+
+// addRelation creates a relationship between two services.
+func (h *bundleHandler) addRelation(id string, p bundlechanges.AddRelationParams) error {
+	ep1 := resolveRelation(p.Endpoint1, h.results)
+	ep2 := resolveRelation(p.Endpoint2, h.results)
+	_, err := h.serviceClient.AddRelation(ep1, ep2)
+	if err == nil {
+		// A new relation has been established.
+		h.log.Infof("related %s and %s", ep1, ep2)
+		return nil
+	}
+	if isErrRelationExists(err) {
+		// The relation is already present in the environment.
+		h.log.Infof("%s and %s are already related", ep1, ep2)
+		return nil
+	}
+	return errors.Annotatef(err, "cannot add relation between %q and %q", ep1, ep2)
+}
+
+// addUnit adds a single unit to an application already present in the environment.
+func (h *bundleHandler) addUnit(id string, p bundlechanges.AddUnitParams) error {
+	application := resolve(p.Application, h.results)
+	// Check whether the desired number of units already exist in the
+	// environment, in which case avoid adding other units.
+	machine := h.chooseMachine(application)
+	if machine != "" {
+		h.results[id] = machine
+		if !h.ignoredUnits[application] {
+			h.ignoredUnits[application] = true
+			num := h.numUnitsForService(application)
+			var msg string
+			if num == 1 {
+				msg = "1 unit already present"
+			} else {
+				msg = fmt.Sprintf("%d units already present", num)
+			}
+			h.log.Infof("avoid adding new units to application %s: %s", application, msg)
+		}
+		return nil
+	}
+	var machineSpec string
+	var placementArg []*instance.Placement
+	if p.To != "" {
+		var err error
+		if machineSpec, err = h.resolveMachine(p.To); err != nil {
+			// Should never happen.
+			return errors.Annotatef(err, "cannot retrieve placement for %q unit", application)
+		}
+		placement, err := parsePlacement(machineSpec)
+		if err != nil {
+			return errors.Errorf("invalid --to parameter %q", machineSpec)
+		}
+		placementArg = append(placementArg, placement)
+	}
+	r, err := h.serviceClient.AddUnits(application, 1, placementArg)
+	if err != nil {
+		return errors.Annotatef(err, "cannot add unit for application %q", application)
+	}
+	unit := r[0]
+	if machineSpec == "" {
+		h.log.Infof("added %s unit to new machine", unit)
+		// In this case, the unit name is stored in results instead of the
+		// machine id, which is lazily evaluated later only if required.
+		// This way we avoid waiting for watcher updates.
+		h.results[id] = unit
+	} else {
+		h.log.Infof("added %s unit to machine %s", unit, machineSpec)
+		h.results[id] = machineSpec
+	}
+	// Note that the machineSpec can be empty for now, resulting in a partially
+	// incomplete unit status. That's ok as the missing info is provided later
+	// when it is required.
+	h.unitStatus[unit] = machineSpec
+	return nil
+}
+
+// exposeService exposes an application.
+func (h *bundleHandler) exposeService(id string, p bundlechanges.ExposeParams) error {
+	application := resolve(p.Application, h.results)
+	if err := h.serviceClient.Expose(application); err != nil {
+		return errors.Annotatef(err, "cannot expose application %s", application)
+	}
+	h.log.Infof("application %s exposed", application)
+	return nil
+}
+
+// setAnnotations sets annotations for an application or a machine.
+func (h *bundleHandler) setAnnotations(id string, p bundlechanges.SetAnnotationsParams) error {
+	eid := resolve(p.Id, h.results)
+	var tag string
+	switch p.EntityType {
+	case bundlechanges.MachineType:
+		tag = names.NewMachineTag(eid).String()
+	case bundlechanges.ApplicationType:
+		tag = names.NewApplicationTag(eid).String()
+	default:
+		return errors.Errorf("unexpected annotation entity type %q", p.EntityType)
+	}
+	result, err := h.annotationsClient.Set(map[string]map[string]string{tag: p.Annotations})
+	if err == nil && len(result) > 0 {
+		err = result[0].Error
+	}
+	if err != nil {
+		return errors.Annotatef(err, "cannot set annotations for %s %q", p.EntityType, eid)
+	}
+	h.log.Infof("annotations set for %s %s", p.EntityType, eid)
+	return nil
+}
+
+// servicesForMachineChange returns the names of the services for which an
+// "addMachine" change is required, as adding machines is required to place
+// units, and units belong to services.
+// Receive the id of the "addMachine" change.
+func (h *bundleHandler) servicesForMachineChange(changeId string) []string {
+	services := make(map[string]bool, len(h.data.Applications))
+mainloop:
+	for _, change := range h.changes {
+		for _, required := range change.Requires() {
+			if required != changeId {
+				continue
+			}
+			switch change := change.(type) {
+			case *bundlechanges.AddMachineChange:
+				// The original machine is a container, and its parent is
+				// another "addMachines" change. Search again using the
+				// parent id.
+				for _, application := range h.servicesForMachineChange(change.Id()) {
+					services[application] = true
+				}
+				continue mainloop
+			case *bundlechanges.AddUnitChange:
+				// We have found the "addUnit" change, which refers to a
+				// application: now resolve the application holding the unit.
+				application := resolve(change.Params.Application, h.results)
+				services[application] = true
+				continue mainloop
+			case *bundlechanges.SetAnnotationsChange:
+				// A machine change is always required to set machine
+				// annotations, but this isn't the interesting change here.
+				continue mainloop
+			default:
+				// Should never happen.
+				panic(fmt.Sprintf("unexpected change %T", change))
+			}
+		}
+	}
+	results := make([]string, 0, len(services))
+	for application := range services {
+		results = append(results, application)
+	}
+	sort.Strings(results)
+	return results
+}
+
+// chooseMachine returns the id of a machine that will be used to host a unit
+// of all the given services. If one of the services still requires units to be
+// added, an empty string is returned, meaning that a new machine must be
+// created for holding the unit. If instead all units are already placed,
+// return the id of the machine which already holds units of the given services
+// and which hosts the least number of units.
+func (h *bundleHandler) chooseMachine(services ...string) string {
+	candidateMachines := make(map[string]bool, len(h.unitStatus))
+	numUnitsPerMachine := make(map[string]int, len(h.unitStatus))
+	numUnitsPerService := make(map[string]int, len(h.data.Applications))
+	// Collect the number of units and the corresponding machines for all
+	// involved services.
+	for unit, machine := range h.unitStatus {
+		// Retrieve the top level machine.
+		machine = strings.Split(machine, "/")[0]
+		numUnitsPerMachine[machine]++
+		svc, err := names.UnitApplication(unit)
+		if err != nil {
+			// Should never happen because the bundle logic has already checked
+			// that unit names are well formed.
+			panic(err)
+		}
+		for _, application := range services {
+			if application != svc {
+				continue
+			}
+			numUnitsPerService[application]++
+			candidateMachines[machine] = true
+		}
+	}
+	// If at least one application still requires units to be added, return an
+	// empty machine in order to force new machine creation.
+	for _, application := range services {
+		if numUnitsPerService[application] < h.data.Applications[application].NumUnits {
+			return ""
+		}
+	}
+	// Return the least used machine.
+	var result string
+	var min int
+	for machine, num := range numUnitsPerMachine {
+		if candidateMachines[machine] && (result == "" || num < min) {
+			result, min = machine, num
+		}
+	}
+	return result
+}
+
+// updateUnitStatusPeriod is the time duration used to wait for a mega-watcher
+// change to be available.
+var updateUnitStatusPeriod = watcher.Period + 5*time.Second
+
+// updateUnitStatus uses the mega-watcher to update units and machines info
+// (h.unitStatus) so that it reflects the current environment status.
+// This function must be called assuming new delta changes are available or
+// will be available within the watcher time period. Otherwise, the function
+// unblocks and an error is returned.
+func (h *bundleHandler) updateUnitStatus() error {
+	var delta []multiwatcher.Delta
+	var err error
+	ch := make(chan struct{})
+	go func() {
+		delta, err = h.watcher.Next()
+		close(ch)
+	}()
+	select {
+	case <-ch:
+		if err != nil {
+			return errors.Annotate(err, "cannot update model status")
+		}
+		for _, d := range delta {
+			switch entityInfo := d.Entity.(type) {
+			case *multiwatcher.UnitInfo:
+				h.unitStatus[entityInfo.Name] = entityInfo.MachineId
+			}
+		}
+	case <-time.After(updateUnitStatusPeriod):
+		// TODO(fwereade): 2016-03-17 lp:1558657
+		return errors.New("timeout while trying to get new changes from the watcher")
+	}
+	return nil
+}
+
+// numUnitsForService return the number of units belonging to the given application
+// currently in the environment.
+func (h *bundleHandler) numUnitsForService(application string) (num int) {
+	for unit := range h.unitStatus {
+		svc, err := names.UnitApplication(unit)
+		if err != nil {
+			// Should never happen.
+			panic(err)
+		}
+		if svc == application {
+			num++
+		}
+	}
+	return num
+}
+
+// resolveMachine returns the machine id resolving the given unit or machine
+// placeholder.
+func (h *bundleHandler) resolveMachine(placeholder string) (string, error) {
+	machineOrUnit := resolve(placeholder, h.results)
+	if !names.IsValidUnit(machineOrUnit) {
+		return machineOrUnit, nil
+	}
+	for h.unitStatus[machineOrUnit] == "" {
+		if err := h.updateUnitStatus(); err != nil {
+			return "", errors.Annotate(err, "cannot resolve machine")
+		}
+	}
+	return h.unitStatus[machineOrUnit], nil
+}
+
+// resolveRelation returns the relation name resolving the included application
+// placeholder.
+func resolveRelation(e string, results map[string]string) string {
+	parts := strings.SplitN(e, ":", 2)
+	application := resolve(parts[0], results)
+	if len(parts) == 1 {
+		return application
+	}
+	return fmt.Sprintf("%s:%s", application, parts[1])
+}
+
+// resolve returns the real entity name for the bundle entity (for instance a
+// application or a machine) with the given placeholder id.
+// A placeholder id is a string like "$deploy-42" or "$addCharm-2", indicating
+// the results of a previously applied change. It always starts with a dollar
+// sign, followed by the identifier of the referred change. A change id is a
+// string indicating the action type ("deploy", "addRelation" etc.), followed
+// by a unique incremental number.
+func resolve(placeholder string, results map[string]string) string {
+	if !strings.HasPrefix(placeholder, "$") {
+		panic(`placeholder does not start with "$"`)
+	}
+	id := placeholder[1:]
+	return results[id]
+}
+
+// upgradeCharm upgrades the charm for the given application to the given charm id.
+// If the application is already deployed using the given charm id, do nothing.
+// This function returns an error if the existing charm and the target one are
+// incompatible, meaning an upgrade from one to the other is not allowed.
+func (h *bundleHandler) upgradeCharm(applicationName string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources map[string]string) error {
+	id := chID.URL.String()
+	existing, err := h.serviceClient.GetCharmURL(applicationName)
+	if err != nil {
+		return errors.Annotatef(err, "cannot retrieve info for application %q", applicationName)
+	}
+	if existing.String() == id {
+		h.log.Infof("reusing application %s (charm: %s)", applicationName, id)
+		return nil
+	}
+	url, err := charm.ParseURL(id)
+	if err != nil {
+		return errors.Annotatef(err, "cannot parse charm URL %q", id)
+	}
+	chID.URL = url
+	if url.WithRevision(-1).Path() != existing.WithRevision(-1).Path() {
+		return errors.Errorf("bundle charm %q is incompatible with existing charm %q", id, existing)
+	}
+	filtered, err := getUpgradeResources(h.serviceDeployer.api, applicationName, url, h.client, resources)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	var resNames2IDs map[string]string
+	if len(filtered) != 0 {
+		resNames2IDs, err = handleResources(h.serviceDeployer.api, resources, applicationName, chID, csMac, filtered)
+		if err != nil {
+			return errors.Trace(err)
+		}
+	}
+	cfg := application.SetCharmConfig{
+		ApplicationName: applicationName,
+		CharmID:         chID,
+		ResourceIDs:     resNames2IDs,
+	}
+	if err := h.serviceClient.SetCharm(cfg); err != nil {
+		return errors.Annotatef(err, "cannot upgrade charm to %q", id)
+	}
+	h.log.Infof("upgraded charm for existing application %s (from %s to %s)", applicationName, existing, id)
+	for resName := range resNames2IDs {
+		h.log.Infof("added resource %s", resName)
+	}
+	return nil
+}
+
+// isErrServiceExists reports whether the given error has been generated
+// from trying to deploy an application that already exists.
+func isErrServiceExists(err error) bool {
+	// TODO frankban (bug 1495952): do this check using the cause rather than
+	// the string when a specific cause is available.
+	return strings.HasSuffix(err.Error(), "application already exists")
+}
+
+// isErrRelationExists reports whether the given error has been generated
+// from trying to create an already established relation.
+func isErrRelationExists(err error) bool {
+	// TODO frankban (bug 1495952): do this check using the cause rather than
+	// the string when a specific cause is available.
+	return strings.HasSuffix(err.Error(), "relation already exists")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/bundle_resources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/bundle_resources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/bundle_resources_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/bundle_resources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,125 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"sort"
+	"strings"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+
+	"github.com/juju/juju/cmd/juju/application"
+	"github.com/juju/juju/component/all"
+	"github.com/juju/juju/resource"
+	"github.com/juju/juju/testcharms"
+)
+
+func init() {
+	if err := all.RegisterForServer(); err != nil {
+		panic(err)
+	}
+}
+
+type ResourcesBundleSuite struct {
+	application.BundleDeployCharmStoreSuite
+}
+
+var _ = gc.Suite(&ResourcesBundleSuite{})
+
+func (s *ResourcesBundleSuite) TestDeployBundleResources(c *gc.C) {
+	testcharms.UploadCharm(c, s.Client(), "trusty/starsay-42", "starsay")
+	bundleMeta := `
+        applications:
+            starsay:
+                charm: cs:starsay
+                num_units: 1
+                resources:
+                    store-resource: 0
+                    install-resource: 0
+                    upload-resource: 0
+    `
+	output, err := s.DeployBundleYAML(c, bundleMeta)
+	c.Assert(err, jc.ErrorIsNil)
+
+	lines := strings.Split(output, "\n")
+	expectedLines := strings.Split(strings.TrimSpace(`
+added charm cs:trusty/starsay-42
+application starsay deployed (charm cs:trusty/starsay-42 with the series "trusty" defined by the bundle)
+added resource install-resource
+added resource store-resource
+added resource upload-resource
+added starsay/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed
+    `), "\n")
+	c.Check(lines, gc.HasLen, len(expectedLines))
+	c.Check(lines[0], gc.Equals, expectedLines[0])
+	c.Check(lines[1], gc.Equals, expectedLines[1])
+	// The "added resource" lines are checked after we sort since
+	// the ordering of those lines is unknown.
+	c.Check(lines[5], gc.Equals, expectedLines[5])
+	c.Check(lines[6], gc.Equals, expectedLines[6])
+	sort.Strings(lines)
+	sort.Strings(expectedLines)
+	c.Check(lines, jc.DeepEquals, expectedLines)
+	s.checkResources(c, "starsay", []resource.Resource{{
+		Resource: charmresource.Resource{
+			Meta: charmresource.Meta{
+				Name:        "install-resource",
+				Type:        charmresource.TypeFile,
+				Path:        "gotta-have-it.txt",
+				Description: "get things started",
+			},
+			Origin:      charmresource.OriginStore,
+			Revision:    0,
+			Fingerprint: resourceHash("install-resource content"),
+			Size:        int64(len("install-resource content")),
+		},
+		ID:            "starsay/install-resource",
+		ApplicationID: "starsay",
+	}, {
+		Resource: charmresource.Resource{
+			Meta: charmresource.Meta{
+				Name:        "store-resource",
+				Type:        charmresource.TypeFile,
+				Path:        "filename.tgz",
+				Description: "One line that is useful when operators need to push it.",
+			},
+			Origin:      charmresource.OriginStore,
+			Fingerprint: resourceHash("store-resource content"),
+			Size:        int64(len("store-resource content")),
+			Revision:    0,
+		},
+		ID:            "starsay/store-resource",
+		ApplicationID: "starsay",
+	}, {
+		Resource: charmresource.Resource{
+			Meta: charmresource.Meta{
+				Name:        "upload-resource",
+				Type:        charmresource.TypeFile,
+				Path:        "somename.xml",
+				Description: "Who uses xml anymore?",
+			},
+			Origin:      charmresource.OriginStore,
+			Fingerprint: resourceHash("upload-resource content"),
+			Size:        int64(len("upload-resource content")),
+			Revision:    0,
+		},
+		ID:            "starsay/upload-resource",
+		ApplicationID: "starsay",
+	}})
+}
+
+func (s *ResourcesBundleSuite) checkResources(c *gc.C, serviceName string, expected []resource.Resource) {
+	_, err := s.State.Application("starsay")
+	c.Check(err, jc.ErrorIsNil)
+	st, err := s.State.Resources()
+	c.Assert(err, jc.ErrorIsNil)
+	svcResources, err := st.ListResources("starsay")
+	c.Assert(err, jc.ErrorIsNil)
+	resources := svcResources.Resources
+	resource.Sort(resources)
+	c.Assert(resources, jc.DeepEquals, expected)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/bundle_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/bundle_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/bundle_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/bundle_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,1553 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/state/multiwatcher"
+	"github.com/juju/juju/state/watcher"
+	"github.com/juju/juju/testcharms"
+	coretesting "github.com/juju/juju/testing"
+)
+
+// LTS-dependent requires new entry upon new LTS release. There are numerous
+// places "xenial" exists in strings throughout this file. If we update the
+// target in testing/base.go:SetupSuite we'll need to also update the entries
+// herein.
+
+// runDeployCommand executes the deploy command in order to deploy the given
+// charm or bundle. The deployment output and error are returned.
+func runDeployCommand(c *gc.C, id string, args ...string) (string, error) {
+	args = append([]string{id}, args...)
+	ctx, err := coretesting.RunCommand(c, NewDeployCommand(), args...)
+	return strings.Trim(coretesting.Stderr(ctx), "\n"), err
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleNotFoundCharmStore(c *gc.C) {
+	err := runDeploy(c, "bundle/no-such")
+	c.Assert(err, gc.ErrorMatches, `cannot resolve URL "cs:bundle/no-such": bundle not found`)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidFlags(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
+	_, err := runDeployCommand(c, "bundle/wordpress-simple", "--config", "config.yaml")
+	c.Assert(err, gc.ErrorMatches, "Flags provided but not supported when deploying a bundle: --config.")
+	_, err = runDeployCommand(c, "bundle/wordpress-simple", "-n", "2")
+	c.Assert(err, gc.ErrorMatches, "Flags provided but not supported when deploying a bundle: -n.")
+	_, err = runDeployCommand(c, "bundle/wordpress-simple", "--series", "xenial", "--force")
+	c.Assert(err, gc.ErrorMatches, "Flags provided but not supported when deploying a bundle: --force, --series.")
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleSuccess(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
+	output, err := runDeployCommand(c, "bundle/wordpress-simple")
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/mysql-42
+application mysql deployed (charm cs:xenial/mysql-42 with the series "xenial" defined by the bundle)
+added charm cs:xenial/wordpress-47
+application wordpress deployed (charm cs:xenial/wordpress-47 with the series "xenial" defined by the bundle)
+related wordpress:db and mysql:server
+added mysql/0 unit to new machine
+added wordpress/0 unit to new machine
+deployment of bundle "cs:bundle/wordpress-simple-1" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"mysql":     {charm: "cs:xenial/mysql-42"},
+		"wordpress": {charm: "cs:xenial/wordpress-47"},
+	})
+	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":     "0",
+		"wordpress/0": "1",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleWithTermsSuccess(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/terms1-17", "terms1")
+	testcharms.UploadCharm(c, s.client, "xenial/terms2-42", "terms2")
+	testcharms.UploadBundle(c, s.client, "bundle/terms-simple-1", "terms-simple")
+	output, err := runDeployCommand(c, "bundle/terms-simple")
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/terms1-17
+application terms1 deployed (charm cs:xenial/terms1-17 with the series "xenial" defined by the bundle)
+added charm cs:xenial/terms2-42
+application terms2 deployed (charm cs:xenial/terms2-42 with the series "xenial" defined by the bundle)
+added terms1/0 unit to new machine
+added terms2/0 unit to new machine
+deployment of bundle "cs:bundle/terms-simple-1" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:xenial/terms1-17", "cs:xenial/terms2-42")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"terms1": {charm: "cs:xenial/terms1-17"},
+		"terms2": {charm: "cs:xenial/terms2-42"},
+	})
+	s.assertUnitsCreated(c, map[string]string{
+		"terms1/0": "0",
+		"terms2/0": "1",
+	})
+	c.Assert(s.termsString, gc.Not(gc.Equals), "")
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleStorage(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql-storage")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-with-mysql-storage-1", "wordpress-with-mysql-storage")
+	output, err := runDeployCommand(
+		c, "bundle/wordpress-with-mysql-storage",
+		"--storage", "mysql:logs=tmpfs,10G", // override logs
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/mysql-42
+application mysql deployed (charm cs:xenial/mysql-42 with the series "xenial" defined by the bundle)
+added charm cs:xenial/wordpress-47
+application wordpress deployed (charm cs:xenial/wordpress-47 with the series "xenial" defined by the bundle)
+related wordpress:db and mysql:server
+added mysql/0 unit to new machine
+added wordpress/0 unit to new machine
+deployment of bundle "cs:bundle/wordpress-with-mysql-storage-1" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"mysql": {
+			charm: "cs:xenial/mysql-42",
+			storage: map[string]state.StorageConstraints{
+				"data": state.StorageConstraints{Pool: "rootfs", Size: 50 * 1024, Count: 1},
+				"logs": state.StorageConstraints{Pool: "tmpfs", Size: 10 * 1024, Count: 1},
+			},
+		},
+		"wordpress": {charm: "cs:xenial/wordpress-47"},
+	})
+	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":     "0",
+		"wordpress/0": "1",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleEndpointBindingsSpaceMissing(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-extra-bindings-47", "wordpress-extra-bindings")
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-with-endpoint-bindings-1", "wordpress-with-endpoint-bindings")
+	output, err := runDeployCommand(c, "bundle/wordpress-with-endpoint-bindings")
+	c.Assert(err, gc.ErrorMatches,
+		"cannot deploy bundle: cannot deploy application \"mysql\": "+
+			"cannot add application \"mysql\": unknown space \"db\" not valid")
+	c.Assert(output, gc.Equals, "added charm cs:xenial/mysql-42")
+	s.assertCharmsUploaded(c, "cs:xenial/mysql-42")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{})
+	s.assertUnitsCreated(c, map[string]string{})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleEndpointBindingsSuccess(c *gc.C) {
+	_, err := s.State.AddSpace("db", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddSpace("public", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-extra-bindings-47", "wordpress-extra-bindings")
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-with-endpoint-bindings-1", "wordpress-with-endpoint-bindings")
+	output, err := runDeployCommand(c, "bundle/wordpress-with-endpoint-bindings")
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/mysql-42
+application mysql deployed (charm cs:xenial/mysql-42 with the series "xenial" defined by the bundle)
+added charm cs:xenial/wordpress-extra-bindings-47
+application wordpress-extra-bindings deployed (charm cs:xenial/wordpress-extra-bindings-47 with the series "xenial" defined by the bundle)
+related wordpress-extra-bindings:db and mysql:server
+added mysql/0 unit to new machine
+added wordpress-extra-bindings/0 unit to new machine
+deployment of bundle "cs:bundle/wordpress-with-endpoint-bindings-1" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-extra-bindings-47")
+
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"mysql":                    {charm: "cs:xenial/mysql-42"},
+		"wordpress-extra-bindings": {charm: "cs:xenial/wordpress-extra-bindings-47"},
+	})
+	s.assertDeployedServiceBindings(c, map[string]serviceInfo{
+		"mysql": {
+			endpointBindings: map[string]string{"server": "db"},
+		},
+		"wordpress-extra-bindings": {
+			endpointBindings: map[string]string{
+				"cache":           "",
+				"url":             "public",
+				"logging-dir":     "",
+				"monitoring-port": "",
+				"db":              "db",
+				"cluster":         "",
+				"db-client":       "db",
+				"admin-api":       "public",
+				"foo-bar":         "",
+			},
+		},
+	})
+	s.assertRelationsEstablished(c, "wordpress-extra-bindings:cluster", "wordpress-extra-bindings:db mysql:server")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":                    "0",
+		"wordpress-extra-bindings/0": "1",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleTwice(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
+	_, err := runDeployCommand(c, "bundle/wordpress-simple")
+	c.Assert(err, jc.ErrorIsNil)
+	output, err := runDeployCommand(c, "bundle/wordpress-simple")
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/mysql-42
+reusing application mysql (charm: cs:xenial/mysql-42)
+added charm cs:xenial/wordpress-47
+reusing application wordpress (charm: cs:xenial/wordpress-47)
+wordpress:db and mysql:server are already related
+avoid adding new units to application mysql: 1 unit already present
+avoid adding new units to application wordpress: 1 unit already present
+deployment of bundle "cs:bundle/wordpress-simple-1" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"mysql":     {charm: "cs:xenial/mysql-42"},
+		"wordpress": {charm: "cs:xenial/wordpress-47"},
+	})
+	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":     "0",
+		"wordpress/0": "1",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleGatedCharm(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
+	url, _ := testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
+	s.changeReadPerm(c, url, clientUserName)
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
+	_, err := runDeployCommand(c, "bundle/wordpress-simple")
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"mysql":     {charm: "cs:xenial/mysql-42"},
+		"wordpress": {charm: "cs:xenial/wordpress-47"},
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleLocalPath(c *gc.C) {
+	dir := c.MkDir()
+	testcharms.Repo.ClonedDir(dir, "dummy")
+	path := filepath.Join(dir, "mybundle")
+	data := `
+        series: xenial
+        applications:
+            dummy:
+                charm: ./dummy
+                series: xenial
+                num_units: 1
+    `
+	err := ioutil.WriteFile(path, []byte(data), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+	output, err := runDeployCommand(c, path)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := fmt.Sprintf(`
+added charm local:xenial/dummy-1
+application dummy deployed (charm local:xenial/dummy-1 with the series "xenial" defined by the bundle)
+added dummy/0 unit to new machine
+deployment of bundle %q completed`, path)
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "local:xenial/dummy-1")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"dummy": {charm: "local:xenial/dummy-1"},
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleNoSeriesInCharmURL(c *gc.C) {
+	testcharms.UploadCharmMultiSeries(c, s.client, "~who/multi-series", "multi-series")
+	dir := c.MkDir()
+	testcharms.Repo.ClonedDir(dir, "dummy")
+	path := filepath.Join(dir, "mybundle")
+	data := `
+        series: trusty
+        applications:
+            dummy:
+                charm: cs:~who/multi-series
+    `
+	err := ioutil.WriteFile(path, []byte(data), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+	output, err := runDeployCommand(c, path)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := fmt.Sprintf(`
+added charm cs:~who/multi-series-0
+application dummy deployed (charm cs:~who/multi-series-0 with the series "trusty" defined by the bundle)
+deployment of bundle %q completed`, path)
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:~who/multi-series-0")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"dummy": {charm: "cs:~who/multi-series-0"},
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleGatedCharmUnauthorized(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
+	url, _ := testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
+	s.changeReadPerm(c, url, "who")
+	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
+	_, err := runDeployCommand(c, "bundle/wordpress-simple")
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: .*: unauthorized: access denied for user "client-username"`)
+}
+
+type BundleDeployCharmStoreSuite struct {
+	charmStoreSuite
+}
+
+var _ = gc.Suite(&BundleDeployCharmStoreSuite{})
+
+func (s *BundleDeployCharmStoreSuite) SetUpSuite(c *gc.C) {
+	s.charmStoreSuite.SetUpSuite(c)
+	s.PatchValue(&watcher.Period, 10*time.Millisecond)
+}
+
+func (s *BundleDeployCharmStoreSuite) Client() *csclient.Client {
+	return s.client
+}
+
+// DeployBundleYAML uses the given bundle content to create a bundle in the
+// local repository and then deploy it. It returns the bundle deployment output
+// and error.
+func (s *BundleDeployCharmStoreSuite) DeployBundleYAML(c *gc.C, content string) (string, error) {
+	bundlePath := filepath.Join(c.MkDir(), "example")
+	c.Assert(os.Mkdir(bundlePath, 0777), jc.ErrorIsNil)
+	defer os.RemoveAll(bundlePath)
+	err := ioutil.WriteFile(filepath.Join(bundlePath, "bundle.yaml"), []byte(content), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ioutil.WriteFile(filepath.Join(bundlePath, "README.md"), []byte("README"), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+	return runDeployCommand(c, bundlePath)
+}
+
+var deployBundleErrorsTests = []struct {
+	about   string
+	content string
+	err     string
+}{{
+	about: "local charm not found",
+	content: `
+        applications:
+            mysql:
+                charm: ./mysql
+                num_units: 1
+    `,
+	err: `the provided bundle has the following errors:
+charm path in application "mysql" does not exist: mysql`,
+}, {
+	about: "charm store charm not found",
+	content: `
+        applications:
+            rails:
+                charm: xenial/rails-42
+                num_units: 1
+    `,
+	err: `cannot deploy bundle: cannot resolve URL "xenial/rails-42": cannot resolve URL "cs:xenial/rails-42": charm not found`,
+}, {
+	about:   "invalid bundle content",
+	content: "!",
+	err:     `cannot unmarshal bundle data: yaml: .*`,
+}, {
+	about: "invalid bundle data",
+	content: `
+        applications:
+            mysql:
+                charm: mysql
+                num_units: -1
+    `,
+	err: `the provided bundle has the following errors:
+negative number of units specified on application "mysql"`,
+}, {
+	about: "invalid constraints",
+	content: `
+        applications:
+            mysql:
+                charm: mysql
+                num_units: 1
+                constraints: bad-wolf
+    `,
+	err: `the provided bundle has the following errors:
+invalid constraints "bad-wolf" in application "mysql": malformed constraint "bad-wolf"`,
+}, {
+	about: "multiple bundle verification errors",
+	content: `
+        applications:
+            mysql:
+                charm: mysql
+                num_units: -1
+                constraints: bad-wolf
+    `,
+	err: `the provided bundle has the following errors:
+invalid constraints "bad-wolf" in application "mysql": malformed constraint "bad-wolf"
+negative number of units specified on application "mysql"`,
+}, {
+	about: "bundle inception",
+	content: `
+        applications:
+            example:
+                charm: local:wordpress
+                num_units: 1
+    `,
+	err: `cannot deploy bundle: cannot resolve URL "local:wordpress": unknown schema for charm URL "local:wordpress"`,
+}}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleErrors(c *gc.C) {
+	for i, test := range deployBundleErrorsTests {
+		c.Logf("test %d: %s", i, test.about)
+		_, err := s.DeployBundleYAML(c, test.content)
+		c.Check(err, gc.ErrorMatches, test.err)
+	}
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidOptions(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
+	_, err := s.DeployBundleYAML(c, `
+        applications:
+            wp:
+                charm: xenial/wordpress-42
+                num_units: 1
+                options:
+                    blog-title: 42
+    `)
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot deploy application "wp": option "blog-title" expected string, got 42`)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidMachineContainerType(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
+	_, err := s.DeployBundleYAML(c, `
+        applications:
+            wp:
+                charm: xenial/wordpress
+                num_units: 1
+                to: ["bad:1"]
+        machines:
+            1:
+    `)
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot create machine for holding wp unit: invalid container type "bad"`)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidSeries(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "vivid/django-0", "dummy")
+	_, err := s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: vivid/django
+                num_units: 1
+                to:
+                    - 1
+        machines:
+            1:
+                series: xenial
+    `)
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot add unit for application "django": adding new machine to host unit "django/0": cannot assign unit "django/0" to machine 0: series does not match`)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleWatcherTimeout(c *gc.C) {
+	// Inject an "AllWatcher" that never delivers a result.
+	ch := make(chan struct{})
+	defer close(ch)
+	watcher := mockAllWatcher{
+		next: func() []multiwatcher.Delta {
+			<-ch
+			return nil
+		},
+	}
+	s.PatchValue(&watchAll, func(*api.Client) (allWatcher, error) {
+		return watcher, nil
+	})
+
+	testcharms.UploadCharm(c, s.client, "xenial/django-0", "dummy")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
+	s.PatchValue(&updateUnitStatusPeriod, 0*time.Second)
+	_, err := s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: django
+                num_units: 1
+            wordpress:
+                charm: wordpress
+                num_units: 1
+                to: [django]
+    `)
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot retrieve placement for "wordpress" unit: cannot resolve machine: timeout while trying to get new changes from the watcher`)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleLocalDeployment(c *gc.C) {
+	charmsPath := c.MkDir()
+	mysqlPath := testcharms.Repo.ClonedDirPath(charmsPath, "mysql")
+	wordpressPath := testcharms.Repo.ClonedDirPath(charmsPath, "wordpress")
+	output, err := s.DeployBundleYAML(c, fmt.Sprintf(`
+        series: xenial
+        applications:
+            wordpress:
+                charm: %s
+                num_units: 1
+            mysql:
+                charm: %s
+                num_units: 2
+        relations:
+            - ["wordpress:db", "mysql:server"]
+    `, wordpressPath, mysqlPath))
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm local:xenial/mysql-1
+application mysql deployed (charm local:xenial/mysql-1 with the series "xenial" defined by the bundle)
+added charm local:xenial/wordpress-3
+application wordpress deployed (charm local:xenial/wordpress-3 with the series "xenial" defined by the bundle)
+related wordpress:db and mysql:server
+added mysql/0 unit to new machine
+added mysql/1 unit to new machine
+added wordpress/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "local:xenial/mysql-1", "local:xenial/wordpress-3")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"mysql":     {charm: "local:xenial/mysql-1"},
+		"wordpress": {charm: "local:xenial/wordpress-3"},
+	})
+	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":     "0",
+		"mysql/1":     "1",
+		"wordpress/0": "2",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleLocalAndCharmStoreCharms(c *gc.C) {
+	charmsPath := c.MkDir()
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
+	mysqlPath := testcharms.Repo.ClonedDirPath(charmsPath, "mysql")
+	output, err := s.DeployBundleYAML(c, fmt.Sprintf(`
+        series: xenial
+        applications:
+            wordpress:
+                charm: xenial/wordpress-42
+                series: xenial
+                num_units: 1
+            mysql:
+                charm: %s
+                num_units: 1
+        relations:
+            - ["wordpress:db", "mysql:server"]
+    `, mysqlPath))
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm local:xenial/mysql-1
+application mysql deployed (charm local:xenial/mysql-1 with the series "xenial" defined by the bundle)
+added charm cs:xenial/wordpress-42
+application wordpress deployed (charm cs:xenial/wordpress-42 with the series "xenial" defined by the bundle)
+related wordpress:db and mysql:server
+added mysql/0 unit to new machine
+added wordpress/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "local:xenial/mysql-1", "cs:xenial/wordpress-42")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"mysql":     {charm: "local:xenial/mysql-1"},
+		"wordpress": {charm: "cs:xenial/wordpress-42"},
+	})
+	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":     "0",
+		"wordpress/0": "1",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleApplicationOptions(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
+	testcharms.UploadCharm(c, s.client, "precise/dummy-0", "dummy")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: wordpress
+                num_units: 1
+                options:
+                    blog-title: these are the voyages
+            customized:
+                charm: precise/dummy-0
+                num_units: 1
+                options:
+                    username: who
+                    skill-level: 47
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:precise/dummy-0
+application customized deployed (charm cs:precise/dummy-0 with the series "precise" defined by the bundle)
+added charm cs:xenial/wordpress-42
+application wordpress deployed (charm cs:xenial/wordpress-42 with the series "xenial" defined by the bundle)
+added customized/0 unit to new machine
+added wordpress/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:precise/dummy-0", "cs:xenial/wordpress-42")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"customized": {
+			charm:  "cs:precise/dummy-0",
+			config: charm.Settings{"username": "who", "skill-level": int64(47)},
+		},
+		"wordpress": {
+			charm:  "cs:xenial/wordpress-42",
+			config: charm.Settings{"blog-title": "these are the voyages"},
+		},
+	})
+	s.assertUnitsCreated(c, map[string]string{
+		"wordpress/0":  "1",
+		"customized/0": "0",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleApplicationConstrants(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
+	testcharms.UploadCharm(c, s.client, "precise/dummy-0", "dummy")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: wordpress
+                constraints: mem=4G cpu-cores=2
+            customized:
+                charm: precise/dummy-0
+                num_units: 1
+                constraints: arch=i386
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:precise/dummy-0
+application customized deployed (charm cs:precise/dummy-0 with the series "precise" defined by the bundle)
+added charm cs:xenial/wordpress-42
+application wordpress deployed (charm cs:xenial/wordpress-42 with the series "xenial" defined by the bundle)
+added customized/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:precise/dummy-0", "cs:xenial/wordpress-42")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"customized": {
+			charm:       "cs:precise/dummy-0",
+			constraints: constraints.MustParse("arch=i386"),
+		},
+		"wordpress": {
+			charm:       "cs:xenial/wordpress-42",
+			constraints: constraints.MustParse("mem=4G cpu-cores=2"),
+		},
+	})
+	s.assertUnitsCreated(c, map[string]string{
+		"customized/0": "0",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleApplicationUpgrade(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
+	testcharms.UploadCharm(c, s.client, "vivid/upgrade-1", "upgrade1")
+	testcharms.UploadCharm(c, s.client, "vivid/upgrade-2", "upgrade2")
+
+	// First deploy the bundle.
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: wordpress
+                num_units: 1
+                options:
+                    blog-title: these are the voyages
+                constraints: spaces=final,frontiers mem=8000M
+            up:
+                charm: vivid/upgrade-1
+                num_units: 1
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:vivid/upgrade-1
+application up deployed (charm cs:vivid/upgrade-1 with the series "vivid" defined by the bundle)
+added charm cs:xenial/wordpress-42
+application wordpress deployed (charm cs:xenial/wordpress-42 with the series "xenial" defined by the bundle)
+added up/0 unit to new machine
+added wordpress/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:vivid/upgrade-1", "cs:xenial/wordpress-42")
+
+	// Then deploy a new bundle with modified charm revision and options.
+	output, err = s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: wordpress
+                num_units: 1
+                options:
+                    blog-title: new title
+                constraints: spaces=new cpu-cores=8
+            up:
+                charm: vivid/upgrade-2
+                num_units: 1
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput = `
+added charm cs:vivid/upgrade-2
+upgraded charm for existing application up (from cs:vivid/upgrade-1 to cs:vivid/upgrade-2)
+added charm cs:xenial/wordpress-42
+reusing application wordpress (charm: cs:xenial/wordpress-42)
+configuration updated for application wordpress
+constraints applied for application wordpress
+avoid adding new units to application up: 1 unit already present
+avoid adding new units to application wordpress: 1 unit already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:vivid/upgrade-1", "cs:vivid/upgrade-2", "cs:xenial/wordpress-42")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"up": {charm: "cs:vivid/upgrade-2"},
+		"wordpress": {
+			charm:       "cs:xenial/wordpress-42",
+			config:      charm.Settings{"blog-title": "new title"},
+			constraints: constraints.MustParse("spaces=new cpu-cores=8"),
+		},
+	})
+	s.assertUnitsCreated(c, map[string]string{
+		"up/0":        "0",
+		"wordpress/0": "1",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleExpose(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
+	content := `
+        applications:
+            wordpress:
+                charm: wordpress
+                num_units: 1
+                expose: true
+    `
+	expectedApplications := map[string]serviceInfo{
+		"wordpress": {
+			charm:   "cs:xenial/wordpress-42",
+			exposed: true,
+		},
+	}
+
+	// First deploy the bundle.
+	output, err := s.DeployBundleYAML(c, content)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/wordpress-42
+application wordpress deployed (charm cs:xenial/wordpress-42 with the series "xenial" defined by the bundle)
+application wordpress exposed
+added wordpress/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertApplicationsDeployed(c, expectedApplications)
+
+	// Then deploy the same bundle again: no error is produced when the application
+	// is exposed again.
+	output, err = s.DeployBundleYAML(c, content)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput = `
+added charm cs:xenial/wordpress-42
+reusing application wordpress (charm: cs:xenial/wordpress-42)
+application wordpress exposed
+avoid adding new units to application wordpress: 1 unit already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertApplicationsDeployed(c, expectedApplications)
+
+	// Then deploy a bundle with the application unexposed, and check that the
+	// application is not unexposed.
+	output, err = s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: wordpress
+                num_units: 1
+                expose: false
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput = `
+added charm cs:xenial/wordpress-42
+reusing application wordpress (charm: cs:xenial/wordpress-42)
+avoid adding new units to application wordpress: 1 unit already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertApplicationsDeployed(c, expectedApplications)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleApplicationUpgradeFailure(c *gc.C) {
+	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+
+	// Try upgrading to a different charm name.
+	testcharms.UploadCharm(c, s.client, "xenial/incompatible-42", "wordpress")
+	_, err := s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: xenial/incompatible-42
+                num_units: 1
+    `)
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot upgrade application "wordpress": bundle charm "cs:xenial/incompatible-42" is incompatible with existing charm "local:quantal/wordpress-3"`)
+
+	// Try upgrading to a different series.
+	// Note that this test comes before the next one because
+	// otherwise we can't resolve the charm URL because the charm's
+	// "base entity" is not marked as promulgated so the query by
+	// promulgated will find it.
+	testcharms.UploadCharm(c, s.client, "vivid/wordpress-42", "wordpress")
+	_, err = s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: vivid/wordpress
+                num_units: 1
+    `)
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot upgrade application "wordpress": bundle charm "cs:vivid/wordpress-42" is incompatible with existing charm "local:quantal/wordpress-3"`)
+
+	// Try upgrading to a different user.
+	testcharms.UploadCharm(c, s.client, "~who/xenial/wordpress-42", "wordpress")
+	_, err = s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: cs:~who/xenial/wordpress-42
+                num_units: 1
+    `)
+	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot upgrade application "wordpress": bundle charm "cs:~who/xenial/wordpress-42" is incompatible with existing charm "local:quantal/wordpress-3"`)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleMultipleRelations(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-1", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/postgres-2", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/varnish-3", "varnish")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            wp:
+                charm: wordpress
+                num_units: 1
+            mysql:
+                charm: mysql
+                num_units: 1
+            pgres:
+                charm: xenial/postgres-2
+                num_units: 1
+            varnish:
+                charm: xenial/varnish
+                num_units: 1
+        relations:
+            - ["wp:db", "mysql:server"]
+            - ["wp:db", "pgres:server"]
+            - ["varnish:webcache", "wp:cache"]
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/mysql-1
+application mysql deployed (charm cs:xenial/mysql-1 with the series "xenial" defined by the bundle)
+added charm cs:xenial/postgres-2
+application pgres deployed (charm cs:xenial/postgres-2 with the series "xenial" defined by the bundle)
+added charm cs:xenial/varnish-3
+application varnish deployed (charm cs:xenial/varnish-3 with the series "xenial" defined by the bundle)
+added charm cs:xenial/wordpress-0
+application wp deployed (charm cs:xenial/wordpress-0 with the series "xenial" defined by the bundle)
+related wp:db and mysql:server
+related wp:db and pgres:server
+related varnish:webcache and wp:cache
+added mysql/0 unit to new machine
+added pgres/0 unit to new machine
+added varnish/0 unit to new machine
+added wp/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertRelationsEstablished(c, "wp:db mysql:server", "wp:db pgres:server", "wp:cache varnish:webcache")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":   "0",
+		"pgres/0":   "1",
+		"varnish/0": "2",
+		"wp/0":      "3",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleNewRelations(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-1", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/postgres-2", "mysql")
+	testcharms.UploadCharm(c, s.client, "xenial/varnish-3", "varnish")
+	_, err := s.DeployBundleYAML(c, `
+        applications:
+            wp:
+                charm: wordpress
+                num_units: 1
+            mysql:
+                charm: mysql
+                num_units: 1
+            varnish:
+                charm: xenial/varnish
+                num_units: 1
+        relations:
+            - ["wp:db", "mysql:server"]
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            wp:
+                charm: wordpress
+                num_units: 1
+            mysql:
+                charm: mysql
+                num_units: 1
+            varnish:
+                charm: xenial/varnish
+                num_units: 1
+        relations:
+            - ["wp:db", "mysql:server"]
+            - ["varnish:webcache", "wp:cache"]
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/mysql-1
+reusing application mysql (charm: cs:xenial/mysql-1)
+added charm cs:xenial/varnish-3
+reusing application varnish (charm: cs:xenial/varnish-3)
+added charm cs:xenial/wordpress-0
+reusing application wp (charm: cs:xenial/wordpress-0)
+wp:db and mysql:server are already related
+related varnish:webcache and wp:cache
+avoid adding new units to application mysql: 1 unit already present
+avoid adding new units to application varnish: 1 unit already present
+avoid adding new units to application wp: 1 unit already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertRelationsEstablished(c, "wp:db mysql:server", "wp:cache varnish:webcache")
+	s.assertUnitsCreated(c, map[string]string{
+		"mysql/0":   "0",
+		"varnish/0": "1",
+		"wp/0":      "2",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleMachinesUnitsPlacement(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
+	testcharms.UploadCharm(c, s.client, "xenial/mysql-2", "mysql")
+
+	content := `
+        applications:
+            wp:
+                charm: cs:xenial/wordpress-0
+                num_units: 2
+                to:
+                    - 1
+                    - lxd:2
+                options:
+                    blog-title: these are the voyages
+            sql:
+                charm: cs:xenial/mysql
+                num_units: 2
+                to:
+                    - lxd:wp/0
+                    - new
+        machines:
+            1:
+                series: xenial
+            2:
+    `
+	output, err := s.DeployBundleYAML(c, content)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/mysql-2
+application sql deployed (charm cs:xenial/mysql-2 with the series "xenial" defined by the bundle)
+added charm cs:xenial/wordpress-0
+application wp deployed (charm cs:xenial/wordpress-0 with the series "xenial" defined by the bundle)
+created new machine 0 for holding wp unit
+created new machine 1 for holding wp unit
+added wp/0 unit to machine 0
+created 0/lxd/0 container in machine 0 for holding sql unit
+created new machine 2 for holding sql unit
+created 1/lxd/0 container in machine 1 for holding wp unit
+added sql/0 unit to machine 0/lxd/0
+added sql/1 unit to machine 2
+added wp/1 unit to machine 1/lxd/0
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"sql": {charm: "cs:xenial/mysql-2"},
+		"wp": {
+			charm:  "cs:xenial/wordpress-0",
+			config: charm.Settings{"blog-title": "these are the voyages"},
+		},
+	})
+	s.assertRelationsEstablished(c)
+
+	// We explicitly pull out the map creation in the call to
+	// s.assertUnitsCreated() and create the map as a new variable
+	// because this /appears/ to tickle a bug on ppc64le using
+	// gccgo-4.9; the bug is that the map on the receiving side
+	// does not have the same contents as it does here - which is
+	// weird because that pattern is used elsewhere in this
+	// function. And just pulling the map instantiation out of the
+	// call is not enough; we need to do something benign with the
+	// variable to keep a reference beyond the call to the
+	// s.assertUnitsCreated(). I have to chosen to delete a
+	// non-existent key. This problem does not occur on amd64
+	// using gc or gccgo-4.9. Nor does it happen using go1.6 on
+	// ppc64. Once we switch to go1.6 across the board this change
+	// should be reverted. See http://pad.lv/1556116.
+	expectedUnits := map[string]string{
+		"sql/0": "0/lxd/0",
+		"sql/1": "2",
+		"wp/0":  "0",
+		"wp/1":  "1/lxd/0",
+	}
+	s.assertUnitsCreated(c, expectedUnits)
+	delete(expectedUnits, "non-existent")
+
+	// Redeploy the same bundle again.
+	output, err = s.DeployBundleYAML(c, content)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput = `
+added charm cs:xenial/mysql-2
+reusing application sql (charm: cs:xenial/mysql-2)
+added charm cs:xenial/wordpress-0
+reusing application wp (charm: cs:xenial/wordpress-0)
+configuration updated for application wp
+avoid creating other machines to host wp units
+avoid adding new units to application wp: 2 units already present
+avoid creating other machines to host sql units
+avoid adding new units to application sql: 2 units already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertUnitsCreated(c, map[string]string{
+		"sql/0": "0/lxd/0",
+		"sql/1": "2",
+		"wp/0":  "0",
+		"wp/1":  "1/lxd/0",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestLXCTreatedAsLXD(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
+
+	// Note that we use lxc here, to represent a 1.x bundle that specifies lxc.
+	content := `
+        applications:
+            wp:
+                charm: cs:xenial/wordpress-0
+                num_units: 1
+                to:
+                    - lxc:0
+                options:
+                    blog-title: these are the voyages
+            wp2:
+                charm: cs:xenial/wordpress-0
+                num_units: 1
+                to:
+                    - lxc:0
+                options:
+                    blog-title: these are the voyages
+        machines:
+            0:
+                series: xenial
+    `
+	output, err := s.DeployBundleYAML(c, content)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedUnits := map[string]string{
+		"wp/0":  "0/lxd/0",
+		"wp2/0": "0/lxd/1",
+	}
+	idx := strings.Index(output, "Bundle has one or more containers specified as lxc. lxc containers are deprecated in Juju 2.0. lxd containers will be deployed instead.")
+	lastIdx := strings.LastIndex(output, "Bundle has one or more containers specified as lxc. lxc containers are deprecated in Juju 2.0. lxd containers will be deployed instead.")
+	// The message exists.
+	c.Assert(idx, jc.GreaterThan, -1)
+	// No more than one instance of the message was printed.
+	c.Assert(idx, gc.Equals, lastIdx)
+	s.assertUnitsCreated(c, expectedUnits)
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleMachineAttributes(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: cs:xenial/django-42
+                num_units: 2
+                to:
+                    - 1
+                    - new
+        machines:
+            1:
+                series: xenial
+                constraints: "cpu-cores=4 mem=4G"
+                annotations:
+                    foo: bar
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/django-42
+application django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
+created new machine 0 for holding django unit
+annotations set for machine 0
+added django/0 unit to machine 0
+created new machine 1 for holding django unit
+added django/1 unit to machine 1
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"django": {charm: "cs:xenial/django-42"},
+	})
+	s.assertRelationsEstablished(c)
+	s.assertUnitsCreated(c, map[string]string{
+		"django/0": "0",
+		"django/1": "1",
+	})
+	m, err := s.State.Machine("0")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(m.Series(), gc.Equals, "xenial")
+	cons, err := m.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	expectedCons, err := constraints.Parse("cpu-cores=4 mem=4G")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cons, jc.DeepEquals, expectedCons)
+	ann, err := s.State.Annotations(m)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ann, jc.DeepEquals, map[string]string{"foo": "bar"})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleTwiceScaleUp(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
+	_, err := s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: cs:xenial/django-42
+                num_units: 2
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: cs:xenial/django-42
+                num_units: 5
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/django-42
+reusing application django (charm: cs:xenial/django-42)
+added django/2 unit to new machine
+added django/3 unit to new machine
+added django/4 unit to new machine
+avoid adding new units to application django: 5 units already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertUnitsCreated(c, map[string]string{
+		"django/0": "0",
+		"django/1": "1",
+		"django/2": "2",
+		"django/3": "3",
+		"django/4": "4",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleUnitPlacedInApplication(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
+	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            wordpress:
+                charm: wordpress
+                num_units: 3
+            django:
+                charm: cs:xenial/django-42
+                num_units: 2
+                to: [wordpress]
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/django-42
+application django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
+added charm cs:xenial/wordpress-0
+application wordpress deployed (charm cs:xenial/wordpress-0 with the series "xenial" defined by the bundle)
+added wordpress/0 unit to new machine
+added wordpress/1 unit to new machine
+added wordpress/2 unit to new machine
+added django/0 unit to machine 0
+added django/1 unit to machine 1
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertUnitsCreated(c, map[string]string{
+		"django/0":    "0",
+		"django/1":    "1",
+		"wordpress/0": "0",
+		"wordpress/1": "1",
+		"wordpress/2": "2",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleUnitColocationWithUnit(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
+	testcharms.UploadCharm(c, s.client, "xenial/mem-47", "dummy")
+	testcharms.UploadCharm(c, s.client, "xenial/rails-0", "dummy")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            memcached:
+                charm: cs:xenial/mem-47
+                num_units: 3
+                to: [1, new]
+            django:
+                charm: cs:xenial/django-42
+                num_units: 5
+                to:
+                    - memcached/0
+                    - lxd:memcached/1
+                    - lxd:memcached/2
+                    - kvm:ror
+            ror:
+                charm: rails
+                num_units: 2
+                to:
+                    - new
+                    - 1
+        machines:
+            1:
+                series: xenial
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/django-42
+application django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
+added charm cs:xenial/mem-47
+application memcached deployed (charm cs:xenial/mem-47 with the series "xenial" defined by the bundle)
+added charm cs:xenial/rails-0
+application ror deployed (charm cs:xenial/rails-0 with the series "xenial" defined by the bundle)
+created new machine 0 for holding memcached and ror units
+added memcached/0 unit to machine 0
+added ror/0 unit to machine 0
+created 0/kvm/0 container in machine 0 for holding django unit
+created new machine 1 for holding memcached unit
+created new machine 2 for holding memcached unit
+created new machine 3 for holding ror unit
+added django/0 unit to machine 0
+added django/1 unit to machine 0/kvm/0
+added memcached/1 unit to machine 1
+added memcached/2 unit to machine 2
+added ror/1 unit to machine 3
+created 1/lxd/0 container in machine 1 for holding django unit
+created 2/lxd/0 container in machine 2 for holding django unit
+created 3/kvm/0 container in machine 3 for holding django unit
+added django/2 unit to machine 1/lxd/0
+added django/3 unit to machine 2/lxd/0
+added django/4 unit to machine 3/kvm/0
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertUnitsCreated(c, map[string]string{
+		"django/0":    "0",
+		"django/1":    "0/kvm/0",
+		"django/2":    "1/lxd/0",
+		"django/3":    "2/lxd/0",
+		"django/4":    "3/kvm/0",
+		"memcached/0": "0",
+		"memcached/1": "1",
+		"memcached/2": "2",
+		"ror/0":       "0",
+		"ror/1":       "3",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleUnitPlacedToMachines(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: cs:django
+                num_units: 7
+                to:
+                    - new
+                    - 4
+                    - kvm:8
+                    - lxd:4
+                    - lxd:4
+                    - lxd:new
+        machines:
+            4:
+            8:
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/django-42
+application django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
+created new machine 0 for holding django unit
+created new machine 1 for holding django unit
+added django/0 unit to machine 0
+created new machine 2 for holding django unit
+created 1/kvm/0 container in machine 1 for holding django unit
+created 0/lxd/0 container in machine 0 for holding django unit
+created 0/lxd/1 container in machine 0 for holding django unit
+created 3/lxd/0 container in new machine for holding django unit
+created 4/lxd/0 container in new machine for holding django unit
+added django/1 unit to machine 2
+added django/2 unit to machine 1/kvm/0
+added django/3 unit to machine 0/lxd/0
+added django/4 unit to machine 0/lxd/1
+added django/5 unit to machine 3/lxd/0
+added django/6 unit to machine 4/lxd/0
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertUnitsCreated(c, map[string]string{
+		"django/0": "0",       // Machine "4" in the bundle.
+		"django/1": "2",       // Machine "new" in the bundle.
+		"django/2": "1/kvm/0", // The KVM container in bundle machine "8".
+		"django/3": "0/lxd/0", // First lxd container in bundle machine "4".
+		"django/4": "0/lxd/1", // Second lxd container in bundle machine "4".
+		"django/5": "3/lxd/0", // First lxd in new machine.
+		"django/6": "4/lxd/0", // Second lxd in new machine.
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleMassiveUnitColocation(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
+	testcharms.UploadCharm(c, s.client, "xenial/mem-47", "dummy")
+	testcharms.UploadCharm(c, s.client, "xenial/rails-0", "dummy")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            memcached:
+                charm: cs:xenial/mem-47
+                num_units: 3
+                to: [1, 2, 3]
+            django:
+                charm: cs:xenial/django-42
+                num_units: 4
+                to:
+                    - 1
+                    - lxd:memcached
+            ror:
+                charm: rails
+                num_units: 3
+                to:
+                    - 1
+                    - kvm:3
+        machines:
+            1:
+            2:
+            3:
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/django-42
+application django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
+added charm cs:xenial/mem-47
+application memcached deployed (charm cs:xenial/mem-47 with the series "xenial" defined by the bundle)
+added charm cs:xenial/rails-0
+application ror deployed (charm cs:xenial/rails-0 with the series "xenial" defined by the bundle)
+created new machine 0 for holding django, memcached and ror units
+created new machine 1 for holding memcached unit
+created new machine 2 for holding memcached and ror units
+added django/0 unit to machine 0
+added memcached/0 unit to machine 0
+added memcached/1 unit to machine 1
+added memcached/2 unit to machine 2
+added ror/0 unit to machine 0
+created 0/lxd/0 container in machine 0 for holding django unit
+created 1/lxd/0 container in machine 1 for holding django unit
+created 2/lxd/0 container in machine 2 for holding django unit
+created 2/kvm/0 container in machine 2 for holding ror unit
+created 2/kvm/1 container in machine 2 for holding ror unit
+added django/1 unit to machine 0/lxd/0
+added django/2 unit to machine 1/lxd/0
+added django/3 unit to machine 2/lxd/0
+added ror/1 unit to machine 2/kvm/0
+added ror/2 unit to machine 2/kvm/1
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertUnitsCreated(c, map[string]string{
+		"django/0":    "0",
+		"django/1":    "0/lxd/0",
+		"django/2":    "1/lxd/0",
+		"django/3":    "2/lxd/0",
+		"memcached/0": "0",
+		"memcached/1": "1",
+		"memcached/2": "2",
+		"ror/0":       "0",
+		"ror/1":       "2/kvm/0",
+		"ror/2":       "2/kvm/1",
+	})
+
+	// Redeploy a very similar bundle with another application unit. The new unit
+	// is placed on machine 1 because that's the least crowded machine.
+	content := `
+        applications:
+            memcached:
+                charm: cs:xenial/mem-47
+                num_units: 3
+                to: [1, 2, 3]
+            django:
+                charm: cs:xenial/django-42
+                num_units: 4
+                to:
+                    - 1
+                    - lxd:memcached
+            node:
+                charm: cs:xenial/django-42
+                num_units: 1
+                to:
+                    - lxd:memcached
+        machines:
+            1:
+            2:
+            3:
+    `
+	output, err = s.DeployBundleYAML(c, content)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput = `
+added charm cs:xenial/django-42
+reusing application django (charm: cs:xenial/django-42)
+added charm cs:xenial/mem-47
+reusing application memcached (charm: cs:xenial/mem-47)
+application node deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
+avoid creating other machines to host django and memcached units
+avoid adding new units to application django: 4 units already present
+avoid adding new units to application memcached: 3 units already present
+created 1/lxd/1 container in machine 1 for holding node unit
+added node/0 unit to machine 1/lxd/1
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+
+	// Redeploy the same bundle again and check that nothing happens.
+	output, err = s.DeployBundleYAML(c, content)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput = `
+added charm cs:xenial/django-42
+reusing application django (charm: cs:xenial/django-42)
+added charm cs:xenial/mem-47
+reusing application memcached (charm: cs:xenial/mem-47)
+reusing application node (charm: cs:xenial/django-42)
+avoid creating other machines to host django and memcached units
+avoid adding new units to application django: 4 units already present
+avoid adding new units to application memcached: 3 units already present
+avoid creating other machines to host node units
+avoid adding new units to application node: 1 unit already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertUnitsCreated(c, map[string]string{
+		"django/0":    "0",
+		"django/1":    "0/lxd/0",
+		"django/2":    "1/lxd/0",
+		"django/3":    "2/lxd/0",
+		"memcached/0": "0",
+		"memcached/1": "1",
+		"memcached/2": "2",
+		"node/0":      "1/lxd/1",
+		"ror/0":       "0",
+		"ror/1":       "2/kvm/0",
+		"ror/2":       "2/kvm/1",
+	})
+}
+
+func (s *BundleDeployCharmStoreSuite) TestDeployBundleAnnotations(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
+	testcharms.UploadCharm(c, s.client, "xenial/mem-47", "dummy")
+	output, err := s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: cs:django
+                num_units: 1
+                annotations:
+                    key1: value1
+                    key2: value2
+                to: [1]
+            memcached:
+                charm: xenial/mem-47
+                num_units: 1
+        machines:
+            1:
+                annotations: {foo: bar}
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+added charm cs:xenial/django-42
+application django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
+annotations set for application django
+added charm cs:xenial/mem-47
+application memcached deployed (charm cs:xenial/mem-47 with the series "xenial" defined by the bundle)
+created new machine 0 for holding django unit
+annotations set for machine 0
+added django/0 unit to machine 0
+added memcached/0 unit to new machine
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	svc, err := s.State.Application("django")
+	c.Assert(err, jc.ErrorIsNil)
+	ann, err := s.State.Annotations(svc)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ann, jc.DeepEquals, map[string]string{
+		"key1": "value1",
+		"key2": "value2",
+	})
+	m, err := s.State.Machine("0")
+	c.Assert(err, jc.ErrorIsNil)
+	ann, err = s.State.Annotations(m)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ann, jc.DeepEquals, map[string]string{"foo": "bar"})
+
+	// Update the annotations and deploy the bundle again.
+	output, err = s.DeployBundleYAML(c, `
+        applications:
+            django:
+                charm: cs:django
+                num_units: 1
+                annotations:
+                    key1: new value!
+                    key2: value2
+                to: [1]
+        machines:
+            1:
+                annotations: {answer: 42}
+    `)
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput = `
+added charm cs:xenial/django-42
+reusing application django (charm: cs:xenial/django-42)
+annotations set for application django
+avoid creating other machines to host django units
+annotations set for machine 0
+avoid adding new units to application django: 1 unit already present
+deployment of bundle "local:bundle/example-0" completed`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	ann, err = s.State.Annotations(svc)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ann, jc.DeepEquals, map[string]string{
+		"key1": "new value!",
+		"key2": "value2",
+	})
+	ann, err = s.State.Annotations(m)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ann, jc.DeepEquals, map[string]string{
+		"foo":    "bar",
+		"answer": "42",
+	})
+}
+
+type mockAllWatcher struct {
+	next func() []multiwatcher.Delta
+}
+
+func (w mockAllWatcher) Next() ([]multiwatcher.Delta, error) {
+	return w.next(), nil
+}
+
+func (mockAllWatcher) Stop() error {
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/cmd_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/cmd_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/cmd_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/cmd_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,147 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"os"
+
+	"github.com/juju/cmd"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/jujuclient"
+	"github.com/juju/juju/jujuclient/jujuclienttesting"
+	coretesting "github.com/juju/juju/testing"
+)
+
+type CmdSuite struct {
+	coretesting.FakeJujuXDGDataHomeSuite
+	ControllerStore *jujuclienttesting.MemStore
+}
+
+var _ = gc.Suite(&CmdSuite{})
+
+func (s *CmdSuite) SetUpTest(c *gc.C) {
+	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
+	s.ControllerStore = jujuclienttesting.NewMemStore()
+}
+
+var deployTests = []struct {
+	args []string
+	com  *DeployCommand
+}{
+	{
+		[]string{"charm-name"},
+		&DeployCommand{},
+	}, {
+		[]string{"charm-name", "application-name"},
+		&DeployCommand{ApplicationName: "application-name"},
+	}, {
+		[]string{"--num-units", "33", "charm-name"},
+		&DeployCommand{UnitCommandBase: UnitCommandBase{NumUnits: 33}},
+	}, {
+		[]string{"-n", "104", "charm-name"},
+		&DeployCommand{UnitCommandBase: UnitCommandBase{NumUnits: 104}},
+	},
+}
+
+func initExpectations(com *DeployCommand, store jujuclient.ClientStore) {
+	if com.CharmOrBundle == "" {
+		com.CharmOrBundle = "charm-name"
+	}
+	if com.NumUnits == 0 {
+		com.NumUnits = 1
+	}
+	com.SetClientStore(store)
+	com.SetModelName("controller")
+}
+
+func initDeployCommand(store jujuclient.ClientStore, args ...string) (*DeployCommand, error) {
+	com := &DeployCommand{}
+	com.SetClientStore(store)
+	return com, coretesting.InitCommand(modelcmd.Wrap(com), args)
+}
+
+func (s *CmdSuite) TestDeployCommandInit(c *gc.C) {
+	for i, t := range deployTests {
+		c.Logf("\ntest %d: args %q", i, t.args)
+		initExpectations(t.com, s.ControllerStore)
+		com, err := initDeployCommand(s.ControllerStore, t.args...)
+		// Testing that the flag set is populated is good enough for the scope
+		// of this test.
+		c.Assert(com.flagSet, gc.NotNil)
+		com.flagSet = nil
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(com, jc.DeepEquals, t.com)
+	}
+
+	// test relative --config path
+	ctx := coretesting.Context(c)
+	expected := []byte("test: data")
+	path := ctx.AbsPath("testconfig.yaml")
+	file, err := os.Create(path)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = file.Write(expected)
+	c.Assert(err, jc.ErrorIsNil)
+	file.Close()
+
+	com, err := initDeployCommand(s.ControllerStore, "--config", "testconfig.yaml", "charm-name")
+	c.Assert(err, jc.ErrorIsNil)
+	actual, err := com.Config.Read(ctx)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(expected, gc.DeepEquals, actual)
+
+	// missing args
+	_, err = initDeployCommand(s.ControllerStore)
+	c.Assert(err, gc.ErrorMatches, "no charm or bundle specified")
+
+	// bad unit count
+	_, err = initDeployCommand(s.ControllerStore, "charm-name", "--num-units", "0")
+	c.Assert(err, gc.ErrorMatches, "--num-units must be a positive integer")
+	_, err = initDeployCommand(s.ControllerStore, "charm-name", "-n", "0")
+	c.Assert(err, gc.ErrorMatches, "--num-units must be a positive integer")
+
+	// environment tested elsewhere
+}
+
+func initExposeCommand(args ...string) (*exposeCommand, error) {
+	com := &exposeCommand{}
+	return com, coretesting.InitCommand(modelcmd.Wrap(com), args)
+}
+
+func (*CmdSuite) TestExposeCommandInit(c *gc.C) {
+	// missing args
+	_, err := initExposeCommand()
+	c.Assert(err, gc.ErrorMatches, "no application name specified")
+
+	// environment tested elsewhere
+}
+
+func initUnexposeCommand(args ...string) (*unexposeCommand, error) {
+	com := &unexposeCommand{}
+	return com, coretesting.InitCommand(modelcmd.Wrap(com), args)
+}
+
+func (*CmdSuite) TestUnexposeCommandInit(c *gc.C) {
+	// missing args
+	_, err := initUnexposeCommand()
+	c.Assert(err, gc.ErrorMatches, "no application name specified")
+
+	// environment tested elsewhere
+}
+
+func initRemoveUnitCommand(args ...string) (cmd.Command, error) {
+	com := NewRemoveUnitCommand()
+	return com, coretesting.InitCommand(com, args)
+}
+
+func (*CmdSuite) TestRemoveUnitCommandInit(c *gc.C) {
+	// missing args
+	_, err := initRemoveUnitCommand()
+	c.Assert(err, gc.ErrorMatches, "no units specified")
+	// not a unit
+	_, err = initRemoveUnitCommand("seven/nine")
+	c.Assert(err, gc.ErrorMatches, `invalid unit name "seven/nine"`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/constraints.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/constraints.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/constraints.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/constraints.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,191 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/constraints"
+)
+
+var usageGetConstraintsSummary = `
+Displays machine constraints for an application.`[1:]
+
+var usageGetConstraintsDetails = `
+Shows machine constraints that have been set for an application with ` + "`juju set-\nconstraints`" + `.
+By default, the model is the current model.
+Application constraints are combined with model constraints, set with ` +
+	"`juju \nset-model-constraints`" + `, for commands (such as 'deploy') that provision
+machines for applications. Where model and application constraints overlap, the
+application constraints take precedence.
+Constraints for a specific model can be viewed with ` + "`juju get-model-\nconstraints`" + `.
+
+Examples:
+    juju get-constraints mysql
+    juju get-constraints -m mymodel apache2
+
+See also: 
+    set-constraints
+    get-model-constraints
+    set-model-constraints`
+
+var usageSetConstraintsSummary = `
+Sets machine constraints for an application.`[1:]
+
+// setConstraintsDoc is multi-line since we need to use ` to denote
+// commands for ease in markdown.
+var usageSetConstraintsDetails = `
+Sets constraints for an application, which are used for all new machines 
+provisioned for that application. They can be viewed with `[1:] + "`juju get-\nconstraints`" + `.
+By default, the model is the current model.
+Application constraints are combined with model constraints, set with ` +
+	"`juju \nset-model-constraints`" + `, for commands (such as 'juju deploy') that 
+provision machines for applications. Where model and application constraints
+overlap, the application constraints take precedence.
+Constraints for a specific model can be viewed with ` + "`juju get-model-\nconstraints`" + `.
+This command requires that the application to have at least one unit. To apply 
+constraints to
+the first unit set them at the model level or pass them as an argument
+when deploying.
+
+Examples:
+    juju set-constraints mysql mem=8G cpu-cores=4
+    juju set-constraints -m mymodel apache2 mem=8G arch=amd64
+
+See also: 
+    get-constraints
+    get-model-constraints
+    set-model-constraints`
+
+// NewServiceGetConstraintsCommand returns a command which gets application constraints.
+func NewServiceGetConstraintsCommand() cmd.Command {
+	return modelcmd.Wrap(&serviceGetConstraintsCommand{})
+}
+
+type serviceConstraintsAPI interface {
+	Close() error
+	GetConstraints(string) (constraints.Value, error)
+	SetConstraints(string, constraints.Value) error
+}
+
+type serviceConstraintsCommand struct {
+	modelcmd.ModelCommandBase
+	ApplicationName string
+	out             cmd.Output
+	api             serviceConstraintsAPI
+}
+
+func (c *serviceConstraintsCommand) getAPI() (serviceConstraintsAPI, error) {
+	if c.api != nil {
+		return c.api, nil
+	}
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+type serviceGetConstraintsCommand struct {
+	serviceConstraintsCommand
+}
+
+func (c *serviceGetConstraintsCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "get-constraints",
+		Args:    "<application>",
+		Purpose: usageGetConstraintsSummary,
+		Doc:     usageGetConstraintsDetails,
+	}
+}
+
+func formatConstraints(value interface{}) ([]byte, error) {
+	return []byte(value.(constraints.Value).String()), nil
+}
+
+func (c *serviceGetConstraintsCommand) SetFlags(f *gnuflag.FlagSet) {
+	c.out.AddFlags(f, "constraints", map[string]cmd.Formatter{
+		"constraints": formatConstraints,
+		"yaml":        cmd.FormatYaml,
+		"json":        cmd.FormatJson,
+	})
+}
+
+func (c *serviceGetConstraintsCommand) Init(args []string) error {
+	if len(args) == 0 {
+		return fmt.Errorf("no application name specified")
+	}
+	if !names.IsValidApplication(args[0]) {
+		return fmt.Errorf("invalid application name %q", args[0])
+	}
+
+	c.ApplicationName, args = args[0], args[1:]
+	return cmd.CheckEmpty(args)
+}
+
+func (c *serviceGetConstraintsCommand) Run(ctx *cmd.Context) error {
+	apiclient, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer apiclient.Close()
+
+	cons, err := apiclient.GetConstraints(c.ApplicationName)
+	if err != nil {
+		return err
+	}
+	return c.out.Write(ctx, cons)
+}
+
+type serviceSetConstraintsCommand struct {
+	serviceConstraintsCommand
+	Constraints constraints.Value
+}
+
+// NewServiceSetConstraintsCommand returns a command which sets application constraints.
+func NewServiceSetConstraintsCommand() cmd.Command {
+	return modelcmd.Wrap(&serviceSetConstraintsCommand{})
+}
+
+func (c *serviceSetConstraintsCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "set-constraints",
+		Args:    "<application> <constraint>=<value> ...",
+		Purpose: usageSetConstraintsSummary,
+		Doc:     usageSetConstraintsDetails,
+	}
+}
+
+func (c *serviceSetConstraintsCommand) Init(args []string) (err error) {
+	if len(args) == 0 {
+		return fmt.Errorf("no application name specified")
+	}
+	if !names.IsValidApplication(args[0]) {
+		return fmt.Errorf("invalid application name %q", args[0])
+	}
+
+	c.ApplicationName, args = args[0], args[1:]
+
+	c.Constraints, err = constraints.Parse(args...)
+	return err
+}
+
+func (c *serviceSetConstraintsCommand) Run(_ *cmd.Context) (err error) {
+	apiclient, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer apiclient.Close()
+
+	err = apiclient.SetConstraints(c.ApplicationName, c.Constraints)
+	return block.ProcessBlockedError(err, block.BlockChange)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/constraints_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/constraints_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/constraints_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/constraints_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,81 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/juju/application"
+	"github.com/juju/juju/testing"
+)
+
+type ServiceConstraintsCommandsSuite struct {
+	testing.FakeJujuXDGDataHomeSuite
+}
+
+var _ = gc.Suite(&ServiceConstraintsCommandsSuite{})
+
+func (s *ServiceConstraintsCommandsSuite) TestSetInit(c *gc.C) {
+	for _, test := range []struct {
+		args []string
+		err  string
+	}{
+		{
+			args: []string{"--application", "mysql", "mem=4G"},
+			err:  `flag provided but not defined: --application`,
+		}, {
+			args: []string{"-s", "mysql", "mem=4G"},
+			err:  `flag provided but not defined: -s`,
+		}, {
+			args: []string{},
+			err:  `no application name specified`,
+		}, {
+			args: []string{"mysql", "="},
+			err:  `malformed constraint "="`,
+		}, {
+			args: []string{"cpu-power=250"},
+			err:  `invalid application name "cpu-power=250"`,
+		}, {
+			args: []string{"mysql", "cpu-power=250"},
+		},
+	} {
+		err := testing.InitCommand(application.NewServiceSetConstraintsCommand(), test.args)
+		if test.err == "" {
+			c.Check(err, jc.ErrorIsNil)
+		} else {
+			c.Check(err, gc.ErrorMatches, test.err)
+		}
+	}
+}
+
+func (s *ServiceConstraintsCommandsSuite) TestGetInit(c *gc.C) {
+	for _, test := range []struct {
+		args []string
+		err  string
+	}{
+		{
+			args: []string{"-s", "mysql"},
+			err:  `flag provided but not defined: -s`,
+		}, {
+			args: []string{"--application", "mysql"},
+			err:  `flag provided but not defined: --application`,
+		}, {
+			args: []string{},
+			err:  `no application name specified`,
+		}, {
+			args: []string{"mysql-0"},
+			err:  `invalid application name "mysql-0"`,
+		}, {
+			args: []string{"mysql"},
+		},
+	} {
+		err := testing.InitCommand(application.NewServiceGetConstraintsCommand(), test.args)
+		if test.err == "" {
+			c.Check(err, jc.ErrorIsNil)
+		} else {
+			c.Check(err, gc.ErrorMatches, test.err)
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/deploy.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/deploy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/deploy.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/deploy.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,779 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"archive/zip"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"gopkg.in/juju/charm.v6-unstable"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+	"gopkg.in/macaroon.v1"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api"
+	apiannotations "github.com/juju/juju/api/annotations"
+	"github.com/juju/juju/api/application"
+	apicharms "github.com/juju/juju/api/charms"
+	"github.com/juju/juju/charmstore"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/instance"
+	"github.com/juju/juju/resource/resourceadapters"
+	"github.com/juju/juju/storage"
+)
+
+var planURL = "https://api.jujucharms.com/omnibus/v2"
+
+// NewDeployCommand returns a command to deploy services.
+func NewDeployCommand() cmd.Command {
+	return modelcmd.Wrap(&DeployCommand{
+		Steps: []DeployStep{
+			&RegisterMeteredCharm{
+				RegisterURL: planURL + "/plan/authorize",
+				QueryURL:    planURL + "/charm",
+			},
+		}})
+}
+
+type DeployCommand struct {
+	modelcmd.ModelCommandBase
+	UnitCommandBase
+	// CharmOrBundle is either a charm URL, a path where a charm can be found,
+	// or a bundle name.
+	CharmOrBundle string
+
+	// Channel holds the charmstore channel to use when obtaining
+	// the charm to be deployed.
+	Channel csclientparams.Channel
+
+	Series string
+
+	// Force is used to allow a charm to be deployed onto a machine
+	// running an unsupported series.
+	Force bool
+
+	ApplicationName string
+	Config          cmd.FileVar
+	Constraints     constraints.Value
+	BindToSpaces    string
+
+	// TODO(axw) move this to UnitCommandBase once we support --storage
+	// on add-unit too.
+	//
+	// Storage is a map of storage constraints, keyed on the storage name
+	// defined in charm storage metadata.
+	Storage map[string]storage.Constraints
+
+	// BundleStorage maps application names to maps of storage constraints keyed on
+	// the storage name defined in that application's charm storage metadata.
+	BundleStorage map[string]map[string]storage.Constraints
+
+	// Resources is a map of resource name to filename to be uploaded on deploy.
+	Resources map[string]string
+
+	Bindings map[string]string
+	Steps    []DeployStep
+
+	flagSet *gnuflag.FlagSet
+}
+
+const deployDoc = `
+<charm or bundle> can be a charm/bundle URL, or an unambiguously condensed
+form of it; assuming a current series of "trusty", the following forms will be
+accepted:
+
+For cs:trusty/mysql
+  mysql
+  trusty/mysql
+
+For cs:~user/trusty/mysql
+  ~user/mysql
+
+For cs:bundle/mediawiki-single
+  mediawiki-single
+  bundle/mediawiki-single
+
+The current series for charms is determined first by the 'default-series' model
+setting, followed by the preferred series for the charm in the charm store.
+
+In these cases, a versioned charm URL will be expanded as expected (for
+example, mysql-33 becomes cs:precise/mysql-33).
+
+Charms may also be deployed from a user specified path. In this case, the path
+to the charm is specified along with an optional series.
+
+  juju deploy /path/to/charm --series trusty
+
+If '--series' is not specified, the charm's default series is used. The default
+series for a charm is the first one specified in the charm metadata. If the
+specified series is not supported by the charm, this results in an error,
+unless '--force' is used.
+
+  juju deploy /path/to/charm --series wily --force
+
+Local bundles are specified with a direct path to a bundle.yaml file.
+For example:
+
+  juju deploy /path/to/bundle/openstack/bundle.yaml
+
+If an 'application name' is not provided, the application name used is the
+'charm or bundle' name.
+
+Constraints can be specified by specifying the '--constraints' option. If the
+application is later scaled out with ` + "`juju add-unit`" + `, provisioned machines
+will use the same constraints (unless changed by ` + "`juju set-constraints`" + `).
+
+Resources may be uploaded by specifying the '--resource' option followed by a
+name=filepath pair. This option may be repeated more than once to upload more
+than one resource.
+
+  juju deploy foo --resource bar=/some/file.tgz --resource baz=./docs/cfg.xml
+
+Where 'bar' and 'baz' are resources named in the metadata for the 'foo' charm.
+
+When using a placement directive to deploy to an existing machine or container
+('--to' option), the ` + "`juju status`" + ` command should be used for guidance. A few
+placement directives are provider-dependent (e.g.: 'zone').
+
+In more complex scenarios, Juju's network spaces are used to partition the
+cloud networking layer into sets of subnets. Instances hosting units inside the
+same space can communicate with each other without any firewalls. Traffic
+crossing space boundaries could be subject to firewall and access restrictions.
+Using spaces as deployment targets, rather than their individual subnets,
+allows Juju to perform automatic distribution of units across availability zones
+to support high availability for applications. Spaces help isolate applications
+and their units, both for security purposes and to manage both traffic
+segregation and congestion.
+
+When deploying an application or adding machines, the 'spaces' constraint can
+be used to define a comma-delimited list of required and forbidden spaces (the
+latter prefixed with "^", similar to the 'tags' constraint).
+
+
+Examples:
+    juju deploy mysql --to 23       (deploy to machine 23)
+    juju deploy mysql --to 24/lxd/3 (deploy to lxd container 3 on machine 24)
+    juju deploy mysql --to lxd:25   (deploy to a new lxd container on machine 25)
+    juju deploy mysql --to lxd      (deploy to a new lxd container on a new machine)
+
+    juju deploy mysql --to zone=us-east-1a
+    (provider-dependent; deploy to a specific AZ)
+
+    juju deploy mysql --to host.maas
+    (deploy to a specific MAAS node)
+
+    juju deploy mysql -n 5 --constraints mem=8G
+    (deploy 5 units to machines with at least 8 GB of memory)
+
+    juju deploy haproxy -n 2 --constraints spaces=dmz,^cms,^database
+    (deploy 2 units to machines that are part of the 'dmz' space but not of the
+    'cmd' or the 'database' spaces)
+
+See also:
+    spaces
+    constraints
+    add-unit
+    set-config
+    get-config
+    set-constraints
+    get-constraints
+`
+
+// DeployStep is an action that needs to be taken during charm deployment.
+type DeployStep interface {
+	// Set flags necessary for the deploy step.
+	SetFlags(*gnuflag.FlagSet)
+	// RunPre runs before the call is made to add the charm to the environment.
+	RunPre(api.Connection, *httpbakery.Client, *cmd.Context, DeploymentInfo) error
+	// RunPost runs after the call is made to add the charm to the environment.
+	// The error parameter is used to notify the step of a previously occurred error.
+	RunPost(api.Connection, *httpbakery.Client, *cmd.Context, DeploymentInfo, error) error
+}
+
+// DeploymentInfo is used to maintain all deployment information for
+// deployment steps.
+type DeploymentInfo struct {
+	CharmID         charmstore.CharmID
+	ApplicationName string
+	ModelUUID       string
+}
+
+func (c *DeployCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "deploy",
+		Args:    "<charm or bundle> [<application name>]",
+		Purpose: "Deploy a new application or bundle.",
+		Doc:     deployDoc,
+	}
+}
+
+var (
+	// charmOnlyFlags and bundleOnlyFlags are used to validate flags based on
+	// whether we are deploying a charm or a bundle.
+	charmOnlyFlags  = []string{"bind", "config", "constraints", "force", "n", "num-units", "series", "to", "resource"}
+	bundleOnlyFlags = []string{}
+)
+
+func (c *DeployCommand) SetFlags(f *gnuflag.FlagSet) {
+	// Keep above charmOnlyFlags and bundleOnlyFlags lists updated when adding
+	// new flags.
+	c.UnitCommandBase.SetFlags(f)
+	f.IntVar(&c.NumUnits, "n", 1, "Number of application units to deploy for principal charms")
+	f.StringVar((*string)(&c.Channel), "channel", "", "Channel to use when getting the charm or bundle from the charm store")
+	f.Var(&c.Config, "config", "Path to yaml-formatted application config")
+	f.Var(constraints.ConstraintsValue{Target: &c.Constraints}, "constraints", "Set application constraints")
+	f.StringVar(&c.Series, "series", "", "The series on which to deploy")
+	f.BoolVar(&c.Force, "force", false, "Allow a charm to be deployed to a machine running an unsupported series")
+	f.Var(storageFlag{&c.Storage, &c.BundleStorage}, "storage", "Charm storage constraints")
+	f.Var(stringMap{&c.Resources}, "resource", "Resource to be uploaded to the controller")
+	f.StringVar(&c.BindToSpaces, "bind", "", "Configure application endpoint bindings to spaces")
+
+	for _, step := range c.Steps {
+		step.SetFlags(f)
+	}
+	c.flagSet = f
+}
+
+func (c *DeployCommand) Init(args []string) error {
+	if c.Force && c.Series == "" && c.PlacementSpec == "" {
+		return errors.New("--force is only used with --series")
+	}
+	switch len(args) {
+	case 2:
+		if !names.IsValidApplication(args[1]) {
+			return fmt.Errorf("invalid application name %q", args[1])
+		}
+		c.ApplicationName = args[1]
+		fallthrough
+	case 1:
+		c.CharmOrBundle = args[0]
+	case 0:
+		return errors.New("no charm or bundle specified")
+	default:
+		return cmd.CheckEmpty(args[2:])
+	}
+	err := c.parseBind()
+	if err != nil {
+		return err
+	}
+	return c.UnitCommandBase.Init(args)
+}
+
+type ModelConfigGetter interface {
+	ModelGet() (map[string]interface{}, error)
+}
+
+var getClientConfig = func(client ModelConfigGetter) (*config.Config, error) {
+	// Separated into a variable for easy overrides
+	attrs, err := client.ModelGet()
+	if err != nil {
+		return nil, err
+	}
+
+	return config.New(config.NoDefaults, attrs)
+}
+
+func (c *DeployCommand) maybeReadLocalBundleData(ctx *cmd.Context) (
+	_ *charm.BundleData, bundleFile string, bundleFilePath string, _ error,
+) {
+	bundleFile = c.CharmOrBundle
+	bundleData, err := charmrepo.ReadBundleFile(bundleFile)
+	if err == nil {
+		// For local bundles, we extract the local path of
+		// the bundle directory.
+		bundleFilePath = filepath.Dir(ctx.AbsPath(bundleFile))
+	} else {
+		// We may have been given a local bundle archive or exploded directory.
+		if bundle, burl, pathErr := charmrepo.NewBundleAtPath(bundleFile); pathErr == nil {
+			bundleData = bundle.Data()
+			bundleFile = burl.String()
+			if info, err := os.Stat(bundleFile); err == nil && info.IsDir() {
+				bundleFilePath = bundleFile
+			}
+			err = nil
+		} else {
+			err = pathErr
+		}
+	}
+	return bundleData, bundleFile, bundleFilePath, err
+}
+
+func (c *DeployCommand) deployCharmOrBundle(ctx *cmd.Context, client *api.Client) error {
+	deployer := applicationDeployer{ctx, c}
+
+	// We may have been given a local bundle file.
+	bundleData, bundleIdent, bundleFilePath, err := c.maybeReadLocalBundleData(ctx)
+	// If the bundle files existed but we couldn't read them, then
+	// return that error rather than trying to interpret as a charm.
+	if err != nil {
+		if info, statErr := os.Stat(c.CharmOrBundle); statErr == nil {
+			if info.IsDir() {
+				if _, ok := err.(*charmrepo.NotFoundError); !ok {
+					return err
+				}
+			}
+		}
+	}
+
+	// If not a bundle then maybe a local charm.
+	if err != nil {
+		// Charm may have been supplied via a path reference.
+		ch, curl, charmErr := charmrepo.NewCharmAtPathForceSeries(c.CharmOrBundle, c.Series, c.Force)
+		if charmErr == nil {
+			if curl, charmErr = client.AddLocalCharm(curl, ch); charmErr != nil {
+				return charmErr
+			}
+			id := charmstore.CharmID{
+				URL: curl,
+				// Local charms don't need a channel.
+			}
+			var csMac *macaroon.Macaroon // local charms don't need one.
+			return c.deployCharm(deployCharmArgs{
+				id:       id,
+				csMac:    csMac,
+				series:   curl.Series,
+				ctx:      ctx,
+				client:   client,
+				deployer: &deployer,
+			})
+		}
+		// We check for several types of known error which indicate
+		// that the supplied reference was indeed a path but there was
+		// an issue reading the charm located there.
+		if charm.IsMissingSeriesError(charmErr) {
+			return charmErr
+		}
+		if charm.IsUnsupportedSeriesError(charmErr) {
+			return errors.Errorf("%v. Use --force to deploy the charm anyway.", charmErr)
+		}
+		if errors.Cause(charmErr) == zip.ErrFormat {
+			return errors.Errorf("invalid charm or bundle provided at %q", c.CharmOrBundle)
+		}
+		err = charmErr
+	}
+	if _, ok := err.(*charmrepo.NotFoundError); ok {
+		return errors.Errorf("no charm or bundle found at %q", c.CharmOrBundle)
+	}
+	// If we get a "not exists" error then we attempt to interpret the supplied
+	// charm or bundle reference as a URL below, otherwise we return the error.
+	if err != nil && err != os.ErrNotExist {
+		return err
+	}
+
+	conf, err := getClientConfig(client)
+	if err != nil {
+		return err
+	}
+
+	bakeryClient, err := c.BakeryClient()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	csClient := newCharmStoreClient(bakeryClient).WithChannel(c.Channel)
+
+	resolver := newCharmURLResolver(conf, csClient)
+
+	var storeCharmOrBundleURL *charm.URL
+	var store *charmrepo.CharmStore
+	var supportedSeries []string
+
+	var origURL *charm.URL
+
+	// If we don't already have a bundle loaded, we try the charm store for a charm or bundle.
+	if bundleData == nil {
+		origURL, err = charm.ParseURL(c.CharmOrBundle)
+		if err != nil {
+			return errors.Trace(err)
+		}
+		// Charm or bundle has been supplied as a URL so we resolve and deploy using the store.
+		storeCharmOrBundleURL, c.Channel, supportedSeries, store, err = resolver.resolve(origURL)
+		if charm.IsUnsupportedSeriesError(err) {
+			return errors.Errorf("%v. Use --force to deploy the charm anyway.", err)
+		}
+		if err != nil {
+			return errors.Trace(err)
+		}
+		if storeCharmOrBundleURL.Series == "bundle" {
+			// Load the bundle entity.
+			bundle, err := store.GetBundle(storeCharmOrBundleURL)
+			if err != nil {
+				return errors.Trace(err)
+			}
+			bundleData = bundle.Data()
+			bundleIdent = storeCharmOrBundleURL.String()
+		}
+	}
+	// Handle a bundle.
+	if bundleData != nil {
+		if flags := getFlags(c.flagSet, charmOnlyFlags); len(flags) > 0 {
+			return errors.Errorf("Flags provided but not supported when deploying a bundle: %s.", strings.Join(flags, ", "))
+		}
+		// TODO(ericsnow) Do something with the CS macaroons that were returned?
+		if _, err := deployBundle(
+			bundleFilePath, bundleData, c.Channel, client, &deployer, resolver, ctx, c.BundleStorage,
+		); err != nil {
+			return errors.Trace(err)
+		}
+		ctx.Infof("deployment of bundle %q completed", bundleIdent)
+		return nil
+	}
+	// Handle a charm.
+	if flags := getFlags(c.flagSet, bundleOnlyFlags); len(flags) > 0 {
+		return errors.Errorf("Flags provided but not supported when deploying a charm: %s.", strings.Join(flags, ", "))
+	}
+
+	selector := seriesSelector{
+		charmURLSeries:  origURL.Series,
+		seriesFlag:      c.Series,
+		supportedSeries: supportedSeries,
+		force:           c.Force,
+		conf:            conf,
+		fromBundle:      false,
+	}
+
+	// Get the series to use.
+	series, message, err := selector.charmSeries()
+	if charm.IsUnsupportedSeriesError(err) {
+		return errors.Errorf("%v. Use --force to deploy the charm anyway.", err)
+	}
+
+	// Store the charm in state.
+	curl, csMac, err := addCharmFromURL(client, storeCharmOrBundleURL, c.Channel, csClient)
+	if err != nil {
+		if err1, ok := errors.Cause(err).(*termsRequiredError); ok {
+			terms := strings.Join(err1.Terms, " ")
+			return errors.Errorf(`Declined: please agree to the following terms %s. Try: "juju agree %s"`, terms, terms)
+		}
+		return errors.Annotatef(err, "storing charm for URL %q", storeCharmOrBundleURL)
+	}
+	ctx.Infof("Added charm %q to the model.", curl)
+	ctx.Infof("Deploying charm %q %v.", curl, fmt.Sprintf(message, series))
+	id := charmstore.CharmID{
+		URL:     curl,
+		Channel: c.Channel,
+	}
+	return c.deployCharm(deployCharmArgs{
+		id:       id,
+		csMac:    csMac,
+		series:   series,
+		ctx:      ctx,
+		client:   client,
+		deployer: &deployer,
+	})
+}
+
+type deployCharmArgs struct {
+	id       charmstore.CharmID
+	csMac    *macaroon.Macaroon
+	series   string
+	ctx      *cmd.Context
+	client   *api.Client
+	deployer *applicationDeployer
+}
+
+func (c *DeployCommand) deployCharm(args deployCharmArgs) (rErr error) {
+	conn, err := c.NewAPIRoot()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	charmsClient := apicharms.NewClient(conn)
+	charmInfo, err := charmsClient.CharmInfo(args.id.URL.String())
+	if err != nil {
+		return err
+	}
+
+	numUnits := c.NumUnits
+	if charmInfo.Meta.Subordinate {
+		if !constraints.IsEmpty(&c.Constraints) {
+			return errors.New("cannot use --constraints with subordinate application")
+		}
+		if numUnits == 1 && c.PlacementSpec == "" {
+			numUnits = 0
+		} else {
+			return errors.New("cannot use --num-units or --to with subordinate application")
+		}
+	}
+	serviceName := c.ApplicationName
+	if serviceName == "" {
+		serviceName = charmInfo.Meta.Name
+	}
+
+	var configYAML []byte
+	if c.Config.Path != "" {
+		configYAML, err = c.Config.Read(args.ctx)
+		if err != nil {
+			return err
+		}
+	}
+
+	state, err := c.NewAPIRoot()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	bakeryClient, err := c.BakeryClient()
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	uuid, err := args.client.ModelUUID()
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	deployInfo := DeploymentInfo{
+		CharmID:         args.id,
+		ApplicationName: serviceName,
+		ModelUUID:       uuid,
+	}
+
+	for _, step := range c.Steps {
+		err = step.RunPre(state, bakeryClient, args.ctx, deployInfo)
+		if err != nil {
+			return err
+		}
+	}
+
+	defer func() {
+		for _, step := range c.Steps {
+			err = step.RunPost(state, bakeryClient, args.ctx, deployInfo, rErr)
+			if err != nil {
+				rErr = err
+			}
+		}
+	}()
+
+	if args.id.URL != nil && args.id.URL.Schema != "local" && len(charmInfo.Meta.Terms) > 0 {
+		args.ctx.Infof("Deployment under prior agreement to terms: %s",
+			strings.Join(charmInfo.Meta.Terms, " "))
+	}
+
+	ids, err := handleResources(c, c.Resources, serviceName, args.id, args.csMac, charmInfo.Meta.Resources)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	params := applicationDeployParams{
+		charmID:         args.id,
+		applicationName: serviceName,
+		series:          args.series,
+		numUnits:        numUnits,
+		configYAML:      string(configYAML),
+		constraints:     c.Constraints,
+		placement:       c.Placement,
+		storage:         c.Storage,
+		spaceBindings:   c.Bindings,
+		resources:       ids,
+	}
+	return args.deployer.applicationDeploy(params)
+}
+
+type APICmd interface {
+	NewAPIRoot() (api.Connection, error)
+}
+
+func handleResources(c APICmd, resources map[string]string, serviceName string, chID charmstore.CharmID, csMac *macaroon.Macaroon, metaResources map[string]charmresource.Meta) (map[string]string, error) {
+	if len(resources) == 0 && len(metaResources) == 0 {
+		return nil, nil
+	}
+
+	api, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	ids, err := resourceadapters.DeployResources(serviceName, chID, csMac, resources, metaResources, api)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	return ids, nil
+}
+
+const parseBindErrorPrefix = "--bind must be in the form '[<default-space>] [<endpoint-name>=<space> ...]'. "
+
+// parseBind parses the --bind option. Valid forms are:
+// * relation-name=space-name
+// * extra-binding-name=space-name
+// * space-name (equivalent to binding all endpoints to the same space, i.e. application-default)
+// * The above in a space separated list to specify multiple bindings,
+//   e.g. "rel1=space1 ext1=space2 space3"
+func (c *DeployCommand) parseBind() error {
+	bindings := make(map[string]string)
+	if c.BindToSpaces == "" {
+		return nil
+	}
+
+	for _, s := range strings.Split(c.BindToSpaces, " ") {
+		s = strings.TrimSpace(s)
+		if s == "" {
+			continue
+		}
+
+		v := strings.Split(s, "=")
+		var endpoint, space string
+		switch len(v) {
+		case 1:
+			endpoint = ""
+			space = v[0]
+		case 2:
+			if v[0] == "" {
+				return errors.New(parseBindErrorPrefix + "Found = without endpoint name. Use a lone space name to set the default.")
+			}
+			endpoint = v[0]
+			space = v[1]
+		default:
+			return errors.New(parseBindErrorPrefix + "Found multiple = in binding. Did you forget to space-separate the binding list?")
+		}
+
+		if !names.IsValidSpace(space) {
+			return errors.New(parseBindErrorPrefix + "Space name invalid.")
+		}
+		bindings[endpoint] = space
+	}
+	c.Bindings = bindings
+	return nil
+}
+
+type applicationDeployParams struct {
+	charmID         charmstore.CharmID
+	applicationName string
+	series          string
+	numUnits        int
+	configYAML      string
+	constraints     constraints.Value
+	placement       []*instance.Placement
+	storage         map[string]storage.Constraints
+	spaceBindings   map[string]string
+	resources       map[string]string
+}
+
+type applicationDeployer struct {
+	ctx *cmd.Context
+	api APICmd
+}
+
+func (d *applicationDeployer) newApplicationAPIClient() (*application.Client, error) {
+	root, err := d.api.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+func (d *applicationDeployer) newAnnotationsAPIClient() (*apiannotations.Client, error) {
+	root, err := d.api.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return apiannotations.NewClient(root), nil
+}
+
+func (d *applicationDeployer) newCharmsAPIClient() (*apicharms.Client, error) {
+	root, err := d.api.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return apicharms.NewClient(root), nil
+}
+
+func (c *applicationDeployer) applicationDeploy(args applicationDeployParams) error {
+	serviceClient, err := c.newApplicationAPIClient()
+	if err != nil {
+		return err
+	}
+	defer serviceClient.Close()
+	for i, p := range args.placement {
+		if p.Scope == "model-uuid" {
+			p.Scope = serviceClient.ModelUUID()
+		}
+		args.placement[i] = p
+	}
+
+	clientArgs := application.DeployArgs{
+		CharmID:          args.charmID,
+		ApplicationName:  args.applicationName,
+		Series:           args.series,
+		NumUnits:         args.numUnits,
+		ConfigYAML:       args.configYAML,
+		Cons:             args.constraints,
+		Placement:        args.placement,
+		Storage:          args.storage,
+		EndpointBindings: args.spaceBindings,
+		Resources:        args.resources,
+	}
+
+	return serviceClient.Deploy(clientArgs)
+}
+
+func (c *DeployCommand) Run(ctx *cmd.Context) error {
+	client, err := c.NewAPIClient()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+
+	err = c.deployCharmOrBundle(ctx, client)
+	return block.ProcessBlockedError(err, block.BlockChange)
+}
+
+type metricCredentialsAPI interface {
+	SetMetricCredentials(string, []byte) error
+	Close() error
+}
+
+type metricsCredentialsAPIImpl struct {
+	api   *application.Client
+	state api.Connection
+}
+
+// SetMetricCredentials sets the credentials on the application.
+func (s *metricsCredentialsAPIImpl) SetMetricCredentials(serviceName string, data []byte) error {
+	return s.api.SetMetricCredentials(serviceName, data)
+}
+
+// Close closes the api connection
+func (s *metricsCredentialsAPIImpl) Close() error {
+	err := s.state.Close()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+var getMetricCredentialsAPI = func(state api.Connection) (metricCredentialsAPI, error) {
+	return &metricsCredentialsAPIImpl{api: application.NewClient(state), state: state}, nil
+}
+
+// getFlags returns the flags with the given names. Only flags that are set and
+// whose name is included in flagNames are included.
+func getFlags(flagSet *gnuflag.FlagSet, flagNames []string) []string {
+	flags := make([]string, 0, flagSet.NFlag())
+	flagSet.Visit(func(flag *gnuflag.Flag) {
+		for _, name := range flagNames {
+			if flag.Name == name {
+				flags = append(flags, flagWithMinus(name))
+			}
+		}
+	})
+	return flags
+}
+
+func flagWithMinus(name string) string {
+	if len(name) > 1 {
+		return "--" + name
+	}
+	return "-" + name
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/deploy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/deploy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/deploy_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/deploy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,1143 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"os"
+	"path"
+	"path/filepath"
+	"sort"
+	"strings"
+
+	"github.com/juju/errors"
+	jujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	"github.com/juju/utils/series"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/charmstore.v5-unstable"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/macaroon-bakery.v1/bakery"
+	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
+	"gopkg.in/macaroon-bakery.v1/bakerytest"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/juju/common"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/instance"
+	"github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/storage/poolmanager"
+	"github.com/juju/juju/storage/provider"
+	"github.com/juju/juju/testcharms"
+	coretesting "github.com/juju/juju/testing"
+)
+
+type DeploySuite struct {
+	testing.RepoSuite
+	common.CmdBlockHelper
+}
+
+var _ = gc.Suite(&DeploySuite{})
+
+func (s *DeploySuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+}
+
+func runDeploy(c *gc.C, args ...string) error {
+	_, err := coretesting.RunCommand(c, NewDeployCommand(), args...)
+	return err
+}
+
+var initErrorTests = []struct {
+	args []string
+	err  string
+}{
+	{
+		args: nil,
+		err:  `no charm or bundle specified`,
+	}, {
+		args: []string{"charm-name", "application-name", "hotdog"},
+		err:  `unrecognized args: \["hotdog"\]`,
+	}, {
+		args: []string{"craziness", "burble-1"},
+		err:  `invalid application name "burble-1"`,
+	}, {
+		args: []string{"craziness", "burble1", "-n", "0"},
+		err:  `--num-units must be a positive integer`,
+	}, {
+		args: []string{"craziness", "burble1", "--to", "#:foo"},
+		err:  `invalid --to parameter "#:foo"`,
+	}, {
+		args: []string{"craziness", "burble1", "--constraints", "gibber=plop"},
+		err:  `invalid value "gibber=plop" for flag --constraints: unknown constraint "gibber"`,
+	}, {
+		args: []string{"charm", "application", "--force"},
+		err:  `--force is only used with --series`,
+	},
+}
+
+func (s *DeploySuite) TestInitErrors(c *gc.C) {
+	for i, t := range initErrorTests {
+		c.Logf("test %d", i)
+		err := coretesting.InitCommand(NewDeployCommand(), t.args)
+		c.Assert(err, gc.ErrorMatches, t.err)
+	}
+}
+
+func (s *DeploySuite) TestNoCharmOrBundle(c *gc.C) {
+	err := runDeploy(c, c.MkDir())
+	c.Assert(err, gc.ErrorMatches, `no charm or bundle found at .*`)
+}
+
+func (s *DeploySuite) TestBlockDeploy(c *gc.C) {
+	// Block operation
+	s.BlockAllChanges(c, "TestBlockDeploy")
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "some-application-name", "--series", "quantal")
+	s.AssertBlocked(c, err, ".*TestBlockDeploy.*")
+}
+
+func (s *DeploySuite) TestInvalidPath(c *gc.C) {
+	err := runDeploy(c, "/home/nowhere")
+	c.Assert(err, gc.ErrorMatches, `charm or bundle URL has invalid form: "/home/nowhere"`)
+}
+
+func (s *DeploySuite) TestInvalidFileFormat(c *gc.C) {
+	path := filepath.Join(c.MkDir(), "bundle.yaml")
+	err := ioutil.WriteFile(path, []byte(":"), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+	err = runDeploy(c, path)
+	c.Assert(err, gc.ErrorMatches, `invalid charm or bundle provided at ".*bundle.yaml"`)
+}
+
+func (s *DeploySuite) TestPathWithNoCharmOrBundle(c *gc.C) {
+	err := runDeploy(c, c.MkDir())
+	c.Assert(err, gc.ErrorMatches, `no charm or bundle found at .*`)
+}
+
+func (s *DeploySuite) TestInvalidURL(c *gc.C) {
+	err := runDeploy(c, "cs:craz~ness")
+	c.Assert(err, gc.ErrorMatches, `URL has invalid charm or bundle name: "cs:craz~ness"`)
+}
+
+func (s *DeploySuite) TestCharmDir(c *gc.C) {
+	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "dummy", curl, 1, 0)
+}
+
+func (s *DeploySuite) TestDeployFromPathRelativeDir(c *gc.C) {
+	testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
+	wd, err := os.Getwd()
+	c.Assert(err, jc.ErrorIsNil)
+	defer os.Chdir(wd)
+	err = os.Chdir(s.CharmsPath)
+	c.Assert(err, jc.ErrorIsNil)
+	err = runDeploy(c, "multi-series")
+	c.Assert(err, gc.ErrorMatches, `.*path "multi-series" can not be a relative path`)
+}
+
+func (s *DeploySuite) TestDeployFromPathOldCharm(c *gc.C) {
+	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
+	err := runDeploy(c, path, "--series", "precise")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:precise/dummy-1")
+	s.AssertService(c, "dummy", curl, 1, 0)
+}
+
+func (s *DeploySuite) TestDeployFromPathOldCharmMissingSeries(c *gc.C) {
+	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
+	err := runDeploy(c, path)
+	c.Assert(err, gc.ErrorMatches, "series not specified and charm does not define any")
+}
+
+func (s *DeploySuite) TestDeployFromPathDefaultSeries(c *gc.C) {
+	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
+	err := runDeploy(c, path)
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:precise/multi-series-1")
+	s.AssertService(c, "multi-series", curl, 1, 0)
+}
+
+func (s *DeploySuite) TestDeployFromPath(c *gc.C) {
+	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
+	err := runDeploy(c, path, "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/multi-series-1")
+	s.AssertService(c, "multi-series", curl, 1, 0)
+}
+
+func (s *DeploySuite) TestDeployFromPathUnsupportedSeries(c *gc.C) {
+	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
+	err := runDeploy(c, path, "--series", "quantal")
+	c.Assert(err, gc.ErrorMatches, `series "quantal" not supported by charm, supported series are: precise,trusty. Use --force to deploy the charm anyway.`)
+}
+
+func (s *DeploySuite) TestDeployFromPathUnsupportedSeriesForce(c *gc.C) {
+	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
+	err := runDeploy(c, path, "--series", "quantal", "--force")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:quantal/multi-series-1")
+	s.AssertService(c, "multi-series", curl, 1, 0)
+}
+
+func (s *DeploySuite) TestUpgradeCharmDir(c *gc.C) {
+	// Add the charm, so the url will exist and a new revision will be
+	// picked in application Deploy.
+	dummyCharm := s.AddTestingCharm(c, "dummy")
+
+	dirPath := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
+	err := runDeploy(c, dirPath, "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	upgradedRev := dummyCharm.Revision() + 1
+	curl := dummyCharm.URL().WithRevision(upgradedRev)
+	s.AssertService(c, "dummy", curl, 1, 0)
+	// Check the charm dir was left untouched.
+	ch, err := charm.ReadCharmDir(dirPath)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.Revision(), gc.Equals, 1)
+}
+
+func (s *DeploySuite) TestCharmBundle(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "some-application-name", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "some-application-name", curl, 1, 0)
+}
+
+func (s *DeploySuite) TestSubordinateCharm(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
+	err := runDeploy(c, ch, "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/logging-1")
+	s.AssertService(c, "logging", curl, 0, 0)
+}
+
+func (s *DeploySuite) TestConfig(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	path := setupConfigFile(c, c.MkDir())
+	err := runDeploy(c, ch, "dummy-application", "--config", path, "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	application, err := s.State.Application("dummy-application")
+	c.Assert(err, jc.ErrorIsNil)
+	settings, err := application.ConfigSettings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(settings, gc.DeepEquals, charm.Settings{
+		"skill-level": int64(9000),
+		"username":    "admin001",
+	})
+}
+
+func (s *DeploySuite) TestRelativeConfigPath(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	// Putting a config file in home is okay as $HOME is set to a tempdir
+	setupConfigFile(c, utils.Home())
+	err := runDeploy(c, ch, "dummy-application", "--config", "~/testconfig.yaml", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *DeploySuite) TestConfigError(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	path := setupConfigFile(c, c.MkDir())
+	err := runDeploy(c, ch, "other-application", "--config", path, "--series", "quantal")
+	c.Assert(err, gc.ErrorMatches, `no settings found for "other-application"`)
+	_, err = s.State.Application("other-application")
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *DeploySuite) TestConstraints(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "--constraints", "mem=2G cpu-cores=2", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	application, _ := s.AssertService(c, "dummy", curl, 1, 0)
+	cons, err := application.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cons, jc.DeepEquals, constraints.MustParse("mem=2G cpu-cores=2"))
+}
+
+func (s *DeploySuite) TestResources(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	dir := c.MkDir()
+
+	foopath := path.Join(dir, "foo")
+	barpath := path.Join(dir, "bar")
+	err := ioutil.WriteFile(foopath, []byte("foo"), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ioutil.WriteFile(barpath, []byte("bar"), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+
+	res1 := fmt.Sprintf("foo=%s", foopath)
+	res2 := fmt.Sprintf("bar=%s", barpath)
+
+	d := DeployCommand{}
+	args := []string{ch, "--resource", res1, "--resource", res2, "--series", "quantal"}
+
+	err = coretesting.InitCommand(modelcmd.Wrap(&d), args)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(d.Resources, gc.DeepEquals, map[string]string{
+		"foo": foopath,
+		"bar": barpath,
+	})
+}
+
+// TODO(ericsnow) Add tests for charmstore-based resources once the
+// endpoints are implemented.
+
+// TODO(wallyworld) - add another test that deploy with storage fails for older environments
+// (need deploy client to be refactored to use API stub)
+func (s *DeploySuite) TestStorage(c *gc.C) {
+	pm := poolmanager.New(state.NewStateSettings(s.State))
+	_, err := pm.Create("loop-pool", provider.LoopProviderType, map[string]interface{}{"foo": "bar"})
+	c.Assert(err, jc.ErrorIsNil)
+
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "storage-block")
+	err = runDeploy(c, ch, "--storage", "data=loop-pool,1G", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/storage-block-1")
+	application, _ := s.AssertService(c, "storage-block", curl, 1, 0)
+
+	cons, err := application.StorageConstraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cons, jc.DeepEquals, map[string]state.StorageConstraints{
+		"data": {
+			Pool:  "loop-pool",
+			Count: 1,
+			Size:  1024,
+		},
+		"allecto": {
+			Pool:  "loop",
+			Count: 0,
+			Size:  1024,
+		},
+	})
+}
+
+func (s *DeploySuite) TestPlacement(c *gc.C) {
+	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
+	// Add a machine that will be ignored due to placement directive.
+	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = runDeploy(c, ch, "-n", "1", "--to", "valid", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+
+	svc, err := s.State.Application("dummy")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// manually run staged assignments
+	errs, err := s.APIState.UnitAssigner().AssignUnits([]names.UnitTag{names.NewUnitTag("dummy/0")})
+	c.Assert(errs, gc.DeepEquals, []error{nil})
+	c.Assert(err, jc.ErrorIsNil)
+
+	units, err := svc.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(units, gc.HasLen, 1)
+	mid, err := units[0].AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(mid, gc.Not(gc.Equals), machine.Id())
+}
+
+func (s *DeploySuite) TestSubordinateConstraints(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
+	err := runDeploy(c, ch, "--constraints", "mem=1G", "--series", "quantal")
+	c.Assert(err, gc.ErrorMatches, "cannot use --constraints with subordinate application")
+}
+
+func (s *DeploySuite) TestNumUnits(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "-n", "13", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "dummy", curl, 13, 0)
+}
+
+func (s *DeploySuite) TestNumUnitsSubordinate(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
+	err := runDeploy(c, "--num-units", "3", ch, "--series", "quantal")
+	c.Assert(err, gc.ErrorMatches, "cannot use --num-units or --to with subordinate application")
+	_, err = s.State.Application("dummy")
+	c.Assert(err, gc.ErrorMatches, `application "dummy" not found`)
+}
+
+func (s *DeploySuite) assertForceMachine(c *gc.C, machineId string) {
+	svc, err := s.State.Application("portlandia")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// manually run staged assignments
+	errs, err := s.APIState.UnitAssigner().AssignUnits([]names.UnitTag{names.NewUnitTag("portlandia/0")})
+	c.Assert(errs, gc.DeepEquals, []error{nil})
+	c.Assert(err, jc.ErrorIsNil)
+
+	units, err := svc.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(units, gc.HasLen, 1)
+
+	mid, err := units[0].AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(mid, gc.Equals, machineId)
+}
+
+func (s *DeploySuite) TestForceMachine(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+	err = runDeploy(c, "--to", machine.Id(), ch, "portlandia", "--series", series.LatestLts())
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertForceMachine(c, machine.Id())
+}
+
+func (s *DeploySuite) TestForceMachineExistingContainer(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	template := state.MachineTemplate{
+		Series: series.LatestLts(),
+		Jobs:   []state.MachineJob{state.JobHostUnits},
+	}
+	container, err := s.State.AddMachineInsideNewMachine(template, template, instance.LXD)
+	c.Assert(err, jc.ErrorIsNil)
+	err = runDeploy(c, "--to", container.Id(), ch, "portlandia", "--series", series.LatestLts())
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertForceMachine(c, container.Id())
+	machines, err := s.State.AllMachines()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(machines, gc.HasLen, 2)
+}
+
+func (s *DeploySuite) TestForceMachineNewContainer(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+	err = runDeploy(c, "--to", "lxd:"+machine.Id(), ch, "portlandia", "--series", series.LatestLts())
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertForceMachine(c, machine.Id()+"/lxd/0")
+
+	for a := coretesting.LongAttempt.Start(); a.Next(); {
+		machines, err := s.State.AllMachines()
+		c.Assert(err, jc.ErrorIsNil)
+		if !a.HasNext() {
+			c.Assert(machines, gc.HasLen, 2)
+			break
+		}
+		if len(machines) == 2 {
+			break
+		}
+	}
+}
+
+func (s *DeploySuite) TestForceMachineNotFound(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, "--to", "42", ch, "portlandia", "--series", "quantal")
+	c.Assert(err, gc.ErrorMatches, `cannot deploy "portlandia" to machine 42: machine 42 not found`)
+	_, err = s.State.Application("portlandia")
+	c.Assert(err, gc.ErrorMatches, `application "portlandia" not found`)
+}
+
+func (s *DeploySuite) TestForceMachineSubordinate(c *gc.C) {
+	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
+	err = runDeploy(c, "--to", machine.Id(), ch, "--series", "quantal")
+	c.Assert(err, gc.ErrorMatches, "cannot use --num-units or --to with subordinate application")
+	_, err = s.State.Application("dummy")
+	c.Assert(err, gc.ErrorMatches, `application "dummy" not found`)
+}
+
+func (s *DeploySuite) TestNonLocalCannotHostUnits(c *gc.C) {
+	err := runDeploy(c, "--to", "0", "local:dummy", "portlandia")
+	c.Assert(err, gc.Not(gc.ErrorMatches), "machine 0 is the controller for a local model and cannot host units")
+}
+
+type DeployLocalSuite struct {
+	testing.RepoSuite
+}
+
+var _ = gc.Suite(&DeployLocalSuite{})
+
+func (s *DeployLocalSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+}
+
+// setupConfigFile creates a configuration file for testing set
+// with the --config argument specifying a configuration file.
+func setupConfigFile(c *gc.C, dir string) string {
+	ctx := coretesting.ContextForDir(c, dir)
+	path := ctx.AbsPath("testconfig.yaml")
+	content := []byte("dummy-application:\n  skill-level: 9000\n  username: admin001\n\n")
+	err := ioutil.WriteFile(path, content, 0666)
+	c.Assert(err, jc.ErrorIsNil)
+	return path
+}
+
+type DeployCharmStoreSuite struct {
+	charmStoreSuite
+}
+
+var _ = gc.Suite(&DeployCharmStoreSuite{})
+
+var deployAuthorizationTests = []struct {
+	about        string
+	uploadURL    string
+	deployURL    string
+	readPermUser string
+	expectError  string
+	expectOutput string
+}{{
+	about:     "public charm, success",
+	uploadURL: "cs:~bob/trusty/wordpress1-10",
+	deployURL: "cs:~bob/trusty/wordpress1",
+	expectOutput: `
+Added charm "cs:~bob/trusty/wordpress1-10" to the model.
+Deploying charm "cs:~bob/trusty/wordpress1-10" with the user specified series "trusty".`,
+}, {
+	about:     "public charm, fully resolved, success",
+	uploadURL: "cs:~bob/trusty/wordpress2-10",
+	deployURL: "cs:~bob/trusty/wordpress2-10",
+	expectOutput: `
+Added charm "cs:~bob/trusty/wordpress2-10" to the model.
+Deploying charm "cs:~bob/trusty/wordpress2-10" with the user specified series "trusty".`,
+}, {
+	about:        "non-public charm, success",
+	uploadURL:    "cs:~bob/trusty/wordpress3-10",
+	deployURL:    "cs:~bob/trusty/wordpress3",
+	readPermUser: clientUserName,
+	expectOutput: `
+Added charm "cs:~bob/trusty/wordpress3-10" to the model.
+Deploying charm "cs:~bob/trusty/wordpress3-10" with the user specified series "trusty".`,
+}, {
+	about:        "non-public charm, fully resolved, success",
+	uploadURL:    "cs:~bob/trusty/wordpress4-10",
+	deployURL:    "cs:~bob/trusty/wordpress4-10",
+	readPermUser: clientUserName,
+	expectOutput: `
+Added charm "cs:~bob/trusty/wordpress4-10" to the model.
+Deploying charm "cs:~bob/trusty/wordpress4-10" with the user specified series "trusty".`,
+}, {
+	about:        "non-public charm, access denied",
+	uploadURL:    "cs:~bob/trusty/wordpress5-10",
+	deployURL:    "cs:~bob/trusty/wordpress5",
+	readPermUser: "bob",
+	expectError:  `cannot resolve (charm )?URL "cs:~bob/trusty/wordpress5": cannot get "/~bob/trusty/wordpress5/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
+}, {
+	about:        "non-public charm, fully resolved, access denied",
+	uploadURL:    "cs:~bob/trusty/wordpress6-47",
+	deployURL:    "cs:~bob/trusty/wordpress6-47",
+	readPermUser: "bob",
+	expectError:  `cannot resolve charm URL "cs:~bob/trusty/wordpress6-47": cannot get "/~bob/trusty/wordpress6-47/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
+}, {
+	about:     "public bundle, success",
+	uploadURL: "cs:~bob/bundle/wordpress-simple1-42",
+	deployURL: "cs:~bob/bundle/wordpress-simple1",
+	expectOutput: `
+added charm cs:trusty/mysql-0
+application mysql deployed (charm cs:trusty/mysql-0 with the series "trusty" defined by the bundle)
+added charm cs:trusty/wordpress-1
+application wordpress deployed (charm cs:trusty/wordpress-1 with the series "trusty" defined by the bundle)
+related wordpress:db and mysql:server
+added mysql/0 unit to new machine
+added wordpress/0 unit to new machine
+deployment of bundle "cs:~bob/bundle/wordpress-simple1-42" completed`,
+}, {
+	about:        "non-public bundle, success",
+	uploadURL:    "cs:~bob/bundle/wordpress-simple2-0",
+	deployURL:    "cs:~bob/bundle/wordpress-simple2-0",
+	readPermUser: clientUserName,
+	expectOutput: `
+added charm cs:trusty/mysql-0
+reusing application mysql (charm: cs:trusty/mysql-0)
+added charm cs:trusty/wordpress-1
+reusing application wordpress (charm: cs:trusty/wordpress-1)
+wordpress:db and mysql:server are already related
+avoid adding new units to application mysql: 1 unit already present
+avoid adding new units to application wordpress: 1 unit already present
+deployment of bundle "cs:~bob/bundle/wordpress-simple2-0" completed`,
+}, {
+	about:        "non-public bundle, access denied",
+	uploadURL:    "cs:~bob/bundle/wordpress-simple3-47",
+	deployURL:    "cs:~bob/bundle/wordpress-simple3",
+	readPermUser: "bob",
+	expectError:  `cannot resolve charm URL "cs:~bob/bundle/wordpress-simple3": cannot get "/~bob/bundle/wordpress-simple3/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
+}}
+
+func (s *DeployCharmStoreSuite) TestDeployAuthorization(c *gc.C) {
+	// Upload the two charms required to upload the bundle.
+	testcharms.UploadCharm(c, s.client, "trusty/mysql-0", "mysql")
+	testcharms.UploadCharm(c, s.client, "trusty/wordpress-1", "wordpress")
+
+	// Run the tests.
+	for i, test := range deployAuthorizationTests {
+		c.Logf("test %d: %s", i, test.about)
+
+		// Upload the charm or bundle under test.
+		url := charm.MustParseURL(test.uploadURL)
+		if url.Series == "bundle" {
+			url, _ = testcharms.UploadBundle(c, s.client, test.uploadURL, "wordpress-simple")
+		} else {
+			url, _ = testcharms.UploadCharm(c, s.client, test.uploadURL, "wordpress")
+		}
+
+		// Change the ACL of the uploaded entity if required in this case.
+		if test.readPermUser != "" {
+			s.changeReadPerm(c, url, test.readPermUser)
+		}
+		ctx, err := coretesting.RunCommand(c, NewDeployCommand(), test.deployURL, fmt.Sprintf("wordpress%d", i))
+		if test.expectError != "" {
+			c.Check(err, gc.ErrorMatches, test.expectError)
+			continue
+		}
+		c.Assert(err, jc.ErrorIsNil)
+		output := strings.Trim(coretesting.Stderr(ctx), "\n")
+		c.Check(output, gc.Equals, strings.TrimSpace(test.expectOutput))
+	}
+}
+
+func (s *DeployCharmStoreSuite) TestDeployWithTermsSuccess(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "trusty/terms1-1", "terms1")
+	output, err := runDeployCommand(c, "trusty/terms1")
+	c.Assert(err, jc.ErrorIsNil)
+	expectedOutput := `
+Added charm "cs:trusty/terms1-1" to the model.
+Deploying charm "cs:trusty/terms1-1" with the user specified series "trusty".
+Deployment under prior agreement to terms: term1/1 term3/1
+`
+	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
+	s.assertCharmsUploaded(c, "cs:trusty/terms1-1")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"terms1": {charm: "cs:trusty/terms1-1"},
+	})
+	_, err = s.State.Unit("terms1/0")
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *DeploySuite) TestDeployLocalWithTerms(c *gc.C) {
+	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "terms1")
+	output, err := runDeployCommand(c, ch, "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	// should not produce any output
+	c.Assert(output, gc.Equals, "")
+
+	curl := charm.MustParseURL("local:trusty/terms1-1")
+	s.AssertService(c, "terms1", curl, 1, 0)
+}
+
+func (s *DeployCharmStoreSuite) TestDeployWithTermsNotSigned(c *gc.C) {
+	s.termsDischargerError = &httpbakery.Error{
+		Message: "term agreement required: term/1 term/2",
+		Code:    "term agreement required",
+	}
+	testcharms.UploadCharm(c, s.client, "quantal/terms1-1", "terms1")
+	_, err := runDeployCommand(c, "quantal/terms1")
+	expectedError := `Declined: please agree to the following terms term/1 term/2. Try: "juju agree term/1 term/2"`
+	c.Assert(err, gc.ErrorMatches, expectedError)
+}
+
+func (s *DeployCharmStoreSuite) TestDeployWithChannel(c *gc.C) {
+	ch := testcharms.Repo.CharmArchive(c.MkDir(), "wordpress")
+	id := charm.MustParseURL("cs:~client-username/precise/wordpress-0")
+	err := s.client.UploadCharmWithRevision(id, ch, -1)
+	c.Assert(err, gc.IsNil)
+
+	err = s.client.Publish(id, []csclientparams.Channel{csclientparams.DevelopmentChannel}, nil)
+	c.Assert(err, gc.IsNil)
+
+	_, err = runDeployCommand(c, "--channel", "development", "~client-username/wordpress")
+	c.Assert(err, gc.IsNil)
+	s.assertCharmsUploaded(c, "cs:~client-username/precise/wordpress-0")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"wordpress": {charm: "cs:~client-username/precise/wordpress-0"},
+	})
+}
+
+const (
+	// clientUserCookie is the name of the cookie which is
+	// used to signal to the charmStoreSuite macaroon discharger
+	// that the client is a juju client rather than the juju environment.
+	clientUserCookie = "client"
+
+	// clientUserName is the name chosen for the juju client
+	// when it has authorized.
+	clientUserName = "client-username"
+)
+
+// charmStoreSuite is a suite fixture that puts the machinery in
+// place to allow testing code that calls addCharmViaAPI.
+type charmStoreSuite struct {
+	testing.JujuConnSuite
+	handler              charmstore.HTTPCloseHandler
+	srv                  *httptest.Server
+	client               *csclient.Client
+	discharger           *bakerytest.Discharger
+	termsDischarger      *bakerytest.Discharger
+	termsDischargerError error
+	termsString          string
+}
+
+func (s *charmStoreSuite) SetUpTest(c *gc.C) {
+	s.JujuConnSuite.SetUpTest(c)
+
+	// Set up the third party discharger.
+	s.discharger = bakerytest.NewDischarger(nil, func(req *http.Request, cond string, arg string) ([]checkers.Caveat, error) {
+		cookie, err := req.Cookie(clientUserCookie)
+		if err != nil {
+			return nil, errors.Annotate(err, "discharge denied to non-clients")
+		}
+		return []checkers.Caveat{
+			checkers.DeclaredCaveat("username", cookie.Value),
+		}, nil
+	})
+
+	s.termsDischargerError = nil
+	// Set up the third party terms discharger.
+	s.termsDischarger = bakerytest.NewDischarger(nil, func(req *http.Request, cond string, arg string) ([]checkers.Caveat, error) {
+		s.termsString = arg
+		return nil, s.termsDischargerError
+	})
+	s.termsString = ""
+
+	keyring := bakery.NewPublicKeyRing()
+
+	pk, err := httpbakery.PublicKeyForLocation(http.DefaultClient, s.discharger.Location())
+	c.Assert(err, gc.IsNil)
+	err = keyring.AddPublicKeyForLocation(s.discharger.Location(), true, pk)
+	c.Assert(err, gc.IsNil)
+
+	pk, err = httpbakery.PublicKeyForLocation(http.DefaultClient, s.termsDischarger.Location())
+	c.Assert(err, gc.IsNil)
+	err = keyring.AddPublicKeyForLocation(s.termsDischarger.Location(), true, pk)
+	c.Assert(err, gc.IsNil)
+
+	// Set up the charm store testing server.
+	db := s.Session.DB("juju-testing")
+	params := charmstore.ServerParams{
+		AuthUsername:     "test-user",
+		AuthPassword:     "test-password",
+		IdentityLocation: s.discharger.Location(),
+		PublicKeyLocator: keyring,
+		TermsLocation:    s.termsDischarger.Location(),
+	}
+	handler, err := charmstore.NewServer(db, nil, "", params, charmstore.V5)
+	c.Assert(err, jc.ErrorIsNil)
+	s.handler = handler
+	s.srv = httptest.NewServer(handler)
+	c.Logf("started charmstore on %v", s.srv.URL)
+	s.client = csclient.New(csclient.Params{
+		URL:      s.srv.URL,
+		User:     params.AuthUsername,
+		Password: params.AuthPassword,
+	})
+
+	// Initialize the charm cache dir.
+	s.PatchValue(&charmrepo.CacheDir, c.MkDir())
+
+	// Point the CLI to the charm store testing server.
+	s.PatchValue(&newCharmStoreClient, func(client *httpbakery.Client) *csclient.Client {
+		// Add a cookie so that the discharger can detect whether the
+		// HTTP client is the juju environment or the juju client.
+		lurl, err := url.Parse(s.discharger.Location())
+		c.Assert(err, jc.ErrorIsNil)
+		client.Jar.SetCookies(lurl, []*http.Cookie{{
+			Name:  clientUserCookie,
+			Value: clientUserName,
+		}})
+		return csclient.New(csclient.Params{
+			URL:          s.srv.URL,
+			BakeryClient: client,
+		})
+	})
+
+	// Point the Juju API server to the charm store testing server.
+	s.PatchValue(&csclient.ServerURL, s.srv.URL)
+}
+
+func (s *charmStoreSuite) TearDownTest(c *gc.C) {
+	s.discharger.Close()
+	s.handler.Close()
+	s.srv.Close()
+	s.JujuConnSuite.TearDownTest(c)
+}
+
+// changeReadPerm changes the read permission of the given charm URL.
+// The charm must be present in the testing charm store.
+func (s *charmStoreSuite) changeReadPerm(c *gc.C, url *charm.URL, perms ...string) {
+	err := s.client.Put("/"+url.Path()+"/meta/perm/read", perms)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+// assertCharmsUploaded checks that the given charm ids have been uploaded.
+func (s *charmStoreSuite) assertCharmsUploaded(c *gc.C, ids ...string) {
+	charms, err := s.State.AllCharms()
+	c.Assert(err, jc.ErrorIsNil)
+	uploaded := make([]string, len(charms))
+	for i, charm := range charms {
+		uploaded[i] = charm.URL().String()
+	}
+	c.Assert(uploaded, jc.SameContents, ids)
+}
+
+// serviceInfo holds information about a deployed application.
+type serviceInfo struct {
+	charm            string
+	config           charm.Settings
+	constraints      constraints.Value
+	exposed          bool
+	storage          map[string]state.StorageConstraints
+	endpointBindings map[string]string
+}
+
+// assertDeployedServiceBindings checks that services were deployed into the
+// expected spaces. It is separate to assertServicesDeployed because it is only
+// relevant to a couple of tests.
+func (s *charmStoreSuite) assertDeployedServiceBindings(c *gc.C, info map[string]serviceInfo) {
+	services, err := s.State.AllApplications()
+	c.Assert(err, jc.ErrorIsNil)
+
+	for _, application := range services {
+		endpointBindings, err := application.EndpointBindings()
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(endpointBindings, jc.DeepEquals, info[application.Name()].endpointBindings)
+	}
+}
+
+// assertApplicationsDeployed checks that the given applications have been deployed.
+func (s *charmStoreSuite) assertApplicationsDeployed(c *gc.C, info map[string]serviceInfo) {
+	services, err := s.State.AllApplications()
+	c.Assert(err, jc.ErrorIsNil)
+	deployed := make(map[string]serviceInfo, len(services))
+	for _, application := range services {
+		charm, _ := application.CharmURL()
+		config, err := application.ConfigSettings()
+		c.Assert(err, jc.ErrorIsNil)
+		if len(config) == 0 {
+			config = nil
+		}
+		constraints, err := application.Constraints()
+		c.Assert(err, jc.ErrorIsNil)
+		storage, err := application.StorageConstraints()
+		c.Assert(err, jc.ErrorIsNil)
+		if len(storage) == 0 {
+			storage = nil
+		}
+		deployed[application.Name()] = serviceInfo{
+			charm:       charm.String(),
+			config:      config,
+			constraints: constraints,
+			exposed:     application.IsExposed(),
+			storage:     storage,
+		}
+	}
+	c.Assert(deployed, jc.DeepEquals, info)
+}
+
+// assertRelationsEstablished checks that the given relations have been set.
+func (s *charmStoreSuite) assertRelationsEstablished(c *gc.C, relations ...string) {
+	rs, err := s.State.AllRelations()
+	c.Assert(err, jc.ErrorIsNil)
+	established := make([]string, len(rs))
+	for i, r := range rs {
+		established[i] = r.String()
+	}
+	c.Assert(established, jc.SameContents, relations)
+}
+
+// assertUnitsCreated checks that the given units have been created. The
+// expectedUnits argument maps unit names to machine names.
+func (s *charmStoreSuite) assertUnitsCreated(c *gc.C, expectedUnits map[string]string) {
+	machines, err := s.State.AllMachines()
+	c.Assert(err, jc.ErrorIsNil)
+	created := make(map[string]string)
+	for _, m := range machines {
+		id := m.Id()
+		units, err := s.State.UnitsFor(id)
+		c.Assert(err, jc.ErrorIsNil)
+		for _, u := range units {
+			created[u.Name()] = id
+		}
+	}
+	c.Assert(created, jc.DeepEquals, expectedUnits)
+}
+
+type testMetricCredentialsSetter struct {
+	assert func(string, []byte)
+	err    error
+}
+
+func (t *testMetricCredentialsSetter) SetMetricCredentials(serviceName string, data []byte) error {
+	t.assert(serviceName, data)
+	return t.err
+}
+
+func (t *testMetricCredentialsSetter) Close() error {
+	return nil
+}
+
+func (s *DeployCharmStoreSuite) TestAddMetricCredentials(c *gc.C) {
+	var called bool
+	setter := &testMetricCredentialsSetter{
+		assert: func(serviceName string, data []byte) {
+			called = true
+			c.Assert(serviceName, gc.DeepEquals, "metered")
+			var b []byte
+			err := json.Unmarshal(data, &b)
+			c.Assert(err, gc.IsNil)
+			c.Assert(string(b), gc.Equals, "hello registration")
+		},
+	}
+
+	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
+		return setter, nil
+	})
+	defer cleanup()
+
+	stub := &jujutesting.Stub{}
+	handler := &testMetricsRegistrationHandler{Stub: stub}
+	server := httptest.NewServer(handler)
+	defer server.Close()
+
+	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
+	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{RegisterURL: server.URL, QueryURL: server.URL}}}
+	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1", "--plan", "someplan")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("cs:quantal/metered-1")
+	svc, err := s.State.Application("metered")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, _, err := svc.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL(), gc.DeepEquals, curl)
+	c.Assert(called, jc.IsTrue)
+	stub.CheckCalls(c, []jujutesting.StubCall{{
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "deadbeef-0bad-400d-8000-4b1d0d06f00d",
+			CharmURL:        "cs:quantal/metered-1",
+			ApplicationName: "metered",
+			PlanURL:         "someplan",
+			Budget:          "personal",
+			Limit:           "0",
+		}},
+	}})
+}
+
+func (s *DeployCharmStoreSuite) TestAddMetricCredentialsDefaultPlan(c *gc.C) {
+	var called bool
+	setter := &testMetricCredentialsSetter{
+		assert: func(serviceName string, data []byte) {
+			called = true
+			c.Assert(serviceName, gc.DeepEquals, "metered")
+			var b []byte
+			err := json.Unmarshal(data, &b)
+			c.Assert(err, gc.IsNil)
+			c.Assert(string(b), gc.Equals, "hello registration")
+		},
+	}
+
+	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
+		return setter, nil
+	})
+	defer cleanup()
+
+	stub := &jujutesting.Stub{}
+	handler := &testMetricsRegistrationHandler{Stub: stub}
+	server := httptest.NewServer(handler)
+	defer server.Close()
+
+	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
+	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{RegisterURL: server.URL, QueryURL: server.URL}}}
+	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("cs:quantal/metered-1")
+	svc, err := s.State.Application("metered")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, _, err := svc.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL(), gc.DeepEquals, curl)
+	c.Assert(called, jc.IsTrue)
+	stub.CheckCalls(c, []jujutesting.StubCall{{
+		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "deadbeef-0bad-400d-8000-4b1d0d06f00d",
+			CharmURL:        "cs:quantal/metered-1",
+			ApplicationName: "metered",
+			PlanURL:         "thisplan",
+			Budget:          "personal",
+			Limit:           "0",
+		}},
+	}})
+}
+
+func (s *DeploySuite) TestAddMetricCredentialsDefaultForUnmeteredCharm(c *gc.C) {
+	var called bool
+	setter := &testMetricCredentialsSetter{
+		assert: func(serviceName string, data []byte) {
+			called = true
+			c.Assert(serviceName, gc.DeepEquals, "dummy")
+			c.Assert(data, gc.DeepEquals, []byte{})
+		},
+	}
+
+	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
+		return setter, nil
+	})
+	defer cleanup()
+
+	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
+
+	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{}}}
+	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), ch, "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "dummy", curl, 1, 0)
+	c.Assert(called, jc.IsFalse)
+}
+
+func (s *DeploySuite) TestDeployFlags(c *gc.C) {
+	command := DeployCommand{}
+	flagSet := gnuflag.NewFlagSet(command.Info().Name, gnuflag.ContinueOnError)
+	command.SetFlags(flagSet)
+	c.Assert(command.flagSet, jc.DeepEquals, flagSet)
+	// Add to the slice below if a new flag is introduced which is valid for
+	// both charms and bundles.
+	charmAndBundleFlags := []string{"channel", "storage"}
+	var allFlags []string
+	flagSet.VisitAll(func(flag *gnuflag.Flag) {
+		allFlags = append(allFlags, flag.Name)
+	})
+	declaredFlags := append(charmAndBundleFlags, charmOnlyFlags...)
+	declaredFlags = append(declaredFlags, bundleOnlyFlags...)
+	sort.Strings(declaredFlags)
+	c.Assert(declaredFlags, jc.DeepEquals, allFlags)
+}
+
+func (s *DeployCharmStoreSuite) TestDeployCharmWithSomeEndpointBindingsSpecifiedSuccess(c *gc.C) {
+	_, err := s.State.AddSpace("db", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddSpace("public", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+
+	testcharms.UploadCharm(c, s.client, "cs:quantal/wordpress-extra-bindings-1", "wordpress-extra-bindings")
+	err = runDeploy(c, "cs:quantal/wordpress-extra-bindings-1", "--bind", "db=db db-client=db public admin-api=public")
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"wordpress-extra-bindings": {charm: "cs:quantal/wordpress-extra-bindings-1"},
+	})
+	s.assertDeployedServiceBindings(c, map[string]serviceInfo{
+		"wordpress-extra-bindings": {
+			endpointBindings: map[string]string{
+				"cache":           "public",
+				"url":             "public",
+				"logging-dir":     "public",
+				"monitoring-port": "public",
+				"db":              "db",
+				"db-client":       "db",
+				"admin-api":       "public",
+				"foo-bar":         "public",
+				"cluster":         "public",
+			},
+		},
+	})
+}
+
+func (s *DeployCharmStoreSuite) TestDeployCharmsEndpointNotImplemented(c *gc.C) {
+	setter := &testMetricCredentialsSetter{
+		assert: func(serviceName string, data []byte) {},
+		err: &params.Error{
+			Message: "IsMetered",
+			Code:    params.CodeNotImplemented,
+		},
+	}
+	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
+		return setter, nil
+	})
+	defer cleanup()
+
+	stub := &jujutesting.Stub{}
+	handler := &testMetricsRegistrationHandler{Stub: stub}
+	server := httptest.NewServer(handler)
+	defer server.Close()
+
+	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
+	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{RegisterURL: server.URL, QueryURL: server.URL}}}
+	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1", "--plan", "someplan")
+
+	c.Assert(err, gc.ErrorMatches, "IsMetered")
+}
+
+type ParseBindSuite struct {
+}
+
+var _ = gc.Suite(&ParseBindSuite{})
+
+func (s *ParseBindSuite) TestParseSuccessWithEmptyArgs(c *gc.C) {
+	s.checkParseOKForArgs(c, "", nil)
+}
+
+func (s *ParseBindSuite) TestParseSuccessWithEndpointsOnly(c *gc.C) {
+	s.checkParseOKForArgs(c, "foo=a bar=b", map[string]string{"foo": "a", "bar": "b"})
+}
+
+func (s *ParseBindSuite) TestParseSuccessWithServiceDefaultSpaceOnly(c *gc.C) {
+	s.checkParseOKForArgs(c, "application-default", map[string]string{"": "application-default"})
+}
+
+func (s *ParseBindSuite) TestBindingsOrderForDefaultSpaceAndEndpointsDoesNotMatter(c *gc.C) {
+	expectedBindings := map[string]string{
+		"ep1": "sp1",
+		"ep2": "sp2",
+		"":    "sp3",
+	}
+	s.checkParseOKForArgs(c, "ep1=sp1 ep2=sp2 sp3", expectedBindings)
+	s.checkParseOKForArgs(c, "ep1=sp1 sp3 ep2=sp2", expectedBindings)
+	s.checkParseOKForArgs(c, "ep2=sp2 ep1=sp1 sp3", expectedBindings)
+	s.checkParseOKForArgs(c, "ep2=sp2 sp3 ep1=sp1", expectedBindings)
+	s.checkParseOKForArgs(c, "sp3 ep1=sp1 ep2=sp2", expectedBindings)
+	s.checkParseOKForArgs(c, "sp3 ep2=sp2 ep1=sp1", expectedBindings)
+}
+
+func (s *ParseBindSuite) TestParseFailsWithSpaceNameButNoEndpoint(c *gc.C) {
+	s.checkParseFailsForArgs(c, "=bad", "Found = without endpoint name. Use a lone space name to set the default.")
+}
+
+func (s *ParseBindSuite) TestParseFailsWithTooManyEqualsSignsInArgs(c *gc.C) {
+	s.checkParseFailsForArgs(c, "foo=bar=baz", "Found multiple = in binding. Did you forget to space-separate the binding list?")
+}
+
+func (s *ParseBindSuite) TestParseFailsWithBadSpaceName(c *gc.C) {
+	s.checkParseFailsForArgs(c, "rel1=spa#ce1", "Space name invalid.")
+}
+
+func (s *ParseBindSuite) runParseBindWithArgs(args string) (error, map[string]string) {
+	deploy := &DeployCommand{BindToSpaces: args}
+	return deploy.parseBind(), deploy.Bindings
+}
+
+func (s *ParseBindSuite) checkParseOKForArgs(c *gc.C, args string, expectedBindings map[string]string) {
+	err, parsedBindings := s.runParseBindWithArgs(args)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(parsedBindings, jc.DeepEquals, expectedBindings)
+}
+
+func (s *ParseBindSuite) checkParseFailsForArgs(c *gc.C, args string, expectedErrorSuffix string) {
+	err, parsedBindings := s.runParseBindWithArgs(args)
+	c.Check(err.Error(), gc.Equals, parseBindErrorPrefix+expectedErrorSuffix)
+	c.Check(parsedBindings, gc.IsNil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/export_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,46 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/cmd"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+// NewSetCommandForTest returns a SetCommand with the api provided as specified.
+func NewSetCommandForTest(serviceAPI serviceAPI) cmd.Command {
+	return modelcmd.Wrap(&setCommand{
+		serviceApi: serviceAPI,
+	})
+}
+
+// NewGetCommand returns a GetCommand with the api provided as specified.
+func NewGetCommandForTest(api getServiceAPI) cmd.Command {
+	return modelcmd.Wrap(&getCommand{
+		api: api,
+	})
+}
+
+// NewAddUnitCommandForTest returns an AddUnitCommand with the api provided as specified.
+func NewAddUnitCommandForTest(api serviceAddUnitAPI) cmd.Command {
+	return modelcmd.Wrap(&addUnitCommand{
+		api: api,
+	})
+}
+
+type Patcher interface {
+	PatchValue(dest, value interface{})
+}
+
+func PatchNewCharmStoreClient(s Patcher, url string) {
+	s.PatchValue(&newCharmStoreClient, func(bakeryClient *httpbakery.Client) *csclient.Client {
+		return csclient.New(csclient.Params{
+			URL:          url,
+			BakeryClient: bakeryClient,
+		})
+	})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/expose.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/expose.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/expose.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/expose.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+var usageExposeSummary = `
+Makes an application publicly available over the network.`[1:]
+
+var usageExposeDetails = `
+Adjusts the firewall rules and any relevant security mechanisms of the
+cloud to allow public access to the application.
+
+Examples:
+    juju expose wordpress
+
+See also: 
+    unexpose`[1:]
+
+// NewExposeCommand returns a command to expose services.
+func NewExposeCommand() cmd.Command {
+	return modelcmd.Wrap(&exposeCommand{})
+}
+
+// exposeCommand is responsible exposing services.
+type exposeCommand struct {
+	modelcmd.ModelCommandBase
+	ApplicationName string
+}
+
+func (c *exposeCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "expose",
+		Args:    "<application name>",
+		Purpose: usageExposeSummary,
+		Doc:     usageExposeDetails,
+	}
+}
+
+func (c *exposeCommand) Init(args []string) error {
+	if len(args) == 0 {
+		return errors.New("no application name specified")
+	}
+	c.ApplicationName = args[0]
+	return cmd.CheckEmpty(args[1:])
+}
+
+type serviceExposeAPI interface {
+	Close() error
+	Expose(serviceName string) error
+	Unexpose(serviceName string) error
+}
+
+func (c *exposeCommand) getAPI() (serviceExposeAPI, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+// Run changes the juju-managed firewall to expose any
+// ports that were also explicitly marked by units as open.
+func (c *exposeCommand) Run(_ *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+	return block.ProcessBlockedError(client.Expose(c.ApplicationName), block.BlockChange)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/expose_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/expose_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/expose_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/expose_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,75 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+
+	"github.com/juju/juju/cmd/juju/common"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/rpc"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+)
+
+type ExposeSuite struct {
+	jujutesting.RepoSuite
+	common.CmdBlockHelper
+}
+
+func (s *ExposeSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+}
+
+var _ = gc.Suite(&ExposeSuite{})
+
+func runExpose(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, NewExposeCommand(), args...)
+	return err
+}
+
+func (s *ExposeSuite) assertExposed(c *gc.C, application string) {
+	svc, err := s.State.Application(application)
+	c.Assert(err, jc.ErrorIsNil)
+	exposed := svc.IsExposed()
+	c.Assert(exposed, jc.IsTrue)
+}
+
+func (s *ExposeSuite) TestExpose(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "some-application-name", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "some-application-name", curl, 1, 0)
+
+	err = runExpose(c, "some-application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertExposed(c, "some-application-name")
+
+	err = runExpose(c, "nonexistent-application")
+	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
+		Message: `application "nonexistent-application" not found`,
+		Code:    "not found",
+	})
+}
+
+func (s *ExposeSuite) TestBlockExpose(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "some-application-name", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "some-application-name", curl, 1, 0)
+
+	// Block operation
+	s.BlockAllChanges(c, "TestBlockExpose")
+
+	err = runExpose(c, "some-application-name")
+	s.AssertBlocked(c, err, ".*TestBlockExpose.*")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/fakeapplication_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/fakeapplication_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/fakeapplication_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/fakeapplication_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,102 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"fmt"
+
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/apiserver/params"
+)
+
+// fakeServiceAPI is the fake application API for testing the application
+// update command.
+type fakeServiceAPI struct {
+	serviceName string
+	charmName   string
+	values      map[string]interface{}
+	config      string
+	err         error
+}
+
+func (f *fakeServiceAPI) Update(args params.ApplicationUpdate) error {
+	if f.err != nil {
+		return f.err
+	}
+
+	if args.ApplicationName != f.serviceName {
+		return errors.NotFoundf("application %q", args.ApplicationName)
+	}
+
+	f.config = args.SettingsYAML
+	return nil
+}
+
+func (f *fakeServiceAPI) Close() error {
+	return nil
+}
+
+func (f *fakeServiceAPI) Get(application string) (*params.ApplicationGetResults, error) {
+	if application != f.serviceName {
+		return nil, errors.NotFoundf("application %q", application)
+	}
+
+	configInfo := make(map[string]interface{})
+	for k, v := range f.values {
+		configInfo[k] = map[string]interface{}{
+			"description": fmt.Sprintf("Specifies %s", k),
+			"type":        fmt.Sprintf("%T", v),
+			"value":       v,
+		}
+	}
+
+	return &params.ApplicationGetResults{
+		Application: f.serviceName,
+		Charm:       f.charmName,
+		Config:      configInfo,
+	}, nil
+}
+
+func (f *fakeServiceAPI) Set(application string, options map[string]string) error {
+	if f.err != nil {
+		return f.err
+	}
+
+	if application != f.serviceName {
+		return errors.NotFoundf("application %q", application)
+	}
+
+	if f.values == nil {
+		f.values = make(map[string]interface{})
+	}
+	for k, v := range options {
+		f.values[k] = v
+	}
+
+	return nil
+}
+
+func (f *fakeServiceAPI) Unset(application string, options []string) error {
+	if f.err != nil {
+		return f.err
+	}
+
+	if application != f.serviceName {
+		return errors.NotFoundf("application %q", application)
+	}
+
+	// Verify all options before unsetting any of them.
+	for _, name := range options {
+		if _, ok := f.values[name]; !ok {
+			return fmt.Errorf("unknown option %q", name)
+		}
+	}
+
+	for _, name := range options {
+		delete(f.values, name)
+	}
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/flags.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/flags.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/flags.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/flags.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,105 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/storage"
+)
+
+type storageFlag struct {
+	stores       *map[string]storage.Constraints
+	bundleStores *map[string]map[string]storage.Constraints
+}
+
+// Set implements gnuflag.Value.Set.
+func (f storageFlag) Set(s string) error {
+	fields := strings.SplitN(s, "=", 2)
+	if len(fields) < 2 {
+		return errors.New("expected [<application>:]<store>=<constraints>")
+	}
+	var serviceName, storageName string
+	if colon := strings.IndexRune(fields[0], ':'); colon >= 0 {
+		serviceName = fields[0][:colon]
+		storageName = fields[0][colon+1:]
+	} else {
+		storageName = fields[0]
+	}
+	cons, err := storage.ParseConstraints(fields[1])
+	if err != nil {
+		return errors.Annotate(err, "cannot parse disk constraints")
+	}
+	var stores map[string]storage.Constraints
+	if serviceName != "" {
+		if *f.bundleStores == nil {
+			*f.bundleStores = make(map[string]map[string]storage.Constraints)
+		}
+		stores = (*f.bundleStores)[serviceName]
+		if stores == nil {
+			stores = make(map[string]storage.Constraints)
+			(*f.bundleStores)[serviceName] = stores
+		}
+	} else {
+		if *f.stores == nil {
+			*f.stores = make(map[string]storage.Constraints)
+		}
+		stores = *f.stores
+	}
+	stores[storageName] = cons
+	return nil
+}
+
+// String implements gnuflag.Value.String.
+func (f storageFlag) String() string {
+	strs := make([]string, 0, len(*f.stores)+len(*f.bundleStores))
+	for store, cons := range *f.stores {
+		strs = append(strs, fmt.Sprintf("%s=%v", store, cons))
+	}
+	for application, stores := range *f.bundleStores {
+		for store, cons := range stores {
+			strs = append(strs, fmt.Sprintf("%s:%s=%v", application, store, cons))
+		}
+	}
+	return strings.Join(strs, " ")
+}
+
+// stringMap is a type that deserializes a CLI string using gnuflag's Value
+// semantics.  It expects a name=value pair, and supports multiple copies of the
+// flag adding more pairs, though the names must be unique.
+type stringMap struct {
+	mapping *map[string]string
+}
+
+// Set implements gnuflag.Value's Set method.
+func (m stringMap) Set(s string) error {
+	if *m.mapping == nil {
+		*m.mapping = map[string]string{}
+	}
+	// make a copy so the following code is less ugly with dereferencing.
+	mapping := *m.mapping
+
+	vals := strings.SplitN(s, "=", 2)
+	if len(vals) != 2 {
+		return errors.NewNotValid(nil, "badly formatted name value pair: "+s)
+	}
+	name, value := vals[0], vals[1]
+	if _, ok := mapping[name]; ok {
+		return errors.Errorf("duplicate name specified: %q", name)
+	}
+	mapping[name] = value
+	return nil
+}
+
+// String implements gnuflag.Value's String method
+func (m stringMap) String() string {
+	pairs := make([]string, 0, len(*m.mapping))
+	for name, value := range *m.mapping {
+		pairs = append(pairs, name+"="+value)
+	}
+	return strings.Join(pairs, ";")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/flags_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/flags_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/flags_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/flags_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,49 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+)
+
+var _ = gc.Suite(&FlagSuite{})
+
+type FlagSuite struct {
+	testing.IsolationSuite
+}
+
+func (FlagSuite) TestStringMapNilOk(c *gc.C) {
+	// note that the map may start out nil
+	var values map[string]string
+	c.Assert(values, gc.IsNil)
+	sm := stringMap{&values}
+	err := sm.Set("foo=foovalue")
+	c.Assert(err, jc.ErrorIsNil)
+	err = sm.Set("bar=barvalue")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// now the map is non-nil and filled
+	c.Assert(values, gc.DeepEquals, map[string]string{
+		"foo": "foovalue",
+		"bar": "barvalue",
+	})
+}
+
+func (FlagSuite) TestStringMapBadVal(c *gc.C) {
+	sm := stringMap{&map[string]string{}}
+	err := sm.Set("foo")
+	c.Assert(err, jc.Satisfies, errors.IsNotValid)
+	c.Assert(err, gc.ErrorMatches, "badly formatted name value pair: foo")
+}
+
+func (FlagSuite) TestStringMapDupVal(c *gc.C) {
+	sm := stringMap{&map[string]string{}}
+	err := sm.Set("bar=somevalue")
+	c.Assert(err, jc.ErrorIsNil)
+	err = sm.Set("bar=someothervalue")
+	c.Assert(err, gc.ErrorMatches, ".*duplicate.*bar.*")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/get.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/get.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/get.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,110 @@
+// Copyright 2012-2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+var usageGetConfigSummary = `
+Displays configuration settings for a deployed application.`[1:]
+
+var usageGetConfigDetails = `
+Output includes the name of the charm used to deploy the application and a
+listing of the application-specific configuration settings.
+See `[1:] + "`juju status`" + ` for application names.
+
+Examples:
+    juju get-config mysql
+    juju get-config mysql-testing
+
+See also: 
+    set-config
+    deploy
+    status`
+
+// NewGetCommand returns a command used to get application attributes.
+func NewGetCommand() cmd.Command {
+	return modelcmd.Wrap(&getCommand{})
+}
+
+// getCommand retrieves the configuration of an application.
+type getCommand struct {
+	modelcmd.ModelCommandBase
+	ApplicationName string
+	out             cmd.Output
+	api             getServiceAPI
+}
+
+func (c *getCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "get-config",
+		Args:    "<application name>",
+		Purpose: usageGetConfigSummary,
+		Doc:     usageGetConfigDetails,
+		Aliases: []string{"get-configs"},
+	}
+}
+
+func (c *getCommand) SetFlags(f *gnuflag.FlagSet) {
+	// TODO(dfc) add json formatting ?
+	c.out.AddFlags(f, "yaml", map[string]cmd.Formatter{
+		"yaml": cmd.FormatYaml,
+	})
+}
+
+func (c *getCommand) Init(args []string) error {
+	// TODO(dfc) add --schema-only
+	if len(args) == 0 {
+		return errors.New("no application name specified")
+	}
+	c.ApplicationName = args[0]
+	return cmd.CheckEmpty(args[1:])
+}
+
+// getServiceAPI defines the methods on the client API
+// that the application get command calls.
+type getServiceAPI interface {
+	Close() error
+	Get(application string) (*params.ApplicationGetResults, error)
+}
+
+func (c *getCommand) getAPI() (getServiceAPI, error) {
+	if c.api != nil {
+		return c.api, nil
+	}
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+// Run fetches the configuration of the application and formats
+// the result as a YAML string.
+func (c *getCommand) Run(ctx *cmd.Context) error {
+	apiclient, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer apiclient.Close()
+
+	results, err := apiclient.Get(c.ApplicationName)
+	if err != nil {
+		return err
+	}
+
+	resultsMap := map[string]interface{}{
+		"application": results.Application,
+		"charm":       results.Charm,
+		"settings":    results.Config,
+	}
+	return c.out.Write(ctx, resultsMap)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/get_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/get_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/get_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/get_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,100 @@
+// Copyright 2012-2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"bytes"
+
+	"github.com/juju/cmd"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	goyaml "gopkg.in/yaml.v2"
+
+	"github.com/juju/juju/cmd/juju/application"
+	coretesting "github.com/juju/juju/testing"
+)
+
+type GetSuite struct {
+	coretesting.FakeJujuXDGDataHomeSuite
+	fake *fakeServiceAPI
+}
+
+var _ = gc.Suite(&GetSuite{})
+
+var getTests = []struct {
+	application string
+	expected    map[string]interface{}
+}{
+	{
+		"dummy-application",
+		map[string]interface{}{
+			"application": "dummy-application",
+			"charm":       "dummy",
+			"settings": map[string]interface{}{
+				"title": map[string]interface{}{
+					"description": "Specifies title",
+					"type":        "string",
+					"value":       "Nearly There",
+				},
+				"skill-level": map[string]interface{}{
+					"description": "Specifies skill-level",
+					"value":       100,
+					"type":        "int",
+				},
+				"username": map[string]interface{}{
+					"description": "Specifies username",
+					"type":        "string",
+					"value":       "admin001",
+				},
+				"outlook": map[string]interface{}{
+					"description": "Specifies outlook",
+					"type":        "string",
+					"value":       "true",
+				},
+			},
+		},
+	},
+
+	// TODO(dfc) add additional services (need more charms)
+	// TODO(dfc) add set tests
+}
+
+func (s *GetSuite) SetUpTest(c *gc.C) {
+	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
+	s.fake = &fakeServiceAPI{serviceName: "dummy-application", charmName: "dummy",
+		values: map[string]interface{}{
+			"title":       "Nearly There",
+			"skill-level": 100,
+			"username":    "admin001",
+			"outlook":     "true",
+		}}
+}
+
+func (s *GetSuite) TestGetCommandInit(c *gc.C) {
+	// missing args
+	err := coretesting.InitCommand(application.NewGetCommandForTest(s.fake), []string{})
+	c.Assert(err, gc.ErrorMatches, "no application name specified")
+}
+
+func (s *GetSuite) TestGetConfig(c *gc.C) {
+	for _, t := range getTests {
+		ctx := coretesting.Context(c)
+		code := cmd.Main(application.NewGetCommandForTest(s.fake), ctx, []string{t.application})
+		c.Check(code, gc.Equals, 0)
+		c.Assert(ctx.Stderr.(*bytes.Buffer).String(), gc.Equals, "")
+		// round trip via goyaml to avoid being sucked into a quagmire of
+		// map[interface{}]interface{} vs map[string]interface{}. This is
+		// also required if we add json support to this command.
+		buf, err := goyaml.Marshal(t.expected)
+		c.Assert(err, jc.ErrorIsNil)
+		expected := make(map[string]interface{})
+		err = goyaml.Unmarshal(buf, &expected)
+		c.Assert(err, jc.ErrorIsNil)
+
+		actual := make(map[string]interface{})
+		err = goyaml.Unmarshal(ctx.Stdout.(*bytes.Buffer).Bytes(), &actual)
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(actual, gc.DeepEquals, expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,21 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"runtime"
+	stdtesting "testing"
+
+	_ "github.com/juju/juju/provider/dummy"
+	"github.com/juju/juju/testing"
+)
+
+// TODO(wallyworld) - convert tests moved across from commands package to not require mongo
+
+func TestPackage(t *stdtesting.T) {
+	if runtime.GOARCH == "386" {
+		t.Skipf("skipping package for %v/%v, see http://pad.lv/1425569", runtime.GOOS, runtime.GOARCH)
+	}
+	testing.MgoTestPackage(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/register.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/register.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/register.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/register.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,285 @@
+// Copyright 2015 Canonical Ltd. All rights reserved.
+
+package application
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"regexp"
+	"strings"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/api/charms"
+)
+
+var budgetWithLimitRe = regexp.MustCompile(`^[a-zA-Z0-9\-]+:[0-9]+$`)
+
+type metricRegistrationPost struct {
+	ModelUUID       string `json:"env-uuid"`
+	CharmURL        string `json:"charm-url"`
+	ApplicationName string `json:"service-name"`
+	PlanURL         string `json:"plan-url"`
+	Budget          string `json:"budget"`
+	Limit           string `json:"limit"`
+}
+
+// RegisterMeteredCharm implements the DeployStep interface.
+type RegisterMeteredCharm struct {
+	AllocationSpec string
+	Plan           string
+	RegisterURL    string
+	QueryURL       string
+	credentials    []byte
+	budget         string
+	limit          string
+}
+
+func (r *RegisterMeteredCharm) SetFlags(f *gnuflag.FlagSet) {
+	f.StringVar(&r.AllocationSpec, "budget", "personal:0", "budget and allocation limit")
+	f.StringVar(&r.Plan, "plan", "", "plan to deploy charm under")
+}
+
+// RunPre obtains authorization to deploy this charm. The authorization, if received is not
+// sent to the controller, rather it is kept as an attribute on RegisterMeteredCharm.
+func (r *RegisterMeteredCharm) RunPre(state api.Connection, bakeryClient *httpbakery.Client, ctx *cmd.Context, deployInfo DeploymentInfo) error {
+	if allocBudget, allocLimit, err := parseBudgetWithLimit(r.AllocationSpec); err == nil {
+		// Make these available to registration if valid.
+		r.budget, r.limit = allocBudget, allocLimit
+	} else {
+		return errors.Trace(err)
+	}
+
+	charmsClient := charms.NewClient(state)
+	metered, err := charmsClient.IsMetered(deployInfo.CharmID.URL.String())
+	if err != nil {
+		return err
+	}
+	if !metered {
+		return nil
+	}
+
+	if r.Plan == "" && deployInfo.CharmID.URL.Schema == "cs" {
+		r.Plan, err = r.getDefaultPlan(bakeryClient, deployInfo.CharmID.URL.String())
+		if err != nil {
+			if isNoDefaultPlanError(err) {
+				options, err1 := r.getCharmPlans(bakeryClient, deployInfo.CharmID.URL.String())
+				if err1 != nil {
+					return err1
+				}
+				charmUrl := deployInfo.CharmID.URL.String()
+				return errors.Errorf(`%v has no default plan. Try "juju deploy --plan <plan-name> with one of %v"`, charmUrl, strings.Join(options, ", "))
+			}
+			return err
+		}
+	}
+
+	r.credentials, err = r.registerMetrics(
+		deployInfo.ModelUUID,
+		deployInfo.CharmID.URL.String(),
+		deployInfo.ApplicationName,
+		r.budget,
+		r.limit,
+		bakeryClient)
+	if err != nil {
+		if deployInfo.CharmID.URL.Schema == "cs" {
+			logger.Infof("failed to obtain plan authorization: %v", err)
+			return err
+		}
+		logger.Debugf("no plan authorization: %v", err)
+	}
+	return nil
+}
+
+// RunPost sends credentials obtained during the call to RunPre to the controller.
+func (r *RegisterMeteredCharm) RunPost(state api.Connection, bakeryClient *httpbakery.Client, ctx *cmd.Context, deployInfo DeploymentInfo, prevErr error) error {
+	if prevErr != nil {
+		return nil
+	}
+	if r.credentials == nil {
+		return nil
+	}
+	api, cerr := getMetricCredentialsAPI(state)
+	if cerr != nil {
+		logger.Infof("failed to get the metrics credentials setter: %v", cerr)
+		return cerr
+	}
+	defer api.Close()
+
+	err := api.SetMetricCredentials(deployInfo.ApplicationName, r.credentials)
+	if err != nil {
+		logger.Warningf("failed to set metric credentials: %v", err)
+		return errors.Trace(err)
+	}
+
+	return nil
+}
+
+type noDefaultPlanError struct {
+	cUrl string
+}
+
+func (e *noDefaultPlanError) Error() string {
+	return fmt.Sprintf("%v has no default plan", e.cUrl)
+}
+
+func isNoDefaultPlanError(e error) bool {
+	_, ok := e.(*noDefaultPlanError)
+	return ok
+}
+
+func (r *RegisterMeteredCharm) getDefaultPlan(client *httpbakery.Client, cURL string) (string, error) {
+	if r.QueryURL == "" {
+		return "", errors.Errorf("no plan query url specified")
+	}
+
+	qURL, err := url.Parse(r.QueryURL + "/default")
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+
+	query := qURL.Query()
+	query.Set("charm-url", cURL)
+	qURL.RawQuery = query.Encode()
+
+	req, err := http.NewRequest("GET", qURL.String(), nil)
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+
+	response, err := client.Do(req)
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode == http.StatusNotFound {
+		return "", &noDefaultPlanError{cURL}
+	}
+	if response.StatusCode != http.StatusOK {
+		return "", errors.Errorf("failed to query default plan: http response is %d", response.StatusCode)
+	}
+
+	var planInfo struct {
+		URL string `json:"url"`
+	}
+	dec := json.NewDecoder(response.Body)
+	err = dec.Decode(&planInfo)
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+	return planInfo.URL, nil
+}
+
+func (r *RegisterMeteredCharm) getCharmPlans(client *httpbakery.Client, cURL string) ([]string, error) {
+	if r.QueryURL == "" {
+		return nil, errors.Errorf("no plan query url specified")
+	}
+	qURL, err := url.Parse(r.QueryURL)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	query := qURL.Query()
+	query.Set("charm-url", cURL)
+	qURL.RawQuery = query.Encode()
+
+	req, err := http.NewRequest("GET", qURL.String(), nil)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	response, err := client.Do(req)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusOK {
+		return nil, errors.Errorf("failed to query plans: http response is %d", response.StatusCode)
+	}
+
+	var planInfo []struct {
+		URL string `json:"url"`
+	}
+	dec := json.NewDecoder(response.Body)
+	err = dec.Decode(&planInfo)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	info := make([]string, len(planInfo))
+	for i, p := range planInfo {
+		info[i] = p.URL
+	}
+	return info, nil
+}
+
+func (r *RegisterMeteredCharm) registerMetrics(modelUUID, charmURL, serviceName, budget, limit string, client *httpbakery.Client) ([]byte, error) {
+	if r.RegisterURL == "" {
+		return nil, errors.Errorf("no metric registration url is specified")
+	}
+	registerURL, err := url.Parse(r.RegisterURL)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	registrationPost := metricRegistrationPost{
+		ModelUUID:       modelUUID,
+		CharmURL:        charmURL,
+		ApplicationName: serviceName,
+		PlanURL:         r.Plan,
+		Budget:          budget,
+		Limit:           limit,
+	}
+
+	buff := &bytes.Buffer{}
+	encoder := json.NewEncoder(buff)
+	err = encoder.Encode(registrationPost)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	req, err := http.NewRequest("POST", registerURL.String(), nil)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	req.Header.Set("Content-Type", "application/json")
+
+	response, err := client.DoWithBody(req, bytes.NewReader(buff.Bytes()))
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode == http.StatusOK {
+		b, err := ioutil.ReadAll(response.Body)
+		if err != nil {
+			return nil, errors.Annotatef(err, "failed to read the response")
+		}
+		return b, nil
+	}
+	var respError struct {
+		Error string `json:"error"`
+	}
+	err = json.NewDecoder(response.Body).Decode(&respError)
+	if err != nil {
+		return nil, errors.Errorf("authorization failed: http response is %d", response.StatusCode)
+	}
+	return nil, errors.Errorf("authorization failed: %s", respError.Error)
+}
+
+func parseBudgetWithLimit(bl string) (string, string, error) {
+	if !budgetWithLimitRe.MatchString(bl) {
+		return "", "", errors.New("invalid allocation, expecting <budget>:<limit>")
+	}
+	parts := strings.Split(bl, ":")
+	return parts[0], parts[1], nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/register_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/register_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/register_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/register_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,490 @@
+// Copyright 2015 Canonical Ltd. All rights reserved.
+
+package application
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/charmstore"
+	coretesting "github.com/juju/juju/testing"
+)
+
+var _ = gc.Suite(&registrationSuite{})
+
+type registrationSuite struct {
+	testing.CleanupSuite
+	stub     *testing.Stub
+	handler  *testMetricsRegistrationHandler
+	server   *httptest.Server
+	register DeployStep
+	ctx      *cmd.Context
+}
+
+func (s *registrationSuite) SetUpTest(c *gc.C) {
+	s.CleanupSuite.SetUpTest(c)
+	s.stub = &testing.Stub{}
+	s.handler = &testMetricsRegistrationHandler{Stub: s.stub}
+	s.server = httptest.NewServer(s.handler)
+	s.register = &RegisterMeteredCharm{
+		Plan:           "someplan",
+		RegisterURL:    s.server.URL,
+		AllocationSpec: "personal:100",
+	}
+	s.ctx = coretesting.Context(c)
+}
+
+func (s *registrationSuite) TearDownTest(c *gc.C) {
+	s.CleanupSuite.TearDownTest(c)
+	s.server.Close()
+}
+
+func (s *registrationSuite) TestMeteredCharm(c *gc.C) {
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
+	c.Assert(err, jc.ErrorIsNil)
+	authorization, err := json.Marshal([]byte("hello registration"))
+	authorization = append(authorization, byte(0xa))
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/metered-1"}},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "model uuid",
+			CharmURL:        "cs:quantal/metered-1",
+			ApplicationName: "application name",
+			PlanURL:         "someplan",
+			Budget:          "personal",
+			Limit:           "100",
+		}},
+	}, {
+		"APICall", []interface{}{"Application", "SetMetricCredentials", params.ApplicationMetricCredentials{
+			Creds: []params.ApplicationMetricCredential{params.ApplicationMetricCredential{
+				ApplicationName:   "application name",
+				MetricCredentials: authorization,
+			}},
+		}},
+	}})
+}
+
+func (s *registrationSuite) TestMeteredCharmAPIError(c *gc.C) {
+	s.stub.SetErrors(nil, errors.New("something failed"))
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, gc.ErrorMatches, `authorization failed: something failed`)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/metered-1"}},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "model uuid",
+			CharmURL:        "cs:quantal/metered-1",
+			ApplicationName: "application name",
+			PlanURL:         "someplan",
+			Budget:          "personal",
+			Limit:           "100",
+		}},
+	}})
+}
+
+func (s *registrationSuite) TestMeteredCharmInvalidAllocation(c *gc.C) {
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	s.register = &RegisterMeteredCharm{
+		Plan:           "someplan",
+		RegisterURL:    s.server.URL,
+		AllocationSpec: "invalid allocation",
+	}
+
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, gc.ErrorMatches, `invalid allocation, expecting <budget>:<limit>`)
+	s.stub.CheckNoCalls(c)
+}
+
+func (s *registrationSuite) TestMeteredCharmDeployError(c *gc.C) {
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, jc.ErrorIsNil)
+	deployError := errors.New("deployment failed")
+	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, deployError)
+	c.Assert(err, jc.ErrorIsNil)
+	authorization, err := json.Marshal([]byte("hello registration"))
+	authorization = append(authorization, byte(0xa))
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/metered-1"}},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "model uuid",
+			CharmURL:        "cs:quantal/metered-1",
+			ApplicationName: "application name",
+			PlanURL:         "someplan",
+			Budget:          "personal",
+			Limit:           "100",
+		}},
+	}})
+}
+
+func (s *registrationSuite) TestMeteredLocalCharmWithPlan(c *gc.C) {
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("local:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
+	c.Assert(err, jc.ErrorIsNil)
+	authorization, err := json.Marshal([]byte("hello registration"))
+	authorization = append(authorization, byte(0xa))
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "local:quantal/metered-1"}},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "model uuid",
+			CharmURL:        "local:quantal/metered-1",
+			ApplicationName: "application name",
+			PlanURL:         "someplan",
+			Budget:          "personal",
+			Limit:           "100",
+		}},
+	}, {
+		"APICall", []interface{}{"Application", "SetMetricCredentials", params.ApplicationMetricCredentials{
+			Creds: []params.ApplicationMetricCredential{params.ApplicationMetricCredential{
+				ApplicationName:   "application name",
+				MetricCredentials: authorization,
+			}},
+		}},
+	}})
+}
+
+func (s *registrationSuite) TestMeteredLocalCharmNoPlan(c *gc.C) {
+	s.register = &RegisterMeteredCharm{
+		RegisterURL:    s.server.URL,
+		QueryURL:       s.server.URL,
+		AllocationSpec: "personal:100",
+	}
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("local:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
+	c.Assert(err, jc.ErrorIsNil)
+	authorization, err := json.Marshal([]byte("hello registration"))
+	authorization = append(authorization, byte(0xa))
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "local:quantal/metered-1"}},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "model uuid",
+			CharmURL:        "local:quantal/metered-1",
+			ApplicationName: "application name",
+			PlanURL:         "",
+			Budget:          "personal",
+			Limit:           "100",
+		}},
+	}, {
+		"APICall", []interface{}{"Application", "SetMetricCredentials", params.ApplicationMetricCredentials{
+			Creds: []params.ApplicationMetricCredential{params.ApplicationMetricCredential{
+				ApplicationName:   "application name",
+				MetricCredentials: authorization,
+			}},
+		}},
+	}})
+}
+
+func (s *registrationSuite) TestMeteredCharmNoPlanSet(c *gc.C) {
+	s.register = &RegisterMeteredCharm{
+		AllocationSpec: "personal:100",
+		RegisterURL:    s.server.URL,
+		QueryURL:       s.server.URL}
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
+	c.Assert(err, jc.ErrorIsNil)
+	authorization, err := json.Marshal([]byte("hello registration"))
+	authorization = append(authorization, byte(0xa))
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/metered-1"}},
+	}, {
+		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "model uuid",
+			CharmURL:        "cs:quantal/metered-1",
+			ApplicationName: "application name",
+			PlanURL:         "thisplan",
+			Budget:          "personal",
+			Limit:           "100",
+		}},
+	}, {
+		"APICall", []interface{}{"Application", "SetMetricCredentials", params.ApplicationMetricCredentials{
+			Creds: []params.ApplicationMetricCredential{params.ApplicationMetricCredential{
+				ApplicationName:   "application name",
+				MetricCredentials: authorization,
+			}},
+		}},
+	}})
+}
+
+func (s *registrationSuite) TestMeteredCharmNoDefaultPlan(c *gc.C) {
+	s.stub.SetErrors(nil, errors.NotFoundf("default plan"))
+	s.register = &RegisterMeteredCharm{
+		AllocationSpec: "personal:100",
+		RegisterURL:    s.server.URL,
+		QueryURL:       s.server.URL}
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, gc.ErrorMatches, `cs:quantal/metered-1 has no default plan. Try "juju deploy --plan <plan-name> with one of thisplan, thisotherplan"`)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/metered-1"}},
+	}, {
+		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
+	}, {
+		"ListPlans", []interface{}{"cs:quantal/metered-1"},
+	}})
+}
+
+func (s *registrationSuite) TestMeteredCharmFailToQueryDefaultCharm(c *gc.C) {
+	s.stub.SetErrors(nil, errors.New("something failed"))
+	s.register = &RegisterMeteredCharm{
+		AllocationSpec: "personal:100",
+		RegisterURL:    s.server.URL,
+		QueryURL:       s.server.URL}
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, gc.ErrorMatches, `failed to query default plan:.*`)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/metered-1"}},
+	}, {
+		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
+	}})
+}
+
+func (s *registrationSuite) TestUnmeteredCharm(c *gc.C) {
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/unmetered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/unmetered-1"}},
+	}})
+	s.stub.ResetCalls()
+	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.CheckCalls(c, []testing.StubCall{})
+}
+
+func (s *registrationSuite) TestFailedAuth(c *gc.C) {
+	s.stub.SetErrors(nil, fmt.Errorf("could not authorize"))
+	client := httpbakery.NewClient()
+	d := DeploymentInfo{
+		CharmID: charmstore.CharmID{
+			URL: charm.MustParseURL("cs:quantal/metered-1"),
+		},
+		ApplicationName: "application name",
+		ModelUUID:       "model uuid",
+	}
+	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
+	c.Assert(err, gc.ErrorMatches, `authorization failed:.*`)
+	authorization, err := json.Marshal([]byte("hello registration"))
+	authorization = append(authorization, byte(0xa))
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.CheckCalls(c, []testing.StubCall{{
+		"APICall", []interface{}{"Charms", "IsMetered", params.CharmURL{URL: "cs:quantal/metered-1"}},
+	}, {
+		"Authorize", []interface{}{metricRegistrationPost{
+			ModelUUID:       "model uuid",
+			CharmURL:        "cs:quantal/metered-1",
+			ApplicationName: "application name",
+			PlanURL:         "someplan",
+			Budget:          "personal",
+			Limit:           "100",
+		}},
+	}})
+}
+
+type testMetricsRegistrationHandler struct {
+	*testing.Stub
+}
+
+type respErr struct {
+	Error string `json:"error"`
+}
+
+// ServeHTTP implements http.Handler.
+func (c *testMetricsRegistrationHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+	if req.Method == "POST" {
+		var registrationPost metricRegistrationPost
+		decoder := json.NewDecoder(req.Body)
+		err := decoder.Decode(&registrationPost)
+		if err != nil {
+			http.Error(w, "bad request", http.StatusBadRequest)
+			return
+		}
+		c.AddCall("Authorize", registrationPost)
+		rErr := c.NextErr()
+		if rErr != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			err = json.NewEncoder(w).Encode(respErr{Error: rErr.Error()})
+			if err != nil {
+				panic(err)
+			}
+			return
+		}
+		err = json.NewEncoder(w).Encode([]byte("hello registration"))
+		if err != nil {
+			panic(err)
+		}
+	} else if req.Method == "GET" {
+		if req.URL.Path == "/default" {
+			cURL := req.URL.Query().Get("charm-url")
+			c.AddCall("DefaultPlan", cURL)
+			rErr := c.NextErr()
+			if rErr != nil {
+				if errors.IsNotFound(rErr) {
+					http.Error(w, rErr.Error(), http.StatusNotFound)
+					return
+				}
+				http.Error(w, rErr.Error(), http.StatusInternalServerError)
+				return
+			}
+			result := struct {
+				URL string `json:"url"`
+			}{"thisplan"}
+			err := json.NewEncoder(w).Encode(result)
+			if err != nil {
+				panic(err)
+			}
+			return
+		}
+		cURL := req.URL.Query().Get("charm-url")
+		c.AddCall("ListPlans", cURL)
+		rErr := c.NextErr()
+		if rErr != nil {
+			http.Error(w, rErr.Error(), http.StatusInternalServerError)
+			return
+		}
+		result := []struct {
+			URL string `json:"url"`
+		}{
+			{"thisplan"},
+			{"thisotherplan"},
+		}
+		err := json.NewEncoder(w).Encode(result)
+		if err != nil {
+			panic(err)
+		}
+	} else {
+		http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+}
+
+type mockAPIConnection struct {
+	api.Connection
+	*testing.Stub
+}
+
+func (*mockAPIConnection) BestFacadeVersion(facade string) int {
+	return 42
+}
+
+func (*mockAPIConnection) Close() error {
+	return nil
+}
+
+func (m *mockAPIConnection) APICall(objType string, version int, id, request string, parameters, response interface{}) error {
+	m.MethodCall(m, "APICall", objType, request, parameters)
+
+	switch request {
+	case "IsMetered":
+		parameters := parameters.(params.CharmURL)
+		response := response.(*params.IsMeteredResult)
+		if parameters.URL == "cs:quantal/metered-1" || parameters.URL == "local:quantal/metered-1" {
+			response.Metered = true
+		}
+	case "SetMetricCredentials":
+		response := response.(*params.ErrorResults)
+		response.Results = append(response.Results, params.ErrorResult{Error: nil})
+	}
+	return m.NextErr()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeapplication.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeapplication.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeapplication.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeapplication.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,153 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"github.com/juju/romulus/api/budget"
+	wireformat "github.com/juju/romulus/wireformat/budget"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/api/charms"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+// NewRemoveServiceCommand returns a command which removes an application.
+func NewRemoveServiceCommand() cmd.Command {
+	return modelcmd.Wrap(&removeServiceCommand{})
+}
+
+// removeServiceCommand causes an existing application to be destroyed.
+type removeServiceCommand struct {
+	modelcmd.ModelCommandBase
+	ApplicationName string
+}
+
+var helpSummaryRmSvc = `
+Remove an application from the model.`[1:]
+
+var helpDetailsRmSvc = `
+Removing an application will terminate any relations that application has, remove
+all units of the application, and in the case that this leaves machines with
+no running applications, Juju will also remove the machine. For this reason,
+you should retrieve any logs or data required from applications and units 
+before removing them. Removing units which are co-located with units of
+other charms or a Juju controller will not result in the removal of the
+machine.
+
+Examples:
+    juju remove-application hadoop
+    juju remove-application -m test-model mariadb`[1:]
+
+func (c *removeServiceCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "remove-application",
+		Args:    "<application>",
+		Purpose: helpSummaryRmSvc,
+		Doc:     helpDetailsRmSvc,
+		Aliases: []string{"destroy-application"},
+	}
+}
+
+func (c *removeServiceCommand) Init(args []string) error {
+	if len(args) == 0 {
+		return fmt.Errorf("no application specified")
+	}
+	if !names.IsValidApplication(args[0]) {
+		return fmt.Errorf("invalid application name %q", args[0])
+	}
+	c.ApplicationName, args = args[0], args[1:]
+	return cmd.CheckEmpty(args)
+}
+
+type ServiceAPI interface {
+	Close() error
+	Destroy(serviceName string) error
+	DestroyUnits(unitNames ...string) error
+	GetCharmURL(serviceName string) (*charm.URL, error)
+	ModelUUID() string
+}
+
+func (c *removeServiceCommand) getAPI() (ServiceAPI, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+func (c *removeServiceCommand) Run(ctx *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+	err = block.ProcessBlockedError(client.Destroy(c.ApplicationName), block.BlockRemove)
+	if err != nil {
+		return err
+	}
+	return c.removeAllocation(ctx)
+}
+
+func (c *removeServiceCommand) removeAllocation(ctx *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	charmURL, err := client.GetCharmURL(c.ApplicationName)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if charmURL.Schema == "local" {
+		return nil
+	}
+
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	charmsClient := charms.NewClient(root)
+	metered, err := charmsClient.IsMetered(charmURL.String())
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if !metered {
+		return nil
+	}
+
+	modelUUID := client.ModelUUID()
+	bakeryClient, err := c.BakeryClient()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	budgetClient := getBudgetAPIClient(bakeryClient)
+
+	resp, err := budgetClient.DeleteAllocation(modelUUID, c.ApplicationName)
+	if wireformat.IsNotAvail(err) {
+		fmt.Fprintf(ctx.Stdout, "WARNING: Allocation not removed - %s.\n", err.Error())
+	} else if err != nil {
+		return err
+	}
+	if resp != "" {
+		fmt.Fprintf(ctx.Stdout, "%s\n", resp)
+	}
+	return nil
+}
+
+var getBudgetAPIClient = getBudgetAPIClientImpl
+
+func getBudgetAPIClientImpl(bakeryClient *httpbakery.Client) budgetAPIClient {
+	return budget.NewClient(bakeryClient)
+}
+
+type budgetAPIClient interface {
+	DeleteAllocation(string, string) (string, error)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeapplication_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeapplication_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeapplication_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeapplication_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,155 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+
+	"github.com/juju/juju/cmd/juju/common"
+	"github.com/juju/juju/cmd/modelcmd"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/rpc"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+	jutesting "github.com/juju/testing"
+)
+
+type RemoveServiceSuite struct {
+	jujutesting.RepoSuite
+	common.CmdBlockHelper
+	stub            *jutesting.Stub
+	budgetAPIClient budgetAPIClient
+}
+
+var _ = gc.Suite(&RemoveServiceSuite{})
+
+func (s *RemoveServiceSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+	s.stub = &jutesting.Stub{}
+	s.budgetAPIClient = &mockBudgetAPIClient{Stub: s.stub}
+	s.PatchValue(&getBudgetAPIClient, func(*httpbakery.Client) budgetAPIClient { return s.budgetAPIClient })
+}
+
+func runRemoveService(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, NewRemoveServiceCommand(), args...)
+	return err
+}
+
+func (s *RemoveServiceSuite) setupTestService(c *gc.C) {
+	// Destroy an application that exists.
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
+	err := runDeploy(c, ch, "riak", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *RemoveServiceSuite) TestSuccess(c *gc.C) {
+	s.setupTestService(c)
+	err := runRemoveService(c, "riak")
+	c.Assert(err, jc.ErrorIsNil)
+	riak, err := s.State.Application("riak")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(riak.Life(), gc.Equals, state.Dying)
+	s.stub.CheckNoCalls(c)
+}
+
+func (s *RemoveServiceSuite) TestRemoveLocalMetered(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "metered")
+	deploy := &DeployCommand{}
+	_, err := testing.RunCommand(c, modelcmd.Wrap(deploy), ch, "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	err = runRemoveService(c, "metered")
+	c.Assert(err, jc.ErrorIsNil)
+	riak, err := s.State.Application("metered")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(riak.Life(), gc.Equals, state.Dying)
+	s.stub.CheckNoCalls(c)
+}
+
+func (s *RemoveServiceSuite) TestBlockRemoveService(c *gc.C) {
+	s.setupTestService(c)
+
+	// block operation
+	s.BlockRemoveObject(c, "TestBlockRemoveService")
+	err := runRemoveService(c, "riak")
+	s.AssertBlocked(c, err, ".*TestBlockRemoveService.*")
+	riak, err := s.State.Application("riak")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(riak.Life(), gc.Equals, state.Alive)
+	s.stub.CheckNoCalls(c)
+}
+
+func (s *RemoveServiceSuite) TestFailure(c *gc.C) {
+	// Destroy an application that does not exist.
+	err := runRemoveService(c, "gargleblaster")
+	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
+		Message: `application "gargleblaster" not found`,
+		Code:    "not found",
+	})
+	s.stub.CheckNoCalls(c)
+}
+
+func (s *RemoveServiceSuite) TestInvalidArgs(c *gc.C) {
+	err := runRemoveService(c)
+	c.Assert(err, gc.ErrorMatches, `no application specified`)
+	err = runRemoveService(c, "ping", "pong")
+	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["pong"\]`)
+	err = runRemoveService(c, "invalid:name")
+	c.Assert(err, gc.ErrorMatches, `invalid application name "invalid:name"`)
+	s.stub.CheckNoCalls(c)
+}
+
+type RemoveCharmStoreCharmsSuite struct {
+	charmStoreSuite
+	stub            *jutesting.Stub
+	ctx             *cmd.Context
+	budgetAPIClient budgetAPIClient
+}
+
+var _ = gc.Suite(&RemoveCharmStoreCharmsSuite{})
+
+func (s *RemoveCharmStoreCharmsSuite) SetUpTest(c *gc.C) {
+	s.charmStoreSuite.SetUpTest(c)
+
+	s.ctx = testing.Context(c)
+	s.stub = &jutesting.Stub{}
+	s.budgetAPIClient = &mockBudgetAPIClient{Stub: s.stub}
+	s.PatchValue(&getBudgetAPIClient, func(*httpbakery.Client) budgetAPIClient { return s.budgetAPIClient })
+
+	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
+	deploy := &DeployCommand{}
+	_, err := testing.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1")
+	c.Assert(err, jc.ErrorIsNil)
+
+}
+
+func (s *RemoveCharmStoreCharmsSuite) TestRemoveAllocation(c *gc.C) {
+	err := runRemoveService(c, "metered")
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.CheckCalls(c, []jutesting.StubCall{{
+		"DeleteAllocation", []interface{}{testing.ModelTag.Id(), "metered"}}})
+}
+
+type mockBudgetAPIClient struct {
+	*jutesting.Stub
+}
+
+// CreateAllocation implements apiClient.
+func (c *mockBudgetAPIClient) CreateAllocation(budget, limit, model string, services []string) (string, error) {
+	c.MethodCall(c, "CreateAllocation", budget, limit, model, services)
+	return "Allocation created.", c.NextErr()
+}
+
+// DeleteAllocation implements apiClient.
+func (c *mockBudgetAPIClient) DeleteAllocation(model, application string) (string, error) {
+	c.MethodCall(c, "DeleteAllocation", model, application)
+	return "Allocation removed.", c.NextErr()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removerelation.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removerelation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removerelation.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removerelation.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,91 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+var helpSummary = `
+Removes an existing relation between two applications.`[1:]
+
+var helpDetails = `
+An existing relation between the two specified applications will be removed. 
+This should not result in either of the applications entering an error state,
+but may result in either or both of the applications being unable to continue
+normal operation. In the case that there is more than one relation between
+two applications it is necessary to specify which is to be removed (see
+examples). Relations will automatically be removed when using the`[1:] + "`juju\nremove-application`" + ` command.
+
+Examples:
+    juju remove-relation mysql wordpress
+
+In the case of multiple relations, the relation name should be specified
+at least once - the following examples will all have the same effect:
+
+    juju remove-relation mediawiki:db mariadb:db
+    juju remove-relation mediawiki mariadb:db
+    juju remove-relation mediawiki:db mariadb
+ 
+See also: 
+    add-relation
+    remove-application`
+
+// NewRemoveRelationCommand returns a command to remove a relation between 2 services.
+func NewRemoveRelationCommand() cmd.Command {
+	return modelcmd.Wrap(&removeRelationCommand{})
+}
+
+// removeRelationCommand causes an existing application relation to be shut down.
+type removeRelationCommand struct {
+	modelcmd.ModelCommandBase
+	Endpoints []string
+}
+
+func (c *removeRelationCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "remove-relation",
+		Args:    "<application1>[:<relation name1>] <application2>[:<relation name2>]",
+		Purpose: helpSummary,
+		Doc:     helpDetails,
+		Aliases: []string{"destroy-relation"},
+	}
+}
+
+func (c *removeRelationCommand) Init(args []string) error {
+	if len(args) != 2 {
+		return fmt.Errorf("a relation must involve two applications")
+	}
+	c.Endpoints = args
+	return nil
+}
+
+type serviceDestroyRelationAPI interface {
+	Close() error
+	DestroyRelation(endpoints ...string) error
+}
+
+func (c *removeRelationCommand) getAPI() (serviceDestroyRelationAPI, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+func (c *removeRelationCommand) Run(_ *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+	return block.ProcessBlockedError(client.DestroyRelation(c.Endpoints...), block.BlockRemove)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removerelation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removerelation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removerelation_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removerelation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/juju/common"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/rpc"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+)
+
+type RemoveRelationSuite struct {
+	jujutesting.RepoSuite
+	common.CmdBlockHelper
+}
+
+func (s *RemoveRelationSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+}
+
+var _ = gc.Suite(&RemoveRelationSuite{})
+
+func runRemoveRelation(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, NewRemoveRelationCommand(), args...)
+	return err
+}
+
+func (s *RemoveRelationSuite) setupRelationForRemove(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
+	err := runDeploy(c, ch, "riak", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
+	err = runDeploy(c, ch, "logging", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	runAddRelation(c, "riak", "logging")
+}
+
+func (s *RemoveRelationSuite) TestRemoveRelation(c *gc.C) {
+	s.setupRelationForRemove(c)
+
+	// Destroy a relation that exists.
+	err := runRemoveRelation(c, "logging", "riak")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Destroy a relation that used to exist.
+	err = runRemoveRelation(c, "riak", "logging")
+	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
+		Message: `relation "logging:info riak:juju-info" not found`,
+		Code:    "not found",
+	})
+
+	// Invalid removes.
+	err = runRemoveRelation(c, "ping", "pong")
+	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
+		Message: `application "ping" not found`,
+		Code:    "not found",
+	})
+	err = runRemoveRelation(c, "riak")
+	c.Assert(err, gc.ErrorMatches, `a relation must involve two applications`)
+}
+
+func (s *RemoveRelationSuite) TestBlockRemoveRelation(c *gc.C) {
+	s.setupRelationForRemove(c)
+
+	// block operation
+	s.BlockRemoveObject(c, "TestBlockRemoveRelation")
+	// Destroy a relation that exists.
+	err := runRemoveRelation(c, "logging", "riak")
+	s.AssertBlocked(c, err, ".*TestBlockRemoveRelation.*")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeunit.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeunit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeunit.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeunit.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,90 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+// NewRemoveUnitCommand returns a command which removes an application's units.
+func NewRemoveUnitCommand() cmd.Command {
+	return modelcmd.Wrap(&removeUnitCommand{})
+}
+
+// removeUnitCommand is responsible for destroying application units.
+type removeUnitCommand struct {
+	modelcmd.ModelCommandBase
+	UnitNames []string
+}
+
+const removeUnitDoc = `
+Remove application units from the model.
+
+Units of a service are numbered in sequence upon creation. For example, the
+fourth unit of wordpress will be designated "wordpress/3". These identifiers
+can be supplied in a space delimited list to remove unwanted units from the
+model.
+
+Juju will also remove the machine if the removed unit was the only unit left
+on that machine (including units in containers).
+
+Removing all units of a service is not equivalent to removing the service
+itself; for that, the ` + "`juju remove-service`" + ` command is used.
+
+Examples:
+
+    juju remove-unit wordpress/2 wordpress/3 wordpress/4
+
+See also: remove-service
+`
+
+func (c *removeUnitCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "remove-unit",
+		Args:    "<unit> [...]",
+		Purpose: "Remove application units from the model.",
+		Doc:     removeUnitDoc,
+		Aliases: []string{"destroy-unit"},
+	}
+}
+
+func (c *removeUnitCommand) Init(args []string) error {
+	c.UnitNames = args
+	if len(c.UnitNames) == 0 {
+		return fmt.Errorf("no units specified")
+	}
+	for _, name := range c.UnitNames {
+		if !names.IsValidUnit(name) {
+			return fmt.Errorf("invalid unit name %q", name)
+		}
+	}
+	return nil
+}
+
+func (c *removeUnitCommand) getAPI() (ServiceAPI, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+// Run connects to the environment specified on the command line and destroys
+// units therein.
+func (c *removeUnitCommand) Run(_ *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+	return block.ProcessBlockedError(client.DestroyUnits(c.UnitNames...), block.BlockRemove)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeunit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeunit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/removeunit_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/removeunit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,68 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/series"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+
+	"github.com/juju/juju/cmd/juju/common"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+)
+
+type RemoveUnitSuite struct {
+	jujutesting.RepoSuite
+	common.CmdBlockHelper
+}
+
+func (s *RemoveUnitSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+}
+
+var _ = gc.Suite(&RemoveUnitSuite{})
+
+func runRemoveUnit(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, NewRemoveUnitCommand(), args...)
+	return err
+}
+
+func (s *RemoveUnitSuite) setupUnitForRemove(c *gc.C) *state.Application {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, "-n", "2", ch, "dummy", "--series", series.LatestLts())
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL(fmt.Sprintf("local:%s/dummy-1", series.LatestLts()))
+	svc, _ := s.AssertService(c, "dummy", curl, 2, 0)
+	return svc
+}
+
+func (s *RemoveUnitSuite) TestRemoveUnit(c *gc.C) {
+	svc := s.setupUnitForRemove(c)
+
+	err := runRemoveUnit(c, "dummy/0", "dummy/1", "dummy/2", "sillybilly/17")
+	c.Assert(err, gc.ErrorMatches, `some units were not destroyed: unit "dummy/2" does not exist; unit "sillybilly/17" does not exist`)
+	units, err := svc.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	for _, u := range units {
+		c.Assert(u.Life(), gc.Equals, state.Dying)
+	}
+}
+func (s *RemoveUnitSuite) TestBlockRemoveUnit(c *gc.C) {
+	svc := s.setupUnitForRemove(c)
+
+	// block operation
+	s.BlockRemoveObject(c, "TestBlockRemoveUnit")
+	err := runRemoveUnit(c, "dummy/0", "dummy/1")
+	s.AssertBlocked(c, err, ".*TestBlockRemoveUnit.*")
+	c.Assert(svc.Life(), gc.Equals, state.Alive)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/series_selector.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/series_selector.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/series_selector.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/series_selector.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,107 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/utils/series"
+	"gopkg.in/juju/charm.v6-unstable"
+)
+
+const (
+	msgUserRequestedSeries = "with the user specified series %q"
+	msgBundleSeries        = "with the series %q defined by the bundle"
+	msgDefaultCharmSeries  = "with the default charm metadata series %q"
+	msgDefaultModelSeries  = "with the configured model default series %q"
+	msgLatestLTSSeries     = "with the latest LTS series %q"
+)
+
+type modelConfig interface {
+	DefaultSeries() (string, bool)
+}
+
+// seriesSelector is a helper type that determines what series the charm should
+// be deployed to.
+type seriesSelector struct {
+	// seriesFlag is the series passed to the --series flag on the command line.
+	seriesFlag string
+	// charmURLSeries is the series specified as part of the charm URL, i.e.
+	// cs:trusty/ubuntu.
+	charmURLSeries string
+	// conf is the configuration for the model we're deploying to.
+	conf modelConfig
+	// supportedSeries is the list of series the charm supports.
+	supportedSeries []string
+	// force indicates the user explicitly wants to deploy to a requested
+	// series, regardless of whether the charm says it supports that series.
+	force bool
+	// from bundle specifies the deploy request comes from a bundle spec.
+	fromBundle bool
+}
+
+// charmSeries determines what series to use with a charm.
+// Order of preference is:
+// - user requested with --series or defined by bundle when deploying
+// - user requested in charm's url (e.g. juju deploy precise/ubuntu)
+// - model default (if it matches supported series)
+// - default from charm metadata supported series / series in url
+// - default LTS
+func (s seriesSelector) charmSeries() (selectedSeries string, msg string, err error) {
+	// User has requested a series with --series.
+	if s.seriesFlag != "" {
+		return s.userRequested(s.seriesFlag)
+	}
+
+	// User specified a series in the charm URL, e.g.
+	// juju deploy precise/ubuntu.
+	if s.charmURLSeries != "" {
+		return s.userRequested(s.charmURLSeries)
+	}
+
+	// No series explicitly requested by the user.
+	// Use model default series, if explicitly set and supported by the charm.
+	if defaultSeries, explicit := s.conf.DefaultSeries(); explicit {
+		if isSeriesSupported(defaultSeries, s.supportedSeries) {
+			return defaultSeries, msgDefaultModelSeries, nil
+		}
+	}
+
+	// Use the charm's perferred series, if it has one.  In a multi-series
+	// charm, the first series in the list is the preferred one.
+	if len(s.supportedSeries) > 0 {
+		return s.supportedSeries[0], msgDefaultCharmSeries, nil
+	}
+
+	// Charm hasn't specified a default (likely due to being a local charm
+	// deployed by path).  Last chance, best we can do is default to LTS.
+
+	// At this point, because we have no idea what series the charm supports,
+	// *everything* requires --force.
+	if !s.force {
+		return "", "", s.unsupportedSeries(series.LatestLts())
+	}
+	return series.LatestLts(), msgLatestLTSSeries, nil
+}
+
+// userRequested checks the series the user has requested, and returns it if it
+// is supported, or if they used --force.
+func (s seriesSelector) userRequested(series string) (selectedSeries string, msg string, err error) {
+	if !s.force && !isSeriesSupported(series, s.supportedSeries) {
+		return "", "", s.unsupportedSeries(series)
+	}
+
+	// either it's a supported series or the user used --force, so just
+	// give them what they asked for.
+	if s.fromBundle {
+		return series, msgBundleSeries, nil
+	}
+	return series, msgUserRequestedSeries, nil
+}
+
+func (s seriesSelector) unsupportedSeries(series string) error {
+	supp := s.supportedSeries
+	if len(supp) == 0 {
+		supp = []string{"<none defined>"}
+	}
+	return charm.NewUnsupportedSeriesError(series, supp)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/series_selector_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/series_selector_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/series_selector_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/series_selector_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,172 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/series"
+	gc "gopkg.in/check.v1"
+)
+
+type SeriesSelectorSuite struct{}
+
+var _ = gc.Suite(&SeriesSelectorSuite{})
+
+func (s *SeriesSelectorSuite) TestCharmSeries(c *gc.C) {
+	deploySeriesTests := []struct {
+		title string
+
+		seriesSelector
+
+		ltsSeries      string
+		expectedSeries string
+		message        string
+		err            string
+	}{{
+		title: "use charm default, e.g. juju deploy ubuntu",
+		seriesSelector: seriesSelector{
+			supportedSeries: []string{"trusty", "precise"},
+			conf:            defaultSeries{"wily", true},
+		},
+		ltsSeries:      "precise",
+		expectedSeries: "trusty",
+		message:        "with the default charm metadata series %q",
+	}, {
+		title: "use supported requested, e.g. juju deploy ubuntu --series trusty",
+		seriesSelector: seriesSelector{
+			seriesFlag:      "trusty",
+			supportedSeries: []string{"trusty"},
+			conf:            defaultSeries{},
+		},
+		expectedSeries: "trusty",
+		message:        "with the user specified series %q",
+	}, {
+		title: "unsupported requested, e.g. juju deploy ubuntu --series quantal",
+		seriesSelector: seriesSelector{
+			seriesFlag:      "quantal",
+			supportedSeries: []string{"trusty", "precise"},
+			conf:            defaultSeries{},
+		},
+		err: `series "quantal" not supported by charm, supported series are: trusty,precise`,
+	}, {
+		title: "charm without series specified or requested, with --force",
+		seriesSelector: seriesSelector{
+			force: true,
+			conf:  defaultSeries{},
+		},
+		ltsSeries:      "quantal",
+		expectedSeries: "quantal",
+		message:        "with the latest LTS series %q",
+	}, {
+		title: "charm without series specified or requested, without --force",
+		seriesSelector: seriesSelector{
+			conf: defaultSeries{},
+		},
+		ltsSeries:      "quantal",
+		expectedSeries: "quantal",
+		err:            `series "quantal" not supported by charm, supported series are: <none defined>`,
+	}, {
+		title: "charm without series specified, series requested, without --force",
+		seriesSelector: seriesSelector{
+			seriesFlag: "xenial",
+			conf:       defaultSeries{},
+		},
+		ltsSeries:      "quantal",
+		expectedSeries: "quantal",
+		err:            `series "xenial" not supported by charm, supported series are: <none defined>`,
+	}, {
+		title: "charm without series specified, series requested, with --force",
+		seriesSelector: seriesSelector{
+			seriesFlag: "xenial",
+			conf:       defaultSeries{},
+			force:      true,
+		},
+		ltsSeries:      "quantal",
+		expectedSeries: "xenial",
+		message:        "with the user specified series %q",
+	}, {
+		title: "no requested series, default to model series if supported",
+		seriesSelector: seriesSelector{
+			conf:            defaultSeries{"xenial", true},
+			supportedSeries: []string{"precise", "xenial"},
+		},
+		expectedSeries: "xenial",
+		message:        "with the configured model default series %q",
+	}, {
+		title: "juju deploy --force --series=wily for unsupported series",
+		seriesSelector: seriesSelector{
+			seriesFlag:      "wily",
+			supportedSeries: []string{"trusty"},
+			force:           true,
+			conf:            defaultSeries{},
+		},
+		expectedSeries: "wily",
+		message:        "with the user specified series %q",
+	}, {
+		title: "juju deploy --series=precise for non-default but supported series",
+		seriesSelector: seriesSelector{
+			seriesFlag:      "precise",
+			supportedSeries: []string{"trusty", "precise"},
+			conf:            defaultSeries{},
+		},
+		expectedSeries: "precise",
+		message:        "with the user specified series %q",
+	}, {
+		title: "juju deploy precise/ubuntu for non-default but supported series",
+		seriesSelector: seriesSelector{
+			charmURLSeries:  "precise",
+			supportedSeries: []string{"trusty", "precise"},
+			conf:            defaultSeries{},
+		},
+		expectedSeries: "precise",
+		message:        "with the user specified series %q",
+	}, {
+		title: "juju deploy precise/ubuntu --series=wily for non-default but supported series",
+		seriesSelector: seriesSelector{
+			charmURLSeries:  "precise",
+			seriesFlag:      "wily",
+			supportedSeries: []string{"trusty", "wily"},
+			conf:            defaultSeries{},
+		},
+		expectedSeries: "wily",
+		message:        "with the user specified series %q",
+	}, {
+		title: "juju deploy precise/ubuntu --series=quantal for usupported series",
+		seriesSelector: seriesSelector{
+			charmURLSeries:  "precise",
+			seriesFlag:      "quantal",
+			supportedSeries: []string{"trusty", "precise"},
+			conf:            defaultSeries{},
+		},
+		err: `series "quantal" not supported by charm, supported series are: trusty,precise`,
+	}}
+
+	for i, test := range deploySeriesTests {
+
+		func() {
+			c.Logf("test %d [%s]", i, test.title)
+			if test.ltsSeries != "" {
+				previous := series.SetLatestLtsForTesting(test.ltsSeries)
+				defer series.SetLatestLtsForTesting(previous)
+			}
+			series, msg, err := test.seriesSelector.charmSeries()
+			if test.err != "" {
+				c.Check(err, gc.ErrorMatches, test.err)
+				return
+			}
+			c.Check(err, jc.ErrorIsNil)
+			c.Check(series, gc.Equals, test.expectedSeries)
+			c.Check(msg, gc.Matches, test.message)
+		}()
+	}
+}
+
+type defaultSeries struct {
+	series   string
+	explicit bool
+}
+
+func (d defaultSeries) DefaultSeries() (string, bool) {
+	return d.series, d.explicit
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/set.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/set.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/set.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/set.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,213 @@
+// Copyright 2012-2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+	"unicode/utf8"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"github.com/juju/utils/keyvalues"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+// NewSetCommand returns a command used to set application attributes.
+func NewSetCommand() cmd.Command {
+	return modelcmd.Wrap(&setCommand{})
+}
+
+// setCommand updates the configuration of an application.
+type setCommand struct {
+	modelcmd.ModelCommandBase
+	ApplicationName string
+	SettingsStrings map[string]string
+	Options         []string
+	SettingsYAML    cmd.FileVar
+	SetDefault      bool
+	serviceApi      serviceAPI
+}
+
+var usageSetConfigSummary = `
+Sets configuration options for an application.`[1:]
+
+var usageSetConfigDetails = `
+Charms may, and frequently do, expose a number of configuration settings
+for an application to the user. These can be set at deploy time, but may be set
+at any time by using the `[1:] + "`juju set-config`" + ` command. The actual options
+vary per charm (you can check the charm documentation, or use ` + "`juju get-\nconfig`" +
+	` to check which options may be set).
+If ‘value’ begins with the ‘@’ character, it is interpreted as a filename
+and the actual value is read from it. The maximum size of the filename is
+5M.
+Values may be any UTF-8 encoded string. UTF-8 is accepted on the command
+line and in referenced files.
+See ` + "`juju status`" + ` for application names.
+
+Examples:
+    juju set-config mysql dataset-size=80% backup_dir=/vol1/mysql/backups
+    juju set-config apache2 --model mymodel --config /home/ubuntu/mysql.yaml
+
+See also: 
+    get-config
+    deploy
+    status`
+
+const maxValueSize = 5242880
+
+// Info implements Command.Info.
+func (c *setCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "set-config",
+		Args:    "<application name> <application key>=<value> ...",
+		Purpose: usageSetConfigSummary,
+		Doc:     usageSetConfigDetails,
+		Aliases: []string{"set-configs"},
+	}
+}
+
+// SetFlags implements Command.SetFlags.
+func (c *setCommand) SetFlags(f *gnuflag.FlagSet) {
+	f.Var(&c.SettingsYAML, "config", "path to yaml-formatted application config")
+	f.BoolVar(&c.SetDefault, "to-default", false, "set application option values to default")
+}
+
+// Init implements Command.Init.
+func (c *setCommand) Init(args []string) error {
+	if len(args) == 0 || len(strings.Split(args[0], "=")) > 1 {
+		return errors.New("no application name specified")
+	}
+	if c.SettingsYAML.Path != "" && len(args) > 1 {
+		return errors.New("cannot specify --config when using key=value arguments")
+	}
+	c.ApplicationName = args[0]
+	if c.SetDefault {
+		c.Options = args[1:]
+		if len(c.Options) == 0 {
+			return errors.New("no configuration options specified")
+		}
+		return nil
+	}
+	settings, err := keyvalues.Parse(args[1:], true)
+	if err != nil {
+		return err
+	}
+	c.SettingsStrings = settings
+	return nil
+}
+
+// serviceAPI defines the methods on the client API
+// that the application set command calls.
+type serviceAPI interface {
+	Close() error
+	Update(args params.ApplicationUpdate) error
+	Get(application string) (*params.ApplicationGetResults, error)
+	Set(application string, options map[string]string) error
+	Unset(application string, options []string) error
+}
+
+func (c *setCommand) getServiceAPI() (serviceAPI, error) {
+	if c.serviceApi != nil {
+		return c.serviceApi, nil
+	}
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+// Run updates the configuration of an application.
+func (c *setCommand) Run(ctx *cmd.Context) error {
+	apiclient, err := c.getServiceAPI()
+	if err != nil {
+		return err
+	}
+	defer apiclient.Close()
+
+	if c.SettingsYAML.Path != "" {
+		b, err := c.SettingsYAML.Read(ctx)
+		if err != nil {
+			return err
+		}
+		return block.ProcessBlockedError(apiclient.Update(params.ApplicationUpdate{
+			ApplicationName: c.ApplicationName,
+			SettingsYAML:    string(b),
+		}), block.BlockChange)
+	} else if c.SetDefault {
+		return block.ProcessBlockedError(apiclient.Unset(c.ApplicationName, c.Options), block.BlockChange)
+	} else if len(c.SettingsStrings) == 0 {
+		return nil
+	}
+	settings := map[string]string{}
+	for k, v := range c.SettingsStrings {
+		//empty string is also valid as a setting value
+		if v == "" {
+			settings[k] = v
+			continue
+		}
+
+		if v[0] != '@' {
+			if !utf8.ValidString(v) {
+				return fmt.Errorf("value for option %q contains non-UTF-8 sequences", k)
+			}
+			settings[k] = v
+			continue
+		}
+		nv, err := readValue(ctx, v[1:])
+		if err != nil {
+			return err
+		}
+		if !utf8.ValidString(nv) {
+			return fmt.Errorf("value for option %q contains non-UTF-8 sequences", k)
+		}
+		settings[k] = nv
+	}
+
+	result, err := apiclient.Get(c.ApplicationName)
+	if err != nil {
+		return err
+	}
+
+	for k, v := range settings {
+		configValue := result.Config[k]
+
+		configValueMap, ok := configValue.(map[string]interface{})
+		if ok {
+			// convert the value to string and compare
+			if fmt.Sprintf("%v", configValueMap["value"]) == v {
+				logger.Warningf("the configuration setting %q already has the value %q", k, v)
+			}
+		}
+	}
+
+	return block.ProcessBlockedError(apiclient.Set(c.ApplicationName, settings), block.BlockChange)
+}
+
+// readValue reads the value of an option out of the named file.
+// An empty content is valid, like in parsing the options. The upper
+// size is 5M.
+func readValue(ctx *cmd.Context, filename string) (string, error) {
+	absFilename := ctx.AbsPath(filename)
+	fi, err := os.Stat(absFilename)
+	if err != nil {
+		return "", fmt.Errorf("cannot read option from file %q: %v", filename, err)
+	}
+	if fi.Size() > maxValueSize {
+		return "", fmt.Errorf("size of option file is larger than 5M")
+	}
+	content, err := ioutil.ReadFile(ctx.AbsPath(filename))
+	if err != nil {
+		return "", fmt.Errorf("cannot read option from file %q: %v", filename, err)
+	}
+	return string(content), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/set_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/set_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/set_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/set_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,234 @@
+// Copyright 2012-2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"bytes"
+	"io/ioutil"
+	"os"
+	"strings"
+	"unicode/utf8"
+
+	"github.com/juju/cmd"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/apiserver/common"
+	"github.com/juju/juju/cmd/juju/application"
+	coretesting "github.com/juju/juju/testing"
+)
+
+type SetSuite struct {
+	coretesting.FakeJujuXDGDataHomeSuite
+	dir            string
+	fakeServiceAPI *fakeServiceAPI
+}
+
+var _ = gc.Suite(&SetSuite{})
+
+var (
+	validSetTestValue   = "a value with spaces\nand newline\nand UTF-8 characters: \U0001F604 / \U0001F44D"
+	invalidSetTestValue = "a value with an invalid UTF-8 sequence: " + string([]byte{0xFF, 0xFF})
+	yamlConfigValue     = "dummy-application:\n  skill-level: 9000\n  username: admin001\n\n"
+)
+
+func (s *SetSuite) SetUpTest(c *gc.C) {
+	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
+	s.fakeServiceAPI = &fakeServiceAPI{serviceName: "dummy-application"}
+
+	s.dir = c.MkDir()
+	c.Assert(utf8.ValidString(validSetTestValue), jc.IsTrue)
+	c.Assert(utf8.ValidString(invalidSetTestValue), jc.IsFalse)
+	setupValueFile(c, s.dir, "valid.txt", validSetTestValue)
+	setupValueFile(c, s.dir, "invalid.txt", invalidSetTestValue)
+	setupBigFile(c, s.dir)
+	setupConfigFile(c, s.dir)
+}
+
+func (s *SetSuite) TestSetCommandInit(c *gc.C) {
+	// missing args
+	err := coretesting.InitCommand(application.NewSetCommandForTest(s.fakeServiceAPI), []string{})
+	c.Assert(err, gc.ErrorMatches, "no application name specified")
+
+	// missing application name
+	err = coretesting.InitCommand(application.NewSetCommandForTest(s.fakeServiceAPI), []string{"name=foo"})
+	c.Assert(err, gc.ErrorMatches, "no application name specified")
+
+	// --config path, but no application
+	err = coretesting.InitCommand(application.NewSetCommandForTest(s.fakeServiceAPI), []string{"--config", "testconfig.yaml"})
+	c.Assert(err, gc.ErrorMatches, "no application name specified")
+
+	// --config and options specified
+	err = coretesting.InitCommand(application.NewSetCommandForTest(s.fakeServiceAPI), []string{"application", "--config", "testconfig.yaml", "bees="})
+	c.Assert(err, gc.ErrorMatches, "cannot specify --config when using key=value arguments")
+
+	// --to-default and no config name provided
+	err = coretesting.InitCommand(application.NewSetCommandForTest(s.fakeServiceAPI), []string{"application", "--to-default"})
+	c.Assert(err, gc.ErrorMatches, "no configuration options specified")
+
+}
+
+func (s *SetSuite) TestSetOptionSuccess(c *gc.C) {
+	s.assertSetSuccess(c, s.dir, []string{
+		"username=hello",
+		"outlook=hello@world.tld",
+	}, map[string]interface{}{
+		"username": "hello",
+		"outlook":  "hello@world.tld",
+	})
+	s.assertSetSuccess(c, s.dir, []string{
+		"username=hello=foo",
+	}, map[string]interface{}{
+		"username": "hello=foo",
+		"outlook":  "hello@world.tld",
+	})
+	s.assertSetSuccess(c, s.dir, []string{
+		"username=@valid.txt",
+	}, map[string]interface{}{
+		"username": validSetTestValue,
+		"outlook":  "hello@world.tld",
+	})
+	s.assertSetSuccess(c, s.dir, []string{
+		"username=",
+	}, map[string]interface{}{
+		"username": "",
+		"outlook":  "hello@world.tld",
+	})
+}
+
+func (s *SetSuite) TestSetSameValue(c *gc.C) {
+	s.assertSetSuccess(c, s.dir, []string{
+		"username=hello",
+		"outlook=hello@world.tld",
+	}, map[string]interface{}{
+		"username": "hello",
+		"outlook":  "hello@world.tld",
+	})
+	s.assertSetWarning(c, s.dir, []string{
+		"username=hello",
+	}, "the configuration setting \"username\" already has the value \"hello\"")
+	s.assertSetWarning(c, s.dir, []string{
+		"outlook=hello@world.tld",
+	}, "the configuration setting \"outlook\" already has the value \"hello@world.tld\"")
+
+}
+
+func (s *SetSuite) TestSetOptionFail(c *gc.C) {
+	s.assertSetFail(c, s.dir, []string{"foo", "bar"}, "error: expected \"key=value\", got \"foo\"\n")
+	s.assertSetFail(c, s.dir, []string{"=bar"}, "error: expected \"key=value\", got \"=bar\"\n")
+	s.assertSetFail(c, s.dir, []string{
+		"username=@missing.txt",
+	}, "error: cannot read option from file \"missing.txt\": .* "+utils.NoSuchFileErrRegexp+"\n")
+	s.assertSetFail(c, s.dir, []string{
+		"username=@big.txt",
+	}, "error: size of option file is larger than 5M\n")
+	s.assertSetFail(c, s.dir, []string{
+		"username=@invalid.txt",
+	}, "error: value for option \"username\" contains non-UTF-8 sequences\n")
+}
+
+func (s *SetSuite) TestSetConfig(c *gc.C) {
+	s.assertSetFail(c, s.dir, []string{
+		"--config",
+		"missing.yaml",
+	}, "error.* "+utils.NoSuchFileErrRegexp+"\n")
+
+	ctx := coretesting.ContextForDir(c, s.dir)
+	code := cmd.Main(application.NewSetCommandForTest(s.fakeServiceAPI), ctx, []string{
+		"dummy-application",
+		"--config",
+		"testconfig.yaml"})
+
+	c.Check(code, gc.Equals, 0)
+	c.Check(s.fakeServiceAPI.config, gc.Equals, yamlConfigValue)
+}
+
+func (s *SetSuite) TestSetConfigToDefault(c *gc.C) {
+	s.fakeServiceAPI = &fakeServiceAPI{serviceName: "dummy-application", values: map[string]interface{}{
+		"username": "hello",
+	}}
+	s.assertSetSuccess(c, s.dir, []string{
+		"--to-default",
+		"username",
+	}, make(map[string]interface{}))
+}
+
+func (s *SetSuite) TestBlockSetConfig(c *gc.C) {
+	// Block operation
+	s.fakeServiceAPI.err = common.OperationBlockedError("TestBlockSetConfig")
+	ctx := coretesting.ContextForDir(c, s.dir)
+	code := cmd.Main(application.NewSetCommandForTest(s.fakeServiceAPI), ctx, []string{
+		"dummy-application",
+		"--config",
+		"testconfig.yaml"})
+	c.Check(code, gc.Equals, 1)
+	// msg is logged
+	stripped := strings.Replace(c.GetTestLog(), "\n", "", -1)
+	c.Check(stripped, gc.Matches, ".*TestBlockSetConfig.*")
+}
+
+// assertSetSuccess sets configuration options and checks the expected settings.
+func (s *SetSuite) assertSetSuccess(c *gc.C, dir string, args []string, expect map[string]interface{}) {
+	ctx := coretesting.ContextForDir(c, dir)
+	code := cmd.Main(application.NewSetCommandForTest(s.fakeServiceAPI), ctx, append([]string{"dummy-application"}, args...))
+	c.Assert(code, gc.Equals, 0)
+}
+
+// assertSetFail sets configuration options and checks the expected error.
+func (s *SetSuite) assertSetFail(c *gc.C, dir string, args []string, err string) {
+	ctx := coretesting.ContextForDir(c, dir)
+	code := cmd.Main(application.NewSetCommandForTest(s.fakeServiceAPI), ctx, append([]string{"dummy-application"}, args...))
+	c.Check(code, gc.Not(gc.Equals), 0)
+	c.Assert(ctx.Stderr.(*bytes.Buffer).String(), gc.Matches, err)
+}
+
+func (s *SetSuite) assertSetWarning(c *gc.C, dir string, args []string, w string) {
+	ctx := coretesting.ContextForDir(c, dir)
+	code := cmd.Main(application.NewSetCommandForTest(s.fakeServiceAPI), ctx, append([]string{"dummy-application"}, args...))
+	c.Check(code, gc.Equals, 0)
+
+	c.Assert(strings.Replace(c.GetTestLog(), "\n", " ", -1), gc.Matches, ".*WARNING.*"+w+".*")
+}
+
+// setupValueFile creates a file containing one value for testing
+// set with name=@filename.
+func setupValueFile(c *gc.C, dir, filename, value string) string {
+	ctx := coretesting.ContextForDir(c, dir)
+	path := ctx.AbsPath(filename)
+	content := []byte(value)
+	err := ioutil.WriteFile(path, content, 0666)
+	c.Assert(err, jc.ErrorIsNil)
+	return path
+}
+
+// setupBigFile creates a too big file for testing
+// set with name=@filename.
+func setupBigFile(c *gc.C, dir string) string {
+	ctx := coretesting.ContextForDir(c, dir)
+	path := ctx.AbsPath("big.txt")
+	file, err := os.Create(path)
+	c.Assert(err, jc.ErrorIsNil)
+	defer file.Close()
+	chunk := make([]byte, 1024)
+	for i := 0; i < cap(chunk); i++ {
+		chunk[i] = byte(i % 256)
+	}
+	for i := 0; i < 6000; i++ {
+		_, err = file.Write(chunk)
+		c.Assert(err, jc.ErrorIsNil)
+	}
+	return path
+}
+
+// setupConfigFile creates a configuration file for testing set
+// with the --config argument specifying a configuration file.
+func setupConfigFile(c *gc.C, dir string) string {
+	ctx := coretesting.ContextForDir(c, dir)
+	path := ctx.AbsPath("testconfig.yaml")
+	content := []byte(yamlConfigValue)
+	err := ioutil.WriteFile(path, content, 0666)
+	c.Assert(err, jc.ErrorIsNil)
+	return path
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/store.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/store.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/store.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/store.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,163 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"net/url"
+	"strings"
+
+	"github.com/juju/errors"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+	"gopkg.in/macaroon.v1"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/environs/config"
+)
+
+// maybeTermsAgreementError returns err as a *termsAgreementError
+// if it has a "terms agreement required" error code, otherwise
+// it returns err unchanged.
+func maybeTermsAgreementError(err error) error {
+	const code = "term agreement required"
+	e, ok := errors.Cause(err).(*httpbakery.DischargeError)
+	if !ok || e.Reason == nil || e.Reason.Code != code {
+		return err
+	}
+	magicMarker := code + ":"
+	index := strings.LastIndex(e.Reason.Message, magicMarker)
+	if index == -1 {
+		return err
+	}
+	return &termsRequiredError{strings.Fields(e.Reason.Message[index+len(magicMarker):])}
+}
+
+type termsRequiredError struct {
+	Terms []string
+}
+
+func (e *termsRequiredError) Error() string {
+	return fmt.Sprintf("please agree to terms %q", strings.Join(e.Terms, " "))
+}
+
+func isSeriesSupported(requestedSeries string, supportedSeries []string) bool {
+	for _, series := range supportedSeries {
+		if series == requestedSeries {
+			return true
+		}
+	}
+	return false
+}
+
+// charmURLResolver holds the information necessary to
+// resolve charm and bundle URLs.
+type charmURLResolver struct {
+	// store holds the repository to use for charmstore charms.
+	store *charmrepo.CharmStore
+
+	// conf holds the current model configuration.
+	conf *config.Config
+}
+
+func newCharmURLResolver(conf *config.Config, csClient *csclient.Client) *charmURLResolver {
+	r := &charmURLResolver{
+		store: charmrepo.NewCharmStoreFromClient(csClient),
+		conf:  conf,
+	}
+	return r
+}
+
+// TODO(ericsnow) Return charmstore.CharmID from resolve()?
+
+// resolve resolves the given given charm or bundle URL string by looking it up
+// in the charm store. The given csParams will be used to access the charm
+// store.
+//
+// It returns the fully resolved URL, the channel, any series supported by the
+// entity, and the store that holds it.
+func (r *charmURLResolver) resolve(url *charm.URL) (*charm.URL, csparams.Channel, []string, *charmrepo.CharmStore, error) {
+	if url.Schema != "cs" {
+		return nil, csparams.NoChannel, nil, nil, errors.Errorf("unknown schema for charm URL %q", url)
+	}
+	// If the user hasn't explicitly asked for a particular series,
+	// query for the charm that matches the model's default series.
+	// If this fails, we'll fall back to asking for whatever charm is available.
+	defaultedSeries := false
+	if url.Series == "" {
+		if s, ok := r.conf.DefaultSeries(); ok {
+			defaultedSeries = true
+			url.Series = s
+		}
+	}
+
+	charmStore := config.SpecializeCharmRepo(r.store, r.conf).(*charmrepo.CharmStore)
+
+	resultUrl, channel, supportedSeries, err := charmStore.ResolveWithChannel(url)
+	if defaultedSeries && errors.Cause(err) == csparams.ErrNotFound {
+		// we tried to use the model's default the series, but the store said it doesn't exist.
+		// retry without the defaulted series, to take what we can get.
+		url.Series = ""
+		resultUrl, channel, supportedSeries, err = charmStore.ResolveWithChannel(url)
+	}
+	if err != nil {
+		return nil, csparams.NoChannel, nil, nil, errors.Trace(err)
+	}
+	if resultUrl.Series != "" && len(supportedSeries) == 0 {
+		supportedSeries = []string{resultUrl.Series}
+	}
+	return resultUrl, channel, supportedSeries, charmStore, nil
+}
+
+// TODO(ericsnow) Return charmstore.CharmID from addCharmFromURL()?
+
+// addCharmFromURL calls the appropriate client API calls to add the
+// given charm URL to state. For non-public charm URLs, this function also
+// handles the macaroon authorization process using the given csClient.
+// The resulting charm URL of the added charm is displayed on stdout.
+func addCharmFromURL(client *api.Client, curl *charm.URL, channel csparams.Channel, csClient *csclient.Client) (*charm.URL, *macaroon.Macaroon, error) {
+	var csMac *macaroon.Macaroon
+	if err := client.AddCharm(curl, channel); err != nil {
+		if !params.IsCodeUnauthorized(err) {
+			return nil, nil, errors.Trace(err)
+		}
+		m, err := authorizeCharmStoreEntity(csClient, curl)
+		if err != nil {
+			return nil, nil, maybeTermsAgreementError(err)
+		}
+		if err := client.AddCharmWithAuthorization(curl, channel, m); err != nil {
+			return nil, nil, errors.Trace(err)
+		}
+		csMac = m
+	}
+	return curl, csMac, nil
+}
+
+// newCharmStoreClient is called to obtain a charm store client.
+// It is defined as a variable so it can be changed for testing purposes.
+var newCharmStoreClient = func(client *httpbakery.Client) *csclient.Client {
+	return csclient.New(csclient.Params{
+		BakeryClient: client,
+	})
+}
+
+// TODO(natefinch): change the code in this file to use the
+// github.com/juju/juju/charmstore package to interact with the charmstore.
+
+// authorizeCharmStoreEntity acquires and return the charm store delegatable macaroon to be
+// used to add the charm corresponding to the given URL.
+// The macaroon is properly attenuated so that it can only be used to deploy
+// the given charm URL.
+func authorizeCharmStoreEntity(csClient *csclient.Client, curl *charm.URL) (*macaroon.Macaroon, error) {
+	endpoint := "/delegatable-macaroon?id=" + url.QueryEscape(curl.String())
+	var m *macaroon.Macaroon
+	if err := csClient.Get(endpoint, &m); err != nil {
+		return nil, errors.Trace(err)
+	}
+	return m, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/unexpose.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/unexpose.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/unexpose.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/unexpose.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,74 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+var usageUnexposeSummary = `
+Removes public availability over the network for an application.`[1:]
+
+var usageUnexposeDetails = `
+Adjusts the firewall rules and any relevant security mechanisms of the
+cloud to deny public access to the application.
+An application is unexposed by default when it gets created.
+
+Examples:
+    juju unexpose wordpress
+
+See also: 
+    expose`[1:]
+
+// NewUnexposeCommand returns a command to unexpose services.
+func NewUnexposeCommand() cmd.Command {
+	return modelcmd.Wrap(&unexposeCommand{})
+}
+
+// unexposeCommand is responsible exposing services.
+type unexposeCommand struct {
+	modelcmd.ModelCommandBase
+	ApplicationName string
+}
+
+func (c *unexposeCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "unexpose",
+		Args:    "<application name>",
+		Purpose: usageUnexposeSummary,
+		Doc:     usageUnexposeDetails,
+	}
+}
+
+func (c *unexposeCommand) Init(args []string) error {
+	if len(args) == 0 {
+		return errors.New("no application name specified")
+	}
+	c.ApplicationName = args[0]
+	return cmd.CheckEmpty(args[1:])
+}
+
+func (c *unexposeCommand) getAPI() (serviceExposeAPI, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+// Run changes the juju-managed firewall to hide any
+// ports that were also explicitly marked by units as closed.
+func (c *unexposeCommand) Run(_ *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+	return block.ProcessBlockedError(client.Unexpose(c.ApplicationName), block.BlockChange)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/unexpose_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/unexpose_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/unexpose_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/unexpose_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,78 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+
+	"github.com/juju/juju/cmd/juju/common"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/rpc"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+)
+
+type UnexposeSuite struct {
+	jujutesting.RepoSuite
+	common.CmdBlockHelper
+}
+
+func (s *UnexposeSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+}
+
+var _ = gc.Suite(&UnexposeSuite{})
+
+func runUnexpose(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, NewUnexposeCommand(), args...)
+	return err
+}
+
+func (s *UnexposeSuite) assertExposed(c *gc.C, application string, expected bool) {
+	svc, err := s.State.Application(application)
+	c.Assert(err, jc.ErrorIsNil)
+	actual := svc.IsExposed()
+	c.Assert(actual, gc.Equals, expected)
+}
+
+func (s *UnexposeSuite) TestUnexpose(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "some-application-name", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "some-application-name", curl, 1, 0)
+
+	err = runExpose(c, "some-application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertExposed(c, "some-application-name", true)
+
+	err = runUnexpose(c, "some-application-name")
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertExposed(c, "some-application-name", false)
+
+	err = runUnexpose(c, "nonexistent-application")
+	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
+		Message: `application "nonexistent-application" not found`,
+		Code:    "not found",
+	})
+}
+
+func (s *UnexposeSuite) TestBlockUnexpose(c *gc.C) {
+	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	err := runDeploy(c, ch, "some-application-name", "--series", "trusty")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := charm.MustParseURL("local:trusty/dummy-1")
+	s.AssertService(c, "some-application-name", curl, 1, 0)
+
+	// Block operation
+	s.BlockAllChanges(c, "TestBlockUnexpose")
+	err = runExpose(c, "some-application-name")
+	s.AssertBlocked(c, err, ".*TestBlockUnexpose.*")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/upgradecharm.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/upgradecharm.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/upgradecharm.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/upgradecharm.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,399 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"gopkg.in/juju/charm.v6-unstable"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/macaroon.v1"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/api/application"
+	"github.com/juju/juju/api/charms"
+	"github.com/juju/juju/charmstore"
+	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/resource"
+	"github.com/juju/juju/resource/resourceadapters"
+)
+
+// NewUpgradeCharmCommand returns a command which upgrades application's charm.
+func NewUpgradeCharmCommand() cmd.Command {
+	return modelcmd.Wrap(&upgradeCharmCommand{})
+}
+
+// UpgradeCharm is responsible for upgrading an application's charm.
+type upgradeCharmCommand struct {
+	modelcmd.ModelCommandBase
+	ApplicationName string
+	ForceUnits      bool
+	ForceSeries     bool
+	SwitchURL       string
+	CharmPath       string
+	Revision        int // defaults to -1 (latest)
+	// Resources is a map of resource name to filename to be uploaded on upgrade.
+	Resources map[string]string
+
+	// Channel holds the charmstore channel to use when obtaining
+	// the charm to be upgraded to.
+	Channel csclientparams.Channel
+}
+
+const upgradeCharmDoc = `
+When no flags are set, the application's charm will be upgraded to the latest
+revision available in the repository from which it was originally deployed. An
+explicit revision can be chosen with the --revision flag.
+
+A path will need to be supplied to allow an updated copy of the charm
+to be located.
+
+Deploying from a path is intended to suit the workflow of a charm author working
+on a single client machine; use of this deployment method from multiple clients
+is not supported and may lead to confusing behaviour. Each local charm gets
+uploaded with the revision specified in the charm, if possible, otherwise it
+gets a unique revision (highest in state + 1).
+
+When deploying from a path, the --path flag is used to specify the location from
+which to load the updated charm. Note that the directory containing the charm must
+match what was originally used to deploy the charm as a superficial check that the
+updated charm is compatible.
+
+Resources may be uploaded at upgrade time by specifying the --resource flag.
+Following the resource flag should be name=filepath pair.  This flag may be
+repeated more than once to upload more than one resource.
+
+  juju upgrade-charm foo --resource bar=/some/file.tgz --resource baz=./docs/cfg.xml
+
+Where bar and baz are resources named in the metadata for the foo charm.
+
+If the new version of a charm does not explicitly support the application's series, the
+upgrade is disallowed unless the --force-series flag is used. This option should be
+used with caution since using a charm on a machine running an unsupported series may
+cause unexpected behavior.
+
+The --switch flag allows you to replace the charm with an entirely different one.
+The new charm's URL and revision are inferred as they would be when running a
+deploy command.
+
+Please note that --switch is dangerous, because juju only has limited
+information with which to determine compatibility; the operation will succeed,
+regardless of potential havoc, so long as the following conditions hold:
+
+- The new charm must declare all relations that the application is currently
+participating in.
+- All config settings shared by the old and new charms must
+have the same types.
+
+The new charm may add new relations and configuration settings.
+
+--switch and --path are mutually exclusive.
+
+--path and --revision are mutually exclusive. The revision of the updated charm
+is determined by the contents of the charm at the specified path.
+
+--switch and --revision are mutually exclusive. To specify a given revision
+number with --switch, give it in the charm URL, for instance "cs:wordpress-5"
+would specify revision number 5 of the wordpress charm.
+
+Use of the --force-units flag is not generally recommended; units upgraded while in an
+error state will not have upgrade-charm hooks executed, and may cause unexpected
+behavior.
+`
+
+func (c *upgradeCharmCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "upgrade-charm",
+		Args:    "<application>",
+		Purpose: "Upgrade an application's charm.",
+		Doc:     upgradeCharmDoc,
+	}
+}
+
+func (c *upgradeCharmCommand) SetFlags(f *gnuflag.FlagSet) {
+	f.BoolVar(&c.ForceUnits, "force-units", false, "Upgrade all units immediately, even if in error state")
+	f.StringVar((*string)(&c.Channel), "channel", "", "Channel to use when getting the charm or bundle from the charm store")
+	f.BoolVar(&c.ForceSeries, "force-series", false, "Upgrade even if series of deployed applications are not supported by the new charm")
+	f.StringVar(&c.SwitchURL, "switch", "", "Crossgrade to a different charm")
+	f.StringVar(&c.CharmPath, "path", "", "Upgrade to a charm located at path")
+	f.IntVar(&c.Revision, "revision", -1, "Explicit revision of current charm")
+	f.Var(stringMap{&c.Resources}, "resource", "Resource to be uploaded to the controller")
+}
+
+func (c *upgradeCharmCommand) Init(args []string) error {
+	switch len(args) {
+	case 1:
+		if !names.IsValidApplication(args[0]) {
+			return fmt.Errorf("invalid application name %q", args[0])
+		}
+		c.ApplicationName = args[0]
+	case 0:
+		return fmt.Errorf("no application specified")
+	default:
+		return cmd.CheckEmpty(args[1:])
+	}
+	if c.SwitchURL != "" && c.Revision != -1 {
+		return fmt.Errorf("--switch and --revision are mutually exclusive")
+	}
+	if c.CharmPath != "" && c.Revision != -1 {
+		return fmt.Errorf("--path and --revision are mutually exclusive")
+	}
+	if c.SwitchURL != "" && c.CharmPath != "" {
+		return fmt.Errorf("--switch and --path are mutually exclusive")
+	}
+	return nil
+}
+
+func (c *upgradeCharmCommand) newServiceAPIClient() (*application.Client, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return application.NewClient(root), nil
+}
+
+// Run connects to the specified environment and starts the charm
+// upgrade process.
+func (c *upgradeCharmCommand) Run(ctx *cmd.Context) error {
+	client, err := c.NewAPIClient()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+
+	serviceClient, err := c.newServiceAPIClient()
+	if err != nil {
+		return err
+	}
+
+	oldURL, err := serviceClient.GetCharmURL(c.ApplicationName)
+	if err != nil {
+		return err
+	}
+
+	newRef := c.SwitchURL
+	if newRef == "" {
+		newRef = c.CharmPath
+	}
+	if c.SwitchURL == "" && c.CharmPath == "" {
+		// If the charm we are upgrading is local, then we must
+		// specify a path or switch url to upgrade with.
+		if oldURL.Schema == "local" {
+			return errors.New("upgrading a local charm requires either --path or --switch")
+		}
+		// No new URL specified, but revision might have been.
+		newRef = oldURL.WithRevision(c.Revision).String()
+	}
+
+	bakeryClient, err := c.BakeryClient()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	csClient := newCharmStoreClient(bakeryClient).WithChannel(c.Channel)
+
+	conf, err := getClientConfig(client)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	resolver := newCharmURLResolver(conf, csClient)
+	chID, csMac, err := c.addCharm(oldURL, newRef, client, resolver)
+	if err != nil {
+		return block.ProcessBlockedError(err, block.BlockChange)
+	}
+	ctx.Infof("Added charm %q to the model.", chID.URL)
+
+	ids, err := c.upgradeResources(client, chID, csMac)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	cfg := application.SetCharmConfig{
+		ApplicationName: c.ApplicationName,
+		CharmID:         chID,
+		ForceSeries:     c.ForceSeries,
+		ForceUnits:      c.ForceUnits,
+		ResourceIDs:     ids,
+	}
+
+	return block.ProcessBlockedError(serviceClient.SetCharm(cfg), block.BlockChange)
+}
+
+// upgradeResources pushes metadata up to the server for each resource defined
+// in the new charm's metadata and returns a map of resource names to pending
+// IDs to include in the upgrage-charm call.
+func (c *upgradeCharmCommand) upgradeResources(client *api.Client, chID charmstore.CharmID, csMac *macaroon.Macaroon) (map[string]string, error) {
+	filtered, err := getUpgradeResources(c, c.ApplicationName, chID.URL, client, c.Resources)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if len(filtered) == 0 {
+		return nil, nil
+	}
+
+	// Note: the validity of user-supplied resources to be uploaded will be
+	// checked further down the stack.
+	return handleResources(c, c.Resources, c.ApplicationName, chID, csMac, filtered)
+}
+
+// TODO(ericsnow) Move these helpers into handleResources()?
+
+func getUpgradeResources(c APICmd, serviceID string, cURL *charm.URL, client *api.Client, cliResources map[string]string) (map[string]charmresource.Meta, error) {
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	charmsClient := charms.NewClient(root)
+	meta, err := getMetaResources(cURL, charmsClient)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if len(meta) == 0 {
+		return nil, nil
+	}
+
+	current, err := getResources(serviceID, c.NewAPIRoot)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	filtered := filterResources(meta, current, cliResources)
+	return filtered, nil
+}
+
+func getMetaResources(cURL *charm.URL, client *charms.Client) (map[string]charmresource.Meta, error) {
+	// this gets the charm info that was added to the controller using addcharm.
+	charmInfo, err := client.CharmInfo(cURL.String())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return charmInfo.Meta.Resources, nil
+}
+
+func getResources(serviceID string, newAPIRoot func() (api.Connection, error)) (map[string]resource.Resource, error) {
+	resclient, err := resourceadapters.NewAPIClient(newAPIRoot)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	svcs, err := resclient.ListResources([]string{serviceID})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	// ListResources guarantees a number of values returned == number of
+	// services passed in.
+	return resource.AsMap(svcs[0].Resources), nil
+}
+
+// TODO(ericsnow) Move filterResources() and shouldUploadMeta()
+// somewhere more general under the "resource" package?
+
+func filterResources(meta map[string]charmresource.Meta, current map[string]resource.Resource, uploads map[string]string) map[string]charmresource.Meta {
+	filtered := make(map[string]charmresource.Meta)
+	for name, res := range meta {
+		if shouldUpgradeResource(res, uploads, current) {
+			filtered[name] = res
+		}
+	}
+	return filtered
+}
+
+// shouldUpgradeResource reports whether we should upload the metadata for the given
+// resource.  This is always true for resources we're adding with the --resource
+// flag. For resources we're not adding with --resource, we only upload metadata
+// for charmstore resources.  Previously uploaded resources stay pinned to the
+// data the user uploaded.
+func shouldUpgradeResource(res charmresource.Meta, uploads map[string]string, current map[string]resource.Resource) bool {
+	// Always upload metadata for resources the user is uploading during
+	// upgrade-charm.
+	if _, ok := uploads[res.Name]; ok {
+		return true
+	}
+	cur, ok := current[res.Name]
+	if !ok {
+		// If there's no information on the server, there should be.
+		return true
+	}
+	// Never override existing resources a user has already uploaded.
+	if cur.Origin == charmresource.OriginUpload {
+		return false
+	}
+	return true
+}
+
+// addCharm interprets the new charmRef and adds the specified charm if the new charm is different
+// to what's already deployed as specified by oldURL.
+func (c *upgradeCharmCommand) addCharm(
+	oldURL *charm.URL,
+	charmRef string,
+	client *api.Client,
+	resolver *charmURLResolver,
+) (charmstore.CharmID, *macaroon.Macaroon, error) {
+	var id charmstore.CharmID
+	// Charm may have been supplied via a path reference.
+	ch, newURL, err := charmrepo.NewCharmAtPathForceSeries(charmRef, oldURL.Series, c.ForceSeries)
+	if err == nil {
+		_, newName := filepath.Split(charmRef)
+		if newName != oldURL.Name {
+			return id, nil, fmt.Errorf("cannot upgrade %q to %q", oldURL.Name, newName)
+		}
+		addedURL, err := client.AddLocalCharm(newURL, ch)
+		id.URL = addedURL
+		return id, nil, err
+	}
+	if _, ok := err.(*charmrepo.NotFoundError); ok {
+		return id, nil, errors.Errorf("no charm found at %q", charmRef)
+	}
+	// If we get a "not exists" or invalid path error then we attempt to interpret
+	// the supplied charm reference as a URL below, otherwise we return the error.
+	if err != os.ErrNotExist && !charmrepo.IsInvalidPathError(err) {
+		return id, nil, err
+	}
+
+	refURL, err := charm.ParseURL(charmRef)
+	if err != nil {
+		return id, nil, errors.Trace(err)
+	}
+
+	// Charm has been supplied as a URL so we resolve and deploy using the store.
+	newURL, channel, supportedSeries, store, err := resolver.resolve(refURL)
+	if err != nil {
+		return id, nil, errors.Trace(err)
+	}
+	id.Channel = channel
+	if !c.ForceSeries && oldURL.Series != "" && newURL.Series == "" && !isSeriesSupported(oldURL.Series, supportedSeries) {
+		series := []string{"no series"}
+		if len(supportedSeries) > 0 {
+			series = supportedSeries
+		}
+		return id, nil, errors.Errorf(
+			"cannot upgrade from single series %q charm to a charm supporting %q. Use --force-series to override.",
+			oldURL.Series, series,
+		)
+	}
+	// If no explicit revision was set with either SwitchURL
+	// or Revision flags, discover the latest.
+	if *newURL == *oldURL {
+		if refURL.Revision != -1 {
+			return id, nil, fmt.Errorf("already running specified charm %q", newURL)
+		}
+		// No point in trying to upgrade a charm store charm when
+		// we just determined that's the latest revision
+		// available.
+		return id, nil, fmt.Errorf("already running latest charm %q", newURL)
+	}
+
+	curl, csMac, err := addCharmFromURL(client, newURL, channel, store.Client())
+	if err != nil {
+		return id, nil, errors.Trace(err)
+	}
+	id.URL = curl
+	return id, csMac, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/upgradecharm_resources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/upgradecharm_resources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/upgradecharm_resources_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/upgradecharm_resources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,376 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application_test
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http/httptest"
+	"path"
+	"sort"
+	"strings"
+	"time"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+	"gopkg.in/juju/charmstore.v5-unstable"
+
+	"github.com/juju/juju/cmd/juju/application"
+	"github.com/juju/juju/component/all"
+	"github.com/juju/juju/constraints"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/resource"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+)
+
+type UpgradeCharmResourceSuite struct {
+	jujutesting.RepoSuite
+}
+
+var _ = gc.Suite(&UpgradeCharmResourceSuite{})
+
+func (s *UpgradeCharmResourceSuite) SetUpSuite(c *gc.C) {
+	s.RepoSuite.SetUpSuite(c)
+	all.RegisterForServer()
+}
+
+func (s *UpgradeCharmResourceSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	chPath := testcharms.Repo.ClonedDirPath(s.CharmsPath, "riak")
+
+	_, err := testing.RunCommand(c, application.NewDeployCommand(), chPath, "riak", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	riak, err := s.State.Application("riak")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, forced, err := riak.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.Revision(), gc.Equals, 7)
+	c.Assert(forced, jc.IsFalse)
+}
+
+var riakResourceMeta = []byte(`
+name: riakresource
+summary: "K/V storage engine"
+description: "Scalable K/V Store in Erlang with Clocks :-)"
+provides:
+  endpoint:
+    interface: http
+  admin:
+    interface: http
+peers:
+  ring:
+    interface: riak
+resources:
+  data:
+    type: file
+    filename: foo.lib
+    description: some comment
+`)
+
+func (s *UpgradeCharmResourceSuite) TestUpgradeWithResources(c *gc.C) {
+	myriakPath := testcharms.Repo.ClonedDir(c.MkDir(), "riak")
+	err := ioutil.WriteFile(path.Join(myriakPath.Path, "metadata.yaml"), riakResourceMeta, 0644)
+	c.Assert(err, jc.ErrorIsNil)
+
+	data := []byte("some-data")
+	fp, err := charmresource.GenerateFingerprint(bytes.NewReader(data))
+	c.Assert(err, jc.ErrorIsNil)
+
+	resourceFile := path.Join(c.MkDir(), "data.lib")
+	err = ioutil.WriteFile(resourceFile, data, 0644)
+	c.Assert(err, jc.ErrorIsNil)
+
+	_, err = testing.RunCommand(c, application.NewUpgradeCharmCommand(),
+		"riak", "--path="+myriakPath.Path, "--resource", "data="+resourceFile)
+	c.Assert(err, jc.ErrorIsNil)
+
+	resources, err := s.State.Resources()
+	c.Assert(err, jc.ErrorIsNil)
+
+	sr, err := resources.ListResources("riak")
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(sr.Resources, gc.HasLen, 1)
+
+	c.Check(sr.Resources[0].ApplicationID, gc.Equals, "riak")
+
+	// Most of this is just a sanity check... this is all tested elsewhere.
+	c.Check(sr.Resources[0].PendingID, gc.Equals, "")
+	c.Check(sr.Resources[0].Username, gc.Not(gc.Equals), "")
+	c.Check(sr.Resources[0].ID, gc.Not(gc.Equals), "")
+	c.Check(sr.Resources[0].Timestamp.IsZero(), jc.IsFalse)
+
+	// Ensure we get the data we passed in from the metadata.yaml.
+	c.Check(sr.Resources[0].Resource, gc.DeepEquals, charmresource.Resource{
+		Meta: charmresource.Meta{
+			Name:        "data",
+			Type:        charmresource.TypeFile,
+			Path:        "foo.lib",
+			Description: "some comment",
+		},
+		Origin:      charmresource.OriginUpload,
+		Fingerprint: fp,
+		Size:        int64(len(data)),
+	})
+}
+
+// charmStoreSuite is a suite fixture that puts the machinery in
+// place to allow testing code that calls addCharmViaAPI.
+type charmStoreSuite struct {
+	jujutesting.JujuConnSuite
+	handler charmstore.HTTPCloseHandler
+	srv     *httptest.Server
+	client  *csclient.Client
+}
+
+func (s *charmStoreSuite) SetUpTest(c *gc.C) {
+	s.JujuConnSuite.SetUpTest(c)
+
+	// Set up the charm store testing server.
+	db := s.Session.DB("juju-testing")
+	params := charmstore.ServerParams{
+		AuthUsername: "test-user",
+		AuthPassword: "test-password",
+	}
+	handler, err := charmstore.NewServer(db, nil, "", params, charmstore.V5)
+	c.Assert(err, jc.ErrorIsNil)
+	s.handler = handler
+	s.srv = httptest.NewServer(handler)
+	s.client = csclient.New(csclient.Params{
+		URL:      s.srv.URL,
+		User:     params.AuthUsername,
+		Password: params.AuthPassword,
+	})
+
+	application.PatchNewCharmStoreClient(s, s.srv.URL)
+
+	// Initialize the charm cache dir.
+	s.PatchValue(&charmrepo.CacheDir, c.MkDir())
+
+	// Point the CLI to the charm store testing server.
+
+	// Point the Juju API server to the charm store testing server.
+	s.PatchValue(&csclient.ServerURL, s.srv.URL)
+}
+
+func (s *charmStoreSuite) TearDownTest(c *gc.C) {
+	s.handler.Close()
+	s.srv.Close()
+	s.JujuConnSuite.TearDownTest(c)
+}
+
+type UpgradeCharmStoreResourceSuite struct {
+	charmStoreSuite
+}
+
+var _ = gc.Suite(&UpgradeCharmStoreResourceSuite{})
+
+func (s *UpgradeCharmStoreResourceSuite) SetUpSuite(c *gc.C) {
+	s.charmStoreSuite.SetUpSuite(c)
+	err := all.RegisterForServer()
+	c.Assert(err, jc.ErrorIsNil)
+	err = all.RegisterForClient()
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+// TODO(ericsnow) Adapt this test to check passing revisions once the
+// charmstore endpoints are implemented.
+
+func (s *UpgradeCharmStoreResourceSuite) TestDeployStarsaySuccess(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "trusty/starsay-1", "starsay")
+
+	// let's make a fake resource file to upload
+	resourceContent := "some-data"
+
+	resourceFile := path.Join(c.MkDir(), "data.xml")
+	err := ioutil.WriteFile(resourceFile, []byte(resourceContent), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+
+	ctx, err := testing.RunCommand(c, application.NewDeployCommand(), "trusty/starsay", "--resource", "upload-resource="+resourceFile)
+	c.Assert(err, jc.ErrorIsNil)
+	output := testing.Stderr(ctx)
+
+	expectedOutput := `Added charm "cs:trusty/starsay-1" to the model.
+Deploying charm "cs:trusty/starsay-1" with the user specified series "trusty".
+`
+	c.Assert(output, gc.Equals, expectedOutput)
+	s.assertCharmsUploaded(c, "cs:trusty/starsay-1")
+	s.assertServicesDeployed(c, map[string]serviceInfo{
+		"starsay": {charm: "cs:trusty/starsay-1"},
+	})
+	_, err = s.State.Unit("starsay/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	res, err := s.State.Resources()
+	c.Assert(err, jc.ErrorIsNil)
+	svcres, err := res.ListResources("starsay")
+	c.Assert(err, jc.ErrorIsNil)
+
+	sort.Sort(byname(svcres.Resources))
+
+	c.Assert(svcres.Resources, gc.HasLen, 3)
+	c.Check(svcres.Resources[2].Timestamp, gc.Not(gc.Equals), time.Time{})
+	svcres.Resources[2].Timestamp = time.Time{}
+
+	// Note that all charm resources were uploaded by testcharms.UploadCharm
+	// so that the charm could be published.
+	expectedResources := []resource.Resource{{
+		Resource: charmresource.Resource{
+			Meta: charmresource.Meta{
+				Name:        "install-resource",
+				Type:        charmresource.TypeFile,
+				Path:        "gotta-have-it.txt",
+				Description: "get things started",
+			},
+			Origin:      charmresource.OriginStore,
+			Revision:    0,
+			Fingerprint: resourceHash("install-resource content"),
+			Size:        int64(len("install-resource content")),
+		},
+		ID:            "starsay/install-resource",
+		ApplicationID: "starsay",
+	}, {
+		Resource: charmresource.Resource{
+			Meta: charmresource.Meta{
+				Name:        "store-resource",
+				Type:        charmresource.TypeFile,
+				Path:        "filename.tgz",
+				Description: "One line that is useful when operators need to push it.",
+			},
+			Origin:      charmresource.OriginStore,
+			Revision:    0,
+			Fingerprint: resourceHash("store-resource content"),
+			Size:        int64(len("store-resource content")),
+		},
+		ID:            "starsay/store-resource",
+		ApplicationID: "starsay",
+	}, {
+		Resource: charmresource.Resource{
+			Meta: charmresource.Meta{
+				Name:        "upload-resource",
+				Type:        charmresource.TypeFile,
+				Path:        "somename.xml",
+				Description: "Who uses xml anymore?",
+			},
+			Origin:      charmresource.OriginUpload,
+			Revision:    0,
+			Fingerprint: resourceHash(resourceContent),
+			Size:        int64(len(resourceContent)),
+		},
+		ID:            "starsay/upload-resource",
+		ApplicationID: "starsay",
+		Username:      "admin@local",
+		// Timestamp is checked above
+	}}
+
+	c.Check(svcres.Resources, jc.DeepEquals, expectedResources)
+
+	oldCharmStoreResources := make([]charmresource.Resource, len(svcres.CharmStoreResources))
+	copy(oldCharmStoreResources, svcres.CharmStoreResources)
+
+	sort.Sort(csbyname(oldCharmStoreResources))
+
+	testcharms.UploadCharm(c, s.client, "trusty/starsay-2", "starsay")
+
+	_, err = testing.RunCommand(c, application.NewUpgradeCharmCommand(), "starsay")
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.assertServicesDeployed(c, map[string]serviceInfo{
+		"starsay": {charm: "cs:trusty/starsay-2"},
+	})
+
+	res, err = s.State.Resources()
+	c.Assert(err, jc.ErrorIsNil)
+	svcres, err = res.ListResources("starsay")
+	c.Assert(err, jc.ErrorIsNil)
+
+	sort.Sort(byname(svcres.Resources))
+
+	c.Assert(svcres.Resources, gc.HasLen, 3)
+	c.Check(svcres.Resources[2].Timestamp, gc.Not(gc.Equals), time.Time{})
+	svcres.Resources[2].Timestamp = time.Time{}
+
+	// ensure that we haven't overridden the previously uploaded resource.
+	c.Check(svcres.Resources, jc.DeepEquals, expectedResources)
+
+	sort.Sort(csbyname(svcres.CharmStoreResources))
+	c.Check(oldCharmStoreResources, gc.DeepEquals, svcres.CharmStoreResources)
+}
+
+func resourceHash(content string) charmresource.Fingerprint {
+	fp, err := charmresource.GenerateFingerprint(strings.NewReader(content))
+	if err != nil {
+		panic(err)
+	}
+	return fp
+}
+
+type byname []resource.Resource
+
+func (b byname) Len() int           { return len(b) }
+func (b byname) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
+func (b byname) Less(i, j int) bool { return b[i].Name < b[j].Name }
+
+type csbyname []charmresource.Resource
+
+func (b csbyname) Len() int           { return len(b) }
+func (b csbyname) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
+func (b csbyname) Less(i, j int) bool { return b[i].Name < b[j].Name }
+
+// assertCharmsUploaded checks that the given charm ids have been uploaded.
+func (s *charmStoreSuite) assertCharmsUploaded(c *gc.C, ids ...string) {
+	charms, err := s.State.AllCharms()
+	c.Assert(err, jc.ErrorIsNil)
+	uploaded := make([]string, len(charms))
+	for i, charm := range charms {
+		uploaded[i] = charm.URL().String()
+	}
+	c.Assert(uploaded, jc.SameContents, ids)
+}
+
+// assertServicesDeployed checks that the given services have been deployed.
+func (s *charmStoreSuite) assertServicesDeployed(c *gc.C, info map[string]serviceInfo) {
+	services, err := s.State.AllApplications()
+	c.Assert(err, jc.ErrorIsNil)
+	deployed := make(map[string]serviceInfo, len(services))
+	for _, application := range services {
+		charm, _ := application.CharmURL()
+		config, err := application.ConfigSettings()
+		c.Assert(err, jc.ErrorIsNil)
+		if len(config) == 0 {
+			config = nil
+		}
+		constraints, err := application.Constraints()
+		c.Assert(err, jc.ErrorIsNil)
+		storage, err := application.StorageConstraints()
+		c.Assert(err, jc.ErrorIsNil)
+		if len(storage) == 0 {
+			storage = nil
+		}
+		deployed[application.Name()] = serviceInfo{
+			charm:       charm.String(),
+			config:      config,
+			constraints: constraints,
+			exposed:     application.IsExposed(),
+			storage:     storage,
+		}
+	}
+	c.Assert(deployed, jc.DeepEquals, info)
+}
+
+// serviceInfo holds information about a deployed application.
+type serviceInfo struct {
+	charm            string
+	config           charm.Settings
+	constraints      constraints.Value
+	exposed          bool
+	storage          map[string]state.StorageConstraints
+	endpointBindings map[string]string
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/upgradecharm_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/upgradecharm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/application/upgradecharm_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/application/upgradecharm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,430 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package application
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http/httptest"
+	"path"
+	"path/filepath"
+
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
+	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/charmstore.v5-unstable"
+	"gopkg.in/macaroon-bakery.v1/httpbakery"
+
+	"github.com/juju/juju/cmd/juju/common"
+	"github.com/juju/juju/cmd/modelcmd"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/rpc"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/testing"
+)
+
+type UpgradeCharmErrorsSuite struct {
+	jujutesting.RepoSuite
+	handler charmstore.HTTPCloseHandler
+	srv     *httptest.Server
+}
+
+func (s *UpgradeCharmErrorsSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	// Set up the charm store testing server.
+	handler, err := charmstore.NewServer(s.Session.DB("juju-testing"), nil, "", charmstore.ServerParams{
+		AuthUsername: "test-user",
+		AuthPassword: "test-password",
+	}, charmstore.V5)
+	c.Assert(err, jc.ErrorIsNil)
+	s.handler = handler
+	s.srv = httptest.NewServer(handler)
+
+	s.PatchValue(&charmrepo.CacheDir, c.MkDir())
+	s.PatchValue(&newCharmStoreClient, func(bakeryClient *httpbakery.Client) *csclient.Client {
+		return csclient.New(csclient.Params{
+			URL:          s.srv.URL,
+			BakeryClient: bakeryClient,
+		})
+	})
+}
+
+func (s *UpgradeCharmErrorsSuite) TearDownTest(c *gc.C) {
+	s.handler.Close()
+	s.srv.Close()
+	s.RepoSuite.TearDownTest(c)
+}
+
+var _ = gc.Suite(&UpgradeCharmErrorsSuite{})
+
+func runUpgradeCharm(c *gc.C, args ...string) error {
+	_, err := testing.RunCommand(c, NewUpgradeCharmCommand(), args...)
+	return err
+}
+
+func (s *UpgradeCharmErrorsSuite) TestInvalidArgs(c *gc.C) {
+	err := runUpgradeCharm(c)
+	c.Assert(err, gc.ErrorMatches, "no application specified")
+	err = runUpgradeCharm(c, "invalid:name")
+	c.Assert(err, gc.ErrorMatches, `invalid application name "invalid:name"`)
+	err = runUpgradeCharm(c, "foo", "bar")
+	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["bar"\]`)
+}
+
+func (s *UpgradeCharmErrorsSuite) TestInvalidService(c *gc.C) {
+	err := runUpgradeCharm(c, "phony")
+	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
+		Message: `application "phony" not found`,
+		Code:    "not found",
+	})
+}
+
+func (s *UpgradeCharmErrorsSuite) deployService(c *gc.C) {
+	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "riak")
+	err := runDeploy(c, ch, "riak", "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *UpgradeCharmErrorsSuite) TestInvalidSwitchURL(c *gc.C) {
+	s.deployService(c)
+	err := runUpgradeCharm(c, "riak", "--switch=blah")
+	c.Assert(err, gc.ErrorMatches, `cannot resolve URL "cs:blah": charm or bundle not found`)
+	err = runUpgradeCharm(c, "riak", "--switch=cs:missing/one")
+	c.Assert(err, gc.ErrorMatches, `cannot resolve URL "cs:missing/one": charm not found`)
+	// TODO(dimitern): add tests with incompatible charms
+}
+
+func (s *UpgradeCharmErrorsSuite) TestNoPathFails(c *gc.C) {
+	s.deployService(c)
+	err := runUpgradeCharm(c, "riak")
+	c.Assert(err, gc.ErrorMatches, "upgrading a local charm requires either --path or --switch")
+}
+
+func (s *UpgradeCharmErrorsSuite) TestSwitchAndRevisionFails(c *gc.C) {
+	s.deployService(c)
+	err := runUpgradeCharm(c, "riak", "--switch=riak", "--revision=2")
+	c.Assert(err, gc.ErrorMatches, "--switch and --revision are mutually exclusive")
+}
+
+func (s *UpgradeCharmErrorsSuite) TestPathAndRevisionFails(c *gc.C) {
+	s.deployService(c)
+	err := runUpgradeCharm(c, "riak", "--path=foo", "--revision=2")
+	c.Assert(err, gc.ErrorMatches, "--path and --revision are mutually exclusive")
+}
+
+func (s *UpgradeCharmErrorsSuite) TestSwitchAndPathFails(c *gc.C) {
+	s.deployService(c)
+	err := runUpgradeCharm(c, "riak", "--switch=riak", "--path=foo")
+	c.Assert(err, gc.ErrorMatches, "--switch and --path are mutually exclusive")
+}
+
+func (s *UpgradeCharmErrorsSuite) TestInvalidRevision(c *gc.C) {
+	s.deployService(c)
+	err := runUpgradeCharm(c, "riak", "--revision=blah")
+	c.Assert(err, gc.ErrorMatches, `invalid value "blah" for flag --revision: strconv.ParseInt: parsing "blah": invalid syntax`)
+}
+
+type BaseUpgradeCharmSuite struct{}
+
+type UpgradeCharmSuccessSuite struct {
+	BaseUpgradeCharmSuite
+	jujutesting.RepoSuite
+	common.CmdBlockHelper
+	path string
+	riak *state.Application
+}
+
+func (s *BaseUpgradeCharmSuite) assertUpgraded(c *gc.C, riak *state.Application, revision int, forced bool) *charm.URL {
+	err := riak.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	ch, force, err := riak.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.Revision(), gc.Equals, revision)
+	c.Assert(force, gc.Equals, forced)
+	return ch.URL()
+}
+
+var _ = gc.Suite(&UpgradeCharmSuccessSuite{})
+
+func (s *UpgradeCharmSuccessSuite) SetUpTest(c *gc.C) {
+	s.RepoSuite.SetUpTest(c)
+	s.path = testcharms.Repo.ClonedDirPath(s.CharmsPath, "riak")
+	err := runDeploy(c, s.path, "--series", "quantal")
+	c.Assert(err, jc.ErrorIsNil)
+	s.riak, err = s.State.Application("riak")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, forced, err := s.riak.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.Revision(), gc.Equals, 7)
+	c.Assert(forced, jc.IsFalse)
+
+	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
+	c.Assert(s.CmdBlockHelper, gc.NotNil)
+	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
+}
+
+func (s *UpgradeCharmSuccessSuite) assertLocalRevision(c *gc.C, revision int, path string) {
+	dir, err := charm.ReadCharmDir(path)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dir.Revision(), gc.Equals, revision)
+}
+
+func (s *UpgradeCharmSuccessSuite) TestLocalRevisionUnchanged(c *gc.C) {
+	err := runUpgradeCharm(c, "riak", "--path", s.path)
+	c.Assert(err, jc.ErrorIsNil)
+	curl := s.assertUpgraded(c, s.riak, 8, false)
+	s.AssertCharmUploaded(c, curl)
+	// Even though the remote revision is bumped, the local one should
+	// be unchanged.
+	s.assertLocalRevision(c, 7, s.path)
+}
+
+func (s *UpgradeCharmSuccessSuite) TestBlockUpgradeCharm(c *gc.C) {
+	// Block operation
+	s.BlockAllChanges(c, "TestBlockUpgradeCharm")
+	err := runUpgradeCharm(c, "riak", "--path", s.path)
+	s.AssertBlocked(c, err, ".*TestBlockUpgradeCharm.*")
+}
+
+func (s *UpgradeCharmSuccessSuite) TestRespectsLocalRevisionWhenPossible(c *gc.C) {
+	dir, err := charm.ReadCharmDir(s.path)
+	c.Assert(err, jc.ErrorIsNil)
+	err = dir.SetDiskRevision(42)
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = runUpgradeCharm(c, "riak", "--path", s.path)
+	c.Assert(err, jc.ErrorIsNil)
+	curl := s.assertUpgraded(c, s.riak, 42, false)
+	s.AssertCharmUploaded(c, curl)
+	s.assertLocalRevision(c, 42, s.path)
+}
+
+func (s *UpgradeCharmSuccessSuite) TestForcedSeriesUpgrade(c *gc.C) {
+	path := testcharms.Repo.ClonedDirPath(c.MkDir(), "multi-series")
+	err := runDeploy(c, path, "multi-series", "--series", "precise")
+	c.Assert(err, jc.ErrorIsNil)
+	application, err := s.State.Application("multi-series")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, _, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.Revision(), gc.Equals, 1)
+
+	// Copy files from a charm supporting a different set of series
+	// so we can try an upgrade requiring --force-series.
+	for _, f := range []string{"metadata.yaml", "revision"} {
+		err = utils.CopyFile(
+			filepath.Join(path, f),
+			filepath.Join(testcharms.Repo.CharmDirPath("multi-series2"), f))
+		c.Assert(err, jc.ErrorIsNil)
+	}
+	err = runUpgradeCharm(c, "multi-series", "--path", path, "--force-series")
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = application.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	ch, force, err := application.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.Revision(), gc.Equals, 8)
+	c.Assert(force, gc.Equals, false)
+	s.AssertCharmUploaded(c, ch.URL())
+	c.Assert(ch.URL().String(), gc.Equals, "local:precise/multi-series2-8")
+}
+
+func (s *UpgradeCharmSuccessSuite) TestInitWithResources(c *gc.C) {
+	testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
+	dir := c.MkDir()
+
+	foopath := path.Join(dir, "foo")
+	barpath := path.Join(dir, "bar")
+	err := ioutil.WriteFile(foopath, []byte("foo"), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ioutil.WriteFile(barpath, []byte("bar"), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+
+	res1 := fmt.Sprintf("foo=%s", foopath)
+	res2 := fmt.Sprintf("bar=%s", barpath)
+
+	d := upgradeCharmCommand{}
+	args := []string{"dummy", "--resource", res1, "--resource", res2}
+
+	err = testing.InitCommand(modelcmd.Wrap(&d), args)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(d.Resources, gc.DeepEquals, map[string]string{
+		"foo": foopath,
+		"bar": barpath,
+	})
+}
+
+func (s *UpgradeCharmSuccessSuite) TestForcedUnitsUpgrade(c *gc.C) {
+	err := runUpgradeCharm(c, "riak", "--force-units", "--path", s.path)
+	c.Assert(err, jc.ErrorIsNil)
+	curl := s.assertUpgraded(c, s.riak, 8, true)
+	s.AssertCharmUploaded(c, curl)
+	// Local revision is not changed.
+	s.assertLocalRevision(c, 7, s.path)
+}
+
+func (s *UpgradeCharmSuccessSuite) TestBlockForcedUnitsUpgrade(c *gc.C) {
+	// Block operation
+	s.BlockAllChanges(c, "TestBlockForcedUpgrade")
+	err := runUpgradeCharm(c, "riak", "--force-units", "--path", s.path)
+	c.Assert(err, jc.ErrorIsNil)
+	curl := s.assertUpgraded(c, s.riak, 8, true)
+	s.AssertCharmUploaded(c, curl)
+	// Local revision is not changed.
+	s.assertLocalRevision(c, 7, s.path)
+}
+
+func (s *UpgradeCharmSuccessSuite) TestCharmPath(c *gc.C) {
+	myriakPath := testcharms.Repo.ClonedDirPath(c.MkDir(), "riak")
+
+	// Change the revision to 42 and upgrade to it with explicit revision.
+	err := ioutil.WriteFile(path.Join(myriakPath, "revision"), []byte("42"), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+	err = runUpgradeCharm(c, "riak", "--path", myriakPath)
+	c.Assert(err, jc.ErrorIsNil)
+	curl := s.assertUpgraded(c, s.riak, 42, false)
+	c.Assert(curl.String(), gc.Equals, "local:quantal/riak-42")
+	s.assertLocalRevision(c, 42, myriakPath)
+}
+
+func (s *UpgradeCharmSuccessSuite) TestCharmPathNoRevUpgrade(c *gc.C) {
+	// Revision 7 is running to start with.
+	myriakPath := testcharms.Repo.ClonedDirPath(c.MkDir(), "riak")
+	s.assertLocalRevision(c, 7, myriakPath)
+	err := runUpgradeCharm(c, "riak", "--path", myriakPath)
+	c.Assert(err, jc.ErrorIsNil)
+	curl := s.assertUpgraded(c, s.riak, 8, false)
+	c.Assert(curl.String(), gc.Equals, "local:quantal/riak-8")
+}
+
+func (s *UpgradeCharmSuccessSuite) TestCharmPathDifferentNameFails(c *gc.C) {
+	myriakPath := testcharms.Repo.RenamedClonedDirPath(s.CharmsPath, "riak", "myriak")
+	err := runUpgradeCharm(c, "riak", "--path", myriakPath)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade "riak" to "myriak"`)
+}
+
+type UpgradeCharmCharmStoreSuite struct {
+	BaseUpgradeCharmSuite
+	charmStoreSuite
+}
+
+var _ = gc.Suite(&UpgradeCharmCharmStoreSuite{})
+
+var upgradeCharmAuthorizationTests = []struct {
+	about        string
+	uploadURL    string
+	switchURL    string
+	readPermUser string
+	expectError  string
+}{{
+	about:     "public charm, success",
+	uploadURL: "cs:~bob/trusty/wordpress1-10",
+	switchURL: "cs:~bob/trusty/wordpress1",
+}, {
+	about:     "public charm, fully resolved, success",
+	uploadURL: "cs:~bob/trusty/wordpress2-10",
+	switchURL: "cs:~bob/trusty/wordpress2-10",
+}, {
+	about:        "non-public charm, success",
+	uploadURL:    "cs:~bob/trusty/wordpress3-10",
+	switchURL:    "cs:~bob/trusty/wordpress3",
+	readPermUser: clientUserName,
+}, {
+	about:        "non-public charm, fully resolved, success",
+	uploadURL:    "cs:~bob/trusty/wordpress4-10",
+	switchURL:    "cs:~bob/trusty/wordpress4-10",
+	readPermUser: clientUserName,
+}, {
+	about:        "non-public charm, access denied",
+	uploadURL:    "cs:~bob/trusty/wordpress5-10",
+	switchURL:    "cs:~bob/trusty/wordpress5",
+	readPermUser: "bob",
+	expectError:  `cannot resolve charm URL "cs:~bob/trusty/wordpress5": cannot get "/~bob/trusty/wordpress5/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
+}, {
+	about:        "non-public charm, fully resolved, access denied",
+	uploadURL:    "cs:~bob/trusty/wordpress6-47",
+	switchURL:    "cs:~bob/trusty/wordpress6-47",
+	readPermUser: "bob",
+	expectError:  `cannot resolve charm URL "cs:~bob/trusty/wordpress6-47": cannot get "/~bob/trusty/wordpress6-47/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
+}}
+
+func (s *UpgradeCharmCharmStoreSuite) TestUpgradeCharmAuthorization(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/wordpress-0", "wordpress")
+	err := runDeploy(c, "cs:~other/trusty/wordpress-0")
+	c.Assert(err, jc.ErrorIsNil)
+	for i, test := range upgradeCharmAuthorizationTests {
+		c.Logf("test %d: %s", i, test.about)
+		url, _ := testcharms.UploadCharm(c, s.client, test.uploadURL, "wordpress")
+		if test.readPermUser != "" {
+			s.changeReadPerm(c, url, test.readPermUser)
+		}
+		err := runUpgradeCharm(c, "wordpress", "--switch", test.switchURL)
+		if test.expectError != "" {
+			c.Assert(err, gc.ErrorMatches, test.expectError)
+			continue
+		}
+		c.Assert(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *UpgradeCharmCharmStoreSuite) TestSwitch(c *gc.C) {
+	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/riak-0", "riak")
+	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/anotherriak-7", "riak")
+	err := runDeploy(c, "cs:~other/trusty/riak-0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	riak, err := s.State.Application("riak")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, forced, err := riak.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.Revision(), gc.Equals, 0)
+	c.Assert(forced, jc.IsFalse)
+
+	err = runUpgradeCharm(c, "riak", "--switch=cs:~other/trusty/anotherriak")
+	c.Assert(err, jc.ErrorIsNil)
+	curl := s.assertUpgraded(c, riak, 7, false)
+	c.Assert(curl.String(), gc.Equals, "cs:~other/trusty/anotherriak-7")
+
+	// Now try the same with explicit revision - should fail.
+	err = runUpgradeCharm(c, "riak", "--switch=cs:~other/trusty/anotherriak-7")
+	c.Assert(err, gc.ErrorMatches, `already running specified charm "cs:~other/trusty/anotherriak-7"`)
+
+	// Change the revision to 42 and upgrade to it with explicit revision.
+	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/anotherriak-42", "riak")
+	err = runUpgradeCharm(c, "riak", "--switch=cs:~other/trusty/anotherriak-42")
+	c.Assert(err, jc.ErrorIsNil)
+	curl = s.assertUpgraded(c, riak, 42, false)
+	c.Assert(curl.String(), gc.Equals, "cs:~other/trusty/anotherriak-42")
+}
+
+func (s *UpgradeCharmCharmStoreSuite) TestUpgradeCharmWithChannel(c *gc.C) {
+	id, ch := testcharms.UploadCharm(c, s.client, "cs:~client-username/trusty/wordpress-0", "wordpress")
+	err := runDeploy(c, "cs:~client-username/trusty/wordpress-0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Upload a new revision of the charm, but publish it
+	// only to the development channel.
+
+	id.Revision = 1
+	err = s.client.UploadCharmWithRevision(id, ch, -1)
+	c.Assert(err, gc.IsNil)
+
+	err = s.client.Publish(id, []csclientparams.Channel{csclientparams.DevelopmentChannel}, nil)
+	c.Assert(err, gc.IsNil)
+
+	err = runUpgradeCharm(c, "wordpress", "--channel", "development")
+	c.Assert(err, gc.IsNil)
+
+	s.assertCharmsUploaded(c, "cs:~client-username/trusty/wordpress-0", "cs:~client-username/trusty/wordpress-1")
+	s.assertApplicationsDeployed(c, map[string]serviceInfo{
+		"wordpress": {charm: "cs:~client-username/trusty/wordpress-1"},
+	})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/create.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/create.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/create.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/create.go	2016-07-18 19:45:44.000000000 +0000
@@ -67,7 +67,7 @@
 	return &cmd.Info{
 		Name:    "create-backup",
 		Args:    "[<notes>]",
-		Purpose: "create a backup",
+		Purpose: "Create a backup.",
 		Doc:     createDoc,
 	}
 }
@@ -75,8 +75,8 @@
 // SetFlags implements Command.SetFlags.
 func (c *createCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.CommandBase.SetFlags(f)
-	f.BoolVar(&c.NoDownload, "no-download", false, "do not download the archive")
-	f.StringVar(&c.Filename, "filename", notset, "download to this file")
+	f.BoolVar(&c.NoDownload, "no-download", false, "Do not download the archive")
+	f.StringVar(&c.Filename, "filename", notset, "Download to this file")
 }
 
 // Init implements Command.Init.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/download.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/download.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/download.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/download.go	2016-07-18 19:45:44.000000000 +0000
@@ -42,7 +42,7 @@
 	return &cmd.Info{
 		Name:    "download-backup",
 		Args:    "<ID>",
-		Purpose: "get an archive file",
+		Purpose: "Get an archive file.",
 		Doc:     downloadDoc,
 	}
 }
@@ -50,7 +50,7 @@
 // SetFlags implements Command.SetFlags.
 func (c *downloadCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.CommandBase.SetFlags(f)
-	f.StringVar(&c.Filename, "filename", "", "download target")
+	f.StringVar(&c.Filename, "filename", "", "Download target")
 }
 
 // Init implements Command.Init.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,13 @@
 
 import (
 	"github.com/juju/cmd"
+	"github.com/juju/errors"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/jujuclient"
+	"github.com/juju/juju/testing"
 )
 
 const (
@@ -69,7 +71,7 @@
 	store jujuclient.ClientStore,
 	api RestoreAPI,
 	getArchive func(string) (ArchiveReader, *params.BackupsMetadataResult, error),
-	getEnviron func(string, *params.BackupsMetadataResult) (environs.Environ, error),
+	getEnviron func(string, *params.BackupsMetadataResult) (environs.Environ, *restoreBootstrapParams, error),
 ) cmd.Command {
 	c := &restoreCommand{
 		getArchiveFunc: getArchive,
@@ -81,7 +83,7 @@
 			return nil
 		}}
 	if getEnviron == nil {
-		c.getEnvironFunc = func(controllerNme string, meta *params.BackupsMetadataResult) (environs.Environ, error) {
+		c.getEnvironFunc = func(controllerNme string, meta *params.BackupsMetadataResult) (environs.Environ, *restoreBootstrapParams, error) {
 			return c.getEnviron(controllerNme, meta)
 		}
 	}
@@ -89,3 +91,19 @@
 	c.SetClientStore(store)
 	return modelcmd.Wrap(c)
 }
+
+func GetEnvironFunc(e environs.Environ, cloud string) func(string, *params.BackupsMetadataResult) (environs.Environ, *restoreBootstrapParams, error) {
+	return func(string, *params.BackupsMetadataResult) (environs.Environ, *restoreBootstrapParams, error) {
+		return e, &restoreBootstrapParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			CloudName:        cloud,
+			CloudRegion:      "a-region",
+		}, nil
+	}
+}
+
+func GetEnvironFuncWithError() func(string, *params.BackupsMetadataResult) (environs.Environ, *restoreBootstrapParams, error) {
+	return func(string, *params.BackupsMetadataResult) (environs.Environ, *restoreBootstrapParams, error) {
+		return nil, nil, errors.New("failed")
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 )
 
 const listDoc = `
-list-backups provides the metadata associated with all backups.
+backups provides the metadata associated with all backups.
 `
 
 // NewListCommand returns a command used to list metadata for backups.
@@ -29,11 +29,11 @@
 // Info implements Command.Info.
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-backups",
+		Name:    "backups",
 		Args:    "",
-		Purpose: "get all metadata",
+		Purpose: "Displays information about all backups.",
 		Doc:     listDoc,
-		Aliases: []string{"backups"},
+		Aliases: []string{"list-backups"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/remove.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,7 +33,7 @@
 	return &cmd.Info{
 		Name:    "remove-backup",
 		Args:    "<ID>",
-		Purpose: "delete a backup",
+		Purpose: "Remove the spcified backup from remote storage.",
 		Doc:     removeDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/restore.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/restore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/restore.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/restore.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,6 +9,7 @@
 	"io"
 	"path/filepath"
 	"strings"
+	"time"
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
@@ -17,14 +18,17 @@
 
 	"github.com/juju/juju/api/backups"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cmd/juju/common"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/sync"
 	"github.com/juju/juju/jujuclient"
+	"github.com/juju/juju/version"
 )
 
 // NewRestoreCommand returns a command used to restore a backup.
@@ -50,7 +54,7 @@
 	uploadTools bool
 
 	newAPIClientFunc func() (RestoreAPI, error)
-	getEnvironFunc   func(string, *params.BackupsMetadataResult) (environs.Environ, error)
+	getEnvironFunc   func(string, *params.BackupsMetadataResult) (environs.Environ, *restoreBootstrapParams, error)
 	getArchiveFunc   func(string) (ArchiveReader, *params.BackupsMetadataResult, error)
 	waitForAgentFunc func(ctx *cmd.Context, c *modelcmd.ModelCommandBase, controllerName string) error
 }
@@ -90,7 +94,7 @@
 func (c *restoreCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "restore-backup",
-		Purpose: "restore from a backup archive to a new controller",
+		Purpose: "Restore from a backup archive to a new controller.",
 		Args:    "",
 		Doc:     strings.TrimSpace(restoreDoc),
 	}
@@ -102,10 +106,10 @@
 	f.Var(constraints.ConstraintsValue{Target: &c.constraints},
 		"constraints", "set model constraints")
 
-	f.BoolVar(&c.bootstrap, "b", false, "bootstrap a new state machine")
-	f.StringVar(&c.filename, "file", "", "provide a file to be used as the backup.")
-	f.StringVar(&c.backupId, "id", "", "provide the name of the backup to be restored.")
-	f.BoolVar(&c.uploadTools, "upload-tools", false, "upload tools if bootstraping a new machine.")
+	f.BoolVar(&c.bootstrap, "b", false, "Bootstrap a new state machine")
+	f.StringVar(&c.filename, "file", "", "Provide a file to be used as the backup.")
+	f.StringVar(&c.backupId, "id", "", "Provide the name of the backup to be restored")
+	f.BoolVar(&c.uploadTools, "upload-tools", false, "Upload tools if bootstraping a new machine")
 }
 
 // Init is where the preconditions for this commands can be checked.
@@ -129,9 +133,21 @@
 	return nil
 }
 
+type restoreBootstrapParams struct {
+	ControllerConfig controller.Config
+	CloudName        string
+	CloudRegion      string
+	CredentialName   string
+	Credential       cloud.Credential
+	AdminSecret      string
+	CAPrivateKey     string
+}
+
 // getEnviron returns the environ for the specified controller, or
 // mocked out environ for testing.
-func (c *restoreCommand) getEnviron(controllerName string, meta *params.BackupsMetadataResult) (environs.Environ, error) {
+func (c *restoreCommand) getEnviron(
+	controllerName string, meta *params.BackupsMetadataResult,
+) (environs.Environ, *restoreBootstrapParams, error) {
 	// TODO(axw) delete this and -b in 2.0-beta2. We will update bootstrap
 	// with a flag to specify a restore file. When we do that, we'll need
 	// to extract the CA cert from the backup, and we'll need to reset the
@@ -139,43 +155,34 @@
 	// We also need to store things like the admin-secret, controller
 	// certificate etc with the backup.
 	store := c.ClientStore()
-	cfg, err := modelcmd.NewGetBootstrapConfigFunc(store)(controllerName)
+	config, params, err := modelcmd.NewGetBootstrapConfigParamsFunc(store)(controllerName)
 	if err != nil {
-		return nil, errors.Annotate(err, "cannot restore from a machine other than the one used to bootstrap")
+		return nil, nil, errors.Trace(err)
 	}
-
-	// Reset current model to admin so first bootstrap succeeds.
-	err = store.SetCurrentModel(controllerName, environs.AdminUser, "admin")
+	provider, err := environs.Provider(params.Config.Type())
 	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	// We may have previous controller metadata. We need to update that so it
-	// will contain the new CA Cert and UUID required to connect to the newly
-	// bootstrapped controller API.
-	details := jujuclient.ControllerDetails{
-		ControllerUUID: cfg.ControllerUUID(),
-		CACert:         meta.CACert,
+		return nil, nil, errors.Trace(err)
 	}
-	err = store.UpdateController(controllerName, details)
+	cfg, err := provider.BootstrapConfig(*params)
 	if err != nil {
-		return nil, errors.Trace(err)
+		return nil, nil, errors.Trace(err)
 	}
 
 	// Get the local admin user so we can use the password as the admin secret.
+	// TODO(axw) check that account.User is environs.AdminUser.
 	var adminSecret string
-	account, err := store.AccountByName(controllerName, environs.AdminUser)
+	account, err := store.AccountDetails(controllerName)
 	if err == nil {
 		adminSecret = account.Password
 	} else if errors.IsNotFound(err) {
 		// No relevant local admin user so generate a new secret.
 		buf := make([]byte, 16)
 		if _, err := io.ReadFull(rand.Reader, buf); err != nil {
-			return nil, errors.Annotate(err, "generating new admin secret")
+			return nil, nil, errors.Annotate(err, "generating new admin secret")
 		}
 		adminSecret = fmt.Sprintf("%x", buf)
 	} else {
-		return nil, errors.Trace(err)
+		return nil, nil, errors.Trace(err)
 	}
 
 	// Turn on safe mode so that the newly bootstrapped instance
@@ -183,24 +190,34 @@
 	// Also set the admin secret and ca cert info.
 	cfg, err = cfg.Apply(map[string]interface{}{
 		"provisioner-safe-mode": true,
-		"admin-secret":          adminSecret,
-		"ca-private-key":        meta.CAPrivateKey,
-		"ca-cert":               meta.CACert,
 	})
 	if err != nil {
-		return nil, errors.Annotatef(err, "cannot enable provisioner-safe-mode")
+		return nil, nil, errors.Annotatef(err, "cannot enable provisioner-safe-mode")
 	}
-	return environs.New(cfg)
+
+	controllerCfg := controller.Config{
+		controller.ControllerUUIDKey: params.ControllerUUID,
+		controller.CACertKey:         meta.CACert,
+	}
+	env, err := environs.New(cfg)
+	return env, &restoreBootstrapParams{
+		ControllerConfig: controllerCfg,
+		CloudName:        config.Cloud,
+		CloudRegion:      config.CloudRegion,
+		CredentialName:   config.Credential,
+		Credential:       params.Credentials,
+		AdminSecret:      adminSecret,
+	}, err
 }
 
 // rebootstrap will bootstrap a new server in safe-mode (not killing any other agent)
 // if there is no current server available to restore to.
 func (c *restoreCommand) rebootstrap(ctx *cmd.Context, meta *params.BackupsMetadataResult) error {
-	env, err := c.getEnvironFunc(c.ControllerName(), meta)
+	env, params, err := c.getEnvironFunc(c.ControllerName(), meta)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	instanceIds, err := env.ControllerInstances()
+	instanceIds, err := env.ControllerInstances(params.ControllerConfig.ControllerUUID())
 	if err != nil && errors.Cause(err) != environs.ErrNotBootstrapped {
 		return errors.Annotatef(err, "cannot determine controller instances")
 	}
@@ -225,11 +242,51 @@
 		config.UUIDKey: hostedModelUUID.String(),
 	}
 
+	cloudParam, err := cloud.CloudByName(params.CloudName)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	// We may have previous controller metadata. We need to replace that so it
+	// will contain the new CA Cert and UUID required to connect to the newly
+	// bootstrapped controller API.
+	store := c.ClientStore()
+	details := jujuclient.ControllerDetails{
+		ControllerUUID: params.ControllerConfig.ControllerUUID(),
+		CACert:         meta.CACert,
+		Cloud:          params.CloudName,
+		CloudRegion:    params.CloudRegion,
+	}
+	err = store.UpdateController(c.ControllerName(), details)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	bootVers := version.Current
+	var cred *cloud.Credential
+	if params.Credential.AuthType() != cloud.EmptyAuthType {
+		cred = &params.Credential
+	}
 	args := bootstrap.BootstrapParams{
-		ModelConstraints:  c.constraints,
-		UploadTools:       c.uploadTools,
-		BuildToolsTarball: sync.BuildToolsTarball,
-		HostedModelConfig: hostedModelConfig,
+		Cloud:               *cloudParam,
+		CloudName:           params.CloudName,
+		CloudRegion:         params.CloudRegion,
+		CloudCredentialName: params.CredentialName,
+		CloudCredential:     cred,
+		ModelConstraints:    c.constraints,
+		UploadTools:         c.uploadTools,
+		BuildToolsTarball:   sync.BuildToolsTarball,
+		ControllerConfig:    params.ControllerConfig,
+		HostedModelConfig:   hostedModelConfig,
+		BootstrapSeries:     meta.Series,
+		AgentVersion:        &bootVers,
+		AdminSecret:         params.AdminSecret,
+		CAPrivateKey:        meta.CAPrivateKey,
+		DialOpts: environs.BootstrapDialOpts{
+			Timeout:        time.Second * bootstrap.DefaultBootstrapSSHTimeout,
+			RetryDelay:     time.Second * bootstrap.DefaultBootstrapSSHRetryDelay,
+			AddressesDelay: time.Second * bootstrap.DefaultBootstrapSSHAddressesDelay,
+		},
 	}
 	if err := BootstrapFunc(modelcmd.BootstrapContext(ctx), env, args); err != nil {
 		return errors.Annotatef(err, "cannot bootstrap new instance")
@@ -237,10 +294,12 @@
 
 	// New controller is bootstrapped, so now record the API address so
 	// we can connect.
-	err = common.SetBootstrapEndpointAddress(c.ClientStore(), c.ControllerName(), env)
+	apiPort := params.ControllerConfig.APIPort()
+	err = common.SetBootstrapEndpointAddress(store, c.ControllerName(), apiPort, env)
 	if err != nil {
-		errors.Trace(err)
+		return errors.Trace(err)
 	}
+
 	// To avoid race conditions when running scripted bootstraps, wait
 	// for the controller's machine agent to be ready to accept commands
 	// before exiting this bootstrap command.
@@ -303,7 +362,7 @@
 		err = client.Restore(c.backupId, c.newClient)
 	}
 	if err != nil {
-		return nil
+		return errors.Trace(err)
 	}
 	fmt.Fprintf(ctx.Stdout, "restore from %q completed\n", target)
 	return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/restore_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/restore_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/restore_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/restore_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,7 +16,6 @@
 	"github.com/juju/juju/cmd/juju/backups"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
@@ -34,33 +33,42 @@
 
 func (s *restoreSuite) SetUpTest(c *gc.C) {
 	s.BaseBackupsSuite.SetUpTest(c)
-	s.store = jujuclienttesting.NewMemStore()
-	s.store.Controllers["testing"] = jujuclient.ControllerDetails{
-		ControllerUUID: testing.ModelTag.Id(),
-		CACert:         testing.CACert,
-	}
-	s.store.Models["testing"] = jujuclient.ControllerAccountModels{
-		AccountModels: map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{
-					"admin": {"test1-uuid"},
-				},
-				CurrentModel: "admin",
+	clouds := map[string]cloud.Cloud{
+		"mycloud": {
+			Type:      "openstack",
+			AuthTypes: []cloud.AuthType{"userpass", "access-key"},
+			Endpoint:  "http://homestack",
+			Regions: []cloud.Region{
+				{Name: "a-region", Endpoint: "http://london/1.0"},
 			},
 		},
 	}
-	s.store.Accounts["testing"] = &jujuclient.ControllerAccounts{
-		Accounts: map[string]jujuclient.AccountDetails{
-			"admin@local": {
-				User:     "current-user@local",
-				Password: "old-password",
-			},
-		},
-		CurrentAccount: "admin@local",
+	err := cloud.WritePersonalCloudMetadata(clouds)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.store = jujuclienttesting.NewMemStore()
+	s.store.Controllers["testing"] = jujuclient.ControllerDetails{
+		ControllerUUID:         "deadbeef-0bad-400d-8000-5b1d0d06f00d",
+		CACert:                 testing.CACert,
+		Cloud:                  "mycloud",
+		CloudRegion:            "a-region",
+		APIEndpoints:           []string{"10.0.1.1:17777"},
+		UnresolvedAPIEndpoints: []string{"10.0.1.1:17777"},
+	}
+	s.store.CurrentControllerName = "testing"
+	s.store.Models["testing"] = &jujuclient.ControllerModels{
+		Models: map[string]jujuclient.ModelDetails{
+			"admin": {"test1-uuid"},
+		},
+		CurrentModel: "admin",
+	}
+	s.store.Accounts["testing"] = jujuclient.AccountDetails{
+		User:     "current-user@local",
+		Password: "old-password",
 	}
 	s.store.BootstrapConfig["testing"] = jujuclient.BootstrapConfig{
-		Cloud: "dummy",
-		//Credential: "me",
+		Cloud:       "mycloud",
+		CloudRegion: "a-region",
 		Config: map[string]interface{}{
 			"type": "dummy",
 			"name": "admin",
@@ -116,9 +124,8 @@
 		func(string) (backups.ArchiveReader, *params.BackupsMetadataResult, error) {
 			return &mockArchiveReader{}, &params.BackupsMetadataResult{}, nil
 		},
-		func(string, *params.BackupsMetadataResult) (environs.Environ, error) {
-			return fakeEnv, nil
-		})
+		backups.GetEnvironFunc(fakeEnv, "mycloud"),
+	)
 	_, err := testing.RunCommand(c, s.command, "restore", "--file", "afile", "-b")
 	c.Assert(err, gc.ErrorMatches, ".*still seems to exist.*")
 }
@@ -128,11 +135,12 @@
 	s.command = backups.NewRestoreCommandForTest(
 		s.store, &mockRestoreAPI{},
 		func(string) (backups.ArchiveReader, *params.BackupsMetadataResult, error) {
-			return &mockArchiveReader{}, &params.BackupsMetadataResult{}, nil
+			return &mockArchiveReader{}, &params.BackupsMetadataResult{
+				CACert: testing.CACert,
+			}, nil
 		},
-		func(string, *params.BackupsMetadataResult) (environs.Environ, error) {
-			return fakeEnv, nil
-		})
+		backups.GetEnvironFunc(fakeEnv, "mycloud"),
+	)
 	s.PatchValue(&backups.BootstrapFunc, func(ctx environs.BootstrapContext, environ environs.Environ, args bootstrap.BootstrapParams) error {
 		return errors.New("failed to bootstrap new controller")
 	})
@@ -153,8 +161,6 @@
 		},
 		nil)
 	s.PatchValue(&backups.BootstrapFunc, func(ctx environs.BootstrapContext, environ environs.Environ, args bootstrap.BootstrapParams) error {
-		attr := environ.Config().AllAttrs()
-		c.Assert(attr["ca-cert"], gc.Equals, testing.CACert)
 		return errors.New("failed to bootstrap new controller")
 	})
 
@@ -162,6 +168,37 @@
 	c.Assert(err, gc.ErrorMatches, ".*failed to bootstrap new controller")
 }
 
+func (s *restoreSuite) TestFailedRestoreReboostrapMaintainsControllerInfo(c *gc.C) {
+	metadata := params.BackupsMetadataResult{
+		CACert:       testing.CACert,
+		CAPrivateKey: testing.CAKey,
+	}
+	s.command = backups.NewRestoreCommandForTest(
+		s.store, &mockRestoreAPI{},
+		func(string) (backups.ArchiveReader, *params.BackupsMetadataResult, error) {
+			return &mockArchiveReader{}, &metadata, nil
+		},
+		backups.GetEnvironFuncWithError(),
+	)
+	s.PatchValue(&backups.BootstrapFunc, func(ctx environs.BootstrapContext, environ environs.Environ, args bootstrap.BootstrapParams) error {
+		// We should not call bootstrap.
+		c.Fail()
+		return nil
+	})
+
+	_, err := testing.RunCommand(c, s.command, "restore", "-m", "testing:test1", "--file", "afile", "-b")
+	c.Assert(err, gc.ErrorMatches, "failed")
+	// The details below are as per what was done in test setup, so no changes.
+	c.Assert(s.store.Controllers["testing"], jc.DeepEquals, jujuclient.ControllerDetails{
+		Cloud:                  "mycloud",
+		CloudRegion:            "a-region",
+		CACert:                 testing.CACert,
+		ControllerUUID:         "deadbeef-0bad-400d-8000-5b1d0d06f00d",
+		APIEndpoints:           []string{"10.0.1.1:17777"},
+		UnresolvedAPIEndpoints: []string{"10.0.1.1:17777"},
+	})
+}
+
 func (s *restoreSuite) TestRestoreReboostrapWritesUpdatedControllerInfo(c *gc.C) {
 	metadata := params.BackupsMetadataResult{
 		CACert:       testing.CACert,
@@ -173,9 +210,8 @@
 		func(string) (backups.ArchiveReader, *params.BackupsMetadataResult, error) {
 			return &mockArchiveReader{}, &metadata, nil
 		},
-		func(string, *params.BackupsMetadataResult) (environs.Environ, error) {
-			return fakeEnv, nil
-		})
+		backups.GetEnvironFunc(fakeEnv, "mycloud"),
+	)
 	s.PatchValue(&backups.BootstrapFunc, func(ctx environs.BootstrapContext, environ environs.Environ, args bootstrap.BootstrapParams) error {
 		return nil
 	})
@@ -183,10 +219,12 @@
 	_, err := testing.RunCommand(c, s.command, "restore", "-m", "testing:test1", "--file", "afile", "-b")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.store.Controllers["testing"], jc.DeepEquals, jujuclient.ControllerDetails{
+		Cloud:                  "mycloud",
+		CloudRegion:            "a-region",
 		CACert:                 testing.CACert,
 		ControllerUUID:         "deadbeef-0bad-400d-8000-4b1d0d06f00d",
-		APIEndpoints:           []string{"10.0.0.1:100"},
-		UnresolvedAPIEndpoints: []string{"10.0.0.1:100"},
+		APIEndpoints:           []string{"10.0.0.1:17777"},
+		UnresolvedAPIEndpoints: []string{"10.0.0.1:17777"},
 	})
 }
 
@@ -206,7 +244,7 @@
 	controllerInstances []instance.Id
 }
 
-func (f fakeEnviron) ControllerInstances() ([]instance.Id, error) {
+func (f fakeEnviron) ControllerInstances(_ string) ([]instance.Id, error) {
 	return f.controllerInstances, nil
 }
 
@@ -217,9 +255,3 @@
 func (f fakeEnviron) AllInstances() ([]instance.Instance, error) {
 	return []instance.Instance{fakeInstance{id: "1"}}, nil
 }
-
-func (f fakeEnviron) Config() *config.Config {
-	attrs := testing.FakeConfig().Merge(map[string]interface{}{"api-port": "100"})
-	cfg, _ := config.New(config.NoDefaults, attrs)
-	return cfg
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/show.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/show.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/show.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/show.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,7 +31,7 @@
 	return &cmd.Info{
 		Name:    "show-backup",
 		Args:    "<ID>",
-		Purpose: "get metadata",
+		Purpose: "Show metadata for the specified backup.",
 		Doc:     showDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/upload.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/upload.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/backups/upload.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/backups/upload.go	2016-07-18 19:45:44.000000000 +0000
@@ -35,7 +35,7 @@
 	return &cmd.Info{
 		Name:    "upload-backup",
 		Args:    "<filename>",
-		Purpose: "store a backup archive file remotely in juju",
+		Purpose: "Store a backup archive file remotely in Juju.",
 		Doc:     uploadDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/block.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/block.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/block.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/block.go	2016-07-18 19:45:44.000000000 +0000
@@ -67,7 +67,6 @@
 }
 
 var destroyBlockDoc = `
-
 This command allows to block model destruction.
 
 To disable the block, run unblock command - see "juju help unblock". 
@@ -76,8 +75,8 @@
 "juju block destroy-model" only blocks destroy-model command.
    
 Examples:
-   To prevent the model from being destroyed:
-   juju block destroy-model
+    # To prevent the model from being destroyed:
+    juju block destroy-model
 
 `
 
@@ -86,7 +85,7 @@
 func (c *destroyCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "destroy-model",
-		Purpose: "block an operation that would destroy Juju model",
+		Purpose: "Block an operation that would destroy Juju model.",
 		Doc:     destroyBlockDoc,
 	}
 }
@@ -106,7 +105,6 @@
 }
 
 var removeBlockDoc = `
-
 This command allows to block all operations that would remove an object 
 from Juju model.
 
@@ -117,12 +115,12 @@
     destroy-model
     remove-machine
     remove-relation
-    remove-service
+    remove-application
     remove-unit
    
 Examples:
-   To prevent the machines, services, units and relations from being removed:
-   juju block remove-object
+    # To prevent the machines, applications, units and relations from being removed:
+    juju block remove-object
 
 `
 
@@ -131,7 +129,7 @@
 func (c *removeCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "remove-object",
-		Purpose: "block an operation that would remove an object",
+		Purpose: "Block an operation that would remove an object.",
 		Doc:     removeBlockDoc,
 	}
 }
@@ -151,7 +149,6 @@
 }
 
 var changeBlockDoc = `
-
 This command allows to block all operations that would alter
 Juju model.
 
@@ -171,7 +168,7 @@
     expose
     remove-machine
     remove-relation
-    remove-service
+    remove-application
     remove-unit
     resolved
     retry-provisioning
@@ -191,8 +188,8 @@
     enable-user
    
 Examples:
-   To prevent changes to the model:
-   juju block all-changes
+    # To prevent changes to the model:
+    juju block all-changes
 
 `
 
@@ -201,7 +198,7 @@
 func (c *changeCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "all-changes",
-		Purpose: "block operations that could change Juju model",
+		Purpose: "Block operations that could change Juju model.",
 		Doc:     changeBlockDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/blocksuper.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/blocksuper.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/blocksuper.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/blocksuper.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,7 @@
  the Juju model.
 `
 
-const superBlockCmdPurpose = "list and enable model blocks"
+const superBlockCmdPurpose = "List and enable model blocks."
 
 // Command is the top-level command wrapping all storage functionality.
 type Command struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -41,7 +41,7 @@
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "list",
-		Purpose: "list juju blocks",
+		Purpose: "List Juju blocks.",
 		Doc:     listCommandDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/protection.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/protection.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/protection.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/protection.go	2016-07-18 19:45:44.000000000 +0000
@@ -94,7 +94,7 @@
 }
 
 var removeMsg = `
-All operations that remove (or delete or terminate) machines, services, units or
+All operations that remove (or delete or terminate) machines, applications, units or
 relations have been blocked for the current model.
 To unblock removal, run
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/unblock.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/unblock.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/block/unblock.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/block/unblock.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,7 +33,6 @@
 
 var (
 	unblockDoc = `
-
 Juju allows to safeguard deployed models from unintentional damage by preventing
 execution of operations that could alter model.
 
@@ -51,7 +50,7 @@
     destroy-model
     remove-machine
     remove-relation
-    remove-service
+    remove-application
     remove-unit
 
 all-changes includes all alteration commands
@@ -67,7 +66,7 @@
     expose
     remove-machine
     remove-relation
-    remove-service
+    remove-application
     remove-unit
     resolved
     retry-provisioning
@@ -87,17 +86,17 @@
     enable-user
 
 Examples:
-   To allow the model to be destroyed:
-   juju unblock destroy-model
+    # To allow the model to be destroyed:
+    juju unblock destroy-model
 
-   To allow the machines, services, units and relations to be removed:
-   juju unblock remove-object
+    # To allow the machines, applications, units and relations to be removed:
+    juju unblock remove-object
 
-   To allow changes to the model:
-   juju unblock all-changes
+    # To allow changes to the model:
+    juju unblock all-changes
 
 See Also:
-   juju help block
+   juju block
 `
 
 	// blockArgsFmt has formatted representation of block command valid arguments.
@@ -132,7 +131,7 @@
 	return &cmd.Info{
 		Name:    "unblock",
 		Args:    blockArgsFmt,
-		Purpose: "unblock an operation that would alter a running model",
+		Purpose: "Unblock an operation that would alter a running model.",
 		Doc:     unblockDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cachedimages/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cachedimages/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cachedimages/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cachedimages/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,15 +24,14 @@
 The filter attributes are optional.
 
 Examples:
-
   # List all cached images.
-  juju list-cache-images
+  juju cached-images
 
   # List cached images for xenial.
-  juju list-cache-images --series xenial 
+  juju cached-images --series xenial
 
   # List all cached lxd images for xenial amd64.
-  juju list-cache-images --kind lxd --series xenial --arch amd64
+  juju cached-images --kind lxd --series xenial --arch amd64
 `
 
 // NewListCommand returns a command for listing chached images.
@@ -50,19 +49,19 @@
 // Info implements Command.Info.
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-cached-images",
-		Purpose: "shows cached os images",
+		Name:    "cached-images",
+		Purpose: "Shows cached os images.",
 		Doc:     listCommandDoc,
-		Aliases: []string{"cached-images"},
+		Aliases: []string{"list-cached-images"},
 	}
 }
 
 // SetFlags implements Command.SetFlags.
 func (c *listCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.CachedImagesCommandBase.SetFlags(f)
-	f.StringVar(&c.Kind, "kind", "", "the image kind to list eg lxd")
-	f.StringVar(&c.Series, "series", "", "the series of the image to list eg xenial")
-	f.StringVar(&c.Arch, "arch", "", "the architecture of the image to list eg amd64")
+	f.StringVar(&c.Kind, "kind", "", "The image kind to list eg lxd")
+	f.StringVar(&c.Series, "series", "", "The series of the image to list eg xenial")
+	f.StringVar(&c.Arch, "arch", "", "The architecture of the image to list eg amd64")
 	c.out.AddFlags(f, "yaml", map[string]cmd.Formatter{
 		"yaml": cmd.FormatYaml,
 		"json": cmd.FormatJson,
@@ -70,7 +69,7 @@
 }
 
 // Init implements Command.Init.
-func (c *listCommand) Init(args []string) (err error) {
+func (c *listCommand) Init(args []string) error {
 	return cmd.CheckEmpty(args)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cachedimages/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cachedimages/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cachedimages/remove.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cachedimages/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,7 +20,6 @@
   Architecture eg "amd64"
 
 Examples:
-
   # Remove cached lxd image for xenial amd64.
   juju remove-cached-images --kind lxd --series xenial --arch amd64
 `
@@ -40,7 +39,7 @@
 func (c *removeCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "remove-cached-images",
-		Purpose: "remove cached os images",
+		Purpose: "Remove cached OS images.",
 		Doc:     removeCommandDoc,
 	}
 }
@@ -48,9 +47,9 @@
 // SetFlags implements Command.SetFlags.
 func (c *removeCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.CachedImagesCommandBase.SetFlags(f)
-	f.StringVar(&c.Kind, "kind", "", "the image kind to remove eg lxd")
-	f.StringVar(&c.Series, "series", "", "the series of the image to remove eg xenial")
-	f.StringVar(&c.Arch, "arch", "", "the architecture of the image to remove eg amd64")
+	f.StringVar(&c.Kind, "kind", "", "The image kind to remove eg lxd")
+	f.StringVar(&c.Series, "series", "", "The series of the image to remove eg xenial")
+	f.StringVar(&c.Arch, "arch", "", "The architecture of the image to remove eg amd64")
 }
 
 // Init implements Command.Init.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/charmcmd/charm.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/charmcmd/charm.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/charmcmd/charm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/charmcmd/charm.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 by charm authors, though only applicable functionality is mirrored.
 `
 
-const charmPurpose = "interact with charms"
+const charmPurpose = "Interact with charms."
 
 // Command is the top-level command wrapping all charm functionality.
 type Command struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/charmcmd/charm_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/charmcmd/charm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/charmcmd/charm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/charmcmd/charm_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,32 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package charmcmd_test
-
-import (
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/juju/charmcmd"
-)
-
-type CharmSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&CharmSuite{})
-
-func (s *CharmSuite) SetUpTest(c *gc.C) {
-	s.IsolationSuite.SetUpTest(c)
-}
-
-// TODO(ericsnow) Copy some tests from cmd/juju/commands/main_test.go?
-
-func (s *CharmSuite) Test(c *gc.C) {
-	return
-	// TODO(ericsnow) Finish!
-	chCmd := charmcmd.NewSuperCommand()
-
-	c.Check(chCmd, jc.DeepEquals, nil)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/charmcmd/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/charmcmd/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/charmcmd/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/charmcmd/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package charmcmd_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/addcredential.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/addcredential.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/addcredential.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/addcredential.go	2016-07-18 19:45:44.000000000 +0000
@@ -59,7 +59,7 @@
     juju add-credential aws -f ~/credentials.yaml
 
 See also: 
-    list-credentials
+    credentials
     remove-credential
     set-default-credential
     autoload-credentials`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/add.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/add.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/add.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/add.go	2016-07-18 19:45:44.000000000 +0000
@@ -34,7 +34,7 @@
     juju add-cloud mycloud ~/mycloud.yaml
 
 See also: 
-    list-clouds`
+    clouds`
 
 type addCloudCommand struct {
 	cmd.CommandBase
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/defaultcredential.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/defaultcredential.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/defaultcredential.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/defaultcredential.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,7 @@
 The default credentials are specified with a "credential name". A 
 credential name is created during the process of adding credentials either 
 via `[1:] + "`juju add-credential` or `juju autoload-credentials`" + `. Credential names 
-can be listed with ` + "`juju list-credentials`" + `.
+can be listed with ` + "`juju credentials`" + `.
 Default credentials avoid the need to specify a particular set of 
 credentials when more than one are available for a given cloud.
 
@@ -27,9 +27,9 @@
     juju set-default-credential google credential_name
 
 See also: 
+    credentials
     add-credential
     remove-credential
-    list-credentials
     autoload-credentials`
 
 type setDefaultCredentialCommand struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/detectcredentials.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/detectcredentials.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/detectcredentials.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/detectcredentials.go	2016-07-18 19:45:44.000000000 +0000
@@ -42,7 +42,7 @@
 allows the user to interactively save these into the Juju credentials store to make these
 available when bootstrapping new controllers and creating new models.
 
-The resulting credentials may be viewed with juju list-credentials.
+The resulting credentials may be viewed with ` + "`juju credentials`" + `.
 
 The clouds for which credentials may be autoloaded are:
 
@@ -66,7 +66,7 @@
    juju autoload-credentials
    
 See Also:
-   juju list-credentials
+   juju credentials
    juju add-credential
 `
 
@@ -86,7 +86,7 @@
 func (c *detectCredentialsCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "autoload-credentials",
-		Purpose: "looks for cloud credentials and caches those for use by Juju when bootstrapping",
+		Purpose: "Looks for cloud credentials and caches those for use by Juju when bootstrapping.",
 		Doc:     detectCredentialsDoc,
 	}
 }
@@ -151,13 +151,13 @@
 		if err != nil {
 			// Should never happen but it will on go 1.2
 			// because lxd provider is not built.
-			logger.Warningf("provider %q not available on this platform", providerName)
+			logger.Errorf("provider %q not available on this platform", providerName)
 			continue
 		}
 		if detectCredentials, ok := provider.(environs.ProviderCredentials); ok {
 			detected, err := detectCredentials.DetectCredentials()
 			if err != nil && !errors.IsNotFound(err) {
-				logger.Warningf("could not detect credentials for provider %q: %v", providerName, err)
+				logger.Errorf("could not detect credentials for provider %q: %v", providerName, err)
 				continue
 			}
 			if errors.IsNotFound(err) || len(detected.AuthCredentials) == 0 {
@@ -167,7 +167,7 @@
 			// For each credential, construct meta info for which cloud it may pertain to etc.
 			for credName, newCred := range detected.AuthCredentials {
 				if credName == "" {
-					logger.Warningf("ignoring unnamed credential for provider %s", providerName)
+					logger.Debugf("ignoring unnamed credential for provider %s", providerName)
 					continue
 				}
 				// Ignore empty credentials.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/listcredentials.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/listcredentials.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/listcredentials.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/listcredentials.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,9 +40,9 @@
 for the given cloud.
 
 Examples:
-    juju list-credentials
-    juju list-credentials aws
-    juju list-credentials --format yaml --show-secrets
+    juju credentials
+    juju credentials aws
+    juju credentials --format yaml --show-secrets
 
 See also: 
     add-credential
@@ -75,10 +75,11 @@
 
 func (c *listCredentialsCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-credentials",
+		Name:    "credentials",
 		Args:    "[<cloud name>]",
 		Purpose: usageListCredentialsSummary,
 		Doc:     usageListCredentialsDetails,
+		Aliases: []string{"list-credentials"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,7 +39,7 @@
 var listCloudsDocExamples = `
 Examples:
 
-    juju list-clouds
+    juju clouds
 
 See also: show-cloud
           update-clouds
@@ -53,9 +53,10 @@
 
 func (c *listCloudsCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-clouds",
+		Name:    "clouds",
 		Purpose: "Lists all clouds available to Juju.",
 		Doc:     listCloudsDoc,
+		Aliases: []string{"list-clouds"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/removecredential.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/removecredential.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/removecredential.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/removecredential.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,14 +24,14 @@
 var usageRemoveCredentialDetails = `
 The credentials to be removed are specified by a "credential name".
 Credential names, and optionally the corresponding authentication
-material, can be listed with `[1:] + "`juju list-credentials`" + `.
+material, can be listed with `[1:] + "`juju credentials`" + `.
 
 Examples:
     juju remove-credential rackspace credential_name
 
 See also: 
+    credentials
     add-credential
-    list-credentials
     set-default-credential
     autoload-credentials`
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/remove.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,70 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud
+
+import (
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/cloud"
+)
+
+var usageRemoveCloudSummary = `
+Removes a user-defined cloud from Juju.`[1:]
+
+var usageRemoveCloudDetails = `
+Remove a named, user-defined cloud from Juju.
+
+Examples:
+    juju remove-cloud mycloud
+
+See also:
+    add-cloud
+    list-clouds`
+
+type removeCloudCommand struct {
+	cmd.CommandBase
+
+	// Cloud is the name fo the cloud to remove.
+	Cloud string
+}
+
+// NewRemoveCloudCommand returns a command to remove cloud information.
+func NewRemoveCloudCommand() cmd.Command {
+	return &removeCloudCommand{}
+}
+
+func (c *removeCloudCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "remove-cloud",
+		Args:    "<cloud name>",
+		Purpose: usageRemoveCloudSummary,
+		Doc:     usageRemoveCloudDetails,
+	}
+}
+
+func (c *removeCloudCommand) Init(args []string) (err error) {
+	if len(args) < 1 {
+		return errors.New("Usage: juju remove-cloud <cloud name>")
+	}
+	c.Cloud = args[0]
+	return cmd.CheckEmpty(args[1:])
+}
+
+func (c *removeCloudCommand) Run(ctxt *cmd.Context) error {
+	personalClouds, err := cloud.PersonalCloudMetadata()
+	if err != nil {
+		return err
+	}
+	if _, ok := personalClouds[c.Cloud]; !ok {
+		ctxt.Infof("No personal cloud called %q exists", c.Cloud)
+		return nil
+	}
+	delete(personalClouds, c.Cloud)
+	if err := cloud.WritePersonalCloudMetadata(personalClouds); err != nil {
+		return errors.Trace(err)
+	}
+	ctxt.Infof("Removed details of personal cloud %q", c.Cloud)
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/remove_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/remove_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/remove_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/remove_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,92 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package cloud_test
+
+import (
+	"io/ioutil"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	jujucloud "github.com/juju/juju/cloud"
+	"github.com/juju/juju/cmd/juju/cloud"
+	"github.com/juju/juju/juju/osenv"
+	"github.com/juju/juju/testing"
+)
+
+type removeSuite struct {
+	testing.BaseSuite
+}
+
+var _ = gc.Suite(&removeSuite{})
+
+func (s *removeSuite) SetUpTest(c *gc.C) {
+	origHome := osenv.SetJujuXDGDataHome(c.MkDir())
+	s.AddCleanup(func(*gc.C) { osenv.SetJujuXDGDataHome(origHome) })
+}
+
+func (s *removeSuite) TestRemoveBadArgs(c *gc.C) {
+	cmd := cloud.NewRemoveCloudCommand()
+	_, err := testing.RunCommand(c, cmd)
+	c.Assert(err, gc.ErrorMatches, "Usage: juju remove-cloud <cloud name>")
+	_, err = testing.RunCommand(c, cmd, "cloud", "extra")
+	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["extra"\]`)
+}
+
+func (s *removeSuite) TestRemoveNotFound(c *gc.C) {
+	cmd := cloud.NewRemoveCloudCommand()
+	ctx, err := testing.RunCommand(c, cmd, "fnord")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(testing.Stderr(ctx), gc.Equals, "No personal cloud called \"fnord\" exists\n")
+}
+
+func (s *removeSuite) createTestCloudData(c *gc.C) {
+	err := ioutil.WriteFile(osenv.JujuXDGDataHomePath("public-clouds.yaml"), []byte(`
+clouds:
+  prodstack:
+    type: openstack
+    auth-types: [userpass, access-key]
+    endpoint: http://homestack
+`[1:]), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = ioutil.WriteFile(osenv.JujuXDGDataHomePath("clouds.yaml"), []byte(`
+clouds:
+  homestack:
+    type: openstack
+    auth-types: [userpass, access-key]
+    endpoint: http://homestack
+  homestack2:
+    type: openstack
+    auth-types: [userpass, access-key]
+    endpoint: http://homestack2
+`[1:]), 0600)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *removeSuite) TestRemoveCloud(c *gc.C) {
+	s.createTestCloudData(c)
+	assertPersonalClouds(c, "homestack", "homestack2")
+	ctx, err := testing.RunCommand(c, cloud.NewRemoveCloudCommand(), "homestack")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(testing.Stderr(ctx), gc.Equals, "Removed details of personal cloud \"homestack\"\n")
+	assertPersonalClouds(c, "homestack2")
+}
+
+func (s *removeSuite) TestCannotRemovePublicCloud(c *gc.C) {
+	s.createTestCloudData(c)
+	ctx, err := testing.RunCommand(c, cloud.NewRemoveCloudCommand(), "prodstack")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(testing.Stderr(ctx), gc.Equals, "No personal cloud called \"prodstack\" exists\n")
+}
+
+func assertPersonalClouds(c *gc.C, names ...string) {
+	personalClouds, err := jujucloud.PersonalCloudMetadata()
+	c.Assert(err, jc.ErrorIsNil)
+	actual := make([]string, 0, len(personalClouds))
+	for name := range personalClouds {
+		actual = append(actual, name)
+	}
+	c.Assert(actual, jc.SameContents, names)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/show.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/show.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/show.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/show.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,7 +28,7 @@
     juju show-cloud google
     juju show-cloud azure-china --output ~/azure_cloud_details.txt
 
-See also: list-clouds
+See also: clouds
           update-clouds
 `
 
@@ -91,6 +91,7 @@
 	Regions yaml.MapSlice `yaml:"regions,omitempty" json:"-"`
 	// Regions map is for json marshalling where format is important but not order.
 	RegionsMap map[string]regionDetails `yaml:"-" json:"regions,omitempty"`
+	Config     map[string]interface{}   `yaml:"config,omitempty" json:"config,omitempty"`
 }
 
 func makeCloudDetails(cloud jujucloud.Cloud) *cloudDetails {
@@ -99,6 +100,7 @@
 		CloudType:       cloud.Type,
 		Endpoint:        cloud.Endpoint,
 		StorageEndpoint: cloud.StorageEndpoint,
+		Config:          cloud.Config,
 	}
 	result.AuthTypes = make([]string, len(cloud.AuthTypes))
 	for i, at := range cloud.AuthTypes {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/show_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/show_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/show_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/show_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,13 @@
 package cloud_test
 
 import (
+	"io/ioutil"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/cmd/juju/cloud"
+	"github.com/juju/juju/juju/osenv"
 	_ "github.com/juju/juju/provider/all"
 	"github.com/juju/juju/testing"
 )
@@ -36,3 +39,34 @@
     endpoint: https://ec2.cn-north-1.amazonaws.com.cn/
 `[1:])
 }
+
+func (s *showSuite) TestShowWithConfig(c *gc.C) {
+	data := `
+clouds:
+  homestack:
+    type: openstack
+    auth-types: [userpass, access-key]
+    endpoint: http://homestack
+    regions:
+      london:
+        endpoint: http://london/1.0
+    config:
+      bootstrap-timeout: 1800
+`[1:]
+	err := ioutil.WriteFile(osenv.JujuXDGDataHomePath("clouds.yaml"), []byte(data), 0600)
+
+	ctx, err := testing.RunCommand(c, cloud.NewShowCloudCommand(), "local:homestack")
+	c.Assert(err, jc.ErrorIsNil)
+	out := testing.Stdout(ctx)
+	c.Assert(out, gc.Equals, `
+defined: local
+type: openstack
+auth-types: [userpass, access-key]
+endpoint: http://homestack
+regions:
+  london:
+    endpoint: http://london/1.0
+config:
+  bootstrap-timeout: 1800
+`[1:])
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/updateclouds.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/updateclouds.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/updateclouds.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/updateclouds.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,7 +20,7 @@
 	"golang.org/x/crypto/openpgp/clearsign"
 
 	jujucloud "github.com/juju/juju/cloud"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 )
 
 type updateCloudsCommand struct {
@@ -39,13 +39,13 @@
 
     juju update-clouds
 
-See also: list-clouds
+See also: clouds
 `
 
 // NewUpdateCloudsCommand returns a command to update cloud information.
 func NewUpdateCloudsCommand() cmd.Command {
 	return &updateCloudsCommand{
-		publicSigningKey: juju.JujuPublicKey,
+		publicSigningKey: keys.JujuPublicKey,
 		publicCloudURL:   "https://streams.canonical.com/juju/public-clouds.syaml",
 	}
 }
@@ -96,7 +96,7 @@
 		return err
 	}
 	if sameCloudInfo {
-		fmt.Fprintln(ctxt.Stdout, "Your list of public clouds is up to date, see juju list-clouds.")
+		fmt.Fprintln(ctxt.Stdout, "Your list of public clouds is up to date, see `juju clouds`.")
 		return nil
 	}
 	if err := jujucloud.WritePublicCloudMetadata(newPublicClouds); err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/updateclouds_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/updateclouds_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/cloud/updateclouds_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/cloud/updateclouds_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -136,7 +136,7 @@
 	defer ts.Close()
 
 	msg := s.run(c, ts.URL, "")
-	c.Assert(strings.Replace(msg, "\n", "", -1), gc.Matches, "Fetching latest public cloud list...Your list of public clouds is up to date, see juju list-clouds.")
+	c.Assert(strings.Replace(msg, "\n", "", -1), gc.Matches, "Fetching latest public cloud list...Your list of public clouds is up to date, see `juju clouds`.")
 }
 
 func (s *updateCloudsSuite) TestFirstRun(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/add_sshkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/add_sshkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/add_sshkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/add_sshkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,7 +40,7 @@
 juju add-ssh-key "$(cat ~/mykey.pub)"
 
 See also: 
-    list-ssh-key
+    ssh-keys
     remove-ssh-key
     import-ssh-key`[1:]
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/bootstrap_clouds.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/bootstrap_clouds.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/bootstrap_clouds.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/bootstrap_clouds.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,131 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package commands
+
+import (
+	"bytes"
+	"fmt"
+	"sort"
+	"strings"
+	"text/tabwriter"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+
+	jujucloud "github.com/juju/juju/cloud"
+	"github.com/juju/juju/cmd/juju/common"
+	"github.com/juju/juju/jujuclient"
+)
+
+type cloudList struct {
+	public   []string
+	builtin  []string
+	personal []string
+}
+
+func formatCloudDetailsTabular(clouds cloudList, credStore jujuclient.CredentialStore) ([]byte, error) {
+	var out bytes.Buffer
+	const (
+		// To format things into columns.
+		minwidth = 0
+		tabwidth = 1
+		padding  = 2
+		padchar  = ' '
+		flags    = 0
+	)
+	tw := tabwriter.NewWriter(&out, minwidth, tabwidth, padding, padchar, flags)
+	p := func(values ...string) {
+		text := strings.Join(values, "\t")
+		fmt.Fprintln(tw, text)
+	}
+	p("Cloud\tCredentials\tDefault Region")
+	printClouds := func(cloudNames []string) error {
+		sort.Strings(cloudNames)
+		for _, name := range cloudNames {
+			cred, err := credStore.CredentialForCloud(name)
+			if err != nil && !errors.IsNotFound(err) {
+				return errors.Annotatef(err, "error loading credential for cloud %q", name)
+			}
+			if err != nil || len(cred.AuthCredentials) == 0 {
+				p(name, "", "")
+				continue
+			}
+			var sortedCredNames []string
+			for credName := range cred.AuthCredentials {
+				sortedCredNames = append(sortedCredNames, credName)
+			}
+			sort.Strings(sortedCredNames)
+			for i, credName := range sortedCredNames {
+				if i == 0 {
+					p(name, credName, cred.DefaultRegion)
+				} else {
+					p("", credName, "")
+				}
+				i++
+			}
+		}
+		return nil
+	}
+	if err := printClouds(clouds.public); err != nil {
+		return nil, err
+	}
+	if err := printClouds(clouds.builtin); err != nil {
+		return nil, err
+	}
+	if err := printClouds(clouds.personal); err != nil {
+		return nil, err
+	}
+
+	tw.Flush()
+	return out.Bytes(), nil
+}
+
+func printClouds(ctx *cmd.Context, credStore jujuclient.CredentialStore) error {
+	publicClouds, _, err := jujucloud.PublicCloudMetadata(jujucloud.JujuPublicCloudsPath())
+	if err != nil {
+		return err
+	}
+
+	personalClouds, err := jujucloud.PersonalCloudMetadata()
+	if err != nil {
+		return err
+	}
+
+	fmt.Fprintln(ctx.Stdout, "You can bootstrap on these clouds. See ‘--regions <cloud>’ for all regions.")
+	clouds := cloudList{}
+	for name := range publicClouds {
+		clouds.public = append(clouds.public, name)
+	}
+	// Add in built in clouds like localhost (lxd).
+	for name := range common.BuiltInClouds() {
+		clouds.builtin = append(clouds.builtin, name)
+	}
+	for name := range personalClouds {
+		clouds.personal = append(clouds.personal, name)
+	}
+	out, err := formatCloudDetailsTabular(clouds, credStore)
+	if err != nil {
+		return err
+	}
+	fmt.Fprintln(ctx.Stdout, string(out))
+	credHelpText := `
+You will need to have a credential if you want to bootstrap on a cloud, see
+‘juju autoload-credentials’ and ‘juju add-credential’. The first credential
+listed is the default. Add more clouds with ‘juju add-cloud’.
+`
+	fmt.Fprintf(ctx.Stdout, credHelpText[1:])
+	return nil
+}
+
+func printCloudRegions(ctx *cmd.Context, cloudName string) error {
+	cloud, err := jujucloud.CloudByName(cloudName)
+	if err != nil {
+		return err
+	}
+	fmt.Fprintf(ctx.Stdout, "Showing regions for %s:\n", cloudName)
+	for _, region := range cloud.Regions {
+		fmt.Fprintln(ctx.Stdout, region.Name)
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/bootstrap.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/bootstrap.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/bootstrap.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/bootstrap.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,6 +20,7 @@
 	"github.com/juju/juju/cmd/juju/common"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
@@ -28,6 +29,7 @@
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/jujuclient"
+	"github.com/juju/juju/provider/gce"
 	jujuversion "github.com/juju/juju/version"
 )
 
@@ -41,27 +43,37 @@
 Initializes a cloud environment.`[1:]
 
 var usageBootstrapDetails = `
-Initialization consists of creating an 'admin' model and provisioning a 
-machine to act as controller.
+Used without arguments, bootstrap will step you through the process of 
+initializing a Juju cloud environment. Initialization consists of creating
+a 'controller' model and provisioning a machine to act as controller.
+
+We recommend you call your controller ‘username-region’ e.g. ‘fred-us-west-1’
+See --clouds for a list of clouds and credentials.
+See --regions <cloud> for a list of available regions for a given cloud.
+
 Credentials are set beforehand and are distinct from any other 
 configuration (see `[1:] + "`juju add-credential`" + `).
-The 'admin' model typically does not run workloads. It should remain
+The 'controller' model typically does not run workloads. It should remain
 pristine to run and manage Juju's own infrastructure for the corresponding
 cloud. Additional (hosted) models should be created with ` + "`juju create-\nmodel`" + ` for workload purposes.
 Note that a 'default' model is also created and becomes the current model
 of the environment once the command completes. It can be discarded if
 other models are created.
+
 If '--bootstrap-constraints' is used, its values will also apply to any
 future controllers provisioned for high availability (HA).
+
 If '--constraints' is used, its values will be set as the default 
 constraints for all future workload machines in the model, exactly as if 
 the constraints were set with ` + "`juju set-model-constraints`" + `.
+
 It is possible to override constraints and the automatic machine selection
 algorithm by assigning a "placement directive" via the '--to' option. This
 dictates what machine to use for the controller. This would typically be 
 used with the MAAS provider ('--to <host>.maas').
+
 You can change the default timeout and retry delays used during the 
-bootstrap by changing the following settings in your configuration file
+bootstrap by changing the following settings in your configuration
 (all values represent number of seconds):
     # How long to wait for a connection to the controller
     bootstrap-timeout: 600 # default: 10 minutes
@@ -70,6 +82,7 @@
     bootstrap-retry-delay: 5 # default: 5 seconds
     # How often to refresh controller addresses from the API server.
     bootstrap-addresses-delay: 10 # default: 10 seconds
+    
 Private clouds may need to specify their own custom image metadata and
 tools/agent. Use '--metadata-source' whose value is a local directory.
 The value of '--agent-version' will become the default tools version to
@@ -78,10 +91,13 @@
 used. Otherwise, by default, the version used is that of the client.
 
 Examples:
-    juju bootstrap mycontroller google
-    juju bootstrap --config=~/config-rs.yaml mycontroller rackspace
-    juju bootstrap --config agent-version=1.25.3 mycontroller aws
-    juju bootstrap --config bootstrap-timeout=1200 mycontroller azure
+    juju bootstrap
+    juju bootstrap --clouds
+    juju bootstrap --regions aws
+    juju bootstrap joe-us-east1 google
+    juju bootstrap --config=~/config-rs.yaml joe-syd rackspace
+    juju bootstrap --config agent-version=1.25.3 joe-us-east-1 aws
+    juju bootstrap --config bootstrap-timeout=1200 joe-eastus azure
 
 See also: 
     add-credentials
@@ -89,7 +105,7 @@
     set-constraints`
 
 // defaultHostedModelName is the name of the hosted model created in each
-// controller for deploying workloads to, in addition to the "admin" model.
+// controller for deploying workloads to, in addition to the "controller" model.
 const defaultHostedModelName = "default"
 
 func newBootstrapCommand() cmd.Command {
@@ -117,12 +133,14 @@
 	AgentVersion          *version.Number
 	config                common.ConfigFlag
 
-	controllerName  string
-	hostedModelName string
-	CredentialName  string
-	Cloud           string
-	Region          string
-	noGUI           bool
+	showClouds          bool
+	showRegionsForCloud string
+	controllerName      string
+	hostedModelName     string
+	CredentialName      string
+	Cloud               string
+	Region              string
+	noGUI               bool
 }
 
 func (c *bootstrapCommand) Info() *cmd.Info {
@@ -152,9 +170,20 @@
 	f.StringVar(&c.hostedModelName, "d", defaultHostedModelName, "Name of the default hosted model for the controller")
 	f.StringVar(&c.hostedModelName, "default-model", defaultHostedModelName, "Name of the default hosted model for the controller")
 	f.BoolVar(&c.noGUI, "no-gui", false, "Do not install the Juju GUI in the controller when bootstrapping")
+	f.BoolVar(&c.showClouds, "clouds", false, "Print the available clouds which can be used to bootstrap a Juju environment")
+	f.StringVar(&c.showRegionsForCloud, "regions", "", "Print the available regions for the specified cloud")
 }
 
 func (c *bootstrapCommand) Init(args []string) (err error) {
+	if c.showClouds && c.showRegionsForCloud != "" {
+		return fmt.Errorf("--clouds and --regions can't be used together")
+	}
+	if c.showClouds {
+		return cmd.CheckEmpty(args)
+	}
+	if c.showRegionsForCloud != "" {
+		return cmd.CheckEmpty(args)
+	}
 	if c.AgentVersionParam != "" && c.UploadTools {
 		return fmt.Errorf("--agent-version and --upload-tools can't be used together")
 	}
@@ -206,7 +235,7 @@
 	if len(args) < 2 {
 		return errors.New("controller name and cloud name are required")
 	}
-	c.controllerName = bootstrappedControllerName(args[0])
+	c.controllerName = args[0]
 	c.Cloud = args[1]
 	if i := strings.IndexRune(c.Cloud, '/'); i > 0 {
 		c.Cloud, c.Region = c.Cloud[:i], c.Cloud[i+1:]
@@ -214,13 +243,10 @@
 	return cmd.CheckEmpty(args[2:])
 }
 
-var bootstrappedControllerName = func(controllerName string) string {
-	return fmt.Sprintf("local.%s", controllerName)
-}
-
 // BootstrapInterface provides bootstrap functionality that Run calls to support cleaner testing.
 type BootstrapInterface interface {
 	Bootstrap(ctx environs.BootstrapContext, environ environs.Environ, args bootstrap.BootstrapParams) error
+	CloudRegionDetector(environs.EnvironProvider) (environs.CloudRegionDetector, bool)
 }
 
 type bootstrapFuncs struct{}
@@ -229,12 +255,17 @@
 	return bootstrap.Bootstrap(ctx, env, args)
 }
 
+func (b bootstrapFuncs) CloudRegionDetector(provider environs.EnvironProvider) (environs.CloudRegionDetector, bool) {
+	detector, ok := provider.(environs.CloudRegionDetector)
+	return detector, ok
+}
+
 var getBootstrapFuncs = func() BootstrapInterface {
 	return &bootstrapFuncs{}
 }
 
 var (
-	environsPrepare            = environs.Prepare
+	bootstrapPrepare           = bootstrap.Prepare
 	environsDestroy            = environs.Destroy
 	waitForAgentInitialisation = common.WaitForAgentInitialisation
 )
@@ -248,6 +279,13 @@
 // a juju in that environment if none already exists. If there is as yet no environments.yaml file,
 // the user is informed how to create one.
 func (c *bootstrapCommand) Run(ctx *cmd.Context) (resultErr error) {
+	if c.showClouds {
+		return printClouds(ctx, c.ClientStore())
+	}
+	if c.showRegionsForCloud != "" {
+		return printCloudRegions(ctx, c.showRegionsForCloud)
+	}
+
 	bootstrapFuncs := getBootstrapFuncs()
 
 	// Get the cloud definition identified by c.Cloud. If c.Cloud does not
@@ -264,7 +302,7 @@
 		} else if err != nil {
 			return errors.Trace(err)
 		}
-		detector, ok := provider.(environs.CloudRegionDetector)
+		detector, ok := bootstrapFuncs.CloudRegionDetector(provider)
 		if !ok {
 			ctx.Verbosef(
 				"provider %q does not support detecting regions",
@@ -272,17 +310,35 @@
 			)
 			return errors.NewNotFound(nil, fmt.Sprintf("unknown cloud %q, please try %q", c.Cloud, "juju update-clouds"))
 		}
+		var cloudEndpoint string
 		regions, err := detector.DetectRegions()
-		if err != nil && !errors.IsNotFound(err) {
-			// It's not an error to have no regions.
+		if errors.IsNotFound(err) {
+			// It's not an error to have no regions. If the
+			// provider does not support regions, then we
+			// reinterpret the supplied region name as the
+			// cloud's endpoint. This enables the user to
+			// supply, for example, maas/<IP> or manual/<IP>.
+			if c.Region != "" {
+				ctx.Verbosef("interpreting %q as the cloud endpoint")
+				cloudEndpoint = c.Region
+				c.Region = ""
+			}
+		} else if err != nil {
 			return errors.Annotatef(err,
 				"detecting regions for %q cloud provider",
 				c.Cloud,
 			)
 		}
+		schemas := provider.CredentialSchemas()
+		authTypes := make([]jujucloud.AuthType, 0, len(schemas))
+		for authType := range schemas {
+			authTypes = append(authTypes, authType)
+		}
 		cloud = &jujucloud.Cloud{
-			Type:    c.Cloud,
-			Regions: regions,
+			Type:      c.Cloud,
+			AuthTypes: authTypes,
+			Endpoint:  cloudEndpoint,
+			Regions:   regions,
 		}
 	} else if err != nil {
 		return errors.Trace(err)
@@ -293,8 +349,22 @@
 		return errors.Trace(err)
 	}
 
+	// Custom clouds may not have explicitly declared support for any auth-
+	// types, in which case we'll assume that they support everything that
+	// the provider supports.
+	if len(cloud.AuthTypes) == 0 {
+		provider, err := environs.Provider(cloud.Type)
+		if err != nil {
+			return errors.Trace(err)
+		}
+		for authType := range provider.CredentialSchemas() {
+			cloud.AuthTypes = append(cloud.AuthTypes, authType)
+		}
+	}
+
 	// Get the credentials and region name.
 	store := c.ClientStore()
+	var detectedCredentialName string
 	credential, credentialName, regionName, err := modelcmd.GetCredentials(
 		store, c.Region, c.CredentialName, c.Cloud, cloud.Type,
 	)
@@ -311,21 +381,29 @@
 		}
 		// We have one credential so extract it from the map.
 		var oneCredential jujucloud.Credential
-		for _, oneCredential = range detected.AuthCredentials {
+		for detectedCredentialName, oneCredential = range detected.AuthCredentials {
 		}
 		credential = &oneCredential
 		regionName = c.Region
 		if regionName == "" {
 			regionName = detected.DefaultRegion
 		}
-		logger.Tracef("authenticating with region %q and %v", regionName, credential)
+		logger.Debugf(
+			"authenticating with region %q and credential %q (%v)",
+			regionName, detectedCredentialName, credential.Label,
+		)
+		logger.Tracef("credential: %v", credential)
 	} else if err != nil {
 		return errors.Trace(err)
 	}
 
 	region, err := getRegion(cloud, c.Cloud, regionName)
 	if err != nil {
-		return errors.Trace(err)
+		fmt.Fprintf(ctx.GetStderr(),
+			"%s\n\nSpecify an alternative region, or try %q.",
+			err, "juju update-clouds",
+		)
+		return cmd.ErrSilent
 	}
 
 	hostedModelUUID, err := utils.NewUUID()
@@ -337,26 +415,67 @@
 		return errors.Trace(err)
 	}
 
-	// Create an environment config from the cloud and credentials.
-	configAttrs := map[string]interface{}{
-		"type":                   cloud.Type,
-		"name":                   environs.ControllerModelName,
-		config.UUIDKey:           controllerUUID.String(),
-		config.ControllerUUIDKey: controllerUUID.String(),
+	// TODO(axw) this is a dirty hack to get 2.0-beta10 over the line.
+	// We need to pull this out immediately after, and then update
+	// everything to remove credentials from model config.
+	if cloud.Type == "gce" && credential.AuthType() == jujucloud.JSONFileAuthType {
+		cred, err := gce.ParseJSONAuthFile(credential.Attributes()["file"])
+		if err != nil {
+			return errors.Trace(err)
+		}
+		*credential = cred
+	}
+
+	// Create a model config, and split out any controller
+	// and bootstrap config attributes.
+	modelConfigAttrs := map[string]interface{}{
+		"type":         cloud.Type,
+		"name":         bootstrap.ControllerModelName,
+		config.UUIDKey: controllerUUID.String(),
+	}
+	for k, v := range cloud.Config {
+		modelConfigAttrs[k] = v
 	}
 	userConfigAttrs, err := c.config.ReadAttrs(ctx)
 	if err != nil {
 		return errors.Trace(err)
 	}
 	for k, v := range userConfigAttrs {
-		configAttrs[k] = v
+		modelConfigAttrs[k] = v
+	}
+	bootstrapConfigAttrs := make(map[string]interface{})
+	controllerConfigAttrs := make(map[string]interface{})
+	for k, v := range modelConfigAttrs {
+		switch {
+		case bootstrap.IsBootstrapAttribute(k):
+			bootstrapConfigAttrs[k] = v
+			delete(modelConfigAttrs, k)
+		case controller.ControllerOnlyAttribute(k):
+			controllerConfigAttrs[k] = v
+			delete(modelConfigAttrs, k)
+		}
+	}
+	bootstrapConfig, err := bootstrap.NewConfig(controllerUUID.String(), bootstrapConfigAttrs)
+	if err != nil {
+		return errors.Annotate(err, "constructing bootstrap config")
 	}
-	logger.Debugf("preparing controller with config: %v", configAttrs)
+	controllerConfig, err := controller.NewConfig(
+		controllerUUID.String(), bootstrapConfig.CACert, controllerConfigAttrs,
+	)
+	if err != nil {
+		return errors.Annotate(err, "constructing controller config")
+	}
+	if err := common.FinalizeAuthorizedKeys(ctx, modelConfigAttrs); err != nil {
+		return errors.Annotate(err, "finalizing authorized-keys")
+	}
+	logger.Debugf("preparing controller with config: %v", modelConfigAttrs)
 
-	// Read existing current controller, account, model so we can clean up on error.
+	// Read existing current controller so we can clean up on error.
 	var oldCurrentController string
-	oldCurrentController, err = modelcmd.ReadCurrentController()
-	if err != nil {
+	oldCurrentController, err = store.CurrentController()
+	if errors.IsNotFound(err) {
+		oldCurrentController = ""
+	} else if err != nil {
 		return errors.Annotate(err, "error reading current controller")
 	}
 
@@ -365,25 +484,26 @@
 			return
 		}
 		if oldCurrentController != "" {
-			if err := modelcmd.WriteCurrentController(oldCurrentController); err != nil {
-				logger.Warningf(
+			if err := store.SetCurrentController(oldCurrentController); err != nil {
+				logger.Errorf(
 					"cannot reset current controller to %q: %v",
 					oldCurrentController, err,
 				)
 			}
 		}
 		if err := store.RemoveController(c.controllerName); err != nil {
-			logger.Warningf(
+			logger.Errorf(
 				"cannot destroy newly created controller %q details: %v",
 				c.controllerName, err,
 			)
 		}
 	}()
 
-	environ, err := environsPrepare(
+	environ, err := bootstrapPrepare(
 		modelcmd.BootstrapContext(ctx), store,
-		environs.PrepareParams{
-			BaseConfig:           configAttrs,
+		bootstrap.PrepareParams{
+			BaseConfig:           modelConfigAttrs,
+			ControllerConfig:     controllerConfig,
 			ControllerName:       c.controllerName,
 			CloudName:            c.Cloud,
 			CloudRegion:          region.Name,
@@ -391,6 +511,7 @@
 			CloudStorageEndpoint: region.StorageEndpoint,
 			Credential:           *credential,
 			CredentialName:       credentialName,
+			AdminSecret:          bootstrapConfig.AdminSecret,
 		},
 	)
 	if err != nil {
@@ -398,22 +519,18 @@
 	}
 
 	// Set the current model to the initial hosted model.
-	accountName, err := store.CurrentAccount(c.controllerName)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	if err := store.UpdateModel(c.controllerName, accountName, c.hostedModelName, jujuclient.ModelDetails{
+	if err := store.UpdateModel(c.controllerName, c.hostedModelName, jujuclient.ModelDetails{
 		hostedModelUUID.String(),
 	}); err != nil {
 		return errors.Trace(err)
 	}
-	if err := store.SetCurrentModel(c.controllerName, accountName, c.hostedModelName); err != nil {
+	if err := store.SetCurrentModel(c.controllerName, c.hostedModelName); err != nil {
 		return errors.Trace(err)
 	}
 
 	// Set the current controller so "juju status" can be run while
 	// bootstrapping is underway.
-	if err := modelcmd.WriteCurrentController(c.controllerName); err != nil {
+	if err := store.SetCurrentController(c.controllerName); err != nil {
 		return errors.Trace(err)
 	}
 
@@ -430,7 +547,7 @@
 	defer func() {
 		if resultErr != nil {
 			if c.KeepBrokenEnvironment {
-				logger.Warningf(`
+				logger.Infof(`
 bootstrap failed but --keep-broken was specified so model is not being destroyed.
 When you are finished diagnosing the problem, remember to run juju destroy-model --force
 to clean up the model.`[1:])
@@ -484,9 +601,9 @@
 	// We copy across any user supplied attributes to the hosted model config.
 	// But only if the attributes have not been removed from the controller
 	// model config as part of preparing the controller model.
-	controllerConfigAttrs := environ.Config().AllAttrs()
+	controllerModelConfigAttrs := environ.Config().AllAttrs()
 	for k, v := range userConfigAttrs {
-		if _, ok := controllerConfigAttrs[k]; ok {
+		if _, ok := controllerModelConfigAttrs[k]; ok {
 			hostedModelConfig[k] = v
 		}
 	}
@@ -494,9 +611,18 @@
 	// model config. These attributes may be modified during bootstrap; by
 	// removing them from this map, we ensure the modified values are
 	// inherited.
-	delete(hostedModelConfig, config.AuthKeysConfig)
+	delete(hostedModelConfig, config.AuthorizedKeysKey)
 	delete(hostedModelConfig, config.AgentVersionKey)
 
+	// Based on the attribute names in clouds.yaml, create
+	// a map of shared config for all models on this cloud.
+	inheritedControllerAttrs := make(map[string]interface{})
+	for k := range cloud.Config {
+		if v, ok := controllerModelConfigAttrs[k]; ok {
+			inheritedControllerAttrs[k] = v
+		}
+	}
+
 	// Check whether the Juju GUI must be installed in the controller.
 	// Leaving this value empty means no GUI will be installed.
 	var guiDataSourceBaseURL string
@@ -504,18 +630,39 @@
 		guiDataSourceBaseURL = common.GUIDataSourceBaseURL()
 	}
 
+	if credentialName == "" {
+		// credentialName will be empty if the credential was detected.
+		// We must supply a name for the credential in the database,
+		// so choose one.
+		credentialName = detectedCredentialName
+	}
+
 	err = bootstrapFuncs.Bootstrap(modelcmd.BootstrapContext(ctx), environ, bootstrap.BootstrapParams{
-		ModelConstraints:     c.Constraints,
-		BootstrapConstraints: bootstrapConstraints,
-		BootstrapSeries:      c.BootstrapSeries,
-		BootstrapImage:       c.BootstrapImage,
-		Placement:            c.Placement,
-		UploadTools:          c.UploadTools,
-		BuildToolsTarball:    sync.BuildToolsTarball,
-		AgentVersion:         c.AgentVersion,
-		MetadataDir:          metadataDir,
-		HostedModelConfig:    hostedModelConfig,
-		GUIDataSourceBaseURL: guiDataSourceBaseURL,
+		ModelConstraints:          c.Constraints,
+		BootstrapConstraints:      bootstrapConstraints,
+		BootstrapSeries:           c.BootstrapSeries,
+		BootstrapImage:            c.BootstrapImage,
+		Placement:                 c.Placement,
+		UploadTools:               c.UploadTools,
+		BuildToolsTarball:         sync.BuildToolsTarball,
+		AgentVersion:              c.AgentVersion,
+		MetadataDir:               metadataDir,
+		Cloud:                     *cloud,
+		CloudName:                 c.Cloud,
+		CloudRegion:               region.Name,
+		CloudCredential:           credential,
+		CloudCredentialName:       credentialName,
+		ControllerConfig:          controllerConfig,
+		ControllerInheritedConfig: inheritedControllerAttrs,
+		HostedModelConfig:         hostedModelConfig,
+		GUIDataSourceBaseURL:      guiDataSourceBaseURL,
+		AdminSecret:               bootstrapConfig.AdminSecret,
+		CAPrivateKey:              bootstrapConfig.CAPrivateKey,
+		DialOpts: environs.BootstrapDialOpts{
+			Timeout:        bootstrapConfig.BootstrapTimeout,
+			RetryDelay:     bootstrapConfig.BootstrapRetryDelay,
+			AddressesDelay: bootstrapConfig.BootstrapAddressesDelay,
+		},
 	})
 	if err != nil {
 		return errors.Annotate(err, "failed to bootstrap model")
@@ -525,7 +672,7 @@
 		return errors.Trace(err)
 	}
 
-	err = common.SetBootstrapEndpointAddress(c.ClientStore(), c.controllerName, environ)
+	err = common.SetBootstrapEndpointAddress(c.ClientStore(), c.controllerName, controllerConfig.APIPort(), environ)
 	if err != nil {
 		return errors.Annotate(err, "saving bootstrap endpoint address")
 	}
@@ -537,49 +684,25 @@
 }
 
 // getRegion returns the cloud.Region to use, based on the specified
-// region name, and the region name selected if none was specified.
-//
-// If no region name is specified, and there is at least one region,
-// we use the first region in the list.
-//
-// If no region name is specified, and there are no regions at all,
-// then we synthesise a region from the cloud's endpoint information
-// and just pass this on to the provider.
+// region name.  If no region name is specified, and there is at least
+// one region, we use the first region in the list.
 func getRegion(cloud *jujucloud.Cloud, cloudName, regionName string) (jujucloud.Region, error) {
-	if len(cloud.Regions) == 0 {
-		// The cloud does not specify regions, so assume
-		// that the cloud provider does not have a concept
-		// of regions, or has no pre-defined regions, and
-		// defer validation to the provider.
-		region := jujucloud.Region{
-			regionName,
-			cloud.Endpoint,
-			cloud.StorageEndpoint,
+	if regionName != "" {
+		region, err := jujucloud.RegionByName(cloud.Regions, regionName)
+		if err != nil {
+			return jujucloud.Region{}, errors.Trace(err)
 		}
-		return region, nil
+		return *region, nil
 	}
-	if regionName == "" {
+	if len(cloud.Regions) > 0 {
 		// No region was specified, use the first region in the list.
 		return cloud.Regions[0], nil
 	}
-	for _, region := range cloud.Regions {
-		// Do a case-insensitive comparison
-		if strings.EqualFold(region.Name, regionName) {
-			return region, nil
-		}
-	}
-	return jujucloud.Region{}, errors.NewNotFound(nil, fmt.Sprintf(
-		"region %q in cloud %q not found (expected one of %q)\nalternatively, try %q",
-		regionName, cloudName, cloudRegionNames(cloud), "juju update-clouds",
-	))
-}
-
-func cloudRegionNames(cloud *jujucloud.Cloud) []string {
-	var regionNames []string
-	for _, region := range cloud.Regions {
-		regionNames = append(regionNames, region.Name)
-	}
-	return regionNames
+	return jujucloud.Region{
+		"", // no region name
+		cloud.Endpoint,
+		cloud.StorageEndpoint,
+	}, nil
 }
 
 // checkProviderType ensures the provider type is okay.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/bootstrap_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/bootstrap_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/bootstrap_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/bootstrap_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,6 +10,7 @@
 	"path/filepath"
 	"runtime"
 	"strings"
+	"time"
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
@@ -38,7 +39,7 @@
 	envtools "github.com/juju/juju/environs/tools"
 	toolstesting "github.com/juju/juju/environs/tools/testing"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
@@ -66,13 +67,13 @@
 	environs.RegisterProvider("no-cloud-region-detection", noCloudRegionDetectionProvider{})
 	environs.RegisterProvider("no-cloud-regions", noCloudRegionsProvider{dummyProvider})
 	environs.RegisterProvider("no-credentials", noCredentialsProvider{})
-	environs.RegisterProvider("many-credentials", manyCredentialsProvider{})
+	environs.RegisterProvider("many-credentials", manyCredentialsProvider{dummyProvider})
 }
 
 func (s *BootstrapSuite) SetUpSuite(c *gc.C) {
 	s.FakeJujuXDGDataHomeSuite.SetUpSuite(c)
 	s.MgoSuite.SetUpSuite(c)
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 }
 
 func (s *BootstrapSuite) SetUpTest(c *gc.C) {
@@ -202,8 +203,10 @@
 		return restore
 	}
 
-	opBootstrap := (<-opc).(dummy.OpBootstrap)
-	c.Check(opBootstrap.Env, gc.Equals, "admin")
+	op, ok := <-opc
+	c.Assert(ok, gc.Equals, true)
+	opBootstrap := op.(dummy.OpBootstrap)
+	c.Check(opBootstrap.Env, gc.Equals, bootstrap.ControllerModelName)
 	c.Check(opBootstrap.Args.ModelConstraints, gc.DeepEquals, test.constraints)
 	if test.bootstrapConstraints == (constraints.Value{}) {
 		test.bootstrapConstraints = test.constraints
@@ -212,39 +215,37 @@
 	c.Check(opBootstrap.Args.Placement, gc.Equals, test.placement)
 
 	opFinalizeBootstrap := (<-opc).(dummy.OpFinalizeBootstrap)
-	c.Check(opFinalizeBootstrap.Env, gc.Equals, "admin")
+	c.Check(opFinalizeBootstrap.Env, gc.Equals, bootstrap.ControllerModelName)
 	c.Check(opFinalizeBootstrap.InstanceConfig.ToolsList(), gc.Not(gc.HasLen), 0)
 	if test.upload != "" {
 		c.Check(opFinalizeBootstrap.InstanceConfig.AgentVersion().String(), gc.Equals, test.upload)
 	}
 
-	expectedBootstrappedControllerName := bootstrappedControllerName(controllerName)
-
 	// Check controllers.yaml controller details.
 	addrConnectedTo := []string{"localhost:17070"}
 
-	controller, err := s.store.ControllerByName(expectedBootstrappedControllerName)
+	controller, err := s.store.ControllerByName(controllerName)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(controller.CACert, gc.Not(gc.Equals), "")
 	c.Assert(controller.UnresolvedAPIEndpoints, gc.DeepEquals, addrConnectedTo)
 	c.Assert(controller.APIEndpoints, gc.DeepEquals, addrConnectedTo)
 	c.Assert(utils.IsValidUUIDString(controller.ControllerUUID), jc.IsTrue)
 
-	// Controller model should be called "admin".
-	controllerModel, err := s.store.ModelByName(expectedBootstrappedControllerName, "admin@local", "admin")
-	c.Assert(controllerModel.ModelUUID, gc.Equals, controller.ControllerUUID)
+	controllerModel, err := s.store.ModelByName(controllerName, bootstrap.ControllerModelName)
 	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(controllerModel.ModelUUID, gc.Equals, controller.ControllerUUID)
 
 	// Bootstrap config should have been saved, and should only contain
 	// the type, name, and any user-supplied configuration.
-	bootstrapConfig, err := s.store.BootstrapConfigForController(expectedBootstrappedControllerName)
+	bootstrapConfig, err := s.store.BootstrapConfigForController(controllerName)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(bootstrapConfig.Cloud, gc.Equals, "dummy")
 	c.Assert(bootstrapConfig.Credential, gc.Equals, "")
 	c.Assert(bootstrapConfig.Config, jc.DeepEquals, map[string]interface{}{
-		"name":           "admin",
-		"type":           "dummy",
-		"default-series": "raring",
+		"name":            bootstrap.ControllerModelName,
+		"type":            "dummy",
+		"default-series":  "raring",
+		"authorized-keys": "public auth key\n",
 	})
 
 	return restore
@@ -296,7 +297,7 @@
 	version:  "1.3.3-saucy-mips64",
 	hostArch: "mips64",
 	args:     []string{"--upload-tools"},
-	err:      `failed to bootstrap model: model "admin" of type dummy does not support instances running on "mips64"`,
+	err:      fmt.Sprintf(`failed to bootstrap model: model %q of type dummy does not support instances running on "mips64"`, bootstrap.ControllerModelName),
 }, {
 	info:     "--upload-tools always bumps build number",
 	version:  "1.2.3.4-raring-amd64",
@@ -333,6 +334,10 @@
 	version: "1.3.3-saucy-ppc64el",
 	args:    []string{"--agent-version", "1.4.0"},
 	err:     `requested agent version major.minor mismatch`,
+}, {
+	info: "--clouds with --regions",
+	args: []string{"--clouds", "--regions", "aws"},
+	err:  `--clouds and --regions can't be used together`,
 }}
 
 func (s *BootstrapSuite) TestRunControllerNameMissing(c *gc.C) {
@@ -378,7 +383,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	_, err = coretesting.RunCommand(c, s.newBootstrapCommand(), controllerName, "dummy", "--auto-upgrade")
-	c.Assert(err, gc.ErrorMatches, `controller "local.dev" already exists`)
+	c.Assert(err, gc.ErrorMatches, `controller "dev" already exists`)
 }
 
 func (s *BootstrapSuite) TestBootstrapSetsCurrentModel(c *gc.C) {
@@ -386,10 +391,9 @@
 
 	_, err := coretesting.RunCommand(c, s.newBootstrapCommand(), "devcontroller", "dummy", "--auto-upgrade")
 	c.Assert(err, jc.ErrorIsNil)
-	currentController, err := modelcmd.ReadCurrentController()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(currentController, gc.Equals, bootstrappedControllerName("devcontroller"))
-	modelName, err := s.store.CurrentModel(currentController, "admin@local")
+	currentController := s.store.CurrentControllerName
+	c.Assert(currentController, gc.Equals, "devcontroller")
+	modelName, err := s.store.CurrentModel(currentController)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(modelName, gc.Equals, "default")
 }
@@ -409,10 +413,25 @@
 		"--default-model", "mymodel",
 		"--config", "foo=bar",
 	)
+	c.Assert(utils.IsValidUUIDString(bootstrap.args.ControllerConfig.ControllerUUID()), jc.IsTrue)
 	c.Assert(bootstrap.args.HostedModelConfig["name"], gc.Equals, "mymodel")
 	c.Assert(bootstrap.args.HostedModelConfig["foo"], gc.Equals, "bar")
 }
 
+func (s *BootstrapSuite) TestBootstrapTimeout(c *gc.C) {
+	s.patchVersionAndSeries(c, "raring")
+
+	var bootstrap fakeBootstrapFuncs
+	s.PatchValue(&getBootstrapFuncs, func() BootstrapInterface {
+		return &bootstrap
+	})
+	coretesting.RunCommand(
+		c, s.newBootstrapCommand(), "devcontroller", "dummy", "--auto-upgrade",
+		"--config", "bootstrap-timeout=99",
+	)
+	c.Assert(bootstrap.args.DialOpts.Timeout, gc.Equals, 99*time.Second)
+}
+
 func (s *BootstrapSuite) TestBootstrapDefaultConfigStripsProcessedAttributes(c *gc.C) {
 	s.patchVersionAndSeries(c, "raring")
 
@@ -505,31 +524,32 @@
 // error to propagate back up to the user.
 func (s *BootstrapSuite) TestBootstrapPropagatesStoreErrors(c *gc.C) {
 	const controllerName = "devcontroller"
-	bootstrappedControllerName(controllerName)
 	s.patchVersionAndSeries(c, "raring")
 
 	store := jujuclienttesting.NewStubStore()
 	store.SetErrors(errors.New("oh noes"))
 	cmd := &bootstrapCommand{}
 	cmd.SetClientStore(store)
-	_, err := coretesting.RunCommand(c, modelcmd.Wrap(cmd), controllerName, "dummy", "--auto-upgrade")
+	wrapped := modelcmd.Wrap(cmd, modelcmd.ModelSkipFlags, modelcmd.ModelSkipDefault)
+	_, err := coretesting.RunCommand(c, wrapped, controllerName, "dummy", "--auto-upgrade")
+	store.CheckCallNames(c, "CredentialForCloud")
 	c.Assert(err, gc.ErrorMatches, `loading credentials: oh noes`)
 }
 
 // When attempting to bootstrap, check that when prepare errors out,
 // bootstrap will stop immediately. Nothing will be destroyed.
 func (s *BootstrapSuite) TestBootstrapFailToPrepareDiesGracefully(c *gc.C) {
-
 	destroyed := false
-	s.PatchValue(&environsDestroy, func(string, environs.Environ, jujuclient.ControllerRemover) error {
+	s.PatchValue(&environsDestroy, func(name string, _ environs.Environ, _ jujuclient.ControllerStore) error {
+		c.Assert(name, gc.Equals, "decontroller")
 		destroyed = true
 		return nil
 	})
 
-	s.PatchValue(&environsPrepare, func(
+	s.PatchValue(&bootstrapPrepare, func(
 		environs.BootstrapContext,
 		jujuclient.ClientStore,
-		environs.PrepareParams,
+		bootstrap.PrepareParams,
 	) (environs.Environ, error) {
 		return nil, fmt.Errorf("mock-prepare")
 	})
@@ -543,74 +563,69 @@
 	c.Check(destroyed, jc.IsFalse)
 }
 
-func (s *BootstrapSuite) writeControllerModelAccountInfo(c *gc.C, controller, model, account string) {
+func (s *BootstrapSuite) writeControllerModelAccountInfo(c *gc.C, controller, model, user string) {
 	err := s.store.UpdateController(controller, jujuclient.ControllerDetails{
 		CACert:         "x",
 		ControllerUUID: "y",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = modelcmd.WriteCurrentController(controller)
+	err = s.store.SetCurrentController(controller)
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.UpdateAccount(controller, account, jujuclient.AccountDetails{
-		User:     account,
+	err = s.store.UpdateAccount(controller, jujuclient.AccountDetails{
+		User:     user,
 		Password: "secret",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.SetCurrentAccount(controller, account)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.UpdateModel(controller, account, model, jujuclient.ModelDetails{
+	err = s.store.UpdateModel(controller, model, jujuclient.ModelDetails{
 		ModelUUID: "model-uuid",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.SetCurrentModel(controller, account, model)
+	err = s.store.SetCurrentModel(controller, model)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *BootstrapSuite) TestBootstrapErrorRestoresOldMetadata(c *gc.C) {
 	s.patchVersionAndSeries(c, "raring")
-	s.PatchValue(&environsPrepare, func(
+	s.PatchValue(&bootstrapPrepare, func(
 		environs.BootstrapContext,
 		jujuclient.ClientStore,
-		environs.PrepareParams,
+		bootstrap.PrepareParams,
 	) (environs.Environ, error) {
 		s.writeControllerModelAccountInfo(c, "foo", "bar", "foobar@local")
 		return nil, fmt.Errorf("mock-prepare")
 	})
 
-	s.writeControllerModelAccountInfo(c, "local.olddevcontroller", "fredmodel", "fred@local")
+	s.writeControllerModelAccountInfo(c, "olddevcontroller", "fredmodel", "fred@local")
 	_, err := coretesting.RunCommand(c, s.newBootstrapCommand(), "devcontroller", "dummy", "--auto-upgrade")
 	c.Assert(err, gc.ErrorMatches, "mock-prepare")
 
-	oldCurrentController, err := modelcmd.ReadCurrentController()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(oldCurrentController, gc.Equals, bootstrappedControllerName("olddevcontroller"))
-	oldCurrentAccount, err := s.store.CurrentAccount(oldCurrentController)
+	currentController := s.store.CurrentControllerName
+	c.Assert(currentController, gc.Equals, "olddevcontroller")
+	accountDetails, err := s.store.AccountDetails(currentController)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(oldCurrentAccount, gc.Equals, "fred@local")
-	oldCurrentModel, err := s.store.CurrentModel(oldCurrentController, oldCurrentAccount)
+	c.Assert(accountDetails.User, gc.Equals, "fred@local")
+	currentModel, err := s.store.CurrentModel(currentController)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(oldCurrentModel, gc.Equals, "fredmodel")
+	c.Assert(currentModel, gc.Equals, "fredmodel")
 }
 
 func (s *BootstrapSuite) TestBootstrapAlreadyExists(c *gc.C) {
 	const controllerName = "devcontroller"
-	expectedBootstrappedName := bootstrappedControllerName(controllerName)
 	s.patchVersionAndSeries(c, "raring")
 
-	s.writeControllerModelAccountInfo(c, "local.devcontroller", "fredmodel", "fred@local")
+	s.writeControllerModelAccountInfo(c, "devcontroller", "fredmodel", "fred@local")
 
 	ctx := coretesting.Context(c)
 	_, errc := cmdtesting.RunCommand(ctx, s.newBootstrapCommand(), controllerName, "dummy", "--auto-upgrade")
 	err := <-errc
 	c.Assert(err, jc.Satisfies, errors.IsAlreadyExists)
-	c.Assert(err, gc.ErrorMatches, fmt.Sprintf(`controller %q already exists`, expectedBootstrappedName))
-	currentController, err := modelcmd.ReadCurrentController()
+	c.Assert(err, gc.ErrorMatches, fmt.Sprintf(`controller %q already exists`, controllerName))
+	currentController := s.store.CurrentControllerName
+	c.Assert(currentController, gc.Equals, "devcontroller")
+	accountDetails, err := s.store.AccountDetails(currentController)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(currentController, gc.Equals, "local.devcontroller")
-	currentAccount, err := s.store.CurrentAccount(currentController)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(currentAccount, gc.Equals, "fred@local")
-	currentModel, err := s.store.CurrentModel(currentController, currentAccount)
+	c.Assert(accountDetails.User, gc.Equals, "fred@local")
+	currentModel, err := s.store.CurrentModel(currentController)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(currentModel, gc.Equals, "fredmodel")
 }
@@ -770,7 +785,7 @@
 		"--auto-upgrade",
 	)
 	c.Assert(<-errc, gc.IsNil)
-	c.Check((<-opc).(dummy.OpBootstrap).Env, gc.Equals, "admin")
+	c.Check((<-opc).(dummy.OpBootstrap).Env, gc.Equals, bootstrap.ControllerModelName)
 	icfg := (<-opc).(dummy.OpFinalizeBootstrap).InstanceConfig
 	c.Assert(icfg, gc.NotNil)
 	c.Assert(icfg.AgentVersion().String(), gc.Equals, "1.7.3.1-raring-"+arch.HostArch())
@@ -816,11 +831,11 @@
 	)
 
 	c.Check(coretesting.Stderr(ctx), gc.Equals, fmt.Sprintf(`
-Creating Juju controller "local.devcontroller" on dummy-cloud/region-1
-Bootstrapping model "admin"
+Creating Juju controller "devcontroller" on dummy-cloud/region-1
+Bootstrapping model %q
 Starting new instance for initial controller
 Building tools to upload (1.7.3.1-raring-%s)
-`[1:], arch.HostArch()))
+`[1:], bootstrap.ControllerModelName, arch.HostArch()))
 	c.Check(err, gc.ErrorMatches, "failed to bootstrap model: cannot upload bootstrap tools: an error")
 }
 
@@ -900,7 +915,7 @@
 		c, s.newBootstrapCommand(), "ctrl", "no-cloud-regions",
 		"--config", "default-series=precise",
 	)
-	c.Check(coretesting.Stderr(ctx), gc.Matches, "Creating Juju controller \"local.ctrl\" on no-cloud-regions(.|\n)*")
+	c.Check(coretesting.Stderr(ctx), gc.Matches, "Creating Juju controller \"ctrl\" on no-cloud-regions(.|\n)*")
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -910,7 +925,7 @@
 		c, s.newBootstrapCommand(), "ctrl", "dummy-cloud-without-regions",
 		"--config", "default-series=precise",
 	)
-	c.Check(coretesting.Stderr(ctx), gc.Matches, "Creating Juju controller \"local.ctrl\" on dummy-cloud-without-regions(.|\n)*")
+	c.Check(coretesting.Stderr(ctx), gc.Matches, "Creating Juju controller \"ctrl\" on dummy-cloud-without-regions(.|\n)*")
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -920,14 +935,9 @@
 		c, s.newBootstrapCommand(), "ctrl", "dummy-cloud-without-regions/my-region",
 		"--config", "default-series=precise",
 	)
-	// If the cloud doesn't have any regions defined, we still allow the
-	// user to pass a region through. This enables the manual provider to
-	// take the bootstrap-host from the region name, and later, will
-	// enable the lxd provider to take the lxd remote from the region
-	// name.
 	c.Check(coretesting.Stderr(ctx), gc.Matches,
-		"Creating Juju controller \"local.ctrl\" on dummy-cloud-without-regions/my-region(.|\n)*")
-	c.Assert(err, jc.ErrorIsNil)
+		"region \"my-region\" not found \\(expected one of \\[\\]\\)\n\n.*")
+	c.Assert(err, gc.Equals, cmd.ErrSilent)
 }
 
 func (s *BootstrapSuite) TestBootstrapProviderNoCredentials(c *gc.C) {
@@ -942,22 +952,83 @@
 	c.Assert(err, gc.ErrorMatches, ambiguousCredentialError.Error())
 }
 
+func (s *BootstrapSuite) TestBootstrapProviderDetectRegionsInvalid(c *gc.C) {
+	s.patchVersionAndSeries(c, "raring")
+	ctx, err := coretesting.RunCommand(c, s.newBootstrapCommand(), "ctrl", "dummy/not-dummy")
+	c.Assert(err, gc.Equals, cmd.ErrSilent)
+	stderr := strings.Replace(coretesting.Stderr(ctx), "\n", "", -1)
+	c.Assert(stderr, gc.Matches, `region "not-dummy" not found \(expected one of \["dummy"\]\)Specify an alternative region, or try "juju update-clouds".`)
+}
+
+func (s *BootstrapSuite) TestBootstrapProviderManyCredentialsCloudNoAuthTypes(c *gc.C) {
+	var bootstrap fakeBootstrapFuncs
+	s.PatchValue(&getBootstrapFuncs, func() BootstrapInterface {
+		return &bootstrap
+	})
+
+	s.patchVersionAndSeries(c, "raring")
+	s.store.Credentials = map[string]cloud.CloudCredential{
+		"many-credentials-no-auth-types": {
+			AuthCredentials: map[string]cloud.Credential{"one": cloud.NewCredential("one", nil)},
+		},
+	}
+	coretesting.RunCommand(c, s.newBootstrapCommand(), "ctrl",
+		"many-credentials-no-auth-types",
+		"--credential", "one",
+	)
+	c.Assert(bootstrap.args.Cloud.AuthTypes, jc.SameContents, []cloud.AuthType{"one", "two"})
+}
+
 func (s *BootstrapSuite) TestBootstrapProviderDetectRegions(c *gc.C) {
+	resetJujuXDGDataHome(c)
+
+	var bootstrap fakeBootstrapFuncs
+	bootstrap.cloudRegionDetector = cloudRegionDetectorFunc(func() ([]cloud.Region, error) {
+		return []cloud.Region{{Name: "bruce", Endpoint: "endpoint"}}, nil
+	})
+	s.PatchValue(&getBootstrapFuncs, func() BootstrapInterface {
+		return &bootstrap
+	})
+
 	s.patchVersionAndSeries(c, "raring")
-	_, err := coretesting.RunCommand(c, s.newBootstrapCommand(), "ctrl", "dummy/not-dummy")
-	c.Assert(err, gc.NotNil)
-	errMsg := strings.Replace(err.Error(), "\n", "", -1)
-	c.Assert(errMsg, gc.Matches, `region "not-dummy" in cloud "dummy" not found \(expected one of \["dummy"\]\)alternatively, try "juju update-clouds"`)
+	coretesting.RunCommand(c, s.newBootstrapCommand(), "ctrl", "dummy")
+	c.Assert(bootstrap.args.CloudRegion, gc.Equals, "bruce")
+	c.Assert(bootstrap.args.CloudCredentialName, gc.Equals, "default")
+	c.Assert(bootstrap.args.Cloud, jc.DeepEquals, cloud.Cloud{
+		Type:      "dummy",
+		AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		Regions:   []cloud.Region{{Name: "bruce", Endpoint: "endpoint"}},
+	})
+}
+
+func (s *BootstrapSuite) TestBootstrapProviderDetectNoRegions(c *gc.C) {
+	resetJujuXDGDataHome(c)
+
+	var bootstrap fakeBootstrapFuncs
+	bootstrap.cloudRegionDetector = cloudRegionDetectorFunc(func() ([]cloud.Region, error) {
+		return nil, errors.NotFoundf("regions")
+	})
+	s.PatchValue(&getBootstrapFuncs, func() BootstrapInterface {
+		return &bootstrap
+	})
+
+	s.patchVersionAndSeries(c, "raring")
+	coretesting.RunCommand(c, s.newBootstrapCommand(), "ctrl", "dummy")
+	c.Assert(bootstrap.args.CloudRegion, gc.Equals, "")
+	c.Assert(bootstrap.args.Cloud, jc.DeepEquals, cloud.Cloud{
+		Type:      "dummy",
+		AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+	})
 }
 
 func (s *BootstrapSuite) TestBootstrapProviderCaseInsensitiveRegionCheck(c *gc.C) {
 	s.patchVersionAndSeries(c, "raring")
 
-	var prepareParams environs.PrepareParams
-	s.PatchValue(&environsPrepare, func(
+	var prepareParams bootstrap.PrepareParams
+	s.PatchValue(&bootstrapPrepare, func(
 		ctx environs.BootstrapContext,
 		stor jujuclient.ClientStore,
-		params environs.PrepareParams,
+		params bootstrap.PrepareParams,
 	) (environs.Environ, error) {
 		prepareParams = params
 		return nil, fmt.Errorf("mock-prepare")
@@ -1025,6 +1096,91 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
+func (s *BootstrapSuite) TestBootstrapCloudConfigAndAdHoc(c *gc.C) {
+	s.patchVersionAndSeries(c, "raring")
+	_, err := coretesting.RunCommand(
+		c, s.newBootstrapCommand(), "ctrl", "dummy-cloud-with-config",
+		"--auto-upgrade",
+		// Configuration specified on the command line overrides
+		// anything specified in files, no matter what the order.
+		"--config", "controller=false",
+	)
+	c.Assert(err, gc.ErrorMatches, "failed to bootstrap model: dummy.Bootstrap is broken")
+}
+
+func (s *BootstrapSuite) TestBootstrapPrintClouds(c *gc.C) {
+	resetJujuXDGDataHome(c)
+	s.store.Credentials = map[string]cloud.CloudCredential{
+		"aws": {
+			DefaultRegion: "us-west-1",
+			AuthCredentials: map[string]cloud.Credential{
+				"fred": {},
+				"mary": {},
+			},
+		},
+		"dummy-cloud": {
+			DefaultRegion: "home",
+			AuthCredentials: map[string]cloud.Credential{
+				"joe": {},
+			},
+		},
+	}
+	defer func() {
+		s.store = jujuclienttesting.NewMemStore()
+	}()
+
+	ctx, err := coretesting.RunCommand(c, s.newBootstrapCommand(), "--clouds")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(coretesting.Stdout(ctx), jc.DeepEquals, `
+You can bootstrap on these clouds. See ‘--regions <cloud>’ for all regions.
+Cloud                           Credentials  Default Region
+aws                             fred         us-west-1
+                                mary         
+aws-china                                    
+aws-gov                                      
+azure                                        
+azure-china                                  
+cloudsigma                                   
+google                                       
+joyent                                       
+rackspace                                    
+localhost                                    
+dummy-cloud                     joe          home
+dummy-cloud-with-config                      
+dummy-cloud-without-regions                  
+many-credentials-no-auth-types               
+
+You will need to have a credential if you want to bootstrap on a cloud, see
+‘juju autoload-credentials’ and ‘juju add-credential’. The first credential
+listed is the default. Add more clouds with ‘juju add-cloud’.
+`[1:])
+}
+
+func (s *BootstrapSuite) TestBootstrapPrintCloudRegions(c *gc.C) {
+	resetJujuXDGDataHome(c)
+	ctx, err := coretesting.RunCommand(c, s.newBootstrapCommand(), "--regions", "aws")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(coretesting.Stdout(ctx), jc.DeepEquals, `
+Showing regions for aws:
+us-east-1
+us-west-1
+us-west-2
+eu-west-1
+eu-central-1
+ap-southeast-1
+ap-southeast-2
+ap-northeast-1
+ap-northeast-2
+sa-east-1
+`[1:])
+}
+
+func (s *BootstrapSuite) TestBootstrapPrintCloudRegionsNoSuchCloud(c *gc.C) {
+	resetJujuXDGDataHome(c)
+	_, err := coretesting.RunCommand(c, s.newBootstrapCommand(), "--regions", "foo")
+	c.Assert(err, gc.ErrorMatches, "cloud foo not found")
+}
+
 // createToolsSource writes the mock tools and metadata into a temporary
 // directory and returns it.
 func createToolsSource(c *gc.C, versions []version.Binary) string {
@@ -1053,6 +1209,13 @@
             region-2:
     dummy-cloud-without-regions:
         type: dummy
+    dummy-cloud-with-config:
+        type: dummy
+        config:
+            broken: Bootstrap
+            controller: not-a-bool
+    many-credentials-no-auth-types:
+        type: many-credentials
 `[1:]), 0644)
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -1109,7 +1272,8 @@
 // test scenarios. This could help improve some of the tests in this
 // file which execute large amounts of external functionality.
 type fakeBootstrapFuncs struct {
-	args bootstrap.BootstrapParams
+	args                bootstrap.BootstrapParams
+	cloudRegionDetector environs.CloudRegionDetector
 }
 
 func (fake *fakeBootstrapFuncs) Bootstrap(ctx environs.BootstrapContext, env environs.Environ, args bootstrap.BootstrapParams) error {
@@ -1117,6 +1281,16 @@
 	return nil
 }
 
+func (fake *fakeBootstrapFuncs) CloudRegionDetector(environs.EnvironProvider) (environs.CloudRegionDetector, bool) {
+	detector := fake.cloudRegionDetector
+	if detector == nil {
+		detector = cloudRegionDetectorFunc(func() ([]cloud.Region, error) {
+			return nil, errors.NotFoundf("regions")
+		})
+	}
+	return detector, true
+}
+
 type noCloudRegionDetectionProvider struct {
 	environs.EnvironProvider
 }
@@ -1129,6 +1303,10 @@
 	return nil, errors.NotFoundf("regions")
 }
 
+func (noCloudRegionsProvider) CredentialSchemas() map[cloud.AuthType]cloud.CredentialSchema {
+	return nil
+}
+
 type noCredentialsProvider struct {
 	environs.EnvironProvider
 }
@@ -1141,6 +1319,10 @@
 	return nil, errors.NotFoundf("credentials")
 }
 
+func (noCredentialsProvider) CredentialSchemas() map[cloud.AuthType]cloud.CredentialSchema {
+	return nil
+}
+
 type manyCredentialsProvider struct {
 	environs.EnvironProvider
 }
@@ -1152,7 +1334,18 @@
 func (manyCredentialsProvider) DetectCredentials() (*cloud.CloudCredential, error) {
 	return &cloud.CloudCredential{
 		AuthCredentials: map[string]cloud.Credential{
-			"one": {}, "two": {},
+			"one": cloud.NewCredential("one", nil),
+			"two": {},
 		},
 	}, nil
 }
+
+func (manyCredentialsProvider) CredentialSchemas() map[cloud.AuthType]cloud.CredentialSchema {
+	return map[cloud.AuthType]cloud.CredentialSchema{"one": {}, "two": {}}
+}
+
+type cloudRegionDetectorFunc func() ([]cloud.Region, error)
+
+func (c cloudRegionDetectorFunc) DetectRegions() ([]cloud.Region, error) {
+	return c()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/cmd_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/cmd_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/cmd_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/cmd_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,9 @@
 import (
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/testing"
+
 	cmdtesting "github.com/juju/juju/cmd/testing"
-	"github.com/juju/juju/juju/testing"
 	coretesting "github.com/juju/juju/testing"
 )
 
@@ -17,7 +18,7 @@
 }
 
 type CmdSuite struct {
-	testing.JujuConnSuite
+	testing.IsolationSuite
 }
 
 var _ = gc.Suite(&CmdSuite{})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debughooks.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debughooks.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debughooks.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debughooks.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,10 +10,10 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
-	"github.com/juju/juju/api/service"
+	"github.com/juju/juju/api/application"
 	"github.com/juju/juju/cmd/modelcmd"
 	unitdebug "github.com/juju/juju/worker/uniter/runner/debug"
 )
@@ -29,14 +29,17 @@
 }
 
 const debugHooksDoc = `
-Interactively debug a hook remotely on a service unit.
+Interactively debug a hook remotely on an application unit.
+
+See the "juju help ssh" for information about SSH related options
+accepted by the debug-hooks command.
 `
 
 func (c *debugHooksCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "debug-hooks",
 		Args:    "<unit name> [hook names]",
-		Purpose: "launch a tmux session to debug a hook",
+		Purpose: "Launch a tmux session to debug a hook.",
 		Doc:     debugHooksDoc,
 	}
 }
@@ -70,14 +73,14 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	return service.NewClient(root), nil
+	return application.NewClient(root), nil
 }
 
 func (c *debugHooksCommand) validateHooks() error {
 	if len(c.hooks) == 0 {
 		return nil
 	}
-	service, err := names.UnitService(c.Target)
+	service, err := names.UnitApplication(c.Target)
 	if err != nil {
 		return err
 	}
@@ -118,12 +121,11 @@
 // and connects to it via SSH to execute the debug-hooks
 // script.
 func (c *debugHooksCommand) Run(ctx *cmd.Context) error {
-	var err error
-	c.apiClient, err = c.initAPIClient()
+	err := c.initRun()
 	if err != nil {
 		return err
 	}
-	defer c.apiClient.Close()
+	defer c.cleanupRun()
 	err = c.validateHooks()
 	if err != nil {
 		return err
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debughooks_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debughooks_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debughooks_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debughooks_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,13 +4,11 @@
 package commands
 
 import (
-	"regexp"
 	"runtime"
 
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/cmd/modelcmd"
 	coretesting "github.com/juju/juju/testing"
 )
 
@@ -20,41 +18,48 @@
 	SSHCommonSuite
 }
 
-const debugHooksArgs = sshArgs
-const debugHooksArgsWithProxy = sshArgsWithProxy
-
 var debugHooksTests = []struct {
-	info   string
-	args   []string
-	error  string
-	proxy  bool
-	result string
+	info     string
+	args     []string
+	error    string
+	proxy    bool
+	expected *argsSpec
 }{{
-	args:   []string{"mysql/0"},
-	result: regexp.QuoteMeta(debugHooksArgsWithProxy + "ubuntu@admin-0.dns sudo /bin/bash -c 'F=$(mktemp); echo IyEvYmluL2Jhc2gKKAojIExvY2sgdGhlIGp1anUtPHVuaXQ+LWRlYnVnIGxvY2tmaWxlLgpmbG9jayAtbiA4IHx8IChlY2hvICJGYWlsZWQgdG8gYWNxdWlyZSAvdG1wL2p1anUtdW5pdC1teXNxbC0wLWRlYnVnLWhvb2tzOiB1bml0IGlzIGFscmVhZHkgYmVpbmcgZGVidWdnZWQiIDI+JjE7IGV4aXQgMSkKKAojIENsb3NlIHRoZSBpbmhlcml0ZWQgbG9jayBGRCwgb3IgdG11eCB3aWxsIGtlZXAgaXQgb3Blbi4KZXhlYyA4PiYtCgojIFdyaXRlIG91dCB0aGUgZGVidWctaG9va3MgYXJncy4KZWNobyAiZTMwSyIgfCBiYXNlNjQgLWQgPiAvdG1wL2p1anUtdW5pdC1teXNxbC0wLWRlYnVnLWhvb2tzCgojIExvY2sgdGhlIGp1anUtPHVuaXQ+LWRlYnVnLWV4aXQgbG9ja2ZpbGUuCmZsb2NrIC1uIDkgfHwgZXhpdCAxCgojIFdhaXQgZm9yIHRtdXggdG8gYmUgaW5zdGFsbGVkLgp3aGlsZSBbICEgLWYgL3Vzci9iaW4vdG11eCBdOyBkbwogICAgc2xlZXAgMQpkb25lCgppZiBbICEgLWYgfi8udG11eC5jb25mIF07IHRoZW4KICAgICAgICBpZiBbIC1mIC91c3Ivc2hhcmUvYnlvYnUvcHJvZmlsZXMvdG11eCBdOyB0aGVuCiAgICAgICAgICAgICAgICAjIFVzZSBieW9idS90bXV4IHByb2ZpbGUgZm9yIGZhbWlsaWFyIGtleWJpbmRpbmdzIGFuZCBicmFuZGluZwogICAgICAgICAgICAgICAgZWNobyAic291cmNlLWZpbGUgL3Vzci9zaGFyZS9ieW9idS9wcm9maWxlcy90bXV4IiA+IH4vLnRtdXguY29uZgogICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICMgT3RoZXJ3aXNlLCB1c2UgdGhlIGxlZ2FjeSBqdWp1L3RtdXggY29uZmlndXJhdGlvbgogICAgICAgICAgICAgICAgY2F0ID4gfi8udG11eC5jb25mIDw8RU5ECiAgICAgICAgICAgICAgICAKIyBTdGF0dXMgYmFyCnNldC1vcHRpb24gLWcgc3RhdHVzLWJnIGJsYWNrCnNldC1vcHRpb24gLWcgc3RhdHVzLWZnIHdoaXRlCgpzZXQtd2luZG93LW9wdGlvbiAtZyB3aW5kb3ctc3RhdHVzLWN1cnJlbnQtYmcgcmVkCnNldC13aW5kb3ctb3B0aW9uIC1nIHdpbmRvdy1zdGF0dXMtY3VycmVudC1hdHRyIGJyaWdodAoKc2V0LW9wdGlvbiAtZyBzdGF0dXMtcmlnaHQgJycKCiMgUGFuZXMKc2V0LW9wdGlvbiAtZyBwYW5lLWJvcmRlci1mZyB3aGl0ZQpzZXQtb3B0aW9uIC1nIHBhbmUtYWN0aXZlLWJvcmRlci1mZyB3aGl0ZQoKIyBNb25pdG9yIGFjdGl2aXR5IG9uIHdpbmRvd3MKc2V0LXdpbmRvdy1vcHRpb24gLWcgbW9uaXRvci1hY3Rpdml0eSBvbgoKIyBTY3JlZW4gYmluZGluZ3MsIHNpbmNlIHBlb3BsZSBhcmUgbW9yZSBmYW1pbGlhciB3aXRoIHRoYXQuCnNldC1vcHRpb24gLWcgcHJlZml4IEMtYQpiaW5kIEMtYSBsYXN0LXdpbmRvdwpiaW5kIGEgc2VuZC1rZXkgQy1hCgpiaW5kIHwgc3BsaXQtd2luZG93IC1oCmJpbmQgLSBzcGxpdC13aW5kb3cgLXYKCiMgRml4IENUUkwtUEdVUC9QR0RPV04gZm9yIHZpbQpzZXQtd2luZG93LW9wdGlvbiAtZyB4dGVybS1rZXlzIG9uCgojIFByZXZlbnQgRVNDIGtleSBmcm9tIGFkZGluZyBkZWxheSBhbmQgYnJlYWtpbmcgVmltJ3MgRVNDID4gYXJyb3cga2V5CnNldC1vcHRpb24gLXMgZXNjYXBlLXRpbWUgMAoKRU5ECiAgICAgICAgZmkKZmkKCigKICAgICMgQ2xvc2UgdGhlIGluaGVyaXRlZCBsb2NrIEZELCBvciB0bXV4IHdpbGwga2VlcCBpdCBvcGVuLgogICAgZXhlYyA5PiYtCiAgICBleGVjIHRtdXggbmV3LXNlc3Npb24gLXMgbXlzcWwvMAopCikgOT4vdG1wL2p1anUtdW5pdC1teXNxbC0wLWRlYnVnLWhvb2tzLWV4aXQKKSA4Pi90bXAvanVqdS11bml0LW15c3FsLTAtZGVidWctaG9va3MKZXhpdCAkPwo= | base64 -d > $F; . $F'\n"),
-}, {
-	args:   []string{"mongodb/1"},
-	result: regexp.QuoteMeta(debugHooksArgsWithProxy + "ubuntu@admin-2.dns sudo /bin/bash -c 'F=$(mktemp); echo IyEvYmluL2Jhc2gKKAojIExvY2sgdGhlIGp1anUtPHVuaXQ+LWRlYnVnIGxvY2tmaWxlLgpmbG9jayAtbiA4IHx8IChlY2hvICJGYWlsZWQgdG8gYWNxdWlyZSAvdG1wL2p1anUtdW5pdC1tb25nb2RiLTEtZGVidWctaG9va3M6IHVuaXQgaXMgYWxyZWFkeSBiZWluZyBkZWJ1Z2dlZCIgMj4mMTsgZXhpdCAxKQooCiMgQ2xvc2UgdGhlIGluaGVyaXRlZCBsb2NrIEZELCBvciB0bXV4IHdpbGwga2VlcCBpdCBvcGVuLgpleGVjIDg+Ji0KCiMgV3JpdGUgb3V0IHRoZSBkZWJ1Zy1ob29rcyBhcmdzLgplY2hvICJlMzBLIiB8IGJhc2U2NCAtZCA+IC90bXAvanVqdS11bml0LW1vbmdvZGItMS1kZWJ1Zy1ob29rcwoKIyBMb2NrIHRoZSBqdWp1LTx1bml0Pi1kZWJ1Zy1leGl0IGxvY2tmaWxlLgpmbG9jayAtbiA5IHx8IGV4aXQgMQoKIyBXYWl0IGZvciB0bXV4IHRvIGJlIGluc3RhbGxlZC4Kd2hpbGUgWyAhIC1mIC91c3IvYmluL3RtdXggXTsgZG8KICAgIHNsZWVwIDEKZG9uZQoKaWYgWyAhIC1mIH4vLnRtdXguY29uZiBdOyB0aGVuCiAgICAgICAgaWYgWyAtZiAvdXNyL3NoYXJlL2J5b2J1L3Byb2ZpbGVzL3RtdXggXTsgdGhlbgogICAgICAgICAgICAgICAgIyBVc2UgYnlvYnUvdG11eCBwcm9maWxlIGZvciBmYW1pbGlhciBrZXliaW5kaW5ncyBhbmQgYnJhbmRpbmcKICAgICAgICAgICAgICAgIGVjaG8gInNvdXJjZS1maWxlIC91c3Ivc2hhcmUvYnlvYnUvcHJvZmlsZXMvdG11eCIgPiB+Ly50bXV4LmNvbmYKICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAjIE90aGVyd2lzZSwgdXNlIHRoZSBsZWdhY3kganVqdS90bXV4IGNvbmZpZ3VyYXRpb24KICAgICAgICAgICAgICAgIGNhdCA+IH4vLnRtdXguY29uZiA8PEVORAogICAgICAgICAgICAgICAgCiMgU3RhdHVzIGJhcgpzZXQtb3B0aW9uIC1nIHN0YXR1cy1iZyBibGFjawpzZXQtb3B0aW9uIC1nIHN0YXR1cy1mZyB3aGl0ZQoKc2V0LXdpbmRvdy1vcHRpb24gLWcgd2luZG93LXN0YXR1cy1jdXJyZW50LWJnIHJlZApzZXQtd2luZG93LW9wdGlvbiAtZyB3aW5kb3ctc3RhdHVzLWN1cnJlbnQtYXR0ciBicmlnaHQKCnNldC1vcHRpb24gLWcgc3RhdHVzLXJpZ2h0ICcnCgojIFBhbmVzCnNldC1vcHRpb24gLWcgcGFuZS1ib3JkZXItZmcgd2hpdGUKc2V0LW9wdGlvbiAtZyBwYW5lLWFjdGl2ZS1ib3JkZXItZmcgd2hpdGUKCiMgTW9uaXRvciBhY3Rpdml0eSBvbiB3aW5kb3dzCnNldC13aW5kb3ctb3B0aW9uIC1nIG1vbml0b3ItYWN0aXZpdHkgb24KCiMgU2NyZWVuIGJpbmRpbmdzLCBzaW5jZSBwZW9wbGUgYXJlIG1vcmUgZmFtaWxpYXIgd2l0aCB0aGF0LgpzZXQtb3B0aW9uIC1nIHByZWZpeCBDLWEKYmluZCBDLWEgbGFzdC13aW5kb3cKYmluZCBhIHNlbmQta2V5IEMtYQoKYmluZCB8IHNwbGl0LXdpbmRvdyAtaApiaW5kIC0gc3BsaXQtd2luZG93IC12CgojIEZpeCBDVFJMLVBHVVAvUEdET1dOIGZvciB2aW0Kc2V0LXdpbmRvdy1vcHRpb24gLWcgeHRlcm0ta2V5cyBvbgoKIyBQcmV2ZW50IEVTQyBrZXkgZnJvbSBhZGRpbmcgZGVsYXkgYW5kIGJyZWFraW5nIFZpbSdzIEVTQyA+IGFycm93IGtleQpzZXQtb3B0aW9uIC1zIGVzY2FwZS10aW1lIDAKCkVORAogICAgICAgIGZpCmZpCgooCiAgICAjIENsb3NlIHRoZSBpbmhlcml0ZWQgbG9jayBGRCwgb3IgdG11eCB3aWxsIGtlZXAgaXQgb3Blbi4KICAgIGV4ZWMgOT4mLQogICAgZXhlYyB0bXV4IG5ldy1zZXNzaW9uIC1zIG1vbmdvZGIvMQopCikgOT4vdG1wL2p1anUtdW5pdC1tb25nb2RiLTEtZGVidWctaG9va3MtZXhpdAopIDg+L3RtcC9qdWp1LXVuaXQtbW9uZ29kYi0xLWRlYnVnLWhvb2tzCmV4aXQgJD8K | base64 -d > $F; . $F'\n"),
-}, {
-	args:   []string{"mysql/0"},
-	proxy:  true,
-	result: regexp.QuoteMeta(debugHooksArgs + "ubuntu@admin-0.internal sudo /bin/bash -c 'F=$(mktemp); echo IyEvYmluL2Jhc2gKKAojIExvY2sgdGhlIGp1anUtPHVuaXQ+LWRlYnVnIGxvY2tmaWxlLgpmbG9jayAtbiA4IHx8IChlY2hvICJGYWlsZWQgdG8gYWNxdWlyZSAvdG1wL2p1anUtdW5pdC1teXNxbC0wLWRlYnVnLWhvb2tzOiB1bml0IGlzIGFscmVhZHkgYmVpbmcgZGVidWdnZWQiIDI+JjE7IGV4aXQgMSkKKAojIENsb3NlIHRoZSBpbmhlcml0ZWQgbG9jayBGRCwgb3IgdG11eCB3aWxsIGtlZXAgaXQgb3Blbi4KZXhlYyA4PiYtCgojIFdyaXRlIG91dCB0aGUgZGVidWctaG9va3MgYXJncy4KZWNobyAiZTMwSyIgfCBiYXNlNjQgLWQgPiAvdG1wL2p1anUtdW5pdC1teXNxbC0wLWRlYnVnLWhvb2tzCgojIExvY2sgdGhlIGp1anUtPHVuaXQ+LWRlYnVnLWV4aXQgbG9ja2ZpbGUuCmZsb2NrIC1uIDkgfHwgZXhpdCAxCgojIFdhaXQgZm9yIHRtdXggdG8gYmUgaW5zdGFsbGVkLgp3aGlsZSBbICEgLWYgL3Vzci9iaW4vdG11eCBdOyBkbwogICAgc2xlZXAgMQpkb25lCgppZiBbICEgLWYgfi8udG11eC5jb25mIF07IHRoZW4KICAgICAgICBpZiBbIC1mIC91c3Ivc2hhcmUvYnlvYnUvcHJvZmlsZXMvdG11eCBdOyB0aGVuCiAgICAgICAgICAgICAgICAjIFVzZSBieW9idS90bXV4IHByb2ZpbGUgZm9yIGZhbWlsaWFyIGtleWJpbmRpbmdzIGFuZCBicmFuZGluZwogICAgICAgICAgICAgICAgZWNobyAic291cmNlLWZpbGUgL3Vzci9zaGFyZS9ieW9idS9wcm9maWxlcy90bXV4IiA+IH4vLnRtdXguY29uZgogICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICMgT3RoZXJ3aXNlLCB1c2UgdGhlIGxlZ2FjeSBqdWp1L3RtdXggY29uZmlndXJhdGlvbgogICAgICAgICAgICAgICAgY2F0ID4gfi8udG11eC5jb25mIDw8RU5ECiAgICAgICAgICAgICAgICAKIyBTdGF0dXMgYmFyCnNldC1vcHRpb24gLWcgc3RhdHVzLWJnIGJsYWNrCnNldC1vcHRpb24gLWcgc3RhdHVzLWZnIHdoaXRlCgpzZXQtd2luZG93LW9wdGlvbiAtZyB3aW5kb3ctc3RhdHVzLWN1cnJlbnQtYmcgcmVkCnNldC13aW5kb3ctb3B0aW9uIC1nIHdpbmRvdy1zdGF0dXMtY3VycmVudC1hdHRyIGJyaWdodAoKc2V0LW9wdGlvbiAtZyBzdGF0dXMtcmlnaHQgJycKCiMgUGFuZXMKc2V0LW9wdGlvbiAtZyBwYW5lLWJvcmRlci1mZyB3aGl0ZQpzZXQtb3B0aW9uIC1nIHBhbmUtYWN0aXZlLWJvcmRlci1mZyB3aGl0ZQoKIyBNb25pdG9yIGFjdGl2aXR5IG9uIHdpbmRvd3MKc2V0LXdpbmRvdy1vcHRpb24gLWcgbW9uaXRvci1hY3Rpdml0eSBvbgoKIyBTY3JlZW4gYmluZGluZ3MsIHNpbmNlIHBlb3BsZSBhcmUgbW9yZSBmYW1pbGlhciB3aXRoIHRoYXQuCnNldC1vcHRpb24gLWcgcHJlZml4IEMtYQpiaW5kIEMtYSBsYXN0LXdpbmRvdwpiaW5kIGEgc2VuZC1rZXkgQy1hCgpiaW5kIHwgc3BsaXQtd2luZG93IC1oCmJpbmQgLSBzcGxpdC13aW5kb3cgLXYKCiMgRml4IENUUkwtUEdVUC9QR0RPV04gZm9yIHZpbQpzZXQtd2luZG93LW9wdGlvbiAtZyB4dGVybS1rZXlzIG9uCgojIFByZXZlbnQgRVNDIGtleSBmcm9tIGFkZGluZyBkZWxheSBhbmQgYnJlYWtpbmcgVmltJ3MgRVNDID4gYXJyb3cga2V5CnNldC1vcHRpb24gLXMgZXNjYXBlLXRpbWUgMAoKRU5ECiAgICAgICAgZmkKZmkKCigKICAgICMgQ2xvc2UgdGhlIGluaGVyaXRlZCBsb2NrIEZELCBvciB0bXV4IHdpbGwga2VlcCBpdCBvcGVuLgogICAgZXhlYyA5PiYtCiAgICBleGVjIHRtdXggbmV3LXNlc3Npb24gLXMgbXlzcWwvMAopCikgOT4vdG1wL2p1anUtdW5pdC1teXNxbC0wLWRlYnVnLWhvb2tzLWV4aXQKKSA4Pi90bXAvanVqdS11bml0LW15c3FsLTAtZGVidWctaG9va3MKZXhpdCAkPwo= | base64 -d > $F; . $F'\n"),
-}, {
-	info:   `"*" is a valid hook name: it means hook everything`,
-	args:   []string{"mysql/0", "*"},
-	result: ".*\n",
-}, {
-	info:   `"*" mixed with named hooks is equivalent to "*"`,
-	args:   []string{"mysql/0", "*", "relation-get"},
-	result: ".*\n",
-}, {
-	info:   `multiple named hooks may be specified`,
-	args:   []string{"mysql/0", "start", "stop"},
-	result: ".*\n",
-}, {
-	info:   `relation hooks have the relation name prefixed`,
-	args:   []string{"mysql/0", "juju-info-relation-joined"},
-	result: ".*\n",
+	info:  "unit name without hook",
+	args:  []string{"mysql/0"},
+	proxy: true,
+	expected: &argsSpec{
+		hostKeyChecking: "yes",
+		knownHosts:      "0",
+		enablePty:       true,
+		args:            "ubuntu@0.public sudo /bin/bash -c 'F=$(mktemp); echo IyEvYmluL2Jhc2gKKApjbGVhbnVwX29uX2V4aXQoKSAKeyAKCWVjaG8gIkNsZWFuaW5nIHVwIHRoZSBkZWJ1ZyBzZXNzaW9uIgoJdG11eCBraWxsLXNlc3Npb24gLXQgbXlzcWwvMDsgCn0KdHJhcCBjbGVhbnVwX29uX2V4aXQgRVhJVAoKIyBMb2NrIHRoZSBqdWp1LTx1bml0Pi1kZWJ1ZyBsb2NrZmlsZS4KZmxvY2sgLW4gOCB8fCAoCgllY2hvICJGb3VuZCBleGlzdGluZyBkZWJ1ZyBzZXNzaW9ucywgYXR0ZW1wdGluZyB0byByZWNvbm5lY3QiIDI+JjEKCWV4ZWMgdG11eCBhdHRhY2gtc2Vzc2lvbiAtdCBteXNxbC8wCglleGl0ICQ/CgkpCigKIyBDbG9zZSB0aGUgaW5oZXJpdGVkIGxvY2sgRkQsIG9yIHRtdXggd2lsbCBrZWVwIGl0IG9wZW4uCmV4ZWMgOD4mLQoKIyBXcml0ZSBvdXQgdGhlIGRlYnVnLWhvb2tzIGFyZ3MuCmVjaG8gImUzMEsiIHwgYmFzZTY0IC1kID4gL3RtcC9qdWp1LXVuaXQtbXlzcWwtMC1kZWJ1Zy1ob29rcwoKIyBMb2NrIHRoZSBqdWp1LTx1bml0Pi1kZWJ1Zy1leGl0IGxvY2tmaWxlLgpmbG9jayAtbiA5IHx8IGV4aXQgMQoKIyBXYWl0IGZvciB0bXV4IHRvIGJlIGluc3RhbGxlZC4Kd2hpbGUgWyAhIC1mIC91c3IvYmluL3RtdXggXTsgZG8KICAgIHNsZWVwIDEKZG9uZQoKaWYgWyAhIC1mIH4vLnRtdXguY29uZiBdOyB0aGVuCiAgICAgICAgaWYgWyAtZiAvdXNyL3NoYXJlL2J5b2J1L3Byb2ZpbGVzL3RtdXggXTsgdGhlbgogICAgICAgICAgICAgICAgIyBVc2UgYnlvYnUvdG11eCBwcm9maWxlIGZvciBmYW1pbGlhciBrZXliaW5kaW5ncyBhbmQgYnJhbmRpbmcKICAgICAgICAgICAgICAgIGVjaG8gInNvdXJjZS1maWxlIC91c3Ivc2hhcmUvYnlvYnUvcHJvZmlsZXMvdG11eCIgPiB+Ly50bXV4LmNvbmYKICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAjIE90aGVyd2lzZSwgdXNlIHRoZSBsZWdhY3kganVqdS90bXV4IGNvbmZpZ3VyYXRpb24KICAgICAgICAgICAgICAgIGNhdCA+IH4vLnRtdXguY29uZiA8PEVORAogICAgICAgICAgICAgICAgCiMgU3RhdHVzIGJhcgpzZXQtb3B0aW9uIC1nIHN0YXR1cy1iZyBibGFjawpzZXQtb3B0aW9uIC1nIHN0YXR1cy1mZyB3aGl0ZQoKc2V0LXdpbmRvdy1vcHRpb24gLWcgd2luZG93LXN0YXR1cy1jdXJyZW50LWJnIHJlZApzZXQtd2luZG93LW9wdGlvbiAtZyB3aW5kb3ctc3RhdHVzLWN1cnJlbnQtYXR0ciBicmlnaHQKCnNldC1vcHRpb24gLWcgc3RhdHVzLXJpZ2h0ICcnCgojIFBhbmVzCnNldC1vcHRpb24gLWcgcGFuZS1ib3JkZXItZmcgd2hpdGUKc2V0LW9wdGlvbiAtZyBwYW5lLWFjdGl2ZS1ib3JkZXItZmcgd2hpdGUKCiMgTW9uaXRvciBhY3Rpdml0eSBvbiB3aW5kb3dzCnNldC13aW5kb3ctb3B0aW9uIC1nIG1vbml0b3ItYWN0aXZpdHkgb24KCiMgU2NyZWVuIGJpbmRpbmdzLCBzaW5jZSBwZW9wbGUgYXJlIG1vcmUgZmFtaWxpYXIgd2l0aCB0aGF0LgpzZXQtb3B0aW9uIC1nIHByZWZpeCBDLWEKYmluZCBDLWEgbGFzdC13aW5kb3cKYmluZCBhIHNlbmQta2V5IEMtYQoKYmluZCB8IHNwbGl0LXdpbmRvdyAtaApiaW5kIC0gc3BsaXQtd2luZG93IC12CgojIEZpeCBDVFJMLVBHVVAvUEdET1dOIGZvciB2aW0Kc2V0LXdpbmRvdy1vcHRpb24gLWcgeHRlcm0ta2V5cyBvbgoKIyBQcmV2ZW50IEVTQyBrZXkgZnJvbSBhZGRpbmcgZGVsYXkgYW5kIGJyZWFraW5nIFZpbSdzIEVTQyA+IGFycm93IGtleQpzZXQtb3B0aW9uIC1zIGVzY2FwZS10aW1lIDAKCkVORAogICAgICAgIGZpCmZpCgooCiAgICAjIENsb3NlIHRoZSBpbmhlcml0ZWQgbG9jayBGRCwgb3IgdG11eCB3aWxsIGtlZXAgaXQgb3Blbi4KICAgIGV4ZWMgOT4mLQogICAgaWYgISB0bXV4IGhhcy1zZXNzaW9uIC10IG15c3FsLzA7IHRoZW4KCQl0bXV4IG5ldy1zZXNzaW9uIC1kIC1zIG15c3FsLzAKCWZpCgljbGllbnRfY291bnQ9JCh0bXV4IGxpc3QtY2xpZW50cyB8IHdjIC1sKQoJaWYgWyAkY2xpZW50X2NvdW50IC1nZSAxIF07IHRoZW4KCQlzZXNzaW9uX25hbWU9bXlzcWwvMCItIiRjbGllbnRfY250CgkJZXhlYyB0bXV4IG5ldy1zZXNzaW9uIC1kIC10IG15c3FsLzAgLXMgJHNlc3Npb25fbmFtZQoJCWV4ZWMgdG11eCBhdHRhY2gtc2Vzc2lvbiAtdCAkc2Vzc2lvbl9uYW1lIFw7IHNldC1vcHRpb24gZGVzdHJveS11bmF0dGFjaGVkCgllbHNlCgkgICAgZXhlYyB0bXV4IGF0dGFjaC1zZXNzaW9uIC10IG15c3FsLzAKCWZpCikKKSA5Pi90bXAvanVqdS11bml0LW15c3FsLTAtZGVidWctaG9va3MtZXhpdAopIDg+L3RtcC9qdWp1LXVuaXQtbXlzcWwtMC1kZWJ1Zy1ob29rcwpleGl0ICQ/Cg== | base64 -d > $F; . $F'",
+	},
+}, {
+	info: "proxy",
+	args: []string{"--proxy=true", "mysql/0"},
+	expected: &argsSpec{
+		hostKeyChecking: "yes",
+		knownHosts:      "0",
+		enablePty:       true,
+		withProxy:       true,
+		args:            "ubuntu@0.private sudo /bin/bash -c 'F=$(mktemp); echo IyEvYmluL2Jhc2gKKApjbGVhbnVwX29uX2V4aXQoKSAKeyAKCWVjaG8gIkNsZWFuaW5nIHVwIHRoZSBkZWJ1ZyBzZXNzaW9uIgoJdG11eCBraWxsLXNlc3Npb24gLXQgbXlzcWwvMDsgCn0KdHJhcCBjbGVhbnVwX29uX2V4aXQgRVhJVAoKIyBMb2NrIHRoZSBqdWp1LTx1bml0Pi1kZWJ1ZyBsb2NrZmlsZS4KZmxvY2sgLW4gOCB8fCAoCgllY2hvICJGb3VuZCBleGlzdGluZyBkZWJ1ZyBzZXNzaW9ucywgYXR0ZW1wdGluZyB0byByZWNvbm5lY3QiIDI+JjEKCWV4ZWMgdG11eCBhdHRhY2gtc2Vzc2lvbiAtdCBteXNxbC8wCglleGl0ICQ/CgkpCigKIyBDbG9zZSB0aGUgaW5oZXJpdGVkIGxvY2sgRkQsIG9yIHRtdXggd2lsbCBrZWVwIGl0IG9wZW4uCmV4ZWMgOD4mLQoKIyBXcml0ZSBvdXQgdGhlIGRlYnVnLWhvb2tzIGFyZ3MuCmVjaG8gImUzMEsiIHwgYmFzZTY0IC1kID4gL3RtcC9qdWp1LXVuaXQtbXlzcWwtMC1kZWJ1Zy1ob29rcwoKIyBMb2NrIHRoZSBqdWp1LTx1bml0Pi1kZWJ1Zy1leGl0IGxvY2tmaWxlLgpmbG9jayAtbiA5IHx8IGV4aXQgMQoKIyBXYWl0IGZvciB0bXV4IHRvIGJlIGluc3RhbGxlZC4Kd2hpbGUgWyAhIC1mIC91c3IvYmluL3RtdXggXTsgZG8KICAgIHNsZWVwIDEKZG9uZQoKaWYgWyAhIC1mIH4vLnRtdXguY29uZiBdOyB0aGVuCiAgICAgICAgaWYgWyAtZiAvdXNyL3NoYXJlL2J5b2J1L3Byb2ZpbGVzL3RtdXggXTsgdGhlbgogICAgICAgICAgICAgICAgIyBVc2UgYnlvYnUvdG11eCBwcm9maWxlIGZvciBmYW1pbGlhciBrZXliaW5kaW5ncyBhbmQgYnJhbmRpbmcKICAgICAgICAgICAgICAgIGVjaG8gInNvdXJjZS1maWxlIC91c3Ivc2hhcmUvYnlvYnUvcHJvZmlsZXMvdG11eCIgPiB+Ly50bXV4LmNvbmYKICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAjIE90aGVyd2lzZSwgdXNlIHRoZSBsZWdhY3kganVqdS90bXV4IGNvbmZpZ3VyYXRpb24KICAgICAgICAgICAgICAgIGNhdCA+IH4vLnRtdXguY29uZiA8PEVORAogICAgICAgICAgICAgICAgCiMgU3RhdHVzIGJhcgpzZXQtb3B0aW9uIC1nIHN0YXR1cy1iZyBibGFjawpzZXQtb3B0aW9uIC1nIHN0YXR1cy1mZyB3aGl0ZQoKc2V0LXdpbmRvdy1vcHRpb24gLWcgd2luZG93LXN0YXR1cy1jdXJyZW50LWJnIHJlZApzZXQtd2luZG93LW9wdGlvbiAtZyB3aW5kb3ctc3RhdHVzLWN1cnJlbnQtYXR0ciBicmlnaHQKCnNldC1vcHRpb24gLWcgc3RhdHVzLXJpZ2h0ICcnCgojIFBhbmVzCnNldC1vcHRpb24gLWcgcGFuZS1ib3JkZXItZmcgd2hpdGUKc2V0LW9wdGlvbiAtZyBwYW5lLWFjdGl2ZS1ib3JkZXItZmcgd2hpdGUKCiMgTW9uaXRvciBhY3Rpdml0eSBvbiB3aW5kb3dzCnNldC13aW5kb3ctb3B0aW9uIC1nIG1vbml0b3ItYWN0aXZpdHkgb24KCiMgU2NyZWVuIGJpbmRpbmdzLCBzaW5jZSBwZW9wbGUgYXJlIG1vcmUgZmFtaWxpYXIgd2l0aCB0aGF0LgpzZXQtb3B0aW9uIC1nIHByZWZpeCBDLWEKYmluZCBDLWEgbGFzdC13aW5kb3cKYmluZCBhIHNlbmQta2V5IEMtYQoKYmluZCB8IHNwbGl0LXdpbmRvdyAtaApiaW5kIC0gc3BsaXQtd2luZG93IC12CgojIEZpeCBDVFJMLVBHVVAvUEdET1dOIGZvciB2aW0Kc2V0LXdpbmRvdy1vcHRpb24gLWcgeHRlcm0ta2V5cyBvbgoKIyBQcmV2ZW50IEVTQyBrZXkgZnJvbSBhZGRpbmcgZGVsYXkgYW5kIGJyZWFraW5nIFZpbSdzIEVTQyA+IGFycm93IGtleQpzZXQtb3B0aW9uIC1zIGVzY2FwZS10aW1lIDAKCkVORAogICAgICAgIGZpCmZpCgooCiAgICAjIENsb3NlIHRoZSBpbmhlcml0ZWQgbG9jayBGRCwgb3IgdG11eCB3aWxsIGtlZXAgaXQgb3Blbi4KICAgIGV4ZWMgOT4mLQogICAgaWYgISB0bXV4IGhhcy1zZXNzaW9uIC10IG15c3FsLzA7IHRoZW4KCQl0bXV4IG5ldy1zZXNzaW9uIC1kIC1zIG15c3FsLzAKCWZpCgljbGllbnRfY291bnQ9JCh0bXV4IGxpc3QtY2xpZW50cyB8IHdjIC1sKQoJaWYgWyAkY2xpZW50X2NvdW50IC1nZSAxIF07IHRoZW4KCQlzZXNzaW9uX25hbWU9bXlzcWwvMCItIiRjbGllbnRfY250CgkJZXhlYyB0bXV4IG5ldy1zZXNzaW9uIC1kIC10IG15c3FsLzAgLXMgJHNlc3Npb25fbmFtZQoJCWV4ZWMgdG11eCBhdHRhY2gtc2Vzc2lvbiAtdCAkc2Vzc2lvbl9uYW1lIFw7IHNldC1vcHRpb24gZGVzdHJveS11bmF0dGFjaGVkCgllbHNlCgkgICAgZXhlYyB0bXV4IGF0dGFjaC1zZXNzaW9uIC10IG15c3FsLzAKCWZpCikKKSA5Pi90bXAvanVqdS11bml0LW15c3FsLTAtZGVidWctaG9va3MtZXhpdAopIDg+L3RtcC9qdWp1LXVuaXQtbXlzcWwtMC1kZWJ1Zy1ob29rcwpleGl0ICQ/Cg== | base64 -d > $F; . $F'",
+	},
+}, {
+	info:     `"*" is a valid hook name: it means hook everything`,
+	args:     []string{"mysql/0", "*"},
+	expected: nil,
+}, {
+	info:     `"*" mixed with named hooks is equivalent to "*"`,
+	args:     []string{"mysql/0", "*", "relation-get"},
+	expected: nil,
+}, {
+	info:     `multiple named hooks may be specified`,
+	args:     []string{"mysql/0", "start", "stop"},
+	expected: nil,
+}, {
+	info:     `relation hooks have the relation name prefixed`,
+	args:     []string{"mysql/0", "juju-info-relation-joined"},
+	expected: nil,
 }, {
 	info:  `invalid unit syntax`,
 	args:  []string{"mysql"},
@@ -62,7 +67,7 @@
 }, {
 	info:  `invalid unit`,
 	args:  []string{"nonexistent/123"},
-	error: `unit "nonexistent/123" not found \(not found\)`,
+	error: `unit "nonexistent/123" not found`,
 }, {
 	info:  `invalid hook`,
 	args:  []string{"mysql/0", "invalid-hook"},
@@ -74,29 +79,20 @@
 	if runtime.GOOS == "windows" {
 		c.Skip("bug 1403084: Skipping on windows for now")
 	}
-	machines := s.makeMachines(3, c, true)
-	dummy := s.AddTestingCharm(c, "dummy")
-	srv := s.AddTestingService(c, "mysql", dummy)
-	s.addUnit(srv, machines[0], c)
-
-	srv = s.AddTestingService(c, "mongodb", dummy)
-	s.addUnit(srv, machines[1], c)
-	s.addUnit(srv, machines[2], c)
+
+	s.setupModel(c)
 
 	for i, t := range debugHooksTests {
 		c.Logf("test %d: %s\n\t%s\n", i, t.info, t.args)
-		ctx := coretesting.Context(c)
 
-		debugHooksCmd := &debugHooksCommand{}
-		debugHooksCmd.proxy = true
-		err := modelcmd.Wrap(debugHooksCmd).Init(t.args)
-		if err == nil {
-			err = modelcmd.Wrap(debugHooksCmd).Run(ctx)
-		}
+		ctx, err := coretesting.RunCommand(c, newDebugHooksCommand(), t.args...)
 		if t.error != "" {
 			c.Check(err, gc.ErrorMatches, t.error)
 		} else {
 			c.Check(err, jc.ErrorIsNil)
+			if t.expected != nil {
+				t.expected.check(c, coretesting.Stdout(ctx))
+			}
 		}
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debuglog.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debuglog.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debuglog.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debuglog.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,26 +23,38 @@
 Displays log messages for a model.`[1:]
 
 var usageDebugLogDetails = `
-This command accesses all logged Juju activity on a per-model basis. By
-default, the model is the current model.
-A log line is written in this format:
-<entity> <timestamp> <log-level> <module>:<line-no> <message>
-The "entity" is the source of the message: a machine or unit. Both are
-obtained in the output to `[1:] + "`juju status`" + `.
+
+This command provides access to all logged Juju activity on a per-model
+basis. By default, the logs for the currently select model are shown.
+
+Each log line is emitted in this format:
+
+  <entity> <timestamp> <log-level> <module>:<line-no> <message>
+
+The "entity" is the source of the message: a machine or unit. The names for
+machines and units can be seen in the output of `[1:] + "`juju status`" + `.
+
 The '--include' and '--exclude' options filter by entity. A unit entity is
-identified by prefixing 'unit-' to its corresponding unit name and
-replacing the slash with a dash. A machine entity is identified by
-prefixing 'machine-' to its corresponding machine id.
+identified by prefixing 'unit-' to its corresponding unit name and replacing
+the slash with a dash. A machine entity is identified by prefixing 'machine-'
+to its corresponding machine id.
+
 The '--include-module' and '--exclude-module' options filter by (dotted)
-logging module name, which can be truncated.
-A combination of machine and unit filtering uses a logical OR whereas a
-combination of module and machine/unit filtering uses a logical AND.
-Log levels are cumulative; each lower level (more verbose) contains the
-preceding higher level (less verbose).
+logging module name. The module name can be truncated such that all loggers
+with the prefix will match.
+
+The filtering options combine as follows:
+* All --include options are logically ORed together.
+* All --exclude options are logically ORed together.
+* All --include-module options are logically ORed together.
+* All --exclude-module options are logically ORed together.
+* The combined --include, --exclude, --include-module and --exclude-module
+  selections are logically ANDed to form the complete filter.
 
 Examples:
-Exclude all machine 0 messages; show a maximum of 100 lines; and continue
-to append filtered messages:
+
+Exclude all machine 0 messages; show a maximum of 100 lines; and continue to
+append filtered messages:
 
     juju debug-log --exclude machine-0 --lines 100
 
@@ -55,18 +67,30 @@
 
     juju debug-log -T --replay --include unit-apache2-3 --include machine-1
 
-Include all juju.worker.uniter logging module messages that are also unit
-wordpress/0 messages and continue to append filtered messages:
-
-    juju debug-log --replay --include-module juju.worker.uniter --include \
-        unit-wordpress-0
+Show all juju.worker.uniter logging module messages that are also unit
+wordpress/0 messages, and then show any new log messages which match the
+filter:
+
+    juju debug-log --replay 
+        --include-module juju.worker.uniter \
+        --include unit-wordpress-0
+
+Show all messages from the juju.worker.uniter module, except those sent from
+machine-3 or machine-4, and then stop:
+
+    juju debug-log --replay --no-tail
+        --include-module juju.worker.uniter \
+        --exclude machine-3 \
+        --exclude machine-4 
 
-To see all WARNING and ERROR messages:
+To see all WARNING and ERROR messages and then continue showing any
+new WARNING and ERROR messages as they are logged:
 
     juju debug-log --replay --level WARNING
 
 See also: 
-    status`
+    status
+    ssh`
 
 func (c *debugLogCommand) Info() *cmd.Info {
 	return &cmd.Info{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debuglog_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debuglog_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/debuglog_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/debuglog_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -111,7 +111,7 @@
 		return fake, nil
 	})
 	_, err := testing.RunCommand(c, newDebugLogCommand(),
-		"-i", "machine-1*", "-x", "machine-1-lxc-1",
+		"-i", "machine-1*", "-x", "machine-1-lxd-1",
 		"--include-module=juju.provisioner",
 		"--lines=500",
 		"--level=WARNING",
@@ -121,7 +121,7 @@
 	c.Assert(fake.params, gc.DeepEquals, api.DebugLogParams{
 		IncludeEntity: []string{"machine-1*"},
 		IncludeModule: []string{"juju.provisioner"},
-		ExcludeEntity: []string{"machine-1-lxc-1"},
+		ExcludeEntity: []string{"machine-1-lxd-1"},
 		Backlog:       500,
 		Level:         loggo.WARNING,
 		NoTail:        true,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/enableha.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/enableha.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/enableha.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/enableha.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/highavailability"
@@ -22,14 +22,26 @@
 )
 
 func newEnableHACommand() cmd.Command {
-	return modelcmd.Wrap(&enableHACommand{})
+	haCommand := &enableHACommand{}
+	haCommand.newHAClientFunc = func() (MakeHAClient, error) {
+		root, err := haCommand.NewAPIRoot()
+		if err != nil {
+			return nil, errors.Annotate(err, "cannot get API connection")
+		}
+
+		// NewClient does not return an error, so we'll return nil
+		return highavailability.NewClient(root), nil
+	}
+	return modelcmd.Wrap(haCommand)
 }
 
 // enableHACommand makes the controller highly available.
 type enableHACommand struct {
 	modelcmd.ModelCommandBase
-	out      cmd.Output
-	haClient MakeHAClient
+	out cmd.Output
+
+	// newHAClientFunc returns HA Client to be used by the command.
+	newHAClientFunc func() (MakeHAClient, error)
 
 	// NumControllers specifies the number of controllers to make available.
 	NumControllers int
@@ -49,29 +61,32 @@
 }
 
 const enableHADoc = `
-To ensure availability of deployed services, the Juju infrastructure
+To ensure availability of deployed applications, the Juju infrastructure
 must itself be highly available.  enable-ha must be called
 to ensure that the specified number of controllers are made available.
 
 An odd number of controllers is required.
 
 Examples:
- juju enable-ha
-     Ensure that the controller is still in highly available mode. If
-     there is only 1 controller running, this will ensure there
-     are 3 running. If you have previously requested more than 3,
-     then that number will be ensured.
- juju enable-ha -n 5 --series=trusty
-     Ensure that 5 controllers are available, with newly created
-     controller machines having the "trusty" series.
- juju enable-ha -n 7 --constraints mem=8G
-     Ensure that 7 controllers are available, with newly created
-     controller machines having the default series, and at least
-     8GB RAM.
- juju enable-ha -n 7 --to server1,server2 --constraints mem=8G
-     Ensure that 7 controllers are available, with machines server1 and
-     server2 used first, and if necessary, newly created controller
-     machines having the default series, and at least 8GB RAM.
+    # Ensure that the controller is still in highly available mode. If
+    # there is only 1 controller running, this will ensure there
+    # are 3 running. If you have previously requested more than 3,
+    # then that number will be ensured.
+    juju enable-ha
+
+    # Ensure that 5 controllers are available, with newly created
+    # controller machines having the "trusty" series.
+    juju enable-ha -n 5 --series=trusty
+
+    # Ensure that 7 controllers are available, with newly created
+    # controller machines having the default series, and at least
+    # 8GB RAM.
+    juju enable-ha -n 7 --constraints mem=8G
+
+    # Ensure that 7 controllers are available, with machines server1 and
+    # server2 used first, and if necessary, newly created controller
+    # machines having the default series, and at least 8GB RAM.
+    juju enable-ha -n 7 --to server1,server2 --constraints mem=8G
 `
 
 // formatSimple marshals value to a yaml-formatted []byte, unless value is nil.
@@ -127,16 +142,16 @@
 func (c *enableHACommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "enable-ha",
-		Purpose: "ensure that sufficient controllers exist to provide redundancy",
+		Purpose: "Ensure that sufficient controllers exist to provide redundancy.",
 		Doc:     enableHADoc,
 	}
 }
 
 func (c *enableHACommand) SetFlags(f *gnuflag.FlagSet) {
-	f.IntVar(&c.NumControllers, "n", 0, "number of controllers to make available")
-	f.StringVar(&c.Series, "series", "", "the charm series")
-	f.StringVar(&c.PlacementSpec, "to", "", "the machine(s) to become controllers, bypasses constraints")
-	f.Var(constraints.ConstraintsValue{&c.Constraints}, "constraints", "additional machine constraints")
+	f.IntVar(&c.NumControllers, "n", 0, "Number of controllers to make available")
+	f.StringVar(&c.Series, "series", "", "The charm series")
+	f.StringVar(&c.PlacementSpec, "to", "", "The machine(s) to become controllers, bypasses constraints")
+	f.Var(constraints.ConstraintsValue{&c.Constraints}, "constraints", "Additional machine constraints")
 	c.out.AddFlags(f, "simple", map[string]cmd.Formatter{
 		"yaml":   cmd.FormatYaml,
 		"json":   cmd.FormatJson,
@@ -190,24 +205,10 @@
 		placement []string) (params.ControllersChanges, error)
 }
 
-func (c *enableHACommand) getHAClient() (MakeHAClient, error) {
-	if c.haClient != nil {
-		return c.haClient, nil
-	}
-
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Annotate(err, "cannot get API connection")
-	}
-
-	// NewClient does not return an error, so we'll return nil
-	return highavailability.NewClient(root), nil
-}
-
 // Run connects to the environment specified on the command line
 // and calls EnableHA.
 func (c *enableHACommand) Run(ctx *cmd.Context) error {
-	haClient, err := c.getHAClient()
+	haClient, err := c.newHAClientFunc()
 	if err != nil {
 		return err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/enableha_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/enableha_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/enableha_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/enableha_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -101,7 +101,7 @@
 var _ = gc.Suite(&EnableHASuite{})
 
 func (s *EnableHASuite) runEnableHA(c *gc.C, args ...string) (*cmd.Context, error) {
-	command := &enableHACommand{haClient: s.fake}
+	command := &enableHACommand{newHAClientFunc: func() (MakeHAClient, error) { return s.fake, nil }}
 	return coretesting.RunCommand(c, modelcmd.Wrap(command), args...)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/helptool.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/helptool.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/helptool.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/helptool.go	2016-07-18 19:45:44.000000000 +0000
@@ -98,7 +98,7 @@
 	return &cmd.Info{
 		Name:    "help-tool",
 		Args:    "[tool]",
-		Purpose: "show help on a juju charm tool",
+		Purpose: "Show help on a Juju charm tool.",
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/helptool_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/helptool_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/helptool_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/helptool_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,7 +24,7 @@
 	c.Assert(output, gc.Equals, `Usage: juju help-tool [tool]
 
 Summary:
-show help on a juju charm tool
+Show help on a Juju charm tool.
 `)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/import_sshkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/import_sshkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/import_sshkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/import_sshkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,11 +19,16 @@
 var usageImportSSHKeyDetails = `
 Juju can add SSH keys to its cache from reliable public sources (currently
 Launchpad and GitHub), allowing those users SSH access to Juju machines.
-The user identity supplied is the username on the respective service given
-by 'lp:' or 'gh:'.
+
+The user identity supplied is the username on the respective service given by
+'lp:' or 'gh:'.
+
 If the user has multiple keys on the service, all the keys will be added.
-Once the keys are imported, they can be viewed with the `[1:] + "`juju list-ssh-\nkeys`" + ` command, where comments will indicate which ones were imported in
+
+Once the keys are imported, they can be viewed with the `[1:] + "`juju ssh-keys`" + `
+command, where comments will indicate which ones were imported in
 this way.
+
 An alternative to this command is the more manual ` + "`juju add-ssh-key`" + `.
 
 Examples:
@@ -38,7 +43,7 @@
 
 See also: 
     add-ssh-key
-    list-ssh-keys`
+    ssh-keys`
 
 // NewImportKeysCommand is used to add new authorized ssh keys to a model.
 func NewImportKeysCommand() cmd.Command {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/list_sshkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/list_sshkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/list_sshkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/list_sshkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,11 +27,11 @@
 key may be displayed.
 
 Examples:
-    juju list-ssh-keys
+    juju ssh-keys
 
 To examine the full key, use the '--full' option:
 
-    juju list-keys -m jujutest --full`[1:]
+    juju ssh-keys -m jujutest --full`[1:]
 
 // NewListKeysCommand returns a command used to list the authorized ssh keys.
 func NewListKeysCommand() cmd.Command {
@@ -48,10 +48,10 @@
 // Info implements Command.Info.
 func (c *listKeysCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-ssh-keys",
+		Name:    "ssh-keys",
 		Purpose: usageListSSHKeysSummary,
 		Doc:     usageListSSHKeysDetails,
-		Aliases: []string{"ssh-key", "ssh-keys", "list-ssh-key"},
+		Aliases: []string{"list-ssh-keys", "ssh-key", "list-ssh-key"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/main.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/main.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/main.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/main.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,6 +19,7 @@
 
 	jujucmd "github.com/juju/juju/cmd"
 	"github.com/juju/juju/cmd/juju/action"
+	"github.com/juju/juju/cmd/juju/application"
 	"github.com/juju/juju/cmd/juju/backups"
 	"github.com/juju/juju/cmd/juju/block"
 	"github.com/juju/juju/cmd/juju/cachedimages"
@@ -29,7 +30,6 @@
 	"github.com/juju/juju/cmd/juju/machine"
 	"github.com/juju/juju/cmd/juju/metricsdebug"
 	"github.com/juju/juju/cmd/juju/model"
-	"github.com/juju/juju/cmd/juju/service"
 	"github.com/juju/juju/cmd/juju/setmeterstatus"
 	"github.com/juju/juju/cmd/juju/space"
 	"github.com/juju/juju/cmd/juju/status"
@@ -40,6 +40,7 @@
 	"github.com/juju/juju/feature"
 	"github.com/juju/juju/juju"
 	"github.com/juju/juju/juju/osenv"
+	"github.com/juju/juju/jujuclient"
 	jujuversion "github.com/juju/juju/version"
 	// Import the providers.
 	_ "github.com/juju/juju/provider/all"
@@ -56,7 +57,7 @@
 //  Main
 
 var jujuDoc = `
-juju provides easy, intelligent service orchestration on top of cloud
+juju provides easy, intelligent application orchestration on top of cloud
 infrastructure providers such as Amazon EC2, HP Cloud, MaaS, OpenStack, Windows
 Azure, or your local machine.
 
@@ -69,7 +70,7 @@
 Usage: juju [help] <command>
 
 Summary:
-Juju is model & service management software designed to leverage the power
+Juju is model & application management software designed to leverage the power
 of existing resource pools, particularly cloud-based ones. It has built-in
 support for cloud providers such as Amazon EC2, Google GCE, Microsoft
 Azure, OpenStack, and Rackspace. It also works very well with MAAS and
@@ -82,16 +83,16 @@
 
     add-cloud           Adds a user-defined cloud to Juju.
     add-credential      Adds or replaces credentials for a cloud.
-    add-relation        Adds a relation between two services.
-    add-unit            Adds extra units of a deployed service.
+    add-model           Adds a hosted model.
+    add-relation        Adds a relation between two applications.
+    add-unit            Adds extra units of a deployed application.
     add-user            Adds a Juju user to a controller.
     bootstrap           Initializes a cloud environment.
-    add-model           Adds a hosted model.
-    deploy              Deploys a new service.
-    expose              Makes a service publicly available over the network.
-    list-controllers    Lists all controllers.
-    list-models         Lists models a user can access on a controller.
-    status              Displays the current status of Juju, services, and units.
+    controllers         Lists all controllers.
+    deploy              Deploys a new application.
+    expose              Makes an application publicly available over the network.
+    models              Lists models a user can access on a controller.
+    status              Displays the current status of Juju, applications, and units.
     switch              Selects or identifies the current controller and model.
 
 Example help commands:
@@ -220,12 +221,12 @@
 func registerCommands(r commandRegistry, ctx *cmd.Context) {
 	// Creation commands.
 	r.Register(newBootstrapCommand())
-	r.Register(service.NewAddRelationCommand())
+	r.Register(application.NewAddRelationCommand())
 
 	// Destruction commands.
-	r.Register(service.NewRemoveRelationCommand())
-	r.Register(service.NewRemoveServiceCommand())
-	r.Register(service.NewRemoveUnitCommand())
+	r.Register(application.NewRemoveRelationCommand())
+	r.Register(application.NewRemoveServiceCommand())
+	r.Register(application.NewRemoveUnitCommand())
 
 	// Reporting commands.
 	r.Register(status.NewStatusCommand())
@@ -245,7 +246,7 @@
 	r.Register(model.NewModelSetConstraintsCommand())
 	r.Register(newSyncToolsCommand())
 	r.Register(newUpgradeJujuCommand(nil))
-	r.Register(service.NewUpgradeCharmCommand())
+	r.Register(application.NewUpgradeCharmCommand())
 
 	// Charm publishing commands.
 	r.Register(newPublishCommand())
@@ -314,14 +315,14 @@
 	r.Register(newEnableHACommand())
 
 	// Manage and control services
-	r.Register(service.NewAddUnitCommand())
-	r.Register(service.NewGetCommand())
-	r.Register(service.NewSetCommand())
-	r.Register(service.NewDeployCommand())
-	r.Register(service.NewExposeCommand())
-	r.Register(service.NewUnexposeCommand())
-	r.Register(service.NewServiceGetConstraintsCommand())
-	r.Register(service.NewServiceSetConstraintsCommand())
+	r.Register(application.NewAddUnitCommand())
+	r.Register(application.NewGetCommand())
+	r.Register(application.NewSetCommand())
+	r.Register(application.NewDeployCommand())
+	r.Register(application.NewExposeCommand())
+	r.Register(application.NewUnexposeCommand())
+	r.Register(application.NewServiceGetConstraintsCommand())
+	r.Register(application.NewServiceSetConstraintsCommand())
 
 	// Operation protection commands
 	r.Register(block.NewSuperBlockCommand())
@@ -359,8 +360,10 @@
 	r.Register(controller.NewListControllersCommand())
 	r.Register(controller.NewListBlocksCommand())
 	r.Register(controller.NewRegisterCommand())
+	r.Register(controller.NewUnregisterCommand(jujuclient.NewFileClientStore()))
 	r.Register(controller.NewRemoveBlocksCommand())
 	r.Register(controller.NewShowControllerCommand())
+	r.Register(controller.NewGetConfigCommand())
 
 	// Debug Metrics
 	r.Register(metricsdebug.New())
@@ -372,6 +375,7 @@
 	r.Register(cloud.NewListCloudsCommand())
 	r.Register(cloud.NewShowCloudCommand())
 	r.Register(cloud.NewAddCloudCommand())
+	r.Register(cloud.NewRemoveCloudCommand())
 	r.Register(cloud.NewListCredentialsCommand())
 	r.Register(cloud.NewDetectCredentialsCommand())
 	r.Register(cloud.NewSetDefaultRegionCommand())
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/main_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/main_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/main_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/main_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,8 +22,8 @@
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/cmd/juju/application"
 	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/juju/service"
 	"github.com/juju/juju/cmd/modelcmd"
 	cmdtesting "github.com/juju/juju/cmd/testing"
 	"github.com/juju/juju/feature"
@@ -41,10 +41,10 @@
 var _ = gc.Suite(&MainSuite{})
 
 func deployHelpText() string {
-	return cmdtesting.HelpText(service.NewDeployCommand(), "juju deploy")
+	return cmdtesting.HelpText(application.NewDeployCommand(), "juju deploy")
 }
 func setconfigHelpText() string {
-	return cmdtesting.HelpText(service.NewSetCommand(), "juju set-config")
+	return cmdtesting.HelpText(application.NewSetCommand(), "juju set-config")
 }
 
 func syncToolsHelpText() string {
@@ -159,9 +159,9 @@
 	s.PatchEnvironment(osenv.JujuModelEnvKey, "current")
 	logpath := filepath.Join(c.MkDir(), "log")
 	tests := [][]string{
-		{"--log-file", logpath, "--debug", "list-controllers"}, // global flags before
-		{"list-controllers", "--log-file", logpath, "--debug"}, // after
-		{"--log-file", logpath, "list-controllers", "--debug"}, // mixed
+		{"--log-file", logpath, "--debug", "controllers"}, // global flags before
+		{"controllers", "--log-file", logpath, "--debug"}, // after
+		{"--log-file", logpath, "controllers", "--debug"}, // mixed
 	}
 	for i, test := range tests {
 		c.Logf("test %d: %v", i, test)
@@ -368,18 +368,24 @@
 	"add-units",
 	"add-user",
 	"agree",
+	"agreements",
 	"allocate",
 	"autoload-credentials",
 	"backups",
 	"block",
+	"blocks",
 	"bootstrap",
+	"budgets",
 	"cached-images",
 	"change-user-password",
 	"charm",
+	"clouds",
 	"collect-metrics",
+	"controllers",
 	"create-backup",
 	"create-budget",
 	"create-storage-pool",
+	"credentials",
 	"debug-hooks",
 	"debug-log",
 	"debug-metrics",
@@ -387,7 +393,7 @@
 	"destroy-controller",
 	"destroy-model",
 	"destroy-relation",
-	"destroy-service",
+	"destroy-application",
 	"destroy-unit",
 	"disable-user",
 	"download-backup",
@@ -397,6 +403,7 @@
 	"get-config",
 	"get-configs",
 	"get-constraints",
+	"get-controller-config",
 	"get-model-config",
 	"get-model-constraints",
 	"grant",
@@ -410,6 +417,7 @@
 	"list-agreements",
 	"list-all-blocks",
 	"list-backups",
+	"list-blocks",
 	"list-budgets",
 	"list-cached-images",
 	"list-clouds",
@@ -431,16 +439,20 @@
 	"logout",
 	"machine",
 	"machines",
+	"models",
+	"plans",
 	"publish",
 	"register",
+	"relate", //alias for add-relation
 	"remove-all-blocks",
+	"remove-application", // alias for destroy-application
 	"remove-backup",
 	"remove-cached-images",
+	"remove-cloud",
 	"remove-credential",
 	"remove-machine",
 	"remove-machines",
 	"remove-relation", // alias for destroy-relation
-	"remove-service",  // alias for destroy-service
 	"remove-ssh-key",
 	"remove-ssh-keys",
 	"remove-unit", // alias for destroy-unit
@@ -463,6 +475,7 @@
 	"set-plan",
 	"ssh-key",
 	"ssh-keys",
+	"shares",
 	"show-action-output",
 	"show-action-status",
 	"show-backup",
@@ -481,6 +494,7 @@
 	"status",
 	"status-history",
 	"storage",
+	"storage-pools",
 	"subnets",
 	"switch",
 	"sync-tools",
@@ -488,11 +502,13 @@
 	"unexpose",
 	"update-allocation",
 	"upload-backup",
+	"unregister",
 	"unset-model-config",
 	"update-clouds",
 	"upgrade-charm",
 	"upgrade-gui",
 	"upgrade-juju",
+	"users",
 	"version",
 }
 
@@ -668,9 +684,12 @@
 		}
 
 		c.Check(purpose, gc.Not(gc.Equals), "", comment("has empty Purpose"))
-		// TODO (cherylj) Add back in the check for capitalization of
-		// purpose, but check for upper case.  This requires all commands
-		// to have been updated first.
+		if purpose != "" {
+			prefix := string(purpose[0])
+			c.Check(prefix, gc.Equals, strings.ToUpper(prefix),
+				comment("expected uppercase first-letter Purpose"),
+			)
+		}
 		if doc != "" && !strings.HasPrefix(doc, info.Name) {
 			prefix := string(doc[0])
 			c.Check(prefix, gc.Equals, strings.ToUpper(prefix),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/migrate.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/migrate.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/migrate.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/migrate.go	2016-07-18 19:45:44.000000000 +0000
@@ -87,27 +87,17 @@
 func (c *migrateCommand) getMigrationSpec() (*controller.ModelMigrationSpec, error) {
 	store := c.ClientStore()
 
-	modelInfo, err := store.ModelByName(c.ControllerName(), c.AccountName(), c.model)
+	modelInfo, err := store.ModelByName(c.ControllerName(), c.model)
 	if err != nil {
 		return nil, err
 	}
 
-	controllerName, err := modelcmd.ResolveControllerName(store, c.targetController)
+	controllerInfo, err := store.ControllerByName(c.targetController)
 	if err != nil {
 		return nil, err
 	}
 
-	controllerInfo, err := store.ControllerByName(controllerName)
-	if err != nil {
-		return nil, err
-	}
-
-	accountName, err := store.CurrentAccount(controllerName)
-	if err != nil {
-		return nil, err
-	}
-
-	accountInfo, err := store.AccountByName(controllerName, accountName)
+	accountInfo, err := store.AccountDetails(c.targetController)
 	if err != nil {
 		return nil, err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/migrate_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/migrate_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/migrate_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/migrate_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,31 +39,27 @@
 		CACert:         "somecert",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = modelcmd.WriteCurrentController("source")
+	err = s.store.SetCurrentController("source")
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Define an account for the model in the source controller in the config.
-	err = s.store.UpdateAccount("source", "source@local", jujuclient.AccountDetails{
-		User: "whatever@local",
+	err = s.store.UpdateAccount("source", jujuclient.AccountDetails{
+		User: "source@local",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.SetCurrentAccount("source", "source@local")
-	c.Assert(err, jc.ErrorIsNil)
 
 	// Define the model to migrate in the config.
-	err = s.store.UpdateModel("source", "source@local", "model", jujuclient.ModelDetails{
+	err = s.store.UpdateModel("source", "model", jujuclient.ModelDetails{
 		ModelUUID: modelUUID,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Define the account for the target controller.
-	err = s.store.UpdateAccount("target", "target@local", jujuclient.AccountDetails{
-		User:     "admin@local",
+	err = s.store.UpdateAccount("target", jujuclient.AccountDetails{
+		User:     "target@local",
 		Password: "secret",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.SetCurrentAccount("target", "target@local")
-	c.Assert(err, jc.ErrorIsNil)
 
 	// Define the target controller in the config.
 	err = s.store.UpdateController("target", jujuclient.ControllerDetails{
@@ -101,7 +97,7 @@
 		TargetControllerUUID: targetControllerUUID,
 		TargetAddrs:          []string{"1.2.3.4:5"},
 		TargetCACert:         "cert",
-		TargetUser:           "admin@local",
+		TargetUser:           "target@local",
 		TargetPassword:       "secret",
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,6 @@
 	"runtime"
 	stdtesting "testing"
 
-	gittesting "github.com/juju/testing"
-
 	cmdtesting "github.com/juju/juju/cmd/testing"
 	_ "github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/testing"
@@ -20,9 +18,6 @@
 	if runtime.GOARCH == "386" {
 		t.Skipf("skipping package for %v/%v, see http://pad.lv/1425569", runtime.GOOS, runtime.GOARCH)
 	}
-	if gittesting.RaceEnabled {
-		t.Skip("skipping test in -race mode, see LP 1518810")
-	}
 	testing.MgoTestPackage(t)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/plugin.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/plugin.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/plugin.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/plugin.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,6 +10,7 @@
 	"os"
 	"os/exec"
 	"path/filepath"
+	"regexp"
 	"sort"
 	"strings"
 	"syscall"
@@ -22,6 +23,7 @@
 )
 
 const JujuPluginPrefix = "juju-"
+const JujuPluginPattern = "^juju-[a-zA-Z]"
 
 // This is a very rudimentary method used to extract common Juju
 // arguments from the full list passed to the plugin. Currently,
@@ -194,9 +196,10 @@
 	return results
 }
 
-// findPlugins searches the current PATH for executable files that start with
-// JujuPluginPrefix.
+// findPlugins searches the current PATH for executable files that match
+// JujuPluginPattern.
 func findPlugins() []string {
+	re := regexp.MustCompile(JujuPluginPattern)
 	path := os.Getenv("PATH")
 	plugins := []string{}
 	for _, name := range filepath.SplitList(path) {
@@ -205,7 +208,7 @@
 			continue
 		}
 		for _, entry := range entries {
-			if strings.HasPrefix(entry.Name(), JujuPluginPrefix) && (entry.Mode()&0111) != 0 {
+			if re.Match([]byte(entry.Name())) && (entry.Mode()&0111) != 0 {
 				plugins = append(plugins, entry.Name())
 			}
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/plugin_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/plugin_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/plugin_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/plugin_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,7 +17,6 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/testing"
 )
@@ -50,22 +49,30 @@
 }
 
 func (suite *PluginSuite) TestFindPluginsOrder(c *gc.C) {
-	suite.makePlugin("foo", 0744)
-	suite.makePlugin("bar", 0654)
-	suite.makePlugin("baz", 0645)
+	suite.makeWorkingPlugin("foo", 0744)
+	suite.makeWorkingPlugin("bar", 0654)
+	suite.makeWorkingPlugin("baz", 0645)
 	plugins := findPlugins()
 	c.Assert(plugins, gc.DeepEquals, []string{"juju-bar", "juju-baz", "juju-foo"})
 }
 
+func (suite *PluginSuite) TestFindPluginsBadNames(c *gc.C) {
+	suite.makePlugin("juju-1foo", "", 0755)
+	suite.makePlugin("juju--foo", "", 0755)
+	suite.makePlugin("ajuju-foo", "", 0755)
+	plugins := findPlugins()
+	c.Assert(plugins, gc.DeepEquals, []string{})
+}
+
 func (suite *PluginSuite) TestFindPluginsIgnoreNotExec(c *gc.C) {
-	suite.makePlugin("foo", 0644)
-	suite.makePlugin("bar", 0666)
+	suite.makeWorkingPlugin("foo", 0644)
+	suite.makeWorkingPlugin("bar", 0666)
 	plugins := findPlugins()
 	c.Assert(plugins, gc.DeepEquals, []string{})
 }
 
 func (suite *PluginSuite) TestRunPluginExising(c *gc.C) {
-	suite.makePlugin("foo", 0755)
+	suite.makeWorkingPlugin("foo", 0755)
 	ctx := testing.Context(c)
 	err := RunPlugin(ctx, "foo", []string{"some params"})
 	c.Assert(err, jc.ErrorIsNil)
@@ -157,16 +164,19 @@
 func (suite *PluginSuite) TestJujuEnvVars(c *gc.C) {
 	// Plugins are run as model commands, and so require a current
 	// account and model.
-	err := modelcmd.WriteCurrentController("myctrl")
-	c.Assert(err, jc.ErrorIsNil)
 	store := jujuclient.NewFileClientStore()
-	err = store.UpdateAccount("myctrl", "admin@local", jujuclient.AccountDetails{
+	err := store.UpdateController("myctrl", jujuclient.ControllerDetails{
+		ControllerUUID: testing.ModelTag.Id(),
+		CACert:         "fake",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	err = store.SetCurrentController("myctrl")
+	c.Assert(err, jc.ErrorIsNil)
+	err = store.UpdateAccount("myctrl", jujuclient.AccountDetails{
 		User:     "admin@local",
 		Password: "hunter2",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = store.SetCurrentAccount("myctrl", "admin@local")
-	c.Assert(err, jc.ErrorIsNil)
 
 	suite.makeFullPlugin(PluginParams{Name: "foo"})
 	output := badrun(c, 0, "foo", "-m", "mymodel", "-p", "pluginarg")
@@ -174,16 +184,20 @@
 	c.Assert(output, gc.Matches, expectedDebug)
 }
 
-func (suite *PluginSuite) makePlugin(name string, perm os.FileMode) {
-	content := fmt.Sprintf("#!/bin/bash --norc\necho %s $*", name)
-	filename := gitjujutesting.HomePath(JujuPluginPrefix + name)
+func (suite *PluginSuite) makePlugin(fullName, script string, perm os.FileMode) {
+	filename := gitjujutesting.HomePath(fullName)
+	content := fmt.Sprintf("#!/bin/bash --norc\n%s", script)
 	ioutil.WriteFile(filename, []byte(content), perm)
 }
 
+func (suite *PluginSuite) makeWorkingPlugin(name string, perm os.FileMode) {
+	script := fmt.Sprintf("echo %s $*", name)
+	suite.makePlugin(JujuPluginPrefix+name, script, perm)
+}
+
 func (suite *PluginSuite) makeFailingPlugin(name string, exitStatus int) {
-	content := fmt.Sprintf("#!/bin/bash --norc\necho failing\nexit %d", exitStatus)
-	filename := gitjujutesting.HomePath(JujuPluginPrefix + name)
-	ioutil.WriteFile(filename, []byte(content), 0755)
+	script := fmt.Sprintf("echo failing\nexit %d", exitStatus)
+	suite.makePlugin(JujuPluginPrefix+name, script, 0755)
 }
 
 type PluginParams struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/publish.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/publish.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/publish.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/publish.go	2016-07-18 19:45:44.000000000 +0000
@@ -54,13 +54,13 @@
 	return &cmd.Info{
 		Name:    "publish",
 		Args:    "[<charm url>]",
-		Purpose: "publish charm to the store",
+		Purpose: "Publish charm to the store.",
 		Doc:     publishDoc,
 	}
 }
 
 func (c *publishCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.StringVar(&c.CharmPath, "from", ".", "path for charm to be published")
+	f.StringVar(&c.CharmPath, "from", ".", "Path for charm to be published")
 }
 
 func (c *publishCommand) Init(args []string) error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/remove_sshkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/remove_sshkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/remove_sshkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/remove_sshkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,7 +29,7 @@
     juju remove-ssh-key bob@ubuntu carol@ubuntu
 
 See also: 
-    list-ssh-key
+    ssh-keys
     add-ssh-key
     import-ssh-key`[1:]
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/resolved.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/resolved.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/resolved.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/resolved.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/cmd/juju/block"
@@ -29,12 +29,12 @@
 	return &cmd.Info{
 		Name:    "resolved",
 		Args:    "<unit>",
-		Purpose: "marks unit errors resolved",
+		Purpose: "Marks unit errors resolved.",
 	}
 }
 
 func (c *resolvedCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.Retry, "r", false, "re-execute failed hooks")
+	f.BoolVar(&c.Retry, "r", false, "Re-execute failed hooks")
 	f.BoolVar(&c.Retry, "retry", false, "")
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/resolved_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/resolved_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/resolved_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/resolved_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,13 @@
 package commands
 
 import (
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/cmd/juju/application"
 	"github.com/juju/juju/cmd/juju/common"
-	"github.com/juju/juju/cmd/juju/service"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/status"
@@ -36,7 +38,7 @@
 }
 
 func runDeploy(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, service.NewDeployCommand(), args...)
+	_, err := testing.RunCommand(c, application.NewDeployCommand(), args...)
 	return err
 }
 
@@ -93,10 +95,17 @@
 	err := runDeploy(c, "-n", "5", ch, "dummy", "--series", "quantal")
 	c.Assert(err, jc.ErrorIsNil)
 
+	// lp:1558657
+	now := time.Now()
 	for _, name := range []string{"dummy/2", "dummy/3", "dummy/4"} {
 		u, err := s.State.Unit(name)
 		c.Assert(err, jc.ErrorIsNil)
-		err = u.SetAgentStatus(status.StatusError, "lol borken", nil)
+		sInfo := status.StatusInfo{
+			Status:  status.StatusError,
+			Message: "lol borken",
+			Since:   &now,
+		}
+		err = u.SetAgentStatus(sInfo)
 		c.Assert(err, jc.ErrorIsNil)
 	}
 
@@ -121,10 +130,17 @@
 	err := runDeploy(c, "-n", "5", ch, "dummy", "--series", "quantal")
 	c.Assert(err, jc.ErrorIsNil)
 
+	// lp:1558657
+	now := time.Now()
 	for _, name := range []string{"dummy/2", "dummy/3", "dummy/4"} {
 		u, err := s.State.Unit(name)
 		c.Assert(err, jc.ErrorIsNil)
-		err = u.SetAgentStatus(status.StatusError, "lol borken", nil)
+		sInfo := status.StatusInfo{
+			Status:  status.StatusError,
+			Message: "lol borken",
+			Since:   &now,
+		}
+		err = u.SetAgentStatus(sInfo)
 		c.Assert(err, jc.ErrorIsNil)
 	}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/run.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/run.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/run.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/run.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	actionapi "github.com/juju/juju/api/action"
@@ -41,23 +41,23 @@
 const runDoc = `
 Run the commands on the specified targets.
 
-Targets are specified using either machine ids, service names or unit
+Targets are specified using either machine ids, application names or unit
 names.  At least one target specifier is needed.
 
-Multiple values can be set for --machine, --service, and --unit by using
+Multiple values can be set for --machine, --application, and --unit by using
 comma separated values.
 
 If the target is a machine, the command is run as the "ubuntu" user on
 the remote machine.
 
-If the target is a service, the command is run on all units for that
-service. For example, if there was a service "mysql" and that service
+If the target is an application, the command is run on all units for that
+application. For example, if there was an application "mysql" and that application
 had two units, "mysql/0" and "mysql/1", then
-  --service mysql
+  --application mysql
 is equivalent to
   --unit mysql/0,mysql/1
 
-Commands run for services or units are executed in a 'hook context' for
+Commands run for applications or units are executed in a 'hook context' for
 the unit.
 
 --all is provided as a simple way to run the command on all the machines
@@ -72,18 +72,18 @@
 	return &cmd.Info{
 		Name:    "run",
 		Args:    "<commands>",
-		Purpose: "run the commands on the remote targets specified",
+		Purpose: "Run the commands on the remote targets specified.",
 		Doc:     runDoc,
 	}
 }
 
 func (c *runCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
-	f.BoolVar(&c.all, "all", false, "run the commands on all the machines")
-	f.DurationVar(&c.timeout, "timeout", 5*time.Minute, "how long to wait before the remote command is considered to have failed")
-	f.Var(cmd.NewStringsValue(nil, &c.machines), "machine", "one or more machine ids")
-	f.Var(cmd.NewStringsValue(nil, &c.services), "service", "one or more service names")
-	f.Var(cmd.NewStringsValue(nil, &c.units), "unit", "one or more unit ids")
+	f.BoolVar(&c.all, "all", false, "Run the commands on all the machines")
+	f.DurationVar(&c.timeout, "timeout", 5*time.Minute, "How long to wait before the remote command is considered to have failed")
+	f.Var(cmd.NewStringsValue(nil, &c.machines), "machine", "One or more machine ids")
+	f.Var(cmd.NewStringsValue(nil, &c.services), "application", "One or more application names")
+	f.Var(cmd.NewStringsValue(nil, &c.units), "unit", "One or more unit ids")
 }
 
 func (c *runCommand) Init(args []string) error {
@@ -97,14 +97,14 @@
 			return fmt.Errorf("You cannot specify --all and individual machines")
 		}
 		if len(c.services) != 0 {
-			return fmt.Errorf("You cannot specify --all and individual services")
+			return fmt.Errorf("You cannot specify --all and individual applications")
 		}
 		if len(c.units) != 0 {
 			return fmt.Errorf("You cannot specify --all and individual units")
 		}
 	} else {
 		if len(c.machines) == 0 && len(c.services) == 0 && len(c.units) == 0 {
-			return fmt.Errorf("You must specify a target, either through --all, --machine, --service or --unit")
+			return fmt.Errorf("You must specify a target, either through --all, --machine, --application or --unit")
 		}
 	}
 
@@ -115,8 +115,8 @@
 		}
 	}
 	for _, service := range c.services {
-		if !names.IsValidService(service) {
-			nameErrors = append(nameErrors, fmt.Sprintf("  %q is not a valid service name", service))
+		if !names.IsValidApplication(service) {
+			nameErrors = append(nameErrors, fmt.Sprintf("  %q is not a valid application name", service))
 		}
 	}
 	for _, unit := range c.units {
@@ -192,11 +192,11 @@
 		runResults, err = client.RunOnAllMachines(c.commands, c.timeout)
 	} else {
 		params := params.RunParams{
-			Commands: c.commands,
-			Timeout:  c.timeout,
-			Machines: c.machines,
-			Services: c.services,
-			Units:    c.units,
+			Commands:     c.commands,
+			Timeout:      c.timeout,
+			Machines:     c.machines,
+			Applications: c.services,
+			Units:        c.units,
 		}
 		runResults, err = client.Run(params)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/run_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/run_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/run_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/run_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,11 +10,11 @@
 	"time"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/exec"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -45,7 +45,7 @@
 	}, {
 		message:  "no target",
 		args:     []string{"sudo reboot"},
-		errMatch: "You must specify a target, either through --all, --machine, --service or --unit",
+		errMatch: "You must specify a target, either through --all, --machine, --application or --unit",
 	}, {
 		message:  "too many args",
 		args:     []string{"--all", "sudo reboot", "oops"},
@@ -72,21 +72,21 @@
 			"  \"foo\" is not a valid machine id\n" +
 			"  \"machine-2\" is not a valid machine id",
 	}, {
-		message:  "all and defined services",
-		args:     []string{"--all", "--service=wordpress,mysql", "sudo reboot"},
-		errMatch: `You cannot specify --all and individual services`,
+		message:  "all and defined applications",
+		args:     []string{"--all", "--application=wordpress,mysql", "sudo reboot"},
+		errMatch: `You cannot specify --all and individual applications`,
 	}, {
-		message:  "command to services wordpress and mysql",
-		args:     []string{"--service=wordpress,mysql", "sudo reboot"},
+		message:  "command to applications wordpress and mysql",
+		args:     []string{"--application=wordpress,mysql", "sudo reboot"},
 		commands: "sudo reboot",
 		services: []string{"wordpress", "mysql"},
 	}, {
-		message: "bad service names",
-		args:    []string{"--service", "foo,2,foo/0", "sudo reboot"},
+		message: "bad application names",
+		args:    []string{"--application", "foo,2,foo/0", "sudo reboot"},
 		errMatch: "" +
 			"The following run targets are not valid:\n" +
-			"  \"2\" is not a valid service name\n" +
-			"  \"foo/0\" is not a valid service name",
+			"  \"2\" is not a valid application name\n" +
+			"  \"foo/0\" is not a valid application name",
 	}, {
 		message:  "all and defined units",
 		args:     []string{"--all", "--unit=wordpress/0,mysql/1", "sudo reboot"},
@@ -105,7 +105,7 @@
 			"  \"2\" is not a valid unit name",
 	}, {
 		message:  "command to mixed valid targets",
-		args:     []string{"--machine=0", "--unit=wordpress/0,wordpress/1", "--service=mysql", "sudo reboot"},
+		args:     []string{"--machine=0", "--unit=wordpress/0,wordpress/1", "--application=mysql", "sudo reboot"},
 		commands: "sudo reboot",
 		machines: []string{"0"},
 		services: []string{"mysql"},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/scp.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/scp.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/scp.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/scp.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,6 +9,7 @@
 	"strings"
 
 	"github.com/juju/cmd"
+	"github.com/juju/errors"
 	"github.com/juju/utils/ssh"
 
 	"github.com/juju/juju/cmd/modelcmd"
@@ -18,39 +19,44 @@
 Transfers files to/from a Juju machine.`[1:]
 
 var usageSCPDetails = `
-The usage is for transferring files from the client to a Juju machine. To
-do the reverse:
-juju scp [options] [<user>@]<target>:<file> <path>
-and use quotes when multiple files are involved.
-The machine is identified by the <target> argument which is either a 'unit
-name' or a 'machine id'. Both are obtained in the output from `[1:] + "`juju \nstatus`" + `: unit name in the [Units] section and machine id in the [Machines]
-section.
-If 'user' is specified then the connection is made to that user account;
-otherwise, the 'ubuntu' account is used.
-'file' can be single or multiple files or directories. For directories,
-you must use the scp option of '-r'.
-Options specific to scp can be inserted between 'scp' and '[options]' with
-'-- <scp-options>'. Refer to the scp(1) man page for an explanation of
-those options.
+The source or destination arguments may either be a local path or a remote
+location. The syntax for a remote location is:
+
+    [<user>@]<target>:[<path>]
+
+If the user is not specified, "ubuntu" is used. If <path> is not specified, it
+defaults to the home directory of the remote user account.
+
+The <target> may be either a 'unit name' or a 'machine id'. These can be
+obtained from the output of "juju status".
+
+Options specific to scp can be provided after a "--". Refer to the scp(1) man
+page for an explanation of those options. The "-r" option to recursively copy a
+directory is particularly useful.
+
+The SSH host keys of the target are verified. The --no-host-key-checks option
+can be used to disable these checks. Use of this option is not recommended as
+it opens up the possibility of a man-in-the-middle attack.
 
 Examples:
+
 Copy file /var/log/syslog from machine 2 to the client's current working
 directory:
 
     juju scp 2:/var/log/syslog .
 
-Copy directory /var/log/mongodb, recursively, from a mongodb unit
-to the client's local directory remote-logs:
+Recursively copy the /var/log/mongodb directory from a mongodb unit to the
+client's local remote-logs directory:
 
     juju scp -- -r mongodb/0:/var/log/mongodb/ remote-logs
 
-Copy file foo.txt, in verbose mode, from the client's current working
-directory to an apache2 unit of model "mymodel":
+Copy foo.txt from the client's current working directory to an apache2 unit of
+model "prod". Proxy the SSH connection through the controller and turn on scp
+compression:
 
-    juju scp -- -v -m mymodel foo.txt apache2/1:
+    juju scp -m prod --proxy -- -C foo.txt apache2/1:
 
-Copy multiple files from the client's current working directory to machine
-2:
+Copy multiple files from the client's current working directory to machine 2:
 
     juju scp file1 file2 2:
 
@@ -59,6 +65,11 @@
 
     juju scp bob@3:'file1 file2' .
 
+Copy file.dat from machine 0 to the machine hosting unit foo/0 (-3
+causes the transfer to be made via the client):
+
+    juju scp -- -3 0:file.dat foo/0:
+
 See also: 
     ssh`
 
@@ -74,7 +85,7 @@
 func (c *scpCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "scp",
-		Args:    "<file> [<user>@]<target>:[<path>]",
+		Args:    "<source> <destination>",
 		Purpose: usageSCPSummary,
 		Doc:     usageSCPDetails,
 	}
@@ -88,12 +99,37 @@
 	return nil
 }
 
+// Run resolves c.Target to a machine, or host of a unit and
+// forks ssh with c.Args, if provided.
+func (c *scpCommand) Run(ctx *cmd.Context) error {
+	err := c.initRun()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	defer c.cleanupRun()
+
+	args, targets, err := expandArgs(c.Args, c.resolveTarget)
+	if err != nil {
+		return err
+	}
+
+	options, err := c.getSSHOptions(false, targets...)
+	if err != nil {
+		return err
+	}
+
+	return ssh.Copy(args, options)
+}
+
 // expandArgs takes a list of arguments and looks for ones in the form of
-// 0:some/path or service/0:some/path, and translates them into
+// 0:some/path or application/0:some/path, and translates them into
 // ubuntu@machine:some/path so they can be passed as arguments to scp, and pass
 // the rest verbatim on to scp
-func expandArgs(args []string, userHostFromTarget func(string) (string, string, error)) ([]string, error) {
+func expandArgs(args []string, resolveTarget func(string) (*resolvedTarget, error)) (
+	[]string, []*resolvedTarget, error,
+) {
 	outArgs := make([]string, len(args))
+	var targets []*resolvedTarget
 	for i, arg := range args {
 		v := strings.SplitN(arg, ":", 2)
 		if strings.HasPrefix(arg, "-") || len(v) <= 1 {
@@ -101,32 +137,18 @@
 			outArgs[i] = arg
 			continue
 		}
-		user, host, err := userHostFromTarget(v[0])
+
+		target, err := resolveTarget(v[0])
 		if err != nil {
-			return nil, err
+			return nil, nil, err
 		}
-		outArgs[i] = user + "@" + net.JoinHostPort(host, v[1])
-	}
-	return outArgs, nil
-}
-
-// Run resolves c.Target to a machine, or host of a unit and
-// forks ssh with c.Args, if provided.
-func (c *scpCommand) Run(ctx *cmd.Context) error {
-	var err error
-	c.apiClient, err = c.initAPIClient()
-	if err != nil {
-		return err
-	}
-	defer c.apiClient.Close()
+		arg := net.JoinHostPort(target.host, v[1])
+		if target.user != "" {
+			arg = target.user + "@" + arg
+		}
+		outArgs[i] = arg
 
-	options, err := c.getSSHOptions(false)
-	if err != nil {
-		return err
+		targets = append(targets, target)
 	}
-	args, err := expandArgs(c.Args, c.userHostFromTarget)
-	if err != nil {
-		return err
-	}
-	return ssh.Copy(args, options)
+	return outArgs, targets, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/scp_unix_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/scp_unix_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/scp_unix_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/scp_unix_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,246 +6,192 @@
 package commands
 
 import (
-	"bytes"
-	"fmt"
 	"io/ioutil"
 	"path/filepath"
-	"strings"
 
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
 
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/testcharms"
 	coretesting "github.com/juju/juju/testing"
 )
 
 var _ = gc.Suite(&SCPSuite{})
-var _ = gc.Suite(&expandArgsSuite{})
 
 type SCPSuite struct {
 	SSHCommonSuite
 }
 
-type expandArgsSuite struct{}
-
 var scpTests = []struct {
-	about  string
-	args   []string
-	result string
-	proxy  bool
-	error  string
+	about    string
+	args     []string
+	expected argsSpec
+	error    string
 }{
 	{
-		about:  "scp from machine 0 to current dir",
-		args:   []string{"0:foo", "."},
-		result: commonArgs + "ubuntu@admin-0.dns:foo .\n",
-	}, {
-		about:  "scp from machine 0 to current dir with extra args",
-		args:   []string{"0:foo", ".", "-rv", "-o", "SomeOption"},
-		result: commonArgs + "ubuntu@admin-0.dns:foo . -rv -o SomeOption\n",
-	}, {
-		about:  "scp from current dir to machine 0",
-		args:   []string{"foo", "0:"},
-		result: commonArgs + "foo ubuntu@admin-0.dns:\n",
-	}, {
-		about:  "scp from current dir to machine 0 with extra args",
-		args:   []string{"foo", "0:", "-r", "-v"},
-		result: commonArgs + "foo ubuntu@admin-0.dns: -r -v\n",
-	}, {
-		about:  "scp from machine 0 to unit mysql/0",
-		args:   []string{"0:foo", "mysql/0:/foo"},
-		result: commonArgs + "ubuntu@admin-0.dns:foo ubuntu@admin-0.dns:/foo\n",
-	}, {
-		about:  "scp from machine 0 to unit mysql/0 and extra args",
-		args:   []string{"0:foo", "mysql/0:/foo", "-q"},
-		result: commonArgs + "ubuntu@admin-0.dns:foo ubuntu@admin-0.dns:/foo -q\n",
-	}, {
-		about:  "scp from machine 0 to unit mysql/0 and extra args before",
-		args:   []string{"-q", "-r", "0:foo", "mysql/0:/foo"},
-		result: commonArgs + "-q -r ubuntu@admin-0.dns:foo ubuntu@admin-0.dns:/foo\n",
-	}, {
-		about:  "scp two local files to unit mysql/0",
-		args:   []string{"file1", "file2", "mysql/0:/foo/"},
-		result: commonArgs + "file1 file2 ubuntu@admin-0.dns:/foo/\n",
-	}, {
-		about:  "scp from unit mongodb/1 to unit mongodb/0 and multiple extra args",
-		args:   []string{"mongodb/1:foo", "mongodb/0:", "-r", "-v", "-q", "-l5"},
-		result: commonArgs + "ubuntu@admin-2.dns:foo ubuntu@admin-1.dns: -r -v -q -l5\n",
-	}, {
-		about:  "scp works with IPv6 addresses",
-		args:   []string{"ipv6-svc/0:foo", "bar"},
-		result: commonArgs + `ubuntu@[2001:db8::1]:foo bar` + "\n",
-	}, {
-		about:  "scp from machine 0 to unit mysql/0 with proxy",
-		args:   []string{"0:foo", "mysql/0:/foo"},
-		result: commonArgsWithProxy + "ubuntu@admin-0.internal:foo ubuntu@admin-0.internal:/foo\n",
-		proxy:  true,
-	}, {
-		args:   []string{"0:foo", ".", "-rv", "-o", "SomeOption"},
-		result: commonArgs + "ubuntu@admin-0.dns:foo . -rv -o SomeOption\n",
-	}, {
-		args:   []string{"foo", "0:", "-r", "-v"},
-		result: commonArgs + "foo ubuntu@admin-0.dns: -r -v\n",
-	}, {
-		args:   []string{"mongodb/1:foo", "mongodb/0:", "-r", "-v", "-q", "-l5"},
-		result: commonArgs + "ubuntu@admin-2.dns:foo ubuntu@admin-1.dns: -r -v -q -l5\n",
-	}, {
-		about:  "scp from unit mongodb/1 to unit mongodb/0 with a --",
-		args:   []string{"--", "-r", "-v", "mongodb/1:foo", "mongodb/0:", "-q", "-l5"},
-		result: commonArgs + "-- -r -v ubuntu@admin-2.dns:foo ubuntu@admin-1.dns: -q -l5\n",
-	}, {
-		about:  "scp from unit mongodb/1 to current dir as 'mongo' user",
-		args:   []string{"mongo@mongodb/1:foo", "."},
-		result: commonArgs + "mongo@admin-2.dns:foo .\n",
+		about: "scp from machine 0 to current dir",
+		args:  []string{"0:foo", "."},
+		expected: argsSpec{
+			args:            "ubuntu@0.public:foo .",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp from machine 0 to current dir with extra args",
+		args:  []string{"0:foo", ".", "-rv", "-o", "SomeOption"},
+		expected: argsSpec{
+			args:            "ubuntu@0.public:foo . -rv -o SomeOption",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp from current dir to machine 0",
+		args:  []string{"foo", "0:"},
+		expected: argsSpec{
+			args:            "foo ubuntu@0.public:",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp when no keys available",
+		args:  []string{"foo", "1:"},
+		error: `retrieving SSH host keys for "1": keys not found`,
+	}, {
+		about: "scp when no keys available, with --no-host-key-checks",
+		args:  []string{"--no-host-key-checks", "foo", "1:"},
+		expected: argsSpec{
+			args:            "foo ubuntu@1.public:",
+			hostKeyChecking: "no",
+			knownHosts:      "null",
+		},
+	}, {
+		about: "scp from current dir to machine 0 with extra args",
+		args:  []string{"foo", "0:", "-r", "-v"},
+		expected: argsSpec{
+			args:            "foo ubuntu@0.public: -r -v",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp from machine 0 to unit mysql/0",
+		args:  []string{"0:foo", "mysql/0:/foo"},
+		expected: argsSpec{
+			args:            "ubuntu@0.public:foo ubuntu@0.public:/foo",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp from machine 0 to unit mysql/0 and extra args",
+		args:  []string{"0:foo", "mysql/0:/foo", "-q"},
+		expected: argsSpec{
+			args:            "ubuntu@0.public:foo ubuntu@0.public:/foo -q",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp from machine 0 to unit mysql/0 and extra args before",
+		args:  []string{"-q", "-r", "0:foo", "mysql/0:/foo"},
+		error: "flag provided but not defined: -q",
+	}, {
+		about: "scp two local files to unit mysql/0",
+		args:  []string{"file1", "file2", "mysql/0:/foo/"},
+		expected: argsSpec{
+			args:            "file1 file2 ubuntu@0.public:/foo/",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp from machine 0 to unit mysql/0 and multiple extra args",
+		args:  []string{"0:foo", "mysql/0:", "-r", "-v", "-q", "-l5"},
+		expected: argsSpec{
+			args:            "ubuntu@0.public:foo ubuntu@0.public: -r -v -q -l5",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp works with IPv6 addresses",
+		args:  []string{"2:foo", "bar"},
+		expected: argsSpec{
+			args:            `ubuntu@[2001:db8::1]:foo bar`,
+			hostKeyChecking: "yes",
+			knownHosts:      "2",
+		},
+	}, {
+		about: "scp from machine 0 to unit mysql/0 with proxy",
+		args:  []string{"--proxy=true", "0:foo", "mysql/0:/bar"},
+		expected: argsSpec{
+			args:            "ubuntu@0.private:foo ubuntu@0.private:/bar",
+			withProxy:       true,
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
+	}, {
+		about: "scp from unit mysql/0 to machine 2 with a --",
+		args:  []string{"--", "-r", "-v", "mysql/0:foo", "2:", "-q", "-l5"},
+		expected: argsSpec{
+			args:            "-r -v ubuntu@0.public:foo ubuntu@[2001:db8::1]: -q -l5",
+			hostKeyChecking: "yes",
+			knownHosts:      "0,2",
+		},
+	}, {
+		about: "scp from unit mysql/0 to current dir as 'sam' user",
+		args:  []string{"sam@mysql/0:foo", "."},
+		expected: argsSpec{
+			args:            "sam@0.public:foo .",
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+		},
 	}, {
 		about: "scp with no such machine",
 		args:  []string{"5:foo", "bar"},
-		error: `machine 5 not found \(not found\)`,
+		error: `machine 5 not found`,
+	}, {
+		about: "scp from arbitrary host name to current dir",
+		args:  []string{"some.host:foo", "."},
+		expected: argsSpec{
+			args:            "some.host:foo .",
+			hostKeyChecking: "",
+		},
+	}, {
+		about: "scp from arbitrary user & host to current dir",
+		args:  []string{"someone@some.host:foo", "."},
+		expected: argsSpec{
+			args:            "someone@some.host:foo .",
+			hostKeyChecking: "",
+		},
+	}, {
+		about: "scp with arbitrary host name and an entity",
+		args:  []string{"some.host:foo", "0:"},
+		error: `can't determine host keys for all targets: consider --no-host-key-checks`,
+	}, {
+		about: "scp with arbitrary host name and an entity, --no-host-key-checks",
+		args:  []string{"--no-host-key-checks", "some.host:foo", "0:"},
+		expected: argsSpec{
+			args:            "some.host:foo ubuntu@0.public:",
+			hostKeyChecking: "no",
+			knownHosts:      "null",
+		},
 	},
 }
 
 func (s *SCPSuite) TestSCPCommand(c *gc.C) {
-	m := s.makeMachines(4, c, true)
-	ch := testcharms.Repo.CharmDir("dummy")
-	curl := charm.MustParseURL(
-		fmt.Sprintf("local:quantal/%s-%d", ch.Meta().Name, ch.Revision()),
-	)
-	info := state.CharmInfo{
-		Charm:       ch,
-		ID:          curl,
-		StoragePath: "dummy-path",
-		SHA256:      "dummy-1-sha256",
-	}
-	dummyCharm, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	srv := s.AddTestingService(c, "mysql", dummyCharm)
-	s.addUnit(srv, m[0], c)
-
-	srv = s.AddTestingService(c, "mongodb", dummyCharm)
-	s.addUnit(srv, m[1], c)
-	s.addUnit(srv, m[2], c)
-	srv = s.AddTestingService(c, "ipv6-svc", dummyCharm)
-	s.addUnit(srv, m[3], c)
-	// Simulate machine 3 has a public IPv6 address.
-	ipv6Addr := network.NewScopedAddress("2001:db8::1", network.ScopePublic)
-	err = m[3].SetProviderAddresses(ipv6Addr)
-	c.Assert(err, jc.ErrorIsNil)
+	s.setupModel(c)
 
 	for i, t := range scpTests {
 		c.Logf("test %d: %s -> %s\n", i, t.about, t.args)
-		ctx := coretesting.Context(c)
-		scpcmd := &scpCommand{}
-		scpcmd.proxy = t.proxy
-
-		err := modelcmd.Wrap(scpcmd).Init(t.args)
-		c.Check(err, jc.ErrorIsNil)
-		err = modelcmd.Wrap(scpcmd).Run(ctx)
-		if t.error != "" {
-			c.Check(err, gc.ErrorMatches, t.error)
-			c.Check(t.result, gc.Equals, "")
-		} else {
-			c.Check(err, jc.ErrorIsNil)
-			// we suppress stdout from scp
-			c.Check(ctx.Stderr.(*bytes.Buffer).String(), gc.Equals, "")
-			c.Check(ctx.Stdout.(*bytes.Buffer).String(), gc.Equals, "")
-			data, err := ioutil.ReadFile(filepath.Join(s.bin, "scp.args"))
-			c.Check(err, jc.ErrorIsNil)
-			actual := string(data)
-			if t.proxy {
-				actual = strings.Replace(actual, ".dns", ".internal", 2)
-			}
-			c.Check(actual, gc.Equals, t.result)
-		}
-	}
-}
-
-type userHost struct {
-	user string
-	host string
-}
-
-var userHostsFromTargets = map[string]userHost{
-	"0":               {"ubuntu", "admin-0.dns"},
-	"mysql/0":         {"ubuntu", "admin-0.dns"},
-	"mongodb/0":       {"ubuntu", "admin-1.dns"},
-	"mongodb/1":       {"ubuntu", "admin-2.dns"},
-	"mongo@mongodb/1": {"mongo", "admin-2.dns"},
-	"ipv6-svc/0":      {"ubuntu", "2001:db8::1"},
-}
-
-func dummyHostsFromTarget(target string) (string, string, error) {
-	if res, ok := userHostsFromTargets[target]; ok {
-		return res.user, res.host, nil
-	}
-	return "ubuntu", target, nil
-}
 
-func (s *expandArgsSuite) TestSCPExpandArgs(c *gc.C) {
-	for i, t := range scpTests {
+		ctx, err := coretesting.RunCommand(c, newSCPCommand(), t.args...)
 		if t.error != "" {
-			// We are just running a focused set of tests on
-			// expandArgs, we aren't implementing the full
-			// userHostsFromTargets to actually trigger errors
-			continue
-		}
-		c.Logf("test %d: %s -> %s\n", i, t.about, t.args)
-		// expandArgs doesn't add the commonArgs prefix, so strip it
-		// off, along with the trailing '\n'
-		var argString string
-		if t.proxy {
-			c.Check(strings.HasPrefix(t.result, commonArgsWithProxy), jc.IsTrue)
-			argString = t.result[len(commonArgsWithProxy):]
+			c.Check(err, gc.ErrorMatches, t.error)
 		} else {
-			c.Check(strings.HasPrefix(t.result, commonArgs), jc.IsTrue)
-			argString = t.result[len(commonArgs):]
+			c.Assert(err, jc.ErrorIsNil)
+			// we suppress stdout from scp, so get the scp args used
+			// from the "scp.args" file that the fake scp executable
+			// installed by SSHCommonSuite generates.
+			c.Check(coretesting.Stderr(ctx), gc.Equals, "")
+			c.Check(coretesting.Stdout(ctx), gc.Equals, "")
+			actual, err := ioutil.ReadFile(filepath.Join(s.binDir, "scp.args"))
+			c.Assert(err, jc.ErrorIsNil)
+			t.expected.check(c, string(actual))
 		}
-		c.Check(strings.HasSuffix(argString, "\n"), jc.IsTrue)
-		argString = argString[:len(argString)-1]
-		args := strings.Split(argString, " ")
-		expanded, err := expandArgs(t.args, func(target string) (string, string, error) {
-			if res, ok := userHostsFromTargets[target]; ok {
-				if t.proxy {
-					res.host = strings.Replace(res.host, ".dns", ".internal", 1)
-				}
-				return res.user, res.host, nil
-			}
-			return "ubuntu", target, nil
-		})
-		c.Check(err, jc.ErrorIsNil)
-		c.Check(expanded, gc.DeepEquals, args)
-	}
-}
-
-var expandTests = []struct {
-	about  string
-	args   []string
-	result []string
-}{
-	{
-		"don't expand params that start with '-'",
-		[]string{"-0:stuff", "0:foo", "."},
-		[]string{"-0:stuff", "ubuntu@admin-0.dns:foo", "."},
-	},
-}
-
-func (s *expandArgsSuite) TestExpandArgs(c *gc.C) {
-	for i, t := range expandTests {
-		c.Logf("test %d: %s -> %s\n", i, t.about, t.args)
-		expanded, err := expandArgs(t.args, dummyHostsFromTarget)
-		c.Check(err, jc.ErrorIsNil)
-		c.Check(expanded, gc.DeepEquals, t.result)
-	}
-}
-
-func (s *expandArgsSuite) TestExpandArgsPropagatesErrors(c *gc.C) {
-	erroringUserHostFromTargets := func(string) (string, string, error) {
-		return "", "", fmt.Errorf("this is my error")
 	}
-	expanded, err := expandArgs([]string{"foo:1", "bar"}, erroringUserHostFromTargets)
-	c.Assert(err, gc.ErrorMatches, "this is my error")
-	c.Check(expanded, gc.IsNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_common.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_common.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_common.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_common.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,365 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package commands
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net"
+	"os"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/utils"
+	"github.com/juju/utils/set"
+	"github.com/juju/utils/ssh"
+	"gopkg.in/juju/names.v2"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/juju/api/sshclient"
+	"github.com/juju/juju/cmd/modelcmd"
+)
+
+// SSHCommon implements functionality shared by sshCommand, SCPCommand
+// and DebugHooksCommand.
+type SSHCommon struct {
+	modelcmd.ModelCommandBase
+	proxy           bool
+	pty             bool
+	noHostKeyChecks bool
+	Target          string
+	Args            []string
+	apiClient       sshAPIClient
+	apiAddr         string
+	knownHostsPath  string
+}
+
+type sshAPIClient interface {
+	PublicAddress(target string) (string, error)
+	PrivateAddress(target string) (string, error)
+	PublicKeys(target string) ([]string, error)
+	Proxy() (bool, error)
+	Close() error
+}
+
+type resolvedTarget struct {
+	user   string
+	entity string
+	host   string
+}
+
+func (t *resolvedTarget) userHost() string {
+	if t.user == "" {
+		return t.host
+	}
+	return t.user + "@" + t.host
+}
+
+func (t *resolvedTarget) isAgent() bool {
+	return targetIsAgent(t.entity)
+}
+
+// attemptStarter is an interface corresponding to utils.AttemptStrategy
+type attemptStarter interface {
+	Start() attempt
+}
+
+type attempt interface {
+	Next() bool
+}
+
+type attemptStrategy utils.AttemptStrategy
+
+func (s attemptStrategy) Start() attempt {
+	return utils.AttemptStrategy(s).Start()
+}
+
+var sshHostFromTargetAttemptStrategy attemptStarter = attemptStrategy{
+	Total: 5 * time.Second,
+	Delay: 500 * time.Millisecond,
+}
+
+func (c *SSHCommon) SetFlags(f *gnuflag.FlagSet) {
+	f.BoolVar(&c.proxy, "proxy", false, "Proxy through the API server")
+	f.BoolVar(&c.pty, "pty", true, "Enable pseudo-tty allocation")
+	f.BoolVar(&c.noHostKeyChecks, "no-host-key-checks", false, "Skip host key checking (INSECURE)")
+}
+
+// initRun initializes the API connection if required, and determines
+// if SSH proxying is required. It must be called at the top of the
+// command's Run method.
+//
+// The apiClient, apiAddr and proxy fields are initialized after this
+// call.
+func (c *SSHCommon) initRun() error {
+	if err := c.ensureAPIClient(); err != nil {
+		return errors.Trace(err)
+	}
+	if proxy, err := c.proxySSH(); err != nil {
+		return errors.Trace(err)
+	} else {
+		c.proxy = proxy
+	}
+	return nil
+}
+
+// cleanupRun removes the temporary SSH known_hosts file (if one was
+// created) and closes the API connection. It must be called at the
+// end of the command's Run (i.e. as a defer).
+func (c *SSHCommon) cleanupRun() {
+	if c.knownHostsPath != "" {
+		os.Remove(c.knownHostsPath)
+		c.knownHostsPath = ""
+	}
+	if c.apiClient != nil {
+		c.apiClient.Close()
+		c.apiClient = nil
+	}
+}
+
+// getSSHOptions configures SSH options based on command line
+// arguments and the SSH targets specified.
+func (c *SSHCommon) getSSHOptions(enablePty bool, targets ...*resolvedTarget) (*ssh.Options, error) {
+	var options ssh.Options
+
+	if c.noHostKeyChecks {
+		options.SetStrictHostKeyChecking(ssh.StrictHostChecksNo)
+		options.SetKnownHostsFile("/dev/null")
+	} else {
+		knownHostsPath, err := c.generateKnownHosts(targets)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+
+		// There might not be a custom known_hosts file if the SSH
+		// targets are specified using arbitrary hostnames or
+		// addresses. In this case, the user's personal known_hosts
+		// file is used.
+
+		if knownHostsPath != "" {
+			// When a known_hosts file has been generated, enforce
+			// strict host key checking.
+			options.SetStrictHostKeyChecking(ssh.StrictHostChecksYes)
+			options.SetKnownHostsFile(knownHostsPath)
+		} else {
+			// If the user's personal known_hosts is used, also use
+			// the user's personal StrictHostKeyChecking preferences.
+			options.SetStrictHostKeyChecking(ssh.StrictHostChecksUnset)
+		}
+	}
+
+	if enablePty {
+		options.EnablePTY()
+	}
+
+	if c.proxy {
+		if err := c.setProxyCommand(&options); err != nil {
+			return nil, err
+		}
+	}
+
+	return &options, nil
+}
+
+// generateKnownHosts takes the provided targets, retrieves the SSH
+// public host keys for them and generates a temporary known_hosts
+// file for them.
+func (c *SSHCommon) generateKnownHosts(targets []*resolvedTarget) (string, error) {
+	knownHosts := newKnownHostsBuilder()
+	agentCount := 0
+	nonAgentCount := 0
+	for _, target := range targets {
+		if target.isAgent() {
+			agentCount++
+			keys, err := c.apiClient.PublicKeys(target.entity)
+			if err != nil {
+				return "", errors.Annotatef(err, "retrieving SSH host keys for %q", target.entity)
+			}
+			knownHosts.add(target.host, keys)
+		} else {
+			nonAgentCount++
+		}
+	}
+
+	if agentCount > 0 && nonAgentCount > 0 {
+		return "", errors.New("can't determine host keys for all targets: consider --no-host-key-checks")
+	}
+
+	if knownHosts.size() == 0 {
+		// No public keys to write so exit early.
+		return "", nil
+	}
+
+	f, err := ioutil.TempFile("", "ssh_known_hosts")
+	if err != nil {
+		return "", errors.Annotate(err, "creating known hosts file")
+	}
+	defer f.Close()
+	c.knownHostsPath = f.Name() // Record for later deletion
+	if knownHosts.write(f); err != nil {
+		return "", errors.Trace(err)
+	}
+	return c.knownHostsPath, nil
+}
+
+// proxySSH returns false if both c.proxy and the proxy-ssh model
+// configuration are false -- otherwise it returns true.
+func (c *SSHCommon) proxySSH() (bool, error) {
+	if c.proxy {
+		// No need to check the API if user explictly requested
+		// proxying.
+		return true, nil
+	}
+	proxy, err := c.apiClient.Proxy()
+	if err != nil {
+		return false, errors.Trace(err)
+	}
+	logger.Debugf("proxy-ssh is %v", proxy)
+	return proxy, nil
+}
+
+// setProxyCommand sets the proxy command option.
+func (c *SSHCommon) setProxyCommand(options *ssh.Options) error {
+	apiServerHost, _, err := net.SplitHostPort(c.apiAddr)
+	if err != nil {
+		return fmt.Errorf("failed to get proxy address: %v", err)
+	}
+	juju, err := getJujuExecutable()
+	if err != nil {
+		return fmt.Errorf("failed to get juju executable path: %v", err)
+	}
+
+	// TODO(mjs) 2016-05-09 LP #1579592 - It would be good to check the
+	// host key of the controller machine being used for proxying
+	// here. This isn't too serious as all traffic passing through the
+	// controller host is encrypted and the host key of the ultimate
+	// target host is verified but it would still be better to perform
+	// this extra level of checking.
+	options.SetProxyCommand(
+		juju, "ssh",
+		"--proxy=false",
+		"--no-host-key-checks",
+		"--pty=false",
+		"ubuntu@"+apiServerHost,
+		"-q",
+		"nc %h %p",
+	)
+	return nil
+}
+
+func (c *SSHCommon) ensureAPIClient() error {
+	if c.apiClient != nil {
+		return nil
+	}
+	return errors.Trace(c.initAPIClient())
+}
+
+// initAPIClient initialises the API connection.
+func (c *SSHCommon) initAPIClient() error {
+	conn, err := c.NewAPIRoot()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	c.apiClient = sshclient.NewFacade(conn)
+	c.apiAddr = conn.Addr()
+	return nil
+}
+
+func (c *SSHCommon) resolveTarget(target string) (*resolvedTarget, error) {
+	out := new(resolvedTarget)
+	out.user, out.entity = splitUserTarget(target)
+
+	// If the target is neither a machine nor a unit assume it's a
+	// hostname and try it directly.
+	if !targetIsAgent(out.entity) {
+		out.host = out.entity
+		return out, nil
+	}
+
+	if out.user == "" {
+		out.user = "ubuntu"
+	}
+
+	// A target may not initially have an address (e.g. the
+	// address updater hasn't yet run), so we must do this in
+	// a loop.
+	var err error
+	for a := sshHostFromTargetAttemptStrategy.Start(); a.Next(); {
+		if c.proxy {
+			out.host, err = c.apiClient.PrivateAddress(out.entity)
+		} else {
+			out.host, err = c.apiClient.PublicAddress(out.entity)
+		}
+		if err == nil {
+			return out, nil
+		}
+	}
+	return nil, err
+}
+
+// AllowInterspersedFlags for ssh/scp is set to false so that
+// flags after the unit name are passed through to ssh, for eg.
+// `juju ssh -v application-name/0 uname -a`.
+func (c *SSHCommon) AllowInterspersedFlags() bool {
+	return false
+}
+
+// getJujuExecutable returns the path to the juju
+// executable, or an error if it could not be found.
+var getJujuExecutable = func() (string, error) {
+	return exec.LookPath(os.Args[0])
+}
+
+func targetIsAgent(target string) bool {
+	return names.IsValidMachine(target) || names.IsValidUnit(target)
+}
+
+func splitUserTarget(target string) (string, string) {
+	if i := strings.IndexRune(target, '@'); i != -1 {
+		return target[:i], target[i+1:]
+	}
+	return "", target
+}
+
+func newKnownHostsBuilder() *knownHostsBuilder {
+	return &knownHostsBuilder{
+		seen: set.NewStrings(),
+	}
+}
+
+// knownHostsBuilder supports the construction of a SSH known_hosts file.
+type knownHostsBuilder struct {
+	lines []string
+	seen  set.Strings
+}
+
+func (b *knownHostsBuilder) add(host string, keys []string) {
+	if b.seen.Contains(host) {
+		return
+	}
+	b.seen.Add(host)
+	for _, key := range keys {
+		b.lines = append(b.lines, host+" "+key+"\n")
+	}
+}
+
+func (b *knownHostsBuilder) write(w io.Writer) error {
+	bufw := bufio.NewWriter(w)
+	for _, line := range b.lines {
+		_, err := bufw.WriteString(line)
+		if err != nil {
+			return errors.Annotate(err, "writing known hosts file")
+		}
+	}
+	bufw.Flush()
+	return nil
+}
+
+func (b *knownHostsBuilder) size() int {
+	return len(b.lines)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_common_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_common_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_common_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,201 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package commands
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/ssh"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/network"
+	"github.com/juju/juju/state"
+)
+
+// argsSpec is a test helper which converts a number of options into
+// expected ssh/scp command lines.
+type argsSpec struct {
+	// hostKeyChecking specifies the expected StrictHostKeyChecking
+	// option.
+	hostKeyChecking string
+
+	// withProxy specifies if the juju ProxyCommand option is
+	// expected.
+	withProxy bool
+
+	// enablePty specifies if the forced PTY allocation switches are
+	// expected.
+	enablePty bool
+
+	// knownHosts may either be:
+	// a comma separated list of machine ids - the host keys for these
+	//    machines are expected in the UserKnownHostsFile
+	// "null" - the UserKnownHostsFile must be "/dev/null"
+	// empty - no UserKnownHostsFile option expected
+	knownHosts string
+
+	// args specifies any other command line arguments expected. This
+	// includes the SSH/SCP targets.
+	args string
+}
+
+func (s *argsSpec) check(c *gc.C, output string) {
+	// The first line in the output from the fake ssh/scp is the
+	// command line. The remaining lines should contain the contents
+	// of the UserKnownHostsFile file provided (if any).
+	parts := strings.SplitN(output, "\n", 2)
+	actualCommandLine := parts[0]
+	actualKnownHosts := ""
+	if len(parts) == 2 {
+		actualKnownHosts = parts[1]
+	}
+
+	var expected []string
+	expect := func(part string) {
+		expected = append(expected, part)
+	}
+	if s.hostKeyChecking != "" {
+		expect("-o StrictHostKeyChecking " + s.hostKeyChecking)
+	}
+
+	if s.withProxy {
+		expect("-o ProxyCommand juju ssh --proxy=false --no-host-key-checks " +
+			"--pty=false ubuntu@localhost -q \"nc %h %p\"")
+	}
+	expect("-o PasswordAuthentication no -o ServerAliveInterval 30")
+	if s.enablePty {
+		expect("-t -t")
+	}
+	if s.knownHosts == "null" {
+		expect(`-o UserKnownHostsFile /dev/null`)
+	} else if s.knownHosts == "" {
+		// No UserKnownHostsFile option expected.
+	} else {
+		expect(`-o UserKnownHostsFile \S+`)
+
+		// Check that the provided known_hosts file contained the
+		// expected keys.
+		c.Check(actualKnownHosts, gc.Matches, s.expectedKnownHosts())
+	}
+
+	// Check the command line matches what is expected.
+	pattern := "^" + strings.Join(expected, " ") + " " + regexp.QuoteMeta(s.args) + "$"
+	c.Check(actualCommandLine, gc.Matches, pattern)
+}
+
+func (s *argsSpec) expectedKnownHosts() string {
+	out := ""
+	for _, id := range strings.Split(s.knownHosts, ",") {
+		out += fmt.Sprintf(".+ dsa-%s\n.+ rsa-%s\n", id, id)
+	}
+	return out
+}
+
+type SSHCommonSuite struct {
+	testing.JujuConnSuite
+	knownHostsDir string
+	binDir        string
+}
+
+// Commands to patch
+var patchedCommands = []string{"ssh", "scp"}
+
+// fakecommand outputs its arguments to stdout for verification
+var fakecommand = `#!/bin/bash
+
+{
+    echo "$@"
+
+    # If a custom known_hosts file was passed, emit the contents of
+    # that too.
+    while (( "$#" )); do
+        if [[ $1 = UserKnownHostsFile* ]]; then
+            IFS=" " read -ra parts <<< $1
+            cat "${parts[1]}"
+            break
+        fi
+        shift
+    done
+}| tee $0.args
+`
+
+func (s *SSHCommonSuite) SetUpTest(c *gc.C) {
+	s.JujuConnSuite.SetUpTest(c)
+	ssh.ClearClientKeys()
+	s.PatchValue(&getJujuExecutable, func() (string, error) { return "juju", nil })
+
+	s.binDir = c.MkDir()
+	s.PatchEnvPathPrepend(s.binDir)
+	for _, name := range patchedCommands {
+		f, err := os.OpenFile(filepath.Join(s.binDir, name), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0777)
+		c.Assert(err, jc.ErrorIsNil)
+		_, err = f.Write([]byte(fakecommand))
+		c.Assert(err, jc.ErrorIsNil)
+		err = f.Close()
+		c.Assert(err, jc.ErrorIsNil)
+	}
+
+	client, _ := ssh.NewOpenSSHClient()
+	s.PatchValue(&ssh.DefaultClient, client)
+}
+
+func (s *SSHCommonSuite) setupModel(c *gc.C) {
+	// Add machine-0 with a mysql service and mysql/0 unit
+	u := s.Factory.MakeUnit(c, nil)
+
+	// Set addresses and keys for machine-0
+	m := s.getMachineForUnit(c, u)
+	s.setAddresses(c, m)
+	s.setKeys(c, m)
+
+	// machine-1 has no public host keys available.
+	m1 := s.Factory.MakeMachine(c, nil)
+	s.setAddresses(c, m1)
+
+	// machine-2 has IPv6 addresses
+	m2 := s.Factory.MakeMachine(c, nil)
+	s.setAddresses6(c, m2)
+	s.setKeys(c, m2)
+}
+
+func (s *SSHCommonSuite) getMachineForUnit(c *gc.C, u *state.Unit) *state.Machine {
+	machineId, err := u.AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	m, err := s.State.Machine(machineId)
+	c.Assert(err, jc.ErrorIsNil)
+	return m
+}
+
+func (s *SSHCommonSuite) setAddresses(c *gc.C, m *state.Machine) {
+	addrPub := network.NewScopedAddress(
+		fmt.Sprintf("%s.public", m.Id()),
+		network.ScopePublic,
+	)
+	addrPriv := network.NewScopedAddress(
+		fmt.Sprintf("%s.private", m.Id()),
+		network.ScopeCloudLocal,
+	)
+	err := m.SetProviderAddresses(addrPub, addrPriv)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *SSHCommonSuite) setAddresses6(c *gc.C, m *state.Machine) {
+	addrPub := network.NewScopedAddress("2001:db8::1", network.ScopePublic)
+	addrPriv := network.NewScopedAddress("fc00:bbb::1", network.ScopeCloudLocal)
+	err := m.SetProviderAddresses(addrPub, addrPriv)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *SSHCommonSuite) setKeys(c *gc.C, m *state.Machine) {
+	id := m.Id()
+	keys := state.SSHHostKeys{"dsa-" + id, "rsa-" + id}
+	err := s.State.SetSSHHostKeys(m.MachineTag(), keys)
+	c.Assert(err, jc.ErrorIsNil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,20 +5,12 @@
 
 import (
 	"fmt"
-	"net"
-	"os"
-	"os/exec"
-	"strings"
-	"time"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
-	"github.com/juju/utils"
+	"github.com/juju/errors"
 	"github.com/juju/utils/ssh"
-	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/environs/config"
 )
 
 var usageSSHSummary = `
@@ -26,11 +18,16 @@
 
 var usageSSHDetails = `
 The machine is identified by the <target> argument which is either a 'unit
-name' or a 'machine id'. Both are obtained in the output to `[1:] + "`juju status`" + `.
-If 'user' is specified then the connection is made to that user account;
+name' or a 'machine id'. Both are obtained in the output to "juju status". If
+'user' is specified then the connection is made to that user account;
 otherwise, the default 'ubuntu' account, created by Juju, is used.
-The optional command is executed on the remote machine. Any output is sent
-back to the user. Screen-based programs require the default of '--pty=true'.
+
+The optional command is executed on the remote machine. Any output is sent back
+to the user. Screen-based programs require the default of '--pty=true'.
+
+The SSH host keys of the target are verified. The --no-host-key-checks option
+can be used to disable these checks. Use of this option is not recommended as
+it opens up the possibility of a man-in-the-middle attack.
 
 Examples:
 Connect to machine 0:
@@ -61,36 +58,6 @@
 	SSHCommon
 }
 
-// SSHCommon provides common methods for sshCommand, SCPCommand and DebugHooksCommand.
-type SSHCommon struct {
-	modelcmd.ModelCommandBase
-	proxy     bool
-	pty       bool
-	Target    string
-	Args      []string
-	apiClient sshAPIClient
-	apiAddr   string
-}
-
-func (c *SSHCommon) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.proxy, "proxy", false, "Proxy through the API server")
-	f.BoolVar(&c.pty, "pty", true, "Enable pseudo-tty allocation")
-}
-
-// setProxyCommand sets the proxy command option.
-func (c *SSHCommon) setProxyCommand(options *ssh.Options) error {
-	apiServerHost, _, err := net.SplitHostPort(c.apiAddr)
-	if err != nil {
-		return fmt.Errorf("failed to get proxy address: %v", err)
-	}
-	juju, err := getJujuExecutable()
-	if err != nil {
-		return fmt.Errorf("failed to get juju executable path: %v", err)
-	}
-	options.SetProxyCommand(juju, "ssh", "--proxy=false", "--pty=false", apiServerHost, "nc", "%h", "%p")
-	return nil
-}
-
 func (c *sshCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "ssh",
@@ -108,165 +75,28 @@
 	return nil
 }
 
-// getJujuExecutable returns the path to the juju
-// executable, or an error if it could not be found.
-var getJujuExecutable = func() (string, error) {
-	return exec.LookPath(os.Args[0])
-}
-
-// getSSHOptions configures and returns SSH options and proxy settings.
-func (c *SSHCommon) getSSHOptions(enablePty bool) (*ssh.Options, error) {
-	var options ssh.Options
-
-	// TODO(waigani) do not save fingerprint only until this bug is addressed:
-	// lp:892552. Also see lp:1334481.
-	options.SetKnownHostsFile("/dev/null")
-	if enablePty {
-		options.EnablePTY()
-	}
-	var err error
-	if c.proxy, err = c.proxySSH(); err != nil {
-		return nil, err
-	} else if c.proxy {
-		if err := c.setProxyCommand(&options); err != nil {
-			return nil, err
-		}
-	}
-	return &options, nil
-}
-
 // Run resolves c.Target to a machine, to the address of a i
 // machine or unit forks ssh passing any arguments provided.
 func (c *sshCommand) Run(ctx *cmd.Context) error {
-	if c.apiClient == nil {
-		// If the apClient is not already opened and it is opened
-		// by ensureAPIClient, then close it when we're done.
-		defer func() {
-			if c.apiClient != nil {
-				c.apiClient.Close()
-				c.apiClient = nil
-			}
-		}()
+	err := c.initRun()
+	if err != nil {
+		return errors.Trace(err)
 	}
-	options, err := c.getSSHOptions(c.pty)
+	defer c.cleanupRun()
+
+	target, err := c.resolveTarget(c.Target)
 	if err != nil {
 		return err
 	}
 
-	user, host, err := c.userHostFromTarget(c.Target)
+	options, err := c.getSSHOptions(c.pty, target)
 	if err != nil {
 		return err
 	}
-	cmd := ssh.Command(user+"@"+host, c.Args, options)
+
+	cmd := ssh.Command(target.userHost(), c.Args, options)
 	cmd.Stdin = ctx.Stdin
 	cmd.Stdout = ctx.Stdout
 	cmd.Stderr = ctx.Stderr
 	return cmd.Run()
 }
-
-// proxySSH returns false if both c.proxy and
-// the proxy-ssh environment configuration
-// are false -- otherwise it returns true.
-func (c *SSHCommon) proxySSH() (bool, error) {
-	if _, err := c.ensureAPIClient(); err != nil {
-		return false, err
-	}
-	var cfg *config.Config
-	attrs, err := c.apiClient.ModelGet()
-	if err == nil {
-		cfg, err = config.New(config.NoDefaults, attrs)
-	}
-	if err != nil {
-		return false, err
-	}
-	logger.Debugf("proxy-ssh is %v", cfg.ProxySSH())
-
-	return cfg.ProxySSH() || c.proxy, nil
-}
-
-func (c *SSHCommon) ensureAPIClient() (sshAPIClient, error) {
-	if c.apiClient != nil {
-		return c.apiClient, nil
-	}
-	return c.initAPIClient()
-}
-
-// initAPIClient initialises the API connection.
-// It is the caller's responsibility to close the connection.
-func (c *SSHCommon) initAPIClient() (sshAPIClient, error) {
-	st, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, err
-	}
-	c.apiClient = st.Client()
-	c.apiAddr = st.Addr()
-	return c.apiClient, nil
-}
-
-type sshAPIClient interface {
-	ModelGet() (map[string]interface{}, error)
-	PublicAddress(target string) (string, error)
-	PrivateAddress(target string) (string, error)
-	Close() error
-}
-
-// attemptStarter is an interface corresponding to utils.AttemptStrategy
-type attemptStarter interface {
-	Start() attempt
-}
-
-type attempt interface {
-	Next() bool
-}
-
-type attemptStrategy utils.AttemptStrategy
-
-func (s attemptStrategy) Start() attempt {
-	return utils.AttemptStrategy(s).Start()
-}
-
-var sshHostFromTargetAttemptStrategy attemptStarter = attemptStrategy{
-	Total: 5 * time.Second,
-	Delay: 500 * time.Millisecond,
-}
-
-func (c *SSHCommon) userHostFromTarget(target string) (user, host string, err error) {
-	if i := strings.IndexRune(target, '@'); i != -1 {
-		user = target[:i]
-		target = target[i+1:]
-	} else {
-		user = "ubuntu"
-	}
-
-	// If the target is neither a machine nor a unit,
-	// assume it's a hostname and try it directly.
-	if !names.IsValidMachine(target) && !names.IsValidUnit(target) {
-		return user, target, nil
-	}
-
-	// A target may not initially have an address (e.g. the
-	// address updater hasn't yet run), so we must do this in
-	// a loop.
-	if _, err := c.ensureAPIClient(); err != nil {
-		return "", "", err
-	}
-	for a := sshHostFromTargetAttemptStrategy.Start(); a.Next(); {
-		var addr string
-		if c.proxy {
-			addr, err = c.apiClient.PrivateAddress(target)
-		} else {
-			addr, err = c.apiClient.PublicAddress(target)
-		}
-		if err == nil {
-			return user, addr, nil
-		}
-	}
-	return "", "", err
-}
-
-// AllowInterspersedFlags for ssh/scp is set to false so that
-// flags after the unit name are passed through to ssh, for eg.
-// `juju ssh -v service-name/0 uname -a`.
-func (c *SSHCommon) AllowInterspersedFlags() bool {
-	return false
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/sshkeys_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/sshkeys_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/sshkeys_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/sshkeys_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,7 +36,7 @@
 }
 
 func (s *SSHKeysSuite) TestHelpList(c *gc.C) {
-	s.assertHelpOutput(c, "list-ssh-keys", "")
+	s.assertHelpOutput(c, "ssh-keys", "")
 }
 
 func (s *SSHKeysSuite) TestHelpAdd(c *gc.C) {
@@ -58,7 +58,7 @@
 
 func (s *keySuiteBase) SetUpSuite(c *gc.C) {
 	s.JujuConnSuite.SetUpSuite(c)
-	s.PatchEnvironment(osenv.JujuModelEnvKey, "admin")
+	s.PatchEnvironment(osenv.JujuModelEnvKey, "controller")
 }
 
 func (s *keySuiteBase) SetUpTest(c *gc.C) {
@@ -99,7 +99,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	output := strings.TrimSpace(coretesting.Stdout(context))
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(output, gc.Matches, "Keys used in model: admin\n.*\\(user@host\\)\n.*\\(another@host\\)")
+	c.Assert(output, gc.Matches, "Keys used in model: controller\n.*\\(user@host\\)\n.*\\(another@host\\)")
 }
 
 func (s *ListKeysSuite) TestListFullKeys(c *gc.C) {
@@ -111,7 +111,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	output := strings.TrimSpace(coretesting.Stdout(context))
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(output, gc.Matches, "Keys used in model: admin\n.*user@host\n.*another@host")
+	c.Assert(output, gc.Matches, "Keys used in model: controller\n.*user@host\n.*another@host")
 }
 
 func (s *ListKeysSuite) TestTooManyArgs(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,262 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package commands
-
-import (
-	"bytes"
-	"fmt"
-	"os"
-	"path/filepath"
-	"reflect"
-	"strings"
-
-	"github.com/juju/cmd"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/ssh"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/apiserver"
-	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/testcharms"
-	coretesting "github.com/juju/juju/testing"
-)
-
-var _ = gc.Suite(&SSHSuite{})
-
-type SSHSuite struct {
-	SSHCommonSuite
-}
-
-type SSHCommonSuite struct {
-	testing.JujuConnSuite
-	bin string
-}
-
-func (s *SSHCommonSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-	ssh.ClearClientKeys()
-	s.PatchValue(&getJujuExecutable, func() (string, error) { return "juju", nil })
-
-	s.bin = c.MkDir()
-	s.PatchEnvPathPrepend(s.bin)
-	for _, name := range patchedCommands {
-		f, err := os.OpenFile(filepath.Join(s.bin, name), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0777)
-		c.Assert(err, jc.ErrorIsNil)
-		_, err = f.Write([]byte(fakecommand))
-		c.Assert(err, jc.ErrorIsNil)
-		err = f.Close()
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	client, _ := ssh.NewOpenSSHClient()
-	s.PatchValue(&ssh.DefaultClient, client)
-}
-
-const (
-	args                = `-o StrictHostKeyChecking no -o PasswordAuthentication no -o ServerAliveInterval 30 `
-	withProxy           = `-o StrictHostKeyChecking no -o ProxyCommand juju ssh --proxy=false --pty=false localhost nc %h %p -o PasswordAuthentication no -o ServerAliveInterval 30 `
-	commonArgsWithProxy = withProxy + `-o UserKnownHostsFile /dev/null `
-	commonArgs          = args + `-o UserKnownHostsFile /dev/null `
-	sshArgs             = args + `-t -t -o UserKnownHostsFile /dev/null `
-	sshArgsWithProxy    = withProxy + `-t -t -o UserKnownHostsFile /dev/null `
-)
-
-var sshTests = []struct {
-	about  string
-	args   []string
-	result string
-}{
-	{
-		"connect to machine 0",
-		[]string{"ssh", "0"},
-		sshArgs + "ubuntu@admin-0.dns",
-	},
-	{
-		"connect to machine 0 and pass extra arguments",
-		[]string{"ssh", "0", "uname", "-a"},
-		sshArgs + "ubuntu@admin-0.dns uname -a",
-	},
-	{
-		"connect to unit mysql/0",
-		[]string{"ssh", "mysql/0"},
-		sshArgs + "ubuntu@admin-0.dns",
-	},
-	{
-		"connect to unit mongodb/1 as the mongo user",
-		[]string{"ssh", "mongo@mongodb/1"},
-		sshArgs + "mongo@admin-2.dns",
-	},
-	{
-		"connect to unit mongodb/1 and pass extra arguments",
-		[]string{"ssh", "mongodb/1", "ls", "/"},
-		sshArgs + "ubuntu@admin-2.dns ls /",
-	},
-	{
-		"connect to unit mysql/0 with proxy",
-		[]string{"ssh", "--proxy=true", "mysql/0"},
-		sshArgsWithProxy + "ubuntu@admin-0.internal",
-	},
-}
-
-func (s *SSHSuite) TestSSHCommand(c *gc.C) {
-	m := s.makeMachines(3, c, true)
-	ch := testcharms.Repo.CharmDir("dummy")
-	curl := charm.MustParseURL(
-		fmt.Sprintf("local:quantal/%s-%d", ch.Meta().Name, ch.Revision()),
-	)
-	info := state.CharmInfo{
-		Charm:       ch,
-		ID:          curl,
-		StoragePath: "dummy-path",
-		SHA256:      "dummy-1-sha256",
-	}
-	dummy, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	srv := s.AddTestingService(c, "mysql", dummy)
-	s.addUnit(srv, m[0], c)
-
-	srv = s.AddTestingService(c, "mongodb", dummy)
-	s.addUnit(srv, m[1], c)
-	s.addUnit(srv, m[2], c)
-
-	for i, t := range sshTests {
-		c.Logf("test %d: %s -> %s", i, t.about, t.args)
-		ctx := coretesting.Context(c)
-		jujucmd := cmd.NewSuperCommand(cmd.SuperCommandParams{})
-		jujucmd.Register(newSSHCommand())
-
-		code := cmd.Main(jujucmd, ctx, t.args)
-		c.Check(code, gc.Equals, 0)
-		c.Check(ctx.Stderr.(*bytes.Buffer).String(), gc.Equals, "")
-		c.Check(strings.TrimRight(ctx.Stdout.(*bytes.Buffer).String(), "\r\n"), gc.Equals, t.result)
-	}
-}
-
-func (s *SSHSuite) TestSSHCommandEnvironProxySSH(c *gc.C) {
-	s.makeMachines(1, c, true)
-	// Setting proxy-ssh=true in the environment overrides --proxy.
-	err := s.State.UpdateModelConfig(map[string]interface{}{"proxy-ssh": true}, nil, nil)
-	c.Assert(err, jc.ErrorIsNil)
-	ctx := coretesting.Context(c)
-	jujucmd := cmd.NewSuperCommand(cmd.SuperCommandParams{})
-	jujucmd.Register(newSSHCommand())
-	code := cmd.Main(jujucmd, ctx, []string{"ssh", "0"})
-	c.Check(code, gc.Equals, 0)
-	c.Check(ctx.Stderr.(*bytes.Buffer).String(), gc.Equals, "")
-	c.Check(strings.TrimRight(ctx.Stdout.(*bytes.Buffer).String(), "\r\n"), gc.Equals, sshArgsWithProxy+"ubuntu@admin-0.internal")
-}
-
-func (s *SSHSuite) TestSSHWillWorkInUpgrade(c *gc.C) {
-	// Check the API client interface used by "juju ssh" against what
-	// the API server will allow during upgrades. Ensure that the API
-	// server will allow all required API calls to support SSH.
-	type concrete struct {
-		sshAPIClient
-	}
-	t := reflect.TypeOf(concrete{})
-	for i := 0; i < t.NumMethod(); i++ {
-		name := t.Method(i).Name
-
-		// Close isn't an API method.
-		if name == "Close" {
-			continue
-		}
-		c.Logf("checking %q", name)
-		c.Check(apiserver.IsMethodAllowedDuringUpgrade("Client", name), jc.IsTrue)
-	}
-}
-
-type callbackAttemptStarter struct {
-	next func() bool
-}
-
-func (s *callbackAttemptStarter) Start() attempt {
-	return callbackAttempt{next: s.next}
-}
-
-type callbackAttempt struct {
-	next func() bool
-}
-
-func (a callbackAttempt) Next() bool {
-	return a.next()
-}
-
-func (s *SSHSuite) TestSSHCommandHostAddressRetry(c *gc.C) {
-	s.testSSHCommandHostAddressRetry(c, false)
-}
-
-func (s *SSHSuite) TestSSHCommandHostAddressRetryProxy(c *gc.C) {
-	s.testSSHCommandHostAddressRetry(c, true)
-}
-
-func (s *SSHSuite) testSSHCommandHostAddressRetry(c *gc.C, proxy bool) {
-	m := s.makeMachines(1, c, false)
-	ctx := coretesting.Context(c)
-
-	var called int
-	next := func() bool {
-		called++
-		return called < 2
-	}
-	attemptStarter := &callbackAttemptStarter{next: next}
-	s.PatchValue(&sshHostFromTargetAttemptStrategy, attemptStarter)
-
-	// Ensure that the ssh command waits for a public address, or the attempt
-	// strategy's Done method returns false.
-	args := []string{"--proxy=" + fmt.Sprint(proxy), "0"}
-	code := cmd.Main(newSSHCommand(), ctx, args)
-	c.Check(code, gc.Equals, 1)
-	c.Assert(called, gc.Equals, 2)
-	called = 0
-	attemptStarter.next = func() bool {
-		called++
-		if called > 1 {
-			s.setAddresses(m[0], c)
-		}
-		return true
-	}
-	code = cmd.Main(newSSHCommand(), ctx, args)
-	c.Check(code, gc.Equals, 0)
-	c.Assert(called, gc.Equals, 2)
-}
-
-func (s *SSHCommonSuite) setAddresses(m *state.Machine, c *gc.C) {
-	addrPub := network.NewScopedAddress(
-		fmt.Sprintf("admin-%s.dns", m.Id()),
-		network.ScopePublic,
-	)
-	addrPriv := network.NewScopedAddress(
-		fmt.Sprintf("admin-%s.internal", m.Id()),
-		network.ScopeCloudLocal,
-	)
-	err := m.SetProviderAddresses(addrPub, addrPriv)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *SSHCommonSuite) makeMachines(n int, c *gc.C, setAddresses bool) []*state.Machine {
-	var machines = make([]*state.Machine, n)
-	for i := 0; i < n; i++ {
-		m, err := s.State.AddMachine("quantal", state.JobHostUnits)
-		c.Assert(err, jc.ErrorIsNil)
-		if setAddresses {
-			s.setAddresses(m, c)
-		}
-		// must set an instance id as the ssh command uses that as a signal the
-		// machine has been provisioned
-		inst, md := testing.AssertStartInstance(c, s.Environ, m.Id())
-		c.Assert(m.SetProvisioned(inst.Id(), "fake_nonce", md), gc.IsNil)
-		machines[i] = m
-	}
-	return machines
-}
-
-func (s *SSHCommonSuite) addUnit(srv *state.Service, m *state.Machine, c *gc.C) {
-	u, err := srv.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = u.AssignToMachine(m)
-	c.Assert(err, jc.ErrorIsNil)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_unix_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_unix_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_unix_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_unix_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,11 +6,239 @@
 
 package commands
 
-// Commands to patch
-var patchedCommands = []string{"ssh", "scp"}
+import (
+	"fmt"
+	"reflect"
 
-// fakecommand outputs its arguments to stdout for verification
-var fakecommand = `#!/bin/bash
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
 
-echo "$@" | tee $0.args
-`
+	"github.com/juju/juju/apiserver"
+	coretesting "github.com/juju/juju/testing"
+)
+
+type SSHSuite struct {
+	SSHCommonSuite
+}
+
+var _ = gc.Suite(&SSHSuite{})
+
+var sshTests = []struct {
+	about       string
+	args        []string
+	expected    argsSpec
+	expectedErr string
+}{
+	{
+		about: "connect to machine 0",
+		args:  []string{"0"},
+		expected: argsSpec{
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+			enablePty:       true,
+			args:            "ubuntu@0.public",
+		},
+	},
+	{
+		about: "connect to machine 0 and pass extra arguments",
+		args:  []string{"0", "uname", "-a"},
+		expected: argsSpec{
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+			enablePty:       true,
+			args:            "ubuntu@0.public uname -a",
+		},
+	},
+	{
+		about: "connect to machine 0 with no pseudo-tty",
+		args:  []string{"--pty=false", "0"},
+		expected: argsSpec{
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+			enablePty:       false,
+			args:            "ubuntu@0.public",
+		},
+	},
+	{
+		about:       "connect to machine 1 which has no SSH host keys",
+		args:        []string{"1"},
+		expectedErr: `retrieving SSH host keys for "1": keys not found`,
+	},
+	{
+		about: "connect to machine 1 which has no SSH host keys, no host key checks",
+		args:  []string{"--no-host-key-checks", "1"},
+		expected: argsSpec{
+			hostKeyChecking: "no",
+			knownHosts:      "null",
+			enablePty:       true,
+			args:            "ubuntu@1.public",
+		},
+	},
+	{
+		about: "connect to arbitrary (non-entity) hostname",
+		args:  []string{"foo@some.host"},
+		expected: argsSpec{
+			// In this case, use the user's own known_hosts and own
+			// StrictHostKeyChecking config.
+			hostKeyChecking: "",
+			knownHosts:      "",
+			enablePty:       true,
+			args:            "foo@some.host",
+		},
+	},
+	{
+		about: "connect to unit mysql/0",
+		args:  []string{"mysql/0"},
+		expected: argsSpec{
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+			enablePty:       true,
+			args:            "ubuntu@0.public",
+		},
+	},
+	{
+		about: "connect to unit mysql/0 as the mongo user",
+		args:  []string{"mongo@mysql/0"},
+		expected: argsSpec{
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+			enablePty:       true,
+			args:            "mongo@0.public",
+		},
+	},
+	{
+		about: "connect to unit mysql/0 and pass extra arguments",
+		args:  []string{"mysql/0", "ls", "/"},
+		expected: argsSpec{
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+			enablePty:       true,
+			args:            "ubuntu@0.public ls /",
+		},
+	},
+	{
+		about: "connect to unit mysql/0 with proxy",
+		args:  []string{"--proxy=true", "mysql/0"},
+		expected: argsSpec{
+			hostKeyChecking: "yes",
+			knownHosts:      "0",
+			enablePty:       true,
+			withProxy:       true,
+			args:            "ubuntu@0.private",
+		},
+	},
+}
+
+func (s *SSHSuite) TestSSHCommand(c *gc.C) {
+	s.setupModel(c)
+
+	for i, t := range sshTests {
+		c.Logf("test %d: %s -> %s", i, t.about, t.args)
+
+		ctx, err := coretesting.RunCommand(c, newSSHCommand(), t.args...)
+		if t.expectedErr != "" {
+			c.Check(err, gc.ErrorMatches, t.expectedErr)
+		} else {
+			c.Check(err, jc.ErrorIsNil)
+			c.Check(coretesting.Stderr(ctx), gc.Equals, "")
+			stdout := coretesting.Stdout(ctx)
+			t.expected.check(c, stdout)
+		}
+	}
+}
+
+func (s *SSHSuite) TestSSHCommandModelConfigProxySSH(c *gc.C) {
+	s.setupModel(c)
+
+	// Setting proxy-ssh=true in the environment overrides --proxy.
+	err := s.State.UpdateModelConfig(map[string]interface{}{"proxy-ssh": true}, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	ctx, err := coretesting.RunCommand(c, newSSHCommand(), "0")
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(coretesting.Stderr(ctx), gc.Equals, "")
+	expectedArgs := argsSpec{
+		hostKeyChecking: "yes",
+		knownHosts:      "0",
+		enablePty:       true,
+		withProxy:       true,
+		args:            "ubuntu@0.private",
+	}
+	expectedArgs.check(c, coretesting.Stdout(ctx))
+}
+
+func (s *SSHSuite) TestSSHWillWorkInUpgrade(c *gc.C) {
+	// Check the API client interface used by "juju ssh" against what
+	// the API server will allow during upgrades. Ensure that the API
+	// server will allow all required API calls to support SSH.
+	type concrete struct {
+		sshAPIClient
+	}
+	t := reflect.TypeOf(concrete{})
+	for i := 0; i < t.NumMethod(); i++ {
+		name := t.Method(i).Name
+
+		// Close isn't an API method.
+		if name == "Close" {
+			continue
+		}
+		c.Logf("checking %q", name)
+		c.Check(apiserver.IsMethodAllowedDuringUpgrade("SSHClient", name), jc.IsTrue)
+	}
+}
+
+func (s *SSHSuite) TestSSHCommandHostAddressRetry(c *gc.C) {
+	s.testSSHCommandHostAddressRetry(c, false)
+}
+
+func (s *SSHSuite) TestSSHCommandHostAddressRetryProxy(c *gc.C) {
+	s.testSSHCommandHostAddressRetry(c, true)
+}
+
+func (s *SSHSuite) testSSHCommandHostAddressRetry(c *gc.C, proxy bool) {
+	m := s.Factory.MakeMachine(c, nil)
+	s.setKeys(c, m)
+
+	called := 0
+	attemptStarter := &callbackAttemptStarter{next: func() bool {
+		called++
+		return called < 2
+	}}
+	s.PatchValue(&sshHostFromTargetAttemptStrategy, attemptStarter)
+
+	// Ensure that the ssh command waits for a public address, or the attempt
+	// strategy's Done method returns false.
+	args := []string{"--proxy=" + fmt.Sprint(proxy), "0"}
+	_, err := coretesting.RunCommand(c, newSSHCommand(), args...)
+	c.Assert(err, gc.ErrorMatches, "no .+ address")
+	c.Assert(called, gc.Equals, 2)
+
+	called = 0
+	attemptStarter.next = func() bool {
+		called++
+		if called > 1 {
+			s.setAddresses(c, m)
+		}
+		return true
+	}
+
+	_, err = coretesting.RunCommand(c, newSSHCommand(), args...)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(called, gc.Equals, 2)
+}
+
+type callbackAttemptStarter struct {
+	next func() bool
+}
+
+func (s *callbackAttemptStarter) Start() attempt {
+	return callbackAttempt{next: s.next}
+}
+
+type callbackAttempt struct {
+	next func() bool
+}
+
+func (a callbackAttempt) Next() bool {
+	return a.next()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_windows_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_windows_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/ssh_windows_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/ssh_windows_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,23 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Copyright 2014 Cloudbase Solutions SRL
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// +build windows
-
-package commands
-
-// Commands to patch
-var patchedCommands = []string{"scp.cmd", "ssh.cmd"}
-
-// fakecommand outputs its arguments to stdout for verification
-var fakecommand = `@echo off
-setlocal enabledelayedexpansion
-set list=%1
-set argCount=0
-for %%x in (%*) do (
-set /A argCount+=1
-set "argVec[!argCount!]=%%~x"
-)
-for /L %%i in (2,1,%argCount%) do set list=!list! !argVec[%%i]!
-echo %list%
-`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/switch.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/switch.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/switch.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/switch.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,8 +18,6 @@
 func newSwitchCommand() cmd.Command {
 	cmd := &switchCommand{
 		Store: jujuclient.NewFileClientStore(),
-		ReadCurrentController:  modelcmd.ReadCurrentController,
-		WriteCurrentController: modelcmd.WriteCurrentController,
 	}
 	cmd.RefreshModels = cmd.JujuCommandBase.RefreshModels
 	return modelcmd.WrapBase(cmd)
@@ -27,9 +25,7 @@
 
 type switchCommand struct {
 	modelcmd.JujuCommandBase
-	RefreshModels          func(jujuclient.ClientStore, string, string) error
-	ReadCurrentController  func() (string, error)
-	WriteCurrentController func(string) error
+	RefreshModels func(jujuclient.ClientStore, string) error
 
 	Store  jujuclient.ClientStore
 	Target string
@@ -45,7 +41,7 @@
 you get is the active model for that controller. If you want a different
 model then you must switch using controller:model notation or switch to 
 the controller and then to the model. 
-The `[1:] + "`juju list-models`" + ` command can be used to determine the active model
+The `[1:] + "`juju models`" + ` command can be used to determine the active model
 (of any controller). An asterisk denotes it.
 
 Examples:
@@ -55,8 +51,8 @@
     juju switch mycontroller:mymodel
 
 See also: 
-    list-controllers
-    list-models
+    controllers
+    models
     show-controller`
 
 func (c *switchCommand) Info() *cmd.Info {
@@ -78,8 +74,10 @@
 
 	// Get the current name for logging the transition or printing
 	// the current controller/model.
-	currentControllerName, err := c.ReadCurrentController()
-	if err != nil {
+	currentControllerName, err := c.Store.CurrentController()
+	if errors.IsNotFound(err) {
+		currentControllerName = ""
+	} else if err != nil {
 		return errors.Trace(err)
 	}
 	if c.Target == "" {
@@ -115,8 +113,8 @@
 	}
 
 	// If the target identifies a controller, then set that as the current controller.
-	var newControllerName string
-	if newControllerName, err = modelcmd.ResolveControllerName(c.Store, c.Target); err == nil {
+	var newControllerName = c.Target
+	if _, err = c.Store.ControllerByName(c.Target); err == nil {
 		if newControllerName == currentControllerName {
 			newName = currentName
 			return nil
@@ -125,7 +123,7 @@
 			if err != nil {
 				return errors.Trace(err)
 			}
-			return errors.Trace(c.WriteCurrentController(newControllerName))
+			return errors.Trace(c.Store.SetCurrentController(newControllerName))
 		}
 	} else if !errors.IsNotFound(err) {
 		return errors.Trace(err)
@@ -137,9 +135,7 @@
 	// case, the model must exist in the current controller.
 	newControllerName, modelName := modelcmd.SplitModelName(c.Target)
 	if newControllerName != "" {
-		// A controller was specified so see if we should use a local version.
-		newControllerName, err = modelcmd.ResolveControllerName(c.Store, newControllerName)
-		if err != nil {
+		if _, err = c.Store.ControllerByName(newControllerName); err != nil {
 			return errors.Trace(err)
 		}
 		newName = modelcmd.JoinModelName(newControllerName, modelName)
@@ -151,17 +147,13 @@
 		newName = modelcmd.JoinModelName(newControllerName, modelName)
 	}
 
-	accountName, err := c.Store.CurrentAccount(newControllerName)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	err = c.Store.SetCurrentModel(newControllerName, accountName, modelName)
+	err = c.Store.SetCurrentModel(newControllerName, modelName)
 	if errors.IsNotFound(err) {
 		// The model isn't known locally, so we must query the controller.
-		if err := c.RefreshModels(c.Store, newControllerName, accountName); err != nil {
+		if err := c.RefreshModels(c.Store, newControllerName); err != nil {
 			return errors.Annotate(err, "refreshing models cache")
 		}
-		err := c.Store.SetCurrentModel(newControllerName, accountName, modelName)
+		err := c.Store.SetCurrentModel(newControllerName, modelName)
 		if errors.IsNotFound(err) {
 			return unknownSwitchTargetError(c.Target)
 		} else if err != nil {
@@ -171,7 +163,7 @@
 		return errors.Trace(err)
 	}
 	if currentControllerName != newControllerName {
-		if err := c.WriteCurrentController(newControllerName); err != nil {
+		if err := c.Store.SetCurrentController(newControllerName); err != nil {
 			return errors.Trace(err)
 		}
 	}
@@ -197,15 +189,11 @@
 	if controllerName == "" {
 		return "", nil
 	}
-	accountName, err := c.Store.CurrentAccount(controllerName)
+	modelName, err := c.Store.CurrentModel(controllerName)
 	if err == nil {
-		modelName, err := c.Store.CurrentModel(controllerName, accountName)
-		if err == nil {
-			return modelcmd.JoinModelName(controllerName, modelName), nil
-		} else if !errors.IsNotFound(err) {
-			return "", errors.Trace(err)
-		}
-	} else if !errors.IsNotFound(err) {
+		return modelcmd.JoinModelName(controllerName, modelName), nil
+	}
+	if !errors.IsNotFound(err) {
 		return "", errors.Trace(err)
 	}
 	// No current account or model.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/switch_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/switch_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/switch_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/switch_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,9 +22,9 @@
 type SwitchSimpleSuite struct {
 	coretesting.FakeJujuXDGDataHomeSuite
 	testing.Stub
-	store             *jujuclienttesting.MemStore
-	currentController string
-	onRefresh         func()
+	store     *jujuclienttesting.MemStore
+	stubStore *jujuclienttesting.StubStore
+	onRefresh func()
 }
 
 var _ = gc.Suite(&SwitchSimpleSuite{})
@@ -33,38 +33,22 @@
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
 	s.Stub.ResetCalls()
 	s.store = jujuclienttesting.NewMemStore()
-	s.currentController = ""
+	s.stubStore = jujuclienttesting.WrapClientStore(s.store)
 	s.onRefresh = nil
 }
 
-func (s *SwitchSimpleSuite) refreshModels(store jujuclient.ClientStore, controllerName, accountName string) error {
-	s.MethodCall(s, "RefreshModels", store, controllerName, accountName)
+func (s *SwitchSimpleSuite) refreshModels(store jujuclient.ClientStore, controllerName string) error {
+	s.MethodCall(s, "RefreshModels", store, controllerName)
 	if s.onRefresh != nil {
 		s.onRefresh()
 	}
 	return s.NextErr()
 }
 
-func (s *SwitchSimpleSuite) readCurrentController() (string, error) {
-	s.MethodCall(s, "ReadCurrentController")
-	return s.currentController, s.NextErr()
-}
-
-func (s *SwitchSimpleSuite) writeCurrentController(current string) error {
-	s.MethodCall(s, "WriteCurrentController", current)
-	if err := s.NextErr(); err != nil {
-		return err
-	}
-	s.currentController = current
-	return nil
-}
-
 func (s *SwitchSimpleSuite) run(c *gc.C, args ...string) (*cmd.Context, error) {
 	cmd := &switchCommand{
-		Store:                  s.store,
-		RefreshModels:          s.refreshModels,
-		ReadCurrentController:  s.readCurrentController,
-		WriteCurrentController: s.writeCurrentController,
+		Store:         s.stubStore,
+		RefreshModels: s.refreshModels,
 	}
 	return coretesting.RunCommand(c, modelcmd.WrapBase(cmd), args...)
 }
@@ -76,7 +60,7 @@
 
 func (s *SwitchSimpleSuite) TestNoArgsCurrentController(c *gc.C) {
 	s.addController(c, "a-controller")
-	s.currentController = "a-controller"
+	s.store.CurrentControllerName = "a-controller"
 	ctx, err := s.run(c)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stdout(ctx), gc.Equals, "a-controller\n")
@@ -84,21 +68,17 @@
 
 func (s *SwitchSimpleSuite) TestUnknownControllerNameReturnsError(c *gc.C) {
 	s.addController(c, "a-controller")
-	s.currentController = "a-controller"
+	s.store.CurrentControllerName = "a-controller"
 	_, err := s.run(c, "another-controller:modela")
 	c.Assert(err, gc.ErrorMatches, "controller another-controller not found")
 }
 
 func (s *SwitchSimpleSuite) TestNoArgsCurrentModel(c *gc.C) {
 	s.addController(c, "a-controller")
-	s.currentController = "a-controller"
-	s.store.Models["a-controller"] = jujuclient.ControllerAccountModels{
-		map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models:       map[string]jujuclient.ModelDetails{"mymodel": {}},
-				CurrentModel: "mymodel",
-			},
-		},
+	s.store.CurrentControllerName = "a-controller"
+	s.store.Models["a-controller"] = &jujuclient.ControllerModels{
+		Models:       map[string]jujuclient.ModelDetails{"mymodel": {}},
+		CurrentModel: "mymodel",
 	}
 	ctx, err := s.run(c)
 	c.Assert(err, jc.ErrorIsNil)
@@ -110,14 +90,16 @@
 	context, err := s.run(c, "a-controller")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(context), gc.Equals, " -> a-controller (controller)\n")
-	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
-		{"WriteCurrentController", []interface{}{"a-controller"}},
+	s.stubStore.CheckCalls(c, []testing.StubCall{
+		{"CurrentController", nil},
+		{"ControllerByName", []interface{}{"a-controller"}},
+		{"CurrentModel", []interface{}{"a-controller"}},
+		{"SetCurrentController", []interface{}{"a-controller"}},
 	})
 }
 
 func (s *SwitchSimpleSuite) TestSwitchWithCurrentController(c *gc.C) {
-	s.currentController = "old"
+	s.store.CurrentControllerName = "old"
 	s.addController(c, "new")
 	context, err := s.run(c, "new")
 	c.Assert(err, jc.ErrorIsNil)
@@ -125,152 +107,147 @@
 }
 
 func (s *SwitchSimpleSuite) TestSwitchLocalControllerWithCurrent(c *gc.C) {
-	s.currentController = "old"
-	s.addController(c, "local.new")
+	s.store.CurrentControllerName = "old"
+	s.addController(c, "new")
 	context, err := s.run(c, "new")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(coretesting.Stderr(context), gc.Equals, "old (controller) -> local.new (controller)\n")
+	c.Assert(coretesting.Stderr(context), gc.Equals, "old (controller) -> new (controller)\n")
 }
 
 func (s *SwitchSimpleSuite) TestSwitchSameController(c *gc.C) {
-	s.currentController = "same"
+	s.store.CurrentControllerName = "same"
 	s.addController(c, "same")
 	context, err := s.run(c, "same")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(context), gc.Equals, "same (controller) (no change)\n")
-	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
+	s.stubStore.CheckCalls(c, []testing.StubCall{
+		{"CurrentController", nil},
+		{"CurrentModel", []interface{}{"same"}},
+		{"ControllerByName", []interface{}{"same"}},
 	})
 }
 
 func (s *SwitchSimpleSuite) TestSwitchControllerToModel(c *gc.C) {
-	s.currentController = "ctrl"
+	s.store.CurrentControllerName = "ctrl"
 	s.addController(c, "ctrl")
-	s.store.Models["ctrl"] = jujuclient.ControllerAccountModels{
-		map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{"mymodel": {}},
-			},
-		},
+	s.store.Models["ctrl"] = &jujuclient.ControllerModels{
+		Models: map[string]jujuclient.ModelDetails{"mymodel": {}},
 	}
 	context, err := s.run(c, "mymodel")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(context), gc.Equals, "ctrl (controller) -> ctrl:mymodel\n")
-	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
+	s.stubStore.CheckCalls(c, []testing.StubCall{
+		{"CurrentController", nil},
+		{"CurrentModel", []interface{}{"ctrl"}},
+		{"ControllerByName", []interface{}{"mymodel"}},
+		{"SetCurrentModel", []interface{}{"ctrl", "mymodel"}},
 	})
-	c.Assert(s.store.Models["ctrl"].AccountModels["admin@local"].CurrentModel, gc.Equals, "mymodel")
+	c.Assert(s.store.Models["ctrl"].CurrentModel, gc.Equals, "mymodel")
 }
 
 func (s *SwitchSimpleSuite) TestSwitchControllerToModelDifferentController(c *gc.C) {
-	s.currentController = "old"
+	s.store.CurrentControllerName = "old"
 	s.addController(c, "new")
-	s.store.Models["new"] = jujuclient.ControllerAccountModels{
-		map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{"mymodel": {}},
-			},
-		},
+	s.store.Models["new"] = &jujuclient.ControllerModels{
+		Models: map[string]jujuclient.ModelDetails{"mymodel": {}},
 	}
 	context, err := s.run(c, "new:mymodel")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(context), gc.Equals, "old (controller) -> new:mymodel\n")
-	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
-		{"WriteCurrentController", []interface{}{"new"}},
+	s.stubStore.CheckCalls(c, []testing.StubCall{
+		{"CurrentController", nil},
+		{"CurrentModel", []interface{}{"old"}},
+		{"ControllerByName", []interface{}{"new:mymodel"}},
+		{"ControllerByName", []interface{}{"new"}},
+		{"SetCurrentModel", []interface{}{"new", "mymodel"}},
+		{"SetCurrentController", []interface{}{"new"}},
 	})
-	c.Assert(s.store.Models["new"].AccountModels["admin@local"].CurrentModel, gc.Equals, "mymodel")
+	c.Assert(s.store.Models["new"].CurrentModel, gc.Equals, "mymodel")
 }
 
 func (s *SwitchSimpleSuite) TestSwitchLocalControllerToModelDifferentController(c *gc.C) {
-	s.currentController = "old"
-	s.addController(c, "local.new")
-	s.store.Models["local.new"] = jujuclient.ControllerAccountModels{
-		map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{"mymodel": {}},
-			},
-		},
+	s.store.CurrentControllerName = "old"
+	s.addController(c, "new")
+	s.store.Models["new"] = &jujuclient.ControllerModels{
+		Models: map[string]jujuclient.ModelDetails{"mymodel": {}},
 	}
 	context, err := s.run(c, "new:mymodel")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(coretesting.Stderr(context), gc.Equals, "old (controller) -> local.new:mymodel\n")
-	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
-		{"WriteCurrentController", []interface{}{"local.new"}},
+	c.Assert(coretesting.Stderr(context), gc.Equals, "old (controller) -> new:mymodel\n")
+	s.stubStore.CheckCalls(c, []testing.StubCall{
+		{"CurrentController", nil},
+		{"CurrentModel", []interface{}{"old"}},
+		{"ControllerByName", []interface{}{"new:mymodel"}},
+		{"ControllerByName", []interface{}{"new"}},
+		{"SetCurrentModel", []interface{}{"new", "mymodel"}},
+		{"SetCurrentController", []interface{}{"new"}},
 	})
-	c.Assert(s.store.Models["local.new"].AccountModels["admin@local"].CurrentModel, gc.Equals, "mymodel")
+	c.Assert(s.store.Models["new"].CurrentModel, gc.Equals, "mymodel")
 }
 
 func (s *SwitchSimpleSuite) TestSwitchControllerToDifferentControllerCurrentModel(c *gc.C) {
-	s.currentController = "old"
+	s.store.CurrentControllerName = "old"
 	s.addController(c, "new")
-	s.store.Models["new"] = jujuclient.ControllerAccountModels{
-		map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models:       map[string]jujuclient.ModelDetails{"mymodel": {}},
-				CurrentModel: "mymodel",
-			},
-		},
+	s.store.Models["new"] = &jujuclient.ControllerModels{
+		Models:       map[string]jujuclient.ModelDetails{"mymodel": {}},
+		CurrentModel: "mymodel",
 	}
 	context, err := s.run(c, "new:mymodel")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(context), gc.Equals, "old (controller) -> new:mymodel\n")
-	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
-		{"WriteCurrentController", []interface{}{"new"}},
+	s.stubStore.CheckCalls(c, []testing.StubCall{
+		{"CurrentController", nil},
+		{"CurrentModel", []interface{}{"old"}},
+		{"ControllerByName", []interface{}{"new:mymodel"}},
+		{"ControllerByName", []interface{}{"new"}},
+		{"SetCurrentModel", []interface{}{"new", "mymodel"}},
+		{"SetCurrentController", []interface{}{"new"}},
 	})
 }
 
 func (s *SwitchSimpleSuite) TestSwitchUnknownNoCurrentController(c *gc.C) {
 	_, err := s.run(c, "unknown")
 	c.Assert(err, gc.ErrorMatches, `"unknown" is not the name of a model or controller`)
-	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
+	s.stubStore.CheckCalls(c, []testing.StubCall{
+		{"CurrentController", nil},
+		{"ControllerByName", []interface{}{"unknown"}},
 	})
 }
 
 func (s *SwitchSimpleSuite) TestSwitchUnknownCurrentControllerRefreshModels(c *gc.C) {
-	s.currentController = "ctrl"
+	s.store.CurrentControllerName = "ctrl"
 	s.addController(c, "ctrl")
 	s.onRefresh = func() {
-		s.store.Models["ctrl"] = jujuclient.ControllerAccountModels{
-			map[string]*jujuclient.AccountModels{
-				"admin@local": {
-					Models: map[string]jujuclient.ModelDetails{"unknown": {}},
-				},
-			},
+		s.store.Models["ctrl"] = &jujuclient.ControllerModels{
+			Models: map[string]jujuclient.ModelDetails{"unknown": {}},
 		}
 	}
 	ctx, err := s.run(c, "unknown")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), gc.Equals, "ctrl (controller) -> ctrl:unknown\n")
 	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
-		{"RefreshModels", []interface{}{s.store, "ctrl", "admin@local"}},
+		{"RefreshModels", []interface{}{s.stubStore, "ctrl"}},
 	})
 }
 
 func (s *SwitchSimpleSuite) TestSwitchUnknownCurrentControllerRefreshModelsStillUnknown(c *gc.C) {
-	s.currentController = "ctrl"
+	s.store.CurrentControllerName = "ctrl"
 	s.addController(c, "ctrl")
 	_, err := s.run(c, "unknown")
 	c.Assert(err, gc.ErrorMatches, `"unknown" is not the name of a model or controller`)
 	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
-		{"RefreshModels", []interface{}{s.store, "ctrl", "admin@local"}},
+		{"RefreshModels", []interface{}{s.stubStore, "ctrl"}},
 	})
 }
 
 func (s *SwitchSimpleSuite) TestSwitchUnknownCurrentControllerRefreshModelsFails(c *gc.C) {
-	s.currentController = "ctrl"
+	s.store.CurrentControllerName = "ctrl"
 	s.addController(c, "ctrl")
-	s.SetErrors(nil, errors.New("not very refreshing"))
+	s.SetErrors(errors.New("not very refreshing"))
 	_, err := s.run(c, "unknown")
 	c.Assert(err, gc.ErrorMatches, "refreshing models cache: not very refreshing")
 	s.CheckCalls(c, []testing.StubCall{
-		{"ReadCurrentController", nil},
-		{"RefreshModels", []interface{}{s.store, "ctrl", "admin@local"}},
+		{"RefreshModels", []interface{}{s.stubStore, "ctrl"}},
 	})
 }
 
@@ -287,7 +264,7 @@
 
 func (s *SwitchSimpleSuite) addController(c *gc.C, name string) {
 	s.store.Controllers[name] = jujuclient.ControllerDetails{}
-	s.store.Accounts[name] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts[name] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/synctools.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/synctools.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/synctools.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/synctools.go	2016-07-18 19:45:44.000000000 +0000
@@ -46,40 +46,55 @@
 
 var _ cmd.Command = (*syncToolsCommand)(nil)
 
+const synctoolsDoc = `
+This copies the Juju agent software from the official tools store (located
+at https://streams.canonical.com/juju) into a model. It is generally done
+when the model is without Internet access.
+
+Instead of the above site, a local directory can be specified as source.
+The online store will, of course, need to be contacted at some point to get
+the software.
+
+Examples:
+    # Download the software (version auto-selected) to the model:
+    juju sync-tools --debug
+
+    # Download a specific version of the software locally:
+    juju sync-tools --debug --version 2.0 --local-dir=/home/ubuntu/sync-tools
+
+    # Get locally available software to the model:
+    juju sync-tools --debug --source=/home/ubuntu/sync-tools
+
+See Also:
+    juju upgrade-juju
+
+`
+
 func (c *syncToolsCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "sync-tools",
-		Purpose: "copy tools from the official tool store into a local model",
-		Doc: `
-This copies the Juju tools tarball from the official tools store (located
-at https://streams.canonical.com/juju) into your model.
-This is generally done when you want Juju to be able to run without having to
-access the Internet. Alternatively you can specify a local directory as source.
-
-Sometimes this is because the model does not have public access,
-and sometimes you just want to avoid having to access data outside of
-the local cloud.
-`,
+		Purpose: "Copy tools from the official tool store into a local model.",
+		Doc:     synctoolsDoc,
 	}
 }
 
 func (c *syncToolsCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.allVersions, "all", false, "copy all versions, not just the latest")
-	f.StringVar(&c.versionStr, "version", "", "copy a specific major[.minor] version")
-	f.BoolVar(&c.dryRun, "dry-run", false, "don't copy, just print what would be copied")
-	f.BoolVar(&c.dev, "dev", false, "consider development versions as well as released ones\n    DEPRECATED: use --stream instead")
-	f.BoolVar(&c.public, "public", false, "tools are for a public cloud, so generate mirrors information")
-	f.StringVar(&c.source, "source", "", "local source directory")
-	f.StringVar(&c.stream, "stream", "", "simplestreams stream for which to sync metadata")
-	f.StringVar(&c.localDir, "local-dir", "", "local destination directory")
-	f.StringVar(&c.destination, "destination", "", "local destination directory")
+	f.BoolVar(&c.allVersions, "all", false, "Copy all versions, not just the latest")
+	f.StringVar(&c.versionStr, "version", "", "Copy a specific major[.minor] version")
+	f.BoolVar(&c.dryRun, "dry-run", false, "Don't copy, just print what would be copied")
+	f.BoolVar(&c.dev, "dev", false, "Consider development versions as well as released ones\n    DEPRECATED: use --stream instead")
+	f.BoolVar(&c.public, "public", false, "Tools are for a public cloud, so generate mirrors information")
+	f.StringVar(&c.source, "source", "", "Local source directory")
+	f.StringVar(&c.stream, "stream", "", "Simplestreams stream for which to sync metadata")
+	f.StringVar(&c.localDir, "local-dir", "", "Local destination directory")
+	f.StringVar(&c.destination, "destination", "", "Local destination directory\n    DEPRECATED: use --local-dir instead")
 }
 
 func (c *syncToolsCommand) Init(args []string) error {
 	if c.destination != "" {
 		// Override localDir with destination as localDir now replaces destination
 		c.localDir = c.destination
-		logger.Warningf("Use of the --destination flag is deprecated in 1.18. Please use --local-dir instead.")
+		logger.Infof("Use of the --destination flag is deprecated in 1.18. Please use --local-dir instead.")
 	}
 	if c.versionStr != "" {
 		var err error
@@ -136,7 +151,7 @@
 		}
 	} else {
 		if c.public {
-			logger.Warningf("--public is ignored unless --local-dir is specified")
+			logger.Infof("--public is ignored unless --local-dir is specified")
 		}
 		api, err := getSyncToolsAPI(c)
 		if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/synctools_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/synctools_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/synctools_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/synctools_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -44,11 +44,10 @@
 	s.PatchValue(&getSyncToolsAPI, func(c *syncToolsCommand) (syncToolsAPI, error) {
 		return s.fakeSyncToolsAPI, nil
 	})
-	err := modelcmd.WriteCurrentController("ctrl")
-	c.Assert(err, jc.ErrorIsNil)
 	s.store = jujuclienttesting.NewMemStore()
-	s.store.Accounts["ctrl"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.CurrentControllerName = "ctrl"
+	s.store.Accounts["ctrl"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 }
 
@@ -203,7 +202,7 @@
 	defer loggo.RemoveWriter("deprecated-tester")
 	// Add deprecated message to be checked.
 	messages := []jc.SimpleMessage{
-		{loggo.WARNING, "Use of the --destination flag is deprecated in 1.18. Please use --local-dir instead."},
+		{loggo.INFO, "Use of the --destination flag is deprecated in 1.18. Please use --local-dir instead."},
 	}
 	// Run sync-tools command with --destination flag.
 	ctx, err := s.runSyncToolsCommand(c, "-m", "test-target", "--destination", dir, "--stream", "released")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/upgradejuju.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/upgradejuju.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/upgradejuju.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/upgradejuju.go	2016-07-18 19:45:44.000000000 +0000
@@ -179,10 +179,6 @@
 // Run changes the version proposed for the juju envtools.
 func (c *upgradeJujuCommand) Run(ctx *cmd.Context) (err error) {
 
-	if c.UploadTools && c.ModelName() != "admin" {
-		return errors.Errorf("--upload-tools can only be used with the admin model")
-	}
-
 	client, err := getUpgradeJujuAPI(c)
 	if err != nil {
 		return err
@@ -205,6 +201,16 @@
 		return err
 	}
 
+	controller, err := c.ClientStore().ControllerByName(c.ControllerName())
+	if err != nil {
+		return err
+	}
+	if c.UploadTools && (cfg.UUID() != controller.ControllerUUID) {
+		// For UploadTools, model must be the "controller" model,
+		// that is, modelUUID == controllerUUID
+		return errors.Errorf("--upload-tools can only be used with the controller model")
+	}
+
 	agentVersion, ok := cfg.AgentVersion()
 	if !ok {
 		// Can't happen. In theory.
@@ -286,7 +292,7 @@
 	ctx.Infof("available tools:\n%s", formatTools(context.tools))
 	ctx.Infof("best version:\n    %s", context.chosen)
 	if warnCompat {
-		logger.Warningf("version %s incompatible with this client (%s)", context.chosen, jujuversion.Current)
+		logger.Infof("version %s incompatible with this client (%s)", context.chosen, jujuversion.Current)
 	}
 	if c.DryRun {
 		ctx.Infof("upgrade to this version by running\n    juju upgrade-juju --version=\"%s\"\n", context.chosen)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/upgradejuju_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/upgradejuju_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/commands/upgradejuju_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/commands/upgradejuju_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,7 +29,7 @@
 	toolstesting "github.com/juju/juju/environs/tools/testing"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/network"
-	_ "github.com/juju/juju/provider/dummy"
+	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/state"
 	coretesting "github.com/juju/juju/testing"
 	coretools "github.com/juju/juju/tools"
@@ -464,6 +464,20 @@
 	s.AssertBlocked(c, err, ".*TestBlockUpgradeJujuWithRealUpload.*")
 }
 
+func (s *UpgradeJujuSuite) TestFailUploadOnNonController(c *gc.C) {
+	fakeAPI := &fakeUpgradeJujuAPINoState{
+		name:           "dummy-model",
+		uuid:           "deadbeef-0000-400d-8000-4b1d0d06f00d",
+		controllerUUID: "deadbeef-0bad-400d-8000-4b1d0d06f00d",
+	}
+	s.PatchValue(&getUpgradeJujuAPI, func(*upgradeJujuCommand) (upgradeJujuAPI, error) {
+		return fakeAPI, nil
+	})
+	cmd := newUpgradeJujuCommand(nil)
+	_, err := coretesting.RunCommand(c, cmd, "--upload-tools", "-m", "dummy-model")
+	c.Assert(err, gc.ErrorMatches, "--upload-tools can only be used with the controller model")
+}
+
 type DryRunTest struct {
 	about             string
 	cmdArgs           []string
@@ -909,3 +923,23 @@
 func (a *fakeUpgradeJujuAPI) Close() error {
 	return nil
 }
+
+// Mock an API with no state
+type fakeUpgradeJujuAPINoState struct {
+	upgradeJujuAPI
+	name           string
+	uuid           string
+	controllerUUID string
+}
+
+func (a *fakeUpgradeJujuAPINoState) Close() error {
+	return nil
+}
+
+func (a *fakeUpgradeJujuAPINoState) ModelGet() (map[string]interface{}, error) {
+	return dummy.SampleConfig().Merge(map[string]interface{}{
+		"name":            a.name,
+		"uuid":            a.uuid,
+		"controller-uuid": a.controllerUUID,
+	}), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/authkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/authkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/authkeys.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/authkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,123 @@
+// Copyright 2012-2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package common
+
+import (
+	"bytes"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/schema"
+	"github.com/juju/utils"
+	"github.com/juju/utils/ssh"
+)
+
+var ErrNoAuthorizedKeys = errors.New("no public ssh keys found")
+
+// FinalizeAuthorizedKeys takes a set of configuration attributes and
+// ensures that it has an authorized-keys setting, or returns
+// ErrNoAuthorizedKeys if it cannot.
+//
+// If the attributes contains a non-empty value for "authorized-keys",
+// then it is left alone. If there is an "authorized-keys-path" setting,
+// its contents will be loaded into "authorized-keys". Otherwise, the
+// contents of standard public keys will be used: ~/.ssh/id_dsa.pub,
+// ~/.ssh/id_rsa.pub, and ~/.ssh/identity.pub.
+func FinalizeAuthorizedKeys(ctx *cmd.Context, attrs map[string]interface{}) error {
+	const authorizedKeysPathKey = "authorized-keys-path"
+	checker := schema.FieldMap(schema.Fields{
+		config.AuthorizedKeysKey: schema.String(),
+		authorizedKeysPathKey:    schema.String(),
+	}, schema.Defaults{
+		config.AuthorizedKeysKey: schema.Omit,
+		authorizedKeysPathKey:    schema.Omit,
+	})
+	coerced, err := checker.Coerce(attrs, nil)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	coercedAttrs := coerced.(map[string]interface{})
+
+	authorizedKeys, haveAuthorizedKeys := coercedAttrs[config.AuthorizedKeysKey].(string)
+	authorizedKeysPath, haveAuthorizedKeysPath := coercedAttrs[authorizedKeysPathKey].(string)
+	if haveAuthorizedKeys && haveAuthorizedKeysPath {
+		return errors.Errorf(
+			"%q and %q may not both be specified",
+			config.AuthorizedKeysKey, authorizedKeysPathKey,
+		)
+	}
+	if haveAuthorizedKeys {
+		// We have authorized-keys already; nothing to do.
+		return nil
+	}
+
+	authorizedKeys, err = ReadAuthorizedKeys(ctx, authorizedKeysPath)
+	if err != nil {
+		return errors.Annotate(err, "reading authorized-keys")
+	}
+	if haveAuthorizedKeysPath {
+		delete(attrs, authorizedKeysPathKey)
+	}
+	attrs[config.AuthorizedKeysKey] = authorizedKeys
+	return nil
+}
+
+// ReadAuthorizedKeys implements the standard juju behaviour for finding
+// authorized_keys. It returns a set of keys in in authorized_keys format
+// (see sshd(8) for a description).  If path is non-empty, it names the
+// file to use; otherwise the user's .ssh directory will be searched.
+// Home directory expansion will be performed on the path if it starts with
+// a ~; if the expanded path is relative, it will be interpreted relative
+// to $HOME/.ssh.
+//
+// The result of utils/ssh.PublicKeyFiles will always be prepended to the
+// result. In practice, this means ReadAuthorizedKeys never returns an
+// error when the call originates in the CLI.
+//
+// If no SSH keys are found, ReadAuthorizedKeys returns
+// ErrNoAuthorizedKeys.
+func ReadAuthorizedKeys(ctx *cmd.Context, path string) (string, error) {
+	files := ssh.PublicKeyFiles()
+	if path == "" {
+		files = append(files, "id_dsa.pub", "id_rsa.pub", "identity.pub")
+	} else {
+		files = append(files, path)
+	}
+	var firstError error
+	var keyData []byte
+	for _, f := range files {
+		f, err := utils.NormalizePath(f)
+		if err != nil {
+			if firstError == nil {
+				firstError = err
+			}
+			continue
+		}
+		if !filepath.IsAbs(f) {
+			f = filepath.Join(utils.Home(), ".ssh", f)
+		}
+		data, err := ioutil.ReadFile(f)
+		if err != nil {
+			if firstError == nil && !os.IsNotExist(err) {
+				firstError = err
+			}
+			continue
+		}
+		keyData = append(keyData, bytes.Trim(data, "\n")...)
+		keyData = append(keyData, '\n')
+		ctx.Verbosef("Adding contents of %q to authorized-keys", f)
+	}
+	if len(keyData) == 0 {
+		if firstError == nil {
+			firstError = ErrNoAuthorizedKeys
+		}
+		return "", firstError
+	}
+	return string(keyData), nil
+
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/authkeys_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/authkeys_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/authkeys_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/authkeys_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,124 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package common_test
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	"github.com/juju/utils/ssh"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/juju/common"
+	"github.com/juju/juju/testing"
+)
+
+type AuthKeysSuite struct {
+	testing.BaseSuite
+	dotssh string // ~/.ssh
+}
+
+var _ = gc.Suite(&AuthKeysSuite{})
+
+func (s *AuthKeysSuite) SetUpTest(c *gc.C) {
+	s.BaseSuite.SetUpTest(c)
+	old := utils.Home()
+	newhome := c.MkDir()
+	err := utils.SetHome(newhome)
+	c.Assert(err, jc.ErrorIsNil)
+	s.AddCleanup(func(*gc.C) {
+		ssh.ClearClientKeys()
+		err := utils.SetHome(old)
+		c.Assert(err, jc.ErrorIsNil)
+	})
+
+	s.dotssh = filepath.Join(newhome, ".ssh")
+	err = os.Mkdir(s.dotssh, 0755)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *AuthKeysSuite) TestReadAuthorizedKeysErrors(c *gc.C) {
+	ctx := testing.Context(c)
+	_, err := common.ReadAuthorizedKeys(ctx, "")
+	c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
+	c.Assert(err, gc.Equals, common.ErrNoAuthorizedKeys)
+	_, err = common.ReadAuthorizedKeys(ctx, filepath.Join(s.dotssh, "notthere.pub"))
+	c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
+	c.Assert(err, gc.Equals, common.ErrNoAuthorizedKeys)
+}
+
+func writeFile(c *gc.C, filename string, contents string) {
+	err := ioutil.WriteFile(filename, []byte(contents), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *AuthKeysSuite) TestReadAuthorizedKeys(c *gc.C) {
+	ctx := testing.Context(c)
+	writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
+	writeFile(c, filepath.Join(s.dotssh, "identity.pub"), "identity")
+	writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
+	keys, err := common.ReadAuthorizedKeys(ctx, "")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(keys, gc.Equals, "id_rsa\nidentity\n")
+	keys, err = common.ReadAuthorizedKeys(ctx, "test.pub") // relative to ~/.ssh
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(keys, gc.Equals, "test\n")
+}
+
+func (s *AuthKeysSuite) TestReadAuthorizedKeysClientKeys(c *gc.C) {
+	ctx := testing.Context(c)
+	keydir := filepath.Join(s.dotssh, "juju")
+	err := ssh.LoadClientKeys(keydir) // auto-generates a key pair
+	c.Assert(err, jc.ErrorIsNil)
+	pubkeyFiles := ssh.PublicKeyFiles()
+	c.Assert(pubkeyFiles, gc.HasLen, 1)
+	data, err := ioutil.ReadFile(pubkeyFiles[0])
+	c.Assert(err, jc.ErrorIsNil)
+	prefix := strings.Trim(string(data), "\n") + "\n"
+
+	writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
+	writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
+	keys, err := common.ReadAuthorizedKeys(ctx, "")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(keys, gc.Equals, prefix+"id_rsa\n")
+	keys, err = common.ReadAuthorizedKeys(ctx, "test.pub")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(keys, gc.Equals, prefix+"test\n")
+	keys, err = common.ReadAuthorizedKeys(ctx, "notthere.pub")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(keys, gc.Equals, prefix)
+}
+
+func (s *AuthKeysSuite) TestFinalizeAuthorizedKeysNoop(c *gc.C) {
+	attrs := map[string]interface{}{"authorized-keys": "meep"}
+	err := common.FinalizeAuthorizedKeys(testing.Context(c), attrs)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(attrs, jc.DeepEquals, map[string]interface{}{"authorized-keys": "meep"})
+}
+
+func (s *AuthKeysSuite) TestFinalizeAuthorizedKeysPath(c *gc.C) {
+	writeFile(c, filepath.Join(s.dotssh, "whatever"), "meep")
+	attrs := map[string]interface{}{"authorized-keys-path": "whatever"}
+	err := common.FinalizeAuthorizedKeys(testing.Context(c), attrs)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(attrs, jc.DeepEquals, map[string]interface{}{"authorized-keys": "meep\n"})
+}
+
+func (s *AuthKeysSuite) TestFinalizeAuthorizedKeysDefault(c *gc.C) {
+	writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "meep")
+	attrs := map[string]interface{}{}
+	err := common.FinalizeAuthorizedKeys(testing.Context(c), attrs)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(attrs, jc.DeepEquals, map[string]interface{}{"authorized-keys": "meep\n"})
+}
+
+func (s *AuthKeysSuite) TestFinalizeAuthorizedKeysConflict(c *gc.C) {
+	attrs := map[string]interface{}{"authorized-keys": "foo", "authorized-keys-path": "bar"}
+	err := common.FinalizeAuthorizedKeys(testing.Context(c), attrs)
+	c.Assert(err, gc.ErrorMatches, `"authorized-keys" and "authorized-keys-path" may not both be specified`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/cloud.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/cloud.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/cloud.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/cloud.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,7 +40,7 @@
 		if err != nil {
 			// Should never happen but it will on go 1.2
 			// because lxd provider is not built.
-			logger.Warningf("cloud %q not available on this platform", name)
+			logger.Errorf("cloud %q not available on this platform", name)
 			continue
 		}
 		builtIn[name] = aCloud
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/controller.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/controller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/controller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/controller.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,7 +31,7 @@
 // bootstrap server into the connection information. This should only be run
 // once directly after Bootstrap. It assumes that there is just one instance
 // in the environment - the bootstrap instance.
-func SetBootstrapEndpointAddress(store jujuclient.ControllerStore, controllerName string, environ environs.Environ) error {
+func SetBootstrapEndpointAddress(store jujuclient.ControllerStore, controllerName string, apiPort int, environ environs.Environ) error {
 	instances, err := allInstances(environ)
 	if err != nil {
 		return errors.Trace(err)
@@ -41,7 +41,7 @@
 		return errors.Errorf("found no instances, expected at least one")
 	}
 	if length > 1 {
-		logger.Warningf("expected one instance, got %d", length)
+		return errors.Errorf("expected one instance, got %d", length)
 	}
 	bootstrapInstance := instances[0]
 
@@ -51,8 +51,6 @@
 	if err != nil {
 		return errors.Annotate(err, "failed to get bootstrap instance addresses")
 	}
-	cfg := environ.Config()
-	apiPort := cfg.APIPort()
 	apiHostPorts := network.AddressesWithPort(netAddrs, apiPort)
 	return juju.UpdateControllerAddresses(store, controllerName, nil, apiHostPorts...)
 }
@@ -67,7 +65,7 @@
 func getBlockAPI(c *modelcmd.ModelCommandBase) (block.BlockListAPI, error) {
 	root, err := c.NewAPIRoot()
 	if err != nil {
-		return nil, err
+		return nil, errors.Trace(err)
 	}
 	return apiblock.NewClient(root), nil
 }
@@ -119,6 +117,7 @@
 		switch {
 		case errors.Cause(err) == io.EOF,
 			strings.HasSuffix(errorMessage, "connection is shut down"),
+			strings.HasSuffix(errorMessage, "no api connection available"),
 			strings.Contains(errorMessage, "spaces are still being discovered"):
 			ctx.Infof("Waiting for API to become available")
 			continue
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/format_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/format_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/format_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/format_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -125,6 +125,7 @@
 var _ = gc.Suite(&userFriendlyDurationSuite{})
 
 func (*userFriendlyDurationSuite) TestFormat(c *gc.C) {
+	// lp:1558657
 	now := time.Now()
 	for _, test := range []struct {
 		other    time.Time
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/model.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/model.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/common/model.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/common/model.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"github.com/juju/errors"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/status"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // ModelInfo contains information about a model.
@@ -18,6 +18,8 @@
 	UUID           string                   `json:"model-uuid" yaml:"model-uuid"`
 	ControllerUUID string                   `json:"controller-uuid" yaml:"controller-uuid"`
 	Owner          string                   `json:"owner" yaml:"owner"`
+	Cloud          string                   `json:"cloud" yaml:"cloud"`
+	CloudRegion    string                   `json:"region,omitempty" yaml:"region,omitempty"`
 	ProviderType   string                   `json:"type" yaml:"type"`
 	Life           string                   `json:"life" yaml:"life"`
 	Status         ModelStatus              `json:"status" yaml:"status"`
@@ -59,6 +61,8 @@
 		Owner:          tag.Id(),
 		Life:           string(info.Life),
 		Status:         status,
+		Cloud:          info.Cloud,
+		CloudRegion:    info.CloudRegion,
 		ProviderType:   info.ProviderType,
 		Users:          ModelUserInfoFromParams(info.Users, now),
 	}, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/addmodel.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/addmodel.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/addmodel.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/addmodel.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,92 +1,88 @@
-// Copyright 2015 Canonical Ltd.
+// Copyright 2016 Canonical Ltd.
 // Licensed under the AGPLv3, see LICENCE file for details.
 
 package controller
 
 import (
+	"fmt"
 	"strings"
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/api/base"
+	cloudapi "github.com/juju/juju/api/cloud"
+	"github.com/juju/juju/api/modelmanager"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cmd/juju/common"
 	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/jujuclient"
 )
 
 // NewAddModelCommand returns a command to add a model.
 func NewAddModelCommand() cmd.Command {
 	return modelcmd.WrapController(&addModelCommand{
-		credentialStore: jujuclient.NewFileCredentialStore(),
+		newAddModelAPI: func(caller base.APICallCloser) AddModelAPI {
+			return modelmanager.NewClient(caller)
+		},
+		newCloudAPI: func(caller base.APICallCloser) CloudAPI {
+			return cloudapi.NewClient(caller)
+		},
 	})
 }
 
 // addModelCommand calls the API to add a new model.
 type addModelCommand struct {
 	modelcmd.ControllerCommandBase
-	api             CreateModelAPI
-	credentialStore jujuclient.CredentialStore
+	apiRoot        api.Connection
+	newAddModelAPI func(base.APICallCloser) AddModelAPI
+	newCloudAPI    func(base.APICallCloser) CloudAPI
 
 	Name           string
 	Owner          string
-	CredentialSpec string
-	CloudName      string
-	CloudType      string
 	CredentialName string
+	CloudRegion    string
 	Config         common.ConfigFlag
 }
 
 const addModelHelpDoc = `
-This command will add another model within the current Juju
-Controller. The provider has to match, and the model config must
-specify all the required configuration values for the provider.
-
-If configuration values are passed by both extra command line
-arguments and the --config option, the command line args take
-priority.
-
-If adding a model in a controller for which you are not the
-administrator, the cloud credentials and authorized ssh keys must
-be specified. The credentials are specified using the argument
---credential <cloud>:<credential>. The authorized ssh keys are
-specified using a --config argument, either authorized=keys=value
-or via a config yaml file.
- 
-Any credentials used must be for a cloud with the same provider
-type as the controller. Controller administrators do not have to
-specify credentials or ssh keys; by default, the credentials and
-keys used to bootstrap the controller are used if no others are
-specified.
+Adding a model is typically done in order to run a specific workload. The
+model is of the same cloud type as the controller and is managed by that
+controller. By default, the controller is the current controller. The
+credentials used to add the model are the ones used to create any future
+resources within the model (` + "`juju deploy`, `juju add-unit`" + `).
+
+Model names can be duplicated across controllers but must be unique for
+any given controller. Model names may only contain lowercase letters,
+digits and hyphens, and may not start with a hyphen.
 
 Examples:
 
-    juju add-model new-model
-
-    juju add-model new-model --config aws-creds.yaml --config image-stream=daily
-    
-    juju add-model new-model --credential aws:mysekrets --config authorized-keys="ssh-rsa ..."
-
-See Also:
-    juju help grant
+    juju add-model mymodel
+    juju add-model mymodel --config my-config.yaml --config image-stream=daily
+    juju add-model mymodel --credential credential_name --config authorized-keys="ssh-rsa ..."
+    juju add-model mymodel --region us-east-1
 `
 
 func (c *addModelCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "add-model",
-		Args:    "<name> [--config key=[value] ...] [--credential <cloud>:<credential>]",
-		Purpose: "Add a model within the Juju Model Server",
+		Args:    "<model name>",
+		Purpose: "Adds a hosted model.",
 		Doc:     strings.TrimSpace(addModelHelpDoc),
 	}
 }
 
 func (c *addModelCommand) SetFlags(f *gnuflag.FlagSet) {
 	f.StringVar(&c.Owner, "owner", "", "The owner of the new model if not the current user")
-	f.StringVar(&c.CredentialSpec, "credential", "", "The name of the cloud and credentials the new model uses to create cloud resources")
-	f.Var(&c.Config, "config", "Specify a controller config file, or one or more controller configuration options (--config config.yaml [--config k=v ...])")
+	f.StringVar(&c.CredentialName, "credential", "", "Credential used to add the model")
+	f.StringVar(&c.CloudRegion, "region", "", "Cloud region to add the model to")
+	f.Var(&c.Config, "config", "Path to YAML model configuration file or individual options (--config config.yaml [--config key=value ...])")
 }
 
 func (c *addModelCommand) Init(args []string) error {
@@ -95,131 +91,170 @@
 	}
 	c.Name, args = args[0], args[1:]
 
+	if !names.IsValidModelName(c.Name) {
+		return errors.Errorf("%q is not a valid name: model names may only contain lowercase letters, digits and hyphens", c.Name)
+	}
+
 	if c.Owner != "" && !names.IsValidUser(c.Owner) {
 		return errors.Errorf("%q is not a valid user", c.Owner)
 	}
 
-	if c.CredentialSpec != "" {
-		parts := strings.Split(c.CredentialSpec, ":")
-		if len(parts) < 2 {
-			return errors.Errorf("invalid cloud credential %s, expected <cloud>:<credential-name>", c.CredentialSpec)
-		}
-		c.CloudName = parts[0]
-		if cloud, err := common.CloudOrProvider(c.CloudName, cloud.CloudByName); err != nil {
-			return errors.Trace(err)
-		} else {
-			c.CloudType = cloud.Type
-		}
-		c.CredentialName = parts[1]
-	}
 	return nil
 }
 
-type CreateModelAPI interface {
-	Close() error
-	ConfigSkeleton(provider, region string) (params.ModelConfig, error)
-	CreateModel(owner string, account, config map[string]interface{}) (params.Model, error)
+type AddModelAPI interface {
+	CreateModel(name, owner, cloudRegion, cloudCredential string, config map[string]interface{}) (params.ModelInfo, error)
+}
+
+type CloudAPI interface {
+	Cloud(names.CloudTag) (cloud.Cloud, error)
+	CloudDefaults(names.UserTag) (cloud.Defaults, error)
+	Credentials(names.UserTag, names.CloudTag) (map[string]cloud.Credential, error)
+	UpdateCredentials(names.UserTag, names.CloudTag, map[string]cloud.Credential) error
 }
 
-func (c *addModelCommand) getAPI() (CreateModelAPI, error) {
-	if c.api != nil {
-		return c.api, nil
+func (c *addModelCommand) newApiRoot() (api.Connection, error) {
+	if c.apiRoot != nil {
+		return c.apiRoot, nil
 	}
-	return c.NewModelManagerAPIClient()
+	return c.NewAPIRoot()
 }
 
 func (c *addModelCommand) Run(ctx *cmd.Context) error {
-	client, err := c.getAPI()
+	api, err := c.newApiRoot()
 	if err != nil {
-		return errors.Trace(err)
+		return errors.Annotate(err, "opening API connection")
 	}
-	defer client.Close()
+	defer api.Close()
 
 	store := c.ClientStore()
 	controllerName := c.ControllerName()
-	accountName, err := store.CurrentAccount(controllerName)
+	controllerDetails, err := store.ControllerByName(controllerName)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	currentAccount, err := store.AccountByName(controllerName, accountName)
+	accountDetails, err := store.AccountDetails(controllerName)
 	if err != nil {
 		return errors.Trace(err)
 	}
 
-	modelOwner := currentAccount.User
+	modelOwner := accountDetails.User
 	if c.Owner != "" {
 		if !names.IsValidUser(c.Owner) {
 			return errors.Errorf("%q is not a valid user name", c.Owner)
 		}
 		modelOwner = names.NewUserTag(c.Owner).Canonical()
 	}
+	forUserSuffix := fmt.Sprintf(" for user '%s'", names.NewUserTag(modelOwner).Name())
 
-	serverSkeleton, err := client.ConfigSkeleton(c.CloudType, "")
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	attrs, err := c.getConfigValues(ctx, serverSkeleton)
+	attrs, err := c.getConfigValues(ctx)
 	if err != nil {
 		return errors.Trace(err)
 	}
 
-	accountDetails := map[string]interface{}{}
+	// If the user has specified a credential, then we will upload it if
+	// it doesn't already exist in the controller, and it exists locally.
 	if c.CredentialName != "" {
-		cred, _, _, err := modelcmd.GetCredentials(
-			c.credentialStore, "", c.CredentialName, c.CloudName, c.CloudType,
-		)
+		cloudClient := c.newCloudAPI(api)
+		modelOwnerTag := names.NewUserTag(modelOwner)
+
+		defaults, err := cloudClient.CloudDefaults(modelOwnerTag)
+		if err != nil {
+			return errors.Trace(err)
+		}
+		cloudTag := names.NewCloudTag(defaults.Cloud)
+		credentials, err := cloudClient.Credentials(modelOwnerTag, cloudTag)
 		if err != nil {
 			return errors.Trace(err)
 		}
-		for k, v := range cred.Attributes() {
-			accountDetails[k] = v
+
+		if _, ok := credentials[c.CredentialName]; !ok {
+			cloudDetails, err := cloudClient.Cloud(cloudTag)
+			if err != nil {
+				return errors.Trace(err)
+			}
+			credential, _, _, err := modelcmd.GetCredentials(
+				store, c.CloudRegion, c.CredentialName,
+				cloudTag.Id(), cloudDetails.Type,
+			)
+			if err != nil {
+				return errors.Trace(err)
+			}
+			ctx.Infof("uploading credential '%s' to controller%s", c.CredentialName, forUserSuffix)
+			credentials = map[string]cloud.Credential{c.CredentialName: *credential}
+			if err := cloudClient.UpdateCredentials(modelOwnerTag, cloudTag, credentials); err != nil {
+				return errors.Trace(err)
+			}
+		} else {
+			ctx.Infof("using credential '%s' cached in controller", c.CredentialName)
 		}
 	}
-	model, err := client.CreateModel(modelOwner, accountDetails, attrs)
+
+	addModelClient := c.newAddModelAPI(api)
+	model, err := addModelClient.CreateModel(c.Name, modelOwner, c.CloudRegion, c.CredentialName, attrs)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	if modelOwner == currentAccount.User {
+
+	messageFormat := "Added '%s' model"
+	messageArgs := []interface{}{c.Name}
+
+	if modelOwner == accountDetails.User {
 		controllerName := c.ControllerName()
-		accountName := c.AccountName()
-		if err := store.UpdateModel(controllerName, accountName, c.Name, jujuclient.ModelDetails{
+		if err := store.UpdateModel(controllerName, c.Name, jujuclient.ModelDetails{
 			model.UUID,
 		}); err != nil {
 			return errors.Trace(err)
 		}
-		if err := store.SetCurrentModel(controllerName, accountName, c.Name); err != nil {
+		if err := store.SetCurrentModel(controllerName, c.Name); err != nil {
 			return errors.Trace(err)
 		}
-		ctx.Infof("added model %q", c.Name)
-	} else {
-		ctx.Infof("added model %q for %q", c.Name, c.Owner)
+	}
+
+	if model.CloudRegion != "" {
+		messageFormat += " on %s/%s"
+		messageArgs = append(messageArgs, controllerDetails.Cloud, model.CloudRegion)
+	}
+	if model.CloudCredential != "" {
+		messageFormat += " with credential '%s'"
+		messageArgs = append(messageArgs, model.CloudCredential)
+	}
+
+	messageFormat += forUserSuffix
+
+	// lp#1594335
+	// "Added '<model>' model [on <cloud>/<region>] [with credential '<credential>'] for user '<user namePart>'"
+	ctx.Infof(messageFormat, messageArgs...)
+
+	if _, ok := attrs[config.AuthorizedKeysKey]; !ok {
+		// It is not an error to have no authorized-keys when adding a
+		// model, though this should never happen since we generate
+		// juju-specific SSH keys.
+		ctx.Infof(`
+No SSH authorized-keys were found. You must use "juju add-ssh-key"
+before "juju ssh", "juju scp", or "juju debug-hooks" will work.`)
 	}
 
 	return nil
 }
 
-func (c *addModelCommand) getConfigValues(ctx *cmd.Context, serverSkeleton params.ModelConfig) (map[string]interface{}, error) {
-	configValues := make(map[string]interface{})
-	for key, value := range serverSkeleton {
-		configValues[key] = value
-	}
-	configAttr, err := c.Config.ReadAttrs(ctx)
+func (c *addModelCommand) getConfigValues(ctx *cmd.Context) (map[string]interface{}, error) {
+	configValues, err := c.Config.ReadAttrs(ctx)
 	if err != nil {
 		return nil, errors.Annotate(err, "unable to parse config")
 	}
-	for key, value := range configAttr {
-		configValues[key] = value
-	}
-	configValues["name"] = c.Name
 	coercedValues, err := common.ConformYAML(configValues)
 	if err != nil {
 		return nil, errors.Annotatef(err, "unable to parse config")
 	}
-	stringParams, ok := coercedValues.(map[string]interface{})
+	attrs, ok := coercedValues.(map[string]interface{})
 	if !ok {
 		return nil, errors.New("params must contain a YAML map with string keys")
 	}
-
-	return stringParams, nil
+	if err := common.FinalizeAuthorizedKeys(ctx, attrs); err != nil {
+		if errors.Cause(err) != common.ErrNoAuthorizedKeys {
+			return nil, errors.Trace(err)
+		}
+	}
+	return attrs, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/addmodel_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/addmodel_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/addmodel_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/addmodel_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,9 +1,10 @@
-// Copyright 2015 Canonical Ltd.
+// Copyright 2016 Canonical Ltd.
 // Licensed under the AGPLv3, see LICENCE file for details.
 
 package controller_test
 
 import (
+	"fmt"
 	"io/ioutil"
 
 	"github.com/juju/cmd"
@@ -13,47 +14,45 @@
 	gc "gopkg.in/check.v1"
 	"gopkg.in/yaml.v2"
 
+	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cmd/juju/controller"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	_ "github.com/juju/juju/provider/ec2"
 	"github.com/juju/juju/testing"
+	"gopkg.in/juju/names.v2"
 )
 
 type addSuite struct {
 	testing.FakeJujuXDGDataHomeSuite
-	fake  *fakeCreateClient
-	store *jujuclienttesting.MemStore
+	fakeAddModelAPI *fakeAddClient
+	fakeCloundAPI   *fakeCloudAPI
+	store           *jujuclienttesting.MemStore
 }
 
 var _ = gc.Suite(&addSuite{})
 
 func (s *addSuite) SetUpTest(c *gc.C) {
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
-	s.fake = &fakeCreateClient{
-		model: params.Model{
+	s.fakeAddModelAPI = &fakeAddClient{
+		model: params.ModelInfo{
 			Name:     "test",
 			UUID:     "fake-model-uuid",
 			OwnerTag: "ignored-for-now",
 		},
 	}
+	s.fakeCloundAPI = &fakeCloudAPI{}
 
 	// Set up the current controller, and write just enough info
 	// so we don't try to refresh
-	controllerName := "local.test-master"
-	err := modelcmd.WriteCurrentController(controllerName)
-	c.Assert(err, jc.ErrorIsNil)
-
+	controllerName := "test-master"
 	s.store = jujuclienttesting.NewMemStore()
-	s.store.Controllers["local.test-master"] = jujuclient.ControllerDetails{}
-	s.store.Accounts[controllerName] = &jujuclient.ControllerAccounts{
-		Accounts: map[string]jujuclient.AccountDetails{
-			"bob@local": {User: "bob@local"},
-		},
-		CurrentAccount: "bob@local",
+	s.store.CurrentControllerName = controllerName
+	s.store.Controllers[controllerName] = jujuclient.ControllerDetails{}
+	s.store.Accounts[controllerName] = jujuclient.AccountDetails{
+		User: "bob@local",
 	}
 	s.store.Credentials["aws"] = cloud.CloudCredential{
 		AuthCredentials: map[string]cloud.Credential{
@@ -65,13 +64,21 @@
 	}
 }
 
+type fakeAPIConnection struct {
+	api.Connection
+}
+
+func (*fakeAPIConnection) Close() error {
+	return nil
+}
+
 func (s *addSuite) run(c *gc.C, args ...string) (*cmd.Context, error) {
-	command, _ := controller.NewAddModelCommandForTest(s.fake, s.store, s.store)
+	command, _ := controller.NewAddModelCommandForTest(&fakeAPIConnection{}, s.fakeAddModelAPI, s.fakeCloundAPI, s.store)
 	return testing.RunCommand(c, command, args...)
 }
 
 func (s *addSuite) TestInit(c *gc.C) {
-
+	modelNameErr := "%q is not a valid name: model names may only contain lowercase letters, digits and hyphens"
 	for i, test := range []struct {
 		args   []string
 		err    string
@@ -85,6 +92,21 @@
 			args: []string{"new-model"},
 			name: "new-model",
 		}, {
+			args: []string{"n"},
+			name: "n",
+		}, {
+			args: []string{"new model"},
+			err:  fmt.Sprintf(modelNameErr, "new model"),
+		}, {
+			args: []string{"newModel"},
+			err:  fmt.Sprintf(modelNameErr, "newModel"),
+		}, {
+			args: []string{"-"},
+			err:  fmt.Sprintf(modelNameErr, "-"),
+		}, {
+			args: []string{"new@model"},
+			err:  fmt.Sprintf(modelNameErr, "new@model"),
+		}, {
 			args:  []string{"new-model", "--owner", "foo"},
 			name:  "new-model",
 			owner: "foo",
@@ -92,16 +114,13 @@
 			args: []string{"new-model", "--owner", "not=valid"},
 			err:  `"not=valid" is not a valid user`,
 		}, {
-			args: []string{"new-model", "--credential", "secrets"},
-			err:  `invalid cloud credential secrets, expected <cloud>:<credential-name>`,
-		}, {
 			args:   []string{"new-model", "--config", "key=value", "--config", "key2=value2"},
 			name:   "new-model",
 			values: map[string]interface{}{"key": "value", "key2": "value2"},
 		},
 	} {
 		c.Logf("test %d", i)
-		wrappedCommand, command := controller.NewAddModelCommandForTest(nil, s.store, s.store)
+		wrappedCommand, command := controller.NewAddModelCommandForTest(nil, nil, nil, s.store)
 		err := testing.InitCommand(wrappedCommand, test.args)
 		if test.err != "" {
 			c.Assert(err, gc.ErrorMatches, test.err)
@@ -126,7 +145,7 @@
 	// controller will error out if the model already exists. Overwriting
 	// means we'll replace any stale details from an previously existing
 	// model with the same name.
-	err := s.store.UpdateModel("local.test-master", "bob@local", "test", jujuclient.ModelDetails{
+	err := s.store.UpdateModel("test-master", "test", jujuclient.ModelDetails{
 		"stale-uuid",
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -134,28 +153,26 @@
 	_, err = s.run(c, "test")
 	c.Assert(err, jc.ErrorIsNil)
 
-	details, err := s.store.ModelByName("local.test-master", "bob@local", "test")
+	details, err := s.store.ModelByName("test-master", "test")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(details, jc.DeepEquals, &jujuclient.ModelDetails{"fake-model-uuid"})
 }
 
 func (s *addSuite) TestCredentialsPassedThrough(c *gc.C) {
-	_, err := s.run(c, "test", "--credential", "aws:secrets")
+	c.Skip("TODO(wallyworld) - port to using new credential management")
+	_, err := s.run(c, "test", "--credential", "secrets")
 	c.Assert(err, jc.ErrorIsNil)
 
-	c.Assert(s.fake.config["type"], gc.Equals, "ec2")
-	c.Assert(s.fake.account, jc.DeepEquals, map[string]interface{}{
-		"access-key": "key",
-		"secret-key": "sekret",
-	})
+	c.Assert(s.fakeAddModelAPI.cloudCredential, gc.Equals, "secrets")
+	c.Assert(s.fakeAddModelAPI.config["type"], gc.Equals, "ec2")
 }
 
 func (s *addSuite) TestComandLineConfigPassedThrough(c *gc.C) {
 	_, err := s.run(c, "test", "--config", "account=magic", "--config", "cloud=special")
 	c.Assert(err, jc.ErrorIsNil)
 
-	c.Assert(s.fake.config["account"], gc.Equals, "magic")
-	c.Assert(s.fake.config["cloud"], gc.Equals, "special")
+	c.Assert(s.fakeAddModelAPI.config["account"], gc.Equals, "magic")
+	c.Assert(s.fakeAddModelAPI.config["cloud"], gc.Equals, "special")
 }
 
 func (s *addSuite) TestConfigFileValuesPassedThrough(c *gc.C) {
@@ -172,8 +189,8 @@
 
 	_, err = s.run(c, "test", "--config", file.Name())
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.config["account"], gc.Equals, "magic")
-	c.Assert(s.fake.config["cloud"], gc.Equals, "9")
+	c.Assert(s.fakeAddModelAPI.config["account"], gc.Equals, "magic")
+	c.Assert(s.fakeAddModelAPI.config["cloud"], gc.Equals, "9")
 }
 
 func (s *addSuite) TestConfigFileWithNestedMaps(c *gc.C) {
@@ -195,8 +212,8 @@
 
 	_, err = s.run(c, "test", "--config", file.Name())
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.config["foo"], gc.Equals, "bar")
-	c.Assert(s.fake.config["nested"], jc.DeepEquals, nestedConfig)
+	c.Assert(s.fakeAddModelAPI.config["foo"], gc.Equals, "bar")
+	c.Assert(s.fakeAddModelAPI.config["nested"], jc.DeepEquals, nestedConfig)
 }
 
 func (s *addSuite) TestConfigFileFailsToConform(c *gc.C) {
@@ -248,17 +265,17 @@
 
 	_, err = s.run(c, "test", "--config", file.Name(), "--config", "account=magic", "--config", "cloud=special")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.config["account"], gc.Equals, "magic")
-	c.Assert(s.fake.config["cloud"], gc.Equals, "special")
+	c.Assert(s.fakeAddModelAPI.config["account"], gc.Equals, "magic")
+	c.Assert(s.fakeAddModelAPI.config["cloud"], gc.Equals, "special")
 }
 
 func (s *addSuite) TestAddErrorRemoveConfigstoreInfo(c *gc.C) {
-	s.fake.err = errors.New("bah humbug")
+	s.fakeAddModelAPI.err = errors.New("bah humbug")
 
 	_, err := s.run(c, "test")
 	c.Assert(err, gc.ErrorMatches, "bah humbug")
 
-	_, err = s.store.ModelByName("local.test-master", "bob@local", "test")
+	_, err = s.store.ModelByName("test-master", "test")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
@@ -266,7 +283,7 @@
 	_, err := s.run(c, "test")
 	c.Assert(err, jc.ErrorIsNil)
 
-	model, err := s.store.ModelByName("local.test-master", "bob@local", "test")
+	model, err := s.store.ModelByName("test-master", "test")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(model, jc.DeepEquals, &jujuclient.ModelDetails{"fake-model-uuid"})
 }
@@ -276,43 +293,49 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Creating a model for another user does not update the model cache.
-	_, err = s.store.ModelByName("local.test-master", "bob@local", "test")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	_, err = s.store.ModelByName("local.test-master", "zeus@local", "test")
+	_, err = s.store.ModelByName("test-master", "test")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
-// fakeCreateClient is used to mock out the behavior of the real
-// CreateModel command.
-type fakeCreateClient struct {
-	owner   string
-	account map[string]interface{}
-	config  map[string]interface{}
-	err     error
-	model   params.Model
+// fakeAddClient is used to mock out the behavior of the real
+// AddModel command.
+type fakeAddClient struct {
+	owner           string
+	cloudRegion     string
+	cloudCredential string
+	config          map[string]interface{}
+	err             error
+	model           params.ModelInfo
 }
 
-var _ controller.CreateModelAPI = (*fakeCreateClient)(nil)
+var _ controller.AddModelAPI = (*fakeAddClient)(nil)
 
-func (*fakeCreateClient) Close() error {
+func (*fakeAddClient) Close() error {
 	return nil
 }
 
-func (*fakeCreateClient) ConfigSkeleton(provider, region string) (params.ModelConfig, error) {
-	if provider == "" {
-		provider = "dummy"
-	}
-	return params.ModelConfig{
-		"type":       provider,
-		"controller": false,
-	}, nil
-}
-func (f *fakeCreateClient) CreateModel(owner string, account, config map[string]interface{}) (params.Model, error) {
+func (f *fakeAddClient) CreateModel(name, owner, cloudRegion, cloudCredential string, config map[string]interface{}) (params.ModelInfo, error) {
 	if f.err != nil {
-		return params.Model{}, f.err
+		return params.ModelInfo{}, f.err
 	}
 	f.owner = owner
-	f.account = account
+	f.cloudCredential = cloudCredential
+	f.cloudRegion = cloudRegion
 	f.config = config
 	return f.model, nil
 }
+
+// TODO(wallyworld) - improve this stub and add test asserts
+type fakeCloudAPI struct {
+	controller.CloudAPI
+}
+
+func (c *fakeCloudAPI) Credentials(names.UserTag, names.CloudTag) (map[string]cloud.Credential, error) {
+	return map[string]cloud.Credential{
+		"default": cloud.NewEmptyCredential(),
+	}, nil
+}
+
+func (c *fakeCloudAPI) UpdateCredentials(names.UserTag, names.CloudTag, map[string]cloud.Credential) error {
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/destroy.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/destroy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/destroy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/destroy.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/base"
@@ -66,7 +66,7 @@
 
 var destroySysMsg = `
 WARNING! This command will destroy the %q controller.
-This includes all machines, services, data and other resources.
+This includes all machines, applications, data and other resources.
 
 Continue [y/N]? `[1:]
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/destroy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/destroy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/destroy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/destroy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,16 +9,17 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/controller"
 	"github.com/juju/juju/cmd/modelcmd"
 	cmdtesting "github.com/juju/juju/cmd/testing"
+	jujucontroller "github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
@@ -96,20 +97,19 @@
 
 // fakeDestroyAPIClient mocks out the client API
 type fakeDestroyAPIClient struct {
-	err           error
-	env           map[string]interface{}
-	envgetcalled  bool
-	destroycalled bool
+	err            error
+	modelgetcalled bool
+	destroycalled  bool
 }
 
 func (f *fakeDestroyAPIClient) Close() error { return nil }
 
 func (f *fakeDestroyAPIClient) ModelGet() (map[string]interface{}, error) {
-	f.envgetcalled = true
+	f.modelgetcalled = true
 	if f.err != nil {
 		return nil, f.err
 	}
-	return f.env, nil
+	return map[string]interface{}{}, nil
 }
 
 func (f *fakeDestroyAPIClient) DestroyModel() error {
@@ -119,13 +119,16 @@
 
 func createBootstrapInfo(c *gc.C, name string) map[string]interface{} {
 	cfg, err := config.New(config.UseDefaults, map[string]interface{}{
-		"type":            "dummy",
-		"name":            name,
-		"uuid":            testing.ModelTag.Id(),
-		"controller-uuid": testing.ModelTag.Id(),
-		"controller":      "true",
+		"type":       "dummy",
+		"name":       name,
+		"uuid":       testing.ModelTag.Id(),
+		"controller": "true",
 	})
 	c.Assert(err, jc.ErrorIsNil)
+
+	// TODO(wallyworld) - we need to separate controller and model schemas
+	cfg, err = cfg.Remove(jujucontroller.ControllerOnlyConfigAttributes)
+	c.Assert(err, jc.ErrorIsNil)
 	return cfg.AllAttrs()
 }
 
@@ -139,7 +142,7 @@
 	s.apierror = nil
 
 	s.store = jujuclienttesting.NewMemStore()
-	s.store.Controllers["local.test1"] = jujuclient.ControllerDetails{
+	s.store.Controllers["test1"] = jujuclient.ControllerDetails{
 		APIEndpoints:   []string{"localhost"},
 		CACert:         testing.CACert,
 		ControllerUUID: test1UUID,
@@ -149,8 +152,8 @@
 		CACert:         testing.CACert,
 		ControllerUUID: test3UUID,
 	}
-	s.store.Accounts["local.test1"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts["test1"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 
 	var modelList = []struct {
@@ -160,7 +163,7 @@
 		bootstrapCfg map[string]interface{}
 	}{
 		{
-			name:         "local.test1:admin",
+			name:         "test1:admin",
 			serverUUID:   test1UUID,
 			modelUUID:    test1UUID,
 			bootstrapCfg: createBootstrapInfo(c, "admin"),
@@ -181,7 +184,7 @@
 			APIEndpoints:   []string{"localhost"},
 			CACert:         testing.CACert,
 		})
-		s.store.UpdateModel(controllerName, "admin@local", modelName, jujuclient.ModelDetails{
+		s.store.UpdateModel(controllerName, modelName, jujuclient.ModelDetails{
 			ModelUUID: model.modelUUID,
 		})
 		if model.bootstrapCfg != nil {
@@ -245,27 +248,27 @@
 }
 
 func (s *DestroySuite) TestDestroyControllerNotFoundNotRemovedFromStore(c *gc.C) {
-	s.apierror = errors.NotFoundf("local.test1")
-	_, err := s.runDestroyCommand(c, "local.test1", "-y")
-	c.Assert(err, gc.ErrorMatches, "cannot connect to API: local.test1 not found")
+	s.apierror = errors.NotFoundf("test1")
+	_, err := s.runDestroyCommand(c, "test1", "-y")
+	c.Assert(err, gc.ErrorMatches, "cannot connect to API: test1 not found")
 	c.Check(c.GetTestLog(), jc.Contains, "If the controller is unusable")
-	checkControllerExistsInStore(c, "local.test1", s.store)
+	checkControllerExistsInStore(c, "test1", s.store)
 }
 
 func (s *DestroySuite) TestDestroyCannotConnectToAPI(c *gc.C) {
 	s.apierror = errors.New("connection refused")
-	_, err := s.runDestroyCommand(c, "local.test1", "-y")
+	_, err := s.runDestroyCommand(c, "test1", "-y")
 	c.Assert(err, gc.ErrorMatches, "cannot connect to API: connection refused")
 	c.Check(c.GetTestLog(), jc.Contains, "If the controller is unusable")
-	checkControllerExistsInStore(c, "local.test1", s.store)
+	checkControllerExistsInStore(c, "test1", s.store)
 }
 
 func (s *DestroySuite) TestDestroy(c *gc.C) {
-	_, err := s.runDestroyCommand(c, "local.test1", "-y")
+	_, err := s.runDestroyCommand(c, "test1", "-y")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.api.destroyAll, jc.IsFalse)
 	c.Assert(s.clientapi.destroycalled, jc.IsFalse)
-	checkControllerRemovedFromStore(c, "local.test1", s.store)
+	checkControllerRemovedFromStore(c, "test1", s.store)
 }
 
 func (s *DestroySuite) TestDestroyAlias(c *gc.C) {
@@ -273,14 +276,14 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.api.destroyAll, jc.IsFalse)
 	c.Assert(s.clientapi.destroycalled, jc.IsFalse)
-	checkControllerRemovedFromStore(c, "local.test1", s.store)
+	checkControllerRemovedFromStore(c, "test1", s.store)
 }
 
 func (s *DestroySuite) TestDestroyWithDestroyAllEnvsFlag(c *gc.C) {
-	_, err := s.runDestroyCommand(c, "local.test1", "-y", "--destroy-all-models")
+	_, err := s.runDestroyCommand(c, "test1", "-y", "--destroy-all-models")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.api.destroyAll, jc.IsTrue)
-	checkControllerRemovedFromStore(c, "local.test1", s.store)
+	checkControllerRemovedFromStore(c, "test1", s.store)
 }
 
 func (s *DestroySuite) TestDestroyControllerGetFails(c *gc.C) {
@@ -294,10 +297,10 @@
 
 func (s *DestroySuite) TestFailedDestroyController(c *gc.C) {
 	s.api.SetErrors(errors.New("permission denied"))
-	_, err := s.runDestroyCommand(c, "local.test1", "-y")
+	_, err := s.runDestroyCommand(c, "test1", "-y")
 	c.Assert(err, gc.ErrorMatches, "cannot destroy controller: permission denied")
 	c.Assert(s.api.destroyAll, jc.IsFalse)
-	checkControllerExistsInStore(c, "local.test1", s.store)
+	checkControllerExistsInStore(c, "test1", s.store)
 }
 
 func (s *DestroySuite) TestDestroyControllerAliveModels(c *gc.C) {
@@ -306,8 +309,8 @@
 		s.api.envStatus[uuid] = status
 	}
 	s.api.SetErrors(&params.Error{Code: params.CodeHasHostedModels})
-	_, err := s.runDestroyCommand(c, "local.test1", "-y")
-	c.Assert(err.Error(), gc.Equals, `cannot destroy controller "local.test1"
+	_, err := s.runDestroyCommand(c, "test1", "-y")
+	c.Assert(err.Error(), gc.Equals, `cannot destroy controller "test1"
 
 The controller has live hosted models. If you want
 to destroy all hosted models in the controller,
@@ -328,7 +331,7 @@
 	// and reattempt the destroy the controller; this time
 	// it succeeds.
 	s.api.SetErrors(&params.Error{Code: params.CodeHasHostedModels})
-	_, err := s.runDestroyCommand(c, "local.test1", "-y")
+	_, err := s.runDestroyCommand(c, "test1", "-y")
 	c.Assert(err, jc.ErrorIsNil)
 	s.api.CheckCallNames(c,
 		"DestroyController",
@@ -344,15 +347,15 @@
 }
 
 func (s *DestroySuite) resetController(c *gc.C) {
-	s.store.Controllers["local.test1"] = jujuclient.ControllerDetails{
+	s.store.Controllers["test1"] = jujuclient.ControllerDetails{
 		APIEndpoints:   []string{"localhost"},
 		CACert:         testing.CACert,
 		ControllerUUID: test1UUID,
 	}
-	s.store.Accounts["local.test1"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts["test1"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
-	s.store.BootstrapConfig["local.test1"] = jujuclient.BootstrapConfig{
+	s.store.BootstrapConfig["test1"] = jujuclient.BootstrapConfig{
 		Config: createBootstrapInfo(c, "admin"),
 	}
 }
@@ -365,50 +368,50 @@
 
 	// Ensure confirmation is requested if "-y" is not specified.
 	stdin.WriteString("n")
-	_, errc := cmdtesting.RunCommand(ctx, s.newDestroyCommand(), "local.test1")
+	_, errc := cmdtesting.RunCommand(ctx, s.newDestroyCommand(), "test1")
 	select {
 	case err := <-errc:
 		c.Check(err, gc.ErrorMatches, "controller destruction aborted")
 	case <-time.After(testing.LongWait):
 		c.Fatalf("command took too long")
 	}
-	c.Check(testing.Stdout(ctx), gc.Matches, "WARNING!.*local.test1(.|\n)*")
-	checkControllerExistsInStore(c, "local.test1", s.store)
+	c.Check(testing.Stdout(ctx), gc.Matches, "WARNING!.*test1(.|\n)*")
+	checkControllerExistsInStore(c, "test1", s.store)
 
 	// EOF on stdin: equivalent to answering no.
 	stdin.Reset()
 	stdout.Reset()
-	_, errc = cmdtesting.RunCommand(ctx, s.newDestroyCommand(), "local.test1")
+	_, errc = cmdtesting.RunCommand(ctx, s.newDestroyCommand(), "test1")
 	select {
 	case err := <-errc:
 		c.Check(err, gc.ErrorMatches, "controller destruction aborted")
 	case <-time.After(testing.LongWait):
 		c.Fatalf("command took too long")
 	}
-	c.Check(testing.Stdout(ctx), gc.Matches, "WARNING!.*local.test1(.|\n)*")
-	checkControllerExistsInStore(c, "local.test1", s.store)
+	c.Check(testing.Stdout(ctx), gc.Matches, "WARNING!.*test1(.|\n)*")
+	checkControllerExistsInStore(c, "test1", s.store)
 
 	for _, answer := range []string{"y", "Y", "yes", "YES"} {
 		stdin.Reset()
 		stdout.Reset()
 		stdin.WriteString(answer)
-		_, errc = cmdtesting.RunCommand(ctx, s.newDestroyCommand(), "local.test1")
+		_, errc = cmdtesting.RunCommand(ctx, s.newDestroyCommand(), "test1")
 		select {
 		case err := <-errc:
 			c.Check(err, jc.ErrorIsNil)
 		case <-time.After(testing.LongWait):
 			c.Fatalf("command took too long")
 		}
-		checkControllerRemovedFromStore(c, "local.test1", s.store)
+		checkControllerRemovedFromStore(c, "test1", s.store)
 
-		// Add the local.test1 controller back into the store for the next test
+		// Add the test1 controller back into the store for the next test
 		s.resetController(c)
 	}
 }
 
 func (s *DestroySuite) TestBlockedDestroy(c *gc.C) {
 	s.api.SetErrors(&params.Error{Code: params.CodeOperationBlocked})
-	s.runDestroyCommand(c, "local.test1", "-y")
+	s.runDestroyCommand(c, "test1", "-y")
 	testLog := c.GetTestLog()
 	c.Check(testLog, jc.Contains, "To remove all blocks in the controller, please run:")
 	c.Check(testLog, jc.Contains, "juju controller remove-blocks")
@@ -419,7 +422,7 @@
 		&params.Error{Code: params.CodeOperationBlocked},
 		errors.New("unexpected api error"),
 	)
-	s.runDestroyCommand(c, "local.test1", "-y")
+	s.runDestroyCommand(c, "test1", "-y")
 	testLog := c.GetTestLog()
 	c.Check(testLog, jc.Contains, "To remove all blocks in the controller, please run:")
 	c.Check(testLog, jc.Contains, "juju controller remove-blocks")
@@ -447,7 +450,7 @@
 			},
 		},
 	}
-	ctx, _ := s.runDestroyCommand(c, "local.test1", "-y", "--destroy-all-models")
+	ctx, _ := s.runDestroyCommand(c, "test1", "-y", "--destroy-all-models")
 	c.Assert(testing.Stderr(ctx), gc.Equals, "Destroying controller\n"+
 		"NAME   MODEL UUID                            OWNER         BLOCKS\n"+
 		"test1  1871299e-1370-4f3e-83ab-1849ed7b1076  cheryl@local  destroy-model\n"+
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,7 @@
 	"github.com/juju/utils/clock"
 
 	"github.com/juju/juju/api"
+	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 )
@@ -35,13 +36,19 @@
 // NewAddModelCommandForTest returns a AddModelCommand with
 // the api provided as specified.
 func NewAddModelCommandForTest(
-	api CreateModelAPI,
+	apiRoot api.Connection,
+	api AddModelAPI,
+	cloudAPI CloudAPI,
 	store jujuclient.ClientStore,
-	credentialStore jujuclient.CredentialStore,
 ) (cmd.Command, *AddModelCommand) {
 	c := &addModelCommand{
-		api:             api,
-		credentialStore: credentialStore,
+		apiRoot: apiRoot,
+		newAddModelAPI: func(caller base.APICallCloser) AddModelAPI {
+			return api
+		},
+		newCloudAPI: func(base.APICallCloser) CloudAPI {
+			return cloudAPI
+		},
 	}
 	c.SetClientStore(store)
 	return modelcmd.WrapController(c), &AddModelCommand{c}
@@ -60,7 +67,7 @@
 
 // NewRegisterCommandForTest returns a RegisterCommand with the function used
 // to open the API connection mocked out.
-func NewRegisterCommandForTest(apiOpen api.OpenFunc, refreshModels func(jujuclient.ClientStore, string, string) error, store jujuclient.ClientStore) *registerCommand {
+func NewRegisterCommandForTest(apiOpen api.OpenFunc, refreshModels func(jujuclient.ClientStore, string) error, store jujuclient.ClientStore) *registerCommand {
 	return &registerCommand{apiOpen: apiOpen, refreshModels: refreshModels, store: store}
 }
 
@@ -128,6 +135,14 @@
 	c.SetClientStore(store)
 	return modelcmd.WrapController(c)
 }
+
+// NewGetConfigCommandCommandForTest returns a GetConfigCommandCommand with
+// the api provided as specified.
+func NewGetConfigCommandForTest(api controllerAPI, store jujuclient.ClientStore) cmd.Command {
+	c := &getConfigCommand{api: api}
+	c.SetClientStore(store)
+	return modelcmd.WrapController(c)
+}
 
 type CtrData ctrData
 type ModelData modelData
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/getconfig.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/getconfig.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/getconfig.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/getconfig.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,99 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package controller
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/juju/cmd"
+	"launchpad.net/gnuflag"
+
+	"github.com/juju/errors"
+	apicontroller "github.com/juju/juju/api/controller"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/controller"
+)
+
+func NewGetConfigCommand() cmd.Command {
+	return modelcmd.WrapController(&getConfigCommand{})
+}
+
+// getConfigCommand is able to output either the entire environment or
+// the requested value in a format of the user's choosing.
+type getConfigCommand struct {
+	modelcmd.ControllerCommandBase
+	api controllerAPI
+	key string
+	out cmd.Output
+}
+
+const getControllerHelpDoc = `
+By default, all configuration (keys and values) for the controller are
+displayed if a key is not specified.
+
+Examples:
+
+    juju get-controller-config
+    juju get-controller-config api-port
+    juju get-controller-config -c mycontroller
+
+See also: controllers
+`
+
+func (c *getConfigCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "get-controller-config",
+		Args:    "[<attribute key>]",
+		Purpose: "Displays configuration settings for a controller.",
+		Doc:     strings.TrimSpace(getControllerHelpDoc),
+	}
+}
+
+func (c *getConfigCommand) SetFlags(f *gnuflag.FlagSet) {
+	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
+}
+
+func (c *getConfigCommand) Init(args []string) (err error) {
+	c.key, err = cmd.ZeroOrOneArgs(args)
+	return
+}
+
+type controllerAPI interface {
+	Close() error
+	ControllerConfig() (controller.Config, error)
+}
+
+func (c *getConfigCommand) getAPI() (controllerAPI, error) {
+	if c.api != nil {
+		return c.api, nil
+	}
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return apicontroller.NewClient(root), nil
+}
+
+func (c *getConfigCommand) Run(ctx *cmd.Context) error {
+	client, err := c.getAPI()
+	if err != nil {
+		return err
+	}
+	defer client.Close()
+
+	attrs, err := client.ControllerConfig()
+	if err != nil {
+		return err
+	}
+
+	if c.key != "" {
+		if value, found := attrs[c.key]; found {
+			return c.out.Write(ctx, value)
+		}
+		return fmt.Errorf("key %q not found in %q controller.", c.key, c.ControllerName())
+	}
+	// If key is empty, write out the whole lot.
+	return c.out.Write(ctx, attrs)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/getconfig_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/getconfig_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/getconfig_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/getconfig_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,104 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package controller_test
+
+import (
+	"strings"
+
+	"github.com/juju/cmd"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/errors"
+	"github.com/juju/juju/cmd/juju/controller"
+	jujucontroller "github.com/juju/juju/controller"
+	"github.com/juju/juju/testing"
+)
+
+type GetConfigSuite struct {
+	baseControllerSuite
+}
+
+var _ = gc.Suite(&GetConfigSuite{})
+
+func (s *GetConfigSuite) SetUpTest(c *gc.C) {
+	s.baseControllerSuite.SetUpTest(c)
+	s.createTestClientStore(c)
+}
+
+func (s *GetConfigSuite) run(c *gc.C, args ...string) (*cmd.Context, error) {
+	command := controller.NewGetConfigCommandForTest(&fakeControllerAPI{}, s.store)
+	return testing.RunCommand(c, command, args...)
+}
+
+func (s *GetConfigSuite) TestInit(c *gc.C) {
+	// zero or one args is fine.
+	err := testing.InitCommand(controller.NewGetConfigCommandForTest(&fakeControllerAPI{}, s.store), nil)
+	c.Check(err, jc.ErrorIsNil)
+	err = testing.InitCommand(controller.NewGetConfigCommandForTest(&fakeControllerAPI{}, s.store), []string{"one"})
+	c.Check(err, jc.ErrorIsNil)
+	// More than one is not allowed.
+	err = testing.InitCommand(controller.NewGetConfigCommandForTest(&fakeControllerAPI{}, s.store), []string{"one", "two"})
+	c.Check(err, gc.ErrorMatches, `unrecognized args: \["two"\]`)
+}
+
+func (s *GetConfigSuite) TestSingleValue(c *gc.C) {
+	context, err := s.run(c, "controller-uuid")
+	c.Assert(err, jc.ErrorIsNil)
+
+	output := strings.TrimSpace(testing.Stdout(context))
+	c.Assert(output, gc.Equals, "uuid")
+}
+
+func (s *GetConfigSuite) TestSingleValueJSON(c *gc.C) {
+	context, err := s.run(c, "--format=json", "controller-uuid")
+	c.Assert(err, jc.ErrorIsNil)
+
+	output := strings.TrimSpace(testing.Stdout(context))
+	c.Assert(output, gc.Equals, `"uuid"`)
+}
+
+func (s *GetConfigSuite) TestAllValues(c *gc.C) {
+	context, err := s.run(c)
+	c.Assert(err, jc.ErrorIsNil)
+
+	output := strings.TrimSpace(testing.Stdout(context))
+	expected := "" +
+		"api-port: 1234\n" +
+		"controller-uuid: uuid"
+	c.Assert(output, gc.Equals, expected)
+}
+
+func (s *GetConfigSuite) TestAllValuesJSON(c *gc.C) {
+	context, err := s.run(c, "--format=json")
+	c.Assert(err, jc.ErrorIsNil)
+
+	output := strings.TrimSpace(testing.Stdout(context))
+	expected := `{"api-port":1234,"controller-uuid":"uuid"}`
+	c.Assert(output, gc.Equals, expected)
+}
+
+func (s *GetConfigSuite) TestError(c *gc.C) {
+	command := controller.NewGetConfigCommandForTest(&fakeControllerAPI{err: errors.New("error")}, s.store)
+	_, err := testing.RunCommand(c, command)
+	c.Assert(err, gc.ErrorMatches, "error")
+}
+
+type fakeControllerAPI struct {
+	err error
+}
+
+func (f *fakeControllerAPI) Close() error {
+	return nil
+}
+
+func (f *fakeControllerAPI) ControllerConfig() (jujucontroller.Config, error) {
+	if f.err != nil {
+		return nil, f.err
+	}
+	return map[string]interface{}{
+		"controller-uuid": "uuid",
+		"api-port":        1234,
+	}, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/kill.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/kill.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/kill.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/kill.go	2016-07-18 19:45:44.000000000 +0000
@@ -64,14 +64,14 @@
 	return &cmd.Info{
 		Name:    "kill-controller",
 		Args:    "<controller name>",
-		Purpose: "forcibly terminate all machines and other associated resources for a juju controller",
+		Purpose: "Forcibly terminate all machines and other associated resources for a Juju controller.",
 		Doc:     killDoc,
 	}
 }
 
 // SetFlags implements Command.SetFlags.
 func (c *killCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.assumeYes, "y", false, "do not ask for confirmation")
+	f.BoolVar(&c.assumeYes, "y", false, "Do not ask for confirmation")
 	f.BoolVar(&c.assumeYes, "yes", false, "")
 }
 
@@ -115,7 +115,6 @@
 	if err != nil {
 		return errors.Annotate(err, "getting controller environ")
 	}
-
 	// If we were unable to connect to the API, just destroy the controller through
 	// the environs interface.
 	if api == nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/killstatus.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/killstatus.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/killstatus.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/killstatus.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 type ctrData struct {
@@ -150,7 +150,7 @@
 	}
 
 	if serviceNo := data.ServiceCount; serviceNo > 0 {
-		out += fmt.Sprintf(", %d service%s", serviceNo, s(serviceNo))
+		out += fmt.Sprintf(", %d application%s", serviceNo, s(serviceNo))
 	}
 
 	return out
@@ -164,7 +164,7 @@
 	}
 
 	if serviceNo := data.ServiceCount; serviceNo > 0 {
-		out += fmt.Sprintf(", %d service%s", serviceNo, s(serviceNo))
+		out += fmt.Sprintf(", %d application%s", serviceNo, s(serviceNo))
 	}
 
 	return out
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/kill_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/kill_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/kill_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/kill_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
@@ -63,18 +63,18 @@
 
 func (s *KillSuite) TestKillCannotConnectToAPISucceeds(c *gc.C) {
 	s.apierror = errors.New("connection refused")
-	ctx, err := s.runKillCommand(c, "local.test1", "-y")
+	ctx, err := s.runKillCommand(c, "test1", "-y")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(testing.Stderr(ctx), jc.Contains, "Unable to open API: connection refused")
-	checkControllerRemovedFromStore(c, "local.test1", s.store)
+	checkControllerRemovedFromStore(c, "test1", s.store)
 }
 
 func (s *KillSuite) TestKillWithAPIConnection(c *gc.C) {
-	_, err := s.runKillCommand(c, "local.test1", "-y")
+	_, err := s.runKillCommand(c, "test1", "-y")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.api.destroyAll, jc.IsTrue)
 	c.Assert(s.clientapi.destroycalled, jc.IsFalse)
-	checkControllerRemovedFromStore(c, "local.test1", s.store)
+	checkControllerRemovedFromStore(c, "test1", s.store)
 }
 
 func (s *KillSuite) TestKillEnvironmentGetFailsWithoutAPIConnection(c *gc.C) {
@@ -98,11 +98,11 @@
 
 func (s *KillSuite) TestKillDestroysControllerWithAPIError(c *gc.C) {
 	s.api.SetErrors(errors.New("some destroy error"))
-	ctx, err := s.runKillCommand(c, "local.test1", "-y")
+	ctx, err := s.runKillCommand(c, "test1", "-y")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(testing.Stderr(ctx), jc.Contains, "Unable to destroy controller through the API: some destroy error.  Destroying through provider.")
 	c.Assert(s.api.destroyAll, jc.IsTrue)
-	checkControllerRemovedFromStore(c, "local.test1", s.store)
+	checkControllerRemovedFromStore(c, "test1", s.store)
 }
 
 func (s *KillSuite) TestKillCommandConfirmation(c *gc.C) {
@@ -114,31 +114,31 @@
 
 	// Ensure confirmation is requested if "-y" is not specified.
 	stdin.WriteString("n")
-	_, errc := cmdtesting.RunCommand(ctx, s.newKillCommand(), "local.test1")
+	_, errc := cmdtesting.RunCommand(ctx, s.newKillCommand(), "test1")
 	select {
 	case err := <-errc:
 		c.Check(err, gc.ErrorMatches, "controller destruction aborted")
 	case <-time.After(testing.LongWait):
 		c.Fatalf("command took too long")
 	}
-	c.Check(testing.Stdout(ctx), gc.Matches, "WARNING!.*local.test1(.|\n)*")
-	checkControllerExistsInStore(c, "local.test1", s.store)
+	c.Check(testing.Stdout(ctx), gc.Matches, "WARNING!.*test1(.|\n)*")
+	checkControllerExistsInStore(c, "test1", s.store)
 }
 
 func (s *KillSuite) TestKillCommandControllerAlias(c *gc.C) {
-	_, err := testing.RunCommand(c, s.newKillCommand(), "local.test1", "-y")
+	_, err := testing.RunCommand(c, s.newKillCommand(), "test1", "-y")
 	c.Assert(err, jc.ErrorIsNil)
-	checkControllerRemovedFromStore(c, "local.test1:test1", s.store)
+	checkControllerRemovedFromStore(c, "test1:test1", s.store)
 }
 
 func (s *KillSuite) TestKillAPIPermErrFails(c *gc.C) {
-	testDialer := func(_ jujuclient.ClientStore, controllerName, accountName, modelName string) (api.Connection, error) {
+	testDialer := func(_ jujuclient.ClientStore, controllerName, modelName string) (api.Connection, error) {
 		return nil, common.ErrPerm
 	}
 	cmd := controller.NewKillCommandForTest(nil, nil, s.store, nil, clock.WallClock, modelcmd.OpenFunc(testDialer))
-	_, err := testing.RunCommand(c, cmd, "local.test1", "-y")
+	_, err := testing.RunCommand(c, cmd, "test1", "-y")
 	c.Assert(err, gc.ErrorMatches, "cannot destroy controller: permission denied")
-	checkControllerExistsInStore(c, "local.test1", s.store)
+	checkControllerExistsInStore(c, "test1", s.store)
 }
 
 func (s *KillSuite) TestKillEarlyAPIConnectionTimeout(c *gc.C) {
@@ -146,16 +146,16 @@
 
 	stop := make(chan struct{})
 	defer close(stop)
-	testDialer := func(_ jujuclient.ClientStore, controllerName, accountName, modelName string) (api.Connection, error) {
+	testDialer := func(_ jujuclient.ClientStore, controllerName, modelName string) (api.Connection, error) {
 		<-stop
 		return nil, errors.New("kill command waited too long")
 	}
 
 	cmd := controller.NewKillCommandForTest(nil, nil, s.store, nil, clock, modelcmd.OpenFunc(testDialer))
-	ctx, err := testing.RunCommand(c, cmd, "local.test1", "-y")
+	ctx, err := testing.RunCommand(c, cmd, "test1", "-y")
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(testing.Stderr(ctx), jc.Contains, "Unable to open API: open connection timed out")
-	checkControllerRemovedFromStore(c, "local.test1", s.store)
+	checkControllerRemovedFromStore(c, "test1", s.store)
 	// Check that we were actually told to wait for 10s.
 	c.Assert(clock.wait, gc.Equals, 10*time.Second)
 }
@@ -244,7 +244,7 @@
 		8,
 	}
 	out := controller.FmtCtrStatus(data)
-	c.Assert(out, gc.Equals, "Waiting on 3 models, 20 machines, 8 services")
+	c.Assert(out, gc.Equals, "Waiting on 3 models, 20 machines, 8 applications")
 }
 
 func (s *KillSuite) TestFmtEnvironStatus(c *gc.C) {
@@ -258,5 +258,5 @@
 	}
 
 	out := controller.FmtModelStatus(data)
-	c.Assert(out, gc.Equals, "\towner@local/envname (dying), 8 machines, 1 service")
+	c.Assert(out, gc.Equals, "\towner@local/envname (dying), 8 machines, 1 application")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listblocks.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listblocks.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listblocks.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listblocks.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,7 +28,7 @@
 var listBlocksDoc = `List all blocks for models within the specified controller`
 
 // listBlocksAPI defines the methods on the controller API endpoint
-// that the list-blocks command calls.
+// that the blocks command calls.
 type listBlocksAPI interface {
 	Close() error
 	ListBlockedModels() ([]params.ModelBlockInfo, error)
@@ -37,9 +37,10 @@
 // Info implements Command.Info.
 func (c *listBlocksCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-all-blocks",
-		Purpose: "list all blocks within the controller",
+		Name:    "blocks",
+		Purpose: "List all blocks within the controller.",
 		Doc:     listBlocksDoc,
+		Aliases: []string{"list-all-blocks", "list-blocks"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollersconverters.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollersconverters.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollersconverters.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollersconverters.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,6 +26,8 @@
 	ControllerUUID string   `yaml:"uuid" json:"uuid"`
 	APIEndpoints   []string `yaml:"api-endpoints,flow" json:"api-endpoints"`
 	CACert         string   `yaml:"ca-cert" json:"ca-cert"`
+	Cloud          string   `yaml:"cloud" json:"cloud"`
+	CloudRegion    string   `yaml:"region,omitempty" json:"region,omitempty"`
 }
 
 // convertControllerDetails takes a map of Controllers and
@@ -51,28 +53,25 @@
 			serverName = details.APIEndpoints[0]
 		}
 
-		var userName, modelName string
-		accountName, err := c.store.CurrentAccount(controllerName)
+		var userName string
+		accountDetails, err := c.store.AccountDetails(controllerName)
 		if err != nil {
 			if !errors.IsNotFound(err) {
-				addError("account name", controllerName, err)
-				continue
-			}
-		} else {
-			currentAccount, err := c.store.AccountByName(controllerName, accountName)
-			if err != nil {
 				addError("account details", controllerName, err)
 				continue
 			}
-			userName = currentAccount.User
+		} else {
+			userName = accountDetails.User
+		}
 
-			currentModel, err := c.store.CurrentModel(controllerName, accountName)
-			if err != nil {
-				if !errors.IsNotFound(err) {
-					addError("model", controllerName, err)
-					continue
-				}
+		var modelName string
+		currentModel, err := c.store.CurrentModel(controllerName)
+		if err != nil {
+			if !errors.IsNotFound(err) {
+				addError("model", controllerName, err)
+				continue
 			}
+		} else {
 			modelName = currentModel
 		}
 
@@ -83,6 +82,8 @@
 			APIEndpoints:   details.APIEndpoints,
 			ControllerUUID: details.ControllerUUID,
 			CACert:         details.CACert,
+			Cloud:          details.Cloud,
+			CloudRegion:    details.CloudRegion,
 		}
 	}
 	return controllers, errs
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollersformatters.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollersformatters.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollersformatters.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollersformatters.go	2016-07-18 19:45:44.000000000 +0000
@@ -41,7 +41,7 @@
 		fmt.Fprintln(tw, strings.Join(values, "\t"))
 	}
 
-	print("CONTROLLER", "MODEL", "USER", "SERVER")
+	print("CONTROLLER", "MODEL", "USER", "CLOUD/REGION")
 
 	names := []string{}
 	for name, _ := range set.Controllers {
@@ -62,7 +62,11 @@
 		if name == set.CurrentController {
 			name += "*"
 		}
-		print(name, modelName, userName, c.Server)
+		cloudRegion := c.Cloud
+		if c.CloudRegion != "" {
+			cloudRegion += "/" + c.CloudRegion
+		}
+		print(name, modelName, userName, cloudRegion)
 	}
 	tw.Flush()
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollers.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollers.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,11 +23,11 @@
 default tabular output, the current controller is marked with an asterisk.
 
 Examples:
-    juju list-controllers
-    juju list-controllers --format json --output ~/tmp/controllers.json
+    juju controllers
+    juju controllers --format json --output ~/tmp/controllers.json
 
 See also:
-    list-models
+    models
     show-controller`[1:]
 
 // NewListControllersCommand returns a command to list registered controllers.
@@ -41,9 +41,10 @@
 // Info implements Command.Info
 func (c *listControllersCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-controllers",
+		Name:    "controllers",
 		Purpose: helpControllersSummary,
 		Doc:     helpControllersDetails,
+		Aliases: []string{"list-controllers"},
 	}
 }
 
@@ -67,15 +68,11 @@
 	if len(errs) > 0 {
 		fmt.Fprintln(ctx.Stderr, strings.Join(errs, "\n"))
 	}
-	currentController, err := modelcmd.ReadCurrentController()
-	if err != nil {
-		return errors.Annotate(err, "getting current controller")
-	}
-	if _, ok := controllers[currentController]; !ok {
-		// TODO(axw) move handling of current-controller to
-		// the jujuclient code, and make sure the file is
-		// kept in-sync with the controllers.yaml file.
+	currentController, err := c.store.CurrentController()
+	if errors.IsNotFound(err) {
 		currentController = ""
+	} else if err != nil {
+		return errors.Annotate(err, "getting current controller")
 	}
 	controllerSet := ControllerSet{
 		Controllers:       details,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollers_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollers_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listcontrollers_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listcontrollers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -25,7 +25,7 @@
 
 func (s *ListControllersSuite) TestListControllersEmptyStore(c *gc.C) {
 	s.expectedOutput = `
-CONTROLLER  MODEL  USER  SERVER
+CONTROLLER  MODEL  USER  CLOUD/REGION
 
 `[1:]
 
@@ -35,38 +35,47 @@
 
 func (s *ListControllersSuite) TestListControllers(c *gc.C) {
 	s.expectedOutput = `
-CONTROLLER                 MODEL     USER         SERVER
-local.aws-test             -         -            this-is-aws-test-of-many-api-endpoints
-local.mallards*            my-model  admin@local  this-is-another-of-many-api-endpoints
-local.mark-test-prodstack  -         -            this-is-one-of-many-api-endpoints
+CONTROLLER           MODEL     USER         CLOUD/REGION
+aws-test             admin     -            aws/us-east-1
+mallards*            my-model  admin@local  mallards/mallards1
+mark-test-prodstack  -         admin@local  prodstack
 
 `[1:]
 
-	s.createTestClientStore(c)
+	store := s.createTestClientStore(c)
+	delete(store.Accounts, "aws-test")
 	s.assertListControllers(c)
 }
 
 func (s *ListControllersSuite) TestListControllersYaml(c *gc.C) {
 	s.expectedOutput = `
 controllers:
-  local.aws-test:
+  aws-test:
+    current-model: admin
+    user: admin@local
     recent-server: this-is-aws-test-of-many-api-endpoints
     uuid: this-is-the-aws-test-uuid
     api-endpoints: [this-is-aws-test-of-many-api-endpoints]
     ca-cert: this-is-aws-test-ca-cert
-  local.mallards:
+    cloud: aws
+    region: us-east-1
+  mallards:
     current-model: my-model
     user: admin@local
     recent-server: this-is-another-of-many-api-endpoints
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
-  local.mark-test-prodstack:
+    cloud: mallards
+    region: mallards1
+  mark-test-prodstack:
+    user: admin@local
     recent-server: this-is-one-of-many-api-endpoints
     uuid: this-is-a-uuid
     api-endpoints: [this-is-one-of-many-api-endpoints]
     ca-cert: this-is-a-ca-cert
-current-controller: local.mallards
+    cloud: prodstack
+current-controller: mallards
 `[1:]
 
 	s.createTestClientStore(c)
@@ -82,28 +91,36 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result, jc.DeepEquals, controller.ControllerSet{
 		Controllers: map[string]controller.ControllerItem{
-			"local.aws-test": {
+			"aws-test": {
 				ControllerUUID: "this-is-the-aws-test-uuid",
+				ModelName:      "admin",
+				User:           "admin@local",
 				Server:         "this-is-aws-test-of-many-api-endpoints",
 				APIEndpoints:   []string{"this-is-aws-test-of-many-api-endpoints"},
 				CACert:         "this-is-aws-test-ca-cert",
+				Cloud:          "aws",
+				CloudRegion:    "us-east-1",
 			},
-			"local.mallards": {
+			"mallards": {
 				ControllerUUID: "this-is-another-uuid",
 				ModelName:      "my-model",
 				User:           "admin@local",
 				Server:         "this-is-another-of-many-api-endpoints",
 				APIEndpoints:   []string{"this-is-another-of-many-api-endpoints", "this-is-one-more-of-many-api-endpoints"},
 				CACert:         "this-is-another-ca-cert",
+				Cloud:          "mallards",
+				CloudRegion:    "mallards1",
 			},
-			"local.mark-test-prodstack": {
+			"mark-test-prodstack": {
 				ControllerUUID: "this-is-a-uuid",
+				User:           "admin@local",
 				Server:         "this-is-one-of-many-api-endpoints",
 				APIEndpoints:   []string{"this-is-one-of-many-api-endpoints"},
 				CACert:         "this-is-a-ca-cert",
+				Cloud:          "prodstack",
 			},
 		},
-		CurrentController: "local.mallards",
+		CurrentController: "mallards",
 	})
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listmodels.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listmodels.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listmodels.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listmodels.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/base"
@@ -46,8 +46,8 @@
 
 Examples:
 
-    juju list-models
-    juju list-models --user bob
+    juju models
+    juju models --user bob
 
 See also: add-model
           share-model
@@ -72,9 +72,10 @@
 // Info implements Command.Info
 func (c *modelsCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-models",
+		Name:    "models",
 		Purpose: "Lists models a user can access on a controller.",
 		Doc:     listModelsDoc,
+		Aliases: []string{"list-models"},
 	}
 }
 
@@ -115,8 +116,8 @@
 // Run implements Command.Run
 func (c *modelsCommand) Run(ctx *cmd.Context) error {
 	if c.user == "" {
-		accountDetails, err := c.ClientStore().AccountByName(
-			c.ControllerName(), c.AccountName(),
+		accountDetails, err := c.ClientStore().AccountDetails(
+			c.ControllerName(),
 		)
 		if err != nil {
 			return err
@@ -142,6 +143,7 @@
 		return errors.Annotate(err, "cannot get model details")
 	}
 
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	now := time.Now()
 	modelInfo := make([]common.ModelInfo, 0, len(models))
 	for _, info := range paramsModelInfo {
@@ -153,7 +155,7 @@
 	}
 
 	modelSet := ModelSet{Models: modelInfo}
-	current, err := c.ClientStore().CurrentModel(c.ControllerName(), c.AccountName())
+	current, err := c.ClientStore().CurrentModel(c.ControllerName())
 	if err != nil && !errors.IsNotFound(err) {
 		return err
 	}
@@ -240,7 +242,7 @@
 		flags    = 0
 	)
 	tw := tabwriter.NewWriter(&out, minwidth, tabwidth, padding, padchar, flags)
-	fmt.Fprintf(tw, "NAME")
+	fmt.Fprintf(tw, "MODEL")
 	if c.listUUID {
 		fmt.Fprintf(tw, "\tMODEL UUID")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listmodels_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listmodels_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/listmodels_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/listmodels_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,15 +7,14 @@
 	"time"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/controller"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/status"
@@ -101,9 +100,6 @@
 func (s *ModelsSuite) SetUpTest(c *gc.C) {
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
 
-	err := modelcmd.WriteCurrentController("fake")
-	c.Assert(err, jc.ErrorIsNil)
-
 	models := []base.UserModel{
 		{
 			Name:  "test-model1",
@@ -124,22 +120,14 @@
 		user:   "admin@local",
 	}
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "fake"
 	s.store.Controllers["fake"] = jujuclient.ControllerDetails{}
-	s.store.Models["fake"] = jujuclient.ControllerAccountModels{
-		AccountModels: map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				CurrentModel: "test-model1",
-			},
-		},
+	s.store.Models["fake"] = &jujuclient.ControllerModels{
+		CurrentModel: "test-model1",
 	}
-	s.store.Accounts["fake"] = &jujuclient.ControllerAccounts{
-		Accounts: map[string]jujuclient.AccountDetails{
-			"admin@local": {
-				User:     "admin@local",
-				Password: "password",
-			},
-		},
-		CurrentAccount: "admin@local",
+	s.store.Accounts["fake"] = jujuclient.AccountDetails{
+		User:     "admin@local",
+		Password: "password",
 	}
 }
 
@@ -152,7 +140,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.api.user, gc.Equals, user)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"NAME          OWNER             STATUS      LAST CONNECTION\n"+
+		"MODEL         OWNER             STATUS      LAST CONNECTION\n"+
 		"test-model1*  user-admin@local  active      2015-03-20\n"+
 		"test-model2   user-admin@local  active      2015-03-01\n"+
 		"test-model3   user-admin@local  destroying  never connected\n"+
@@ -169,7 +157,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.api.all, jc.IsTrue)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"NAME          OWNER             STATUS      LAST CONNECTION\n"+
+		"MODEL         OWNER             STATUS      LAST CONNECTION\n"+
 		"test-model1*  user-admin@local  active      2015-03-20\n"+
 		"test-model2   user-admin@local  active      2015-03-01\n"+
 		"test-model3   user-admin@local  destroying  never connected\n"+
@@ -181,7 +169,7 @@
 	context, err := testing.RunCommand(c, s.newCommand())
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"NAME         OWNER             STATUS      LAST CONNECTION\n"+
+		"MODEL        OWNER             STATUS      LAST CONNECTION\n"+
 		"test-model1  user-admin@local  active      2015-03-20\n"+
 		"test-model2  user-admin@local  active      2015-03-01\n"+
 		"test-model3  user-admin@local  destroying  never connected\n"+
@@ -193,7 +181,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.api.user, gc.Equals, "admin@local")
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"NAME          MODEL UUID        OWNER             STATUS      LAST CONNECTION\n"+
+		"MODEL         MODEL UUID        OWNER             STATUS      LAST CONNECTION\n"+
 		"test-model1*  test-model1-UUID  user-admin@local  active      2015-03-20\n"+
 		"test-model2   test-model2-UUID  user-admin@local  active      2015-03-01\n"+
 		"test-model3   test-model3-UUID  user-admin@local  destroying  never connected\n"+
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/network"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 type mockAPIConnection struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,6 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	coretesting "github.com/juju/juju/testing"
@@ -32,9 +31,6 @@
 	s.modelsYaml = testModelsYaml
 	s.accountsYaml = testAccountsYaml
 	s.store = nil
-
-	err := modelcmd.WriteCurrentController("local.mallards")
-	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *baseControllerSuite) createTestClientStore(c *gc.C) *jujuclienttesting.MemStore {
@@ -48,7 +44,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	store := jujuclienttesting.NewMemStore()
-	store.Controllers = controllers
+	store.Controllers = controllers.Controllers
+	store.CurrentControllerName = controllers.CurrentController
 	store.Models = models
 	store.Accounts = accounts
 	s.store = store
@@ -57,61 +54,51 @@
 
 const testControllersYaml = `
 controllers:
-  local.aws-test:
+  aws-test:
     uuid: this-is-the-aws-test-uuid
     api-endpoints: [this-is-aws-test-of-many-api-endpoints]
     ca-cert: this-is-aws-test-ca-cert
-  local.mallards:
+    cloud: aws
+    region: us-east-1
+  mallards:
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
-  local.mark-test-prodstack:
+    cloud: mallards
+    region: mallards1
+  mark-test-prodstack:
     uuid: this-is-a-uuid
     api-endpoints: [this-is-one-of-many-api-endpoints]
     ca-cert: this-is-a-ca-cert
+    cloud: prodstack
+current-controller: mallards
 `
 
 const testModelsYaml = `
 controllers:
-  local.aws-test:
-    accounts:
-      admin@local:
-        models:
-          admin:
-            uuid: ghi
-        current-model: admin
-  local.mallards:
-    accounts:
-      admin@local:
-        models:
-          admin:
-            uuid: abc
-          my-model:
-            uuid: def
-        current-model: my-model
+  aws-test:
+    models:
+      admin:
+        uuid: ghi
+    current-model: admin
+  mallards:
+    models:
+      admin:
+        uuid: abc
+      my-model:
+        uuid: def
+    current-model: my-model
 `
 
 const testAccountsYaml = `
 controllers:
-  local.aws-test:
-    accounts:
-      admin@local:
-        user: admin@local
-        password: hun+er2
-  local.mark-test-prodstack:
-    accounts:
-      admin@local:
-        user: admin@local
-        password: hunter2
-  local.mallards:
-    accounts:
-      admin@local:
-        user: admin@local
-        password: hunter2
-      bob@local:
-        user: bob@local
-        password: huntert00
-      bob@remote:
-        user: bob@remote
-    current-account: admin@local
+  aws-test:
+    user: admin@local
+    password: hun+er2
+  mark-test-prodstack:
+    user: admin@local
+    password: hunter2
+  mallards:
+    user: admin@local
+    password: hunter2
 `
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/register.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/register.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/register.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/register.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,11 +18,11 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/set"
 	"golang.org/x/crypto/nacl/secretbox"
 	"golang.org/x/crypto/ssh/terminal"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
@@ -49,7 +49,7 @@
 type registerCommand struct {
 	modelcmd.JujuCommandBase
 	apiOpen       api.OpenFunc
-	refreshModels func(_ jujuclient.ClientStore, controller, account string) error
+	refreshModels func(_ jujuclient.ClientStore, controller string) error
 	store         jujuclient.ClientStore
 	EncodedData   string
 }
@@ -77,6 +77,8 @@
     change-user-password`
 
 // Info implements Command.Info
+// `register` may seem generic, but is seen as simple and without potential
+// naming collisions in any current or planned features.
 func (c *registerCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "register",
@@ -168,24 +170,16 @@
 		User:     registrationParams.userTag.Canonical(),
 		Macaroon: string(macaroonJSON),
 	}
-	accountName := accountDetails.User
-	if err := c.store.UpdateAccount(
-		registrationParams.controllerName, accountName, accountDetails,
-	); err != nil {
-		return errors.Trace(err)
-	}
-	if err := c.store.SetCurrentAccount(
-		registrationParams.controllerName, accountName,
-	); err != nil {
+	if err := c.store.UpdateAccount(registrationParams.controllerName, accountDetails); err != nil {
 		return errors.Trace(err)
 	}
 
 	// Log into the controller to verify the credentials, and
 	// refresh the connection information.
-	if err := c.refreshModels(c.store, registrationParams.controllerName, accountName); err != nil {
+	if err := c.refreshModels(c.store, registrationParams.controllerName); err != nil {
 		return errors.Trace(err)
 	}
-	if err := modelcmd.WriteCurrentController(registrationParams.controllerName); err != nil {
+	if err := c.store.SetCurrentController(registrationParams.controllerName); err != nil {
 		return errors.Trace(err)
 	}
 
@@ -193,11 +187,11 @@
 		ctx.Stderr, "\nWelcome, %s. You are now logged into %q.\n",
 		registrationParams.userTag.Id(), registrationParams.controllerName,
 	)
-	return c.maybeSetCurrentModel(ctx, registrationParams.controllerName, accountName)
+	return c.maybeSetCurrentModel(ctx, registrationParams.controllerName)
 }
 
-func (c *registerCommand) maybeSetCurrentModel(ctx *cmd.Context, controllerName, accountName string) error {
-	models, err := c.store.AllModels(controllerName, accountName)
+func (c *registerCommand) maybeSetCurrentModel(ctx *cmd.Context, controllerName string) error {
+	models, err := c.store.AllModels(controllerName)
 	if errors.IsNotFound(err) {
 		fmt.Fprintf(ctx.Stderr, "\n%s\n\n", errNoModels.Error())
 		return nil
@@ -213,7 +207,7 @@
 		for modelName = range models {
 			// Loop exists only to obtain one and only key.
 		}
-		err := c.store.SetCurrentModel(controllerName, accountName, modelName)
+		err := c.store.SetCurrentModel(controllerName, modelName)
 		if err != nil {
 			return errors.Trace(err)
 		}
@@ -269,7 +263,7 @@
 	copy(params.key[:], info.SecretKey)
 
 	// Prompt the user for the controller name.
-	controllerName, err := c.promptControllerName(ctx.Stderr, ctx.Stdin)
+	controllerName, err := c.promptControllerName(info.ControllerName, ctx.Stderr, ctx.Stdin)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -351,7 +345,7 @@
 }
 
 func (c *registerCommand) promptNewPassword(stderr io.Writer, stdin io.Reader) (string, error) {
-	password, err := c.readPassword("Enter password: ", stderr, stdin)
+	password, err := c.readPassword("Enter a new password: ", stderr, stdin)
 	if err != nil {
 		return "", errors.Trace(err)
 	}
@@ -368,17 +362,35 @@
 	return password, nil
 }
 
-func (c *registerCommand) promptControllerName(stderr io.Writer, stdin io.Reader) (string, error) {
-	fmt.Fprintf(stderr, "Please set a name for this controller: ")
+const errControllerConflicts = `WARNING: the controller proposed %q which clashes with an` +
+	` existing controller. The two controllers are entirely different.
+
+`
+
+func (c *registerCommand) promptControllerName(suggestedName string, stderr io.Writer, stdin io.Reader) (string, error) {
+	_, err := c.store.ControllerByName(suggestedName)
+	if err == nil {
+		fmt.Fprintf(stderr, errControllerConflicts, suggestedName)
+		suggestedName = ""
+	}
+	setMsg := "Please set a name for this controller"
+	if suggestedName != "" {
+		setMsg = setMsg + " (" + suggestedName + ")"
+	}
+	setMsg = setMsg + ":"
+	fmt.Fprintf(stderr, setMsg)
 	defer stderr.Write([]byte{'\n'})
 	name, err := c.readLine(stdin)
 	if err != nil {
 		return "", errors.Trace(err)
 	}
 	name = strings.TrimSpace(name)
-	if name == "" {
+	if name == "" && suggestedName == "" {
 		return "", errors.NewNotValid(nil, "you must specify a non-empty controller name")
 	}
+	if name == "" && suggestedName != "" {
+		return suggestedName, nil
+	}
 	return name, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/register_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/register_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/register_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/register_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -35,9 +35,8 @@
 	apiConnection               *mockAPIConnection
 	store                       *jujuclienttesting.MemStore
 	apiOpenError                error
-	refreshModels               func(jujuclient.ClientStore, string, string) error
+	refreshModels               func(jujuclient.ClientStore, string) error
 	refreshModelsControllerName string
-	refreshModelsAccountName    string
 	server                      *httptest.Server
 	httpHandler                 http.Handler
 }
@@ -60,10 +59,8 @@
 		addr:          serverURL.Host,
 	}
 	s.refreshModelsControllerName = ""
-	s.refreshModelsAccountName = ""
-	s.refreshModels = func(store jujuclient.ClientStore, controllerName, accountName string) error {
+	s.refreshModels = func(store jujuclient.ClientStore, controllerName string) error {
 		s.refreshModelsControllerName = controllerName
-		s.refreshModelsAccountName = accountName
 		return nil
 	}
 
@@ -107,6 +104,21 @@
 	return base64.URLEncoding.EncodeToString(data)
 }
 
+func (s *RegisterSuite) encodeRegistrationDataWithControllerName(c *gc.C, user string, secretKey []byte, controller string) string {
+	data, err := asn1.Marshal(jujuclient.RegistrationInfo{
+		User:           user,
+		Addrs:          []string{s.apiConnection.addr},
+		SecretKey:      secretKey,
+		ControllerName: controller,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	// Append some junk to the end of the encoded data to
+	// ensure that, if we have to pad the data in add-user,
+	// register can still decode it.
+	data = append(data, 0, 0, 0)
+	return base64.URLEncoding.EncodeToString(data)
+}
+
 func (s *RegisterSuite) seal(c *gc.C, message, key, nonce []byte) []byte {
 	var keyArray [32]byte
 	var nonceArray [24]byte
@@ -130,13 +142,12 @@
 }
 
 func (s *RegisterSuite) TestRegister(c *gc.C) {
-	ctx := s.testRegister(c)
+	ctx := s.testRegister(c, "")
 	c.Assert(s.refreshModelsControllerName, gc.Equals, "controller-name")
-	c.Assert(s.refreshModelsAccountName, gc.Equals, "bob@local")
 	stderr := testing.Stderr(ctx)
 	c.Assert(stderr, gc.Equals, `
-Please set a name for this controller: 
-Enter password: 
+Please set a name for this controller (controller-name):
+Enter a new password: 
 Confirm password: 
 
 Welcome, bob. You are now logged into "controller-name".
@@ -149,42 +160,42 @@
 }
 
 func (s *RegisterSuite) TestRegisterOneModel(c *gc.C) {
-	s.refreshModels = func(store jujuclient.ClientStore, controller, account string) error {
-		err := store.UpdateModel(controller, account, "theoneandonly", jujuclient.ModelDetails{
+	s.refreshModels = func(store jujuclient.ClientStore, controller string) error {
+		err := store.UpdateModel(controller, "theoneandonly", jujuclient.ModelDetails{
 			ModelUUID: "df136476-12e9-11e4-8a70-b2227cce2b54",
 		})
 		c.Assert(err, jc.ErrorIsNil)
 		return nil
 	}
-	s.testRegister(c)
+	s.testRegister(c, "")
 	c.Assert(
-		s.store.Models["controller-name"].AccountModels["bob@local"].CurrentModel,
+		s.store.Models["controller-name"].CurrentModel,
 		gc.Equals, "theoneandonly",
 	)
 }
 
 func (s *RegisterSuite) TestRegisterMultipleModels(c *gc.C) {
-	s.refreshModels = func(store jujuclient.ClientStore, controller, account string) error {
+	s.refreshModels = func(store jujuclient.ClientStore, controller string) error {
 		for _, name := range [...]string{"model1", "model2"} {
-			err := store.UpdateModel(controller, account, name, jujuclient.ModelDetails{
+			err := store.UpdateModel(controller, name, jujuclient.ModelDetails{
 				ModelUUID: "df136476-12e9-11e4-8a70-b2227cce2b54",
 			})
 			c.Assert(err, jc.ErrorIsNil)
 		}
 		return nil
 	}
-	ctx := s.testRegister(c)
+	ctx := s.testRegister(c, "")
 
 	// When there are multiple models, no current model will be set.
 	// Instead, the command will output the list of models and inform
 	// the user how to set the current model.
-	_, err := s.store.CurrentModel("controller-name", "bob@local")
+	_, err := s.store.CurrentModel("controller-name")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 
 	stderr := testing.Stderr(ctx)
 	c.Assert(stderr, gc.Equals, `
-Please set a name for this controller: 
-Enter password: 
+Please set a name for this controller (controller-name):
+Enter a new password: 
 Confirm password: 
 
 Welcome, bob. You are now logged into "controller-name".
@@ -197,7 +208,7 @@
 `[1:])
 }
 
-func (s *RegisterSuite) testRegister(c *gc.C) *cmd.Context {
+func (s *RegisterSuite) testRegister(c *gc.C, expectedError string) *cmd.Context {
 	secretKey := []byte(strings.Repeat("X", 32))
 	respNonce := []byte(strings.Repeat("X", 24))
 
@@ -229,9 +240,13 @@
 		c.Check(err, jc.ErrorIsNil)
 	})
 
-	registrationData := s.encodeRegistrationData(c, "bob", secretKey)
-	stdin := strings.NewReader("controller-name\nhunter2\nhunter2\n")
+	registrationData := s.encodeRegistrationDataWithControllerName(c, "bob", secretKey, "controller-name")
+	stdin := strings.NewReader("\nhunter2\nhunter2\n")
 	ctx, err := s.run(c, stdin, registrationData)
+	if expectedError != "" {
+		c.Assert(err, gc.ErrorMatches, expectedError)
+		return ctx
+	}
 	c.Assert(err, jc.ErrorIsNil)
 
 	// There should have been one POST command to "/register".
@@ -261,7 +276,7 @@
 		APIEndpoints:   []string{s.apiConnection.addr},
 		CACert:         testing.CACert,
 	})
-	account, err := s.store.AccountByName("controller-name", "bob@local")
+	account, err := s.store.AccountDetails("controller-name")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(account, jc.DeepEquals, &jujuclient.AccountDetails{
 		User:     "bob@local",
@@ -299,6 +314,36 @@
 	c.Assert(err, gc.ErrorMatches, `controller "controller-name" already exists`)
 }
 
+func (s *RegisterSuite) TestProposedControllerNameExists(c *gc.C) {
+	err := s.store.UpdateController("controller-name", jujuclient.ControllerDetails{
+		ControllerUUID: "df136476-12e9-11e4-8a70-b2227cce2b54",
+		CACert:         testing.CACert,
+	})
+
+	s.refreshModels = func(store jujuclient.ClientStore, controller string) error {
+		err := store.UpdateModel(controller, "controller-name", jujuclient.ModelDetails{
+			ModelUUID: "df136476-12e9-11e4-8a70-b2227cce2b54",
+		})
+		c.Assert(err, jc.ErrorIsNil)
+		return nil
+	}
+
+	ctx := s.testRegister(c, "you must specify a non-empty controller name")
+
+	secretKey := []byte(strings.Repeat("X", 32))
+	registrationData := s.encodeRegistrationDataWithControllerName(c, "bob", secretKey, "controller-name")
+	stdin := strings.NewReader("controller-name1\nhunter2\nhunter2\n")
+	_, err = s.run(c, stdin, registrationData)
+	c.Assert(err, jc.ErrorIsNil)
+	stderr := testing.Stderr(ctx)
+	c.Assert(stderr, gc.Equals, `
+WARNING: the controller proposed "controller-name" which clashes with an existing controller. The two controllers are entirely different.
+
+Please set a name for this controller:
+`[1:])
+
+}
+
 func (s *RegisterSuite) TestRegisterEmptyPassword(c *gc.C) {
 	secretKey := []byte(strings.Repeat("X", 32))
 	registrationData := s.encodeRegistrationData(c, "bob", secretKey)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/removeblocks.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/removeblocks.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/removeblocks.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/removeblocks.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,15 +33,15 @@
 in a Juju controller.
 
 See Also:
-    juju help block
-    juju help unblock
+    juju block
+    juju unblock
 `
 
 // Info implements Command.Info
 func (c *removeBlocksCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "remove-all-blocks",
-		Purpose: "remove all blocks in the Juju controller",
+		Purpose: "Remove all blocks in the Juju controller.",
 		Doc:     removeBlocksDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/removeblocks_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/removeblocks_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/removeblocks_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/removeblocks_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/cmd/juju/controller"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/testing"
@@ -27,11 +26,9 @@
 func (s *removeBlocksSuite) SetUpTest(c *gc.C) {
 	s.baseControllerSuite.SetUpTest(c)
 
-	err := modelcmd.WriteCurrentController("fake")
-	c.Assert(err, jc.ErrorIsNil)
-
 	s.api = &fakeRemoveBlocksAPI{}
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "fake"
 	s.store.Controllers["fake"] = jujuclient.ControllerDetails{}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/showcontroller.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/showcontroller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/showcontroller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/showcontroller.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,14 +20,14 @@
 
 var usageShowControllerDetails = `
 Shows extended information about a controller(s) as well as related models
-and accounts. The active model and user accounts are also displayed.
+and user login details.
 
 Examples:
     juju show-controller
     juju show-controller aws google
     
 See also: 
-    list-controllers`[1:]
+    controllers`[1:]
 
 // NewShowControllerCommand returns a command to show details of the desired controllers.
 func NewShowControllerCommand() cmd.Command {
@@ -57,7 +57,7 @@
 // SetFlags implements Command.SetFlags.
 func (c *showControllerCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.JujuCommandBase.SetFlags(f)
-	f.BoolVar(&c.showPasswords, "show-passwords", false, "Show passwords for displayed accounts")
+	f.BoolVar(&c.showPasswords, "show-password", false, "Show password for logged in user")
 	c.out.AddFlags(f, "yaml", map[string]cmd.Formatter{
 		"yaml": cmd.FormatYaml,
 		"json": cmd.FormatJson,
@@ -68,26 +68,21 @@
 func (c *showControllerCommand) Run(ctx *cmd.Context) error {
 	controllerNames := c.controllerNames
 	if len(controllerNames) == 0 {
-		currentController, err := modelcmd.ReadCurrentController()
-		if err != nil {
-			return errors.Trace(err)
-		}
-		if currentController == "" {
+		currentController, err := c.store.CurrentController()
+		if errors.IsNotFound(err) {
 			return errors.New("there is no active controller")
+		} else if err != nil {
+			return errors.Trace(err)
 		}
 		controllerNames = []string{currentController}
 	}
 	controllers := make(map[string]ShowControllerDetails)
 	for _, name := range controllerNames {
-		actualName, err := modelcmd.ResolveControllerName(c.store, name)
+		one, err := c.store.ControllerByName(name)
 		if err != nil {
 			return err
 		}
-		one, err := c.store.ControllerByName(actualName)
-		if err != nil {
-			return err
-		}
-		controllers[name] = c.convertControllerForShow(actualName, one)
+		controllers[name] = c.convertControllerForShow(name, one)
 	}
 	return c.out.Write(ctx, controllers)
 }
@@ -96,11 +91,14 @@
 	// Details contains the same details that client store caches for this controller.
 	Details ControllerDetails `yaml:"details,omitempty" json:"details,omitempty"`
 
-	// Accounts is a collection of accounts for this controller.
-	Accounts map[string]*AccountDetails `yaml:"accounts,omitempty" json:"accounts,omitempty"`
+	// Models is a collection of all models for this controller.
+	Models map[string]ModelDetails `yaml:"models,omitempty" json:"models,omitempty"`
+
+	// CurrentModel is the name of the current model for this controller
+	CurrentModel string `yaml:"current-model,omitempty" json:"current-model,omitempty"`
 
-	// CurrentAccount is the name of the current account for this controller.
-	CurrentAccount string `yaml:"current-account,omitempty" json:"current-account,omitempty"`
+	// Account is the account details for the user logged into this controller.
+	Account *AccountDetails `yaml:"account,omitempty" json:"account,omitempty"`
 
 	// BootstrapConfig contains the bootstrap configuration for this controller.
 	// This is only available on the client that bootstrapped the controller.
@@ -120,6 +118,12 @@
 
 	// CACert is a security certificate for this controller.
 	CACert string `yaml:"ca-cert" json:"ca-cert"`
+
+	// Cloud is the name of the cloud that this controller runs in.
+	Cloud string `yaml:"cloud" json:"cloud"`
+
+	// CloudRegion is the name of the cloud region that this controller runs in.
+	CloudRegion string `yaml:"region,omitempty" json:"region,omitempty"`
 }
 
 // ModelDetails holds details of a model to show.
@@ -135,12 +139,6 @@
 
 	// Password is the password for the account.
 	Password string `yaml:"password,omitempty" json:"password,omitempty"`
-
-	// Models is a collection of all models for this controller.
-	Models map[string]ModelDetails `yaml:"models,omitempty" json:"models,omitempty"`
-
-	// CurrentModel is the name of the current model for this controller
-	CurrentModel string `yaml:"current-model,omitempty" json:"current-model,omitempty"`
 }
 
 // BootstrapConfig holds the configuration used to bootstrap a controller.
@@ -160,57 +158,52 @@
 			ControllerUUID: details.ControllerUUID,
 			APIEndpoints:   details.APIEndpoints,
 			CACert:         details.CACert,
+			Cloud:          details.Cloud,
+			CloudRegion:    details.CloudRegion,
 		},
 	}
+	c.convertModelsForShow(controllerName, &controller)
 	c.convertAccountsForShow(controllerName, &controller)
 	c.convertBootstrapConfigForShow(controllerName, &controller)
 	return controller
 }
 
 func (c *showControllerCommand) convertAccountsForShow(controllerName string, controller *ShowControllerDetails) {
-	accounts, err := c.store.AllAccounts(controllerName)
+	storeDetails, err := c.store.AccountDetails(controllerName)
 	if err != nil && !errors.IsNotFound(err) {
 		controller.Errors = append(controller.Errors, err.Error())
 	}
-
-	if len(accounts) > 0 {
-		controller.Accounts = make(map[string]*AccountDetails)
-		for accountName, account := range accounts {
-			details := &AccountDetails{User: account.User}
-			controller.Accounts[accountName] = details
-			if c.showPasswords {
-				details.Password = account.Password
-			}
-			if err := c.convertModelsForShow(controllerName, accountName, details); err != nil {
-				controller.Errors = append(controller.Errors, err.Error())
-			}
-		}
+	if storeDetails == nil {
+		return
 	}
-
-	controller.CurrentAccount, err = c.store.CurrentAccount(controllerName)
-	if err != nil && !errors.IsNotFound(err) {
-		controller.Errors = append(controller.Errors, err.Error())
+	details := &AccountDetails{
+		User: storeDetails.User,
+	}
+	if c.showPasswords {
+		details.Password = storeDetails.Password
 	}
+	controller.Account = details
 }
 
-func (c *showControllerCommand) convertModelsForShow(controllerName, accountName string, account *AccountDetails) error {
-	models, err := c.store.AllModels(controllerName, accountName)
+func (c *showControllerCommand) convertModelsForShow(controllerName string, controller *ShowControllerDetails) {
+	models, err := c.store.AllModels(controllerName)
 	if errors.IsNotFound(err) {
-		return nil
+		return
 	} else if err != nil {
-		return err
+		controller.Errors = append(controller.Errors, err.Error())
+		return
 	}
 	if len(models) > 0 {
-		account.Models = make(map[string]ModelDetails)
+		controller.Models = make(map[string]ModelDetails)
 		for modelName, model := range models {
-			account.Models[modelName] = ModelDetails{model.ModelUUID}
+			controller.Models[modelName] = ModelDetails{model.ModelUUID}
 		}
 	}
-	account.CurrentModel, err = c.store.CurrentModel(controllerName, accountName)
+	controller.CurrentModel, err = c.store.CurrentModel(controllerName)
 	if err != nil && !errors.IsNotFound(err) {
-		return err
+		controller.Errors = append(controller.Errors, err.Error())
+		return
 	}
-	return nil
 }
 
 func (c *showControllerCommand) convertBootstrapConfigForShow(controllerName string, controller *ShowControllerDetails) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/showcontroller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/showcontroller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/showcontroller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/showcontroller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,6 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/cmd/juju/controller"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/testing"
@@ -26,83 +25,76 @@
 
 func (s *ShowControllerSuite) TestShowOneControllerOneInStore(c *gc.C) {
 	s.controllersYaml = `controllers:
-  local.mallards:
+  mallards:
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
+    cloud: mallards
 `
 	s.createTestClientStore(c)
 
 	s.expectedOutput = `
-local.mallards:
+mallards:
   details:
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
-  accounts:
-    admin@local:
-      user: admin@local
-      models:
-        admin:
-          uuid: abc
-        my-model:
-          uuid: def
-      current-model: my-model
-    bob@local:
-      user: bob@local
-    bob@remote:
-      user: bob@remote
-  current-account: admin@local
+    cloud: mallards
+  models:
+    admin:
+      uuid: abc
+    my-model:
+      uuid: def
+  current-model: my-model
+  account:
+    user: admin@local
 `[1:]
 
-	s.assertShowController(c, "local.mallards")
+	s.assertShowController(c, "mallards")
 }
 
 func (s *ShowControllerSuite) TestShowControllerWithPasswords(c *gc.C) {
 	s.controllersYaml = `controllers:
-  local.mallards:
+  mallards:
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
+    cloud: mallards
 `
 	s.createTestClientStore(c)
 
 	s.expectedOutput = `
-local.mallards:
+mallards:
   details:
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
-  accounts:
-    admin@local:
-      user: admin@local
-      password: hunter2
-      models:
-        admin:
-          uuid: abc
-        my-model:
-          uuid: def
-      current-model: my-model
-    bob@local:
-      user: bob@local
-      password: huntert00
-    bob@remote:
-      user: bob@remote
-  current-account: admin@local
+    cloud: mallards
+  models:
+    admin:
+      uuid: abc
+    my-model:
+      uuid: def
+  current-model: my-model
+  account:
+    user: admin@local
+    password: hunter2
 `[1:]
 
-	s.assertShowController(c, "local.mallards", "--show-passwords")
+	s.assertShowController(c, "mallards", "--show-password")
 }
 
 func (s *ShowControllerSuite) TestShowControllerWithBootstrapConfig(c *gc.C) {
 	s.controllersYaml = `controllers:
-  local.mallards:
+  mallards:
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
+    cloud: mallards
+    region: mallards1
 `
 	store := s.createTestClientStore(c)
-	store.BootstrapConfig["local.mallards"] = jujuclient.BootstrapConfig{
+	store.BootstrapConfig["mallards"] = jujuclient.BootstrapConfig{
 		Config: map[string]interface{}{
 			"name":  "admin",
 			"type":  "maas",
@@ -115,25 +107,21 @@
 	}
 
 	s.expectedOutput = `
-local.mallards:
+mallards:
   details:
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
-  accounts:
-    admin@local:
-      user: admin@local
-      models:
-        admin:
-          uuid: abc
-        my-model:
-          uuid: def
-      current-model: my-model
-    bob@local:
-      user: bob@local
-    bob@remote:
-      user: bob@remote
-  current-account: admin@local
+    cloud: mallards
+    region: mallards1
+  models:
+    admin:
+      uuid: abc
+    my-model:
+      uuid: def
+  current-model: my-model
+  account:
+    user: admin@local
   bootstrap-config:
     config:
       extra: value
@@ -144,73 +132,75 @@
     credential: my-credential
 `[1:]
 
-	s.assertShowController(c, "local.mallards")
+	s.assertShowController(c, "mallards")
 }
 
 func (s *ShowControllerSuite) TestShowOneControllerManyInStore(c *gc.C) {
 	s.createTestClientStore(c)
 
 	s.expectedOutput = `
-local.aws-test:
+aws-test:
   details:
     uuid: this-is-the-aws-test-uuid
     api-endpoints: [this-is-aws-test-of-many-api-endpoints]
     ca-cert: this-is-aws-test-ca-cert
-  accounts:
-    admin@local:
-      user: admin@local
-      models:
-        admin:
-          uuid: ghi
-      current-model: admin
+    cloud: aws
+    region: us-east-1
+  models:
+    admin:
+      uuid: ghi
+  current-model: admin
+  account:
+    user: admin@local
 `[1:]
-	s.assertShowController(c, "local.aws-test")
+	s.assertShowController(c, "aws-test")
 }
 
 func (s *ShowControllerSuite) TestShowSomeControllerMoreInStore(c *gc.C) {
 	s.createTestClientStore(c)
 	s.expectedOutput = `
-local.aws-test:
+aws-test:
   details:
     uuid: this-is-the-aws-test-uuid
     api-endpoints: [this-is-aws-test-of-many-api-endpoints]
     ca-cert: this-is-aws-test-ca-cert
-  accounts:
-    admin@local:
-      user: admin@local
-      models:
-        admin:
-          uuid: ghi
-      current-model: admin
-local.mark-test-prodstack:
+    cloud: aws
+    region: us-east-1
+  models:
+    admin:
+      uuid: ghi
+  current-model: admin
+  account:
+    user: admin@local
+mark-test-prodstack:
   details:
     uuid: this-is-a-uuid
     api-endpoints: [this-is-one-of-many-api-endpoints]
     ca-cert: this-is-a-ca-cert
-  accounts:
-    admin@local:
-      user: admin@local
+    cloud: prodstack
+  account:
+    user: admin@local
 `[1:]
 
-	s.assertShowController(c, "local.aws-test", "local.mark-test-prodstack")
+	s.assertShowController(c, "aws-test", "mark-test-prodstack")
 }
 
 func (s *ShowControllerSuite) TestShowControllerJsonOne(c *gc.C) {
 	s.createTestClientStore(c)
 
 	s.expectedOutput = `
-{"local.aws-test":{"details":{"uuid":"this-is-the-aws-test-uuid","api-endpoints":["this-is-aws-test-of-many-api-endpoints"],"ca-cert":"this-is-aws-test-ca-cert"},"accounts":{"admin@local":{"user":"admin@local","models":{"admin":{"uuid":"ghi"}},"current-model":"admin"}}}}
+{"aws-test":{"details":{"uuid":"this-is-the-aws-test-uuid","api-endpoints":["this-is-aws-test-of-many-api-endpoints"],"ca-cert":"this-is-aws-test-ca-cert","cloud":"aws","region":"us-east-1"},"models":{"admin":{"uuid":"ghi"}},"current-model":"admin","account":{"user":"admin@local"}}}
 `[1:]
 
-	s.assertShowController(c, "--format", "json", "local.aws-test")
+	s.assertShowController(c, "--format", "json", "aws-test")
 }
 
 func (s *ShowControllerSuite) TestShowControllerJsonMany(c *gc.C) {
 	s.createTestClientStore(c)
 	s.expectedOutput = `
-{"local.aws-test":{"details":{"uuid":"this-is-the-aws-test-uuid","api-endpoints":["this-is-aws-test-of-many-api-endpoints"],"ca-cert":"this-is-aws-test-ca-cert"},"accounts":{"admin@local":{"user":"admin@local","models":{"admin":{"uuid":"ghi"}},"current-model":"admin"}}},"local.mark-test-prodstack":{"details":{"uuid":"this-is-a-uuid","api-endpoints":["this-is-one-of-many-api-endpoints"],"ca-cert":"this-is-a-ca-cert"},"accounts":{"admin@local":{"user":"admin@local"}}}}
+{"aws-test":{"details":{"uuid":"this-is-the-aws-test-uuid","api-endpoints":["this-is-aws-test-of-many-api-endpoints"],"ca-cert":"this-is-aws-test-ca-cert","cloud":"aws","region":"us-east-1"},"models":{"admin":{"uuid":"ghi"}},"current-model":"admin","account":{"user":"admin@local"}},"mark-test-prodstack":{"details":{"uuid":"this-is-a-uuid","api-endpoints":["this-is-one-of-many-api-endpoints"],"ca-cert":"this-is-a-ca-cert","cloud":"prodstack"},"account":{"user":"admin@local"}}}
 `[1:]
-	s.assertShowController(c, "--format", "json", "local.aws-test", "local.mark-test-prodstack")
+	s.assertShowController(c, "--format", "json", "aws-test", "mark-test-prodstack")
 }
 
 func (s *ShowControllerSuite) TestShowControllerReadFromStoreErr(c *gc.C) {
@@ -227,20 +217,18 @@
 }
 
 func (s *ShowControllerSuite) TestShowControllerNoArgs(c *gc.C) {
-	s.createTestClientStore(c)
+	store := s.createTestClientStore(c)
 
 	s.expectedOutput = `
-{"local.aws-test":{"details":{"uuid":"this-is-the-aws-test-uuid","api-endpoints":["this-is-aws-test-of-many-api-endpoints"],"ca-cert":"this-is-aws-test-ca-cert"},"accounts":{"admin@local":{"user":"admin@local","models":{"admin":{"uuid":"ghi"}},"current-model":"admin"}}}}
+{"aws-test":{"details":{"uuid":"this-is-the-aws-test-uuid","api-endpoints":["this-is-aws-test-of-many-api-endpoints"],"ca-cert":"this-is-aws-test-ca-cert","cloud":"aws","region":"us-east-1"},"models":{"admin":{"uuid":"ghi"}},"current-model":"admin","account":{"user":"admin@local"}}}
 `[1:]
-	err := modelcmd.WriteCurrentController("local.aws-test")
-	c.Assert(err, jc.ErrorIsNil)
+	store.CurrentControllerName = "aws-test"
 	s.assertShowController(c, "--format", "json")
 }
 
 func (s *ShowControllerSuite) TestShowControllerNoArgsNoCurrent(c *gc.C) {
-	err := modelcmd.WriteCurrentController("")
-	c.Assert(err, jc.ErrorIsNil)
-
+	store := s.createTestClientStore(c)
+	store.CurrentControllerName = ""
 	s.expectedErr = regexp.QuoteMeta(`there is no active controller`)
 	s.assertShowControllerFailed(c)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/unregister.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/unregister.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/unregister.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/unregister.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,105 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package controller
+
+import (
+	"fmt"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	"launchpad.net/gnuflag"
+
+	jujucmd "github.com/juju/juju/cmd"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/jujuclient"
+)
+
+// NewUnregisterCommand returns a command to allow the user to unregister a controller.
+func NewUnregisterCommand(store jujuclient.ClientStore) cmd.Command {
+	if store == nil {
+		panic("valid store must be specified")
+	}
+	cmd := &unregisterCommand{store: store}
+	return modelcmd.WrapBase(cmd)
+}
+
+// unregisterCommand removes a Juju controller from the local store.
+type unregisterCommand struct {
+	modelcmd.JujuCommandBase
+	controllerName string
+	assumeYes      bool
+	store          jujuclient.ClientStore
+}
+
+var usageUnregisterDetails = `
+Removes local connection information for the specified controller.
+This command does not destroy the controller.  In order to regain
+access to an unregistered controller, it will need to be added
+again using the juju register command.
+
+Examples:
+
+    juju unregister my-controller
+
+See Also:
+    juju register`
+
+// Info implements Command.Info
+// `unregister` may seem generic as a command, but aligns with `register`.
+func (c *unregisterCommand) Info() *cmd.Info {
+	return &cmd.Info{
+		Name:    "unregister",
+		Args:    "<controller name>",
+		Purpose: "Unregisters a Juju controller",
+		Doc:     usageUnregisterDetails,
+	}
+}
+
+// SetFlags implements Command.SetFlags.
+func (c *unregisterCommand) SetFlags(f *gnuflag.FlagSet) {
+	f.BoolVar(&c.assumeYes, "y", false, "Do not prompt for confirmation")
+	f.BoolVar(&c.assumeYes, "yes", false, "")
+}
+
+// Init implements Command.Init.
+func (c *unregisterCommand) Init(args []string) error {
+	if len(args) < 1 {
+		return errors.New("controller name must be specified")
+	}
+	c.controllerName, args = args[0], args[1:]
+
+	if err := jujuclient.ValidateControllerName(c.controllerName); err != nil {
+		return err
+	}
+
+	if err := cmd.CheckEmpty(args); err != nil {
+		return err
+	}
+	return nil
+}
+
+var unregisterMsg = `
+This command will remove connection information for controller %q.
+Doing so will prevent you from accessing this controller until
+you register it again.
+
+Continue [y/N]?`[1:]
+
+func (c *unregisterCommand) Run(ctx *cmd.Context) error {
+
+	_, err := c.store.ControllerByName(c.controllerName)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	if !c.assumeYes {
+		fmt.Fprintf(ctx.Stdout, unregisterMsg, c.controllerName)
+
+		if err := jujucmd.UserConfirmYes(ctx); err != nil {
+			return errors.Annotate(err, "unregistering controller")
+		}
+	}
+
+	return (c.store.RemoveController(c.controllerName))
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/unregister_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/unregister_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/controller/unregister_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/controller/unregister_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,146 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package controller_test
+
+import (
+	"bytes"
+	"time"
+
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	jt "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/juju/controller"
+	cmdtesting "github.com/juju/juju/cmd/testing"
+	"github.com/juju/juju/jujuclient"
+	"github.com/juju/juju/testing"
+)
+
+// Test that the expected methods are called during unregister:
+// ControllerByName and RemoveController.
+type fakeStore struct {
+	jujuclient.ClientStore
+	lookupName  string
+	removedName string
+}
+
+func (s *fakeStore) ControllerByName(name string) (*jujuclient.ControllerDetails, error) {
+	s.lookupName = name
+	if name != "fake1" {
+		return nil, errors.NotFoundf("controller %s", name)
+	}
+	return &jujuclient.ControllerDetails{}, nil
+}
+
+func (s *fakeStore) RemoveController(name string) error {
+	// Removing a controller that doesn't exist also returns nil,
+	// so no need to check.
+	s.removedName = name
+	return nil
+}
+
+type UnregisterSuite struct {
+	jt.IsolationSuite
+	store *fakeStore
+}
+
+var _ = gc.Suite(&UnregisterSuite{})
+
+func (s *UnregisterSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+	s.store = &fakeStore{}
+}
+
+func (s *UnregisterSuite) TestInit(c *gc.C) {
+	unregisterCommand := controller.NewUnregisterCommand(s.store)
+
+	err := testing.InitCommand(unregisterCommand, []string{})
+	c.Assert(err, gc.ErrorMatches, "controller name must be specified")
+
+	err = testing.InitCommand(unregisterCommand, []string{"foo", "bar"})
+	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["bar"\]`)
+}
+
+func (s *UnregisterSuite) TestUnregisterUnknownController(c *gc.C) {
+	command := controller.NewUnregisterCommand(s.store)
+	_, err := testing.RunCommand(c, command, "fake3")
+
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	c.Assert(err, gc.ErrorMatches, "controller fake3 not found")
+	c.Check(s.store.lookupName, gc.Equals, "fake3")
+}
+
+func (s *UnregisterSuite) TestUnregisterController(c *gc.C) {
+	command := controller.NewUnregisterCommand(s.store)
+	_, err := testing.RunCommand(c, command, "fake1", "-y")
+
+	c.Assert(err, jc.ErrorIsNil)
+	c.Check(s.store.lookupName, gc.Equals, "fake1")
+	c.Check(s.store.removedName, gc.Equals, "fake1")
+}
+
+var unregisterMsg = `
+This command will remove connection information for controller "fake1".
+Doing so will prevent you from accessing this controller until
+you register it again.
+
+Continue [y/N]?`[1:]
+
+func (s *UnregisterSuite) unregisterCommandAborts(c *gc.C, answer string) {
+	var stdin, stdout bytes.Buffer
+	ctx, err := cmd.DefaultContext()
+	c.Assert(err, jc.ErrorIsNil)
+	ctx.Stdout = &stdout
+	ctx.Stdin = &stdin
+
+	// Ensure confirmation is requested if "-y" is not specified.
+	stdin.WriteString(answer)
+	_, errc := cmdtesting.RunCommand(ctx, controller.NewUnregisterCommand(s.store), "fake1")
+	select {
+	case err, ok := <-errc:
+		c.Assert(ok, jc.IsTrue)
+		c.Check(err, gc.ErrorMatches, "unregistering controller: aborted")
+	case <-time.After(testing.LongWait):
+		c.Fatalf("command took too long")
+	}
+	c.Check(testing.Stdout(ctx), gc.Equals, unregisterMsg)
+	c.Check(s.store.lookupName, gc.Equals, "fake1")
+	c.Check(s.store.removedName, gc.Equals, "")
+}
+
+func (s *UnregisterSuite) TestUnregisterCommandAbortsOnN(c *gc.C) {
+	s.unregisterCommandAborts(c, "n")
+}
+
+func (s *UnregisterSuite) TestUnregisterCommandAbortsOnNotY(c *gc.C) {
+	s.unregisterCommandAborts(c, "foo")
+}
+
+func (s *UnregisterSuite) unregisterCommandConfirms(c *gc.C, answer string) {
+	var stdin, stdout bytes.Buffer
+	ctx, err := cmd.DefaultContext()
+	c.Assert(err, jc.ErrorIsNil)
+	ctx.Stdout = &stdout
+	ctx.Stdin = &stdin
+
+	stdin.Reset()
+	stdout.Reset()
+	stdin.WriteString(answer)
+	_, errc := cmdtesting.RunCommand(ctx, controller.NewUnregisterCommand(s.store), "fake1")
+	select {
+	case err, ok := <-errc:
+		c.Assert(ok, jc.IsTrue)
+		c.Check(err, jc.ErrorIsNil)
+	case <-time.After(testing.LongWait):
+		c.Fatalf("command took too long")
+	}
+	c.Check(s.store.lookupName, gc.Equals, "fake1")
+	c.Check(s.store.removedName, gc.Equals, "fake1")
+}
+
+func (s *UnregisterSuite) TestUnregisterCommandConfirmsOnY(c *gc.C) {
+	s.unregisterCommandConfirms(c, "y")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/gui/gui.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/gui/gui.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/gui/gui.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/gui/gui.go	2016-07-18 19:45:44.000000000 +0000
@@ -50,15 +50,15 @@
 func (c *guiCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "gui",
-		Purpose: "open the Juju GUI in the default browser",
+		Purpose: "Open the Juju GUI in the default browser.",
 		Doc:     guiDoc,
 	}
 }
 
 // SetFlags implements the cmd.Command interface.
 func (c *guiCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.showCreds, "show-credentials", false, "show admin credentials to use for logging into the Juju GUI")
-	f.BoolVar(&c.noBrowser, "no-browser", false, "do not try to open the web browser, just print the Juju GUI URL")
+	f.BoolVar(&c.showCreds, "show-credentials", false, "Show admin credentials to use for logging into the Juju GUI")
+	f.BoolVar(&c.noBrowser, "no-browser", false, "Do not try to open the web browser, just print the Juju GUI URL")
 }
 
 // Run implements the cmd.Command interface.
@@ -69,7 +69,7 @@
 		return errors.Annotate(err, "cannot establish API connection")
 	}
 	defer conn.Close()
-	details, err := c.ClientStore().ModelByName(c.ControllerName(), c.AccountName(), c.ModelName())
+	details, err := c.ClientStore().ModelByName(c.ControllerName(), c.ModelName())
 	if err != nil {
 		return errors.Annotate(err, "cannot retrieve model details")
 	}
@@ -134,12 +134,7 @@
 		return nil
 	}
 	// TODO(wallyworld) - what to do if we are using a macaroon.
-	if c.AccountName() == "" {
-		return errors.Errorf("no connection credentials available")
-	}
-	accountDetails, err := c.ClientStore().AccountByName(
-		c.ControllerName(), c.AccountName(),
-	)
+	accountDetails, err := c.ClientStore().AccountDetails(c.ControllerName())
 	if err != nil {
 		return errors.Annotate(err, "cannot retrieve credentials")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/gui/upgradegui.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/gui/upgradegui.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/gui/upgradegui.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/gui/upgradegui.go	2016-07-18 19:45:44.000000000 +0000
@@ -61,14 +61,14 @@
 func (c *upgradeGUICommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "upgrade-gui",
-		Purpose: "upgrade to a new Juju GUI version",
+		Purpose: "Upgrade to a new Juju GUI version.",
 		Doc:     upgradeGUIDoc,
 	}
 }
 
 // SetFlags implements the cmd.Command interface.
 func (c *upgradeGUICommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.list, "list", false, "list available Juju GUI release versions without upgrading")
+	f.BoolVar(&c.list, "list", false, "List available Juju GUI release versions without upgrading")
 }
 
 // Init implements the cmd.Command interface.
@@ -97,11 +97,11 @@
 		return nil
 	}
 	// Retrieve the GUI archive and its related info.
-	r, hash, size, vers, err := openArchive(c.versOrPath)
+	archive, err := openArchive(c.versOrPath)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	defer r.Close()
+	defer archive.r.Close()
 
 	// Open the Juju API client.
 	client, err := c.NewAPIClient()
@@ -111,21 +111,25 @@
 	defer client.Close()
 
 	// Check currently uploaded GUI version.
-	existingHash, isCurrent, err := existingVersionInfo(client, vers)
+	existingHash, isCurrent, err := existingVersionInfo(client, archive.vers)
 	if err != nil {
 		return errors.Trace(err)
 	}
 
 	// Upload the release file if required.
-	if hash != existingHash {
-		ctx.Infof("fetching Juju GUI archive")
-		f, err := storeArchive(r)
+	if archive.hash != existingHash {
+		if archive.local {
+			ctx.Infof("using local Juju GUI archive")
+		} else {
+			ctx.Infof("fetching Juju GUI archive")
+		}
+		f, err := storeArchive(archive.r)
 		if err != nil {
 			return errors.Trace(err)
 		}
 		defer f.Close()
-		ctx.Infof("uploading Juju GUI %s", vers)
-		isCurrent, err = clientUploadGUIArchive(client, f, hash, size, vers)
+		ctx.Infof("uploading Juju GUI %s", archive.vers)
+		isCurrent, err = clientUploadGUIArchive(client, f, archive.hash, archive.size, archive.vers)
 		if err != nil {
 			return errors.Annotate(err, "cannot upload Juju GUI")
 		}
@@ -133,56 +137,75 @@
 	}
 	// Switch to the new version if not already at the desired one.
 	if isCurrent {
-		ctx.Infof("Juju GUI at version %s", vers)
+		ctx.Infof("Juju GUI at version %s", archive.vers)
 		return nil
 	}
-	if err = clientSelectGUIVersion(client, vers); err != nil {
+	if err = clientSelectGUIVersion(client, archive.vers); err != nil {
 		return errors.Annotate(err, "cannot switch to new Juju GUI version")
 	}
-	ctx.Infof("Juju GUI switched to version %s", vers)
+	ctx.Infof("Juju GUI switched to version %s", archive.vers)
 	return nil
 }
 
+// openedArchive holds the results of openArchive calls.
+type openedArchive struct {
+	r     io.ReadCloser
+	hash  string
+	size  int64
+	vers  version.Number
+	local bool
+}
+
 // openArchive opens a Juju GUI archive from the given version or file path.
-// The returned readSeekCloser must be closed by callers.
-func openArchive(versOrPath string) (r io.ReadCloser, hash string, size int64, vers version.Number, err error) {
+// The readSeekCloser returned in openedArchive.r must be closed by callers.
+func openArchive(versOrPath string) (openedArchive, error) {
 	if versOrPath == "" {
 		// Return the most recent Juju GUI from simplestreams.
 		allMeta, err := remoteArchiveMetadata()
 		if err != nil {
-			return nil, "", 0, vers, errors.Annotate(err, "cannot upgrade to most recent release")
+			return openedArchive{}, errors.Annotate(err, "cannot upgrade to most recent release")
 		}
 		// The most recent Juju GUI release is the first on the list.
 		metadata := allMeta[0]
 		r, _, err := metadata.Source.Fetch(metadata.Path)
 		if err != nil {
-			return nil, "", 0, vers, errors.Annotatef(err, "cannot open Juju GUI archive at %q", metadata.FullPath)
+			return openedArchive{}, errors.Annotatef(err, "cannot open Juju GUI archive at %q", metadata.FullPath)
 		}
-		return r, metadata.SHA256, metadata.Size, metadata.Version, nil
+		return openedArchive{
+			r:    r,
+			hash: metadata.SHA256,
+			size: metadata.Size,
+			vers: metadata.Version,
+		}, nil
 	}
 	f, err := os.Open(versOrPath)
 	if err != nil {
 		if !os.IsNotExist(err) {
-			return nil, "", 0, vers, errors.Annotate(err, "cannot open GUI archive")
+			return openedArchive{}, errors.Annotate(err, "cannot open GUI archive")
 		}
-		vers, err = version.Parse(versOrPath)
+		vers, err := version.Parse(versOrPath)
 		if err != nil {
-			return nil, "", 0, vers, errors.Errorf("invalid GUI release version or local path %q", versOrPath)
+			return openedArchive{}, errors.Errorf("invalid GUI release version or local path %q", versOrPath)
 		}
 		// Return a specific release version from simplestreams.
 		allMeta, err := remoteArchiveMetadata()
 		if err != nil {
-			return nil, "", 0, vers, errors.Annotatef(err, "cannot upgrade to release %s", vers)
+			return openedArchive{}, errors.Annotatef(err, "cannot upgrade to release %s", vers)
 		}
 		metadata, err := findMetadataVersion(allMeta, vers)
 		if err != nil {
-			return nil, "", 0, vers, errors.Trace(err)
+			return openedArchive{}, errors.Trace(err)
 		}
 		r, _, err := metadata.Source.Fetch(metadata.Path)
 		if err != nil {
-			return nil, "", 0, vers, errors.Annotatef(err, "cannot open Juju GUI archive at %q", metadata.FullPath)
+			return openedArchive{}, errors.Annotatef(err, "cannot open Juju GUI archive at %q", metadata.FullPath)
 		}
-		return r, metadata.SHA256, metadata.Size, metadata.Version, nil
+		return openedArchive{
+			r:    r,
+			hash: metadata.SHA256,
+			size: metadata.Size,
+			vers: metadata.Version,
+		}, nil
 	}
 	// This is a local Juju GUI release.
 	defer func() {
@@ -190,21 +213,27 @@
 			f.Close()
 		}
 	}()
-	vers, err = archiveVersion(f)
+	vers, err := archiveVersion(f)
 	if err != nil {
-		return nil, "", 0, vers, errors.Annotatef(err, "cannot upgrade Juju GUI using %q", versOrPath)
+		return openedArchive{}, errors.Annotatef(err, "cannot upgrade Juju GUI using %q", versOrPath)
 	}
 	if _, err := f.Seek(0, 0); err != nil {
-		return nil, "", 0, version.Number{}, errors.Annotate(err, "cannot seek archive")
+		return openedArchive{}, errors.Annotate(err, "cannot seek archive")
 	}
-	hash, size, err = hashAndSize(f)
+	hash, size, err := hashAndSize(f)
 	if err != nil {
-		return nil, "", 0, version.Number{}, errors.Annotatef(err, "cannot upgrade Juju GUI using %q", versOrPath)
+		return openedArchive{}, errors.Annotatef(err, "cannot upgrade Juju GUI using %q", versOrPath)
 	}
 	if _, err := f.Seek(0, 0); err != nil {
-		return nil, "", 0, version.Number{}, errors.Annotate(err, "cannot seek archive")
+		return openedArchive{}, errors.Annotate(err, "cannot seek archive")
 	}
-	return f, hash, size, vers, nil
+	return openedArchive{
+		r:     f,
+		hash:  hash,
+		size:  size,
+		vers:  vers,
+		local: true,
+	}, nil
 }
 
 // remoteArchiveMetadata returns Juju GUI archive metadata from simplestreams.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/gui/upgradegui_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/gui/upgradegui_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/gui/upgradegui_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/gui/upgradegui_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -199,7 +199,7 @@
 	s.patchClientUploadGUIArchive(c, hash, size, "2.2.0", false, errors.New("bad wolf"))
 	out, err := s.run(c, path)
 	c.Assert(err, gc.ErrorMatches, "cannot upload Juju GUI: bad wolf")
-	c.Assert(out, gc.Equals, "fetching Juju GUI archive\nuploading Juju GUI 2.2.0")
+	c.Assert(out, gc.Equals, "using local Juju GUI archive\nuploading Juju GUI 2.2.0")
 }
 
 func (s *upgradeGUISuite) TestUpgradeGUISelectGUIVersionError(c *gc.C) {
@@ -209,7 +209,7 @@
 	s.patchClientSelectGUIVersion(c, "2.3.0", errors.New("bad wolf"))
 	out, err := s.run(c, path)
 	c.Assert(err, gc.ErrorMatches, "cannot switch to new Juju GUI version: bad wolf")
-	c.Assert(out, gc.Equals, "fetching Juju GUI archive\nuploading Juju GUI 2.3.0\nupload completed")
+	c.Assert(out, gc.Equals, "using local Juju GUI archive\nuploading Juju GUI 2.3.0\nupload completed")
 }
 
 func (s *upgradeGUISuite) TestUpgradeGUIFromSimplestreamsReleaseErrors(c *gc.C) {
@@ -298,7 +298,7 @@
 	}{{
 		about:          "archive: first archive",
 		archiveVersion: "2.0.0",
-		expectedOutput: "fetching Juju GUI archive\nuploading Juju GUI 2.0.0\nupload completed\nJuju GUI switched to version 2.0.0",
+		expectedOutput: "using local Juju GUI archive\nuploading Juju GUI 2.0.0\nupload completed\nJuju GUI switched to version 2.0.0",
 		uploaded:       true,
 		selected:       true,
 	}, {
@@ -313,7 +313,7 @@
 		},
 		uploaded:       true,
 		selected:       true,
-		expectedOutput: "fetching Juju GUI archive\nuploading Juju GUI 2.1.0\nupload completed\nJuju GUI switched to version 2.1.0",
+		expectedOutput: "using local Juju GUI archive\nuploading Juju GUI 2.1.0\nupload completed\nJuju GUI switched to version 2.1.0",
 	}, {
 		about:          "archive: new archive, existing non-current version",
 		archiveVersion: "2.0.42",
@@ -330,7 +330,7 @@
 		},
 		uploaded:       true,
 		selected:       true,
-		expectedOutput: "fetching Juju GUI archive\nuploading Juju GUI 2.0.42\nupload completed\nJuju GUI switched to version 2.0.42",
+		expectedOutput: "using local Juju GUI archive\nuploading Juju GUI 2.0.42\nupload completed\nJuju GUI switched to version 2.0.42",
 	}, {
 		about:          "archive: new archive, existing current version",
 		archiveVersion: "2.0.47",
@@ -342,7 +342,7 @@
 			}}
 		},
 		uploaded:       true,
-		expectedOutput: "fetching Juju GUI archive\nuploading Juju GUI 2.0.47\nupload completed\nJuju GUI at version 2.0.47",
+		expectedOutput: "using local Juju GUI archive\nuploading Juju GUI 2.0.47\nupload completed\nJuju GUI at version 2.0.47",
 	}, {
 		about:          "archive: existing archive, existing non-current version",
 		archiveVersion: "2.0.42",
@@ -386,7 +386,7 @@
 		},
 		uploaded:       true,
 		selected:       true,
-		expectedOutput: "fetching Juju GUI archive\nuploading Juju GUI 2.0.42\nupload completed\nJuju GUI switched to version 2.0.42",
+		expectedOutput: "using local Juju GUI archive\nuploading Juju GUI 2.0.42\nupload completed\nJuju GUI switched to version 2.0.42",
 	}, {
 		about:            "stream: first archive",
 		archiveVersion:   "2.0.0",
@@ -506,7 +506,7 @@
 			// Create an fake Juju GUI local archive.
 			arg, hash, size = saveGUIArchive(c, test.archiveVersion)
 		} else {
-			// User the remote metadata information.
+			// Use the remote metadata information.
 			arg = test.returnedMetadata.Version.String()
 			hash = test.returnedMetadata.SHA256
 			size = test.returnedMetadata.Size
@@ -544,7 +544,7 @@
 	// Upload the archive from command line.
 	out, err := s.run(c, path)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(out, gc.Equals, "fetching Juju GUI archive\nuploading Juju GUI 2.42.0\nupload completed\nJuju GUI switched to version 2.42.0")
+	c.Assert(out, gc.Equals, "using local Juju GUI archive\nuploading Juju GUI 2.42.0\nupload completed\nJuju GUI switched to version 2.42.0")
 
 	// Check that the archive is present in the GUI storage server side.
 	storage, err := s.State.GUIStorage()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/add.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/add.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/add.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/add.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,24 +9,23 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/machinemanager"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/block"
+	"github.com/juju/juju/cmd/juju/common"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/manual"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/provider"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/storage"
 )
 
 var addMachineDoc = `
-
 Juju supports adding machines using provider-specific machine instances
 (EC2 instances, OpenStack servers, MAAS nodes, etc.); existing machines
 running a supported operating system (see "manual provisioning" below),
@@ -39,7 +38,7 @@
 will interpret these constraints in order to decide what kind of machine
 to allocate.
 
-If a container type is specified (e.g. "lxc"), then add machine will
+If a container type is specified (e.g. "lxd"), then add machine will
 allocate a container of that type on a new provider-specific machine. It is
 also possible to add containers to existing machines using the format
 <container type>:<machine number>. Constraints cannot be combined with
@@ -60,18 +59,16 @@
 Examples:
    juju add-machine                      (starts a new machine)
    juju add-machine -n 2                 (starts 2 new machines)
-   juju add-machine lxc                  (starts a new machine with an lxc container)
-   juju add-machine lxc -n 2             (starts 2 new machines with an lxc container)
-   juju add-machine lxc:4                (starts a new lxc container on machine 4)
+   juju add-machine lxd                  (starts a new machine with an lxd container)
+   juju add-machine lxd -n 2             (starts 2 new machines with an lxd container)
+   juju add-machine lxd:4                (starts a new lxd container on machine 4)
    juju add-machine --constraints mem=8G (starts a machine with at least 8GB RAM)
    juju add-machine ssh:user@10.10.0.3   (manually provisions a machine with ssh)
    juju add-machine zone=us-east-1a      (start a machine in zone us-east-1a on AWS)
    juju add-machine maas2.name           (acquire machine maas2.name on MAAS)
 
 See Also:
-   juju help constraints
-   juju help placement
-   juju help remove-machine
+    juju remove-machine
 `
 
 func init() {
@@ -113,17 +110,17 @@
 	return &cmd.Info{
 		Name:    "add-machine",
 		Args:    "[<container>:machine | <container> | ssh:[user@]host | placement]",
-		Purpose: "start a new, empty machine and optionally a container, or add a container to a machine",
+		Purpose: "Start a new, empty machine and optionally a container, or add a container to a machine.",
 		Doc:     addMachineDoc,
 		Aliases: []string{"add-machines"},
 	}
 }
 
 func (c *addCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.StringVar(&c.Series, "series", "", "the charm series")
+	f.StringVar(&c.Series, "series", "", "The charm series")
 	f.IntVar(&c.NumMachines, "n", 1, "The number of machines to add")
-	f.Var(constraints.ConstraintsValue{Target: &c.Constraints}, "constraints", "additional machine constraints")
-	f.Var(disksFlag{&c.Disks}, "disks", "constraints for disks to attach to the machine")
+	f.Var(constraints.ConstraintsValue{Target: &c.Constraints}, "constraints", "Additional machine constraints")
+	f.Var(disksFlag{&c.Disks}, "disks", "Constraints for disks to attach to the machine")
 }
 
 func (c *addCommand) Init(args []string) error {
@@ -153,7 +150,7 @@
 	Close() error
 	ForceDestroyMachines(machines ...string) error
 	ModelGet() (map[string]interface{}, error)
-	ModelUUID() string
+	ModelUUID() (string, error)
 	ProvisioningScript(params.ProvisioningScriptParams) (script string, err error)
 }
 
@@ -218,12 +215,17 @@
 
 	if c.Placement != nil && c.Placement.Scope == "ssh" {
 		logger.Infof("manual provisioning")
+		authKeys, err := common.ReadAuthorizedKeys(ctx, "")
+		if err != nil {
+			return errors.Annotate(err, "reading authorized-keys")
+		}
 		args := manual.ProvisionMachineArgs{
-			Host:   c.Placement.Directive,
-			Client: client,
-			Stdin:  ctx.Stdin,
-			Stdout: ctx.Stdout,
-			Stderr: ctx.Stderr,
+			Host:           c.Placement.Directive,
+			Client:         client,
+			Stdin:          ctx.Stdin,
+			Stdout:         ctx.Stdout,
+			Stderr:         ctx.Stderr,
+			AuthorizedKeys: authKeys,
 			UpdateBehavior: &params.UpdateBehavior{
 				config.EnableOSRefreshUpdate(),
 				config.EnableOSUpgrade(),
@@ -238,24 +240,20 @@
 
 	logger.Infof("model provisioning")
 	if c.Placement != nil && c.Placement.Scope == "model-uuid" {
-		c.Placement.Scope = client.ModelUUID()
+		uuid, err := client.ModelUUID()
+		if err != nil {
+			return errors.Trace(err)
+		}
+		c.Placement.Scope = uuid
 	}
 
 	if c.Placement != nil && c.Placement.Scope == instance.MachineScope {
 		// It does not make sense to add-machine <id>.
-		return fmt.Errorf("machine-id cannot be specified when adding machines")
+		return errors.Errorf("machine-id cannot be specified when adding machines")
 	}
 
 	jobs := []multiwatcher.MachineJob{multiwatcher.JobHostUnits}
 
-	// In case of MAAS and Joyent JobManageNetworking is not added
-	// to ensure the non-intrusive start of a networker like above
-	// for the manual provisioning. See this related joyent bug
-	// http://pad.lv/1401423
-	if config.Type() != provider.MAAS && config.Type() != provider.Joyent {
-		jobs = append(jobs, multiwatcher.JobManageNetworking)
-	}
-
 	machineParams := params.AddMachineParams{
 		Placement:   c.Placement,
 		Series:      c.Series,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/add_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/add_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/add_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/add_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -55,24 +55,24 @@
 			args:  []string{"-n", "2"},
 			count: 2,
 		}, {
-			args:      []string{"lxc"},
+			args:      []string{"lxd"},
 			count:     1,
-			placement: "lxc:",
+			placement: "lxd:",
 		}, {
-			args:      []string{"lxc", "-n", "2"},
+			args:      []string{"lxd", "-n", "2"},
 			count:     2,
-			placement: "lxc:",
+			placement: "lxd:",
 		}, {
-			args:      []string{"lxc:4"},
+			args:      []string{"lxd:4"},
 			count:     1,
-			placement: "lxc:4",
+			placement: "lxd:4",
 		}, {
 			args:        []string{"--constraints", "mem=8G"},
 			count:       1,
 			constraints: "mem=8192M",
 		}, {
-			args:        []string{"--constraints", "container=lxc"},
-			errorString: `container constraint "lxc" not allowed when adding a machine`,
+			args:        []string{"--constraints", "container=lxd"},
+			errorString: `container constraint "lxd" not allowed when adding a machine`,
 		}, {
 			args:      []string{"ssh:user@10.10.0.3"},
 			count:     1,
@@ -127,7 +127,6 @@
 	param := s.fakeAddMachine.args[0]
 	c.Assert(param.Jobs, jc.DeepEquals, []multiwatcher.MachineJob{
 		multiwatcher.JobHostUnits,
-		multiwatcher.JobManageNetworking,
 	})
 }
 
@@ -189,18 +188,6 @@
 	c.Check(stripped, gc.Matches, ".*TestBlockedError.*")
 }
 
-func (s *AddMachineSuite) TestProviderDoesNotSupportJobManageNetworking(c *gc.C) {
-	s.fakeAddMachine.providerType = "maas"
-	_, err := s.run(c)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(s.fakeAddMachine.args, gc.HasLen, 1)
-	param := s.fakeAddMachine.args[0]
-	c.Assert(param.Jobs, jc.DeepEquals, []multiwatcher.MachineJob{
-		multiwatcher.JobHostUnits,
-	})
-}
-
 func (s *AddMachineSuite) TestAddMachineWithDisks(c *gc.C) {
 	s.fakeMachineManager.apiVersion = 1
 	_, err := s.run(c, "--disks", "2,1G", "--disks", "2G")
@@ -231,8 +218,8 @@
 	return nil
 }
 
-func (f *fakeAddMachineAPI) ModelUUID() string {
-	return "fake-uuid"
+func (f *fakeAddMachineAPI) ModelUUID() (string, error) {
+	return "fake-uuid", nil
 }
 
 func (f *fakeAddMachineAPI) AddMachines(args []params.AddMachineParams) ([]params.AddMachinesResult, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/base.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/base.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/base.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/base.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
 	"github.com/juju/juju/cmd/modelcmd"
 )
 
-// statusAPI defines the API methods for the list-mahines and show-machine commands.
+// statusAPI defines the API methods for the machines and show-machine commands.
 type statusAPI interface {
 	Status(pattern []string) (*params.FullStatus, error)
 	Close() error
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,6 @@
 
 import (
 	"github.com/juju/cmd"
-	"github.com/juju/errors"
 
 	"github.com/juju/juju/cmd/modelcmd"
 )
@@ -19,7 +18,7 @@
 Note: AZ above is the cloud region's availability zone.
 
 Examples:
-     juju list-machines
+     juju machines
 
 See also: 
     status`
@@ -44,17 +43,14 @@
 // Info implements Command.Info.
 func (c *listMachinesCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-machines",
+		Name:    "machines",
 		Purpose: usageListMachinesSummary,
 		Doc:     usageListMachinesDetails,
-		Aliases: []string{"machines", "machine", "list-machine"},
+		Aliases: []string{"list-machines", "machine", "list-machine"},
 	}
 }
 
-// Init ensures the list-machines Command does not take arguments.
-func (c *listMachinesCommand) Init(args []string) (err error) {
-	if args != nil {
-		return errors.Errorf("The list-machines command does not take any arguments")
-	}
-	return nil
+// Init ensures the machines Command does not take arguments.
+func (c *listMachinesCommand) Init(args []string) error {
+	return cmd.CheckEmpty(args)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/list_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/list_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/list_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/list_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,7 +27,10 @@
 
 func (*fakeStatusAPI) Status(c []string) (*params.FullStatus, error) {
 	result := &params.FullStatus{
-		ModelName: "dummyenv",
+		Model: params.ModelStatusInfo{
+			Name:    "dummyenv",
+			Version: "1.2.3",
+		},
 		Machines: map[string]params.MachineStatus{
 			"0": {
 				Id: "0",
@@ -35,18 +38,29 @@
 					Status: "started",
 				},
 				DNSName:    "10.0.0.1",
-				InstanceId: "juju-dummy-machine-0",
+				InstanceId: "juju-badd06-0",
 				Series:     "trusty",
 				Hardware:   "availability-zone=us-east-1",
 			},
 			"1": {
 				Id: "1",
 				AgentStatus: params.DetailedStatus{
-					Status: "pending",
+					Status: "started",
 				},
 				DNSName:    "10.0.0.2",
-				InstanceId: "juju-dummy-machine-1",
+				InstanceId: "juju-badd06-1",
 				Series:     "trusty",
+				Containers: map[string]params.MachineStatus{
+					"1/lxd/0": {
+						Id: "1/lxd/0",
+						AgentStatus: params.DetailedStatus{
+							Status: "pending",
+						},
+						DNSName:    "10.0.0.3",
+						InstanceId: "juju-badd06-1-lxd-0",
+						Series:     "trusty",
+					},
+				},
 			},
 		},
 	}
@@ -65,11 +79,10 @@
 	context, err := testing.RunCommand(c, newMachineListCommand())
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"\n"+
-		"[Machines] \n"+
-		"ID         STATE   DNS      INS-ID               SERIES AZ        \n"+
-		"0          started 10.0.0.1 juju-dummy-machine-0 trusty us-east-1 \n"+
-		"1          pending 10.0.0.2 juju-dummy-machine-1 trusty           \n"+
+		"MACHINE    STATE    DNS       INS-ID               SERIES  AZ\n"+
+		"0          started  10.0.0.1  juju-badd06-0        trusty  us-east-1\n"+
+		"1          started  10.0.0.2  juju-badd06-1        trusty  \n"+
+		"  1/lxd/0  pending  10.0.0.3  juju-badd06-1-lxd-0  trusty  \n"+
 		"\n")
 }
 
@@ -83,25 +96,32 @@
 		"    juju-status:\n"+
 		"      current: started\n"+
 		"    dns-name: 10.0.0.1\n"+
-		"    instance-id: juju-dummy-machine-0\n"+
+		"    instance-id: juju-badd06-0\n"+
 		"    series: trusty\n"+
 		"    hardware: availability-zone=us-east-1\n"+
 		"  \"1\":\n"+
 		"    juju-status:\n"+
-		"      current: pending\n"+
+		"      current: started\n"+
 		"    dns-name: 10.0.0.2\n"+
-		"    instance-id: juju-dummy-machine-1\n"+
-		"    series: trusty\n")
+		"    instance-id: juju-badd06-1\n"+
+		"    series: trusty\n"+
+		"    containers:\n"+
+		"      1/lxd/0:\n"+
+		"        juju-status:\n"+
+		"          current: pending\n"+
+		"        dns-name: 10.0.0.3\n"+
+		"        instance-id: juju-badd06-1-lxd-0\n"+
+		"        series: trusty\n")
 }
 
 func (s *MachineListCommandSuite) TestListMachineJson(c *gc.C) {
 	context, err := testing.RunCommand(c, newMachineListCommand(), "--format", "json")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"{\"model\":\"dummyenv\",\"machines\":{\"0\":{\"juju-status\":{\"current\":\"started\"},\"dns-name\":\"10.0.0.1\",\"instance-id\":\"juju-dummy-machine-0\",\"machine-status\":{},\"series\":\"trusty\",\"hardware\":\"availability-zone=us-east-1\"},\"1\":{\"juju-status\":{\"current\":\"pending\"},\"dns-name\":\"10.0.0.2\",\"instance-id\":\"juju-dummy-machine-1\",\"machine-status\":{},\"series\":\"trusty\"}}}\n")
+		"{\"model\":\"dummyenv\",\"machines\":{\"0\":{\"juju-status\":{\"current\":\"started\"},\"dns-name\":\"10.0.0.1\",\"instance-id\":\"juju-badd06-0\",\"machine-status\":{},\"series\":\"trusty\",\"hardware\":\"availability-zone=us-east-1\"},\"1\":{\"juju-status\":{\"current\":\"started\"},\"dns-name\":\"10.0.0.2\",\"instance-id\":\"juju-badd06-1\",\"machine-status\":{},\"series\":\"trusty\",\"containers\":{\"1/lxd/0\":{\"juju-status\":{\"current\":\"pending\"},\"dns-name\":\"10.0.0.3\",\"instance-id\":\"juju-badd06-1-lxd-0\",\"machine-status\":{},\"series\":\"trusty\"}}}}}\n")
 }
 
 func (s *MachineListCommandSuite) TestListMachineArgsError(c *gc.C) {
 	_, err := testing.RunCommand(c, newMachineListCommand(), "0")
-	c.Assert(err, gc.ErrorMatches, "The list-machines command does not take any arguments")
+	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["0"\]`)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/remove.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/cmd/juju/block"
@@ -28,25 +28,33 @@
 }
 
 const destroyMachineDoc = `
-Machines that are responsible for the model cannot be removed. Machines
-running units or containers can only be removed with the --force flag; doing
-so will also remove all those units and containers without giving them any
-opportunity to shut down cleanly.
+Machines are specified by their numbers, which may be retrieved from the
+output of ` + "`juju status`." + `
+Machines responsible for the model cannot be removed.
+Machines running units or containers can be removed using the '--force'
+option; this will also remove those units and containers without giving
+them an opportunity to shut down cleanly.
 
 Examples:
-	# Remove machine number 5 which has no running units or containers
-	$ juju remove-machine 5
 
-	# Remove machine 6 and any running units or containers
-	$ juju remove-machine 6 --force
+Remove machine number 5 which has no running units or containers:
+
+    juju remove-machine 5
+
+Remove machine 6 and any running units or containers:
+
+    juju remove-machine 6 --force
+
+See also:
+    add-machine
 `
 
 // Info implements Command.Info.
 func (c *removeCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "remove-machine",
-		Args:    "<machineID[s]> ...",
-		Purpose: "remove machines from the model",
+		Args:    "<machine number> ...",
+		Purpose: "Removes one or more machines from a model.",
 		Doc:     destroyMachineDoc,
 		Aliases: []string{"remove-machines"},
 	}
@@ -54,7 +62,7 @@
 
 // SetFlags implements Command.SetFlags.
 func (c *removeCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.Force, "force", false, "completely remove machine and all dependencies")
+	f.BoolVar(&c.Force, "force", false, "Completely remove a machine and all its dependencies")
 }
 
 func (c *removeCommand) Init(args []string) error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/remove_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/remove_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/remove_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/remove_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -56,11 +56,11 @@
 			machines: []string{"1", "2"},
 			force:    true,
 		}, {
-			args:        []string{"lxc"},
-			errorString: `invalid machine id "lxc"`,
+			args:        []string{"lxd"},
+			errorString: `invalid machine id "lxd"`,
 		}, {
-			args:     []string{"1/lxc/2"},
-			machines: []string{"1/lxc/2"},
+			args:     []string{"1/lxd/2"},
+			machines: []string{"1/lxd/2"},
 		},
 	} {
 		c.Logf("test %d", i)
@@ -77,17 +77,17 @@
 }
 
 func (s *RemoveMachineSuite) TestRemove(c *gc.C) {
-	_, err := s.run(c, "1", "2/lxc/1")
+	_, err := s.run(c, "1", "2/lxd/1")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.fake.forced, jc.IsFalse)
-	c.Assert(s.fake.machines, jc.DeepEquals, []string{"1", "2/lxc/1"})
+	c.Assert(s.fake.machines, jc.DeepEquals, []string{"1", "2/lxd/1"})
 }
 
 func (s *RemoveMachineSuite) TestRemoveForce(c *gc.C) {
-	_, err := s.run(c, "--force", "1", "2/lxc/1")
+	_, err := s.run(c, "--force", "1", "2/lxd/1")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.fake.forced, jc.IsTrue)
-	c.Assert(s.fake.machines, jc.DeepEquals, []string{"1", "2/lxc/1"})
+	c.Assert(s.fake.machines, jc.DeepEquals, []string{"1", "2/lxd/1"})
 }
 
 func (s *RemoveMachineSuite) TestBlockedError(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/show.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/show.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/show.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/show.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,22 +10,17 @@
 )
 
 const showMachineCommandDoc = `
-Show a specified machine on a model:
+Show a specified machine on a model.  Default format is in yaml,
+other formats can be specified with the "--format" option.
+Available formats are yaml, tabular, and json
+
+Examples:
+    # Display status for machine 0
+    juju show-machine 0
 
-juju show-machine <machineID> ...
+    # Display status for machines 1, 2 & 3
+    juju show-machine 1 2 3
 
-For example:
-
-juju show-machine 0
-
-or for multiple machines
-(the following will display status for machines 1, 2 & 3):
-
-juju show-machine 1 2 3
-
-Default format is in yaml, other formats can be specified
-with the "--format" option.  Available formats are yaml,
-tabular, and json
 `
 
 // NewShowMachineCommand returns a command that shows details on the specified machine[s].
@@ -50,7 +45,7 @@
 	return &cmd.Info{
 		Name:    "show-machine",
 		Args:    "<machineID> ...",
-		Purpose: "show a machines status",
+		Purpose: "Show a machine's status.",
 		Doc:     showMachineCommandDoc,
 		Aliases: []string{"show-machines"},
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/show_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/show_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/machine/show_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/machine/show_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,15 +36,22 @@
 		"    juju-status:\n"+
 		"      current: started\n"+
 		"    dns-name: 10.0.0.1\n"+
-		"    instance-id: juju-dummy-machine-0\n"+
+		"    instance-id: juju-badd06-0\n"+
 		"    series: trusty\n"+
 		"    hardware: availability-zone=us-east-1\n"+
 		"  \"1\":\n"+
 		"    juju-status:\n"+
-		"      current: pending\n"+
+		"      current: started\n"+
 		"    dns-name: 10.0.0.2\n"+
-		"    instance-id: juju-dummy-machine-1\n"+
-		"    series: trusty\n")
+		"    instance-id: juju-badd06-1\n"+
+		"    series: trusty\n"+
+		"    containers:\n"+
+		"      1/lxd/0:\n"+
+		"        juju-status:\n"+
+		"          current: pending\n"+
+		"        dns-name: 10.0.0.3\n"+
+		"        instance-id: juju-badd06-1-lxd-0\n"+
+		"        series: trusty\n")
 }
 func (s *MachineShowCommandSuite) TestShowSingleMachine(c *gc.C) {
 	context, err := testing.RunCommand(c, newMachineShowCommand(), "0")
@@ -56,7 +63,7 @@
 		"    juju-status:\n"+
 		"      current: started\n"+
 		"    dns-name: 10.0.0.1\n"+
-		"    instance-id: juju-dummy-machine-0\n"+
+		"    instance-id: juju-badd06-0\n"+
 		"    series: trusty\n"+
 		"    hardware: availability-zone=us-east-1\n")
 }
@@ -65,11 +72,10 @@
 	context, err := testing.RunCommand(c, newMachineShowCommand(), "--format", "tabular", "0", "1")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"\n"+
-		"[Machines] \n"+
-		"ID         STATE   DNS      INS-ID               SERIES AZ        \n"+
-		"0          started 10.0.0.1 juju-dummy-machine-0 trusty us-east-1 \n"+
-		"1          pending 10.0.0.2 juju-dummy-machine-1 trusty           \n"+
+		"MACHINE    STATE    DNS       INS-ID               SERIES  AZ\n"+
+		"0          started  10.0.0.1  juju-badd06-0        trusty  us-east-1\n"+
+		"1          started  10.0.0.2  juju-badd06-1        trusty  \n"+
+		"  1/lxd/0  pending  10.0.0.3  juju-badd06-1-lxd-0  trusty  \n"+
 		"\n")
 }
 
@@ -77,5 +83,5 @@
 	context, err := testing.RunCommand(c, newMachineShowCommand(), "--format", "json", "0", "1")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"{\"model\":\"dummyenv\",\"machines\":{\"0\":{\"juju-status\":{\"current\":\"started\"},\"dns-name\":\"10.0.0.1\",\"instance-id\":\"juju-dummy-machine-0\",\"machine-status\":{},\"series\":\"trusty\",\"hardware\":\"availability-zone=us-east-1\"},\"1\":{\"juju-status\":{\"current\":\"pending\"},\"dns-name\":\"10.0.0.2\",\"instance-id\":\"juju-dummy-machine-1\",\"machine-status\":{},\"series\":\"trusty\"}}}\n")
+		"{\"model\":\"dummyenv\",\"machines\":{\"0\":{\"juju-status\":{\"current\":\"started\"},\"dns-name\":\"10.0.0.1\",\"instance-id\":\"juju-badd06-0\",\"machine-status\":{},\"series\":\"trusty\",\"hardware\":\"availability-zone=us-east-1\"},\"1\":{\"juju-status\":{\"current\":\"started\"},\"dns-name\":\"10.0.0.2\",\"instance-id\":\"juju-badd06-1\",\"machine-status\":{},\"series\":\"trusty\",\"containers\":{\"1/lxd/0\":{\"juju-status\":{\"current\":\"pending\"},\"dns-name\":\"10.0.0.3\",\"instance-id\":\"juju-badd06-1-lxd-0\",\"machine-status\":{},\"series\":\"trusty\"}}}}}\n")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,10 +10,14 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"github.com/juju/loggo"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
+	"github.com/juju/juju/api"
 	actionapi "github.com/juju/juju/api/action"
+	"github.com/juju/juju/api/application"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/action"
 	"github.com/juju/juju/cmd/modelcmd"
@@ -21,12 +25,11 @@
 
 // TODO(bogdanteleaga): update this once querying for actions by name is implemented.
 const collectMetricsDoc = `
-collect-metrics
-trigger metrics collection
+Trigger metrics collection
 
-Collect metrics infinitely waits for the command to finish.
-However if you cancel the command while waiting, you can still
-look for the results under 'juju action status'.
+This command waits for the metric collection to finish before returning.
+You may abort this command and it will continue to run asynchronously.
+Results may be checked by 'juju action status'.
 `
 
 const (
@@ -34,11 +37,14 @@
 	commandTimeout = 3 * time.Second
 )
 
+var logger = loggo.GetLogger("juju.cmd.juju.collect-metrics")
+
 // collectMetricsCommand retrieves metrics stored in the juju controller.
 type collectMetricsCommand struct {
 	modelcmd.ModelCommandBase
-	units    []string
-	services []string
+	unit    string
+	service string
+	entity  string
 }
 
 // NewCollectMetricsCommand creates a new collectMetricsCommand.
@@ -50,8 +56,8 @@
 func (c *collectMetricsCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "collect-metrics",
-		Args:    "[service or unit]",
-		Purpose: "collect metrics on the given unit/service",
+		Args:    "[application or unit]",
+		Purpose: "Collect metrics on the given unit/application.",
 		Doc:     collectMetricsDoc,
 	}
 }
@@ -59,14 +65,15 @@
 // Init reads and verifies the cli arguments for the collectMetricsCommand
 func (c *collectMetricsCommand) Init(args []string) error {
 	if len(args) == 0 {
-		return errors.New("you need to specify a unit or service.")
+		return errors.New("you need to specify a unit or application.")
 	}
-	if names.IsValidUnit(args[0]) {
-		c.units = []string{args[0]}
-	} else if names.IsValidService(args[0]) {
-		c.services = []string{args[0]}
+	c.entity = args[0]
+	if names.IsValidUnit(c.entity) {
+		c.unit = c.entity
+	} else if names.IsValidApplication(args[0]) {
+		c.service = c.entity
 	} else {
-		return errors.Errorf("%q is not a valid unit or service", args[0])
+		return errors.Errorf("%q is not a valid unit or application", args[0])
 	}
 	if err := cmd.CheckEmpty(args[1:]); err != nil {
 		return errors.Errorf("unknown command line arguments: " + strings.Join(args, ","))
@@ -84,12 +91,8 @@
 	Run(run params.RunParams) ([]params.ActionResult, error)
 }
 
-var newRunClient = func(env modelcmd.ModelCommandBase) (runClient, error) {
-	root, err := env.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return actionapi.NewClient(root), errors.Trace(err)
+var newRunClient = func(conn api.Connection) runClient {
+	return actionapi.NewClient(conn)
 }
 
 func parseRunOutput(result params.ActionResult) (string, string, error) {
@@ -108,7 +111,10 @@
 }
 
 func parseActionResult(result params.ActionResult) (string, error) {
-	stdout, stderr, err := parseRunOutput(result)
+	if result.Action != nil {
+		logger.Infof("ran action id %v", result.Action.Tag)
+	}
+	_, stderr, err := parseRunOutput(result)
 	if err != nil {
 		return "", errors.Trace(err)
 	}
@@ -116,28 +122,75 @@
 	if err != nil {
 		return "", errors.Trace(err)
 	}
-	if stdout == "ok" {
-		return tag.Id(), nil
-	}
-	if strings.Contains(stderr, "No such file or directory") {
-		return "", errors.New("not a locally-deployed metered charm")
+	if strings.Contains(stderr, "nc: unix connect failed: No such file or directory") {
+		return "", errors.New("no collect application listening: does application support metric collection?")
 	}
 	return tag.Id(), nil
 }
 
+type serviceClient interface {
+	GetCharmURL(service string) (*charm.URL, error)
+}
+
+var newServiceClient = func(root api.Connection) serviceClient {
+	return application.NewClient(root)
+}
+
+func isLocalCharmURL(conn api.Connection, entity string) (bool, error) {
+	serviceName := entity
+	var err error
+	if names.IsValidUnit(entity) {
+		serviceName, err = names.UnitApplication(entity)
+		if err != nil {
+			return false, errors.Trace(err)
+		}
+	}
+
+	client := newServiceClient(conn)
+	// TODO (mattyw, anastasiamac) The storage work might lead to an api
+	// allowing us to query charm url for a unit.
+	// When that api exists we should use that here.
+	url, err := client.GetCharmURL(serviceName)
+	if err != nil {
+		return false, errors.Trace(err)
+	}
+	return url.Schema == "local", nil
+}
+
+var newAPIConn = func(cmd modelcmd.ModelCommandBase) (api.Connection, error) {
+	return cmd.NewAPIRoot()
+}
+
 // Run implements Command.Run.
 func (c *collectMetricsCommand) Run(ctx *cmd.Context) error {
-	runnerClient, err := newRunClient(c.ModelCommandBase)
+	root, err := newAPIConn(c.ModelCommandBase)
 	if err != nil {
 		return errors.Trace(err)
 	}
+	runnerClient := newRunClient(root)
 	defer runnerClient.Close()
 
+	islocal, err := isLocalCharmURL(root, c.entity)
+	if err != nil {
+		return errors.Annotate(err, "failed to find charmURL for entity")
+	}
+	if !islocal {
+		return errors.Errorf("%q is not a local charm", c.entity)
+	}
+
+	units := []string{}
+	services := []string{}
+	if c.unit != "" {
+		units = []string{c.unit}
+	}
+	if c.service != "" {
+		services = []string{c.service}
+	}
 	runParams := params.RunParams{
-		Timeout:  commandTimeout,
-		Units:    c.units,
-		Services: c.services,
-		Commands: "nc -U ../metrics-collect.socket",
+		Timeout:      commandTimeout,
+		Units:        units,
+		Applications: services,
+		Commands:     "nc -U ../metrics-collect.socket",
 	}
 
 	// trigger metrics collection
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/collectmetrics_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,14 +5,17 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/action"
 	"github.com/juju/juju/cmd/juju/metricsdebug"
+	"github.com/juju/juju/cmd/modelcmd"
 	coretesting "github.com/juju/juju/testing"
 )
 
@@ -24,7 +27,11 @@
 
 func (s *collectMetricsSuite) TestCollectMetrics(c *gc.C) {
 	runClient := &testRunClient{}
+	serviceClient := &testServiceClient{}
+	serviceClient.charmURL = "local:quantal/charm"
+	s.PatchValue(metricsdebug.NewAPIConn, noConn)
 	s.PatchValue(metricsdebug.NewRunClient, metricsdebug.NewRunClientFnc(runClient))
+	s.PatchValue(metricsdebug.NewServiceClient, metricsdebug.NewServiceClientFnc(serviceClient))
 
 	actionTag1 := names.NewActionTag("01234567-89ab-cdef-0123-456789abcdef")
 	actionTag2 := names.NewActionTag("11234567-89ab-cdef-0123-456789abcdef")
@@ -38,11 +45,11 @@
 		err       string
 	}{{
 		about: "missing args",
-		err:   "you need to specify a unit or service.",
+		err:   "you need to specify a unit or application.",
 	}, {
-		about: "invalid service name",
-		args:  []string{"service_1-0"},
-		err:   `"service_1-0" is not a valid unit or service`,
+		about: "invalid application name",
+		args:  []string{"application_1-0"},
+		err:   `"application_1-0" is not a valid unit or application`,
 	}, {
 		about: "all is well",
 		args:  []string{"uptime"},
@@ -312,6 +319,18 @@
 	}
 }
 
+func (s *collectMetricsSuite) TestCollectMetricsFailsOnNonLocalCharm(c *gc.C) {
+	runClient := &testRunClient{}
+	serviceClient := &testServiceClient{}
+	serviceClient.charmURL = "cs:quantal/charm"
+	s.PatchValue(metricsdebug.NewAPIConn, noConn)
+	s.PatchValue(metricsdebug.NewRunClient, metricsdebug.NewRunClientFnc(runClient))
+	s.PatchValue(metricsdebug.NewServiceClient, metricsdebug.NewServiceClientFnc(serviceClient))
+	_, err := coretesting.RunCommand(c, metricsdebug.NewCollectMetricsCommand(), "foobar")
+	c.Assert(err, gc.ErrorMatches, `"foobar" is not a local charm`)
+	runClient.CheckCallNames(c, "Close")
+}
+
 type testRunClient struct {
 	action.APIClient
 	testing.Stub
@@ -345,3 +364,21 @@
 	t.results = nil
 	t.err = ""
 }
+
+type testServiceClient struct {
+	testing.Stub
+	charmURL string
+}
+
+func (t *testServiceClient) GetCharmURL(service string) (*charm.URL, error) {
+	url := charm.MustParseURL(t.charmURL)
+	return url, t.NextErr()
+}
+
+func (t *testServiceClient) Close() error {
+	return t.NextErr()
+}
+
+func noConn(_ modelcmd.ModelCommandBase) (api.Connection, error) {
+	return nil, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,21 +7,32 @@
 	"errors"
 	"time"
 
+	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cmd/modelcmd"
 )
 
 var (
-	NewClient    = &newClient
-	NewRunClient = &newRunClient
+	NewClient        = &newClient
+	NewRunClient     = &newRunClient
+	NewServiceClient = &newServiceClient
+	NewAPIConn       = &newAPIConn
 )
 
 // NewRunClientFnc returns a function that returns a struct that implements the
 // runClient interface. This function can be used to patch the NewRunClient
 // variable in tests.
-func NewRunClientFnc(client runClient) func(modelcmd.ModelCommandBase) (runClient, error) {
-	return func(_ modelcmd.ModelCommandBase) (runClient, error) {
-		return client, nil
+func NewRunClientFnc(client runClient) func(api.Connection) runClient {
+	return func(_ api.Connection) runClient {
+		return client
+	}
+}
+
+// NewServiceClientFnc returns a function that returns a struct that implements the
+// serviceClient interface. This function can be used to patch the NewServiceClient
+// variable in tests.
+func NewServiceClientFnc(client serviceClient) func(api.Connection) serviceClient {
+	return func(_ api.Connection) serviceClient {
+		return client
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/metricsdebug"
@@ -21,8 +21,7 @@
 )
 
 const debugMetricsDoc = `
-debug-metrics
-display recently collected metrics and exit
+Display recently collected metrics and exit
 `
 
 // DebugMetricsCommand retrieves metrics stored in the juju controller.
@@ -42,8 +41,8 @@
 func (c *DebugMetricsCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "debug-metrics",
-		Args:    "[service or unit]",
-		Purpose: "retrieve metrics collected by the given unit/service",
+		Args:    "[application or unit]",
+		Purpose: "Retrieve metrics collected by the given unit/application.",
 		Doc:     debugMetricsDoc,
 	}
 }
@@ -51,14 +50,14 @@
 // Init reads and verifies the cli arguments for the DebugMetricsCommand
 func (c *DebugMetricsCommand) Init(args []string) error {
 	if len(args) == 0 {
-		return errors.New("you need to specify a unit or service.")
+		return errors.New("you need to specify a unit or application.")
 	}
 	if names.IsValidUnit(args[0]) {
 		c.Tag = names.NewUnitTag(args[0])
-	} else if names.IsValidService(args[0]) {
-		c.Tag = names.NewServiceTag(args[0])
+	} else if names.IsValidApplication(args[0]) {
+		c.Tag = names.NewApplicationTag(args[0])
 	} else {
-		return errors.Errorf("%q is not a valid unit or service", args[0])
+		return errors.Errorf("%q is not a valid unit or application", args[0])
 	}
 	if err := cmd.CheckEmpty(args[1:]); err != nil {
 		return errors.Errorf("unknown command line arguments: " + strings.Join(args, ","))
@@ -69,8 +68,8 @@
 // SetFlags implements Command.SetFlags.
 func (c *DebugMetricsCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.ModelCommandBase.SetFlags(f)
-	f.IntVar(&c.Count, "n", 0, "number of metrics to retrieve")
-	f.BoolVar(&c.Json, "json", false, "output metrics as json")
+	f.IntVar(&c.Count, "n", 0, "Number of metrics to retrieve")
+	f.BoolVar(&c.Json, "json", false, "Output metrics as json")
 }
 
 type GetMetricsClient interface {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/metricsdebug/metricsdebug_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -64,7 +64,7 @@
 	})
 	_, err := coretesting.RunCommand(c, metricsdebug.New(), "metered")
 	c.Assert(err, jc.ErrorIsNil)
-	client.CheckCall(c, 0, "GetMetrics", "service-metered")
+	client.CheckCall(c, 0, "GetMetrics", "application-metered")
 }
 
 func (s *DebugMetricsMockSuite) TestNotValidServiceOrUnit(c *gc.C) {
@@ -73,7 +73,7 @@
 		return &client, nil
 	})
 	_, err := coretesting.RunCommand(c, metricsdebug.New(), "!!!!!!")
-	c.Assert(err, gc.ErrorMatches, `"!!!!!!" is not a valid unit or service`)
+	c.Assert(err, gc.ErrorMatches, `"!!!!!!" is not a valid unit or application`)
 }
 
 type DebugMetricsCommandSuite struct {
@@ -84,14 +84,14 @@
 
 func (s *DebugMetricsCommandSuite) TestDebugNoArgs(c *gc.C) {
 	_, err := coretesting.RunCommand(c, metricsdebug.New())
-	c.Assert(err, gc.ErrorMatches, "you need to specify a unit or service.")
+	c.Assert(err, gc.ErrorMatches, "you need to specify a unit or application.")
 }
 
 func (s *DebugMetricsCommandSuite) TestUnits(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
-	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
+	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	newTime := time.Now().Round(time.Second)
 	metricA := state.Metric{"pings", "5", newTime}
 	metricB := state.Metric{"pings", "10.5", newTime}
@@ -111,9 +111,9 @@
 
 func (s *DebugMetricsCommandSuite) TestServiceWithNoption(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
-	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
+	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	newTime := time.Now().Round(time.Second)
 	metricA := state.Metric{"pings", "5", newTime}
 	metricB := state.Metric{"pings", "10.5", newTime}
@@ -133,9 +133,9 @@
 
 func (s *DebugMetricsCommandSuite) TestServiceWithNoptionGreaterThanMetricCount(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
-	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
+	unit2 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	newTime := time.Now().Round(time.Second)
 	metricA := state.Metric{"pings", "5", newTime}
 	metricB := state.Metric{"pings", "10.5", newTime}
@@ -156,8 +156,8 @@
 
 func (s *DebugMetricsCommandSuite) TestNoMetrics(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	ctx, err := coretesting.RunCommand(c, metricsdebug.New(), "metered", "-n", "2")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(cmdtesting.Stdout(ctx), gc.Equals, "")
@@ -165,8 +165,8 @@
 
 func (s *DebugMetricsCommandSuite) TestUnitJsonOutput(c *gc.C) {
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	newTime := time.Now().Round(time.Second)
 	metricA := state.Metric{"pings", "5", newTime}
 	metricB := state.Metric{"pings", "10.5", newTime}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/constraints.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/constraints.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/constraints.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/constraints.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,11 +18,11 @@
 	"Shows machine constraints that have been set on the model with\n" +
 	"`juju set-model-constraints.`\n" +
 	"By default, the model is the current model.\n" +
-	"Model constraints are combined with constraints set on a service\n" +
+	"Model constraints are combined with constraints set on an application\n" +
 	"with `juju set-constraints` for commands (such as 'deploy') that provision\n" +
-	"machines for services. Where model and service constraints overlap, the\n" +
-	"service constraints take precedence.\n" +
-	"Constraints for a specific service can be viewed with `juju get-constraints`.\n" + getConstraintsDocExamples
+	"machines for applications. Where model and application constraints overlap, the\n" +
+	"application constraints take precedence.\n" +
+	"Constraints for a specific application can be viewed with `juju get-constraints`.\n" + getConstraintsDocExamples
 
 const getConstraintsDocExamples = `
 Examples:
@@ -30,7 +30,7 @@
     juju get-model-constraints
     juju get-model-constraints -m mymodel
 
-See also: list-models
+See also: models
           set-model-constraints
           set-constraints
           get-constraints
@@ -41,11 +41,11 @@
 const setConstraintsDoc = "" +
 	"Sets machine constraints on the model that can be viewed with\n" +
 	"`juju get-model-constraints`.  By default, the model is the current model.\n" +
-	"Model constraints are combined with constraints set for a service with\n" +
+	"Model constraints are combined with constraints set for an application with\n" +
 	"`juju set-constraints` for commands (such as 'deploy') that provision\n" +
-	"machines for services. Where model and service constraints overlap, the\n" +
-	"service constraints take precedence.\n" +
-	"Constraints for a specific service can be viewed with `juju get-constraints`.\n" + setConstraintsDocExamples
+	"machines for applications. Where model and application constraints overlap, the\n" +
+	"application constraints take precedence.\n" +
+	"Constraints for a specific application can be viewed with `juju get-constraints`.\n" + setConstraintsDocExamples
 
 const setConstraintsDocExamples = `
 Examples:
@@ -53,7 +53,7 @@
     juju set-model-constraints cpu-cores=8 mem=16G
     juju set-model-constraints -m mymodel root-disk=64G
 
-See also: list-models
+See also: models
           get-model-constraints
           set-constraints
           get-constraints
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/destroy.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/destroy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/destroy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/destroy.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,6 +11,7 @@
 	"github.com/juju/loggo"
 	"launchpad.net/gnuflag"
 
+	"github.com/juju/juju/api/modelmanager"
 	"github.com/juju/juju/apiserver/params"
 	jujucmd "github.com/juju/juju/cmd"
 	"github.com/juju/juju/cmd/juju/block"
@@ -33,7 +34,7 @@
 	modelcmd.ModelCommandBase
 	envName   string
 	assumeYes bool
-	api       DestroyEnvironmentAPI
+	api       DestroyModelAPI
 }
 
 var destroyDoc = `
@@ -52,13 +53,13 @@
 `
 var destroyEnvMsg = `
 WARNING! This command will destroy the %q model.
-This includes all machines, services, data and other resources.
+This includes all machines, applications, data and other resources.
 
 Continue [y/N]? `[1:]
 
-// DestroyEnvironmentAPI defines the methods on the modelmanager
+// DestroyModelAPI defines the methods on the modelmanager
 // API that the destroy command calls. It is exported for mocking in tests.
-type DestroyEnvironmentAPI interface {
+type DestroyModelAPI interface {
 	Close() error
 	DestroyModel() error
 }
@@ -91,25 +92,28 @@
 	}
 }
 
-func (c *destroyCommand) getAPI() (DestroyEnvironmentAPI, error) {
+func (c *destroyCommand) getAPI() (DestroyModelAPI, error) {
 	if c.api != nil {
 		return c.api, nil
 	}
-	return c.NewAPIClient()
+	root, err := c.NewAPIRoot()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return modelmanager.NewClient(root), nil
 }
 
 // Run implements Command.Run
 func (c *destroyCommand) Run(ctx *cmd.Context) error {
 	store := c.ClientStore()
 	controllerName := c.ControllerName()
-	accountName := c.AccountName()
 	modelName := c.ModelName()
 
 	controllerDetails, err := store.ControllerByName(controllerName)
 	if err != nil {
 		return errors.Annotate(err, "cannot read controller details")
 	}
-	modelDetails, err := store.ModelByName(controllerName, accountName, modelName)
+	modelDetails, err := store.ModelByName(controllerName, modelName)
 	if err != nil {
 		return errors.Annotate(err, "cannot read model info")
 	}
@@ -138,7 +142,7 @@
 		return c.handleError(errors.Annotate(err, "cannot destroy model"), modelName)
 	}
 
-	err = store.RemoveModel(controllerName, accountName, modelName)
+	err = store.RemoveModel(controllerName, modelName)
 	if err != nil && !errors.IsNotFound(err) {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/destroy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/destroy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/destroy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/destroy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -47,22 +47,17 @@
 	s.api = &fakeDestroyAPI{}
 	s.api.err = nil
 
-	err := modelcmd.WriteCurrentController("test1")
-	c.Assert(err, jc.ErrorIsNil)
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "test1"
 	s.store.Controllers["test1"] = jujuclient.ControllerDetails{ControllerUUID: "test1-uuid"}
-	s.store.Models["test1"] = jujuclient.ControllerAccountModels{
-		AccountModels: map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{
-					"test1": {"test1-uuid"},
-					"test2": {"test2-uuid"},
-				},
-			},
+	s.store.Models["test1"] = &jujuclient.ControllerModels{
+		Models: map[string]jujuclient.ModelDetails{
+			"test1": {"test1-uuid"},
+			"test2": {"test2-uuid"},
 		},
 	}
-	s.store.Accounts["test1"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts["test1"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 }
 
@@ -77,13 +72,13 @@
 
 func checkModelExistsInStore(c *gc.C, name string, store jujuclient.ClientStore) {
 	controller, model := modelcmd.SplitModelName(name)
-	_, err := store.ModelByName(controller, "admin@local", model)
+	_, err := store.ModelByName(controller, model)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
 func checkModelRemovedFromStore(c *gc.C, name string, store jujuclient.ClientStore) {
 	controller, model := modelcmd.SplitModelName(name)
-	_, err := store.ModelByName(controller, "admin@local", model)
+	_, err := store.ModelByName(controller, model)
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
@@ -104,7 +99,7 @@
 
 func (s *DestroySuite) TestDestroyUnknownModel(c *gc.C) {
 	_, err := s.runDestroyCommand(c, "foo")
-	c.Assert(err, gc.ErrorMatches, `cannot read model info: model test1:admin@local:foo not found`)
+	c.Assert(err, gc.ErrorMatches, `cannot read model info: model test1:foo not found`)
 }
 
 func (s *DestroySuite) TestDestroyCannotConnectToAPI(c *gc.C) {
@@ -136,14 +131,10 @@
 }
 
 func (s *DestroySuite) resetModel(c *gc.C) {
-	s.store.Models["test1"] = jujuclient.ControllerAccountModels{
-		AccountModels: map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{
-					"test1": {"test1-uuid"},
-					"test2": {"test2-uuid"},
-				},
-			},
+	s.store.Models["test1"] = &jujuclient.ControllerModels{
+		Models: map[string]jujuclient.ModelDetails{
+			"test1": {"test1-uuid"},
+			"test2": {"test2-uuid"},
 		},
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 )
 
 // NewGetCommandForTest returns a GetCommand with the api provided as specified.
-func NewGetCommandForTest(api GetEnvironmentAPI) cmd.Command {
+func NewGetCommandForTest(api GetModelAPI) cmd.Command {
 	cmd := &getCommand{
 		api: api,
 	}
@@ -27,7 +27,7 @@
 }
 
 // NewUnsetCommandForTest returns an UnsetCommand with the api provided as specified.
-func NewUnsetCommandForTest(api UnsetEnvironmentAPI) cmd.Command {
+func NewUnsetCommandForTest(api UnsetModelAPI) cmd.Command {
 	cmd := &unsetCommand{
 		api: api,
 	}
@@ -57,7 +57,7 @@
 }
 
 // NewDestroyCommandForTest returns a DestroyCommand with the api provided as specified.
-func NewDestroyCommandForTest(api DestroyEnvironmentAPI, store jujuclient.ClientStore) cmd.Command {
+func NewDestroyCommandForTest(api DestroyModelAPI, store jujuclient.ClientStore) cmd.Command {
 	cmd := &destroyCommand{
 		api: api,
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/fakeenv_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/fakeenv_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/fakeenv_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/fakeenv_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,6 +6,7 @@
 import (
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/testing"
 )
 
@@ -39,6 +40,14 @@
 	return f.values, nil
 }
 
+func (f *fakeEnvAPI) ModelGetWithMetadata() (config.ConfigValues, error) {
+	result := make(config.ConfigValues)
+	for name, val := range f.values {
+		result[name] = config.ConfigValue{Value: val, Source: "model"}
+	}
+	return result, nil
+}
+
 func (f *fakeEnvAPI) ModelSet(config map[string]interface{}) error {
 	f.values = config
 	return f.err
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/get.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/get.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/get.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,13 +4,18 @@
 package model
 
 import (
+	"bytes"
 	"fmt"
+	"sort"
 	"strings"
+	"text/tabwriter"
 
 	"github.com/juju/cmd"
+	"github.com/juju/errors"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/environs/config"
 )
 
 func NewGetCommand() cmd.Command {
@@ -21,7 +26,7 @@
 // the requested value in a format of the user's choosing.
 type getCommand struct {
 	modelcmd.ModelCommandBase
-	api GetEnvironmentAPI
+	api GetModelAPI
 	key string
 	out cmd.Output
 }
@@ -36,7 +41,7 @@
     juju get-model-config default-series
     juju get-model-config -m mymodel type
 
-See also: list-models
+See also: models
           set-model-config
           unset-model-config
 `
@@ -51,7 +56,11 @@
 }
 
 func (c *getCommand) SetFlags(f *gnuflag.FlagSet) {
-	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
+	c.out.AddFlags(f, "tabular", map[string]cmd.Formatter{
+		"yaml":    cmd.FormatYaml,
+		"json":    cmd.FormatJson,
+		"tabular": formatConfigTabular,
+	})
 }
 
 func (c *getCommand) Init(args []string) (err error) {
@@ -59,12 +68,13 @@
 	return
 }
 
-type GetEnvironmentAPI interface {
+type GetModelAPI interface {
 	Close() error
 	ModelGet() (map[string]interface{}, error)
+	ModelGetWithMetadata() (config.ConfigValues, error)
 }
 
-func (c *getCommand) getAPI() (GetEnvironmentAPI, error) {
+func (c *getCommand) getAPI() (GetModelAPI, error) {
 	if c.api != nil {
 		return c.api, nil
 	}
@@ -78,17 +88,63 @@
 	}
 	defer client.Close()
 
-	attrs, err := client.ModelGet()
+	attrs, err := client.ModelGetWithMetadata()
 	if err != nil {
 		return err
 	}
 
 	if c.key != "" {
 		if value, found := attrs[c.key]; found {
-			return c.out.Write(ctx, value)
+			out, err := cmd.FormatSmart(value.Value)
+			if err != nil {
+				return err
+			}
+			fmt.Fprintf(ctx.Stdout, "%v\n", string(out))
+			return nil
 		}
 		return fmt.Errorf("key %q not found in %q model.", c.key, attrs["name"])
 	}
 	// If key is empty, write out the whole lot.
 	return c.out.Write(ctx, attrs)
 }
+
+// formatConfigTabular returns a tabular summary of config information.
+func formatConfigTabular(value interface{}) ([]byte, error) {
+	configValues, ok := value.(config.ConfigValues)
+	if !ok {
+		return nil, errors.Errorf("expected value of type %T, got %T", configValues, value)
+	}
+
+	var out bytes.Buffer
+	const (
+		// To format things into columns.
+		minwidth = 0
+		tabwidth = 1
+		padding  = 2
+		padchar  = ' '
+		flags    = 0
+	)
+	tw := tabwriter.NewWriter(&out, minwidth, tabwidth, padding, padchar, flags)
+	p := func(values ...string) {
+		text := strings.Join(values, "\t")
+		fmt.Fprintln(tw, text)
+	}
+	var valueNames []string
+	for name := range configValues {
+		valueNames = append(valueNames, name)
+	}
+	sort.Strings(valueNames)
+	p("ATTRIBUTE\tFROM\tVALUE")
+
+	for _, name := range valueNames {
+		info := configValues[name]
+		val, err := cmd.FormatSmart(info.Value)
+		if err != nil {
+			return nil, errors.Annotatef(err, "formatting value for %q", name)
+		}
+		p(name, info.Source, string(val))
+	}
+
+	tw.Flush()
+	return out.Bytes(), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/get_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/get_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/get_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/get_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,18 +49,24 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	output := strings.TrimSpace(testing.Stdout(context))
-	c.Assert(output, gc.Equals, `"test-model"`)
+	c.Assert(output, gc.Equals, "test-model")
 }
 
-func (s *GetSuite) TestAllValues(c *gc.C) {
-	context, err := s.run(c)
+func (s *GetSuite) TestAllValuesYAML(c *gc.C) {
+	context, err := s.run(c, "--format=yaml")
 	c.Assert(err, jc.ErrorIsNil)
 
 	output := strings.TrimSpace(testing.Stdout(context))
 	expected := "" +
-		"name: test-model\n" +
-		"running: true\n" +
-		"special: special value"
+		"name:\n" +
+		"  value: test-model\n" +
+		"  source: model\n" +
+		"running:\n" +
+		"  value: true\n" +
+		"  source: model\n" +
+		"special:\n" +
+		"  value: special value\n" +
+		"  source: model"
 	c.Assert(output, gc.Equals, expected)
 }
 
@@ -69,6 +75,19 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	output := strings.TrimSpace(testing.Stdout(context))
-	expected := `{"name":"test-model","running":true,"special":"special value"}`
+	expected := `{"name":{"Value":"test-model","Source":"model"},"running":{"Value":true,"Source":"model"},"special":{"Value":"special value","Source":"model"}}`
+	c.Assert(output, gc.Equals, expected)
+}
+
+func (s *GetSuite) TestAllValuesTabular(c *gc.C) {
+	context, err := s.run(c)
+	c.Assert(err, jc.ErrorIsNil)
+
+	output := strings.TrimSpace(testing.Stdout(context))
+	expected := "" +
+		"ATTRIBUTE  FROM   VALUE\n" +
+		"name       model  test-model\n" +
+		"running    model  True\n" +
+		"special    model  special value"
 	c.Assert(output, gc.Equals, expected)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/grantrevoke.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/grantrevoke.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/grantrevoke.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/grantrevoke.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,8 +18,12 @@
 
 var usageGrantDetails = `
 By default, the controller is the current controller.
-Model access can also be granted at user-addition time with the `[1:] + "`juju add-\nuser`" + ` command.
-Users with read access are limited in what they can do with models: ` + "`juju \nlist-models`, `juju list-machines`, and `juju status`" + `.
+
+Model access can also be granted at user-addition time with the
+`[1:] + "`juju add-user`" + ` command.
+
+Users with read access are limited in what they can do with models:
+` + "`juju models`, `juju machines`, and `juju status`" + `.
 
 Examples:
 Grant user 'joe' default (read) access to model 'mymodel':
@@ -43,6 +47,7 @@
 
 var usageRevokeDetails = `
 By default, the controller is the current controller.
+
 Revoking write access, from a user who has that permission, will leave
 that user with read access. Revoking read access, however, also revokes
 write access.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/grantrevoke_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/grantrevoke_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/grantrevoke_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/grantrevoke_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/model"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/testing"
@@ -37,30 +36,22 @@
 
 	// Set up the current controller, and write just enough info
 	// so we don't try to refresh
-	controllerName := "local.test-master"
-	err := modelcmd.WriteCurrentController(controllerName)
-	c.Assert(err, jc.ErrorIsNil)
+	controllerName := "test-master"
 
 	s.store = jujuclienttesting.NewMemStore()
-	s.store.Controllers["local.test-master"] = jujuclient.ControllerDetails{}
-	s.store.Accounts[controllerName] = &jujuclient.ControllerAccounts{
-		Accounts: map[string]jujuclient.AccountDetails{
-			"bob@local": {User: "bob@local"},
-		},
-		CurrentAccount: "bob@local",
+	s.store.CurrentControllerName = controllerName
+	s.store.Controllers[controllerName] = jujuclient.ControllerDetails{}
+	s.store.Accounts[controllerName] = jujuclient.AccountDetails{
+		User: "bob@local",
 	}
-	s.store.Models = map[string]jujuclient.ControllerAccountModels{
-		controllerName: jujuclient.ControllerAccountModels{
-			AccountModels: map[string]*jujuclient.AccountModels{
-				"bob@local": &jujuclient.AccountModels{
-					Models: map[string]jujuclient.ModelDetails{
-						"foo":    jujuclient.ModelDetails{fooModelUUID},
-						"bar":    jujuclient.ModelDetails{barModelUUID},
-						"baz":    jujuclient.ModelDetails{bazModelUUID},
-						"model1": jujuclient.ModelDetails{model1ModelUUID},
-						"model2": jujuclient.ModelDetails{model2ModelUUID},
-					},
-				},
+	s.store.Models = map[string]*jujuclient.ControllerModels{
+		controllerName: {
+			Models: map[string]jujuclient.ModelDetails{
+				"foo":    jujuclient.ModelDetails{fooModelUUID},
+				"bar":    jujuclient.ModelDetails{barModelUUID},
+				"baz":    jujuclient.ModelDetails{bazModelUUID},
+				"model1": jujuclient.ModelDetails{model1ModelUUID},
+				"model2": jujuclient.ModelDetails{model2ModelUUID},
 			},
 		},
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/retryprovisioning.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/retryprovisioning.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/retryprovisioning.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/retryprovisioning.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/block"
@@ -38,7 +38,7 @@
 	return &cmd.Info{
 		Name:    "retry-provisioning",
 		Args:    "<machine> [...]",
-		Purpose: "retries provisioning for failed machines",
+		Purpose: "Retries provisioning for failed machines.",
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/retryprovisioning_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/retryprovisioning_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/retryprovisioning_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/retryprovisioning_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -116,8 +116,8 @@
 		stdErr: `machine 1 is not in an error state` +
 			`machine 42 not found`,
 	}, {
-		args: []string{"0/lxc/0"},
-		err:  `invalid machine "0/lxc/0" retry-provisioning does not support containers`,
+		args: []string{"0/lxd/0"},
+		err:  `invalid machine "0/lxd/0" retry-provisioning does not support containers`,
 	},
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/set.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/set.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/set.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/set.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,7 +36,7 @@
     juju set-model-config logging-config='<root>=WARNING;unit=INFO'
     juju set-model-config -m mymodel api-port=17071 default-series=xenial
 
-See also: list-models
+See also: models
           get-model-config
           unset-model-config
 `
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/show.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/show.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/show.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/show.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/modelmanager"
@@ -52,7 +52,7 @@
 func (c *showModelCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "show-model",
-		Purpose: "shows information about the current or specified model",
+		Purpose: "Shows information about the current or specified model.",
 		Doc:     showModelCommandDoc,
 	}
 }
@@ -76,7 +76,6 @@
 	store := c.ClientStore()
 	modelDetails, err := store.ModelByName(
 		c.ControllerName(),
-		c.AccountName(),
 		c.ModelName(),
 	)
 	if err != nil {
@@ -99,6 +98,7 @@
 }
 
 func (c *showModelCommand) apiModelInfoToModelInfoMap(modelInfo []params.ModelInfo) (map[string]common.ModelInfo, error) {
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	now := time.Now()
 	output := make(map[string]common.ModelInfo)
 	for _, info := range modelInfo {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/show_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/show_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/show_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/show_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,14 +7,13 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/model"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/status"
@@ -76,6 +75,8 @@
 		UUID:           testing.ModelTag.Id(),
 		ControllerUUID: "1ca2293b-fdb9-4299-97d6-55583bb39364",
 		OwnerTag:       "user-admin@local",
+		Cloud:          "some-cloud",
+		CloudRegion:    "some-region",
 		ProviderType:   "openstack",
 		Life:           params.Alive,
 		Status: params.EntityStatus{
@@ -91,6 +92,8 @@
 			"model-uuid":      "deadbeef-0bad-400d-8000-4b1d0d06f00d",
 			"controller-uuid": "1ca2293b-fdb9-4299-97d6-55583bb39364",
 			"owner":           "admin@local",
+			"cloud":           "some-cloud",
+			"region":          "some-region",
 			"type":            "openstack",
 			"life":            "alive",
 			"status": attrs{
@@ -111,18 +114,17 @@
 		},
 	}
 
-	err := modelcmd.WriteCurrentController("testing")
-	c.Assert(err, jc.ErrorIsNil)
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "testing"
 	s.store.Controllers["testing"] = jujuclient.ControllerDetails{}
-	s.store.Accounts["testing"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts["testing"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
-	err = s.store.UpdateModel("testing", "admin@local", "mymodel", jujuclient.ModelDetails{
+	err := s.store.UpdateModel("testing", "mymodel", jujuclient.ModelDetails{
 		testing.ModelTag.Id(),
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	s.store.Models["testing"].AccountModels["admin@local"].CurrentModel = "mymodel"
+	s.store.Models["testing"].CurrentModel = "mymodel"
 }
 
 func (s *ShowCommandSuite) TestShow(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/unset.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/unset.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/unset.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/unset.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,7 @@
 
 type unsetCommand struct {
 	modelcmd.ModelCommandBase
-	api  UnsetEnvironmentAPI
+	api  UnsetModelAPI
 	keys []string
 }
 
@@ -59,13 +59,13 @@
 	return nil
 }
 
-type UnsetEnvironmentAPI interface {
+type UnsetModelAPI interface {
 	Close() error
 	ModelGet() (map[string]interface{}, error)
 	ModelUnset(keys ...string) error
 }
 
-func (c *unsetCommand) getAPI() (UnsetEnvironmentAPI, error) {
+func (c *unsetCommand) getAPI() (UnsetModelAPI, error) {
 	if c.api != nil {
 		return c.api, nil
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/users.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/users.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/users.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/users.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,8 +26,8 @@
 By default, the model is the current model.
 
 Examples:
-    juju list-shares
-    juju list-shares -m mymodel
+    juju shares
+    juju shares -m mymodel
 
 See also: 
     grant`[1:]
@@ -60,9 +60,10 @@
 // Info implements Command.Info.
 func (c *usersCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-shares",
+		Name:    "shares",
 		Purpose: usageListSharesSummary,
 		Doc:     usageListSharesDetails,
+		Aliases: []string{"list-shares"},
 	}
 }
 
@@ -87,6 +88,7 @@
 	if err != nil {
 		return err
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	return c.out.Write(ctx, common.ModelUserInfoFromParams(result, time.Now()))
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/users_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/users_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/model/users_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/model/users_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,6 @@
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/model"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/testing"
@@ -61,12 +60,11 @@
 
 	s.fake = &fakeModelUsersClient{users: userlist}
 
-	err := modelcmd.WriteCurrentController("testing")
-	c.Assert(err, jc.ErrorIsNil)
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "testing"
 	s.store.Controllers["testing"] = jujuclient.ControllerDetails{}
-	s.store.Accounts["testing"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts["testing"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addrelation.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addrelation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addrelation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addrelation.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,66 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-// NewAddRelationCommand returns a command to add a relation between 2 services.
-func NewAddRelationCommand() cmd.Command {
-	return modelcmd.Wrap(&addRelationCommand{})
-}
-
-// addRelationCommand adds a relation between two service endpoints.
-type addRelationCommand struct {
-	modelcmd.ModelCommandBase
-	Endpoints []string
-}
-
-func (c *addRelationCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "add-relation",
-		Args:    "<service1>[:<relation name1>] <service2>[:<relation name2>]",
-		Purpose: "add a relation between two services",
-	}
-}
-
-func (c *addRelationCommand) Init(args []string) error {
-	if len(args) != 2 {
-		return fmt.Errorf("a relation must involve two services")
-	}
-	c.Endpoints = args
-	return nil
-}
-
-type serviceAddRelationAPI interface {
-	Close() error
-	AddRelation(endpoints ...string) (*params.AddRelationResults, error)
-}
-
-func (c *addRelationCommand) getAPI() (serviceAddRelationAPI, error) {
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiservice.NewClient(root), nil
-}
-
-func (c *addRelationCommand) Run(_ *cmd.Context) error {
-	client, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-	_, err = client.AddRelation(c.Endpoints...)
-	return block.ProcessBlockedError(err, block.BlockChange)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addrelation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addrelation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addrelation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addrelation_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,190 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/juju/common"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-)
-
-type AddRelationSuite struct {
-	jujutesting.RepoSuite
-	common.CmdBlockHelper
-}
-
-func (s *AddRelationSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-}
-
-var _ = gc.Suite(&AddRelationSuite{})
-
-func runAddRelation(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, NewAddRelationCommand(), args...)
-	return err
-}
-
-var msWpAlreadyExists = `cannot add relation "wp:db ms:server": relation already exists`
-var msLgAlreadyExists = `cannot add relation "lg:info ms:juju-info": relation already exists`
-var wpLgAlreadyExists = `cannot add relation "lg:logging-directory wp:logging-dir": relation already exists`
-var wpLgAlreadyExistsJuju = `cannot add relation "lg:info wp:juju-info": relation already exists`
-
-var addRelationTests = []struct {
-	args []string
-	err  string
-}{
-	{
-		args: []string{"rk", "ms"},
-		err:  "no relations found",
-	}, {
-		err: "a relation must involve two services",
-	}, {
-		args: []string{"rk"},
-		err:  "a relation must involve two services",
-	}, {
-		args: []string{"rk:ring"},
-		err:  "a relation must involve two services",
-	}, {
-		args: []string{"ping:pong", "tic:tac", "icki:wacki"},
-		err:  "a relation must involve two services",
-	},
-
-	// Add a real relation, and check various ways of failing to re-add it.
-	{
-		args: []string{"ms", "wp"},
-	}, {
-		args: []string{"ms", "wp"},
-		err:  msWpAlreadyExists,
-	}, {
-		args: []string{"wp", "ms"},
-		err:  msWpAlreadyExists,
-	}, {
-		args: []string{"ms", "wp:db"},
-		err:  msWpAlreadyExists,
-	}, {
-		args: []string{"ms:server", "wp"},
-		err:  msWpAlreadyExists,
-	}, {
-		args: []string{"ms:server", "wp:db"},
-		err:  msWpAlreadyExists,
-	},
-
-	// Add a real relation using an implicit endpoint.
-	{
-		args: []string{"ms", "lg"},
-	}, {
-		args: []string{"ms", "lg"},
-		err:  msLgAlreadyExists,
-	}, {
-		args: []string{"lg", "ms"},
-		err:  msLgAlreadyExists,
-	}, {
-		args: []string{"ms:juju-info", "lg"},
-		err:  msLgAlreadyExists,
-	}, {
-		args: []string{"ms", "lg:info"},
-		err:  msLgAlreadyExists,
-	}, {
-		args: []string{"ms:juju-info", "lg:info"},
-		err:  msLgAlreadyExists,
-	},
-
-	// Add a real relation using an explicit endpoint, avoiding the potential implicit one.
-	{
-		args: []string{"wp", "lg"},
-	}, {
-		args: []string{"wp", "lg"},
-		err:  wpLgAlreadyExists,
-	}, {
-		args: []string{"lg", "wp"},
-		err:  wpLgAlreadyExists,
-	}, {
-		args: []string{"wp:logging-dir", "lg"},
-		err:  wpLgAlreadyExists,
-	}, {
-		args: []string{"wp", "lg:logging-directory"},
-		err:  wpLgAlreadyExists,
-	}, {
-		args: []string{"wp:logging-dir", "lg:logging-directory"},
-		err:  wpLgAlreadyExists,
-	},
-
-	// Check we can still use the implicit endpoint if specified explicitly.
-	{
-		args: []string{"wp:juju-info", "lg"},
-	}, {
-		args: []string{"wp:juju-info", "lg"},
-		err:  wpLgAlreadyExistsJuju,
-	}, {
-		args: []string{"lg", "wp:juju-info"},
-		err:  wpLgAlreadyExistsJuju,
-	}, {
-		args: []string{"wp:juju-info", "lg"},
-		err:  wpLgAlreadyExistsJuju,
-	}, {
-		args: []string{"wp", "lg:info"},
-		err:  wpLgAlreadyExistsJuju,
-	}, {
-		args: []string{"wp:juju-info", "lg:info"},
-		err:  wpLgAlreadyExistsJuju,
-	},
-}
-
-func (s *AddRelationSuite) TestAddRelation(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "wordpress")
-	err := runDeploy(c, ch, "wp", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "mysql")
-	err = runDeploy(c, ch, "ms", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
-	err = runDeploy(c, ch, "rk", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
-	err = runDeploy(c, ch, "lg", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-
-	for i, t := range addRelationTests {
-		c.Logf("test %d: %v", i, t.args)
-		err := runAddRelation(c, t.args...)
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-		}
-	}
-}
-
-func (s *AddRelationSuite) TestBlockAddRelation(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "wordpress")
-	err := runDeploy(c, ch, "wp", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "mysql")
-	err = runDeploy(c, ch, "ms", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
-	err = runDeploy(c, ch, "rk", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
-	err = runDeploy(c, ch, "lg", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Block operation
-	s.BlockAllChanges(c, "TestBlockAddRelation")
-
-	for i, t := range addRelationTests {
-		c.Logf("test %d: %v", i, t.args)
-		err := runAddRelation(c, t.args...)
-		if len(t.args) == 2 {
-			// Only worry about Run being blocked.
-			// For len(t.args) != 2, an Init will fail
-			s.AssertBlocked(c, err, ".*TestBlockAddRelation.*")
-		}
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addunit.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addunit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addunit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addunit.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,195 +0,0 @@
-// Copyright 2012-2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"regexp"
-	"strings"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"launchpad.net/gnuflag"
-
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/instance"
-)
-
-var usageAddUnitSummary = `
-Adds one or more units to a deployed service.`[1:]
-
-var usageAddUnitDetails = `
-Adding units to an existing service is a way to scale out that service. 
-Many charms will seamlessly support horizontal scaling, others may need an
-additional service to facilitate load-balancing (check the individual 
-charm documentation).
-This command is applied to services that have already been deployed.
-By default, services are deployed to newly provisioned machines in
-accordance with any service or model constraints. Alternatively, this 
-command also supports the placement directive ("--to") for targeting
-specific machines or containers, which will bypass any existing
-constraints.
-
-Examples:
-Add five units of wordpress on five new machines:
-
-    juju add-unit wordpress -n 5
-
-Add one unit of mysql to the existing machine 23:
-
-    juju add-unit mysql --to 23
-
-Create a new LXC container on machine 7 and add one unit of mysql:
-
-    juju add-unit mysql --to lxc:7
-
-Add a unit of mariadb to LXC container number 3 on machine 24:
-
-    juju add-unit mariadb --to 24/lxc/3
-
-See also: 
-    remove-unit`[1:]
-
-// UnitCommandBase provides support for commands which deploy units. It handles the parsing
-// and validation of --to and --num-units arguments.
-type UnitCommandBase struct {
-	// PlacementSpec is the raw string command arg value used to specify placement directives.
-	PlacementSpec string
-	// Placement is the result of parsing the PlacementSpec arg value.
-	Placement []*instance.Placement
-	NumUnits  int
-}
-
-func (c *UnitCommandBase) SetFlags(f *gnuflag.FlagSet) {
-	f.IntVar(&c.NumUnits, "num-units", 1, "")
-	f.StringVar(&c.PlacementSpec, "to", "", "The machine and/or container to deploy the unit in (bypasses constraints)")
-}
-
-func (c *UnitCommandBase) Init(args []string) error {
-	if c.NumUnits < 1 {
-		return errors.New("--num-units must be a positive integer")
-	}
-	if c.PlacementSpec != "" {
-		placementSpecs := strings.Split(c.PlacementSpec, ",")
-		c.Placement = make([]*instance.Placement, len(placementSpecs))
-		for i, spec := range placementSpecs {
-			placement, err := parsePlacement(spec)
-			if err != nil {
-				return errors.Errorf("invalid --to parameter %q", spec)
-			}
-			c.Placement[i] = placement
-		}
-	}
-	if len(c.Placement) > c.NumUnits {
-		logger.Warningf("%d unit(s) will be deployed, extra placement directives will be ignored", c.NumUnits)
-	}
-	return nil
-}
-
-func parsePlacement(spec string) (*instance.Placement, error) {
-	if spec == "" {
-		return nil, nil
-	}
-	placement, err := instance.ParsePlacement(spec)
-	if err == instance.ErrPlacementScopeMissing {
-		spec = "model-uuid" + ":" + spec
-		placement, err = instance.ParsePlacement(spec)
-	}
-	if err != nil {
-		return nil, errors.Errorf("invalid --to parameter %q", spec)
-	}
-	return placement, nil
-}
-
-// NewAddUnitCommand returns a command that adds a unit[s] to a service.
-func NewAddUnitCommand() cmd.Command {
-	return modelcmd.Wrap(&addUnitCommand{})
-}
-
-// addUnitCommand is responsible adding additional units to a service.
-type addUnitCommand struct {
-	modelcmd.ModelCommandBase
-	UnitCommandBase
-	ServiceName string
-	api         serviceAddUnitAPI
-}
-
-func (c *addUnitCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "add-unit",
-		Args:    "<service name>",
-		Purpose: usageAddUnitSummary,
-		Doc:     usageAddUnitDetails,
-		Aliases: []string{"add-units"},
-	}
-}
-
-func (c *addUnitCommand) SetFlags(f *gnuflag.FlagSet) {
-	c.UnitCommandBase.SetFlags(f)
-	f.IntVar(&c.NumUnits, "n", 1, "Number of units to add")
-}
-
-func (c *addUnitCommand) Init(args []string) error {
-	switch len(args) {
-	case 1:
-		c.ServiceName = args[0]
-	case 0:
-		return errors.New("no service specified")
-	}
-	if err := cmd.CheckEmpty(args[1:]); err != nil {
-		return err
-	}
-	return c.UnitCommandBase.Init(args)
-}
-
-// serviceAddUnitAPI defines the methods on the client API
-// that the service add-unit command calls.
-type serviceAddUnitAPI interface {
-	Close() error
-	ModelUUID() string
-	AddUnits(service string, numUnits int, placement []*instance.Placement) ([]string, error)
-}
-
-func (c *addUnitCommand) getAPI() (serviceAddUnitAPI, error) {
-	if c.api != nil {
-		return c.api, nil
-	}
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiservice.NewClient(root), nil
-}
-
-// Run connects to the environment specified on the command line
-// and calls AddUnits for the given service.
-func (c *addUnitCommand) Run(_ *cmd.Context) error {
-	apiclient, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer apiclient.Close()
-
-	for i, p := range c.Placement {
-		if p.Scope == "model-uuid" {
-			p.Scope = apiclient.ModelUUID()
-		}
-		c.Placement[i] = p
-	}
-	_, err = apiclient.AddUnits(c.ServiceName, c.NumUnits, c.Placement)
-	return block.ProcessBlockedError(err, block.BlockChange)
-}
-
-// deployTarget describes the format a machine or container target must match to be valid.
-const deployTarget = "^(" + names.ContainerTypeSnippet + ":)?" + names.MachineSnippet + "$"
-
-var validMachineOrNewContainer = regexp.MustCompile(deployTarget)
-
-// IsMachineOrNewContainer returns whether spec is a valid machine id
-// or new container definition.
-func IsMachineOrNewContainer(spec string) bool {
-	return validMachineOrNewContainer.MatchString(spec)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addunit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addunit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/addunit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/addunit_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,178 +0,0 @@
-// Copyright 2012-2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"strings"
-
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/cmd/juju/service"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/testing"
-)
-
-type AddUnitSuite struct {
-	testing.FakeJujuXDGDataHomeSuite
-	fake *fakeServiceAddUnitAPI
-}
-
-type fakeServiceAddUnitAPI struct {
-	envType   string
-	service   string
-	numUnits  int
-	placement []*instance.Placement
-	err       error
-}
-
-func (f *fakeServiceAddUnitAPI) Close() error {
-	return nil
-}
-
-func (f *fakeServiceAddUnitAPI) ModelUUID() string {
-	return "fake-uuid"
-}
-
-func (f *fakeServiceAddUnitAPI) AddUnits(service string, numUnits int, placement []*instance.Placement) ([]string, error) {
-	if f.err != nil {
-		return nil, f.err
-	}
-	if service != f.service {
-		return nil, errors.NotFoundf("service %q", service)
-	}
-
-	f.numUnits += numUnits
-	f.placement = placement
-	return nil, nil
-}
-
-func (f *fakeServiceAddUnitAPI) ModelGet() (map[string]interface{}, error) {
-	cfg, err := config.New(config.UseDefaults, map[string]interface{}{
-		"type": f.envType,
-		"name": "dummy",
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	return cfg.AllAttrs(), nil
-}
-
-func (s *AddUnitSuite) SetUpTest(c *gc.C) {
-	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
-	s.fake = &fakeServiceAddUnitAPI{service: "some-service-name", numUnits: 1, envType: "dummy"}
-}
-
-var _ = gc.Suite(&AddUnitSuite{})
-
-var initAddUnitErrorTests = []struct {
-	args []string
-	err  string
-}{
-	{
-		args: []string{"some-service-name", "-n", "0"},
-		err:  `--num-units must be a positive integer`,
-	}, {
-		args: []string{},
-		err:  `no service specified`,
-	}, {
-		args: []string{"some-service-name", "--to", "1,#:foo"},
-		err:  `invalid --to parameter "#:foo"`,
-	},
-}
-
-func (s *AddUnitSuite) TestInitErrors(c *gc.C) {
-	for i, t := range initAddUnitErrorTests {
-		c.Logf("test %d", i)
-		err := testing.InitCommand(service.NewAddUnitCommandForTest(s.fake), t.args)
-		c.Check(err, gc.ErrorMatches, t.err)
-	}
-}
-
-func (s *AddUnitSuite) runAddUnit(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, service.NewAddUnitCommandForTest(s.fake), args...)
-	return err
-}
-
-func (s *AddUnitSuite) TestAddUnit(c *gc.C) {
-	err := s.runAddUnit(c, "some-service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.numUnits, gc.Equals, 2)
-
-	err = s.runAddUnit(c, "--num-units", "2", "some-service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.numUnits, gc.Equals, 4)
-}
-
-func (s *AddUnitSuite) TestAddUnitWithPlacement(c *gc.C) {
-	err := s.runAddUnit(c, "some-service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.numUnits, gc.Equals, 2)
-
-	err = s.runAddUnit(c, "--num-units", "2", "--to", "123,lxc:1,1/lxc/2,foo", "some-service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.numUnits, gc.Equals, 4)
-	c.Assert(s.fake.placement, jc.DeepEquals, []*instance.Placement{
-		{"#", "123"},
-		{"lxc", "1"},
-		{"#", "1/lxc/2"},
-		{"fake-uuid", "foo"},
-	})
-}
-
-func (s *AddUnitSuite) TestBlockAddUnit(c *gc.C) {
-	// Block operation
-	s.fake.err = common.OperationBlockedError("TestBlockAddUnit")
-	s.runAddUnit(c, "some-service-name")
-
-	// msg is logged
-	stripped := strings.Replace(c.GetTestLog(), "\n", "", -1)
-	c.Check(stripped, gc.Matches, ".*TestBlockAddUnit.*")
-}
-
-func (s *AddUnitSuite) TestForceMachine(c *gc.C) {
-	err := s.runAddUnit(c, "some-service-name", "--to", "3")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.numUnits, gc.Equals, 2)
-	c.Assert(s.fake.placement[0].Directive, gc.Equals, "3")
-
-	err = s.runAddUnit(c, "some-service-name", "--to", "23")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.numUnits, gc.Equals, 3)
-	c.Assert(s.fake.placement[0].Directive, gc.Equals, "23")
-}
-
-func (s *AddUnitSuite) TestForceMachineNewContainer(c *gc.C) {
-	err := s.runAddUnit(c, "some-service-name", "--to", "lxc:1")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.fake.numUnits, gc.Equals, 2)
-	c.Assert(s.fake.placement[0].Directive, gc.Equals, "1")
-	c.Assert(s.fake.placement[0].Scope, gc.Equals, "lxc")
-}
-
-func (s *AddUnitSuite) TestNameChecks(c *gc.C) {
-	assertMachineOrNewContainer := func(s string, expect bool) {
-		c.Logf("%s -> %v", s, expect)
-		c.Assert(service.IsMachineOrNewContainer(s), gc.Equals, expect)
-	}
-	assertMachineOrNewContainer("0", true)
-	assertMachineOrNewContainer("00", false)
-	assertMachineOrNewContainer("1", true)
-	assertMachineOrNewContainer("0/lxc/0", true)
-	assertMachineOrNewContainer("lxc:0", true)
-	assertMachineOrNewContainer("lxc:lxc:0", false)
-	assertMachineOrNewContainer("kvm:0/lxc/1", true)
-	assertMachineOrNewContainer("lxc:", false)
-	assertMachineOrNewContainer(":lxc", false)
-	assertMachineOrNewContainer("0/lxc/", false)
-	assertMachineOrNewContainer("0/lxc", false)
-	assertMachineOrNewContainer("kvm:0/lxc", false)
-	assertMachineOrNewContainer("0/lxc/01", false)
-	assertMachineOrNewContainer("0/lxc/10", true)
-	assertMachineOrNewContainer("0/kvm/4", true)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/bundle.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/bundle.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/bundle.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/bundle.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,841 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"os"
-	"path/filepath"
-	"sort"
-	"strings"
-	"time"
-
-	"github.com/juju/bundlechanges"
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/macaroon.v1"
-	"gopkg.in/yaml.v1"
-
-	"github.com/juju/juju/api"
-	apiannotations "github.com/juju/juju/api/annotations"
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/charmstore"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/state/multiwatcher"
-	"github.com/juju/juju/state/watcher"
-	"github.com/juju/juju/storage"
-)
-
-var watchAll = func(c *api.Client) (allWatcher, error) {
-	return c.WatchAll()
-}
-
-type allWatcher interface {
-	Next() ([]multiwatcher.Delta, error)
-	Stop() error
-}
-
-// deploymentLogger is used to notify clients about the bundle deployment
-// progress.
-type deploymentLogger interface {
-	// Infof formats and logs the given message.
-	Infof(string, ...interface{})
-}
-
-// deployBundle deploys the given bundle data using the given API client and
-// charm store client. The deployment is not transactional, and its progress is
-// notified using the given deployment logger.
-func deployBundle(
-	bundleFilePath string,
-	data *charm.BundleData,
-	channel csparams.Channel,
-	client *api.Client,
-	serviceDeployer *serviceDeployer,
-	resolver *charmURLResolver,
-	log deploymentLogger,
-	bundleStorage map[string]map[string]storage.Constraints,
-) (map[*charm.URL]*macaroon.Macaroon, error) {
-	verifyConstraints := func(s string) error {
-		_, err := constraints.Parse(s)
-		return err
-	}
-	verifyStorage := func(s string) error {
-		_, err := storage.ParseConstraints(s)
-		return err
-	}
-	var verifyError error
-	if bundleFilePath == "" {
-		verifyError = data.Verify(verifyConstraints, verifyStorage)
-	} else {
-		verifyError = data.VerifyLocal(bundleFilePath, verifyConstraints, verifyStorage)
-	}
-	if verifyError != nil {
-		if verr, ok := verifyError.(*charm.VerificationError); ok {
-			errs := make([]string, len(verr.Errors))
-			for i, err := range verr.Errors {
-				errs[i] = err.Error()
-			}
-			return nil, errors.New("the provided bundle has the following errors:\n" + strings.Join(errs, "\n"))
-		}
-		return nil, errors.Annotate(verifyError, "cannot deploy bundle")
-	}
-
-	// Retrieve bundle changes.
-	changes := bundlechanges.FromData(data)
-	numChanges := len(changes)
-
-	// Initialize the unit status.
-	status, err := client.Status(nil)
-	if err != nil {
-		return nil, errors.Annotate(err, "cannot get model status")
-	}
-	unitStatus := make(map[string]string, numChanges)
-	for _, serviceData := range status.Services {
-		for unit, unitData := range serviceData.Units {
-			unitStatus[unit] = unitData.Machine
-		}
-	}
-
-	// Instantiate a watcher used to follow the deployment progress.
-	watcher, err := watchAll(client)
-	if err != nil {
-		return nil, errors.Annotate(err, "cannot watch model")
-	}
-	defer watcher.Stop()
-
-	serviceClient, err := serviceDeployer.newServiceAPIClient()
-	if err != nil {
-		return nil, errors.Annotate(err, "cannot get service client")
-	}
-
-	annotationsClient, err := serviceDeployer.newAnnotationsAPIClient()
-	if err != nil {
-		return nil, errors.Annotate(err, "cannot get annotations client")
-	}
-
-	// Instantiate the bundle handler.
-	h := &bundleHandler{
-		bundleDir:         bundleFilePath,
-		changes:           changes,
-		results:           make(map[string]string, numChanges),
-		channel:           channel,
-		client:            client,
-		serviceClient:     serviceClient,
-		annotationsClient: annotationsClient,
-		serviceDeployer:   serviceDeployer,
-		bundleStorage:     bundleStorage,
-		resolver:          resolver,
-		log:               log,
-		data:              data,
-		unitStatus:        unitStatus,
-		ignoredMachines:   make(map[string]bool, len(data.Services)),
-		ignoredUnits:      make(map[string]bool, len(data.Services)),
-		watcher:           watcher,
-	}
-
-	// Deploy the bundle.
-	csMacs := make(map[*charm.URL]*macaroon.Macaroon)
-	channels := make(map[*charm.URL]csparams.Channel)
-	for _, change := range changes {
-		switch change := change.(type) {
-		case *bundlechanges.AddCharmChange:
-			cURL, channel, csMac, err2 := h.addCharm(change.Id(), change.Params)
-			if err2 == nil {
-				csMacs[cURL] = csMac
-				channels[cURL] = channel
-			}
-			err = err2
-		case *bundlechanges.AddMachineChange:
-			err = h.addMachine(change.Id(), change.Params)
-		case *bundlechanges.AddRelationChange:
-			err = h.addRelation(change.Id(), change.Params)
-		case *bundlechanges.AddServiceChange:
-			var cURL *charm.URL
-			cURL, err = charm.ParseURL(resolve(change.Params.Charm, h.results))
-			if err == nil {
-				chID := charmstore.CharmID{
-					URL:     cURL,
-					Channel: channels[cURL],
-				}
-				csMac := csMacs[cURL]
-				err = h.addService(change.Id(), change.Params, chID, csMac)
-			}
-		case *bundlechanges.AddUnitChange:
-			err = h.addUnit(change.Id(), change.Params)
-		case *bundlechanges.ExposeChange:
-			err = h.exposeService(change.Id(), change.Params)
-		case *bundlechanges.SetAnnotationsChange:
-			err = h.setAnnotations(change.Id(), change.Params)
-		default:
-			return nil, errors.Errorf("unknown change type: %T", change)
-		}
-		if err != nil {
-			return nil, errors.Annotate(err, "cannot deploy bundle")
-		}
-	}
-	return csMacs, nil
-}
-
-// bundleHandler provides helpers and the state required to deploy a bundle.
-type bundleHandler struct {
-	// bundleDir is the path where the bundle file is located for local bundles.
-	bundleDir string
-	// changes holds the changes to be applied in order to deploy the bundle.
-	changes []bundlechanges.Change
-
-	// results collects data resulting from applying changes. Keys identify
-	// changes, values result from interacting with the environment, and are
-	// stored so that they can be potentially reused later, for instance for
-	// resolving a dynamic placeholder included in a change. Specifically, the
-	// following values are stored:
-	// - when adding a charm, the fully resolved charm is stored;
-	// - when deploying a service, the service name is stored;
-	// - when adding a machine, the resulting machine id is stored;
-	// - when adding a unit, either the id of the machine holding the unit or
-	//   the unit name can be stored. The latter happens when a machine is
-	//   implicitly created by adding a unit without a machine spec.
-	results map[string]string
-
-	// channel identifies the default channel to use for the bundle.
-	channel csparams.Channel
-
-	// client is used to interact with the environment.
-	client *api.Client
-
-	// serviceClient is used to interact with services.
-	serviceClient *apiservice.Client
-
-	// annotationsClient is used to interact with annotations.
-	annotationsClient *apiannotations.Client
-
-	// serviceDeployer is used to deploy services.
-	serviceDeployer *serviceDeployer
-
-	// bundleStorage contains a mapping of service-specific storage
-	// constraints. For each service, the storage constraints in the
-	// map will replace or augment the storage constraints specified
-	// in the bundle itself.
-	bundleStorage map[string]map[string]storage.Constraints
-
-	// resolver is used to resolve charm and bundle URLs.
-	resolver *charmURLResolver
-
-	// log is used to output messages to the user, so that the user can keep
-	// track of the bundle deployment progress.
-	log deploymentLogger
-
-	// data is the original bundle data that we want to deploy.
-	data *charm.BundleData
-
-	// unitStatus reflects the environment status and maps unit names to their
-	// corresponding machine identifiers. This is kept updated by both change
-	// handlers (addCharm, addService etc.) and by updateUnitStatus.
-	unitStatus map[string]string
-
-	// ignoredMachines and ignoredUnits map service names to whether a machine
-	// or a unit creation has been skipped during the bundle deployment because
-	// the current status of the environment does not require them to be added.
-	ignoredMachines map[string]bool
-	ignoredUnits    map[string]bool
-
-	// watcher holds an environment mega-watcher used to keep the environment
-	// status up to date.
-	watcher allWatcher
-}
-
-// addCharm adds a charm to the environment.
-func (h *bundleHandler) addCharm(id string, p bundlechanges.AddCharmParams) (*charm.URL, csparams.Channel, *macaroon.Macaroon, error) {
-	// First attempt to interpret as a local path.
-	if strings.HasPrefix(p.Charm, ".") || filepath.IsAbs(p.Charm) {
-		charmPath := p.Charm
-		if !filepath.IsAbs(charmPath) {
-			charmPath = filepath.Join(h.bundleDir, charmPath)
-		}
-
-		var noChannel csparams.Channel
-		series := p.Series
-		if series == "" {
-			series = h.data.Series
-		}
-		ch, curl, err := charmrepo.NewCharmAtPath(charmPath, series)
-		if err != nil && !os.IsNotExist(err) {
-			return nil, noChannel, nil, errors.Annotatef(err, "cannot deploy local charm at %q", charmPath)
-		}
-		if err == nil {
-			if curl, err = h.client.AddLocalCharm(curl, ch); err != nil {
-				return nil, noChannel, nil, err
-			}
-			h.log.Infof("added charm %s", curl)
-			h.results[id] = curl.String()
-			return curl, noChannel, nil, nil
-		}
-	}
-
-	// Not a local charm, so grab from the store.
-	url, channel, _, store, err := h.resolver.resolve(p.Charm)
-	if err != nil {
-		return nil, channel, nil, errors.Annotatef(err, "cannot resolve URL %q", p.Charm)
-	}
-	if url.Series == "bundle" {
-		return nil, channel, nil, errors.Errorf("expected charm URL, got bundle URL %q", p.Charm)
-	}
-	var csMac *macaroon.Macaroon
-	url, csMac, err = addCharmFromURL(h.client, url, channel, store.Client())
-	if err != nil {
-		return nil, channel, nil, errors.Annotatef(err, "cannot add charm %q", p.Charm)
-	}
-	h.log.Infof("added charm %s", url)
-	h.results[id] = url.String()
-	return url, channel, csMac, nil
-}
-
-// addService deploys or update a service with no units. Service options are
-// also set or updated.
-func (h *bundleHandler) addService(id string, p bundlechanges.AddServiceParams, chID charmstore.CharmID, csMac *macaroon.Macaroon) error {
-	h.results[id] = p.Service
-	ch := chID.URL.String()
-	// Handle service configuration.
-	configYAML := ""
-	if len(p.Options) > 0 {
-		config, err := yaml.Marshal(map[string]map[string]interface{}{p.Service: p.Options})
-		if err != nil {
-			return errors.Annotatef(err, "cannot marshal options for service %q", p.Service)
-		}
-		configYAML = string(config)
-	}
-	// Handle service constraints.
-	cons, err := constraints.Parse(p.Constraints)
-	if err != nil {
-		// This should never happen, as the bundle is already verified.
-		return errors.Annotate(err, "invalid constraints for service")
-	}
-	storageConstraints := h.bundleStorage[p.Service]
-	if len(p.Storage) > 0 {
-		if storageConstraints == nil {
-			storageConstraints = make(map[string]storage.Constraints)
-		}
-		for k, v := range p.Storage {
-			if _, ok := storageConstraints[k]; ok {
-				// Storage constraints overridden
-				// on the command line.
-				continue
-			}
-			cons, err := storage.ParseConstraints(v)
-			if err != nil {
-				return errors.Annotate(err, "invalid storage constraints")
-			}
-			storageConstraints[k] = cons
-		}
-	}
-	resources := make(map[string]string)
-	for resName, revision := range p.Resources {
-		resources[resName] = fmt.Sprint(revision)
-	}
-	charmInfo, err := h.client.CharmInfo(ch)
-	if err != nil {
-		return err
-	}
-	resNames2IDs, err := handleResources(h.serviceDeployer.api, resources, p.Service, chID, csMac, charmInfo.Meta.Resources)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	// Figure out what series we need to deploy with.
-	conf, err := getClientConfig(h.client)
-	if err != nil {
-		return err
-	}
-	supportedSeries := charmInfo.Meta.Series
-	series, message, err := charmSeries(p.Series, chID.URL.Series, supportedSeries, false, conf, deployFromBundle)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	// Deploy the service.
-	if err := h.serviceDeployer.serviceDeploy(serviceDeployParams{
-		charmID:       chID,
-		serviceName:   p.Service,
-		series:        series,
-		configYAML:    configYAML,
-		constraints:   cons,
-		storage:       storageConstraints,
-		spaceBindings: p.EndpointBindings,
-		resources:     resNames2IDs,
-	}); err == nil {
-		h.log.Infof("service %s deployed (charm %s %v)", p.Service, ch, fmt.Sprintf(message, series))
-		for resName := range resNames2IDs {
-			h.log.Infof("added resource %s", resName)
-		}
-		return nil
-	} else if !isErrServiceExists(err) {
-		return errors.Annotatef(err, "cannot deploy service %q", p.Service)
-	}
-	// The service is already deployed in the environment: check that its
-	// charm is compatible with the one declared in the bundle. If it is,
-	// reuse the existing service or upgrade to a specified revision.
-	// Exit with an error otherwise.
-	if err := h.upgradeCharm(p.Service, chID, csMac, resources); err != nil {
-		return errors.Annotatef(err, "cannot upgrade service %q", p.Service)
-	}
-	// Update service configuration.
-	if configYAML != "" {
-		if err := h.serviceClient.Update(params.ServiceUpdate{
-			ServiceName:  p.Service,
-			SettingsYAML: configYAML,
-		}); err != nil {
-			// This should never happen as possible errors are already returned
-			// by the service Deploy call above.
-			return errors.Annotatef(err, "cannot update options for service %q", p.Service)
-		}
-		h.log.Infof("configuration updated for service %s", p.Service)
-	}
-	// Update service constraints.
-	if p.Constraints != "" {
-		if err := h.serviceClient.SetConstraints(p.Service, cons); err != nil {
-			// This should never happen, as the bundle is already verified.
-			return errors.Annotatef(err, "cannot update constraints for service %q", p.Service)
-		}
-		h.log.Infof("constraints applied for service %s", p.Service)
-	}
-	return nil
-}
-
-// addMachine creates a new top-level machine or container in the environment.
-func (h *bundleHandler) addMachine(id string, p bundlechanges.AddMachineParams) error {
-	services := h.servicesForMachineChange(id)
-	// Note that we always have at least one service that justifies the
-	// creation of this machine.
-	msg := services[0] + " unit"
-	svcLen := len(services)
-	if svcLen != 1 {
-		msg = strings.Join(services[:svcLen-1], ", ") + " and " + services[svcLen-1] + " units"
-	}
-	// Check whether the desired number of units already exist in the
-	// environment, in which case avoid adding other machines to host those
-	// service units.
-	machine := h.chooseMachine(services...)
-	if machine != "" {
-		h.results[id] = machine
-		notify := make([]string, 0, svcLen)
-		for _, service := range services {
-			if !h.ignoredMachines[service] {
-				h.ignoredMachines[service] = true
-				notify = append(notify, service)
-			}
-		}
-		svcLen = len(notify)
-		switch svcLen {
-		case 0:
-			return nil
-		case 1:
-			msg = notify[0]
-		default:
-			msg = strings.Join(notify[:svcLen-1], ", ") + " and " + notify[svcLen-1]
-		}
-		h.log.Infof("avoid creating other machines to host %s units", msg)
-		return nil
-	}
-	cons, err := constraints.Parse(p.Constraints)
-	if err != nil {
-		// This should never happen, as the bundle is already verified.
-		return errors.Annotate(err, "invalid constraints for machine")
-	}
-	machineParams := params.AddMachineParams{
-		Constraints: cons,
-		Series:      p.Series,
-		Jobs:        []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
-	}
-	if p.ContainerType != "" {
-		containerType, err := instance.ParseContainerType(p.ContainerType)
-		if err != nil {
-			return errors.Annotatef(err, "cannot create machine for holding %s", msg)
-		}
-		machineParams.ContainerType = containerType
-		if p.ParentId != "" {
-			machineParams.ParentId, err = h.resolveMachine(p.ParentId)
-			if err != nil {
-				return errors.Annotatef(err, "cannot retrieve parent placement for %s", msg)
-			}
-		}
-	}
-	r, err := h.client.AddMachines([]params.AddMachineParams{machineParams})
-	if err != nil {
-		return errors.Annotatef(err, "cannot create machine for holding %s", msg)
-	}
-	if r[0].Error != nil {
-		return errors.Annotatef(r[0].Error, "cannot create machine for holding %s", msg)
-	}
-	machine = r[0].Machine
-	if p.ContainerType == "" {
-		h.log.Infof("created new machine %s for holding %s", machine, msg)
-	} else if p.ParentId == "" {
-		h.log.Infof("created %s container in new machine for holding %s", machine, msg)
-	} else {
-		h.log.Infof("created %s container in machine %s for holding %s", machine, machineParams.ParentId, msg)
-	}
-	h.results[id] = machine
-	return nil
-}
-
-// addRelation creates a relationship between two services.
-func (h *bundleHandler) addRelation(id string, p bundlechanges.AddRelationParams) error {
-	ep1 := resolveRelation(p.Endpoint1, h.results)
-	ep2 := resolveRelation(p.Endpoint2, h.results)
-	_, err := h.serviceClient.AddRelation(ep1, ep2)
-	if err == nil {
-		// A new relation has been established.
-		h.log.Infof("related %s and %s", ep1, ep2)
-		return nil
-	}
-	if isErrRelationExists(err) {
-		// The relation is already present in the environment.
-		h.log.Infof("%s and %s are already related", ep1, ep2)
-		return nil
-	}
-	return errors.Annotatef(err, "cannot add relation between %q and %q", ep1, ep2)
-}
-
-// addUnit adds a single unit to a service already present in the environment.
-func (h *bundleHandler) addUnit(id string, p bundlechanges.AddUnitParams) error {
-	service := resolve(p.Service, h.results)
-	// Check whether the desired number of units already exist in the
-	// environment, in which case avoid adding other units.
-	machine := h.chooseMachine(service)
-	if machine != "" {
-		h.results[id] = machine
-		if !h.ignoredUnits[service] {
-			h.ignoredUnits[service] = true
-			num := h.numUnitsForService(service)
-			var msg string
-			if num == 1 {
-				msg = "1 unit already present"
-			} else {
-				msg = fmt.Sprintf("%d units already present", num)
-			}
-			h.log.Infof("avoid adding new units to service %s: %s", service, msg)
-		}
-		return nil
-	}
-	var machineSpec string
-	var placementArg []*instance.Placement
-	if p.To != "" {
-		var err error
-		if machineSpec, err = h.resolveMachine(p.To); err != nil {
-			// Should never happen.
-			return errors.Annotatef(err, "cannot retrieve placement for %q unit", service)
-		}
-		placement, err := parsePlacement(machineSpec)
-		if err != nil {
-			return errors.Errorf("invalid --to parameter %q", machineSpec)
-		}
-		placementArg = append(placementArg, placement)
-	}
-	r, err := h.serviceClient.AddUnits(service, 1, placementArg)
-	if err != nil {
-		return errors.Annotatef(err, "cannot add unit for service %q", service)
-	}
-	unit := r[0]
-	if machineSpec == "" {
-		h.log.Infof("added %s unit to new machine", unit)
-		// In this case, the unit name is stored in results instead of the
-		// machine id, which is lazily evaluated later only if required.
-		// This way we avoid waiting for watcher updates.
-		h.results[id] = unit
-	} else {
-		h.log.Infof("added %s unit to machine %s", unit, machineSpec)
-		h.results[id] = machineSpec
-	}
-	// Note that the machineSpec can be empty for now, resulting in a partially
-	// incomplete unit status. That's ok as the missing info is provided later
-	// when it is required.
-	h.unitStatus[unit] = machineSpec
-	return nil
-}
-
-// exposeService exposes a service.
-func (h *bundleHandler) exposeService(id string, p bundlechanges.ExposeParams) error {
-	service := resolve(p.Service, h.results)
-	if err := h.serviceClient.Expose(service); err != nil {
-		return errors.Annotatef(err, "cannot expose service %s", service)
-	}
-	h.log.Infof("service %s exposed", service)
-	return nil
-}
-
-// setAnnotations sets annotations for a service or a machine.
-func (h *bundleHandler) setAnnotations(id string, p bundlechanges.SetAnnotationsParams) error {
-	eid := resolve(p.Id, h.results)
-	var tag string
-	switch p.EntityType {
-	case bundlechanges.MachineType:
-		tag = names.NewMachineTag(eid).String()
-	case bundlechanges.ServiceType:
-		tag = names.NewServiceTag(eid).String()
-	default:
-		return errors.Errorf("unexpected annotation entity type %q", p.EntityType)
-	}
-	result, err := h.annotationsClient.Set(map[string]map[string]string{tag: p.Annotations})
-	if err == nil && len(result) > 0 {
-		err = result[0].Error
-	}
-	if err != nil {
-		return errors.Annotatef(err, "cannot set annotations for %s %q", p.EntityType, eid)
-	}
-	h.log.Infof("annotations set for %s %s", p.EntityType, eid)
-	return nil
-}
-
-// servicesForMachineChange returns the names of the services for which an
-// "addMachine" change is required, as adding machines is required to place
-// units, and units belong to services.
-// Receive the id of the "addMachine" change.
-func (h *bundleHandler) servicesForMachineChange(changeId string) []string {
-	services := make(map[string]bool, len(h.data.Services))
-mainloop:
-	for _, change := range h.changes {
-		for _, required := range change.Requires() {
-			if required != changeId {
-				continue
-			}
-			switch change := change.(type) {
-			case *bundlechanges.AddMachineChange:
-				// The original machine is a container, and its parent is
-				// another "addMachines" change. Search again using the
-				// parent id.
-				for _, service := range h.servicesForMachineChange(change.Id()) {
-					services[service] = true
-				}
-				continue mainloop
-			case *bundlechanges.AddUnitChange:
-				// We have found the "addUnit" change, which refers to a
-				// service: now resolve the service holding the unit.
-				service := resolve(change.Params.Service, h.results)
-				services[service] = true
-				continue mainloop
-			case *bundlechanges.SetAnnotationsChange:
-				// A machine change is always required to set machine
-				// annotations, but this isn't the interesting change here.
-				continue mainloop
-			default:
-				// Should never happen.
-				panic(fmt.Sprintf("unexpected change %T", change))
-			}
-		}
-	}
-	results := make([]string, 0, len(services))
-	for service := range services {
-		results = append(results, service)
-	}
-	sort.Strings(results)
-	return results
-}
-
-// chooseMachine returns the id of a machine that will be used to host a unit
-// of all the given services. If one of the services still requires units to be
-// added, an empty string is returned, meaning that a new machine must be
-// created for holding the unit. If instead all units are already placed,
-// return the id of the machine which already holds units of the given services
-// and which hosts the least number of units.
-func (h *bundleHandler) chooseMachine(services ...string) string {
-	candidateMachines := make(map[string]bool, len(h.unitStatus))
-	numUnitsPerMachine := make(map[string]int, len(h.unitStatus))
-	numUnitsPerService := make(map[string]int, len(h.data.Services))
-	// Collect the number of units and the corresponding machines for all
-	// involved services.
-	for unit, machine := range h.unitStatus {
-		// Retrieve the top level machine.
-		machine = strings.Split(machine, "/")[0]
-		numUnitsPerMachine[machine]++
-		svc, err := names.UnitService(unit)
-		if err != nil {
-			// Should never happen because the bundle logic has already checked
-			// that unit names are well formed.
-			panic(err)
-		}
-		for _, service := range services {
-			if service != svc {
-				continue
-			}
-			numUnitsPerService[service]++
-			candidateMachines[machine] = true
-		}
-	}
-	// If at least one service still requires units to be added, return an
-	// empty machine in order to force new machine creation.
-	for _, service := range services {
-		if numUnitsPerService[service] < h.data.Services[service].NumUnits {
-			return ""
-		}
-	}
-	// Return the least used machine.
-	var result string
-	var min int
-	for machine, num := range numUnitsPerMachine {
-		if candidateMachines[machine] && (result == "" || num < min) {
-			result, min = machine, num
-		}
-	}
-	return result
-}
-
-// updateUnitStatusPeriod is the time duration used to wait for a mega-watcher
-// change to be available.
-var updateUnitStatusPeriod = watcher.Period + 5*time.Second
-
-// updateUnitStatus uses the mega-watcher to update units and machines info
-// (h.unitStatus) so that it reflects the current environment status.
-// This function must be called assuming new delta changes are available or
-// will be available within the watcher time period. Otherwise, the function
-// unblocks and an error is returned.
-func (h *bundleHandler) updateUnitStatus() error {
-	var delta []multiwatcher.Delta
-	var err error
-	ch := make(chan struct{})
-	go func() {
-		delta, err = h.watcher.Next()
-		close(ch)
-	}()
-	select {
-	case <-ch:
-		if err != nil {
-			return errors.Annotate(err, "cannot update model status")
-		}
-		for _, d := range delta {
-			switch entityInfo := d.Entity.(type) {
-			case *multiwatcher.UnitInfo:
-				h.unitStatus[entityInfo.Name] = entityInfo.MachineId
-			}
-		}
-	case <-time.After(updateUnitStatusPeriod):
-		// TODO(fwereade): 2016-03-17 lp:1558657
-		return errors.New("timeout while trying to get new changes from the watcher")
-	}
-	return nil
-}
-
-// numUnitsForService return the number of units belonging to the given service
-// currently in the environment.
-func (h *bundleHandler) numUnitsForService(service string) (num int) {
-	for unit := range h.unitStatus {
-		svc, err := names.UnitService(unit)
-		if err != nil {
-			// Should never happen.
-			panic(err)
-		}
-		if svc == service {
-			num++
-		}
-	}
-	return num
-}
-
-// resolveMachine returns the machine id resolving the given unit or machine
-// placeholder.
-func (h *bundleHandler) resolveMachine(placeholder string) (string, error) {
-	machineOrUnit := resolve(placeholder, h.results)
-	if !names.IsValidUnit(machineOrUnit) {
-		return machineOrUnit, nil
-	}
-	for h.unitStatus[machineOrUnit] == "" {
-		if err := h.updateUnitStatus(); err != nil {
-			return "", errors.Annotate(err, "cannot resolve machine")
-		}
-	}
-	return h.unitStatus[machineOrUnit], nil
-}
-
-// resolveRelation returns the relation name resolving the included service
-// placeholder.
-func resolveRelation(e string, results map[string]string) string {
-	parts := strings.SplitN(e, ":", 2)
-	service := resolve(parts[0], results)
-	if len(parts) == 1 {
-		return service
-	}
-	return fmt.Sprintf("%s:%s", service, parts[1])
-}
-
-// resolve returns the real entity name for the bundle entity (for instance a
-// service or a machine) with the given placeholder id.
-// A placeholder id is a string like "$deploy-42" or "$addCharm-2", indicating
-// the results of a previously applied change. It always starts with a dollar
-// sign, followed by the identifier of the referred change. A change id is a
-// string indicating the action type ("deploy", "addRelation" etc.), followed
-// by a unique incremental number.
-func resolve(placeholder string, results map[string]string) string {
-	if !strings.HasPrefix(placeholder, "$") {
-		panic(`placeholder does not start with "$"`)
-	}
-	id := placeholder[1:]
-	return results[id]
-}
-
-// upgradeCharm upgrades the charm for the given service to the given charm id.
-// If the service is already deployed using the given charm id, do nothing.
-// This function returns an error if the existing charm and the target one are
-// incompatible, meaning an upgrade from one to the other is not allowed.
-func (h *bundleHandler) upgradeCharm(service string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources map[string]string) error {
-	id := chID.URL.String()
-	existing, err := h.serviceClient.GetCharmURL(service)
-	if err != nil {
-		return errors.Annotatef(err, "cannot retrieve info for service %q", service)
-	}
-	if existing.String() == id {
-		h.log.Infof("reusing service %s (charm: %s)", service, id)
-		return nil
-	}
-	url, err := charm.ParseURL(id)
-	if err != nil {
-		return errors.Annotatef(err, "cannot parse charm URL %q", id)
-	}
-	chID.URL = url
-	if url.WithRevision(-1).Path() != existing.WithRevision(-1).Path() {
-		return errors.Errorf("bundle charm %q is incompatible with existing charm %q", id, existing)
-	}
-	filtered, err := getUpgradeResources(h.serviceDeployer.api, service, url, h.client, resources)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	var resNames2IDs map[string]string
-	if len(filtered) != 0 {
-		resNames2IDs, err = handleResources(h.serviceDeployer.api, resources, service, chID, csMac, filtered)
-		if err != nil {
-			return errors.Trace(err)
-		}
-	}
-	cfg := apiservice.SetCharmConfig{
-		ServiceName: service,
-		CharmID:     chID,
-		ResourceIDs: resNames2IDs,
-	}
-	if err := h.serviceClient.SetCharm(cfg); err != nil {
-		return errors.Annotatef(err, "cannot upgrade charm to %q", id)
-	}
-	h.log.Infof("upgraded charm for existing service %s (from %s to %s)", service, existing, id)
-	for resName := range resNames2IDs {
-		h.log.Infof("added resource %s", resName)
-	}
-	return nil
-}
-
-// isErrServiceExists reports whether the given error has been generated
-// from trying to deploy a service that already exists.
-func isErrServiceExists(err error) bool {
-	// TODO frankban (bug 1495952): do this check using the cause rather than
-	// the string when a specific cause is available.
-	return strings.HasSuffix(err.Error(), "service already exists")
-}
-
-// isErrRelationExists reports whether the given error has been generated
-// from trying to create an already established relation.
-func isErrRelationExists(err error) bool {
-	// TODO frankban (bug 1495952): do this check using the cause rather than
-	// the string when a specific cause is available.
-	return strings.HasSuffix(err.Error(), "relation already exists")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/bundle_resources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/bundle_resources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/bundle_resources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/bundle_resources_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,125 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"sort"
-	"strings"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
-
-	"github.com/juju/juju/cmd/juju/service"
-	"github.com/juju/juju/component/all"
-	"github.com/juju/juju/resource"
-	"github.com/juju/juju/testcharms"
-)
-
-func init() {
-	if err := all.RegisterForServer(); err != nil {
-		panic(err)
-	}
-}
-
-type ResourcesBundleSuite struct {
-	service.BundleDeployCharmStoreSuite
-}
-
-var _ = gc.Suite(&ResourcesBundleSuite{})
-
-func (s *ResourcesBundleSuite) TestDeployBundleResources(c *gc.C) {
-	testcharms.UploadCharm(c, s.Client(), "trusty/starsay-42", "starsay")
-	bundleMeta := `
-        services:
-            starsay:
-                charm: cs:starsay
-                num_units: 1
-                resources:
-                    store-resource: 0
-                    install-resource: 0
-                    upload-resource: 0
-    `
-	output, err := s.DeployBundleYAML(c, bundleMeta)
-	c.Assert(err, jc.ErrorIsNil)
-
-	lines := strings.Split(output, "\n")
-	expectedLines := strings.Split(strings.TrimSpace(`
-added charm cs:trusty/starsay-42
-service starsay deployed (charm cs:trusty/starsay-42 with the charm series "trusty")
-added resource install-resource
-added resource store-resource
-added resource upload-resource
-added starsay/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed
-    `), "\n")
-	c.Check(lines, gc.HasLen, len(expectedLines))
-	c.Check(lines[0], gc.Equals, expectedLines[0])
-	c.Check(lines[1], gc.Equals, expectedLines[1])
-	// The "added resource" lines are checked after we sort since
-	// the ordering of those lines is unknown.
-	c.Check(lines[5], gc.Equals, expectedLines[5])
-	c.Check(lines[6], gc.Equals, expectedLines[6])
-	sort.Strings(lines)
-	sort.Strings(expectedLines)
-	c.Check(lines, jc.DeepEquals, expectedLines)
-	s.checkResources(c, "starsay", []resource.Resource{{
-		Resource: charmresource.Resource{
-			Meta: charmresource.Meta{
-				Name:        "install-resource",
-				Type:        charmresource.TypeFile,
-				Path:        "gotta-have-it.txt",
-				Description: "get things started",
-			},
-			Origin:      charmresource.OriginStore,
-			Revision:    0,
-			Fingerprint: resourceHash("install-resource content"),
-			Size:        int64(len("install-resource content")),
-		},
-		ID:        "starsay/install-resource",
-		ServiceID: "starsay",
-	}, {
-		Resource: charmresource.Resource{
-			Meta: charmresource.Meta{
-				Name:        "store-resource",
-				Type:        charmresource.TypeFile,
-				Path:        "filename.tgz",
-				Description: "One line that is useful when operators need to push it.",
-			},
-			Origin:      charmresource.OriginStore,
-			Fingerprint: resourceHash("store-resource content"),
-			Size:        int64(len("store-resource content")),
-			Revision:    0,
-		},
-		ID:        "starsay/store-resource",
-		ServiceID: "starsay",
-	}, {
-		Resource: charmresource.Resource{
-			Meta: charmresource.Meta{
-				Name:        "upload-resource",
-				Type:        charmresource.TypeFile,
-				Path:        "somename.xml",
-				Description: "Who uses xml anymore?",
-			},
-			Origin:      charmresource.OriginStore,
-			Fingerprint: resourceHash("upload-resource content"),
-			Size:        int64(len("upload-resource content")),
-			Revision:    0,
-		},
-		ID:        "starsay/upload-resource",
-		ServiceID: "starsay",
-	}})
-}
-
-func (s *ResourcesBundleSuite) checkResources(c *gc.C, serviceName string, expected []resource.Resource) {
-	_, err := s.State.Service("starsay")
-	c.Check(err, jc.ErrorIsNil)
-	st, err := s.State.Resources()
-	c.Assert(err, jc.ErrorIsNil)
-	svcResources, err := st.ListResources("starsay")
-	c.Assert(err, jc.ErrorIsNil)
-	resources := svcResources.Resources
-	resource.Sort(resources)
-	c.Assert(resources, jc.DeepEquals, expected)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/bundle_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/bundle_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/bundle_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/bundle_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,1513 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strings"
-	"time"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-
-	"github.com/juju/juju/api"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/multiwatcher"
-	"github.com/juju/juju/state/watcher"
-	"github.com/juju/juju/testcharms"
-	coretesting "github.com/juju/juju/testing"
-)
-
-// LTS-dependent requires new entry upon new LTS release. There are numerous
-// places "xenial" exists in strings throughout this file. If we update the
-// target in testing/base.go:SetupSuite we'll need to also update the entries
-// herein.
-
-// runDeployCommand executes the deploy command in order to deploy the given
-// charm or bundle. The deployment output and error are returned.
-func runDeployCommand(c *gc.C, id string, args ...string) (string, error) {
-	args = append([]string{id}, args...)
-	ctx, err := coretesting.RunCommand(c, NewDeployCommand(), args...)
-	return strings.Trim(coretesting.Stderr(ctx), "\n"), err
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleNotFoundCharmStore(c *gc.C) {
-	err := runDeploy(c, "bundle/no-such")
-	c.Assert(err, gc.ErrorMatches, `cannot resolve URL "cs:bundle/no-such": bundle not found`)
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidFlags(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
-	_, err := runDeployCommand(c, "bundle/wordpress-simple", "--config", "config.yaml")
-	c.Assert(err, gc.ErrorMatches, "Flags provided but not supported when deploying a bundle: --config.")
-	_, err = runDeployCommand(c, "bundle/wordpress-simple", "-n", "2")
-	c.Assert(err, gc.ErrorMatches, "Flags provided but not supported when deploying a bundle: -n.")
-	_, err = runDeployCommand(c, "bundle/wordpress-simple", "--series", "xenial", "--force")
-	c.Assert(err, gc.ErrorMatches, "Flags provided but not supported when deploying a bundle: --force, --series.")
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleSuccess(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
-	output, err := runDeployCommand(c, "bundle/wordpress-simple")
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/mysql-42
-service mysql deployed (charm cs:xenial/mysql-42 with the charm series "xenial")
-added charm cs:xenial/wordpress-47
-service wordpress deployed (charm cs:xenial/wordpress-47 with the charm series "xenial")
-related wordpress:db and mysql:server
-added mysql/0 unit to new machine
-added wordpress/0 unit to new machine
-deployment of bundle "cs:bundle/wordpress-simple-1" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"mysql":     {charm: "cs:xenial/mysql-42"},
-		"wordpress": {charm: "cs:xenial/wordpress-47"},
-	})
-	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":     "0",
-		"wordpress/0": "1",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleWithTermsSuccess(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/terms1-17", "terms1")
-	testcharms.UploadCharm(c, s.client, "xenial/terms2-42", "terms2")
-	testcharms.UploadBundle(c, s.client, "bundle/terms-simple-1", "terms-simple")
-	output, err := runDeployCommand(c, "bundle/terms-simple")
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/terms1-17
-service terms1 deployed (charm cs:xenial/terms1-17 with the charm series "xenial")
-added charm cs:xenial/terms2-42
-service terms2 deployed (charm cs:xenial/terms2-42 with the charm series "xenial")
-added terms1/0 unit to new machine
-added terms2/0 unit to new machine
-deployment of bundle "cs:bundle/terms-simple-1" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:xenial/terms1-17", "cs:xenial/terms2-42")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"terms1": {charm: "cs:xenial/terms1-17"},
-		"terms2": {charm: "cs:xenial/terms2-42"},
-	})
-	s.assertUnitsCreated(c, map[string]string{
-		"terms1/0": "0",
-		"terms2/0": "1",
-	})
-	c.Assert(s.termsString, gc.Not(gc.Equals), "")
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleStorage(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql-storage")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-with-mysql-storage-1", "wordpress-with-mysql-storage")
-	output, err := runDeployCommand(
-		c, "bundle/wordpress-with-mysql-storage",
-		"--storage", "mysql:logs=tmpfs,10G", // override logs
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/mysql-42
-service mysql deployed (charm cs:xenial/mysql-42 with the charm series "xenial")
-added charm cs:xenial/wordpress-47
-service wordpress deployed (charm cs:xenial/wordpress-47 with the charm series "xenial")
-related wordpress:db and mysql:server
-added mysql/0 unit to new machine
-added wordpress/0 unit to new machine
-deployment of bundle "cs:bundle/wordpress-with-mysql-storage-1" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"mysql": {
-			charm: "cs:xenial/mysql-42",
-			storage: map[string]state.StorageConstraints{
-				"data": state.StorageConstraints{Pool: "rootfs", Size: 50 * 1024, Count: 1},
-				"logs": state.StorageConstraints{Pool: "tmpfs", Size: 10 * 1024, Count: 1},
-			},
-		},
-		"wordpress": {charm: "cs:xenial/wordpress-47"},
-	})
-	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":     "0",
-		"wordpress/0": "1",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleEndpointBindingsSpaceMissing(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-extra-bindings-47", "wordpress-extra-bindings")
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-with-endpoint-bindings-1", "wordpress-with-endpoint-bindings")
-	output, err := runDeployCommand(c, "bundle/wordpress-with-endpoint-bindings")
-	c.Assert(err, gc.ErrorMatches,
-		"cannot deploy bundle: cannot deploy service \"mysql\": "+
-			"cannot add service \"mysql\": unknown space \"db\" not valid")
-	c.Assert(output, gc.Equals, "added charm cs:xenial/mysql-42")
-	s.assertCharmsUploaded(c, "cs:xenial/mysql-42")
-	s.assertServicesDeployed(c, map[string]serviceInfo{})
-	s.assertUnitsCreated(c, map[string]string{})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleEndpointBindingsSuccess(c *gc.C) {
-	_, err := s.State.AddSpace("db", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddSpace("public", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-extra-bindings-47", "wordpress-extra-bindings")
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-with-endpoint-bindings-1", "wordpress-with-endpoint-bindings")
-	output, err := runDeployCommand(c, "bundle/wordpress-with-endpoint-bindings")
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/mysql-42
-service mysql deployed (charm cs:xenial/mysql-42 with the charm series "xenial")
-added charm cs:xenial/wordpress-extra-bindings-47
-service wordpress-extra-bindings deployed (charm cs:xenial/wordpress-extra-bindings-47 with the charm series "xenial")
-related wordpress-extra-bindings:db and mysql:server
-added mysql/0 unit to new machine
-added wordpress-extra-bindings/0 unit to new machine
-deployment of bundle "cs:bundle/wordpress-with-endpoint-bindings-1" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-extra-bindings-47")
-
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"mysql":                    {charm: "cs:xenial/mysql-42"},
-		"wordpress-extra-bindings": {charm: "cs:xenial/wordpress-extra-bindings-47"},
-	})
-	s.assertDeployedServiceBindings(c, map[string]serviceInfo{
-		"mysql": {
-			endpointBindings: map[string]string{"server": "db"},
-		},
-		"wordpress-extra-bindings": {
-			endpointBindings: map[string]string{
-				"cache":           "",
-				"url":             "public",
-				"logging-dir":     "",
-				"monitoring-port": "",
-				"db":              "db",
-				"cluster":         "",
-				"db-client":       "db",
-				"admin-api":       "public",
-				"foo-bar":         "",
-			},
-		},
-	})
-	s.assertRelationsEstablished(c, "wordpress-extra-bindings:cluster", "wordpress-extra-bindings:db mysql:server")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":                    "0",
-		"wordpress-extra-bindings/0": "1",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleTwice(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
-	_, err := runDeployCommand(c, "bundle/wordpress-simple")
-	c.Assert(err, jc.ErrorIsNil)
-	output, err := runDeployCommand(c, "bundle/wordpress-simple")
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/mysql-42
-reusing service mysql (charm: cs:xenial/mysql-42)
-added charm cs:xenial/wordpress-47
-reusing service wordpress (charm: cs:xenial/wordpress-47)
-wordpress:db and mysql:server are already related
-avoid adding new units to service mysql: 1 unit already present
-avoid adding new units to service wordpress: 1 unit already present
-deployment of bundle "cs:bundle/wordpress-simple-1" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"mysql":     {charm: "cs:xenial/mysql-42"},
-		"wordpress": {charm: "cs:xenial/wordpress-47"},
-	})
-	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":     "0",
-		"wordpress/0": "1",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleGatedCharm(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
-	url, _ := testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
-	s.changeReadPerm(c, url, clientUserName)
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
-	_, err := runDeployCommand(c, "bundle/wordpress-simple")
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertCharmsUploaded(c, "cs:xenial/mysql-42", "cs:xenial/wordpress-47")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"mysql":     {charm: "cs:xenial/mysql-42"},
-		"wordpress": {charm: "cs:xenial/wordpress-47"},
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleLocalPath(c *gc.C) {
-	dir := c.MkDir()
-	testcharms.Repo.ClonedDir(dir, "dummy")
-	path := filepath.Join(dir, "mybundle")
-	data := `
-        series: xenial
-        services:
-            dummy:
-                charm: ./dummy
-                series: xenial
-                num_units: 1
-    `
-	err := ioutil.WriteFile(path, []byte(data), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	output, err := runDeployCommand(c, path)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := fmt.Sprintf(`
-added charm local:xenial/dummy-1
-service dummy deployed (charm local:xenial/dummy-1 with the series "xenial" defined by the bundle)
-added dummy/0 unit to new machine
-deployment of bundle %q completed`, path)
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "local:xenial/dummy-1")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"dummy": {charm: "local:xenial/dummy-1"},
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleNoSeriesInCharmURL(c *gc.C) {
-	testcharms.UploadCharmMultiSeries(c, s.client, "~who/multi-series", "multi-series")
-	dir := c.MkDir()
-	testcharms.Repo.ClonedDir(dir, "dummy")
-	path := filepath.Join(dir, "mybundle")
-	data := `
-        series: trusty
-        services:
-            dummy:
-                charm: cs:~who/multi-series
-    `
-	err := ioutil.WriteFile(path, []byte(data), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	output, err := runDeployCommand(c, path)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := fmt.Sprintf(`
-added charm cs:~who/multi-series-0
-service dummy deployed (charm cs:~who/multi-series-0 with the series "trusty" defined by the bundle)
-deployment of bundle %q completed`, path)
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:~who/multi-series-0")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"dummy": {charm: "cs:~who/multi-series-0"},
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleGatedCharmUnauthorized(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-42", "mysql")
-	url, _ := testcharms.UploadCharm(c, s.client, "xenial/wordpress-47", "wordpress")
-	s.changeReadPerm(c, url, "who")
-	testcharms.UploadBundle(c, s.client, "bundle/wordpress-simple-1", "wordpress-simple")
-	_, err := runDeployCommand(c, "bundle/wordpress-simple")
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: .*: unauthorized: access denied for user "client-username"`)
-}
-
-type BundleDeployCharmStoreSuite struct {
-	charmStoreSuite
-}
-
-var _ = gc.Suite(&BundleDeployCharmStoreSuite{})
-
-func (s *BundleDeployCharmStoreSuite) SetUpSuite(c *gc.C) {
-	s.charmStoreSuite.SetUpSuite(c)
-	s.PatchValue(&watcher.Period, 10*time.Millisecond)
-}
-
-func (s *BundleDeployCharmStoreSuite) Client() *csclient.Client {
-	return s.client
-}
-
-// DeployBundleYAML uses the given bundle content to create a bundle in the
-// local repository and then deploy it. It returns the bundle deployment output
-// and error.
-func (s *BundleDeployCharmStoreSuite) DeployBundleYAML(c *gc.C, content string) (string, error) {
-	bundlePath := filepath.Join(c.MkDir(), "example")
-	c.Assert(os.Mkdir(bundlePath, 0777), jc.ErrorIsNil)
-	defer os.RemoveAll(bundlePath)
-	err := ioutil.WriteFile(filepath.Join(bundlePath, "bundle.yaml"), []byte(content), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ioutil.WriteFile(filepath.Join(bundlePath, "README.md"), []byte("README"), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	return runDeployCommand(c, bundlePath)
-}
-
-var deployBundleErrorsTests = []struct {
-	about   string
-	content string
-	err     string
-}{{
-	about: "local charm not found",
-	content: `
-        services:
-            mysql:
-                charm: ./mysql
-                num_units: 1
-    `,
-	err: `the provided bundle has the following errors:
-charm path in service "mysql" does not exist: mysql`,
-}, {
-	about: "charm store charm not found",
-	content: `
-        services:
-            rails:
-                charm: xenial/rails-42
-                num_units: 1
-    `,
-	err: `cannot deploy bundle: cannot resolve URL "xenial/rails-42": cannot resolve URL "cs:xenial/rails-42": charm not found`,
-}, {
-	about:   "invalid bundle content",
-	content: "!",
-	err:     `cannot unmarshal bundle data: YAML error: .*`,
-}, {
-	about: "invalid bundle data",
-	content: `
-        services:
-            mysql:
-                charm: mysql
-                num_units: -1
-    `,
-	err: `the provided bundle has the following errors:
-negative number of units specified on service "mysql"`,
-}, {
-	about: "invalid constraints",
-	content: `
-        services:
-            mysql:
-                charm: mysql
-                num_units: 1
-                constraints: bad-wolf
-    `,
-	err: `the provided bundle has the following errors:
-invalid constraints "bad-wolf" in service "mysql": malformed constraint "bad-wolf"`,
-}, {
-	about: "multiple bundle verification errors",
-	content: `
-        services:
-            mysql:
-                charm: mysql
-                num_units: -1
-                constraints: bad-wolf
-    `,
-	err: `the provided bundle has the following errors:
-invalid constraints "bad-wolf" in service "mysql": malformed constraint "bad-wolf"
-negative number of units specified on service "mysql"`,
-}, {
-	about: "bundle inception",
-	content: `
-        services:
-            example:
-                charm: local:wordpress
-                num_units: 1
-    `,
-	err: `cannot deploy bundle: cannot resolve URL "local:wordpress": unknown schema for charm URL "local:wordpress"`,
-}}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleErrors(c *gc.C) {
-	for i, test := range deployBundleErrorsTests {
-		c.Logf("test %d: %s", i, test.about)
-		_, err := s.DeployBundleYAML(c, test.content)
-		c.Check(err, gc.ErrorMatches, test.err)
-	}
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidOptions(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
-	_, err := s.DeployBundleYAML(c, `
-        services:
-            wp:
-                charm: xenial/wordpress-42
-                num_units: 1
-                options:
-                    blog-title: 42
-    `)
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot deploy service "wp": option "blog-title" expected string, got 42`)
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidMachineContainerType(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
-	_, err := s.DeployBundleYAML(c, `
-        services:
-            wp:
-                charm: xenial/wordpress
-                num_units: 1
-                to: ["bad:1"]
-        machines:
-            1:
-    `)
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot create machine for holding wp unit: invalid container type "bad"`)
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleInvalidSeries(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "vivid/django-0", "dummy")
-	_, err := s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: vivid/django
-                num_units: 1
-                to:
-                    - 1
-        machines:
-            1:
-                series: xenial
-    `)
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot add unit for service "django": adding new machine to host unit "django/0": cannot assign unit "django/0" to machine 0: series does not match`)
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleWatcherTimeout(c *gc.C) {
-	// Inject an "AllWatcher" that never delivers a result.
-	ch := make(chan struct{})
-	defer close(ch)
-	watcher := mockAllWatcher{
-		next: func() []multiwatcher.Delta {
-			<-ch
-			return nil
-		},
-	}
-	s.PatchValue(&watchAll, func(*api.Client) (allWatcher, error) {
-		return watcher, nil
-	})
-
-	testcharms.UploadCharm(c, s.client, "xenial/django-0", "dummy")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
-	s.PatchValue(&updateUnitStatusPeriod, 0*time.Second)
-	_, err := s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: django
-                num_units: 1
-            wordpress:
-                charm: wordpress
-                num_units: 1
-                to: [django]
-    `)
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot retrieve placement for "wordpress" unit: cannot resolve machine: timeout while trying to get new changes from the watcher`)
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleLocalDeployment(c *gc.C) {
-	charmsPath := c.MkDir()
-	mysqlPath := testcharms.Repo.ClonedDirPath(charmsPath, "mysql")
-	wordpressPath := testcharms.Repo.ClonedDirPath(charmsPath, "wordpress")
-	output, err := s.DeployBundleYAML(c, fmt.Sprintf(`
-        series: xenial
-        services:
-            wordpress:
-                charm: %s
-                num_units: 1
-            mysql:
-                charm: %s
-                num_units: 2
-        relations:
-            - ["wordpress:db", "mysql:server"]
-    `, wordpressPath, mysqlPath))
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm local:xenial/mysql-1
-service mysql deployed (charm local:xenial/mysql-1 with the series "xenial" defined by the bundle)
-added charm local:xenial/wordpress-3
-service wordpress deployed (charm local:xenial/wordpress-3 with the series "xenial" defined by the bundle)
-related wordpress:db and mysql:server
-added mysql/0 unit to new machine
-added mysql/1 unit to new machine
-added wordpress/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "local:xenial/mysql-1", "local:xenial/wordpress-3")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"mysql":     {charm: "local:xenial/mysql-1"},
-		"wordpress": {charm: "local:xenial/wordpress-3"},
-	})
-	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":     "0",
-		"mysql/1":     "1",
-		"wordpress/0": "2",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleLocalAndCharmStoreCharms(c *gc.C) {
-	charmsPath := c.MkDir()
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
-	mysqlPath := testcharms.Repo.ClonedDirPath(charmsPath, "mysql")
-	output, err := s.DeployBundleYAML(c, fmt.Sprintf(`
-        series: xenial
-        services:
-            wordpress:
-                charm: xenial/wordpress-42
-                series: xenial
-                num_units: 1
-            mysql:
-                charm: %s
-                num_units: 1
-        relations:
-            - ["wordpress:db", "mysql:server"]
-    `, mysqlPath))
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm local:xenial/mysql-1
-service mysql deployed (charm local:xenial/mysql-1 with the series "xenial" defined by the bundle)
-added charm cs:xenial/wordpress-42
-service wordpress deployed (charm cs:xenial/wordpress-42 with the series "xenial" defined by the bundle)
-related wordpress:db and mysql:server
-added mysql/0 unit to new machine
-added wordpress/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "local:xenial/mysql-1", "cs:xenial/wordpress-42")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"mysql":     {charm: "local:xenial/mysql-1"},
-		"wordpress": {charm: "cs:xenial/wordpress-42"},
-	})
-	s.assertRelationsEstablished(c, "wordpress:db mysql:server")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":     "0",
-		"wordpress/0": "1",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleServiceOptions(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
-	testcharms.UploadCharm(c, s.client, "precise/dummy-0", "dummy")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: wordpress
-                num_units: 1
-                options:
-                    blog-title: these are the voyages
-            customized:
-                charm: precise/dummy-0
-                num_units: 1
-                options:
-                    username: who
-                    skill-level: 47
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:precise/dummy-0
-service customized deployed (charm cs:precise/dummy-0 with the series "precise" defined by the bundle)
-added charm cs:xenial/wordpress-42
-service wordpress deployed (charm cs:xenial/wordpress-42 with the charm series "xenial")
-added customized/0 unit to new machine
-added wordpress/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:precise/dummy-0", "cs:xenial/wordpress-42")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"customized": {
-			charm:  "cs:precise/dummy-0",
-			config: charm.Settings{"username": "who", "skill-level": int64(47)},
-		},
-		"wordpress": {
-			charm:  "cs:xenial/wordpress-42",
-			config: charm.Settings{"blog-title": "these are the voyages"},
-		},
-	})
-	s.assertUnitsCreated(c, map[string]string{
-		"wordpress/0":  "1",
-		"customized/0": "0",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleServiceConstrants(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
-	testcharms.UploadCharm(c, s.client, "precise/dummy-0", "dummy")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: wordpress
-                constraints: mem=4G cpu-cores=2
-            customized:
-                charm: precise/dummy-0
-                num_units: 1
-                constraints: arch=i386
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:precise/dummy-0
-service customized deployed (charm cs:precise/dummy-0 with the series "precise" defined by the bundle)
-added charm cs:xenial/wordpress-42
-service wordpress deployed (charm cs:xenial/wordpress-42 with the charm series "xenial")
-added customized/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:precise/dummy-0", "cs:xenial/wordpress-42")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"customized": {
-			charm:       "cs:precise/dummy-0",
-			constraints: constraints.MustParse("arch=i386"),
-		},
-		"wordpress": {
-			charm:       "cs:xenial/wordpress-42",
-			constraints: constraints.MustParse("mem=4G cpu-cores=2"),
-		},
-	})
-	s.assertUnitsCreated(c, map[string]string{
-		"customized/0": "0",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleServiceUpgrade(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
-	testcharms.UploadCharm(c, s.client, "vivid/upgrade-1", "upgrade1")
-	testcharms.UploadCharm(c, s.client, "vivid/upgrade-2", "upgrade2")
-
-	// First deploy the bundle.
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: wordpress
-                num_units: 1
-                options:
-                    blog-title: these are the voyages
-                constraints: spaces=final,frontiers mem=8000M
-            up:
-                charm: vivid/upgrade-1
-                num_units: 1
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:vivid/upgrade-1
-service up deployed (charm cs:vivid/upgrade-1 with the series "vivid" defined by the bundle)
-added charm cs:xenial/wordpress-42
-service wordpress deployed (charm cs:xenial/wordpress-42 with the charm series "xenial")
-added up/0 unit to new machine
-added wordpress/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:vivid/upgrade-1", "cs:xenial/wordpress-42")
-
-	// Then deploy a new bundle with modified charm revision and options.
-	output, err = s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: wordpress
-                num_units: 1
-                options:
-                    blog-title: new title
-                constraints: spaces=new cpu-cores=8
-            up:
-                charm: vivid/upgrade-2
-                num_units: 1
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput = `
-added charm cs:vivid/upgrade-2
-upgraded charm for existing service up (from cs:vivid/upgrade-1 to cs:vivid/upgrade-2)
-added charm cs:xenial/wordpress-42
-reusing service wordpress (charm: cs:xenial/wordpress-42)
-configuration updated for service wordpress
-constraints applied for service wordpress
-avoid adding new units to service up: 1 unit already present
-avoid adding new units to service wordpress: 1 unit already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:vivid/upgrade-1", "cs:vivid/upgrade-2", "cs:xenial/wordpress-42")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"up": {charm: "cs:vivid/upgrade-2"},
-		"wordpress": {
-			charm:       "cs:xenial/wordpress-42",
-			config:      charm.Settings{"blog-title": "new title"},
-			constraints: constraints.MustParse("spaces=new cpu-cores=8"),
-		},
-	})
-	s.assertUnitsCreated(c, map[string]string{
-		"up/0":        "0",
-		"wordpress/0": "1",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleExpose(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-42", "wordpress")
-	content := `
-        services:
-            wordpress:
-                charm: wordpress
-                num_units: 1
-                expose: true
-    `
-	expectedServices := map[string]serviceInfo{
-		"wordpress": {
-			charm:   "cs:xenial/wordpress-42",
-			exposed: true,
-		},
-	}
-
-	// First deploy the bundle.
-	output, err := s.DeployBundleYAML(c, content)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/wordpress-42
-service wordpress deployed (charm cs:xenial/wordpress-42 with the charm series "xenial")
-service wordpress exposed
-added wordpress/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertServicesDeployed(c, expectedServices)
-
-	// Then deploy the same bundle again: no error is produced when the service
-	// is exposed again.
-	output, err = s.DeployBundleYAML(c, content)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput = `
-added charm cs:xenial/wordpress-42
-reusing service wordpress (charm: cs:xenial/wordpress-42)
-service wordpress exposed
-avoid adding new units to service wordpress: 1 unit already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertServicesDeployed(c, expectedServices)
-
-	// Then deploy a bundle with the service unexposed, and check that the
-	// service is not unexposed.
-	output, err = s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: wordpress
-                num_units: 1
-                expose: false
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput = `
-added charm cs:xenial/wordpress-42
-reusing service wordpress (charm: cs:xenial/wordpress-42)
-avoid adding new units to service wordpress: 1 unit already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertServicesDeployed(c, expectedServices)
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleServiceUpgradeFailure(c *gc.C) {
-	s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-
-	// Try upgrading to a different charm name.
-	testcharms.UploadCharm(c, s.client, "xenial/incompatible-42", "wordpress")
-	_, err := s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: xenial/incompatible-42
-                num_units: 1
-    `)
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot upgrade service "wordpress": bundle charm "cs:xenial/incompatible-42" is incompatible with existing charm "local:quantal/wordpress-3"`)
-
-	// Try upgrading to a different series.
-	// Note that this test comes before the next one because
-	// otherwise we can't resolve the charm URL because the charm's
-	// "base entity" is not marked as promulgated so the query by
-	// promulgated will find it.
-	testcharms.UploadCharm(c, s.client, "vivid/wordpress-42", "wordpress")
-	_, err = s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: vivid/wordpress
-                num_units: 1
-    `)
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot upgrade service "wordpress": bundle charm "cs:vivid/wordpress-42" is incompatible with existing charm "local:quantal/wordpress-3"`)
-
-	// Try upgrading to a different user.
-	testcharms.UploadCharm(c, s.client, "~who/xenial/wordpress-42", "wordpress")
-	_, err = s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: cs:~who/xenial/wordpress-42
-                num_units: 1
-    `)
-	c.Assert(err, gc.ErrorMatches, `cannot deploy bundle: cannot upgrade service "wordpress": bundle charm "cs:~who/xenial/wordpress-42" is incompatible with existing charm "local:quantal/wordpress-3"`)
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleMultipleRelations(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-1", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/postgres-2", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/varnish-3", "varnish")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            wp:
-                charm: wordpress
-                num_units: 1
-            mysql:
-                charm: mysql
-                num_units: 1
-            pgres:
-                charm: xenial/postgres-2
-                num_units: 1
-            varnish:
-                charm: xenial/varnish
-                num_units: 1
-        relations:
-            - ["wp:db", "mysql:server"]
-            - ["wp:db", "pgres:server"]
-            - ["varnish:webcache", "wp:cache"]
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/mysql-1
-service mysql deployed (charm cs:xenial/mysql-1 with the charm series "xenial")
-added charm cs:xenial/postgres-2
-service pgres deployed (charm cs:xenial/postgres-2 with the series "xenial" defined by the bundle)
-added charm cs:xenial/varnish-3
-service varnish deployed (charm cs:xenial/varnish-3 with the series "xenial" defined by the bundle)
-added charm cs:xenial/wordpress-0
-service wp deployed (charm cs:xenial/wordpress-0 with the charm series "xenial")
-related wp:db and mysql:server
-related wp:db and pgres:server
-related varnish:webcache and wp:cache
-added mysql/0 unit to new machine
-added pgres/0 unit to new machine
-added varnish/0 unit to new machine
-added wp/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertRelationsEstablished(c, "wp:db mysql:server", "wp:db pgres:server", "wp:cache varnish:webcache")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":   "0",
-		"pgres/0":   "1",
-		"varnish/0": "2",
-		"wp/0":      "3",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleNewRelations(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-1", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/postgres-2", "mysql")
-	testcharms.UploadCharm(c, s.client, "xenial/varnish-3", "varnish")
-	_, err := s.DeployBundleYAML(c, `
-        services:
-            wp:
-                charm: wordpress
-                num_units: 1
-            mysql:
-                charm: mysql
-                num_units: 1
-            varnish:
-                charm: xenial/varnish
-                num_units: 1
-        relations:
-            - ["wp:db", "mysql:server"]
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            wp:
-                charm: wordpress
-                num_units: 1
-            mysql:
-                charm: mysql
-                num_units: 1
-            varnish:
-                charm: xenial/varnish
-                num_units: 1
-        relations:
-            - ["wp:db", "mysql:server"]
-            - ["varnish:webcache", "wp:cache"]
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/mysql-1
-reusing service mysql (charm: cs:xenial/mysql-1)
-added charm cs:xenial/varnish-3
-reusing service varnish (charm: cs:xenial/varnish-3)
-added charm cs:xenial/wordpress-0
-reusing service wp (charm: cs:xenial/wordpress-0)
-wp:db and mysql:server are already related
-related varnish:webcache and wp:cache
-avoid adding new units to service mysql: 1 unit already present
-avoid adding new units to service varnish: 1 unit already present
-avoid adding new units to service wp: 1 unit already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertRelationsEstablished(c, "wp:db mysql:server", "wp:cache varnish:webcache")
-	s.assertUnitsCreated(c, map[string]string{
-		"mysql/0":   "0",
-		"varnish/0": "1",
-		"wp/0":      "2",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleMachinesUnitsPlacement(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
-	testcharms.UploadCharm(c, s.client, "xenial/mysql-2", "mysql")
-	content := `
-        services:
-            wp:
-                charm: cs:xenial/wordpress-0
-                num_units: 2
-                to:
-                    - 1
-                    - lxc:2
-                options:
-                    blog-title: these are the voyages
-            sql:
-                charm: cs:xenial/mysql
-                num_units: 2
-                to:
-                    - lxc:wp/0
-                    - new
-        machines:
-            1:
-                series: xenial
-            2:
-    `
-	output, err := s.DeployBundleYAML(c, content)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/mysql-2
-service sql deployed (charm cs:xenial/mysql-2 with the series "xenial" defined by the bundle)
-added charm cs:xenial/wordpress-0
-service wp deployed (charm cs:xenial/wordpress-0 with the series "xenial" defined by the bundle)
-created new machine 0 for holding wp unit
-created new machine 1 for holding wp unit
-added wp/0 unit to machine 0
-created 0/lxc/0 container in machine 0 for holding sql unit
-created new machine 2 for holding sql unit
-created 1/lxc/0 container in machine 1 for holding wp unit
-added sql/0 unit to machine 0/lxc/0
-added sql/1 unit to machine 2
-added wp/1 unit to machine 1/lxc/0
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"sql": {charm: "cs:xenial/mysql-2"},
-		"wp": {
-			charm:  "cs:xenial/wordpress-0",
-			config: charm.Settings{"blog-title": "these are the voyages"},
-		},
-	})
-	s.assertRelationsEstablished(c)
-
-	// We explicitly pull out the map creation in the call to
-	// s.assertUnitsCreated() and create the map as a new variable
-	// because this /appears/ to tickle a bug on ppc64le using
-	// gccgo-4.9; the bug is that the map on the receiving side
-	// does not have the same contents as it does here - which is
-	// weird because that pattern is used elsewhere in this
-	// function. And just pulling the map instantiation out of the
-	// call is not enough; we need to do something benign with the
-	// variable to keep a reference beyond the call to the
-	// s.assertUnitsCreated(). I have to chosen to delete a
-	// non-existent key. This problem does not occur on amd64
-	// using gc or gccgo-4.9. Nor does it happen using go1.6 on
-	// ppc64. Once we switch to go1.6 across the board this change
-	// should be reverted. See http://pad.lv/1556116.
-	expectedUnits := map[string]string{
-		"sql/0": "0/lxc/0",
-		"sql/1": "2",
-		"wp/0":  "0",
-		"wp/1":  "1/lxc/0",
-	}
-	s.assertUnitsCreated(c, expectedUnits)
-	delete(expectedUnits, "non-existent")
-
-	// Redeploy the same bundle again.
-	output, err = s.DeployBundleYAML(c, content)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput = `
-added charm cs:xenial/mysql-2
-reusing service sql (charm: cs:xenial/mysql-2)
-added charm cs:xenial/wordpress-0
-reusing service wp (charm: cs:xenial/wordpress-0)
-configuration updated for service wp
-avoid creating other machines to host wp units
-avoid adding new units to service wp: 2 units already present
-avoid creating other machines to host sql units
-avoid adding new units to service sql: 2 units already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertUnitsCreated(c, map[string]string{
-		"sql/0": "0/lxc/0",
-		"sql/1": "2",
-		"wp/0":  "0",
-		"wp/1":  "1/lxc/0",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleMachineAttributes(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: cs:xenial/django-42
-                num_units: 2
-                to:
-                    - 1
-                    - new
-        machines:
-            1:
-                series: xenial
-                constraints: "cpu-cores=4 mem=4G"
-                annotations:
-                    foo: bar
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/django-42
-service django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
-created new machine 0 for holding django unit
-annotations set for machine 0
-added django/0 unit to machine 0
-created new machine 1 for holding django unit
-added django/1 unit to machine 1
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"django": {charm: "cs:xenial/django-42"},
-	})
-	s.assertRelationsEstablished(c)
-	s.assertUnitsCreated(c, map[string]string{
-		"django/0": "0",
-		"django/1": "1",
-	})
-	m, err := s.State.Machine("0")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.Series(), gc.Equals, "xenial")
-	cons, err := m.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	expectedCons, err := constraints.Parse("cpu-cores=4 mem=4G")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cons, jc.DeepEquals, expectedCons)
-	ann, err := s.State.Annotations(m)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ann, jc.DeepEquals, map[string]string{"foo": "bar"})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleTwiceScaleUp(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
-	_, err := s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: cs:xenial/django-42
-                num_units: 2
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: cs:xenial/django-42
-                num_units: 5
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/django-42
-reusing service django (charm: cs:xenial/django-42)
-added django/2 unit to new machine
-added django/3 unit to new machine
-added django/4 unit to new machine
-avoid adding new units to service django: 5 units already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertUnitsCreated(c, map[string]string{
-		"django/0": "0",
-		"django/1": "1",
-		"django/2": "2",
-		"django/3": "3",
-		"django/4": "4",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleUnitPlacedInService(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
-	testcharms.UploadCharm(c, s.client, "xenial/wordpress-0", "wordpress")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            wordpress:
-                charm: wordpress
-                num_units: 3
-            django:
-                charm: cs:xenial/django-42
-                num_units: 2
-                to: [wordpress]
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/django-42
-service django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
-added charm cs:xenial/wordpress-0
-service wordpress deployed (charm cs:xenial/wordpress-0 with the charm series "xenial")
-added wordpress/0 unit to new machine
-added wordpress/1 unit to new machine
-added wordpress/2 unit to new machine
-added django/0 unit to machine 0
-added django/1 unit to machine 1
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertUnitsCreated(c, map[string]string{
-		"django/0":    "0",
-		"django/1":    "1",
-		"wordpress/0": "0",
-		"wordpress/1": "1",
-		"wordpress/2": "2",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleUnitColocationWithUnit(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
-	testcharms.UploadCharm(c, s.client, "xenial/mem-47", "dummy")
-	testcharms.UploadCharm(c, s.client, "xenial/rails-0", "dummy")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            memcached:
-                charm: cs:xenial/mem-47
-                num_units: 3
-                to: [1, new]
-            django:
-                charm: cs:xenial/django-42
-                num_units: 5
-                to:
-                    - memcached/0
-                    - lxc:memcached/1
-                    - lxc:memcached/2
-                    - kvm:ror
-            ror:
-                charm: rails
-                num_units: 2
-                to:
-                    - new
-                    - 1
-        machines:
-            1:
-                series: xenial
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/django-42
-service django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
-added charm cs:xenial/mem-47
-service memcached deployed (charm cs:xenial/mem-47 with the series "xenial" defined by the bundle)
-added charm cs:xenial/rails-0
-service ror deployed (charm cs:xenial/rails-0 with the charm series "xenial")
-created new machine 0 for holding memcached and ror units
-added memcached/0 unit to machine 0
-added ror/0 unit to machine 0
-created 0/kvm/0 container in machine 0 for holding django unit
-created new machine 1 for holding memcached unit
-created new machine 2 for holding memcached unit
-created new machine 3 for holding ror unit
-added django/0 unit to machine 0
-added django/1 unit to machine 0/kvm/0
-added memcached/1 unit to machine 1
-added memcached/2 unit to machine 2
-added ror/1 unit to machine 3
-created 1/lxc/0 container in machine 1 for holding django unit
-created 2/lxc/0 container in machine 2 for holding django unit
-created 3/kvm/0 container in machine 3 for holding django unit
-added django/2 unit to machine 1/lxc/0
-added django/3 unit to machine 2/lxc/0
-added django/4 unit to machine 3/kvm/0
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertUnitsCreated(c, map[string]string{
-		"django/0":    "0",
-		"django/1":    "0/kvm/0",
-		"django/2":    "1/lxc/0",
-		"django/3":    "2/lxc/0",
-		"django/4":    "3/kvm/0",
-		"memcached/0": "0",
-		"memcached/1": "1",
-		"memcached/2": "2",
-		"ror/0":       "0",
-		"ror/1":       "3",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleUnitPlacedToMachines(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: cs:django
-                num_units: 7
-                to:
-                    - new
-                    - 4
-                    - kvm:8
-                    - lxc:4
-                    - lxc:4
-                    - lxc:new
-        machines:
-            4:
-            8:
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/django-42
-service django deployed (charm cs:xenial/django-42 with the charm series "xenial")
-created new machine 0 for holding django unit
-created new machine 1 for holding django unit
-added django/0 unit to machine 0
-created new machine 2 for holding django unit
-created 1/kvm/0 container in machine 1 for holding django unit
-created 0/lxc/0 container in machine 0 for holding django unit
-created 0/lxc/1 container in machine 0 for holding django unit
-created 3/lxc/0 container in new machine for holding django unit
-created 4/lxc/0 container in new machine for holding django unit
-added django/1 unit to machine 2
-added django/2 unit to machine 1/kvm/0
-added django/3 unit to machine 0/lxc/0
-added django/4 unit to machine 0/lxc/1
-added django/5 unit to machine 3/lxc/0
-added django/6 unit to machine 4/lxc/0
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertUnitsCreated(c, map[string]string{
-		"django/0": "0",       // Machine "4" in the bundle.
-		"django/1": "2",       // Machine "new" in the bundle.
-		"django/2": "1/kvm/0", // The KVM container in bundle machine "8".
-		"django/3": "0/lxc/0", // First LXC container in bundle machine "4".
-		"django/4": "0/lxc/1", // Second LXC container in bundle machine "4".
-		"django/5": "3/lxc/0", // First LXC in new machine.
-		"django/6": "4/lxc/0", // Second LXC in new machine.
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleMassiveUnitColocation(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
-	testcharms.UploadCharm(c, s.client, "xenial/mem-47", "dummy")
-	testcharms.UploadCharm(c, s.client, "xenial/rails-0", "dummy")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            memcached:
-                charm: cs:xenial/mem-47
-                num_units: 3
-                to: [1, 2, 3]
-            django:
-                charm: cs:xenial/django-42
-                num_units: 4
-                to:
-                    - 1
-                    - lxc:memcached
-            ror:
-                charm: rails
-                num_units: 3
-                to:
-                    - 1
-                    - kvm:3
-        machines:
-            1:
-            2:
-            3:
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/django-42
-service django deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
-added charm cs:xenial/mem-47
-service memcached deployed (charm cs:xenial/mem-47 with the series "xenial" defined by the bundle)
-added charm cs:xenial/rails-0
-service ror deployed (charm cs:xenial/rails-0 with the charm series "xenial")
-created new machine 0 for holding django, memcached and ror units
-created new machine 1 for holding memcached unit
-created new machine 2 for holding memcached and ror units
-added django/0 unit to machine 0
-added memcached/0 unit to machine 0
-added memcached/1 unit to machine 1
-added memcached/2 unit to machine 2
-added ror/0 unit to machine 0
-created 0/lxc/0 container in machine 0 for holding django unit
-created 1/lxc/0 container in machine 1 for holding django unit
-created 2/lxc/0 container in machine 2 for holding django unit
-created 2/kvm/0 container in machine 2 for holding ror unit
-created 2/kvm/1 container in machine 2 for holding ror unit
-added django/1 unit to machine 0/lxc/0
-added django/2 unit to machine 1/lxc/0
-added django/3 unit to machine 2/lxc/0
-added ror/1 unit to machine 2/kvm/0
-added ror/2 unit to machine 2/kvm/1
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertUnitsCreated(c, map[string]string{
-		"django/0":    "0",
-		"django/1":    "0/lxc/0",
-		"django/2":    "1/lxc/0",
-		"django/3":    "2/lxc/0",
-		"memcached/0": "0",
-		"memcached/1": "1",
-		"memcached/2": "2",
-		"ror/0":       "0",
-		"ror/1":       "2/kvm/0",
-		"ror/2":       "2/kvm/1",
-	})
-
-	// Redeploy a very similar bundle with another service unit. The new unit
-	// is placed on machine 1 because that's the least crowded machine.
-	content := `
-        services:
-            memcached:
-                charm: cs:xenial/mem-47
-                num_units: 3
-                to: [1, 2, 3]
-            django:
-                charm: cs:xenial/django-42
-                num_units: 4
-                to:
-                    - 1
-                    - lxc:memcached
-            node:
-                charm: cs:xenial/django-42
-                num_units: 1
-                to:
-                    - lxc:memcached
-        machines:
-            1:
-            2:
-            3:
-    `
-	output, err = s.DeployBundleYAML(c, content)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput = `
-added charm cs:xenial/django-42
-reusing service django (charm: cs:xenial/django-42)
-added charm cs:xenial/mem-47
-reusing service memcached (charm: cs:xenial/mem-47)
-service node deployed (charm cs:xenial/django-42 with the series "xenial" defined by the bundle)
-avoid creating other machines to host django and memcached units
-avoid adding new units to service django: 4 units already present
-avoid adding new units to service memcached: 3 units already present
-created 1/lxc/1 container in machine 1 for holding node unit
-added node/0 unit to machine 1/lxc/1
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-
-	// Redeploy the same bundle again and check that nothing happens.
-	output, err = s.DeployBundleYAML(c, content)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput = `
-added charm cs:xenial/django-42
-reusing service django (charm: cs:xenial/django-42)
-added charm cs:xenial/mem-47
-reusing service memcached (charm: cs:xenial/mem-47)
-reusing service node (charm: cs:xenial/django-42)
-avoid creating other machines to host django and memcached units
-avoid adding new units to service django: 4 units already present
-avoid adding new units to service memcached: 3 units already present
-avoid creating other machines to host node units
-avoid adding new units to service node: 1 unit already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertUnitsCreated(c, map[string]string{
-		"django/0":    "0",
-		"django/1":    "0/lxc/0",
-		"django/2":    "1/lxc/0",
-		"django/3":    "2/lxc/0",
-		"memcached/0": "0",
-		"memcached/1": "1",
-		"memcached/2": "2",
-		"node/0":      "1/lxc/1",
-		"ror/0":       "0",
-		"ror/1":       "2/kvm/0",
-		"ror/2":       "2/kvm/1",
-	})
-}
-
-func (s *BundleDeployCharmStoreSuite) TestDeployBundleAnnotations(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "xenial/django-42", "dummy")
-	testcharms.UploadCharm(c, s.client, "xenial/mem-47", "dummy")
-	output, err := s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: cs:django
-                num_units: 1
-                annotations:
-                    key1: value1
-                    key2: value2
-                to: [1]
-            memcached:
-                charm: xenial/mem-47
-                num_units: 1
-        machines:
-            1:
-                annotations: {foo: bar}
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-added charm cs:xenial/django-42
-service django deployed (charm cs:xenial/django-42 with the charm series "xenial")
-annotations set for service django
-added charm cs:xenial/mem-47
-service memcached deployed (charm cs:xenial/mem-47 with the series "xenial" defined by the bundle)
-created new machine 0 for holding django unit
-annotations set for machine 0
-added django/0 unit to machine 0
-added memcached/0 unit to new machine
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	svc, err := s.State.Service("django")
-	c.Assert(err, jc.ErrorIsNil)
-	ann, err := s.State.Annotations(svc)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ann, jc.DeepEquals, map[string]string{
-		"key1": "value1",
-		"key2": "value2",
-	})
-	m, err := s.State.Machine("0")
-	c.Assert(err, jc.ErrorIsNil)
-	ann, err = s.State.Annotations(m)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ann, jc.DeepEquals, map[string]string{"foo": "bar"})
-
-	// Update the annotations and deploy the bundle again.
-	output, err = s.DeployBundleYAML(c, `
-        services:
-            django:
-                charm: cs:django
-                num_units: 1
-                annotations:
-                    key1: new value!
-                    key2: value2
-                to: [1]
-        machines:
-            1:
-                annotations: {answer: 42}
-    `)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput = `
-added charm cs:xenial/django-42
-reusing service django (charm: cs:xenial/django-42)
-annotations set for service django
-avoid creating other machines to host django units
-annotations set for machine 0
-avoid adding new units to service django: 1 unit already present
-deployment of bundle "local:bundle/example-0" completed`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	ann, err = s.State.Annotations(svc)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ann, jc.DeepEquals, map[string]string{
-		"key1": "new value!",
-		"key2": "value2",
-	})
-	ann, err = s.State.Annotations(m)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ann, jc.DeepEquals, map[string]string{
-		"foo":    "bar",
-		"answer": "42",
-	})
-}
-
-type mockAllWatcher struct {
-	next func() []multiwatcher.Delta
-}
-
-func (w mockAllWatcher) Next() ([]multiwatcher.Delta, error) {
-	return w.next(), nil
-}
-
-func (mockAllWatcher) Stop() error {
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/cmd_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/cmd_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/cmd_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/cmd_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,141 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"os"
-
-	"github.com/juju/cmd"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/jujuclient"
-	coretesting "github.com/juju/juju/testing"
-)
-
-type CmdSuite struct {
-	testing.JujuConnSuite
-}
-
-var _ = gc.Suite(&CmdSuite{})
-
-var deployTests = []struct {
-	args []string
-	com  *DeployCommand
-}{
-	{
-		[]string{"charm-name"},
-		&DeployCommand{},
-	}, {
-		[]string{"charm-name", "service-name"},
-		&DeployCommand{ServiceName: "service-name"},
-	}, {
-		[]string{"--num-units", "33", "charm-name"},
-		&DeployCommand{UnitCommandBase: UnitCommandBase{NumUnits: 33}},
-	}, {
-		[]string{"-n", "104", "charm-name"},
-		&DeployCommand{UnitCommandBase: UnitCommandBase{NumUnits: 104}},
-	},
-}
-
-func initExpectations(com *DeployCommand, store jujuclient.ClientStore) {
-	if com.CharmOrBundle == "" {
-		com.CharmOrBundle = "charm-name"
-	}
-	if com.NumUnits == 0 {
-		com.NumUnits = 1
-	}
-	com.SetClientStore(store)
-	com.SetModelName("admin")
-}
-
-func initDeployCommand(store jujuclient.ClientStore, args ...string) (*DeployCommand, error) {
-	com := &DeployCommand{}
-	com.SetClientStore(store)
-	return com, coretesting.InitCommand(modelcmd.Wrap(com), args)
-}
-
-func (s *CmdSuite) TestDeployCommandInit(c *gc.C) {
-	for i, t := range deployTests {
-		c.Logf("\ntest %d: args %q", i, t.args)
-		initExpectations(t.com, s.ControllerStore)
-		com, err := initDeployCommand(s.ControllerStore, t.args...)
-		// Testing that the flag set is populated is good enough for the scope
-		// of this test.
-		c.Assert(com.flagSet, gc.NotNil)
-		com.flagSet = nil
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(com, jc.DeepEquals, t.com)
-	}
-
-	// test relative --config path
-	ctx := coretesting.Context(c)
-	expected := []byte("test: data")
-	path := ctx.AbsPath("testconfig.yaml")
-	file, err := os.Create(path)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = file.Write(expected)
-	c.Assert(err, jc.ErrorIsNil)
-	file.Close()
-
-	com, err := initDeployCommand(s.ControllerStore, "--config", "testconfig.yaml", "charm-name")
-	c.Assert(err, jc.ErrorIsNil)
-	actual, err := com.Config.Read(ctx)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(expected, gc.DeepEquals, actual)
-
-	// missing args
-	_, err = initDeployCommand(s.ControllerStore)
-	c.Assert(err, gc.ErrorMatches, "no charm or bundle specified")
-
-	// bad unit count
-	_, err = initDeployCommand(s.ControllerStore, "charm-name", "--num-units", "0")
-	c.Assert(err, gc.ErrorMatches, "--num-units must be a positive integer")
-	_, err = initDeployCommand(s.ControllerStore, "charm-name", "-n", "0")
-	c.Assert(err, gc.ErrorMatches, "--num-units must be a positive integer")
-
-	// environment tested elsewhere
-}
-
-func initExposeCommand(args ...string) (*exposeCommand, error) {
-	com := &exposeCommand{}
-	return com, coretesting.InitCommand(modelcmd.Wrap(com), args)
-}
-
-func (*CmdSuite) TestExposeCommandInit(c *gc.C) {
-	// missing args
-	_, err := initExposeCommand()
-	c.Assert(err, gc.ErrorMatches, "no service name specified")
-
-	// environment tested elsewhere
-}
-
-func initUnexposeCommand(args ...string) (*unexposeCommand, error) {
-	com := &unexposeCommand{}
-	return com, coretesting.InitCommand(modelcmd.Wrap(com), args)
-}
-
-func (*CmdSuite) TestUnexposeCommandInit(c *gc.C) {
-	// missing args
-	_, err := initUnexposeCommand()
-	c.Assert(err, gc.ErrorMatches, "no service name specified")
-
-	// environment tested elsewhere
-}
-
-func initRemoveUnitCommand(args ...string) (cmd.Command, error) {
-	com := NewRemoveUnitCommand()
-	return com, coretesting.InitCommand(com, args)
-}
-
-func (*CmdSuite) TestRemoveUnitCommandInit(c *gc.C) {
-	// missing args
-	_, err := initRemoveUnitCommand()
-	c.Assert(err, gc.ErrorMatches, "no units specified")
-	// not a unit
-	_, err = initRemoveUnitCommand("seven/nine")
-	c.Assert(err, gc.ErrorMatches, `invalid unit name "seven/nine"`)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/constraints.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/constraints.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/constraints.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/constraints.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,191 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"launchpad.net/gnuflag"
-
-	"github.com/juju/juju/api/service"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/constraints"
-)
-
-var usageGetConstraintsSummary = `
-Displays machine constraints for a service.`[1:]
-
-var usageGetConstraintsDetails = `
-Shows machine constraints that have been set for a service with ` + "`juju set-\nconstraints`" + `.
-By default, the model is the current model.
-Service constraints are combined with model constraints, set with ` +
-	"`juju \nset-model-constraints`" + `, for commands (such as 'deploy') that provision
-machines for services. Where model and service constraints overlap, the
-service constraints take precedence.
-Constraints for a specific model can be viewed with ` + "`juju get-model-\nconstraints`" + `.
-
-Examples:
-    juju get-constraints mysql
-    juju get-constraints -m mymodel apache2
-
-See also: 
-    set-constraints
-    get-model-constraints
-    set-model-constraints`
-
-var usageSetConstraintsSummary = `
-Sets machine constraints for a service.`[1:]
-
-// setConstraintsDoc is multi-line since we need to use ` to denote
-// commands for ease in markdown.
-var usageSetConstraintsDetails = `
-Sets constraints for a service, which are used for all new machines 
-provisioned for that service. They can be viewed with `[1:] + "`juju get-\nconstraints`" + `.
-By default, the model is the current model.
-Service constraints are combined with model constraints, set with ` +
-	"`juju \nset-model-constraints`" + `, for commands (such as 'juju deploy') that 
-provision machines for services. Where model and service constraints
-overlap, the service constraints take precedence.
-Constraints for a specific model can be viewed with ` + "`juju get-model-\nconstraints`" + `.
-This command requires that the service to have at least one unit. To apply 
-constraints to
-the first unit set them at the model level or pass them as an argument
-when deploying.
-
-Examples:
-    juju set-constraints mysql mem=8G cpu-cores=4
-    juju set-constraints -m mymodel apache2 mem=8G arch=amd64
-
-See also: 
-    get-constraints
-    get-model-constraints
-    set-model-constraints`
-
-// NewServiceGetConstraintsCommand returns a command which gets service constraints.
-func NewServiceGetConstraintsCommand() cmd.Command {
-	return modelcmd.Wrap(&serviceGetConstraintsCommand{})
-}
-
-type serviceConstraintsAPI interface {
-	Close() error
-	GetConstraints(string) (constraints.Value, error)
-	SetConstraints(string, constraints.Value) error
-}
-
-type serviceConstraintsCommand struct {
-	modelcmd.ModelCommandBase
-	ServiceName string
-	out         cmd.Output
-	api         serviceConstraintsAPI
-}
-
-func (c *serviceConstraintsCommand) getAPI() (serviceConstraintsAPI, error) {
-	if c.api != nil {
-		return c.api, nil
-	}
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return service.NewClient(root), nil
-}
-
-type serviceGetConstraintsCommand struct {
-	serviceConstraintsCommand
-}
-
-func (c *serviceGetConstraintsCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "get-constraints",
-		Args:    "<service>",
-		Purpose: usageGetConstraintsSummary,
-		Doc:     usageGetConstraintsDetails,
-	}
-}
-
-func formatConstraints(value interface{}) ([]byte, error) {
-	return []byte(value.(constraints.Value).String()), nil
-}
-
-func (c *serviceGetConstraintsCommand) SetFlags(f *gnuflag.FlagSet) {
-	c.out.AddFlags(f, "constraints", map[string]cmd.Formatter{
-		"constraints": formatConstraints,
-		"yaml":        cmd.FormatYaml,
-		"json":        cmd.FormatJson,
-	})
-}
-
-func (c *serviceGetConstraintsCommand) Init(args []string) error {
-	if len(args) == 0 {
-		return fmt.Errorf("no service name specified")
-	}
-	if !names.IsValidService(args[0]) {
-		return fmt.Errorf("invalid service name %q", args[0])
-	}
-
-	c.ServiceName, args = args[0], args[1:]
-	return cmd.CheckEmpty(args)
-}
-
-func (c *serviceGetConstraintsCommand) Run(ctx *cmd.Context) error {
-	apiclient, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer apiclient.Close()
-
-	cons, err := apiclient.GetConstraints(c.ServiceName)
-	if err != nil {
-		return err
-	}
-	return c.out.Write(ctx, cons)
-}
-
-type serviceSetConstraintsCommand struct {
-	serviceConstraintsCommand
-	Constraints constraints.Value
-}
-
-// NewServiceSetConstraintsCommand returns a command which sets service constraints.
-func NewServiceSetConstraintsCommand() cmd.Command {
-	return modelcmd.Wrap(&serviceSetConstraintsCommand{})
-}
-
-func (c *serviceSetConstraintsCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "set-constraints",
-		Args:    "<service> <constraint>=<value> ...",
-		Purpose: usageSetConstraintsSummary,
-		Doc:     usageSetConstraintsDetails,
-	}
-}
-
-func (c *serviceSetConstraintsCommand) Init(args []string) (err error) {
-	if len(args) == 0 {
-		return fmt.Errorf("no service name specified")
-	}
-	if !names.IsValidService(args[0]) {
-		return fmt.Errorf("invalid service name %q", args[0])
-	}
-
-	c.ServiceName, args = args[0], args[1:]
-
-	c.Constraints, err = constraints.Parse(args...)
-	return err
-}
-
-func (c *serviceSetConstraintsCommand) Run(_ *cmd.Context) (err error) {
-	apiclient, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer apiclient.Close()
-
-	err = apiclient.SetConstraints(c.ServiceName, c.Constraints)
-	return block.ProcessBlockedError(err, block.BlockChange)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/constraints_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/constraints_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/constraints_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/constraints_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,81 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/juju/service"
-	"github.com/juju/juju/testing"
-)
-
-type ServiceConstraintsCommandsSuite struct {
-	testing.FakeJujuXDGDataHomeSuite
-}
-
-var _ = gc.Suite(&ServiceConstraintsCommandsSuite{})
-
-func (s *ServiceConstraintsCommandsSuite) TestSetInit(c *gc.C) {
-	for _, test := range []struct {
-		args []string
-		err  string
-	}{
-		{
-			args: []string{"--service", "mysql", "mem=4G"},
-			err:  `flag provided but not defined: --service`,
-		}, {
-			args: []string{"-s", "mysql", "mem=4G"},
-			err:  `flag provided but not defined: -s`,
-		}, {
-			args: []string{},
-			err:  `no service name specified`,
-		}, {
-			args: []string{"mysql", "="},
-			err:  `malformed constraint "="`,
-		}, {
-			args: []string{"cpu-power=250"},
-			err:  `invalid service name "cpu-power=250"`,
-		}, {
-			args: []string{"mysql", "cpu-power=250"},
-		},
-	} {
-		err := testing.InitCommand(service.NewServiceSetConstraintsCommand(), test.args)
-		if test.err == "" {
-			c.Check(err, jc.ErrorIsNil)
-		} else {
-			c.Check(err, gc.ErrorMatches, test.err)
-		}
-	}
-}
-
-func (s *ServiceConstraintsCommandsSuite) TestGetInit(c *gc.C) {
-	for _, test := range []struct {
-		args []string
-		err  string
-	}{
-		{
-			args: []string{"-s", "mysql"},
-			err:  `flag provided but not defined: -s`,
-		}, {
-			args: []string{"--service", "mysql"},
-			err:  `flag provided but not defined: --service`,
-		}, {
-			args: []string{},
-			err:  `no service name specified`,
-		}, {
-			args: []string{"mysql-0"},
-			err:  `invalid service name "mysql-0"`,
-		}, {
-			args: []string{"mysql"},
-		},
-	} {
-		err := testing.InitCommand(service.NewServiceGetConstraintsCommand(), test.args)
-		if test.err == "" {
-			c.Check(err, jc.ErrorIsNil)
-		} else {
-			c.Check(err, gc.ErrorMatches, test.err)
-		}
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/deploy.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/deploy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/deploy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/deploy.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,824 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"archive/zip"
-	"fmt"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"github.com/juju/utils/series"
-	"gopkg.in/juju/charm.v6-unstable"
-	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-	"gopkg.in/macaroon.v1"
-	"launchpad.net/gnuflag"
-
-	"github.com/juju/juju/api"
-	apiannotations "github.com/juju/juju/api/annotations"
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/charmstore"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/resource/resourceadapters"
-	"github.com/juju/juju/storage"
-)
-
-var planURL = "https://api.jujucharms.com/omnibus/v2"
-
-// NewDeployCommand returns a command to deploy services.
-func NewDeployCommand() cmd.Command {
-	return modelcmd.Wrap(&DeployCommand{
-		Steps: []DeployStep{
-			&RegisterMeteredCharm{
-				RegisterURL: planURL + "/plan/authorize",
-				QueryURL:    planURL + "/charm",
-			},
-		}})
-}
-
-type DeployCommand struct {
-	modelcmd.ModelCommandBase
-	UnitCommandBase
-	// CharmOrBundle is either a charm URL, a path where a charm can be found,
-	// or a bundle name.
-	CharmOrBundle string
-
-	// Channel holds the charmstore channel to use when obtaining
-	// the charm to be deployed.
-	Channel csclientparams.Channel
-
-	Series string
-
-	// Force is used to allow a charm to be deployed onto a machine
-	// running an unsupported series.
-	Force bool
-
-	ServiceName  string
-	Config       cmd.FileVar
-	Constraints  constraints.Value
-	BindToSpaces string
-
-	// TODO(axw) move this to UnitCommandBase once we support --storage
-	// on add-unit too.
-	//
-	// Storage is a map of storage constraints, keyed on the storage name
-	// defined in charm storage metadata.
-	Storage map[string]storage.Constraints
-
-	// BundleStorage maps service names to maps of storage constraints keyed on
-	// the storage name defined in that service's charm storage metadata.
-	BundleStorage map[string]map[string]storage.Constraints
-
-	// Resources is a map of resource name to filename to be uploaded on deploy.
-	Resources map[string]string
-
-	Bindings map[string]string
-	Steps    []DeployStep
-
-	flagSet *gnuflag.FlagSet
-}
-
-const deployDoc = `
-<charm or bundle> can be a charm/bundle URL, or an unambiguously condensed
-form of it; assuming a current series of "trusty", the following forms will be
-accepted:
-
-For cs:trusty/mysql
-  mysql
-  trusty/mysql
-
-For cs:~user/trusty/mysql
-  cs:~user/mysql
-
-For cs:bundle/mediawiki-single
-  mediawiki-single
-  bundle/mediawiki-single
-
-The current series for charms is determined first by the default-series model
-setting, followed by the preferred series for the charm in the charm store.
-
-In these cases, a versioned charm URL will be expanded as expected (for example,
-mysql-33 becomes cs:precise/mysql-33).
-
-Charms may also be deployed from a user specified path. In this case, the
-path to the charm is specified along with an optional series.
-
-   juju deploy /path/to/charm --series trusty
-
-If series is not specified, the charm's default series is used. The default series
-for a charm is the first one specified in the charm metadata. If the specified series
-is not supported by the charm, this results in an error, unless --force is used.
-
-   juju deploy /path/to/charm --series wily --force
-
-Local bundles are specified with a direct path to a bundle.yaml file.
-For example:
-
-  juju deploy /path/to/bundle/openstack/bundle.yaml
-
-<service name>, if omitted, will be derived from <charm name>.
-
-Constraints can be specified when using deploy by specifying the --constraints
-flag.  When used with deploy, service-specific constraints are set so that later
-machines provisioned with add-unit will use the same constraints (unless changed
-by set-constraints).
-
-Resources may be uploaded at deploy time by specifying the --resource flag.
-Following the resource flag should be name=filepath pair.  This flag may be
-repeated more than once to upload more than one resource.
-
-  juju deploy foo --resource bar=/some/file.tgz --resource baz=./docs/cfg.xml
-
-Where bar and baz are resources named in the metadata for the foo charm.
-
-Charms can be deployed to a specific machine using the --to argument.
-If the destination is an LXC container the default is to use lxc-clone
-to create the container where possible. For Ubuntu deployments, lxc-clone
-is supported for the trusty OS series and later. A 'template' container is
-created with the name
-  juju-<series>-template
-where <series> is the OS series, for example 'juju-trusty-template'.
-
-You can override the use of clone by changing the provider configuration:
-  lxc-clone: false
-
-In more complex scenarios, Juju's network spaces are used to partition the cloud
-networking layer into sets of subnets. Instances hosting units inside the
-same space can communicate with each other without any firewalls. Traffic
-crossing space boundaries could be subject to firewall and access restrictions.
-Using spaces as deployment targets, rather than their individual subnets allows
-Juju to perform automatic distribution of units across availability zones to
-support high availability for services. Spaces help isolate services and their
-units, both for security purposes and to manage both traffic segregation and
-congestion.
-
-When deploying a service or adding machines, the "spaces" constraint can be
-used to define a comma-delimited list of required and forbidden spaces
-(the latter prefixed with "^", similar to the "tags" constraint).
-
-If you have the main container directory mounted on a btrfs partition,
-then the clone will be using btrfs snapshots to create the containers.
-This means that clones use up much less disk space.  If you do not have btrfs,
-lxc will attempt to use aufs (an overlay type filesystem). You can
-explicitly ask Juju to create full containers and not overlays by specifying
-the following in the provider configuration:
-  lxc-clone-aufs: false
-
-Examples:
-   juju deploy mysql --to 23       (deploy to machine 23)
-   juju deploy mysql --to 24/lxc/3 (deploy to lxc container 3 on host machine 24)
-   juju deploy mysql --to lxc:25   (deploy to a new lxc container on host machine 25)
-
-   juju deploy mysql -n 5 --constraints mem=8G
-   (deploy 5 instances of mysql with at least 8 GB of RAM each)
-
-   juju deploy haproxy -n 2 --constraints spaces=dmz,^cms,^database
-   (deploy 2 instances of haproxy on cloud instances being part of the dmz
-    space but not of the cmd and the database space)
-
-See Also:
-   juju help spaces
-   juju help constraints
-   juju help set-constraints
-   juju help get-constraints
-`
-
-// DeployStep is an action that needs to be taken during charm deployment.
-type DeployStep interface {
-	// Set flags necessary for the deploy step.
-	SetFlags(*gnuflag.FlagSet)
-	// RunPre runs before the call is made to add the charm to the environment.
-	RunPre(api.Connection, *httpbakery.Client, *cmd.Context, DeploymentInfo) error
-	// RunPost runs after the call is made to add the charm to the environment.
-	// The error parameter is used to notify the step of a previously occurred error.
-	RunPost(api.Connection, *httpbakery.Client, *cmd.Context, DeploymentInfo, error) error
-}
-
-// DeploymentInfo is used to maintain all deployment information for
-// deployment steps.
-type DeploymentInfo struct {
-	CharmID     charmstore.CharmID
-	ServiceName string
-	ModelUUID   string
-}
-
-func (c *DeployCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "deploy",
-		Args:    "<charm or bundle> [<service name>]",
-		Purpose: "deploy a new service or bundle",
-		Doc:     deployDoc,
-	}
-}
-
-var (
-	// charmOnlyFlags and bundleOnlyFlags are used to validate flags based on
-	// whether we are deploying a charm or a bundle.
-	charmOnlyFlags  = []string{"bind", "config", "constraints", "force", "n", "num-units", "series", "to", "resource"}
-	bundleOnlyFlags = []string{}
-)
-
-func (c *DeployCommand) SetFlags(f *gnuflag.FlagSet) {
-	// Keep above charmOnlyFlags and bundleOnlyFlags lists updated when adding
-	// new flags.
-	c.UnitCommandBase.SetFlags(f)
-	f.IntVar(&c.NumUnits, "n", 1, "number of service units to deploy for principal charms")
-	f.StringVar((*string)(&c.Channel), "channel", "", "channel to use when getting the charm or bundle from the charm store")
-	f.Var(&c.Config, "config", "path to yaml-formatted service config")
-	f.Var(constraints.ConstraintsValue{Target: &c.Constraints}, "constraints", "set service constraints")
-	f.StringVar(&c.Series, "series", "", "the series on which to deploy")
-	f.BoolVar(&c.Force, "force", false, "allow a charm to be deployed to a machine running an unsupported series")
-	f.Var(storageFlag{&c.Storage, &c.BundleStorage}, "storage", "charm storage constraints")
-	f.Var(stringMap{&c.Resources}, "resource", "resource to be uploaded to the controller")
-	f.StringVar(&c.BindToSpaces, "bind", "", "Configure service endpoint bindings to spaces")
-
-	for _, step := range c.Steps {
-		step.SetFlags(f)
-	}
-	c.flagSet = f
-}
-
-func (c *DeployCommand) Init(args []string) error {
-	if c.Force && c.Series == "" && c.PlacementSpec == "" {
-		return errors.New("--force is only used with --series")
-	}
-	switch len(args) {
-	case 2:
-		if !names.IsValidService(args[1]) {
-			return fmt.Errorf("invalid service name %q", args[1])
-		}
-		c.ServiceName = args[1]
-		fallthrough
-	case 1:
-		c.CharmOrBundle = args[0]
-	case 0:
-		return errors.New("no charm or bundle specified")
-	default:
-		return cmd.CheckEmpty(args[2:])
-	}
-	err := c.parseBind()
-	if err != nil {
-		return err
-	}
-	return c.UnitCommandBase.Init(args)
-}
-
-type ModelConfigGetter interface {
-	ModelGet() (map[string]interface{}, error)
-}
-
-var getClientConfig = func(client ModelConfigGetter) (*config.Config, error) {
-	// Separated into a variable for easy overrides
-	attrs, err := client.ModelGet()
-	if err != nil {
-		return nil, err
-	}
-
-	return config.New(config.NoDefaults, attrs)
-}
-
-func (c *DeployCommand) maybeReadLocalBundleData(ctx *cmd.Context) (
-	_ *charm.BundleData, bundleFile string, bundleFilePath string, _ error,
-) {
-	bundleFile = c.CharmOrBundle
-	bundleData, err := charmrepo.ReadBundleFile(bundleFile)
-	if err == nil {
-		// For local bundles, we extract the local path of
-		// the bundle directory.
-		bundleFilePath = filepath.Dir(ctx.AbsPath(bundleFile))
-	} else {
-		// We may have been given a local bundle archive or exploded directory.
-		if bundle, burl, pathErr := charmrepo.NewBundleAtPath(bundleFile); pathErr == nil {
-			bundleData = bundle.Data()
-			bundleFile = burl.String()
-			if info, err := os.Stat(bundleFile); err == nil && info.IsDir() {
-				bundleFilePath = bundleFile
-			}
-			err = nil
-		} else {
-			err = pathErr
-		}
-	}
-	return bundleData, bundleFile, bundleFilePath, err
-}
-
-func (c *DeployCommand) deployCharmOrBundle(ctx *cmd.Context, client *api.Client) error {
-	deployer := serviceDeployer{ctx, c}
-
-	// We may have been given a local bundle file.
-	bundleData, bundleIdent, bundleFilePath, err := c.maybeReadLocalBundleData(ctx)
-	// If the bundle files existed but we couldn't read them, then
-	// return that error rather than trying to interpret as a charm.
-	if err != nil {
-		if info, statErr := os.Stat(c.CharmOrBundle); statErr == nil {
-			if info.IsDir() {
-				if _, ok := err.(*charmrepo.NotFoundError); !ok {
-					return err
-				}
-			}
-		}
-	}
-
-	// If not a bundle then maybe a local charm.
-	if err != nil {
-		// Charm may have been supplied via a path reference.
-		ch, curl, charmErr := charmrepo.NewCharmAtPathForceSeries(c.CharmOrBundle, c.Series, c.Force)
-		if charmErr == nil {
-			if curl, charmErr = client.AddLocalCharm(curl, ch); charmErr != nil {
-				return charmErr
-			}
-			id := charmstore.CharmID{
-				URL: curl,
-				// Local charms don't need a channel.
-			}
-			var csMac *macaroon.Macaroon // local charms don't need one.
-			return c.deployCharm(deployCharmArgs{
-				id:       id,
-				csMac:    csMac,
-				series:   curl.Series,
-				ctx:      ctx,
-				client:   client,
-				deployer: &deployer,
-			})
-		}
-		// We check for several types of known error which indicate
-		// that the supplied reference was indeed a path but there was
-		// an issue reading the charm located there.
-		if charm.IsMissingSeriesError(charmErr) {
-			return charmErr
-		}
-		if charm.IsUnsupportedSeriesError(charmErr) {
-			return errors.Errorf("%v. Use --force to deploy the charm anyway.", charmErr)
-		}
-		if errors.Cause(charmErr) == zip.ErrFormat {
-			return errors.Errorf("invalid charm or bundle provided at %q", c.CharmOrBundle)
-		}
-		err = charmErr
-	}
-	if _, ok := err.(*charmrepo.NotFoundError); ok {
-		return errors.Errorf("no charm or bundle found at %q", c.CharmOrBundle)
-	}
-	// If we get a "not exists" error then we attempt to interpret the supplied
-	// charm or bundle reference as a URL below, otherwise we return the error.
-	if err != nil && err != os.ErrNotExist {
-		return err
-	}
-
-	conf, err := getClientConfig(client)
-	if err != nil {
-		return err
-	}
-
-	bakeryClient, err := c.BakeryClient()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	csClient := newCharmStoreClient(bakeryClient).WithChannel(c.Channel)
-
-	resolver := newCharmURLResolver(conf, csClient)
-
-	var storeCharmOrBundleURL *charm.URL
-	var store *charmrepo.CharmStore
-	var supportedSeries []string
-	// If we don't already have a bundle loaded, we try the charm store for a charm or bundle.
-	if bundleData == nil {
-		// Charm or bundle has been supplied as a URL so we resolve and deploy using the store.
-		storeCharmOrBundleURL, c.Channel, supportedSeries, store, err = resolver.resolve(c.CharmOrBundle)
-		if charm.IsUnsupportedSeriesError(err) {
-			return errors.Errorf("%v. Use --force to deploy the charm anyway.", err)
-		}
-		if err != nil {
-			return errors.Trace(err)
-		}
-		if storeCharmOrBundleURL.Series == "bundle" {
-			// Load the bundle entity.
-			bundle, err := store.GetBundle(storeCharmOrBundleURL)
-			if err != nil {
-				return errors.Trace(err)
-			}
-			bundleData = bundle.Data()
-			bundleIdent = storeCharmOrBundleURL.String()
-		}
-	}
-	// Handle a bundle.
-	if bundleData != nil {
-		if flags := getFlags(c.flagSet, charmOnlyFlags); len(flags) > 0 {
-			return errors.Errorf("Flags provided but not supported when deploying a bundle: %s.", strings.Join(flags, ", "))
-		}
-		// TODO(ericsnow) Do something with the CS macaroons that were returned?
-		if _, err := deployBundle(
-			bundleFilePath, bundleData, c.Channel, client, &deployer, resolver, ctx, c.BundleStorage,
-		); err != nil {
-			return errors.Trace(err)
-		}
-		ctx.Infof("deployment of bundle %q completed", bundleIdent)
-		return nil
-	}
-	// Handle a charm.
-	if flags := getFlags(c.flagSet, bundleOnlyFlags); len(flags) > 0 {
-		return errors.Errorf("Flags provided but not supported when deploying a charm: %s.", strings.Join(flags, ", "))
-	}
-	// Get the series to use.
-	series, message, err := charmSeries(c.Series, storeCharmOrBundleURL.Series, supportedSeries, c.Force, conf, deployFromCharm)
-	if charm.IsUnsupportedSeriesError(err) {
-		return errors.Errorf("%v. Use --force to deploy the charm anyway.", err)
-	}
-	// Store the charm in state.
-	curl, csMac, err := addCharmFromURL(client, storeCharmOrBundleURL, c.Channel, csClient)
-	if err != nil {
-		if err1, ok := errors.Cause(err).(*termsRequiredError); ok {
-			terms := strings.Join(err1.Terms, " ")
-			return errors.Errorf(`Declined: please agree to the following terms %s. Try: "juju agree %s"`, terms, terms)
-		}
-		return errors.Annotatef(err, "storing charm for URL %q", storeCharmOrBundleURL)
-	}
-	ctx.Infof("Added charm %q to the model.", curl)
-	ctx.Infof("Deploying charm %q %v.", curl, fmt.Sprintf(message, series))
-	id := charmstore.CharmID{
-		URL:     curl,
-		Channel: c.Channel,
-	}
-	return c.deployCharm(deployCharmArgs{
-		id:       id,
-		csMac:    csMac,
-		series:   series,
-		ctx:      ctx,
-		client:   client,
-		deployer: &deployer,
-	})
-}
-
-const (
-	msgUserRequestedSeries = "with the user specified series %q"
-	msgBundleSeries        = "with the series %q defined by the bundle"
-	msgSingleCharmSeries   = "with the charm series %q"
-	msgDefaultCharmSeries  = "with the default charm metadata series %q"
-	msgDefaultModelSeries  = "with the configured model default series %q"
-	msgLatestLTSSeries     = "with the latest LTS series %q"
-)
-
-const (
-	// deployFromBundle is passed to charmSeries when deploying from a bundle.
-	deployFromBundle = true
-
-	// deployFromCharm is passed to charmSeries when deploying a charm.
-	deployFromCharm = false
-)
-
-// charmSeries determine what series to use with a charm.
-// Order of preference is:
-// - user requested or defined by bundle when deploying
-// - default from charm metadata supported series
-// - model default
-// - charm store default
-func charmSeries(
-	requestedSeries, seriesFromCharm string,
-	supportedSeries []string,
-	force bool,
-	conf *config.Config,
-	fromBundle bool,
-) (string, string, error) {
-	// User has requested a series and we have a new charm with series in metadata.
-	if requestedSeries != "" && seriesFromCharm == "" {
-		if !force && !isSeriesSupported(requestedSeries, supportedSeries) {
-			return "", "", charm.NewUnsupportedSeriesError(requestedSeries, supportedSeries)
-		}
-		if fromBundle {
-			return requestedSeries, msgBundleSeries, nil
-		} else {
-			return requestedSeries, msgUserRequestedSeries, nil
-		}
-	}
-
-	// User has requested a series and it's an old charm for a single series.
-	if seriesFromCharm != "" {
-		if !force && requestedSeries != "" && requestedSeries != seriesFromCharm {
-			return "", "", charm.NewUnsupportedSeriesError(requestedSeries, []string{seriesFromCharm})
-		}
-		if requestedSeries != "" {
-			if fromBundle {
-				return requestedSeries, msgBundleSeries, nil
-			} else {
-				return requestedSeries, msgUserRequestedSeries, nil
-			}
-		}
-		return seriesFromCharm, msgSingleCharmSeries, nil
-	}
-
-	// Use charm default.
-	if len(supportedSeries) > 0 {
-		return supportedSeries[0], msgDefaultCharmSeries, nil
-	}
-
-	// Use model default supported series.
-	if defaultSeries, ok := conf.DefaultSeries(); ok {
-		if !force && !isSeriesSupported(defaultSeries, supportedSeries) {
-			return "", "", charm.NewUnsupportedSeriesError(defaultSeries, supportedSeries)
-		}
-		return defaultSeries, msgDefaultModelSeries, nil
-	}
-
-	// Use latest LTS.
-	latestLtsSeries := series.LatestLts()
-	if !force && !isSeriesSupported(latestLtsSeries, supportedSeries) {
-		return "", "", charm.NewUnsupportedSeriesError(latestLtsSeries, supportedSeries)
-	}
-	return latestLtsSeries, msgLatestLTSSeries, nil
-}
-
-type deployCharmArgs struct {
-	id       charmstore.CharmID
-	csMac    *macaroon.Macaroon
-	series   string
-	ctx      *cmd.Context
-	client   *api.Client
-	deployer *serviceDeployer
-}
-
-func (c *DeployCommand) deployCharm(args deployCharmArgs) (rErr error) {
-	charmInfo, err := args.client.CharmInfo(args.id.URL.String())
-	if err != nil {
-		return err
-	}
-
-	numUnits := c.NumUnits
-	if charmInfo.Meta.Subordinate {
-		if !constraints.IsEmpty(&c.Constraints) {
-			return errors.New("cannot use --constraints with subordinate service")
-		}
-		if numUnits == 1 && c.PlacementSpec == "" {
-			numUnits = 0
-		} else {
-			return errors.New("cannot use --num-units or --to with subordinate service")
-		}
-	}
-	serviceName := c.ServiceName
-	if serviceName == "" {
-		serviceName = charmInfo.Meta.Name
-	}
-
-	var configYAML []byte
-	if c.Config.Path != "" {
-		configYAML, err = c.Config.Read(args.ctx)
-		if err != nil {
-			return err
-		}
-	}
-
-	state, err := c.NewAPIRoot()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	bakeryClient, err := c.BakeryClient()
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	deployInfo := DeploymentInfo{
-		CharmID:     args.id,
-		ServiceName: serviceName,
-		ModelUUID:   args.client.ModelUUID(),
-	}
-
-	for _, step := range c.Steps {
-		err = step.RunPre(state, bakeryClient, args.ctx, deployInfo)
-		if err != nil {
-			return err
-		}
-	}
-
-	defer func() {
-		for _, step := range c.Steps {
-			err = step.RunPost(state, bakeryClient, args.ctx, deployInfo, rErr)
-			if err != nil {
-				rErr = err
-			}
-		}
-	}()
-
-	if args.id.URL != nil && args.id.URL.Schema != "local" && len(charmInfo.Meta.Terms) > 0 {
-		args.ctx.Infof("Deployment under prior agreement to terms: %s",
-			strings.Join(charmInfo.Meta.Terms, " "))
-	}
-
-	ids, err := handleResources(c, c.Resources, serviceName, args.id, args.csMac, charmInfo.Meta.Resources)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	params := serviceDeployParams{
-		charmID:       args.id,
-		serviceName:   serviceName,
-		series:        args.series,
-		numUnits:      numUnits,
-		configYAML:    string(configYAML),
-		constraints:   c.Constraints,
-		placement:     c.Placement,
-		storage:       c.Storage,
-		spaceBindings: c.Bindings,
-		resources:     ids,
-	}
-	return args.deployer.serviceDeploy(params)
-}
-
-type APICmd interface {
-	NewAPIRoot() (api.Connection, error)
-}
-
-func handleResources(c APICmd, resources map[string]string, serviceName string, chID charmstore.CharmID, csMac *macaroon.Macaroon, metaResources map[string]charmresource.Meta) (map[string]string, error) {
-	if len(resources) == 0 && len(metaResources) == 0 {
-		return nil, nil
-	}
-
-	api, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	ids, err := resourceadapters.DeployResources(serviceName, chID, csMac, resources, metaResources, api)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	return ids, nil
-}
-
-const parseBindErrorPrefix = "--bind must be in the form '[<default-space>] [<endpoint-name>=<space> ...]'. "
-
-// parseBind parses the --bind option. Valid forms are:
-// * relation-name=space-name
-// * extra-binding-name=space-name
-// * space-name (equivalent to binding all endpoints to the same space, i.e. service-default)
-// * The above in a space separated list to specify multiple bindings,
-//   e.g. "rel1=space1 ext1=space2 space3"
-func (c *DeployCommand) parseBind() error {
-	bindings := make(map[string]string)
-	if c.BindToSpaces == "" {
-		return nil
-	}
-
-	for _, s := range strings.Split(c.BindToSpaces, " ") {
-		s = strings.TrimSpace(s)
-		if s == "" {
-			continue
-		}
-
-		v := strings.Split(s, "=")
-		var endpoint, space string
-		switch len(v) {
-		case 1:
-			endpoint = ""
-			space = v[0]
-		case 2:
-			if v[0] == "" {
-				return errors.New(parseBindErrorPrefix + "Found = without endpoint name. Use a lone space name to set the default.")
-			}
-			endpoint = v[0]
-			space = v[1]
-		default:
-			return errors.New(parseBindErrorPrefix + "Found multiple = in binding. Did you forget to space-separate the binding list?")
-		}
-
-		if !names.IsValidSpace(space) {
-			return errors.New(parseBindErrorPrefix + "Space name invalid.")
-		}
-		bindings[endpoint] = space
-	}
-	c.Bindings = bindings
-	return nil
-}
-
-type serviceDeployParams struct {
-	charmID       charmstore.CharmID
-	serviceName   string
-	series        string
-	numUnits      int
-	configYAML    string
-	constraints   constraints.Value
-	placement     []*instance.Placement
-	storage       map[string]storage.Constraints
-	spaceBindings map[string]string
-	resources     map[string]string
-}
-
-type serviceDeployer struct {
-	ctx *cmd.Context
-	api APICmd
-}
-
-func (d *serviceDeployer) newServiceAPIClient() (*apiservice.Client, error) {
-	root, err := d.api.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiservice.NewClient(root), nil
-}
-
-func (d *serviceDeployer) newAnnotationsAPIClient() (*apiannotations.Client, error) {
-	root, err := d.api.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiannotations.NewClient(root), nil
-}
-
-func (c *serviceDeployer) serviceDeploy(args serviceDeployParams) error {
-	serviceClient, err := c.newServiceAPIClient()
-	if err != nil {
-		return err
-	}
-	defer serviceClient.Close()
-	for i, p := range args.placement {
-		if p.Scope == "model-uuid" {
-			p.Scope = serviceClient.ModelUUID()
-		}
-		args.placement[i] = p
-	}
-
-	clientArgs := apiservice.DeployArgs{
-		CharmID:          args.charmID,
-		ServiceName:      args.serviceName,
-		Series:           args.series,
-		NumUnits:         args.numUnits,
-		ConfigYAML:       args.configYAML,
-		Cons:             args.constraints,
-		Placement:        args.placement,
-		Storage:          args.storage,
-		EndpointBindings: args.spaceBindings,
-		Resources:        args.resources,
-	}
-
-	return serviceClient.Deploy(clientArgs)
-}
-
-func (c *DeployCommand) Run(ctx *cmd.Context) error {
-	client, err := c.NewAPIClient()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-
-	err = c.deployCharmOrBundle(ctx, client)
-	return block.ProcessBlockedError(err, block.BlockChange)
-}
-
-type metricCredentialsAPI interface {
-	SetMetricCredentials(string, []byte) error
-	Close() error
-}
-
-type metricsCredentialsAPIImpl struct {
-	api   *apiservice.Client
-	state api.Connection
-}
-
-// SetMetricCredentials sets the credentials on the service.
-func (s *metricsCredentialsAPIImpl) SetMetricCredentials(serviceName string, data []byte) error {
-	return s.api.SetMetricCredentials(serviceName, data)
-}
-
-// Close closes the api connection
-func (s *metricsCredentialsAPIImpl) Close() error {
-	err := s.state.Close()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	return nil
-}
-
-var getMetricCredentialsAPI = func(state api.Connection) (metricCredentialsAPI, error) {
-	return &metricsCredentialsAPIImpl{api: apiservice.NewClient(state), state: state}, nil
-}
-
-// getFlags returns the flags with the given names. Only flags that are set and
-// whose name is included in flagNames are included.
-func getFlags(flagSet *gnuflag.FlagSet, flagNames []string) []string {
-	flags := make([]string, 0, flagSet.NFlag())
-	flagSet.Visit(func(flag *gnuflag.Flag) {
-		for _, name := range flagNames {
-			if flag.Name == name {
-				flags = append(flags, flagWithMinus(name))
-			}
-		}
-	})
-	return flags
-}
-
-func flagWithMinus(name string) string {
-	if len(name) > 1 {
-		return "--" + name
-	}
-	return "-" + name
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/deploy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/deploy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/deploy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/deploy_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,1225 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"os"
-	"path"
-	"path/filepath"
-	"sort"
-	"strings"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	jujutesting "github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	"github.com/juju/utils/series"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/juju/charmstore.v5-unstable"
-	"gopkg.in/macaroon-bakery.v1/bakery"
-	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
-	"gopkg.in/macaroon-bakery.v1/bakerytest"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-	"launchpad.net/gnuflag"
-
-	"github.com/juju/juju/api"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cmd/juju/common"
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/provider/dummy"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/storage/poolmanager"
-	"github.com/juju/juju/storage/provider"
-	"github.com/juju/juju/testcharms"
-	coretesting "github.com/juju/juju/testing"
-)
-
-type DeploySuite struct {
-	testing.RepoSuite
-	common.CmdBlockHelper
-}
-
-func (s *DeploySuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-}
-
-var _ = gc.Suite(&DeploySuite{})
-
-func runDeploy(c *gc.C, args ...string) error {
-	_, err := coretesting.RunCommand(c, NewDeployCommand(), args...)
-	return err
-}
-
-var initErrorTests = []struct {
-	args []string
-	err  string
-}{
-	{
-		args: nil,
-		err:  `no charm or bundle specified`,
-	}, {
-		args: []string{"charm-name", "service-name", "hotdog"},
-		err:  `unrecognized args: \["hotdog"\]`,
-	}, {
-		args: []string{"craziness", "burble-1"},
-		err:  `invalid service name "burble-1"`,
-	}, {
-		args: []string{"craziness", "burble1", "-n", "0"},
-		err:  `--num-units must be a positive integer`,
-	}, {
-		args: []string{"craziness", "burble1", "--to", "#:foo"},
-		err:  `invalid --to parameter "#:foo"`,
-	}, {
-		args: []string{"craziness", "burble1", "--constraints", "gibber=plop"},
-		err:  `invalid value "gibber=plop" for flag --constraints: unknown constraint "gibber"`,
-	}, {
-		args: []string{"charm", "service", "--force"},
-		err:  `--force is only used with --series`,
-	},
-}
-
-func (s *DeploySuite) TestInitErrors(c *gc.C) {
-	for i, t := range initErrorTests {
-		c.Logf("test %d", i)
-		err := coretesting.InitCommand(NewDeployCommand(), t.args)
-		c.Assert(err, gc.ErrorMatches, t.err)
-	}
-}
-
-func (s *DeploySuite) TestNoCharmOrBundle(c *gc.C) {
-	err := runDeploy(c, c.MkDir())
-	c.Assert(err, gc.ErrorMatches, `no charm or bundle found at .*`)
-}
-
-func (s *DeploySuite) TestBlockDeploy(c *gc.C) {
-	// Block operation
-	s.BlockAllChanges(c, "TestBlockDeploy")
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "some-service-name", "--series", "quantal")
-	s.AssertBlocked(c, err, ".*TestBlockDeploy.*")
-}
-
-func (s *DeploySuite) TestInvalidPath(c *gc.C) {
-	err := runDeploy(c, "/home/nowhere")
-	c.Assert(err, gc.ErrorMatches, `charm or bundle URL has invalid form: "/home/nowhere"`)
-}
-
-func (s *DeploySuite) TestInvalidFileFormat(c *gc.C) {
-	path := filepath.Join(c.MkDir(), "bundle.yaml")
-	err := ioutil.WriteFile(path, []byte(":"), 0600)
-	c.Assert(err, jc.ErrorIsNil)
-	err = runDeploy(c, path)
-	c.Assert(err, gc.ErrorMatches, `invalid charm or bundle provided at ".*bundle.yaml"`)
-}
-
-func (s *DeploySuite) TestPathWithNoCharmOrBundle(c *gc.C) {
-	err := runDeploy(c, c.MkDir())
-	c.Assert(err, gc.ErrorMatches, `no charm or bundle found at .*`)
-}
-
-func (s *DeploySuite) TestInvalidURL(c *gc.C) {
-	err := runDeploy(c, "cs:craz~ness")
-	c.Assert(err, gc.ErrorMatches, `URL has invalid charm or bundle name: "cs:craz~ness"`)
-}
-
-func (s *DeploySuite) TestCharmDir(c *gc.C) {
-	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "dummy", curl, 1, 0)
-}
-
-func (s *DeploySuite) TestDeployFromPathRelativeDir(c *gc.C) {
-	testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
-	wd, err := os.Getwd()
-	c.Assert(err, jc.ErrorIsNil)
-	defer os.Chdir(wd)
-	err = os.Chdir(s.CharmsPath)
-	c.Assert(err, jc.ErrorIsNil)
-	err = runDeploy(c, "multi-series")
-	c.Assert(err, gc.ErrorMatches, `.*path "multi-series" can not be a relative path`)
-}
-
-func (s *DeploySuite) TestDeployFromPathOldCharm(c *gc.C) {
-	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
-	err := runDeploy(c, path, "--series", "precise")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:precise/dummy-1")
-	s.AssertService(c, "dummy", curl, 1, 0)
-}
-
-func (s *DeploySuite) TestDeployFromPathOldCharmMissingSeries(c *gc.C) {
-	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
-	err := runDeploy(c, path)
-	c.Assert(err, gc.ErrorMatches, "series not specified and charm does not define any")
-}
-
-func (s *DeploySuite) TestDeployFromPathDefaultSeries(c *gc.C) {
-	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
-	err := runDeploy(c, path)
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:precise/multi-series-1")
-	s.AssertService(c, "multi-series", curl, 1, 0)
-}
-
-func (s *DeploySuite) TestDeployFromPath(c *gc.C) {
-	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
-	err := runDeploy(c, path, "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/multi-series-1")
-	s.AssertService(c, "multi-series", curl, 1, 0)
-}
-
-func (s *DeploySuite) TestDeployFromPathUnsupportedSeries(c *gc.C) {
-	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
-	err := runDeploy(c, path, "--series", "quantal")
-	c.Assert(err, gc.ErrorMatches, `series "quantal" not supported by charm, supported series are: precise,trusty. Use --force to deploy the charm anyway.`)
-}
-
-func (s *DeploySuite) TestDeployFromPathUnsupportedSeriesForce(c *gc.C) {
-	path := testcharms.Repo.ClonedDirPath(s.CharmsPath, "multi-series")
-	err := runDeploy(c, path, "--series", "quantal", "--force")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:quantal/multi-series-1")
-	s.AssertService(c, "multi-series", curl, 1, 0)
-}
-
-func (s *DeploySuite) TestUpgradeCharmDir(c *gc.C) {
-	// Add the charm, so the url will exist and a new revision will be
-	// picked in service Deploy.
-	dummyCharm := s.AddTestingCharm(c, "dummy")
-
-	dirPath := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
-	err := runDeploy(c, dirPath, "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	upgradedRev := dummyCharm.Revision() + 1
-	curl := dummyCharm.URL().WithRevision(upgradedRev)
-	s.AssertService(c, "dummy", curl, 1, 0)
-	// Check the charm dir was left untouched.
-	ch, err := charm.ReadCharmDir(dirPath)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.Revision(), gc.Equals, 1)
-}
-
-func (s *DeploySuite) TestCharmBundle(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "some-service-name", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "some-service-name", curl, 1, 0)
-}
-
-func (s *DeploySuite) TestSubordinateCharm(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
-	err := runDeploy(c, ch, "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/logging-1")
-	s.AssertService(c, "logging", curl, 0, 0)
-}
-
-func (s *DeploySuite) TestConfig(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	path := setupConfigFile(c, c.MkDir())
-	err := runDeploy(c, ch, "dummy-service", "--config", path, "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	service, err := s.State.Service("dummy-service")
-	c.Assert(err, jc.ErrorIsNil)
-	settings, err := service.ConfigSettings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(settings, gc.DeepEquals, charm.Settings{
-		"skill-level": int64(9000),
-		"username":    "admin001",
-	})
-}
-
-func (s *DeploySuite) TestRelativeConfigPath(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	// Putting a config file in home is okay as $HOME is set to a tempdir
-	setupConfigFile(c, utils.Home())
-	err := runDeploy(c, ch, "dummy-service", "--config", "~/testconfig.yaml", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *DeploySuite) TestConfigError(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	path := setupConfigFile(c, c.MkDir())
-	err := runDeploy(c, ch, "other-service", "--config", path, "--series", "quantal")
-	c.Assert(err, gc.ErrorMatches, `no settings found for "other-service"`)
-	_, err = s.State.Service("other-service")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *DeploySuite) TestConstraints(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "--constraints", "mem=2G cpu-cores=2", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	service, _ := s.AssertService(c, "dummy", curl, 1, 0)
-	cons, err := service.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cons, jc.DeepEquals, constraints.MustParse("mem=2G cpu-cores=2"))
-}
-
-func (s *DeploySuite) TestResources(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	dir := c.MkDir()
-
-	foopath := path.Join(dir, "foo")
-	barpath := path.Join(dir, "bar")
-	err := ioutil.WriteFile(foopath, []byte("foo"), 0600)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ioutil.WriteFile(barpath, []byte("bar"), 0600)
-	c.Assert(err, jc.ErrorIsNil)
-
-	res1 := fmt.Sprintf("foo=%s", foopath)
-	res2 := fmt.Sprintf("bar=%s", barpath)
-
-	d := DeployCommand{}
-	args := []string{ch, "--resource", res1, "--resource", res2, "--series", "quantal"}
-
-	err = coretesting.InitCommand(modelcmd.Wrap(&d), args)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(d.Resources, gc.DeepEquals, map[string]string{
-		"foo": foopath,
-		"bar": barpath,
-	})
-}
-
-// TODO(ericsnow) Add tests for charmstore-based resources once the
-// endpoints are implemented.
-
-// TODO(wallyworld) - add another test that deploy with storage fails for older environments
-// (need deploy client to be refactored to use API stub)
-func (s *DeploySuite) TestStorage(c *gc.C) {
-	pm := poolmanager.New(state.NewStateSettings(s.State))
-	_, err := pm.Create("loop-pool", provider.LoopProviderType, map[string]interface{}{"foo": "bar"})
-	c.Assert(err, jc.ErrorIsNil)
-
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "storage-block")
-	err = runDeploy(c, ch, "--storage", "data=loop-pool,1G", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/storage-block-1")
-	service, _ := s.AssertService(c, "storage-block", curl, 1, 0)
-
-	cons, err := service.StorageConstraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cons, jc.DeepEquals, map[string]state.StorageConstraints{
-		"data": {
-			Pool:  "loop-pool",
-			Count: 1,
-			Size:  1024,
-		},
-		"allecto": {
-			Pool:  "loop",
-			Count: 0,
-			Size:  1024,
-		},
-	})
-}
-
-func (s *DeploySuite) TestPlacement(c *gc.C) {
-	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
-	// Add a machine that will be ignored due to placement directive.
-	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = runDeploy(c, ch, "-n", "1", "--to", "valid", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-
-	svc, err := s.State.Service("dummy")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// manually run staged assignments
-	errs, err := s.APIState.UnitAssigner().AssignUnits([]names.UnitTag{names.NewUnitTag("dummy/0")})
-	c.Assert(errs, gc.DeepEquals, []error{nil})
-	c.Assert(err, jc.ErrorIsNil)
-
-	units, err := svc.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(units, gc.HasLen, 1)
-	mid, err := units[0].AssignedMachineId()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mid, gc.Not(gc.Equals), machine.Id())
-}
-
-func (s *DeploySuite) TestSubordinateConstraints(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
-	err := runDeploy(c, ch, "--constraints", "mem=1G", "--series", "quantal")
-	c.Assert(err, gc.ErrorMatches, "cannot use --constraints with subordinate service")
-}
-
-func (s *DeploySuite) TestNumUnits(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "-n", "13", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "dummy", curl, 13, 0)
-}
-
-func (s *DeploySuite) TestNumUnitsSubordinate(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
-	err := runDeploy(c, "--num-units", "3", ch, "--series", "quantal")
-	c.Assert(err, gc.ErrorMatches, "cannot use --num-units or --to with subordinate service")
-	_, err = s.State.Service("dummy")
-	c.Assert(err, gc.ErrorMatches, `service "dummy" not found`)
-}
-
-func (s *DeploySuite) assertForceMachine(c *gc.C, machineId string) {
-	svc, err := s.State.Service("portlandia")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// manually run staged assignments
-	errs, err := s.APIState.UnitAssigner().AssignUnits([]names.UnitTag{names.NewUnitTag("portlandia/0")})
-	c.Assert(errs, gc.DeepEquals, []error{nil})
-	c.Assert(err, jc.ErrorIsNil)
-
-	units, err := svc.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(units, gc.HasLen, 1)
-
-	mid, err := units[0].AssignedMachineId()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mid, gc.Equals, machineId)
-}
-
-func (s *DeploySuite) TestForceMachine(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	err = runDeploy(c, "--to", machine.Id(), ch, "portlandia", "--series", series.LatestLts())
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertForceMachine(c, machine.Id())
-}
-
-func (s *DeploySuite) TestForceMachineExistingContainer(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	template := state.MachineTemplate{
-		Series: series.LatestLts(),
-		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}
-	container, err := s.State.AddMachineInsideNewMachine(template, template, instance.LXC)
-	c.Assert(err, jc.ErrorIsNil)
-	err = runDeploy(c, "--to", container.Id(), ch, "portlandia", "--series", series.LatestLts())
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertForceMachine(c, container.Id())
-	machines, err := s.State.AllMachines()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(machines, gc.HasLen, 2)
-}
-
-func (s *DeploySuite) TestForceMachineNewContainer(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	err = runDeploy(c, "--to", "lxc:"+machine.Id(), ch, "portlandia", "--series", series.LatestLts())
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertForceMachine(c, machine.Id()+"/lxc/0")
-
-	for a := coretesting.LongAttempt.Start(); a.Next(); {
-		machines, err := s.State.AllMachines()
-		c.Assert(err, jc.ErrorIsNil)
-		if !a.HasNext() {
-			c.Assert(machines, gc.HasLen, 2)
-			break
-		}
-		if len(machines) == 2 {
-			break
-		}
-	}
-}
-
-func (s *DeploySuite) TestForceMachineNotFound(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, "--to", "42", ch, "portlandia", "--series", "quantal")
-	c.Assert(err, gc.ErrorMatches, `cannot deploy "portlandia" to machine 42: machine 42 not found`)
-	_, err = s.State.Service("portlandia")
-	c.Assert(err, gc.ErrorMatches, `service "portlandia" not found`)
-}
-
-func (s *DeploySuite) TestForceMachineSubordinate(c *gc.C) {
-	machine, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
-	err = runDeploy(c, "--to", machine.Id(), ch, "--series", "quantal")
-	c.Assert(err, gc.ErrorMatches, "cannot use --num-units or --to with subordinate service")
-	_, err = s.State.Service("dummy")
-	c.Assert(err, gc.ErrorMatches, `service "dummy" not found`)
-}
-
-func (s *DeploySuite) TestNonLocalCannotHostUnits(c *gc.C) {
-	err := runDeploy(c, "--to", "0", "local:dummy", "portlandia")
-	c.Assert(err, gc.Not(gc.ErrorMatches), "machine 0 is the controller for a local model and cannot host units")
-}
-
-func (s *DeploySuite) TestCharmSeries(c *gc.C) {
-	deploySeriesTests := []struct {
-		requestedSeries string
-		force           bool
-		seriesFromCharm string
-		supportedSeries []string
-		modelSeries     string
-		ltsSeries       string
-		expectedSeries  string
-		message         string
-		err             string
-	}{{
-		ltsSeries:       "precise",
-		modelSeries:     "wily",
-		supportedSeries: []string{"trusty", "precise"},
-		expectedSeries:  "trusty",
-		message:         "with the default charm metadata series %q",
-	}, {
-		requestedSeries: "trusty",
-		seriesFromCharm: "trusty",
-		expectedSeries:  "trusty",
-		message:         "with the user specified series %q",
-	}, {
-		requestedSeries: "wily",
-		seriesFromCharm: "trusty",
-		err:             `series "wily" not supported by charm, supported series are: trusty`,
-	}, {
-		requestedSeries: "wily",
-		supportedSeries: []string{"trusty", "precise"},
-		err:             `series "wily" not supported by charm, supported series are: trusty,precise`,
-	}, {
-		ltsSeries: series.LatestLts(),
-		err:       `series .* not supported by charm, supported series are: .*`,
-	}, {
-		modelSeries: "xenial",
-		err:         `series "xenial" not supported by charm, supported series are: .*`,
-	}, {
-		requestedSeries: "wily",
-		seriesFromCharm: "trusty",
-		expectedSeries:  "wily",
-		message:         "with the user specified series %q",
-		force:           true,
-	}, {
-		requestedSeries: "wily",
-		supportedSeries: []string{"trusty", "precise"},
-		expectedSeries:  "wily",
-		message:         "with the user specified series %q",
-		force:           true,
-	}, {
-		ltsSeries:      series.LatestLts(),
-		force:          true,
-		expectedSeries: series.LatestLts(),
-		message:        "with the latest LTS series %q",
-	}, {
-		ltsSeries:      "precise",
-		modelSeries:    "xenial",
-		force:          true,
-		expectedSeries: "xenial",
-		message:        "with the configured model default series %q",
-	}}
-
-	for i, test := range deploySeriesTests {
-		c.Logf("test %d", i)
-		cfg, err := config.New(config.UseDefaults, dummy.SampleConfig().Merge(coretesting.Attrs{
-			"default-series": test.modelSeries,
-		}))
-		c.Assert(err, jc.ErrorIsNil)
-		series, msg, err := charmSeries(test.requestedSeries, test.seriesFromCharm, test.supportedSeries, test.force, cfg, false)
-		if test.err != "" {
-			c.Check(err, gc.ErrorMatches, test.err)
-			continue
-		}
-		c.Assert(err, jc.ErrorIsNil)
-		c.Check(series, gc.Equals, test.expectedSeries)
-		c.Check(msg, gc.Matches, test.message)
-	}
-}
-
-type DeployLocalSuite struct {
-	testing.RepoSuite
-}
-
-var _ = gc.Suite(&DeployLocalSuite{})
-
-func (s *DeployLocalSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-}
-
-// setupConfigFile creates a configuration file for testing set
-// with the --config argument specifying a configuration file.
-func setupConfigFile(c *gc.C, dir string) string {
-	ctx := coretesting.ContextForDir(c, dir)
-	path := ctx.AbsPath("testconfig.yaml")
-	content := []byte("dummy-service:\n  skill-level: 9000\n  username: admin001\n\n")
-	err := ioutil.WriteFile(path, content, 0666)
-	c.Assert(err, jc.ErrorIsNil)
-	return path
-}
-
-type DeployCharmStoreSuite struct {
-	charmStoreSuite
-}
-
-var _ = gc.Suite(&DeployCharmStoreSuite{})
-
-var deployAuthorizationTests = []struct {
-	about        string
-	uploadURL    string
-	deployURL    string
-	readPermUser string
-	expectError  string
-	expectOutput string
-}{{
-	about:     "public charm, success",
-	uploadURL: "cs:~bob/trusty/wordpress1-10",
-	deployURL: "cs:~bob/trusty/wordpress1",
-	expectOutput: `
-Added charm "cs:~bob/trusty/wordpress1-10" to the model.
-Deploying charm "cs:~bob/trusty/wordpress1-10" with the charm series "trusty".`,
-}, {
-	about:     "public charm, fully resolved, success",
-	uploadURL: "cs:~bob/trusty/wordpress2-10",
-	deployURL: "cs:~bob/trusty/wordpress2-10",
-	expectOutput: `
-Added charm "cs:~bob/trusty/wordpress2-10" to the model.
-Deploying charm "cs:~bob/trusty/wordpress2-10" with the charm series "trusty".`,
-}, {
-	about:        "non-public charm, success",
-	uploadURL:    "cs:~bob/trusty/wordpress3-10",
-	deployURL:    "cs:~bob/trusty/wordpress3",
-	readPermUser: clientUserName,
-	expectOutput: `
-Added charm "cs:~bob/trusty/wordpress3-10" to the model.
-Deploying charm "cs:~bob/trusty/wordpress3-10" with the charm series "trusty".`,
-}, {
-	about:        "non-public charm, fully resolved, success",
-	uploadURL:    "cs:~bob/trusty/wordpress4-10",
-	deployURL:    "cs:~bob/trusty/wordpress4-10",
-	readPermUser: clientUserName,
-	expectOutput: `
-Added charm "cs:~bob/trusty/wordpress4-10" to the model.
-Deploying charm "cs:~bob/trusty/wordpress4-10" with the charm series "trusty".`,
-}, {
-	about:        "non-public charm, access denied",
-	uploadURL:    "cs:~bob/trusty/wordpress5-10",
-	deployURL:    "cs:~bob/trusty/wordpress5",
-	readPermUser: "bob",
-	expectError:  `cannot resolve (charm )?URL "cs:~bob/trusty/wordpress5": cannot get "/~bob/trusty/wordpress5/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
-}, {
-	about:        "non-public charm, fully resolved, access denied",
-	uploadURL:    "cs:~bob/trusty/wordpress6-47",
-	deployURL:    "cs:~bob/trusty/wordpress6-47",
-	readPermUser: "bob",
-	expectError:  `cannot resolve charm URL "cs:~bob/trusty/wordpress6-47": cannot get "/~bob/trusty/wordpress6-47/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
-}, {
-	about:     "public bundle, success",
-	uploadURL: "cs:~bob/bundle/wordpress-simple1-42",
-	deployURL: "cs:~bob/bundle/wordpress-simple1",
-	expectOutput: `
-added charm cs:trusty/mysql-0
-service mysql deployed (charm cs:trusty/mysql-0 with the charm series "trusty")
-added charm cs:trusty/wordpress-1
-service wordpress deployed (charm cs:trusty/wordpress-1 with the charm series "trusty")
-related wordpress:db and mysql:server
-added mysql/0 unit to new machine
-added wordpress/0 unit to new machine
-deployment of bundle "cs:~bob/bundle/wordpress-simple1-42" completed`,
-}, {
-	about:        "non-public bundle, success",
-	uploadURL:    "cs:~bob/bundle/wordpress-simple2-0",
-	deployURL:    "cs:~bob/bundle/wordpress-simple2-0",
-	readPermUser: clientUserName,
-	expectOutput: `
-added charm cs:trusty/mysql-0
-reusing service mysql (charm: cs:trusty/mysql-0)
-added charm cs:trusty/wordpress-1
-reusing service wordpress (charm: cs:trusty/wordpress-1)
-wordpress:db and mysql:server are already related
-avoid adding new units to service mysql: 1 unit already present
-avoid adding new units to service wordpress: 1 unit already present
-deployment of bundle "cs:~bob/bundle/wordpress-simple2-0" completed`,
-}, {
-	about:        "non-public bundle, access denied",
-	uploadURL:    "cs:~bob/bundle/wordpress-simple3-47",
-	deployURL:    "cs:~bob/bundle/wordpress-simple3",
-	readPermUser: "bob",
-	expectError:  `cannot resolve charm URL "cs:~bob/bundle/wordpress-simple3": cannot get "/~bob/bundle/wordpress-simple3/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
-}}
-
-func (s *DeployCharmStoreSuite) TestDeployAuthorization(c *gc.C) {
-	// Upload the two charms required to upload the bundle.
-	testcharms.UploadCharm(c, s.client, "trusty/mysql-0", "mysql")
-	testcharms.UploadCharm(c, s.client, "trusty/wordpress-1", "wordpress")
-
-	// Run the tests.
-	for i, test := range deployAuthorizationTests {
-		c.Logf("test %d: %s", i, test.about)
-
-		// Upload the charm or bundle under test.
-		url := charm.MustParseURL(test.uploadURL)
-		if url.Series == "bundle" {
-			url, _ = testcharms.UploadBundle(c, s.client, test.uploadURL, "wordpress-simple")
-		} else {
-			url, _ = testcharms.UploadCharm(c, s.client, test.uploadURL, "wordpress")
-		}
-
-		// Change the ACL of the uploaded entity if required in this case.
-		if test.readPermUser != "" {
-			s.changeReadPerm(c, url, test.readPermUser)
-		}
-		ctx, err := coretesting.RunCommand(c, NewDeployCommand(), test.deployURL, fmt.Sprintf("wordpress%d", i))
-		if test.expectError != "" {
-			c.Check(err, gc.ErrorMatches, test.expectError)
-			continue
-		}
-		c.Assert(err, jc.ErrorIsNil)
-		output := strings.Trim(coretesting.Stderr(ctx), "\n")
-		c.Check(output, gc.Equals, strings.TrimSpace(test.expectOutput))
-	}
-}
-
-func (s *DeployCharmStoreSuite) TestDeployWithTermsSuccess(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "trusty/terms1-1", "terms1")
-	output, err := runDeployCommand(c, "trusty/terms1")
-	c.Assert(err, jc.ErrorIsNil)
-	expectedOutput := `
-Added charm "cs:trusty/terms1-1" to the model.
-Deploying charm "cs:trusty/terms1-1" with the charm series "trusty".
-Deployment under prior agreement to terms: term1/1 term3/1
-`
-	c.Assert(output, gc.Equals, strings.TrimSpace(expectedOutput))
-	s.assertCharmsUploaded(c, "cs:trusty/terms1-1")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"terms1": {charm: "cs:trusty/terms1-1"},
-	})
-	_, err = s.State.Unit("terms1/0")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *DeploySuite) TestDeployLocalWithTerms(c *gc.C) {
-	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "terms1")
-	output, err := runDeployCommand(c, ch, "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	// should not produce any output
-	c.Assert(output, gc.Equals, "")
-
-	curl := charm.MustParseURL("local:trusty/terms1-1")
-	s.AssertService(c, "terms1", curl, 1, 0)
-}
-
-func (s *DeployCharmStoreSuite) TestDeployWithTermsNotSigned(c *gc.C) {
-	s.termsDischargerError = &httpbakery.Error{
-		Message: "term agreement required: term/1 term/2",
-		Code:    "term agreement required",
-	}
-	testcharms.UploadCharm(c, s.client, "quantal/terms1-1", "terms1")
-	_, err := runDeployCommand(c, "quantal/terms1")
-	expectedError := `Declined: please agree to the following terms term/1 term/2. Try: "juju agree term/1 term/2"`
-	c.Assert(err, gc.ErrorMatches, expectedError)
-}
-
-func (s *DeployCharmStoreSuite) TestDeployWithChannel(c *gc.C) {
-	ch := testcharms.Repo.CharmArchive(c.MkDir(), "wordpress")
-	id := charm.MustParseURL("cs:~client-username/precise/wordpress-0")
-	err := s.client.UploadCharmWithRevision(id, ch, -1)
-	c.Assert(err, gc.IsNil)
-
-	err = s.client.Publish(id, []csclientparams.Channel{csclientparams.DevelopmentChannel}, nil)
-	c.Assert(err, gc.IsNil)
-
-	_, err = runDeployCommand(c, "--channel", "development", "~client-username/wordpress")
-	c.Assert(err, gc.IsNil)
-	s.assertCharmsUploaded(c, "cs:~client-username/precise/wordpress-0")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"wordpress": {charm: "cs:~client-username/precise/wordpress-0"},
-	})
-}
-
-const (
-	// clientUserCookie is the name of the cookie which is
-	// used to signal to the charmStoreSuite macaroon discharger
-	// that the client is a juju client rather than the juju environment.
-	clientUserCookie = "client"
-
-	// clientUserName is the name chosen for the juju client
-	// when it has authorized.
-	clientUserName = "client-username"
-)
-
-// charmStoreSuite is a suite fixture that puts the machinery in
-// place to allow testing code that calls addCharmViaAPI.
-type charmStoreSuite struct {
-	testing.JujuConnSuite
-	handler              charmstore.HTTPCloseHandler
-	srv                  *httptest.Server
-	client               *csclient.Client
-	discharger           *bakerytest.Discharger
-	termsDischarger      *bakerytest.Discharger
-	termsDischargerError error
-	termsString          string
-}
-
-func (s *charmStoreSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-
-	// Set up the third party discharger.
-	s.discharger = bakerytest.NewDischarger(nil, func(req *http.Request, cond string, arg string) ([]checkers.Caveat, error) {
-		cookie, err := req.Cookie(clientUserCookie)
-		if err != nil {
-			return nil, errors.Annotate(err, "discharge denied to non-clients")
-		}
-		return []checkers.Caveat{
-			checkers.DeclaredCaveat("username", cookie.Value),
-		}, nil
-	})
-
-	s.termsDischargerError = nil
-	// Set up the third party terms discharger.
-	s.termsDischarger = bakerytest.NewDischarger(nil, func(req *http.Request, cond string, arg string) ([]checkers.Caveat, error) {
-		s.termsString = arg
-		return nil, s.termsDischargerError
-	})
-	s.termsString = ""
-
-	keyring := bakery.NewPublicKeyRing()
-
-	pk, err := httpbakery.PublicKeyForLocation(http.DefaultClient, s.discharger.Location())
-	c.Assert(err, gc.IsNil)
-	err = keyring.AddPublicKeyForLocation(s.discharger.Location(), true, pk)
-	c.Assert(err, gc.IsNil)
-
-	pk, err = httpbakery.PublicKeyForLocation(http.DefaultClient, s.termsDischarger.Location())
-	c.Assert(err, gc.IsNil)
-	err = keyring.AddPublicKeyForLocation(s.termsDischarger.Location(), true, pk)
-	c.Assert(err, gc.IsNil)
-
-	// Set up the charm store testing server.
-	db := s.Session.DB("juju-testing")
-	params := charmstore.ServerParams{
-		AuthUsername:     "test-user",
-		AuthPassword:     "test-password",
-		IdentityLocation: s.discharger.Location(),
-		PublicKeyLocator: keyring,
-		TermsLocation:    s.termsDischarger.Location(),
-	}
-	handler, err := charmstore.NewServer(db, nil, "", params, charmstore.V5)
-	c.Assert(err, jc.ErrorIsNil)
-	s.handler = handler
-	s.srv = httptest.NewServer(handler)
-	c.Logf("started charmstore on %v", s.srv.URL)
-	s.client = csclient.New(csclient.Params{
-		URL:      s.srv.URL,
-		User:     params.AuthUsername,
-		Password: params.AuthPassword,
-	})
-
-	// Initialize the charm cache dir.
-	s.PatchValue(&charmrepo.CacheDir, c.MkDir())
-
-	// Point the CLI to the charm store testing server.
-	s.PatchValue(&newCharmStoreClient, func(client *httpbakery.Client) *csclient.Client {
-		// Add a cookie so that the discharger can detect whether the
-		// HTTP client is the juju environment or the juju client.
-		lurl, err := url.Parse(s.discharger.Location())
-		c.Assert(err, jc.ErrorIsNil)
-		client.Jar.SetCookies(lurl, []*http.Cookie{{
-			Name:  clientUserCookie,
-			Value: clientUserName,
-		}})
-		return csclient.New(csclient.Params{
-			URL:          s.srv.URL,
-			BakeryClient: client,
-		})
-	})
-
-	// Point the Juju API server to the charm store testing server.
-	s.PatchValue(&csclient.ServerURL, s.srv.URL)
-}
-
-func (s *charmStoreSuite) TearDownTest(c *gc.C) {
-	s.discharger.Close()
-	s.handler.Close()
-	s.srv.Close()
-	s.JujuConnSuite.TearDownTest(c)
-}
-
-// changeReadPerm changes the read permission of the given charm URL.
-// The charm must be present in the testing charm store.
-func (s *charmStoreSuite) changeReadPerm(c *gc.C, url *charm.URL, perms ...string) {
-	err := s.client.Put("/"+url.Path()+"/meta/perm/read", perms)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-// assertCharmsUploaded checks that the given charm ids have been uploaded.
-func (s *charmStoreSuite) assertCharmsUploaded(c *gc.C, ids ...string) {
-	charms, err := s.State.AllCharms()
-	c.Assert(err, jc.ErrorIsNil)
-	uploaded := make([]string, len(charms))
-	for i, charm := range charms {
-		uploaded[i] = charm.URL().String()
-	}
-	c.Assert(uploaded, jc.SameContents, ids)
-}
-
-// serviceInfo holds information about a deployed service.
-type serviceInfo struct {
-	charm            string
-	config           charm.Settings
-	constraints      constraints.Value
-	exposed          bool
-	storage          map[string]state.StorageConstraints
-	endpointBindings map[string]string
-}
-
-// assertDeployedServiceBindings checks that services were deployed into the
-// expected spaces. It is separate to assertServicesDeployed because it is only
-// relevant to a couple of tests.
-func (s *charmStoreSuite) assertDeployedServiceBindings(c *gc.C, info map[string]serviceInfo) {
-	services, err := s.State.AllServices()
-	c.Assert(err, jc.ErrorIsNil)
-
-	for _, service := range services {
-		endpointBindings, err := service.EndpointBindings()
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(endpointBindings, jc.DeepEquals, info[service.Name()].endpointBindings)
-	}
-}
-
-// assertServicesDeployed checks that the given services have been deployed.
-func (s *charmStoreSuite) assertServicesDeployed(c *gc.C, info map[string]serviceInfo) {
-	services, err := s.State.AllServices()
-	c.Assert(err, jc.ErrorIsNil)
-	deployed := make(map[string]serviceInfo, len(services))
-	for _, service := range services {
-		charm, _ := service.CharmURL()
-		config, err := service.ConfigSettings()
-		c.Assert(err, jc.ErrorIsNil)
-		if len(config) == 0 {
-			config = nil
-		}
-		constraints, err := service.Constraints()
-		c.Assert(err, jc.ErrorIsNil)
-		storage, err := service.StorageConstraints()
-		c.Assert(err, jc.ErrorIsNil)
-		if len(storage) == 0 {
-			storage = nil
-		}
-		deployed[service.Name()] = serviceInfo{
-			charm:       charm.String(),
-			config:      config,
-			constraints: constraints,
-			exposed:     service.IsExposed(),
-			storage:     storage,
-		}
-	}
-	c.Assert(deployed, jc.DeepEquals, info)
-}
-
-// assertRelationsEstablished checks that the given relations have been set.
-func (s *charmStoreSuite) assertRelationsEstablished(c *gc.C, relations ...string) {
-	rs, err := s.State.AllRelations()
-	c.Assert(err, jc.ErrorIsNil)
-	established := make([]string, len(rs))
-	for i, r := range rs {
-		established[i] = r.String()
-	}
-	c.Assert(established, jc.SameContents, relations)
-}
-
-// assertUnitsCreated checks that the given units have been created. The
-// expectedUnits argument maps unit names to machine names.
-func (s *charmStoreSuite) assertUnitsCreated(c *gc.C, expectedUnits map[string]string) {
-	machines, err := s.State.AllMachines()
-	c.Assert(err, jc.ErrorIsNil)
-	created := make(map[string]string)
-	for _, m := range machines {
-		id := m.Id()
-		units, err := s.State.UnitsFor(id)
-		c.Assert(err, jc.ErrorIsNil)
-		for _, u := range units {
-			created[u.Name()] = id
-		}
-	}
-	c.Assert(created, jc.DeepEquals, expectedUnits)
-}
-
-type testMetricCredentialsSetter struct {
-	assert func(string, []byte)
-	err    error
-}
-
-func (t *testMetricCredentialsSetter) SetMetricCredentials(serviceName string, data []byte) error {
-	t.assert(serviceName, data)
-	return t.err
-}
-
-func (t *testMetricCredentialsSetter) Close() error {
-	return nil
-}
-
-func (s *DeployCharmStoreSuite) TestAddMetricCredentials(c *gc.C) {
-	var called bool
-	setter := &testMetricCredentialsSetter{
-		assert: func(serviceName string, data []byte) {
-			called = true
-			c.Assert(serviceName, gc.DeepEquals, "metered")
-			var b []byte
-			err := json.Unmarshal(data, &b)
-			c.Assert(err, gc.IsNil)
-			c.Assert(string(b), gc.Equals, "hello registration")
-		},
-	}
-
-	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
-		return setter, nil
-	})
-	defer cleanup()
-
-	stub := &jujutesting.Stub{}
-	handler := &testMetricsRegistrationHandler{Stub: stub}
-	server := httptest.NewServer(handler)
-	defer server.Close()
-
-	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
-	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{RegisterURL: server.URL, QueryURL: server.URL}}}
-	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1", "--plan", "someplan")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("cs:quantal/metered-1")
-	svc, err := s.State.Service("metered")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, _, err := svc.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL(), gc.DeepEquals, curl)
-	c.Assert(called, jc.IsTrue)
-	modelUUID := s.Environ.Config().UUID()
-	stub.CheckCalls(c, []jujutesting.StubCall{{
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   modelUUID,
-			CharmURL:    "cs:quantal/metered-1",
-			ServiceName: "metered",
-			PlanURL:     "someplan",
-			Budget:      "personal",
-			Limit:       "0",
-		}},
-	}})
-}
-
-func (s *DeployCharmStoreSuite) TestAddMetricCredentialsDefaultPlan(c *gc.C) {
-	var called bool
-	setter := &testMetricCredentialsSetter{
-		assert: func(serviceName string, data []byte) {
-			called = true
-			c.Assert(serviceName, gc.DeepEquals, "metered")
-			var b []byte
-			err := json.Unmarshal(data, &b)
-			c.Assert(err, gc.IsNil)
-			c.Assert(string(b), gc.Equals, "hello registration")
-		},
-	}
-
-	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
-		return setter, nil
-	})
-	defer cleanup()
-
-	stub := &jujutesting.Stub{}
-	handler := &testMetricsRegistrationHandler{Stub: stub}
-	server := httptest.NewServer(handler)
-	defer server.Close()
-
-	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
-	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{RegisterURL: server.URL, QueryURL: server.URL}}}
-	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("cs:quantal/metered-1")
-	svc, err := s.State.Service("metered")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, _, err := svc.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL(), gc.DeepEquals, curl)
-	c.Assert(called, jc.IsTrue)
-	modelUUID := s.Environ.Config().UUID()
-	stub.CheckCalls(c, []jujutesting.StubCall{{
-		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   modelUUID,
-			CharmURL:    "cs:quantal/metered-1",
-			ServiceName: "metered",
-			PlanURL:     "thisplan",
-			Budget:      "personal",
-			Limit:       "0",
-		}},
-	}})
-}
-
-func (s *DeploySuite) TestAddMetricCredentialsDefaultForUnmeteredCharm(c *gc.C) {
-	var called bool
-	setter := &testMetricCredentialsSetter{
-		assert: func(serviceName string, data []byte) {
-			called = true
-			c.Assert(serviceName, gc.DeepEquals, "dummy")
-			c.Assert(data, gc.DeepEquals, []byte{})
-		},
-	}
-
-	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
-		return setter, nil
-	})
-	defer cleanup()
-
-	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "dummy")
-
-	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{}}}
-	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), ch, "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "dummy", curl, 1, 0)
-	c.Assert(called, jc.IsFalse)
-}
-
-func (s *DeploySuite) TestDeployFlags(c *gc.C) {
-	command := DeployCommand{}
-	flagSet := gnuflag.NewFlagSet(command.Info().Name, gnuflag.ContinueOnError)
-	command.SetFlags(flagSet)
-	c.Assert(command.flagSet, jc.DeepEquals, flagSet)
-	// Add to the slice below if a new flag is introduced which is valid for
-	// both charms and bundles.
-	charmAndBundleFlags := []string{"channel", "storage"}
-	var allFlags []string
-	flagSet.VisitAll(func(flag *gnuflag.Flag) {
-		allFlags = append(allFlags, flag.Name)
-	})
-	declaredFlags := append(charmAndBundleFlags, charmOnlyFlags...)
-	declaredFlags = append(declaredFlags, bundleOnlyFlags...)
-	sort.Strings(declaredFlags)
-	c.Assert(declaredFlags, jc.DeepEquals, allFlags)
-}
-
-func (s *DeployCharmStoreSuite) TestDeployCharmWithSomeEndpointBindingsSpecifiedSuccess(c *gc.C) {
-	_, err := s.State.AddSpace("db", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddSpace("public", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-
-	testcharms.UploadCharm(c, s.client, "cs:quantal/wordpress-extra-bindings-1", "wordpress-extra-bindings")
-	err = runDeploy(c, "cs:quantal/wordpress-extra-bindings-1", "--bind", "db=db db-client=db public admin-api=public")
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"wordpress-extra-bindings": {charm: "cs:quantal/wordpress-extra-bindings-1"},
-	})
-	s.assertDeployedServiceBindings(c, map[string]serviceInfo{
-		"wordpress-extra-bindings": {
-			endpointBindings: map[string]string{
-				"cache":           "public",
-				"url":             "public",
-				"logging-dir":     "public",
-				"monitoring-port": "public",
-				"db":              "db",
-				"db-client":       "db",
-				"admin-api":       "public",
-				"foo-bar":         "public",
-				"cluster":         "public",
-			},
-		},
-	})
-}
-
-func (s *DeployCharmStoreSuite) TestDeployCharmsEndpointNotImplemented(c *gc.C) {
-	setter := &testMetricCredentialsSetter{
-		assert: func(serviceName string, data []byte) {},
-		err: &params.Error{
-			Message: "IsMetered",
-			Code:    params.CodeNotImplemented,
-		},
-	}
-	cleanup := jujutesting.PatchValue(&getMetricCredentialsAPI, func(_ api.Connection) (metricCredentialsAPI, error) {
-		return setter, nil
-	})
-	defer cleanup()
-
-	stub := &jujutesting.Stub{}
-	handler := &testMetricsRegistrationHandler{Stub: stub}
-	server := httptest.NewServer(handler)
-	defer server.Close()
-
-	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
-	deploy := &DeployCommand{Steps: []DeployStep{&RegisterMeteredCharm{RegisterURL: server.URL, QueryURL: server.URL}}}
-	_, err := coretesting.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1", "--plan", "someplan")
-
-	c.Assert(err, gc.ErrorMatches, "IsMetered")
-}
-
-type ParseBindSuite struct {
-}
-
-var _ = gc.Suite(&ParseBindSuite{})
-
-func (s *ParseBindSuite) TestParseSuccessWithEmptyArgs(c *gc.C) {
-	s.checkParseOKForArgs(c, "", nil)
-}
-
-func (s *ParseBindSuite) TestParseSuccessWithEndpointsOnly(c *gc.C) {
-	s.checkParseOKForArgs(c, "foo=a bar=b", map[string]string{"foo": "a", "bar": "b"})
-}
-
-func (s *ParseBindSuite) TestParseSuccessWithServiceDefaultSpaceOnly(c *gc.C) {
-	s.checkParseOKForArgs(c, "service-default", map[string]string{"": "service-default"})
-}
-
-func (s *ParseBindSuite) TestBindingsOrderForDefaultSpaceAndEndpointsDoesNotMatter(c *gc.C) {
-	expectedBindings := map[string]string{
-		"ep1": "sp1",
-		"ep2": "sp2",
-		"":    "sp3",
-	}
-	s.checkParseOKForArgs(c, "ep1=sp1 ep2=sp2 sp3", expectedBindings)
-	s.checkParseOKForArgs(c, "ep1=sp1 sp3 ep2=sp2", expectedBindings)
-	s.checkParseOKForArgs(c, "ep2=sp2 ep1=sp1 sp3", expectedBindings)
-	s.checkParseOKForArgs(c, "ep2=sp2 sp3 ep1=sp1", expectedBindings)
-	s.checkParseOKForArgs(c, "sp3 ep1=sp1 ep2=sp2", expectedBindings)
-	s.checkParseOKForArgs(c, "sp3 ep2=sp2 ep1=sp1", expectedBindings)
-}
-
-func (s *ParseBindSuite) TestParseFailsWithSpaceNameButNoEndpoint(c *gc.C) {
-	s.checkParseFailsForArgs(c, "=bad", "Found = without endpoint name. Use a lone space name to set the default.")
-}
-
-func (s *ParseBindSuite) TestParseFailsWithTooManyEqualsSignsInArgs(c *gc.C) {
-	s.checkParseFailsForArgs(c, "foo=bar=baz", "Found multiple = in binding. Did you forget to space-separate the binding list?")
-}
-
-func (s *ParseBindSuite) TestParseFailsWithBadSpaceName(c *gc.C) {
-	s.checkParseFailsForArgs(c, "rel1=spa#ce1", "Space name invalid.")
-}
-
-func (s *ParseBindSuite) runParseBindWithArgs(args string) (error, map[string]string) {
-	deploy := &DeployCommand{BindToSpaces: args}
-	return deploy.parseBind(), deploy.Bindings
-}
-
-func (s *ParseBindSuite) checkParseOKForArgs(c *gc.C, args string, expectedBindings map[string]string) {
-	err, parsedBindings := s.runParseBindWithArgs(args)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(parsedBindings, jc.DeepEquals, expectedBindings)
-}
-
-func (s *ParseBindSuite) checkParseFailsForArgs(c *gc.C, args string, expectedErrorSuffix string) {
-	err, parsedBindings := s.runParseBindWithArgs(args)
-	c.Check(err.Error(), gc.Equals, parseBindErrorPrefix+expectedErrorSuffix)
-	c.Check(parsedBindings, gc.IsNil)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,46 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/cmd"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-// NewSetCommandForTest returns a SetCommand with the api provided as specified.
-func NewSetCommandForTest(serviceAPI serviceAPI) cmd.Command {
-	return modelcmd.Wrap(&setCommand{
-		serviceApi: serviceAPI,
-	})
-}
-
-// NewGetCommand returns a GetCommand with the api provided as specified.
-func NewGetCommandForTest(api getServiceAPI) cmd.Command {
-	return modelcmd.Wrap(&getCommand{
-		api: api,
-	})
-}
-
-// NewAddUnitCommandForTest returns an AddUnitCommand with the api provided as specified.
-func NewAddUnitCommandForTest(api serviceAddUnitAPI) cmd.Command {
-	return modelcmd.Wrap(&addUnitCommand{
-		api: api,
-	})
-}
-
-type Patcher interface {
-	PatchValue(dest, value interface{})
-}
-
-func PatchNewCharmStoreClient(s Patcher, url string) {
-	s.PatchValue(&newCharmStoreClient, func(bakeryClient *httpbakery.Client) *csclient.Client {
-		return csclient.New(csclient.Params{
-			URL:          url,
-			BakeryClient: bakeryClient,
-		})
-	})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/expose.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/expose.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/expose.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/expose.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/api/service"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-var usageExposeSummary = `
-Makes a service publicly available over the network.`[1:]
-
-var usageExposeDetails = `
-Adjusts the firewall rules and any relevant security mechanisms of the
-cloud to allow public access to the service.
-
-Examples:
-    juju expose wordpress
-
-See also: 
-    unexpose`[1:]
-
-// NewExposeCommand returns a command to expose services.
-func NewExposeCommand() cmd.Command {
-	return modelcmd.Wrap(&exposeCommand{})
-}
-
-// exposeCommand is responsible exposing services.
-type exposeCommand struct {
-	modelcmd.ModelCommandBase
-	ServiceName string
-}
-
-func (c *exposeCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "expose",
-		Args:    "<service name>",
-		Purpose: usageExposeSummary,
-		Doc:     usageExposeDetails,
-	}
-}
-
-func (c *exposeCommand) Init(args []string) error {
-	if len(args) == 0 {
-		return errors.New("no service name specified")
-	}
-	c.ServiceName = args[0]
-	return cmd.CheckEmpty(args[1:])
-}
-
-type serviceExposeAPI interface {
-	Close() error
-	Expose(serviceName string) error
-	Unexpose(serviceName string) error
-}
-
-func (c *exposeCommand) getAPI() (serviceExposeAPI, error) {
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return service.NewClient(root), nil
-}
-
-// Run changes the juju-managed firewall to expose any
-// ports that were also explicitly marked by units as open.
-func (c *exposeCommand) Run(_ *cmd.Context) error {
-	client, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-	return block.ProcessBlockedError(client.Expose(c.ServiceName), block.BlockChange)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/expose_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/expose_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/expose_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/expose_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,75 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/cmd/juju/common"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/rpc"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-)
-
-type ExposeSuite struct {
-	jujutesting.RepoSuite
-	common.CmdBlockHelper
-}
-
-func (s *ExposeSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-}
-
-var _ = gc.Suite(&ExposeSuite{})
-
-func runExpose(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, NewExposeCommand(), args...)
-	return err
-}
-
-func (s *ExposeSuite) assertExposed(c *gc.C, service string) {
-	svc, err := s.State.Service(service)
-	c.Assert(err, jc.ErrorIsNil)
-	exposed := svc.IsExposed()
-	c.Assert(exposed, jc.IsTrue)
-}
-
-func (s *ExposeSuite) TestExpose(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "some-service-name", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "some-service-name", curl, 1, 0)
-
-	err = runExpose(c, "some-service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertExposed(c, "some-service-name")
-
-	err = runExpose(c, "nonexistent-service")
-	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-		Message: `service "nonexistent-service" not found`,
-		Code:    "not found",
-	})
-}
-
-func (s *ExposeSuite) TestBlockExpose(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "some-service-name", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "some-service-name", curl, 1, 0)
-
-	// Block operation
-	s.BlockAllChanges(c, "TestBlockExpose")
-
-	err = runExpose(c, "some-service-name")
-	s.AssertBlocked(c, err, ".*TestBlockExpose.*")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/fakeservice_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/fakeservice_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/fakeservice_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/fakeservice_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,102 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"fmt"
-
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/apiserver/params"
-)
-
-// fakeServiceAPI is the fake service API for testing the service
-// update command.
-type fakeServiceAPI struct {
-	serviceName string
-	charmName   string
-	values      map[string]interface{}
-	config      string
-	err         error
-}
-
-func (f *fakeServiceAPI) Update(args params.ServiceUpdate) error {
-	if f.err != nil {
-		return f.err
-	}
-
-	if args.ServiceName != f.serviceName {
-		return errors.NotFoundf("service %q", args.ServiceName)
-	}
-
-	f.config = args.SettingsYAML
-	return nil
-}
-
-func (f *fakeServiceAPI) Close() error {
-	return nil
-}
-
-func (f *fakeServiceAPI) Get(service string) (*params.ServiceGetResults, error) {
-	if service != f.serviceName {
-		return nil, errors.NotFoundf("service %q", service)
-	}
-
-	configInfo := make(map[string]interface{})
-	for k, v := range f.values {
-		configInfo[k] = map[string]interface{}{
-			"description": fmt.Sprintf("Specifies %s", k),
-			"type":        fmt.Sprintf("%T", v),
-			"value":       v,
-		}
-	}
-
-	return &params.ServiceGetResults{
-		Service: f.serviceName,
-		Charm:   f.charmName,
-		Config:  configInfo,
-	}, nil
-}
-
-func (f *fakeServiceAPI) Set(service string, options map[string]string) error {
-	if f.err != nil {
-		return f.err
-	}
-
-	if service != f.serviceName {
-		return errors.NotFoundf("service %q", service)
-	}
-
-	if f.values == nil {
-		f.values = make(map[string]interface{})
-	}
-	for k, v := range options {
-		f.values[k] = v
-	}
-
-	return nil
-}
-
-func (f *fakeServiceAPI) Unset(service string, options []string) error {
-	if f.err != nil {
-		return f.err
-	}
-
-	if service != f.serviceName {
-		return errors.NotFoundf("service %q", service)
-	}
-
-	// Verify all options before unsetting any of them.
-	for _, name := range options {
-		if _, ok := f.values[name]; !ok {
-			return fmt.Errorf("unknown option %q", name)
-		}
-	}
-
-	for _, name := range options {
-		delete(f.values, name)
-	}
-
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/flags.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/flags.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/flags.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/flags.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,105 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/storage"
-)
-
-type storageFlag struct {
-	stores       *map[string]storage.Constraints
-	bundleStores *map[string]map[string]storage.Constraints
-}
-
-// Set implements gnuflag.Value.Set.
-func (f storageFlag) Set(s string) error {
-	fields := strings.SplitN(s, "=", 2)
-	if len(fields) < 2 {
-		return errors.New("expected [<service>:]<store>=<constraints>")
-	}
-	var serviceName, storageName string
-	if colon := strings.IndexRune(fields[0], ':'); colon >= 0 {
-		serviceName = fields[0][:colon]
-		storageName = fields[0][colon+1:]
-	} else {
-		storageName = fields[0]
-	}
-	cons, err := storage.ParseConstraints(fields[1])
-	if err != nil {
-		return errors.Annotate(err, "cannot parse disk constraints")
-	}
-	var stores map[string]storage.Constraints
-	if serviceName != "" {
-		if *f.bundleStores == nil {
-			*f.bundleStores = make(map[string]map[string]storage.Constraints)
-		}
-		stores = (*f.bundleStores)[serviceName]
-		if stores == nil {
-			stores = make(map[string]storage.Constraints)
-			(*f.bundleStores)[serviceName] = stores
-		}
-	} else {
-		if *f.stores == nil {
-			*f.stores = make(map[string]storage.Constraints)
-		}
-		stores = *f.stores
-	}
-	stores[storageName] = cons
-	return nil
-}
-
-// String implements gnuflag.Value.String.
-func (f storageFlag) String() string {
-	strs := make([]string, 0, len(*f.stores)+len(*f.bundleStores))
-	for store, cons := range *f.stores {
-		strs = append(strs, fmt.Sprintf("%s=%v", store, cons))
-	}
-	for service, stores := range *f.bundleStores {
-		for store, cons := range stores {
-			strs = append(strs, fmt.Sprintf("%s:%s=%v", service, store, cons))
-		}
-	}
-	return strings.Join(strs, " ")
-}
-
-// stringMap is a type that deserializes a CLI string using gnuflag's Value
-// semantics.  It expects a name=value pair, and supports multiple copies of the
-// flag adding more pairs, though the names must be unique.
-type stringMap struct {
-	mapping *map[string]string
-}
-
-// Set implements gnuflag.Value's Set method.
-func (m stringMap) Set(s string) error {
-	if *m.mapping == nil {
-		*m.mapping = map[string]string{}
-	}
-	// make a copy so the following code is less ugly with dereferencing.
-	mapping := *m.mapping
-
-	vals := strings.SplitN(s, "=", 2)
-	if len(vals) != 2 {
-		return errors.NewNotValid(nil, "badly formatted name value pair: "+s)
-	}
-	name, value := vals[0], vals[1]
-	if _, ok := mapping[name]; ok {
-		return errors.Errorf("duplicate name specified: %q", name)
-	}
-	mapping[name] = value
-	return nil
-}
-
-// String implements gnuflag.Value's String method
-func (m stringMap) String() string {
-	pairs := make([]string, 0, len(*m.mapping))
-	for name, value := range *m.mapping {
-		pairs = append(pairs, name+"="+value)
-	}
-	return strings.Join(pairs, ";")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/flags_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/flags_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/flags_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/flags_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,49 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-)
-
-var _ = gc.Suite(&FlagSuite{})
-
-type FlagSuite struct {
-	testing.IsolationSuite
-}
-
-func (FlagSuite) TestStringMapNilOk(c *gc.C) {
-	// note that the map may start out nil
-	var values map[string]string
-	c.Assert(values, gc.IsNil)
-	sm := stringMap{&values}
-	err := sm.Set("foo=foovalue")
-	c.Assert(err, jc.ErrorIsNil)
-	err = sm.Set("bar=barvalue")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// now the map is non-nil and filled
-	c.Assert(values, gc.DeepEquals, map[string]string{
-		"foo": "foovalue",
-		"bar": "barvalue",
-	})
-}
-
-func (FlagSuite) TestStringMapBadVal(c *gc.C) {
-	sm := stringMap{&map[string]string{}}
-	err := sm.Set("foo")
-	c.Assert(err, jc.Satisfies, errors.IsNotValid)
-	c.Assert(err, gc.ErrorMatches, "badly formatted name value pair: foo")
-}
-
-func (FlagSuite) TestStringMapDupVal(c *gc.C) {
-	sm := stringMap{&map[string]string{}}
-	err := sm.Set("bar=somevalue")
-	c.Assert(err, jc.ErrorIsNil)
-	err = sm.Set("bar=someothervalue")
-	c.Assert(err, gc.ErrorMatches, ".*duplicate.*bar.*")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/get.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/get.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/get.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,110 +0,0 @@
-// Copyright 2012-2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"launchpad.net/gnuflag"
-
-	"github.com/juju/juju/api/service"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-var usageGetConfigSummary = `
-Displays configuration settings for a deployed service.`[1:]
-
-var usageGetConfigDetails = `
-Output includes the name of the charm used to deploy the service and a
-listing of the service-specific configuration settings.
-See `[1:] + "`juju status`" + ` for service names.
-
-Examples:
-    juju get-config mysql
-    juju get-config mysql-testing
-
-See also: 
-    set-config
-    deploy
-    status`
-
-// NewGetCommand returns a command used to get service attributes.
-func NewGetCommand() cmd.Command {
-	return modelcmd.Wrap(&getCommand{})
-}
-
-// getCommand retrieves the configuration of a service.
-type getCommand struct {
-	modelcmd.ModelCommandBase
-	ServiceName string
-	out         cmd.Output
-	api         getServiceAPI
-}
-
-func (c *getCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "get-config",
-		Args:    "<service name>",
-		Purpose: usageGetConfigSummary,
-		Doc:     usageGetConfigDetails,
-		Aliases: []string{"get-configs"},
-	}
-}
-
-func (c *getCommand) SetFlags(f *gnuflag.FlagSet) {
-	// TODO(dfc) add json formatting ?
-	c.out.AddFlags(f, "yaml", map[string]cmd.Formatter{
-		"yaml": cmd.FormatYaml,
-	})
-}
-
-func (c *getCommand) Init(args []string) error {
-	// TODO(dfc) add --schema-only
-	if len(args) == 0 {
-		return errors.New("no service name specified")
-	}
-	c.ServiceName = args[0]
-	return cmd.CheckEmpty(args[1:])
-}
-
-// getServiceAPI defines the methods on the client API
-// that the service get command calls.
-type getServiceAPI interface {
-	Close() error
-	Get(service string) (*params.ServiceGetResults, error)
-}
-
-func (c *getCommand) getAPI() (getServiceAPI, error) {
-	if c.api != nil {
-		return c.api, nil
-	}
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return service.NewClient(root), nil
-}
-
-// Run fetches the configuration of the service and formats
-// the result as a YAML string.
-func (c *getCommand) Run(ctx *cmd.Context) error {
-	apiclient, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer apiclient.Close()
-
-	results, err := apiclient.Get(c.ServiceName)
-	if err != nil {
-		return err
-	}
-
-	resultsMap := map[string]interface{}{
-		"service":  results.Service,
-		"charm":    results.Charm,
-		"settings": results.Config,
-	}
-	return c.out.Write(ctx, resultsMap)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/get_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/get_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/get_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/get_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,100 +0,0 @@
-// Copyright 2012-2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"bytes"
-
-	"github.com/juju/cmd"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	goyaml "gopkg.in/yaml.v2"
-
-	"github.com/juju/juju/cmd/juju/service"
-	coretesting "github.com/juju/juju/testing"
-)
-
-type GetSuite struct {
-	coretesting.FakeJujuXDGDataHomeSuite
-	fake *fakeServiceAPI
-}
-
-var _ = gc.Suite(&GetSuite{})
-
-var getTests = []struct {
-	service  string
-	expected map[string]interface{}
-}{
-	{
-		"dummy-service",
-		map[string]interface{}{
-			"service": "dummy-service",
-			"charm":   "dummy",
-			"settings": map[string]interface{}{
-				"title": map[string]interface{}{
-					"description": "Specifies title",
-					"type":        "string",
-					"value":       "Nearly There",
-				},
-				"skill-level": map[string]interface{}{
-					"description": "Specifies skill-level",
-					"value":       100,
-					"type":        "int",
-				},
-				"username": map[string]interface{}{
-					"description": "Specifies username",
-					"type":        "string",
-					"value":       "admin001",
-				},
-				"outlook": map[string]interface{}{
-					"description": "Specifies outlook",
-					"type":        "string",
-					"value":       "true",
-				},
-			},
-		},
-	},
-
-	// TODO(dfc) add additional services (need more charms)
-	// TODO(dfc) add set tests
-}
-
-func (s *GetSuite) SetUpTest(c *gc.C) {
-	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
-	s.fake = &fakeServiceAPI{serviceName: "dummy-service", charmName: "dummy",
-		values: map[string]interface{}{
-			"title":       "Nearly There",
-			"skill-level": 100,
-			"username":    "admin001",
-			"outlook":     "true",
-		}}
-}
-
-func (s *GetSuite) TestGetCommandInit(c *gc.C) {
-	// missing args
-	err := coretesting.InitCommand(service.NewGetCommandForTest(s.fake), []string{})
-	c.Assert(err, gc.ErrorMatches, "no service name specified")
-}
-
-func (s *GetSuite) TestGetConfig(c *gc.C) {
-	for _, t := range getTests {
-		ctx := coretesting.Context(c)
-		code := cmd.Main(service.NewGetCommandForTest(s.fake), ctx, []string{t.service})
-		c.Check(code, gc.Equals, 0)
-		c.Assert(ctx.Stderr.(*bytes.Buffer).String(), gc.Equals, "")
-		// round trip via goyaml to avoid being sucked into a quagmire of
-		// map[interface{}]interface{} vs map[string]interface{}. This is
-		// also required if we add json support to this command.
-		buf, err := goyaml.Marshal(t.expected)
-		c.Assert(err, jc.ErrorIsNil)
-		expected := make(map[string]interface{})
-		err = goyaml.Unmarshal(buf, &expected)
-		c.Assert(err, jc.ErrorIsNil)
-
-		actual := make(map[string]interface{})
-		err = goyaml.Unmarshal(ctx.Stdout.(*bytes.Buffer).Bytes(), &actual)
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(actual, gc.DeepEquals, expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,26 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"runtime"
-	stdtesting "testing"
-
-	gittesting "github.com/juju/testing"
-
-	_ "github.com/juju/juju/provider/dummy"
-	"github.com/juju/juju/testing"
-)
-
-// TODO(wallyworld) - convert tests moved across from commands package to not require mongo
-
-func TestPackage(t *stdtesting.T) {
-	if runtime.GOARCH == "386" {
-		t.Skipf("skipping package for %v/%v, see http://pad.lv/1425569", runtime.GOOS, runtime.GOARCH)
-	}
-	if gittesting.RaceEnabled {
-		t.Skip("skipping test in -race mode, see LP 1518810")
-	}
-	testing.MgoTestPackage(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/register.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/register.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/register.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/register.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,285 +0,0 @@
-// Copyright 2015 Canonical Ltd. All rights reserved.
-
-package service
-
-import (
-	"bytes"
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"net/url"
-	"regexp"
-	"strings"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-	"launchpad.net/gnuflag"
-
-	"github.com/juju/juju/api"
-	"github.com/juju/juju/api/charms"
-)
-
-var budgetWithLimitRe = regexp.MustCompile(`^[a-zA-Z0-9\-]+:[0-9]+$`)
-
-type metricRegistrationPost struct {
-	ModelUUID   string `json:"env-uuid"`
-	CharmURL    string `json:"charm-url"`
-	ServiceName string `json:"service-name"`
-	PlanURL     string `json:"plan-url"`
-	Budget      string `json:"budget"`
-	Limit       string `json:"limit"`
-}
-
-// RegisterMeteredCharm implements the DeployStep interface.
-type RegisterMeteredCharm struct {
-	AllocationSpec string
-	Plan           string
-	RegisterURL    string
-	QueryURL       string
-	credentials    []byte
-	budget         string
-	limit          string
-}
-
-func (r *RegisterMeteredCharm) SetFlags(f *gnuflag.FlagSet) {
-	f.StringVar(&r.AllocationSpec, "budget", "personal:0", "budget and allocation limit")
-	f.StringVar(&r.Plan, "plan", "", "plan to deploy charm under")
-}
-
-// RunPre obtains authorization to deploy this charm. The authorization, if received is not
-// sent to the controller, rather it is kept as an attribute on RegisterMeteredCharm.
-func (r *RegisterMeteredCharm) RunPre(state api.Connection, bakeryClient *httpbakery.Client, ctx *cmd.Context, deployInfo DeploymentInfo) error {
-	if allocBudget, allocLimit, err := parseBudgetWithLimit(r.AllocationSpec); err == nil {
-		// Make these available to registration if valid.
-		r.budget, r.limit = allocBudget, allocLimit
-	} else {
-		return errors.Trace(err)
-	}
-
-	charmsClient := charms.NewClient(state)
-	metered, err := charmsClient.IsMetered(deployInfo.CharmID.URL.String())
-	if err != nil {
-		return err
-	}
-	if !metered {
-		return nil
-	}
-
-	if r.Plan == "" && deployInfo.CharmID.URL.Schema == "cs" {
-		r.Plan, err = r.getDefaultPlan(bakeryClient, deployInfo.CharmID.URL.String())
-		if err != nil {
-			if isNoDefaultPlanError(err) {
-				options, err1 := r.getCharmPlans(bakeryClient, deployInfo.CharmID.URL.String())
-				if err1 != nil {
-					return err1
-				}
-				charmUrl := deployInfo.CharmID.URL.String()
-				return errors.Errorf(`%v has no default plan. Try "juju deploy --plan <plan-name> with one of %v"`, charmUrl, strings.Join(options, ", "))
-			}
-			return err
-		}
-	}
-
-	r.credentials, err = r.registerMetrics(
-		deployInfo.ModelUUID,
-		deployInfo.CharmID.URL.String(),
-		deployInfo.ServiceName,
-		r.budget,
-		r.limit,
-		bakeryClient)
-	if err != nil {
-		if deployInfo.CharmID.URL.Schema == "cs" {
-			logger.Infof("failed to obtain plan authorization: %v", err)
-			return err
-		}
-		logger.Debugf("no plan authorization: %v", err)
-	}
-	return nil
-}
-
-// RunPost sends credentials obtained during the call to RunPre to the controller.
-func (r *RegisterMeteredCharm) RunPost(state api.Connection, bakeryClient *httpbakery.Client, ctx *cmd.Context, deployInfo DeploymentInfo, prevErr error) error {
-	if prevErr != nil {
-		return nil
-	}
-	if r.credentials == nil {
-		return nil
-	}
-	api, cerr := getMetricCredentialsAPI(state)
-	if cerr != nil {
-		logger.Infof("failed to get the metrics credentials setter: %v", cerr)
-		return cerr
-	}
-	defer api.Close()
-
-	err := api.SetMetricCredentials(deployInfo.ServiceName, r.credentials)
-	if err != nil {
-		logger.Warningf("failed to set metric credentials: %v", err)
-		return errors.Trace(err)
-	}
-
-	return nil
-}
-
-type noDefaultPlanError struct {
-	cUrl string
-}
-
-func (e *noDefaultPlanError) Error() string {
-	return fmt.Sprintf("%v has no default plan", e.cUrl)
-}
-
-func isNoDefaultPlanError(e error) bool {
-	_, ok := e.(*noDefaultPlanError)
-	return ok
-}
-
-func (r *RegisterMeteredCharm) getDefaultPlan(client *httpbakery.Client, cURL string) (string, error) {
-	if r.QueryURL == "" {
-		return "", errors.Errorf("no plan query url specified")
-	}
-
-	qURL, err := url.Parse(r.QueryURL + "/default")
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-
-	query := qURL.Query()
-	query.Set("charm-url", cURL)
-	qURL.RawQuery = query.Encode()
-
-	req, err := http.NewRequest("GET", qURL.String(), nil)
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-
-	response, err := client.Do(req)
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	defer response.Body.Close()
-
-	if response.StatusCode == http.StatusNotFound {
-		return "", &noDefaultPlanError{cURL}
-	}
-	if response.StatusCode != http.StatusOK {
-		return "", errors.Errorf("failed to query default plan: http response is %d", response.StatusCode)
-	}
-
-	var planInfo struct {
-		URL string `json:"url"`
-	}
-	dec := json.NewDecoder(response.Body)
-	err = dec.Decode(&planInfo)
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	return planInfo.URL, nil
-}
-
-func (r *RegisterMeteredCharm) getCharmPlans(client *httpbakery.Client, cURL string) ([]string, error) {
-	if r.QueryURL == "" {
-		return nil, errors.Errorf("no plan query url specified")
-	}
-	qURL, err := url.Parse(r.QueryURL)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	query := qURL.Query()
-	query.Set("charm-url", cURL)
-	qURL.RawQuery = query.Encode()
-
-	req, err := http.NewRequest("GET", qURL.String(), nil)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	response, err := client.Do(req)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	defer response.Body.Close()
-
-	if response.StatusCode != http.StatusOK {
-		return nil, errors.Errorf("failed to query plans: http response is %d", response.StatusCode)
-	}
-
-	var planInfo []struct {
-		URL string `json:"url"`
-	}
-	dec := json.NewDecoder(response.Body)
-	err = dec.Decode(&planInfo)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	info := make([]string, len(planInfo))
-	for i, p := range planInfo {
-		info[i] = p.URL
-	}
-	return info, nil
-}
-
-func (r *RegisterMeteredCharm) registerMetrics(environmentUUID, charmURL, serviceName, budget, limit string, client *httpbakery.Client) ([]byte, error) {
-	if r.RegisterURL == "" {
-		return nil, errors.Errorf("no metric registration url is specified")
-	}
-	registerURL, err := url.Parse(r.RegisterURL)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	registrationPost := metricRegistrationPost{
-		ModelUUID:   environmentUUID,
-		CharmURL:    charmURL,
-		ServiceName: serviceName,
-		PlanURL:     r.Plan,
-		Budget:      budget,
-		Limit:       limit,
-	}
-
-	buff := &bytes.Buffer{}
-	encoder := json.NewEncoder(buff)
-	err = encoder.Encode(registrationPost)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	req, err := http.NewRequest("POST", registerURL.String(), nil)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	req.Header.Set("Content-Type", "application/json")
-
-	response, err := client.DoWithBody(req, bytes.NewReader(buff.Bytes()))
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	defer response.Body.Close()
-
-	if response.StatusCode == http.StatusOK {
-		b, err := ioutil.ReadAll(response.Body)
-		if err != nil {
-			return nil, errors.Annotatef(err, "failed to read the response")
-		}
-		return b, nil
-	}
-	var respError struct {
-		Error string `json:"error"`
-	}
-	err = json.NewDecoder(response.Body).Decode(&respError)
-	if err != nil {
-		return nil, errors.Errorf("authorization failed: http response is %d", response.StatusCode)
-	}
-	return nil, errors.Errorf("authorization failed: %s", respError.Error)
-}
-
-func parseBudgetWithLimit(bl string) (string, string, error) {
-	if !budgetWithLimitRe.MatchString(bl) {
-		return "", "", errors.New("invalid allocation, expecting <budget>:<limit>")
-	}
-	parts := strings.Split(bl, ":")
-	return parts[0], parts[1], nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/register_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/register_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/register_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/register_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,490 +0,0 @@
-// Copyright 2015 Canonical Ltd. All rights reserved.
-
-package service
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"net/http/httptest"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-
-	"github.com/juju/juju/api"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/charmstore"
-	coretesting "github.com/juju/juju/testing"
-)
-
-var _ = gc.Suite(&registrationSuite{})
-
-type registrationSuite struct {
-	testing.CleanupSuite
-	stub     *testing.Stub
-	handler  *testMetricsRegistrationHandler
-	server   *httptest.Server
-	register DeployStep
-	ctx      *cmd.Context
-}
-
-func (s *registrationSuite) SetUpTest(c *gc.C) {
-	s.CleanupSuite.SetUpTest(c)
-	s.stub = &testing.Stub{}
-	s.handler = &testMetricsRegistrationHandler{Stub: s.stub}
-	s.server = httptest.NewServer(s.handler)
-	s.register = &RegisterMeteredCharm{
-		Plan:           "someplan",
-		RegisterURL:    s.server.URL,
-		AllocationSpec: "personal:100",
-	}
-	s.ctx = coretesting.Context(c)
-}
-
-func (s *registrationSuite) TearDownTest(c *gc.C) {
-	s.CleanupSuite.TearDownTest(c)
-	s.server.Close()
-}
-
-func (s *registrationSuite) TestMeteredCharm(c *gc.C) {
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
-	c.Assert(err, jc.ErrorIsNil)
-	authorization, err := json.Marshal([]byte("hello registration"))
-	authorization = append(authorization, byte(0xa))
-	c.Assert(err, jc.ErrorIsNil)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/metered-1"}},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   "model uuid",
-			CharmURL:    "cs:quantal/metered-1",
-			ServiceName: "service name",
-			PlanURL:     "someplan",
-			Budget:      "personal",
-			Limit:       "100",
-		}},
-	}, {
-		"APICall", []interface{}{"Service", "SetMetricCredentials", params.ServiceMetricCredentials{
-			Creds: []params.ServiceMetricCredential{params.ServiceMetricCredential{
-				ServiceName:       "service name",
-				MetricCredentials: authorization,
-			}},
-		}},
-	}})
-}
-
-func (s *registrationSuite) TestMeteredCharmAPIError(c *gc.C) {
-	s.stub.SetErrors(nil, errors.New("something failed"))
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, gc.ErrorMatches, `authorization failed: something failed`)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/metered-1"}},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   "model uuid",
-			CharmURL:    "cs:quantal/metered-1",
-			ServiceName: "service name",
-			PlanURL:     "someplan",
-			Budget:      "personal",
-			Limit:       "100",
-		}},
-	}})
-}
-
-func (s *registrationSuite) TestMeteredCharmInvalidAllocation(c *gc.C) {
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	s.register = &RegisterMeteredCharm{
-		Plan:           "someplan",
-		RegisterURL:    s.server.URL,
-		AllocationSpec: "invalid allocation",
-	}
-
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, gc.ErrorMatches, `invalid allocation, expecting <budget>:<limit>`)
-	s.stub.CheckNoCalls(c)
-}
-
-func (s *registrationSuite) TestMeteredCharmDeployError(c *gc.C) {
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, jc.ErrorIsNil)
-	deployError := errors.New("deployment failed")
-	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, deployError)
-	c.Assert(err, jc.ErrorIsNil)
-	authorization, err := json.Marshal([]byte("hello registration"))
-	authorization = append(authorization, byte(0xa))
-	c.Assert(err, jc.ErrorIsNil)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/metered-1"}},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   "model uuid",
-			CharmURL:    "cs:quantal/metered-1",
-			ServiceName: "service name",
-			PlanURL:     "someplan",
-			Budget:      "personal",
-			Limit:       "100",
-		}},
-	}})
-}
-
-func (s *registrationSuite) TestMeteredLocalCharmWithPlan(c *gc.C) {
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("local:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
-	c.Assert(err, jc.ErrorIsNil)
-	authorization, err := json.Marshal([]byte("hello registration"))
-	authorization = append(authorization, byte(0xa))
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "local:quantal/metered-1"}},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   "model uuid",
-			CharmURL:    "local:quantal/metered-1",
-			ServiceName: "service name",
-			PlanURL:     "someplan",
-			Budget:      "personal",
-			Limit:       "100",
-		}},
-	}, {
-		"APICall", []interface{}{"Service", "SetMetricCredentials", params.ServiceMetricCredentials{
-			Creds: []params.ServiceMetricCredential{params.ServiceMetricCredential{
-				ServiceName:       "service name",
-				MetricCredentials: authorization,
-			}},
-		}},
-	}})
-}
-
-func (s *registrationSuite) TestMeteredLocalCharmNoPlan(c *gc.C) {
-	s.register = &RegisterMeteredCharm{
-		RegisterURL:    s.server.URL,
-		QueryURL:       s.server.URL,
-		AllocationSpec: "personal:100",
-	}
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("local:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
-	c.Assert(err, jc.ErrorIsNil)
-	authorization, err := json.Marshal([]byte("hello registration"))
-	authorization = append(authorization, byte(0xa))
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "local:quantal/metered-1"}},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   "model uuid",
-			CharmURL:    "local:quantal/metered-1",
-			ServiceName: "service name",
-			PlanURL:     "",
-			Budget:      "personal",
-			Limit:       "100",
-		}},
-	}, {
-		"APICall", []interface{}{"Service", "SetMetricCredentials", params.ServiceMetricCredentials{
-			Creds: []params.ServiceMetricCredential{params.ServiceMetricCredential{
-				ServiceName:       "service name",
-				MetricCredentials: authorization,
-			}},
-		}},
-	}})
-}
-
-func (s *registrationSuite) TestMeteredCharmNoPlanSet(c *gc.C) {
-	s.register = &RegisterMeteredCharm{
-		AllocationSpec: "personal:100",
-		RegisterURL:    s.server.URL,
-		QueryURL:       s.server.URL}
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
-	c.Assert(err, jc.ErrorIsNil)
-	authorization, err := json.Marshal([]byte("hello registration"))
-	authorization = append(authorization, byte(0xa))
-	c.Assert(err, jc.ErrorIsNil)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/metered-1"}},
-	}, {
-		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   "model uuid",
-			CharmURL:    "cs:quantal/metered-1",
-			ServiceName: "service name",
-			PlanURL:     "thisplan",
-			Budget:      "personal",
-			Limit:       "100",
-		}},
-	}, {
-		"APICall", []interface{}{"Service", "SetMetricCredentials", params.ServiceMetricCredentials{
-			Creds: []params.ServiceMetricCredential{params.ServiceMetricCredential{
-				ServiceName:       "service name",
-				MetricCredentials: authorization,
-			}},
-		}},
-	}})
-}
-
-func (s *registrationSuite) TestMeteredCharmNoDefaultPlan(c *gc.C) {
-	s.stub.SetErrors(nil, errors.NotFoundf("default plan"))
-	s.register = &RegisterMeteredCharm{
-		AllocationSpec: "personal:100",
-		RegisterURL:    s.server.URL,
-		QueryURL:       s.server.URL}
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, gc.ErrorMatches, `cs:quantal/metered-1 has no default plan. Try "juju deploy --plan <plan-name> with one of thisplan, thisotherplan"`)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/metered-1"}},
-	}, {
-		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
-	}, {
-		"ListPlans", []interface{}{"cs:quantal/metered-1"},
-	}})
-}
-
-func (s *registrationSuite) TestMeteredCharmFailToQueryDefaultCharm(c *gc.C) {
-	s.stub.SetErrors(nil, errors.New("something failed"))
-	s.register = &RegisterMeteredCharm{
-		AllocationSpec: "personal:100",
-		RegisterURL:    s.server.URL,
-		QueryURL:       s.server.URL}
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, gc.ErrorMatches, `failed to query default plan:.*`)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/metered-1"}},
-	}, {
-		"DefaultPlan", []interface{}{"cs:quantal/metered-1"},
-	}})
-}
-
-func (s *registrationSuite) TestUnmeteredCharm(c *gc.C) {
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/unmetered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, jc.ErrorIsNil)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/unmetered-1"}},
-	}})
-	s.stub.ResetCalls()
-	err = s.register.RunPost(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d, nil)
-	c.Assert(err, jc.ErrorIsNil)
-	s.stub.CheckCalls(c, []testing.StubCall{})
-}
-
-func (s *registrationSuite) TestFailedAuth(c *gc.C) {
-	s.stub.SetErrors(nil, fmt.Errorf("could not authorize"))
-	client := httpbakery.NewClient()
-	d := DeploymentInfo{
-		CharmID: charmstore.CharmID{
-			URL: charm.MustParseURL("cs:quantal/metered-1"),
-		},
-		ServiceName: "service name",
-		ModelUUID:   "model uuid",
-	}
-	err := s.register.RunPre(&mockAPIConnection{Stub: s.stub}, client, s.ctx, d)
-	c.Assert(err, gc.ErrorMatches, `authorization failed:.*`)
-	authorization, err := json.Marshal([]byte("hello registration"))
-	authorization = append(authorization, byte(0xa))
-	c.Assert(err, jc.ErrorIsNil)
-	s.stub.CheckCalls(c, []testing.StubCall{{
-		"APICall", []interface{}{"Charms", "IsMetered", params.CharmInfo{CharmURL: "cs:quantal/metered-1"}},
-	}, {
-		"Authorize", []interface{}{metricRegistrationPost{
-			ModelUUID:   "model uuid",
-			CharmURL:    "cs:quantal/metered-1",
-			ServiceName: "service name",
-			PlanURL:     "someplan",
-			Budget:      "personal",
-			Limit:       "100",
-		}},
-	}})
-}
-
-type testMetricsRegistrationHandler struct {
-	*testing.Stub
-}
-
-type respErr struct {
-	Error string `json:"error"`
-}
-
-// ServeHTTP implements http.Handler.
-func (c *testMetricsRegistrationHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	if req.Method == "POST" {
-		var registrationPost metricRegistrationPost
-		decoder := json.NewDecoder(req.Body)
-		err := decoder.Decode(&registrationPost)
-		if err != nil {
-			http.Error(w, "bad request", http.StatusBadRequest)
-			return
-		}
-		c.AddCall("Authorize", registrationPost)
-		rErr := c.NextErr()
-		if rErr != nil {
-			w.WriteHeader(http.StatusInternalServerError)
-			err = json.NewEncoder(w).Encode(respErr{Error: rErr.Error()})
-			if err != nil {
-				panic(err)
-			}
-			return
-		}
-		err = json.NewEncoder(w).Encode([]byte("hello registration"))
-		if err != nil {
-			panic(err)
-		}
-	} else if req.Method == "GET" {
-		if req.URL.Path == "/default" {
-			cURL := req.URL.Query().Get("charm-url")
-			c.AddCall("DefaultPlan", cURL)
-			rErr := c.NextErr()
-			if rErr != nil {
-				if errors.IsNotFound(rErr) {
-					http.Error(w, rErr.Error(), http.StatusNotFound)
-					return
-				}
-				http.Error(w, rErr.Error(), http.StatusInternalServerError)
-				return
-			}
-			result := struct {
-				URL string `json:"url"`
-			}{"thisplan"}
-			err := json.NewEncoder(w).Encode(result)
-			if err != nil {
-				panic(err)
-			}
-			return
-		}
-		cURL := req.URL.Query().Get("charm-url")
-		c.AddCall("ListPlans", cURL)
-		rErr := c.NextErr()
-		if rErr != nil {
-			http.Error(w, rErr.Error(), http.StatusInternalServerError)
-			return
-		}
-		result := []struct {
-			URL string `json:"url"`
-		}{
-			{"thisplan"},
-			{"thisotherplan"},
-		}
-		err := json.NewEncoder(w).Encode(result)
-		if err != nil {
-			panic(err)
-		}
-	} else {
-		http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
-		return
-	}
-}
-
-type mockAPIConnection struct {
-	api.Connection
-	*testing.Stub
-}
-
-func (*mockAPIConnection) BestFacadeVersion(facade string) int {
-	return 42
-}
-
-func (*mockAPIConnection) Close() error {
-	return nil
-}
-
-func (m *mockAPIConnection) APICall(objType string, version int, id, request string, parameters, response interface{}) error {
-	m.MethodCall(m, "APICall", objType, request, parameters)
-
-	switch request {
-	case "IsMetered":
-		parameters := parameters.(params.CharmInfo)
-		response := response.(*params.IsMeteredResult)
-		if parameters.CharmURL == "cs:quantal/metered-1" || parameters.CharmURL == "local:quantal/metered-1" {
-			response.Metered = true
-		}
-	case "SetMetricCredentials":
-		response := response.(*params.ErrorResults)
-		response.Results = append(response.Results, params.ErrorResult{Error: nil})
-	}
-	return m.NextErr()
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removerelation.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removerelation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removerelation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removerelation.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,91 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-var helpSummary = `
-Removes an existing relation between two services.`[1:]
-
-var helpDetails = `
-An existing relation between the two specified services will be removed. 
-This should not result in either of the services entering an error state,
-but may result in either or both of the services being unable to continue
-normal operation. In the case that there is more than one relation between
-two services it is necessary to specify which is to be removed (see
-examples). Relations will automatically be removed when using the`[1:] + "`juju\nremove-service`" + ` command.
-
-Examples:
-    juju remove-relation mysql wordpress
-
-In the case of multiple relations, the relation name should be specified
-at least once - the following examples will all have the same effect:
-
-    juju remove-relation mediawiki:db mariadb:db
-    juju remove-relation mediawiki mariadb:db
-    juju remove-relation mediawiki:db mariadb
- 
-See also: 
-    add-relation
-    remove-service`
-
-// NewRemoveRelationCommand returns a command to remove a relation between 2 services.
-func NewRemoveRelationCommand() cmd.Command {
-	return modelcmd.Wrap(&removeRelationCommand{})
-}
-
-// removeRelationCommand causes an existing service relation to be shut down.
-type removeRelationCommand struct {
-	modelcmd.ModelCommandBase
-	Endpoints []string
-}
-
-func (c *removeRelationCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "remove-relation",
-		Args:    "<service1>[:<relation name1>] <service2>[:<relation name2>]",
-		Purpose: helpSummary,
-		Doc:     helpDetails,
-		Aliases: []string{"destroy-relation"},
-	}
-}
-
-func (c *removeRelationCommand) Init(args []string) error {
-	if len(args) != 2 {
-		return fmt.Errorf("a relation must involve two services")
-	}
-	c.Endpoints = args
-	return nil
-}
-
-type serviceDestroyRelationAPI interface {
-	Close() error
-	DestroyRelation(endpoints ...string) error
-}
-
-func (c *removeRelationCommand) getAPI() (serviceDestroyRelationAPI, error) {
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiservice.NewClient(root), nil
-}
-
-func (c *removeRelationCommand) Run(_ *cmd.Context) error {
-	client, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-	return block.ProcessBlockedError(client.DestroyRelation(c.Endpoints...), block.BlockRemove)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removerelation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removerelation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removerelation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removerelation_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/juju/common"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/rpc"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-)
-
-type RemoveRelationSuite struct {
-	jujutesting.RepoSuite
-	common.CmdBlockHelper
-}
-
-func (s *RemoveRelationSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-}
-
-var _ = gc.Suite(&RemoveRelationSuite{})
-
-func runRemoveRelation(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, NewRemoveRelationCommand(), args...)
-	return err
-}
-
-func (s *RemoveRelationSuite) setupRelationForRemove(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
-	err := runDeploy(c, ch, "riak", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	ch = testcharms.Repo.CharmArchivePath(s.CharmsPath, "logging")
-	err = runDeploy(c, ch, "logging", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	runAddRelation(c, "riak", "logging")
-}
-
-func (s *RemoveRelationSuite) TestRemoveRelation(c *gc.C) {
-	s.setupRelationForRemove(c)
-
-	// Destroy a relation that exists.
-	err := runRemoveRelation(c, "logging", "riak")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Destroy a relation that used to exist.
-	err = runRemoveRelation(c, "riak", "logging")
-	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-		Message: `relation "logging:info riak:juju-info" not found`,
-		Code:    "not found",
-	})
-
-	// Invalid removes.
-	err = runRemoveRelation(c, "ping", "pong")
-	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-		Message: `service "ping" not found`,
-		Code:    "not found",
-	})
-	err = runRemoveRelation(c, "riak")
-	c.Assert(err, gc.ErrorMatches, `a relation must involve two services`)
-}
-
-func (s *RemoveRelationSuite) TestBlockRemoveRelation(c *gc.C) {
-	s.setupRelationForRemove(c)
-
-	// block operation
-	s.BlockRemoveObject(c, "TestBlockRemoveRelation")
-	// Destroy a relation that exists.
-	err := runRemoveRelation(c, "logging", "riak")
-	s.AssertBlocked(c, err, ".*TestBlockRemoveRelation.*")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeservice.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeservice.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeservice.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeservice.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,153 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"github.com/juju/romulus/api/budget"
-	wireformat "github.com/juju/romulus/wireformat/budget"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-
-	"github.com/juju/juju/api/charms"
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-// NewRemoveServiceCommand returns a command which removes a service.
-func NewRemoveServiceCommand() cmd.Command {
-	return modelcmd.Wrap(&removeServiceCommand{})
-}
-
-// removeServiceCommand causes an existing service to be destroyed.
-type removeServiceCommand struct {
-	modelcmd.ModelCommandBase
-	ServiceName string
-}
-
-var helpSummaryRmSvc = `
-Remove a service from the model.`[1:]
-
-var helpDetailsRmSvc = `
-Removing a service will terminate any relations that service has, remove
-all units of the service, and in the case that this leaves machines with
-no running services, Juju will also remove the machine. For this reason,
-you should retrieve any logs or data required from services and units 
-before removing them. Removing units which are co-located with units of
-other charms or a Juju controller will not result in the removal of the
-machine.
-
-Examples:
-    juju remove-service hadoop
-    juju remove-service -m test-model mariadb`[1:]
-
-func (c *removeServiceCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "remove-service",
-		Args:    "<service>",
-		Purpose: helpSummaryRmSvc,
-		Doc:     helpDetailsRmSvc,
-		Aliases: []string{"destroy-service"},
-	}
-}
-
-func (c *removeServiceCommand) Init(args []string) error {
-	if len(args) == 0 {
-		return fmt.Errorf("no service specified")
-	}
-	if !names.IsValidService(args[0]) {
-		return fmt.Errorf("invalid service name %q", args[0])
-	}
-	c.ServiceName, args = args[0], args[1:]
-	return cmd.CheckEmpty(args)
-}
-
-type ServiceAPI interface {
-	Close() error
-	Destroy(serviceName string) error
-	DestroyUnits(unitNames ...string) error
-	GetCharmURL(serviceName string) (*charm.URL, error)
-	ModelUUID() string
-}
-
-func (c *removeServiceCommand) getAPI() (ServiceAPI, error) {
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiservice.NewClient(root), nil
-}
-
-func (c *removeServiceCommand) Run(ctx *cmd.Context) error {
-	client, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-	err = block.ProcessBlockedError(client.Destroy(c.ServiceName), block.BlockRemove)
-	if err != nil {
-		return err
-	}
-	return c.removeAllocation(ctx)
-}
-
-func (c *removeServiceCommand) removeAllocation(ctx *cmd.Context) error {
-	client, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	charmURL, err := client.GetCharmURL(c.ServiceName)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	if charmURL.Schema == "local" {
-		return nil
-	}
-
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	charmsClient := charms.NewClient(root)
-	metered, err := charmsClient.IsMetered(charmURL.String())
-	if err != nil {
-		return errors.Trace(err)
-	}
-	if !metered {
-		return nil
-	}
-
-	modelUUID := client.ModelUUID()
-	bakeryClient, err := c.BakeryClient()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	budgetClient := getBudgetAPIClient(bakeryClient)
-
-	resp, err := budgetClient.DeleteAllocation(modelUUID, c.ServiceName)
-	if wireformat.IsNotAvail(err) {
-		fmt.Fprintf(ctx.Stdout, "WARNING: Allocation not removed - %s.\n", err.Error())
-	} else if err != nil {
-		return err
-	}
-	if resp != "" {
-		fmt.Fprintf(ctx.Stdout, "%s\n", resp)
-	}
-	return nil
-}
-
-var getBudgetAPIClient = getBudgetAPIClientImpl
-
-func getBudgetAPIClientImpl(bakeryClient *httpbakery.Client) budgetAPIClient {
-	return budget.NewClient(bakeryClient)
-}
-
-type budgetAPIClient interface {
-	DeleteAllocation(string, string) (string, error)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeservice_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeservice_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeservice_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeservice_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,155 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-
-	"github.com/juju/juju/cmd/juju/common"
-	"github.com/juju/juju/cmd/modelcmd"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/rpc"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-	jutesting "github.com/juju/testing"
-)
-
-type RemoveServiceSuite struct {
-	jujutesting.RepoSuite
-	common.CmdBlockHelper
-	stub            *jutesting.Stub
-	budgetAPIClient budgetAPIClient
-}
-
-var _ = gc.Suite(&RemoveServiceSuite{})
-
-func (s *RemoveServiceSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-	s.stub = &jutesting.Stub{}
-	s.budgetAPIClient = &mockBudgetAPIClient{Stub: s.stub}
-	s.PatchValue(&getBudgetAPIClient, func(*httpbakery.Client) budgetAPIClient { return s.budgetAPIClient })
-}
-
-func runRemoveService(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, NewRemoveServiceCommand(), args...)
-	return err
-}
-
-func (s *RemoveServiceSuite) setupTestService(c *gc.C) {
-	// Destroy a service that exists.
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "riak")
-	err := runDeploy(c, ch, "riak", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *RemoveServiceSuite) TestSuccess(c *gc.C) {
-	s.setupTestService(c)
-	err := runRemoveService(c, "riak")
-	c.Assert(err, jc.ErrorIsNil)
-	riak, err := s.State.Service("riak")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(riak.Life(), gc.Equals, state.Dying)
-	s.stub.CheckNoCalls(c)
-}
-
-func (s *RemoveServiceSuite) TestRemoveLocalMetered(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "metered")
-	deploy := &DeployCommand{}
-	_, err := testing.RunCommand(c, modelcmd.Wrap(deploy), ch, "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	err = runRemoveService(c, "metered")
-	c.Assert(err, jc.ErrorIsNil)
-	riak, err := s.State.Service("metered")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(riak.Life(), gc.Equals, state.Dying)
-	s.stub.CheckNoCalls(c)
-}
-
-func (s *RemoveServiceSuite) TestBlockRemoveService(c *gc.C) {
-	s.setupTestService(c)
-
-	// block operation
-	s.BlockRemoveObject(c, "TestBlockRemoveService")
-	err := runRemoveService(c, "riak")
-	s.AssertBlocked(c, err, ".*TestBlockRemoveService.*")
-	riak, err := s.State.Service("riak")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(riak.Life(), gc.Equals, state.Alive)
-	s.stub.CheckNoCalls(c)
-}
-
-func (s *RemoveServiceSuite) TestFailure(c *gc.C) {
-	// Destroy a service that does not exist.
-	err := runRemoveService(c, "gargleblaster")
-	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-		Message: `service "gargleblaster" not found`,
-		Code:    "not found",
-	})
-	s.stub.CheckNoCalls(c)
-}
-
-func (s *RemoveServiceSuite) TestInvalidArgs(c *gc.C) {
-	err := runRemoveService(c)
-	c.Assert(err, gc.ErrorMatches, `no service specified`)
-	err = runRemoveService(c, "ping", "pong")
-	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["pong"\]`)
-	err = runRemoveService(c, "invalid:name")
-	c.Assert(err, gc.ErrorMatches, `invalid service name "invalid:name"`)
-	s.stub.CheckNoCalls(c)
-}
-
-type RemoveCharmStoreCharmsSuite struct {
-	charmStoreSuite
-	stub            *jutesting.Stub
-	ctx             *cmd.Context
-	budgetAPIClient budgetAPIClient
-}
-
-var _ = gc.Suite(&RemoveCharmStoreCharmsSuite{})
-
-func (s *RemoveCharmStoreCharmsSuite) SetUpTest(c *gc.C) {
-	s.charmStoreSuite.SetUpTest(c)
-
-	s.ctx = testing.Context(c)
-	s.stub = &jutesting.Stub{}
-	s.budgetAPIClient = &mockBudgetAPIClient{Stub: s.stub}
-	s.PatchValue(&getBudgetAPIClient, func(*httpbakery.Client) budgetAPIClient { return s.budgetAPIClient })
-
-	testcharms.UploadCharm(c, s.client, "cs:quantal/metered-1", "metered")
-	deploy := &DeployCommand{}
-	_, err := testing.RunCommand(c, modelcmd.Wrap(deploy), "cs:quantal/metered-1")
-	c.Assert(err, jc.ErrorIsNil)
-
-}
-
-func (s *RemoveCharmStoreCharmsSuite) TestRemoveAllocation(c *gc.C) {
-	err := runRemoveService(c, "metered")
-	c.Assert(err, jc.ErrorIsNil)
-	s.stub.CheckCalls(c, []jutesting.StubCall{{
-		"DeleteAllocation", []interface{}{testing.ModelTag.Id(), "metered"}}})
-}
-
-type mockBudgetAPIClient struct {
-	*jutesting.Stub
-}
-
-// CreateAllocation implements apiClient.
-func (c *mockBudgetAPIClient) CreateAllocation(budget, limit, model string, services []string) (string, error) {
-	c.MethodCall(c, "CreateAllocation", budget, limit, model, services)
-	return "Allocation created.", c.NextErr()
-}
-
-// DeleteAllocation implements apiClient.
-func (c *mockBudgetAPIClient) DeleteAllocation(model, service string) (string, error) {
-	c.MethodCall(c, "DeleteAllocation", model, service)
-	return "Allocation removed.", c.NextErr()
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeunit.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeunit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeunit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeunit.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/names"
-
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-// NewRemoveUnitCommand returns a command which removes a service's units.
-func NewRemoveUnitCommand() cmd.Command {
-	return modelcmd.Wrap(&removeUnitCommand{})
-}
-
-// removeUnitCommand is responsible for destroying service units.
-type removeUnitCommand struct {
-	modelcmd.ModelCommandBase
-	UnitNames []string
-}
-
-const removeUnitDoc = `
-Remove service units from the model.
-
-If this is the only unit running, the machine on which
-the unit is hosted will also be destroyed, if possible.
-The machine will be destroyed if:
-- it is not a controller
-- it is not hosting any Juju managed containers
-`
-
-func (c *removeUnitCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "remove-unit",
-		Args:    "<unit> [...]",
-		Purpose: "remove service units from the model",
-		Doc:     removeUnitDoc,
-		Aliases: []string{"destroy-unit"},
-	}
-}
-
-func (c *removeUnitCommand) Init(args []string) error {
-	c.UnitNames = args
-	if len(c.UnitNames) == 0 {
-		return fmt.Errorf("no units specified")
-	}
-	for _, name := range c.UnitNames {
-		if !names.IsValidUnit(name) {
-			return fmt.Errorf("invalid unit name %q", name)
-		}
-	}
-	return nil
-}
-
-func (c *removeUnitCommand) getAPI() (ServiceAPI, error) {
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiservice.NewClient(root), nil
-}
-
-// Run connects to the environment specified on the command line and destroys
-// units therein.
-func (c *removeUnitCommand) Run(_ *cmd.Context) error {
-	client, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-	return block.ProcessBlockedError(client.DestroyUnits(c.UnitNames...), block.BlockRemove)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeunit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeunit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/removeunit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/removeunit_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,68 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/series"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/cmd/juju/common"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-)
-
-type RemoveUnitSuite struct {
-	jujutesting.RepoSuite
-	common.CmdBlockHelper
-}
-
-func (s *RemoveUnitSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-}
-
-var _ = gc.Suite(&RemoveUnitSuite{})
-
-func runRemoveUnit(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, NewRemoveUnitCommand(), args...)
-	return err
-}
-
-func (s *RemoveUnitSuite) setupUnitForRemove(c *gc.C) *state.Service {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, "-n", "2", ch, "dummy", "--series", series.LatestLts())
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL(fmt.Sprintf("local:%s/dummy-1", series.LatestLts()))
-	svc, _ := s.AssertService(c, "dummy", curl, 2, 0)
-	return svc
-}
-
-func (s *RemoveUnitSuite) TestRemoveUnit(c *gc.C) {
-	svc := s.setupUnitForRemove(c)
-
-	err := runRemoveUnit(c, "dummy/0", "dummy/1", "dummy/2", "sillybilly/17")
-	c.Assert(err, gc.ErrorMatches, `some units were not destroyed: unit "dummy/2" does not exist; unit "sillybilly/17" does not exist`)
-	units, err := svc.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	for _, u := range units {
-		c.Assert(u.Life(), gc.Equals, state.Dying)
-	}
-}
-func (s *RemoveUnitSuite) TestBlockRemoveUnit(c *gc.C) {
-	svc := s.setupUnitForRemove(c)
-
-	// block operation
-	s.BlockRemoveObject(c, "TestBlockRemoveUnit")
-	err := runRemoveUnit(c, "dummy/0", "dummy/1")
-	s.AssertBlocked(c, err, ".*TestBlockRemoveUnit.*")
-	c.Assert(svc.Life(), gc.Equals, state.Alive)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/service.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/service.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,11 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/loggo"
-)
-
-// Logger for all commands in the service package
-var logger = loggo.GetLogger("juju.cmd.juju.service")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/set.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/set.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/set.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/set.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,213 +0,0 @@
-// Copyright 2012-2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"strings"
-	"unicode/utf8"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/utils/keyvalues"
-	"launchpad.net/gnuflag"
-
-	"github.com/juju/juju/api/service"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-// NewSetCommand returns a command used to set service attributes.
-func NewSetCommand() cmd.Command {
-	return modelcmd.Wrap(&setCommand{})
-}
-
-// setCommand updates the configuration of a service.
-type setCommand struct {
-	modelcmd.ModelCommandBase
-	ServiceName     string
-	SettingsStrings map[string]string
-	Options         []string
-	SettingsYAML    cmd.FileVar
-	SetDefault      bool
-	serviceApi      serviceAPI
-}
-
-var usageSetConfigSummary = `
-Sets configuration options for a service.`[1:]
-
-var usageSetConfigDetails = `
-Charms may, and frequently do, expose a number of configuration settings
-for a service to the user. These can be set at deploy time, but may be set
-at any time by using the `[1:] + "`juju set-config`" + ` command. The actual options
-vary per charm (you can check the charm documentation, or use ` + "`juju get-\nconfig`" +
-	` to check which options may be set).
-If ‘value’ begins with the ‘@’ character, it is interpreted as a filename
-and the actual value is read from it. The maximum size of the filename is
-5M.
-Values may be any UTF-8 encoded string. UTF-8 is accepted on the command
-line and in referenced files.
-See ` + "`juju status`" + ` for service names.
-
-Examples:
-    juju set-config mysql dataset-size=80% backup_dir=/vol1/mysql/backups
-    juju set-config apache2 --model mymodel --config /home/ubuntu/mysql.yaml
-
-See also: 
-    get-config
-    deploy
-    status`
-
-const maxValueSize = 5242880
-
-// Info implements Command.Info.
-func (c *setCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "set-config",
-		Args:    "<service name> <service key>=<value> ...",
-		Purpose: usageSetConfigSummary,
-		Doc:     usageSetConfigDetails,
-		Aliases: []string{"set-configs"},
-	}
-}
-
-// SetFlags implements Command.SetFlags.
-func (c *setCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.Var(&c.SettingsYAML, "config", "path to yaml-formatted service config")
-	f.BoolVar(&c.SetDefault, "to-default", false, "set service option values to default")
-}
-
-// Init implements Command.Init.
-func (c *setCommand) Init(args []string) error {
-	if len(args) == 0 || len(strings.Split(args[0], "=")) > 1 {
-		return errors.New("no service name specified")
-	}
-	if c.SettingsYAML.Path != "" && len(args) > 1 {
-		return errors.New("cannot specify --config when using key=value arguments")
-	}
-	c.ServiceName = args[0]
-	if c.SetDefault {
-		c.Options = args[1:]
-		if len(c.Options) == 0 {
-			return errors.New("no configuration options specified")
-		}
-		return nil
-	}
-	settings, err := keyvalues.Parse(args[1:], true)
-	if err != nil {
-		return err
-	}
-	c.SettingsStrings = settings
-	return nil
-}
-
-// serviceAPI defines the methods on the client API
-// that the service set command calls.
-type serviceAPI interface {
-	Close() error
-	Update(args params.ServiceUpdate) error
-	Get(service string) (*params.ServiceGetResults, error)
-	Set(service string, options map[string]string) error
-	Unset(service string, options []string) error
-}
-
-func (c *setCommand) getServiceAPI() (serviceAPI, error) {
-	if c.serviceApi != nil {
-		return c.serviceApi, nil
-	}
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return service.NewClient(root), nil
-}
-
-// Run updates the configuration of a service.
-func (c *setCommand) Run(ctx *cmd.Context) error {
-	apiclient, err := c.getServiceAPI()
-	if err != nil {
-		return err
-	}
-	defer apiclient.Close()
-
-	if c.SettingsYAML.Path != "" {
-		b, err := c.SettingsYAML.Read(ctx)
-		if err != nil {
-			return err
-		}
-		return block.ProcessBlockedError(apiclient.Update(params.ServiceUpdate{
-			ServiceName:  c.ServiceName,
-			SettingsYAML: string(b),
-		}), block.BlockChange)
-	} else if c.SetDefault {
-		return block.ProcessBlockedError(apiclient.Unset(c.ServiceName, c.Options), block.BlockChange)
-	} else if len(c.SettingsStrings) == 0 {
-		return nil
-	}
-	settings := map[string]string{}
-	for k, v := range c.SettingsStrings {
-		//empty string is also valid as a setting value
-		if v == "" {
-			settings[k] = v
-			continue
-		}
-
-		if v[0] != '@' {
-			if !utf8.ValidString(v) {
-				return fmt.Errorf("value for option %q contains non-UTF-8 sequences", k)
-			}
-			settings[k] = v
-			continue
-		}
-		nv, err := readValue(ctx, v[1:])
-		if err != nil {
-			return err
-		}
-		if !utf8.ValidString(nv) {
-			return fmt.Errorf("value for option %q contains non-UTF-8 sequences", k)
-		}
-		settings[k] = nv
-	}
-
-	result, err := apiclient.Get(c.ServiceName)
-	if err != nil {
-		return err
-	}
-
-	for k, v := range settings {
-		configValue := result.Config[k]
-
-		configValueMap, ok := configValue.(map[string]interface{})
-		if ok {
-			// convert the value to string and compare
-			if fmt.Sprintf("%v", configValueMap["value"]) == v {
-				logger.Warningf("the configuration setting %q already has the value %q", k, v)
-			}
-		}
-	}
-
-	return block.ProcessBlockedError(apiclient.Set(c.ServiceName, settings), block.BlockChange)
-}
-
-// readValue reads the value of an option out of the named file.
-// An empty content is valid, like in parsing the options. The upper
-// size is 5M.
-func readValue(ctx *cmd.Context, filename string) (string, error) {
-	absFilename := ctx.AbsPath(filename)
-	fi, err := os.Stat(absFilename)
-	if err != nil {
-		return "", fmt.Errorf("cannot read option from file %q: %v", filename, err)
-	}
-	if fi.Size() > maxValueSize {
-		return "", fmt.Errorf("size of option file is larger than 5M")
-	}
-	content, err := ioutil.ReadFile(ctx.AbsPath(filename))
-	if err != nil {
-		return "", fmt.Errorf("cannot read option from file %q: %v", filename, err)
-	}
-	return string(content), nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/set_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/set_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/set_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/set_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,234 +0,0 @@
-// Copyright 2012-2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"bytes"
-	"io/ioutil"
-	"os"
-	"strings"
-	"unicode/utf8"
-
-	"github.com/juju/cmd"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/apiserver/common"
-	"github.com/juju/juju/cmd/juju/service"
-	coretesting "github.com/juju/juju/testing"
-)
-
-type SetSuite struct {
-	coretesting.FakeJujuXDGDataHomeSuite
-	dir            string
-	fakeServiceAPI *fakeServiceAPI
-}
-
-var _ = gc.Suite(&SetSuite{})
-
-var (
-	validSetTestValue   = "a value with spaces\nand newline\nand UTF-8 characters: \U0001F604 / \U0001F44D"
-	invalidSetTestValue = "a value with an invalid UTF-8 sequence: " + string([]byte{0xFF, 0xFF})
-	yamlConfigValue     = "dummy-service:\n  skill-level: 9000\n  username: admin001\n\n"
-)
-
-func (s *SetSuite) SetUpTest(c *gc.C) {
-	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
-	s.fakeServiceAPI = &fakeServiceAPI{serviceName: "dummy-service"}
-
-	s.dir = c.MkDir()
-	c.Assert(utf8.ValidString(validSetTestValue), jc.IsTrue)
-	c.Assert(utf8.ValidString(invalidSetTestValue), jc.IsFalse)
-	setupValueFile(c, s.dir, "valid.txt", validSetTestValue)
-	setupValueFile(c, s.dir, "invalid.txt", invalidSetTestValue)
-	setupBigFile(c, s.dir)
-	setupConfigFile(c, s.dir)
-}
-
-func (s *SetSuite) TestSetCommandInit(c *gc.C) {
-	// missing args
-	err := coretesting.InitCommand(service.NewSetCommandForTest(s.fakeServiceAPI), []string{})
-	c.Assert(err, gc.ErrorMatches, "no service name specified")
-
-	// missing service name
-	err = coretesting.InitCommand(service.NewSetCommandForTest(s.fakeServiceAPI), []string{"name=foo"})
-	c.Assert(err, gc.ErrorMatches, "no service name specified")
-
-	// --config path, but no service
-	err = coretesting.InitCommand(service.NewSetCommandForTest(s.fakeServiceAPI), []string{"--config", "testconfig.yaml"})
-	c.Assert(err, gc.ErrorMatches, "no service name specified")
-
-	// --config and options specified
-	err = coretesting.InitCommand(service.NewSetCommandForTest(s.fakeServiceAPI), []string{"service", "--config", "testconfig.yaml", "bees="})
-	c.Assert(err, gc.ErrorMatches, "cannot specify --config when using key=value arguments")
-
-	// --to-default and no config name provided
-	err = coretesting.InitCommand(service.NewSetCommandForTest(s.fakeServiceAPI), []string{"service", "--to-default"})
-	c.Assert(err, gc.ErrorMatches, "no configuration options specified")
-
-}
-
-func (s *SetSuite) TestSetOptionSuccess(c *gc.C) {
-	s.assertSetSuccess(c, s.dir, []string{
-		"username=hello",
-		"outlook=hello@world.tld",
-	}, map[string]interface{}{
-		"username": "hello",
-		"outlook":  "hello@world.tld",
-	})
-	s.assertSetSuccess(c, s.dir, []string{
-		"username=hello=foo",
-	}, map[string]interface{}{
-		"username": "hello=foo",
-		"outlook":  "hello@world.tld",
-	})
-	s.assertSetSuccess(c, s.dir, []string{
-		"username=@valid.txt",
-	}, map[string]interface{}{
-		"username": validSetTestValue,
-		"outlook":  "hello@world.tld",
-	})
-	s.assertSetSuccess(c, s.dir, []string{
-		"username=",
-	}, map[string]interface{}{
-		"username": "",
-		"outlook":  "hello@world.tld",
-	})
-}
-
-func (s *SetSuite) TestSetSameValue(c *gc.C) {
-	s.assertSetSuccess(c, s.dir, []string{
-		"username=hello",
-		"outlook=hello@world.tld",
-	}, map[string]interface{}{
-		"username": "hello",
-		"outlook":  "hello@world.tld",
-	})
-	s.assertSetWarning(c, s.dir, []string{
-		"username=hello",
-	}, "the configuration setting \"username\" already has the value \"hello\"")
-	s.assertSetWarning(c, s.dir, []string{
-		"outlook=hello@world.tld",
-	}, "the configuration setting \"outlook\" already has the value \"hello@world.tld\"")
-
-}
-
-func (s *SetSuite) TestSetOptionFail(c *gc.C) {
-	s.assertSetFail(c, s.dir, []string{"foo", "bar"}, "error: expected \"key=value\", got \"foo\"\n")
-	s.assertSetFail(c, s.dir, []string{"=bar"}, "error: expected \"key=value\", got \"=bar\"\n")
-	s.assertSetFail(c, s.dir, []string{
-		"username=@missing.txt",
-	}, "error: cannot read option from file \"missing.txt\": .* "+utils.NoSuchFileErrRegexp+"\n")
-	s.assertSetFail(c, s.dir, []string{
-		"username=@big.txt",
-	}, "error: size of option file is larger than 5M\n")
-	s.assertSetFail(c, s.dir, []string{
-		"username=@invalid.txt",
-	}, "error: value for option \"username\" contains non-UTF-8 sequences\n")
-}
-
-func (s *SetSuite) TestSetConfig(c *gc.C) {
-	s.assertSetFail(c, s.dir, []string{
-		"--config",
-		"missing.yaml",
-	}, "error.* "+utils.NoSuchFileErrRegexp+"\n")
-
-	ctx := coretesting.ContextForDir(c, s.dir)
-	code := cmd.Main(service.NewSetCommandForTest(s.fakeServiceAPI), ctx, []string{
-		"dummy-service",
-		"--config",
-		"testconfig.yaml"})
-
-	c.Check(code, gc.Equals, 0)
-	c.Check(s.fakeServiceAPI.config, gc.Equals, yamlConfigValue)
-}
-
-func (s *SetSuite) TestSetConfigToDefault(c *gc.C) {
-	s.fakeServiceAPI = &fakeServiceAPI{serviceName: "dummy-service", values: map[string]interface{}{
-		"username": "hello",
-	}}
-	s.assertSetSuccess(c, s.dir, []string{
-		"--to-default",
-		"username",
-	}, make(map[string]interface{}))
-}
-
-func (s *SetSuite) TestBlockSetConfig(c *gc.C) {
-	// Block operation
-	s.fakeServiceAPI.err = common.OperationBlockedError("TestBlockSetConfig")
-	ctx := coretesting.ContextForDir(c, s.dir)
-	code := cmd.Main(service.NewSetCommandForTest(s.fakeServiceAPI), ctx, []string{
-		"dummy-service",
-		"--config",
-		"testconfig.yaml"})
-	c.Check(code, gc.Equals, 1)
-	// msg is logged
-	stripped := strings.Replace(c.GetTestLog(), "\n", "", -1)
-	c.Check(stripped, gc.Matches, ".*TestBlockSetConfig.*")
-}
-
-// assertSetSuccess sets configuration options and checks the expected settings.
-func (s *SetSuite) assertSetSuccess(c *gc.C, dir string, args []string, expect map[string]interface{}) {
-	ctx := coretesting.ContextForDir(c, dir)
-	code := cmd.Main(service.NewSetCommandForTest(s.fakeServiceAPI), ctx, append([]string{"dummy-service"}, args...))
-	c.Assert(code, gc.Equals, 0)
-}
-
-// assertSetFail sets configuration options and checks the expected error.
-func (s *SetSuite) assertSetFail(c *gc.C, dir string, args []string, err string) {
-	ctx := coretesting.ContextForDir(c, dir)
-	code := cmd.Main(service.NewSetCommandForTest(s.fakeServiceAPI), ctx, append([]string{"dummy-service"}, args...))
-	c.Check(code, gc.Not(gc.Equals), 0)
-	c.Assert(ctx.Stderr.(*bytes.Buffer).String(), gc.Matches, err)
-}
-
-func (s *SetSuite) assertSetWarning(c *gc.C, dir string, args []string, w string) {
-	ctx := coretesting.ContextForDir(c, dir)
-	code := cmd.Main(service.NewSetCommandForTest(s.fakeServiceAPI), ctx, append([]string{"dummy-service"}, args...))
-	c.Check(code, gc.Equals, 0)
-
-	c.Assert(strings.Replace(c.GetTestLog(), "\n", " ", -1), gc.Matches, ".*WARNING.*"+w+".*")
-}
-
-// setupValueFile creates a file containing one value for testing
-// set with name=@filename.
-func setupValueFile(c *gc.C, dir, filename, value string) string {
-	ctx := coretesting.ContextForDir(c, dir)
-	path := ctx.AbsPath(filename)
-	content := []byte(value)
-	err := ioutil.WriteFile(path, content, 0666)
-	c.Assert(err, jc.ErrorIsNil)
-	return path
-}
-
-// setupBigFile creates a too big file for testing
-// set with name=@filename.
-func setupBigFile(c *gc.C, dir string) string {
-	ctx := coretesting.ContextForDir(c, dir)
-	path := ctx.AbsPath("big.txt")
-	file, err := os.Create(path)
-	c.Assert(err, jc.ErrorIsNil)
-	defer file.Close()
-	chunk := make([]byte, 1024)
-	for i := 0; i < cap(chunk); i++ {
-		chunk[i] = byte(i % 256)
-	}
-	for i := 0; i < 6000; i++ {
-		_, err = file.Write(chunk)
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	return path
-}
-
-// setupConfigFile creates a configuration file for testing set
-// with the --config argument specifying a configuration file.
-func setupConfigFile(c *gc.C, dir string) string {
-	ctx := coretesting.ContextForDir(c, dir)
-	path := ctx.AbsPath("testconfig.yaml")
-	content := []byte(yamlConfigValue)
-	err := ioutil.WriteFile(path, content, 0666)
-	c.Assert(err, jc.ErrorIsNil)
-	return path
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/store.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/store.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/store.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/store.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,149 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"net/url"
-	"strings"
-
-	"github.com/juju/errors"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-	"gopkg.in/macaroon.v1"
-
-	"github.com/juju/juju/api"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/environs/config"
-)
-
-// maybeTermsAgreementError returns err as a *termsAgreementError
-// if it has a "terms agreement required" error code, otherwise
-// it returns err unchanged.
-func maybeTermsAgreementError(err error) error {
-	const code = "term agreement required"
-	e, ok := errors.Cause(err).(*httpbakery.DischargeError)
-	if !ok || e.Reason == nil || e.Reason.Code != code {
-		return err
-	}
-	magicMarker := code + ":"
-	index := strings.LastIndex(e.Reason.Message, magicMarker)
-	if index == -1 {
-		return err
-	}
-	return &termsRequiredError{strings.Fields(e.Reason.Message[index+len(magicMarker):])}
-}
-
-type termsRequiredError struct {
-	Terms []string
-}
-
-func (e *termsRequiredError) Error() string {
-	return fmt.Sprintf("please agree to terms %q", strings.Join(e.Terms, " "))
-}
-
-func isSeriesSupported(requestedSeries string, supportedSeries []string) bool {
-	for _, series := range supportedSeries {
-		if series == requestedSeries {
-			return true
-		}
-	}
-	return false
-}
-
-// charmURLResolver holds the information necessary to
-// resolve charm and bundle URLs.
-type charmURLResolver struct {
-	// store holds the repository to use for charmstore charms.
-	store *charmrepo.CharmStore
-
-	// conf holds the current model configuration.
-	conf *config.Config
-}
-
-func newCharmURLResolver(conf *config.Config, csClient *csclient.Client) *charmURLResolver {
-	r := &charmURLResolver{
-		store: charmrepo.NewCharmStoreFromClient(csClient),
-		conf:  conf,
-	}
-	return r
-}
-
-// TODO(ericsnow) Return charmstore.CharmID from resolve()?
-
-// resolve resolves the given given charm or bundle URL
-// string by looking it up in the charm store.
-// The given csParams will be used to access the charm store.
-//
-// It returns the fully resolved URL, any series supported by the entity,
-// and the store that holds it.
-func (r *charmURLResolver) resolve(urlStr string) (*charm.URL, csparams.Channel, []string, *charmrepo.CharmStore, error) {
-	var noChannel csparams.Channel
-	url, err := charm.ParseURL(urlStr)
-	if err != nil {
-		return nil, noChannel, nil, nil, errors.Trace(err)
-	}
-
-	if url.Schema != "cs" {
-		return nil, noChannel, nil, nil, errors.Errorf("unknown schema for charm URL %q", url)
-	}
-	charmStore := config.SpecializeCharmRepo(r.store, r.conf).(*charmrepo.CharmStore)
-
-	resultUrl, channel, supportedSeries, err := charmStore.ResolveWithChannel(url)
-	if err != nil {
-		return nil, noChannel, nil, nil, errors.Trace(err)
-	}
-	return resultUrl, channel, supportedSeries, charmStore, nil
-}
-
-// TODO(ericsnow) Return charmstore.CharmID from addCharmFromURL()?
-
-// addCharmFromURL calls the appropriate client API calls to add the
-// given charm URL to state. For non-public charm URLs, this function also
-// handles the macaroon authorization process using the given csClient.
-// The resulting charm URL of the added charm is displayed on stdout.
-func addCharmFromURL(client *api.Client, curl *charm.URL, channel csparams.Channel, csClient *csclient.Client) (*charm.URL, *macaroon.Macaroon, error) {
-	var csMac *macaroon.Macaroon
-	if err := client.AddCharm(curl, channel); err != nil {
-		if !params.IsCodeUnauthorized(err) {
-			return nil, nil, errors.Trace(err)
-		}
-		m, err := authorizeCharmStoreEntity(csClient, curl)
-		if err != nil {
-			return nil, nil, maybeTermsAgreementError(err)
-		}
-		if err := client.AddCharmWithAuthorization(curl, channel, m); err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-		csMac = m
-	}
-	return curl, csMac, nil
-}
-
-// newCharmStoreClient is called to obtain a charm store client.
-// It is defined as a variable so it can be changed for testing purposes.
-var newCharmStoreClient = func(client *httpbakery.Client) *csclient.Client {
-	return csclient.New(csclient.Params{
-		BakeryClient: client,
-	})
-}
-
-// TODO(natefinch): change the code in this file to use the
-// github.com/juju/juju/charmstore package to interact with the charmstore.
-
-// authorizeCharmStoreEntity acquires and return the charm store delegatable macaroon to be
-// used to add the charm corresponding to the given URL.
-// The macaroon is properly attenuated so that it can only be used to deploy
-// the given charm URL.
-func authorizeCharmStoreEntity(csClient *csclient.Client, curl *charm.URL) (*macaroon.Macaroon, error) {
-	endpoint := "/delegatable-macaroon?id=" + url.QueryEscape(curl.String())
-	var m *macaroon.Macaroon
-	if err := csClient.Get(endpoint, &m); err != nil {
-		return nil, errors.Trace(err)
-	}
-	return m, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/unexpose.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/unexpose.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/unexpose.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/unexpose.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,74 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/api/service"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-)
-
-var usageUnexposeSummary = `
-Removes public availability over the network for a service.`[1:]
-
-var usageUnexposeDetails = `
-Adjusts the firewall rules and any relevant security mechanisms of the
-cloud to deny public access to the service.
-A service is unexposed by default when it gets created.
-
-Examples:
-    juju unexpose wordpress
-
-See also: 
-    expose`[1:]
-
-// NewUnexposeCommand returns a command to unexpose services.
-func NewUnexposeCommand() cmd.Command {
-	return modelcmd.Wrap(&unexposeCommand{})
-}
-
-// unexposeCommand is responsible exposing services.
-type unexposeCommand struct {
-	modelcmd.ModelCommandBase
-	ServiceName string
-}
-
-func (c *unexposeCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "unexpose",
-		Args:    "<service name>",
-		Purpose: usageUnexposeSummary,
-		Doc:     usageUnexposeDetails,
-	}
-}
-
-func (c *unexposeCommand) Init(args []string) error {
-	if len(args) == 0 {
-		return errors.New("no service name specified")
-	}
-	c.ServiceName = args[0]
-	return cmd.CheckEmpty(args[1:])
-}
-
-func (c *unexposeCommand) getAPI() (serviceExposeAPI, error) {
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return service.NewClient(root), nil
-}
-
-// Run changes the juju-managed firewall to hide any
-// ports that were also explicitly marked by units as closed.
-func (c *unexposeCommand) Run(_ *cmd.Context) error {
-	client, err := c.getAPI()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-	return block.ProcessBlockedError(client.Unexpose(c.ServiceName), block.BlockChange)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/unexpose_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/unexpose_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/unexpose_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/unexpose_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,78 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/cmd/juju/common"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/rpc"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-)
-
-type UnexposeSuite struct {
-	jujutesting.RepoSuite
-	common.CmdBlockHelper
-}
-
-func (s *UnexposeSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-}
-
-var _ = gc.Suite(&UnexposeSuite{})
-
-func runUnexpose(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, NewUnexposeCommand(), args...)
-	return err
-}
-
-func (s *UnexposeSuite) assertExposed(c *gc.C, service string, expected bool) {
-	svc, err := s.State.Service(service)
-	c.Assert(err, jc.ErrorIsNil)
-	actual := svc.IsExposed()
-	c.Assert(actual, gc.Equals, expected)
-}
-
-func (s *UnexposeSuite) TestUnexpose(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "some-service-name", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "some-service-name", curl, 1, 0)
-
-	err = runExpose(c, "some-service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertExposed(c, "some-service-name", true)
-
-	err = runUnexpose(c, "some-service-name")
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertExposed(c, "some-service-name", false)
-
-	err = runUnexpose(c, "nonexistent-service")
-	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-		Message: `service "nonexistent-service" not found`,
-		Code:    "not found",
-	})
-}
-
-func (s *UnexposeSuite) TestBlockUnexpose(c *gc.C) {
-	ch := testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	err := runDeploy(c, ch, "some-service-name", "--series", "trusty")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := charm.MustParseURL("local:trusty/dummy-1")
-	s.AssertService(c, "some-service-name", curl, 1, 0)
-
-	// Block operation
-	s.BlockAllChanges(c, "TestBlockUnexpose")
-	err = runExpose(c, "some-service-name")
-	s.AssertBlocked(c, err, ".*TestBlockUnexpose.*")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/upgradecharm.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/upgradecharm.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/upgradecharm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/upgradecharm.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,389 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"os"
-	"path/filepath"
-
-	"github.com/juju/cmd"
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"gopkg.in/juju/charm.v6-unstable"
-	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/macaroon.v1"
-	"launchpad.net/gnuflag"
-
-	"github.com/juju/juju/api"
-	apiservice "github.com/juju/juju/api/service"
-	"github.com/juju/juju/charmstore"
-	"github.com/juju/juju/cmd/juju/block"
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/resource"
-	"github.com/juju/juju/resource/resourceadapters"
-)
-
-// NewUpgradeCharmCommand returns a command which upgrades service's charm.
-func NewUpgradeCharmCommand() cmd.Command {
-	return modelcmd.Wrap(&upgradeCharmCommand{})
-}
-
-// UpgradeCharm is responsible for upgrading a service's charm.
-type upgradeCharmCommand struct {
-	modelcmd.ModelCommandBase
-	ServiceName string
-	ForceUnits  bool
-	ForceSeries bool
-	SwitchURL   string
-	CharmPath   string
-	Revision    int // defaults to -1 (latest)
-	// Resources is a map of resource name to filename to be uploaded on upgrade.
-	Resources map[string]string
-
-	// Channel holds the charmstore channel to use when obtaining
-	// the charm to be upgraded to.
-	Channel csclientparams.Channel
-}
-
-const upgradeCharmDoc = `
-When no flags are set, the service's charm will be upgraded to the latest
-revision available in the repository from which it was originally deployed. An
-explicit revision can be chosen with the --revision flag.
-
-A path will need to be supplied to allow an updated copy of the charm
-to be located.
-
-Deploying from a path is intended to suit the workflow of a charm author working
-on a single client machine; use of this deployment method from multiple clients
-is not supported and may lead to confusing behaviour. Each local charm gets
-uploaded with the revision specified in the charm, if possible, otherwise it
-gets a unique revision (highest in state + 1).
-
-When deploying from a path, the --path flag is used to specify the location from
-which to load the updated charm. Note that the directory containing the charm must
-match what was originally used to deploy the charm as a superficial check that the
-updated charm is compatible.
-
-Resources may be uploaded at upgrade time by specifying the --resource flag.
-Following the resource flag should be name=filepath pair.  This flag may be
-repeated more than once to upload more than one resource.
-
-  juju upgrade-charm foo --resource bar=/some/file.tgz --resource baz=./docs/cfg.xml
-
-Where bar and baz are resources named in the metadata for the foo charm.
-
-If the new version of a charm does not explicitly support the service's series, the
-upgrade is disallowed unless the --force-series flag is used. This option should be
-used with caution since using a charm on a machine running an unsupported series may
-cause unexpected behavior.
-
-The --switch flag allows you to replace the charm with an entirely different one.
-The new charm's URL and revision are inferred as they would be when running a
-deploy command.
-
-Please note that --switch is dangerous, because juju only has limited
-information with which to determine compatibility; the operation will succeed,
-regardless of potential havoc, so long as the following conditions hold:
-
-- The new charm must declare all relations that the service is currently
-participating in.
-- All config settings shared by the old and new charms must
-have the same types.
-
-The new charm may add new relations and configuration settings.
-
---switch and --path are mutually exclusive.
-
---path and --revision are mutually exclusive. The revision of the updated charm
-is determined by the contents of the charm at the specified path.
-
---switch and --revision are mutually exclusive. To specify a given revision
-number with --switch, give it in the charm URL, for instance "cs:wordpress-5"
-would specify revision number 5 of the wordpress charm.
-
-Use of the --force-units flag is not generally recommended; units upgraded while in an
-error state will not have upgrade-charm hooks executed, and may cause unexpected
-behavior.
-`
-
-func (c *upgradeCharmCommand) Info() *cmd.Info {
-	return &cmd.Info{
-		Name:    "upgrade-charm",
-		Args:    "<service>",
-		Purpose: "upgrade a service's charm",
-		Doc:     upgradeCharmDoc,
-	}
-}
-
-func (c *upgradeCharmCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.ForceUnits, "force-units", false, "upgrade all units immediately, even if in error state")
-	f.StringVar((*string)(&c.Channel), "channel", "", "channel to use when getting the charm or bundle from the charm store")
-	f.BoolVar(&c.ForceSeries, "force-series", false, "upgrade even if series of deployed services are not supported by the new charm")
-	f.StringVar(&c.SwitchURL, "switch", "", "crossgrade to a different charm")
-	f.StringVar(&c.CharmPath, "path", "", "upgrade to a charm located at path")
-	f.IntVar(&c.Revision, "revision", -1, "explicit revision of current charm")
-	f.Var(stringMap{&c.Resources}, "resource", "resource to be uploaded to the controller")
-}
-
-func (c *upgradeCharmCommand) Init(args []string) error {
-	switch len(args) {
-	case 1:
-		if !names.IsValidService(args[0]) {
-			return fmt.Errorf("invalid service name %q", args[0])
-		}
-		c.ServiceName = args[0]
-	case 0:
-		return fmt.Errorf("no service specified")
-	default:
-		return cmd.CheckEmpty(args[1:])
-	}
-	if c.SwitchURL != "" && c.Revision != -1 {
-		return fmt.Errorf("--switch and --revision are mutually exclusive")
-	}
-	if c.CharmPath != "" && c.Revision != -1 {
-		return fmt.Errorf("--path and --revision are mutually exclusive")
-	}
-	if c.SwitchURL != "" && c.CharmPath != "" {
-		return fmt.Errorf("--switch and --path are mutually exclusive")
-	}
-	return nil
-}
-
-func (c *upgradeCharmCommand) newServiceAPIClient() (*apiservice.Client, error) {
-	root, err := c.NewAPIRoot()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return apiservice.NewClient(root), nil
-}
-
-// Run connects to the specified environment and starts the charm
-// upgrade process.
-func (c *upgradeCharmCommand) Run(ctx *cmd.Context) error {
-	client, err := c.NewAPIClient()
-	if err != nil {
-		return err
-	}
-	defer client.Close()
-
-	serviceClient, err := c.newServiceAPIClient()
-	if err != nil {
-		return err
-	}
-
-	oldURL, err := serviceClient.GetCharmURL(c.ServiceName)
-	if err != nil {
-		return err
-	}
-
-	newRef := c.SwitchURL
-	if newRef == "" {
-		newRef = c.CharmPath
-	}
-	if c.SwitchURL == "" && c.CharmPath == "" {
-		// If the charm we are upgrading is local, then we must
-		// specify a path or switch url to upgrade with.
-		if oldURL.Schema == "local" {
-			return errors.New("upgrading a local charm requires either --path or --switch")
-		}
-		// No new URL specified, but revision might have been.
-		newRef = oldURL.WithRevision(c.Revision).String()
-	}
-
-	bakeryClient, err := c.BakeryClient()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	csClient := newCharmStoreClient(bakeryClient).WithChannel(c.Channel)
-
-	conf, err := getClientConfig(client)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	resolver := newCharmURLResolver(conf, csClient)
-	chID, csMac, err := c.addCharm(oldURL, newRef, client, resolver)
-	if err != nil {
-		return block.ProcessBlockedError(err, block.BlockChange)
-	}
-	ctx.Infof("Added charm %q to the model.", chID.URL)
-
-	ids, err := c.upgradeResources(client, chID, csMac)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	cfg := apiservice.SetCharmConfig{
-		ServiceName: c.ServiceName,
-		CharmID:     chID,
-		ForceSeries: c.ForceSeries,
-		ForceUnits:  c.ForceUnits,
-		ResourceIDs: ids,
-	}
-
-	return block.ProcessBlockedError(serviceClient.SetCharm(cfg), block.BlockChange)
-}
-
-// upgradeResources pushes metadata up to the server for each resource defined
-// in the new charm's metadata and returns a map of resource names to pending
-// IDs to include in the upgrage-charm call.
-func (c *upgradeCharmCommand) upgradeResources(client *api.Client, chID charmstore.CharmID, csMac *macaroon.Macaroon) (map[string]string, error) {
-	filtered, err := getUpgradeResources(c, c.ServiceName, chID.URL, client, c.Resources)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if len(filtered) == 0 {
-		return nil, nil
-	}
-
-	// Note: the validity of user-supplied resources to be uploaded will be
-	// checked further down the stack.
-	return handleResources(c, c.Resources, c.ServiceName, chID, csMac, filtered)
-}
-
-// TODO(ericsnow) Move these helpers into handleResources()?
-
-func getUpgradeResources(c APICmd, serviceID string, cURL *charm.URL, client *api.Client, cliResources map[string]string) (map[string]charmresource.Meta, error) {
-	meta, err := getMetaResources(cURL, client)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if len(meta) == 0 {
-		return nil, nil
-	}
-
-	current, err := getResources(serviceID, c.NewAPIRoot)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	filtered := filterResources(meta, current, cliResources)
-	return filtered, nil
-}
-
-func getMetaResources(cURL *charm.URL, client *api.Client) (map[string]charmresource.Meta, error) {
-	// this gets the charm info that was added to the controller using addcharm.
-	charmInfo, err := client.CharmInfo(cURL.String())
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return charmInfo.Meta.Resources, nil
-}
-
-func getResources(serviceID string, newAPIRoot func() (api.Connection, error)) (map[string]resource.Resource, error) {
-	resclient, err := resourceadapters.NewAPIClient(newAPIRoot)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	svcs, err := resclient.ListResources([]string{serviceID})
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	// ListResources guarantees a number of values returned == number of
-	// services passed in.
-	return resource.AsMap(svcs[0].Resources), nil
-}
-
-// TODO(ericsnow) Move filterResources() and shouldUploadMeta()
-// somewhere more general under the "resource" package?
-
-func filterResources(meta map[string]charmresource.Meta, current map[string]resource.Resource, uploads map[string]string) map[string]charmresource.Meta {
-	filtered := make(map[string]charmresource.Meta)
-	for name, res := range meta {
-		if shouldUpgradeResource(res, uploads, current) {
-			filtered[name] = res
-		}
-	}
-	return filtered
-}
-
-// shouldUpgradeResource reports whether we should upload the metadata for the given
-// resource.  This is always true for resources we're adding with the --resource
-// flag. For resources we're not adding with --resource, we only upload metadata
-// for charmstore resources.  Previously uploaded resources stay pinned to the
-// data the user uploaded.
-func shouldUpgradeResource(res charmresource.Meta, uploads map[string]string, current map[string]resource.Resource) bool {
-	// Always upload metadata for resources the user is uploading during
-	// upgrade-charm.
-	if _, ok := uploads[res.Name]; ok {
-		return true
-	}
-	cur, ok := current[res.Name]
-	if !ok {
-		// If there's no information on the server, there should be.
-		return true
-	}
-	// Never override existing resources a user has already uploaded.
-	if cur.Origin == charmresource.OriginUpload {
-		return false
-	}
-	return true
-}
-
-// addCharm interprets the new charmRef and adds the specified charm if the new charm is different
-// to what's already deployed as specified by oldURL.
-func (c *upgradeCharmCommand) addCharm(
-	oldURL *charm.URL,
-	charmRef string,
-	client *api.Client,
-	resolver *charmURLResolver,
-) (charmstore.CharmID, *macaroon.Macaroon, error) {
-	var id charmstore.CharmID
-	// Charm may have been supplied via a path reference.
-	ch, newURL, err := charmrepo.NewCharmAtPathForceSeries(charmRef, oldURL.Series, c.ForceSeries)
-	if err == nil {
-		_, newName := filepath.Split(charmRef)
-		if newName != oldURL.Name {
-			return id, nil, fmt.Errorf("cannot upgrade %q to %q", oldURL.Name, newName)
-		}
-		addedURL, err := client.AddLocalCharm(newURL, ch)
-		id.URL = addedURL
-		return id, nil, err
-	}
-	if _, ok := err.(*charmrepo.NotFoundError); ok {
-		return id, nil, errors.Errorf("no charm found at %q", charmRef)
-	}
-	// If we get a "not exists" or invalid path error then we attempt to interpret
-	// the supplied charm reference as a URL below, otherwise we return the error.
-	if err != os.ErrNotExist && !charmrepo.IsInvalidPathError(err) {
-		return id, nil, err
-	}
-
-	// Charm has been supplied as a URL so we resolve and deploy using the store.
-	newURL, channel, supportedSeries, store, err := resolver.resolve(charmRef)
-	if err != nil {
-		return id, nil, errors.Trace(err)
-	}
-	id.Channel = channel
-	if !c.ForceSeries && oldURL.Series != "" && newURL.Series == "" && !isSeriesSupported(oldURL.Series, supportedSeries) {
-		series := []string{"no series"}
-		if len(supportedSeries) > 0 {
-			series = supportedSeries
-		}
-		return id, nil, errors.Errorf(
-			"cannot upgrade from single series %q charm to a charm supporting %q. Use --force-series to override.",
-			oldURL.Series, series,
-		)
-	}
-	// If no explicit revision was set with either SwitchURL
-	// or Revision flags, discover the latest.
-	if *newURL == *oldURL {
-		newRef, _ := charm.ParseURL(charmRef)
-		if newRef.Revision != -1 {
-			return id, nil, fmt.Errorf("already running specified charm %q", newURL)
-		}
-		// No point in trying to upgrade a charm store charm when
-		// we just determined that's the latest revision
-		// available.
-		return id, nil, fmt.Errorf("already running latest charm %q", newURL)
-	}
-
-	curl, csMac, err := addCharmFromURL(client, newURL, channel, store.Client())
-	if err != nil {
-		return id, nil, errors.Trace(err)
-	}
-	id.URL = curl
-	return id, csMac, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/upgradecharm_resources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/upgradecharm_resources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/upgradecharm_resources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/upgradecharm_resources_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,376 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service_test
-
-import (
-	"bytes"
-	"io/ioutil"
-	"net/http/httptest"
-	"path"
-	"sort"
-	"strings"
-	"time"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-	"gopkg.in/juju/charmstore.v5-unstable"
-
-	"github.com/juju/juju/cmd/juju/service"
-	"github.com/juju/juju/component/all"
-	"github.com/juju/juju/constraints"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/resource"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-)
-
-type UpgradeCharmResourceSuite struct {
-	jujutesting.RepoSuite
-}
-
-var _ = gc.Suite(&UpgradeCharmResourceSuite{})
-
-func (s *UpgradeCharmResourceSuite) SetUpSuite(c *gc.C) {
-	s.RepoSuite.SetUpSuite(c)
-	all.RegisterForServer()
-}
-
-func (s *UpgradeCharmResourceSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	chPath := testcharms.Repo.ClonedDirPath(s.CharmsPath, "riak")
-
-	_, err := testing.RunCommand(c, service.NewDeployCommand(), chPath, "riak", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	riak, err := s.State.Service("riak")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, forced, err := riak.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.Revision(), gc.Equals, 7)
-	c.Assert(forced, jc.IsFalse)
-}
-
-var riakResourceMeta = []byte(`
-name: riakresource
-summary: "K/V storage engine"
-description: "Scalable K/V Store in Erlang with Clocks :-)"
-provides:
-  endpoint:
-    interface: http
-  admin:
-    interface: http
-peers:
-  ring:
-    interface: riak
-resources:
-  data:
-    type: file
-    filename: foo.lib
-    description: some comment
-`)
-
-func (s *UpgradeCharmResourceSuite) TestUpgradeWithResources(c *gc.C) {
-	myriakPath := testcharms.Repo.ClonedDir(c.MkDir(), "riak")
-	err := ioutil.WriteFile(path.Join(myriakPath.Path, "metadata.yaml"), riakResourceMeta, 0644)
-	c.Assert(err, jc.ErrorIsNil)
-
-	data := []byte("some-data")
-	fp, err := charmresource.GenerateFingerprint(bytes.NewReader(data))
-	c.Assert(err, jc.ErrorIsNil)
-
-	resourceFile := path.Join(c.MkDir(), "data.lib")
-	err = ioutil.WriteFile(resourceFile, data, 0644)
-	c.Assert(err, jc.ErrorIsNil)
-
-	_, err = testing.RunCommand(c, service.NewUpgradeCharmCommand(),
-		"riak", "--path="+myriakPath.Path, "--resource", "data="+resourceFile)
-	c.Assert(err, jc.ErrorIsNil)
-
-	resources, err := s.State.Resources()
-	c.Assert(err, jc.ErrorIsNil)
-
-	sr, err := resources.ListResources("riak")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(sr.Resources, gc.HasLen, 1)
-
-	c.Check(sr.Resources[0].ServiceID, gc.Equals, "riak")
-
-	// Most of this is just a sanity check... this is all tested elsewhere.
-	c.Check(sr.Resources[0].PendingID, gc.Equals, "")
-	c.Check(sr.Resources[0].Username, gc.Not(gc.Equals), "")
-	c.Check(sr.Resources[0].ID, gc.Not(gc.Equals), "")
-	c.Check(sr.Resources[0].Timestamp.IsZero(), jc.IsFalse)
-
-	// Ensure we get the data we passed in from the metadata.yaml.
-	c.Check(sr.Resources[0].Resource, gc.DeepEquals, charmresource.Resource{
-		Meta: charmresource.Meta{
-			Name:        "data",
-			Type:        charmresource.TypeFile,
-			Path:        "foo.lib",
-			Description: "some comment",
-		},
-		Origin:      charmresource.OriginUpload,
-		Fingerprint: fp,
-		Size:        int64(len(data)),
-	})
-}
-
-// charmStoreSuite is a suite fixture that puts the machinery in
-// place to allow testing code that calls addCharmViaAPI.
-type charmStoreSuite struct {
-	jujutesting.JujuConnSuite
-	handler charmstore.HTTPCloseHandler
-	srv     *httptest.Server
-	client  *csclient.Client
-}
-
-func (s *charmStoreSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-
-	// Set up the charm store testing server.
-	db := s.Session.DB("juju-testing")
-	params := charmstore.ServerParams{
-		AuthUsername: "test-user",
-		AuthPassword: "test-password",
-	}
-	handler, err := charmstore.NewServer(db, nil, "", params, charmstore.V5)
-	c.Assert(err, jc.ErrorIsNil)
-	s.handler = handler
-	s.srv = httptest.NewServer(handler)
-	s.client = csclient.New(csclient.Params{
-		URL:      s.srv.URL,
-		User:     params.AuthUsername,
-		Password: params.AuthPassword,
-	})
-
-	service.PatchNewCharmStoreClient(s, s.srv.URL)
-
-	// Initialize the charm cache dir.
-	s.PatchValue(&charmrepo.CacheDir, c.MkDir())
-
-	// Point the CLI to the charm store testing server.
-
-	// Point the Juju API server to the charm store testing server.
-	s.PatchValue(&csclient.ServerURL, s.srv.URL)
-}
-
-func (s *charmStoreSuite) TearDownTest(c *gc.C) {
-	s.handler.Close()
-	s.srv.Close()
-	s.JujuConnSuite.TearDownTest(c)
-}
-
-type UpgradeCharmStoreResourceSuite struct {
-	charmStoreSuite
-}
-
-var _ = gc.Suite(&UpgradeCharmStoreResourceSuite{})
-
-func (s *UpgradeCharmStoreResourceSuite) SetUpSuite(c *gc.C) {
-	s.charmStoreSuite.SetUpSuite(c)
-	err := all.RegisterForServer()
-	c.Assert(err, jc.ErrorIsNil)
-	err = all.RegisterForClient()
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-// TODO(ericsnow) Adapt this test to check passing revisions once the
-// charmstore endpoints are implemented.
-
-func (s *UpgradeCharmStoreResourceSuite) TestDeployStarsaySuccess(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "trusty/starsay-1", "starsay")
-
-	// let's make a fake resource file to upload
-	resourceContent := "some-data"
-
-	resourceFile := path.Join(c.MkDir(), "data.xml")
-	err := ioutil.WriteFile(resourceFile, []byte(resourceContent), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-
-	ctx, err := testing.RunCommand(c, service.NewDeployCommand(), "trusty/starsay", "--resource", "upload-resource="+resourceFile)
-	c.Assert(err, jc.ErrorIsNil)
-	output := testing.Stderr(ctx)
-
-	expectedOutput := `Added charm "cs:trusty/starsay-1" to the model.
-Deploying charm "cs:trusty/starsay-1" with the charm series "trusty".
-`
-	c.Assert(output, gc.Equals, expectedOutput)
-	s.assertCharmsUploaded(c, "cs:trusty/starsay-1")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"starsay": {charm: "cs:trusty/starsay-1"},
-	})
-	_, err = s.State.Unit("starsay/0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	res, err := s.State.Resources()
-	c.Assert(err, jc.ErrorIsNil)
-	svcres, err := res.ListResources("starsay")
-	c.Assert(err, jc.ErrorIsNil)
-
-	sort.Sort(byname(svcres.Resources))
-
-	c.Assert(svcres.Resources, gc.HasLen, 3)
-	c.Check(svcres.Resources[2].Timestamp, gc.Not(gc.Equals), time.Time{})
-	svcres.Resources[2].Timestamp = time.Time{}
-
-	// Note that all charm resources were uploaded by testcharms.UploadCharm
-	// so that the charm could be published.
-	expectedResources := []resource.Resource{{
-		Resource: charmresource.Resource{
-			Meta: charmresource.Meta{
-				Name:        "install-resource",
-				Type:        charmresource.TypeFile,
-				Path:        "gotta-have-it.txt",
-				Description: "get things started",
-			},
-			Origin:      charmresource.OriginStore,
-			Revision:    0,
-			Fingerprint: resourceHash("install-resource content"),
-			Size:        int64(len("install-resource content")),
-		},
-		ID:        "starsay/install-resource",
-		ServiceID: "starsay",
-	}, {
-		Resource: charmresource.Resource{
-			Meta: charmresource.Meta{
-				Name:        "store-resource",
-				Type:        charmresource.TypeFile,
-				Path:        "filename.tgz",
-				Description: "One line that is useful when operators need to push it.",
-			},
-			Origin:      charmresource.OriginStore,
-			Revision:    0,
-			Fingerprint: resourceHash("store-resource content"),
-			Size:        int64(len("store-resource content")),
-		},
-		ID:        "starsay/store-resource",
-		ServiceID: "starsay",
-	}, {
-		Resource: charmresource.Resource{
-			Meta: charmresource.Meta{
-				Name:        "upload-resource",
-				Type:        charmresource.TypeFile,
-				Path:        "somename.xml",
-				Description: "Who uses xml anymore?",
-			},
-			Origin:      charmresource.OriginUpload,
-			Revision:    0,
-			Fingerprint: resourceHash(resourceContent),
-			Size:        int64(len(resourceContent)),
-		},
-		ID:        "starsay/upload-resource",
-		ServiceID: "starsay",
-		Username:  "admin@local",
-		// Timestamp is checked above
-	}}
-
-	c.Check(svcres.Resources, jc.DeepEquals, expectedResources)
-
-	oldCharmStoreResources := make([]charmresource.Resource, len(svcres.CharmStoreResources))
-	copy(oldCharmStoreResources, svcres.CharmStoreResources)
-
-	sort.Sort(csbyname(oldCharmStoreResources))
-
-	testcharms.UploadCharm(c, s.client, "trusty/starsay-2", "starsay")
-
-	_, err = testing.RunCommand(c, service.NewUpgradeCharmCommand(), "starsay")
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"starsay": {charm: "cs:trusty/starsay-2"},
-	})
-
-	res, err = s.State.Resources()
-	c.Assert(err, jc.ErrorIsNil)
-	svcres, err = res.ListResources("starsay")
-	c.Assert(err, jc.ErrorIsNil)
-
-	sort.Sort(byname(svcres.Resources))
-
-	c.Assert(svcres.Resources, gc.HasLen, 3)
-	c.Check(svcres.Resources[2].Timestamp, gc.Not(gc.Equals), time.Time{})
-	svcres.Resources[2].Timestamp = time.Time{}
-
-	// ensure that we haven't overridden the previously uploaded resource.
-	c.Check(svcres.Resources, jc.DeepEquals, expectedResources)
-
-	sort.Sort(csbyname(svcres.CharmStoreResources))
-	c.Check(oldCharmStoreResources, gc.DeepEquals, svcres.CharmStoreResources)
-}
-
-func resourceHash(content string) charmresource.Fingerprint {
-	fp, err := charmresource.GenerateFingerprint(strings.NewReader(content))
-	if err != nil {
-		panic(err)
-	}
-	return fp
-}
-
-type byname []resource.Resource
-
-func (b byname) Len() int           { return len(b) }
-func (b byname) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
-func (b byname) Less(i, j int) bool { return b[i].Name < b[j].Name }
-
-type csbyname []charmresource.Resource
-
-func (b csbyname) Len() int           { return len(b) }
-func (b csbyname) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
-func (b csbyname) Less(i, j int) bool { return b[i].Name < b[j].Name }
-
-// assertCharmsUploaded checks that the given charm ids have been uploaded.
-func (s *charmStoreSuite) assertCharmsUploaded(c *gc.C, ids ...string) {
-	charms, err := s.State.AllCharms()
-	c.Assert(err, jc.ErrorIsNil)
-	uploaded := make([]string, len(charms))
-	for i, charm := range charms {
-		uploaded[i] = charm.URL().String()
-	}
-	c.Assert(uploaded, jc.SameContents, ids)
-}
-
-// assertServicesDeployed checks that the given services have been deployed.
-func (s *charmStoreSuite) assertServicesDeployed(c *gc.C, info map[string]serviceInfo) {
-	services, err := s.State.AllServices()
-	c.Assert(err, jc.ErrorIsNil)
-	deployed := make(map[string]serviceInfo, len(services))
-	for _, service := range services {
-		charm, _ := service.CharmURL()
-		config, err := service.ConfigSettings()
-		c.Assert(err, jc.ErrorIsNil)
-		if len(config) == 0 {
-			config = nil
-		}
-		constraints, err := service.Constraints()
-		c.Assert(err, jc.ErrorIsNil)
-		storage, err := service.StorageConstraints()
-		c.Assert(err, jc.ErrorIsNil)
-		if len(storage) == 0 {
-			storage = nil
-		}
-		deployed[service.Name()] = serviceInfo{
-			charm:       charm.String(),
-			config:      config,
-			constraints: constraints,
-			exposed:     service.IsExposed(),
-			storage:     storage,
-		}
-	}
-	c.Assert(deployed, jc.DeepEquals, info)
-}
-
-// serviceInfo holds information about a deployed service.
-type serviceInfo struct {
-	charm            string
-	config           charm.Settings
-	constraints      constraints.Value
-	exposed          bool
-	storage          map[string]state.StorageConstraints
-	endpointBindings map[string]string
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/upgradecharm_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/upgradecharm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/service/upgradecharm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/service/upgradecharm_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,430 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package service
-
-import (
-	"fmt"
-	"io/ioutil"
-	"net/http/httptest"
-	"path"
-	"path/filepath"
-
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable"
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient"
-	csclientparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/juju/charmstore.v5-unstable"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-
-	"github.com/juju/juju/cmd/juju/common"
-	"github.com/juju/juju/cmd/modelcmd"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/rpc"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/testcharms"
-	"github.com/juju/juju/testing"
-)
-
-type UpgradeCharmErrorsSuite struct {
-	jujutesting.RepoSuite
-	handler charmstore.HTTPCloseHandler
-	srv     *httptest.Server
-}
-
-func (s *UpgradeCharmErrorsSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	// Set up the charm store testing server.
-	handler, err := charmstore.NewServer(s.Session.DB("juju-testing"), nil, "", charmstore.ServerParams{
-		AuthUsername: "test-user",
-		AuthPassword: "test-password",
-	}, charmstore.V5)
-	c.Assert(err, jc.ErrorIsNil)
-	s.handler = handler
-	s.srv = httptest.NewServer(handler)
-
-	s.PatchValue(&charmrepo.CacheDir, c.MkDir())
-	s.PatchValue(&newCharmStoreClient, func(bakeryClient *httpbakery.Client) *csclient.Client {
-		return csclient.New(csclient.Params{
-			URL:          s.srv.URL,
-			BakeryClient: bakeryClient,
-		})
-	})
-}
-
-func (s *UpgradeCharmErrorsSuite) TearDownTest(c *gc.C) {
-	s.handler.Close()
-	s.srv.Close()
-	s.RepoSuite.TearDownTest(c)
-}
-
-var _ = gc.Suite(&UpgradeCharmErrorsSuite{})
-
-func runUpgradeCharm(c *gc.C, args ...string) error {
-	_, err := testing.RunCommand(c, NewUpgradeCharmCommand(), args...)
-	return err
-}
-
-func (s *UpgradeCharmErrorsSuite) TestInvalidArgs(c *gc.C) {
-	err := runUpgradeCharm(c)
-	c.Assert(err, gc.ErrorMatches, "no service specified")
-	err = runUpgradeCharm(c, "invalid:name")
-	c.Assert(err, gc.ErrorMatches, `invalid service name "invalid:name"`)
-	err = runUpgradeCharm(c, "foo", "bar")
-	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["bar"\]`)
-}
-
-func (s *UpgradeCharmErrorsSuite) TestInvalidService(c *gc.C) {
-	err := runUpgradeCharm(c, "phony")
-	c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-		Message: `service "phony" not found`,
-		Code:    "not found",
-	})
-}
-
-func (s *UpgradeCharmErrorsSuite) deployService(c *gc.C) {
-	ch := testcharms.Repo.ClonedDirPath(s.CharmsPath, "riak")
-	err := runDeploy(c, ch, "riak", "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *UpgradeCharmErrorsSuite) TestInvalidSwitchURL(c *gc.C) {
-	s.deployService(c)
-	err := runUpgradeCharm(c, "riak", "--switch=blah")
-	c.Assert(err, gc.ErrorMatches, `cannot resolve URL "cs:blah": charm or bundle not found`)
-	err = runUpgradeCharm(c, "riak", "--switch=cs:missing/one")
-	c.Assert(err, gc.ErrorMatches, `cannot resolve URL "cs:missing/one": charm not found`)
-	// TODO(dimitern): add tests with incompatible charms
-}
-
-func (s *UpgradeCharmErrorsSuite) TestNoPathFails(c *gc.C) {
-	s.deployService(c)
-	err := runUpgradeCharm(c, "riak")
-	c.Assert(err, gc.ErrorMatches, "upgrading a local charm requires either --path or --switch")
-}
-
-func (s *UpgradeCharmErrorsSuite) TestSwitchAndRevisionFails(c *gc.C) {
-	s.deployService(c)
-	err := runUpgradeCharm(c, "riak", "--switch=riak", "--revision=2")
-	c.Assert(err, gc.ErrorMatches, "--switch and --revision are mutually exclusive")
-}
-
-func (s *UpgradeCharmErrorsSuite) TestPathAndRevisionFails(c *gc.C) {
-	s.deployService(c)
-	err := runUpgradeCharm(c, "riak", "--path=foo", "--revision=2")
-	c.Assert(err, gc.ErrorMatches, "--path and --revision are mutually exclusive")
-}
-
-func (s *UpgradeCharmErrorsSuite) TestSwitchAndPathFails(c *gc.C) {
-	s.deployService(c)
-	err := runUpgradeCharm(c, "riak", "--switch=riak", "--path=foo")
-	c.Assert(err, gc.ErrorMatches, "--switch and --path are mutually exclusive")
-}
-
-func (s *UpgradeCharmErrorsSuite) TestInvalidRevision(c *gc.C) {
-	s.deployService(c)
-	err := runUpgradeCharm(c, "riak", "--revision=blah")
-	c.Assert(err, gc.ErrorMatches, `invalid value "blah" for flag --revision: strconv.ParseInt: parsing "blah": invalid syntax`)
-}
-
-type BaseUpgradeCharmSuite struct{}
-
-type UpgradeCharmSuccessSuite struct {
-	BaseUpgradeCharmSuite
-	jujutesting.RepoSuite
-	common.CmdBlockHelper
-	path string
-	riak *state.Service
-}
-
-func (s *BaseUpgradeCharmSuite) assertUpgraded(c *gc.C, riak *state.Service, revision int, forced bool) *charm.URL {
-	err := riak.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	ch, force, err := riak.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.Revision(), gc.Equals, revision)
-	c.Assert(force, gc.Equals, forced)
-	return ch.URL()
-}
-
-var _ = gc.Suite(&UpgradeCharmSuccessSuite{})
-
-func (s *UpgradeCharmSuccessSuite) SetUpTest(c *gc.C) {
-	s.RepoSuite.SetUpTest(c)
-	s.path = testcharms.Repo.ClonedDirPath(s.CharmsPath, "riak")
-	err := runDeploy(c, s.path, "--series", "quantal")
-	c.Assert(err, jc.ErrorIsNil)
-	s.riak, err = s.State.Service("riak")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, forced, err := s.riak.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.Revision(), gc.Equals, 7)
-	c.Assert(forced, jc.IsFalse)
-
-	s.CmdBlockHelper = common.NewCmdBlockHelper(s.APIState)
-	c.Assert(s.CmdBlockHelper, gc.NotNil)
-	s.AddCleanup(func(*gc.C) { s.CmdBlockHelper.Close() })
-}
-
-func (s *UpgradeCharmSuccessSuite) assertLocalRevision(c *gc.C, revision int, path string) {
-	dir, err := charm.ReadCharmDir(path)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dir.Revision(), gc.Equals, revision)
-}
-
-func (s *UpgradeCharmSuccessSuite) TestLocalRevisionUnchanged(c *gc.C) {
-	err := runUpgradeCharm(c, "riak", "--path", s.path)
-	c.Assert(err, jc.ErrorIsNil)
-	curl := s.assertUpgraded(c, s.riak, 8, false)
-	s.AssertCharmUploaded(c, curl)
-	// Even though the remote revision is bumped, the local one should
-	// be unchanged.
-	s.assertLocalRevision(c, 7, s.path)
-}
-
-func (s *UpgradeCharmSuccessSuite) TestBlockUpgradeCharm(c *gc.C) {
-	// Block operation
-	s.BlockAllChanges(c, "TestBlockUpgradeCharm")
-	err := runUpgradeCharm(c, "riak", "--path", s.path)
-	s.AssertBlocked(c, err, ".*TestBlockUpgradeCharm.*")
-}
-
-func (s *UpgradeCharmSuccessSuite) TestRespectsLocalRevisionWhenPossible(c *gc.C) {
-	dir, err := charm.ReadCharmDir(s.path)
-	c.Assert(err, jc.ErrorIsNil)
-	err = dir.SetDiskRevision(42)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = runUpgradeCharm(c, "riak", "--path", s.path)
-	c.Assert(err, jc.ErrorIsNil)
-	curl := s.assertUpgraded(c, s.riak, 42, false)
-	s.AssertCharmUploaded(c, curl)
-	s.assertLocalRevision(c, 42, s.path)
-}
-
-func (s *UpgradeCharmSuccessSuite) TestForcedSeriesUpgrade(c *gc.C) {
-	path := testcharms.Repo.ClonedDirPath(c.MkDir(), "multi-series")
-	err := runDeploy(c, path, "multi-series", "--series", "precise")
-	c.Assert(err, jc.ErrorIsNil)
-	service, err := s.State.Service("multi-series")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, _, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.Revision(), gc.Equals, 1)
-
-	// Copy files from a charm supporting a different set of series
-	// so we can try an upgrade requiring --force-series.
-	for _, f := range []string{"metadata.yaml", "revision"} {
-		err = utils.CopyFile(
-			filepath.Join(path, f),
-			filepath.Join(testcharms.Repo.CharmDirPath("multi-series2"), f))
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	err = runUpgradeCharm(c, "multi-series", "--path", path, "--force-series")
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = service.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	ch, force, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.Revision(), gc.Equals, 8)
-	c.Assert(force, gc.Equals, false)
-	s.AssertCharmUploaded(c, ch.URL())
-	c.Assert(ch.URL().String(), gc.Equals, "local:precise/multi-series2-8")
-}
-
-func (s *UpgradeCharmSuccessSuite) TestInitWithResources(c *gc.C) {
-	testcharms.Repo.CharmArchivePath(s.CharmsPath, "dummy")
-	dir := c.MkDir()
-
-	foopath := path.Join(dir, "foo")
-	barpath := path.Join(dir, "bar")
-	err := ioutil.WriteFile(foopath, []byte("foo"), 0600)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ioutil.WriteFile(barpath, []byte("bar"), 0600)
-	c.Assert(err, jc.ErrorIsNil)
-
-	res1 := fmt.Sprintf("foo=%s", foopath)
-	res2 := fmt.Sprintf("bar=%s", barpath)
-
-	d := upgradeCharmCommand{}
-	args := []string{"dummy", "--resource", res1, "--resource", res2}
-
-	err = testing.InitCommand(modelcmd.Wrap(&d), args)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(d.Resources, gc.DeepEquals, map[string]string{
-		"foo": foopath,
-		"bar": barpath,
-	})
-}
-
-func (s *UpgradeCharmSuccessSuite) TestForcedUnitsUpgrade(c *gc.C) {
-	err := runUpgradeCharm(c, "riak", "--force-units", "--path", s.path)
-	c.Assert(err, jc.ErrorIsNil)
-	curl := s.assertUpgraded(c, s.riak, 8, true)
-	s.AssertCharmUploaded(c, curl)
-	// Local revision is not changed.
-	s.assertLocalRevision(c, 7, s.path)
-}
-
-func (s *UpgradeCharmSuccessSuite) TestBlockForcedUnitsUpgrade(c *gc.C) {
-	// Block operation
-	s.BlockAllChanges(c, "TestBlockForcedUpgrade")
-	err := runUpgradeCharm(c, "riak", "--force-units", "--path", s.path)
-	c.Assert(err, jc.ErrorIsNil)
-	curl := s.assertUpgraded(c, s.riak, 8, true)
-	s.AssertCharmUploaded(c, curl)
-	// Local revision is not changed.
-	s.assertLocalRevision(c, 7, s.path)
-}
-
-func (s *UpgradeCharmSuccessSuite) TestCharmPath(c *gc.C) {
-	myriakPath := testcharms.Repo.ClonedDirPath(c.MkDir(), "riak")
-
-	// Change the revision to 42 and upgrade to it with explicit revision.
-	err := ioutil.WriteFile(path.Join(myriakPath, "revision"), []byte("42"), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	err = runUpgradeCharm(c, "riak", "--path", myriakPath)
-	c.Assert(err, jc.ErrorIsNil)
-	curl := s.assertUpgraded(c, s.riak, 42, false)
-	c.Assert(curl.String(), gc.Equals, "local:quantal/riak-42")
-	s.assertLocalRevision(c, 42, myriakPath)
-}
-
-func (s *UpgradeCharmSuccessSuite) TestCharmPathNoRevUpgrade(c *gc.C) {
-	// Revision 7 is running to start with.
-	myriakPath := testcharms.Repo.ClonedDirPath(c.MkDir(), "riak")
-	s.assertLocalRevision(c, 7, myriakPath)
-	err := runUpgradeCharm(c, "riak", "--path", myriakPath)
-	c.Assert(err, jc.ErrorIsNil)
-	curl := s.assertUpgraded(c, s.riak, 8, false)
-	c.Assert(curl.String(), gc.Equals, "local:quantal/riak-8")
-}
-
-func (s *UpgradeCharmSuccessSuite) TestCharmPathDifferentNameFails(c *gc.C) {
-	myriakPath := testcharms.Repo.RenamedClonedDirPath(s.CharmsPath, "riak", "myriak")
-	err := runUpgradeCharm(c, "riak", "--path", myriakPath)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade "riak" to "myriak"`)
-}
-
-type UpgradeCharmCharmStoreSuite struct {
-	BaseUpgradeCharmSuite
-	charmStoreSuite
-}
-
-var _ = gc.Suite(&UpgradeCharmCharmStoreSuite{})
-
-var upgradeCharmAuthorizationTests = []struct {
-	about        string
-	uploadURL    string
-	switchURL    string
-	readPermUser string
-	expectError  string
-}{{
-	about:     "public charm, success",
-	uploadURL: "cs:~bob/trusty/wordpress1-10",
-	switchURL: "cs:~bob/trusty/wordpress1",
-}, {
-	about:     "public charm, fully resolved, success",
-	uploadURL: "cs:~bob/trusty/wordpress2-10",
-	switchURL: "cs:~bob/trusty/wordpress2-10",
-}, {
-	about:        "non-public charm, success",
-	uploadURL:    "cs:~bob/trusty/wordpress3-10",
-	switchURL:    "cs:~bob/trusty/wordpress3",
-	readPermUser: clientUserName,
-}, {
-	about:        "non-public charm, fully resolved, success",
-	uploadURL:    "cs:~bob/trusty/wordpress4-10",
-	switchURL:    "cs:~bob/trusty/wordpress4-10",
-	readPermUser: clientUserName,
-}, {
-	about:        "non-public charm, access denied",
-	uploadURL:    "cs:~bob/trusty/wordpress5-10",
-	switchURL:    "cs:~bob/trusty/wordpress5",
-	readPermUser: "bob",
-	expectError:  `cannot resolve charm URL "cs:~bob/trusty/wordpress5": cannot get "/~bob/trusty/wordpress5/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
-}, {
-	about:        "non-public charm, fully resolved, access denied",
-	uploadURL:    "cs:~bob/trusty/wordpress6-47",
-	switchURL:    "cs:~bob/trusty/wordpress6-47",
-	readPermUser: "bob",
-	expectError:  `cannot resolve charm URL "cs:~bob/trusty/wordpress6-47": cannot get "/~bob/trusty/wordpress6-47/meta/any\?include=id&include=supported-series&include=published": unauthorized: access denied for user "client-username"`,
-}}
-
-func (s *UpgradeCharmCharmStoreSuite) TestUpgradeCharmAuthorization(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/wordpress-0", "wordpress")
-	err := runDeploy(c, "cs:~other/trusty/wordpress-0")
-	c.Assert(err, jc.ErrorIsNil)
-	for i, test := range upgradeCharmAuthorizationTests {
-		c.Logf("test %d: %s", i, test.about)
-		url, _ := testcharms.UploadCharm(c, s.client, test.uploadURL, "wordpress")
-		if test.readPermUser != "" {
-			s.changeReadPerm(c, url, test.readPermUser)
-		}
-		err := runUpgradeCharm(c, "wordpress", "--switch", test.switchURL)
-		if test.expectError != "" {
-			c.Assert(err, gc.ErrorMatches, test.expectError)
-			continue
-		}
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
-func (s *UpgradeCharmCharmStoreSuite) TestSwitch(c *gc.C) {
-	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/riak-0", "riak")
-	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/anotherriak-7", "riak")
-	err := runDeploy(c, "cs:~other/trusty/riak-0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	riak, err := s.State.Service("riak")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, forced, err := riak.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.Revision(), gc.Equals, 0)
-	c.Assert(forced, jc.IsFalse)
-
-	err = runUpgradeCharm(c, "riak", "--switch=cs:~other/trusty/anotherriak")
-	c.Assert(err, jc.ErrorIsNil)
-	curl := s.assertUpgraded(c, riak, 7, false)
-	c.Assert(curl.String(), gc.Equals, "cs:~other/trusty/anotherriak-7")
-
-	// Now try the same with explicit revision - should fail.
-	err = runUpgradeCharm(c, "riak", "--switch=cs:~other/trusty/anotherriak-7")
-	c.Assert(err, gc.ErrorMatches, `already running specified charm "cs:~other/trusty/anotherriak-7"`)
-
-	// Change the revision to 42 and upgrade to it with explicit revision.
-	testcharms.UploadCharm(c, s.client, "cs:~other/trusty/anotherriak-42", "riak")
-	err = runUpgradeCharm(c, "riak", "--switch=cs:~other/trusty/anotherriak-42")
-	c.Assert(err, jc.ErrorIsNil)
-	curl = s.assertUpgraded(c, riak, 42, false)
-	c.Assert(curl.String(), gc.Equals, "cs:~other/trusty/anotherriak-42")
-}
-
-func (s *UpgradeCharmCharmStoreSuite) TestUpgradeCharmWithChannel(c *gc.C) {
-	id, ch := testcharms.UploadCharm(c, s.client, "cs:~client-username/trusty/wordpress-0", "wordpress")
-	err := runDeploy(c, "cs:~client-username/trusty/wordpress-0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Upload a new revision of the charm, but publish it
-	// only to the development channel.
-
-	id.Revision = 1
-	err = s.client.UploadCharmWithRevision(id, ch, -1)
-	c.Assert(err, gc.IsNil)
-
-	err = s.client.Publish(id, []csclientparams.Channel{csclientparams.DevelopmentChannel}, nil)
-	c.Assert(err, gc.IsNil)
-
-	err = runUpgradeCharm(c, "wordpress", "--channel", "development")
-	c.Assert(err, gc.IsNil)
-
-	s.assertCharmsUploaded(c, "cs:~client-username/trusty/wordpress-0", "cs:~client-username/trusty/wordpress-1")
-	s.assertServicesDeployed(c, map[string]serviceInfo{
-		"wordpress": {charm: "cs:~client-username/trusty/wordpress-1"},
-	})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/metricsdebug"
@@ -16,13 +16,18 @@
 )
 
 const setMeterStatusDoc = `
-Set meter status on the given service or unit. This command is used to test the meter-status-changed hook for charms in development.
+Set meter status on the given application or unit. This command is used
+to test the meter-status-changed hook for charms in development.
+
 Examples:
-  juju set-meter-status myapp RED # Set Red meter status on all units of myapp
-  juju set-meter-status myapp/0 AMBER --info "my message" # Set AMBER meter status with "my message" as info on unit myapp/0
+    # Set Red meter status on all units of myapp
+    juju set-meter-status myapp RED
+
+    # Set AMBER meter status with "my message" as info on unit myapp/0
+    juju set-meter-status myapp/0 AMBER --info "my message"
 `
 
-// SetMeterStatusCommand sets the meter status on a service or unit. Useful for charm authors.
+// SetMeterStatusCommand sets the meter status on an application or unit. Useful for charm authors.
 type SetMeterStatusCommand struct {
 	modelcmd.ModelCommandBase
 	Tag        names.Tag
@@ -39,8 +44,8 @@
 func (c *SetMeterStatusCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "set-meter-status",
-		Args:    "[service or unit] status",
-		Purpose: "sets the meter status on a service or unit",
+		Args:    "[application or unit] status",
+		Purpose: "Sets the meter status on an application or unit.",
 		Doc:     setMeterStatusDoc,
 	}
 }
@@ -48,14 +53,14 @@
 // Init reads and verifies the cli arguments for the SetMeterStatusCommand
 func (c *SetMeterStatusCommand) Init(args []string) error {
 	if len(args) != 2 {
-		return errors.New("you need to specify an entity (service or unit) and a status")
+		return errors.New("you need to specify an entity (application or unit) and a status")
 	}
 	if names.IsValidUnit(args[0]) {
 		c.Tag = names.NewUnitTag(args[0])
-	} else if names.IsValidService(args[0]) {
-		c.Tag = names.NewServiceTag(args[0])
+	} else if names.IsValidApplication(args[0]) {
+		c.Tag = names.NewApplicationTag(args[0])
 	} else {
-		return errors.Errorf("%q is not a valid unit or service", args[0])
+		return errors.Errorf("%q is not a valid unit or application", args[0])
 	}
 	c.Status = args[1]
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/setmeterstatus/setmeterstatus_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -57,7 +57,7 @@
 	})
 	_, err := coretesting.RunCommand(c, setmeterstatus.New(), "metered", "RED")
 	c.Assert(err, jc.ErrorIsNil)
-	client.CheckCall(c, 0, "SetMeterStatus", "service-metered", "RED", "")
+	client.CheckCall(c, 0, "SetMeterStatus", "application-metered", "RED", "")
 }
 
 func (s *SetMeterStatusSuite) TestNotValidServiceOrUnit(c *gc.C) {
@@ -66,7 +66,7 @@
 		return &client, nil
 	})
 	_, err := coretesting.RunCommand(c, setmeterstatus.New(), "!!!!!!", "RED")
-	c.Assert(err, gc.ErrorMatches, `"!!!!!!" is not a valid unit or service`)
+	c.Assert(err, gc.ErrorMatches, `"!!!!!!" is not a valid unit or application`)
 }
 
 type DebugMetricsCommandSuite struct {
@@ -77,13 +77,13 @@
 
 func (s *DebugMetricsCommandSuite) TestDebugNoArgs(c *gc.C) {
 	_, err := coretesting.RunCommand(c, setmeterstatus.New())
-	c.Assert(err, gc.ErrorMatches, `you need to specify an entity \(service or unit\) and a status`)
+	c.Assert(err, gc.ErrorMatches, `you need to specify an entity \(application or unit\) and a status`)
 }
 
 func (s *DebugMetricsCommandSuite) TestUnits(c *gc.C) {
 	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "mysql", URL: "local:quantal/mysql"})
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Charm: charm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: service, SetCharmURL: true})
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: charm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: service, SetCharmURL: true})
 	_, err := coretesting.RunCommand(c, setmeterstatus.New(), unit.Name(), "RED", "--info", "foobar")
 	c.Assert(err, jc.ErrorIsNil)
 	status, err := unit.GetMeterStatus()
@@ -94,7 +94,7 @@
 
 func (s *DebugMetricsCommandSuite) TestService(c *gc.C) {
 	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "mysql", URL: "local:quantal/mysql"})
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Charm: charm})
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: charm})
 	unit0, err := service.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	unit1, err := service.AddUnit()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -38,11 +38,11 @@
 // Info is defined on the cmd.Command interface.
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-spaces",
+		Name:    "spaces",
 		Args:    "[--short] [--format yaml|json] [--output <path>]",
 		Purpose: "List known spaces, including associated subnets",
 		Doc:     strings.TrimSpace(listCommandDoc),
-		Aliases: []string{"spaces"},
+		Aliases: []string{"list-spaces"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,6 @@
 package space_test
 
 import (
-	"net"
 	stdtesting "testing"
 
 	"github.com/juju/cmd"
@@ -148,23 +147,19 @@
 		Zones:      []string{"zone1"},
 	}, {
 		// IPv4 subnet.
-		CIDR:              "10.1.2.0/24",
-		ProviderId:        "subnet-private",
-		Life:              params.Alive,
-		SpaceTag:          "space-space2",
-		Zones:             []string{"zone1", "zone2"},
-		StaticRangeLowIP:  net.ParseIP("10.1.2.10"),
-		StaticRangeHighIP: net.ParseIP("10.1.2.200"),
+		CIDR:       "10.1.2.0/24",
+		ProviderId: "subnet-private",
+		Life:       params.Alive,
+		SpaceTag:   "space-space2",
+		Zones:      []string{"zone1", "zone2"},
 	}, {
 		// IPv4 VLAN subnet.
-		CIDR:              "4.3.2.0/28",
-		Life:              params.Dead,
-		ProviderId:        "vlan-42",
-		SpaceTag:          "space-space2",
-		Zones:             []string{"zone1"},
-		VLANTag:           42,
-		StaticRangeLowIP:  net.ParseIP("4.3.2.2"),
-		StaticRangeHighIP: net.ParseIP("4.3.2.4"),
+		CIDR:       "4.3.2.0/28",
+		Life:       params.Dead,
+		ProviderId: "vlan-42",
+		SpaceTag:   "space-space2",
+		Zones:      []string{"zone1"},
+		VLANTag:    42,
 	}}
 	spaces := []params.Space{{
 		Name:    "space1",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/remove.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/modelcmd"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/rename.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/rename.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/rename.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/rename.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/cmd/modelcmd"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/space.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/space.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/space/space.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/space/space.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/spaces"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/formatted.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/formatted.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/formatted.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/formatted.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,10 +11,9 @@
 )
 
 type formattedStatus struct {
-	Model       string                   `json:"model"`
-	ModelStatus *modelStatus             `json:"model-status,omitempty" yaml:"model-status,omitempty"`
-	Machines    map[string]machineStatus `json:"machines"`
-	Services    map[string]serviceStatus `json:"services"`
+	Model        modelStatus                  `json:"model"`
+	Machines     map[string]machineStatus     `json:"machines"`
+	Applications map[string]applicationStatus `json:"applications"`
 }
 
 type formattedMachineStatus struct {
@@ -27,6 +26,11 @@
 }
 
 type modelStatus struct {
+	Name             string `json:"name" yaml:"name"`
+	Controller       string `json:"controller" yaml:"controller"`
+	Cloud            string `json:"cloud" yaml:"cloud"`
+	CloudRegion      string `json:"region,omitempty" yaml:"region,omitempty"`
+	Version          string `json:"version" yaml:"version"`
 	AvailableVersion string `json:"upgrade-available,omitempty" yaml:"upgrade-available,omitempty"`
 }
 
@@ -61,32 +65,38 @@
 	return machineStatusNoMarshal(s), nil
 }
 
-type serviceStatus struct {
+type applicationStatus struct {
 	Err           error                 `json:"-" yaml:",omitempty"`
 	Charm         string                `json:"charm" yaml:"charm"`
+	Series        string                `json:"series"`
+	OS            string                `json:"os"`
+	CharmOrigin   string                `json:"charm-origin" yaml:"charm-origin"`
+	CharmName     string                `json:"charm-name" yaml:"charm-name"`
+	CharmRev      int                   `json:"charm-rev" yaml:"charm-rev"`
 	CanUpgradeTo  string                `json:"can-upgrade-to,omitempty" yaml:"can-upgrade-to,omitempty"`
 	Exposed       bool                  `json:"exposed" yaml:"exposed"`
 	Life          string                `json:"life,omitempty" yaml:"life,omitempty"`
-	StatusInfo    statusInfoContents    `json:"service-status,omitempty" yaml:"service-status"`
+	StatusInfo    statusInfoContents    `json:"application-status,omitempty" yaml:"application-status"`
 	Relations     map[string][]string   `json:"relations,omitempty" yaml:"relations,omitempty"`
 	SubordinateTo []string              `json:"subordinate-to,omitempty" yaml:"subordinate-to,omitempty"`
 	Units         map[string]unitStatus `json:"units,omitempty" yaml:"units,omitempty"`
+	Version       string                `json:"version,omitempty" yaml:"version,omitempty"`
 }
 
-type serviceStatusNoMarshal serviceStatus
+type applicationStatusNoMarshal applicationStatus
 
-func (s serviceStatus) MarshalJSON() ([]byte, error) {
+func (s applicationStatus) MarshalJSON() ([]byte, error) {
 	if s.Err != nil {
 		return json.Marshal(errorStatus{s.Err.Error()})
 	}
-	return json.Marshal(serviceStatusNoMarshal(s))
+	return json.Marshal(applicationStatusNoMarshal(s))
 }
 
-func (s serviceStatus) MarshalYAML() (interface{}, error) {
+func (s applicationStatus) MarshalYAML() (interface{}, error) {
 	if s.Err != nil {
 		return errorStatus{s.Err.Error()}, nil
 	}
-	return serviceStatusNoMarshal(s), nil
+	return applicationStatusNoMarshal(s), nil
 }
 
 type meterStatus struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/formatter.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/formatter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/formatter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/formatter.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,11 @@
 package status
 
 import (
+	"strings"
+
+	"github.com/juju/utils/series"
+	"gopkg.in/juju/charm.v6-unstable"
+
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/common"
 	"github.com/juju/juju/state/multiwatcher"
@@ -11,18 +16,24 @@
 )
 
 type statusFormatter struct {
-	status    *params.FullStatus
-	relations map[int]params.RelationStatus
-	isoTime   bool
+	status         *params.FullStatus
+	controllerName string
+	relations      map[int]params.RelationStatus
+	isoTime        bool
 }
 
 // NewStatusFormatter takes stored model information (params.FullStatus) and populates
 // the statusFormatter struct used in various status formatting methods
 func NewStatusFormatter(status *params.FullStatus, isoTime bool) *statusFormatter {
+	return newStatusFormatter(status, "", isoTime)
+}
+
+func newStatusFormatter(status *params.FullStatus, controllerName string, isoTime bool) *statusFormatter {
 	sf := statusFormatter{
-		status:    status,
-		relations: make(map[int]params.RelationStatus),
-		isoTime:   isoTime,
+		status:         status,
+		controllerName: controllerName,
+		relations:      make(map[int]params.RelationStatus),
+		isoTime:        isoTime,
 	}
 	for _, relation := range status.Relations {
 		sf.relations[relation.Id] = relation
@@ -35,21 +46,22 @@
 		return formattedStatus{}
 	}
 	out := formattedStatus{
-		Model:    sf.status.ModelName,
-		Machines: make(map[string]machineStatus),
-		Services: make(map[string]serviceStatus),
+		Model: modelStatus{
+			Name:             sf.status.Model.Name,
+			Controller:       sf.controllerName,
+			Cloud:            sf.status.Model.Cloud,
+			CloudRegion:      sf.status.Model.CloudRegion,
+			Version:          sf.status.Model.Version,
+			AvailableVersion: sf.status.Model.AvailableVersion,
+		},
+		Machines:     make(map[string]machineStatus),
+		Applications: make(map[string]applicationStatus),
 	}
-	if sf.status.AvailableVersion != "" {
-		out.ModelStatus = &modelStatus{
-			AvailableVersion: sf.status.AvailableVersion,
-		}
-	}
-
 	for k, m := range sf.status.Machines {
 		out.Machines[k] = sf.formatMachine(m)
 	}
-	for sn, s := range sf.status.Services {
-		out.Services[sn] = sf.formatService(sn, s)
+	for sn, s := range sf.status.Applications {
+		out.Applications[sn] = sf.formatApplication(sn, s)
 	}
 	return out
 }
@@ -60,7 +72,7 @@
 		return formattedMachineStatus{}
 	}
 	out := formattedMachineStatus{
-		Model:    sf.status.ModelName,
+		Model:    sf.status.Model.Name,
 		Machines: make(map[string]machineStatus),
 	}
 	for k, m := range sf.status.Machines {
@@ -104,33 +116,63 @@
 	return out
 }
 
-func (sf *statusFormatter) formatService(name string, service params.ServiceStatus) serviceStatus {
-	out := serviceStatus{
-		Err:           service.Err,
-		Charm:         service.Charm,
-		Exposed:       service.Exposed,
-		Life:          service.Life,
-		Relations:     service.Relations,
-		CanUpgradeTo:  service.CanUpgradeTo,
-		SubordinateTo: service.SubordinateTo,
+func (sf *statusFormatter) formatApplication(name string, application params.ApplicationStatus) applicationStatus {
+	appOS, _ := series.GetOSFromSeries(application.Series)
+	var (
+		charmOrigin = ""
+		charmName   = ""
+		charmRev    = 0
+	)
+	if curl, err := charm.ParseURL(application.Charm); err != nil {
+		// We should never fail to parse a charm url sent back
+		// but if we do, don't crash.
+		logger.Errorf("failed to parse charm: %v", err)
+	} else {
+		switch curl.Schema {
+		case "cs":
+			charmOrigin = "jujucharms"
+		case "local":
+			charmOrigin = "local"
+		default:
+			charmOrigin = "unknown"
+		}
+		charmName = curl.Name
+		charmRev = curl.Revision
+	}
+
+	out := applicationStatus{
+		Err:           application.Err,
+		Charm:         application.Charm,
+		Series:        application.Series,
+		OS:            strings.ToLower(appOS.String()),
+		CharmOrigin:   charmOrigin,
+		CharmName:     charmName,
+		CharmRev:      charmRev,
+		Exposed:       application.Exposed,
+		Life:          application.Life,
+		Relations:     application.Relations,
+		CanUpgradeTo:  application.CanUpgradeTo,
+		SubordinateTo: application.SubordinateTo,
 		Units:         make(map[string]unitStatus),
-		StatusInfo:    sf.getServiceStatusInfo(service),
+		StatusInfo:    sf.getServiceStatusInfo(application),
+		Version:       application.WorkloadVersion,
 	}
-	for k, m := range service.Units {
+	for k, m := range application.Units {
 		out.Units[k] = sf.formatUnit(unitFormatInfo{
-			unit:          m,
-			unitName:      k,
-			serviceName:   name,
-			meterStatuses: service.MeterStatuses,
+			unit:            m,
+			unitName:        k,
+			applicationName: name,
+			meterStatuses:   application.MeterStatuses,
 		})
 	}
 	return out
 }
 
-func (sf *statusFormatter) getServiceStatusInfo(service params.ServiceStatus) statusInfoContents {
+func (sf *statusFormatter) getServiceStatusInfo(service params.ApplicationStatus) statusInfoContents {
+	// TODO(perrito66) add status validation.
 	info := statusInfoContents{
 		Err:     service.Status.Err,
-		Current: service.Status.Status,
+		Current: status.Status(service.Status.Status),
 		Message: service.Status.Info,
 		Version: service.Status.Version,
 	}
@@ -141,15 +183,15 @@
 }
 
 type unitFormatInfo struct {
-	unit          params.UnitStatus
-	unitName      string
-	serviceName   string
-	meterStatuses map[string]params.MeterStatus
+	unit            params.UnitStatus
+	unitName        string
+	applicationName string
+	meterStatuses   map[string]params.MeterStatus
 }
 
 func (sf *statusFormatter) formatUnit(info unitFormatInfo) unitStatus {
 	// TODO(Wallyworld) - this should be server side but we still need to support older servers.
-	sf.updateUnitStatusInfo(&info.unit, info.serviceName)
+	sf.updateUnitStatusInfo(&info.unit, info.applicationName)
 
 	out := unitStatus{
 		WorkloadStatusInfo: sf.getWorkloadStatusInfo(info.unit),
@@ -170,19 +212,20 @@
 
 	for k, m := range info.unit.Subordinates {
 		out.Subordinates[k] = sf.formatUnit(unitFormatInfo{
-			unit:          m,
-			unitName:      k,
-			serviceName:   info.serviceName,
-			meterStatuses: info.meterStatuses,
+			unit:            m,
+			unitName:        k,
+			applicationName: info.applicationName,
+			meterStatuses:   info.meterStatuses,
 		})
 	}
 	return out
 }
 
 func (sf *statusFormatter) getStatusInfoContents(inst params.DetailedStatus) statusInfoContents {
+	// TODO(perrito66) add status validation.
 	info := statusInfoContents{
 		Err:     inst.Err,
-		Current: inst.Status,
+		Current: status.Status(inst.Status),
 		Message: inst.Info,
 		Version: inst.Version,
 		Life:    inst.Life,
@@ -194,9 +237,10 @@
 }
 
 func (sf *statusFormatter) getWorkloadStatusInfo(unit params.UnitStatus) statusInfoContents {
+	// TODO(perrito66) add status validation.
 	info := statusInfoContents{
 		Err:     unit.WorkloadStatus.Err,
-		Current: unit.WorkloadStatus.Status,
+		Current: status.Status(unit.WorkloadStatus.Status),
 		Message: unit.WorkloadStatus.Info,
 		Version: unit.WorkloadStatus.Version,
 	}
@@ -207,9 +251,10 @@
 }
 
 func (sf *statusFormatter) getAgentStatusInfo(unit params.UnitStatus) statusInfoContents {
+	// TODO(perrito66) add status validation.
 	info := statusInfoContents{
 		Err:     unit.AgentStatus.Err,
-		Current: unit.AgentStatus.Status,
+		Current: status.Status(unit.AgentStatus.Status),
 		Message: unit.AgentStatus.Info,
 		Version: unit.AgentStatus.Version,
 	}
@@ -219,11 +264,12 @@
 	return info
 }
 
-func (sf *statusFormatter) updateUnitStatusInfo(unit *params.UnitStatus, serviceName string) {
-	if unit.WorkloadStatus.Status == status.StatusError {
+func (sf *statusFormatter) updateUnitStatusInfo(unit *params.UnitStatus, applicationName string) {
+	// TODO(perrito66) add status validation.
+	if status.Status(unit.WorkloadStatus.Status) == status.StatusError {
 		if relation, ok := sf.relations[getRelationIdFromData(unit)]; ok {
 			// Append the details of the other endpoint on to the status info string.
-			if ep, ok := findOtherEndpoint(relation.Endpoints, serviceName); ok {
+			if ep, ok := findOtherEndpoint(relation.Endpoints, applicationName); ok {
 				unit.WorkloadStatus.Info = unit.WorkloadStatus.Info + " for " + ep.String()
 			}
 		}
@@ -258,11 +304,11 @@
 }
 
 // findOtherEndpoint searches the provided endpoints for an endpoint
-// that *doesn't* match serviceName. The returned bool indicates if
+// that *doesn't* match applicationName. The returned bool indicates if
 // such an endpoint was found.
-func findOtherEndpoint(endpoints []params.EndpointStatus, serviceName string) (params.EndpointStatus, bool) {
+func findOtherEndpoint(endpoints []params.EndpointStatus, applicationName string) (params.EndpointStatus, bool) {
 	for _, endpoint := range endpoints {
-		if endpoint.ServiceName != serviceName {
+		if endpoint.ApplicationName != applicationName {
 			return endpoint, true
 		}
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/history.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/history.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/history.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/history.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,15 +7,17 @@
 	"fmt"
 	"os"
 	"strconv"
+	"time"
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
-	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/common"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/juju/osenv"
+	"github.com/juju/juju/status"
 )
 
 // NewStatusHistoryCommand returns a command that reports the history
@@ -26,11 +28,14 @@
 
 type statusHistoryCommand struct {
 	modelcmd.ModelCommandBase
-	out           cmd.Output
-	outputContent string
-	backlogSize   int
-	isoTime       bool
-	unitName      string
+	out             cmd.Output
+	outputContent   string
+	backlogSize     int
+	backlogSizeDays int
+	backlogDate     string
+	isoTime         bool
+	entityName      string
+	date            time.Time
 }
 
 var statusHistoryDoc = `
@@ -52,16 +57,18 @@
 func (c *statusHistoryCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "status-history",
-		Args:    "[-n N] [--type T] [--utc] <entity name>",
-		Purpose: "output past statuses for the passed entity",
+		Args:    "<entity name>",
+		Purpose: "Output past statuses for the specified entity.",
 		Doc:     statusHistoryDoc,
 	}
 }
 
 func (c *statusHistoryCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.StringVar(&c.outputContent, "type", "unit", "type of statuses to be displayed [agent|workload|combined|machine|machineInstance|container|containerinstance].")
-	f.IntVar(&c.backlogSize, "n", 20, "size of logs backlog.")
-	f.BoolVar(&c.isoTime, "utc", false, "display time as UTC in RFC3339 format")
+	f.StringVar(&c.outputContent, "type", "unit", "Type of statuses to be displayed [agent|workload|combined|machine|machineInstance|container|containerinstance]")
+	f.IntVar(&c.backlogSize, "n", 0, "Returns the last N logs (cannot be combined with --days or --date)")
+	f.IntVar(&c.backlogSizeDays, "days", 0, "Returns the logs for the past <days> days (cannot be combined with -n or --date)")
+	f.StringVar(&c.backlogDate, "date", "", "Returns logs for any date after the passed one, the expected date format is YYYY-MM-DD (cannot be combined with -n or --days)")
+	f.BoolVar(&c.isoTime, "utc", false, "Display time as UTC in RFC3339 format")
 }
 
 func (c *statusHistoryCommand) Init(args []string) error {
@@ -71,7 +78,7 @@
 	case len(args) == 0:
 		return errors.Errorf("entity name is missing.")
 	default:
-		c.unitName = args[0]
+		c.entityName = args[0]
 	}
 	// If use of ISO time not specified on command line,
 	// check env var.
@@ -84,11 +91,25 @@
 			}
 		}
 	}
-	kind := params.HistoryKind(c.outputContent)
-	switch kind {
-	case params.KindUnit, params.KindUnitAgent, params.KindWorkload,
-		params.KindMachineInstance, params.KindMachine, params.KindContainer,
-		params.KindContainerInstance:
+	emptyDate := c.backlogDate == ""
+	emptySize := c.backlogSize == 0
+	emptyDays := c.backlogSizeDays == 0
+	if emptyDate && emptySize && emptyDays {
+		c.backlogSize = 20
+	}
+	if (!emptyDays && !emptySize) || (!emptyDays && !emptyDate) || (!emptySize && !emptyDate) {
+		return errors.Errorf("backlog size, backlog date and backlog days back cannot be specified together")
+	}
+	if c.backlogDate != "" {
+		var err error
+		c.date, err = time.Parse("2006-01-02", c.backlogDate)
+		if err != nil {
+			return errors.Annotate(err, "parsing backlog date")
+		}
+	}
+
+	kind := status.HistoryKind(c.outputContent)
+	if kind.Valid() {
 		return nil
 	}
 	return errors.Errorf("unexpected status type %q", c.outputContent)
@@ -100,21 +121,54 @@
 		return errors.Trace(err)
 	}
 	defer apiclient.Close()
-	var statuses *params.StatusHistoryResults
-	kind := params.HistoryKind(c.outputContent)
-	statuses, err = apiclient.StatusHistory(kind, c.unitName, c.backlogSize)
+	kind := status.HistoryKind(c.outputContent)
+	var delta *time.Duration
+
+	if c.backlogSizeDays != 0 {
+		t := time.Duration(c.backlogSizeDays*24) * time.Hour
+		delta = &t
+	}
+	filterArgs := status.StatusHistoryFilter{
+		Size:  c.backlogSize,
+		Delta: delta,
+	}
+	if !c.date.IsZero() {
+		filterArgs.Date = &c.date
+	}
+	var tag names.Tag
+	switch kind {
+	case status.KindUnit, status.KindWorkload, status.KindUnitAgent:
+		if !names.IsValidUnit(c.entityName) {
+			return errors.Errorf("%q is not a valid name for a %s", c.entityName, kind)
+		}
+		tag = names.NewUnitTag(c.entityName)
+	default:
+		if names.IsValidMachine(c.entityName) {
+			return errors.Errorf("%q is not a valid name for a %s", c.entityName, kind)
+		}
+		tag = names.NewMachineTag(c.entityName)
+	}
+	statuses, err := apiclient.StatusHistory(kind, tag, filterArgs)
+	historyLen := len(statuses)
 	if err != nil {
-		if len(statuses.Statuses) == 0 {
+		if historyLen == 0 {
 			return errors.Trace(err)
 		}
 		// Display any error, but continue to print status if some was returned
 		fmt.Fprintf(ctx.Stderr, "%v\n", err)
-	} else if len(statuses.Statuses) == 0 {
+	}
+
+	if historyLen == 0 {
 		return errors.Errorf("no status history available")
 	}
+
 	table := [][]string{{"TIME", "TYPE", "STATUS", "MESSAGE"}}
 	lengths := []int{1, 1, 1, 1}
-	for _, v := range statuses.Statuses {
+
+	statuses = statuses.SquashLogs(1)
+	statuses = statuses.SquashLogs(2)
+	statuses = statuses.SquashLogs(3)
+	for _, v := range statuses {
 		fields := []string{common.FormatTime(v.Since, c.isoTime), string(v.Kind), string(v.Status), v.Info}
 		for k, v := range fields {
 			if len(v) > lengths[k] {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/output_oneline.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/output_oneline.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/output_oneline.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/output_oneline.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,8 +49,8 @@
 		printf(&out, format, uName, u, level)
 	}
 
-	for _, svcName := range common.SortStringsNaturally(stringKeysFromMap(fs.Services)) {
-		svc := fs.Services[svcName]
+	for _, svcName := range common.SortStringsNaturally(stringKeysFromMap(fs.Applications)) {
+		svc := fs.Applications[svcName]
 		for _, uName := range common.SortStringsNaturally(stringKeysFromMap(svc.Units)) {
 			unit := svc.Units[uName]
 			pprint(uName, unit, 0)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/output_summary.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/output_summary.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/output_summary.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/output_summary.go	2016-07-18 19:45:44.000000000 +0000
@@ -25,7 +25,7 @@
 // - Sections:
 //   - Machines: Displays total #, and then the # in each state.
 //   - Units: Displays total #, and then # in each state.
-//   - Services: Displays total #, their names, and how many of each
+//   - Applications: Displays total #, their names, and how many of each
 //     are exposed.
 func FormatSummary(value interface{}) ([]byte, error) {
 	fs, valueConverted := value.(formattedStatus)
@@ -35,7 +35,7 @@
 
 	f := newSummaryFormatter()
 	stateToMachine := f.aggregateMachineStates(fs.Machines)
-	svcExposure := f.aggregateServiceAndUnitStates(fs.Services)
+	svcExposure := f.aggregateServiceAndUnitStates(fs.Applications)
 	p := f.delimitValuesWithTabs
 
 	// Print everything out
@@ -53,7 +53,7 @@
 	f.printStateToCount(f.stateToUnit)
 	p(" ")
 
-	p("# SERVICES:", fmt.Sprintf(" (%d)", len(fs.Services)))
+	p("# APPLICATIONS:", fmt.Sprintf(" (%d)", len(fs.Applications)))
 	for _, svcName := range common.SortStringsNaturally(stringKeysFromMap(svcExposure)) {
 		s := svcExposure[svcName]
 		p(svcName, fmt.Sprintf("%d/%d\texposed", s[true], s[true]+s[false]))
@@ -169,7 +169,7 @@
 	return stateToMachine
 }
 
-func (f *summaryFormatter) aggregateServiceAndUnitStates(services map[string]serviceStatus) map[string]map[bool]int {
+func (f *summaryFormatter) aggregateServiceAndUnitStates(services map[string]applicationStatus) map[string]map[bool]int {
 	svcExposure := make(map[string]map[bool]int)
 	for _, name := range common.SortStringsNaturally(stringKeysFromMap(services)) {
 		s := services[name]
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/output_tabular.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/output_tabular.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/output_tabular.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/output_tabular.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,6 +6,7 @@
 import (
 	"bytes"
 	"fmt"
+	"io"
 	"regexp"
 	"sort"
 	"strings"
@@ -21,16 +22,16 @@
 )
 
 type statusRelation struct {
-	service1    string
-	service2    string
-	relation    string
-	subordinate bool
+	application1 string
+	application2 string
+	relation     string
+	subordinate  bool
 }
 
 func (s *statusRelation) relationType() string {
 	if s.subordinate {
 		return "subordinate"
-	} else if s.service1 == s.service2 {
+	} else if s.application1 == s.application2 {
 		return "peer"
 	}
 	return "regular"
@@ -59,10 +60,10 @@
 	}
 	k := strings.Join(rel, "\t")
 	r.relations[k] = &statusRelation{
-		service1:    rel[0],
-		service2:    rel[1],
-		relation:    relation,
-		subordinate: is2SubOf1,
+		application1: rel[0],
+		application2: rel[1],
+		relation:     relation,
+		subordinate:  is2SubOf1,
 	}
 	r.relationIndex.Add(k)
 }
@@ -75,69 +76,111 @@
 	return r.relations[k]
 }
 
-// FormatTabular returns a tabular summary of machines, services, and
+func printHelper(tw *tabwriter.Writer) func(...interface{}) {
+	return func(values ...interface{}) {
+		for i, v := range values {
+			if i != len(values)-1 {
+				fmt.Fprintf(tw, "%v\t", v)
+			} else {
+				fmt.Fprintf(tw, "%v", v)
+			}
+		}
+		fmt.Fprintln(tw)
+	}
+}
+
+func getTabWriter(out io.Writer) *tabwriter.Writer {
+	padding := 2
+	return tabwriter.NewWriter(out, 0, 1, padding, ' ', 0)
+}
+
+// FormatTabular returns a tabular summary of machines, applications, and
 // units. Any subordinate items are indented by two spaces beneath
 // their superior.
 func FormatTabular(value interface{}) ([]byte, error) {
+	const maxVersionWidth = 7
+	const ellipsis = "..."
+	const truncatedWidth = maxVersionWidth - len(ellipsis)
+
 	fs, valueConverted := value.(formattedStatus)
 	if !valueConverted {
 		return nil, errors.Errorf("expected value of type %T, got %T", fs, value)
 	}
 	var out bytes.Buffer
 	// To format things into columns.
-	tw := tabwriter.NewWriter(&out, 0, 1, 1, ' ', 0)
-	p := func(values ...interface{}) {
-		for _, v := range values {
-			fmt.Fprintf(tw, "%s\t", v)
-		}
-		fmt.Fprintln(tw)
+	tw := getTabWriter(&out)
+	p := printHelper(tw)
+	outputHeaders := func(values ...interface{}) {
+		p()
+		p(values...)
 	}
 
-	if envStatus := fs.ModelStatus; envStatus != nil {
-		p("[Model]")
-		if envStatus.AvailableVersion != "" {
-			p("UPGRADE-AVAILABLE")
-			p(envStatus.AvailableVersion)
-		}
-		p()
-		tw.Flush()
+	cloudRegion := fs.Model.Cloud
+	if fs.Model.CloudRegion != "" {
+		cloudRegion += "/" + fs.Model.CloudRegion
 	}
 
+	header := []interface{}{"MODEL", "CONTROLLER", "CLOUD/REGION", "VERSION"}
+	values := []interface{}{fs.Model.Name, fs.Model.Controller, cloudRegion, fs.Model.Version}
+	if fs.Model.AvailableVersion != "" {
+		header = append(header, "UPGRADE-AVAILABLE")
+		values = append(values, fs.Model.AvailableVersion)
+	}
+	// The first set of headers don't use outputHeaders because it adds the blank line.
+	p(header...)
+	p(values...)
+
 	units := make(map[string]unitStatus)
 	metering := false
 	relations := newRelationFormatter()
-	p("[Services]")
-	p("NAME\tSTATUS\tEXPOSED\tCHARM")
-	for _, svcName := range common.SortStringsNaturally(stringKeysFromMap(fs.Services)) {
-		svc := fs.Services[svcName]
-		for un, u := range svc.Units {
+	outputHeaders("APP", "VERSION", "STATUS", "EXPOSED", "ORIGIN", "CHARM", "REV", "OS")
+	for _, appName := range common.SortStringsNaturally(stringKeysFromMap(fs.Applications)) {
+		app := fs.Applications[appName]
+		version := app.Version
+		// Don't let a long version push out the version column.
+		if len(version) > maxVersionWidth {
+			version = version[:truncatedWidth] + ellipsis
+		}
+		p(appName,
+			version,
+			app.StatusInfo.Current,
+			fmt.Sprintf("%t", app.Exposed),
+			app.CharmOrigin,
+			app.CharmName,
+			app.CharmRev,
+			app.OS)
+
+		for un, u := range app.Units {
 			units[un] = u
 			if u.MeterStatus != nil {
 				metering = true
 			}
 		}
 
-		subs := set.NewStrings(svc.SubordinateTo...)
-		p(svcName, svc.StatusInfo.Current, fmt.Sprintf("%t", svc.Exposed), svc.Charm)
-		for relType, relatedUnits := range svc.Relations {
-			for _, related := range relatedUnits {
-				relations.add(related, svcName, relType, subs.Contains(related))
+		// Ensure that we pick a consistent name for peer relations.
+		sortedRelTypes := make([]string, 0, len(app.Relations))
+		for relType := range app.Relations {
+			sortedRelTypes = append(sortedRelTypes, relType)
+		}
+		sort.Strings(sortedRelTypes)
+
+		subs := set.NewStrings(app.SubordinateTo...)
+		for _, relType := range sortedRelTypes {
+			for _, related := range app.Relations[relType] {
+				relations.add(related, appName, relType, subs.Contains(related))
 			}
 		}
 
 	}
 	if relations.len() > 0 {
-		p()
-		p("[Relations]")
-		p("SERVICE1\tSERVICE2\tRELATION\tTYPE")
+		outputHeaders("RELATION", "PROVIDES", "CONSUMES", "TYPE")
 		for _, k := range relations.sorted() {
 			r := relations.get(k)
 			if r != nil {
-				p(r.service1, r.service2, r.relation, r.relationType())
+				p(r.relation, r.application1, r.application2, r.relationType())
 			}
 		}
 	}
-	tw.Flush()
 
 	pUnit := func(name string, u unitStatus, level int) {
 		message := u.WorkloadStatusInfo.Message
@@ -149,7 +192,6 @@
 			indent("", level*2, name),
 			u.WorkloadStatusInfo.Current,
 			u.JujuStatusInfo.Current,
-			u.JujuStatusInfo.Version,
 			u.Machine,
 			strings.Join(u.OpenedPorts, ","),
 			u.PublicAddress,
@@ -157,21 +199,16 @@
 		)
 	}
 
-	header := []string{"ID", "WORKLOAD-STATUS", "JUJU-STATUS", "VERSION", "MACHINE", "PORTS", "PUBLIC-ADDRESS", "MESSAGE"}
-
-	p("\n[Units]")
-	p(strings.Join(header, "\t"))
+	outputHeaders("UNIT", "WORKLOAD", "AGENT", "MACHINE", "PORTS", "PUBLIC-ADDRESS", "MESSAGE")
 	for _, name := range common.SortStringsNaturally(stringKeysFromMap(units)) {
 		u := units[name]
 		pUnit(name, u, 0)
 		const indentationLevel = 1
 		recurseUnits(u, indentationLevel, pUnit)
 	}
-	tw.Flush()
 
 	if metering {
-		p("\n[Metering]")
-		p("ID\tSTATUS\tMESSAGE")
+		outputHeaders("METER", "STATUS", "MESSAGE")
 		for _, name := range common.SortStringsNaturally(stringKeysFromMap(units)) {
 			u := units[name]
 			if u.MeterStatus != nil {
@@ -180,10 +217,8 @@
 		}
 	}
 
-	p("\n[Machines]")
-	p("ID\tSTATE\tDNS\tINS-ID\tSERIES\tAZ")
-	for _, name := range common.SortStringsNaturally(stringKeysFromMap(fs.Machines)) {
-		m := fs.Machines[name]
+	var pMachine func(machineStatus)
+	pMachine = func(m machineStatus) {
 		// We want to display availability zone so extract from hardware info".
 		hw, err := instance.ParseHardware(m.Hardware)
 		if err != nil {
@@ -194,11 +229,41 @@
 			az = *hw.AvailabilityZone
 		}
 		p(m.Id, m.JujuStatus.Current, m.DNSName, m.InstanceId, m.Series, az)
+		for _, name := range common.SortStringsNaturally(stringKeysFromMap(m.Containers)) {
+			pMachine(m.Containers[name])
+		}
 	}
+
+	p()
+	printMachines(tw, fs.Machines)
 	tw.Flush()
 	return out.Bytes(), nil
 }
 
+func printMachines(tw *tabwriter.Writer, machines map[string]machineStatus) {
+	p := printHelper(tw)
+	p("MACHINE", "STATE", "DNS", "INS-ID", "SERIES", "AZ")
+	for _, name := range common.SortStringsNaturally(stringKeysFromMap(machines)) {
+		printMachine(p, machines[name], "")
+	}
+}
+
+func printMachine(p func(...interface{}), m machineStatus, prefix string) {
+	// We want to display availability zone so extract from hardware info".
+	hw, err := instance.ParseHardware(m.Hardware)
+	if err != nil {
+		logger.Warningf("invalid hardware info %s for machine %v", m.Hardware, m)
+	}
+	az := ""
+	if hw.AvailabilityZone != nil {
+		az = *hw.AvailabilityZone
+	}
+	p(prefix+m.Id, m.JujuStatus.Current, m.DNSName, m.InstanceId, m.Series, az)
+	for _, name := range common.SortStringsNaturally(stringKeysFromMap(m.Containers)) {
+		printMachine(p, m.Containers[name], prefix+"  ")
+	}
+}
+
 // FormatMachineTabular returns a tabular summary of machine
 func FormatMachineTabular(value interface{}) ([]byte, error) {
 	fs, valueConverted := value.(formattedMachineStatus)
@@ -207,29 +272,9 @@
 	}
 	var out bytes.Buffer
 	// To format things into columns.
-	tw := tabwriter.NewWriter(&out, 0, 1, 1, ' ', 0)
-	p := func(values ...interface{}) {
-		for _, v := range values {
-			fmt.Fprintf(tw, "%s\t", v)
-		}
-		fmt.Fprintln(tw)
-	}
+	tw := getTabWriter(&out)
 
-	p("\n[Machines]")
-	p("ID\tSTATE\tDNS\tINS-ID\tSERIES\tAZ")
-	for _, name := range common.SortStringsNaturally(stringKeysFromMap(fs.Machines)) {
-		m := fs.Machines[name]
-		// We want to display availability zone so extract from hardware info".
-		hw, err := instance.ParseHardware(m.Hardware)
-		if err != nil {
-			logger.Warningf("invalid hardware info %s for machine %v", m.Hardware, m)
-		}
-		az := ""
-		if hw.AvailabilityZone != nil {
-			az = *hw.AvailabilityZone
-		}
-		p(m.Id, m.JujuStatus.Current, m.DNSName, m.InstanceId, m.Series, az)
-	}
+	printMachines(tw, fs.Machines)
 	tw.Flush()
 
 	return out.Bytes(), nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/status.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,14 +40,14 @@
 }
 
 var usageSummary = `
-Displays the current status of Juju, services, and units.`[1:]
+Displays the current status of Juju, applications, and units.`[1:]
 
 var usageDetails = `
-By default (without argument), the status of Juju and all services and all
+By default (without argument), the status of Juju and all applications and all
 units will be displayed. 
-Service or unit names may be used as output filters (the '*' can be used
+Application or unit names may be used as output filters (the '*' can be used
 as a wildcard character).  
-In addition to matched services and units, related machines, services, and
+In addition to matched applications and units, related machines, applications, and
 units will also be displayed. If a subordinate unit is matched, then its
 principal unit will be displayed. If a principal unit is matched, then all
 of its subordinates will be displayed. 
@@ -58,13 +58,13 @@
            Also displays aggregate information about:
            - MACHINES: total #, and # in each state.
            - UNITS: total #, and # in each state.
-           - SERVICES: total #, and # exposed of each service.
+           - APPLICATIONS: total #, and # exposed of each application.
 - tabular (default): Displays information in a tabular format in these sections:
            - Machines: ID, STATE, DNS, INS-ID, SERIES, AZ
-           - Services: NAME, EXPOSED, CHARM
+           - Applications: NAME, EXPOSED, CHARM
            - Units: ID, STATE, VERSION, MACHINE, PORTS, PUBLIC-ADDRESS
              - Also displays subordinate units.
-- yaml: Displays information on machines, services, and units in yaml format.
+- yaml: Displays information on machines, applications, and units in yaml format.
 Note: AZ above is the cloud region's availability zone.
 
 Examples:
@@ -138,7 +138,7 @@
 		return errors.Errorf("unable to obtain the current status")
 	}
 
-	formatter := NewStatusFormatter(status, c.isoTime)
+	formatter := newStatusFormatter(status, c.ControllerName(), c.isoTime)
 	formatted := formatter.format()
 	return c.out.Write(ctx, formatted)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/status_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/status_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/status/status_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/status/status_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,7 @@
 package status
 
 import (
+	"bufio"
 	"bytes"
 	"encoding/json"
 	"fmt"
@@ -33,14 +34,13 @@
 	"github.com/juju/juju/status"
 	"github.com/juju/juju/testcharms"
 	coretesting "github.com/juju/juju/testing"
-	jujuversion "github.com/juju/juju/version"
+	coreversion "github.com/juju/juju/version"
 )
 
-func nextVersion() version.Number {
-	ver := jujuversion.Current
-	ver.Patch++
-	return ver
-}
+var (
+	currentVersion = version.Number{Major: 1, Minor: 2, Patch: 3}
+	nextVersion    = version.Number{Major: 1, Minor: 2, Patch: 4}
+)
 
 func runStatus(c *gc.C, args ...string) (code int, stdout, stderr []byte) {
 	ctx := coretesting.Context(c)
@@ -56,6 +56,18 @@
 
 var _ = gc.Suite(&StatusSuite{})
 
+func (s *StatusSuite) SetUpSuite(c *gc.C) {
+	s.JujuConnSuite.SetUpSuite(c)
+	s.PatchValue(&coreversion.Current, currentVersion)
+}
+
+func (s *StatusSuite) SetUpTest(c *gc.C) {
+	s.ConfigAttrs = map[string]interface{}{
+		"agent-version": currentVersion.String(),
+	}
+	s.JujuConnSuite.SetUpTest(c)
+}
+
 type M map[string]interface{}
 
 type L []interface{}
@@ -77,7 +89,7 @@
 // context
 //
 
-func newContext(c *gc.C, st *state.State, env environs.Environ, adminUserTag string) *context {
+func newContext(st *state.State, env environs.Environ, adminUserTag string) *context {
 	// We make changes in the API server's state so that
 	// our changes to presence are immediately noticed
 	// in the status.
@@ -132,7 +144,7 @@
 	// We make changes in the API server's state so that
 	// our changes to presence are immediately noticed
 	// in the status.
-	return newContext(c, st, s.Environ, s.AdminUserTag(c).String())
+	return newContext(st, s.Environ, s.AdminUserTag(c).String())
 }
 
 func (s *StatusSuite) resetContext(c *gc.C, ctx *context) {
@@ -142,13 +154,20 @@
 
 // shortcuts for expected output.
 var (
+	model = M{
+		"name":       "controller",
+		"controller": "kontroll",
+		"cloud":      "dummy",
+		"version":    "1.2.3",
+	}
+
 	machine0 = M{
 		"juju-status": M{
 			"current": "started",
 			"since":   "01 Apr 15 01:23+10:00",
 		},
-		"dns-name":    "admin-0.dns",
-		"instance-id": "admin-0",
+		"dns-name":    "controller-0.dns",
+		"instance-id": "controller-0",
 		"machine-status": M{
 			"current": "pending",
 			"since":   "01 Apr 15 01:23+10:00",
@@ -162,8 +181,8 @@
 			"current": "started",
 			"since":   "01 Apr 15 01:23+10:00",
 		},
-		"dns-name":    "admin-1.dns",
-		"instance-id": "admin-1",
+		"dns-name":    "controller-1.dns",
+		"instance-id": "controller-1",
 		"machine-status": M{
 			"current": "pending",
 			"since":   "01 Apr 15 01:23+10:00",
@@ -176,8 +195,8 @@
 			"current": "started",
 			"since":   "01 Apr 15 01:23+10:00",
 		},
-		"dns-name":    "admin-2.dns",
-		"instance-id": "admin-2",
+		"dns-name":    "controller-2.dns",
+		"instance-id": "controller-2",
 		"machine-status": M{
 			"current": "pending",
 			"since":   "01 Apr 15 01:23+10:00",
@@ -190,8 +209,8 @@
 			"current": "started",
 			"since":   "01 Apr 15 01:23+10:00",
 		},
-		"dns-name":    "admin-3.dns",
-		"instance-id": "admin-3",
+		"dns-name":    "controller-3.dns",
+		"instance-id": "controller-3",
 		"machine-status": M{
 			"current": "pending",
 			"since":   "01 Apr 15 01:23+10:00",
@@ -204,8 +223,8 @@
 			"current": "started",
 			"since":   "01 Apr 15 01:23+10:00",
 		},
-		"dns-name":    "admin-4.dns",
-		"instance-id": "admin-4",
+		"dns-name":    "controller-4.dns",
+		"instance-id": "controller-4",
 		"machine-status": M{
 			"current": "pending",
 			"since":   "01 Apr 15 01:23+10:00",
@@ -219,19 +238,19 @@
 			"since":   "01 Apr 15 01:23+10:00",
 		},
 		"containers": M{
-			"1/lxc/0": M{
+			"1/lxd/0": M{
 				"juju-status": M{
 					"current": "started",
 					"since":   "01 Apr 15 01:23+10:00",
 				},
 				"containers": M{
-					"1/lxc/0/lxc/0": M{
+					"1/lxd/0/lxd/0": M{
 						"juju-status": M{
 							"current": "started",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
-						"dns-name":    "admin-3.dns",
-						"instance-id": "admin-3",
+						"dns-name":    "controller-3.dns",
+						"instance-id": "controller-3",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -239,15 +258,15 @@
 						"series": "quantal",
 					},
 				},
-				"dns-name":    "admin-2.dns",
-				"instance-id": "admin-2",
+				"dns-name":    "controller-2.dns",
+				"instance-id": "controller-2",
 				"machine-status": M{
 					"current": "pending",
 					"since":   "01 Apr 15 01:23+10:00",
 				},
 				"series": "quantal",
 			},
-			"1/lxc/1": M{
+			"1/lxd/1": M{
 				"juju-status": M{
 					"current": "pending",
 					"since":   "01 Apr 15 01:23+10:00",
@@ -260,8 +279,8 @@
 				"series": "quantal",
 			},
 		},
-		"dns-name":    "admin-1.dns",
-		"instance-id": "admin-1",
+		"dns-name":    "controller-1.dns",
+		"instance-id": "controller-1",
 		"machine-status": M{
 			"current": "pending",
 			"since":   "01 Apr 15 01:23+10:00",
@@ -270,23 +289,35 @@
 		"series":   "quantal",
 		"hardware": "arch=amd64 cpu-cores=1 mem=1024M root-disk=8192M",
 	}
-	unexposedService = M{
-		"service-status": M{
+	unexposedService = dummyCharm(M{
+		"application-status": M{
 			"current": "unknown",
 			"message": "Waiting for agent initialization to finish",
 			"since":   "01 Apr 15 01:23+10:00",
 		},
-		"charm":   "cs:quantal/dummy-1",
-		"exposed": false,
-	}
-	exposedService = M{
-		"service-status": M{
+	})
+	exposedService = dummyCharm(M{
+		"application-status": M{
 			"current": "unknown",
 			"message": "Waiting for agent initialization to finish",
 			"since":   "01 Apr 15 01:23+10:00",
 		},
-		"charm":   "cs:quantal/dummy-1",
 		"exposed": true,
+	})
+	loggingCharm = M{
+		"charm":              "cs:quantal/logging-1",
+		"charm-origin":       "jujucharms",
+		"charm-name":         "logging",
+		"charm-rev":          1,
+		"series":             "quantal",
+		"os":                 "ubuntu",
+		"exposed":            true,
+		"application-status": M{},
+		"relations": M{
+			"logging-directory": L{"wordpress"},
+			"info":              L{"mysql"},
+		},
+		"subordinate-to": L{"mysql", "wordpress"},
 	}
 )
 
@@ -314,7 +345,7 @@
 		expect{
 			"simulate juju bootstrap by adding machine/0 to the state",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"juju-status": M{
@@ -330,27 +361,27 @@
 						"controller-member-status": "adding-vote",
 					},
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 
 		startAliveMachine{"0"},
 		setAddresses{"0", []network.Address{
 			network.NewAddress("10.0.0.1"),
-			network.NewScopedAddress("admin-0.dns", network.ScopePublic),
+			network.NewScopedAddress("controller-0.dns", network.ScopePublic),
 		}},
 		expect{
 			"simulate the PA starting an instance in response to the state change",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"juju-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
-						"dns-name":    "admin-0.dns",
-						"instance-id": "admin-0",
+						"dns-name":    "controller-0.dns",
+						"instance-id": "controller-0",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -360,7 +391,7 @@
 						"controller-member-status": "adding-vote",
 					},
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 
@@ -368,11 +399,11 @@
 		expect{
 			"simulate the MA started and set the machine status",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 
@@ -380,11 +411,11 @@
 		expect{
 			"simulate the MA setting the version",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
-						"dns-name":    "admin-0.dns",
-						"instance-id": "admin-0",
+						"dns-name":    "controller-0.dns",
+						"instance-id": "controller-0",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -399,7 +430,7 @@
 						"controller-member-status": "adding-vote",
 					},
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 	),
@@ -408,22 +439,22 @@
 		addMachine{machineId: "0", cons: machineCons, job: state.JobManageModel},
 		setAddresses{"0", []network.Address{
 			network.NewAddress("10.0.0.1"),
-			network.NewScopedAddress("admin-0.dns", network.ScopePublic),
+			network.NewScopedAddress("controller-0.dns", network.ScopePublic),
 		}},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		expect{
 			"machine 0 has specific hardware characteristics",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"juju-status": M{
 							"current": "started",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
-						"dns-name":    "admin-0.dns",
-						"instance-id": "admin-0",
+						"dns-name":    "controller-0.dns",
+						"instance-id": "controller-0",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -433,7 +464,7 @@
 						"controller-member-status": "adding-vote",
 					},
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 	),
@@ -445,14 +476,14 @@
 		expect{
 			"machine 0 has no dns-name",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"juju-status": M{
 							"current": "started",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
-						"instance-id": "admin-0",
+						"instance-id": "controller-0",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -462,7 +493,7 @@
 						"controller-member-status": "adding-vote",
 					},
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 	),
@@ -472,7 +503,7 @@
 		expect{
 			"machine 0 reports pending",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"juju-status": M{
@@ -488,7 +519,7 @@
 						"controller-member-status": "adding-vote",
 					},
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 
@@ -496,7 +527,7 @@
 		expect{
 			"machine 0 reports missing",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"instance-id": "i-missing",
@@ -514,7 +545,7 @@
 						"controller-member-status": "adding-vote",
 					},
 				},
-				"services": M{},
+				"applications": M{},
 			},
 		},
 	),
@@ -522,103 +553,102 @@
 		"add two services and expose one, then add 2 more machines and some units",
 		// step 0
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addCharm{"dummy"},
-		addService{name: "dummy-service", charm: "dummy"},
-		addService{name: "exposed-service", charm: "dummy"},
+		addService{name: "dummy-application", charm: "dummy"},
+		addService{name: "exposed-application", charm: "dummy"},
 		expect{
-			"no services exposed yet",
+			"no applications exposed yet",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 				},
-				"services": M{
-					"dummy-service":   unexposedService,
-					"exposed-service": unexposedService,
+				"applications": M{
+					"dummy-application":   unexposedService,
+					"exposed-application": unexposedService,
 				},
 			},
 		},
 
 		// step 8
-		setServiceExposed{"exposed-service", true},
+		setServiceExposed{"exposed-application", true},
 		expect{
-			"one exposed service",
+			"one exposed application",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 				},
-				"services": M{
-					"dummy-service":   unexposedService,
-					"exposed-service": exposedService,
+				"applications": M{
+					"dummy-application":   unexposedService,
+					"exposed-application": exposedService,
 				},
 			},
 		},
 
 		// step 10
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addMachine{machineId: "2", job: state.JobHostUnits},
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
 		expect{
 			"two more machines added",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 					"2": machine2,
 				},
-				"services": M{
-					"dummy-service":   unexposedService,
-					"exposed-service": exposedService,
+				"applications": M{
+					"dummy-application":   unexposedService,
+					"exposed-application": exposedService,
 				},
 			},
 		},
 
 		// step 19
-		addAliveUnit{"dummy-service", "1"},
-		addAliveUnit{"exposed-service", "2"},
-		setAgentStatus{"exposed-service/0", status.StatusError, "You Require More Vespene Gas", nil},
+		addAliveUnit{"dummy-application", "1"},
+		addAliveUnit{"exposed-application", "2"},
+		setAgentStatus{"exposed-application/0", status.StatusError, "You Require More Vespene Gas", nil},
 		// Open multiple ports with different protocols,
 		// ensure they're sorted on protocol, then number.
-		openUnitPort{"exposed-service/0", "udp", 10},
-		openUnitPort{"exposed-service/0", "udp", 2},
-		openUnitPort{"exposed-service/0", "tcp", 3},
-		openUnitPort{"exposed-service/0", "tcp", 2},
+		openUnitPort{"exposed-application/0", "udp", 10},
+		openUnitPort{"exposed-application/0", "udp", 2},
+		openUnitPort{"exposed-application/0", "tcp", 3},
+		openUnitPort{"exposed-application/0", "tcp", 2},
 		// Simulate some status with no info, while the agent is down.
 		// Status used to be down, we no longer support said state.
 		// now is one of: pending, started, error.
-		setUnitStatus{"dummy-service/0", status.StatusTerminated, "", nil},
-		setAgentStatus{"dummy-service/0", status.StatusIdle, "", nil},
+		setUnitStatus{"dummy-application/0", status.StatusTerminated, "", nil},
+		setAgentStatus{"dummy-application/0", status.StatusIdle, "", nil},
 
 		expect{
 			"add two units, one alive (in error state), one started",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 					"2": machine2,
 				},
-				"services": M{
-					"exposed-service": M{
-						"charm":   "cs:quantal/dummy-1",
+				"applications": M{
+					"exposed-application": dummyCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "error",
 							"message": "You Require More Vespene Gas",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"exposed-service/0": M{
+							"exposed-application/0": M{
 								"machine": "2",
 								"workload-status": M{
 									"current": "error",
@@ -632,19 +662,17 @@
 								"open-ports": L{
 									"2/tcp", "3/tcp", "2/udp", "10/udp",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
-					},
-					"dummy-service": M{
-						"charm":   "cs:quantal/dummy-1",
-						"exposed": false,
-						"service-status": M{
+					}),
+					"dummy-application": dummyCharm(M{
+						"application-status": M{
 							"current": "terminated",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"dummy-service/0": M{
+							"dummy-application/0": M{
 								"machine": "1",
 								"workload-status": M{
 									"current": "terminated",
@@ -654,10 +682,10 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -666,26 +694,26 @@
 		addMachine{machineId: "3", job: state.JobHostUnits},
 		startMachine{"3"},
 		// Simulate some status with info, while the agent is down.
-		setAddresses{"3", network.NewAddresses("admin-3.dns")},
+		setAddresses{"3", network.NewAddresses("controller-3.dns")},
 		setMachineStatus{"3", status.StatusStopped, "Really?"},
 		addMachine{machineId: "4", job: state.JobHostUnits},
-		setAddresses{"4", network.NewAddresses("admin-4.dns")},
+		setAddresses{"4", network.NewAddresses("controller-4.dns")},
 		startAliveMachine{"4"},
 		setMachineStatus{"4", status.StatusError, "Beware the red toys"},
-		ensureDyingUnit{"dummy-service/0"},
+		ensureDyingUnit{"dummy-application/0"},
 		addMachine{machineId: "5", job: state.JobHostUnits},
 		ensureDeadMachine{"5"},
 		expect{
 			"add three more machine, one with a dead agent, one in error state and one dead itself; also one dying unit",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 					"2": machine2,
 					"3": M{
-						"dns-name":    "admin-3.dns",
-						"instance-id": "admin-3",
+						"dns-name":    "controller-3.dns",
+						"instance-id": "controller-3",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -699,8 +727,8 @@
 						"hardware": "arch=amd64 cpu-cores=1 mem=1024M root-disk=8192M",
 					},
 					"4": M{
-						"dns-name":    "admin-4.dns",
-						"instance-id": "admin-4",
+						"dns-name":    "controller-4.dns",
+						"instance-id": "controller-4",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -727,17 +755,16 @@
 						"series": "quantal",
 					},
 				},
-				"services": M{
-					"exposed-service": M{
-						"charm":   "cs:quantal/dummy-1",
+				"applications": M{
+					"exposed-application": dummyCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "error",
 							"message": "You Require More Vespene Gas",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"exposed-service/0": M{
+							"exposed-application/0": M{
 								"machine": "2",
 								"workload-status": M{
 									"current": "error",
@@ -751,19 +778,17 @@
 								"open-ports": L{
 									"2/tcp", "3/tcp", "2/udp", "10/udp",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
-					},
-					"dummy-service": M{
-						"charm":   "cs:quantal/dummy-1",
-						"exposed": false,
-						"service-status": M{
+					}),
+					"dummy-application": dummyCharm(M{
+						"application-status": M{
 							"current": "terminated",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"dummy-service/0": M{
+							"dummy-application/0": M{
 								"machine": "1",
 								"workload-status": M{
 									"current": "terminated",
@@ -773,33 +798,31 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 
 		// step 41
 		scopedExpect{
-			"scope status on dummy-service/0 unit",
-			[]string{"dummy-service/0"},
+			"scope status on dummy-application/0 unit",
+			[]string{"dummy-application/0"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"1": machine1,
 				},
-				"services": M{
-					"dummy-service": M{
-						"charm":   "cs:quantal/dummy-1",
-						"exposed": false,
-						"service-status": M{
+				"applications": M{
+					"dummy-application": dummyCharm(M{
+						"application-status": M{
 							"current": "terminated",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"dummy-service/0": M{
+							"dummy-application/0": M{
 								"machine": "1",
 								"workload-status": M{
 									"current": "terminated",
@@ -809,32 +832,31 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 		scopedExpect{
-			"scope status on exposed-service service",
-			[]string{"exposed-service"},
+			"scope status on exposed-application application",
+			[]string{"exposed-application"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"2": machine2,
 				},
-				"services": M{
-					"exposed-service": M{
-						"charm":   "cs:quantal/dummy-1",
+				"applications": M{
+					"exposed-application": dummyCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "error",
 							"message": "You Require More Vespene Gas",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"exposed-service/0": M{
+							"exposed-application/0": M{
 								"machine": "2",
 								"workload-status": M{
 									"current": "error",
@@ -848,31 +870,29 @@
 								"open-ports": L{
 									"2/tcp", "3/tcp", "2/udp", "10/udp",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 		scopedExpect{
-			"scope status on service pattern",
-			[]string{"d*-service"},
+			"scope status on application pattern",
+			[]string{"d*-application"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"1": machine1,
 				},
-				"services": M{
-					"dummy-service": M{
-						"charm":   "cs:quantal/dummy-1",
-						"exposed": false,
-						"service-status": M{
+				"applications": M{
+					"dummy-application": dummyCharm(M{
+						"application-status": M{
 							"current": "terminated",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"dummy-service/0": M{
+							"dummy-application/0": M{
 								"machine": "1",
 								"workload-status": M{
 									"current": "terminated",
@@ -882,32 +902,31 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 		scopedExpect{
 			"scope status on unit pattern",
-			[]string{"e*posed-service/*"},
+			[]string{"e*posed-application/*"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"2": machine2,
 				},
-				"services": M{
-					"exposed-service": M{
-						"charm":   "cs:quantal/dummy-1",
+				"applications": M{
+					"exposed-application": dummyCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "error",
 							"message": "You Require More Vespene Gas",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"exposed-service/0": M{
+							"exposed-application/0": M{
 								"machine": "2",
 								"workload-status": M{
 									"current": "error",
@@ -921,32 +940,30 @@
 								"open-ports": L{
 									"2/tcp", "3/tcp", "2/udp", "10/udp",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 		scopedExpect{
-			"scope status on combination of service and unit patterns",
-			[]string{"exposed-service", "dummy-service", "e*posed-service/*", "dummy-service/*"},
+			"scope status on combination of application and unit patterns",
+			[]string{"exposed-application", "dummy-application", "e*posed-application/*", "dummy-application/*"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"1": machine1,
 					"2": machine2,
 				},
-				"services": M{
-					"dummy-service": M{
-						"charm":   "cs:quantal/dummy-1",
-						"exposed": false,
-						"service-status": M{
+				"applications": M{
+					"dummy-application": dummyCharm(M{
+						"application-status": M{
 							"current": "terminated",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"dummy-service/0": M{
+							"dummy-application/0": M{
 								"machine": "1",
 								"workload-status": M{
 									"current": "terminated",
@@ -956,20 +973,19 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
-					"exposed-service": M{
-						"charm":   "cs:quantal/dummy-1",
+					}),
+					"exposed-application": dummyCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "error",
 							"message": "You Require More Vespene Gas",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"exposed-service/0": M{
+							"exposed-application/0": M{
 								"machine": "2",
 								"workload-status": M{
 									"current": "error",
@@ -983,10 +999,10 @@
 								"open-ports": L{
 									"2/tcp", "3/tcp", "2/udp", "10/udp",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -994,12 +1010,12 @@
 	test( // 5
 		"a unit with a hook relation error",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 
@@ -1020,19 +1036,17 @@
 		expect{
 			"a unit with a hook relation error",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 				},
-				"services": M{
-					"wordpress": M{
-						"charm":   "cs:quantal/wordpress-3",
-						"exposed": false,
+				"applications": M{
+					"wordpress": wordpressCharm(M{
 						"relations": M{
 							"db": L{"mysql"},
 						},
-						"service-status": M{
+						"application-status": M{
 							"current": "error",
 							"message": "hook failed: some-relation-changed",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1049,17 +1063,15 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
-						"exposed": false,
+					}),
+					"mysql": mysqlCharm(M{
 						"relations": M{
 							"server": L{"wordpress"},
 						},
-						"service-status": M{
+						"application-status": M{
 							"current": "unknown",
 							"message": "Waiting for agent initialization to finish",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1076,10 +1088,10 @@
 									"current": "allocating",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -1087,12 +1099,12 @@
 	test( // 6
 		"a unit with a hook relation error when the agent is down",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 
@@ -1113,19 +1125,17 @@
 		expect{
 			"a unit with a hook relation error when the agent is down",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 				},
-				"services": M{
-					"wordpress": M{
-						"charm":   "cs:quantal/wordpress-3",
-						"exposed": false,
+				"applications": M{
+					"wordpress": wordpressCharm(M{
 						"relations": M{
 							"db": L{"mysql"},
 						},
-						"service-status": M{
+						"application-status": M{
 							"current": "error",
 							"message": "hook failed: some-relation-changed",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1142,17 +1152,15 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
-						"exposed": false,
+					}),
+					"mysql": mysqlCharm(M{
 						"relations": M{
 							"server": L{"wordpress"},
 						},
-						"service-status": M{
+						"application-status": M{
 							"current": "unknown",
 							"message": "Waiting for agent initialization to finish",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1169,25 +1177,25 @@
 									"current": "allocating",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 	),
 	test( // 7
-		"add a dying service",
+		"add a dying application",
 		addCharm{"dummy"},
-		addService{name: "dummy-service", charm: "dummy"},
+		addService{name: "dummy-application", charm: "dummy"},
 		addMachine{machineId: "0", job: state.JobHostUnits},
-		addAliveUnit{"dummy-service", "0"},
-		ensureDyingService{"dummy-service"},
+		addAliveUnit{"dummy-application", "0"},
+		ensureDyingService{"dummy-application"},
 		expect{
-			"service shows life==dying",
+			"application shows life==dying",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"juju-status": M{
@@ -1203,18 +1211,16 @@
 						"series": "quantal",
 					},
 				},
-				"services": M{
-					"dummy-service": M{
-						"charm":   "cs:quantal/dummy-1",
-						"exposed": false,
-						"life":    "dying",
-						"service-status": M{
+				"applications": M{
+					"dummy-application": dummyCharm(M{
+						"life": "dying",
+						"application-status": M{
 							"current": "unknown",
 							"message": "Waiting for agent initialization to finish",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"dummy-service/0": M{
+							"dummy-application/0": M{
 								"machine": "0",
 								"workload-status": M{
 									"current": "unknown",
@@ -1227,7 +1233,7 @@
 								},
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -1235,24 +1241,24 @@
 	test( // 8
 		"a unit where the agent is down shows as lost",
 		addCharm{"dummy"},
-		addService{name: "dummy-service", charm: "dummy"},
+		addService{name: "dummy-application", charm: "dummy"},
 		addMachine{machineId: "0", job: state.JobHostUnits},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
-		addUnit{"dummy-service", "0"},
-		setAgentStatus{"dummy-service/0", status.StatusIdle, "", nil},
-		setUnitStatus{"dummy-service/0", status.StatusActive, "", nil},
+		addUnit{"dummy-application", "0"},
+		setAgentStatus{"dummy-application/0", status.StatusIdle, "", nil},
+		setUnitStatus{"dummy-application/0", status.StatusActive, "", nil},
 		expect{
 			"unit shows that agent is lost",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": M{
 						"juju-status": M{
 							"current": "started",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
-						"instance-id": "admin-0",
+						"instance-id": "controller-0",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1262,20 +1268,18 @@
 						"hardware": "arch=amd64 cpu-cores=1 mem=1024M root-disk=8192M",
 					},
 				},
-				"services": M{
-					"dummy-service": M{
-						"charm":   "cs:quantal/dummy-1",
-						"exposed": false,
-						"service-status": M{
+				"applications": M{
+					"dummy-application": dummyCharm(M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
-							"dummy-service/0": M{
+							"dummy-application/0": M{
 								"machine": "0",
 								"workload-status": M{
 									"current": "unknown",
-									"message": "agent is lost, sorry! See 'juju status-history dummy-service/0'",
+									"message": "agent is lost, sorry! See 'juju status-history dummy-application/0'",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
 								"juju-status": M{
@@ -1285,7 +1289,7 @@
 								},
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -1295,7 +1299,7 @@
 	test( // 9
 		"complex scenario with multiple related services",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addCharm{"wordpress"},
@@ -1305,7 +1309,7 @@
 		addService{name: "project", charm: "wordpress"},
 		setServiceExposed{"project", true},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addAliveUnit{"project", "1"},
@@ -1315,7 +1319,7 @@
 		addService{name: "mysql", charm: "mysql"},
 		setServiceExposed{"mysql", true},
 		addMachine{machineId: "2", job: state.JobHostUnits},
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
 		addAliveUnit{"mysql", "2"},
@@ -1325,7 +1329,7 @@
 		addService{name: "varnish", charm: "varnish"},
 		setServiceExposed{"varnish", true},
 		addMachine{machineId: "3", job: state.JobHostUnits},
-		setAddresses{"3", network.NewAddresses("admin-3.dns")},
+		setAddresses{"3", network.NewAddresses("controller-3.dns")},
 		startAliveMachine{"3"},
 		setMachineStatus{"3", status.StatusStarted, ""},
 		addAliveUnit{"varnish", "3"},
@@ -1333,7 +1337,7 @@
 		addService{name: "private", charm: "wordpress"},
 		setServiceExposed{"private", true},
 		addMachine{machineId: "4", job: state.JobHostUnits},
-		setAddresses{"4", network.NewAddresses("admin-4.dns")},
+		setAddresses{"4", network.NewAddresses("controller-4.dns")},
 		startAliveMachine{"4"},
 		setMachineStatus{"4", status.StatusStarted, ""},
 		addAliveUnit{"private", "4"},
@@ -1345,7 +1349,7 @@
 		expect{
 			"multiples services with relations between some of them",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
@@ -1353,11 +1357,10 @@
 					"3": machine3,
 					"4": machine4,
 				},
-				"services": M{
-					"project": M{
-						"charm":   "cs:quantal/wordpress-3",
+				"applications": M{
+					"project": wordpressCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1372,18 +1375,17 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
 						"relations": M{
 							"db":    L{"mysql"},
 							"cache": L{"varnish"},
 						},
-					},
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
+					}),
+					"mysql": mysqlCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1398,17 +1400,22 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
 						"relations": M{
 							"server": L{"private", "project"},
 						},
-					},
+					}),
 					"varnish": M{
-						"charm":   "cs:quantal/varnish-1",
-						"exposed": true,
-						"service-status": M{
+						"charm":        "cs:quantal/varnish-1",
+						"charm-origin": "jujucharms",
+						"charm-name":   "varnish",
+						"charm-rev":    1,
+						"series":       "quantal",
+						"os":           "ubuntu",
+						"exposed":      true,
+						"application-status": M{
 							"current": "unknown",
 							"message": "Waiting for agent initialization to finish",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1425,17 +1432,16 @@
 									"current": "allocating",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-3.dns",
+								"public-address": "controller-3.dns",
 							},
 						},
 						"relations": M{
 							"webcache": L{"project"},
 						},
 					},
-					"private": M{
-						"charm":   "cs:quantal/wordpress-3",
+					"private": wordpressCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "unknown",
 							"message": "Waiting for agent initialization to finish",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1452,13 +1458,13 @@
 									"current": "allocating",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-4.dns",
+								"public-address": "controller-4.dns",
 							},
 						},
 						"relations": M{
 							"db": L{"mysql"},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -1466,7 +1472,7 @@
 	test( // 10
 		"simple peer scenario",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addCharm{"riak"},
@@ -1475,21 +1481,21 @@
 		addService{name: "riak", charm: "riak"},
 		setServiceExposed{"riak", true},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addAliveUnit{"riak", "1"},
 		setAgentStatus{"riak/0", status.StatusIdle, "", nil},
 		setUnitStatus{"riak/0", status.StatusActive, "", nil},
 		addMachine{machineId: "2", job: state.JobHostUnits},
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
 		addAliveUnit{"riak", "2"},
 		setAgentStatus{"riak/1", status.StatusIdle, "", nil},
 		setUnitStatus{"riak/1", status.StatusActive, "", nil},
 		addMachine{machineId: "3", job: state.JobHostUnits},
-		setAddresses{"3", network.NewAddresses("admin-3.dns")},
+		setAddresses{"3", network.NewAddresses("controller-3.dns")},
 		startAliveMachine{"3"},
 		setMachineStatus{"3", status.StatusStarted, ""},
 		addAliveUnit{"riak", "3"},
@@ -1499,18 +1505,23 @@
 		expect{
 			"multiples related peer units",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 					"2": machine2,
 					"3": machine3,
 				},
-				"services": M{
+				"applications": M{
 					"riak": M{
-						"charm":   "cs:quantal/riak-7",
-						"exposed": true,
-						"service-status": M{
+						"charm":        "cs:quantal/riak-7",
+						"charm-origin": "jujucharms",
+						"charm-name":   "riak",
+						"charm-rev":    7,
+						"series":       "quantal",
+						"os":           "ubuntu",
+						"exposed":      true,
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1525,7 +1536,7 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 							"riak/1": M{
 								"machine": "2",
@@ -1537,7 +1548,7 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 							"riak/2": M{
 								"machine": "3",
@@ -1549,7 +1560,7 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-3.dns",
+								"public-address": "controller-3.dns",
 							},
 						},
 						"relations": M{
@@ -1563,9 +1574,9 @@
 
 	// Subordinate tests
 	test( // 11
-		"one service with one subordinate service",
+		"one application with one subordinate application",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addCharm{"wordpress"},
@@ -1575,7 +1586,7 @@
 		addService{name: "wordpress", charm: "wordpress"},
 		setServiceExposed{"wordpress", true},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addAliveUnit{"wordpress", "1"},
@@ -1585,7 +1596,7 @@
 		addService{name: "mysql", charm: "mysql"},
 		setServiceExposed{"mysql", true},
 		addMachine{machineId: "2", job: state.JobHostUnits},
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
 		addAliveUnit{"mysql", "2"},
@@ -1610,17 +1621,16 @@
 		expect{
 			"multiples related peer units",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 					"2": machine2,
 				},
-				"services": M{
-					"wordpress": M{
-						"charm":   "cs:quantal/wordpress-3",
+				"applications": M{
+					"wordpress": wordpressCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1645,21 +1655,20 @@
 											"current": "idle",
 											"since":   "01 Apr 15 01:23+10:00",
 										},
-										"public-address": "admin-1.dns",
+										"public-address": "controller-1.dns",
 									},
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
 						"relations": M{
 							"db":          L{"mysql"},
 							"logging-dir": L{"logging"},
 						},
-					},
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
+					}),
+					"mysql": mysqlCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1685,27 +1694,18 @@
 											"current": "idle",
 											"since":   "01 Apr 15 01:23+10:00",
 										},
-										"public-address": "admin-2.dns",
+										"public-address": "controller-2.dns",
 									},
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
 						"relations": M{
 							"server":    L{"wordpress"},
 							"juju-info": L{"logging"},
 						},
-					},
-					"logging": M{
-						"charm":          "cs:quantal/logging-1",
-						"exposed":        true,
-						"service-status": M{},
-						"relations": M{
-							"logging-directory": L{"wordpress"},
-							"info":              L{"mysql"},
-						},
-						"subordinate-to": L{"mysql", "wordpress"},
-					},
+					}),
+					"logging": loggingCharm,
 				},
 			},
 		},
@@ -1715,16 +1715,15 @@
 			"subordinates scoped on logging",
 			[]string{"logging"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"1": machine1,
 					"2": machine2,
 				},
-				"services": M{
-					"wordpress": M{
-						"charm":   "cs:quantal/wordpress-3",
+				"applications": M{
+					"wordpress": wordpressCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1749,21 +1748,20 @@
 											"current": "idle",
 											"since":   "01 Apr 15 01:23+10:00",
 										},
-										"public-address": "admin-1.dns",
+										"public-address": "controller-1.dns",
 									},
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
 						"relations": M{
 							"db":          L{"mysql"},
 							"logging-dir": L{"logging"},
 						},
-					},
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
+					}),
+					"mysql": mysqlCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1789,27 +1787,18 @@
 											"current": "idle",
 											"since":   "01 Apr 15 01:23+10:00",
 										},
-										"public-address": "admin-2.dns",
+										"public-address": "controller-2.dns",
 									},
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
 						"relations": M{
 							"server":    L{"wordpress"},
 							"juju-info": L{"logging"},
 						},
-					},
-					"logging": M{
-						"charm":          "cs:quantal/logging-1",
-						"exposed":        true,
-						"service-status": M{},
-						"relations": M{
-							"logging-directory": L{"wordpress"},
-							"info":              L{"mysql"},
-						},
-						"subordinate-to": L{"mysql", "wordpress"},
-					},
+					}),
+					"logging": loggingCharm,
 				},
 			},
 		},
@@ -1819,15 +1808,14 @@
 			"subordinates scoped on logging",
 			[]string{"wordpress/0"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"1": machine1,
 				},
-				"services": M{
-					"wordpress": M{
-						"charm":   "cs:quantal/wordpress-3",
+				"applications": M{
+					"wordpress": wordpressCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1852,27 +1840,18 @@
 											"current": "idle",
 											"since":   "01 Apr 15 01:23+10:00",
 										},
-										"public-address": "admin-1.dns",
+										"public-address": "controller-1.dns",
 									},
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
 						"relations": M{
 							"db":          L{"mysql"},
 							"logging-dir": L{"logging"},
 						},
-					},
-					"logging": M{
-						"charm":          "cs:quantal/logging-1",
-						"exposed":        true,
-						"service-status": M{},
-						"relations": M{
-							"logging-directory": L{"wordpress"},
-							"info":              L{"mysql"},
-						},
-						"subordinate-to": L{"mysql", "wordpress"},
-					},
+					}),
+					"logging": loggingCharm,
 				},
 			},
 		},
@@ -1881,7 +1860,7 @@
 		"machines with containers",
 		// step 0
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addCharm{"mysql"},
@@ -1890,7 +1869,7 @@
 
 		// step 7
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addAliveUnit{"mysql", "1"},
@@ -1898,34 +1877,33 @@
 		setUnitStatus{"mysql/0", status.StatusActive, "", nil},
 
 		// step 14: A container on machine 1.
-		addContainer{"1", "1/lxc/0", state.JobHostUnits},
-		setAddresses{"1/lxc/0", network.NewAddresses("admin-2.dns")},
-		startAliveMachine{"1/lxc/0"},
-		setMachineStatus{"1/lxc/0", status.StatusStarted, ""},
-		addAliveUnit{"mysql", "1/lxc/0"},
+		addContainer{"1", "1/lxd/0", state.JobHostUnits},
+		setAddresses{"1/lxd/0", network.NewAddresses("controller-2.dns")},
+		startAliveMachine{"1/lxd/0"},
+		setMachineStatus{"1/lxd/0", status.StatusStarted, ""},
+		addAliveUnit{"mysql", "1/lxd/0"},
 		setAgentStatus{"mysql/1", status.StatusIdle, "", nil},
 		setUnitStatus{"mysql/1", status.StatusActive, "", nil},
-		addContainer{"1", "1/lxc/1", state.JobHostUnits},
+		addContainer{"1", "1/lxd/1", state.JobHostUnits},
 
 		// step 22: A nested container.
-		addContainer{"1/lxc/0", "1/lxc/0/lxc/0", state.JobHostUnits},
-		setAddresses{"1/lxc/0/lxc/0", network.NewAddresses("admin-3.dns")},
-		startAliveMachine{"1/lxc/0/lxc/0"},
-		setMachineStatus{"1/lxc/0/lxc/0", status.StatusStarted, ""},
+		addContainer{"1/lxd/0", "1/lxd/0/lxd/0", state.JobHostUnits},
+		setAddresses{"1/lxd/0/lxd/0", network.NewAddresses("controller-3.dns")},
+		startAliveMachine{"1/lxd/0/lxd/0"},
+		setMachineStatus{"1/lxd/0/lxd/0", status.StatusStarted, ""},
 
 		expect{
 			"machines with nested containers",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1WithContainers,
 				},
-				"services": M{
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
+				"applications": M{
+					"mysql": mysqlCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -1940,10 +1918,10 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 							"mysql/1": M{
-								"machine": "1/lxc/0",
+								"machine": "1/lxd/0",
 								"workload-status": M{
 									"current": "active",
 									"since":   "01 Apr 15 01:23+10:00",
@@ -1952,10 +1930,10 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -1965,7 +1943,7 @@
 			"machines with nested containers 2",
 			[]string{"mysql/1"},
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"1": M{
 						"juju-status": M{
@@ -1973,13 +1951,13 @@
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"containers": M{
-							"1/lxc/0": M{
+							"1/lxd/0": M{
 								"juju-status": M{
 									"current": "started",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"dns-name":    "admin-2.dns",
-								"instance-id": "admin-2",
+								"dns-name":    "controller-2.dns",
+								"instance-id": "controller-2",
 								"machine-status": M{
 									"current": "pending",
 									"since":   "01 Apr 15 01:23+10:00",
@@ -1988,8 +1966,8 @@
 								"series": "quantal",
 							},
 						},
-						"dns-name":    "admin-1.dns",
-						"instance-id": "admin-1",
+						"dns-name":    "controller-1.dns",
+						"instance-id": "controller-1",
 						"machine-status": M{
 							"current": "pending",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -1999,17 +1977,16 @@
 						"hardware": "arch=amd64 cpu-cores=1 mem=1024M root-disk=8192M",
 					},
 				},
-				"services": M{
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
+				"applications": M{
+					"mysql": mysqlCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
 						"units": M{
 							"mysql/1": M{
-								"machine": "1/lxc/0",
+								"machine": "1/lxd/0",
 								"workload-status": M{
 									"current": "active",
 									"since":   "01 Apr 15 01:23+10:00",
@@ -2018,22 +1995,22 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 	),
 	test( // 13
-		"service with out of date charm",
+		"application with out of date charm",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addCharm{"mysql"},
@@ -2045,17 +2022,16 @@
 		expect{
 			"services and units with correct charm status",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 				},
-				"services": M{
-					"mysql": M{
-						"charm":          "cs:quantal/mysql-1",
+				"applications": M{
+					"mysql": mysqlCharm(M{
 						"can-upgrade-to": "cs:quantal/mysql-23",
 						"exposed":        true,
-						"service-status": M{
+						"application-status": M{
 							"current": "unknown",
 							"message": "Waiting for agent initialization to finish",
 							"since":   "01 Apr 15 01:23+10:00",
@@ -2072,10 +2048,10 @@
 									"current": "allocating",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -2083,11 +2059,11 @@
 	test( // 14
 		"unit with out of date charm",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addCharm{"mysql"},
@@ -2101,16 +2077,17 @@
 		expect{
 			"services and units with correct charm status",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 				},
-				"services": M{
-					"mysql": M{
-						"charm":   "local:quantal/mysql-1",
-						"exposed": true,
-						"service-status": M{
+				"applications": M{
+					"mysql": mysqlCharm(M{
+						"charm":        "local:quantal/mysql-1",
+						"charm-origin": "local",
+						"exposed":      true,
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -2126,22 +2103,22 @@
 									"since":   "01 Apr 15 01:23+10:00",
 								},
 								"upgrading-from": "cs:quantal/mysql-1",
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 	),
 	test( // 15
-		"service and unit with out of date charms",
+		"application and unit with out of date charms",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addCharm{"mysql"},
@@ -2156,17 +2133,18 @@
 		expect{
 			"services and units with correct charm status",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 				},
-				"services": M{
-					"mysql": M{
+				"applications": M{
+					"mysql": mysqlCharm(M{
 						"charm":          "cs:quantal/mysql-2",
+						"charm-rev":      2,
 						"can-upgrade-to": "cs:quantal/mysql-23",
 						"exposed":        true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -2182,22 +2160,22 @@
 									"since":   "01 Apr 15 01:23+10:00",
 								},
 								"upgrading-from": "cs:quantal/mysql-1",
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
 	),
 	test( // 16
-		"service with local charm not shown as out of date",
+		"application with local charm not shown as out of date",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addCharm{"mysql"},
@@ -2212,16 +2190,17 @@
 		expect{
 			"services and units with correct charm status",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
 				},
-				"services": M{
-					"mysql": M{
-						"charm":   "local:quantal/mysql-1",
-						"exposed": true,
-						"service-status": M{
+				"applications": M{
+					"mysql": mysqlCharm(M{
+						"charm":        "local:quantal/mysql-1",
+						"charm-origin": "local",
+						"exposed":      true,
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -2237,10 +2216,10 @@
 									"since":   "01 Apr 15 01:23+10:00",
 								},
 								"upgrading-from": "cs:quantal/mysql-1",
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -2248,27 +2227,27 @@
 	test( // 17
 		"deploy two services; set meter statuses on one",
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 
 		addMachine{machineId: "2", job: state.JobHostUnits},
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
 
 		addMachine{machineId: "3", job: state.JobHostUnits},
-		setAddresses{"3", network.NewAddresses("admin-3.dns")},
+		setAddresses{"3", network.NewAddresses("controller-3.dns")},
 		startAliveMachine{"3"},
 		setMachineStatus{"3", status.StatusStarted, ""},
 
 		addMachine{machineId: "4", job: state.JobHostUnits},
-		setAddresses{"4", network.NewAddresses("admin-4.dns")},
+		setAddresses{"4", network.NewAddresses("controller-4.dns")},
 		startAliveMachine{"4"},
 		setMachineStatus{"4", status.StatusStarted, ""},
 
@@ -2300,7 +2279,7 @@
 		expect{
 			"simulate just the two services and a bootstrap node",
 			M{
-				"model": "admin",
+				"model": model,
 				"machines": M{
 					"0": machine0,
 					"1": machine1,
@@ -2308,11 +2287,10 @@
 					"3": machine3,
 					"4": machine4,
 				},
-				"services": M{
-					"mysql": M{
-						"charm":   "cs:quantal/mysql-1",
+				"applications": M{
+					"mysql": mysqlCharm(M{
 						"exposed": true,
-						"service-status": M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -2327,15 +2305,13 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-1.dns",
+								"public-address": "controller-1.dns",
 							},
 						},
-					},
+					}),
 
-					"servicewithmeterstatus": M{
-						"charm":   "cs:quantal/mysql-1",
-						"exposed": false,
-						"service-status": M{
+					"servicewithmeterstatus": mysqlCharm(M{
+						"application-status": M{
 							"current": "active",
 							"since":   "01 Apr 15 01:23+10:00",
 						},
@@ -2350,7 +2326,7 @@
 									"current": "idle",
 									"since":   "01 Apr 15 01:23+10:00",
 								},
-								"public-address": "admin-2.dns",
+								"public-address": "controller-2.dns",
 							},
 							"servicewithmeterstatus/1": M{
 								"machine": "3",
@@ -2366,7 +2342,7 @@
 									"color":   "green",
 									"message": "test green status",
 								},
-								"public-address": "admin-3.dns",
+								"public-address": "controller-3.dns",
 							},
 							"servicewithmeterstatus/2": M{
 								"machine": "4",
@@ -2382,10 +2358,10 @@
 									"color":   "red",
 									"message": "test red status",
 								},
-								"public-address": "admin-4.dns",
+								"public-address": "controller-4.dns",
 							},
 						},
-					},
+					}),
 				},
 			},
 		},
@@ -2396,17 +2372,195 @@
 		expect{
 			"upgrade availability should be shown in model-status",
 			M{
-				"model": "admin",
-				"model-status": M{
-					"upgrade-available": nextVersion().String(),
+				"model": M{
+					"name":              "controller",
+					"controller":        "kontroll",
+					"cloud":             "dummy",
+					"version":           "1.2.3",
+					"upgrade-available": "1.2.4",
+				},
+				"machines":     M{},
+				"applications": M{},
+			},
+		},
+	),
+	test( // 19
+		"consistent workload version",
+		addMachine{machineId: "0", job: state.JobManageModel},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
+		startAliveMachine{"0"},
+		setMachineStatus{"0", status.StatusStarted, ""},
+
+		addCharm{"mysql"},
+		addService{name: "mysql", charm: "mysql"},
+
+		addMachine{machineId: "1", job: state.JobHostUnits},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
+		startAliveMachine{"1"},
+		setMachineStatus{"1", status.StatusStarted, ""},
+		addAliveUnit{"mysql", "1"},
+		setUnitWorkloadVersion{"mysql/0", "the best!"},
+
+		expect{
+			"application and unit with correct workload version",
+			M{
+				"model": model,
+				"machines": M{
+					"0": machine0,
+					"1": machine1,
+				},
+				"applications": M{
+					"mysql": mysqlCharm(M{
+						"version": "the best!",
+						"application-status": M{
+							"current": "unknown",
+							"message": "Waiting for agent initialization to finish",
+							"since":   "01 Apr 15 01:23+10:00",
+						},
+						"units": M{
+							"mysql/0": M{
+								"machine": "1",
+								"workload-status": M{
+									"current": "unknown",
+									"message": "Waiting for agent initialization to finish",
+									"since":   "01 Apr 15 01:23+10:00",
+								},
+								"juju-status": M{
+									"current": "allocating",
+									"since":   "01 Apr 15 01:23+10:00",
+								},
+								"public-address": "controller-1.dns",
+							},
+						},
+					}),
+				},
+			},
+		},
+	),
+	test( // 20
+		"mixed workload version",
+		addMachine{machineId: "0", job: state.JobManageModel},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
+		startAliveMachine{"0"},
+		setMachineStatus{"0", status.StatusStarted, ""},
+
+		addCharm{"mysql"},
+		addService{name: "mysql", charm: "mysql"},
+
+		addMachine{machineId: "1", job: state.JobHostUnits},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
+		startAliveMachine{"1"},
+		setMachineStatus{"1", status.StatusStarted, ""},
+		addAliveUnit{"mysql", "1"},
+		setUnitWorkloadVersion{"mysql/0", "the best!"},
+
+		addMachine{machineId: "2", job: state.JobHostUnits},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
+		startAliveMachine{"2"},
+		setMachineStatus{"2", status.StatusStarted, ""},
+		addAliveUnit{"mysql", "2"},
+		setUnitWorkloadVersion{"mysql/1", "not as good"},
+
+		expect{
+			"application and unit with correct workload version",
+			M{
+				"model": model,
+				"machines": M{
+					"0": machine0,
+					"1": machine1,
+					"2": machine2,
+				},
+				"applications": M{
+					"mysql": mysqlCharm(M{
+						"version": "not as good",
+						"application-status": M{
+							"current": "unknown",
+							"message": "Waiting for agent initialization to finish",
+							"since":   "01 Apr 15 01:23+10:00",
+						},
+						"units": M{
+							"mysql/0": M{
+								"machine": "1",
+								"workload-status": M{
+									"current": "unknown",
+									"message": "Waiting for agent initialization to finish",
+									"since":   "01 Apr 15 01:23+10:00",
+								},
+								"juju-status": M{
+									"current": "allocating",
+									"since":   "01 Apr 15 01:23+10:00",
+								},
+								"public-address": "controller-1.dns",
+							},
+							"mysql/1": M{
+								"machine": "2",
+								"workload-status": M{
+									"current": "unknown",
+									"message": "Waiting for agent initialization to finish",
+									"since":   "01 Apr 15 01:23+10:00",
+								},
+								"juju-status": M{
+									"current": "allocating",
+									"since":   "01 Apr 15 01:23+10:00",
+								},
+								"public-address": "controller-2.dns",
+							},
+						},
+					}),
 				},
-				"machines": M{},
-				"services": M{},
 			},
 		},
 	),
 }
 
+func mysqlCharm(extras M) M {
+	charm := M{
+		"charm":        "cs:quantal/mysql-1",
+		"charm-origin": "jujucharms",
+		"charm-name":   "mysql",
+		"charm-rev":    1,
+		"series":       "quantal",
+		"os":           "ubuntu",
+		"exposed":      false,
+	}
+	for key, value := range extras {
+		charm[key] = value
+	}
+	return charm
+}
+
+func dummyCharm(extras M) M {
+	charm := M{
+		"charm":        "cs:quantal/dummy-1",
+		"charm-origin": "jujucharms",
+		"charm-name":   "dummy",
+		"charm-rev":    1,
+		"series":       "quantal",
+		"os":           "ubuntu",
+		"exposed":      false,
+	}
+	for key, value := range extras {
+		charm[key] = value
+	}
+	return charm
+}
+
+func wordpressCharm(extras M) M {
+	charm := M{
+		"charm":        "cs:quantal/wordpress-3",
+		"charm-origin": "jujucharms",
+		"charm-name":   "wordpress",
+		"charm-rev":    3,
+		"series":       "quantal",
+		"os":           "ubuntu",
+		"exposed":      false,
+	}
+	for key, value := range extras {
+		charm[key] = value
+	}
+	return charm
+}
+
 // TODO(dfc) test failing components by destructively mutating the state under the hood
 
 type addMachine struct {
@@ -2436,7 +2590,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{ac.job},
 	}
-	m, err := ctx.st.AddMachineInsideMachine(template, ac.parentId, instance.LXC)
+	m, err := ctx.st.AddMachineInsideMachine(template, ac.parentId, instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(m.Id(), gc.Equals, ac.machineId)
 }
@@ -2450,7 +2604,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 	cons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
-	inst, hc := testing.AssertStartInstanceWithConstraints(c, ctx.env, m.Id(), cons)
+	cfg, err := ctx.st.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	inst, hc := testing.AssertStartInstanceWithConstraints(c, ctx.env, cfg.ControllerUUID(), m.Id(), cons)
 	err = m.SetProvisioned(inst.Id(), "fake_nonce", hc)
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -2464,10 +2620,19 @@
 	c.Assert(err, jc.ErrorIsNil)
 	cons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
-	_, hc := testing.AssertStartInstanceWithConstraints(c, ctx.env, m.Id(), cons)
+	cfg, err := ctx.st.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	_, hc := testing.AssertStartInstanceWithConstraints(c, ctx.env, cfg.ControllerUUID(), m.Id(), cons)
 	err = m.SetProvisioned("i-missing", "fake_nonce", hc)
 	c.Assert(err, jc.ErrorIsNil)
-	err = m.SetInstanceStatus(status.StatusUnknown, "missing", nil)
+	// lp:1558657
+	now := time.Now()
+	s := status.StatusInfo{
+		Status:  status.StatusUnknown,
+		Message: "missing",
+		Since:   &now,
+	}
+	err = m.SetInstanceStatus(s)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -2481,7 +2646,9 @@
 	pinger := ctx.setAgentPresence(c, m)
 	cons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
-	inst, hc := testing.AssertStartInstanceWithConstraints(c, ctx.env, m.Id(), cons)
+	cfg, err := ctx.st.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	inst, hc := testing.AssertStartInstanceWithConstraints(c, ctx.env, cfg.ControllerUUID(), m.Id(), cons)
 	err = m.SetProvisioned(inst.Id(), "fake_nonce", hc)
 	c.Assert(err, jc.ErrorIsNil)
 	ctx.pingers[m.Id()] = pinger
@@ -2498,7 +2665,9 @@
 	pinger := ctx.setAgentPresence(c, m)
 	cons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := testing.AssertStartInstanceWithConstraints(c, ctx.env, m.Id(), cons)
+	cfg, err := ctx.st.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	inst, _ := testing.AssertStartInstanceWithConstraints(c, ctx.env, cfg.ControllerUUID(), m.Id(), cons)
 	err = m.SetProvisioned(inst.Id(), "fake_nonce", &sm.hc)
 	c.Assert(err, jc.ErrorIsNil)
 	ctx.pingers[m.Id()] = pinger
@@ -2583,7 +2752,7 @@
 func (as addService) step(c *gc.C, ctx *context) {
 	ch, ok := ctx.charms[as.charm]
 	c.Assert(ok, jc.IsTrue)
-	svc, err := ctx.st.AddService(state.AddServiceArgs{Name: as.name, Owner: ctx.adminUserTag, Charm: ch})
+	svc, err := ctx.st.AddApplication(state.AddApplicationArgs{Name: as.name, Charm: ch})
 	c.Assert(err, jc.ErrorIsNil)
 	if svc.IsPrincipal() {
 		err = svc.SetConstraints(as.cons)
@@ -2597,7 +2766,7 @@
 }
 
 func (sse setServiceExposed) step(c *gc.C, ctx *context) {
-	s, err := ctx.st.Service(sse.name)
+	s, err := ctx.st.Application(sse.name)
 	c.Assert(err, jc.ErrorIsNil)
 	err = s.ClearExposed()
 	c.Assert(err, jc.ErrorIsNil)
@@ -2615,7 +2784,7 @@
 func (ssc setServiceCharm) step(c *gc.C, ctx *context) {
 	ch, err := ctx.st.Charm(charm.MustParseURL(ssc.charm))
 	c.Assert(err, jc.ErrorIsNil)
-	s, err := ctx.st.Service(ssc.name)
+	s, err := ctx.st.Application(ssc.name)
 	c.Assert(err, jc.ErrorIsNil)
 	cfg := state.SetCharmConfig{Charm: ch}
 	err = s.SetCharm(cfg)
@@ -2641,7 +2810,7 @@
 }
 
 func (au addUnit) step(c *gc.C, ctx *context) {
-	s, err := ctx.st.Service(au.serviceName)
+	s, err := ctx.st.Application(au.serviceName)
 	c.Assert(err, jc.ErrorIsNil)
 	u, err := s.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
@@ -2657,7 +2826,7 @@
 }
 
 func (aau addAliveUnit) step(c *gc.C, ctx *context) {
-	s, err := ctx.st.Service(aau.serviceName)
+	s, err := ctx.st.Application(aau.serviceName)
 	c.Assert(err, jc.ErrorIsNil)
 	u, err := s.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
@@ -2674,7 +2843,7 @@
 }
 
 func (sua setUnitsAlive) step(c *gc.C, ctx *context) {
-	s, err := ctx.st.Service(sua.serviceName)
+	s, err := ctx.st.Application(sua.serviceName)
 	c.Assert(err, jc.ErrorIsNil)
 	us, err := s.AllUnits()
 	c.Assert(err, jc.ErrorIsNil)
@@ -2706,7 +2875,15 @@
 func (sus setUnitStatus) step(c *gc.C, ctx *context) {
 	u, err := ctx.st.Unit(sus.unitName)
 	c.Assert(err, jc.ErrorIsNil)
-	err = u.SetStatus(sus.status, sus.statusInfo, sus.statusData)
+	// lp:1558657
+	now := time.Now()
+	s := status.StatusInfo{
+		Status:  sus.status,
+		Message: sus.statusInfo,
+		Data:    sus.statusData,
+		Since:   &now,
+	}
+	err = u.SetStatus(s)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -2720,7 +2897,15 @@
 func (sus setAgentStatus) step(c *gc.C, ctx *context) {
 	u, err := ctx.st.Unit(sus.unitName)
 	c.Assert(err, jc.ErrorIsNil)
-	err = u.SetAgentStatus(sus.status, sus.statusInfo, sus.statusData)
+	// lp:1558657
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  sus.status,
+		Message: sus.statusInfo,
+		Data:    sus.statusData,
+		Since:   &now,
+	}
+	err = u.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -2735,13 +2920,37 @@
 	curl := charm.MustParseURL(uc.charm)
 	err = u.SetCharmURL(curl)
 	c.Assert(err, jc.ErrorIsNil)
-	err = u.SetStatus(status.StatusActive, "", nil)
+	// lp:1558657
+	now := time.Now()
+	s := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "",
+		Since:   &now,
+	}
+	err = u.SetStatus(s)
 	c.Assert(err, jc.ErrorIsNil)
-	err = u.SetAgentStatus(status.StatusIdle, "", nil)
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = u.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 }
 
+type setUnitWorkloadVersion struct {
+	unitName string
+	version  string
+}
+
+func (wv setUnitWorkloadVersion) step(c *gc.C, ctx *context) {
+	u, err := ctx.st.Unit(wv.unitName)
+	c.Assert(err, jc.ErrorIsNil)
+	err = u.SetWorkloadVersion(wv.version)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
 type openUnitPort struct {
 	unitName string
 	protocol string
@@ -2772,7 +2981,7 @@
 }
 
 func (e ensureDyingService) step(c *gc.C, ctx *context) {
-	svc, err := ctx.st.Service(e.serviceName)
+	svc, err := ctx.st.Application(e.serviceName)
 	c.Assert(err, jc.ErrorIsNil)
 	err = svc.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
@@ -2800,9 +3009,16 @@
 }
 
 func (sms setMachineStatus) step(c *gc.C, ctx *context) {
+	// lp:1558657
+	now := time.Now()
 	m, err := ctx.st.Machine(sms.machineId)
 	c.Assert(err, jc.ErrorIsNil)
-	err = m.SetStatus(sms.status, sms.statusInfo, nil)
+	sInfo := status.StatusInfo{
+		Status:  sms.status,
+		Message: sms.statusInfo,
+		Since:   &now,
+	}
+	err = m.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -2825,7 +3041,7 @@
 func (as addSubordinate) step(c *gc.C, ctx *context) {
 	u, err := ctx.st.Unit(as.prinUnit)
 	c.Assert(err, jc.ErrorIsNil)
-	eps, err := ctx.st.InferEndpoints(u.ServiceName(), as.subService)
+	eps, err := ctx.st.InferEndpoints(u.ApplicationName(), as.subService)
 	c.Assert(err, jc.ErrorIsNil)
 	rel, err := ctx.st.EndpointsRelation(eps...)
 	c.Assert(err, jc.ErrorIsNil)
@@ -2917,7 +3133,7 @@
 func (ua setToolsUpgradeAvailable) step(c *gc.C, ctx *context) {
 	env, err := ctx.st.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	err = env.UpdateLatestToolsVersion(nextVersion())
+	err = env.UpdateLatestToolsVersion(nextVersion)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -2999,17 +3215,17 @@
 	c.Assert(string(stdout), gc.Equals, `
 Running on subnets: 127.0.0.1/8, 10.0.0.1/8 
 Utilizing ports:                            
- # MACHINES: (3)
-    started:  3 
-            
-    # UNITS: (4)
-     active:  3 
-      error:  1 
-            
- # SERVICES:  (3)
-     logging  1/1 exposed
-       mysql  1/1 exposed
-   wordpress  1/1 exposed
+     # MACHINES: (3)
+        started:  3 
+                
+        # UNITS: (4)
+         active:  3 
+          error:  1 
+                
+ # APPLICATIONS:  (3)
+         logging  1/1 exposed
+           mysql  1/1 exposed
+       wordpress  1/1 exposed
 
 `[1:])
 }
@@ -3018,7 +3234,7 @@
 	defer s.resetContext(c, ctx)
 	steps := []stepper{
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addCharm{"wordpress"},
@@ -3028,7 +3244,7 @@
 		addService{name: "wordpress", charm: "wordpress"},
 		setServiceExposed{"wordpress", true},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addAliveUnit{"wordpress", "1"},
@@ -3038,7 +3254,7 @@
 		addService{name: "mysql", charm: "mysql"},
 		setServiceExposed{"mysql", true},
 		addMachine{machineId: "2", job: state.JobHostUnits},
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
 		addAliveUnit{"mysql", "2"},
@@ -3064,10 +3280,10 @@
 	ctx.run(c, steps)
 
 	const expected = `
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:error)
-- wordpress/0: admin-1.dns (agent:idle, workload:active)
-  - logging/0: admin-1.dns (agent:idle, workload:active)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:error)
+- wordpress/0: controller-1.dns (agent:idle, workload:active)
+  - logging/0: controller-1.dns (agent:idle, workload:active)
 `
 	assertOneLineStatus(c, expected)
 }
@@ -3096,7 +3312,7 @@
 	steps := []stepper{
 		setToolsUpgradeAvailable{},
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startMachineWithHardware{"0", instance.MustParseHardware("availability-zone=us-east-1a")},
 		setMachineStatus{"0", status.StatusStarted, ""},
 		addCharm{"wordpress"},
@@ -3105,7 +3321,7 @@
 		addService{name: "wordpress", charm: "wordpress"},
 		setServiceExposed{"wordpress", true},
 		addMachine{machineId: "1", job: state.JobHostUnits},
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
 		addAliveUnit{"wordpress", "1"},
@@ -3115,7 +3331,7 @@
 		addService{name: "mysql", charm: "mysql"},
 		setServiceExposed{"mysql", true},
 		addMachine{machineId: "2", job: state.JobHostUnits},
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
 		addAliveUnit{"mysql", "2"},
@@ -3136,6 +3352,9 @@
 		setAgentStatus{"logging/0", status.StatusIdle, "", nil},
 		setUnitStatus{"logging/0", status.StatusActive, "", nil},
 		setAgentStatus{"logging/1", status.StatusError, "somehow lost in all those logs", nil},
+		setUnitWorkloadVersion{"logging/1", "a bit too long, really"},
+		setUnitWorkloadVersion{"wordpress/0", "4.5.3"},
+		setUnitWorkloadVersion{"mysql/0", "5.7.13"},
 	}
 	for _, s := range steps {
 		s.step(c, ctx)
@@ -3153,42 +3372,35 @@
 	code, stdout, stderr := runStatus(c, args...)
 	c.Check(code, gc.Equals, 0)
 	c.Check(string(stderr), gc.Equals, "")
-	const expected = `
-[Model]           
-UPGRADE-AVAILABLE 
-%s
-
-[Services] 
-NAME       STATUS      EXPOSED CHARM                  
-logging                true    cs:quantal/logging-1   
-mysql      maintenance true    cs:quantal/mysql-1     
-wordpress  active      true    cs:quantal/wordpress-3 
-
-[Relations] 
-SERVICE1    SERVICE2  RELATION          TYPE        
-logging     mysql     juju-info         regular     
-logging     wordpress logging-dir       regular     
-mysql       logging   info              subordinate 
-mysql       wordpress db                regular     
-wordpress   logging   logging-directory subordinate 
-
-[Units]     
-ID          WORKLOAD-STATUS JUJU-STATUS VERSION MACHINE PORTS PUBLIC-ADDRESS MESSAGE                        
-mysql/0     maintenance     idle        1.2.3   2             admin-2.dns    installing all the things      
-  logging/1 error           idle                              admin-2.dns    somehow lost in all those logs 
-wordpress/0 active          idle        1.2.3   1             admin-1.dns                                   
-  logging/0 active          idle                              admin-1.dns                                   
-
-[Machines] 
-ID         STATE   DNS         INS-ID  SERIES  AZ         
-0          started admin-0.dns admin-0 quantal us-east-1a 
-1          started admin-1.dns admin-1 quantal            
-2          started admin-2.dns admin-2 quantal            
+	expected := `
+MODEL       CONTROLLER  CLOUD/REGION  VERSION  UPGRADE-AVAILABLE
+controller  kontroll    dummy         1.2.3    1.2.4
+
+APP        VERSION  STATUS       EXPOSED  ORIGIN      CHARM      REV  OS
+logging    a bi...               true     jujucharms  logging    1    ubuntu
+mysql      5.7.13   maintenance  true     jujucharms  mysql      1    ubuntu
+wordpress  4.5.3    active       true     jujucharms  wordpress  3    ubuntu
+
+RELATION           PROVIDES   CONSUMES   TYPE
+juju-info          logging    mysql      regular
+logging-dir        logging    wordpress  regular
+info               mysql      logging    subordinate
+db                 mysql      wordpress  regular
+logging-directory  wordpress  logging    subordinate
+
+UNIT         WORKLOAD     AGENT  MACHINE  PORTS  PUBLIC-ADDRESS    MESSAGE
+mysql/0      maintenance  idle   2               controller-2.dns  installing all the things
+  logging/1  error        idle                   controller-2.dns  somehow lost in all those logs
+wordpress/0  active       idle   1               controller-1.dns  
+  logging/0  active       idle                   controller-1.dns  
+
+MACHINE  STATE    DNS               INS-ID        SERIES   AZ
+0        started  controller-0.dns  controller-0  quantal  us-east-1a
+1        started  controller-1.dns  controller-1  quantal  
+2        started  controller-2.dns  controller-2  quantal  
 
-`
-	nextVersionStr := nextVersion().String()
-	spaces := strings.Repeat(" ", len("UPGRADE-AVAILABLE")-len(nextVersionStr)+1)
-	c.Assert(string(stdout), gc.Equals, fmt.Sprintf(expected[1:], nextVersionStr+spaces))
+`[1:]
+	c.Assert(string(stdout), gc.Equals, expected)
 }
 
 func (s *StatusSuite) TestStatusWithFormatTabular(c *gc.C) {
@@ -3197,10 +3409,10 @@
 
 func (s *StatusSuite) TestFormatTabularHookActionName(c *gc.C) {
 	status := formattedStatus{
-		Services: map[string]serviceStatus{
-			"foo": serviceStatus{
+		Applications: map[string]applicationStatus{
+			"foo": {
 				Units: map[string]unitStatus{
-					"foo/0": unitStatus{
+					"foo/0": {
 						JujuStatusInfo: statusInfoContents{
 							Current: status.StatusExecuting,
 							Message: "running config-changed hook",
@@ -3210,7 +3422,7 @@
 							Message: "doing some work",
 						},
 					},
-					"foo/1": unitStatus{
+					"foo/1": {
 						JujuStatusInfo: statusInfoContents{
 							Current: status.StatusExecuting,
 							Message: "running action backup database",
@@ -3227,26 +3439,52 @@
 	out, err := FormatTabular(status)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(string(out), gc.Equals, `
-[Services] 
-NAME       STATUS EXPOSED CHARM 
-foo               false         
-
-[Units] 
-ID      WORKLOAD-STATUS JUJU-STATUS VERSION MACHINE PORTS PUBLIC-ADDRESS MESSAGE                           
-foo/0   maintenance     executing                                        (config-changed) doing some work  
-foo/1   maintenance     executing                                        (backup database) doing some work 
+MODEL  CONTROLLER  CLOUD/REGION  VERSION
+                                 
+
+APP  VERSION  STATUS  EXPOSED  ORIGIN  CHARM  REV  OS
+foo                   false                   0    
 
-[Machines] 
-ID         STATE DNS INS-ID SERIES AZ 
+UNIT   WORKLOAD     AGENT      MACHINE  PORTS  PUBLIC-ADDRESS  MESSAGE
+foo/0  maintenance  executing                                  (config-changed) doing some work
+foo/1  maintenance  executing                                  (backup database) doing some work
+
+MACHINE  STATE  DNS  INS-ID  SERIES  AZ
 `[1:])
 }
 
+func (s *StatusSuite) TestFormatTabularConsistentPeerRelationName(c *gc.C) {
+	status := formattedStatus{
+		Applications: map[string]applicationStatus{
+			"foo": {
+				Relations: map[string][]string{
+					"coordinator":  {"foo"},
+					"frobulator":   {"foo"},
+					"encapsulator": {"foo"},
+					"catchulator":  {"foo"},
+					"perforator":   {"foo"},
+					"deliverator":  {"foo"},
+					"replicator":   {"foo"},
+				},
+			},
+		},
+	}
+	out, err := FormatTabular(status)
+	c.Assert(err, jc.ErrorIsNil)
+	sections, err := splitTableSections(out)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sections["RELATION"], gc.DeepEquals, []string{
+		"RELATION    PROVIDES  CONSUMES  TYPE",
+		"replicator  foo       foo       peer",
+	})
+}
+
 func (s *StatusSuite) TestStatusWithNilStatusApi(c *gc.C) {
 	ctx := s.newContext(c)
 	defer s.resetContext(c, ctx)
 	steps := []stepper{
 		addMachine{machineId: "0", job: state.JobManageModel},
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
 	}
@@ -3271,16 +3509,16 @@
 
 func (s *StatusSuite) TestFormatTabularMetering(c *gc.C) {
 	status := formattedStatus{
-		Services: map[string]serviceStatus{
-			"foo": serviceStatus{
+		Applications: map[string]applicationStatus{
+			"foo": {
 				Units: map[string]unitStatus{
-					"foo/0": unitStatus{
+					"foo/0": {
 						MeterStatus: &meterStatus{
 							Color:   "strange",
 							Message: "warning: stable strangelets",
 						},
 					},
-					"foo/1": unitStatus{
+					"foo/1": {
 						MeterStatus: &meterStatus{
 							Color:   "up",
 							Message: "things are looking up",
@@ -3293,22 +3531,21 @@
 	out, err := FormatTabular(status)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(string(out), gc.Equals, `
-[Services] 
-NAME       STATUS EXPOSED CHARM 
-foo               false         
-
-[Units] 
-ID      WORKLOAD-STATUS JUJU-STATUS VERSION MACHINE PORTS PUBLIC-ADDRESS MESSAGE 
-foo/0                                                                            
-foo/1                                                                            
-
-[Metering] 
-ID         STATUS  MESSAGE                     
-foo/0      strange warning: stable strangelets 
-foo/1      up      things are looking up       
+MODEL  CONTROLLER  CLOUD/REGION  VERSION
+                                 
+
+APP  VERSION  STATUS  EXPOSED  ORIGIN  CHARM  REV  OS
+foo                   false                   0    
 
-[Machines] 
-ID         STATE DNS INS-ID SERIES AZ 
+UNIT   WORKLOAD  AGENT  MACHINE  PORTS  PUBLIC-ADDRESS  MESSAGE
+foo/0                                                   
+foo/1                                                   
+
+METER  STATUS   MESSAGE
+foo/0  strange  warning: stable strangelets
+foo/1  up       things are looking up
+
+MACHINE  STATE  DNS  INS-ID  SERIES  AZ
 `[1:])
 }
 
@@ -3326,11 +3563,11 @@
 		addMachine{machineId: "0", job: state.JobManageModel},
 		startAliveMachine{"0"},
 		setMachineStatus{"0", status.StatusStarted, ""},
-		// And the machine's address is "admin-0.dns"
-		setAddresses{"0", network.NewAddresses("admin-0.dns")},
+		// And the machine's address is "controller-0.dns"
+		setAddresses{"0", network.NewAddresses("controller-0.dns")},
 		// And a container is started
-		// And the container's ID is "0/lxc/0"
-		addContainer{"0", "0/lxc/0", state.JobHostUnits},
+		// And the container's ID is "0/lxd/0"
+		addContainer{"0", "0/lxd/0", state.JobHostUnits},
 
 		// And the "wordpress" charm is available
 		addCharm{"wordpress"},
@@ -3347,8 +3584,8 @@
 		addMachine{machineId: "1", job: state.JobHostUnits},
 		startAliveMachine{"1"},
 		setMachineStatus{"1", status.StatusStarted, ""},
-		// And the machine's address is "admin-1.dns"
-		setAddresses{"1", network.NewAddresses("admin-1.dns")},
+		// And the machine's address is "controller-1.dns"
+		setAddresses{"1", network.NewAddresses("controller-1.dns")},
 		// And a unit of "wordpress" is deployed to machine "1"
 		addAliveUnit{"wordpress", "1"},
 		// And the unit is started
@@ -3361,8 +3598,8 @@
 		addMachine{machineId: "2", job: state.JobHostUnits},
 		startAliveMachine{"2"},
 		setMachineStatus{"2", status.StatusStarted, ""},
-		// And the machine's address is "admin-2.dns"
-		setAddresses{"2", network.NewAddresses("admin-2.dns")},
+		// And the machine's address is "controller-2.dns"
+		setAddresses{"2", network.NewAddresses("controller-2.dns")},
 		// And a unit of "mysql" is deployed to machine "2"
 		addAliveUnit{"mysql", "2"},
 		// And the unit is started
@@ -3408,8 +3645,8 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- wordpress/0: admin-1.dns (agent:idle, workload:active)
-  - logging/0: admin-1.dns (agent:idle, workload:active)
+- wordpress/0: controller-1.dns (agent:idle, workload:active)
+  - logging/0: controller-1.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3425,8 +3662,8 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- wordpress/0: admin-1.dns (agent:idle, workload:active)
-  - logging/0: admin-1.dns (agent:idle, workload:active)
+- wordpress/0: controller-1.dns (agent:idle, workload:active)
+  - logging/0: controller-1.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3440,7 +3677,7 @@
 	_, stdout, stderr := runStatus(c, "--format", "yaml", "0")
 	c.Assert(string(stderr), gc.Equals, "")
 	// Then I should receive output matching:
-	const expected = "(.|\n)*machines:(.|\n)*\"0\"(.|\n)*0/lxc/0(.|\n)*"
+	const expected = "(.|\n)*machines:(.|\n)*\"0\"(.|\n)*0/lxd/0(.|\n)*"
 	c.Assert(string(stdout), gc.Matches, expected)
 }
 
@@ -3449,25 +3686,29 @@
 	ctx := s.FilteringTestSetup(c)
 	defer s.resetContext(c, ctx)
 
-	// When I run juju status --format yaml 0/lxc/0
-	_, stdout, stderr := runStatus(c, "--format", "yaml", "0/lxc/0")
+	// When I run juju status --format yaml 0/lxd/0
+	_, stdout, stderr := runStatus(c, "--format", "yaml", "0/lxd/0")
 	c.Assert(string(stderr), gc.Equals, "")
 	out := substituteFakeSinceTime(c, stdout, ctx.expectIsoTime)
 	const expected = "" +
-		"model: admin\n" +
+		"model:\n" +
+		"  name: controller\n" +
+		"  controller: kontroll\n" +
+		"  cloud: dummy\n" +
+		"  version: 1.2.3\n" +
 		"machines:\n" +
 		"  \"0\":\n" +
 		"    juju-status:\n" +
 		"      current: started\n" +
 		"      since: 01 Apr 15 01:23+10:00\n" +
-		"    dns-name: admin-0.dns\n" +
-		"    instance-id: admin-0\n" +
+		"    dns-name: controller-0.dns\n" +
+		"    instance-id: controller-0\n" +
 		"    machine-status:\n" +
 		"      current: pending\n" +
 		"      since: 01 Apr 15 01:23+10:00\n" +
 		"    series: quantal\n" +
 		"    containers:\n" +
-		"      0/lxc/0:\n" +
+		"      0/lxd/0:\n" +
 		"        juju-status:\n" +
 		"          current: pending\n" +
 		"          since: 01 Apr 15 01:23+10:00\n" +
@@ -3478,7 +3719,7 @@
 		"        series: quantal\n" +
 		"    hardware: arch=amd64 cpu-cores=1 mem=1024M root-disk=8192M\n" +
 		"    controller-member-status: adding-vote\n" +
-		"services: {}\n"
+		"applications: {}\n"
 
 	c.Assert(string(out), gc.Equals, expected)
 }
@@ -3496,8 +3737,8 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:error)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:error)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3513,8 +3754,8 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:active)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:active)
 `
 
 	c.Assert(string(stdout), gc.Equals, expected[1:])
@@ -3537,8 +3778,8 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:active)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3555,8 +3796,8 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- wordpress/0: admin-1.dns (agent:idle, workload:active)
-  - logging/0: admin-1.dns (agent:idle, workload:active)
+- wordpress/0: controller-1.dns (agent:idle, workload:active)
+  - logging/0: controller-1.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3615,10 +3856,10 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:active)
-- wordpress/0: admin-1.dns (agent:idle, workload:active)
-  - logging/0: admin-1.dns (agent:idle, workload:active)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:active)
+- wordpress/0: controller-1.dns (agent:idle, workload:active)
+  - logging/0: controller-1.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3636,8 +3877,8 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:active)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3651,10 +3892,10 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:active)
-- wordpress/0: admin-1.dns (agent:idle, workload:active)
-  - logging/0: admin-1.dns (agent:idle, workload:active)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:active)
+- wordpress/0: controller-1.dns (agent:idle, workload:active)
+  - logging/0: controller-1.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3668,10 +3909,10 @@
 	// Then I should receive output prefixed with:
 	const expected = `
 
-- mysql/0: admin-2.dns (agent:idle, workload:active)
-  - logging/1: admin-2.dns (agent:idle, workload:active)
-- wordpress/0: admin-1.dns (agent:idle, workload:active)
-  - logging/0: admin-1.dns (agent:idle, workload:active)
+- mysql/0: controller-2.dns (agent:idle, workload:active)
+  - logging/1: controller-2.dns (agent:idle, workload:active)
+- wordpress/0: controller-1.dns (agent:idle, workload:active)
+  - logging/0: controller-1.dns (agent:idle, workload:active)
 `
 	c.Assert(string(stdout), gc.Equals, expected[1:])
 }
@@ -3727,37 +3968,40 @@
 var statusTimeTest = test(
 	"status generates timestamps as UTC in ISO format",
 	addMachine{machineId: "0", job: state.JobManageModel},
-	setAddresses{"0", network.NewAddresses("admin-0.dns")},
+	setAddresses{"0", network.NewAddresses("controller-0.dns")},
 	startAliveMachine{"0"},
 	setMachineStatus{"0", status.StatusStarted, ""},
 	addCharm{"dummy"},
-	addService{name: "dummy-service", charm: "dummy"},
+	addService{name: "dummy-application", charm: "dummy"},
 
 	addMachine{machineId: "1", job: state.JobHostUnits},
 	startAliveMachine{"1"},
-	setAddresses{"1", network.NewAddresses("admin-1.dns")},
+	setAddresses{"1", network.NewAddresses("controller-1.dns")},
 	setMachineStatus{"1", status.StatusStarted, ""},
 
-	addAliveUnit{"dummy-service", "1"},
+	addAliveUnit{"dummy-application", "1"},
 	expect{
 		"add two units, one alive (in error state), one started",
 		M{
-			"model": "admin",
+			"model": M{
+				"name":       "controller",
+				"controller": "kontroll",
+				"cloud":      "dummy",
+				"version":    "1.2.3",
+			},
 			"machines": M{
 				"0": machine0,
 				"1": machine1,
 			},
-			"services": M{
-				"dummy-service": M{
-					"charm":   "cs:quantal/dummy-1",
-					"exposed": false,
-					"service-status": M{
+			"applications": M{
+				"dummy-application": dummyCharm(M{
+					"application-status": M{
 						"current": "unknown",
 						"message": "Waiting for agent initialization to finish",
 						"since":   "01 Apr 15 01:23+10:00",
 					},
 					"units": M{
-						"dummy-service/0": M{
+						"dummy-application/0": M{
 							"machine": "1",
 							"workload-status": M{
 								"current": "unknown",
@@ -3768,10 +4012,10 @@
 								"current": "allocating",
 								"since":   "01 Apr 15 01:23+10:00",
 							},
-							"public-address": "admin-1.dns",
+							"public-address": "controller-1.dns",
 						},
 					},
-				},
+				}),
 			},
 		},
 	},
@@ -3790,7 +4034,7 @@
 func (s *StatusSuite) TestFormatProvisioningError(c *gc.C) {
 	status := &params.FullStatus{
 		Machines: map[string]params.MachineStatus{
-			"1": params.MachineStatus{
+			"1": {
 				AgentStatus: params.DetailedStatus{
 					Status: "error",
 					Info:   "<error while provisioning>",
@@ -3808,7 +4052,7 @@
 
 	c.Check(formatted, jc.DeepEquals, formattedStatus{
 		Machines: map[string]machineStatus{
-			"1": machineStatus{
+			"1": {
 				JujuStatus: statusInfoContents{Current: "error", Message: "<error while provisioning>"},
 				InstanceId: "pending",
 				Series:     "trusty",
@@ -3816,6 +4060,33 @@
 				Containers: map[string]machineStatus{},
 			},
 		},
-		Services: map[string]serviceStatus{},
+		Applications: map[string]applicationStatus{},
 	})
 }
+
+type tableSections map[string][]string
+
+func sectionTitle(lines []string) string {
+	return strings.SplitN(lines[0], " ", 2)[0]
+}
+
+func splitTableSections(tableData []byte) (tableSections, error) {
+	scanner := bufio.NewScanner(bytes.NewReader(tableData))
+	result := make(tableSections)
+	var current []string
+	for scanner.Scan() {
+		if line := scanner.Text(); line == "" && current != nil {
+			result[sectionTitle(current)] = current
+			current = nil
+		} else if line != "" {
+			current = append(current, line)
+		}
+	}
+	if scanner.Err() != nil {
+		return nil, scanner.Err()
+	}
+	if current != nil {
+		result[sectionTitle(current)] = current
+	}
+	return result, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/add.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/add.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/add.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/add.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,13 @@
 
 import (
 	"fmt"
+	"sort"
 	"strings"
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/modelcmd"
@@ -54,8 +56,8 @@
 Model default values will be used for all ommitted constraint values.
 There is no need to comma-separate ommitted constraints. 
 
-Example:
-    Add 3 ebs storage instances for "data" storage to unit u/0:
+Examples:
+    # Add 3 ebs storage instances for "data" storage to unit u/0:
 
       juju add-storage u/0 data=ebs,1024,3 
     or
@@ -64,8 +66,8 @@
       juju add-storage u/0 data=ebs,,3 
     
     
-    Add 1 storage instances for "data" storage to unit u/0 
-    using default model provider pool:
+    # Add 1 storage instances for "data" storage to unit u/0
+    # using default model provider pool:
 
       juju add-storage u/0 data=1 
     or
@@ -111,7 +113,7 @@
 func (c *addCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "add-storage",
-		Purpose: "adds unit storage dynamically",
+		Purpose: "Adds unit storage dynamically.",
 		Doc:     addCommandDoc,
 		Args:    addCommandAgs,
 	}
@@ -130,29 +132,46 @@
 	if err != nil {
 		return err
 	}
-	// If there are any failures, display them first.
-	// Then display all added storage.
-	// If there are no failures, then there is no need to display all successes.
-	var added []string
 
+	var added []string
+	var failures []string
+	// If there was a unit-related error, then all storages will get the same error.
+	// We want to collapse these - no need to repeat the same things ad nauseam.
+	collapsedFailures := set.NewStrings()
 	for i, one := range results {
 		us := storages[i]
 		if one.Error != nil {
-			fmt.Fprintf(ctx.Stderr, fail+": %v\n", us.StorageName, one.Error)
+			failures = append(failures, fmt.Sprintf(fail, us.StorageName, one.Error))
+			collapsedFailures.Add(one.Error.Error())
 			continue
 		}
 		added = append(added, fmt.Sprintf(success, us.StorageName))
 	}
-	if len(added) < len(storages) {
-		fmt.Fprintf(ctx.Stderr, strings.Join(added, "\n"))
+
+	if len(added) > 0 {
+		fmt.Fprintln(ctx.Stdout, strings.Join(added, newline))
+	}
+
+	if len(failures) == len(storages) {
+		// If we managed to collapse, then display these instead of the whole list.
+		if len(collapsedFailures) < len(failures) {
+			for _, one := range collapsedFailures.SortedValues() {
+				fmt.Fprintln(ctx.Stderr, one)
+			}
+			return cmd.ErrSilent
+		}
+	}
+	if len(failures) > 0 {
+		fmt.Fprintln(ctx.Stderr, strings.Join(failures, newline))
+		return cmd.ErrSilent
 	}
 	return nil
 }
 
 var (
-	storageName = "storage %q"
-	success     = "success: " + storageName
-	fail        = "fail: " + storageName
+	newline = "\n"
+	success = "added %q"
+	fail    = "failed to add %q: %v"
 )
 
 // StorageAddAPI defines the API methods that the storage commands use.
@@ -175,5 +194,23 @@
 				},
 			})
 	}
+
+	// For consistency and because we are coming from a map,
+	// ensure that collection is sorted by storage name for deterministic results.
+	sort.Sort(storageParams(all))
 	return all
 }
+
+type storageParams []params.StorageAddParams
+
+func (v storageParams) Len() int {
+	return len(v)
+}
+
+func (v storageParams) Swap(i, j int) {
+	v[i], v[j] = v[j], v[i]
+}
+
+func (v storageParams) Less(i, j int) bool {
+	return v[i].StorageName < v[j].StorageName
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/add_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/add_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/add_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/add_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,94 +30,230 @@
 func (s *addSuite) SetUpTest(c *gc.C) {
 	s.SubStorageSuite.SetUpTest(c)
 
-	s.mockAPI = &mockAddAPI{}
+	s.mockAPI = &mockAddAPI{
+		addToUnitFunc: func(storages []params.StorageAddParams) ([]params.ErrorResult, error) {
+			result := make([]params.ErrorResult, len(storages))
+			for i, one := range storages {
+				if strings.HasPrefix(one.StorageName, "err") {
+					result[i].Error = common.ServerError(fmt.Errorf("test failure"))
+				}
+			}
+			return result, nil
+		},
+	}
 	s.args = nil
 }
 
 type tstData struct {
 	args        []string
 	expectedErr string
+	visibleErr  string
 }
 
 var errorTsts = []tstData{
-	{nil, ".*add-storage requires a unit and a storage directive.*"},
-	{[]string{"tst/123"}, ".*add-storage requires a unit and a storage directive.*"},
-	{[]string{"tst/123", "data="}, `.*storage constraints require at least one.*`},
-	{[]string{"tst/123", "data=-676"}, `.*count must be greater than zero, got "-676".*`},
-	{[]string{"tst/123", "data=676", "data=676"}, `.*storage "data" specified more than once.*`},
+	{
+		args:        nil,
+		expectedErr: "add-storage requires a unit and a storage directive",
+		visibleErr:  "add-storage requires a unit and a storage directive",
+	},
+	{
+		args:        []string{"tst/123"},
+		expectedErr: "add-storage requires a unit and a storage directive",
+		visibleErr:  "add-storage requires a unit and a storage directive",
+	},
+	{
+		args:        []string{"tst/123", "data="},
+		expectedErr: `storage constraints require at least one field to be specified`,
+		visibleErr:  `cannot parse constraints for storage "data": storage constraints require at least one field to be specified`,
+	},
+	{
+		args:        []string{"tst/123", "data=-676"},
+		expectedErr: `count must be greater than zero, got "-676"`,
+		visibleErr:  `cannot parse constraints for storage "data": cannot parse count: count must be greater than zero, got "-676"`,
+	},
+	{
+		args:        []string{"tst/123", "data=676", "data=676"},
+		expectedErr: `storage "data" specified more than once`,
+		visibleErr:  `storage "data" specified more than once`,
+	},
 }
 
 func (s *addSuite) TestAddArgs(c *gc.C) {
 	for i, t := range errorTsts {
 		c.Logf("test %d for %q", i, t.args)
 		s.args = t.args
-		s.assertAddErrorOutput(c, t.expectedErr)
+		s.assertAddErrorOutput(c, t.expectedErr, "", visibleErrorMessage(t.visibleErr))
 	}
 }
 
-func (s *addSuite) assertAddErrorOutput(c *gc.C, expected string) {
-	_, err := s.runAdd(c, s.args...)
-	c.Assert(errors.Cause(err), gc.ErrorMatches, expected)
-}
-
-func (s *addSuite) runAdd(c *gc.C, args ...string) (*cmd.Context, error) {
-	return testing.RunCommand(c, storage.NewAddCommandForTest(s.mockAPI, s.store), args...)
-}
-
 func (s *addSuite) TestAddInvalidUnit(c *gc.C) {
 	s.args = []string{"tst-123", "data=676"}
-	s.assertAddErrorOutput(c, `.*unit name "tst-123" not valid.*`)
+
+	expectedErr := `unit name "tst-123" not valid`
+	s.assertAddErrorOutput(c, expectedErr, "", visibleErrorMessage(expectedErr))
 }
 
-var successTsts = []tstData{
-	{[]string{"tst/123", "data=676"}, ""},
-	{[]string{"tst/123", "data"}, ``},
+var validArgs = [][]string{
+	[]string{"tst/123", "data=676"},
+	[]string{"tst/123", "data"},
 }
 
 func (s *addSuite) TestAddSuccess(c *gc.C) {
-	for i, t := range successTsts {
-		c.Logf("test %d for %q", i, t.args)
-		s.args = t.args
-		s.assertAddOutput(c, "", "")
+	for i, args := range validArgs {
+		c.Logf("test %d for %q", i, args)
+		s.args = args
+		s.assertAddOutput(c, "added \"data\"\n", "")
 	}
 }
 
 func (s *addSuite) TestAddOperationAborted(c *gc.C) {
 	s.args = []string{"tst/123", "data=676"}
-	s.mockAPI.abort = true
-	s.assertAddErrorOutput(c, ".*aborted.*")
+	s.mockAPI.addToUnitFunc = func(storages []params.StorageAddParams) ([]params.ErrorResult, error) {
+		return nil, errors.New("aborted")
+	}
+	s.assertAddErrorOutput(c, ".*aborted.*", "", "")
 }
 
 func (s *addSuite) TestAddFailure(c *gc.C) {
 	s.args = []string{"tst/123", "err=676"}
-	s.assertAddOutput(c, "", "fail: storage \"err\": test failure\n")
+	s.assertAddErrorOutput(c, "cmd: error out silently", "", "failed to add \"err\": test failure\n")
 }
 
 func (s *addSuite) TestAddMixOrderPreserved(c *gc.C) {
+	expectedOut := `
+added "a"
+`[1:]
 	expectedErr := `
-fail: storage "err": test failure
-success: storage "a"`[1:]
+failed to add "err": test failure
+`[1:]
 
 	s.args = []string{"tst/123", "a=676", "err=676"}
-	s.assertAddOutput(c, "", expectedErr)
+	s.assertAddErrorOutput(c, "cmd: error out silently", expectedOut, expectedErr)
 
 	s.args = []string{"tst/123", "err=676", "a=676"}
-	s.assertAddOutput(c, "", expectedErr)
+	s.assertAddErrorOutput(c, "cmd: error out silently", expectedOut, expectedErr)
 }
 
-func (s *addSuite) assertAddOutput(c *gc.C, expectedValid, expectedErr string) {
+func (s *addSuite) TestAddAllDistinctErrors(c *gc.C) {
+	expectedOut := `
+added "storage0"
+added "storage1"
+`[1:]
+	expectedErr := `
+failed to add "storage2": storage pool "barf" not found
+failed to add "storage42": storage "storage42" not found
+`[1:]
+
+	s.args = []string{"tst/123", "storage0=ebs", "storage2=barf", "storage1=123", "storage42=loop"}
+	s.mockAPI.addToUnitFunc = func(storages []params.StorageAddParams) ([]params.ErrorResult, error) {
+		result := make([]params.ErrorResult, len(storages))
+		for i, one := range storages {
+			if one.StorageName == "storage2" {
+				result[i].Error = common.ServerError(fmt.Errorf(`storage pool "barf" not found`))
+			}
+			if one.StorageName == "storage42" {
+				result[i].Error = common.ServerError(fmt.Errorf(`storage "storage42" not found`))
+			}
+		}
+		return result, nil
+	}
+
+	s.assertAddErrorOutput(c, "cmd: error out silently", expectedOut, expectedErr)
+}
+
+func (s *addSuite) TestAddStorageOnlyDistinctErrors(c *gc.C) {
+	expectedOut := `
+added "storage0"
+`[1:]
+	expectedErr := `
+failed to add "storage2": storage "storage2" not found
+failed to add "storage42": storage "storage42" not found
+`[1:]
+
+	s.args = []string{"tst/123", "storage0=ebs", "storage2=barf", "storage42=loop"}
+	s.mockAPI.addToUnitFunc = func(storages []params.StorageAddParams) ([]params.ErrorResult, error) {
+		result := make([]params.ErrorResult, len(storages))
+		for i, one := range storages {
+			if one.StorageName == "storage42" || one.StorageName == "storage2" {
+				result[i].Error = common.ServerError(fmt.Errorf(`storage "%v" not found`, one.StorageName))
+			}
+		}
+		return result, nil
+	}
+
+	s.assertAddErrorOutput(c, "cmd: error out silently", expectedOut, expectedErr)
+}
+
+func (s *addSuite) TestAddStorageMixDistinctAndNonDistinctErrors(c *gc.C) {
+	expectedOut := ``
+	expectedErr := `
+some unit error
+storage "storage0" not found
+`[1:]
+
+	unitErr := `some unit error`
+	s.args = []string{"tst/123", "storage0=ebs", "storage2=barf", "storage42=loop"}
+	s.mockAPI.addToUnitFunc = func(storages []params.StorageAddParams) ([]params.ErrorResult, error) {
+		result := make([]params.ErrorResult, len(storages))
+		for i, one := range storages {
+			if one.StorageName == "storage42" || one.StorageName == "storage2" {
+				result[i].Error = common.ServerError(errors.New(unitErr))
+			} else {
+				result[i].Error = common.ServerError(fmt.Errorf(`storage "%v" not found`, one.StorageName))
+			}
+		}
+		return result, nil
+	}
+
+	s.assertAddErrorOutput(c, "cmd: error out silently", expectedOut, expectedErr)
+}
+
+func (s *addSuite) TestCollapseUnitErrors(c *gc.C) {
+	expectedErr := `some unit error`
+
+	s.args = []string{"tst/123", "storage0=ebs", "storage2=barf", "storage1=123", "storage42=loop"}
+	s.mockAPI.addToUnitFunc = func(storages []params.StorageAddParams) ([]params.ErrorResult, error) {
+		result := make([]params.ErrorResult, len(storages))
+		for i, _ := range storages {
+			result[i].Error = common.ServerError(errors.New(expectedErr))
+		}
+		return result, nil
+	}
+
+	s.assertAddErrorOutput(c, "cmd: error out silently", "", fmt.Sprintf("%v\n", expectedErr))
+}
+
+func (s *addSuite) assertAddOutput(c *gc.C, expectedOut, expectedErr string) {
 	context, err := s.runAdd(c, s.args...)
 	c.Assert(err, jc.ErrorIsNil)
 
+	s.assertExpectedOutput(c, context, expectedOut, expectedErr)
+}
+
+func (s *addSuite) assertAddErrorOutput(c *gc.C, expected string, expectedOut, expectedErr string) {
+	context, err := s.runAdd(c, s.args...)
+	c.Assert(errors.Cause(err), gc.ErrorMatches, expected)
+	s.assertExpectedOutput(c, context, expectedOut, expectedErr)
+}
+
+func (s *addSuite) assertExpectedOutput(c *gc.C, context *cmd.Context, expectedOut, expectedErr string) {
 	obtainedErr := testing.Stderr(context)
 	c.Assert(obtainedErr, gc.Equals, expectedErr)
 
 	obtainedValid := testing.Stdout(context)
-	c.Assert(obtainedValid, gc.Equals, expectedValid)
+	c.Assert(obtainedValid, gc.Equals, expectedOut)
+}
+
+func (s *addSuite) runAdd(c *gc.C, args ...string) (*cmd.Context, error) {
+	return testing.RunCommand(c, storage.NewAddCommandForTest(s.mockAPI, s.store), args...)
+}
+
+func visibleErrorMessage(errMsg string) string {
+	return fmt.Sprintf("error: %v\n", errMsg)
 }
 
 type mockAddAPI struct {
-	abort bool
+	addToUnitFunc func(storages []params.StorageAddParams) ([]params.ErrorResult, error)
 }
 
 func (s mockAddAPI) Close() error {
@@ -125,14 +261,5 @@
 }
 
 func (s mockAddAPI) AddToUnit(storages []params.StorageAddParams) ([]params.ErrorResult, error) {
-	if s.abort {
-		return nil, errors.New("aborted")
-	}
-	result := make([]params.ErrorResult, len(storages))
-	for i, one := range storages {
-		if strings.HasPrefix(one.StorageName, "err") {
-			result[i].Error = common.ServerError(fmt.Errorf("test failure"))
-		}
-	}
-	return result, nil
+	return s.addToUnitFunc(storages)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/filesystem.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/filesystem.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/filesystem.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/filesystem.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/filesystemlist_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/filesystemlist_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/filesystemlist_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/filesystemlist_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -264,7 +264,7 @@
 			},
 			Storage: &params.StorageDetails{
 				StorageTag: "storage-shared-fs-0",
-				OwnerTag:   "service-transcode",
+				OwnerTag:   "application-transcode",
 				Kind:       params.StorageKindBlock,
 				Status:     createTestStatus(status.StatusAttached, ""),
 				Attachments: map[string]params.StorageAttachmentDetails{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,14 +23,6 @@
 
 const listCommandDoc = `
 List information about storage instances.
-
-options:
--m, --model (= "")
-   juju model to operate in
--o, --output (= "")
-   specify an output file
---format (= tabular)
-   specify output format (json|tabular|yaml)
 `
 
 // listCommand returns storage instances.
@@ -52,11 +44,11 @@
 // Info implements Command.Info.
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-storage",
+		Name:    "storage",
 		Args:    "<machineID> ...",
-		Purpose: "lists storage details",
+		Purpose: "Lists storage details.",
 		Doc:     listCommandDoc,
-		Aliases: []string{"storage"},
+		Aliases: []string{"list-storage"},
 	}
 }
 
@@ -68,8 +60,8 @@
 		"json":    cmd.FormatJson,
 		"tabular": formatListTabular,
 	})
-	f.BoolVar(&c.filesystem, "filesystem", false, "list filesystem storage")
-	f.BoolVar(&c.volume, "volume", false, "list volume storage")
+	f.BoolVar(&c.filesystem, "filesystem", false, "List filesystem storage")
+	f.BoolVar(&c.volume, "volume", false, "List volume storage")
 }
 
 // Run implements Command.Run.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/list_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/list_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/list_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/list_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -178,7 +178,7 @@
 		},
 	}, {
 		StorageTag: "storage-shared-fs-0",
-		OwnerTag:   "service-transcode",
+		OwnerTag:   "application-transcode",
 		Kind:       params.StorageKindFilesystem,
 		Status: params.EntityStatus{
 			Status: status.StatusAttached,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,8 @@
 	"testing"
 
 	"github.com/juju/cmd"
-	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	jujutesting "github.com/juju/juju/testing"
@@ -42,11 +40,10 @@
 func (s *SubStorageSuite) SetUpTest(c *gc.C) {
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
 
-	err := modelcmd.WriteCurrentController("testing")
-	c.Assert(err, jc.ErrorIsNil)
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "testing"
 	s.store.Controllers["testing"] = jujuclient.ControllerDetails{}
-	s.store.Accounts["testing"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts["testing"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/poolcreate.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/poolcreate.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/poolcreate.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/poolcreate.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,12 +19,10 @@
 }
 
 const poolCreateCommandDoc = `
-Create or define a storage pool.
-
 Pools are a mechanism for administrators to define sources of storage that
-they will use to satisfy service storage requirements.
+they will use to satisfy application storage requirements.
 
-A single pool might be used for storage from units of many different services -
+A single pool might be used for storage from units of many different applications -
 it is a resource from which different stores may be drawn.
 
 A pool describes provider-specific parameters for creating storage,
@@ -36,20 +34,9 @@
 Creating pools there maps provider specific settings
 into named resources that can be used during deployment.
 
-Pools defined at the model level are easily reused across services.
-
-options:
-    -m, --model (= "")
-        juju model to operate in
-    -o, --output (= "")
-        specify an output file
-    <name>
-        pool name
-    <provider type>
-        pool provider type
-    <key>=<value> (<key>=<value> ...)
-        pool configuration attributes as space-separated pairs, 
-        for e.g. tags, size, path, etc...
+Pools defined at the model level are easily reused across applications.
+Pool creation requires a pool name, the provider type and attributes for
+configuration as space-separated pairs, e.g. tags, size, path, etc.
 `
 
 // NewPoolCreateCommand returns a command that creates or defines a storage pool
@@ -101,7 +88,7 @@
 	return &cmd.Info{
 		Name:    "create-storage-pool",
 		Args:    "<name> <provider> [<key>=<value> [<key>=<value>...]]",
-		Purpose: "create storage pool",
+		Purpose: "Create or define a storage pool.",
 		Doc:     poolCreateCommandDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/poollistformatters.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/poollistformatters.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/poollistformatters.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/poollistformatters.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package storage
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/poollist.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/poollist.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/poollist.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/poollist.go	2016-07-18 19:45:44.000000000 +0000
@@ -34,7 +34,6 @@
 }
 
 const poolListCommandDoc = `
-Lists storage pools.
 The user can filter on pool type, name.
 
 If no filter is specified, all current pools are listed.
@@ -45,19 +44,6 @@
 
 Both pool types and names must be valid.
 Valid pool types are pool types that are registered for Juju model.
-
-options:
--m, --model (= "")
-   juju model to operate in
--o, --output (= "")
-   specify an output file
---format (= yaml)
-   specify output format (json|tabular|yaml)
---provider
-   pool provider type
---name
-   pool name
-
 `
 
 // NewPoolListCommand returns a command that lists storage pools on a model
@@ -86,17 +72,18 @@
 // Info implements Command.Info.
 func (c *poolListCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-storage-pools",
-		Purpose: "list storage pools",
+		Name:    "storage-pools",
+		Purpose: "List storage pools.",
 		Doc:     poolListCommandDoc,
+		Aliases: []string{"list-storage-pools"},
 	}
 }
 
 // SetFlags implements Command.SetFlags.
 func (c *poolListCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.StorageCommandBase.SetFlags(f)
-	f.Var(cmd.NewAppendStringsValue(&c.Providers), "provider", "only show pools of these provider types")
-	f.Var(cmd.NewAppendStringsValue(&c.Names), "name", "only show pools with these names")
+	f.Var(cmd.NewAppendStringsValue(&c.Providers), "provider", "Only show pools of these provider types")
+	f.Var(cmd.NewAppendStringsValue(&c.Names), "name", "Only show pools with these names")
 
 	c.out.AddFlags(f, "tabular", map[string]cmd.Formatter{
 		"yaml":    cmd.FormatYaml,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/show.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/show.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/show.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/show.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/apiserver/params"
@@ -28,15 +28,6 @@
 Storage instances to display are specified by storage ids.
 
 * note use of positional arguments
-
-options:
--m, --model (= "")
-   juju model to operate in
--o, --output (= "")
-   specify an output file
---format (= yaml)
-   specify output format (json|yaml)
-[space separated storage ids]
 `
 
 // showCommand attempts to release storage instance.
@@ -60,7 +51,8 @@
 func (c *showCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "show-storage",
-		Purpose: "shows storage instance",
+		Args:    "<storage ID> [...]",
+		Purpose: "Shows storage instance information.",
 		Doc:     showCommandDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/show_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/show_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/show_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/show_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"time"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/storage"
@@ -147,7 +147,7 @@
 		if strings.Contains(tag.String(), "shared") {
 			all[i].Result = &params.StorageDetails{
 				StorageTag: tag.String(),
-				OwnerTag:   "service-transcode",
+				OwnerTag:   "application-transcode",
 				Kind:       params.StorageKindFilesystem,
 				Status: params.EntityStatus{
 					Status: "attached",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/storage"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/volume.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/volume.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/volume.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/volume.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/common"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/volumelist_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/volumelist_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/storage/volumelist_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/storage/volumelist_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -267,7 +267,7 @@
 			},
 			Storage: &params.StorageDetails{
 				StorageTag: "storage-shared-fs-0",
-				OwnerTag:   "service-transcode",
+				OwnerTag:   "application-transcode",
 				Kind:       params.StorageKindBlock,
 				Status:     createTestStatus(status.StatusAttached, ""),
 				Attachments: map[string]params.StorageAttachmentDetails{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/add.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/add.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/add.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/add.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/juju/network"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/modelcmd"
 )
@@ -53,7 +53,7 @@
 	return &cmd.Info{
 		Name:    "add-subnet",
 		Args:    "<CIDR>|<provider-id> <space> [<zone1> <zone2> ...]",
-		Purpose: "add an existing subnet to Juju",
+		Purpose: "Add an existing subnet to Juju.",
 		Doc:     strings.TrimSpace(addCommandDoc),
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/add_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/add_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/add_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/add_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/juju/subnet"
 	"github.com/juju/juju/network"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/create.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/create.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/create.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/create.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/modelcmd"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/create_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/create_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/create_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/create_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/juju/subnet"
 	"github.com/juju/juju/feature"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/modelcmd"
 )
@@ -49,11 +49,11 @@
 // Info is defined on the cmd.Command interface.
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-subnets",
+		Name:    "subnets",
 		Args:    "[--space <name>] [--zone <name>] [--format yaml|json] [--output <path>]",
-		Purpose: "list subnets known to Juju",
+		Purpose: "List subnets known to Juju.",
 		Doc:     strings.TrimSpace(listCommandDoc),
-		Aliases: []string{"subnets"},
+		Aliases: []string{"list-subnets"},
 	}
 }
 
@@ -65,8 +65,8 @@
 		"json": cmd.FormatJson,
 	})
 
-	f.StringVar(&c.SpaceName, "space", "", "filter results by space name")
-	f.StringVar(&c.ZoneName, "zone", "", "filter results by zone name")
+	f.StringVar(&c.SpaceName, "space", "", "Filter results by space name")
+	f.StringVar(&c.ZoneName, "zone", "", "Filter results by zone name")
 }
 
 // Init is defined on the cmd.Command interface. It checks the
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/list_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/list_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/list_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/list_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/juju/subnet"
 	coretesting "github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,15 +4,14 @@
 package subnet_test
 
 import (
-	"net"
 	stdtesting "testing"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/featureflag"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/subnet"
@@ -127,13 +126,11 @@
 func NewStubAPI() *StubAPI {
 	subnets := []params.Subnet{{
 		// IPv4 subnet.
-		CIDR:              "10.20.0.0/24",
-		ProviderId:        "subnet-foo",
-		Life:              params.Alive,
-		SpaceTag:          "space-public",
-		Zones:             []string{"zone1", "zone2"},
-		StaticRangeLowIP:  net.ParseIP("10.20.0.10"),
-		StaticRangeHighIP: net.ParseIP("10.20.0.100"),
+		CIDR:       "10.20.0.0/24",
+		ProviderId: "subnet-foo",
+		Life:       params.Alive,
+		SpaceTag:   "space-public",
+		Zones:      []string{"zone1", "zone2"},
 	}, {
 		// IPv6 subnet.
 		CIDR:       "2001:db8::/32",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/remove.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/remove.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/remove.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/remove.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/modelcmd"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/remove_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/remove_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/remove_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/remove_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/juju/subnet"
 	"github.com/juju/juju/feature"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/subnet.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/subnet.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/subnet/subnet.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/subnet/subnet.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/subnets"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/add.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/add.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/add.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/add.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/cmd/juju/block"
@@ -24,26 +24,23 @@
 Adds a Juju user to a controller.`[1:]
 
 var usageDetails = `
-This allows the user to register with the controller and use the 
-optionally shared model.
-A ` + "`juju register`" + ` command will be printed, which
-must be executed by the user to complete the registration process.  The
-user's details are stored within the shared model, and will be removed
-when the model is destroyed.
-Some machine providers will require the user 
-to be in possession of certain credentials in order to create a model.
+A ` + "`juju register`" + ` command will be printed, which must be executed by the
+user to complete the registration process. The user's details are stored
+within the shared model, and will be removed when the model is destroyed.
+
+Some machine providers will require the user to be in possession of certain
+credentials in order to create a model.
 
 Examples:
     juju add-user bob
-    juju add-user --share mymodel bob
     juju add-user --controller mycontroller bob
+    juju add-user --models=mymodel --acl=read bob
 
 See also: 
     register
     grant
+    users
     show-user
-    list-users
-    switch-user
     disable-user
     enable-user
     change-user-password`[1:]
@@ -148,9 +145,10 @@
 		return errors.Trace(err)
 	}
 	registrationInfo := jujuclient.RegistrationInfo{
-		User:      c.User,
-		Addrs:     controllerDetails.APIEndpoints,
-		SecretKey: secretKey,
+		User:           c.User,
+		Addrs:          controllerDetails.APIEndpoints,
+		SecretKey:      secretKey,
+		ControllerName: c.ControllerName(),
 	}
 	registrationData, err := asn1.Marshal(registrationInfo)
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/add_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/add_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/add_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/add_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/common"
@@ -99,7 +99,7 @@
 	expected := `
 User "foobar" added
 Please send this command to foobar:
-    juju register MD0TBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhY
+    juju register MEYTBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYEwd0ZXN0aW5n
 
 "foobar" has not been granted access to any models. You can use "juju grant" to grant access.
 `[1:]
@@ -117,7 +117,7 @@
 	expected := `
 User "foobar" added
 Please send this command to foobar:
-    juju register MD0TBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhY
+    juju register MEYTBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYEwd0ZXN0aW5n
 
 "foobar" has not been granted access to any models. You can use "juju grant" to grant access.
 `[1:]
@@ -135,7 +135,7 @@
 	expected := `
 User "Foo Bar (foobar)" added
 Please send this command to foobar:
-    juju register MD0TBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhY
+    juju register MEYTBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYEwd0ZXN0aW5n
 
 "Foo Bar (foobar)" has not been granted access to any models. You can use "juju grant" to grant access.
 `[1:]
@@ -164,7 +164,7 @@
 User "foobar" added
 User "foobar" granted read access to model "model"
 Please send this command to foobar:
-    juju register MD0TBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhY
+    juju register MEYTBmZvb2JhcjAREw8xMjcuMC4wLjE6MTIzNDUEIFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYEwd0ZXN0aW5n
 `[1:]
 	c.Assert(testing.Stdout(context), gc.Equals, expected)
 	c.Assert(testing.Stderr(context), gc.Equals, "")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/change_password.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/change_password.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/change_password.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/change_password.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,8 +11,8 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"golang.org/x/crypto/ssh/terminal"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/cmd/juju/block"
@@ -20,15 +20,18 @@
 )
 
 const userChangePasswordDoc = `
-Change the password for the user you are currently logged in as;
-or as an admin, change the password for another user.
+The user is, by default, the current user. The latter can be confirmed with
+the ` + "`juju show-user`" + ` command.
+
+A controller administrator can change the password for another user (on
+that controller).
 
 Examples:
-  # Change the password for the user you are logged in as.
-  juju change-user-password
 
-  # Change the password for bob.
-  juju change-user-password bob
+    juju change-user-password
+    juju change-user-password bob
+
+See also: add-user
 
 `
 
@@ -48,7 +51,7 @@
 	return &cmd.Info{
 		Name:    "change-user-password",
 		Args:    "[username]",
-		Purpose: "changes the password for a user",
+		Purpose: "Changes the password for the current or specified Juju user",
 		Doc:     userChangePasswordDoc,
 	}
 }
@@ -87,30 +90,39 @@
 		return errors.Trace(err)
 	}
 
-	var accountName string
 	controllerName := c.ControllerName()
 	store := c.ClientStore()
+	accountDetails, err := store.AccountDetails(controllerName)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	var userTag names.UserTag
 	if c.User != "" {
 		if !names.IsValidUserName(c.User) {
 			return errors.NotValidf("user name %q", c.User)
 		}
-		accountName = names.NewUserTag(c.User).Canonical()
+		userTag = names.NewUserTag(c.User)
+		if userTag.Canonical() != accountDetails.User {
+			// The account details don't correspond to the username
+			// being changed, so we don't need to update the account
+			// locally.
+			accountDetails = nil
+		}
 	} else {
-		accountName, err = store.CurrentAccount(controllerName)
-		if err != nil {
-			return errors.Trace(err)
+		if !names.IsValidUser(accountDetails.User) {
+			return errors.Errorf("invalid user in account %q", accountDetails.User)
+		}
+		userTag = names.NewUserTag(accountDetails.User)
+		if !userTag.IsLocal() {
+			return errors.Errorf("cannot change password for external user %q", userTag)
 		}
-	}
-	accountDetails, err := store.AccountByName(controllerName, accountName)
-	if err != nil && !errors.IsNotFound(err) {
-		return errors.Trace(err)
 	}
 
 	if accountDetails != nil && accountDetails.Macaroon == "" {
 		// Generate a macaroon first to guard against I/O failures
 		// occurring after the password has been changed, preventing
 		// future logins.
-		userTag := names.NewUserTag(accountName)
 		macaroon, err := c.api.CreateLocalLoginMacaroon(userTag)
 		if err != nil {
 			return errors.Trace(err)
@@ -125,12 +137,12 @@
 		}
 		accountDetails.Macaroon = string(macaroonJSON)
 
-		if err := store.UpdateAccount(controllerName, accountName, *accountDetails); err != nil {
+		if err := store.UpdateAccount(controllerName, *accountDetails); err != nil {
 			return errors.Annotate(err, "failed to update client credentials")
 		}
 	}
 
-	if err := c.api.SetPassword(accountName, newPassword); err != nil {
+	if err := c.api.SetPassword(userTag.Canonical(), newPassword); err != nil {
 		return block.ProcessBlockedError(err, block.BlockChange)
 	}
 	if accountDetails == nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/change_password_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/change_password_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/change_password_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/change_password_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/cmd/juju/user"
@@ -107,17 +107,14 @@
 // We should not call SetPassword subsequently.
 func (s *ChangePasswordCommandSuite) TestNoSetPasswordAfterFailedWrite(c *gc.C) {
 	store := jujuclienttesting.NewStubStore()
-	store.CurrentAccountFunc = func(string) (string, error) {
-		return "account-name", nil
-	}
-	store.AccountByNameFunc = func(string, string) (*jujuclient.AccountDetails, error) {
+	store.AccountDetailsFunc = func(string) (*jujuclient.AccountDetails, error) {
 		return &jujuclient.AccountDetails{"user", "old-password", ""}, nil
 	}
 	store.ControllerByNameFunc = func(string) (*jujuclient.ControllerDetails, error) {
 		return &jujuclient.ControllerDetails{}, nil
 	}
 	s.store = store
-	store.SetErrors(errors.New("failed to write"))
+	store.SetErrors(nil, errors.New("failed to write"))
 
 	_, err := s.run(c)
 	c.Assert(err, gc.ErrorMatches, "failed to update client credentials: failed to write")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/disenable.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/disenable.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/disenable.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/disenable.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,14 +17,14 @@
 var usageDisableUserDetails = `
 A disabled Juju user is one that cannot log in to any controller.
 This command has no affect on models that the disabled user may have
-created and/or shared nor any services associated with that user.
+created and/or shared nor any applications associated with that user.
 
 Examples:
     juju disable-user bob
 
 See also: 
+    users
     enable-user
-    list-users
     login`[1:]
 
 var usageEnableUserSummary = `
@@ -37,8 +37,8 @@
     juju enable-user bob
 
 See also: 
+    users
     disable-user
-    list-users
     login`[1:]
 
 // disenableUserBase common code for enable/disable user commands
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/info.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/info.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/info.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/info.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,7 +33,7 @@
 See also: 
     add-user
     register
-    list-users`[1:]
+    users`[1:]
 
 // UserInfoAPI defines the API methods that the info command uses.
 type UserInfoAPI interface {
@@ -41,7 +41,7 @@
 	Close() error
 }
 
-// infoCommandBase is a common base for 'juju show-user' and 'juju list-user'.
+// infoCommandBase is a common base for 'juju show-user' and 'juju users'.
 type infoCommandBase struct {
 	modelcmd.ControllerCommandBase
 	api       UserInfoAPI
@@ -110,9 +110,7 @@
 	defer client.Close()
 	username := c.Username
 	if username == "" {
-		accountDetails, err := c.ClientStore().AccountByName(
-			c.ControllerName(), c.AccountName(),
-		)
+		accountDetails, err := c.ClientStore().AccountDetails(c.ControllerName())
 		if err != nil {
 			return err
 		}
@@ -134,6 +132,7 @@
 
 func (c *infoCommandBase) apiUsersToUserInfoSlice(users []params.UserInfo) []UserInfo {
 	var output []UserInfo
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	var now = time.Now()
 	for _, info := range users {
 		outInfo := UserInfo{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/list.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,7 +23,7 @@
 By default, the tabular format is used.
 
 Examples:
-    juju list-users
+    juju users
 
 See also: 
     add-user
@@ -45,9 +45,10 @@
 // Info implements Command.Info.
 func (c *listCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-users",
+		Name:    "users",
 		Purpose: usageListUsersSummary,
 		Doc:     usageListUsersDetails,
+		Aliases: []string{"list-users"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/list_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/list_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/list_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/list_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,6 +39,7 @@
 	if len(usernames) > 0 {
 		return nil, errors.Errorf("expected no usernames, got %d", len(usernames))
 	}
+	// lp:1558657
 	now := time.Now().UTC().Round(time.Second)
 	last1 := time.Date(2014, 1, 1, 0, 0, 0, 0, time.UTC)
 	// The extra two seconds here are needed to make sure
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/login.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/login.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/login.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/login.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/api/usermanager"
@@ -18,20 +18,17 @@
 )
 
 const loginDoc = `
-Log in to the controller.
-
-After logging in successfully, the client system will
-be updated such that any previously recorded password
-will be removed from disk, and a temporary, time-limited
-credential written in its place. Once the credential
-expires, you will be prompted to run "juju login" again.
+After login, a token ("macaroon") will become active. It has an expiration
+time of 24 hours. Upon expiration, no further Juju commands can be issued
+and the user will be prompted to log in again.
 
 Examples:
-  # Log in as the current user for the controller.
-  juju login
 
-  # Log in as the user "bob".
-  juju login bob
+    juju login bob
+
+See also: enable-user
+          disable-user
+          logout
 
 `
 
@@ -60,7 +57,7 @@
 	return &cmd.Info{
 		Name:    "login",
 		Args:    "[username]",
-		Purpose: "logs in to the controller",
+		Purpose: "Logs a user in to a controller.",
 		Doc:     loginDoc,
 	}
 }
@@ -88,6 +85,8 @@
 
 	user := c.User
 	if user == "" {
+		// TODO(rog) Try macaroon login first before
+		// falling back to prompting for username.
 		// The username has not been specified, so prompt for it.
 		fmt.Fprint(ctx.Stderr, "username: ")
 		var err error
@@ -103,27 +102,20 @@
 		return errors.NotValidf("user name %q", user)
 	}
 	userTag := names.NewUserTag(user)
-	accountName := userTag.Canonical()
 
 	// Make sure that the client is not already logged in,
 	// or if it is, that it is logged in as the specified
 	// user.
-	currentAccountName, err := store.CurrentAccount(controllerName)
-	if err == nil {
-		if currentAccountName != accountName {
-			return errors.New(`already logged in
-
-Run "juju logout" first before attempting to log in as a different user.
-`)
-		}
-	} else if !errors.IsNotFound(err) {
-		return errors.Trace(err)
-	}
-	accountDetails, err := store.AccountByName(controllerName, accountName)
+	accountDetails, err := store.AccountDetails(controllerName)
 	if err != nil && !errors.IsNotFound(err) {
 		return errors.Trace(err)
 	}
+	if accountDetails != nil && accountDetails.User != userTag.Canonical() {
+		return errors.New(`already logged in
 
+Run "juju logout" first before attempting to log in as a different user.
+`)
+	}
 	// Read password from the terminal, and attempt to log in using that.
 	fmt.Fprint(ctx.Stderr, "password: ")
 	password, err := readPassword(ctx.Stdin)
@@ -131,19 +123,14 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
-	params, err := c.NewAPIConnectionParams(store, controllerName, "", "")
+	accountDetails = &jujuclient.AccountDetails{
+		User:     userTag.Canonical(),
+		Password: password,
+	}
+	params, err := c.NewAPIConnectionParams(store, controllerName, "", accountDetails)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	if accountDetails != nil {
-		accountDetails.Password = password
-	} else {
-		accountDetails = &jujuclient.AccountDetails{
-			User:     accountName,
-			Password: password,
-		}
-	}
-	params.AccountDetails = accountDetails
 	api, err := c.newLoginAPI(params)
 	if err != nil {
 		return errors.Annotate(err, "creating API connection")
@@ -163,12 +150,9 @@
 	}
 	accountDetails.Password = ""
 	accountDetails.Macaroon = string(macaroonJSON)
-	if err := store.UpdateAccount(controllerName, accountName, *accountDetails); err != nil {
+	if err := store.UpdateAccount(controllerName, *accountDetails); err != nil {
 		return errors.Annotate(err, "failed to record temporary credential")
 	}
-	if err := store.SetCurrentAccount(controllerName, accountName); err != nil {
-		return errors.Annotate(err, "failed to set current account")
-	}
-	ctx.Infof("You are now logged in to %q as %q.", controllerName, accountName)
+	ctx.Infof("You are now logged in to %q as %q.", controllerName, userTag.Canonical())
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/login_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/login_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/login_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/login_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"strings"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/juju/user"
 	"github.com/juju/juju/juju"
@@ -100,7 +100,7 @@
 }
 
 func (s *LoginCommandSuite) TestLoginNewUser(c *gc.C) {
-	err := s.store.RemoveAccount("testing", "current-user@local")
+	err := s.store.RemoveAccount("testing")
 	c.Assert(err, jc.ErrorIsNil)
 	context, args, err := s.run(c, "", "new-user")
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/logout.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/logout.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/logout.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/logout.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,15 +13,25 @@
 )
 
 const logoutDoc = `
-Log out of the controller.
+If another client has logged in as the same user, they will remain logged
+in. This command only affects the local client.
 
-This command will remove the user credentials for the current
-or specified controller from the client system. This command
-will fail if you have not previously logged in with a password;
-you can override this behavior by passing --force.
+The command will fail if the user has not yet set a password
+(` + "`juju change-user-password`" + `). This scenario is only possible after 
+` + "`juju bootstrap`" + `since ` + "`juju register`" + ` sets a password. The
+failing behaviour can be overridden with the '--force' option.
 
-If another client has logged in as the same user, they will
-remain logged in. This command only affects the local client.
+If the same user is logged in with another client system, that user session
+will not be affected by this command; it only affects the local client.
+
+By default, the controller is the current controller.
+
+Examples:
+    juju logout
+
+See Also:
+    juju change-user-password
+    juju login
 
 `
 
@@ -40,7 +50,7 @@
 func (c *logoutCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "logout",
-		Purpose: "logs out of the controller",
+		Purpose: "Logs a Juju user out of a controller.",
 		Doc:     logoutDoc,
 	}
 }
@@ -53,7 +63,7 @@
 // SetFlags implements Command.SetFlags.
 func (c *logoutCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.ControllerCommandBase.SetFlags(f)
-	f.BoolVar(&c.Force, "force", false, "force logout when a locally recorded password is detected")
+	f.BoolVar(&c.Force, "force", false, "Force logout when a locally recorded password is detected")
 }
 
 // Run implements Command.Run.
@@ -74,7 +84,7 @@
 		if name == controllerName {
 			continue
 		}
-		_, err := store.CurrentAccount(name)
+		_, err := store.AccountDetails(name)
 		if errors.IsNotFound(err) {
 			continue
 		} else if err != nil {
@@ -94,15 +104,7 @@
 }
 
 func (c *logoutCommand) logout(store jujuclient.ClientStore, controllerName string) error {
-	accountName, err := store.CurrentAccount(controllerName)
-	if errors.IsNotFound(err) {
-		// Not logged in; nothing else to do.
-		return nil
-	} else if err != nil {
-		return errors.Trace(err)
-	}
-
-	accountDetails, err := store.AccountByName(controllerName, accountName)
+	accountDetails, err := store.AccountDetails(controllerName)
 	if errors.IsNotFound(err) {
 		// Not logged in; nothing else to do.
 		return nil
@@ -130,7 +132,7 @@
 	}
 
 	// Remove the account credentials.
-	if err := store.RemoveAccount(controllerName, accountName); err != nil {
+	if err := store.RemoveAccount(controllerName); err != nil {
 		return errors.Annotate(err, "failed to clear credentials")
 	}
 	return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/logout_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/logout_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/logout_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/logout_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -55,9 +55,9 @@
 }
 
 func (s *LogoutCommandSuite) TestLogout(c *gc.C) {
-	details := s.store.Accounts["testing"].Accounts["current-user@local"]
+	details := s.store.Accounts["testing"]
 	details.Macaroon = "a-macaroon"
-	s.store.Accounts["testing"].Accounts["current-user@local"] = details
+	s.store.Accounts["testing"] = details
 	ctx, err := s.run(c)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stdout(ctx), gc.Equals, "")
@@ -65,9 +65,7 @@
 Logged out. You are no longer logged into any controllers.
 `[1:],
 	)
-	_, err = s.store.CurrentAccount("testing")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	_, err = s.store.AccountByName("testing", "current-user@local")
+	_, err = s.store.AccountDetails("testing")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
@@ -75,14 +73,11 @@
 	// Create multiple controllers. We'll log out of each one
 	// to observe the messages printed out by "logout".
 	controllers := []string{"testing", "testing2", "testing3"}
-	details := s.store.Accounts["testing"].Accounts["current-user@local"]
+	details := s.store.Accounts["testing"]
 	details.Macaroon = "a-macaroon"
 	for _, controller := range controllers {
 		s.store.Controllers[controller] = s.store.Controllers["testing"]
-		s.store.Controllers[controller] = s.store.Controllers["testing"]
-		err := s.store.UpdateAccount(controller, "current-user@local", details)
-		c.Assert(err, jc.ErrorIsNil)
-		err = s.store.SetCurrentAccount(controller, "current-user@local")
+		err := s.store.UpdateAccount(controller, details)
 		c.Assert(err, jc.ErrorIsNil)
 	}
 
@@ -124,12 +119,12 @@
 	s.assertStoreMacaroon(c, "current-user@local", nil)
 	_, err := s.run(c, "--force")
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.store.CurrentAccount("testing")
+	_, err = s.store.AccountDetails("testing")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *LogoutCommandSuite) TestLogoutNotLoggedIn(c *gc.C) {
-	s.store.Accounts["testing"].CurrentAccount = ""
+	delete(s.store.Accounts, "testing")
 	ctx, err := s.run(c)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stdout(ctx), gc.Equals, "")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/user_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/user_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/juju/user/user_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/juju/user/user_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,6 @@
 	gc "gopkg.in/check.v1"
 	"gopkg.in/macaroon.v1"
 
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/testing"
@@ -21,34 +20,29 @@
 
 func (s *BaseSuite) SetUpTest(c *gc.C) {
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
-	err := modelcmd.WriteCurrentController("testing")
-	c.Assert(err, jc.ErrorIsNil)
 
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "testing"
 	s.store.Controllers["testing"] = jujuclient.ControllerDetails{
 		APIEndpoints:   []string{"127.0.0.1:12345"},
 		CACert:         testing.CACert,
 		ControllerUUID: testing.ModelTag.Id(),
 	}
-	s.store.Accounts["testing"] = &jujuclient.ControllerAccounts{
-		Accounts: map[string]jujuclient.AccountDetails{
-			"current-user@local": {
-				User:     "current-user@local",
-				Password: "old-password",
-			},
-		},
-		CurrentAccount: "current-user@local",
+	s.store.Accounts["testing"] = jujuclient.AccountDetails{
+		User:     "current-user@local",
+		Password: "old-password",
 	}
 }
 
 func (s *BaseSuite) assertStorePassword(c *gc.C, user, pass string) {
-	details, err := s.store.AccountByName("testing", user)
+	details, err := s.store.AccountDetails("testing")
 	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(details.User, gc.Equals, user)
 	c.Assert(details.Password, gc.Equals, pass)
 }
 
 func (s *BaseSuite) assertStoreMacaroon(c *gc.C, user string, mac *macaroon.Macaroon) {
-	details, err := s.store.AccountByName("testing", user)
+	details, err := s.store.AccountDetails("testing")
 	c.Assert(err, jc.ErrorIsNil)
 	if mac == nil {
 		c.Assert(details.Macaroon, gc.Equals, "")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/agent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/agent.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/agent"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/agenttest/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/agenttest/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/agenttest/agent.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/agenttest/agent.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,258 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package agenttest
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/juju/cmd"
+	"github.com/juju/replicaset"
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/arch"
+	"github.com/juju/utils/series"
+	"github.com/juju/version"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/mgo.v2"
+
+	"github.com/juju/juju/agent"
+	agenttools "github.com/juju/juju/agent/tools"
+	"github.com/juju/juju/apiserver/params"
+	cmdutil "github.com/juju/juju/cmd/jujud/util"
+	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/filestorage"
+	envtesting "github.com/juju/juju/environs/testing"
+	envtools "github.com/juju/juju/environs/tools"
+	"github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/mongo"
+	"github.com/juju/juju/mongo/mongotest"
+	"github.com/juju/juju/network"
+	"github.com/juju/juju/state"
+	coretesting "github.com/juju/juju/testing"
+	coretools "github.com/juju/juju/tools"
+	jujuversion "github.com/juju/juju/version"
+	"github.com/juju/juju/worker/peergrouper"
+)
+
+type patchingSuite interface {
+	PatchValue(interface{}, interface{})
+}
+
+// InstallFakeEnsureMongo creates a new FakeEnsureMongo, patching
+// out replicaset.CurrentConfig and cmdutil.EnsureMongoServer.
+func InstallFakeEnsureMongo(suite patchingSuite) *FakeEnsureMongo {
+	f := &FakeEnsureMongo{
+		ServiceInstalled: true,
+	}
+	suite.PatchValue(&mongo.IsServiceInstalled, f.IsServiceInstalled)
+	suite.PatchValue(&replicaset.CurrentConfig, f.CurrentConfig)
+	suite.PatchValue(&cmdutil.EnsureMongoServer, f.EnsureMongo)
+	return f
+}
+
+// FakeEnsureMongo provides test fakes for the functions used to
+// initialise MongoDB.
+type FakeEnsureMongo struct {
+	EnsureCount      int
+	InitiateCount    int
+	DataDir          string
+	OplogSize        int
+	Info             state.StateServingInfo
+	InitiateParams   peergrouper.InitiateMongoParams
+	Err              error
+	ServiceInstalled bool
+}
+
+func (f *FakeEnsureMongo) IsServiceInstalled() (bool, error) {
+	return f.ServiceInstalled, nil
+}
+
+func (f *FakeEnsureMongo) CurrentConfig(*mgo.Session) (*replicaset.Config, error) {
+	// Return a dummy replicaset config that's good enough to
+	// indicate that the replicaset is initiated.
+	return &replicaset.Config{
+		Members: []replicaset.Member{{}},
+	}, nil
+}
+
+func (f *FakeEnsureMongo) EnsureMongo(args mongo.EnsureServerParams) error {
+	f.EnsureCount++
+	f.DataDir, f.OplogSize = args.DataDir, args.OplogSize
+	f.Info = state.StateServingInfo{
+		APIPort:        args.APIPort,
+		StatePort:      args.StatePort,
+		Cert:           args.Cert,
+		PrivateKey:     args.PrivateKey,
+		CAPrivateKey:   args.CAPrivateKey,
+		SharedSecret:   args.SharedSecret,
+		SystemIdentity: args.SystemIdentity,
+	}
+	return f.Err
+}
+
+func (f *FakeEnsureMongo) InitiateMongo(p peergrouper.InitiateMongoParams) error {
+	f.InitiateCount++
+	f.InitiateParams = p
+	return nil
+}
+
+// agentSuite is a fixture to be used by agent test suites.
+type AgentSuite struct {
+	oldRestartDelay time.Duration
+	testing.JujuConnSuite
+}
+
+// PrimeAgent writes the configuration file and tools for an agent
+// with the given entity name. It returns the agent's configuration and the
+// current tools.
+func (s *AgentSuite) PrimeAgent(c *gc.C, tag names.Tag, password string) (agent.ConfigSetterWriter, *coretools.Tools) {
+	vers := version.Binary{
+		Number: jujuversion.Current,
+		Arch:   arch.HostArch(),
+		Series: series.HostSeries(),
+	}
+	return s.PrimeAgentVersion(c, tag, password, vers)
+}
+
+// PrimeAgentVersion writes the configuration file and tools with version
+// vers for an agent with the given entity name. It returns the agent's
+// configuration and the current tools.
+func (s *AgentSuite) PrimeAgentVersion(c *gc.C, tag names.Tag, password string, vers version.Binary) (agent.ConfigSetterWriter, *coretools.Tools) {
+	c.Logf("priming agent %s", tag.String())
+	stor, err := filestorage.NewFileStorageWriter(c.MkDir())
+	c.Assert(err, jc.ErrorIsNil)
+	agentTools := envtesting.PrimeTools(c, stor, s.DataDir(), "released", vers)
+	err = envtools.MergeAndWriteMetadata(stor, "released", "released", coretools.List{agentTools}, envtools.DoNotWriteMirrors)
+	tools1, err := agenttools.ChangeAgentTools(s.DataDir(), tag.String(), vers)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(tools1, gc.DeepEquals, agentTools)
+
+	stateInfo := s.MongoInfo(c)
+	apiInfo := s.APIInfo(c)
+	paths := agent.DefaultPaths
+	paths.DataDir = s.DataDir()
+	conf, err := agent.NewAgentConfig(
+		agent.AgentConfigParams{
+			Paths:             paths,
+			Tag:               tag,
+			UpgradedToVersion: vers.Number,
+			Password:          password,
+			Nonce:             agent.BootstrapNonce,
+			StateAddresses:    stateInfo.Addrs,
+			APIAddresses:      apiInfo.Addrs,
+			CACert:            stateInfo.CACert,
+			Model:             apiInfo.ModelTag,
+		})
+	c.Assert(err, jc.ErrorIsNil)
+	conf.SetPassword(password)
+	c.Assert(conf.Write(), gc.IsNil)
+	s.primeAPIHostPorts(c)
+	return conf, agentTools
+}
+
+// PrimeStateAgent writes the configuration file and tools for
+// a state agent with the given entity name. It returns the agent's
+// configuration and the current tools.
+func (s *AgentSuite) PrimeStateAgent(c *gc.C, tag names.Tag, password string) (agent.ConfigSetterWriter, *coretools.Tools) {
+	vers := version.Binary{
+		Number: jujuversion.Current,
+		Arch:   arch.HostArch(),
+		Series: series.HostSeries(),
+	}
+	return s.PrimeStateAgentVersion(c, tag, password, vers)
+}
+
+// PrimeStateAgentVersion writes the configuration file and tools with
+// version vers for a state agent with the given entity name. It
+// returns the agent's configuration and the current tools.
+func (s *AgentSuite) PrimeStateAgentVersion(c *gc.C, tag names.Tag, password string, vers version.Binary) (
+	agent.ConfigSetterWriter, *coretools.Tools,
+) {
+	stor, err := filestorage.NewFileStorageWriter(c.MkDir())
+	c.Assert(err, jc.ErrorIsNil)
+	agentTools := envtesting.PrimeTools(c, stor, s.DataDir(), "released", vers)
+	tools1, err := agenttools.ChangeAgentTools(s.DataDir(), tag.String(), vers)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(tools1, gc.DeepEquals, agentTools)
+
+	conf := s.WriteStateAgentConfig(c, tag, password, vers, s.State.ModelTag())
+	s.primeAPIHostPorts(c)
+	return conf, agentTools
+}
+
+// WriteStateAgentConfig creates and writes a state agent config.
+func (s *AgentSuite) WriteStateAgentConfig(
+	c *gc.C,
+	tag names.Tag,
+	password string,
+	vers version.Binary,
+	modelTag names.ModelTag,
+) agent.ConfigSetterWriter {
+	stateInfo := s.State.MongoConnectionInfo()
+	apiPort := gitjujutesting.FindTCPPort()
+	apiAddr := []string{fmt.Sprintf("localhost:%d", apiPort)}
+	conf, err := agent.NewStateMachineConfig(
+		agent.AgentConfigParams{
+			Paths:             agent.NewPathsWithDefaults(agent.Paths{DataDir: s.DataDir()}),
+			Tag:               tag,
+			UpgradedToVersion: vers.Number,
+			Password:          password,
+			Nonce:             agent.BootstrapNonce,
+			StateAddresses:    stateInfo.Addrs,
+			APIAddresses:      apiAddr,
+			CACert:            stateInfo.CACert,
+			Model:             modelTag,
+		},
+		params.StateServingInfo{
+			Cert:         coretesting.ServerCert,
+			PrivateKey:   coretesting.ServerKey,
+			CAPrivateKey: coretesting.CAKey,
+			StatePort:    gitjujutesting.MgoServer.Port(),
+			APIPort:      apiPort,
+		})
+	c.Assert(err, jc.ErrorIsNil)
+	conf.SetPassword(password)
+	c.Assert(conf.Write(), gc.IsNil)
+	return conf
+}
+
+func (s *AgentSuite) primeAPIHostPorts(c *gc.C) {
+	apiInfo := s.APIInfo(c)
+
+	c.Assert(apiInfo.Addrs, gc.HasLen, 1)
+	hostPorts, err := network.ParseHostPorts(apiInfo.Addrs[0])
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.State.SetAPIHostPorts([][]network.HostPort{hostPorts})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Logf("api host ports primed %#v", hostPorts)
+}
+
+// InitAgent initialises the given agent command with additional
+// arguments as provided.
+func (s *AgentSuite) InitAgent(c *gc.C, a cmd.Command, args ...string) {
+	args = append([]string{"--data-dir", s.DataDir()}, args...)
+	err := coretesting.InitCommand(a, args)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *AgentSuite) AssertCanOpenState(c *gc.C, tag names.Tag, dataDir string) {
+	config, err := agent.ReadConfig(agent.ConfigPath(dataDir, tag))
+	c.Assert(err, jc.ErrorIsNil)
+	info, ok := config.MongoInfo()
+	c.Assert(ok, jc.IsTrue)
+	st, err := state.Open(config.Model(), info, mongotest.DialOpts(), environs.NewStatePolicy())
+	c.Assert(err, jc.ErrorIsNil)
+	st.Close()
+}
+
+func (s *AgentSuite) AssertCannotOpenState(c *gc.C, tag names.Tag, dataDir string) {
+	config, err := agent.ReadConfig(agent.ConfigPath(dataDir, tag))
+	c.Assert(err, jc.ErrorIsNil)
+	_, ok := config.MongoInfo()
+	c.Assert(ok, jc.IsFalse)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/agent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/agent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/agent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/agent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
 
-	agenttesting "github.com/juju/juju/cmd/jujud/agent/testing"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
 	cmdutil "github.com/juju/juju/cmd/jujud/util"
 	imagetesting "github.com/juju/juju/environs/imagemetadata/testing"
 	"github.com/juju/juju/juju/paths"
@@ -54,7 +54,7 @@
 
 // AgentSuite is a fixture to be used by agent test suites.
 type AgentSuite struct {
-	agenttesting.AgentSuite
+	agenttest.AgentSuite
 }
 
 func (s *AgentSuite) SetUpSuite(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/common_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/common_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/common_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,109 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package agent
-
-import (
-	"fmt"
-	"path/filepath"
-	"time"
-
-	"github.com/juju/cmd"
-	"github.com/juju/names"
-	"github.com/juju/testing"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/state"
-	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/juju/worker"
-	workertest "github.com/juju/juju/worker/testing"
-)
-
-// This file contains bits of test infrastructure that are shared by
-// the unit and machine agent tests.
-
-type runner interface {
-	Run(*cmd.Context) error
-	Stop() error
-}
-
-// runWithTimeout runs an agent and waits
-// for it to complete within a reasonable time.
-func runWithTimeout(r runner) error {
-	done := make(chan error)
-	go func() {
-		done <- r.Run(nil)
-	}()
-	select {
-	case err := <-done:
-		return err
-	case <-time.After(coretesting.LongWait):
-	}
-	err := r.Stop()
-	return fmt.Errorf("timed out waiting for agent to finish; stop error: %v", err)
-}
-
-func newDummyWorker() worker.Worker {
-	return worker.NewSimpleWorker(func(stop <-chan struct{}) error {
-		<-stop
-		return nil
-	})
-}
-
-type FakeConfig struct {
-	agent.ConfigSetter
-}
-
-func (FakeConfig) LogDir() string {
-	return filepath.FromSlash("/var/log/juju/")
-}
-
-func (FakeConfig) Tag() names.Tag {
-	return names.NewMachineTag("42")
-}
-
-type FakeAgentConfig struct {
-	AgentConf
-}
-
-func (FakeAgentConfig) ReadConfig(string) error { return nil }
-
-func (FakeAgentConfig) CurrentConfig() agent.Config {
-	return FakeConfig{}
-}
-
-func (FakeAgentConfig) ChangeConfig(mutate agent.ConfigMutator) error {
-	return mutate(FakeConfig{})
-}
-
-func (FakeAgentConfig) CheckArgs([]string) error { return nil }
-
-type stubWorkerFactory struct {
-	*testing.Stub
-
-	ReturnNewModelWorker func() (worker.Worker, error)
-	ReturnNewWorker      worker.Worker
-}
-
-func newStubWorkerFactory(stub *testing.Stub) *stubWorkerFactory {
-	factory := &stubWorkerFactory{Stub: stub}
-	factory.ReturnNewWorker = &workertest.StubWorker{Stub: stub}
-	factory.ReturnNewModelWorker = factory.newWorker
-	return factory
-}
-
-func (s *stubWorkerFactory) NewModelWorker(st *state.State) func() (worker.Worker, error) {
-	s.AddCall("NewModelWorker", st)
-	s.NextErr() // Pop one off.
-
-	return s.ReturnNewModelWorker
-}
-
-func (s *stubWorkerFactory) newWorker() (worker.Worker, error) {
-	s.AddCall("newWorker")
-	if err := s.NextErr(); err != nil {
-		return nil, err
-	}
-
-	return s.ReturnNewWorker, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/agent.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/agent.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,35 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine
+
+import (
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+)
+
+// Some manifolds just depend on an agent; this type configures them.
+type AgentManifoldConfig struct {
+	AgentName string
+}
+
+// AgentStartFunc encapsulates the behaviour that varies among AgentManifolds.
+type AgentStartFunc func(agent.Agent) (worker.Worker, error)
+
+// AgentManifold returns a dependency.Manifold that calls the supplied start
+// func with the agent resource defined in the config (once it's present).
+func AgentManifold(config AgentManifoldConfig, start AgentStartFunc) dependency.Manifold {
+	return dependency.Manifold{
+		Inputs: []string{
+			config.AgentName,
+		},
+		Start: func(context dependency.Context) (worker.Worker, error) {
+			var agent agent.Agent
+			if err := context.Get(config.AgentName, &agent); err != nil {
+				return nil, err
+			}
+			return start(agent)
+		},
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/agent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/agent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/agent_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/agent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,92 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+	dt "github.com/juju/juju/worker/dependency/testing"
+)
+
+type AgentManifoldSuite struct {
+	testing.IsolationSuite
+	testing.Stub
+	manifold dependency.Manifold
+	worker   worker.Worker
+}
+
+var _ = gc.Suite(&AgentManifoldSuite{})
+
+func (s *AgentManifoldSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+	s.Stub = testing.Stub{}
+	s.worker = &dummyWorker{}
+	s.manifold = engine.AgentManifold(engine.AgentManifoldConfig{
+		AgentName: "agent-name",
+	}, s.newWorker)
+}
+
+func (s *AgentManifoldSuite) newWorker(a agent.Agent) (worker.Worker, error) {
+	s.AddCall("newWorker", a)
+	if err := s.NextErr(); err != nil {
+		return nil, err
+	}
+	return s.worker, nil
+}
+
+func (s *AgentManifoldSuite) TestInputs(c *gc.C) {
+	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{"agent-name"})
+}
+
+func (s *AgentManifoldSuite) TestOutput(c *gc.C) {
+	c.Check(s.manifold.Output, gc.IsNil)
+}
+
+func (s *AgentManifoldSuite) TestStartAgentMissing(c *gc.C) {
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name": dependency.ErrMissing,
+	})
+
+	worker, err := s.manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.Equals, dependency.ErrMissing)
+}
+
+func (s *AgentManifoldSuite) TestStartFailure(c *gc.C) {
+	expectAgent := &dummyAgent{}
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name": expectAgent,
+	})
+	s.SetErrors(errors.New("some error"))
+
+	worker, err := s.manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.ErrorMatches, "some error")
+	s.CheckCalls(c, []testing.StubCall{{
+		FuncName: "newWorker",
+		Args:     []interface{}{expectAgent},
+	}})
+}
+
+func (s *AgentManifoldSuite) TestStartSuccess(c *gc.C) {
+	expectAgent := &dummyAgent{}
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name": expectAgent,
+	})
+
+	worker, err := s.manifold.Start(context)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(worker, gc.Equals, s.worker)
+	s.CheckCalls(c, []testing.StubCall{{
+		FuncName: "newWorker",
+		Args:     []interface{}{expectAgent},
+	}})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,44 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine
+
+import (
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+)
+
+// Many manifolds completely depend on an agent and an API connection; this
+// type configures them.
+type AgentApiManifoldConfig struct {
+	AgentName     string
+	APICallerName string
+}
+
+// AgentApiStartFunc encapsulates the behaviour that varies among AgentApiManifolds.
+type AgentApiStartFunc func(agent.Agent, base.APICaller) (worker.Worker, error)
+
+// AgentApiManifold returns a dependency.Manifold that calls the supplied start
+// func with the API and agent resources defined in the config (once those
+// resources are present).
+func AgentApiManifold(config AgentApiManifoldConfig, start AgentApiStartFunc) dependency.Manifold {
+	return dependency.Manifold{
+		Inputs: []string{
+			config.AgentName,
+			config.APICallerName,
+		},
+		Start: func(context dependency.Context) (worker.Worker, error) {
+			var agent agent.Agent
+			if err := context.Get(config.AgentName, &agent); err != nil {
+				return nil, err
+			}
+			var apiCaller base.APICaller
+			if err := context.Get(config.APICallerName, &apiCaller); err != nil {
+				return nil, err
+			}
+			return start(agent, apiCaller)
+		},
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/apiagent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,121 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+	dt "github.com/juju/juju/worker/dependency/testing"
+)
+
+type AgentApiManifoldSuite struct {
+	testing.IsolationSuite
+	testing.Stub
+	manifold dependency.Manifold
+	worker   worker.Worker
+}
+
+var _ = gc.Suite(&AgentApiManifoldSuite{})
+
+func (s *AgentApiManifoldSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+	s.Stub = testing.Stub{}
+	s.worker = &dummyWorker{}
+	s.manifold = engine.AgentApiManifold(engine.AgentApiManifoldConfig{
+		AgentName:     "agent-name",
+		APICallerName: "api-caller-name",
+	}, s.newWorker)
+}
+
+func (s *AgentApiManifoldSuite) newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
+	s.AddCall("newWorker", a, apiCaller)
+	if err := s.NextErr(); err != nil {
+		return nil, err
+	}
+	return s.worker, nil
+}
+
+func (s *AgentApiManifoldSuite) TestInputs(c *gc.C) {
+	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{"agent-name", "api-caller-name"})
+}
+
+func (s *AgentApiManifoldSuite) TestOutput(c *gc.C) {
+	c.Check(s.manifold.Output, gc.IsNil)
+}
+
+func (s *AgentApiManifoldSuite) TestStartAgentMissing(c *gc.C) {
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name": dependency.ErrMissing,
+	})
+
+	worker, err := s.manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.Equals, dependency.ErrMissing)
+}
+
+func (s *AgentApiManifoldSuite) TestStartApiConnMissing(c *gc.C) {
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name":      &dummyAgent{},
+		"api-caller-name": dependency.ErrMissing,
+	})
+
+	worker, err := s.manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.Equals, dependency.ErrMissing)
+}
+
+func (s *AgentApiManifoldSuite) TestStartFailure(c *gc.C) {
+	expectAgent := &dummyAgent{}
+	expectApiCaller := &dummyApiCaller{}
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name":      expectAgent,
+		"api-caller-name": expectApiCaller,
+	})
+	s.SetErrors(errors.New("some error"))
+
+	worker, err := s.manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.ErrorMatches, "some error")
+	s.CheckCalls(c, []testing.StubCall{{
+		FuncName: "newWorker",
+		Args:     []interface{}{expectAgent, expectApiCaller},
+	}})
+}
+
+func (s *AgentApiManifoldSuite) TestStartSuccess(c *gc.C) {
+	expectAgent := &dummyAgent{}
+	expectApiCaller := &dummyApiCaller{}
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name":      expectAgent,
+		"api-caller-name": expectApiCaller,
+	})
+
+	worker, err := s.manifold.Start(context)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(worker, gc.Equals, s.worker)
+	s.CheckCalls(c, []testing.StubCall{{
+		FuncName: "newWorker",
+		Args:     []interface{}{expectAgent, expectApiCaller},
+	}})
+}
+
+type dummyApiCaller struct {
+	base.APICaller
+}
+
+type dummyAgent struct {
+	agent.Agent
+}
+
+type dummyWorker struct {
+	worker.Worker
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/api.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/api.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/api.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,36 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine
+
+import (
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+)
+
+// Some (hopefully growing number of) manifolds completely depend on an API
+// connection; this type configures them.
+type ApiManifoldConfig struct {
+	APICallerName string
+}
+
+// ApiStartFunc encapsulates the behaviour that varies among ApiManifolds.
+type ApiStartFunc func(base.APICaller) (worker.Worker, error)
+
+// ApiManifold returns a dependency.Manifold that calls the supplied start
+// func with the API resource defined in the config (once it's present).
+func ApiManifold(config ApiManifoldConfig, start ApiStartFunc) dependency.Manifold {
+	return dependency.Manifold{
+		Inputs: []string{
+			config.APICallerName,
+		},
+		Start: func(context dependency.Context) (worker.Worker, error) {
+			var apiCaller base.APICaller
+			if err := context.Get(config.APICallerName, &apiCaller); err != nil {
+				return nil, err
+			}
+			return start(apiCaller)
+		},
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/api_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/api_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,92 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+	dt "github.com/juju/juju/worker/dependency/testing"
+)
+
+type ApiManifoldSuite struct {
+	testing.IsolationSuite
+	testing.Stub
+	manifold dependency.Manifold
+	worker   worker.Worker
+}
+
+var _ = gc.Suite(&ApiManifoldSuite{})
+
+func (s *ApiManifoldSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+	s.Stub = testing.Stub{}
+	s.worker = &dummyWorker{}
+	s.manifold = engine.ApiManifold(engine.ApiManifoldConfig{
+		APICallerName: "api-caller-name",
+	}, s.newWorker)
+}
+
+func (s *ApiManifoldSuite) newWorker(apiCaller base.APICaller) (worker.Worker, error) {
+	s.AddCall("newWorker", apiCaller)
+	if err := s.NextErr(); err != nil {
+		return nil, err
+	}
+	return s.worker, nil
+}
+
+func (s *ApiManifoldSuite) TestInputs(c *gc.C) {
+	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{"api-caller-name"})
+}
+
+func (s *ApiManifoldSuite) TestOutput(c *gc.C) {
+	c.Check(s.manifold.Output, gc.IsNil)
+}
+
+func (s *ApiManifoldSuite) TestStartApiMissing(c *gc.C) {
+	context := dt.StubContext(nil, map[string]interface{}{
+		"api-caller-name": dependency.ErrMissing,
+	})
+
+	worker, err := s.manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.Equals, dependency.ErrMissing)
+}
+
+func (s *ApiManifoldSuite) TestStartFailure(c *gc.C) {
+	expectApiCaller := &dummyApiCaller{}
+	context := dt.StubContext(nil, map[string]interface{}{
+		"api-caller-name": expectApiCaller,
+	})
+	s.SetErrors(errors.New("some error"))
+
+	worker, err := s.manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.ErrorMatches, "some error")
+	s.CheckCalls(c, []testing.StubCall{{
+		FuncName: "newWorker",
+		Args:     []interface{}{expectApiCaller},
+	}})
+}
+
+func (s *ApiManifoldSuite) TestStartSuccess(c *gc.C) {
+	expectApiCaller := &dummyApiCaller{}
+	context := dt.StubContext(nil, map[string]interface{}{
+		"api-caller-name": expectApiCaller,
+	})
+
+	worker, err := s.manifold.Start(context)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(worker, gc.Equals, s.worker)
+	s.CheckCalls(c, []testing.StubCall{{
+		FuncName: "newWorker",
+		Args:     []interface{}{expectApiCaller},
+	}})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/enginetest/agentapimanifold.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/enginetest/agentapimanifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/enginetest/agentapimanifold.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/enginetest/agentapimanifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,54 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package enginetest
+
+import (
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/api/base"
+	basetesting "github.com/juju/juju/api/base/testing"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+	dt "github.com/juju/juju/worker/dependency/testing"
+)
+
+// AgentApiManifoldTestConfig returns a AgentApiManifoldConfig
+// suitable for use with RunAgentApiManifold.
+func AgentApiManifoldTestConfig() engine.AgentApiManifoldConfig {
+	return engine.AgentApiManifoldConfig{
+		AgentName:     "agent-name",
+		APICallerName: "api-caller-name",
+	}
+}
+
+// RunAgentApiManifold is useful for testing manifolds based on
+// AgentApiManifold. It takes the manifold, sets up the resources
+// required to successfully pass AgentApiManifold's checks and then
+// runs the manifold start func.
+//
+// An agent and apiCaller may be optionally provided. If they are nil,
+// dummy barely-good-enough defaults will be used (these dummies are
+// fine not actually used for much).
+func RunAgentApiManifold(
+	manifold dependency.Manifold, agent agent.Agent, apiCaller base.APICaller,
+) (worker.Worker, error) {
+	if agent == nil {
+		agent = new(dummyAgent)
+	}
+	if apiCaller == nil {
+		apiCaller = basetesting.APICallerFunc(
+			func(string, int, string, string, interface{}, interface{}) error {
+				return nil
+			})
+	}
+	context := dt.StubContext(nil, map[string]interface{}{
+		"agent-name":      agent,
+		"api-caller-name": apiCaller,
+	})
+	return manifold.Start(context)
+}
+
+type dummyAgent struct {
+	agent.Agent
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/flag.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/flag.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/flag.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/flag.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,34 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/worker"
+)
+
+// Flag represents a single boolean used to determine whether a given
+// manifold worker should run.
+type Flag interface {
+
+	// Check returns the flag's value. Check calls must *always* return
+	// the same value for a given instatiation of the type implementing
+	// Flag.
+	Check() bool
+}
+
+// FlagOutput will expose, as a Flag, any worker that implements Flag.
+func FlagOutput(in worker.Worker, out interface{}) error {
+	inFlag, ok := in.(Flag)
+	if !ok {
+		return errors.Errorf("expected in to implement Flag; got a %T", in)
+	}
+	outFlag, ok := out.(*Flag)
+	if !ok {
+		return errors.Errorf("expected out to be a *Flag; got a %T", out)
+	}
+	*outFlag = inFlag
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/flag_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/flag_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/flag_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/flag_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,52 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine_test
+
+import (
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	"github.com/juju/juju/worker"
+)
+
+type FlagSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&FlagSuite{})
+
+func (*FlagSuite) TestFlagOutputBadWorker(c *gc.C) {
+	in := &stubWorker{}
+	var out engine.Flag
+	err := engine.FlagOutput(in, &out)
+	c.Check(err, gc.ErrorMatches, `expected in to implement Flag; got a .*`)
+	c.Check(out, gc.IsNil)
+}
+
+func (*FlagSuite) TestFlagOutputBadTarget(c *gc.C) {
+	in := &stubFlagWorker{}
+	var out interface{}
+	err := engine.FlagOutput(in, &out)
+	c.Check(err, gc.ErrorMatches, `expected out to be a \*Flag; got a .*`)
+	c.Check(out, gc.IsNil)
+}
+
+func (*FlagSuite) TestFlagOutputSuccess(c *gc.C) {
+	in := &stubFlagWorker{}
+	var out engine.Flag
+	err := engine.FlagOutput(in, &out)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(out, gc.Equals, in)
+}
+
+type stubWorker struct {
+	worker.Worker
+}
+
+type stubFlagWorker struct {
+	engine.Flag
+	worker.Worker
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/housing.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/housing.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/housing.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/housing.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,110 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+	"github.com/juju/juju/worker/fortress"
+)
+
+// Decorator creates copies of dependency.Manifolds with additional
+// features.
+type Decorator interface {
+
+	// Decorate returns a new Manifold, based on the one supplied.
+	Decorate(dependency.Manifold) dependency.Manifold
+}
+
+// Housing is a Decorator that combines several common mechanisms
+// for coordinating manifolds independently of their core concerns.
+type Housing struct {
+
+	// Flags contains a list of names of Flag manifolds, such
+	// that a decorated manifold will not start until all flags
+	// are both present and valid (and will be stopped when that
+	// is no longer true).
+	Flags []string
+
+	// Occupy is ignored if empty; otherwise it contains the name
+	// of a fortress.Guest manifold, such that a decorated manifold
+	// will never be run outside a Visit to that fortress.
+	//
+	// NOTE: this acquires a lock, and holds it for your manifold's
+	// worker's whole lifetime. It's fine in isolation, but multiple
+	// Occupy~s are almost certainly a Bad Idea.
+	Occupy string
+
+	// Filter is ignored if nil; otherwise it's unconditionally set
+	// as the manifold's Filter. Similarly to Occupy, attempted use
+	// of multiple filters is unlikely to be a great idea; it most
+	// likely indicates that either your Engine's IsFatal is too
+	// enthusiastic, or responsibility for termination is spread too
+	// widely across your installed manifolds, or both.
+	Filter dependency.FilterFunc
+}
+
+// Decorate is part of the Decorator interface.
+func (housing Housing) Decorate(base dependency.Manifold) dependency.Manifold {
+	manifold := base
+	// Apply Occupy wrapping first, so that it will be the last
+	// wrapper to execute before calling the original Start func, so
+	// as to minimise the time we hold the fortress open.
+	if housing.Occupy != "" {
+		manifold.Inputs = maybeAdd(manifold.Inputs, housing.Occupy)
+		manifold.Start = occupyStart(manifold.Start, housing.Occupy)
+	}
+	for _, name := range housing.Flags {
+		manifold.Inputs = maybeAdd(manifold.Inputs, name)
+		manifold.Start = flagStart(manifold.Start, name)
+	}
+	if housing.Filter != nil {
+		manifold.Filter = housing.Filter
+	}
+	return manifold
+}
+
+func maybeAdd(original []string, add string) []string {
+	for _, name := range original {
+		if name == add {
+			return original
+		}
+	}
+	count := len(original)
+	result := make([]string, count, count+1)
+	copy(result, original)
+	return append(result, add)
+}
+
+func occupyStart(inner dependency.StartFunc, name string) dependency.StartFunc {
+	return func(context dependency.Context) (worker.Worker, error) {
+		var guest fortress.Guest
+		if err := context.Get(name, &guest); err != nil {
+			return nil, errors.Trace(err)
+		}
+		task := func() (worker.Worker, error) {
+			return inner(context)
+		}
+		worker, err := fortress.Occupy(guest, task, context.Abort())
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		return worker, nil
+	}
+}
+
+func flagStart(inner dependency.StartFunc, name string) dependency.StartFunc {
+	return func(context dependency.Context) (worker.Worker, error) {
+		var flag Flag
+		if err := context.Get(name, &flag); err != nil {
+			return nil, errors.Trace(err)
+		}
+		if !flag.Check() {
+			return nil, dependency.ErrMissing
+		}
+		return inner(context)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/housing_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/housing_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/housing_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/housing_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,350 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine_test
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+	dt "github.com/juju/juju/worker/dependency/testing"
+	"github.com/juju/juju/worker/fortress"
+	"github.com/juju/juju/worker/workertest"
+)
+
+type HousingSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&HousingSuite{})
+
+func (*HousingSuite) TestEmptyHousingEmptyManifold(c *gc.C) {
+	manifold := engine.Housing{}.Decorate(dependency.Manifold{})
+
+	c.Check(manifold.Inputs, gc.HasLen, 0)
+	c.Check(manifold.Start, gc.IsNil)
+	c.Check(manifold.Output, gc.IsNil)
+	c.Check(manifold.Filter, gc.IsNil)
+}
+
+func (*HousingSuite) TestEmptyHousingPopulatedManifold(c *gc.C) {
+	manifold := engine.Housing{}.Decorate(dependency.Manifold{
+		Inputs: []string{"x", "y", "z"},
+		Start:  panicStart,
+		Output: panicOutput,
+		Filter: panicFilter,
+	})
+
+	c.Check(manifold.Inputs, jc.DeepEquals, []string{"x", "y", "z"})
+	c.Check(func() {
+		manifold.Start(nil)
+	}, gc.PanicMatches, "panicStart")
+	c.Check(func() {
+		manifold.Output(nil, nil)
+	}, gc.PanicMatches, "panicOutput")
+	c.Check(func() {
+		manifold.Filter(nil)
+	}, gc.PanicMatches, "panicFilter")
+}
+
+func (*HousingSuite) TestReplacesFilter(c *gc.C) {
+	expectIn := errors.New("tweedledum")
+	expectOut := errors.New("tweedledee")
+	manifold := engine.Housing{
+		Filter: func(in error) error {
+			c.Check(in, gc.Equals, expectIn)
+			return expectOut
+		},
+	}.Decorate(dependency.Manifold{
+		Filter: panicFilter,
+	})
+
+	out := manifold.Filter(expectIn)
+	c.Check(out, gc.Equals, expectOut)
+}
+
+func (*HousingSuite) TestFlagsNoInput(c *gc.C) {
+	manifold := engine.Housing{
+		Flags: []string{"foo", "bar"},
+	}.Decorate(dependency.Manifold{})
+
+	expect := []string{"foo", "bar"}
+	c.Check(manifold.Inputs, jc.DeepEquals, expect)
+}
+
+func (*HousingSuite) TestFlagsNewInput(c *gc.C) {
+	manifold := engine.Housing{
+		Flags: []string{"foo", "bar"},
+	}.Decorate(dependency.Manifold{
+		Inputs: []string{"ping", "pong"},
+	})
+
+	expect := []string{"ping", "pong", "foo", "bar"}
+	c.Check(manifold.Inputs, jc.DeepEquals, expect)
+}
+
+func (*HousingSuite) TestFlagsExistingInput(c *gc.C) {
+	manifold := engine.Housing{
+		Flags: []string{"a", "c", "d"},
+	}.Decorate(dependency.Manifold{
+		Inputs: []string{"a", "b"},
+	})
+
+	expect := []string{"a", "b", "c", "d"}
+	c.Check(manifold.Inputs, jc.DeepEquals, expect)
+}
+
+func (*HousingSuite) TestFlagMissing(c *gc.C) {
+	manifold := engine.Housing{
+		Flags: []string{"flag"},
+	}.Decorate(dependency.Manifold{})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"flag": dependency.ErrMissing,
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
+}
+
+func (*HousingSuite) TestFlagBadType(c *gc.C) {
+	manifold := engine.Housing{
+		Flags: []string{"flag"},
+	}.Decorate(dependency.Manifold{})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"flag": false,
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.ErrorMatches, "cannot set false into .*")
+}
+
+func (*HousingSuite) TestFlagBadValue(c *gc.C) {
+	manifold := engine.Housing{
+		Flags: []string{"flag"},
+	}.Decorate(dependency.Manifold{})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"flag": flag{false},
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
+}
+
+func (*HousingSuite) TestFlagSuccess(c *gc.C) {
+	expectWorker := &struct{ worker.Worker }{}
+	manifold := engine.Housing{
+		Flags: []string{"flag"},
+	}.Decorate(dependency.Manifold{
+		Start: func(dependency.Context) (worker.Worker, error) {
+			return expectWorker, nil
+		},
+	})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"flag": flag{true},
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(worker, gc.Equals, expectWorker)
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (*HousingSuite) TestOccupyNewInput(c *gc.C) {
+	manifold := engine.Housing{
+		Occupy: "fortress",
+	}.Decorate(dependency.Manifold{
+		Inputs: []string{"ping", "pong"},
+	})
+
+	expect := []string{"ping", "pong", "fortress"}
+	c.Check(manifold.Inputs, jc.DeepEquals, expect)
+}
+
+func (*HousingSuite) TestOccupyExistingInput(c *gc.C) {
+	manifold := engine.Housing{
+		Occupy: "fortress",
+	}.Decorate(dependency.Manifold{
+		Inputs: []string{"citadel", "fortress", "bastion"},
+	})
+
+	expect := []string{"citadel", "fortress", "bastion"}
+	c.Check(manifold.Inputs, jc.DeepEquals, expect)
+}
+
+func (*HousingSuite) TestFlagBlocksOccupy(c *gc.C) {
+	manifold := engine.Housing{
+		Flags:  []string{"flag"},
+		Occupy: "fortress",
+	}.Decorate(dependency.Manifold{})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"flag":     dependency.ErrMissing,
+		"fortress": errors.New("never happen"),
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
+}
+
+func (*HousingSuite) TestOccupyMissing(c *gc.C) {
+	manifold := engine.Housing{
+		Occupy: "fortress",
+	}.Decorate(dependency.Manifold{})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"fortress": dependency.ErrMissing,
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
+}
+
+func (*HousingSuite) TestOccupyBadType(c *gc.C) {
+	manifold := engine.Housing{
+		Occupy: "fortress",
+	}.Decorate(dependency.Manifold{})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"fortress": false,
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(worker, gc.IsNil)
+	c.Check(err, gc.ErrorMatches, "cannot set false into .*")
+}
+
+func (*HousingSuite) TestOccupyLocked(c *gc.C) {
+	manifold := engine.Housing{
+		Occupy: "fortress",
+	}.Decorate(dependency.Manifold{})
+	abort := make(chan struct{})
+	context := dt.StubContext(abort, map[string]interface{}{
+		"fortress": newGuest(false),
+	})
+
+	// start the start func
+	started := make(chan struct{})
+	go func() {
+		defer close(started)
+		worker, err := manifold.Start(context)
+		c.Check(worker, gc.IsNil)
+		c.Check(errors.Cause(err), gc.Equals, fortress.ErrAborted)
+	}()
+
+	// check it's blocked...
+	select {
+	case <-time.After(coretesting.ShortWait):
+	case <-started:
+		c.Errorf("Start finished early")
+	}
+
+	// ...until the context is aborted.
+	close(abort)
+	select {
+	case <-started:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("timed out")
+	}
+}
+
+func (*HousingSuite) TestOccupySuccess(c *gc.C) {
+	expectWorker := workertest.NewErrorWorker(errors.New("ignored"))
+	defer workertest.DirtyKill(c, expectWorker)
+	manifold := engine.Housing{
+		Occupy: "fortress",
+	}.Decorate(dependency.Manifold{
+		Start: func(dependency.Context) (worker.Worker, error) {
+			return expectWorker, nil
+		},
+	})
+	guest := newGuest(true)
+	context := dt.StubContext(nil, map[string]interface{}{
+		"fortress": guest,
+	})
+
+	// wait for the start func to complete
+	started := make(chan struct{})
+	go func() {
+		defer close(started)
+		worker, err := manifold.Start(context)
+		c.Check(worker, gc.Equals, expectWorker)
+		c.Check(err, jc.ErrorIsNil)
+	}()
+	select {
+	case <-started:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("timed out")
+	}
+
+	// check the worker's alive
+	workertest.CheckAlive(c, expectWorker)
+
+	// check the visit keeps running...
+	select {
+	case <-time.After(coretesting.ShortWait):
+	case <-guest.done:
+		c.Fatalf("visit finished early")
+	}
+
+	// ...until the worker stops
+	expectWorker.Kill()
+	select {
+	case <-guest.done:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("timed out")
+	}
+}
+
+func newGuest(unlocked bool) guest {
+	return guest{
+		unlocked: unlocked,
+		done:     make(chan struct{}),
+	}
+}
+
+// guest implements fortress.Guest.
+type guest struct {
+	unlocked bool
+	done     chan struct{}
+}
+
+// Visit is part of the fortress.Guest interface.
+func (guest guest) Visit(visit fortress.Visit, abort fortress.Abort) error {
+	defer close(guest.done)
+	if guest.unlocked {
+		return visit()
+	}
+	<-abort
+	return fortress.ErrAborted
+}
+
+// flag implements engine.Flag.
+type flag struct {
+	value bool
+}
+
+// Check is part of the engine.Flag interface.
+func (flag flag) Check() bool {
+	return flag.value
+}
+
+func panicStart(dependency.Context) (worker.Worker, error) {
+	panic("panicStart")
+}
+
+func panicOutput(worker.Worker, interface{}) error {
+	panic("panicOutput")
+}
+
+func panicFilter(error) error {
+	panic("panicFilter")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestPackage(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,70 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine
+
+import (
+	"reflect"
+
+	"github.com/juju/errors"
+	"launchpad.net/tomb"
+
+	"github.com/juju/juju/worker"
+)
+
+// NewValueWorker returns a degenerate worker that exposes the supplied value
+// when passed into ValueWorkerOutput. Please do not supply values that have
+// their own dependency or lifecycle considerations; such values will subvert
+// the operation of any containing dependency.Engine by insulating it from the
+// failures and dependency changes of the contained value.
+func NewValueWorker(value interface{}) (worker.Worker, error) {
+	if value == nil {
+		return nil, errors.New("NewValueWorker expects a value")
+	}
+	w := &valueWorker{
+		value: value,
+	}
+	go func() {
+		defer w.tomb.Done()
+		<-w.tomb.Dying()
+	}()
+	return w, nil
+}
+
+// ValueWorkerOutput sets the value wrapped by the supplied valueWorker into
+// the out pointer, if type-compatible, or fails.
+func ValueWorkerOutput(in worker.Worker, out interface{}) error {
+	inWorker, _ := in.(*valueWorker)
+	if inWorker == nil {
+		return errors.Errorf("in should be a *valueWorker; is %#v", in)
+	}
+	outV := reflect.ValueOf(out)
+	if outV.Kind() != reflect.Ptr {
+		return errors.Errorf("out should be a pointer; is %#v", out)
+	}
+	outValV := outV.Elem()
+	outValT := outValV.Type()
+	inValV := reflect.ValueOf(inWorker.value)
+	inValT := inValV.Type()
+	if !inValT.ConvertibleTo(outValT) {
+		return errors.Errorf("cannot output into %T", out)
+	}
+	outValV.Set(inValV.Convert(outValT))
+	return nil
+}
+
+// valueWorker implements a degenerate worker wrapping a single value.
+type valueWorker struct {
+	tomb  tomb.Tomb
+	value interface{}
+}
+
+// Kill is part of the worker.Worker interface.
+func (v *valueWorker) Kill() {
+	v.tomb.Kill(nil)
+}
+
+// Wait is part of the worker.Worker interface.
+func (v *valueWorker) Wait() error {
+	return v.tomb.Wait()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine/valueworker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,82 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package engine_test
+
+import (
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	"github.com/juju/juju/worker"
+)
+
+type ValueWorkerSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&ValueWorkerSuite{})
+
+func (s *ValueWorkerSuite) TestNewValueWorker_Success(c *gc.C) {
+	w, err := engine.NewValueWorker("cheese")
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = worker.Stop(w)
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *ValueWorkerSuite) TestNewValueWorker_NilValue(c *gc.C) {
+	w, err := engine.NewValueWorker(nil)
+	c.Check(err, gc.ErrorMatches, "NewValueWorker expects a value")
+	c.Check(w, gc.IsNil)
+}
+
+func (s *ValueWorkerSuite) TestValueWorkerOutput_Success(c *gc.C) {
+	value := &testType{}
+	w, err := engine.NewValueWorker(value)
+	c.Assert(err, jc.ErrorIsNil)
+
+	var outVal testInterface
+	err = engine.ValueWorkerOutput(w, &outVal)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(outVal, gc.DeepEquals, value)
+}
+
+func (s *ValueWorkerSuite) TestValueWorkerOutput_BadInput(c *gc.C) {
+	var outVal testInterface
+	err := engine.ValueWorkerOutput(&testType{}, &outVal)
+	c.Check(err, gc.ErrorMatches, "in should be a \\*valueWorker; is .*")
+	c.Check(outVal, gc.IsNil)
+}
+
+func (s *ValueWorkerSuite) TestValueWorkerOutput_BadOutputIndirection(c *gc.C) {
+	value := &testType{}
+	w, err := engine.NewValueWorker(value)
+	c.Assert(err, jc.ErrorIsNil)
+
+	var outVal string
+	err = engine.ValueWorkerOutput(w, outVal)
+	c.Check(err, gc.ErrorMatches, "out should be a pointer; is .*")
+	c.Check(outVal, gc.Equals, "")
+}
+
+func (s *ValueWorkerSuite) TestValueWorkerOutput_BadOutputType(c *gc.C) {
+	value := &testType{}
+	w, err := engine.NewValueWorker(value)
+	c.Assert(err, jc.ErrorIsNil)
+
+	var outVal string
+	err = engine.ValueWorkerOutput(w, &outVal)
+	c.Check(err, gc.ErrorMatches, "cannot output into \\*string")
+	c.Check(outVal, gc.Equals, "")
+}
+
+type testInterface interface {
+	worker.Worker
+	Foobar()
+}
+
+type testType struct {
+	testInterface
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/engine_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/engine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,153 @@
+// Copyright 2012-2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package agent
+
+import (
+	"sync"
+
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/set"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/jujud/agent/model"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+)
+
+var (
+	// These vars hold the per-model workers we expect to run in
+	// various circumstances. Note the absence of worker lists for
+	// dying/dead states, because those states are not stable: if
+	// they're working correctly the engine will be shut down.
+	alwaysModelWorkers = []string{
+		"agent",
+		"api-caller",
+		"api-config-watcher",
+		"clock",
+		"is-responsible-flag",
+		"not-alive-flag",
+		"not-dead-flag",
+		"spaces-imported-gate",
+	}
+	aliveModelWorkers = []string{
+		"charm-revision-updater",
+		"compute-provisioner",
+		"environ-tracker",
+		"firewaller",
+		"instance-poller",
+		"metric-worker",
+		"migration-fortress",
+		"migration-master",
+		"application-scaler",
+		"space-importer",
+		"state-cleaner",
+		"status-history-pruner",
+		"storage-provisioner",
+		"unit-assigner",
+	}
+
+	// ReallyLongTimeout should be long enough for the model-tracker
+	// tests that depend on a hosted model; its backing state is not
+	// accessible for StartSyncs, so we generally have to wait for at
+	// least two 5s ticks to pass, and should expect rare circumstances
+	// to take even longer.
+	ReallyLongWait = coretesting.LongWait * 3
+)
+
+// modelMatchFunc returns a func that will return whether the current
+// set of workers running for the supplied model matches those supplied;
+// and will log what it saw in some detail.
+func modelMatchFunc(c *gc.C, tracker *modelTracker, workers []string) func(string) bool {
+	expect := set.NewStrings(workers...)
+	return func(uuid string) bool {
+		actual := tracker.Workers(uuid)
+		c.Logf("\n%s: has workers %v", uuid, actual.SortedValues())
+		extras := actual.Difference(expect)
+		missed := expect.Difference(actual)
+		if len(extras) == 0 && len(missed) == 0 {
+			return true
+		}
+		c.Logf("%s: waiting for %v", uuid, missed.SortedValues())
+		c.Logf("%s: unexpected %v", uuid, extras.SortedValues())
+		return false
+	}
+}
+
+// newModelTracker creates a type whose Manifolds method can
+// be patched over modelManifolds, and whose Workers method
+// will tell you what workers are currently running stably
+// within the requested model's dependency engine.
+func newModelTracker(c *gc.C) *modelTracker {
+	return &modelTracker{
+		c:       c,
+		current: make(map[string]set.Strings),
+	}
+}
+
+type modelTracker struct {
+	c       *gc.C
+	mu      sync.Mutex
+	current map[string]set.Strings
+}
+
+func (tracker *modelTracker) Workers(model string) set.Strings {
+	tracker.mu.Lock()
+	defer tracker.mu.Unlock()
+	return tracker.current[model]
+}
+
+func (tracker *modelTracker) Manifolds(config model.ManifoldsConfig) dependency.Manifolds {
+	const trackerName = "TEST-TRACKER"
+	raw := model.Manifolds(config)
+	uuid := config.Agent.CurrentConfig().Model().Id()
+
+	names := make([]string, 0, len(raw))
+	for name := range raw {
+		if name == trackerName {
+			tracker.c.Errorf("manifold tracker used repeatedly")
+			return raw
+		} else {
+			names = append(names, name)
+		}
+	}
+
+	tracker.mu.Lock()
+	defer tracker.mu.Unlock()
+	if _, exists := tracker.current[uuid]; exists {
+		tracker.c.Errorf("model %s started repeatedly", uuid)
+		return raw
+	}
+
+	raw[trackerName] = tracker.manifold(uuid, names)
+	return raw
+}
+
+func (tracker *modelTracker) manifold(uuid string, names []string) dependency.Manifold {
+	return dependency.Manifold{
+		Inputs: names,
+		Start: func(context dependency.Context) (worker.Worker, error) {
+			seen := set.NewStrings()
+			for _, name := range names {
+				err := context.Get(name, nil)
+				if errors.Cause(err) == dependency.ErrMissing {
+					continue
+				}
+				if tracker.c.Check(err, jc.ErrorIsNil) {
+					seen.Add(name)
+				}
+			}
+			select {
+			case <-context.Abort():
+				// don't bother to report if it's about to change
+			default:
+				tracker.mu.Lock()
+				defer tracker.mu.Unlock()
+				tracker.current[uuid] = seen
+			}
+			return nil, dependency.ErrMissing
+		},
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/imagemetadataworker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/imagemetadataworker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/imagemetadataworker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/imagemetadataworker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,11 +23,6 @@
 
 var _ = gc.Suite(&MachineMockProviderSuite{})
 
-func (s *MachineMockProviderSuite) SetUpTest(c *gc.C) {
-	// Change to environ that supports HasRegion
-	s.commonMachineSuite.SetUpTest(c)
-}
-
 func (s *MachineMockProviderSuite) TestMachineAgentRunsMetadataWorker(c *gc.C) {
 	// Patch out the worker func before starting the agent.
 	started := make(chan struct{})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	coreagent "github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	apideployer "github.com/juju/juju/api/deployer"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/agent"
@@ -25,6 +25,8 @@
 	"github.com/juju/juju/worker/gate"
 	"github.com/juju/juju/worker/hostkeyreporter"
 	"github.com/juju/juju/worker/identityfilewriter"
+	"github.com/juju/juju/worker/logforwarder"
+	"github.com/juju/juju/worker/logforwarder/sinks"
 	"github.com/juju/juju/worker/logger"
 	"github.com/juju/juju/worker/logsender"
 	"github.com/juju/juju/worker/machineactions"
@@ -287,8 +289,10 @@
 		// machine when requested. It needs an API connection and
 		// waits for upgrades to be complete.
 		rebootName: ifFullyUpgraded(reboot.Manifold(reboot.ManifoldConfig{
-			AgentName:     agentName,
-			APICallerName: apiCallerName,
+			AgentName:       agentName,
+			APICallerName:   apiCallerName,
+			MachineLockName: coreagent.MachineLockName,
+			Clock:           config.Clock,
 		})),
 
 		// The logging config updater is a leaf worker that indirectly
@@ -397,10 +401,18 @@
 			NewFacade:     hostkeyreporter.NewFacade,
 			NewWorker:     hostkeyreporter.NewWorker,
 		})),
+		logForwarderName: ifFullyUpgraded(logforwarder.Manifold(logforwarder.ManifoldConfig{
+			StateName:     stateName,
+			APICallerName: apiCallerName,
+			Sinks: []logforwarder.LogSinkSpec{{
+				Name:   "juju-log-forward",
+				OpenFn: sinks.OpenSyslog,
+			}},
+		})),
 	}
 }
 
-var ifFullyUpgraded = util.Housing{
+var ifFullyUpgraded = engine.Housing{
 	Flags: []string{
 		upgradeStepsFlagName,
 		upgradeCheckFlagName,
@@ -443,4 +455,5 @@
 	apiConfigWatcherName     = "api-config-watcher"
 	machineActionName        = "machine-action-runner"
 	hostKeyReporterName      = "host-key-reporter"
+	logForwarderName         = "log-forwarder"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/manifolds_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -48,6 +48,7 @@
 		"api-config-watcher",
 		"disk-manager",
 		"host-key-reporter",
+		"log-forwarder",
 		"log-sender",
 		"logging-config-updater",
 		"machine-action-runner",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	coreagent "github.com/juju/juju/agent"
 	apiagent "github.com/juju/juju/api/agent"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine/servinginfo_setter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package machine_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	coreagent "github.com/juju/juju/agent"
 	basetesting "github.com/juju/juju/api/base/testing"
@@ -144,11 +144,6 @@
 	s.checkNotController(c, multiwatcher.JobHostUnits)
 }
 
-func (s *ServingInfoSetterSuite) TestJobManageNetworking(c *gc.C) {
-	// State serving info should NOT be set for JobManageNetworking.
-	s.checkNotController(c, multiwatcher.JobManageNetworking)
-}
-
 func (s *ServingInfoSetterSuite) checkNotController(c *gc.C, job multiwatcher.MachineJob) {
 	a := &mockAgent{}
 	apiCaller := basetesting.APICallerFunc(
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine_charms_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine_charms_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine_charms_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine_charms_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,70 @@
+// Copyright 2012-2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package agent
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+
+	charmtesting "github.com/juju/juju/apiserver/charmrevisionupdater/testing"
+	"github.com/juju/juju/state"
+	coretesting "github.com/juju/juju/testing"
+)
+
+// MachineWithCharmsSuite provides infrastructure for tests which need to
+// work with charms.
+type MachineWithCharmsSuite struct {
+	commonMachineSuite
+	charmtesting.CharmSuite
+
+	machine *state.Machine
+}
+
+var _ = gc.Suite(&MachineWithCharmsSuite{})
+
+func (s *MachineWithCharmsSuite) SetUpSuite(c *gc.C) {
+	s.commonMachineSuite.SetUpSuite(c)
+	s.CharmSuite.SetUpSuite(c, &s.commonMachineSuite.JujuConnSuite)
+}
+
+func (s *MachineWithCharmsSuite) TearDownSuite(c *gc.C) {
+	s.CharmSuite.TearDownSuite(c)
+	s.commonMachineSuite.TearDownSuite(c)
+}
+
+func (s *MachineWithCharmsSuite) SetUpTest(c *gc.C) {
+	s.commonMachineSuite.SetUpTest(c)
+	s.CharmSuite.SetUpTest(c)
+}
+
+func (s *MachineWithCharmsSuite) TearDownTest(c *gc.C) {
+	s.CharmSuite.TearDownTest(c)
+	s.commonMachineSuite.TearDownTest(c)
+}
+
+func (s *MachineWithCharmsSuite) TestManageModelRunsCharmRevisionUpdater(c *gc.C) {
+	m, _, _ := s.primeAgent(c, state.JobManageModel)
+
+	s.SetupScenario(c)
+
+	a := s.newAgent(c, m)
+	go func() {
+		c.Check(a.Run(nil), jc.ErrorIsNil)
+	}()
+	defer func() { c.Check(a.Stop(), jc.ErrorIsNil) }()
+
+	checkRevision := func() bool {
+		curl := charm.MustParseURL("cs:quantal/mysql")
+		placeholder, err := s.State.LatestPlaceholderCharm(curl)
+		return err == nil && placeholder.String() == curl.WithRevision(23).String()
+	}
+	success := false
+	for attempt := coretesting.LongAttempt.Start(); attempt.Next(); {
+		if success = checkRevision(); success {
+			break
+		}
+	}
+	c.Assert(success, jc.IsTrue)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,13 +5,14 @@
 
 import (
 	"fmt"
-	"io"
 	"net"
 	"os"
 	"path/filepath"
 	"runtime"
 	"strconv"
+	"strings"
 	"sync"
+	"sync/atomic"
 	"time"
 
 	"github.com/juju/cmd"
@@ -19,7 +20,6 @@
 	apiagent "github.com/juju/juju/api/agent"
 	apimachiner "github.com/juju/juju/api/machiner"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	"github.com/juju/utils"
 	"github.com/juju/utils/clock"
@@ -30,6 +30,7 @@
 	"github.com/juju/utils/voyeur"
 	"github.com/juju/version"
 	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/natefinch/lumberjack.v2"
 	"launchpad.net/gnuflag"
@@ -41,7 +42,9 @@
 	apideployer "github.com/juju/juju/api/deployer"
 	"github.com/juju/juju/api/metricsmanager"
 	"github.com/juju/juju/apiserver"
+	"github.com/juju/juju/apiserver/observer"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/audit"
 	"github.com/juju/juju/cert"
 	"github.com/juju/juju/cmd/jujud/agent/machine"
 	"github.com/juju/juju/cmd/jujud/agent/model"
@@ -55,7 +58,6 @@
 	jujunames "github.com/juju/juju/juju/names"
 	"github.com/juju/juju/juju/paths"
 	"github.com/juju/juju/mongo"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/service"
 	"github.com/juju/juju/service/common"
 	"github.com/juju/juju/state"
@@ -97,7 +99,7 @@
 	newCertificateUpdater = certupdater.NewCertificateUpdater
 	newMetadataUpdater    = imagemetadataworker.NewWorker
 	newUpgradeMongoWorker = mongoupgrader.New
-	reportOpenedState     = func(io.Closer) {}
+	reportOpenedState     = func(*state.State) {}
 )
 
 // Variable to override in tests, default is true
@@ -403,7 +405,6 @@
 
 	agentConfig := a.CurrentConfig()
 	createEngine := a.makeEngineCreator(agentConfig.UpgradedToVersion())
-	network.SetPreferIPv6(agentConfig.PreferIPv6())
 	charmrepo.CacheDir = filepath.Join(agentConfig.DataDir(), "charmcache")
 	if err := a.createJujudSymlinks(agentConfig.DataDir()); err != nil {
 		return err
@@ -647,11 +648,6 @@
 		}
 	}()
 
-	modelConfig, err := apiagent.NewState(apiConn).ModelConfig()
-	if err != nil {
-		return nil, fmt.Errorf("cannot read model config: %v", err)
-	}
-
 	// Perform the operations needed to set up hosting for containers.
 	if err := a.setupContainerSupport(runner, apiConn, agentConfig); err != nil {
 		cause := errors.Cause(err)
@@ -665,7 +661,7 @@
 
 		// Published image metadata for some providers are in simple streams.
 		// Providers that do not depend on simple streams do not need this worker.
-		env, err := newEnvirons(modelConfig)
+		env, err := environs.GetEnviron(apiagent.NewState(apiConn), newEnvirons)
 		if err != nil {
 			return nil, errors.Annotate(err, "getting environ")
 		}
@@ -754,7 +750,7 @@
 	var supportedContainers []instance.ContainerType
 	supportsContainers := container.ContainersSupported()
 	if supportsContainers {
-		supportedContainers = append(supportedContainers, instance.LXC, instance.LXD)
+		supportedContainers = append(supportedContainers, instance.LXD)
 	}
 
 	supportsKvm, err := kvm.IsKVMSupported()
@@ -796,10 +792,6 @@
 	if err := machine.SetSupportedContainers(containers...); err != nil {
 		return errors.Annotatef(err, "setting supported containers for %s", tag)
 	}
-	initLock, err := cmdutil.HookExecutionLock(agentConfig.DataDir())
-	if err != nil {
-		return err
-	}
 	// Start the watcher to fire when a container is first requested on the machine.
 	modelUUID, err := st.ModelTag()
 	if err != nil {
@@ -835,7 +827,7 @@
 		Machine:             machine,
 		Provisioner:         pr,
 		Config:              agentConfig,
-		InitLock:            initLock,
+		InitLockName:        agent.MachineLockName,
 	}
 	handler := provisioner.NewContainerSetupHandler(params)
 	a.startWorkerAfterUpgrade(runner, watcherName, func() (worker.Worker, error) {
@@ -886,8 +878,6 @@
 		switch job {
 		case state.JobHostUnits:
 			// Implemented elsewhere with workers that use the API.
-		case state.JobManageNetworking:
-			// Not used by state workers.
 		case state.JobManageModel:
 			useMultipleCPUs()
 			a.startWorkerAfterUpgrade(runner, "model worker manager", func() (worker.Worker, error) {
@@ -997,9 +987,14 @@
 		Clock:                       clock.WallClock,
 		RunFlagDuration:             time.Minute,
 		CharmRevisionUpdateInterval: 24 * time.Hour,
-		EntityStatusHistoryCount:    100,
-		EntityStatusHistoryInterval: 5 * time.Minute,
-		SpacesImportedGate:          a.discoverSpacesComplete,
+		InstPollerAggregationDelay:  3 * time.Second,
+		// TODO(perrito666) the status history pruning numbers need
+		// to be adjusting, after collecting user data from large install
+		// bases, to numbers allowing a rich and useful back history.
+		StatusHistoryPrunerMaxHistoryTime: 336 * time.Hour, // 2 weeks
+		StatusHistoryPrunerMaxHistoryMB:   5120,            // 5G
+		StatusHistoryPrunerInterval:       5 * time.Minute,
+		SpacesImportedGate:                a.discoverSpacesComplete,
 	})
 	if err := dependency.Install(engine, manifolds); err != nil {
 		if err := worker.Stop(engine); err != nil {
@@ -1054,7 +1049,15 @@
 	if err != nil {
 		return nil, err
 	}
-	w, err := apiserver.NewServer(st, listener, apiserver.ServerConfig{
+
+	// TODO(katco): We should be doing something more serious than
+	// logging audit errors. Failures in the auditing systems should
+	// stop the api server until the problem can be corrected.
+	auditErrorHandler := func(err error) {
+		logger.Criticalf("%v", err)
+	}
+
+	server, err := apiserver.NewServer(st, listener, apiserver.ServerConfig{
 		Cert:        cert,
 		Key:         key,
 		Tag:         tag,
@@ -1062,11 +1065,71 @@
 		LogDir:      logDir,
 		Validator:   a.limitLogins,
 		CertChanged: certChanged,
+		NewObserver: newObserverFn(
+			clock.WallClock,
+			jujuversion.Current,
+			agentConfig.Model().Id(),
+			newAuditEntrySink(st, logDir),
+			auditErrorHandler,
+		),
 	})
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot start api server worker")
 	}
-	return w, nil
+
+	return server, nil
+}
+
+func newAuditEntrySink(st *state.State, logDir string) audit.AuditEntrySinkFn {
+	persistFn := st.PutAuditEntryFn()
+	fileSinkFn := audit.NewLogFileSink(logDir)
+	return func(entry audit.AuditEntry) error {
+		// We don't care about auditing anything but user actions.
+		if _, err := names.ParseUserTag(entry.OriginName); err != nil {
+			return nil
+		}
+		// TODO(wallyworld) - Pinger requests should not originate as a user action.
+		if strings.HasPrefix(entry.Operation, "Pinger:") {
+			return nil
+		}
+		persistErr := persistFn(entry)
+		sinkErr := fileSinkFn(entry)
+		if persistErr == nil {
+			return errors.Annotate(sinkErr, "cannot save audit record to file")
+		}
+		if sinkErr == nil {
+			return errors.Annotate(persistErr, "cannot save audit record to database")
+		}
+		return errors.Annotate(persistErr, "cannot save audit record to file or database")
+	}
+}
+
+func newObserverFn(
+	clock clock.Clock,
+	jujuServerVersion version.Number,
+	modelUUID string,
+	persistAuditEntry audit.AuditEntrySinkFn,
+	auditErrorHandler observer.ErrorHandler,
+) observer.ObserverFactory {
+	var connectionID int64
+	return observer.ObserverFactoryMultiplexer(
+		func() observer.Observer {
+			logger := loggo.GetLogger("juju.apiserver")
+			ctx := observer.RequestObserverContext{
+				Clock:  clock,
+				Logger: logger,
+			}
+			return observer.NewRequestObserver(ctx, atomic.AddInt64(&connectionID, 1))
+		},
+		func() observer.Observer {
+			ctx := &observer.AuditContext{
+				JujuServerVersion: jujuServerVersion,
+				ModelUUID:         modelUUID,
+			}
+			// TODO(katco): Pass in an error channel
+			return observer.NewAudit(ctx, persistAuditEntry, auditErrorHandler)
+		},
+	)
 }
 
 // limitLogins is called by the API server for each login attempt.
@@ -1263,24 +1326,22 @@
 		logger.Debugf("upgrades done, starting worker %q", name)
 
 		// Upgrades are done, start the worker.
-		worker, err := start()
+		w, err := start()
 		if err != nil {
 			return err
 		}
 		// Wait for worker to finish or for us to be stopped.
-		waitCh := make(chan error)
+		done := make(chan error, 1)
 		go func() {
-			waitCh <- worker.Wait()
+			done <- w.Wait()
 		}()
 		select {
-		case err := <-waitCh:
-			logger.Debugf("worker %q exited with %v", name, err)
-			return err
+		case err := <-done:
+			return errors.Annotatef(err, "worker %q exited", name)
 		case <-stop:
 			logger.Debugf("stopping so killing worker %q", name)
-			worker.Kill()
+			return worker.Stop(w)
 		}
-		return <-waitCh // Ensure worker has stopped before returning.
 	})
 }
 
@@ -1372,13 +1433,8 @@
 	// its completion.
 	insideContainer := container.RunningInContainer()
 	if insideContainer {
-		// We're running inside LXC, so loop devices may leak. Detach
+		// We're running inside a container, so loop devices may leak. Detach
 		// any loop devices that are backed by files on this machine.
-		//
-		// It is necessary to do this here as well as in container/lxc,
-		// as container/lxc needs to check in the container's rootfs
-		// to see if the loop device is attached to the container; that
-		// will fail if the data-dir is removed first.
 		if err := a.loopDeviceManager.DetachLoopDevices("/", agentConfig.DataDir()); err != nil {
 			errs = append(errs, err)
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,21 +4,17 @@
 package agent
 
 import (
-	"io"
 	"io/ioutil"
 	"os"
 	"path/filepath"
 	"reflect"
 	"runtime"
 	"strings"
-	"sync"
 	"time"
 
 	"github.com/juju/cmd"
 	"github.com/juju/cmd/cmdtesting"
 	"github.com/juju/errors"
-	"github.com/juju/names"
-	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
@@ -29,31 +25,21 @@
 	"github.com/juju/utils/symlink"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/natefinch/lumberjack.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
-	apideployer "github.com/juju/juju/api/deployer"
 	"github.com/juju/juju/api/imagemetadata"
 	apimachiner "github.com/juju/juju/api/machiner"
-	charmtesting "github.com/juju/juju/apiserver/charmrevisionupdater/testing"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cert"
-	agenttesting "github.com/juju/juju/cmd/jujud/agent/testing"
-	cmdutil "github.com/juju/juju/cmd/jujud/util"
-	lxctesting "github.com/juju/juju/container/lxc/testing"
 	envtesting "github.com/juju/juju/environs/testing"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/juju"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/mongo"
-	"github.com/juju/juju/mongo/mongotest"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/dummy"
-	"github.com/juju/juju/service/upstart"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/watcher"
 	"github.com/juju/juju/status"
@@ -64,225 +50,21 @@
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/authenticationworker"
 	"github.com/juju/juju/worker/certupdater"
-	"github.com/juju/juju/worker/deployer"
 	"github.com/juju/juju/worker/diskmanager"
 	"github.com/juju/juju/worker/instancepoller"
-	"github.com/juju/juju/worker/logsender"
 	"github.com/juju/juju/worker/machiner"
 	"github.com/juju/juju/worker/mongoupgrader"
-	"github.com/juju/juju/worker/peergrouper"
 	"github.com/juju/juju/worker/resumer"
-	"github.com/juju/juju/worker/singular"
 	"github.com/juju/juju/worker/storageprovisioner"
 	"github.com/juju/juju/worker/upgrader"
+	"github.com/juju/juju/worker/workertest"
 )
 
-var (
-	_ = gc.Suite(&MachineSuite{})
-	_ = gc.Suite(&MachineWithCharmsSuite{})
-	_ = gc.Suite(&mongoSuite{})
-)
-
-type commonMachineSuite struct {
-	singularRecord *singularRunnerRecord
-	lxctesting.TestSuite
-	fakeEnsureMongo *agenttesting.FakeEnsureMongo
-	AgentSuite
-}
-
-func (s *commonMachineSuite) SetUpSuite(c *gc.C) {
-	s.AgentSuite.SetUpSuite(c)
-	s.TestSuite.SetUpSuite(c)
-	s.AgentSuite.PatchValue(&jujuversion.Current, coretesting.FakeVersionNumber)
-	s.AgentSuite.PatchValue(&stateWorkerDialOpts, mongotest.DialOpts())
-}
-
-func (s *commonMachineSuite) TearDownSuite(c *gc.C) {
-	s.TestSuite.TearDownSuite(c)
-	s.AgentSuite.TearDownSuite(c)
-}
-
-func (s *commonMachineSuite) SetUpTest(c *gc.C) {
-	s.AgentSuite.SetUpTest(c)
-	s.TestSuite.SetUpTest(c)
-	s.AgentSuite.PatchValue(&charmrepo.CacheDir, c.MkDir())
-
-	// Patch ssh user to avoid touching ~ubuntu/.ssh/authorized_keys.
-	s.AgentSuite.PatchValue(&authenticationworker.SSHUser, "")
-
-	testpath := c.MkDir()
-	s.AgentSuite.PatchEnvPathPrepend(testpath)
-	// mock out the start method so we can fake install services without sudo
-	fakeCmd(filepath.Join(testpath, "start"))
-	fakeCmd(filepath.Join(testpath, "stop"))
-
-	s.AgentSuite.PatchValue(&upstart.InitDir, c.MkDir())
-
-	s.singularRecord = newSingularRunnerRecord()
-	s.AgentSuite.PatchValue(&newSingularRunner, s.singularRecord.newSingularRunner)
-	s.AgentSuite.PatchValue(&peergrouperNew, func(st *state.State) (worker.Worker, error) {
-		return newDummyWorker(), nil
-	})
-
-	s.fakeEnsureMongo = agenttesting.InstallFakeEnsureMongo(s)
-}
-
-func (s *commonMachineSuite) assertChannelActive(c *gc.C, aChannel chan struct{}, intent string) {
-	// Wait for channel to be active.
-	select {
-	case <-aChannel:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timeout while waiting for %v", intent)
-	}
-}
-
-func (s *commonMachineSuite) assertChannelInactive(c *gc.C, aChannel chan struct{}, intent string) {
-	// Now make sure the channel is not active.
-	select {
-	case <-aChannel:
-		c.Fatalf("%v unexpectedly", intent)
-	case <-time.After(startWorkerWait):
-	}
-}
-
-func fakeCmd(path string) {
-	err := ioutil.WriteFile(path, []byte("#!/bin/bash --norc\nexit 0"), 0755)
-	if err != nil {
-		panic(err)
-	}
-}
-
-func (s *commonMachineSuite) TearDownTest(c *gc.C) {
-	s.TestSuite.TearDownTest(c)
-	s.AgentSuite.TearDownTest(c)
-}
-
-// primeAgent adds a new Machine to run the given jobs, and sets up the
-// machine agent's directory.  It returns the new machine, the
-// agent's configuration and the tools currently running.
-func (s *commonMachineSuite) primeAgent(c *gc.C, jobs ...state.MachineJob) (m *state.Machine, agentConfig agent.ConfigSetterWriter, tools *tools.Tools) {
-	vers := version.Binary{
-		Number: jujuversion.Current,
-		Arch:   arch.HostArch(),
-		Series: series.HostSeries(),
-	}
-	return s.primeAgentVersion(c, vers, jobs...)
-}
-
-// primeAgentVersion is similar to primeAgent, but permits the
-// caller to specify the version.Binary to prime with.
-func (s *commonMachineSuite) primeAgentVersion(c *gc.C, vers version.Binary, jobs ...state.MachineJob) (m *state.Machine, agentConfig agent.ConfigSetterWriter, tools *tools.Tools) {
-	m, err := s.State.AddMachine("quantal", jobs...)
-	c.Assert(err, jc.ErrorIsNil)
-	return s.primeAgentWithMachine(c, m, vers)
-}
-
-func (s *commonMachineSuite) primeAgentWithMachine(c *gc.C, m *state.Machine, vers version.Binary) (*state.Machine, agent.ConfigSetterWriter, *tools.Tools) {
-	pinger, err := m.SetAgentPresence()
-	c.Assert(err, jc.ErrorIsNil)
-	s.AddCleanup(func(c *gc.C) {
-		err := pinger.Stop()
-		c.Check(err, jc.ErrorIsNil)
-	})
-	return s.configureMachine(c, m.Id(), vers)
-}
-
-func (s *commonMachineSuite) configureMachine(c *gc.C, machineId string, vers version.Binary) (
-	machine *state.Machine, agentConfig agent.ConfigSetterWriter, tools *tools.Tools,
-) {
-	m, err := s.State.Machine(machineId)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Add a machine and ensure it is provisioned.
-	inst, md := jujutesting.AssertStartInstance(c, s.Environ, machineId)
-	c.Assert(m.SetProvisioned(inst.Id(), agent.BootstrapNonce, md), jc.ErrorIsNil)
-
-	// Add an address for the tests in case the initiateMongoServer
-	// codepath is exercised.
-	s.setFakeMachineAddresses(c, m)
-
-	// Set up the new machine.
-	err = m.SetAgentVersion(vers)
-	c.Assert(err, jc.ErrorIsNil)
-	err = m.SetPassword(initialMachinePassword)
-	c.Assert(err, jc.ErrorIsNil)
-	tag := m.Tag()
-	if m.IsManager() {
-		err = m.SetMongoPassword(initialMachinePassword)
-		c.Assert(err, jc.ErrorIsNil)
-		agentConfig, tools = s.PrimeStateAgentVersion(c, tag, initialMachinePassword, vers)
-		info, ok := agentConfig.StateServingInfo()
-		c.Assert(ok, jc.IsTrue)
-		ssi := cmdutil.ParamsStateServingInfoToStateStateServingInfo(info)
-		err = s.State.SetStateServingInfo(ssi)
-		c.Assert(err, jc.ErrorIsNil)
-	} else {
-		agentConfig, tools = s.PrimeAgentVersion(c, tag, initialMachinePassword, vers)
-	}
-	err = agentConfig.Write()
-	c.Assert(err, jc.ErrorIsNil)
-	return m, agentConfig, tools
-}
-
-func NewTestMachineAgentFactory(
-	agentConfWriter AgentConfigWriter,
-	bufferedLogs logsender.LogRecordCh,
-	rootDir string,
-) func(string) *MachineAgent {
-	return func(machineId string) *MachineAgent {
-		return NewMachineAgent(
-			machineId,
-			agentConfWriter,
-			bufferedLogs,
-			worker.NewRunner(cmdutil.IsFatal, cmdutil.MoreImportant, worker.RestartDelay),
-			&mockLoopDeviceManager{},
-			rootDir,
-		)
-	}
-}
-
-// newAgent returns a new MachineAgent instance
-func (s *commonMachineSuite) newAgent(c *gc.C, m *state.Machine) *MachineAgent {
-	agentConf := agentConf{dataDir: s.DataDir()}
-	agentConf.ReadConfig(names.NewMachineTag(m.Id()).String())
-	machineAgentFactory := NewTestMachineAgentFactory(&agentConf, nil, c.MkDir())
-	return machineAgentFactory(m.Id())
-}
-
-func (s *MachineSuite) TestParseSuccess(c *gc.C) {
-	create := func() (cmd.Command, AgentConf) {
-		agentConf := agentConf{dataDir: s.DataDir()}
-		a := NewMachineAgentCmd(
-			nil,
-			NewTestMachineAgentFactory(&agentConf, nil, c.MkDir()),
-			&agentConf,
-			&agentConf,
-		)
-		a.(*machineAgentCmd).logToStdErr = true
-
-		return a, &agentConf
-	}
-	a := CheckAgentCommand(c, create, []string{"--machine-id", "42"})
-	c.Assert(a.(*machineAgentCmd).machineId, gc.Equals, "42")
-}
-
 type MachineSuite struct {
 	commonMachineSuite
 }
 
-var perEnvSingularWorkers = []string{
-	"cleaner",
-	"minunitsworker",
-	"addresserworker",
-	"environ-provisioner",
-	"charm-revision-updater",
-	"discoverspaces",
-	"instancepoller",
-	"firewaller",
-	"unitassigner",
-}
-
-const initialMachinePassword = "machine-password-1234567890"
+var _ = gc.Suite(&MachineSuite{})
 
 func (s *MachineSuite) SetUpTest(c *gc.C) {
 	s.commonMachineSuite.SetUpTest(c)
@@ -310,6 +92,23 @@
 	c.Assert(err, gc.ErrorMatches, `unrecognized args: \["blistering barnacles"\]`)
 }
 
+func (s *MachineSuite) TestParseSuccess(c *gc.C) {
+	create := func() (cmd.Command, AgentConf) {
+		agentConf := agentConf{dataDir: s.DataDir()}
+		a := NewMachineAgentCmd(
+			nil,
+			NewTestMachineAgentFactory(&agentConf, nil, c.MkDir()),
+			&agentConf,
+			&agentConf,
+		)
+		a.(*machineAgentCmd).logToStdErr = true
+
+		return a, &agentConf
+	}
+	a := CheckAgentCommand(c, create, []string{"--machine-id", "42"})
+	c.Assert(a.(*machineAgentCmd).machineId, gc.Equals, "42")
+}
+
 func (s *MachineSuite) TestRunInvalidMachineId(c *gc.C) {
 	c.Skip("agents don't yet distinguish between temporary and permanent errors")
 	m, _, _ := s.primeAgent(c, state.JobHostUnits)
@@ -454,7 +253,14 @@
 
 	// "start the agent" for u0 to prevent short-circuited remove-on-destroy;
 	// check that it's kept deployed despite being Dying.
-	err = u0.SetAgentStatus(status.StatusIdle, "", nil)
+	// lp:1558657
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = u0.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	err = u0.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
@@ -496,34 +302,6 @@
 	ctx.waitDeployed(c)
 }
 
-func patchDeployContext(c *gc.C, st *state.State) (*fakeContext, func()) {
-	ctx := &fakeContext{
-		inited:   newSignal(),
-		deployed: make(set.Strings),
-	}
-	orig := newDeployContext
-	newDeployContext = func(dst *apideployer.State, agentConfig agent.Config) deployer.Context {
-		ctx.st = st
-		ctx.agentConfig = agentConfig
-		ctx.inited.trigger()
-		return ctx
-	}
-	return ctx, func() { newDeployContext = orig }
-}
-
-func (s *commonMachineSuite) setFakeMachineAddresses(c *gc.C, machine *state.Machine) {
-	addrs := network.NewAddresses("0.1.2.3")
-	err := machine.SetProviderAddresses(addrs...)
-	c.Assert(err, jc.ErrorIsNil)
-	// Set the addresses in the environ instance as well so that if the instance poller
-	// runs it won't overwrite them.
-	instId, err := machine.InstanceId()
-	c.Assert(err, jc.ErrorIsNil)
-	insts, err := s.Environ.Instances([]instance.Id{instId})
-	c.Assert(err, jc.ErrorIsNil)
-	dummy.SetInstanceAddresses(insts[0], addrs)
-}
-
 func (s *MachineSuite) TestManageModel(c *gc.C) {
 	usefulVersion := version.Binary{
 		Number: jujuversion.Current,
@@ -531,8 +309,7 @@
 		Series: "quantal", // to match the charm created below
 	}
 	envtesting.AssertUploadFakeToolsVersions(c, s.DefaultToolsStorage, s.Environ.Config().AgentStream(), s.Environ.Config().AgentStream(), usefulVersion)
-	// Prime agent with manage networking in additon to manage model to ensure the former is ignored.
-	m, _, _ := s.primeAgent(c, state.JobManageModel, state.JobManageNetworking)
+	m, _, _ := s.primeAgent(c, state.JobManageModel)
 	op := make(chan dummy.Operation, 200)
 	dummy.Listen(op)
 
@@ -598,8 +375,6 @@
 	started.assertTriggered(c, "resumer worker to start")
 }
 
-const startWorkerWait = 250 * time.Millisecond
-
 func (s *MachineSuite) TestManageModelRunsInstancePoller(c *gc.C) {
 	s.AgentSuite.PatchValue(&instancepoller.ShortPoll, 500*time.Millisecond)
 	usefulVersion := version.Binary{
@@ -721,7 +496,7 @@
 	m, err := s.State.Machine(machineId)
 	c.Assert(err, jc.ErrorIsNil)
 	w := m.Watch()
-	defer w.Stop()
+	defer worker.Stop(w)
 	timeout := time.After(coretesting.LongWait)
 	for {
 		select {
@@ -785,11 +560,6 @@
 	c.Assert(a.isInitialUpgradeCheckPending(), jc.IsFalse)
 }
 
-var fastDialOpts = api.DialOpts{
-	Timeout:    coretesting.LongWait,
-	RetryDelay: coretesting.ShortWait,
-}
-
 func (s *MachineSuite) waitStopped(c *gc.C, job state.MachineJob, a *MachineAgent, done chan error) {
 	err := a.Stop()
 	if job == state.JobManageModel {
@@ -823,16 +593,13 @@
 	if !paramsJob.NeedsState() {
 		c.Fatalf("%v does not use state", paramsJob)
 	}
-	s.assertAgentOpensState(c, &reportOpenedState, job, func(cfg agent.Config, st interface{}) {
-		test(cfg, st.(*state.State))
-	})
+	s.assertAgentOpensState(c, job, test)
 }
 
 // assertAgentOpensState asserts that a machine agent started with the
-// given job will call the function pointed to by reportOpened. The
-// agent's configuration and the value passed to reportOpened are then
-// passed to the test function for further checking.
-func (s *MachineSuite) assertAgentOpensState(c *gc.C, reportOpened *func(io.Closer), job state.MachineJob, test func(agent.Config, interface{})) {
+// given job. The agent's configuration and the agent's state.State are
+// then passed to the test function for further checking.
+func (s *MachineSuite) assertAgentOpensState(c *gc.C, job state.MachineJob, test func(agent.Config, *state.State)) {
 	stm, conf, _ := s.primeAgent(c, job)
 	a := s.newAgent(c, stm)
 	defer a.Stop()
@@ -840,14 +607,14 @@
 
 	// All state jobs currently also run an APIWorker, so no
 	// need to check for that here, like in assertJobWithState.
-	agentAPI, done := s.waitForOpenState(c, reportOpened, a)
-	test(conf, agentAPI)
+	st, done := s.waitForOpenState(c, a)
+	test(conf, st)
 	s.waitStopped(c, job, a, done)
 }
 
-func (s *MachineSuite) waitForOpenState(c *gc.C, reportOpened *func(io.Closer), a *MachineAgent) (interface{}, chan error) {
-	agentAPIs := make(chan io.Closer, 1)
-	s.AgentSuite.PatchValue(reportOpened, func(st io.Closer) {
+func (s *MachineSuite) waitForOpenState(c *gc.C, a *MachineAgent) (*state.State, chan error) {
+	agentAPIs := make(chan *state.State, 1)
+	s.AgentSuite.PatchValue(&reportOpenedState, func(st *state.State) {
 		select {
 		case agentAPIs <- st:
 		default:
@@ -937,7 +704,7 @@
 		err = unit.Refresh()
 		c.Assert(err, jc.ErrorIsNil)
 		w := unit.Watch()
-		defer w.Stop()
+		defer worker.Stop(w)
 
 		// Trigger a sync on the state used by the agent, and wait
 		// for the unit to be removed.
@@ -970,7 +737,7 @@
 		err := service.SetMinUnits(1)
 		c.Assert(err, jc.ErrorIsNil)
 		w := service.Watch()
-		defer w.Stop()
+		defer worker.Stop(w)
 
 		// Trigger a sync on the state used by the agent, and wait for the unit
 		// to be created.
@@ -1030,33 +797,11 @@
 	}
 }
 
-// opRecvTimeout waits for any of the given kinds of operation to
-// be received from ops, and times out if not.
-func opRecvTimeout(c *gc.C, st *state.State, opc <-chan dummy.Operation, kinds ...dummy.Operation) dummy.Operation {
-	st.StartSync()
-	timeout := time.After(coretesting.LongWait)
-	for {
-		select {
-		case op := <-opc:
-			for _, k := range kinds {
-				if reflect.TypeOf(op) == reflect.TypeOf(k) {
-					return op
-				}
-			}
-			c.Logf("discarding unknown event %#v", op)
-		case <-time.After(coretesting.ShortWait):
-			st.StartSync()
-		case <-timeout:
-			c.Fatalf("time out wating for operation")
-		}
-	}
-}
-
 func (s *MachineSuite) TestMachineAgentSymlinks(c *gc.C) {
 	stm, _, _ := s.primeAgent(c, state.JobManageModel)
 	a := s.newAgent(c, stm)
 	defer a.Stop()
-	_, done := s.waitForOpenState(c, &reportOpenedState, a)
+	_, done := s.waitForOpenState(c, a)
 
 	// Symlinks should have been created
 	for _, link := range []string{jujuRun, jujuDumpLogs} {
@@ -1088,7 +833,7 @@
 	}
 
 	// Start the agent and wait for it be running.
-	_, done := s.waitForOpenState(c, &reportOpenedState, a)
+	_, done := s.waitForOpenState(c, a)
 
 	// juju-run symlink should have been recreated.
 	for _, link := range links {
@@ -1221,10 +966,6 @@
 	s.checkMetadataWorkerNotRun(c, state.JobHostUnits, "can host units")
 }
 
-func (s *MachineSuite) TestMachineAgentDoesNotRunMetadataWorkerForManageNetworking(c *gc.C) {
-	s.checkMetadataWorkerNotRun(c, state.JobManageNetworking, "can manage networking")
-}
-
 func (s *MachineSuite) TestMachineAgentDoesNotRunMetadataWorkerForNonSimpleStreamDependentProviders(c *gc.C) {
 	s.checkMetadataWorkerNotRun(c, state.JobManageModel, "has provider which doesn't depend on simple streams")
 }
@@ -1267,7 +1008,7 @@
 
 func (s *MachineSuite) TestMachineAgentRunsCertificateUpdateWorkerForController(c *gc.C) {
 	started := newSignal()
-	newUpdater := func(certupdater.AddressWatcher, certupdater.StateServingInfoGetter, certupdater.ModelConfigGetter,
+	newUpdater := func(certupdater.AddressWatcher, certupdater.StateServingInfoGetter, certupdater.ControllerConfigGetter,
 		certupdater.APIHostPortsGetter, certupdater.StateServingInfoSetter,
 	) worker.Worker {
 		started.trigger()
@@ -1285,7 +1026,7 @@
 
 func (s *MachineSuite) TestMachineAgentDoesNotRunsCertificateUpdateWorkerForNonController(c *gc.C) {
 	started := newSignal()
-	newUpdater := func(certupdater.AddressWatcher, certupdater.StateServingInfoGetter, certupdater.ModelConfigGetter,
+	newUpdater := func(certupdater.AddressWatcher, certupdater.StateServingInfoGetter, certupdater.ControllerConfigGetter,
 		certupdater.APIHostPortsGetter, certupdater.StateServingInfoSetter,
 	) worker.Worker {
 		started.trigger()
@@ -1333,7 +1074,7 @@
 
 func (s *MachineSuite) TestCertificateDNSUpdated(c *gc.C) {
 	// Disable the certificate work so it doesn't update the certificate.
-	newUpdater := func(certupdater.AddressWatcher, certupdater.StateServingInfoGetter, certupdater.ModelConfigGetter,
+	newUpdater := func(certupdater.AddressWatcher, certupdater.StateServingInfoGetter, certupdater.ControllerConfigGetter,
 		certupdater.APIHostPortsGetter, certupdater.StateServingInfoSetter,
 	) worker.Worker {
 		return worker.NewNoOpWorker()
@@ -1425,7 +1166,7 @@
 			Jobs:   []state.MachineJob{state.JobHostUnits},
 		},
 		parent.Id(),
-		instance.LXC,
+		instance.LXD,
 	)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -1525,34 +1266,6 @@
 	})
 }
 
-func (s *MachineSuite) TestAddressAllocationModelWorkers(c *gc.C) {
-	s.SetFeatureFlags(feature.AddressAllocation)
-
-	tracker := newModelTracker(c)
-	almostAllWorkers := append(alwaysModelWorkers, aliveModelWorkers...)
-	check := modelMatchFunc(c, tracker, append(
-		almostAllWorkers, "address-cleaner",
-	))
-	s.PatchValue(&modelManifolds, tracker.Manifolds)
-
-	uuid := s.BackingState.ModelUUID()
-	timeout := time.After(coretesting.LongWait)
-
-	s.assertJobWithState(c, state.JobManageModel, func(_ agent.Config, _ *state.State) {
-		for {
-			if check(uuid) {
-				break
-			}
-			select {
-			case <-time.After(coretesting.ShortWait):
-				s.BackingState.StartSync()
-			case <-timeout:
-				c.Fatalf("timed out waiting for workers")
-			}
-		}
-	})
-}
-
 func (s *MachineSuite) TestHostedModelWorkers(c *gc.C) {
 	tracker := newModelTracker(c)
 	check := modelMatchFunc(c, tracker, append(
@@ -1581,41 +1294,37 @@
 }
 
 func (s *MachineSuite) TestDyingModelCleanedUp(c *gc.C) {
-	tracker := newModelTracker(c)
-	check := modelMatchFunc(c, tracker, append(
-		alwaysModelWorkers, deadModelWorkers...,
-	))
-	s.PatchValue(&modelManifolds, tracker.Manifolds)
-
 	st, closer := s.setUpNewModel(c)
 	defer closer()
-	uuid := st.ModelUUID()
 	timeout := time.After(ReallyLongWait)
 
 	s.assertJobWithState(c, state.JobManageModel, func(_ agent.Config, _ *state.State) {
 		model, err := st.Model()
 		c.Assert(err, jc.ErrorIsNil)
+		watch := model.Watch()
+		defer workertest.CleanKill(c, watch)
+
 		err = model.Destroy()
 		c.Assert(err, jc.ErrorIsNil)
 
-		// Wait for the running workers to imply that we've
-		// passed beyond Dying...
+		// Wait for the model to go away.
 		for {
-			if check(uuid) {
-				break
-			}
 			select {
+			case <-watch.Changes():
+				err := model.Refresh()
+				cause := errors.Cause(err)
+				if err == nil {
+					continue // still there
+				} else if errors.IsNotFound(cause) {
+					return // successfully removed
+				}
+				c.Assert(err, jc.ErrorIsNil) // guaranteed fail
 			case <-time.After(coretesting.ShortWait):
 				s.BackingState.StartSync()
 			case <-timeout:
 				c.Fatalf("timed out waiting for workers")
 			}
 		}
-
-		// ...and verify that's reflected in the database.
-		err = model.Refresh()
-		c.Check(err, jc.ErrorIsNil)
-		c.Check(model.Life(), gc.Equals, state.Dead)
 	})
 }
 
@@ -1624,7 +1333,7 @@
 	// Grab responsibility for the model on behalf of another machine.
 	claimer := s.BackingState.SingularClaimer()
 	uuid := s.BackingState.ModelUUID()
-	err := claimer.Claim(uuid, "machine-999-lxc-99", time.Hour)
+	err := claimer.Claim(uuid, "machine-999-lxd-99", time.Hour)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Then run a normal model-tracking test, just checking for
@@ -1675,323 +1384,3 @@
 	c.Assert(s.fakeEnsureMongo.EnsureCount, gc.Equals, 1)
 	c.Assert(s.fakeEnsureMongo.InitiateCount, gc.Equals, 0)
 }
-
-// MachineWithCharmsSuite provides infrastructure for tests which need to
-// work with charms.
-type MachineWithCharmsSuite struct {
-	commonMachineSuite
-	charmtesting.CharmSuite
-
-	machine *state.Machine
-}
-
-func (s *MachineWithCharmsSuite) SetUpSuite(c *gc.C) {
-	s.commonMachineSuite.SetUpSuite(c)
-	s.CharmSuite.SetUpSuite(c, &s.commonMachineSuite.JujuConnSuite)
-}
-
-func (s *MachineWithCharmsSuite) TearDownSuite(c *gc.C) {
-	s.CharmSuite.TearDownSuite(c)
-	s.commonMachineSuite.TearDownSuite(c)
-}
-
-func (s *MachineWithCharmsSuite) SetUpTest(c *gc.C) {
-	s.commonMachineSuite.SetUpTest(c)
-	s.CharmSuite.SetUpTest(c)
-}
-
-func (s *MachineWithCharmsSuite) TearDownTest(c *gc.C) {
-	s.CharmSuite.TearDownTest(c)
-	s.commonMachineSuite.TearDownTest(c)
-}
-
-func (s *MachineWithCharmsSuite) TestManageModelRunsCharmRevisionUpdater(c *gc.C) {
-	m, _, _ := s.primeAgent(c, state.JobManageModel)
-
-	s.SetupScenario(c)
-
-	a := s.newAgent(c, m)
-	go func() {
-		c.Check(a.Run(nil), jc.ErrorIsNil)
-	}()
-	defer func() { c.Check(a.Stop(), jc.ErrorIsNil) }()
-
-	checkRevision := func() bool {
-		curl := charm.MustParseURL("cs:quantal/mysql")
-		placeholder, err := s.State.LatestPlaceholderCharm(curl)
-		return err == nil && placeholder.String() == curl.WithRevision(23).String()
-	}
-	success := false
-	for attempt := coretesting.LongAttempt.Start(); attempt.Next(); {
-		if success = checkRevision(); success {
-			break
-		}
-	}
-	c.Assert(success, jc.IsTrue)
-}
-
-type mongoSuite struct {
-	coretesting.BaseSuite
-}
-
-func (s *mongoSuite) TestStateWorkerDialSetsWriteMajority(c *gc.C) {
-	s.testStateWorkerDialSetsWriteMajority(c, true)
-}
-
-func (s *mongoSuite) TestStateWorkerDialDoesNotSetWriteMajorityWithoutReplsetConfig(c *gc.C) {
-	s.testStateWorkerDialSetsWriteMajority(c, false)
-}
-
-func (s *mongoSuite) testStateWorkerDialSetsWriteMajority(c *gc.C, configureReplset bool) {
-	inst := gitjujutesting.MgoInstance{
-		EnableJournal: true,
-		Params:        []string{"--replSet", "juju"},
-	}
-	err := inst.Start(coretesting.Certs)
-	c.Assert(err, jc.ErrorIsNil)
-	defer inst.Destroy()
-
-	var expectedWMode string
-	dialOpts := stateWorkerDialOpts
-	dialOpts.Timeout = coretesting.LongWait
-	if configureReplset {
-		info := inst.DialInfo()
-		info.Timeout = dialOpts.Timeout
-		args := peergrouper.InitiateMongoParams{
-			DialInfo:       info,
-			MemberHostPort: inst.Addr(),
-		}
-		err = peergrouper.InitiateMongoServer(args)
-		c.Assert(err, jc.ErrorIsNil)
-		expectedWMode = "majority"
-	} else {
-		dialOpts.Direct = true
-	}
-
-	mongoInfo := mongo.Info{
-		Addrs:  []string{inst.Addr()},
-		CACert: coretesting.CACert,
-	}
-	session, err := mongo.DialWithInfo(mongoInfo, dialOpts)
-	c.Assert(err, jc.ErrorIsNil)
-	defer session.Close()
-
-	safe := session.Safe()
-	c.Assert(safe, gc.NotNil)
-	c.Assert(safe.WMode, gc.Equals, expectedWMode)
-	c.Assert(safe.J, jc.IsTrue) // always enabled
-}
-
-type mockAgentConfig struct {
-	agent.Config
-	providerType string
-	tag          names.Tag
-}
-
-func (m *mockAgentConfig) Tag() names.Tag {
-	return m.tag
-}
-
-func (m *mockAgentConfig) Value(key string) string {
-	if key == agent.ProviderType {
-		return m.providerType
-	}
-	return ""
-}
-
-type singularRunnerRecord struct {
-	runnerC chan *fakeSingularRunner
-}
-
-func newSingularRunnerRecord() *singularRunnerRecord {
-	return &singularRunnerRecord{
-		runnerC: make(chan *fakeSingularRunner, 64),
-	}
-}
-
-func (r *singularRunnerRecord) newSingularRunner(runner worker.Runner, conn singular.Conn) (worker.Runner, error) {
-	sr, err := singular.New(runner, conn)
-	if err != nil {
-		return nil, err
-	}
-	fakeRunner := &fakeSingularRunner{
-		Runner: sr,
-		startC: make(chan string, 64),
-	}
-	r.runnerC <- fakeRunner
-	return fakeRunner, nil
-}
-
-// nextRunner blocks until a new singular runner is created.
-func (r *singularRunnerRecord) nextRunner(c *gc.C) *fakeSingularRunner {
-	timeout := time.After(coretesting.LongWait)
-	for {
-		select {
-		case r := <-r.runnerC:
-			return r
-		case <-timeout:
-			c.Fatal("timed out waiting for singular runner to be created")
-		}
-	}
-}
-
-type fakeSingularRunner struct {
-	worker.Runner
-	startC chan string
-}
-
-func (r *fakeSingularRunner) StartWorker(name string, start func() (worker.Worker, error)) error {
-	logger.Infof("starting fake worker %q", name)
-	r.startC <- name
-	return r.Runner.StartWorker(name, start)
-}
-
-// waitForWorker waits for a given worker to be started, returning all
-// workers started while waiting.
-func (r *fakeSingularRunner) waitForWorker(c *gc.C, target string) []string {
-	var seen []string
-	timeout := time.After(coretesting.LongWait)
-	for {
-		select {
-		case <-time.After(coretesting.ShortWait):
-			c.Logf("still waiting for %q; workers seen so far: %+v", target, seen)
-		case workerName := <-r.startC:
-			seen = append(seen, workerName)
-			if workerName == target {
-				c.Logf("target worker %q started; workers seen so far: %+v", workerName, seen)
-				return seen
-			}
-			c.Logf("worker %q started; still waiting for %q; workers seen so far: %+v", workerName, target, seen)
-		case <-timeout:
-			c.Fatal("timed out waiting for " + target)
-		}
-	}
-}
-
-// waitForWorkers waits for a given worker to be started, returning all
-// workers started while waiting.
-func (r *fakeSingularRunner) waitForWorkers(c *gc.C, targets []string) []string {
-	var seen []string
-	seenTargets := make(map[string]bool)
-	numSeenTargets := 0
-	timeout := time.After(coretesting.LongWait)
-	for {
-		select {
-		case workerName := <-r.startC:
-			c.Logf("worker %q started; workers seen so far: %+v (len: %d, len(targets): %d)", workerName, seen, len(seen), len(targets))
-			if seenTargets[workerName] == true {
-				c.Fatal("worker started twice: " + workerName)
-			}
-			seenTargets[workerName] = true
-			numSeenTargets++
-			seen = append(seen, workerName)
-			if numSeenTargets == len(targets) {
-				c.Logf("all expected target workers started: %+v", seen)
-				return seen
-			}
-			c.Logf("still waiting for workers %+v to start; numSeenTargets=%d", targets, numSeenTargets)
-		case <-timeout:
-			c.Fatalf("timed out waiting for %v", targets)
-		}
-	}
-}
-
-type mockMetricAPI struct {
-	stop          chan struct{}
-	cleanUpCalled chan struct{}
-	sendCalled    chan struct{}
-}
-
-func newMockMetricAPI() *mockMetricAPI {
-	return &mockMetricAPI{
-		stop:          make(chan struct{}),
-		cleanUpCalled: make(chan struct{}),
-		sendCalled:    make(chan struct{}),
-	}
-}
-
-func (m *mockMetricAPI) CleanupOldMetrics() error {
-	go func() {
-		select {
-		case m.cleanUpCalled <- struct{}{}:
-		case <-m.stop:
-			break
-		}
-	}()
-	return nil
-}
-
-func (m *mockMetricAPI) SendMetrics() error {
-	go func() {
-		select {
-		case m.sendCalled <- struct{}{}:
-		case <-m.stop:
-			break
-		}
-	}()
-	return nil
-}
-
-func (m *mockMetricAPI) SendCalled() <-chan struct{} {
-	return m.sendCalled
-}
-
-func (m *mockMetricAPI) CleanupCalled() <-chan struct{} {
-	return m.cleanUpCalled
-}
-
-func (m *mockMetricAPI) Stop() {
-	close(m.stop)
-}
-
-type mockLoopDeviceManager struct {
-	detachLoopDevicesArgRootfs string
-	detachLoopDevicesArgPrefix string
-}
-
-func (m *mockLoopDeviceManager) DetachLoopDevices(rootfs, prefix string) error {
-	m.detachLoopDevicesArgRootfs = rootfs
-	m.detachLoopDevicesArgPrefix = prefix
-	return nil
-}
-
-func newSignal() *signal {
-	return &signal{ch: make(chan struct{})}
-}
-
-type signal struct {
-	mu sync.Mutex
-	ch chan struct{}
-}
-
-func (s *signal) triggered() <-chan struct{} {
-	return s.ch
-}
-
-func (s *signal) assertTriggered(c *gc.C, thing string) {
-	select {
-	case <-s.triggered():
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timed out waiting for " + thing)
-	}
-}
-
-func (s *signal) assertNotTriggered(c *gc.C, wait time.Duration, thing string) {
-	select {
-	case <-s.triggered():
-		c.Fatalf("%v unexpectedly", thing)
-	case <-time.After(wait):
-	}
-}
-
-func (s *signal) trigger() {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
-	select {
-	case <-s.ch:
-		// Already closed.
-	default:
-		close(s.ch)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/agent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/agent.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/agent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/agent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/agent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/agent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/errors.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/errors.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/errors.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/errors.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,19 +6,24 @@
 import (
 	"github.com/juju/errors"
 
-	"github.com/juju/juju/api/lifeflag"
+	"github.com/juju/juju/worker/dependency"
+	"github.com/juju/juju/worker/lifeflag"
 )
 
 // ErrRemoved may be returned by some worker started from Manifolds to
 // indicate that the model under management no longer exists.
 var ErrRemoved = errors.New("model removed")
 
-// lifeFilter is used with the lifeflag manifolds -- which do not depend
-// on runFlag -- to return an error that will be trapped by IsFatal.
-func lifeFilter(err error) error {
+// LifeFilter is used with the lifeflag manifolds -- which do not depend
+// on runFlag -- to return appropriate errors for consumption by the
+// enclosing dependency.Engine (and/or its IsFatal check).
+func LifeFilter(err error) error {
 	cause := errors.Cause(err)
-	if cause == lifeflag.ErrNotFound {
+	switch cause {
+	case lifeflag.ErrNotFound:
 		return ErrRemoved
+	case lifeflag.ErrValueChanged:
+		return dependency.ErrBounce
 	}
 	return err
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/errors_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/errors_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/errors_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/errors_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,102 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package model_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cmd/jujud/agent/model"
+	"github.com/juju/juju/worker/dependency"
+	"github.com/juju/juju/worker/lifeflag"
+)
+
+type ErrorsSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&ErrorsSuite{})
+
+func (*ErrorsSuite) TestIsFatal_Nil(c *gc.C) {
+	result := model.IsFatal(nil)
+	c.Check(result, jc.IsFalse)
+}
+
+func (*ErrorsSuite) TestIsFatal_Random(c *gc.C) {
+	err := errors.New("whatever")
+	result := model.IsFatal(err)
+	c.Check(result, jc.IsFalse)
+}
+
+func (*ErrorsSuite) TestIsFatal_Exact(c *gc.C) {
+	err := model.ErrRemoved
+	result := model.IsFatal(err)
+	c.Check(result, jc.IsTrue)
+}
+
+func (*ErrorsSuite) TestIsFatal_Traced(c *gc.C) {
+	err := errors.Trace(model.ErrRemoved)
+	result := model.IsFatal(err)
+	c.Check(result, jc.IsTrue)
+}
+
+func (*ErrorsSuite) TestIgnoreErrRemoved_Nil(c *gc.C) {
+	result := model.IgnoreErrRemoved(nil)
+	c.Check(result, jc.ErrorIsNil)
+}
+
+func (*ErrorsSuite) TestIgnoreErrRemoved_Random(c *gc.C) {
+	err := errors.New("whatever")
+	result := model.IgnoreErrRemoved(err)
+	c.Check(result, gc.Equals, err)
+}
+
+func (*ErrorsSuite) TestIgnoreErrRemoved_Exact(c *gc.C) {
+	err := model.ErrRemoved
+	result := model.IgnoreErrRemoved(err)
+	c.Check(result, jc.ErrorIsNil)
+}
+
+func (*ErrorsSuite) TestIgnoreErrRemoved_Traced(c *gc.C) {
+	err := errors.Trace(model.ErrRemoved)
+	result := model.IgnoreErrRemoved(err)
+	c.Check(result, jc.ErrorIsNil)
+}
+
+func (*ErrorsSuite) TestLifeFilter_Nil(c *gc.C) {
+	result := model.LifeFilter(nil)
+	c.Check(result, jc.ErrorIsNil)
+}
+
+func (*ErrorsSuite) TestLifeFilter_Random(c *gc.C) {
+	err := errors.New("whatever")
+	result := model.LifeFilter(err)
+	c.Check(result, gc.Equals, err)
+}
+
+func (*ErrorsSuite) TestLifeFilter_ValueChanged_Exact(c *gc.C) {
+	err := lifeflag.ErrValueChanged
+	result := model.LifeFilter(err)
+	c.Check(result, gc.Equals, dependency.ErrBounce)
+}
+
+func (*ErrorsSuite) TestLifeFilter_ValueChanged_Traced(c *gc.C) {
+	err := errors.Trace(lifeflag.ErrValueChanged)
+	result := model.LifeFilter(err)
+	c.Check(result, gc.Equals, dependency.ErrBounce)
+}
+
+func (*ErrorsSuite) TestLifeFilter_NotFound_Exact(c *gc.C) {
+	err := lifeflag.ErrNotFound
+	result := model.LifeFilter(err)
+	c.Check(result, gc.Equals, model.ErrRemoved)
+}
+
+func (*ErrorsSuite) TestLifeFilter_NotFound_Traced(c *gc.C) {
+	err := errors.Trace(lifeflag.ErrNotFound)
+	result := model.LifeFilter(err)
+	c.Check(result, gc.Equals, model.ErrRemoved)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,14 +10,14 @@
 	"github.com/juju/utils/voyeur"
 
 	coreagent "github.com/juju/juju/agent"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/core/life"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/addresser"
 	"github.com/juju/juju/worker/agent"
 	"github.com/juju/juju/worker/apicaller"
 	"github.com/juju/juju/worker/apiconfigwatcher"
+	"github.com/juju/juju/worker/applicationscaler"
 	"github.com/juju/juju/worker/charmrevision"
 	"github.com/juju/juju/worker/charmrevision/charmrevisionmanifold"
 	"github.com/juju/juju/worker/cleaner"
@@ -32,7 +32,6 @@
 	"github.com/juju/juju/worker/metricworker"
 	"github.com/juju/juju/worker/migrationmaster"
 	"github.com/juju/juju/worker/provisioner"
-	"github.com/juju/juju/worker/servicescaler"
 	"github.com/juju/juju/worker/singular"
 	"github.com/juju/juju/worker/statushistorypruner"
 	"github.com/juju/juju/worker/storageprovisioner"
@@ -61,6 +60,10 @@
 	// Only a few workers have been converted to use them fo far.
 	Clock clock.Clock
 
+	// InstPollerAggregationDelay is the delay before sending a batch of
+	// requests in the instancpoller.Worker's aggregate loop.
+	InstPollerAggregationDelay time.Duration
+
 	// RunFlagDuration defines for how long this controller will ask
 	// for model administration rights; most of the workers controlled
 	// by this agent will only be started when the run flag is known
@@ -71,10 +74,11 @@
 	// revision worker will check for new revisions of known charms.
 	CharmRevisionUpdateInterval time.Duration
 
-	// EntityStatusHistory* values control status-history pruning
-	// behaviour per entity.
-	EntityStatusHistoryCount    uint
-	EntityStatusHistoryInterval time.Duration
+	// StatusHistoryPruner* values control status-history pruning
+	// behaviour.
+	StatusHistoryPrunerMaxHistoryTime time.Duration
+	StatusHistoryPrunerMaxHistoryMB   uint
+	StatusHistoryPrunerInterval       time.Duration
 
 	// SpacesImportedGate will be unlocked when spaces are known to
 	// have been imported.
@@ -116,7 +120,7 @@
 			APICallerName: apiCallerName,
 			Entity:        modelTag,
 			Result:        life.IsNotDead,
-			Filter:        lifeFilter,
+			Filter:        LifeFilter,
 
 			NewFacade: lifeflag.NewFacade,
 			NewWorker: lifeflag.NewWorker,
@@ -125,7 +129,7 @@
 			APICallerName: apiCallerName,
 			Entity:        modelTag,
 			Result:        life.IsNotAlive,
-			Filter:        lifeFilter,
+			Filter:        LifeFilter,
 
 			NewFacade: lifeflag.NewFacade,
 			NewWorker: lifeflag.NewWorker,
@@ -174,6 +178,9 @@
 			APICallerName:  apiCallerName,
 			NewEnvironFunc: environs.New,
 		})),
+		stateCleanerName: ifResponsible(cleaner.Manifold(cleaner.ManifoldConfig{
+			APICallerName: apiCallerName,
+		})),
 
 		// The undertaker is currently the only ifNotAlive worker.
 		undertakerName: ifNotAlive(undertaker.Manifold(undertaker.ManifoldConfig{
@@ -209,12 +216,14 @@
 		unitAssignerName: ifNotDead(unitassigner.Manifold(unitassigner.ManifoldConfig{
 			APICallerName: apiCallerName,
 		})),
-		serviceScalerName: ifNotDead(servicescaler.Manifold(servicescaler.ManifoldConfig{
+		applicationscalerName: ifNotDead(applicationscaler.Manifold(applicationscaler.ManifoldConfig{
 			APICallerName: apiCallerName,
-			NewFacade:     servicescaler.NewFacade,
-			NewWorker:     servicescaler.New,
+			NewFacade:     applicationscaler.NewFacade,
+			NewWorker:     applicationscaler.New,
 		})),
 		instancePollerName: ifNotDead(instancepoller.Manifold(instancepoller.ManifoldConfig{
+			ClockName:     clockName,
+			Delay:         config.InstPollerAggregationDelay,
 			APICallerName: apiCallerName,
 			EnvironName:   environTrackerName,
 		})),
@@ -229,16 +238,11 @@
 		metricWorkerName: ifNotDead(metricworker.Manifold(metricworker.ManifoldConfig{
 			APICallerName: apiCallerName,
 		})),
-		stateCleanerName: ifNotDead(cleaner.Manifold(cleaner.ManifoldConfig{
-			APICallerName: apiCallerName,
-		})),
-		addressCleanerName: ifNotDead(addresser.Manifold(addresser.ManifoldConfig{
-			APICallerName: apiCallerName,
-		})),
 		statusHistoryPrunerName: ifNotDead(statushistorypruner.Manifold(statushistorypruner.ManifoldConfig{
-			APICallerName:    apiCallerName,
-			MaxLogsPerEntity: config.EntityStatusHistoryCount,
-			PruneInterval:    config.EntityStatusHistoryInterval,
+			APICallerName:  apiCallerName,
+			MaxHistoryTime: config.StatusHistoryPrunerMaxHistoryTime,
+			MaxHistoryMB:   config.StatusHistoryPrunerMaxHistoryMB,
+			PruneInterval:  config.StatusHistoryPrunerInterval,
 			// TODO(fwereade): 2016-03-17 lp:1558657
 			NewTimer: worker.NewTimer,
 		})),
@@ -249,16 +253,16 @@
 func clockManifold(clock clock.Clock) dependency.Manifold {
 	return dependency.Manifold{
 		Start: func(_ dependency.Context) (worker.Worker, error) {
-			return util.NewValueWorker(clock)
+			return engine.NewValueWorker(clock)
 		},
-		Output: util.ValueWorkerOutput,
+		Output: engine.ValueWorkerOutput,
 	}
 }
 
 var (
 	// ifResponsible wraps a manifold such that it only runs if the
 	// responsibility flag is set.
-	ifResponsible = util.Housing{
+	ifResponsible = engine.Housing{
 		Flags: []string{
 			isResponsibleFlagName,
 		},
@@ -266,7 +270,7 @@
 
 	// ifNotAlive wraps a manifold such that it only runs if the
 	// responsibility flag is set and the model is Dying or Dead.
-	ifNotAlive = util.Housing{
+	ifNotAlive = engine.Housing{
 		Flags: []string{
 			isResponsibleFlagName,
 			notAliveFlagName,
@@ -275,7 +279,7 @@
 
 	// ifNotDead wraps a manifold such that it only runs if the
 	// responsibility flag is set and the model is Alive or Dying.
-	ifNotDead = util.Housing{
+	ifNotDead = engine.Housing{
 		Flags: []string{
 			isResponsibleFlagName,
 			notDeadFlagName,
@@ -304,11 +308,10 @@
 	storageProvisionerName   = "storage-provisioner"
 	firewallerName           = "firewaller"
 	unitAssignerName         = "unit-assigner"
-	serviceScalerName        = "service-scaler"
+	applicationscalerName    = "application-scaler"
 	instancePollerName       = "instance-poller"
 	charmRevisionUpdaterName = "charm-revision-updater"
 	metricWorkerName         = "metric-worker"
 	stateCleanerName         = "state-cleaner"
-	addressCleanerName       = "address-cleaner"
 	statusHistoryPrunerName  = "status-history-pruner"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/model/manifolds_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,12 +4,11 @@
 package model_test
 
 import (
-	gc "gopkg.in/check.v1"
-
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
 	"github.com/juju/utils/set"
+	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/cmd/jujud/agent/model"
 	"github.com/juju/juju/worker/workertest"
@@ -32,7 +31,6 @@
 	// NOTE: if this test failed, the cmd/jujud/agent tests will
 	// also fail. Search for 'ModelWorkers' to find affected vars.
 	c.Check(actual.Values(), jc.SameContents, []string{
-		"address-cleaner",
 		"agent",
 		"api-caller",
 		"api-config-watcher",
@@ -48,7 +46,7 @@
 		"migration-master",
 		"not-alive-flag",
 		"not-dead-flag",
-		"service-scaler",
+		"application-scaler",
 		"space-importer",
 		"spaces-imported-gate",
 		"state-cleaner",
@@ -83,6 +81,18 @@
 	}
 }
 
+func (s *ManifoldsSuite) TestStateCleanerIgnoresLifeFlags(c *gc.C) {
+	manifolds := model.Manifolds(model.ManifoldsConfig{
+		Agent: &mockAgent{},
+	})
+	manifold, found := manifolds["state-cleaner"]
+	c.Assert(found, jc.IsTrue)
+
+	inputs := set.NewStrings(manifold.Inputs...)
+	c.Check(inputs.Contains("not-alive-flag"), jc.IsFalse)
+	c.Check(inputs.Contains("not-dead-flag"), jc.IsFalse)
+}
+
 func (s *ManifoldsSuite) TestClockWrapper(c *gc.C) {
 	expectClock := &fakeClock{}
 	manifolds := model.Manifolds(model.ManifoldsConfig{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/mongo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/mongo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/mongo_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/mongo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,67 @@
+// Copyright 2012-2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package agent
+
+import (
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/mongo"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/worker/peergrouper"
+)
+
+type mongoSuite struct {
+	coretesting.BaseSuite
+}
+
+var _ = gc.Suite(&mongoSuite{})
+
+func (s *mongoSuite) TestStateWorkerDialSetsWriteMajority(c *gc.C) {
+	s.testStateWorkerDialSetsWriteMajority(c, true)
+}
+
+func (s *mongoSuite) TestStateWorkerDialDoesNotSetWriteMajorityWithoutReplsetConfig(c *gc.C) {
+	s.testStateWorkerDialSetsWriteMajority(c, false)
+}
+
+func (s *mongoSuite) testStateWorkerDialSetsWriteMajority(c *gc.C, configureReplset bool) {
+	inst := gitjujutesting.MgoInstance{
+		Params: []string{"--replSet", "juju"},
+	}
+	err := inst.Start(coretesting.Certs)
+	c.Assert(err, jc.ErrorIsNil)
+	defer inst.Destroy()
+
+	var expectedWMode string
+	dialOpts := stateWorkerDialOpts
+	dialOpts.Timeout = coretesting.LongWait
+	if configureReplset {
+		info := inst.DialInfo()
+		info.Timeout = dialOpts.Timeout
+		args := peergrouper.InitiateMongoParams{
+			DialInfo:       info,
+			MemberHostPort: inst.Addr(),
+		}
+		err = peergrouper.InitiateMongoServer(args)
+		c.Assert(err, jc.ErrorIsNil)
+		expectedWMode = "majority"
+	} else {
+		dialOpts.Direct = true
+	}
+
+	mongoInfo := mongo.Info{
+		Addrs:  []string{inst.Addr()},
+		CACert: coretesting.CACert,
+	}
+	session, err := mongo.DialWithInfo(mongoInfo, dialOpts)
+	c.Assert(err, jc.ErrorIsNil)
+	defer session.Close()
+
+	safe := session.Safe()
+	c.Assert(safe, gc.NotNil)
+	c.Assert(safe.WMode, gc.Equals, expectedWMode)
+	c.Assert(safe.J, jc.IsTrue) // always enabled
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,15 +6,10 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/testing"
-
 	coretesting "github.com/juju/juju/testing"
 )
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1519133, 1519097")
-	}
 	// TODO(waigani) 2014-03-19 bug 1294458
 	// Refactor to use base suites
 	coretesting.MgoTestPackage(t)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/testing/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/testing/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/testing/agent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/testing/agent.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,258 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package testing
-
-import (
-	"fmt"
-	"time"
-
-	"github.com/juju/cmd"
-	"github.com/juju/names"
-	"github.com/juju/replicaset"
-	gitjujutesting "github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/arch"
-	"github.com/juju/utils/series"
-	"github.com/juju/version"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/mgo.v2"
-
-	"github.com/juju/juju/agent"
-	agenttools "github.com/juju/juju/agent/tools"
-	"github.com/juju/juju/apiserver/params"
-	cmdutil "github.com/juju/juju/cmd/jujud/util"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/filestorage"
-	envtesting "github.com/juju/juju/environs/testing"
-	envtools "github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/mongo"
-	"github.com/juju/juju/mongo/mongotest"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-	coretesting "github.com/juju/juju/testing"
-	coretools "github.com/juju/juju/tools"
-	jujuversion "github.com/juju/juju/version"
-	"github.com/juju/juju/worker/peergrouper"
-)
-
-type patchingSuite interface {
-	PatchValue(interface{}, interface{})
-}
-
-// InstallFakeEnsureMongo creates a new FakeEnsureMongo, patching
-// out replicaset.CurrentConfig and cmdutil.EnsureMongoServer.
-func InstallFakeEnsureMongo(suite patchingSuite) *FakeEnsureMongo {
-	f := &FakeEnsureMongo{
-		ServiceInstalled: true,
-	}
-	suite.PatchValue(&mongo.IsServiceInstalled, f.IsServiceInstalled)
-	suite.PatchValue(&replicaset.CurrentConfig, f.CurrentConfig)
-	suite.PatchValue(&cmdutil.EnsureMongoServer, f.EnsureMongo)
-	return f
-}
-
-// FakeEnsureMongo provides test fakes for the functions used to
-// initialise MongoDB.
-type FakeEnsureMongo struct {
-	EnsureCount      int
-	InitiateCount    int
-	DataDir          string
-	OplogSize        int
-	Info             state.StateServingInfo
-	InitiateParams   peergrouper.InitiateMongoParams
-	Err              error
-	ServiceInstalled bool
-}
-
-func (f *FakeEnsureMongo) IsServiceInstalled() (bool, error) {
-	return f.ServiceInstalled, nil
-}
-
-func (f *FakeEnsureMongo) CurrentConfig(*mgo.Session) (*replicaset.Config, error) {
-	// Return a dummy replicaset config that's good enough to
-	// indicate that the replicaset is initiated.
-	return &replicaset.Config{
-		Members: []replicaset.Member{{}},
-	}, nil
-}
-
-func (f *FakeEnsureMongo) EnsureMongo(args mongo.EnsureServerParams) error {
-	f.EnsureCount++
-	f.DataDir, f.OplogSize = args.DataDir, args.OplogSize
-	f.Info = state.StateServingInfo{
-		APIPort:        args.APIPort,
-		StatePort:      args.StatePort,
-		Cert:           args.Cert,
-		PrivateKey:     args.PrivateKey,
-		CAPrivateKey:   args.CAPrivateKey,
-		SharedSecret:   args.SharedSecret,
-		SystemIdentity: args.SystemIdentity,
-	}
-	return f.Err
-}
-
-func (f *FakeEnsureMongo) InitiateMongo(p peergrouper.InitiateMongoParams) error {
-	f.InitiateCount++
-	f.InitiateParams = p
-	return nil
-}
-
-// agentSuite is a fixture to be used by agent test suites.
-type AgentSuite struct {
-	oldRestartDelay time.Duration
-	testing.JujuConnSuite
-}
-
-// PrimeAgent writes the configuration file and tools for an agent
-// with the given entity name. It returns the agent's configuration and the
-// current tools.
-func (s *AgentSuite) PrimeAgent(c *gc.C, tag names.Tag, password string) (agent.ConfigSetterWriter, *coretools.Tools) {
-	vers := version.Binary{
-		Number: jujuversion.Current,
-		Arch:   arch.HostArch(),
-		Series: series.HostSeries(),
-	}
-	return s.PrimeAgentVersion(c, tag, password, vers)
-}
-
-// PrimeAgentVersion writes the configuration file and tools with version
-// vers for an agent with the given entity name. It returns the agent's
-// configuration and the current tools.
-func (s *AgentSuite) PrimeAgentVersion(c *gc.C, tag names.Tag, password string, vers version.Binary) (agent.ConfigSetterWriter, *coretools.Tools) {
-	c.Logf("priming agent %s", tag.String())
-	stor, err := filestorage.NewFileStorageWriter(c.MkDir())
-	c.Assert(err, jc.ErrorIsNil)
-	agentTools := envtesting.PrimeTools(c, stor, s.DataDir(), "released", vers)
-	err = envtools.MergeAndWriteMetadata(stor, "released", "released", coretools.List{agentTools}, envtools.DoNotWriteMirrors)
-	tools1, err := agenttools.ChangeAgentTools(s.DataDir(), tag.String(), vers)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(tools1, gc.DeepEquals, agentTools)
-
-	stateInfo := s.MongoInfo(c)
-	apiInfo := s.APIInfo(c)
-	paths := agent.DefaultPaths
-	paths.DataDir = s.DataDir()
-	conf, err := agent.NewAgentConfig(
-		agent.AgentConfigParams{
-			Paths:             paths,
-			Tag:               tag,
-			UpgradedToVersion: vers.Number,
-			Password:          password,
-			Nonce:             agent.BootstrapNonce,
-			StateAddresses:    stateInfo.Addrs,
-			APIAddresses:      apiInfo.Addrs,
-			CACert:            stateInfo.CACert,
-			Model:             apiInfo.ModelTag,
-		})
-	c.Assert(err, jc.ErrorIsNil)
-	conf.SetPassword(password)
-	c.Assert(conf.Write(), gc.IsNil)
-	s.primeAPIHostPorts(c)
-	return conf, agentTools
-}
-
-// PrimeStateAgent writes the configuration file and tools for
-// a state agent with the given entity name. It returns the agent's
-// configuration and the current tools.
-func (s *AgentSuite) PrimeStateAgent(c *gc.C, tag names.Tag, password string) (agent.ConfigSetterWriter, *coretools.Tools) {
-	vers := version.Binary{
-		Number: jujuversion.Current,
-		Arch:   arch.HostArch(),
-		Series: series.HostSeries(),
-	}
-	return s.PrimeStateAgentVersion(c, tag, password, vers)
-}
-
-// PrimeStateAgentVersion writes the configuration file and tools with
-// version vers for a state agent with the given entity name. It
-// returns the agent's configuration and the current tools.
-func (s *AgentSuite) PrimeStateAgentVersion(c *gc.C, tag names.Tag, password string, vers version.Binary) (
-	agent.ConfigSetterWriter, *coretools.Tools,
-) {
-	stor, err := filestorage.NewFileStorageWriter(c.MkDir())
-	c.Assert(err, jc.ErrorIsNil)
-	agentTools := envtesting.PrimeTools(c, stor, s.DataDir(), "released", vers)
-	tools1, err := agenttools.ChangeAgentTools(s.DataDir(), tag.String(), vers)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(tools1, gc.DeepEquals, agentTools)
-
-	conf := s.WriteStateAgentConfig(c, tag, password, vers, s.State.ModelTag())
-	s.primeAPIHostPorts(c)
-	return conf, agentTools
-}
-
-// WriteStateAgentConfig creates and writes a state agent config.
-func (s *AgentSuite) WriteStateAgentConfig(
-	c *gc.C,
-	tag names.Tag,
-	password string,
-	vers version.Binary,
-	modelTag names.ModelTag,
-) agent.ConfigSetterWriter {
-	stateInfo := s.State.MongoConnectionInfo()
-	apiPort := gitjujutesting.FindTCPPort()
-	apiAddr := []string{fmt.Sprintf("localhost:%d", apiPort)}
-	conf, err := agent.NewStateMachineConfig(
-		agent.AgentConfigParams{
-			Paths:             agent.NewPathsWithDefaults(agent.Paths{DataDir: s.DataDir()}),
-			Tag:               tag,
-			UpgradedToVersion: vers.Number,
-			Password:          password,
-			Nonce:             agent.BootstrapNonce,
-			StateAddresses:    stateInfo.Addrs,
-			APIAddresses:      apiAddr,
-			CACert:            stateInfo.CACert,
-			Model:             modelTag,
-		},
-		params.StateServingInfo{
-			Cert:         coretesting.ServerCert,
-			PrivateKey:   coretesting.ServerKey,
-			CAPrivateKey: coretesting.CAKey,
-			StatePort:    gitjujutesting.MgoServer.Port(),
-			APIPort:      apiPort,
-		})
-	c.Assert(err, jc.ErrorIsNil)
-	conf.SetPassword(password)
-	c.Assert(conf.Write(), gc.IsNil)
-	return conf
-}
-
-func (s *AgentSuite) primeAPIHostPorts(c *gc.C) {
-	apiInfo := s.APIInfo(c)
-
-	c.Assert(apiInfo.Addrs, gc.HasLen, 1)
-	hostPorts, err := network.ParseHostPorts(apiInfo.Addrs[0])
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.State.SetAPIHostPorts([][]network.HostPort{hostPorts})
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Logf("api host ports primed %#v", hostPorts)
-}
-
-// InitAgent initialises the given agent command with additional
-// arguments as provided.
-func (s *AgentSuite) InitAgent(c *gc.C, a cmd.Command, args ...string) {
-	args = append([]string{"--data-dir", s.DataDir()}, args...)
-	err := coretesting.InitCommand(a, args)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *AgentSuite) AssertCanOpenState(c *gc.C, tag names.Tag, dataDir string) {
-	config, err := agent.ReadConfig(agent.ConfigPath(dataDir, tag))
-	c.Assert(err, jc.ErrorIsNil)
-	info, ok := config.MongoInfo()
-	c.Assert(ok, jc.IsTrue)
-	st, err := state.Open(config.Model(), info, mongotest.DialOpts(), environs.NewStatePolicy())
-	c.Assert(err, jc.ErrorIsNil)
-	st.Close()
-}
-
-func (s *AgentSuite) AssertCannotOpenState(c *gc.C, tag names.Tag, dataDir string) {
-	config, err := agent.ReadConfig(agent.ConfigPath(dataDir, tag))
-	c.Assert(err, jc.ErrorIsNil)
-	_, ok := config.MongoInfo()
-	c.Assert(ok, jc.IsFalse)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,6 +7,7 @@
 	"time"
 
 	"github.com/juju/errors"
+	"github.com/juju/utils/clock"
 	"github.com/juju/utils/voyeur"
 
 	coreagent "github.com/juju/juju/agent"
@@ -21,7 +22,6 @@
 	"github.com/juju/juju/worker/leadership"
 	"github.com/juju/juju/worker/logger"
 	"github.com/juju/juju/worker/logsender"
-	"github.com/juju/juju/worker/machinelock"
 	"github.com/juju/juju/worker/meterstatus"
 	"github.com/juju/juju/worker/metrics/collect"
 	"github.com/juju/juju/worker/metrics/sender"
@@ -79,13 +79,6 @@
 		// (Currently, that is "all manifolds", but consider a shared clock.)
 		agentName: agent.Manifold(config.Agent),
 
-		// The machine lock manifold is a thin concurrent wrapper around an
-		// FSLock in an agreed location. We expect it to be replaced with an
-		// in-memory lock when the unit agent moves into the machine agent.
-		machineLockName: machinelock.Manifold(machinelock.ManifoldConfig{
-			AgentName: agentName,
-		}),
-
 		// The api-config-watcher manifold monitors the API server
 		// addresses in the agent config and bounces when they
 		// change. It's required as part of model migrations.
@@ -195,10 +188,11 @@
 		// coming weeks, and to need one per unit in a consolidated agent
 		// (and probably one for each component broken out).
 		uniterName: uniter.Manifold(uniter.ManifoldConfig{
-			AgentName:             agentName,
-			APICallerName:         apiCallerName,
+			AgentName:       agentName,
+			APICallerName:   apiCallerName,
+			MachineLockName: coreagent.MachineLockName,
+			Clock:           clock.WallClock,
 			LeadershipTrackerName: leadershipTrackerName,
-			MachineLockName:       machineLockName,
 			CharmDirName:          charmDirName,
 			HookRetryStrategyName: hookRetryStrategyName,
 		}),
@@ -221,7 +215,8 @@
 		meterStatusName: meterstatus.Manifold(meterstatus.ManifoldConfig{
 			AgentName:                agentName,
 			APICallerName:            apiCallerName,
-			MachineLockName:          machineLockName,
+			MachineLockName:          coreagent.MachineLockName,
+			Clock:                    clock.WallClock,
 			NewHookRunner:            meterstatus.NewHookRunner,
 			NewMeterStatusAPIClient:  msapi.NewClient,
 			NewConnectedStatusWorker: meterstatus.NewConnectedStatusWorker,
@@ -239,7 +234,6 @@
 
 const (
 	agentName            = "agent"
-	machineLockName      = "machine-lock"
 	apiConfigWatcherName = "api-config-watcher"
 	apiCallerName        = "api-caller"
 	logSenderName        = "log-sender"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit/manifolds_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,7 +39,6 @@
 	manifolds := unit.Manifolds(config)
 	expectedKeys := []string{
 		"agent",
-		"machine-lock",
 		"api-config-watcher",
 		"api-caller",
 		"log-sender",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,9 +11,9 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/featureflag"
 	"github.com/juju/utils/voyeur"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/natefinch/lumberjack.v2"
 	"launchpad.net/gnuflag"
 	"launchpad.net/tomb"
@@ -21,12 +21,10 @@
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/cmd/jujud/agent/unit"
 	cmdutil "github.com/juju/juju/cmd/jujud/util"
-	"github.com/juju/juju/network"
 	jujuversion "github.com/juju/juju/version"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 	"github.com/juju/juju/worker/logsender"
-	"github.com/juju/juju/worker/uniter"
 )
 
 var (
@@ -121,24 +119,10 @@
 	if err := a.ReadConfig(a.Tag().String()); err != nil {
 		return err
 	}
-	agentConfig := a.CurrentConfig()
-
 	agentLogger.Infof("unit agent %v start (%s [%s])", a.Tag().String(), jujuversion.Current, runtime.Compiler)
 	if flags := featureflag.String(); flags != "" {
 		logger.Warningf("developer feature flags enabled: %s", flags)
 	}
-	network.SetPreferIPv6(agentConfig.PreferIPv6())
-
-	// Sometimes there are upgrade steps that are needed for each unit.
-	// There are plans afoot to unify the unit and machine agents. When
-	// this happens, there will be a simple helper function for the upgrade
-	// steps to run something for each unit on the machine. Until then, we
-	// need to have the uniter do it, as the overhead of getting a full
-	// upgrade process in the unit agent out weights the current benefits.
-	// So.. since the upgrade steps are all idempotent, we will just call
-	// the upgrade steps when we start the uniter. To be clear, these
-	// should move back to the upgrade package when we do unify the agents.
-	runUpgrades(agentConfig.Tag(), agentConfig.DataDir())
 
 	a.runner.StartWorker("api", a.APIWorkers)
 	err := cmdutil.AgentDone(logger, a.runner.Wait())
@@ -146,27 +130,6 @@
 	return err
 }
 
-// runUpgrades is a temporary fix to deal with upgrade steps that need
-// to be run for each unit. This function cannot fail. Errors in the
-// upgrade steps are logged, but the uniter will attempt to continue.
-// Worst case, we are no worse off than we are today, best case, things
-// actually work properly. Only simple upgrade steps that don't use the API
-// are available now. If we need really complex steps using the API, there
-// should be significant steps to unify the agents first.
-func runUpgrades(tag names.Tag, dataDir string) {
-	unitTag, ok := tag.(names.UnitTag)
-	if !ok {
-		logger.Errorf("unit agent tag not a unit tag: %v", tag)
-		return
-	}
-	if err := uniter.AddStoppedFieldToUniterState(unitTag, dataDir); err != nil {
-		logger.Errorf("Upgrade step failed - add Stopped field to uniter state: %v", err)
-	}
-	if err := uniter.AddInstalledToUniterState(unitTag, dataDir); err != nil {
-		logger.Errorf("Upgrade step failed - installed boolean needs to be set in the uniter local state: %v", err)
-	}
-}
-
 // APIWorkers returns a dependency.Engine running the unit agent's responsibilities.
 func (a *UnitAgent) APIWorkers() (worker.Worker, error) {
 	manifolds := unit.Manifolds(unit.ManifoldsConfig{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,7 +22,7 @@
 
 	"github.com/juju/juju/agent"
 	agenttools "github.com/juju/juju/agent/tools"
-	agenttesting "github.com/juju/juju/cmd/jujud/agent/testing"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
 	envtesting "github.com/juju/juju/environs/testing"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/network"
@@ -36,7 +36,7 @@
 
 type UnitSuite struct {
 	coretesting.GitSuite
-	agenttesting.AgentSuite
+	agenttest.AgentSuite
 }
 
 var _ = gc.Suite(&UnitSuite{})
@@ -61,8 +61,6 @@
 	s.GitSuite.TearDownTest(c)
 }
 
-const initialUnitPassword = "unit-password-1234567890"
-
 // primeAgent creates a unit, and sets up the unit agent's directory.
 // It returns the assigned machine, new unit and the agent's configuration.
 func (s *UnitSuite) primeAgent(c *gc.C) (*state.Machine, *state.Unit, agent.Config, *tools.Tools) {
@@ -79,7 +77,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	machine, err := s.State.Machine(id)
 	c.Assert(err, jc.ErrorIsNil)
-	inst, md := jujutesting.AssertStartInstance(c, s.Environ, id)
+	inst, md := jujutesting.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), id)
 	err = machine.SetProvisioned(inst.Id(), agent.BootstrapNonce, md)
 	c.Assert(err, jc.ErrorIsNil)
 	conf, tools := s.PrimeAgent(c, unit.Tag(), initialUnitPassword)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/agent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/agent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/agent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/agent.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,35 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util
-
-import (
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-)
-
-// Some manifolds just depend on an agent; this type configures them.
-type AgentManifoldConfig struct {
-	AgentName string
-}
-
-// AgentStartFunc encapsulates the behaviour that varies among AgentManifolds.
-type AgentStartFunc func(agent.Agent) (worker.Worker, error)
-
-// AgentManifold returns a dependency.Manifold that calls the supplied start
-// func with the agent resource defined in the config (once it's present).
-func AgentManifold(config AgentManifoldConfig, start AgentStartFunc) dependency.Manifold {
-	return dependency.Manifold{
-		Inputs: []string{
-			config.AgentName,
-		},
-		Start: func(context dependency.Context) (worker.Worker, error) {
-			var agent agent.Agent
-			if err := context.Get(config.AgentName, &agent); err != nil {
-				return nil, err
-			}
-			return start(agent)
-		},
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/agent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/agent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/agent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/agent_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,92 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util_test
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	dt "github.com/juju/juju/worker/dependency/testing"
-)
-
-type AgentManifoldSuite struct {
-	testing.IsolationSuite
-	testing.Stub
-	manifold dependency.Manifold
-	worker   worker.Worker
-}
-
-var _ = gc.Suite(&AgentManifoldSuite{})
-
-func (s *AgentManifoldSuite) SetUpTest(c *gc.C) {
-	s.IsolationSuite.SetUpTest(c)
-	s.Stub = testing.Stub{}
-	s.worker = &dummyWorker{}
-	s.manifold = util.AgentManifold(util.AgentManifoldConfig{
-		AgentName: "agent-name",
-	}, s.newWorker)
-}
-
-func (s *AgentManifoldSuite) newWorker(a agent.Agent) (worker.Worker, error) {
-	s.AddCall("newWorker", a)
-	if err := s.NextErr(); err != nil {
-		return nil, err
-	}
-	return s.worker, nil
-}
-
-func (s *AgentManifoldSuite) TestInputs(c *gc.C) {
-	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{"agent-name"})
-}
-
-func (s *AgentManifoldSuite) TestOutput(c *gc.C) {
-	c.Check(s.manifold.Output, gc.IsNil)
-}
-
-func (s *AgentManifoldSuite) TestStartAgentMissing(c *gc.C) {
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name": dependency.ErrMissing,
-	})
-
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.Equals, dependency.ErrMissing)
-}
-
-func (s *AgentManifoldSuite) TestStartFailure(c *gc.C) {
-	expectAgent := &dummyAgent{}
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name": expectAgent,
-	})
-	s.SetErrors(errors.New("some error"))
-
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.ErrorMatches, "some error")
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "newWorker",
-		Args:     []interface{}{expectAgent},
-	}})
-}
-
-func (s *AgentManifoldSuite) TestStartSuccess(c *gc.C) {
-	expectAgent := &dummyAgent{}
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name": expectAgent,
-	})
-
-	worker, err := s.manifold.Start(context)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(worker, gc.Equals, s.worker)
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "newWorker",
-		Args:     []interface{}{expectAgent},
-	}})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,44 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util
-
-import (
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-)
-
-// Many manifolds completely depend on an agent and an API connection; this
-// type configures them.
-type AgentApiManifoldConfig struct {
-	AgentName     string
-	APICallerName string
-}
-
-// AgentApiStartFunc encapsulates the behaviour that varies among AgentApiManifolds.
-type AgentApiStartFunc func(agent.Agent, base.APICaller) (worker.Worker, error)
-
-// AgentApiManifold returns a dependency.Manifold that calls the supplied start
-// func with the API and agent resources defined in the config (once those
-// resources are present).
-func AgentApiManifold(config AgentApiManifoldConfig, start AgentApiStartFunc) dependency.Manifold {
-	return dependency.Manifold{
-		Inputs: []string{
-			config.AgentName,
-			config.APICallerName,
-		},
-		Start: func(context dependency.Context) (worker.Worker, error) {
-			var agent agent.Agent
-			if err := context.Get(config.AgentName, &agent); err != nil {
-				return nil, err
-			}
-			var apiCaller base.APICaller
-			if err := context.Get(config.APICallerName, &apiCaller); err != nil {
-				return nil, err
-			}
-			return start(agent, apiCaller)
-		},
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/apiagent_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,121 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util_test
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	dt "github.com/juju/juju/worker/dependency/testing"
-)
-
-type AgentApiManifoldSuite struct {
-	testing.IsolationSuite
-	testing.Stub
-	manifold dependency.Manifold
-	worker   worker.Worker
-}
-
-var _ = gc.Suite(&AgentApiManifoldSuite{})
-
-func (s *AgentApiManifoldSuite) SetUpTest(c *gc.C) {
-	s.IsolationSuite.SetUpTest(c)
-	s.Stub = testing.Stub{}
-	s.worker = &dummyWorker{}
-	s.manifold = util.AgentApiManifold(util.AgentApiManifoldConfig{
-		AgentName:     "agent-name",
-		APICallerName: "api-caller-name",
-	}, s.newWorker)
-}
-
-func (s *AgentApiManifoldSuite) newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
-	s.AddCall("newWorker", a, apiCaller)
-	if err := s.NextErr(); err != nil {
-		return nil, err
-	}
-	return s.worker, nil
-}
-
-func (s *AgentApiManifoldSuite) TestInputs(c *gc.C) {
-	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{"agent-name", "api-caller-name"})
-}
-
-func (s *AgentApiManifoldSuite) TestOutput(c *gc.C) {
-	c.Check(s.manifold.Output, gc.IsNil)
-}
-
-func (s *AgentApiManifoldSuite) TestStartAgentMissing(c *gc.C) {
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name": dependency.ErrMissing,
-	})
-
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.Equals, dependency.ErrMissing)
-}
-
-func (s *AgentApiManifoldSuite) TestStartApiConnMissing(c *gc.C) {
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name":      &dummyAgent{},
-		"api-caller-name": dependency.ErrMissing,
-	})
-
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.Equals, dependency.ErrMissing)
-}
-
-func (s *AgentApiManifoldSuite) TestStartFailure(c *gc.C) {
-	expectAgent := &dummyAgent{}
-	expectApiCaller := &dummyApiCaller{}
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name":      expectAgent,
-		"api-caller-name": expectApiCaller,
-	})
-	s.SetErrors(errors.New("some error"))
-
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.ErrorMatches, "some error")
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "newWorker",
-		Args:     []interface{}{expectAgent, expectApiCaller},
-	}})
-}
-
-func (s *AgentApiManifoldSuite) TestStartSuccess(c *gc.C) {
-	expectAgent := &dummyAgent{}
-	expectApiCaller := &dummyApiCaller{}
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name":      expectAgent,
-		"api-caller-name": expectApiCaller,
-	})
-
-	worker, err := s.manifold.Start(context)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(worker, gc.Equals, s.worker)
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "newWorker",
-		Args:     []interface{}{expectAgent, expectApiCaller},
-	}})
-}
-
-type dummyApiCaller struct {
-	base.APICaller
-}
-
-type dummyAgent struct {
-	agent.Agent
-}
-
-type dummyWorker struct {
-	worker.Worker
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/api.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/api.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/api.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,36 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util
-
-import (
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-)
-
-// Some (hopefully growing number of) manifolds completely depend on an API
-// connection; this type configures them.
-type ApiManifoldConfig struct {
-	APICallerName string
-}
-
-// ApiStartFunc encapsulates the behaviour that varies among ApiManifolds.
-type ApiStartFunc func(base.APICaller) (worker.Worker, error)
-
-// ApiManifold returns a dependency.Manifold that calls the supplied start
-// func with the API resource defined in the config (once it's present).
-func ApiManifold(config ApiManifoldConfig, start ApiStartFunc) dependency.Manifold {
-	return dependency.Manifold{
-		Inputs: []string{
-			config.APICallerName,
-		},
-		Start: func(context dependency.Context) (worker.Worker, error) {
-			var apiCaller base.APICaller
-			if err := context.Get(config.APICallerName, &apiCaller); err != nil {
-				return nil, err
-			}
-			return start(apiCaller)
-		},
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/api_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/api_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,92 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util_test
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	dt "github.com/juju/juju/worker/dependency/testing"
-)
-
-type ApiManifoldSuite struct {
-	testing.IsolationSuite
-	testing.Stub
-	manifold dependency.Manifold
-	worker   worker.Worker
-}
-
-var _ = gc.Suite(&ApiManifoldSuite{})
-
-func (s *ApiManifoldSuite) SetUpTest(c *gc.C) {
-	s.IsolationSuite.SetUpTest(c)
-	s.Stub = testing.Stub{}
-	s.worker = &dummyWorker{}
-	s.manifold = util.ApiManifold(util.ApiManifoldConfig{
-		APICallerName: "api-caller-name",
-	}, s.newWorker)
-}
-
-func (s *ApiManifoldSuite) newWorker(apiCaller base.APICaller) (worker.Worker, error) {
-	s.AddCall("newWorker", apiCaller)
-	if err := s.NextErr(); err != nil {
-		return nil, err
-	}
-	return s.worker, nil
-}
-
-func (s *ApiManifoldSuite) TestInputs(c *gc.C) {
-	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{"api-caller-name"})
-}
-
-func (s *ApiManifoldSuite) TestOutput(c *gc.C) {
-	c.Check(s.manifold.Output, gc.IsNil)
-}
-
-func (s *ApiManifoldSuite) TestStartApiMissing(c *gc.C) {
-	context := dt.StubContext(nil, map[string]interface{}{
-		"api-caller-name": dependency.ErrMissing,
-	})
-
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.Equals, dependency.ErrMissing)
-}
-
-func (s *ApiManifoldSuite) TestStartFailure(c *gc.C) {
-	expectApiCaller := &dummyApiCaller{}
-	context := dt.StubContext(nil, map[string]interface{}{
-		"api-caller-name": expectApiCaller,
-	})
-	s.SetErrors(errors.New("some error"))
-
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.ErrorMatches, "some error")
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "newWorker",
-		Args:     []interface{}{expectApiCaller},
-	}})
-}
-
-func (s *ApiManifoldSuite) TestStartSuccess(c *gc.C) {
-	expectApiCaller := &dummyApiCaller{}
-	context := dt.StubContext(nil, map[string]interface{}{
-		"api-caller-name": expectApiCaller,
-	})
-
-	worker, err := s.manifold.Start(context)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(worker, gc.Equals, s.worker)
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "newWorker",
-		Args:     []interface{}{expectApiCaller},
-	}})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/flag.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/flag.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/flag.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/flag.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,34 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/worker"
-)
-
-// Flag represents a single boolean used to determine whether a given
-// manifold worker should run.
-type Flag interface {
-
-	// Check returns the flag's value. Check calls must *always* return
-	// the same value for a given instatiation of the type implementing
-	// Flag.
-	Check() bool
-}
-
-// FlagOutput will expose, as a Flag, any worker that implements Flag.
-func FlagOutput(in worker.Worker, out interface{}) error {
-	inFlag, ok := in.(Flag)
-	if !ok {
-		return errors.Errorf("expected in to implement Flag; got a %T", in)
-	}
-	outFlag, ok := out.(*Flag)
-	if !ok {
-		return errors.Errorf("expected out to be a *Flag; got a %T", out)
-	}
-	*outFlag = inFlag
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/flag_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/flag_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/flag_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/flag_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,52 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util_test
-
-import (
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-)
-
-type FlagSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&FlagSuite{})
-
-func (*FlagSuite) TestFlagOutputBadWorker(c *gc.C) {
-	in := &stubWorker{}
-	var out util.Flag
-	err := util.FlagOutput(in, &out)
-	c.Check(err, gc.ErrorMatches, `expected in to implement Flag; got a .*`)
-	c.Check(out, gc.IsNil)
-}
-
-func (*FlagSuite) TestFlagOutputBadTarget(c *gc.C) {
-	in := &stubFlagWorker{}
-	var out interface{}
-	err := util.FlagOutput(in, &out)
-	c.Check(err, gc.ErrorMatches, `expected out to be a \*Flag; got a .*`)
-	c.Check(out, gc.IsNil)
-}
-
-func (*FlagSuite) TestFlagOutputSuccess(c *gc.C) {
-	in := &stubFlagWorker{}
-	var out util.Flag
-	err := util.FlagOutput(in, &out)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(out, gc.Equals, in)
-}
-
-type stubWorker struct {
-	worker.Worker
-}
-
-type stubFlagWorker struct {
-	util.Flag
-	worker.Worker
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/housing.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/housing.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/housing.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/housing.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,109 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	"github.com/juju/juju/worker/fortress"
-)
-
-// Decorator creates copies of dependency.Manifolds with additional
-// features.
-type Decorator interface {
-
-	// Decorate returns a new Manifold, based on the one supplied.
-	Decorate(dependency.Manifold) dependency.Manifold
-}
-
-// Housing is a Decorator that combines several common mechanisms
-// for coordinating manifolds independently of their core concerns.
-type Housing struct {
-
-	// Flags contains a list of names of Flag manifolds, such
-	// that a decorated manifold will not start until all flags
-	// are both present and valid (and will be stopped when that
-	// is no longer true).
-	Flags []string
-
-	// Occupy is ignored if empty; otherwise it contains the name
-	// of a fortress.Guest manifold, such that a decorated manifold
-	// will never be run outside a Visit to that fortress.
-	//
-	// NOTE: this acquires a lock, and holds it for your manifold's
-	// worker's whole lifetime. It's fine in isolation, but multiple
-	// Occupy~s are almost certainly a Bad Idea.
-	Occupy string
-
-	// Filter is ignored if nil; otherwise it's unconditionally set
-	// as the manifold's Filter. Similarly to Occupy, attempted use
-	// of multiple filters is unlikely to be a great idea; it most
-	// likely indicates that either your Engine's IsFatal is too
-	// enthusiastic, or responsibility for termination is spread too
-	// widely across your installed manifolds, or both.
-	Filter dependency.FilterFunc
-}
-
-// Decorate is part of the Decorator interface.
-func (housing Housing) Decorate(base dependency.Manifold) dependency.Manifold {
-	manifold := base
-	// Apply Occupy wrapping first, so that it will be the last
-	// wrapper to execute before calling the original Start func, so
-	// as to minimise the time we hold the fortress open.
-	if housing.Occupy != "" {
-		manifold.Inputs = maybeAdd(manifold.Inputs, housing.Occupy)
-		manifold.Start = occupyStart(manifold.Start, housing.Occupy)
-	}
-	for _, name := range housing.Flags {
-		manifold.Inputs = maybeAdd(manifold.Inputs, name)
-		manifold.Start = flagStart(manifold.Start, name)
-	}
-	if housing.Filter != nil {
-		manifold.Filter = housing.Filter
-	}
-	return manifold
-}
-
-func maybeAdd(original []string, add string) []string {
-	for _, name := range original {
-		if name == add {
-			return original
-		}
-	}
-	count := len(original)
-	result := make([]string, count, count+1)
-	copy(result, original)
-	return append(result, add)
-}
-
-func occupyStart(inner dependency.StartFunc, name string) dependency.StartFunc {
-	return func(context dependency.Context) (worker.Worker, error) {
-		var guest fortress.Guest
-		if err := context.Get(name, &guest); err != nil {
-			return nil, errors.Trace(err)
-		}
-		task := func() (worker.Worker, error) {
-			return inner(context)
-		}
-		worker, err := fortress.Occupy(guest, task, context.Abort())
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		return worker, nil
-	}
-}
-
-func flagStart(inner dependency.StartFunc, name string) dependency.StartFunc {
-	return func(context dependency.Context) (worker.Worker, error) {
-		var flag Flag
-		if err := context.Get(name, &flag); err != nil {
-			return nil, errors.Trace(err)
-		}
-		if !flag.Check() {
-			return nil, dependency.ErrMissing
-		}
-		return inner(context)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/housing_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/housing_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/housing_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/housing_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,350 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util_test
-
-import (
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	dt "github.com/juju/juju/worker/dependency/testing"
-	"github.com/juju/juju/worker/fortress"
-	"github.com/juju/juju/worker/workertest"
-)
-
-type HousingSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&HousingSuite{})
-
-func (*HousingSuite) TestEmptyHousingEmptyManifold(c *gc.C) {
-	manifold := util.Housing{}.Decorate(dependency.Manifold{})
-
-	c.Check(manifold.Inputs, gc.HasLen, 0)
-	c.Check(manifold.Start, gc.IsNil)
-	c.Check(manifold.Output, gc.IsNil)
-	c.Check(manifold.Filter, gc.IsNil)
-}
-
-func (*HousingSuite) TestEmptyHousingPopulatedManifold(c *gc.C) {
-	manifold := util.Housing{}.Decorate(dependency.Manifold{
-		Inputs: []string{"x", "y", "z"},
-		Start:  panicStart,
-		Output: panicOutput,
-		Filter: panicFilter,
-	})
-
-	c.Check(manifold.Inputs, jc.DeepEquals, []string{"x", "y", "z"})
-	c.Check(func() {
-		manifold.Start(nil)
-	}, gc.PanicMatches, "panicStart")
-	c.Check(func() {
-		manifold.Output(nil, nil)
-	}, gc.PanicMatches, "panicOutput")
-	c.Check(func() {
-		manifold.Filter(nil)
-	}, gc.PanicMatches, "panicFilter")
-}
-
-func (*HousingSuite) TestReplacesFilter(c *gc.C) {
-	expectIn := errors.New("tweedledum")
-	expectOut := errors.New("tweedledee")
-	manifold := util.Housing{
-		Filter: func(in error) error {
-			c.Check(in, gc.Equals, expectIn)
-			return expectOut
-		},
-	}.Decorate(dependency.Manifold{
-		Filter: panicFilter,
-	})
-
-	out := manifold.Filter(expectIn)
-	c.Check(out, gc.Equals, expectOut)
-}
-
-func (*HousingSuite) TestFlagsNoInput(c *gc.C) {
-	manifold := util.Housing{
-		Flags: []string{"foo", "bar"},
-	}.Decorate(dependency.Manifold{})
-
-	expect := []string{"foo", "bar"}
-	c.Check(manifold.Inputs, jc.DeepEquals, expect)
-}
-
-func (*HousingSuite) TestFlagsNewInput(c *gc.C) {
-	manifold := util.Housing{
-		Flags: []string{"foo", "bar"},
-	}.Decorate(dependency.Manifold{
-		Inputs: []string{"ping", "pong"},
-	})
-
-	expect := []string{"ping", "pong", "foo", "bar"}
-	c.Check(manifold.Inputs, jc.DeepEquals, expect)
-}
-
-func (*HousingSuite) TestFlagsExistingInput(c *gc.C) {
-	manifold := util.Housing{
-		Flags: []string{"a", "c", "d"},
-	}.Decorate(dependency.Manifold{
-		Inputs: []string{"a", "b"},
-	})
-
-	expect := []string{"a", "b", "c", "d"}
-	c.Check(manifold.Inputs, jc.DeepEquals, expect)
-}
-
-func (*HousingSuite) TestFlagMissing(c *gc.C) {
-	manifold := util.Housing{
-		Flags: []string{"flag"},
-	}.Decorate(dependency.Manifold{})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"flag": dependency.ErrMissing,
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
-}
-
-func (*HousingSuite) TestFlagBadType(c *gc.C) {
-	manifold := util.Housing{
-		Flags: []string{"flag"},
-	}.Decorate(dependency.Manifold{})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"flag": false,
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.ErrorMatches, "cannot set false into .*")
-}
-
-func (*HousingSuite) TestFlagBadValue(c *gc.C) {
-	manifold := util.Housing{
-		Flags: []string{"flag"},
-	}.Decorate(dependency.Manifold{})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"flag": flag{false},
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
-}
-
-func (*HousingSuite) TestFlagSuccess(c *gc.C) {
-	expectWorker := &struct{ worker.Worker }{}
-	manifold := util.Housing{
-		Flags: []string{"flag"},
-	}.Decorate(dependency.Manifold{
-		Start: func(dependency.Context) (worker.Worker, error) {
-			return expectWorker, nil
-		},
-	})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"flag": flag{true},
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(worker, gc.Equals, expectWorker)
-	c.Check(err, jc.ErrorIsNil)
-}
-
-func (*HousingSuite) TestOccupyNewInput(c *gc.C) {
-	manifold := util.Housing{
-		Occupy: "fortress",
-	}.Decorate(dependency.Manifold{
-		Inputs: []string{"ping", "pong"},
-	})
-
-	expect := []string{"ping", "pong", "fortress"}
-	c.Check(manifold.Inputs, jc.DeepEquals, expect)
-}
-
-func (*HousingSuite) TestOccupyExistingInput(c *gc.C) {
-	manifold := util.Housing{
-		Occupy: "fortress",
-	}.Decorate(dependency.Manifold{
-		Inputs: []string{"citadel", "fortress", "bastion"},
-	})
-
-	expect := []string{"citadel", "fortress", "bastion"}
-	c.Check(manifold.Inputs, jc.DeepEquals, expect)
-}
-
-func (*HousingSuite) TestFlagBlocksOccupy(c *gc.C) {
-	manifold := util.Housing{
-		Flags:  []string{"flag"},
-		Occupy: "fortress",
-	}.Decorate(dependency.Manifold{})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"flag":     dependency.ErrMissing,
-		"fortress": errors.New("never happen"),
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
-}
-
-func (*HousingSuite) TestOccupyMissing(c *gc.C) {
-	manifold := util.Housing{
-		Occupy: "fortress",
-	}.Decorate(dependency.Manifold{})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"fortress": dependency.ErrMissing,
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
-}
-
-func (*HousingSuite) TestOccupyBadType(c *gc.C) {
-	manifold := util.Housing{
-		Occupy: "fortress",
-	}.Decorate(dependency.Manifold{})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"fortress": false,
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.ErrorMatches, "cannot set false into .*")
-}
-
-func (*HousingSuite) TestOccupyLocked(c *gc.C) {
-	manifold := util.Housing{
-		Occupy: "fortress",
-	}.Decorate(dependency.Manifold{})
-	abort := make(chan struct{})
-	context := dt.StubContext(abort, map[string]interface{}{
-		"fortress": newGuest(false),
-	})
-
-	// start the start func
-	started := make(chan struct{})
-	go func() {
-		defer close(started)
-		worker, err := manifold.Start(context)
-		c.Check(worker, gc.IsNil)
-		c.Check(errors.Cause(err), gc.Equals, fortress.ErrAborted)
-	}()
-
-	// check it's blocked...
-	select {
-	case <-time.After(coretesting.ShortWait):
-	case <-started:
-		c.Errorf("Start finished early")
-	}
-
-	// ...until the context is aborted.
-	close(abort)
-	select {
-	case <-started:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timed out")
-	}
-}
-
-func (*HousingSuite) TestOccupySuccess(c *gc.C) {
-	expectWorker := workertest.NewErrorWorker(errors.New("ignored"))
-	defer workertest.DirtyKill(c, expectWorker)
-	manifold := util.Housing{
-		Occupy: "fortress",
-	}.Decorate(dependency.Manifold{
-		Start: func(dependency.Context) (worker.Worker, error) {
-			return expectWorker, nil
-		},
-	})
-	guest := newGuest(true)
-	context := dt.StubContext(nil, map[string]interface{}{
-		"fortress": guest,
-	})
-
-	// wait for the start func to complete
-	started := make(chan struct{})
-	go func() {
-		defer close(started)
-		worker, err := manifold.Start(context)
-		c.Check(worker, gc.Equals, expectWorker)
-		c.Check(err, jc.ErrorIsNil)
-	}()
-	select {
-	case <-started:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timed out")
-	}
-
-	// check the worker's alive
-	workertest.CheckAlive(c, expectWorker)
-
-	// check the visit keeps running...
-	select {
-	case <-time.After(coretesting.ShortWait):
-	case <-guest.done:
-		c.Fatalf("visit finished early")
-	}
-
-	// ...until the worker stops
-	expectWorker.Kill()
-	select {
-	case <-guest.done:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timed out")
-	}
-}
-
-func newGuest(unlocked bool) guest {
-	return guest{
-		unlocked: unlocked,
-		done:     make(chan struct{}),
-	}
-}
-
-// guest implements fortress.Guest.
-type guest struct {
-	unlocked bool
-	done     chan struct{}
-}
-
-// Visit is part of the fortress.Guest interface.
-func (guest guest) Visit(visit fortress.Visit, abort fortress.Abort) error {
-	defer close(guest.done)
-	if guest.unlocked {
-		return visit()
-	}
-	<-abort
-	return fortress.ErrAborted
-}
-
-// flag implements util.Flag.
-type flag struct {
-	value bool
-}
-
-// Check is part of the util.Flag interface.
-func (flag flag) Check() bool {
-	return flag.value
-}
-
-func panicStart(dependency.Context) (worker.Worker, error) {
-	panic("panicStart")
-}
-
-func panicOutput(worker.Worker, interface{}) error {
-	panic("panicOutput")
-}
-
-func panicFilter(error) error {
-	panic("panicFilter")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,70 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util
-
-import (
-	"reflect"
-
-	"github.com/juju/errors"
-	"launchpad.net/tomb"
-
-	"github.com/juju/juju/worker"
-)
-
-// NewValueWorker returns a degenerate worker that exposes the supplied value
-// when passed into ValueWorkerOutput. Please do not supply values that have
-// their own dependency or lifecycle considerations; such values will subvert
-// the operation of any containing dependency.Engine by insulating it from the
-// failures and dependency changes of the contained value.
-func NewValueWorker(value interface{}) (worker.Worker, error) {
-	if value == nil {
-		return nil, errors.New("NewValueWorker expects a value")
-	}
-	w := &valueWorker{
-		value: value,
-	}
-	go func() {
-		defer w.tomb.Done()
-		<-w.tomb.Dying()
-	}()
-	return w, nil
-}
-
-// ValueWorkerOutput sets the value wrapped by the supplied valueWorker into
-// the out pointer, if type-compatible, or fails.
-func ValueWorkerOutput(in worker.Worker, out interface{}) error {
-	inWorker, _ := in.(*valueWorker)
-	if inWorker == nil {
-		return errors.Errorf("in should be a *valueWorker; is %#v", in)
-	}
-	outV := reflect.ValueOf(out)
-	if outV.Kind() != reflect.Ptr {
-		return errors.Errorf("out should be a pointer; is %#v", out)
-	}
-	outValV := outV.Elem()
-	outValT := outValV.Type()
-	inValV := reflect.ValueOf(inWorker.value)
-	inValT := inValV.Type()
-	if !inValT.ConvertibleTo(outValT) {
-		return errors.Errorf("cannot output into %T", out)
-	}
-	outValV.Set(inValV.Convert(outValT))
-	return nil
-}
-
-// valueWorker implements a degenerate worker wrapping a single value.
-type valueWorker struct {
-	tomb  tomb.Tomb
-	value interface{}
-}
-
-// Kill is part of the worker.Worker interface.
-func (v *valueWorker) Kill() {
-	v.tomb.Kill(nil)
-}
-
-// Wait is part of the worker.Worker interface.
-func (v *valueWorker) Wait() error {
-	return v.tomb.Wait()
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util/valueworker_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,82 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package util_test
-
-import (
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-)
-
-type ValueWorkerSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&ValueWorkerSuite{})
-
-func (s *ValueWorkerSuite) TestNewValueWorker_Success(c *gc.C) {
-	w, err := util.NewValueWorker("cheese")
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = worker.Stop(w)
-	c.Check(err, jc.ErrorIsNil)
-}
-
-func (s *ValueWorkerSuite) TestNewValueWorker_NilValue(c *gc.C) {
-	w, err := util.NewValueWorker(nil)
-	c.Check(err, gc.ErrorMatches, "NewValueWorker expects a value")
-	c.Check(w, gc.IsNil)
-}
-
-func (s *ValueWorkerSuite) TestValueWorkerOutput_Success(c *gc.C) {
-	value := &testType{}
-	w, err := util.NewValueWorker(value)
-	c.Assert(err, jc.ErrorIsNil)
-
-	var outVal testInterface
-	err = util.ValueWorkerOutput(w, &outVal)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(outVal, gc.DeepEquals, value)
-}
-
-func (s *ValueWorkerSuite) TestValueWorkerOutput_BadInput(c *gc.C) {
-	var outVal testInterface
-	err := util.ValueWorkerOutput(&testType{}, &outVal)
-	c.Check(err, gc.ErrorMatches, "in should be a \\*valueWorker; is .*")
-	c.Check(outVal, gc.IsNil)
-}
-
-func (s *ValueWorkerSuite) TestValueWorkerOutput_BadOutputIndirection(c *gc.C) {
-	value := &testType{}
-	w, err := util.NewValueWorker(value)
-	c.Assert(err, jc.ErrorIsNil)
-
-	var outVal string
-	err = util.ValueWorkerOutput(w, outVal)
-	c.Check(err, gc.ErrorMatches, "out should be a pointer; is .*")
-	c.Check(outVal, gc.Equals, "")
-}
-
-func (s *ValueWorkerSuite) TestValueWorkerOutput_BadOutputType(c *gc.C) {
-	value := &testType{}
-	w, err := util.NewValueWorker(value)
-	c.Assert(err, jc.ErrorIsNil)
-
-	var outVal string
-	err = util.ValueWorkerOutput(w, &outVal)
-	c.Check(err, gc.ErrorMatches, "cannot output into \\*string")
-	c.Check(outVal, gc.Equals, "")
-}
-
-type testInterface interface {
-	worker.Worker
-	Foobar()
-}
-
-type testType struct {
-	testInterface
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/agent/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/agent/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,154 +4,532 @@
 package agent
 
 import (
+	"fmt"
+	"io/ioutil"
+	"path/filepath"
+	"reflect"
 	"sync"
+	"time"
 
-	"github.com/juju/errors"
+	"github.com/juju/cmd"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/arch"
+	"github.com/juju/utils/series"
 	"github.com/juju/utils/set"
+	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/names.v2"
 
-	"github.com/juju/juju/cmd/jujud/agent/model"
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/api"
+	apideployer "github.com/juju/juju/api/deployer"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
+	cmdutil "github.com/juju/juju/cmd/jujud/util"
+	"github.com/juju/juju/instance"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/mongo/mongotest"
+	"github.com/juju/juju/network"
+	"github.com/juju/juju/provider/dummy"
+	"github.com/juju/juju/service/upstart"
+	"github.com/juju/juju/state"
 	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/tools"
+	jujuversion "github.com/juju/juju/version"
 	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
+	"github.com/juju/juju/worker/authenticationworker"
+	"github.com/juju/juju/worker/deployer"
+	"github.com/juju/juju/worker/logsender"
+	"github.com/juju/juju/worker/singular"
 )
 
-var (
-	// These vars hold the per-model workers we expect to run in
-	// various circumstances. Note the absence of dyingModelWorkers:
-	// it's not a stable state, because it's responsible for making
-	// the model Dead via the undertaker, so it can't be waited for
-	// reliably.
-	alwaysModelWorkers = []string{
-		"agent",
-		"api-caller",
-		"api-config-watcher",
-		"clock",
-		"spaces-imported-gate",
-		"is-responsible-flag",
-		"not-alive-flag",
-		"not-dead-flag",
-	}
-	aliveModelWorkers = []string{
-		"charm-revision-updater",
-		"compute-provisioner",
-		"environ-tracker",
-		"firewaller",
-		"instance-poller",
-		"metric-worker",
-		"migration-fortress",
-		"migration-master",
-		"service-scaler",
-		"space-importer",
-		"state-cleaner",
-		"status-history-pruner",
-		"storage-provisioner",
-		"unit-assigner",
-	}
-	deadModelWorkers = []string{
-		"environ-tracker", "undertaker",
-	}
-
-	// ReallyLongTimeout should be long enough for the model-tracker
-	// tests that depend on a hosted model; its backing state is not
-	// accessible for StartSyncs, so we generally have to wait for at
-	// least two 5s ticks to pass, and should expect rare circumstances
-	// to take even longer.
-	ReallyLongWait = coretesting.LongWait * 3
+const (
+	initialMachinePassword = "machine-password-1234567890"
+	initialUnitPassword    = "unit-password-1234567890"
+	startWorkerWait        = 250 * time.Millisecond
 )
 
-// modelMatchFunc returns a func that will return whether the current
-// set of workers running for the supplied model matches those supplied;
-// and will log what it saw in some detail.
-func modelMatchFunc(c *gc.C, tracker *modelTracker, workers []string) func(string) bool {
-	expect := set.NewStrings(workers...)
-	return func(uuid string) bool {
-		actual := tracker.Workers(uuid)
-		c.Logf("\n%s: has workers %v", uuid, actual.SortedValues())
-		extras := actual.Difference(expect)
-		missed := expect.Difference(actual)
-		if len(extras) == 0 && len(missed) == 0 {
-			return true
-		}
-		c.Logf("%s: waiting for %v", uuid, missed.SortedValues())
-		c.Logf("%s: unexpected %v", uuid, extras.SortedValues())
-		return false
-	}
-}
-
-// newModelTracker creates a type whose Manifolds method can
-// be patched over modelManifolds, and whose Workers method
-// will tell you what workers are currently running stably
-// within the requested model's dependency engine.
-func newModelTracker(c *gc.C) *modelTracker {
-	return &modelTracker{
-		c:       c,
-		current: make(map[string]set.Strings),
-	}
-}
-
-type modelTracker struct {
-	c       *gc.C
-	mu      sync.Mutex
-	current map[string]set.Strings
-}
-
-func (tracker *modelTracker) Workers(model string) set.Strings {
-	tracker.mu.Lock()
-	defer tracker.mu.Unlock()
-	return tracker.current[model]
-}
-
-func (tracker *modelTracker) Manifolds(config model.ManifoldsConfig) dependency.Manifolds {
-	const trackerName = "TEST-TRACKER"
-	raw := model.Manifolds(config)
-	uuid := config.Agent.CurrentConfig().Model().Id()
-
-	names := make([]string, 0, len(raw))
-	for name := range raw {
-		if name == trackerName {
-			tracker.c.Errorf("manifold tracker used repeatedly")
-			return raw
-		} else {
-			names = append(names, name)
-		}
-	}
-
-	tracker.mu.Lock()
-	defer tracker.mu.Unlock()
-	if _, exists := tracker.current[uuid]; exists {
-		tracker.c.Errorf("model %s started repeatedly", uuid)
-		return raw
-	}
-
-	raw[trackerName] = tracker.manifold(uuid, names)
-	return raw
-}
-
-func (tracker *modelTracker) manifold(uuid string, names []string) dependency.Manifold {
-	return dependency.Manifold{
-		Inputs: names,
-		Start: func(context dependency.Context) (worker.Worker, error) {
-			seen := set.NewStrings()
-			for _, name := range names {
-				err := context.Get(name, nil)
-				if errors.Cause(err) == dependency.ErrMissing {
-					continue
-				}
-				if tracker.c.Check(err, jc.ErrorIsNil) {
-					seen.Add(name)
+var fastDialOpts = api.DialOpts{
+	Timeout:    coretesting.LongWait,
+	RetryDelay: coretesting.ShortWait,
+}
+
+type commonMachineSuite struct {
+	singularRecord  *singularRunnerRecord
+	fakeEnsureMongo *agenttest.FakeEnsureMongo
+	AgentSuite
+}
+
+func (s *commonMachineSuite) SetUpSuite(c *gc.C) {
+	s.AgentSuite.SetUpSuite(c)
+	s.AgentSuite.PatchValue(&jujuversion.Current, coretesting.FakeVersionNumber)
+	s.AgentSuite.PatchValue(&stateWorkerDialOpts, mongotest.DialOpts())
+}
+
+func (s *commonMachineSuite) TearDownSuite(c *gc.C) {
+	s.AgentSuite.TearDownSuite(c)
+}
+
+func (s *commonMachineSuite) SetUpTest(c *gc.C) {
+	s.AgentSuite.SetUpTest(c)
+	s.AgentSuite.PatchValue(&charmrepo.CacheDir, c.MkDir())
+
+	// Patch ssh user to avoid touching ~ubuntu/.ssh/authorized_keys.
+	s.AgentSuite.PatchValue(&authenticationworker.SSHUser, "")
+
+	testpath := c.MkDir()
+	s.AgentSuite.PatchEnvPathPrepend(testpath)
+	// mock out the start method so we can fake install services without sudo
+	fakeCmd(filepath.Join(testpath, "start"))
+	fakeCmd(filepath.Join(testpath, "stop"))
+
+	s.AgentSuite.PatchValue(&upstart.InitDir, c.MkDir())
+
+	s.singularRecord = newSingularRunnerRecord()
+	s.AgentSuite.PatchValue(&newSingularRunner, s.singularRecord.newSingularRunner)
+	s.AgentSuite.PatchValue(&peergrouperNew, func(st *state.State) (worker.Worker, error) {
+		return newDummyWorker(), nil
+	})
+
+	s.fakeEnsureMongo = agenttest.InstallFakeEnsureMongo(s)
+}
+
+func (s *commonMachineSuite) assertChannelActive(c *gc.C, aChannel chan struct{}, intent string) {
+	// Wait for channel to be active.
+	select {
+	case <-aChannel:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("timeout while waiting for %v", intent)
+	}
+}
+
+func (s *commonMachineSuite) assertChannelInactive(c *gc.C, aChannel chan struct{}, intent string) {
+	// Now make sure the channel is not active.
+	select {
+	case <-aChannel:
+		c.Fatalf("%v unexpectedly", intent)
+	case <-time.After(startWorkerWait):
+	}
+}
+
+func fakeCmd(path string) {
+	err := ioutil.WriteFile(path, []byte("#!/bin/bash --norc\nexit 0"), 0755)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func (s *commonMachineSuite) TearDownTest(c *gc.C) {
+	s.AgentSuite.TearDownTest(c)
+}
+
+// primeAgent adds a new Machine to run the given jobs, and sets up the
+// machine agent's directory.  It returns the new machine, the
+// agent's configuration and the tools currently running.
+func (s *commonMachineSuite) primeAgent(c *gc.C, jobs ...state.MachineJob) (m *state.Machine, agentConfig agent.ConfigSetterWriter, tools *tools.Tools) {
+	vers := version.Binary{
+		Number: jujuversion.Current,
+		Arch:   arch.HostArch(),
+		Series: series.HostSeries(),
+	}
+	return s.primeAgentVersion(c, vers, jobs...)
+}
+
+// primeAgentVersion is similar to primeAgent, but permits the
+// caller to specify the version.Binary to prime with.
+func (s *commonMachineSuite) primeAgentVersion(c *gc.C, vers version.Binary, jobs ...state.MachineJob) (m *state.Machine, agentConfig agent.ConfigSetterWriter, tools *tools.Tools) {
+	m, err := s.State.AddMachine("quantal", jobs...)
+	c.Assert(err, jc.ErrorIsNil)
+	return s.primeAgentWithMachine(c, m, vers)
+}
+
+func (s *commonMachineSuite) primeAgentWithMachine(c *gc.C, m *state.Machine, vers version.Binary) (*state.Machine, agent.ConfigSetterWriter, *tools.Tools) {
+	pinger, err := m.SetAgentPresence()
+	c.Assert(err, jc.ErrorIsNil)
+	s.AddCleanup(func(c *gc.C) {
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
+	})
+	return s.configureMachine(c, m.Id(), vers)
+}
+
+func (s *commonMachineSuite) configureMachine(c *gc.C, machineId string, vers version.Binary) (
+	machine *state.Machine, agentConfig agent.ConfigSetterWriter, tools *tools.Tools,
+) {
+	m, err := s.State.Machine(machineId)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Add a machine and ensure it is provisioned.
+	inst, md := jujutesting.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), machineId)
+	c.Assert(m.SetProvisioned(inst.Id(), agent.BootstrapNonce, md), jc.ErrorIsNil)
+
+	// Add an address for the tests in case the initiateMongoServer
+	// codepath is exercised.
+	s.setFakeMachineAddresses(c, m)
+
+	// Set up the new machine.
+	err = m.SetAgentVersion(vers)
+	c.Assert(err, jc.ErrorIsNil)
+	err = m.SetPassword(initialMachinePassword)
+	c.Assert(err, jc.ErrorIsNil)
+	tag := m.Tag()
+	if m.IsManager() {
+		err = m.SetMongoPassword(initialMachinePassword)
+		c.Assert(err, jc.ErrorIsNil)
+		agentConfig, tools = s.PrimeStateAgentVersion(c, tag, initialMachinePassword, vers)
+		info, ok := agentConfig.StateServingInfo()
+		c.Assert(ok, jc.IsTrue)
+		ssi := cmdutil.ParamsStateServingInfoToStateStateServingInfo(info)
+		err = s.State.SetStateServingInfo(ssi)
+		c.Assert(err, jc.ErrorIsNil)
+	} else {
+		agentConfig, tools = s.PrimeAgentVersion(c, tag, initialMachinePassword, vers)
+	}
+	err = agentConfig.Write()
+	c.Assert(err, jc.ErrorIsNil)
+	return m, agentConfig, tools
+}
+
+func NewTestMachineAgentFactory(
+	agentConfWriter AgentConfigWriter,
+	bufferedLogs logsender.LogRecordCh,
+	rootDir string,
+) func(string) *MachineAgent {
+	return func(machineId string) *MachineAgent {
+		return NewMachineAgent(
+			machineId,
+			agentConfWriter,
+			bufferedLogs,
+			worker.NewRunner(cmdutil.IsFatal, cmdutil.MoreImportant, worker.RestartDelay),
+			&mockLoopDeviceManager{},
+			rootDir,
+		)
+	}
+}
+
+// newAgent returns a new MachineAgent instance
+func (s *commonMachineSuite) newAgent(c *gc.C, m *state.Machine) *MachineAgent {
+	agentConf := agentConf{dataDir: s.DataDir()}
+	agentConf.ReadConfig(names.NewMachineTag(m.Id()).String())
+	machineAgentFactory := NewTestMachineAgentFactory(&agentConf, nil, c.MkDir())
+	return machineAgentFactory(m.Id())
+}
+
+func patchDeployContext(c *gc.C, st *state.State) (*fakeContext, func()) {
+	ctx := &fakeContext{
+		inited:   newSignal(),
+		deployed: make(set.Strings),
+	}
+	orig := newDeployContext
+	newDeployContext = func(dst *apideployer.State, agentConfig agent.Config) deployer.Context {
+		ctx.st = st
+		ctx.agentConfig = agentConfig
+		ctx.inited.trigger()
+		return ctx
+	}
+	return ctx, func() { newDeployContext = orig }
+}
+
+func (s *commonMachineSuite) setFakeMachineAddresses(c *gc.C, machine *state.Machine) {
+	addrs := network.NewAddresses("0.1.2.3")
+	err := machine.SetProviderAddresses(addrs...)
+	c.Assert(err, jc.ErrorIsNil)
+	// Set the addresses in the environ instance as well so that if the instance poller
+	// runs it won't overwrite them.
+	instId, err := machine.InstanceId()
+	c.Assert(err, jc.ErrorIsNil)
+	insts, err := s.Environ.Instances([]instance.Id{instId})
+	c.Assert(err, jc.ErrorIsNil)
+	dummy.SetInstanceAddresses(insts[0], addrs)
+}
+
+// opRecvTimeout waits for any of the given kinds of operation to
+// be received from ops, and times out if not.
+func opRecvTimeout(c *gc.C, st *state.State, opc <-chan dummy.Operation, kinds ...dummy.Operation) dummy.Operation {
+	st.StartSync()
+	timeout := time.After(coretesting.LongWait)
+	for {
+		select {
+		case op := <-opc:
+			for _, k := range kinds {
+				if reflect.TypeOf(op) == reflect.TypeOf(k) {
+					return op
 				}
 			}
-			select {
-			case <-context.Abort():
-				// don't bother to report if it's about to change
-			default:
-				tracker.mu.Lock()
-				defer tracker.mu.Unlock()
-				tracker.current[uuid] = seen
+			c.Logf("discarding unknown event %#v", op)
+		case <-time.After(coretesting.ShortWait):
+			st.StartSync()
+		case <-timeout:
+			c.Fatalf("time out wating for operation")
+		}
+	}
+}
+
+type mockAgentConfig struct {
+	agent.Config
+	providerType string
+	tag          names.Tag
+}
+
+func (m *mockAgentConfig) Tag() names.Tag {
+	return m.tag
+}
+
+func (m *mockAgentConfig) Value(key string) string {
+	if key == agent.ProviderType {
+		return m.providerType
+	}
+	return ""
+}
+
+type singularRunnerRecord struct {
+	runnerC chan *fakeSingularRunner
+}
+
+func newSingularRunnerRecord() *singularRunnerRecord {
+	return &singularRunnerRecord{
+		runnerC: make(chan *fakeSingularRunner, 64),
+	}
+}
+
+func (r *singularRunnerRecord) newSingularRunner(runner worker.Runner, conn singular.Conn) (worker.Runner, error) {
+	sr, err := singular.New(runner, conn)
+	if err != nil {
+		return nil, err
+	}
+	fakeRunner := &fakeSingularRunner{
+		Runner: sr,
+		startC: make(chan string, 64),
+	}
+	r.runnerC <- fakeRunner
+	return fakeRunner, nil
+}
+
+// nextRunner blocks until a new singular runner is created.
+func (r *singularRunnerRecord) nextRunner(c *gc.C) *fakeSingularRunner {
+	timeout := time.After(coretesting.LongWait)
+	for {
+		select {
+		case r := <-r.runnerC:
+			return r
+		case <-timeout:
+			c.Fatal("timed out waiting for singular runner to be created")
+		}
+	}
+}
+
+type fakeSingularRunner struct {
+	worker.Runner
+	startC chan string
+}
+
+func (r *fakeSingularRunner) StartWorker(name string, start func() (worker.Worker, error)) error {
+	logger.Infof("starting fake worker %q", name)
+	r.startC <- name
+	return r.Runner.StartWorker(name, start)
+}
+
+// waitForWorker waits for a given worker to be started, returning all
+// workers started while waiting.
+func (r *fakeSingularRunner) waitForWorker(c *gc.C, target string) []string {
+	var seen []string
+	timeout := time.After(coretesting.LongWait)
+	for {
+		select {
+		case <-time.After(coretesting.ShortWait):
+			c.Logf("still waiting for %q; workers seen so far: %+v", target, seen)
+		case workerName := <-r.startC:
+			seen = append(seen, workerName)
+			if workerName == target {
+				c.Logf("target worker %q started; workers seen so far: %+v", workerName, seen)
+				return seen
+			}
+			c.Logf("worker %q started; still waiting for %q; workers seen so far: %+v", workerName, target, seen)
+		case <-timeout:
+			c.Fatal("timed out waiting for " + target)
+		}
+	}
+}
+
+// waitForWorkers waits for a given worker to be started, returning all
+// workers started while waiting.
+func (r *fakeSingularRunner) waitForWorkers(c *gc.C, targets []string) []string {
+	var seen []string
+	seenTargets := make(map[string]bool)
+	numSeenTargets := 0
+	timeout := time.After(coretesting.LongWait)
+	for {
+		select {
+		case workerName := <-r.startC:
+			c.Logf("worker %q started; workers seen so far: %+v (len: %d, len(targets): %d)", workerName, seen, len(seen), len(targets))
+			if seenTargets[workerName] == true {
+				c.Fatal("worker started twice: " + workerName)
 			}
-			return nil, dependency.ErrMissing
-		},
+			seenTargets[workerName] = true
+			numSeenTargets++
+			seen = append(seen, workerName)
+			if numSeenTargets == len(targets) {
+				c.Logf("all expected target workers started: %+v", seen)
+				return seen
+			}
+			c.Logf("still waiting for workers %+v to start; numSeenTargets=%d", targets, numSeenTargets)
+		case <-timeout:
+			c.Fatalf("timed out waiting for %v", targets)
+		}
+	}
+}
+
+type mockMetricAPI struct {
+	stop          chan struct{}
+	cleanUpCalled chan struct{}
+	sendCalled    chan struct{}
+}
+
+func newMockMetricAPI() *mockMetricAPI {
+	return &mockMetricAPI{
+		stop:          make(chan struct{}),
+		cleanUpCalled: make(chan struct{}),
+		sendCalled:    make(chan struct{}),
+	}
+}
+
+func (m *mockMetricAPI) CleanupOldMetrics() error {
+	go func() {
+		select {
+		case m.cleanUpCalled <- struct{}{}:
+		case <-m.stop:
+			break
+		}
+	}()
+	return nil
+}
+
+func (m *mockMetricAPI) SendMetrics() error {
+	go func() {
+		select {
+		case m.sendCalled <- struct{}{}:
+		case <-m.stop:
+			break
+		}
+	}()
+	return nil
+}
+
+func (m *mockMetricAPI) SendCalled() <-chan struct{} {
+	return m.sendCalled
+}
+
+func (m *mockMetricAPI) CleanupCalled() <-chan struct{} {
+	return m.cleanUpCalled
+}
+
+func (m *mockMetricAPI) Stop() {
+	close(m.stop)
+}
+
+type mockLoopDeviceManager struct {
+	detachLoopDevicesArgRootfs string
+	detachLoopDevicesArgPrefix string
+}
+
+func (m *mockLoopDeviceManager) DetachLoopDevices(rootfs, prefix string) error {
+	m.detachLoopDevicesArgRootfs = rootfs
+	m.detachLoopDevicesArgPrefix = prefix
+	return nil
+}
+
+func newSignal() *signal {
+	return &signal{ch: make(chan struct{})}
+}
+
+type signal struct {
+	mu sync.Mutex
+	ch chan struct{}
+}
+
+func (s *signal) triggered() <-chan struct{} {
+	return s.ch
+}
+
+func (s *signal) assertTriggered(c *gc.C, thing string) {
+	select {
+	case <-s.triggered():
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("timed out waiting for " + thing)
+	}
+}
+
+func (s *signal) assertNotTriggered(c *gc.C, wait time.Duration, thing string) {
+	select {
+	case <-s.triggered():
+		c.Fatalf("%v unexpectedly", thing)
+	case <-time.After(wait):
+	}
+}
+
+func (s *signal) trigger() {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	select {
+	case <-s.ch:
+		// Already closed.
+	default:
+		close(s.ch)
+	}
+}
+
+type runner interface {
+	Run(*cmd.Context) error
+	Stop() error
+}
+
+// runWithTimeout runs an agent and waits
+// for it to complete within a reasonable time.
+func runWithTimeout(r runner) error {
+	done := make(chan error)
+	go func() {
+		done <- r.Run(nil)
+	}()
+	select {
+	case err := <-done:
+		return err
+	case <-time.After(coretesting.LongWait):
 	}
+	err := r.Stop()
+	return fmt.Errorf("timed out waiting for agent to finish; stop error: %v", err)
+}
+
+func newDummyWorker() worker.Worker {
+	return worker.NewSimpleWorker(func(stop <-chan struct{}) error {
+		<-stop
+		return nil
+	})
+}
+
+type FakeConfig struct {
+	agent.ConfigSetter
+}
+
+func (FakeConfig) LogDir() string {
+	return filepath.FromSlash("/var/log/juju/")
+}
+
+func (FakeConfig) Tag() names.Tag {
+	return names.NewMachineTag("42")
 }
+
+type FakeAgentConfig struct {
+	AgentConf
+}
+
+func (FakeAgentConfig) ReadConfig(string) error { return nil }
+
+func (FakeAgentConfig) CurrentConfig() agent.Config {
+	return FakeConfig{}
+}
+
+func (FakeAgentConfig) ChangeConfig(mutate agent.ConfigMutator) error {
+	return mutate(FakeConfig{})
+}
+
+func (FakeAgentConfig) CheckArgs([]string) error { return nil }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/bootstrap.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/bootstrap.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/bootstrap.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/bootstrap.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,6 @@
 
 import (
 	"bytes"
-	"encoding/base64"
 	"fmt"
 	"io/ioutil"
 	"net"
@@ -17,21 +16,19 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
-	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/utils/ssh"
 	"github.com/juju/version"
-	goyaml "gopkg.in/yaml.v2"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/agent/agentbootstrap"
 	agenttools "github.com/juju/juju/agent/tools"
+	"github.com/juju/juju/cloudconfig/instancecfg"
 	agentcmd "github.com/juju/juju/cmd/jujud/agent"
 	cmdutil "github.com/juju/juju/cmd/jujud/util"
-	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/imagemetadata"
@@ -44,7 +41,6 @@
 	"github.com/juju/juju/state/binarystorage"
 	"github.com/juju/juju/state/cloudimagemetadata"
 	"github.com/juju/juju/state/multiwatcher"
-	"github.com/juju/juju/state/storage"
 	"github.com/juju/juju/storage/poolmanager"
 	"github.com/juju/juju/tools"
 	jujuversion "github.com/juju/juju/version"
@@ -55,23 +51,18 @@
 	initiateMongoServer  = peergrouper.InitiateMongoServer
 	agentInitializeState = agentbootstrap.InitializeState
 	sshGenerateKey       = ssh.GenerateKey
-	newStateStorage      = storage.NewStorage
 	minSocketTimeout     = 1 * time.Minute
 	logger               = loggo.GetLogger("juju.cmd.jujud")
 )
 
+const adminUserName = "admin"
+
 // BootstrapCommand represents a jujud bootstrap command.
 type BootstrapCommand struct {
 	cmd.CommandBase
 	agentcmd.AgentConf
-	ControllerModelConfig map[string]interface{}
-	HostedModelConfig     map[string]interface{}
-	BootstrapConstraints  constraints.Value
-	ModelConstraints      constraints.Value
-	Hardware              instance.HardwareCharacteristics
-	InstanceId            string
-	AdminUsername         string
-	ImageMetadataDir      string
+	BootstrapParamsFile string
+	Timeout             time.Duration
 }
 
 // NewBootstrapCommand returns a new BootstrapCommand that has been initialized.
@@ -92,45 +83,37 @@
 // SetFlags adds the flags for this command to the passed gnuflag.FlagSet.
 func (c *BootstrapCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.AgentConf.AddFlags(f)
-	yamlBase64Var(f, &c.ControllerModelConfig, "model-config", "", "controller model configuration (yaml, base64 encoded)")
-	yamlBase64Var(f, &c.HostedModelConfig, "hosted-model-config", "", "initial hosted model configuration (yaml, base64 encoded)")
-	f.Var(constraints.ConstraintsValue{Target: &c.BootstrapConstraints}, "bootstrap-constraints", "bootstrap machine constraints (space-separated strings)")
-	f.Var(constraints.ConstraintsValue{Target: &c.ModelConstraints}, "constraints", "initial constraints (space-separated strings)")
-	f.Var(&c.Hardware, "hardware", "hardware characteristics (space-separated strings)")
-	f.StringVar(&c.InstanceId, "instance-id", "", "unique instance-id for bootstrap machine")
-	f.StringVar(&c.AdminUsername, "admin-user", "admin", "set the name for the juju admin user")
-	f.StringVar(&c.ImageMetadataDir, "image-metadata", "", "custom image metadata source dir")
+	f.DurationVar(&c.Timeout, "timeout", time.Duration(0), "set the bootstrap timeout")
 }
 
 // Init initializes the command for running.
 func (c *BootstrapCommand) Init(args []string) error {
-	if len(c.ControllerModelConfig) == 0 {
-		return cmdutil.RequiredError("model-config")
-	}
-	if len(c.HostedModelConfig) == 0 {
-		return cmdutil.RequiredError("hosted-model-config")
+	if len(args) == 0 {
+		return errors.New("bootstrap-params file must be specified")
 	}
-	if c.InstanceId == "" {
-		return cmdutil.RequiredError("instance-id")
-	}
-	if !names.IsValidUser(c.AdminUsername) {
-		return errors.Errorf("%q is not a valid username", c.AdminUsername)
+	if err := cmd.CheckEmpty(args[1:]); err != nil {
+		return err
 	}
-	return c.AgentConf.CheckArgs(args)
+	c.BootstrapParamsFile = args[0]
+	return c.AgentConf.CheckArgs(args[1:])
 }
 
 // Run initializes state for an environment.
 func (c *BootstrapCommand) Run(_ *cmd.Context) error {
-	envCfg, err := config.New(config.NoDefaults, c.ControllerModelConfig)
+	bootstrapParamsData, err := ioutil.ReadFile(c.BootstrapParamsFile)
 	if err != nil {
-		return err
+		return errors.Annotate(err, "reading bootstrap params file")
+	}
+	var args instancecfg.StateInitializationParams
+	if err := args.Unmarshal(bootstrapParamsData); err != nil {
+		return errors.Trace(err)
 	}
+
 	err = c.ReadConfig("machine-0")
 	if err != nil {
 		return err
 	}
 	agentConfig := c.CurrentConfig()
-	network.SetPreferIPv6(agentConfig.PreferIPv6())
 
 	// agent.Jobs is an optional field in the agent config, and was
 	// introduced after 1.17.2. We default to allowing units on
@@ -140,12 +123,11 @@
 		jobs = []multiwatcher.MachineJob{
 			multiwatcher.JobManageModel,
 			multiwatcher.JobHostUnits,
-			multiwatcher.JobManageNetworking,
 		}
 	}
 
 	// Get the bootstrap machine's addresses from the provider.
-	env, err := environs.New(envCfg)
+	env, err := environs.New(args.ControllerModelConfig)
 	if err != nil {
 		return err
 	}
@@ -153,11 +135,11 @@
 
 	// Check to see if a newer agent version has been requested
 	// by the bootstrap client.
-	desiredVersion, ok := envCfg.AgentVersion()
+	desiredVersion, ok := args.ControllerModelConfig.AgentVersion()
 	if ok && desiredVersion != jujuversion.Current {
 		// If we have been asked for a newer version, ensure the newer
 		// tools can actually be found, or else bootstrap won't complete.
-		stream := envtools.PreferredStream(&desiredVersion, envCfg.Development(), envCfg.AgentStream())
+		stream := envtools.PreferredStream(&desiredVersion, args.ControllerModelConfig.Development(), args.ControllerModelConfig.AgentStream())
 		logger.Infof("newer tools requested, looking for %v in stream %v", desiredVersion, stream)
 		filter := tools.Filter{
 			Number: desiredVersion,
@@ -179,8 +161,7 @@
 		}
 	}
 
-	instanceId := instance.Id(c.InstanceId)
-	instances, err := env.Instances([]instance.Id{instanceId})
+	instances, err := env.Instances([]instance.Id{args.BootstrapMachineInstanceId})
 	if err != nil {
 		return err
 	}
@@ -203,8 +184,8 @@
 	if err != nil {
 		return errors.Annotate(err, "failed to generate system key")
 	}
-	authorizedKeys := config.ConcatAuthKeys(envCfg.AuthorizedKeys(), publicKey)
-	newConfigAttrs[config.AuthKeysConfig] = authorizedKeys
+	authorizedKeys := config.ConcatAuthKeys(args.ControllerModelConfig.AuthorizedKeys(), publicKey)
+	newConfigAttrs[config.AuthorizedKeysKey] = authorizedKeys
 
 	// Generate a shared secret for the Mongo replica set, and write it out.
 	sharedSecret, err := mongo.GenerateSharedSecret()
@@ -236,12 +217,13 @@
 		return err
 	}
 
-	logger.Infof("started mongo")
-	// Initialise state, and store any agent config (e.g. password) changes.
-	envCfg, err = env.Config().Apply(newConfigAttrs)
+	controllerModelCfg, err := env.Config().Apply(newConfigAttrs)
 	if err != nil {
 		return errors.Annotate(err, "failed to update model config")
 	}
+	args.ControllerModelConfig = controllerModelCfg
+
+	// Initialise state, and store any agent config (e.g. password) changes.
 	var st *state.State
 	var m *state.Machine
 	err = c.ChangeConfig(func(agentConfig agent.ConfigSetter) error {
@@ -251,8 +233,7 @@
 		// Set a longer socket timeout than usual, as the machine
 		// will be starting up and disk I/O slower than usual. This
 		// has been known to cause timeouts in queries.
-		timeouts := envCfg.BootstrapSSHOpts()
-		dialOpts.SocketTimeout = timeouts.Timeout
+		dialOpts.SocketTimeout = c.Timeout
 		if dialOpts.SocketTimeout < minSocketTimeout {
 			dialOpts.SocketTimeout = minSocketTimeout
 		}
@@ -260,19 +241,12 @@
 		// We shouldn't attempt to dial peers until we have some.
 		dialOpts.Direct = true
 
-		adminTag := names.NewLocalUserTag(c.AdminUsername)
+		adminTag := names.NewLocalUserTag(adminUserName)
 		st, m, stateErr = agentInitializeState(
 			adminTag,
 			agentConfig,
-			envCfg, c.HostedModelConfig,
-			agentbootstrap.BootstrapMachineConfig{
-				Addresses:            addrs,
-				BootstrapConstraints: c.BootstrapConstraints,
-				ModelConstraints:     c.ModelConstraints,
-				Jobs:                 jobs,
-				InstanceId:           instanceId,
-				Characteristics:      c.Hardware,
-				SharedSecret:         sharedSecret,
+			agentbootstrap.InitializeStateParams{
+				args, addrs, jobs, sharedSecret,
 			},
 			dialOpts,
 			environs.NewStatePolicy(),
@@ -298,13 +272,8 @@
 	}
 
 	// Add custom image metadata to environment storage.
-	if c.ImageMetadataDir != "" {
-		if err := c.saveCustomImageMetadata(st, env); err != nil {
-			return err
-		}
-
-		stor := newStateStorage(st.ModelUUID(), st.MongoSession())
-		if err := c.storeCustomImageMetadata(stor); err != nil {
+	if len(args.CustomImageMetadata) > 0 {
+		if err := c.saveCustomImageMetadata(st, args.CustomImageMetadata); err != nil {
 			return err
 		}
 	}
@@ -328,8 +297,8 @@
 	// When bootstrapping, we need to allow enough time for mongo
 	// to start as there's no retry loop in place.
 	// 5 minutes should suffice.
-	bootstrapDialOpts := mongo.DialOpts{Timeout: 5 * time.Minute}
-	dialInfo, err := mongo.DialInfo(info.Info, bootstrapDialOpts)
+	mongoDialOpts := mongo.DialOpts{Timeout: 5 * time.Minute}
+	dialInfo, err := mongo.DialInfo(info.Info, mongoDialOpts)
 	if err != nil {
 		return err
 	}
@@ -360,10 +329,14 @@
 	}
 	peerHostPort := net.JoinHostPort(peerAddr, fmt.Sprint(servingInfo.StatePort))
 
-	return initiateMongoServer(peergrouper.InitiateMongoParams{
+	if err := initiateMongoServer(peergrouper.InitiateMongoParams{
 		DialInfo:       dialInfo,
 		MemberHostPort: peerHostPort,
-	})
+	}); err != nil {
+		return err
+	}
+	logger.Infof("started mongo")
+	return nil
 }
 
 // populateDefaultStoragePools creates the default storage pools.
@@ -466,66 +439,13 @@
 	return nil
 }
 
-// storeCustomImageMetadata reads the custom image metadata from disk,
-// and stores the files in environment storage with the same relative
-// paths.
-func (c *BootstrapCommand) storeCustomImageMetadata(stor storage.Storage) error {
-	logger.Debugf("storing custom image metadata from %q", c.ImageMetadataDir)
-	return filepath.Walk(c.ImageMetadataDir, func(abspath string, info os.FileInfo, err error) error {
-		if err != nil {
-			return err
-		}
-		if !info.Mode().IsRegular() {
-			return nil
-		}
-		relpath, err := filepath.Rel(c.ImageMetadataDir, abspath)
-		if err != nil {
-			return err
-		}
-		f, err := os.Open(abspath)
-		if err != nil {
-			return err
-		}
-		defer f.Close()
-		relpath = filepath.ToSlash(relpath)
-		logger.Debugf("storing %q in model storage (%d bytes)", relpath, info.Size())
-		return stor.Put(relpath, f, info.Size())
-	})
-}
-
 // Override for testing.
 var seriesFromVersion = series.VersionSeries
 
-// saveCustomImageMetadata reads the custom image metadata from disk,
-// and saves it in controller.
-func (c *BootstrapCommand) saveCustomImageMetadata(st *state.State, env environs.Environ) error {
-	logger.Debugf("saving custom image metadata from %q", c.ImageMetadataDir)
-	baseURL := fmt.Sprintf("file://%s", filepath.ToSlash(c.ImageMetadataDir))
-	publicKey, _ := simplestreams.UserPublicSigningKey()
-	datasource := simplestreams.NewURLSignedDataSource("custom", baseURL, publicKey, utils.NoVerifySSLHostnames, simplestreams.CUSTOM_CLOUD_DATA, false)
-	return storeImageMetadataFromFiles(st, env, datasource)
-}
-
-// storeImageMetadataFromFiles puts image metadata found in sources into state.
-// Declared as var to facilitate tests.
-var storeImageMetadataFromFiles = func(st *state.State, env environs.Environ, source simplestreams.DataSource) error {
-	// Read the image metadata, as we'll want to upload it to the environment.
-	imageConstraint := imagemetadata.NewImageConstraint(simplestreams.LookupParams{})
-	if inst, ok := env.(simplestreams.HasRegion); ok {
-		// If we can determine current region,
-		// we want only metadata specific to this region.
-		cloud, err := inst.Region()
-		if err != nil {
-			return err
-		}
-		imageConstraint.CloudSpec = cloud
-	}
-
-	existingMetadata, info, err := imagemetadata.Fetch([]simplestreams.DataSource{source}, imageConstraint)
-	if err != nil && !errors.IsNotFound(err) {
-		return errors.Annotate(err, "cannot read image metadata")
-	}
-	return storeImageMetadataInState(st, info.Source, source.Priority(), existingMetadata)
+// saveCustomImageMetadata stores the custom image metadata to the database,
+func (c *BootstrapCommand) saveCustomImageMetadata(st *state.State, imageMetadata []*imagemetadata.ImageMetadata) error {
+	logger.Debugf("saving custom image metadata")
+	return storeImageMetadataInState(st, "custom", simplestreams.CUSTOM_CLOUD_DATA, imageMetadata)
 }
 
 // storeImageMetadataInState writes image metadata into state store.
@@ -559,24 +479,3 @@
 	}
 	return nil
 }
-
-// yamlBase64Value implements gnuflag.Value on a map[string]interface{}.
-type yamlBase64Value map[string]interface{}
-
-// Set decodes the base64 value into yaml then expands that into a map.
-func (v *yamlBase64Value) Set(value string) error {
-	decoded, err := base64.StdEncoding.DecodeString(value)
-	if err != nil {
-		return err
-	}
-	return goyaml.Unmarshal(decoded, v)
-}
-
-func (v *yamlBase64Value) String() string {
-	return fmt.Sprintf("%v", *v)
-}
-
-// yamlBase64Var sets up a gnuflag flag analogous to the FlagSet.*Var methods.
-func yamlBase64Var(fs *gnuflag.FlagSet, target *map[string]interface{}, name string, value string, usage string) {
-	fs.Var((*yamlBase64Value)(target), name, usage)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/bootstrap_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/bootstrap_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/bootstrap_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/bootstrap_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,7 +17,6 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
@@ -26,27 +25,30 @@
 	"github.com/juju/utils/set"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/mgo.v2"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/agent/agentbootstrap"
 	agenttools "github.com/juju/juju/agent/tools"
 	"github.com/juju/juju/apiserver/params"
-	agenttesting "github.com/juju/juju/cmd/jujud/agent/testing"
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/cloudconfig/instancecfg"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
 	cmdutil "github.com/juju/juju/cmd/jujud/util"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/filestorage"
+	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/simplestreams"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	"github.com/juju/juju/environs/storage"
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/mongo/mongotest"
@@ -55,8 +57,6 @@
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/cloudimagemetadata"
 	"github.com/juju/juju/state/multiwatcher"
-	statestorage "github.com/juju/juju/state/storage"
-	statetesting "github.com/juju/juju/state/testing"
 	"github.com/juju/juju/storage/poolmanager"
 	"github.com/juju/juju/testing"
 	"github.com/juju/juju/tools"
@@ -68,16 +68,16 @@
 type BootstrapSuite struct {
 	testing.BaseSuite
 	gitjujutesting.MgoSuite
-	envcfg                       *config.Config
-	b64yamlControllerModelConfig string
-	b64yamlHostedModelConfig     string
-	instanceId                   instance.Id
-	dataDir                      string
-	logDir                       string
-	mongoOplogSize               string
-	fakeEnsureMongo              *agenttesting.FakeEnsureMongo
-	bootstrapName                string
-	hostedModelUUID              string
+
+	bootstrapParamsFile string
+	bootstrapParams     instancecfg.StateInitializationParams
+
+	dataDir         string
+	logDir          string
+	mongoOplogSize  string
+	fakeEnsureMongo *agenttest.FakeEnsureMongo
+	bootstrapName   string
+	hostedModelUUID string
 
 	toolsStorage storage.Storage
 }
@@ -97,7 +97,6 @@
 	})
 	s.MgoSuite.SetUpSuite(c)
 	s.PatchValue(&jujuversion.Current, testing.FakeVersionNumber)
-	s.makeTestEnv(c)
 }
 
 func (s *BootstrapSuite) TearDownSuite(c *gc.C) {
@@ -115,9 +114,11 @@
 	s.MgoSuite.SetUpTest(c)
 	s.dataDir = c.MkDir()
 	s.logDir = c.MkDir()
+	s.bootstrapParamsFile = filepath.Join(s.dataDir, "bootstrap-params")
 	s.mongoOplogSize = "1234"
-	s.fakeEnsureMongo = agenttesting.InstallFakeEnsureMongo(s)
+	s.fakeEnsureMongo = agenttest.InstallFakeEnsureMongo(s)
 	s.PatchValue(&initiateMongoServer, s.fakeEnsureMongo.InitiateMongo)
+	s.makeTestModel(c)
 
 	// Create fake tools.tar.gz and downloaded-tools.txt.
 	current := version.Binary{
@@ -173,10 +174,7 @@
 	info := filepath.Join(dir, "downloaded-gui.txt")
 	err := os.Remove(info)
 	c.Assert(err, jc.ErrorIsNil)
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId))
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	var tw loggo.TestWriter
@@ -203,10 +201,7 @@
 	err := os.Chmod(info, 0000)
 	c.Assert(err, jc.ErrorIsNil)
 	defer os.Chmod(info, 0600)
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId))
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	var tw loggo.TestWriter
@@ -227,10 +222,7 @@
 	archive := filepath.Join(dir, "gui.tar.bz2")
 	err := os.Remove(archive)
 	c.Assert(err, jc.ErrorIsNil)
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId))
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	var tw loggo.TestWriter
@@ -246,10 +238,7 @@
 }
 
 func (s *BootstrapSuite) TestGUIArchiveSuccess(c *gc.C) {
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId))
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	var tw loggo.TestWriter
@@ -298,7 +287,6 @@
 		jobs = []multiwatcher.MachineJob{
 			multiwatcher.JobManageModel,
 			multiwatcher.JobHostUnits,
-			multiwatcher.JobManageNetworking,
 		}
 	}
 	// NOTE: the old test used an equivalent of the NewAgentConfig, but it
@@ -335,19 +323,16 @@
 	err = machineConf.Write()
 	c.Assert(err, jc.ErrorIsNil)
 
+	if len(args) == 0 {
+		args = []string{s.bootstrapParamsFile}
+	}
 	cmd = NewBootstrapCommand()
-
 	err = testing.InitCommand(cmd, append([]string{"--data-dir", s.dataDir}, args...))
 	return machineConf, cmd, err
 }
 
 func (s *BootstrapSuite) TestInitializeEnvironment(c *gc.C) {
-	hw := instance.MustParseHardware("arch=amd64 mem=8G")
-	machConf, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId), "--hardware", hw.String(),
-	)
+	machConf, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -393,12 +378,12 @@
 
 	instid, err := machines[0].InstanceId()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(instid, gc.Equals, instance.Id(string(s.instanceId)))
+	c.Assert(instid, gc.Equals, s.bootstrapParams.BootstrapMachineInstanceId)
 
 	stateHw, err := machines[0].HardwareCharacteristics()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(stateHw, gc.NotNil)
-	c.Assert(*stateHw, gc.DeepEquals, hw)
+	c.Assert(stateHw, gc.DeepEquals, s.bootstrapParams.BootstrapMachineHardwareCharacteristics)
 
 	cons, err := st.ModelConstraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -406,17 +391,12 @@
 
 	cfg, err := st.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cfg.AuthorizedKeys(), gc.Equals, s.envcfg.AuthorizedKeys()+"\npublic-key")
+	c.Assert(cfg.AuthorizedKeys(), gc.Equals, s.bootstrapParams.ControllerModelConfig.AuthorizedKeys()+"\npublic-key")
 }
 
 func (s *BootstrapSuite) TestInitializeEnvironmentInvalidOplogSize(c *gc.C) {
 	s.mongoOplogSize = "NaN"
-	hw := instance.MustParseHardware("arch=amd64 mem=8G")
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId), "--hardware", hw.String(),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, gc.ErrorMatches, `invalid oplog size: "NaN"`)
@@ -424,18 +404,14 @@
 
 func (s *BootstrapSuite) TestInitializeEnvironmentToolsNotFound(c *gc.C) {
 	// bootstrap with 1.99.1 but there will be no tools so version will be reset.
-	envcfg, err := s.envcfg.Apply(map[string]interface{}{
+	cfg, err := s.bootstrapParams.ControllerModelConfig.Apply(map[string]interface{}{
 		"agent-version": "1.99.1",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	b64yamlControllerModelConfig := b64yaml(envcfg.AllAttrs()).encode()
+	s.bootstrapParams.ControllerModelConfig = cfg
+	s.writeBootstrapParamsFile(c)
 
-	hw := instance.MustParseHardware("arch=amd64 mem=8G")
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId), "--hardware", hw.String(),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -450,7 +426,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	defer st.Close()
 
-	cfg, err := st.ModelConfig()
+	cfg, err = st.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
 	vers, ok := cfg.AgentVersion()
 	c.Assert(ok, jc.IsTrue)
@@ -458,15 +434,11 @@
 }
 
 func (s *BootstrapSuite) TestSetConstraints(c *gc.C) {
-	bootstrapCons := constraints.Value{Mem: uint64p(4096), CpuCores: uint64p(4)}
-	modelCons := constraints.Value{Mem: uint64p(2048), CpuCores: uint64p(2)}
-	_, cmd, err := s.initBootstrapCommand(c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-		"--bootstrap-constraints", bootstrapCons.String(),
-		"--constraints", modelCons.String(),
-	)
+	s.bootstrapParams.BootstrapMachineConstraints = constraints.Value{Mem: uint64p(4096), CpuCores: uint64p(4)}
+	s.bootstrapParams.ModelConstraints = constraints.Value{Mem: uint64p(2048), CpuCores: uint64p(2)}
+	s.writeBootstrapParamsFile(c)
+
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -483,14 +455,14 @@
 
 	cons, err := st.ModelConstraints()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cons, gc.DeepEquals, modelCons)
+	c.Assert(cons, gc.DeepEquals, s.bootstrapParams.ModelConstraints)
 
 	machines, err := st.AllMachines()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(machines, gc.HasLen, 1)
 	cons, err = machines[0].Constraints()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cons, gc.DeepEquals, bootstrapCons)
+	c.Assert(cons, gc.DeepEquals, s.bootstrapParams.BootstrapMachineConstraints)
 }
 
 func uint64p(v uint64) *uint64 {
@@ -501,13 +473,8 @@
 	expectedJobs := []state.MachineJob{
 		state.JobManageModel,
 		state.JobHostUnits,
-		state.JobManageNetworking,
 	}
-	_, cmd, err := s.initBootstrapCommand(c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -528,11 +495,7 @@
 
 func (s *BootstrapSuite) TestConfiguredMachineJobs(c *gc.C) {
 	jobs := []multiwatcher.MachineJob{multiwatcher.JobManageModel}
-	_, cmd, err := s.initBootstrapCommand(c, jobs,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, jobs)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -551,24 +514,8 @@
 	c.Assert(m.Jobs(), gc.DeepEquals, []state.MachineJob{state.JobManageModel})
 }
 
-func testOpenState(c *gc.C, info *mongo.MongoInfo, expectErrType error) {
-	st, err := state.Open(testing.ModelTag, info, mongotest.DialOpts(), environs.NewStatePolicy())
-	if st != nil {
-		st.Close()
-	}
-	if expectErrType != nil {
-		c.Assert(err, gc.FitsTypeOf, expectErrType)
-	} else {
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
 func (s *BootstrapSuite) TestInitialPassword(c *gc.C) {
-	machineConf, cmd, err := s.initBootstrapCommand(c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	machineConf, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = cmd.Run(nil)
@@ -621,70 +568,16 @@
 }
 
 var bootstrapArgTests = []struct {
-	input              []string
-	err                string
-	expectedInstanceId string
-	expectedHardware   instance.HardwareCharacteristics
-	expectedConfig     map[string]interface{}
+	input                       []string
+	err                         string
+	expectedBootstrapParamsFile string
 }{
 	{
-		// no value supplied for model-config
-		err: "--model-config option must be set",
+		err:   "bootstrap-params file must be specified",
+		input: []string{"--data-dir", "/tmp/juju/data/dir"},
 	}, {
-		// empty model-config
-		input: []string{"--model-config", ""},
-		err:   "--model-config option must be set",
-	}, {
-		// wrong, should be base64
-		input: []string{"--model-config", "name: banana\n"},
-		err:   ".*illegal base64 data at input byte.*",
-	}, {
-		// no value supplied for hosted-model-config
-		input: []string{
-			"--model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-		},
-		err: "--hosted-model-config option must be set",
-	}, {
-		// no value supplied for instance-id
-		input: []string{
-			"--model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--hosted-model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-		},
-		err: "--instance-id option must be set",
-	}, {
-		// empty instance-id
-		input: []string{
-			"--model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--hosted-model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--instance-id", "",
-		},
-		err: "--instance-id option must be set",
-	}, {
-		input: []string{
-			"--model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--hosted-model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--instance-id", "anything",
-		},
-		expectedInstanceId: "anything",
-		expectedConfig:     map[string]interface{}{"name": "banana"},
-	}, {
-		input: []string{
-			"--model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--hosted-model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--instance-id", "anything",
-			"--hardware", "nonsense",
-		},
-		err: `invalid value "nonsense" for flag --hardware: malformed characteristic "nonsense"`,
-	}, {
-		input: []string{
-			"--model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--hosted-model-config", base64.StdEncoding.EncodeToString([]byte("name: banana\n")),
-			"--instance-id", "anything",
-			"--hardware", "arch=amd64 cpu-cores=4 root-disk=2T",
-		},
-		expectedInstanceId: "anything",
-		expectedHardware:   instance.MustParseHardware("arch=amd64 cpu-cores=4 root-disk=2T"),
-		expectedConfig:     map[string]interface{}{"name": "banana"},
+		input: []string{"/some/where"},
+		expectedBootstrapParamsFile: "/some/where",
 	},
 }
 
@@ -697,9 +590,7 @@
 		if t.err == "" {
 			c.Assert(cmd, gc.NotNil)
 			c.Assert(err, jc.ErrorIsNil)
-			c.Assert(cmd.ControllerModelConfig, gc.DeepEquals, t.expectedConfig)
-			c.Assert(cmd.InstanceId, gc.Equals, t.expectedInstanceId)
-			c.Assert(cmd.Hardware, gc.DeepEquals, t.expectedHardware)
+			c.Assert(cmd.BootstrapParamsFile, gc.Equals, t.expectedBootstrapParamsFile)
 		} else {
 			c.Assert(err, gc.ErrorMatches, t.err)
 		}
@@ -708,23 +599,19 @@
 
 func (s *BootstrapSuite) TestInitializeStateArgs(c *gc.C) {
 	var called int
-	initializeState := func(_ names.UserTag, _ agent.ConfigSetter, envCfg *config.Config, hostedModelConfig map[string]interface{}, machineCfg agentbootstrap.BootstrapMachineConfig, dialOpts mongo.DialOpts, policy state.Policy) (_ *state.State, _ *state.Machine, resultErr error) {
+	initializeState := func(_ names.UserTag, _ agent.ConfigSetter, args agentbootstrap.InitializeStateParams, dialOpts mongo.DialOpts, _ state.Policy) (_ *state.State, _ *state.Machine, resultErr error) {
 		called++
 		c.Assert(dialOpts.Direct, jc.IsTrue)
 		c.Assert(dialOpts.Timeout, gc.Equals, 30*time.Second)
 		c.Assert(dialOpts.SocketTimeout, gc.Equals, 123*time.Second)
-		c.Assert(hostedModelConfig, jc.DeepEquals, map[string]interface{}{
+		c.Assert(args.HostedModelConfig, jc.DeepEquals, map[string]interface{}{
 			"name": "hosted-model",
 			"uuid": s.hostedModelUUID,
 		})
 		return nil, nil, errors.New("failed to initialize state")
 	}
 	s.PatchValue(&agentInitializeState, initializeState)
-	_, cmd, err := s.initBootstrapCommand(c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil, "--timeout", "123s", s.bootstrapParamsFile)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, gc.ErrorMatches, "failed to initialize state")
@@ -733,25 +620,15 @@
 
 func (s *BootstrapSuite) TestInitializeStateMinSocketTimeout(c *gc.C) {
 	var called int
-	initializeState := func(_ names.UserTag, _ agent.ConfigSetter, envCfg *config.Config, hostedModelConfig map[string]interface{}, machineCfg agentbootstrap.BootstrapMachineConfig, dialOpts mongo.DialOpts, policy state.Policy) (_ *state.State, _ *state.Machine, resultErr error) {
+	initializeState := func(_ names.UserTag, _ agent.ConfigSetter, _ agentbootstrap.InitializeStateParams, dialOpts mongo.DialOpts, _ state.Policy) (_ *state.State, _ *state.Machine, resultErr error) {
 		called++
 		c.Assert(dialOpts.Direct, jc.IsTrue)
 		c.Assert(dialOpts.SocketTimeout, gc.Equals, 1*time.Minute)
 		return nil, nil, errors.New("failed to initialize state")
 	}
 
-	envcfg, err := s.envcfg.Apply(map[string]interface{}{
-		"bootstrap-timeout": "13",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	b64yamlControllerModelConfig := b64yaml(envcfg.AllAttrs()).encode()
-
 	s.PatchValue(&agentInitializeState, initializeState)
-	_, cmd, err := s.initBootstrapCommand(c, nil,
-		"--model-config", b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil, "--timeout", "13s", s.bootstrapParamsFile)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, gc.ErrorMatches, "failed to initialize state")
@@ -762,11 +639,7 @@
 	_, err := os.Stat(filepath.Join(s.dataDir, agent.SystemIdentity))
 	c.Assert(err, jc.Satisfies, os.IsNotExist)
 
-	_, cmd, err := s.initBootstrapCommand(c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -797,11 +670,8 @@
 func (s *BootstrapSuite) testToolsMetadata(c *gc.C, exploded bool) {
 	envtesting.RemoveFakeToolsMetadata(c, s.toolsStorage)
 
-	_, cmd, err := s.initBootstrapCommand(c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
+
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -850,93 +720,16 @@
 	}
 }
 
-const (
-	indexContent = `{
-    "index": {
-        "com.ubuntu.cloud:%v": {
-            "updated": "Fri, 17 Jul 2015 13:42:48 +1000",
-            "format": "products:1.0",
-            "datatype": "image-ids",
-            "cloudname": "custom",
-            "clouds": [
-                {
-                    "region": "%v",
-                    "endpoint": "endpoint"
-                }
-            ],
-            "path": "streams/v1/products.json",
-            "products": [
-                "com.ubuntu.cloud:server:14.04:%v"
-            ]
-        }
-    },
-    "updated": "Fri, 17 Jul 2015 13:42:48 +1000",
-    "format": "index:1.0"
-}`
-
-	productContent = `{
-    "products": {
-        "com.ubuntu.cloud:server:14.04:%v": {
-            "version": "14.04",
-            "arch": "%v",
-            "versions": {
-                "20151707": {
-                    "items": {
-                        "%v": {
-                            "id": "%v",
-                            "root_store": "%v",
-                            "virt": "%v",
-                            "region": "%v",
-                            "endpoint": "endpoint"
-                        }
-                    }
-                }
-            }
-        }
-     },
-    "updated": "Fri, 17 Jul 2015 13:42:48 +1000",
-    "format": "products:1.0",
-    "content_id": "com.ubuntu.cloud:%v"
-}`
-)
-
-func writeTempFiles(c *gc.C, metadataDir string, expected []struct{ path, content string }) {
-	for _, pair := range expected {
-		path := filepath.Join(metadataDir, pair.path)
-		err := os.MkdirAll(filepath.Dir(path), 0755)
-		c.Assert(err, jc.ErrorIsNil)
-		err = ioutil.WriteFile(path, []byte(pair.content), 0644)
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
-func createImageMetadata(c *gc.C) (string, cloudimagemetadata.Metadata, []struct{ path, content string }) {
-	// setup data for this test
-	metadata := cloudimagemetadata.Metadata{
-		MetadataAttributes: cloudimagemetadata.MetadataAttributes{
-			Region:          "region",
-			Series:          "trusty",
-			Arch:            "amd64",
-			VirtType:        "virtType",
-			RootStorageType: "rootStore",
-			Source:          "custom"},
-		Priority: simplestreams.CUSTOM_CLOUD_DATA,
-		ImageId:  "imageId"}
-
-	// setup files containing test's data
-	metadataDir := c.MkDir()
-	expected := []struct{ path, content string }{{
-		path:    "streams/v1/index.json",
-		content: fmt.Sprintf(indexContent, metadata.Source, metadata.Region, metadata.Arch),
-	}, {
-		path:    "streams/v1/products.json",
-		content: fmt.Sprintf(productContent, metadata.Arch, metadata.Arch, metadata.ImageId, metadata.ImageId, metadata.RootStorageType, metadata.VirtType, metadata.Region, metadata.Source),
-	}, {
-		path:    "wayward/file.txt",
-		content: "ghi",
+func createImageMetadata() []*imagemetadata.ImageMetadata {
+	return []*imagemetadata.ImageMetadata{{
+		Id:         "imageId",
+		Storage:    "rootStore",
+		VirtType:   "virtType",
+		Arch:       "amd64",
+		Version:    "14.04",
+		Endpoint:   "endpoint",
+		RegionName: "region",
 	}}
-	writeTempFiles(c, metadataDir, expected)
-	return metadataDir, metadata, expected
 }
 
 func assertWrittenToState(c *gc.C, metadata cloudimagemetadata.Metadata) {
@@ -959,141 +752,96 @@
 }
 
 func (s *BootstrapSuite) TestStructuredImageMetadataStored(c *gc.C) {
-	dir, m, _ := createImageMetadata(c)
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-		"--image-metadata", dir,
-	)
+	s.bootstrapParams.CustomImageMetadata = createImageMetadata()
+	s.writeBootstrapParamsFile(c)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// This metadata should have also been written to state...
-	// m.Version would be deduced from m.Series
-	m.Version = "14.04"
-	assertWrittenToState(c, m)
-
-}
-
-func (s *BootstrapSuite) TestCustomDataSourceHasKey(c *gc.C) {
-	dir, _, _ := createImageMetadata(c)
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-		"--image-metadata", dir,
-	)
-	c.Assert(err, jc.ErrorIsNil)
-
-	called := false
-	s.PatchValue(&storeImageMetadataFromFiles, func(st *state.State, env environs.Environ, source simplestreams.DataSource) error {
-		called = true
-		// This data source does not require to contain signed data.
-		// However, it may still contain it.
-		// Since we will always try to read signed data first,
-		// we want to be able to try to read this signed data
-		// with a user provided public key. For this test, none is provided.
-		// Bugs #1542127, #1542131
-		c.Assert(source.PublicSigningKey(), gc.Equals, "")
-		return nil
-	})
-	err = cmd.Run(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(called, jc.IsTrue)
+	expect := cloudimagemetadata.Metadata{
+		cloudimagemetadata.MetadataAttributes{
+			Region:          "region",
+			Arch:            "amd64",
+			Version:         "14.04",
+			Series:          "trusty",
+			RootStorageType: "rootStore",
+			VirtType:        "virtType",
+			Source:          "custom",
+		},
+		simplestreams.CUSTOM_CLOUD_DATA,
+		"imageId",
+	}
+	assertWrittenToState(c, expect)
 }
 
 func (s *BootstrapSuite) TestStructuredImageMetadataInvalidSeries(c *gc.C) {
-	dir, _, _ := createImageMetadata(c)
-
-	msg := "my test error"
-	s.PatchValue(&seriesFromVersion, func(string) (string, error) {
-		return "", errors.New(msg)
-	})
+	s.bootstrapParams.CustomImageMetadata = createImageMetadata()
+	s.bootstrapParams.CustomImageMetadata[0].Version = "woat"
+	s.writeBootstrapParamsFile(c)
 
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-		"--image-metadata", dir,
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
-	c.Assert(err, gc.ErrorMatches, fmt.Sprintf(".*%v.*", msg))
+	c.Assert(err, gc.ErrorMatches, `cannot determine series for version woat: unknown series for version: \"woat\"`)
 }
 
-func (s *BootstrapSuite) TestImageMetadata(c *gc.C) {
-	metadataDir, _, expected := createImageMetadata(c)
-
-	var stor statetesting.MapStorage
-	s.PatchValue(&newStateStorage, func(string, *mgo.Session) statestorage.Storage {
-		return &stor
-	})
-
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil,
-		"--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-		"--image-metadata", metadataDir,
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	err = cmd.Run(nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// The contents of the directory should have been added to
-	// environment storage.
-	for _, pair := range expected {
-		r, length, err := stor.Get(pair.path)
-		c.Assert(err, jc.ErrorIsNil)
-		data, err := ioutil.ReadAll(r)
-		r.Close()
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(length, gc.Equals, int64(len(pair.content)))
-		c.Assert(data, gc.HasLen, int(length))
-		c.Assert(string(data), gc.Equals, pair.content)
-	}
-}
-
-func (s *BootstrapSuite) makeTestEnv(c *gc.C) {
+func (s *BootstrapSuite) makeTestModel(c *gc.C) {
 	attrs := dummy.SampleConfig().Merge(
 		testing.Attrs{
-			"agent-version":     jujuversion.Current.String(),
-			"bootstrap-timeout": "123",
+			"agent-version": jujuversion.Current.String(),
 		},
 	).Delete("admin-secret", "ca-private-key")
 	cfg, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 	provider, err := environs.Provider(cfg.Type())
 	c.Assert(err, jc.ErrorIsNil)
-	cfg, err = provider.BootstrapConfig(environs.BootstrapConfigParams{Config: cfg})
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = cfg.UUID()
+	cfg, err = provider.BootstrapConfig(environs.BootstrapConfigParams{
+		ControllerUUID: controllerCfg.ControllerUUID(),
+		Config:         cfg,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := provider.PrepareForBootstrap(nullContext(), cfg)
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	envtesting.MustUploadFakeTools(s.toolsStorage, cfg.AgentStream(), cfg.AgentStream())
-	inst, _, _, err := jujutesting.StartInstance(env, "0")
+	inst, _, _, err := jujutesting.StartInstance(env, testing.FakeControllerConfig().ControllerUUID(), "0")
 	c.Assert(err, jc.ErrorIsNil)
-	s.instanceId = inst.Id()
 
 	addresses, err := inst.Addresses()
 	c.Assert(err, jc.ErrorIsNil)
 	addr, _ := network.SelectPublicAddress(addresses)
 	s.bootstrapName = addr.Value
-	s.envcfg = env.Config()
-	s.b64yamlControllerModelConfig = b64yaml(s.envcfg.AllAttrs()).encode()
-
 	s.hostedModelUUID = utils.MustNewUUID().String()
-	hostedModelConfigAttrs := map[string]interface{}{
+
+	var args instancecfg.StateInitializationParams
+	args.ControllerConfig = controllerCfg
+	args.BootstrapMachineInstanceId = inst.Id()
+	args.ControllerModelConfig = env.Config()
+	hw := instance.MustParseHardware("arch=amd64 mem=8G")
+	args.BootstrapMachineHardwareCharacteristics = &hw
+	args.HostedModelConfig = map[string]interface{}{
 		"name": "hosted-model",
 		"uuid": s.hostedModelUUID,
 	}
-	s.b64yamlHostedModelConfig = b64yaml(hostedModelConfigAttrs).encode()
+	args.ControllerCloudName = "dummy"
+	args.ControllerCloud = cloud.Cloud{
+		Type:      "dummy",
+		AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+	}
+	s.bootstrapParams = args
+	s.writeBootstrapParamsFile(c)
+}
+
+func (s *BootstrapSuite) writeBootstrapParamsFile(c *gc.C) {
+	data, err := s.bootstrapParams.Marshal()
+	c.Assert(err, jc.ErrorIsNil)
+	err = ioutil.WriteFile(s.bootstrapParamsFile, data, 0600)
+	c.Assert(err, jc.ErrorIsNil)
 }
 
 func nullContext() environs.BootstrapContext {
@@ -1115,11 +863,7 @@
 }
 
 func (s *BootstrapSuite) TestDefaultStoragePools(c *gc.C) {
-	_, cmd, err := s.initBootstrapCommand(
-		c, nil, "--model-config", s.b64yamlControllerModelConfig,
-		"--hosted-model-config", s.b64yamlHostedModelConfig,
-		"--instance-id", string(s.instanceId),
-	)
+	_, cmd, err := s.initBootstrapCommand(c, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	err = cmd.Run(nil)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/dumplogs/dumplogs.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/dumplogs/dumplogs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/dumplogs/dumplogs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/dumplogs/dumplogs.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,7 +18,7 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/agent"
@@ -177,7 +177,7 @@
 		writer.WriteString(c.format(
 			rec.Time,
 			rec.Level,
-			rec.Entity,
+			rec.Entity.String(),
 			rec.Module,
 			rec.Message,
 		) + "\n")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/main.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/main.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/main.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/main.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,6 +18,7 @@
 	"github.com/juju/loggo"
 	"github.com/juju/utils/exec"
 
+	"github.com/juju/juju/agent"
 	jujucmd "github.com/juju/juju/cmd"
 	agentcmd "github.com/juju/juju/cmd/jujud/agent"
 	"github.com/juju/juju/cmd/jujud/dumplogs"
@@ -192,7 +193,8 @@
 	switch commandName {
 	case names.Jujud:
 		// start pprof server and defer cleanup
-		stop := pprof.Start()
+		pprofSocketPath := filepath.Join(os.TempDir(), pprof.Filename)
+		stop := pprof.Start(pprofSocketPath)
 		defer stop()
 
 		code, err = jujuDMain(args, ctx)
@@ -201,7 +203,10 @@
 		code = exit_err
 		err = fmt.Errorf("jujuc should not be called directly")
 	case names.JujuRun:
-		code = cmd.Main(&RunCommand{}, ctx, args[1:])
+		run := &RunCommand{
+			MachineLockName: agent.MachineLockName,
+		}
+		code = cmd.Main(run, ctx, args[1:])
 	case names.JujuDumpLogs:
 		code = cmd.Main(dumplogs.NewCommand(), ctx, args[1:])
 	default:
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/main_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/main_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/main_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/main_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -101,9 +101,7 @@
 	msga := `unrecognized args: ["toastie"]`
 	checkMessage(c, msga,
 		"bootstrap-state",
-		"--model-config", b64yaml{"blah": "blah"}.encode(),
-		"--hosted-model-config", b64yaml{"blah": "blah"}.encode(),
-		"--instance-id", "inst",
+		"bootstrap-params-file",
 		"toastie")
 	checkMessage(c, msga, "unit",
 		"--unit-name", "un/0",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/main_windows.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/main_windows.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/main_windows.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/main_windows.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,8 +17,18 @@
 	"github.com/juju/juju/juju/osenv"
 )
 
+// FLAGSFROMENVIRONMENT can control whether we read featureflags from the
+// environment or from the registry. This is only needed because we build the
+// jujud binary in uniter tests and we cannot mock the registry out easily.
+// Once uniter tests are fixed this should be removed.
+var FLAGSFROMENVIRONMENT string
+
 func init() {
-	featureflag.SetFlagsFromRegistry(osenv.JujuRegistryKey, osenv.JujuFeatureFlagEnvKey)
+	if FLAGSFROMENVIRONMENT == "true" {
+		featureflag.SetFlagsFromEnvironment(osenv.JujuFeatureFlagEnvKey)
+	} else {
+		featureflag.SetFlagsFromRegistry(osenv.JujuRegistryKey, osenv.JujuFeatureFlagEnvKey)
+	}
 }
 
 func main() {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot
 
 var (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot
 
 import (
@@ -8,7 +12,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
@@ -76,12 +80,10 @@
 
 func (r *Reboot) runningContainers() ([]instance.Instance, error) {
 	var runningInstances []instance.Instance
-
+	modelUUID := r.acfg.Model().Id()
 	for _, val := range instance.ContainerTypes {
-		managerConfig := container.ManagerConfig{container.ConfigName: container.DefaultNamespace}
-		if namespace := r.acfg.Value(agent.Namespace); namespace != "" {
-			managerConfig[container.ConfigName] = namespace
-		}
+		managerConfig := container.ManagerConfig{
+			container.ConfigModelUUID: modelUUID}
 		cfg := container.ManagerConfig(managerConfig)
 		manager, err := factory.NewContainerManager(val, cfg, nil)
 		if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 // +build !windows
 
 package reboot
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_nix_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,10 +1,12 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 // +build !windows
 
 package reboot_test
 
 import (
-	"time"
-
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	ft "github.com/juju/testing/filetesting"
@@ -25,51 +27,6 @@
 sleep 15
 shutdown -h now`
 
-var lxcLsScript = `#!/bin/bash
-echo juju-machine-1-lxc-0
-`
-
-var lxcInfoScriptMissbehave = `#!/bin/bash
-echo '
-Name:           juju-machine-1-lxc-0
-State:          RUNNING
-PID:            13955
-IP:             192.168.200.85
-CPU use:        186.37 seconds
-BlkIO use:      175.29 MiB
-Memory use:     202.45 MiB
-Link:           vethXUAOWB
- TX bytes:      516.81 KiB
- RX bytes:      12.31 MiB
- Total bytes:   12.82 MiB
-'
-`
-
-var lxcInfoScript = `#!/bin/bash
-LINE_COUNT=$(wc -l "$TEMP/empty-lxc-response" 2>/dev/null | awk '{print $1}')
-RAN=${LINE_COUNT:-0}
-
-if [ "$RAN" -ge 3 ]
-then
-    echo ""
-else
-    echo '
-Name:           juju-machine-1-lxc-0
-State:          RUNNING
-PID:            13955
-IP:             192.168.200.85
-CPU use:        186.37 seconds
-BlkIO use:      175.29 MiB
-Memory use:     202.45 MiB
-Link:           vethXUAOWB
- TX bytes:      516.81 KiB
- RX bytes:      12.31 MiB
- Total bytes:   12.82 MiB
-'
-    echo 1 >> "$TEMP/empty-lxc-response"
-fi
-`
-
 func (s *RebootSuite) rebootCommandParams(c *gc.C) []string {
 	return []string{
 		"-f",
@@ -86,33 +43,6 @@
 	}
 }
 
-func (s *RebootSuite) TestRebootWithContainers(c *gc.C) {
-	testing.PatchExecutable(c, s, "lxc-ls", lxcLsScript)
-	testing.PatchExecutable(c, s, "lxc-info", lxcInfoScript)
-	expectedRebootParams := s.rebootCommandParams(c)
-
-	s.PatchValue(reboot.Timeout, time.Duration(5*time.Second))
-	w, err := reboot.NewRebootWaiter(s.st, s.acfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = w.ExecuteReboot(params.ShouldReboot)
-	c.Assert(err, jc.ErrorIsNil)
-	testing.AssertEchoArgs(c, rebootBin, expectedRebootParams...)
-	ft.File{s.rebootScriptName, expectedRebootScript, 0755}.Check(c, s.tmpDir)
-}
-
-func (s *RebootSuite) TestRebootWithMissbehavingContainers(c *gc.C) {
-	testing.PatchExecutable(c, s, "lxc-ls", lxcLsScript)
-	testing.PatchExecutable(c, s, "lxc-info", lxcInfoScriptMissbehave)
-
-	s.PatchValue(reboot.Timeout, time.Duration(1*time.Second))
-	w, err := reboot.NewRebootWaiter(s.st, s.acfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = w.ExecuteReboot(params.ShouldReboot)
-	c.Assert(err, gc.ErrorMatches, "Timeout reached waiting for containers to shutdown")
-}
-
 func (s *RebootSuite) TestRebootNoContainers(c *gc.C) {
 	w, err := reboot.NewRebootWaiter(s.st, s.acfg)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot_test
 
 import (
@@ -5,10 +9,10 @@
 	"path/filepath"
 	stdtesting "testing"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
@@ -42,7 +46,7 @@
 
 	// These tests only patch out LXC, so only run full-stack tests
 	// over LXC.
-	s.PatchValue(&instance.ContainerTypes, []instance.ContainerType{instance.LXC})
+	s.PatchValue(&instance.ContainerTypes, []instance.ContainerType{instance.LXD})
 }
 
 func (s *RebootSuite) SetUpTest(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/reboot/reboot_windows_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/run.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/run.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/run.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/run.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,14 @@
 	"os"
 	"strconv"
 	"strings"
+	"time"
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"github.com/juju/mutex"
+	"github.com/juju/utils/clock"
 	"github.com/juju/utils/exec"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/agent"
@@ -24,6 +27,7 @@
 
 type RunCommand struct {
 	cmd.CommandBase
+	MachineLockName string
 	unit            names.UnitTag
 	commands        string
 	showHelp        bool
@@ -78,7 +82,7 @@
 		unitName, args = args[0], args[1:]
 		// If the command line param is a unit id (like service/2) we need to
 		// change it to the unit tag as that is the format of the agent directory
-		// on disk (unit-service-2).
+		// on disk (unit-application-2).
 		if names.IsValidUnit(unitName) {
 			c.unit = names.NewUnitTag(unitName)
 		} else {
@@ -172,15 +176,16 @@
 func (c *RunCommand) executeNoContext() (*exec.ExecResponse, error) {
 	// Acquire the uniter hook execution lock to make sure we don't
 	// stomp on each other.
-	lock, err := cmdutil.HookExecutionLock(cmdutil.DataDir)
-	if err != nil {
-		return nil, errors.Trace(err)
+	spec := mutex.Spec{
+		Name:  c.MachineLockName,
+		Clock: clock.WallClock,
+		Delay: 250 * time.Millisecond,
 	}
-	err = lock.Lock("juju-run")
+	releaser, err := mutex.Acquire(spec)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	defer lock.Unlock()
+	defer releaser.Release()
 
 	runCmd := c.appendProxyToCommands()
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/run_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/run_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/run_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/run_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,11 +13,13 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"github.com/juju/mutex"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
+	"github.com/juju/utils/clock"
 	"github.com/juju/utils/exec"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	cmdutil "github.com/juju/juju/cmd/jujud/util"
 	"github.com/juju/juju/testing"
@@ -25,6 +27,8 @@
 	jujuos "github.com/juju/utils/os"
 )
 
+const testLockName = "juju-run-test"
+
 type RunTestSuite struct {
 	testing.BaseSuite
 }
@@ -125,20 +129,26 @@
 	}
 }
 
+func (s *RunTestSuite) runCommand() *RunCommand {
+	return &RunCommand{
+		MachineLockName: testLockName,
+	}
+}
+
 func (s *RunTestSuite) TestInsideContext(c *gc.C) {
 	s.PatchEnvironment("JUJU_CONTEXT_ID", "fake-id")
-	runCommand := &RunCommand{}
+	runCommand := s.runCommand()
 	err := runCommand.Init([]string{"foo", "bar"})
 	c.Assert(err, gc.ErrorMatches, "juju-run cannot be called from within a hook.*")
 }
 
 func (s *RunTestSuite) TestMissingAgentName(c *gc.C) {
-	_, err := testing.RunCommand(c, &RunCommand{}, "foo/2", "bar")
+	_, err := testing.RunCommand(c, s.runCommand(), "foo/2", "bar")
 	c.Assert(err, gc.ErrorMatches, `unit "foo/2" not found on this machine`)
 }
 
 func (s *RunTestSuite) TestMissingAgentTag(c *gc.C) {
-	_, err := testing.RunCommand(c, &RunCommand{}, "unit-foo-2", "bar")
+	_, err := testing.RunCommand(c, s.runCommand(), "unit-foo-2", "bar")
 	c.Assert(err, gc.ErrorMatches, `unit "foo/2" not found on this machine`)
 }
 
@@ -151,10 +161,10 @@
 	}
 }
 
-func startRunAsync(c *gc.C, params []string) <-chan *cmd.Context {
+func (s *RunTestSuite) startRunAsync(c *gc.C, params []string) <-chan *cmd.Context {
 	resultChannel := make(chan *cmd.Context)
 	go func() {
-		ctx, err := testing.RunCommand(c, &RunCommand{}, params...)
+		ctx, err := testing.RunCommand(c, s.runCommand(), params...)
 		c.Assert(err, jc.Satisfies, cmd.IsRcPassthroughError)
 		c.Assert(err, gc.ErrorMatches, "subprocess encountered error code 0")
 		resultChannel <- ctx
@@ -164,30 +174,34 @@
 }
 
 func (s *RunTestSuite) TestNoContext(c *gc.C) {
-	ctx, err := testing.RunCommand(c, &RunCommand{}, "--no-context", "echo done")
+	ctx, err := testing.RunCommand(c, s.runCommand(), "--no-context", "echo done")
 	c.Assert(err, jc.Satisfies, cmd.IsRcPassthroughError)
 	c.Assert(err, gc.ErrorMatches, "subprocess encountered error code 0")
 	c.Assert(strings.TrimRight(testing.Stdout(ctx), "\r\n"), gc.Equals, "done")
 }
 
 func (s *RunTestSuite) TestNoContextAsync(c *gc.C) {
-	channel := startRunAsync(c, []string{"--no-context", "echo done"})
+	channel := s.startRunAsync(c, []string{"--no-context", "echo done"})
 	ctx, err := waitForResult(channel, testing.LongWait)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(strings.TrimRight(testing.Stdout(ctx), "\r\n"), gc.Equals, "done")
 }
 
 func (s *RunTestSuite) TestNoContextWithLock(c *gc.C) {
-	lock, err := cmdutil.HookExecutionLock(cmdutil.DataDir)
+	spec := mutex.Spec{
+		Name:  testLockName,
+		Clock: clock.WallClock,
+		Delay: 250 * time.Millisecond,
+	}
+	releaser, err := mutex.Acquire(spec)
 	c.Assert(err, jc.ErrorIsNil)
-	lock.Lock("juju-run test")
-	defer lock.Unlock() // in case of failure
+	defer releaser.Release() // in case of failure
 
-	channel := startRunAsync(c, []string{"--no-context", "echo done"})
+	channel := s.startRunAsync(c, []string{"--no-context", "echo done"})
 	ctx, err := waitForResult(channel, testing.ShortWait)
 	c.Assert(err, gc.ErrorMatches, "timeout")
 
-	lock.Unlock()
+	releaser.Release()
 
 	ctx, err = waitForResult(channel, testing.LongWait)
 	c.Assert(err, jc.ErrorIsNil)
@@ -202,7 +216,7 @@
 	err := os.MkdirAll(agentDir, 0755)
 	c.Assert(err, jc.ErrorIsNil)
 
-	_, err = testing.RunCommand(c, &RunCommand{}, "foo/1", "bar")
+	_, err = testing.RunCommand(c, s.runCommand(), "foo/1", "bar")
 	c.Assert(err, gc.ErrorMatches, `dial unix .*/run.socket:.*`+utils.NoSuchFileErrRegexp)
 }
 
@@ -210,7 +224,7 @@
 	loggo.GetLogger("worker.uniter").SetLogLevel(loggo.TRACE)
 	s.runListenerForAgent(c, "unit-foo-1")
 
-	ctx, err := testing.RunCommand(c, &RunCommand{}, "foo/1", "bar")
+	ctx, err := testing.RunCommand(c, s.runCommand(), "foo/1", "bar")
 	c.Check(cmd.IsRcPassthroughError(err), jc.IsTrue)
 	c.Assert(err, gc.ErrorMatches, "subprocess encountered error code 42")
 	c.Assert(testing.Stdout(ctx), gc.Equals, "bar stdout")
@@ -221,7 +235,7 @@
 	loggo.GetLogger("worker.uniter").SetLogLevel(loggo.TRACE)
 	s.runListenerForAgent(c, "unit-foo-1")
 
-	ctx, err := testing.RunCommand(c, &RunCommand{}, "--relation", "db:1", "foo/1", "bar")
+	ctx, err := testing.RunCommand(c, s.runCommand(), "--relation", "db:1", "foo/1", "bar")
 	c.Check(cmd.IsRcPassthroughError(err), jc.IsTrue)
 	c.Assert(err, gc.ErrorMatches, "subprocess encountered error code 42")
 	c.Assert(testing.Stdout(ctx), gc.Equals, "bar stdout")
@@ -232,7 +246,7 @@
 	loggo.GetLogger("worker.uniter").SetLogLevel(loggo.TRACE)
 	s.runListenerForAgent(c, "unit-foo-1")
 
-	_, err := testing.RunCommand(c, &RunCommand{}, "--relation", "badrelation:W", "foo/1", "bar")
+	_, err := testing.RunCommand(c, s.runCommand(), "--relation", "badrelation:W", "foo/1", "bar")
 	c.Check(cmd.IsRcPassthroughError(err), jc.IsFalse)
 	c.Assert(err, gc.ErrorMatches, "invalid relation id")
 }
@@ -241,7 +255,7 @@
 	loggo.GetLogger("worker.uniter").SetLogLevel(loggo.TRACE)
 	s.runListenerForAgent(c, "unit-foo-1")
 
-	_, err := testing.RunCommand(c, &RunCommand{}, "--remote-unit", "remote/0", "foo/1", "bar")
+	_, err := testing.RunCommand(c, s.runCommand(), "--remote-unit", "remote/0", "foo/1", "bar")
 	c.Check(cmd.IsRcPassthroughError(err), jc.IsFalse)
 	c.Assert(err, gc.ErrorMatches, "remote unit: remote/0, provided without a relation")
 }
@@ -250,7 +264,7 @@
 	loggo.GetLogger("worker.uniter").SetLogLevel(loggo.TRACE)
 	s.runListenerForAgent(c, "unit-foo-1")
 
-	ctx, err := testing.RunCommand(c, &RunCommand{}, "--force-remote-unit", "--remote-unit", "unit-name-2", "--relation", "db:1", "foo/1", "bar")
+	ctx, err := testing.RunCommand(c, s.runCommand(), "--force-remote-unit", "--remote-unit", "unit-name-2", "--relation", "db:1", "foo/1", "bar")
 	c.Check(cmd.IsRcPassthroughError(err), jc.IsTrue)
 	c.Assert(err, gc.ErrorMatches, "subprocess encountered error code 42")
 	c.Assert(testing.Stdout(ctx), gc.Equals, "bar stdout")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/upgrade_mongo.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/upgrade_mongo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/upgrade_mongo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/upgrade_mongo.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,13 +15,13 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	"github.com/juju/retry"
 	"github.com/juju/utils"
 	"github.com/juju/utils/clock"
 	"github.com/juju/utils/fs"
 	"github.com/juju/utils/packaging/manager"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"launchpad.net/gnuflag"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/upgrade_mongo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/upgrade_mongo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/upgrade_mongo_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/upgrade_mongo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,12 +13,12 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	"github.com/juju/retry"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/util/util.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/util/util.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/jujud/util/util.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/jujud/util/util.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,12 +6,10 @@
 import (
 	"fmt"
 	"io"
-	"path/filepath"
 	"strconv"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/utils/fslock"
 	"github.com/juju/utils/series"
 
 	"github.com/juju/juju/agent"
@@ -227,14 +225,6 @@
 	return err
 }
 
-// HookExecutionLock returns an *fslock.Lock suitable for use as a
-// unit hook execution lock. Other workers may also use this lock if
-// they require isolation from hook execution.
-func HookExecutionLock(dataDir string) (*fslock.Lock, error) {
-	lockDir := filepath.Join(dataDir, "locks")
-	return fslock.NewLock(lockDir, "uniter-hook-execution", fslock.Defaults())
-}
-
 // ParamsStateServingInfoToStateStateServingInfo converts a
 // params.StateServingInfo to a state.StateServingInfo.
 func ParamsStateServingInfoToStateStateServingInfo(i params.StateServingInfo) state.StateServingInfo {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/apicontext.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/apicontext.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/apicontext.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/apicontext.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package modelcmd
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/apiopener.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/apiopener.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/apiopener.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/apiopener.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,13 +18,13 @@
 // APIOpener provides a way to open a connection to the Juju
 // API Server through the named connection.
 type APIOpener interface {
-	Open(store jujuclient.ClientStore, controllerName, accountName, modelName string) (api.Connection, error)
+	Open(store jujuclient.ClientStore, controllerName, modelName string) (api.Connection, error)
 }
 
-type OpenFunc func(jujuclient.ClientStore, string, string, string) (api.Connection, error)
+type OpenFunc func(jujuclient.ClientStore, string, string) (api.Connection, error)
 
-func (f OpenFunc) Open(store jujuclient.ClientStore, controllerName, accountName, modelName string) (api.Connection, error) {
-	return f(store, controllerName, accountName, modelName)
+func (f OpenFunc) Open(store jujuclient.ClientStore, controllerName, modelName string) (api.Connection, error) {
+	return f(store, controllerName, modelName)
 }
 
 type timeoutOpener struct {
@@ -44,13 +44,13 @@
 	}
 }
 
-func (t *timeoutOpener) Open(store jujuclient.ClientStore, controllerName, accountName, modelName string) (api.Connection, error) {
+func (t *timeoutOpener) Open(store jujuclient.ClientStore, controllerName, modelName string) (api.Connection, error) {
 	// Make the channels buffered so the created goroutine is guaranteed
 	// not go get blocked trying to send down the channel.
 	apic := make(chan api.Connection, 1)
 	errc := make(chan error, 1)
 	go func() {
-		api, dialErr := t.opener.Open(store, controllerName, accountName, modelName)
+		api, dialErr := t.opener.Open(store, controllerName, modelName)
 		if dialErr != nil {
 			errc <- dialErr
 			return
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/apiopener_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/apiopener_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/apiopener_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/apiopener_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,66 +23,59 @@
 var _ = gc.Suite(&APIOpenerSuite{})
 
 func (*APIOpenerSuite) TestPassthrough(c *gc.C) {
-	var controllerName, accountName, modelName string
-	open := func(_ jujuclient.ClientStore, controllerNameArg, accountNameArg, modelNameArg string) (api.Connection, error) {
+	var controllerName, modelName string
+	open := func(_ jujuclient.ClientStore, controllerNameArg, modelNameArg string) (api.Connection, error) {
 		controllerName = controllerNameArg
-		accountName = accountNameArg
 		modelName = modelNameArg
 		// Lets do the bad thing and return both a connection instance
 		// and an error to check they both come through.
 		return &mockConnection{}, errors.New("boom")
 	}
 	opener := modelcmd.OpenFunc(open)
-	conn, err := opener.Open(nil, "a-name", "b-name", "c-name")
+	conn, err := opener.Open(nil, "a-name", "b-name")
 	c.Assert(err, gc.ErrorMatches, "boom")
 	c.Assert(conn, gc.NotNil)
 	c.Assert(controllerName, gc.Equals, "a-name")
-	c.Assert(accountName, gc.Equals, "b-name")
-	c.Assert(modelName, gc.Equals, "c-name")
+	c.Assert(modelName, gc.Equals, "b-name")
 }
 
 func (*APIOpenerSuite) TestTimoutSuccess(c *gc.C) {
-	var controllerName, accountName, modelName string
-	open := func(_ jujuclient.ClientStore, controllerNameArg, accountNameArg, modelNameArg string) (api.Connection, error) {
+	var controllerName, modelName string
+	open := func(_ jujuclient.ClientStore, controllerNameArg, modelNameArg string) (api.Connection, error) {
 		controllerName = controllerNameArg
-		accountName = accountNameArg
 		modelName = modelNameArg
 		return &mockConnection{}, nil
 	}
 	opener := modelcmd.NewTimeoutOpener(modelcmd.OpenFunc(open), clock.WallClock, 10*time.Second)
-	conn, err := opener.Open(nil, "a-name", "b-name", "c-name")
+	conn, err := opener.Open(nil, "a-name", "b-name")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(conn, gc.NotNil)
 	c.Assert(controllerName, gc.Equals, "a-name")
-	c.Assert(accountName, gc.Equals, "b-name")
-	c.Assert(modelName, gc.Equals, "c-name")
+	c.Assert(modelName, gc.Equals, "b-name")
 }
 
 func (*APIOpenerSuite) TestTimoutErrors(c *gc.C) {
-	var controllerName, accountName, modelName string
-	open := func(_ jujuclient.ClientStore, controllerNameArg, accountNameArg, modelNameArg string) (api.Connection, error) {
+	var controllerName, modelName string
+	open := func(_ jujuclient.ClientStore, controllerNameArg, modelNameArg string) (api.Connection, error) {
 		controllerName = controllerNameArg
-		accountName = accountNameArg
 		modelName = modelNameArg
 		return nil, errors.New("boom")
 	}
 	opener := modelcmd.NewTimeoutOpener(modelcmd.OpenFunc(open), clock.WallClock, 10*time.Second)
-	conn, err := opener.Open(nil, "a-name", "b-name", "c-name")
+	conn, err := opener.Open(nil, "a-name", "b-name")
 	c.Assert(err, gc.ErrorMatches, "boom")
 	c.Assert(conn, gc.IsNil)
 	c.Assert(controllerName, gc.Equals, "a-name")
-	c.Assert(accountName, gc.Equals, "b-name")
-	c.Assert(modelName, gc.Equals, "c-name")
+	c.Assert(modelName, gc.Equals, "b-name")
 }
 
 func (*APIOpenerSuite) TestTimoutClosesAPIOnTimeout(c *gc.C) {
-	var controllerName, accountName, modelName string
+	var controllerName, modelName string
 	finished := make(chan struct{})
 	mockConn := &mockConnection{closed: make(chan struct{})}
-	open := func(_ jujuclient.ClientStore, controllerNameArg, accountNameArg, modelNameArg string) (api.Connection, error) {
+	open := func(_ jujuclient.ClientStore, controllerNameArg, modelNameArg string) (api.Connection, error) {
 		<-finished
 		controllerName = controllerNameArg
-		accountName = accountNameArg
 		modelName = modelNameArg
 		return mockConn, nil
 	}
@@ -90,7 +83,7 @@
 	clock := &mockClock{wait: time.Microsecond}
 	// but tell it to wait five seconds
 	opener := modelcmd.NewTimeoutOpener(modelcmd.OpenFunc(open), clock, 5*time.Second)
-	conn, err := opener.Open(nil, "a-name", "b-name", "c-name")
+	conn, err := opener.Open(nil, "a-name", "b-name")
 	c.Assert(errors.Cause(err), gc.Equals, modelcmd.ErrConnTimedOut)
 	c.Assert(conn, gc.IsNil)
 	// check it was told to wait for 5 seconds
@@ -105,8 +98,7 @@
 		c.Error("API connection was not closed.")
 	}
 	c.Assert(controllerName, gc.Equals, "a-name")
-	c.Assert(accountName, gc.Equals, "b-name")
-	c.Assert(modelName, gc.Equals, "c-name")
+	c.Assert(modelName, gc.Equals, "b-name")
 }
 
 // mockConnection will panic if anything but close is called.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/base.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/base.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/base.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/base.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,16 +4,19 @@
 package modelcmd
 
 import (
+	"fmt"
 	"net/http"
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/modelmanager"
+	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
@@ -43,9 +46,10 @@
 // an API connection.
 type JujuCommandBase struct {
 	cmd.CommandBase
-	cmdContext *cmd.Context
-	apiContext *APIContext
-	modelApi   ModelAPI
+	cmdContext  *cmd.Context
+	apiContext  *APIContext
+	modelApi    ModelAPI
+	apiOpenFunc api.OpenFunc
 }
 
 // closeContext closes the command's API context
@@ -63,11 +67,16 @@
 	c.modelApi = api
 }
 
-func (c *JujuCommandBase) modelAPI(store jujuclient.ClientStore, controllerName, accountName string) (ModelAPI, error) {
+// SetAPIOpen sets the function used for opening an API connection.
+func (c *JujuCommandBase) SetAPIOpen(apiOpen api.OpenFunc) {
+	c.apiOpenFunc = apiOpen
+}
+
+func (c *JujuCommandBase) modelAPI(store jujuclient.ClientStore, controllerName string) (ModelAPI, error) {
 	if c.modelApi != nil {
 		return c.modelApi, nil
 	}
-	conn, err := c.NewAPIRoot(store, controllerName, accountName, "")
+	conn, err := c.NewAPIRoot(store, controllerName, "")
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -79,10 +88,25 @@
 // model or controller.
 func (c *JujuCommandBase) NewAPIRoot(
 	store jujuclient.ClientStore,
-	controllerName, accountName, modelName string,
+	controllerName, modelName string,
 ) (api.Connection, error) {
+	accountDetails, err := store.AccountDetails(controllerName)
+	if err != nil && !errors.IsNotFound(err) {
+		return nil, errors.Trace(err)
+	}
+	// If there are no account details or there's no logged-in
+	// user or the user is external, then trigger macaroon authentication
+	// by using an empty AccountDetails.
+	if accountDetails == nil || accountDetails.User == "" {
+		accountDetails = &jujuclient.AccountDetails{}
+	} else {
+		u := names.NewUserTag(accountDetails.User)
+		if !u.IsLocal() {
+			accountDetails = &jujuclient.AccountDetails{}
+		}
+	}
 	params, err := c.NewAPIConnectionParams(
-		store, controllerName, accountName, modelName,
+		store, controllerName, modelName, accountDetails,
 	)
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -96,12 +120,17 @@
 // the same arguments.
 func (c *JujuCommandBase) NewAPIConnectionParams(
 	store jujuclient.ClientStore,
-	controllerName, accountName, modelName string,
+	controllerName, modelName string,
+	accountDetails *jujuclient.AccountDetails,
 ) (juju.NewAPIConnectionParams, error) {
 	if err := c.initAPIContext(); err != nil {
 		return juju.NewAPIConnectionParams{}, errors.Trace(err)
 	}
-	return newAPIConnectionParams(store, controllerName, accountName, modelName, c.apiContext.BakeryClient)
+	return newAPIConnectionParams(
+		store, controllerName, modelName,
+		accountDetails, c.apiContext.BakeryClient,
+		c.apiOpen,
+	)
 }
 
 // HTTPClient returns an http.Client that contains the loaded
@@ -136,17 +165,17 @@
 
 // RefreshModels refreshes the local models cache for the current user
 // on the specified controller.
-func (c *JujuCommandBase) RefreshModels(store jujuclient.ClientStore, controllerName, accountName string) error {
-	accountDetails, err := store.AccountByName(controllerName, accountName)
+func (c *JujuCommandBase) RefreshModels(store jujuclient.ClientStore, controllerName string) error {
+	modelManager, err := c.modelAPI(store, controllerName)
 	if err != nil {
 		return errors.Trace(err)
 	}
+	defer modelManager.Close()
 
-	modelManager, err := c.modelAPI(store, controllerName, accountName)
+	accountDetails, err := store.AccountDetails(controllerName)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	defer modelManager.Close()
 
 	models, err := modelManager.ListModels(accountDetails.User)
 	if err != nil {
@@ -154,7 +183,7 @@
 	}
 	for _, model := range models {
 		modelDetails := jujuclient.ModelDetails{model.UUID}
-		if err := store.UpdateModel(controllerName, accountName, model.Name, modelDetails); err != nil {
+		if err := store.UpdateModel(controllerName, model.Name, modelDetails); err != nil {
 			return errors.Trace(err)
 		}
 	}
@@ -183,6 +212,9 @@
 // apiOpen establishes a connection to the API server using the
 // the give api.Info and api.DialOpts.
 func (c *JujuCommandBase) apiOpen(info *api.Info, opts api.DialOpts) (api.Connection, error) {
+	if c.apiOpenFunc != nil {
+		return c.apiOpenFunc(info, opts)
+	}
 	return api.Open(info, opts)
 }
 
@@ -218,24 +250,17 @@
 func newAPIConnectionParams(
 	store jujuclient.ClientStore,
 	controllerName,
-	accountName,
 	modelName string,
+	accountDetails *jujuclient.AccountDetails,
 	bakery *httpbakery.Client,
+	apiOpen api.OpenFunc,
 ) (juju.NewAPIConnectionParams, error) {
 	if controllerName == "" {
 		return juju.NewAPIConnectionParams{}, errors.Trace(errNoNameSpecified)
 	}
-	var accountDetails *jujuclient.AccountDetails
-	if accountName != "" {
-		var err error
-		accountDetails, err = store.AccountByName(controllerName, accountName)
-		if err != nil {
-			return juju.NewAPIConnectionParams{}, errors.Trace(err)
-		}
-	}
 	var modelUUID string
 	if modelName != "" {
-		modelDetails, err := store.ModelByName(controllerName, accountName, modelName)
+		modelDetails, err := store.ModelByName(controllerName, modelName)
 		if err != nil {
 			return juju.NewAPIConnectionParams{}, errors.Trace(err)
 		}
@@ -243,13 +268,40 @@
 	}
 	dialOpts := api.DefaultDialOpts()
 	dialOpts.BakeryClient = bakery
+
+	openAPI := func(info *api.Info, opts api.DialOpts) (api.Connection, error) {
+		conn, err := apiOpen(info, opts)
+		if err != nil {
+			userTag, ok := info.Tag.(names.UserTag)
+			if ok && userTag.IsLocal() && params.IsCodeLoginExpired(err) {
+				// This is a bit gross, but we don't seem to have
+				// a way of having an error with a cause that does
+				// not influence the error message. We want to keep
+				// the type/code so we don't lose the fact that the
+				// error was caused by an API login expiry.
+				return nil, &params.Error{
+					Code: params.CodeLoginExpired,
+					Message: fmt.Sprintf(`login expired
+
+Your login for the %q controller has expired.
+To log back in, run the following command:
+
+    juju login %v
+`, controllerName, userTag.Name()),
+				}
+			}
+			return nil, err
+		}
+		return conn, nil
+	}
+
 	return juju.NewAPIConnectionParams{
-		Store:           store,
-		ControllerName:  controllerName,
-		BootstrapConfig: NewGetBootstrapConfigFunc(store),
-		AccountDetails:  accountDetails,
-		ModelUUID:       modelUUID,
-		DialOpts:        dialOpts,
+		Store:          store,
+		ControllerName: controllerName,
+		AccountDetails: accountDetails,
+		ModelUUID:      modelUUID,
+		DialOpts:       dialOpts,
+		OpenAPI:        openAPI,
 	}, nil
 }
 
@@ -259,22 +311,39 @@
 	return bootstrapConfigGetter{store}.getBootstrapConfig
 }
 
+// NewGetBootstrapConfigParamsFunc returns a function that, given a controller name,
+// returns the params needed to bootstrap a fresh copy of that controller in the given client store.
+func NewGetBootstrapConfigParamsFunc(store jujuclient.ClientStore) func(string) (*jujuclient.BootstrapConfig, *environs.BootstrapConfigParams, error) {
+	return bootstrapConfigGetter{store}.getBootstrapConfigParams
+}
+
 type bootstrapConfigGetter struct {
 	jujuclient.ClientStore
 }
 
 func (g bootstrapConfigGetter) getBootstrapConfig(controllerName string) (*config.Config, error) {
-	controllerName, err := ResolveControllerName(g.ClientStore, controllerName)
+	_, params, err := g.getBootstrapConfigParams(controllerName)
 	if err != nil {
-		return nil, errors.Annotate(err, "resolving controller name")
+		return nil, errors.Trace(err)
+	}
+	provider, err := environs.Provider(params.Config.Type())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return provider.BootstrapConfig(*params)
+}
+
+func (g bootstrapConfigGetter) getBootstrapConfigParams(controllerName string) (*jujuclient.BootstrapConfig, *environs.BootstrapConfigParams, error) {
+	if _, err := g.ClientStore.ControllerByName(controllerName); err != nil {
+		return nil, nil, errors.Annotate(err, "resolving controller name")
 	}
 	bootstrapConfig, err := g.BootstrapConfigForController(controllerName)
 	if err != nil {
-		return nil, errors.Annotate(err, "getting bootstrap config")
+		return nil, nil, errors.Annotate(err, "getting bootstrap config")
 	}
 	cloudType, ok := bootstrapConfig.Config["type"].(string)
 	if !ok {
-		return nil, errors.NotFoundf("cloud type in bootstrap config")
+		return nil, nil, errors.NotFoundf("cloud type in bootstrap config")
 	}
 
 	var credential *cloud.Credential
@@ -287,7 +356,7 @@
 			cloudType,
 		)
 		if err != nil {
-			return nil, errors.Trace(err)
+			return nil, nil, errors.Trace(err)
 		}
 	} else {
 		// The credential was auto-detected; run auto-detection again.
@@ -295,7 +364,7 @@
 			bootstrapConfig.Cloud, cloudType,
 		)
 		if err != nil {
-			return nil, errors.Trace(err)
+			return nil, nil, errors.Trace(err)
 		}
 		// DetectCredential ensures that there is only one credential
 		// to choose from. It's still in a map, though, hence for..range.
@@ -307,24 +376,27 @@
 	// Add attributes from the controller details.
 	controllerDetails, err := g.ControllerByName(controllerName)
 	if err != nil {
-		return nil, errors.Trace(err)
+		return nil, nil, errors.Trace(err)
 	}
-	bootstrapConfig.Config[config.CACertKey] = controllerDetails.CACert
 	bootstrapConfig.Config[config.UUIDKey] = controllerDetails.ControllerUUID
-	bootstrapConfig.Config[config.ControllerUUIDKey] = controllerDetails.ControllerUUID
 
 	cfg, err := config.New(config.UseDefaults, bootstrapConfig.Config)
 	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	provider, err := environs.Provider(cfg.Type())
-	if err != nil {
-		return nil, errors.Trace(err)
+		return nil, nil, errors.Trace(err)
 	}
-	return provider.BootstrapConfig(environs.BootstrapConfigParams{
-		cfg, *credential,
-		bootstrapConfig.CloudRegion,
-		bootstrapConfig.CloudEndpoint,
-		bootstrapConfig.CloudStorageEndpoint,
-	})
+	return &jujuclient.BootstrapConfig{
+			Credential:           bootstrapConfig.Credential,
+			Cloud:                bootstrapConfig.Cloud,
+			CloudRegion:          bootstrapConfig.CloudRegion,
+			Config:               bootstrapConfig.Config,
+			CloudEndpoint:        bootstrapConfig.CloudEndpoint,
+			CloudStorageEndpoint: bootstrapConfig.CloudStorageEndpoint,
+		},
+		&environs.BootstrapConfigParams{
+			controllerDetails.ControllerUUID,
+			cfg, *credential,
+			bootstrapConfig.CloudRegion,
+			bootstrapConfig.CloudEndpoint,
+			bootstrapConfig.CloudStorageEndpoint,
+		}, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/base_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,53 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package modelcmd_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/jujuclient"
+	"github.com/juju/juju/jujuclient/jujuclienttesting"
+	"github.com/juju/juju/testing"
+)
+
+type BaseCommandSuite struct {
+	testing.FakeJujuXDGDataHomeSuite
+	store *jujuclienttesting.MemStore
+}
+
+var _ = gc.Suite(&BaseCommandSuite{})
+
+func (s *BaseCommandSuite) SetUpTest(c *gc.C) {
+	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
+	//s.PatchEnvironment("JUJU_CLI_VERSION", "")
+
+	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "foo"
+	s.store.Controllers["foo"] = jujuclient.ControllerDetails{
+		APIEndpoints: []string{"testing.invalid:1234"},
+	}
+	s.store.Accounts["foo"] = jujuclient.AccountDetails{
+		User: "bar@local", Password: "hunter2",
+	}
+}
+
+func (s *BaseCommandSuite) TestLoginExpiry(c *gc.C) {
+	apiOpen := func(*api.Info, api.DialOpts) (api.Connection, error) {
+		return nil, &params.Error{Code: params.CodeLoginExpired, Message: "meep"}
+	}
+	var cmd modelcmd.JujuCommandBase
+	cmd.SetAPIOpen(apiOpen)
+	conn, err := cmd.NewAPIRoot(s.store, "foo", "")
+	c.Assert(conn, gc.IsNil)
+	c.Assert(err, gc.ErrorMatches, `login expired
+
+Your login for the "foo" controller has expired.
+To log back in, run the following command:
+
+    juju login bar
+`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/controller.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/controller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/controller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/controller.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,20 +16,23 @@
 )
 
 var (
-	// ErrNoControllerSpecified is returned by commands that operate on
+	// ErrNoControllersDefined is returned by commands that operate on
 	// a controller if there is no current controller, no controller has been
 	// explicitly specified, and there is no default controller.
-	ErrNoControllerSpecified = errors.New(`no controller specified
+	ErrNoControllersDefined = errors.New(`no controller
 
-There is no current controller. Please use "juju switch" to
-set the current controller/model, or create a new controller
-using "juju bootstrap".
+Please either create your own new controller using "juju bootstrap" or
+connect to another controller that you have been given access to using "juju register".
 `)
+	// ErrNotLoggedInToController is returned by commands that operate on
+	// a controller if there is no current controller, no controller has been
+	// explicitly specified, and there is no default controller but there are
+	// controllers that client knows about, i.e. the user needs to log in to one of them.
+	ErrNotLoggedInToController = errors.New(`not logged in
 
-	// ErrNoAccountSpecified is returned by commands that operate on a
-	// controller if there is no current account associated with the
-	// controller.
-	ErrNoAccountSpecified = errors.New("no account specified")
+Please use "juju controllers" to view all controllers available to you. 
+You can login into an existing controller using "juju login -c <controller>".
+`)
 )
 
 // ControllerCommand is intended to be a base for all commands
@@ -68,7 +71,6 @@
 
 	store          jujuclient.ClientStore
 	controllerName string
-	accountName    string
 
 	// opener is the strategy used to open the API connection.
 	opener APIOpener
@@ -86,18 +88,10 @@
 
 // SetControllerName implements the ControllerCommand interface.
 func (c *ControllerCommandBase) SetControllerName(controllerName string) error {
-	actualControllerName, err := ResolveControllerName(c.ClientStore(), controllerName)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	controllerName = actualControllerName
-
-	accountName, err := c.store.CurrentAccount(controllerName)
-	if err != nil && !errors.IsNotFound(err) {
+	if _, err := c.ClientStore().ControllerByName(controllerName); err != nil {
 		return errors.Trace(err)
 	}
 	c.controllerName = controllerName
-	c.accountName = accountName
 	return nil
 }
 
@@ -106,11 +100,6 @@
 	return c.controllerName
 }
 
-// AccountName implements the ControllerCommand interface.
-func (c *ControllerCommandBase) AccountName() string {
-	return c.accountName
-}
-
 // SetAPIOpener specifies the strategy used by the command to open
 // the API connection.
 func (c *ControllerCommandBase) SetAPIOpener(opener APIOpener) {
@@ -152,16 +141,20 @@
 // through this API connection.
 func (c *ControllerCommandBase) NewAPIRoot() (api.Connection, error) {
 	if c.controllerName == "" {
-		return nil, errors.Trace(ErrNoControllerSpecified)
-	}
-	if c.accountName == "" {
-		return nil, errors.Trace(ErrNoAccountSpecified)
+		controllers, err := c.store.AllControllers()
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		if len(controllers) == 0 {
+			return nil, errors.Trace(ErrNoControllersDefined)
+		}
+		return nil, errors.Trace(ErrNotLoggedInToController)
 	}
 	opener := c.opener
 	if opener == nil {
 		opener = OpenFunc(c.JujuCommandBase.NewAPIRoot)
 	}
-	return opener.Open(c.store, c.controllerName, c.accountName, "")
+	return opener.Open(c.store, c.controllerName, "")
 }
 
 // ModelUUIDs returns the model UUIDs for the given model names.
@@ -169,16 +162,15 @@
 	var result []string
 	store := c.ClientStore()
 	controllerName := c.ControllerName()
-	accountName := c.AccountName()
 	for _, modelName := range modelNames {
-		model, err := store.ModelByName(controllerName, accountName, modelName)
+		model, err := store.ModelByName(controllerName, modelName)
 		if errors.IsNotFound(err) {
 			// The model isn't known locally, so query the models available in the controller.
 			logger.Infof("model %q not cached locally, refreshing models from controller", modelName)
-			if err := c.RefreshModels(store, controllerName, accountName); err != nil {
+			if err := c.RefreshModels(store, controllerName); err != nil {
 				return nil, errors.Annotatef(err, "refreshing model %q", modelName)
 			}
-			model, err = store.ModelByName(controllerName, accountName, modelName)
+			model, err = store.ModelByName(controllerName, modelName)
 		}
 		if err != nil {
 			return nil, errors.Annotatef(err, "model %q not found", modelName)
@@ -242,15 +234,6 @@
 	w.ControllerCommand.SetFlags(f)
 }
 
-func (w *sysCommandWrapper) getDefaultControllerName() (string, error) {
-	if currentController, err := ReadCurrentController(); err != nil {
-		return "", errors.Trace(err)
-	} else if currentController != "" {
-		return currentController, nil
-	}
-	return "", errors.Trace(ErrNoControllerSpecified)
-}
-
 // Init implements Command.Init, then calls the wrapped command's Init.
 func (w *sysCommandWrapper) Init(args []string) error {
 	store := w.ClientStore()
@@ -260,14 +243,17 @@
 	}
 	if w.setFlags {
 		if w.controllerName == "" && w.useDefaultControllerName {
-			name, err := w.getDefaultControllerName()
+			currentController, err := store.CurrentController()
+			if errors.IsNotFound(err) {
+				return ErrNoControllersDefined
+			}
 			if err != nil {
 				return errors.Trace(err)
 			}
-			w.controllerName = name
+			w.controllerName = currentController
 		}
 		if w.controllerName == "" && !w.useDefaultControllerName {
-			return ErrNoControllerSpecified
+			return ErrNoControllersDefined
 		}
 	}
 	if w.controllerName != "" {
@@ -277,26 +263,3 @@
 	}
 	return w.ControllerCommand.Init(args)
 }
-
-// ResolveControllerName returns the canonical name of a controller given
-// an unambiguous identifier for that controller.
-// Locally created controllers (i.e. those whose names begin with "local.")
-// may be identified with or without the "local." prefix if there exists no
-// other controller in the store with the same unprefixed name.
-func ResolveControllerName(store jujuclient.ControllerStore, controllerName string) (string, error) {
-	_, err := store.ControllerByName(controllerName)
-	if err == nil {
-		return controllerName, nil
-	}
-	if !errors.IsNotFound(err) {
-		return "", err
-	}
-	var secondErr error
-	localName := "local." + controllerName
-	_, secondErr = store.ControllerByName(localName)
-	// If fallback name not found, return the original error.
-	if errors.IsNotFound(secondErr) {
-		return "", err
-	}
-	return localName, secondErr
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/controller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/controller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/controller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/controller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,6 @@
 import (
 	"github.com/juju/cmd"
 	"github.com/juju/cmd/cmdtesting"
-	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -24,16 +23,14 @@
 
 func (s *ControllerCommandSuite) TestControllerCommandNoneSpecified(c *gc.C) {
 	_, err := initTestControllerCommand(c, nil)
-	c.Assert(err, gc.ErrorMatches, "no controller specified(.|\n)*")
+	c.Assert(err, gc.ErrorMatches, "no controller(.|\n)*")
 }
 
-func (s *ControllerCommandSuite) TestControllerCommandInitSystemFile(c *gc.C) {
-	// If there is a current-controller file, use that.
-	err := modelcmd.WriteCurrentController("foo")
-	c.Assert(err, jc.ErrorIsNil)
+func (s *ControllerCommandSuite) TestControllerCommandInitCurrentController(c *gc.C) {
 	store := jujuclienttesting.NewMemStore()
-	store.Accounts["foo"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "bar@baz",
+	store.CurrentControllerName = "foo"
+	store.Accounts["foo"] = jujuclient.AccountDetails{
+		User: "bar@local",
 	}
 	store.Controllers["foo"] = jujuclient.ControllerDetails{}
 	testEnsureControllerName(c, store, "foo")
@@ -42,11 +39,10 @@
 func (s *ControllerCommandSuite) TestControllerCommandInitExplicit(c *gc.C) {
 	// Take controller name from command line arg, and it trumps the current-
 	// controller file.
-	err := modelcmd.WriteCurrentController("foo")
-	c.Assert(err, jc.ErrorIsNil)
 	store := jujuclienttesting.NewMemStore()
-	store.Accounts["explicit"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "bar@baz",
+	store.CurrentControllerName = "foo"
+	store.Accounts["explicit"] = jujuclient.AccountDetails{
+		User: "bar@local",
 	}
 	store.Controllers["explicit"] = jujuclient.ControllerDetails{}
 	testEnsureControllerName(c, store, "explicit", "-c", "explicit")
@@ -84,52 +80,3 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(cmd.ControllerName(), gc.Equals, expect)
 }
-
-type ControllerSuite struct {
-	store jujuclient.ControllerStore
-}
-
-var _ = gc.Suite(&ControllerSuite{})
-
-func (s *ControllerSuite) SetUpTest(c *gc.C) {
-	controller := jujuclient.ControllerDetails{ControllerUUID: "controller-uuid"}
-	anothercontroller := jujuclient.ControllerDetails{ControllerUUID: "another-uuid"}
-	s.store = &jujuclienttesting.MemStore{
-		Controllers: map[string]jujuclient.ControllerDetails{
-			"local.controller":        controller,
-			"anothercontroller":       anothercontroller,
-			"local.anothercontroller": jujuclient.ControllerDetails{},
-		},
-	}
-}
-
-func (s *ControllerSuite) TestLocalNameFound(c *gc.C) {
-	name, err := modelcmd.ResolveControllerName(s.store, "local.controller")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(name, gc.DeepEquals, "local.controller")
-}
-
-func (s *ControllerSuite) TestLocalNameFallback(c *gc.C) {
-	name, err := modelcmd.ResolveControllerName(s.store, "controller")
-	c.Assert(name, gc.DeepEquals, "local.controller")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ControllerSuite) TestNonLocalController(c *gc.C) {
-	name, err := modelcmd.ResolveControllerName(s.store, "anothercontroller")
-	c.Assert(name, gc.DeepEquals, "anothercontroller")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ControllerSuite) TestOnlyLocalController(c *gc.C) {
-	name, err := modelcmd.ResolveControllerName(s.store, "local.anothercontroller")
-	c.Assert(name, gc.DeepEquals, "local.anothercontroller")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ControllerSuite) TestNotFound(c *gc.C) {
-	_, err := modelcmd.ResolveControllerName(s.store, "foo")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	// We should report on the passed in controller name.
-	c.Assert(err, gc.ErrorMatches, ".* foo .*")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,17 +5,12 @@
 
 import "github.com/juju/juju/jujuclient"
 
-var (
-	GetCurrentControllerFilePath = getCurrentControllerFilePath
-)
-
 // NewModelCommandBase returns a new ModelCommandBase with the given client
 // store, controller name, and model name.
-func NewModelCommandBase(store jujuclient.ClientStore, controller, account, model string) *ModelCommandBase {
+func NewModelCommandBase(store jujuclient.ClientStore, controller, model string) *ModelCommandBase {
 	return &ModelCommandBase{
 		store:          store,
 		controllerName: controller,
-		accountName:    account,
 		modelName:      model,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/files.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/files.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/files.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/files.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,90 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package modelcmd
-
-import (
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strings"
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/utils/fslock"
-
-	"github.com/juju/juju/juju/osenv"
-)
-
-const (
-	CurrentControllerFilename = "current-controller"
-
-	lockName = "current.lock"
-)
-
-var (
-	// 5 seconds should be way more than enough to write or read any files
-	// even on heavily loaded controllers.
-	lockTimeout = 5 * time.Second
-)
-
-// NOTE: synchronisation across functions in this file.
-//
-// Each of the read and write functions use a fslock to synchronise calls
-// across both the current executable and across different executables.
-
-func getCurrentControllerFilePath() string {
-	return filepath.Join(osenv.JujuXDGDataHome(), CurrentControllerFilename)
-}
-
-// ReadCurrentController reads the file $JUJU_DATA/current-controller and
-// return the value stored there. If the file doesn't exist an empty string is
-// returned and no error.
-func ReadCurrentController() (string, error) {
-	lock, err := acquireEnvironmentLock("read current-controller")
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	defer lock.Unlock()
-
-	current, err := ioutil.ReadFile(getCurrentControllerFilePath())
-	if err != nil {
-		if os.IsNotExist(err) {
-			return "", nil
-		}
-		return "", errors.Trace(err)
-	}
-	return strings.TrimSpace(string(current)), nil
-}
-
-// WriteCurrentController writes the controllerName to the file
-// $JUJU_DATA/current-controller file.
-func WriteCurrentController(controllerName string) error {
-	lock, err := acquireEnvironmentLock("write current-controller")
-	if err != nil {
-		return errors.Trace(err)
-	}
-	defer lock.Unlock()
-
-	path := getCurrentControllerFilePath()
-	err = ioutil.WriteFile(path, []byte(controllerName+"\n"), 0644)
-	if err != nil {
-		return errors.Errorf("unable to write to the controller file: %q, %s", path, err)
-	}
-	return nil
-}
-
-func acquireEnvironmentLock(operation string) (*fslock.Lock, error) {
-	// NOTE: any reading or writing from the directory should be done with a
-	// fslock to make sure we have a consistent read or write.  Also worth
-	// noting, we should use a very short timeout.
-	lock, err := fslock.NewLock(osenv.JujuXDGDataHome(), lockName, fslock.Defaults())
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	err = lock.LockWithTimeout(lockTimeout, operation)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return lock, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/files_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/files_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/files_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/files_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,60 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package modelcmd_test
-
-import (
-	"io/ioutil"
-	"os"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/juju/testing"
-)
-
-type filesSuite struct {
-	testing.FakeJujuXDGDataHomeSuite
-}
-
-var _ = gc.Suite(&filesSuite{})
-
-func (s *filesSuite) assertCurrentController(c *gc.C, controllerName string) {
-	current, err := modelcmd.ReadCurrentController()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(current, gc.Equals, controllerName)
-}
-
-func (s *filesSuite) TestReadCurrentControllerUnset(c *gc.C) {
-	s.assertCurrentController(c, "")
-}
-
-func (s *filesSuite) TestReadCurrentControllerSet(c *gc.C) {
-	err := modelcmd.WriteCurrentController("fubar")
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertCurrentController(c, "fubar")
-}
-
-func (s *filesSuite) TestWriteControllerAddsNewline(c *gc.C) {
-	err := modelcmd.WriteCurrentController("fubar")
-	c.Assert(err, jc.ErrorIsNil)
-	current, err := ioutil.ReadFile(modelcmd.GetCurrentControllerFilePath())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(string(current), gc.Equals, "fubar\n")
-}
-
-func (*filesSuite) TestErrorWritingCurrentController(c *gc.C) {
-	// Can't write a file over a directory.
-	os.MkdirAll(modelcmd.GetCurrentControllerFilePath(), 0777)
-	err := modelcmd.WriteCurrentController("fubar")
-	c.Assert(err, gc.ErrorMatches, "unable to write to the controller file: .*")
-}
-
-func (s *filesSuite) TestWriteCurrentControllerExistingController(c *gc.C) {
-	err := modelcmd.WriteCurrentController("fubar")
-	c.Assert(err, jc.ErrorIsNil)
-	err = modelcmd.WriteCurrentController("new-sys")
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertCurrentController(c, "new-sys")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/modelcommand.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/modelcommand.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/modelcommand.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/modelcommand.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,49 +24,45 @@
 // ErrNoModelSpecified is returned by commands that operate on
 // an environment if there is no current model, no model
 // has been explicitly specified, and there is no default model.
-var ErrNoModelSpecified = errors.New(`no model specified
+var ErrNoModelSpecified = errors.New(`no model in focus
 
-There is no current model specified for the current controller,
-and none specified on the command line. Please use "juju switch"
-to set the current model, or specify a model on the command line
-using the "-m" flag.
+Please use "juju models" to see models available to you.
+You can set current model by running "juju switch"
+or specify any other model on the command line using the "-m" flag.
 `)
 
 // GetCurrentModel returns the name of the current Juju model.
 //
 // If $JUJU_MODEL is set, use that. Otherwise, get the current
-// controller by reading $XDG_DATA_HOME/juju/current-controller,
-// and then identifying the current model for that controller
-// in models.yaml. If there is no current controller, or no
-// current model for that controller, then an empty string is
-// returned. It is not an error to have no default model.
+// controller from controllers.yaml, and then identify the current
+// model for that controller in models.yaml. If there is no current
+// controller, then an empty string is returned. It is not an error
+// to have no current model.
+//
+// If there is a current controller, but no current model for that
+// controller, then GetCurrentModel will return the string
+// "<controller>:". If there is a current model as well, it will
+// return "<controller>:<model>". Only when $JUJU_MODEL is set,
+// will the result possibly be unqualified.
 func GetCurrentModel(store jujuclient.ClientStore) (string, error) {
 	if model := os.Getenv(osenv.JujuModelEnvKey); model != "" {
 		return model, nil
 	}
 
-	currentController, err := ReadCurrentController()
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	if currentController == "" {
-		return "", nil
-	}
-
-	currentAccount, err := store.CurrentAccount(currentController)
+	currentController, err := store.CurrentController()
 	if errors.IsNotFound(err) {
 		return "", nil
 	} else if err != nil {
 		return "", errors.Trace(err)
 	}
 
-	currentModel, err := store.CurrentModel(currentController, currentAccount)
+	currentModel, err := store.CurrentModel(currentController)
 	if errors.IsNotFound(err) {
-		return "", nil
+		return currentController + ":", nil
 	} else if err != nil {
 		return "", errors.Trace(err)
 	}
-	return currentModel, nil
+	return JoinModelName(currentController, currentModel), nil
 }
 
 // ModelCommand extends cmd.Command with a SetModelName method.
@@ -115,7 +111,6 @@
 	store jujuclient.ClientStore
 
 	modelName      string
-	accountName    string
 	controllerName string
 
 	// opener is the strategy used to open the API connection.
@@ -136,27 +131,20 @@
 func (c *ModelCommandBase) SetModelName(modelName string) error {
 	controllerName, modelName := SplitModelName(modelName)
 	if controllerName == "" {
-		currentController, err := ReadCurrentController()
-		if err != nil {
-			return errors.Trace(err)
-		}
-		if currentController == "" {
+		currentController, err := c.store.CurrentController()
+		if errors.IsNotFound(err) {
 			return errors.Errorf("no current controller, and none specified")
+		} else if err != nil {
+			return errors.Trace(err)
 		}
 		controllerName = currentController
 	} else {
 		var err error
-		controllerName, err = ResolveControllerName(c.store, controllerName)
-		if err != nil {
+		if _, err = c.store.ControllerByName(controllerName); err != nil {
 			return errors.Trace(err)
 		}
 	}
-	accountName, err := c.store.CurrentAccount(controllerName)
-	if err != nil {
-		return errors.Trace(err)
-	}
 	c.controllerName = controllerName
-	c.accountName = accountName
 	c.modelName = modelName
 	return nil
 }
@@ -166,11 +154,6 @@
 	return c.modelName
 }
 
-// AccountName implements the ModelCommand interface.
-func (c *ModelCommandBase) AccountName() string {
-	return c.accountName
-}
-
 // ControllerName implements the ModelCommand interface.
 func (c *ModelCommandBase) ControllerName() string {
 	return c.controllerName
@@ -196,7 +179,14 @@
 	// We want to be able to specify the environment in a number of ways, one of
 	// which is the connection name on the client machine.
 	if c.controllerName == "" {
-		return nil, errors.Trace(ErrNoControllerSpecified)
+		controllers, err := c.store.AllControllers()
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		if len(controllers) == 0 {
+			return nil, errors.Trace(ErrNoControllersDefined)
+		}
+		return nil, errors.Trace(ErrNotLoggedInToController)
 	}
 	if c.modelName == "" {
 		return nil, errors.Trace(ErrNoModelSpecified)
@@ -205,18 +195,18 @@
 	if opener == nil {
 		opener = OpenFunc(c.JujuCommandBase.NewAPIRoot)
 	}
-	_, err := c.store.ModelByName(c.controllerName, c.accountName, c.modelName)
+	_, err := c.store.ModelByName(c.controllerName, c.modelName)
 	if err != nil {
 		if !errors.IsNotFound(err) {
 			return nil, errors.Trace(err)
 		}
 		// The model isn't known locally, so query the models
 		// available in the controller, and cache them locally.
-		if err := c.RefreshModels(c.store, c.controllerName, c.accountName); err != nil {
+		if err := c.RefreshModels(c.store, c.controllerName); err != nil {
 			return nil, errors.Annotate(err, "refreshing models")
 		}
 	}
-	return opener.Open(c.store, c.controllerName, c.accountName, c.modelName)
+	return opener.Open(c.store, c.controllerName, c.modelName)
 }
 
 // ConnectionName returns the name of the connection if there is one.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/modelcommand_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/modelcommand_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/modelcmd/modelcommand_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/modelcmd/modelcommand_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/cmd/cmdtesting"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/testing"
 	"github.com/juju/juju/cmd/modelcmd"
@@ -30,30 +30,18 @@
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
 	s.PatchEnvironment("JUJU_CLI_VERSION", "")
 
-	err := modelcmd.WriteCurrentController("foo")
-	c.Assert(err, jc.ErrorIsNil)
-
 	s.store = jujuclienttesting.NewMemStore()
-	s.store.Accounts["foo"] = &jujuclient.ControllerAccounts{
-		Accounts: map[string]jujuclient.AccountDetails{
-			"bar@baz": {User: "b@r", Password: "hunter2"},
-		},
-		CurrentAccount: "bar@baz",
+	s.store.CurrentControllerName = "foo"
+	s.store.Controllers["foo"] = jujuclient.ControllerDetails{}
+	s.store.Accounts["foo"] = jujuclient.AccountDetails{
+		User: "bar@local", Password: "hunter2",
 	}
 }
 
 var _ = gc.Suite(&ModelCommandSuite{})
 
 func (s *ModelCommandSuite) TestGetCurrentModelNothingSet(c *gc.C) {
-	err := modelcmd.WriteCurrentController("")
-	c.Assert(err, jc.ErrorIsNil)
-	env, err := modelcmd.GetCurrentModel(s.store)
-	c.Assert(env, gc.Equals, "")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ModelCommandSuite) TestGetCurrentModelCurrentControllerNoCurrentAccount(c *gc.C) {
-	delete(s.store.Accounts, "foo")
+	s.store.CurrentControllerName = ""
 	env, err := modelcmd.GetCurrentModel(s.store)
 	c.Assert(env, gc.Equals, "")
 	c.Assert(err, jc.ErrorIsNil)
@@ -61,19 +49,19 @@
 
 func (s *ModelCommandSuite) TestGetCurrentModelCurrentControllerNoCurrentModel(c *gc.C) {
 	env, err := modelcmd.GetCurrentModel(s.store)
-	c.Assert(env, gc.Equals, "")
+	c.Assert(env, gc.Equals, "foo:")
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *ModelCommandSuite) TestGetCurrentModelCurrentControllerAccountModel(c *gc.C) {
-	err := s.store.UpdateModel("foo", "bar@baz", "mymodel", jujuclient.ModelDetails{"uuid"})
+func (s *ModelCommandSuite) TestGetCurrentModelCurrentControllerModel(c *gc.C) {
+	err := s.store.UpdateModel("foo", "mymodel", jujuclient.ModelDetails{"uuid"})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.SetCurrentModel("foo", "bar@baz", "mymodel")
+	err = s.store.SetCurrentModel("foo", "mymodel")
 	c.Assert(err, jc.ErrorIsNil)
 
 	env, err := modelcmd.GetCurrentModel(s.store)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env, gc.Equals, "mymodel")
+	c.Assert(env, gc.Equals, "foo:mymodel")
 }
 
 func (s *ModelCommandSuite) TestGetCurrentModelJujuEnvSet(c *gc.C) {
@@ -86,9 +74,9 @@
 func (s *ModelCommandSuite) TestGetCurrentModelBothSet(c *gc.C) {
 	os.Setenv(osenv.JujuModelEnvKey, "magic")
 
-	err := s.store.UpdateModel("foo", "bar@baz", "mymodel", jujuclient.ModelDetails{"uuid"})
+	err := s.store.UpdateModel("foo", "mymodel", jujuclient.ModelDetails{"uuid"})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.SetCurrentModel("foo", "bar@baz", "mymodel")
+	err = s.store.SetCurrentModel("foo", "mymodel")
 	c.Assert(err, jc.ErrorIsNil)
 
 	env, err := modelcmd.GetCurrentModel(s.store)
@@ -107,9 +95,9 @@
 }
 
 func (s *ModelCommandSuite) TestModelCommandInitEnvFile(c *gc.C) {
-	err := s.store.UpdateModel("foo", "bar@baz", "mymodel", jujuclient.ModelDetails{"uuid"})
+	err := s.store.UpdateModel("foo", "mymodel", jujuclient.ModelDetails{"uuid"})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.SetCurrentModel("foo", "bar@baz", "mymodel")
+	err = s.store.SetCurrentModel("foo", "mymodel")
 	c.Assert(err, jc.ErrorIsNil)
 	s.testEnsureModelName(c, "mymodel")
 }
@@ -193,7 +181,6 @@
 	apitesting.MacaroonSuite
 	store          *jujuclienttesting.MemStore
 	controllerName string
-	accountName    string
 	modelName      string
 }
 
@@ -204,7 +191,6 @@
 	s.MacaroonSuite.AddModelUser(c, testUser)
 
 	s.controllerName = "my-controller"
-	s.accountName = "my@account"
 	s.modelName = "my-model"
 	modelTag := names.NewModelTag(s.State.ModelUUID())
 	apiInfo := s.APIInfo(c)
@@ -215,20 +201,13 @@
 		ControllerUUID: apiInfo.ModelTag.Id(),
 		CACert:         apiInfo.CACert,
 	}
-	s.store.Accounts[s.controllerName] = &jujuclient.ControllerAccounts{
-		Accounts: map[string]jujuclient.AccountDetails{
-			// Empty password forces use of macaroons.
-			s.accountName: {User: s.accountName},
-		},
-		CurrentAccount: s.accountName,
-	}
-	s.store.Models[s.controllerName] = jujuclient.ControllerAccountModels{
-		AccountModels: map[string]*jujuclient.AccountModels{
-			s.accountName: {
-				Models: map[string]jujuclient.ModelDetails{
-					s.modelName: {modelTag.Id()},
-				},
-			},
+	s.store.Accounts[s.controllerName] = jujuclient.AccountDetails{
+		// External user forces use of macaroons.
+		User: "me@external",
+	}
+	s.store.Models[s.controllerName] = &jujuclient.ControllerModels{
+		Models: map[string]jujuclient.ModelDetails{
+			s.modelName: {modelTag.Id()},
 		},
 	}
 }
@@ -238,7 +217,7 @@
 		return testUser
 	}
 
-	cmd := modelcmd.NewModelCommandBase(s.store, s.controllerName, s.accountName, s.modelName)
+	cmd := modelcmd.NewModelCommandBase(s.store, s.controllerName, s.modelName)
 	_, err := cmd.NewAPIRoot()
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -248,9 +227,9 @@
 		return ""
 	}
 
-	cmd := modelcmd.NewModelCommandBase(s.store, s.controllerName, s.accountName, s.modelName)
+	cmd := modelcmd.NewModelCommandBase(s.store, s.controllerName, s.modelName)
 	_, err := cmd.NewAPIRoot()
-	c.Assert(err, gc.ErrorMatches, "connecting with cached addresses: cannot get discharge.*")
+	c.Assert(err, gc.ErrorMatches, "cannot get discharge.*")
 }
 
 func (s *macaroonLoginSuite) TestsUnknownUserLogin(c *gc.C) {
@@ -258,7 +237,7 @@
 		return "testUnknown@nowhere"
 	}
 
-	cmd := modelcmd.NewModelCommandBase(s.store, s.controllerName, s.accountName, s.modelName)
+	cmd := modelcmd.NewModelCommandBase(s.store, s.controllerName, s.modelName)
 	_, err := cmd.NewAPIRoot()
-	c.Assert(err, gc.ErrorMatches, "connecting with cached addresses: invalid entity name or password \\(unauthorized access\\)")
+	c.Assert(err, gc.ErrorMatches, "invalid entity name or password \\(unauthorized access\\)")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/listimages_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/listimages_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/listimages_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/listimages_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,6 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/testing"
@@ -31,12 +30,11 @@
 func (s *BaseCloudImageMetadataSuite) setupBaseSuite(c *gc.C) {
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
 
-	err := modelcmd.WriteCurrentController("testing")
-	c.Assert(err, jc.ErrorIsNil)
 	s.store = jujuclienttesting.NewMemStore()
+	s.store.CurrentControllerName = "testing"
 	s.store.Controllers["testing"] = jujuclient.ControllerDetails{}
-	s.store.Accounts["testing"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	s.store.Accounts["testing"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,7 +16,7 @@
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/environs/storage"
 	envtools "github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/juju/osenv"
 	coretools "github.com/juju/juju/tools"
 )
@@ -147,7 +147,7 @@
 		dataSources[i] = simplestreams.NewURLSignedDataSource(
 			"local source",
 			url,
-			juju.JujuPublicKey,
+			keys.JujuPublicKey,
 			utils.VerifySSLHostnames,
 			simplestreams.CUSTOM_CLOUD_DATA,
 			false)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/toolsmetadata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,10 +20,11 @@
 
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/tools"
 	toolstesting "github.com/juju/juju/environs/tools/testing"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
@@ -53,13 +54,15 @@
 		"conroller":       true,
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		modelcmd.BootstrapContextNoVerify(coretesting.Context(c)),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: cfg.Name(),
-			BaseConfig:     cfg.AllAttrs(),
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: coretesting.FakeControllerConfig(),
+			ControllerName:   cfg.Name(),
+			BaseConfig:       cfg.AllAttrs(),
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -374,5 +377,5 @@
 	// we want to be able to try to read this signed data
 	// with public key with Juju-known public key for tools.
 	// Bugs #1542127, #1542131
-	c.Assert(ds[0].PublicSigningKey(), gc.DeepEquals, juju.JujuPublicKey)
+	c.Assert(ds[0].PublicSigningKey(), gc.DeepEquals, keys.JujuPublicKey)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/validateimagemetadata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/validateimagemetadata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-metadata/validateimagemetadata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-metadata/validateimagemetadata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -107,8 +107,8 @@
 		ControllerUUID: coretesting.ModelTag.Id(),
 		CACert:         coretesting.CACert,
 	}
-	store.Accounts["ec2-controller"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	store.Accounts["ec2-controller"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 	store.BootstrapConfig["ec2-controller"] = jujuclient.BootstrapConfig{
 		Config:      ec2Config.AllAttrs(),
@@ -134,8 +134,8 @@
 		ControllerUUID: coretesting.ModelTag.Id(),
 		CACert:         coretesting.CACert,
 	}
-	store.Accounts["azure-controller"] = &jujuclient.ControllerAccounts{
-		CurrentAccount: "admin@local",
+	store.Accounts["azure-controller"] = jujuclient.AccountDetails{
+		User: "admin@local",
 	}
 	store.BootstrapConfig["azure-controller"] = jujuclient.BootstrapConfig{
 		Config:               azureConfig.AllAttrs(),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-upgrade-mongo/upgrade.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-upgrade-mongo/upgrade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/plugins/juju-upgrade-mongo/upgrade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/plugins/juju-upgrade-mongo/upgrade.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,9 +15,9 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/api/highavailability"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/pprof/socket.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/pprof/socket.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/pprof/socket.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/pprof/socket.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,12 +16,18 @@
 
 var logger = loggo.GetLogger("juju.cmd.pprof")
 
-// Start starts a pprof server listening on a unix socket in /tmp.
-// The name of the file is derived from the name of the process, as
-// provided by os.Args[0], and the pid of the process.
-// Start returns a function which will stop the pprof server and clean
-// up the socket file.
-func Start() func() error {
+// Filename contains the filename to use for the pprof unix socket for this
+// process. The name is derived from the process name, as provided in
+// os.Args[0], and the process ID.
+var Filename = fmt.Sprintf(
+	"pprof.%s.%d",
+	filepath.Base(os.Args[0]),
+	os.Getpid(),
+)
+
+// Start starts a pprof server listening on a unix socket which will be
+// created at the specified path.
+func Start(path string) func() error {
 	if runtime.GOOS != "linux" {
 		logger.Infof("pprof debugging not supported on %q", runtime.GOOS)
 		return func() error { return nil }
@@ -37,7 +43,6 @@
 		Handler: mux,
 	}
 
-	path := socketpath()
 	addr, err := net.ResolveUnixAddr("unix", path)
 	if err != nil {
 		logger.Errorf("unable to resolve unix socket: %v", err)
@@ -62,11 +67,3 @@
 
 	return l.Close
 }
-
-// socketpath returns the path for this processes' pprof socket.
-func socketpath() string {
-	cmd := filepath.Base(os.Args[0])
-	name := fmt.Sprintf("pprof.%s.%d", cmd, os.Getpid())
-	path := filepath.Join(os.TempDir(), name)
-	return path
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/pprof/socket_test.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/pprof/socket_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/pprof/socket_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/pprof/socket_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,54 +31,46 @@
 	gc.TestingT(t)
 }
 
-func (s *suite) TestSocketpath(c *gc.C) {
-	got := socketpath()
-	want := filepath.Join(os.TempDir(), fmt.Sprintf("pprof.pprof.test.%d", os.Getpid()))
+func (s *suite) TestFilename(c *gc.C) {
+	got := Filename
+	want := fmt.Sprintf("pprof.pprof.test.%d", os.Getpid())
 	c.Assert(got, gc.Equals, want)
 }
 
-func (s *suite) TestSocketPathIsUnixAddr(c *gc.C) {
-	path := socketpath()
-	addr, err := net.ResolveUnixAddr("unix", path)
-	c.Assert(err, gc.IsNil)
-	c.Assert(addr.Name, gc.Equals, path)
-	c.Assert(addr.Net, gc.Equals, "unix")
-}
-
 func (s *suite) TestPprofStartReturnsNonNilShutdownFn(c *gc.C) {
-	stop := Start()
+	stop := Start(filepath.Join(c.MkDir(), Filename))
 	c.Assert(stop, gc.NotNil)
-	defer stop()
+	c.Assert(stop(), jc.ErrorIsNil)
 }
 
 func (s *suite) TestPprofStart(c *gc.C) {
-	path := socketpath()
+	path := filepath.Join(c.MkDir(), Filename)
 	_, err := os.Stat(path)
 	c.Assert(os.IsNotExist(err), jc.IsTrue)
 
-	stop := Start()
+	stop := Start(path)
 	_, err = os.Stat(path)
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 
 	err = stop()
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 	_, err = os.Stat(path)
 	c.Assert(os.IsNotExist(err), jc.IsTrue)
 }
 
 func (s *suite) TestPprofStartWithExistingSocketFile(c *gc.C) {
-	path := socketpath()
+	path := filepath.Join(c.MkDir(), Filename)
 	w, err := os.Create(path)
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 
 	w.Write([]byte("not a socket"))
 	err = w.Close() // can ignore error from w.Write
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 
-	stop := Start()
+	stop := Start(path)
 	defer stop()
 	fi, err := os.Stat(path)
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(fi.Mode()&os.ModeSocket != 0, jc.IsTrue)
 }
 
@@ -90,24 +82,25 @@
 var _ = gc.Suite(&pprofSuite{})
 
 func (s *pprofSuite) SetUpSuite(c *gc.C) {
-	s.stop = Start()
-	s.path = socketpath()
+	s.path = filepath.Join(c.MkDir(), Filename)
+	s.stop = Start(s.path)
 }
 
 func (s *pprofSuite) TearDownSuite(c *gc.C) {
-	s.stop()
+	err := s.stop()
+	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *pprofSuite) call(c *gc.C, url string) []byte {
 	conn, err := net.Dial("unix", s.path)
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 	defer conn.Close()
 
 	_, err = fmt.Fprintf(conn, "GET %s HTTP/1.0\r\n\r\n", url)
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 
 	buf, err := ioutil.ReadAll(conn)
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 	return buf
 }
 
@@ -128,7 +121,7 @@
 // contain some HTTP preamble that should be ignored.
 func matches(c *gc.C, b []byte, regex string) {
 	re, err := regexp.Compile(regex)
-	c.Assert(err, gc.IsNil)
+	c.Assert(err, jc.ErrorIsNil)
 	r := bytes.NewReader(b)
 	sc := bufio.NewScanner(r)
 	for sc.Scan() {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/service/service_handler.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/service/service_handler.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/service/service_handler.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/service/service_handler.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 
 // SystemService type that is responsible for managing the life-cycle of the service
 type SystemService struct {
-	// Name the label for the service. It is not used for any useful operation
+	// Name the label for the application. It is not used for any useful operation
 	// by the service handler.
 	Name string
 	// Cmd is the function the service handler will run as a service.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/supercommand.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/supercommand.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/supercommand.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/supercommand.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2012 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package cmd
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/cmd/testing/testing.go juju-core-2.0~beta12/src/github.com/juju/juju/cmd/testing/testing.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/cmd/testing/testing.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/cmd/testing/testing.go	2016-07-18 19:45:44.000000000 +0000
@@ -69,17 +69,21 @@
 	opc = make(chan dummy.Operation, 200)
 	dummy.Listen(opc)
 	go func() {
-		// signal that we're done with this ops channel.
-		defer dummy.Listen(nil)
+		defer func() {
+			// signal that we're done with this ops channel.
+			dummy.Listen(nil)
+			// now that dummy is no longer going to send ops on
+			// this channel, close it to signal to test cases
+			// that we are done.
+			close(opc)
+		}()
 
-		err := coretesting.InitCommand(com, args)
-		if err != nil {
+		if err := coretesting.InitCommand(com, args); err != nil {
 			errc <- err
 			return
 		}
 
-		err = com.Run(ctx)
-		errc <- err
+		errc <- com.Run(ctx)
 	}()
 	return
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/component/all/payload.go juju-core-2.0~beta12/src/github.com/juju/juju/component/all/payload.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/component/all/payload.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/component/all/payload.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,6 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 
-	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/cmd/juju/commands"
@@ -28,16 +27,14 @@
 	"github.com/juju/juju/worker/uniter/runner/jujuc"
 )
 
-const payloadsHookContextFacade = payload.ComponentName + "-hook-context"
+const payloadsHookContextFacade = "PayloadsHookContext"
 
 type payloads struct{}
 
 func (c payloads) registerForServer() error {
 	c.registerState()
 	c.registerPublicFacade()
-
 	c.registerHookContext()
-
 	return nil
 }
 
@@ -59,13 +56,13 @@
 		return
 	}
 
+	// NOTE: facade is also defined in api/facadeversions.go.
 	const version = 1
 	common.RegisterStandardFacade(
-		payload.ComponentName,
+		payload.FacadeName,
 		version,
 		c.newPublicFacade,
 	)
-	api.RegisterFacadeVersion(payload.ComponentName, version)
 }
 
 type facadeCaller struct {
@@ -82,7 +79,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	caller := base.NewFacadeCallerForVersion(apiCaller, payload.ComponentName, 1)
+	caller := base.NewFacadeCallerForVersion(apiCaller, payload.FacadeName, 1)
 
 	listAPI := client.NewPublicClient(&facadeCaller{
 		FacadeCaller: caller,
@@ -123,7 +120,7 @@
 }
 
 func (payloads) newUnitFacadeClient(caller base.APICaller) context.APIClient {
-	facadeCaller := base.NewFacadeCallerForVersion(caller, payloadsHookContextFacade, 0)
+	facadeCaller := base.NewFacadeCallerForVersion(caller, payloadsHookContextFacade, 1)
 	return internalclient.NewUnitFacadeClient(facadeCaller)
 }
 
@@ -136,14 +133,13 @@
 }
 
 func (c payloads) registerHookContextFacade() {
-	const version = 0
+	const version = 1
 	common.RegisterHookContextFacade(
 		payloadsHookContextFacade,
 		version,
 		c.newHookContextFacade,
 		reflect.TypeOf(&internalserver.UnitFacade{}),
 	)
-	api.RegisterFacadeVersion(payloadsHookContextFacade, version)
 }
 
 type payloadsHookContext struct {
@@ -201,17 +197,16 @@
 		return
 	}
 
-	// TODO(ericsnow) Use a more general registration mechanism.
-	//state.RegisterMultiEnvCollections(persistence.Collections...)
-
-	newUnitPayloads := func(persist state.Persistence, unit, machine string) (state.UnitPayloads, error) {
-		return payloadstate.NewUnitPayloads(persist, unit, machine), nil
+	newUnitPayloads := func(db state.Persistence, unit, machine string) (state.UnitPayloads, error) {
+		persist := persistence.NewPersistence(db)
+		unitPersist := persistence.NewUnitPersistence(persist, unit)
+		return payloadstate.NewUnitPayloads(unitPersist, unit, machine), nil
 	}
 
-	newEnvPayloads := func(persist state.PayloadsEnvPersistence) (state.EnvPayloads, error) {
-		envPersist := persistence.NewEnvPersistence(persist)
+	newEnvPayloads := func(db state.Persistence) (state.EnvPayloads, error) {
+		persist := persistence.NewPersistence(db)
 		envPayloads := payloadstate.EnvPayloads{
-			Persist: envPersist,
+			Persist: persist,
 		}
 		return envPayloads, nil
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/component/all/resource.go juju-core-2.0~beta12/src/github.com/juju/juju/component/all/resource.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/component/all/resource.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/component/all/resource.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,9 +10,8 @@
 
 	jujucmd "github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
-	coreapi "github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/charmrevisionupdater"
 	"github.com/juju/juju/apiserver/common"
@@ -64,12 +63,12 @@
 		return
 	}
 
+	// NOTE: facade is also defined in api/facadeversions.go.
 	common.RegisterStandardFacade(
-		resource.ComponentName,
+		resource.FacadeName,
 		server.Version,
 		resourceadapters.NewPublicFacade,
 	)
-	coreapi.RegisterFacadeVersion(resource.ComponentName, server.Version)
 
 	common.RegisterAPIModelEndpoint(api.HTTPEndpointPattern, apihttp.HandlerSpec{
 		Constraints: apihttp.HandlerConstraints{
@@ -202,7 +201,6 @@
 		r.newHookContextFacade,
 		reflect.TypeOf(&internalserver.UnitFacade{}),
 	)
-	coreapi.RegisterFacadeVersion(context.HookContextFacade, internalserver.FacadeVersion)
 
 	common.RegisterAPIModelEndpoint(internalapi.HTTPEndpointPattern, apihttp.HandlerSpec{
 		Constraints: apihttp.HandlerConstraints{
@@ -223,12 +221,12 @@
 
 // ListResources implements resource/api/private/server.UnitDataStore.
 func (ds *resourcesUnitDataStore) ListResources() (resource.ServiceResources, error) {
-	return ds.resources.ListResources(ds.unit.ServiceName())
+	return ds.resources.ListResources(ds.unit.ApplicationName())
 }
 
 // GetResource implements resource/api/private/server.UnitDataStore.
 func (ds *resourcesUnitDataStore) GetResource(name string) (resource.Resource, error) {
-	return ds.resources.GetResource(ds.unit.ServiceName(), name)
+	return ds.resources.GetResource(ds.unit.ApplicationName(), name)
 }
 
 // OpenResource implements resource/api/private/server.UnitDataStore.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/constraints/constraints.go juju-core-2.0~beta12/src/github.com/juju/juju/constraints/constraints.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/constraints/constraints.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/constraints/constraints.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,8 +11,8 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/arch"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/constraints/constraints_test.go juju-core-2.0~beta12/src/github.com/juju/juju/constraints/constraints_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/constraints/constraints_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/constraints/constraints_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -58,19 +58,19 @@
 		summary: "set container to none",
 		args:    []string{"container=none"},
 	}, {
-		summary: "set container lxc",
-		args:    []string{"container=lxc"},
+		summary: "set container lxd",
+		args:    []string{"container=lxd"},
 	}, {
 		summary: "set nonsense container",
 		args:    []string{"container=foo"},
 		err:     `bad "container" constraint: invalid container type "foo"`,
 	}, {
 		summary: "double set container together",
-		args:    []string{"container=lxc container=lxc"},
+		args:    []string{"container=lxd container=lxd"},
 		err:     `bad "container" constraint: already set`,
 	}, {
 		summary: "double set container separately",
-		args:    []string{"container=lxc", "container="},
+		args:    []string{"container=lxd", "container="},
 		err:     `bad "container" constraint: already set`,
 	},
 
@@ -316,14 +316,14 @@
 	{
 		summary: "kitchen sink together",
 		args: []string{
-			"root-disk=8G mem=2T  arch=i386  cpu-cores=4096 cpu-power=9001 container=lxc " +
+			"root-disk=8G mem=2T  arch=i386  cpu-cores=4096 cpu-power=9001 container=lxd " +
 				"tags=foo,bar spaces=space1,^space2 instance-type=foo",
 			"virt-type=kvm"},
 	}, {
 		summary: "kitchen sink separately",
 		args: []string{
 			"root-disk=8G", "mem=2T", "cpu-cores=4096", "cpu-power=9001", "arch=armhf",
-			"container=lxc", "tags=foo,bar", "spaces=space1,^space2",
+			"container=lxd", "tags=foo,bar", "spaces=space1,^space2",
 			"instance-type=foo", "virt-type=kvm"},
 	},
 }
@@ -351,7 +351,7 @@
 	con1 := constraints.MustParse("arch=amd64 mem=4G")
 	con2 := constraints.MustParse("cpu-cores=42")
 	con3 := constraints.MustParse(
-		"root-disk=8G container=lxc spaces=space1,^space2",
+		"root-disk=8G container=lxd spaces=space1,^space2",
 	)
 	merged, err := constraints.Merge(con1, con2)
 	c.Assert(err, jc.ErrorIsNil)
@@ -362,7 +362,7 @@
 	merged, err = constraints.Merge(con1, con2, con3)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(merged, jc.DeepEquals, constraints.
-		MustParse("arch=amd64 mem=4G cpu-cores=42 root-disk=8G container=lxc spaces=space1,^space2"),
+		MustParse("arch=amd64 mem=4G cpu-cores=42 root-disk=8G container=lxd spaces=space1,^space2"),
 	)
 	merged, err = constraints.Merge()
 	c.Assert(err, jc.ErrorIsNil)
@@ -475,7 +475,7 @@
 	{"Arch1", constraints.Value{Arch: strp("")}},
 	{"Arch2", constraints.Value{Arch: strp("amd64")}},
 	{"Container1", constraints.Value{Container: ctypep("")}},
-	{"Container2", constraints.Value{Container: ctypep("lxc")}},
+	{"Container2", constraints.Value{Container: ctypep("lxd")}},
 	{"Container3", constraints.Value{Container: nil}},
 	{"CpuCores1", constraints.Value{CpuCores: nil}},
 	{"CpuCores2", constraints.Value{CpuCores: uint64p(0)}},
@@ -499,7 +499,7 @@
 	{"InstanceType2", constraints.Value{InstanceType: strp("foo")}},
 	{"All", constraints.Value{
 		Arch:         strp("i386"),
-		Container:    ctypep("lxc"),
+		Container:    ctypep("lxd"),
 		CpuCores:     uint64p(4096),
 		CpuPower:     uint64p(9001),
 		Mem:          uint64p(18000000000),
@@ -561,7 +561,7 @@
 	{
 		hasContainer: false,
 	}, {
-		constraints:  "container=lxc",
+		constraints:  "container=lxd",
 		hasContainer: true,
 	}, {
 		constraints:  "container=none",
@@ -584,7 +584,7 @@
 	c.Check(cons.HasInstanceType(), jc.IsTrue)
 }
 
-const initialWithoutCons = "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 spaces=space1,^space2 tags=foo container=lxc instance-type=bar"
+const initialWithoutCons = "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 spaces=space1,^space2 tags=foo container=lxd instance-type=bar"
 
 var withoutTests = []struct {
 	initial string
@@ -593,31 +593,31 @@
 }{{
 	initial: initialWithoutCons,
 	without: []string{"root-disk"},
-	final:   "mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxc instance-type=bar",
+	final:   "mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxd instance-type=bar",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"mem"},
-	final:   "root-disk=8G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxc instance-type=bar",
+	final:   "root-disk=8G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxd instance-type=bar",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"arch"},
-	final:   "root-disk=8G mem=4G cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxc instance-type=bar",
+	final:   "root-disk=8G mem=4G cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxd instance-type=bar",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"cpu-power"},
-	final:   "root-disk=8G mem=4G arch=amd64 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxc instance-type=bar",
+	final:   "root-disk=8G mem=4G arch=amd64 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxd instance-type=bar",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"cpu-cores"},
-	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 tags=foo spaces=space1,^space2 container=lxc instance-type=bar",
+	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 tags=foo spaces=space1,^space2 container=lxd instance-type=bar",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"tags"},
-	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 spaces=space1,^space2 container=lxc instance-type=bar",
+	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 spaces=space1,^space2 container=lxd instance-type=bar",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"spaces"},
-	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo container=lxc instance-type=bar",
+	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo container=lxd instance-type=bar",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"container"},
@@ -625,11 +625,11 @@
 }, {
 	initial: initialWithoutCons,
 	without: []string{"instance-type"},
-	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxc",
+	final:   "root-disk=8G mem=4G arch=amd64 cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxd",
 }, {
 	initial: initialWithoutCons,
 	without: []string{"root-disk", "mem", "arch"},
-	final:   "cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxc instance-type=bar",
+	final:   "cpu-power=1000 cpu-cores=4 tags=foo spaces=space1,^space2 container=lxd instance-type=bar",
 }}
 
 func (s *ConstraintsSuite) TestWithout(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/constraints/validation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/constraints/validation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/constraints/validation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/constraints/validation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -152,12 +152,12 @@
 		desc: "empty all round",
 	}, {
 		desc:     "container with empty fallback",
-		cons:     "container=lxc",
-		expected: "container=lxc",
+		cons:     "container=lxd",
+		expected: "container=lxd",
 	}, {
 		desc:         "container from fallback",
-		consFallback: "container=lxc",
-		expected:     "container=lxc",
+		consFallback: "container=lxd",
+		expected:     "container=lxd",
 	}, {
 		desc:     "arch with empty fallback",
 		cons:     "arch=amd64",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/factory/factory.go juju-core-2.0~beta12/src/github.com/juju/juju/container/factory/factory.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/factory/factory.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/factory/factory.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/container/kvm"
-	"github.com/juju/juju/container/lxc"
 	"github.com/juju/juju/container/lxd"
 	"github.com/juju/juju/instance"
 )
@@ -19,8 +18,6 @@
 // specified container type.
 func NewContainerManager(forType instance.ContainerType, conf container.ManagerConfig, imageURLGetter container.ImageURLGetter) (container.Manager, error) {
 	switch forType {
-	case instance.LXC:
-		return lxc.NewContainerManager(conf, imageURLGetter)
 	case instance.LXD:
 		return lxd.NewContainerManager(conf)
 	case instance.KVM:
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/factory/factory_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/factory/factory_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/factory/factory_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/factory/factory_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -25,7 +25,7 @@
 		containerType instance.ContainerType
 		valid         bool
 	}{{
-		containerType: instance.LXC,
+		containerType: instance.LXD,
 		valid:         true,
 	}, {
 		containerType: instance.LXD,
@@ -45,7 +45,7 @@
 			continue
 		}
 
-		conf := container.ManagerConfig{container.ConfigName: "test"}
+		conf := container.ManagerConfig{container.ConfigModelUUID: testing.ModelTag.Id()}
 		manager, err := factory.NewContainerManager(test.containerType, conf, nil)
 		if test.valid {
 			c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/factory/network.go juju-core-2.0~beta12/src/github.com/juju/juju/container/factory/network.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/factory/network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/factory/network.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 // unknown then an empty string is returned.
 func DefaultNetworkBridge(cType instance.ContainerType) string {
 	switch cType {
-	case instance.LXC:
+	case instance.LXD:
 		return container.DefaultLxcBridge
 	case instance.KVM:
 		return container.DefaultKvmBridge
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/image.go juju-core-2.0~beta12/src/github.com/juju/juju/container/image.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/image.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/image.go	2016-07-18 19:45:44.000000000 +0000
@@ -69,7 +69,7 @@
 // image blob with the specified parameters.
 func ImageDownloadURL(kind instance.ContainerType, series, arch, stream, cloudimgBaseUrl string) (string, error) {
 	// TODO - we currently only need to support LXC images - kind is ignored.
-	if kind != instance.LXC {
+	if kind != instance.LXD {
 		return "", errors.Errorf("unsupported container type: %v", kind)
 	}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/image_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/image_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/image_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/image_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -42,9 +42,9 @@
 			Stream:            stream,
 			ImageDownloadFunc: container.ImageDownloadURL,
 		})
-	imageURL, err := imageURLGetter.ImageURL(instance.LXC, "trusty", "amd64")
+	imageURL, err := imageURLGetter.ImageURL(instance.LXD, "trusty", "amd64")
 	c.Assert(err, gc.IsNil)
-	c.Assert(imageURL, gc.Equals, fmt.Sprintf("https://host:port/model/12345/images/lxc/trusty/amd64/trusty-%s-amd64-root.tar.gz", stream))
+	c.Assert(imageURL, gc.Equals, fmt.Sprintf("https://host:port/model/12345/images/lxd/trusty/amd64/trusty-%s-amd64-root.tar.gz", stream))
 	c.Assert(imageURLGetter.CACert(), gc.DeepEquals, []byte("cert"))
 }
 
@@ -64,21 +64,21 @@
 			Stream:            "released",
 			ImageDownloadFunc: mockFunc,
 		})
-	imageURL, err := imageURLGetter.ImageURL(instance.LXC, "trusty", "amd64")
+	imageURL, err := imageURLGetter.ImageURL(instance.LXD, "trusty", "amd64")
 	c.Assert(err, gc.IsNil)
-	c.Assert(imageURL, gc.Equals, "https://host:port/model/12345/images/lxc/trusty/amd64/trusty-released-amd64-root.tar.gz")
+	c.Assert(imageURL, gc.Equals, "https://host:port/model/12345/images/lxd/trusty/amd64/trusty-released-amd64-root.tar.gz")
 	c.Assert(imageURLGetter.CACert(), gc.DeepEquals, []byte("cert"))
 	c.Assert(calledBaseURL, gc.Equals, baseURL)
 }
 
 func (s *imageURLSuite) TestImageDownloadURL(c *gc.C) {
-	imageDownloadURL, err := container.ImageDownloadURL(instance.LXC, "trusty", "amd64", "released", "")
+	imageDownloadURL, err := container.ImageDownloadURL(instance.LXD, "trusty", "amd64", "released", "")
 	c.Assert(err, gc.IsNil)
 	c.Assert(imageDownloadURL, gc.Equals, "test://cloud-images/trusty-released-amd64-root.tar.gz")
 }
 
 func (s *imageURLSuite) TestImageDownloadURLOtherBase(c *gc.C) {
-	imageDownloadURL, err := container.ImageDownloadURL(instance.LXC, "trusty", "amd64", "released", "other://cloud-images")
+	imageDownloadURL, err := container.ImageDownloadURL(instance.LXD, "trusty", "amd64", "released", "other://cloud-images")
 	c.Assert(err, gc.IsNil)
 	c.Assert(imageDownloadURL, gc.Equals, "other://cloud-images/trusty-released-amd64-root.tar.gz")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/container/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,30 +5,14 @@
 
 import (
 	"github.com/juju/juju/cloudconfig/instancecfg"
+	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/status"
 )
 
 const (
-	ConfigName   = "name"
-	ConfigLogDir = "log-dir"
-
-	// ConfigIPForwarding, if set to a non-empty value, instructs the
-	// container manager to enable IP forwarding as part of the
-	// container initialization. Will be enabled if the enviroment
-	// supports networking.
-	ConfigIPForwarding = "ip-forwarding"
-
-	// ConfigEnableNAT, if set to a non-empty value, instructs the
-	// container manager to enable NAT for hosted containers. NAT is
-	// required for AWS, but should be disabled for MAAS.
-	ConfigEnableNAT = "enable-nat"
-
-	// ConfigLXCDefaultMTU, if set to a positive integer (serialized
-	// as a string), will cause all network interfaces on all created
-	// LXC containers (not KVM instances) to use the given MTU
-	// setting.
-	ConfigLXCDefaultMTU = "lxc-default-mtu"
+	ConfigModelUUID = "model-uuid"
+	ConfigLogDir    = "log-dir"
 
 	DefaultNamespace = "juju"
 )
@@ -46,6 +30,7 @@
 	// machine.
 	CreateContainer(
 		instanceConfig *instancecfg.InstanceConfig,
+		cons constraints.Value,
 		series string,
 		network *NetworkConfig,
 		storage *StorageConfig,
@@ -62,6 +47,10 @@
 	// IsInitialized check whether or not required packages have been installed
 	// to support this manager.
 	IsInitialized() bool
+
+	// Namespace returns the namespace of the manager. This namespace defines the
+	// prefix of all the hostnames.
+	Namespace() instance.Namespace
 }
 
 // Initialiser is responsible for performing the steps required to initialise
@@ -84,6 +73,6 @@
 // WarnAboutUnused emits a warning about each value in the map.
 func (m ManagerConfig) WarnAboutUnused() {
 	for key, value := range m {
-		logger.Warningf("unused config option: %q -> %q", key, value)
+		logger.Infof("unused config option: %q -> %q", key, value)
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package kvm
 
 // This file exports internal package implementations so that tests
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/kvm.go juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/kvm.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/kvm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/kvm.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,6 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/arch"
 
 	"github.com/juju/juju/agent"
@@ -73,45 +72,54 @@
 }
 
 // NewContainerManager returns a manager object that can start and stop kvm
-// containers. The containers that are created are namespaced by the name
-// parameter.
+// containers.
 func NewContainerManager(conf container.ManagerConfig) (container.Manager, error) {
-	name := conf.PopValue(container.ConfigName)
-	if name == "" {
-		return nil, fmt.Errorf("name is required")
+	modelUUID := conf.PopValue(container.ConfigModelUUID)
+	if modelUUID == "" {
+		return nil, errors.Errorf("model UUID is required")
+	}
+	namespace, err := instance.NewNamespace(modelUUID)
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
 	logDir := conf.PopValue(container.ConfigLogDir)
 	if logDir == "" {
 		logDir = agent.DefaultPaths.LogDir
 	}
 	conf.WarnAboutUnused()
-	return &containerManager{name: name, logdir: logDir}, nil
+	return &containerManager{namespace: namespace, logdir: logDir}, nil
 }
 
 // containerManager handles all of the business logic at the juju specific
 // level. It makes sure that the necessary directories are in place, that the
 // user-data is written out in the right place.
 type containerManager struct {
-	name   string
-	logdir string
+	namespace instance.Namespace
+	logdir    string
 }
 
 var _ container.Manager = (*containerManager)(nil)
 
+// Namespace implements container.Manager.
+func (manager *containerManager) Namespace() instance.Namespace {
+	return manager.namespace
+}
+
 // Exposed so tests can observe our side-effects
 var startParams StartParams
 
 func (manager *containerManager) CreateContainer(
 	instanceConfig *instancecfg.InstanceConfig,
+	cons constraints.Value,
 	series string,
 	networkConfig *container.NetworkConfig,
 	storageConfig *container.StorageConfig,
 	callback container.StatusCallback,
 ) (_ instance.Instance, _ *instance.HardwareCharacteristics, err error) {
 
-	name := names.NewMachineTag(instanceConfig.MachineId).String()
-	if manager.name != "" {
-		name = fmt.Sprintf("%s-%s", manager.name, name)
+	name, err := manager.namespace.Hostname(instanceConfig.MachineId)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
 	}
 
 	defer func() {
@@ -123,7 +131,7 @@
 	// Set the MachineContainerHostname to match the name returned by virsh list
 	instanceConfig.MachineContainerHostname = name
 
-	// Note here that the kvmObjectFacotry only returns a valid container
+	// Note here that the kvmObjectFactory only returns a valid container
 	// object, and doesn't actually construct the underlying kvm container on
 	// disk.
 	kvmContainer := KvmObjectFactory.New(name)
@@ -142,7 +150,7 @@
 		return nil, nil, err
 	}
 	// Create the container.
-	startParams = ParseConstraintsToStartParams(instanceConfig.Constraints)
+	startParams = ParseConstraintsToStartParams(cons)
 	startParams.Arch = arch.HostArch()
 	startParams.Series = series
 	startParams.Network = networkConfig
@@ -159,11 +167,11 @@
 		fmt.Sprintf("arch=%s mem=%vM root-disk=%vG cpu-cores=%v",
 			startParams.Arch, startParams.Memory, startParams.RootDisk, startParams.CpuCores))
 	if err != nil {
-		logger.Warningf("failed to parse hardware: %v", err)
+		return nil, nil, errors.Annotate(err, "failed to parse hardware")
 	}
 
 	callback(status.StatusAllocating, "Creating container; it might take some time", nil)
-	logger.Tracef("create the container, constraints: %v", instanceConfig.Constraints)
+	logger.Tracef("create the container, constraints: %v", cons)
 	if err := kvmContainer.Start(startParams); err != nil {
 		err = errors.Annotate(err, "kvm container creation failed")
 		logger.Infof(err.Error())
@@ -202,7 +210,7 @@
 		logger.Errorf("failed getting all instances: %v", err)
 		return
 	}
-	managerPrefix := fmt.Sprintf("%s-", manager.name)
+	managerPrefix := manager.namespace.Prefix()
 	for _, container := range containers {
 		// Filter out those not starting with our name.
 		name := container.Name()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/kvm_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/kvm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/kvm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/kvm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,10 +20,8 @@
 	"github.com/juju/juju/container/kvm"
 	kvmtesting "github.com/juju/juju/container/kvm/testing"
 	containertesting "github.com/juju/juju/container/testing"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/dummy"
 	coretesting "github.com/juju/juju/testing"
 )
 
@@ -37,23 +35,24 @@
 func (s *KVMSuite) SetUpTest(c *gc.C) {
 	s.TestSuite.SetUpTest(c)
 	var err error
-	s.manager, err = kvm.NewContainerManager(container.ManagerConfig{container.ConfigName: "test"})
+	s.manager, err = kvm.NewContainerManager(
+		container.ManagerConfig{container.ConfigModelUUID: coretesting.ModelTag.Id()})
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (*KVMSuite) TestManagerNameNeeded(c *gc.C) {
-	manager, err := kvm.NewContainerManager(container.ManagerConfig{container.ConfigName: ""})
-	c.Assert(err, gc.ErrorMatches, "name is required")
+func (*KVMSuite) TestManagerModelUUIDNeeded(c *gc.C) {
+	manager, err := kvm.NewContainerManager(container.ManagerConfig{container.ConfigModelUUID: ""})
+	c.Assert(err, gc.ErrorMatches, "model UUID is required")
 	c.Assert(manager, gc.IsNil)
 }
 
 func (*KVMSuite) TestManagerWarnsAboutUnknownOption(c *gc.C) {
 	_, err := kvm.NewContainerManager(container.ManagerConfig{
-		container.ConfigName: "BillyBatson",
-		"shazam":             "Captain Marvel",
+		container.ConfigModelUUID: coretesting.ModelTag.Id(),
+		"shazam":                  "Captain Marvel",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(c.GetTestLog(), jc.Contains, `WARNING juju.container unused config option: "shazam" -> "Captain Marvel"`)
+	c.Assert(c.GetTestLog(), jc.Contains, `INFO juju.container unused config option: "shazam" -> "Captain Marvel"`)
 }
 
 func (s *KVMSuite) TestListInitiallyEmpty(c *gc.C) {
@@ -74,21 +73,21 @@
 }
 
 func (s *KVMSuite) TestListMatchesManagerName(c *gc.C) {
-	s.createRunningContainer(c, "test-match1")
-	s.createRunningContainer(c, "test-match2")
+	s.createRunningContainer(c, "juju-06f00d-match1")
+	s.createRunningContainer(c, "juju-06f00d-match2")
 	s.createRunningContainer(c, "testNoMatch")
 	s.createRunningContainer(c, "other")
 	containers, err := s.manager.ListContainers()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(containers, gc.HasLen, 2)
-	expectedIds := []instance.Id{"test-match1", "test-match2"}
+	expectedIds := []instance.Id{"juju-06f00d-match1", "juju-06f00d-match2"}
 	ids := []instance.Id{containers[0].Id(), containers[1].Id()}
 	c.Assert(ids, jc.SameContents, expectedIds)
 }
 
 func (s *KVMSuite) TestListMatchesRunningContainers(c *gc.C) {
-	running := s.createRunningContainer(c, "test-running")
-	s.ContainerFactory.New("test-stopped")
+	running := s.createRunningContainer(c, "juju-06f00d-running")
+	s.ContainerFactory.New("juju-06f00d-stopped")
 	containers, err := s.manager.ListContainers()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(containers, gc.HasLen, 1)
@@ -106,12 +105,15 @@
 	params := kvm.CreateMachineParams{
 		Hostname:      "foo-bar",
 		NetworkBridge: "br0",
-		Interfaces: []network.InterfaceInfo{
-			{
-				MACAddress:          "00:16:3e:20:b0:11",
-				ParentInterfaceName: "br-eth0.10",
-			},
-		},
+		Interfaces: []network.InterfaceInfo{{
+			InterfaceName:       "eth0",
+			MACAddress:          "00:16:3e:20:b0:11",
+			ParentInterfaceName: "br-eth0.10",
+		}, {
+			InterfaceName:       "eth42",
+			MACAddress:          "00:16:3e:20:b0:12",
+			ParentInterfaceName: "virbr42",
+		}},
 	}
 	tempDir := c.MkDir()
 
@@ -123,10 +125,14 @@
 
 	template := string(templateBytes)
 
-	c.Assert(template, jc.Contains, "<name>foo-bar</name>")
-	c.Assert(template, jc.Contains, "<mac address='00:16:3e:20:b0:11'/>")
-	c.Assert(template, jc.Contains, "<source bridge='br-eth0.10'/>")
-	c.Assert(strings.Count(string(template), "<interface type='bridge'>"), gc.Equals, 1)
+	c.Check(template, jc.Contains, "<name>foo-bar</name>")
+	c.Check(strings.Count(template, "<interface type='bridge'>"), gc.Equals, 2)
+	c.Check(template, jc.Contains, "<source bridge='br-eth0.10'/>")
+	c.Check(template, jc.Contains, "<mac address='00:16:3e:20:b0:11'/>")
+	c.Check(template, jc.Contains, "<guest dev='eth0'/>")
+	c.Check(template, jc.Contains, "<source bridge='virbr42'/>")
+	c.Check(template, jc.Contains, "<mac address='00:16:3e:20:b0:12'/>")
+	c.Check(template, jc.Contains, "<guest dev='eth42'/>")
 }
 
 func (s *KVMSuite) TestCreateMachineUsesTemplate(c *gc.C) {
@@ -160,7 +166,7 @@
 }
 
 func (s *KVMSuite) TestDestroyContainer(c *gc.C) {
-	instance := containertesting.CreateContainer(c, s.manager, "1/lxc/0")
+	instance := containertesting.CreateContainer(c, s.manager, "1/kvm/0")
 
 	err := s.manager.DestroyContainer(instance.Id())
 	c.Assert(err, jc.ErrorIsNil)
@@ -175,18 +181,9 @@
 // Test that CreateContainer creates proper startParams.
 func (s *KVMSuite) TestCreateContainerUtilizesReleaseSimpleStream(c *gc.C) {
 
-	envCfg, err := config.New(
-		config.NoDefaults,
-		dummy.SampleConfig().Merge(
-			coretesting.Attrs{"image-stream": "released"},
-		),
-	)
-	c.Assert(err, jc.ErrorIsNil)
-
 	// Mock machineConfig with a mocked simple stream URL.
 	instanceConfig, err := containertesting.MockMachineConfig("1/kvm/0")
 	c.Assert(err, jc.ErrorIsNil)
-	instanceConfig.Config = envCfg
 
 	// CreateContainer sets TestStartParams internally; we call this
 	// purely for the side-effect.
@@ -307,14 +304,14 @@
 			`arch constraint of "armhf" being ignored as not supported`,
 		},
 	}, {
-		cons: "container=lxc",
+		cons: "container=lxd",
 		expected: kvm.StartParams{
 			Memory:   kvm.DefaultMemory,
 			CpuCores: kvm.DefaultCpu,
 			RootDisk: kvm.DefaultDisk,
 		},
 		infoLog: []string{
-			`container constraint of "lxc" being ignored as not supported`,
+			`container constraint of "lxd" being ignored as not supported`,
 		},
 	}, {
 		cons: "cpu-power=100",
@@ -337,7 +334,7 @@
 			`tags constraint of "foo,bar" being ignored as not supported`,
 		},
 	}, {
-		cons: "mem=4G cpu-cores=4 root-disk=20G arch=armhf cpu-power=100 container=lxc tags=foo,bar",
+		cons: "mem=4G cpu-cores=4 root-disk=20G arch=armhf cpu-power=100 container=lxd tags=foo,bar",
 		expected: kvm.StartParams{
 			Memory:   4 * 1024,
 			CpuCores: 4,
@@ -345,7 +342,7 @@
 		},
 		infoLog: []string{
 			`arch constraint of "armhf" being ignored as not supported`,
-			`container constraint of "lxc" being ignored as not supported`,
+			`container constraint of "lxd" being ignored as not supported`,
 			`cpu-power constraint of 100 being ignored as not supported`,
 			`tags constraint of "foo,bar" being ignored as not supported`,
 		},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/live_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/live_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/live_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/live_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,6 +15,7 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/cloudconfig/instancecfg"
+	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/container/kvm"
 	"github.com/juju/juju/environs/config"
@@ -55,8 +56,8 @@
 func (s *LiveSuite) newManager(c *gc.C, name string) container.Manager {
 	manager, err := kvm.NewContainerManager(
 		container.ManagerConfig{
-			container.ConfigName:   name,
-			container.ConfigLogDir: c.MkDir(),
+			container.ConfigModelUUID: coretesting.ModelTag.Id(),
+			container.ConfigLogDir:    c.MkDir(),
 		})
 	c.Assert(err, jc.ErrorIsNil)
 	return manager
@@ -86,9 +87,8 @@
 
 func createContainer(c *gc.C, manager container.Manager, machineId string) instance.Instance {
 	machineNonce := "fake-nonce"
-	stateInfo := jujutesting.FakeStateInfo(machineId)
 	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, imagemetadata.ReleasedStream, "quantal", "", true, stateInfo, apiInfo)
+	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, imagemetadata.ReleasedStream, "quantal", true, apiInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	network := container.BridgeNetworkConfig("virbr0", 0, nil)
 
@@ -103,7 +103,7 @@
 	err = instancecfg.FinishInstanceConfig(instanceConfig, environConfig)
 	c.Assert(err, jc.ErrorIsNil)
 	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error { return nil }
-	inst, hardware, err := manager.CreateContainer(instanceConfig, "precise", network, nil, callback)
+	inst, hardware, err := manager.CreateContainer(instanceConfig, constraints.Value{}, "precise", network, nil, callback)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(hardware, gc.NotNil)
 	expected := fmt.Sprintf("arch=%s cpu-cores=1 mem=512M root-disk=8192M", arch.HostArch())
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/template.go juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/template.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/kvm/template.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/kvm/template.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,6 +49,7 @@
       <mac address='{{$nic.MACAddress}}'/>
       <model type='virtio'/>
       <source bridge='{{$nic.ParentInterfaceName}}'/>
+      <guest dev='{{$nic.InterfaceName}}'/>
     </interface>
     {{end}}
   </devices>
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/clonetemplate.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/clonetemplate.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/clonetemplate.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/clonetemplate.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,213 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package lxc
-
-import (
-	"fmt"
-	"io"
-	"os"
-	"path/filepath"
-	"sync"
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/utils/arch"
-	"github.com/juju/utils/proxy"
-	"github.com/juju/utils/tailer"
-	"launchpad.net/golxc"
-
-	"github.com/juju/juju/cloudconfig/containerinit"
-	"github.com/juju/juju/container"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/status"
-	"github.com/juju/juju/utils/filelock"
-)
-
-var (
-	TemplateLockDir = "/var/lib/juju/locks"
-
-	TemplateStopTimeout = 5 * time.Minute
-)
-
-func AcquireTemplateLock(name, message string) (*filelock.Lock, error) {
-	logger.Infof("wait for flock on %v", name)
-	lock, err := filelock.NewLock(TemplateLockDir, name)
-	if err != nil {
-		logger.Tracef("failed to create flock for template: %v", err)
-		return nil, err
-	}
-	err = lock.Lock(message)
-	if err != nil {
-		logger.Tracef("failed to acquire lock for template: %v", err)
-		return nil, err
-	}
-	return lock, nil
-}
-
-// Make sure a template exists that we can clone from.
-func EnsureCloneTemplate(
-	backingFilesystem string,
-	series string,
-	networkConfig *container.NetworkConfig,
-	authorizedKeys string,
-	aptProxy proxy.Settings,
-	aptMirror string,
-	enablePackageUpdates bool,
-	enableOSUpgrades bool,
-	imageURLGetter container.ImageURLGetter,
-	useAUFS bool,
-	callback func(containerStatus status.Status, info string, data map[string]interface{}) error,
-) (_ golxc.Container, err error) {
-	name := fmt.Sprintf("juju-%s-lxc-template", series)
-
-	defer func() {
-		if err != nil {
-			callback(status.StatusProvisioningError, fmt.Sprintf("Creating container: %v", err), nil)
-		}
-	}()
-	containerDirectory, err := container.NewDirectory(name)
-	if err != nil {
-		return nil, err
-	}
-
-	lock, err := AcquireTemplateLock(name, "ensure clone exists")
-	if err != nil {
-		return nil, err
-	}
-	defer lock.Unlock()
-
-	lxcContainer := LxcObjectFactory.New(name)
-	// Early exit if the container has been constructed before.
-	if lxcContainer.IsConstructed() {
-		logger.Infof("template exists, continuing")
-		return lxcContainer, nil
-	}
-	logger.Infof("template does not exist, creating")
-
-	callback(status.StatusAllocating, "Creating template container; downloading image may take some time", nil)
-
-	userData, err := containerinit.TemplateUserData(
-		series,
-		authorizedKeys,
-		aptProxy,
-		aptMirror,
-		enablePackageUpdates,
-		enableOSUpgrades,
-		networkConfig,
-	)
-	if err != nil {
-		logger.Tracef("failed to create template user data for template: %v", err)
-		return nil, err
-	}
-	userDataFilename, err := containerinit.WriteCloudInitFile(containerDirectory, userData)
-	if err != nil {
-		return nil, err
-	}
-
-	templateParams := []string{
-		"--debug",                      // Debug errors in the cloud image
-		"--userdata", userDataFilename, // Our groovey cloud-init
-		"--hostid", name, // Use the container name as the hostid
-		"-r", series,
-	}
-	var caCert []byte
-	if imageURLGetter != nil {
-		arch := arch.HostArch()
-		imageURL, err := imageURLGetter.ImageURL(instance.LXC, series, arch)
-		if err != nil {
-			return nil, errors.Annotatef(err, "cannot determine cached image URL")
-		}
-		templateParams = append(templateParams, "-T", imageURL)
-		caCert = imageURLGetter.CACert()
-	}
-	var extraCreateArgs []string
-	if backingFilesystem == Btrfs {
-		extraCreateArgs = append(extraCreateArgs, "-B", Btrfs)
-	}
-
-	// Create the container.
-	logger.Tracef("create the template container")
-	err = createContainer(
-		lxcContainer,
-		containerDirectory,
-		networkConfig,
-		extraCreateArgs,
-		templateParams,
-		caCert,
-	)
-	if err != nil {
-		logger.Errorf("lxc template container creation failed: %v", err)
-		return nil, err
-	}
-	// Make sure that the mount dir has been created.
-	logger.Tracef("make the mount dir for the shared logs")
-	if err := os.MkdirAll(internalLogDir(name), 0755); err != nil {
-		logger.Tracef("failed to create internal /var/log/juju mount dir: %v", err)
-		return nil, err
-	}
-
-	// Start the lxc container with the appropriate settings for grabbing the
-	// console output and a log file.
-	consoleFile := filepath.Join(containerDirectory, "console.log")
-	lxcContainer.SetLogFile(filepath.Join(containerDirectory, "container.log"), golxc.LogDebug)
-	logger.Tracef("start the container")
-	// We explicitly don't pass through the config file to the container.Start
-	// method as we have passed it through at container creation time.  This
-	// is necessary to get the appropriate rootfs reference without explicitly
-	// setting it ourselves.
-	if err = lxcContainer.Start("", consoleFile); err != nil {
-		logger.Errorf("container failed to start: %v", err)
-		return nil, err
-	}
-	logger.Infof("template container started, now wait for it to stop")
-	callback(status.StatusAllocating, "Template container created; waiting for cloud-init to complete", nil)
-	// Perhaps we should wait for it to finish, and the question becomes "how
-	// long do we wait for it to complete?"
-
-	console, err := os.Open(consoleFile)
-	if err != nil {
-		// can't listen
-		return nil, err
-	}
-
-	tailWriter := &logTail{tick: time.Now()}
-	consoleTailer := tailer.NewTailer(console, tailWriter, nil)
-	defer consoleTailer.Stop()
-
-	// We should wait maybe 1 minute between output?
-	// if no output check to see if stopped
-	// If we have no output and still running, something has probably gone wrong
-	for lxcContainer.IsRunning() {
-		if tailWriter.lastTick().Before(time.Now().Add(-TemplateStopTimeout)) {
-			logger.Infof("not heard anything from the template log for five minutes")
-			callback(status.StatusProvisioningError, "Container creation failed: template container has not stopped", nil)
-			return nil, fmt.Errorf("template container %q did not stop", name)
-		}
-		time.Sleep(time.Second)
-	}
-
-	return lxcContainer, nil
-}
-
-type logTail struct {
-	tick  time.Time
-	mutex sync.Mutex
-}
-
-var _ io.Writer = (*logTail)(nil)
-
-func (t *logTail) Write(data []byte) (int, error) {
-	logger.Tracef(string(data))
-	t.mutex.Lock()
-	defer t.mutex.Unlock()
-	t.tick = time.Now()
-	return len(data), nil
-}
-
-func (t *logTail) lastTick() time.Time {
-	t.mutex.Lock()
-	defer t.mutex.Unlock()
-	tick := t.tick
-	return tick
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,31 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package lxc
-
-import (
-	"github.com/juju/juju/container"
-)
-
-var (
-	ContainerConfigFilename    = containerConfigFilename
-	ContainerDirFilesystem     = containerDirFilesystem
-	GenerateNetworkConfig      = generateNetworkConfig
-	ParseConfigLine            = parseConfigLine
-	UpdateContainerConfig      = updateContainerConfig
-	ReorderNetworkConfig       = reorderNetworkConfig
-	NetworkConfigTemplate      = networkConfigTemplate
-	RestartSymlink             = restartSymlink
-	ReleaseVersion             = &releaseVersion
-	PreferFastLXC              = preferFastLXC
-	WriteWgetTmpFile           = &writeWgetTmpFile
-	NewContainerManagerForTest = newContainerManager
-)
-
-func GetCreateWithCloneValue(mgr container.Manager) bool {
-	return mgr.(*containerManager).createWithClone
-}
-
-func WgetEnvironment(caCert []byte) ([]string, func(), error) {
-	return wgetEnvironment(caCert)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/initialisation.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/initialisation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/initialisation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/initialisation.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,76 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package lxc
-
-import (
-	"strings"
-
-	"github.com/juju/utils/packaging/config"
-	"github.com/juju/utils/packaging/manager"
-
-	"github.com/juju/juju/container"
-)
-
-var requiredPackages = []string{
-	"lxc",
-	"cloud-image-utils",
-}
-
-type containerInitialiser struct {
-	series string
-}
-
-// containerInitialiser implements container.Initialiser.
-var _ container.Initialiser = (*containerInitialiser)(nil)
-
-// NewContainerInitialiser returns an instance used to perform the steps
-// required to allow a host machine to run a LXC container.
-func NewContainerInitialiser(series string) container.Initialiser {
-	return &containerInitialiser{series}
-}
-
-// Initialise is specified on the container.Initialiser interface.
-func (ci *containerInitialiser) Initialise() error {
-	return ensureDependencies(ci.series)
-}
-
-// getPackageManager is a helper function which returns the
-// package manager implementation for the current system.
-func getPackageManager(series string) (manager.PackageManager, error) {
-	return manager.NewPackageManager(series)
-}
-
-// getPackagingConfigurer is a helper function which returns the
-// packaging configuration manager for the current system.
-func getPackagingConfigurer(series string) (config.PackagingConfigurer, error) {
-	return config.NewPackagingConfigurer(series)
-}
-
-// ensureDependencies creates a set of install packages using
-// apt.GetPreparePackages and runs each set of packages through
-// apt.GetInstall.
-func ensureDependencies(series string) error {
-	pacman, err := getPackageManager(series)
-	if err != nil {
-		return err
-	}
-	pacconfer, err := getPackagingConfigurer(series)
-	if err != nil {
-		return err
-	}
-
-	for _, pack := range requiredPackages {
-		pkg := pack
-		if config.SeriesRequiresCloudArchiveTools(series) &&
-			pacconfer.IsCloudArchivePackage(pack) {
-			pkg = strings.Join(pacconfer.ApplyCloudArchiveTarget(pack), " ")
-		}
-
-		if err := pacman.Install(pkg); err != nil {
-			return err
-		}
-	}
-
-	return err
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/initialisation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/initialisation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/initialisation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/initialisation_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,74 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package lxc
-
-import (
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/packaging/commands"
-	"github.com/juju/utils/packaging/manager"
-	"github.com/juju/utils/series"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/testing"
-)
-
-type InitialiserSuite struct {
-	testing.BaseSuite
-	calledCmds []string
-}
-
-var _ = gc.Suite(&InitialiserSuite{})
-
-// getMockRunCommandWithRetry is a helper function which returns a function
-// with an identical signature to manager.RunCommandWithRetry which saves each
-// command it recieves in a slice and always returns no output, error code 0
-// and a nil error.
-func getMockRunCommandWithRetry(calledCmds *[]string) func(string, func(string) error) (string, int, error) {
-	return func(cmd string, fatalError func(string) error) (string, int, error) {
-		*calledCmds = append(*calledCmds, cmd)
-		return "", 0, nil
-	}
-}
-
-func (s *InitialiserSuite) SetUpTest(c *gc.C) {
-	s.BaseSuite.SetUpTest(c)
-	s.calledCmds = []string{}
-	s.PatchValue(&manager.RunCommandWithRetry, getMockRunCommandWithRetry(&s.calledCmds))
-}
-
-func (s *InitialiserSuite) TestLTSSeriesPackages(c *gc.C) {
-	// Momentarily, the only series with a dedicated cloud archive is precise,
-	// which we will use for the following test:
-	paccmder, err := commands.NewPackageCommander("precise")
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.PatchValue(&series.HostSeries, func() string { return "precise" })
-	container := NewContainerInitialiser("precise")
-
-	err = container.Initialise()
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(s.calledCmds, gc.DeepEquals, []string{
-		paccmder.InstallCmd("--target-release", "precise-updates/cloud-tools", "lxc"),
-		paccmder.InstallCmd("--target-release", "precise-updates/cloud-tools", "cloud-image-utils"),
-	})
-}
-
-func (s *InitialiserSuite) TestNoSeriesPackages(c *gc.C) {
-	// Here we want to test for any other series whilst avoiding the
-	// possibility of hitting a cloud archive-requiring release.
-	// As such, we simply pass an empty series.
-	paccmder, err := commands.NewPackageCommander("")
-	c.Assert(err, jc.ErrorIsNil)
-
-	container := NewContainerInitialiser("")
-
-	err = container.Initialise()
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(s.calledCmds, gc.DeepEquals, []string{
-		paccmder.InstallCmd("lxc"),
-		paccmder.InstallCmd("cloud-image-utils"),
-	})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/instance.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,65 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package lxc
-
-import (
-	"fmt"
-
-	"github.com/juju/errors"
-	"launchpad.net/golxc"
-
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/status"
-)
-
-type lxcInstance struct {
-	golxc.Container
-	id string
-}
-
-var _ instance.Instance = (*lxcInstance)(nil)
-
-// Id implements instance.Instance.Id.
-func (lxc *lxcInstance) Id() instance.Id {
-	return instance.Id(lxc.id)
-}
-
-// Status implements instance.Instance.Status.
-func (lxc *lxcInstance) Status() instance.InstanceStatus {
-	// On error, the state will be "unknown".
-	state, _, _ := lxc.Info()
-	return instance.InstanceStatus{
-		Status:  status.StatusUnknown,
-		Message: string(state),
-	}
-}
-
-func (*lxcInstance) Refresh() error {
-	return nil
-}
-
-func (lxc *lxcInstance) Addresses() ([]network.Address, error) {
-	return nil, errors.NotImplementedf("lxcInstance.Addresses")
-}
-
-// OpenPorts implements instance.Instance.OpenPorts.
-func (lxc *lxcInstance) OpenPorts(machineId string, ports []network.PortRange) error {
-	return fmt.Errorf("not implemented")
-}
-
-// ClosePorts implements instance.Instance.ClosePorts.
-func (lxc *lxcInstance) ClosePorts(machineId string, ports []network.PortRange) error {
-	return fmt.Errorf("not implemented")
-}
-
-// Ports implements instance.Instance.Ports.
-func (lxc *lxcInstance) Ports(machineId string) ([]network.PortRange, error) {
-	return nil, fmt.Errorf("not implemented")
-}
-
-// Add a string representation of the id.
-func (lxc *lxcInstance) String() string {
-	return fmt.Sprintf("lxc:%s", lxc.id)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/lxc.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/lxc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/lxc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/lxc.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,969 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package lxc
-
-import (
-	"bufio"
-	"bytes"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"os/exec"
-	"path/filepath"
-	"strconv"
-	"strings"
-	"text/template"
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"github.com/juju/names"
-	"github.com/juju/utils"
-	"github.com/juju/utils/arch"
-	"github.com/juju/utils/keyvalues"
-	"github.com/juju/utils/series"
-	"github.com/juju/utils/symlink"
-	"launchpad.net/golxc"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/cloudconfig/containerinit"
-	"github.com/juju/juju/cloudconfig/instancecfg"
-	"github.com/juju/juju/container"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/status"
-	"github.com/juju/juju/storage/looputil"
-)
-
-var logger = loggo.GetLogger("juju.container.lxc")
-
-var (
-	defaultTemplate  = "ubuntu-cloud"
-	LxcContainerDir  = golxc.GetDefaultLXCContainerDir()
-	LxcRestartDir    = "/etc/lxc/auto"
-	LxcObjectFactory = golxc.Factory()
-	writeWgetTmpFile = ioutil.WriteFile
-)
-
-const (
-	// Btrfs is special as we treat it differently for create and clone.
-	Btrfs = "btrfs"
-
-	// etcNetworkInterfaces here is the path (inside the container's
-	// rootfs) where the network config is stored.
-	etcNetworkInterfaces = "/etc/network/interfaces"
-)
-
-// DefaultNetworkConfig returns a valid NetworkConfig to use the
-// defaultLxcBridge that is created by the lxc package.
-func DefaultNetworkConfig() *container.NetworkConfig {
-	return container.BridgeNetworkConfig(container.DefaultLxcBridge, 0, nil)
-}
-
-// FsCommandOutput calls cmd.Output, this is used as an overloading point so
-// we can test what *would* be run without actually executing another program
-var FsCommandOutput = (*exec.Cmd).CombinedOutput
-
-func containerDirFilesystem() (string, error) {
-	cmd := exec.Command("df", "--output=fstype", LxcContainerDir)
-	out, err := FsCommandOutput(cmd)
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	// The filesystem is the second line.
-	lines := strings.Split(string(out), "\n")
-	if len(lines) < 2 {
-		logger.Errorf("unexpected output: %q", out)
-		return "", errors.Errorf("could not determine filesystem type")
-	}
-	return lines[1], nil
-}
-
-type containerManager struct {
-	name              string
-	logdir            string
-	createWithClone   bool
-	useAUFS           bool
-	backingFilesystem string
-	imageURLGetter    container.ImageURLGetter
-	loopDeviceManager looputil.LoopDeviceManager
-}
-
-// NewContainerManager returns a manager object that can start and
-// stop lxc containers. The containers that are created are namespaced
-// by the name parameter inside the given ManagerConfig.
-func NewContainerManager(conf container.ManagerConfig, imageURLGetter container.ImageURLGetter) (container.Manager, error) {
-	return newContainerManager(conf, imageURLGetter, looputil.NewLoopDeviceManager())
-}
-
-func newContainerManager(
-	conf container.ManagerConfig,
-	imageURLGetter container.ImageURLGetter,
-	loopDeviceManager looputil.LoopDeviceManager,
-) (container.Manager, error) {
-	name := conf.PopValue(container.ConfigName)
-	if name == "" {
-		return nil, errors.Errorf("name is required")
-	}
-	logDir := conf.PopValue(container.ConfigLogDir)
-	if logDir == "" {
-		logDir = agent.DefaultPaths.LogDir
-	}
-	var useClone bool
-	useCloneVal := conf.PopValue("use-clone")
-	if useCloneVal != "" {
-		// Explicitly ignore the error result from ParseBool.
-		// If it fails to parse, the value is false, and this suits
-		// us fine.
-		useClone, _ = strconv.ParseBool(useCloneVal)
-	} else {
-		// If no lxc-clone value is explicitly set in config, then
-		// see if the Ubuntu series we are running on supports it
-		// and if it does, we will use clone.
-		useClone = preferFastLXC(releaseVersion())
-	}
-	useAUFS, _ := strconv.ParseBool(conf.PopValue("use-aufs"))
-	backingFS, err := containerDirFilesystem()
-	if err != nil {
-		// Especially in tests, or a bot, the lxc dir may not exist
-		// causing the test to fail. Since we only really care if the
-		// backingFS is 'btrfs' and we treat the rest the same, just
-		// call it 'unknown'.
-		backingFS = "unknown"
-	}
-	logger.Tracef("backing filesystem: %q", backingFS)
-	conf.WarnAboutUnused()
-	return &containerManager{
-		name:              name,
-		logdir:            logDir,
-		createWithClone:   useClone,
-		useAUFS:           useAUFS,
-		backingFilesystem: backingFS,
-		imageURLGetter:    imageURLGetter,
-		loopDeviceManager: loopDeviceManager,
-	}, nil
-}
-
-// releaseVersion is a function that returns a string representing the
-// DISTRIB_RELEASE from the /etc/lsb-release file.
-var releaseVersion = series.ReleaseVersion
-
-// preferFastLXC returns true if the host is capable of
-// LXC cloning from a template.
-func preferFastLXC(release string) bool {
-	if release == "" {
-		return false
-	}
-	value, err := strconv.ParseFloat(release, 64)
-	if err != nil {
-		return false
-	}
-	return value >= 14.04
-}
-
-// CreateContainer creates or clones an LXC container.
-func (manager *containerManager) CreateContainer(
-	instanceConfig *instancecfg.InstanceConfig,
-	series string,
-	networkConfig *container.NetworkConfig,
-	storageConfig *container.StorageConfig,
-	callback container.StatusCallback,
-) (inst instance.Instance, _ *instance.HardwareCharacteristics, err error) {
-	// Check our preconditions
-	if manager == nil {
-		panic("manager is nil")
-	} else if series == "" {
-		panic("series not set")
-	} else if networkConfig == nil {
-		panic("networkConfig is nil")
-	} else if storageConfig == nil {
-		panic("storageConfig is nil")
-	} else if callback == nil {
-		panic("status callback is nil")
-	}
-
-	// Log how long the start took
-	defer func(start time.Time) {
-		if err == nil {
-			logger.Tracef("container %q started: %v", inst.Id(), time.Now().Sub(start))
-		}
-	}(time.Now())
-
-	name := names.NewMachineTag(instanceConfig.MachineId).String()
-	if manager.name != "" {
-		name = fmt.Sprintf("%s-%s", manager.name, name)
-	}
-
-	// Create the cloud-init.
-	directory, err := container.NewDirectory(name)
-	if err != nil {
-		return nil, nil, errors.Annotate(err, "failed to create a directory for the container")
-	}
-	logger.Tracef("write cloud-init")
-	userDataFilename, err := containerinit.WriteUserData(instanceConfig, networkConfig, directory)
-	if err != nil {
-		return nil, nil, errors.Annotate(err, "failed to write user data")
-	}
-
-	var lxcContainer golxc.Container
-	if manager.createWithClone {
-		templateContainer, err := EnsureCloneTemplate(
-			manager.backingFilesystem,
-			series,
-			networkConfig,
-			instanceConfig.AuthorizedKeys,
-			instanceConfig.AptProxySettings,
-			instanceConfig.AptMirror,
-			instanceConfig.EnableOSRefreshUpdate,
-			instanceConfig.EnableOSUpgrade,
-			manager.imageURLGetter,
-			manager.useAUFS,
-			callback,
-		)
-		if err != nil {
-			return nil, nil, errors.Annotate(err, "failed to retrieve the template to clone")
-		}
-		templateParams := []string{
-			"--debug",                      // Debug errors in the cloud image
-			"--userdata", userDataFilename, // Our groovey cloud-init
-			"--hostid", name, // Use the container name as the hostid
-		}
-		var extraCloneArgs []string
-		if manager.backingFilesystem == Btrfs || manager.useAUFS {
-			extraCloneArgs = append(extraCloneArgs, "--snapshot")
-		}
-		if manager.backingFilesystem != Btrfs && manager.useAUFS {
-			extraCloneArgs = append(extraCloneArgs, "--backingstore", "aufs")
-		}
-
-		lock, err := AcquireTemplateLock(templateContainer.Name(), "clone")
-		if err != nil {
-			return nil, nil, errors.Annotate(err, "failed to acquire lock on template")
-		}
-		defer lock.Unlock()
-
-		// Ensure the run-time effective config of the template
-		// container has correctly ordered network settings, otherwise
-		// Clone() below will fail. This is needed in case we haven't
-		// created a new template now but are reusing an existing one.
-		// See LP bug #1414016.
-		configPath := containerConfigFilename(templateContainer.Name())
-		if _, err := reorderNetworkConfig(configPath); err != nil {
-			return nil, nil, errors.Annotate(err, "failed to reorder network settings")
-		}
-
-		err = callback(status.StatusProvisioning, "Cloning template container", nil)
-		if err != nil {
-			logger.Warningf("Cannot set instance status for container: %v", err)
-		}
-		lxcContainer, err = templateContainer.Clone(name, extraCloneArgs, templateParams)
-		if err != nil {
-			return nil, nil, errors.Wrap(err, instance.NewRetryableCreationError("lxc container cloning failed"))
-		}
-	} else {
-		// Note here that the lxcObjectFactory only returns a valid container
-		// object, and doesn't actually construct the underlying lxc container on
-		// disk.
-		lxcContainer = LxcObjectFactory.New(name)
-		templateParams := []string{
-			"--debug",                      // Debug errors in the cloud image
-			"--userdata", userDataFilename, // Our groovey cloud-init
-			"--hostid", name, // Use the container name as the hostid
-			"-r", series,
-		}
-		var caCert []byte
-		if manager.imageURLGetter != nil {
-			arch := arch.HostArch()
-			imageURL, err := manager.imageURLGetter.ImageURL(instance.LXC, series, arch)
-			if err != nil {
-				return nil, nil, errors.Annotatef(err, "cannot determine cached image URL")
-			}
-			templateParams = append(templateParams, "-T", imageURL)
-			caCert = manager.imageURLGetter.CACert()
-		}
-		err = createContainer(
-			lxcContainer,
-			directory,
-			networkConfig,
-			nil,
-			templateParams,
-			caCert,
-		)
-		if err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-	}
-
-	callback(status.StatusProvisioning, "Configuring container", nil)
-
-	if err := autostartContainer(name); err != nil {
-		return nil, nil, errors.Annotate(err, "failed to configure the container for autostart")
-	}
-	if err := mountHostLogDir(name, manager.logdir); err != nil {
-		return nil, nil, errors.Annotate(err, "failed to mount the directory to log to")
-	}
-	if storageConfig.AllowMount {
-		// Add config to allow loop devices to be mounted inside the container.
-		if err := allowLoopbackBlockDevices(name); err != nil {
-			return nil, nil, errors.Annotate(err, "failed to configure the container for loopback devices")
-		}
-	}
-	// Update the network settings inside the run-time config of the
-	// container (e.g. /var/lib/lxc/<name>/config) before starting it.
-	netConfig := generateNetworkConfig(networkConfig)
-	if err := updateContainerConfig(name, netConfig); err != nil {
-		return nil, nil, errors.Annotate(err, "failed to update network config")
-	}
-	configPath := containerConfigFilename(name)
-	logger.Tracef("updated network config in %q for container %q", configPath, name)
-	// Ensure the run-time config of the new container has correctly
-	// ordered network settings, otherwise Start() below will fail. We
-	// need this now because after lxc-create or lxc-clone the initial
-	// lxc.conf generated inside createContainer gets merged with
-	// other settings (e.g. system-wide overrides, changes made by
-	// hooks, etc.) and the result can still be incorrectly ordered.
-	// See LP bug #1414016.
-	if _, err := reorderNetworkConfig(configPath); err != nil {
-		return nil, nil, errors.Annotate(err, "failed to reorder network settings")
-	}
-
-	// To speed-up the initial container startup we pre-render the
-	// /etc/network/interfaces directly inside the rootfs. This won't
-	// work if we use AUFS snapshots, so it's disabled if useAUFS is
-	// true (for now).
-	if networkConfig != nil && len(networkConfig.Interfaces) > 0 {
-		interfacesFile := filepath.Join(LxcContainerDir, name, "rootfs", etcNetworkInterfaces)
-		if manager.useAUFS {
-			logger.Tracef("not pre-rendering %q when using AUFS-backed rootfs", interfacesFile)
-		} else {
-			data, err := containerinit.GenerateNetworkConfig(networkConfig)
-			if err != nil {
-				return nil, nil, errors.Annotatef(err, "failed to generate %q", interfacesFile)
-			}
-			if err := utils.AtomicWriteFile(interfacesFile, []byte(data), 0644); err != nil {
-				return nil, nil, errors.Annotatef(err, "cannot write generated %q", interfacesFile)
-			}
-			logger.Tracef("pre-rendered network config in %q", interfacesFile)
-		}
-	}
-
-	// Start the lxc container with the appropriate settings for
-	// grabbing the console output and a log file.
-	consoleFile := filepath.Join(directory, "console.log")
-	lxcContainer.SetLogFile(filepath.Join(directory, "container.log"), golxc.LogDebug)
-	logger.Tracef("start the container")
-	callback(status.StatusProvisioning, "Starting container", nil)
-
-	// We explicitly don't pass through the config file to the container.Start
-	// method as we have passed it through at container creation time.  This
-	// is necessary to get the appropriate rootfs reference without explicitly
-	// setting it ourselves.
-	if err := lxcContainer.Start("", consoleFile); err != nil {
-		// if the container fails to start we should try to destroy it
-		// check if the container has been constructed
-		if lxcContainer.IsConstructed() {
-			// if so, then we need to destroy the leftover container
-			if derr := lxcContainer.Destroy(); derr != nil {
-				// if an error is reported there is probably a leftover
-				// container that the user should clean up manually
-				return nil, nil, errors.Annotatef(err, "container failed to start and failed to destroy: manual cleanup of containers needed: %v", derr)
-			}
-			return nil, nil, errors.Wrap(err, instance.NewRetryableCreationError("container failed to start and was destroyed: "+lxcContainer.Name()))
-		}
-		return nil, nil, errors.Annotate(err, "container failed to start")
-	}
-
-	arch := arch.HostArch()
-	hardware := &instance.HardwareCharacteristics{
-		Arch: &arch,
-	}
-
-	callback(status.StatusRunning, "Container started", nil)
-	return &lxcInstance{lxcContainer, name}, hardware, nil
-}
-
-func createContainer(
-	lxcContainer golxc.Container,
-	directory string,
-	networkConfig *container.NetworkConfig,
-	extraCreateArgs, templateParams []string,
-	caCert []byte,
-) error {
-	// Generate initial lxc.conf with networking settings.
-	netConfig := generateNetworkConfig(networkConfig)
-	configPath := filepath.Join(directory, "lxc.conf")
-	if err := ioutil.WriteFile(configPath, []byte(netConfig), 0644); err != nil {
-		return errors.Annotatef(err, "failed to write container config %q", configPath)
-	}
-	logger.Tracef("wrote initial config %q for container %q: %+v", configPath, lxcContainer.Name(), netConfig)
-
-	var err error
-	var execEnv []string = nil
-	var closer func()
-	if caCert != nil {
-		execEnv, closer, err = wgetEnvironment(caCert)
-		if err != nil {
-			return errors.Annotatef(err, "failed to get model for wget execution")
-		}
-		defer closer()
-	}
-
-	// Create the container.
-	logger.Debugf("creating lxc container %q", lxcContainer.Name())
-	logger.Debugf("lxc-create template params: %v", templateParams)
-	if err := lxcContainer.Create(configPath, defaultTemplate, extraCreateArgs, templateParams, execEnv); err != nil {
-		return errors.Wrap(err, instance.NewRetryableCreationError("lxc container creation failed: "+lxcContainer.Name()))
-	}
-	return nil
-}
-
-// wgetEnvironment creates a script to call wget with the
-// --no-check-certificate argument, patching the PATH to ensure
-// the script is invoked by the lxc template bash script.
-// It returns a slice of env variables to pass to the lxc create command.
-func wgetEnvironment(caCert []byte) (execEnv []string, closer func(), _ error) {
-	env := os.Environ()
-	kv, err := keyvalues.Parse(env, true)
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-	// Create a wget bash script in a temporary directory.
-	tmpDir, err := ioutil.TempDir("", "wget")
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-	closer = func() {
-		os.RemoveAll(tmpDir)
-	}
-	// Write the ca cert.
-	caCertPath := filepath.Join(tmpDir, "ca-cert.pem")
-	err = ioutil.WriteFile(caCertPath, caCert, 0755)
-	if err != nil {
-		defer closer()
-		return nil, nil, errors.Trace(err)
-	}
-
-	// Write the wget script.  Don't use a proxy when getting
-	// the image as it's going through the controller.
-	wgetTmpl := `#!/bin/bash
-/usr/bin/wget --no-proxy --ca-certificate=%s $*
-`
-	wget := fmt.Sprintf(wgetTmpl, caCertPath)
-	err = writeWgetTmpFile(filepath.Join(tmpDir, "wget"), []byte(wget), 0755)
-	if err != nil {
-		defer closer()
-		return nil, nil, errors.Trace(err)
-	}
-
-	// Update the path to point to the script.
-	for k, v := range kv {
-		if strings.ToUpper(k) == "PATH" {
-			v = strings.Join([]string{tmpDir, v}, string(os.PathListSeparator))
-		}
-		execEnv = append(execEnv, fmt.Sprintf("%s=%s", k, v))
-	}
-	return execEnv, closer, nil
-}
-
-// parseConfigLine tries to parse a line from an LXC config file.
-// Empty lines, comments, and lines not starting with "lxc." are
-// ignored. If successful the setting and its value are returned
-// stripped of leading/trailing whitespace and line comments (e.g.
-// "lxc.rootfs" and "/some/path"), otherwise both results are empty.
-func parseConfigLine(line string) (setting, value string) {
-	input := strings.TrimSpace(line)
-	if len(input) == 0 ||
-		strings.HasPrefix(input, "#") ||
-		!strings.HasPrefix(input, "lxc.") {
-		return "", ""
-	}
-	parts := strings.SplitN(input, "=", 2)
-	if len(parts) != 2 {
-		// Still not what we're looking for.
-		return "", ""
-	}
-	setting = strings.TrimSpace(parts[0])
-	value = strings.TrimSpace(parts[1])
-	if strings.Contains(value, "#") {
-		parts = strings.SplitN(value, "#", 2)
-		if len(parts) == 2 {
-			value = strings.TrimSpace(parts[0])
-		}
-	}
-	return setting, value
-}
-
-// updateContainerConfig selectively replaces, deletes, and/or appends
-// lines in the named container's current config file, depending on
-// the contents of newConfig. First, newConfig is split into multiple
-// lines and parsed, ignoring comments, empty lines and spaces. Then
-// the occurrence of a setting in a line of the config file will be
-// replaced by values from newConfig. Values in newConfig are only
-// used once (in the order provided), so multiple replacements must be
-// supplied as multiple input values for the same setting in
-// newConfig. If the value of a setting is empty, the setting will be
-// removed if found. Settings that are not found and have values will
-// be appended (also if more values are given than exist).
-//
-// For example, with existing config like "lxc.foo = off\nlxc.bar=42\n",
-// and newConfig like "lxc.bar=\nlxc.foo = bar\nlxc.foo = baz # xx",
-// the updated config file contains "lxc.foo = bar\nlxc.foo = baz\n".
-// TestUpdateContainerConfig has this example in code.
-func updateContainerConfig(name, newConfig string) error {
-	lines := strings.Split(newConfig, "\n")
-	if len(lines) == 0 {
-		return nil
-	}
-	// Extract unique set of line prefixes to match later. Also, keep
-	// a slice of values to replace for each key, as well as a slice
-	// of parsed prefixes to preserve the order when replacing or
-	// appending.
-	parsedLines := make(map[string][]string)
-	var parsedPrefixes []string
-	for _, line := range lines {
-		prefix, value := parseConfigLine(line)
-		if prefix == "" {
-			// Ignore comments, empty lines, and unknown prefixes.
-			continue
-		}
-		if values, found := parsedLines[prefix]; !found {
-			parsedLines[prefix] = []string{value}
-		} else {
-			values = append(values, value)
-			parsedLines[prefix] = values
-		}
-		parsedPrefixes = append(parsedPrefixes, prefix)
-	}
-
-	path := containerConfigFilename(name)
-	currentConfig, err := ioutil.ReadFile(path)
-	if err != nil {
-		return errors.Annotatef(err, "cannot open config %q for container %q", path, name)
-	}
-	input := bytes.NewBuffer(currentConfig)
-
-	// Read the original config and prepare the output to replace it
-	// with.
-	var output bytes.Buffer
-	scanner := bufio.NewScanner(input)
-	for scanner.Scan() {
-		line := scanner.Text()
-		prefix, _ := parseConfigLine(line)
-		values, found := parsedLines[prefix]
-		if !found || len(values) == 0 {
-			// No need to change, just preserve.
-			output.WriteString(line + "\n")
-			continue
-		}
-		// We need to change this line. Pop the first value of the
-		// list and set it.
-		var newValue string
-		newValue, values = values[0], values[1:]
-		parsedLines[prefix] = values
-
-		if newValue == "" {
-			logger.Tracef("removing %q from container %q config %q", line, name, path)
-			continue
-		}
-		newLine := prefix + " = " + newValue
-		if newLine == line {
-			// No need to change and pollute the log, just write it.
-			output.WriteString(line + "\n")
-			continue
-		}
-		logger.Tracef(
-			"replacing %q with %q in container %q config %q",
-			line, newLine, name, path,
-		)
-		output.WriteString(newLine + "\n")
-	}
-	if err := scanner.Err(); err != nil {
-		return errors.Annotatef(err, "cannot read config for container %q", name)
-	}
-
-	// Now process any prefixes with values still left for appending,
-	// in the original order.
-	for _, prefix := range parsedPrefixes {
-		values := parsedLines[prefix]
-		for _, value := range values {
-			if value == "" {
-				// No need to remove what's not there.
-				continue
-			}
-			newLine := prefix + " = " + value + "\n"
-			logger.Tracef("appending %q to container %q config %q", newLine, name, path)
-			output.WriteString(newLine)
-		}
-		// Reset the values, so we only append the once per prefix.
-		parsedLines[prefix] = []string{}
-	}
-
-	// Reset the original file and overwrite it atomically.
-	if err := utils.AtomicWriteFile(path, output.Bytes(), 0644); err != nil {
-		return errors.Annotatef(err, "cannot write new config %q for container %q", path, name)
-	}
-	return nil
-}
-
-// reorderNetworkConfig reads the contents of the given container
-// config file and the modifies the contents, if needed, so that any
-// lxc.network.* setting comes after the first lxc.network.type
-// setting preserving the order. Every line formatting is preserved in
-// the modified config, including whitespace and comments. The
-// wasReordered flag will be set if the config was modified.
-//
-// This ensures the lxc tools won't report parsing errors for network
-// settings. See also LP bug #1414016.
-func reorderNetworkConfig(configFile string) (wasReordered bool, err error) {
-	data, err := ioutil.ReadFile(configFile)
-	if err != nil {
-		return false, errors.Annotatef(err, "cannot read config %q", configFile)
-	}
-	if len(data) == 0 {
-		// Nothing to do.
-		return false, nil
-	}
-	input := bytes.NewBuffer(data)
-	scanner := bufio.NewScanner(input)
-	var output bytes.Buffer
-	firstNetworkType := ""
-	var networkLines []string
-	mayNeedReordering := true
-	foundFirstType := false
-	doneReordering := false
-	for scanner.Scan() {
-		line := scanner.Text()
-		prefix, _ := parseConfigLine(line)
-		if mayNeedReordering {
-			if strings.HasPrefix(prefix, "lxc.network.type") {
-				if len(networkLines) == 0 {
-					// All good, no need to change.
-					logger.Tracef("correct network settings order in config %q", configFile)
-					return false, nil
-				}
-				// We found the first type.
-				firstNetworkType = line
-				foundFirstType = true
-				logger.Tracef(
-					"moving line(s) %q after line %q in config %q",
-					strings.Join(networkLines, "\n"), firstNetworkType, configFile,
-				)
-			} else if strings.HasPrefix(prefix, "lxc.network.") {
-				if firstNetworkType != "" {
-					// All good, no need to change.
-					logger.Tracef("correct network settings order in config %q", configFile)
-					return false, nil
-				}
-				networkLines = append(networkLines, line)
-				logger.Tracef("need to move line %q in config %q", line, configFile)
-				continue
-			}
-		}
-		output.WriteString(line + "\n")
-		if foundFirstType && len(networkLines) > 0 {
-			// Now add the skipped networkLines.
-			output.WriteString(strings.Join(networkLines, "\n") + "\n")
-			doneReordering = true
-			mayNeedReordering = false
-			firstNetworkType = ""
-			networkLines = nil
-		}
-	}
-	if err := scanner.Err(); err != nil {
-		return false, errors.Annotatef(err, "cannot read config %q", configFile)
-	}
-	if !doneReordering {
-		if len(networkLines) > 0 {
-			logger.Errorf("invalid lxc network settings in config %q", configFile)
-			return false, errors.Errorf(
-				"cannot have line(s) %q without lxc.network.type in config %q",
-				strings.Join(networkLines, "\n"), configFile,
-			)
-		}
-		// No networking settings to reorder.
-		return false, nil
-	}
-	// Reset the original file and overwrite it atomically.
-	if err := utils.AtomicWriteFile(configFile, output.Bytes(), 0644); err != nil {
-		return false, errors.Annotatef(err, "cannot write new config %q", configFile)
-	}
-	logger.Tracef("reordered network settings in config %q", configFile)
-	return true, nil
-}
-
-func appendToContainerConfig(name, line string) error {
-	configPath := containerConfigFilename(name)
-	file, err := os.OpenFile(configPath, os.O_RDWR|os.O_APPEND, 0644)
-	if err != nil {
-		return err
-	}
-	defer file.Close()
-	_, err = file.WriteString(line)
-	if err != nil {
-		return err
-	}
-	logger.Tracef("appended %q to config %q", line, configPath)
-	return nil
-}
-
-func autostartContainer(name string) error {
-	// Now symlink the config file into the restart directory, if it exists.
-	// This is for backwards compatiblity. From Trusty onwards, the auto start
-	// option should be set in the LXC config file, this is done in the networkConfigTemplate
-	// function below.
-	if useRestartDir() {
-		if err := symlink.New(
-			containerConfigFilename(name),
-			restartSymlink(name),
-		); err != nil {
-			return err
-		}
-		logger.Tracef("auto-restart link created")
-	} else {
-		logger.Tracef("Setting auto start to true in lxc config.")
-		return appendToContainerConfig(name, "lxc.start.auto = 1\n")
-	}
-	return nil
-}
-
-func mountHostLogDir(name, logDir string) error {
-	// Make sure that the mount dir has been created.
-	internalDir := internalLogDir(name)
-	// Ensure that the logDir actually exists.
-	if err := os.MkdirAll(logDir, 0777); err != nil {
-		return errors.Trace(err)
-	}
-	logger.Tracef("make the mount dir for the shared logs: %s", internalDir)
-	if err := os.MkdirAll(internalDir, 0755); err != nil {
-		logger.Errorf("failed to create internal /var/log/juju mount dir: %v", err)
-		return err
-	}
-	line := fmt.Sprintf(
-		"lxc.mount.entry = %s var/log/juju none defaults,bind 0 0\n",
-		logDir)
-	return appendToContainerConfig(name, line)
-}
-
-func allowLoopbackBlockDevices(name string) error {
-	const allowLoopDevicesCfg = `
-lxc.aa_profile = lxc-container-default-with-mounting
-lxc.cgroup.devices.allow = b 7:* rwm
-lxc.cgroup.devices.allow = c 10:237 rwm
-`
-	return appendToContainerConfig(name, allowLoopDevicesCfg)
-}
-
-func (manager *containerManager) DestroyContainer(id instance.Id) error {
-	start := time.Now()
-	name := string(id)
-	lxcContainer := LxcObjectFactory.New(name)
-	if useRestartDir() {
-		// Remove the autostart link.
-		if err := os.Remove(restartSymlink(name)); err != nil {
-			logger.Errorf("failed to remove restart symlink: %v", err)
-			return err
-		}
-	}
-
-	// Detach loop devices backed by files inside the container's rootfs.
-	rootfs := filepath.Join(LxcContainerDir, name, "rootfs")
-	if err := manager.loopDeviceManager.DetachLoopDevices(rootfs, "/"); err != nil {
-		logger.Errorf("failed to detach loop devices from lxc container: %v", err)
-		return err
-	}
-
-	if err := lxcContainer.Destroy(); err != nil {
-		logger.Errorf("failed to destroy lxc container: %v", err)
-		return err
-	}
-
-	err := container.RemoveDirectory(name)
-	logger.Tracef("container %q stopped: %v", name, time.Now().Sub(start))
-	return err
-}
-
-func (manager *containerManager) ListContainers() (result []instance.Instance, err error) {
-	containers, err := LxcObjectFactory.List()
-	if err != nil {
-		logger.Errorf("failed getting all instances: %v", err)
-		return
-	}
-	managerPrefix := ""
-	if manager.name != "" {
-		managerPrefix = fmt.Sprintf("%s-", manager.name)
-	}
-
-	for _, container := range containers {
-		// Filter out those not starting with our name.
-		name := container.Name()
-		if !strings.HasPrefix(name, managerPrefix) {
-			continue
-		}
-		if container.IsRunning() {
-			result = append(result, &lxcInstance{container, name})
-		}
-	}
-	return
-}
-
-func (manager *containerManager) IsInitialized() bool {
-	requiredBinaries := []string{
-		"lxc-ls",
-	}
-	for _, bin := range requiredBinaries {
-		if _, err := exec.LookPath(bin); err != nil {
-			return false
-		}
-	}
-	return true
-}
-
-const internalLogDirTemplate = "%s/%s/rootfs/var/log/juju"
-
-func internalLogDir(containerName string) string {
-	return fmt.Sprintf(internalLogDirTemplate, LxcContainerDir, containerName)
-}
-
-func restartSymlink(name string) string {
-	return filepath.Join(LxcRestartDir, name+".conf")
-}
-
-func containerConfigFilename(name string) string {
-	return filepath.Join(LxcContainerDir, name, "config")
-}
-
-const singleNICTemplate = `
-# network config
-# interface "eth0"
-lxc.network.type = {{.Type}}
-lxc.network.link = {{.Link}}
-lxc.network.flags = up{{if .MTU}}
-lxc.network.mtu = {{.MTU}}{{end}}{{if .MACAddress}}
-lxc.network.hwaddr = {{.MACAddress}}{{end}}
-
-`
-
-const multipleNICsTemplate = `
-# network config{{$mtu := .MTU}}{{range $nic := .Interfaces}}
-{{$nic.Name | printf "# interface %q"}}
-lxc.network.type = {{$nic.Type}}
-lxc.network.link = {{$nic.Link}}{{if not $nic.NoAutoStart}}
-lxc.network.flags = up{{end}}{{if $nic.Name}}
-lxc.network.name = {{$nic.Name}}{{end}}{{if $nic.MACAddress}}
-lxc.network.hwaddr = {{$nic.MACAddress}}{{end}}{{if $nic.IPv4Address}}
-lxc.network.ipv4 = {{$nic.IPv4Address}}{{end}}{{if $nic.IPv4Gateway}}
-lxc.network.ipv4.gateway = {{$nic.IPv4Gateway}}{{end}}{{if $nic.MTU}}
-lxc.network.mtu = {{$nic.MTU}}{{end}}
-{{end}}{{/* range */}}
-
-`
-
-func networkConfigTemplate(config container.NetworkConfig) string {
-	logger.Debugf("preparing to render container network config from %+v", config)
-	type nicData struct {
-		Name        string
-		NoAutoStart bool
-		Type        string
-		Link        string
-		MTU         int
-		VLANTag     int
-		MACAddress  string
-		IPv4Address string
-		IPv4Gateway string
-	}
-	type configData struct {
-		Type       string
-		Link       string
-		Interfaces []nicData
-		// The following are used only with a single NIC config.
-		MTU        int
-		MACAddress string
-	}
-	data := configData{
-		Link: config.Device,
-		MTU:  config.MTU,
-	}
-
-	switch config.NetworkType {
-	case container.PhysicalNetwork:
-		data.Type = "phys"
-	case container.BridgeNetwork:
-		data.Type = "veth"
-	default:
-		logger.Warningf(
-			"unknown network type %q, using the default %q config",
-			config.NetworkType, container.BridgeNetwork,
-		)
-		data.Type = "veth"
-	}
-	for _, iface := range config.Interfaces {
-		linkName := data.Link
-		if iface.ParentInterfaceName != "" {
-			linkName = iface.ParentInterfaceName
-		}
-		nic := nicData{
-			Type:        data.Type,
-			Link:        linkName,
-			Name:        iface.InterfaceName,
-			MTU:         iface.MTU,
-			NoAutoStart: iface.NoAutoStart,
-			MACAddress:  iface.MACAddress,
-			IPv4Address: iface.CIDRAddress(),
-		}
-		if nic.Name == "eth0" {
-			// Only the primary NIC needs a gateway otherwise lxc and/or ifup
-			// inside the container will fail.
-			nic.IPv4Gateway = iface.GatewayAddress.Value
-		}
-		if iface.MACAddress == "" || nic.MACAddress == "" {
-			logger.Warningf(
-				"empty MAC address %q from config for %q (rendered as %q)",
-				iface.MACAddress, iface.InterfaceName, nic.MACAddress,
-			)
-		}
-
-		data.Interfaces = append(data.Interfaces, nic)
-	}
-	templateName := multipleNICsTemplate
-	if len(config.Interfaces) == 0 {
-		logger.Tracef("generating default single NIC network config")
-		templateName = singleNICTemplate
-	} else {
-		logger.Tracef("generating network config with %d NIC(s)", len(config.Interfaces))
-	}
-	tmpl, err := template.New("config").Parse(templateName)
-	if err != nil {
-		logger.Errorf("cannot parse container config template: %v", err)
-		return ""
-	}
-
-	var buf bytes.Buffer
-	if err := tmpl.Execute(&buf, data); err != nil {
-		logger.Errorf("cannot render container config: %v", err)
-		return ""
-	}
-	return buf.String()
-}
-
-func generateNetworkConfig(config *container.NetworkConfig) string {
-	if config == nil {
-		config = DefaultNetworkConfig()
-		logger.Warningf("network type missing, using the default %q config", config.NetworkType)
-	}
-	return networkConfigTemplate(*config)
-}
-
-// useRestartDir is used to determine whether or not to use a symlink to the
-// container config as the restart mechanism.  Older versions of LXC had the
-// /etc/lxc/auto directory that would indicate that a container shoud auto-
-// restart when the machine boots by having a symlink to the lxc.conf file.
-// Newer versions don't do this, but instead have a config value inside the
-// lxc.conf file.
-func useRestartDir() bool {
-	if _, err := os.Stat(LxcRestartDir); err != nil {
-		if os.IsNotExist(err) {
-			return false
-		}
-	}
-	return true
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/lxc_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/lxc_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/lxc_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/lxc_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,1276 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package lxc_test
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"runtime"
-	"strings"
-	stdtesting "testing"
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/proxy"
-	"github.com/juju/utils/set"
-	"github.com/juju/utils/symlink"
-	gc "gopkg.in/check.v1"
-	goyaml "gopkg.in/yaml.v2"
-	"launchpad.net/golxc"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/container"
-	"github.com/juju/juju/container/lxc"
-	"github.com/juju/juju/container/lxc/mock"
-	lxctesting "github.com/juju/juju/container/lxc/testing"
-	containertesting "github.com/juju/juju/container/testing"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/feature"
-	"github.com/juju/juju/instance"
-	instancetest "github.com/juju/juju/instance/testing"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/dummy"
-	"github.com/juju/juju/status"
-	coretesting "github.com/juju/juju/testing"
-)
-
-func Test(t *stdtesting.T) {
-	if runtime.GOOS == "windows" {
-		t.Skip("LXC is currently not supported on windows")
-	}
-	gc.TestingT(t)
-}
-
-type LxcSuite struct {
-	lxctesting.TestSuite
-
-	events            chan mock.Event
-	useClone          bool
-	useAUFS           bool
-	logDir            string
-	loopDeviceManager mockLoopDeviceManager
-}
-
-var _ = gc.Suite(&LxcSuite{})
-
-var lxcCgroupContents = `11:hugetlb:/lxc/juju-machine-1-lxc-0
-10:perf_event:/lxc/juju-machine-1-lxc-0
-9:blkio:/lxc/juju-machine-1-lxc-0
-8:freezer:/lxc/juju-machine-1-lxc-0
-7:devices:/lxc/juju-machine-1-lxc-0
-6:memory:/lxc/juju-machine-1-lxc-0
-5:cpuacct:/lxc/juju-machine-1-lxc-0
-4:cpu:/lxc/juju-machine-1-lxc-0
-3:cpuset:/lxc/juju-machine-1-lxc-0
-2:name=systemd:/lxc/juju-machine-1-lxc-0
-`
-
-var hostCgroupContents = `11:hugetlb:/
-10:perf_event:/
-9:blkio:/
-8:freezer:/
-7:devices:/
-6:memory:/
-5:cpuacct:/
-4:cpu:/
-3:cpuset:/
-2:name=systemd:/
-`
-
-var malformedCgroupFile = `some bogus content
-more bogus content`
-
-func (s *LxcSuite) SetUpTest(c *gc.C) {
-	s.TestSuite.SetUpTest(c)
-	s.SetFeatureFlags(feature.AddressAllocation)
-	s.logDir = c.MkDir()
-	loggo.GetLogger("juju.container.lxc").SetLogLevel(loggo.TRACE)
-	s.events = make(chan mock.Event, 25)
-	s.TestSuite.ContainerFactory.AddListener(s.events)
-	s.PatchValue(&lxc.TemplateLockDir, c.MkDir())
-	s.PatchValue(&lxc.TemplateStopTimeout, 500*time.Millisecond)
-	s.loopDeviceManager = mockLoopDeviceManager{}
-	s.AddCleanup(func(*gc.C) {
-		s.TestSuite.ContainerFactory.RemoveListener(s.events)
-		close(s.events)
-	})
-}
-
-func (t *LxcSuite) TestPreferFastLXC(c *gc.C) {
-	for i, test := range []struct {
-		message        string
-		releaseVersion string
-		expected       bool
-	}{{
-		message: "missing release file",
-	}, {
-		message:        "precise release",
-		releaseVersion: "12.04",
-	}, {
-		message:        "trusty release",
-		releaseVersion: "14.04",
-		expected:       true,
-	}, {
-		message:        "unstable unicorn",
-		releaseVersion: "14.10",
-		expected:       true,
-	}, {
-		message:        "lucid",
-		releaseVersion: "10.04",
-	}} {
-		c.Logf("%v: %v", i, test.message)
-		value := lxc.PreferFastLXC(test.releaseVersion)
-		c.Assert(value, gc.Equals, test.expected)
-	}
-}
-
-func (s *LxcSuite) TestContainerManagerLXCClone(c *gc.C) {
-	type test struct {
-		releaseVersion string
-		useClone       string
-		expectClone    bool
-	}
-	tests := []test{{
-		releaseVersion: "12.04",
-		useClone:       "true",
-		expectClone:    true,
-	}, {
-		releaseVersion: "14.04",
-		expectClone:    true,
-	}, {
-		releaseVersion: "12.04",
-		useClone:       "false",
-	}, {
-		releaseVersion: "14.04",
-		useClone:       "false",
-	}}
-
-	for i, test := range tests {
-		c.Logf("test %d: %v", i, test)
-		s.PatchValue(lxc.ReleaseVersion, func() string { return test.releaseVersion })
-
-		mgr, err := lxc.NewContainerManager(container.ManagerConfig{
-			container.ConfigName: "juju",
-			"use-clone":          test.useClone,
-		}, &containertesting.MockURLGetter{})
-		c.Assert(err, jc.ErrorIsNil)
-		c.Check(lxc.GetCreateWithCloneValue(mgr), gc.Equals, test.expectClone)
-	}
-}
-
-func (s *LxcSuite) TestContainerDirFilesystem(c *gc.C) {
-	for i, test := range []struct {
-		message    string
-		output     string
-		expected   string
-		errorMatch string
-	}{{
-		message:  "btrfs",
-		output:   "Type\nbtrfs\n",
-		expected: lxc.Btrfs,
-	}, {
-		message:  "ext4",
-		output:   "Type\next4\n",
-		expected: "ext4",
-	}, {
-		message:    "not enough output",
-		output:     "foo",
-		errorMatch: "could not determine filesystem type",
-	}} {
-		c.Logf("%v: %s", i, test.message)
-		s.HookCommandOutput(&lxc.FsCommandOutput, []byte(test.output), nil)
-		value, err := lxc.ContainerDirFilesystem()
-		if test.errorMatch == "" {
-			c.Check(err, jc.ErrorIsNil)
-			c.Check(value, gc.Equals, test.expected)
-		} else {
-			c.Check(err, gc.ErrorMatches, test.errorMatch)
-		}
-	}
-}
-
-func (*LxcSuite) TestParseConfigLine(c *gc.C) {
-	for i, test := range []struct {
-		about   string
-		input   string
-		setting string
-		value   string
-	}{{
-		about:   "empty line",
-		input:   "",
-		setting: "",
-		value:   "",
-	}, {
-		about:   "line with spaces",
-		input:   "  line  with spaces   ",
-		setting: "",
-		value:   "",
-	}, {
-		about:   "comments",
-		input:   "# comment",
-		setting: "",
-		value:   "",
-	}, {
-		about:   "commented setting",
-		input:   "#lxc.flag = disabled",
-		setting: "",
-		value:   "",
-	}, {
-		about:   "comments with spaces",
-		input:   "  # comment  with   spaces ",
-		setting: "",
-		value:   "",
-	}, {
-		about:   "not a setting",
-		input:   "anything here",
-		setting: "",
-		value:   "",
-	}, {
-		about:   "valid setting, no whitespace",
-		input:   "lxc.setting=value",
-		setting: "lxc.setting",
-		value:   "value",
-	}, {
-		about:   "valid setting, with whitespace",
-		input:   "  lxc.setting  =  value  ",
-		setting: "lxc.setting",
-		value:   "value",
-	}, {
-		about:   "valid setting, with comment on the value",
-		input:   "lxc.setting = value  # comment # foo  ",
-		setting: "lxc.setting",
-		value:   "value",
-	}, {
-		about:   "valid setting, with comment, spaces and extra equals",
-		input:   "lxc.my.best.setting = foo=bar, but   # not really ",
-		setting: "lxc.my.best.setting",
-		value:   "foo=bar, but",
-	}} {
-		c.Logf("test %d: %s", i, test.about)
-		setting, value := lxc.ParseConfigLine(test.input)
-		c.Check(setting, gc.Equals, test.setting)
-		c.Check(value, gc.Equals, test.value)
-		if setting == "" {
-			c.Check(value, gc.Equals, "")
-		}
-	}
-}
-
-func (s *LxcSuite) TestUpdateContainerConfig(c *gc.C) {
-	networkConfig := container.BridgeNetworkConfig("nic42", 4321, []network.InterfaceInfo{{
-		DeviceIndex:    0,
-		CIDR:           "0.1.2.0/20",
-		InterfaceName:  "eth0",
-		MACAddress:     "aa:bb:cc:dd:ee:f0",
-		Address:        network.NewAddress("0.1.2.3"),
-		GatewayAddress: network.NewAddress("0.1.2.1"),
-	}, {
-		DeviceIndex:   1,
-		InterfaceName: "eth1",
-	}})
-	storageConfig := &container.StorageConfig{
-		AllowMount: true,
-	}
-
-	manager := s.makeManager(c, "test")
-	instanceConfig, err := containertesting.MockMachineConfig("1/lxc/0")
-	c.Assert(err, jc.ErrorIsNil)
-	envConfig, err := config.New(config.NoDefaults, dummy.SampleConfig())
-	c.Assert(err, jc.ErrorIsNil)
-	instanceConfig.Config = envConfig
-	instance := containertesting.CreateContainerWithMachineAndNetworkAndStorageConfig(
-		c, manager, instanceConfig, networkConfig, storageConfig,
-	)
-	name := string(instance.Id())
-
-	// Append a few extra lines to the config.
-	extraLines := []string{
-		"  lxc.rootfs =  /some/thing  # else ",
-		"",
-		"  # just comment",
-		"lxc.network.vlan.id=42",
-		"something else  # ignore",
-		"lxc.network.type=veth",
-		"lxc.network.link = foo  # comment",
-		"lxc.network.hwaddr = bar",
-	}
-	configPath := lxc.ContainerConfigFilename(name)
-	configFile, err := os.OpenFile(configPath, os.O_RDWR|os.O_APPEND, 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = configFile.WriteString(strings.Join(extraLines, "\n") + "\n")
-	c.Assert(err, jc.ErrorIsNil)
-	err = configFile.Close()
-	c.Assert(err, jc.ErrorIsNil)
-
-	expectedConf := fmt.Sprintf(`
-# network config
-# interface "eth0"
-lxc.network.type = veth
-lxc.network.link = nic42
-lxc.network.flags = up
-lxc.network.name = eth0
-lxc.network.hwaddr = aa:bb:cc:dd:ee:f0
-lxc.network.ipv4 = 0.1.2.3/20
-lxc.network.ipv4.gateway = 0.1.2.1
-
-# interface "eth1"
-lxc.network.type = veth
-lxc.network.link = nic42
-lxc.network.flags = up
-lxc.network.name = eth1
-
-
-lxc.mount.entry = %s var/log/juju none defaults,bind 0 0
-
-lxc.aa_profile = lxc-container-default-with-mounting
-lxc.cgroup.devices.allow = b 7:* rwm
-lxc.cgroup.devices.allow = c 10:237 rwm
-`, s.logDir) + strings.Join(extraLines, "\n") + "\n"
-
-	lxcConfContents, err := ioutil.ReadFile(configPath)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(string(lxcConfContents), gc.Equals, expectedConf)
-
-	linesToReplace := []string{
-		"", // empty lines are ignored
-		"  lxc.network.type = bar # free drinks  !! ", // formatting is sanitized.
-		"  # comments are ignored",
-		"lxc.network.type=foo",                   // replace the second "type".
-		"lxc.network.name = em0 # renamed now",   // replace the first "name"
-		"lxc.network.name = em1",                 // replace the second "name"
-		"lxc.network.mtu = 1234",                 // replace only the first "mtu".
-		"lxc.network.hwaddr = ff:ee:dd:cc:bb:aa", // replace the first "hwaddr".
-		"lxc.network.hwaddr=deadbeef",            // replace second "hwaddr".
-		"lxc.network.hwaddr=nonsense",            // no third "hwaddr", so append.
-		"lxc.network.hwaddr = ",                  // no fourth "hwaddr" to remove - ignored.
-		"lxc.network.link=",                      // remove only the first "link"
-		"lxc.network.vlan.id=69",                 // replace.
-		"lxc.missing = appended",                 // missing - appended.
-		"lxc.network.type = phys",                // replace the third "type".
-		"lxc.mount.entry=",                       // delete existing "entry".
-		"lxc.rootfs = /foo/bar",                  // replace first "rootfs".
-		"lxc.rootfs = /bar/foo",                  // append new.
-	}
-	newConfig := strings.Join(linesToReplace, "\n")
-	updatedConfig := `
-# network config
-# interface "eth0"
-lxc.network.type = bar
-lxc.network.flags = up
-lxc.network.name = em0
-lxc.network.hwaddr = ff:ee:dd:cc:bb:aa
-lxc.network.ipv4 = 0.1.2.3/20
-lxc.network.ipv4.gateway = 0.1.2.1
-
-# interface "eth1"
-lxc.network.type = foo
-lxc.network.link = nic42
-lxc.network.flags = up
-lxc.network.name = em1
-
-
-
-lxc.aa_profile = lxc-container-default-with-mounting
-lxc.cgroup.devices.allow = b 7:* rwm
-lxc.cgroup.devices.allow = c 10:237 rwm
-lxc.rootfs = /foo/bar
-
-  # just comment
-lxc.network.vlan.id = 69
-something else  # ignore
-lxc.network.type = phys
-lxc.network.link = foo  # comment
-lxc.network.hwaddr = deadbeef
-lxc.network.mtu = 1234
-lxc.network.hwaddr = nonsense
-lxc.missing = appended
-lxc.rootfs = /bar/foo
-`
-	err = lxc.UpdateContainerConfig(name, newConfig)
-	c.Assert(err, jc.ErrorIsNil)
-	lxcConfContents, err = ioutil.ReadFile(configPath)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(string(lxcConfContents), gc.Equals, updatedConfig)
-
-	// Now test the example in updateContainerConfig's doc string.
-	oldConfig := `
-lxc.foo = off
-
-lxc.bar=42
-`
-	newConfig = `
-lxc.bar=
-lxc.foo = bar
-lxc.foo = baz # xx
-`
-	updatedConfig = `
-lxc.foo = bar
-
-lxc.foo = baz
-`
-	err = ioutil.WriteFile(configPath, []byte(oldConfig), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	err = lxc.UpdateContainerConfig(name, newConfig)
-	c.Assert(err, jc.ErrorIsNil)
-	lxcConfContents, err = ioutil.ReadFile(configPath)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(string(lxcConfContents), gc.Equals, updatedConfig)
-}
-
-func (*LxcSuite) TestReorderNetworkConfig(c *gc.C) {
-	path := c.MkDir()
-	configFile := filepath.Join(path, "config")
-	for i, test := range []struct {
-		about         string
-		input         string
-		shouldReorder bool
-		expectErr     string
-		output        string
-	}{{
-		about:         "empty input",
-		input:         "",
-		shouldReorder: false,
-		expectErr:     "",
-		output:        "",
-	}, {
-		about: "no network settings",
-		input: `
-# comment
-lxc.foo = bar
-
-  lxc.test=# none
-lxc.bar.foo=42 # comment
-`,
-		shouldReorder: false,
-	}, {
-		about: "just one lxc.network.type",
-		input: `
-# comment
-lxc.foo = bar
-
-lxc.network.type = veth
-
-  lxc.test=# none
-lxc.bar.foo=42 # comment
-`,
-		shouldReorder: false,
-	}, {
-		about: "correctly ordered network config",
-		input: `
-# Network configuration
-lxc.network.type = veth
-lxc.network.hwaddr = aa:bb:cc:dd:ee:f0
-lxc.network.flags = up
-lxc.network.link = br0
-lxc.network.type = veth
-lxc.network.flags = up
-lxc.network.link = br2
-lxc.network.hwaddr = aa:bb:cc:dd:ee:f1
-lxc.network.name = eth1
-lxc.network.type = veth
-lxc.network.flags = up
-lxc.network.link = br3
-lxc.network.hwaddr = aa:bb:cc:dd:ee:f2
-lxc.network.name = eth2
-lxc.hook.mount = /usr/share/lxc/config/hook.sh
-`,
-		shouldReorder: false,
-	}, {
-		about: "1 hwaddr before first type",
-		input: `
-lxc.foo = bar # stays here
-# Network configuration
-  lxc.network.hwaddr = aa:bb:cc:dd:ee:f0 # comment
-lxc.network.type = veth    # comment2  
-lxc.network.flags = up # all the rest..
-lxc.network.link = br0 # ..is kept...
-lxc.network.type = veth # ..as it is.
-lxc.network.flags = up
-lxc.network.link = br2
-lxc.hook.mount = /usr/share/lxc/config/hook.sh
-`,
-		shouldReorder: true,
-		output: `
-lxc.foo = bar # stays here
-# Network configuration
-lxc.network.type = veth    # comment2  
-  lxc.network.hwaddr = aa:bb:cc:dd:ee:f0 # comment
-lxc.network.flags = up # all the rest..
-lxc.network.link = br0 # ..is kept...
-lxc.network.type = veth # ..as it is.
-lxc.network.flags = up
-lxc.network.link = br2
-lxc.hook.mount = /usr/share/lxc/config/hook.sh
-`,
-	}, {
-		about: "several network lines before first type",
-		input: `
-lxc.foo = bar # stays here
-# Network configuration
-  lxc.network.hwaddr = aa:bb:cc:dd:ee:f0 # comment
-lxc.network.flags = up # first up
-lxc.network.link = br0
-lxc.network.type = veth    # comment2  
-lxc.network.type = vlan
-lxc.network.flags = up # all the rest..
-lxc.network.link = br1 # ...is kept...
-lxc.network.vlan.id = 42 # ...as it is.
-lxc.hook.mount = /usr/share/lxc/config/hook.sh
-`,
-		shouldReorder: true,
-		output: `
-lxc.foo = bar # stays here
-# Network configuration
-lxc.network.type = veth    # comment2  
-  lxc.network.hwaddr = aa:bb:cc:dd:ee:f0 # comment
-lxc.network.flags = up # first up
-lxc.network.link = br0
-lxc.network.type = vlan
-lxc.network.flags = up # all the rest..
-lxc.network.link = br1 # ...is kept...
-lxc.network.vlan.id = 42 # ...as it is.
-lxc.hook.mount = /usr/share/lxc/config/hook.sh
-`,
-	}, {
-		about: "one network setting without lxc.network.type",
-		input: `
-# comment
-lxc.foo = bar
-
-lxc.network.anything=goes#badly
-
-  lxc.test=# none
-lxc.bar.foo=42 # comment
-`,
-		expectErr: `cannot have line\(s\) ".*" without lxc.network.type in config ".*"`,
-	}, {
-		about: "several network settings without lxc.network.type",
-		input: `
-# comment
-lxc.foo = bar
-
-lxc.network.anything=goes#badly
-lxc.network.vlan.id = 42
-lxc.network.name = foo
-
-  lxc.test=# none
-lxc.bar.foo=42 # comment
-`,
-		expectErr: `cannot have line\(s\) ".*" without lxc.network.type in config ".*"`,
-	}} {
-		c.Logf("test %d: %q", i, test.about)
-		err := ioutil.WriteFile(configFile, []byte(test.input), 0644)
-		c.Assert(err, jc.ErrorIsNil)
-		wasReordered, err := lxc.ReorderNetworkConfig(configFile)
-		if test.expectErr != "" {
-			c.Check(err, gc.ErrorMatches, test.expectErr)
-			c.Check(wasReordered, gc.Equals, test.shouldReorder)
-			continue
-		}
-		data, err := ioutil.ReadFile(configFile)
-		c.Assert(err, jc.ErrorIsNil)
-		if test.shouldReorder {
-			c.Check(string(data), gc.Equals, test.output)
-			c.Check(wasReordered, jc.IsTrue)
-		} else {
-			c.Check(string(data), gc.Equals, test.input)
-			c.Check(wasReordered, jc.IsFalse)
-		}
-	}
-}
-
-func (s *LxcSuite) makeManager(c *gc.C, name string) container.Manager {
-	params := container.ManagerConfig{
-		container.ConfigName: name,
-	}
-	// Need to ensure use-clone is explicitly set to avoid it
-	// being set based on the OS version.
-	params["use-clone"] = fmt.Sprintf("%v", s.useClone)
-	params["log-dir"] = s.logDir
-	if s.useAUFS {
-		params["use-aufs"] = "true"
-	}
-	manager, err := lxc.NewContainerManagerForTest(
-		params, &containertesting.MockURLGetter{},
-		&s.loopDeviceManager,
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	return manager
-}
-
-func (*LxcSuite) TestManagerWarnsAboutUnknownOption(c *gc.C) {
-	_, err := lxc.NewContainerManager(container.ManagerConfig{
-		container.ConfigName: "BillyBatson",
-		"shazam":             "Captain Marvel",
-	}, &containertesting.MockURLGetter{})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(c.GetTestLog(), jc.Contains, `WARNING juju.container unused config option: "shazam" -> "Captain Marvel"`)
-}
-
-func (s *LxcSuite) TestCreateContainer(c *gc.C) {
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-
-	name := string(instance.Id())
-	// Check our container config files: initial lxc.conf, the
-	// run-time effective config, and cloud-init userdata.
-	lxcConfContents, err := ioutil.ReadFile(filepath.Join(s.ContainerDir, name, "lxc.conf"))
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(string(lxcConfContents), jc.Contains, "lxc.network.link = nic42")
-	lxcConfContents, err = ioutil.ReadFile(lxc.ContainerConfigFilename(name))
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(string(lxcConfContents), jc.Contains, "lxc.network.link = nic42")
-
-	cloudInitFilename := filepath.Join(s.ContainerDir, name, "cloud-init")
-	data := containertesting.AssertCloudInit(c, cloudInitFilename)
-
-	x := make(map[interface{}]interface{})
-	err = goyaml.Unmarshal(data, &x)
-	c.Assert(err, jc.ErrorIsNil)
-
-	var scripts []string
-	for _, s := range x["runcmd"].([]interface{}) {
-		scripts = append(scripts, s.(string))
-	}
-
-	c.Assert(scripts[len(scripts)-3:], gc.DeepEquals, []string{
-		"start jujud-machine-1-lxc-0",
-		"rm $bin/tools.tar.gz && rm $bin/juju2.3.4-quantal-amd64.sha256",
-		"ifconfig",
-	})
-
-	// Check the mount point has been created inside the container.
-	c.Assert(filepath.Join(s.LxcDir, name, "rootfs", agent.DefaultPaths.LogDir), jc.IsDirectory)
-	// Check that the config file is linked in the restart dir.
-	expectedLinkLocation := filepath.Join(s.RestartDir, name+".conf")
-	expectedTarget := filepath.Join(s.LxcDir, name, "config")
-	linkInfo, err := os.Lstat(expectedLinkLocation)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(linkInfo.Mode()&os.ModeSymlink, gc.Equals, os.ModeSymlink)
-
-	location, err := symlink.Read(expectedLinkLocation)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(location, gc.Equals, expectedTarget)
-}
-
-func (s *LxcSuite) TestCreateContainerFailsWithInjectedStartError(c *gc.C) {
-	errorChannel := make(chan error, 1)
-	cleanup := mock.PatchStartTransientErrorInjectionChannel(errorChannel)
-	defer cleanup()
-
-	// One injected error means the container creation will fail
-	// but the destroy function will clean up the remaining container
-	// resulting in a RetryableCreationError
-	errorChannel <- errors.New("start error")
-
-	manager := s.makeManager(c, "test")
-	_, err := containertesting.CreateContainerTest(c, manager, "1/lxc/0")
-	c.Assert(err, gc.NotNil)
-
-	// this should be a retryable error
-	isRetryable := instance.IsRetryableCreationError(errors.Cause(err))
-	c.Assert(isRetryable, jc.IsTrue)
-}
-
-func (s *LxcSuite) TestCreateContainerFailsWithInjectedCreateError(c *gc.C) {
-	errorChannel := make(chan error, 1)
-	cleanup := mock.PatchCreateTransientErrorInjectionChannel(errorChannel)
-	defer cleanup()
-
-	errorChannel <- errors.New("lxc-create error")
-
-	manager := s.makeManager(c, "test")
-	_, err := containertesting.CreateContainerTest(c, manager, "1/lxc/0")
-	c.Assert(err, gc.NotNil)
-
-	// this should be a retryable error
-	isRetryable := instance.IsRetryableCreationError(errors.Cause(err))
-	c.Assert(isRetryable, jc.IsTrue)
-	c.Assert(err, gc.ErrorMatches, "lxc container creation failed.*")
-}
-
-func (s *LxcSuite) TestCreateContainerFailsWithInjectedCloneError(c *gc.C) {
-	errorChannel := make(chan error, 1)
-	cleanup := mock.PatchCloneTransientErrorInjectionChannel(errorChannel)
-	defer cleanup()
-
-	errorChannel <- errors.New("lxc-clone error")
-
-	s.createTemplate(c)
-	s.PatchValue(&s.useClone, true)
-	manager := s.makeManager(c, "test")
-	_, err := containertesting.CreateContainerTest(c, manager, "1")
-
-	// this should be a retryable error
-	isRetryable := instance.IsRetryableCreationError(errors.Cause(err))
-	c.Assert(isRetryable, jc.IsTrue)
-	c.Assert(err, gc.ErrorMatches, "lxc container cloning failed.*")
-}
-
-func (s *LxcSuite) TestCreateContainerWithInjectedErrorDestroyFails(c *gc.C) {
-	errorChannel := make(chan error, 2)
-	cleanup := mock.PatchStartTransientErrorInjectionChannel(errorChannel)
-	defer cleanup()
-
-	// Two injected errors mean that the container creation and subsequent
-	// destroy will fail. This should not result in a RetryableCreationError
-	// as the container was left in an error state
-	errorChannel <- errors.New("create error")
-	errorChannel <- errors.New("destroy error")
-
-	manager := s.makeManager(c, "test")
-	_, err := containertesting.CreateContainerTest(c, manager, "1/lxc/0")
-	c.Assert(err, gc.NotNil)
-
-	// this should not be a retryable error
-	isRetryable := instance.IsRetryableCreationError(errors.Cause(err))
-	c.Assert(isRetryable, jc.IsFalse)
-}
-
-func (s *LxcSuite) ensureTemplateStopped(name string) <-chan struct{} {
-	ch := make(chan struct{}, 1)
-	go func() {
-		for {
-			template := s.ContainerFactory.New(name)
-			if template.IsRunning() {
-				template.Stop()
-				close(ch)
-				return
-			}
-			time.Sleep(50 * time.Millisecond)
-		}
-	}()
-	return ch
-}
-
-func (s *LxcSuite) AssertEvent(c *gc.C, event mock.Event, expected mock.Action, id string) {
-	c.Assert(event.Action, gc.Equals, expected)
-	c.Assert(event.InstanceId, gc.Equals, id)
-	if expected == mock.Created {
-		c.Assert(event.EnvArgs, gc.Not(gc.HasLen), 0)
-	}
-}
-
-func (s *LxcSuite) TestCreateContainerEvents(c *gc.C) {
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1")
-	id := string(instance.Id())
-	s.AssertEvent(c, <-s.events, mock.Created, id)
-	s.AssertEvent(c, <-s.events, mock.Started, id)
-}
-
-func (s *LxcSuite) TestCreateContainerEventsWithClone(c *gc.C) {
-	s.PatchValue(&s.useClone, true)
-	// The template containers are created with an upstart job that
-	// stops them once cloud init has finished.  We emulate that here.
-	template := "juju-quantal-lxc-template"
-	ch := s.ensureTemplateStopped(template)
-	defer func() { <-ch }()
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1")
-	id := string(instance.Id())
-	s.AssertEvent(c, <-s.events, mock.Created, template)
-	s.AssertEvent(c, <-s.events, mock.Started, template)
-	s.AssertEvent(c, <-s.events, mock.Stopped, template)
-	s.AssertEvent(c, <-s.events, mock.Cloned, template)
-	s.AssertEvent(c, <-s.events, mock.Started, id)
-}
-
-func (s *LxcSuite) createTemplate(c *gc.C) golxc.Container {
-	name := "juju-quantal-lxc-template"
-	ch := s.ensureTemplateStopped(name)
-	defer func() { <-ch }()
-	network := container.BridgeNetworkConfig("nic42", 4321, nil)
-	authorizedKeys := "authorized keys list"
-	aptProxy := proxy.Settings{}
-	aptMirror := "http://my.archive.ubuntu.com/ubuntu"
-	callback := func(containerStatus status.Status, info string, data map[string]interface{}) error { return nil }
-	template, err := lxc.EnsureCloneTemplate(
-		"ext4",
-		"quantal",
-		network,
-		authorizedKeys,
-		aptProxy,
-		aptMirror,
-		true,
-		true,
-		&containertesting.MockURLGetter{},
-		false,
-		callback,
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(template.Name(), gc.Equals, name)
-
-	createEvent := <-s.events
-	c.Assert(createEvent.Action, gc.Equals, mock.Created)
-	c.Assert(createEvent.InstanceId, gc.Equals, name)
-	argsSet := set.NewStrings(createEvent.TemplateArgs...)
-	c.Assert(argsSet.Contains("imageURL"), jc.IsTrue)
-	s.AssertEvent(c, <-s.events, mock.Started, name)
-	s.AssertEvent(c, <-s.events, mock.Stopped, name)
-
-	autostartLink := lxc.RestartSymlink(name)
-	config, err := ioutil.ReadFile(lxc.ContainerConfigFilename(name))
-	c.Assert(err, jc.ErrorIsNil)
-	expected := `
-# network config
-# interface "eth0"
-lxc.network.type = veth
-lxc.network.link = nic42
-lxc.network.flags = up
-lxc.network.mtu = 4321
-
-`
-	// NOTE: no autostart, no mounting the log dir
-	c.Assert(string(config), gc.Equals, expected)
-	c.Assert(autostartLink, jc.DoesNotExist)
-
-	return template
-}
-
-func (s *LxcSuite) TestCreateContainerEventsWithCloneExistingTemplate(c *gc.C) {
-	s.HookCommandOutput(&lxc.FsCommandOutput, []byte("Type\next4\n"), nil)
-	s.createTemplate(c)
-	s.PatchValue(&s.useClone, true)
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1")
-	name := string(instance.Id())
-	cloned := <-s.events
-	s.AssertEvent(c, cloned, mock.Cloned, "juju-quantal-lxc-template")
-	c.Assert(cloned.Args, gc.IsNil)
-	s.AssertEvent(c, <-s.events, mock.Started, name)
-}
-
-func (s *LxcSuite) TestCreateContainerEventsWithCloneExistingTemplateAUFS(c *gc.C) {
-	s.HookCommandOutput(&lxc.FsCommandOutput, []byte("Type\next4\n"), nil)
-	s.createTemplate(c)
-	s.PatchValue(&s.useClone, true)
-	s.PatchValue(&s.useAUFS, true)
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1")
-	name := string(instance.Id())
-	cloned := <-s.events
-	s.AssertEvent(c, cloned, mock.Cloned, "juju-quantal-lxc-template")
-	c.Assert(cloned.Args, gc.DeepEquals, []string{"--snapshot", "--backingstore", "aufs"})
-	s.AssertEvent(c, <-s.events, mock.Started, name)
-}
-
-func (s *LxcSuite) TestCreateContainerEventsWithCloneExistingTemplateBtrfs(c *gc.C) {
-	s.HookCommandOutput(&lxc.FsCommandOutput, []byte("Type\nbtrfs\n"), nil)
-	s.createTemplate(c)
-	s.PatchValue(&s.useClone, true)
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1")
-	name := string(instance.Id())
-	cloned := <-s.events
-	s.AssertEvent(c, cloned, mock.Cloned, "juju-quantal-lxc-template")
-	c.Assert(cloned.Args, gc.DeepEquals, []string{"--snapshot"})
-	s.AssertEvent(c, <-s.events, mock.Started, name)
-}
-
-func (s *LxcSuite) TestCreateContainerWithCloneMountsAndAutostarts(c *gc.C) {
-	s.createTemplate(c)
-	s.PatchValue(&s.useClone, true)
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1")
-	name := string(instance.Id())
-
-	autostartLink := lxc.RestartSymlink(name)
-	config, err := ioutil.ReadFile(lxc.ContainerConfigFilename(name))
-	c.Assert(err, jc.ErrorIsNil)
-	mountLine := fmt.Sprintf("lxc.mount.entry = %s var/log/juju none defaults,bind 0 0", s.logDir)
-	c.Assert(string(config), jc.Contains, mountLine)
-	c.Assert(autostartLink, jc.IsSymlink)
-}
-
-func (s *LxcSuite) TestContainerState(c *gc.C) {
-	// TODO(perrito666) refactor state reporting to return a proper state.
-	manager := s.makeManager(c, "test")
-	c.Logf("%#v", manager)
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-
-	// The mock container will be immediately "running".
-	c.Assert(instance.Status().Message, gc.Equals, string(golxc.StateRunning))
-
-	// DestroyContainer stops and then destroys the container, putting it
-	// into "unknown" state.
-	err := manager.DestroyContainer(instance.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(instance.Status().Message, gc.Equals, string(golxc.StateUnknown))
-}
-
-func (s *LxcSuite) TestDestroyContainer(c *gc.C) {
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-
-	err := manager.DestroyContainer(instance.Id())
-	c.Assert(err, jc.ErrorIsNil)
-
-	name := string(instance.Id())
-	// Check that the container dir is no longer in the container dir
-	c.Assert(filepath.Join(s.ContainerDir, name), jc.DoesNotExist)
-	// but instead, in the removed container dir
-	c.Assert(filepath.Join(s.RemovedDir, name), jc.IsDirectory)
-
-	c.Assert(s.loopDeviceManager.detachLoopDevicesArgs, jc.DeepEquals, [][]string{
-		{filepath.Join(s.LxcDir, name, "rootfs"), "/"},
-	})
-}
-
-func (s *LxcSuite) TestDestroyContainerNameClash(c *gc.C) {
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-
-	name := string(instance.Id())
-	targetDir := filepath.Join(s.RemovedDir, name)
-	err := os.MkdirAll(targetDir, 0755)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = manager.DestroyContainer(instance.Id())
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check that the container dir is no longer in the container dir
-	c.Assert(filepath.Join(s.ContainerDir, name), jc.DoesNotExist)
-	// but instead, in the removed container dir with a ".1" suffix as there was already a directory there.
-	c.Assert(filepath.Join(s.RemovedDir, fmt.Sprintf("%s.1", name)), jc.IsDirectory)
-}
-
-func (s *LxcSuite) TestNamedManagerPrefix(c *gc.C) {
-	manager := s.makeManager(c, "eric")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-	c.Assert(string(instance.Id()), gc.Equals, "eric-machine-1-lxc-0")
-}
-
-func (s *LxcSuite) TestListContainers(c *gc.C) {
-	foo := s.makeManager(c, "foo")
-	bar := s.makeManager(c, "bar")
-
-	foo1 := containertesting.CreateContainer(c, foo, "1/lxc/0")
-	foo2 := containertesting.CreateContainer(c, foo, "1/lxc/1")
-	foo3 := containertesting.CreateContainer(c, foo, "1/lxc/2")
-
-	bar1 := containertesting.CreateContainer(c, bar, "1/lxc/0")
-	bar2 := containertesting.CreateContainer(c, bar, "1/lxc/1")
-
-	result, err := foo.ListContainers()
-	c.Assert(err, jc.ErrorIsNil)
-	instancetest.MatchInstances(c, result, foo1, foo2, foo3)
-
-	result, err = bar.ListContainers()
-	c.Assert(err, jc.ErrorIsNil)
-	instancetest.MatchInstances(c, result, bar1, bar2)
-}
-
-func (s *LxcSuite) TestCreateContainerAutostarts(c *gc.C) {
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-	autostartLink := lxc.RestartSymlink(string(instance.Id()))
-	c.Assert(autostartLink, jc.IsSymlink)
-}
-
-func (s *LxcSuite) TestCreateContainerNoRestartDir(c *gc.C) {
-	err := os.Remove(s.RestartDir)
-	c.Assert(err, jc.ErrorIsNil)
-
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-	name := string(instance.Id())
-	autostartLink := lxc.RestartSymlink(name)
-	config, err := ioutil.ReadFile(lxc.ContainerConfigFilename(name))
-	c.Assert(err, jc.ErrorIsNil)
-	expected := fmt.Sprintf(`
-# network config
-# interface "eth0"
-lxc.network.type = veth
-lxc.network.link = nic42
-lxc.network.flags = up
-
-lxc.start.auto = 1
-lxc.mount.entry = %s var/log/juju none defaults,bind 0 0
-`, s.logDir)
-	c.Assert(string(config), gc.Equals, expected)
-	c.Assert(autostartLink, jc.DoesNotExist)
-}
-
-func (s *LxcSuite) TestCreateContainerWithBlockStorage(c *gc.C) {
-	err := os.Remove(s.RestartDir)
-	c.Assert(err, jc.ErrorIsNil)
-
-	manager := s.makeManager(c, "test")
-	machineConfig, err := containertesting.MockMachineConfig("1/lxc/0")
-	c.Assert(err, jc.ErrorIsNil)
-	storageConfig := &container.StorageConfig{AllowMount: true}
-	networkConfig := container.BridgeNetworkConfig("nic42", 4321, nil)
-	instance := containertesting.CreateContainerWithMachineAndNetworkAndStorageConfig(c, manager, machineConfig, networkConfig, storageConfig)
-	name := string(instance.Id())
-	autostartLink := lxc.RestartSymlink(name)
-	config, err := ioutil.ReadFile(lxc.ContainerConfigFilename(name))
-	c.Assert(err, jc.ErrorIsNil)
-	expected := fmt.Sprintf(`
-# network config
-# interface "eth0"
-lxc.network.type = veth
-lxc.network.link = nic42
-lxc.network.flags = up
-lxc.network.mtu = 4321
-
-lxc.start.auto = 1
-lxc.mount.entry = %s var/log/juju none defaults,bind 0 0
-
-lxc.aa_profile = lxc-container-default-with-mounting
-lxc.cgroup.devices.allow = b 7:* rwm
-lxc.cgroup.devices.allow = c 10:237 rwm
-`, s.logDir)
-	c.Assert(string(config), gc.Equals, expected)
-	c.Assert(autostartLink, jc.DoesNotExist)
-}
-
-func (s *LxcSuite) TestDestroyContainerRemovesAutostartLink(c *gc.C) {
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-	err := manager.DestroyContainer(instance.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	autostartLink := lxc.RestartSymlink(string(instance.Id()))
-	c.Assert(autostartLink, jc.SymlinkDoesNotExist)
-}
-
-func (s *LxcSuite) TestDestroyContainerNoRestartDir(c *gc.C) {
-	err := os.Remove(s.RestartDir)
-	c.Assert(err, jc.ErrorIsNil)
-
-	manager := s.makeManager(c, "test")
-	instance := containertesting.CreateContainer(c, manager, "1/lxc/0")
-	err = manager.DestroyContainer(instance.Id())
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-type NetworkSuite struct {
-	coretesting.BaseSuite
-}
-
-var _ = gc.Suite(&NetworkSuite{})
-
-func (*NetworkSuite) TestGenerateNetworkConfig(c *gc.C) {
-	dhcpNIC := network.InterfaceInfo{
-		DeviceIndex:   0,
-		MACAddress:    "aa:bb:cc:dd:ee:f0",
-		InterfaceName: "eth0",
-		// The following is not part of the LXC config, but cause the
-		// generated cloud-init user-data to change accordingly.
-		ConfigType: network.ConfigDHCP,
-	}
-	staticNIC := network.InterfaceInfo{
-		DeviceIndex:    1,
-		CIDR:           "0.1.2.0/20", // used to infer the subnet mask.
-		MACAddress:     "aa:bb:cc:dd:ee:f1",
-		InterfaceName:  "eth1",
-		Address:        network.NewAddress("0.1.2.3"),
-		GatewayAddress: network.NewAddress("0.1.2.1"),
-		// The rest is passed to cloud-init.
-		ConfigType: network.ConfigStatic,
-		DNSServers: network.NewAddresses("ns1.invalid", "ns2.invalid"),
-	}
-	extraConfigNIC := network.InterfaceInfo{
-		DeviceIndex:   2,
-		MACAddress:    "aa:bb:cc:dd:ee:f2",
-		InterfaceName: "eth2",
-		VLANTag:       42,
-		NoAutoStart:   true,
-		// The rest is passed to cloud-init.
-		ConfigType: network.ConfigManual,
-		DNSServers: network.NewAddresses("ns1.invalid", "ns2.invalid"),
-	}
-	// Test /24 is used by default when the CIDR is invalid or empty.
-	staticNICNoCIDR, staticNICBadCIDR := staticNIC, staticNIC
-	staticNICNoCIDR.CIDR = ""
-	staticNICBadCIDR.CIDR = "bad"
-	// Test when NoAutoStart is true gateway is not added, even if there.
-	staticNICNoAutoWithGW := staticNIC
-	staticNICNoAutoWithGW.NoAutoStart = true
-
-	var lastTestLog string
-	allNICs := []network.InterfaceInfo{dhcpNIC, staticNIC, extraConfigNIC}
-	for i, test := range []struct {
-		about             string
-		config            *container.NetworkConfig
-		nics              []network.InterfaceInfo
-		rendered          []string
-		logContains       string
-		logDoesNotContain string
-	}{{
-		about:  "empty config",
-		config: nil,
-		rendered: []string{
-			"lxc.network.type = veth",
-			"lxc.network.link = lxcbr0",
-			"lxc.network.flags = up",
-		},
-		logContains:       `WARNING juju.container.lxc network type missing, using the default "bridge" config`,
-		logDoesNotContain: `INFO juju.container.lxc setting MTU to 0 for LXC network interfaces`,
-	}, {
-		about:  "default config",
-		config: lxc.DefaultNetworkConfig(),
-		rendered: []string{
-			"lxc.network.type = veth",
-			"lxc.network.link = lxcbr0",
-			"lxc.network.flags = up",
-		},
-		logDoesNotContain: `INFO juju.container.lxc setting MTU to 0 for LXC network interfaces`,
-	}, {
-		about:  "bridge config with MTU 1500, device foo, no NICs",
-		config: container.BridgeNetworkConfig("foo", 1500, nil),
-		rendered: []string{
-			"lxc.network.type = veth",
-			"lxc.network.link = foo",
-			"lxc.network.flags = up",
-			"lxc.network.mtu = 1500",
-		},
-	}, {
-		about:  "phys config with MTU 9000, device foo, no NICs",
-		config: container.PhysicalNetworkConfig("foo", 9000, nil),
-		rendered: []string{
-			"lxc.network.type = phys",
-			"lxc.network.link = foo",
-			"lxc.network.flags = up",
-			"lxc.network.mtu = 9000",
-		},
-	}, {
-		about:  "bridge config with MTU 8000, device foo, all NICs",
-		config: container.BridgeNetworkConfig("foo", 8000, allNICs),
-		nics:   allNICs,
-		rendered: []string{
-			"lxc.network.type = veth",
-			"lxc.network.link = foo",
-			"lxc.network.flags = up",
-			"lxc.network.name = eth0",
-			"lxc.network.hwaddr = aa:bb:cc:dd:ee:f0",
-
-			"lxc.network.type = veth",
-			"lxc.network.link = foo",
-			"lxc.network.flags = up",
-			"lxc.network.name = eth1",
-			"lxc.network.hwaddr = aa:bb:cc:dd:ee:f1",
-			"lxc.network.ipv4 = 0.1.2.3/20",
-
-			"lxc.network.type = veth",
-			"lxc.network.link = foo",
-			"lxc.network.name = eth2",
-			"lxc.network.hwaddr = aa:bb:cc:dd:ee:f2",
-		},
-	}, {
-		about:  "bridge config with MTU 0, device foo, staticNICNoCIDR",
-		config: container.BridgeNetworkConfig("foo", 0, []network.InterfaceInfo{staticNICNoCIDR}),
-		nics:   []network.InterfaceInfo{staticNICNoCIDR},
-		rendered: []string{
-			"lxc.network.type = veth",
-			"lxc.network.link = foo",
-			"lxc.network.flags = up",
-			"lxc.network.name = eth1",
-			"lxc.network.hwaddr = aa:bb:cc:dd:ee:f1",
-		},
-		logDoesNotContain: `INFO juju.container.lxc setting MTU to 0 for all LXC network interfaces`,
-	}, {
-		about:  "bridge config with MTU 0, device foo, staticNICBadCIDR",
-		config: container.BridgeNetworkConfig("foo", 0, []network.InterfaceInfo{staticNICBadCIDR}),
-		nics:   []network.InterfaceInfo{staticNICBadCIDR},
-		rendered: []string{
-			"lxc.network.type = veth",
-			"lxc.network.link = foo",
-			"lxc.network.flags = up",
-			"lxc.network.name = eth1",
-			"lxc.network.hwaddr = aa:bb:cc:dd:ee:f1",
-			"lxc.network.ipv4 = invalid CIDR address: bad",
-		},
-	}, {
-		about:  "bridge config with MTU 0, device foo, staticNICNoAutoWithGW",
-		config: container.BridgeNetworkConfig("foo", 0, []network.InterfaceInfo{staticNICNoAutoWithGW}),
-		nics:   []network.InterfaceInfo{staticNICNoAutoWithGW},
-		rendered: []string{
-			"lxc.network.type = veth",
-			"lxc.network.link = foo",
-			"lxc.network.name = eth1",
-			"lxc.network.hwaddr = aa:bb:cc:dd:ee:f1",
-			"lxc.network.ipv4 = 0.1.2.3/20",
-		},
-	}} {
-		c.Logf("test #%d: %s", i, test.about)
-		config := lxc.GenerateNetworkConfig(test.config)
-		// Parse the config to drop comments and empty lines. This is
-		// needed to ensure the order of all settings match what we
-		// expect to get rendered, as the order matters.
-		var configLines []string
-		for _, line := range strings.Split(config, "\n") {
-			line = strings.TrimSpace(line)
-			if line == "" || strings.HasPrefix(line, "#") {
-				continue
-			}
-			configLines = append(configLines, line)
-		}
-		currentLog := strings.TrimPrefix(c.GetTestLog(), lastTestLog)
-		c.Check(configLines, jc.DeepEquals, test.rendered)
-		if test.logContains != "" {
-			c.Check(currentLog, jc.Contains, test.logContains)
-		}
-		if test.logDoesNotContain != "" {
-			c.Check(currentLog, gc.Not(jc.Contains), test.logDoesNotContain)
-		}
-		// TODO(dimitern) In a follow-up, test the generated user-data
-		// honors the other settings.
-		lastTestLog = c.GetTestLog()
-	}
-}
-
-func (*NetworkSuite) TestNetworkConfigTemplate(c *gc.C) {
-	// Intentionally using an invalid type "foo" here to test it gets
-	// changed to the default "veth" and a warning is logged.
-	config := lxc.NetworkConfigTemplate(container.NetworkConfig{"foo", "bar", 4321, nil})
-	// In the past, the entire lxc.conf file was just networking. With
-	// the addition of the auto start, we now have to have better
-	// isolate this test. As such, we parse the conf template results
-	// and just get the results that start with 'lxc.network' as that
-	// is what the test cares about.
-	obtained := []string{}
-	for _, value := range strings.Split(config, "\n") {
-		if strings.HasPrefix(value, "lxc.network") {
-			obtained = append(obtained, value)
-		}
-	}
-	expected := []string{
-		"lxc.network.type = veth",
-		"lxc.network.link = bar",
-		"lxc.network.flags = up",
-		"lxc.network.mtu = 4321",
-	}
-	c.Assert(obtained, jc.DeepEquals, expected)
-	log := c.GetTestLog()
-	c.Assert(log, jc.Contains,
-		`WARNING juju.container.lxc unknown network type "foo", using the default "bridge" config`,
-	)
-}
-
-func (s *LxcSuite) TestWgetEnvironmentUsesNoProxy(c *gc.C) {
-	var wgetScript []byte
-	fakeCert := []byte("fakeCert")
-	s.PatchValue(lxc.WriteWgetTmpFile, func(filename string, data []byte, perm os.FileMode) error {
-		wgetScript = data
-		return nil
-	})
-	_, closer, err := lxc.WgetEnvironment(fakeCert)
-	c.Assert(err, jc.ErrorIsNil)
-	defer closer()
-	c.Assert(string(wgetScript), jc.Contains, "/usr/bin/wget --no-proxy --ca-certificate")
-}
-
-type mockLoopDeviceManager struct {
-	detachLoopDevicesArgs [][]string
-}
-
-func (m *mockLoopDeviceManager) DetachLoopDevices(rootfs, prefix string) error {
-	m.detachLoopDevicesArgs = append(m.detachLoopDevicesArgs, []string{rootfs, prefix})
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/mock/mock-lxc.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/mock/mock-lxc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/mock/mock-lxc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/mock/mock-lxc.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,375 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package mock
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"sync"
-
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"github.com/juju/testing"
-	"github.com/juju/utils"
-	"launchpad.net/golxc"
-
-	"github.com/juju/juju/container"
-)
-
-// This file provides a mock implementation of the golxc interfaces
-// ContainerFactory and Container.
-
-var logger = loggo.GetLogger("juju.container.lxc.mock")
-
-type Action int
-
-var (
-	startTransientErrorInjection  chan error
-	createTransientErrorInjection chan error
-	cloneTransientErrorInjection  chan error
-)
-
-// PatchStartTransientErrorInjectionChannel sets the startTransientInjectionError
-// channel which can be used to inject errors into the Start function for
-// testing purposes.
-func PatchStartTransientErrorInjectionChannel(c chan error) func() {
-	return testing.PatchValue(&startTransientErrorInjection, c)
-}
-
-// PatchCreateTransientErrorInjectionChannel sets the createTransientInjectionError
-// channel which can be used to inject errors into the Create function for
-// testing purposes.
-func PatchCreateTransientErrorInjectionChannel(c chan error) func() {
-	return testing.PatchValue(&createTransientErrorInjection, c)
-}
-
-// PatchCloneTransientErrorInjectionChannel sets the cloneTransientInjectionError
-// channel which can be used to inject errors into the Clone function for
-// testing purposes.
-func PatchCloneTransientErrorInjectionChannel(c chan error) func() {
-	return testing.PatchValue(&cloneTransientErrorInjection, c)
-}
-
-const (
-	// A container has been started.
-	Started Action = iota
-	// A container has been stopped.
-	Stopped
-	// A container has been created.
-	Created
-	// A container has been destroyed.
-	Destroyed
-	// A container has been cloned.
-	Cloned
-)
-
-func (action Action) String() string {
-	switch action {
-	case Started:
-		return "Started"
-	case Stopped:
-		return "Stopped"
-	case Created:
-		return "Created"
-	case Destroyed:
-		return "Destroyed"
-	case Cloned:
-		return "Cloned"
-	}
-	return "unknown"
-}
-
-type Event struct {
-	Action       Action
-	InstanceId   string
-	Args         []string
-	TemplateArgs []string
-	EnvArgs      []string
-}
-
-type ContainerFactory interface {
-	golxc.ContainerFactory
-
-	AddListener(chan<- Event)
-	RemoveListener(chan<- Event)
-}
-
-type mockFactory struct {
-	containerDir string
-	instances    map[string]golxc.Container
-	listeners    []chan<- Event
-	mutex        sync.Mutex
-}
-
-func MockFactory(containerDir string) ContainerFactory {
-	return &mockFactory{
-		containerDir: containerDir,
-		instances:    make(map[string]golxc.Container),
-	}
-}
-
-type mockContainer struct {
-	factory  *mockFactory
-	name     string
-	state    golxc.State
-	logFile  string
-	logLevel golxc.LogLevel
-}
-
-func (mock *mockContainer) getState() golxc.State {
-	mock.factory.mutex.Lock()
-	defer mock.factory.mutex.Unlock()
-	return mock.state
-}
-
-func (mock *mockContainer) setState(newState golxc.State) {
-	mock.factory.mutex.Lock()
-	defer mock.factory.mutex.Unlock()
-	mock.state = newState
-	logger.Debugf("container %q state change to %s", mock.name, string(newState))
-}
-
-// Name returns the name of the container.
-func (mock *mockContainer) Name() string {
-	return mock.name
-}
-
-func (mock *mockContainer) configFilename() string {
-	return filepath.Join(mock.factory.containerDir, mock.name, "config")
-}
-
-// Create creates a new container based on the given template.
-func (mock *mockContainer) Create(configFile, template string, extraArgs []string, templateArgs []string, envArgs []string) error {
-	select {
-	case injectedError := <-createTransientErrorInjection:
-		return injectedError
-	default:
-	}
-
-	if mock.getState() != golxc.StateUnknown {
-		return fmt.Errorf("container is already created")
-	}
-	mock.factory.instances[mock.name] = mock
-	// Create the container directory.
-	containerDir := filepath.Join(mock.factory.containerDir, mock.name)
-	if err := os.MkdirAll(containerDir, 0755); err != nil {
-		return errors.Trace(err)
-	}
-	if err := utils.CopyFile(mock.configFilename(), configFile); err != nil {
-		return errors.Trace(err)
-	}
-	mock.setState(golxc.StateStopped)
-	mock.factory.notify(eventArgs(Created, mock.name, extraArgs, templateArgs, envArgs))
-	return nil
-}
-
-// Start runs the container as a daemon.
-func (mock *mockContainer) Start(configFile, consoleFile string) error {
-	select {
-	case injectedError := <-startTransientErrorInjection:
-		return injectedError
-	default:
-	}
-
-	state := mock.getState()
-	if state == golxc.StateUnknown {
-		return fmt.Errorf("container has not been created")
-	} else if state == golxc.StateRunning {
-		return fmt.Errorf("container is already running")
-	}
-	ioutil.WriteFile(
-		filepath.Join(container.ContainerDir, mock.name, "console.log"),
-		[]byte("fake console.log"), 0644)
-	mock.setState(golxc.StateRunning)
-	mock.factory.notify(event(Started, mock.name))
-	return nil
-}
-
-// Stop terminates the running container.
-func (mock *mockContainer) Stop() error {
-	state := mock.getState()
-	if state == golxc.StateUnknown {
-		return fmt.Errorf("container has not been created")
-	} else if state == golxc.StateStopped {
-		return fmt.Errorf("container is already stopped")
-	}
-	mock.setState(golxc.StateStopped)
-	mock.factory.notify(event(Stopped, mock.name))
-	return nil
-}
-
-// Clone creates a copy of the container, giving the copy the specified name.
-func (mock *mockContainer) Clone(name string, extraArgs []string, templateArgs []string) (golxc.Container, error) {
-	select {
-	case injectedError := <-cloneTransientErrorInjection:
-		return nil, injectedError
-	default:
-	}
-
-	state := mock.getState()
-	if state == golxc.StateUnknown {
-		return nil, fmt.Errorf("container has not been created")
-	} else if state == golxc.StateRunning {
-		return nil, fmt.Errorf("container is running, clone not possible")
-	}
-
-	container := &mockContainer{
-		factory:  mock.factory,
-		name:     name,
-		state:    golxc.StateStopped,
-		logLevel: golxc.LogWarning,
-	}
-	mock.factory.instances[name] = container
-
-	// Create the container directory.
-	containerDir := filepath.Join(mock.factory.containerDir, name)
-	if err := os.MkdirAll(containerDir, 0755); err != nil {
-		return nil, errors.Trace(err)
-	}
-	if err := utils.CopyFile(container.configFilename(), mock.configFilename()); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	mock.factory.notify(eventArgs(Cloned, mock.name, extraArgs, templateArgs, nil))
-	return container, nil
-}
-
-// Freeze freezes all the container's processes.
-func (mock *mockContainer) Freeze() error {
-	return nil
-}
-
-// Unfreeze thaws all frozen container's processes.
-func (mock *mockContainer) Unfreeze() error {
-	return nil
-}
-
-// Destroy stops and removes the container.
-func (mock *mockContainer) Destroy() error {
-	select {
-	case injectedError := <-startTransientErrorInjection:
-		return injectedError
-	default:
-	}
-
-	state := mock.getState()
-	// golxc destroy will stop the machine if it is running.
-	if state == golxc.StateRunning {
-		mock.Stop()
-	}
-	if state == golxc.StateUnknown {
-		return fmt.Errorf("container has not been created")
-	}
-	delete(mock.factory.instances, mock.name)
-	mock.setState(golxc.StateUnknown)
-	mock.factory.notify(event(Destroyed, mock.name))
-	return nil
-}
-
-// Wait waits for one of the specified container states.
-func (mock *mockContainer) Wait(states ...golxc.State) error {
-	return nil
-}
-
-// Info returns the status and the process id of the container.
-func (mock *mockContainer) Info() (golxc.State, int, error) {
-	pid := -1
-	state := mock.getState()
-	if state == golxc.StateRunning {
-		pid = 42
-	}
-	return state, pid, nil
-}
-
-// IsConstructed checks if the container image exists.
-func (mock *mockContainer) IsConstructed() bool {
-	return mock.getState() != golxc.StateUnknown
-}
-
-// IsRunning checks if the state of the container is 'RUNNING'.
-func (mock *mockContainer) IsRunning() bool {
-	return mock.getState() == golxc.StateRunning
-}
-
-// String returns information about the container, like the name, state,
-// and process id.
-func (mock *mockContainer) String() string {
-	state, pid, _ := mock.Info()
-	return fmt.Sprintf("<MockContainer %q, state: %s, pid %d>", mock.name, string(state), pid)
-}
-
-// LogFile returns the current filename used for the LogFile.
-func (mock *mockContainer) LogFile() string {
-	return mock.logFile
-}
-
-// LogLevel returns the current logging level (only used if the
-// LogFile is not "").
-func (mock *mockContainer) LogLevel() golxc.LogLevel {
-	return mock.logLevel
-}
-
-// SetLogFile sets both the LogFile and LogLevel.
-func (mock *mockContainer) SetLogFile(filename string, level golxc.LogLevel) {
-	mock.logFile = filename
-	mock.logLevel = level
-}
-
-func (mock *mockFactory) String() string {
-	return fmt.Sprintf("mock lxc factory")
-}
-
-func (mock *mockFactory) New(name string) golxc.Container {
-	mock.mutex.Lock()
-	defer mock.mutex.Unlock()
-	container, ok := mock.instances[name]
-	if ok {
-		return container
-	}
-	container = &mockContainer{
-		factory:  mock,
-		name:     name,
-		state:    golxc.StateUnknown,
-		logLevel: golxc.LogWarning,
-	}
-	mock.instances[name] = container
-	return container
-}
-
-func (mock *mockFactory) List() (result []golxc.Container, err error) {
-	for _, container := range mock.instances {
-		result = append(result, container)
-	}
-	return
-}
-
-func event(action Action, instanceId string) Event {
-	return Event{action, instanceId, nil, nil, nil}
-}
-
-func eventArgs(action Action, instanceId string, args, template, envArgs []string) Event {
-	return Event{action, instanceId, args, template, envArgs}
-}
-
-func (mock *mockFactory) notify(event Event) {
-	for _, c := range mock.listeners {
-		c <- event
-	}
-}
-
-func (mock *mockFactory) AddListener(listener chan<- Event) {
-	mock.listeners = append(mock.listeners, listener)
-}
-
-func (mock *mockFactory) RemoveListener(listener chan<- Event) {
-	pos := 0
-	for i, c := range mock.listeners {
-		if c == listener {
-			pos = i
-		}
-	}
-	mock.listeners = append(mock.listeners[:pos], mock.listeners[pos+1:]...)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/testing/test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/testing/test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxc/testing/test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxc/testing/test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,43 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package testing
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/container"
-	"github.com/juju/juju/container/lxc"
-	"github.com/juju/juju/container/lxc/mock"
-	"github.com/juju/juju/testing"
-)
-
-// TestSuite replaces the lxc factory that the broker uses with a mock
-// implementation.
-type TestSuite struct {
-	testing.FakeJujuXDGDataHomeSuite
-	ContainerFactory mock.ContainerFactory
-	ContainerDir     string
-	RemovedDir       string
-	LxcDir           string
-	RestartDir       string
-}
-
-func (s *TestSuite) SetUpTest(c *gc.C) {
-	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
-	s.ContainerDir = c.MkDir()
-	s.PatchValue(&container.ContainerDir, s.ContainerDir)
-	c.Logf("container.ContainerDir = %q", s.ContainerDir)
-	s.RemovedDir = c.MkDir()
-	s.PatchValue(&container.RemovedContainerDir, s.RemovedDir)
-	c.Logf("container.RemovedContainerDir = %q", s.RemovedDir)
-	s.LxcDir = c.MkDir()
-	s.PatchValue(&lxc.LxcContainerDir, s.LxcDir)
-	c.Logf("lxc.LxcContainerDir = %q", s.LxcDir)
-	s.RestartDir = c.MkDir()
-	s.PatchValue(&lxc.LxcRestartDir, s.RestartDir)
-	c.Logf("lxc.LxcRestartDir = %q", s.RestartDir)
-	s.ContainerFactory = mock.MockFactory(s.LxcDir)
-	s.PatchValue(&lxc.LxcObjectFactory, s.ContainerFactory)
-	c.Logf("lxc.LxcObjectFactory dir = %q", s.LxcDir)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,5 +6,6 @@
 package lxd
 
 var (
-	NICProperties = nicProperties
+	NICDevice      = nicDevice
+	NetworkDevices = networkDevices
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/initialisation.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/initialisation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/initialisation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/initialisation.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"bytes"
 	"fmt"
 	"io/ioutil"
+	"net"
 	"os"
 	"os/exec"
-	"strconv"
 	"strings"
 
 	"github.com/juju/errors"
@@ -90,7 +90,7 @@
 	).CombinedOutput()
 
 	if err != nil {
-		logger.Warningf("configuring zfs failed with %s: %s", err, string(output))
+		logger.Errorf("configuring zfs failed with %s: %s", err, string(output))
 	}
 }
 
@@ -101,35 +101,32 @@
 		 * lxd-bridge; let's not fail here.
 		 */
 		if os.IsNotExist(err) {
-			logger.Warningf("couldn't find %s, not configuring it", lxdBridgeFile)
+			logger.Debugf("couldn't find %s, not configuring it", lxdBridgeFile)
 			return nil
 		}
 		return errors.Trace(err)
 	}
 	defer f.Close()
 
-	output, err := exec.Command("ip", "addr", "show").CombinedOutput()
+	existing, err := ioutil.ReadAll(f)
 	if err != nil {
 		return errors.Trace(err)
 	}
 
-	subnet, err := detectSubnet(string(output))
+	newBridgeCfg, err := bridgeConfiguration(string(existing))
 	if err != nil {
 		return errors.Trace(err)
 	}
 
-	existing, err := ioutil.ReadAll(f)
-	if err != nil {
-		return errors.Trace(err)
+	if newBridgeCfg == string(existing) {
+		return nil
 	}
 
-	result := editLXDBridgeFile(string(existing), subnet)
 	_, err = f.Seek(0, 0)
 	if err != nil {
 		return errors.Trace(err)
 	}
-
-	_, err = f.WriteString(result)
+	_, err = f.WriteString(newBridgeCfg)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -139,46 +136,8 @@
 	return exec.Command("service", "lxd", "restart").Run()
 }
 
-func detectSubnet(ipAddrOutput string) (string, error) {
-	max := 0
-
-	for _, line := range strings.Split(ipAddrOutput, "\n") {
-		trimmed := strings.TrimSpace(line)
-		if trimmed == "" {
-			continue
-		}
-
-		columns := strings.Split(trimmed, " ")
-
-		if len(columns) < 2 {
-			return "", errors.Trace(fmt.Errorf("invalid ip addr output line %s", line))
-		}
-
-		if columns[0] != "inet" {
-			continue
-		}
-
-		addr := columns[1]
-		if !strings.HasPrefix(addr, "10.0.") {
-			continue
-		}
-
-		tuples := strings.Split(addr, ".")
-		if len(tuples) < 4 {
-			return "", errors.Trace(fmt.Errorf("invalid ip addr %s", addr))
-		}
-
-		subnet, err := strconv.Atoi(tuples[2])
-		if err != nil {
-			return "", errors.Trace(err)
-		}
-
-		if subnet > max {
-			max = subnet
-		}
-	}
-
-	return fmt.Sprintf("%d", max+1), nil
+var interfaceAddrs = func() ([]net.Addr, error) {
+	return net.InterfaceAddrs()
 }
 
 func editLXDBridgeFile(input string, subnet string) string {
@@ -267,3 +226,107 @@
 
 	return err
 }
+
+// findNextAvailableIPv4Subnet scans the list of interfaces on the machine
+// looking for 10.0.0.0/16 networks and returns the next subnet not in
+// use, having first detected the highest subnet. The next subnet can
+// actually be lower if we overflowed 255 whilst seeking out the next
+// unused subnet. If all subnets are in use an error is returned.
+//
+// TODO(frobware): this is not an ideal solution as it doesn't take
+// into account any static routes that may be set up on the machine.
+//
+// TODO(frobware): this only caters for IPv4 setups.
+func findNextAvailableIPv4Subnet() (string, error) {
+	_, ip10network, err := net.ParseCIDR("10.0.0.0/16")
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+
+	addrs, err := interfaceAddrs()
+	if err != nil {
+		return "", errors.Annotatef(err, "cannot get network interface addresses")
+	}
+
+	max := 0
+	usedSubnets := make(map[int]bool)
+
+	for _, address := range addrs {
+		addr, network, err := net.ParseCIDR(address.String())
+		if err != nil {
+			logger.Debugf("cannot parse address %q: %v (ignoring)", address.String(), err)
+			continue
+		}
+		if !ip10network.Contains(addr) {
+			logger.Debugf("find available subnet, skipping %q", network.String())
+			continue
+		}
+		subnet := int(network.IP[2])
+		usedSubnets[subnet] = true
+		if subnet > max {
+			max = subnet
+		}
+	}
+
+	if len(usedSubnets) == 0 {
+		return "0", nil
+	}
+
+	for i := 0; i < 256; i++ {
+		max = (max + 1) % 256
+		if _, inUse := usedSubnets[max]; !inUse {
+			return fmt.Sprintf("%d", max), nil
+		}
+	}
+
+	return "", errors.New("could not find unused subnet")
+}
+
+func parseLXDBridgeConfigValues(input string) map[string]string {
+	values := make(map[string]string)
+
+	for _, line := range strings.Split(input, "\n") {
+		line = strings.TrimSpace(line)
+
+		if line == "" || strings.HasPrefix(line, "#") || !strings.Contains(line, "=") {
+			continue
+		}
+
+		tokens := strings.Split(line, "=")
+
+		if tokens[0] == "" {
+			continue // no key
+		}
+
+		value := ""
+
+		if len(tokens) > 1 {
+			value = tokens[1]
+			if strings.HasPrefix(value, `"`) && strings.HasSuffix(value, `"`) {
+				value = strings.Trim(value, `"`)
+			}
+		}
+
+		values[tokens[0]] = value
+	}
+	return values
+}
+
+// bridgeConfiguration ensures that input has a valid setting for
+// LXD_IPV4_ADDR, returning the existing input if is already set, and
+// allocating the next available subnet if it is not.
+func bridgeConfiguration(input string) (string, error) {
+	values := parseLXDBridgeConfigValues(input)
+	ipAddr := net.ParseIP(values["LXD_IPV4_ADDR"])
+
+	if ipAddr == nil || ipAddr.To4() == nil {
+		logger.Infof("LXD_IPV4_ADDR is not set; searching for unused subnet")
+		subnet, err := findNextAvailableIPv4Subnet()
+		if err != nil {
+			return "", errors.Trace(err)
+		}
+		logger.Infof("setting LXD_IPV4_ADDR=10.0.%s.1", subnet)
+		return editLXDBridgeFile(input, subnet), nil
+	}
+	return input, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/initialisation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/initialisation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/initialisation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/initialisation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,9 @@
 package lxd
 
 import (
-	"os/exec"
-	"strconv"
+	"errors"
+	"fmt"
+	"net"
 
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/packaging/commands"
@@ -25,6 +26,40 @@
 
 var _ = gc.Suite(&InitialiserSuite{})
 
+const lxdBridgeContent = `# WARNING: Don't modify this file by hand, it is generated by debconf!
+# To update those values, please run "dpkg-reconfigure lxd"
+
+# Whether to setup a new bridge
+USE_LXD_BRIDGE="true"
+EXISTING_BRIDGE=""
+
+# Bridge name
+LXD_BRIDGE="lxdbr0"
+
+# dnsmasq configuration path
+LXD_CONFILE=""
+
+# dnsmasq domain
+LXD_DOMAIN="lxd"
+
+# IPv4
+LXD_IPV4_ADDR="10.0.4.1"
+LXD_IPV4_NETMASK="255.255.255.0"
+LXD_IPV4_NETWORK="10.0.4.1/24"
+LXD_IPV4_DHCP_RANGE="10.0.4.2,10.0.4.100"
+LXD_IPV4_DHCP_MAX="50"
+LXD_IPV4_NAT="true"
+
+# IPv6
+LXD_IPV6_ADDR="2001:470:b2b5:9999::1"
+LXD_IPV6_MASK="64"
+LXD_IPV6_NETWORK="2001:470:b2b5:9999::1/64"
+LXD_IPV6_NAT="true"
+
+# Proxy server
+LXD_IPV6_PROXY="true"
+`
+
 // getMockRunCommandWithRetry is a helper function which returns a function
 // with an identical signature to manager.RunCommandWithRetry which saves each
 // command it recieves in a slice and always returns no output, error code 0
@@ -78,156 +113,252 @@
 	})
 }
 
-func (s *InitialiserSuite) TestEditLXDBridgeFile(c *gc.C) {
-	input := `# WARNING: Don't modify this file by hand, it is generated by debconf!
-# To update those values, please run "dpkg-reconfigure lxd"
+func (s *InitialiserSuite) TestFindAvailableSubnetWithInterfaceAddrsError(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return nil, errors.New("boom!")
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.ErrorMatches, "cannot get network interface addresses: boom!")
+	c.Assert(subnet, gc.Equals, "")
+}
 
-# Whether to setup a new bridge
-USE_LXD_BRIDGE="true"
-EXISTING_BRIDGE=""
+type testFindSubnetAddr struct {
+	val string
+}
 
-# Bridge name
-LXD_BRIDGE="lxdbr0"
+func (a testFindSubnetAddr) Network() string {
+	return "ip+net"
+}
 
-# dnsmasq configuration path
-LXD_CONFILE=""
+func (a testFindSubnetAddr) String() string {
+	return a.val
+}
 
-# dnsmasq domain
-LXD_DOMAIN="lxd"
+func testAddresses(c *gc.C, networks ...string) ([]net.Addr, error) {
+	addrs := make([]net.Addr, 0)
+	for _, n := range networks {
+		_, _, err := net.ParseCIDR(n)
+		if err != nil {
+			return nil, err
+		}
+		c.Assert(err, gc.IsNil)
+		addrs = append(addrs, testFindSubnetAddr{n})
+	}
+	return addrs, nil
+}
 
-# IPv4
-LXD_IPV4_ADDR="10.0.4.1"
-LXD_IPV4_NETMASK="255.255.255.0"
-LXD_IPV4_NETWORK="10.0.4.1/24"
-LXD_IPV4_DHCP_RANGE="10.0.4.2,10.0.4.100"
-LXD_IPV4_DHCP_MAX="50"
-LXD_IPV4_NAT="true"
+func (s *InitialiserSuite) TestFindAvailableSubnetWithNoAddresses(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c)
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "0")
+}
 
-# IPv6
-LXD_IPV6_ADDR="2001:470:b2b5:9999::1"
-LXD_IPV6_MASK="64"
-LXD_IPV6_NETWORK="2001:470:b2b5:9999::1/64"
-LXD_IPV6_NAT="true"
+func (s *InitialiserSuite) TestFindAvailableSubnetWithIPv6Only(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c, "fe80::aa8e:a275:7ae0:34af/64")
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "0")
+}
 
-# Proxy server
-LXD_IPV6_PROXY="true"
-`
-	expected := `# WARNING: Don't modify this file by hand, it is generated by debconf!
-# To update those values, please run "dpkg-reconfigure lxd"
+func (s *InitialiserSuite) TestFindAvailableSubnetWithIPv4OnlyAndNo10xSubnet(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c, "192.168.1.64/24")
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "0")
+}
 
-# Whether to setup a new bridge
-USE_LXD_BRIDGE="true"
-EXISTING_BRIDGE=""
+func (s *InitialiserSuite) TestFindAvailableSubnetWithInvalidCIDR(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return []net.Addr{
+			testFindSubnetAddr{"10.0.0.1"},
+			testFindSubnetAddr{"10.0.5.1/24"}}, nil
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "6")
+}
 
-# Bridge name
-LXD_BRIDGE="lxdbr0"
+func (s *InitialiserSuite) TestFindAvailableSubnetWithIPv4AndExisting10xNetwork(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c, "192.168.1.64/24", "10.0.0.1/24")
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "1")
+}
 
-# dnsmasq configuration path
-LXD_CONFILE=""
+func (s *InitialiserSuite) TestFindAvailableSubnetWithExisting10xNetworks(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c, "192.168.1.0/24", "10.0.4.1/24", "::1/128", "10.0.3.1/24", "fe80::aa8e:a275:7ae0:34af/64")
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "5")
+}
 
-# dnsmasq domain
-LXD_DOMAIN="lxd"
+func (s *InitialiserSuite) TestFindAvailableSubnetUpperBoundInUse(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c, "10.0.255.1/24")
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "0")
+}
 
-# IPv4
-LXD_IPV4_ADDR="10.0.19.1"
-LXD_IPV4_NETMASK="255.255.255.0"
-LXD_IPV4_NETWORK="10.0.19.1/24"
-LXD_IPV4_DHCP_RANGE="10.0.19.2,10.0.19.254"
-LXD_IPV4_DHCP_MAX="253"
-LXD_IPV4_NAT="true"
+func (s *InitialiserSuite) TestFindAvailableSubnetUpperBoundAndLowerBoundInUse(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c, "10.0.255.1/24", "10.0.0.1/24")
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.IsNil)
+	c.Assert(subnet, gc.Equals, "1")
+}
 
-# IPv6
-LXD_IPV6_ADDR="2001:470:b2b5:9999::1"
-LXD_IPV6_MASK="64"
-LXD_IPV6_NETWORK="2001:470:b2b5:9999::1/64"
-LXD_IPV6_NAT="true"
+func (s *InitialiserSuite) TestFindAvailableSubnetWithFull10xSubnet(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		addrs := make([]net.Addr, 256)
+		for i := 0; i < 256; i++ {
+			subnet := fmt.Sprintf("10.0.%v.1/24", i)
+			addrs[i] = testFindSubnetAddr{subnet}
+		}
+		return addrs, nil
+	})
+	subnet, err := findNextAvailableIPv4Subnet()
+	c.Assert(err, gc.ErrorMatches, "could not find unused subnet")
+	c.Assert(subnet, gc.Equals, "")
+}
 
-# Proxy server
-LXD_IPV6_PROXY="false"
+func (s *InitialiserSuite) TestParseLXDBridgeFileValues(c *gc.C) {
+	insignificantContent := `
+# Comment 1, followed by empty line.
 
-`
-	result := editLXDBridgeFile(input, "19")
-	c.Assert(result, jc.DeepEquals, expected)
-}
+# Comment 2, followed by empty line.
 
-func (s *InitialiserSuite) TestDetectSubnet(c *gc.C) {
-	input := `1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
-    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
-    inet 127.0.0.1/8 scope host lo
-       valid_lft forever preferred_lft forever
-    inet6 ::1/128 scope host 
-       valid_lft forever preferred_lft forever
-2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
-    link/ether 1c:6f:65:d5:56:98 brd ff:ff:ff:ff:ff:ff
-    inet 192.168.0.69/24 brd 192.168.0.255 scope global eth0
-       valid_lft forever preferred_lft forever
-    inet6 fd5d:e5bb:c5f9::c0c/128 scope global dynamic 
-       valid_lft 83178sec preferred_lft 83178sec
-    inet6 fd5d:e5bb:c5f9:0:1e6f:65ff:fed5:5698/64 scope global noprefixroute dynamic 
-       valid_lft 6967sec preferred_lft 1567sec
-    inet6 fe80::1e6f:65ff:fed5:5698/64 scope link 
-       valid_lft forever preferred_lft forever
-3: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
-    link/ether 52:54:00:e4:70:2f brd ff:ff:ff:ff:ff:ff
-    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
-       valid_lft forever preferred_lft forever
-4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 500
-    link/ether 52:54:00:e4:70:2f brd ff:ff:ff:ff:ff:ff
-5: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
-    link/ether 52:54:00:fe:04:e6 brd ff:ff:ff:ff:ff:ff
-    inet 192.168.100.1/24 brd 192.168.100.255 scope global virbr1
-       valid_lft forever preferred_lft forever
-6: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN group default qlen 500
-    link/ether 52:54:00:fe:04:e6 brd ff:ff:ff:ff:ff:ff
-7: lxcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
-    link/ether fe:d3:9d:e4:ba:90 brd ff:ff:ff:ff:ff:ff
-    inet 10.0.3.1/24 scope global lxcbr0
-       valid_lft forever preferred_lft forever
-    inet6 fe80::a00f:35ff:fe81:f7ed/64 scope link 
-       valid_lft forever preferred_lft forever
-25: vethOG10XO@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lxcbr0 state UP group default qlen 1000
-    link/ether fe:d3:9d:e4:ba:90 brd ff:ff:ff:ff:ff:ff link-netnsid 0
-    inet6 fe80::fcd3:9dff:fee4:ba90/64 scope link 
-       valid_lft forever preferred_lft forever
-37: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN group default qlen 500
-    link/ether fe:54:00:6e:2d:7d brd ff:ff:ff:ff:ff:ff
-    inet6 fe80::fc54:ff:fe6e:2d7d/64 scope link 
-       valid_lft forever preferred_lft forever
-38: vnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN group default qlen 500
-    link/ether fe:54:00:3e:80:18 brd ff:ff:ff:ff:ff:ff
-    inet6 fe80::fc54:ff:fe3e:8018/64 scope link 
-       valid_lft forever preferred_lft forever
-39: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN group default qlen 500
-    link/ether fe:54:00:ee:c7:95 brd ff:ff:ff:ff:ff:ff
-    inet6 fe80::fc54:ff:feee:c795/64 scope link 
-       valid_lft forever preferred_lft forever
-40: vnet3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master virbr0 state UNKNOWN group default qlen 500
-    link/ether fe:54:00:30:92:16 brd ff:ff:ff:ff:ff:ff
-    inet6 fe80::fc54:ff:fe30:9216/64 scope link 
-       valid_lft forever preferred_lft forever
+  And a line that has content, but is not a comment, nor a key/value pair.
 `
-
-	result, err := detectSubnet(input)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, jc.DeepEquals, "4")
+	for i, test := range []struct {
+		desc     string
+		content  string
+		expected map[string]string
+	}{{
+		desc:     "empty content",
+		content:  "",
+		expected: map[string]string{},
+	}, {
+		desc:     "only comments and empty lines",
+		content:  insignificantContent,
+		expected: map[string]string{},
+	}, {
+		desc:     "missing key",
+		content:  "=a",
+		expected: map[string]string{},
+	}, {
+		desc:    "empty value",
+		content: "a=",
+		expected: map[string]string{
+			"a": "",
+		},
+	}, {
+		desc:    "value defined, but empty",
+		content: `a=""`,
+		expected: map[string]string{
+			"a": "",
+		},
+	}, {
+		desc:    "multiple entries",
+		content: "a=b\nc=d\ne=f",
+		expected: map[string]string{
+			"a": "b",
+			"c": "d",
+			"e": "f",
+		},
+	}, {
+		desc:    "comment with leading whitespace",
+		content: " #a=b\nc=d\ne=f",
+		expected: map[string]string{
+			"c": "d",
+			"e": "f",
+		},
+	}, {
+		desc:    "key/value pairs with leading and trailing whitespace",
+		content: " a=b\n c=d \ne=f ",
+		expected: map[string]string{
+			"a": "b",
+			"c": "d",
+			"e": "f",
+		},
+	}} {
+		c.Logf("test #%d - %s", i, test.desc)
+		values := parseLXDBridgeConfigValues(test.content)
+		c.Check(values, gc.DeepEquals, test.expected)
+	}
 }
 
-func (s *InitialiserSuite) TestDetectSubnetLocal(c *gc.C) {
-	_, err := exec.LookPath("ip")
-	if err != nil {
-		c.Skip("skipping local detect subnet test, ip tool not found")
+func (s *InitialiserSuite) TestParseLXDBridgeFileValuesWithRealWorldContent(c *gc.C) {
+	expected := map[string]string{
+		"USE_LXD_BRIDGE":      "true",
+		"EXISTING_BRIDGE":     "",
+		"LXD_BRIDGE":          "lxdbr0",
+		"LXD_CONFILE":         "",
+		"LXD_DOMAIN":          "lxd",
+		"LXD_IPV4_ADDR":       "10.0.4.1",
+		"LXD_IPV4_NETMASK":    "255.255.255.0",
+		"LXD_IPV4_NETWORK":    "10.0.4.1/24",
+		"LXD_IPV4_DHCP_RANGE": "10.0.4.2,10.0.4.100",
+		"LXD_IPV4_DHCP_MAX":   "50",
+		"LXD_IPV4_NAT":        "true",
+		"LXD_IPV6_ADDR":       "2001:470:b2b5:9999::1",
+		"LXD_IPV6_MASK":       "64",
+		"LXD_IPV6_NETWORK":    "2001:470:b2b5:9999::1/64",
+		"LXD_IPV6_NAT":        "true",
+		"LXD_IPV6_PROXY":      "true",
 	}
+	values := parseLXDBridgeConfigValues(lxdBridgeContent)
+	c.Check(values, gc.DeepEquals, expected)
+}
 
-	output, err := exec.Command("ip", "addr", "show").CombinedOutput()
-	c.Assert(err, jc.ErrorIsNil)
+func (s *InitialiserSuite) TestBridgeConfigurationWithNoChangeRequired(c *gc.C) {
+	result, err := bridgeConfiguration(lxdBridgeContent)
+	c.Assert(err, gc.IsNil)
+	c.Assert(lxdBridgeContent, gc.Equals, result)
+}
 
-	subnet, err := detectSubnet(string(output))
-	c.Assert(err, jc.ErrorIsNil)
+func (s *InitialiserSuite) TestBridgeConfigurationWithInterfacesError(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return nil, errors.New("boom!")
+	})
+	result, err := bridgeConfiguration("")
+	c.Assert(err, gc.ErrorMatches, "cannot get network interface addresses: boom!")
+	c.Assert(result, gc.Equals, "")
+}
 
-	subnetInt, err := strconv.Atoi(subnet)
-	c.Assert(err, jc.ErrorIsNil)
+func (s *InitialiserSuite) TestBridgeConfigurationWithNewSubnet(c *gc.C) {
+	s.PatchValue(&interfaceAddrs, func() ([]net.Addr, error) {
+		return testAddresses(c, "10.0.4.1/24")
+	})
 
-	c.Assert(subnetInt, jc.GreaterThan, 0)
-	c.Assert(subnetInt, jc.LessThan, 255)
+	expectedValues := map[string]string{
+		"USE_LXD_BRIDGE":      "true",
+		"EXISTING_BRIDGE":     "",
+		"LXD_BRIDGE":          "lxdbr0",
+		"LXD_IPV4_ADDR":       "10.0.5.1",
+		"LXD_IPV4_NETMASK":    "255.255.255.0",
+		"LXD_IPV4_NETWORK":    "10.0.5.1/24",
+		"LXD_IPV4_DHCP_RANGE": "10.0.5.2,10.0.5.254",
+		"LXD_IPV4_DHCP_MAX":   "253",
+		"LXD_IPV4_NAT":        "true",
+		"LXD_IPV6_PROXY":      "false",
+	}
 
+	result, err := bridgeConfiguration(`LXD_IPV4_ADDR=""`)
+	c.Assert(err, gc.IsNil)
+	actualValues := parseLXDBridgeConfigValues(result)
+	c.Assert(expectedValues, gc.DeepEquals, actualValues)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/lxd.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/lxd.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/lxd.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/lxd.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,11 +10,10 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
-	"github.com/lxc/lxd"
 
 	"github.com/juju/juju/cloudconfig/containerinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
+	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
@@ -26,25 +25,25 @@
 	logger = loggo.GetLogger("juju.container.lxd")
 )
 
+const lxdDefaultProfileName = "default"
+
 // XXX: should we allow managing containers on other hosts? this is
 // functionality LXD gives us and from discussion juju would use eventually for
 // the local provider, so the APIs probably need to be changed to pass extra
 // args around. I'm punting for now.
 type containerManager struct {
-	name string
+	modelUUID string
+	namespace instance.Namespace
 	// A cached client.
 	client *lxdclient.Client
-	// Custom network profile
-	networkProfile string
 }
 
 // containerManager implements container.Manager.
 var _ container.Manager = (*containerManager)(nil)
 
-func ConnectLocal(namespace string) (*lxdclient.Client, error) {
+func ConnectLocal() (*lxdclient.Client, error) {
 	cfg := lxdclient.Config{
-		Namespace: namespace,
-		Remote:    lxdclient.Local,
+		Remote: lxdclient.Local,
 	}
 
 	cfg, err := cfg.WithDefaults()
@@ -65,17 +64,30 @@
 // TODO(jam): This needs to grow support for things like LXC's ImageURLGetter
 // functionality.
 func NewContainerManager(conf container.ManagerConfig) (container.Manager, error) {
-	name := conf.PopValue(container.ConfigName)
-	if name == "" {
-		return nil, errors.Errorf("name is required")
+	modelUUID := conf.PopValue(container.ConfigModelUUID)
+	if modelUUID == "" {
+		return nil, errors.Errorf("model UUID is required")
+	}
+	namespace, err := instance.NewNamespace(modelUUID)
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
 
 	conf.WarnAboutUnused()
-	return &containerManager{name: name}, nil
+	return &containerManager{
+		modelUUID: modelUUID,
+		namespace: namespace,
+	}, nil
+}
+
+// Namespace implements container.Manager.
+func (manager *containerManager) Namespace() instance.Namespace {
+	return manager.namespace
 }
 
 func (manager *containerManager) CreateContainer(
 	instanceConfig *instancecfg.InstanceConfig,
+	cons constraints.Value,
 	series string,
 	networkConfig *container.NetworkConfig,
 	storageConfig *container.StorageConfig,
@@ -84,13 +96,12 @@
 
 	defer func() {
 		if err != nil {
-			manager.deleteNetworkProfile()
 			callback(status.StatusProvisioningError, fmt.Sprintf("Creating container: %v", err), nil)
 		}
 	}()
 
 	if manager.client == nil {
-		manager.client, err = ConnectLocal(manager.name)
+		manager.client, err = ConnectLocal()
 		if err != nil {
 			err = errors.Annotatef(err, "failed to connect to local LXD")
 			return
@@ -107,9 +118,9 @@
 		return
 	}
 
-	name := names.NewMachineTag(instanceConfig.MachineId).String()
-	if manager.name != "" {
-		name = fmt.Sprintf("%s-%s", manager.name, name)
+	name, err := manager.namespace.Hostname(instanceConfig.MachineId)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
 	}
 
 	userData, err := containerinit.CloudInitUserData(instanceConfig, networkConfig)
@@ -121,46 +132,38 @@
 		lxdclient.UserdataKey: string(userData),
 		// An extra piece of info to let people figure out where this
 		// thing came from.
-		"user.juju-environment": manager.name,
+		"user.juju-model": manager.modelUUID,
 
 		// Make sure these come back up on host reboot.
 		"boot.autostart": "true",
 	}
 
-	networkProfile := fmt.Sprintf("%s-network", name)
+	nics, err := networkDevices(networkConfig)
+	if err != nil {
+		return
+	}
 
-	if len(networkConfig.Interfaces) > 0 || networkConfig.Device != "" {
-		if err = createNetworkProfile(manager.client, networkProfile); err != nil {
-			return
-		}
+	profiles := []string{}
 
-		manager.networkProfile = networkProfile
-		if len(networkConfig.Interfaces) > 0 {
-			err = networkProfileAddMultipleInterfaces(manager.client, networkProfile, networkConfig.Interfaces)
-		} else {
-			err = networkProfileAddSingleInterface(manager.client, networkProfile, networkConfig.Device, networkConfig.MTU)
-		}
-		if err != nil {
-			return
-		}
+	if len(nics) == 0 {
+		logger.Infof("instance %q configured with %q profile", name, lxdDefaultProfileName)
+		profiles = append(profiles, lxdDefaultProfileName)
 	} else {
-		networkProfile = "default"
+		logger.Infof("instance %q configured with %v network devices", name, nics)
 	}
 
 	spec := lxdclient.InstanceSpec{
 		Name:     name,
 		Image:    manager.client.ImageNameForSeries(series),
 		Metadata: metadata,
-		Profiles: []string{
-			networkProfile,
-		},
+		Devices:  nics,
+		Profiles: profiles,
 	}
 
 	logger.Infof("starting instance %q (image %q)...", spec.Name, spec.Image)
 	callback(status.StatusProvisioning, "Starting container", nil)
 	_, err = manager.client.AddInstance(spec)
 	if err != nil {
-		manager.client.ProfileDelete(networkProfile)
 		return
 	}
 
@@ -172,25 +175,24 @@
 func (manager *containerManager) DestroyContainer(id instance.Id) error {
 	if manager.client == nil {
 		var err error
-		manager.client, err = ConnectLocal(manager.name)
+		manager.client, err = ConnectLocal()
 		if err != nil {
 			return err
 		}
 	}
-	manager.deleteNetworkProfile()
-	return errors.Trace(manager.client.RemoveInstances(manager.name, string(id)))
+	return errors.Trace(manager.client.RemoveInstances(manager.namespace.Prefix(), string(id)))
 }
 
 func (manager *containerManager) ListContainers() (result []instance.Instance, err error) {
 	result = []instance.Instance{}
 	if manager.client == nil {
-		manager.client, err = ConnectLocal(manager.name)
+		manager.client, err = ConnectLocal()
 		if err != nil {
 			return
 		}
 	}
 
-	lxdInstances, err := manager.client.Instances(manager.name)
+	lxdInstances, err := manager.client.Instances(manager.namespace.Prefix())
 	if err != nil {
 		return
 	}
@@ -210,7 +212,7 @@
 	// NewClient does a roundtrip to the server to make sure it understands
 	// the versions, so all we need to do is connect above and we're done.
 	var err error
-	manager.client, err = ConnectLocal(manager.name)
+	manager.client, err = ConnectLocal()
 	return err == nil
 }
 
@@ -220,95 +222,58 @@
 	return true
 }
 
-func nicProperties(parentDevice, deviceName, hwAddr string, mtu int) ([]string, error) {
-	var props = []string{"nictype=bridged"}
+func nicDevice(deviceName, parentDevice, hwAddr string, mtu int) (lxdclient.Device, error) {
+	device := make(lxdclient.Device)
 
-	if parentDevice == "" {
-		return nil, errors.Errorf("invalid parent device")
-	} else {
-		props = append(props, fmt.Sprintf("parent=%v", parentDevice))
-	}
+	device["type"] = "nic"
+	device["nictype"] = "bridged"
 
 	if deviceName == "" {
 		return nil, errors.Errorf("invalid device name")
-	} else {
-		props = append(props, fmt.Sprintf("name=%v", deviceName))
 	}
+	device["name"] = deviceName
 
-	if hwAddr != "" {
-		props = append(props, fmt.Sprintf("hwaddr=%v", hwAddr))
+	if parentDevice == "" {
+		return nil, errors.Errorf("invalid parent device name")
 	}
+	device["parent"] = parentDevice
 
-	if mtu > 0 {
-		props = append(props, fmt.Sprintf("mtu=%v", mtu))
+	if hwAddr != "" {
+		device["hwaddr"] = hwAddr
 	}
 
-	return props, nil
-}
-
-func addNetworkDeviceToProfile(client *lxdclient.Client, profile, parentDevice, deviceName, hwAddr string, mtu int) (*lxd.Response, error) {
-	props, err := nicProperties(parentDevice, deviceName, hwAddr, mtu)
-	if err != nil {
-		return nil, errors.Trace(err)
+	if mtu > 0 {
+		device["mtu"] = fmt.Sprintf("%v", mtu)
 	}
-	logger.Infof("adding nic device %q with properties %+v to profile %q", deviceName, props, profile)
-	return client.ProfileDeviceAdd(profile, deviceName, "nic", props)
-}
 
-func networkProfileAddSingleInterface(client *lxdclient.Client, profile, deviceName string, mtu int) error {
-	_, err := addNetworkDeviceToProfile(client, profile, deviceName, "eth0", "", mtu)
-	return errors.Trace(err)
+	return device, nil
 }
 
-func networkProfileAddMultipleInterfaces(client *lxdclient.Client, profile string, interfaces []network.InterfaceInfo) error {
-	for _, v := range interfaces {
-		if v.InterfaceType == network.LoopbackInterface {
-			continue
-		}
+func networkDevices(networkConfig *container.NetworkConfig) (lxdclient.Devices, error) {
+	nics := make(lxdclient.Devices)
 
-		if v.InterfaceType != network.EthernetInterface {
-			return errors.Errorf("interface type %q not supported", v.InterfaceType)
+	if len(networkConfig.Interfaces) > 0 {
+		for _, v := range networkConfig.Interfaces {
+			if v.InterfaceType == network.LoopbackInterface {
+				continue
+			}
+			if v.InterfaceType != network.EthernetInterface {
+				return nil, errors.Errorf("interface type %q not supported", v.InterfaceType)
+			}
+			parentDevice := v.ParentInterfaceName
+			device, err := nicDevice(v.InterfaceName, parentDevice, v.MACAddress, v.MTU)
+			if err != nil {
+				return nil, errors.Trace(err)
+			}
+			nics[v.InterfaceName] = device
 		}
-
-		_, err := addNetworkDeviceToProfile(client, profile, v.ParentInterfaceName, v.InterfaceName, v.MACAddress, v.MTU)
-
+	} else if networkConfig.Device != "" {
+		device, err := nicDevice("eth0", networkConfig.Device, "", networkConfig.MTU)
 		if err != nil {
-			return errors.Trace(err)
-		}
-	}
-
-	return nil
-}
-
-func createNetworkProfile(client *lxdclient.Client, profile string) error {
-	found, err := client.HasProfile(profile)
-
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	if found {
-		logger.Infof("deleting existing container profile %q", profile)
-		if err := client.ProfileDelete(profile); err != nil {
-			return errors.Trace(err)
+			return nil, errors.Trace(err)
 		}
+		nics["eth0"] = device
 	}
 
-	err = client.CreateProfile(profile, nil)
-
-	if err == nil {
-		logger.Infof("created new network container profile %q", profile)
-	}
-
-	return errors.Trace(err)
-}
-
-func (manager *containerManager) deleteNetworkProfile() {
-	if manager.client != nil && manager.networkProfile != "" {
-		logger.Infof("deleting container network profile %q", manager.networkProfile)
-		if err := manager.client.ProfileDelete(manager.networkProfile); err != nil {
-			logger.Warningf("discarding profile delete error: %v", err)
-		}
-		manager.networkProfile = ""
-	}
+	return nics, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/lxd_go12.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/lxd_go12.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/lxd_go12.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/lxd_go12.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,10 +16,6 @@
 	logger = loggo.GetLogger("juju.container.lxd")
 )
 
-func GetDefaultBridgeName() (string, error) {
-	return "", errors.Errorf("LXD not supported in go 1.2")
-}
-
 func NewContainerManager(conf container.ManagerConfig) (container.Manager, error) {
 	return nil, errors.Errorf("LXD containers not supported in go 1.2")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/lxd_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/lxd_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/lxd/lxd_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/lxd/lxd_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,12 +12,13 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/container/lxd"
 	containertesting "github.com/juju/juju/container/testing"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/provider/dummy"
+	"github.com/juju/juju/network"
 	"github.com/juju/juju/status"
+	"github.com/juju/juju/testing"
 	"github.com/juju/juju/tools/lxdclient"
 )
 
@@ -42,7 +43,7 @@
 
 func (t *LxdSuite) makeManager(c *gc.C, name string) container.Manager {
 	config := container.ManagerConfig{
-		container.ConfigName: name,
+		container.ConfigModelUUID: testing.ModelTag.Id(),
 	}
 
 	manager, err := lxd.NewContainerManager(config)
@@ -53,7 +54,7 @@
 
 func (t *LxdSuite) TestNotAllContainersAreDeleted(c *gc.C) {
 	c.Skip("Test skipped because it talks directly to LXD agent.")
-	lxdClient, err := lxd.ConnectLocal("")
+	lxdClient, err := lxd.ConnectLocal()
 	c.Assert(err, jc.ErrorIsNil)
 
 	/* create a container to make sure isn't deleted */
@@ -68,9 +69,6 @@
 
 	instanceConfig, err := containertesting.MockMachineConfig("1/lxd/0")
 	c.Assert(err, jc.ErrorIsNil)
-	envConfig, err := config.New(config.NoDefaults, dummy.SampleConfig())
-	c.Assert(err, jc.ErrorIsNil)
-	instanceConfig.Config = envConfig
 	storageConfig := &container.StorageConfig{}
 	networkConfig := container.BridgeNetworkConfig("nic42", 4321, nil)
 
@@ -78,6 +76,7 @@
 	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error { return nil }
 	_, _, err = manager.CreateContainer(
 		instanceConfig,
+		constraints.Value{},
 		"xenial",
 		networkConfig,
 		storageConfig,
@@ -94,54 +93,111 @@
 	}
 }
 
-func (t *LxdSuite) TestNICPropertiesWithInvalidParentDevice(c *gc.C) {
-	props, err := lxd.NICProperties("", "eth1", "", 0)
-	c.Assert(props, gc.IsNil)
-	c.Assert(err.Error(), gc.Equals, "invalid parent device")
+func (t *LxdSuite) TestNICDeviceWithInvalidDeviceName(c *gc.C) {
+	device, err := lxd.NICDevice("", "br-eth1", "", 0)
+	c.Assert(device, gc.IsNil)
+	c.Assert(err.Error(), gc.Equals, "invalid device name")
 }
 
-func (t *LxdSuite) TestNICPropertiesWithInvalidDeviceName(c *gc.C) {
-	props, err := lxd.NICProperties("testbr1", "", "", 0)
-	c.Assert(props, gc.IsNil)
-	c.Assert(err.Error(), gc.Equals, "invalid device name")
+func (t *LxdSuite) TestNICDeviceWithInvalidParentDeviceName(c *gc.C) {
+	device, err := lxd.NICDevice("eth0", "", "", 0)
+	c.Assert(device, gc.IsNil)
+	c.Assert(err.Error(), gc.Equals, "invalid parent device name")
 }
 
-func (t *LxdSuite) TestNICPropertiesWithoutMACAddressOrMTUGreaterThanZero(c *gc.C) {
-	props, err := lxd.NICProperties("testbr1", "eth1", "", 0)
+func (t *LxdSuite) TestNICDeviceWithoutMACAddressOrMTUGreaterThanZero(c *gc.C) {
+	device, err := lxd.NICDevice("eth1", "br-eth1", "", 0)
 	c.Assert(err, gc.IsNil)
-	c.Assert(props, gc.HasLen, 3)
-	c.Assert(props[0], gc.Equals, "nictype=bridged")
-	c.Assert(props[1], gc.Equals, "parent=testbr1")
-	c.Assert(props[2], gc.Equals, "name=eth1")
+	expected := lxdclient.Device{
+		"name":    "eth1",
+		"nictype": "bridged",
+		"parent":  "br-eth1",
+		"type":    "nic",
+	}
+	c.Assert(device, gc.DeepEquals, expected)
 }
 
-func (t *LxdSuite) TestNICPropertiesWithMACAddressButNoMTU(c *gc.C) {
-	props, err := lxd.NICProperties("testbr1", "eth1", "aa:bb:cc:dd:ee:f0", 0)
+func (t *LxdSuite) TestNICDeviceWithMACAddressButNoMTU(c *gc.C) {
+	device, err := lxd.NICDevice("eth1", "br-eth1", "aa:bb:cc:dd:ee:f0", 0)
 	c.Assert(err, gc.IsNil)
-	c.Assert(props, gc.HasLen, 4)
-	c.Assert(props[0], gc.Equals, "nictype=bridged")
-	c.Assert(props[1], gc.Equals, "parent=testbr1")
-	c.Assert(props[2], gc.Equals, "name=eth1")
-	c.Assert(props[3], gc.Equals, "hwaddr=aa:bb:cc:dd:ee:f0")
+	expected := lxdclient.Device{
+		"hwaddr":  "aa:bb:cc:dd:ee:f0",
+		"name":    "eth1",
+		"nictype": "bridged",
+		"parent":  "br-eth1",
+		"type":    "nic",
+	}
+	c.Assert(device, gc.DeepEquals, expected)
 }
 
-func (t *LxdSuite) TestNICPropertiesWithoutMACAddressButMTUGreaterThanZero(c *gc.C) {
-	props, err := lxd.NICProperties("testbr1", "eth1", "", 1492)
+func (t *LxdSuite) TestNICDeviceWithoutMACAddressButMTUGreaterThanZero(c *gc.C) {
+	device, err := lxd.NICDevice("eth1", "br-eth1", "", 1492)
 	c.Assert(err, gc.IsNil)
-	c.Assert(props, gc.HasLen, 4)
-	c.Assert(props[0], gc.Equals, "nictype=bridged")
-	c.Assert(props[1], gc.Equals, "parent=testbr1")
-	c.Assert(props[2], gc.Equals, "name=eth1")
-	c.Assert(props[3], gc.Equals, "mtu=1492")
+	expected := lxdclient.Device{
+		"mtu":     "1492",
+		"name":    "eth1",
+		"nictype": "bridged",
+		"parent":  "br-eth1",
+		"type":    "nic",
+	}
+	c.Assert(device, gc.DeepEquals, expected)
 }
 
-func (t *LxdSuite) TestNICPropertiesWithMACAddressAndMTUGreaterThanZero(c *gc.C) {
-	props, err := lxd.NICProperties("testbr1", "eth1", "aa:bb:cc:dd:ee:f0", 1066)
+func (t *LxdSuite) TestNICDeviceWithMACAddressAndMTUGreaterThanZero(c *gc.C) {
+	device, err := lxd.NICDevice("eth1", "br-eth1", "aa:bb:cc:dd:ee:f0", 9000)
 	c.Assert(err, gc.IsNil)
-	c.Assert(props, gc.HasLen, 5)
-	c.Assert(props[0], gc.Equals, "nictype=bridged")
-	c.Assert(props[1], gc.Equals, "parent=testbr1")
-	c.Assert(props[2], gc.Equals, "name=eth1")
-	c.Assert(props[3], gc.Equals, "hwaddr=aa:bb:cc:dd:ee:f0")
-	c.Assert(props[4], gc.Equals, "mtu=1066")
+	expected := lxdclient.Device{
+		"hwaddr":  "aa:bb:cc:dd:ee:f0",
+		"mtu":     "9000",
+		"name":    "eth1",
+		"nictype": "bridged",
+		"parent":  "br-eth1",
+		"type":    "nic",
+	}
+	c.Assert(device, gc.DeepEquals, expected)
+}
+
+func (t *LxdSuite) TestNetworkDevicesWithEmptyParentDevice(c *gc.C) {
+	interfaces := []network.InterfaceInfo{{
+		InterfaceName: "eth1",
+		InterfaceType: "ethernet",
+		Address:       network.NewAddress("0.10.0.21"),
+		MACAddress:    "aa:bb:cc:dd:ee:f1",
+		MTU:           9000,
+	}}
+
+	result, err := lxd.NetworkDevices(&container.NetworkConfig{
+		Interfaces: interfaces,
+	})
+
+	c.Assert(err, gc.ErrorMatches, "invalid parent device name")
+	c.Assert(result, gc.IsNil)
+}
+
+func (t *LxdSuite) TestNetworkDevicesWithParentDevice(c *gc.C) {
+	interfaces := []network.InterfaceInfo{{
+		ParentInterfaceName: "br-eth0",
+		InterfaceName:       "eth0",
+		InterfaceType:       "ethernet",
+		Address:             network.NewAddress("0.10.0.20"),
+		MACAddress:          "aa:bb:cc:dd:ee:f0",
+	}}
+
+	expected := lxdclient.Devices{
+		"eth0": lxdclient.Device{
+			"hwaddr":  "aa:bb:cc:dd:ee:f0",
+			"name":    "eth0",
+			"nictype": "bridged",
+			"parent":  "br-eth0",
+			"type":    "nic",
+		},
+	}
+
+	result, err := lxd.NetworkDevices(&container.NetworkConfig{
+		Device:     "lxdbr0",
+		Interfaces: interfaces,
+	})
+
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result, jc.DeepEquals, expected)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/network.go juju-core-2.0~beta12/src/github.com/juju/juju/container/network.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/network.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,12 +29,24 @@
 	Interfaces []network.InterfaceInfo
 }
 
-// BridgeNetworkConfig returns a valid NetworkConfig to use the
-// specified device as a network bridge for the container. It also
-// allows passing in specific configuration for the container's
-// network interfaces and default MTU to use. If interfaces is nil the
-// default configuration is used for the respective container type.
+// FallbackInterfaceInfo returns a single "eth0" interface configured with DHCP.
+func FallbackInterfaceInfo() []network.InterfaceInfo {
+	return []network.InterfaceInfo{{
+		InterfaceName: "eth0",
+		InterfaceType: network.EthernetInterface,
+		ConfigType:    network.ConfigDHCP,
+	}}
+}
+
+// BridgeNetworkConfig returns a valid NetworkConfig to use the specified device
+// as a network bridge for the container. It also allows passing in specific
+// configuration for the container's network interfaces and default MTU to use.
+// If interfaces is empty, FallbackInterfaceInfo() is used to get the a sane
+// default
 func BridgeNetworkConfig(device string, mtu int, interfaces []network.InterfaceInfo) *NetworkConfig {
+	if len(interfaces) == 0 {
+		interfaces = FallbackInterfaceInfo()
+	}
 	return &NetworkConfig{BridgeNetwork, device, mtu, interfaces}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/testing/common.go juju-core-2.0~beta12/src/github.com/juju/juju/container/testing/common.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/testing/common.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/testing/common.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,19 +10,16 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/cloudconfig/instancecfg"
+	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/container"
-	"github.com/juju/juju/container/lxc"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/instance"
 	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/status"
 	"github.com/juju/juju/tools"
 )
@@ -31,9 +28,8 @@
 
 func MockMachineConfig(machineId string) (*instancecfg.InstanceConfig, error) {
 
-	stateInfo := jujutesting.FakeStateInfo(machineId)
 	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, "fake-nonce", imagemetadata.ReleasedStream, "quantal", "", true, stateInfo, apiInfo)
+	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, "fake-nonce", imagemetadata.ReleasedStream, "quantal", true, apiInfo)
 	if err != nil {
 		return nil, err
 	}
@@ -53,10 +49,6 @@
 func CreateContainer(c *gc.C, manager container.Manager, machineId string) instance.Instance {
 	instanceConfig, err := MockMachineConfig(machineId)
 	c.Assert(err, jc.ErrorIsNil)
-
-	envConfig, err := config.New(config.NoDefaults, dummy.SampleConfig())
-	c.Assert(err, jc.ErrorIsNil)
-	instanceConfig.Config = envConfig
 	return CreateContainerWithMachineConfig(c, manager, instanceConfig)
 }
 
@@ -79,23 +71,19 @@
 	storageConfig *container.StorageConfig,
 ) instance.Instance {
 
-	if networkConfig != nil && len(networkConfig.Interfaces) > 0 {
-		name := "test-" + names.NewMachineTag(instanceConfig.MachineId).String()
-		EnsureLXCRootFSEtcNetwork(c, name)
-	}
 	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error { return nil }
-	inst, hardware, err := manager.CreateContainer(instanceConfig, "quantal", networkConfig, storageConfig, callback)
+	inst, hardware, err := manager.CreateContainer(instanceConfig, constraints.Value{}, "quantal", networkConfig, storageConfig, callback)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(hardware, gc.NotNil)
 	c.Assert(hardware.String(), gc.Not(gc.Equals), "")
 	return inst
 }
 
-func EnsureLXCRootFSEtcNetwork(c *gc.C, containerName string) {
+func EnsureContainerRootFSEtcNetwork(c *gc.C, containerName string) {
 	// Pre-create the mock rootfs dir for the container and
 	// /etc/network/ inside it, where the interfaces file will be
 	// pre-rendered (unless AUFS is used).
-	etcNetwork := filepath.Join(lxc.LxcContainerDir, containerName, "rootfs", "etc", "network")
+	etcNetwork := filepath.Join(container.ContainerDir, containerName, "rootfs", "etc", "network")
 	logger.Debugf("ensuring root fs /etc/network in %s", etcNetwork)
 	err := os.MkdirAll(etcNetwork, 0755)
 	c.Assert(err, jc.ErrorIsNil)
@@ -119,17 +107,15 @@
 		return nil, errors.Trace(err)
 	}
 
-	envConfig, err := config.New(config.NoDefaults, dummy.SampleConfig())
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	instanceConfig.Config = envConfig
-
 	network := container.BridgeNetworkConfig("nic42", 0, nil)
 	storage := &container.StorageConfig{}
 
+	name, err := manager.Namespace().Hostname(instanceConfig.MachineId)
+	c.Assert(err, jc.ErrorIsNil)
+	EnsureContainerRootFSEtcNetwork(c, name)
+
 	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error { return nil }
-	inst, hardware, err := manager.CreateContainer(instanceConfig, "quantal", network, storage, callback)
+	inst, hardware, err := manager.CreateContainer(instanceConfig, constraints.Value{}, "quantal", network, storage, callback)
 
 	if err != nil {
 		return nil, errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/utils.go juju-core-2.0~beta12/src/github.com/juju/juju/container/utils.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/utils.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/utils.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package container
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/container/utils_test.go juju-core-2.0~beta12/src/github.com/juju/juju/container/utils_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/container/utils_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/container/utils_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package container
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/controller/authentication/authentication.go juju-core-2.0~beta12/src/github.com/juju/juju/controller/authentication/authentication.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/controller/authentication/authentication.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/controller/authentication/authentication.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apiprovisioner "github.com/juju/juju/api/provisioner"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/controller/config.go juju-core-2.0~beta12/src/github.com/juju/juju/controller/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/controller/config.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/controller/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,243 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package controller
+
+import (
+	"fmt"
+	"net/url"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/schema"
+	"github.com/juju/utils"
+	"gopkg.in/macaroon-bakery.v1/bakery"
+
+	"github.com/juju/juju/cert"
+)
+
+var logger = loggo.GetLogger("juju.controller")
+
+const (
+	// ApiPort is the port used for api connections.
+	ApiPort = "api-port"
+
+	// StatePort is the port used for mongo connections.
+	StatePort = "state-port"
+
+	// CACertKey is the key for the controller's CA certificate attribute.
+	CACertKey = "ca-cert"
+
+	// ControllerUUIDKey is the key for the controller UUID attribute.
+	ControllerUUIDKey = "controller-uuid"
+
+	// IdentityURL sets the url of the identity manager.
+	IdentityURL = "identity-url"
+
+	// IdentityPublicKey sets the public key of the identity manager.
+	IdentityPublicKey = "identity-public-key"
+
+	// NumaControlPolicyKey stores the value for this setting
+	SetNumaControlPolicyKey = "set-numa-control-policy"
+
+	// Attribute Defaults
+
+	// DefaultNumaControlPolicy should not be used by default.
+	// Only use numactl if user specifically requests it
+	DefaultNumaControlPolicy = false
+
+	// DefaultStatePort is the default port the controller is listening on.
+	DefaultStatePort int = 37017
+
+	// DefaultApiPort is the default port the API server is listening on.
+	DefaultAPIPort int = 17070
+)
+
+// ControllerOnlyConfigAttributes are attributes which are only relevant
+// for a controller, never a model.
+var ControllerOnlyConfigAttributes = []string{
+	ApiPort,
+	StatePort,
+	CACertKey,
+	ControllerUUIDKey,
+	IdentityURL,
+	IdentityPublicKey,
+	SetNumaControlPolicyKey,
+}
+
+// ControllerOnlyAttribute returns true if the specified attribute name
+// is only relevant for a controller.
+func ControllerOnlyAttribute(attr string) bool {
+	for _, a := range ControllerOnlyConfigAttributes {
+		if attr == a {
+			return true
+		}
+	}
+	return false
+}
+
+type Config map[string]interface{}
+
+// Validate validates the controller configuration.
+func (c Config) Validate() error {
+	return Validate(c)
+}
+
+// NewConfig creates a new Config from the supplied attributes.
+// Default values will be used where defaults are available.
+//
+// The controller UUID and CA certificate must be passed in.
+// The UUID is typically generated by the immediate caller,
+// and the CA certificate generated by environs/bootstrap.NewConfig.
+func NewConfig(controllerUUID, caCert string, attrs map[string]interface{}) (Config, error) {
+	coerced, err := configChecker.Coerce(attrs, nil)
+	if err != nil {
+		return Config{}, errors.Trace(err)
+	}
+	attrs = coerced.(map[string]interface{})
+	attrs[ControllerUUIDKey] = controllerUUID
+	attrs[CACertKey] = caCert
+	config := Config(attrs)
+	return config, config.Validate()
+}
+
+// mustInt returns the named attribute as an integer, panicking if
+// it is not found or is zero. Zero values should have been
+// diagnosed at Validate time.
+func (c Config) mustInt(name string) int {
+	// Values obtained over the api are encoded as float64.
+	if value, ok := c[name].(float64); ok {
+		return int(value)
+	}
+	value, _ := c[name].(int)
+	if value == 0 {
+		panic(fmt.Errorf("empty value for %q found in configuration", name))
+	}
+	return value
+}
+
+// asString is a private helper method to keep the ugly string casting
+// in once place. It returns the given named attribute as a string,
+// returning "" if it isn't found.
+func (c Config) asString(name string) string {
+	value, _ := c[name].(string)
+	return value
+}
+
+// mustString returns the named attribute as an string, panicking if
+// it is not found or is empty.
+func (c Config) mustString(name string) string {
+	value, _ := c[name].(string)
+	if value == "" {
+		panic(fmt.Errorf("empty value for %q found in configuration (type %T, val %v)", name, c[name], c[name]))
+	}
+	return value
+}
+
+// StatePort returns the controller port for the environment.
+func (c Config) StatePort() int {
+	return c.mustInt(StatePort)
+}
+
+// APIPort returns the API server port for the environment.
+func (c Config) APIPort() int {
+	return c.mustInt(ApiPort)
+}
+
+// ControllerUUID returns the uuid for the model's controller.
+func (c Config) ControllerUUID() string {
+	return c.mustString(ControllerUUIDKey)
+}
+
+// CACert returns the certificate of the CA that signed the controller
+// certificate, in PEM format, and whether the setting is available.
+func (c Config) CACert() (string, bool) {
+	if s, ok := c[CACertKey]; ok {
+		return s.(string), true
+	}
+	return "", false
+}
+
+// IdentityURL returns the url of the identity manager.
+func (c Config) IdentityURL() string {
+	return c.asString(IdentityURL)
+}
+
+// IdentityPublicKey returns the public key of the identity manager.
+func (c Config) IdentityPublicKey() *bakery.PublicKey {
+	key := c.asString(IdentityPublicKey)
+	if key == "" {
+		return nil
+	}
+	var pubKey bakery.PublicKey
+	err := pubKey.UnmarshalText([]byte(key))
+	if err != nil {
+		// We check if the key string can be unmarshalled into a PublicKey in the
+		// Validate function, so we really do not expect this to fail.
+		panic(err)
+	}
+	return &pubKey
+}
+
+// NumaCtlPreference returns if numactl is preferred.
+func (c Config) NumaCtlPreference() bool {
+	if numa, ok := c[SetNumaControlPolicyKey]; ok {
+		return numa.(bool)
+	}
+	return DefaultNumaControlPolicy
+}
+
+// Validate ensures that config is a valid configuration.
+func Validate(c Config) error {
+	if v, ok := c[IdentityURL].(string); ok {
+		u, err := url.Parse(v)
+		if err != nil {
+			return fmt.Errorf("invalid identity URL: %v", err)
+		}
+		if u.Scheme != "https" {
+			return fmt.Errorf("URL needs to be https")
+		}
+
+	}
+
+	if v, ok := c[IdentityPublicKey].(string); ok {
+		var key bakery.PublicKey
+		if err := key.UnmarshalText([]byte(v)); err != nil {
+			return fmt.Errorf("invalid identity public key: %v", err)
+		}
+	}
+
+	caCert, caCertOK := c.CACert()
+	if !caCertOK {
+		return errors.Errorf("missing CA certificate")
+	}
+	if _, err := cert.ParseCert(caCert); err != nil {
+		return errors.Annotate(err, "bad CA certificate in configuration")
+	}
+
+	if uuid, ok := c[ControllerUUIDKey].(string); ok && !utils.IsValidUUIDString(uuid) {
+		return errors.Errorf("controller-uuid: expected UUID, got string(%q)", uuid)
+	}
+
+	return nil
+}
+
+// GenerateControllerCertAndKey makes sure that the config has a CACert and
+// CAPrivateKey, generates and returns new certificate and key.
+func GenerateControllerCertAndKey(caCert, caKey string, hostAddresses []string) (string, string, error) {
+	return cert.NewDefaultServer(caCert, caKey, hostAddresses)
+}
+
+var configChecker = schema.FieldMap(schema.Fields{
+	ApiPort:                 schema.ForceInt(),
+	StatePort:               schema.ForceInt(),
+	IdentityURL:             schema.String(),
+	IdentityPublicKey:       schema.String(),
+	SetNumaControlPolicyKey: schema.Bool(),
+}, schema.Defaults{
+	ApiPort:                 DefaultAPIPort,
+	StatePort:               DefaultStatePort,
+	IdentityURL:             schema.Omit,
+	IdentityPublicKey:       schema.Omit,
+	SetNumaControlPolicyKey: DefaultNumaControlPolicy,
+})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/controller/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/controller/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/controller/config_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/controller/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,74 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package controller_test
+
+import (
+	stdtesting "testing"
+	"time"
+
+	"github.com/juju/loggo"
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/cert"
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/testing"
+)
+
+func Test(t *stdtesting.T) {
+	gc.TestingT(t)
+}
+
+type ConfigSuite struct {
+	testing.FakeJujuXDGDataHomeSuite
+	home string
+}
+
+var _ = gc.Suite(&ConfigSuite{})
+
+func (s *ConfigSuite) SetUpTest(c *gc.C) {
+	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
+	// Make sure that the defaults are used, which
+	// is <root>=WARNING
+	loggo.ResetLoggers()
+}
+
+func (s *ConfigSuite) TestGenerateControllerCertAndKey(c *gc.C) {
+	// Add a cert.
+	s.FakeHomeSuite.Home.AddFiles(c, gitjujutesting.TestFile{".ssh/id_rsa.pub", "rsa\n"})
+
+	for _, test := range []struct {
+		caCert    string
+		caKey     string
+		sanValues []string
+	}{{
+		caCert: testing.CACert,
+		caKey:  testing.CAKey,
+	}, {
+		caCert:    testing.CACert,
+		caKey:     testing.CAKey,
+		sanValues: []string{"10.0.0.1", "192.168.1.1"},
+	}} {
+		certPEM, keyPEM, err := controller.GenerateControllerCertAndKey(test.caCert, test.caKey, test.sanValues)
+		c.Assert(err, jc.ErrorIsNil)
+
+		_, _, err = cert.ParseCertAndKey(certPEM, keyPEM)
+		c.Check(err, jc.ErrorIsNil)
+
+		err = cert.Verify(certPEM, testing.CACert, time.Now())
+		c.Assert(err, jc.ErrorIsNil)
+		err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(9, 0, 0))
+		c.Assert(err, jc.ErrorIsNil)
+		err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(10, 0, 1))
+		c.Assert(err, gc.NotNil)
+		srvCert, err := cert.ParseCert(certPEM)
+		c.Assert(err, jc.ErrorIsNil)
+		sanIPs := make([]string, len(srvCert.IPAddresses))
+		for i, ip := range srvCert.IPAddresses {
+			sanIPs[i] = ip.String()
+		}
+		c.Assert(sanIPs, jc.SameContents, test.sanValues)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/controller/modelmanager/createmodel.go juju-core-2.0~beta12/src/github.com/juju/juju/controller/modelmanager/createmodel.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/controller/modelmanager/createmodel.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/controller/modelmanager/createmodel.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,13 +6,12 @@
 package modelmanager
 
 import (
-	"fmt"
-
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
 	"github.com/juju/utils"
 	"github.com/juju/version"
 
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/tools"
@@ -20,14 +19,6 @@
 
 var (
 	logger = loggo.GetLogger("juju.controller.modelmanager")
-
-	configValuesFromController = []string{
-		"type",
-		config.CACertKey,
-		"state-port",
-		"api-port",
-		config.ControllerUUIDKey,
-	}
 )
 
 const (
@@ -62,6 +53,7 @@
 // The config will be validated with the provider before being returned.
 func (c ModelConfigCreator) NewModelConfig(
 	isAdmin bool,
+	controllerUUID string,
 	base *config.Config,
 	attrs map[string]interface{},
 ) (*config.Config, error) {
@@ -98,12 +90,18 @@
 		}
 		attrs[config.UUIDKey] = uuid.String()
 	}
-	cfg, err := finalizeConfig(isAdmin, base, attrs)
+	cfg, err := finalizeConfig(isAdmin, controllerUUID, base, attrs)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 	attrs = cfg.AllAttrs()
 
+	// TODO(wallyworld) - we need to separate controller and model schemas
+	for _, attr := range controller.ControllerOnlyConfigAttributes {
+		if _, ok := attrs[attr]; ok {
+			return nil, errors.Errorf("unexpected controller attribute %q in model config", attr)
+		}
+	}
 	// Any values that would normally be copied from the controller
 	// config can also be defined, but if they differ from the controller
 	// values, an error is returned.
@@ -176,13 +174,19 @@
 
 // RestrictedProviderFields returns the set of config fields that may not be
 // overridden.
+//
+// TODO(axw) restricted config should go away. There should be no provider-
+// specific config, since models should be independent of each other; and
+// anything that should not change across models should be in the controller
+// config.
 func RestrictedProviderFields(providerType string) ([]string, error) {
 	provider, err := environs.Provider(providerType)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 	var fields []string
-	fields = append(fields, configValuesFromController...)
+	// For now, all models in a controller must be of the same type.
+	fields = append(fields, config.TypeKey)
 	fields = append(fields, provider.RestrictedConfigAttributes()...)
 	return fields, nil
 }
@@ -190,23 +194,25 @@
 // finalizeConfig creates the config object from attributes, calls
 // PrepareForCreateEnvironment, and then finally validates the config
 // before returning it.
-func finalizeConfig(isAdmin bool, controllerCfg *config.Config, attrs map[string]interface{}) (*config.Config, error) {
-	provider, err := environs.Provider(controllerCfg.Type())
+func finalizeConfig(isAdmin bool, controllerUUID string, controllerModelCfg *config.Config, attrs map[string]interface{}) (*config.Config, error) {
+	provider, err := environs.Provider(controllerModelCfg.Type())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 
-	// Controller admins creating models do not have to re-supply new secrets.
-	// These may be copied from the controller model if not supplied.
-	if isAdmin {
-		maybeCopyControllerSecrets(provider, controllerCfg.AllAttrs(), attrs)
-	}
 	cfg, err := config.New(config.UseDefaults, attrs)
 	if err != nil {
 		return nil, errors.Annotate(err, "creating config from values failed")
 	}
 
-	cfg, err = provider.PrepareForCreateEnvironment(cfg)
+	// TODO(wallyworld) - we need to separate controller and model schemas
+	// Remove any remaining controller attributes from the env config.
+	cfg, err = cfg.Remove(controller.ControllerOnlyConfigAttributes)
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot remove controller attributes")
+	}
+
+	cfg, err = provider.PrepareForCreateEnvironment(controllerUUID, cfg)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -216,52 +222,3 @@
 	}
 	return cfg, nil
 }
-
-// maybeCopyControllerSecrets asks the specified provider for all possible config
-// attributes representing credential values and copies those across from the
-// controller config into the new model's config attrs if not already present.
-func maybeCopyControllerSecrets(provider environs.ProviderCredentials, controllerAttrs, attrs map[string]interface{}) {
-	requiredControllerAttrNames := []string{"authorized-keys"}
-	var controllerCredentialAttrNames []string
-	for _, schema := range provider.CredentialSchemas() {
-		// possibleCredentialValues holds any values from attrs that belong to
-		// the credential schema.
-		possibleCredentialValues := make(map[string]string)
-		for _, attr := range schema {
-			attrName := attr.Name
-			if v, ok := attrs[attrName]; ok && v != "" {
-				possibleCredentialValues[attrName] = fmt.Sprintf("%v", attrs[attrName])
-			}
-			controllerCredentialAttrNames = append(controllerCredentialAttrNames, attrName)
-		}
-		// readFile is not needed server side.
-		readFile := func(string) ([]byte, error) {
-			return nil, errors.NotImplementedf("read file")
-		}
-		// If the user has passed in valid credentials, we'll use
-		// those and not the ones from the controller.
-		if len(possibleCredentialValues) == 0 {
-			continue
-		}
-		finalValues, err := schema.Finalize(possibleCredentialValues, readFile)
-		if err == nil {
-			for k, v := range finalValues {
-				attrs[k] = v
-			}
-			controllerCredentialAttrNames = nil
-			break
-		}
-	}
-
-	// Ensure any required attributes which are empty are copied from the controller config.
-	for _, attrName := range requiredControllerAttrNames {
-		if _, ok := attrs[attrName]; !ok {
-			attrs[attrName] = controllerAttrs[attrName]
-		}
-	}
-	for _, attrName := range controllerCredentialAttrNames {
-		if _, ok := attrs[attrName]; !ok {
-			attrs[attrName] = controllerAttrs[attrName]
-		}
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/controller/modelmanager/createmodel_test.go juju-core-2.0~beta12/src/github.com/juju/juju/controller/modelmanager/createmodel_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/controller/modelmanager/createmodel_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/controller/modelmanager/createmodel_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,6 +12,7 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/controller/modelmanager"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
@@ -46,16 +47,21 @@
 		}),
 	)
 	c.Assert(err, jc.ErrorIsNil)
+
+	// TODO(wallyworld) - we need to separate controller and model schemas
+	// Remove any remaining controller attributes from the env config.
+	baseConfig, err = baseConfig.Remove(controller.ControllerOnlyConfigAttributes)
+	c.Assert(err, jc.ErrorIsNil)
 	s.baseConfig = baseConfig
 	fake.Reset()
 }
 
 func (s *ModelConfigCreatorSuite) newModelConfig(attrs map[string]interface{}) (*config.Config, error) {
-	return s.creator.NewModelConfig(modelmanager.IsNotAdmin, s.baseConfig, attrs)
+	return s.creator.NewModelConfig(modelmanager.IsNotAdmin, coretesting.ModelTag.Id(), s.baseConfig, attrs)
 }
 
 func (s *ModelConfigCreatorSuite) newModelConfigAdmin(attrs map[string]interface{}) (*config.Config, error) {
-	return s.creator.NewModelConfig(modelmanager.IsAdmin, s.baseConfig, attrs)
+	return s.creator.NewModelConfig(modelmanager.IsAdmin, coretesting.ModelTag.Id(), s.baseConfig, attrs)
 }
 
 func (s *ModelConfigCreatorSuite) TestCreateModelValidatesConfig(c *gc.C) {
@@ -85,61 +91,11 @@
 	c.Assert(validateCall.Args[1], gc.IsNil)
 }
 
-func (s *ModelConfigCreatorSuite) TestCreateModelForAdminUserCopiesSecrets(c *gc.C) {
-	var err error
-	s.baseConfig, err = s.baseConfig.Apply(coretesting.Attrs{
-		"username":        "user",
-		"password":        "password",
-		"authorized-keys": "ssh-key",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	newModelUUID := utils.MustNewUUID().String()
-	newAttrs := coretesting.Attrs{
-		"name":       "new-model",
-		"additional": "value",
-		"uuid":       newModelUUID,
-	}
-	cfg, err := s.newModelConfigAdmin(newAttrs)
-	c.Assert(err, jc.ErrorIsNil)
-	expectedCfg, err := config.New(config.UseDefaults, newAttrs)
-	c.Assert(err, jc.ErrorIsNil)
-	expected := expectedCfg.AllAttrs()
-	c.Assert(expected["username"], gc.Equals, "user")
-	c.Assert(expected["password"], gc.Equals, "password")
-	c.Assert(expected["authorized-keys"], gc.Equals, "ssh-key")
-	c.Assert(cfg.AllAttrs(), jc.DeepEquals, expected)
-
-	fake.Stub.CheckCallNames(c,
-		"RestrictedConfigAttributes",
-		"PrepareForCreateEnvironment",
-		"Validate",
-	)
-	validateCall := fake.Stub.Calls()[2]
-	c.Assert(validateCall.Args, gc.HasLen, 2)
-	c.Assert(validateCall.Args[0], gc.Equals, cfg)
-	c.Assert(validateCall.Args[1], gc.IsNil)
-}
-
-func (s *ModelConfigCreatorSuite) TestCreateModelEnsuresRequiredFields(c *gc.C) {
-	var err error
-	s.baseConfig, err = s.baseConfig.Apply(coretesting.Attrs{
-		"authorized-keys": "ssh-key",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	newAttrs := coretesting.Attrs{
-		"name": "new-model",
-	}
-	_, err = s.newModelConfigAdmin(newAttrs)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(newAttrs["authorized-keys"], gc.Equals, "ssh-key")
-}
-
 func (s *ModelConfigCreatorSuite) TestCreateModelForAdminUserPrefersUserSecrets(c *gc.C) {
 	var err error
 	s.baseConfig, err = s.baseConfig.Apply(coretesting.Attrs{
-		"username":        "user",
-		"password":        "password",
-		"authorized-keys": "ssh-key",
+		"username": "user",
+		"password": "password",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	newModelUUID := utils.MustNewUUID().String()
@@ -154,10 +110,15 @@
 	c.Assert(err, jc.ErrorIsNil)
 	expectedCfg, err := config.New(config.UseDefaults, newAttrs)
 	c.Assert(err, jc.ErrorIsNil)
+
+	// TODO(wallyworld) - we need to separate controller and model schemas
+	// Remove any remaining controller attributes from the env config.
+	expectedCfg, err = expectedCfg.Remove(controller.ControllerOnlyConfigAttributes)
+	c.Assert(err, jc.ErrorIsNil)
+
 	expected := expectedCfg.AllAttrs()
 	c.Assert(expected["username"], gc.Equals, "anotheruser")
 	c.Assert(expected["password"], gc.Equals, "anotherpassword")
-	c.Assert(expected["authorized-keys"], gc.Equals, "ssh-key")
 	c.Assert(cfg.AllAttrs(), jc.DeepEquals, expected)
 
 	fake.Stub.CheckCallNames(c,
@@ -181,10 +142,6 @@
 		value:    "dummy",
 		errMatch: `specified type "dummy" does not match controller "fake"`,
 	}, {
-		key:      "state-port",
-		value:    9876,
-		errMatch: `specified state-port "9876" does not match controller "19034"`,
-	}, {
 		key:      "restricted",
 		value:    51,
 		errMatch: `specified restricted "51" does not match controller "area51"`,
@@ -285,36 +242,36 @@
 	}{{
 		provider: "azure",
 		expected: []string{
-			"type", "ca-cert", "state-port", "api-port", "controller-uuid",
+			"type",
 			"location", "endpoint", "storage-endpoint",
 		},
 	}, {
 		provider: "dummy",
 		expected: []string{
-			"type", "ca-cert", "state-port", "api-port", "controller-uuid",
+			"type",
 		},
 	}, {
 		provider: "joyent",
 		expected: []string{
-			"type", "ca-cert", "state-port", "api-port", "controller-uuid", "sdc-url",
+			"type", "sdc-url",
 		},
 	}, {
 		provider: "maas",
 		expected: []string{
-			"type", "ca-cert", "state-port", "api-port", "controller-uuid",
+			"type",
 			"maas-server",
 		},
 	}, {
 		provider: "openstack",
 		expected: []string{
-			"type", "ca-cert", "state-port", "api-port", "controller-uuid",
+			"type",
 			"region", "auth-url", "auth-mode",
 		},
 	}, {
 		provider: "ec2",
 		expected: []string{
-			"type", "ca-cert", "state-port", "api-port", "controller-uuid",
-			"region", "vpc-id", "vpc-id-force",
+			"type",
+			"region", "vpc-id-force",
 		},
 	}} {
 		c.Logf("%d: %s provider", i, test.provider)
@@ -345,8 +302,8 @@
 	return cfg, p.NextErr()
 }
 
-func (p *fakeProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
-	p.MethodCall(p, "PrepareForCreateEnvironment", cfg)
+func (p *fakeProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
+	p.MethodCall(p, "PrepareForCreateEnvironment", controllerUUID, cfg)
 	return cfg, p.NextErr()
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/application.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/application.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/application.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/application.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,390 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package description
+
+import (
+	"encoding/base64"
+
+	"github.com/juju/utils/set"
+
+	"github.com/juju/errors"
+	"github.com/juju/schema"
+	"gopkg.in/juju/names.v2"
+)
+
+type applications struct {
+	Version       int            `yaml:"version"`
+	Applications_ []*application `yaml:"applications"`
+}
+
+type application struct {
+	Name_                 string `yaml:"name"`
+	Series_               string `yaml:"series"`
+	Subordinate_          bool   `yaml:"subordinate,omitempty"`
+	CharmURL_             string `yaml:"charm-url"`
+	Channel_              string `yaml:"cs-channel"`
+	CharmModifiedVersion_ int    `yaml:"charm-mod-version"`
+
+	// ForceCharm is true if an upgrade charm is forced.
+	// It means upgrade even if the charm is in an error state.
+	ForceCharm_ bool `yaml:"force-charm,omitempty"`
+	Exposed_    bool `yaml:"exposed,omitempty"`
+	MinUnits_   int  `yaml:"min-units,omitempty"`
+
+	Status_        *status `yaml:"status"`
+	StatusHistory_ `yaml:"status-history"`
+
+	Settings_         map[string]interface{} `yaml:"settings"`
+	SettingsRefCount_ int                    `yaml:"settings-refcount"`
+
+	Leader_             string                 `yaml:"leader,omitempty"`
+	LeadershipSettings_ map[string]interface{} `yaml:"leadership-settings"`
+
+	MetricsCredentials_ string `yaml:"metrics-creds,omitempty"`
+
+	// unit count will be assumed by the number of units associated.
+	Units_ units `yaml:"units"`
+
+	Annotations_ `yaml:"annotations,omitempty"`
+
+	Constraints_ *constraints `yaml:"constraints,omitempty"`
+
+	// Storage Constraints
+}
+
+// ApplicationArgs is an argument struct used to add an application to the Model.
+type ApplicationArgs struct {
+	Tag                  names.ApplicationTag
+	Series               string
+	Subordinate          bool
+	CharmURL             string
+	Channel              string
+	CharmModifiedVersion int
+	ForceCharm           bool
+	Exposed              bool
+	MinUnits             int
+	Settings             map[string]interface{}
+	SettingsRefCount     int
+	Leader               string
+	LeadershipSettings   map[string]interface{}
+	MetricsCredentials   []byte
+}
+
+func newApplication(args ApplicationArgs) *application {
+	creds := base64.StdEncoding.EncodeToString(args.MetricsCredentials)
+	svc := &application{
+		Name_:                 args.Tag.Id(),
+		Series_:               args.Series,
+		Subordinate_:          args.Subordinate,
+		CharmURL_:             args.CharmURL,
+		Channel_:              args.Channel,
+		CharmModifiedVersion_: args.CharmModifiedVersion,
+		ForceCharm_:           args.ForceCharm,
+		Exposed_:              args.Exposed,
+		MinUnits_:             args.MinUnits,
+		Settings_:             args.Settings,
+		SettingsRefCount_:     args.SettingsRefCount,
+		Leader_:               args.Leader,
+		LeadershipSettings_:   args.LeadershipSettings,
+		MetricsCredentials_:   creds,
+		StatusHistory_:        newStatusHistory(),
+	}
+	svc.setUnits(nil)
+	return svc
+}
+
+// Tag implements Application.
+func (s *application) Tag() names.ApplicationTag {
+	return names.NewApplicationTag(s.Name_)
+}
+
+// Name implements Application.
+func (s *application) Name() string {
+	return s.Name_
+}
+
+// Series implements Application.
+func (s *application) Series() string {
+	return s.Series_
+}
+
+// Subordinate implements Application.
+func (s *application) Subordinate() bool {
+	return s.Subordinate_
+}
+
+// CharmURL implements Application.
+func (s *application) CharmURL() string {
+	return s.CharmURL_
+}
+
+// Channel implements Application.
+func (s *application) Channel() string {
+	return s.Channel_
+}
+
+// CharmModifiedVersion implements Application.
+func (s *application) CharmModifiedVersion() int {
+	return s.CharmModifiedVersion_
+}
+
+// ForceCharm implements Application.
+func (s *application) ForceCharm() bool {
+	return s.ForceCharm_
+}
+
+// Exposed implements Application.
+func (s *application) Exposed() bool {
+	return s.Exposed_
+}
+
+// MinUnits implements Application.
+func (s *application) MinUnits() int {
+	return s.MinUnits_
+}
+
+// Settings implements Application.
+func (s *application) Settings() map[string]interface{} {
+	return s.Settings_
+}
+
+// SettingsRefCount implements Application.
+func (s *application) SettingsRefCount() int {
+	return s.SettingsRefCount_
+}
+
+// Leader implements Application.
+func (s *application) Leader() string {
+	return s.Leader_
+}
+
+// LeadershipSettings implements Application.
+func (s *application) LeadershipSettings() map[string]interface{} {
+	return s.LeadershipSettings_
+}
+
+// MetricsCredentials implements Application.
+func (s *application) MetricsCredentials() []byte {
+	// Here we are explicitly throwing away any decode error. We check that
+	// the creds can be decoded when we parse the incoming data, or we encode
+	// an incoming byte array, so in both cases, we know that the stored creds
+	// can be decoded.
+	creds, _ := base64.StdEncoding.DecodeString(s.MetricsCredentials_)
+	return creds
+}
+
+// Status implements Application.
+func (s *application) Status() Status {
+	// To avoid typed nils check nil here.
+	if s.Status_ == nil {
+		return nil
+	}
+	return s.Status_
+}
+
+// SetStatus implements Application.
+func (s *application) SetStatus(args StatusArgs) {
+	s.Status_ = newStatus(args)
+}
+
+// Units implements Application.
+func (s *application) Units() []Unit {
+	result := make([]Unit, len(s.Units_.Units_))
+	for i, u := range s.Units_.Units_ {
+		result[i] = u
+	}
+	return result
+}
+
+func (s *application) unitNames() set.Strings {
+	result := set.NewStrings()
+	for _, u := range s.Units_.Units_ {
+		result.Add(u.Name())
+	}
+	return result
+}
+
+// AddUnit implements Application.
+func (s *application) AddUnit(args UnitArgs) Unit {
+	u := newUnit(args)
+	s.Units_.Units_ = append(s.Units_.Units_, u)
+	return u
+}
+
+func (s *application) setUnits(unitList []*unit) {
+	s.Units_ = units{
+		Version: 1,
+		Units_:  unitList,
+	}
+}
+
+// Constraints implements HasConstraints.
+func (s *application) Constraints() Constraints {
+	if s.Constraints_ == nil {
+		return nil
+	}
+	return s.Constraints_
+}
+
+// SetConstraints implements HasConstraints.
+func (s *application) SetConstraints(args ConstraintsArgs) {
+	s.Constraints_ = newConstraints(args)
+}
+
+// Validate implements Application.
+func (s *application) Validate() error {
+	if s.Name_ == "" {
+		return errors.NotValidf("application missing name")
+	}
+	if s.Status_ == nil {
+		return errors.NotValidf("application %q missing status", s.Name_)
+	}
+	// If leader is set, it must match one of the units.
+	var leaderFound bool
+	// All of the applications units should also be valid.
+	for _, u := range s.Units() {
+		if err := u.Validate(); err != nil {
+			return errors.Trace(err)
+		}
+		// We know that the unit has a name, because it validated correctly.
+		if u.Name() == s.Leader_ {
+			leaderFound = true
+		}
+	}
+	if s.Leader_ != "" && !leaderFound {
+		return errors.NotValidf("missing unit for leader %q", s.Leader_)
+	}
+	return nil
+}
+
+func importApplications(source map[string]interface{}) ([]*application, error) {
+	checker := versionedChecker("applications")
+	coerced, err := checker.Coerce(source, nil)
+	if err != nil {
+		return nil, errors.Annotatef(err, "applications version schema check failed")
+	}
+	valid := coerced.(map[string]interface{})
+
+	version := int(valid["version"].(int64))
+	importFunc, ok := applicationDeserializationFuncs[version]
+	if !ok {
+		return nil, errors.NotValidf("version %d", version)
+	}
+	sourceList := valid["applications"].([]interface{})
+	return importApplicationList(sourceList, importFunc)
+}
+
+func importApplicationList(sourceList []interface{}, importFunc applicationDeserializationFunc) ([]*application, error) {
+	result := make([]*application, 0, len(sourceList))
+	for i, value := range sourceList {
+		source, ok := value.(map[string]interface{})
+		if !ok {
+			return nil, errors.Errorf("unexpected value for application %d, %T", i, value)
+		}
+		application, err := importFunc(source)
+		if err != nil {
+			return nil, errors.Annotatef(err, "application %d", i)
+		}
+		result = append(result, application)
+	}
+	return result, nil
+}
+
+type applicationDeserializationFunc func(map[string]interface{}) (*application, error)
+
+var applicationDeserializationFuncs = map[int]applicationDeserializationFunc{
+	1: importApplicationV1,
+}
+
+func importApplicationV1(source map[string]interface{}) (*application, error) {
+	fields := schema.Fields{
+		"name":                schema.String(),
+		"series":              schema.String(),
+		"subordinate":         schema.Bool(),
+		"charm-url":           schema.String(),
+		"cs-channel":          schema.String(),
+		"charm-mod-version":   schema.Int(),
+		"force-charm":         schema.Bool(),
+		"exposed":             schema.Bool(),
+		"min-units":           schema.Int(),
+		"status":              schema.StringMap(schema.Any()),
+		"settings":            schema.StringMap(schema.Any()),
+		"settings-refcount":   schema.Int(),
+		"leader":              schema.String(),
+		"leadership-settings": schema.StringMap(schema.Any()),
+		"metrics-creds":       schema.String(),
+		"units":               schema.StringMap(schema.Any()),
+	}
+
+	defaults := schema.Defaults{
+		"subordinate":   false,
+		"force-charm":   false,
+		"exposed":       false,
+		"min-units":     int64(0),
+		"leader":        "",
+		"metrics-creds": "",
+	}
+	addAnnotationSchema(fields, defaults)
+	addConstraintsSchema(fields, defaults)
+	addStatusHistorySchema(fields)
+	checker := schema.FieldMap(fields, defaults)
+
+	coerced, err := checker.Coerce(source, nil)
+	if err != nil {
+		return nil, errors.Annotatef(err, "application v1 schema check failed")
+	}
+	valid := coerced.(map[string]interface{})
+	// From here we know that the map returned from the schema coercion
+	// contains fields of the right type.
+	result := &application{
+		Name_:                 valid["name"].(string),
+		Series_:               valid["series"].(string),
+		Subordinate_:          valid["subordinate"].(bool),
+		CharmURL_:             valid["charm-url"].(string),
+		Channel_:              valid["cs-channel"].(string),
+		CharmModifiedVersion_: int(valid["charm-mod-version"].(int64)),
+		ForceCharm_:           valid["force-charm"].(bool),
+		Exposed_:              valid["exposed"].(bool),
+		MinUnits_:             int(valid["min-units"].(int64)),
+		Settings_:             valid["settings"].(map[string]interface{}),
+		SettingsRefCount_:     int(valid["settings-refcount"].(int64)),
+		Leader_:               valid["leader"].(string),
+		LeadershipSettings_:   valid["leadership-settings"].(map[string]interface{}),
+		StatusHistory_:        newStatusHistory(),
+	}
+	result.importAnnotations(valid)
+	if err := result.importStatusHistory(valid); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	if constraintsMap, ok := valid["constraints"]; ok {
+		constraints, err := importConstraints(constraintsMap.(map[string]interface{}))
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		result.Constraints_ = constraints
+	}
+
+	encodedCreds := valid["metrics-creds"].(string)
+	// The model stores the creds encoded, but we want to make sure that
+	// we are storing something that can be decoded.
+	if _, err := base64.StdEncoding.DecodeString(encodedCreds); err != nil {
+		return nil, errors.Annotate(err, "metrics credentials not valid")
+	}
+	result.MetricsCredentials_ = encodedCreds
+
+	status, err := importStatus(valid["status"].(map[string]interface{}))
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	result.Status_ = status
+
+	units, err := importUnits(valid["units"].(map[string]interface{}))
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	result.setUnits(units)
+
+	return result, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/application_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/application_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/application_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/application_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,216 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package description
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/yaml.v2"
+)
+
+type ApplicationSerializationSuite struct {
+	SliceSerializationSuite
+	StatusHistoryMixinSuite
+}
+
+var _ = gc.Suite(&ApplicationSerializationSuite{})
+
+func (s *ApplicationSerializationSuite) SetUpTest(c *gc.C) {
+	s.SliceSerializationSuite.SetUpTest(c)
+	s.importName = "applications"
+	s.sliceName = "applications"
+	s.importFunc = func(m map[string]interface{}) (interface{}, error) {
+		return importApplications(m)
+	}
+	s.testFields = func(m map[string]interface{}) {
+		m["applications"] = []interface{}{}
+	}
+	s.StatusHistoryMixinSuite.creator = func() HasStatusHistory {
+		return minimalApplication()
+	}
+	s.StatusHistoryMixinSuite.serializer = func(c *gc.C, initial interface{}) HasStatusHistory {
+		return s.exportImport(c, initial.(*application))
+	}
+}
+
+func minimalApplicationMap() map[interface{}]interface{} {
+	return map[interface{}]interface{}{
+		"name":              "ubuntu",
+		"series":            "trusty",
+		"charm-url":         "cs:trusty/ubuntu",
+		"cs-channel":        "stable",
+		"charm-mod-version": 1,
+		"status":            minimalStatusMap(),
+		"status-history":    emptyStatusHistoryMap(),
+		"settings": map[interface{}]interface{}{
+			"key": "value",
+		},
+		"settings-refcount": 1,
+		"leader":            "ubuntu/0",
+		"leadership-settings": map[interface{}]interface{}{
+			"leader": true,
+		},
+		"metrics-creds": "c2Vrcml0", // base64 encoded
+		"units": map[interface{}]interface{}{
+			"version": 1,
+			"units": []interface{}{
+				minimalUnitMap(),
+			},
+		},
+	}
+}
+
+func minimalApplication() *application {
+	s := newApplication(minimalApplicationArgs())
+	s.SetStatus(minimalStatusArgs())
+	u := s.AddUnit(minimalUnitArgs())
+	u.SetAgentStatus(minimalStatusArgs())
+	u.SetWorkloadStatus(minimalStatusArgs())
+	u.SetTools(minimalAgentToolsArgs())
+	return s
+}
+
+func addMinimalApplication(model Model) {
+	s := model.AddApplication(minimalApplicationArgs())
+	s.SetStatus(minimalStatusArgs())
+	u := s.AddUnit(minimalUnitArgs())
+	u.SetAgentStatus(minimalStatusArgs())
+	u.SetWorkloadStatus(minimalStatusArgs())
+	u.SetTools(minimalAgentToolsArgs())
+}
+
+func minimalApplicationArgs() ApplicationArgs {
+	return ApplicationArgs{
+		Tag:                  names.NewApplicationTag("ubuntu"),
+		Series:               "trusty",
+		CharmURL:             "cs:trusty/ubuntu",
+		Channel:              "stable",
+		CharmModifiedVersion: 1,
+		Settings: map[string]interface{}{
+			"key": "value",
+		},
+		SettingsRefCount: 1,
+		Leader:           "ubuntu/0",
+		LeadershipSettings: map[string]interface{}{
+			"leader": true,
+		},
+		MetricsCredentials: []byte("sekrit"),
+	}
+}
+
+func (s *ApplicationSerializationSuite) TestNewApplication(c *gc.C) {
+	args := ApplicationArgs{
+		Tag:                  names.NewApplicationTag("magic"),
+		Series:               "zesty",
+		Subordinate:          true,
+		CharmURL:             "cs:zesty/magic",
+		Channel:              "stable",
+		CharmModifiedVersion: 1,
+		ForceCharm:           true,
+		Exposed:              true,
+		MinUnits:             42, // no judgement is made by the migration code
+		Settings: map[string]interface{}{
+			"key": "value",
+		},
+		SettingsRefCount: 1,
+		Leader:           "magic/1",
+		LeadershipSettings: map[string]interface{}{
+			"leader": true,
+		},
+		MetricsCredentials: []byte("sekrit"),
+	}
+	application := newApplication(args)
+
+	c.Assert(application.Name(), gc.Equals, "magic")
+	c.Assert(application.Tag(), gc.Equals, names.NewApplicationTag("magic"))
+	c.Assert(application.Series(), gc.Equals, "zesty")
+	c.Assert(application.Subordinate(), jc.IsTrue)
+	c.Assert(application.CharmURL(), gc.Equals, "cs:zesty/magic")
+	c.Assert(application.Channel(), gc.Equals, "stable")
+	c.Assert(application.CharmModifiedVersion(), gc.Equals, 1)
+	c.Assert(application.ForceCharm(), jc.IsTrue)
+	c.Assert(application.Exposed(), jc.IsTrue)
+	c.Assert(application.MinUnits(), gc.Equals, 42)
+	c.Assert(application.Settings(), jc.DeepEquals, args.Settings)
+	c.Assert(application.SettingsRefCount(), gc.Equals, 1)
+	c.Assert(application.Leader(), gc.Equals, "magic/1")
+	c.Assert(application.LeadershipSettings(), jc.DeepEquals, args.LeadershipSettings)
+	c.Assert(application.MetricsCredentials(), jc.DeepEquals, []byte("sekrit"))
+}
+
+func (s *ApplicationSerializationSuite) TestMinimalApplicationValid(c *gc.C) {
+	application := minimalApplication()
+	c.Assert(application.Validate(), jc.ErrorIsNil)
+}
+
+func (s *ApplicationSerializationSuite) TestMinimalMatches(c *gc.C) {
+	bytes, err := yaml.Marshal(minimalApplication())
+	c.Assert(err, jc.ErrorIsNil)
+
+	var source map[interface{}]interface{}
+	err = yaml.Unmarshal(bytes, &source)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(source, jc.DeepEquals, minimalApplicationMap())
+}
+
+func (s *ApplicationSerializationSuite) exportImport(c *gc.C, application_ *application) *application {
+	initial := applications{
+		Version:       1,
+		Applications_: []*application{application_},
+	}
+
+	bytes, err := yaml.Marshal(initial)
+	c.Assert(err, jc.ErrorIsNil)
+
+	var source map[string]interface{}
+	err = yaml.Unmarshal(bytes, &source)
+	c.Assert(err, jc.ErrorIsNil)
+
+	applications, err := importApplications(source)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(applications, gc.HasLen, 1)
+	return applications[0]
+}
+
+func (s *ApplicationSerializationSuite) TestParsingSerializedData(c *gc.C) {
+	svc := minimalApplication()
+	application := s.exportImport(c, svc)
+	c.Assert(application, jc.DeepEquals, svc)
+}
+
+func (s *ApplicationSerializationSuite) TestAnnotations(c *gc.C) {
+	initial := minimalApplication()
+	annotations := map[string]string{
+		"string":  "value",
+		"another": "one",
+	}
+	initial.SetAnnotations(annotations)
+
+	application := s.exportImport(c, initial)
+	c.Assert(application.Annotations(), jc.DeepEquals, annotations)
+}
+
+func (s *ApplicationSerializationSuite) TestConstraints(c *gc.C) {
+	initial := minimalApplication()
+	args := ConstraintsArgs{
+		Architecture: "amd64",
+		Memory:       8 * gig,
+		RootDisk:     40 * gig,
+	}
+	initial.SetConstraints(args)
+
+	application := s.exportImport(c, initial)
+	c.Assert(application.Constraints(), jc.DeepEquals, newConstraints(args))
+}
+
+func (s *ApplicationSerializationSuite) TestLeaderValid(c *gc.C) {
+	args := minimalApplicationArgs()
+	args.Leader = "ubuntu/1"
+	application := newApplication(args)
+	application.SetStatus(minimalStatusArgs())
+
+	err := application.Validate()
+	c.Assert(err, gc.ErrorMatches, `missing unit for leader "ubuntu/1" not valid`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/doc.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/doc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,12 +11,12 @@
 // The following prechecks are to be made before attempting migration:
 //
 // - no agents in an error state
-// - nothing dying or dead; machine, service, unit, relation, storage, network etc
+// - nothing dying or dead; machine, application, unit, relation, storage, network etc
 // - no entries in the assignUnitC collection
 //   - these are units pending assignment
 // - no units agent status in an error state
 //   - workload error status is probably fine
-// - all units using the same charm and series as the service
+// - all units using the same charm and series as the application
 //   - no units with pending charm updates
 // - all units have ResolvedNone for resolved status
 //   - no pending hook execution
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/interfaces.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/interfaces.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/interfaces.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/interfaces.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 )
 
 // HasAnnotations defines the common methods for setting and
@@ -36,6 +36,9 @@
 	HasAnnotations
 	HasConstraints
 
+	Cloud() string
+	CloudRegion() string
+	CloudCredential() string
 	Tag() names.ModelTag
 	Owner() names.UserTag
 	Config() map[string]interface{}
@@ -54,8 +57,8 @@
 	Machines() []Machine
 	AddMachine(MachineArgs) Machine
 
-	Services() []Service
-	AddService(ServiceArgs) Service
+	Applications() []Application
+	AddApplication(ApplicationArgs) Application
 
 	Relations() []Relation
 	AddRelation(RelationArgs) Relation
@@ -74,7 +77,9 @@
 	CreatedBy() names.UserTag
 	DateCreated() time.Time
 	LastConnection() time.Time
-	ReadOnly() bool
+	IsReadOnly() bool
+	IsReadWrite() bool
+	IsAdmin() bool
 }
 
 // Address represents an IP Address of some form.
@@ -193,7 +198,7 @@
 	Tags() []string
 }
 
-// Status represents an agent, service, or workload status.
+// Status represents an agent, application, or workload status.
 type Status interface {
 	Value() string
 	Message() string
@@ -201,13 +206,13 @@
 	Updated() time.Time
 }
 
-// Service represents a deployed charm in a model.
-type Service interface {
+// Application represents a deployed charm in a model.
+type Application interface {
 	HasAnnotations
 	HasConstraints
 	HasStatusHistory
 
-	Tag() names.ServiceTag
+	Tag() names.ApplicationTag
 	Name() string
 	Series() string
 	Subordinate() bool
@@ -235,7 +240,7 @@
 	Validate() error
 }
 
-// Unit represents an instance of a service in a model.
+// Unit represents an instance of an application in a model.
 type Unit interface {
 	HasAnnotations
 	HasConstraints
@@ -263,6 +268,11 @@
 	WorkloadStatusHistory() []Status
 	SetWorkloadStatusHistory([]StatusArgs)
 
+	WorkloadVersion() string
+
+	WorkloadVersionHistory() []Status
+	SetWorkloadVersionHistory([]StatusArgs)
+
 	AgentStatus() Status
 	SetAgentStatus(StatusArgs)
 
@@ -272,8 +282,8 @@
 	Validate() error
 }
 
-// Relation represents a relationship between two services,
-// or a peer relation between different instances of a service.
+// Relation represents a relationship between two applications,
+// or a peer relation between different instances of an application.
 type Relation interface {
 	Id() int
 	Key() string
@@ -283,12 +293,12 @@
 }
 
 // Endpoint represents one end of a relation. A named endpoint provided
-// by the charm that is deployed for the service.
+// by the charm that is deployed for the application.
 type Endpoint interface {
-	ServiceName() string
+	ApplicationName() string
 	Name() string
 	// Role, Interface, Optional, Limit, and Scope should all be available
-	// through the Charm associated with the Service. There is no real need
+	// through the Charm associated with the Application. There is no real need
 	// for this information to be denormalised like this. However, for now,
 	// since the import may well take place before the charms have been loaded
 	// into the model, we'll send this information over.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/schema"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 )
 
 type machines struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package description
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/yaml.v2"
 )
 
@@ -158,13 +158,13 @@
 		"machines": []interface{}{
 			minimalMachineMap("0"),
 			minimalMachineMap("1",
-				minimalMachineMap("1/lxc/0"),
-				minimalMachineMap("1/lxc/1"),
+				minimalMachineMap("1/lxd/0"),
+				minimalMachineMap("1/lxd/1"),
 			),
 			minimalMachineMap("2",
 				minimalMachineMap("2/kvm/0",
-					minimalMachineMap("2/kvm/0/lxc/0"),
-					minimalMachineMap("2/kvm/0/lxc/1"),
+					minimalMachineMap("2/kvm/0/lxd/0"),
+					minimalMachineMap("2/kvm/0/lxd/1"),
 				),
 			),
 		}})
@@ -172,13 +172,13 @@
 	expected := []*machine{
 		minimalMachine("0"),
 		minimalMachine("1",
-			minimalMachine("1/lxc/0"),
-			minimalMachine("1/lxc/1"),
+			minimalMachine("1/lxd/0"),
+			minimalMachine("1/lxd/1"),
 		),
 		minimalMachine("2",
 			minimalMachine("2/kvm/0",
-				minimalMachine("2/kvm/0/lxc/0"),
-				minimalMachine("2/kvm/0/lxc/1"),
+				minimalMachine("2/kvm/0/lxd/0"),
+				minimalMachine("2/kvm/0/lxd/1"),
 			),
 		),
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/model.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/model.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/model.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/model.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,16 +7,13 @@
 	"sort"
 
 	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/schema"
 	"github.com/juju/utils/set"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/yaml.v2"
 )
 
-var logger = loggo.GetLogger("juju.state.migration")
-
 // ModelArgs represent the bare minimum information that is needed
 // to represent a model.
 type ModelArgs struct {
@@ -24,6 +21,9 @@
 	Config             map[string]interface{}
 	LatestToolsVersion version.Number
 	Blocks             map[string]string
+	Cloud              string
+	CloudRegion        string
+	CloudCredential    string
 }
 
 // NewModel returns a Model based on the args specified.
@@ -35,10 +35,13 @@
 		LatestToolsVersion_: args.LatestToolsVersion,
 		Sequences_:          make(map[string]int),
 		Blocks_:             args.Blocks,
+		Cloud_:              args.Cloud,
+		CloudRegion_:        args.CloudRegion,
+		CloudCredential_:    args.CloudCredential,
 	}
 	m.setUsers(nil)
 	m.setMachines(nil)
-	m.setServices(nil)
+	m.setApplications(nil)
 	m.setRelations(nil)
 	return m
 }
@@ -75,10 +78,10 @@
 
 	LatestToolsVersion_ version.Number `yaml:"latest-tools,omitempty"`
 
-	Users_     users     `yaml:"users"`
-	Machines_  machines  `yaml:"machines"`
-	Services_  services  `yaml:"services"`
-	Relations_ relations `yaml:"relations"`
+	Users_        users        `yaml:"users"`
+	Machines_     machines     `yaml:"machines"`
+	Applications_ applications `yaml:"applications"`
+	Relations_    relations    `yaml:"relations"`
 
 	Sequences_ map[string]int `yaml:"sequences"`
 
@@ -86,6 +89,10 @@
 
 	Constraints_ *constraints `yaml:"constraints,omitempty"`
 
+	Cloud_           string `yaml:"cloud"`
+	CloudRegion_     string `yaml:"cloud-region,omitempty"`
+	CloudCredential_ string `yaml:"cloud-credential,omitempty"`
+
 	// TODO:
 	// Spaces
 	// Storage
@@ -182,35 +189,35 @@
 	}
 }
 
-// Services implements Model.
-func (m *model) Services() []Service {
-	var result []Service
-	for _, service := range m.Services_.Services_ {
-		result = append(result, service)
+// Applications implements Model.
+func (m *model) Applications() []Application {
+	var result []Application
+	for _, application := range m.Applications_.Applications_ {
+		result = append(result, application)
 	}
 	return result
 }
 
-func (m *model) service(name string) *service {
-	for _, service := range m.Services_.Services_ {
-		if service.Name() == name {
-			return service
+func (m *model) application(name string) *application {
+	for _, application := range m.Applications_.Applications_ {
+		if application.Name() == name {
+			return application
 		}
 	}
 	return nil
 }
 
-// AddService implements Model.
-func (m *model) AddService(args ServiceArgs) Service {
-	service := newService(args)
-	m.Services_.Services_ = append(m.Services_.Services_, service)
-	return service
+// AddApplication implements Model.
+func (m *model) AddApplication(args ApplicationArgs) Application {
+	application := newApplication(args)
+	m.Applications_.Applications_ = append(m.Applications_.Applications_, application)
+	return application
 }
 
-func (m *model) setServices(serviceList []*service) {
-	m.Services_ = services{
-		Version:   1,
-		Services_: serviceList,
+func (m *model) setApplications(applicationList []*application) {
+	m.Applications_ = applications{
+		Version:       1,
+		Applications_: applicationList,
 	}
 }
 
@@ -260,6 +267,21 @@
 	m.Constraints_ = newConstraints(args)
 }
 
+// Cloud implements Model.
+func (m *model) Cloud() string {
+	return m.Cloud_
+}
+
+// CloudRegion implements Model.
+func (m *model) CloudRegion() string {
+	return m.CloudRegion_
+}
+
+// CloudCredential implements Model.
+func (m *model) CloudCredential() string {
+	return m.CloudCredential_
+}
+
 // Validate implements Model.
 func (m *model) Validate() error {
 	// A model needs an owner.
@@ -279,14 +301,14 @@
 		}
 	}
 	allUnits := set.NewStrings()
-	for _, service := range m.Services_.Services_ {
-		if err := service.Validate(); err != nil {
+	for _, application := range m.Applications_.Applications_ {
+		if err := application.Validate(); err != nil {
 			return errors.Trace(err)
 		}
-		allUnits = allUnits.Union(service.unitNames())
+		allUnits = allUnits.Union(application.unitNames())
 	}
 	// Make sure that all the unit names specified in machine opened ports
-	// exist as units of services.
+	// exist as units of applications.
 	unknownUnitsWithPorts := unitsWithOpenPorts.Difference(allUnits)
 	if len(unknownUnitsWithPorts) > 0 {
 		return errors.Errorf("unknown unit names in open ports: %s", unknownUnitsWithPorts.SortedValues())
@@ -296,22 +318,22 @@
 }
 
 // validateRelations makes sure that for each endpoint in each relation there
-// are settings for all units of that service for that endpoint.
+// are settings for all units of that application for that endpoint.
 func (m *model) validateRelations() error {
 	for _, relation := range m.Relations_.Relations_ {
 		for _, ep := range relation.Endpoints_.Endpoints_ {
-			// Check service exists.
-			service := m.service(ep.ServiceName())
-			if service == nil {
-				return errors.Errorf("unknown service %q for relation id %d", ep.ServiceName(), relation.Id())
+			// Check application exists.
+			application := m.application(ep.ApplicationName())
+			if application == nil {
+				return errors.Errorf("unknown application %q for relation id %d", ep.ApplicationName(), relation.Id())
 			}
 			// Check that all units have settings.
-			serviceUnits := service.unitNames()
+			applicationUnits := application.unitNames()
 			epUnits := ep.unitNames()
-			if missingSettings := serviceUnits.Difference(epUnits); len(missingSettings) > 0 {
+			if missingSettings := applicationUnits.Difference(epUnits); len(missingSettings) > 0 {
 				return errors.Errorf("missing relation settings for units %s in relation %d", missingSettings.SortedValues(), relation.Id())
 			}
-			if extraSettings := epUnits.Difference(serviceUnits); len(extraSettings) > 0 {
+			if extraSettings := epUnits.Difference(applicationUnits); len(extraSettings) > 0 {
 				return errors.Errorf("settings for unknown units %s in relation %d", extraSettings.SortedValues(), relation.Id())
 			}
 		}
@@ -346,12 +368,14 @@
 func importModelV1(source map[string]interface{}) (*model, error) {
 	fields := schema.Fields{
 		"owner":        schema.String(),
+		"cloud":        schema.String(),
+		"cloud-region": schema.String(),
 		"config":       schema.StringMap(schema.Any()),
 		"latest-tools": schema.String(),
 		"blocks":       schema.StringMap(schema.String()),
 		"users":        schema.StringMap(schema.Any()),
 		"machines":     schema.StringMap(schema.Any()),
-		"services":     schema.StringMap(schema.Any()),
+		"applications": schema.StringMap(schema.Any()),
 		"relations":    schema.StringMap(schema.Any()),
 		"sequences":    schema.StringMap(schema.Int()),
 	}
@@ -359,6 +383,7 @@
 	defaults := schema.Defaults{
 		"latest-tools": schema.Omit,
 		"blocks":       schema.Omit,
+		"cloud-region": schema.Omit,
 	}
 	addAnnotationSchema(fields, defaults)
 	addConstraintsSchema(fields, defaults)
@@ -378,6 +403,7 @@
 		Config_:    valid["config"].(map[string]interface{}),
 		Sequences_: make(map[string]int),
 		Blocks_:    convertToStringMap(valid["blocks"]),
+		Cloud_:     valid["cloud"].(string),
 	}
 	result.importAnnotations(valid)
 	sequences := valid["sequences"].(map[string]interface{})
@@ -401,6 +427,14 @@
 		result.LatestToolsVersion_ = num
 	}
 
+	if region, ok := valid["cloud-region"]; ok {
+		result.CloudRegion_ = region.(string)
+	}
+
+	if credential, ok := valid["cloud-credential"]; ok {
+		result.CloudCredential_ = credential.(string)
+	}
+
 	userMap := valid["users"].(map[string]interface{})
 	users, err := importUsers(userMap)
 	if err != nil {
@@ -415,12 +449,12 @@
 	}
 	result.setMachines(machines)
 
-	serviceMap := valid["services"].(map[string]interface{})
-	services, err := importServices(serviceMap)
+	applicationMap := valid["applications"].(map[string]interface{})
+	applications, err := importApplications(applicationMap)
 	if err != nil {
-		return nil, errors.Annotate(err, "services")
+		return nil, errors.Annotate(err, "applications")
 	}
-	result.setServices(services)
+	result.setApplications(applications)
 
 	relationMap := valid["relations"].(map[string]interface{})
 	relations, err := importRelations(relationMap)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/model_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/model_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/model_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/model_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/testing"
@@ -48,10 +48,13 @@
 }
 
 func (*ModelSerializationSuite) TestUpdateConfig(c *gc.C) {
-	model := NewModel(ModelArgs{Config: map[string]interface{}{
-		"name": "awesome",
-		"uuid": "some-uuid",
-	}})
+	model := NewModel(ModelArgs{
+		Config: map[string]interface{}{
+			"name": "awesome",
+			"uuid": "some-uuid",
+		},
+		CloudRegion: "some-region",
+	})
 	model.UpdateConfig(map[string]interface{}{
 		"name": "something else",
 		"key":  "value",
@@ -91,7 +94,7 @@
 		DateCreated: time.Date(2015, 10, 9, 12, 34, 56, 0, time.UTC),
 	})
 	addMinimalMachine(initial, "0")
-	addMinimalService(initial)
+	addMinimalApplication(initial)
 	model := s.exportImport(c, initial)
 
 	c.Assert(model.Owner(), gc.Equals, args.Owner)
@@ -105,9 +108,9 @@
 	machines := model.Machines()
 	c.Assert(machines, gc.HasLen, 1)
 	c.Assert(machines[0].Id(), gc.Equals, "0")
-	services := model.Services()
-	c.Assert(services, gc.HasLen, 1)
-	c.Assert(services[0].Name(), gc.Equals, "ubuntu")
+	applications := model.Applications()
+	c.Assert(applications, gc.HasLen, 1)
+	c.Assert(applications[0].Name(), gc.Equals, "ubuntu")
 }
 
 func (s *ModelSerializationSuite) TestParsingOptionals(c *gc.C) {
@@ -142,8 +145,8 @@
 func (s *ModelSerializationSuite) TestSequences(c *gc.C) {
 	initial := NewModel(ModelArgs{Owner: names.NewUserTag("owner")})
 	initial.SetSequence("machine", 4)
-	initial.SetSequence("service-foo", 3)
-	initial.SetSequence("service-bar", 1)
+	initial.SetSequence("application-foo", 3)
+	initial.SetSequence("application-bar", 1)
 	bytes, err := yaml.Marshal(initial)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -151,9 +154,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(model.Sequences(), jc.DeepEquals, map[string]int{
-		"machine":     4,
-		"service-foo": 3,
-		"service-bar": 1,
+		"machine":         4,
+		"application-foo": 3,
+		"application-bar": 1,
 	})
 }
 
@@ -181,7 +184,7 @@
 }
 
 func (*ModelSerializationSuite) TestModelValidationChecksMachines(c *gc.C) {
-	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner")})
+	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner"), CloudRegion: "some-region"})
 	model.AddMachine(MachineArgs{})
 	err := model.Validate()
 	c.Assert(err, gc.ErrorMatches, "machine missing id not valid")
@@ -197,14 +200,14 @@
 }
 
 func (s *ModelSerializationSuite) TestModelValidationChecksMachinesGood(c *gc.C) {
-	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner")})
+	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner"), CloudRegion: "some-region"})
 	s.addMachineToModel(model, "0")
 	err := model.Validate()
 	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *ModelSerializationSuite) TestModelValidationChecksOpenPortsUnits(c *gc.C) {
-	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner")})
+	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner"), CloudRegion: "some-region"})
 	machine := s.addMachineToModel(model, "0")
 	machine.AddOpenedPorts(OpenedPortsArgs{
 		OpenedPorts: []PortRangeArgs{
@@ -220,26 +223,26 @@
 	c.Assert(err.Error(), gc.Equals, "unknown unit names in open ports: [missing/0]")
 }
 
-func (*ModelSerializationSuite) TestModelValidationChecksServices(c *gc.C) {
-	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner")})
-	model.AddService(ServiceArgs{})
+func (*ModelSerializationSuite) TestModelValidationChecksApplications(c *gc.C) {
+	model := NewModel(ModelArgs{Owner: names.NewUserTag("owner"), CloudRegion: "some-region"})
+	model.AddApplication(ApplicationArgs{})
 	err := model.Validate()
-	c.Assert(err, gc.ErrorMatches, "service missing name not valid")
+	c.Assert(err, gc.ErrorMatches, "application missing name not valid")
 	c.Assert(err, jc.Satisfies, errors.IsNotValid)
 }
 
-func (s *ModelSerializationSuite) addServiceToModel(model Model, name string, numUnits int) Service {
-	service := model.AddService(ServiceArgs{
-		Tag:                names.NewServiceTag(name),
+func (s *ModelSerializationSuite) addApplicationToModel(model Model, name string, numUnits int) Application {
+	application := model.AddApplication(ApplicationArgs{
+		Tag:                names.NewApplicationTag(name),
 		Settings:           map[string]interface{}{},
 		LeadershipSettings: map[string]interface{}{},
 	})
-	service.SetStatus(minimalStatusArgs())
+	application.SetStatus(minimalStatusArgs())
 	for i := 0; i < numUnits; i++ {
 		// The index i is used as both the machine id and the unit id.
 		// A happy coincidence.
 		machine := s.addMachineToModel(model, fmt.Sprint(i))
-		unit := service.AddUnit(UnitArgs{
+		unit := application.AddUnit(UnitArgs{
 			Tag:     names.NewUnitTag(fmt.Sprintf("%s/%d", name, i)),
 			Machine: machine.Tag(),
 		})
@@ -248,7 +251,7 @@
 		unit.SetWorkloadStatus(minimalStatusArgs())
 	}
 
-	return service
+	return application
 }
 
 func (s *ModelSerializationSuite) wordpressModel() (Model, Endpoint, Endpoint) {
@@ -256,9 +259,11 @@
 		Owner: names.NewUserTag("owner"),
 		Config: map[string]interface{}{
 			"uuid": "some-uuid",
-		}})
-	s.addServiceToModel(model, "wordpress", 2)
-	s.addServiceToModel(model, "mysql", 1)
+		},
+		CloudRegion: "some-region",
+	})
+	s.addApplicationToModel(model, "wordpress", 2)
+	s.addApplicationToModel(model, "mysql", 1)
 
 	// Add a relation between wordpress and mysql.
 	rel := model.AddRelation(RelationArgs{
@@ -266,13 +271,13 @@
 		Key: "special key",
 	})
 	wordpressEndpoint := rel.AddEndpoint(EndpointArgs{
-		ServiceName: "wordpress",
-		Name:        "db",
+		ApplicationName: "wordpress",
+		Name:            "db",
 		// Ignoring other aspects of endpoints.
 	})
 	mysqlEndpoint := rel.AddEndpoint(EndpointArgs{
-		ServiceName: "mysql",
-		Name:        "mysql",
+		ApplicationName: "mysql",
+		Name:            "mysql",
 		// Ignoring other aspects of endpoints.
 	})
 	return model, wordpressEndpoint, mysqlEndpoint
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/relation.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/relation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/relation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/relation.go	2016-07-18 19:45:44.000000000 +0000
@@ -143,38 +143,38 @@
 }
 
 type endpoint struct {
-	ServiceName_ string `yaml:"service-name"`
-	Name_        string `yaml:"name"`
-	Role_        string `yaml:"role"`
-	Interface_   string `yaml:"interface"`
-	Optional_    bool   `yaml:"optional"`
-	Limit_       int    `yaml:"limit"`
-	Scope_       string `yaml:"scope"`
+	ApplicationName_ string `yaml:"application-name"`
+	Name_            string `yaml:"name"`
+	Role_            string `yaml:"role"`
+	Interface_       string `yaml:"interface"`
+	Optional_        bool   `yaml:"optional"`
+	Limit_           int    `yaml:"limit"`
+	Scope_           string `yaml:"scope"`
 
 	UnitSettings_ map[string]map[string]interface{} `yaml:"unit-settings"`
 }
 
 // EndpointArgs is an argument struct used to specify a relation.
 type EndpointArgs struct {
-	ServiceName string
-	Name        string
-	Role        string
-	Interface   string
-	Optional    bool
-	Limit       int
-	Scope       string
+	ApplicationName string
+	Name            string
+	Role            string
+	Interface       string
+	Optional        bool
+	Limit           int
+	Scope           string
 }
 
 func newEndpoint(args EndpointArgs) *endpoint {
 	return &endpoint{
-		ServiceName_:  args.ServiceName,
-		Name_:         args.Name,
-		Role_:         args.Role,
-		Interface_:    args.Interface,
-		Optional_:     args.Optional,
-		Limit_:        args.Limit,
-		Scope_:        args.Scope,
-		UnitSettings_: make(map[string]map[string]interface{}),
+		ApplicationName_: args.ApplicationName,
+		Name_:            args.Name,
+		Role_:            args.Role,
+		Interface_:       args.Interface,
+		Optional_:        args.Optional,
+		Limit_:           args.Limit,
+		Scope_:           args.Scope,
+		UnitSettings_:    make(map[string]map[string]interface{}),
 	}
 }
 
@@ -186,9 +186,9 @@
 	return result
 }
 
-// ServiceName implements Endpoint.
-func (e *endpoint) ServiceName() string {
-	return e.ServiceName_
+// ApplicationName implements Endpoint.
+func (e *endpoint) ApplicationName() string {
+	return e.ApplicationName_
 }
 
 // Name implements Endpoint.
@@ -260,11 +260,11 @@
 		if !ok {
 			return nil, errors.Errorf("unexpected value for endpoint %d, %T", i, value)
 		}
-		service, err := importFunc(source)
+		application, err := importFunc(source)
 		if err != nil {
 			return nil, errors.Annotatef(err, "endpoint %d", i)
 		}
-		result = append(result, service)
+		result = append(result, application)
 	}
 	return result, nil
 }
@@ -277,14 +277,14 @@
 
 func importEndpointV1(source map[string]interface{}) (*endpoint, error) {
 	fields := schema.Fields{
-		"service-name":  schema.String(),
-		"name":          schema.String(),
-		"role":          schema.String(),
-		"interface":     schema.String(),
-		"optional":      schema.Bool(),
-		"limit":         schema.Int(),
-		"scope":         schema.String(),
-		"unit-settings": schema.StringMap(schema.StringMap(schema.Any())),
+		"application-name": schema.String(),
+		"name":             schema.String(),
+		"role":             schema.String(),
+		"interface":        schema.String(),
+		"optional":         schema.Bool(),
+		"limit":            schema.Int(),
+		"scope":            schema.String(),
+		"unit-settings":    schema.StringMap(schema.StringMap(schema.Any())),
 	}
 
 	checker := schema.FieldMap(fields, nil) // No defaults.
@@ -298,14 +298,14 @@
 	// contains fields of the right type.
 
 	result := &endpoint{
-		ServiceName_:  valid["service-name"].(string),
-		Name_:         valid["name"].(string),
-		Role_:         valid["role"].(string),
-		Interface_:    valid["interface"].(string),
-		Optional_:     valid["optional"].(bool),
-		Limit_:        int(valid["limit"].(int64)),
-		Scope_:        valid["scope"].(string),
-		UnitSettings_: make(map[string]map[string]interface{}),
+		ApplicationName_: valid["application-name"].(string),
+		Name_:            valid["name"].(string),
+		Role_:            valid["role"].(string),
+		Interface_:       valid["interface"].(string),
+		Optional_:        valid["optional"].(bool),
+		Limit_:           int(valid["limit"].(int64)),
+		Scope_:           valid["scope"].(string),
+		UnitSettings_:    make(map[string]map[string]interface{}),
 	}
 
 	for unitname, settings := range valid["unit-settings"].(map[string]interface{}) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/relation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/relation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/relation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/relation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -66,7 +66,7 @@
 	c.Assert(endpoints, gc.HasLen, 1)
 
 	ep := endpoints[0]
-	c.Assert(ep.ServiceName(), gc.Equals, "ubuntu")
+	c.Assert(ep.ApplicationName(), gc.Equals, "ubuntu")
 	// Not going to check the exact contents, we expect that there
 	// should be two entries.
 	c.Assert(ep.Settings("ubuntu/0"), gc.HasLen, 2)
@@ -111,14 +111,14 @@
 
 func minimalEndpointMap() map[interface{}]interface{} {
 	return map[interface{}]interface{}{
-		"service-name":  "ubuntu",
-		"name":          "juju-meta",
-		"role":          "peer",
-		"interface":     "something",
-		"optional":      true,
-		"limit":         1,
-		"scope":         "container",
-		"unit-settings": map[interface{}]interface{}{},
+		"application-name": "ubuntu",
+		"name":             "juju-meta",
+		"role":             "peer",
+		"interface":        "something",
+		"optional":         true,
+		"limit":            1,
+		"scope":            "container",
+		"unit-settings":    map[interface{}]interface{}{},
 	}
 }
 
@@ -128,13 +128,13 @@
 
 func minimalEndpointArgs() EndpointArgs {
 	return EndpointArgs{
-		ServiceName: "ubuntu",
-		Name:        "juju-meta",
-		Role:        "peer",
-		Interface:   "something",
-		Optional:    true,
-		Limit:       1,
-		Scope:       "container",
+		ApplicationName: "ubuntu",
+		Name:            "juju-meta",
+		Role:            "peer",
+		Interface:       "something",
+		Optional:        true,
+		Limit:           1,
+		Scope:           "container",
 	}
 }
 
@@ -156,7 +156,7 @@
 func (s *EndpointSerializationSuite) TestNewEndpoint(c *gc.C) {
 	endpoint := endpointWithSettings()
 
-	c.Assert(endpoint.ServiceName(), gc.Equals, "ubuntu")
+	c.Assert(endpoint.ApplicationName(), gc.Equals, "ubuntu")
 	c.Assert(endpoint.Name(), gc.Equals, "juju-meta")
 	c.Assert(endpoint.Role(), gc.Equals, "peer")
 	c.Assert(endpoint.Interface(), gc.Equals, "something")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/service.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/service.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,390 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package description
-
-import (
-	"encoding/base64"
-
-	"github.com/juju/utils/set"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	"github.com/juju/schema"
-)
-
-type services struct {
-	Version   int        `yaml:"version"`
-	Services_ []*service `yaml:"services"`
-}
-
-type service struct {
-	Name_                 string `yaml:"name"`
-	Series_               string `yaml:"series"`
-	Subordinate_          bool   `yaml:"subordinate,omitempty"`
-	CharmURL_             string `yaml:"charm-url"`
-	Channel_              string `yaml:"cs-channel"`
-	CharmModifiedVersion_ int    `yaml:"charm-mod-version"`
-
-	// ForceCharm is true if an upgrade charm is forced.
-	// It means upgrade even if the charm is in an error state.
-	ForceCharm_ bool `yaml:"force-charm,omitempty"`
-	Exposed_    bool `yaml:"exposed,omitempty"`
-	MinUnits_   int  `yaml:"min-units,omitempty"`
-
-	Status_        *status `yaml:"status"`
-	StatusHistory_ `yaml:"status-history"`
-
-	Settings_         map[string]interface{} `yaml:"settings"`
-	SettingsRefCount_ int                    `yaml:"settings-refcount"`
-
-	Leader_             string                 `yaml:"leader,omitempty"`
-	LeadershipSettings_ map[string]interface{} `yaml:"leadership-settings"`
-
-	MetricsCredentials_ string `yaml:"metrics-creds,omitempty"`
-
-	// unit count will be assumed by the number of units associated.
-	Units_ units `yaml:"units"`
-
-	Annotations_ `yaml:"annotations,omitempty"`
-
-	Constraints_ *constraints `yaml:"constraints,omitempty"`
-
-	// Storage Constraints
-}
-
-// ServiceArgs is an argument struct used to add a service to the Model.
-type ServiceArgs struct {
-	Tag                  names.ServiceTag
-	Series               string
-	Subordinate          bool
-	CharmURL             string
-	Channel              string
-	CharmModifiedVersion int
-	ForceCharm           bool
-	Exposed              bool
-	MinUnits             int
-	Settings             map[string]interface{}
-	SettingsRefCount     int
-	Leader               string
-	LeadershipSettings   map[string]interface{}
-	MetricsCredentials   []byte
-}
-
-func newService(args ServiceArgs) *service {
-	creds := base64.StdEncoding.EncodeToString(args.MetricsCredentials)
-	svc := &service{
-		Name_:                 args.Tag.Id(),
-		Series_:               args.Series,
-		Subordinate_:          args.Subordinate,
-		CharmURL_:             args.CharmURL,
-		Channel_:              args.Channel,
-		CharmModifiedVersion_: args.CharmModifiedVersion,
-		ForceCharm_:           args.ForceCharm,
-		Exposed_:              args.Exposed,
-		MinUnits_:             args.MinUnits,
-		Settings_:             args.Settings,
-		SettingsRefCount_:     args.SettingsRefCount,
-		Leader_:               args.Leader,
-		LeadershipSettings_:   args.LeadershipSettings,
-		MetricsCredentials_:   creds,
-		StatusHistory_:        newStatusHistory(),
-	}
-	svc.setUnits(nil)
-	return svc
-}
-
-// Tag implements Service.
-func (s *service) Tag() names.ServiceTag {
-	return names.NewServiceTag(s.Name_)
-}
-
-// Name implements Service.
-func (s *service) Name() string {
-	return s.Name_
-}
-
-// Series implements Service.
-func (s *service) Series() string {
-	return s.Series_
-}
-
-// Subordinate implements Service.
-func (s *service) Subordinate() bool {
-	return s.Subordinate_
-}
-
-// CharmURL implements Service.
-func (s *service) CharmURL() string {
-	return s.CharmURL_
-}
-
-// Channel implements Service.
-func (s *service) Channel() string {
-	return s.Channel_
-}
-
-// CharmModifiedVersion implements Service.
-func (s *service) CharmModifiedVersion() int {
-	return s.CharmModifiedVersion_
-}
-
-// ForceCharm implements Service.
-func (s *service) ForceCharm() bool {
-	return s.ForceCharm_
-}
-
-// Exposed implements Service.
-func (s *service) Exposed() bool {
-	return s.Exposed_
-}
-
-// MinUnits implements Service.
-func (s *service) MinUnits() int {
-	return s.MinUnits_
-}
-
-// Settings implements Service.
-func (s *service) Settings() map[string]interface{} {
-	return s.Settings_
-}
-
-// SettingsRefCount implements Service.
-func (s *service) SettingsRefCount() int {
-	return s.SettingsRefCount_
-}
-
-// Leader implements Service.
-func (s *service) Leader() string {
-	return s.Leader_
-}
-
-// LeadershipSettings implements Service.
-func (s *service) LeadershipSettings() map[string]interface{} {
-	return s.LeadershipSettings_
-}
-
-// MetricsCredentials implements Service.
-func (s *service) MetricsCredentials() []byte {
-	// Here we are explicitly throwing away any decode error. We check that
-	// the creds can be decoded when we parse the incoming data, or we encode
-	// an incoming byte array, so in both cases, we know that the stored creds
-	// can be decoded.
-	creds, _ := base64.StdEncoding.DecodeString(s.MetricsCredentials_)
-	return creds
-}
-
-// Status implements Service.
-func (s *service) Status() Status {
-	// To avoid typed nils check nil here.
-	if s.Status_ == nil {
-		return nil
-	}
-	return s.Status_
-}
-
-// SetStatus implements Service.
-func (s *service) SetStatus(args StatusArgs) {
-	s.Status_ = newStatus(args)
-}
-
-// Units implements Service.
-func (s *service) Units() []Unit {
-	result := make([]Unit, len(s.Units_.Units_))
-	for i, u := range s.Units_.Units_ {
-		result[i] = u
-	}
-	return result
-}
-
-func (s *service) unitNames() set.Strings {
-	result := set.NewStrings()
-	for _, u := range s.Units_.Units_ {
-		result.Add(u.Name())
-	}
-	return result
-}
-
-// AddUnit implements Service.
-func (s *service) AddUnit(args UnitArgs) Unit {
-	u := newUnit(args)
-	s.Units_.Units_ = append(s.Units_.Units_, u)
-	return u
-}
-
-func (s *service) setUnits(unitList []*unit) {
-	s.Units_ = units{
-		Version: 1,
-		Units_:  unitList,
-	}
-}
-
-// Constraints implements HasConstraints.
-func (s *service) Constraints() Constraints {
-	if s.Constraints_ == nil {
-		return nil
-	}
-	return s.Constraints_
-}
-
-// SetConstraints implements HasConstraints.
-func (s *service) SetConstraints(args ConstraintsArgs) {
-	s.Constraints_ = newConstraints(args)
-}
-
-// Validate implements Service.
-func (s *service) Validate() error {
-	if s.Name_ == "" {
-		return errors.NotValidf("service missing name")
-	}
-	if s.Status_ == nil {
-		return errors.NotValidf("service %q missing status", s.Name_)
-	}
-	// If leader is set, it must match one of the units.
-	var leaderFound bool
-	// All of the services units should also be valid.
-	for _, u := range s.Units() {
-		if err := u.Validate(); err != nil {
-			return errors.Trace(err)
-		}
-		// We know that the unit has a name, because it validated correctly.
-		if u.Name() == s.Leader_ {
-			leaderFound = true
-		}
-	}
-	if s.Leader_ != "" && !leaderFound {
-		return errors.NotValidf("missing unit for leader %q", s.Leader_)
-	}
-	return nil
-}
-
-func importServices(source map[string]interface{}) ([]*service, error) {
-	checker := versionedChecker("services")
-	coerced, err := checker.Coerce(source, nil)
-	if err != nil {
-		return nil, errors.Annotatef(err, "services version schema check failed")
-	}
-	valid := coerced.(map[string]interface{})
-
-	version := int(valid["version"].(int64))
-	importFunc, ok := serviceDeserializationFuncs[version]
-	if !ok {
-		return nil, errors.NotValidf("version %d", version)
-	}
-	sourceList := valid["services"].([]interface{})
-	return importServiceList(sourceList, importFunc)
-}
-
-func importServiceList(sourceList []interface{}, importFunc serviceDeserializationFunc) ([]*service, error) {
-	result := make([]*service, 0, len(sourceList))
-	for i, value := range sourceList {
-		source, ok := value.(map[string]interface{})
-		if !ok {
-			return nil, errors.Errorf("unexpected value for service %d, %T", i, value)
-		}
-		service, err := importFunc(source)
-		if err != nil {
-			return nil, errors.Annotatef(err, "service %d", i)
-		}
-		result = append(result, service)
-	}
-	return result, nil
-}
-
-type serviceDeserializationFunc func(map[string]interface{}) (*service, error)
-
-var serviceDeserializationFuncs = map[int]serviceDeserializationFunc{
-	1: importServiceV1,
-}
-
-func importServiceV1(source map[string]interface{}) (*service, error) {
-	fields := schema.Fields{
-		"name":                schema.String(),
-		"series":              schema.String(),
-		"subordinate":         schema.Bool(),
-		"charm-url":           schema.String(),
-		"cs-channel":          schema.String(),
-		"charm-mod-version":   schema.Int(),
-		"force-charm":         schema.Bool(),
-		"exposed":             schema.Bool(),
-		"min-units":           schema.Int(),
-		"status":              schema.StringMap(schema.Any()),
-		"settings":            schema.StringMap(schema.Any()),
-		"settings-refcount":   schema.Int(),
-		"leader":              schema.String(),
-		"leadership-settings": schema.StringMap(schema.Any()),
-		"metrics-creds":       schema.String(),
-		"units":               schema.StringMap(schema.Any()),
-	}
-
-	defaults := schema.Defaults{
-		"subordinate":   false,
-		"force-charm":   false,
-		"exposed":       false,
-		"min-units":     int64(0),
-		"leader":        "",
-		"metrics-creds": "",
-	}
-	addAnnotationSchema(fields, defaults)
-	addConstraintsSchema(fields, defaults)
-	addStatusHistorySchema(fields)
-	checker := schema.FieldMap(fields, defaults)
-
-	coerced, err := checker.Coerce(source, nil)
-	if err != nil {
-		return nil, errors.Annotatef(err, "service v1 schema check failed")
-	}
-	valid := coerced.(map[string]interface{})
-	// From here we know that the map returned from the schema coercion
-	// contains fields of the right type.
-	result := &service{
-		Name_:                 valid["name"].(string),
-		Series_:               valid["series"].(string),
-		Subordinate_:          valid["subordinate"].(bool),
-		CharmURL_:             valid["charm-url"].(string),
-		Channel_:              valid["cs-channel"].(string),
-		CharmModifiedVersion_: int(valid["charm-mod-version"].(int64)),
-		ForceCharm_:           valid["force-charm"].(bool),
-		Exposed_:              valid["exposed"].(bool),
-		MinUnits_:             int(valid["min-units"].(int64)),
-		Settings_:             valid["settings"].(map[string]interface{}),
-		SettingsRefCount_:     int(valid["settings-refcount"].(int64)),
-		Leader_:               valid["leader"].(string),
-		LeadershipSettings_:   valid["leadership-settings"].(map[string]interface{}),
-		StatusHistory_:        newStatusHistory(),
-	}
-	result.importAnnotations(valid)
-	if err := result.importStatusHistory(valid); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	if constraintsMap, ok := valid["constraints"]; ok {
-		constraints, err := importConstraints(constraintsMap.(map[string]interface{}))
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		result.Constraints_ = constraints
-	}
-
-	encodedCreds := valid["metrics-creds"].(string)
-	// The model stores the creds encoded, but we want to make sure that
-	// we are storing something that can be decoded.
-	if _, err := base64.StdEncoding.DecodeString(encodedCreds); err != nil {
-		return nil, errors.Annotate(err, "metrics credentials not valid")
-	}
-	result.MetricsCredentials_ = encodedCreds
-
-	status, err := importStatus(valid["status"].(map[string]interface{}))
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	result.Status_ = status
-
-	units, err := importUnits(valid["units"].(map[string]interface{}))
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	result.setUnits(units)
-
-	return result, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/service_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,216 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package description
-
-import (
-	"github.com/juju/names"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/yaml.v2"
-)
-
-type ServiceSerializationSuite struct {
-	SliceSerializationSuite
-	StatusHistoryMixinSuite
-}
-
-var _ = gc.Suite(&ServiceSerializationSuite{})
-
-func (s *ServiceSerializationSuite) SetUpTest(c *gc.C) {
-	s.SliceSerializationSuite.SetUpTest(c)
-	s.importName = "services"
-	s.sliceName = "services"
-	s.importFunc = func(m map[string]interface{}) (interface{}, error) {
-		return importServices(m)
-	}
-	s.testFields = func(m map[string]interface{}) {
-		m["services"] = []interface{}{}
-	}
-	s.StatusHistoryMixinSuite.creator = func() HasStatusHistory {
-		return minimalService()
-	}
-	s.StatusHistoryMixinSuite.serializer = func(c *gc.C, initial interface{}) HasStatusHistory {
-		return s.exportImport(c, initial.(*service))
-	}
-}
-
-func minimalServiceMap() map[interface{}]interface{} {
-	return map[interface{}]interface{}{
-		"name":              "ubuntu",
-		"series":            "trusty",
-		"charm-url":         "cs:trusty/ubuntu",
-		"cs-channel":        "stable",
-		"charm-mod-version": 1,
-		"status":            minimalStatusMap(),
-		"status-history":    emptyStatusHistoryMap(),
-		"settings": map[interface{}]interface{}{
-			"key": "value",
-		},
-		"settings-refcount": 1,
-		"leader":            "ubuntu/0",
-		"leadership-settings": map[interface{}]interface{}{
-			"leader": true,
-		},
-		"metrics-creds": "c2Vrcml0", // base64 encoded
-		"units": map[interface{}]interface{}{
-			"version": 1,
-			"units": []interface{}{
-				minimalUnitMap(),
-			},
-		},
-	}
-}
-
-func minimalService() *service {
-	s := newService(minimalServiceArgs())
-	s.SetStatus(minimalStatusArgs())
-	u := s.AddUnit(minimalUnitArgs())
-	u.SetAgentStatus(minimalStatusArgs())
-	u.SetWorkloadStatus(minimalStatusArgs())
-	u.SetTools(minimalAgentToolsArgs())
-	return s
-}
-
-func addMinimalService(model Model) {
-	s := model.AddService(minimalServiceArgs())
-	s.SetStatus(minimalStatusArgs())
-	u := s.AddUnit(minimalUnitArgs())
-	u.SetAgentStatus(minimalStatusArgs())
-	u.SetWorkloadStatus(minimalStatusArgs())
-	u.SetTools(minimalAgentToolsArgs())
-}
-
-func minimalServiceArgs() ServiceArgs {
-	return ServiceArgs{
-		Tag:                  names.NewServiceTag("ubuntu"),
-		Series:               "trusty",
-		CharmURL:             "cs:trusty/ubuntu",
-		Channel:              "stable",
-		CharmModifiedVersion: 1,
-		Settings: map[string]interface{}{
-			"key": "value",
-		},
-		SettingsRefCount: 1,
-		Leader:           "ubuntu/0",
-		LeadershipSettings: map[string]interface{}{
-			"leader": true,
-		},
-		MetricsCredentials: []byte("sekrit"),
-	}
-}
-
-func (s *ServiceSerializationSuite) TestNewService(c *gc.C) {
-	args := ServiceArgs{
-		Tag:                  names.NewServiceTag("magic"),
-		Series:               "zesty",
-		Subordinate:          true,
-		CharmURL:             "cs:zesty/magic",
-		Channel:              "stable",
-		CharmModifiedVersion: 1,
-		ForceCharm:           true,
-		Exposed:              true,
-		MinUnits:             42, // no judgement is made by the migration code
-		Settings: map[string]interface{}{
-			"key": "value",
-		},
-		SettingsRefCount: 1,
-		Leader:           "magic/1",
-		LeadershipSettings: map[string]interface{}{
-			"leader": true,
-		},
-		MetricsCredentials: []byte("sekrit"),
-	}
-	service := newService(args)
-
-	c.Assert(service.Name(), gc.Equals, "magic")
-	c.Assert(service.Tag(), gc.Equals, names.NewServiceTag("magic"))
-	c.Assert(service.Series(), gc.Equals, "zesty")
-	c.Assert(service.Subordinate(), jc.IsTrue)
-	c.Assert(service.CharmURL(), gc.Equals, "cs:zesty/magic")
-	c.Assert(service.Channel(), gc.Equals, "stable")
-	c.Assert(service.CharmModifiedVersion(), gc.Equals, 1)
-	c.Assert(service.ForceCharm(), jc.IsTrue)
-	c.Assert(service.Exposed(), jc.IsTrue)
-	c.Assert(service.MinUnits(), gc.Equals, 42)
-	c.Assert(service.Settings(), jc.DeepEquals, args.Settings)
-	c.Assert(service.SettingsRefCount(), gc.Equals, 1)
-	c.Assert(service.Leader(), gc.Equals, "magic/1")
-	c.Assert(service.LeadershipSettings(), jc.DeepEquals, args.LeadershipSettings)
-	c.Assert(service.MetricsCredentials(), jc.DeepEquals, []byte("sekrit"))
-}
-
-func (s *ServiceSerializationSuite) TestMinimalServiceValid(c *gc.C) {
-	service := minimalService()
-	c.Assert(service.Validate(), jc.ErrorIsNil)
-}
-
-func (s *ServiceSerializationSuite) TestMinimalMatches(c *gc.C) {
-	bytes, err := yaml.Marshal(minimalService())
-	c.Assert(err, jc.ErrorIsNil)
-
-	var source map[interface{}]interface{}
-	err = yaml.Unmarshal(bytes, &source)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(source, jc.DeepEquals, minimalServiceMap())
-}
-
-func (s *ServiceSerializationSuite) exportImport(c *gc.C, service_ *service) *service {
-	initial := services{
-		Version:   1,
-		Services_: []*service{service_},
-	}
-
-	bytes, err := yaml.Marshal(initial)
-	c.Assert(err, jc.ErrorIsNil)
-
-	var source map[string]interface{}
-	err = yaml.Unmarshal(bytes, &source)
-	c.Assert(err, jc.ErrorIsNil)
-
-	services, err := importServices(source)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(services, gc.HasLen, 1)
-	return services[0]
-}
-
-func (s *ServiceSerializationSuite) TestParsingSerializedData(c *gc.C) {
-	svc := minimalService()
-	service := s.exportImport(c, svc)
-	c.Assert(service, jc.DeepEquals, svc)
-}
-
-func (s *ServiceSerializationSuite) TestAnnotations(c *gc.C) {
-	initial := minimalService()
-	annotations := map[string]string{
-		"string":  "value",
-		"another": "one",
-	}
-	initial.SetAnnotations(annotations)
-
-	service := s.exportImport(c, initial)
-	c.Assert(service.Annotations(), jc.DeepEquals, annotations)
-}
-
-func (s *ServiceSerializationSuite) TestConstraints(c *gc.C) {
-	initial := minimalService()
-	args := ConstraintsArgs{
-		Architecture: "amd64",
-		Memory:       8 * gig,
-		RootDisk:     40 * gig,
-	}
-	initial.SetConstraints(args)
-
-	service := s.exportImport(c, initial)
-	c.Assert(service.Constraints(), jc.DeepEquals, newConstraints(args))
-}
-
-func (s *ServiceSerializationSuite) TestLeaderValid(c *gc.C) {
-	args := minimalServiceArgs()
-	args.Leader = "ubuntu/1"
-	service := newService(args)
-	service.SetStatus(minimalStatusArgs())
-
-	err := service.Validate()
-	c.Assert(err, gc.ErrorMatches, `missing unit for leader "ubuntu/1" not valid`)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/status.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"github.com/juju/schema"
 )
 
-// StatusArgs is an argument struct used to set the agent, service, or
+// StatusArgs is an argument struct used to set the agent, application, or
 // workload status.
 type StatusArgs struct {
 	Value   string
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/schema"
+	"gopkg.in/juju/names.v2"
 )
 
 type units struct {
@@ -25,6 +25,9 @@
 	WorkloadStatus_        *status        `yaml:"workload-status"`
 	WorkloadStatusHistory_ StatusHistory_ `yaml:"workload-status-history"`
 
+	WorkloadVersion_        string         `yaml:"workload-version,omitempty"`
+	WorkloadVersionHistory_ StatusHistory_ `yaml:"workload-version-history"`
+
 	Principal_    string   `yaml:"principal,omitempty"`
 	Subordinates_ []string `yaml:"subordinates,omitempty"`
 
@@ -43,7 +46,7 @@
 	Constraints_ *constraints `yaml:"constraints,omitempty"`
 }
 
-// UnitArgs is an argument struct used to add a Unit to a Service in the Model.
+// UnitArgs is an argument struct used to add a Unit to a Application in the Model.
 type UnitArgs struct {
 	Tag          names.UnitTag
 	Machine      names.MachineTag
@@ -51,6 +54,7 @@
 	Principal    names.UnitTag
 	Subordinates []names.UnitTag
 
+	WorkloadVersion string
 	MeterStatusCode string
 	MeterStatusInfo string
 
@@ -63,15 +67,17 @@
 		subordinates = append(subordinates, s.Id())
 	}
 	return &unit{
-		Name_:                  args.Tag.Id(),
-		Machine_:               args.Machine.Id(),
-		PasswordHash_:          args.PasswordHash,
-		Principal_:             args.Principal.Id(),
-		Subordinates_:          subordinates,
-		MeterStatusCode_:       args.MeterStatusCode,
-		MeterStatusInfo_:       args.MeterStatusInfo,
-		WorkloadStatusHistory_: newStatusHistory(),
-		AgentStatusHistory_:    newStatusHistory(),
+		Name_:                   args.Tag.Id(),
+		Machine_:                args.Machine.Id(),
+		PasswordHash_:           args.PasswordHash,
+		Principal_:              args.Principal.Id(),
+		Subordinates_:           subordinates,
+		WorkloadVersion_:        args.WorkloadVersion,
+		MeterStatusCode_:        args.MeterStatusCode,
+		MeterStatusInfo_:        args.MeterStatusInfo,
+		WorkloadStatusHistory_:  newStatusHistory(),
+		WorkloadVersionHistory_: newStatusHistory(),
+		AgentStatusHistory_:     newStatusHistory(),
 	}
 }
 
@@ -136,6 +142,11 @@
 	u.Tools_ = newAgentTools(args)
 }
 
+// WorkloadVersion implements Unit.
+func (u *unit) WorkloadVersion() string {
+	return u.WorkloadVersion_
+}
+
 // WorkloadStatus implements Unit.
 func (u *unit) WorkloadStatus() Status {
 	// To avoid typed nils check nil here.
@@ -160,6 +171,16 @@
 	u.WorkloadStatusHistory_.SetStatusHistory(args)
 }
 
+// WorkloadVersionHistory implements Unit.
+func (u *unit) WorkloadVersionHistory() []Status {
+	return u.WorkloadVersionHistory_.StatusHistory()
+}
+
+// SetWorkloadVersionHistory implements Unit.
+func (u *unit) SetWorkloadVersionHistory(args []StatusArgs) {
+	u.WorkloadVersionHistory_.SetStatusHistory(args)
+}
+
 // AgentStatus implements Unit.
 func (u *unit) AgentStatus() Status {
 	// To avoid typed nils check nil here.
@@ -258,10 +279,12 @@
 		"name":    schema.String(),
 		"machine": schema.String(),
 
-		"agent-status":            schema.StringMap(schema.Any()),
-		"agent-status-history":    schema.StringMap(schema.Any()),
-		"workload-status":         schema.StringMap(schema.Any()),
-		"workload-status-history": schema.StringMap(schema.Any()),
+		"agent-status":             schema.StringMap(schema.Any()),
+		"agent-status-history":     schema.StringMap(schema.Any()),
+		"workload-status":          schema.StringMap(schema.Any()),
+		"workload-status-history":  schema.StringMap(schema.Any()),
+		"workload-version":         schema.String(),
+		"workload-version-history": schema.StringMap(schema.Any()),
 
 		"principal":    schema.String(),
 		"subordinates": schema.List(schema.String()),
@@ -275,6 +298,7 @@
 	defaults := schema.Defaults{
 		"principal":         "",
 		"subordinates":      schema.Omit,
+		"workload-version":  "",
 		"meter-status-code": "",
 		"meter-status-info": "",
 	}
@@ -291,19 +315,25 @@
 	// contains fields of the right type.
 
 	result := &unit{
-		Name_:                  valid["name"].(string),
-		Machine_:               valid["machine"].(string),
-		Principal_:             valid["principal"].(string),
-		PasswordHash_:          valid["password-hash"].(string),
-		MeterStatusCode_:       valid["meter-status-code"].(string),
-		MeterStatusInfo_:       valid["meter-status-info"].(string),
-		WorkloadStatusHistory_: newStatusHistory(),
-		AgentStatusHistory_:    newStatusHistory(),
+		Name_:                   valid["name"].(string),
+		Machine_:                valid["machine"].(string),
+		Principal_:              valid["principal"].(string),
+		PasswordHash_:           valid["password-hash"].(string),
+		WorkloadVersion_:        valid["workload-version"].(string),
+		MeterStatusCode_:        valid["meter-status-code"].(string),
+		MeterStatusInfo_:        valid["meter-status-info"].(string),
+		WorkloadStatusHistory_:  newStatusHistory(),
+		WorkloadVersionHistory_: newStatusHistory(),
+		AgentStatusHistory_:     newStatusHistory(),
 	}
 	result.importAnnotations(valid)
 
-	workloadHistory := valid["workload-status-history"].(map[string]interface{})
-	if err := importStatusHistory(&result.WorkloadStatusHistory_, workloadHistory); err != nil {
+	workloadStatusHistory := valid["workload-status-history"].(map[string]interface{})
+	if err := importStatusHistory(&result.WorkloadStatusHistory_, workloadStatusHistory); err != nil {
+		return nil, errors.Trace(err)
+	}
+	workloadVersionHistory := valid["workload-version-history"].(map[string]interface{})
+	if err := importStatusHistory(&result.WorkloadVersionHistory_, workloadVersionHistory); err != nil {
 		return nil, errors.Trace(err)
 	}
 	agentHistory := valid["agent-status-history"].(map[string]interface{})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package description
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/yaml.v2"
 )
 
@@ -30,14 +30,15 @@
 
 func minimalUnitMap() map[interface{}]interface{} {
 	return map[interface{}]interface{}{
-		"name":                    "ubuntu/0",
-		"machine":                 "0",
-		"agent-status":            minimalStatusMap(),
-		"agent-status-history":    emptyStatusHistoryMap(),
-		"workload-status":         minimalStatusMap(),
-		"workload-status-history": emptyStatusHistoryMap(),
-		"password-hash":           "secure-hash",
-		"tools":                   minimalAgentToolsMap(),
+		"name":                     "ubuntu/0",
+		"machine":                  "0",
+		"agent-status":             minimalStatusMap(),
+		"agent-status-history":     emptyStatusHistoryMap(),
+		"workload-status":          minimalStatusMap(),
+		"workload-status-history":  emptyStatusHistoryMap(),
+		"workload-version-history": emptyStatusHistoryMap(),
+		"password-hash":            "secure-hash",
+		"tools":                    minimalAgentToolsMap(),
 	}
 }
 
@@ -59,7 +60,7 @@
 
 func (s *UnitSerializationSuite) completeUnit() *unit {
 	// This unit is about completeness, not reasonableness. That is why the
-	// unit has a principle (normally only for subordinates), and also a list
+	// unit has a principal (normally only for subordinates), and also a list
 	// of subordinates.
 	args := UnitArgs{
 		Tag:          names.NewUnitTag("ubuntu/0"),
@@ -70,6 +71,7 @@
 			names.NewUnitTag("sub1/0"),
 			names.NewUnitTag("sub2/0"),
 		},
+		WorkloadVersion: "malachite",
 		MeterStatusCode: "meter code",
 		MeterStatusInfo: "meter info",
 	}
@@ -92,6 +94,7 @@
 		names.NewUnitTag("sub1/0"),
 		names.NewUnitTag("sub2/0"),
 	})
+	c.Assert(unit.WorkloadVersion(), gc.Equals, "malachite")
 	c.Assert(unit.MeterStatusCode(), gc.Equals, "meter code")
 	c.Assert(unit.MeterStatusInfo(), gc.Equals, "meter info")
 	c.Assert(unit.Tools(), gc.NotNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/user.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/user.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/user.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/user.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/schema"
+	"gopkg.in/juju/names.v2"
 )
 
 type users struct {
@@ -22,7 +22,7 @@
 	CreatedBy      names.UserTag
 	DateCreated    time.Time
 	LastConnection time.Time
-	ReadOnly       bool
+	Access         string
 }
 
 func newUser(args UserArgs) *user {
@@ -31,7 +31,7 @@
 		DisplayName_: args.DisplayName,
 		CreatedBy_:   args.CreatedBy.Canonical(),
 		DateCreated_: args.DateCreated,
-		ReadOnly_:    args.ReadOnly,
+		Access_:      args.Access,
 	}
 	if !args.LastConnection.IsZero() {
 		value := args.LastConnection
@@ -45,10 +45,10 @@
 	DisplayName_ string    `yaml:"display-name,omitempty"`
 	CreatedBy_   string    `yaml:"created-by"`
 	DateCreated_ time.Time `yaml:"date-created"`
+	Access_      string    `yaml:"access"`
 	// Can't use omitempty with time.Time, it just doesn't work,
 	// so use a pointer in the struct.
 	LastConnection_ *time.Time `yaml:"last-connection,omitempty"`
-	ReadOnly_       bool       `yaml:"read-only,omitempty"`
 }
 
 // Name implements User.
@@ -80,9 +80,22 @@
 	return *u.LastConnection_
 }
 
-// ReadOnly implements User.
-func (u *user) ReadOnly() bool {
-	return u.ReadOnly_
+// IsRead implements User.
+func (u *user) IsReadOnly() bool {
+	// string used here to avoid dependency on state.
+	return u.Access_ == "read"
+}
+
+// IsReadWrite implements User.
+func (u *user) IsReadWrite() bool {
+	// string used here to avoid dependency on state.
+	return u.Access_ == "write"
+}
+
+// IsAdmin implements User.
+func (u *user) IsAdmin() bool {
+	// string used here to avoid dependency on state.
+	return u.Access_ == "admin"
 }
 
 func importUsers(source map[string]interface{}) ([]*user, error) {
@@ -132,6 +145,7 @@
 		"read-only":       schema.Bool(),
 		"date-created":    schema.Time(),
 		"last-connection": schema.Time(),
+		"access":          schema.String(),
 	}
 
 	// Some values don't have to be there.
@@ -154,7 +168,7 @@
 		DisplayName_: valid["display-name"].(string),
 		CreatedBy_:   valid["created-by"].(string),
 		DateCreated_: valid["date-created"].(time.Time),
-		ReadOnly_:    valid["read-only"].(bool),
+		Access_:      valid["access"].(string),
 	}
 
 	lastConn := valid["last-connection"].(time.Time)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/description/user_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/description/user_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/description/user_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/description/user_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -70,7 +70,7 @@
 				DisplayName_: "A read only user",
 				CreatedBy_:   "admin@local",
 				DateCreated_: time.Date(2015, 10, 9, 12, 34, 56, 0, time.UTC),
-				ReadOnly_:    true,
+				Access_:      "read",
 			},
 		},
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/leadership/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/core/leadership/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/leadership/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/leadership/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -2,7 +2,7 @@
 // Licensed under the AGPLv3, see LICENCE file for details.
 
 /*
-Package leadership holds code pertaining to service leadership in juju. It's
+Package leadership holds code pertaining to application leadership in juju. It's
 expected to grow as we're able to extract (e.g.) the Ticket and Tracker
 interfaces from worker/leadership; and quite possible the implementations
 themselves; but that'll have to wait until it can all be expressed without
@@ -23,18 +23,18 @@
 // Claimer exposes leadership acquisition capabilities.
 type Claimer interface {
 
-	// ClaimLeadership claims leadership of the named service on behalf of the
+	// ClaimLeadership claims leadership of the named application on behalf of the
 	// named unit. If no error is returned, leadership will be guaranteed for
 	// at least the supplied duration from the point when the call was made.
-	ClaimLeadership(serviceId, unitId string, duration time.Duration) error
+	ClaimLeadership(applicationId, unitId string, duration time.Duration) error
 
-	// BlockUntilLeadershipReleased blocks until the named service is known
+	// BlockUntilLeadershipReleased blocks until the named application is known
 	// to have no leader, in which case it returns no error; or until the
 	// manager is stopped, in which case it will fail.
-	BlockUntilLeadershipReleased(serviceId string) (err error)
+	BlockUntilLeadershipReleased(applicationId string) (err error)
 }
 
-// Token represents a unit's leadership of its service.
+// Token represents a unit's leadership of its application.
 type Token interface {
 
 	// Check returns an error if the condition it embodies no longer holds.
@@ -54,13 +54,13 @@
 type Checker interface {
 
 	// LeadershipCheck returns a Token representing the supplied unit's
-	// service leadership. The existence of the token does not imply
+	// application leadership. The existence of the token does not imply
 	// its accuracy; you need to Check() it.
 	//
 	// This method returns a token that accepts a *[]txn.Op, into which
 	// it will (on success) copy mgo/txn operations that can be used to
 	// verify the unit's continued leadership as part of another txn.
-	LeadershipCheck(serviceName, unitName string) Token
+	LeadershipCheck(applicationName, unitName string) Token
 }
 
 // Ticket is used to communicate leadership status to Tracker clients.
@@ -81,9 +81,9 @@
 // claim it for themselves.
 type Tracker interface {
 
-	// ServiceName returns the name of the service for which leadership claims
+	// ApplicationName returns the name of the application for which leadership claims
 	// are made.
-	ServiceName() string
+	ApplicationName() string
 
 	// ClaimDuration returns the duration for which a Ticket's true Wait result
 	// is guaranteed valid.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/migration/targetinfo.go juju-core-2.0~beta12/src/github.com/juju/juju/core/migration/targetinfo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/migration/targetinfo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/migration/targetinfo.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/juju/network"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // TargetInfo holds the details required to connect to a
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/core/migration/targetinfo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/core/migration/targetinfo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/core/migration/targetinfo_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/core/migration/targetinfo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/core/migration"
 	coretesting "github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/dependencies.tsv juju-core-2.0~beta12/src/github.com/juju/juju/dependencies.tsv
--- juju-core-2.0~beta7/src/github.com/juju/juju/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -1,19 +1,21 @@
 github.com/Azure/azure-sdk-for-go	git	3b480eaaf6b4236d43a3c06cba969da6f53c8b66	2015-11-23T16:56:25Z
 github.com/ajstarks/svgo	git	89e3ac64b5b3e403a5e7c35ea4f98d45db7b4518	2014-10-04T21:11:59Z
 github.com/altoros/gosigma	git	31228935eec685587914528585da4eb9b073c76d	2015-04-08T14:52:32Z
-github.com/bmizerany/pat	git	48be7df2c27e1cec821a3284a683ce6ef90d9052	2014-04-29T04:34:05Z
-github.com/coreos/go-systemd	git	2d21675230a81a503f4363f4aa3490af06d52bb8	2015-01-26T19:09:17Z
+github.com/bmizerany/pat	git	c068ca2f0aacee5ac3681d68e4d0a003b7d1fd2c	2016-02-17T10:32:42Z
+github.com/coreos/go-systemd	git	7b2428fec40033549c68f54e26e89e7ca9a9ce31	2016-02-02T21:14:25Z
 github.com/dustin/go-humanize	git	145fabdb1ab757076a70a886d092a3af27f66f4c	2014-12-28T07:11:48Z
 github.com/gabriel-samfira/sys	git	9ddc60d56b511544223adecea68da1e4f2153beb	2015-06-08T13:21:19Z
-github.com/godbus/dbus	git	88765d85c0fdadcd98a54e30694fa4e4f5b51133	2015-01-22T18:02:51Z
+github.com/godbus/dbus	git	32c6cc29c14570de4cf6d7e7737d68fb2d01ad15	2016-05-06T22:25:50Z
+github.com/google/go-querystring	git	9235644dd9e52eeae6fa48efd539fdc351a0af53	2016-04-01T23:30:42Z
+github.com/gorilla/schema	git	08023a0215e7fc27a9aecd8b8c50913c40019478	2016-04-26T23:15:12Z
 github.com/gorilla/websocket	git	13e4d0621caa4d77fd9aa470ef6d7ab63d1a5e41	2015-09-23T22:29:30Z
 github.com/gosuri/uitable	git	36ee7e946282a3fb1cfecd476ddc9b35d8847e42	2016-04-04T20:39:58Z
-github.com/joyent/gocommon	git	40c7818502f7c1ebbb13dab185a26e77b746ff40	2014-05-24T00:08:47Z
+github.com/joyent/gocommon	git	ade826b8b54e81a779ccb29d358a45ba24b7809c	2016-03-20T19:31:33Z
 github.com/joyent/gosdc	git	2f11feadd2d9891e92296a1077c3e2e56939547d	2014-05-24T00:08:15Z
 github.com/joyent/gosign	git	0da0d5f1342065321c97812b1f4ac0c2b0bab56c	2014-05-24T00:07:34Z
 github.com/juju/blobstore	git	06056004b3d7b54bbb7984d830c537bad00fec21	2015-07-29T11:18:58Z
-github.com/juju/bundlechanges	git	a1fcaa2fc3b55305d064d16cb56bf87541efb8a4	2016-04-18T04:33:00Z
-github.com/juju/cmd	git	ca63dd8ba13f8fbbbe16a917696a7ce68cc3dc0b	2016-03-31T03:26:51Z
+github.com/juju/bundlechanges	git	8d99dd2a94d7b4fd975a152238d0e19d0c4a6cf1	2016-06-15T07:19:43Z
+github.com/juju/cmd	git	a11ae7a7436c133e799f025998cbbefd3f6eef7e	2016-06-01T03:55:01Z
 github.com/juju/errors	git	1b5e39b83d1835fa480e0c2ddefb040ee82d58b3	2015-09-16T12:56:42Z
 github.com/juju/go4	git	40d72ab9641a2a8c36a9c46a51e28367115c8e59	2016-02-22T16:32:58Z
 github.com/juju/gojsonpointer	git	afe8b77aa08f272b49e01b82de78510c11f61500	2015-02-04T19:46:29Z
@@ -23,27 +25,28 @@
 github.com/juju/govmomi	git	4354a88d4b34abe467215f77c2fc1cb9f78b66f7	2015-04-24T01:54:48Z
 github.com/juju/httpprof	git	14bf14c307672fd2456bdbf35d19cf0ccd3cf565	2014-12-17T16:00:36Z
 github.com/juju/httprequest	git	796aaafaf712f666df58d31a482c51233038bf9f	2016-05-03T15:03:27Z
-github.com/juju/idmclient	git	1995850da11150fb9247e43c6089e54eaeaae44a	2016-04-01T13:35:05Z
+github.com/juju/idmclient	git	3dda079a75cccb85083d4c3877e638f5d6ab79c2	2016-05-26T05:00:34Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
 github.com/juju/mempool	git	24974d6c264fe5a29716e7d56ea24c4bd904b7cc	2016-02-05T10:49:27Z
-github.com/juju/names	git	8a0aa0963bbacdc790914892e9ff942e94d6f795	2016-03-30T15:05:33Z
+github.com/juju/mutex	git	59c26ee163447c5c57f63ff71610d433862013de	2016-06-17T01:09:07Z
 github.com/juju/persistent-cookiejar	git	e710b897c13ca52828ca2fc9769465186fd6d15c	2016-03-31T17:12:27Z
-github.com/juju/ratelimit	git	aa5bb718d4d435629821789cb90970319f57bfe5	2015-03-30T01:41:32Z
 github.com/juju/replicaset	git	fb7294cf57a1e2f08a57691f1246d129a87ab7e8	2015-05-08T02:21:43Z
 github.com/juju/retry	git	62c62032529169c7ec02fa48f93349604c345e1f	2015-10-29T02:48:21Z
-github.com/juju/romulus	git	767a53ef0929d969a3c81c53c6b9f8e94a95dae5	2016-04-27T14:39:56Z
+github.com/juju/rfc	git	ebdbbdb950cd039a531d15cdc2ac2cbd94f068ee	2016-07-11T02:42:13Z
+github.com/juju/romulus	git	6b52a14d619315a31ad4d7069db654c883d6f562	2016-07-14T11:43:41Z
 github.com/juju/schema	git	075de04f9b7d7580d60a1e12a0b3f50bb18e6998	2016-04-20T04:42:03Z
-github.com/juju/testing	git	3ea8417b3125018f678eb9159731917d01121445	2016-05-02T22:59:23Z
+github.com/juju/testing	git	ccf839b5a07a7a05009f8fa3ec41cd05fb2e0b08	2016-06-24T20:35:24Z
 github.com/juju/txn	git	99ec629d0066a4d73c54d8e021a7fc1dc07df614	2015-06-09T16:58:27Z
 github.com/juju/usso	git	68a59c96c178fbbad65926e7f93db50a2cd14f33	2016-04-01T10:44:24Z
-github.com/juju/utils	git	d5423ca3ec0b0cc8ccf093fab1365b1c9f93eb2d	2016-05-02T18:15:00Z
-github.com/juju/version	git	ef897ad7f130870348ce306f61332f5335355063	2015-11-27T20:34:00Z
+github.com/juju/utils	git	6219812829a3542c827c76cc75f416d4e6c94335	2016-07-08T10:00:56Z
+github.com/juju/version	git	4ae6172c00626779a5a462c3e3d22fc0e889431a	2016-06-03T19:49:58Z
 github.com/juju/webbrowser	git	54b8c57083b4afb7dc75da7f13e2967b2606a507	2016-03-09T14:36:29Z
 github.com/juju/xml	git	eb759a627588d35166bc505fceb51b88500e291e	2015-04-13T13:11:21Z
 github.com/juju/zip	git	f6b1e93fa2e29a1d7d49b566b2b51efb060c982a	2016-02-05T10:52:21Z
 github.com/julienschmidt/httprouter	git	77a895ad01ebc98a4dc95d8355bc825ce80a56f6	2015-10-13T22:55:20Z
 github.com/lxc/lxd	git	62f62e9d6e0da14947023f99764eac29c26cef8d	2016-03-28T00:14:48Z
 github.com/mattn/go-runewidth	git	d96d1bd051f2bd9e7e43d602782b37b93b1b5666	2015-11-18T07:21:59Z
+github.com/rogpeppe/fastuuid	git	6724a57986aff9bff1a1770e9347036def7c89f6	2015-01-06T09:32:20Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
 golang.org/x/net	git	ea47fc708ee3e20177f3ca3716217c4ab75942cb	2015-08-29T23:03:18Z
 golang.org/x/oauth2	git	11c60b6f71a6ad48ed6f93c65fa4c6f9b1b5b46a	2015-03-25T02:00:22Z
@@ -55,18 +58,18 @@
 gopkg.in/goose.v1	git	495e6fa2ab89bc5ed2c8e1bbcbc4c9e4a3c97d37	2016-03-17T17:25:46Z
 gopkg.in/ini.v1	git	776aa739ce9373377cd16f526cdf06cb4c89b40f	2016-02-22T23:24:41Z
 gopkg.in/juju/blobstore.v2	git	51fa6e26128d74e445c72d3a91af555151cc3654	2016-01-25T02:37:03Z
-gopkg.in/juju/charm.v6-unstable	git	9857751ba31e81773bbb42557e85054d6b4de4dd	2016-04-27T02:42:06Z
-gopkg.in/juju/charmrepo.v2-unstable	git	c457416da598dffa665fc75aeb5c7265ff1273c0	2016-04-13T10:03:17Z
-gopkg.in/juju/charmstore.v5-unstable	git	745fa1ca2260cdc9dd5a6df6282da51776baa59f	2016-04-12T11:34:55Z
+gopkg.in/juju/charm.v6-unstable	git	8796be6021c9ecb20630950498ec515f7dd24575	2016-06-09T14:28:26Z
+gopkg.in/juju/charmrepo.v2-unstable	git	6e6733987fb03100f30e494cc1134351fe4a593b	2016-05-30T23:07:41Z
+gopkg.in/juju/charmstore.v5-unstable	git	2cb9f80553dddaae8c5e2161ea45f4be5d9afc00	2016-05-27T11:46:22Z
 gopkg.in/juju/environschema.v1	git	7359fc7857abe2b11b5b3e23811a9c64cb6b01e0	2015-11-04T11:58:10Z
-gopkg.in/juju/jujusvg.v1	git	a60359df348ef2ca40ec3bcd58a01de54f05658e	2016-02-11T10:02:50Z
-gopkg.in/macaroon-bakery.v1	git	c8e0209b0f4e48e8603ab0ae2477445f9443fbdc	2016-05-03T12:38:55Z
+gopkg.in/juju/jujusvg.v1	git	cc128825adce31ea13020d24e7b3302bac86a8c3	2016-05-30T22:53:36Z
+gopkg.in/juju/names.v2	git	5426d66579afd36fc63d809dd58806806c2f161f	2016-06-23T03:33:52Z
+gopkg.in/macaroon-bakery.v1	git	b097c9d99b2537efaf54492e08f7e148f956ba51	2016-05-24T09:38:11Z
 gopkg.in/macaroon.v1	git	ab3940c6c16510a850e1c2dd628b919f0f3f1464	2015-01-21T11:42:31Z
-gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
+gopkg.in/mgo.v2	git	29cc868a5ca65f401ff318143f9408d02f4799cc	2016-06-09T18:00:28Z
 gopkg.in/natefinch/lumberjack.v2	git	514cbda263a734ae8caac038dadf05f8f3f9f738	2016-01-25T11:17:49Z
-gopkg.in/natefinch/npipe.v2	git	e562d4ae5c2f838f9e7e406f7d9890d5b02467a9	2014-08-11T16:19:00Z
+gopkg.in/natefinch/npipe.v2	git	c1b8fa8bdccecb0b8db834ee0b92fdbcfa606dd6	2016-06-21T03:49:01Z
 gopkg.in/yaml.v1	git	9f9df34309c04878acc86042b16630b0f696e1de	2014-09-24T16:16:07Z
 gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
 launchpad.net/gnuflag	bzr	roger.peppe@canonical.com-20140716064605-pk32dnmfust02yab	13
-launchpad.net/golxc	bzr	ian.booth@canonical.com-20141121040613-ztm1q0iy9rune3zt	13
 launchpad.net/tomb	bzr	gustavo@niemeyer.net-20140529072043-hzcrlnl3ygvg914q	18
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/doc/architectural-overview.txt juju-core-2.0~beta12/src/github.com/juju/juju/doc/architectural-overview.txt
--- juju-core-2.0~beta7/src/github.com/juju/juju/doc/architectural-overview.txt	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/doc/architectural-overview.txt	2016-07-18 19:45:44.000000000 +0000
@@ -230,7 +230,7 @@
 the Client facade is almost exclusively not. As functionality evolves, and new
 versions of the client APIs are implemented, we must take care to implement them
 consistently -- this means both implementing bulk calls *and* splitting the
-monolithic Client facade into smaller service-specific facades, such that we
+monolithic Client facade into smaller application-specific facades, such that we
 can evolve interaction with (say) users without bumping global API versions
 across the board).
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/doc/bootstrapping.txt juju-core-2.0~beta12/src/github.com/juju/juju/doc/bootstrapping.txt
--- juju-core-2.0~beta7/src/github.com/juju/juju/doc/bootstrapping.txt	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/doc/bootstrapping.txt	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 The first step of bootstrap is to create an Environ instance which is named.
 This Environ instance has the model configuration (the *config.Config instance).
 Initially this will check in the default config store, which is $JUJU_HOME/models.
-This calls through to environs.PrepareForName in environs/open.go.  This makes sure that the
+This calls through to bootstrap.PrepareForName in environs/open.go.  This makes sure that the
 model configuration contains an admin secret, a CA cert, and a UUID.
 
 It is at this time that the initial .jenv file is written out to $JUJU_DATA/models.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/doc/death-and-destruction.txt juju-core-2.0~beta12/src/github.com/juju/juju/doc/death-and-destruction.txt
--- juju-core-2.0~beta7/src/github.com/juju/juju/doc/death-and-destruction.txt	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/doc/death-and-destruction.txt	2016-07-18 19:45:44.000000000 +0000
@@ -168,7 +168,7 @@
 
 Destroying a service involves a single transaction defined as follows:
 
-  * If the service is not Alive, abort without error.
+  * If the application is not alive, abort without error.
   * If the service is in any relations, do the following for each one:
       * If the relation is already Dying, skip it.
       * If the relation is Alive, destroy the relation without modifying the
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/doc/hacking-state.txt juju-core-2.0~beta12/src/github.com/juju/juju/doc/hacking-state.txt
--- juju-core-2.0~beta7/src/github.com/juju/juju/doc/hacking-state.txt	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/doc/hacking-state.txt	2016-07-18 19:45:44.000000000 +0000
@@ -137,7 +137,7 @@
 out until recently, though, so relationDoc has a UnitCount, and
 serviceDoc has both a UnitCount and a RelationCount. This doesn't
 matter for the relation -- nothing watches relation docs directly --
-but I fear it matters quite hard for service, because every added or
+but I fear it matters quite hard for application, because every added or
 removed unit or relation will be an unnecessary event sent to every
 unit agent.
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/doc/lifecycles.txt juju-core-2.0~beta12/src/github.com/juju/juju/doc/lifecycles.txt
--- juju-core-2.0~beta7/src/github.com/juju/juju/doc/lifecycles.txt	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/doc/lifecycles.txt	2016-07-18 19:45:44.000000000 +0000
@@ -123,7 +123,7 @@
   * A relation is created with `juju add-relation`. No two relations with the
     same canonical name can exist. (The canonical relation name form is
     "<requirer-endpoint> <provider-endpoint>", where each endpoint takes the
-    form "<service-name>:<charm-relation-name>".)
+    form "<application-name>:<charm-relation-name>".)
       * Thanks to convention, the above is not strictly true: it is possible
         for a subordinate charm to require a container-scoped "juju-info"
         relation. These restrictions mean that the name can never cause
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/doc/provisioning.md juju-core-2.0~beta12/src/github.com/juju/juju/doc/provisioning.md
--- juju-core-2.0~beta7/src/github.com/juju/juju/doc/provisioning.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/doc/provisioning.md	2016-07-18 19:45:44.000000000 +0000
@@ -51,7 +51,7 @@
 
 ```
     $ juju deploy --constraints mem=2G wordpress
-    $ juju set-constraints --service wordpress mem=3G
+    $ juju set-constraints --application wordpress mem=3G
     $ juju add-unit wordpress -n 2
 ```
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/doc/storage-model.txt juju-core-2.0~beta12/src/github.com/juju/juju/doc/storage-model.txt
--- juju-core-2.0~beta7/src/github.com/juju/juju/doc/storage-model.txt	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/doc/storage-model.txt	2016-07-18 19:45:44.000000000 +0000
@@ -110,9 +110,9 @@
 	Unit "1" *-- "*" StorageAttachment : has
 	Unit "1" *-- "*" StorageConstraints : records >
 
-	Service "1" *-- "*" StorageInstance : owns (shared) >
-	Service "1" *-- "*" StorageConstraints : records >
-	Service "1" -- "1" juju.charm.Charm
+	application "1" *-- "*" StorageInstance : owns (shared) >
+	application "1" *-- "*" StorageConstraints : records >
+	application "1" -- "1" juju.charm.Charm
 
 	StorageInstance --* StoragePool
 	StorageInstance "1" *-- "*" StorageAttachment : has >
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/downloader/download.go juju-core-2.0~beta12/src/github.com/juju/juju/downloader/download.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/downloader/download.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/downloader/download.go	2016-07-18 19:45:44.000000000 +0000
@@ -185,6 +185,6 @@
 
 	f.Close()
 	if err := os.Remove(f.Name()); err != nil {
-		logger.Warningf("cannot remove temp file %q: %v", f.Name(), err)
+		logger.Errorf("cannot remove temp file %q: %v", f.Name(), err)
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/bootstrap.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/bootstrap.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/bootstrap.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/bootstrap.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,17 +20,23 @@
 	"github.com/juju/utils/series"
 	"github.com/juju/utils/ssh"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/gui"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/environs/storage"
 	"github.com/juju/juju/environs/sync"
 	"github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/network"
+	"github.com/juju/juju/mongo"
 	coretools "github.com/juju/juju/tools"
 	jujuversion "github.com/juju/juju/version"
 )
@@ -62,6 +68,34 @@
 	// initial bootstrap machine.
 	BootstrapImage string
 
+	// CloudName is the name of the cloud that Juju will be bootstrapped in.
+	CloudName string
+
+	// Cloud contains the properties of the cloud that Juju will be
+	// bootstrapped in.
+	Cloud cloud.Cloud
+
+	// CloudRegion is the name of the cloud region that Juju will be bootstrapped in.
+	CloudRegion string
+
+	// CloudCredentialName is the name of the cloud credential that Juju will be
+	// bootstrapped with. This may be empty, for clouds that do not require
+	// credentials.
+	CloudCredentialName string
+
+	// CloudCredential contains the cloud credential that Juju will be
+	// bootstrapped with. This may be nil, for clouds that do not require
+	// credentialis.
+	CloudCredential *cloud.Credential
+
+	// ControllerConfig is the set of config attributes relevant
+	// to a controller.
+	ControllerConfig controller.Config
+
+	// ControllerInheritedConfig is the set of config attributes to be shared
+	// across all models in the same controller on the bootstrap cloud.
+	ControllerInheritedConfig map[string]interface{}
+
 	// HostedModelConfig is the set of config attributes to be overlaid
 	// on the controller config to construct the initial hosted model
 	// config.
@@ -93,17 +127,44 @@
 	// used to retrieve the Juju GUI archive installed in the controller.
 	// If not set, the Juju GUI is not installed from simplestreams.
 	GUIDataSourceBaseURL string
+
+	// AdminSecret contains the administrator password.
+	AdminSecret string
+
+	// CAPrivateKey is the controller's CA certificate private key.
+	CAPrivateKey string
+
+	// DialOpts contains the bootstrap dial options.
+	DialOpts environs.BootstrapDialOpts
+}
+
+// Validate validates the bootstrap parameters.
+func (p BootstrapParams) Validate() error {
+	if p.AdminSecret == "" {
+		return errors.New("admin-secret is empty")
+	}
+	if p.ControllerConfig.ControllerUUID() == "" {
+		return errors.New("controller configuration has no controller UUID")
+	}
+	if _, hasCACert := p.ControllerConfig.CACert(); !hasCACert {
+		return errors.New("controller configuration has no ca-cert")
+	}
+	if p.CAPrivateKey == "" {
+		return errors.New("empty ca-private-key")
+	}
+	// TODO(axw) validate other things.
+	return nil
 }
 
 // Bootstrap bootstraps the given environment. The supplied constraints are
 // used to provision the instance, and are also set within the bootstrapped
 // environment.
 func Bootstrap(ctx environs.BootstrapContext, environ environs.Environ, args BootstrapParams) error {
-	cfg := environ.Config()
-	network.SetPreferIPv6(cfg.PreferIPv6())
-	if secret := cfg.AdminSecret(); secret == "" {
-		return errors.Errorf("model configuration has no admin-secret")
+	if err := args.Validate(); err != nil {
+		return errors.Annotate(err, "validating bootstrap parameters")
 	}
+
+	cfg := environ.Config()
 	if authKeys := ssh.SplitAuthorisedKeys(cfg.AuthorizedKeys()); len(authKeys) == 0 {
 		// Apparently this can never happen, so it's not tested. But, one day,
 		// Config will act differently (it's pretty crazy that, AFAICT, the
@@ -112,12 +173,6 @@
 		// we'll be here to catch this problem early.
 		return errors.Errorf("model configuration has no authorized-keys")
 	}
-	if _, hasCACert := cfg.CACert(); !hasCACert {
-		return errors.Errorf("model configuration has no ca-cert")
-	}
-	if _, hasCAKey := cfg.CAPrivateKey(); !hasCAKey {
-		return errors.Errorf("model configuration has no ca-private-key")
-	}
 
 	// Set default tools metadata source, add image metadata source,
 	// then verify constraints. Providers may rely on image metadata
@@ -169,10 +224,6 @@
 		return err
 	}
 
-	if lxcMTU, ok := cfg.LXCDefaultMTU(); ok {
-		logger.Debugf("using MTU %v for all created LXC containers' network interfaces", lxcMTU)
-	}
-
 	imageMetadata, err := bootstrapImageMetadata(
 		environ, availableTools,
 		args.BootstrapImage,
@@ -201,7 +252,9 @@
 	}
 
 	ctx.Infof("Starting new instance for initial controller")
+
 	result, err := environ.Bootstrap(ctx, environs.BootstrapParams{
+		ControllerConfig:     args.ControllerConfig,
 		ModelConstraints:     args.ModelConstraints,
 		BootstrapConstraints: args.BootstrapConstraints,
 		BootstrapSeries:      args.BootstrapSeries,
@@ -247,7 +300,7 @@
 		// even though the user didn't ask for it. We only do
 		// this when the image-stream is not "released" and
 		// the agent version hasn't been specified.
-		logger.Warningf("no prepackaged tools available")
+		logger.Infof("no prepackaged tools available")
 	}
 
 	ctx.Infof("Installing Juju agent on bootstrap instance")
@@ -256,7 +309,11 @@
 		return err
 	}
 	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(
-		args.BootstrapConstraints, args.ModelConstraints, result.Series, publicKey,
+		args.ControllerConfig,
+		args.BootstrapConstraints,
+		args.ModelConstraints,
+		result.Series,
+		publicKey,
 	)
 	if err != nil {
 		return err
@@ -264,20 +321,77 @@
 	if err := instanceConfig.SetTools(selectedToolsList); err != nil {
 		return errors.Trace(err)
 	}
-	instanceConfig.CustomImageMetadata = customImageMetadata
-	instanceConfig.HostedModelConfig = args.HostedModelConfig
-
-	instanceConfig.GUI = guiArchive(args.GUIDataSourceBaseURL, func(msg string) {
-		ctx.Infof(msg)
-	})
-
-	if err := result.Finalize(ctx, instanceConfig); err != nil {
+	if err := finalizeInstanceBootstrapConfig(ctx, instanceConfig, args, cfg, customImageMetadata); err != nil {
+		return errors.Annotate(err, "finalizing bootstrap instance config")
+	}
+	if err := result.Finalize(ctx, instanceConfig, args.DialOpts); err != nil {
 		return err
 	}
 	ctx.Infof("Bootstrap agent installed")
 	return nil
 }
 
+func finalizeInstanceBootstrapConfig(
+	ctx environs.BootstrapContext,
+	icfg *instancecfg.InstanceConfig,
+	args BootstrapParams,
+	cfg *config.Config,
+	customImageMetadata []*imagemetadata.ImageMetadata,
+) error {
+	if icfg.APIInfo != nil || icfg.Controller.MongoInfo != nil {
+		return errors.New("machine configuration already has api/state info")
+	}
+	controllerCfg := icfg.Controller.Config
+	caCert, hasCACert := controllerCfg.CACert()
+	if !hasCACert {
+		return errors.New("controller configuration has no ca-cert")
+	}
+	icfg.APIInfo = &api.Info{
+		Password: args.AdminSecret,
+		CACert:   caCert,
+		ModelTag: names.NewModelTag(cfg.UUID()),
+	}
+	icfg.Controller.MongoInfo = &mongo.MongoInfo{
+		Password: args.AdminSecret,
+		Info:     mongo.Info{CACert: caCert},
+	}
+
+	// These really are directly relevant to running a controller.
+	// Initially, generate a controller certificate with no host IP
+	// addresses in the SAN field. Once the controller is up and the
+	// NIC addresses become known, the certificate can be regenerated.
+	cert, key, err := controller.GenerateControllerCertAndKey(caCert, args.CAPrivateKey, nil)
+	if err != nil {
+		return errors.Annotate(err, "cannot generate controller certificate")
+	}
+	icfg.Bootstrap.StateServingInfo = params.StateServingInfo{
+		StatePort:    controllerCfg.StatePort(),
+		APIPort:      controllerCfg.APIPort(),
+		Cert:         string(cert),
+		PrivateKey:   string(key),
+		CAPrivateKey: args.CAPrivateKey,
+	}
+	if _, ok := cfg.AgentVersion(); !ok {
+		return fmt.Errorf("controller model configuration has no agent-version")
+	}
+
+	icfg.Bootstrap.ControllerModelConfig = cfg
+	icfg.Bootstrap.CustomImageMetadata = customImageMetadata
+	icfg.Bootstrap.ControllerCloudName = args.CloudName
+	icfg.Bootstrap.ControllerCloud = args.Cloud
+	icfg.Bootstrap.ControllerCloudRegion = args.CloudRegion
+	icfg.Bootstrap.ControllerCloudCredential = args.CloudCredential
+	icfg.Bootstrap.ControllerCloudCredentialName = args.CloudCredentialName
+	icfg.Bootstrap.ControllerConfig = args.ControllerConfig
+	icfg.Bootstrap.ControllerInheritedConfig = args.ControllerInheritedConfig
+	icfg.Bootstrap.HostedModelConfig = args.HostedModelConfig
+	icfg.Bootstrap.Timeout = args.DialOpts.Timeout
+	icfg.Bootstrap.GUI = guiArchive(args.GUIDataSourceBaseURL, func(msg string) {
+		ctx.Infof(msg)
+	})
+	return nil
+}
+
 func userPublicSigningKey() (string, error) {
 	signingKeyFile := os.Getenv("JUJU_STREAMS_PUBLICKEY_FILE")
 	signingKey := ""
@@ -420,7 +534,7 @@
 	if !isCompatibleVersion(newVersion, jujuversion.Current) {
 		compatibleVersion, compatibleTools := findCompatibleTools(possibleTools, jujuversion.Current)
 		if len(compatibleTools) == 0 {
-			logger.Warningf(
+			logger.Infof(
 				"failed to find %s tools, will attempt to use %s",
 				jujuversion.Current, newVersion,
 			)
@@ -490,13 +604,10 @@
 func validateConstraints(env environs.Environ, cons constraints.Value) error {
 	validator, err := env.ConstraintsValidator()
 	if err != nil {
-		return err
+		return errors.Trace(err)
 	}
 	unsupported, err := validator.Validate(cons)
-	if len(unsupported) > 0 {
-		logger.Warningf("unsupported constraints: %v", unsupported)
-	}
-	return err
+	return errors.Annotatef(err, "unsupported constraints: %v", unsupported)
 }
 
 // guiArchive returns information on the GUI archive that will be uploaded
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/bootstrap_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/bootstrap_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/bootstrap_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/bootstrap_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	"path/filepath"
 	"runtime"
 	"strings"
+	"time"
 
 	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
@@ -21,6 +22,9 @@
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/api"
+	"github.com/juju/juju/cert"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/constraints"
@@ -36,7 +40,8 @@
 	"github.com/juju/juju/environs/sync"
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
+	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/provider/dummy"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/tools"
@@ -59,7 +64,7 @@
 	s.BaseSuite.SetUpTest(c)
 	s.ToolsFixture.SetUpTest(c)
 
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	storageDir := c.MkDir()
 	s.PatchValue(&envtools.DefaultBaseURL, storageDir)
 	stor, err := filestorage.NewFileStorageWriter(storageDir)
@@ -81,38 +86,51 @@
 func (s *bootstrapSuite) TestBootstrapNeedsSettings(c *gc.C) {
 	env := newEnviron("bar", noKeysDefined, nil)
 	s.setDummyStorage(c, env)
-	fixEnv := func(key string, value interface{}) {
-		cfg, err := env.Config().Apply(map[string]interface{}{
-			key: value,
-		})
-		c.Assert(err, jc.ErrorIsNil)
-		env.cfg = cfg
-	}
 
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, gc.ErrorMatches, "model configuration has no admin-secret")
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		CAPrivateKey:     coretesting.CAKey,
+	})
+	c.Assert(err, gc.ErrorMatches, "validating bootstrap parameters: admin-secret is empty")
 
-	fixEnv("admin-secret", "whatever")
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, gc.ErrorMatches, "model configuration has no ca-cert")
+	controllerCfg := coretesting.FakeControllerConfig()
+	delete(controllerCfg, "ca-cert")
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: controllerCfg,
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
+	c.Assert(err, gc.ErrorMatches, "validating bootstrap parameters: controller configuration has no ca-cert")
 
-	fixEnv("ca-cert", coretesting.CACert)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, gc.ErrorMatches, "model configuration has no ca-private-key")
+	controllerCfg = coretesting.FakeControllerConfig()
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: controllerCfg,
+		AdminSecret:      "admin-secret",
+	})
+	c.Assert(err, gc.ErrorMatches, "validating bootstrap parameters: empty ca-private-key")
 
-	fixEnv("ca-private-key", coretesting.CAKey)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: controllerCfg,
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *bootstrapSuite) TestBootstrapEmptyConstraints(c *gc.C) {
 	env := newEnviron("foo", useDefaultKeys, nil)
 	s.setDummyStorage(c, env)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(env.bootstrapCount, gc.Equals, 1)
 	env.args.AvailableTools = nil
-	c.Assert(env.args, gc.DeepEquals, environs.BootstrapParams{})
+	c.Assert(env.args, gc.DeepEquals, environs.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+	})
 }
 
 func (s *bootstrapSuite) TestBootstrapSpecifiedConstraints(c *gc.C) {
@@ -121,6 +139,9 @@
 	bootstrapCons := constraints.MustParse("cpu-cores=3 mem=7G")
 	modelCons := constraints.MustParse("cpu-cores=2 mem=4G")
 	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig:     coretesting.FakeControllerConfig(),
+		AdminSecret:          "admin-secret",
+		CAPrivateKey:         coretesting.CAKey,
 		BootstrapConstraints: bootstrapCons,
 		ModelConstraints:     modelCons,
 	})
@@ -140,7 +161,10 @@
 	env.cfg = cfg
 
 	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
-		BootstrapSeries: "trusty",
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+		BootstrapSeries:  "trusty",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(env.bootstrapCount, gc.Equals, 1)
@@ -152,7 +176,11 @@
 	env := newEnviron("foo", useDefaultKeys, nil)
 	s.setDummyStorage(c, env)
 	placement := "directive"
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{Placement: placement})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+		Placement:        placement})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(env.bootstrapCount, gc.Equals, 1)
 	c.Assert(env.args.Placement, gc.DeepEquals, placement)
@@ -178,6 +206,9 @@
 
 	bootstrapCons := constraints.MustParse("arch=amd64")
 	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig:     coretesting.FakeControllerConfig(),
+		AdminSecret:          "admin-secret",
+		CAPrivateKey:         coretesting.CAKey,
 		BootstrapImage:       "img-id",
 		BootstrapSeries:      "precise",
 		BootstrapConstraints: bootstrapCons,
@@ -194,10 +225,10 @@
 		Endpoint:   "hearnoretheir",
 		Stream:     "released",
 	})
-	c.Assert(env.instanceConfig.CustomImageMetadata, gc.HasLen, 2)
-	c.Assert(env.instanceConfig.CustomImageMetadata[0], jc.DeepEquals, metadata[0])
-	c.Assert(env.instanceConfig.CustomImageMetadata[1], jc.DeepEquals, env.args.ImageMetadata[0])
-	c.Assert(env.instanceConfig.Constraints, jc.DeepEquals, bootstrapCons)
+	c.Assert(env.instanceConfig.Bootstrap.CustomImageMetadata, gc.HasLen, 2)
+	c.Assert(env.instanceConfig.Bootstrap.CustomImageMetadata[0], jc.DeepEquals, metadata[0])
+	c.Assert(env.instanceConfig.Bootstrap.CustomImageMetadata[1], jc.DeepEquals, env.args.ImageMetadata[0])
+	c.Assert(env.instanceConfig.Bootstrap.BootstrapMachineConstraints, jc.DeepEquals, bootstrapCons)
 }
 
 // TestBootstrapImageMetadataFromAllSources tests that we are looking for
@@ -229,6 +260,9 @@
 
 	bootstrapCons := constraints.MustParse("arch=amd64")
 	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig:     coretesting.FakeControllerConfig(),
+		AdminSecret:          "admin-secret",
+		CAPrivateKey:         coretesting.CAKey,
 		BootstrapConstraints: bootstrapCons,
 		MetadataDir:          metadataDir,
 	})
@@ -254,6 +288,9 @@
 	env := newEnviron("foo", useDefaultKeys, map[string]interface{}{
 		"agent-stream": "proposed"})
 	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+		ControllerConfig: coretesting.FakeControllerConfig(),
 		BuildToolsTarball: func(*version.Number, string) (*sync.BuiltTools, error) {
 			return &sync.BuiltTools{Dir: c.MkDir()}, nil
 		},
@@ -275,6 +312,9 @@
 	env := newEnviron("foo", useDefaultKeys, map[string]interface{}{
 		"development": true})
 	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
 		BuildToolsTarball: func(*version.Number, string) (*sync.BuiltTools, error) {
 			return &sync.BuiltTools{Dir: c.MkDir()}, nil
 		},
@@ -363,16 +403,19 @@
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
 	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig:     coretesting.FakeControllerConfig(),
+		AdminSecret:          "admin-secret",
+		CAPrivateKey:         coretesting.CAKey,
 		GUIDataSourceBaseURL: "https://1.2.3.4/gui/sources",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, "Preparing for Juju GUI 2.0.42 release installation\n")
 
 	// The most recent GUI release info has been stored.
-	c.Assert(env.instanceConfig.GUI.URL, gc.Equals, "https://1.2.3.4/juju-gui-2.0.42.tar.bz2")
-	c.Assert(env.instanceConfig.GUI.Version.String(), gc.Equals, "2.0.42")
-	c.Assert(env.instanceConfig.GUI.Size, gc.Equals, int64(42))
-	c.Assert(env.instanceConfig.GUI.SHA256, gc.Equals, "hash-2.0.42")
+	c.Assert(env.instanceConfig.Bootstrap.GUI.URL, gc.Equals, "https://1.2.3.4/juju-gui-2.0.42.tar.bz2")
+	c.Assert(env.instanceConfig.Bootstrap.GUI.Version.String(), gc.Equals, "2.0.42")
+	c.Assert(env.instanceConfig.Bootstrap.GUI.Size, gc.Equals, int64(42))
+	c.Assert(env.instanceConfig.Bootstrap.GUI.SHA256, gc.Equals, "hash-2.0.42")
 }
 
 func (s *bootstrapSuite) TestBootstrapGUISuccessLocal(c *gc.C) {
@@ -380,13 +423,17 @@
 	s.PatchEnvironment("JUJU_GUI", path)
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
-	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, "Preparing for Juju GUI 2.2.0 installation from local archive\n")
 
 	// Check GUI URL and version.
-	c.Assert(env.instanceConfig.GUI.URL, gc.Equals, "file://"+path)
-	c.Assert(env.instanceConfig.GUI.Version.String(), gc.Equals, "2.2.0")
+	c.Assert(env.instanceConfig.Bootstrap.GUI.URL, gc.Equals, "file://"+path)
+	c.Assert(env.instanceConfig.Bootstrap.GUI.Version.String(), gc.Equals, "2.2.0")
 
 	// Check GUI size.
 	f, err := os.Open(path)
@@ -394,22 +441,26 @@
 	defer f.Close()
 	info, err := f.Stat()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.instanceConfig.GUI.Size, gc.Equals, info.Size())
+	c.Assert(env.instanceConfig.Bootstrap.GUI.Size, gc.Equals, info.Size())
 
 	// Check GUI hash.
 	h := sha256.New()
 	_, err = io.Copy(h, f)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.instanceConfig.GUI.SHA256, gc.Equals, fmt.Sprintf("%x", h.Sum(nil)))
+	c.Assert(env.instanceConfig.Bootstrap.GUI.SHA256, gc.Equals, fmt.Sprintf("%x", h.Sum(nil)))
 }
 
 func (s *bootstrapSuite) TestBootstrapGUISuccessNoGUI(c *gc.C) {
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
-	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, "Juju GUI installation has been disabled\n")
-	c.Assert(env.instanceConfig.GUI, gc.IsNil)
+	c.Assert(env.instanceConfig.Bootstrap.GUI, gc.IsNil)
 }
 
 func (s *bootstrapSuite) TestBootstrapGUINoStreams(c *gc.C) {
@@ -419,11 +470,14 @@
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
 	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig:     coretesting.FakeControllerConfig(),
+		AdminSecret:          "admin-secret",
+		CAPrivateKey:         coretesting.CAKey,
 		GUIDataSourceBaseURL: "https://1.2.3.4/gui/sources",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, "No available Juju GUI archives found\n")
-	c.Assert(env.instanceConfig.GUI, gc.IsNil)
+	c.Assert(env.instanceConfig.Bootstrap.GUI, gc.IsNil)
 }
 
 func (s *bootstrapSuite) TestBootstrapGUIStreamsFailure(c *gc.C) {
@@ -433,18 +487,25 @@
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
 	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig:     coretesting.FakeControllerConfig(),
+		AdminSecret:          "admin-secret",
+		CAPrivateKey:         coretesting.CAKey,
 		GUIDataSourceBaseURL: "https://1.2.3.4/gui/sources",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, "Unable to fetch Juju GUI info: bad wolf\n")
-	c.Assert(env.instanceConfig.GUI, gc.IsNil)
+	c.Assert(env.instanceConfig.Bootstrap.GUI, gc.IsNil)
 }
 
 func (s *bootstrapSuite) TestBootstrapGUIErrorNotFound(c *gc.C) {
 	s.PatchEnvironment("JUJU_GUI", "/no/such/file")
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
-	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, `Cannot use Juju GUI at "/no/such/file": cannot open Juju GUI archive:`)
 }
@@ -456,7 +517,11 @@
 	s.PatchEnvironment("JUJU_GUI", path)
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
-	err = bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, fmt.Sprintf("Cannot use Juju GUI at %q: cannot read Juju GUI archive", path))
 }
@@ -466,7 +531,11 @@
 	s.PatchEnvironment("JUJU_GUI", path)
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
-	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, fmt.Sprintf(`Cannot use Juju GUI at %q: cannot parse version "invalid"`, path))
 }
@@ -476,7 +545,11 @@
 	s.PatchEnvironment("JUJU_GUI", path)
 	env := newEnviron("foo", useDefaultKeys, nil)
 	ctx := coretesting.Context(c)
-	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(coretesting.Stderr(ctx), jc.Contains, fmt.Sprintf("Cannot use Juju GUI at %q: cannot find Juju GUI version", path))
 }
@@ -527,7 +600,10 @@
 	env := newEnviron("foo", useDefaultKeys, nil)
 	s.setDummyStorage(c, env)
 	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
-		MetadataDir: metadataDir,
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+		MetadataDir:      metadataDir,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(env.bootstrapCount, gc.Equals, 1)
@@ -546,8 +622,37 @@
 	// Bugs #1542127, #1542131
 	c.Assert(datasources[0].PublicSigningKey(), gc.Equals, "")
 	c.Assert(env.instanceConfig, gc.NotNil)
-	c.Assert(env.instanceConfig.CustomImageMetadata, gc.HasLen, 1)
-	c.Assert(env.instanceConfig.CustomImageMetadata[0], gc.DeepEquals, metadata[0])
+	c.Assert(env.instanceConfig.Bootstrap.CustomImageMetadata, gc.HasLen, 1)
+	c.Assert(env.instanceConfig.Bootstrap.CustomImageMetadata[0], gc.DeepEquals, metadata[0])
+}
+
+func (s *bootstrapSuite) TestBootstrapCloudCredential(c *gc.C) {
+	env := newEnviron("foo", useDefaultKeys, nil)
+	s.setDummyStorage(c, env)
+	credential := cloud.NewCredential(cloud.EmptyAuthType, map[string]string{"what": "ever"})
+	args := bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+			Regions:   []cloud.Region{{Name: "region-name"}},
+		},
+		CloudName:           "cloud-name",
+		CloudRegion:         "region-name",
+		CloudCredentialName: "credential-name",
+		CloudCredential:     &credential,
+	}
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, args)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(env.bootstrapCount, gc.Equals, 1)
+	c.Assert(env.instanceConfig, gc.NotNil)
+	c.Assert(env.instanceConfig.Bootstrap.ControllerCloud, jc.DeepEquals, args.Cloud)
+	c.Assert(env.instanceConfig.Bootstrap.ControllerCloudName, jc.DeepEquals, args.CloudName)
+	c.Assert(env.instanceConfig.Bootstrap.ControllerCloudRegion, jc.DeepEquals, args.CloudRegion)
+	c.Assert(env.instanceConfig.Bootstrap.ControllerCloudCredential, jc.DeepEquals, args.CloudCredential)
+	c.Assert(env.instanceConfig.Bootstrap.ControllerCloudCredentialName, jc.DeepEquals, args.CloudCredentialName)
 }
 
 func (s *bootstrapSuite) TestPublicKeyEnvVar(c *gc.C) {
@@ -556,9 +661,57 @@
 	s.PatchEnvironment("JUJU_STREAMS_PUBLICKEY_FILE", path)
 
 	env := newEnviron("foo", useDefaultKeys, nil)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(env.instanceConfig.Controller.PublicImageSigningKey, gc.Equals, "publickey")
+}
+
+func (s *bootstrapSuite) TestFinishBootstrapConfig(c *gc.C) {
+	path := filepath.Join(c.MkDir(), "key")
+	ioutil.WriteFile(path, []byte("publickey"), 0644)
+	s.PatchEnvironment("JUJU_STREAMS_PUBLICKEY_FILE", path)
+
+	password := "lisboan-pork"
+
+	env := newEnviron("foo", useDefaultKeys, nil)
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      password,
+		CAPrivateKey:     coretesting.CAKey,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	icfg := env.instanceConfig
+
+	c.Check(icfg.APIInfo, jc.DeepEquals, &api.Info{
+		Password: password,
+		CACert:   coretesting.CACert,
+		ModelTag: coretesting.ModelTag,
+	})
+	c.Check(icfg.Controller.MongoInfo, jc.DeepEquals, &mongo.MongoInfo{
+		Password: password, Info: mongo.Info{CACert: coretesting.CACert},
+	})
+	controllerCfg := icfg.Controller.Config
+	c.Check(controllerCfg["ca-private-key"], gc.IsNil)
+	c.Check(icfg.Bootstrap.StateServingInfo.StatePort, gc.Equals, controllerCfg.StatePort())
+	c.Check(icfg.Bootstrap.StateServingInfo.APIPort, gc.Equals, controllerCfg.APIPort())
+	c.Check(icfg.Bootstrap.StateServingInfo.CAPrivateKey, gc.Equals, coretesting.CAKey)
+
+	srvCertPEM := icfg.Bootstrap.StateServingInfo.Cert
+	srvKeyPEM := icfg.Bootstrap.StateServingInfo.PrivateKey
+	_, _, err = cert.ParseCertAndKey(srvCertPEM, srvKeyPEM)
+	c.Check(err, jc.ErrorIsNil)
+
+	// TODO(perrito666) 2016-05-02 lp:1558657
+	err = cert.Verify(srvCertPEM, coretesting.CACert, time.Now())
+	c.Assert(err, jc.ErrorIsNil)
+	err = cert.Verify(srvCertPEM, coretesting.CACert, time.Now().AddDate(9, 0, 0))
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.instanceConfig.PublicImageSigningKey, gc.Equals, "publickey")
+	err = cert.Verify(srvCertPEM, coretesting.CACert, time.Now().AddDate(10, 0, 1))
+	c.Assert(err, gc.NotNil)
 }
 
 func (s *bootstrapSuite) TestBootstrapMetadataImagesMissing(c *gc.C) {
@@ -572,7 +725,10 @@
 	env := newEnviron("foo", useDefaultKeys, nil)
 	s.setDummyStorage(c, env)
 	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
-		MetadataDir: noImagesDir,
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+		MetadataDir:      noImagesDir,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(env.bootstrapCount, gc.Equals, 1)
@@ -614,7 +770,10 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
-		AgentVersion: toolsVersion,
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     coretesting.CAKey,
+		AgentVersion:     toolsVersion,
 	})
 	vers, _ := env.cfg.AgentVersion()
 	return err, env.bootstrapCount, vers
@@ -719,7 +878,7 @@
 func (e *bootstrapEnviron) Bootstrap(ctx environs.BootstrapContext, args environs.BootstrapParams) (*environs.BootstrapResult, error) {
 	e.bootstrapCount++
 	e.args = args
-	finalizer := func(_ environs.BootstrapContext, icfg *instancecfg.InstanceConfig) error {
+	finalizer := func(_ environs.BootstrapContext, icfg *instancecfg.InstanceConfig, _ environs.BootstrapDialOpts) error {
 		e.finalizerCount++
 		e.instanceConfig = icfg
 		return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/config.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/config.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,238 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package bootstrap
+
+import (
+	"crypto/rand"
+	"crypto/tls"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/schema"
+	"github.com/juju/utils"
+
+	"github.com/juju/juju/cert"
+	"github.com/juju/juju/juju/osenv"
+)
+
+const (
+	// AdminSecretKey is the attribute key for the administrator password.
+	AdminSecretKey = "admin-secret"
+
+	// CACertKey is the attribute key for the controller's CA certificate.
+	CACertKey = "ca-cert"
+
+	// CAPrivateKeyKey is the key for the controller's CA certificate private key.
+	CAPrivateKeyKey = "ca-private-key"
+
+	// BootstrapTimeoutKey is the attribute key for the amount of time to wait
+	// for bootstrap to complete.
+	BootstrapTimeoutKey = "bootstrap-timeout"
+
+	// BootstrapRetryDelayKey is the attribute key for the amount of time
+	// in between attempts to connect to a bootstrap machine address.
+	BootstrapRetryDelayKey = "bootstrap-retry-delay"
+
+	// BootstrapAddressesDelayKey is the attribute key for the amount of
+	// time in between refreshing the bootstrap machine addresses.
+	BootstrapAddressesDelayKey = "bootstrap-addresses-delay"
+)
+
+const (
+	// Attribute Defaults
+
+	// DefaultBootstrapSSHTimeout is the amount of time to wait
+	// contacting a controller, in seconds.
+	DefaultBootstrapSSHTimeout = 1200
+
+	// DefaultBootstrapSSHRetryDelay is the amount of time between
+	// attempts to connect to an address, in seconds.
+	DefaultBootstrapSSHRetryDelay = 5
+
+	// DefaultBootstrapSSHAddressesDelay is the amount of time betwee
+	// refreshing the addresses, in seconds. Not too frequent, as we
+	// refresh addresses from the provider each time.
+	DefaultBootstrapSSHAddressesDelay = 10
+)
+
+// BootstrapConfigAttributes are attributes which may be defined by the
+// user at bootstrap time, but should not be present in general controller
+// config.
+var BootstrapConfigAttributes = []string{
+	AdminSecretKey,
+	CACertKey,
+	CAPrivateKeyKey,
+	BootstrapTimeoutKey,
+	BootstrapRetryDelayKey,
+	BootstrapAddressesDelayKey,
+}
+
+// IsBootstrapAttribute reports whether or not the specified
+// attribute name is only relevant during bootstrap.
+func IsBootstrapAttribute(attr string) bool {
+	for _, a := range BootstrapConfigAttributes {
+		if attr == a {
+			return true
+		}
+	}
+	return false
+}
+
+// Config contains bootstrap-specific configuration.
+type Config struct {
+	AdminSecret             string
+	CACert                  string
+	CAPrivateKey            string
+	BootstrapTimeout        time.Duration
+	BootstrapRetryDelay     time.Duration
+	BootstrapAddressesDelay time.Duration
+}
+
+// Validate validates the controller configuration.
+func (c Config) Validate() error {
+	if c.AdminSecret == "" {
+		return errors.NotValidf("empty " + AdminSecretKey)
+	}
+	if _, err := tls.X509KeyPair([]byte(c.CACert), []byte(c.CAPrivateKey)); err != nil {
+		return errors.Annotatef(err, "validating %s and %s", CACertKey, CAPrivateKeyKey)
+	}
+	if c.BootstrapTimeout <= 0 {
+		return errors.NotValidf("%s of %s", BootstrapTimeoutKey, c.BootstrapTimeout)
+	}
+	if c.BootstrapRetryDelay <= 0 {
+		return errors.NotValidf("%s of %s", BootstrapRetryDelayKey, c.BootstrapRetryDelay)
+	}
+	if c.BootstrapAddressesDelay <= 0 {
+		return errors.NotValidf("%s of %s", BootstrapAddressesDelayKey, c.BootstrapAddressesDelay)
+	}
+	return nil
+}
+
+// NewConfig creates a new Config from the supplied attributes.
+// Default values will be used where defaults are available.
+//
+// If ca-cert or ca-private-key are not set, then we will check
+// if ca-cert-path or ca-private-key-path are set, and read the
+// contents. If none of those are set, we will look for files
+// in well-defined locations: $JUJU_DATA/ca-cert.pem, and
+// $JUJU_DATA/ca-private-key.pem. If none of these are set, an
+// error is returned.
+func NewConfig(controllerUUID string, attrs map[string]interface{}) (Config, error) {
+	coerced, err := configChecker.Coerce(attrs, nil)
+	if err != nil {
+		return Config{}, errors.Trace(err)
+	}
+	attrs = coerced.(map[string]interface{})
+	config := Config{
+		BootstrapTimeout:        time.Duration(attrs[BootstrapTimeoutKey].(int)) * time.Second,
+		BootstrapRetryDelay:     time.Duration(attrs[BootstrapRetryDelayKey].(int)) * time.Second,
+		BootstrapAddressesDelay: time.Duration(attrs[BootstrapAddressesDelayKey].(int)) * time.Second,
+	}
+
+	if adminSecret, ok := attrs[AdminSecretKey].(string); ok {
+		config.AdminSecret = adminSecret
+	} else {
+		// Generate a random admin secret.
+		buf := make([]byte, 16)
+		if _, err := io.ReadFull(rand.Reader, buf); err != nil {
+			return Config{}, errors.Annotate(err, "generating random "+AdminSecretKey)
+		}
+		config.AdminSecret = fmt.Sprintf("%x", buf)
+	}
+
+	if caCert, ok := attrs[CACertKey].(string); ok {
+		config.CACert = caCert
+	} else {
+		var userSpecified bool
+		var err error
+		config.CACert, userSpecified, err = readFileAttr(attrs, CACertKey, CACertKey+".pem")
+		if err != nil && (userSpecified || !os.IsNotExist(errors.Cause(err))) {
+			return Config{}, errors.Annotatef(err, "reading %q from file", CACertKey)
+		}
+	}
+
+	if caPrivateKey, ok := attrs[CAPrivateKeyKey].(string); ok {
+		config.CAPrivateKey = caPrivateKey
+	} else {
+		var userSpecified bool
+		var err error
+		config.CAPrivateKey, userSpecified, err = readFileAttr(attrs, CAPrivateKeyKey, CAPrivateKeyKey+".pem")
+		if err != nil && (userSpecified || !os.IsNotExist(errors.Cause(err))) {
+			return Config{}, errors.Annotatef(err, "reading %q from file", CAPrivateKeyKey)
+		}
+	}
+
+	if config.CACert == "" && config.CAPrivateKey == "" {
+		// Generate a new CA certificate and private key.
+		// TODO(perrito666) 2016-05-02 lp:1558657
+		expiry := time.Now().UTC().AddDate(10, 0, 0)
+		uuid, err := utils.NewUUID()
+		if err != nil {
+			return Config{}, errors.Annotate(err, "generating UUID for CA certificate")
+		}
+		caCert, caKey, err := cert.NewCA("juju-ca", uuid.String(), expiry)
+		if err != nil {
+			return Config{}, errors.Trace(err)
+		}
+		config.CACert = caCert
+		config.CAPrivateKey = caKey
+	}
+
+	return config, config.Validate()
+}
+
+// readFileAttr reads the contents of an attribute from a file, if the
+// corresponding "-path" attribute is set, or otherwise from a default
+// path.
+func readFileAttr(attrs map[string]interface{}, key, defaultPath string) (content string, userSpecified bool, _ error) {
+	if !osenv.IsJujuXDGDataHomeSet() {
+		return "", false, errors.Errorf("$JUJU_DATA is not set, cannot read %q", key)
+	}
+	path, ok := attrs[key+"-path"].(string)
+	if ok {
+		userSpecified = true
+	} else {
+		path = defaultPath
+	}
+	absPath, err := utils.NormalizePath(path)
+	if err != nil {
+		return "", userSpecified, errors.Trace(err)
+	}
+	if !filepath.IsAbs(absPath) {
+		absPath = osenv.JujuXDGDataHomePath(absPath)
+	}
+	data, err := ioutil.ReadFile(absPath)
+	if err != nil {
+		return "", userSpecified, errors.Annotatef(err, "%q not set, and could not read from %q", key, path)
+	}
+	if len(data) == 0 {
+		return "", userSpecified, errors.Errorf("file %q is empty", path)
+	}
+	return string(data), userSpecified, nil
+}
+
+var configChecker = schema.FieldMap(schema.Fields{
+	AdminSecretKey:             schema.String(),
+	CACertKey:                  schema.String(),
+	CACertKey + "-path":        schema.String(),
+	CAPrivateKeyKey:            schema.String(),
+	CAPrivateKeyKey + "-path":  schema.String(),
+	BootstrapTimeoutKey:        schema.ForceInt(),
+	BootstrapRetryDelayKey:     schema.ForceInt(),
+	BootstrapAddressesDelayKey: schema.ForceInt(),
+}, schema.Defaults{
+	AdminSecretKey:             schema.Omit,
+	CACertKey:                  schema.Omit,
+	CACertKey + "-path":        schema.Omit,
+	CAPrivateKeyKey:            schema.Omit,
+	CAPrivateKeyKey + "-path":  schema.Omit,
+	BootstrapTimeoutKey:        DefaultBootstrapSSHTimeout,
+	BootstrapRetryDelayKey:     DefaultBootstrapSSHRetryDelay,
+	BootstrapAddressesDelayKey: DefaultBootstrapSSHAddressesDelay,
+})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/config_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,180 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package bootstrap_test
+
+import (
+	"time"
+
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/environs/bootstrap"
+	"github.com/juju/juju/testing"
+)
+
+type ConfigSuite struct {
+	testing.FakeJujuXDGDataHomeSuite
+}
+
+var _ = gc.Suite(&ConfigSuite{})
+
+func (*ConfigSuite) TestDefaultConfig(c *gc.C) {
+	cfg, err := bootstrap.NewConfig(testing.ModelTag.Id(), nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// These three things are generated.
+	c.Assert(cfg.AdminSecret, gc.Not(gc.HasLen), 0)
+	c.Assert(cfg.CACert, gc.Not(gc.HasLen), 0)
+	c.Assert(cfg.CAPrivateKey, gc.Not(gc.HasLen), 0)
+
+	c.Assert(cfg.BootstrapTimeout, gc.Equals, time.Second*1200)
+	c.Assert(cfg.BootstrapRetryDelay, gc.Equals, time.Second*5)
+	c.Assert(cfg.BootstrapAddressesDelay, gc.Equals, time.Second*10)
+}
+
+func (*ConfigSuite) TestConfigValuesSpecified(c *gc.C) {
+	cfg, err := bootstrap.NewConfig(testing.ModelTag.Id(), map[string]interface{}{
+		"admin-secret":              "sekrit",
+		"ca-cert":                   testing.CACert,
+		"ca-private-key":            testing.CAKey,
+		"bootstrap-timeout":         1,
+		"bootstrap-retry-delay":     2,
+		"bootstrap-addresses-delay": 3,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(cfg, jc.DeepEquals, bootstrap.Config{
+		AdminSecret:             "sekrit",
+		CACert:                  testing.CACert,
+		CAPrivateKey:            testing.CAKey,
+		BootstrapTimeout:        time.Second * 1,
+		BootstrapRetryDelay:     time.Second * 2,
+		BootstrapAddressesDelay: time.Second * 3,
+	})
+}
+
+func (s *ConfigSuite) TestDefaultConfigReadsDefaultCACertKeyFiles(c *gc.C) {
+	s.Home.AddFiles(c, []gitjujutesting.TestFile{
+		{".local/share/juju/ca-cert.pem", testing.CACert},
+		{".local/share/juju/ca-private-key.pem", testing.CAKey},
+	}...)
+
+	cfg, err := bootstrap.NewConfig(testing.ModelTag.Id(), nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(cfg.CACert, gc.Equals, testing.CACert)
+	c.Assert(cfg.CAPrivateKey, gc.Equals, testing.CAKey)
+}
+
+func (s *ConfigSuite) TestConfigReadsCACertKeyFilesFromPaths(c *gc.C) {
+	s.Home.AddFiles(c, []gitjujutesting.TestFile{
+		{".local/share/juju/ca-cert-2.pem", testing.OtherCACert},
+		{".local/share/juju/ca-private-key-2.pem", testing.OtherCAKey},
+	}...)
+
+	cfg, err := bootstrap.NewConfig(testing.ModelTag.Id(), map[string]interface{}{
+		"ca-cert-path":        "ca-cert-2.pem",
+		"ca-private-key-path": "ca-private-key-2.pem",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(cfg.CACert, gc.Equals, testing.OtherCACert)
+	c.Assert(cfg.CAPrivateKey, gc.Equals, testing.OtherCAKey)
+}
+
+func (s *ConfigSuite) TestConfigNonExistentPath(c *gc.C) {
+	s.testConfigError(c, map[string]interface{}{
+		"ca-cert-path": "not/there",
+	}, `reading "ca-cert" from file: "ca-cert" not set, and could not read from "not/there": .*`)
+}
+
+func (s *ConfigSuite) TestConfigInvalidCACert(c *gc.C) {
+	s.testConfigError(c, map[string]interface{}{
+		"ca-cert":        invalidCACert,
+		"ca-private-key": testing.CAKey,
+	}, "validating ca-cert and ca-private-key: asn1: syntax error: data truncated")
+}
+
+func (s *ConfigSuite) TestConfigInvalidCAKey(c *gc.C) {
+	s.testConfigError(c, map[string]interface{}{
+		"ca-cert":        testing.CACert,
+		"ca-private-key": invalidCAKey,
+	}, "validating ca-cert and ca-private-key: (crypto/)?tls: failed to parse private key")
+}
+
+func (s *ConfigSuite) TestConfigCACertKeyMismatch(c *gc.C) {
+	s.testConfigError(c, map[string]interface{}{
+		"ca-cert":        testing.CACert,
+		"ca-private-key": testing.OtherCAKey,
+	}, "validating ca-cert and ca-private-key: (crypto/)?tls: private key does not match public key")
+}
+
+func (s *ConfigSuite) TestConfigCACertWithEmptyKey(c *gc.C) {
+	s.testConfigError(c, map[string]interface{}{
+		"ca-cert": testing.CACert,
+	}, "validating ca-cert and ca-private-key: (crypto/)?tls: failed to find any PEM data in key input")
+}
+
+func (s *ConfigSuite) TestConfigEmptyCACertWithKey(c *gc.C) {
+	s.testConfigError(c, map[string]interface{}{
+		"ca-private-key": testing.CAKey,
+	}, "validating ca-cert and ca-private-key: (crypto/)?tls: failed to find any PEM data in certificate input")
+}
+
+func (*ConfigSuite) testConfigError(c *gc.C, attrs map[string]interface{}, expect string) {
+	_, err := bootstrap.NewConfig(testing.ModelTag.Id(), attrs)
+	c.Assert(err, gc.ErrorMatches, expect)
+}
+
+func (*ConfigSuite) TestValidate(c *gc.C) {
+	c.Assert(validConfig().Validate(), jc.ErrorIsNil)
+}
+
+func (*ConfigSuite) TestValidateAdminSecret(c *gc.C) {
+	cfg := validConfig()
+	cfg.AdminSecret = ""
+	c.Assert(cfg.Validate(), gc.ErrorMatches, "empty admin-secret not valid")
+}
+
+func (*ConfigSuite) TestValidateBootstrapTimeout(c *gc.C) {
+	cfg := validConfig()
+	cfg.BootstrapTimeout = 0
+	c.Assert(cfg.Validate(), gc.ErrorMatches, "bootstrap-timeout of 0s? not valid")
+}
+
+func (*ConfigSuite) TestValidateBootstrapRetryDelay(c *gc.C) {
+	cfg := validConfig()
+	cfg.BootstrapRetryDelay = -1 * time.Second
+	c.Assert(cfg.Validate(), gc.ErrorMatches, "bootstrap-retry-delay of -1s not valid")
+}
+
+func (*ConfigSuite) TestValidateBootstrapAddressesDelay(c *gc.C) {
+	cfg := validConfig()
+	cfg.BootstrapAddressesDelay = -2 * time.Minute
+	c.Assert(cfg.Validate(), gc.ErrorMatches, "bootstrap-addresses-delay of -2m0s not valid")
+}
+
+func validConfig() bootstrap.Config {
+	return bootstrap.Config{
+		AdminSecret:             "sekrit",
+		CACert:                  testing.CACert,
+		CAPrivateKey:            testing.CAKey,
+		BootstrapTimeout:        time.Second * 1,
+		BootstrapRetryDelay:     time.Second * 2,
+		BootstrapAddressesDelay: time.Second * 3,
+	}
+}
+
+var invalidCAKey = `
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJAZabKgKInuOxj5vDWLwHHQtK3/45KB+32D15w94Nt83BmuGxo90lw
+-----END RSA PRIVATE KEY-----
+`[1:]
+
+var invalidCACert = `
+-----BEGIN CERTIFICATE-----
+MIIBOgIBAAJAZabKgKInuOxj5vDWLwHHQtK3/45KB+32D15w94Nt83BmuGxo90lw
+-----END CERTIFICATE-----
+`[1:]
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,13 +6,9 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/testing"
 	gc "gopkg.in/check.v1"
 )
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1518820")
-	}
 	gc.TestingT(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/prepare.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/prepare.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/prepare.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/prepare.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,214 @@
+// Copyright 2011-2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package bootstrap
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/jujuclient"
+)
+
+// ControllerModelName is the name of the admin model in each controller.
+const ControllerModelName = "controller"
+
+// PrepareParams contains the parameters for preparing a controller Environ
+// for bootstrapping.
+type PrepareParams struct {
+	// BaseConfig contains the base configuration for the controller model.
+	//
+	// This includes the model name, cloud type, and any user-supplied
+	// configuration. It does not include any default attributes.
+	BaseConfig map[string]interface{}
+
+	// ControllerConfig is the configuration of the controller being prepared.
+	ControllerConfig controller.Config
+
+	// ControllerName is the name of the controller being prepared.
+	ControllerName string
+
+	// CloudName is the name of the cloud that the controller is being
+	// prepared for.
+	CloudName string
+
+	// CloudRegion is the name of the region of the cloud to create
+	// the Juju controller in. This will be empty for clouds without
+	// regions.
+	CloudRegion string
+
+	// CloudEndpoint is the location of the primary API endpoint to
+	// use when communicating with the cloud.
+	CloudEndpoint string
+
+	// CloudStorageEndpoint is the location of the API endpoint to use
+	// when communicating with the cloud's storage service. This will
+	// be empty for clouds that have no cloud-specific API endpoint.
+	CloudStorageEndpoint string
+
+	// Credential is the credential to use to bootstrap.
+	Credential cloud.Credential
+
+	// CredentialName is the name of the credential to use to bootstrap.
+	// This will be empty for auto-detected credentials.
+	CredentialName string
+
+	// AdminSecret contains the password for the admin user.
+	AdminSecret string
+}
+
+// Validate validates the PrepareParams.
+func (p PrepareParams) Validate() error {
+	if err := p.ControllerConfig.Validate(); err != nil {
+		return errors.Annotate(err, "validating controller config")
+	}
+	if p.ControllerName == "" {
+		return errors.NotValidf("empty controller name")
+	}
+	if p.CloudName == "" {
+		return errors.NotValidf("empty cloud name")
+	}
+	if p.AdminSecret == "" {
+		return errors.NotValidf("empty admin-secret")
+	}
+	return nil
+}
+
+// Prepare prepares a new controller based on the provided configuration.
+// It is an error to prepare a controller if there already exists an
+// entry in the client store with the same name.
+//
+// Upon success, Prepare will update the ClientStore with the details of
+// the controller, admin account, and admin model.
+func Prepare(
+	ctx environs.BootstrapContext,
+	store jujuclient.ClientStore,
+	args PrepareParams,
+) (environs.Environ, error) {
+
+	if err := args.Validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	_, err := store.ControllerByName(args.ControllerName)
+	if err == nil {
+		return nil, errors.AlreadyExistsf("controller %q", args.ControllerName)
+	} else if !errors.IsNotFound(err) {
+		return nil, errors.Annotatef(err, "error reading controller %q info", args.ControllerName)
+	}
+
+	cloudType, ok := args.BaseConfig["type"].(string)
+	if !ok {
+		return nil, errors.NotFoundf("cloud type in base configuration")
+	}
+
+	p, err := environs.Provider(cloudType)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	env, details, err := prepare(ctx, p, args)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	if err := decorateAndWriteInfo(
+		store, details, args.ControllerName, env.Config().Name(),
+	); err != nil {
+		return nil, errors.Annotatef(err, "cannot create controller %q info", args.ControllerName)
+	}
+	return env, nil
+}
+
+// decorateAndWriteInfo decorates the info struct with information
+// from the given cfg, and the writes that out to the filesystem.
+func decorateAndWriteInfo(
+	store jujuclient.ClientStore,
+	details prepareDetails,
+	controllerName, modelName string,
+) error {
+	if err := store.UpdateController(controllerName, details.ControllerDetails); err != nil {
+		return errors.Trace(err)
+	}
+	if err := store.UpdateBootstrapConfig(controllerName, details.BootstrapConfig); err != nil {
+		return errors.Trace(err)
+	}
+	if err := store.UpdateAccount(controllerName, details.AccountDetails); err != nil {
+		return errors.Trace(err)
+	}
+	if err := store.UpdateModel(controllerName, modelName, details.ModelDetails); err != nil {
+		return errors.Trace(err)
+	}
+	if err := store.SetCurrentModel(controllerName, modelName); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+func prepare(
+	ctx environs.BootstrapContext,
+	p environs.EnvironProvider,
+	args PrepareParams,
+) (environs.Environ, prepareDetails, error) {
+	var details prepareDetails
+
+	cfg, err := config.New(config.UseDefaults, args.BaseConfig)
+	if err != nil {
+		return nil, details, errors.Trace(err)
+	}
+
+	cfg, err = p.BootstrapConfig(environs.BootstrapConfigParams{
+		args.ControllerConfig.ControllerUUID(), cfg, args.Credential, args.CloudRegion,
+		args.CloudEndpoint, args.CloudStorageEndpoint,
+	})
+	if err != nil {
+		return nil, details, errors.Trace(err)
+	}
+	env, err := p.PrepareForBootstrap(ctx, cfg)
+	if err != nil {
+		return nil, details, errors.Trace(err)
+	}
+
+	// We store the base configuration only; we don't want the
+	// default attributes, generated secrets/certificates, or
+	// UUIDs stored in the bootstrap config. Make a copy, so
+	// we don't disturb the caller's config map.
+	details.Config = make(map[string]interface{})
+	for k, v := range args.BaseConfig {
+		details.Config[k] = v
+	}
+	delete(details.Config, config.UUIDKey)
+
+	// TODO(axw) change signature of CACert() to not return a bool.
+	// It's no longer possible to have a controller config without
+	// a CA certificate.
+	caCert, ok := args.ControllerConfig.CACert()
+	if !ok {
+		return nil, details, errors.New("controller config is missing CA certificate")
+	}
+
+	details.CACert = caCert
+	details.ControllerUUID = args.ControllerConfig.ControllerUUID()
+	details.User = environs.AdminUser
+	details.Password = args.AdminSecret
+	details.ModelUUID = cfg.UUID()
+	details.ControllerDetails.Cloud = args.CloudName
+	details.ControllerDetails.CloudRegion = args.CloudRegion
+	details.BootstrapConfig.Cloud = args.CloudName
+	details.BootstrapConfig.CloudRegion = args.CloudRegion
+	details.CloudEndpoint = args.CloudEndpoint
+	details.CloudStorageEndpoint = args.CloudStorageEndpoint
+	details.Credential = args.CredentialName
+
+	return env, details, nil
+}
+
+type prepareDetails struct {
+	jujuclient.ControllerDetails
+	jujuclient.BootstrapConfig
+	jujuclient.AccountDetails
+	jujuclient.ModelDetails
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/prepare_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/prepare_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap/prepare_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap/prepare_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,81 @@
+// Copyright 2012, 2013, 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package bootstrap_test
+
+import (
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/environs/bootstrap"
+	"github.com/juju/juju/environs/config"
+	sstesting "github.com/juju/juju/environs/simplestreams/testing"
+	envtesting "github.com/juju/juju/environs/testing"
+	"github.com/juju/juju/juju/keys"
+	"github.com/juju/juju/jujuclient/jujuclienttesting"
+	"github.com/juju/juju/provider/dummy"
+	"github.com/juju/juju/testing"
+)
+
+type PrepareSuite struct {
+	testing.FakeJujuXDGDataHomeSuite
+	envtesting.ToolsFixture
+}
+
+var _ = gc.Suite(&PrepareSuite{})
+
+func (s *PrepareSuite) SetUpTest(c *gc.C) {
+	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
+	s.ToolsFixture.SetUpTest(c)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+}
+
+func (s *PrepareSuite) TearDownTest(c *gc.C) {
+	dummy.Reset(c)
+	s.ToolsFixture.TearDownTest(c)
+	s.FakeJujuXDGDataHomeSuite.TearDownTest(c)
+}
+
+func (*PrepareSuite) TestPrepare(c *gc.C) {
+	baselineAttrs := dummy.SampleConfig().Merge(testing.Attrs{
+		"controller": false,
+		"name":       "erewhemos",
+	}).Delete(
+		"admin-secret",
+	)
+	cfg, err := config.New(config.NoDefaults, baselineAttrs)
+	c.Assert(err, jc.ErrorIsNil)
+	controllerStore := jujuclienttesting.NewMemStore()
+	ctx := envtesting.BootstrapContext(c)
+	controllerCfg := controller.Config{
+		controller.ControllerUUIDKey: testing.ModelTag.Id(),
+		controller.CACertKey:         testing.CACert,
+	}
+	_, err = bootstrap.Prepare(ctx, controllerStore, bootstrap.PrepareParams{
+		ControllerConfig: controllerCfg,
+		ControllerName:   cfg.Name(),
+		BaseConfig:       cfg.AllAttrs(),
+		CloudName:        "dummy",
+		AdminSecret:      "admin-secret",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check that controller was cached
+	foundController, err := controllerStore.ControllerByName(cfg.Name())
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(foundController.ControllerUUID, gc.DeepEquals, cfg.UUID())
+	c.Assert(foundController.Cloud, gc.Equals, "dummy")
+
+	// Check we cannot call Prepare again.
+	_, err = bootstrap.Prepare(ctx, controllerStore, bootstrap.PrepareParams{
+		ControllerConfig: controllerCfg,
+		ControllerName:   cfg.Name(),
+		BaseConfig:       cfg.AllAttrs(),
+		CloudName:        "dummy",
+		AdminSecret:      "admin-secret",
+	})
+	c.Assert(err, jc.Satisfies, errors.IsAlreadyExists)
+	c.Assert(err, gc.ErrorMatches, `controller "erewhemos" already exists`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/bootstrap.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/bootstrap.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,15 +6,21 @@
 import (
 	"io"
 	"os"
+	"time"
 
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/tools"
 )
 
 // BootstrapParams holds the parameters for bootstrapping an environment.
 type BootstrapParams struct {
+	// ControllerConfig contains the configuration attributes for the
+	// bootstrapped controller.
+	ControllerConfig controller.Config
+
 	// ModelConstraints are merged with the bootstrap constraints
 	// to choose the initial instance, and will be stored in the new
 	// environment's state.
@@ -50,7 +56,24 @@
 
 // BootstrapFinalizer is a function returned from Environ.Bootstrap.
 // The caller must pass a InstanceConfig with the Tools field set.
-type BootstrapFinalizer func(BootstrapContext, *instancecfg.InstanceConfig) error
+type BootstrapFinalizer func(BootstrapContext, *instancecfg.InstanceConfig, BootstrapDialOpts) error
+
+// BootstrapDialOpts contains the options for the synchronous part of the
+// bootstrap procedure, where the CLI connects to the bootstrap machine
+// to complete the process.
+type BootstrapDialOpts struct {
+	// Timeout is the amount of time to wait contacting a state
+	// server.
+	Timeout time.Duration
+
+	// RetryDelay is the amount of time between attempts to connect to
+	// an address.
+	RetryDelay time.Duration
+
+	// AddressesDelay is the amount of time between refreshing the
+	// addresses.
+	AddressesDelay time.Duration
+}
 
 // BootstrapResult holds the data returned by calls to Environ.Bootstrap.
 type BootstrapResult struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/broker.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/broker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/broker.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,6 +18,9 @@
 // StartInstanceParams holds parameters for the
 // InstanceBroker.StartInstance method.
 type StartInstanceParams struct {
+	// ControllerUUID is the uuid of the controller.
+	ControllerUUID string
+
 	// Constraints is a set of constraints on
 	// the kind of instance to create.
 	Constraints constraints.Value
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/authkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/authkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/authkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/authkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,94 +3,11 @@
 
 package config
 
-import (
-	"bytes"
-	"crypto/tls"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-
-	"github.com/juju/errors"
-	"github.com/juju/utils"
-	"github.com/juju/utils/ssh"
-
-	"github.com/juju/juju/cert"
-)
-
 const (
-	// AuthKeysConfig is the configuration key for authorised keys.
-	AuthKeysConfig = "authorized-keys"
 	// JujuSystemKey is the SSH key comment for Juju system keys.
 	JujuSystemKey = "juju-system-key"
 )
 
-var ErrNoAuthorizedKeys = errors.New("no public ssh keys found")
-
-// ReadAuthorizedKeys implements the standard juju behaviour for finding
-// authorized_keys. It returns a set of keys in in authorized_keys format
-// (see sshd(8) for a description).  If path is non-empty, it names the
-// file to use; otherwise the user's .ssh directory will be searched.
-// Home directory expansion will be performed on the path if it starts with
-// a ~; if the expanded path is relative, it will be interpreted relative
-// to $HOME/.ssh.
-//
-// The result of utils/ssh.PublicKeyFiles will always be prepended to the
-// result. In practice, this means ReadAuthorizedKeys never returns an
-// error when the call originates in the CLI.
-//
-// If no SSH keys are found, ReadAuthorizedKeys returns
-// ErrNoAuthorizedKeys.
-func ReadAuthorizedKeys(path string) (string, error) {
-	files := ssh.PublicKeyFiles()
-	if path == "" {
-		files = append(files, "id_dsa.pub", "id_rsa.pub", "identity.pub")
-	} else {
-		files = append(files, path)
-	}
-	var firstError error
-	var keyData []byte
-	for _, f := range files {
-		f, err := utils.NormalizePath(f)
-		if err != nil {
-			if firstError == nil {
-				firstError = err
-			}
-			continue
-		}
-		if !filepath.IsAbs(f) {
-			f = filepath.Join(utils.Home(), ".ssh", f)
-		}
-		data, err := ioutil.ReadFile(f)
-		if err != nil {
-			if firstError == nil && !os.IsNotExist(err) {
-				firstError = err
-			}
-			continue
-		}
-		keyData = append(keyData, bytes.Trim(data, "\n")...)
-		keyData = append(keyData, '\n')
-	}
-	if len(keyData) == 0 {
-		if firstError == nil {
-			firstError = ErrNoAuthorizedKeys
-		}
-		return "", firstError
-	}
-	return string(keyData), nil
-}
-
-// verifyKeyPair verifies that the certificate and key parse correctly.
-// The key is optional - if it is provided, we also check that the key
-// matches the certificate.
-func verifyKeyPair(certb, key string) error {
-	if key != "" {
-		_, err := tls.X509KeyPair([]byte(certb), []byte(key))
-		return err
-	}
-	_, err := cert.ParseCert(certb)
-	return err
-}
-
 // ConcatAuthKeys concatenates the two sets of authorised keys, interposing
 // a newline if necessary, because authorised keys are newline-separated.
 func ConcatAuthKeys(a, b string) string {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/authkeys_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/authkeys_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/authkeys_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/authkeys_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,93 +4,18 @@
 package config_test
 
 import (
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strings"
-
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	"github.com/juju/utils/ssh"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/testing"
+	"github.com/juju/testing"
 )
 
 type AuthKeysSuite struct {
-	testing.BaseSuite
-	dotssh string // ~/.ssh
+	testing.IsolationSuite
 }
 
 var _ = gc.Suite(&AuthKeysSuite{})
 
-func (s *AuthKeysSuite) SetUpTest(c *gc.C) {
-	s.BaseSuite.SetUpTest(c)
-	old := utils.Home()
-	newhome := c.MkDir()
-	err := utils.SetHome(newhome)
-	c.Assert(err, jc.ErrorIsNil)
-	s.AddCleanup(func(*gc.C) {
-		ssh.ClearClientKeys()
-		err := utils.SetHome(old)
-		c.Assert(err, jc.ErrorIsNil)
-	})
-
-	s.dotssh = filepath.Join(newhome, ".ssh")
-	err = os.Mkdir(s.dotssh, 0755)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *AuthKeysSuite) TestReadAuthorizedKeysErrors(c *gc.C) {
-	_, err := config.ReadAuthorizedKeys("")
-	c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
-	c.Assert(err, gc.Equals, config.ErrNoAuthorizedKeys)
-	_, err = config.ReadAuthorizedKeys(filepath.Join(s.dotssh, "notthere.pub"))
-	c.Assert(err, gc.ErrorMatches, "no public ssh keys found")
-	c.Assert(err, gc.Equals, config.ErrNoAuthorizedKeys)
-}
-
-func writeFile(c *gc.C, filename string, contents string) {
-	err := ioutil.WriteFile(filename, []byte(contents), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *AuthKeysSuite) TestReadAuthorizedKeys(c *gc.C) {
-	writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
-	writeFile(c, filepath.Join(s.dotssh, "identity.pub"), "identity")
-	writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
-	keys, err := config.ReadAuthorizedKeys("")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(keys, gc.Equals, "id_rsa\nidentity\n")
-	keys, err = config.ReadAuthorizedKeys("test.pub") // relative to ~/.ssh
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(keys, gc.Equals, "test\n")
-}
-
-func (s *AuthKeysSuite) TestReadAuthorizedKeysClientKeys(c *gc.C) {
-	keydir := filepath.Join(s.dotssh, "juju")
-	err := ssh.LoadClientKeys(keydir) // auto-generates a key pair
-	c.Assert(err, jc.ErrorIsNil)
-	pubkeyFiles := ssh.PublicKeyFiles()
-	c.Assert(pubkeyFiles, gc.HasLen, 1)
-	data, err := ioutil.ReadFile(pubkeyFiles[0])
-	c.Assert(err, jc.ErrorIsNil)
-	prefix := strings.Trim(string(data), "\n") + "\n"
-
-	writeFile(c, filepath.Join(s.dotssh, "id_rsa.pub"), "id_rsa")
-	writeFile(c, filepath.Join(s.dotssh, "test.pub"), "test")
-	keys, err := config.ReadAuthorizedKeys("")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(keys, gc.Equals, prefix+"id_rsa\n")
-	keys, err = config.ReadAuthorizedKeys("test.pub")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(keys, gc.Equals, prefix+"test\n")
-	keys, err = config.ReadAuthorizedKeys("notthere.pub")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(keys, gc.Equals, prefix)
-}
-
 func (s *AuthKeysSuite) TestConcatAuthKeys(c *gc.C) {
 	for _, test := range []struct{ a, b, result string }{
 		{"a", "", "a"},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/config.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,12 +5,8 @@
 
 import (
 	"fmt"
-	"io/ioutil"
-	"net/url"
 	"os"
-	"path/filepath"
 	"strings"
-	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
@@ -21,11 +17,12 @@
 	"github.com/juju/version"
 	"gopkg.in/juju/charmrepo.v2-unstable"
 	"gopkg.in/juju/environschema.v1"
-	"gopkg.in/macaroon-bakery.v1/bakery"
+	"gopkg.in/juju/names.v2"
 
-	"github.com/juju/juju/cert"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/juju/osenv"
+	"github.com/juju/juju/logfwd/syslog"
 )
 
 var logger = loggo.GetLogger("juju.environs.config")
@@ -44,50 +41,6 @@
 	// useful for clouds without support for either global or per
 	// instance security groups.
 	FwNone = "none"
-
-	// DefaultStatePort is the default port the controller is listening on.
-	DefaultStatePort int = 37017
-
-	// DefaultApiPort is the default port the API server is listening on.
-	DefaultAPIPort int = 17070
-
-	// DefaultBootstrapSSHTimeout is the amount of time to wait
-	// contacting a controller, in seconds.
-	DefaultBootstrapSSHTimeout int = 600
-
-	// DefaultBootstrapSSHRetryDelay is the amount of time between
-	// attempts to connect to an address, in seconds.
-	DefaultBootstrapSSHRetryDelay int = 5
-
-	// DefaultBootstrapSSHAddressesDelay is the amount of time between
-	// refreshing the addresses, in seconds. Not too frequent, as we
-	// refresh addresses from the provider each time.
-	DefaultBootstrapSSHAddressesDelay int = 10
-
-	// DefaultNumaControlPolicy should not be used by default.
-	// Only use numactl if user specifically requests it
-	DefaultNumaControlPolicy = false
-
-	// DefaultPreventDestroyEnvironment should not be used by default.
-	// Only prevent destroy-model from running
-	// if user specifically requests it. Otherwise, let it run.
-	DefaultPreventDestroyEnvironment = false
-
-	// DefaultPreventRemoveObject should not be used by default.
-	// Only prevent remove-object from running
-	// if user specifically requests it. Otherwise, let it run.
-	// Object here is a juju artifact - machine, service, unit or relation.
-	DefaultPreventRemoveObject = false
-
-	// DefaultPreventAllChanges should not be used by default.
-	// Only prevent all-changes from running
-	// if user specifically requests it. Otherwise, let them run.
-	DefaultPreventAllChanges = false
-
-	// DefaultLXCDefaultMTU is the default value for "lxc-default-mtu"
-	// config setting. Only non-zero, positive integer values will
-	// have effect.
-	DefaultLXCDefaultMTU = 0
 )
 
 // TODO(katco-): Please grow this over time.
@@ -107,14 +60,11 @@
 	// AgentVersionKey is the key for the model's Juju agent version.
 	AgentVersionKey = "agent-version"
 
-	// CACertKey is the key for the controller's CA certificate attribute.
-	CACertKey = "ca-cert"
-
 	// UUIDKey is the key for the model UUID attribute.
 	UUIDKey = "uuid"
 
-	// ControllerUUIDKey is the key for the controller UUID attribute.
-	ControllerUUIDKey = "controller-uuid"
+	// AuthorizedKeysKey is the key for the authorized-keys attribute.
+	AuthorizedKeysKey = "authorized-keys"
 
 	// ProvisionerHarvestModeKey stores the key for this setting.
 	ProvisionerHarvestModeKey = "provisioner-harvest-mode"
@@ -146,25 +96,6 @@
 	// NoProxyKey stores the key for this setting.
 	NoProxyKey = "no-proxy"
 
-	// LxcClone stores the value for this setting.
-	LxcClone = "lxc-clone"
-
-	// NumaControlPolicyKey stores the value for this setting
-	SetNumaControlPolicyKey = "set-numa-control-policy"
-
-	// BlockKeyPrefix is the prefix used for environment variables that block commands
-	// TODO(anastasiamac 2015-02-27) remove it and all related post 1.24 as obsolete
-	BlockKeyPrefix = "block-"
-
-	// PreventDestroyEnvironmentKey stores the value for this setting
-	PreventDestroyEnvironmentKey = BlockKeyPrefix + "destroy-model"
-
-	// PreventRemoveObjectKey stores the value for this setting
-	PreventRemoveObjectKey = BlockKeyPrefix + "remove-object"
-
-	// PreventAllChangesKey stores the value for this setting
-	PreventAllChangesKey = BlockKeyPrefix + "all-changes"
-
 	// The default block storage source.
 	StorageDefaultBlockSourceKey = "storage-default-block-source"
 
@@ -172,26 +103,28 @@
 	// of k=v pairs, defining the tags for ResourceTags.
 	ResourceTagsKey = "resource-tags"
 
-	// For LXC containers, is the container allowed to mount block
-	// devices. A theoretical security issue, so must be explicitly
-	// allowed by the user.
-	AllowLXCLoopMounts = "allow-lxc-loop-mounts"
-
-	// LXCDefaultMTU, when set to a positive integer, overrides the
-	// Machine Transmission Unit (MTU) setting of all network
-	// interfaces created for LXC containers. See also bug #1442257.
-	LXCDefaultMTU = "lxc-default-mtu"
-
 	// CloudImageBaseURL allows a user to override the default url that the
 	// 'ubuntu-cloudimg-query' executable uses to find container images. This
 	// is primarily for enabling Juju to work cleanly in a closed network.
 	CloudImageBaseURL = "cloudimg-base-url"
 
-	// IdentityURL sets the url of the identity manager.
-	IdentityURL = "identity-url"
+	// LogForwardEnabled determines whether the log forward functionality is enabled.
+	LogForwardEnabled = "logforward-enabled"
+
+	// LogFwdSyslogHost sets the hostname:port of the syslog server.
+	LogFwdSyslogHost = "syslog-host"
 
-	// IdentityPublicKey sets the public key of the identity manager.
-	IdentityPublicKey = "identity-public-key"
+	// LogFwdSyslogCACert sets the certificate of the CA that signed the syslog
+	// server certificate.
+	LogFwdSyslogCACert = "syslog-ca-cert"
+
+	// LogFwdSyslogClientCert sets the client certificate for syslog
+	// forwarding.
+	LogFwdSyslogClientCert = "syslog-client-cert"
+
+	// LogFwdSyslogClientKey sets the client key for syslog
+	// forwarding.
+	LogFwdSyslogClientKey = "syslog-client-key"
 
 	// AutomaticallyRetryHooks determines whether the uniter will
 	// automatically retry a hook that has failed
@@ -201,22 +134,6 @@
 	// Deprecated Settings Attributes
 	//
 
-	// Deprecated by provisioner-harvest-mode
-	// ProvisionerSafeModeKey stores the key for this setting.
-	ProvisionerSafeModeKey = "provisioner-safe-mode"
-
-	// Deprecated by agent-stream
-	// ToolsStreamKey stores the key for this setting.
-	ToolsStreamKey = "tools-stream"
-
-	// Deprecated by agent-metadata-url
-	// ToolsMetadataURLKey stores the key for this setting.
-	ToolsMetadataURLKey = "tools-metadata-url"
-
-	// Deprecated by use-clone
-	// LxcUseClone stores the key for this setting.
-	LxcUseClone = "lxc-use-clone"
-
 	// IgnoreMachineAddresses, when true, will cause the
 	// machine worker not to discover any machine addresses
 	// on start up.
@@ -264,16 +181,6 @@
 	HarvestDestroyed: "destroyed",
 }
 
-// proxyAttrs contains attribute names that could contain loopback URLs, pointing to localhost
-var ProxyAttributes = []string{
-	HttpProxyKey,
-	HttpsProxyKey,
-	FtpProxyKey,
-	AptHttpProxyKey,
-	AptHttpsProxyKey,
-	AptFtpProxyKey,
-}
-
 // String returns the description of the harvesting mode.
 func (method HarvestMode) String() string {
 	if description, ok := harvestingMethodToFlag[method]; ok {
@@ -334,23 +241,14 @@
 // environment providers are verified.  If useDefaults is UseDefaults,
 // default values will be taken from the environment.
 //
-// Specifically, the "authorized-keys-path" key
-// is translated into "authorized-keys" by loading the content from
-// respective file.  Similarly, "ca-cert-path" and "ca-private-key-path"
-// are translated into the "ca-cert" and "ca-private-key" values.  If
-// not specified, authorized SSH keys and CA details will be read from:
+// "ca-cert-path" and "ca-private-key-path" are translated into the
+// "ca-cert" and "ca-private-key" values.  If not specified, CA details
+// will be read from:
 //
-//     ~/.ssh/id_dsa.pub
-//     ~/.ssh/id_rsa.pub
-//     ~/.ssh/identity.pub
 //     ~/.local/share/juju/<name>-cert.pem
 //     ~/.local/share/juju/<name>-private-key.pem
 //
 // if $XDG_DATA_HOME is defined it will be used instead of ~/.local/share
-//
-// The required keys (after any files have been read) are "name",
-// "type" and "authorized-keys", all of type string.  Additional keys
-// recognised are "agent-version" (string) and "development" (bool).
 func New(withDefaults Defaulting, attrs map[string]interface{}) (*Config, error) {
 	checker := noDefaultsChecker
 	if withDefaults {
@@ -364,11 +262,6 @@
 		defined: defined.(map[string]interface{}),
 		unknown: make(map[string]interface{}),
 	}
-	if withDefaults {
-		if err := c.fillInDefaults(); err != nil {
-			return nil, err
-		}
-	}
 	if err := c.ensureUnitLogging(); err != nil {
 		return nil, err
 	}
@@ -408,47 +301,6 @@
 	return nil
 }
 
-func (c *Config) fillInDefaults() error {
-	// For backward compatibility purposes, we treat as unset string
-	// valued attributes that are set to the empty string, and fill
-	// out their defaults accordingly.
-	c.fillInStringDefault("firewall-mode")
-
-	// Load authorized-keys-path into authorized-keys if necessary.
-	path := c.asString("authorized-keys-path")
-	keys := c.asString("authorized-keys")
-	if path != "" || keys == "" {
-		var err error
-		c.defined["authorized-keys"], err = ReadAuthorizedKeys(path)
-		if err != nil {
-			return err
-		}
-	}
-	delete(c.defined, "authorized-keys-path")
-
-	// Don't use c.Name() because the name hasn't
-	// been verified yet.
-	name := c.asString(NameKey)
-	if name == "" {
-		return fmt.Errorf("empty name in model configuration")
-	}
-	err := maybeReadAttrFromFile(c.defined, CACertKey, name+"-cert.pem")
-	if err != nil {
-		return err
-	}
-	err = maybeReadAttrFromFile(c.defined, "ca-private-key", name+"-private-key.pem")
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-func (c *Config) fillInStringDefault(attr string) {
-	if c.asString(attr) == "" {
-		c.defined[attr] = defaults[attr]
-	}
-}
-
 // ProcessDeprecatedAttributes gathers any deprecated attributes in attrs and adds or replaces
 // them with new name value pairs for the replacement attrs.
 // Ths ensures that older versions of Juju which require that deprecated
@@ -458,65 +310,7 @@
 	for k, v := range attrs {
 		processedAttrs[k] = v
 	}
-	// The tools url has changed so ensure that both old and new values are in the config so that
-	// upgrades work. "agent-metadata-url" is the old attribute name.
-	if oldToolsURL, ok := attrs[ToolsMetadataURLKey]; ok && oldToolsURL.(string) != "" {
-		if newTools, ok := attrs[AgentMetadataURLKey]; !ok || newTools.(string) == "" {
-			// Ensure the new attribute name "agent-metadata-url" is set.
-			processedAttrs[AgentMetadataURLKey] = oldToolsURL
-		}
-		// Even if the user has edited their environment yaml to remove the deprecated tools-metadata-url value,
-		// we still want it in the config for upgrades.
-		processedAttrs[ToolsMetadataURLKey] = processedAttrs[AgentMetadataURLKey]
-	}
-
-	// Copy across lxc-use-clone to lxc-clone.
-	if lxcUseClone, ok := attrs[LxcUseClone]; ok {
-		_, newValSpecified := attrs[LxcClone]
-		// Ensure the new attribute name "lxc-clone" is set.
-		if !newValSpecified {
-			processedAttrs[LxcClone] = lxcUseClone
-		}
-	}
-
-	// Update the provider type from null to manual.
-	if attrs[TypeKey] == "null" {
-		processedAttrs[TypeKey] = "manual"
-	}
-
-	if _, ok := attrs[ProvisionerHarvestModeKey]; !ok {
-		if safeMode, ok := attrs[ProvisionerSafeModeKey].(bool); ok {
-
-			var harvestModeDescr string
-			if safeMode {
-				harvestModeDescr = HarvestDestroyed.String()
-			} else {
-				harvestModeDescr = HarvestAll.String()
-			}
-
-			processedAttrs[ProvisionerHarvestModeKey] = harvestModeDescr
-
-			logger.Infof(
-				`Based on your "%s" setting, configuring "%s" to "%s".`,
-				ProvisionerSafeModeKey,
-				ProvisionerHarvestModeKey,
-				harvestModeDescr,
-			)
-		}
-	}
-
-	// Update agent-stream from tools-stream if agent-stream was not specified but tools-stream was.
-	if _, ok := attrs[AgentStreamKey]; !ok {
-		if toolsKey, ok := attrs[ToolsStreamKey]; ok {
-			processedAttrs[AgentStreamKey] = toolsKey
-			logger.Infof(
-				`Based on your "%s" setting, configuring "%s" to "%s".`,
-				ToolsStreamKey,
-				AgentStreamKey,
-				toolsKey,
-			)
-		}
-	}
+	// No deprecated attributes at the moment.
 	return processedAttrs
 }
 
@@ -543,19 +337,6 @@
 // it holds the previous environment configuration for consideration when
 // validating changes.
 func Validate(cfg, old *Config) error {
-	// Check that we don't have any disallowed fields.
-	for _, attr := range allowedWithDefaultsOnly {
-		if _, ok := cfg.defined[attr]; ok {
-			return fmt.Errorf("attribute %q is not allowed in configuration", attr)
-		}
-	}
-	// Check that mandatory fields are specified.
-	for _, attr := range mandatoryWithoutDefaults {
-		if _, ok := cfg.defined[attr]; !ok {
-			return fmt.Errorf("%s missing from model configuration", attr)
-		}
-	}
-
 	// Check that all other fields that have been specified are non-empty,
 	// unless they're allowed to be empty for backward compatibility,
 	for attr, val := range cfg.defined {
@@ -567,8 +348,12 @@
 		}
 	}
 
-	if strings.ContainsAny(cfg.mustString(NameKey), "/\\") {
-		return fmt.Errorf("model name contains unsafe characters")
+	modelName := cfg.asString(NameKey)
+	if modelName == "" {
+		return fmt.Errorf("empty name in model configuration")
+	}
+	if !names.IsValidModelName(modelName) {
+		return fmt.Errorf("%q is not a valid name: model names may only contain lowercase letters, digits and hyphens", modelName)
 	}
 
 	// Check that the agent version parses ok if set explicitly; otherwise leave
@@ -586,29 +371,9 @@
 		}
 	}
 
-	if v, ok := cfg.defined[IdentityURL].(string); ok {
-		u, err := url.Parse(v)
-		if err != nil {
-			return fmt.Errorf("invalid identity URL: %v", err)
-		}
-		if u.Scheme != "https" {
-			return fmt.Errorf("URL needs to be https")
-		}
-
-	}
-
-	if v, ok := cfg.defined[IdentityPublicKey].(string); ok {
-		var key bakery.PublicKey
-		if err := key.UnmarshalText([]byte(v)); err != nil {
-			return fmt.Errorf("invalid identity public key: %v", err)
-		}
-	}
-
-	caCert, caCertOK := cfg.CACert()
-	caKey, caKeyOK := cfg.CAPrivateKey()
-	if caCertOK || caKeyOK {
-		if err := verifyKeyPair(caCert, caKey); err != nil {
-			return errors.Annotate(err, "bad CA certificate/key in configuration")
+	if lfCfg, ok := cfg.LogFwdSyslog(); ok {
+		if err := lfCfg.Validate(); err != nil {
+			return errors.Annotate(err, "invalid syslog forwarding config")
 		}
 	}
 
@@ -616,10 +381,6 @@
 		return errors.Errorf("uuid: expected UUID, got string(%q)", uuid)
 	}
 
-	if uuid := cfg.ControllerUUID(); !utils.IsValidUUIDString(uuid) {
-		return errors.Errorf("controller-uuid: expected UUID, got string(%q)", uuid)
-	}
-
 	// Ensure the resource tags have the expected k=v format.
 	if _, err := cfg.resourceTags(); err != nil {
 		return errors.Annotate(err, "validating resource tags")
@@ -639,11 +400,6 @@
 		}
 	}
 
-	// Check LXCDefaultMTU is a positive integer, when set.
-	if lxcDefaultMTU, ok := cfg.LXCDefaultMTU(); ok && lxcDefaultMTU < 0 {
-		return errors.Errorf("%s: expected positive integer, got %v", LXCDefaultMTU, lxcDefaultMTU)
-	}
-
 	cfg.defined = ProcessDeprecatedAttributes(cfg.defined)
 	return nil
 }
@@ -669,53 +425,6 @@
 	panic(fmt.Errorf("unexpected type %T in configuration", val))
 }
 
-// maybeReadAttrFromFile sets defined[attr] to:
-//
-// 1) The content of the file defined[attr+"-path"], if that's set
-// 2) The value of defined[attr] if it is already set.
-// 3) The content of defaultPath if it exists and defined[attr] is unset
-// 4) Preserves the content of defined[attr], otherwise
-//
-// The defined[attr+"-path"] key is always deleted.
-func maybeReadAttrFromFile(defined map[string]interface{}, attr, defaultPath string) error {
-	if !osenv.IsJujuXDGDataHomeSet() {
-		logger.Debugf("JUJU_DATA not set, not attempting to read file %q", defaultPath)
-		return nil
-	}
-	pathAttr := attr + "-path"
-	path, _ := defined[pathAttr].(string)
-	delete(defined, pathAttr)
-	hasPath := path != ""
-	if !hasPath {
-		// No path and attribute is already set; leave it be.
-		if s, _ := defined[attr].(string); s != "" {
-			return nil
-		}
-		path = defaultPath
-	}
-	path, err := utils.NormalizePath(path)
-	if err != nil {
-		return err
-	}
-	if !filepath.IsAbs(path) {
-		path = osenv.JujuXDGDataHomePath(path)
-	}
-	data, err := ioutil.ReadFile(path)
-	if err != nil {
-		if os.IsNotExist(err) && !hasPath {
-			// If the default path isn't found, it's
-			// not an error.
-			return nil
-		}
-		return err
-	}
-	if len(data) == 0 {
-		return fmt.Errorf("file %q is empty", path)
-	}
-	defined[attr] = string(data)
-	return nil
-}
-
 // asString is a private helper method to keep the ugly string casting
 // in once place. It returns the given named attribute as a string,
 // returning "" if it isn't found.
@@ -760,75 +469,26 @@
 	return c.mustString(UUIDKey)
 }
 
-// ControllerUUID returns the uuid for the model's controller.
-func (c *Config) ControllerUUID() string {
-	return c.mustString(ControllerUUIDKey)
-}
-
 // DefaultSeries returns the configured default Ubuntu series for the environment,
 // and whether the default series was explicitly configured on the environment.
 func (c *Config) DefaultSeries() (string, bool) {
-	if s, ok := c.defined["default-series"]; ok {
-		if series, ok := s.(string); ok && series != "" {
-			return series, true
-		} else if !ok {
-			logger.Warningf("invalid default-series: %q", s)
-		}
-	}
-	return "", false
-}
-
-// StatePort returns the controller port for the environment.
-func (c *Config) StatePort() int {
-	return c.mustInt("state-port")
-}
-
-// APIPort returns the API server port for the environment.
-func (c *Config) APIPort() int {
-	return c.mustInt("api-port")
-}
-
-// NumaCtlPreference returns if numactl is preferred.
-func (c *Config) NumaCtlPreference() bool {
-	if numa, ok := c.defined[SetNumaControlPolicyKey]; ok {
-		return numa.(bool)
-	}
-	return DefaultNumaControlPolicy
-}
-
-// PreventDestroyEnvironment returns if destroy-model
-// should be blocked from proceeding, thus preventing the operation.
-func (c *Config) PreventDestroyEnvironment() bool {
-	if attrValue, ok := c.defined[PreventDestroyEnvironmentKey]; ok {
-		return attrValue.(bool)
-	}
-	return DefaultPreventDestroyEnvironment
-}
-
-// PreventRemoveObject returns if remove-object
-// should be blocked from proceeding, thus preventing the operation.
-// Object in this context is a juju artifact: either a machine,
-// a service, a unit or a relation.
-func (c *Config) PreventRemoveObject() bool {
-	if attrValue, ok := c.defined[PreventRemoveObjectKey]; ok {
-		return attrValue.(bool)
+	s, ok := c.defined["default-series"]
+	if !ok {
+		return "", false
 	}
-	return DefaultPreventRemoveObject
-}
-
-// PreventAllChanges returns if all-changes
-// should be blocked from proceeding, thus preventing the operation.
-// Changes in this context are any alterations to current environment.
-func (c *Config) PreventAllChanges() bool {
-	if attrValue, ok := c.defined[PreventAllChangesKey]; ok {
-		return attrValue.(bool)
+	switch s := s.(type) {
+	case string:
+		return s, s != ""
+	default:
+		logger.Errorf("invalid default-series: %q", s)
+		return "", false
 	}
-	return DefaultPreventAllChanges
 }
 
 // AuthorizedKeys returns the content for ssh's authorized_keys file.
 func (c *Config) AuthorizedKeys() string {
-	return c.mustString("authorized-keys")
+	value, _ := c.defined[AuthorizedKeysKey].(string)
+	return value
 }
 
 // ProxySSH returns a flag indicating whether SSH commands
@@ -917,51 +577,40 @@
 	return c.asString("apt-mirror")
 }
 
-// BootstrapSSHOpts returns the SSH timeout and retry delays used
-// during bootstrap.
-func (c *Config) BootstrapSSHOpts() SSHTimeoutOpts {
-	opts := SSHTimeoutOpts{
-		Timeout:        time.Duration(DefaultBootstrapSSHTimeout) * time.Second,
-		RetryDelay:     time.Duration(DefaultBootstrapSSHRetryDelay) * time.Second,
-		AddressesDelay: time.Duration(DefaultBootstrapSSHAddressesDelay) * time.Second,
-	}
-	if v, ok := c.defined["bootstrap-timeout"].(int); ok && v != 0 {
-		opts.Timeout = time.Duration(v) * time.Second
-	}
-	if v, ok := c.defined["bootstrap-retry-delay"].(int); ok && v != 0 {
-		opts.RetryDelay = time.Duration(v) * time.Second
-	}
-	if v, ok := c.defined["bootstrap-addresses-delay"].(int); ok && v != 0 {
-		opts.AddressesDelay = time.Duration(v) * time.Second
-	}
-	return opts
-}
-
-// CACert returns the certificate of the CA that signed the controller
-// certificate, in PEM format, and whether the setting is available.
-func (c *Config) CACert() (string, bool) {
-	if s, ok := c.defined[CACertKey]; ok {
-		return s.(string), true
+// LogFwdSyslog returns the syslog forwarding config.
+func (c *Config) LogFwdSyslog() (*syslog.RawConfig, bool) {
+	partial := false
+	var lfCfg syslog.RawConfig
+
+	if s, ok := c.defined[LogForwardEnabled]; ok {
+		partial = true
+		lfCfg.Enabled = s.(bool)
 	}
-	return "", false
-}
 
-// CAPrivateKey returns the private key of the CA that signed the state
-// server certificate, in PEM format, and whether the setting is available.
-func (c *Config) CAPrivateKey() (key string, ok bool) {
-	if s, ok := c.defined["ca-private-key"]; ok && s != "" {
-		return s.(string), true
+	if s, ok := c.defined[LogFwdSyslogHost]; ok && s != "" {
+		partial = true
+		lfCfg.Host = s.(string)
+	}
+
+	if s, ok := c.defined[LogFwdSyslogCACert]; ok && s != "" {
+		partial = true
+		lfCfg.CACert = s.(string)
 	}
-	return "", false
-}
 
-// AdminSecret returns the administrator password.
-// It's empty if the password has not been set.
-func (c *Config) AdminSecret() string {
-	if s, ok := c.defined["admin-secret"]; ok && s != "" {
-		return s.(string)
+	if s, ok := c.defined[LogFwdSyslogClientCert]; ok && s != "" {
+		partial = true
+		lfCfg.ClientCert = s.(string)
 	}
-	return ""
+
+	if s, ok := c.defined[LogFwdSyslogClientKey]; ok && s != "" {
+		partial = true
+		lfCfg.ClientKey = s.(string)
+	}
+
+	if !partial {
+		return nil, false
+	}
+	return &lfCfg, true
 }
 
 // FirewallMode returns whether the firewall should
@@ -1008,13 +657,6 @@
 	return c.defined["development"].(bool)
 }
 
-// PreferIPv6 returns whether IPv6 addresses for API endpoints and
-// machines will be preferred (when available) over IPv4.
-func (c *Config) PreferIPv6() bool {
-	v, _ := c.defined["prefer-ipv6"].(bool)
-	return v
-}
-
 // EnableOSRefreshUpdate returns whether or not newly provisioned
 // instances should run their respective OS's update capability.
 func (c *Config) EnableOSRefreshUpdate() bool {
@@ -1101,30 +743,6 @@
 	return c.defined["test-mode"].(bool)
 }
 
-// LXCUseClone reports whether the LXC provisioner should create a
-// template and use cloning to speed up container provisioning.
-func (c *Config) LXCUseClone() (bool, bool) {
-	v, ok := c.defined[LxcClone].(bool)
-	return v, ok
-}
-
-// LXCUseCloneAUFS reports whether the LXC provisioner should create a
-// lxc clone using aufs if available.
-func (c *Config) LXCUseCloneAUFS() (bool, bool) {
-	v, ok := c.defined["lxc-clone-aufs"].(bool)
-	return v, ok
-}
-
-// LXCDefaultMTU reports whether the LXC provisioner should create a
-// containers with a specific MTU value for all network intefaces.
-func (c *Config) LXCDefaultMTU() (int, bool) {
-	v, ok := c.defined[LXCDefaultMTU].(int)
-	if !ok {
-		return DefaultLXCDefaultMTU, false
-	}
-	return v, ok
-}
-
 // DisableNetworkManagement reports whether Juju is allowed to
 // configure and manage networking inside the environment.
 func (c *Config) DisableNetworkManagement() (bool, bool) {
@@ -1146,13 +764,6 @@
 	return bs, bs != ""
 }
 
-// AllowLXCLoopMounts returns whether loop devices are allowed
-// to be mounted inside lxc containers.
-func (c *Config) AllowLXCLoopMounts() (bool, bool) {
-	v, ok := c.defined[AllowLXCLoopMounts].(bool)
-	return v, ok
-}
-
 // CloudImageBaseURL returns the specified override url that the 'ubuntu-
 // cloudimg-query' executable uses to find container images. The empty string
 // means that the default URL is used.
@@ -1224,30 +835,13 @@
 	return New(NoDefaults, defined)
 }
 
-// IdentityURL returns the url of the identity manager.
-func (c *Config) IdentityURL() string {
-	return c.asString(IdentityURL)
-}
-
-// IdentityPublicKey returns the public key of the identity manager.
-func (c *Config) IdentityPublicKey() *bakery.PublicKey {
-	key := c.asString(IdentityPublicKey)
-	if key == "" {
-		return nil
-	}
-	var pubKey bakery.PublicKey
-	err := pubKey.UnmarshalText([]byte(key))
+// fields holds the validation schema fields derived from configSchema.
+var fields = func() schema.Fields {
+	combinedSchema, err := Schema(nil)
 	if err != nil {
-		// We check if the key string can be unmarshalled into a PublicKey in the
-		// Validate function, so we really do not expect this to fail.
 		panic(err)
 	}
-	return &pubKey
-}
-
-// fields holds the validation schema fields derived from configSchema.
-var fields = func() schema.Fields {
-	fs, _, err := configSchema.ValidationSchema()
+	fs, _, err := combinedSchema.ValidationSchema()
 	if err != nil {
 		panic(err)
 	}
@@ -1263,18 +857,16 @@
 // but some fields listed as optional here are actually mandatory
 // with NoDefaults and are checked at the later Validate stage.
 var alwaysOptional = schema.Defaults{
+	// Model config attributes
 	AgentVersionKey:              schema.Omit,
-	CACertKey:                    schema.Omit,
-	"authorized-keys":            schema.Omit,
-	"authorized-keys-path":       schema.Omit,
-	"ca-cert-path":               schema.Omit,
-	"ca-private-key-path":        schema.Omit,
+	AuthorizedKeysKey:            schema.Omit,
 	"logging-config":             schema.Omit,
 	ProvisionerHarvestModeKey:    schema.Omit,
-	"bootstrap-timeout":          schema.Omit,
-	"bootstrap-retry-delay":      schema.Omit,
-	"bootstrap-addresses-delay":  schema.Omit,
-	"rsyslog-ca-cert":            schema.Omit,
+	LogForwardEnabled:            schema.Omit,
+	LogFwdSyslogHost:             schema.Omit,
+	LogFwdSyslogCACert:           schema.Omit,
+	LogFwdSyslogClientCert:       schema.Omit,
+	LogFwdSyslogClientKey:        schema.Omit,
 	HttpProxyKey:                 schema.Omit,
 	HttpsProxyKey:                schema.Omit,
 	FtpProxyKey:                  schema.Omit,
@@ -1283,15 +875,9 @@
 	AptHttpsProxyKey:             schema.Omit,
 	AptFtpProxyKey:               schema.Omit,
 	"apt-mirror":                 schema.Omit,
-	LxcClone:                     schema.Omit,
-	LXCDefaultMTU:                schema.Omit,
 	"disable-network-management": schema.Omit,
 	IgnoreMachineAddresses:       schema.Omit,
 	AgentStreamKey:               schema.Omit,
-	IdentityURL:                  schema.Omit,
-	IdentityPublicKey:            schema.Omit,
-	SetNumaControlPolicyKey:      DefaultNumaControlPolicy,
-	AllowLXCLoopMounts:           false,
 	ResourceTagsKey:              schema.Omit,
 	CloudImageBaseURL:            schema.Omit,
 
@@ -1302,39 +888,14 @@
 	// Environ providers will specify their own defaults.
 	StorageDefaultBlockSourceKey: schema.Omit,
 
-	// Deprecated fields, retain for backwards compatibility.
-	ToolsMetadataURLKey:          "",
-	LxcUseClone:                  schema.Omit,
-	ProvisionerSafeModeKey:       schema.Omit,
-	ToolsStreamKey:               schema.Omit,
-	PreventDestroyEnvironmentKey: schema.Omit,
-	PreventRemoveObjectKey:       schema.Omit,
-	PreventAllChangesKey:         schema.Omit,
-
-	// For backward compatibility reasons, the following
-	// attributes default to empty strings rather than being
-	// omitted.
-	// TODO(rog) remove this support when we can
-	// remove upgrade compatibility with versions prior to 1.14.
-	"admin-secret":       "", // TODO(rog) omit
-	"ca-private-key":     "", // TODO(rog) omit
-	"image-metadata-url": "", // TODO(rog) omit
-	AgentMetadataURLKey:  "", // TODO(rog) omit
-
-	"default-series": "",
-
-	// For backward compatibility only - default ports were
-	// not filled out in previous versions of the configuration.
-	"state-port": DefaultStatePort,
-	"api-port":   DefaultAPIPort,
-	// Previously image-stream could be set to an empty value
-	"image-stream":             "",
-	"test-mode":                false,
-	"proxy-ssh":                false,
-	"lxc-clone-aufs":           false,
-	"prefer-ipv6":              false,
+	"proxy-ssh":                schema.Omit,
 	"enable-os-refresh-update": schema.Omit,
 	"enable-os-upgrade":        schema.Omit,
+	"image-stream":             schema.Omit,
+	"image-metadata-url":       schema.Omit,
+	AgentMetadataURLKey:        schema.Omit,
+	"default-series":           "",
+	"test-mode":                false,
 }
 
 func allowEmpty(attr string) bool {
@@ -1351,16 +912,9 @@
 		"firewall-mode":              FwInstance,
 		"development":                false,
 		"ssl-hostname-verification":  true,
-		"state-port":                 DefaultStatePort,
-		"api-port":                   DefaultAPIPort,
-		"bootstrap-timeout":          DefaultBootstrapSSHTimeout,
-		"bootstrap-retry-delay":      DefaultBootstrapSSHRetryDelay,
-		"bootstrap-addresses-delay":  DefaultBootstrapSSHAddressesDelay,
 		"proxy-ssh":                  false,
-		"prefer-ipv6":                false,
 		"disable-network-management": false,
 		IgnoreMachineAddresses:       false,
-		SetNumaControlPolicyKey:      DefaultNumaControlPolicy,
 		AutomaticallyRetryHooks:      true,
 	}
 	for attr, val := range alwaysOptional {
@@ -1371,22 +925,6 @@
 	return d
 }
 
-// allowedWithDefaultsOnly holds those attributes
-// that are only allowed in a configuration that is
-// being created with UseDefaults.
-var allowedWithDefaultsOnly = []string{
-	"ca-cert-path",
-	"ca-private-key-path",
-	"authorized-keys-path",
-}
-
-// mandatoryWithoutDefaults holds those attributes
-// that are mandatory if the configuration is created
-// with no defaults but optional otherwise.
-var mandatoryWithoutDefaults = []string{
-	"authorized-keys",
-}
-
 // immutableAttributes holds those attributes
 // which are not allowed to change in the lifetime
 // of an environment.
@@ -1394,19 +932,7 @@
 	NameKey,
 	TypeKey,
 	UUIDKey,
-	ControllerUUIDKey,
 	"firewall-mode",
-	"state-port",
-	"api-port",
-	"bootstrap-timeout",
-	"bootstrap-retry-delay",
-	"bootstrap-addresses-delay",
-	LxcClone,
-	LXCDefaultMTU,
-	"lxc-clone-aufs",
-	"prefer-ipv6",
-	IdentityURL,
-	IdentityPublicKey,
 }
 
 var (
@@ -1435,7 +961,7 @@
 		if fields[name] == nil {
 			if val, isString := value.(string); isString && val != "" {
 				// only warn about attributes with non-empty string values
-				logger.Warningf("unknown config field %q", name)
+				logger.Errorf("unknown config field %q", name)
 			}
 			result[name] = value
 		}
@@ -1443,20 +969,6 @@
 	return result, nil
 }
 
-// GenerateControllerCertAndKey makes sure that the config has a CACert and
-// CAPrivateKey, generates and returns new certificate and key.
-func (cfg *Config) GenerateControllerCertAndKey(hostAddresses []string) (string, string, error) {
-	caCert, hasCACert := cfg.CACert()
-	if !hasCACert {
-		return "", "", fmt.Errorf("model configuration has no ca-cert")
-	}
-	caKey, hasCAKey := cfg.CAPrivateKey()
-	if !hasCAKey {
-		return "", "", fmt.Errorf("model configuration has no ca-private-key")
-	}
-	return cert.NewDefaultServer(caCert, caKey, hostAddresses)
-}
-
 // SpecializeCharmRepo customizes a repository for a given configuration.
 // It returns a charm repository with test mode enabled if applicable.
 func SpecializeCharmRepo(repo charmrepo.Interface, cfg *Config) charmrepo.Interface {
@@ -1471,24 +983,6 @@
 	return repo
 }
 
-// SSHTimeoutOpts lists the amount of time we will wait for various
-// parts of the SSH connection to complete. This is similar to
-// DialOpts, see http://pad.lv/1258889 about possibly deduplicating
-// them.
-type SSHTimeoutOpts struct {
-	// Timeout is the amount of time to wait contacting a state
-	// server.
-	Timeout time.Duration
-
-	// RetryDelay is the amount of time between attempts to connect to
-	// an address.
-	RetryDelay time.Duration
-
-	// AddressesDelay is the amount of time between refreshing the
-	// addresses.
-	AddressesDelay time.Duration
-}
-
 func addIfNotEmpty(settings map[string]interface{}, key, value string) {
 	if value != "" {
 		settings[key] = value
@@ -1523,9 +1017,15 @@
 func Schema(extra environschema.Fields) (environschema.Fields, error) {
 	fields := make(environschema.Fields)
 	for name, field := range configSchema {
+		if controller.ControllerOnlyAttribute(name) {
+			return nil, errors.Errorf("config field %q clashes with controller config", name)
+		}
 		fields[name] = field
 	}
 	for name, field := range extra {
+		if controller.ControllerOnlyAttribute(name) {
+			return nil, errors.Errorf("config field %q clashes with controller config", name)
+		}
 		if _, ok := fields[name]; ok {
 			return nil, errors.Errorf("config field %q clashes with global config", name)
 		}
@@ -1538,13 +1038,6 @@
 // the config package.
 // TODO(rog) make this available to external packages.
 var configSchema = environschema.Fields{
-	"admin-secret": {
-		Description: "The password for the administrator user",
-		Type:        environschema.Tstring,
-		Secret:      true,
-		Example:     "<random secret>",
-		Group:       environschema.EnvironGroup,
-	},
 	AgentMetadataURLKey: {
 		Description: "URL of private stream",
 		Type:        environschema.Tstring,
@@ -1561,17 +1054,6 @@
 		Group:       environschema.JujuGroup,
 		Immutable:   true,
 	},
-	AllowLXCLoopMounts: {
-		Description: `whether loop devices are allowed to be mounted inside lxc containers.`,
-		Type:        environschema.Tbool,
-		Group:       environschema.EnvironGroup,
-	},
-	"api-port": {
-		Description: "The TCP port for the API servers to listen on",
-		Type:        environschema.Tint,
-		Group:       environschema.EnvironGroup,
-		Immutable:   true,
-	},
 	AptFtpProxyKey: {
 		// TODO document acceptable format
 		Description: "The APT FTP proxy for the model",
@@ -1596,67 +1078,11 @@
 		Type:        environschema.Tstring,
 		Group:       environschema.EnvironGroup,
 	},
-	"authorized-keys": {
-		// TODO what to do about authorized-keys-path ?
+	AuthorizedKeysKey: {
 		Description: "Any authorized SSH public keys for the model, as found in a ~/.ssh/authorized_keys file",
 		Type:        environschema.Tstring,
 		Group:       environschema.EnvironGroup,
 	},
-	"authorized-keys-path": {
-		Description: "Path to file containing SSH authorized keys",
-		Type:        environschema.Tstring,
-	},
-	PreventAllChangesKey: {
-		Description: `Whether all changes to the model will be prevented`,
-		Type:        environschema.Tbool,
-		Group:       environschema.EnvironGroup,
-	},
-	PreventDestroyEnvironmentKey: {
-		Description: `Whether the model will be prevented from destruction`,
-		Type:        environschema.Tbool,
-		Group:       environschema.EnvironGroup,
-	},
-	PreventRemoveObjectKey: {
-		Description: `Whether remove operations (machine, service, unit or relation) will be prevented`,
-		Type:        environschema.Tbool,
-		Group:       environschema.EnvironGroup,
-	},
-	"bootstrap-addresses-delay": {
-		Description: "The amount of time between refreshing the addresses in seconds. Not too frequent as we refresh addresses from the provider each time.",
-		Type:        environschema.Tint,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
-	"bootstrap-retry-delay": {
-		Description: "Time between attempts to connect to an address in seconds.",
-		Type:        environschema.Tint,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
-	"bootstrap-timeout": {
-		Description: "The amount of time to wait contacting a controller in seconds",
-		Type:        environschema.Tint,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
-	CACertKey: {
-		Description: `The certificate of the CA that signed the controller certificate, in PEM format`,
-		Type:        environschema.Tstring,
-		Group:       environschema.EnvironGroup,
-	},
-	"ca-cert-path": {
-		Description: "Path to file containing CA certificate",
-		Type:        environschema.Tstring,
-	},
-	"ca-private-key": {
-		Description: `The private key of the CA that signed the controller certificate, in PEM format`,
-		Type:        environschema.Tstring,
-		Group:       environschema.EnvironGroup,
-	},
-	"ca-private-key-path": {
-		Description: "Path to file containing CA private key",
-		Type:        environschema.Tstring,
-	},
 	CloudImageBaseURL: {
 		Description: "A URL to use instead of the default 'https://cloud-images.ubuntu.com/query' that the 'ubuntu-cloudimg-query' executable uses to find container images. This is primarily for enabling Juju to work cleanly in a closed network.",
 		Type:        environschema.Tstring,
@@ -1704,10 +1130,8 @@
 'none' requests that no firewalling should be performed
 inside the model. It's useful for clouds without support for either
 global or per instance security groups.`,
-		Type: environschema.Tstring,
-		// Note that we need the empty value because it can
-		// be found in legacy environments.
-		Values:    []interface{}{FwInstance, FwGlobal, FwNone, ""},
+		Type:      environschema.Tstring,
+		Values:    []interface{}{FwInstance, FwGlobal, FwNone},
 		Immutable: true,
 		Group:     environschema.EnvironGroup,
 	},
@@ -1741,29 +1165,6 @@
 		Type:        environschema.Tstring,
 		Group:       environschema.EnvironGroup,
 	},
-	LxcClone: {
-		Description: "Whether to use lxc-clone to create new LXC containers",
-		Type:        environschema.Tbool,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
-	"lxc-clone-aufs": {
-		Description: `Whether the LXC provisioner should creat an LXC clone using AUFS if available`,
-		Type:        environschema.Tbool,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
-	LXCDefaultMTU: {
-		// default: the default MTU setting for the container
-		Description: `The MTU setting to use for network interfaces in LXC containers`,
-		Type:        environschema.Tint,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
-	LxcUseClone: {
-		Description: `Whether the LXC provisioner should create a template and use cloning to speed up container provisioning. (deprecated by lxc-clone)`,
-		Type:        environschema.Tbool,
-	},
 	NameKey: {
 		Description: "The name of the current model",
 		Type:        environschema.Tstring,
@@ -1776,12 +1177,6 @@
 		Type:        environschema.Tstring,
 		Group:       environschema.EnvironGroup,
 	},
-	"prefer-ipv6": {
-		Description: `Whether to prefer IPv6 over IPv4 addresses for API endpoints and machines`,
-		Type:        environschema.Tbool,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
 	ProvisionerHarvestModeKey: {
 		// default: destroyed, but also depends on current setting of ProvisionerSafeModeKey
 		Description: "What to do with unknown machines. See https://jujucharms.com/docs/stable/config-general#juju-lifecycle-and-harvesting (default destroyed)",
@@ -1789,11 +1184,6 @@
 		Values:      []interface{}{"all", "none", "unknown", "destroyed"},
 		Group:       environschema.EnvironGroup,
 	},
-	ProvisionerSafeModeKey: {
-		Description: `Whether to run the provisioner in "destroyed" harvest mode (deprecated, superceded by provisioner-harvest-mode)`,
-		Type:        environschema.Tbool,
-		Group:       environschema.EnvironGroup,
-	},
 	"proxy-ssh": {
 		// default: true
 		Description: `Whether SSH commands should be proxied through the API server`,
@@ -1805,14 +1195,29 @@
 		Type:        environschema.Tattrs,
 		Group:       environschema.EnvironGroup,
 	},
-	"rsyslog-ca-cert": {
-		Description: `The certificate of the CA that signed the rsyslog certificate, in PEM format.`,
+	LogForwardEnabled: {
+		Description: `Whether syslog forwarding is enabled.`,
+		Type:        environschema.Tbool,
+		Group:       environschema.EnvironGroup,
+	},
+	LogFwdSyslogHost: {
+		Description: `The hostname:port of the syslog server.`,
 		Type:        environschema.Tstring,
 		Group:       environschema.EnvironGroup,
 	},
-	SetNumaControlPolicyKey: {
-		Description: "Tune Juju controller to work with NUMA if present (default false)",
-		Type:        environschema.Tbool,
+	LogFwdSyslogCACert: {
+		Description: `The certificate of the CA that signed the syslog server certificate, in PEM format.`,
+		Type:        environschema.Tstring,
+		Group:       environschema.EnvironGroup,
+	},
+	LogFwdSyslogClientCert: {
+		Description: `The syslog client certificate in PEM format.`,
+		Type:        environschema.Tstring,
+		Group:       environschema.EnvironGroup,
+	},
+	LogFwdSyslogClientKey: {
+		Description: `The syslog client key in PEM format.`,
+		Type:        environschema.Tstring,
 		Group:       environschema.EnvironGroup,
 	},
 	"ssl-hostname-verification": {
@@ -1825,12 +1230,6 @@
 		Type:        environschema.Tstring,
 		Group:       environschema.EnvironGroup,
 	},
-	"state-port": {
-		Description: "Port for the API server to listen on.",
-		Type:        environschema.Tint,
-		Immutable:   true,
-		Group:       environschema.EnvironGroup,
-	},
 	"test-mode": {
 		Description: `Whether the model is intended for testing.
 If true, accessing the charm store does not affect statistical
@@ -1838,16 +1237,6 @@
 		Type:  environschema.Tbool,
 		Group: environschema.EnvironGroup,
 	},
-	ToolsMetadataURLKey: {
-		Description: `deprecated, superceded by agent-metadata-url`,
-		Type:        environschema.Tstring,
-		Group:       environschema.EnvironGroup,
-	},
-	ToolsStreamKey: {
-		Description: `deprecated, superceded by agent-stream`,
-		Type:        environschema.Tstring,
-		Group:       environschema.EnvironGroup,
-	},
 	TypeKey: {
 		Description: "Type of model, e.g. local, ec2",
 		Type:        environschema.Tstring,
@@ -1860,24 +1249,6 @@
 		Type:        environschema.Tstring,
 		Group:       environschema.JujuGroup,
 		Immutable:   true,
-	},
-	ControllerUUIDKey: {
-		Description: "The UUID of the model's controller",
-		Type:        environschema.Tstring,
-		Group:       environschema.JujuGroup,
-		Immutable:   true,
-	},
-	IdentityURL: {
-		Description: "IdentityURL specifies the URL of the identity manager",
-		Type:        environschema.Tstring,
-		Group:       environschema.JujuGroup,
-		Immutable:   true,
-	},
-	IdentityPublicKey: {
-		Description: "Public key of the identity manager. If this is omitted, the public key will be fetched from the IdentityURL.",
-		Type:        environschema.Tstring,
-		Group:       environschema.JujuGroup,
-		Immutable:   true,
 	},
 	AutomaticallyRetryHooks: {
 		Description: "Determines whether the uniter should automatically retry failed hooks",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,9 +21,7 @@
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charmrepo.v2-unstable"
 	"gopkg.in/juju/environschema.v1"
-	"gopkg.in/macaroon-bakery.v1/bakery"
 
-	"github.com/juju/juju/cert"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/testing"
@@ -53,16 +51,11 @@
 	"type":                      "my-type",
 	"name":                      "my-name",
 	"uuid":                      testing.ModelTag.Id(),
-	"controller-uuid":           testing.ModelTag.Id(),
 	"authorized-keys":           testing.FakeAuthKeys,
 	"firewall-mode":             config.FwInstance,
-	"admin-secret":              "foo",
 	"unknown":                   "my-unknown",
-	"ca-cert":                   caCert,
 	"ssl-hostname-verification": true,
 	"development":               false,
-	"state-port":                1234,
-	"api-port":                  4321,
 	"default-series":            series.LatestLts(),
 }
 
@@ -82,12 +75,13 @@
 var quotedPathSeparator = regexp.QuoteMeta(string(os.PathSeparator))
 
 var minimalConfigAttrs = testing.Attrs{
-	"type":            "my-type",
-	"name":            "my-name",
-	"uuid":            testing.ModelTag.Id(),
-	"controller-uuid": testing.ModelTag.Id(),
+	"type": "my-type",
+	"name": "my-name",
+	"uuid": testing.ModelTag.Id(),
 }
 
+var modelNameErr = "%q is not a valid name: model names may only contain lowercase letters, digits and hyphens"
+
 var configTests = []configTest{
 	{
 		about:       "The minimum good configuration",
@@ -101,19 +95,6 @@
 			"agent-stream":       "released",
 		}),
 	}, {
-		about:       "Deprecated tools-stream used",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"tools-stream": "tools-stream-value",
-		}),
-	}, {
-		about:       "Deprecated tools-stream ignored",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"agent-stream": "released",
-			"tools-stream": "ignore-me",
-		}),
-	}, {
 		about:       "Metadata URLs",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
@@ -121,19 +102,6 @@
 			"agent-metadata-url": "agent-metadata-url-value",
 		}),
 	}, {
-		about:       "Deprecated tools metadata URL used",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"tools-metadata-url": "tools-metadata-url-value",
-		}),
-	}, {
-		about:       "Deprecated tools metadata URL ignored",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"agent-metadata-url": "agent-metadata-url-value",
-			"tools-metadata-url": "ignore-me",
-		}),
-	}, {
 		about:       "Explicit series",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
@@ -158,172 +126,28 @@
 			"authorized-keys": testing.FakeAuthKeys,
 		}),
 	}, {
-		about:       "Load authorized-keys from path",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys-path": "~/.ssh/authorized_keys2",
-		}),
-	}, {
-		about:       "LXC clone values",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"default-series": "precise",
-			"lxc-clone":      true,
-			"lxc-clone-aufs": true,
-		}),
-	}, {
-		about:       "Deprecated lxc-use-clone used",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"lxc-use-clone": true,
-		}),
-	}, {
-		about:       "Deprecated lxc-use-clone ignored",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"lxc-use-clone": false,
-			"lxc-clone":     true,
-		}),
-	}, {
-		about:       "Allow LXC loop mounts true",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"allow-lxc-loop-mounts": "true",
-		}),
-	}, {
-		about:       "Allow LXC loop mounts default",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"allow-lxc-loop-mounts": "false",
-		}),
-		expected: minimalConfigAttrs.Merge(testing.Attrs{
-			"allow-lxc-loop-mounts": false,
-		}),
-	}, {
-		about:       "LXC default MTU not set",
-		useDefaults: config.UseDefaults,
-		attrs:       minimalConfigAttrs,
-	}, {
-		about:       "LXC default MTU set explicitly",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"lxc-default-mtu": 9000,
-		}),
-	}, {
-		about:       "LXC default MTU invalid (not a number)",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"lxc-default-mtu": "foo",
-		}),
-		err: `lxc-default-mtu: expected number, got string\("foo"\)`,
-	}, {
-		about:       "LXC default MTU invalid (negative)",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"lxc-default-mtu": -42,
-		}),
-		err: `lxc-default-mtu: expected positive integer, got -42`,
-	}, {
-		about:       "CA cert & key from path",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert-path":        "cacert2.pem",
-			"ca-private-key-path": "cakey2.pem",
-		}),
-	}, {
-		about:       "CA cert & key from path; cert attribute set too",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert-path":        "cacert2.pem",
-			"ca-cert":             "ignored",
-			"ca-private-key-path": "cakey2.pem",
-		}),
-	}, {
-		about:       "CA cert & key from ~ path",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert-path":        "~/othercert.pem",
-			"ca-private-key-path": "~/otherkey.pem",
-		}),
-	}, {
-		about:       "CA cert and key as attributes",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert":        caCert,
-			"ca-private-key": caKey,
-		}),
-	}, {
-		about:       "Mismatched CA cert and key",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert":        caCert,
-			"ca-private-key": caKey2,
-		}),
-		err: "bad CA certificate/key in configuration: crypto/tls: private key does not match public key",
-	}, {
-		about:       "Invalid CA cert",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert": invalidCACert,
-		}),
-		err: `bad CA certificate/key in configuration: (asn1:|ASN\.1) syntax error:.*`,
-	}, {
-		about:       "Invalid CA key",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert":        caCert,
-			"ca-private-key": invalidCAKey,
-		}),
-		err: "bad CA certificate/key in configuration: crypto/tls:.*",
-	}, {
-		about:       "CA cert specified as non-existent file",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-cert-path": "no-such-file",
-		}),
-		err: fmt.Sprintf(`open .*\.local%sshare%sjuju%sno-such-file: .*`, quotedPathSeparator, quotedPathSeparator, quotedPathSeparator),
-	}, {
-		about:       "CA key specified as non-existent file",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"ca-private-key-path": "no-such-file",
-		}),
-		err: fmt.Sprintf(`open .*\.local%sshare%sjuju%sno-such-file: .*`, quotedPathSeparator, quotedPathSeparator, quotedPathSeparator),
-	}, {
 		about:       "Specified agent version",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys": testing.FakeAuthKeys,
-			"agent-version":   "1.2.3",
+			"agent-version": "1.2.3",
 		}),
 	}, {
 		about:       "Specified development flag",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys": testing.FakeAuthKeys,
-			"development":     true,
-		}),
-	}, {
-		about:       "Specified admin secret",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys": testing.FakeAuthKeys,
-			"development":     false,
-			"admin-secret":    "pork",
+			"development": true,
 		}),
 	}, {
 		about:       "Invalid development flag",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys": testing.FakeAuthKeys,
-			"development":     "invalid",
+			"development": "invalid",
 		}),
 		err: `development: expected bool, got string\("invalid"\)`,
 	}, {
 		about:       "Invalid disable-network-management flag",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys":            testing.FakeAuthKeys,
 			"disable-network-management": "invalid",
 		}),
 		err: `disable-network-management: expected bool, got string\("invalid"\)`,
@@ -371,67 +195,10 @@
 			"set-numa-control-policy": false,
 		}),
 	}, {
-		about:       "block-destroy-model on",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"block-destroy-model": true,
-		}),
-	}, {
-		about:       "block-destroy-model off",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"block-destroy-model": false,
-		}),
-	}, {
-		about:       "block-remove-object on",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"block-remove-object": true,
-		}),
-	}, {
-		about:       "block-remove-object off",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"block-remove-object": false,
-		}),
-	}, {
-		about:       "block-all-changes on",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"block-all-changes": true,
-		}),
-	}, {
-		about:       "block-all-changes off",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"block-all-changest": false,
-		}),
-	}, {
-		about:       "Invalid prefer-ipv6 flag",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys": testing.FakeAuthKeys,
-			"prefer-ipv6":     "invalid",
-		}),
-		err: `prefer-ipv6: expected bool, got string\("invalid"\)`,
-	}, {
-		about:       "prefer-ipv6 off",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"prefer-ipv6": false,
-		}),
-	}, {
-		about:       "prefer-ipv6 on",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"prefer-ipv6": true,
-		}),
-	}, {
 		about:       "Invalid agent version",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"authorized-keys": testing.FakeAuthKeys,
-			"agent-version":   "2",
+			"agent-version": "2",
 		}),
 		err: `invalid agent version in model configuration: "2"`,
 	}, {
@@ -457,14 +224,29 @@
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
 			"name": "foo/bar",
 		}),
-		err: "model name contains unsafe characters",
+		err: fmt.Sprintf(modelNameErr, "foo/bar"),
 	}, {
 		about:       "Bad name, no backslash",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
 			"name": "foo\\bar",
 		}),
-		err: "model name contains unsafe characters",
+		// Double escape to keep the safe quote in the format string happy
+		err: fmt.Sprintf(modelNameErr, "foo\\\\bar"),
+	}, {
+		about:       "Bad name, no space",
+		useDefaults: config.UseDefaults,
+		attrs: minimalConfigAttrs.Merge(testing.Attrs{
+			"name": "foo bar",
+		}),
+		err: fmt.Sprintf(modelNameErr, "foo bar"),
+	}, {
+		about:       "Bad name, no capital",
+		useDefaults: config.UseDefaults,
+		attrs: minimalConfigAttrs.Merge(testing.Attrs{
+			"name": "fooBar",
+		}),
+		err: fmt.Sprintf(modelNameErr, "fooBar"),
 	}, {
 		about:       "Empty name",
 		useDefaults: config.UseDefaults,
@@ -482,6 +264,7 @@
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
 			"firewall-mode": "",
 		}),
+		err: `firewall-mode: expected one of \[instance global none\], got ""`,
 	}, {
 		about:       "Instance firewall mode",
 		useDefaults: config.UseDefaults,
@@ -506,7 +289,7 @@
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
 			"firewall-mode": "illegal",
 		}),
-		err: `firewall-mode: expected one of \[instance global none ], got "illegal"`,
+		err: `firewall-mode: expected one of \[instance global none\], got "illegal"`,
 	}, {
 		about:       "ssl-hostname-verification off",
 		useDefaults: config.UseDefaults,
@@ -584,71 +367,6 @@
 			"agent-stream": "proposed",
 		}),
 	}, {
-		about:       "Explicit state port",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"state-port": 37042,
-		}),
-	}, {
-		about:       "Invalid state port",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"state-port": "illegal",
-		}),
-		err: `state-port: expected number, got string\("illegal"\)`,
-	}, {
-		about:       "Explicit API port",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"api-port": 77042,
-		}),
-	}, {
-		about:       "Invalid API port",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"api-port": "illegal",
-		}),
-		err: `api-port: expected number, got string\("illegal"\)`,
-	}, {
-		about:       "Explicit bootstrap timeout",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"bootstrap-timeout": 300,
-		}),
-	}, {
-		about:       "Invalid bootstrap timeout",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"bootstrap-timeout": "illegal",
-		}),
-		err: `bootstrap-timeout: expected number, got string\("illegal"\)`,
-	}, {
-		about:       "Explicit bootstrap retry delay",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"bootstrap-retry-delay": 5,
-		}),
-	}, {
-		about:       "Invalid bootstrap retry delay",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"bootstrap-retry-delay": "illegal",
-		}),
-		err: `bootstrap-retry-delay: expected number, got string\("illegal"\)`,
-	}, {
-		about:       "Explicit bootstrap addresses delay",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"bootstrap-addresses-delay": 15,
-		}),
-	}, {
-		about:       "Invalid bootstrap addresses delay",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"bootstrap-addresses-delay": "illegal",
-		}),
-		err: `bootstrap-addresses-delay: expected number, got string\("illegal"\)`,
-	}, {
 		about:       "Invalid logging configuration",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
@@ -664,58 +382,23 @@
 		useDefaults: config.NoDefaults,
 		attrs:       sampleConfig,
 	}, {
-		about:       "No defaults: with ca-cert-path",
-		useDefaults: config.NoDefaults,
-		attrs:       sampleConfig.Merge(testing.Attrs{"ca-cert-path": "arble"}),
-		err:         `attribute "ca-cert-path" is not allowed in configuration`,
-	}, {
-		about:       "No defaults: with ca-private-key-path",
-		useDefaults: config.NoDefaults,
-		attrs:       sampleConfig.Merge(testing.Attrs{"ca-private-key-path": "arble"}),
-		err:         `attribute "ca-private-key-path" is not allowed in configuration`,
-	}, {
-		about:       "No defaults: with authorized-keys-path",
-		useDefaults: config.NoDefaults,
-		attrs:       sampleConfig.Merge(testing.Attrs{"authorized-keys-path": "arble"}),
-		err:         `attribute "authorized-keys-path" is not allowed in configuration`,
-	}, {
-		about:       "No defaults: missing authorized-keys",
-		useDefaults: config.NoDefaults,
-		attrs:       sampleConfig.Delete("authorized-keys"),
-		err:         `authorized-keys missing from model configuration`,
-	}, {
-		about:       "Config settings from juju 1.13.3 actual installation",
+		about:       "Config settings from juju actual installation",
 		useDefaults: config.NoDefaults,
 		attrs: map[string]interface{}{
 			"name":                      "sample",
 			"development":               false,
-			"admin-secret":              "",
 			"ssl-hostname-verification": true,
 			"authorized-keys":           "ssh-rsa mykeys rog@rog-x220\n",
 			"region":                    "us-east-1",
-			"image-metadata-url":        "",
-			"ca-private-key":            "",
 			"default-series":            "precise",
-			"agent-metadata-url":        "",
 			"secret-key":                "a-secret-key",
 			"access-key":                "an-access-key",
 			"agent-version":             "1.13.2",
-			"ca-cert":                   caCert,
 			"firewall-mode":             "instance",
 			"type":                      "ec2",
-			// These ones weren't actual values, but we require
-			// them now, and have no backwards-compatibility
-			// with the old config.
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
+			"uuid":                      testing.ModelTag.Id(),
 		},
 	}, {
-		about:       "Provider type null is replaced with manual",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"type": "null",
-		}),
-	}, {
 		about:       "TestMode flag specified",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
@@ -728,12 +411,6 @@
 			"uuid": "dcfbdb4a-bca2-49ad-aa7c-f011424e0fe4",
 		}),
 	}, {
-		about:       "valid controller-uuid",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"controller-uuid": "dcfbdb4a-bca2-49ad-aa7c-f011424e0fe4",
-		}),
-	}, {
 		about:       "invalid uuid 1",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
@@ -755,21 +432,8 @@
 		}),
 		err: `empty uuid in model configuration`,
 	},
-	missingAttributeNoDefault("firewall-mode"),
 	missingAttributeNoDefault("development"),
 	missingAttributeNoDefault("ssl-hostname-verification"),
-	// TODO(rog) reinstate these tests when we can lose
-	// backward compatibility with pre-1.13 config.
-	// missingAttributeNoDefault("state-port"),
-	// missingAttributeNoDefault("api-port"),
-	{
-		about:       "Deprecated safe-mode failover",
-		useDefaults: config.UseDefaults,
-		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"provisioner-safe-mode":    true,
-			"provisioner-harvest-mode": config.HarvestNone.String(),
-		}),
-	},
 	{
 		about:       "Explicit apt-mirror",
 		useDefaults: config.UseDefaults,
@@ -798,36 +462,76 @@
 			"resource-tags": []string{"a"},
 		}),
 		err: `resource-tags: expected "key=value", got "a"`,
-	},
-	{
-		about:       "Invalid identity URL value",
+	}, {
+		about:       "Invalid syslog ca cert format",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"identity-url": "%",
+			"type":               "my-type",
+			"name":               "my-name",
+			"logforward-enabled": true,
+			"syslog-host":        "localhost:1234",
+			"syslog-ca-cert":     "abc",
+			"syslog-client-cert": caCert,
+			"syslog-client-key":  caKey,
 		}),
-		err: `invalid identity URL: parse %: invalid URL escape "%"`,
+		err: `invalid syslog forwarding config: validating TLS config: parsing CA certificate: no certificates found`,
 	}, {
-		about:       "Not using https in identity URL",
+		about:       "Invalid syslog ca cert",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"identity-url": "http://test-identity",
+			"type":               "my-type",
+			"name":               "my-name",
+			"logforward-enabled": true,
+			"syslog-host":        "localhost:1234",
+			"syslog-ca-cert":     invalidCACert,
+			"syslog-client-cert": caCert,
+			"syslog-client-key":  caKey,
 		}),
-		err: `URL needs to be https`,
-	},
-	{
-		about:       "Invalid identity public key",
+		err: `invalid syslog forwarding config: validating TLS config: parsing CA certificate: asn1: syntax error: data truncated`,
+	}, {
+		about:       "invalid syslog cert",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"identity-public-key": "_",
+			"logforward-enabled": true,
+			"syslog-host":        "10.0.0.1:12345",
+			"syslog-ca-cert":     caCert,
+			"syslog-client-cert": invalidCACert,
+			"syslog-client-key":  caKey,
 		}),
-		err: `invalid identity public key: cannot decode base64 key: illegal base64 data at input byte 0`,
-	},
-	{
-		about:       "Valid identity URL and public key values",
+		err: `invalid syslog forwarding config: validating TLS config: parsing client key pair: asn1: syntax error: data truncated`,
+	}, {
+		about:       "invalid syslog key",
 		useDefaults: config.UseDefaults,
 		attrs: minimalConfigAttrs.Merge(testing.Attrs{
-			"identity-url":        "https://test-identity",
-			"identity-public-key": "o/yOqSNWncMo1GURWuez/dGR30TscmmuIxgjztpoHEY=",
+			"logforward-enabled": true,
+			"syslog-host":        "10.0.0.1:12345",
+			"syslog-ca-cert":     caCert,
+			"syslog-client-cert": caCert,
+			"syslog-client-key":  invalidCAKey,
+		}),
+		err: `invalid syslog forwarding config: validating TLS config: parsing client key pair: (crypto/)?tls: failed to parse private key`,
+	}, {
+		about:       "Mismatched syslog cert and key",
+		useDefaults: config.UseDefaults,
+		attrs: minimalConfigAttrs.Merge(testing.Attrs{
+			"logforward-enabled": true,
+			"syslog-host":        "10.0.0.1:12345",
+			"syslog-ca-cert":     caCert,
+			"syslog-client-cert": caCert,
+			"syslog-client-key":  caKey2,
+		}),
+		err: `invalid syslog forwarding config: validating TLS config: parsing client key pair: (crypto/)?tls: private key does not match public key`,
+	}, {
+		about:       "Valid syslog config values",
+		useDefaults: config.UseDefaults,
+		attrs: minimalConfigAttrs.Merge(testing.Attrs{
+			"type":               "my-type",
+			"name":               "my-name",
+			"logforward-enabled": true,
+			"syslog-host":        "localhost:1234",
+			"syslog-ca-cert":     testing.CACert,
+			"syslog-client-cert": testing.ServerCert,
+			"syslog-client-key":  testing.ServerKey,
 		}),
 	},
 }
@@ -852,13 +556,6 @@
 		{".ssh/identity.pub", "identity"},
 		{".ssh/authorized_keys", "auth0\n# first\nauth1\n\n"},
 		{".ssh/authorized_keys2", "auth2\nauth3\n"},
-
-		{".local/share/juju/my-name-cert.pem", caCert},
-		{".local/share/juju/my-name-private-key.pem", caKey},
-		{".local/share/juju/cacert2.pem", caCert2},
-		{".local/share/juju/cakey2.pem", caKey2},
-		{"othercert.pem", caCert3},
-		{"otherkey.pem", caKey3},
 	}
 	s.FakeHomeSuite.Home.AddFiles(c, files...)
 	for i, test := range configTests {
@@ -867,161 +564,6 @@
 	}
 }
 
-var noCertFilesTests = []configTest{
-	{
-		about:       "Unspecified certificate and key",
-		useDefaults: config.UseDefaults,
-		attrs: testing.Attrs{
-			"type":            "my-type",
-			"name":            "my-name",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"authorized-keys": testing.FakeAuthKeys,
-		},
-	}, {
-		about:       "Unspecified certificate, specified key",
-		useDefaults: config.UseDefaults,
-		attrs: testing.Attrs{
-			"type":            "my-type",
-			"name":            "my-name",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"authorized-keys": testing.FakeAuthKeys,
-			"ca-private-key":  caKey,
-		},
-		err: "bad CA certificate/key in configuration: crypto/tls:.*",
-	},
-}
-
-func (s *ConfigSuite) TestConfigNoCertFiles(c *gc.C) {
-	for i, test := range noCertFilesTests {
-		c.Logf("test %d. %s", i, test.about)
-		test.check(c, s.FakeHomeSuite.Home)
-	}
-}
-
-var emptyCertFilesTests = []configTest{
-	{
-		about:       "Cert unspecified; key specified",
-		useDefaults: config.UseDefaults,
-		attrs: testing.Attrs{
-			"type":            "my-type",
-			"name":            "my-name",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"authorized-keys": testing.FakeAuthKeys,
-			"ca-private-key":  caKey,
-		},
-		err: fmt.Sprintf(`file ".*%smy-name-cert.pem" is empty`, regexp.QuoteMeta(string(os.PathSeparator))),
-	}, {
-		about:       "Cert and key unspecified",
-		useDefaults: config.UseDefaults,
-		attrs: testing.Attrs{
-			"type":            "my-type",
-			"name":            "my-name",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"authorized-keys": testing.FakeAuthKeys,
-		},
-		err: fmt.Sprintf(`file ".*%smy-name-cert.pem" is empty`, regexp.QuoteMeta(string(os.PathSeparator))),
-	}, {
-		about:       "Cert specified, key unspecified",
-		useDefaults: config.UseDefaults,
-		attrs: testing.Attrs{
-			"type":            "my-type",
-			"name":            "my-name",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"authorized-keys": testing.FakeAuthKeys,
-			"ca-cert":         caCert,
-		},
-		err: fmt.Sprintf(`file ".*%smy-name-private-key.pem" is empty`, regexp.QuoteMeta(string(os.PathSeparator))),
-	}, /* {
-		about: "Cert and key specified as absent",
-		useDefaults: config.UseDefaults,
-		attrs: testing.Attrs{
-			"type":            "my-type",
-			"name":            "my-name",
-			"authorized-keys": testing.FakeAuthKeys,
-			"ca-cert":         "",
-			"ca-private-key":  "",
-		},
-	}, {
-		about: "Cert specified as absent",
-		useDefaults: config.UseDefaults,
-		attrs: testing.Attrs{
-			"type":            "my-type",
-			"name":            "my-name",
-			"authorized-keys": testing.FakeAuthKeys,
-			"ca-cert":         "",
-		},
-		err: "bad CA certificate/key in configuration: crypto/tls: .*",
-	}, */
-}
-
-func (s *ConfigSuite) TestConfigEmptyCertFiles(c *gc.C) {
-	files := []gitjujutesting.TestFile{
-		{".local/share/juju/my-name-cert.pem", ""},
-		{".local/share/juju/my-name-private-key.pem", ""},
-	}
-	s.FakeHomeSuite.Home.AddFiles(c, files...)
-
-	for i, test := range emptyCertFilesTests {
-		c.Logf("test %d. %s", i, test.about)
-		test.check(c, s.FakeHomeSuite.Home)
-	}
-}
-
-func (s *ConfigSuite) TestNoDefinedPrivateCert(c *gc.C) {
-	// Server-side there is no juju home.
-	osenv.SetJujuXDGDataHome("")
-	attrs := testing.Attrs{
-		"type":            "my-type",
-		"name":            "my-name",
-		"uuid":            testing.ModelTag.Id(),
-		"controller-uuid": testing.ModelTag.Id(),
-		"authorized-keys": testing.FakeAuthKeys,
-		"ca-cert":         testing.CACert,
-		"ca-private-key":  "",
-	}
-
-	_, err := config.New(config.UseDefaults, attrs)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ConfigSuite) TestSafeModeDeprecatesGracefully(c *gc.C) {
-
-	cfg, err := config.New(config.UseDefaults, testing.Attrs{
-		"name":                  "name",
-		"type":                  "type",
-		"uuid":                  testing.ModelTag.Id(),
-		"controller-uuid":       testing.ModelTag.Id(),
-		"provisioner-safe-mode": false,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(
-		cfg.ProvisionerHarvestMode().String(),
-		gc.Equals,
-		config.HarvestAll.String(),
-	)
-
-	cfg, err = config.New(config.UseDefaults, testing.Attrs{
-		"name":                  "name",
-		"type":                  "type",
-		"uuid":                  testing.ModelTag.Id(),
-		"controller-uuid":       testing.ModelTag.Id(),
-		"provisioner-safe-mode": true,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(
-		cfg.ProvisionerHarvestMode().String(),
-		gc.Equals,
-		config.HarvestDestroyed.String(),
-	)
-}
-
 func (test configTest) check(c *gc.C, home *gitjujutesting.FakeHome) {
 	cfg, err := config.New(test.useDefaults, test.attrs)
 	if test.err != "" {
@@ -1049,27 +591,9 @@
 		c.Assert(agentVersion, gc.Equals, version.Zero)
 	}
 
-	if statePort, ok := test.attrs["state-port"]; ok {
-		c.Assert(cfg.StatePort(), gc.Equals, statePort)
-	}
-	if apiPort, ok := test.attrs["api-port"]; ok {
-		c.Assert(cfg.APIPort(), gc.Equals, apiPort)
-	}
 	if expected, ok := test.attrs["uuid"]; ok {
 		c.Assert(cfg.UUID(), gc.Equals, expected)
 	}
-	if expected, ok := test.attrs["controller-uuid"]; ok {
-		c.Assert(cfg.ControllerUUID(), gc.Equals, expected)
-	}
-	if identityURL, ok := test.attrs["identity-url"]; ok {
-		c.Assert(cfg.IdentityURL(), gc.Equals, identityURL)
-	}
-	if identityPublicKey, ok := test.attrs["identity-public-key"]; ok {
-		var pk bakery.PublicKey
-		err := pk.UnmarshalText([]byte(identityPublicKey.(string)))
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(cfg.IdentityPublicKey(), gc.DeepEquals, &pk)
-	}
 
 	dev, _ := test.attrs["development"].(bool)
 	c.Assert(cfg.Development(), gc.Equals, dev)
@@ -1088,54 +612,35 @@
 	if m, _ := test.attrs["firewall-mode"].(string); m != "" {
 		c.Assert(cfg.FirewallMode(), gc.Equals, m)
 	}
-	if secret, _ := test.attrs["admin-secret"].(string); secret != "" {
-		c.Assert(cfg.AdminSecret(), gc.Equals, secret)
-	}
 
-	if path, _ := test.attrs["authorized-keys-path"].(string); path != "" {
-		c.Assert(cfg.AuthorizedKeys(), gc.Equals, home.FileContents(c, path))
-		c.Assert(cfg.AllAttrs()["authorized-keys-path"], gc.IsNil)
-	} else if keys, _ := test.attrs["authorized-keys"].(string); keys != "" {
-		c.Assert(cfg.AuthorizedKeys(), gc.Equals, keys)
-	} else {
-		// Content of all the files that are read by default.
-		c.Assert(cfg.AuthorizedKeys(), gc.Equals, "dsa\nrsa\nidentity\n")
-	}
+	keys, _ := test.attrs["authorized-keys"].(string)
+	c.Assert(cfg.AuthorizedKeys(), gc.Equals, keys)
 
-	cert, certPresent := cfg.CACert()
-	if path, _ := test.attrs["ca-cert-path"].(string); path != "" {
-		c.Assert(certPresent, jc.IsTrue)
-		c.Assert(string(cert), gc.Equals, home.FileContents(c, path))
-	} else if v, ok := test.attrs["ca-cert"].(string); v != "" {
-		c.Assert(certPresent, jc.IsTrue)
-		c.Assert(string(cert), gc.Equals, v)
+	lfCfg, hasLogCfg := cfg.LogFwdSyslog()
+	if v, ok := test.attrs["logforward-enabled"].(bool); ok {
+		c.Assert(hasLogCfg, jc.IsTrue)
+		c.Assert(lfCfg.Enabled, gc.Equals, v)
+	}
+	if v, ok := test.attrs["syslog-ca-cert"].(string); v != "" {
+		c.Assert(hasLogCfg, jc.IsTrue)
+		c.Assert(lfCfg.CACert, gc.Equals, v)
 	} else if ok {
-		c.Check(cert, gc.HasLen, 0)
-		c.Assert(certPresent, jc.IsFalse)
-	} else if bool(test.useDefaults) && home.FileExists(".local/share/juju/my-name-cert.pem") {
-		c.Assert(certPresent, jc.IsTrue)
-		c.Assert(string(cert), gc.Equals, home.FileContents(c, "my-name-cert.pem"))
-	} else {
-		c.Check(cert, gc.HasLen, 0)
-		c.Assert(certPresent, jc.IsFalse)
+		c.Assert(hasLogCfg, jc.IsTrue)
+		c.Check(lfCfg.CACert, gc.Equals, "")
 	}
-
-	key, keyPresent := cfg.CAPrivateKey()
-	if path, _ := test.attrs["ca-private-key-path"].(string); path != "" {
-		c.Assert(keyPresent, jc.IsTrue)
-		c.Assert(string(key), gc.Equals, home.FileContents(c, path))
-	} else if v, ok := test.attrs["ca-private-key"].(string); v != "" {
-		c.Assert(keyPresent, jc.IsTrue)
-		c.Assert(string(key), gc.Equals, v)
+	if v, ok := test.attrs["syslog-client-cert"].(string); v != "" {
+		c.Assert(hasLogCfg, jc.IsTrue)
+		c.Assert(lfCfg.ClientCert, gc.Equals, v)
 	} else if ok {
-		c.Check(key, gc.HasLen, 0)
-		c.Assert(keyPresent, jc.IsFalse)
-	} else if bool(test.useDefaults) && home.FileExists(".local/share/juju/my-name-private-key.pem") {
-		c.Assert(keyPresent, jc.IsTrue)
-		c.Assert(string(key), gc.Equals, home.FileContents(c, "my-name-private-key.pem"))
-	} else {
-		c.Check(key, gc.HasLen, 0)
-		c.Assert(keyPresent, jc.IsFalse)
+		c.Assert(hasLogCfg, jc.IsTrue)
+		c.Check(lfCfg.ClientCert, gc.Equals, "")
+	}
+	if v, ok := test.attrs["syslog-client-key"].(string); v != "" {
+		c.Assert(hasLogCfg, jc.IsTrue)
+		c.Assert(lfCfg.ClientKey, gc.Equals, v)
+	} else if ok {
+		c.Assert(hasLogCfg, jc.IsTrue)
+		c.Check(lfCfg.ClientKey, gc.Equals, "")
 	}
 
 	if v, ok := test.attrs["ssl-hostname-verification"]; ok {
@@ -1149,25 +654,6 @@
 	} else {
 		c.Assert(cfg.ProvisionerHarvestMode(), gc.Equals, config.HarvestDestroyed)
 	}
-	sshOpts := cfg.BootstrapSSHOpts()
-	test.assertDuration(
-		c,
-		"bootstrap-timeout",
-		sshOpts.Timeout,
-		config.DefaultBootstrapSSHTimeout,
-	)
-	test.assertDuration(
-		c,
-		"bootstrap-retry-delay",
-		sshOpts.RetryDelay,
-		config.DefaultBootstrapSSHRetryDelay,
-	)
-	test.assertDuration(
-		c,
-		"bootstrap-addresses-delay",
-		sshOpts.AddressesDelay,
-		config.DefaultBootstrapSSHAddressesDelay,
-	)
 
 	if v, ok := test.attrs["image-stream"]; ok {
 		c.Assert(cfg.ImageStream(), gc.Equals, v)
@@ -1183,21 +669,13 @@
 		c.Assert(urlPresent, jc.IsFalse)
 	}
 
-	toolsURL, urlPresent := cfg.AgentMetadataURL()
-	oldToolsURL := cfg.AllAttrs()["tools-metadata-url"]
-	oldToolsURLAttrValue, oldTSTPresent := test.attrs["tools-metadata-url"]
+	agentURL, urlPresent := cfg.AgentMetadataURL()
 	expectedToolsURLValue := test.attrs["agent-metadata-url"]
-	expectedToolsURLPresent := true
-	if expectedToolsURLValue == nil || expectedToolsURLValue == "" {
-		if oldTSTPresent {
-			expectedToolsURLValue = oldToolsURLAttrValue
-		} else {
-			expectedToolsURLValue = oldToolsURL
-			expectedToolsURLPresent = false
-		}
+	if urlPresent {
+		c.Assert(agentURL, gc.Equals, expectedToolsURLValue)
+	} else {
+		c.Assert(agentURL, gc.Equals, "")
 	}
-	c.Assert(toolsURL, gc.Equals, expectedToolsURLValue)
-	c.Assert(urlPresent, gc.Equals, expectedToolsURLPresent)
 
 	// assertions for deprecated tools-stream attribute used with new agent-stream
 	agentStreamValue := cfg.AgentStream()
@@ -1215,27 +693,6 @@
 	}
 	c.Assert(agentStreamValue, gc.Equals, expectedAgentStreamAttr)
 
-	useLxcClone, useLxcClonePresent := cfg.LXCUseClone()
-	oldUseClone, oldUseClonePresent := cfg.AllAttrs()["lxc-use-clone"]
-	if v, ok := test.attrs["lxc-clone"]; ok {
-		c.Assert(useLxcClone, gc.Equals, v)
-		c.Assert(useLxcClonePresent, jc.IsTrue)
-	} else {
-		if oldUseClonePresent {
-			c.Assert(useLxcClonePresent, jc.IsTrue)
-			c.Assert(useLxcClone, gc.Equals, oldUseClone)
-		} else {
-			c.Assert(useLxcClonePresent, jc.IsFalse)
-			c.Assert(useLxcClone, jc.IsFalse)
-		}
-	}
-	useLxcCloneAufs, ok := cfg.LXCUseCloneAUFS()
-	if v, ok := test.attrs["lxc-clone-aufs"]; ok {
-		c.Assert(useLxcCloneAufs, gc.Equals, v)
-	} else {
-		c.Assert(useLxcCloneAufs, jc.IsFalse)
-	}
-
 	resourceTags, cfgHasResourceTags := cfg.ResourceTags()
 	if _, ok := test.attrs["resource-tags"]; ok {
 		c.Assert(cfgHasResourceTags, jc.IsTrue)
@@ -1261,19 +718,11 @@
 		"type":                      "my-type",
 		"name":                      "my-name",
 		"uuid":                      "90168e4c-2f10-4e9c-83c2-1fb55a58e5a9",
-		"controller-uuid":           "90168e4c-2f10-4e9c-83c2-1fb55a58e5a9",
 		"authorized-keys":           testing.FakeAuthKeys,
 		"firewall-mode":             config.FwInstance,
-		"admin-secret":              "foo",
 		"unknown":                   "my-unknown",
-		"ca-cert":                   caCert,
 		"ssl-hostname-verification": true,
 		"development":               false,
-		"state-port":                1234,
-		"api-port":                  4321,
-		"bootstrap-timeout":         3600,
-		"bootstrap-retry-delay":     30,
-		"bootstrap-addresses-delay": 10,
 		"default-series":            series.LatestLts(),
 		"test-mode":                 false,
 	}
@@ -1281,18 +730,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// These attributes are added if not set.
-	attrs["development"] = false
 	attrs["logging-config"] = "<root>=WARNING;unit=DEBUG"
-	attrs["ca-private-key"] = ""
-	attrs["image-metadata-url"] = ""
-	attrs["agent-metadata-url"] = ""
-	attrs["tools-metadata-url"] = ""
-	attrs["image-stream"] = ""
-	attrs["proxy-ssh"] = false
-	attrs["lxc-clone-aufs"] = false
-	attrs["prefer-ipv6"] = false
-	attrs["set-numa-control-policy"] = false
-	attrs["allow-lxc-loop-mounts"] = false
 
 	// Default firewall mode is instance
 	attrs["firewall-mode"] = string(config.FwInstance)
@@ -1303,16 +741,14 @@
 	c.Assert(cfg.ProvisionerHarvestMode(), gc.Equals, config.HarvestDestroyed)
 
 	newcfg, err := cfg.Apply(map[string]interface{}{
-		"name":            "new-name",
-		"uuid":            "6216dfc3-6e82-408f-9f74-8565e63e6158",
-		"controller-uuid": "6216dfc3-6e82-408f-9f74-8565e63e6158",
-		"new-unknown":     "my-new-unknown",
+		"name":        "new-name",
+		"uuid":        "6216dfc3-6e82-408f-9f74-8565e63e6158",
+		"new-unknown": "my-new-unknown",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	attrs["name"] = "new-name"
 	attrs["uuid"] = "6216dfc3-6e82-408f-9f74-8565e63e6158"
-	attrs["controller-uuid"] = "6216dfc3-6e82-408f-9f74-8565e63e6158"
 	attrs["new-unknown"] = "my-new-unknown"
 	c.Assert(newcfg.AllAttrs(), jc.DeepEquals, attrs)
 }
@@ -1354,69 +790,10 @@
 	new:   testing.Attrs{"firewall-mode": config.FwNone},
 	err:   `cannot change firewall-mode from "global" to "none"`,
 }, {
-	about: "Cannot change the state-port",
-	old:   testing.Attrs{"state-port": config.DefaultStatePort},
-	new:   testing.Attrs{"state-port": 42},
-	err:   `cannot change state-port from 37017 to 42`,
-}, {
-	about: "Cannot change the api-port",
-	old:   testing.Attrs{"api-port": config.DefaultAPIPort},
-	new:   testing.Attrs{"api-port": 42},
-	err:   `cannot change api-port from 17070 to 42`,
-}, {
-	about: "Can change the state-port from explicit-default to implicit-default",
-	old:   testing.Attrs{"state-port": config.DefaultStatePort},
-}, {
-	about: "Can change the api-port from explicit-default to implicit-default",
-	old:   testing.Attrs{"api-port": config.DefaultAPIPort},
-}, {
-	about: "Can change the state-port from implicit-default to explicit-default",
-	new:   testing.Attrs{"state-port": config.DefaultStatePort},
-}, {
-	about: "Can change the api-port from implicit-default to explicit-default",
-	new:   testing.Attrs{"api-port": config.DefaultAPIPort},
-}, {
-	about: "Cannot change the state-port from implicit-default to different value",
-	new:   testing.Attrs{"state-port": 42},
-	err:   `cannot change state-port from 37017 to 42`,
-}, {
-	about: "Cannot change the api-port from implicit-default to different value",
-	new:   testing.Attrs{"api-port": 42},
-	err:   `cannot change api-port from 17070 to 42`,
-}, {
-	about: "Cannot change the bootstrap-timeout from implicit-default to different value",
-	new:   testing.Attrs{"bootstrap-timeout": 5},
-	err:   `cannot change bootstrap-timeout from 600 to 5`,
-}, {
-	about: "Cannot change lxc-clone",
-	old:   testing.Attrs{"lxc-clone": false},
-	new:   testing.Attrs{"lxc-clone": true},
-	err:   `cannot change lxc-clone from false to true`,
-}, {
-	about: "Cannot change lxc-clone-aufs",
-	old:   testing.Attrs{"lxc-clone-aufs": false},
-	new:   testing.Attrs{"lxc-clone-aufs": true},
-	err:   `cannot change lxc-clone-aufs from false to true`,
-}, {
-	about: "Cannot change lxc-default-mtu",
-	old:   testing.Attrs{"lxc-default-mtu": 9000},
-	new:   testing.Attrs{"lxc-default-mtu": 42},
-	err:   `cannot change lxc-default-mtu from 9000 to 42`,
-}, {
-	about: "Cannot change prefer-ipv6",
-	old:   testing.Attrs{"prefer-ipv6": false},
-	new:   testing.Attrs{"prefer-ipv6": true},
-	err:   `cannot change prefer-ipv6 from false to true`,
-}, {
 	about: "Cannot change uuid",
 	old:   testing.Attrs{"uuid": "90168e4c-2f10-4e9c-83c2-1fb55a58e5a9"},
 	new:   testing.Attrs{"uuid": "dcfbdb4a-bca2-49ad-aa7c-f011424e0fe4"},
 	err:   "cannot change uuid from \"90168e4c-2f10-4e9c-83c2-1fb55a58e5a9\" to \"dcfbdb4a-bca2-49ad-aa7c-f011424e0fe4\"",
-}, {
-	about: "Cannot change controller-uuid",
-	old:   testing.Attrs{"controller-uuid": "90168e4c-2f10-4e9c-83c2-1fb55a58e5a9"},
-	new:   testing.Attrs{"controller-uuid": "dcfbdb4a-bca2-49ad-aa7c-f011424e0fe4"},
-	err:   "cannot change controller-uuid from \"90168e4c-2f10-4e9c-83c2-1fb55a58e5a9\" to \"dcfbdb4a-bca2-49ad-aa7c-f011424e0fe4\"",
 }}
 
 func (s *ConfigSuite) TestValidateChange(c *gc.C) {
@@ -1441,20 +818,17 @@
 func (s *ConfigSuite) addJujuFiles(c *gc.C) {
 	s.FakeHomeSuite.Home.AddFiles(c, []gitjujutesting.TestFile{
 		{".ssh/id_rsa.pub", "rsa\n"},
-		{".local/share/juju/myenv-cert.pem", caCert},
-		{".local/share/juju/myenv-private-key.pem", caKey},
 	}...)
 }
 
 func (s *ConfigSuite) TestValidateUnknownAttrs(c *gc.C) {
 	s.addJujuFiles(c)
 	cfg, err := config.New(config.UseDefaults, map[string]interface{}{
-		"name":            "myenv",
-		"type":            "other",
-		"uuid":            testing.ModelTag.Id(),
-		"controller-uuid": testing.ModelTag.Id(),
-		"known":           "this",
-		"unknown":         "that",
+		"name":    "myenv",
+		"type":    "other",
+		"uuid":    testing.ModelTag.Id(),
+		"known":   "this",
+		"unknown": "that",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -1516,10 +890,9 @@
 func (s *ConfigSuite) TestValidateUnknownEmptyAttr(c *gc.C) {
 	s.addJujuFiles(c)
 	cfg, err := config.New(config.UseDefaults, map[string]interface{}{
-		"name":            "myenv",
-		"type":            "other",
-		"uuid":            testing.ModelTag.Id(),
-		"controller-uuid": testing.ModelTag.Id(),
+		"name": "myenv",
+		"type": "other",
+		"uuid": testing.ModelTag.Id(),
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	warningTxt := `.* unknown config field %q.*`
@@ -1542,8 +915,7 @@
 func newTestConfig(c *gc.C, explicit testing.Attrs) *config.Config {
 	final := testing.Attrs{
 		"type": "my-type", "name": "my-name",
-		"uuid":            testing.ModelTag.Id(),
-		"controller-uuid": testing.ModelTag.Id(),
+		"uuid": testing.ModelTag.Id(),
 	}
 	for key, value := range explicit {
 		final[key] = value
@@ -1711,7 +1083,10 @@
 func (s *ConfigSuite) TestSchemaNoExtra(c *gc.C) {
 	schema, err := config.Schema(nil)
 	c.Assert(err, gc.IsNil)
-	orig := config.ConfigSchema
+	orig := make(environschema.Fields)
+	for name, field := range config.ConfigSchema {
+		orig[name] = field
+	}
 	c.Assert(schema, jc.DeepEquals, orig)
 	// Check that we actually returned a copy, not the original.
 	schema["foo"] = environschema.Attr{}
@@ -1730,7 +1105,10 @@
 	c.Assert(err, gc.IsNil)
 	c.Assert(schema["foo"], gc.DeepEquals, extraField)
 	delete(schema, "foo")
-	orig := config.ConfigSchema
+	orig := make(environschema.Fields)
+	for name, field := range config.ConfigSchema {
+		orig[name] = field
+	}
 	c.Assert(schema, jc.DeepEquals, orig)
 }
 
@@ -1745,81 +1123,6 @@
 	c.Assert(schema, gc.IsNil)
 }
 
-func (s *ConfigSuite) TestGenerateControllerCertAndKey(c *gc.C) {
-	// Add a cert.
-	s.FakeHomeSuite.Home.AddFiles(c, gitjujutesting.TestFile{".ssh/id_rsa.pub", "rsa\n"})
-
-	for _, test := range []struct {
-		configValues map[string]interface{}
-		sanValues    []string
-		errMatch     string
-	}{{
-		configValues: map[string]interface{}{
-			"name":            "test-no-certs",
-			"type":            "dummy",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-		},
-		errMatch: "model configuration has no ca-cert",
-	}, {
-		configValues: map[string]interface{}{
-			"name":            "test-no-certs",
-			"type":            "dummy",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"ca-cert":         testing.CACert,
-		},
-		errMatch: "model configuration has no ca-private-key",
-	}, {
-		configValues: map[string]interface{}{
-			"name":            "test-no-certs",
-			"type":            "dummy",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"ca-cert":         testing.CACert,
-			"ca-private-key":  testing.CAKey,
-		},
-	}, {
-		configValues: map[string]interface{}{
-			"name":            "test-no-certs",
-			"type":            "dummy",
-			"uuid":            testing.ModelTag.Id(),
-			"controller-uuid": testing.ModelTag.Id(),
-			"ca-cert":         testing.CACert,
-			"ca-private-key":  testing.CAKey,
-		},
-		sanValues: []string{"10.0.0.1", "192.168.1.1"},
-	}} {
-		cfg, err := config.New(config.UseDefaults, test.configValues)
-		c.Assert(err, jc.ErrorIsNil)
-		certPEM, keyPEM, err := cfg.GenerateControllerCertAndKey(test.sanValues)
-		if test.errMatch == "" {
-			c.Assert(err, jc.ErrorIsNil)
-
-			_, _, err = cert.ParseCertAndKey(certPEM, keyPEM)
-			c.Check(err, jc.ErrorIsNil)
-
-			err = cert.Verify(certPEM, testing.CACert, time.Now())
-			c.Assert(err, jc.ErrorIsNil)
-			err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(9, 0, 0))
-			c.Assert(err, jc.ErrorIsNil)
-			err = cert.Verify(certPEM, testing.CACert, time.Now().AddDate(10, 0, 1))
-			c.Assert(err, gc.NotNil)
-			srvCert, err := cert.ParseCert(certPEM)
-			c.Assert(err, jc.ErrorIsNil)
-			sanIPs := make([]string, len(srvCert.IPAddresses))
-			for i, ip := range srvCert.IPAddresses {
-				sanIPs[i] = ip.String()
-			}
-			c.Assert(sanIPs, jc.SameContents, test.sanValues)
-		} else {
-			c.Assert(err, gc.ErrorMatches, test.errMatch)
-			c.Assert(certPEM, gc.Equals, "")
-			c.Assert(keyPEM, gc.Equals, "")
-		}
-	}
-}
-
 var specializeCharmRepoTests = []struct {
 	about    string
 	testMode bool
@@ -1879,20 +1182,6 @@
 -----END RSA PRIVATE KEY-----
 `[1:]
 
-var caCert2 = `
------BEGIN CERTIFICATE-----
-MIIBjTCCATmgAwIBAgIBADALBgkqhkiG9w0BAQUwHjENMAsGA1UEChMEanVqdTEN
-MAsGA1UEAxMEcm9vdDAeFw0xMjExMDkxNjQxMDhaFw0yMjExMDkxNjQ2MDhaMB4x
-DTALBgNVBAoTBGp1anUxDTALBgNVBAMTBHJvb3QwWjALBgkqhkiG9w0BAQEDSwAw
-SAJBAJkSWRrr81y8pY4dbNgt+8miSKg4z6glp2KO2NnxxAhyyNtQHKvC+fJALJj+
-C2NhuvOv9xImxOl3Hg8fFPCXCtcCAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgCkMBIG
-A1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYEFOsX/ZCqKzWCAaTTVcWsWKT5Msow
-MB8GA1UdIwQYMBaAFOsX/ZCqKzWCAaTTVcWsWKT5MsowMAsGCSqGSIb3DQEBBQNB
-AAVV57jetEzJQnjgBzhvx/UwauFn78jGhXfV5BrQmxIb4SF4DgSCFstPwUQOAr8h
-XXzJqBQH92KYmp+y3YXDoMQ=
------END CERTIFICATE-----
-`[1:]
-
 var caKey2 = `
 -----BEGIN RSA PRIVATE KEY-----
 MIIBOQIBAAJBAJkSWRrr81y8pY4dbNgt+8miSKg4z6glp2KO2NnxxAhyyNtQHKvC
@@ -1905,32 +1194,6 @@
 -----END RSA PRIVATE KEY-----
 `[1:]
 
-var caCert3 = `
------BEGIN CERTIFICATE-----
-MIIBjTCCATmgAwIBAgIBADALBgkqhkiG9w0BAQUwHjENMAsGA1UEChMEanVqdTEN
-MAsGA1UEAxMEcm9vdDAeFw0xMjExMDkxNjQxMjlaFw0yMjExMDkxNjQ2MjlaMB4x
-DTALBgNVBAoTBGp1anUxDTALBgNVBAMTBHJvb3QwWjALBgkqhkiG9w0BAQEDSwAw
-SAJBAIW7CbHFJivvV9V6mO8AGzJS9lqjUf6MdEPsdF6wx2Cpzr/lSFIggCwRA138
-9MuFxflxb/3U8Nq+rd8rVtTgFMECAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgCkMBIG
-A1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYEFJafrxqByMN9BwGfcmuF0Lw/1QII
-MB8GA1UdIwQYMBaAFJafrxqByMN9BwGfcmuF0Lw/1QIIMAsGCSqGSIb3DQEBBQNB
-AHq3vqNhxya3s33DlQfSj9whsnqM0Nm+u8mBX/T76TF5rV7+B33XmYzSyfA3yBi/
-zHaUR/dbHuiNTO+KXs3/+Y4=
------END CERTIFICATE-----
-`[1:]
-
-var caKey3 = `
------BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAIW7CbHFJivvV9V6mO8AGzJS9lqjUf6MdEPsdF6wx2Cpzr/lSFIg
-gCwRA1389MuFxflxb/3U8Nq+rd8rVtTgFMECAwEAAQJAaivPi4qJPrJb2onl50H/
-VZnWKqmljGF4YQDWduMEt7GTPk+76x9SpO7W4gfY490Ivd9DEXfbr/KZqhwWikNw
-LQIhALlLfRXLF2ZfToMfB1v1v+jith5onAu24O68mkdRc5PLAiEAuMJ/6U07hggr
-Ckf9OT93wh84DK66h780HJ/FUHKcoCMCIDsPZaJBpoa50BOZG0ZjcTTwti3BGCPf
-uZg+w0oCGz27AiEAsUCYKqEXy/ymHhT2kSecozYENdajyXvcaOG3EPkD3nUCICOP
-zatzs7c/4mx4a0JBG6Za0oEPUcm2I34is50KSohz
------END RSA PRIVATE KEY-----
-`[1:]
-
 var invalidCAKey = `
 -----BEGIN RSA PRIVATE KEY-----
 MIIBOgIBAAJAZabKgKInuOxj5vDWLwHHQtK3/45KB+32D15w94Nt83BmuGxo90lw
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/source.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/source.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/config/source.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/config/source.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,40 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package config
+
+// These constants define named sources of model config attributes.
+// After a call to UpdateModelConfig, any attributes added/removed
+// will have a source of JujuModelConfigSource.
+const (
+	// JujuControllerSource is used to label model config attributes that
+	// come from those associated with the controller.
+	JujuControllerSource = "controller"
+
+	// JujuModelConfigSource is used to label model config attributes that
+	// have been explicitly set by the user.
+	JujuModelConfigSource = "model"
+)
+
+// ConfigValue encapsulates a configuration
+// value and its source.
+type ConfigValue struct {
+	// Value is the configuration value.
+	Value interface{}
+
+	// Source is the name of the inherited config
+	// source from where the value originates.
+	Source string
+}
+
+// ConfigValues is a map of configuration values keyed by attribute name.
+type ConfigValues map[string]ConfigValue
+
+// AllAttrs returns just the attribute values from the config.
+func (c ConfigValues) AllAttrs() map[string]interface{} {
+	result := make(map[string]interface{})
+	for attr, val := range c {
+		result[attr] = val
+	}
+	return result
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/config.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,8 +8,6 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-
-	"github.com/juju/juju/environs/config"
 )
 
 var logger = loggo.GetLogger("juju.environs")
@@ -103,22 +101,3 @@
 func Provider(providerType string) (EnvironProvider, error) {
 	return GlobalProviderRegistry().Provider(providerType)
 }
-
-// BootstrapConfig returns a copy of the supplied configuration with the
-// admin-secret and ca-private-key attributes removed. If the resulting
-// config is not suitable for bootstrapping an environment, an error is
-// returned.
-func BootstrapConfig(cfg *config.Config) (*config.Config, error) {
-	m := cfg.AllAttrs()
-	// We never want to push admin-secret or the root CA private key to the cloud.
-	delete(m, "admin-secret")
-	delete(m, "ca-private-key")
-	cfg, err := config.New(config.NoDefaults, m)
-	if err != nil {
-		return nil, err
-	}
-	if _, ok := cfg.AgentVersion(); !ok {
-		return nil, fmt.Errorf("model configuration has no agent-version")
-	}
-	return cfg, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,6 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/provider/dummy"
 	_ "github.com/juju/juju/provider/manual"
 	"github.com/juju/juju/testing"
@@ -35,32 +34,6 @@
 	})
 }
 
-func inMap(attrs testing.Attrs, attr string) bool {
-	_, ok := attrs[attr]
-	return ok
-}
-
-func (*suite) TestBootstrapConfig(c *gc.C) {
-	attrs := dummySampleConfig().Merge(testing.Attrs{
-		"agent-version": "1.2.3",
-	})
-	c.Assert(inMap(attrs, "secret"), jc.IsTrue)
-	c.Assert(inMap(attrs, "ca-private-key"), jc.IsTrue)
-	c.Assert(inMap(attrs, "admin-secret"), jc.IsTrue)
-
-	cfg, err := config.New(config.NoDefaults, attrs)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	cfg1, err := environs.BootstrapConfig(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	expect := cfg.AllAttrs()
-	expect["admin-secret"] = ""
-	expect["ca-private-key"] = ""
-	c.Assert(cfg1.AllAttrs(), gc.DeepEquals, expect)
-}
-
 type dummyProvider struct {
 	environs.EnvironProvider
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/environ.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,30 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package environs
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/environs/config"
+)
+
+// EnvironConfigGetter exposes a model configuration to its clients.
+type EnvironConfigGetter interface {
+	ModelConfig() (*config.Config, error)
+}
+
+// NewEnvironFunc is the type of a function that, given a model config,
+// returns an Environ. This will typically be environs.New.
+type NewEnvironFunc func(*config.Config) (Environ, error)
+
+// GetEnviron returns the environs.Environ ("provider") associated
+// with the model.
+func GetEnviron(st EnvironConfigGetter, newEnviron NewEnvironFunc) (Environ, error) {
+	envcfg, err := st.ModelConfig()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	env, err := newEnviron(envcfg)
+	return env, errors.Trace(err)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/environ_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,28 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package environs_test
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/environs"
+	"github.com/juju/juju/juju/testing"
+)
+
+type environSuite struct {
+	testing.JujuConnSuite
+}
+
+var _ = gc.Suite(&environSuite{})
+
+func (s *environSuite) TestGetEnvironment(c *gc.C) {
+	env, err := environs.GetEnviron(s.State, environs.New)
+	c.Assert(err, jc.ErrorIsNil)
+	config, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(env.Config().UUID(), jc.DeepEquals, config.UUID())
+	c.Check(env, gc.Not(gc.Equals), s.Environ)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/errors.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/errors.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/errors.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/errors.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,9 +11,4 @@
 	ErrNotBootstrapped  = errors.New("model is not bootstrapped")
 	ErrNoInstances      = errors.NotFoundf("instances")
 	ErrPartialInstances = errors.New("only some instances were found")
-
-	// Errors indicating that the provider can't allocate an IP address to an
-	// instance.
-	ErrIPAddressesExhausted = errors.New("can't allocate a new IP address")
-	ErrIPAddressUnavailable = errors.New("the requested IP address is unavailable")
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/gui/simplestreams.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/gui/simplestreams.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/gui/simplestreams.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/gui/simplestreams.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 	"github.com/juju/version"
 
 	"github.com/juju/juju/environs/simplestreams"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	jujuversion "github.com/juju/juju/version"
 )
 
@@ -41,7 +41,7 @@
 	return simplestreams.NewURLSignedDataSource(
 		sourceDescription,
 		baseURL,
-		juju.JujuPublicKey,
+		keys.JujuPublicKey,
 		utils.VerifySSLHostnames,
 		simplestreams.DEFAULT_CLOUD_DATA,
 		requireSigned)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/gui/simplestreams_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/gui/simplestreams_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/gui/simplestreams_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/gui/simplestreams_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,7 @@
 	"github.com/juju/juju/environs/gui"
 	"github.com/juju/juju/environs/simplestreams"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	coretesting "github.com/juju/juju/testing"
 	jujuversion "github.com/juju/juju/version"
 )
@@ -53,7 +53,7 @@
 	c.Assert(url, gc.Equals, "https://1.2.3.4/streams//my/path")
 
 	c.Assert(source.RequireSigned(), jc.IsTrue)
-	c.Assert(source.PublicSigningKey(), gc.Equals, juju.JujuPublicKey)
+	c.Assert(source.PublicSigningKey(), gc.Equals, keys.JujuPublicKey)
 }
 
 var fetchMetadataTests = []struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata/generate.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata/generate.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata/generate.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata/generate.go	2016-07-18 19:45:44.000000000 +0000
@@ -103,6 +103,7 @@
 func writeMetadata(metadata []*ImageMetadata, cloudSpec []simplestreams.CloudSpec,
 	metadataStore storage.Storage) error {
 
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	index, products, err := MarshalImageMetadataJSON(metadata, cloudSpec, time.Now())
 	if err != nil {
 		return err
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata/simplestreams.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata/simplestreams.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata/simplestreams.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata/simplestreams.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	"github.com/juju/utils"
 
 	"github.com/juju/juju/environs/simplestreams"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 )
@@ -99,7 +100,7 @@
 	// public consumption.
 	UbuntuCloudImagesURL = "http://cloud-images.ubuntu.com"
 
-	// The ;ocation of juju specific image metadata including non-Ubuntu images
+	// The location of juju specific image metadata including non-Ubuntu images
 	// in public clouds.
 	JujuStreamsImagesURL = "https://streams.canonical.com/juju/images"
 
@@ -109,7 +110,6 @@
 
 // This needs to be a var so we can override it for testing and in bootstrap.
 var (
-	//
 	DefaultUbuntuBaseURL = UbuntuCloudImagesURL
 	DefaultJujuBaseURL   = JujuStreamsImagesURL
 )
@@ -130,7 +130,7 @@
 			return nil, err
 		}
 		if publicKey == "" {
-			publicKey = SimplestreamsImagesPublicKey
+			publicKey = keys.JujuPublicKey
 		}
 		result = append(
 			result,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata/simplestreams_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata/simplestreams_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata/simplestreams_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata/simplestreams_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,6 +19,7 @@
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/simplestreams"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
+	"github.com/juju/juju/juju/keys"
 )
 
 var live = flag.Bool("live", false, "Include live simplestreams tests")
@@ -110,6 +111,7 @@
 }
 
 func (s *simplestreamsSuite) TestOfficialSources(c *gc.C) {
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	origKey := imagemetadata.SetSigningPublicKey(sstesting.SignedMetadataPublicKey)
 	defer func() {
 		imagemetadata.SetSigningPublicKey(origKey)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/imagemetadata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/imagemetadata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,10 +10,12 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/simplestreams"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	envtesting "github.com/juju/juju/environs/testing"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/testing"
@@ -43,13 +45,15 @@
 			"image-metadata-url": imageMetadataURL,
 		})
 	}
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: attrs["name"].(string),
-			BaseConfig:     attrs,
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			ControllerName:   attrs["name"].(string),
+			BaseConfig:       attrs,
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -61,7 +65,7 @@
 	sources, err := environs.ImageMetadataSources(env)
 	c.Assert(err, jc.ErrorIsNil)
 	sstesting.AssertExpectedSources(c, sources, []sstesting.SourceDetails{
-		{"https://streams.canonical.com/juju/images/releases/", imagemetadata.SimplestreamsImagesPublicKey},
+		{"https://streams.canonical.com/juju/images/releases/", keys.JujuPublicKey},
 		{"http://cloud-images.ubuntu.com/releases/", imagemetadata.SimplestreamsImagesPublicKey},
 	})
 }
@@ -72,7 +76,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	sstesting.AssertExpectedSources(c, sources, []sstesting.SourceDetails{
 		{"config-image-metadata-url/", ""},
-		{"https://streams.canonical.com/juju/images/releases/", imagemetadata.SimplestreamsImagesPublicKey},
+		{"https://streams.canonical.com/juju/images/releases/", keys.JujuPublicKey},
 		{"http://cloud-images.ubuntu.com/releases/", imagemetadata.SimplestreamsImagesPublicKey},
 	})
 }
@@ -102,7 +106,7 @@
 		{"config-image-metadata-url/", ""},
 		{"foobar/", ""},
 		{"betwixt/releases/", ""},
-		{"https://streams.canonical.com/juju/images/releases/", imagemetadata.SimplestreamsImagesPublicKey},
+		{"https://streams.canonical.com/juju/images/releases/", keys.JujuPublicKey},
 		{"http://cloud-images.ubuntu.com/releases/", imagemetadata.SimplestreamsImagesPublicKey},
 	})
 }
@@ -123,7 +127,7 @@
 	sources, err := environs.ImageMetadataSources(env)
 	c.Assert(err, jc.ErrorIsNil)
 	sstesting.AssertExpectedSources(c, sources, []sstesting.SourceDetails{
-		{"https://streams.canonical.com/juju/images/daily/", imagemetadata.SimplestreamsImagesPublicKey},
+		{"https://streams.canonical.com/juju/images/daily/", keys.JujuPublicKey},
 		{"http://cloud-images.ubuntu.com/daily/", imagemetadata.SimplestreamsImagesPublicKey},
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package environs
 
 import (
+	"gopkg.in/juju/environschema.v1"
+
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/config"
@@ -25,7 +27,7 @@
 	// for new environments that may be created in an existing juju server.
 	// Note that this is not called in a client context, so environment variables,
 	// local files, etc are not available.
-	PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error)
+	PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error)
 
 	// PrepareForBootstrap prepares an environment for use.
 	PrepareForBootstrap(ctx BootstrapContext, cfg *config.Config) (Environ, error)
@@ -56,8 +58,22 @@
 	ProviderCredentials
 }
 
+// ProviderSchema can be implemented by a provider to provide
+// access to its configuration schema. Once all providers implement
+// this, it will be included in the EnvironProvider type and the
+// information made available over the API.
+type ProviderSchema interface {
+	// Schema returns the schema for the provider. It should
+	// include all fields defined in environs/config, conventionally
+	// by calling config.Schema.
+	Schema() environschema.Fields
+}
+
 // BootstrapConfigParams contains the parameters for EnvironProvider.BootstrapConfig.
 type BootstrapConfigParams struct {
+	// ControllerUUID is the UUID of the controller to be bootstrapped.
+	ControllerUUID string
+
 	// Config is the base configuration for the provider. This should
 	// be updated with the region, endpoint and credentials.
 	Config *config.Config
@@ -199,26 +215,30 @@
 	Instances(ids []instance.Id) ([]instance.Instance, error)
 
 	// ControllerInstances returns the IDs of instances corresponding
-	// to Juju controllers. If there are no controller instances,
-	// ErrNoInstances is returned. If it can be determined that the
-	// environment has not been bootstrapped, then ErrNotBootstrapped
-	// should be returned instead.
-	ControllerInstances() ([]instance.Id, error)
+	// to Juju controller, having the specified controller UUID.
+	// If there are no controller instances, ErrNoInstances is returned.
+	// If it can be determined that the environment has not been bootstrapped,
+	// then ErrNotBootstrapped should be returned instead.
+	ControllerInstances(controllerUUID string) ([]instance.Id, error)
 
 	// Destroy shuts down all known machines and destroys the
 	// rest of the environment. Note that on some providers,
 	// very recently started instances may not be destroyed
 	// because they are not yet visible.
 	//
-	// If the Environ represents the controller model, then this
-	// method should also destroy any resources relating to hosted
-	// models. This ensures that "kill-controller" can clean up
-	// hosted models when the Juju controller process is unavailable.
-	//
 	// When Destroy has been called, any Environ referring to the
 	// same remote environment may become invalid.
 	Destroy() error
 
+	// DestroyController is similar to Destroy() in that it destroys
+	// the model, which in this case will be the controller model.
+	//
+	// In addition, this method also destroys any resources relating
+	// to hosted models on the controller on which it is invoked.
+	// This ensures that "kill-controller" can clean up hosted models
+	// when the Juju controller process is unavailable.
+	DestroyController(controllerUUID string) error
+
 	Firewaller
 
 	// Provider returns the EnvironProvider that created this Environ.
@@ -253,15 +273,3 @@
 	// same names, but other existing tags will be left alone.
 	TagInstance(id instance.Id, tags map[string]string) error
 }
-
-// MigrationConfigUpdater is an optional interface that a provider
-// can implement that will be called when the model is being imported
-// into a new controller as part of model migration. If the provider stores
-// information specific to the controller, this information can be extracted
-// from the controller config.
-//
-// The return value is a map containing changes that are necessary to be
-// applied to the model's config for the new controller.
-type MigrationConfigUpdater interface {
-	MigrationConfigUpdate(controllerConfig *config.Config) map[string]interface{}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/jujutest/livetests.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/jujutest/livetests.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/jujutest/livetests.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/jujutest/livetests.go	2016-07-18 19:45:44.000000000 +0000
@@ -34,6 +34,7 @@
 	envtoolstesting "github.com/juju/juju/environs/tools/testing"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
@@ -47,6 +48,10 @@
 	jujuversion "github.com/juju/juju/version"
 )
 
+const (
+	AdminSecret = "admin-secret"
+)
+
 // LiveTests contains tests that are designed to run against a live server
 // (e.g. Amazon EC2).  The Environ is opened once only for all the tests
 // in the suite, stored in Env, and Destroyed after the suite has completed.
@@ -90,6 +95,9 @@
 	// the environment. This is initialized by SetUpSuite.
 	ControllerStore jujuclient.ClientStore
 
+	// ControllerUUID is the uuid of the bootstrapped controller.
+	ControllerUUID string
+
 	prepared     bool
 	bootstrapped bool
 	toolsStorage storage.Storage
@@ -99,7 +107,7 @@
 	t.CleanupSuite.SetUpSuite(c)
 	t.TestDataSuite.SetUpSuite(c)
 	t.ControllerStore = jujuclienttesting.NewMemStore()
-	t.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	t.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 }
 
 func (t *LiveTests) SetUpTest(c *gc.C) {
@@ -134,25 +142,57 @@
 		return
 	}
 	args := t.prepareForBootstrapParams(c)
-	e, err := environs.Prepare(envtesting.BootstrapContext(c), t.ControllerStore, args)
+	e, err := bootstrap.Prepare(envtesting.BootstrapContext(c), t.ControllerStore, args)
 	c.Assert(err, gc.IsNil, gc.Commentf("preparing environ %#v", t.TestConfig))
 	c.Assert(e, gc.NotNil)
 	t.Env = e
 	t.prepared = true
+	t.ControllerUUID = coretesting.FakeControllerConfig().ControllerUUID()
+}
+
+func (t *LiveTests) prepareForBootstrapParams(c *gc.C) bootstrap.PrepareParams {
+	credential := t.Credential
+	if credential.AuthType() == "" {
+		credential = cloud.NewEmptyCredential()
+	}
+	return bootstrap.PrepareParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		BaseConfig:       t.TestConfig,
+		Credential:       credential,
+		CloudEndpoint:    t.CloudEndpoint,
+		CloudRegion:      t.CloudRegion,
+		ControllerName:   t.TestConfig["name"].(string),
+		CloudName:        t.TestConfig["type"].(string),
+		AdminSecret:      AdminSecret,
+	}
 }
 
-func (t *LiveTests) prepareForBootstrapParams(c *gc.C) environs.PrepareParams {
+func (t *LiveTests) bootstrapParams() bootstrap.BootstrapParams {
 	credential := t.Credential
 	if credential.AuthType() == "" {
 		credential = cloud.NewEmptyCredential()
 	}
-	return environs.PrepareParams{
-		BaseConfig:     t.TestConfig,
-		Credential:     credential,
-		CloudEndpoint:  t.CloudEndpoint,
-		CloudRegion:    t.CloudRegion,
-		ControllerName: t.TestConfig["name"].(string),
-		CloudName:      t.TestConfig["type"].(string),
+	var regions []cloud.Region
+	if t.CloudRegion != "" {
+		regions = []cloud.Region{{
+			Name:     t.CloudRegion,
+			Endpoint: t.CloudEndpoint,
+		}}
+	}
+	return bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		CloudName:        t.TestConfig["type"].(string),
+		Cloud: cloud.Cloud{
+			Type:      t.TestConfig["type"].(string),
+			AuthTypes: []cloud.AuthType{credential.AuthType()},
+			Regions:   regions,
+			Endpoint:  t.CloudEndpoint,
+		},
+		CloudRegion:         t.CloudRegion,
+		CloudCredential:     &credential,
+		CloudCredentialName: "credential",
+		AdminSecret:         AdminSecret,
+		CAPrivateKey:        coretesting.CAKey,
 	}
 }
 
@@ -168,10 +208,10 @@
 		_, err := sync.Upload(t.toolsStorage, "released", nil, series.LatestLts())
 		c.Assert(err, jc.ErrorIsNil)
 	}
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.Env, bootstrap.BootstrapParams{
-		BootstrapConstraints: cons,
-		ModelConstraints:     cons,
-	})
+	args := t.bootstrapParams()
+	args.BootstrapConstraints = cons
+	args.ModelConstraints = cons
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.Env, args)
 	c.Assert(err, jc.ErrorIsNil)
 	t.bootstrapped = true
 }
@@ -184,6 +224,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	t.bootstrapped = false
 	t.prepared = false
+	t.ControllerUUID = ""
 	t.Env = nil
 }
 
@@ -204,7 +245,7 @@
 func (t *LiveTests) TestStartStop(c *gc.C) {
 	t.BootstrapOnce(c)
 
-	inst, _ := jujutesting.AssertStartInstance(c, t.Env, "0")
+	inst, _ := jujutesting.AssertStartInstance(c, t.Env, t.ControllerUUID, "0")
 	c.Assert(inst, gc.NotNil)
 	id0 := inst.Id()
 
@@ -257,14 +298,14 @@
 func (t *LiveTests) TestPorts(c *gc.C) {
 	t.BootstrapOnce(c)
 
-	inst1, _ := jujutesting.AssertStartInstance(c, t.Env, "1")
+	inst1, _ := jujutesting.AssertStartInstance(c, t.Env, t.ControllerUUID, "1")
 	c.Assert(inst1, gc.NotNil)
 	defer t.Env.StopInstances(inst1.Id())
 	ports, err := inst1.Ports("1")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(ports, gc.HasLen, 0)
 
-	inst2, _ := jujutesting.AssertStartInstance(c, t.Env, "2")
+	inst2, _ := jujutesting.AssertStartInstance(c, t.Env, t.ControllerUUID, "2")
 	c.Assert(inst2, gc.NotNil)
 	ports, err = inst2.Ports("2")
 	c.Assert(err, jc.ErrorIsNil)
@@ -362,13 +403,13 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Create instances and check open ports on both instances.
-	inst1, _ := jujutesting.AssertStartInstance(c, t.Env, "1")
+	inst1, _ := jujutesting.AssertStartInstance(c, t.Env, t.ControllerUUID, "1")
 	defer t.Env.StopInstances(inst1.Id())
 	ports, err := t.Env.Ports()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(ports, gc.HasLen, 0)
 
-	inst2, _ := jujutesting.AssertStartInstance(c, t.Env, "2")
+	inst2, _ := jujutesting.AssertStartInstance(c, t.Env, t.ControllerUUID, "2")
 	ports, err = t.Env.Ports()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(ports, gc.HasLen, 0)
@@ -434,15 +475,18 @@
 	c.Logf("opening state")
 	st := t.Env.(jujutesting.GetStater).GetStateInAPIServer()
 
-	env, err := st.Model()
+	model, err := st.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	owner := env.Owner()
+	owner := model.Owner()
 
 	c.Logf("opening API connection")
-	apiInfo, err := environs.APIInfo(t.Env)
+	controllerCfg, err := st.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	caCert, _ := controllerCfg.CACert()
+	apiInfo, err := environs.APIInfo(model.Tag().Id(), model.Tag().Id(), caCert, controllerCfg.APIPort(), t.Env)
 	c.Assert(err, jc.ErrorIsNil)
 	apiInfo.Tag = owner
-	apiInfo.Password = t.Env.Config().AdminSecret()
+	apiInfo.Password = AdminSecret
 	apiState, err := api.Open(apiInfo, api.DefaultDialOpts())
 	c.Assert(err, jc.ErrorIsNil)
 	defer apiState.Close()
@@ -491,7 +535,7 @@
 	url := testcharms.Repo.ClonedURL(repoDir, mtools0.Version.Series, "dummy")
 	sch, err := jujutesting.PutCharm(st, url, &charmrepo.LocalRepository{Path: repoDir}, false)
 	c.Assert(err, jc.ErrorIsNil)
-	svc, err := st.AddService(state.AddServiceArgs{Name: "dummy", Owner: owner.String(), Charm: sch})
+	svc, err := st.AddApplication(state.AddApplicationArgs{Name: "dummy", Charm: sch})
 	c.Assert(err, jc.ErrorIsNil)
 	units, err := juju.AddUnits(st, svc, 1, nil)
 	c.Assert(err, jc.ErrorIsNil)
@@ -711,9 +755,8 @@
 // a valid machine config.
 func (t *LiveTests) TestStartInstanceWithEmptyNonceFails(c *gc.C) {
 	machineId := "4"
-	stateInfo := jujutesting.FakeStateInfo(machineId)
 	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, "", "released", "quantal", "", true, stateInfo, apiInfo)
+	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, "", "released", "quantal", true, apiInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	t.PrepareOnce(c)
@@ -721,6 +764,7 @@
 		c, t.toolsStorage, "released", "released", version.MustParseBinary("5.4.5-trusty-amd64"),
 	))
 	params := environs.StartInstanceParams{
+		ControllerUUID: coretesting.ModelTag.Id(),
 		Tools:          possibleTools,
 		InstanceConfig: instanceConfig,
 	}
@@ -762,7 +806,7 @@
 	})
 	args := t.prepareForBootstrapParams(c)
 	args.BaseConfig = dummyCfg
-	dummyenv, err := environs.Prepare(envtesting.BootstrapContext(c),
+	dummyenv, err := bootstrap.Prepare(envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
 		args,
 	)
@@ -776,13 +820,13 @@
 		"default-series": other.Series,
 	})
 	args.BaseConfig = attrs
-	env, err := environs.Prepare(envtesting.BootstrapContext(c),
+	env, err := bootstrap.Prepare(envtesting.BootstrapContext(c),
 		t.ControllerStore,
 		args)
 	c.Assert(err, jc.ErrorIsNil)
 	defer environs.Destroy("livetests", env, t.ControllerStore)
 
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, t.bootstrapParams())
 	c.Assert(err, jc.ErrorIsNil)
 
 	st := t.Env.(jujutesting.GetStater).GetStateInAPIServer()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/jujutest/tests.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/jujutest/tests.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/jujutest/tests.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/jujutest/tests.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,10 +32,11 @@
 // is opened once for each test, and some potentially expensive operations
 // may be executed.
 type Tests struct {
-	TestConfig    coretesting.Attrs
-	Credential    cloud.Credential
-	CloudEndpoint string
-	CloudRegion   string
+	TestConfig     coretesting.Attrs
+	Credential     cloud.Credential
+	CloudEndpoint  string
+	CloudRegion    string
+	ControllerUUID string
 	envtesting.ToolsFixture
 	sstesting.TestDataSuite
 
@@ -54,26 +55,50 @@
 	return e
 }
 
-// Prepare prepares an instance of the testing environment.
-func (t *Tests) Prepare(c *gc.C) environs.Environ {
+// PrepareParams returns the environs.PrepareParams that will be used to call
+// environs.Prepare.
+func (t *Tests) PrepareParams(c *gc.C) bootstrap.PrepareParams {
+	testConfigCopy := t.TestConfig.Merge(nil)
+
 	credential := t.Credential
 	if credential.AuthType() == "" {
 		credential = cloud.NewEmptyCredential()
 	}
-	args := environs.PrepareParams{
-		BaseConfig:     t.TestConfig,
-		Credential:     credential,
-		ControllerName: t.TestConfig["name"].(string),
-		CloudName:      t.TestConfig["type"].(string),
-		CloudEndpoint:  t.CloudEndpoint,
-		CloudRegion:    t.CloudRegion,
+	return bootstrap.PrepareParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		BaseConfig:       testConfigCopy,
+		Credential:       credential,
+		ControllerName:   t.TestConfig["name"].(string),
+		CloudName:        t.TestConfig["type"].(string),
+		CloudEndpoint:    t.CloudEndpoint,
+		CloudRegion:      t.CloudRegion,
+		AdminSecret:      AdminSecret,
 	}
-	e, err := environs.Prepare(envtesting.BootstrapContext(c), t.ControllerStore, args)
-	c.Assert(err, gc.IsNil, gc.Commentf("preparing environ %#v", t.TestConfig))
+}
+
+// Prepare prepares an instance of the testing environment.
+func (t *Tests) Prepare(c *gc.C) environs.Environ {
+	return t.PrepareWithParams(c, t.PrepareParams(c))
+}
+
+// PrepareWithParams prepares an instance of the testing environment.
+func (t *Tests) PrepareWithParams(c *gc.C, params bootstrap.PrepareParams) environs.Environ {
+	e, err := bootstrap.Prepare(envtesting.BootstrapContext(c), t.ControllerStore, params)
+	c.Assert(err, gc.IsNil, gc.Commentf("preparing environ %#v", params.BaseConfig))
 	c.Assert(e, gc.NotNil)
 	return e
 }
 
+func (t *Tests) AssertPrepareFailsWithConfig(c *gc.C, badConfig coretesting.Attrs, errorMatches string) error {
+	args := t.PrepareParams(c)
+	args.BaseConfig = coretesting.Attrs(args.BaseConfig).Merge(badConfig)
+
+	e, err := bootstrap.Prepare(envtesting.BootstrapContext(c), t.ControllerStore, args)
+	c.Assert(err, gc.ErrorMatches, errorMatches)
+	c.Assert(e, gc.IsNil)
+	return err
+}
+
 func (t *Tests) SetUpTest(c *gc.C) {
 	storageDir := c.MkDir()
 	baseUrlPath := filepath.Join(storageDir, "tools")
@@ -84,6 +109,7 @@
 	t.UploadFakeTools(c, stor, "released", "released")
 	t.toolsStorage = stor
 	t.ControllerStore = jujuclienttesting.NewMemStore()
+	t.ControllerUUID = coretesting.FakeControllerConfig().ControllerUUID()
 }
 
 func (t *Tests) TearDownTest(c *gc.C) {
@@ -103,7 +129,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(insts, gc.HasLen, 0)
 
-	inst0, hc := testing.AssertStartInstance(c, e, "0")
+	inst0, hc := testing.AssertStartInstance(c, e, t.ControllerUUID, "0")
 	c.Assert(inst0, gc.NotNil)
 	id0 := inst0.Id()
 	// Sanity check for hardware characteristics.
@@ -111,7 +137,7 @@
 	c.Assert(hc.Mem, gc.NotNil)
 	c.Assert(hc.CpuCores, gc.NotNil)
 
-	inst1, _ := testing.AssertStartInstance(c, e, "1")
+	inst1, _ := testing.AssertStartInstance(c, e, t.ControllerUUID, "1")
 	c.Assert(inst1, gc.NotNil)
 	id1 := inst1.Id()
 
@@ -141,16 +167,45 @@
 }
 
 func (t *Tests) TestBootstrap(c *gc.C) {
+	credential := t.Credential
+	if credential.AuthType() == "" {
+		credential = cloud.NewEmptyCredential()
+	}
+
+	var regions []cloud.Region
+	if t.CloudRegion != "" {
+		regions = []cloud.Region{{
+			Name:     t.CloudRegion,
+			Endpoint: t.CloudEndpoint,
+		}}
+	}
+
+	args := bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		CloudName:        t.TestConfig["type"].(string),
+		Cloud: cloud.Cloud{
+			Type:      t.TestConfig["type"].(string),
+			AuthTypes: []cloud.AuthType{credential.AuthType()},
+			Regions:   regions,
+			Endpoint:  t.CloudEndpoint,
+		},
+		CloudRegion:         t.CloudRegion,
+		CloudCredential:     &credential,
+		CloudCredentialName: "credential",
+		AdminSecret:         AdminSecret,
+		CAPrivateKey:        coretesting.CAKey,
+	}
+
 	e := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), e, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), e, args)
 	c.Assert(err, jc.ErrorIsNil)
 
-	controllerInstances, err := e.ControllerInstances()
+	controllerInstances, err := e.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(controllerInstances, gc.Not(gc.HasLen), 0)
 
 	e2 := t.Open(c, e.Config())
-	controllerInstances2, err := e2.ControllerInstances()
+	controllerInstances2, err := e2.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(controllerInstances2, gc.Not(gc.HasLen), 0)
 	c.Assert(controllerInstances2, jc.SameContents, controllerInstances)
@@ -161,7 +216,7 @@
 	// Prepare again because Destroy invalidates old environments.
 	e3 := t.Prepare(c)
 
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), e3, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), e3, args)
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = environs.Destroy(e3.Config().Name(), e3, t.ControllerStore)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/manual/provisioner.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/manual/provisioner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/manual/provisioner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/manual/provisioner.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,9 +19,7 @@
 	"github.com/juju/juju/cloudconfig/cloudinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/cloudconfig/sshinit"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/state/multiwatcher"
 )
 
@@ -59,6 +57,10 @@
 	// Stderr is required to present machine provisioning progress to the user.
 	Stderr io.Writer
 
+	// AuthorizedKeys contains the concatenated authorized-keys to add to the
+	// ubuntu user's ~/.ssh/authorized_keys.
+	AuthorizedKeys string
+
 	*params.UpdateBehavior
 }
 
@@ -77,7 +79,7 @@
 		if machineId != "" && err != nil {
 			logger.Errorf("provisioning failed, removing machine %v: %v", machineId, err)
 			if cleanupErr := args.Client.ForceDestroyMachines(machineId); cleanupErr != nil {
-				logger.Warningf("error cleaning up machine: %s", cleanupErr)
+				logger.Errorf("error cleaning up machine: %s", cleanupErr)
 			}
 			machineId = ""
 		}
@@ -88,8 +90,7 @@
 	// user's ~/.ssh directory. The authenticationworker will later update the
 	// ubuntu user's authorized_keys.
 	user, hostname := splitUserHost(args.Host)
-	authorizedKeys, err := config.ReadAuthorizedKeys("")
-	if err := InitUbuntuUser(hostname, user, authorizedKeys, args.Stdin, args.Stdout); err != nil {
+	if err := InitUbuntuUser(hostname, user, args.AuthorizedKeys, args.Stdin, args.Stdout); err != nil {
 		return "", err
 	}
 
@@ -158,11 +159,9 @@
 		return nil, err
 	}
 
-	var addrs []network.Address
-	if addr, err := HostAddress(hostname); err != nil {
-		logger.Warningf("failed to compute public address for %q: %v", hostname, err)
-	} else {
-		addrs = append(addrs, addr)
+	addr, err := HostAddress(hostname)
+	if err != nil {
+		return nil, errors.Annotatef(err, "failed to compute public address for %q", hostname)
 	}
 
 	provisioned, err := checkProvisioned(hostname)
@@ -185,10 +184,6 @@
 	// task. The provisioner task will happily remove any and all dead
 	// machines from state, but will ignore the associated instance ID
 	// if it isn't one that the environment provider knows about.
-	// Also, manually provisioned machines don't have the JobManageNetworking.
-	// This ensures that the networker is running in non-intrusive mode
-	// and never touches the network configuration files.
-	// No JobManageNetworking here due to manual provisioning.
 
 	instanceId := instance.Id(manualInstancePrefix + hostname)
 	nonce := fmt.Sprintf("%s:%s", instanceId, uuid.String())
@@ -197,7 +192,7 @@
 		HardwareCharacteristics: hc,
 		InstanceId:              instanceId,
 		Nonce:                   nonce,
-		Addrs:                   params.FromNetworkAddresses(addrs),
+		Addrs:                   params.FromNetworkAddresses(addr),
 		Jobs:                    []multiwatcher.MachineJob{multiwatcher.JobHostUnits},
 	}
 	return machineParams, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/manual/provisioner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/manual/provisioner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/manual/provisioner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/manual/provisioner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -139,12 +139,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(icfg, gc.NotNil)
 	c.Check(icfg.APIInfo, gc.NotNil)
-	c.Check(icfg.MongoInfo, gc.NotNil)
 
-	stateInfo := s.MongoInfo(c)
 	apiInfo := s.APIInfo(c)
 	c.Check(icfg.APIInfo.Addrs, gc.DeepEquals, apiInfo.Addrs)
-	c.Check(icfg.MongoInfo.Addrs, gc.DeepEquals, stateInfo.Addrs)
 }
 
 func (s *provisionerSuite) TestProvisioningScript(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/networking.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/networking.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/networking.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/networking.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,12 +4,10 @@
 package environs
 
 import (
-	"github.com/juju/utils/featureflag"
+	"gopkg.in/juju/names.v2"
 
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider"
 )
 
 // SupportsNetworking is a convenience helper to check if an environment
@@ -20,17 +18,6 @@
 // Networking interface defines methods that environments
 // with networking capabilities must implement.
 type Networking interface {
-	// AllocateAddress requests a specific address to be allocated for the given
-	// instance on the given subnet, using the specified macAddress and
-	// hostnameSuffix. If addr is empty, this is interpreted as an output
-	// argument, which will contain the allocated address. Otherwise, addr must
-	// be non-empty and will be allocated as specified, if possible.
-	AllocateAddress(instId instance.Id, subnetId network.Id, addr *network.Address, macAddress, hostnameSuffix string) error
-
-	// ReleaseAddress releases a specific address previously allocated with
-	// AllocateAddress.
-	ReleaseAddress(instId instance.Id, subnetId network.Id, addr network.Address, macAddress, hostname string) error
-
 	// Subnets returns basic information about subnets known
 	// by the provider for the environment.
 	Subnets(inst instance.Id, subnetIds []network.Id) ([]network.SubnetInfo, error)
@@ -39,13 +26,6 @@
 	// interfaces on the given instance.
 	NetworkInterfaces(instId instance.Id) ([]network.InterfaceInfo, error)
 
-	// SupportsAddressAllocation returns whether the given subnetId
-	// supports static IP address allocation using AllocateAddress and
-	// ReleaseAddress. If subnetId is network.AnySubnet, the provider
-	// can decide whether it can return true or a false and an error
-	// (e.g. "subnetId must be set").
-	SupportsAddressAllocation(subnetId network.Id) (bool, error)
-
 	// SupportsSpaces returns whether the current environment supports
 	// spaces. The returned error satisfies errors.IsNotSupported(),
 	// unless a general API failure occurs.
@@ -64,7 +44,7 @@
 	// AllocateContainerAddresses allocates a static address for each of the
 	// container NICs in preparedInfo, hosted by the hostInstanceID. Returns the
 	// network config including all allocated addresses on success.
-	AllocateContainerAddresses(hostInstanceID instance.Id, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error)
+	AllocateContainerAddresses(hostInstanceID instance.Id, containerTag names.MachineTag, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error)
 }
 
 // NetworkingEnviron combines the standard Environ interface with the
@@ -81,14 +61,3 @@
 	ne, ok := environ.(NetworkingEnviron)
 	return ne, ok
 }
-
-// AddressAllocationEnabled is a shortcut for checking if the AddressAllocation
-// feature flag is enabled. The providerType is used to distinguish between MAAS
-// and other providers that still support the legacy address allocation (EC2 and
-// Dummy) until the support can be removed across the board.
-func AddressAllocationEnabled(providerType string) bool {
-	if providerType == provider.MAAS {
-		return false
-	}
-	return featureflag.Enabled(feature.AddressAllocation)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/open.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/open.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/open.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/open.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,23 +4,13 @@
 package environs
 
 import (
-	"crypto/rand"
-	"fmt"
-	"io"
-	"time"
-
 	"github.com/juju/errors"
 
-	"github.com/juju/juju/cert"
-	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/jujuclient"
 )
 
-// ControllerModelName is the name of the admin model in each controller.
-const ControllerModelName = "admin"
-
-// adminUser is the initial admin user created for all controllers.
+// AdminUser is the initial admin user created for all controllers.
 const AdminUser = "admin@local"
 
 // New returns a new environment based on the provided configuration.
@@ -32,236 +22,23 @@
 	return p.Open(config)
 }
 
-// PrepareParams contains the parameters for preparing a controller Environ
-// for bootstrapping.
-type PrepareParams struct {
-	// BaseConfig contains the base configuration for the controller.
-	//
-	// This includes the model name, cloud type, and any user-supplied
-	// configuration. It does not include any default attributes.
-	BaseConfig map[string]interface{}
-
-	// ControllerName is the name of the controller being prepared.
-	ControllerName string
-
-	// CloudName is the name of the cloud that the controller is being
-	// prepared for.
-	CloudName string
-
-	// CloudRegion is the name of the region of the cloud to create
-	// the Juju controller in. This will be empty for clouds without
-	// regions.
-	CloudRegion string
-
-	// CloudEndpoint is the location of the primary API endpoint to
-	// use when communicating with the cloud.
-	CloudEndpoint string
-
-	// CloudStorageEndpoint is the location of the API endpoint to use
-	// when communicating with the cloud's storage service. This will
-	// be empty for clouds that have no cloud-specific API endpoint.
-	CloudStorageEndpoint string
-
-	// Credential is the credential to use to bootstrap.
-	Credential cloud.Credential
-
-	// CredentialName is the name of the credential to use to bootstrap.
-	// This will be empty for auto-detected credentials.
-	CredentialName string
-}
-
-// Prepare prepares a new controller based on the provided configuration.
-// It is an error to prepare a controller if there already exists an
-// entry in the client store with the same name.
-//
-// Upon success, Prepare will update the ClientStore with the details of
-// the controller, admin account, and admin model.
-func Prepare(
-	ctx BootstrapContext,
-	store jujuclient.ClientStore,
-	args PrepareParams,
-) (_ Environ, resultErr error) {
-
-	_, err := store.ControllerByName(args.ControllerName)
-	if err == nil {
-		return nil, errors.AlreadyExistsf("controller %q", args.ControllerName)
-	} else if !errors.IsNotFound(err) {
-		return nil, errors.Annotatef(err, "error reading controller %q info", args.ControllerName)
-	}
-
-	cloudType, ok := args.BaseConfig["type"].(string)
-	if !ok {
-		return nil, errors.NotFoundf("cloud type in base configuration")
-	}
-
-	p, err := Provider(cloudType)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	env, details, err := prepare(ctx, p, args)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	details.Cloud = args.CloudName
-	details.Credential = args.CredentialName
-
-	if err := decorateAndWriteInfo(
-		store, details, args.ControllerName, env.Config().Name(),
-	); err != nil {
-		return nil, errors.Annotatef(err, "cannot create controller %q info", args.ControllerName)
-	}
-	return env, nil
-}
-
-// decorateAndWriteInfo decorates the info struct with information
-// from the given cfg, and the writes that out to the filesystem.
-func decorateAndWriteInfo(
-	store jujuclient.ClientStore,
-	details prepareDetails,
-	controllerName, modelName string,
-) error {
-	accountName := details.User
-	if err := store.UpdateController(controllerName, details.ControllerDetails); err != nil {
-		return errors.Trace(err)
-	}
-	if err := store.UpdateBootstrapConfig(controllerName, details.BootstrapConfig); err != nil {
-		return errors.Trace(err)
-	}
-	if err := store.UpdateAccount(controllerName, accountName, details.AccountDetails); err != nil {
-		return errors.Trace(err)
-	}
-	if err := store.SetCurrentAccount(controllerName, accountName); err != nil {
-		return errors.Trace(err)
-	}
-	if err := store.UpdateModel(controllerName, accountName, modelName, details.ModelDetails); err != nil {
-		return errors.Trace(err)
-	}
-	if err := store.SetCurrentModel(controllerName, accountName, modelName); err != nil {
-		return errors.Trace(err)
-	}
-	return nil
-}
-
-func prepare(
-	ctx BootstrapContext,
-	p EnvironProvider,
-	args PrepareParams,
-) (Environ, prepareDetails, error) {
-	var details prepareDetails
-
-	cfg, err := config.New(config.UseDefaults, args.BaseConfig)
-	if err != nil {
-		return nil, details, errors.Trace(err)
-	}
-	cfg, adminSecret, err := ensureAdminSecret(cfg)
-	if err != nil {
-		return nil, details, errors.Annotate(err, "cannot generate admin-secret")
-	}
-	cfg, caCert, err := ensureCertificate(cfg)
-	if err != nil {
-		return nil, details, errors.Annotate(err, "cannot ensure CA certificate")
-	}
-
-	cfg, err = p.BootstrapConfig(BootstrapConfigParams{
-		cfg, args.Credential, args.CloudRegion,
-		args.CloudEndpoint, args.CloudStorageEndpoint,
-	})
-	if err != nil {
-		return nil, details, errors.Trace(err)
-	}
-	env, err := p.PrepareForBootstrap(ctx, cfg)
-	if err != nil {
-		return nil, details, errors.Trace(err)
-	}
-
-	// We store the base configuration only; we don't want the
-	// default attributes, generated secrets/certificates, or
-	// UUIDs stored in the bootstrap config. Make a copy, so
-	// we don't disturb the caller's config map.
-	details.Config = make(map[string]interface{})
-	for k, v := range args.BaseConfig {
-		details.Config[k] = v
-	}
-	delete(details.Config, config.ControllerUUIDKey)
-	delete(details.Config, config.UUIDKey)
-
-	details.CACert = caCert
-	details.ControllerUUID = cfg.ControllerUUID()
-	details.User = AdminUser
-	details.Password = adminSecret
-	details.ModelUUID = cfg.UUID()
-	details.CloudRegion = args.CloudRegion
-	details.CloudEndpoint = args.CloudEndpoint
-	details.CloudStorageEndpoint = args.CloudStorageEndpoint
-
-	return env, details, nil
-}
-
-type prepareDetails struct {
-	jujuclient.ControllerDetails
-	jujuclient.BootstrapConfig
-	jujuclient.AccountDetails
-	jujuclient.ModelDetails
-}
-
-// ensureAdminSecret returns a config with a non-empty admin-secret.
-func ensureAdminSecret(cfg *config.Config) (*config.Config, string, error) {
-	if secret := cfg.AdminSecret(); secret != "" {
-		return cfg, secret, nil
-	}
-
-	// Generate a random string.
-	buf := make([]byte, 16)
-	if _, err := io.ReadFull(rand.Reader, buf); err != nil {
-		return nil, "", errors.Annotate(err, "generating random secret")
-	}
-	secret := fmt.Sprintf("%x", buf)
-
-	cfg, err := cfg.Apply(map[string]interface{}{"admin-secret": secret})
-	if err != nil {
-		return nil, "", errors.Trace(err)
-	}
-	return cfg, secret, nil
-}
-
-// ensureCertificate generates a new CA certificate and
-// attaches it to the given controller configuration,
-// unless the configuration already has one.
-func ensureCertificate(cfg *config.Config) (*config.Config, string, error) {
-	caCert, hasCACert := cfg.CACert()
-	_, hasCAKey := cfg.CAPrivateKey()
-	if hasCACert && hasCAKey {
-		return cfg, caCert, nil
-	}
-	if hasCACert && !hasCAKey {
-		return nil, "", errors.Errorf("controller configuration with a certificate but no CA private key")
-	}
-
-	caCert, caKey, err := cert.NewCA(cfg.Name(), cfg.UUID(), time.Now().UTC().AddDate(10, 0, 0))
-	if err != nil {
-		return nil, "", errors.Trace(err)
-	}
-	cfg, err = cfg.Apply(map[string]interface{}{
-		config.CACertKey: string(caCert),
-		"ca-private-key": string(caKey),
-	})
-	if err != nil {
-		return nil, "", errors.Trace(err)
-	}
-	return cfg, string(caCert), nil
-}
-
 // Destroy destroys the controller and, if successful,
 // its associated configuration data from the given store.
 func Destroy(
 	controllerName string,
 	env Environ,
-	store jujuclient.ControllerRemover,
+	store jujuclient.ControllerStore,
 ) error {
-	err := store.RemoveController(controllerName)
+	details, err := store.ControllerByName(controllerName)
+	if err != nil && !errors.IsNotFound(err) {
+		return errors.Trace(err)
+	}
+	if err := env.DestroyController(details.ControllerUUID); err != nil {
+		return errors.Trace(err)
+	}
+	err = store.RemoveController(controllerName)
 	if err != nil && !errors.IsNotFound(err) {
 		return errors.Trace(err)
 	}
-	return errors.Trace(env.Destroy())
+	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/open_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/open_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/open_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/open_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,6 @@
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/cert"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
@@ -17,7 +16,7 @@
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
@@ -35,7 +34,7 @@
 func (s *OpenSuite) SetUpTest(c *gc.C) {
 	s.FakeJujuXDGDataHomeSuite.SetUpTest(c)
 	s.ToolsFixture.SetUpTest(c)
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 }
 
 func (s *OpenSuite) TearDownTest(c *gc.C) {
@@ -51,10 +50,13 @@
 	c.Assert(err, jc.ErrorIsNil)
 	ctx := envtesting.BootstrapContext(c)
 	cache := jujuclienttesting.NewMemStore()
-	env, err := environs.Prepare(ctx, cache, environs.PrepareParams{
-		ControllerName: cfg.Name(),
-		BaseConfig:     cfg.AllAttrs(),
-		CloudName:      "dummy",
+	controllerCfg := testing.FakeControllerConfig()
+	env, err := bootstrap.Prepare(ctx, cache, bootstrap.PrepareParams{
+		ControllerConfig: controllerCfg,
+		ControllerName:   cfg.Name(),
+		BaseConfig:       cfg.AllAttrs(),
+		CloudName:        "dummy",
+		AdminSecret:      "admin-secret",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -63,7 +65,11 @@
 	stor, err := filestorage.NewFileStorageWriter(storageDir)
 	c.Assert(err, jc.ErrorIsNil)
 	envtesting.UploadFakeTools(c, stor, cfg.AgentStream(), cfg.AgentStream())
-	err = bootstrap.Bootstrap(ctx, env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(ctx, env, bootstrap.BootstrapParams{
+		ControllerConfig: controllerCfg,
+		AdminSecret:      "admin-secret",
+		CAPrivateKey:     testing.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// New controller should have been added to collection.
@@ -75,25 +81,29 @@
 func (s *OpenSuite) TestUpdateEnvInfo(c *gc.C) {
 	store := jujuclienttesting.NewMemStore()
 	ctx := envtesting.BootstrapContext(c)
+	uuid := utils.MustNewUUID().String()
 	cfg, err := config.New(config.UseDefaults, map[string]interface{}{
-		"type":            "dummy",
-		"name":            "admin-model",
-		"controller-uuid": utils.MustNewUUID().String(),
-		"uuid":            utils.MustNewUUID().String(),
+		"type": "dummy",
+		"name": "admin-model",
+		"uuid": uuid,
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = environs.Prepare(ctx, store, environs.PrepareParams{
-		ControllerName: "controller-name",
-		BaseConfig:     cfg.AllAttrs(),
-		CloudName:      "dummy",
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = uuid
+	_, err = bootstrap.Prepare(ctx, store, bootstrap.PrepareParams{
+		ControllerConfig: controllerCfg,
+		ControllerName:   "controller-name",
+		BaseConfig:       cfg.AllAttrs(),
+		CloudName:        "dummy",
+		AdminSecret:      "admin-secret",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	foundController, err := store.ControllerByName("controller-name")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(foundController.ControllerUUID, gc.Equals, cfg.ControllerUUID())
+	c.Assert(foundController.ControllerUUID, gc.Not(gc.Equals), "")
 	c.Assert(foundController.CACert, gc.Not(gc.Equals), "")
-	foundModel, err := store.ModelByName("controller-name", "admin@local", "admin-model")
+	foundModel, err := store.ModelByName("controller-name", "admin-model")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(foundModel, jc.DeepEquals, &jujuclient.ModelDetails{
 		ModelUUID: cfg.UUID(),
@@ -121,140 +131,9 @@
 	))
 	c.Assert(err, jc.ErrorIsNil)
 	e, err := environs.New(cfg)
-	c.Assert(err, gc.ErrorMatches, "model is not prepared")
-	c.Assert(e, gc.IsNil)
-}
-
-func (*OpenSuite) TestPrepare(c *gc.C) {
-	baselineAttrs := dummy.SampleConfig().Merge(testing.Attrs{
-		"controller": false,
-		"name":       "erewhemos",
-	}).Delete(
-		"ca-cert",
-		"ca-private-key",
-		"admin-secret",
-	)
-	cfg, err := config.New(config.NoDefaults, baselineAttrs)
-	c.Assert(err, jc.ErrorIsNil)
-	controllerStore := jujuclienttesting.NewMemStore()
-	ctx := envtesting.BootstrapContext(c)
-	env, err := environs.Prepare(ctx, controllerStore, environs.PrepareParams{
-		ControllerName: cfg.Name(),
-		BaseConfig:     cfg.AllAttrs(),
-		CloudName:      "dummy",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check that an admin-secret was chosen.
-	adminSecret := env.Config().AdminSecret()
-	c.Assert(adminSecret, gc.HasLen, 32)
-	c.Assert(adminSecret, gc.Matches, "^[0-9a-f]*$")
-
-	// Check that the CA cert was generated.
-	cfgCertPEM, cfgCertOK := env.Config().CACert()
-	cfgKeyPEM, cfgKeyOK := env.Config().CAPrivateKey()
-	c.Assert(cfgCertOK, jc.IsTrue)
-	c.Assert(cfgKeyOK, jc.IsTrue)
-
-	// Check the common name of the generated cert
-	caCert, _, err := cert.ParseCertAndKey(cfgCertPEM, cfgKeyPEM)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(caCert.Subject.CommonName, gc.Equals, `juju-generated CA for model "`+testing.SampleModelName+`"`)
-
-	// Check that controller was cached
-	foundController, err := controllerStore.ControllerByName(cfg.Name())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(foundController.ControllerUUID, gc.DeepEquals, cfg.UUID())
-
-	// Check we cannot call Prepare again.
-	env, err = environs.Prepare(ctx, controllerStore, environs.PrepareParams{
-		ControllerName: cfg.Name(),
-		BaseConfig:     cfg.AllAttrs(),
-		CloudName:      "dummy",
-	})
-	c.Assert(err, jc.Satisfies, errors.IsAlreadyExists)
-	c.Assert(err, gc.ErrorMatches, `controller "erewhemos" already exists`)
-}
-
-func (*OpenSuite) TestPrepareGeneratesDifferentAdminSecrets(c *gc.C) {
-	baselineAttrs := dummy.SampleConfig().Merge(testing.Attrs{
-		"controller": false,
-		"name":       "erewhemos",
-	}).Delete(
-		"admin-secret",
-	)
-
-	ctx := envtesting.BootstrapContext(c)
-	env0, err := environs.Prepare(ctx, jujuclienttesting.NewMemStore(), environs.PrepareParams{
-		ControllerName: "erewhemos",
-		BaseConfig:     baselineAttrs,
-		CloudName:      "dummy",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	adminSecret0 := env0.Config().AdminSecret()
-	c.Assert(adminSecret0, gc.HasLen, 32)
-	c.Assert(adminSecret0, gc.Matches, "^[0-9a-f]*$")
-
-	// Allocate a new UUID, or we'll end up with the same config.
-	newUUID := utils.MustNewUUID()
-	baselineAttrs[config.UUIDKey] = newUUID.String()
-	baselineAttrs[config.ControllerUUIDKey] = newUUID.String()
-
-	env1, err := environs.Prepare(ctx, jujuclienttesting.NewMemStore(), environs.PrepareParams{
-		ControllerName: "erewhemos",
-		BaseConfig:     baselineAttrs,
-		CloudName:      "dummy",
-	})
 	c.Assert(err, jc.ErrorIsNil)
-	adminSecret1 := env1.Config().AdminSecret()
-	c.Assert(adminSecret1, gc.HasLen, 32)
-	c.Assert(adminSecret1, gc.Matches, "^[0-9a-f]*$")
-
-	c.Assert(adminSecret1, gc.Not(gc.Equals), adminSecret0)
-}
-
-func (*OpenSuite) TestPrepareWithMissingKey(c *gc.C) {
-	cfg, err := config.New(config.NoDefaults, dummy.SampleConfig().Delete("ca-cert", "ca-private-key").Merge(
-		testing.Attrs{
-			"controller": false,
-			"name":       "erewhemos",
-			"ca-cert":    string(testing.CACert),
-		},
-	))
-	c.Assert(err, jc.ErrorIsNil)
-	controllerStore := jujuclienttesting.NewMemStore()
-	env, err := environs.Prepare(envtesting.BootstrapContext(c), controllerStore, environs.PrepareParams{
-		ControllerName: cfg.Name(),
-		BaseConfig:     cfg.AllAttrs(),
-		CloudName:      "dummy",
-	})
-	c.Assert(err, gc.ErrorMatches, "cannot ensure CA certificate: controller configuration with a certificate but no CA private key")
-	c.Assert(env, gc.IsNil)
-}
-
-func (*OpenSuite) TestPrepareWithExistingKeyPair(c *gc.C) {
-	cfg, err := config.New(config.NoDefaults, dummy.SampleConfig().Merge(
-		testing.Attrs{
-			"controller":     false,
-			"name":           "erewhemos",
-			"ca-cert":        string(testing.CACert),
-			"ca-private-key": string(testing.CAKey),
-		},
-	))
-	c.Assert(err, jc.ErrorIsNil)
-	ctx := envtesting.BootstrapContext(c)
-	env, err := environs.Prepare(ctx, jujuclienttesting.NewMemStore(), environs.PrepareParams{
-		ControllerName: cfg.Name(),
-		BaseConfig:     cfg.AllAttrs(),
-		CloudName:      "dummy",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	cfgCertPEM, cfgCertOK := env.Config().CACert()
-	cfgKeyPEM, cfgKeyOK := env.Config().CAPrivateKey()
-	c.Assert(cfgCertOK, jc.IsTrue)
-	c.Assert(cfgKeyOK, jc.IsTrue)
-	c.Assert(string(cfgCertPEM), gc.DeepEquals, testing.CACert)
-	c.Assert(string(cfgKeyPEM), gc.DeepEquals, testing.CAKey)
+	_, err = e.ControllerInstances("uuid")
+	c.Assert(err, gc.ErrorMatches, "model is not prepared")
 }
 
 func (*OpenSuite) TestDestroy(c *gc.C) {
@@ -268,11 +147,14 @@
 	store := jujuclienttesting.NewMemStore()
 	// Prepare the environment and sanity-check that
 	// the config storage info has been made.
+	controllerCfg := testing.FakeControllerConfig()
 	ctx := envtesting.BootstrapContext(c)
-	e, err := environs.Prepare(ctx, store, environs.PrepareParams{
-		ControllerName: "controller-name",
-		BaseConfig:     cfg.AllAttrs(),
-		CloudName:      "dummy",
+	e, err := bootstrap.Prepare(ctx, store, bootstrap.PrepareParams{
+		ControllerConfig: controllerCfg,
+		ControllerName:   "controller-name",
+		BaseConfig:       cfg.AllAttrs(),
+		CloudName:        "dummy",
+		AdminSecret:      "admin-secret",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = store.ControllerByName("controller-name")
@@ -283,7 +165,7 @@
 
 	// Check that the environment has actually been destroyed
 	// and that the controller details been removed too.
-	_, err = e.ControllerInstances()
+	_, err = e.ControllerInstances(controllerCfg.ControllerUUID())
 	c.Assert(err, gc.ErrorMatches, "model is not prepared")
 	_, err = store.ControllerByName("controller-name")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/fetchdata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/fetchdata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/fetchdata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/fetchdata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/environs/simplestreams/testing"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 )
 
 type fetchDataSuite struct {
@@ -44,7 +44,7 @@
 	s.expectedCalls = []string{"Fetch", "PublicSigningKey", "Description"}
 	s.readerData = signedData
 	s.expectedData = unsignedData[1:]
-	s.setupDataSource(juju.JujuPublicKey)
+	s.setupDataSource(keys.JujuPublicKey)
 	s.assertFetchDataFail(c, `cannot read data for source "" at URL this.path.doesnt.matter.for.test.either: openpgp: signature made by unknown entity`)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/json_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/json_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/json_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/json_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package simplestreams_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/simplestreams_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/simplestreams_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/simplestreams_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/simplestreams_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -447,6 +447,12 @@
 	)
 }
 
+func (s *simplestreamsSuite) TestStorageVirtFromItem(c *gc.C) {
+	s.assertImageMetadata(c,
+		storageVirtTest{"com.ubuntu.cloud:server:14.04:amd64", "20140118", "nzww1pe", "ssd", "hvm"},
+	)
+}
+
 func (s *simplestreamsSuite) assertImageMetadata(c *gc.C, one storageVirtTest) {
 	metadata := s.AssertGetMetadata(c)
 	metadataCatalog := metadata.Products[one.product]
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/testing/testing.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/testing/testing.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/simplestreams/testing/testing.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/simplestreams/testing/testing.go	2016-07-18 19:45:44.000000000 +0000
@@ -444,8 +444,8 @@
     "20140118": {
      "items": {
       "nzww1pe": {
-       "root_store": "ebs",
-       "virt": "pv",
+       "root_store": "ssd",
+       "virt": "hvm",
        "id": "ami-36745463"
       }
      },
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/suite_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/suite_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/suite_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/suite_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,11 @@
 package environs_test
 
 import (
-	"testing"
+	stdtesting "testing"
 
-	gc "gopkg.in/check.v1"
+	"github.com/juju/juju/testing"
 )
 
-func Test(t *testing.T) {
-	gc.TestingT(t)
+func TestPackage(t *stdtesting.T) {
+	testing.MgoTestPackage(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/sync/sync.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/sync/sync.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/sync/sync.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/sync/sync.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,7 +21,7 @@
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/environs/storage"
 	envtools "github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	coretools "github.com/juju/juju/tools"
 	jujuversion "github.com/juju/juju/version"
 )
@@ -161,7 +161,7 @@
 		return nil, err
 	}
 	logger.Infof("using sync tools source: %v", sourceURL)
-	return simplestreams.NewURLSignedDataSource("sync tools source", sourceURL, juju.JujuPublicKey, utils.VerifySSLHostnames, simplestreams.CUSTOM_CLOUD_DATA, false), nil
+	return simplestreams.NewURLSignedDataSource("sync tools source", sourceURL, keys.JujuPublicKey, utils.VerifySSLHostnames, simplestreams.CUSTOM_CLOUD_DATA, false), nil
 }
 
 // copyTools copies a set of tools from the source to the target.
@@ -191,7 +191,7 @@
 		return err
 	}
 	if tools.SHA256 == "" {
-		logger.Warningf("no SHA-256 hash for %v", tools.SHA256)
+		logger.Errorf("no SHA-256 hash for %v", tools.SHA256) // TODO(dfc) can you spot the bug ?
 	} else if sha256 != tools.SHA256 {
 		return errors.Errorf("SHA-256 hash mismatch (%v/%v)", sha256, tools.SHA256)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tags/tags.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tags/tags.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tags/tags.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tags/tags.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,7 +3,7 @@
 
 package tags
 
-import "github.com/juju/names"
+import "gopkg.in/juju/names.v2"
 
 const (
 	// JujuTagPrefix is the prefix for Juju-managed tags.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tags/tags_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tags/tags_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tags/tags_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tags/tags_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package tags_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/testing/bootstrap.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/testing/bootstrap.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/testing/bootstrap.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/testing/bootstrap.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,8 +23,15 @@
 // do not attempt to SSH to non-existent machines. The result is a function
 // that restores finishBootstrap.
 func DisableFinishBootstrap() func() {
-	f := func(environs.BootstrapContext, ssh.Client, environs.Environ, instance.Instance, *instancecfg.InstanceConfig) error {
-		logger.Warningf("provider/common.FinishBootstrap is disabled")
+	f := func(
+		environs.BootstrapContext,
+		ssh.Client,
+		environs.Environ,
+		instance.Instance,
+		*instancecfg.InstanceConfig,
+		environs.BootstrapDialOpts,
+	) error {
+		logger.Infof("provider/common.FinishBootstrap is disabled")
 		return nil
 	}
 	return testing.PatchValue(&common.FinishBootstrap, f)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/simplestreams.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/simplestreams.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/simplestreams.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/simplestreams.go	2016-07-18 19:45:44.000000000 +0000
@@ -432,6 +432,7 @@
 // streamMetadata contains all known metadata so that the correct index files can be written.
 // Only product files for the specified streams are written.
 func WriteMetadata(stor storage.Storage, streamMetadata map[string][]*ToolsMetadata, streams []string, writeMirrors ShouldWriteMirrors) error {
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	updated := time.Now()
 	index, legacyIndex, products, err := MarshalToolsMetadataJSON(streamMetadata, updated)
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/simplestreams_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/simplestreams_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/simplestreams_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/simplestreams_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,7 +31,7 @@
 	"github.com/juju/juju/environs/storage"
 	"github.com/juju/juju/environs/tools"
 	toolstesting "github.com/juju/juju/environs/tools/testing"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	coretesting "github.com/juju/juju/testing"
 	coretools "github.com/juju/juju/tools"
 )
@@ -1049,7 +1049,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	imageData["/signed/streams/v1/tools_metadata.sjson"] = string(signedData)
 	sstesting.SetRoundTripperFiles(imageData, map[string]int{"signedtest://unauth": http.StatusUnauthorized})
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 }
 
 func (s *signedSuite) TearDownSuite(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/testing/testing.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/testing/testing.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/testing/testing.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/testing/testing.go	2016-07-18 19:45:44.000000000 +0000
@@ -234,6 +234,7 @@
 	var streamMetadata = map[string][]*tools.ToolsMetadata{
 		stream: metadata,
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	index, legacyIndex, products, err := tools.MarshalToolsMetadataJSON(streamMetadata, time.Now())
 	c.Assert(err, jc.ErrorIsNil)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/tools_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/tools_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/tools_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/tools_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,11 +16,12 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
 	toolstesting "github.com/juju/juju/environs/tools/testing"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
 	coretesting "github.com/juju/juju/testing"
@@ -45,7 +46,7 @@
 	s.BaseSuite.SetUpSuite(c)
 	s.customToolsDir = c.MkDir()
 	s.publicToolsDir = c.MkDir()
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 }
 
 func (s *SimpleStreamsToolsSuite) SetUpTest(c *gc.C) {
@@ -97,12 +98,14 @@
 	jujuversion.Current = s.origCurrentVersion
 	dummy.Reset(c)
 	attrs = dummy.SampleConfig().Merge(attrs)
-	env, err := environs.Prepare(envtesting.BootstrapContext(c),
+	env, err := bootstrap.Prepare(envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: attrs["name"].(string),
-			BaseConfig:     attrs,
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: coretesting.FakeControllerConfig(),
+			ControllerName:   attrs["name"].(string),
+			BaseConfig:       attrs,
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/urls.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/urls.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/urls.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/urls.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,7 @@
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/environs/storage"
 	envutils "github.com/juju/juju/environs/utils"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 )
 
 type toolsDatasourceFuncId struct {
@@ -77,7 +77,7 @@
 		if !config.SSLHostnameVerification() {
 			verify = utils.NoVerifySSLHostnames
 		}
-		sources = append(sources, simplestreams.NewURLSignedDataSource(conf.AgentMetadataURLKey, userURL, juju.JujuPublicKey, verify, simplestreams.SPECIFIC_CLOUD_DATA, false))
+		sources = append(sources, simplestreams.NewURLSignedDataSource(conf.AgentMetadataURLKey, userURL, keys.JujuPublicKey, verify, simplestreams.SPECIFIC_CLOUD_DATA, false))
 	}
 
 	envDataSources, err := environmentDataSources(env)
@@ -93,7 +93,7 @@
 	}
 	if defaultURL != "" {
 		sources = append(sources,
-			simplestreams.NewURLSignedDataSource("default simplestreams", defaultURL, juju.JujuPublicKey, utils.VerifySSLHostnames, simplestreams.DEFAULT_CLOUD_DATA, true))
+			simplestreams.NewURLSignedDataSource("default simplestreams", defaultURL, keys.JujuPublicKey, utils.VerifySSLHostnames, simplestreams.DEFAULT_CLOUD_DATA, true))
 	}
 	return sources, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/urls_test.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/urls_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/tools/urls_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/tools/urls_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,11 +13,12 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/simplestreams"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/testing"
@@ -43,12 +44,14 @@
 			"agent-metadata-url": toolsMetadataURL,
 		})
 	}
-	env, err := environs.Prepare(envtesting.BootstrapContext(c),
+	env, err := bootstrap.Prepare(envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: attrs["name"].(string),
-			BaseConfig:     attrs,
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: coretesting.FakeControllerConfig(),
+			ControllerName:   attrs["name"].(string),
+			BaseConfig:       attrs,
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -59,7 +62,7 @@
 	env := s.env(c, "")
 	sources, err := tools.GetMetadataSources(env)
 	c.Assert(err, jc.ErrorIsNil)
-	sstesting.AssertExpectedSources(c, sources, []sstesting.SourceDetails{{"https://streams.canonical.com/juju/tools/", juju.JujuPublicKey}})
+	sstesting.AssertExpectedSources(c, sources, []sstesting.SourceDetails{{"https://streams.canonical.com/juju/tools/", keys.JujuPublicKey}})
 }
 
 func (s *URLsSuite) TestToolsSources(c *gc.C) {
@@ -67,8 +70,8 @@
 	sources, err := tools.GetMetadataSources(env)
 	c.Assert(err, jc.ErrorIsNil)
 	sstesting.AssertExpectedSources(c, sources, []sstesting.SourceDetails{
-		{"config-tools-metadata-url/", juju.JujuPublicKey},
-		{"https://streams.canonical.com/juju/tools/", juju.JujuPublicKey},
+		{"config-tools-metadata-url/", keys.JujuPublicKey},
+		{"https://streams.canonical.com/juju/tools/", keys.JujuPublicKey},
 	})
 }
 
@@ -92,9 +95,9 @@
 	sources, err := tools.GetMetadataSources(env)
 	c.Assert(err, jc.ErrorIsNil)
 	sstesting.AssertExpectedSources(c, sources, []sstesting.SourceDetails{
-		{"config-tools-metadata-url/", juju.JujuPublicKey},
+		{"config-tools-metadata-url/", keys.JujuPublicKey},
 		{"betwixt/releases/", ""},
-		{"https://streams.canonical.com/juju/tools/", juju.JujuPublicKey},
+		{"https://streams.canonical.com/juju/tools/", keys.JujuPublicKey},
 	})
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/environs/utils.go juju-core-2.0~beta12/src/github.com/juju/juju/environs/utils.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/environs/utils.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/environs/utils.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,14 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package environs
 
 import (
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/instance"
@@ -63,8 +66,8 @@
 
 // APIInfo returns an api.Info for the environment. The result is populated
 // with addresses and CA certificate, but no tag or password.
-func APIInfo(env Environ) (*api.Info, error) {
-	instanceIds, err := env.ControllerInstances()
+func APIInfo(controllerUUID, modelUUID, caCert string, apiPort int, env Environ) (*api.Info, error) {
+	instanceIds, err := env.ControllerInstances(controllerUUID)
 	if err != nil {
 		return nil, err
 	}
@@ -73,17 +76,11 @@
 	if err != nil {
 		return nil, err
 	}
-	config := env.Config()
-	cert, hasCert := config.CACert()
-	if !hasCert {
-		return nil, errors.New("config has no CACert")
-	}
-	apiPort := config.APIPort()
 	apiAddrs := network.HostPortsToStrings(
 		network.AddressesWithPort(addrs, apiPort),
 	)
-	modelTag := names.NewModelTag(config.UUID())
-	apiInfo := &api.Info{Addrs: apiAddrs, CACert: cert, ModelTag: modelTag}
+	modelTag := names.NewModelTag(modelUUID)
+	apiInfo := &api.Info{Addrs: apiAddrs, CACert: caCert, ModelTag: modelTag}
 	return apiInfo, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/etc/bash_completion.d/juju2 juju-core-2.0~beta12/src/github.com/juju/juju/etc/bash_completion.d/juju2
--- juju-core-2.0~beta7/src/github.com/juju/juju/etc/bash_completion.d/juju2	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/etc/bash_completion.d/juju2	1970-01-01 00:00:00.000000000 +0000
@@ -1,145 +0,0 @@
-# juju-core.bash_completion.sh: dynamic bash completion for juju cmdline,
-# from parsed (and cached) juju status output.
-#
-# Author: JuanJo Ciarlante <jjo@canonical.com>
-# Copyright 2013+, Canonical Ltd.
-# License: GPLv3
-#
-
-# Print (return) all machines
-_juju_machines_from_file() {
-python -c '
-import json, sys; j=json.load(sys.stdin)
-print "\n".join(j["machines"].keys());' < ${1?}
-}
-
-# Print (return) all units, each optionally postfixed by $2 (eg. 'myservice/0:')
-_juju_units_from_file() {
-python -c '
-trail="'${2}'"
-import json, sys; j=json.load(sys.stdin)
-all_units=[]
-for k,v in j["services"].items():
-    if v.get("units"):
-        all_units.extend(v.get("units",{}).keys())
-print "\n".join([unit + trail for unit in all_units])
-' < ${1?}
-}
-
-# Print (return) all services
-_juju_services_from_file() {
-python -c '
-import json, sys; j=json.load(sys.stdin)
-print "\n".join(j["services"].keys());' < ${1?}
-}
-
-# Print (return) both services and units, currently used for juju status completion
-_juju_services_and_units_from_file() {
-    _juju_services_from_file "$@"
-    _juju_units_from_file "$@"
-}
-
-# Print (return) all juju commands
-_juju_list_commands() {
-    juju help commands 2>/dev/null | awk '{print $1}'
-}
-
-# Print (return) flags for juju action, shamelessly excluding
-# -m/--model for cleaner completion for common usage cases
-# (e.g. juju ssh <TAB>, etc)
-_juju_flags_for() {
-    test -z "${1}" && return 0
-    juju help ${1} 2>/dev/null |egrep -o --  '(^|-)-[a-z-]+'|egrep -v -- '^(-m|--model)'|sort -u
-}
-
-# Print (return) guessed completion function for cmd.
-# Guessing is done by parsing 1st line of juju help <cmd>,
-# see case switch below.
-_juju_completion_func_for_cmd() {
-    local action=${1} cword=${2}
-    # if cword==1 or action==help, use _juju_list_commands
-    if [ "${cword}" -eq 1 -o "${action}" = help ]; then
-        echo _juju_list_commands
-        return 0
-    fi
-    # parse 1st line of juju help <cmd>, to guess the completion function
-    case $(juju help ${action} 2>/dev/null| head -1) in
-        # special case for ssh, scp which have 'service' in 1st line of help:
-        *\<unit*|*juju?ssh*|*juju?scp*)    echo _juju_units_from_file;;
-        *\<service*)    echo _juju_services_from_file;;
-        *\<machine*)    echo _juju_machines_from_file;;
-        *pattern*)      echo _juju_services_and_units_from_file;; # e.g. status
-        ?*)     echo true ;;  # help ok, existing command, no more expansion
-        *)      echo false;;  # failed, not a command
-    esac
-}
-
-# Print (return) filename from juju status cached output (if not expired),
-# create cache dirs if needed
-# - setups caching dir if non-existent
-# - caches juju status output, $cache_mins minutes max
-_juju_get_status_filename() {
-    local cache_mins=60     # ttl=60 mins
-    local cache_dir=$HOME/.cache/juju
-    local juju_status_file=${cache_dir}/juju-status-${JUJU_MODEL:-default}
-    # setup caching dir under ~/.cache/juju
-    test -d ${cache_dir} || install -d ${cache_dir} -m 700
-    # if can't find a fresh (age < $cache_mins) saved file, with a ~reasonable size ...
-    if [[ -z $(find "${juju_status_file}" -mmin -${cache_mins} -a -size +32c 2> /dev/null) ]]; then
-        # ... create it
-        juju status --format=json > "${juju_status_file}".tmp && \
-            mv "${juju_status_file}".tmp "${juju_status_file}"
-        rm -f "${juju_status_file}".tmp
-    fi
-    if [ -r "${juju_status_file}" ]; then
-        echo "${juju_status_file}"
-    else
-        return 1
-    fi
-}
-# Main completion function wrap:
-# calls passed completion function, also adding flags for cmd
-_juju_complete_with_func() {
-    local action="${1}" func=${2?}
-    local cur
-
-    # scp is special, as we want ':' appended to unit names,
-    # and filename completion also.
-    local postfix_str= compgen_xtra=
-    if [ "${action}" = "scp" ]; then
-        local orig_comp_wordbreaks="${COMP_WORDBREAKS}"
-        COMP_WORDBREAKS="${COMP_WORDBREAKS/:/}"
-        postfix_str=':'
-        compgen_xtra='-A file'
-        compopt -o nospace
-    fi
-    juju_status_file=
-    # if func name ends with 'from_file', set juju_status_file
-    [[ ${func} =~ .*from_file ]] &&  juju_status_file=$(_juju_get_status_filename)
-    # build COMPREPLY from passed function stdout, and _juju_flags_for $action
-    cur="${COMP_WORDS[COMP_CWORD]}"
-    COMPREPLY=( $( compgen ${compgen_xtra} -W "$(${func} ${juju_status_file} ${postfix_str}) $(_juju_flags_for "${action}")" -- ${cur} ))
-    if [ "${action}" = "scp" ]; then
-        COMP_WORDBREAKS="${orig_comp_wordbreaks}"
-        compopt +o nospace
-    fi
-    return 0
-}
-
-# Not used here, available to the user for quick cache removal
-_juju_completion_cache_rm() {
-    rm -fv $HOME/.cache/juju/juju-status-${JUJU_MODEL:-default}
-}
-
-# main completion function entry point
-_juju() {
-    local action parsing_func
-    action="${COMP_WORDS[1]}"
-    COMPREPLY=()
-    parsing_func=$(_juju_completion_func_for_cmd "${action}" ${COMP_CWORD})
-    test -z "${parsing_func}" && return 0
-    _juju_complete_with_func "${action}" "${parsing_func}"
-    return $?
-}
-complete -F _juju juju
-# vim: ai et sw=2 ts=2
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/etc/bash_completion.d/juju-2.0 juju-core-2.0~beta12/src/github.com/juju/juju/etc/bash_completion.d/juju-2.0
--- juju-core-2.0~beta7/src/github.com/juju/juju/etc/bash_completion.d/juju-2.0	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/etc/bash_completion.d/juju-2.0	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,355 @@
+# juju-core.bash_completion.sh: dynamic bash completion for juju 2.0 cmdline,
+# from parsed (and cached) juju status output.
+#
+# Author: JuanJo Ciarlante <jjo@canonical.com>
+# Copyright 2016+, Canonical Ltd.
+# License: GPLv3
+#
+# Includes --model and --controller handling:
+#   juju list-models --controller <TAB>
+#   juju switch <TAB>
+#   juju status --model <TAB>
+#   juju ssh --model <TAB> [... will complete with proper model's units/etc ...]
+#
+
+# Print (return) cache filename for "juju status"
+_juju_2_0_juju_status_cache_fname() {
+    local model=$(_get_current_model)
+    local juju_status_file=${cache_dir}/juju-status-"${model}"
+    _juju_2_0_cache_cmd ${_juju_2_0_cache_TTL} \
+      echo ${_juju_cmd_JUJU_2_0?} status --model "${model}" --format json
+    return $?
+}
+# Print (return) all machines
+_juju_2_0_machines_from_status() {
+    local cache_fname=$(_juju_2_0_juju_status_cache_fname)
+    [ -n "${cache_fname}" ] || return 0
+${_juju_cmd_PYTHON?} -c '
+import json, sys
+sys.stderr.close()
+j = json.load(sys.stdin)
+print ("\n".join(j.get("machines", {}).keys()));
+'   < ${cache_fname}
+}
+
+# Print (return) all units, each optionally postfixed by $2 (eg. 'myservice/0:')
+_juju_2_0_units_from_status() {
+    local cache_fname=$(_juju_2_0_juju_status_cache_fname)
+    [ -n "${cache_fname}" ] || return 0
+${_juju_cmd_PYTHON?} -c '
+trail = "'${2}'"
+import json, sys
+sys.stderr.close()
+j = json.load(sys.stdin)
+all_units = []
+for k, v in j.get("applications", {}).items():
+    all_units.extend(v.get("units", {}).keys())
+print ("\n".join([unit + trail for unit in all_units]))
+'   < ${cache_fname}
+}
+
+# Print (return) all applications
+_juju_2_0_applications_from_status() {
+    local cache_fname=$(_juju_2_0_juju_status_cache_fname)
+    [ -n "${cache_fname}" ] || return 0
+    ${_juju_cmd_PYTHON?} -c '
+import json, sys
+sys.stderr.close()
+j = json.load(sys.stdin)
+print ("\n".join(j.get("applications", {}).keys()))
+'   < ${cache_fname}
+}
+
+# Print (return) all actions IDS from (cached) "juju show-action-status" output
+_juju_2_0_action_ids_from_action_status() {
+    local model=$(_get_current_model)
+    local juju_status_file=${cache_dir}/juju-status-"${model}"
+    local cache_fname=$(
+      _juju_2_0_cache_cmd ${_juju_2_0_cache_TTL} \
+        echo ${_juju_cmd_JUJU_2_0?} show-action-status --model "${model}" --format json
+    ) || return $?
+    [ -n "${cache_fname}" ] || return 0
+    ${_juju_cmd_PYTHON?} -c '
+import json, sys
+sys.stderr.close()
+print ("\n".join([x["id"] for x in json.load(sys.stdin).get("actions", {})]))
+'   < ${cache_fname}
+}
+
+# Print (return) all storage IDs from (cached) "juju list-storage" output
+# Caches "juju list-storage" output, print(return) cache filename
+_juju_2_0_storage_ids_from_list_storage() {
+    local model=$(_get_current_model)
+    local juju_status_file=${cache_dir}/juju-status-"${model}"
+    local cache_fname=$(
+      _juju_2_0_cache_cmd ${_juju_2_0_cache_TTL} \
+        echo ${_juju_cmd_JUJU_2_0?} list-storage --model "${model}" --format json
+    ) || return $?
+    [ -n "${cache_fname}" ] || return 0
+    ${_juju_cmd_PYTHON?} -c '
+import json, sys
+sys.stderr.close()
+print ("\n".join(json.load(sys.stdin).get("storage", {}).keys()))
+'   < ${cache_fname}
+}
+
+# Print (return) both applications and units, currently used for juju status completion
+_juju_2_0_applications_and_units_from_status() {
+    _juju_2_0_applications_from_status
+    _juju_2_0_units_from_status
+}
+
+# Print (return) both units and machines
+_juju_2_0_units_and_machines_from_status() {
+    _juju_2_0_units_from_status
+    _juju_2_0_machines_from_status
+}
+
+# Print (return) all juju commands
+_juju_2_0_list_commands() {
+    ${_juju_cmd_JUJU_2_0?} help commands 2>/dev/null | awk '{print $1}'
+}
+
+# Print (return) flags for juju action
+_juju_2_0_flags_for() {
+    [ -n "${1}" ] || return 0
+    ${_juju_cmd_JUJU_2_0?} help ${1} 2>/dev/null |egrep -o --  '(^|-)-[a-z-]+'|sort -u
+}
+
+_juju_2_0_list_controllers_from_stdin() {
+    sed '1s/^$/{}/' |\
+    ${_juju_cmd_PYTHON?} -c '
+import json, sys
+sys.stderr.close()
+print ("\n".join(
+  json.load(sys.stdin).get("controllers", {}).keys())
+)'
+}
+_juju_2_0_list_models_from_stdin() {
+    sed '1s/^$/{}/' |\
+    ${_juju_cmd_PYTHON?} -c '
+import json, sys
+sys.stderr.close()
+print ("\n".join(
+  ["'$1'" + m["name"] for m in json.load(sys.stdin).get("models", {})]
+))'
+}
+# List all controllers
+_juju_2_0_list_controllers_noflags() {
+    _juju_2_0_cache_cmd ${_juju_2_0_cache_TTL} cat \
+      ${_juju_cmd_JUJU_2_0?} list-controllers --format json | \
+        _juju_2_0_list_controllers_from_stdin
+}
+# Print:
+# - list of controllers as: <controller>:<current_model>
+# - list of models under current controller
+_juju_2_0_list_controllers_models_noflags() {
+    # derive cur_controller from fully specified current model: CONTROLLER:MODEL
+    local cur_controller=$(_get_current_model)
+    cur_controller=${cur_controller%%:*}
+
+    # List all controller:models
+    local controllers=$(_juju_2_0_list_controllers_noflags 2>/dev/null)
+    [ -n "${controllers}" ] || { echo "ERROR: no valid controller found (current: ${cur_controller})" >&2; return 0 ;}
+    local controller=
+    for controller in ${controllers};do
+      _juju_2_0_cache_cmd ${_juju_2_0_cache_TTL} cat \
+        ${_juju_cmd_JUJU_2_0?} list-models --controller ${controller} --format json |\
+          _juju_2_0_list_models_from_stdin "${controller}:"
+      # early break, specially if user hit Ctrl-C
+      [ $? -eq 0 ] || return 1
+    done
+
+    # List all models under current controller
+    _juju_2_0_cache_cmd ${_juju_2_0_cache_TTL} cat \
+      ${_juju_cmd_JUJU_2_0?} list-models --controller ${cur_controller} --format json |\
+        _juju_2_0_list_models_from_stdin
+}
+
+# Print (return) guessed completion function for cmd.
+# Guessing is done by parsing 1st line of juju help <cmd>,
+# see case switch below.
+_juju_2_0_completion_func_for_cmd() {
+    local action=${1} cword=${2}
+    # if cword==1 or action==help, use _juju_2_0_list_commands
+    if [ "${cword}" -eq 1 -o "${action}" = help ]; then
+        echo _juju_2_0_list_commands
+        return 0
+    fi
+    # normally prev_word is just that ...
+    local prev_word=${COMP_WORDS[cword-1]}
+    # special case for eg:
+    #   juju ssh -m myctrl:<TAB>  => COMP_WORDS[cword] is ':'
+    #   juju ssh -m myctrl:f<TAB> => COMP_WORDS[cword-1] is ':'
+    [[ ${COMP_WORDS[cword]}   == : ]] && prev_word=${COMP_WORDS[cword-2]}
+    [[ ${COMP_WORDS[cword-1]} == : ]] && prev_word=${COMP_WORDS[cword-3]}
+    case "${prev_word}" in
+        --controller|-c)
+            echo _juju_2_0_list_controllers_noflags; return 0;;
+        --model|-m)
+            echo _juju_2_0_list_controllers_models_noflags; return 0;;
+        --application)
+            echo _juju_2_0_applications_from_status; return 0;;
+        --unit)
+            echo _juju_2_0_units_from_status; return 0;;
+        --machine)
+            echo _juju_2_0_machines_from_status; return 0;;
+    esac
+    # parse 1st line of juju help <cmd>, to guess the completion function
+    # order below is important (more specific matches 1st)
+    case $(${_juju_cmd_JUJU_2_0?} help ${action} 2>/dev/null| head -1) in
+        # special case for ssh, scp:
+        *bootstrap*)
+            echo true ;;  # help ok, existing command, no more expansion
+        *juju?ssh*|*juju?scp*)
+            echo _juju_2_0_units_and_machines_from_status;;
+        *\<unit*)
+            echo _juju_2_0_units_from_status;;
+        *\<service*)
+            echo _juju_2_0_applications_from_status;;
+        *\<application*)
+            echo _juju_2_0_applications_from_status;;
+        *\<machine*)
+            echo _juju_2_0_machines_from_status;;
+        *\<action*)
+            echo _juju_2_0_action_ids_from_action_status;;
+        *show-storage*)
+            echo _juju_2_0_storage_ids_from_list_storage;;
+        *pattern*|*application-or-unit*)
+            echo _juju_2_0_applications_and_units_from_status;; # e.g. status
+        *\<controller*:*\<model*|*--model*)
+            echo _juju_2_0_list_controllers_models_noflags;;
+        *\<controller?name*)
+            echo _juju_2_0_list_controllers_noflags;;
+        ?*)
+            echo true ;;  # help ok, existing command, no more expansion
+        *)
+            echo false;;  # failed, not a command
+    esac
+}
+
+# Print (return) current model as found in the cmdline --model <...>
+# else default from $JUJU_MODEL or $(juju switch)
+_get_current_model() {
+    set +e
+    local model=""
+    if [[ ${COMP_LINE} =~ .*(--model|-m)\ ([^ ]+)\ (: [^ ]+\ )?.* ]];then
+       model="${BASH_REMATCH[2]}${BASH_REMATCH[3]}"
+       model="${model// /}"
+    fi
+    if [ -z "${model}" ];then
+       model=${JUJU_MODEL:-$(${_juju_cmd_JUJU_2_0?} switch)}
+    fi
+    echo "$model"
+}
+# Generic command cache function: caches cmdline output, called as:
+# _juju_2_0_cache_cmd TTL ACTION cmd args ...
+#   TTL:    cache expiration in mins
+#   ACTION: what to do with cached filename:
+#           - cat (return content)
+#           - echo (return cache filename, think "pointer")
+_juju_2_0_cache_cmd() {
+    local cache_ttl="${1:?missing TTL}" # TTL in mins
+    local ret_action=${2:?missing what to return: "echo" or "cat"}
+    shift 2
+    local cmd="${*:?}"
+    local cache_dir=$HOME/.cache/juju
+    local cache_file=${cmd}
+    # replace / by _
+    cache_file=${cache_file//\//_}
+    # replace space by __
+    cache_file=${cache_file// /__}
+    # under cache_dir
+    cache_file=${cache_dir}/${cache_file}
+    local cmd_pid=
+    test -d ${cache_dir} || install -d ${cache_dir} -m 700
+    # older than TTL => remove
+    find "${cache_file}" -mmin +${cache_ttl} -a -size +64c -delete 2> /dev/null
+    # older than TTL/2 or missing => refresh in background
+    local cache_refresh=$((${cache_ttl}/2))
+    if [[ -z $(find "${cache_file}" -mmin -${cache_refresh} -a -size +64c 2> /dev/null) ]]; then
+        # ... create it in background (locking the .tmp to avoid many runs against same cache file
+        coproc flock -xn "${cache_file}".tmp \
+          sh -c "$cmd > ${cache_file}.tmp && mv -f ${cache_file}.tmp ${cache_file}; rm -f ${cache_file}.tmp"
+    fi
+    # if missing => wait
+    [ ! -s "${cache_file}" -a -n "${COPROC[0]}" ] && read -u ${COPROC[0]}
+    # if still missing => fail
+    [ ! -s "${cache_file}" ] && echo "" && return 1
+    # use it:
+    "${ret_action}" "${cache_file}"
+}
+
+# Main completion function wrap:
+# calls passed completion function, also adding flags for cmd
+_juju_2_0_complete_with_func() {
+    local action="${1}" func=${2?}
+    # scp is special, as we want ':' appended to unit names,
+    # and filename completion also.
+    local postfix_str= compgen_xtra=
+    if [[ ${action} == scp ]]; then
+        postfix_str=':'
+        compgen_xtra='-A file'
+        compopt -o nospace
+    fi
+
+    # build COMPREPLY from passed function stdout, and _juju_2_0_flags_for $action
+    # don't clutter with cmd flags for functions named *_noflags
+    local flags
+    case "${func}" in
+        *_noflags) flags="";;
+        *) flags=$(_juju_2_0_flags_for "${action}");;
+    esac
+
+    #echo "** comp=$(set|egrep ^COMP) ** func=$func **" >&2
+
+    # properly handle ':'
+    # see http://stackoverflow.com/questions/10528695/how-to-reset-comp-wordbreaks-without-effecting-other-completion-script
+    local cur="${COMP_WORDS[COMP_CWORD]}"
+    _get_comp_words_by_ref -n : cur
+    COMPREPLY=( $( compgen ${compgen_xtra} -W "$(${func} ${postfix_str}) $flags" -- ${cur} ))
+    __ltrim_colon_completions "$cur"
+
+    if [[ ${action} == scp ]]; then
+        compopt +o nospace
+    fi
+
+
+    return 0
+}
+
+# Not used here, available to the user for quick cache removal
+_juju_2_0_rm_completion_cache() {
+    rm -fv $HOME/.cache/juju/juju-status-*
+}
+
+# main completion function entry point
+_juju_complete_2_0() {
+    local action parsing_func
+    action="${COMP_WORDS[1]}"
+    COMPREPLY=()
+    parsing_func=$(_juju_2_0_completion_func_for_cmd "${action}" ${COMP_CWORD})
+    test -n "${parsing_func}" && \
+      _juju_2_0_complete_with_func "${action}" "${parsing_func}"
+    return $?
+}
+# _juju_2_0_cache_TTL [mins]
+export _juju_2_0_cache_TTL=2
+# All above completion is juju-2.0 specific, uses $_juju_cmd_JUJU_2_0
+export _juju_cmd_JUJU_2_0=/usr/bin/juju-2.0
+# Select python3, else python2
+export _juju_cmd_PYTHON
+for _juju_cmd_PYTHON in /usr/bin/python{3,2};do
+  [ -x ${_juju_cmd_PYTHON?} ] && break
+done
+# Add juju-2.0 completion
+complete -F _juju_complete_2_0 juju-2.0
+
+# Also hook "juju" (without version) to make this file "self" sufficient.
+#
+# Note that in a normal install will be overridden later by
+# /etc/bash_completion.d/juju-version which does runtime detection
+# of 1.x or 2.0 autocompletion.
+complete -F _juju_complete_2_0 juju
+
+# vim: ai et sw=2 ts=2
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/etc/bash_completion.d/juju-version juju-core-2.0~beta12/src/github.com/juju/juju/etc/bash_completion.d/juju-version
--- juju-core-2.0~beta7/src/github.com/juju/juju/etc/bash_completion.d/juju-version	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/etc/bash_completion.d/juju-version	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,24 @@
+# "run"time juju completion by version
+_juju_complete_ver() {
+    case "$(juju version)" in
+      2.0*)
+        # See /etc/bash_completion.d/juju-2.0
+        _juju_complete_2_0 "$@"
+        return $?
+        ;;
+      1.*)
+        # See /etc/bash_completion.d/juju-core
+        _juju "$@"
+        return $?
+        ;;
+    esac
+}
+
+# Hook _juju_complete_ver for 'juju' cmd
+# If juju-1 is also installed, it'll override it's completion
+# as this "juju-version" named file will be loaded after
+# "juju-2.0" and "juju-core".
+complete -F _juju juju-1
+complete -F _juju_complete_ver juju
+
+# vim: ai et sw=2 ts=2
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/feature/flags.go juju-core-2.0~beta12/src/github.com/juju/juju/feature/flags.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/feature/flags.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/feature/flags.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,11 +23,6 @@
 // instead of systemd for vivid and newer.
 const LegacyUpstart = "legacy-upstart"
 
-// AddressAllocation is used to indicate that LXC and KVM containers
-// on providers that support that (currently only MAAS and EC2) will
-// use statically allocated IP addresses.
-const AddressAllocation = "address-allocation"
-
 // PostNetCLIMVP is used to indicate that additional networking
 // commands will be available in addition to the networking MVP ones
 // (space list|create, subnet list|add).
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/api_model_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/api_model_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/api_model_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/api_model_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/modelmanager"
@@ -87,12 +87,12 @@
 		{
 			UserName:       owner.UserName(),
 			DisplayName:    owner.DisplayName(),
-			Access:         "write",
+			Access:         "admin",
 			LastConnection: lastConnPointer(c, owner),
 		}, {
 			UserName:       "bobjohns@ubuntuone",
 			DisplayName:    "Bob Johns",
-			Access:         "write",
+			Access:         "admin",
 			LastConnection: lastConnPointer(c, modelUser),
 		},
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/api_undertaker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/api_undertaker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/api_undertaker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/api_undertaker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -58,8 +58,8 @@
 	c.Assert(result.Error, gc.IsNil)
 	info := result.Result
 	c.Assert(info.UUID, gc.Equals, coretesting.ModelTag.Id())
-	c.Assert(info.Name, gc.Equals, "admin")
-	c.Assert(info.GlobalName, gc.Equals, "user-admin@local/admin")
+	c.Assert(info.Name, gc.Equals, "controller")
+	c.Assert(info.GlobalName, gc.Equals, "user-admin@local/controller")
 	c.Assert(info.IsSystem, jc.IsTrue)
 	c.Assert(info.Life, gc.Equals, params.Alive)
 }
@@ -101,8 +101,8 @@
 	c.Assert(result.Error, gc.IsNil)
 	envInfo := result.Result
 	c.Assert(envInfo.UUID, gc.Equals, otherSt.ModelUUID())
-	c.Assert(envInfo.Name, gc.Equals, "hosted_env")
-	c.Assert(envInfo.GlobalName, gc.Equals, "user-admin@local/hosted_env")
+	c.Assert(envInfo.Name, gc.Equals, "hosted-env")
+	c.Assert(envInfo.GlobalName, gc.Equals, "user-admin@local/hosted-env")
 	c.Assert(envInfo.IsSystem, jc.IsFalse)
 	c.Assert(envInfo.Life, gc.Equals, params.Alive)
 }
@@ -114,7 +114,7 @@
 	err := undertakerClient.ProcessDyingModel()
 	c.Assert(err, gc.ErrorMatches, "model is not dying")
 
-	factory.NewFactory(otherSt).MakeService(c, nil)
+	factory.NewFactory(otherSt).MakeApplication(c, nil)
 	env, err := otherSt.Model()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(env.Destroy(), jc.ErrorIsNil)
@@ -149,7 +149,7 @@
 	err := undertakerClient.RemoveModel()
 	c.Assert(err, gc.ErrorMatches, "an error occurred, unable to remove model")
 
-	factory.NewFactory(otherSt).MakeService(c, nil)
+	factory.NewFactory(otherSt).MakeApplication(c, nil)
 	env, err := otherSt.Model()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(env.Destroy(), jc.ErrorIsNil)
@@ -167,7 +167,7 @@
 }
 
 func (s *undertakerSuite) hostedAPI(c *gc.C) (*undertaker.Client, *state.State) {
-	otherState := s.Factory.MakeModel(c, &factory.ModelParams{Name: "hosted_env"})
+	otherState := s.Factory.MakeModel(c, &factory.ModelParams{Name: "hosted-env"})
 
 	password, err := utils.RandomPassword()
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_controller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_controller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_controller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_controller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,15 +12,15 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/modelmanager"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/juju/commands"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/juju"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/jujuclient"
@@ -44,10 +44,9 @@
 	return context
 }
 
-func (s *cmdControllerSuite) createModelAdminUser(c *gc.C, modelname string, isServer bool) params.Model {
+func (s *cmdControllerSuite) createModelAdminUser(c *gc.C, modelname string, isServer bool) params.ModelInfo {
 	modelManager := modelmanager.NewClient(s.APIState)
-	model, err := modelManager.CreateModel(s.AdminUserTag(c).Id(), nil, map[string]interface{}{
-		"name":       modelname,
+	model, err := modelManager.CreateModel(modelname, s.AdminUserTag(c).Id(), "", "", map[string]interface{}{
 		"controller": isServer,
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -57,8 +56,7 @@
 func (s *cmdControllerSuite) createModelNormalUser(c *gc.C, modelname string, isServer bool) {
 	s.run(c, "add-user", "test")
 	modelManager := modelmanager.NewClient(s.APIState)
-	_, err := modelManager.CreateModel(names.NewLocalUserTag("test").Id(), nil, map[string]interface{}{
-		"name":            modelname,
+	_, err := modelManager.CreateModel(modelname, names.NewLocalUserTag("test").Id(), "", "", map[string]interface{}{
 		"authorized-keys": "ssh-key",
 		"controller":      isServer,
 	})
@@ -67,11 +65,11 @@
 
 func (s *cmdControllerSuite) TestControllerListCommand(c *gc.C) {
 	context := s.run(c, "list-controllers")
-	expectedOutput := fmt.Sprintf(`
-CONTROLLER  MODEL  USER         SERVER
-kontroll*   admin  admin@local  %s
+	expectedOutput := `
+CONTROLLER  MODEL       USER         CLOUD/REGION
+kontroll*   controller  admin@local  dummy
 
-`[1:], s.APIState.Addr())
+`[1:]
 	c.Assert(testing.Stdout(context), gc.Equals, expectedOutput)
 }
 
@@ -79,9 +77,9 @@
 	s.createModelAdminUser(c, "new-model", false)
 	context := s.run(c, "list-models")
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"NAME       OWNER        STATUS     LAST CONNECTION\n"+
-		"admin*     admin@local  available  just now\n"+
-		"new-model  admin@local  available  never connected\n"+
+		"MODEL        OWNER        STATUS     LAST CONNECTION\n"+
+		"controller*  admin@local  available  just now\n"+
+		"new-model    admin@local  available  never connected\n"+
 		"\n")
 }
 
@@ -89,9 +87,9 @@
 	s.createModelNormalUser(c, "new-model", false)
 	context := s.run(c, "list-models", "--all")
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"NAME       OWNER        STATUS     LAST CONNECTION\n"+
-		"admin*     admin@local  available  just now\n"+
-		"new-model  test@local   available  never connected\n"+
+		"MODEL        OWNER        STATUS     LAST CONNECTION\n"+
+		"controller*  admin@local  available  just now\n"+
+		"new-model    test@local   available  never connected\n"+
 		"\n")
 }
 
@@ -99,10 +97,11 @@
 	context := s.run(c, "list-models", "--format=yaml")
 	c.Assert(testing.Stdout(context), gc.Matches, `
 models:
-- name: admin
+- name: controller
   model-uuid: deadbeef-0bad-400d-8000-4b1d0d06f00d
   controller-uuid: deadbeef-0bad-400d-8000-4b1d0d06f00d
   owner: admin@local
+  cloud: dummy
   type: dummy
   life: alive
   status:
@@ -111,9 +110,9 @@
   users:
     admin@local:
       display-name: admin
-      access: write
+      access: admin
       last-connection: just now
-current-model: admin
+current-model: controller
 `[1:])
 }
 
@@ -126,16 +125,22 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = m.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
-	err = m.SetStatus(status.StatusDestroying, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusDestroying,
+		Message: "",
+		Since:   &now,
+	}
+	err = m.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Dead models still show up in the list. It's a lie to pretend they
 	// don't exist, and they will go away quickly.
 	context := s.run(c, "list-models")
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
-		"NAME       OWNER        STATUS      LAST CONNECTION\n"+
-		"admin*     admin@local  available   just now\n"+
-		"new-model  admin@local  destroying  never connected\n"+
+		"MODEL        OWNER        STATUS      LAST CONNECTION\n"+
+		"controller*  admin@local  available   just now\n"+
+		"new-model    admin@local  destroying  never connected\n"+
 		"\n")
 }
 
@@ -145,21 +150,26 @@
 	// a config value for 'controller'.
 	context := s.run(c, "add-model", "new-model", "authorized-keys=fake-key", "controller=false")
 	c.Check(testing.Stdout(context), gc.Equals, "")
-	c.Check(testing.Stderr(context), gc.Equals, "added model \"new-model\"\n")
+	c.Check(testing.Stderr(context), gc.Equals, `
+Added 'new-model' model for user 'admin'
+
+No SSH authorized-keys were found. You must use "juju add-ssh-key"
+before "juju ssh", "juju scp", or "juju debug-hooks" will work.
+`[1:])
 
 	// Make sure that the saved server details are sufficient to connect
 	// to the api server.
-	accountDetails, err := s.ControllerStore.AccountByName("kontroll", "admin@local")
+	accountDetails, err := s.ControllerStore.AccountDetails("kontroll")
 	c.Assert(err, jc.ErrorIsNil)
-	modelDetails, err := s.ControllerStore.ModelByName("kontroll", "admin@local", "new-model")
+	modelDetails, err := s.ControllerStore.ModelByName("kontroll", "new-model")
 	c.Assert(err, jc.ErrorIsNil)
 	api, err := juju.NewAPIConnection(juju.NewAPIConnectionParams{
-		Store:           s.ControllerStore,
-		ControllerName:  "kontroll",
-		AccountDetails:  accountDetails,
-		ModelUUID:       modelDetails.ModelUUID,
-		BootstrapConfig: noBootstrapConfig,
-		DialOpts:        api.DefaultDialOpts(),
+		Store:          s.ControllerStore,
+		ControllerName: "kontroll",
+		AccountDetails: accountDetails,
+		ModelUUID:      modelDetails.ModelUUID,
+		DialOpts:       api.DefaultDialOpts(),
+		OpenAPI:        api.Open,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	api.Close()
@@ -171,7 +181,7 @@
 		ConfigAttrs: testing.Attrs{"controller": true},
 	})
 	defer st.Close()
-	factory.NewFactory(st).MakeService(c, nil)
+	factory.NewFactory(st).MakeApplication(c, nil)
 
 	stop := make(chan struct{})
 	done := make(chan struct{})
@@ -244,7 +254,7 @@
 	s.State.SwitchBlockOn(state.ChangeBlock, "TestChangeBlock")
 
 	ctx := s.run(c, "list-all-blocks", "--format", "json")
-	expected := fmt.Sprintf(`[{"name":"admin","model-uuid":"%s","owner-tag":"%s","blocks":["BlockDestroy","BlockChange"]}]`,
+	expected := fmt.Sprintf(`[{"name":"controller","model-uuid":"%s","owner-tag":"%s","blocks":["BlockDestroy","BlockChange"]}]`,
 		s.State.ModelUUID(), s.AdminUserTag(c).String())
 
 	strippedOut := strings.Replace(testing.Stdout(ctx), "\n", "", -1)
@@ -300,6 +310,11 @@
 	}
 }
 
-func noBootstrapConfig(controllerName string) (*config.Config, error) {
-	return nil, errors.NotFoundf("bootstrap config for controller %s", controllerName)
+func (s *cmdControllerSuite) TestGetControllerConfigYAML(c *gc.C) {
+	context := s.run(c, "get-controller-config", "--format=yaml")
+	controllerCfg, err := s.State.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	cfgYaml, err := yaml.Marshal(controllerCfg)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(testing.Stdout(context), gc.Equals, string(cfgYaml))
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_dumplogs_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_dumplogs_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_dumplogs_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_dumplogs_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,20 +10,21 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
-	agenttesting "github.com/juju/juju/cmd/jujud/agent/testing"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
 	"github.com/juju/juju/cmd/jujud/dumplogs"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/version"
 )
 
 type dumpLogsCommandSuite struct {
-	agenttesting.AgentSuite
+	agenttest.AgentSuite
 }
 
 func (s *dumpLogsCommandSuite) SetUpTest(c *gc.C) {
@@ -50,7 +51,7 @@
 
 	t := time.Date(2015, 11, 4, 3, 2, 1, 0, time.UTC)
 	for _, st := range states {
-		w := state.NewDbLogger(st, names.NewMachineTag("42"))
+		w := state.NewDbLogger(st, names.NewMachineTag("42"), version.Current)
 		defer w.Close()
 		for i := 0; i < 3; i++ {
 			err := w.Log(t, "module", "location", loggo.INFO, fmt.Sprintf("%d", i))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_login_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_login_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_login_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_login_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -35,7 +35,7 @@
 }
 
 func (s *cmdLoginSuite) createTestUser(c *gc.C) {
-	s.run(c, nil, "add-user", "test", "--models", "admin")
+	s.run(c, nil, "add-user", "test", "--models", "controller")
 	s.changeUserPassword(c, "test", "hunter2")
 }
 
@@ -60,7 +60,7 @@
 
 	// We should have a macaroon, but no password, in the client store.
 	store := jujuclient.NewFileClientStore()
-	accountDetails, err := store.AccountByName("kontroll", "test@local")
+	accountDetails, err := store.AccountDetails("kontroll")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(accountDetails.Password, gc.Equals, "")
 	c.Assert(accountDetails.Macaroon, gc.Not(gc.Equals), "")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_model_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_model_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_model_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_model_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/juju/commands"
 	jujutesting "github.com/juju/juju/juju/testing"
@@ -40,7 +40,7 @@
 
 func (s *cmdModelSuite) TestGrantModelCmdStack(c *gc.C) {
 	username := "bar@ubuntuone"
-	context := s.run(c, "grant", username, "admin")
+	context := s.run(c, "grant", username, "controller")
 	obtained := strings.Replace(testing.Stdout(context), "\n", "", -1)
 	expected := ""
 	c.Assert(obtained, gc.Equals, expected)
@@ -59,7 +59,7 @@
 	// Firstly share a model with a user
 	username := "bar@ubuntuone"
 	s.Factory.MakeModelUser(c, &factory.ModelUserParams{
-		User: username, Access: state.ModelReadAccess})
+		User: username, Access: state.ReadAccess})
 
 	// Because we are calling into juju through the main command,
 	// and the main command adds a warning logging writer, we need
@@ -67,7 +67,7 @@
 	loggo.RemoveWriter("warning")
 
 	// Then test that the unshare command stack is hooked up
-	context := s.run(c, "revoke", username, "admin")
+	context := s.run(c, "revoke", username, "controller")
 	obtained := strings.Replace(testing.Stdout(context), "\n", "", -1)
 	expected := ""
 	c.Assert(obtained, gc.Equals, expected)
@@ -81,7 +81,7 @@
 func (s *cmdModelSuite) TestModelUsersCmd(c *gc.C) {
 	// Firstly share an model with a user
 	username := "bar@ubuntuone"
-	context := s.run(c, "grant", username, "admin")
+	context := s.run(c, "grant", username, "controller")
 	user := names.NewUserTag(username)
 	modelUser, err := s.State.ModelUser(user)
 	c.Assert(err, jc.ErrorIsNil)
@@ -96,7 +96,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(testing.Stdout(context), gc.Equals, ""+
 		"NAME                 ACCESS  LAST CONNECTION\n"+
-		"admin@local (admin)  write   just now\n"+
+		"admin@local (admin)  admin   just now\n"+
 		"bar@ubuntuone        read    never connected\n"+
 		"\n")
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_register_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_register_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_register_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_register_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -60,8 +60,10 @@
 	context = s.run(c, stdin, args...)
 	c.Check(testing.Stdout(context), gc.Equals, "")
 	c.Check(testing.Stderr(context), gc.Equals, `
-Please set a name for this controller: 
-Enter password: 
+WARNING: the controller proposed "kontroll" which clashes with an existing controller. The two controllers are entirely different.
+
+Please set a name for this controller:
+Enter a new password: 
 Confirm password: 
 
 Welcome, bob. You are now logged into "bob-controller".
@@ -74,14 +76,14 @@
 
 	// Make sure that the saved server details are sufficient to connect
 	// to the api server.
-	accountDetails, err := s.ControllerStore.AccountByName("bob-controller", "bob@local")
+	accountDetails, err := s.ControllerStore.AccountDetails("bob-controller")
 	c.Assert(err, jc.ErrorIsNil)
 	api, err := juju.NewAPIConnection(juju.NewAPIConnectionParams{
-		Store:           s.ControllerStore,
-		ControllerName:  "bob-controller",
-		AccountDetails:  accountDetails,
-		BootstrapConfig: noBootstrapConfig,
-		DialOpts:        api.DefaultDialOpts(),
+		Store:          s.ControllerStore,
+		ControllerName: "bob-controller",
+		AccountDetails: accountDetails,
+		DialOpts:       api.DefaultDialOpts(),
+		OpenAPI:        api.Open,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(api.Close(), jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmdjuju_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmdjuju_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmdjuju_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmdjuju_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,8 +8,8 @@
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
 
+	"github.com/juju/juju/cmd/juju/application"
 	"github.com/juju/juju/cmd/juju/model"
-	"github.com/juju/juju/cmd/juju/service"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
 	jujutesting "github.com/juju/juju/juju/testing"
@@ -46,7 +46,7 @@
 	err := svc.SetConstraints(constraints.Value{CpuCores: uint64p(64)})
 	c.Assert(err, jc.ErrorIsNil)
 
-	context, err := testing.RunCommand(c, service.NewServiceGetConstraintsCommand(), "svc")
+	context, err := testing.RunCommand(c, application.NewServiceGetConstraintsCommand(), "svc")
 	c.Assert(testing.Stdout(context), gc.Equals, "cpu-cores=64\n")
 	c.Assert(testing.Stderr(context), gc.Equals, "")
 }
@@ -55,7 +55,7 @@
 	ch := s.AddTestingCharm(c, "dummy")
 	svc := s.AddTestingService(c, "dummy-service", ch)
 
-	_, err := testing.RunCommand(c, service.NewSetCommand(), "dummy-service",
+	_, err := testing.RunCommand(c, application.NewSetCommand(), "dummy-service",
 		"username=hello", "outlook=hello@world.tld")
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -81,7 +81,7 @@
 	err := svc.UpdateConfigSettings(settings)
 	c.Assert(err, jc.ErrorIsNil)
 
-	_, err = testing.RunCommand(c, service.NewSetCommand(), "--to-default", "dummy-service", "username")
+	_, err = testing.RunCommand(c, application.NewSetCommand(), "--to-default", "dummy-service", "username")
 	c.Assert(err, jc.ErrorIsNil)
 
 	expect := charm.Settings{
@@ -93,8 +93,8 @@
 }
 
 func (s *cmdJujuSuite) TestServiceGet(c *gc.C) {
-	expected := `charm: dummy
-service: dummy-service
+	expected := `application: dummy-service
+charm: dummy
 settings:
   outlook:
     default: true
@@ -106,7 +106,7 @@
     type: int
   title:
     default: true
-    description: A descriptive title used for the service.
+    description: A descriptive title used for the application.
     type: string
     value: My Title
   username:
@@ -118,14 +118,14 @@
 	ch := s.AddTestingCharm(c, "dummy")
 	s.AddTestingService(c, "dummy-service", ch)
 
-	context, err := testing.RunCommand(c, service.NewGetCommand(), "dummy-service")
+	context, err := testing.RunCommand(c, application.NewGetCommand(), "dummy-service")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(testing.Stdout(context), gc.Equals, expected)
+	c.Assert(testing.Stdout(context), jc.DeepEquals, expected)
 }
 
 func (s *cmdJujuSuite) TestServiceAddUnitExistingContainer(c *gc.C) {
 	ch := s.AddTestingCharm(c, "dummy")
-	svc := s.AddTestingService(c, "some-service-name", ch)
+	svc := s.AddTestingService(c, "some-application-name", ch)
 
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
@@ -133,10 +133,10 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
-	_, err = testing.RunCommand(c, service.NewAddUnitCommand(), "some-service-name",
+	_, err = testing.RunCommand(c, application.NewAddUnitCommand(), "some-application-name",
 		"--to", container.Id())
 	c.Assert(err, jc.ErrorIsNil)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_user_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_user_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/cmd_juju_user_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/cmd_juju_user_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"strings"
 
 	"github.com/juju/cmd"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cmd/juju/commands"
 	jujutesting "github.com/juju/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/dblog_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/dblog_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/dblog_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/dblog_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,19 +8,20 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	agentcmd "github.com/juju/juju/cmd/jujud/agent"
-	agenttesting "github.com/juju/juju/cmd/jujud/agent/testing"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
 	"github.com/juju/juju/state"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/version"
 	"github.com/juju/juju/worker/logsender"
 	"github.com/juju/juju/worker/peergrouper"
 )
@@ -30,7 +31,7 @@
 // tests with more detailed testing of the individual components
 // being done in unit tests.
 type dblogSuite struct {
-	agenttesting.AgentSuite
+	agenttest.AgentSuite
 }
 
 func (s *dblogSuite) SetUpTest(c *gc.C) {
@@ -112,7 +113,7 @@
 // debugLogDbSuite tests that the debuglog API works when logs are
 // being read from the database.
 type debugLogDbSuite struct {
-	agenttesting.AgentSuite
+	agenttest.AgentSuite
 }
 
 var _ = gc.Suite(&debugLogDbSuite{})
@@ -147,7 +148,7 @@
 }
 
 func (s *debugLogDbSuite) TestLogsAPI(c *gc.C) {
-	dbLogger := state.NewDbLogger(s.State, names.NewMachineTag("99"))
+	dbLogger := state.NewDbLogger(s.State, names.NewMachineTag("99"), version.Current)
 	defer dbLogger.Close()
 
 	t := time.Date(2015, 6, 23, 13, 8, 49, 0, time.UTC)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,6 @@
 	"flag"
 	stdtesting "testing"
 
-	"github.com/juju/testing"
 	gc "gopkg.in/check.v1"
 
 	coretesting "github.com/juju/juju/testing"
@@ -43,8 +42,5 @@
 }
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1519183")
-	}
 	coretesting.MgoTestPackage(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/storage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,11 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/errors"
 	jujucmd "github.com/juju/juju/cmd/juju/commands"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/provider/ec2"
@@ -33,7 +34,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	registry.RegisterEnvironStorageProviders("dummy", ec2.EBS_ProviderType)
-	registry.RegisterEnvironStorageProviders("admin", ec2.EBS_ProviderType)
+	registry.RegisterEnvironStorageProviders("controller", ec2.EBS_ProviderType)
 }
 
 func makeStorageCons(pool string, size, count uint64) state.StorageConstraints {
@@ -453,11 +454,9 @@
 	c.Assert(stdout, gc.Equals, expected)
 }
 
-func runAddToUnit(c *gc.C, args ...string) *cmd.Context {
+func runAddToUnit(c *gc.C, args ...string) (*cmd.Context, error) {
 	cmdArgs := append([]string{"add-storage"}, args...)
-	context, err := runJujuCommand(c, cmdArgs...)
-	c.Assert(err, jc.ErrorIsNil)
-	return context
+	return runJujuCommand(c, cmdArgs...)
 }
 
 func (s *cmdStorageSuite) TestStorageAddToUnitSuccess(c *gc.C) {
@@ -468,8 +467,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertStorageExist(c, instancesBefore, "data")
 
-	context := runAddToUnit(c, u, "allecto=1")
-	c.Assert(testing.Stdout(context), gc.Equals, "")
+	context, err := runAddToUnit(c, u, "allecto=1")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(testing.Stdout(context), gc.Equals, "added \"allecto\"\n")
 	c.Assert(testing.Stderr(context), gc.Equals, "")
 
 	instancesAfter, err := s.State.AllStorageInstances()
@@ -492,10 +492,48 @@
 	c.Assert(names, jc.SameContents, expected)
 }
 
-func (s *cmdStorageSuite) TestStorageAddToUnitFailure(c *gc.C) {
-	context := runAddToUnit(c, "fluffyunit/0", "allecto=1")
+func (s *cmdStorageSuite) TestStorageAddToUnitUnitDoesntExist(c *gc.C) {
+	context, err := runAddToUnit(c, "fluffyunit/0", "allecto=1")
+	c.Assert(errors.Cause(err), gc.ErrorMatches, "cmd: error out silently")
+	c.Assert(testing.Stdout(context), gc.Equals, "")
+	c.Assert(testing.Stderr(context), gc.Equals, "failed to add \"allecto\": unit \"fluffyunit/0\" not found\n")
+}
+
+func (s *cmdStorageSuite) TestStorageAddToUnitCollapseUnitErrors(c *gc.C) {
+	context, err := runAddToUnit(c, "fluffyunit/0", "allecto=1", "trial=1")
+	c.Assert(errors.Cause(err), gc.ErrorMatches, "cmd: error out silently")
+	c.Assert(testing.Stdout(context), gc.Equals, "")
+	c.Assert(testing.Stderr(context), gc.Equals, "unit \"fluffyunit/0\" not found\n")
+}
+
+func (s *cmdStorageSuite) TestStorageAddToUnitInvalidUnitName(c *gc.C) {
+	cmdArgs := append([]string{"add-storage"}, "fluffyunit-0", "allecto=1")
+	context, err := runJujuCommand(c, cmdArgs...)
+	c.Assert(err, gc.ErrorMatches, `unit name "fluffyunit-0" not valid`)
+	c.Assert(testing.Stdout(context), gc.Equals, "")
+	c.Assert(testing.Stderr(context), gc.Equals, "error: unit name \"fluffyunit-0\" not valid\n")
+}
+
+func (s *cmdStorageSuite) TestStorageAddToUnitStorageDoesntExist(c *gc.C) {
+	u := createUnitWithStorage(c, &s.JujuConnSuite, testPool)
+	instancesBefore, err := s.State.AllStorageInstances()
+	c.Assert(err, jc.ErrorIsNil)
+	volumesBefore, err := s.State.AllVolumes()
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertStorageExist(c, instancesBefore, "data")
+
+	context, err := runAddToUnit(c, u, "nonstorage=1")
+	c.Assert(errors.Cause(err), gc.ErrorMatches, "cmd: error out silently")
 	c.Assert(testing.Stdout(context), gc.Equals, "")
-	c.Assert(testing.Stderr(context), gc.Equals, "fail: storage \"allecto\": permission denied\n")
+	c.Assert(testing.Stderr(context), gc.Equals, "failed to add \"nonstorage\": charm storage \"nonstorage\" not found\n")
+
+	instancesAfter, err := s.State.AllStorageInstances()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(len(instancesAfter)-len(instancesBefore), gc.Equals, 0)
+	volumesAfter, err := s.State.AllVolumes()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(len(volumesAfter)-len(volumesBefore), gc.Equals, 0)
+	s.assertStorageExist(c, instancesAfter, "data")
 }
 
 func (s *cmdStorageSuite) TestStorageAddToUnitHasVolumes(c *gc.C) {
@@ -518,8 +556,9 @@
 `[1:])
 	c.Assert(testing.Stderr(context), gc.Equals, "")
 
-	context = runAddToUnit(c, u, "data=ebs,1G")
-	c.Assert(testing.Stdout(context), gc.Equals, "")
+	context, err = runAddToUnit(c, u, "data=ebs,1G")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(testing.Stdout(context), gc.Equals, "added \"data\"\n")
 	c.Assert(testing.Stderr(context), gc.Equals, "")
 
 	instancesAfter, err := s.State.AllStorageInstances()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/syslog_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/syslog_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/syslog_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/syslog_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,252 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package featuretests
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"fmt"
+	"net"
+	"regexp"
+	"runtime"
+	"time"
+
+	"github.com/juju/loggo"
+	"github.com/juju/rfc/rfc5424/rfc5424test"
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/os"
+	"github.com/juju/utils/series"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/cert"
+	agentcmd "github.com/juju/juju/cmd/jujud/agent"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
+	"github.com/juju/juju/state"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/version"
+	"github.com/juju/juju/worker/logsender"
+	"github.com/juju/juju/worker/peergrouper"
+)
+
+type syslogSuite struct {
+	agenttest.AgentSuite
+	logsCh          logsender.LogRecordCh
+	received        chan rfc5424test.Message
+	fakeEnsureMongo *agenttest.FakeEnsureMongo
+}
+
+var _ = gc.Suite(&syslogSuite{})
+
+func (s *syslogSuite) SetUpSuite(c *gc.C) {
+	s.LoggingSuite.SetUpSuite(c)
+	// Tailing logs requires a replica set. Restart mongo with a
+	// replicaset before initialising AgentSuite.
+	mongod := gitjujutesting.MgoServer
+	mongod.Params = []string{"--replSet", "juju"}
+	mongod.Restart()
+
+	info := mongod.DialInfo()
+	args := peergrouper.InitiateMongoParams{
+		DialInfo:       info,
+		MemberHostPort: mongod.Addr(),
+	}
+	err := peergrouper.InitiateMongoServer(args)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.AgentSuite.SetUpSuite(c)
+	s.AddCleanup(func(*gc.C) {
+		mongod.Params = nil
+		mongod.Restart()
+	})
+}
+
+func (s *syslogSuite) createSyslogServer(c *gc.C, received chan rfc5424test.Message, done chan struct{}) string {
+	server := rfc5424test.NewServer(rfc5424test.HandlerFunc(func(msg rfc5424test.Message) {
+		select {
+		case received <- msg:
+		case <-done:
+		}
+	}))
+	s.AddCleanup(func(*gc.C) { server.Close() })
+	s.AddCleanup(func(*gc.C) { close(done) })
+
+	serverCert, err := tls.X509KeyPair(
+		[]byte(coretesting.ServerCert),
+		[]byte(coretesting.ServerKey),
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	caCert, err := cert.ParseCert(coretesting.CACert)
+	c.Assert(err, jc.ErrorIsNil)
+	clientCAs := x509.NewCertPool()
+	clientCAs.AddCert(caCert)
+	server.TLS = &tls.Config{
+		Certificates: []tls.Certificate{serverCert},
+		ClientCAs:    clientCAs,
+	}
+	server.StartTLS()
+
+	// We must use "localhost", as the certificate does not
+	// have any IP SANs.
+	port := server.Listener.Addr().(*net.TCPAddr).Port
+	addr := net.JoinHostPort("localhost", fmt.Sprint(port))
+	return addr
+}
+
+func (s *syslogSuite) SetUpTest(c *gc.C) {
+	if runtime.GOOS != "linux" {
+		c.Skip(fmt.Sprintf("this test requires a controller, therefore does not support %q", runtime.GOOS))
+	}
+	currentSeries := series.HostSeries()
+	osFromSeries, err := series.GetOSFromSeries(currentSeries)
+	c.Assert(err, jc.ErrorIsNil)
+	if osFromSeries != os.Ubuntu {
+		c.Skip(fmt.Sprintf("this test requires a controller, therefore does not support OS %q only Ubuntu", osFromSeries.String()))
+	}
+	s.AgentSuite.SetUpTest(c)
+	// TODO(perrito666) 200160701:
+	// This needs to be done to stop the test from trying to install mongo
+	// while running, but it is a huge footprint for such little benefit.
+	// This test should not need JujuConnSuite or AgentSuite.
+	s.fakeEnsureMongo = agenttest.InstallFakeEnsureMongo(s)
+
+	done := make(chan struct{})
+	s.received = make(chan rfc5424test.Message)
+	addr := s.createSyslogServer(c, s.received, done)
+
+	// Leave log forwarding disabled initially, it will be enabled
+	// via a model config update in the test.
+	err = s.State.UpdateModelConfig(map[string]interface{}{
+		"syslog-host":        addr,
+		"syslog-ca-cert":     coretesting.CACert,
+		"syslog-client-cert": coretesting.ServerCert,
+		"syslog-client-key":  coretesting.ServerKey,
+	}, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.logsCh, err = logsender.InstallBufferedLogWriter(1000)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *syslogSuite) newRecord(msg string) *logsender.LogRecord {
+	return &logsender.LogRecord{
+		Time:     time.Now(),
+		Module:   "juju.featuretests.syslog",
+		Location: "syslog_test.go:99999",
+		Level:    loggo.ERROR,
+		Message:  msg,
+	}
+}
+
+func (s *syslogSuite) sendRecord(c *gc.C, rec *logsender.LogRecord) {
+	select {
+	case s.logsCh <- rec:
+	case <-time.After(coretesting.LongWait):
+		c.Fatal(`timed out "sending" message`)
+	}
+}
+
+func (s *syslogSuite) popMessagesUntil(c *gc.C, expected string, received chan rfc5424test.Message) rfc5424test.Message {
+	re, err := regexp.Compile(expected)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Logf("popping messages")
+	for {
+		msg := s.nextMessage(c, received)
+		c.Logf("message: %+v", msg)
+		if re.MatchString(msg.Message) {
+			return msg
+		}
+	}
+}
+
+func (s *syslogSuite) nextMessage(c *gc.C, received chan rfc5424test.Message) rfc5424test.Message {
+	select {
+	case msg, ok := <-received:
+		c.Assert(ok, jc.IsTrue)
+		return msg
+	case <-time.After(coretesting.LongWait):
+		c.Fatal("timed out waiting for message to be forwarded")
+	}
+	return rfc5424test.Message{}
+}
+
+func (s *syslogSuite) assertLogRecordForwarded(c *gc.C, received chan rfc5424test.Message) {
+	// Pop off all initial log records.
+	s.sendRecord(c, s.newRecord("<stop here>"))
+	s.popMessagesUntil(c, `.*<stop here>`, received)
+
+	// Ensure that a specific log record gets forwarded.
+	rec := s.newRecord("something happened!")
+	rec.Time = time.Date(2099, time.June, 1, 23, 2, 1, 23, time.UTC)
+	s.sendRecord(c, rec)
+	msg := s.popMessagesUntil(c, `something happened!`, received)
+	expected := `<11>1 2099-06-01T23:02:01.000000023Z machine-0.%s jujud-machine-agent-%s - - [origin enterpriseID="28978" sofware="jujud-machine-agent" swVersion="%s"][model@28978 controller-uuid="%s" model-uuid="%s"][log@28978 module="juju.featuretests.syslog" source="syslog_test.go:99999"] something happened!`
+	modelID := coretesting.ModelTag.Id()
+	ctlrID := modelID
+	c.Check(msg.Message, gc.Equals, fmt.Sprintf(expected, modelID, modelID[:28], version.Current, ctlrID, modelID))
+}
+
+func (s *syslogSuite) TestLogRecordForwarded(c *gc.C) {
+	// Create a machine and an agent for it.
+	m, password := s.Factory.MakeMachineReturningPassword(c, &factory.MachineParams{
+		Nonce: agent.BootstrapNonce,
+		Jobs:  []state.MachineJob{state.JobManageModel},
+	})
+
+	s.PrimeAgent(c, m.Tag(), password)
+	agentConf := agentcmd.NewAgentConf(s.DataDir())
+	agentConf.ReadConfig(m.Tag().String())
+
+	machineAgentFactory := agentcmd.MachineAgentFactoryFn(agentConf, s.logsCh, c.MkDir())
+	a := machineAgentFactory(m.Id())
+
+	// Ensure there's no logs to begin with.
+	// Start the agent.
+	go func() { c.Check(a.Run(nil), jc.ErrorIsNil) }()
+	defer a.Stop()
+
+	err := s.State.UpdateModelConfig(map[string]interface{}{
+		"logforward-enabled": true,
+	}, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.assertLogRecordForwarded(c, s.received)
+}
+
+func (s *syslogSuite) TestConfigChange(c *gc.C) {
+	// Create a machine and an agent for it.
+	m, password := s.Factory.MakeMachineReturningPassword(c, &factory.MachineParams{
+		Nonce: agent.BootstrapNonce,
+		Jobs:  []state.MachineJob{state.JobManageModel},
+	})
+
+	s.PrimeAgent(c, m.Tag(), password)
+	agentConf := agentcmd.NewAgentConf(s.DataDir())
+	agentConf.ReadConfig(m.Tag().String())
+
+	machineAgentFactory := agentcmd.MachineAgentFactoryFn(agentConf, s.logsCh, c.MkDir())
+	a := machineAgentFactory(m.Id())
+
+	// Ensure there's no logs to begin with.
+	// Start the agent.
+	go func() { c.Check(a.Run(nil), jc.ErrorIsNil) }()
+	defer a.Stop()
+
+	done := make(chan struct{})
+	received := make(chan rfc5424test.Message)
+	addr := s.createSyslogServer(c, received, done)
+
+	err := s.State.UpdateModelConfig(map[string]interface{}{
+		"logforward-enabled": true,
+		"syslog-host":        addr,
+		"syslog-ca-cert":     coretesting.CACert,
+		"syslog-client-cert": coretesting.ServerCert,
+		"syslog-client-key":  coretesting.ServerKey,
+	}, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertLogRecordForwarded(c, received)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/upgrade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/upgrade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/featuretests/upgrade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/featuretests/upgrade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,19 +12,19 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	pacman "github.com/juju/utils/packaging/manager"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver/params"
 	agentcmd "github.com/juju/juju/cmd/jujud/agent"
-	agenttesting "github.com/juju/juju/cmd/jujud/agent/testing"
+	"github.com/juju/juju/cmd/jujud/agent/agenttest"
 	cmdutil "github.com/juju/juju/cmd/jujud/util"
 	"github.com/juju/juju/constraints"
 	envtesting "github.com/juju/juju/environs/testing"
@@ -54,7 +54,7 @@
 }
 
 type upgradeSuite struct {
-	agenttesting.AgentSuite
+	agenttest.AgentSuite
 	oldVersion version.Binary
 }
 
@@ -244,7 +244,7 @@
 
 	// Provision the machine if it isn't already
 	if _, err := m.InstanceId(); err != nil {
-		inst, md := jujutesting.AssertStartInstance(c, s.Environ, machineId)
+		inst, md := jujutesting.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), machineId)
 		c.Assert(m.SetProvisioned(inst.Id(), agent.BootstrapNonce, md), jc.ErrorIsNil)
 	}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/generate/doc.go juju-core-2.0~beta12/src/github.com/juju/juju/generate/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/generate/doc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/generate/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,6 +1,6 @@
 // Copyright 2015 Canonical Ltd.
 // Licensed under the AGPLv3, see LICENCE file for details.
 
-package main
+package generate
 
 // Package generate contains commands called by go generate.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/generate/filetoconst/filetoconst.go juju-core-2.0~beta12/src/github.com/juju/juju/generate/filetoconst/filetoconst.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/generate/filetoconst/filetoconst.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/generate/filetoconst/filetoconst.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,65 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+	"text/template"
+)
+
+var fileTemplate = `
+// Copyright {{.CopyrightYear}} Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package {{.Pkgname}}
+
+// Generated code - do not edit.
+
+const {{.ConstName}} = {{.Content}}
+`[1:]
+
+// This generator reads from a file and generates a Go file with the
+// file's content assigned to a go constant.
+func main() {
+	if len(os.Args) < 5 {
+		fmt.Println("Usage: filetoconst <constname> <infile> <gofile> <copyrightyear> <pkgname>")
+	}
+	data, err := ioutil.ReadFile(os.Args[2])
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	t, err := template.New("").Parse(fileTemplate)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+	var buf bytes.Buffer
+	type content struct {
+		ConstName     string
+		Content       string
+		CopyrightYear string
+		Pkgname       string
+	}
+	contextData := fmt.Sprintf("%s", string(data))
+	// Quote any ` in the data.
+	contextData = strings.Replace(contextData, "`", "`+\"`\"+`", -1)
+	t.Execute(&buf, content{
+		ConstName:     os.Args[1],
+		Content:       fmt.Sprintf("`%s`", contextData),
+		CopyrightYear: os.Args[4],
+		Pkgname:       os.Args[5],
+	})
+
+	err = ioutil.WriteFile(os.Args[3], buf.Bytes(), 0644)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/generate/filetoconst.go juju-core-2.0~beta12/src/github.com/juju/juju/generate/filetoconst.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/generate/filetoconst.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/generate/filetoconst.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,63 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package main
-
-import (
-	"bytes"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"strings"
-	"text/template"
-)
-
-var fileTemplate = `
-// Copyright {{.CopyrightYear}} Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package cloud
-
-// Generated code - do not edit.
-
-const {{.ConstName}} = {{.Content}}
-`[1:]
-
-// This generator reads from a file and generates a Go file with the
-// file's content assigned to a go constant.
-func main() {
-	if len(os.Args) < 4 {
-		fmt.Println("Usage: filetoconst <constname> <infile> <gofile> <copyrightyear>")
-	}
-	data, err := ioutil.ReadFile(os.Args[2])
-	if err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
-
-	t, err := template.New("").Parse(fileTemplate)
-	if err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
-	var buf bytes.Buffer
-	type content struct {
-		ConstName     string
-		Content       string
-		CopyrightYear string
-	}
-	contextData := fmt.Sprintf("\n%s", string(data))
-	// Quote any ` in the data.
-	contextData = strings.Replace(contextData, "`", "`+\"`\"+`", -1)
-	t.Execute(&buf, content{
-		ConstName:     os.Args[1],
-		Content:       fmt.Sprintf("`%s`", contextData),
-		CopyrightYear: os.Args[4],
-	})
-
-	err = ioutil.WriteFile(os.Args[3], buf.Bytes(), 0644)
-	if err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/generate/winuserdata/winuserdata.go juju-core-2.0~beta12/src/github.com/juju/juju/generate/winuserdata/winuserdata.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/generate/winuserdata/winuserdata.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/generate/winuserdata/winuserdata.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,129 @@
+// Copyright 2016 Canonical Ltd.
+// Copyright 2016 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+	"text/template"
+
+	"github.com/juju/errors"
+)
+
+var fileTemplate = `
+// Copyright {{.CopyrightYear}} Canonical Ltd.
+// Copyright {{.CopyrightYear}} Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package {{.Pkgname}}
+
+// Generated code - do not edit.
+
+const addJujuUser = {{.AddJujuUser}}
+const windowsPowershellHelpers = {{.WindowsPowershellHelper}}
+`[1:]
+
+// compoundWinPowershellFunc returns the windows powershell helper
+// functions declared under the windowsuserdatafiles/ dir
+func compoundWinPowershellFuncs() (string, error) {
+	var winPowershellFunc bytes.Buffer
+
+	filenames := []string{
+		"windowsuserdatafiles/retry.ps1",
+		"windowsuserdatafiles/untar.ps1",
+		"windowsuserdatafiles/filesha256.ps1",
+		"windowsuserdatafiles/invokewebrequest.ps1",
+	}
+	for _, filename := range filenames {
+		content, err := ioutil.ReadFile(filename)
+		if err != nil {
+			return "", errors.Trace(err)
+		}
+		winPowershellFunc.Write(content)
+	}
+
+	return winPowershellFunc.String(), nil
+}
+
+// CompoundJujuUser retuns the windows powershell funcs with c# bindings
+// declared under the windowsuserdatafiles/ dir
+func compoundJujuUser() (string, error) {
+
+	// note that addJujuUser.ps1 has hinting format locations for sprintf
+	// in that hinting locations we will add the c# scripts under the same file
+	content, err := ioutil.ReadFile("windowsuserdatafiles/addJujuUser.ps1")
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+
+	// take the two addJujuUser data c# scripts and construct the powershell
+	// script for adding user for juju in windows
+	cryptoAPICode, err := ioutil.ReadFile("windowsuserdatafiles/CryptoApi.cs")
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+	carbonCode, err := ioutil.ReadFile("windowsuserdatafiles/Carbon.cs")
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+
+	return fmt.Sprintf(string(content), string(cryptoAPICode), string(carbonCode)), nil
+}
+
+// This generator reads from a file and generates a Go file with the
+// file's content assigned to a go constant.
+func main() {
+	if len(os.Args) < 4 {
+		fmt.Println("Usage: winuserdata <copyrightyear> <gofile> <pkgname>")
+	}
+
+	addJujuUser, err := compoundJujuUser()
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+	winpowershell, err := compoundWinPowershellFuncs()
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	var buf bytes.Buffer
+	type content struct {
+		AddJujuUser             string
+		WindowsPowershellHelper string
+		CopyrightYear           string
+		Pkgname                 string
+	}
+
+	t, err := template.New("").Parse(fileTemplate)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	addJujuUser = fmt.Sprintf("\n%s", addJujuUser)
+	winpowershell = fmt.Sprintf("\n%s", winpowershell)
+
+	// Quote any ` in the data.
+	addJujuUser = strings.Replace(addJujuUser, "`", "` + \"`\" + `", -1)
+	winpowershell = strings.Replace(winpowershell, "`", "` + \"`\" + `", -1)
+
+	t.Execute(&buf, content{
+		AddJujuUser:             fmt.Sprintf("`%s`", addJujuUser),
+		WindowsPowershellHelper: fmt.Sprintf("`%s`", winpowershell),
+		Pkgname:                 os.Args[3],
+		CopyrightYear:           os.Args[1],
+	})
+
+	err = ioutil.WriteFile(os.Args[2], buf.Bytes(), 0644)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/instance/container.go juju-core-2.0~beta12/src/github.com/juju/juju/instance/container.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/instance/container.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/instance/container.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,19 +7,18 @@
 	"fmt"
 )
 
+// ContainerType defines different container technologies known to juju.
 type ContainerType string
 
+// Known container types.
 const (
-	NONE = ContainerType("none")
-	LXC  = ContainerType("lxc")
-	LXD  = ContainerType("lxd")
-	KVM  = ContainerType("kvm")
+	NONE ContainerType = "none"
+	LXD  ContainerType = "lxd"
+	KVM  ContainerType = "kvm"
 )
 
 // ContainerTypes is used to validate add-machine arguments.
-var ContainerTypes []ContainerType = []ContainerType{
-	LXC,
-	// LXD is also added under Go 1.3+.
+var ContainerTypes = []ContainerType{
 	LXD,
 	KVM,
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/instance/container_test.go juju-core-2.0~beta12/src/github.com/juju/juju/instance/container_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/instance/container_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/instance/container_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,9 +21,9 @@
 var _ = gc.Suite(&InstanceSuite{})
 
 func (s *InstanceSuite) TestParseContainerType(c *gc.C) {
-	ctype, err := instance.ParseContainerType("lxc")
+	ctype, err := instance.ParseContainerType("lxd")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ctype, gc.Equals, instance.LXC)
+	c.Assert(ctype, gc.Equals, instance.LXD)
 
 	ctype, err = instance.ParseContainerType("lxd")
 	c.Assert(err, jc.ErrorIsNil)
@@ -41,9 +41,9 @@
 }
 
 func (s *InstanceSuite) TestParseContainerTypeOrNone(c *gc.C) {
-	ctype, err := instance.ParseContainerTypeOrNone("lxc")
+	ctype, err := instance.ParseContainerTypeOrNone("lxd")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ctype, gc.Equals, instance.LXC)
+	c.Assert(ctype, gc.Equals, instance.LXD)
 
 	ctype, err = instance.ParseContainerTypeOrNone("lxd")
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/instance/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/instance/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/instance/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/instance/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -57,14 +57,14 @@
 // HardwareCharacteristics represents the characteristics of the instance (if known).
 // Attributes that are nil are unknown or not supported.
 type HardwareCharacteristics struct {
-	Arch     *string   `json:",omitempty" yaml:"arch,omitempty"`
-	Mem      *uint64   `json:",omitempty" yaml:"mem,omitempty"`
-	RootDisk *uint64   `json:",omitempty" yaml:"rootdisk,omitempty"`
-	CpuCores *uint64   `json:",omitempty" yaml:"cpucores,omitempty"`
-	CpuPower *uint64   `json:",omitempty" yaml:"cpupower,omitempty"`
-	Tags     *[]string `json:",omitempty" yaml:"tags,omitempty"`
+	Arch     *string   `json:"arch,omitempty" yaml:"arch,omitempty"`
+	Mem      *uint64   `json:"mem,omitempty" yaml:"mem,omitempty"`
+	RootDisk *uint64   `json:"root-disk,omitempty" yaml:"rootdisk,omitempty"`
+	CpuCores *uint64   `json:"cpu-cores,omitempty" yaml:"cpucores,omitempty"`
+	CpuPower *uint64   `json:"cpu-power,omitempty" yaml:"cpupower,omitempty"`
+	Tags     *[]string `json:"tags,omitempty" yaml:"tags,omitempty"`
 
-	AvailabilityZone *string `json:",omitempty" yaml:"availabilityzone,omitempty"`
+	AvailabilityZone *string `json:"availability-zone,omitempty" yaml:"availabilityzone,omitempty"`
 }
 
 // An error reporting that an error has occurred during instance creation
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/instance/namespace.go juju-core-2.0~beta12/src/github.com/juju/juju/instance/namespace.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/instance/namespace.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/instance/namespace.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,73 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package instance
+
+import (
+	"strings"
+
+	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
+)
+
+// uuidSuffixDigits defines how many of the uuid digits to use.
+// Since the NewNamespace function asserts that the modelUUID is valid, we know
+// it follows the UUID string format that ends with eight hex digits.
+const uuidSuffixDigits = 6
+
+// Namespace provides a way to generate machine hostanmes with a given prefix.
+type Namespace interface {
+	// Prefix returns the common part of the hostnames. i.e. 'juju-xxxxxx-'
+	Prefix() string
+	// Hostname returns a name suitable to be used for a machine hostname.
+	// This function returns an error if the machine tags is invalid.
+	Hostname(machineID string) (string, error)
+
+	// MachineTag does the reverse of the Hostname method, and extracts the
+	// Tag from the hostname.
+	MachineTag(hostname string) (names.MachineTag, error)
+}
+
+type namespace struct {
+	name string
+}
+
+// NewNamespace returns a Namespace identified by the last six hex digits of the
+// model UUID. NewNamespace returns an error if the model tag is invalid.
+func NewNamespace(modelUUID string) (Namespace, error) {
+	if !names.IsValidModel(modelUUID) {
+		return nil, errors.Errorf("model ID %q is not a valid model", modelUUID)
+	}
+	// The suffix is the last six hex digits of the model uuid.
+	suffix := modelUUID[len(modelUUID)-uuidSuffixDigits:]
+
+	return &namespace{name: suffix}, nil
+}
+
+// Hostname implements Namespace.
+func (n *namespace) Hostname(machineID string) (string, error) {
+	if !names.IsValidMachine(machineID) {
+		return "", errors.Errorf("machine ID %q is not a valid machine", machineID)
+	}
+	machineID = strings.Replace(machineID, "/", "-", -1)
+	return n.Prefix() + machineID, nil
+}
+
+// Hostname implements Namespace.
+func (n *namespace) MachineTag(hostname string) (names.MachineTag, error) {
+	prefix := n.Prefix()
+	if !strings.HasPrefix(hostname, prefix) {
+		return names.MachineTag{}, errors.Errorf("hostname %q not from namespace %q", hostname, prefix)
+	}
+	id := hostname[len(prefix):]
+	id = strings.Replace(id, "-", "/", -1)
+	if !names.IsValidMachine(id) {
+		return names.MachineTag{}, errors.Errorf("unexpected machine id %q", id)
+	}
+	return names.NewMachineTag(id), nil
+}
+
+// Prefix implements Namespace.
+func (n *namespace) Prefix() string {
+	return "juju-" + n.name + "-"
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/instance/namespace_test.go juju-core-2.0~beta12/src/github.com/juju/juju/instance/namespace_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/instance/namespace_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/instance/namespace_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,50 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package instance_test
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/instance"
+)
+
+type NamespaceSuite struct{}
+
+var _ = gc.Suite(&NamespaceSuite{})
+
+const modelUUID = "f47ac10b-58cc-4372-a567-0e02b2c3d479"
+
+func (s *NamespaceSuite) TestInvalidModelTag(c *gc.C) {
+	ns, err := instance.NewNamespace("foo")
+	c.Assert(ns, gc.IsNil)
+	c.Assert(err, gc.ErrorMatches, `model ID "foo" is not a valid model`)
+}
+
+func (s *NamespaceSuite) newNamespace(c *gc.C) instance.Namespace {
+	ns, err := instance.NewNamespace(modelUUID)
+	c.Assert(err, jc.ErrorIsNil)
+	return ns
+}
+
+func (s *NamespaceSuite) TestInvalidMachineTag(c *gc.C) {
+	ns := s.newNamespace(c)
+	hostname, err := ns.Hostname("foo")
+	c.Assert(hostname, gc.Equals, "")
+	c.Assert(err, gc.ErrorMatches, `machine ID "foo" is not a valid machine`)
+}
+
+func (s *NamespaceSuite) TestHostname(c *gc.C) {
+	ns := s.newNamespace(c)
+	hostname, err := ns.Hostname("2")
+	c.Assert(hostname, gc.Equals, "juju-c3d479-2")
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *NamespaceSuite) TestContainerHostname(c *gc.C) {
+	ns := s.newNamespace(c)
+	hostname, err := ns.Hostname("2/lxd/4")
+	c.Assert(hostname, gc.Equals, "juju-c3d479-2-lxd-4")
+	c.Assert(err, jc.ErrorIsNil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/instance/placement.go juju-core-2.0~beta12/src/github.com/juju/juju/instance/placement.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/instance/placement.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/instance/placement.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 	"strings"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 const (
@@ -22,17 +22,17 @@
 // and a value that is scope-specific.
 type Placement struct {
 	// Scope is the scope of the placement directive. Scope may
-	// be a container type (lxc, kvm), instance.MachineScope, or
+	// be a container type (lxd, kvm), instance.MachineScope, or
 	// an environment name.
 	//
 	// If Scope is empty, then it must be inferred from the context.
-	Scope string
+	Scope string `json:"scope"`
 
 	// Directive is a scope-specific placement directive.
 	//
 	// For MachineScope or a container scope, this may be empty or
 	// the ID of an existing machine.
-	Directive string
+	Directive string `json:"directive"`
 }
 
 func (p *Placement) String() string {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/instance/placement_test.go juju-core-2.0~beta12/src/github.com/juju/juju/instance/placement_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/instance/placement_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/instance/placement_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,15 +26,15 @@
 		expectScope:     instance.MachineScope,
 		expectDirective: "0",
 	}, {
-		arg:             "0/lxc/0",
+		arg:             "0/lxd/0",
 		expectScope:     instance.MachineScope,
-		expectDirective: "0/lxc/0",
+		expectDirective: "0/lxd/0",
 	}, {
 		arg: "#:x",
 		err: `invalid value "x" for "#" scope: expected machine-id`,
 	}, {
-		arg: "lxc:x",
-		err: `invalid value "x" for "lxc" scope: expected machine-id`,
+		arg: "lxd:x",
+		err: `invalid value "x" for "lxd" scope: expected machine-id`,
 	}, {
 		arg: "kvm:x",
 		err: `invalid value "x" for "kvm" scope: expected machine-id`,
@@ -43,8 +43,8 @@
 		expectScope:     string(instance.KVM),
 		expectDirective: "123",
 	}, {
-		arg:         "lxc",
-		expectScope: string(instance.LXC),
+		arg:         "lxd",
+		expectScope: string(instance.LXD),
 	}, {
 		arg: "non-standard",
 		err: "placement scope missing",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/api.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/api.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,18 +6,14 @@
 import (
 	"encoding/json"
 	"fmt"
-	"io"
 	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
-	"github.com/juju/utils/parallel"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/api"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/network"
 )
@@ -39,8 +35,6 @@
 
 var errAborted = fmt.Errorf("aborted")
 
-var defaultAPIOpen = api.Open
-
 // NewAPIConnectionParams contains the parameters for creating a new Juju API
 // connection.
 type NewAPIConnectionParams struct {
@@ -51,16 +45,16 @@
 	// details will be fetched, and updated on address changes.
 	Store jujuclient.ClientStore
 
+	// OpenAPI is the function that will be used to open API connections.
+	OpenAPI api.OpenFunc
+
 	// DialOpts contains the options used to dial the API connection.
 	DialOpts api.DialOpts
 
-	// BootstrapConfig returns the bootstrap configuration for the named
-	// controller.
-	BootstrapConfig func(controllerName string) (*config.Config, error)
-
 	// AccountDetails contains the account details to use for logging
 	// in to the Juju API. If this is nil, then no login will take
-	// place.
+	// place. If AccountDetails.Password and AccountDetails.Macaroon
+	// are zero, the login will be as an external user.
 	AccountDetails *jujuclient.AccountDetails
 
 	// ModelUUID is an optional model UUID. If specified, the API connection
@@ -73,228 +67,123 @@
 // with specified account credentials, optionally scoped to the specified model
 // name.
 func NewAPIConnection(args NewAPIConnectionParams) (api.Connection, error) {
-	st, err := newAPIFromStore(args, defaultAPIOpen)
+	apiInfo, controller, err := connectionInfo(args)
 	if err != nil {
-		return nil, errors.Trace(err)
+		return nil, errors.Annotatef(err, "cannot work out how to connect")
 	}
-	return st, nil
-}
-
-// newAPIFromStore implements the bulk of NewAPIConnection but is separate for
-// testing purposes.
-func newAPIFromStore(args NewAPIConnectionParams, apiOpen api.OpenFunc) (api.Connection, error) {
-
-	controllerDetails, err := args.Store.ControllerByName(args.ControllerName)
-	if err != nil {
-		return nil, errors.Annotate(err, "getting controller details")
+	if len(apiInfo.Addrs) == 0 {
+		return nil, errors.New("no API addresses")
 	}
-
-	// Try to connect to the API concurrently using two different
-	// possible sources of truth for the API endpoint. Our
-	// preference is for the API endpoint cached in the API info,
-	// because we know that without needing to access any remote
-	// provider. However, the addresses stored there may no longer
-	// be current (and the network connection may take a very long
-	// time to time out) so we also try to connect using information
-	// found from the provider. We only start to make that
-	// connection after some suitable delay, so that in the
-	// hopefully usual case, we will make the connection to the API
-	// and never hit the provider.
-	chooseError := func(err0, err1 error) error {
-		if err0 == nil {
-			return err1
+	logger.Infof("connecting to API addresses: %v", apiInfo.Addrs)
+	st, err := args.OpenAPI(apiInfo, args.DialOpts)
+	if err != nil {
+		redirErr, ok := errors.Cause(err).(*api.RedirectError)
+		if !ok {
+			return nil, errors.Trace(err)
 		}
-		if errorImportance(err0) < errorImportance(err1) {
-			err0, err1 = err1, err0
+		// We've been told to connect to a different API server,
+		// so do so. Note that we don't copy the account details
+		// because the account on the redirected server may well
+		// be different - we'll use macaroon authentication
+		// directly without sending account details.
+		// Copy the API info because it's possible that the
+		// apiConfigConnect is still using it concurrently.
+		apiInfo = &api.Info{
+			ModelTag: apiInfo.ModelTag,
+			Addrs:    network.HostPortsToStrings(usableHostPorts(redirErr.Servers)),
+			CACert:   redirErr.CACert,
 		}
-		logger.Warningf("discarding API open error: %v", err1)
-		return err0
-	}
-	try := parallel.NewTry(0, chooseError)
-
-	var delay time.Duration
-	if len(controllerDetails.APIEndpoints) > 0 {
-		try.Start(func(stop <-chan struct{}) (io.Closer, error) {
-			return apiInfoConnect(
-				controllerDetails,
-				args.AccountDetails,
-				args.ModelUUID, apiOpen,
-				stop, args.DialOpts,
-			)
-		})
-		// Delay the config connection until we've spent
-		// some time trying to connect to the cached info.
-		delay = providerConnectDelay
-	} else {
-		logger.Debugf("no cached API connection settings found")
-	}
-
-	// If the client has bootstrap config for the controller, we'll also
-	// attempt to connect by fetching new addresses from the cloud
-	// directly. This is only attempted after a delay, to give the
-	// faster cached-addresses method a chance to complete.
-	cfg, err := args.BootstrapConfig(args.ControllerName)
-	if err == nil {
-		try.Start(func(stop <-chan struct{}) (io.Closer, error) {
-			cfg, err := apiConfigConnect(
-				cfg, args.AccountDetails,
-				args.ModelUUID, apiOpen,
-				stop, delay, args.DialOpts,
-			)
-			if err != nil && errors.Cause(err) != errAborted {
-				// Errors are swallowed by parallel.Try, so we
-				// log the failure here to aid in debugging.
-				logger.Debugf("failed to connect via bootstrap config: %v", err)
-			}
-			return cfg, err
-		})
-	} else if !errors.IsNotFound(err) || len(controllerDetails.APIEndpoints) == 0 {
-		return nil, err
-	}
-
-	try.Close()
-	val0, err := try.Result()
-	if err != nil {
-		if ierr, ok := err.(*infoConnectError); ok {
-			// lose error encapsulation:
-			err = ierr.error
+		st, err = args.OpenAPI(apiInfo, args.DialOpts)
+		if err != nil {
+			return nil, errors.Annotatef(err, "cannot connect to redirected address")
 		}
-		return nil, err
+		// TODO(rog) update cached model addresses.
+		// TODO(rog) should we do something with the logged-in username?
+		return st, nil
 	}
-
-	st := val0.(api.Connection)
 	addrConnectedTo, err := serverAddress(st.Addr())
 	if err != nil {
-		return nil, err
+		return nil, errors.Trace(err)
 	}
 	// Update API addresses if they've changed. Error is non-fatal.
+	// Note that in the redirection case, we won't update the addresses
+	// of the controller we first connected to. This shouldn't be
+	// a problem in practice because the intended scenario for
+	// controllers that redirect involves them having well known
+	// public addresses that won't change over time.
 	hostPorts := st.APIHostPorts()
-	if localerr := updateControllerAddresses(
-		args.Store, args.ControllerName, controllerDetails, hostPorts, addrConnectedTo,
-	); localerr != nil {
-		logger.Warningf("cannot cache API addresses: %v", localerr)
+	err = updateControllerAddresses(args.Store, args.ControllerName, controller, hostPorts, addrConnectedTo)
+	if err != nil {
+		logger.Errorf("cannot cache API addresses: %v", err)
+	}
+	if apiInfo.Tag == nil && !apiInfo.SkipLogin {
+		// We used macaroon auth to login; save the username
+		// that we've logged in as.
+		user, ok := st.AuthTag().(names.UserTag)
+		if ok && !user.IsLocal() {
+			if err := args.Store.UpdateAccount(args.ControllerName, jujuclient.AccountDetails{
+				User: user.Canonical(),
+			}); err != nil {
+				logger.Errorf("cannot update account information: %v", err)
+			}
+		} else {
+			logger.Errorf("unexpected logged-in username %v", st.AuthTag())
+		}
 	}
 	return st, nil
 }
 
-func errorImportance(err error) int {
-	if err == nil {
-		return 0
-	}
-	if errors.IsNotFound(err) {
-		// An error from an actual connection attempt
-		// is more interesting than the fact that there's
-		// no environment info available.
-		return 2
-	}
-	if _, ok := err.(*infoConnectError); ok {
-		// A connection to a potentially stale cached address
-		// is less important than a connection from fresh info.
-		return 1
+// connectionInfo returns connection information suitable for
+// connecting to the controller and model specified in the given
+// parameters. If there are no addresses known for the controller,
+// it may return a *api.Info with no APIEndpoints, but all other
+// information will be populated.
+func connectionInfo(args NewAPIConnectionParams) (*api.Info, *jujuclient.ControllerDetails, error) {
+	controller, err := args.Store.ControllerByName(args.ControllerName)
+	if err != nil {
+		return nil, nil, errors.Annotate(err, "cannot get controller details")
 	}
-	return 3
-}
-
-type infoConnectError struct {
-	error
-}
-
-// apiInfoConnect looks for endpoint on the given environment and
-// tries to connect to it, sending the result on the returned channel.
-func apiInfoConnect(
-	controller *jujuclient.ControllerDetails,
-	account *jujuclient.AccountDetails,
-	modelUUID string,
-	apiOpen api.OpenFunc,
-	stop <-chan struct{},
-	dialOpts api.DialOpts,
-) (api.Connection, error) {
-
-	logger.Infof("connecting to API addresses: %v", controller.APIEndpoints)
 	apiInfo := &api.Info{
 		Addrs:  controller.APIEndpoints,
 		CACert: controller.CACert,
 	}
-	st, err := commonConnect(apiOpen, apiInfo, account, modelUUID, dialOpts)
-	if err != nil {
-		return nil, &infoConnectError{errors.Annotate(
-			err, "connecting with cached addresses",
-		)}
-	}
-	return st, nil
-}
-
-// apiConfigConnect looks for configuration info on the given environment,
-// and tries to use an Environ constructed from that to connect to
-// its endpoint. It only starts the attempt after the given delay,
-// to allow the faster apiInfoConnect to hopefully succeed first.
-// It returns nil if there was no configuration information found.
-func apiConfigConnect(
-	cfg *config.Config,
-	accountDetails *jujuclient.AccountDetails,
-	modelUUID string,
-	apiOpen api.OpenFunc,
-	stop <-chan struct{},
-	delay time.Duration,
-	dialOpts api.DialOpts,
-) (api.Connection, error) {
-	select {
-	case <-time.After(delay):
-		// TODO(fwereade): 2016-03-17 lp:1558657
-	case <-stop:
-		return nil, errAborted
-	}
-	environ, err := environs.New(cfg)
-	if err != nil {
-		return nil, errors.Annotate(err, "constructing environ")
-	}
-	apiInfo, err := environs.APIInfo(environ)
-	if err != nil {
-		return nil, errors.Annotate(err, "getting API info")
+	if args.ModelUUID != "" {
+		apiInfo.ModelTag = names.NewModelTag(args.ModelUUID)
 	}
-	st, err := commonConnect(apiOpen, apiInfo, accountDetails, modelUUID, dialOpts)
-	if err != nil {
-		return nil, errors.Annotate(err, "connecting with bootstrap config")
+	if args.AccountDetails == nil {
+		apiInfo.SkipLogin = true
+		return apiInfo, controller, nil
+	}
+	account := args.AccountDetails
+	if args.AccountDetails.Password != "" {
+		// If a password is available, we always use
+		// that.
+		//
+		// TODO(axw) make it invalid to store both
+		// password and macaroon in accounts.yaml?
+		apiInfo.Tag = names.NewUserTag(account.User)
+		apiInfo.Password = account.Password
+	} else if args.AccountDetails.Macaroon != "" {
+		var m macaroon.Macaroon
+		if err := json.Unmarshal([]byte(account.Macaroon), &m); err != nil {
+			return nil, nil, errors.Trace(err)
+		}
+		apiInfo.Tag = names.NewUserTag(account.User)
+		apiInfo.Macaroons = []macaroon.Slice{{&m}}
+	} else {
+		// Neither a password nor a local user macaroon was
+		// found, so we'll use external macaroon authentication,
+		// which requires that no tag be specified.
 	}
-	return apiStateCachedInfo{st, apiInfo}, nil
+	return apiInfo, controller, nil
 }
 
-func commonConnect(
-	apiOpen api.OpenFunc,
-	apiInfo *api.Info,
-	accountDetails *jujuclient.AccountDetails,
-	modelUUID string,
-	dialOpts api.DialOpts,
-) (api.Connection, error) {
-	if accountDetails != nil {
-		// We only set the tag if either a password or
-		// macaroon is found in the accounts.yaml file.
-		// If neither is found, we'll use external
-		// macaroon authentication which requires that
-		// no tag be specified.
-		userTag := names.NewUserTag(accountDetails.User)
-		if accountDetails.Password != "" {
-			// If a password is available, we always use
-			// that.
-			//
-			// TODO(axw) make it invalid to store both
-			// password and macaroon in accounts.yaml?
-			apiInfo.Tag = userTag
-			apiInfo.Password = accountDetails.Password
-		} else if accountDetails.Macaroon != "" {
-			var m macaroon.Macaroon
-			if err := json.Unmarshal([]byte(accountDetails.Macaroon), &m); err != nil {
-				return nil, errors.Trace(err)
-			}
-			apiInfo.Tag = userTag
-			apiInfo.Macaroons = []macaroon.Slice{{&m}}
-		}
-	}
-	if modelUUID != "" {
-		apiInfo.ModelTag = names.NewModelTag(modelUUID)
+func isAPIError(err error) bool {
+	type errorCoder interface {
+		ErrorCode() string
 	}
-	st, err := apiOpen(apiInfo, dialOpts)
-	return st, errors.Trace(err)
+	_, ok := errors.Cause(err).(errorCoder)
+	return ok
 }
 
 var resolveOrDropHostnames = network.ResolveOrDropHostnames
@@ -322,17 +211,17 @@
 // This is used right after bootstrap to saved the initial API
 // endpoints, as well as on each CLI connection to verify if the
 // saved endpoints need updating.
+//
+// TODO(rogpeppe) this function mixes too many concerns - the
+// logic is difficult to follow and has non-obvious properties.
 func PrepareEndpointsForCaching(
 	controllerDetails jujuclient.ControllerDetails,
 	hostPorts [][]network.HostPort,
 	addrConnectedTo ...network.HostPort,
-) (addresses, hostnames []string, haveChanged bool) {
+) (addrs, unresolvedAddrs []string, haveChanged bool) {
 	processHostPorts := func(allHostPorts [][]network.HostPort) []network.HostPort {
-		collapsedHPs := network.CollapseHostPorts(allHostPorts)
-		filteredHPs := network.FilterUnusableHostPorts(collapsedHPs)
-		uniqueHPs := network.DropDuplicatedHostPorts(filteredHPs)
-		network.SortHostPorts(uniqueHPs, false)
-
+		uniqueHPs := usableHostPorts(allHostPorts)
+		network.SortHostPorts(uniqueHPs)
 		for _, addr := range addrConnectedTo {
 			uniqueHPs = network.EnsureFirstHostPort(addr, uniqueHPs)
 		}
@@ -384,6 +273,15 @@
 	return nil, nil, false
 }
 
+// usableHostPorts returns hps with unusable and non-unique
+// host-ports filtered out.
+func usableHostPorts(hps [][]network.HostPort) []network.HostPort {
+	collapsed := network.CollapseHostPorts(hps)
+	usable := network.FilterUnusableHostPorts(collapsed)
+	unique := network.DropDuplicatedHostPorts(usable)
+	return unique
+}
+
 // addrsChanged returns true iff the two
 // slices are not equal. Order is important.
 func addrsChanged(a, b []string) bool {
@@ -420,14 +318,14 @@
 	currentHostPorts [][]network.HostPort, addrConnectedTo ...network.HostPort,
 ) error {
 	// Get the new endpoint addresses.
-	addrs, hosts, addrsChanged := PrepareEndpointsForCaching(*controllerDetails, currentHostPorts, addrConnectedTo...)
+	addrs, unresolvedAddrs, addrsChanged := PrepareEndpointsForCaching(*controllerDetails, currentHostPorts, addrConnectedTo...)
 	if !addrsChanged {
 		return nil
 	}
 
 	// Write the new controller data.
-	controllerDetails.UnresolvedAPIEndpoints = hosts
 	controllerDetails.APIEndpoints = addrs
+	controllerDetails.UnresolvedAPIEndpoints = unresolvedAddrs
 	err := store.UpdateController(controllerName, *controllerDetails)
 	return errors.Trace(err)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/api_test.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,31 +8,29 @@
 	"net"
 	"strconv"
 	"strings"
-	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
-	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/filestorage"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
 	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/dummy"
 	coretesting "github.com/juju/juju/testing"
-	jujuversion "github.com/juju/juju/version"
 )
 
 type NewAPIClientSuite struct {
@@ -46,7 +44,7 @@
 func (cs *NewAPIClientSuite) SetUpSuite(c *gc.C) {
 	cs.FakeJujuXDGDataHomeSuite.SetUpSuite(c)
 	cs.MgoSuite.SetUpSuite(c)
-	cs.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	cs.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	// Since most tests use invalid testing API server addresses, we
 	// need to mock this to avoid errors.
 	cs.PatchValue(juju.ServerAddress, func(addr string) (network.HostPort, error) {
@@ -83,16 +81,18 @@
 }
 
 func (s *NewAPIClientSuite) bootstrapModel(c *gc.C) (environs.Environ, jujuclient.ClientStore) {
-	const controllerName = "local.my-controller"
+	const controllerName = "my-controller"
 
 	store := jujuclienttesting.NewMemStore()
 
 	ctx := envtesting.BootstrapContext(c)
 
-	env, err := environs.Prepare(ctx, store, environs.PrepareParams{
-		ControllerName: controllerName,
-		BaseConfig:     dummy.SampleConfig(),
-		CloudName:      "dummy",
+	env, err := bootstrap.Prepare(ctx, store, bootstrap.PrepareParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		ControllerName:   controllerName,
+		BaseConfig:       dummy.SampleConfig(),
+		CloudName:        "dummy",
+		AdminSecret:      "admin-secret",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -102,7 +102,16 @@
 	c.Assert(err, jc.ErrorIsNil)
 	envtesting.UploadFakeTools(c, stor, "released", "released")
 
-	err = bootstrap.Bootstrap(ctx, env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(ctx, env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		CloudName:        "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		AdminSecret:  "admin-secret",
+		CAPrivateKey: coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	return env, store
@@ -120,7 +129,7 @@
 		return expectState, nil
 	}
 
-	st, err := newAPIConnectionFromNames(c, "noconfig", "admin@local", "admin", store, apiOpen, noBootstrapConfig)
+	st, err := newAPIConnectionFromNames(c, "noconfig", "admin", store, apiOpen)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(st, gc.Equals, expectState)
 	c.Assert(called, gc.Equals, 1)
@@ -136,18 +145,18 @@
 
 	// If APIHostPorts haven't changed, then the store won't be updated.
 	stubStore := jujuclienttesting.WrapClientStore(store)
-	st, err = newAPIConnectionFromNames(c, "noconfig", "admin@local", "admin", stubStore, apiOpen, noBootstrapConfig)
+	st, err = newAPIConnectionFromNames(c, "noconfig", "admin", stubStore, apiOpen)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(st, gc.Equals, expectState)
 	c.Assert(called, gc.Equals, 2)
-	stubStore.CheckCallNames(c, "AccountByName", "ModelByName", "ControllerByName")
+	stubStore.CheckCallNames(c, "AccountDetails", "ModelByName", "ControllerByName")
 
 	controllerAfter, err := store.ControllerByName("noconfig")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(controllerBefore, gc.DeepEquals, controllerAfter)
 }
 
-func (s *NewAPIClientSuite) TestWithInfoError(c *gc.C) {
+func (s *NewAPIClientSuite) TestWithInfoNoAddresses(c *gc.C) {
 	store := newClientStore(c, "noconfig")
 	err := store.UpdateController("noconfig", jujuclient.ControllerDetails{
 		ControllerUUID: fakeUUID,
@@ -155,63 +164,59 @@
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
-	expectErr := fmt.Errorf("an error")
-	getBootstrapConfig := func(string) (*config.Config, error) {
-		return nil, expectErr
-	}
-
-	client, err := newAPIConnectionFromNames(c, "noconfig", "", "", store, panicAPIOpen, getBootstrapConfig)
-	c.Assert(errors.Cause(err), gc.Equals, expectErr)
-	c.Assert(client, gc.IsNil)
+	st, err := newAPIConnectionFromNames(c, "noconfig", "", store, panicAPIOpen)
+	c.Assert(err, gc.ErrorMatches, "no API addresses")
+	c.Assert(st, gc.IsNil)
 }
 
-func (s *NewAPIClientSuite) TestWithInfoNoAddresses(c *gc.C) {
-	store := newClientStore(c, "noconfig")
-	err := store.UpdateController("noconfig", jujuclient.ControllerDetails{
+func (s *NewAPIClientSuite) TestWithRedirect(c *gc.C) {
+	store := newClientStore(c, "ctl")
+	err := store.UpdateController("ctl", jujuclient.ControllerDetails{
 		ControllerUUID: fakeUUID,
 		CACert:         "certificate",
+		APIEndpoints:   []string{"0.1.2.3:5678"},
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
-	st, err := newAPIConnectionFromNames(c, "noconfig", "admin@local", "", store, panicAPIOpen, noBootstrapConfig)
-	c.Assert(err, gc.ErrorMatches, "bootstrap config for controller noconfig not found")
-	c.Assert(st, gc.IsNil)
-}
-
-type mockedStateFlags int
-
-const (
-	noFlags        mockedStateFlags = 0x0000
-	mockedHostPort mockedStateFlags = 0x0001
-	mockedModelTag mockedStateFlags = 0x0002
-)
+	controllerBefore, err := store.ControllerByName("ctl")
+	c.Assert(err, jc.ErrorIsNil)
 
-func mockedAPIState(flags mockedStateFlags) *mockAPIState {
-	hasHostPort := flags&mockedHostPort == mockedHostPort
-	hasModelTag := flags&mockedModelTag == mockedModelTag
-	addr := ""
-
-	apiHostPorts := [][]network.HostPort{}
-	if hasHostPort {
-		var apiAddrs []network.Address
-		ipv4Address := network.NewAddress("0.1.2.3")
-		ipv6Address := network.NewAddress("2001:db8::1")
-		addr = net.JoinHostPort(ipv4Address.Value, "1234")
-		apiAddrs = append(apiAddrs, ipv4Address, ipv6Address)
-		apiHostPorts = [][]network.HostPort{
-			network.AddressesWithPort(apiAddrs, 1234),
+	redirHPs := []string{"0.0.9.9:1234", "0.0.9.10:1235"}
+	openCount := 0
+	redirOpen := func(apiInfo *api.Info, opts api.DialOpts) (api.Connection, error) {
+		c.Check(apiInfo.ModelTag.Id(), gc.Equals, fakeUUID)
+		openCount++
+		switch openCount {
+		case 1:
+			c.Check(apiInfo.Addrs, jc.DeepEquals, []string{"0.1.2.3:5678"})
+			c.Check(apiInfo.CACert, gc.Equals, "certificate")
+			return nil, errors.Trace(&api.RedirectError{
+				Servers: [][]network.HostPort{mustParseHostPorts(redirHPs)},
+				CACert:  "alternative CA cert",
+			})
+		case 2:
+			c.Check(apiInfo.Addrs, jc.DeepEquals, []string{"0.0.9.9:1234", "0.0.9.10:1235"})
+			c.Check(apiInfo.CACert, gc.Equals, "alternative CA cert")
+			st := mockedAPIState(noFlags)
+			st.apiHostPorts = [][]network.HostPort{mustParseHostPorts(redirHPs)}
+			st.modelTag = fakeUUID
+			return st, nil
 		}
+		c.Errorf("OpenAPI called too many times")
+		return nil, fmt.Errorf("OpenAPI called too many times")
 	}
-	modelTag := ""
-	if hasModelTag {
-		modelTag = "model-df136476-12e9-11e4-8a70-b2227cce2b54"
-	}
-	return &mockAPIState{
-		apiHostPorts:  apiHostPorts,
-		modelTag:      modelTag,
-		controllerTag: modelTag,
-		addr:          addr,
-	}
+
+	st0, err := newAPIConnectionFromNames(c, "ctl", "admin", store, redirOpen)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(openCount, gc.Equals, 2)
+	st := st0.(*mockAPIState)
+	c.Assert(st.modelTag, gc.Equals, fakeUUID)
+
+	// Check that the addresses of the original controller
+	// have not been changed.
+	controllerAfter, err := store.ControllerByName("ctl")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(controllerBefore, gc.DeepEquals, controllerAfter)
 }
 
 func checkCommonAPIInfoAttrs(c *gc.C, apiInfo *api.Info, opts api.DialOpts) {
@@ -227,170 +232,23 @@
 	apiOpen := func(apiInfo *api.Info, opts api.DialOpts) (api.Connection, error) {
 		return nil, errors.Errorf("an error")
 	}
-	st, err := newAPIConnectionFromNames(c, "noconfig", "", "", jujuClient, apiOpen, noBootstrapConfig)
+	st, err := newAPIConnectionFromNames(c, "noconfig", "", jujuClient, apiOpen)
 	// We expect to get the error from apiOpen, because it is not
 	// fatal to have no bootstrap config.
-	c.Assert(err, gc.ErrorMatches, "connecting with cached addresses: an error")
+	c.Assert(err, gc.ErrorMatches, "an error")
 	c.Assert(st, gc.IsNil)
 }
 
-func (s *NewAPIClientSuite) TestWithSlowInfoConnect(c *gc.C) {
-	c.Skip("wallyworld - this is a dumb test relying on an arbitary 50ms delay to pass")
-	s.PatchValue(&jujuversion.Current, coretesting.FakeVersionNumber)
-	_, store := s.bootstrapModel(c)
-	setEndpointAddressAndHostname(c, store, "0.1.2.3", "infoapi.invalid")
-
-	infoOpenedState := mockedAPIState(noFlags)
-	infoEndpointOpened := make(chan struct{})
-	cfgOpenedState := mockedAPIState(noFlags)
-	// On a sample run with no delay, the logic took 45ms to run, so
-	// we make the delay slightly more than that, so that if the
-	// logic doesn't delay at all, the test will fail reasonably consistently.
-	s.PatchValue(juju.ProviderConnectDelay, 50*time.Millisecond)
-	apiOpen := func(info *api.Info, opts api.DialOpts) (api.Connection, error) {
-		if info.Addrs[0] == "0.1.2.3" {
-			infoEndpointOpened <- struct{}{}
-			return infoOpenedState, nil
-		}
-		return cfgOpenedState, nil
-	}
-
-	stateClosed := make(chan api.Connection)
-	infoOpenedState.close = func(st api.Connection) error {
-		stateClosed <- st
-		return nil
-	}
-	cfgOpenedState.close = infoOpenedState.close
-
-	startTime := time.Now()
-	st, err := newAPIConnectionFromNames(c,
-		"local.my-controller", "admin@local", "only", store, apiOpen,
-		modelcmd.NewGetBootstrapConfigFunc(store),
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	// The connection logic should wait for some time before opening
-	// the API from the configuration.
-	c.Assert(time.Since(startTime), jc.GreaterThan, *juju.ProviderConnectDelay)
-	c.Assert(st, gc.Equals, cfgOpenedState)
-
-	select {
-	case <-infoEndpointOpened:
-	case <-time.After(coretesting.LongWait):
-		c.Errorf("api never opened via info")
-	}
-
-	// Check that the ignored state was closed.
-	select {
-	case st := <-stateClosed:
-		c.Assert(st, gc.Equals, infoOpenedState)
-	case <-time.After(coretesting.LongWait):
-		c.Errorf("timed out waiting for state to be closed")
-	}
-}
-
 func setEndpointAddressAndHostname(c *gc.C, store jujuclient.ControllerStore, addr, host string) {
 	// Populate the controller details with known address and hostname.
-	details, err := store.ControllerByName("local.my-controller")
+	details, err := store.ControllerByName("my-controller")
 	c.Assert(err, jc.ErrorIsNil)
 	details.APIEndpoints = []string{addr}
 	details.UnresolvedAPIEndpoints = []string{host}
-	err = store.UpdateController("local.my-controller", *details)
+	err = store.UpdateController("my-controller", *details)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *NewAPIClientSuite) TestWithSlowConfigConnect(c *gc.C) {
-	s.PatchValue(&jujuversion.Current, coretesting.FakeVersionNumber)
-
-	_, store := s.bootstrapModel(c)
-	setEndpointAddressAndHostname(c, store, "0.1.2.3", "infoapi.invalid")
-
-	infoOpenedState := mockedAPIState(noFlags)
-	infoEndpointOpened := make(chan struct{})
-	cfgOpenedState := mockedAPIState(noFlags)
-	cfgEndpointOpened := make(chan struct{})
-
-	s.PatchValue(juju.ProviderConnectDelay, 0*time.Second)
-	apiOpen := func(info *api.Info, opts api.DialOpts) (api.Connection, error) {
-		if info.Addrs[0] == "0.1.2.3" {
-			infoEndpointOpened <- struct{}{}
-			<-infoEndpointOpened
-			return infoOpenedState, nil
-		}
-		cfgEndpointOpened <- struct{}{}
-		<-cfgEndpointOpened
-		return cfgOpenedState, nil
-	}
-
-	stateClosed := make(chan api.Connection)
-	infoOpenedState.close = func(st api.Connection) error {
-		stateClosed <- st
-		return nil
-	}
-	cfgOpenedState.close = infoOpenedState.close
-
-	done := make(chan struct{})
-	go func() {
-		st, err := newAPIConnectionFromNames(c,
-			"local.my-controller", "admin@local", "only", store, apiOpen,
-			modelcmd.NewGetBootstrapConfigFunc(store),
-		)
-		c.Check(err, jc.ErrorIsNil)
-		c.Check(st, gc.Equals, infoOpenedState)
-		close(done)
-	}()
-
-	// Check that we're trying to connect to both endpoints:
-	select {
-	case <-infoEndpointOpened:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("api never opened via info")
-	}
-	select {
-	case <-cfgEndpointOpened:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("api never opened via config")
-	}
-	// Let the info endpoint open go ahead and
-	// check that the NewAPIFromStore call returns.
-	infoEndpointOpened <- struct{}{}
-	select {
-	case <-done:
-	case <-time.After(coretesting.LongWait):
-		c.Errorf("timed out opening API")
-	}
-
-	// Let the config endpoint open go ahead and
-	// check that its state is closed.
-	cfgEndpointOpened <- struct{}{}
-	select {
-	case st := <-stateClosed:
-		c.Assert(st, gc.Equals, cfgOpenedState)
-	case <-time.After(coretesting.LongWait):
-		c.Errorf("timed out waiting for state to be closed")
-	}
-}
-
-func (s *NewAPIClientSuite) TestBothError(c *gc.C) {
-	s.PatchValue(&jujuversion.Current, coretesting.FakeVersionNumber)
-	env, store := s.bootstrapModel(c)
-	setEndpointAddressAndHostname(c, store, "0.1.2.3", "infoapi.invalid")
-
-	getBootstrapConfig := func(string) (*config.Config, error) {
-		return env.Config(), nil
-	}
-
-	s.PatchValue(juju.ProviderConnectDelay, 0*time.Second)
-	apiOpen := func(info *api.Info, opts api.DialOpts) (api.Connection, error) {
-		if info.Addrs[0] == "infoapi.invalid" {
-			return nil, fmt.Errorf("info connect failed")
-		}
-		return nil, fmt.Errorf("config connect failed")
-	}
-	st, err := newAPIConnectionFromNames(c, "local.my-controller", "admin@local", "only", store, apiOpen, getBootstrapConfig)
-	c.Check(err, gc.ErrorMatches, "connecting with bootstrap config: config connect failed")
-	c.Check(st, gc.IsNil)
-}
-
 // newClientStore returns a client store that contains information
 // based on the given controller namd and info.
 func newClientStore(c *gc.C, controllerName string) *jujuclienttesting.MemStore {
@@ -398,11 +256,11 @@
 	err := store.UpdateController(controllerName, jujuclient.ControllerDetails{
 		ControllerUUID: fakeUUID,
 		CACert:         "certificate",
-		APIEndpoints:   []string{"foo.invalid"},
+		APIEndpoints:   []string{"0.1.2.3:5678"},
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = store.UpdateModel(controllerName, "admin@local", "admin", jujuclient.ModelDetails{
+	err = store.UpdateModel(controllerName, "admin", jujuclient.ModelDetails{
 		fakeUUID,
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -410,13 +268,11 @@
 	// Models belong to accounts, so we must have an account even
 	// if "creds" is not initialised. If it is, it may overwrite
 	// this one.
-	err = store.UpdateAccount(controllerName, "admin@local", jujuclient.AccountDetails{
+	err = store.UpdateAccount(controllerName, jujuclient.AccountDetails{
 		User:     "admin@local",
 		Password: "hunter2",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = store.SetCurrentAccount(controllerName, "admin@local")
-	c.Assert(err, jc.ErrorIsNil)
 	return store
 }
 
@@ -798,32 +654,35 @@
 
 var fakeUUID = "df136476-12e9-11e4-8a70-b2227cce2b54"
 
-func noBootstrapConfig(controllerName string) (*config.Config, error) {
-	return nil, errors.NotFoundf("bootstrap config for controller %s", controllerName)
-}
-
 func newAPIConnectionFromNames(
 	c *gc.C,
-	controller, account, model string,
+	controller, model string,
 	store jujuclient.ClientStore,
 	apiOpen api.OpenFunc,
-	getBootstrapConfig func(string) (*config.Config, error),
 ) (api.Connection, error) {
 	params := juju.NewAPIConnectionParams{
-		Store:           store,
-		ControllerName:  controller,
-		BootstrapConfig: getBootstrapConfig,
-		DialOpts:        api.DefaultDialOpts(),
+		Store:          store,
+		ControllerName: controller,
+		DialOpts:       api.DefaultDialOpts(),
+		OpenAPI:        apiOpen,
 	}
-	if account != "" {
-		accountDetails, err := store.AccountByName(controller, account)
+	accountDetails, err := store.AccountDetails(controller)
+	if !errors.IsNotFound(err) {
 		c.Assert(err, jc.ErrorIsNil)
 		params.AccountDetails = accountDetails
 	}
 	if model != "" {
-		modelDetails, err := store.ModelByName(controller, account, model)
+		modelDetails, err := store.ModelByName(controller, model)
 		c.Assert(err, jc.ErrorIsNil)
 		params.ModelUUID = modelDetails.ModelUUID
 	}
-	return juju.NewAPIFromStore(params, apiOpen)
+	return juju.NewAPIConnection(params)
+}
+
+func mustParseHostPorts(ss []string) []network.HostPort {
+	hps, err := network.ParseHostPorts(ss...)
+	if err != nil {
+		panic(err)
+	}
+	return hps
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/deploy.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/deploy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/deploy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/deploy.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,17 +16,16 @@
 	"github.com/juju/juju/storage"
 )
 
-// DeployServiceParams contains the arguments required to deploy the referenced
+// DeployApplicationParams contains the arguments required to deploy the referenced
 // charm.
-type DeployServiceParams struct {
-	ServiceName    string
-	Series         string
-	ServiceOwner   string
-	Charm          *state.Charm
-	Channel        csparams.Channel
-	ConfigSettings charm.Settings
-	Constraints    constraints.Value
-	NumUnits       int
+type DeployApplicationParams struct {
+	ApplicationName string
+	Series          string
+	Charm           *state.Charm
+	Channel         csparams.Channel
+	ConfigSettings  charm.Settings
+	Constraints     constraints.Value
+	NumUnits        int
 	// Placement is a list of placement directives which may be used
 	// instead of a machine spec.
 	Placement        []*instance.Placement
@@ -36,41 +35,33 @@
 	Resources map[string]string
 }
 
-type ServiceDeployer interface {
+type ApplicationDeployer interface {
 	Model() (*state.Model, error)
-	AddService(state.AddServiceArgs) (*state.Service, error)
+	AddApplication(state.AddApplicationArgs) (*state.Application, error)
 }
 
-// DeployService takes a charm and various parameters and deploys it.
-func DeployService(st ServiceDeployer, args DeployServiceParams) (*state.Service, error) {
+// DeployApplication takes a charm and various parameters and deploys it.
+func DeployApplication(st ApplicationDeployer, args DeployApplicationParams) (*state.Application, error) {
 	settings, err := args.Charm.Config().ValidateSettings(args.ConfigSettings)
 	if err != nil {
 		return nil, err
 	}
 	if args.Charm.Meta().Subordinate {
 		if args.NumUnits != 0 {
-			return nil, fmt.Errorf("subordinate service must be deployed without units")
+			return nil, fmt.Errorf("subordinate application must be deployed without units")
 		}
 		if !constraints.IsEmpty(&args.Constraints) {
-			return nil, fmt.Errorf("subordinate service must be deployed without constraints")
+			return nil, fmt.Errorf("subordinate application must be deployed without constraints")
 		}
 	}
-	if args.ServiceOwner == "" {
-		env, err := st.Model()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		args.ServiceOwner = env.Owner().String()
-	}
-	// TODO(fwereade): transactional State.AddService including settings, constraints
+	// TODO(fwereade): transactional State.AddApplication including settings, constraints
 	// (minimumUnitCount, initialMachineIds?).
 
 	effectiveBindings := getEffectiveBindingsForCharmMeta(args.Charm.Meta(), args.EndpointBindings)
 
-	asa := state.AddServiceArgs{
-		Name:             args.ServiceName,
+	asa := state.AddApplicationArgs{
+		Name:             args.ApplicationName,
 		Series:           args.Series,
-		Owner:            args.ServiceOwner,
 		Charm:            args.Charm,
 		Channel:          args.Channel,
 		Storage:          stateStorageConstraints(args.Storage),
@@ -85,7 +76,7 @@
 		asa.Constraints = args.Constraints
 	}
 
-	return st.AddService(asa)
+	return st.AddApplication(asa)
 }
 
 func getEffectiveBindingsForCharmMeta(charmMeta *charm.Meta, givenBindings map[string]string) map[string]string {
@@ -96,24 +87,24 @@
 		givenBindings = make(map[string]string, len(defaultBindings))
 	}
 
-	// Get the service-level default binding for all unspecified endpoint, if
+	// Get the application-level default binding for all unspecified endpoint, if
 	// set, otherwise use the empty default.
-	serviceDefaultSpace, _ := givenBindings[""]
+	applicationDefaultSpace, _ := givenBindings[""]
 
 	effectiveBindings := make(map[string]string, len(defaultBindings))
 	for endpoint, _ := range defaultBindings {
 		if givenSpace, isGiven := givenBindings[endpoint]; isGiven {
 			effectiveBindings[endpoint] = givenSpace
 		} else {
-			effectiveBindings[endpoint] = serviceDefaultSpace
+			effectiveBindings[endpoint] = applicationDefaultSpace
 		}
 	}
 	return effectiveBindings
 }
 
-// AddUnits starts n units of the given service using the specified placement
+// AddUnits starts n units of the given application using the specified placement
 // directives to allocate the machines.
-func AddUnits(st *state.State, svc *state.Service, n int, placement []*instance.Placement) ([]*state.Unit, error) {
+func AddUnits(st *state.State, svc *state.Application, n int, placement []*instance.Placement) ([]*state.Unit, error) {
 	units := make([]*state.Unit, n)
 	// Hard code for now till we implement a different approach.
 	policy := state.AssignCleanEmpty
@@ -121,7 +112,7 @@
 	for i := 0; i < n; i++ {
 		unit, err := svc.AddUnit()
 		if err != nil {
-			return nil, errors.Annotatef(err, "cannot add unit %d/%d to service %q", i+1, n, svc.Name())
+			return nil, errors.Annotatef(err, "cannot add unit %d/%d to application %q", i+1, n, svc.Name())
 		}
 		// Are there still placement directives to use?
 		if i > len(placement)-1 {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/deploy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/deploy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/deploy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/deploy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,7 +21,6 @@
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testcharms"
 	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/juju/testing/factory"
 )
 
 func Test(t *stdtesting.T) {
@@ -29,7 +28,7 @@
 }
 
 // DeployLocalSuite uses a fresh copy of the same local dummy charm for each
-// test, because DeployService demands that a charm already exists in state,
+// test, because DeployApplication demands that a charm already exists in state,
 // and that's is the simplest way to get one in there.
 type DeployLocalSuite struct {
 	testing.JujuConnSuite
@@ -55,39 +54,26 @@
 }
 
 func (s *DeployLocalSuite) TestDeployMinimal(c *gc.C) {
-	service, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
+	service, err := juju.DeployApplication(s.State,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
 		})
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertCharm(c, service, s.charm.URL())
 	s.assertSettings(c, service, charm.Settings{})
 	s.assertConstraints(c, service, constraints.Value{})
-	c.Assert(service.GetOwnerTag(), gc.Equals, s.AdminUserTag(c).String())
 	s.assertMachines(c, service, constraints.Value{})
 }
 
-func (s *DeployLocalSuite) TestDeployOwnerTag(c *gc.C) {
-	s.Factory.MakeUser(c, &factory.UserParams{Name: "foobar"})
-	service, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName:  "bobwithowner",
-			Charm:        s.charm,
-			ServiceOwner: "user-foobar",
-		})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(service.GetOwnerTag(), gc.Equals, "user-foobar")
-}
-
 func (s *DeployLocalSuite) TestDeploySeries(c *gc.C) {
 	f := &fakeDeployer{State: s.State}
 
-	_, err := juju.DeployService(f,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
-			Series:      "aseries",
+	_, err := juju.DeployApplication(f,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
+			Series:          "aseries",
 		})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -99,9 +85,9 @@
 func (s *DeployLocalSuite) TestDeployWithImplicitBindings(c *gc.C) {
 	wordpressCharm := s.addWordpressCharmWithExtraBindings(c)
 
-	service, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName:      "bob",
+	service, err := juju.DeployApplication(s.State,
+		juju.DeployApplicationParams{
+			ApplicationName:  "bob",
 			Charm:            wordpressCharm,
 			EndpointBindings: nil,
 		})
@@ -138,7 +124,7 @@
 	return wordpressCharm
 }
 
-func (s *DeployLocalSuite) assertBindings(c *gc.C, service *state.Service, expected map[string]string) {
+func (s *DeployLocalSuite) assertBindings(c *gc.C, service *state.Application, expected map[string]string) {
 	bindings, err := service.EndpointBindings()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(bindings, jc.DeepEquals, expected)
@@ -151,10 +137,10 @@
 	_, err = s.State.AddSpace("public", "", nil, false)
 	c.Assert(err, jc.ErrorIsNil)
 
-	service, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       wordpressCharm,
+	service, err := juju.DeployApplication(s.State,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           wordpressCharm,
 			EndpointBindings: map[string]string{
 				"":   "public",
 				"db": "db",
@@ -185,10 +171,10 @@
 	_, err = s.State.AddSpace("internal", "", nil, false)
 	c.Assert(err, jc.ErrorIsNil)
 
-	service, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       wordpressCharm,
+	service, err := juju.DeployApplication(s.State,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           wordpressCharm,
 			EndpointBindings: map[string]string{
 				"":          "public",
 				"db":        "db",
@@ -207,17 +193,17 @@
 		"db-client":       "db",
 		"admin-api":       "internal",
 		"cluster":         "public",
-		"foo-bar":         "public", // like for relations, uses the service-default.
+		"foo-bar":         "public", // like for relations, uses the application-default.
 	})
 }
 
 func (s *DeployLocalSuite) TestDeployResources(c *gc.C) {
 	f := &fakeDeployer{State: s.State}
 
-	_, err := juju.DeployService(f,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
+	_, err := juju.DeployApplication(f,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
 			EndpointBindings: map[string]string{
 				"":   "public",
 				"db": "db",
@@ -232,10 +218,10 @@
 }
 
 func (s *DeployLocalSuite) TestDeploySettings(c *gc.C) {
-	service, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
+	service, err := juju.DeployApplication(s.State,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
 			ConfigSettings: charm.Settings{
 				"title":       "banana cupcakes",
 				"skill-level": 9901,
@@ -249,16 +235,16 @@
 }
 
 func (s *DeployLocalSuite) TestDeploySettingsError(c *gc.C) {
-	_, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
+	_, err := juju.DeployApplication(s.State,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
 			ConfigSettings: charm.Settings{
 				"skill-level": 99.01,
 			},
 		})
 	c.Assert(err, gc.ErrorMatches, `option "skill-level" expected int, got 99.01`)
-	_, err = s.State.Service("bob")
+	_, err = s.State.Application("bob")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
@@ -266,11 +252,11 @@
 	err := s.State.SetModelConstraints(constraints.MustParse("mem=2G"))
 	c.Assert(err, jc.ErrorIsNil)
 	serviceCons := constraints.MustParse("cpu-cores=2")
-	service, err := juju.DeployService(s.State,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
-			Constraints: serviceCons,
+	service, err := juju.DeployApplication(s.State,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
+			Constraints:     serviceCons,
 		})
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertConstraints(c, service, serviceCons)
@@ -280,12 +266,12 @@
 	f := &fakeDeployer{State: s.State}
 
 	serviceCons := constraints.MustParse("cpu-cores=2")
-	_, err := juju.DeployService(f,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
-			Constraints: serviceCons,
-			NumUnits:    2,
+	_, err := juju.DeployApplication(f,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
+			Constraints:     serviceCons,
+			NumUnits:        2,
 		})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -299,13 +285,13 @@
 	f := &fakeDeployer{State: s.State}
 
 	serviceCons := constraints.MustParse("cpu-cores=2")
-	_, err := juju.DeployService(f,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
-			Constraints: serviceCons,
-			NumUnits:    1,
-			Placement:   []*instance.Placement{instance.MustParsePlacement("0")},
+	_, err := juju.DeployApplication(f,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
+			Constraints:     serviceCons,
+			NumUnits:        1,
+			Placement:       []*instance.Placement{instance.MustParsePlacement("0")},
 		})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -321,13 +307,13 @@
 	f := &fakeDeployer{State: s.State}
 
 	serviceCons := constraints.MustParse("cpu-cores=2")
-	_, err := juju.DeployService(f,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
-			Constraints: serviceCons,
-			NumUnits:    1,
-			Placement:   []*instance.Placement{instance.MustParsePlacement(fmt.Sprintf("%s:0", instance.LXC))},
+	_, err := juju.DeployApplication(f,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
+			Constraints:     serviceCons,
+			NumUnits:        1,
+			Placement:       []*instance.Placement{instance.MustParsePlacement(fmt.Sprintf("%s:0", instance.LXD))},
 		})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(f.args.Name, gc.Equals, "bob")
@@ -335,7 +321,7 @@
 	c.Assert(f.args.Constraints, gc.DeepEquals, serviceCons)
 	c.Assert(f.args.NumUnits, gc.Equals, 1)
 	c.Assert(f.args.Placement, gc.HasLen, 1)
-	c.Assert(*f.args.Placement[0], gc.Equals, instance.Placement{Scope: string(instance.LXC), Directive: "0"})
+	c.Assert(*f.args.Placement[0], gc.Equals, instance.Placement{Scope: string(instance.LXD), Directive: "0"})
 }
 
 func (s *DeployLocalSuite) TestDeploy(c *gc.C) {
@@ -345,16 +331,16 @@
 	placement := []*instance.Placement{
 		{Scope: s.State.ModelUUID(), Directive: "valid"},
 		{Scope: "#", Directive: "0"},
-		{Scope: "lxc", Directive: "1"},
-		{Scope: "lxc", Directive: ""},
+		{Scope: "lxd", Directive: "1"},
+		{Scope: "lxd", Directive: ""},
 	}
-	_, err := juju.DeployService(f,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
-			Constraints: serviceCons,
-			NumUnits:    4,
-			Placement:   placement,
+	_, err := juju.DeployApplication(f,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
+			Constraints:     serviceCons,
+			NumUnits:        4,
+			Placement:       placement,
 		})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -369,13 +355,13 @@
 	f := &fakeDeployer{State: s.State}
 	serviceCons := constraints.MustParse("cpu-cores=2")
 	placement := []*instance.Placement{{Scope: s.State.ModelUUID(), Directive: "valid"}}
-	_, err := juju.DeployService(f,
-		juju.DeployServiceParams{
-			ServiceName: "bob",
-			Charm:       s.charm,
-			Constraints: serviceCons,
-			NumUnits:    3,
-			Placement:   placement,
+	_, err := juju.DeployApplication(f,
+		juju.DeployApplicationParams{
+			ApplicationName: "bob",
+			Charm:           s.charm,
+			Constraints:     serviceCons,
+			NumUnits:        3,
+			Placement:       placement,
 		})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(f.args.Name, gc.Equals, "bob")
@@ -395,25 +381,25 @@
 	c.Assert(machineCons, gc.DeepEquals, cons)
 }
 
-func (s *DeployLocalSuite) assertCharm(c *gc.C, service *state.Service, expect *charm.URL) {
+func (s *DeployLocalSuite) assertCharm(c *gc.C, service *state.Application, expect *charm.URL) {
 	curl, force := service.CharmURL()
 	c.Assert(curl, gc.DeepEquals, expect)
 	c.Assert(force, jc.IsFalse)
 }
 
-func (s *DeployLocalSuite) assertSettings(c *gc.C, service *state.Service, expect charm.Settings) {
+func (s *DeployLocalSuite) assertSettings(c *gc.C, service *state.Application, expect charm.Settings) {
 	settings, err := service.ConfigSettings()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(settings, gc.DeepEquals, expect)
 }
 
-func (s *DeployLocalSuite) assertConstraints(c *gc.C, service *state.Service, expect constraints.Value) {
+func (s *DeployLocalSuite) assertConstraints(c *gc.C, service *state.Application, expect constraints.Value) {
 	cons, err := service.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(cons, gc.DeepEquals, expect)
 }
 
-func (s *DeployLocalSuite) assertMachines(c *gc.C, service *state.Service, expectCons constraints.Value, expectIds ...string) {
+func (s *DeployLocalSuite) assertMachines(c *gc.C, service *state.Application, expectCons constraints.Value, expectIds ...string) {
 	units, err := service.AllUnits()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(units, gc.HasLen, len(expectIds))
@@ -446,10 +432,10 @@
 
 type fakeDeployer struct {
 	*state.State
-	args state.AddServiceArgs
+	args state.AddApplicationArgs
 }
 
-func (f *fakeDeployer) AddService(args state.AddServiceArgs) (*state.Service, error) {
+func (f *fakeDeployer) AddApplication(args state.AddApplicationArgs) (*state.Application, error) {
 	f.args = args
 	return nil, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,13 +1,10 @@
-package juju
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
 
-import "github.com/juju/juju/api"
+package juju
 
 var (
 	ProviderConnectDelay   = &providerConnectDelay
 	ResolveOrDropHostnames = &resolveOrDropHostnames
 	ServerAddress          = &serverAddress
 )
-
-func NewAPIFromStore(args NewAPIConnectionParams, open api.OpenFunc) (api.Connection, error) {
-	return newAPIFromStore(args, open)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/keys/signingkey.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/keys/signingkey.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/keys/signingkey.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/keys/signingkey.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,61 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package keys
+
+// JujuPublicKey is the public key required to
+// authenticate data on http://streams.canonical.com.
+// Declared as a var so it can be overridden for testing.
+var JujuPublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+mQINBFJN1n8BEAC1vt2w08Y4ztJrv3maOycMezBb7iUs6DLH8hOZoqRO9EW9558W
+8CN6G4sVbC/nIhivvn/paw0gSicfYXGs5teCJL3ShrcsGkhTs+5q7UO2TVGAUPwb
+CFWCqPkCB/+CiQ/fnEAWV5c11KzMTBtQ2nfJFS8rEQfc2PJMKqd/Y+LDItOc5E5Y
+SseGT/60coyTZO0iE3mKv1osFjSJlUv/6f/ziHGgV+IowOtEeeaEz8H/oU4vHhyA
+THL/k9DSNb0I/+aI8R84OB7EqrQ/ck6B6+CTbwGwkQUBK6z/Isl3uq9MhGjsiPjy
+EfOJNTfa+knlQcedc3/2S/jTUBDxU+myga9gQ2jF4oEzb74LarpV4y1KXpsqyLwd
+8/vpNG5rTLtjZ3ZTJu7EkAra6pNK/Uxj9guIkCIGIVS1SWtsR0mCY+6TOdfJu7bt
+qOcSWkp3gaYcnCid8ecZuD8KDcxJscdYBetxCV4TLVV5CwO4MMVkxcI3zL1ORzHS
+j0W+aYzdtycHu2w8ZQwQRuFB2y5zsxE69MOoS857FzwhRctPSiwIPWH+Qo2BkNAM
+K5fVc19z9kzgtRP1+rHgBox2w+hOSZiYf0vluaG7NPUsMfVOGBFTxn1W+rb3NL/m
+hUoDPl2e2zoViEsaT2p+ATwFDN0DlQLLQxsVIbxdL6cfMQASHmADOHA6dwARAQAB
+tEtKdWp1IFRvb2xzIChDYW5vbmljYWwgSnVqdSBUb29sIEJ1aWxkZXIpIDxqdWp1
+LXRvb2xzLW5vcmVwbHlAY2Fub25pY2FsLmNvbT6JAjkEEwEKACMFAlJN1n8CGwMH
+CwkNCAwHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRA3j2KvahV9szBED/wOlDTMpevL
+bYyh+mFaeNBw/mwCdWqpwQkpIRLwxt0al1eV9KIVhu6CK1g1UMZ24H3gy5Btj5N5
+ga02xgqfQRrP4Mqv2dYZOL5p8WFuZjbow9a+e89mqqFuW6/os57cFwZ7Z3imbBDa
+aWzuzdeWLEK7PfT6rpik6ZMIpI1LGywI93abaZX8v6ouwFeQovXcS0HKt906+ElI
+oWgSh8dL2hqZ71SR/74sehkEZSYfQRLa7RJCDvA/iInXeGRuyaheQ1iTrY606aBh
++NyOgr4cG+7Sy3FIbqgBx0hxkY8LZv4L7l2IDDjgbTEGILpQ2tkykDnFY7QgEdE4
+5TzPONg9zyk91NRHqjLIm9CFt8P3rcs+MBjaxv+S45RIHQEu+ewkr6BihnPPldkN
+eSIi4Z0OTTQfAI0oDkREVFnnOHfzZ8uafHXOnhUYsovZ3YrowoiNXOWRxeOvt5cL
+XE0Gyq7n8ESe9JOCg3AZcrDX12xWX+gaSgDaD66fI5xr+A3128BLpYQTMXOpe1n9
+rfsiA8XBEFsB6+xMJBtSSPUsaWjes/aziI87fBv7FpEMagnWLqJ7xk2E2RR06B9t
+F+SoiLF3aQ0ZJFqKpDDYBO5kZkHIql0jVkuPEz5fxTOZjZE4irTZiSMdJ6xsm9AU
+axxW8e4pax116l4D2toMJPvXkA9lCZ3RIrkCDQRSTdZ/ARAA7SonLFZQrrLD93Jp
+GpgJnYha6rr3pdIm9wH5PnV9Ysgyt/aM9RVrMXzSjMRpxdV6qxK7Lbzh/V9QxpoI
+YvFIi4Yu5k0wDPSm/sowBtVI/X2WMSSvd3DUaigTFBQ1giIY3R46wqcY99RfUPJ1
+VsHFZ0mZq5GuAPSv/Ky7r9SByMDtQk+Pt8jiOIiJ8eGgKy/W0Wau8ImNqSUyj+67
+QeOCpEKTjS2gQypi6vgCtUCDfy4yHPxppARary/GDjVIAvwjdu/+0rshWcWUOwq8
+ex2ddPYQf9dGmF9CesaFknpVnkXb9pbw+qBF/CSdk6Z/ApgtXFGwWszP5/Wqq2Pd
+ilM1C80WcZVhuwk+acYztk5P5hGw0XL2nDeNg08hcDy2NEL/hA9PM2DSFpoWy1aA
+Gjt/8ICPY3SNJlfJUhMIBOK0nmHIoHGU/tX7AiuwEKyP8Qh5kp8fYoO4c59WfeKq
+e6rbttt7IEywAlY6HiLMymqC/d0nPk0Cy5bujacH2y3ahAgCwNVvo+E77J7m7Ui2
+vqzvpcW6Fla2EzbXus4nIgqEV/qX6fQXqItptKZFvZeznj0epRswkmFm7KLXD5p1
+SzkmfAujy5xQJktZKvtTKRROnX5JdBB8RT83MIJr+U4FOT3UPQYc2V1O2k4PYF9G
+g5YZtNPTvdx8dvN7qwiO7R7xenkAEQEAAYkCHwQYAQoACQUCUk3WfwIbDAAKCRA3
+j2KvahV9s4+SD/sEKOBs6YE2dhax0y/wx1AKJbkneVhxTjgCggY/rbnLm6w85xQl
+EgGycmdRq4JkBDhmzsevx+THNJicBwN9qP12Z14kM1pr7WWw9fOmshPQx5kJXYs+
+FiK6f5vHXcNiTyvC8oOGquGrDoB7SACgTr+Lkm/dNfpRn0XsApUy6vQSqChAzqkJ
+qYZCIIbHTea1DIoNhVI+VTaJ1Z5IqMM9mi43RVYeq7yyBNLwhdjEIOX9qBK4Secn
+mFz94SCz+b5titGyFiBAJzPBP/NSwM6DP2OfRhsBC6K4xDELn8Dpucb9FHqaLG75
+K3oDhTEUfTBiG3PRfc57974+V3KrkK71rMzWpQJ2IyMtxzl8qO4JYhLRSL0kMq8/
+hYlXGcNwyUUtiDPOwvG44KDVgXbrnFTVqLU6nc9k/yPD1pfommaTAWrb2tTitkGf
+zOxHnpWTP48l+6qzfEM1PUKvx3U04BZe8JCaU+JVdy6O/rLjEVjYq/vBY6EGOxa2
+C4Vs43YdFOXSa38ze0J4nFRGO8gOBP/EJyE8Nwqg7i+6VvkD+H2KbZVUXiWld+v/
+vwtaXhWd7JS+v38YZ4CijEBe69VYHpSNIz87uhVKgdkFBhoOGtf9/NEO7NYwk7/N
+qsH+JQgcphKkC+JH0Dw7Q/0e16LClkPPa21NseVGUWzS0WmS+0egtDDutg==
+=hQAI
+-----END PGP PUBLIC KEY BLOCK-----
+`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,7 +1,12 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package juju_test
 
 import (
-	"github.com/juju/names"
+	"net"
+
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/network"
@@ -9,6 +14,8 @@
 
 type mockAPIState struct {
 	api.Connection
+
+	// If non-nil, close is called when the Close method is called.
 	close func(api.Connection) error
 
 	addr          string
@@ -17,6 +24,46 @@
 	controllerTag string
 }
 
+type mockedStateFlags int
+
+const (
+	noFlags        mockedStateFlags = 0x0000
+	mockedHostPort mockedStateFlags = 0x0001
+	mockedModelTag mockedStateFlags = 0x0002
+)
+
+// mockedAPIState returns a mocked-up implementation
+// of api.Connection. The logical OR of the flags specifies
+// whether to include a fake host port and model tag
+// in the result.
+func mockedAPIState(flags mockedStateFlags) *mockAPIState {
+	hasHostPort := flags&mockedHostPort == mockedHostPort
+	hasModelTag := flags&mockedModelTag == mockedModelTag
+	addr := ""
+
+	apiHostPorts := [][]network.HostPort{}
+	if hasHostPort {
+		var apiAddrs []network.Address
+		ipv4Address := network.NewAddress("0.1.2.3")
+		ipv6Address := network.NewAddress("2001:db8::1")
+		addr = net.JoinHostPort(ipv4Address.Value, "1234")
+		apiAddrs = append(apiAddrs, ipv4Address, ipv6Address)
+		apiHostPorts = [][]network.HostPort{
+			network.AddressesWithPort(apiAddrs, 1234),
+		}
+	}
+	modelTag := ""
+	if hasModelTag {
+		modelTag = "model-df136476-12e9-11e4-8a70-b2227cce2b54"
+	}
+	return &mockAPIState{
+		apiHostPorts:  apiHostPorts,
+		modelTag:      modelTag,
+		controllerTag: modelTag,
+		addr:          addr,
+	}
+}
+
 func (s *mockAPIState) Close() error {
 	if s.close != nil {
 		return s.close(s)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/osenv/old_home.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/osenv/old_home.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/osenv/old_home.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/osenv/old_home.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package osenv
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/paths/paths.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/paths/paths.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/paths/paths.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/paths/paths.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package paths
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/permission/model.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/permission/model.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/permission/model.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/permission/model.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,6 +18,9 @@
 
 	// ModelWriteAccess allows a user write access to the model.
 	ModelWriteAccess ModelAccess = iota
+
+	// ModelAdminAccess allows a user to perform administrative tasks on a model.
+	ModelAdminAccess ModelAccess = iota
 )
 
 // ParseModelAccess parses a user-facing string representation of a model
@@ -29,6 +32,8 @@
 		return ModelReadAccess, nil
 	case "write":
 		return ModelWriteAccess, nil
+	case "admin":
+		return ModelAdminAccess, nil
 	default:
 		return fail, errors.Errorf("invalid model access permission %q", access)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/signingkey.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/signingkey.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/signingkey.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/signingkey.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,61 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package juju
-
-// JujuPublicKey is the public key required to
-// authenticate data on http://streams.canonical.com.
-// Declared as a var so it can be overridden for testing.
-var JujuPublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-mQINBFJN1n8BEAC1vt2w08Y4ztJrv3maOycMezBb7iUs6DLH8hOZoqRO9EW9558W
-8CN6G4sVbC/nIhivvn/paw0gSicfYXGs5teCJL3ShrcsGkhTs+5q7UO2TVGAUPwb
-CFWCqPkCB/+CiQ/fnEAWV5c11KzMTBtQ2nfJFS8rEQfc2PJMKqd/Y+LDItOc5E5Y
-SseGT/60coyTZO0iE3mKv1osFjSJlUv/6f/ziHGgV+IowOtEeeaEz8H/oU4vHhyA
-THL/k9DSNb0I/+aI8R84OB7EqrQ/ck6B6+CTbwGwkQUBK6z/Isl3uq9MhGjsiPjy
-EfOJNTfa+knlQcedc3/2S/jTUBDxU+myga9gQ2jF4oEzb74LarpV4y1KXpsqyLwd
-8/vpNG5rTLtjZ3ZTJu7EkAra6pNK/Uxj9guIkCIGIVS1SWtsR0mCY+6TOdfJu7bt
-qOcSWkp3gaYcnCid8ecZuD8KDcxJscdYBetxCV4TLVV5CwO4MMVkxcI3zL1ORzHS
-j0W+aYzdtycHu2w8ZQwQRuFB2y5zsxE69MOoS857FzwhRctPSiwIPWH+Qo2BkNAM
-K5fVc19z9kzgtRP1+rHgBox2w+hOSZiYf0vluaG7NPUsMfVOGBFTxn1W+rb3NL/m
-hUoDPl2e2zoViEsaT2p+ATwFDN0DlQLLQxsVIbxdL6cfMQASHmADOHA6dwARAQAB
-tEtKdWp1IFRvb2xzIChDYW5vbmljYWwgSnVqdSBUb29sIEJ1aWxkZXIpIDxqdWp1
-LXRvb2xzLW5vcmVwbHlAY2Fub25pY2FsLmNvbT6JAjkEEwEKACMFAlJN1n8CGwMH
-CwkNCAwHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRA3j2KvahV9szBED/wOlDTMpevL
-bYyh+mFaeNBw/mwCdWqpwQkpIRLwxt0al1eV9KIVhu6CK1g1UMZ24H3gy5Btj5N5
-ga02xgqfQRrP4Mqv2dYZOL5p8WFuZjbow9a+e89mqqFuW6/os57cFwZ7Z3imbBDa
-aWzuzdeWLEK7PfT6rpik6ZMIpI1LGywI93abaZX8v6ouwFeQovXcS0HKt906+ElI
-oWgSh8dL2hqZ71SR/74sehkEZSYfQRLa7RJCDvA/iInXeGRuyaheQ1iTrY606aBh
-+NyOgr4cG+7Sy3FIbqgBx0hxkY8LZv4L7l2IDDjgbTEGILpQ2tkykDnFY7QgEdE4
-5TzPONg9zyk91NRHqjLIm9CFt8P3rcs+MBjaxv+S45RIHQEu+ewkr6BihnPPldkN
-eSIi4Z0OTTQfAI0oDkREVFnnOHfzZ8uafHXOnhUYsovZ3YrowoiNXOWRxeOvt5cL
-XE0Gyq7n8ESe9JOCg3AZcrDX12xWX+gaSgDaD66fI5xr+A3128BLpYQTMXOpe1n9
-rfsiA8XBEFsB6+xMJBtSSPUsaWjes/aziI87fBv7FpEMagnWLqJ7xk2E2RR06B9t
-F+SoiLF3aQ0ZJFqKpDDYBO5kZkHIql0jVkuPEz5fxTOZjZE4irTZiSMdJ6xsm9AU
-axxW8e4pax116l4D2toMJPvXkA9lCZ3RIrkCDQRSTdZ/ARAA7SonLFZQrrLD93Jp
-GpgJnYha6rr3pdIm9wH5PnV9Ysgyt/aM9RVrMXzSjMRpxdV6qxK7Lbzh/V9QxpoI
-YvFIi4Yu5k0wDPSm/sowBtVI/X2WMSSvd3DUaigTFBQ1giIY3R46wqcY99RfUPJ1
-VsHFZ0mZq5GuAPSv/Ky7r9SByMDtQk+Pt8jiOIiJ8eGgKy/W0Wau8ImNqSUyj+67
-QeOCpEKTjS2gQypi6vgCtUCDfy4yHPxppARary/GDjVIAvwjdu/+0rshWcWUOwq8
-ex2ddPYQf9dGmF9CesaFknpVnkXb9pbw+qBF/CSdk6Z/ApgtXFGwWszP5/Wqq2Pd
-ilM1C80WcZVhuwk+acYztk5P5hGw0XL2nDeNg08hcDy2NEL/hA9PM2DSFpoWy1aA
-Gjt/8ICPY3SNJlfJUhMIBOK0nmHIoHGU/tX7AiuwEKyP8Qh5kp8fYoO4c59WfeKq
-e6rbttt7IEywAlY6HiLMymqC/d0nPk0Cy5bujacH2y3ahAgCwNVvo+E77J7m7Ui2
-vqzvpcW6Fla2EzbXus4nIgqEV/qX6fQXqItptKZFvZeznj0epRswkmFm7KLXD5p1
-SzkmfAujy5xQJktZKvtTKRROnX5JdBB8RT83MIJr+U4FOT3UPQYc2V1O2k4PYF9G
-g5YZtNPTvdx8dvN7qwiO7R7xenkAEQEAAYkCHwQYAQoACQUCUk3WfwIbDAAKCRA3
-j2KvahV9s4+SD/sEKOBs6YE2dhax0y/wx1AKJbkneVhxTjgCggY/rbnLm6w85xQl
-EgGycmdRq4JkBDhmzsevx+THNJicBwN9qP12Z14kM1pr7WWw9fOmshPQx5kJXYs+
-FiK6f5vHXcNiTyvC8oOGquGrDoB7SACgTr+Lkm/dNfpRn0XsApUy6vQSqChAzqkJ
-qYZCIIbHTea1DIoNhVI+VTaJ1Z5IqMM9mi43RVYeq7yyBNLwhdjEIOX9qBK4Secn
-mFz94SCz+b5titGyFiBAJzPBP/NSwM6DP2OfRhsBC6K4xDELn8Dpucb9FHqaLG75
-K3oDhTEUfTBiG3PRfc57974+V3KrkK71rMzWpQJ2IyMtxzl8qO4JYhLRSL0kMq8/
-hYlXGcNwyUUtiDPOwvG44KDVgXbrnFTVqLU6nc9k/yPD1pfommaTAWrb2tTitkGf
-zOxHnpWTP48l+6qzfEM1PUKvx3U04BZe8JCaU+JVdy6O/rLjEVjYq/vBY6EGOxa2
-C4Vs43YdFOXSa38ze0J4nFRGO8gOBP/EJyE8Nwqg7i+6VvkD+H2KbZVUXiWld+v/
-vwtaXhWd7JS+v38YZ4CijEBe69VYHpSNIz87uhVKgdkFBhoOGtf9/NEO7NYwk7/N
-qsH+JQgcphKkC+JH0Dw7Q/0e16LClkPPa21NseVGUWzS0WmS+0egtDDutg==
-=hQAI
------END PGP PUBLIC KEY BLOCK-----
-`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/sockets/sockets.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/sockets/sockets.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/sockets/sockets.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/sockets/sockets.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package sockets
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/sockets/sockets_nix.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/sockets/sockets_nix.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/sockets/sockets_nix.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/sockets/sockets_nix.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 // +build !windows
 
 package sockets
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/sockets/sockets_windows.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/sockets/sockets_windows.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/sockets/sockets_windows.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/sockets/sockets_windows.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package sockets
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/conn.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/conn.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/conn.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/conn.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,6 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
@@ -23,12 +22,14 @@
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charmrepo.v2-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/cert"
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
@@ -37,7 +38,7 @@
 	"github.com/juju/juju/environs/storage"
 	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/jujuclient"
 	"github.com/juju/juju/mongo"
@@ -70,6 +71,11 @@
 	// added to the suite's environment configuration.
 	ConfigAttrs map[string]interface{}
 
+	// ControllerConfigAttrs can be set up before SetUpTest
+	// is invoked. Any attributes set here will be added to
+	// the suite's controller configuration.
+	ControllerConfigAttrs map[string]interface{}
+
 	// TODO: JujuConnSuite should not be concerned both with JUJU_DATA and with
 	// /var/lib/juju: the use cases are completely non-overlapping, and any tests that
 	// really do need both to exist ought to be embedding distinct fixtures for the
@@ -81,6 +87,7 @@
 	DefaultToolsStorageDir string
 	DefaultToolsStorage    storage.Storage
 
+	ControllerConfig   controller.Config
 	State              *state.State
 	Environ            environs.Environ
 	APIState           api.Connection
@@ -145,7 +152,7 @@
 }
 
 func (s *JujuConnSuite) APIInfo(c *gc.C) *api.Info {
-	apiInfo, err := environs.APIInfo(s.Environ)
+	apiInfo, err := environs.APIInfo(s.ControllerConfig.ControllerUUID(), testing.ModelTag.Id(), testing.CACert, s.ControllerConfig.APIPort(), s.Environ)
 	c.Assert(err, jc.ErrorIsNil)
 	apiInfo.Tag = s.AdminUserTag(c)
 	apiInfo.Password = "dummy-secret"
@@ -210,15 +217,19 @@
 	defaultSeries := set.NewStrings(supported...)
 	defaultSeries.Add(config.PreferredSeries(conf))
 	defaultSeries.Add(series.HostSeries())
+	agentVersion, set := conf.AgentVersion()
+	if !set {
+		agentVersion = jujuversion.Current
+	}
 	for _, s := range defaultSeries.Values() {
 		versions = append(versions, version.Binary{
-			Number: jujuversion.Current,
+			Number: agentVersion,
 			Arch:   arch.HostArch(),
 			Series: s,
 		})
 		if arch.HostArch() != "amd64" {
 			versions = append(versions, version.Binary{
-				Number: jujuversion.Current,
+				Number: agentVersion,
 				Arch:   "amd64",
 				Series: s,
 			})
@@ -249,7 +260,7 @@
 
 	err = os.MkdirAll(s.DataDir(), 0777)
 	c.Assert(err, jc.ErrorIsNil)
-	s.PatchEnvironment(osenv.JujuModelEnvKey, "admin")
+	s.PatchEnvironment(osenv.JujuModelEnvKey, "controller")
 
 	cfg, err := config.New(config.UseDefaults, (map[string]interface{})(s.sampleConfig()))
 	c.Assert(err, jc.ErrorIsNil)
@@ -257,19 +268,25 @@
 	s.ControllerStore = jujuclient.NewFileClientStore()
 
 	ctx := testing.Context(c)
-	environ, err := environs.Prepare(
+	s.ControllerConfig = testing.FakeControllerConfig()
+	for key, value := range s.ControllerConfigAttrs {
+		s.ControllerConfig[key] = value
+	}
+	environ, err := bootstrap.Prepare(
 		modelcmd.BootstrapContext(ctx),
 		s.ControllerStore,
-		environs.PrepareParams{
-			BaseConfig:     cfg.AllAttrs(),
-			Credential:     cloud.NewEmptyCredential(),
-			ControllerName: ControllerName,
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: s.ControllerConfig,
+			BaseConfig:       cfg.AllAttrs(),
+			Credential:       cloud.NewEmptyCredential(),
+			ControllerName:   ControllerName,
+			CloudName:        "dummy",
+			AdminSecret:      AdminSecret,
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	// sanity check we've got the correct environment.
-	c.Assert(environ.Config().Name(), gc.Equals, "admin")
+	c.Assert(environ.Config().Name(), gc.Equals, "controller")
 	s.PatchValue(&dummy.DataDir, s.DataDir())
 	s.LogDir = c.MkDir()
 	s.PatchValue(&dummy.LogDir, s.LogDir)
@@ -287,8 +304,20 @@
 	envtesting.AssertUploadFakeToolsVersions(c, stor, "devel", "devel", versions...)
 	s.DefaultToolsStorage = stor
 
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
-	err = bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), environ, bootstrap.BootstrapParams{})
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	// Dummy provider uses a random port, which is added to cfg used to create environment.
+	apiPort := dummy.ApiPort(environ.Provider())
+	s.ControllerConfig["api-port"] = apiPort
+	err = bootstrap.Bootstrap(modelcmd.BootstrapContext(ctx), environ, bootstrap.BootstrapParams{
+		ControllerConfig: s.ControllerConfig,
+		CloudName:        "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		AdminSecret:  AdminSecret,
+		CAPrivateKey: testing.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	getStater := environ.(GetStater)
@@ -298,10 +327,10 @@
 	s.State, err = newState(environ, s.BackingState.MongoConnectionInfo())
 	c.Assert(err, jc.ErrorIsNil)
 
-	apiInfo, err := environs.APIInfo(environ)
+	apiInfo, err := environs.APIInfo(s.ControllerConfig.ControllerUUID(), testing.ModelTag.Id(), testing.CACert, s.ControllerConfig.APIPort(), environ)
 	c.Assert(err, jc.ErrorIsNil)
 	apiInfo.Tag = s.AdminUserTag(c)
-	apiInfo.Password = environ.Config().AdminSecret()
+	apiInfo.Password = AdminSecret
 	s.APIState, err = api.Open(apiInfo, api.DialOpts{})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -314,7 +343,7 @@
 	controller.APIEndpoints = []string{s.APIState.APIHostPorts()[0][0].String()}
 	err = s.ControllerStore.UpdateController(ControllerName, *controller)
 	c.Assert(err, jc.ErrorIsNil)
-	err = modelcmd.WriteCurrentController(ControllerName)
+	err = s.ControllerStore.SetCurrentController(ControllerName)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.Environ = environ
@@ -325,8 +354,8 @@
 		Cert:         testing.ServerCert,
 		CAPrivateKey: testing.CAKey,
 		SharedSecret: "really, really secret",
-		APIPort:      4321,
-		StatePort:    1234,
+		APIPort:      s.ControllerConfig.APIPort(),
+		StatePort:    s.ControllerConfig.StatePort(),
 	}
 	s.State.SetStateServingInfo(servingInfo)
 }
@@ -364,7 +393,7 @@
 // The environment must have already been bootstrapped.
 func newState(environ environs.Environ, mongoInfo *mongo.MongoInfo) (*state.State, error) {
 	config := environ.Config()
-	password := config.AdminSecret()
+	password := AdminSecret
 	if password == "" {
 		return nil, fmt.Errorf("cannot connect without admin-secret")
 	}
@@ -510,11 +539,8 @@
 		s.DummyConfig = dummy.SampleConfig()
 	}
 	attrs := s.DummyConfig.Merge(testing.Attrs{
-		"name":           "admin",
-		"admin-secret":   AdminSecret,
-		"agent-version":  jujuversion.Current.String(),
-		"ca-cert":        testing.CACert,
-		"ca-private-key": testing.CAKey,
+		"name":          "controller",
+		"agent-version": jujuversion.Current.String(),
 	})
 	// Add any custom attributes required.
 	for attr, val := range s.ConfigAttrs {
@@ -598,24 +624,23 @@
 	return sch
 }
 
-func (s *JujuConnSuite) AddTestingService(c *gc.C, name string, ch *state.Charm) *state.Service {
-	return s.AddOwnedTestingServiceWithArgs(c, state.AddServiceArgs{Name: name, Charm: ch})
-}
-
-func (s *JujuConnSuite) AddOwnedTestingServiceWithArgs(c *gc.C, args state.AddServiceArgs) *state.Service {
-	c.Assert(s.State, gc.NotNil)
-	args.Owner = s.AdminUserTag(c).String()
-	service, err := s.State.AddService(args)
+func (s *JujuConnSuite) AddTestingService(c *gc.C, name string, ch *state.Charm) *state.Application {
+	app, err := s.State.AddApplication(state.AddApplicationArgs{Name: name, Charm: ch})
 	c.Assert(err, jc.ErrorIsNil)
-	return service
+	return app
+
 }
 
-func (s *JujuConnSuite) AddTestingServiceWithStorage(c *gc.C, name string, ch *state.Charm, storage map[string]state.StorageConstraints) *state.Service {
-	return s.AddOwnedTestingServiceWithArgs(c, state.AddServiceArgs{Name: name, Charm: ch, Storage: storage})
+func (s *JujuConnSuite) AddTestingServiceWithStorage(c *gc.C, name string, ch *state.Charm, storage map[string]state.StorageConstraints) *state.Application {
+	app, err := s.State.AddApplication(state.AddApplicationArgs{Name: name, Charm: ch, Storage: storage})
+	c.Assert(err, jc.ErrorIsNil)
+	return app
 }
 
-func (s *JujuConnSuite) AddTestingServiceWithBindings(c *gc.C, name string, ch *state.Charm, bindings map[string]string) *state.Service {
-	return s.AddOwnedTestingServiceWithArgs(c, state.AddServiceArgs{Name: name, Charm: ch, EndpointBindings: bindings})
+func (s *JujuConnSuite) AddTestingServiceWithBindings(c *gc.C, name string, ch *state.Charm, bindings map[string]string) *state.Application {
+	app, err := s.State.AddApplication(state.AddApplicationArgs{Name: name, Charm: ch, EndpointBindings: bindings})
+	c.Assert(err, jc.ErrorIsNil)
+	return app
 }
 
 func (s *JujuConnSuite) AgentConfigForTag(c *gc.C, tag names.Tag) agent.ConfigSetter {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -20,30 +20,17 @@
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/network"
+	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/testing"
 	coretools "github.com/juju/juju/tools"
 )
 
-// FakeStateInfo holds information about no state - it will always
-// give an error when connected to.  The machine id gives the machine id
-// of the machine to be started.
-func FakeStateInfo(machineId string) *mongo.MongoInfo {
-	return &mongo.MongoInfo{
-		Info: mongo.Info{
-			Addrs:  []string{"0.1.2.3:1234"},
-			CACert: testing.CACert,
-		},
-		Tag:      names.NewMachineTag(machineId),
-		Password: "unimportant",
-	}
-}
-
 // FakeAPIInfo holds information about no state - it will always
 // give an error when connected to.  The machine id gives the machine id
 // of the machine to be started.
 func FakeAPIInfo(machineId string) *api.Info {
 	return &api.Info{
-		Addrs:    []string{"0.1.2.3:1234"},
+		Addrs:    []string{"0.1.2.3:17777"},
 		Tag:      names.NewMachineTag(machineId),
 		Password: "unimportant",
 		CACert:   testing.CACert,
@@ -69,14 +56,30 @@
 	return nil, errors.Errorf("timed out trying to get addresses for %v", instId)
 }
 
+// AssertStartControllerInstance is a test helper function that starts a
+// controller instance with a plausible but invalid configuration, and
+// checks that it succeeds.
+func AssertStartControllerInstance(
+	c *gc.C, env environs.Environ, controllerUUID, machineId string,
+) (
+	instance.Instance, *instance.HardwareCharacteristics,
+) {
+	params := environs.StartInstanceParams{ControllerUUID: controllerUUID}
+	err := fillinStartInstanceParams(env, machineId, true, &params)
+	c.Assert(err, jc.ErrorIsNil)
+	result, err := env.StartInstance(params)
+	c.Assert(err, jc.ErrorIsNil)
+	return result.Instance, result.Hardware
+}
+
 // AssertStartInstance is a test helper function that starts an instance with a
 // plausible but invalid configuration, and checks that it succeeds.
 func AssertStartInstance(
-	c *gc.C, env environs.Environ, machineId string,
+	c *gc.C, env environs.Environ, controllerUUID, machineId string,
 ) (
 	instance.Instance, *instance.HardwareCharacteristics,
 ) {
-	inst, hc, _, err := StartInstance(env, machineId)
+	inst, hc, _, err := StartInstance(env, controllerUUID, machineId)
 	c.Assert(err, jc.ErrorIsNil)
 	return inst, hc
 }
@@ -84,22 +87,22 @@
 // StartInstance is a test helper function that starts an instance with a plausible
 // but invalid configuration, and returns the result of Environ.StartInstance.
 func StartInstance(
-	env environs.Environ, machineId string,
+	env environs.Environ, controllerUUID, machineId string,
 ) (
 	instance.Instance, *instance.HardwareCharacteristics, []network.InterfaceInfo, error,
 ) {
-	return StartInstanceWithConstraints(env, machineId, constraints.Value{})
+	return StartInstanceWithConstraints(env, controllerUUID, machineId, constraints.Value{})
 }
 
 // AssertStartInstanceWithConstraints is a test helper function that starts an instance
 // with the given constraints, and a plausible but invalid configuration, and returns
 // the result of Environ.StartInstance.
 func AssertStartInstanceWithConstraints(
-	c *gc.C, env environs.Environ, machineId string, cons constraints.Value,
+	c *gc.C, env environs.Environ, controllerUUID, machineId string, cons constraints.Value,
 ) (
 	instance.Instance, *instance.HardwareCharacteristics,
 ) {
-	inst, hc, _, err := StartInstanceWithConstraints(env, machineId, cons)
+	inst, hc, _, err := StartInstanceWithConstraints(env, controllerUUID, machineId, cons)
 	c.Assert(err, jc.ErrorIsNil)
 	return inst, hc
 }
@@ -108,11 +111,11 @@
 // with the given constraints, and a plausible but invalid configuration, and returns
 // the result of Environ.StartInstance.
 func StartInstanceWithConstraints(
-	env environs.Environ, machineId string, cons constraints.Value,
+	env environs.Environ, controllerUUID, machineId string, cons constraints.Value,
 ) (
 	instance.Instance, *instance.HardwareCharacteristics, []network.InterfaceInfo, error,
 ) {
-	params := environs.StartInstanceParams{Constraints: cons}
+	params := environs.StartInstanceParams{ControllerUUID: controllerUUID, Constraints: cons}
 	result, err := StartInstanceWithParams(env, machineId, params)
 	if err != nil {
 		return nil, nil, nil, errors.Trace(err)
@@ -130,10 +133,20 @@
 ) (
 	*environs.StartInstanceResult, error,
 ) {
+	if err := fillinStartInstanceParams(env, machineId, false, &params); err != nil {
+		return nil, err
+	}
+	return env.StartInstance(params)
+}
+
+func fillinStartInstanceParams(env environs.Environ, machineId string, isController bool, params *environs.StartInstanceParams) error {
+	if params.ControllerUUID == "" {
+		return errors.New("missing controller UUID in start instance parameters")
+	}
 	preferredSeries := config.PreferredSeries(env.Config())
 	agentVersion, ok := env.Config().AgentVersion()
 	if !ok {
-		return nil, errors.New("missing agent version in model config")
+		return errors.New("missing agent version in model config")
 	}
 	filter := coretools.Filter{
 		Number: agentVersion,
@@ -145,7 +158,7 @@
 	stream := tools.PreferredStream(&agentVersion, env.Config().Development(), env.Config().AgentStream())
 	possibleTools, err := tools.FindTools(env, -1, -1, stream, filter)
 	if err != nil {
-		return nil, errors.Trace(err)
+		return errors.Trace(err)
 	}
 
 	if params.ImageMetadata == nil {
@@ -155,30 +168,42 @@
 			possibleTools.Arches(),
 			&params.ImageMetadata,
 		); err != nil {
-			return nil, errors.Trace(err)
+			return errors.Trace(err)
 		}
 	}
 
 	machineNonce := "fake_nonce"
-	stateInfo := FakeStateInfo(machineId)
 	apiInfo := FakeAPIInfo(machineId)
 	instanceConfig, err := instancecfg.NewInstanceConfig(
 		machineId,
 		machineNonce,
 		imagemetadata.ReleasedStream,
 		preferredSeries,
-		"",
 		true,
-		stateInfo,
 		apiInfo,
 	)
 	if err != nil {
-		return nil, errors.Trace(err)
+		return errors.Trace(err)
 	}
-	instanceConfig.Tags = instancecfg.InstanceTags(env.Config(), nil)
+	if isController {
+		instanceConfig.Controller = &instancecfg.ControllerConfig{
+			Config: testing.FakeControllerConfig(),
+			MongoInfo: &mongo.MongoInfo{
+				Info: mongo.Info{
+					Addrs:  []string{"127.0.0.1:1234"},
+					CACert: "CA CERT\n" + testing.CACert,
+				},
+				Password: "mongosecret",
+				Tag:      names.NewMachineTag(machineId),
+			},
+		}
+		instanceConfig.Jobs = []multiwatcher.MachineJob{multiwatcher.JobHostUnits, multiwatcher.JobManageModel}
+	}
+	cfg := env.Config()
+	instanceConfig.Tags = instancecfg.InstanceTags(params.ControllerUUID, params.ControllerUUID, cfg, nil)
 	params.Tools = possibleTools
 	params.InstanceConfig = instanceConfig
-	return env.StartInstance(params)
+	return nil
 }
 
 func SetImageMetadata(env environs.Environ, series, arches []string, out *[]*imagemetadata.ImageMetadata) error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/repo.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/repo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/repo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/repo.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,14 +1,17 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package testing
 
 import (
 	"sort"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/storage"
@@ -28,8 +31,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *RepoSuite) AssertService(c *gc.C, name string, expectCurl *charm.URL, unitCount, relCount int) (*state.Service, []*state.Relation) {
-	svc, err := s.State.Service(name)
+func (s *RepoSuite) AssertService(c *gc.C, name string, expectCurl *charm.URL, unitCount, relCount int) (*state.Application, []*state.Relation) {
+	svc, err := s.State.Application(name)
 	c.Assert(err, jc.ErrorIsNil)
 	ch, _, err := svc.Charm()
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/utils.go juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/utils.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/juju/testing/utils.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/juju/testing/utils.go	2016-07-18 19:45:44.000000000 +0000
@@ -48,8 +48,6 @@
 //     ProviderId: "subnet-{{.}}",
 //     SpaceName: "space1",
 //     AvailabilityZone: "zone-{{.}}",
-//     AllocatableIPLow: "{{if (gt . 0)}}10.10.{{.}}.5{{end}}",
-//     AllocatableIPHigh: "{{if (gt . 0)}}10.10.{{.}}.254{{end}}",
 //     VLANTag: 42,
 // })
 //
@@ -68,8 +66,6 @@
 //     ProviderId: "subnet-1",
 //     SpaceName: "space1",
 //     AvailabilityZone: "zone-1",
-//     AllocatableIPLow: "10.10.1.5",
-//     AllocatableIPHigh: "10.10.1.254",
 //     VLANTag: 42,
 // })
 func AddSubnetsWithTemplate(c *gc.C, st *state.State, numSubnets uint, infoTemplate state.SubnetInfo) {
@@ -90,8 +86,6 @@
 
 		info.ProviderId = network.Id(permute(string(info.ProviderId)))
 		info.CIDR = permute(info.CIDR)
-		info.AllocatableIPHigh = permute(info.AllocatableIPHigh)
-		info.AllocatableIPLow = permute(info.AllocatableIPLow)
 		info.AvailabilityZone = permute(info.AvailabilityZone)
 		info.SpaceName = permute(info.SpaceName)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/accountsfile_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/accountsfile_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/accountsfile_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/accountsfile_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,55 +23,25 @@
 const testAccountsYAML = `
 controllers:
   ctrl:
-    accounts:
-      admin@local:
-        user: admin@local
-        password: hunter2
+    user: admin@local
+    password: hunter2
   kontroll:
-    accounts:
-      admin@local:
-        user: admin@local
-        password: hunter2
-      bob@local:
-        user: bob@local
-        password: huntert00
-      bob@remote:
-        user: bob@remote
-    current-account: admin@local
+    user: bob@remote
 `
 
-var testControllerAccounts = map[string]*jujuclient.ControllerAccounts{
-	"kontroll": {
-		Accounts: map[string]jujuclient.AccountDetails{
-			"admin@local": kontrollAdminAccountDetails,
-			"bob@local":   kontrollBobLocalAccountDetails,
-			"bob@remote":  kontrollBobRemoteAccountDetails,
-		},
-		CurrentAccount: "admin@local",
-	},
-	"ctrl": {
-		Accounts: map[string]jujuclient.AccountDetails{
-			"admin@local": ctrlAdminAccountDetails,
-		},
-	},
+var testControllerAccounts = map[string]jujuclient.AccountDetails{
+	"ctrl":     ctrlAdminAccountDetails,
+	"kontroll": kontrollBobRemoteAccountDetails,
 }
 
 var (
-	kontrollAdminAccountDetails = jujuclient.AccountDetails{
+	ctrlAdminAccountDetails = jujuclient.AccountDetails{
 		User:     "admin@local",
 		Password: "hunter2",
 	}
-	kontrollBobLocalAccountDetails = jujuclient.AccountDetails{
-		User:     "bob@local",
-		Password: "huntert00",
-	}
 	kontrollBobRemoteAccountDetails = jujuclient.AccountDetails{
 		User: "bob@remote",
 	}
-	ctrlAdminAccountDetails = jujuclient.AccountDetails{
-		User:     "admin@local",
-		Password: "hunter2",
-	}
 )
 
 func (s *AccountsFileSuite) TestWriteFile(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/accounts.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/accounts.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/accounts.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/accounts.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,7 +22,7 @@
 
 // ReadAccountsFile loads all accounts defined in a given file.
 // If the file is not found, it is not an error.
-func ReadAccountsFile(file string) (map[string]*ControllerAccounts, error) {
+func ReadAccountsFile(file string) (map[string]AccountDetails, error) {
 	data, err := ioutil.ReadFile(file)
 	if err != nil {
 		if os.IsNotExist(err) {
@@ -30,6 +30,9 @@
 		}
 		return nil, err
 	}
+	if err := migrateLegacyAccounts(data); err != nil {
+		return nil, err
+	}
 	accounts, err := ParseAccounts(data)
 	if err != nil {
 		return nil, err
@@ -39,7 +42,7 @@
 
 // WriteAccountsFile marshals to YAML details of the given accounts
 // and writes it to the accounts file.
-func WriteAccountsFile(controllerAccounts map[string]*ControllerAccounts) error {
+func WriteAccountsFile(controllerAccounts map[string]AccountDetails) error {
 	data, err := yaml.Marshal(accountsCollection{controllerAccounts})
 	if err != nil {
 		return errors.Annotate(err, "cannot marshal accounts")
@@ -48,24 +51,48 @@
 }
 
 // ParseAccounts parses the given YAML bytes into accounts metadata.
-func ParseAccounts(data []byte) (map[string]*ControllerAccounts, error) {
+func ParseAccounts(data []byte) (map[string]AccountDetails, error) {
 	var result accountsCollection
-	err := yaml.Unmarshal(data, &result)
-	if err != nil {
+	if err := yaml.Unmarshal(data, &result); err != nil {
 		return nil, errors.Annotate(err, "cannot unmarshal accounts")
 	}
 	return result.ControllerAccounts, nil
 }
 
 type accountsCollection struct {
-	ControllerAccounts map[string]*ControllerAccounts `yaml:"controllers"`
+	ControllerAccounts map[string]AccountDetails `yaml:"controllers"`
 }
 
-// ControllerAccounts stores per-controller account information.
-type ControllerAccounts struct {
-	// Accounts is the collection of accounts for the controller.
-	Accounts map[string]AccountDetails `yaml:"accounts"`
-
-	// CurrentAccount is the name of the active account for the controller.
-	CurrentAccount string `yaml:"current-account,omitempty"`
+// TODO(axw) 2016-07-14 #NNN
+// Drop this code once we get to 2.0-beta13.
+func migrateLegacyAccounts(data []byte) error {
+	type legacyControllerAccounts struct {
+		Accounts       map[string]AccountDetails `yaml:"accounts"`
+		CurrentAccount string                    `yaml:"current-account,omitempty"`
+	}
+	type legacyAccountsCollection struct {
+		ControllerAccounts map[string]legacyControllerAccounts `yaml:"controllers"`
+	}
+	var legacy legacyAccountsCollection
+	if err := yaml.Unmarshal(data, &legacy); err != nil {
+		return errors.Annotate(err, "cannot unmarshal accounts")
+	}
+	result := make(map[string]AccountDetails)
+	for controller, controllerAccounts := range legacy.ControllerAccounts {
+		if controllerAccounts.CurrentAccount == "" {
+			continue
+		}
+		details, ok := controllerAccounts.Accounts[controllerAccounts.CurrentAccount]
+		if !ok {
+			continue
+		}
+		result[controller] = details
+	}
+	if len(result) > 0 {
+		// Only write if we found at least one,
+		// which means the file was in legacy
+		// format. Otherwise leave it alone.
+		return WriteAccountsFile(result)
+	}
+	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/accounts_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/accounts_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/accounts_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/accounts_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,6 @@
 import (
 	"os"
 
-	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -27,33 +26,28 @@
 	writeTestAccountsFile(c)
 }
 
-func (s *AccountsSuite) TestAccountByNameNoFile(c *gc.C) {
+func (s *AccountsSuite) TestAccountDetailsNoFile(c *gc.C) {
 	err := os.Remove(jujuclient.JujuAccountsPath())
 	c.Assert(err, jc.ErrorIsNil)
-	details, err := s.store.AccountByName("not-found", "admin@local")
-	c.Assert(err, gc.ErrorMatches, "controller not-found not found")
+	details, err := s.store.AccountDetails("not-found")
+	c.Assert(err, gc.ErrorMatches, "account details for controller not-found not found")
 	c.Assert(details, gc.IsNil)
 }
 
-func (s *AccountsSuite) TestAccountByNameControllerNotFound(c *gc.C) {
-	details, err := s.store.AccountByName("not-found", "admin@local")
-	c.Assert(err, gc.ErrorMatches, "controller not-found not found")
+func (s *AccountsSuite) TestAccountDetailsControllerNotFound(c *gc.C) {
+	details, err := s.store.AccountDetails("not-found")
+	c.Assert(err, gc.ErrorMatches, "account details for controller not-found not found")
 	c.Assert(details, gc.IsNil)
 }
 
-func (s *AccountsSuite) TestAccountByNameAccountNotFound(c *gc.C) {
-	details, err := s.store.AccountByName("kontroll", "admin@nowhere")
-	c.Assert(err, gc.ErrorMatches, "account kontroll:admin@nowhere not found")
-	c.Assert(details, gc.IsNil)
-}
-
-func (s *AccountsSuite) TestAccountByName(c *gc.C) {
-	details, err := s.store.AccountByName("kontroll", "admin@local")
+func (s *AccountsSuite) TestAccountDetails(c *gc.C) {
+	details, err := s.store.AccountDetails("kontroll")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(details, gc.NotNil)
-	c.Assert(*details, jc.DeepEquals, testControllerAccounts["kontroll"].Accounts["admin@local"])
+	c.Assert(*details, jc.DeepEquals, kontrollBobRemoteAccountDetails)
 }
 
+/*
 func (s *AccountsSuite) TestAllAccountsNoFile(c *gc.C) {
 	err := os.Remove(jujuclient.JujuAccountsPath())
 	c.Assert(err, jc.ErrorIsNil)
@@ -151,7 +145,7 @@
 		// identical details.
 		err := s.store.UpdateAccount("kontroll", "admin@local", testAccountDetails)
 		c.Assert(err, jc.ErrorIsNil)
-		details, err := s.store.AccountByName("kontroll", "admin@local")
+		details, err := s.store.AccountDetails("kontroll", "admin@local")
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(*details, jc.DeepEquals, testAccountDetails)
 	}
@@ -177,7 +171,7 @@
 func (s *AccountsSuite) TestRemoveAccount(c *gc.C) {
 	err := s.store.RemoveAccount("kontroll", "admin@local")
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.store.AccountByName("kontroll", "admin@local")
+	_, err = s.store.AccountDetails("kontroll", "admin@local")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
@@ -196,3 +190,4 @@
 	_, ok := accounts["kontroll"]
 	c.Assert(ok, jc.IsFalse) // kontroll accounts are removed
 }
+*/
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/bootstrapconfigfile_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/bootstrapconfigfile_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/bootstrapconfigfile_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/bootstrapconfigfile_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,7 +22,7 @@
 
 const testBootstrapConfigYAML = `
 controllers:
-  local.aws-test:
+  aws-test:
     config:
       name: admin
       type: ec2
@@ -30,7 +30,7 @@
     cloud: aws
     region: us-east-1
     endpoint: https://us-east-1.amazonaws.com
-  local.mallards:
+  mallards:
     config:
       name: admin
       type: maas
@@ -39,7 +39,7 @@
 `
 
 var testBootstrapConfig = map[string]jujuclient.BootstrapConfig{
-	"local.aws-test": {
+	"aws-test": {
 		Config: map[string]interface{}{
 			"type": "ec2",
 			"name": "admin",
@@ -49,7 +49,7 @@
 		CloudRegion:   "us-east-1",
 		CloudEndpoint: "https://us-east-1.amazonaws.com",
 	},
-	"local.mallards": {
+	"mallards": {
 		Config: map[string]interface{}{
 			"type": "maas",
 			"name": "admin",
@@ -101,7 +101,7 @@
 	for name, _ := range controllers {
 		names = append(names, name)
 	}
-	c.Assert(names, jc.SameContents, []string{"local.mallards", "local.aws-test"})
+	c.Assert(names, jc.SameContents, []string{"mallards", "aws-test"})
 }
 
 func (s *BootstrapConfigFileSuite) TestParseControllerMetadataError(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/bootstrapconfig_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/bootstrapconfig_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/bootstrapconfig_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/bootstrapconfig_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -41,24 +41,24 @@
 }
 
 func (s *BootstrapConfigSuite) TestBootstrapConfigForController(c *gc.C) {
-	cfg, err := s.store.BootstrapConfigForController("local.aws-test")
+	cfg, err := s.store.BootstrapConfigForController("aws-test")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(cfg, gc.NotNil)
-	c.Assert(*cfg, jc.DeepEquals, testBootstrapConfig["local.aws-test"])
+	c.Assert(*cfg, jc.DeepEquals, testBootstrapConfig["aws-test"])
 }
 
 func (s *BootstrapConfigSuite) TestUpdateBootstrapConfigNewController(c *gc.C) {
-	err := s.store.UpdateBootstrapConfig("new-controller", testBootstrapConfig["local.mallards"])
+	err := s.store.UpdateBootstrapConfig("new-controller", testBootstrapConfig["mallards"])
 	c.Assert(err, jc.ErrorIsNil)
 	cfg, err := s.store.BootstrapConfigForController("new-controller")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(*cfg, jc.DeepEquals, testBootstrapConfig["local.mallards"])
+	c.Assert(*cfg, jc.DeepEquals, testBootstrapConfig["mallards"])
 }
 
 func (s *BootstrapConfigSuite) TestUpdateBootstrapConfigOverwrites(c *gc.C) {
-	err := s.store.UpdateBootstrapConfig("local.aws-test", testBootstrapConfig["local.mallards"])
+	err := s.store.UpdateBootstrapConfig("aws-test", testBootstrapConfig["mallards"])
 	c.Assert(err, jc.ErrorIsNil)
-	cfg, err := s.store.BootstrapConfigForController("local.aws-test")
+	cfg, err := s.store.BootstrapConfigForController("aws-test")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(*cfg, jc.DeepEquals, testBootstrapConfig["local.mallards"])
+	c.Assert(*cfg, jc.DeepEquals, testBootstrapConfig["mallards"])
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllersfile_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllersfile_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllersfile_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllersfile_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,21 +22,26 @@
 
 const testControllersYAML = `
 controllers:
-  local.aws-test:
+  aws-test:
     unresolved-api-endpoints: [instance-1-2-4.useast.aws.com]
     uuid: this-is-the-aws-test-uuid
     api-endpoints: [this-is-aws-test-of-many-api-endpoints]
     ca-cert: this-is-aws-test-ca-cert
-  local.mallards:
+    cloud: aws
+    region: us-east-1
+  mallards:
     unresolved-api-endpoints: [maas-1-05.cluster.mallards]
     uuid: this-is-another-uuid
     api-endpoints: [this-is-another-of-many-api-endpoints, this-is-one-more-of-many-api-endpoints]
     ca-cert: this-is-another-ca-cert
-  local.mark-test-prodstack:
+    cloud: mallards
+  mark-test-prodstack:
     unresolved-api-endpoints: [vm-23532.prodstack.canonical.com, great.test.server.hostname.co.nz]
     uuid: this-is-a-uuid
     api-endpoints: [this-is-one-of-many-api-endpoints]
     ca-cert: this-is-a-ca-cert
+    cloud: prodstack
+current-controller: mallards
 `
 
 func (s *ControllersFileSuite) TestWriteFile(c *gc.C) {
@@ -49,7 +54,9 @@
 func (s *ControllersFileSuite) TestReadNoFile(c *gc.C) {
 	controllers, err := jujuclient.ReadControllersFile("nohere.yaml")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(controllers, gc.IsNil)
+	c.Assert(controllers, gc.NotNil)
+	c.Assert(controllers.Controllers, gc.HasLen, 0)
+	c.Assert(controllers.CurrentController, gc.Equals, "")
 }
 
 func (s *ControllersFileSuite) TestReadEmptyFile(c *gc.C) {
@@ -62,17 +69,17 @@
 	c.Assert(controllers, gc.IsNil)
 }
 
-func parseControllers(c *gc.C) map[string]jujuclient.ControllerDetails {
+func parseControllers(c *gc.C) *jujuclient.Controllers {
 	controllers, err := jujuclient.ParseControllers([]byte(testControllersYAML))
 	c.Assert(err, jc.ErrorIsNil)
 
 	// ensure that multiple server hostnames and eapi endpoints are parsed correctly
-	c.Assert(controllers["local.mark-test-prodstack"].UnresolvedAPIEndpoints, gc.HasLen, 2)
-	c.Assert(controllers["local.mallards"].APIEndpoints, gc.HasLen, 2)
+	c.Assert(controllers.Controllers["mark-test-prodstack"].UnresolvedAPIEndpoints, gc.HasLen, 2)
+	c.Assert(controllers.Controllers["mallards"].APIEndpoints, gc.HasLen, 2)
 	return controllers
 }
 
-func writeTestControllersFile(c *gc.C) map[string]jujuclient.ControllerDetails {
+func writeTestControllersFile(c *gc.C) *jujuclient.Controllers {
 	controllers := parseControllers(c)
 	err := jujuclient.WriteControllersFile(controllers)
 	c.Assert(err, jc.ErrorIsNil)
@@ -82,15 +89,17 @@
 func (s *ControllersFileSuite) TestParseControllerMetadata(c *gc.C) {
 	controllers := parseControllers(c)
 	var names []string
-	for name, _ := range controllers {
+	for name, _ := range controllers.Controllers {
 		names = append(names, name)
 	}
 	c.Assert(names, jc.SameContents,
-		[]string{"local.mark-test-prodstack", "local.mallards", "local.aws-test"})
+		[]string{"mark-test-prodstack", "mallards", "aws-test"},
+	)
+	c.Assert(controllers.CurrentController, gc.Equals, "mallards")
 }
 
 func (s *ControllersFileSuite) TestParseControllerMetadataError(c *gc.C) {
 	controllers, err := jujuclient.ParseControllers([]byte("fail me now"))
-	c.Assert(err, gc.ErrorMatches, "cannot unmarshal yaml controllers metadata: yaml: unmarshal errors:\n  line 1: cannot unmarshal !!str `fail me...` into jujuclient.controllersCollection")
+	c.Assert(err, gc.ErrorMatches, "cannot unmarshal yaml controllers metadata: yaml: unmarshal errors:\n  line 1: cannot unmarshal !!str `fail me...` into jujuclient.Controllers")
 	c.Assert(controllers, gc.IsNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllers.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllers.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,11 +22,11 @@
 
 // ReadControllersFile loads all controllers defined in a given file.
 // If the file is not found, it is not an error.
-func ReadControllersFile(file string) (map[string]ControllerDetails, error) {
+func ReadControllersFile(file string) (*Controllers, error) {
 	data, err := ioutil.ReadFile(file)
 	if err != nil {
 		if os.IsNotExist(err) {
-			return nil, nil
+			return &Controllers{}, nil
 		}
 		return nil, err
 	}
@@ -39,8 +39,8 @@
 
 // WriteControllersFile marshals to YAML details of the given controllers
 // and writes it to the controllers file.
-func WriteControllersFile(controllers map[string]ControllerDetails) error {
-	data, err := yaml.Marshal(controllersCollection{controllers})
+func WriteControllersFile(controllers *Controllers) error {
+	data, err := yaml.Marshal(controllers)
 	if err != nil {
 		return errors.Annotate(err, "cannot marshal yaml controllers")
 	}
@@ -48,15 +48,20 @@
 }
 
 // ParseControllers parses the given YAML bytes into controllers metadata.
-func ParseControllers(data []byte) (map[string]ControllerDetails, error) {
-	var result controllersCollection
+func ParseControllers(data []byte) (*Controllers, error) {
+	var result Controllers
 	err := yaml.Unmarshal(data, &result)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot unmarshal yaml controllers metadata")
 	}
-	return result.Controllers, nil
+	return &result, nil
 }
 
-type controllersCollection struct {
+// Controllers stores per-client controller information.
+type Controllers struct {
+	// Controllers is the collection of controllers known to the client.
 	Controllers map[string]ControllerDetails `yaml:"controllers"`
+
+	// CurrentController is the name of the active controller.
+	CurrentController string `yaml:"current-controller,omitempty"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllers_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllers_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllers_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,6 +31,8 @@
 		"test.uuid",
 		[]string{"test.api.endpoint"},
 		"test.ca.cert",
+		"aws",
+		"southeastasia",
 	}
 }
 
@@ -130,7 +132,7 @@
 
 func (s *ControllersSuite) assertControllerNotExists(c *gc.C) {
 	all := writeTestControllersFile(c)
-	_, exists := all[s.controllerName]
+	_, exists := all.Controllers[s.controllerName]
 	c.Assert(exists, jc.IsFalse)
 }
 
@@ -146,7 +148,7 @@
 
 func firstTestControllerName(c *gc.C) string {
 	all := writeTestControllersFile(c)
-	for key, _ := range all {
+	for key, _ := range all.Controllers {
 		return key
 	}
 	return ""
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllervalidation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllervalidation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/controllervalidation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/controllervalidation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,6 +22,8 @@
 		"test.uuid",
 		[]string{"test.api.endpoint"},
 		"test.ca.cert",
+		"aws",
+		"southeastasia",
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/file.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/file.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/file.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/file.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,21 +7,18 @@
 package jujuclient
 
 import (
-	"fmt"
-	"os"
 	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/retry"
+	"github.com/juju/mutex"
 	"github.com/juju/utils/clock"
-	// TODO(axw) replace with flock on file in $XDG_RUNTIME_DIR
-	"github.com/juju/utils/fslock"
 
 	"github.com/juju/juju/cloud"
-	"github.com/juju/juju/juju/osenv"
 )
 
+var _ ClientStore = (*store)(nil)
+
 var logger = loggo.GetLogger("juju.jujuclient")
 
 // A second should be enough to write or read any files. But
@@ -43,63 +40,50 @@
 
 type store struct{}
 
-func (s *store) lock(operation string) (*fslock.Lock, error) {
-	lockName := "controllers.lock"
-	lock, err := fslock.NewLock(osenv.JujuXDGDataHome(), lockName, fslock.Defaults())
-	if err != nil {
-		return nil, errors.Trace(err)
+func (s *store) acquireLock() (mutex.Releaser, error) {
+	const lockName = "store-lock"
+	spec := mutex.Spec{
+		Name:    lockName,
+		Clock:   clock.WallClock,
+		Delay:   20 * time.Millisecond,
+		Timeout: lockTimeout,
 	}
-	message := fmt.Sprintf("pid: %d, operation: %s", os.Getpid(), operation)
-	err = lock.LockWithTimeout(lockTimeout, message)
-	if err == nil {
-		return lock, nil
-	}
-	if errors.Cause(err) != fslock.ErrTimeout {
+	releaser, err := mutex.Acquire(spec)
+	if err != nil {
 		return nil, errors.Trace(err)
 	}
+	return releaser, nil
+}
 
-	logger.Warningf("breaking jujuclient lock : %s", lockName)
-	logger.Warningf("  lock holder message: %s", lock.Message())
-
-	// If we are unable to acquire the lock within the lockTimeout,
-	// consider it broken for some reason, and break it.
-	err = lock.BreakLock()
+// AllControllers implements ControllersGetter.
+func (s *store) AllControllers() (map[string]ControllerDetails, error) {
+	releaser, err := s.acquireLock()
 	if err != nil {
-		return nil, errors.Annotatef(err, "unable to break the jujuclient lock %v", lockName)
+		return nil, errors.Annotate(err, "cannot read all controllers")
 	}
-
-	err = lock.LockWithTimeout(lockTimeout, message)
+	defer releaser.Release()
+	controllers, err := ReadControllersFile(JujuControllersPath())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	return lock, nil
+	return controllers.Controllers, nil
 }
 
-// It appears that sometimes the lock is not cleared when we expect it to be.
-// Capture and log any errors from the Unlock method and retry a few times.
-func (s *store) unlock(lock *fslock.Lock) {
-	err := retry.Call(retry.CallArgs{
-		Func: lock.Unlock,
-		NotifyFunc: func(err error, attempt int) {
-			logger.Debugf("failed to unlock jujuclient lock: %s", err)
-		},
-		Attempts: 10,
-		Delay:    50 * time.Millisecond,
-		Clock:    clock.WallClock,
-	})
+// CurrentController implements ControllersGetter.
+func (s *store) CurrentController() (string, error) {
+	releaser, err := s.acquireLock()
 	if err != nil {
-		logger.Errorf("unable to unlock jujuclient lock: %s", err)
+		return "", errors.Annotate(err, "cannot get current controller name")
 	}
-}
-
-// AllControllers implements ControllersGetter.
-func (s *store) AllControllers() (map[string]ControllerDetails, error) {
-	lock, err := s.lock("read-all-controllers")
+	defer releaser.Release()
+	controllers, err := ReadControllersFile(JujuControllersPath())
 	if err != nil {
-		return nil, errors.Annotate(err, "cannot read all controllers")
+		return "", errors.Trace(err)
+	}
+	if controllers.CurrentController == "" {
+		return "", errors.NotFoundf("current controller")
 	}
-	defer s.unlock(lock)
-	return ReadControllersFile(JujuControllersPath())
+	return controllers.CurrentController, nil
 }
 
 // ControllerByName implements ControllersGetter.
@@ -108,17 +92,17 @@
 		return nil, errors.Trace(err)
 	}
 
-	lock, err := s.lock("read-controller-by-name")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return nil, errors.Annotatef(err, "cannot read controller %v", name)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	controllers, err := ReadControllersFile(JujuControllersPath())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	if result, ok := controllers[name]; ok {
+	if result, ok := controllers.Controllers[name]; ok {
 		return &result, nil
 	}
 	return nil, errors.NotFoundf("controller %s", name)
@@ -133,36 +117,62 @@
 		return errors.Trace(err)
 	}
 
-	lock, err := s.lock("update-controller")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Annotatef(err, "cannot update controller %v", name)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	all, err := ReadControllersFile(JujuControllersPath())
 	if err != nil {
 		return errors.Annotate(err, "cannot get controllers")
 	}
 
-	if len(all) == 0 {
-		all = make(map[string]ControllerDetails)
+	if len(all.Controllers) == 0 {
+		all.Controllers = make(map[string]ControllerDetails)
 	}
 
-	all[name] = details
+	all.Controllers[name] = details
 	return WriteControllersFile(all)
 }
 
+// SetCurrentController implements ControllersUpdater.
+func (s *store) SetCurrentController(name string) error {
+	if err := ValidateControllerName(name); err != nil {
+		return errors.Trace(err)
+	}
+
+	releaser, err := s.acquireLock()
+	if err != nil {
+		return errors.Annotate(err, "cannot set current controller name")
+	}
+	defer releaser.Release()
+
+	controllers, err := ReadControllersFile(JujuControllersPath())
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if _, ok := controllers.Controllers[name]; !ok {
+		return errors.NotFoundf("controller %v", name)
+	}
+	if controllers.CurrentController == name {
+		return nil
+	}
+	controllers.CurrentController = name
+	return WriteControllersFile(controllers)
+}
+
 // RemoveController implements ControllersRemover
 func (s *store) RemoveController(name string) error {
 	if err := ValidateControllerName(name); err != nil {
 		return errors.Trace(err)
 	}
 
-	lock, err := s.lock("remove-controller")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Annotatef(err, "cannot remove controller %v", name)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	controllers, err := ReadControllersFile(JujuControllersPath())
 	if err != nil {
@@ -170,15 +180,18 @@
 	}
 
 	// We remove all controllers with the same UUID as the named one.
-	namedControllerDetails, ok := controllers[name]
+	namedControllerDetails, ok := controllers.Controllers[name]
 	if !ok {
 		return nil
 	}
 	var names []string
-	for name, details := range controllers {
+	for name, details := range controllers.Controllers {
 		if details.ControllerUUID == namedControllerDetails.ControllerUUID {
 			names = append(names, name)
-			delete(controllers, name)
+			delete(controllers.Controllers, name)
+			if controllers.CurrentController == name {
+				controllers.CurrentController = ""
+			}
 		}
 	}
 
@@ -230,13 +243,10 @@
 }
 
 // UpdateModel implements ModelUpdater.
-func (s *store) UpdateModel(controllerName, accountName, modelName string, details ModelDetails) error {
+func (s *store) UpdateModel(controllerName, modelName string, details ModelDetails) error {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return errors.Trace(err)
-	}
 	if err := ValidateModelName(modelName); err != nil {
 		return errors.Trace(err)
 	}
@@ -244,15 +254,15 @@
 		return errors.Trace(err)
 	}
 
-	lock, err := s.lock("update-model")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
-	return errors.Trace(updateAccountModels(
-		controllerName, accountName,
-		func(models *AccountModels) (bool, error) {
+	return errors.Trace(updateModels(
+		controllerName,
+		func(models *ControllerModels) (bool, error) {
 			oldDetails, ok := models.Models[modelName]
 			if ok && details == oldDetails {
 				return false, nil
@@ -264,34 +274,30 @@
 }
 
 // SetCurrentModel implements ModelUpdater.
-func (s *store) SetCurrentModel(controllerName, accountName, modelName string) error {
+func (s *store) SetCurrentModel(controllerName, modelName string) error {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return errors.Trace(err)
-	}
 	if err := ValidateModelName(modelName); err != nil {
 		return errors.Trace(err)
 	}
 
-	lock, err := s.lock("set-current-model")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
-	return errors.Trace(updateAccountModels(
-		controllerName, accountName,
-		func(models *AccountModels) (bool, error) {
+	return errors.Trace(updateModels(
+		controllerName,
+		func(models *ControllerModels) (bool, error) {
 			if models.CurrentModel == modelName {
 				return false, nil
 			}
 			if _, ok := models.Models[modelName]; !ok {
 				return false, errors.NotFoundf(
-					"model %s:%s:%s",
+					"model %s:%s",
 					controllerName,
-					accountName,
 					modelName,
 				)
 			}
@@ -302,119 +308,94 @@
 }
 
 // AllModels implements ModelGetter.
-func (s *store) AllModels(controllerName, accountName string) (map[string]ModelDetails, error) {
+func (s *store) AllModels(controllerName string) (map[string]ModelDetails, error) {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return nil, errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return nil, errors.Trace(err)
-	}
 
-	lock, err := s.lock("read-all-models")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	all, err := ReadModelsFile(JujuModelsPath())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	controllerAccountModels, ok := all[controllerName]
+	controllerModels, ok := all[controllerName]
 	if !ok {
 		return nil, errors.NotFoundf(
 			"models for controller %s",
 			controllerName,
 		)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[accountName]
-	if !ok {
-		return nil, errors.NotFoundf(
-			"models for account %s on controller %s",
-			accountName, controllerName,
-		)
-	}
-	return accountModels.Models, nil
+	return controllerModels.Models, nil
 }
 
 // CurrentModel implements ModelGetter.
-func (s *store) CurrentModel(controllerName, accountName string) (string, error) {
+func (s *store) CurrentModel(controllerName string) (string, error) {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return "", errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return "", errors.Trace(err)
-	}
 
-	lock, err := s.lock("read-current-model")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return "", errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	all, err := ReadModelsFile(JujuModelsPath())
 	if err != nil {
 		return "", errors.Trace(err)
 	}
-	controllerAccountModels, ok := all[controllerName]
+	controllerModels, ok := all[controllerName]
 	if !ok {
 		return "", errors.NotFoundf(
 			"current model for controller %s",
 			controllerName,
 		)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[accountName]
-	if !ok || accountModels.CurrentModel == "" {
+	if controllerModels.CurrentModel == "" {
 		return "", errors.NotFoundf(
-			"current model for account %s on controller %s",
-			accountName, controllerName,
+			"current model for controller %s",
+			controllerName,
 		)
 	}
-	return accountModels.CurrentModel, nil
+	return controllerModels.CurrentModel, nil
 }
 
 // ModelByName implements ModelGetter.
-func (s *store) ModelByName(controllerName, accountName, modelName string) (*ModelDetails, error) {
+func (s *store) ModelByName(controllerName, modelName string) (*ModelDetails, error) {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return nil, errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return nil, errors.Trace(err)
-	}
 	if err := ValidateModelName(modelName); err != nil {
 		return nil, errors.Trace(err)
 	}
 
-	lock, err := s.lock("model-by-name")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	all, err := ReadModelsFile(JujuModelsPath())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	controllerAccountModels, ok := all[controllerName]
+	controllerModels, ok := all[controllerName]
 	if !ok {
 		return nil, errors.NotFoundf(
 			"models for controller %s",
 			controllerName,
 		)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[accountName]
+	details, ok := controllerModels.Models[modelName]
 	if !ok {
 		return nil, errors.NotFoundf(
-			"models for account %s on controller %s",
-			accountName, controllerName,
-		)
-	}
-	details, ok := accountModels.Models[modelName]
-	if !ok {
-		return nil, errors.NotFoundf(
-			"model %s:%s:%s",
+			"model %s:%s",
 			controllerName,
-			accountName,
 			modelName,
 		)
 	}
@@ -422,69 +403,58 @@
 }
 
 // RemoveModel implements ModelRemover.
-func (s *store) RemoveModel(controllerName, accountName, modelName string) error {
+func (s *store) RemoveModel(controllerName, modelName string) error {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return errors.Trace(err)
-	}
 	if err := ValidateModelName(modelName); err != nil {
 		return errors.Trace(err)
 	}
 
-	lock, err := s.lock("remove-model")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
-	return errors.Trace(updateAccountModels(
-		controllerName, accountName,
-		func(models *AccountModels) (bool, error) {
+	return errors.Trace(updateModels(
+		controllerName,
+		func(models *ControllerModels) (bool, error) {
 			if _, ok := models.Models[modelName]; !ok {
 				return false, errors.NotFoundf(
-					"model %s:%s:%s",
+					"model %s:%s",
 					controllerName,
-					accountName,
 					modelName,
 				)
 			}
 			delete(models.Models, modelName)
 			if models.CurrentModel == modelName {
-				models.CurrentModel = modelName
+				models.CurrentModel = ""
 			}
 			return true, nil
 		},
 	))
 }
 
-func updateAccountModels(
-	controllerName, accountName string,
-	update func(*AccountModels) (bool, error),
+func updateModels(
+	controllerName string,
+	update func(*ControllerModels) (bool, error),
 ) error {
 	all, err := ReadModelsFile(JujuModelsPath())
 	if err != nil {
 		return errors.Trace(err)
 	}
-	if all == nil {
-		all = make(map[string]ControllerAccountModels)
-	}
-	controllerAccountModels, ok := all[controllerName]
+	controllerModels, ok := all[controllerName]
 	if !ok {
-		controllerAccountModels = ControllerAccountModels{
-			make(map[string]*AccountModels),
+		if all == nil {
+			all = make(map[string]*ControllerModels)
 		}
-		all[controllerName] = controllerAccountModels
-	}
-	accountModels, ok := controllerAccountModels.AccountModels[accountName]
-	if !ok {
-		accountModels = &AccountModels{
+		controllerModels = &ControllerModels{
 			Models: make(map[string]ModelDetails),
 		}
-		controllerAccountModels.AccountModels[accountName] = accountModels
+		all[controllerName] = controllerModels
 	}
-	updated, err := update(accountModels)
+	updated, err := update(controllerModels)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -495,208 +465,89 @@
 }
 
 // UpdateAccount implements AccountUpdater.
-func (s *store) UpdateAccount(controllerName, accountName string, details AccountDetails) error {
+func (s *store) UpdateAccount(controllerName string, details AccountDetails) error {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return errors.Trace(err)
-	}
 	if err := ValidateAccountDetails(details); err != nil {
 		return errors.Trace(err)
 	}
 
-	lock, err := s.lock("update-account")
-	if err != nil {
-		return errors.Trace(err)
-	}
-	defer s.unlock(lock)
-
-	controllerAccounts, err := ReadAccountsFile(JujuAccountsPath())
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	if controllerAccounts == nil {
-		controllerAccounts = make(map[string]*ControllerAccounts)
-	}
-	accounts, ok := controllerAccounts[controllerName]
-	if !ok {
-		accounts = &ControllerAccounts{
-			Accounts: make(map[string]AccountDetails),
-		}
-		controllerAccounts[controllerName] = accounts
-	}
-	if oldDetails, ok := accounts.Accounts[accountName]; ok && details == oldDetails {
-		return nil
-	}
+	defer releaser.Release()
 
-	// NOTE(axw) it is currently not valid for a client to have multiple
-	// logins for a controller. We may relax this in the future, but for
-	// now we are strict.
-	if len(accounts.Accounts) > 0 {
-		if _, ok := accounts.Accounts[accountName]; !ok {
-			return errors.AlreadyExistsf(
-				"alternative account for controller %s",
-				controllerName,
-			)
-		}
-	}
-
-	accounts.Accounts[accountName] = details
-	return errors.Trace(WriteAccountsFile(controllerAccounts))
-}
-
-// SetCurrentAccount implements AccountUpdater.
-func (s *store) SetCurrentAccount(controllerName, accountName string) error {
-	if err := ValidateControllerName(controllerName); err != nil {
-		return errors.Trace(err)
-	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return errors.Trace(err)
-	}
-
-	lock, err := s.lock("set-current-account")
+	accounts, err := ReadAccountsFile(JujuAccountsPath())
 	if err != nil {
 		return errors.Trace(err)
 	}
-	defer s.unlock(lock)
-
-	controllerAccounts, err := ReadAccountsFile(JujuAccountsPath())
-	if err != nil {
-		return errors.Trace(err)
-	}
-	accounts, ok := controllerAccounts[controllerName]
-	if !ok {
-		return errors.NotFoundf("account %s:%s", controllerName, accountName)
+	if accounts == nil {
+		accounts = make(map[string]AccountDetails)
 	}
-	if accounts.CurrentAccount == accountName {
+	if oldDetails, ok := accounts[controllerName]; ok && details == oldDetails {
 		return nil
 	}
-	if _, ok := accounts.Accounts[accountName]; !ok {
-		return errors.NotFoundf("account %s:%s", controllerName, accountName)
-	}
 
-	accounts.CurrentAccount = accountName
-	return errors.Trace(WriteAccountsFile(controllerAccounts))
-}
-
-// AllAccounts implements AccountGetter.
-func (s *store) AllAccounts(controllerName string) (map[string]AccountDetails, error) {
-	if err := ValidateControllerName(controllerName); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	lock, err := s.lock("read-all-accounts")
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	defer s.unlock(lock)
-
-	controllerAccounts, err := ReadAccountsFile(JujuAccountsPath())
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	accounts, ok := controllerAccounts[controllerName]
-	if !ok {
-		return nil, errors.NotFoundf("accounts for controller %s", controllerName)
-	}
-	return accounts.Accounts, nil
-}
-
-// CurrentAccount implements AccountGetter.
-func (s *store) CurrentAccount(controllerName string) (string, error) {
-	if err := ValidateControllerName(controllerName); err != nil {
-		return "", errors.Trace(err)
-	}
-
-	lock, err := s.lock("read-current-account")
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	defer s.unlock(lock)
-
-	controllerAccounts, err := ReadAccountsFile(JujuAccountsPath())
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	accounts, ok := controllerAccounts[controllerName]
-	if !ok || accounts.CurrentAccount == "" {
-		return "", errors.NotFoundf("current account for controller %s", controllerName)
-	}
-	return accounts.CurrentAccount, nil
+	accounts[controllerName] = details
+	return errors.Trace(WriteAccountsFile(accounts))
 }
 
 // AccountByName implements AccountGetter.
-func (s *store) AccountByName(controllerName, accountName string) (*AccountDetails, error) {
+func (s *store) AccountDetails(controllerName string) (*AccountDetails, error) {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return nil, errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return nil, errors.Trace(err)
-	}
 
-	lock, err := s.lock("account-by-name")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
-	controllerAccounts, err := ReadAccountsFile(JujuAccountsPath())
+	accounts, err := ReadAccountsFile(JujuAccountsPath())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	accounts, ok := controllerAccounts[controllerName]
+	details, ok := accounts[controllerName]
 	if !ok {
-		return nil, errors.NotFoundf("controller %s", controllerName)
-	}
-	details, ok := accounts.Accounts[accountName]
-	if !ok {
-		return nil, errors.NotFoundf("account %s:%s", controllerName, accountName)
+		return nil, errors.NotFoundf("account details for controller %s", controllerName)
 	}
 	return &details, nil
 }
 
 // RemoveAccount implements AccountRemover.
-func (s *store) RemoveAccount(controllerName, accountName string) error {
+func (s *store) RemoveAccount(controllerName string) error {
 	if err := ValidateControllerName(controllerName); err != nil {
 		return errors.Trace(err)
 	}
-	if err := ValidateAccountName(accountName); err != nil {
-		return errors.Trace(err)
-	}
 
-	lock, err := s.lock("remove-account")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
-	controllerAccounts, err := ReadAccountsFile(JujuAccountsPath())
+	accounts, err := ReadAccountsFile(JujuAccountsPath())
 	if err != nil {
 		return errors.Trace(err)
 	}
-	accounts, ok := controllerAccounts[controllerName]
-	if !ok {
-		return errors.NotFoundf("controller %s", controllerName)
-	}
-	if _, ok := accounts.Accounts[accountName]; !ok {
-		return errors.NotFoundf("account %s:%s", controllerName, accountName)
+	if _, ok := accounts[controllerName]; !ok {
+		return errors.NotFoundf("account details for controller %s", controllerName)
 	}
 
-	delete(accounts.Accounts, accountName)
-	if accounts.CurrentAccount == accountName {
-		accounts.CurrentAccount = ""
-	}
-	return errors.Trace(WriteAccountsFile(controllerAccounts))
+	delete(accounts, controllerName)
+	return errors.Trace(WriteAccountsFile(accounts))
 }
 
 // UpdateCredential implements CredentialUpdater.
 func (s *store) UpdateCredential(cloudName string, details cloud.CloudCredential) error {
-	lock, err := s.lock("update-credentials")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Annotatef(err, "cannot update credentials for %v", cloudName)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	all, err := ReadCredentialsFile(JujuCredentialsPath())
 	if err != nil {
@@ -756,11 +607,11 @@
 		return errors.Trace(err)
 	}
 
-	lock, err := s.lock("update-bootstrap-config")
+	releaser, err := s.acquireLock()
 	if err != nil {
 		return errors.Annotatef(err, "cannot update bootstrap config for controller %s", controllerName)
 	}
-	defer s.unlock(lock)
+	defer releaser.Release()
 
 	all, err := ReadBootstrapConfigFile(JujuBootstrapConfigPath())
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,6 +24,13 @@
 
 	// CACert is a security certificate for this controller.
 	CACert string `yaml:"ca-cert"`
+
+	// Cloud is the name of the cloud that this controller runs in.
+	Cloud string `yaml:"cloud"`
+
+	// CloudRegion is the name of the cloud region that this controller
+	// runs in. This will be empty for clouds without regions.
+	CloudRegion string `yaml:"region,omitempty"`
 }
 
 // ModelDetails holds details of a model.
@@ -52,7 +59,7 @@
 // bootstrap configuration. A reference to the credential used will be
 // stored, rather than the credential itself.
 type BootstrapConfig struct {
-	// Config is the base configuration for the provider. This should
+	// ModelConfig is the base configuration for the provider. This should
 	// be updated with the region, endpoint and credentials.
 	Config map[string]interface{} `yaml:"config"`
 
@@ -87,6 +94,11 @@
 	// If the controller does not already exist, it will be added.
 	// Otherwise, it will be overwritten with the new details.
 	UpdateController(controllerName string, details ControllerDetails) error
+
+	// SetCurrentController sets the name of the current controller.
+	// If there exists no controller with the specified name, an error
+	// satisfying errors.IsNotFound will be returned.
+	SetCurrentController(controllerName string) error
 }
 
 // ControllerRemover removes controllers.
@@ -109,6 +121,11 @@
 	// If there exists no controller with the specified name, an error
 	// satisfying errors.IsNotFound will be returned.
 	ControllerByName(controllerName string) (*ControllerDetails, error)
+
+	// CurrentController returns the name of the current controller.
+	// If there is no current controller, an error satisfying
+	// errors.IsNotFound will be returned.
+	CurrentController() (string, error)
 }
 
 // ModelUpdater stores model details.
@@ -117,13 +134,13 @@
 	//
 	// If the model does not already exist, it will be added.
 	// Otherwise, it will be overwritten with the new details.
-	UpdateModel(controllerName, accountName, modelName string, details ModelDetails) error
+	UpdateModel(controllerName, modelName string, details ModelDetails) error
 
 	// SetCurrentModel sets the name of the current model for
 	// the specified controller and account. If there exists no
-	// model with the specified names, an error satisfing
+	// model with the specified names, an error satisfying
 	// errors.IsNotFound will be returned.
-	SetCurrentModel(controllerName, accountName, modelName string) error
+	SetCurrentModel(controllerName, modelName string) error
 }
 
 // ModelRemover removes models.
@@ -132,79 +149,54 @@
 	// and model names from the models collection. If there is no model
 	// with the specified names, an errors satisfying errors.IsNotFound
 	// will be returned.
-	RemoveModel(controllerName, accountName, modelName string) error
+	RemoveModel(controllerName, modelName string) error
 }
 
 // ModelGetter gets models.
 type ModelGetter interface {
-	// AllModels gets all models for the specified controller and
-	// account.
+	// AllModels gets all models for the specified controller as a map
+	// from model name to its details.
 	//
-	// If there is no controller or account with the specified
-	// names, or no models cached for the controller and account,
+	// If there is no controller with the specified
+	// name, or no models cached for the controller and account,
 	// an error satisfying errors.IsNotFound will be returned.
-	AllModels(controllerName, accountName string) (map[string]ModelDetails, error)
+	AllModels(controllerName string) (map[string]ModelDetails, error)
 
 	// CurrentModel returns the name of the current model for
-	// the specified controller and account. If there is no current
-	// model for the controller and account, an error satisfying
+	// the specified controller. If there is no current
+	// model for the controller, an error satisfying
 	// errors.IsNotFound is returned.
-	CurrentModel(controllerName, accountName string) (string, error)
+	CurrentModel(controllerName string) (string, error)
 
 	// ModelByName returns the model with the specified controller,
-	// account, and model names. If there exists no model with the
-	// specified names, an error satisfying errors.IsNotFound will
-	// be returned.
-	ModelByName(controllerName, accountName, modelName string) (*ModelDetails, error)
+	// and model name. If a model with the specified name does not
+	// exist, an error satisfying errors.IsNotFound will be
+	// returned.
+	ModelByName(controllerName, modelName string) (*ModelDetails, error)
 }
 
 // AccountUpdater stores account details.
 type AccountUpdater interface {
-	// UpdateAccount adds the given account to the account collection.
-	//
-	// If the account does not already exist, it will be added.
-	// Otherwise, it will be overwritten with the new details.
-	//
-	// It is currently not permitted to create multiple account entries
-	// for a controller; doing so will result in an error satisfying
-	// errors.IsAlreadyExists.
-	UpdateAccount(controllerName, accountName string, details AccountDetails) error
-
-	// SetCurrentAccount sets the name of the current account for
-	// the specified controller. If there exists no account with
-	// the specified names, an error satisfing errors.IsNotFound
-	// will be returned.
-	SetCurrentAccount(controllerName, accountName string) error
+	// UpdateAccount updates the account associated with the
+	// given controller.
+	UpdateAccount(controllerName string, details AccountDetails) error
 }
 
 // AccountRemover removes accounts.
 type AccountRemover interface {
-	// RemoveAccount removes the account with the given controller and account
-	// names from the accounts collection. If there is no account with the
+	// RemoveAccount removes the account associated with the given controller.
+	// If there is no associated account with the
 	// specified names, an errors satisfying errors.IsNotFound will be
 	// returned.
-	RemoveAccount(controllerName, accountName string) error
+	RemoveAccount(controllerName string) error
 }
 
 // AccountGetter gets accounts.
 type AccountGetter interface {
-	// AllAccounts gets all accounts for the specified controller.
-	//
-	// If there is no controller with the specified name, or
-	// no accounts cached for the controller, an error satisfying
-	// errors.IsNotFound will be returned.
-	AllAccounts(controllerName string) (map[string]AccountDetails, error)
-
-	// CurrentAccount returns the name of the current account for
-	// the specified controller. If there is no current account
-	// for the controller, an error satisfying errors.IsNotFound
-	// is returned.
-	CurrentAccount(controllerName string) (string, error)
-
-	// AccountByName returns the account with the specified controller
-	// and account names. If there exists no account with the specified
-	// names, an error satisfying errors.IsNotFound will be returned.
-	AccountByName(controllerName, accountName string) (*AccountDetails, error)
+	// AccountByName returns the account associated with the given
+	// controller name. If no associated account exists, an error
+	// satisfying errors.IsNotFound will be returned.
+	AccountDetails(controllerName string) (*AccountDetails, error)
 }
 
 // CredentialGetter gets credentials.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/jujuclienttesting/mem.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/jujuclienttesting/mem.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/jujuclienttesting/mem.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/jujuclienttesting/mem.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,20 +14,21 @@
 // MemStore is an in-memory implementation of jujuclient.ClientStore,
 // intended for testing.
 type MemStore struct {
-	Controllers     map[string]jujuclient.ControllerDetails
-	Models          map[string]jujuclient.ControllerAccountModels
-	Accounts        map[string]*jujuclient.ControllerAccounts
-	Credentials     map[string]cloud.CloudCredential
-	BootstrapConfig map[string]jujuclient.BootstrapConfig
+	Controllers           map[string]jujuclient.ControllerDetails
+	CurrentControllerName string
+	Models                map[string]*jujuclient.ControllerModels
+	Accounts              map[string]jujuclient.AccountDetails
+	Credentials           map[string]cloud.CloudCredential
+	BootstrapConfig       map[string]jujuclient.BootstrapConfig
 }
 
 func NewMemStore() *MemStore {
 	return &MemStore{
-		make(map[string]jujuclient.ControllerDetails),
-		make(map[string]jujuclient.ControllerAccountModels),
-		make(map[string]*jujuclient.ControllerAccounts),
-		make(map[string]cloud.CloudCredential),
-		make(map[string]jujuclient.BootstrapConfig),
+		Controllers:     make(map[string]jujuclient.ControllerDetails),
+		Models:          make(map[string]*jujuclient.ControllerModels),
+		Accounts:        make(map[string]jujuclient.AccountDetails),
+		Credentials:     make(map[string]cloud.CloudCredential),
+		BootstrapConfig: make(map[string]jujuclient.BootstrapConfig),
 	}
 }
 
@@ -47,6 +48,26 @@
 	return nil, errors.NotFoundf("controller %s", name)
 }
 
+// CurrentController implements ControllerGetter.CurrentController
+func (c *MemStore) CurrentController() (string, error) {
+	if c.CurrentControllerName == "" {
+		return "", errors.NotFoundf("current controller")
+	}
+	return c.CurrentControllerName, nil
+}
+
+// SetCurrentController implements ControllerUpdater.SetCurrentController
+func (c *MemStore) SetCurrentController(name string) error {
+	if err := jujuclient.ValidateControllerName(name); err != nil {
+		return err
+	}
+	if _, ok := c.Controllers[name]; !ok {
+		return errors.NotFoundf("controller %s", name)
+	}
+	c.CurrentControllerName = name
+	return nil
+}
+
 // UpdateController implements ControllerUpdater.UpdateController
 func (c *MemStore) UpdateController(name string, one jujuclient.ControllerDetails) error {
 	if err := jujuclient.ValidateControllerName(name); err != nil {
@@ -69,6 +90,9 @@
 		for name, details := range c.Controllers {
 			if details.ControllerUUID == namedControllerDetails.ControllerUUID {
 				names.Add(name)
+				if name == c.CurrentControllerName {
+					c.CurrentControllerName = ""
+				}
 			}
 		}
 	}
@@ -82,278 +106,147 @@
 }
 
 // UpdateModel implements ModelUpdater.
-func (c *MemStore) UpdateModel(controller, account, model string, details jujuclient.ModelDetails) error {
+func (c *MemStore) UpdateModel(controller, model string, details jujuclient.ModelDetails) error {
 	if err := jujuclient.ValidateControllerName(controller); err != nil {
 		return err
 	}
-	if err := jujuclient.ValidateAccountName(account); err != nil {
-		return err
-	}
 	if err := jujuclient.ValidateModelName(model); err != nil {
 		return err
 	}
 	if err := jujuclient.ValidateModelDetails(details); err != nil {
 		return err
 	}
-	controllerAccountModels, ok := c.Models[controller]
+	controllerModels, ok := c.Models[controller]
 	if !ok {
-		controllerAccountModels.AccountModels = make(map[string]*jujuclient.AccountModels)
-		c.Models[controller] = controllerAccountModels
-	}
-	accountModels, ok := controllerAccountModels.AccountModels[account]
-	if !ok {
-		accountModels = &jujuclient.AccountModels{
+		controllerModels = &jujuclient.ControllerModels{
 			Models: make(map[string]jujuclient.ModelDetails),
 		}
-		controllerAccountModels.AccountModels[account] = accountModels
+		c.Models[controller] = controllerModels
 	}
-	accountModels.Models[model] = details
+	controllerModels.Models[model] = details
 	return nil
 }
 
 // SetCurrentModel implements ModelUpdater.
-func (c *MemStore) SetCurrentModel(controllerName, accountName, modelName string) error {
+func (c *MemStore) SetCurrentModel(controllerName, modelName string) error {
 	if err := jujuclient.ValidateControllerName(controllerName); err != nil {
 		return errors.Trace(err)
 	}
-	if err := jujuclient.ValidateAccountName(accountName); err != nil {
-		return err
-	}
 	if err := jujuclient.ValidateModelName(modelName); err != nil {
 		return errors.Trace(err)
 	}
-	controllerAccountModels, ok := c.Models[controllerName]
+	controllerModels, ok := c.Models[controllerName]
 	if !ok {
 		return errors.NotFoundf("models for controller %s", controllerName)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[accountName]
-	if !ok {
-		return errors.NotFoundf(
-			"models for account %s on controller %s",
-			accountName, controllerName,
-		)
-	}
-	if _, ok := accountModels.Models[modelName]; !ok {
-		return errors.NotFoundf("model %s:%s:%s", controllerName, accountName, modelName)
+	if _, ok := controllerModels.Models[modelName]; !ok {
+		return errors.NotFoundf("model %s:%s", controllerName, modelName)
 	}
-	accountModels.CurrentModel = modelName
+	controllerModels.CurrentModel = modelName
 	return nil
 }
 
 // RemoveModel implements ModelRemover.
-func (c *MemStore) RemoveModel(controller, account, model string) error {
+func (c *MemStore) RemoveModel(controller, model string) error {
 	if err := jujuclient.ValidateControllerName(controller); err != nil {
 		return err
 	}
-	if err := jujuclient.ValidateAccountName(account); err != nil {
-		return err
-	}
 	if err := jujuclient.ValidateModelName(model); err != nil {
 		return err
 	}
-	controllerAccountModels, ok := c.Models[controller]
+	controllerModels, ok := c.Models[controller]
 	if !ok {
 		return errors.NotFoundf("models for controller %s", controller)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[account]
-	if !ok {
-		return errors.NotFoundf(
-			"models for account %s on controller %s",
-			account, controller,
-		)
-	}
-	if _, ok := accountModels.Models[model]; !ok {
-		return errors.NotFoundf("model %s:%s:%s", controller, account, model)
-	}
-	delete(accountModels.Models, model)
-	if accountModels.CurrentModel == model {
-		accountModels.CurrentModel = ""
+	if _, ok := controllerModels.Models[model]; !ok {
+		return errors.NotFoundf("model %s:%s", controller, model)
+	}
+	delete(controllerModels.Models, model)
+	if controllerModels.CurrentModel == model {
+		controllerModels.CurrentModel = ""
 	}
 	return nil
 }
 
 // AllModels implements ModelGetter.
-func (c *MemStore) AllModels(controller, account string) (map[string]jujuclient.ModelDetails, error) {
+func (c *MemStore) AllModels(controller string) (map[string]jujuclient.ModelDetails, error) {
 	if err := jujuclient.ValidateControllerName(controller); err != nil {
 		return nil, err
 	}
-	if err := jujuclient.ValidateAccountName(account); err != nil {
-		return nil, err
-	}
-	controllerAccountModels, ok := c.Models[controller]
+	controllerModels, ok := c.Models[controller]
 	if !ok {
 		return nil, errors.NotFoundf("models for controller %s", controller)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[account]
-	if !ok {
-		return nil, errors.NotFoundf("models for account %s on controller %s", account, controller)
-	}
-	return accountModels.Models, nil
+	return controllerModels.Models, nil
 }
 
 // CurrentModel implements ModelGetter.
-func (c *MemStore) CurrentModel(controller, account string) (string, error) {
+func (c *MemStore) CurrentModel(controller string) (string, error) {
 	if err := jujuclient.ValidateControllerName(controller); err != nil {
 		return "", err
 	}
-	if err := jujuclient.ValidateAccountName(account); err != nil {
-		return "", err
-	}
-	controllerAccountModels, ok := c.Models[controller]
+	controllerModels, ok := c.Models[controller]
 	if !ok {
 		return "", errors.NotFoundf("models for controller %s", controller)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[account]
-	if !ok {
-		return "", errors.NotFoundf("models for account %s on controller %s", account, controller)
-	}
-	if accountModels.CurrentModel == "" {
-		return "", errors.NotFoundf("current model for account %s on controller %s", account, controller)
+	if controllerModels.CurrentModel == "" {
+		return "", errors.NotFoundf("current model for controller %s", controller)
 	}
-	return accountModels.CurrentModel, nil
+	return controllerModels.CurrentModel, nil
 }
 
 // ModelByName implements ModelGetter.
-func (c *MemStore) ModelByName(controller, account, model string) (*jujuclient.ModelDetails, error) {
+func (c *MemStore) ModelByName(controller, model string) (*jujuclient.ModelDetails, error) {
 	if err := jujuclient.ValidateControllerName(controller); err != nil {
 		return nil, err
 	}
-	if err := jujuclient.ValidateAccountName(account); err != nil {
-		return nil, err
-	}
 	if err := jujuclient.ValidateModelName(model); err != nil {
 		return nil, err
 	}
-	controllerAccountModels, ok := c.Models[controller]
+	controllerModels, ok := c.Models[controller]
 	if !ok {
 		return nil, errors.NotFoundf("models for controller %s", controller)
 	}
-	accountModels, ok := controllerAccountModels.AccountModels[account]
+	details, ok := controllerModels.Models[model]
 	if !ok {
-		return nil, errors.NotFoundf("models for account %s on controller %s", account, controller)
-	}
-	details, ok := accountModels.Models[model]
-	if !ok {
-		return nil, errors.NotFoundf("model %s:%s:%s", controller, account, model)
+		return nil, errors.NotFoundf("model %s:%s", controller, model)
 	}
 	return &details, nil
 }
 
 // UpdateAccount implements AccountUpdater.
-func (c *MemStore) UpdateAccount(controllerName, accountName string, details jujuclient.AccountDetails) error {
+func (c *MemStore) UpdateAccount(controllerName string, details jujuclient.AccountDetails) error {
 	if err := jujuclient.ValidateControllerName(controllerName); err != nil {
 		return err
 	}
-	if err := jujuclient.ValidateAccountName(accountName); err != nil {
-		return err
-	}
 	if err := jujuclient.ValidateAccountDetails(details); err != nil {
 		return err
 	}
-	accounts, ok := c.Accounts[controllerName]
-	if !ok {
-		accounts = &jujuclient.ControllerAccounts{
-			Accounts: make(map[string]jujuclient.AccountDetails),
-		}
-		c.Accounts[controllerName] = accounts
-	}
-	if len(accounts.Accounts) > 0 {
-		if _, ok := accounts.Accounts[accountName]; !ok {
-			return errors.AlreadyExistsf(
-				"alternative account for controller %s",
-				controllerName,
-			)
-		}
-	}
-	accounts.Accounts[accountName] = details
+	c.Accounts[controllerName] = details
 	return nil
-
-}
-
-// SetCurrentAccount implements AccountUpdater.
-func (c *MemStore) SetCurrentAccount(controllerName, accountName string) error {
-	if err := jujuclient.ValidateControllerName(controllerName); err != nil {
-		return err
-	}
-	if err := jujuclient.ValidateAccountName(accountName); err != nil {
-		return err
-	}
-	accounts, ok := c.Accounts[controllerName]
-	if !ok {
-		return errors.NotFoundf("accounts for controller %s", controllerName)
-	}
-	if _, ok := accounts.Accounts[accountName]; !ok {
-		return errors.NotFoundf("account %s:%s", controllerName, accountName)
-	}
-	accounts.CurrentAccount = accountName
-	return nil
-}
-
-// AllAccounts implements AccountGetter.
-func (c *MemStore) AllAccounts(controllerName string) (map[string]jujuclient.AccountDetails, error) {
-	if err := jujuclient.ValidateControllerName(controllerName); err != nil {
-		return nil, err
-	}
-	accounts, ok := c.Accounts[controllerName]
-	if !ok {
-		return nil, errors.NotFoundf("accounts for controller %s", controllerName)
-	}
-	return accounts.Accounts, nil
-}
-
-// CurrentAccount implements AccountGetter.
-func (c *MemStore) CurrentAccount(controllerName string) (string, error) {
-	if err := jujuclient.ValidateControllerName(controllerName); err != nil {
-		return "", err
-	}
-	accounts, ok := c.Accounts[controllerName]
-	if !ok {
-		return "", errors.NotFoundf("accounts for controller %s", controllerName)
-	}
-	if accounts.CurrentAccount == "" {
-		return "", errors.NotFoundf("current account for controller %s", controllerName)
-	}
-	return accounts.CurrentAccount, nil
 }
 
-// AccountByName implements AccountGetter.
-func (c *MemStore) AccountByName(controllerName, accountName string) (*jujuclient.AccountDetails, error) {
+// AccountDetails implements AccountGetter.
+func (c *MemStore) AccountDetails(controllerName string) (*jujuclient.AccountDetails, error) {
 	if err := jujuclient.ValidateControllerName(controllerName); err != nil {
 		return nil, err
 	}
-	if err := jujuclient.ValidateAccountName(accountName); err != nil {
-		return nil, err
-	}
-	accounts, ok := c.Accounts[controllerName]
+	details, ok := c.Accounts[controllerName]
 	if !ok {
-		return nil, errors.NotFoundf("accounts for controller %s", controllerName)
-	}
-	details, ok := accounts.Accounts[accountName]
-	if !ok {
-		return nil, errors.NotFoundf("account %s:%s", controllerName, accountName)
+		return nil, errors.NotFoundf("account for controller %s", controllerName)
 	}
 	return &details, nil
 }
 
 // RemoveAccount implements AccountRemover.
-func (c *MemStore) RemoveAccount(controllerName, accountName string) error {
+func (c *MemStore) RemoveAccount(controllerName string) error {
 	if err := jujuclient.ValidateControllerName(controllerName); err != nil {
 		return err
 	}
-	if err := jujuclient.ValidateAccountName(accountName); err != nil {
-		return err
-	}
-	accounts, ok := c.Accounts[controllerName]
-	if !ok {
-		return errors.NotFoundf("accounts for controller %s", controllerName)
-	}
-	if _, ok := accounts.Accounts[accountName]; !ok {
-		return errors.NotFoundf("account %s:%s", controllerName, accountName)
-	}
-	delete(accounts.Accounts, accountName)
-	if accounts.CurrentAccount == accountName {
-		accounts.CurrentAccount = ""
+	if _, ok := c.Accounts[controllerName]; !ok {
+		return errors.NotFoundf("account for controller %s", controllerName)
 	}
+	delete(c.Accounts, controllerName)
 	return nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/jujuclienttesting/stub.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/jujuclienttesting/stub.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/jujuclienttesting/stub.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/jujuclienttesting/stub.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,24 +13,23 @@
 type StubStore struct {
 	*testing.Stub
 
-	AllControllersFunc   func() (map[string]jujuclient.ControllerDetails, error)
-	ControllerByNameFunc func(name string) (*jujuclient.ControllerDetails, error)
-	UpdateControllerFunc func(name string, one jujuclient.ControllerDetails) error
-	RemoveControllerFunc func(name string) error
-
-	UpdateModelFunc     func(controller, account, model string, details jujuclient.ModelDetails) error
-	SetCurrentModelFunc func(controller, account, model string) error
-	RemoveModelFunc     func(controller, account, model string) error
-	AllModelsFunc       func(controller, account string) (map[string]jujuclient.ModelDetails, error)
-	CurrentModelFunc    func(controller, account string) (string, error)
-	ModelByNameFunc     func(controller, account, model string) (*jujuclient.ModelDetails, error)
-
-	UpdateAccountFunc     func(controllerName, accountName string, details jujuclient.AccountDetails) error
-	SetCurrentAccountFunc func(controllerName, accountName string) error
-	AllAccountsFunc       func(controllerName string) (map[string]jujuclient.AccountDetails, error)
-	CurrentAccountFunc    func(controllerName string) (string, error)
-	AccountByNameFunc     func(controllerName, accountName string) (*jujuclient.AccountDetails, error)
-	RemoveAccountFunc     func(controllerName, accountName string) error
+	AllControllersFunc       func() (map[string]jujuclient.ControllerDetails, error)
+	ControllerByNameFunc     func(name string) (*jujuclient.ControllerDetails, error)
+	UpdateControllerFunc     func(name string, one jujuclient.ControllerDetails) error
+	RemoveControllerFunc     func(name string) error
+	SetCurrentControllerFunc func(name string) error
+	CurrentControllerFunc    func() (string, error)
+
+	UpdateModelFunc     func(controller, model string, details jujuclient.ModelDetails) error
+	SetCurrentModelFunc func(controller, model string) error
+	RemoveModelFunc     func(controller, model string) error
+	AllModelsFunc       func(controller string) (map[string]jujuclient.ModelDetails, error)
+	CurrentModelFunc    func(controller string) (string, error)
+	ModelByNameFunc     func(controller, model string) (*jujuclient.ModelDetails, error)
+
+	UpdateAccountFunc  func(controllerName string, details jujuclient.AccountDetails) error
+	AccountDetailsFunc func(controllerName string) (*jujuclient.AccountDetails, error)
+	RemoveAccountFunc  func(controllerName string) error
 
 	CredentialForCloudFunc func(string) (*cloud.CloudCredential, error)
 	AllCredentialsFunc     func() (map[string]cloud.CloudCredential, error)
@@ -56,42 +55,39 @@
 	result.RemoveControllerFunc = func(name string) error {
 		return result.Stub.NextErr()
 	}
+	result.SetCurrentControllerFunc = func(name string) error {
+		return result.Stub.NextErr()
+	}
+	result.CurrentControllerFunc = func() (string, error) {
+		return "", result.Stub.NextErr()
+	}
 
-	result.UpdateModelFunc = func(controller, account, model string, details jujuclient.ModelDetails) error {
+	result.UpdateModelFunc = func(controller, model string, details jujuclient.ModelDetails) error {
 		return result.Stub.NextErr()
 	}
-	result.SetCurrentModelFunc = func(controller, account, model string) error {
+	result.SetCurrentModelFunc = func(controller, model string) error {
 		return result.Stub.NextErr()
 	}
-	result.RemoveModelFunc = func(controller, account, model string) error {
+	result.RemoveModelFunc = func(controller, model string) error {
 		return result.Stub.NextErr()
 	}
-	result.AllModelsFunc = func(controller, account string) (map[string]jujuclient.ModelDetails, error) {
+	result.AllModelsFunc = func(controller string) (map[string]jujuclient.ModelDetails, error) {
 		return nil, result.Stub.NextErr()
 	}
-	result.CurrentModelFunc = func(controller, account string) (string, error) {
+	result.CurrentModelFunc = func(controller string) (string, error) {
 		return "", result.Stub.NextErr()
 	}
-	result.ModelByNameFunc = func(controller, account, model string) (*jujuclient.ModelDetails, error) {
+	result.ModelByNameFunc = func(controller, model string) (*jujuclient.ModelDetails, error) {
 		return nil, result.Stub.NextErr()
 	}
 
-	result.UpdateAccountFunc = func(controllerName, accountName string, details jujuclient.AccountDetails) error {
-		return result.Stub.NextErr()
-	}
-	result.SetCurrentAccountFunc = func(controllerName, accountName string) error {
+	result.UpdateAccountFunc = func(controllerName string, details jujuclient.AccountDetails) error {
 		return result.Stub.NextErr()
 	}
-	result.AllAccountsFunc = func(controllerName string) (map[string]jujuclient.AccountDetails, error) {
-		return nil, result.Stub.NextErr()
-	}
-	result.CurrentAccountFunc = func(controllerName string) (string, error) {
-		return "", result.Stub.NextErr()
-	}
-	result.AccountByNameFunc = func(controllerName, accountName string) (*jujuclient.AccountDetails, error) {
+	result.AccountDetailsFunc = func(controllerName string) (*jujuclient.AccountDetails, error) {
 		return nil, result.Stub.NextErr()
 	}
-	result.RemoveAccountFunc = func(controllerName, accountName string) error {
+	result.RemoveAccountFunc = func(controllerName string) error {
 		return result.Stub.NextErr()
 	}
 
@@ -123,6 +119,8 @@
 	stub.ControllerByNameFunc = underlying.ControllerByName
 	stub.UpdateControllerFunc = underlying.UpdateController
 	stub.RemoveControllerFunc = underlying.RemoveController
+	stub.SetCurrentControllerFunc = underlying.SetCurrentController
+	stub.CurrentControllerFunc = underlying.CurrentController
 	stub.UpdateModelFunc = underlying.UpdateModel
 	stub.SetCurrentModelFunc = underlying.SetCurrentModel
 	stub.RemoveModelFunc = underlying.RemoveModel
@@ -130,10 +128,7 @@
 	stub.CurrentModelFunc = underlying.CurrentModel
 	stub.ModelByNameFunc = underlying.ModelByName
 	stub.UpdateAccountFunc = underlying.UpdateAccount
-	stub.SetCurrentAccountFunc = underlying.SetCurrentAccount
-	stub.AllAccountsFunc = underlying.AllAccounts
-	stub.CurrentAccountFunc = underlying.CurrentAccount
-	stub.AccountByNameFunc = underlying.AccountByName
+	stub.AccountDetailsFunc = underlying.AccountDetails
 	stub.RemoveAccountFunc = underlying.RemoveAccount
 	stub.BootstrapConfigForControllerFunc = underlying.BootstrapConfigForController
 	stub.UpdateBootstrapConfigFunc = underlying.UpdateBootstrapConfig
@@ -164,76 +159,70 @@
 	return c.RemoveControllerFunc(name)
 }
 
+// SetCurrentController implements ControllersUpdater.SetCurrentController.
+func (c *StubStore) SetCurrentController(name string) error {
+	c.MethodCall(c, "SetCurrentController", name)
+	return c.SetCurrentControllerFunc(name)
+}
+
+// CurrentController implements ControllersGetter.CurrentController.
+func (c *StubStore) CurrentController() (string, error) {
+	c.MethodCall(c, "CurrentController")
+	return c.CurrentControllerFunc()
+}
+
 // UpdateModel implements ModelUpdater.
-func (c *StubStore) UpdateModel(controller, account, model string, details jujuclient.ModelDetails) error {
-	c.MethodCall(c, "UpdateModel", controller, account, model, details)
-	return c.UpdateModelFunc(controller, account, model, details)
+func (c *StubStore) UpdateModel(controller, model string, details jujuclient.ModelDetails) error {
+	c.MethodCall(c, "UpdateModel", controller, model, details)
+	return c.UpdateModelFunc(controller, model, details)
 }
 
 // SetCurrentModel implements ModelUpdater.
-func (c *StubStore) SetCurrentModel(controller, account, model string) error {
-	c.MethodCall(c, "SetCurrentModel", controller, account, model)
-	return c.SetCurrentModelFunc(controller, account, model)
+func (c *StubStore) SetCurrentModel(controller, model string) error {
+	c.MethodCall(c, "SetCurrentModel", controller, model)
+	return c.SetCurrentModelFunc(controller, model)
 }
 
 // RemoveModel implements ModelRemover.
-func (c *StubStore) RemoveModel(controller, account, model string) error {
-	c.MethodCall(c, "RemoveModel", controller, account, model)
-	return c.RemoveModelFunc(controller, account, model)
+func (c *StubStore) RemoveModel(controller, model string) error {
+	c.MethodCall(c, "RemoveModel", controller, model)
+	return c.RemoveModelFunc(controller, model)
 }
 
 // AllModels implements ModelGetter.
-func (c *StubStore) AllModels(controller, account string) (map[string]jujuclient.ModelDetails, error) {
-	c.MethodCall(c, "AllModels", controller, account)
-	return c.AllModelsFunc(controller, account)
+func (c *StubStore) AllModels(controller string) (map[string]jujuclient.ModelDetails, error) {
+	c.MethodCall(c, "AllModels", controller)
+	return c.AllModelsFunc(controller)
 }
 
 // CurrentModel implements ModelGetter.
-func (c *StubStore) CurrentModel(controller, account string) (string, error) {
-	c.MethodCall(c, "CurrentModel", controller, account)
-	return c.CurrentModelFunc(controller, account)
+func (c *StubStore) CurrentModel(controller string) (string, error) {
+	c.MethodCall(c, "CurrentModel", controller)
+	return c.CurrentModelFunc(controller)
 }
 
 // ModelByName implements ModelGetter.
-func (c *StubStore) ModelByName(controller, account, model string) (*jujuclient.ModelDetails, error) {
-	c.MethodCall(c, "ModelByName", controller, account, model)
-	return c.ModelByNameFunc(controller, account, model)
+func (c *StubStore) ModelByName(controller, model string) (*jujuclient.ModelDetails, error) {
+	c.MethodCall(c, "ModelByName", controller, model)
+	return c.ModelByNameFunc(controller, model)
 }
 
 // UpdateAccount implements AccountUpdater.
-func (c *StubStore) UpdateAccount(controllerName, accountName string, details jujuclient.AccountDetails) error {
-	c.MethodCall(c, "UpdateAccount", controllerName, accountName, details)
-	return c.UpdateAccountFunc(controllerName, accountName, details)
-}
-
-// SetCurrentAccount implements AccountUpdater.
-func (c *StubStore) SetCurrentAccount(controllerName, accountName string) error {
-	c.MethodCall(c, "SetCurrentAccount", controllerName, accountName)
-	return c.SetCurrentAccountFunc(controllerName, accountName)
-}
-
-// AllAccounts implements AccountGetter.
-func (c *StubStore) AllAccounts(controllerName string) (map[string]jujuclient.AccountDetails, error) {
-	c.MethodCall(c, "AllAccounts", controllerName)
-	return c.AllAccountsFunc(controllerName)
-}
-
-// CurrentAccount implements AccountGetter.
-func (c *StubStore) CurrentAccount(controllerName string) (string, error) {
-	c.MethodCall(c, "CurrentAccount", controllerName)
-	return c.CurrentAccountFunc(controllerName)
+func (c *StubStore) UpdateAccount(controllerName string, details jujuclient.AccountDetails) error {
+	c.MethodCall(c, "UpdateAccount", controllerName, details)
+	return c.UpdateAccountFunc(controllerName, details)
 }
 
-// AccountByName implements AccountGetter.
-func (c *StubStore) AccountByName(controllerName, accountName string) (*jujuclient.AccountDetails, error) {
-	c.MethodCall(c, "AccountByName", controllerName, accountName)
-	return c.AccountByNameFunc(controllerName, accountName)
+// AccountDetails implements AccountGetter.
+func (c *StubStore) AccountDetails(controllerName string) (*jujuclient.AccountDetails, error) {
+	c.MethodCall(c, "AccountDetails", controllerName)
+	return c.AccountDetailsFunc(controllerName)
 }
 
 // RemoveAccount implements AccountRemover.
-func (c *StubStore) RemoveAccount(controllerName, accountName string) error {
-	c.MethodCall(c, "RemoveAccount", controllerName, accountName)
-	return c.RemoveAccountFunc(controllerName, accountName)
+func (c *StubStore) RemoveAccount(controllerName string) error {
+	c.MethodCall(c, "RemoveAccount", controllerName)
+	return c.RemoveAccountFunc(controllerName)
 }
 
 // CredentialForCloud implements CredentialsGetter.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/modelsfile_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/modelsfile_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/modelsfile_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/modelsfile_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,58 +23,36 @@
 const testModelsYAML = `
 controllers:
   ctrl:
-    accounts:
-      admin@local:
-        models:
-          admin:
-            uuid: ghi
-      bob@local:
-        models:
-          admin:
-            uuid: jkl
+    models:
+      admin:
+        uuid: ghi
   kontroll:
-    accounts:
-      admin@local:
-        models:
-          admin:
-            uuid: abc
-          my-model:
-            uuid: def
-        current-model: my-model
+    models:
+      admin:
+        uuid: abc
+      my-model:
+        uuid: def
+    current-model: my-model
 `
 
-var testControllerModels = map[string]jujuclient.ControllerAccountModels{
+var testControllerModels = map[string]*jujuclient.ControllerModels{
 	"kontroll": {
-		map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{
-					"admin":    kontrollAdminModelDetails,
-					"my-model": kontrollMyModelModelDetails,
-				},
-				CurrentModel: "my-model",
-			},
+		Models: map[string]jujuclient.ModelDetails{
+			"admin":    kontrollAdminModelDetails,
+			"my-model": kontrollMyModelModelDetails,
 		},
+		CurrentModel: "my-model",
 	},
 	"ctrl": {
-		map[string]*jujuclient.AccountModels{
-			"admin@local": {
-				Models: map[string]jujuclient.ModelDetails{
-					"admin": ctrlAdminAdminModelDetails,
-				},
-			},
-			"bob@local": {
-				Models: map[string]jujuclient.ModelDetails{
-					"admin": ctrlBobAdminModelDetails,
-				},
-			},
+		Models: map[string]jujuclient.ModelDetails{
+			"admin": ctrlAdminModelDetails,
 		},
 	},
 }
 
 var kontrollAdminModelDetails = jujuclient.ModelDetails{"abc"}
 var kontrollMyModelModelDetails = jujuclient.ModelDetails{"def"}
-var ctrlAdminAdminModelDetails = jujuclient.ModelDetails{"ghi"}
-var ctrlBobAdminModelDetails = jujuclient.ModelDetails{"jkl"}
+var ctrlAdminModelDetails = jujuclient.ModelDetails{"ghi"}
 
 func (s *ModelsFileSuite) TestWriteFile(c *gc.C) {
 	writeTestModelsFile(c)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/models.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/models.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/models.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/models.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,7 +23,7 @@
 
 // ReadModelsFile loads all models defined in a given file.
 // If the file is not found, it is not an error.
-func ReadModelsFile(file string) (map[string]ControllerAccountModels, error) {
+func ReadModelsFile(file string) (map[string]*ControllerModels, error) {
 	data, err := ioutil.ReadFile(file)
 	if err != nil {
 		if os.IsNotExist(err) {
@@ -31,6 +31,9 @@
 		}
 		return nil, err
 	}
+	if err := migrateLegacyModels(data); err != nil {
+		return nil, err
+	}
 	models, err := ParseModels(data)
 	if err != nil {
 		return nil, err
@@ -40,7 +43,7 @@
 
 // WriteModelsFile marshals to YAML details of the given models
 // and writes it to the models file.
-func WriteModelsFile(models map[string]ControllerAccountModels) error {
+func WriteModelsFile(models map[string]*ControllerModels) error {
 	data, err := yaml.Marshal(modelsCollection{models})
 	if err != nil {
 		return errors.Annotate(err, "cannot marshal models")
@@ -49,33 +52,73 @@
 }
 
 // ParseModels parses the given YAML bytes into models metadata.
-func ParseModels(data []byte) (map[string]ControllerAccountModels, error) {
+func ParseModels(data []byte) (map[string]*ControllerModels, error) {
 	var result modelsCollection
 	err := yaml.Unmarshal(data, &result)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot unmarshal models")
 	}
-	return result.ControllerAccountModels, nil
+	return result.ControllerModels, nil
 }
 
 type modelsCollection struct {
-	ControllerAccountModels map[string]ControllerAccountModels `yaml:"controllers"`
+	ControllerModels map[string]*ControllerModels `yaml:"controllers"`
 }
 
-// ControllerAccountModels stores per-controller account-model information.
-type ControllerAccountModels struct {
-	// AccountModels is the collection of account-models for the
-	// controller.
-	AccountModels map[string]*AccountModels `yaml:"accounts"`
-}
-
-// AccountModels stores per-account model information.
-type AccountModels struct {
-	// Models is the collection of models for the account. This should
-	// be treated as a cache only, and not the complete set of models
-	// for the account.
-	Models map[string]ModelDetails `yaml:"models"`
+// ControllerModels stores per-controller account-model information.
+type ControllerModels struct {
+	// Models is the collection of models for the account, indexed
+	// by model name. This should be treated as a cache only, and
+	// not the complete set of models for the account.
+	Models map[string]ModelDetails `yaml:"models,omitempty"`
 
 	// CurrentModel is the name of the active model for the account.
 	CurrentModel string `yaml:"current-model,omitempty"`
 }
+
+// TODO(axw) 2016-07-14 #NNN
+// Drop this code once we get to 2.0-beta13.
+func migrateLegacyModels(data []byte) error {
+	accounts, err := ReadAccountsFile(JujuAccountsPath())
+	if err != nil {
+		return err
+	}
+
+	type legacyAccountModels struct {
+		Models       map[string]ModelDetails `yaml:"models"`
+		CurrentModel string                  `yaml:"current-model,omitempty"`
+	}
+	type legacyControllerAccountModels struct {
+		AccountModels map[string]*legacyAccountModels `yaml:"accounts"`
+	}
+	type legacyModelsCollection struct {
+		ControllerAccountModels map[string]legacyControllerAccountModels `yaml:"controllers"`
+	}
+
+	var legacy legacyModelsCollection
+	if err := yaml.Unmarshal(data, &legacy); err != nil {
+		return errors.Annotate(err, "cannot unmarshal models")
+	}
+	result := make(map[string]*ControllerModels)
+	for controller, controllerAccountModels := range legacy.ControllerAccountModels {
+		accountDetails, ok := accounts[controller]
+		if !ok {
+			continue
+		}
+		accountModels, ok := controllerAccountModels.AccountModels[accountDetails.User]
+		if !ok {
+			continue
+		}
+		result[controller] = &ControllerModels{
+			accountModels.Models,
+			accountModels.CurrentModel,
+		}
+	}
+	if len(result) > 0 {
+		// Only write if we found at least one,
+		// which means the file was in legacy
+		// format. Otherwise leave it alone.
+		return WriteModelsFile(result)
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/models_test.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/models_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/models_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/models_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,99 +30,83 @@
 func (s *ModelsSuite) TestModelByNameNoFile(c *gc.C) {
 	err := os.Remove(jujuclient.JujuModelsPath())
 	c.Assert(err, jc.ErrorIsNil)
-	details, err := s.store.ModelByName("not-found", "admin@local", "admin")
+	details, err := s.store.ModelByName("not-found", "admin")
 	c.Assert(err, gc.ErrorMatches, "models for controller not-found not found")
 	c.Assert(details, gc.IsNil)
 }
 
 func (s *ModelsSuite) TestModelByNameControllerNotFound(c *gc.C) {
-	details, err := s.store.ModelByName("not-found", "admin@local", "admin")
+	details, err := s.store.ModelByName("not-found", "admin")
 	c.Assert(err, gc.ErrorMatches, "models for controller not-found not found")
 	c.Assert(details, gc.IsNil)
 }
 
-func (s *ModelsSuite) TestModelByNameAccountNotFound(c *gc.C) {
-	details, err := s.store.ModelByName("ctrl", "not@found", "admin")
-	c.Assert(err, gc.ErrorMatches, "models for account not@found on controller ctrl not found")
-	c.Assert(details, gc.IsNil)
-}
-
 func (s *ModelsSuite) TestModelByNameModelNotFound(c *gc.C) {
-	details, err := s.store.ModelByName("kontroll", "admin@local", "not-found")
-	c.Assert(err, gc.ErrorMatches, "model kontroll:admin@local:not-found not found")
+	details, err := s.store.ModelByName("kontroll", "not-found")
+	c.Assert(err, gc.ErrorMatches, "model kontroll:not-found not found")
 	c.Assert(details, gc.IsNil)
 }
 
 func (s *ModelsSuite) TestModelByName(c *gc.C) {
-	details, err := s.store.ModelByName("kontroll", "admin@local", "admin")
+	details, err := s.store.ModelByName("kontroll", "admin")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(details, gc.NotNil)
-	c.Assert(*details, jc.DeepEquals, testControllerModels["kontroll"].AccountModels["admin@local"].Models["admin"])
+	c.Assert(*details, jc.DeepEquals, testControllerModels["kontroll"].Models["admin"])
 }
 
 func (s *ModelsSuite) TestAllModelsNoFile(c *gc.C) {
 	err := os.Remove(jujuclient.JujuModelsPath())
 	c.Assert(err, jc.ErrorIsNil)
-	models, err := s.store.AllModels("not-found", "admin@local")
+	models, err := s.store.AllModels("not-found")
 	c.Assert(err, gc.ErrorMatches, "models for controller not-found not found")
 	c.Assert(models, gc.HasLen, 0)
 }
 
 func (s *ModelsSuite) TestAllModels(c *gc.C) {
-	models, err := s.store.AllModels("kontroll", "admin@local")
+	models, err := s.store.AllModels("kontroll")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(models, jc.DeepEquals, testControllerModels["kontroll"].AccountModels["admin@local"].Models)
+	c.Assert(models, jc.DeepEquals, testControllerModels["kontroll"].Models)
 }
 
 func (s *ModelsSuite) TestCurrentModel(c *gc.C) {
-	current, err := s.store.CurrentModel("kontroll", "admin@local")
+	current, err := s.store.CurrentModel("kontroll")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(current, gc.Equals, "my-model")
 }
 
 func (s *ModelsSuite) TestCurrentModelNotSet(c *gc.C) {
-	_, err := s.store.CurrentModel("ctrl", "bob@local")
+	_, err := s.store.CurrentModel("ctrl")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ModelsSuite) TestCurrentModelControllerNotFound(c *gc.C) {
-	_, err := s.store.CurrentModel("not-found", "admin@local")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ModelsSuite) TestCurrentModelAccountNotFound(c *gc.C) {
-	_, err := s.store.CurrentModel("kontroll", "not@found")
+	_, err := s.store.CurrentModel("not-found")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ModelsSuite) TestSetCurrentModelControllerNotFound(c *gc.C) {
-	err := s.store.SetCurrentModel("not-found", "admin@local", "admin")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ModelsSuite) TestSetCurrentModelAccountNotFound(c *gc.C) {
-	err := s.store.SetCurrentModel("kontroll", "not@found", "admin")
+	err := s.store.SetCurrentModel("not-found", "admin")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ModelsSuite) TestSetCurrentModelModelNotFound(c *gc.C) {
-	err := s.store.SetCurrentModel("kontroll", "admin@local", "not-found")
+	err := s.store.SetCurrentModel("kontroll", "not-found")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ModelsSuite) TestSetCurrentModel(c *gc.C) {
-	err := s.store.SetCurrentModel("kontroll", "admin@local", "admin")
+	err := s.store.SetCurrentModel("kontroll", "admin")
 	c.Assert(err, jc.ErrorIsNil)
 	all, err := jujuclient.ReadModelsFile(jujuclient.JujuModelsPath())
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(all["kontroll"].AccountModels["admin@local"].CurrentModel, gc.Equals, "admin")
+	c.Assert(all["kontroll"].CurrentModel, gc.Equals, "admin")
 }
 
 func (s *ModelsSuite) TestUpdateModelNewController(c *gc.C) {
 	testModelDetails := jujuclient.ModelDetails{"test.uuid"}
-	err := s.store.UpdateModel("new-controller", "new@account", "new-model", testModelDetails)
+	err := s.store.UpdateModel("new-controller", "new-model", testModelDetails)
 	c.Assert(err, jc.ErrorIsNil)
-	models, err := s.store.AllModels("new-controller", "new@account")
+	models, err := s.store.AllModels("new-controller")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(models, jc.DeepEquals, map[string]jujuclient.ModelDetails{
 		"new-model": testModelDetails,
@@ -131,9 +115,9 @@
 
 func (s *ModelsSuite) TestUpdateModelExistingControllerAndModelNewModel(c *gc.C) {
 	testModelDetails := jujuclient.ModelDetails{"test.uuid"}
-	err := s.store.UpdateModel("kontroll", "admin@local", "new-model", testModelDetails)
+	err := s.store.UpdateModel("kontroll", "new-model", testModelDetails)
 	c.Assert(err, jc.ErrorIsNil)
-	models, err := s.store.AllModels("kontroll", "admin@local")
+	models, err := s.store.AllModels("kontroll")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(models, jc.DeepEquals, map[string]jujuclient.ModelDetails{
 		"admin":     kontrollAdminModelDetails,
@@ -147,9 +131,9 @@
 	for i := 0; i < 2; i++ {
 		// Twice so we exercise the code path of updating with
 		// identical details.
-		err := s.store.UpdateModel("kontroll", "admin@local", "admin", testModelDetails)
+		err := s.store.UpdateModel("kontroll", "admin", testModelDetails)
 		c.Assert(err, jc.ErrorIsNil)
-		details, err := s.store.ModelByName("kontroll", "admin@local", "admin")
+		details, err := s.store.ModelByName("kontroll", "admin")
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(*details, jc.DeepEquals, testModelDetails)
 	}
@@ -158,29 +142,24 @@
 func (s *ModelsSuite) TestRemoveModelNoFile(c *gc.C) {
 	err := os.Remove(jujuclient.JujuModelsPath())
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.store.RemoveModel("not-found", "admin@local", "admin")
+	err = s.store.RemoveModel("not-found", "admin")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ModelsSuite) TestRemoveModelControllerNotFound(c *gc.C) {
-	err := s.store.RemoveModel("not-found", "admin@local", "admin")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ModelsSuite) TestRemoveModelAccountNotFound(c *gc.C) {
-	err := s.store.RemoveModel("kontroll", "not@found", "admin")
+	err := s.store.RemoveModel("not-found", "admin")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ModelsSuite) TestRemoveModelNotFound(c *gc.C) {
-	err := s.store.RemoveModel("kontroll", "admin@local", "not-found")
+	err := s.store.RemoveModel("kontroll", "not-found")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ModelsSuite) TestRemoveModel(c *gc.C) {
-	err := s.store.RemoveModel("kontroll", "admin@local", "admin")
+	err := s.store.RemoveModel("kontroll", "admin")
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.store.ModelByName("kontroll", "admin@local", "admin")
+	_, err = s.store.ModelByName("kontroll", "admin")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/registration.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/registration.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/registration.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/registration.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,4 +16,9 @@
 	// SecretKey contains the secret key to use when encrypting
 	// and decrypting registration requests and responses.
 	SecretKey []byte
+
+	// ControllerName contains the name that the controller has for the
+	// caller of "juju add-user" that will be used to suggest a name for
+	// the caller of "juju register".
+	ControllerName string
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/validation.go juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/validation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/jujuclient/validation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/jujuclient/validation.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // ValidateControllerDetails ensures that given controller details are valid.
@@ -36,7 +36,8 @@
 	// may use macaroons instead.
 	//
 	// TODO(axw) expand validation rules to check that at least
-	// one of Password or Macaroon is non-empty.
+	// one of Password or Macaroon is non-empty, for local users.
+	// External users may have neither.
 	return nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/doc.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,8 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// The logfwd package contains the tools needed to do log record
+// forwarding in juju. The common code sits at the top level. The
+// different forwarding targets (e.g. syslog) are provided through
+// sub-packages.
+package logfwd
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,231 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd
+
+import (
+	"fmt"
+
+	"github.com/juju/errors"
+	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
+)
+
+// canonicalPEN is the IANA-registered Private Enterprise Number
+// assigned to Canonical. Among other things, this is used in RFC 5424
+// structured data.
+//
+// See https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers.
+const canonicalPEN = 28978
+
+// These are the recognized origin types.
+const (
+	OriginTypeUnknown OriginType = 0
+	OriginTypeUser               = iota
+	OriginTypeMachine
+	OriginTypeUnit
+)
+
+var originTypes = map[OriginType]string{
+	OriginTypeUnknown: "unknown",
+	OriginTypeUser:    names.UserTagKind,
+	OriginTypeMachine: names.MachineTagKind,
+	OriginTypeUnit:    names.UnitTagKind,
+}
+
+// OriginType is the "enum" type for the different kinds of log record
+// origin.
+type OriginType int
+
+// ParseOriginType converts a string to an OriginType or fails if
+// not able. It round-trips with String().
+func ParseOriginType(value string) (OriginType, error) {
+	for ot, str := range originTypes {
+		if value == str {
+			return ot, nil
+		}
+	}
+	const originTypeInvalid OriginType = -1
+	return originTypeInvalid, errors.Errorf("unrecognized origin type %q", value)
+}
+
+// String returns a string representation of the origin type.
+func (ot OriginType) String() string {
+	return originTypes[ot]
+}
+
+// Validate ensures that the origin type is correct.
+func (ot OriginType) Validate() error {
+	// As noted above, typedef'ing int means that the use of int
+	// literals or explicit type conversion could result in unsupported
+	// "enum" values. Otherwise OriginType would not need this method.
+	if _, ok := originTypes[ot]; !ok {
+		return errors.NewNotValid(nil, "unsupported origin type")
+	}
+	return nil
+}
+
+// ValidateName ensures that the given origin name is valid within the
+// context of the origin type.
+func (ot OriginType) ValidateName(name string) error {
+	switch ot {
+	case OriginTypeUnknown:
+		if name != "" {
+			return errors.NewNotValid(nil, "origin name must not be set if type is unknown")
+		}
+	case OriginTypeUser:
+		if !names.IsValidUser(name) {
+			return errors.NewNotValid(nil, "bad user name")
+		}
+	case OriginTypeMachine:
+		if !names.IsValidMachine(name) {
+			return errors.NewNotValid(nil, "bad machine name")
+		}
+	case OriginTypeUnit:
+		if !names.IsValidUnit(name) {
+			return errors.NewNotValid(nil, "bad unit name")
+		}
+	}
+	return nil
+}
+
+// Origin describes what created the record.
+type Origin struct {
+	// ControllerUUID is the ID of the Juju controller under which the
+	// record originated.
+	ControllerUUID string
+
+	// ModelUUID is the ID of the Juju model under which the record
+	// originated.
+	ModelUUID string
+
+	// Hostname identifies the host where the record originated.
+	Hostname string
+
+	// Type identifies the kind of thing that generated the record.
+	Type OriginType
+
+	// Name identifies the thing that generated the record.
+	Name string
+
+	// Software identifies the running software that created the record.
+	Software Software
+}
+
+// OriginForMachineAgent populates a new origin for the agent.
+func OriginForMachineAgent(tag names.MachineTag, controller, model string, ver version.Number) Origin {
+	return originForAgent(OriginTypeMachine, tag, controller, model, ver)
+}
+
+// OriginForUnitAgent populates a new origin for the agent.
+func OriginForUnitAgent(tag names.UnitTag, controller, model string, ver version.Number) Origin {
+	return originForAgent(OriginTypeUnit, tag, controller, model, ver)
+}
+
+func originForAgent(oType OriginType, tag names.Tag, controller, model string, ver version.Number) Origin {
+	origin := originForJuju(oType, tag.Id(), controller, model, ver)
+	origin.Hostname = fmt.Sprintf("%s.%s", tag, model)
+	origin.Software.Name = fmt.Sprintf("jujud-%s-agent", tag.Kind())
+	return origin
+}
+
+// OriginForJuju populates a new origin for the juju client.
+func OriginForJuju(tag names.Tag, controller, model string, ver version.Number) (Origin, error) {
+	oType, err := ParseOriginType(tag.Kind())
+	if err != nil {
+		return Origin{}, errors.Annotate(err, "invalid tag")
+	}
+	return originForJuju(oType, tag.Id(), controller, model, ver), nil
+}
+
+func originForJuju(oType OriginType, name, controller, model string, ver version.Number) Origin {
+	return Origin{
+		ControllerUUID: controller,
+		ModelUUID:      model,
+		Type:           oType,
+		Name:           name,
+		Software: Software{
+			PrivateEnterpriseNumber: canonicalPEN,
+			Name:    "juju",
+			Version: ver,
+		},
+	}
+}
+
+// Validate ensures that the origin is correct.
+func (o Origin) Validate() error {
+	if o.ControllerUUID == "" {
+		return errors.NewNotValid(nil, "empty ControllerUUID")
+	}
+	if !names.IsValidModel(o.ControllerUUID) {
+		return errors.NewNotValid(nil, fmt.Sprintf("ControllerUUID %q not a valid UUID", o.ControllerUUID))
+	}
+
+	if o.ModelUUID == "" {
+		return errors.NewNotValid(nil, "empty ModelUUID")
+	}
+	if !names.IsValidModel(o.ModelUUID) {
+		return errors.NewNotValid(nil, fmt.Sprintf("ModelUUID %q not a valid UUID", o.ModelUUID))
+	}
+
+	if err := o.Type.Validate(); err != nil {
+		return errors.Annotate(err, "invalid Type")
+	}
+
+	if o.Name == "" && o.Type != OriginTypeUnknown {
+		return errors.NewNotValid(nil, "empty Name")
+	}
+	if err := o.Type.ValidateName(o.Name); err != nil {
+		return errors.Annotatef(err, "invalid Name %q", o.Name)
+	}
+
+	if !o.Software.isZero() {
+		if err := o.Software.Validate(); err != nil {
+			return errors.Annotate(err, "invalid Software")
+		}
+	}
+
+	return nil
+}
+
+// Software describes a running application.
+type Software struct {
+	// PrivateEnterpriseNumber is the IANA-registered "SMI Network
+	// Management Private Enterprise Code" for the software's vendor.
+	//
+	// See https://tools.ietf.org/html/rfc5424#section-7.2.2.
+	PrivateEnterpriseNumber int
+
+	// Name identifies the software (relative to the vendor).
+	Name string
+
+	// Version is the software's version.
+	Version version.Number
+}
+
+func (sw Software) isZero() bool {
+	if sw.PrivateEnterpriseNumber > 0 {
+		return false
+	}
+	if sw.Name != "" {
+		return false
+	}
+	if sw.Version != version.Zero {
+		return false
+	}
+	return true
+}
+
+// Validate ensures that the software info is correct.
+func (sw Software) Validate() error {
+	if sw.PrivateEnterpriseNumber <= 0 {
+		return errors.NewNotValid(nil, "missing PrivateEnterpriseNumber")
+	}
+	if sw.Name == "" {
+		return errors.NewNotValid(nil, "empty Name")
+	}
+	if sw.Version == version.Zero {
+		return errors.NewNotValid(nil, "empty Version")
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin-software_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin-software_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin-software_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin-software_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,89 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/version"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/logfwd"
+)
+
+type SoftwareSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&SoftwareSuite{})
+
+func (s *SoftwareSuite) TestValidateFull(c *gc.C) {
+	sw := logfwd.Software{
+		PrivateEnterpriseNumber: 28978,
+		Name:    "juju",
+		Version: version.MustParse("2.0.1"),
+	}
+
+	err := sw.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *SoftwareSuite) TestValidateZeroValue(c *gc.C) {
+	var sw logfwd.Software
+
+	err := sw.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+}
+
+func (s *SoftwareSuite) TestValidateEmptyPEN(c *gc.C) {
+	sw := logfwd.Software{
+		Name:    "juju",
+		Version: version.MustParse("2.0.1"),
+	}
+
+	err := sw.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `missing PrivateEnterpriseNumber`)
+}
+
+func (s *SoftwareSuite) TestValidateNegativePEN(c *gc.C) {
+	sw := logfwd.Software{
+		PrivateEnterpriseNumber: -1,
+		Name:    "juju",
+		Version: version.MustParse("2.0.1"),
+	}
+
+	err := sw.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `missing PrivateEnterpriseNumber`)
+}
+
+func (s *SoftwareSuite) TestValidateEmptyName(c *gc.C) {
+	sw := logfwd.Software{
+		PrivateEnterpriseNumber: 28978,
+		Version:                 version.MustParse("2.0.1"),
+	}
+
+	err := sw.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `empty Name`)
+}
+
+func (s *SoftwareSuite) TestValidateEmptyVersion(c *gc.C) {
+	sw := logfwd.Software{
+		PrivateEnterpriseNumber: 28978,
+		Name: "juju",
+	}
+
+	err := sw.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `empty Version`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,206 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/version"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/logfwd"
+)
+
+type OriginSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&OriginSuite{})
+
+func (s *OriginSuite) TestOriginForMachineAgent(c *gc.C) {
+	tag := names.NewMachineTag("99")
+
+	origin := logfwd.OriginForMachineAgent(tag, validOrigin.ControllerUUID, validOrigin.ModelUUID, validOrigin.Software.Version)
+
+	c.Check(origin, jc.DeepEquals, logfwd.Origin{
+		ControllerUUID: validOrigin.ControllerUUID,
+		ModelUUID:      validOrigin.ModelUUID,
+		Hostname:       "machine-99." + validOrigin.ModelUUID,
+		Type:           logfwd.OriginTypeMachine,
+		Name:           "99",
+		Software: logfwd.Software{
+			PrivateEnterpriseNumber: 28978,
+			Name:    "jujud-machine-agent",
+			Version: version.MustParse("2.0.1"),
+		},
+	})
+}
+
+func (s *OriginSuite) TestOriginForUnitAgent(c *gc.C) {
+	tag := names.NewUnitTag("svc-a/0")
+
+	origin := logfwd.OriginForUnitAgent(tag, validOrigin.ControllerUUID, validOrigin.ModelUUID, validOrigin.Software.Version)
+
+	c.Check(origin, jc.DeepEquals, logfwd.Origin{
+		ControllerUUID: validOrigin.ControllerUUID,
+		ModelUUID:      validOrigin.ModelUUID,
+		Hostname:       "unit-svc-a-0." + validOrigin.ModelUUID,
+		Type:           logfwd.OriginTypeUnit,
+		Name:           "svc-a/0",
+		Software: logfwd.Software{
+			PrivateEnterpriseNumber: 28978,
+			Name:    "jujud-unit-agent",
+			Version: version.MustParse("2.0.1"),
+		},
+	})
+}
+
+func (s *OriginSuite) TestOriginForJuju(c *gc.C) {
+	tag := names.NewUserTag("bob")
+
+	origin, err := logfwd.OriginForJuju(tag, validOrigin.ControllerUUID, validOrigin.ModelUUID, validOrigin.Software.Version)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(origin, jc.DeepEquals, logfwd.Origin{
+		ControllerUUID: validOrigin.ControllerUUID,
+		ModelUUID:      validOrigin.ModelUUID,
+		Hostname:       "",
+		Type:           logfwd.OriginTypeUser,
+		Name:           "bob",
+		Software: logfwd.Software{
+			PrivateEnterpriseNumber: 28978,
+			Name:    "juju",
+			Version: version.MustParse("2.0.1"),
+		},
+	})
+}
+
+func (s *OriginSuite) TestValidateValid(c *gc.C) {
+	origin := validOrigin
+
+	err := origin.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *OriginSuite) TestValidateEmpty(c *gc.C) {
+	var origin logfwd.Origin
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+}
+
+func (s *OriginSuite) TestValidateEmptyControllerUUID(c *gc.C) {
+	origin := validOrigin
+	origin.ControllerUUID = ""
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `empty ControllerUUID`)
+}
+
+func (s *OriginSuite) TestValidateBadControllerUUID(c *gc.C) {
+	origin := validOrigin
+	origin.ControllerUUID = "..."
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `ControllerUUID "..." not a valid UUID`)
+}
+
+func (s *OriginSuite) TestValidateEmptyModelUUID(c *gc.C) {
+	origin := validOrigin
+	origin.ModelUUID = ""
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `empty ModelUUID`)
+}
+
+func (s *OriginSuite) TestValidateBadModelUUID(c *gc.C) {
+	origin := validOrigin
+	origin.ModelUUID = "..."
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `ModelUUID "..." not a valid UUID`)
+}
+
+func (s *OriginSuite) TestValidateEmptyHostname(c *gc.C) {
+	origin := validOrigin
+	origin.Hostname = ""
+
+	err := origin.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *OriginSuite) TestValidateBadOriginType(c *gc.C) {
+	origin := validOrigin
+	origin.Type = logfwd.OriginType(999)
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `invalid Type: unsupported origin type`)
+}
+
+func (s *OriginSuite) TestValidateEmptyName(c *gc.C) {
+	origin := validOrigin
+	origin.Name = ""
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `empty Name`)
+}
+
+func (s *OriginSuite) TestValidateBadName(c *gc.C) {
+	origin := validOrigin
+	origin.Name = "..."
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `invalid Name "...": bad user name`)
+}
+
+func (s *OriginSuite) TestValidateEmptySoftware(c *gc.C) {
+	origin := validOrigin
+	origin.Software = logfwd.Software{}
+
+	err := origin.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *OriginSuite) TestValidateBadSoftware(c *gc.C) {
+	origin := validOrigin
+	origin.Software.Version = version.Zero
+
+	err := origin.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `invalid Software: empty Version`)
+}
+
+var validOrigin = logfwd.Origin{
+	ControllerUUID: "9f484882-2f18-4fd2-967d-db9663db7bea",
+	ModelUUID:      "deadbeef-2f18-4fd2-967d-db9663db7bea",
+	Hostname:       "spam.x.y.z.com",
+	Type:           logfwd.OriginTypeUser,
+	Name:           "a-user",
+	Software: logfwd.Software{
+		PrivateEnterpriseNumber: 28978,
+		Name:    "juju",
+		Version: version.MustParse("2.0.1"),
+	},
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin-type_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin-type_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/origin-type_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/origin-type_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,151 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/logfwd"
+)
+
+type OriginTypeSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&OriginTypeSuite{})
+
+func (s *OriginTypeSuite) TestZeroValue(c *gc.C) {
+	var ot logfwd.OriginType
+
+	c.Check(ot, gc.Equals, logfwd.OriginTypeUnknown)
+}
+
+func (s *OriginTypeSuite) TestParseOriginTypeValid(c *gc.C) {
+	tests := map[string]logfwd.OriginType{
+		"unknown": logfwd.OriginTypeUnknown,
+		"user":    logfwd.OriginTypeUser,
+		"machine": logfwd.OriginTypeMachine,
+		"unit":    logfwd.OriginTypeUnit,
+	}
+	for str, expected := range tests {
+		c.Logf("trying %q", str)
+
+		ot, err := logfwd.ParseOriginType(str)
+		c.Assert(err, jc.ErrorIsNil)
+
+		c.Check(ot, gc.Equals, expected)
+	}
+}
+
+func (s *OriginTypeSuite) TestParseOriginTypeEmpty(c *gc.C) {
+	_, err := logfwd.ParseOriginType("")
+
+	c.Check(err, gc.ErrorMatches, `unrecognized origin type ""`)
+}
+
+func (s *OriginTypeSuite) TestParseOriginTypeInvalid(c *gc.C) {
+	_, err := logfwd.ParseOriginType("spam")
+
+	c.Check(err, gc.ErrorMatches, `unrecognized origin type "spam"`)
+}
+
+func (s *OriginTypeSuite) TestString(c *gc.C) {
+	tests := map[logfwd.OriginType]string{
+		logfwd.OriginTypeUnknown: "unknown",
+		logfwd.OriginTypeUser:    "user",
+		logfwd.OriginTypeMachine: "machine",
+		logfwd.OriginTypeUnit:    "unit",
+	}
+	for ot, expected := range tests {
+		c.Logf("trying %q", ot)
+
+		str := ot.String()
+
+		c.Check(str, gc.Equals, expected)
+	}
+}
+
+func (s *OriginTypeSuite) TestValidateValid(c *gc.C) {
+	tests := []logfwd.OriginType{
+		logfwd.OriginTypeUnknown,
+		logfwd.OriginTypeUser,
+		logfwd.OriginTypeMachine,
+		logfwd.OriginTypeUnit,
+	}
+	for _, ot := range tests {
+		c.Logf("trying %q", ot)
+
+		err := ot.Validate()
+
+		c.Check(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *OriginTypeSuite) TestValidateZero(c *gc.C) {
+	var ot logfwd.OriginType
+
+	err := ot.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *OriginTypeSuite) TestValidateInvalid(c *gc.C) {
+	ot := logfwd.OriginType(999)
+
+	err := ot.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `unsupported origin type`)
+}
+
+func (s *OriginTypeSuite) TestValidateNameValid(c *gc.C) {
+	tests := map[logfwd.OriginType]string{
+		logfwd.OriginTypeUnknown: "",
+		logfwd.OriginTypeUser:    "a-user",
+		logfwd.OriginTypeMachine: "99",
+		logfwd.OriginTypeUnit:    "svc-a/0",
+	}
+	for ot, name := range tests {
+		c.Logf("trying %q + %q", ot, name)
+
+		err := ot.ValidateName(name)
+
+		c.Check(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *OriginTypeSuite) TestValidateNameInvalid(c *gc.C) {
+	tests := []struct {
+		ot   logfwd.OriginType
+		name string
+		err  string
+	}{{
+		ot:   logfwd.OriginTypeUnknown,
+		name: "...",
+		err:  `origin name must not be set if type is unknown`,
+	}, {
+		ot:   logfwd.OriginTypeUser,
+		name: "...",
+		err:  `bad user name`,
+	}, {
+		ot:   logfwd.OriginTypeMachine,
+		name: "...",
+		err:  `bad machine name`,
+	}, {
+		ot:   logfwd.OriginTypeUnit,
+		name: "...",
+		err:  `bad unit name`,
+	}}
+	for _, test := range tests {
+		c.Logf("trying %q + %q", test.ot, test.name)
+
+		err := test.ot.ValidateName(test.name)
+
+		c.Check(err, jc.Satisfies, errors.IsNotValid)
+		c.Check(err, gc.ErrorMatches, test.err)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/record.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/record.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/record.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/record.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,147 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+)
+
+// Record holds all the information for a single log record.
+type Record struct {
+	// ID identifies the record and its position in a sequence
+	// of records.
+	ID int64
+
+	// Origin describes what created the record.
+	Origin Origin
+
+	// Timestamp is when the record was created.
+	Timestamp time.Time
+
+	// Level is the basic logging level of the record.
+	Level loggo.Level
+
+	// Location describes where the record was created.
+	Location SourceLocation
+
+	// Message is the record's body. It may be empty.
+	Message string
+}
+
+// Validate ensures that the record is correct.
+func (rec Record) Validate() error {
+	if err := rec.Origin.Validate(); err != nil {
+		return errors.Annotate(err, "invalid Origin")
+	}
+
+	if rec.Timestamp.IsZero() {
+		return errors.NewNotValid(nil, "empty Timestamp")
+	}
+
+	// rec.Level may be anything, so we don't check it.
+
+	if err := rec.Location.Validate(); err != nil {
+		return errors.Annotate(err, "invalid Location")
+	}
+
+	// rec.Message may be anything, so we don't check it.
+
+	return nil
+}
+
+// SourceLocation identifies the line of source code that originated
+// a log record.
+type SourceLocation struct {
+	// Module is the source "module" (e.g. package) where the record
+	// originated. This is optional.
+	Module string
+
+	// Filename is the base name of the source file. This is required
+	// only if Line is greater than 0.
+	Filename string
+
+	// Line is the line number in the source. It is optional. A negative
+	// value means "not set". So does 0 if Filename is not set. If Line
+	// is greater than 0 then Filename must be set.
+	Line int
+}
+
+// ParseLocation converts the given info into a SourceLocation. The
+// expected format is "FILENAME" or "FILENAME:LINE". If the first format
+// is used then Line is set to -1. If provided, LINE must be a
+// non-negative integer.
+func ParseLocation(module, sourceLine string) (SourceLocation, error) {
+	filename, lineNo, err := parseSourceLine(sourceLine)
+	if err != nil {
+		return SourceLocation{}, errors.Annotate(err, "failed to parse sourceLine")
+	}
+	loc := SourceLocation{
+		Module:   module,
+		Filename: filename,
+		Line:     lineNo,
+	}
+	return loc, nil
+}
+
+func parseSourceLine(sourceLine string) (filename string, line int, err error) {
+	filename, sep, lineNoStr := rPartition(sourceLine, ":")
+	if sep == "" {
+		return filename, -1, nil
+	}
+	if lineNoStr == "" {
+		return "", -1, errors.New(`missing line number after ":"`)
+	}
+	lineNo, err := strconv.Atoi(lineNoStr)
+	if err != nil {
+		return "", -1, errors.Annotate(err, "line number must be non-negative integer")
+	}
+	if lineNo < 0 {
+		return "", -1, errors.New("line number must be non-negative integer")
+	}
+	return filename, lineNo, nil
+}
+
+func rPartition(str, sep string) (remainder, used, part string) {
+	pos := strings.LastIndex(str, sep)
+	if pos < 0 {
+		return str, "", ""
+	}
+	return str[:pos], sep, str[pos+1:]
+}
+
+// String returns a string representation of the location.
+func (loc SourceLocation) String() string {
+	if loc.Line < 0 {
+		return loc.Filename
+	}
+	if loc.Line == 0 && loc.Filename == "" {
+		return ""
+	}
+	return fmt.Sprintf("%s:%d", loc.Filename, loc.Line)
+}
+
+var zero SourceLocation
+
+// Validate ensures that the location is correct.
+func (loc SourceLocation) Validate() error {
+	if loc == zero {
+		return nil
+	}
+
+	// Module may be anything, so there's nothing to check there.
+
+	// Filename may be set with no line number set, but not the other
+	// way around.
+	if loc.Line >= 0 && loc.Filename == "" {
+		return errors.NewNotValid(nil, "Line set but Filename empty")
+	}
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/record_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/record_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/record_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/record_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,175 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logfwd_test
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/logfwd"
+)
+
+type RecordSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&RecordSuite{})
+
+func (s *RecordSuite) TestValidateValid(c *gc.C) {
+	rec := validRecord
+
+	err := rec.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *RecordSuite) TestValidateZero(c *gc.C) {
+	var rec logfwd.Record
+
+	err := rec.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+}
+
+func (s *RecordSuite) TestValidateBadOrigin(c *gc.C) {
+	rec := validRecord
+	rec.Origin.Name = "..."
+
+	err := rec.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `invalid Origin: invalid Name "...": bad user name`)
+}
+
+func (s *RecordSuite) TestValidateEmptyTimestamp(c *gc.C) {
+	rec := validRecord
+	rec.Timestamp = time.Time{}
+
+	err := rec.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `empty Timestamp`)
+}
+
+func (s *RecordSuite) TestValidateBadLocation(c *gc.C) {
+	rec := validRecord
+	rec.Location.Filename = ""
+
+	err := rec.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `invalid Location: Line set but Filename empty`)
+}
+
+type LocationSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&LocationSuite{})
+
+func (s *LocationSuite) TestParseLocationTooLegitToQuit(c *gc.C) {
+	expected := validLocation
+
+	loc, err := logfwd.ParseLocation(expected.Module, expected.String())
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(loc, jc.DeepEquals, expected)
+}
+
+func (s *LocationSuite) TestParseLocationIsValid(c *gc.C) {
+	expected := validLocation
+	loc, err := logfwd.ParseLocation(expected.Module, expected.String())
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = loc.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *LocationSuite) TestParseLocationMissingFilename(c *gc.C) {
+	expected := validLocation
+	expected.Filename = ""
+
+	loc, err := logfwd.ParseLocation(expected.Module, ":42")
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(loc, jc.DeepEquals, expected)
+}
+
+func (s *LocationSuite) TestParseLocationBogusFilename(c *gc.C) {
+	expected := validLocation
+	expected.Filename = "..."
+
+	loc, err := logfwd.ParseLocation(expected.Module, "...:42")
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(loc, jc.DeepEquals, expected)
+}
+
+func (s *LocationSuite) TestParseLocationFilenameOnly(c *gc.C) {
+	expected := validLocation
+	expected.Line = -1
+
+	loc, err := logfwd.ParseLocation(expected.Module, expected.Filename)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(loc, jc.DeepEquals, expected)
+}
+
+func (s *LocationSuite) TestParseLocationMissingLine(c *gc.C) {
+	_, err := logfwd.ParseLocation(validLocation.Module, "spam.go:")
+
+	c.Check(err, gc.ErrorMatches, `failed to parse sourceLine: missing line number after ":"`)
+}
+
+func (s *LocationSuite) TestParseLocationBogusLine(c *gc.C) {
+	_, err := logfwd.ParseLocation(validLocation.Module, "spam.go:xxx")
+
+	c.Check(err, gc.ErrorMatches, `failed to parse sourceLine: line number must be non-negative integer: strconv.ParseInt: parsing "xxx": invalid syntax`)
+}
+
+func (s *LocationSuite) TestValidateValid(c *gc.C) {
+	loc := validLocation
+
+	err := loc.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *LocationSuite) TestValidateEmpty(c *gc.C) {
+	var loc logfwd.SourceLocation
+
+	err := loc.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *LocationSuite) TestValidateBadLine(c *gc.C) {
+	loc := validLocation
+	loc.Filename = ""
+
+	err := loc.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, gc.ErrorMatches, `Line set but Filename empty`)
+}
+
+var validLocation = logfwd.SourceLocation{
+	Module:   "spam",
+	Filename: "eggs.go",
+	Line:     42,
+}
+
+var validRecord = logfwd.Record{
+	Origin:    validOrigin,
+	Timestamp: time.Now(),
+	Level:     loggo.ERROR,
+	Location:  validLocation,
+	Message:   "uh-oh",
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/client.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/client.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,179 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package syslog
+
+import (
+	"crypto/tls"
+	"fmt"
+	"io"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/rfc/rfc5424"
+	"github.com/juju/rfc/rfc5424/sdelements"
+
+	"github.com/juju/juju/logfwd"
+)
+
+// Sender exposes the underlying functionality needed by Client.
+type Sender interface {
+	io.Closer
+
+	// Send sends the RFC 5424 message over its connection.
+	Send(rfc5424.Message) error
+}
+
+// SenderOpener supports opening a syslog connection.
+type SenderOpener interface {
+	DialFunc(cfg *tls.Config, timeout time.Duration) (rfc5424.DialFunc, error)
+
+	Open(host string, cfg rfc5424.ClientConfig, dial rfc5424.DialFunc) (Sender, error)
+}
+
+type senderOpener struct{}
+
+func (senderOpener) DialFunc(cfg *tls.Config, timeout time.Duration) (rfc5424.DialFunc, error) {
+	dial, err := rfc5424.TLSDialFunc(cfg, timeout)
+	return dial, errors.Trace(err)
+}
+
+func (senderOpener) Open(host string, cfg rfc5424.ClientConfig, dial rfc5424.DialFunc) (Sender, error) {
+	sender, err := rfc5424.Open(host, cfg, dial)
+	return sender, errors.Trace(err)
+}
+
+// Client is the wrapper around a syslog (RFC 5424) connection.
+type Client struct {
+	// Sender is the message sender this client wraps.
+	Sender Sender
+}
+
+// Open connects to a remote syslog host and wraps that connection
+// in a new client.
+func Open(cfg RawConfig) (*Client, error) {
+	client, err := OpenForSender(cfg, &senderOpener{})
+	return client, errors.Trace(err)
+}
+
+// OpenForSender connects to a remote syslog host and wraps that
+// connection in a new client.
+func OpenForSender(cfg RawConfig, opener SenderOpener) (*Client, error) {
+	if err := cfg.Validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	sender, err := open(cfg, opener)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	client := &Client{
+		Sender: sender,
+	}
+	return client, nil
+}
+
+func open(cfg RawConfig, opener SenderOpener) (Sender, error) {
+	tlsCfg, err := cfg.tlsConfig()
+	if err != nil {
+		return nil, errors.Annotate(err, "constructing TLS config")
+	}
+
+	var timeout time.Duration
+	dial, err := opener.DialFunc(tlsCfg, timeout)
+	if err != nil {
+		return nil, errors.Annotate(err, "obtaining dialer")
+	}
+
+	var clientCfg rfc5424.ClientConfig
+	client, err := opener.Open(cfg.Host, clientCfg, dial)
+	return client, errors.Annotate(err, "opening client connection")
+}
+
+// Close closes the client's connection.
+func (client Client) Close() error {
+	err := client.Sender.Close()
+	return errors.Trace(err)
+}
+
+// Send sends the record to the remote syslog host.
+func (client Client) Send(records []logfwd.Record) error {
+	for _, rec := range records {
+		msg, err := messageFromRecord(rec)
+		if err != nil {
+			return errors.Trace(err)
+		}
+		if err := client.Sender.Send(msg); err != nil {
+			return errors.Trace(err)
+		}
+	}
+	return nil
+}
+
+func messageFromRecord(rec logfwd.Record) (rfc5424.Message, error) {
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityUser,
+			},
+			Timestamp: rfc5424.Timestamp{rec.Timestamp},
+			Hostname: rfc5424.Hostname{
+				FQDN: rec.Origin.Hostname,
+			},
+			AppName: rfc5424.AppName((rec.Origin.Software.Name + "-" + rec.Origin.ModelUUID)[:48]),
+		},
+		StructuredData: rfc5424.StructuredData{
+			&sdelements.Origin{
+				EnterpriseID: sdelements.OriginEnterpriseID{
+					Number: sdelements.PrivateEnterpriseNumber(rec.Origin.Software.PrivateEnterpriseNumber),
+				},
+				SoftwareName:    rec.Origin.Software.Name,
+				SoftwareVersion: rec.Origin.Software.Version,
+			},
+			&sdelements.Private{
+				Name: "model",
+				PEN:  sdelements.PrivateEnterpriseNumber(rec.Origin.Software.PrivateEnterpriseNumber),
+				Data: []rfc5424.StructuredDataParam{{
+					Name:  "controller-uuid",
+					Value: rfc5424.StructuredDataParamValue(rec.Origin.ControllerUUID),
+				}, {
+					Name:  "model-uuid",
+					Value: rfc5424.StructuredDataParamValue(rec.Origin.ModelUUID),
+				}},
+			},
+			&sdelements.Private{
+				Name: "log",
+				PEN:  sdelements.PrivateEnterpriseNumber(rec.Origin.Software.PrivateEnterpriseNumber),
+				Data: []rfc5424.StructuredDataParam{{
+					Name:  "module",
+					Value: rfc5424.StructuredDataParamValue(rec.Location.Module),
+				}, {
+					Name:  "source",
+					Value: rfc5424.StructuredDataParamValue(fmt.Sprintf("%s:%d", rec.Location.Filename, rec.Location.Line)),
+				}},
+			},
+		},
+		Msg: rec.Message,
+	}
+
+	switch rec.Level {
+	case loggo.ERROR:
+		msg.Priority.Severity = rfc5424.SeverityError
+	case loggo.WARNING:
+		msg.Priority.Severity = rfc5424.SeverityWarning
+	case loggo.INFO:
+		msg.Priority.Severity = rfc5424.SeverityInformational
+	case loggo.DEBUG, loggo.TRACE:
+		msg.Priority.Severity = rfc5424.SeverityDebug
+	default:
+		return msg, errors.Errorf("unsupported log level %q", rec.Level)
+	}
+
+	if err := msg.Validate(); err != nil {
+		return msg, errors.Trace(err)
+	}
+	return msg, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/client_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,245 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package syslog_test
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"time"
+
+	"github.com/juju/loggo"
+	"github.com/juju/rfc/rfc5424"
+	"github.com/juju/rfc/rfc5424/sdelements"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/version"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/logfwd"
+	"github.com/juju/juju/logfwd/syslog"
+	coretesting "github.com/juju/juju/testing"
+)
+
+type ClientSuite struct {
+	testing.IsolationSuite
+
+	stub   *testing.Stub
+	sender *stubSender
+}
+
+var _ = gc.Suite(&ClientSuite{})
+
+func (s *ClientSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+
+	s.stub = &testing.Stub{}
+	s.sender = &stubSender{stub: s.stub}
+}
+
+func (s *ClientSuite) TestOpen(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Enabled:    true,
+		Host:       "a.b.c:9876",
+		CACert:     coretesting.CACert,
+		ClientCert: coretesting.ServerCert,
+		ClientKey:  coretesting.ServerKey,
+	}
+	senderOpener := &stubSenderOpener{
+		stub:       s.stub,
+		ReturnOpen: s.sender,
+	}
+
+	client, err := syslog.OpenForSender(cfg, senderOpener)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "DialFunc", "Open")
+
+	clientCert, err := tls.X509KeyPair([]byte(coretesting.ServerCert), []byte(coretesting.ServerKey))
+	c.Assert(err, jc.ErrorIsNil)
+	rootCAs := x509.NewCertPool()
+	rootCAs.AddCert(coretesting.CACertX509)
+	tlsConfig := &tls.Config{
+		Certificates: []tls.Certificate{clientCert},
+		RootCAs:      rootCAs,
+	}
+
+	s.stub.CheckCall(c, 0, "DialFunc", tlsConfig, time.Duration(0))
+	c.Check(client.Sender, gc.Equals, s.sender)
+}
+
+func (s *ClientSuite) TestClose(c *gc.C) {
+	client := syslog.Client{Sender: s.sender}
+
+	err := client.Close()
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "Close")
+}
+
+func (s *ClientSuite) TestSendLogFull(c *gc.C) {
+	tag := names.NewMachineTag("99")
+	cID := "9f484882-2f18-4fd2-967d-db9663db7bea"
+	mID := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	ver := version.MustParse("1.2.3")
+	ts := time.Unix(12345, 0)
+	rec := logfwd.Record{
+		Origin:    logfwd.OriginForMachineAgent(tag, cID, mID, ver),
+		Timestamp: time.Unix(12345, 0),
+		Level:     loggo.ERROR,
+		Location: logfwd.SourceLocation{
+			Module:   "juju.x.y",
+			Filename: "x/y/spam.go",
+			Line:     42,
+		},
+		Message: "(╯°□°)╯︵ ┻━┻",
+	}
+	client := syslog.Client{Sender: s.sender}
+
+	err := client.Send([]logfwd.Record{rec})
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "Send")
+	s.stub.CheckCall(c, 0, "Send", rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityError,
+				Facility: rfc5424.FacilityUser,
+			},
+			Timestamp: rfc5424.Timestamp{ts},
+			Hostname: rfc5424.Hostname{
+				FQDN: "machine-99.deadbeef-2f18-4fd2-967d-db9663db7bea",
+			},
+			AppName: "jujud-machine-agent-deadbeef-2f18-4fd2-967d-db96",
+		},
+		StructuredData: rfc5424.StructuredData{
+			&sdelements.Origin{
+				EnterpriseID: sdelements.OriginEnterpriseID{
+					Number: 28978,
+				},
+				SoftwareName:    "jujud-machine-agent",
+				SoftwareVersion: ver,
+			},
+			&sdelements.Private{
+				Name: "model",
+				PEN:  28978,
+				Data: []rfc5424.StructuredDataParam{{
+					Name:  "controller-uuid",
+					Value: "9f484882-2f18-4fd2-967d-db9663db7bea",
+				}, {
+					Name:  "model-uuid",
+					Value: "deadbeef-2f18-4fd2-967d-db9663db7bea",
+				}},
+			},
+			&sdelements.Private{
+				Name: "log",
+				PEN:  28978,
+				Data: []rfc5424.StructuredDataParam{{
+					Name:  "module",
+					Value: "juju.x.y",
+				}, {
+					Name:  "source",
+					Value: "x/y/spam.go:42",
+				}},
+			},
+		},
+		Msg: "(╯°□°)╯︵ ┻━┻",
+	})
+}
+
+func (s *ClientSuite) TestSendLogLevels(c *gc.C) {
+	tag := names.NewMachineTag("99")
+	cID := "9f484882-2f18-4fd2-967d-db9663db7bea"
+	mID := "deadbeef-2f18-4fd2-967d-db9663db7bea"
+	ver := version.MustParse("1.2.3")
+	rec := logfwd.Record{
+		Origin:    logfwd.OriginForMachineAgent(tag, cID, mID, ver),
+		Timestamp: time.Unix(12345, 0),
+		Level:     loggo.ERROR,
+		Location: logfwd.SourceLocation{
+			Module:   "juju.x.y",
+			Filename: "x/y/spam.go",
+			Line:     42,
+		},
+		Message: "(╯°□°)╯︵ ┻━┻",
+	}
+	client := syslog.Client{Sender: s.sender}
+
+	levels := map[loggo.Level]rfc5424.Severity{
+		loggo.ERROR:   rfc5424.SeverityError,
+		loggo.WARNING: rfc5424.SeverityWarning,
+		loggo.INFO:    rfc5424.SeverityInformational,
+		loggo.DEBUG:   rfc5424.SeverityDebug,
+		loggo.TRACE:   rfc5424.SeverityDebug,
+	}
+	for level, expected := range levels {
+		c.Logf("trying %s -> %s", level, expected)
+		s.stub.ResetCalls()
+		rec.Level = level
+
+		err := client.Send([]logfwd.Record{rec})
+		c.Assert(err, jc.ErrorIsNil)
+
+		msg := s.stub.Calls()[0].Args[0].(rfc5424.Message)
+		c.Check(msg.Severity, gc.Equals, expected)
+	}
+}
+
+type stubSenderOpener struct {
+	stub *testing.Stub
+
+	ReturnDialFunc rfc5424.DialFunc
+	ReturnOpen     syslog.Sender
+}
+
+func (s *stubSenderOpener) DialFunc(cfg *tls.Config, timeout time.Duration) (rfc5424.DialFunc, error) {
+	s.stub.AddCall("DialFunc", cfg, timeout)
+	if err := s.stub.NextErr(); err != nil {
+		return nil, err
+	}
+
+	dial := s.ReturnDialFunc
+	if dial == nil {
+		dial = func(network, address string) (rfc5424.Conn, error) {
+			s.stub.AddCall("dial", network, address)
+			if err := s.stub.NextErr(); err != nil {
+				return nil, err
+			}
+
+			return nil, nil
+		}
+	}
+	return dial, nil
+}
+
+func (s *stubSenderOpener) Open(host string, cfg rfc5424.ClientConfig, dial rfc5424.DialFunc) (syslog.Sender, error) {
+	s.stub.AddCall("Open", host, cfg, dial)
+	if err := s.stub.NextErr(); err != nil {
+		return nil, err
+	}
+
+	return s.ReturnOpen, nil
+}
+
+type stubSender struct {
+	stub *testing.Stub
+}
+
+func (s *stubSender) Send(msg rfc5424.Message) error {
+	s.stub.AddCall("Send", msg)
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (s *stubSender) Close() error {
+	s.stub.AddCall("Close")
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/config.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/config.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,83 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package syslog
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"net"
+
+	"github.com/juju/errors"
+	"github.com/juju/juju/cert"
+)
+
+// RawConfig holds the raw configuration data for a connection to a
+// syslog forwarding target.
+type RawConfig struct {
+	// Enabled is true if the log forwarding feature is enabled.
+	Enabled bool
+
+	// Host is the host-port of the syslog host. The format is:
+	//
+	//   [domain-or-ip-addr] or [domain-or-ip-addr][:port]
+	//
+	// If the port is not set then the default TLS port (6514) will
+	// be used.
+	Host string
+
+	// CACert is the TLS CA certificate (x.509, PEM-encoded) to use
+	// for validating the server certificate when connecting.
+	CACert string
+
+	// ClientCert is the TLS certificate (x.509, PEM-encoded) to use
+	// when connecting.
+	ClientCert string
+
+	// ClientKey is the TLS private key (x.509, PEM-encoded) to use
+	// when connecting.
+	ClientKey string
+}
+
+// Validate ensures that the config is currently valid.
+func (cfg RawConfig) Validate() error {
+	if err := cfg.validateHost(); err != nil {
+		return errors.Trace(err)
+	}
+
+	if _, err := cfg.tlsConfig(); err != nil {
+		return errors.Annotate(err, "validating TLS config")
+	}
+
+	return nil
+}
+
+func (cfg RawConfig) validateHost() error {
+	host, _, err := net.SplitHostPort(cfg.Host)
+	if err != nil {
+		host = cfg.Host
+	}
+	if host == "" {
+		return errors.NotValidf("Host %q", cfg.Host)
+	}
+	return nil
+}
+
+func (cfg RawConfig) tlsConfig() (*tls.Config, error) {
+	clientCert, err := tls.X509KeyPair([]byte(cfg.ClientCert), []byte(cfg.ClientKey))
+	if err != nil {
+		return nil, errors.Annotate(err, "parsing client key pair")
+	}
+
+	caCert, err := cert.ParseCert(cfg.CACert)
+	if err != nil {
+		return nil, errors.Annotate(err, "parsing CA certificate")
+	}
+	rootCAs := x509.NewCertPool()
+	rootCAs.AddCert(caCert)
+
+	return &tls.Config{
+		Certificates: []tls.Certificate{clientCert},
+		RootCAs:      rootCAs,
+	}, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/config_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,280 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package syslog_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/logfwd/syslog"
+	coretesting "github.com/juju/juju/testing"
+)
+
+type ConfigSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&ConfigSuite{})
+
+func (s *ConfigSuite) TestRawValidateFull(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     coretesting.CACert,
+		ClientCert: coretesting.ServerCert,
+		ClientKey:  coretesting.ServerKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *ConfigSuite) TestRawValidateWithoutPort(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c",
+		CACert:     coretesting.CACert,
+		ClientCert: coretesting.ServerCert,
+		ClientKey:  coretesting.ServerKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *ConfigSuite) TestRawValidateZeroValue(c *gc.C) {
+	var cfg syslog.RawConfig
+
+	err := cfg.Validate()
+
+	c.Check(err, jc.Satisfies, errors.IsNotValid)
+}
+
+func (s *ConfigSuite) TestRawValidateMissingHost(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "",
+		CACert:     validCACert,
+		ClientCert: validCert,
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `Host "" not valid`)
+}
+
+func (s *ConfigSuite) TestRawValidateMissingHostname(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       ":9876",
+		CACert:     validCACert,
+		ClientCert: validCert,
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `Host ":9876" not valid`)
+}
+
+func (s *ConfigSuite) TestRawValidateMissingCACert(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     "",
+		ClientCert: validCert,
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing CA certificate: no certificates found`)
+}
+
+func (s *ConfigSuite) TestRawValidateBadCACert(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     invalidCACert,
+		ClientCert: validCert,
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing CA certificate: asn1: syntax error: data truncated`)
+}
+
+func (s *ConfigSuite) TestRawValidateBadCACertFormat(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     "abc",
+		ClientCert: validCert,
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing CA certificate: no certificates found`)
+}
+
+func (s *ConfigSuite) TestRawValidateMissingCert(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     validCACert,
+		ClientCert: "",
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing client key pair: (crypto/)?tls: failed to find any PEM data in certificate input`)
+}
+
+func (s *ConfigSuite) TestRawValidateBadCert(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     validCACert,
+		ClientCert: invalidCert,
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing client key pair: asn1: syntax error: data truncated`)
+}
+
+func (s *ConfigSuite) TestRawValidateBadCertFormat(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     validCACert,
+		ClientCert: "abc",
+		ClientKey:  validKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing client key pair: (crypto/)?tls: failed to find any PEM data in certificate input`)
+}
+
+func (s *ConfigSuite) TestRawValidateMissingKey(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     validCACert,
+		ClientCert: validCert,
+		ClientKey:  "",
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing client key pair: (crypto/)?tls: failed to find any PEM data in key input`)
+}
+
+func (s *ConfigSuite) TestRawValidateBadKey(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     validCACert,
+		ClientCert: validCert,
+		ClientKey:  invalidKey,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing client key pair: (crypto/)?tls: failed to parse private key`)
+}
+
+func (s *ConfigSuite) TestRawValidateBadKeyFormat(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     validCACert,
+		ClientCert: validCert,
+		ClientKey:  "abc",
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing client key pair: (crypto/)?tls: failed to find any PEM data in key input`)
+}
+
+func (s *ConfigSuite) TestRawValidateCertKeyMismatch(c *gc.C) {
+	cfg := syslog.RawConfig{
+		Host:       "a.b.c:9876",
+		CACert:     validCACert,
+		ClientCert: validCert,
+		ClientKey:  validKey2,
+	}
+
+	err := cfg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `validating TLS config: parsing client key pair: (crypto/)?tls: private key does not match public key`)
+}
+
+var validCACert = `
+-----BEGIN CERTIFICATE-----
+MIIBjTCCATmgAwIBAgIBADALBgkqhkiG9w0BAQUwHjENMAsGA1UEChMEanVqdTEN
+MAsGA1UEAxMEcm9vdDAeFw0xMjExMDkxNjQxMjlaFw0yMjExMDkxNjQ2MjlaMB4x
+DTALBgNVBAoTBGp1anUxDTALBgNVBAMTBHJvb3QwWjALBgkqhkiG9w0BAQEDSwAw
+SAJBAIW7CbHFJivvV9V6mO8AGzJS9lqjUf6MdEPsdF6wx2Cpzr/lSFIggCwRA138
+9MuFxflxb/3U8Nq+rd8rVtTgFMECAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgCkMBIG
+A1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYEFJafrxqByMN9BwGfcmuF0Lw/1QII
+MB8GA1UdIwQYMBaAFJafrxqByMN9BwGfcmuF0Lw/1QIIMAsGCSqGSIb3DQEBBQNB
+AHq3vqNhxya3s33DlQfSj9whsnqM0Nm+u8mBX/T76TF5rV7+B33XmYzSyfA3yBi/
+zHaUR/dbHuiNTO+KXs3/+Y4=
+-----END CERTIFICATE-----
+`[1:]
+
+var validCert = `
+-----BEGIN CERTIFICATE-----
+MIIBjDCCATigAwIBAgIBADALBgkqhkiG9w0BAQUwHjENMAsGA1UEChMEanVqdTEN
+MAsGA1UEAxMEcm9vdDAeFw0xMjExMDkxNjQwMjhaFw0yMjExMDkxNjQ1MjhaMB4x
+DTALBgNVBAoTBGp1anUxDTALBgNVBAMTBHJvb3QwWTALBgkqhkiG9w0BAQEDSgAw
+RwJAduA1Gnb2VJLxNGfG4St0Qy48Y3q5Z5HheGtTGmti/FjlvQvScCFGCnJG7fKA
+Knd7ia3vWg7lxYkIvMPVP88LAQIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAKQwEgYD
+VR0TAQH/BAgwBgEB/wIBATAdBgNVHQ4EFgQUlvKX8vwp0o+VdhdhoA9O6KlOm00w
+HwYDVR0jBBgwFoAUlvKX8vwp0o+VdhdhoA9O6KlOm00wCwYJKoZIhvcNAQEFA0EA
+LlNpevtFr8gngjAFFAO/FXc7KiZcCrA5rBfb/rEy297lIqmKt5++aVbLEPyxCIFC
+r71Sj63TUTFWtRZAxvn9qQ==
+-----END CERTIFICATE-----
+`[1:]
+
+var validKey = `
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOQIBAAJAduA1Gnb2VJLxNGfG4St0Qy48Y3q5Z5HheGtTGmti/FjlvQvScCFG
+CnJG7fKAKnd7ia3vWg7lxYkIvMPVP88LAQIDAQABAkEAsFOdMSYn+AcF1M/iBfjo
+uQWJ+Zz+CgwuvumjGNsUtmwxjA+hh0fCn0Ah2nAt4Ma81vKOKOdQ8W6bapvsVDH0
+6QIhAJOkLmEKm4H5POQV7qunRbRsLbft/n/SHlOBz165WFvPAiEAzh9fMf70std1
+sVCHJRQWKK+vw3oaEvPKvkPiV5ui0C8CIGNsvybuo8ald5IKCw5huRlFeIxSo36k
+m3OVCXc6zfwVAiBnTUe7WcivPNZqOC6TAZ8dYvdWo4Ifz3jjpEfymjid1wIgBIJv
+ERPyv2NQqIFQZIyzUP7LVRIWfpFFOo9/Ww/7s5Y=
+-----END RSA PRIVATE KEY-----
+`[1:]
+
+var validKey2 = `
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOQIBAAJBAJkSWRrr81y8pY4dbNgt+8miSKg4z6glp2KO2NnxxAhyyNtQHKvC
++fJALJj+C2NhuvOv9xImxOl3Hg8fFPCXCtcCAwEAAQJATQNzO11NQvJS5U6eraFt
+FgSFQ8XZjILtVWQDbJv8AjdbEgKMHEy33icsAKIUAx8jL9kjq6K9kTdAKXZi9grF
+UQIhAPD7jccIDUVm785E5eR9eisq0+xpgUIa24Jkn8cAlst5AiEAopxVFl1auer3
+GP2In3pjdL4ydzU/gcRcYisoJqwHpM8CIHtqmaXBPeq5WT9ukb5/dL3+5SJCtmxA
+jQMuvZWRe6khAiBvMztYtPSDKXRbCZ4xeQ+kWSDHtok8Y5zNoTeu4nvDrwIgb3Al
+fikzPveC5g6S6OvEQmyDz59tYBubm2XHgvxqww0=
+-----END RSA PRIVATE KEY-----
+`[1:]
+
+var invalidCACert = `
+-----BEGIN CERTIFICATE-----
+MIIBOgIBAAJAZabKgKInuOxj5vDWLwHHQtK3/45KB+32D15w94Nt83BmuGxo90lw
+-----END CERTIFICATE-----
+`[1:]
+
+var invalidCert = `
+-----BEGIN CERTIFICATE-----
+MIIBOgIBAAJAZabKgKInuOxj5vDWLwHHQtK3/45KB+32D15w94Nt83BmuGxo90lw
+-----END CERTIFICATE-----
+`[1:]
+
+var invalidKey = `
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJAZabKgKInuOxj5vDWLwHHQtK3/45KB+32D15w94Nt83BmuGxo90lw
+-----END RSA PRIVATE KEY-----
+`[1:]
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/doc.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// The syslog package holds the tools needed to perform log forwarding
+// from Juju to a remote syslog (RFC 5424) host.
+package syslog
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/logfwd/syslog/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/logfwd/syslog/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package syslog_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/migration/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/migration/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/migration/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/migration/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,5 @@
 package migration
 
 var (
-	ControllerValues         = controllerValues
-	UpdateConfigFromProvider = updateConfigFromProvider
-	GetCharmStoragePath      = getCharmStoragePath
+	GetCharmStoragePath = getCharmStoragePath
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/migration/migration.go juju-core-2.0~beta12/src/github.com/juju/juju/migration/migration.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/migration/migration.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/migration/migration.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,8 +17,6 @@
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/core/description"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/binarystorage"
 	"github.com/juju/juju/state/storage"
@@ -59,22 +57,6 @@
 		return nil, nil, errors.Trace(err)
 	}
 
-	controllerModel, err := st.ControllerModel()
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-
-	controllerConfig, err := controllerModel.Config()
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-
-	model.UpdateConfig(controllerValues(controllerConfig))
-
-	if err := updateConfigFromProvider(model, controllerConfig); err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-
 	dbModel, dbState, err := st.Import(model)
 	if err != nil {
 		return nil, nil, errors.Trace(err)
@@ -82,39 +64,6 @@
 	return dbModel, dbState, nil
 }
 
-func controllerValues(config *config.Config) map[string]interface{} {
-	result := make(map[string]interface{})
-
-	result["state-port"] = config.StatePort()
-	result["api-port"] = config.APIPort()
-	result["controller-uuid"] = config.ControllerUUID()
-	// We ignore the second bool param from the CACert check as if there
-	// wasn't a CACert, there is no way we'd be importing a new model
-	// into the controller
-	result["ca-cert"], _ = config.CACert()
-	return result
-}
-
-func updateConfigFromProvider(model description.Model, controllerConfig *config.Config) error {
-	newConfig, err := config.New(config.NoDefaults, model.Config())
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	provider, err := environs.New(newConfig)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	updater, ok := provider.(environs.MigrationConfigUpdater)
-	if !ok {
-		return nil
-	}
-
-	model.UpdateConfig(updater.MigrationConfigUpdate(controllerConfig))
-	return nil
-}
-
 // UploadBackend define the methods on *state.State that are needed for
 // uploading the tools and charms from the current controller to a different
 // controller.
@@ -291,8 +240,8 @@
 		addToolsVersionForMachine(machine, usedVersions)
 	}
 
-	for _, service := range model.Services() {
-		for _, unit := range service.Units() {
+	for _, application := range model.Applications() {
+		for _, unit := range application.Units() {
 			tools := unit.Tools()
 			usedVersions[tools.Version()] = true
 		}
@@ -347,8 +296,8 @@
 
 func getUsedCharms(model description.Model) set.Strings {
 	result := set.NewStrings()
-	for _, service := range model.Services() {
-		result.Add(service.CharmURL())
+	for _, application := range model.Applications() {
+		result.Add(application.CharmURL())
 	}
 	return result
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/migration/migration_test.go juju-core-2.0~beta12/src/github.com/juju/juju/migration/migration_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/migration/migration_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/migration/migration_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,18 +10,18 @@
 	"io/ioutil"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/juju/core/description"
-	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/migration"
 	"github.com/juju/juju/provider/dummy"
@@ -47,13 +47,15 @@
 	// is one that isn't registered as a valid provider. For our tests here we
 	// need a real registered provider, so we use the dummy provider.
 	// NOTE: make a better test provider.
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		modelcmd.BootstrapContext(testing.Context(c)),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			ControllerName: "dummycontroller",
-			BaseConfig:     dummy.SampleConfig(),
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			ControllerName:   "dummycontroller",
+			BaseConfig:       dummy.SampleConfig(),
+			CloudName:        "dummy",
+			AdminSecret:      "admin-secret",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -74,18 +76,13 @@
 	model, err := s.State.Export()
 	c.Check(err, jc.ErrorIsNil)
 
-	controllerConfig, err := s.State.ModelConfig()
-	c.Check(err, jc.ErrorIsNil)
-
 	// Update the config values in the exported model for different values for
 	// "state-port", "api-port", and "ca-cert". Also give the model a new UUID
 	// and name so we can import it nicely.
+	uuid := utils.MustNewUUID().String()
 	model.UpdateConfig(map[string]interface{}{
-		"name":       "new-model",
-		"uuid":       utils.MustNewUUID().String(),
-		"state-port": 12345,
-		"api-port":   54321,
-		"ca-cert":    "not really a cert",
+		"name": "new-model",
+		"uuid": uuid,
 	})
 
 	bytes, err := description.Serialize(model)
@@ -97,13 +94,8 @@
 
 	dbConfig, err := dbModel.Config()
 	c.Assert(err, jc.ErrorIsNil)
-	attrs := dbConfig.AllAttrs()
-	c.Assert(attrs["state-port"], gc.Equals, controllerConfig.StatePort())
-	c.Assert(attrs["api-port"], gc.Equals, controllerConfig.APIPort())
-	cacert, ok := controllerConfig.CACert()
-	c.Assert(ok, jc.IsTrue)
-	c.Assert(attrs["ca-cert"], gc.Equals, cacert)
-	c.Assert(attrs["controller-uuid"], gc.Equals, controllerConfig.UUID())
+	c.Assert(dbConfig.UUID(), gc.Equals, uuid)
+	c.Assert(dbConfig.Name(), gc.Equals, "new-model")
 }
 
 func (s *ImportSuite) TestUploadBinariesTools(c *gc.C) {
@@ -120,16 +112,16 @@
 		Version: version.MustParseBinary("2.0.1-trusty-amd64"),
 	})
 	container := machine.AddContainer(description.MachineArgs{
-		Id: names.NewMachineTag("0/lxc/0"),
+		Id: names.NewMachineTag("0/lxd/0"),
 	})
 	container.SetTools(description.AgentToolsArgs{
 		Version: version.MustParseBinary("2.0.5-trusty-amd64"),
 	})
-	service := model.AddService(description.ServiceArgs{
-		Tag:      names.NewServiceTag("magic"),
+	application := model.AddApplication(description.ApplicationArgs{
+		Tag:      names.NewApplicationTag("magic"),
 		CharmURL: "local:trusty/magic",
 	})
-	unit := service.AddUnit(description.UnitArgs{
+	unit := application.AddUnit(description.UnitArgs{
 		Tag: names.NewUnitTag("magic/0"),
 	})
 	unit.SetTools(description.AgentToolsArgs{
@@ -162,12 +154,12 @@
 	model := description.NewModel(description.ModelArgs{
 		Owner: names.NewUserTag("me"),
 	})
-	model.AddService(description.ServiceArgs{
-		Tag:      names.NewServiceTag("magic"),
+	model.AddApplication(description.ApplicationArgs{
+		Tag:      names.NewApplicationTag("magic"),
 		CharmURL: "local:trusty/magic",
 	})
-	model.AddService(description.ServiceArgs{
-		Tag:      names.NewServiceTag("magic"),
+	model.AddApplication(description.ApplicationArgs{
+		Tag:      names.NewApplicationTag("magic"),
 		CharmURL: "cs:trusty/postgresql-42",
 	})
 
@@ -334,45 +326,6 @@
 	return f.cleanupNeeded, f.cleanupError
 }
 
-type InternalSuite struct {
-	testing.BaseSuite
-}
-
-var _ = gc.Suite(&InternalSuite{})
-
-func (s *InternalSuite) TestControllerValues(c *gc.C) {
-	config := testing.ModelConfig(c)
-	fields := migration.ControllerValues(config)
-	c.Assert(fields, jc.DeepEquals, map[string]interface{}{
-		"controller-uuid": "deadbeef-0bad-400d-8000-4b1d0d06f00d",
-		"state-port":      19034,
-		"api-port":        17777,
-		"ca-cert":         testing.CACert,
-	})
-}
-
-func (s *InternalSuite) TestUpdateConfigFromProvider(c *gc.C) {
-	controllerConfig := testing.ModelConfig(c)
-	configAttrs := testing.FakeConfig()
-	configAttrs["type"] = "dummy"
-	// Fake the "state-id" so the provider thinks it is prepared already.
-	configAttrs["state-id"] = "42"
-	// We need to specify a valid provider type, so we use dummy.
-	// The dummy provider grabs the UUID from the controller config
-	// and returns it in the map with the key "controller-uuid", similar
-	// to what the azure provider will need to do.
-	model := description.NewModel(description.ModelArgs{
-		Owner:  names.NewUserTag("test-admin"),
-		Config: configAttrs,
-	})
-
-	err := migration.UpdateConfigFromProvider(model, controllerConfig)
-	c.Assert(err, jc.ErrorIsNil)
-
-	modelConfig := model.Config()
-	c.Assert(modelConfig["controller-uuid"], gc.Equals, controllerConfig.UUID())
-}
-
 type CharmInternalSuite struct {
 	statetesting.StateSuite
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,6 @@
 import (
 	"errors"
 	"os"
-	"testing"
 	"time"
 
 	coretesting "github.com/juju/juju/testing"
@@ -28,10 +27,6 @@
 var _ = gc.Suite(&MongoVersionSuite{})
 var _ = gc.Suite(&MongoPathSuite{})
 
-func Test(t *testing.T) {
-	gc.TestingT(t)
-}
-
 var (
 	version1   = Version{Major: 1, Minor: 0}
 	version1d1 = Version{Major: 1, Minor: 1}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/mongo.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/mongo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/mongo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/mongo.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,7 +24,7 @@
 	"github.com/juju/utils/series"
 	"gopkg.in/mgo.v2"
 
-	environs "github.com/juju/juju/environs/config"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/service"
 )
@@ -591,12 +591,12 @@
 			return err
 		}
 
-		cmd = []string{"semanage", "port", "-a", "-t", "mongod_port_t", "-p", "tcp", strconv.Itoa(environs.DefaultStatePort)}
+		cmd = []string{"semanage", "port", "-a", "-t", "mongod_port_t", "-p", "tcp", strconv.Itoa(controller.DefaultStatePort)}
 		logger.Infof("running %s %v", cmd[0], cmd[1:])
 		_, err = utils.RunCommand(cmd[0], cmd[1:]...)
 		if err != nil {
 			if !strings.Contains(err.Error(), "exit status 1") {
-				logger.Errorf("semanage failed to provide access on port %d error %s", environs.DefaultStatePort, err)
+				logger.Errorf("semanage failed to provide access on port %d error %s", controller.DefaultStatePort, err)
 				return err
 			}
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/mongotest/opts.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/mongotest/opts.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/mongotest/opts.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/mongotest/opts.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package mongotest
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/mongo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/mongo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/mongo_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/mongo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,7 +23,7 @@
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
 
-	environs "github.com/juju/juju/environs/config"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/service/common"
@@ -86,7 +86,7 @@
 		"mongod_port_t",
 		"-p",
 		"tcp",
-		strconv.Itoa(environs.DefaultStatePort),
+		strconv.Itoa(controller.DefaultStatePort),
 	},
 	Chcon: []string{
 		"-R",
@@ -451,7 +451,7 @@
 	expectedResult := append(expectedArgs.MongoInstall, []jc.SimpleMessage{
 		{loggo.INFO, "running chcon .*"},
 		{loggo.INFO, "running " + execNameFail + " .*"},
-		{loggo.ERROR, execNameFail + " failed to provide access on port " + strconv.Itoa(environs.DefaultStatePort) + " error exit status " + strconv.Itoa(returnCode)},
+		{loggo.ERROR, execNameFail + " failed to provide access on port " + strconv.Itoa(controller.DefaultStatePort) + " error exit status " + strconv.Itoa(returnCode)},
 		{loggo.ERROR, regexp.QuoteMeta("cannot install/upgrade mongod (will proceed anyway): exit status " + strconv.Itoa(returnCode))},
 	}...)
 	s.assertSuccessWithInstallStepFailCentOS(c, exec, execNameFail, returnCode, expectedResult)
@@ -657,16 +657,16 @@
 			Type:  network.IPv4Address,
 			Scope: network.ScopeCloudLocal,
 		},
-		Port: environs.DefaultStatePort}, {
+		Port: controller.DefaultStatePort}, {
 		Address: network.Address{
 			Value: "8.8.8.8",
 			Type:  network.IPv4Address,
 			Scope: network.ScopePublic,
 		},
-		Port: environs.DefaultStatePort}}
+		Port: controller.DefaultStatePort}}
 
 	address := mongo.SelectPeerHostPort(hostPorts)
-	c.Assert(address, gc.Equals, "10.0.0.1:"+strconv.Itoa(environs.DefaultStatePort))
+	c.Assert(address, gc.Equals, "10.0.0.1:"+strconv.Itoa(controller.DefaultStatePort))
 }
 
 func (s *MongoSuite) TestGenerateSharedSecret(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/open.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/open.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/open.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/open.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,8 +12,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/cert"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/oplog.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/oplog.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/oplog.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/oplog.go	2016-07-18 19:45:44.000000000 +0000
@@ -81,14 +81,84 @@
 	return session.DB("local").C("oplog.rs")
 }
 
-// NewOplogTailer returns a new OplogTailer.
+func isRealOplog(c *mgo.Collection) bool {
+	return c.Database.Name == "local" && c.Name == "oplog.rs"
+}
+
+// OplogIterator defines the parts of the mgo.Iter that we use - this
+// interface allows us to switch out the querying for testing.
+type OplogIterator interface {
+	Next(interface{}) bool
+	Err() error
+	Timeout() bool
+}
+
+// OplogSession represents a connection to the oplog store, used
+// to create an iterator to get oplog documents (and recreate it if it
+// gets killed or times out).
+type OplogSession interface {
+	NewIter(bson.MongoTimestamp, []int64) OplogIterator
+	Close()
+}
+
+type oplogSession struct {
+	session    *mgo.Session
+	collection *mgo.Collection
+	query      bson.D
+}
+
+// NewOplogSession defines a new OplogSession.
 //
 // Arguments:
-// - "oplog" is the collection to use for the oplog. Typically this
+// - "collection" is the collection to use for the oplog. Typically this
 //   would be the result of GetOpLog.
 // - "query" can be used to limit the returned oplog entries. A
 //    typical filter would limit based on ns ("<database>.<collection>")
 //    and o (object).
+//
+// The returned session should be `Close`d when it's no longer needed.
+func NewOplogSession(collection *mgo.Collection, query bson.D) *oplogSession {
+	// Use a fresh session for the tailer.
+	session := collection.Database.Session.Copy()
+	return &oplogSession{
+		session:    session,
+		collection: collection.With(session),
+		query:      query,
+	}
+}
+
+const oplogTailTimeout = time.Second
+
+func (s *oplogSession) NewIter(fromTimestamp bson.MongoTimestamp, excludeIds []int64) OplogIterator {
+	// When recreating the iterator (required when the cursor
+	// is invalidated) avoid reporting oplog entries that have
+	// already been reported.
+	sel := append(s.query,
+		bson.DocElem{"ts", bson.D{{"$gte", fromTimestamp}}},
+		bson.DocElem{"h", bson.D{{"$nin", excludeIds}}},
+	)
+
+	query := s.collection.Find(sel)
+	if isRealOplog(s.collection) {
+		// Apply an optimisation that is only supported with
+		// the real oplog.
+		query = query.LogReplay()
+	}
+
+	// Time the tail call out every second so that requests to
+	// stop can be honoured.
+	return query.Tail(oplogTailTimeout)
+}
+
+func (s *oplogSession) Close() {
+	s.session.Close()
+}
+
+// NewOplogTailer returns a new OplogTailer.
+//
+// Arguments:
+// - "session" determines the collection and filtering on records that
+//    should be returned.
 // - "initialTs" sets the operation timestamp to start returning
 //    results from. This can be used to avoid an expensive initial search
 //    through the oplog when the tailer first starts.
@@ -96,15 +166,11 @@
 // Remember to call Stop on the returned OplogTailer when it is no
 // longer needed.
 func NewOplogTailer(
-	oplog *mgo.Collection,
-	query bson.D,
+	session OplogSession,
 	initialTs time.Time,
 ) *OplogTailer {
-	// Use a fresh session for the tailer.
-	session := oplog.Database.Session.Copy()
 	t := &OplogTailer{
-		oplog:     oplog.With(session),
-		query:     query,
+		session:   session,
 		initialTs: NewMongoTimestamp(initialTs),
 		outCh:     make(chan *OplogDoc),
 	}
@@ -122,8 +188,7 @@
 // OplogTailer tails MongoDB's replication oplog.
 type OplogTailer struct {
 	tomb      tomb.Tomb
-	oplog     *mgo.Collection
-	query     bson.D
+	session   OplogSession
 	initialTs bson.MongoTimestamp
 	outCh     chan *OplogDoc
 }
@@ -153,10 +218,8 @@
 	return t.tomb.Err()
 }
 
-const oplogTailTimeout = time.Second
-
 func (t *OplogTailer) loop() error {
-	var iter *mgo.Iter
+	var iter OplogIterator
 
 	// lastTimestamp tracks the most recent oplog timestamp reported.
 	lastTimestamp := t.initialTs
@@ -178,28 +241,7 @@
 		}
 
 		if iter == nil {
-			// When recreating the iterator (required when the cursor
-			// is invalidated) avoid reporting oplog entries that have
-			// already been reported.
-			sel := append(t.query,
-				bson.DocElem{"ts", bson.D{{"$gte", lastTimestamp}}},
-				bson.DocElem{"h", bson.D{{"$nin", idsForLastTimestamp}}},
-			)
-			// Time the tail call out every second so that requests to
-			// stop can be honoured.
-			//
-			// TODO(mjs): Ideally -1 (no timeout) could be used here,
-			// with session.Close() being used to unblock Next() if
-			// the tailer should stop (these semantics are hinted at
-			// by the mgo docs). Unfortunately this can trigger
-			// panics. See: https://github.com/go-mgo/mgo/issues/121
-			query := t.oplog.Find(sel)
-			if isRealOplog(t.oplog) {
-				// Apply an optmisation that is only supported with
-				// the real oplog.
-				query = query.LogReplay()
-			}
-			iter = query.Tail(oplogTailTimeout)
+			iter = t.session.NewIter(lastTimestamp, idsForLastTimestamp)
 		}
 
 		var doc OplogDoc
@@ -222,18 +264,14 @@
 			if iter.Timeout() {
 				continue
 			}
-			// No timeout and no error so cursor must have
-			// expired. Force it to be recreated next loop by marking
-			// it as nil.
+			// Either there's no error or the error is an expired
+			// cursor. Force recreating the iterator next loop by
+			// marking it as nil.
 			iter = nil
 		}
 	}
 }
 
-func isRealOplog(c *mgo.Collection) bool {
-	return c.Database.Name == "local" && c.Name == "oplog.rs"
-}
-
 func (t *OplogTailer) dying() bool {
 	select {
 	case <-t.tomb.Dying():
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/oplog_test.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/oplog_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/oplog_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/oplog_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package mongo_test
 
 import (
+	"errors"
+	"reflect"
 	"time"
 
 	jujutesting "github.com/juju/testing"
@@ -30,8 +32,10 @@
 	// DB.
 	oplog := mongo.GetOplog(session)
 	tailer := mongo.NewOplogTailer(
-		oplog,
-		bson.D{{"ns", "foo.bar"}},
+		mongo.NewOplogSession(
+			oplog,
+			bson.D{{"ns", "foo.bar"}},
+		),
 		time.Now().Add(-time.Minute),
 	)
 	defer tailer.Stop()
@@ -80,7 +84,7 @@
 		)
 	}
 
-	tailer := mongo.NewOplogTailer(oplog, nil, t)
+	tailer := mongo.NewOplogTailer(mongo.NewOplogSession(oplog, nil), t)
 	defer tailer.Stop()
 
 	for offset := 0; offset <= 1; offset++ {
@@ -94,7 +98,7 @@
 	_, session := s.startMongo(c)
 
 	oplog := s.makeFakeOplog(c, session)
-	tailer := mongo.NewOplogTailer(oplog, nil, time.Time{})
+	tailer := mongo.NewOplogTailer(mongo.NewOplogSession(oplog, nil), time.Time{})
 	defer tailer.Stop()
 
 	s.insertDoc(c, session, oplog, &mongo.OplogDoc{Timestamp: 1})
@@ -107,69 +111,62 @@
 	c.Assert(tailer.Err(), jc.ErrorIsNil)
 }
 
-func (s *oplogSuite) TestRestartsOnError(c *gc.C) {
-	_, session := s.startMongo(c)
-
-	oplog := s.makeFakeOplog(c, session)
-	tailer := mongo.NewOplogTailer(oplog, nil, time.Time{})
+func (s *oplogSuite) TestRestartsOnErrCursor(c *gc.C) {
+	session := newFakeSession(
+		// First iterator terminates with an ErrCursor
+		newFakeIterator(mgo.ErrCursor, &mongo.OplogDoc{Timestamp: 1, OperationId: 99}),
+		newFakeIterator(nil, &mongo.OplogDoc{Timestamp: 2, OperationId: 42}),
+	)
+	tailer := mongo.NewOplogTailer(session, time.Time{})
 	defer tailer.Stop()
 
-	// First, ensure that the tailer is seeing oplog inserts.
-	s.insertDoc(c, session, oplog, &mongo.OplogDoc{
-		Timestamp:   1,
-		OperationId: 99,
-	})
+	// First, ensure that the tailer is seeing oplog rows and handles
+	// the ErrCursor that occurs at the end.
 	doc := s.getNextOplog(c, tailer)
-	c.Assert(doc.Timestamp, gc.Equals, bson.MongoTimestamp(1))
-
-	s.emptyCapped(c, oplog)
+	c.Check(doc.Timestamp, gc.Equals, bson.MongoTimestamp(1))
+	session.checkLastArgs(c, mongo.NewMongoTimestamp(time.Time{}), nil)
 
-	// Ensure that the tailer still works.
-	s.insertDoc(c, session, oplog, &mongo.OplogDoc{
-		Timestamp:   2,
-		OperationId: 42,
-	})
+	// Ensure that the tailer continues after getting a new iterator.
 	doc = s.getNextOplog(c, tailer)
-	c.Assert(doc.Timestamp, gc.Equals, bson.MongoTimestamp(2))
+	c.Check(doc.Timestamp, gc.Equals, bson.MongoTimestamp(2))
+	session.checkLastArgs(c, bson.MongoTimestamp(1), []int64{99})
 }
 
 func (s *oplogSuite) TestNoRepeatsAfterIterRestart(c *gc.C) {
-	_, session := s.startMongo(c)
-
-	oplog := s.makeFakeOplog(c, session)
-	tailer := mongo.NewOplogTailer(oplog, nil, time.Time{})
-	defer tailer.Stop()
-
-	// Insert a bunch of oplog entries with the same timestamp (but
-	// with different ids) and see them reported.
-	for id := int64(10); id < 15; id++ {
-		s.insertDoc(c, session, oplog, &mongo.OplogDoc{
+	// A bunch of documents with the same timestamp but different ids.
+	// These will be split across 2 iterators.
+	docs := make([]*mongo.OplogDoc, 11)
+	for i := 0; i < 10; i++ {
+		id := int64(i + 10)
+		docs[i] = &mongo.OplogDoc{
 			Timestamp:   1,
 			OperationId: id,
-		})
+		}
+	}
+	// Add one more with a different timestamp.
+	docs[10] = &mongo.OplogDoc{
+		Timestamp:   2,
+		OperationId: 42,
+	}
+	session := newFakeSession(
+		// First block of documents, all time 1
+		newFakeIterator(nil, docs[:5]...),
+		// Second block, some time 1, one time 2
+		newFakeIterator(nil, docs[5:]...),
+	)
+	tailer := mongo.NewOplogTailer(session, time.Time{})
+	defer tailer.Stop()
 
+	for id := int64(10); id < 15; id++ {
 		doc := s.getNextOplog(c, tailer)
 		c.Assert(doc.Timestamp, gc.Equals, bson.MongoTimestamp(1))
 		c.Assert(doc.OperationId, gc.Equals, id)
 	}
 
-	// Force the OplogTailer's iterator to be recreated.
-	s.emptyCapped(c, oplog)
+	// Check the query doesn't exclude any in the first request.
+	session.checkLastArgs(c, mongo.NewMongoTimestamp(time.Time{}), nil)
 
-	// Reinsert the oplog entries that were already there before and a
-	// few more.
-	for id := int64(10); id < 20; id++ {
-		s.insertDoc(c, session, oplog, &mongo.OplogDoc{
-			Timestamp:   1,
-			OperationId: id,
-		})
-	}
-
-	// Insert an entry for a later timestamp.
-	s.insertDoc(c, session, oplog, &mongo.OplogDoc{
-		Timestamp:   2,
-		OperationId: 42,
-	})
+	// The OplogTailer will fall off the end of the iterator and get a new one.
 
 	// Ensure that only previously unreported entries are now reported.
 	for id := int64(15); id < 20; id++ {
@@ -178,30 +175,27 @@
 		c.Assert(doc.OperationId, gc.Equals, id)
 	}
 
+	// Check we got the next block correctly
+	session.checkLastArgs(c, bson.MongoTimestamp(1), []int64{10, 11, 12, 13, 14})
+
 	doc := s.getNextOplog(c, tailer)
 	c.Assert(doc.Timestamp, gc.Equals, bson.MongoTimestamp(2))
 	c.Assert(doc.OperationId, gc.Equals, int64(42))
 }
 
 func (s *oplogSuite) TestDiesOnFatalError(c *gc.C) {
-	_, session := s.startMongo(c)
-	oplog := s.makeFakeOplog(c, session)
-	s.insertDoc(c, session, oplog, &mongo.OplogDoc{Timestamp: 1})
+	expectedErr := errors.New("oh no, the collection went away!")
+	session := newFakeSession(
+		newFakeIterator(expectedErr, &mongo.OplogDoc{Timestamp: 1}),
+	)
 
-	tailer := mongo.NewOplogTailer(oplog, nil, time.Time{})
+	tailer := mongo.NewOplogTailer(session, time.Time{})
 	defer tailer.Stop()
 
 	doc := s.getNextOplog(c, tailer)
 	c.Assert(doc.Timestamp, gc.Equals, bson.MongoTimestamp(1))
-
-	// Induce a fatal error by removing the oplog collection.
-	err := oplog.DropCollection()
-	c.Assert(err, jc.ErrorIsNil)
-
 	s.assertStopped(c, tailer)
-	// The actual error varies by MongoDB version so just check that
-	// there is one.
-	c.Assert(tailer.Err(), gc.Not(jc.ErrorIsNil))
+	c.Assert(tailer.Err(), gc.Equals, expectedErr)
 }
 
 func (s *oplogSuite) TestNewMongoTimestamp(c *gc.C) {
@@ -239,15 +233,11 @@
 }
 
 func (s *oplogSuite) startMongo(c *gc.C) (*jujutesting.MgoInstance, *mgo.Session) {
-	inst := &jujutesting.MgoInstance{
-		Params: []string{
-			"--setParameter", "enableTestCommands=1", // allows "emptycapped" command
-		},
-	}
+	var inst jujutesting.MgoInstance
 	err := inst.Start(nil)
 	c.Assert(err, jc.ErrorIsNil)
 	s.AddCleanup(func(*gc.C) { inst.Destroy() })
-	return inst, s.dialMongo(c, inst)
+	return &inst, s.dialMongo(c, &inst)
 }
 
 func (s *oplogSuite) emptyCapped(c *gc.C, coll *mgo.Collection) {
@@ -324,3 +314,87 @@
 		c.Fatal("tailer should have died")
 	}
 }
+
+type fakeIterator struct {
+	docs    []*mongo.OplogDoc
+	pos     int
+	err     error
+	timeout bool
+}
+
+func (i *fakeIterator) Next(result interface{}) bool {
+	if i.pos >= len(i.docs) {
+		return false
+	}
+	target := reflect.ValueOf(result).Elem()
+	target.Set(reflect.ValueOf(*i.docs[i.pos]))
+	i.pos++
+	return true
+}
+
+func (i *fakeIterator) Err() error {
+	if i.pos < len(i.docs) {
+		return nil
+	}
+	return i.err
+}
+
+func (i *fakeIterator) Timeout() bool {
+	if i.pos < len(i.docs) {
+		return false
+	}
+	return i.timeout
+}
+
+func newFakeIterator(err error, docs ...*mongo.OplogDoc) *fakeIterator {
+	return &fakeIterator{docs: docs, err: err}
+}
+
+type iterArgs struct {
+	timestamp  bson.MongoTimestamp
+	excludeIds []int64
+}
+
+type fakeSession struct {
+	iterators []*fakeIterator
+	pos       int
+	args      chan iterArgs
+}
+
+var timeoutIterator = fakeIterator{timeout: true}
+
+func (s *fakeSession) NewIter(ts bson.MongoTimestamp, ids []int64) mongo.OplogIterator {
+	if s.pos >= len(s.iterators) {
+		// We've run out of results - at this point the calls to get
+		// more data would just keep timing out.
+		return &timeoutIterator
+	}
+	select {
+	case <-time.After(coretesting.LongWait):
+		panic("took too long to save args")
+	case s.args <- iterArgs{ts, ids}:
+	}
+	result := s.iterators[s.pos]
+	s.pos++
+	return result
+}
+
+func (s *fakeSession) Close() {}
+
+func (s *fakeSession) checkLastArgs(c *gc.C, ts bson.MongoTimestamp, ids []int64) {
+	select {
+	case <-time.After(coretesting.LongWait):
+		c.Logf("timeout getting iter args - test problem")
+		c.FailNow()
+	case res := <-s.args:
+		c.Check(res.timestamp, gc.Equals, ts)
+		c.Check(res.excludeIds, gc.DeepEquals, ids)
+	}
+}
+
+func newFakeSession(iterators ...*fakeIterator) *fakeSession {
+	return &fakeSession{
+		iterators: iterators,
+		args:      make(chan iterArgs, 5),
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/service.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -210,10 +210,8 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
-	if err := svc.Remove(); err != nil {
-		return errors.Trace(err)
-	}
 
+	logger.Debugf("installing mongo service")
 	if err := svc.Install(); err != nil {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/utils/data_cleansing.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/utils/data_cleansing.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/utils/data_cleansing.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/utils/data_cleansing.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,54 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package utils
+
+import "strings"
+
+// EscapeKeys is used to escape bad keys in a map. A statusDoc without
+// escaped keys is broken.
+func EscapeKeys(input map[string]interface{}) map[string]interface{} {
+	return mapKeys(escapeReplacer.Replace, input)
+}
+
+// UnescapeKeys is used to restore escaped keys from a map to their
+// original values.
+func UnescapeKeys(input map[string]interface{}) map[string]interface{} {
+	return mapKeys(unescapeReplacer.Replace, input)
+}
+
+// EscapeString escapes a string to be safe to store in Mongo.
+func EscapeString(s string) string {
+	return escapeReplacer.Replace(s)
+}
+
+// UnescapeString restores escaped characters from a string to their
+// original values.
+func UnescapeString(s string) string {
+	return unescapeReplacer.Replace(s)
+}
+
+// See: http://docs.mongodb.org/manual/faq/developers/#faq-dollar-sign-escaping
+// for why we're using those replacements.
+const (
+	fullWidthDot    = "\uff0e"
+	fullWidthDollar = "\uff04"
+)
+
+var (
+	escapeReplacer   = strings.NewReplacer(".", fullWidthDot, "$", fullWidthDollar)
+	unescapeReplacer = strings.NewReplacer(fullWidthDot, ".", fullWidthDollar, "$")
+)
+
+// mapKeys returns a copy of the supplied map, with all nested map[string]interface{}
+// keys transformed by f. All other types are ignored.
+func mapKeys(f func(string) string, input map[string]interface{}) map[string]interface{} {
+	result := make(map[string]interface{})
+	for key, value := range input {
+		if submap, ok := value.(map[string]interface{}); ok {
+			value = mapKeys(f, submap)
+		}
+		result[f(key)] = value
+	}
+	return result
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/utils/data_cleansing_test.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/utils/data_cleansing_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/utils/data_cleansing_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/utils/data_cleansing_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,110 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package utils_test
+
+import (
+	"github.com/juju/juju/mongo/utils"
+	"github.com/juju/testing"
+	gc "gopkg.in/check.v1"
+)
+
+type dataCleansingSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&dataCleansingSuite{})
+
+func (s *dataCleansingSuite) TestEscapeKeys_EscapesPeriods(c *gc.C) {
+	before := map[string]interface{}{
+		"a.b": "c",
+	}
+	after := utils.EscapeKeys(before)
+
+	c.Check(after, gc.DeepEquals, map[string]interface{}{
+		"a" + "\uff0e" + "b": "c",
+	})
+}
+
+func (s *dataCleansingSuite) TestEscapeKeys_EscapesDollarSigns(c *gc.C) {
+	before := map[string]interface{}{
+		"$a": "c",
+	}
+	after := utils.EscapeKeys(before)
+
+	c.Check(after, gc.DeepEquals, map[string]interface{}{
+		"\uff04" + "a": "c",
+	})
+}
+
+func (s *dataCleansingSuite) TestEscapeKeys_RecursivelyEscapes(c *gc.C) {
+	before := map[string]interface{}{
+		"$a": "c",
+		"b": map[string]interface{}{
+			"$foo.bar": "baz",
+		},
+	}
+	after := utils.EscapeKeys(before)
+
+	c.Check(after, gc.DeepEquals, map[string]interface{}{
+		"\uff04" + "a": "c",
+		"b": map[string]interface{}{
+			"\uff04" + "foo" + "\uff0e" + "bar": "baz",
+		},
+	})
+}
+
+func (s *dataCleansingSuite) TestUnescapeKey_UnescapesPeriods(c *gc.C) {
+	before := map[string]interface{}{
+		"a" + "\uff0e" + "b": "c",
+	}
+	after := utils.UnescapeKeys(before)
+
+	c.Check(after, gc.DeepEquals, map[string]interface{}{
+		"a.b": "c",
+	})
+}
+
+func (s *dataCleansingSuite) TestUnescapeKey_UnescapesDollarSigns(c *gc.C) {
+	before := map[string]interface{}{
+		"\uff04" + "a": "c",
+	}
+	after := utils.UnescapeKeys(before)
+
+	c.Check(after, gc.DeepEquals, map[string]interface{}{
+		"$a": "c",
+	})
+}
+
+func (s *dataCleansingSuite) TestUnescapeKeys_RecursivelyUnescapes(c *gc.C) {
+	before := map[string]interface{}{
+		"\uff04" + "a": "c",
+		"b": map[string]interface{}{
+			"\uff04" + "foo" + "\uff0e" + "bar": "baz",
+		},
+	}
+	after := utils.UnescapeKeys(before)
+
+	c.Check(after, gc.DeepEquals, map[string]interface{}{
+		"$a": "c",
+		"b": map[string]interface{}{
+			"$foo.bar": "baz",
+		},
+	})
+}
+
+func (s *dataCleansingSuite) TestEscapeString_EscapesPeriods(c *gc.C) {
+	c.Check("a"+"\uff0e"+"b", gc.Equals, utils.EscapeString("a.b"))
+}
+
+func (s *dataCleansingSuite) TestEscapeString_EscapesDollarSigns(c *gc.C) {
+	c.Check("\uff04"+"a", gc.Equals, utils.EscapeString("$a"))
+}
+
+func (s *dataCleansingSuite) TestUnescapeString_UnescapesPeriod(c *gc.C) {
+	c.Check(utils.UnescapeString("a"+"\uff0e"+"b"), gc.Equals, "a.b")
+}
+
+func (s *dataCleansingSuite) TestUnescapeString_UnescapesDollarSigns(c *gc.C) {
+	c.Check(utils.UnescapeString("\uff04"+"a"), gc.Equals, "$a")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/mongo/utils/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/mongo/utils/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/mongo/utils/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/mongo/utils/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package utils_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/address.go juju-core-2.0~beta12/src/github.com/juju/juju/network/address.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/address.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/address.go	2016-07-18 19:45:44.000000000 +0000
@@ -251,12 +251,8 @@
 }
 
 // ExactScopeMatch checks if an address exactly matches any of the specified
-// scopes. An address will not match if globalPreferIPv6 is set and it isn't an
-// IPv6 address.
+// scopes.
 func ExactScopeMatch(addr Address, addrScopes ...Scope) bool {
-	if PreferIPv6() && addr.Type != IPv6Address {
-		return false
-	}
 	for _, scope := range addrScopes {
 		if addr.Scope == scope {
 			return true
@@ -276,9 +272,9 @@
 	}
 
 	if len(spaceNames) == 0 {
-		logger.Warningf("no spaces to select addresses from")
+		logger.Errorf("no spaces to select addresses from")
 	} else {
-		logger.Warningf("no addresses found in spaces %s", spaceNames)
+		logger.Errorf("no addresses found in spaces %s", spaceNames)
 	}
 	return Address{}, false
 }
@@ -287,7 +283,7 @@
 // the given space name associated.
 func SelectHostsPortBySpaces(hps []HostPort, spaceNames ...SpaceName) ([]HostPort, bool) {
 	if len(spaceNames) == 0 {
-		logger.Warningf("host ports not filtered - no spaces given.")
+		logger.Errorf("host ports not filtered - no spaces given.")
 		return hps, false
 	}
 
@@ -303,7 +299,7 @@
 		return selectedHostPorts, true
 	}
 
-	logger.Warningf("no hostPorts found in spaces %s", spaceNames)
+	logger.Errorf("no hostPorts found in spaces %s", spaceNames)
 	return hps, false
 }
 
@@ -355,7 +351,7 @@
 // are no suitable addresses, then ok is false (and an empty address is
 // returned). If a suitable address is then ok is true.
 func SelectPublicAddress(addresses []Address) (Address, bool) {
-	index := bestAddressIndex(len(addresses), PreferIPv6(), func(i int) Address {
+	index := bestAddressIndex(len(addresses), func(i int) Address {
 		return addresses[i]
 	}, publicMatch)
 	if index < 0 {
@@ -368,7 +364,7 @@
 // appropriate to display as a publicly accessible endpoint. If there
 // are no suitable candidates, the empty string is returned.
 func SelectPublicHostPort(hps []HostPort) string {
-	index := bestAddressIndex(len(hps), PreferIPv6(), func(i int) Address {
+	index := bestAddressIndex(len(hps), func(i int) Address {
 		return hps[i].Address
 	}, publicMatch)
 	if index < 0 {
@@ -382,7 +378,7 @@
 // are no suitable addresses, then ok is false (and an empty address is
 // returned). If a suitable address was found then ok is true.
 func SelectInternalAddress(addresses []Address, machineLocal bool) (Address, bool) {
-	index := bestAddressIndex(len(addresses), PreferIPv6(), func(i int) Address {
+	index := bestAddressIndex(len(addresses), func(i int) Address {
 		return addresses[i]
 	}, internalAddressMatcher(machineLocal))
 	if index < 0 {
@@ -396,7 +392,7 @@
 // in its NetAddr form. If there are no suitable addresses, the empty
 // string is returned.
 func SelectInternalHostPort(hps []HostPort, machineLocal bool) string {
-	index := bestAddressIndex(len(hps), PreferIPv6(), func(i int) Address {
+	index := bestAddressIndex(len(hps), func(i int) Address {
 		return hps[i].Address
 	}, internalAddressMatcher(machineLocal))
 	if index < 0 {
@@ -410,7 +406,7 @@
 // communication and returns them in NetAddr form. If there are no
 // suitable addresses, an empty slice is returned.
 func SelectInternalHostPorts(hps []HostPort, machineLocal bool) []string {
-	indexes := bestAddressIndexes(len(hps), PreferIPv6(), func(i int) Address {
+	indexes := bestAddressIndexes(len(hps), func(i int) Address {
 		return hps[i].Address
 	}, internalAddressMatcher(machineLocal))
 
@@ -426,7 +422,7 @@
 // returns them in NetAddr form. If there are no suitable addresses
 // then an empty slice is returned.
 func PrioritizeInternalHostPorts(hps []HostPort, machineLocal bool) []string {
-	indexes := prioritizedAddressIndexes(len(hps), PreferIPv6(), func(i int) Address {
+	indexes := prioritizedAddressIndexes(len(hps), func(i int) Address {
 		return hps[i].Address
 	}, internalAddressMatcher(machineLocal))
 
@@ -437,56 +433,38 @@
 	return out
 }
 
-func publicMatch(addr Address, preferIPv6 bool) scopeMatch {
+func publicMatch(addr Address) scopeMatch {
 	switch addr.Scope {
 	case ScopePublic:
-		return mayPreferIPv6(addr, exactScope, preferIPv6)
+		return exactScope
 	case ScopeCloudLocal, ScopeUnknown:
-		return mayPreferIPv6(addr, fallbackScope, preferIPv6)
+		return fallbackScope
 	}
 	return invalidScope
 }
 
-// mayPreferIPv6 returns mismatchedTypeExactScope or
-// mismatchedTypeFallbackScope (depending on originalScope) if addr's
-// type is IPv4, and preferIPv6 is true. When preferIPv6 is false, or
-// addr's type is IPv6 and preferIPv6 is true, returns the
-// originalScope unchanged.
-func mayPreferIPv6(addr Address, originalScope scopeMatch, preferIPv6 bool) scopeMatch {
-	if preferIPv6 && addr.Type != IPv6Address {
-		switch originalScope {
-		case exactScope:
-			return mismatchedTypeExactScope
-		case fallbackScope:
-			return mismatchedTypeFallbackScope
-		}
-		return invalidScope
-	}
-	return originalScope
-}
-
-func internalAddressMatcher(machineLocal bool) func(Address, bool) scopeMatch {
+func internalAddressMatcher(machineLocal bool) scopeMatchFunc {
 	if machineLocal {
 		return cloudOrMachineLocalMatch
 	}
 	return cloudLocalMatch
 }
 
-func cloudLocalMatch(addr Address, preferIPv6 bool) scopeMatch {
+func cloudLocalMatch(addr Address) scopeMatch {
 	switch addr.Scope {
 	case ScopeCloudLocal:
-		return mayPreferIPv6(addr, exactScope, preferIPv6)
+		return exactScope
 	case ScopePublic, ScopeUnknown:
-		return mayPreferIPv6(addr, fallbackScope, preferIPv6)
+		return fallbackScope
 	}
 	return invalidScope
 }
 
-func cloudOrMachineLocalMatch(addr Address, preferIPv6 bool) scopeMatch {
+func cloudOrMachineLocalMatch(addr Address) scopeMatch {
 	if addr.Scope == ScopeMachineLocal {
-		return mayPreferIPv6(addr, exactScope, preferIPv6)
+		return exactScope
 	}
-	return cloudLocalMatch(addr, preferIPv6)
+	return cloudLocalMatch(addr)
 }
 
 type scopeMatch int
@@ -495,33 +473,32 @@
 	invalidScope scopeMatch = iota
 	exactScope
 	fallbackScope
-	mismatchedTypeExactScope
-	mismatchedTypeFallbackScope
 )
 
-// bestAddressIndexes returns the indexes of the addresses with the
-// best matching scope (according to the match func). An empty slice
-// is returned if there were no suitable addresses.
-func bestAddressIndex(numAddr int, preferIPv6 bool, getAddr func(i int) Address, match func(addr Address, preferIPv6 bool) scopeMatch) int {
-	indexes := bestAddressIndexes(numAddr, preferIPv6, getAddr, match)
+type scopeMatchFunc func(addr Address) scopeMatch
+
+type addressByIndexFunc func(index int) Address
+
+// bestAddressIndex returns the index of the addresses with the best matching
+// scope (according to the matchFunc). -1 is returned if there were no suitable
+// addresses.
+func bestAddressIndex(numAddr int, getAddrFunc addressByIndexFunc, matchFunc scopeMatchFunc) int {
+	indexes := bestAddressIndexes(numAddr, getAddrFunc, matchFunc)
 	if len(indexes) > 0 {
 		return indexes[0]
 	}
 	return -1
 }
 
-// bestAddressIndexes returns the indexes of the addresses with the
-// best matching scope and type (according to the match func). An
-// empty slice is returned if there were no suitable addresses.
-func bestAddressIndexes(numAddr int, preferIPv6 bool, getAddr func(i int) Address, match func(addr Address, preferIPv6 bool) scopeMatch) []int {
+// bestAddressIndexes returns the indexes of the addresses with the best
+// matching scope and type (according to the matchFunc). An empty slice is
+// returned if there were no suitable addresses.
+func bestAddressIndexes(numAddr int, getAddrFunc addressByIndexFunc, matchFunc scopeMatchFunc) []int {
 	// Categorise addresses by scope and type matching quality.
-	matches := filterAndCollateAddressIndexes(numAddr, preferIPv6, getAddr, match)
+	matches := filterAndCollateAddressIndexes(numAddr, getAddrFunc, matchFunc)
 
 	// Retrieve the indexes of the addresses with the best scope and type match.
 	allowedMatchTypes := []scopeMatch{exactScope, fallbackScope}
-	if preferIPv6 {
-		allowedMatchTypes = append(allowedMatchTypes, mismatchedTypeExactScope, mismatchedTypeFallbackScope)
-	}
 	for _, matchType := range allowedMatchTypes {
 		indexes, ok := matches[matchType]
 		if ok && len(indexes) > 0 {
@@ -531,15 +508,12 @@
 	return []int{}
 }
 
-func prioritizedAddressIndexes(numAddr int, preferIPv6 bool, getAddr func(i int) Address, match func(addr Address, preferIPv6 bool) scopeMatch) []int {
+func prioritizedAddressIndexes(numAddr int, getAddrFunc addressByIndexFunc, matchFunc scopeMatchFunc) []int {
 	// Categorise addresses by scope and type matching quality.
-	matches := filterAndCollateAddressIndexes(numAddr, preferIPv6, getAddr, match)
+	matches := filterAndCollateAddressIndexes(numAddr, getAddrFunc, matchFunc)
 
 	// Retrieve the indexes of the addresses with the best scope and type match.
 	allowedMatchTypes := []scopeMatch{exactScope, fallbackScope}
-	if preferIPv6 {
-		allowedMatchTypes = append(allowedMatchTypes, mismatchedTypeExactScope, mismatchedTypeFallbackScope)
-	}
 	var prioritized []int
 	for _, matchType := range allowedMatchTypes {
 		indexes, ok := matches[matchType]
@@ -550,31 +524,27 @@
 	return prioritized
 }
 
-func filterAndCollateAddressIndexes(numAddr int, preferIPv6 bool, getAddr func(i int) Address, match func(addr Address, preferIPv6 bool) scopeMatch) map[scopeMatch][]int {
+func filterAndCollateAddressIndexes(numAddr int, getAddrFunc addressByIndexFunc, matchFunc scopeMatchFunc) map[scopeMatch][]int {
 	// Categorise addresses by scope and type matching quality.
 	matches := make(map[scopeMatch][]int)
 	for i := 0; i < numAddr; i++ {
-		matchType := match(getAddr(i), preferIPv6)
+		matchType := matchFunc(getAddrFunc(i))
 		switch matchType {
-		case exactScope, fallbackScope, mismatchedTypeExactScope, mismatchedTypeFallbackScope:
+		case exactScope, fallbackScope:
 			matches[matchType] = append(matches[matchType], i)
 		}
 	}
 	return matches
 }
 
-// sortOrder calculates the "weight" of the address when sorting,
-// taking into account the preferIPv6 flag:
+// sortOrder calculates the "weight" of the address when sorting:
 // - public IPs first;
 // - hostnames after that, but "localhost" will be last if present;
 // - cloud-local next;
 // - machine-local next;
 // - link-local next;
 // - non-hostnames with unknown scope last.
-//
-// When preferIPv6 flag and the address type do not match, the order
-// is incremented to put non-preferred addresses after preferred.
-func (a Address) sortOrder(preferIPv6 bool) int {
+func (a Address) sortOrder() int {
 	order := 0xFF
 	switch a.Scope {
 	case ScopePublic:
@@ -592,14 +562,10 @@
 		if a.Value == "localhost" {
 			order++
 		}
-	case IPv4Address:
-		if preferIPv6 {
-			order++
-		}
 	case IPv6Address:
-		if !preferIPv6 {
-			order++
-		}
+		// Prefer IPv4 over IPv6 addresses.
+		order++
+	case IPv4Address:
 	}
 	return order
 }
@@ -611,38 +577,18 @@
 func (a addressesPreferringIPv4Slice) Less(i, j int) bool {
 	addr1 := a[i]
 	addr2 := a[j]
-	order1 := addr1.sortOrder(false)
-	order2 := addr2.sortOrder(false)
-	if order1 == order2 {
-		return addr1.Value < addr2.Value
-	}
-	return order1 < order2
-}
-
-type addressesPreferringIPv6Slice struct {
-	addressesPreferringIPv4Slice
-}
-
-func (a addressesPreferringIPv6Slice) Less(i, j int) bool {
-	addr1 := a.addressesPreferringIPv4Slice[i]
-	addr2 := a.addressesPreferringIPv4Slice[j]
-	order1 := addr1.sortOrder(true)
-	order2 := addr2.sortOrder(true)
+	order1 := addr1.sortOrder()
+	order2 := addr2.sortOrder()
 	if order1 == order2 {
 		return addr1.Value < addr2.Value
 	}
 	return order1 < order2
 }
 
-// SortAddresses sorts the given Address slice according to the
-// sortOrder of each address and the preferIpv6 flag. See
-// Address.sortOrder() for more info.
-func SortAddresses(addrs []Address, preferIPv6 bool) {
-	if preferIPv6 {
-		sort.Sort(addressesPreferringIPv6Slice{addressesPreferringIPv4Slice(addrs)})
-	} else {
-		sort.Sort(addressesPreferringIPv4Slice(addrs))
-	}
+// SortAddresses sorts the given Address slice according to the sortOrder of
+// each address. See Address.sortOrder() for more info.
+func SortAddresses(addrs []Address) {
+	sort.Sort(addressesPreferringIPv4Slice(addrs))
 }
 
 // DecimalToIPv4 converts a decimal to the dotted quad IP address format.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/address_test.go juju-core-2.0~beta12/src/github.com/juju/juju/network/address_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/address_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/address_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -248,7 +248,6 @@
 	about         string
 	addresses     []network.Address
 	expectedIndex int
-	preferIPv6    bool
 }
 
 // expected returns the expected address for the test.
@@ -263,21 +262,18 @@
 	"no addresses gives empty string result",
 	[]network.Address{},
 	-1,
-	false,
 }, {
 	"a public IPv4 address is selected",
 	[]network.Address{
 		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
 	},
 	0,
-	false,
 }, {
 	"a public IPv6 address is selected",
 	[]network.Address{
 		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
 	},
 	0,
-	false,
 }, {
 	"first public address is selected",
 	[]network.Address{
@@ -285,7 +281,6 @@
 		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
 	},
 	0,
-	false,
 }, {
 	"the first public address is selected when cloud local fallbacks exist",
 	[]network.Address{
@@ -295,38 +290,24 @@
 		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
 	},
 	1,
-	false,
-}, {
-	"IPv6 public address is preferred to a cloud local one when preferIPv6 is true",
-	[]network.Address{
-		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
-		network.NewScopedAddress("172.16.1.1", network.ScopeCloudLocal),
-		network.NewScopedAddress("fc00:1", network.ScopeCloudLocal),
-		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
-	},
-	3,
-	true,
 }, {
 	"a machine IPv4 local address is not selected",
 	[]network.Address{
 		network.NewScopedAddress("127.0.0.1", network.ScopeMachineLocal),
 	},
 	-1,
-	false,
 }, {
 	"a machine IPv6 local address is not selected",
 	[]network.Address{
 		network.NewScopedAddress("::1", network.ScopeMachineLocal),
 	},
 	-1,
-	false,
 }, {
 	"a link-local IPv4 address is not selected",
 	[]network.Address{
 		network.NewScopedAddress("169.254.1.1", network.ScopeLinkLocal),
 	},
 	-1,
-	false,
 }, {
 	"a link-local (multicast or not) IPv6 address is not selected",
 	[]network.Address{
@@ -335,7 +316,6 @@
 		network.NewScopedAddress("ff02::1:1", network.ScopeLinkLocal),
 	},
 	-1,
-	false,
 }, {
 	"a public name is preferred to an unknown or cloud local address",
 	[]network.Address{
@@ -345,7 +325,6 @@
 		network.NewScopedAddress("public.invalid.testing", network.ScopePublic),
 	},
 	3,
-	false,
 }, {
 	"first unknown address selected",
 	// NOTE(dimitern): Not using NewScopedAddress() below as it derives the
@@ -355,7 +334,6 @@
 		{Value: "8.8.8.8", Scope: network.ScopeUnknown},
 	},
 	0,
-	false,
 }, {
 	"first public address is picked when both public IPs and public hostnames exist",
 	[]network.Address{
@@ -364,27 +342,11 @@
 		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
 	},
 	1,
-	false,
-}, {
-	"first public IPv6 address is picked when both public IPs and public hostnames exist when preferIPv6 is true",
-	[]network.Address{
-		network.NewScopedAddress("10.0.0.1", network.ScopeUnknown),
-		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
-		network.NewScopedAddress("example.com", network.ScopePublic),
-		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
-	},
-	3,
-	true,
 }}
 
 func (s *AddressSuite) TestSelectPublicAddress(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t := range selectPublicTests {
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		expectAddr, expectOK := t.expected()
 		actualAddr, actualOK := network.SelectPublicAddress(t.addresses)
 		c.Check(actualOK, gc.Equals, expectOK)
@@ -396,39 +358,18 @@
 	"no addresses gives empty string result",
 	[]network.Address{},
 	-1,
-	false,
 }, {
 	"a public IPv4 address is selected",
 	[]network.Address{
 		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
 	},
 	0,
-	false,
 }, {
 	"a public IPv6 address is selected",
 	[]network.Address{
 		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
 	},
 	0,
-	false,
-}, {
-	"a public IPv6 address is selected when both IPv4 and IPv6 addresses exist and preferIPv6 is true",
-	[]network.Address{
-		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
-		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
-	},
-	1,
-	true,
-}, {
-	"the first public IPv4 address is selected when preferIPv6 is true and no IPv6 addresses",
-	[]network.Address{
-		network.NewScopedAddress("127.0.0.1", network.ScopeMachineLocal),
-		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
-		network.NewScopedAddress("169.254.1.1", network.ScopeLinkLocal),
-		network.NewScopedAddress("8.8.4.4", network.ScopePublic),
-	},
-	1,
-	true,
 }, {
 	"a cloud local IPv4 address is selected",
 	[]network.Address{
@@ -436,7 +377,6 @@
 		network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal),
 	},
 	1,
-	false,
 }, {
 	"a cloud local IPv6 address is selected",
 	[]network.Address{
@@ -444,7 +384,6 @@
 		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
 	},
 	0,
-	false,
 }, {
 	"a machine local or link-local address is not selected",
 	[]network.Address{
@@ -453,7 +392,6 @@
 		network.NewScopedAddress("fe80::1", network.ScopeLinkLocal),
 	},
 	-1,
-	false,
 }, {
 	"a cloud local address is preferred to a public address",
 	[]network.Address{
@@ -463,9 +401,8 @@
 		network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal),
 	},
 	1,
-	false,
 }, {
-	"an IPv6 cloud local address is preferred to a public address when preferIPv6 is true",
+	"an IPv6 cloud local address is preferred to a public address if the former appears first",
 	[]network.Address{
 		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
 		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
@@ -473,17 +410,11 @@
 		network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal),
 	},
 	2,
-	false,
 }}
 
 func (s *AddressSuite) TestSelectInternalAddress(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t := range selectInternalTests {
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		expectAddr, expectOK := t.expected()
 		actualAddr, actualOK := network.SelectInternalAddress(t.addresses, false)
 		c.Check(actualOK, gc.Equals, expectOK)
@@ -500,9 +431,8 @@
 		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
 	},
 	0,
-	false,
 }, {
-	"first cloud local hostname is selected when preferIPv6 is false",
+	"first cloud local hostname is selected",
 	[]network.Address{
 		network.NewScopedAddress("example.com", network.ScopePublic),
 		network.NewScopedAddress("cloud1.internal", network.ScopeCloudLocal),
@@ -510,46 +440,6 @@
 		network.NewScopedAddress("example.org", network.ScopePublic),
 	},
 	1,
-	false,
-}, {
-	"first cloud local hostname is selected when preferIPv6 is true (public first)",
-	[]network.Address{
-		network.NewScopedAddress("example.org", network.ScopePublic),
-		network.NewScopedAddress("example.com", network.ScopePublic),
-		network.NewScopedAddress("cloud1.internal", network.ScopeCloudLocal),
-		network.NewScopedAddress("cloud2.internal", network.ScopeCloudLocal),
-	},
-	2,
-	true,
-}, {
-	"first cloud local hostname is selected when preferIPv6 is true (public last)",
-	[]network.Address{
-		network.NewScopedAddress("cloud1.internal", network.ScopeCloudLocal),
-		network.NewScopedAddress("cloud2.internal", network.ScopeCloudLocal),
-		network.NewScopedAddress("example.org", network.ScopePublic),
-		network.NewScopedAddress("example.com", network.ScopePublic),
-	},
-	0,
-	true,
-}, {
-	"first IPv6 cloud local address is selected when preferIPv6 is true",
-	[]network.Address{
-		network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal),
-		network.NewScopedAddress("8.8.8.8", network.ScopePublic),
-		network.NewScopedAddress("fc00::1", network.ScopeCloudLocal),
-		network.NewScopedAddress("2001:db8::1", network.ScopePublic),
-	},
-	2,
-	true,
-}, {
-	"first IPv4 cloud local address is selected when preferIPv6 is true and no IPv6 addresses",
-	[]network.Address{
-		network.NewScopedAddress("169.254.1.1", network.ScopeLinkLocal),
-		network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal),
-		network.NewScopedAddress("172.16.1.1", network.ScopeCloudLocal),
-	},
-	1,
-	true,
 }, {
 	"first machine local address is selected",
 	[]network.Address{
@@ -557,27 +447,8 @@
 		network.NewScopedAddress("::1", network.ScopeMachineLocal),
 	},
 	0,
-	false,
-}, {
-	"first IPv6 machine local address is selected when preferIPv6 is true",
-	[]network.Address{
-		network.NewScopedAddress("127.0.0.1", network.ScopeMachineLocal),
-		network.NewScopedAddress("::1", network.ScopeMachineLocal),
-		network.NewScopedAddress("fe80::1", network.ScopeLinkLocal),
-	},
-	1,
-	true,
 }, {
-	"first IPv4 machine local address is selected when preferIPv6 is true and no IPv6 addresses",
-	[]network.Address{
-		network.NewScopedAddress("169.254.1.1", network.ScopeLinkLocal),
-		network.NewScopedAddress("127.0.0.1", network.ScopeMachineLocal),
-		network.NewScopedAddress("127.0.0.2", network.ScopeMachineLocal),
-	},
-	1,
-	true,
-}, {
-	"first machine local address is selected when preferIPv6 is false even with public/cloud hostnames",
+	"first machine local address is selected even with public/cloud hostnames",
 	[]network.Address{
 		network.NewScopedAddress("public.example.com", network.ScopePublic),
 		network.NewScopedAddress("::1", network.ScopeMachineLocal),
@@ -588,9 +459,8 @@
 		network.NewScopedAddress("127.0.0.2", network.ScopeMachineLocal),
 	},
 	1,
-	false,
 }, {
-	"first cloud local hostname is selected when preferIPv6 is false even with other machine/cloud addresses",
+	"first cloud local hostname is selected even with other machine/cloud addresses",
 	[]network.Address{
 		network.NewScopedAddress("169.254.1.1", network.ScopeLinkLocal),
 		network.NewScopedAddress("cloud-unknown.internal", network.ScopeUnknown),
@@ -600,42 +470,11 @@
 		network.NewScopedAddress("127.0.0.2", network.ScopeMachineLocal),
 	},
 	2,
-	false,
-}, {
-	"first IPv6 machine local address is selected when preferIPv6 is true even with public/cloud hostnames",
-	[]network.Address{
-		network.NewScopedAddress("127.0.0.1", network.ScopeMachineLocal),
-		network.NewScopedAddress("public.example.com", network.ScopePublic),
-		network.NewScopedAddress("unknown.example.com", network.ScopeUnknown),
-		network.NewScopedAddress("cloud.internal", network.ScopeCloudLocal),
-		network.NewScopedAddress("::1", network.ScopeMachineLocal),
-		network.NewScopedAddress("fe80::1", network.ScopeLinkLocal),
-	},
-	4,
-	true,
-}, {
-	"first IPv6 cloud local address is selected when preferIPv6 is true even with cloud local hostnames",
-	[]network.Address{
-		network.NewScopedAddress("169.254.1.1", network.ScopeLinkLocal),
-		network.NewScopedAddress("cloud-unknown.internal", network.ScopeUnknown),
-		network.NewScopedAddress("cloud-local.internal", network.ScopeCloudLocal),
-		network.NewScopedAddress("fc00::1", network.ScopeCloudLocal),
-		network.NewScopedAddress("127.0.0.1", network.ScopeMachineLocal),
-		network.NewScopedAddress("fc00::2", network.ScopeCloudLocal),
-		network.NewScopedAddress("127.0.0.2", network.ScopeMachineLocal),
-	},
-	3,
-	true,
 }}
 
 func (s *AddressSuite) TestSelectInternalMachineAddress(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t := range selectInternalMachineTests {
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		expectAddr, expectOK := t.expected()
 		actualAddr, actualOK := network.SelectInternalAddress(t.addresses, true)
 		c.Check(actualOK, gc.Equals, expectOK)
@@ -644,33 +483,21 @@
 }
 
 type selectInternalHostPortsTest struct {
-	about      string
-	addresses  []network.HostPort
-	expected   []string
-	preferIPv6 bool
+	about     string
+	addresses []network.HostPort
+	expected  []string
 }
 
 var selectInternalHostPortsTests = []selectInternalHostPortsTest{{
 	"no addresses gives empty string result",
 	[]network.HostPort{},
 	[]string{},
-	false,
 }, {
 	"a public IPv4 address is selected",
 	[]network.HostPort{
 		{network.NewScopedAddress("8.8.8.8", network.ScopePublic), 9999},
 	},
 	[]string{"8.8.8.8:9999"},
-	false,
-}, {
-	"public IPv6 addresses selected when both IPv4 and IPv6 addresses exist and preferIPv6 is true",
-	[]network.HostPort{
-		{network.NewScopedAddress("8.8.8.8", network.ScopePublic), 9999},
-		{network.NewScopedAddress("2001:db8::1", network.ScopePublic), 8888},
-		{network.NewScopedAddress("2002:db8::1", network.ScopePublic), 9999},
-	},
-	[]string{"[2001:db8::1]:8888", "[2002:db8::1]:9999"},
-	true,
 }, {
 	"a cloud local IPv4 addresses are selected",
 	[]network.HostPort{
@@ -679,7 +506,6 @@
 		{network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal), 1234},
 	},
 	[]string{"10.1.0.1:8888", "10.0.0.1:1234"},
-	false,
 }, {
 	"a machine local or link-local address is not selected",
 	[]network.HostPort{
@@ -688,7 +514,6 @@
 		{network.NewScopedAddress("fe80::1", network.ScopeLinkLocal), 333},
 	},
 	[]string{},
-	false,
 }, {
 	"cloud local addresses are preferred to a public addresses",
 	[]network.HostPort{
@@ -698,25 +523,11 @@
 		{network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal), 4444},
 	},
 	[]string{"[fc00::1]:123", "10.0.0.1:4444"},
-	false,
-}, {
-	"IPv4 addresses are used when prefer-IPv6 is set but no IPv6 addresses are available",
-	[]network.HostPort{
-		{network.NewScopedAddress("8.8.8.8", network.ScopePublic), 123},
-		{network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal), 4444},
-	},
-	[]string{"10.0.0.1:4444"},
-	true,
 }}
 
 func (s *AddressSuite) TestSelectInternalHostPorts(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t := range selectInternalHostPortsTests {
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		c.Check(network.SelectInternalHostPorts(t.addresses, false), gc.DeepEquals, t.expected)
 	}
 }
@@ -725,23 +536,12 @@
 	"no addresses gives empty string result",
 	[]network.HostPort{},
 	[]string{},
-	false,
 }, {
 	"a public IPv4 address is selected",
 	[]network.HostPort{
 		{network.NewScopedAddress("8.8.8.8", network.ScopePublic), 9999},
 	},
 	[]string{"8.8.8.8:9999"},
-	false,
-}, {
-	"public IPv6 addresses selected when both IPv4 and IPv6 addresses exist and preferIPv6 is true",
-	[]network.HostPort{
-		{network.NewScopedAddress("8.8.8.8", network.ScopePublic), 9999},
-		{network.NewScopedAddress("2001:db8::1", network.ScopePublic), 8888},
-		{network.NewScopedAddress("2002:db8::1", network.ScopePublic), 9999},
-	},
-	[]string{"[2001:db8::1]:8888", "[2002:db8::1]:9999", "8.8.8.8:9999"},
-	true,
 }, {
 	"a cloud local IPv4 addresses are selected",
 	[]network.HostPort{
@@ -750,7 +550,6 @@
 		{network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal), 1234},
 	},
 	[]string{"10.1.0.1:8888", "10.0.0.1:1234", "8.8.8.8:123"},
-	false,
 }, {
 	"a machine local or link-local address is not selected",
 	[]network.HostPort{
@@ -759,7 +558,6 @@
 		{network.NewScopedAddress("fe80::1", network.ScopeLinkLocal), 333},
 	},
 	[]string{},
-	false,
 }, {
 	"cloud local addresses are preferred to a public addresses",
 	[]network.HostPort{
@@ -769,25 +567,11 @@
 		{network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal), 4444},
 	},
 	[]string{"[fc00::1]:123", "10.0.0.1:4444", "[2001:db8::1]:123", "8.8.8.8:123"},
-	false,
-}, {
-	"IPv4 addresses are used when prefer-IPv6 is set but no IPv6 addresses are available",
-	[]network.HostPort{
-		{network.NewScopedAddress("8.8.8.8", network.ScopePublic), 123},
-		{network.NewScopedAddress("10.0.0.1", network.ScopeCloudLocal), 4444},
-	},
-	[]string{"10.0.0.1:4444", "8.8.8.8:123"},
-	true,
 }}
 
 func (s *AddressSuite) TestPrioritizeInternalHostPorts(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t := range prioritizeInternalHostPortsTests {
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		prioritized := network.PrioritizeInternalHostPorts(t.addresses, false)
 		c.Check(prioritized, gc.DeepEquals, t.expected)
 	}
@@ -878,8 +662,7 @@
 		"example.com",
 		"8.8.8.8",
 	)
-	// Simulate prefer-ipv6: false first.
-	network.SortAddresses(addrs, false)
+	network.SortAddresses(addrs)
 	c.Assert(addrs, jc.DeepEquals, network.NewAddresses(
 		// Public IPv4 addresses on top.
 		"7.8.8.8",
@@ -902,31 +685,6 @@
 		// Finally, link-local IPv6 addresses.
 		"fe80::2",
 	))
-
-	// Now, simulate prefer-ipv6: true.
-	network.SortAddresses(addrs, true)
-	c.Assert(addrs, jc.DeepEquals, network.NewAddresses(
-		// Public IPv6 addresses on top.
-		"2001:db8::1",
-		// After that public IPv4 addresses.
-		"7.8.8.8",
-		"8.8.8.8",
-		// Then hostnames.
-		"example.com",
-		"localhost",
-		// Then IPv6 cloud-local addresses.
-		"fc00::1",
-		// Then IPv4 cloud-local addresses.
-		"172.16.0.1",
-		// Then machine-local IPv6 addresses.
-		"::1",
-		// Then machine-local IPv4 addresses.
-		"127.0.0.1",
-		// Then link-local IPv6 addresses.
-		"fe80::2",
-		// Finally, link-local IPv4 addresses.
-		"169.254.1.2",
-	))
 }
 
 func (*AddressSuite) TestIPv4ToDecimal(c *gc.C) {
@@ -955,7 +713,6 @@
 }
 
 func (*AddressSuite) TestExactScopeMatch(c *gc.C) {
-	network.SetPreferIPv6(false)
 	addr := network.NewScopedAddress("10.0.0.2", network.ScopeCloudLocal)
 	match := network.ExactScopeMatch(addr, network.ScopeCloudLocal)
 	c.Assert(match, jc.IsTrue)
@@ -969,33 +726,6 @@
 	c.Assert(match, jc.IsTrue)
 }
 
-func (*AddressSuite) TestExactScopeMatchHonoursPreferIPv6(c *gc.C) {
-	network.SetPreferIPv6(true)
-	addr := network.NewScopedAddress("10.0.0.2", network.ScopeCloudLocal)
-	match := network.ExactScopeMatch(addr, network.ScopeCloudLocal)
-	c.Assert(match, jc.IsFalse)
-	match = network.ExactScopeMatch(addr, network.ScopePublic)
-	c.Assert(match, jc.IsFalse)
-
-	addr = network.NewScopedAddress("8.8.8.8", network.ScopePublic)
-	match = network.ExactScopeMatch(addr, network.ScopeCloudLocal)
-	c.Assert(match, jc.IsFalse)
-	match = network.ExactScopeMatch(addr, network.ScopePublic)
-	c.Assert(match, jc.IsFalse)
-
-	addr = network.NewScopedAddress("2001:db8::ff00:42:8329", network.ScopePublic)
-	match = network.ExactScopeMatch(addr, network.ScopeCloudLocal)
-	c.Assert(match, jc.IsFalse)
-	match = network.ExactScopeMatch(addr, network.ScopePublic)
-	c.Assert(match, jc.IsTrue)
-
-	addr = network.NewScopedAddress("fc00::1", network.ScopeCloudLocal)
-	match = network.ExactScopeMatch(addr, network.ScopeCloudLocal)
-	c.Assert(match, jc.IsTrue)
-	match = network.ExactScopeMatch(addr, network.ScopePublic)
-	c.Assert(match, jc.IsFalse)
-}
-
 func (s *AddressSuite) TestResolvableHostnames(c *gc.C) {
 	seq := 0
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/devicenames.go juju-core-2.0~beta12/src/github.com/juju/juju/network/devicenames.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/devicenames.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/devicenames.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,219 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package network
+
+import (
+	"sort"
+	"strconv"
+	"unicode/utf8"
+)
+
+const (
+	EOF = iota
+	LITERAL
+	NUMBER
+)
+
+type token int
+
+type deviceNameScanner struct {
+	src string
+
+	// scanning state
+	ch       rune // current character
+	offset   int  // character offset
+	rdOffset int  // reading offset (position of next ch)
+}
+
+type deviceName struct {
+	name   string
+	tokens []int
+}
+
+type devices []deviceName
+
+func (d devices) Len() int {
+	return len(d)
+}
+
+func (d devices) Less(i, j int) bool {
+	if r := intCompare(d[i].tokens, d[j].tokens); r == -1 {
+		return true
+	} else {
+		return false
+	}
+}
+
+func (d devices) Swap(i, j int) {
+	d[i], d[j] = d[j], d[i]
+}
+
+// adapted from runtime/noasm.go
+func intCompare(s1, s2 []int) int {
+	l := len(s1)
+	if len(s2) < l {
+		l = len(s2)
+	}
+	if l == 0 || &s1[0] == &s2[0] {
+		goto samebytes
+	}
+	for i := 0; i < l; i++ {
+		c1, c2 := s1[i], s2[i]
+		if c1 < c2 {
+			return -1
+		}
+		if c1 > c2 {
+			return +1
+		}
+	}
+samebytes:
+	if len(s1) < len(s2) {
+		return -1
+	}
+	if len(s1) > len(s2) {
+		return +1
+	}
+	return 0
+}
+
+func (s *deviceNameScanner) init(src string) {
+	s.src = src
+	s.ch = ' '
+	s.offset = 0
+	s.rdOffset = 0
+	s.next()
+}
+
+func (s *deviceNameScanner) next() {
+	if s.rdOffset < len(s.src) {
+		s.offset = s.rdOffset
+		r, w := rune(s.src[s.rdOffset]), 1
+		s.rdOffset += w
+		s.ch = r
+	} else {
+		s.offset = len(s.src)
+		s.ch = -1 // EOF
+	}
+}
+
+func (s *deviceNameScanner) peek() rune {
+	if s.rdOffset < len(s.src) {
+		r, _ := rune(s.src[s.rdOffset]), 1
+		return r
+	}
+	return -1
+}
+
+func isDigit(ch rune) bool {
+	return '0' <= ch && ch <= '9'
+}
+
+func (s *deviceNameScanner) scanNumber() string {
+	// Treat leading zeros as discrete numbers as this aids the
+	// natural sort ordering. We also only parse whole numbers;
+	// floating point values are considered an integer- and
+	// fractional-part.
+
+	if s.ch == '0' && s.peek() == '0' {
+		s.next()
+		return "0"
+	}
+
+	cur := s.offset
+
+	for isDigit(s.ch) {
+		s.next()
+	}
+
+	return string(s.src[cur:s.offset])
+}
+
+func (s *deviceNameScanner) scan() (tok token, lit string) {
+	switch ch := s.ch; {
+	case -1 == ch:
+		return EOF, ""
+	case '0' <= ch && ch <= '9':
+		return NUMBER, s.scanNumber()
+	default:
+		lit = string(s.ch)
+		s.next()
+		return LITERAL, lit
+	}
+}
+
+func parseDeviceName(src string) deviceName {
+	var s deviceNameScanner
+
+	s.init(src)
+
+	d := deviceName{name: src}
+
+	for {
+		tok, lit := s.scan()
+		switch tok {
+		case EOF:
+			return d
+		case LITERAL:
+			x, _ := utf8.DecodeRuneInString(lit)
+			d.tokens = append(d.tokens, int(x))
+		case NUMBER:
+			val, _ := strconv.Atoi(lit)
+			d.tokens = append(d.tokens, val)
+		}
+	}
+}
+
+func parseDeviceNames(args ...string) devices {
+	devices := make(devices, 0)
+
+	for _, a := range args {
+		devices = append(devices, parseDeviceName(a))
+	}
+
+	return devices
+}
+
+// NaturallySortDeviceNames returns an ordered list of names based on
+// a natural ordering where 'natural' is an ordering of the string
+// value in alphabetical order, execept that multi-digit numbers are
+// ordered as a single character.
+//
+// For example, sorting:
+//
+//  [ br-eth10 br-eth1 br-eth2 ]
+//
+// would sort as:
+//
+//  [ br-eth1 br-eth2 br-eth10 ]
+//
+// In purely alphabetical sorting "br-eth10" would be sorted before
+// "br-eth2" because "1" is sorted as smaller than "2", while in
+// natural sorting "br-eth2" is sorted before "br-eth10" because "2"
+// is sorted as smaller than "10".
+//
+// This also extends to multiply repeated numbers (e.g., VLANs).
+//
+// For example, sorting:
+//
+//  [ br-eth2 br-eth10.10 br-eth200.0 br-eth1.0 br-eth2.0 ]
+//
+// would sort as:
+//
+//  [ br-eth1.0 br-eth2 br-eth2.0 br-eth10.10 br-eth200.0 ]
+//
+func NaturallySortDeviceNames(names ...string) []string {
+	if names == nil {
+		return nil
+	}
+
+	devices := parseDeviceNames(names...)
+	sort.Sort(devices)
+	sortedNames := make([]string, len(devices))
+
+	for i, v := range devices {
+		sortedNames[i] = v.name
+	}
+
+	return sortedNames
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/devicenames_test.go juju-core-2.0~beta12/src/github.com/juju/juju/network/devicenames_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/devicenames_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/devicenames_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,92 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package network_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/network"
+	"github.com/juju/testing"
+)
+
+type DeviceNamesSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&DeviceNamesSuite{})
+
+func (*DeviceNamesSuite) TestNaturallySortDeviceNames(c *gc.C) {
+	for i, test := range []struct {
+		message  string
+		input    []string
+		expected []string
+	}{{
+		message:  "empty input, empty output",
+		input:    []string{},
+		expected: []string{},
+	}, {
+		message: "nil input, nil output",
+	}, {
+		message:  "one input",
+		input:    []string{"a"},
+		expected: []string{"a"},
+	}, {
+		message:  "two values, no numbers",
+		input:    []string{"b", "a"},
+		expected: []string{"a", "b"},
+	}, {
+		message:  "two values, mixed content",
+		input:    []string{"b1", "a1"},
+		expected: []string{"a1", "b1"},
+	}, {
+		message:  "identical values, numbers only",
+		input:    []string{"1", "1", "1", "1"},
+		expected: []string{"1", "1", "1", "1"},
+	}, {
+		message:  "identical values, mixed content",
+		input:    []string{"a1", "a1", "a1", "a1"},
+		expected: []string{"a1", "a1", "a1", "a1"},
+	}, {
+		message:  "reversed input",
+		input:    []string{"a10", "a9", "a8", "a7", "a6", "a5", "a4", "a3", "a2", "a1", "a0"},
+		expected: []string{"a0", "a1", "a2", "a3", "a4", "a5", "a6", "a7", "a8", "a9", "a10"},
+	}, {
+		message:  "multiple numbers per value",
+		input:    []string{"a10.11", "a10.10", "a10.1"},
+		expected: []string{"a10.1", "a10.10", "a10.11"},
+	}, {
+		message:  "value with leading zero",
+		input:    []string{"a50", "a51.", "a50.31", "a50.4", "a5.034e1", "a50.300"},
+		expected: []string{"a5.034e1", "a50", "a50.4", "a50.31", "a50.300", "a51."},
+	}, {
+		message:  "value with multiple leading zeros",
+		input:    []string{"a50", "a51.", "a0050.31", "a50.4", "a5.034e1", "a00050.300"},
+		expected: []string{"a00050.300", "a0050.31", "a5.034e1", "a50", "a50.4", "a51."},
+	}, {
+		message:  "strings with numbers in ascending order",
+		input:    []string{"a2", "a5", "a9", "a1", "a4", "a10", "a6"},
+		expected: []string{"a1", "a2", "a4", "a5", "a6", "a9", "a10"},
+	}, {
+		message:  "values that look like version numbers",
+		input:    []string{"1.9.9a", "1.11", "1.9.9b", "1.11.4", "1.10.1"},
+		expected: []string{"1.9.9a", "1.9.9b", "1.10.1", "1.11", "1.11.4"},
+	}, {
+		message:  "bridge device names",
+		input:    []string{"br-eth10", "br-eth2", "br-eth1"},
+		expected: []string{"br-eth1", "br-eth2", "br-eth10"},
+	}, {
+		message:  "bridge device names with VLAN numbers",
+		input:    []string{"br-eth10.10", "br-eth2.10", "br-eth200", "br-eth1.100", "br-eth1.10"},
+		expected: []string{"br-eth1.10", "br-eth1.100", "br-eth2.10", "br-eth10.10", "br-eth200"},
+	}, {
+		message:  "bridge device names with leading zero",
+		input:    []string{"br-eth0", "br-eth10.10", "br-eth2.10", "br-eth1.100", "br-eth1.10", "br-eth10"},
+		expected: []string{"br-eth0", "br-eth1.10", "br-eth1.100", "br-eth2.10", "br-eth10", "br-eth10.10"},
+	}} {
+		c.Logf("%v: %s", i, test.message)
+		result := network.NaturallySortDeviceNames(test.input...)
+		c.Assert(result, gc.HasLen, len(test.input))
+		c.Assert(result, gc.DeepEquals, test.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/hostport.go juju-core-2.0~beta12/src/github.com/juju/juju/network/hostport.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/hostport.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/hostport.go	2016-07-18 19:45:44.000000000 +0000
@@ -109,8 +109,8 @@
 func (hp hostPortsPreferringIPv4Slice) Less(i, j int) bool {
 	hp1 := hp[i]
 	hp2 := hp[j]
-	order1 := hp1.sortOrder(false)
-	order2 := hp2.sortOrder(false)
+	order1 := hp1.sortOrder()
+	order2 := hp2.sortOrder()
 	if order1 == order2 {
 		if hp1.Address.Value == hp2.Address.Value {
 			return hp1.Port < hp2.Port
@@ -120,33 +120,10 @@
 	return order1 < order2
 }
 
-type hostPortsPreferringIPv6Slice struct {
-	hostPortsPreferringIPv4Slice
-}
-
-func (hp hostPortsPreferringIPv6Slice) Less(i, j int) bool {
-	hp1 := hp.hostPortsPreferringIPv4Slice[i]
-	hp2 := hp.hostPortsPreferringIPv4Slice[j]
-	order1 := hp1.sortOrder(true)
-	order2 := hp2.sortOrder(true)
-	if order1 == order2 {
-		if hp1.Address.Value == hp2.Address.Value {
-			return hp1.Port < hp2.Port
-		}
-		return hp1.Address.Value < hp2.Address.Value
-	}
-	return order1 < order2
-}
-
-// SortHostPorts sorts the given HostPort slice according to the
-// sortOrder of each HostPort's embedded Address and the preferIpv6
-// flag. See Address.sortOrder() for more info.
-func SortHostPorts(hps []HostPort, preferIPv6 bool) {
-	if preferIPv6 {
-		sort.Sort(hostPortsPreferringIPv6Slice{hostPortsPreferringIPv4Slice(hps)})
-	} else {
-		sort.Sort(hostPortsPreferringIPv4Slice(hps))
-	}
+// SortHostPorts sorts the given HostPort slice according to the sortOrder of
+// each HostPort's embedded Address. See Address.sortOrder() for more info.
+func SortHostPorts(hps []HostPort) {
+	sort.Sort(hostPortsPreferringIPv4Slice(hps))
 }
 
 var netLookupIP = net.LookupIP
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/hostport_test.go juju-core-2.0~beta12/src/github.com/juju/juju/network/hostport_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/hostport_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/hostport_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,7 +26,6 @@
 	about         string
 	hostPorts     []network.HostPort
 	expectedIndex int
-	preferIPv6    bool
 }
 
 // hostPortTest returns the HostPort equivalent test to the
@@ -40,7 +39,6 @@
 		about:         t.about,
 		hostPorts:     hps,
 		expectedIndex: t.expectedIndex,
-		preferIPv6:    t.preferIPv6,
 	}
 }
 
@@ -54,40 +52,25 @@
 }
 
 func (*HostPortSuite) TestSelectPublicHostPort(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t0 := range selectPublicTests {
 		t := t0.hostPortTest()
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		c.Check(network.SelectPublicHostPort(t.hostPorts), jc.DeepEquals, t.expected())
 	}
 }
 
 func (*HostPortSuite) TestSelectInternalHostPort(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t0 := range selectInternalTests {
 		t := t0.hostPortTest()
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		c.Check(network.SelectInternalHostPort(t.hostPorts, false), jc.DeepEquals, t.expected())
 	}
 }
 
 func (*HostPortSuite) TestSelectInternalMachineHostPort(c *gc.C) {
-	oldValue := network.PreferIPv6()
-	defer func() {
-		network.SetPreferIPv6(oldValue)
-	}()
 	for i, t0 := range selectInternalMachineTests {
 		t := t0.hostPortTest()
 		c.Logf("test %d: %s", i, t.about)
-		network.SetPreferIPv6(t.preferIPv6)
 		c.Check(network.SelectInternalHostPort(t.hostPorts, true), gc.DeepEquals, t.expected())
 	}
 }
@@ -314,8 +297,7 @@
 
 func (s *HostPortSuite) TestSortHostPorts(c *gc.C) {
 	hps := s.makeHostPorts()
-	// Simulate prefer-ipv6: false first.
-	network.SortHostPorts(hps, false)
+	network.SortHostPorts(hps)
 	s.assertHostPorts(c, hps,
 		// Public IPv4 addresses on top.
 		"0.1.2.0:1234",
@@ -356,49 +338,6 @@
 		"[fe80::2]:9999",
 		"[ff01::22]:1234",
 	)
-
-	// Now, simulate prefer-ipv6: true.
-	network.SortHostPorts(hps, true)
-	s.assertHostPorts(c, hps,
-		// Public IPv6 addresses on top.
-		"[2001:db8::1]:1234",
-		"[2001:db8::1]:1234",
-		"[2001:db8::1]:9999",
-		"[2001:db8::2]:1234",
-		// After that public IPv4 addresses.
-		"0.1.2.0:1234",
-		"7.8.8.8:1234",
-		"8.8.8.8:1234",
-		// Then hostnames.
-		"example.com:1234",
-		"example.net:1234",
-		"example.org:1234",
-		"invalid host:1234",
-		"localhost:1234",
-		"localhost:1234",
-		// Then IPv6 cloud-local addresses.
-		"[fc00::1]:1234",
-		"[fd00::22]:1234",
-		// Then IPv4 cloud-local addresses.
-		"10.0.0.1:1234",
-		"10.0.0.1:9999",
-		"172.16.0.1:1234",
-		// Then machine-local IPv6 addresses.
-		"[::1]:1234",
-		"[::1]:1234",
-		// Then machine-local IPv4 addresses.
-		"127.0.0.1:1234",
-		"127.0.0.1:1234",
-		"127.0.0.1:9999",
-		"127.0.1.1:1234",
-		// Finally, link-local IPv6 addresses.
-		"[fe80::2]:1234",
-		"[fe80::2]:9999",
-		"[ff01::22]:1234",
-		// Then link-local IPv4 addresses.
-		"169.254.1.1:1234",
-		"169.254.1.2:1234",
-	)
 }
 
 var netAddrTests = []struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/network.go juju-core-2.0~beta12/src/github.com/juju/juju/network/network.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/network.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,6 @@
 	"regexp"
 	"sort"
 	"strings"
-	"sync/atomic"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
@@ -29,15 +28,17 @@
 	errors.Err
 }
 
-// NoAddressf returns an error which satisfies IsNoAddress().
-func NoAddressf(format string, args ...interface{}) error {
-	newErr := errors.NewErr(format+" no address", args...)
+// NoAddressError returns an error which satisfies IsNoAddressError(). The given
+// addressKind specifies what kind of address is missing, usually "private" or
+// "public".
+func NoAddressError(addressKind string) error {
+	newErr := errors.NewErr("no %s address", addressKind)
 	newErr.SetLocation(1)
 	return &noAddress{newErr}
 }
 
-// IsNoAddress reports whether err was created with NoAddressf().
-func IsNoAddress(err error) bool {
+// IsNoAddressError reports whether err was created with NoAddressError().
+func IsNoAddressError(err error) bool {
 	err = errors.Cause(err)
 	_, ok := err.(*noAddress)
 	return ok
@@ -54,6 +55,9 @@
 // UnknownId can be used whenever an Id is needed but not known.
 const UnknownId = ""
 
+// DefaultLXDBridge is the bridge that gets used for LXD containers
+const DefaultLXDBridge = "lxdbr0"
+
 var dashPrefix = regexp.MustCompile("^-*")
 var dashSuffix = regexp.MustCompile("-*$")
 var multipleDashes = regexp.MustCompile("--+")
@@ -107,13 +111,6 @@
 	// http://en.wikipedia.org/wiki/IEEE_802.1Q.
 	VLANTag int
 
-	// AllocatableIPLow and AllocatableIPHigh describe the allocatable
-	// portion of the subnet. The provider will only permit allocation
-	// between these limits. If they are empty then none of the subnet is
-	// allocatable.
-	AllocatableIPLow  net.IP
-	AllocatableIPHigh net.IP
-
 	// AvailabilityZones describes which availability zone(s) this
 	// subnet is in. It can be empty if the provider does not support
 	// availability zones.
@@ -306,27 +303,6 @@
 	return ipNet.String()
 }
 
-var preferIPv6 uint32
-
-// PreferIPV6 returns true if this process prefers IPv6.
-func PreferIPv6() bool { return atomic.LoadUint32(&preferIPv6) > 0 }
-
-// SetPreferIPv6 determines whether IPv6 addresses will be preferred when
-// selecting a public or internal addresses, using the Select*() methods.
-// SetPreferIPV6 needs to be called to set this flag globally at the
-// earliest time possible (e.g. at bootstrap, agent startup, before any
-// CLI command).
-func SetPreferIPv6(prefer bool) {
-	var b uint32
-	if prefer {
-		b = 1
-	}
-	atomic.StoreUint32(&preferIPv6, b)
-	// TODO(dimitern): Drop prefer-ipv6 entirely.
-	prefer = false
-	logger.Infof("setting prefer-ipv6 to %v", prefer)
-}
-
 // LXCNetDefaultConfig is the location of the default network config
 // of the lxc package. It's exported to allow cross-package testing.
 var LXCNetDefaultConfig = "/etc/default/lxc-net"
@@ -341,12 +317,68 @@
 	return iface.Addrs()
 }
 
-// FilterLXCAddresses tries to discover the default lxc bridge name
+// filterAddrs looks at all of the addresses in allAddresses and removes ones
+// that line up with removeAddresses. Note that net.Addr may be just an IP or
+// may be a CIDR.
+func filterAddrs(bridgeName string, allAddresses []Address, removeAddresses []net.Addr) []Address {
+	filtered := make([]Address, 0, len(allAddresses))
+	// TODO(jam) ips could be turned into a map[string]bool rather than
+	// iterating over all of them, as we only compare against ip.String()
+	ips := make([]net.IP, 0, len(removeAddresses))
+	ipNets := make([]*net.IPNet, 0, len(removeAddresses))
+	for _, ifaceAddr := range removeAddresses {
+		// First check if this is a CIDR, as
+		// net.InterfaceAddrs might return this instead of
+		// a plain IP.
+		ip, ipNet, err := net.ParseCIDR(ifaceAddr.String())
+		if err != nil {
+			// It's not a CIDR, try parsing as IP.
+			ip = net.ParseIP(ifaceAddr.String())
+		}
+		if ip == nil {
+			logger.Debugf("cannot parse %q as IP, ignoring", ifaceAddr)
+			continue
+		}
+		ips = append(ips, ip)
+		if ipNet != nil {
+			ipNets = append(ipNets, ipNet)
+		}
+	}
+	for _, addr := range allAddresses {
+		found := false
+		// Filter all known IPs
+		for _, ip := range ips {
+			if ip.String() == addr.Value {
+				found = true
+				break
+			}
+		}
+		if !found {
+			// Then check if it is in one of the CIDRs
+			for _, ipNet := range ipNets {
+				if ipNet.Contains(net.ParseIP(addr.Value)) {
+					found = true
+					break
+				}
+			}
+		}
+		if found {
+			logger.Debugf("filtering %q address %s for machine", bridgeName, addr.String())
+		} else {
+			logger.Debugf("not filtering address %s for machine", addr)
+			filtered = append(filtered, addr)
+		}
+	}
+	logger.Debugf("addresses after filtering: %v", filtered)
+	return filtered
+}
+
+// filterLXCAddresses tries to discover the default lxc bridge name
 // and all of its addresses, then filters those addresses out of the
 // given ones and returns the result. Any errors encountered during
 // this process are logged, but not considered fatal. See LP bug
 // #1416928.
-func FilterLXCAddresses(addresses []Address) []Address {
+func filterLXCAddresses(addresses []Address) []Address {
 	file, err := os.Open(LXCNetDefaultConfig)
 	if os.IsNotExist(err) {
 		// No lxc-net config found, nothing to do.
@@ -354,45 +386,11 @@
 		return addresses
 	} else if err != nil {
 		// Just log it, as it's not fatal.
-		logger.Warningf("cannot open %q: %v", LXCNetDefaultConfig, err)
+		logger.Errorf("cannot open %q: %v", LXCNetDefaultConfig, err)
 		return addresses
 	}
 	defer file.Close()
 
-	filterAddrs := func(bridgeName string, addrs []net.Addr) []Address {
-		// Filter out any bridge addresses.
-		filtered := make([]Address, 0, len(addresses))
-		for _, addr := range addresses {
-			found := false
-			for _, ifaceAddr := range addrs {
-				// First check if this is a CIDR, as
-				// net.InterfaceAddrs might return this instead of
-				// a plain IP.
-				ip, ipNet, err := net.ParseCIDR(ifaceAddr.String())
-				if err != nil {
-					// It's not a CIDR, try parsing as IP.
-					ip = net.ParseIP(ifaceAddr.String())
-				}
-				if ip == nil {
-					logger.Debugf("cannot parse %q as IP, ignoring", ifaceAddr)
-					continue
-				}
-				// Filter by CIDR if known or single IP otherwise.
-				if ipNet != nil && ipNet.Contains(net.ParseIP(addr.Value)) ||
-					ip.String() == addr.Value {
-					found = true
-					logger.Debugf("filtering %q address %s for machine", bridgeName, ifaceAddr.String())
-				}
-			}
-			if !found {
-				logger.Debugf("not filtering address %s for machine", addr)
-				filtered = append(filtered, addr)
-			}
-		}
-		logger.Debugf("addresses after filtering: %v", filtered)
-		return filtered
-	}
-
 	scanner := bufio.NewScanner(file)
 	for scanner.Scan() {
 		line := strings.TrimSpace(scanner.Text())
@@ -410,15 +408,38 @@
 			// Discover all addresses of bridgeName interface.
 			addrs, err := InterfaceByNameAddrs(bridgeName)
 			if err != nil {
-				logger.Warningf("cannot get %q addresses: %v (ignoring)", bridgeName, err)
+				logger.Debugf("cannot get %q addresses: %v (ignoring)", bridgeName, err)
 				continue
 			}
 			logger.Debugf("%q has addresses %v", bridgeName, addrs)
-			return filterAddrs(bridgeName, addrs)
+			return filterAddrs(bridgeName, addresses, addrs)
 		}
 	}
 	if err := scanner.Err(); err != nil {
-		logger.Warningf("failed to read %q: %v (ignoring)", LXCNetDefaultConfig, err)
+		logger.Debugf("failed to read %q: %v (ignoring)", LXCNetDefaultConfig, err)
 	}
 	return addresses
 }
+
+// filterLXDAddresses removes addresses on the LXD bridge from the list to be
+// considered.
+func filterLXDAddresses(addresses []Address) []Address {
+	// Should we be getting this from LXD instead?
+	addrs, err := InterfaceByNameAddrs(DefaultLXDBridge)
+	if err != nil {
+		logger.Warningf("cannot get %q addresses: %v (ignoring)", DefaultLXDBridge, err)
+		return addresses
+	}
+	logger.Debugf("%q has addresses %v", DefaultLXDBridge, addrs)
+	return filterAddrs(DefaultLXDBridge, addresses, addrs)
+
+}
+
+// FilterBridgeAddresses removes addresses seen as a Bridge address (the IP
+// address used only to connect to local containers), rather than a remote
+// accessible address.
+func FilterBridgeAddresses(addresses []Address) []Address {
+	addresses = filterLXCAddresses(addresses)
+	addresses = filterLXDAddresses(addresses)
+	return addresses
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/network_test.go juju-core-2.0~beta12/src/github.com/juju/juju/network/network_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/network_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/network_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -112,24 +112,12 @@
 	}
 }
 
-func (*NetworkSuite) TestInitializeFromConfig(c *gc.C) {
-	c.Check(network.PreferIPv6(), jc.IsFalse)
-
-	envConfig := testing.CustomModelConfig(c, testing.Attrs{
-		"prefer-ipv6": true,
-	})
-	network.SetPreferIPv6(envConfig.PreferIPv6())
-	c.Check(network.PreferIPv6(), jc.IsTrue)
-
-	envConfig = testing.CustomModelConfig(c, testing.Attrs{
-		"prefer-ipv6": false,
-	})
-	network.SetPreferIPv6(envConfig.PreferIPv6())
-	c.Check(network.PreferIPv6(), jc.IsFalse)
-}
-
-func (s *NetworkSuite) TestFilterLXCAddresses(c *gc.C) {
+func (s *NetworkSuite) TestFilterBridgeAddresses(c *gc.C) {
 	lxcFakeNetConfig := filepath.Join(c.MkDir(), "lxc-net")
+	// We create an LXC bridge named "foobar", and then put 10.0.3.1,
+	// 10.0.3.4 and 10.0.3.5/24 on that bridge.
+	// We also put 10.0.4.1 and 10.0.5.1/24 onto whatever bridge LXD is
+	// configured to use.
 	netConf := []byte(`
   # comments ignored
 LXC_BR= ignored
@@ -140,13 +128,22 @@
 	err := ioutil.WriteFile(lxcFakeNetConfig, netConf, 0644)
 	c.Assert(err, jc.ErrorIsNil)
 	s.PatchValue(&network.InterfaceByNameAddrs, func(name string) ([]net.Addr, error) {
-		c.Assert(name, gc.Equals, "foobar")
-		return []net.Addr{
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
-			// Try a CIDR 10.0.3.5/24 as well.
-			&net.IPNet{IP: net.IPv4(10, 0, 3, 5), Mask: net.IPv4Mask(255, 255, 255, 0)},
-		}, nil
+		if name == "foobar" {
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
+				// Try a CIDR 10.0.3.5/24 as well.
+				&net.IPNet{IP: net.IPv4(10, 0, 3, 5), Mask: net.IPv4Mask(255, 255, 255, 0)},
+			}, nil
+		} else if name == network.DefaultLXDBridge {
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 4, 1)},
+				// Try a CIDR 10.0.5.1/24 as well.
+				&net.IPNet{IP: net.IPv4(10, 0, 5, 1), Mask: net.IPv4Mask(255, 255, 255, 0)},
+			}, nil
+		}
+		c.Fatalf("unknown bridge name: %q", name)
+		return nil, nil
 	})
 	s.PatchValue(&network.LXCNetDefaultConfig, lxcFakeNetConfig)
 
@@ -154,24 +151,28 @@
 		"127.0.0.1",
 		"2001:db8::1",
 		"10.0.0.1",
-		"10.0.3.1", // filtered (directly as IP)
-		"10.0.3.3", // filtered (by the 10.0.3.5/24 CIDR)
-		"10.0.3.5", // filtered (directly)
-		"10.0.3.4", // filtered (directly)
+		"10.0.3.1",  // filtered (directly as IP)
+		"10.0.3.3",  // filtered (by the 10.0.3.5/24 CIDR)
+		"10.0.3.5",  // filtered (directly)
+		"10.0.3.4",  // filtered (directly)
+		"10.0.4.1",  // filtered (directly from LXD bridge)
+		"10.0.5.10", // filtered (from LXD bridge, 10.0.5.1/24)
+		"10.0.6.10", // unfiltered
 		"192.168.123.42",
 	)
 	filteredAddresses := network.NewAddresses(
 		"127.0.0.1",
 		"2001:db8::1",
 		"10.0.0.1",
+		"10.0.6.10",
 		"192.168.123.42",
 	)
-	c.Assert(network.FilterLXCAddresses(inputAddresses), jc.DeepEquals, filteredAddresses)
+	c.Assert(network.FilterBridgeAddresses(inputAddresses), jc.DeepEquals, filteredAddresses)
 }
 
 func (s *NetworkSuite) TestNoAddressError(c *gc.C) {
-	err := network.NoAddressf("boom")
-	c.Assert(err, gc.ErrorMatches, "boom no address")
-	c.Assert(network.IsNoAddress(err), jc.IsTrue)
-	c.Assert(network.IsNoAddress(errors.New("address found")), jc.IsFalse)
+	err := network.NoAddressError("fake")
+	c.Assert(err, gc.ErrorMatches, "no fake address")
+	c.Assert(network.IsNoAddressError(err), jc.IsTrue)
+	c.Assert(network.IsNoAddressError(errors.New("address found")), jc.IsFalse)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/utils.go juju-core-2.0~beta12/src/github.com/juju/juju/network/utils.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/utils.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/utils.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,163 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package network
+
+import (
+	"bufio"
+	"os"
+	"strings"
+
+	"github.com/juju/errors"
+)
+
+// DNSConfig holds a list of DNS nameserver addresses and default search
+// domains.
+type DNSConfig struct {
+	Nameservers   []Address
+	SearchDomains []string
+}
+
+// ParseResolvConf parses a resolv.conf(5) file at the given path (usually
+// "/etc/resolv.conf"), if present. Returns the values of any 'nameserver'
+// stanzas, and the last 'search' stanza found. Values in the result will appear
+// in the order found, including duplicates. Parsing errors will be returned in
+// these cases:
+//
+// 1. if a 'nameserver' or 'search' without a value is found;
+// 2. 'nameserver' with more than one value (trailing comments starting with '#'
+//    or ';' after the value are allowed).
+// 3. if any value containing '#' or ';' (e.g. 'nameserver 8.8.8.8#bad'), because
+//    values and comments following them must be separated by whitespace.
+//
+// No error is returned if the file is missing. See resolv.conf(5) man page for
+// details.
+func ParseResolvConf(path string) (*DNSConfig, error) {
+	file, err := os.Open(path)
+	if os.IsNotExist(err) {
+		logger.Debugf("%q does not exist - not parsing", path)
+		return nil, nil
+	} else if err != nil {
+		return nil, errors.Trace(err)
+	}
+	defer file.Close()
+
+	var (
+		nameservers   []string
+		searchDomains []string
+	)
+	scanner := bufio.NewScanner(file)
+	lineNum := 0
+	for scanner.Scan() {
+		line := scanner.Text()
+		lineNum++
+
+		values, err := parseResolvStanza(line, "nameserver")
+		if err != nil {
+			return nil, errors.Annotatef(err, "parsing %q, line %d", path, lineNum)
+		}
+
+		if numValues := len(values); numValues > 1 {
+			return nil, errors.Errorf(
+				"parsing %q, line %d: one value expected for \"nameserver\", got %d",
+				path, lineNum, numValues,
+			)
+		} else if numValues == 1 {
+			nameservers = append(nameservers, values[0])
+			continue
+		}
+
+		values, err = parseResolvStanza(line, "search")
+		if err != nil {
+			return nil, errors.Annotatef(err, "parsing %q, line %d", path, lineNum)
+		}
+
+		if len(values) > 0 {
+			// Last 'search' found wins.
+			searchDomains = values
+		}
+	}
+
+	if err := scanner.Err(); err != nil {
+		return nil, errors.Annotatef(err, "reading %q", path)
+	}
+
+	return &DNSConfig{
+		Nameservers:   NewAddresses(nameservers...),
+		SearchDomains: searchDomains,
+	}, nil
+}
+
+// parseResolvStanza parses a single line from a resolv.conf(5) file, beginning
+// with the given stanza ('nameserver' or 'search' ). If the line does not
+// contain the stanza, no results and no error is returned. Leading and trailing
+// whitespace is removed first, then lines starting with ";" or "#" are treated
+// as comments.
+//
+// Examples:
+// parseResolvStanza(`   # nothing ;to see here`, "doesn't matter")
+// will return (nil, nil) - comments and whitespace are ignored, nothing left.
+//
+// parseResolvStanza(`   nameserver    ns1.example.com   # preferred`, "nameserver")
+// will return ([]string{"ns1.example.com"}, nil).
+//
+// parseResolvStanza(`search ;; bad: no value`, "search")
+// will return (nil, err: `"search": required value(s) missing`)
+//
+// parseResolvStanza(`search foo bar foo foo.bar bar.foo ;; try all`, "search")
+// will return ([]string("foo", "bar", "foo", "foo.bar", "bar.foo"}, nil)
+//
+// parseResolvStanza(`search foo#bad comment`, "nameserver")
+// will return (nil, nil) - line does not start with "nameserver".
+//
+// parseResolvStanza(`search foo#bad comment`, "search")
+// will return (nil, err: `"search": invalid value "foo#bad"`) - no whitespace
+// between the value "foo" and the following comment "#bad comment".
+func parseResolvStanza(line, stanza string) ([]string, error) {
+	const commentChars = ";#"
+	isComment := func(s string) bool {
+		return strings.IndexAny(s, commentChars) == 0
+	}
+
+	line = strings.TrimSpace(line)
+	fields := strings.Fields(line)
+	noFields := len(fields) == 0 // line contains only whitespace
+
+	if isComment(line) || noFields || fields[0] != stanza {
+		// Lines starting with ';' or '#' are comments and are ignored. Empty
+		// lines and those not starting with stanza are ignored.
+		return nil, nil
+	}
+
+	// Mostly for convenience, comments starting with ';' or '#' after a value
+	// are allowed and ignored, assuming there's whitespace between the value
+	// and the comment (e.g. 'search foo #bar' is OK, but 'search foo#bar'
+	// isn't).
+	var parsedValues []string
+	rawValues := fields[1:] // skip the stanza itself
+	for _, value := range rawValues {
+		if isComment(value) {
+			// We're done parsing as the rest of the line is still part of the
+			// same comment.
+			break
+		}
+
+		if strings.ContainsAny(value, commentChars) {
+			// This will catch cases like 'nameserver 8.8.8.8#foo', because
+			// fields[1] will be '8.8.8.8#foo'.
+			return nil, errors.Errorf("%q: invalid value %q", stanza, value)
+		}
+
+		parsedValues = append(parsedValues, value)
+	}
+
+	// resolv.conf(5) states that to be recognized as valid, the line must begin
+	// with the stanza, followed by whitespace, then at least one value (for
+	// 'nameserver', more values separated by whitespace are allowed for
+	// 'search').
+	if len(parsedValues) == 0 {
+		return nil, errors.Errorf("%q: required value(s) missing", stanza)
+	}
+
+	return parsedValues, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/network/utils_test.go juju-core-2.0~beta12/src/github.com/juju/juju/network/utils_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/network/utils_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/network/utils_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,121 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+// +build !windows
+
+package network_test
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/network"
+)
+
+type UtilsSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&UtilsSuite{})
+
+func (*UtilsSuite) TestParseResolvConfEmptyOrMissingPath(c *gc.C) {
+	emptyPath := ""
+	missingPath := filepath.Join(c.MkDir(), "missing")
+
+	for _, path := range []string{emptyPath, missingPath} {
+		result, err := network.ParseResolvConf(path)
+		c.Check(err, jc.ErrorIsNil)
+		c.Check(result, gc.IsNil)
+	}
+}
+
+func (*UtilsSuite) TestParseResolvConfNotReadablePath(c *gc.C) {
+	unreadableConf := makeResolvConf(c, "#empty", 0000)
+	result, err := network.ParseResolvConf(unreadableConf)
+	expected := fmt.Sprintf("open %s: permission denied", unreadableConf)
+	c.Check(err, gc.ErrorMatches, expected)
+	c.Check(result, gc.IsNil)
+}
+
+func makeResolvConf(c *gc.C, content string, perms os.FileMode) string {
+	fakeConfPath := filepath.Join(c.MkDir(), "fake")
+	err := ioutil.WriteFile(fakeConfPath, []byte(content), perms)
+	c.Check(err, jc.ErrorIsNil)
+	return fakeConfPath
+}
+
+func (*UtilsSuite) TestParseResolvConfEmptyFile(c *gc.C) {
+	emptyConf := makeResolvConf(c, "", 0644)
+	result, err := network.ParseResolvConf(emptyConf)
+	c.Check(err, jc.ErrorIsNil)
+	// Expected non-nil, but empty result.
+	c.Check(result, jc.DeepEquals, &network.DNSConfig{})
+}
+
+func (*UtilsSuite) TestParseResolvConfCommentsAndWhitespaceHandling(c *gc.C) {
+	const exampleConf = `
+  ;; comment
+# also comment
+;# ditto
+  #nameserver ;still comment
+
+  search    foo example.com       bar.     ;comment, leading/trailing ignored
+nameserver 8.8.8.8 #comment #still the same comment
+`
+	fakeConf := makeResolvConf(c, exampleConf, 0644)
+	result, err := network.ParseResolvConf(fakeConf)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(result, jc.DeepEquals, &network.DNSConfig{
+		Nameservers:   network.NewAddresses("8.8.8.8"),
+		SearchDomains: []string{"foo", "example.com", "bar."},
+	})
+}
+
+func (*UtilsSuite) TestParseResolvConfSearchWithoutValue(c *gc.C) {
+	badConf := makeResolvConf(c, "search # no value\n", 0644)
+	result, err := network.ParseResolvConf(badConf)
+	c.Check(err, gc.ErrorMatches, `parsing ".*", line 1: "search": required value\(s\) missing`)
+	c.Check(result, gc.IsNil)
+}
+
+func (*UtilsSuite) TestParseResolvConfNameserverWithoutValue(c *gc.C) {
+	badConf := makeResolvConf(c, "nameserver", 0644)
+	result, err := network.ParseResolvConf(badConf)
+	c.Check(err, gc.ErrorMatches, `parsing ".*", line 1: "nameserver": required value\(s\) missing`)
+	c.Check(result, gc.IsNil)
+}
+
+func (*UtilsSuite) TestParseResolvConfValueFollowedByCommentWithoutWhitespace(c *gc.C) {
+	badConf := makeResolvConf(c, "search foo bar#bad rest;is#ignored: still part of the comment", 0644)
+	result, err := network.ParseResolvConf(badConf)
+	c.Check(err, gc.ErrorMatches, `parsing ".*", line 1: "search": invalid value "bar#bad"`)
+	c.Check(result, gc.IsNil)
+}
+
+func (*UtilsSuite) TestParseResolvConfNameserverWithMultipleValues(c *gc.C) {
+	badConf := makeResolvConf(c, "nameserver one two 42 ;;; comment still-inside-comment\n", 0644)
+	result, err := network.ParseResolvConf(badConf)
+	c.Check(err, gc.ErrorMatches, `parsing ".*", line 1: one value expected for "nameserver", got 3`)
+	c.Check(result, gc.IsNil)
+}
+
+func (*UtilsSuite) TestParseResolvConfLastSearchWins(c *gc.C) {
+	const multiSearchConf = `
+search zero five
+search one
+# this below overrides all of the above
+search two three #comment ;also-comment still-comment
+`
+	fakeConf := makeResolvConf(c, multiSearchConf, 0644)
+	result, err := network.ParseResolvConf(fakeConf)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(result, jc.DeepEquals, &network.DNSConfig{
+		SearchDomains: []string{"two", "three"},
+	})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/patches/001-mgo.v2-issue-277-fix.diff juju-core-2.0~beta12/src/github.com/juju/juju/patches/001-mgo.v2-issue-277-fix.diff
--- juju-core-2.0~beta7/src/github.com/juju/juju/patches/001-mgo.v2-issue-277-fix.diff	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/patches/001-mgo.v2-issue-277-fix.diff	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,55 @@
+diff --git a/session.go b/session.go
+index a8ad115..0949359 100644
+This applies the minimal changes to fix the mgo duplicate key error,
+see https://github.com/go-mgo/mgo/pull/291
+--- a/gopkg.in/mgo.v2/session.go
++++ b/gopkg.in/mgo.v2/session.go
+@@ -146,7 +146,10 @@ var (
+ 	ErrCursor   = errors.New("invalid cursor")
+ )
+ 
+-const defaultPrefetch = 0.25
++const (
++	defaultPrefetch  = 0.25
++	maxUpsertRetries = 5
++)
+ 
+ // Dial establishes a new session to the cluster identified by the given seed
+ // server(s). The session will enable communication with all of the servers in
+@@ -2478,7 +2481,15 @@ func (c *Collection) Upsert(selector interface{}, update interface{}) (info *Cha
+ 		Flags:      1,
+ 		Upsert:     true,
+ 	}
+-	lerr, err := c.writeOp(&op, true)
++	var lerr *LastError
++	for i := 0; i < maxUpsertRetries; i++ {
++		lerr, err = c.writeOp(&op, true)
++		// Retry duplicate key errors on upserts.
++		// https://docs.mongodb.com/v3.2/reference/method/db.collection.update/#use-unique-indexes
++		if !IsDup(err) {
++			break
++		}
++	}
+ 	if err == nil && lerr != nil {
+ 		info = &ChangeInfo{}
+ 		if lerr.UpdatedExisting {
+@@ -4208,8 +4219,17 @@ func (q *Query) Apply(change Change, result interface{}) (info *ChangeInfo, err
+ 	session.SetMode(Strong, false)
+ 
+ 	var doc valueResult
+-	err = session.DB(dbname).Run(&cmd, &doc)
+-	if err != nil {
++	for i := 0; i < maxUpsertRetries; i++ {
++		err = session.DB(dbname).Run(&cmd, &doc)
++
++		if err == nil {
++			break
++		}
++		if change.Upsert && IsDup(err) {
++			// Retry duplicate key errors on upserts.
++			// https://docs.mongodb.com/v3.2/reference/method/db.collection.update/#use-unique-indexes
++			continue
++		}
+ 		if qerr, ok := err.(*QueryError); ok && qerr.Message == "No matching object found" {
+ 			return nil, ErrNotFound
+ 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/client/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/client/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/client/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/client/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package client_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/client/public_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/client/public_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/client/public_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/client/public_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,14 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package client_test
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/payload"
 	"github.com/juju/juju/payload/api"
@@ -33,7 +36,7 @@
 		ID:      "idspam",
 		Status:  payload.StateRunning,
 		Labels:  nil,
-		Unit:    names.NewUnitTag("a-service/0").String(),
+		Unit:    names.NewUnitTag("a-application/0").String(),
 		Machine: names.NewMachineTag("1").String(),
 	}
 }
@@ -48,7 +51,7 @@
 
 	pclient := client.NewPublicClient(s.facade)
 
-	payloads, err := pclient.ListFull("a-tag", "a-service/0")
+	payloads, err := pclient.ListFull("a-tag", "a-application/0")
 	c.Assert(err, jc.ErrorIsNil)
 
 	expected, _ := api.API2Payload(s.payload)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/data.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/data.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/data.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/data.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,31 +8,31 @@
 // EnvListArgs are the arguments for the env-based List endpoint.
 type EnvListArgs struct {
 	// Patterns is the list of patterns against which to filter.
-	Patterns []string
+	Patterns []string `json:"patterns"`
 }
 
 type EnvListResults struct {
 	// Results is the list of payload results.
-	Results []Payload
+	Results []Payload `json:"results"`
 }
 
 // Payload contains full information about a payload.
 type Payload struct {
 	// Class is the name of the payload class.
-	Class string
+	Class string `json:"class"`
 	// Type is the name of the payload type.
-	Type string
+	Type string `json:"type"`
 
 	// ID is a unique string identifying the payload to
 	// the underlying technology.
-	ID string
+	ID string `json:"id"`
 	// Status is the Juju-level status for the payload.
-	Status string
+	Status string `json:"status"`
 	// Labels are labels associated with the payload.
-	Labels []string
+	Labels []string `json:"labels"`
 
 	// Unit identifies the unit tag associated with the payload.
-	Unit string
+	Unit string `json:"unit"`
 	// Machine identifies the machine tag associated with the payload.
-	Machine string
+	Machine string `json:"machine"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/helpers.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/helpers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/helpers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/helpers.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/payload"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/helpers_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/helpers_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/helpers_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/helpers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,11 @@
 package api
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/payload"
 )
@@ -29,7 +29,7 @@
 			ID:     "idspam",
 			Status: payload.StateRunning,
 			Labels: []string{"a-tag"},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: "1",
 	})
@@ -40,7 +40,7 @@
 		ID:      "idspam",
 		Status:  payload.StateRunning,
 		Labels:  []string{"a-tag"},
-		Unit:    names.NewUnitTag("a-service/0").String(),
+		Unit:    names.NewUnitTag("a-application/0").String(),
 		Machine: names.NewMachineTag("1").String(),
 	})
 }
@@ -52,7 +52,7 @@
 		ID:      "idspam",
 		Status:  payload.StateRunning,
 		Labels:  []string{"a-tag"},
-		Unit:    names.NewUnitTag("a-service/0").String(),
+		Unit:    names.NewUnitTag("a-application/0").String(),
 		Machine: names.NewMachineTag("1").String(),
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -66,7 +66,7 @@
 			ID:     "idspam",
 			Status: payload.StateRunning,
 			Labels: []string{"a-tag"},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: "1",
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/client/unitfacade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/client/unitfacade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/client/unitfacade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/client/unitfacade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/data.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/data.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/data.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/data.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 // TrackArgs are the arguments for the Track endpoint.
 type TrackArgs struct {
 	// Payloads is the list of Payloads to track
-	Payloads []api.Payload
+	Payloads []api.Payload `json:"payloads"`
 }
 
 // List uses params.Entities.
@@ -21,21 +21,21 @@
 // LookUpArgs are the arguments for the LookUp endpoint.
 type LookUpArgs struct {
 	// Args is the list of arguments to pass to this function.
-	Args []LookUpArg
+	Args []LookUpArg `json:"args"`
 }
 
 // LookUpArg contains all the information necessary to identify a payload.
 type LookUpArg struct {
 	// Name is the payload name.
-	Name string
+	Name string `json:"name"`
 	// ID uniquely identifies the payload for the given name.
-	ID string
+	ID string `json:"id"`
 }
 
 // SetStatusArgs are the arguments for the SetStatus endpoint.
 type SetStatusArgs struct {
 	// Args is the list of arguments to pass to this function.
-	Args []SetStatusArg
+	Args []SetStatusArg `json:"args"`
 }
 
 // SetStatusArg are the arguments for a single call to the
@@ -43,7 +43,7 @@
 type SetStatusArg struct {
 	params.Entity
 	// Status is the new status of the payload.
-	Status string
+	Status string `json:"status"`
 }
 
 // Untrack uses params.Entities.
@@ -51,7 +51,7 @@
 // PayloadResults is the result for a call that makes one or more requests
 // about payloads.
 type PayloadResults struct {
-	Results []PayloadResult
+	Results []PayloadResult `json:"results"`
 }
 
 // TODO(ericsnow) Eliminate the NotFound field?
@@ -60,9 +60,9 @@
 type PayloadResult struct {
 	params.Entity
 	// Payload holds the details of the payload, if any.
-	Payload *api.Payload
+	Payload *api.Payload `json:"payload"`
 	// NotFound indicates that the payload was not found in state.
-	NotFound bool
+	NotFound bool `json:"not-found"`
 	// Error is the error (if any) for the call referring to ID.
-	Error *params.Error
+	Error *params.Error `json:"error,omitempty"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/helpers.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/helpers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/helpers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/helpers.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/helpers_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/helpers_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/helpers_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/helpers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,11 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -101,7 +101,7 @@
 			Type:    "type",
 			ID:      "idfoo",
 			Status:  payload.StateRunning,
-			Unit:    "unit-a-service-0",
+			Unit:    "unit-a-application-0",
 			Machine: "machine-1",
 		},
 	})
@@ -119,7 +119,7 @@
 				},
 				ID:     "idfoo",
 				Status: payload.StateRunning,
-				Unit:   "a-service/0",
+				Unit:   "a-application/0",
 			},
 			Machine: "1",
 		},
@@ -204,7 +204,7 @@
 				},
 				ID:     "idfoo",
 				Status: payload.StateRunning,
-				Unit:   "a-service/0",
+				Unit:   "a-application/0",
 			},
 			Machine: "1",
 		},
@@ -221,7 +221,7 @@
 			Type:    "type",
 			ID:      "idfoo",
 			Status:  payload.StateRunning,
-			Unit:    "unit-a-service-0",
+			Unit:    "unit-a-application-0",
 			Machine: "machine-1",
 		},
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/server/unitfacade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/server/unitfacade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/private/server/unitfacade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/private/server/unitfacade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,11 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -83,7 +83,7 @@
 		},
 		ID:     "idfoo",
 		Status: payload.StateRunning,
-		Unit:   "a-service/0",
+		Unit:   "a-application/0",
 	}
 	s.state.payloads = []payload.Result{{
 		ID: id,
@@ -108,7 +108,7 @@
 		ID:      "idfoo",
 		Status:  payload.StateRunning,
 		Labels:  []string{},
-		Unit:    "unit-a-service-0",
+		Unit:    "unit-a-application-0",
 		Machine: "machine-1",
 	}
 
@@ -134,7 +134,7 @@
 		},
 		ID:     "idfoo",
 		Status: payload.StateRunning,
-		Unit:   "a-service/0",
+		Unit:   "a-application/0",
 	}
 	s.state.payloads = []payload.Result{{
 		ID: id,
@@ -155,7 +155,7 @@
 		ID:      "idfoo",
 		Status:  payload.StateRunning,
 		Labels:  []string{},
-		Unit:    "unit-a-service-0",
+		Unit:    "unit-a-application-0",
 		Machine: "machine-1",
 	}
 	c.Check(results, jc.DeepEquals, internal.PayloadResults{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/server/public_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/server/public_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/api/server/public_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/api/server/public_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,11 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/payload"
 	"github.com/juju/juju/payload/api"
@@ -35,7 +35,7 @@
 	ptype := "docker"
 	id := "id" + name
 	tags := []string{"a-tag"}
-	unit := "a-service/0"
+	unit := "a-application/0"
 	machine := "1"
 
 	pl := payload.FullPayloadInfo{
@@ -91,7 +91,7 @@
 	facade := PublicAPI{s.state}
 	args := api.EnvListArgs{
 		Patterns: []string{
-			"a-service/0",
+			"a-application/0",
 		},
 	}
 	results, err := facade.List(args)
@@ -113,7 +113,7 @@
 	facade := PublicAPI{s.state}
 	args := api.EnvListArgs{
 		Patterns: []string{
-			"a-service/1",
+			"a-application/1",
 		},
 	}
 	results, err := facade.List(args)
@@ -211,7 +211,7 @@
 			ID:     "idspam",
 			Status: payload.StateRunning,
 			Labels: []string{"a-tag"},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: "1",
 	}
@@ -224,7 +224,7 @@
 		"docker",             // type
 		"idspam",             // ID
 		payload.StateRunning, // status
-		"a-service/0",        // unit
+		"a-application/0",    // unit
 		"1",                  // machine
 		"a-tag",              // tags
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/component.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/component.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/component.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/component.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,3 +8,6 @@
 
 // ComponentName is the name of the Juju component for payload management.
 const ComponentName = "payloads"
+
+// FacadeName is the name of the api server facade.
+const FacadeName = "Payloads"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -35,7 +35,7 @@
 		},
 		ID:     id,
 		Status: status,
-		Unit:   "a-service/0",
+		Unit:   "a-application/0",
 	}
 	return pl
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/context.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/context.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/context.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/context.go	2016-07-18 19:45:44.000000000 +0000
@@ -187,6 +187,7 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
+	// TODO(ericsnow) We should not ignore a 0-len result.
 	if len(res) > 0 && res[0].Error != nil {
 		return errors.Trace(res[0].Error)
 	}
@@ -195,6 +196,7 @@
 	return nil
 }
 
+// SetStatus sets the identified payload's status.
 func (c *Context) SetStatus(class, id, status string) error {
 	fullID := payload.BuildID(class, id)
 	logger.Tracef("Calling status-set on payload context %q", fullID)
@@ -203,7 +205,16 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
+	// TODO(ericsnow) We should not ignore a 0-len result.
 	if len(res) > 0 && res[0].Error != nil {
+		// In a hook context, the case where the specified payload does
+		// not exist is a special one. A hook tool is how a charm author
+		// communicates the state of the charm. So returning an error
+		// here in the "missing" case makes less sense than in other
+		// places. We could simply ignore any error that surfaces for
+		// that case. However, returning the error communicates to the
+		// charm author that what they're trying to communicate doesn't
+		// make sense.
 		return errors.Trace(res[0].Error)
 	}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/register.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/register.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/register.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/register.go	2016-07-18 19:45:44.000000000 +0000
@@ -80,7 +80,7 @@
 		ID:     c.id,
 		Status: payload.StateRunning,
 		Labels: c.labels,
-		Unit:   "a-service/0",
+		Unit:   "a-application/0", // TODO(ericsnow) eliminate this!
 	}
 	if err := c.hctx.Track(pl); err != nil {
 		return errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/register_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/register_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/context/register_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/context/register_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -73,7 +73,7 @@
 		ID:     "id",
 		Status: payload.StateRunning,
 		Labels: []string{"tag1", "tag 2"},
-		Unit:   "a-service/0",
+		Unit:   "a-application/0",
 	})
 	// TODO (natefinch): we need to do something with the labels
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/errors.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/errors.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/errors.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/errors.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,18 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package payload
+
+import (
+	"github.com/juju/errors"
+)
+
+var (
+	// ErrAlreadyExists indicates that a payload could not be added
+	// because it was already added.
+	ErrAlreadyExists = errors.AlreadyExistsf("payload")
+
+	// ErrNotFound indicates that a requested payload has not been
+	// added yet.
+	ErrNotFound = errors.NotFoundf("payload")
+)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/filter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/filter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/filter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/filter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,7 +28,7 @@
 			ID:     "id" + name,
 			Status: "running",
 			Labels: []string{"a-tag"},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: "1",
 	}
@@ -139,7 +139,7 @@
 			ID:     "idspam",
 			Status: "running",
 			Labels: []string{"tagA", "tagB"},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: "1",
 	}
@@ -153,7 +153,7 @@
 		"running",
 		"tagA",
 		"tagB",
-		"a-service/0",
+		"a-application/0",
 		"1",
 	}
 	for _, pattern := range patterns {
@@ -215,7 +215,7 @@
 			ID:     "idspam",
 			Status: "running",
 			Labels: []string{"tagA", "tagB"},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: "1",
 	}
@@ -228,7 +228,7 @@
 		"running",
 		"tagA",
 		"tagB",
-		"a-service/0",
+		"a-application/0",
 		"1",
 	} {
 		c.Logf("check %q", pattern)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/payload_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/payload_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/payload_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/payload_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,7 +27,7 @@
 		ID:     "id" + name,
 		Status: payload.StateRunning,
 		Labels: []string{"a-tag"},
-		Unit:   "a-service/0",
+		Unit:   "a-application/0",
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,91 +5,145 @@
 
 import (
 	"fmt"
+	"reflect"
 
-	gitjujutesting "github.com/juju/testing"
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jujutxn "github.com/juju/txn"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
 
 	"github.com/juju/juju/payload"
-	"github.com/juju/juju/testing"
 )
 
-type BaseSuite struct {
-	testing.BaseSuite
-
-	Stub  *gitjujutesting.Stub
-	State *fakeStatePersistence
-	Unit  string
+type PayloadPersistenceFixture struct {
+	Stub    *testing.Stub
+	DB      *StubPersistenceBase
+	Queries payloadsQueries
+	StateID string
 }
 
-func (s *BaseSuite) SetUpTest(c *gc.C) {
-	s.BaseSuite.SetUpTest(c)
+func NewPayloadPersistenceFixture() *PayloadPersistenceFixture {
+	stub := &testing.Stub{}
+	db := &StubPersistenceBase{Stub: stub}
+	return &PayloadPersistenceFixture{
+		Stub:    stub,
+		DB:      db,
+		Queries: payloadsQueries{db},
+		StateID: "f47ac10b-58cc-4372-a567-0e02b2c3d479",
+	}
+}
 
-	s.Stub = &gitjujutesting.Stub{}
-	s.State = &fakeStatePersistence{Stub: s.Stub}
-	s.Unit = "a-unit/0"
+func (f PayloadPersistenceFixture) NewPersistence() *Persistence {
+	return NewPersistence(f.DB)
 }
 
-type PayloadDoc payloadDoc
+func (f PayloadPersistenceFixture) NewPayload(machine, unit, pType string, id string) payload.FullPayloadInfo {
+	name, pluginID := payload.ParseID(id)
+	if pluginID == "" {
+		pluginID = fmt.Sprintf("%s-%s", name, utils.MustNewUUID())
+	}
 
-func (doc PayloadDoc) convert() *payloadDoc {
-	return (*payloadDoc)(&doc)
+	return payload.FullPayloadInfo{
+		Payload: payload.Payload{
+			PayloadClass: charm.PayloadClass{
+				Name: name,
+				Type: pType,
+			},
+			ID:     pluginID,
+			Status: "running",
+			Unit:   unit,
+		},
+		Machine: machine,
+	}
 }
 
-func (s *BaseSuite) NewDoc(id string, pl payload.Payload) *payloadDoc {
-	return &payloadDoc{
-		DocID:  "payload#" + s.Unit + "#" + id,
-		UnitID: s.Unit,
-
-		Name:  pl.Name,
-		Type:  pl.Type,
-		RawID: pl.ID,
-		State: pl.Status,
+func (f PayloadPersistenceFixture) NewPayloads(machine, unit, pType string, ids ...string) []payload.FullPayloadInfo {
+	var payloads []payload.FullPayloadInfo
+	for _, id := range ids {
+		pl := f.NewPayload(machine, unit, pType, id)
+		payloads = append(payloads, pl)
 	}
+	return payloads
 }
 
-func (s *BaseSuite) SetDoc(id string, pl payload.Payload) *payloadDoc {
-	payloadDoc := s.NewDoc(id, pl)
-	s.State.SetDocs(payloadDoc)
-	return payloadDoc
+func (f PayloadPersistenceFixture) SetDocs(payloads ...payload.FullPayloadInfo) {
+	f.DB.SetDocs(payloads...)
 }
 
-func (s *BaseSuite) RemoveDoc(id string) {
-	docID := "payload#" + s.Unit + "#" + id
-	delete(s.State.docs, docID)
+func (f PayloadPersistenceFixture) CheckPayloads(c *gc.C, payloads []payload.FullPayloadInfo, expectedList ...payload.FullPayloadInfo) {
+	remainder := make([]payload.FullPayloadInfo, len(payloads))
+	copy(remainder, payloads)
+	var noMatch []payload.FullPayloadInfo
+	for _, expected := range expectedList {
+		found := false
+		for i, payload := range remainder {
+			if reflect.DeepEqual(payload, expected) {
+				remainder = append(remainder[:i], remainder[i+1:]...)
+				found = true
+				break
+			}
+		}
+		if !found {
+			noMatch = append(noMatch, expected)
+		}
+	}
+
+	ok1 := c.Check(noMatch, gc.HasLen, 0)
+	ok2 := c.Check(remainder, gc.HasLen, 0)
+	if !ok1 || !ok2 {
+		c.Logf("<<<<<<<<\nexpected:")
+		for _, payload := range expectedList {
+			c.Logf("%#v", payload)
+		}
+		c.Logf("--------\ngot:")
+		for _, payload := range payloads {
+			c.Logf("%#v", payload)
+		}
+		c.Logf(">>>>>>>>")
+	}
 }
 
-func (s *BaseSuite) NewPersistence() *Persistence {
-	return NewPersistence(s.State, s.Unit)
+type StubPersistenceBase struct {
+	*testing.Stub
+
+	ReturnAll []*payloadDoc
 }
 
-func (s *BaseSuite) SetUnit(id string) {
-	s.Unit = id
+func (s *StubPersistenceBase) AddDoc(pl payload.FullPayloadInfo) {
+	doc := newPayloadDoc(pl)
+	s.ReturnAll = append(s.ReturnAll, doc)
 }
 
-func (s *BaseSuite) NewPayloads(pType string, ids ...string) []payload.Payload {
-	var payloads []payload.Payload
-	for _, id := range ids {
-		pl := s.NewPayload(pType, id)
-		payloads = append(payloads, pl)
+func (s *StubPersistenceBase) SetDocs(payloads ...payload.FullPayloadInfo) {
+	docs := make([]*payloadDoc, len(payloads))
+	for i, pl := range payloads {
+		docs[i] = newPayloadDoc(pl)
 	}
-	return payloads
+	s.ReturnAll = docs
 }
 
-func (s *BaseSuite) NewPayload(pType string, id string) payload.Payload {
-	name, pluginID := payload.ParseID(id)
-	if pluginID == "" {
-		pluginID = fmt.Sprintf("%s-%s", name, utils.MustNewUUID())
+func (s *StubPersistenceBase) All(collName string, query, docs interface{}) error {
+	s.AddCall("All", collName, query, docs)
+	if err := s.NextErr(); err != nil {
+		return errors.Trace(err)
 	}
 
-	return payload.Payload{
-		PayloadClass: charm.PayloadClass{
-			Name: name,
-			Type: pType,
-		},
-		ID:     pluginID,
-		Status: "running",
-		Unit:   s.Unit,
+	actual := docs.(*[]payloadDoc)
+	var copied []payloadDoc
+	for _, doc := range s.ReturnAll {
+		copied = append(copied, *doc)
 	}
+	*actual = copied
+	return nil
+}
+
+func (s *StubPersistenceBase) Run(transactions jujutxn.TransactionSource) error {
+	s.AddCall("Run", transactions)
+	if err := s.NextErr(); err != nil {
+		return errors.Trace(err)
+	}
+
+	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/env.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/env.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/env.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/env.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,97 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package persistence
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/payload"
-)
-
-// EnvPersistenceBase provides all the information needed to produce
-// a new EnvPersistence value.
-type EnvPersistenceBase interface {
-	PersistenceBase
-
-	// Machines builds the list of the names that identify
-	// all machines in State.
-	Machines() ([]string, error)
-
-	// MachineUnits builds the list of names that identify all units
-	// for a given machine.
-	MachineUnits(machineName string) ([]string, error)
-}
-
-// unitPersistence describes the per-unit functionality needed
-// for env persistence.
-type unitPersistence interface {
-	// ListAll returns all payloads associated with the unit.
-	ListAll() ([]payload.Payload, error)
-}
-
-// EnvPersistence provides the persistence functionality for the
-// Juju environment as a whole.
-type EnvPersistence struct {
-	base EnvPersistenceBase
-
-	newUnitPersist func(base PersistenceBase, name string) unitPersistence
-}
-
-// NewEnvPersistence wraps the base in a new EnvPersistence.
-func NewEnvPersistence(base EnvPersistenceBase) *EnvPersistence {
-	return &EnvPersistence{
-		base:           base,
-		newUnitPersist: newUnitPersistence,
-	}
-}
-
-func newUnitPersistence(base PersistenceBase, unit string) unitPersistence {
-	return NewPersistence(base, unit)
-}
-
-// ListAll returns the list of all payloads in the environment.
-func (ep *EnvPersistence) ListAll() ([]payload.FullPayloadInfo, error) {
-	logger.Tracef("listing all payloads")
-
-	machines, err := ep.base.Machines()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	var payloads []payload.FullPayloadInfo
-	for _, machine := range machines {
-		units, err := ep.base.MachineUnits(machine)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-
-		for _, unit := range units {
-			persist := ep.newUnitPersist(ep.base, unit)
-
-			unitPayloads, err := listUnit(persist, unit, machine)
-			if err != nil {
-				return nil, errors.Trace(err)
-			}
-			payloads = append(payloads, unitPayloads...)
-		}
-	}
-	return payloads, nil
-}
-
-// listUnit returns all the payloads for the given unit.
-func listUnit(persist unitPersistence, unit, machine string) ([]payload.FullPayloadInfo, error) {
-	payloads, err := persist.ListAll()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	var fullPayloads []payload.FullPayloadInfo
-	for _, pl := range payloads {
-		fullPayloads = append(fullPayloads, payload.FullPayloadInfo{
-			Payload: pl,
-			Machine: machine,
-		})
-	}
-	return fullPayloads, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/env_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/env_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/env_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/env_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,251 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package persistence
-
-import (
-	"reflect"
-
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-
-	"github.com/juju/juju/payload"
-)
-
-var _ = gc.Suite(&envPersistenceSuite{})
-
-type envPersistenceSuite struct {
-	BaseSuite
-
-	base *stubEnvPersistenceBase
-}
-
-func (s *envPersistenceSuite) SetUpTest(c *gc.C) {
-	s.BaseSuite.SetUpTest(c)
-
-	s.base = &stubEnvPersistenceBase{
-		PersistenceBase: s.State,
-		stub:            s.Stub,
-	}
-}
-
-func (s *envPersistenceSuite) newPayload(name string) payload.FullPayloadInfo {
-	return payload.FullPayloadInfo{
-		Payload: payload.Payload{
-			PayloadClass: charm.PayloadClass{
-				Name: name,
-				Type: "docker",
-			},
-			ID:     "id" + name,
-			Status: payload.StateRunning,
-			Labels: []string{"a-tag"},
-			Unit:   "a-service/0",
-		},
-		Machine: "1",
-	}
-}
-
-func (s *envPersistenceSuite) TestListAllOkay(c *gc.C) {
-	s.base.setUnits("0")
-	s.base.setUnits("1", "a-service/0", "a-service/1")
-	s.base.setUnits("2", "a-service/2")
-	p1 := s.newPayload("spam")
-	p2 := s.newPayload("eggs")
-	s.base.setPayloads(p1, p2)
-
-	persist := NewEnvPersistence(s.base)
-	persist.newUnitPersist = s.base.newUnitPersistence
-
-	payloads, err := persist.ListAll()
-	c.Assert(err, jc.ErrorIsNil)
-
-	checkPayloads(c, payloads, p1, p2)
-	s.Stub.CheckCallNames(c,
-		"Machines",
-
-		"MachineUnits",
-
-		"MachineUnits",
-		"newUnitPersistence",
-		"ListAll",
-		"newUnitPersistence",
-		"ListAll",
-
-		"MachineUnits",
-		"newUnitPersistence",
-		"ListAll",
-	)
-}
-
-func (s *envPersistenceSuite) TestListAllEmpty(c *gc.C) {
-	s.base.setUnits("0")
-	s.base.setUnits("1", "a-service/0", "a-service/1")
-	persist := NewEnvPersistence(s.base)
-	persist.newUnitPersist = s.base.newUnitPersistence
-
-	payloads, err := persist.ListAll()
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(payloads, gc.HasLen, 0)
-	s.Stub.CheckCallNames(c,
-		"Machines",
-
-		"MachineUnits",
-
-		"MachineUnits",
-		"newUnitPersistence",
-		"ListAll",
-		"newUnitPersistence",
-		"ListAll",
-	)
-}
-
-func (s *envPersistenceSuite) TestListAllFailed(c *gc.C) {
-	failure := errors.Errorf("<failed!>")
-	s.Stub.SetErrors(failure)
-
-	persist := NewEnvPersistence(s.base)
-	persist.newUnitPersist = s.base.newUnitPersistence
-
-	_, err := persist.ListAll()
-
-	c.Check(errors.Cause(err), gc.Equals, failure)
-}
-
-// TODO(ericsnow) Factor this out to a testing package.
-
-func checkPayloads(c *gc.C, payloads []payload.FullPayloadInfo, expectedList ...payload.FullPayloadInfo) {
-	remainder := make([]payload.FullPayloadInfo, len(payloads))
-	copy(remainder, payloads)
-	var noMatch []payload.FullPayloadInfo
-	for _, expected := range expectedList {
-		found := false
-		for i, payload := range remainder {
-			if reflect.DeepEqual(payload, expected) {
-				remainder = append(remainder[:i], remainder[i+1:]...)
-				found = true
-				break
-			}
-		}
-		if !found {
-			noMatch = append(noMatch, expected)
-		}
-	}
-
-	ok1 := c.Check(noMatch, gc.HasLen, 0)
-	ok2 := c.Check(remainder, gc.HasLen, 0)
-	if !ok1 || !ok2 {
-		c.Logf("<<<<<<<<\nexpected:")
-		for _, payload := range expectedList {
-			c.Logf("%#v", payload)
-		}
-		c.Logf("--------\ngot:")
-		for _, payload := range payloads {
-			c.Logf("%#v", payload)
-		}
-		c.Logf(">>>>>>>>")
-	}
-}
-
-type stubEnvPersistenceBase struct {
-	PersistenceBase
-	stub         *testing.Stub
-	machines     []string
-	units        map[string]map[string]bool
-	unitPersists map[string]*stubUnitPersistence
-}
-
-func (s *stubEnvPersistenceBase) setPayloads(payloads ...payload.FullPayloadInfo) {
-	if s.unitPersists == nil && len(payloads) > 0 {
-		s.unitPersists = make(map[string]*stubUnitPersistence)
-	}
-
-	for _, pl := range payloads {
-		s.setUnits(pl.Machine, pl.Unit)
-
-		unitPayloads := s.unitPersists[pl.Unit]
-		if unitPayloads == nil {
-			unitPayloads = &stubUnitPersistence{stub: s.stub}
-			s.unitPersists[pl.Unit] = unitPayloads
-		}
-
-		unitPayloads.setPayloads(pl.Payload)
-	}
-}
-
-func (s *stubEnvPersistenceBase) setUnits(machine string, units ...string) {
-	if s.units == nil {
-		s.units = make(map[string]map[string]bool)
-	}
-	if _, ok := s.units[machine]; !ok {
-		s.machines = append(s.machines, machine)
-		s.units[machine] = make(map[string]bool)
-	}
-
-	for _, unit := range units {
-		s.units[machine][unit] = true
-	}
-}
-
-func (s *stubEnvPersistenceBase) newUnitPersistence(base PersistenceBase, unit string) unitPersistence {
-	s.stub.AddCall("newUnitPersistence", base, unit)
-	s.stub.NextErr() // pop one off
-
-	persist, ok := s.unitPersists[unit]
-	if !ok {
-		if s.unitPersists == nil {
-			s.unitPersists = make(map[string]*stubUnitPersistence)
-		}
-		persist = &stubUnitPersistence{stub: s.stub}
-		s.unitPersists[unit] = persist
-	}
-	return persist
-}
-
-func (s *stubEnvPersistenceBase) Machines() ([]string, error) {
-	s.stub.AddCall("Machines")
-	if err := s.stub.NextErr(); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	var names []string
-	for _, name := range s.machines {
-		names = append(names, name)
-	}
-	return names, nil
-}
-
-func (s *stubEnvPersistenceBase) MachineUnits(machine string) ([]string, error) {
-	s.stub.AddCall("MachineUnits", machine)
-	if err := s.stub.NextErr(); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	var units []string
-	for unit := range s.units[machine] {
-		units = append(units, unit)
-	}
-	return units, nil
-}
-
-type stubUnitPersistence struct {
-	stub *testing.Stub
-
-	payloads []payload.Payload
-}
-
-func (s *stubUnitPersistence) setPayloads(payloads ...payload.Payload) {
-	s.payloads = append(s.payloads, payloads...)
-}
-
-func (s *stubUnitPersistence) ListAll() ([]payload.Payload, error) {
-	s.stub.AddCall("ListAll")
-	if err := s.stub.NextErr(); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	return s.payloads, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/fakes_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/fakes_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/fakes_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/fakes_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,160 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package persistence
-
-import (
-	"github.com/juju/errors"
-	gitjujutesting "github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	jujutxn "github.com/juju/txn"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/mgo.v2/bson"
-	"gopkg.in/mgo.v2/txn"
-)
-
-type fakeStatePersistence struct {
-	*gitjujutesting.Stub
-
-	docs map[string]*payloadDoc
-	ops  [][]txn.Op
-}
-
-func (sp *fakeStatePersistence) SetDocs(docs ...*payloadDoc) {
-	if sp.docs == nil {
-		sp.docs = make(map[string]*payloadDoc)
-	}
-	for _, doc := range docs {
-		sp.docs[doc.DocID] = doc
-	}
-}
-
-func (sp fakeStatePersistence) CheckOps(c *gc.C, expected [][]txn.Op) {
-	if len(sp.ops) != len(expected) {
-		c.Check(sp.ops, jc.DeepEquals, expected)
-		return
-	}
-
-	for i, ops := range sp.ops {
-		c.Logf(" -- txn attempt %d --\n", i)
-		expectedRun := expected[i]
-		if len(ops) != len(expectedRun) {
-			c.Check(ops, jc.DeepEquals, expectedRun)
-			continue
-		}
-		for j, op := range ops {
-			c.Logf(" <op %d>\n", j)
-			expectedOp := expectedRun[j]
-			if expectedOp.Insert != nil {
-				if doc, ok := expectedOp.Insert.(*PayloadDoc); ok {
-					expectedOp.Insert = doc.convert()
-				}
-			} else if expectedOp.Update != nil {
-				if doc, ok := expectedOp.Update.(*PayloadDoc); ok {
-					expectedOp.Update = doc.convert()
-				}
-			}
-			c.Check(op, jc.DeepEquals, expectedOp)
-		}
-	}
-}
-
-func (sp fakeStatePersistence) CheckNoOps(c *gc.C) {
-	c.Check(sp.ops, gc.HasLen, 0)
-}
-
-func (sp fakeStatePersistence) One(collName, id string, doc interface{}) error {
-	sp.AddCall("One", collName, id, doc)
-	if err := sp.NextErr(); err != nil {
-		return errors.Trace(err)
-	}
-
-	if len(sp.docs) == 0 {
-		return errors.NotFoundf(id)
-	}
-	found, ok := sp.docs[id]
-	if !ok {
-		return errors.NotFoundf(id)
-	}
-	actual := doc.(*payloadDoc)
-	*actual = *found
-	return nil
-}
-
-func (sp fakeStatePersistence) All(collName string, query, docs interface{}) error {
-	sp.AddCall("All", collName, query, docs)
-	if err := sp.NextErr(); err != nil {
-		return errors.Trace(err)
-	}
-
-	var ids []string
-	elems := query.(bson.D)
-	if len(elems) < 1 {
-		err := errors.Errorf("bad query %v", query)
-		panic(err)
-	}
-	switch elems[0].Name {
-	case "_id":
-		if len(elems) != 1 {
-			err := errors.Errorf("bad query %v", query)
-			panic(err)
-		}
-		elems = elems[0].Value.(bson.D)
-		if len(elems) != 1 || elems[0].Name != "$in" {
-			err := errors.Errorf("bad query %v", query)
-			panic(err)
-		}
-		ids = elems[0].Value.([]string)
-	case "unitid":
-		for id := range sp.docs {
-			ids = append(ids, id)
-		}
-	default:
-		panic(query)
-	}
-
-	var found []payloadDoc
-	for _, id := range ids {
-		doc, ok := sp.docs[id]
-		if !ok {
-			continue
-		}
-		found = append(found, *doc)
-	}
-	actual := docs.(*[]payloadDoc)
-	*actual = found
-	return nil
-}
-
-func (sp *fakeStatePersistence) Run(transactions jujutxn.TransactionSource) error {
-	sp.AddCall("Run", transactions)
-
-	// See transactionRunner.Run in github.com/juju/txn.
-	for i := 0; ; i++ {
-		const nrRetries = 3
-		if i >= nrRetries {
-			return jujutxn.ErrExcessiveContention
-		}
-
-		// Get the ops.
-		ops, err := transactions(i)
-		if err == jujutxn.ErrTransientFailure {
-			continue
-		}
-		if err == jujutxn.ErrNoOperations {
-			break
-		}
-		if err != nil {
-			return err
-		}
-
-		// "run" the ops.
-		sp.ops = append(sp.ops, ops)
-		if err := sp.NextErr(); err == nil {
-			return nil
-		} else if err != txn.ErrAborted {
-			return err
-		}
-	}
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,13 +5,9 @@
 
 import (
 	"fmt"
-	"strings"
 
-	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/mgo.v2/bson"
-	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/payload"
 )
@@ -20,90 +16,25 @@
 	payloadsC = "payloads"
 )
 
-// Collections is the list of names of the mongo collections where state
-// is stored for payloads.
-// TODO(ericsnow) Not needed anymore...modify for a new registration scheme?
-var Collections = []string{
-	payloadsC,
+func payloadID(unit, name string) string {
+	return fmt.Sprintf("payload#%s#%s", unit, name)
 }
 
-// TODO(ericsnow) Move the methods under their own type (payloadcollection?).
-
-func (pp Persistence) extractPayload(id string, payloadDocs map[string]payloadDoc) (*payload.Payload, bool) {
-	doc, ok := payloadDocs[id]
-	if !ok {
-		return nil, false
-	}
-	p := doc.payload(pp.unit)
-	return &p, true
-}
-
-func (pp Persistence) all(query bson.D, docs interface{}) error {
-	return errors.Trace(pp.st.All(payloadsC, query, docs))
-}
-
-func (pp Persistence) allID(query bson.D, docs interface{}) error {
-	if query != nil {
-		query = bson.D{{"_id", query}}
-	}
-	return errors.Trace(pp.all(query, docs))
-}
-
-func (pp Persistence) payloadID(id string) string {
-	// TODO(ericsnow) Drop the unit part.
-	return fmt.Sprintf("payload#%s#%s", pp.unit, id)
-}
-
-func (pp Persistence) extractPayloadID(docID string) string {
-	parts := strings.Split(docID, "#")
-	return parts[len(parts)-1]
-}
-
-func (pp Persistence) newInsertPayloadOps(id string, p payload.Payload) []txn.Op {
-	var ops []txn.Op
-
-	doc := pp.newPayloadDoc(id, p)
-	ops = append(ops, txn.Op{
-		C:      payloadsC,
-		Id:     doc.DocID,
-		Assert: txn.DocMissing,
-		Insert: doc,
-	})
-
-	return ops
-}
-
-func (pp Persistence) newSetRawStatusOps(id, status string) []txn.Op {
-	id = pp.payloadID(id)
-	updates := bson.D{
-		{"state", status},
-	}
-	return []txn.Op{{
-		C:      payloadsC,
-		Id:     id,
-		Assert: txn.DocExists,
-		Update: bson.D{{"$set", updates}},
-	}}
-}
-
-func (pp Persistence) newRemovePayloadOps(id string) []txn.Op {
-	id = pp.payloadID(id)
-	return []txn.Op{{
-		C:      payloadsC,
-		Id:     id,
-		Assert: txn.DocExists,
-		Remove: true,
-	}}
+func payloadIDQuery(unit, name string) bson.D {
+	id := payloadID(unit, name)
+	return bson.D{{"_id", id}}
 }
 
 // payloadDoc is the top-level document for payloads.
 type payloadDoc struct {
-	DocID     string `bson:"_id"`
-	ModelUUID string `bson:"model-uuid"`
+	DocID string `bson:"_id"`
 
+	// UnitID and Name are encoded in DocID.
 	UnitID string `bson:"unitid"`
+	Name   string `bson:"name"`
+
+	MachineID string `bson:"machine-id"`
 
-	Name string `bson:"name"`
 	Type string `bson:"type"`
 
 	// TODO(ericsnow) Store status in the "statuses" collection?
@@ -117,39 +48,8 @@
 	RawID string `bson:"rawid"`
 }
 
-func (d payloadDoc) payload(unit string) payload.Payload {
-	labels := make([]string, len(d.Labels))
-	copy(labels, d.Labels)
-	p := payload.Payload{
-		PayloadClass: d.definition(),
-		ID:           d.RawID,
-		Status:       d.State,
-		Labels:       labels,
-		Unit:         unit,
-	}
-	return p
-}
-
-func (d payloadDoc) definition() charm.PayloadClass {
-	definition := charm.PayloadClass{
-		Name: d.Name,
-		Type: d.Type,
-	}
-	return definition
-}
-
-func (d payloadDoc) match(name, rawID string) bool {
-	if d.Name != name {
-		return false
-	}
-	if d.RawID != rawID {
-		return false
-	}
-	return true
-}
-
-func (pp Persistence) newPayloadDoc(id string, p payload.Payload) *payloadDoc {
-	id = pp.payloadID(id)
+func newPayloadDoc(p payload.FullPayloadInfo) *payloadDoc {
+	id := payloadID(p.Unit, p.Name)
 
 	definition := p.PayloadClass
 
@@ -158,9 +58,11 @@
 
 	return &payloadDoc{
 		DocID:  id,
-		UnitID: pp.unit,
+		UnitID: p.Unit,
+		Name:   definition.Name,
+
+		MachineID: p.Machine,
 
-		Name: definition.Name,
 		Type: definition.Type,
 
 		State: p.Status,
@@ -171,52 +73,35 @@
 	}
 }
 
-func (pp Persistence) allPayloads() (map[string]payloadDoc, error) {
-	var docs []payloadDoc
-	query := bson.D{{"unitid", pp.unit}}
-	if err := pp.all(query, &docs); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	results := make(map[string]payloadDoc)
-	for _, doc := range docs {
-		id := pp.extractPayloadID(doc.DocID)
-		results[id] = doc
+func (d payloadDoc) payload() payload.FullPayloadInfo {
+	labels := make([]string, len(d.Labels))
+	copy(labels, d.Labels)
+	p := payload.FullPayloadInfo{
+		Payload: payload.Payload{
+			PayloadClass: d.definition(),
+			ID:           d.RawID,
+			Status:       d.State,
+			Labels:       labels,
+			Unit:         d.UnitID,
+		},
+		Machine: d.MachineID,
 	}
-	return results, nil
+	return p
 }
 
-func (pp Persistence) payloads(ids []string) (map[string]payloadDoc, error) {
-	fullIDs := make([]string, len(ids))
-	idMap := make(map[string]string, len(ids))
-	for i, id := range ids {
-		fullID := pp.payloadID(id)
-		fullIDs[i] = fullID
-		idMap[fullID] = id
-	}
-
-	var docs []payloadDoc
-	query := bson.D{{"$in", fullIDs}}
-	if err := pp.allID(query, &docs); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	results := make(map[string]payloadDoc)
-	for _, doc := range docs {
-		fullID := dropModelUUID(doc.DocID)
-		id := idMap[fullID]
-		results[id] = doc
+func (d payloadDoc) definition() charm.PayloadClass {
+	return charm.PayloadClass{
+		Name: d.Name,
+		Type: d.Type,
 	}
-	return results, nil
 }
 
-func dropModelUUID(id string) string {
-	fullID := id
-	parts := strings.SplitN(fullID, ":", 2)
-	if len(parts) == 2 {
-		if names.IsValidModel(parts[0]) {
-			fullID = parts[1]
-		}
+func (d payloadDoc) match(name, rawID string) bool {
+	if d.Name != name {
+		return false
 	}
-	return fullID
+	if d.RawID != rawID {
+		return false
+	}
+	return true
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo_queries.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo_queries.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo_queries.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo_queries.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,90 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package persistence
+
+import (
+	"github.com/juju/errors"
+	"gopkg.in/mgo.v2/bson"
+)
+
+type payloadsDBQueryer interface {
+	// All populates docs with the list of the documents corresponding
+	// to the provided query.
+	All(collName string, query, docs interface{}) error
+}
+
+type payloadsQueries struct {
+	querier payloadsDBQueryer
+}
+
+func (pq payloadsQueries) one(query bson.D) (payloadDoc, error) {
+	var docs []payloadDoc
+	if err := pq.querier.All(payloadsC, query, &docs); err != nil {
+		return payloadDoc{}, errors.Trace(err)
+	}
+	if len(docs) > 1 {
+		return payloadDoc{}, errors.NewNotValid(nil, "query too broad, got more than one doc")
+	}
+	if len(docs) == 0 {
+		return payloadDoc{}, errors.NotFoundf("")
+	}
+	return docs[0], nil
+}
+
+func (pq payloadsQueries) all(unit string) ([]payloadDoc, error) {
+	var docs []payloadDoc
+	var query bson.D
+	if unit != "" {
+		query = bson.D{{"unitid", unit}}
+	}
+	if err := pq.querier.All(payloadsC, query, &docs); err != nil {
+		return nil, errors.Trace(err)
+	}
+	return docs, nil
+}
+
+func (pq payloadsQueries) allByName() (map[string]payloadDoc, error) {
+	docs, err := pq.all("")
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	results := make(map[string]payloadDoc, len(docs))
+	for _, doc := range docs {
+		results[doc.Name] = doc
+	}
+	return results, nil
+}
+
+func (pq payloadsQueries) unitPayloadsByName(unit string) (map[string]payloadDoc, error) {
+	if unit == "" {
+		return nil, errors.NewNotValid(nil, "missing unit ID")
+	}
+	docs, err := pq.all(unit)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	results := make(map[string]payloadDoc)
+	for _, doc := range docs {
+		results[doc.Name] = doc
+	}
+	return results, nil
+}
+
+func (pq payloadsQueries) someUnitPayloads(unit string, names []string) ([]payloadDoc, []string, error) {
+	all, err := pq.unitPayloadsByName(unit)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+
+	var results []payloadDoc
+	var missing []string
+	for _, name := range names {
+		if doc, ok := all[name]; ok {
+			results = append(results, doc)
+		} else {
+			missing = append(missing, name)
+		}
+	}
+	return results, missing, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,227 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package persistence
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/payload"
+)
+
+// These tests are a low-level sanity check in support of more complete
+// integration testing done in state/payloads_test.go.
+
+type PayloadsMongoSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&PayloadsMongoSuite{})
+
+func (s *PayloadsMongoSuite) TestUpsertOpsMissing(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	utxn := upsertPayloadTxn{
+		payload: pl,
+		exists:  false,
+	}
+
+	ops := utxn.ops()
+
+	f.Stub.CheckNoCalls(c)
+	id := "payload#a-unit/0#payloadA"
+	c.Check(ops, jc.DeepEquals, []txn.Op{{
+		C:      "payloads",
+		Id:     id,
+		Assert: txn.DocMissing,
+		Insert: &payloadDoc{
+			DocID:     id,
+			UnitID:    "a-unit/0",
+			Name:      "payloadA",
+			MachineID: "0",
+			Type:      "docker",
+			RawID:     "payloadA-xyz",
+			State:     "running",
+		},
+	}})
+}
+
+func (s *PayloadsMongoSuite) TestUpsertOpsExists(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	utxn := upsertPayloadTxn{
+		payload: pl,
+		exists:  true,
+	}
+
+	ops := utxn.ops()
+
+	f.Stub.CheckNoCalls(c)
+	id := "payload#a-unit/0#payloadA"
+	c.Check(ops, jc.DeepEquals, []txn.Op{{
+		C:      "payloads",
+		Id:     id,
+		Assert: txn.DocExists,
+		Remove: true,
+	}, {
+		C:      "payloads",
+		Id:     id,
+		Assert: txn.DocMissing,
+		Insert: &payloadDoc{
+			DocID:     id,
+			UnitID:    "a-unit/0",
+			Name:      "payloadA",
+			MachineID: "0",
+			Type:      "docker",
+			RawID:     "payloadA-xyz",
+			State:     "running",
+		},
+	}})
+}
+
+func (s *PayloadsMongoSuite) TestUpsertCheckAssertsMissing(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	utxn := upsertPayloadTxn{
+		payload: pl,
+	}
+
+	err := utxn.checkAssertsAndUpdate(f.Queries)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(utxn.exists, jc.IsFalse)
+}
+
+func (s *PayloadsMongoSuite) TestUpsertCheckAssertsWasFound(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	utxn := upsertPayloadTxn{
+		payload: pl,
+		exists:  true,
+	}
+
+	err := utxn.checkAssertsAndUpdate(f.Queries)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(utxn.exists, jc.IsFalse)
+}
+
+func (s *PayloadsMongoSuite) TestUpsertCheckAssertsAlreadyExists(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	f.SetDocs(pl)
+	utxn := upsertPayloadTxn{
+		payload: pl,
+	}
+
+	err := utxn.checkAssertsAndUpdate(f.Queries)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(utxn.exists, jc.IsTrue)
+}
+
+func (s *PayloadsMongoSuite) TestUpsertCheckAssertsWasMissing(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	f.SetDocs(pl)
+	utxn := upsertPayloadTxn{
+		payload: pl,
+		exists:  false,
+	}
+
+	err := utxn.checkAssertsAndUpdate(f.Queries)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(utxn.exists, jc.IsTrue)
+}
+
+func (s *PayloadsMongoSuite) TestSetStatusOps(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	stxn := setPayloadStatusTxn{pl.Unit, pl.Name, payload.StateRunning}
+
+	ops := stxn.ops()
+
+	f.Stub.CheckNoCalls(c)
+	id := "payload#a-unit/0#payloadA"
+	c.Check(ops, jc.DeepEquals, []txn.Op{{
+		C:      "payloads",
+		Id:     id,
+		Assert: txn.DocExists,
+		Update: bson.D{
+			{"$set", bson.D{
+				{"state", payload.StateRunning},
+			}},
+		},
+	}})
+}
+
+func (s *PayloadsMongoSuite) TestSetStatusCheckAssertsExists(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	f.SetDocs(pl)
+	stxn := setPayloadStatusTxn{pl.Unit, pl.Name, payload.StateRunning}
+
+	err := stxn.checkAssertsAndUpdate(f.Queries)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+}
+
+func (s *PayloadsMongoSuite) TestSetStatusCheckAssertsMissing(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	stxn := setPayloadStatusTxn{"a-unit/0", "", payload.StateRunning}
+
+	err := stxn.checkAssertsAndUpdate(f.Queries)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(errors.Cause(err), gc.Equals, payload.ErrNotFound)
+}
+
+func (s *PayloadsMongoSuite) TestRemoveOps(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/xyz")
+	rtxn := removePayloadTxn{pl.Unit, pl.Name}
+
+	ops := rtxn.ops()
+
+	f.Stub.CheckNoCalls(c)
+	id := "payload#a-unit/0#payloadA"
+	c.Check(ops, jc.DeepEquals, []txn.Op{{
+		C:      "payloads",
+		Id:     id,
+		Assert: txn.DocExists,
+		Remove: true,
+	}})
+}
+
+func (s *PayloadsMongoSuite) TestRemoveCheckAssertsExists(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/xyz")
+	f.SetDocs(pl)
+	rtxn := removePayloadTxn{pl.Unit, pl.Name}
+
+	err := rtxn.checkAssertsAndUpdate(f.Queries)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+}
+
+func (s *PayloadsMongoSuite) TestRemoveCheckAssertsMissing(c *gc.C) {
+	f := NewPayloadPersistenceFixture()
+	rtxn := removePayloadTxn{"a-unit/0", "payloadA"}
+
+	err := rtxn.checkAssertsAndUpdate(f.Queries)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(errors.Cause(err), gc.Equals, payload.ErrNotFound)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo_txn.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo_txn.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/mongo_txn.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/mongo_txn.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,153 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package persistence
+
+import (
+	"github.com/juju/errors"
+	jujutxn "github.com/juju/txn"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/payload"
+)
+
+type payloadsTxnRunner interface {
+	// Run runs the transaction generated by the provided factory
+	// function. It may be retried several times.
+	Run(transactions jujutxn.TransactionSource) error
+}
+
+type payloadsTransaction interface {
+	checkAssertsAndUpdate(pq payloadsQueries) error
+	ops() []txn.Op
+}
+
+type payloadsTransactions struct {
+	queries payloadsQueries
+	runner  payloadsTxnRunner
+}
+
+func (pt payloadsTransactions) run(ptxn payloadsTransaction) error {
+	buildTxn := pt.newTxnSource(ptxn)
+	if err := pt.runner.Run(buildTxn); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+func (pt payloadsTransactions) newTxnSource(ptxn payloadsTransaction) jujutxn.TransactionSource {
+	return func(attempt int) ([]txn.Op, error) {
+		// We always check the asserts manually before returning ops.
+		if err := ptxn.checkAssertsAndUpdate(pt.queries); err != nil {
+			return nil, errors.Trace(err)
+		}
+		// If the asserts check out then it was probably a transient
+		// error, so try again.
+
+		return ptxn.ops(), nil
+	}
+}
+
+type upsertPayloadTxn struct {
+	payload payload.FullPayloadInfo
+
+	exists bool
+}
+
+func (utxn *upsertPayloadTxn) checkAssertsAndUpdate(pq payloadsQueries) error {
+	utxn.exists = false
+	query := payloadIDQuery(utxn.payload.Unit, utxn.payload.Name)
+	_, err := pq.one(query)
+	if err == nil {
+		utxn.exists = true
+	} else if !errors.IsNotFound(err) {
+		return errors.Trace(err)
+	}
+
+	return nil
+}
+
+func (utxn upsertPayloadTxn) ops() []txn.Op {
+	doc := newPayloadDoc(utxn.payload)
+	var ops []txn.Op
+	if utxn.exists {
+		ops = append(ops, txn.Op{
+			C:      payloadsC,
+			Id:     doc.DocID,
+			Assert: txn.DocExists,
+			Remove: true,
+		})
+	}
+	// TODO(ericsnow) Add unitPersistence.newEnsureAliveOp(pp.unit)?
+	return append(ops, txn.Op{
+		C:      payloadsC,
+		Id:     doc.DocID,
+		Assert: txn.DocMissing,
+		Insert: doc,
+	})
+}
+
+type setPayloadStatusTxn struct {
+	unit   string
+	name   string
+	status string
+}
+
+func (stxn *setPayloadStatusTxn) checkAssertsAndUpdate(pq payloadsQueries) error {
+	query := payloadIDQuery(stxn.unit, stxn.name)
+	_, err := pq.one(query)
+	if errors.IsNotFound(err) {
+		return errors.Annotatef(payload.ErrNotFound, "(%s)", stxn.name)
+	}
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	return nil
+}
+
+func (stxn setPayloadStatusTxn) ops() []txn.Op {
+	id := payloadID(stxn.unit, stxn.name)
+	updates := bson.D{
+		{"state", stxn.status},
+	}
+	// TODO(ericsnow) Add unitPersistence.newEnsureAliveOp(pp.unit)?
+	return []txn.Op{{
+		C:      payloadsC,
+		Id:     id,
+		Assert: txn.DocExists,
+		Update: bson.D{{"$set", updates}},
+	}}
+}
+
+type removePayloadTxn struct {
+	unit string
+	name string
+}
+
+func (rtxn *removePayloadTxn) checkAssertsAndUpdate(pq payloadsQueries) error {
+	query := payloadIDQuery(rtxn.unit, rtxn.name)
+	_, err := pq.one(query)
+	if errors.IsNotFound(err) {
+		// Must have already beeen removed! The business logic
+		// (i.e. state) can decide whether or not to ignore this.
+		return errors.Annotatef(payload.ErrNotFound, "(%s)", rtxn.name)
+	}
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	return nil
+}
+
+func (rtxn removePayloadTxn) ops() []txn.Op {
+	id := payloadID(rtxn.unit, rtxn.name)
+	// TODO(ericsnow) Add unitPersistence.newEnsureAliveOp(pp.unit)?
+	return []txn.Op{{
+		C:      payloadsC,
+		Id:     id,
+		Assert: txn.DocExists,
+		Remove: true,
+	}}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/persistence.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/persistence.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/persistence.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/persistence.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,145 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package persistence
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+
+	"github.com/juju/juju/payload"
+)
+
+var logger = loggo.GetLogger("juju.payload.persistence")
+
+// TODO(ericsnow) Store status in the status collection?
+
+// TODO(ericsnow) Move PersistenceBase to the components package?
+
+// PersistenceBase exposes the core persistence functionality needed
+// for payloads.
+type PersistenceBase interface {
+	payloadsDBQueryer
+	payloadsTxnRunner
+}
+
+// UnitPersistence exposes the high-level persistence functionality
+// related to payloads in Juju.
+type Persistence struct {
+	queries payloadsQueries
+	txns    payloadsTransactions
+}
+
+// NewPersistence wraps the "db" in a new Persistence.
+func NewPersistence(db PersistenceBase) *Persistence {
+	queries := payloadsQueries{
+		querier: db,
+	}
+	return &Persistence{
+		queries: queries,
+		txns: payloadsTransactions{
+			queries: queries,
+			runner:  db,
+		},
+	}
+}
+
+// ListAll returns the list of all payloads in the model.
+func (pp *Persistence) ListAll() ([]payload.FullPayloadInfo, error) {
+	logger.Tracef("listing all payloads")
+
+	docs, err := pp.queries.all("")
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	fullPayloads := make([]payload.FullPayloadInfo, 0, len(docs))
+	for _, doc := range docs {
+		p := doc.payload()
+		fullPayloads = append(fullPayloads, p)
+	}
+	return fullPayloads, nil
+}
+
+// Track adds records for the payload to persistence. If the payload
+// is already there then it is replaced with the new one.
+func (pp Persistence) Track(pl payload.FullPayloadInfo) error {
+	logger.Tracef("inserting %q - %#v", pl.Name, pl)
+	txn := &upsertPayloadTxn{
+		payload: pl,
+	}
+	if err := pp.txns.run(txn); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+// SetStatus updates the raw status for the identified payload in
+// persistence. If the payload is not there then payload.ErrNotFound
+// is returned.
+func (pp Persistence) SetStatus(unit, name, status string) error {
+	logger.Tracef("setting status for %q", name)
+	txn := &setPayloadStatusTxn{
+		unit:   unit,
+		name:   name,
+		status: status,
+	}
+	if err := pp.txns.run(txn); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+// List builds the list of payloads found in persistence which match
+// the provided IDs. The lists of IDs with missing records is also
+// returned.
+func (pp Persistence) List(unit string, names ...string) ([]payload.FullPayloadInfo, []string, error) {
+	// TODO(ericsnow) Ensure that the unit is Alive?
+
+	docs, missing, err := pp.queries.someUnitPayloads(unit, names)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+
+	results := make([]payload.FullPayloadInfo, len(docs))
+	for i, doc := range docs {
+		results[i] = doc.payload()
+	}
+	return results, missing, nil
+}
+
+// ListAllForUnit builds the list of all payloads found in persistence.
+func (pp Persistence) ListAllForUnit(unit string) ([]payload.FullPayloadInfo, error) {
+	// TODO(ericsnow) Ensure that the unit is Alive?
+
+	docs, err := pp.queries.unitPayloadsByName(unit)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	results := make([]payload.FullPayloadInfo, 0, len(docs))
+	for _, doc := range docs {
+		p := doc.payload()
+		results = append(results, p)
+	}
+	return results, nil
+}
+
+// TODO(ericsnow) Add payloads to state/cleanup.go.
+
+// TODO(ericsnow) How to ensure they are completely removed from state
+// (when you factor in status stored in a separate collection)?
+
+// Untrack removes all records associated with the identified payload
+// from persistence. If the payload is not there then
+// payload.ErrNotFound is returned.
+func (pp Persistence) Untrack(unit, name string) error {
+	txn := &removePayloadTxn{
+		unit: unit,
+		name: name,
+	}
+	if err := pp.txns.run(txn); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/persistence_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/persistence_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/persistence_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/persistence_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,234 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package persistence_test
+
+import (
+	"sort"
+
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/payload"
+	"github.com/juju/juju/payload/persistence"
+)
+
+type PayloadsPersistenceSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&PayloadsPersistenceSuite{})
+
+func (s *PayloadsPersistenceSuite) TestListAllOkay(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	p1 := f.NewPayload("0", "a-unit/0", "docker", "spam/spam-xyz")
+	p1.Labels = []string{"a-tag"}
+	p2 := f.NewPayload("0", "a-unit/0", "docker", "eggs/eggs-xyz")
+	p2.Labels = []string{"a-tag"}
+	f.SetDocs(p1, p2)
+	persist := f.NewPersistence()
+
+	payloads, err := persist.ListAll()
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.CheckPayloads(c, payloads, p1, p2)
+	f.Stub.CheckCallNames(c, "All")
+}
+
+func (s *PayloadsPersistenceSuite) TestListAllEmpty(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	persist := f.NewPersistence()
+
+	payloads, err := persist.ListAll()
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(payloads, gc.HasLen, 0)
+	f.Stub.CheckCallNames(c, "All")
+}
+
+func (s *PayloadsPersistenceSuite) TestListAllFailed(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	failure := errors.Errorf("<failed!>")
+	f.Stub.SetErrors(failure)
+	persist := f.NewPersistence()
+
+	_, err := persist.ListAll()
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+}
+
+func (s *PayloadsPersistenceSuite) TestTrackOkay(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	wp := f.NewPersistence()
+
+	err := wp.Track(pl)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "Run")
+}
+
+func (s *PayloadsPersistenceSuite) TestTrackFailed(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	failure := errors.Errorf("<failed!>")
+	f.Stub.SetErrors(failure)
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA")
+	pp := f.NewPersistence()
+
+	err := pp.Track(pl)
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+	f.Stub.CheckCallNames(c, "Run")
+}
+
+func (s *PayloadsPersistenceSuite) TestSetStatusOkay(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	f.SetDocs(pl)
+	pp := f.NewPersistence()
+
+	err := pp.SetStatus(pl.Unit, pl.Name, payload.StateRunning)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "Run")
+}
+
+func (s *PayloadsPersistenceSuite) TestSetStatusFailed(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/payloadA-xyz")
+	f.SetDocs(pl)
+	failure := errors.Errorf("<failed!>")
+	f.Stub.SetErrors(failure)
+	pp := f.NewPersistence()
+
+	err := pp.SetStatus(pl.Unit, pl.Name, payload.StateRunning)
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+	f.Stub.CheckCallNames(c, "Run")
+}
+
+func (s *PayloadsPersistenceSuite) TestListOkay(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/xyz")
+	other := f.NewPayload("0", "a-unit/0", "docker", "payloadB/abc")
+	f.SetDocs(pl, other)
+	pp := f.NewPersistence()
+
+	payloads, missing, err := pp.List(pl.Unit, pl.Name)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(payloads, jc.DeepEquals, []payload.FullPayloadInfo{pl})
+	c.Check(missing, gc.HasLen, 0)
+}
+
+func (s *PayloadsPersistenceSuite) TestListSomeMissing(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadB/abc")
+	other := f.NewPayload("0", "a-unit/0", "docker", "payloadA/xyz")
+	f.SetDocs(pl, other)
+	missingName := "not-" + pl.Name
+	pp := f.NewPersistence()
+
+	payloads, missing, err := pp.List(pl.Unit, pl.Name, missingName)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(payloads, jc.DeepEquals, []payload.FullPayloadInfo{pl})
+	c.Check(missing, jc.DeepEquals, []string{missingName})
+}
+
+func (s *PayloadsPersistenceSuite) TestListEmpty(c *gc.C) {
+	name := "payloadA"
+	f := persistence.NewPayloadPersistenceFixture()
+	pp := f.NewPersistence()
+
+	payloads, missing, err := pp.List("a-unit/0", name)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(payloads, gc.HasLen, 0)
+	c.Check(missing, jc.DeepEquals, []string{name})
+}
+
+func (s *PayloadsPersistenceSuite) TestListFailure(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	failure := errors.Errorf("<failed!>")
+	f.Stub.SetErrors(failure)
+	pp := f.NewPersistence()
+
+	_, _, err := pp.List("a-unit/0")
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+}
+
+func (s *PayloadsPersistenceSuite) TestListAllForUnitOkay(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	existing := f.NewPayloads("0", "a-unit/0", "docker", "payloadA/xyz", "payloadB/abc")
+	f.SetDocs(existing...)
+	pp := f.NewPersistence()
+
+	payloads, err := pp.ListAllForUnit("a-unit/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	sort.Sort(byName(payloads))
+	sort.Sort(byName(existing))
+	c.Check(payloads, jc.DeepEquals, existing)
+}
+
+func (s *PayloadsPersistenceSuite) TestListAllForUnitEmpty(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pp := f.NewPersistence()
+
+	payloads, err := pp.ListAllForUnit("a-unit/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "All")
+	c.Check(payloads, gc.HasLen, 0)
+}
+
+type byName []payload.FullPayloadInfo
+
+func (b byName) Len() int           { return len(b) }
+func (b byName) Less(i, j int) bool { return b[i].FullID() < b[j].FullID() }
+func (b byName) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
+
+func (s *PayloadsPersistenceSuite) TestListAllForUnitFailed(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	failure := errors.Errorf("<failed!>")
+	f.Stub.SetErrors(failure)
+	pp := f.NewPersistence()
+
+	_, err := pp.ListAllForUnit("a-unit/0")
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+}
+
+func (s *PayloadsPersistenceSuite) TestUntrackOkay(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/xyz")
+	f.SetDocs(pl)
+	pp := f.NewPersistence()
+
+	err := pp.Untrack(pl.Unit, pl.Name)
+	c.Assert(err, jc.ErrorIsNil)
+
+	f.Stub.CheckCallNames(c, "Run")
+}
+
+func (s *PayloadsPersistenceSuite) TestUntrackFailed(c *gc.C) {
+	f := persistence.NewPayloadPersistenceFixture()
+	pl := f.NewPayload("0", "a-unit/0", "docker", "payloadA/xyz")
+	f.SetDocs(pl)
+	failure := errors.Errorf("<failed!>")
+	f.Stub.SetErrors(failure)
+	pp := f.NewPersistence()
+
+	err := pp.Untrack(pl.Unit, pl.Name)
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+	f.Stub.CheckCallNames(c, "Run")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,54 +3,21 @@
 
 package persistence
 
-// TODO(ericsnow) Eliminate the mongo-related imports here.
-
 import (
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	jujutxn "github.com/juju/txn"
-	"gopkg.in/mgo.v2/txn"
-
 	"github.com/juju/juju/payload"
 )
 
-var logger = loggo.GetLogger("juju.payload.persistence")
-
-// TODO(ericsnow) Merge Persistence and EnvPersistence.
-
-// TODO(ericsnow) Store status in the status collection?
-
-// TODO(ericsnow) Implement persistence using a TXN abstraction (used
-// in the business logic) with ops factories available from the
-// persistence layer.
-
-// TODO(ericsnow) Move PersistenceBase to the components package?
-
-// PersistenceBase exposes the core persistence functionality needed
-// for payloads.
-type PersistenceBase interface {
-	// One populates doc with the document corresponding to the given
-	// ID. Missing documents result in errors.NotFound.
-	One(collName, id string, doc interface{}) error
-	// All populates docs with the list of the documents corresponding
-	// to the provided query.
-	All(collName string, query, docs interface{}) error
-	// Run runs the transaction generated by the provided factory
-	// function. It may be retried several times.
-	Run(transactions jujutxn.TransactionSource) error
-}
-
-// Persistence exposes the high-level persistence functionality
+// UnitPersistence exposes the high-level persistence functionality
 // related to payloads in Juju.
-type Persistence struct {
-	st   PersistenceBase
+type UnitPersistence struct {
+	pp   *Persistence
 	unit string
 }
 
-// NewPersistence builds a new Persistence based on the provided info.
-func NewPersistence(st PersistenceBase, unit string) *Persistence {
-	return &Persistence{
-		st:   st,
+// NewUnitPersistence builds a new Persistence based on the provided info.
+func NewUnitPersistence(pp *Persistence, unit string) *UnitPersistence {
+	return &UnitPersistence{
+		pp:   pp,
 		unit: unit,
 	}
 }
@@ -58,145 +25,35 @@
 // Track adds records for the payload to persistence. If the payload
 // is already there then false gets returned (true if inserted).
 // Existing records are not checked for consistency.
-func (pp Persistence) Track(id string, pl payload.Payload) (bool, error) {
-	logger.Tracef("insertng %#v", pl)
-
-	_, err := pp.LookUp(pl.Name, pl.ID)
-	if err == nil {
-		return false, errors.AlreadyExistsf("payload for %q", pl.FullID())
-	} else if !errors.IsNotFound(err) {
-		return false, errors.Annotate(err, "while checking for collisions")
-	}
-	// TODO(ericsnow) There is a *slight* race here. I haven't found
-	// a simple way to check the secondary key in the transaction.
-
-	var okay bool
-	var ops []txn.Op
-	// TODO(ericsnow) Add unitPersistence.newEnsureAliveOp(pp.unit)?
-	ops = append(ops, pp.newInsertPayloadOps(id, pl)...)
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			okay = false
-			return nil, jujutxn.ErrNoOperations
-		}
-		okay = true
-		return ops, nil
-	}
-	if err := pp.st.Run(buildTxn); err != nil {
-		return false, errors.Trace(err)
-	}
-	return okay, nil
+func (up UnitPersistence) Track(pl payload.FullPayloadInfo) error {
+	return up.pp.Track(pl)
 }
 
 // SetStatus updates the raw status for the identified payload in
 // persistence. The return value corresponds to whether or not the
 // record was found in persistence. Any other problem results in
 // an error. The payload is not checked for inconsistent records.
-func (pp Persistence) SetStatus(id, status string) (bool, error) {
-	logger.Tracef("setting status for %q", id)
-
-	var found bool
-	var ops []txn.Op
-	// TODO(ericsnow) Add unitPersistence.newEnsureAliveOp(pp.unit)?
-	ops = append(ops, pp.newSetRawStatusOps(id, status)...)
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			found = false
-			return nil, jujutxn.ErrNoOperations
-		}
-		found = true
-		return ops, nil
-	}
-	if err := pp.st.Run(buildTxn); err != nil {
-		return false, errors.Trace(err)
-	}
-	return found, nil
+func (up UnitPersistence) SetStatus(name, status string) error {
+	return up.pp.SetStatus(up.unit, name, status)
 }
 
 // List builds the list of payloads found in persistence which match
 // the provided IDs. The lists of IDs with missing records is also
 // returned.
-func (pp Persistence) List(ids ...string) ([]payload.Payload, []string, error) {
-	// TODO(ericsnow) Ensure that the unit is Alive?
-
-	docs, err := pp.payloads(ids)
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-
-	var results []payload.Payload
-	var missing []string
-	for _, id := range ids {
-		p, ok := pp.extractPayload(id, docs)
-		if !ok {
-			missing = append(missing, id)
-			continue
-		}
-		results = append(results, *p)
-	}
-	return results, missing, nil
+func (up UnitPersistence) List(names ...string) ([]payload.FullPayloadInfo, []string, error) {
+	return up.pp.List(up.unit, names...)
 }
 
 // ListAll builds the list of all payloads found in persistence.
 // Inconsistent records result in errors.NotValid.
-func (pp Persistence) ListAll() ([]payload.Payload, error) {
-	// TODO(ericsnow) Ensure that the unit is Alive?
-
-	docs, err := pp.allPayloads()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	var results []payload.Payload
-	for id := range docs {
-		p, _ := pp.extractPayload(id, docs)
-		results = append(results, *p)
-	}
-	return results, nil
-}
-
-// LookUp returns the payload ID for the given name/rawID pair.
-func (pp Persistence) LookUp(name, rawID string) (string, error) {
-	// TODO(ericsnow) This could be more efficient.
-
-	docs, err := pp.allPayloads()
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-
-	for id, doc := range docs {
-		if doc.match(name, rawID) {
-			return id, nil
-		}
-	}
-
-	return "", errors.NotFoundf("payload for %s/%s", name, rawID)
+func (up UnitPersistence) ListAll() ([]payload.FullPayloadInfo, error) {
+	return up.pp.ListAllForUnit(up.unit)
 }
 
-// TODO(ericsnow) Add payloads to state/cleanup.go.
-
-// TODO(ericsnow) How to ensure they are completely removed from state
-// (when you factor in status stored in a separate collection)?
-
 // Untrack removes all records associated with the identified payload
 // from persistence. Also returned is whether or not the payload was
 // found. If the records for the payload are not consistent then
 // errors.NotValid is returned.
-func (pp Persistence) Untrack(id string) (bool, error) {
-	var found bool
-	var ops []txn.Op
-	// TODO(ericsnow) Add unitPersistence.newEnsureAliveOp(pp.unit)?
-	ops = append(ops, pp.newRemovePayloadOps(id)...)
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			found = false
-			return nil, jujutxn.ErrNoOperations
-		}
-		found = true
-		return ops, nil
-	}
-	if err := pp.st.Run(buildTxn); err != nil {
-		return false, errors.Trace(err)
-	}
-	return found, nil
+func (up UnitPersistence) Untrack(name string) error {
+	return up.pp.Untrack(up.unit, name)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/persistence/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/persistence/unit_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,295 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package persistence_test
-
-import (
-	"fmt"
-	"sort"
-
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/mgo.v2/bson"
-	"gopkg.in/mgo.v2/txn"
-
-	"github.com/juju/juju/payload"
-	"github.com/juju/juju/payload/persistence"
-)
-
-var _ = gc.Suite(&payloadsPersistenceSuite{})
-
-type payloadsPersistenceSuite struct {
-	persistence.BaseSuite
-}
-
-func (s *payloadsPersistenceSuite) TestTrackOkay(c *gc.C) {
-	pl := s.NewPayload("docker", "payloadA/payloadA-xyz")
-
-	wp := s.NewPersistence()
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	okay, err := wp.Track(id, pl)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(okay, jc.IsTrue)
-	s.Stub.CheckCallNames(c, "All", "Run")
-	s.State.CheckOps(c, [][]txn.Op{{
-		{
-			C:      "payloads",
-			Id:     "payload#a-unit/0#f47ac10b-58cc-4372-a567-0e02b2c3d479",
-			Assert: txn.DocMissing,
-			Insert: &persistence.PayloadDoc{
-				DocID:  "payload#a-unit/0#f47ac10b-58cc-4372-a567-0e02b2c3d479",
-				UnitID: "a-unit/0",
-
-				Name:  "payloadA",
-				Type:  "docker",
-				RawID: "payloadA-xyz",
-				State: "running",
-			},
-		},
-	}})
-}
-
-func (s *payloadsPersistenceSuite) TestTrackAlreadyExists(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-
-	pl := s.NewPayload("docker", "payloadA/payloadA-xyz")
-	s.SetDoc(id, pl)
-	s.Stub.SetErrors(nil, txn.ErrAborted)
-
-	wp := s.NewPersistence()
-	okay, err := wp.Track(id, pl)
-
-	c.Check(okay, jc.IsFalse)
-	c.Check(err, jc.Satisfies, errors.IsAlreadyExists)
-	s.Stub.CheckCallNames(c, "All")
-	s.State.CheckOps(c, nil)
-}
-
-func (s *payloadsPersistenceSuite) TestTrackFailed(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	failure := errors.Errorf("<failed!>")
-	s.Stub.SetErrors(nil, failure)
-	pl := s.NewPayload("docker", "payloadA")
-
-	pp := s.NewPersistence()
-	_, err := pp.Track(id, pl)
-
-	c.Check(errors.Cause(err), gc.Equals, failure)
-	s.Stub.CheckCallNames(c, "All", "Run")
-}
-
-func (s *payloadsPersistenceSuite) TestSetStatusOkay(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	pl := s.NewPayload("docker", "payloadA/payloadA-xyz")
-	s.SetDoc(id, pl)
-
-	pp := s.NewPersistence()
-	okay, err := pp.SetStatus(id, payload.StateRunning)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(okay, jc.IsTrue)
-	s.Stub.CheckCallNames(c, "Run")
-	s.State.CheckOps(c, [][]txn.Op{{
-		{
-			C:      "payloads",
-			Id:     "payload#a-unit/0#f47ac10b-58cc-4372-a567-0e02b2c3d479",
-			Assert: txn.DocExists,
-			Update: bson.D{
-				{"$set", bson.D{
-					{"state", payload.StateRunning},
-				}},
-			},
-		},
-	}})
-}
-
-func (s *payloadsPersistenceSuite) TestSetStatusMissing(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	s.Stub.SetErrors(txn.ErrAborted)
-
-	pp := s.NewPersistence()
-	okay, err := pp.SetStatus(id, payload.StateRunning)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(okay, jc.IsFalse)
-	s.Stub.CheckCallNames(c, "Run")
-	s.State.CheckOps(c, [][]txn.Op{{
-		{
-			C:      "payloads",
-			Id:     "payload#a-unit/0#f47ac10b-58cc-4372-a567-0e02b2c3d479",
-			Assert: txn.DocExists,
-			Update: bson.D{
-				{"$set", bson.D{
-					{"state", payload.StateRunning},
-				}},
-			},
-		},
-	}})
-}
-
-func (s *payloadsPersistenceSuite) TestSetStatusFailed(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	pl := s.NewPayload("docker", "payloadA/payloadA-xyz")
-	s.SetDoc(id, pl)
-	failure := errors.Errorf("<failed!>")
-	s.Stub.SetErrors(failure)
-
-	pp := s.NewPersistence()
-	_, err := pp.SetStatus(id, payload.StateRunning)
-
-	c.Check(errors.Cause(err), gc.Equals, failure)
-}
-
-func (s *payloadsPersistenceSuite) TestListOkay(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	pl := s.NewPayload("docker", "payloadA/xyz")
-	s.SetDoc(id, pl)
-	other := s.NewPayload("docker", "payloadB/abc")
-	s.SetDoc("f47ac10b-58cc-4372-a567-0e02b2c3d480", other)
-
-	pp := s.NewPersistence()
-	payloads, missing, err := pp.List(id)
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.Stub.CheckCallNames(c, "All")
-	s.State.CheckNoOps(c)
-	c.Check(payloads, jc.DeepEquals, []payload.Payload{pl})
-	c.Check(missing, gc.HasLen, 0)
-}
-
-func (s *payloadsPersistenceSuite) TestListSomeMissing(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	pl := s.NewPayload("docker", "payloadB/abc")
-	s.SetDoc(id, pl)
-	other := s.NewPayload("docker", "payloadA/xyz")
-	s.SetDoc("f47ac10b-58cc-4372-a567-0e02b2c3d480", other)
-
-	missingID := "f47ac10b-58cc-4372-a567-0e02b2c3d481"
-	pp := s.NewPersistence()
-	payloads, missing, err := pp.List(id, missingID)
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.Stub.CheckCallNames(c, "All")
-	s.State.CheckNoOps(c)
-	c.Check(payloads, jc.DeepEquals, []payload.Payload{pl})
-	c.Check(missing, jc.DeepEquals, []string{missingID})
-}
-
-func (s *payloadsPersistenceSuite) TestListEmpty(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	pp := s.NewPersistence()
-	payloads, missing, err := pp.List(id)
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.Stub.CheckCallNames(c, "All")
-	s.State.CheckNoOps(c)
-	c.Check(payloads, gc.HasLen, 0)
-	c.Check(missing, jc.DeepEquals, []string{id})
-}
-
-func (s *payloadsPersistenceSuite) TestListFailure(c *gc.C) {
-	failure := errors.Errorf("<failed!>")
-	s.Stub.SetErrors(failure)
-
-	pp := s.NewPersistence()
-	_, _, err := pp.List()
-
-	c.Check(errors.Cause(err), gc.Equals, failure)
-}
-
-func (s *payloadsPersistenceSuite) TestListAllOkay(c *gc.C) {
-	existing := s.NewPayloads("docker", "payloadA/xyz", "payloadB/abc")
-	for i, pl := range existing {
-		s.SetDoc(fmt.Sprintf("%d", i), pl)
-	}
-
-	pp := s.NewPersistence()
-	payloads, err := pp.ListAll()
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.Stub.CheckCallNames(c, "All")
-	s.State.CheckNoOps(c)
-	sort.Sort(byName(payloads))
-	sort.Sort(byName(existing))
-	c.Check(payloads, jc.DeepEquals, existing)
-}
-
-func (s *payloadsPersistenceSuite) TestListAllEmpty(c *gc.C) {
-	pp := s.NewPersistence()
-	payloads, err := pp.ListAll()
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.Stub.CheckCallNames(c, "All")
-	s.State.CheckNoOps(c)
-	c.Check(payloads, gc.HasLen, 0)
-}
-
-type byName []payload.Payload
-
-func (b byName) Len() int           { return len(b) }
-func (b byName) Less(i, j int) bool { return b[i].FullID() < b[j].FullID() }
-func (b byName) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
-
-func (s *payloadsPersistenceSuite) TestListAllFailed(c *gc.C) {
-	failure := errors.Errorf("<failed!>")
-	s.Stub.SetErrors(failure)
-
-	pp := s.NewPersistence()
-	_, err := pp.ListAll()
-
-	c.Check(errors.Cause(err), gc.Equals, failure)
-}
-
-func (s *payloadsPersistenceSuite) TestUntrackOkay(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	pl := s.NewPayload("docker", "payloadA/xyz")
-	s.SetDoc(id, pl)
-
-	pp := s.NewPersistence()
-	found, err := pp.Untrack(id)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(found, jc.IsTrue)
-	s.Stub.CheckCallNames(c, "Run")
-	s.State.CheckOps(c, [][]txn.Op{{
-		{
-			C:      "payloads",
-			Id:     "payload#a-unit/0#f47ac10b-58cc-4372-a567-0e02b2c3d479",
-			Assert: txn.DocExists,
-			Remove: true,
-		},
-	}})
-}
-
-func (s *payloadsPersistenceSuite) TestUntrackMissing(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	s.Stub.SetErrors(txn.ErrAborted)
-
-	pp := s.NewPersistence()
-	found, err := pp.Untrack(id)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(found, jc.IsFalse)
-	s.Stub.CheckCallNames(c, "Run")
-	s.State.CheckOps(c, [][]txn.Op{{
-		{
-			C:      "payloads",
-			Id:     "payload#a-unit/0#f47ac10b-58cc-4372-a567-0e02b2c3d479",
-			Assert: txn.DocExists,
-			Remove: true,
-		},
-	}})
-}
-
-func (s *payloadsPersistenceSuite) TestUntrackFailed(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	failure := errors.Errorf("<failed!>")
-	s.Stub.SetErrors(failure)
-
-	pp := s.NewPersistence()
-	_, err := pp.Untrack(id)
-
-	c.Check(errors.Cause(err), gc.Equals, failure)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,29 +31,32 @@
 	s.persist = &fakePayloadsPersistence{Stub: s.stub}
 }
 
-func (s *basePayloadsSuite) newPayload(pType string, id string) payload.Payload {
+func (s *basePayloadsSuite) newPayload(pType string, id string) payload.FullPayloadInfo {
 	name, rawID := payload.ParseID(id)
 	if rawID == "" {
 		rawID = fmt.Sprintf("%s-%s", name, utils.MustNewUUID())
 	}
 
-	return payload.Payload{
-		PayloadClass: charm.PayloadClass{
-			Name: name,
-			Type: pType,
+	return payload.FullPayloadInfo{
+		Payload: payload.Payload{
+			PayloadClass: charm.PayloadClass{
+				Name: name,
+				Type: pType,
+			},
+			Status: payload.StateRunning,
+			ID:     rawID,
+			Unit:   "a-application/0",
 		},
-		Status: payload.StateRunning,
-		ID:     rawID,
-		Unit:   "a-service/0",
+		Machine: "0",
 	}
 }
 
 type fakePayloadsPersistence struct {
 	*gitjujutesting.Stub
-	payloads map[string]*payload.Payload
+	payloads map[string]*payload.FullPayloadInfo
 }
 
-func (s *fakePayloadsPersistence) checkPayload(c *gc.C, id string, expected payload.Payload) {
+func (s *fakePayloadsPersistence) checkPayload(c *gc.C, id string, expected payload.FullPayloadInfo) {
 	pl, ok := s.payloads[id]
 	if !ok {
 		c.Errorf("payload %q not found", id)
@@ -62,47 +65,47 @@
 	}
 }
 
-func (s *fakePayloadsPersistence) setPayload(id string, pl *payload.Payload) {
+func (s *fakePayloadsPersistence) setPayload(pl *payload.FullPayloadInfo) {
 	if s.payloads == nil {
-		s.payloads = make(map[string]*payload.Payload)
+		s.payloads = make(map[string]*payload.FullPayloadInfo)
 	}
-	s.payloads[id] = pl
+	s.payloads[pl.Name] = pl
 }
 
-func (s *fakePayloadsPersistence) Track(id string, pl payload.Payload) (bool, error) {
-	s.AddCall("Track", id, pl)
+func (s *fakePayloadsPersistence) Track(pl payload.FullPayloadInfo) error {
+	s.AddCall("Track", pl)
 	if err := s.NextErr(); err != nil {
-		return false, errors.Trace(err)
+		return errors.Trace(err)
 	}
 
-	if _, ok := s.payloads[id]; ok {
-		return false, nil
+	if _, ok := s.payloads[pl.Name]; ok {
+		return payload.ErrAlreadyExists
 	}
-	s.setPayload(id, &pl)
-	return true, nil
+	s.setPayload(&pl)
+	return nil
 }
 
-func (s *fakePayloadsPersistence) SetStatus(id, status string) (bool, error) {
+func (s *fakePayloadsPersistence) SetStatus(id, status string) error {
 	s.AddCall("SetStatus", id, status)
 	if err := s.NextErr(); err != nil {
-		return false, errors.Trace(err)
+		return errors.Trace(err)
 	}
 
 	pl, ok := s.payloads[id]
 	if !ok {
-		return false, nil
+		return payload.ErrNotFound
 	}
 	pl.Status = status
-	return true, nil
+	return nil
 }
 
-func (s *fakePayloadsPersistence) List(ids ...string) ([]payload.Payload, []string, error) {
+func (s *fakePayloadsPersistence) List(ids ...string) ([]payload.FullPayloadInfo, []string, error) {
 	s.AddCall("List", ids)
 	if err := s.NextErr(); err != nil {
 		return nil, nil, errors.Trace(err)
 	}
 
-	var payloads []payload.Payload
+	var payloads []payload.FullPayloadInfo
 	var missing []string
 	for _, id := range ids {
 		if pl, ok := s.payloads[id]; !ok {
@@ -114,42 +117,28 @@
 	return payloads, missing, nil
 }
 
-func (s *fakePayloadsPersistence) ListAll() ([]payload.Payload, error) {
+func (s *fakePayloadsPersistence) ListAll() ([]payload.FullPayloadInfo, error) {
 	s.AddCall("ListAll")
 	if err := s.NextErr(); err != nil {
 		return nil, errors.Trace(err)
 	}
 
-	var payloads []payload.Payload
+	var payloads []payload.FullPayloadInfo
 	for _, pl := range s.payloads {
 		payloads = append(payloads, *pl)
 	}
 	return payloads, nil
 }
 
-func (s *fakePayloadsPersistence) LookUp(name, rawID string) (string, error) {
-	s.AddCall("LookUp", name, rawID)
-	if err := s.NextErr(); err != nil {
-		return "", errors.Trace(err)
-	}
-
-	for id, pl := range s.payloads {
-		if pl.Name == name && pl.ID == rawID {
-			return id, nil
-		}
-	}
-	return "", errors.NotFoundf("doc ID")
-}
-
-func (s *fakePayloadsPersistence) Untrack(id string) (bool, error) {
+func (s *fakePayloadsPersistence) Untrack(id string) error {
 	s.AddCall("Untrack", id)
 	if err := s.NextErr(); err != nil {
-		return false, errors.Trace(err)
+		return errors.Trace(err)
 	}
 
 	if _, ok := s.payloads[id]; !ok {
-		return false, nil
+		return payload.ErrNotFound
 	}
 	delete(s.payloads, id)
-	return true, nil
+	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,13 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package state
-
-var (
-	NewID = newID
-)
-
-func SetNewID(uw UnitPayloads, newID func() (string, error)) UnitPayloads {
-	uw.newID = newID
-	return uw
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/payloads_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/payloads_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/payloads_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/payloads_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,19 +40,17 @@
 			ID:     "id" + name,
 			Status: payload.StateRunning,
 			Labels: []string{"a-tag"},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: "1",
 	}
 }
 
 func (s *envPayloadsSuite) TestListAllOkay(c *gc.C) {
-	id1 := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	id2 := "f47ac10b-58cc-4372-a567-0e02b2c3d480"
 	p1 := s.newPayload("spam")
 	p2 := s.newPayload("eggs")
-	s.persists.setPayload(id1, p1)
-	s.persists.setPayload(id2, p2)
+	s.persists.setPayload(p1)
+	s.persists.setPayload(p2)
 
 	ps := state.EnvPayloads{
 		Persist: s.persists,
@@ -68,22 +66,18 @@
 }
 
 func (s *envPayloadsSuite) TestListAllMulti(c *gc.C) {
-	id1 := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	id2 := "f47ac10b-58cc-4372-a567-0e02b2c3d480"
-	id3 := "f47ac10b-58cc-4372-a567-0e02b2c3d481"
-	id4 := "f47ac10b-58cc-4372-a567-0e02b2c3d482"
 	p1 := s.newPayload("spam")
 	p2 := s.newPayload("eggs")
-	p2.Unit = "a-service/1"
+	p2.Unit = "a-application/1"
 	p3 := s.newPayload("ham")
-	p3.Unit = "a-service/2"
+	p3.Unit = "a-application/2"
 	p3.Machine = "2"
 	p4 := s.newPayload("spamspamspam")
-	p4.Unit = "a-service/1"
-	s.persists.setPayload(id1, p1)
-	s.persists.setPayload(id2, p2)
-	s.persists.setPayload(id3, p3)
-	s.persists.setPayload(id4, p4)
+	p4.Unit = "a-application/1"
+	s.persists.setPayload(p1)
+	s.persists.setPayload(p2)
+	s.persists.setPayload(p3)
+	s.persists.setPayload(p4)
 
 	ps := state.EnvPayloads{
 		Persist: s.persists,
@@ -101,14 +95,12 @@
 }
 
 func (s *envPayloadsSuite) TestListAllFailed(c *gc.C) {
-	id1 := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	id2 := "f47ac10b-58cc-4372-a567-0e02b2c3d480"
 	failure := errors.Errorf("<failed!>")
 	s.stub.SetErrors(failure)
 	p1 := s.newPayload("spam")
 	p2 := s.newPayload("eggs")
-	s.persists.setPayload(id1, p1)
-	s.persists.setPayload(id2, p2)
+	s.persists.setPayload(p1)
+	s.persists.setPayload(p2)
 
 	ps := state.EnvPayloads{
 		Persist: s.persists,
@@ -176,18 +168,17 @@
 				if pl.Unit == "" {
 					pl.Unit = unit
 				}
-				fullPayload := payload.FullPayloadInfo{
-					Payload: pl,
-					Machine: machine,
+				if pl.Machine == "" {
+					pl.Machine = machine
 				}
-				fullPayloads = append(fullPayloads, fullPayload)
+				fullPayloads = append(fullPayloads, pl)
 			}
 		}
 	}
 	return fullPayloads, nil
 }
 
-func (s *stubPayloadsPersistence) setPayload(id string, pl payload.FullPayloadInfo) {
+func (s *stubPayloadsPersistence) setPayload(pl payload.FullPayloadInfo) {
 	if s.persists == nil {
 		s.persists = make(map[string]map[string]*fakePayloadsPersistence)
 	}
@@ -203,5 +194,5 @@
 		units[pl.Unit] = unitPayloads
 	}
 
-	unitPayloads.setPayload(id, &pl.Payload)
+	unitPayloads.setPayload(&pl)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,32 +6,29 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/utils"
 
 	"github.com/juju/juju/payload"
-	"github.com/juju/juju/payload/persistence"
 )
 
 var logger = loggo.GetLogger("juju.payload.state")
 
 // TODO(ericsnow) We need a worker to clean up dying payloads.
 
-// The persistence methods needed for payloads in state.
-type payloadsPersistence interface {
-	Track(id string, info payload.Payload) (bool, error)
+// Persistence exposes methods needed for payloads in state.
+type Persistence interface {
+	Track(info payload.FullPayloadInfo) error
 	// SetStatus updates the status for a payload.
-	SetStatus(id, status string) (bool, error)
-	List(ids ...string) ([]payload.Payload, []string, error)
-	ListAll() ([]payload.Payload, error)
-	LookUp(name, rawID string) (string, error)
-	Untrack(id string) (bool, error)
+	SetStatus(name, status string) error
+	List(names ...string) ([]payload.FullPayloadInfo, []string, error)
+	ListAll() ([]payload.FullPayloadInfo, error)
+	Untrack(name string) error
 }
 
 // UnitPayloads provides the functionality related to a unit's
 // payloads, as needed by state.
 type UnitPayloads struct {
 	// Persist is the persistence layer that will be used.
-	Persist payloadsPersistence
+	Persist Persistence
 
 	// Unit identifies the unit associated with the payloads. This
 	// is the "unit ID" of the targeted unit.
@@ -40,72 +37,63 @@
 	// Machine identifies the unit's machine. This is the "machine ID"
 	// of the machine on which the unit is running.
 	Machine string
-
-	newID func() (string, error)
 }
 
 // NewUnitPayloads builds a UnitPayloads for a unit.
-func NewUnitPayloads(st persistence.PersistenceBase, unit, machine string) *UnitPayloads {
-	persist := persistence.NewPersistence(st, unit)
+func NewUnitPayloads(persist Persistence, unit, machine string) *UnitPayloads {
 	return &UnitPayloads{
 		Persist: persist,
 		Unit:    unit,
 		Machine: machine,
-		newID:   newID,
 	}
 }
 
-func newID() (string, error) {
-	uuid, err := utils.NewUUID()
-	if err != nil {
-		return "", errors.Annotate(err, "could not create new payload ID")
-	}
-	return uuid.String(), nil
-}
-
-// TODO(ericsnow) Return the new ID from Track()?
-
-// Track inserts the provided payload info in state. The new Juju ID
-// for the payload is returned.
+// Track inserts the provided payload info in state. If the payload
+// is already in the DB then it is replaced.
 func (uw UnitPayloads) Track(pl payload.Payload) error {
 	logger.Tracef("tracking %#v", pl)
 
+	// TODO(ericsnow) The unit should probably not be a part
+	// of payload.Payload...
+	//pl.Unit = uw.Unit
+
 	if err := pl.Validate(); err != nil {
 		return errors.NewNotValid(err, "bad payload")
 	}
 
-	id, err := uw.newID()
-	if err != nil {
-		return errors.Trace(err)
+	if existing, err := uw.lookUp(pl.Name); err != nil {
+		if errors.Cause(err) != payload.ErrNotFound {
+			return errors.Trace(err)
+		}
+		// Wasn't found, so we're okay.
+	} else {
+		logger.Debugf("payload %q (raw: %q) already exists; replacing...", pl.Name, existing.ID)
 	}
 
-	ok, err := uw.Persist.Track(id, pl)
-	if err != nil {
-		return errors.Trace(err)
+	full := payload.FullPayloadInfo{
+		Payload: pl,
+		Machine: uw.Machine,
 	}
-	if !ok {
-		return errors.NotValidf("payload %s (already in state)", id)
+	if err := uw.Persist.Track(full); err != nil {
+		return errors.Trace(err)
 	}
 
 	return nil
 }
 
 // SetStatus updates the raw status for the identified payload to the
-// provided value.
-func (uw UnitPayloads) SetStatus(id, status string) error {
-	logger.Tracef("setting payload status for %q to %q", id, status)
+// provided value. If the payload is missing then payload.ErrNotFound
+// is returned.
+func (uw UnitPayloads) SetStatus(name, status string) error {
+	logger.Tracef("setting payload status for %q to %q", name, status)
 
 	if err := payload.ValidateState(status); err != nil {
 		return errors.Trace(err)
 	}
 
-	found, err := uw.Persist.SetStatus(id, status)
-	if err != nil {
+	if err := uw.Persist.SetStatus(name, status); err != nil {
 		return errors.Trace(err)
 	}
-	if !found {
-		return errors.NotFoundf(id)
-	}
 	return nil
 }
 
@@ -113,22 +101,22 @@
 // IDs. If none are provided then the list contains the info for all
 // payloads associated with the unit. Missing payloads
 // are ignored.
-func (uw UnitPayloads) List(ids ...string) ([]payload.Result, error) {
-	logger.Tracef("listing %v", ids)
+func (uw UnitPayloads) List(names ...string) ([]payload.Result, error) {
+	logger.Tracef("listing %v", names)
 	var err error
-	var payloads []payload.Payload
+	var payloads []payload.FullPayloadInfo
 	missingIDs := make(map[string]bool)
-	if len(ids) == 0 {
+	if len(names) == 0 {
 		payloads, err = uw.Persist.ListAll()
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
 		for _ = range payloads {
-			ids = append(ids, "")
+			names = append(names, "")
 		}
 	} else {
 		var missing []string
-		payloads, missing, err = uw.Persist.List(ids...)
+		payloads, missing, err = uw.Persist.List(names...)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -139,59 +127,68 @@
 
 	var results []payload.Result
 	i := 0
-	for _, id := range ids {
-		if missingIDs[id] {
+	for _, name := range names {
+		if missingIDs[name] {
 			results = append(results, payload.Result{
-				ID:       id,
+				ID:       name,
 				NotFound: true,
-				Error:    errors.NotFoundf(id),
+				Error:    errors.NotFoundf(name),
 			})
 			continue
 		}
 		pl := payloads[i]
 		i += 1
 
+		// TODO(ericsnow) Ensure that pl.Name == name?
 		// TODO(ericsnow) Ensure that pl.Unit == uw.Unit?
 
 		result := payload.Result{
-			ID: id,
-			Payload: &payload.FullPayloadInfo{
-				Payload: pl,
-				Machine: uw.Machine,
-			},
-		}
-		if id == "" {
-			// TODO(ericsnow) Do this more efficiently.
-			id, err := uw.LookUp(pl.Name, pl.ID)
-			if err != nil {
-				id = ""
-				result.Error = errors.Trace(err)
-			}
-			result.ID = id
+			ID:      pl.Name,
+			Payload: &pl,
 		}
 		results = append(results, result)
 	}
 	return results, nil
 }
 
+// TODO(ericsnow) Drop LookUp in favor of calling List() directly.
+
 // LookUp returns the payload ID for the given name/rawID pair.
 func (uw UnitPayloads) LookUp(name, rawID string) (string, error) {
 	logger.Tracef("looking up payload id for %s/%s", name, rawID)
-
-	id, err := uw.Persist.LookUp(name, rawID)
+	pl, err := uw.lookUp(name)
 	if err != nil {
 		return "", errors.Trace(err)
 	}
-	return id, nil
+	return pl.Name, nil
+}
+
+func (uw UnitPayloads) lookUp(name string) (payload.FullPayloadInfo, error) {
+	var pl payload.FullPayloadInfo
+
+	results, err := uw.List(name)
+	if err != nil {
+		return pl, errors.Trace(err)
+	}
+	if results[0].NotFound {
+		return pl, errors.Annotate(payload.ErrNotFound, name)
+	}
+	if results[0].Error != nil {
+		return pl, errors.Trace(results[0].Error)
+	}
+	pl = *results[0].Payload
+
+	return pl, nil
 }
 
 // Untrack removes the identified payload from state. It does not
-// trigger the actual destruction of the payload.
-func (uw UnitPayloads) Untrack(id string) error {
-	logger.Tracef("untracking %q", id)
+// trigger the actual destruction of the payload. If the payload is
+// missing then this is a noop.
+func (uw UnitPayloads) Untrack(name string) error {
+	logger.Tracef("untracking %q", name)
 	// If the record wasn't found then we're already done.
-	_, err := uw.Persist.Untrack(id)
-	if err != nil {
+	err := uw.Persist.Untrack(name)
+	if err != nil && errors.Cause(err) != payload.ErrNotFound {
 		return errors.Trace(err)
 	}
 	return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/state/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/state/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,6 @@
 import (
 	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/payload"
@@ -17,200 +16,173 @@
 
 type unitPayloadsSuite struct {
 	basePayloadsSuite
-	id string
-}
-
-func (s *unitPayloadsSuite) newID() (string, error) {
-	s.stub.AddCall("newID")
-	if err := s.stub.NextErr(); err != nil {
-		return "", errors.Trace(err)
-	}
-
-	return s.id, nil
-}
-
-func (s *unitPayloadsSuite) TestNewID(c *gc.C) {
-	id, err := state.NewID()
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(id, jc.Satisfies, utils.IsValidUUIDString)
 }
 
 func (s *unitPayloadsSuite) TestTrackOkay(c *gc.C) {
-	s.id = "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	ps = state.SetNewID(ps, s.newID)
 
-	err := ps.Track(pl)
+	err := ps.Track(pl.Payload)
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "newID", "Track")
+	s.stub.CheckCallNames(c, "List", "Track")
 	c.Check(s.persist.payloads, gc.HasLen, 1)
-	s.persist.checkPayload(c, s.id, pl)
+	s.persist.checkPayload(c, pl.Name, pl)
 }
 
 func (s *unitPayloadsSuite) TestTrackInvalid(c *gc.C) {
-	s.id = "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	pl := s.newPayload("", "payloadA/payloadA-xyz")
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	ps = state.SetNewID(ps, s.newID)
 
-	err := ps.Track(pl)
+	err := ps.Track(pl.Payload)
 
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 }
 
 func (s *unitPayloadsSuite) TestTrackEnsureDefinitionFailed(c *gc.C) {
-	s.id = "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	failure := errors.Errorf("<failed!>")
 	s.stub.SetErrors(failure)
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	ps = state.SetNewID(ps, s.newID)
 
-	err := ps.Track(pl)
+	err := ps.Track(pl.Payload)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 }
 
 func (s *unitPayloadsSuite) TestTrackInsertFailed(c *gc.C) {
-	s.id = "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	failure := errors.Errorf("<failed!>")
 	s.stub.SetErrors(failure)
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	ps = state.SetNewID(ps, s.newID)
 
-	err := ps.Track(pl)
+	err := ps.Track(pl.Payload)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 }
 
 func (s *unitPayloadsSuite) TestTrackAlreadyExists(c *gc.C) {
-	s.id = "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
-	s.persist.setPayload(s.id, &pl)
+	s.persist.setPayload(&pl)
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	ps = state.SetNewID(ps, s.newID)
 
-	err := ps.Track(pl)
+	err := ps.Track(pl.Payload)
 
-	c.Check(err, jc.Satisfies, errors.IsNotValid)
+	c.Check(err, jc.Satisfies, errors.IsAlreadyExists)
 }
 
 func (s *unitPayloadsSuite) TestSetStatusOkay(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
-	s.persist.setPayload(id, &pl)
+	s.persist.setPayload(&pl)
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
 
-	err := ps.SetStatus(id, payload.StateRunning)
+	err := ps.SetStatus(pl.Name, payload.StateRunning)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "SetStatus")
-	current := s.persist.payloads[id]
+	current := s.persist.payloads[pl.Name]
 	c.Check(current.Status, jc.DeepEquals, payload.StateRunning)
 }
 
 func (s *unitPayloadsSuite) TestSetStatusFailed(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	failure := errors.Errorf("<failed!>")
 	s.stub.SetErrors(failure)
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
-	s.persist.setPayload(id, &pl)
+	s.persist.setPayload(&pl)
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	err := ps.SetStatus(id, payload.StateRunning)
+	err := ps.SetStatus(pl.Name, payload.StateRunning)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 }
 
 func (s *unitPayloadsSuite) TestSetStatusMissing(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	err := ps.SetStatus(id, payload.StateRunning)
+	err := ps.SetStatus("payloadA", payload.StateRunning)
 
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *unitPayloadsSuite) TestListOkay(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	otherID := "f47ac10b-58cc-4372-a567-0e02b2c3d480"
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
 	other := s.newPayload("docker", "payloadB/payloadB-abc")
-	s.persist.setPayload(id, &pl)
-	s.persist.setPayload(otherID, &other)
+	s.persist.setPayload(&pl)
+	s.persist.setPayload(&other)
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
 	}
-	results, err := ps.List(id)
+	results, err := ps.List(pl.Name)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "List")
 	c.Check(results, jc.DeepEquals, []payload.Result{{
-		ID:      id,
-		Payload: &payload.FullPayloadInfo{Payload: pl},
+		ID:      pl.Name,
+		Payload: &pl,
 	}})
 }
 
 func (s *unitPayloadsSuite) TestListAll(c *gc.C) {
-	id1 := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	id2 := "f47ac10b-58cc-4372-a567-0e02b2c3d480"
 	pl1 := s.newPayload("docker", "payloadA/payloadA-xyz")
 	pl2 := s.newPayload("docker", "payloadB/payloadB-abc")
-	s.persist.setPayload(id1, &pl1)
-	s.persist.setPayload(id2, &pl2)
-	fpi1 := payload.FullPayloadInfo{Payload: pl1}
-	fpi2 := payload.FullPayloadInfo{Payload: pl2}
+	s.persist.setPayload(&pl1)
+	s.persist.setPayload(&pl2)
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
 	results, err := ps.List()
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "ListAll", "LookUp", "LookUp")
+	s.stub.CheckCallNames(c, "ListAll")
 	c.Assert(results, gc.HasLen, 2)
 	if results[0].Payload.Name == "payloadA" {
-		c.Check(results[0].Payload, jc.DeepEquals, &fpi1)
-		c.Check(results[1].Payload, jc.DeepEquals, &fpi2)
+		c.Check(results[0].Payload, jc.DeepEquals, &pl1)
+		c.Check(results[1].Payload, jc.DeepEquals, &pl2)
 	} else {
-		c.Check(results[0].Payload, jc.DeepEquals, &fpi2)
-		c.Check(results[1].Payload, jc.DeepEquals, &fpi1)
+		c.Check(results[0].Payload, jc.DeepEquals, &pl2)
+		c.Check(results[1].Payload, jc.DeepEquals, &pl1)
 	}
 }
 
@@ -220,7 +192,8 @@
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
 	_, err := ps.List()
 
@@ -229,40 +202,40 @@
 }
 
 func (s *unitPayloadsSuite) TestListMissing(c *gc.C) {
-	missingID := "f47ac10b-58cc-4372-a567-0e02b2c3d480"
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
-	s.persist.setPayload(id, &pl)
+	s.persist.setPayload(&pl)
+	missingName := "not-" + pl.Name
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	results, err := ps.List(id, missingID)
+	results, err := ps.List(pl.Name, missingName)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(results, gc.HasLen, 2)
 	c.Check(results[1].Error, gc.NotNil)
 	results[1].Error = nil
 	c.Check(results, jc.DeepEquals, []payload.Result{{
-		ID:      id,
-		Payload: &payload.FullPayloadInfo{Payload: pl},
+		ID:      pl.Name,
+		Payload: &pl,
 	}, {
-		ID:       missingID,
+		ID:       missingName,
 		NotFound: true,
 	}})
 }
 
 func (s *unitPayloadsSuite) TestUntrackOkay(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	pl := s.newPayload("docker", "payloadA/payloadA-xyz")
-	s.persist.setPayload(id, &pl)
+	s.persist.setPayload(&pl)
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	err := ps.Untrack(id)
+	err := ps.Untrack(pl.Name)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "Untrack")
@@ -270,12 +243,12 @@
 }
 
 func (s *unitPayloadsSuite) TestUntrackMissing(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	err := ps.Untrack(id)
+	err := ps.Untrack("payloadA")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "Untrack")
@@ -283,15 +256,15 @@
 }
 
 func (s *unitPayloadsSuite) TestUntrackFailed(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
 	failure := errors.Errorf("<failed!>")
 	s.stub.SetErrors(failure)
 
 	ps := state.UnitPayloads{
 		Persist: s.persist,
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
+		Machine: "0",
 	}
-	err := ps.Untrack(id)
+	err := ps.Untrack("payloadA")
 
 	s.stub.CheckCallNames(c, "Untrack")
 	c.Check(errors.Cause(err), gc.Equals, failure)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/formatter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/formatter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/formatter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/formatter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,12 +18,12 @@
 }
 
 func (s *formatterSuite) TestFormatPayloadOkay(c *gc.C) {
-	payload := status.NewPayload("spam", "a-service", 1, 0)
+	payload := status.NewPayload("spam", "a-application", 1, 0)
 	payload.Labels = []string{"a-tag"}
 	formatted := status.FormatPayload(payload)
 
 	c.Check(formatted, jc.DeepEquals, status.FormattedPayload{
-		Unit:    "a-service/0",
+		Unit:    "a-application/0",
 		Machine: "1",
 		ID:      "idspam",
 		Type:    "docker",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/list.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/list.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,7 +21,7 @@
 	io.Closer
 }
 
-// ListCommand implements the list-payloads command.
+// ListCommand implements the payloads command.
 type ListCommand struct {
 	modelcmd.ModelCommandBase
 	out      cmd.Output
@@ -59,10 +59,11 @@
 
 func (c *ListCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-payloads",
+		Name:    "payloads",
 		Args:    "[pattern ...]",
 		Purpose: "display status information about known payloads",
 		Doc:     listDoc,
+		Aliases: []string{"list-payloads"},
 	}
 }
 
@@ -97,7 +98,7 @@
 		fmt.Fprintf(ctx.Stderr, "%v\n", err)
 	}
 
-	// Note that we do not worry about c.CompatVersion for list-payloads...
+	// Note that we do not worry about c.CompatVersion for payloads...
 	formatter := newListFormatter(payloads)
 	formatted := formatter.format()
 	return c.out.Write(ctx, formatted)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/list_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/list_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/list_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/list_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -48,7 +48,7 @@
 	info := command.Info()
 
 	c.Check(info, jc.DeepEquals, &cmd.Info{
-		Name:    "list-payloads",
+		Name:    "payloads",
 		Args:    "[pattern ...]",
 		Purpose: "display status information about known payloads",
 		Doc: `
@@ -66,13 +66,14 @@
 - payload tag
 - payload status
 `,
+		Aliases: []string{"list-payloads"},
 	})
 }
 
 func (s *listSuite) TestOkay(c *gc.C) {
-	p1 := status.NewPayload("spam", "a-service", 1, 0)
+	p1 := status.NewPayload("spam", "a-application", 1, 0)
 	p1.Labels = []string{"a-tag"}
-	p2 := status.NewPayload("eggs", "another-service", 2, 1)
+	p2 := status.NewPayload("eggs", "another-application", 2, 1)
 	s.client.payloads = append(s.client.payloads, p1, p2)
 
 	command := status.NewListCommand(s.newAPIClient)
@@ -81,9 +82,9 @@
 
 	c.Check(stdout, gc.Equals, `
 [Unit Payloads]
-UNIT              MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS  
-a-service/0       1       spam          running docker idspam a-tag 
-another-service/1 2       eggs          running docker ideggs       
+UNIT                  MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS  
+a-application/0       1       spam          running docker idspam a-tag 
+another-application/1 2       eggs          running docker ideggs       
 
 `[1:])
 	c.Check(stderr, gc.Equals, "")
@@ -103,9 +104,9 @@
 }
 
 func (s *listSuite) TestPatternsOkay(c *gc.C) {
-	p1 := status.NewPayload("spam", "a-service", 1, 0)
+	p1 := status.NewPayload("spam", "a-application", 1, 0)
 	p1.Labels = []string{"a-tag"}
-	p2 := status.NewPayload("eggs", "another-service", 2, 1)
+	p2 := status.NewPayload("eggs", "another-application", 2, 1)
 	p2.Labels = []string{"a-tag"}
 	s.client.payloads = append(s.client.payloads, p1, p2)
 
@@ -113,16 +114,16 @@
 	args := []string{
 		"a-tag",
 		"other",
-		"some-service/1",
+		"some-application/1",
 	}
 	code, stdout, stderr := runList(c, command, args...)
 	c.Assert(code, gc.Equals, 0)
 
 	c.Check(stdout, gc.Equals, `
 [Unit Payloads]
-UNIT              MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS  
-a-service/0       1       spam          running docker idspam a-tag 
-another-service/1 2       eggs          running docker ideggs a-tag 
+UNIT                  MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS  
+a-application/0       1       spam          running docker idspam a-tag 
+another-application/1 2       eggs          running docker ideggs a-tag 
 
 `[1:])
 	c.Check(stderr, gc.Equals, "")
@@ -137,7 +138,7 @@
 			[]string{
 				"a-tag",
 				"other",
-				"some-service/1",
+				"some-application/1",
 			},
 		},
 	}, {
@@ -146,9 +147,9 @@
 }
 
 func (s *listSuite) TestOutputFormats(c *gc.C) {
-	p1 := status.NewPayload("spam", "a-service", 1, 0)
+	p1 := status.NewPayload("spam", "a-application", 1, 0)
 	p1.Labels = []string{"a-tag"}
-	p2 := status.NewPayload("eggs", "another-service", 2, 1)
+	p2 := status.NewPayload("eggs", "another-application", 2, 1)
 	s.client.payloads = append(s.client.payloads,
 		p1,
 		p2,
@@ -157,13 +158,13 @@
 	formats := map[string]string{
 		"tabular": `
 [Unit Payloads]
-UNIT              MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS  
-a-service/0       1       spam          running docker idspam a-tag 
-another-service/1 2       eggs          running docker ideggs       
+UNIT                  MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS  
+a-application/0       1       spam          running docker idspam a-tag 
+another-application/1 2       eggs          running docker ideggs       
 
 `[1:],
 		"yaml": `
-- unit: a-service/0
+- unit: a-application/0
   machine: "1"
   id: idspam
   type: docker
@@ -171,7 +172,7 @@
   tags:
   - a-tag
   status: running
-- unit: another-service/1
+- unit: another-application/1
   machine: "2"
   id: ideggs
   type: docker
@@ -181,7 +182,7 @@
 		"json": strings.Replace(""+
 			"["+
 			" {"+
-			`  "unit":"a-service/0",`+
+			`  "unit":"a-application/0",`+
 			`  "machine":"1",`+
 			`  "id":"idspam",`+
 			`  "type":"docker",`+
@@ -189,7 +190,7 @@
 			`  "tags":["a-tag"],`+
 			`  "status":"running"`+
 			" },{"+
-			`  "unit":"another-service/1",`+
+			`  "unit":"another-application/1",`+
 			`  "machine":"2",`+
 			`  "id":"ideggs",`+
 			`  "type":"docker",`+
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/output_tabular_test.go juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/output_tabular_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/payload/status/output_tabular_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/payload/status/output_tabular_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,7 +18,7 @@
 }
 
 func (s *outputTabularSuite) TestFormatTabularOkay(c *gc.C) {
-	payload := status.NewPayload("spam", "a-service", 1, 0)
+	payload := status.NewPayload("spam", "a-application", 1, 0)
 	payload.Labels = []string{"a-tag", "other"}
 	formatted := status.Formatted(payload)
 	data, err := status.FormatTabular(formatted)
@@ -26,36 +26,36 @@
 
 	c.Check(string(data), gc.Equals, `
 [Unit Payloads]
-UNIT        MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS        
-a-service/0 1       spam          running docker idspam a-tag other 
+UNIT            MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS        
+a-application/0 1       spam          running docker idspam a-tag other 
 `[1:])
 }
 
 func (s *outputTabularSuite) TestFormatTabularMinimal(c *gc.C) {
-	payload := status.NewPayload("spam", "a-service", 1, 0)
+	payload := status.NewPayload("spam", "a-application", 1, 0)
 	formatted := status.Formatted(payload)
 	data, err := status.FormatTabular(formatted)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(string(data), gc.Equals, `
 [Unit Payloads]
-UNIT        MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS 
-a-service/0 1       spam          running docker idspam      
+UNIT            MACHINE PAYLOAD-CLASS STATUS  TYPE   ID     TAGS 
+a-application/0 1       spam          running docker idspam      
 `[1:])
 }
 
 func (s *outputTabularSuite) TestFormatTabularMulti(c *gc.C) {
-	p10A := status.NewPayload("spam", "a-service", 1, 0)
+	p10A := status.NewPayload("spam", "a-application", 1, 0)
 	p10A.Labels = []string{"a-tag"}
-	p21A := status.NewPayload("spam", "a-service", 2, 1)
+	p21A := status.NewPayload("spam", "a-application", 2, 1)
 	p21A.Status = "stopped"
 	p21A.Labels = []string{"a-tag"}
-	p21B := status.NewPayload("spam", "a-service", 2, 1)
+	p21B := status.NewPayload("spam", "a-application", 2, 1)
 	p21B.ID += "B"
-	p21x := status.NewPayload("eggs", "a-service", 2, 1)
+	p21x := status.NewPayload("eggs", "a-application", 2, 1)
 	p21x.Type = "kvm"
-	p22A := status.NewPayload("spam", "a-service", 2, 2)
-	p10x := status.NewPayload("ham", "another-service", 1, 0)
+	p22A := status.NewPayload("spam", "a-application", 2, 2)
+	p10x := status.NewPayload("ham", "another-application", 1, 0)
 	p10x.Labels = []string{"other", "extra"}
 	formatted := status.Formatted(
 		p10A,
@@ -70,13 +70,13 @@
 
 	c.Check(string(data), gc.Equals, `
 [Unit Payloads]
-UNIT              MACHINE PAYLOAD-CLASS STATUS  TYPE   ID      TAGS        
-a-service/0       1       spam          running docker idspam  a-tag       
-a-service/1       2       spam          stopped docker idspam  a-tag       
-a-service/1       2       spam          running docker idspamB             
-a-service/1       2       eggs          running kvm    ideggs              
-a-service/2       2       spam          running docker idspam              
-another-service/0 1       ham           running docker idham   other extra 
+UNIT                  MACHINE PAYLOAD-CLASS STATUS  TYPE   ID      TAGS        
+a-application/0       1       spam          running docker idspam  a-tag       
+a-application/1       2       spam          stopped docker idspam  a-tag       
+a-application/1       2       spam          running docker idspamB             
+a-application/1       2       eggs          running kvm    ideggs              
+a-application/2       2       spam          running docker idspam              
+another-application/0 1       ham           running docker idham   other extra 
 `[1:])
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/config.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 	"github.com/Azure/azure-sdk-for-go/Godeps/_workspace/src/github.com/Azure/go-autorest/autorest/azure"
 	"github.com/Azure/azure-sdk-for-go/arm/storage"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/schema"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,11 +19,11 @@
 	azurestorage "github.com/Azure/azure-sdk-for-go/storage"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/os"
 	jujuseries "github.com/juju/utils/series"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/cloudconfig/providerinit"
@@ -38,7 +38,6 @@
 	internalazurestorage "github.com/juju/juju/provider/azure/internal/azurestorage"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/tools"
 )
 
@@ -90,7 +89,7 @@
 	args environs.BootstrapParams,
 ) (*environs.BootstrapResult, error) {
 
-	cfg, err := env.initResourceGroup()
+	cfg, err := env.initResourceGroup(args.ControllerConfig.ControllerUUID())
 	if err != nil {
 		return nil, errors.Annotate(err, "creating controller resource group")
 	}
@@ -113,11 +112,11 @@
 // environment. The resource group will have a storage account and a
 // subnet associated with it (but not necessarily contained within:
 // see subnet creation).
-func (env *azureEnviron) initResourceGroup() (*config.Config, error) {
+func (env *azureEnviron) initResourceGroup(controllerUUID string) (*config.Config, error) {
 	location := env.config.location
 	tags := tags.ResourceTags(
 		names.NewModelTag(env.config.Config.UUID()),
-		names.NewModelTag(env.config.Config.ControllerUUID()),
+		names.NewModelTag(controllerUUID),
 		env.config,
 	)
 	resourceGroupsClient := resources.GroupsClient{env.resources}
@@ -235,7 +234,7 @@
 }
 
 // ControllerInstances is specified in the Environ interface.
-func (env *azureEnviron) ControllerInstances() ([]instance.Id, error) {
+func (env *azureEnviron) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
 	// controllers are tagged with tags.JujuIsController, so just
 	// list the instances in the controller resource group and pick
 	// those ones out.
@@ -397,6 +396,9 @@
 
 // StartInstance is specified in the InstanceBroker interface.
 func (env *azureEnviron) StartInstance(args environs.StartInstanceParams) (*environs.StartInstanceResult, error) {
+	if args.ControllerUUID == "" {
+		return nil, errors.New("missing controller UUID")
+	}
 	// Get the required configuration and config-dependent information
 	// required to create the instance. We take the lock just once, to
 	// ensure we obtain all information based on the same configuration.
@@ -404,10 +406,9 @@
 	location := env.config.location
 	envTags := tags.ResourceTags(
 		names.NewModelTag(env.config.Config.UUID()),
-		names.NewModelTag(env.config.Config.ControllerUUID()),
+		names.NewModelTag(args.ControllerUUID),
 		env.config,
 	)
-	apiPort := env.config.APIPort()
 	vmClient := compute.VirtualMachinesClient{env.compute}
 	availabilitySetClient := compute.AvailabilitySetsClient{env.compute}
 	networkClient := env.network
@@ -478,7 +479,8 @@
 	// If the machine will run a controller, then we need to open the
 	// API port for it.
 	var apiPortPtr *int
-	if multiwatcher.AnyJobNeedsState(args.InstanceConfig.Jobs...) {
+	if args.InstanceConfig.Controller != nil {
+		apiPort := args.InstanceConfig.Controller.Config.APIPort()
 		apiPortPtr = &apiPort
 	}
 
@@ -541,8 +543,7 @@
 ) (compute.VirtualMachine, error) {
 
 	storageProfile, err := newStorageProfile(
-		vmName, instanceConfig.Series,
-		instanceSpec, storageEndpoint, storageAccountName,
+		vmName, instanceSpec, storageEndpoint, storageAccountName,
 	)
 	if err != nil {
 		return compute.VirtualMachine{}, errors.Annotate(err, "creating storage profile")
@@ -677,7 +678,7 @@
 			if !names.IsValidUnit(unitName) {
 				continue
 			}
-			serviceName, err := names.UnitService(unitName)
+			serviceName, err := names.UnitApplication(unitName)
 			if err != nil {
 				return "", errors.Annotate(
 					err, "getting service name",
@@ -713,7 +714,6 @@
 // based on the series and chosen instance spec.
 func newStorageProfile(
 	vmName string,
-	series string,
 	instanceSpec *instances.InstanceSpec,
 	storageEndpoint, storageAccountName string,
 ) (*compute.StorageProfile, error) {
@@ -1088,8 +1088,21 @@
 // Destroy is specified in the Environ interface.
 func (env *azureEnviron) Destroy() error {
 	logger.Debugf("destroying model %q", env.envName)
-	logger.Debugf("- deleting resource group")
-	if err := env.deleteResourceGroup(); err != nil {
+	logger.Debugf("- deleting resource group %q", env.resourceGroup)
+	if err := env.deleteResourceGroup(env.resourceGroup); err != nil {
+		return errors.Trace(err)
+	}
+	// Resource groups are self-contained and fully encompass
+	// all environ resources. Once you delete the group, there
+	// is nothing else to do.
+	return nil
+}
+
+// DestroyController is specified in the Environ interface.
+func (env *azureEnviron) DestroyController(controllerUUID string) error {
+	logger.Debugf("destroying model %q", env.envName)
+	logger.Debugf("- deleting resource groups")
+	if err := env.deleteControllerManagedResourceGroups(controllerUUID); err != nil {
 		return errors.Trace(err)
 	}
 	// Resource groups are self-contained and fully encompass
@@ -1098,16 +1111,74 @@
 	return nil
 }
 
-func (env *azureEnviron) deleteResourceGroup() error {
+func (env *azureEnviron) deleteControllerManagedResourceGroups(controllerUUID string) error {
+	filter := fmt.Sprintf(
+		"tagname eq '%s' and tagvalue eq '%s'",
+		tags.JujuController, controllerUUID,
+	)
+	client := resources.GroupsClient{env.resources}
+	var result resources.ResourceGroupListResult
+	if err := env.callAPI(func() (autorest.Response, error) {
+		var err error
+		result, err = client.List(filter, nil)
+		return result.Response, err
+	}); err != nil {
+		return errors.Annotate(err, "listing resource groups")
+	}
+	if result.Value == nil {
+		return nil
+	}
+
+	// Deleting groups can take a long time, so make sure they are
+	// deleted in parallel.
+	var wg sync.WaitGroup
+	errs := make([]error, len(*result.Value))
+	for i, group := range *result.Value {
+		groupName := to.String(group.Name)
+		logger.Debugf("  - deleting resource group %q", groupName)
+		wg.Add(1)
+		go func(i int) {
+			defer wg.Done()
+			if err := env.deleteResourceGroup(groupName); err != nil {
+				errs[i] = errors.Annotatef(
+					err, "deleting resource group %q", groupName,
+				)
+			}
+		}(i)
+	}
+	wg.Wait()
+
+	// If there is just one error, return it. If there are multiple,
+	// then combine their messages.
+	var nonNilErrs []error
+	for _, err := range errs {
+		if err != nil {
+			nonNilErrs = append(nonNilErrs, err)
+		}
+	}
+	switch len(nonNilErrs) {
+	case 0:
+		return nil
+	case 1:
+		return nonNilErrs[0]
+	}
+	combined := make([]string, len(nonNilErrs))
+	for i, err := range nonNilErrs {
+		combined[i] = err.Error()
+	}
+	return errors.New(strings.Join(combined, "; "))
+}
+
+func (env *azureEnviron) deleteResourceGroup(resourceGroup string) error {
 	client := resources.GroupsClient{env.resources}
 	var result autorest.Response
 	if err := env.callAPI(func() (autorest.Response, error) {
 		var err error
-		result, err = client.Delete(env.resourceGroup)
+		result, err = client.Delete(resourceGroup)
 		return result, err
 	}); err != nil {
 		if result.Response == nil || result.StatusCode != http.StatusNotFound {
-			return errors.Annotatef(err, "deleting resource group %q", env.resourceGroup)
+			return errors.Annotatef(err, "deleting resource group %q", resourceGroup)
 		}
 	}
 	return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environprovider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environprovider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environprovider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environprovider.go	2016-07-18 19:45:44.000000000 +0000
@@ -93,12 +93,12 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (prov *azureEnvironProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (prov *azureEnvironProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	env, err := newEnviron(prov, cfg)
 	if err != nil {
 		return nil, errors.Annotate(err, "opening model")
 	}
-	return env.initResourceGroup()
+	return env.initResourceGroup(controllerUUID)
 }
 
 // BootstrapConfig is specified in the EnvironProvider interface.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environprovider_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environprovider_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environprovider_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environprovider_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,7 @@
 	"fmt"
 	"io/ioutil"
 	"net/http"
+	"sync"
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/Godeps/_workspace/src/github.com/Azure/go-autorest/autorest"
@@ -107,6 +108,7 @@
 	if requests == nil {
 		return nil
 	}
+	var mu sync.Mutex
 	return func(p autorest.Preparer) autorest.Preparer {
 		return autorest.PreparerFunc(func(req *http.Request) (*http.Request, error) {
 			// Save the request body, since it will be consumed.
@@ -122,7 +124,9 @@
 				reqCopy.Body = ioutil.NopCloser(&buf)
 				req.Body = ioutil.NopCloser(bytes.NewReader(buf.Bytes()))
 			}
+			mu.Lock()
 			*requests = append(*requests, &reqCopy)
+			mu.Unlock()
 			return req, nil
 		})
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,12 +19,13 @@
 	"github.com/Azure/azure-sdk-for-go/arm/network"
 	"github.com/Azure/azure-sdk-for-go/arm/resources"
 	"github.com/Azure/azure-sdk-for-go/arm/storage"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -36,7 +37,6 @@
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/provider/azure"
 	"github.com/juju/juju/provider/azure/internal/azuretesting"
 	"github.com/juju/juju/testing"
@@ -53,6 +53,7 @@
 	sender        azuretesting.Senders
 	retryClock    mockClock
 
+	controllerUUID                string
 	tags                          map[string]*string
 	group                         *resources.ResourceGroup
 	vmSizes                       *compute.VirtualMachineSizeListResult
@@ -76,10 +77,11 @@
 	s.BaseSuite.SetUpTest(c)
 	s.storageClient = azuretesting.MockStorageClient{}
 	s.sender = nil
+	s.requests = nil
 	s.retryClock = mockClock{Clock: testing.NewClock(time.Time{})}
 
 	s.provider, _ = newProviders(c, azure.ProviderConfig{
-		Sender:           &s.sender,
+		Sender:           azuretesting.NewSerialSender(&s.sender),
 		RequestInspector: requestRecorder(&s.requests),
 		NewStorageClient: s.storageClient.NewClient,
 		RetryClock: &testing.AutoAdvancingClock{
@@ -87,9 +89,10 @@
 		},
 	})
 
+	s.controllerUUID = testing.ModelTag.Id()
 	envTags := map[string]*string{
 		"juju-model-uuid":      to.StringPtr(testing.ModelTag.Id()),
-		"juju-controller-uuid": to.StringPtr(testing.ModelTag.Id()),
+		"juju-controller-uuid": to.StringPtr(s.controllerUUID),
 	}
 	s.tags = map[string]*string{
 		"juju-machine-name": to.StringPtr("machine-0"),
@@ -337,6 +340,7 @@
 }
 
 func tokenRefreshSender() *azuretesting.MockSender {
+	// lp:1558657
 	tokenRefreshSender := azuretesting.NewSenderWithValue(&autorestazure.Token{
 		AccessToken: "access-token",
 		ExpiresOn:   fmt.Sprint(time.Now().Add(time.Hour).Unix()),
@@ -405,16 +409,8 @@
 	return sender
 }
 
-func makeStartInstanceParams(c *gc.C, series string) environs.StartInstanceParams {
+func makeStartInstanceParams(c *gc.C, controllerUUID, series string) environs.StartInstanceParams {
 	machineTag := names.NewMachineTag("0")
-	stateInfo := &mongo.MongoInfo{
-		Info: mongo.Info{
-			CACert: testing.CACert,
-			Addrs:  []string{"localhost:123"},
-		},
-		Password: "password",
-		Tag:      machineTag,
-	}
 	apiInfo := &api.Info{
 		Addrs:    []string{"localhost:246"},
 		CACert:   testing.CACert,
@@ -426,11 +422,12 @@
 	const secureServerConnections = true
 	icfg, err := instancecfg.NewInstanceConfig(
 		machineTag.Id(), "yanonce", imagemetadata.ReleasedStream,
-		series, "", secureServerConnections, stateInfo, apiInfo,
+		series, secureServerConnections, apiInfo,
 	)
 	c.Assert(err, jc.ErrorIsNil)
 
 	return environs.StartInstanceParams{
+		ControllerUUID: controllerUUID,
 		Tools:          makeToolsList(series),
 		InstanceConfig: icfg,
 	}
@@ -497,7 +494,7 @@
 	env := s.openEnviron(c)
 	s.sender = s.startInstanceSenders(false)
 	s.requests = nil
-	result, err := env.StartInstance(makeStartInstanceParams(c, "quantal"))
+	result, err := env.StartInstance(makeStartInstanceParams(c, s.controllerUUID, "quantal"))
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result, gc.NotNil)
 	c.Assert(result.Instance, gc.NotNil)
@@ -540,7 +537,7 @@
 	senders = append(senders, successSender)
 	s.sender = senders
 
-	_, err := env.StartInstance(makeStartInstanceParams(c, "quantal"))
+	_, err := env.StartInstance(makeStartInstanceParams(c, s.controllerUUID, "quantal"))
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(s.requests, gc.HasLen, 8+failures)
@@ -583,7 +580,7 @@
 	}
 	s.sender = senders
 
-	_, err := env.StartInstance(makeStartInstanceParams(c, "quantal"))
+	_, err := env.StartInstance(makeStartInstanceParams(c, s.controllerUUID, "quantal"))
 	c.Assert(err, gc.ErrorMatches, "creating virtual machine.*: max duration exceeded: .*failed with.*")
 
 	s.retryClock.CheckCalls(c, []gitjujutesting.StubCall{
@@ -608,7 +605,7 @@
 	s.sender = s.startInstanceSenders(false)
 	s.requests = nil
 	unitsDeployed := "mysql/0 wordpress/0"
-	params := makeStartInstanceParams(c, "quantal")
+	params := makeStartInstanceParams(c, s.controllerUUID, "quantal")
 	params.InstanceConfig.Tags[tags.JujuUnitsDeployed] = unitsDeployed
 	_, err := env.StartInstance(params)
 	c.Assert(err, jc.ErrorIsNil)
@@ -691,7 +688,8 @@
 	s.requests = nil
 	result, err := env.Bootstrap(
 		ctx, environs.BootstrapParams{
-			AvailableTools: makeToolsList(series.LatestLts()),
+			ControllerConfig: testing.FakeControllerConfig(),
+			AvailableTools:   makeToolsList(series.LatestLts()),
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -870,3 +868,89 @@
 		Endpoint: "https://storage.azurestack.local/",
 	})
 }
+
+func (s *environSuite) TestDestroyHostedModel(c *gc.C) {
+	env := s.openEnviron(c, testing.Attrs{"controller-uuid": utils.MustNewUUID().String()})
+	s.sender = azuretesting.Senders{
+		s.makeSender(".*/resourcegroups/juju-testenv-model-"+testing.ModelTag.Id(), nil), // DELETE
+	}
+	err := env.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.requests, gc.HasLen, 1)
+	c.Assert(s.requests[0].Method, gc.Equals, "DELETE")
+}
+
+func (s *environSuite) TestDestroyController(c *gc.C) {
+	groups := []resources.ResourceGroup{{
+		Name: to.StringPtr("group1"),
+	}, {
+		Name: to.StringPtr("group2"),
+	}}
+	result := resources.ResourceGroupListResult{Value: &groups}
+
+	env := s.openEnviron(c)
+	s.sender = azuretesting.Senders{
+		s.makeSender(".*/resourcegroups", result),        // GET
+		s.makeSender(".*/resourcegroups/group[12]", nil), // DELETE
+		s.makeSender(".*/resourcegroups/group[12]", nil), // DELETE
+	}
+	err := env.DestroyController(s.controllerUUID)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(s.requests, gc.HasLen, 3)
+	c.Assert(s.requests[0].Method, gc.Equals, "GET")
+	c.Assert(s.requests[0].URL.Query().Get("$filter"), gc.Equals, fmt.Sprintf(
+		"tagname eq 'juju-controller-uuid' and tagvalue eq '%s'",
+		testing.ModelTag.Id(),
+	))
+	c.Assert(s.requests[1].Method, gc.Equals, "DELETE")
+	c.Assert(s.requests[2].Method, gc.Equals, "DELETE")
+
+	// Groups are deleted concurrently, so there's no known order.
+	groupsDeleted := []string{
+		path.Base(s.requests[1].URL.Path),
+		path.Base(s.requests[2].URL.Path),
+	}
+	c.Assert(groupsDeleted, jc.SameContents, []string{"group1", "group2"})
+}
+
+func (s *environSuite) TestDestroyControllerErrors(c *gc.C) {
+	groups := []resources.ResourceGroup{
+		{Name: to.StringPtr("group1")},
+		{Name: to.StringPtr("group2")},
+	}
+	result := resources.ResourceGroupListResult{Value: &groups}
+
+	errorSender1 := s.makeSender(".*/resourcegroups/group[12]", nil)
+	errorSender1.EmitStatus("foo", http.StatusInternalServerError)
+	errorSender2 := s.makeSender(".*/resourcegroups/group[12]", nil)
+	errorSender2.EmitStatus("bar", http.StatusInternalServerError)
+
+	env := s.openEnviron(c)
+	s.requests = nil
+	s.sender = azuretesting.Senders{
+		s.makeSender(".*/resourcegroups", result), // GET
+		errorSender1,                              // DELETE
+		errorSender2,                              // DELETE
+	}
+	destroyErr := env.DestroyController(s.controllerUUID)
+	// checked below, once we know the order of deletions.
+
+	c.Assert(s.requests, gc.HasLen, 3)
+	c.Assert(s.requests[0].Method, gc.Equals, "GET")
+	c.Assert(s.requests[1].Method, gc.Equals, "DELETE")
+	c.Assert(s.requests[2].Method, gc.Equals, "DELETE")
+
+	// Groups are deleted concurrently, so there's no known order.
+	groupsDeleted := []string{
+		path.Base(s.requests[1].URL.Path),
+		path.Base(s.requests[2].URL.Path),
+	}
+	c.Assert(groupsDeleted, jc.SameContents, []string{"group1", "group2"})
+
+	c.Check(destroyErr, gc.ErrorMatches,
+		`deleting resource group "group1":.* failed with .*; `+
+			`deleting resource group "group2":.* failed with .*`)
+	c.Check(destroyErr, gc.ErrorMatches, ".*failed with foo.*")
+	c.Check(destroyErr, gc.ErrorMatches, ".*failed with bar.*")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,7 +17,7 @@
 	"github.com/juju/juju/instance"
 	jujunetwork "github.com/juju/juju/network"
 	"github.com/juju/juju/status"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 type azureInstance struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/instancetype.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/instancetype.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/instancetype.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/instancetype.go	2016-07-18 19:45:44.000000000 +0000
@@ -97,7 +97,7 @@
 		}
 	}
 	if cost == len(machineSizeCost) {
-		logger.Warningf("found unknown VM size %q", sizeName)
+		logger.Debugf("found unknown VM size %q", sizeName)
 	}
 
 	vtype := "Hyper-V"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/internal/azuretesting/senders.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/internal/azuretesting/senders.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/internal/azuretesting/senders.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/internal/azuretesting/senders.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,7 @@
 	"fmt"
 	"net/http"
 	"regexp"
+	"sync"
 
 	"github.com/Azure/azure-sdk-for-go/Godeps/_workspace/src/github.com/Azure/go-autorest/autorest"
 	"github.com/Azure/azure-sdk-for-go/Godeps/_workspace/src/github.com/Azure/go-autorest/autorest/mocks"
@@ -52,7 +53,7 @@
 	return sender
 }
 
-// SequentialSender is a Sender that includes a collection of Senders, which
+// Senders is a Sender that includes a collection of Senders, which
 // will be called in sequence.
 type Senders []autorest.Sender
 
@@ -65,3 +66,20 @@
 	*s = (*s)[1:]
 	return sender.Do(req)
 }
+
+// SerialSender is a Sender that permits only one active Do call
+// at a time.
+type SerialSender struct {
+	mu sync.Mutex
+	s  autorest.Sender
+}
+
+func (s *SerialSender) Do(req *http.Request) (*http.Response, error) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	return s.s.Do(req)
+}
+
+func NewSerialSender(s autorest.Sender) *SerialSender {
+	return &SerialSender{s: s}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,9 +12,9 @@
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
 	azurestorage "github.com/Azure/azure-sdk-for-go/storage"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/schema"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
@@ -616,7 +616,7 @@
 		for _, disk := range *vm.Properties.StorageProfile.DataDisks {
 			lun := to.Int(disk.Lun)
 			if lun < 0 || lun > 31 {
-				logger.Warningf("ignore disk with invalid LUN: %+v", disk)
+				logger.Debugf("ignore disk with invalid LUN: %+v", disk)
 				continue
 			}
 			inUse[lun] = true
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/storage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,9 +12,9 @@
 	"github.com/Azure/azure-sdk-for-go/arm/network"
 	azurestorage "github.com/Azure/azure-sdk-for-go/storage"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/provider/azure"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/vmextension.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/vmextension.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/azure/vmextension.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/azure/vmextension.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package azure
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/client.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -174,7 +174,7 @@
 	logger.Debugf("Juju Constraints:" + args.Constraints.String())
 	logger.Debugf("InstanceConfig: %#v", args.InstanceConfig)
 
-	constraints := newConstraints(args.InstanceConfig.Bootstrap, args.Constraints, img)
+	constraints := newConstraints(args.InstanceConfig.Bootstrap != nil, args.Constraints, img)
 	logger.Debugf("CloudSigma Constraints: %v", constraints)
 
 	originalDrive, err := c.conn.Drive(constraints.driveTemplate, gosigma.LibraryMedia)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -178,10 +178,7 @@
 	c.Assert(err, gc.IsNil)
 
 	params := environs.StartInstanceParams{
-		Constraints: constraints.Value{},
-		InstanceConfig: &instancecfg.InstanceConfig{
-			Bootstrap: true,
-		},
+		InstanceConfig: &instancecfg.InstanceConfig{},
 	}
 	err = params.InstanceConfig.SetTools(tools.List{
 		&tools.Tools{
@@ -209,10 +206,7 @@
 	cli.conn.OperationTimeout(1 * time.Second)
 
 	params := environs.StartInstanceParams{
-		Constraints: constraints.Value{},
-		InstanceConfig: &instancecfg.InstanceConfig{
-			Bootstrap: true,
-		},
+		InstanceConfig: &instancecfg.InstanceConfig{},
 	}
 	err = params.InstanceConfig.SetTools(tools.List{
 		&tools.Tools{
@@ -226,7 +220,7 @@
 	img := &imagemetadata.ImageMetadata{
 		Id: validImageId,
 	}
-	cs := newConstraints(params.InstanceConfig.Bootstrap, params.Constraints, img)
+	cs := newConstraints(true, params.Constraints, img)
 	c.Assert(cs, gc.NotNil)
 	c.Check(err, gc.IsNil)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/config.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,6 @@
 package cloudsigma
 
 import (
-	"github.com/altoros/gosigma"
 	"github.com/juju/errors"
 	"github.com/juju/schema"
 
@@ -18,12 +17,7 @@
 	"endpoint": schema.String(),
 }
 
-var configDefaultFields = schema.Defaults{
-	"username": "",
-	"password": "",
-	"region":   gosigma.DefaultRegion,
-	"endpoint": "",
-}
+var configDefaultFields = schema.Defaults{}
 
 var configSecretFields = []string{
 	"password",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -64,7 +64,7 @@
 	}{{
 		info:   "username is required",
 		remove: []string{"username"},
-		err:    "username: must not be empty",
+		err:    "username: expected string, got nothing",
 	}, {
 		info:   "username cannot be empty",
 		insert: testing.Attrs{"username": ""},
@@ -72,17 +72,17 @@
 	}, {
 		info:   "password is required",
 		remove: []string{"password"},
-		err:    "password: must not be empty",
+		err:    "password: expected string, got nothing",
 	}, {
 		info:   "password cannot be empty",
 		insert: testing.Attrs{"password": ""},
 		err:    "password: must not be empty",
 	}, {
-		info:   "region is inserted if missing",
+		info:   "region cannot be empty",
 		remove: []string{"region"},
-		expect: testing.Attrs{"region": "zrh"},
+		err:    "region: expected string, got nothing",
 	}, {
-		info:   "region must not be empty",
+		info:   "region cannot not be empty",
 		insert: testing.Attrs{"region": ""},
 		err:    "region: must not be empty",
 	}}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environcaps.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environcaps.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environcaps.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environcaps.go	2016-07-18 19:45:44.000000000 +0000
@@ -53,7 +53,7 @@
 }
 
 // SupportNetworks returns whether the environment has support to
-// specify networks for services and machines.
+// specify networks for applications and machines.
 func (env *environ) SupportNetworks() bool {
 	return false
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environfirewall.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environfirewall.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environfirewall.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environfirewall.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,14 +12,14 @@
 // OpenPorts opens the given ports for the whole environment.
 // Must only be used if the environment was setup with the FwGlobal firewall mode.
 func (env *environ) OpenPorts(ports []network.PortRange) error {
-	logger.Warningf("pretending to open ports %v for all instances", ports)
+	logger.Debugf("pretending to open ports %v for all instances", ports)
 	return nil
 }
 
 // ClosePorts closes the given ports for the whole environment.
 // Must only be used if the environment was setup with the FwGlobal firewall mode.
 func (env *environ) ClosePorts(ports []network.PortRange) error {
-	logger.Warningf("pretending to close ports %v for all instances", ports)
+	logger.Debugf("pretending to close ports %v for all instances", ports)
 	return nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -97,7 +97,7 @@
 	return common.Bootstrap(ctx, env, params)
 }
 
-func (e *environ) ControllerInstances() ([]instance.Id, error) {
+func (e *environ) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
 	return e.client.getControllerIds()
 }
 
@@ -113,6 +113,12 @@
 	return common.Destroy(env)
 }
 
+// DestroyController implements the Environ interface.
+func (env *environ) DestroyController(controllerUUID string) error {
+	// TODO(wallyworld): destroy hosted model resources
+	return env.Destroy()
+}
+
 // PrecheckInstance performs a preflight check on the specified
 // series and constraints, ensuring that they are possibly valid for
 // creating an instance in this environment.
@@ -136,9 +142,6 @@
 }
 
 func (env *environ) MetadataLookupParams(region string) (*simplestreams.MetadataLookupParams, error) {
-	if region == "" {
-		region = gosigma.DefaultRegion
-	}
 	env.lock.Lock()
 	defer env.lock.Unlock()
 	return &simplestreams.MetadataLookupParams{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environinstance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environinstance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environinstance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environinstance.go	2016-07-18 19:45:44.000000000 +0000
@@ -140,8 +140,7 @@
 
 	m, err := env.client.instanceMap()
 	if err != nil {
-		logger.Warningf("environ.Instances failed: %v", err)
-		return nil, err
+		return nil, errors.Annotate(err, "environ.Instances failed")
 	}
 
 	var found int
@@ -159,7 +158,7 @@
 		err = environs.ErrPartialInstances
 	}
 
-	return r, err
+	return r, errors.Trace(err)
 }
 
 // StopInstances shuts down the given instances.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environinstance_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environinstance_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/environinstance_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/environinstance_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,6 +7,7 @@
 	"time"
 
 	"github.com/altoros/gosigma/mock"
+	"github.com/juju/errors"
 	"github.com/juju/loggo"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
@@ -108,7 +109,7 @@
 	ids = append(ids, instance.Id("fake-instance"))
 	instances, err = env.Instances(ids)
 	c.Assert(instances, gc.NotNil)
-	c.Assert(err, gc.Equals, environs.ErrPartialInstances)
+	c.Assert(errors.Cause(err), gc.Equals, environs.ErrPartialInstances)
 	c.Check(instances, gc.HasLen, 3)
 	c.Check(instances[0], gc.NotNil)
 	c.Check(instances[1], gc.NotNil)
@@ -119,7 +120,7 @@
 
 	instances, err = env.Instances(ids)
 	c.Assert(instances, gc.NotNil)
-	c.Assert(err, gc.Equals, environs.ErrNoInstances)
+	c.Assert(errors.Cause(err), gc.Equals, environs.ErrNoInstances)
 	c.Check(instances, gc.HasLen, 3)
 	c.Check(instances[0], gc.IsNil)
 	c.Check(instances[1], gc.IsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/cloudsigma/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/cloudsigma/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -77,7 +77,7 @@
 // additional configuration attributes are added to the config passed in
 // and returned.  This allows providers to add additional required config
 // for new environments that may be created in an existing juju server.
-func (environProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (environProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	// Not even sure if this will ever make sense.
 	return nil, errors.NotImplementedf("PrepareForCreateEnvironment")
 }
@@ -92,8 +92,6 @@
 		cfg, err = cfg.Apply(map[string]interface{}{
 			"username": credentialAttributes["username"],
 			"password": credentialAttributes["password"],
-			"region":   args.CloudRegion,
-			"endpoint": args.CloudEndpoint,
 		})
 		if err != nil {
 			return nil, errors.Trace(err)
@@ -101,6 +99,14 @@
 	default:
 		return nil, errors.NotSupportedf("%q auth-type", authType)
 	}
+	// Ensure cloud info is in config.
+	cfg, err := cfg.Apply(map[string]interface{}{
+		"region":   args.CloudRegion,
+		"endpoint": args.CloudEndpoint,
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 	return cfg, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/bootstrap.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/bootstrap.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/bootstrap.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/bootstrap.go	2016-07-18 19:45:44.000000000 +0000
@@ -107,15 +107,17 @@
 	if err != nil {
 		return nil, "", nil, err
 	}
+	envCfg := env.Config()
 	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(
-		args.BootstrapConstraints, args.ModelConstraints, selectedSeries, publicKey,
+		args.ControllerConfig, args.BootstrapConstraints, args.ModelConstraints, selectedSeries, publicKey,
 	)
 	if err != nil {
 		return nil, "", nil, err
 	}
 	instanceConfig.EnableOSRefreshUpdate = env.Config().EnableOSRefreshUpdate()
 	instanceConfig.EnableOSUpgrade = env.Config().EnableOSUpgrade()
-	instanceConfig.Tags = instancecfg.InstanceTags(env.Config(), instanceConfig.Jobs)
+
+	instanceConfig.Tags = instancecfg.InstanceTags(envCfg.UUID(), args.ControllerConfig.ControllerUUID(), envCfg, instanceConfig.Jobs)
 	maybeSetBridge := func(icfg *instancecfg.InstanceConfig) {
 		// If we need to override the default bridge name, do it now. When
 		// args.ContainerBridgeName is empty, the default names for LXC
@@ -136,6 +138,7 @@
 		return nil
 	}
 	result, err := env.StartInstance(environs.StartInstanceParams{
+		ControllerUUID: args.ControllerConfig.ControllerUUID(),
 		Constraints:    args.BootstrapConstraints,
 		Tools:          availableTools,
 		InstanceConfig: instanceConfig,
@@ -148,9 +151,9 @@
 	}
 	fmt.Fprintf(ctx.GetStderr(), " - %s\n", result.Instance.Id())
 
-	finalize := func(ctx environs.BootstrapContext, icfg *instancecfg.InstanceConfig) error {
-		icfg.InstanceId = result.Instance.Id()
-		icfg.HardwareCharacteristics = result.Hardware
+	finalize := func(ctx environs.BootstrapContext, icfg *instancecfg.InstanceConfig, opts environs.BootstrapDialOpts) error {
+		icfg.Bootstrap.BootstrapMachineInstanceId = result.Instance.Id()
+		icfg.Bootstrap.BootstrapMachineHardwareCharacteristics = result.Hardware
 		envConfig := env.Config()
 		if result.Config != nil {
 			updated, err := envConfig.Apply(result.Config.UnknownAttrs())
@@ -163,7 +166,7 @@
 			return err
 		}
 		maybeSetBridge(icfg)
-		return FinishBootstrap(ctx, client, env, result.Instance, icfg)
+		return FinishBootstrap(ctx, client, env, result.Instance, icfg, opts)
 	}
 	return result, selectedSeries, finalize, nil
 }
@@ -178,6 +181,7 @@
 	env environs.Environ,
 	inst instance.Instance,
 	instanceConfig *instancecfg.InstanceConfig,
+	opts environs.BootstrapDialOpts,
 ) error {
 	interrupted := make(chan os.Signal, 1)
 	ctx.InterruptNotify(interrupted)
@@ -188,7 +192,7 @@
 		client,
 		GetCheckNonceCommand(instanceConfig),
 		&RefreshableInstance{inst, env},
-		instanceConfig.Config.BootstrapSSHOpts(),
+		opts,
 	)
 	if err != nil {
 		return err
@@ -410,8 +414,8 @@
 // the presence of a file on the machine that contains the
 // machine's nonce. The "checkHostScript" is a bash script
 // that performs this file check.
-func WaitSSH(stdErr io.Writer, interrupted <-chan os.Signal, client ssh.Client, checkHostScript string, inst Addresser, timeout config.SSHTimeoutOpts) (addr string, err error) {
-	globalTimeout := time.After(timeout.Timeout)
+func WaitSSH(stdErr io.Writer, interrupted <-chan os.Signal, client ssh.Client, checkHostScript string, inst Addresser, opts environs.BootstrapDialOpts) (addr string, err error) {
+	globalTimeout := time.After(opts.Timeout)
 	pollAddresses := time.NewTimer(0)
 
 	// checker checks each address in a loop, in parallel,
@@ -422,7 +426,7 @@
 		client:          client,
 		stderr:          stdErr,
 		active:          make(map[network.Address]chan struct{}),
-		checkDelay:      timeout.RetryDelay,
+		checkDelay:      opts.RetryDelay,
 		checkHostScript: checkHostScript,
 	}
 	defer checker.wg.Wait()
@@ -432,7 +436,7 @@
 	for {
 		select {
 		case <-pollAddresses.C:
-			pollAddresses.Reset(timeout.AddressesDelay)
+			pollAddresses.Reset(opts.AddressesDelay)
 			if err := inst.Refresh(); err != nil {
 				return "", fmt.Errorf("refreshing addresses: %v", err)
 			}
@@ -445,7 +449,7 @@
 			checker.Close()
 			lastErr := checker.Wait()
 			format := "waited for %v "
-			args := []interface{}{timeout.Timeout}
+			args := []interface{}{opts.Timeout}
 			if len(checker.active) == 0 {
 				format += "without getting any addresses"
 			} else {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/bootstrap_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/bootstrap_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/bootstrap_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/bootstrap_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -102,7 +102,7 @@
 
 		// The machine config should set its upgrade behavior based on
 		// the environment config.
-		expectedMcfg, err := instancecfg.NewBootstrapInstanceConfig(cons, cons, icfg.Series, "")
+		expectedMcfg, err := instancecfg.NewBootstrapInstanceConfig(coretesting.FakeControllerConfig(), cons, cons, icfg.Series, "")
 		c.Assert(err, jc.ErrorIsNil)
 		expectedMcfg.EnableOSRefreshUpdate = env.Config().EnableOSRefreshUpdate()
 		expectedMcfg.EnableOSUpgrade = env.Config().EnableOSUpgrade()
@@ -120,6 +120,7 @@
 
 	ctx := envtesting.BootstrapContext(c)
 	_, err := common.Bootstrap(ctx, env, environs.BootstrapParams{
+		ControllerConfig:     coretesting.FakeControllerConfig(),
 		BootstrapConstraints: checkCons,
 		ModelConstraints:     checkCons,
 		Placement:            checkPlacement,
@@ -166,7 +167,8 @@
 	ctx := envtesting.BootstrapContext(c)
 	bootstrapSeries := "utopic"
 	result, err := common.Bootstrap(ctx, env, environs.BootstrapParams{
-		BootstrapSeries: bootstrapSeries,
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		BootstrapSeries:  bootstrapSeries,
 		AvailableTools: tools.List{
 			&tools.Tools{
 				Version: version.Binary{
@@ -213,6 +215,7 @@
 	}
 	ctx := envtesting.BootstrapContext(c)
 	result, err := common.Bootstrap(ctx, env, environs.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
 		AvailableTools: tools.List{
 			&tools.Tools{
 				Version: version.Binary{
@@ -242,7 +245,7 @@
 	return nil, nil
 }
 
-var testSSHTimeout = config.SSHTimeoutOpts{
+var testSSHTimeout = environs.BootstrapDialOpts{
 	Timeout:        coretesting.ShortWait,
 	RetryDelay:     1 * time.Millisecond,
 	AddressesDelay: 1 * time.Millisecond,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/provider_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/provider_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/provider_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/provider_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package common_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/util.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/util.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/common/util.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/common/util.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,12 +15,3 @@
 func EnvFullName(modelUUID string) string {
 	return fmt.Sprintf("juju-%s", modelUUID)
 }
-
-// MachineFullName returns a string based on the provided model
-// UUID and machine ID that is suitable for identifying instances
-// on a provider. See EnvFullName for an explanation on how this
-// function helps juju users.
-func MachineFullName(modelUUID, machineID string) string {
-	modelstr := EnvFullName(modelUUID)
-	return fmt.Sprintf("%s-machine-%s", modelstr, machineID)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/dummy/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/dummy/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/dummy/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/dummy/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/config"
 	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
@@ -29,12 +29,14 @@
 func (*ConfigSuite) TestSecretAttrs(c *gc.C) {
 	attrs := dummy.SampleConfig().Delete("secret")
 	ctx := envtesting.BootstrapContext(c)
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		ctx, jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			BaseConfig:     attrs,
-			ControllerName: attrs["name"].(string),
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			BaseConfig:       attrs,
+			ControllerName:   attrs["name"].(string),
+			CloudName:        "dummy",
+			AdminSecret:      AdminSecret,
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
@@ -72,7 +74,7 @@
 	}, {
 		// Invalid mode.
 		configFirewallMode: "invalid",
-		errorMsg:           `firewall-mode: expected one of \[instance global none ], got "invalid"`,
+		errorMsg:           `firewall-mode: expected one of \[instance global none], got "invalid"`,
 	},
 }
 
@@ -91,12 +93,14 @@
 			continue
 		}
 		ctx := envtesting.BootstrapContext(c)
-		env, err := environs.Prepare(
+		env, err := bootstrap.Prepare(
 			ctx, jujuclienttesting.NewMemStore(),
-			environs.PrepareParams{
-				ControllerName: cfg.Name(),
-				BaseConfig:     cfg.AllAttrs(),
-				CloudName:      "dummy",
+			bootstrap.PrepareParams{
+				ControllerConfig: testing.FakeControllerConfig(),
+				ControllerName:   cfg.Name(),
+				BaseConfig:       cfg.AllAttrs(),
+				CloudName:        "dummy",
+				AdminSecret:      AdminSecret,
 			},
 		)
 		if test.errorMsg != "" {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/dummy/environs.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/dummy/environs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/dummy/environs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/dummy/environs.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,7 +33,6 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/schema"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
@@ -41,10 +40,13 @@
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/environschema.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/apiserver"
+	"github.com/juju/juju/apiserver/observer"
+	"github.com/juju/juju/apiserver/observer/fakeobserver"
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/constraints"
@@ -78,21 +80,14 @@
 		"type":                      "dummy",
 		"name":                      "only",
 		"uuid":                      testing.ModelTag.Id(),
-		"controller-uuid":           testing.ModelTag.Id(),
 		"authorized-keys":           testing.FakeAuthKeys,
 		"firewall-mode":             config.FwInstance,
-		"admin-secret":              testing.DefaultMongoPassword,
-		"ca-cert":                   testing.CACert,
-		"ca-private-key":            testing.CAKey,
 		"ssl-hostname-verification": true,
 		"development":               false,
-		"state-port":                1234,
-		"api-port":                  4321,
 		"default-series":            series.LatestLts(),
 
-		"secret":      "pork",
-		"controller":  true,
-		"prefer-ipv6": false,
+		"secret":     "pork",
+		"controller": true,
 	}
 }
 
@@ -107,22 +102,13 @@
 }
 
 // stateInfo returns a *state.Info which allows clients to connect to the
-// shared dummy state, if it exists. If preferIPv6 is true, an IPv6 endpoint
-// will be added as primary.
-func stateInfo(preferIPv6 bool) *mongo.MongoInfo {
+// shared dummy state, if it exists.
+func stateInfo() *mongo.MongoInfo {
 	if gitjujutesting.MgoServer.Addr() == "" {
 		panic("dummy environ state tests must be run with MgoTestPackage")
 	}
 	mongoPort := strconv.Itoa(gitjujutesting.MgoServer.Port())
-	var addrs []string
-	if preferIPv6 {
-		addrs = []string{
-			net.JoinHostPort("::1", mongoPort),
-			net.JoinHostPort("localhost", mongoPort),
-		}
-	} else {
-		addrs = []string{net.JoinHostPort("localhost", mongoPort)}
-	}
+	addrs := []string{net.JoinHostPort("localhost", mongoPort)}
 	return &mongo.MongoInfo{
 		Info: mongo.Info{
 			Addrs:  addrs,
@@ -151,24 +137,6 @@
 	Error error
 }
 
-type OpAllocateAddress struct {
-	Env        string
-	InstanceId instance.Id
-	SubnetId   network.Id
-	Address    network.Address
-	MACAddress string
-	HostName   string
-}
-
-type OpReleaseAddress struct {
-	Env        string
-	InstanceId instance.Id
-	SubnetId   network.Id
-	Address    network.Address
-	MACAddress string
-	HostName   string
-}
-
 type OpNetworkInterfaces struct {
 	Env        string
 	InstanceId instance.Id
@@ -231,8 +199,13 @@
 	statePolicy            state.Policy
 	supportsSpaces         bool
 	supportsSpaceDiscovery bool
-	// We have one state for each prepared controller.
-	state map[string]*environState
+	apiPort                int
+	state                  map[string]*environState
+}
+
+// ApiPort returns the randon api port used by the given provider instance.
+func ApiPort(p environs.EnvironProvider) int {
+	return p.(*environProvider).apiPort
 }
 
 // environState represents the state of an environment.
@@ -253,7 +226,6 @@
 	apiState        *state.State
 	apiStatePool    *state.StatePool
 	bootstrapConfig *config.Config
-	preferIPv6      bool
 }
 
 // environ represents a client's connection to a given environment's
@@ -262,6 +234,7 @@
 	common.SupportsUnitPlacementPolicy
 
 	name         string
+	modelUUID    string
 	ecfgMutex    sync.Mutex
 	ecfgUnlocked *environConfig
 	spacesMutex  sync.RWMutex
@@ -426,18 +399,14 @@
 	return current
 }
 
-// Listen closes the previously registered listener (if any).
-// Subsequent operations on any dummy environment can be received on c
-// (if not nil).
+// Listen directs subsequent operations on any dummy environment
+// to channel c (if not nil).
 func Listen(c chan<- Operation) {
 	dummy.mu.Lock()
 	defer dummy.mu.Unlock()
 	if c == nil {
 		c = discardOperations
 	}
-	if dummy.ops != discardOperations {
-		close(dummy.ops)
-	}
 	dummy.ops = c
 	for _, st := range dummy.state {
 		st.mu.Lock()
@@ -536,7 +505,7 @@
 func (e *environ) state() (*environState, error) {
 	dummy.mu.Lock()
 	defer dummy.mu.Unlock()
-	state, ok := dummy.state[e.Config().ControllerUUID()]
+	state, ok := dummy.state[e.modelUUID]
 	if !ok {
 		return nil, errNotPrepared
 	}
@@ -550,12 +519,10 @@
 	if err != nil {
 		return nil, err
 	}
-	if _, ok := p.state[cfg.ControllerUUID()]; !ok {
-		return nil, errNotPrepared
-	}
 	env := &environ{
 		name:         ecfg.Name(),
 		ecfgUnlocked: ecfg,
+		modelUUID:    cfg.UUID(),
 	}
 	if err := env.checkBroken("Open"); err != nil {
 		return nil, err
@@ -569,7 +536,7 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (p *environProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (p *environProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	// NOTE: this check might appear redundant, but it's not: some tests
 	// (apiserver/modelmanager) inject a string value and determine that
 	// the config is validated later; validating here would render that
@@ -598,7 +565,11 @@
 	p.mu.Lock()
 	defer p.mu.Unlock()
 
-	envState, ok := p.state[args.Config.ControllerUUID()]
+	controllerUUID := args.ControllerUUID
+	if controllerUUID != args.Config.UUID() {
+		return nil, errors.Errorf("invalid bootstrap config, model UUID %v doesn't equal controller UUID %v", controllerUUID, args.Config.UUID())
+	}
+	envState, ok := p.state[controllerUUID]
 	if ok {
 		// BootstrapConfig is expected to return the same result given
 		// the same input. We assume that the args are the same for a
@@ -619,16 +590,10 @@
 	envState = newState(name, p.ops, p.statePolicy)
 	cfg := args.Config
 	if ecfg.controller() {
-		apiPort := envState.listenAPI()
-		cfg, err = cfg.Apply(map[string]interface{}{
-			"api-port": apiPort,
-		})
-		if err != nil {
-			return nil, err
-		}
+		p.apiPort = envState.listenAPI()
 	}
 	envState.bootstrapConfig = cfg
-	p.state[cfg.ControllerUUID()] = envState
+	p.state[controllerUUID] = envState
 	return cfg, nil
 }
 
@@ -687,20 +652,11 @@
 	if err := e.checkBroken("Bootstrap"); err != nil {
 		return nil, err
 	}
-	network.SetPreferIPv6(e.Config().PreferIPv6())
-	password := e.Config().AdminSecret()
-	if password == "" {
-		return nil, fmt.Errorf("admin-secret is required for bootstrap")
-	}
-	if _, ok := e.Config().CACert(); !ok {
-		return nil, fmt.Errorf("no CA certificate in model configuration")
+	if _, ok := args.ControllerConfig.CACert(); !ok {
+		return nil, fmt.Errorf("no CA certificate in controller configuration")
 	}
 
 	logger.Infof("would pick tools from %s", availableTools)
-	cfg, err := environs.BootstrapConfig(e.Config())
-	if err != nil {
-		return nil, fmt.Errorf("cannot make bootstrap config: %v", err)
-	}
 
 	estate, err := e.state()
 	if err != nil {
@@ -711,7 +667,6 @@
 	if estate.bootstrapped {
 		return nil, fmt.Errorf("model is already bootstrapped")
 	}
-	estate.preferIPv6 = e.Config().PreferIPv6()
 
 	// Create an instance for the bootstrap node.
 	logger.Infof("creating bootstrap instance")
@@ -726,63 +681,86 @@
 		controller:   true,
 	}
 	estate.insts[i.id] = i
-
-	if e.ecfg().controller() {
-		// TODO(rog) factor out relevant code from cmd/jujud/bootstrap.go
-		// so that we can call it here.
-
-		info := stateInfo(estate.preferIPv6)
-		// Since the admin user isn't setup until after here,
-		// the password in the info structure is empty, so the admin
-		// user is constructed with an empty password here.
-		// It is set just below.
-		st, err := state.Initialize(
-			names.NewUserTag("admin@local"), info, cfg,
-			mongotest.DialOpts(), estate.statePolicy)
-		if err != nil {
-			panic(err)
-		}
-		if err := st.SetModelConstraints(args.ModelConstraints); err != nil {
-			panic(err)
-		}
-		if err := st.SetAdminMongoPassword(password); err != nil {
-			panic(err)
-		}
-		if err := st.MongoSession().DB("admin").Login("admin", password); err != nil {
-			panic(err)
-		}
-		env, err := st.Model()
-		if err != nil {
-			panic(err)
-		}
-		owner, err := st.User(env.Owner())
-		if err != nil {
-			panic(err)
-		}
-		// We log this out for test purposes only. No one in real life can use
-		// a dummy provider for anything other than testing, so logging the password
-		// here is fine.
-		logger.Debugf("setting password for %q to %q", owner.Name(), password)
-		owner.SetPassword(password)
-
-		estate.apiStatePool = state.NewStatePool(st)
-
-		estate.apiServer, err = apiserver.NewServer(st, estate.apiListener, apiserver.ServerConfig{
-			Cert:      []byte(testing.ServerCert),
-			Key:       []byte(testing.ServerKey),
-			Tag:       names.NewMachineTag("0"),
-			DataDir:   DataDir,
-			LogDir:    LogDir,
-			StatePool: estate.apiStatePool,
-		})
-		if err != nil {
-			panic(err)
-		}
-		estate.apiState = st
-	}
 	estate.bootstrapped = true
 	estate.ops <- OpBootstrap{Context: ctx, Env: e.name, Args: args}
-	finalize := func(ctx environs.BootstrapContext, icfg *instancecfg.InstanceConfig) error {
+
+	finalize := func(ctx environs.BootstrapContext, icfg *instancecfg.InstanceConfig, _ environs.BootstrapDialOpts) error {
+		if e.ecfg().controller() {
+			icfg.Bootstrap.BootstrapMachineInstanceId = BootstrapInstanceId
+			if err := instancecfg.FinishInstanceConfig(icfg, e.Config()); err != nil {
+				return err
+			}
+
+			cloudCredentials := make(map[string]cloud.Credential)
+			if icfg.Bootstrap.ControllerCloudCredential != nil {
+				cloudCredentials[icfg.Bootstrap.ControllerCloudCredentialName] =
+					*icfg.Bootstrap.ControllerCloudCredential
+			}
+
+			info := stateInfo()
+			// Since the admin user isn't setup until after here,
+			// the password in the info structure is empty, so the admin
+			// user is constructed with an empty password here.
+			// It is set just below.
+			st, err := state.Initialize(state.InitializeParams{
+				ControllerConfig: icfg.Controller.Config,
+				ControllerModelArgs: state.ModelArgs{
+					Owner:           names.NewUserTag("admin@local"),
+					Config:          icfg.Bootstrap.ControllerModelConfig,
+					Constraints:     icfg.Bootstrap.BootstrapMachineConstraints,
+					CloudName:       icfg.Bootstrap.ControllerCloudName,
+					CloudRegion:     icfg.Bootstrap.ControllerCloudRegion,
+					CloudCredential: icfg.Bootstrap.ControllerCloudCredentialName,
+				},
+				Cloud:            icfg.Bootstrap.ControllerCloud,
+				CloudName:        icfg.Bootstrap.ControllerCloudName,
+				CloudCredentials: cloudCredentials,
+				MongoInfo:        info,
+				MongoDialOpts:    mongotest.DialOpts(),
+				Policy:           estate.statePolicy,
+			})
+			if err != nil {
+				return err
+			}
+			if err := st.SetModelConstraints(args.ModelConstraints); err != nil {
+				return err
+			}
+			if err := st.SetAdminMongoPassword(icfg.Controller.MongoInfo.Password); err != nil {
+				return err
+			}
+			if err := st.MongoSession().DB("admin").Login("admin", icfg.Controller.MongoInfo.Password); err != nil {
+				return err
+			}
+			env, err := st.Model()
+			if err != nil {
+				return err
+			}
+			owner, err := st.User(env.Owner())
+			if err != nil {
+				return err
+			}
+			// We log this out for test purposes only. No one in real life can use
+			// a dummy provider for anything other than testing, so logging the password
+			// here is fine.
+			logger.Debugf("setting password for %q to %q", owner.Name(), icfg.Controller.MongoInfo.Password)
+			owner.SetPassword(icfg.Controller.MongoInfo.Password)
+
+			estate.apiStatePool = state.NewStatePool(st)
+
+			estate.apiServer, err = apiserver.NewServer(st, estate.apiListener, apiserver.ServerConfig{
+				Cert:        []byte(testing.ServerCert),
+				Key:         []byte(testing.ServerKey),
+				Tag:         names.NewMachineTag("0"),
+				DataDir:     DataDir,
+				LogDir:      LogDir,
+				StatePool:   estate.apiStatePool,
+				NewObserver: func() observer.Observer { return &fakeobserver.Instance{} },
+			})
+			if err != nil {
+				panic(err)
+			}
+			estate.apiState = st
+		}
 		estate.ops <- OpFinalizeBootstrap{Context: ctx, Env: e.name, InstanceConfig: icfg}
 		return nil
 	}
@@ -795,7 +773,7 @@
 	return bsResult, nil
 }
 
-func (e *environ) ControllerInstances() ([]instance.Id, error) {
+func (e *environ) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
 	estate, err := e.state()
 	if err != nil {
 		return nil, err
@@ -859,16 +837,22 @@
 	if !e.ecfg().controller() {
 		return nil
 	}
-	dummy.mu.Lock()
-	delete(dummy.state, estate.bootstrapConfig.ControllerUUID())
-	dummy.mu.Unlock()
-
 	estate.mu.Lock()
 	defer estate.mu.Unlock()
 	estate.destroy()
 	return nil
 }
 
+func (e *environ) DestroyController(controllerUUID string) error {
+	if err := e.Destroy(); err != nil {
+		return err
+	}
+	dummy.mu.Lock()
+	delete(dummy.state, e.modelUUID)
+	dummy.mu.Unlock()
+	return nil
+}
+
 // ConstraintsValidator is defined on the Environs interface.
 func (e *environ) ConstraintsValidator() (constraints.Validator, error) {
 	validator := constraints.NewValidator()
@@ -908,11 +892,10 @@
 	if args.InstanceConfig.MachineNonce == "" {
 		return nil, errors.New("cannot start instance: missing machine nonce")
 	}
-	if _, ok := e.Config().CACert(); !ok {
-		return nil, errors.New("no CA certificate in model configuration")
-	}
-	if args.InstanceConfig.MongoInfo.Tag != names.NewMachineTag(machineId) {
-		return nil, errors.New("entity tag must match started machine")
+	if args.InstanceConfig.Controller != nil {
+		if args.InstanceConfig.Controller.MongoInfo.Tag != names.NewMachineTag(machineId) {
+			return nil, errors.New("entity tag must match started machine")
+		}
 	}
 	if args.InstanceConfig.APIInfo.Tag != names.NewMachineTag(machineId) {
 		return nil, errors.New("entity tag must match started machine")
@@ -922,9 +905,6 @@
 
 	idString := fmt.Sprintf("%s-%d", e.name, estate.maxId)
 	addrs := network.NewAddresses(idString+".dns", "127.0.0.1")
-	if estate.preferIPv6 {
-		addrs = append(addrs, network.NewAddress(fmt.Sprintf("fc00::%x", estate.maxId+1)))
-	}
 	logger.Debugf("StartInstance addresses: %v", addrs)
 	i := &dummyInstance{
 		id:           instance.Id(idString),
@@ -994,6 +974,10 @@
 			},
 		}
 	}
+	var mongoInfo *mongo.MongoInfo
+	if args.InstanceConfig.Controller != nil {
+		mongoInfo = args.InstanceConfig.Controller.MongoInfo
+	}
 	estate.insts[i.id] = i
 	estate.maxId++
 	estate.ops <- OpStartInstance{
@@ -1006,7 +990,7 @@
 		Volumes:          volumes,
 		Instance:         i,
 		Jobs:             args.InstanceConfig.Jobs,
-		Info:             args.InstanceConfig.MongoInfo,
+		Info:             mongoInfo,
 		APIInfo:          args.InstanceConfig.APIInfo,
 		AgentEnvironment: args.InstanceConfig.AgentEnvironment,
 		Secret:           e.ecfg().secret(),
@@ -1127,95 +1111,6 @@
 		}}}}, nil
 }
 
-// SupportsAddressAllocation is specified on environs.Networking.
-func (env *environ) SupportsAddressAllocation(subnetId network.Id) (bool, error) {
-	if !environs.AddressAllocationEnabled("dummy") {
-		return false, errors.NotSupportedf("address allocation")
-	}
-
-	if err := env.checkBroken("SupportsAddressAllocation"); err != nil {
-		return false, err
-	}
-	// Any subnetId starting with "noalloc-" will cause this to return
-	// false, so it can be used in tests.
-	if strings.HasPrefix(string(subnetId), "noalloc-") {
-		return false, nil
-	}
-	return true, nil
-}
-
-// AllocateAddress requests an address to be allocated for the
-// given instance on the given subnet.
-func (env *environ) AllocateAddress(instId instance.Id, subnetId network.Id, addr *network.Address, macAddress, hostname string) error {
-	if !environs.AddressAllocationEnabled("dummy") {
-		// Any instId starting with "i-alloc-" when the feature flag is off will
-		// still work, in order to be able to test MAAS 1.8+ environment where
-		// we can use devices for containers.
-		if !strings.HasPrefix(string(instId), "i-alloc-") {
-			return errors.NotSupportedf("address allocation")
-		}
-		// Also, in this case we expect addr to be non-nil, but empty, so it can
-		// be used as an output argument (same as in provider/maas).
-		if addr == nil || addr.Value != "" {
-			return errors.NewNotValid(nil, "invalid address: nil or non-empty")
-		}
-	}
-
-	if err := env.checkBroken("AllocateAddress"); err != nil {
-		return err
-	}
-
-	estate, err := env.state()
-	if err != nil {
-		return err
-	}
-	estate.mu.Lock()
-	defer estate.mu.Unlock()
-	estate.maxAddr++
-
-	if addr.Value == "" {
-		*addr = network.NewAddress(fmt.Sprintf("0.10.0.%v", estate.maxAddr))
-	}
-
-	estate.ops <- OpAllocateAddress{
-		Env:        env.name,
-		InstanceId: instId,
-		SubnetId:   subnetId,
-		Address:    *addr,
-		MACAddress: macAddress,
-		HostName:   hostname,
-	}
-	return nil
-}
-
-// ReleaseAddress releases a specific address previously allocated with
-// AllocateAddress.
-func (env *environ) ReleaseAddress(instId instance.Id, subnetId network.Id, addr network.Address, macAddress, hostname string) error {
-	if !environs.AddressAllocationEnabled("dummy") {
-		return errors.NotSupportedf("address allocation")
-	}
-
-	if err := env.checkBroken("ReleaseAddress"); err != nil {
-		return err
-	}
-	estate, err := env.state()
-	if err != nil {
-		return err
-	}
-	estate.mu.Lock()
-	defer estate.mu.Unlock()
-	estate.maxAddr--
-	estate.ops <- OpReleaseAddress{
-		Env:        env.name,
-		InstanceId: instId,
-		SubnetId:   subnetId,
-		Address:    addr,
-		MACAddress: macAddress,
-		HostName:   hostname,
-	}
-	return nil
-}
-
 // NetworkInterfaces implements Environ.NetworkInterfaces().
 func (env *environ) NetworkInterfaces(instId instance.Id) ([]network.InterfaceInfo, error) {
 	if err := env.checkBroken("NetworkInterfaces"); err != nil {
@@ -1255,25 +1150,6 @@
 		}
 	}
 
-	if strings.HasPrefix(string(instId), "i-no-nics-") {
-		// Simulate no NICs on instances with id prefix "i-no-nics-".
-		info = info[:0]
-	} else if strings.HasPrefix(string(instId), "i-nic-no-subnet-") {
-		// Simulate a nic with no subnet on instances with id prefix
-		// "i-nic-no-subnet-"
-		info = []network.InterfaceInfo{{
-			DeviceIndex:   0,
-			ProviderId:    network.Id("dummy-eth0"),
-			InterfaceName: "eth0",
-			MACAddress:    "aa:bb:cc:dd:ee:f0",
-			Disabled:      false,
-			NoAutoStart:   false,
-			ConfigType:    network.ConfigDHCP,
-		}}
-	} else if strings.HasPrefix(string(instId), "i-disabled-nic-") {
-		info = info[2:]
-	}
-
 	estate.ops <- OpNetworkInterfaces{
 		Env:        env.name,
 		InstanceId: instId,
@@ -1335,14 +1211,10 @@
 	allSubnets := []network.SubnetInfo{{
 		CIDR:              "0.10.0.0/24",
 		ProviderId:        "dummy-private",
-		AllocatableIPLow:  net.ParseIP("0.10.0.0"),
-		AllocatableIPHigh: net.ParseIP("0.10.0.255"),
 		AvailabilityZones: []string{"zone1", "zone2"},
 	}, {
-		CIDR:              "0.20.0.0/24",
-		ProviderId:        "dummy-public",
-		AllocatableIPLow:  net.ParseIP("0.20.0.0"),
-		AllocatableIPHigh: net.ParseIP("0.20.0.255"),
+		CIDR:       "0.20.0.0/24",
+		ProviderId: "dummy-public",
 	}}
 
 	// Filter result by ids, if given.
@@ -1358,14 +1230,6 @@
 	if len(subnetIds) == 0 {
 		result = append([]network.SubnetInfo{}, allSubnets...)
 	}
-
-	noSubnets := strings.HasPrefix(string(instId), "i-no-subnets")
-	noNICSubnets := strings.HasPrefix(string(instId), "i-nic-no-subnet-")
-	if noSubnets || noNICSubnets {
-		// Simulate no subnets available if the instance id has prefix
-		// "i-no-subnets-".
-		result = result[:0]
-	}
 	if len(result) == 0 {
 		// No results, so just return them now.
 		estate.ops <- OpSubnets{
@@ -1377,38 +1241,6 @@
 		return result, nil
 	}
 
-	makeNoAlloc := func(info network.SubnetInfo) network.SubnetInfo {
-		// Remove the allocatable range and change the provider id
-		// prefix.
-		pid := string(info.ProviderId)
-		pid = strings.TrimPrefix(pid, "dummy-")
-		info.ProviderId = network.Id("noalloc-" + pid)
-		info.AllocatableIPLow = nil
-		info.AllocatableIPHigh = nil
-		return info
-	}
-	if strings.HasPrefix(string(instId), "i-no-alloc-") {
-		iid := strings.TrimPrefix(string(instId), "i-no-alloc-")
-		lastIdx := len(result) - 1
-		if strings.HasPrefix(iid, "all") {
-			// Simulate all subnets have no allocatable ranges set.
-			for i := range result {
-				result[i] = makeNoAlloc(result[i])
-			}
-		} else if idx, err := strconv.Atoi(iid); err == nil {
-			// Simulate only the subnet with index idx in the result
-			// have no allocatable range set.
-			if idx < 0 || idx > lastIdx {
-				err = errors.Errorf("index %d out of range; expected 0..%d", idx, lastIdx)
-				return nil, err
-			}
-			result[idx] = makeNoAlloc(result[idx])
-		} else {
-			err = errors.Errorf("invalid index %q; expected int", iid)
-			return nil, err
-		}
-	}
-
 	estate.ops <- OpSubnets{
 		Env:        env.name,
 		InstanceId: instId,
@@ -1692,13 +1524,6 @@
 	}
 }
 
-func (e *environ) AllocateContainerAddresses(hostInstanceID instance.Id, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
+func (e *environ) AllocateContainerAddresses(hostInstanceID instance.Id, containerTag names.MachineTag, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
 	return nil, errors.NotSupportedf("container address allocation")
 }
-
-// MigrationConfigUpdate implements MigrationConfigUpdater.
-func (*environ) MigrationConfigUpdate(controllerConfig *config.Config) map[string]interface{} {
-	return map[string]interface{}{
-		"controller-uuid": controllerConfig.UUID(),
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/dummy/environs_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/dummy/environs_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/dummy/environs_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/dummy/environs_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,6 @@
 package dummy_test
 
 import (
-	"net"
 	"strings"
 	stdtesting "testing"
 	"time"
@@ -14,14 +13,14 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/jujutest"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	envtesting "github.com/juju/juju/environs/testing"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/dummy"
@@ -29,6 +28,8 @@
 	jujuversion "github.com/juju/juju/version"
 )
 
+const AdminSecret = "admin-secret"
+
 func TestPackage(t *stdtesting.T) {
 	testing.MgoTestPackage(t)
 }
@@ -58,7 +59,7 @@
 	s.BaseSuite.SetUpSuite(c)
 	s.MgoSuite.SetUpSuite(c)
 	s.LiveTests.SetUpSuite(c)
-	s.BaseSuite.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.BaseSuite.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 }
 
 func (s *liveSuite) TearDownSuite(c *gc.C) {
@@ -69,7 +70,6 @@
 
 func (s *liveSuite) SetUpTest(c *gc.C) {
 	s.BaseSuite.SetUpTest(c)
-	s.SetFeatureFlags(feature.AddressAllocation)
 	s.MgoSuite.SetUpTest(c)
 	s.LiveTests.SetUpTest(c)
 	s.BaseSuite.PatchValue(&dummy.LogDir, c.MkDir())
@@ -100,7 +100,6 @@
 
 func (s *suite) SetUpTest(c *gc.C) {
 	s.BaseSuite.SetUpTest(c)
-	s.SetFeatureFlags(feature.AddressAllocation)
 	s.PatchValue(&jujuversion.Current, testing.FakeVersionNumber)
 	s.MgoSuite.SetUpTest(c)
 	s.Tests.SetUpTest(c)
@@ -114,15 +113,16 @@
 	s.BaseSuite.TearDownTest(c)
 }
 
-func (s *suite) bootstrapTestEnviron(c *gc.C, preferIPv6 bool) environs.NetworkingEnviron {
-	s.TestConfig["prefer-ipv6"] = preferIPv6
-	env, err := environs.Prepare(
+func (s *suite) bootstrapTestEnviron(c *gc.C) environs.NetworkingEnviron {
+	env, err := bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		s.ControllerStore,
-		environs.PrepareParams{
-			BaseConfig:     s.TestConfig,
-			ControllerName: s.TestConfig["name"].(string),
-			CloudName:      "dummy",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			BaseConfig:       s.TestConfig,
+			ControllerName:   s.TestConfig["name"].(string),
+			CloudName:        "dummy",
+			AdminSecret:      AdminSecret,
 		},
 	)
 	c.Assert(err, gc.IsNil, gc.Commentf("preparing environ %#v", s.TestConfig))
@@ -130,58 +130,34 @@
 	netenv, supported := environs.SupportsNetworking(env)
 	c.Assert(supported, jc.IsTrue)
 
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), netenv, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), netenv, bootstrap.BootstrapParams{
+		ControllerConfig: testing.FakeControllerConfig(),
+		CloudName:        "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		AdminSecret:  AdminSecret,
+		CAPrivateKey: testing.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	return netenv
 }
 
 func (s *suite) TestAvailabilityZone(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, true)
+	e := s.bootstrapTestEnviron(c)
 	defer func() {
 		err := e.Destroy()
 		c.Assert(err, jc.ErrorIsNil)
 	}()
 
-	inst, hwc := jujutesting.AssertStartInstance(c, e, "0")
+	inst, hwc := jujutesting.AssertStartInstance(c, e, s.ControllerUUID, "0")
 	c.Assert(inst, gc.NotNil)
 	c.Check(hwc.AvailabilityZone, gc.IsNil)
 }
 
-func (s *suite) TestSupportsAddressAllocation(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
-	defer func() {
-		err := e.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}()
-
-	// By default, it's supported.
-	supported, err := e.SupportsAddressAllocation("any-id")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(supported, jc.IsTrue)
-
-	// Any subnet id with prefix "noalloc-" simulates address
-	// allocation is not supported.
-	supported, err = e.SupportsAddressAllocation("noalloc-foo")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(supported, jc.IsFalse)
-
-	// Test we can induce an error for SupportsAddressAllocation.
-	s.breakMethods(c, e, "SupportsAddressAllocation")
-	supported, err = e.SupportsAddressAllocation("any-id")
-	c.Assert(err, gc.ErrorMatches, `dummy\.SupportsAddressAllocation is broken`)
-	c.Assert(supported, jc.IsFalse)
-
-	// Finally, test the method respects the feature flag when
-	// disabled.
-	s.SetFeatureFlags() // clear the flags.
-	supported, err = e.SupportsAddressAllocation("any-id")
-	c.Assert(err, gc.ErrorMatches, "address allocation not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-	c.Assert(supported, jc.IsFalse)
-}
-
 func (s *suite) TestSupportsSpaces(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
+	e := s.bootstrapTestEnviron(c)
 	defer func() {
 		err := e.Destroy()
 		c.Assert(err, jc.ErrorIsNil)
@@ -208,7 +184,7 @@
 }
 
 func (s *suite) TestSupportsSpaceDiscovery(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
+	e := s.bootstrapTestEnviron(c)
 	defer func() {
 		err := e.Destroy()
 		c.Assert(err, jc.ErrorIsNil)
@@ -244,88 +220,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *suite) TestAllocateAddress(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
-	defer func() {
-		err := e.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}()
-
-	inst, _ := jujutesting.AssertStartInstance(c, e, "0")
-	c.Assert(inst, gc.NotNil)
-	subnetId := network.Id("net1")
-
-	opc := make(chan dummy.Operation, 200)
-	dummy.Listen(opc)
-
-	// Test allocating a couple of addresses.
-	newAddress := network.NewScopedAddress("0.1.2.1", network.ScopeCloudLocal)
-	err := e.AllocateAddress(inst.Id(), subnetId, &newAddress, "foo", "bar")
-	c.Assert(err, jc.ErrorIsNil)
-	assertAllocateAddress(c, e, opc, inst.Id(), subnetId, newAddress, "foo", "bar")
-
-	newAddress = network.NewScopedAddress("0.1.2.2", network.ScopeCloudLocal)
-	err = e.AllocateAddress(inst.Id(), subnetId, &newAddress, "foo", "bar")
-	c.Assert(err, jc.ErrorIsNil)
-	assertAllocateAddress(c, e, opc, inst.Id(), subnetId, newAddress, "foo", "bar")
-
-	// Test we can induce errors.
-	s.breakMethods(c, e, "AllocateAddress")
-	newAddress = network.NewScopedAddress("0.1.2.3", network.ScopeCloudLocal)
-	err = e.AllocateAddress(inst.Id(), subnetId, &newAddress, "foo", "bar")
-	c.Assert(err, gc.ErrorMatches, `dummy\.AllocateAddress is broken`)
-
-	// Finally, test the method respects the feature flag when
-	// disabled.
-	s.SetFeatureFlags() // clear the flags.
-	err = e.AllocateAddress(inst.Id(), subnetId, &newAddress, "foo", "bar")
-	c.Assert(err, gc.ErrorMatches, "address allocation not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-}
-
-func (s *suite) TestReleaseAddress(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
-	defer func() {
-		err := e.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}()
-
-	inst, _ := jujutesting.AssertStartInstance(c, e, "0")
-	c.Assert(inst, gc.NotNil)
-	subnetId := network.Id("net1")
-
-	opc := make(chan dummy.Operation, 200)
-	dummy.Listen(opc)
-
-	// Release a couple of addresses.
-	address := network.NewScopedAddress("0.1.2.1", network.ScopeCloudLocal)
-	macAddress := "foobar"
-	hostname := "myhostname"
-	err := e.ReleaseAddress(inst.Id(), subnetId, address, macAddress, hostname)
-	c.Assert(err, jc.ErrorIsNil)
-	assertReleaseAddress(c, e, opc, inst.Id(), subnetId, address, macAddress, hostname)
-
-	address = network.NewScopedAddress("0.1.2.2", network.ScopeCloudLocal)
-	err = e.ReleaseAddress(inst.Id(), subnetId, address, macAddress, hostname)
-	c.Assert(err, jc.ErrorIsNil)
-	assertReleaseAddress(c, e, opc, inst.Id(), subnetId, address, macAddress, hostname)
-
-	// Test we can induce errors.
-	s.breakMethods(c, e, "ReleaseAddress")
-	address = network.NewScopedAddress("0.1.2.3", network.ScopeCloudLocal)
-	err = e.ReleaseAddress(inst.Id(), subnetId, address, macAddress, hostname)
-	c.Assert(err, gc.ErrorMatches, `dummy\.ReleaseAddress is broken`)
-
-	// Finally, test the method respects the feature flag when
-	// disabled.
-	s.SetFeatureFlags() // clear the flags.
-	err = e.ReleaseAddress(inst.Id(), subnetId, address, macAddress, hostname)
-	c.Assert(err, gc.ErrorMatches, "address allocation not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-}
-
 func (s *suite) TestNetworkInterfaces(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
+	e := s.bootstrapTestEnviron(c)
 	defer func() {
 		err := e.Destroy()
 		c.Assert(err, jc.ErrorIsNil)
@@ -385,52 +281,6 @@
 	c.Assert(info, jc.DeepEquals, expectInfo)
 	assertInterfaces(c, e, opc, "i-42", expectInfo)
 
-	// Test that with instance id prefix "i-no-nics-" no results are
-	// returned.
-	info, err = e.NetworkInterfaces("i-no-nics-here")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(info, gc.HasLen, 0)
-	assertInterfaces(c, e, opc, "i-no-nics-here", expectInfo[:0])
-
-	// Test that with instance id prefix "i-nic-no-subnet-" we get a result
-	// with no associated subnet.
-	expectInfo = []network.InterfaceInfo{{
-		DeviceIndex:   0,
-		ProviderId:    network.Id("dummy-eth0"),
-		InterfaceName: "eth0",
-		MACAddress:    "aa:bb:cc:dd:ee:f0",
-		Disabled:      false,
-		NoAutoStart:   false,
-		ConfigType:    network.ConfigDHCP,
-	}}
-	info, err = e.NetworkInterfaces("i-nic-no-subnet-here")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(info, gc.HasLen, 1)
-	assertInterfaces(c, e, opc, "i-nic-no-subnet-here", expectInfo)
-
-	// Test that with instance id prefix "i-disabled-nic-" we get a result
-	// with only a disabled subnet.
-	expectInfo = []network.InterfaceInfo{{
-		ProviderId:       "dummy-eth2",
-		ProviderSubnetId: "dummy-disabled",
-		CIDR:             "0.30.0.0/24",
-		DeviceIndex:      2,
-		InterfaceName:    "eth2",
-		InterfaceType:    "ethernet",
-		VLANTag:          2,
-		MACAddress:       "aa:bb:cc:dd:ee:f2",
-		Disabled:         true,
-		NoAutoStart:      false,
-		ConfigType:       network.ConfigDHCP,
-		Address:          network.NewAddress("0.30.0.2"),
-		DNSServers:       network.NewAddresses("ns1.dummy", "ns2.dummy"),
-		GatewayAddress:   network.NewAddress("0.30.0.1"),
-	}}
-	info, err = e.NetworkInterfaces("i-disabled-nic-here")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(info, gc.HasLen, 1)
-	assertInterfaces(c, e, opc, "i-disabled-nic-here", expectInfo)
-
 	// Test we can induce errors.
 	s.breakMethods(c, e, "NetworkInterfaces")
 	info, err = e.NetworkInterfaces("i-any")
@@ -439,7 +289,7 @@
 }
 
 func (s *suite) TestSubnets(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
+	e := s.bootstrapTestEnviron(c)
 	defer func() {
 		err := e.Destroy()
 		c.Assert(err, jc.ErrorIsNil)
@@ -451,27 +301,11 @@
 	expectInfo := []network.SubnetInfo{{
 		CIDR:              "0.10.0.0/24",
 		ProviderId:        "dummy-private",
-		AllocatableIPLow:  net.ParseIP("0.10.0.0"),
-		AllocatableIPHigh: net.ParseIP("0.10.0.255"),
 		AvailabilityZones: []string{"zone1", "zone2"},
 	}, {
-		CIDR:              "0.20.0.0/24",
-		ProviderId:        "dummy-public",
-		AllocatableIPLow:  net.ParseIP("0.20.0.0"),
-		AllocatableIPHigh: net.ParseIP("0.20.0.255"),
+		CIDR:       "0.20.0.0/24",
+		ProviderId: "dummy-public",
 	}}
-	// Prepare a version of the above with no allocatable range to
-	// test the magic "i-no-alloc-" prefix below.
-	noallocInfo := make([]network.SubnetInfo, len(expectInfo))
-	for i, exp := range expectInfo {
-		pid := string(exp.ProviderId)
-		pid = strings.TrimPrefix(pid, "dummy-")
-		noallocInfo[i].ProviderId = network.Id("noalloc-" + pid)
-		noallocInfo[i].AllocatableIPLow = nil
-		noallocInfo[i].AllocatableIPHigh = nil
-		noallocInfo[i].AvailabilityZones = exp.AvailabilityZones
-		noallocInfo[i].CIDR = exp.CIDR
-	}
 
 	ids := []network.Id{"dummy-private", "dummy-public", "foo-bar"}
 	netInfo, err := e.Subnets("i-foo", ids)
@@ -493,58 +327,6 @@
 	c.Assert(netInfo, jc.DeepEquals, expectInfo[1:])
 	assertSubnets(c, e, opc, "i-foo", ids[1:], expectInfo[1:])
 
-	// Test that using an instance id with prefix of either
-	// "i-no-subnets-" or "i-nic-no-subnet-"
-	// returns no results, regardless whether ids are given or not.
-	for _, instId := range []instance.Id{"i-no-subnets-foo", "i-nic-no-subnet-foo"} {
-		netInfo, err = e.Subnets(instId, nil)
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(netInfo, gc.HasLen, 0)
-		assertSubnets(c, e, opc, instId, nil, expectInfo[:0])
-	}
-
-	netInfo, err = e.Subnets("i-no-subnets-foo", ids)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(netInfo, gc.HasLen, 0)
-	assertSubnets(c, e, opc, "i-no-subnets-foo", ids, expectInfo[:0])
-
-	// Test the behavior with "i-no-alloc-" instance id prefix.
-	// When # is "all", all returned subnets have no allocatable range
-	// set and have provider ids with "noalloc-" prefix.
-	netInfo, err = e.Subnets("i-no-alloc-all", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(netInfo, jc.DeepEquals, noallocInfo)
-	assertSubnets(c, e, opc, "i-no-alloc-all", nil, noallocInfo)
-
-	// When # is an integer, the #-th subnet in result has no
-	// allocatable range set and a provider id prefix "noalloc-".
-	netInfo, err = e.Subnets("i-no-alloc-0", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	expectResult := []network.SubnetInfo{noallocInfo[0], expectInfo[1]}
-	c.Assert(netInfo, jc.DeepEquals, expectResult)
-	assertSubnets(c, e, opc, "i-no-alloc-0", nil, expectResult)
-
-	netInfo, err = e.Subnets("i-no-alloc-1", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	expectResult = []network.SubnetInfo{expectInfo[0], noallocInfo[1]}
-	c.Assert(netInfo, jc.DeepEquals, expectResult)
-	assertSubnets(c, e, opc, "i-no-alloc-1", nil, expectResult)
-
-	// For the last case above, also test the error returned when # is
-	// not integer or it's out of range of the results (including when
-	// filtering by ids is applied).
-	netInfo, err = e.Subnets("i-no-alloc-foo", nil)
-	c.Assert(err, gc.ErrorMatches, `invalid index "foo"; expected int`)
-	c.Assert(netInfo, gc.HasLen, 0)
-
-	netInfo, err = e.Subnets("i-no-alloc-1", ids[:1])
-	c.Assert(err, gc.ErrorMatches, `index 1 out of range; expected 0..0`)
-	c.Assert(netInfo, gc.HasLen, 0)
-
-	netInfo, err = e.Subnets("i-no-alloc-2", ids)
-	c.Assert(err, gc.ErrorMatches, `index 2 out of range; expected 0..1`)
-	c.Assert(netInfo, gc.HasLen, 0)
-
 	// Test we can induce errors.
 	s.breakMethods(c, e, "Subnets")
 	netInfo, err = e.Subnets("i-any", nil)
@@ -552,88 +334,6 @@
 	c.Assert(netInfo, gc.HasLen, 0)
 }
 
-func (s *suite) TestPreferIPv6On(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, true)
-	defer func() {
-		err := e.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}()
-
-	inst, _ := jujutesting.AssertStartInstance(c, e, "0")
-	c.Assert(inst, gc.NotNil)
-	addrs, err := inst.Addresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addrs, jc.DeepEquals, network.NewAddresses("only-0.dns", "127.0.0.1", "fc00::1"))
-}
-
-func (s *suite) TestPreferIPv6Off(c *gc.C) {
-	e := s.bootstrapTestEnviron(c, false)
-	defer func() {
-		err := e.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}()
-
-	inst, _ := jujutesting.AssertStartInstance(c, e, "0")
-	c.Assert(inst, gc.NotNil)
-	addrs, err := inst.Addresses()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addrs, jc.DeepEquals, network.NewAddresses("only-0.dns", "127.0.0.1"))
-}
-
-func assertAllocateAddress(
-	c *gc.C,
-	e environs.Environ,
-	opc chan dummy.Operation,
-	expectInstId instance.Id,
-	expectSubnetId network.Id,
-	expectAddress network.Address,
-	expectMAC string,
-	expectHost string,
-) {
-	select {
-	case op := <-opc:
-		addrOp, ok := op.(dummy.OpAllocateAddress)
-		if !ok {
-			c.Fatalf("unexpected op: %#v", op)
-		}
-		c.Check(addrOp.SubnetId, gc.Equals, expectSubnetId)
-		c.Check(addrOp.InstanceId, gc.Equals, expectInstId)
-		c.Check(addrOp.Address, gc.Equals, expectAddress)
-		c.Check(addrOp.MACAddress, gc.Equals, expectMAC)
-		c.Check(addrOp.HostName, gc.Equals, expectHost)
-		return
-	case <-time.After(testing.ShortWait):
-		c.Fatalf("time out wating for operation")
-	}
-}
-
-func assertReleaseAddress(
-	c *gc.C,
-	e environs.Environ,
-	opc chan dummy.Operation,
-	expectInstId instance.Id,
-	expectSubnetId network.Id,
-	expectAddress network.Address,
-	expectMAC string,
-	expectHost string,
-) {
-	select {
-	case op := <-opc:
-		addrOp, ok := op.(dummy.OpReleaseAddress)
-		if !ok {
-			c.Fatalf("unexpected op: %#v", op)
-		}
-		c.Check(addrOp.SubnetId, gc.Equals, expectSubnetId)
-		c.Check(addrOp.InstanceId, gc.Equals, expectInstId)
-		c.Check(addrOp.Address, gc.Equals, expectAddress)
-		c.Check(addrOp.MACAddress, gc.Equals, expectMAC)
-		c.Check(addrOp.HostName, gc.Equals, expectHost)
-		return
-	case <-time.After(testing.ShortWait):
-		c.Fatalf("time out wating for operation")
-	}
-}
-
 func assertInterfaces(c *gc.C, e environs.Environ, opc chan dummy.Operation, expectInstId instance.Id, expectInfo []network.InterfaceInfo) {
 	select {
 	case op := <-opc:
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/config.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,6 @@
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/juju/schema"
 	"gopkg.in/amz.v3/aws"
@@ -35,7 +34,7 @@
 		Type:        environschema.Tstring,
 	},
 	"vpc-id": {
-		Description: "Use a specific AWS VPC ID (optional). When not specified, Juju requires a default VPC to exist the chosen EC2 account/region.",
+		Description: "Use a specific AWS VPC ID (optional). When not specified, Juju requires a default VPC or EC2-Classic features to be available for the account/region.",
 		Example:     "vpc-a1b2c3d4",
 		Type:        environschema.Tstring,
 		Group:       environschema.AccountGroup,
@@ -60,7 +59,6 @@
 var configDefaults = schema.Defaults{
 	"access-key":   "",
 	"secret-key":   "",
-	"region":       "us-east-1",
 	"vpc-id":       "",
 	"vpc-id-force": false,
 }
@@ -131,9 +129,9 @@
 		return nil, fmt.Errorf("invalid region name %q", ecfg.region())
 	}
 
-	if vpcID := ecfg.vpcID(); vpcID != "" && !strings.HasPrefix(vpcID, "vpc-") {
+	if vpcID := ecfg.vpcID(); isVPCIDSetButInvalid(vpcID) {
 		return nil, fmt.Errorf("vpc-id: %q is not a valid AWS VPC ID", vpcID)
-	} else if vpcID == "" && ecfg.forceVPCID() {
+	} else if !isVPCIDSet(vpcID) && ecfg.forceVPCID() {
 		return nil, fmt.Errorf("cannot use vpc-id-force without specifying vpc-id as well")
 	}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -63,7 +63,8 @@
 
 func (t configTest) check(c *gc.C) {
 	attrs := testing.FakeConfig().Merge(testing.Attrs{
-		"type": "ec2",
+		"type":   "ec2",
+		"region": "us-east-1",
 	}).Merge(t.config)
 	cfg, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
@@ -128,10 +129,6 @@
 	{
 		config: attrs{},
 	}, {
-		// check that region defaults to us-east-1
-		config: attrs{},
-		region: "us-east-1",
-	}, {
 		config: attrs{
 			"region": "eu-west-1",
 		},
@@ -172,6 +169,12 @@
 		forceVPCID: false,
 	}, {
 		config: attrs{
+			"vpc-id": vpcIDNone,
+		},
+		vpcID:      "none",
+		forceVPCID: false,
+	}, {
+		config: attrs{
 			"vpc-id": 42,
 		},
 		err:        `.*expected string, got int\(42\)`,
@@ -235,6 +238,16 @@
 	}, {
 		config: attrs{
 			"vpc-id": "",
+		},
+		change: attrs{
+			"vpc-id": "none",
+		},
+		err:        `.*cannot change vpc-id from "" to "none"`,
+		vpcID:      "",
+		forceVPCID: false,
+	}, {
+		config: attrs{
+			"vpc-id": "",
 		},
 		change: attrs{
 			"vpc-id": "vpc-changed",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/credentials.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/credentials.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/credentials.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/credentials.go	2016-07-18 19:45:44.000000000 +0000
@@ -73,7 +73,7 @@
 		}
 		// Basic validation check
 		if values.AwsAccessKeyId == "" || values.AwsSecretAccessKey == "" {
-			logger.Warningf("missing aws credential attributes in credentials file section %q", credName)
+			logger.Errorf("missing aws credential attributes in credentials file section %q", credName)
 			continue
 		}
 		accessKeyCredential := cloud.NewCredential(
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/ebs.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/ebs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/ebs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/ebs.go	2016-07-18 19:45:44.000000000 +0000
@@ -310,7 +310,7 @@
 			return
 		}
 		if _, err := v.ec2.DeleteVolume(volumeId); err != nil {
-			logger.Warningf("error cleaning up volume %v: %v", volumeId, err)
+			logger.Errorf("error cleaning up volume %v: %v", volumeId, err)
 		}
 	}()
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/ebs_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/ebs_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/ebs_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/ebs_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/clock"
@@ -18,6 +17,7 @@
 	awsec2 "gopkg.in/amz.v3/ec2"
 	"gopkg.in/amz.v3/ec2/ec2test"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/constraints"
@@ -28,7 +28,7 @@
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/provider/ec2"
 	"github.com/juju/juju/storage"
 	"github.com/juju/juju/testing"
@@ -91,7 +91,7 @@
 	})
 	s.restoreEC2Patching = patchEC2ForTesting(c)
 	s.BaseSuite.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
-	s.BaseSuite.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.BaseSuite.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	imagetesting.PatchOfficialDataSources(&s.BaseSuite.CleanupSuite, "test:")
 	s.BaseSuite.PatchValue(ec2.DeleteSecurityGroupInsistently, deleteSecurityGroupForTestFunc)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,6 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/retry"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
@@ -20,6 +19,7 @@
 	"gopkg.in/amz.v3/aws"
 	"gopkg.in/amz.v3/ec2"
 	"gopkg.in/amz.v3/s3"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/cloudconfig/providerinit"
@@ -32,14 +32,12 @@
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/tools"
 )
 
 const (
-	invalidParameterValue       = "InvalidParameterValue"
-	privateAddressLimitExceeded = "PrivateIpAddressLimitExceeded"
+	invalidParameterValue = "InvalidParameterValue"
 
 	// tagName is the AWS-specific tag key that populates resources'
 	// name columns in the console.
@@ -77,19 +75,6 @@
 
 	availabilityZonesMutex sync.Mutex
 	availabilityZones      []common.AvailabilityZone
-
-	allocationMutex     sync.Mutex
-	allocationSupported *bool
-}
-
-// AssignPrivateIPAddress is a wrapper around ec2Inst.AssignPrivateIPAddresses.
-var AssignPrivateIPAddress = assignPrivateIPAddress
-
-// assignPrivateIPAddress should not be called directly so tests can patch it (use
-// AssignPrivateIPAddress).
-func assignPrivateIPAddress(ec2Inst *ec2.EC2, netId string, addr network.Address) error {
-	_, err := ec2Inst.AssignPrivateIPAddresses(netId, []string{addr.Value}, 0, false)
-	return err
 }
 
 func (e *environ) Config() *config.Config {
@@ -178,32 +163,6 @@
 	return false, nil
 }
 
-// SupportsAddressAllocation is specified on environs.Networking.
-func (e *environ) SupportsAddressAllocation(_ network.Id) (bool, error) {
-	e.allocationMutex.Lock()
-	defer e.allocationMutex.Unlock()
-
-	if e.allocationSupported == nil {
-		var notSupported bool
-		e.allocationSupported = &notSupported
-
-		if environs.AddressAllocationEnabled(provider.EC2) {
-			defaultVPCID, err := findDefaultVPCID(e.ec2())
-			if err == nil {
-				logger.Infof("legacy address allocation supported with default VPC %q", defaultVPCID)
-				*e.allocationSupported = true
-			} else if errors.IsNotFound(err) {
-				logger.Infof("legacy address allocation not supported without a default VPC")
-			}
-		}
-	}
-
-	if *e.allocationSupported {
-		return true, nil
-	}
-	return false, errors.NotSupportedf("address allocation")
-}
-
 var unsupportedConstraints = []string{
 	constraints.Tags,
 	// TODO(anastasiamac 2016-03-16) LP#1557874
@@ -406,6 +365,9 @@
 
 // StartInstance is specified in the InstanceBroker interface.
 func (e *environ) StartInstance(args environs.StartInstanceParams) (_ *environs.StartInstanceResult, resultErr error) {
+	if args.ControllerUUID == "" {
+		return nil, errors.New("missing controller UUID")
+	}
 	var inst *ec2Instance
 	defer func() {
 		if resultErr == nil || inst == nil {
@@ -471,7 +433,7 @@
 	}
 
 	if spec.InstanceType.Deprecated {
-		logger.Warningf("deprecated instance type specified: %s", spec.InstanceType.Name)
+		logger.Infof("deprecated instance type specified: %s", spec.InstanceType.Name)
 	}
 
 	if err := args.InstanceConfig.SetTools(tools); err != nil {
@@ -486,8 +448,13 @@
 		return nil, errors.Annotate(err, "cannot make user data")
 	}
 	logger.Debugf("ec2 user data; %d bytes", len(userData))
-	cfg := e.Config()
-	groups, err := e.setUpGroups(args.InstanceConfig.MachineId, cfg.APIPort())
+	var apiPort int
+	if args.InstanceConfig.Controller != nil {
+		apiPort = args.InstanceConfig.Controller.Config.APIPort()
+	} else {
+		apiPort = args.InstanceConfig.APIInfo.Ports()[0]
+	}
+	groups, err := e.setUpGroups(args.ControllerUUID, args.InstanceConfig.MachineId, apiPort)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot set up groups")
 	}
@@ -519,15 +486,17 @@
 		ImageId:             spec.Image.Id,
 	}
 
+	haveVPCID := isVPCIDSet(e.ecfg().vpcID())
+
 	for _, zone := range availabilityZones {
 		runArgs := commonRunArgs
 		runArgs.AvailZone = zone
 
 		var subnetIDsForZone []string
 		var subnetErr error
-		if e.ecfg().vpcID() != "" && !args.Constraints.HaveSpaces() {
+		if haveVPCID && !args.Constraints.HaveSpaces() {
 			subnetIDsForZone, subnetErr = getVPCSubnetIDsForAvailabilityZone(e.ec2(), e.ecfg().vpcID(), zone)
-		} else if e.ecfg().vpcID() == "" && args.Constraints.HaveSpaces() {
+		} else if !haveVPCID && args.Constraints.HaveSpaces() {
 			subnetIDsForZone, subnetErr = findSubnetIDsForAvailabilityZone(zone, args.SubnetsToZones)
 		}
 
@@ -572,9 +541,14 @@
 		e:        e,
 		Instance: &instResp.Instances[0],
 	}
-	instAZ, instSubnet := inst.Instance.AvailZone, inst.Instance.SubnetId
-	chosenVPCID := e.ecfg().vpcID()
-	logger.Infof("started instance %q in AZ %q, subnet %q, VPC %q", inst.Id(), instAZ, instSubnet, chosenVPCID)
+	instAZ := inst.Instance.AvailZone
+	if haveVPCID {
+		instVPC := e.ecfg().vpcID()
+		instSubnet := inst.Instance.SubnetId
+		logger.Infof("started instance %q in AZ %q, subnet %q, VPC %q", inst.Id(), instAZ, instSubnet, instVPC)
+	} else {
+		logger.Infof("started instance %q in AZ %q", inst.Id(), instAZ)
+	}
 
 	// Tag instance, for accounting and identification.
 	instanceName := resourceName(
@@ -587,9 +561,10 @@
 
 	// Tag the machine's root EBS volume, if it has one.
 	if inst.Instance.RootDeviceType == "ebs" {
+		cfg := e.Config()
 		tags := tags.ResourceTags(
 			names.NewModelTag(cfg.UUID()),
-			names.NewModelTag(cfg.ControllerUUID()),
+			names.NewModelTag(args.ControllerUUID),
 			cfg,
 		)
 		tags[tagName] = instanceName + "-root"
@@ -800,109 +775,6 @@
 	return nil
 }
 
-func (e *environ) fetchNetworkInterfaceId(ec2Inst *ec2.EC2, instId instance.Id) (string, error) {
-	var err error
-	var instancesResp *ec2.InstancesResp
-	for a := shortAttempt.Start(); a.Next(); {
-		instancesResp, err = ec2Inst.Instances([]string{string(instId)}, nil)
-		if err == nil {
-			break
-		}
-		logger.Tracef("Instances(%q) returned: %v", instId, err)
-	}
-	if err != nil {
-		// either the instance doesn't exist or we couldn't get through to
-		// the ec2 api
-		return "", err
-	}
-
-	if len(instancesResp.Reservations) == 0 {
-		return "", errors.New("unexpected AWS response: reservation not found")
-	}
-	if len(instancesResp.Reservations[0].Instances) == 0 {
-		return "", errors.New("unexpected AWS response: instance not found")
-	}
-	if len(instancesResp.Reservations[0].Instances[0].NetworkInterfaces) == 0 {
-		return "", errors.New("unexpected AWS response: network interface not found")
-	}
-	networkInterfaceId := instancesResp.Reservations[0].Instances[0].NetworkInterfaces[0].Id
-	return networkInterfaceId, nil
-}
-
-// AllocateAddress requests an address to be allocated for the given
-// instance on the given subnet. Implements NetworkingEnviron.AllocateAddress.
-func (e *environ) AllocateAddress(instId instance.Id, _ network.Id, addr *network.Address, _, _ string) (err error) {
-	if !environs.AddressAllocationEnabled(provider.EC2) {
-		return errors.NotSupportedf("address allocation")
-	}
-	if addr == nil || addr.Value == "" {
-		return errors.NewNotValid(nil, "invalid address: nil or empty")
-	}
-
-	defer errors.DeferredAnnotatef(&err, "failed to allocate address %q for instance %q", addr, instId)
-
-	var nicId string
-	ec2Inst := e.ec2()
-	nicId, err = e.fetchNetworkInterfaceId(ec2Inst, instId)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	for a := shortAttempt.Start(); a.Next(); {
-		err = AssignPrivateIPAddress(ec2Inst, nicId, *addr)
-		logger.Tracef("AssignPrivateIPAddresses(%v, %v) returned: %v", nicId, *addr, err)
-		if err == nil {
-			logger.Tracef("allocated address %v for instance %v, NIC %v", *addr, instId, nicId)
-			break
-		}
-		if ec2Err, ok := err.(*ec2.Error); ok {
-			if ec2Err.Code == invalidParameterValue {
-				// Note: this Code is also used if we specify
-				// an IP address outside the subnet. Take care!
-				logger.Tracef("address %q not available for allocation", *addr)
-				return environs.ErrIPAddressUnavailable
-			} else if ec2Err.Code == privateAddressLimitExceeded {
-				logger.Tracef("no more addresses available on the subnet")
-				return environs.ErrIPAddressesExhausted
-			}
-		}
-
-	}
-	return err
-}
-
-// ReleaseAddress releases a specific address previously allocated with
-// AllocateAddress. Implements NetworkingEnviron.ReleaseAddress.
-func (e *environ) ReleaseAddress(instId instance.Id, _ network.Id, addr network.Address, _, _ string) (err error) {
-	if !environs.AddressAllocationEnabled(provider.EC2) {
-		return errors.NotSupportedf("address allocation")
-	}
-
-	defer errors.DeferredAnnotatef(&err, "failed to release address %q from instance %q", addr, instId)
-
-	// If the instance ID is unknown the address has already been released
-	// and we can ignore this request.
-	if instId == instance.UnknownId {
-		logger.Debugf("release address %q with an unknown instance ID is a no-op (ignoring)", addr.Value)
-		return nil
-	}
-
-	var nicId string
-	ec2Inst := e.ec2()
-	nicId, err = e.fetchNetworkInterfaceId(ec2Inst, instId)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	for a := shortAttempt.Start(); a.Next(); {
-		_, err = ec2Inst.UnassignPrivateIPAddresses(nicId, []string{addr.Value})
-		logger.Tracef("UnassignPrivateIPAddresses(%q, %q) returned: %v", nicId, addr, err)
-		if err == nil {
-			logger.Tracef("released address %q from instance %q, NIC %q", addr, instId, nicId)
-			break
-		}
-	}
-	return err
-}
-
 // NetworkInterfaces implements NetworkingEnviron.NetworkInterfaces.
 func (e *environ) NetworkInterfaces(instId instance.Id) ([]network.InterfaceInfo, error) {
 	ec2Client := e.ec2()
@@ -915,7 +787,7 @@
 		networkInterfacesResp, err = ec2Client.NetworkInterfaces(nil, filter)
 		logger.Tracef("instance %q NICs: %#v (err: %v)", instId, networkInterfacesResp, err)
 		if err != nil {
-			logger.Warningf("failed to get instance %q interfaces: %v (retrying)", instId, err)
+			logger.Errorf("failed to get instance %q interfaces: %v (retrying)", instId, err)
 			continue
 		}
 		if len(networkInterfacesResp.Interfaces) == 0 {
@@ -964,34 +836,15 @@
 }
 
 func makeSubnetInfo(cidr string, subnetId network.Id, availZones []string) (network.SubnetInfo, error) {
-	ip, ipnet, err := net.ParseCIDR(cidr)
+	_, _, err := net.ParseCIDR(cidr)
 	if err != nil {
-		logger.Warningf("skipping subnet %q, invalid CIDR: %v", cidr, err)
-		return network.SubnetInfo{}, err
+		return network.SubnetInfo{}, errors.Annotatef(err, "skipping subnet %q, invalid CIDR", cidr)
 	}
-	// ec2 only uses IPv4 addresses for subnets
-	start, err := network.IPv4ToDecimal(ip)
-	if err != nil {
-		logger.Warningf("skipping subnet %q, invalid IP: %v", cidr, err)
-		return network.SubnetInfo{}, err
-	}
-	// First four addresses in a subnet are reserved, see
-	// http://goo.gl/rrWTIo
-	allocatableLow := network.DecimalToIPv4(start + 4)
-
-	ones, bits := ipnet.Mask.Size()
-	zeros := bits - ones
-	numIPs := uint32(1) << uint32(zeros)
-	highIP := start + numIPs - 1
-	// The last address in a subnet is also reserved (see same ref).
-	allocatableHigh := network.DecimalToIPv4(highIP - 1)
 
 	info := network.SubnetInfo{
 		CIDR:              cidr,
 		ProviderId:        subnetId,
 		VLANTag:           0, // Not supported on EC2
-		AllocatableIPLow:  allocatableLow,
-		AllocatableIPHigh: allocatableHigh,
 		AvailabilityZones: availZones,
 	}
 	logger.Tracef("found subnet with info %#v", info)
@@ -1083,15 +936,6 @@
 	return results, nil
 }
 
-func getTagByKey(key string, ec2Tags []ec2.Tag) (string, bool) {
-	for _, tag := range ec2Tags {
-		if tag.Key == key {
-			return tag.Value, true
-		}
-	}
-	return "", false
-}
-
 // AllInstances is part of the environs.InstanceBroker interface.
 func (e *environ) AllInstances() ([]instance.Instance, error) {
 	return e.AllInstancesByState("pending", "running")
@@ -1135,11 +979,11 @@
 }
 
 // ControllerInstances is part of the environs.Environ interface.
-func (e *environ) ControllerInstances() ([]instance.Id, error) {
+func (e *environ) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
 	filter := ec2.NewFilter()
 	filter.Add("instance-state-name", aliveInstanceStates...)
 	filter.Add(fmt.Sprintf("tag:%s", tags.JujuIsController), "true")
-	e.addModelFilter(filter)
+	e.addControllerFilter(filter, controllerUUID)
 	ids, err := e.allInstanceIDs(filter)
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -1155,10 +999,10 @@
 //
 // Note that this requires that all instances are tagged; we cannot filter on
 // security groups, as we do not know the names of the models.
-func (e *environ) allControllerManagedInstances() ([]instance.Id, error) {
+func (e *environ) allControllerManagedInstances(controllerUUID string) ([]instance.Id, error) {
 	filter := ec2.NewFilter()
 	filter.Add("instance-state-name", aliveInstanceStates...)
-	e.addControllerFilter(filter)
+	e.addControllerFilter(filter, controllerUUID)
 	return e.allInstanceIDs(filter)
 }
 
@@ -1192,15 +1036,6 @@
 
 // Destroy is part of the environs.Environ interface.
 func (e *environ) Destroy() error {
-	cfg := e.Config()
-	if cfg.UUID() == cfg.ControllerUUID() {
-		// In case any hosted environment hasn't been cleaned up yet,
-		// we also attempt to delete their resources when the controller
-		// environment is destroyed.
-		if err := e.destroyControllerManagedEnvirons(); err != nil {
-			return errors.Annotate(err, "destroying managed environs")
-		}
-	}
 	if err := common.Destroy(e); err != nil {
 		return errors.Trace(err)
 	}
@@ -1210,12 +1045,23 @@
 	return nil
 }
 
+// DestroyController implements the Environ interface.
+func (e *environ) DestroyController(controllerUUID string) error {
+	// In case any hosted environment hasn't been cleaned up yet,
+	// we also attempt to delete their resources when the controller
+	// environment is destroyed.
+	if err := e.destroyControllerManagedEnvirons(controllerUUID); err != nil {
+		return errors.Annotate(err, "destroying managed environs")
+	}
+	return e.Destroy()
+}
+
 // destroyControllerManagedEnvirons destroys all environments managed by this
 // environment's controller.
-func (e *environ) destroyControllerManagedEnvirons() error {
+func (e *environ) destroyControllerManagedEnvirons(controllerUUID string) error {
 
 	// Terminate all instances managed by the controller.
-	instIds, err := e.allControllerManagedInstances()
+	instIds, err := e.allControllerManagedInstances(controllerUUID)
 	if err != nil {
 		return errors.Annotate(err, "listing instances")
 	}
@@ -1224,7 +1070,7 @@
 	}
 
 	// Delete all volumes managed by the controller.
-	volIds, err := e.allControllerManagedVolumes()
+	volIds, err := e.allControllerManagedVolumes(controllerUUID)
 	if err != nil {
 		return errors.Annotate(err, "listing volumes")
 	}
@@ -1237,7 +1083,7 @@
 	}
 
 	// Delete security groups managed by the controller.
-	groups, err := e.controllerSecurityGroups()
+	groups, err := e.controllerSecurityGroups(controllerUUID)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -1252,9 +1098,9 @@
 	return nil
 }
 
-func (e *environ) allControllerManagedVolumes() ([]string, error) {
+func (e *environ) allControllerManagedVolumes(controllerUUID string) ([]string, error) {
 	filter := ec2.NewFilter()
-	e.addControllerFilter(filter)
+	e.addControllerFilter(filter, controllerUUID)
 	return listVolumes(e.ec2(), filter)
 }
 
@@ -1329,7 +1175,7 @@
 	}
 	for _, p := range group.IPPerms {
 		if len(p.SourceIPs) != 1 {
-			logger.Warningf("unexpected IP permission found: %v", p)
+			logger.Errorf("expected exactly one IP permission, found: %v", p)
 			continue
 		}
 		ports = append(ports, network.PortRange{
@@ -1344,11 +1190,10 @@
 
 func (e *environ) OpenPorts(ports []network.PortRange) error {
 	if e.Config().FirewallMode() != config.FwGlobal {
-		return fmt.Errorf("invalid firewall mode %q for opening ports on model",
-			e.Config().FirewallMode())
+		return errors.Errorf("invalid firewall mode %q for opening ports on model", e.Config().FirewallMode())
 	}
 	if err := e.openPortsInGroup(e.globalGroupName(), ports); err != nil {
-		return err
+		return errors.Trace(err)
 	}
 	logger.Infof("opened ports in global group: %v", ports)
 	return nil
@@ -1356,11 +1201,10 @@
 
 func (e *environ) ClosePorts(ports []network.PortRange) error {
 	if e.Config().FirewallMode() != config.FwGlobal {
-		return fmt.Errorf("invalid firewall mode %q for closing ports on model",
-			e.Config().FirewallMode())
+		return errors.Errorf("invalid firewall mode %q for closing ports on model", e.Config().FirewallMode())
 	}
 	if err := e.closePortsInGroup(e.globalGroupName(), ports); err != nil {
-		return err
+		return errors.Trace(err)
 	}
 	logger.Infof("closed ports in global group: %v", ports)
 	return nil
@@ -1368,8 +1212,7 @@
 
 func (e *environ) Ports() ([]network.PortRange, error) {
 	if e.Config().FirewallMode() != config.FwGlobal {
-		return nil, fmt.Errorf("invalid firewall mode %q for retrieving ports from model",
-			e.Config().FirewallMode())
+		return nil, errors.Errorf("invalid firewall mode %q for retrieving ports from model", e.Config().FirewallMode())
 	}
 	return e.portsInGroup(e.globalGroupName())
 }
@@ -1407,9 +1250,9 @@
 
 // controllerSecurityGroups returns the details of all security groups managed
 // by the environment's controller.
-func (e *environ) controllerSecurityGroups() ([]ec2.SecurityGroup, error) {
+func (e *environ) controllerSecurityGroups(controllerUUID string) ([]ec2.SecurityGroup, error) {
 	filter := ec2.NewFilter()
-	e.addControllerFilter(filter)
+	e.addControllerFilter(filter, controllerUUID)
 	resp, err := e.ec2().SecurityGroups(nil, filter)
 	if err != nil {
 		return nil, errors.Annotate(err, "listing security groups")
@@ -1507,7 +1350,8 @@
 	// instances that have been successfully terminated.
 	securityGroups, err := e.instanceSecurityGroups(ids, "shutting-down", "terminated")
 	if err != nil {
-		logger.Warningf("cannot determine security groups to delete: %v", err)
+		logger.Errorf("cannot determine security groups to delete: %v", err)
+		return
 	}
 
 	// TODO(perrito666) we need to tag global security groups to be able
@@ -1529,7 +1373,7 @@
 			// In this case, our failure to delete security group is reasonable: it's still in use.
 			// 2. Some security groups may be shared by multiple instances,
 			// for example, global firewalling. We should not delete these.
-			logger.Warningf("provider failure: %v", err)
+			logger.Errorf("provider failure: %v", err)
 		}
 	}
 }
@@ -1563,8 +1407,7 @@
 		},
 	})
 	if err != nil {
-		logger.Warningf("cannot delete security group %q: consider deleting it manually", group.Name)
-		return lastErr
+		return errors.Annotatef(lastErr, "cannot delete security group %q: consider deleting it manually", group.Name)
 	}
 	return nil
 }
@@ -1573,8 +1416,8 @@
 	f.Add(fmt.Sprintf("tag:%s", tags.JujuModel), e.uuid())
 }
 
-func (e *environ) addControllerFilter(f *ec2.Filter) {
-	f.Add(fmt.Sprintf("tag:%s", tags.JujuController), e.Config().ControllerUUID())
+func (e *environ) addControllerFilter(f *ec2.Filter, controllerUUID string) {
+	f.Add(fmt.Sprintf("tag:%s", tags.JujuController), controllerUUID)
 }
 
 func (e *environ) uuid() string {
@@ -1600,10 +1443,10 @@
 // other instances that might be running on the same EC2 account.  In
 // addition, a specific machine security group is created for each
 // machine, so that its firewall rules can be configured per machine.
-func (e *environ) setUpGroups(machineId string, apiPort int) ([]ec2.SecurityGroup, error) {
+func (e *environ) setUpGroups(controllerUUID, machineId string, apiPort int) ([]ec2.SecurityGroup, error) {
 
 	// Ensure there's a global group for Juju-related traffic.
-	jujuGroup, err := e.ensureGroup(e.jujuGroupName(),
+	jujuGroup, err := e.ensureGroup(controllerUUID, e.jujuGroupName(),
 		[]ec2.IPPerm{{
 			Protocol:  "tcp",
 			FromPort:  22,
@@ -1635,9 +1478,9 @@
 	var machineGroup ec2.SecurityGroup
 	switch e.Config().FirewallMode() {
 	case config.FwInstance:
-		machineGroup, err = e.ensureGroup(e.machineGroupName(machineId), nil)
+		machineGroup, err = e.ensureGroup(controllerUUID, e.machineGroupName(machineId), nil)
 	case config.FwGlobal:
-		machineGroup, err = e.ensureGroup(e.globalGroupName(), nil)
+		machineGroup, err = e.ensureGroup(controllerUUID, e.globalGroupName(), nil)
 	}
 	if err != nil {
 		return nil, err
@@ -1652,25 +1495,19 @@
 // groupName or with filter by vpc-id and group-name, depending on whether
 // vpc-id is empty or not.
 func (e *environ) securityGroupsByNameOrID(groupName string) (*ec2.SecurityGroupsResp, error) {
-	var (
-		filter *ec2.Filter
-		groups []ec2.SecurityGroup
-	)
-
-	chosenVPCID := e.ecfg().vpcID()
-	if chosenVPCID != "" {
+	if chosenVPCID := e.ecfg().vpcID(); isVPCIDSet(chosenVPCID) {
 		// AWS VPC API requires both of these filters (and no
 		// group names/ids set) for non-default EC2-VPC groups:
-		filter = ec2.NewFilter()
+		filter := ec2.NewFilter()
 		filter.Add("vpc-id", chosenVPCID)
 		filter.Add("group-name", groupName)
-	} else {
-		// EC2-Classic or EC2-VPC with implicit default VPC need to use the
-		// GroupName.X arguments instead of the filters.
-		groups = ec2.SecurityGroupNames(groupName)
+		return e.ec2().SecurityGroups(nil, filter)
 	}
 
-	return e.ec2().SecurityGroups(groups, filter)
+	// EC2-Classic or EC2-VPC with implicit default VPC need to use the
+	// GroupName.X arguments instead of the filters.
+	groups := ec2.SecurityGroupNames(groupName)
+	return e.ec2().SecurityGroups(groups, nil)
 }
 
 // ensureGroup returns the security group with name and perms.
@@ -1678,14 +1515,19 @@
 // If it exists, its permissions are set to perms.
 // Any entries in perms without SourceIPs will be granted for
 // the named group only.
-func (e *environ) ensureGroup(name string, perms []ec2.IPPerm) (g ec2.SecurityGroup, err error) {
-	// Specify explicit VPC ID if needed (not for default VPC).
+func (e *environ) ensureGroup(controllerUUID, name string, perms []ec2.IPPerm) (g ec2.SecurityGroup, err error) {
+	// Specify explicit VPC ID if needed (not for default VPC or EC2-classic).
 	chosenVPCID := e.ecfg().vpcID()
+	inVPCLogSuffix := fmt.Sprintf(" (in VPC %q)", chosenVPCID)
+	if !isVPCIDSet(chosenVPCID) {
+		chosenVPCID = ""
+		inVPCLogSuffix = ""
+	}
 
 	ec2inst := e.ec2()
 	resp, err := ec2inst.CreateSecurityGroup(chosenVPCID, name, "juju group")
 	if err != nil && ec2ErrCode(err) != "InvalidGroup.Duplicate" {
-		err = errors.Annotatef(err, "creating security group %q (in VPC %q)", name, chosenVPCID)
+		err = errors.Annotatef(err, "creating security group %q%s", name, inVPCLogSuffix)
 		return zeroGroup, err
 	}
 
@@ -1696,21 +1538,21 @@
 		cfg := e.Config()
 		tags := tags.ResourceTags(
 			names.NewModelTag(cfg.UUID()),
-			names.NewModelTag(cfg.ControllerUUID()),
+			names.NewModelTag(controllerUUID),
 			cfg,
 		)
 		if err := tagResources(ec2inst, tags, g.Id); err != nil {
 			return g, errors.Annotate(err, "tagging security group")
 		}
-		logger.Debugf("created security group %q in VPC %q with ID %q", name, chosenVPCID, g.Id)
+		logger.Debugf("created security group %q with ID %q%s", name, g.Id, inVPCLogSuffix)
 	} else {
 		resp, err := e.securityGroupsByNameOrID(name)
 		if err != nil {
-			err = errors.Annotatef(err, "fetching security group %q (in VPC %q)", name, chosenVPCID)
+			err = errors.Annotatef(err, "fetching security group %q%s", name, inVPCLogSuffix)
 			return zeroGroup, err
 		}
 		if len(resp.Groups) == 0 {
-			return zeroGroup, errors.NotFoundf("security group %q in VPC %q", name, chosenVPCID)
+			return zeroGroup, errors.NotFoundf("security group %q%s", name, inVPCLogSuffix)
 		}
 		info := resp.Groups[0]
 		// It's possible that the old group has the wrong
@@ -1731,7 +1573,7 @@
 	if len(revoke) > 0 {
 		_, err := ec2inst.RevokeSecurityGroup(g, revoke.ipPerms())
 		if err != nil {
-			err = errors.Annotatef(err, "revoking security group %q (in VPC %q)", g.Id, chosenVPCID)
+			err = errors.Annotatef(err, "revoking security group %q%s", g.Id, inVPCLogSuffix)
 			return zeroGroup, err
 		}
 	}
@@ -1745,7 +1587,7 @@
 	if len(add) > 0 {
 		_, err := ec2inst.AuthorizeSecurityGroup(g, add.ipPerms())
 		if err != nil {
-			err = errors.Annotatef(err, "authorizing security group %q (in VPC %q)", g.Id, chosenVPCID)
+			err = errors.Annotatef(err, "authorizing security group %q%s", g.Id, inVPCLogSuffix)
 			return zeroGroup, err
 		}
 	}
@@ -1870,6 +1712,6 @@
 	return ec2err.Code
 }
 
-func (e *environ) AllocateContainerAddresses(hostInstanceID instance.Id, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
+func (e *environ) AllocateContainerAddresses(hostInstanceID instance.Id, containerTag names.MachineTag, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
 	return nil, errors.NotSupportedf("container address allocation")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/environ_vpc.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/environ_vpc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/environ_vpc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/environ_vpc.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,13 @@
 
 import (
 	"fmt"
+	"strings"
 
 	"github.com/juju/errors"
 	"github.com/juju/utils/set"
 	"gopkg.in/amz.v3/ec2"
 
+	"github.com/juju/juju/environs"
 	"github.com/juju/juju/network"
 )
 
@@ -18,17 +20,24 @@
 	availableState        = "available"
 	localRouteGatewayID   = "local"
 	defaultRouteCIDRBlock = "0.0.0.0/0"
-	defaultVPCIDNone      = "none"
+	vpcIDNone             = "none"
 )
 
 var (
-	vpcNotUsableErrorPrefix = `
+	vpcNotUsableForBootstrapErrorPrefix = `
 Juju cannot use the given vpc-id for bootstrapping a controller
 instance. Please, double check the given VPC ID is correct, and that
 the VPC contains at least one subnet.
 
 Error details`[1:]
 
+	vpcNotUsableForModelErrorPrefix = `
+Juju cannot use the given vpc-id for the model being added.
+Please double check the given VPC ID is correct, and that
+the VPC contains at least one subnet.
+
+Error details`[1:]
+
 	vpcNotRecommendedErrorPrefix = `
 The given vpc-id does not meet one or more of the following minimum
 Juju requirements:
@@ -279,7 +288,15 @@
 
 func findFirstPublicSubnet(subnets []ec2.Subnet) (*ec2.Subnet, error) {
 	for _, subnet := range subnets {
-		if subnet.MapPublicIPOnLaunch {
+		// TODO(dimitern): goamz's AddDefaultVPCAndSubnets() does not set
+		// MapPublicIPOnLaunch only DefaultForAZ, but in reality the former is
+		// always set when the latter is. Until this is fixed in goamz, we check
+		// for both below to allow testing the behavior.
+		if subnet.MapPublicIPOnLaunch || subnet.DefaultForAZ {
+			logger.Debugf(
+				"VPC %q subnet %q has MapPublicIPOnLaunch=%v, DefaultForAZ=%v",
+				subnet.VPCId, subnet.Id, subnet.MapPublicIPOnLaunch, subnet.DefaultForAZ,
+			)
 			return &subnet, nil
 		}
 
@@ -412,7 +429,7 @@
 	}
 
 	firstAttributeValue := response.Attributes[0].Values[0]
-	if firstAttributeValue == defaultVPCIDNone {
+	if firstAttributeValue == vpcIDNone {
 		return "", errors.NotFoundf("default VPC")
 	}
 
@@ -465,3 +482,66 @@
 
 	return matchingSubnetIDs.SortedValues(), nil
 }
+
+func isVPCIDSetButInvalid(vpcID string) bool {
+	return isVPCIDSet(vpcID) && !strings.HasPrefix(vpcID, "vpc-")
+}
+
+func isVPCIDSet(vpcID string) bool {
+	return vpcID != "" && vpcID != vpcIDNone
+}
+
+func validateBootstrapVPC(apiClient vpcAPIClient, region, vpcID string, forceVPCID bool, ctx environs.BootstrapContext) error {
+	if vpcID == vpcIDNone {
+		ctx.Infof("Using EC2-classic features or default VPC in region %q", region)
+	}
+	if !isVPCIDSet(vpcID) {
+		return nil
+	}
+
+	err := validateVPC(apiClient, vpcID)
+	switch {
+	case isVPCNotUsableError(err):
+		// VPC missing or has no subnets at all.
+		return errors.Annotate(err, vpcNotUsableForBootstrapErrorPrefix)
+	case isVPCNotRecommendedError(err):
+		// VPC does not meet minumum validation criteria.
+		if !forceVPCID {
+			return errors.Annotatef(err, vpcNotRecommendedErrorPrefix, vpcID)
+		}
+		ctx.Infof(vpcNotRecommendedButForcedWarning)
+	case err != nil:
+		// Anything else unexpected while validating the VPC.
+		return errors.Annotate(err, cannotValidateVPCErrorPrefix)
+	}
+
+	ctx.Infof("Using VPC %q in region %q", vpcID, region)
+
+	return nil
+}
+
+func validateModelVPC(apiClient vpcAPIClient, modelName, vpcID string) error {
+	if !isVPCIDSet(vpcID) {
+		return nil
+	}
+
+	err := validateVPC(apiClient, vpcID)
+	switch {
+	case isVPCNotUsableError(err):
+		// VPC missing or has no subnets at all.
+		return errors.Annotate(err, vpcNotUsableForModelErrorPrefix)
+	case isVPCNotRecommendedError(err):
+		// VPC does not meet minumum validation criteria, but that's less
+		// important for hosted models, as the controller is already accessible.
+		logger.Infof(
+			"Juju will use, but does not recommend using VPC %q: %v",
+			vpcID, err.Error(),
+		)
+	case err != nil:
+		// Anything else unexpected while validating the VPC.
+		return errors.Annotate(err, cannotValidateVPCErrorPrefix)
+	}
+	logger.Infof("Using VPC %q for model %q", vpcID, modelName)
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/environ_vpc_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/environ_vpc_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/environ_vpc_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/environ_vpc_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,6 +12,7 @@
 	"gopkg.in/amz.v3/ec2"
 	gc "gopkg.in/check.v1"
 
+	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/network"
 )
 
@@ -29,6 +30,51 @@
 	s.stubAPI = &stubVPCAPIClient{Stub: &testing.Stub{}}
 }
 
+func (s *vpcSuite) TestValidateBootstrapVPCUnexpectedError(c *gc.C) {
+	s.stubAPI.SetErrors(errors.New("AWS failed!"))
+
+	err := validateBootstrapVPC(s.stubAPI, "region", anyVPCID, false, envtesting.BootstrapContext(c))
+	s.checkErrorMatchesCannotVerifyVPC(c, err)
+
+	s.stubAPI.CheckCallNames(c, "VPCs")
+}
+
+func (*vpcSuite) checkErrorMatchesCannotVerifyVPC(c *gc.C, err error) {
+	expectedError := `Juju could not verify whether the given vpc-id(.|\n)*AWS failed!`
+	c.Check(err, gc.ErrorMatches, expectedError)
+}
+
+func (s *vpcSuite) TestValidateModelVPCUnexpectedError(c *gc.C) {
+	s.stubAPI.SetErrors(errors.New("AWS failed!"))
+
+	err := validateModelVPC(s.stubAPI, "model", anyVPCID)
+	s.checkErrorMatchesCannotVerifyVPC(c, err)
+
+	s.stubAPI.CheckCallNames(c, "VPCs")
+}
+
+func (s *vpcSuite) TestValidateModelVPCNotUsableError(c *gc.C) {
+	s.stubAPI.SetErrors(makeVPCNotFoundError("foo"))
+
+	err := validateModelVPC(s.stubAPI, "model", "foo")
+	expectedError := `Juju cannot use the given vpc-id for the model being added(.|\n)*vpc ID 'foo' does not exist.*`
+	c.Check(err, gc.ErrorMatches, expectedError)
+	c.Check(err, jc.Satisfies, isVPCNotUsableError)
+
+	s.stubAPI.CheckCallNames(c, "VPCs")
+}
+
+func (s *vpcSuite) TestValidateModelVPCIDNotSetOrNone(c *gc.C) {
+	const emptyVPCID = ""
+	err := validateModelVPC(s.stubAPI, "model", emptyVPCID)
+	c.Check(err, jc.ErrorIsNil)
+
+	err = validateModelVPC(s.stubAPI, "model", vpcIDNone)
+	c.Check(err, jc.ErrorIsNil)
+
+	s.stubAPI.CheckNoCalls(c)
+}
+
 // NOTE: validateVPC tests only verify expected error types for all code paths,
 // but do not check passed API arguments or exact error messages, as those are
 // extensively tested separately below.
@@ -123,6 +169,30 @@
 	s.stubAPI.CheckCallNames(c, "VPCs", "Subnets", "InternetGateways", "RouteTables")
 }
 
+func (s *vpcSuite) TestValidateModelVPCSuccess(c *gc.C) {
+	s.stubAPI.PrepareValidateVPCResponses()
+
+	err := validateModelVPC(s.stubAPI, "model", anyVPCID)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stubAPI.CheckCallNames(c, "VPCs", "Subnets", "InternetGateways", "RouteTables")
+	c.Check(c.GetTestLog(), jc.Contains, `INFO juju.provider.ec2 Using VPC "vpc-anything" for model "model"`)
+}
+
+func (s *vpcSuite) TestValidateModelVPCNotRecommendedStillOK(c *gc.C) {
+	s.stubAPI.PrepareValidateVPCResponses()
+	s.stubAPI.SetSubnetsResponse(1, anyZone, noPublicIPOnLaunch)
+
+	err := validateModelVPC(s.stubAPI, "model", anyVPCID)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stubAPI.CheckCallNames(c, "VPCs", "Subnets")
+	testLog := c.GetTestLog()
+	c.Check(testLog, jc.Contains, `INFO juju.provider.ec2 Juju will use, but does not recommend `+
+		`using VPC "vpc-anything": VPC contains no public subnets`)
+	c.Check(testLog, jc.Contains, `INFO juju.provider.ec2 Using VPC "vpc-anything" for model "model"`)
+}
+
 func (s *vpcSuite) TestGetVPCByIDWithMissingID(c *gc.C) {
 	s.stubAPI.SetErrors(makeVPCNotFoundError("foo"))
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -57,8 +57,12 @@
 	RunInstances                = &runInstances
 	BlockDeviceNamer            = blockDeviceNamer
 	GetBlockDeviceMappings      = getBlockDeviceMappings
+	IsVPCNotUsableError         = isVPCNotUsableError
+	IsVPCNotRecommendedError    = isVPCNotRecommendedError
 )
 
+const VPCIDNone = vpcIDNone
+
 // BucketStorage returns a storage instance addressing
 // an arbitrary s3 bucket.
 func BucketStorage(b *s3.Bucket) storage.Storage {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/image_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/image_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/image_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/image_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
 	imagetesting "github.com/juju/juju/environs/imagemetadata/testing"
 	"github.com/juju/juju/environs/instances"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/testing"
 )
 
@@ -32,7 +32,7 @@
 
 	imagetesting.PatchOfficialDataSources(&s.CleanupSuite, "test:")
 	s.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 
 	UseTestImageData(c, TestImagesData)
 	UseTestInstanceTypeData(TestInstanceTypeCosts)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/live_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/live_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/live_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/live_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -101,7 +101,7 @@
 
 func (t *LiveTests) TestInstanceAttributes(c *gc.C) {
 	t.PrepareOnce(c)
-	inst, hc := testing.AssertStartInstance(c, t.Env, "30")
+	inst, hc := testing.AssertStartInstance(c, t.Env, t.ControllerUUID, "30")
 	defer t.Env.StopInstances(inst.Id())
 	// Sanity check for hardware characteristics.
 	c.Assert(hc.Arch, gc.NotNil)
@@ -126,7 +126,7 @@
 func (t *LiveTests) TestStartInstanceConstraints(c *gc.C) {
 	t.PrepareOnce(c)
 	cons := constraints.MustParse("mem=4G")
-	inst, hc := testing.AssertStartInstanceWithConstraints(c, t.Env, "30", cons)
+	inst, hc := testing.AssertStartInstanceWithConstraints(c, t.Env, t.ControllerUUID, "30", cons)
 	defer t.Env.StopInstances(inst.Id())
 	ec2inst := ec2.InstanceEC2(inst)
 	c.Assert(ec2inst.InstanceType, gc.Equals, "m3.large")
@@ -144,13 +144,13 @@
 	c.Assert(allInsts, gc.HasLen, 1) // bootstrap instance
 	bootstrapInstId := allInsts[0].Id()
 
-	inst0, _ := testing.AssertStartInstance(c, t.Env, "98")
+	inst0, _ := testing.AssertStartInstance(c, t.Env, t.ControllerUUID, "98")
 	defer t.Env.StopInstances(inst0.Id())
 
-	inst1, _ := testing.AssertStartInstance(c, t.Env, "99")
+	inst1, _ := testing.AssertStartInstance(c, t.Env, t.ControllerUUID, "99")
 	defer t.Env.StopInstances(inst1.Id())
 
-	insts, err := t.Env.ControllerInstances()
+	insts, err := t.Env.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(insts, gc.DeepEquals, []instance.Id{bootstrapInstId})
 }
@@ -196,14 +196,14 @@
 		})
 	c.Assert(err, jc.ErrorIsNil)
 
-	inst0, _ := testing.AssertStartInstance(c, t.Env, "98")
+	inst0, _ := testing.AssertStartControllerInstance(c, t.Env, t.ControllerUUID, "98")
 	defer t.Env.StopInstances(inst0.Id())
 
 	// Create a same-named group for the second instance
 	// before starting it, to check that it's reused correctly.
 	oldMachineGroup := createGroup(c, ec2conn, groups[2].Name, "old machine group")
 
-	inst1, _ := testing.AssertStartInstance(c, t.Env, "99")
+	inst1, _ := testing.AssertStartControllerInstance(c, t.Env, t.ControllerUUID, "99")
 	defer t.Env.StopInstances(inst1.Id())
 
 	groupsResp, err := ec2conn.SecurityGroups(groups, nil)
@@ -236,7 +236,7 @@
 	perms := info[0].IPPerms
 	c.Assert(perms, gc.HasLen, 5)
 	checkPortAllowed(c, perms, 22) // SSH
-	checkPortAllowed(c, perms, coretesting.FakeConfig()["api-port"].(int))
+	checkPortAllowed(c, perms, coretesting.FakeControllerConfig().APIPort())
 	checkSecurityGroupAllowed(c, perms, groups[0])
 
 	// The old machine group should have been reused also.
@@ -336,9 +336,9 @@
 	// It would be nice if this test was in jujutest, but
 	// there's no way for jujutest to fabricate a valid-looking
 	// instance id.
-	inst0, _ := testing.AssertStartInstance(c, t.Env, "40")
+	inst0, _ := testing.AssertStartInstance(c, t.Env, t.ControllerUUID, "40")
 	inst1 := ec2.FabricateInstance(inst0, "i-aaaaaaaa")
-	inst2, _ := testing.AssertStartInstance(c, t.Env, "41")
+	inst2, _ := testing.AssertStartInstance(c, t.Env, t.ControllerUUID, "41")
 
 	err := t.Env.StopInstances(inst0.Id(), inst1.Id(), inst2.Id())
 	c.Check(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/local_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/local_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/local_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/local_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,14 +5,12 @@
 
 import (
 	"fmt"
-	"net"
 	"regexp"
 	"sort"
 	"strconv"
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
@@ -25,6 +23,7 @@
 	"gopkg.in/amz.v3/ec2/ec2test"
 	"gopkg.in/amz.v3/s3/s3test"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/cloud"
@@ -39,9 +38,8 @@
 	"github.com/juju/juju/environs/tags"
 	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/network"
@@ -102,6 +100,7 @@
 	t.restoreEC2Patching = patchEC2ForTesting(c)
 	imagetesting.PatchOfficialDataSources(&t.BaseSuite.CleanupSuite, "test:")
 	t.BaseSuite.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
+	t.BaseSuite.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	t.BaseSuite.PatchValue(ec2.DeleteSecurityGroupInsistently, deleteSecurityGroupForTestFunc)
 	t.srv.createRootDisks = true
 	t.srv.startServer(c)
@@ -227,7 +226,7 @@
 	t.restoreEC2Patching = patchEC2ForTesting(c)
 	imagetesting.PatchOfficialDataSources(&t.BaseSuite.CleanupSuite, "test:")
 	t.BaseSuite.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
-	t.BaseSuite.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	t.BaseSuite.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	t.BaseSuite.PatchValue(&jujuversion.Current, coretesting.FakeVersionNumber)
 	t.BaseSuite.PatchValue(&arch.HostArch, func() string { return arch.AMD64 })
 	t.BaseSuite.PatchValue(&series.HostSeries, func() string { return series.LatestLts() })
@@ -249,7 +248,6 @@
 
 func (t *localServerSuite) SetUpTest(c *gc.C) {
 	t.BaseSuite.SetUpTest(c)
-	t.SetFeatureFlags(feature.AddressAllocation)
 	t.srv.startServer(c)
 	t.Tests.SetUpTest(c)
 }
@@ -267,16 +265,99 @@
 	return netenv
 }
 
+func (t *localServerSuite) TestPrepareForBootstrapWithInvalidVPCID(c *gc.C) {
+	badVPCIDConfig := coretesting.Attrs{"vpc-id": "bad"}
+
+	expectedError := `invalid EC2 provider config: vpc-id: "bad" is not a valid AWS VPC ID`
+	t.AssertPrepareFailsWithConfig(c, badVPCIDConfig, expectedError)
+}
+
+func (t *localServerSuite) TestPrepareForBootstrapWithUnknownVPCID(c *gc.C) {
+	unknownVPCIDConfig := coretesting.Attrs{"vpc-id": "vpc-unknown"}
+
+	expectedError := `Juju cannot use the given vpc-id for bootstrapping(.|\n)*Error details: VPC "vpc-unknown" not found`
+	err := t.AssertPrepareFailsWithConfig(c, unknownVPCIDConfig, expectedError)
+	c.Check(err, jc.Satisfies, ec2.IsVPCNotUsableError)
+}
+
+func (t *localServerSuite) TestPrepareForBootstrapWithNotRecommendedVPCID(c *gc.C) {
+	t.makeTestingDefaultVPCUnavailable(c)
+	notRecommendedVPCIDConfig := coretesting.Attrs{"vpc-id": t.srv.defaultVPC.Id}
+
+	expectedError := `The given vpc-id does not meet one or more(.|\n)*Error details: VPC has unexpected state "unavailable"`
+	err := t.AssertPrepareFailsWithConfig(c, notRecommendedVPCIDConfig, expectedError)
+	c.Check(err, jc.Satisfies, ec2.IsVPCNotRecommendedError)
+}
+
+func (t *localServerSuite) makeTestingDefaultVPCUnavailable(c *gc.C) {
+	// For simplicity, here the test server's default VPC is updated to change
+	// its state to unavailable, we just verify the behavior of a "not
+	// recommended VPC".
+	t.srv.defaultVPC.State = "unavailable"
+	err := t.srv.ec2srv.UpdateVPC(*t.srv.defaultVPC)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (t *localServerSuite) TestPrepareForBootstrapWithNotRecommendedButForcedVPCID(c *gc.C) {
+	t.makeTestingDefaultVPCUnavailable(c)
+	params := t.PrepareParams(c)
+	params.BaseConfig["vpc-id"] = t.srv.defaultVPC.Id
+	params.BaseConfig["vpc-id-force"] = true
+
+	t.prepareWithParamsAndBootstrapWithVPCID(c, params, t.srv.defaultVPC.Id)
+}
+
+func (t *localServerSuite) TestPrepareForBootstrapWithEmptyVPCID(c *gc.C) {
+	const emptyVPCID = ""
+
+	params := t.PrepareParams(c)
+	params.BaseConfig["vpc-id"] = emptyVPCID
+
+	t.prepareWithParamsAndBootstrapWithVPCID(c, params, emptyVPCID)
+}
+
+func (t *localServerSuite) prepareWithParamsAndBootstrapWithVPCID(c *gc.C, params bootstrap.PrepareParams, expectedVPCID string) {
+	env := t.PrepareWithParams(c, params)
+	unknownAttrs := env.Config().UnknownAttrs()
+	vpcID, ok := unknownAttrs["vpc-id"]
+	c.Check(vpcID, gc.Equals, expectedVPCID)
+	c.Check(ok, jc.IsTrue)
+
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (t *localServerSuite) TestPrepareForBootstrapWithVPCIDNone(c *gc.C) {
+	params := t.PrepareParams(c)
+	params.BaseConfig["vpc-id"] = "none"
+
+	t.prepareWithParamsAndBootstrapWithVPCID(c, params, ec2.VPCIDNone)
+}
+
+func (t *localServerSuite) TestPrepareForBootstrapWithDefaultVPCID(c *gc.C) {
+	params := t.PrepareParams(c)
+	params.BaseConfig["vpc-id"] = t.srv.defaultVPC.Id
+
+	t.prepareWithParamsAndBootstrapWithVPCID(c, params, t.srv.defaultVPC.Id)
+}
+
 func (t *localServerSuite) TestSystemdBootstrapInstanceUserDataAndState(c *gc.C) {
 	env := t.Prepare(c)
 	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
 		// TODO(redir): BBB: When we no longer support upstart based systems this can change to series.LatestLts()
 		BootstrapSeries: "xenial",
+		AdminSecret:     testing.AdminSecret,
+		CAPrivateKey:    coretesting.CAKey,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// check that ControllerInstances returns the id of the bootstrap machine.
-	instanceIds, err := env.ControllerInstances()
+	instanceIds, err := env.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(instanceIds, gc.HasLen, 1)
 
@@ -322,7 +403,7 @@
 	})
 
 	// check that a new instance will be started with a machine agent
-	inst1, hc := testing.AssertStartInstance(c, env, "1")
+	inst1, hc := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	c.Check(*hc.Arch, gc.Equals, "amd64")
 	c.Check(*hc.Mem, gc.Equals, uint64(3840))
 	c.Check(*hc.CpuCores, gc.Equals, uint64(1))
@@ -344,7 +425,7 @@
 	err = env.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 
-	_, err = env.ControllerInstances()
+	_, err = env.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, gc.Equals, environs.ErrNotBootstrapped)
 }
 
@@ -354,12 +435,15 @@
 func (t *localServerSuite) TestUpstartBootstrapInstanceUserDataAndState(c *gc.C) {
 	env := t.Prepare(c)
 	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
-		BootstrapSeries: "trusty",
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		BootstrapSeries:  "trusty",
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// check that ControllerInstances returns the id of the bootstrap machine.
-	instanceIds, err := env.ControllerInstances()
+	instanceIds, err := env.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(instanceIds, gc.HasLen, 1)
 
@@ -405,7 +489,7 @@
 	})
 
 	// check that a new instance will be started with a machine agent
-	inst1, hc := testing.AssertStartInstance(c, env, "1")
+	inst1, hc := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	c.Check(*hc.Arch, gc.Equals, "amd64")
 	c.Check(*hc.Mem, gc.Equals, uint64(3840))
 	c.Check(*hc.CpuCores, gc.Equals, uint64(1))
@@ -427,13 +511,17 @@
 	err = env.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 
-	_, err = env.ControllerInstances()
+	_, err = env.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, gc.Equals, environs.ErrNotBootstrapped)
 }
 
 func (t *localServerSuite) TestTerminateInstancesIgnoresNotFound(c *gc.C) {
 	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	t.BaseSuite.PatchValue(ec2.DeleteSecurityGroupInsistently, deleteSecurityGroupForTestFunc)
@@ -451,26 +539,28 @@
 }
 
 func (t *localServerSuite) TestDestroyErr(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	msg := "terminate instances error"
 	t.BaseSuite.PatchValue(ec2.TerminateInstancesById, func(ec2inst *amzec2.EC2, ids ...instance.Id) (*amzec2.TerminateInstancesResp, error) {
 		return nil, errors.New(msg)
 	})
 
-	err = env.Destroy()
+	err := env.Destroy()
 	c.Assert(errors.Cause(err).Error(), jc.Contains, msg)
 }
 
 func (t *localServerSuite) TestGetTerminatedInstances(c *gc.C) {
 	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// create another instance to terminate
-	inst1, _ := testing.AssertStartInstance(c, env, "1")
+	inst1, _ := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	inst := t.srv.ec2srv.Instance(string(inst1.Id()))
 	c.Assert(inst, gc.NotNil)
 	t.BaseSuite.PatchValue(ec2.TerminateInstancesById, func(ec2inst *amzec2.EC2, ids ...instance.Id) (*amzec2.TerminateInstancesResp, error) {
@@ -490,9 +580,7 @@
 }
 
 func (t *localServerSuite) TestInstanceSecurityGroupsWitheInstanceStatusFilter(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	insts, err := env.AllInstances()
 	c.Assert(err, jc.ErrorIsNil)
@@ -513,41 +601,37 @@
 }
 
 func (t *localServerSuite) TestDestroyControllerModelDeleteSecurityGroupInsistentlyError(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
-	t.testDestroyModelDeleteSecurityGroupInsistentlyError(
-		c, env, "destroying managed environs: cannot delete security group .*: ",
-	)
+	env := t.prepareAndBootstrap(c)
+	msg := "destroy security group error"
+	t.BaseSuite.PatchValue(ec2.DeleteSecurityGroupInsistently, func(
+		ec2.SecurityGroupCleaner, amzec2.SecurityGroup, clock.Clock,
+	) error {
+		return errors.New(msg)
+	})
+	err := env.DestroyController(t.ControllerUUID)
+	c.Assert(err, gc.ErrorMatches, "destroying managed environs: cannot delete security group .*: "+msg)
 }
 
 func (t *localServerSuite) TestDestroyHostedModelDeleteSecurityGroupInsistentlyError(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	env := t.prepareAndBootstrap(c)
 
 	cfg, err := env.Config().Apply(map[string]interface{}{"controller-uuid": "7e386e08-cba7-44a4-a76e-7c1633584210"})
 	c.Assert(err, jc.ErrorIsNil)
 	env, err = environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	t.testDestroyModelDeleteSecurityGroupInsistentlyError(
-		c, env, "cannot delete environment security groups: cannot delete default security group: ",
-	)
-}
 
-func (t *localServerSuite) testDestroyModelDeleteSecurityGroupInsistentlyError(c *gc.C, env environs.Environ, errPrefix string) {
 	msg := "destroy security group error"
 	t.BaseSuite.PatchValue(ec2.DeleteSecurityGroupInsistently, func(
 		ec2.SecurityGroupCleaner, amzec2.SecurityGroup, clock.Clock,
 	) error {
 		return errors.New(msg)
 	})
-	err := env.Destroy()
-	c.Assert(err, gc.ErrorMatches, errPrefix+"destroy security group error")
+	err = env.Destroy()
+	c.Assert(err, gc.ErrorMatches, "cannot delete environment security groups: cannot delete default security group: "+msg)
 }
 
 func (t *localServerSuite) TestDestroyControllerDestroysHostedModelResources(c *gc.C) {
-	controllerEnv := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), controllerEnv, bootstrap.BootstrapParams{})
+	controllerEnv := t.prepareAndBootstrap(c)
 
 	// Create a hosted model environment with an instance and a volume.
 	t.srv.ec2srv.SetInitialInstanceState(ec2test.Running)
@@ -558,7 +642,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := testing.AssertStartInstance(c, env, "0")
+	inst, _ := testing.AssertStartInstance(c, env, t.ControllerUUID, "0")
 	c.Assert(err, jc.ErrorIsNil)
 	ebsProvider := ec2.EBSProvider()
 	vs, err := ebsProvider.VolumeSource(env.Config(), nil)
@@ -568,7 +652,7 @@
 		Size:     1024,
 		Provider: ec2.EBS_ProviderType,
 		ResourceTags: map[string]string{
-			tags.JujuController: coretesting.ModelTag.Id(),
+			tags.JujuController: t.ControllerUUID,
 			tags.JujuModel:      "7e386e08-cba7-44a4-a76e-7c1633584210",
 		},
 		Attachment: &storage.VolumeAttachmentParams{
@@ -609,15 +693,15 @@
 	assertVolumes(volumeResults[0].Volume.VolumeId)
 	assertGroups(
 		"default",
-		"juju-"+coretesting.ModelTag.Id(),
-		"juju-"+coretesting.ModelTag.Id()+"-0",
+		"juju-"+t.ControllerUUID,
+		"juju-"+t.ControllerUUID+"-0",
 		"juju-7e386e08-cba7-44a4-a76e-7c1633584210",
 		"juju-7e386e08-cba7-44a4-a76e-7c1633584210-global",
 	)
 
-	// Destroy the controller environment. This should destroy the hosted
+	// Destroy the controller resources. This should destroy the hosted
 	// environment too.
-	err = controllerEnv.Destroy()
+	err = controllerEnv.DestroyController(t.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 
 	assertInstances()
@@ -641,19 +725,21 @@
 
 func (t *localServerSuite) TestInstanceStatus(c *gc.C) {
 	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	t.srv.ec2srv.SetInitialInstanceState(ec2test.Terminated)
-	inst, _ := testing.AssertStartInstance(c, env, "1")
+	inst, _ := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(inst.Status().Message, gc.Equals, "terminated")
 }
 
 func (t *localServerSuite) TestStartInstanceHardwareCharacteristics(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
-	_, hc := testing.AssertStartInstance(c, env, "1")
+	env := t.prepareAndBootstrap(c)
+	_, hc := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	c.Check(*hc.Arch, gc.Equals, "amd64")
 	c.Check(*hc.Mem, gc.Equals, uint64(3840))
 	c.Check(*hc.CpuCores, gc.Equals, uint64(1))
@@ -677,11 +763,9 @@
 }
 
 func (t *localServerSuite) testStartInstanceAvailZone(c *gc.C, zone string) (instance.Instance, error) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
-	params := environs.StartInstanceParams{Placement: "zone=" + zone}
+	params := environs.StartInstanceParams{ControllerUUID: t.ControllerUUID, Placement: "zone=" + zone}
 	result, err := testing.StartInstanceWithParams(env, "1", params)
 	if err != nil {
 		return nil, err
@@ -761,9 +845,7 @@
 }
 
 func (t *localServerSuite) TestStartInstanceDistributionParams(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	mock := mockAvailabilityZoneAllocations{
 		result: []common.AvailabilityZoneInstances{{ZoneName: "az1"}},
@@ -771,36 +853,36 @@
 	t.PatchValue(ec2.AvailabilityZoneAllocations, mock.AvailabilityZoneAllocations)
 
 	// no distribution group specified
-	testing.AssertStartInstance(c, env, "1")
+	testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	c.Assert(mock.group, gc.HasLen, 0)
 
 	// distribution group specified: ensure it's passed through to AvailabilityZone.
 	expectedInstances := []instance.Id{"i-0", "i-1"}
 	params := environs.StartInstanceParams{
+		ControllerUUID: t.ControllerUUID,
 		DistributionGroup: func() ([]instance.Id, error) {
 			return expectedInstances, nil
 		},
 	}
-	_, err = testing.StartInstanceWithParams(env, "1", params)
+	_, err := testing.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(mock.group, gc.DeepEquals, expectedInstances)
 }
 
 func (t *localServerSuite) TestStartInstanceDistributionErrors(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	mock := mockAvailabilityZoneAllocations{
 		err: fmt.Errorf("AvailabilityZoneAllocations failed"),
 	}
 	t.PatchValue(ec2.AvailabilityZoneAllocations, mock.AvailabilityZoneAllocations)
-	_, _, _, err = testing.StartInstance(env, "1")
+	_, _, _, err := testing.StartInstance(env, t.ControllerUUID, "1")
 	c.Assert(errors.Cause(err), gc.Equals, mock.err)
 
 	mock.err = nil
 	dgErr := fmt.Errorf("DistributionGroup failed")
 	params := environs.StartInstanceParams{
+		ControllerUUID: t.ControllerUUID,
 		DistributionGroup: func() ([]instance.Id, error) {
 			return nil, dgErr
 		},
@@ -810,13 +892,11 @@
 }
 
 func (t *localServerSuite) TestStartInstanceDistribution(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	// test-available is the only available AZ, so AvailabilityZoneAllocations
 	// is guaranteed to return that.
-	inst, _ := testing.AssertStartInstance(c, env, "1")
+	inst, _ := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	c.Assert(ec2.InstanceEC2(inst).AvailZone, gc.Equals, "test-available")
 }
 
@@ -861,9 +941,7 @@
 }
 
 func (t *localServerSuite) testStartInstanceAvailZoneAllConstrained(c *gc.C, runInstancesError *amzec2.Error) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	mock := mockAvailabilityZoneAllocations{
 		result: []common.AvailabilityZoneInstances{
@@ -877,7 +955,7 @@
 		azArgs = append(azArgs, ri.AvailZone)
 		return nil, runInstancesError
 	})
-	_, _, _, err = testing.StartInstance(env, "1")
+	_, _, _, err := testing.StartInstance(env, t.ControllerUUID, "1")
 	c.Assert(err, gc.ErrorMatches, fmt.Sprintf(
 		"cannot run instances: %s \\(%s\\)",
 		regexp.QuoteMeta(runInstancesError.Message),
@@ -923,7 +1001,11 @@
 
 func (t *localServerSuite) prepareAndBootstrap(c *gc.C) environs.Environ {
 	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	return env
 }
@@ -935,8 +1017,9 @@
 
 	// Expect an error because zone test-available isn't in SubnetsToZones
 	params := environs.StartInstanceParams{
-		Placement:   "zone=test-available",
-		Constraints: constraints.MustParse("spaces=aaaaaaaaaa"),
+		ControllerUUID: t.ControllerUUID,
+		Placement:      "zone=test-available",
+		Constraints:    constraints.MustParse("spaces=aaaaaaaaaa"),
 		SubnetsToZones: map[network.Id][]string{
 			subIDs[0]: []string{"zone2"},
 			subIDs[1]: []string{"zone3"},
@@ -953,8 +1036,9 @@
 
 	// Should work - test-available is in SubnetsToZones and in myspace.
 	params := environs.StartInstanceParams{
-		Placement:   "zone=test-available",
-		Constraints: constraints.MustParse("spaces=aaaaaaaaaa"),
+		ControllerUUID: t.ControllerUUID,
+		Placement:      "zone=test-available",
+		Constraints:    constraints.MustParse("spaces=aaaaaaaaaa"),
 		SubnetsToZones: map[network.Id][]string{
 			subIDs[0]: []string{"test-available"},
 			subIDs[1]: []string{"zone3"},
@@ -970,7 +1054,8 @@
 
 	// Shoule work because zone is not specified so we can resolve the constraints
 	params := environs.StartInstanceParams{
-		Constraints: constraints.MustParse("spaces=aaaaaaaaaa"),
+		ControllerUUID: t.ControllerUUID,
+		Constraints:    constraints.MustParse("spaces=aaaaaaaaaa"),
 		SubnetsToZones: map[network.Id][]string{
 			subIDs[0]: []string{"test-available"},
 			subIDs[1]: []string{"zone3"},
@@ -989,7 +1074,8 @@
 	// We requested a space, but there are no subnets in SubnetsToZones, so we can't resolve
 	// the constraints
 	params := environs.StartInstanceParams{
-		Constraints: constraints.MustParse("spaces=aaaaaaaaaa"),
+		ControllerUUID: t.ControllerUUID,
+		Constraints:    constraints.MustParse("spaces=aaaaaaaaaa"),
 		SubnetsToZones: map[network.Id][]string{
 			subIDs[0]: []string{""},
 		},
@@ -1011,9 +1097,7 @@
 }
 
 func (t *localServerSuite) testStartInstanceAvailZoneOneConstrained(c *gc.C, runInstancesError *amzec2.Error) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	mock := mockAvailabilityZoneAllocations{
 		result: []common.AvailabilityZoneInstances{
@@ -1033,18 +1117,15 @@
 		}
 		return realRunInstances(e, ri)
 	})
-	inst, hwc := testing.AssertStartInstance(c, env, "1")
+	inst, hwc := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	c.Assert(azArgs, gc.DeepEquals, []string{"az1", "az2"})
 	c.Assert(ec2.InstanceEC2(inst).AvailZone, gc.Equals, "az2")
 	c.Check(*hwc.AvailabilityZone, gc.Equals, "az2")
 }
 
 func (t *localServerSuite) TestAddresses(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := testing.AssertStartInstance(c, env, "1")
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
+	inst, _ := testing.AssertStartInstance(c, env, t.ControllerUUID, "1")
 	addrs, err := inst.Addresses()
 	c.Assert(err, jc.ErrorIsNil)
 	// Expected values use Address type but really contain a regexp for
@@ -1182,83 +1263,18 @@
 
 func (t *localServerSuite) setUpInstanceWithDefaultVpc(c *gc.C) (environs.NetworkingEnviron, instance.Id) {
 	env := t.prepareEnviron(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
-	instanceIds, err := env.ControllerInstances()
+	instanceIds, err := env.ControllerInstances(t.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	return env, instanceIds[0]
 }
 
-func (t *localServerSuite) TestAllocateAddress(c *gc.C) {
-	env, instId := t.setUpInstanceWithDefaultVpc(c)
-
-	addr := network.Address{Value: "8.0.0.4"}
-	var actualAddr network.Address
-	mockAssign := func(ec2Inst *amzec2.EC2, netId string, addr network.Address) error {
-		actualAddr = addr
-		return nil
-	}
-	t.PatchValue(&ec2.AssignPrivateIPAddress, mockAssign)
-
-	err := env.AllocateAddress(instId, "", &addr, "foo", "bar")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(actualAddr, gc.Equals, addr)
-}
-
-func (t *localServerSuite) TestAllocateAddressIPAddressInUseOrEmpty(c *gc.C) {
-	env, instId := t.setUpInstanceWithDefaultVpc(c)
-
-	addr := network.Address{Value: "8.0.0.4"}
-	mockAssign := func(ec2Inst *amzec2.EC2, netId string, addr network.Address) error {
-		return &amzec2.Error{Code: "InvalidParameterValue"}
-	}
-	t.PatchValue(&ec2.AssignPrivateIPAddress, mockAssign)
-
-	err := env.AllocateAddress(instId, "", &addr, "foo", "bar")
-	c.Assert(errors.Cause(err), gc.Equals, environs.ErrIPAddressUnavailable)
-}
-
-func (t *localServerSuite) TestAllocateAddressNetworkInterfaceFull(c *gc.C) {
-	env, instId := t.setUpInstanceWithDefaultVpc(c)
-
-	addr := network.Address{Value: "8.0.0.4"}
-	mockAssign := func(ec2Inst *amzec2.EC2, netId string, addr network.Address) error {
-		return &amzec2.Error{Code: "PrivateIpAddressLimitExceeded"}
-	}
-	t.PatchValue(&ec2.AssignPrivateIPAddress, mockAssign)
-
-	err := env.AllocateAddress(instId, "", &addr, "foo", "bar")
-	c.Assert(errors.Cause(err), gc.Equals, environs.ErrIPAddressesExhausted)
-}
-
-func (t *localServerSuite) TestReleaseAddress(c *gc.C) {
-	env, instId := t.setUpInstanceWithDefaultVpc(c)
-	addr := network.Address{Value: "8.0.0.4"}
-	// Allocate the address first so we can release it
-	err := env.AllocateAddress(instId, "", &addr, "foo", "bar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = env.ReleaseAddress(instId, "", addr, "", "")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Releasing a second time tests that the first call actually released
-	// it plus tests the error handling of ReleaseAddress
-	err = env.ReleaseAddress(instId, "", addr, "", "")
-	msg := fmt.Sprintf(`failed to release address "8\.0\.0\.4" from instance %q.*`, instId)
-	c.Assert(err, gc.ErrorMatches, msg)
-}
-
-func (t *localServerSuite) TestReleaseAddressUnknownInstance(c *gc.C) {
-	env, _ := t.setUpInstanceWithDefaultVpc(c)
-
-	// We should be able to release an address with an unknown instance id
-	// without it being allocated.
-	addr := network.Address{Value: "8.0.0.4"}
-	err := env.ReleaseAddress(instance.UnknownId, "", addr, "", "")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
 func (t *localServerSuite) TestNetworkInterfaces(c *gc.C) {
 	env, instId := t.setUpInstanceWithDefaultVpc(c)
 	interfaces, err := env.NetworkInterfaces(instId)
@@ -1343,22 +1359,16 @@
 		CIDR:              "10.10.0.0/24",
 		ProviderId:        "subnet-0",
 		VLANTag:           0,
-		AllocatableIPLow:  net.ParseIP("10.10.0.4").To4(),
-		AllocatableIPHigh: net.ParseIP("10.10.0.254").To4(),
 		AvailabilityZones: []string{"test-available"},
 	}, {
 		CIDR:              "10.10.1.0/24",
 		ProviderId:        "subnet-1",
 		VLANTag:           0,
-		AllocatableIPLow:  net.ParseIP("10.10.1.4").To4(),
-		AllocatableIPHigh: net.ParseIP("10.10.1.254").To4(),
 		AvailabilityZones: []string{"test-impaired"},
 	}, {
 		CIDR:              "10.10.2.0/24",
 		ProviderId:        "subnet-2",
 		VLANTag:           0,
-		AllocatableIPLow:  net.ParseIP("10.10.2.4").To4(),
-		AllocatableIPHigh: net.ParseIP("10.10.2.254").To4(),
 		AvailabilityZones: []string{"test-unavailable"},
 	}}
 
@@ -1396,72 +1406,8 @@
 	c.Assert(err, gc.ErrorMatches, `failed to find the following subnet ids: \[Missing\]`)
 }
 
-func (t *localServerSuite) TestSupportsAddressAllocationTrue(c *gc.C) {
-	env := t.prepareEnviron(c)
-	result, err := env.SupportsAddressAllocation("")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, jc.IsTrue)
-}
-
-func (t *localServerSuite) TestSupportsAddressAllocationWithNoFeatureFlag(c *gc.C) {
-	t.SetFeatureFlags() // clear the flags.
-	env := t.prepareEnviron(c)
-	result, err := env.SupportsAddressAllocation("")
-	c.Assert(err, gc.ErrorMatches, "address allocation not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-	c.Assert(result, jc.IsFalse)
-}
-
-func (t *localServerSuite) TestAllocateAddressWithNoFeatureFlag(c *gc.C) {
-	t.SetFeatureFlags() // clear the flags.
-	env := t.prepareEnviron(c)
-	addr := network.NewAddresses("1.2.3.4")[0]
-	err := env.AllocateAddress("i-foo", "net1", &addr, "foo", "bar")
-	c.Assert(err, gc.ErrorMatches, "address allocation not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-}
-
-func (t *localServerSuite) TestReleaseAddressWithNoFeatureFlag(c *gc.C) {
-	t.SetFeatureFlags() // clear the flags.
-	env := t.prepareEnviron(c)
-	err := env.ReleaseAddress("i-foo", "net1", network.NewAddress("1.2.3.4"), "", "")
-	c.Assert(err, gc.ErrorMatches, "address allocation not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-}
-
-func (t *localServerSuite) TestSupportsAddressAllocationCaches(c *gc.C) {
-	t.srv.ec2srv.SetAccountAttributes(map[string][]string{
-		"default-vpc": {"none"},
-	})
-	env := t.prepareEnviron(c)
-	result, err := env.SupportsAddressAllocation("")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-	c.Assert(result, jc.IsFalse)
-
-	// this value won't change normally, the change here is to
-	// ensure that subsequent calls use the cached value
-	t.srv.ec2srv.SetAccountAttributes(map[string][]string{
-		"default-vpc": {"vpc-xxxxxxx"},
-	})
-	result, err = env.SupportsAddressAllocation("")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-	c.Assert(result, jc.IsFalse)
-}
-
-func (t *localServerSuite) TestSupportsAddressAllocationFalse(c *gc.C) {
-	t.srv.ec2srv.SetAccountAttributes(map[string][]string{
-		"default-vpc": {"none"},
-	})
-	env := t.prepareEnviron(c)
-	result, err := env.SupportsAddressAllocation("")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-	c.Assert(result, jc.IsFalse)
-}
-
 func (t *localServerSuite) TestInstanceTags(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	instances, err := env.AllInstances()
 	c.Assert(err, jc.ErrorIsNil)
@@ -1471,15 +1417,13 @@
 	c.Assert(ec2Inst.Tags, jc.SameContents, []amzec2.Tag{
 		{"Name", "juju-sample-machine-0"},
 		{"juju-model-uuid", coretesting.ModelTag.Id()},
-		{"juju-controller-uuid", coretesting.ModelTag.Id()},
+		{"juju-controller-uuid", t.ControllerUUID},
 		{"juju-is-controller", "true"},
 	})
 }
 
 func (t *localServerSuite) TestRootDiskTags(c *gc.C) {
-	env := t.Prepare(c)
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
-	c.Assert(err, jc.ErrorIsNil)
+	env := t.prepareAndBootstrap(c)
 
 	instances, err := env.AllInstances()
 	c.Assert(err, jc.ErrorIsNil)
@@ -1501,7 +1445,7 @@
 	c.Assert(found.Tags, jc.SameContents, []amzec2.Tag{
 		{"Name", "juju-sample-machine-0-root"},
 		{"juju-model-uuid", coretesting.ModelTag.Id()},
-		{"juju-controller-uuid", coretesting.ModelTag.Id()},
+		{"juju-controller-uuid", t.ControllerUUID},
 	})
 }
 
@@ -1521,7 +1465,7 @@
 	t.TestDataSuite.SetUpSuite(c)
 
 	t.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
-	t.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	t.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 
 	t.restoreEC2Patching = patchEC2ForTesting(c)
 	t.BaseSuite.PatchValue(ec2.DeleteSecurityGroupInsistently, deleteSecurityGroupForTestFunc)
@@ -1540,11 +1484,12 @@
 	}
 	t.srv.startServer(c)
 
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			BaseConfig: localConfigAttrs,
+		bootstrap.PrepareParams{
+			ControllerConfig: coretesting.FakeControllerConfig(),
+			BaseConfig:       localConfigAttrs,
 			Credential: cloud.NewCredential(
 				cloud.AccessKeyAuthType,
 				map[string]string{
@@ -1555,6 +1500,7 @@
 			ControllerName: localConfigAttrs["name"].(string),
 			CloudName:      "ec2",
 			CloudRegion:    "test",
+			AdminSecret:    testing.AdminSecret,
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,16 +7,12 @@
 	"flag"
 	stdtesting "testing"
 
-	"github.com/juju/testing"
 	gc "gopkg.in/check.v1"
 )
 
 var amazon = flag.Bool("amazon", false, "Also run some tests on live Amazon servers")
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1519141")
-	}
 	if *amazon {
 		registerAmazonTests()
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/ec2/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/ec2/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,11 +27,24 @@
 
 // RestrictedConfigAttributes is specified in the EnvironProvider interface.
 func (p environProvider) RestrictedConfigAttributes() []string {
-	return []string{"region", "vpc-id", "vpc-id-force"}
+	// TODO(dimitern): Both of these shouldn't be restricted for hosted models.
+	// See bug http://pad.lv/1580417 for more information.
+	return []string{"region", "vpc-id-force"}
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (p environProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (p environProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
+	e, err := p.Open(cfg)
+	if err != nil {
+		return nil, err
+	}
+	env := e.(*environ)
+
+	apiClient, modelName, vpcID := env.ec2(), env.Name(), env.ecfg().vpcID()
+	if err := validateModelVPC(apiClient, modelName, vpcID); err != nil {
+		return nil, errors.Trace(err)
+	}
+
 	return cfg, nil
 }
 
@@ -75,7 +88,8 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	return p.PrepareForCreateEnvironment(cfg)
+
+	return cfg, nil
 }
 
 // PrepareForBootstrap is specified in the EnvironProvider interface.
@@ -95,25 +109,10 @@
 		}
 	}
 
-	vpcID, forceVPCID := env.ecfg().vpcID(), env.ecfg().forceVPCID()
-	if vpcID != "" {
-		err := validateVPC(env.ec2(), vpcID)
-		switch {
-		case isVPCNotUsableError(err):
-			// VPC missing or has no subnets at all.
-			return nil, errors.Annotate(err, vpcNotUsableErrorPrefix)
-		case isVPCNotRecommendedError(err):
-			// VPC does not meet minumum validation criteria.
-			if !forceVPCID {
-				return nil, errors.Annotatef(err, vpcNotRecommendedErrorPrefix, vpcID)
-			}
-			ctx.Infof(vpcNotRecommendedButForcedWarning)
-		case err != nil:
-			// Anything else unexpected while validating the VPC.
-			return nil, errors.Annotate(err, cannotValidateVPCErrorPrefix)
-		}
-
-		ctx.Infof("Using VPC %q in region %q", vpcID, env.ecfg().region())
+	apiClient, ecfg := env.ec2(), env.ecfg()
+	region, vpcID, forceVPCID := ecfg.region(), ecfg.vpcID(), ecfg.forceVPCID()
+	if err := validateBootstrapVPC(apiClient, region, vpcID, forceVPCID, ctx); err != nil {
+		return nil, errors.Trace(err)
 	}
 
 	return e, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/config.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,6 +6,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/schema"
+	"gopkg.in/juju/environschema.v1"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/provider/gce/google"
@@ -31,28 +32,74 @@
 	cfgImageEndpoint = "image-endpoint"
 )
 
+var configSchema = environschema.Fields{
+	cfgPrivateKey: {
+		Type: environschema.Tstring,
+		Description: cfgPrivateKey + ` is the private key that matches the public key
+associated with the GCE account.`,
+		EnvVar:    google.OSEnvPrivateKey,
+		Group:     environschema.AccountGroup,
+		Secret:    true,
+		Mandatory: true,
+	},
+	cfgClientID: {
+		Type:        environschema.Tstring,
+		Description: cfgClientID + ` is the GCE account's OAuth ID.`,
+		EnvVar:      google.OSEnvClientID,
+		Group:       environschema.AccountGroup,
+		Mandatory:   true,
+	},
+	cfgClientEmail: {
+		Type:        environschema.Tstring,
+		Description: cfgClientEmail + ` is the email address associated with the GCE account.`,
+		EnvVar:      google.OSEnvClientEmail,
+		Group:       environschema.AccountGroup,
+		Mandatory:   true,
+	},
+	cfgProjectID: {
+		Type:        environschema.Tstring,
+		Description: cfgProjectID + ` is the project ID to use in all GCE API requests`,
+		EnvVar:      google.OSEnvProjectID,
+		Group:       environschema.AccountGroup,
+		Mandatory:   true,
+	},
+	cfgRegion: {
+		Type:        environschema.Tstring,
+		Description: cfgRegion + ` is the GCE region in which to operate`,
+		EnvVar:      google.OSEnvRegion,
+	},
+	cfgImageEndpoint: {
+		Type:        environschema.Tstring,
+		Description: cfgImageEndpoint + ` identifies where the provider should look for cloud images (i.e. for simplestreams)`,
+		EnvVar:      google.OSEnvImageEndpoint,
+	},
+}
+
+var osEnvFields = func() map[string]string {
+	m := make(map[string]string)
+	for name, f := range configSchema {
+		if f.EnvVar != "" {
+			m[f.EnvVar] = name
+		}
+	}
+	return m
+}()
+
 // configFields is the spec for each GCE config value's type.
-var configFields = schema.Fields{
-	cfgPrivateKey:    schema.String(),
-	cfgClientID:      schema.String(),
-	cfgClientEmail:   schema.String(),
-	cfgRegion:        schema.String(),
-	cfgProjectID:     schema.String(),
-	cfgImageEndpoint: schema.String(),
-}
+var configFields = func() schema.Fields {
+	fs, _, err := configSchema.ValidationSchema()
+	if err != nil {
+		panic(err)
+	}
+	return fs
+}()
 
 // TODO(ericsnow) Do we need custom defaults for "image-metadata-url" or
 // "agent-metadata-url"? The defaults are the official ones (e.g.
 // cloud-images).
-
 var configDefaults = schema.Defaults{
 	// See http://cloud-images.ubuntu.com/releases/streams/v1/com.ubuntu.cloud:released:gce.json
 	cfgImageEndpoint: "https://www.googleapis.com",
-	cfgRegion:        "us-central1",
-}
-
-var configSecretFields = []string{
-	cfgPrivateKey,
 }
 
 var configImmutableFields = []string{
@@ -64,109 +111,73 @@
 	cfgImageEndpoint,
 }
 
-var configAuthFields = []string{
-	cfgPrivateKey,
-	cfgProjectID,
-	cfgClientID,
-	cfgClientEmail,
-}
-
-// osEnvFields is the mapping from GCE env vars to config keys.
-var osEnvFields = map[string]string{
-	google.OSEnvPrivateKey:    cfgPrivateKey,
-	google.OSEnvClientID:      cfgClientID,
-	google.OSEnvClientEmail:   cfgClientEmail,
-	google.OSEnvRegion:        cfgRegion,
-	google.OSEnvProjectID:     cfgProjectID,
-	google.OSEnvImageEndpoint: cfgImageEndpoint,
-}
-
-// handleInvalidField converts a google.InvalidConfigValue into a new
-// error, translating a {provider/gce/google}.OSEnvVar* value into a
-// GCE config key in the new error.
-func handleInvalidField(err error) error {
-	vErr := err.(*google.InvalidConfigValue)
-	if strValue, ok := vErr.Value.(string); ok && strValue == "" {
-		key := osEnvFields[vErr.Key]
-		return errors.Errorf("%s: must not be empty", key)
-	}
-	return err
-}
-
 type environConfig struct {
-	*config.Config
+	config      *config.Config
 	attrs       map[string]interface{}
-	credentials *google.Credentials
-}
-
-// newConfig builds a new environConfig from the provided Config and
-// returns it.
-func newConfig(cfg *config.Config) *environConfig {
-	return &environConfig{
-		Config: cfg,
-		attrs:  cfg.UnknownAttrs(),
-	}
+	credentials google.Credentials
+	conn        google.ConnectionConfig
 }
 
-// newValidConfig builds a new environConfig from the provided Config
-// and returns it. This includes applying the provided defaults
-// values, if any. The resulting config values are validated.
-func newValidConfig(cfg *config.Config, defaults map[string]interface{}) (*environConfig, error) {
-	credentials, err := parseCredentials(cfg)
-	if err != nil {
+// newConfig builds a new environConfig from the provided Config
+// filling in default values, if any. It returns an error if the
+// resulting configuration is not valid.
+func newConfig(cfg, old *config.Config) (*environConfig, error) {
+	// Ensure that the provided config is valid.
+	if err := config.Validate(cfg, old); err != nil {
 		return nil, errors.Trace(err)
 	}
-	handled, err := applyCredentials(cfg, credentials)
+	attrs, err := cfg.ValidateUnknownAttrs(configFields, configDefaults)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	cfg = handled
-
-	// Ensure that the provided config is valid.
-	if err := config.Validate(cfg, nil); err != nil {
-		return nil, errors.Trace(err)
+	// We don't allow an empty string for any attribute.
+	for attr, value := range attrs {
+		if value == "" {
+			return nil, errors.Errorf("%s: must not be empty", attr)
+		}
 	}
-
-	// Apply the defaults and coerce/validate the custom config attrs.
-	validated, err := cfg.ValidateUnknownAttrs(configFields, defaults)
+	newCfg, err := cfg.Apply(attrs)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	validCfg, err := cfg.Apply(validated)
+	credentials, err := parseCredentials(attrs)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-
-	// Build the config.
-	ecfg := newConfig(validCfg)
-	ecfg.credentials = credentials
-
-	// Do final validation.
-	if err := ecfg.validate(); err != nil {
-		return nil, errors.Trace(err)
+	ecfg := &environConfig{
+		config:      newCfg,
+		attrs:       attrs,
+		credentials: *credentials,
+		conn: google.ConnectionConfig{
+			Region:    attrs[cfgRegion].(string),
+			ProjectID: attrs[cfgProjectID].(string),
+		},
+	}
+	// Verify that the connection object is valid.
+	if err := ecfg.conn.Validate(); err != nil {
+		return nil, errors.Trace(handleInvalidFieldError(err))
+	}
+	if old == nil {
+		return ecfg, nil
+	}
+	// There's an old configuration. Validate it so that any
+	// default values are correctly coerced for when we
+	// check the old values later.
+	oldEcfg, err := newConfig(old, nil)
+	if err != nil {
+		return nil, errors.Annotatef(err, "invalid base config")
+	}
+	for _, attr := range configImmutableFields {
+		oldv, newv := oldEcfg.attrs[attr], ecfg.attrs[attr]
+		if oldv != newv {
+			return nil, errors.Errorf("%s: cannot change from %v to %v", attr, oldv, newv)
+		}
 	}
-
 	return ecfg, nil
 }
 
-func (c *environConfig) privateKey() string {
-	return c.attrs[cfgPrivateKey].(string)
-}
-
-func (c *environConfig) clientID() string {
-	return c.attrs[cfgClientID].(string)
-}
-
-func (c *environConfig) clientEmail() string {
-	return c.attrs[cfgClientEmail].(string)
-}
-
 func (c *environConfig) region() string {
-	return c.attrs[cfgRegion].(string)
-}
-
-func (c *environConfig) projectID() string {
-	return c.attrs[cfgProjectID].(string)
+	return c.conn.Region
 }
 
 // imageEndpoint identifies where the provider should look for
@@ -175,122 +186,45 @@
 	return c.attrs[cfgImageEndpoint].(string)
 }
 
-// auth build a new Credentials based on the config and returns it.
-func (c *environConfig) auth() *google.Credentials {
-	if c.credentials == nil {
-		c.credentials = &google.Credentials{
-			ClientID:    c.clientID(),
-			ClientEmail: c.clientEmail(),
-			PrivateKey:  []byte(c.privateKey()),
-		}
-	}
-	return c.credentials
-}
-
-// newConnection build a ConnectionConfig based on the config and returns it.
-func (c *environConfig) newConnection() google.ConnectionConfig {
-	return google.ConnectionConfig{
-		Region:    c.region(),
-		ProjectID: c.projectID(),
-	}
-}
-
-// secret gathers the "secret" config values and returns them.
+// secret returns the secret configuration values.
 func (c *environConfig) secret() map[string]string {
-	secretAttrs := make(map[string]string, len(configSecretFields))
-	for _, key := range configSecretFields {
-		secretAttrs[key] = c.attrs[key].(string)
-	}
-	return secretAttrs
-}
-
-// validate checks GCE-specific config values.
-func (c environConfig) validate() error {
-	// All fields must be populated, even with just the default.
-	for field := range configFields {
-		if dflt, ok := configDefaults[field]; ok && dflt == "" {
-			continue
-		}
-		if c.attrs[field].(string) == "" {
-			return errors.Errorf("%s: must not be empty", field)
-		}
-	}
-
-	// Check sanity of GCE fields.
-	if err := c.auth().Validate(); err != nil {
-		return errors.Trace(handleInvalidField(err))
-	}
-	if err := c.newConnection().Validate(); err != nil {
-		return errors.Trace(handleInvalidField(err))
-	}
-
-	return nil
-}
-
-// update applies changes from the provided config to the env config.
-// Changes to any immutable attributes result in an error.
-func (c *environConfig) update(cfg *config.Config) error {
-	// Validate the updates. newValidConfig does not modify the "known"
-	// config attributes so it is safe to call Validate here first.
-	if err := config.Validate(cfg, c.Config); err != nil {
-		return errors.Trace(err)
-	}
-
-	updates, err := newValidConfig(cfg, configDefaults)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	// Check that no immutable fields have changed.
-	attrs := updates.UnknownAttrs()
-	for _, field := range configImmutableFields {
-		if attrs[field] != c.attrs[field] {
-			return errors.Errorf("%s: cannot change from %v to %v", field, c.attrs[field], attrs[field])
+	secretAttrs := make(map[string]string)
+	for attr, val := range c.attrs {
+		if configSchema[attr].Secret {
+			secretAttrs[attr] = val.(string)
 		}
 	}
-
-	// Apply the updates.
-	c.Config = cfg
-	c.attrs = cfg.UnknownAttrs()
-	return nil
+	return secretAttrs
 }
 
 // parseCredentials extracts the OAuth2 info from the config from the
 // individual fields (falling back on the JSON file).
-func parseCredentials(cfg *config.Config) (*google.Credentials, error) {
-	attrs := cfg.UnknownAttrs()
+func parseCredentials(attrs map[string]interface{}) (*google.Credentials, error) {
 	values := make(map[string]string)
-	for _, field := range configAuthFields {
-		if existing, ok := attrs[field].(string); ok && existing != "" {
-			for key, candidate := range osEnvFields {
-				if field == candidate {
-					values[key] = existing
-					break
-				}
-			}
+	for attr, val := range attrs {
+		f := configSchema[attr]
+		if f.Group == environschema.AccountGroup && f.EnvVar != "" {
+			values[f.EnvVar] = val.(string)
 		}
 	}
-	return google.NewCredentials(values)
+	creds, err := google.NewCredentials(values)
+	if err != nil {
+		return nil, handleInvalidFieldError(err)
+	}
+	return creds, nil
 }
 
-func applyCredentials(cfg *config.Config, creds *google.Credentials) (*config.Config, error) {
-	updates := make(map[string]interface{})
-	for k, v := range creds.Values() {
-		if v == "" {
-			continue
-		}
-		if field, ok := osEnvFields[k]; ok {
-			for _, authField := range configAuthFields {
-				if field == authField {
-					updates[field] = v
-					break
-				}
-			}
-		}
-	}
-	updated, err := cfg.Apply(updates)
-	if err != nil {
-		return nil, errors.Trace(err)
+// handleInvalidFieldError converts a google.InvalidConfigValue into a new
+// error, translating a {provider/gce/google}.OSEnvVar* value into a
+// GCE config key in the new error.
+func handleInvalidFieldError(err error) error {
+	vErr, ok := errors.Cause(err).(*google.InvalidConfigValueError)
+	if !ok {
+		return err
+	}
+	vErr.Key = osEnvFields[vErr.Key]
+	if vErr.Value == "" {
+		return errors.Errorf("%s: must not be empty", vErr.Key)
 	}
-	return updated, nil
+	return err
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -130,10 +130,6 @@
 	insert: testing.Attrs{"client-email": ""},
 	err:    "client-email: must not be empty",
 }, {
-	info:   "region is optional",
-	remove: []string{"region"},
-	expect: testing.Attrs{"region": "us-central1"},
-}, {
 	info:   "region cannot be empty",
 	insert: testing.Attrs{"region": ""},
 	err:    "region: must not be empty",
@@ -198,31 +194,13 @@
 	for i, test := range newConfigTests {
 		c.Logf("test %d: %s", i, test.info)
 
-		oldcfg := test.newConfig(c)
-		newcfg := test.fixCfg(c, s.config)
-		expected := updateAttrs(gce.ConfigAttrs, test.insert)
-
 		// Validate the new config (relative to the old one) using the
 		// provider.
-		validatedConfig, err := gce.Provider.Validate(newcfg, oldcfg)
-
-		// Check the result.
+		_, err := gce.Provider.Validate(s.config, test.newConfig(c))
 		if test.err != "" {
-			test.checkFailure(c, err, "invalid base config")
-		} else {
-			if test.insert == nil && test.remove != nil {
-				// No defaults are set on the old config.
-				c.Check(err, gc.ErrorMatches, "invalid base config: .*")
-				continue
-			}
-
-			if !c.Check(err, jc.ErrorIsNil) {
-				continue
-			}
-			// We verify that Validate filled in the defaults
-			// appropriately.
-			c.Check(validatedConfig, gc.NotNil)
-			test.checkAttrs(c, expected, validatedConfig)
+			// In this test, we case only about the validating
+			// the old configuration, not about the success cases.
+			test.checkFailure(c, err, "invalid config: invalid base config")
 		}
 	}
 }
@@ -266,13 +244,38 @@
 
 		// Check the result.
 		if test.err != "" {
-			test.checkFailure(c, err, "invalid config change")
+			test.checkFailure(c, err, "invalid config")
 		} else {
 			test.checkSuccess(c, validatedConfig, err)
 		}
 	}
 }
 
+func (s *ConfigSuite) TestValidateChangeFromOldConfigWithMissingAttributeWithDefault(c *gc.C) {
+	// If the provider implementation is changed to add a new configuration attribute
+	// that has a default value, and the controller is upgraded to the new implementation,
+	// the validated configuration in the state will have no value for that attribute,
+	// even though newly validated configurations will.
+	//
+	// This test ensures that we can deal with that scenario by removing
+	// an attribute which currently has a default, and checking that we can
+	// still validate OK.
+
+	oldCfg := configTestSpec{
+		remove: []string{"image-endpoint"},
+	}.newConfig(c)
+
+	newCfg, err := testing.ModelConfig(c).Apply(gce.ConfigAttrs.Merge(testing.Attrs{
+		"image-endpoint": "https://www.googleapis.com",
+	}))
+	c.Assert(err, jc.ErrorIsNil)
+
+	validatedConfig, err := gce.Provider.Validate(newCfg, oldCfg)
+
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(validatedConfig.AllAttrs()["image-endpoint"], gc.Equals, "https://www.googleapis.com")
+}
+
 func (s *ConfigSuite) TestSetConfig(c *gc.C) {
 	for i, test := range changeConfigTests {
 		c.Logf("test %d: %s", i, test.info)
@@ -292,3 +295,14 @@
 		}
 	}
 }
+
+func (*ConfigSuite) TestSchema(c *gc.C) {
+	fields := gce.Provider.(environs.ProviderSchema).Schema()
+	// Check that all the fields defined in environs/config
+	// are in the returned schema.
+	globalFields, err := config.Schema(nil)
+	c.Assert(err, gc.IsNil)
+	for name, field := range globalFields {
+		c.Check(fields[name], jc.DeepEquals, field)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/credentials.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/credentials.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/credentials.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/credentials.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,29 +21,29 @@
 // CredentialSchemas is part of the environs.ProviderCredentials interface.
 func (environProviderCredentials) CredentialSchemas() map[cloud.AuthType]cloud.CredentialSchema {
 	return map[cloud.AuthType]cloud.CredentialSchema{
-		cloud.OAuth2AuthType: {
-			{
-				"client-id", cloud.CredentialAttr{Description: "client ID"},
-			}, {
-				"client-email", cloud.CredentialAttr{Description: "client e-mail address"},
-			}, {
-				"private-key",
-				cloud.CredentialAttr{
-					Description: "client secret",
-					Hidden:      true,
-				},
-			}, {
-				"project-id", cloud.CredentialAttr{Description: "project ID"},
+		cloud.OAuth2AuthType: {{
+			Name:           cfgClientID,
+			CredentialAttr: cloud.CredentialAttr{Description: "client ID"},
+		}, {
+			Name:           cfgClientEmail,
+			CredentialAttr: cloud.CredentialAttr{Description: "client e-mail address"},
+		}, {
+			Name: cfgPrivateKey,
+			CredentialAttr: cloud.CredentialAttr{
+				Description: "client secret",
+				Hidden:      true,
 			},
-		},
-		cloud.JSONFileAuthType: {
-			{
-				"file", cloud.CredentialAttr{
-					Description: "path to the .json file containing your Google Compute Engine project credentials",
-					FilePath:    true,
-				},
+		}, {
+			Name:           cfgProjectID,
+			CredentialAttr: cloud.CredentialAttr{Description: "project ID"},
+		}},
+		cloud.JSONFileAuthType: {{
+			Name: "file",
+			CredentialAttr: cloud.CredentialAttr{
+				Description: "path to the .json file containing your Google Compute Engine project credentials",
+				FilePath:    true,
 			},
-		},
+		}},
 	}
 }
 
@@ -55,27 +55,27 @@
 	//   On Windows, this is %APPDATA%/gcloud/application_default_credentials.json.
 	//   On other systems, $HOME/.config/gcloud/application_default_credentials.json.
 
-	validatePath := func(possbleFilePath string) string {
-		if possbleFilePath == "" {
+	validatePath := func(possibleFilePath string) string {
+		if possibleFilePath == "" {
 			return ""
 		}
-		fi, err := os.Stat(possbleFilePath)
+		fi, err := os.Stat(possibleFilePath)
 		if err != nil || fi.IsDir() {
 			return ""
 		}
-		return possbleFilePath
+		return possibleFilePath
 	}
 
-	possbleFilePath := validatePath(os.Getenv("GOOGLE_APPLICATION_CREDENTIALS"))
-	if possbleFilePath == "" {
-		possbleFilePath = validatePath(wellKnownCredentialsFile())
+	possibleFilePath := validatePath(os.Getenv("GOOGLE_APPLICATION_CREDENTIALS"))
+	if possibleFilePath == "" {
+		possibleFilePath = validatePath(wellKnownCredentialsFile())
 	}
-	if possbleFilePath == "" {
+	if possibleFilePath == "" {
 		return nil, errors.NotFoundf("gce credentials")
 	}
-	parsedCred, err := parseJSONAuthFile(possbleFilePath)
+	parsedCred, err := ParseJSONAuthFile(possibleFilePath)
 	if err != nil {
-		return nil, errors.Annotatef(err, "invalid json credential file %s", possbleFilePath)
+		return nil, errors.Annotatef(err, "invalid json credential file %s", possibleFilePath)
 	}
 
 	user, err := utils.LocalUsername()
@@ -83,11 +83,11 @@
 		return nil, errors.Trace(err)
 	}
 	cred := cloud.NewCredential(cloud.JSONFileAuthType, map[string]string{
-		"file": possbleFilePath,
+		"file": possibleFilePath,
 	})
-	credName := parsedCred.Attributes()["client-email"]
+	credName := parsedCred.Attributes()[cfgClientEmail]
 	if credName == "" {
-		credName = parsedCred.Attributes()["client-id"]
+		credName = parsedCred.Attributes()[cfgClientID]
 	}
 	cred.Label = fmt.Sprintf("google credential %q", credName)
 	return &cloud.CloudCredential{
@@ -105,9 +105,11 @@
 	return filepath.Join(utils.Home(), ".config", "gcloud", f)
 }
 
-// parseJSONAuthFile parses the file with the given path, and extracts
+// ParseJSONAuthFile parses the file with the given path, and extracts
 // the OAuth2 credentials within.
-func parseJSONAuthFile(filename string) (cloud.Credential, error) {
+//
+// TODO(axw) unexport this after 2.0-beta10 is out.
+func ParseJSONAuthFile(filename string) (cloud.Credential, error) {
 	authFile, err := os.Open(filename)
 	if err != nil {
 		return cloud.Credential{}, errors.Trace(err)
@@ -118,9 +120,9 @@
 		return cloud.Credential{}, errors.Trace(err)
 	}
 	return cloud.NewCredential(cloud.OAuth2AuthType, map[string]string{
-		"project-id":   creds.ProjectID,
-		"client-id":    creds.ClientID,
-		"client-email": creds.ClientEmail,
-		"private-key":  string(creds.PrivateKey),
+		cfgProjectID:   creds.ProjectID,
+		cfgClientID:    creds.ClientID,
+		cfgClientEmail: creds.ClientEmail,
+		cfgPrivateKey:  string(creds.PrivateKey),
 	}), nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/disks.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/disks.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/disks.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/disks.go	2016-07-18 19:45:44.000000000 +0000
@@ -164,7 +164,7 @@
 			return
 		}
 		if err := v.gce.RemoveDisk(zone, volumeName); err != nil {
-			logger.Warningf("error cleaning up volume %v: %v", volumeName, err)
+			logger.Errorf("error cleaning up volume %v: %v", volumeName, err)
 		}
 	}()
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/disks_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/disks_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/disks_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/disks_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package gce_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_broker.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_broker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_broker.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,7 +18,6 @@
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/instances"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/gce/google"
 	"github.com/juju/juju/state/multiwatcher"
@@ -54,20 +53,6 @@
 	logger.Infof("started instance %q in zone %q", raw.ID, raw.ZoneName)
 	inst := newInstance(raw, env)
 
-	// Ensure the API server port is open (globally for all instances
-	// on the network, not just for the specific node of the state
-	// server). See LP bug #1436191 for details.
-	if isController(args.InstanceConfig) {
-		ports := network.PortRange{
-			FromPort: args.InstanceConfig.StateServingInfo.APIPort,
-			ToPort:   args.InstanceConfig.StateServingInfo.APIPort,
-			Protocol: "tcp",
-		}
-		if err := env.gce.OpenPorts(env.globalFirewallName(), ports); err != nil {
-			return nil, errors.Trace(err)
-		}
-	}
-
 	// Build the result.
 	hwc := getHardwareCharacteristics(env, spec, inst)
 	result := environs.StartInstanceResult{
@@ -145,7 +130,10 @@
 // provisioned, relative to the provided args and spec. Info for that
 // low-level instance is returned.
 func (env *environ) newRawInstance(args environs.StartInstanceParams, spec *instances.InstanceSpec) (*google.Instance, error) {
-	machineID := common.MachineFullName(env.Config().UUID(), args.InstanceConfig.MachineId)
+	hostname, err := env.namespace.Hostname(args.InstanceConfig.MachineId)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 
 	os, err := series.GetOSFromSeries(args.InstanceConfig.Series)
 	if err != nil {
@@ -158,7 +146,7 @@
 	}
 	tags := []string{
 		env.globalFirewallName(),
-		machineID,
+		hostname,
 	}
 
 	disks, err := getDisks(
@@ -173,7 +161,7 @@
 	// TODO(ericsnow) Support multiple networks?
 	// TODO(ericsnow) Use a different net interface name? Configurable?
 	instSpec := google.InstanceSpec{
-		ID:                machineID,
+		ID:                hostname,
 		Type:              spec.InstanceType.Name,
 		Disks:             disks,
 		NetworkInterfaces: []string{"ExternalNAT"},
@@ -201,10 +189,8 @@
 	logger.Debugf("GCE user data; %d bytes", len(userData))
 
 	metadata := make(map[string]string)
-	if isController(args.InstanceConfig) {
-		metadata[metadataKeyIsState] = metadataValueTrue
-	} else {
-		metadata[metadataKeyIsState] = metadataValueFalse
+	for tag, value := range args.InstanceConfig.Tags {
+		metadata[tag] = value
 	}
 	switch os {
 	case jujuos.Ubuntu:
@@ -308,7 +294,7 @@
 		ids = append(ids, string(id))
 	}
 
-	prefix := common.MachineFullName(env.Config().UUID(), "")
+	prefix := env.namespace.Prefix()
 	err := env.gce.RemoveInstances(prefix, ids...)
 	return errors.Trace(err)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_broker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_broker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_broker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_broker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,15 +13,12 @@
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/instances"
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/gce"
-	"github.com/juju/juju/testing"
 )
 
 type environBrokerSuite struct {
@@ -92,44 +89,8 @@
 	result, err := s.Env.StartInstance(s.StartInstArgs)
 
 	c.Assert(err, jc.ErrorIsNil)
-	c.Check(result.Instance, gc.DeepEquals, s.Instance)
-	c.Check(result.Hardware, gc.DeepEquals, s.hardware)
-}
-
-func (s *environBrokerSuite) TestStartInstanceOpensAPIPort(c *gc.C) {
-	s.FakeEnviron.Spec = s.spec
-	s.FakeEnviron.Inst = s.BaseInstance
-	s.FakeEnviron.Hwc = s.hardware
-
-	// Get the API port from the fake environment config used to
-	// "bootstrap".
-	envConfig := testing.FakeConfig()
-	apiPort, ok := envConfig["api-port"].(int)
-	c.Assert(ok, jc.IsTrue)
-	c.Assert(apiPort, gc.Not(gc.Equals), 0)
-
-	// When StateServingInfo is not nil, verify OpenPorts was called
-	// for the API port.
-	s.StartInstArgs.InstanceConfig.StateServingInfo = &params.StateServingInfo{
-		APIPort: apiPort,
-	}
-
-	result, err := s.Env.StartInstance(s.StartInstArgs)
-
-	c.Assert(err, jc.ErrorIsNil)
-	c.Check(result.Instance, gc.DeepEquals, s.Instance)
-	c.Check(result.Hardware, gc.DeepEquals, s.hardware)
-
-	called, calls := s.FakeConn.WasCalled("OpenPorts")
-	c.Check(called, gc.Equals, true)
-	c.Check(calls, gc.HasLen, 1)
-	c.Check(calls[0].FirewallName, gc.Equals, gce.GlobalFirewallName(s.Env))
-	expectPorts := []network.PortRange{{
-		FromPort: apiPort,
-		ToPort:   apiPort,
-		Protocol: "tcp",
-	}}
-	c.Check(calls[0].PortRanges, jc.DeepEquals, expectPorts)
+	c.Check(result.Instance, jc.DeepEquals, s.Instance)
+	c.Check(result.Hardware, jc.DeepEquals, s.hardware)
 }
 
 func (s *environBrokerSuite) TestFinishInstanceConfig(c *gc.C) {
@@ -145,14 +106,14 @@
 	spec, err := gce.BuildInstanceSpec(s.Env, s.StartInstArgs)
 
 	c.Assert(err, jc.ErrorIsNil)
-	c.Check(spec.InstanceType, gc.DeepEquals, s.InstanceType)
+	c.Check(spec.InstanceType, jc.DeepEquals, s.InstanceType)
 }
 
 func (s *environBrokerSuite) TestFindInstanceSpec(c *gc.C) {
 	spec, err := gce.FindInstanceSpec(s.Env, s.ic, s.imageMetadata)
 
 	c.Assert(err, jc.ErrorIsNil)
-	c.Check(spec, gc.DeepEquals, s.spec)
+	c.Check(spec, jc.DeepEquals, s.spec)
 }
 
 func (s *environBrokerSuite) TestNewRawInstance(c *gc.C) {
@@ -165,14 +126,14 @@
 	inst, err := gce.NewRawInstance(s.Env, s.StartInstArgs, s.spec)
 
 	c.Assert(err, jc.ErrorIsNil)
-	c.Check(inst, gc.DeepEquals, s.BaseInstance)
+	c.Check(inst, jc.DeepEquals, s.BaseInstance)
 }
 
 func (s *environBrokerSuite) TestGetMetadataUbuntu(c *gc.C) {
 	metadata, err := gce.GetMetadata(s.StartInstArgs, jujuos.Ubuntu)
 
 	c.Assert(err, jc.ErrorIsNil)
-	c.Check(metadata, gc.DeepEquals, s.UbuntuMetadata)
+	c.Check(metadata, jc.DeepEquals, s.UbuntuMetadata)
 
 }
 
@@ -260,6 +221,6 @@
 	called, calls := s.FakeConn.WasCalled("RemoveInstances")
 	c.Check(called, gc.Equals, true)
 	c.Check(calls, gc.HasLen, 1)
-	c.Check(calls[0].Prefix, gc.Equals, "juju-2d02eeac-9dbb-11e4-89d3-123b93f75cba-machine-")
-	c.Check(calls[0].IDs, gc.DeepEquals, []string{"spam"})
+	c.Check(calls[0].Prefix, gc.Equals, s.Prefix())
+	c.Check(calls[0].IDs, jc.DeepEquals, []string{"spam"})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,6 +11,7 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/simplestreams"
+	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/gce/google"
@@ -64,29 +65,45 @@
 	lock sync.Mutex // lock protects access to ecfg
 	ecfg *environConfig
 
+	// namespace is used to create the machine and device hostnames.
+	namespace instance.Namespace
+
 	archLock               sync.Mutex // protects supportedArchitectures
 	supportedArchitectures []string
 }
 
+// Function entry points defined as variables so they can be overridden
+// for testing purposes.
+var (
+	newConnection = func(ecfg *environConfig) (gceConnection, error) {
+		return google.Connect(ecfg.conn, &ecfg.credentials)
+	}
+	destroyEnv = common.Destroy
+	bootstrap  = common.Bootstrap
+)
+
 func newEnviron(cfg *config.Config) (*environ, error) {
-	ecfg, err := newValidConfig(cfg, configDefaults)
+	ecfg, err := newConfig(cfg, nil)
 	if err != nil {
 		return nil, errors.Annotate(err, "invalid config")
 	}
-
 	// Connect and authenticate.
 	conn, err := newConnection(ecfg)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-
-	env := &environ{
-		name: ecfg.Name(),
-		uuid: ecfg.UUID(),
-		ecfg: ecfg,
-		gce:  conn,
+	namespace, err := instance.NewNamespace(cfg.UUID())
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
-	return env, nil
+
+	return &environ{
+		name:      ecfg.config.Name(),
+		uuid:      ecfg.config.UUID(),
+		ecfg:      ecfg,
+		gce:       conn,
+		namespace: namespace,
+	}, nil
 }
 
 // Name returns the name of the environment.
@@ -101,14 +118,10 @@
 
 // Region returns the CloudSpec to use for the provider, as configured.
 func (env *environ) Region() (simplestreams.CloudSpec, error) {
-	return env.cloudSpec(env.ecfg.region()), nil
-}
-
-func (env *environ) cloudSpec(region string) simplestreams.CloudSpec {
 	return simplestreams.CloudSpec{
-		Region:   region,
+		Region:   env.ecfg.region(),
 		Endpoint: env.ecfg.imageEndpoint(),
-	}
+	}, nil
 }
 
 // SetConfig updates the env's configuration.
@@ -116,42 +129,40 @@
 	env.lock.Lock()
 	defer env.lock.Unlock()
 
-	if env.ecfg == nil {
-		return errors.New("cannot set config on uninitialized env")
-	}
-
-	if err := env.ecfg.update(cfg); err != nil {
+	ecfg, err := newConfig(cfg, env.ecfg.config)
+	if err != nil {
 		return errors.Annotate(err, "invalid config change")
 	}
+	env.ecfg = ecfg
 	return nil
 }
 
-var newConnection = func(ecfg *environConfig) (gceConnection, error) {
-	connCfg := ecfg.newConnection()
-	auth := ecfg.auth()
-	return google.Connect(connCfg, auth)
-}
-
 // Config returns the configuration data with which the env was created.
 func (env *environ) Config() *config.Config {
 	env.lock.Lock()
-	cfg := env.ecfg.Config
-	env.lock.Unlock()
-	return cfg
+	defer env.lock.Unlock()
+	return env.ecfg.config
 }
 
-var bootstrap = common.Bootstrap
-
 // Bootstrap creates a new instance, chosing the series and arch out of
 // available tools. The series and arch are returned along with a func
 // that must be called to finalize the bootstrap process by transferring
 // the tools and installing the initial juju controller.
 func (env *environ) Bootstrap(ctx environs.BootstrapContext, params environs.BootstrapParams) (*environs.BootstrapResult, error) {
+	// Ensure the API server port is open (globally for all instances
+	// on the network, not just for the specific node of the state
+	// server). See LP bug #1436191 for details.
+	ports := network.PortRange{
+		FromPort: params.ControllerConfig.APIPort(),
+		ToPort:   params.ControllerConfig.APIPort(),
+		Protocol: "tcp",
+	}
+	if err := env.gce.OpenPorts(env.globalFirewallName(), ports); err != nil {
+		return nil, errors.Trace(err)
+	}
 	return bootstrap(ctx, env, params)
 }
 
-var destroyEnv = common.Destroy
-
 // Destroy shuts down all known machines and destroys the rest of the
 // known environment.
 func (env *environ) Destroy() error {
@@ -168,3 +179,9 @@
 
 	return destroyEnv(env)
 }
+
+// DestroyController implements the Environ interface.
+func (env *environ) DestroyController(controllerUUID string) error {
+	// TODO(wallyworld): destroy hosted model resources
+	return env.Destroy()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/gce/google"
 )
 
@@ -74,7 +74,7 @@
 // will see they are not tracked in state, assume they're stale/rogue,
 // and shut them down.
 func (env *environ) instances() ([]instance.Instance, error) {
-	prefix := common.MachineFullName(env.Config().UUID(), "")
+	prefix := env.namespace.Prefix()
 	instances, err := env.gce.Instances(prefix, instStatuses...)
 	err = errors.Trace(err)
 
@@ -94,8 +94,8 @@
 
 // ControllerInstances returns the IDs of the instances corresponding
 // to juju controllers.
-func (env *environ) ControllerInstances() ([]instance.Id, error) {
-	prefix := common.MachineFullName(env.Config().ControllerUUID(), "")
+func (env *environ) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
+	prefix := env.namespace.Prefix()
 	instances, err := env.gce.Instances(prefix, instStatuses...)
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -104,8 +104,11 @@
 	var results []instance.Id
 	for _, inst := range instances {
 		metadata := inst.Metadata()
-		isState, ok := metadata[metadataKeyIsState]
-		if ok && isState == metadataValueTrue {
+		if uuid, ok := metadata[tags.JujuController]; !ok || uuid != controllerUUID {
+			continue
+		}
+		isController, ok := metadata[tags.JujuIsController]
+		if ok && isController == "true" {
 			results = append(results, instance.Id(inst.ID))
 		}
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_instance_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_instance_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_instance_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_instance_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -95,14 +95,14 @@
 
 	c.Check(s.FakeConn.Calls, gc.HasLen, 1)
 	c.Check(s.FakeConn.Calls[0].FuncName, gc.Equals, "Instances")
-	c.Check(s.FakeConn.Calls[0].Prefix, gc.Equals, s.Prefix+"machine-")
+	c.Check(s.FakeConn.Calls[0].Prefix, gc.Equals, s.Prefix())
 	c.Check(s.FakeConn.Calls[0].Statuses, jc.DeepEquals, []string{google.StatusPending, google.StatusStaging, google.StatusRunning})
 }
 
 func (s *environInstSuite) TestControllerInstances(c *gc.C) {
 	s.FakeConn.Insts = []google.Instance{*s.BaseInstance}
 
-	ids, err := s.Env.ControllerInstances()
+	ids, err := s.Env.ControllerInstances(s.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(ids, jc.DeepEquals, []instance.Id{"spam"})
@@ -111,17 +111,17 @@
 func (s *environInstSuite) TestControllerInstancesAPI(c *gc.C) {
 	s.FakeConn.Insts = []google.Instance{*s.BaseInstance}
 
-	_, err := s.Env.ControllerInstances()
+	_, err := s.Env.ControllerInstances(s.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(s.FakeConn.Calls, gc.HasLen, 1)
 	c.Check(s.FakeConn.Calls[0].FuncName, gc.Equals, "Instances")
-	c.Check(s.FakeConn.Calls[0].Prefix, gc.Equals, "juju-"+s.Env.Config().ControllerUUID()+"-machine-")
+	c.Check(s.FakeConn.Calls[0].Prefix, gc.Equals, s.Prefix())
 	c.Check(s.FakeConn.Calls[0].Statuses, jc.DeepEquals, []string{google.StatusPending, google.StatusStaging, google.StatusRunning})
 }
 
 func (s *environInstSuite) TestControllerInstancesNotBootstrapped(c *gc.C) {
-	_, err := s.Env.ControllerInstances()
+	_, err := s.Env.ControllerInstances(s.ControllerUUID)
 
 	c.Check(err, gc.Equals, environs.ErrNotBootstrapped)
 }
@@ -130,7 +130,7 @@
 	other := google.NewInstance(google.InstanceSummary{}, nil)
 	s.FakeConn.Insts = []google.Instance{*s.BaseInstance, *other}
 
-	ids, err := s.Env.ControllerInstances()
+	ids, err := s.Env.ControllerInstances(s.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(ids, jc.DeepEquals, []instance.Id{"spam"})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_policy.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_policy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_policy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_policy.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,6 @@
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/simplestreams"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
 )
 
@@ -120,14 +119,7 @@
 // common.SupportsUnitPlacementPolicy.
 
 // SupportNetworks returns whether the environment has support to
-// specify networks for services and machines.
+// specify networks for applications and machines.
 func (env *environ) SupportNetworks() bool {
 	return false
 }
-
-// SupportAddressAllocation takes a network.Id and returns a bool
-// and an error. The bool indicates whether that network supports
-// static ip address allocation.
-func (env *environ) SupportAddressAllocation(netID network.Id) (bool, error) {
-	return false, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_policy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_policy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_policy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_policy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -196,10 +196,10 @@
 	validator, err := s.Env.ConstraintsValidator()
 	c.Assert(err, jc.ErrorIsNil)
 
-	cons := constraints.MustParse("container=lxc")
+	cons := constraints.MustParse("container=lxd")
 	_, err = validator.Validate(cons)
 
-	c.Check(err, gc.ErrorMatches, "invalid constraint value: container=lxc\nvalid values are:.*")
+	c.Check(err, gc.ErrorMatches, "invalid constraint value: container=lxd\nvalid values are:.*")
 }
 
 func (s *environPolSuite) TestConstraintsValidatorConflicts(c *gc.C) {
@@ -225,17 +225,3 @@
 
 	c.Check(isSupported, jc.IsFalse)
 }
-
-func (s *environPolSuite) TestSupportAddressAllocation(c *gc.C) {
-	isSupported, err := s.Env.SupportAddressAllocation("some-network")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(isSupported, jc.IsFalse)
-}
-
-func (s *environPolSuite) TestSupportAddressAllocationEmpty(c *gc.C) {
-	isSupported, err := s.Env.SupportAddressAllocation("")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(isSupported, jc.IsFalse)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,10 @@
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/environs"
 	envtesting "github.com/juju/juju/environs/testing"
+	"github.com/juju/juju/network"
+	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/gce"
+	"github.com/juju/juju/testing"
 )
 
 type environSuite struct {
@@ -54,14 +57,6 @@
 	c.Check(s.FakeConn.Calls, gc.HasLen, 0)
 }
 
-func (s *environSuite) TestSetConfigMissing(c *gc.C) {
-	gce.UnsetEnvConfig(s.Env)
-
-	err := s.Env.SetConfig(s.Config)
-
-	c.Check(err, gc.ErrorMatches, "cannot set config on uninitialized env")
-}
-
 func (s *environSuite) TestConfig(c *gc.C) {
 	cfg := s.Env.Config()
 
@@ -71,13 +66,15 @@
 func (s *environSuite) TestBootstrap(c *gc.C) {
 	s.FakeCommon.Arch = "amd64"
 	s.FakeCommon.Series = "trusty"
-	finalizer := func(environs.BootstrapContext, *instancecfg.InstanceConfig) error {
+	finalizer := func(environs.BootstrapContext, *instancecfg.InstanceConfig, environs.BootstrapDialOpts) error {
 		return nil
 	}
 	s.FakeCommon.BSFinalizer = finalizer
 
 	ctx := envtesting.BootstrapContext(c)
-	params := environs.BootstrapParams{}
+	params := environs.BootstrapParams{
+		ControllerConfig: testing.FakeControllerConfig(),
+	}
 	result, err := s.Env.Bootstrap(ctx, params)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -87,9 +84,37 @@
 	c.Check(result.Finalize, gc.NotNil)
 }
 
+func (s *environSuite) TestBootstrapOpensAPIPort(c *gc.C) {
+	finalizer := func(environs.BootstrapContext, *instancecfg.InstanceConfig, environs.BootstrapDialOpts) error {
+		return nil
+	}
+	s.FakeCommon.BSFinalizer = finalizer
+
+	ctx := envtesting.BootstrapContext(c)
+	params := environs.BootstrapParams{
+		ControllerConfig: testing.FakeControllerConfig(),
+	}
+	_, err := s.Env.Bootstrap(ctx, params)
+	c.Assert(err, jc.ErrorIsNil)
+	apiPort := params.ControllerConfig.APIPort()
+
+	called, calls := s.FakeConn.WasCalled("OpenPorts")
+	c.Check(called, gc.Equals, true)
+	c.Check(calls, gc.HasLen, 1)
+	c.Check(calls[0].FirewallName, gc.Equals, gce.GlobalFirewallName(s.Env))
+	expectPorts := []network.PortRange{{
+		FromPort: apiPort,
+		ToPort:   apiPort,
+		Protocol: "tcp",
+	}}
+	c.Check(calls[0].PortRanges, jc.DeepEquals, expectPorts)
+}
+
 func (s *environSuite) TestBootstrapCommon(c *gc.C) {
 	ctx := envtesting.BootstrapContext(c)
-	params := environs.BootstrapParams{}
+	params := environs.BootstrapParams{
+		ControllerConfig: testing.FakeControllerConfig(),
+	}
 	_, err := s.Env.Bootstrap(ctx, params)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -115,7 +140,7 @@
 
 	c.Check(s.FakeConn.Calls, gc.HasLen, 1)
 	c.Check(s.FakeConn.Calls[0].FuncName, gc.Equals, "Ports")
-	fwname := s.Prefix[:len(s.Prefix)-1]
+	fwname := common.EnvFullName(s.Env.Config().UUID())
 	c.Check(s.FakeConn.Calls[0].FirewallName, gc.Equals, fwname)
 	s.FakeCommon.CheckCalls(c, []gce.FakeCall{{
 		FuncName: "Destroy",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,7 +18,6 @@
 	CheckInstanceType                                 = checkInstanceType
 	GetMetadata                                       = getMetadata
 	GetDisks                                          = getDisks
-	ConfigImmutable                                   = configImmutableFields
 	UbuntuImageBasePath                               = ubuntuImageBasePath
 	UbuntuDailyImageBasePath                          = ubuntuDailyImageBasePath
 	WindowsImageBasePath                              = windowsImageBasePath
@@ -36,10 +35,6 @@
 	return env.parseAvailabilityZones(args)
 }
 
-func UnsetEnvConfig(env *environ) {
-	env.ecfg = nil
-}
-
 func ExposeEnvConfig(env *environ) *environConfig {
 	return env.ecfg
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/gce.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/gce.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/gce.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/gce.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,13 +5,10 @@
 
 import (
 	"github.com/juju/loggo"
-
-	"github.com/juju/juju/environs/tags"
 )
 
 // The metadata keys used when creating new instances.
 const (
-	metadataKeyIsState = tags.JujuModel
 	// This is defined by the cloud-init code:
 	// http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/sources/DataSourceGCE.py
 	// http://cloudinit.readthedocs.org/en/latest/
@@ -25,12 +22,6 @@
 	metadataKeySSHKeys = "sshKeys"
 )
 
-// Common metadata values used when creating new instances.
-const (
-	metadataValueTrue  = "true"
-	metadataValueFalse = "false"
-)
-
 const (
 	// See https://cloud.google.com/compute/docs/operating-systems/linux-os#ubuntu
 	// TODO(ericsnow) Should this be handled in cloud-images (i.e.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/config_connection_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/config_connection_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/config_connection_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/config_connection_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,8 +32,8 @@
 	}
 	err := cfg.Validate()
 
-	c.Assert(err, gc.FitsTypeOf, &google.InvalidConfigValue{})
-	c.Check(err.(*google.InvalidConfigValue).Key, gc.Equals, "GCE_REGION")
+	c.Assert(err, gc.FitsTypeOf, &google.InvalidConfigValueError{})
+	c.Check(err.(*google.InvalidConfigValueError).Key, gc.Equals, "GCE_REGION")
 }
 
 func (*connConfigSuite) TestValidateMissingProjectID(c *gc.C) {
@@ -42,6 +42,6 @@
 	}
 	err := cfg.Validate()
 
-	c.Assert(err, gc.FitsTypeOf, &google.InvalidConfigValue{})
-	c.Check(err.(*google.InvalidConfigValue).Key, gc.Equals, "GCE_PROJECT_ID")
+	c.Assert(err, gc.FitsTypeOf, &google.InvalidConfigValueError{})
+	c.Check(err.(*google.InvalidConfigValueError).Key, gc.Equals, "GCE_PROJECT_ID")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/config_credentials_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/config_credentials_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/config_credentials_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/config_credentials_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,13 +49,6 @@
 	})
 }
 
-func (s *credentialsSuite) TestNewCredentialsEmpty(c *gc.C) {
-	creds, err := google.NewCredentials(nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(creds, jc.DeepEquals, &google.Credentials{})
-}
-
 func (s *credentialsSuite) TestNewCredentialsUnrecognized(c *gc.C) {
 	values := map[string]string{
 		"spam": "eggs",
@@ -65,6 +58,19 @@
 	c.Check(err, jc.Satisfies, errors.IsNotSupported)
 }
 
+func (s *credentialsSuite) TestNewCredentialsValidates(c *gc.C) {
+	values := map[string]string{
+		google.OSEnvClientEmail: "xyz@g.com",
+		google.OSEnvPrivateKey:  "<some-key>",
+		google.OSEnvProjectID:   "yup",
+	}
+	_, err := google.NewCredentials(values)
+	// This error comes from Credentials.Validate so by implication
+	// if we're getting this error, validation is being performed.
+	c.Check(err, gc.ErrorMatches, `invalid config value \(\) for "GCE_CLIENT_ID": missing ClientID`)
+	c.Assert(err, jc.Satisfies, google.IsInvalidConfigValueError)
+}
+
 func (s *credentialsSuite) TestParseJSONKey(c *gc.C) {
 	original := `
 {
@@ -121,8 +127,8 @@
 	}
 	err := creds.Validate()
 
-	c.Assert(err, jc.Satisfies, google.IsInvalidConfigValue)
-	c.Check(err.(*google.InvalidConfigValue).Key, gc.Equals, "GCE_CLIENT_ID")
+	c.Assert(err, jc.Satisfies, google.IsInvalidConfigValueError)
+	c.Check(err.(*google.InvalidConfigValueError).Key, gc.Equals, "GCE_CLIENT_ID")
 }
 
 func (*credentialsSuite) TestValidateBadEmail(c *gc.C) {
@@ -133,8 +139,8 @@
 	}
 	err := creds.Validate()
 
-	c.Assert(err, jc.Satisfies, google.IsInvalidConfigValue)
-	c.Check(err.(*google.InvalidConfigValue).Key, gc.Equals, "GCE_CLIENT_EMAIL")
+	c.Assert(err, jc.Satisfies, google.IsInvalidConfigValueError)
+	c.Check(err.(*google.InvalidConfigValueError).Key, gc.Equals, "GCE_CLIENT_EMAIL")
 }
 
 func (*credentialsSuite) TestValidateMissingKey(c *gc.C) {
@@ -144,6 +150,6 @@
 	}
 	err := creds.Validate()
 
-	c.Assert(err, jc.Satisfies, google.IsInvalidConfigValue)
-	c.Check(err.(*google.InvalidConfigValue).Key, gc.Equals, "GCE_PRIVATE_KEY")
+	c.Assert(err, jc.Satisfies, google.IsInvalidConfigValueError)
+	c.Check(err.(*google.InvalidConfigValueError).Key, gc.Equals, "GCE_PRIVATE_KEY")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/config.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -72,15 +72,14 @@
 			return nil, errors.NotSupportedf("key %q", k)
 		}
 	}
-
-	if err := creds.Validate(); err == nil {
-		jk, err := creds.buildJSONKey()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		creds.JSONKey = jk
+	if err := creds.Validate(); err != nil {
+		return nil, errors.Trace(err)
 	}
-
+	jk, err := creds.buildJSONKey()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	creds.JSONKey = jk
 	return &creds, nil
 }
 
@@ -173,7 +172,7 @@
 		return NewMissingConfigValue(OSEnvClientEmail, "ClientEmail")
 	}
 	if _, err := mail.ParseAddress(gc.ClientEmail); err != nil {
-		return NewInvalidConfigValue(OSEnvClientEmail, gc.ClientEmail, err)
+		return NewInvalidConfigValueError(OSEnvClientEmail, gc.ClientEmail, err)
 	}
 	if len(gc.PrivateKey) == 0 {
 		return NewMissingConfigValue(OSEnvPrivateKey, "PrivateKey")
@@ -193,7 +192,7 @@
 }
 
 // Validate checks the connection's fields for invalid values.
-// If the values are not valid, it returns a config.InvalidConfigValue
+// If the values are not valid, it returns a config.InvalidConfigValueError
 // error with the key set to the corresponding OS environment variable
 // name.
 //
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/errors.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/errors.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/errors.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/errors.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,74 +9,49 @@
 	"github.com/juju/errors"
 )
 
-// InvalidConfigValue indicates that one of the config values failed validation.
-type InvalidConfigValue struct {
+// InvalidConfigValueError indicates that one of the config values failed validation.
+type InvalidConfigValueError struct {
 	errors.Err
-	cause error
 
 	// Key is the OS env var corresponding to the field with the bad value.
 	Key string
 
 	// Value is the invalid value.
 	Value interface{}
-
-	// Reason is the underlying error.
-	Reason error
 }
 
-// IsInvalidConfigValue returns whether or not the provided error is
-// an InvalidConfigValue (or caused by one).
-func IsInvalidConfigValue(err error) bool {
-	if _, ok := err.(*InvalidConfigValue); ok {
-		return true
-	}
-	err = errors.Cause(err)
-	_, ok := err.(InvalidConfigValue)
+// IsInvalidConfigValueError returns whether or not the cause of
+// the provided error is a *InvalidConfigValueError.
+func IsInvalidConfigValueError(err error) bool {
+	_, ok := errors.Cause(err).(*InvalidConfigValueError)
 	return ok
 }
 
-// NewInvalidConfigValue returns a new InvalidConfigValue for the given
+// NewInvalidConfigValueError returns a new InvalidConfigValueError for the given
 // info. If the provided reason is an error then Reason is set to that
 // error. Otherwise a non-nil value is treated as a string and Reason is
 // set to a non-nil value that wraps it.
-func NewInvalidConfigValue(key string, value, reason interface{}) error {
-	var underlying error
-	switch reason := reason.(type) {
-	case error:
-		underlying = reason
-	default:
-		if reason != nil {
-			underlying = errors.Errorf("%v", reason)
-		}
-	}
-	err := &InvalidConfigValue{
-		cause:  errors.NewNotValid(underlying, "GCE config value"),
-		Key:    key,
-		Value:  value,
-		Reason: underlying,
+func NewInvalidConfigValueError(key, value string, reason error) error {
+	err := &InvalidConfigValueError{
+		Err:   *errors.Mask(reason).(*errors.Err),
+		Key:   key,
+		Value: value,
 	}
-	err.Err = errors.NewErr("config value")
 	err.Err.SetLocation(1)
 	return err
 }
 
-// NewMissingConfigValue returns a new error for a missing config field.
-func NewMissingConfigValue(key, field string) error {
-	return NewInvalidConfigValue(key, "", "missing "+field)
-}
-
-// Cause implements errors.causer. This is necessary so that
-// errors.IsNotValid works.
-func (err *InvalidConfigValue) Cause() error {
-	return err.cause
+// Cause implements errors.Causer.Cause.
+func (err *InvalidConfigValueError) Cause() error {
+	return err
 }
 
-// Underlying implements errors.wrapper.
-func (err InvalidConfigValue) Underlying() error {
-	return err.cause
+// NewMissingConfigValue returns a new error for a missing config field.
+func NewMissingConfigValue(key, field string) error {
+	return NewInvalidConfigValueError(key, "", errors.New("missing "+field))
 }
 
 // Error implements error.
-func (err InvalidConfigValue) Error() string {
-	return fmt.Sprintf("invalid config value (%s) for %q: %v", err.Value, err.Key, err.Reason)
+func (err InvalidConfigValueError) Error() string {
+	return fmt.Sprintf("invalid config value (%s) for %q: %v", err.Value, err.Key, &err.Err)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/raw.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/raw.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/google/raw.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/google/raw.go	2016-07-18 19:45:44.000000000 +0000
@@ -326,6 +326,7 @@
 // status. It follows the given attempt strategy (e.g. wait time between
 // attempts) and may time out.
 func (rc *rawConn) waitOperation(projectID string, op *compute.Operation, attempts utils.AttemptStrategy) error {
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	started := time.Now()
 	logger.Infof("GCE operation %q, waiting...", op.Name)
 	for a := attempts.Start(); a.Next(); {
@@ -340,6 +341,7 @@
 		}
 	}
 	if op.Status != StatusDone {
+		// lp:1558657
 		err := errors.Errorf("timed out after %d seconds", time.Now().Sub(started)/time.Second)
 		return waitError{op, err}
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,6 @@
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/gce/google"
 	"github.com/juju/juju/status"
 )
@@ -72,16 +71,22 @@
 // should have been started with the given machine id.
 func (inst *environInstance) OpenPorts(machineID string, ports []network.PortRange) error {
 	// TODO(ericsnow) Make sure machineId matches inst.Id()?
-	name := common.MachineFullName(inst.env.Config().UUID(), machineID)
-	err := inst.env.gce.OpenPorts(name, ports...)
+	name, err := inst.env.namespace.Hostname(machineID)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	err = inst.env.gce.OpenPorts(name, ports...)
 	return errors.Trace(err)
 }
 
 // ClosePorts closes the given ports on the instance, which
 // should have been started with the given machine id.
 func (inst *environInstance) ClosePorts(machineID string, ports []network.PortRange) error {
-	name := common.MachineFullName(inst.env.Config().UUID(), machineID)
-	err := inst.env.gce.ClosePorts(name, ports...)
+	name, err := inst.env.namespace.Hostname(machineID)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	err = inst.env.gce.ClosePorts(name, ports...)
 	return errors.Trace(err)
 }
 
@@ -89,7 +94,10 @@
 // should have been started with the given machine id.
 // The ports are returned as sorted by SortPorts.
 func (inst *environInstance) Ports(machineID string) ([]network.PortRange, error) {
-	name := common.MachineFullName(inst.env.Config().UUID(), machineID)
+	name, err := inst.env.namespace.Hostname(machineID)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 	ports, err := inst.env.gce.Ports(name)
 	return ports, errors.Trace(err)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/instance_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/instance_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/instance_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/instance_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,7 +49,7 @@
 }
 
 func (s *instanceSuite) TestOpenPortsAPI(c *gc.C) {
-	err := s.Instance.OpenPorts("spam", s.Ports)
+	err := s.Instance.OpenPorts("42", s.Ports)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(s.FakeConn.Calls, gc.HasLen, 1)
@@ -59,7 +59,7 @@
 }
 
 func (s *instanceSuite) TestClosePortsAPI(c *gc.C) {
-	err := s.Instance.ClosePorts("spam", s.Ports)
+	err := s.Instance.ClosePorts("42", s.Ports)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(s.FakeConn.Calls, gc.HasLen, 1)
@@ -71,14 +71,14 @@
 func (s *instanceSuite) TestPorts(c *gc.C) {
 	s.FakeConn.PortRanges = s.Ports
 
-	ports, err := s.Instance.Ports("spam")
+	ports, err := s.Instance.Ports("42")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(ports, jc.DeepEquals, s.Ports)
 }
 
 func (s *instanceSuite) TestPortsAPI(c *gc.C) {
-	_, err := s.Instance.Ports("spam")
+	_, err := s.Instance.Ports("42")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(s.FakeConn.Calls, gc.HasLen, 1)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,6 +5,7 @@
 
 import (
 	"github.com/juju/errors"
+	"gopkg.in/juju/environschema.v1"
 
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs"
@@ -31,7 +32,7 @@
 	case cloud.JSONFileAuthType:
 		var err error
 		filename := args.Credentials.Attributes()["file"]
-		args.Credentials, err = parseJSONAuthFile(filename)
+		args.Credentials, err = ParseJSONAuthFile(filename)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -40,10 +41,10 @@
 		credentialAttrs := args.Credentials.Attributes()
 		var err error
 		cfg, err = args.Config.Apply(map[string]interface{}{
-			"project-id":   credentialAttrs["project-id"],
-			"client-id":    credentialAttrs["client-id"],
-			"client-email": credentialAttrs["client-email"],
-			"private-key":  credentialAttrs["private-key"],
+			cfgProjectID:   credentialAttrs[cfgProjectID],
+			cfgClientID:    credentialAttrs[cfgClientID],
+			cfgClientEmail: credentialAttrs[cfgClientEmail],
+			cfgPrivateKey:  credentialAttrs[cfgPrivateKey],
 		})
 		if err != nil {
 			return nil, errors.Trace(err)
@@ -51,7 +52,18 @@
 	default:
 		return nil, errors.NotSupportedf("%q auth-type", authType)
 	}
-	return p.PrepareForCreateEnvironment(cfg)
+	// Ensure cloud info is in config.
+	var err error
+	cfg, err = cfg.Apply(map[string]interface{}{
+		cfgRegion: args.CloudRegion,
+		// TODO (anastasiamac 2016-06-09) at some stage will need to
+		//  also add endpoint and storage endpoint.
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	return p.PrepareForCreateEnvironment(args.ControllerUUID, cfg)
 }
 
 // PrepareForBootstrap implements environs.EnvironProvider.
@@ -68,8 +80,17 @@
 	return env, nil
 }
 
+// Schema returns the configuration schema for an environment.
+func (environProvider) Schema() environschema.Fields {
+	fields, err := config.Schema(configSchema)
+	if err != nil {
+		panic(err)
+	}
+	return fields
+}
+
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (p environProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (p environProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	return configWithDefaults(cfg)
 }
 
@@ -93,42 +114,24 @@
 // RestrictedConfigAttributes is specified in the EnvironProvider interface.
 func (environProvider) RestrictedConfigAttributes() []string {
 	return []string{
-		cfgPrivateKey,
-		cfgClientID,
-		cfgClientEmail,
 		cfgRegion,
-		cfgProjectID,
 		cfgImageEndpoint,
 	}
 }
 
-// Validate implements environs.EnvironProvider.
-func (environProvider) Validate(cfg, old *config.Config) (valid *config.Config, err error) {
-	if old == nil {
-		ecfg, err := newValidConfig(cfg, configDefaults)
-		if err != nil {
-			return nil, errors.Annotate(err, "invalid config")
-		}
-		return ecfg.Config, nil
-	}
-
-	// The defaults should be set already, so we pass nil.
-	ecfg, err := newValidConfig(old, nil)
+// Validate implements environs.EnvironProvider.Validate.
+func (environProvider) Validate(cfg, old *config.Config) (*config.Config, error) {
+	newCfg, err := newConfig(cfg, old)
 	if err != nil {
-		return nil, errors.Annotate(err, "invalid base config")
-	}
-
-	if err := ecfg.update(cfg); err != nil {
-		return nil, errors.Annotate(err, "invalid config change")
+		return nil, errors.Annotate(err, "invalid config")
 	}
-
-	return ecfg.Config, nil
+	return newCfg.config, nil
 }
 
-// SecretAttrs implements environs.EnvironProvider.
+// SecretAttrs implements environs.EnvironProvider.SecretAttrs.
 func (environProvider) SecretAttrs(cfg *config.Config) (map[string]string, error) {
 	// The defaults should be set already, so we pass nil.
-	ecfg, err := newValidConfig(cfg, nil)
+	ecfg, err := newConfig(cfg, nil)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/testing_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/testing_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/gce/testing_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/gce/testing_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,6 +21,7 @@
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/instances"
 	"github.com/juju/juju/environs/simplestreams"
+	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
@@ -79,10 +80,10 @@
 type BaseSuiteUnpatched struct {
 	gitjujutesting.IsolationSuite
 
-	Config    *config.Config
-	EnvConfig *environConfig
-	Env       *environ
-	Prefix    string
+	ControllerUUID string
+	Config         *config.Config
+	EnvConfig      *environConfig
+	Env            *environ
 
 	Addresses       []network.Address
 	BaseInstance    *google.Instance
@@ -104,11 +105,16 @@
 func (s *BaseSuiteUnpatched) SetUpTest(c *gc.C) {
 	s.IsolationSuite.SetUpTest(c)
 
+	s.ControllerUUID = testing.FakeControllerConfig().ControllerUUID()
 	s.initEnv(c)
 	s.initInst(c)
 	s.initNet(c)
 }
 
+func (s *BaseSuiteUnpatched) Prefix() string {
+	return s.Env.namespace.Prefix()
+}
+
 func (s *BaseSuiteUnpatched) initEnv(c *gc.C) {
 	s.Env = &environ{
 		name: "google",
@@ -125,7 +131,7 @@
 
 	cons := constraints.Value{InstanceType: &allInstanceTypes[0].Name}
 
-	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(cons, cons, "trusty", "")
+	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(testing.FakeControllerConfig(), cons, cons, "trusty", "")
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = instanceConfig.SetTools(coretools.List(tools))
@@ -139,10 +145,15 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.UbuntuMetadata = map[string]string{
-		metadataKeyIsState:   metadataValueTrue,
-		metadataKeyCloudInit: string(userData),
-		metadataKeyEncoding:  "base64",
-		metadataKeySSHKeys:   authKeys,
+		tags.JujuIsController: "true",
+		tags.JujuController:   s.ControllerUUID,
+		metadataKeyCloudInit:  string(userData),
+		metadataKeyEncoding:   "base64",
+		metadataKeySSHKeys:    authKeys,
+	}
+	instanceConfig.Tags = map[string]string{
+		tags.JujuIsController: "true",
+		tags.JujuController:   s.ControllerUUID,
 	}
 	s.WindowsMetadata = map[string]string{
 		metadataKeyWindowsUserdata: string(userData),
@@ -155,9 +166,11 @@
 	}}
 	s.Instance = s.NewInstance(c, "spam")
 	s.BaseInstance = s.Instance.base
-	s.InstName = s.Prefix + "machine-spam"
+	s.InstName, err = s.Env.namespace.Hostname("42")
+	c.Assert(err, jc.ErrorIsNil)
 
 	s.StartInstArgs = environs.StartInstanceParams{
+		ControllerUUID: s.ControllerUUID,
 		InstanceConfig: instanceConfig,
 		Tools:          tools,
 		Constraints:    cons,
@@ -189,13 +202,15 @@
 
 func (s *BaseSuiteUnpatched) setConfig(c *gc.C, cfg *config.Config) {
 	s.Config = cfg
-	ecfg, err := newValidConfig(cfg, configDefaults)
+	ecfg, err := newConfig(cfg, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	s.EnvConfig = ecfg
 	uuid := cfg.UUID()
 	s.Env.uuid = uuid
 	s.Env.ecfg = s.EnvConfig
-	s.Prefix = "juju-" + uuid + "-"
+	namespace, err := instance.NewNamespace(uuid)
+	c.Assert(err, jc.ErrorIsNil)
+	s.Env.namespace = namespace
 }
 
 func (s *BaseSuiteUnpatched) NewConfig(c *gc.C, updates testing.Attrs) *config.Config {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -124,13 +124,12 @@
 	return common.Bootstrap(ctx, env, args)
 }
 
-func (env *joyentEnviron) ControllerInstances() ([]instance.Id, error) {
+func (env *joyentEnviron) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
 	instanceIds := []instance.Id{}
 
 	filter := cloudapi.NewFilter()
 	filter.Set(tagKey("group"), "juju")
-	filter.Set(tagKey("model"), env.Config().Name())
-	filter.Set(tagKey(tags.JujuModel), env.Config().UUID())
+	filter.Set(tagKey(tags.JujuModel), controllerUUID)
 	filter.Set(tagKey(tags.JujuIsController), "true")
 
 	machines, err := env.compute.cloudapi.ListMachines(filter)
@@ -153,6 +152,12 @@
 	return errors.Trace(common.Destroy(env))
 }
 
+// DestroyController implements the Environ interface.
+func (env *joyentEnviron) DestroyController(controllerUUID string) error {
+	// TODO(wallyworld): destroy hosted model resources
+	return env.Destroy()
+}
+
 func (env *joyentEnviron) Ecfg() *environConfig {
 	env.lock.Lock()
 	defer env.lock.Unlock()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/environ_instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/environ_instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/environ_instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/environ_instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,8 +12,8 @@
 	"github.com/joyent/gocommon/client"
 	"github.com/joyent/gosdc/cloudapi"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/arch"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cloudconfig/cloudinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -44,7 +44,7 @@
 	if err != nil {
 		return nil, err
 	}
-	client := client.NewClient(cfg.sdcUrl(), cloudapi.DefaultAPIVersion, creds, &logger)
+	client := client.NewClient(cfg.sdcUrl(), cloudapi.DefaultAPIVersion, creds, newGoLogger())
 
 	return &joyentCompute{
 		ecfg:     cfg,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,6 +17,7 @@
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/bootstrap"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/instances"
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
@@ -210,17 +211,19 @@
 
 // MakeConfig creates a functional environConfig for a test.
 func MakeConfig(c *gc.C, attrs testing.Attrs) *environConfig {
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
-		environs.PrepareParams{
-			BaseConfig:     attrs,
-			ControllerName: attrs["name"].(string),
-			CloudName:      "joyent",
+		bootstrap.PrepareParams{
+			ControllerConfig: testing.FakeControllerConfig(),
+			BaseConfig:       attrs,
+			ControllerName:   attrs["name"].(string),
+			CloudName:        "joyent",
 			Credential: cloud.NewCredential(
 				cloud.UserPassAuthType,
 				CredentialsAttributes(attrs),
 			),
+			AdminSecret: "sekrit",
 		},
 	)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/joyent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/joyent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/joyent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/joyent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -72,7 +72,7 @@
 
 func GetFakeConfig(sdcUrl string) coretesting.Attrs {
 	return coretesting.FakeConfig().Merge(coretesting.Attrs{
-		"name":          "joyent test model",
+		"name":          "joyent-test-model",
 		"type":          "joyent",
 		"sdc-user":      testUser,
 		"sdc-key-id":    testKeyFingerprint,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/local_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/local_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/local_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/local_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,7 +24,7 @@
 	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/environs/tools"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/provider/joyent"
 	coretesting "github.com/juju/juju/testing"
@@ -116,7 +116,7 @@
 func (s *localServerSuite) SetUpSuite(c *gc.C) {
 	s.providerSuite.SetUpSuite(c)
 	s.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 
 	restoreFinishBootstrap := envtesting.DisableFinishBootstrap()
 	s.AddCleanup(func(*gc.C) { restoreFinishBootstrap() })
@@ -158,18 +158,26 @@
 // allocate a public address.
 func (s *localServerSuite) TestStartInstance(c *gc.C) {
 	env := s.Prepare(c)
-	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := testing.AssertStartInstance(c, env, "100")
+	inst, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	err = env.StopInstances(inst.Id())
 	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *localServerSuite) TestStartInstanceAvailabilityZone(c *gc.C) {
 	env := s.Prepare(c)
-	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
-	inst, hwc := testing.AssertStartInstance(c, env, "100")
+	inst, hwc := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	err = env.StopInstances(inst.Id())
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -178,9 +186,13 @@
 
 func (s *localServerSuite) TestStartInstanceHardwareCharacteristics(c *gc.C) {
 	env := s.Prepare(c)
-	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
-	_, hc := testing.AssertStartInstanceWithConstraints(c, env, "100", constraints.MustParse("mem=1024"))
+	_, hc := testing.AssertStartInstanceWithConstraints(c, env, s.ControllerUUID, "100", constraints.MustParse("mem=1024"))
 	c.Check(*hc.Arch, gc.Equals, "amd64")
 	c.Check(*hc.Mem, gc.Equals, uint64(1024))
 	c.Check(*hc.CpuCores, gc.Equals, uint64(1))
@@ -236,7 +248,7 @@
 
 func (s *localServerSuite) TestInstanceStatus(c *gc.C) {
 	env := s.Prepare(c)
-	inst, _ := testing.AssertStartInstance(c, env, "100")
+	inst, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	c.Assert(inst.Status().Message, gc.Equals, "running")
 	err := env.StopInstances(inst.Id())
 	c.Assert(err, jc.ErrorIsNil)
@@ -244,9 +256,9 @@
 
 func (s *localServerSuite) TestInstancesGathering(c *gc.C) {
 	env := s.Prepare(c)
-	inst0, _ := testing.AssertStartInstance(c, env, "100")
+	inst0, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	id0 := inst0.Id()
-	inst1, _ := testing.AssertStartInstance(c, env, "101")
+	inst1, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "101")
 	id1 := inst1.Id()
 	c.Logf("id0: %s, id1: %s", id0, id1)
 	defer func() {
@@ -285,11 +297,15 @@
 // It should be moved to environs.jujutests.Tests.
 func (s *localServerSuite) TestBootstrapInstanceUserDataAndState(c *gc.C) {
 	env := s.Prepare(c)
-	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(bootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// check that ControllerInstances returns the id of the bootstrap machine.
-	instanceIds, err := env.ControllerInstances()
+	instanceIds, err := env.ControllerInstances(s.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(instanceIds, gc.HasLen, 1)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,15 +6,10 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/testing"
-
 	gc "gopkg.in/check.v1"
 )
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1497801")
-	}
 	registerLocalTests()
 	gc.TestingT(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/joyent/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/joyent/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package joyent
 
 import (
+	"log"
+
 	"github.com/joyent/gocommon/client"
 	joyenterrors "github.com/joyent/gocommon/errors"
 	"github.com/joyent/gosdc/cloudapi"
@@ -19,6 +21,22 @@
 
 var logger = loggo.GetLogger("juju.provider.joyent")
 
+// TODO(ericsnow) gologWriter can go away once loggo.Logger has a GoLogger() method.
+
+type gologWriter struct {
+	loggo.Logger
+	level loggo.Level
+}
+
+func newGoLogger() *log.Logger {
+	return log.New(&gologWriter{logger, loggo.TRACE}, "", 0)
+}
+
+func (w *gologWriter) Write(p []byte) (n int, err error) {
+	w.Logf(w.level, string(p))
+	return len(p), nil
+}
+
 type joyentProvider struct {
 	environProviderCredentials
 }
@@ -34,7 +52,7 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (joyentProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (joyentProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	return cfg, nil
 }
 
@@ -58,7 +76,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	return p.PrepareForCreateEnvironment(cfg)
+	return p.PrepareForCreateEnvironment(args.ControllerUUID, cfg)
 }
 
 // PrepareForBootstrap is specified in the EnvironProvider interface.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/config.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,7 +20,6 @@
 
 // The LXD-specific config keys.
 const (
-	cfgNamespace     = "namespace"
 	cfgRemoteURL     = "remote-url"
 	cfgClientCert    = "client-cert"
 	cfgClientKey     = "client-key"
@@ -30,11 +29,6 @@
 // configSchema defines the schema for the configuration attributes
 // defined by the LXD provider.
 var configSchema = environschema.Fields{
-	cfgNamespace: {
-		Description: `Identifies the namespace to associate with containers created by the provider.  It is prepended to the container names.  By default the model's name is used as the namespace.`,
-		Type:        environschema.Tstring,
-		Immutable:   true,
-	},
 	cfgRemoteURL: {
 		Description: `Identifies the LXD API server to use for managing containers, if any.`,
 		Type:        environschema.Tstring,
@@ -62,7 +56,6 @@
 	// (or if) environschema.Attr supports defaults.
 
 	configBaseDefaults = schema.Defaults{
-		cfgNamespace:     "",
 		cfgRemoteURL:     "",
 		cfgClientCert:    "",
 		cfgClientKey:     "",
@@ -102,17 +95,6 @@
 		updated[k] = v
 	}
 
-	// Set the proper default namespace.
-	raw := updated[cfgNamespace]
-	if raw == nil || raw.(string) == "" {
-		raw = cfg.Name()
-		updated[cfgNamespace] = raw
-	}
-
-	if val, ok := cfg.UnknownAttrs()[cfgNamespace]; ok && val == "" {
-		unset = append(unset, cfgNamespace)
-	}
-
 	return updated, unset
 }
 
@@ -190,11 +172,6 @@
 	return ecfg, nil
 }
 
-func (c *environConfig) namespace() string {
-	raw := c.attrs[cfgNamespace]
-	return raw.(string)
-}
-
 func (c *environConfig) dirname() string {
 	// TODO(ericsnow) Put it under one of the juju/paths.*() directories.
 	return ""
@@ -236,8 +213,7 @@
 	}
 
 	cfg := lxdclient.Config{
-		Namespace: c.namespace(),
-		Remote:    remote,
+		Remote: remote,
 	}
 	cfg, err := cfg.WithDefaults()
 	if err != nil {
@@ -256,10 +232,7 @@
 	}
 	clientCfg = nonlocal
 
-	c.attrs[cfgNamespace] = clientCfg.Namespace
-
 	c.attrs[cfgRemoteURL] = clientCfg.Remote.Host
-
 	c.attrs[cfgServerPEMCert] = clientCfg.Remote.ServerPEMCert
 
 	var cert lxdclient.Cert
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -43,7 +43,6 @@
 	c.Assert(extras, gc.HasLen, 0)
 
 	c.Check(values, jc.DeepEquals, lxd.ConfigValues{
-		Namespace:  cfg.Name(),
 		RemoteURL:  "",
 		ClientCert: "",
 		ClientKey:  "",
@@ -61,7 +60,6 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(clientCfg, jc.DeepEquals, lxdclient.Config{
-		Namespace: cfg.Name(),
 		Remote: lxdclient.Remote{
 			Name:          "juju-remote",
 			Host:          "",
@@ -86,7 +84,6 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(clientCfg, jc.DeepEquals, lxdclient.Config{
-		Namespace: cfg.Name(),
 		Remote: lxdclient.Remote{
 			Name:     "juju-remote",
 			Host:     "10.0.0.1",
@@ -114,7 +111,6 @@
 	c.Assert(extras, gc.HasLen, 0)
 
 	c.Check(values, jc.DeepEquals, lxd.ConfigValues{
-		Namespace:  cfg.Name(),
 		RemoteURL:  "",
 		ClientCert: "",
 		ClientKey:  "",
@@ -144,14 +140,12 @@
 	c.Assert(extras, gc.HasLen, 0)
 
 	c.Check(before, jc.DeepEquals, lxd.ConfigValues{
-		Namespace:  cfg.Name(),
 		RemoteURL:  "10.0.0.1",
 		ClientCert: "<a valid x.509 cert>",
 		ClientKey:  "<a valid x.509 key>",
 		ServerCert: "<a valid x.509 server cert>",
 	})
 	c.Check(after, jc.DeepEquals, lxd.ConfigValues{
-		Namespace:  cfg.Name(),
 		RemoteURL:  "10.0.0.1",
 		ClientCert: "<a valid x.509 cert>",
 		ClientKey:  "<a valid x.509 key>",
@@ -181,7 +175,6 @@
 	c.Assert(extras, gc.HasLen, 0)
 
 	c.Check(before, jc.DeepEquals, lxd.ConfigValues{
-		Namespace:  cfg.Name(),
 		RemoteURL:  "10.0.0.1",
 		ClientCert: "",
 		ClientKey:  "",
@@ -192,7 +185,6 @@
 	after.ClientKey = ""
 	after.ServerCert = ""
 	c.Check(after, jc.DeepEquals, lxd.ConfigValues{
-		Namespace:  cfg.Name(),
 		RemoteURL:  "10.0.0.1",
 		ClientCert: "",
 		ClientKey:  "",
@@ -283,14 +275,6 @@
 }
 
 var newConfigTests = []configTestSpec{{
-	info:   "namespace is optional",
-	remove: []string{"namespace"},
-	expect: testing.Attrs{"namespace": "testenv"},
-}, {
-	info:   "namespace can be empty",
-	insert: testing.Attrs{"namespace": ""},
-	expect: testing.Attrs{"namespace": "testenv"},
-}, {
 	info:   "remote-url is optional",
 	remove: []string{"remote-url"},
 	expect: testing.Attrs{"remote-url": ""},
@@ -403,15 +387,6 @@
 	info:   "no change, no error",
 	expect: lxd.ConfigAttrs,
 }, {
-	info:   "cannot change namespace",
-	insert: testing.Attrs{"namespace": "spam"},
-	err:    "namespace: cannot change from testenv to spam",
-	//}, {
-	// TODO(ericsnow) This triggers cert generation...
-	//	info:   "cannot change remote-url",
-	//	insert: testing.Attrs{"remote-url": "eggs"},
-	//	err:    "remote-url: cannot change from  to eggs",
-}, {
 	info:   "can insert unknown field",
 	insert: testing.Attrs{"unknown": "ignoti"},
 	expect: testing.Attrs{"unknown": "ignoti"},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_broker.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_broker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_broker.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,13 +12,11 @@
 	"github.com/juju/errors"
 	"github.com/juju/utils/arch"
 
-	"github.com/juju/juju/agent"
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/cloudconfig/providerinit"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/status"
 	"github.com/juju/juju/tools"
@@ -86,13 +84,6 @@
 		return errors.Trace(err)
 	}
 
-	// TODO: evaluate the impact of setting the constraints on the
-	// instanceConfig for all machines rather than just controller nodes.
-	// This limitation is why the constraints are assigned directly here.
-	args.InstanceConfig.Constraints = args.Constraints
-
-	args.InstanceConfig.AgentEnvironment[agent.Namespace] = env.ecfg.namespace()
-
 	return nil
 }
 
@@ -139,7 +130,10 @@
 // provisioned, relative to the provided args and spec. Info for that
 // low-level instance is returned.
 func (env *environ) newRawInstance(args environs.StartInstanceParams) (*lxdclient.Instance, error) {
-	machineID := common.MachineFullName(env.Config().UUID(), args.InstanceConfig.MachineId)
+	hostname, err := env.namespace.Hostname(args.InstanceConfig.MachineId)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 
 	// Note: other providers have the ImageMetadata already read for them
 	// and passed in as args.ImageMetadata. However, lxd provider doesn't
@@ -179,7 +173,7 @@
 	// TODO(ericsnow) Support multiple networks?
 	// TODO(ericsnow) Use a different net interface name? Configurable?
 	instSpec := lxdclient.InstanceSpec{
-		Name:  machineID,
+		Name:  hostname,
 		Image: image,
 		//Type:              spec.InstanceType.Name,
 		//Disks:             getDisks(spec, args.Constraints),
@@ -295,7 +289,7 @@
 		ids = append(ids, string(id))
 	}
 
-	prefix := common.MachineFullName(env.Config().UUID(), "")
+	prefix := env.namespace.Prefix()
 	err := env.raw.RemoveInstances(prefix, ids...)
 	return errors.Trace(err)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_broker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_broker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_broker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_broker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,7 +31,6 @@
 	s.PatchValue(&arch.HostArch, func() string { return arch.ARM64 })
 
 	result, err := s.Env.StartInstance(s.StartInstArgs)
-
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(result.Instance, gc.DeepEquals, s.Instance)
 	c.Check(result.Hardware, gc.DeepEquals, s.HWC)
@@ -55,7 +54,7 @@
 	s.Stub.CheckCalls(c, []gitjujutesting.StubCall{{
 		FuncName: "RemoveInstances",
 		Args: []interface{}{
-			"juju-2d02eeac-9dbb-11e4-89d3-123b93f75cba-machine-",
+			"juju-f75cba-",
 			[]string{"spam"},
 		},
 	}})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/tags"
+	"github.com/juju/juju/instance"
 	"github.com/juju/juju/provider/common"
 )
 
@@ -32,6 +33,9 @@
 	raw  *rawProvider
 	base baseProvider
 
+	// namespace is used to create the machine and device hostnames.
+	namespace instance.Namespace
+
 	lock sync.Mutex
 	ecfg *environConfig
 }
@@ -55,6 +59,11 @@
 		return nil, errors.Trace(err)
 	}
 
+	env.namespace, err = instance.NewNamespace(cfg.UUID())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
 	//TODO(wwitzel3) make sure we are also cleaning up profiles during destroy
 	if err := env.initProfile(); err != nil {
 		return nil, errors.Trace(err)
@@ -155,24 +164,24 @@
 			return errors.Trace(err)
 		}
 	}
-	cfg := env.Config()
-	if cfg.UUID() == cfg.ControllerUUID() {
-		// This is the controller model, so we'll make sure
-		// there are no resources for hosted models remaining.
-		if err := env.destroyHostedModelResources(); err != nil {
-			return errors.Trace(err)
-		}
-	}
 	if err := env.base.DestroyEnv(); err != nil {
 		return errors.Trace(err)
 	}
 	return nil
 }
 
-func (env *environ) destroyHostedModelResources() error {
+// DestroyController implements the Environ interface.
+func (env *environ) DestroyController(controllerUUID string) error {
+	if err := env.Destroy(); err != nil {
+		return errors.Trace(err)
+	}
+	return env.destroyHostedModelResources(controllerUUID)
+}
+
+func (env *environ) destroyHostedModelResources(controllerUUID string) error {
 	// Destroy all instances where juju-controller-uuid,
 	// but not juju-model-uuid, matches env.uuid.
-	prefix := common.EnvFullName("")
+	prefix := env.namespace.Prefix()
 	instances, err := env.prefixedInstances(prefix)
 	if err != nil {
 		return errors.Annotate(err, "listing instances")
@@ -184,7 +193,7 @@
 		if metadata[tags.JujuModel] == env.uuid {
 			continue
 		}
-		if metadata[tags.JujuController] != env.uuid {
+		if metadata[tags.JujuController] != controllerUUID {
 			continue
 		}
 		names = append(names, string(inst.Id()))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,6 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/tools/lxdclient"
 )
 
@@ -70,7 +69,7 @@
 // to ensure that only machines for the environment are returned. This
 // is necessary to isolate multiple models within the same LXD.
 func (env *environ) allInstances() ([]*environInstance, error) {
-	prefix := common.MachineFullName(env.Config().UUID(), "")
+	prefix := env.namespace.Prefix()
 	return env.prefixedInstances(prefix)
 }
 
@@ -94,15 +93,17 @@
 
 // ControllerInstances returns the IDs of the instances corresponding
 // to juju controllers.
-func (env *environ) ControllerInstances() ([]instance.Id, error) {
-	prefix := common.MachineFullName(env.Config().ControllerUUID(), "")
-	instances, err := env.raw.Instances(prefix, lxdclient.AliveStatuses...)
+func (env *environ) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
+	instances, err := env.raw.Instances("juju-", lxdclient.AliveStatuses...)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 
 	var results []instance.Id
 	for _, inst := range instances {
+		if inst.Metadata()[tags.JujuController] != controllerUUID {
+			continue
+		}
 		if inst.Metadata()[tags.JujuIsController] == "true" {
 			results = append(results, instance.Id(inst.Name))
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_instance_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_instance_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_instance_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_instance_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,6 +14,7 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/provider/lxd"
+	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/tools/lxdclient"
 )
 
@@ -46,7 +47,7 @@
 	s.Stub.CheckCalls(c, []gitjujutesting.StubCall{{
 		FuncName: "Instances",
 		Args: []interface{}{
-			s.Prefix + "machine-",
+			s.Prefix(),
 			lxdclient.AliveStatuses,
 		},
 	}})
@@ -96,20 +97,20 @@
 func (s *environInstSuite) TestControllerInstancesOkay(c *gc.C) {
 	s.Client.Insts = []lxdclient.Instance{*s.RawInstance}
 
-	ids, err := s.Env.ControllerInstances()
+	ids, err := s.Env.ControllerInstances(coretesting.ModelTag.Id())
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(ids, jc.DeepEquals, []instance.Id{"spam"})
 	s.BaseSuite.Client.CheckCallNames(c, "Instances")
 	s.BaseSuite.Client.CheckCall(
 		c, 0, "Instances",
-		"juju-"+s.Env.Config().ControllerUUID()+"-machine-",
+		"juju-",
 		[]string{"Starting", "Started", "Running", "Stopping", "Stopped"},
 	)
 }
 
 func (s *environInstSuite) TestControllerInstancesNotBootstrapped(c *gc.C) {
-	_, err := s.Env.ControllerInstances()
+	_, err := s.Env.ControllerInstances("not-used")
 
 	c.Check(err, gc.Equals, environs.ErrNotBootstrapped)
 }
@@ -118,7 +119,7 @@
 	other := lxdclient.NewInstance(lxdclient.InstanceSummary{}, nil)
 	s.Client.Insts = []lxdclient.Instance{*s.RawInstance, *other}
 
-	ids, err := s.Env.ControllerInstances()
+	ids, err := s.Env.ControllerInstances(coretesting.ModelTag.Id())
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(ids, jc.DeepEquals, []instance.Id{"spam"})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_policy.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_policy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_policy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_policy.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 	"github.com/juju/utils/arch"
 
 	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/network"
 )
 
 type policyProvider interface {
@@ -101,14 +100,7 @@
 // common.SupportsUnitPlacementPolicy.
 
 // SupportNetworks returns whether the environment has support to
-// specify networks for services and machines.
+// specify networks for applications and machines.
 func (env *environ) SupportNetworks() bool {
 	return false
 }
-
-// SupportAddressAllocation takes a network.Id and returns a bool
-// and an error. The bool indicates whether that network supports
-// static ip address allocation.
-func (env *environ) SupportAddressAllocation(netID network.Id) (bool, error) {
-	return false, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_policy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_policy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_policy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_policy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -163,10 +163,10 @@
 	validator, err := s.Env.ConstraintsValidator()
 	c.Assert(err, jc.ErrorIsNil)
 
-	cons := constraints.MustParse("container=lxc")
+	cons := constraints.MustParse("container=lxd")
 	_, err = validator.Validate(cons)
 
-	c.Check(err, gc.ErrorMatches, "invalid constraint value: container=lxc\nvalid values are:.*")
+	c.Check(err, gc.ErrorMatches, "invalid constraint value: container=lxd\nvalid values are:.*")
 }
 
 func (s *environPolSuite) TestConstraintsValidatorConflicts(c *gc.C) {
@@ -190,17 +190,3 @@
 
 	c.Check(isSupported, jc.IsFalse)
 }
-
-func (s *environPolSuite) TestSupportAddressAllocation(c *gc.C) {
-	isSupported, err := s.Env.SupportAddressAllocation("some-network")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(isSupported, jc.IsFalse)
-}
-
-func (s *environPolSuite) TestSupportAddressAllocationEmpty(c *gc.C) {
-	isSupported, err := s.Env.SupportAddressAllocation("")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(isSupported, jc.IsFalse)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,9 @@
 	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/environs"
 	envtesting "github.com/juju/juju/environs/testing"
+	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/lxd"
+	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/tools/lxdclient"
 )
 
@@ -69,13 +71,15 @@
 	s.Common.BootstrapResult = &environs.BootstrapResult{
 		Arch:   "amd64",
 		Series: "trusty",
-		Finalize: func(environs.BootstrapContext, *instancecfg.InstanceConfig) error {
+		Finalize: func(environs.BootstrapContext, *instancecfg.InstanceConfig, environs.BootstrapDialOpts) error {
 			return nil
 		},
 	}
 
 	ctx := envtesting.BootstrapContext(c)
-	params := environs.BootstrapParams{}
+	params := environs.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+	}
 	result, err := s.Env.Bootstrap(ctx, params)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -87,7 +91,9 @@
 
 func (s *environSuite) TestBootstrapAPI(c *gc.C) {
 	ctx := envtesting.BootstrapContext(c)
-	params := environs.BootstrapParams{}
+	params := environs.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+	}
 	_, err := s.Env.Bootstrap(ctx, params)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -110,7 +116,7 @@
 	err := s.Env.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 
-	fwname := s.Prefix[:len(s.Prefix)-1]
+	fwname := common.EnvFullName(s.Env.Config().UUID())
 	s.Stub.CheckCalls(c, []gitjujutesting.StubCall{{
 		FuncName: "Ports",
 		Args: []interface{}{
@@ -143,14 +149,15 @@
 	machine2.InstanceSummary.Metadata["juju-controller-uuid"] = "not-" + s.Config.UUID()
 	s.Client.Insts = append(s.Client.Insts, *machine0, *machine1, *machine2)
 
-	err := s.Env.Destroy()
+	err := s.Env.DestroyController(s.Config.UUID())
 	c.Assert(err, jc.ErrorIsNil)
 
-	fwname := s.Prefix[:len(s.Prefix)-1]
+	prefix := s.Prefix()
+	fwname := common.EnvFullName(s.Env.Config().UUID())
 	s.Stub.CheckCalls(c, []gitjujutesting.StubCall{
 		{"Ports", []interface{}{fwname}},
-		{"Instances", []interface{}{"juju-", lxdclient.AliveStatuses}},
-		{"RemoveInstances", []interface{}{"juju-", []string{machine1.Name}}},
 		{"Destroy", nil},
+		{"Instances", []interface{}{prefix, lxdclient.AliveStatuses}},
+		{"RemoveInstances", []interface{}{prefix, []string{machine1.Name}}},
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/status"
 	"github.com/juju/juju/tools/lxdclient"
 )
@@ -66,8 +65,11 @@
 // should have been started with the given machine id.
 func (inst *environInstance) OpenPorts(machineID string, ports []network.PortRange) error {
 	// TODO(ericsnow) Make sure machineId matches inst.Id()?
-	name := common.MachineFullName(inst.env.Config().UUID(), machineID)
-	err := inst.env.raw.OpenPorts(name, ports...)
+	name, err := inst.env.namespace.Hostname(machineID)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	err = inst.env.raw.OpenPorts(name, ports...)
 	if errors.IsNotImplemented(err) {
 		// TODO(ericsnow) for now...
 		return nil
@@ -78,8 +80,11 @@
 // ClosePorts closes the given ports on the instance, which
 // should have been started with the given machine id.
 func (inst *environInstance) ClosePorts(machineID string, ports []network.PortRange) error {
-	name := common.MachineFullName(inst.env.Config().UUID(), machineID)
-	err := inst.env.raw.ClosePorts(name, ports...)
+	name, err := inst.env.namespace.Hostname(machineID)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	err = inst.env.raw.ClosePorts(name, ports...)
 	if errors.IsNotImplemented(err) {
 		// TODO(ericsnow) for now...
 		return nil
@@ -91,7 +96,10 @@
 // should have been started with the given machine id.
 // The ports are returned as sorted by SortPorts.
 func (inst *environInstance) Ports(machineID string) ([]network.PortRange, error) {
-	name := common.MachineFullName(inst.env.Config().UUID(), machineID)
+	name, err := inst.env.namespace.Hostname(machineID)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 	ports, err := inst.env.raw.Ports(name)
 	if errors.IsNotImplemented(err) {
 		// TODO(ericsnow) for now...
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/instance_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/instance_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/instance_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/instance_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -51,7 +51,7 @@
 }
 
 func (s *instanceSuite) TestOpenPortsAPI(c *gc.C) {
-	err := s.Instance.OpenPorts("spam", s.Ports)
+	err := s.Instance.OpenPorts("42", s.Ports)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.Stub.CheckCalls(c, []gitjujutesting.StubCall{{
@@ -64,7 +64,7 @@
 }
 
 func (s *instanceSuite) TestClosePortsAPI(c *gc.C) {
-	err := s.Instance.ClosePorts("spam", s.Ports)
+	err := s.Instance.ClosePorts("42", s.Ports)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.Stub.CheckCalls(c, []gitjujutesting.StubCall{{
@@ -79,14 +79,14 @@
 func (s *instanceSuite) TestPortsOkay(c *gc.C) {
 	s.Firewaller.PortRanges = s.Ports
 
-	ports, err := s.Instance.Ports("spam")
+	ports, err := s.Instance.Ports("42")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(ports, jc.DeepEquals, s.Ports)
 }
 
 func (s *instanceSuite) TestPortsAPI(c *gc.C) {
-	_, err := s.Instance.Ports("spam")
+	_, err := s.Instance.Ports("42")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.Stub.CheckCalls(c, []gitjujutesting.StubCall{{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,7 +32,7 @@
 
 // BootstrapConfig implements environs.EnvironProvider.
 func (p environProvider) BootstrapConfig(args environs.BootstrapConfigParams) (*config.Config, error) {
-	return p.PrepareForCreateEnvironment(args.Config)
+	return p.PrepareForCreateEnvironment(args.ControllerUUID, args.Config)
 }
 
 // PrepareForBootstrap implements environs.EnvironProvider.
@@ -54,7 +54,7 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (environProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (environProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	return cfg, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/testing_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/testing_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/lxd/testing_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/lxd/testing_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -71,14 +71,12 @@
 // These are stub config values for use in tests.
 var (
 	ConfigAttrs = testing.FakeConfig().Merge(testing.Attrs{
-		"type":            "lxd",
-		"namespace":       "",
-		"remote-url":      "",
-		"client-cert":     "",
-		"client-key":      "",
-		"server-cert":     "",
-		"uuid":            "2d02eeac-9dbb-11e4-89d3-123b93f75cba",
-		"controller-uuid": "bfef02f1-932a-425a-a102-62175dcabd1d",
+		"type":        "lxd",
+		"remote-url":  "",
+		"client-cert": "",
+		"client-key":  "",
+		"server-cert": "",
+		"uuid":        "2d02eeac-9dbb-11e4-89d3-123b93f75cba",
 	})
 )
 
@@ -96,7 +94,6 @@
 	Config    *config.Config
 	EnvConfig *environConfig
 	Env       *environ
-	Prefix    string
 
 	Addresses     []network.Address
 	Instance      *environInstance
@@ -140,6 +137,10 @@
 	s.setConfig(c, cfg)
 }
 
+func (s *BaseSuiteUnpatched) Prefix() string {
+	return s.Env.namespace.Prefix()
+}
+
 func (s *BaseSuiteUnpatched) initInst(c *gc.C) {
 	tools := []*coretools.Tools{
 		{
@@ -156,7 +157,7 @@
 	// nothing
 	}
 
-	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(cons, cons, "trusty", "")
+	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(testing.FakeControllerConfig(), cons, cons, "trusty", "")
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = instanceConfig.SetTools(coretools.List{
@@ -184,7 +185,7 @@
 
 	s.Metadata = map[string]string{ // userdata
 		tags.JujuIsController: "true",
-		tags.JujuController:   s.Config.ControllerUUID(),
+		tags.JujuController:   testing.ModelTag.Id(),
 		tags.JujuModel:        s.Config.UUID(),
 		metadataKeyCloudInit:  string(userData),
 	}
@@ -193,11 +194,16 @@
 		Type:  network.IPv4Address,
 		Scope: network.ScopeCloudLocal,
 	}}
+	// NOTE: the instance ids used throughout this package are not at all
+	// representative of what they would normally be. They would normally
+	// determined by the instance namespace and the machine id.
 	s.Instance = s.NewInstance(c, "spam")
 	s.RawInstance = s.Instance.raw
-	s.InstName = s.Prefix + "machine-spam"
+	s.InstName, err = s.Env.namespace.Hostname("42")
+	c.Assert(err, jc.ErrorIsNil)
 
 	s.StartInstArgs = environs.StartInstanceParams{
+		ControllerUUID: instanceConfig.Controller.Config.ControllerUUID(),
 		InstanceConfig: instanceConfig,
 		Tools:          tools,
 		Constraints:    cons,
@@ -220,7 +226,9 @@
 	uuid := cfg.UUID()
 	s.Env.uuid = uuid
 	s.Env.ecfg = s.EnvConfig
-	s.Prefix = "juju-" + uuid + "-"
+	namespace, err := instance.NewNamespace(uuid)
+	c.Assert(err, jc.ErrorIsNil)
+	s.Env.namespace = namespace
 }
 
 func (s *BaseSuiteUnpatched) NewConfig(c *gc.C, updates testing.Attrs) *config.Config {
@@ -231,9 +239,6 @@
 	cfg := testing.ModelConfig(c)
 	cfg, err = cfg.Apply(ConfigAttrs)
 	c.Assert(err, jc.ErrorIsNil)
-	if raw := updates[cfgNamespace]; raw == nil || raw.(string) == "" {
-		updates[cfgNamespace] = cfg.Name()
-	}
 	cfg, err = cfg.Apply(updates)
 	c.Assert(err, jc.ErrorIsNil)
 	return cfg
@@ -337,12 +342,6 @@
 	cfg, err = cfg.Apply(ConfigAttrs)
 	c.Assert(err, jc.ErrorIsNil)
 
-	cfg, err = cfg.Apply(map[string]interface{}{
-		// Default the namespace to the env name.
-		cfgNamespace: cfg.Name(),
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
 	return cfg
 }
 
@@ -360,7 +359,6 @@
 }
 
 type ConfigValues struct {
-	Namespace  string
 	RemoteURL  string
 	ClientCert string
 	ClientKey  string
@@ -415,8 +413,6 @@
 	extras := make(map[string]interface{})
 	for k, v := range ecfg.attrs {
 		switch k {
-		case cfgNamespace:
-			values.Namespace = v.(string)
 		case cfgRemoteURL:
 			values.RemoteURL = v.(string)
 		case cfgClientCert:
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/add-juju-bridge.py juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/add-juju-bridge.py
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/add-juju-bridge.py	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/add-juju-bridge.py	2016-07-18 19:45:44.000000000 +0000
@@ -15,6 +15,11 @@
 import subprocess
 import sys
 
+# These options are to be removed from a sub-interface and applied to
+# the new bridged interface.
+
+BRIDGE_ONLY_OPTIONS = {'address', 'gateway', 'netmask', 'dns-nameservers', 'dns-search', 'dns-sortlist'}
+
 
 class SeekableIterator(object):
     """An iterator that supports relative seeking."""
@@ -69,120 +74,87 @@
         self.is_vlan = [x for x in self.options if x.startswith("vlan-raw-device")]
         self.is_active = self.method == "dhcp" or self.method == "static"
         self.is_bridged = [x for x in self.options if x.startswith("bridge_ports ")]
+        self.has_auto_stanza = None
 
     def __str__(self):
         return self.name
 
-    def bridge_now(self, prefix, bridge_name):
-        # https://wiki.archlinux.org/index.php/Network_bridge
-        # ip addr delete dev <interface name> <cidr>
-        if bridge_name is None:
-            bridge_name = prefix + self.name
-
-        args = {
-            'bridge': bridge_name,
-            'parent': self.name,
-        }
-
-        for o in self.options:
-            if o.startswith('vlan') or o.startswith('bond'):
-                continue
-            option = o.split()
-            if len(option) < 2:
-                args[option[0]] = ""
-            else:
-                args[option[0]] = option[1]
-
-        addr = check_shell_cmd('ip -d addr show {parent}'.format(**args))
-        flags = re.search('<(.*?)>', addr).group(1).split(',')
-        for exclude_flag in ['LOOPBACK', 'SLAVE']:
-            if exclude_flag in flags:
-                # Don't bridge the loopback interface or slaves of bonds.
-                return
-
-        # Save routes
-        routes = check_shell_cmd('ip route show dev {parent}'.format(**args))
-
-        print_shell_cmd('ip link add name {bridge} type bridge'.format(**args))
-        print_shell_cmd('ip link set {bridge} up'.format(**args))
-        print_shell_cmd('ip link set {parent} master {bridge}'.format(**args))
-
-        if 'address' in args:
-            print_shell_cmd('ip addr delete dev {parent} {address}'.format(**args))
-
-            cmd = 'ip addr add dev {bridge} {address}'
-            if 'netmask' in args:
-                cmd += '/{netmask}'
-
-            print_shell_cmd(cmd.format(**args))
-
-        for route in routes.splitlines():
-            # ip route replace will add missing routes or update existing ones.
-            print_shell_cmd('ip route replace {} dev {bridge}'.format(route, **args))
+    @classmethod
+    def prune_options(cls, options, invalid_options):
+        result = []
+        for o in options:
+            words = o.split()
+            if words[0] not in invalid_options:
+                result.append(o)
+        return result
 
-    # Returns an ordered set of stanzas to bridge this interface
-    def bridge(self, prefix, bridge_name, add_auto_stanza):
+    # Returns an ordered set of stanzas to bridge this interface.
+    def bridge(self, prefix, bridge_name):
         if bridge_name is None:
             bridge_name = prefix + self.name
-
         # Note: the testing order here is significant.
         if not self.is_active or self.is_bridged:
-            return self._bridge_unchanged(add_auto_stanza)
+            return self._bridge_unchanged()
         elif self.is_alias:
-            return self._bridge_alias(add_auto_stanza)
+            return self._bridge_alias()
         elif self.is_vlan:
-            return self._bridge_vlan(bridge_name, add_auto_stanza)
+            return self._bridge_vlan(bridge_name)
         elif self.is_bonded:
-            return self._bridge_bond(bridge_name, add_auto_stanza)
+            return self._bridge_bond(bridge_name)
         else:
             return self._bridge_device(bridge_name)
 
     def _bridge_device(self, bridge_name):
-        s1 = IfaceStanza(self.name, self.family, "manual", [])
-        s2 = AutoStanza(bridge_name)
+        stanzas = []
+        if self.has_auto_stanza:
+            stanzas.append(AutoStanza(self.name))
+        options = self.prune_options(self.options, BRIDGE_ONLY_OPTIONS)
+        stanzas.append(IfaceStanza(self.name, self.family, "manual", options))
+        stanzas.append(AutoStanza(bridge_name))
         options = list(self.options)
         options.append("bridge_ports {}".format(self.name))
-        s3 = IfaceStanza(bridge_name, self.family, self.method, options)
-        return [s1, s2, s3]
+        options = self.prune_options(options, ['mtu'])
+        stanzas.append(IfaceStanza(bridge_name, self.family, self.method, options))
+        return stanzas
 
-    def _bridge_vlan(self, bridge_name, add_auto_stanza):
+    def _bridge_vlan(self, bridge_name):
         stanzas = []
-        s1 = IfaceStanza(self.name, self.family, "manual", self.options)
-        stanzas.append(s1)
-        if add_auto_stanza:
-            stanzas.append(AutoStanza(bridge_name))
-        options = [x for x in self.options if not x.startswith("vlan")]
+        if self.has_auto_stanza:
+            stanzas.append(AutoStanza(self.name))
+        options = self.prune_options(self.options, BRIDGE_ONLY_OPTIONS)
+        stanzas.append(IfaceStanza(self.name, self.family, "manual", options))
+        stanzas.append(AutoStanza(bridge_name))
+        options = list(self.options)
         options.append("bridge_ports {}".format(self.name))
-        s3 = IfaceStanza(bridge_name, self.family, self.method, options)
-        stanzas.append(s3)
+        options = self.prune_options(options, ['mtu', 'vlan_id', 'vlan-raw-device'])
+        stanzas.append(IfaceStanza(bridge_name, self.family, self.method, options))
         return stanzas
 
-    def _bridge_alias(self, add_auto_stanza):
+    def _bridge_alias(self):
         stanzas = []
-        if add_auto_stanza:
+        if self.has_auto_stanza:
             stanzas.append(AutoStanza(self.name))
-        s1 = IfaceStanza(self.name, self.family, self.method, list(self.options))
-        stanzas.append(s1)
+        stanzas.append(IfaceStanza(self.name, self.family, self.method, list(self.options)))
         return stanzas
 
-    def _bridge_bond(self, bridge_name, add_auto_stanza):
+    def _bridge_bond(self, bridge_name):
         stanzas = []
-        if add_auto_stanza:
+        if self.has_auto_stanza:
             stanzas.append(AutoStanza(self.name))
-        s1 = IfaceStanza(self.name, self.family, "manual", list(self.options))
-        s2 = AutoStanza(bridge_name)
+        options = self.prune_options(self.options, BRIDGE_ONLY_OPTIONS)
+        stanzas.append(IfaceStanza(self.name, self.family, "manual", options))
+        stanzas.append(AutoStanza(bridge_name))
         options = [x for x in self.options if not x.startswith("bond")]
+        options = self.prune_options(options, ['mtu'])
         options.append("bridge_ports {}".format(self.name))
-        s3 = IfaceStanza(bridge_name, self.family, self.method, options)
-        stanzas.extend([s1, s2, s3])
+        stanzas.append(IfaceStanza(bridge_name, self.family, self.method, options))
         return stanzas
 
-    def _bridge_unchanged(self, add_auto_stanza):
+    def _bridge_unchanged(self):
         stanzas = []
-        if add_auto_stanza:
+        if self.has_auto_stanza:
             stanzas.append(AutoStanza(self.name))
-        s1 = IfaceStanza(self.name, self.family, self.method, list(self.options))
-        stanzas.append(s1)
+        stanzas.append(IfaceStanza(self.name, self.family, self.method, list(self.options)))
         return stanzas
 
 
@@ -223,6 +195,11 @@
             if self.is_stanza(line):
                 stanza = self._parse_stanza(line, line_iterator)
                 self._stanzas.append(stanza)
+        physical_interfaces = self._physical_interfaces()
+        for s in self._stanzas:
+            if not s.is_logical_interface:
+                continue
+            s.iface.has_auto_stanza = s.iface.name in physical_interfaces
 
     def _parse_stanza(self, stanza_line, iterable):
         stanza_options = []
@@ -239,7 +216,7 @@
     def stanzas(self):
         return [x for x in self._stanzas]
 
-    def physical_interfaces(self):
+    def _physical_interfaces(self):
         return {x.phy.name: x.phy for x in [y for y in self._stanzas if y.is_physical_interface]}
 
     def __iter__(self):  # class iter
@@ -363,7 +340,6 @@
 
     stanzas = []
     config_parser = NetworkInterfaceParser(args.filename)
-    physical_interfaces = config_parser.physical_interfaces()
 
     # Bridging requires modifying 'auto' and 'iface' stanzas only.
     # Calling <iface>.bridge() will return a set of stanzas that cover
@@ -375,16 +351,12 @@
 
     for s in config_parser.stanzas():
         if s.is_logical_interface:
-            add_auto_stanza = s.iface.name in physical_interfaces
-
             if args.interface_to_bridge and args.interface_to_bridge != s.iface.name:
-                if add_auto_stanza:
+                if s.iface.has_auto_stanza:
                     stanzas.append(AutoStanza(s.iface.name))
                 stanzas.append(s)
             else:
-                stanza = s.iface.bridge(args.bridge_prefix, args.bridge_name, add_auto_stanza)
-                stanzas.extend(stanza)
-
+                stanzas.extend(s.iface.bridge(args.bridge_prefix, args.bridge_name))
         elif not s.is_physical_interface:
             stanzas.append(s)
 
@@ -392,29 +364,45 @@
         print_stanzas(stanzas)
         exit(0)
 
-    print("**** Original configuration")
-    print_shell_cmd("cat {}".format(args.filename))
-    print_shell_cmd("ip -d addr show")
-    print_shell_cmd("ip route show")
-
-    for s in config_parser.stanzas():
-        if s.is_logical_interface:
-            if not(args.interface_to_bridge and args.interface_to_bridge != s.iface.name):
-                s.iface.bridge_now(args.bridge_prefix, args.bridge_name)
-
     if args.one_time_backup:
         backup_file = "{}-before-add-juju-bridge".format(args.filename)
         if not os.path.isfile(backup_file):
             shutil.copy2(args.filename, backup_file)
 
+    ifquery = "$(ifquery --interfaces={} --exclude=lo --list)".format(args.filename)
+
+    print("**** Original configuration")
+    print_shell_cmd("cat {}".format(args.filename))
+    print_shell_cmd("ifconfig -a")
+    print_shell_cmd("ifdown --exclude=lo --interfaces={} {}".format(args.filename, ifquery))
+
+    print("**** Activating new configuration")
+
     with open(args.filename, 'w') as f:
         print_stanzas(stanzas, f)
         f.close()
 
-    print("**** New configuration")
+    # On configurations that have bonds in 802.3ad mode there is a
+    # race condition betweeen an immediate ifdown then ifup.
+    #
+    # On the h/w I have a 'sleep 0.1' is sufficient but to accommodate
+    # other setups we arbitrarily choose something larger. We don't
+    # want to massively slow bootstrap down but, equally, 0.1 may be
+    # too small for other configurations.
+
+    for s in stanzas:
+        if s.is_logical_interface and s.iface.is_bonded:
+            print("working around https://bugs.launchpad.net/ubuntu/+source/ifenslave/+bug/1269921")
+            print("working around https://bugs.launchpad.net/juju-core/+bug/1594855")
+            print_shell_cmd("sleep 3")
+            break
+
     print_shell_cmd("cat {}".format(args.filename))
-    print_shell_cmd("ip -d addr show")
+    print_shell_cmd("ifup --exclude=lo --interfaces={} {}".format(args.filename, ifquery))
+    print_shell_cmd("ip link show up")
+    print_shell_cmd("ifconfig -a")
     print_shell_cmd("ip route show")
+    print_shell_cmd("brctl show")
 
 # This script re-renders an interfaces(5) file to add a bridge to
 # either all active interfaces, or a specific interface.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/bridgescript.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/bridgescript.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/bridgescript.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/bridgescript.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 const bridgeScriptName = "add-juju-bridge.py"
 
-var bridgeScriptPath = path.Join("/tmp", bridgeScriptName)
+var bridgeScriptPath = path.Join("/var/tmp", bridgeScriptName)
 
 const bridgeScriptPython = `#!/usr/bin/env python
 
@@ -27,6 +27,11 @@
 import subprocess
 import sys
 
+# These options are to be removed from a sub-interface and applied to
+# the new bridged interface.
+
+BRIDGE_ONLY_OPTIONS = {'address', 'gateway', 'netmask', 'dns-nameservers', 'dns-search', 'dns-sortlist'}
+
 
 class SeekableIterator(object):
     """An iterator that supports relative seeking."""
@@ -81,120 +86,87 @@
         self.is_vlan = [x for x in self.options if x.startswith("vlan-raw-device")]
         self.is_active = self.method == "dhcp" or self.method == "static"
         self.is_bridged = [x for x in self.options if x.startswith("bridge_ports ")]
+        self.has_auto_stanza = None
 
     def __str__(self):
         return self.name
 
-    def bridge_now(self, prefix, bridge_name):
-        # https://wiki.archlinux.org/index.php/Network_bridge
-        # ip addr delete dev <interface name> <cidr>
-        if bridge_name is None:
-            bridge_name = prefix + self.name
-
-        args = {
-            'bridge': bridge_name,
-            'parent': self.name,
-        }
-
-        for o in self.options:
-            if o.startswith('vlan') or o.startswith('bond'):
-                continue
-            option = o.split()
-            if len(option) < 2:
-                args[option[0]] = ""
-            else:
-                args[option[0]] = option[1]
-
-        addr = check_shell_cmd('ip -d addr show {parent}'.format(**args))
-        flags = re.search('<(.*?)>', addr).group(1).split(',')
-        for exclude_flag in ['LOOPBACK', 'SLAVE']:
-            if exclude_flag in flags:
-                # Don't bridge the loopback interface or slaves of bonds.
-                return
-
-        # Save routes
-        routes = check_shell_cmd('ip route show dev {parent}'.format(**args))
-
-        print_shell_cmd('ip link add name {bridge} type bridge'.format(**args))
-        print_shell_cmd('ip link set {bridge} up'.format(**args))
-        print_shell_cmd('ip link set {parent} master {bridge}'.format(**args))
-
-        if 'address' in args:
-            print_shell_cmd('ip addr delete dev {parent} {address}'.format(**args))
-
-            cmd = 'ip addr add dev {bridge} {address}'
-            if 'netmask' in args:
-                cmd += '/{netmask}'
-
-            print_shell_cmd(cmd.format(**args))
-
-        for route in routes.splitlines():
-            # ip route replace will add missing routes or update existing ones.
-            print_shell_cmd('ip route replace {} dev {bridge}'.format(route, **args))
+    @classmethod
+    def prune_options(cls, options, invalid_options):
+        result = []
+        for o in options:
+            words = o.split()
+            if words[0] not in invalid_options:
+                result.append(o)
+        return result
 
-    # Returns an ordered set of stanzas to bridge this interface
-    def bridge(self, prefix, bridge_name, add_auto_stanza):
+    # Returns an ordered set of stanzas to bridge this interface.
+    def bridge(self, prefix, bridge_name):
         if bridge_name is None:
             bridge_name = prefix + self.name
-
         # Note: the testing order here is significant.
         if not self.is_active or self.is_bridged:
-            return self._bridge_unchanged(add_auto_stanza)
+            return self._bridge_unchanged()
         elif self.is_alias:
-            return self._bridge_alias(add_auto_stanza)
+            return self._bridge_alias()
         elif self.is_vlan:
-            return self._bridge_vlan(bridge_name, add_auto_stanza)
+            return self._bridge_vlan(bridge_name)
         elif self.is_bonded:
-            return self._bridge_bond(bridge_name, add_auto_stanza)
+            return self._bridge_bond(bridge_name)
         else:
             return self._bridge_device(bridge_name)
 
     def _bridge_device(self, bridge_name):
-        s1 = IfaceStanza(self.name, self.family, "manual", [])
-        s2 = AutoStanza(bridge_name)
+        stanzas = []
+        if self.has_auto_stanza:
+            stanzas.append(AutoStanza(self.name))
+        options = self.prune_options(self.options, BRIDGE_ONLY_OPTIONS)
+        stanzas.append(IfaceStanza(self.name, self.family, "manual", options))
+        stanzas.append(AutoStanza(bridge_name))
         options = list(self.options)
         options.append("bridge_ports {}".format(self.name))
-        s3 = IfaceStanza(bridge_name, self.family, self.method, options)
-        return [s1, s2, s3]
+        options = self.prune_options(options, ['mtu'])
+        stanzas.append(IfaceStanza(bridge_name, self.family, self.method, options))
+        return stanzas
 
-    def _bridge_vlan(self, bridge_name, add_auto_stanza):
+    def _bridge_vlan(self, bridge_name):
         stanzas = []
-        s1 = IfaceStanza(self.name, self.family, "manual", self.options)
-        stanzas.append(s1)
-        if add_auto_stanza:
-            stanzas.append(AutoStanza(bridge_name))
-        options = [x for x in self.options if not x.startswith("vlan")]
+        if self.has_auto_stanza:
+            stanzas.append(AutoStanza(self.name))
+        options = self.prune_options(self.options, BRIDGE_ONLY_OPTIONS)
+        stanzas.append(IfaceStanza(self.name, self.family, "manual", options))
+        stanzas.append(AutoStanza(bridge_name))
+        options = list(self.options)
         options.append("bridge_ports {}".format(self.name))
-        s3 = IfaceStanza(bridge_name, self.family, self.method, options)
-        stanzas.append(s3)
+        options = self.prune_options(options, ['mtu', 'vlan_id', 'vlan-raw-device'])
+        stanzas.append(IfaceStanza(bridge_name, self.family, self.method, options))
         return stanzas
 
-    def _bridge_alias(self, add_auto_stanza):
+    def _bridge_alias(self):
         stanzas = []
-        if add_auto_stanza:
+        if self.has_auto_stanza:
             stanzas.append(AutoStanza(self.name))
-        s1 = IfaceStanza(self.name, self.family, self.method, list(self.options))
-        stanzas.append(s1)
+        stanzas.append(IfaceStanza(self.name, self.family, self.method, list(self.options)))
         return stanzas
 
-    def _bridge_bond(self, bridge_name, add_auto_stanza):
+    def _bridge_bond(self, bridge_name):
         stanzas = []
-        if add_auto_stanza:
+        if self.has_auto_stanza:
             stanzas.append(AutoStanza(self.name))
-        s1 = IfaceStanza(self.name, self.family, "manual", list(self.options))
-        s2 = AutoStanza(bridge_name)
+        options = self.prune_options(self.options, BRIDGE_ONLY_OPTIONS)
+        stanzas.append(IfaceStanza(self.name, self.family, "manual", options))
+        stanzas.append(AutoStanza(bridge_name))
         options = [x for x in self.options if not x.startswith("bond")]
+        options = self.prune_options(options, ['mtu'])
         options.append("bridge_ports {}".format(self.name))
-        s3 = IfaceStanza(bridge_name, self.family, self.method, options)
-        stanzas.extend([s1, s2, s3])
+        stanzas.append(IfaceStanza(bridge_name, self.family, self.method, options))
         return stanzas
 
-    def _bridge_unchanged(self, add_auto_stanza):
+    def _bridge_unchanged(self):
         stanzas = []
-        if add_auto_stanza:
+        if self.has_auto_stanza:
             stanzas.append(AutoStanza(self.name))
-        s1 = IfaceStanza(self.name, self.family, self.method, list(self.options))
-        stanzas.append(s1)
+        stanzas.append(IfaceStanza(self.name, self.family, self.method, list(self.options)))
         return stanzas
 
 
@@ -235,6 +207,11 @@
             if self.is_stanza(line):
                 stanza = self._parse_stanza(line, line_iterator)
                 self._stanzas.append(stanza)
+        physical_interfaces = self._physical_interfaces()
+        for s in self._stanzas:
+            if not s.is_logical_interface:
+                continue
+            s.iface.has_auto_stanza = s.iface.name in physical_interfaces
 
     def _parse_stanza(self, stanza_line, iterable):
         stanza_options = []
@@ -251,7 +228,7 @@
     def stanzas(self):
         return [x for x in self._stanzas]
 
-    def physical_interfaces(self):
+    def _physical_interfaces(self):
         return {x.phy.name: x.phy for x in [y for y in self._stanzas if y.is_physical_interface]}
 
     def __iter__(self):  # class iter
@@ -375,7 +352,6 @@
 
     stanzas = []
     config_parser = NetworkInterfaceParser(args.filename)
-    physical_interfaces = config_parser.physical_interfaces()
 
     # Bridging requires modifying 'auto' and 'iface' stanzas only.
     # Calling <iface>.bridge() will return a set of stanzas that cover
@@ -387,16 +363,12 @@
 
     for s in config_parser.stanzas():
         if s.is_logical_interface:
-            add_auto_stanza = s.iface.name in physical_interfaces
-
             if args.interface_to_bridge and args.interface_to_bridge != s.iface.name:
-                if add_auto_stanza:
+                if s.iface.has_auto_stanza:
                     stanzas.append(AutoStanza(s.iface.name))
                 stanzas.append(s)
             else:
-                stanza = s.iface.bridge(args.bridge_prefix, args.bridge_name, add_auto_stanza)
-                stanzas.extend(stanza)
-
+                stanzas.extend(s.iface.bridge(args.bridge_prefix, args.bridge_name))
         elif not s.is_physical_interface:
             stanzas.append(s)
 
@@ -404,29 +376,45 @@
         print_stanzas(stanzas)
         exit(0)
 
-    print("**** Original configuration")
-    print_shell_cmd("cat {}".format(args.filename))
-    print_shell_cmd("ip -d addr show")
-    print_shell_cmd("ip route show")
-
-    for s in config_parser.stanzas():
-        if s.is_logical_interface:
-            if not(args.interface_to_bridge and args.interface_to_bridge != s.iface.name):
-                s.iface.bridge_now(args.bridge_prefix, args.bridge_name)
-
     if args.one_time_backup:
         backup_file = "{}-before-add-juju-bridge".format(args.filename)
         if not os.path.isfile(backup_file):
             shutil.copy2(args.filename, backup_file)
 
+    ifquery = "$(ifquery --interfaces={} --exclude=lo --list)".format(args.filename)
+
+    print("**** Original configuration")
+    print_shell_cmd("cat {}".format(args.filename))
+    print_shell_cmd("ifconfig -a")
+    print_shell_cmd("ifdown --exclude=lo --interfaces={} {}".format(args.filename, ifquery))
+
+    print("**** Activating new configuration")
+
     with open(args.filename, 'w') as f:
         print_stanzas(stanzas, f)
         f.close()
 
-    print("**** New configuration")
+    # On configurations that have bonds in 802.3ad mode there is a
+    # race condition betweeen an immediate ifdown then ifup.
+    #
+    # On the h/w I have a 'sleep 0.1' is sufficient but to accommodate
+    # other setups we arbitrarily choose something larger. We don't
+    # want to massively slow bootstrap down but, equally, 0.1 may be
+    # too small for other configurations.
+
+    for s in stanzas:
+        if s.is_logical_interface and s.iface.is_bonded:
+            print("working around https://bugs.launchpad.net/ubuntu/+source/ifenslave/+bug/1269921")
+            print("working around https://bugs.launchpad.net/juju-core/+bug/1594855")
+            print_shell_cmd("sleep 3")
+            break
+
     print_shell_cmd("cat {}".format(args.filename))
-    print_shell_cmd("ip -d addr show")
+    print_shell_cmd("ifup --exclude=lo --interfaces={} {}".format(args.filename, ifquery))
+    print_shell_cmd("ip link show up")
+    print_shell_cmd("ifconfig -a")
     print_shell_cmd("ip route show")
+    print_shell_cmd("brctl show")
 
 # This script re-renders an interfaces(5) file to add a bridge to
 # either all active interfaces, or a specific interface.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/bridgescript_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/bridgescript_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/bridgescript_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/bridgescript_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -70,7 +70,7 @@
 		// Run the script and verify the modified config.
 		output, retcode := s.runScript(c, python, s.testConfigPath, bridgePrefix, bridgeName, interfaceToBridge)
 		c.Check(retcode, gc.Equals, 0)
-		c.Check(strings.Trim(output, "\n"), gc.Equals, expectedConfig)
+		c.Check(strings.Trim(output, "\n"), gc.Equals, expectedConfig, gc.Commentf("initial was:\n%s", initialConfig))
 	}
 }
 
@@ -210,6 +210,7 @@
 const networkStaticExpected = `auto lo
 iface lo inet loopback
 
+auto eth0
 iface eth0 inet manual
 
 auto test-br-eth0
@@ -228,6 +229,7 @@
 const networkDHCPExpected = `auto lo
 iface lo inet loopback
 
+auto eth0
 iface eth0 inet manual
 
 auto test-br-eth0
@@ -252,6 +254,7 @@
 const networkDualNICExpected = `auto lo
 iface lo inet loopback
 
+auto eth0
 iface eth0 inet manual
 
 auto test-br-eth0
@@ -261,6 +264,7 @@
     gateway 4.3.2.1
     bridge_ports eth0
 
+auto eth1
 iface eth1 inet manual
 
 auto test-br-eth1
@@ -286,6 +290,7 @@
 const networkWithAliasExpected = `auto lo
 iface lo inet loopback
 
+auto eth0
 iface eth0 inet manual
 
 auto test-br-eth0
@@ -320,6 +325,7 @@
 const networkDHCPWithAliasExpected = `auto lo
 iface lo inet loopback
 
+auto eth0
 iface eth0 inet manual
 
 auto test-br-eth0
@@ -356,13 +362,14 @@
 dns-nameservers 10.17.20.200
 dns-search maas`
 
-const networkMultipleStaticWithAliasesExpected = `iface eth0 inet manual
+const networkMultipleStaticWithAliasesExpected = `auto eth0
+iface eth0 inet manual
+    mtu 1500
 
 auto test-br-eth0
 iface test-br-eth0 inet static
     gateway 10.17.20.1
     address 10.17.20.201/24
-    mtu 1500
     bridge_ports eth0
 
 auto eth0:1
@@ -434,12 +441,9 @@
     bond-mode active-backup
     hwaddress 52:54:00:1c:f1:5b
     bond-slaves none
-    dns-nameservers 10.17.20.200
-    dns-search maas19
 
 auto test-br-bond0
 iface test-br-bond0 inet dhcp
-    mtu 1500
     hwaddress 52:54:00:1c:f1:5b
     bridge_ports bond0
     dns-nameservers 10.17.20.200
@@ -470,25 +474,28 @@
 dns-nameservers 10.17.20.200
 dns-search maas19`
 
-const networkMultipleAliasesExpected = `iface eth0 inet manual
+const networkMultipleAliasesExpected = `auto eth0
+iface eth0 inet manual
 
 auto test-br-eth0
 iface test-br-eth0 inet dhcp
     bridge_ports eth0
 
+auto eth1
 iface eth1 inet manual
 
 auto test-br-eth1
 iface test-br-eth1 inet dhcp
     bridge_ports eth1
 
+auto eth10
 iface eth10 inet manual
+    mtu 1500
 
 auto test-br-eth10
 iface test-br-eth10 inet static
     gateway 10.17.20.1
     address 10.17.20.201/24
-    mtu 1500
     bridge_ports eth10
 
 auto eth10:1
@@ -634,27 +641,30 @@
     mtu 1500
     bond-mode active-backup
 
+auto eth4
 iface eth4 inet manual
+    mtu 1500
 
 auto juju-br-eth4
 iface juju-br-eth4 inet static
     address 10.17.20.202/24
-    mtu 1500
     bridge_ports eth4
 
+auto eth5
 iface eth5 inet manual
+    mtu 1500
 
 auto juju-br-eth5
 iface juju-br-eth5 inet dhcp
-    mtu 1500
     bridge_ports eth5
 
+auto eth6
 iface eth6 inet manual
+    mtu 1500
 
 auto juju-br-eth6
 iface juju-br-eth6 inet static
     address 10.17.20.203/24
-    mtu 1500
     bridge_ports eth6
 
 auto eth6:1
@@ -679,8 +689,6 @@
 
 auto bond0
 iface bond0 inet manual
-    gateway 10.17.20.1
-    address 10.17.20.201/24
     bond-lacp_rate slow
     bond-xmit_hash_policy layer2
     bond-miimon 100
@@ -693,7 +701,6 @@
 iface juju-br-bond0 inet static
     gateway 10.17.20.1
     address 10.17.20.201/24
-    mtu 1500
     hwaddress 52:54:00:6a:4f:fd
     bridge_ports bond0
 
@@ -706,12 +713,9 @@
     bond-mode active-backup
     hwaddress 52:54:00:8e:6e:b0
     bond-slaves none
-    dns-nameservers 10.17.20.200
-    dns-search maas19
 
 auto juju-br-bond1
 iface juju-br-bond1 inet dhcp
-    mtu 1500
     hwaddress 52:54:00:8e:6e:b0
     bridge_ports bond1
     dns-nameservers 10.17.20.200
@@ -744,21 +748,22 @@
 dns-nameservers 10.17.20.200
 dns-search maas19`
 
-const networkVLANExpected = `iface eth0 inet manual
+const networkVLANExpected = `auto eth0
+iface eth0 inet manual
+    mtu 1500
 
 auto vlan-br-eth0
 iface vlan-br-eth0 inet static
     gateway 10.17.20.1
     address 10.17.20.212/24
-    mtu 1500
     bridge_ports eth0
 
 auto eth1
 iface eth1 inet manual
     mtu 1500
 
+auto eth0.2
 iface eth0.2 inet manual
-    address 192.168.2.3/24
     vlan-raw-device eth0
     mtu 1500
     vlan_id 2
@@ -766,21 +771,17 @@
 auto vlan-br-eth0.2
 iface vlan-br-eth0.2 inet static
     address 192.168.2.3/24
-    mtu 1500
     bridge_ports eth0.2
 
+auto eth1.3
 iface eth1.3 inet manual
-    address 192.168.3.3/24
     vlan-raw-device eth1
     mtu 1500
     vlan_id 3
-    dns-nameservers 10.17.20.200
-    dns-search maas19
 
 auto vlan-br-eth1.3
 iface vlan-br-eth1.3 inet static
     address 192.168.3.3/24
-    mtu 1500
     bridge_ports eth1.3
     dns-nameservers 10.17.20.200
     dns-search maas19`
@@ -839,13 +840,14 @@
 dns-nameservers 10.245.168.2
 dns-search dellstack`
 
-const networkVLANWithMultipleNameserversExpected = `iface eth0 inet manual
+const networkVLANWithMultipleNameserversExpected = `auto eth0
+iface eth0 inet manual
+    mtu 1500
 
 auto br-eth0
 iface br-eth0 inet static
     gateway 10.245.168.1
     address 10.245.168.11/21
-    mtu 1500
     bridge_ports eth0
     dns-nameservers 10.245.168.2
 
@@ -861,60 +863,51 @@
 iface eth3 inet manual
     mtu 1500
 
+auto eth1.2667
 iface eth1.2667 inet manual
-    address 10.245.184.2/24
     vlan-raw-device eth1
     mtu 1500
     vlan_id 2667
-    dns-nameservers 10.245.168.2
 
 auto br-eth1.2667
 iface br-eth1.2667 inet static
     address 10.245.184.2/24
-    mtu 1500
     bridge_ports eth1.2667
     dns-nameservers 10.245.168.2
 
+auto eth1.2668
 iface eth1.2668 inet manual
-    address 10.245.185.1/24
     vlan-raw-device eth1
     mtu 1500
     vlan_id 2668
-    dns-nameservers 10.245.168.2
 
 auto br-eth1.2668
 iface br-eth1.2668 inet static
     address 10.245.185.1/24
-    mtu 1500
     bridge_ports eth1.2668
     dns-nameservers 10.245.168.2
 
+auto eth1.2669
 iface eth1.2669 inet manual
-    address 10.245.186.1/24
     vlan-raw-device eth1
     mtu 1500
     vlan_id 2669
-    dns-nameservers 10.245.168.2
 
 auto br-eth1.2669
 iface br-eth1.2669 inet static
     address 10.245.186.1/24
-    mtu 1500
     bridge_ports eth1.2669
     dns-nameservers 10.245.168.2
 
+auto eth1.2670
 iface eth1.2670 inet manual
-    address 10.245.187.2/24
     vlan-raw-device eth1
     mtu 1500
     vlan_id 2670
-    dns-nameservers 10.245.168.2
-    dns-search dellstack
 
 auto br-eth1.2670
 iface br-eth1.2670 inet static
     address 10.245.187.2/24
-    mtu 1500
     bridge_ports eth1.2670
     dns-nameservers 10.245.168.2
     dns-search dellstack`
@@ -993,8 +986,6 @@
 
 auto bond0
 iface bond0 inet manual
-    address 10.17.20.211/24
-    gateway 10.17.20.1
     bond-slaves none
     bond-mode active-backup
     bond-xmit_hash_policy layer2
@@ -1002,19 +993,17 @@
     mtu 1500
     hwaddress 52:54:00:1c:f1:5b
     bond-lacp_rate slow
-    dns-nameservers 10.17.20.200
 
 auto br-bond0
 iface br-bond0 inet static
     address 10.17.20.211/24
     gateway 10.17.20.1
-    mtu 1500
     hwaddress 52:54:00:1c:f1:5b
     bridge_ports bond0
     dns-nameservers 10.17.20.200
 
+auto bond0.2
 iface bond0.2 inet manual
-    address 192.168.2.102/24
     vlan-raw-device bond0
     mtu 1500
     vlan_id 2
@@ -1022,21 +1011,17 @@
 auto br-bond0.2
 iface br-bond0.2 inet static
     address 192.168.2.102/24
-    mtu 1500
     bridge_ports bond0.2
 
+auto bond0.3
 iface bond0.3 inet manual
-    address 192.168.3.101/24
     vlan-raw-device bond0
     mtu 1500
     vlan_id 3
-    dns-nameservers 10.17.20.200
-    dns-search maas19
 
 auto br-bond0.3
 iface br-bond0.3 inet static
     address 192.168.3.101/24
-    mtu 1500
     bridge_ports bond0.3
     dns-nameservers 10.17.20.200
     dns-search maas19`
@@ -1062,13 +1047,14 @@
 dns-search maas19
 `
 
-const networkVLANWithInactiveDeviceExpected = `iface eth0 inet manual
+const networkVLANWithInactiveDeviceExpected = `auto eth0
+iface eth0 inet manual
+    mtu 1500
 
 auto br-eth0
 iface br-eth0 inet static
     gateway 10.17.20.1
     address 10.17.20.211/24
-    mtu 1500
     bridge_ports eth0
     dns-nameservers 10.17.20.200
 
@@ -1076,16 +1062,14 @@
 iface eth1 inet manual
     mtu 1500
 
+auto eth1.2
 iface eth1.2 inet manual
     vlan-raw-device eth1
     mtu 1500
     vlan_id 2
-    dns-nameservers 10.17.20.200
-    dns-search maas19
 
 auto br-eth1.2
 iface br-eth1.2 inet dhcp
-    mtu 1500
     bridge_ports eth1.2
     dns-nameservers 10.17.20.200
     dns-search maas19`
@@ -1111,33 +1095,33 @@
 dns-search maas19
 `
 
-const networkVLANWithActiveDHCPDeviceExpected = `iface eth0 inet manual
+const networkVLANWithActiveDHCPDeviceExpected = `auto eth0
+iface eth0 inet manual
+    mtu 1500
 
 auto br-eth0
 iface br-eth0 inet static
     gateway 10.17.20.1
     address 10.17.20.211/24
-    mtu 1500
     bridge_ports eth0
     dns-nameservers 10.17.20.200
 
+auto eth1
 iface eth1 inet manual
+    mtu 1500
 
 auto br-eth1
 iface br-eth1 inet dhcp
-    mtu 1500
     bridge_ports eth1
 
+auto eth1.2
 iface eth1.2 inet manual
     vlan-raw-device eth1
     mtu 1500
     vlan_id 2
-    dns-nameservers 10.17.20.200
-    dns-search maas19
 
 auto br-eth1.2
 iface br-eth1.2 inet dhcp
-    mtu 1500
     bridge_ports eth1.2
     dns-nameservers 10.17.20.200
     dns-search maas19`
@@ -1182,43 +1166,47 @@
 dns-search ubuntu juju
 dns-search dellstack ubuntu dellstack`
 
-const networkWithMultipleDNSValuesExpected = `iface eth0 inet manual
+const networkWithMultipleDNSValuesExpected = `auto eth0
+iface eth0 inet manual
+    mtu 1500
 
 auto br-eth0
 iface br-eth0 inet static
     gateway 10.245.168.1
     address 10.245.168.11/21
-    mtu 1500
     bridge_ports eth0
     dns-nameservers 10.245.168.2 192.168.1.1
 
+auto eth1
 iface eth1 inet manual
+    mtu 1500
 
 auto br-eth1
 iface br-eth1 inet static
     gateway 10.245.168.1
     address 10.245.168.12/21
-    mtu 1500
     bridge_ports eth1
     dns-sortlist 192.168.1.0/24 10.245.168.0/21
 
+auto eth2
 iface eth2 inet manual
+    mtu 1500
 
 auto br-eth2
 iface br-eth2 inet static
     gateway 10.245.168.1
     address 10.245.168.13/21
-    mtu 1500
     bridge_ports eth2
     dns-search juju ubuntu dellstack
 
+auto eth3
 iface eth3 inet manual
+    mtu 1500
 
 auto br-eth3
 iface br-eth3 inet static
     gateway 10.245.168.1
     address 10.245.168.14/21
-    mtu 1500
     bridge_ports eth3
     dns-nameservers 192.168.1.1 10.245.168.2
     dns-search juju ubuntu dellstack
@@ -1246,22 +1234,24 @@
 dns-search
 dns-sortlist`
 
-const networkWithEmptyDNSValuesExpected = `iface eth0 inet manual
+const networkWithEmptyDNSValuesExpected = `auto eth0
+iface eth0 inet manual
+    mtu 1500
 
 auto br-eth0
 iface br-eth0 inet static
     gateway 10.245.168.1
     address 10.245.168.11/21
-    mtu 1500
     bridge_ports eth0
 
+auto eth1
 iface eth1 inet manual
+    mtu 1500
 
 auto br-eth1
 iface br-eth1 inet static
     gateway 10.245.168.1
     address 10.245.168.12/21
-    mtu 1500
     bridge_ports eth1`
 
 const networkLP1532167Initial = `auto eth0
@@ -1412,8 +1402,6 @@
 
 auto bond0
 iface bond0 inet manual
-    gateway 10.38.160.1
-    address 10.38.160.24/24
     bond-lacp_rate fast
     bond-xmit_hash_policy layer2+3
     bond-miimon 100
@@ -1426,7 +1414,6 @@
 iface juju-br0 inet static
     gateway 10.38.160.1
     address 10.38.160.24/24
-    mtu 1500
     hwaddress 44:a8:42:41:ab:37
     bridge_ports bond0
 
@@ -1552,6 +1539,7 @@
     gateway 4.3.2.1
     bridge_ports eth0
 
+auto eth1
 iface eth1 inet manual
 
 auto br-eth1
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/config.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -106,6 +106,7 @@
 	if _, ok := cfg.StorageDefaultBlockSource(); !ok {
 		providerDefaults[config.StorageDefaultBlockSourceKey] = maasStorageProviderType
 	}
+
 	if len(providerDefaults) > 0 {
 		if cfg, err = cfg.Apply(providerDefaults); err != nil {
 			return nil, err
@@ -139,5 +140,6 @@
 	if strings.Count(oauth, ":") != 2 {
 		return nil, errMalformedMaasOAuth
 	}
+
 	return cfg.Apply(envCfg.attrs)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/credentials.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/credentials.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/credentials.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/credentials.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,14 @@
 package maas
 
 import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"path/filepath"
+
 	"github.com/juju/errors"
+	"github.com/juju/utils"
+
 	"github.com/juju/juju/cloud"
 )
 
@@ -26,6 +33,34 @@
 
 // DetectCredentials is part of the environs.ProviderCredentials interface.
 func (environProviderCredentials) DetectCredentials() (*cloud.CloudCredential, error) {
-	// TODO(axw) find out where the MAAS CLI stores credentials.
-	return nil, errors.NotFoundf("credentials")
+	// MAAS stores credentials in a json file: ~/.maasrc
+	// {"Server": "http://<ip>/MAAS", "OAuth": "<key>"}
+	maasrc := filepath.Join(utils.Home(), ".maasrc")
+	fileBytes, err := ioutil.ReadFile(maasrc)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	details := make(map[string]interface{})
+	err = json.Unmarshal(fileBytes, &details)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	oauthKey := details["OAuth"]
+	if oauthKey == "" {
+		return nil, errors.New("MAAS credentials require a value for OAuth token")
+	}
+	cred := cloud.NewCredential(cloud.OAuth1AuthType, map[string]string{
+		"maas-oauth": fmt.Sprintf("%v", oauthKey),
+	})
+	server, ok := details["Server"]
+	if server == "" || !ok {
+		server = "unspecified server"
+	}
+	cred.Label = fmt.Sprintf("MAAS credential for %s", server)
+
+	return &cloud.CloudCredential{
+		AuthCredentials: map[string]cloud.Credential{
+			"default": cred,
+		}}, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/credentials_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/credentials_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/credentials_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/credentials_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,24 +4,24 @@
 package maas_test
 
 import (
-	"github.com/juju/errors"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs"
 	envtesting "github.com/juju/juju/environs/testing"
 )
 
 type credentialsSuite struct {
-	testing.IsolationSuite
+	testing.FakeHomeSuite
 	provider environs.EnvironProvider
 }
 
 var _ = gc.Suite(&credentialsSuite{})
 
 func (s *credentialsSuite) SetUpTest(c *gc.C) {
-	s.IsolationSuite.SetUpTest(c)
+	s.FakeHomeSuite.SetUpTest(c)
 
 	var err error
 	s.provider, err = environs.Provider("maas")
@@ -42,7 +42,36 @@
 	envtesting.AssertProviderCredentialsAttributesHidden(c, s.provider, "oauth1", "maas-oauth")
 }
 
-func (s *credentialsSuite) TestDetectCredentialsNotFound(c *gc.C) {
-	_, err := s.provider.DetectCredentials()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+func (s *credentialsSuite) TestDetectCredentials(c *gc.C) {
+	s.Home.AddFiles(c, testing.TestFile{
+		Name: ".maasrc",
+		Data: `{"Server": "http://10.0.0.1/MAAS", "OAuth": "key"}`,
+	})
+	creds, err := s.provider.DetectCredentials()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(creds.DefaultRegion, gc.Equals, "")
+	expected := cloud.NewCredential(
+		cloud.OAuth1AuthType, map[string]string{
+			"maas-oauth": "key",
+		},
+	)
+	expected.Label = "MAAS credential for http://10.0.0.1/MAAS"
+	c.Assert(creds.AuthCredentials["default"], jc.DeepEquals, expected)
+}
+
+func (s *credentialsSuite) TestDetectCredentialsNoServer(c *gc.C) {
+	s.Home.AddFiles(c, testing.TestFile{
+		Name: ".maasrc",
+		Data: `{"OAuth": "key"}`,
+	})
+	creds, err := s.provider.DetectCredentials()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(creds.DefaultRegion, gc.Equals, "")
+	expected := cloud.NewCredential(
+		cloud.OAuth1AuthType, map[string]string{
+			"maas-oauth": "key",
+		},
+	)
+	expected.Label = "MAAS credential for unspecified server"
+	c.Assert(creds.AuthCredentials["default"], jc.DeepEquals, expected)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/devices.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/devices.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/devices.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/devices.go	2016-07-18 19:45:44.000000000 +0000
@@ -57,9 +57,10 @@
 	return rawBytes, nil
 }
 
-func (env *maasEnviron) createDevice(hostInstanceID instance.Id, primaryMACAddress string) (*maasDevice, error) {
+func (env *maasEnviron) createDevice(hostInstanceID instance.Id, hostname string, primaryMACAddress string) (*maasDevice, error) {
 	devicesAPI := env.getMAASClient().GetSubObject("devices")
 	params := make(url.Values)
+	params.Add("hostname", hostname)
 	params.Add("parent", extractSystemId(hostInstanceID))
 	params.Add("mac_addresses", primaryMACAddress)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,6 @@
 import (
 	"encoding/json"
 	"fmt"
-	"net"
 	"net/http"
 	"net/url"
 	"regexp"
@@ -17,12 +16,11 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/gomaasapi"
-	"github.com/juju/names"
 	"github.com/juju/utils"
-	"github.com/juju/utils/featureflag"
 	"github.com/juju/utils/os"
 	"github.com/juju/utils/series"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cloudconfig/cloudinit"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -31,7 +29,6 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/environs/storage"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
@@ -41,8 +38,6 @@
 )
 
 const (
-	// The string from the api indicating the dynamic range of a subnet.
-	dynamicRange = "dynamic-range"
 	// The version strings indicating the MAAS API version.
 	apiVersion1 = "1.0"
 	apiVersion2 = "2.0"
@@ -72,45 +67,6 @@
 	})
 }
 
-func subnetToSpaceIds(spaces gomaasapi.MAASObject) (map[string]network.Id, error) {
-	spacesJson, err := spaces.CallGet("", nil)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	spacesArray, err := spacesJson.GetArray()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	subnetsMap := make(map[string]network.Id)
-	for _, spaceJson := range spacesArray {
-		spaceMap, err := spaceJson.GetMap()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		providerIdRaw, err := spaceMap["id"].GetFloat64()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		providerId := network.Id(fmt.Sprintf("%.0f", providerIdRaw))
-		subnetsArray, err := spaceMap["subnets"].GetArray()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		for _, subnetJson := range subnetsArray {
-			subnetMap, err := subnetJson.GetMap()
-			if err != nil {
-				return nil, errors.Trace(err)
-			}
-			subnet, err := subnetMap["cidr"].GetString()
-			if err != nil {
-				return nil, errors.Trace(err)
-			}
-			subnetsMap[subnet] = providerId
-		}
-	}
-	return subnetsMap, nil
-}
-
 func releaseNodes(nodes gomaasapi.MAASObject, ids url.Values) error {
 	_, err := nodes.CallPost("release", ids)
 	return err
@@ -137,6 +93,9 @@
 	// maasController provides access to the MAAS 2.0 API.
 	maasController gomaasapi.Controller
 
+	// namespace is used to create the machine and device hostnames.
+	namespace instance.Namespace
+
 	availabilityZonesMutex sync.Mutex
 	availabilityZones      []common.AvailabilityZone
 
@@ -155,6 +114,10 @@
 	env.name = cfg.Name()
 	env.storageUnlocked = NewStorage(env)
 
+	env.namespace, err = instance.NewNamespace(cfg.UUID())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 	return env, nil
 }
 
@@ -164,10 +127,6 @@
 
 // Bootstrap is specified in the Environ interface.
 func (env *maasEnviron) Bootstrap(ctx environs.BootstrapContext, args environs.BootstrapParams) (*environs.BootstrapResult, error) {
-	if featureflag.Enabled(feature.AddressAllocation) {
-		logger.Warningf("address-allocation feature flag is no longer supported on MAAS and is ignored!")
-	}
-
 	result, series, finalizer, err := common.BootstrapInstance(ctx, env, args)
 	if err != nil {
 		return nil, err
@@ -181,21 +140,30 @@
 			}
 		}
 	}()
-	// Wait for bootstrap instance to change to deployed state.
-	if err := env.waitForNodeDeployment(result.Instance.Id()); err != nil {
-		return nil, errors.Annotate(err, "bootstrap instance started but did not change to Deployed state")
+
+	waitingFinalizer := func(
+		ctx environs.BootstrapContext,
+		icfg *instancecfg.InstanceConfig,
+		dialOpts environs.BootstrapDialOpts,
+	) error {
+		// Wait for bootstrap instance to change to deployed state.
+		if err := env.waitForNodeDeployment(result.Instance.Id(), dialOpts.Timeout); err != nil {
+			return errors.Annotate(err, "bootstrap instance started but did not change to Deployed state")
+		}
+		return finalizer(ctx, icfg, dialOpts)
 	}
 
 	bsResult := &environs.BootstrapResult{
 		Arch:     *result.Hardware.Arch,
 		Series:   series,
-		Finalize: finalizer,
+		Finalize: waitingFinalizer,
 	}
 	return bsResult, nil
 }
 
 // ControllerInstances is specified in the Environ interface.
-func (env *maasEnviron) ControllerInstances() ([]instance.Id, error) {
+func (env *maasEnviron) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
+	// TODO(wallyworld) - tag instances with controller UUID so we can use that
 	return common.ProviderStateInstances(env, env.Storage())
 }
 
@@ -295,11 +263,6 @@
 	return true, nil
 }
 
-// SupportsAddressAllocation is specified on environs.Networking.
-func (env *maasEnviron) SupportsAddressAllocation(_ network.Id) (bool, error) {
-	return false, errors.NotSupportedf("legacy address allocation")
-}
-
 // allArchitectures2 uses the MAAS2 controller to get architectures from boot
 // resources.
 func (env *maasEnviron) allArchitectures2() ([]string, error) {
@@ -1043,21 +1006,15 @@
 	}, nil
 }
 
-// Override for testing.
-var nodeDeploymentTimeout = func(environ *maasEnviron) time.Duration {
-	sshTimeouts := environ.Config().BootstrapSSHOpts()
-	return sshTimeouts.Timeout
-}
-
-func (environ *maasEnviron) waitForNodeDeployment(id instance.Id) error {
+func (environ *maasEnviron) waitForNodeDeployment(id instance.Id, timeout time.Duration) error {
 	if environ.usingMAAS2() {
-		return environ.waitForNodeDeployment2(id)
+		return environ.waitForNodeDeployment2(id, timeout)
 	}
 	systemId := extractSystemId(id)
 
 	longAttempt := utils.AttemptStrategy{
 		Delay: 10 * time.Second,
-		Total: nodeDeploymentTimeout(environ),
+		Total: timeout,
 	}
 
 	for a := longAttempt.Start(); a.Next(); {
@@ -1078,10 +1035,10 @@
 	return errors.Errorf("instance %q is started but not deployed", id)
 }
 
-func (environ *maasEnviron) waitForNodeDeployment2(id instance.Id) error {
+func (environ *maasEnviron) waitForNodeDeployment2(id instance.Id, timeout time.Duration) error {
 	longAttempt := utils.AttemptStrategy{
 		Delay: 10 * time.Second,
-		Total: nodeDeploymentTimeout(environ),
+		Total: timeout,
 	}
 
 	for a := longAttempt.Start(); a.Next(); {
@@ -1558,18 +1515,6 @@
 	return result, nil
 }
 
-// AllocateAddress requests an address to be allocated for the given instance on
-// the given network.
-func (environ *maasEnviron) AllocateAddress(instId instance.Id, subnetId network.Id, addr *network.Address, macAddress, hostname string) (err error) {
-	return errors.NotSupportedf("AllocateAddress")
-}
-
-// ReleaseAddress releases a specific address previously allocated with
-// AllocateAddress.
-func (environ *maasEnviron) ReleaseAddress(instId instance.Id, _ network.Id, addr network.Address, macAddress, hostname string) (err error) {
-	return errors.NotSupportedf("ReleaseAddress")
-}
-
 // subnetsFromNode fetches all the subnets for a specific node.
 func (environ *maasEnviron) subnetsFromNode(nodeId string) ([]gomaasapi.JSONObject, error) {
 	client := environ.getMAASClient().GetSubObject("nodes").GetSubObject(nodeId)
@@ -1613,101 +1558,6 @@
 	return subnets, nil
 }
 
-// Deduce the allocatable portion of the subnet by subtracting the dynamic
-// range from the full subnet range.
-func (environ *maasEnviron) allocatableRangeForSubnet(cidr string, subnetId string) (net.IP, net.IP, error) {
-	// Initialize the low and high bounds of the allocatable range to the
-	// whole CIDR. Reduce the scope of this when we find the dynamic range.
-	ip, ipnet, err := net.ParseCIDR(cidr)
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-	// Skip IPv6 subnets until we can handle them correctly.
-	if ip.To4() == nil && ip.To16() != nil {
-		logger.Debugf("ignoring static IP range for IPv6 subnet %q", cidr)
-		return nil, nil, nil
-	}
-
-	// TODO(mfoord): needs updating to work with IPv6 as well.
-	lowBound, err := network.IPv4ToDecimal(ip)
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-	// Don't include the zero address in the allocatable bounds.
-	lowBound = lowBound + 1
-	ones, bits := ipnet.Mask.Size()
-	zeros := bits - ones
-	numIPs := uint32(1) << uint32(zeros)
-	highBound := lowBound + numIPs - 2
-
-	client := environ.getMAASClient().GetSubObject("subnets").GetSubObject(subnetId)
-
-	json, err := client.CallGet("reserved_ip_ranges", nil)
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-	jsonRanges, err := json.GetArray()
-	if err != nil {
-		return nil, nil, errors.Trace(err)
-	}
-
-	for _, jsonRange := range jsonRanges {
-		rangeMap, err := jsonRange.GetMap()
-		if err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-		purposeArray, err := rangeMap["purpose"].GetArray()
-		if err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-		found := false
-		for _, jsonPurpose := range purposeArray {
-			purpose, err := jsonPurpose.GetString()
-			if err != nil {
-				return nil, nil, errors.Trace(err)
-			}
-			if purpose == dynamicRange {
-				found = true
-				break
-			}
-		}
-		if !found {
-			// This is not the range we're looking for
-			continue
-		}
-
-		start, err := rangeMap["start"].GetString()
-		if err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-		end, err := rangeMap["end"].GetString()
-		if err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-		dynamicLow, err := network.IPv4ToDecimal(net.ParseIP(start))
-		if err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-		dynamicHigh, err := network.IPv4ToDecimal(net.ParseIP(end))
-		if err != nil {
-			return nil, nil, errors.Trace(err)
-		}
-
-		// We pick the larger of the two portions of the subnet around
-		// the dynamic range. Either ending one below the start of the
-		// dynamic range or starting one after the end.
-		above := highBound - dynamicHigh
-		below := dynamicLow - lowBound
-		if above > below {
-			lowBound = dynamicHigh + 1
-		} else {
-			highBound = dynamicLow - 1
-		}
-		break
-	}
-	return network.DecimalToIPv4(lowBound), network.DecimalToIPv4(highBound), nil
-}
-
 // subnetFromJson populates a network.SubnetInfo from a gomaasapi.JSONObject
 // representing a single subnet. This can come from either the subnets api
 // endpoint or the node endpoint.
@@ -1736,18 +1586,12 @@
 		}
 		vid = int(vidFloat)
 	}
-	allocatableLow, allocatableHigh, err := environ.allocatableRangeForSubnet(cidr, subnetId)
-	if err != nil {
-		return subnetInfo, errors.Trace(err)
-	}
 
 	subnetInfo = network.SubnetInfo{
-		ProviderId:        network.Id(subnetId),
-		VLANTag:           vid,
-		CIDR:              cidr,
-		SpaceProviderId:   spaceId,
-		AllocatableIPLow:  allocatableLow,
-		AllocatableIPHigh: allocatableHigh,
+		ProviderId:      network.Id(subnetId),
+		VLANTag:         vid,
+		CIDR:            cidr,
+		SpaceProviderId: spaceId,
 	}
 	return subnetInfo, nil
 }
@@ -2106,6 +1950,12 @@
 	return environ.Storage().RemoveAll()
 }
 
+// DestroyController implements the Environ interface.
+func (environ *maasEnviron) DestroyController(controllerUUID string) error {
+	// TODO(wallyworld): destroy hosted model resources
+	return environ.Destroy()
+}
+
 // MAAS does not do firewalling so these port methods do nothing.
 func (*maasEnviron) OpenPorts([]network.PortRange) error {
 	logger.Debugf("unimplemented OpenPorts() called")
@@ -2136,18 +1986,18 @@
 	return nodeId, err
 }
 
-func (env *maasEnviron) AllocateContainerAddresses(hostInstanceID instance.Id, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
+func (env *maasEnviron) AllocateContainerAddresses(hostInstanceID instance.Id, containerTag names.MachineTag, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
 	if len(preparedInfo) == 0 {
 		return nil, errors.Errorf("no prepared info to allocate")
 	}
 	logger.Debugf("using prepared container info: %+v", preparedInfo)
 	if !env.usingMAAS2() {
-		return env.allocateContainerAddresses1(hostInstanceID, preparedInfo)
+		return env.allocateContainerAddresses1(hostInstanceID, containerTag, preparedInfo)
 	}
-	return env.allocateContainerAddresses2(hostInstanceID, preparedInfo)
+	return env.allocateContainerAddresses2(hostInstanceID, containerTag, preparedInfo)
 }
 
-func (env *maasEnviron) allocateContainerAddresses1(hostInstanceID instance.Id, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
+func (env *maasEnviron) allocateContainerAddresses1(hostInstanceID instance.Id, containerTag names.MachineTag, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
 	subnetCIDRToVLANID := make(map[string]string)
 	subnetsAPI := env.getMAASClient().GetSubObject("subnets")
 	result, err := subnetsAPI.CallGet("", nil)
@@ -2178,8 +2028,12 @@
 	}
 	logger.Debugf("primary device NIC prepared info: %+v", primaryNICInfo)
 
+	deviceName, err := env.namespace.Hostname(containerTag.Id())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 	primaryMACAddress := primaryNICInfo.MACAddress
-	containerDevice, err := env.createDevice(hostInstanceID, primaryMACAddress)
+	containerDevice, err := env.createDevice(hostInstanceID, deviceName, primaryMACAddress)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot create device for container")
 	}
@@ -2237,7 +2091,7 @@
 	return finalInterfaces, nil
 }
 
-func (env *maasEnviron) allocateContainerAddresses2(hostInstanceID instance.Id, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
+func (env *maasEnviron) allocateContainerAddresses2(hostInstanceID instance.Id, containerTag names.MachineTag, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
 	subnetCIDRToSubnet := make(map[string]gomaasapi.Subnet)
 	spaces, err := env.maasController.Spaces()
 	if err != nil {
@@ -2280,7 +2134,12 @@
 		return nil, errors.Errorf("unexpected response fetching machine %v: %v", hostInstanceID, machines)
 	}
 	machine := machines[0]
+	deviceName, err := env.namespace.Hostname(containerTag.Id())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 	createDeviceArgs := gomaasapi.CreateMachineDeviceArgs{
+		Hostname:      deviceName,
 		MACAddress:    primaryMACAddress,
 		Subnet:        subnet,
 		InterfaceName: primaryNICName,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environprovider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environprovider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environprovider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environprovider.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,6 +6,7 @@
 import (
 	"fmt"
 	"net/http"
+	"net/url"
 
 	"github.com/juju/errors"
 	"github.com/juju/gomaasapi"
@@ -45,7 +46,7 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (p maasEnvironProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (p maasEnvironProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	attrs := cfg.UnknownAttrs()
 	oldName, found := attrs["maas-agent-name"]
 	if found && oldName != "" {
@@ -57,18 +58,16 @@
 
 // BootstrapConfig is specified in the EnvironProvider interface.
 func (p maasEnvironProvider) BootstrapConfig(args environs.BootstrapConfigParams) (*config.Config, error) {
-	// For MAAS, either:
-	// 1. the endpoint from the cloud definition defines the MAAS server URL
-	//    (if a full cloud definition had been set up)
-	// 2. the region defines the MAAS server ip/host
-	//    (if the bootstrap shortcut is used)
-	server := args.CloudEndpoint
-	if server == "" && args.CloudRegion != "" {
-		server = fmt.Sprintf("http://%s/MAAS", args.CloudRegion)
-	}
-	if server == "" {
+	// For MAAS, the cloud endpoint may be either a full URL
+	// for the MAAS server, or just the IP/host.
+	if args.CloudEndpoint == "" {
 		return nil, errors.New("MAAS server not specified")
 	}
+	server := args.CloudEndpoint
+	if url, err := url.Parse(server); err != nil || url.Scheme == "" {
+		server = fmt.Sprintf("http://%s/MAAS", args.CloudEndpoint)
+	}
+
 	attrs := map[string]interface{}{
 		"maas-server": server,
 	}
@@ -86,7 +85,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	return p.PrepareForCreateEnvironment(cfg)
+	return p.PrepareForCreateEnvironment(args.ControllerUUID, cfg)
 }
 
 // PrepareForBootstrap is specified in the EnvironProvider interface.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environprovider_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environprovider_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environprovider_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environprovider_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -95,7 +95,7 @@
 	c.Assert(uuid, jc.Satisfies, utils.IsValidUUIDString)
 }
 
-func (suite *EnvironProviderSuite) TestMAASServerFromRegion(c *gc.C) {
+func (suite *EnvironProviderSuite) TestMAASServerFromEndpoint(c *gc.C) {
 	attrs := testing.FakeConfig().Merge(testing.Attrs{
 		"type": "maas",
 	})
@@ -103,8 +103,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	cfg, err := providerInstance.BootstrapConfig(environs.BootstrapConfigParams{
-		Config:      config,
-		CloudRegion: "maas.testing",
+		Config:        config,
+		CloudEndpoint: "maas.testing",
 		Credentials: cloud.NewCredential(
 			cloud.OAuth1AuthType,
 			map[string]string{
@@ -127,7 +127,7 @@
 	config, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 
-	config, err = providerInstance.PrepareForCreateEnvironment(config)
+	config, err = providerInstance.PrepareForCreateEnvironment(suite.controllerUUID, config)
 	c.Assert(err, jc.ErrorIsNil)
 
 	uuid, ok := config.UnknownAttrs()["maas-agent-name"]
@@ -145,7 +145,7 @@
 	config, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 
-	_, err = providerInstance.PrepareForCreateEnvironment(config)
+	_, err = providerInstance.PrepareForCreateEnvironment(suite.controllerUUID, config)
 	c.Assert(err, gc.Equals, errAgentNameAlreadySet)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -71,6 +71,7 @@
 	attrs["type"] = "maas"
 	attrs["maas-server"] = "http://maas.testing.invalid"
 	attrs["maas-oauth"] = "a:b:c"
+	attrs["bootstrap-timeout"] = "1200"
 	for k, v := range extraAttrs {
 		attrs[k] = v
 	}
@@ -144,6 +145,7 @@
 	// These are attrs we need to make it a valid Config, but would usually
 	// be set by other infrastructure
 	attrs["type"] = "maas"
+	attrs["bootstrap-timeout"] = "1200"
 	nilCfg, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 	validatedConfig, err := provider.Validate(baseCfg, nilCfg)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environ_whitebox_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environ_whitebox_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/environ_whitebox_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/environ_whitebox_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,19 +13,18 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/gomaasapi"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/cloudconfig/cloudinit"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/bootstrap"
-	"github.com/juju/juju/environs/config"
 	envstorage "github.com/juju/juju/environs/storage"
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
@@ -34,6 +33,7 @@
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/storage"
+	coretesting "github.com/juju/juju/testing"
 	jujuversion "github.com/juju/juju/version"
 )
 
@@ -54,21 +54,6 @@
 	Disabled      bool
 }
 
-// getTestConfig creates a customized sample MAAS provider configuration.
-func getTestConfig(name, server, oauth, secret string) *config.Config {
-	ecfg, err := newConfig(map[string]interface{}{
-		"name":            name,
-		"maas-server":     server,
-		"maas-oauth":      oauth,
-		"admin-secret":    secret,
-		"authorized-keys": "I-am-not-a-real-key",
-	})
-	if err != nil {
-		panic(err)
-	}
-	return ecfg.Config
-}
-
 func (suite *environSuite) addNode(jsonText string) instance.Id {
 	node := suite.testMAASObject.TestServer.NewNode(jsonText)
 	resourceURI, _ := node.GetField("resource_uri")
@@ -164,7 +149,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	suite.testMAASObject.TestServer.AddNodeDetails("node0", lshwXML)
 	suite.addSubnet(c, 9, 9, "node0")
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	// The bootstrap node has been acquired and started.
 	operations := suite.testMAASObject.TestServer.NodeOperations()
@@ -174,7 +163,7 @@
 
 	// Test the instance id is correctly recorded for the bootstrap node.
 	// Check that ControllerInstances returns the id of the bootstrap machine.
-	instanceIds, err := env.ControllerInstances()
+	instanceIds, err := env.ControllerInstances(suite.controllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(instanceIds, gc.HasLen, 1)
 	insts, err := env.AllInstances()
@@ -191,7 +180,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	suite.testMAASObject.TestServer.AddNodeDetails("node1", lshwXML)
 	suite.addSubnet(c, 8, 8, "node1")
-	instance, hc := testing.AssertStartInstance(c, env, "1")
+	instance, hc := testing.AssertStartInstance(c, env, suite.controllerUUID, "1")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(instance, gc.NotNil)
 	c.Assert(hc, gc.NotNil)
@@ -223,7 +212,7 @@
 
 	// Trash the tools and try to start another instance.
 	suite.PatchValue(&envtools.DefaultBaseURL, "")
-	instance, _, _, err = testing.StartInstance(env, "2")
+	instance, _, _, err = testing.StartInstance(env, suite.controllerUUID, "2")
 	c.Check(instance, gc.IsNil)
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
 }
@@ -348,7 +337,7 @@
 
 func (suite *environSuite) TestControllerInstances(c *gc.C) {
 	env := suite.makeEnviron()
-	_, err := env.ControllerInstances()
+	_, err := env.ControllerInstances(suite.controllerUUID)
 	c.Assert(err, gc.Equals, environs.ErrNotBootstrapped)
 
 	tests := [][]instance.Id{{}, {"inst-0"}, {"inst-0", "inst-1"}}
@@ -357,7 +346,7 @@
 			StateInstances: expected,
 		})
 		c.Assert(err, jc.ErrorIsNil)
-		controllerInstances, err := env.ControllerInstances()
+		controllerInstances, err := env.ControllerInstances(suite.controllerUUID)
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(controllerInstances, jc.SameContents, expected)
 	}
@@ -365,7 +354,7 @@
 
 func (suite *environSuite) TestControllerInstancesFailsIfNoStateInstances(c *gc.C) {
 	env := suite.makeEnviron()
-	_, err := env.ControllerInstances()
+	_, err := env.ControllerInstances(suite.controllerUUID)
 	c.Check(err, gc.Equals, environs.ErrNotBootstrapped)
 }
 
@@ -401,7 +390,11 @@
 	lshwXML, err := suite.generateHWTemplate(map[string]ifaceInfo{"aa:bb:cc:dd:ee:f0": {0, "eth0", false}})
 	c.Assert(err, jc.ErrorIsNil)
 	suite.testMAASObject.TestServer.AddNodeDetails("thenode", lshwXML)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -418,7 +411,11 @@
 	suite.testMAASObject.TestServer.AddNodeDetails("thenode", lshwXML)
 	// Ensure node will not be reported as deployed by changing its status.
 	suite.testMAASObject.TestServer.ChangeNode("thenode", "status", "4")
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, gc.ErrorMatches, "bootstrap instance started but did not change to Deployed state.*")
 }
 
@@ -435,7 +432,11 @@
 	suite.testMAASObject.TestServer.AddNodeDetails("thenode", lshwXML)
 	// Set the node status to "Failed deployment"
 	suite.testMAASObject.TestServer.ChangeNode("thenode", "status", "11")
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, gc.ErrorMatches, "bootstrap instance started but did not change to Deployed state. instance \"/api/.*/nodes/thenode/\" failed to deploy")
 }
 
@@ -448,14 +449,22 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = env.SetConfig(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Check(err, gc.ErrorMatches, "Juju cannot bootstrap because no tools are available for your model(.|\n)*")
 }
 
 func (suite *environSuite) TestBootstrapFailsIfNoNodes(c *gc.C) {
 	suite.setupFakeTools(c)
 	env := suite.makeEnviron()
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	// Since there are no nodes, the attempt to allocate one returns a
 	// 409: Conflict.
 	c.Check(err, gc.ErrorMatches, ".*409.*")
@@ -526,14 +535,6 @@
 	c.Assert(supported, jc.IsTrue)
 }
 
-func (suite *environSuite) TestSupportsAddressAllocation(c *gc.C) {
-	env := suite.makeEnviron()
-	supported, err := env.SupportsAddressAllocation("")
-	c.Assert(err, gc.ErrorMatches, "legacy address allocation not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-	c.Assert(supported, jc.IsFalse)
-}
-
 func (suite *environSuite) TestSupportsSpaces(c *gc.C) {
 	env := suite.makeEnviron()
 	supported, err := env.SupportsSpaces()
@@ -735,20 +736,6 @@
 	c.Assert(matches[1:], jc.SameContents, []string{"3", "6"})
 }
 
-func (suite *environSuite) TestAllocateAddress(c *gc.C) {
-	env := suite.makeEnviron()
-	err := env.AllocateAddress("", "", nil, "", "")
-	c.Assert(err, gc.ErrorMatches, "AllocateAddress not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-}
-
-func (suite *environSuite) TestReleaseAddress(c *gc.C) {
-	env := suite.makeEnviron()
-	err := env.ReleaseAddress("", "", network.Address{}, "", "")
-	c.Assert(err, gc.ErrorMatches, "ReleaseAddress not supported")
-	c.Assert(err, jc.Satisfies, errors.IsNotSupported)
-}
-
 func (s *environSuite) TestPrecheckInstanceAvailZone(c *gc.C) {
 	s.testMAASObject.TestServer.AddZone("zone1", "the grass is greener in zone1")
 	env := s.makeEnviron()
@@ -804,7 +791,7 @@
 
 func (s *environSuite) testStartInstanceAvailZone(c *gc.C, zone string) (instance.Instance, error) {
 	env := s.bootstrap(c)
-	params := environs.StartInstanceParams{Placement: "zone=" + zone}
+	params := environs.StartInstanceParams{ControllerUUID: s.controllerUUID, Placement: "zone=" + zone}
 	result, err := testing.StartInstanceWithParams(env, "1", params)
 	if err != nil {
 		return nil, err
@@ -816,7 +803,7 @@
 	env := s.bootstrap(c)
 	s.newNode(c, "thenode1", "host1", nil)
 	s.addSubnet(c, 1, 1, "thenode1")
-	params := environs.StartInstanceParams{Constraints: constraints.MustParse("mem=8G")}
+	params := environs.StartInstanceParams{ControllerUUID: s.controllerUUID, Constraints: constraints.MustParse("mem=8G")}
 	_, err := testing.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, gc.ErrorMatches, "cannot run instances:.* 409.*")
 }
@@ -827,7 +814,7 @@
 	s.addSubnet(c, 1, 1, "thenode1")
 	s.newNode(c, "thenode2", "host2", map[string]interface{}{"memory": 8192})
 	s.addSubnet(c, 2, 2, "thenode2")
-	params := environs.StartInstanceParams{Constraints: constraints.MustParse("mem=8G")}
+	params := environs.StartInstanceParams{ControllerUUID: s.controllerUUID, Constraints: constraints.MustParse("mem=8G")}
 	result, err := testing.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(*result.Hardware.Mem, gc.Equals, uint64(8192))
@@ -878,10 +865,11 @@
 		"constraint_map":          storageConstraintAttrs,
 	})
 	s.addSubnet(c, 1, 1, "thenode1")
-	params := environs.StartInstanceParams{Volumes: []storage.VolumeParams{
-		{Tag: names.NewVolumeTag("1"), Size: 2000000},
-		{Tag: names.NewVolumeTag("3"), Size: 2000000},
-	}}
+	params := environs.StartInstanceParams{ControllerUUID: s.controllerUUID,
+		Volumes: []storage.VolumeParams{
+			{Tag: names.NewVolumeTag("1"), Size: 2000000},
+			{Tag: names.NewVolumeTag("3"), Size: 2000000},
+		}}
 	result, err := testing.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Check(result.Volumes, jc.DeepEquals, []storage.Volume{
@@ -928,10 +916,11 @@
 		"memory": 8192,
 	})
 	s.addSubnet(c, 1, 1, "thenode1")
-	params := environs.StartInstanceParams{Volumes: []storage.VolumeParams{
-		{Tag: names.NewVolumeTag("1"), Size: 2000000},
-		{Tag: names.NewVolumeTag("3"), Size: 2000000},
-	}}
+	params := environs.StartInstanceParams{ControllerUUID: s.controllerUUID,
+		Volumes: []storage.VolumeParams{
+			{Tag: names.NewVolumeTag("1"), Size: 2000000},
+			{Tag: names.NewVolumeTag("3"), Size: 2000000},
+		}}
 	_, err := testing.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, gc.ErrorMatches, "requested 2 storage volumes. 0 returned.")
 	operations := s.testMAASObject.TestServer.NodesOperations()
@@ -1003,7 +992,10 @@
 	s.setupFakeTools(c)
 	env := s.makeEnviron()
 	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
-		Placement: "bootstrap-host",
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		Placement:        "bootstrap-host",
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	return env
@@ -1017,7 +1009,7 @@
 	// no distribution group specified
 	s.newNode(c, "node1", "host1", nil)
 	s.addSubnet(c, 1, 1, "node1")
-	testing.AssertStartInstance(c, env, "1")
+	testing.AssertStartInstance(c, env, s.controllerUUID, "1")
 	c.Assert(mock.group, gc.HasLen, 0)
 
 	// distribution group specified: ensure it's passed through to AvailabilityZone.
@@ -1025,6 +1017,7 @@
 	s.addSubnet(c, 2, 2, "node2")
 	expectedInstances := []instance.Id{"i-0", "i-1"}
 	params := environs.StartInstanceParams{
+		ControllerUUID: s.controllerUUID,
 		DistributionGroup: func() ([]instance.Id, error) {
 			return expectedInstances, nil
 		},
@@ -1040,12 +1033,13 @@
 		err: errors.New("AvailabilityZoneAllocations failed"),
 	}
 	s.PatchValue(&availabilityZoneAllocations, mock.AvailabilityZoneAllocations)
-	_, _, _, err := testing.StartInstance(env, "1")
+	_, _, _, err := testing.StartInstance(env, s.controllerUUID, "1")
 	c.Assert(err, gc.ErrorMatches, "cannot get availability zone allocations: AvailabilityZoneAllocations failed")
 
 	mock.err = nil
 	dgErr := errors.New("DistributionGroup failed")
 	params := environs.StartInstanceParams{
+		ControllerUUID: s.controllerUUID,
 		DistributionGroup: func() ([]instance.Id, error) {
 			return nil, dgErr
 		},
@@ -1059,7 +1053,7 @@
 	s.testMAASObject.TestServer.AddZone("test-available", "description")
 	s.newNode(c, "node1", "host1", map[string]interface{}{"zone": "test-available"})
 	s.addSubnet(c, 1, 1, "node1")
-	inst, _ := testing.AssertStartInstance(c, env, "1")
+	inst, _ := testing.AssertStartInstance(c, env, s.controllerUUID, "1")
 	zone, err := inst.(*maas1Instance).zone()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(zone, gc.Equals, "test-available")
@@ -1082,7 +1076,7 @@
 	s.addSubnet(c, 1, 1, "node2")
 
 	env := s.bootstrap(c)
-	inst, _ := testing.AssertStartInstance(c, env, "1")
+	inst, _ := testing.AssertStartInstance(c, env, s.controllerUUID, "1")
 	zone, err := inst.(maasInstance).zone()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(zone, gc.Equals, "zone2")
@@ -1122,7 +1116,7 @@
 	s.addSubnet(c, 2, 2, "node2")
 
 	env := s.bootstrap(c)
-	testing.AssertStartInstance(c, env, "1")
+	testing.AssertStartInstance(c, env, s.controllerUUID, "1")
 	c.Assert(s.testMAASObject.TestServer.NodesOperations(), gc.DeepEquals, []string{
 		// one acquire for the bootstrap, one for StartInstance.
 		"acquire", "acquire",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,8 +11,7 @@
 )
 
 var (
-	ShortAttempt            = &shortAttempt
-	MaasStorageProviderType = maasStorageProviderType
+	ShortAttempt = &shortAttempt
 )
 
 func MAASAgentName(env environs.Environ) string {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/init_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/init_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/init_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/init_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,6 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/provider/maas"
 	"github.com/juju/juju/storage"
 	"github.com/juju/juju/storage/provider/registry"
 	"github.com/juju/juju/testing"
@@ -20,14 +19,14 @@
 var _ = gc.Suite(&maasProviderSuite{})
 
 func (*maasProviderSuite) TestMAASProviderRegistered(c *gc.C) {
-	p, err := registry.StorageProvider(maas.MaasStorageProviderType)
+	p, err := registry.StorageProvider(storage.ProviderType("maas"))
 	c.Assert(err, jc.ErrorIsNil)
 	_, ok := p.(storage.Provider)
 	c.Assert(ok, jc.IsTrue)
 }
 
 func (*maasProviderSuite) TestSupportedProviders(c *gc.C) {
-	supported := []storage.ProviderType{maas.MaasStorageProviderType}
+	supported := []storage.ProviderType{storage.ProviderType("maas")}
 	for _, providerType := range supported {
 		ok := registry.IsProviderSupported("maas", providerType)
 		c.Assert(ok, jc.IsTrue)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/gomaasapi"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/maas2_environ_whitebox_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/maas2_environ_whitebox_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/maas2_environ_whitebox_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/maas2_environ_whitebox_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,6 +15,7 @@
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/cloudconfig/cloudinit"
@@ -28,7 +29,7 @@
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/provider/common"
-	corejujutesting "github.com/juju/juju/testing"
+	coretesting "github.com/juju/juju/testing"
 	jujuversion "github.com/juju/juju/version"
 )
 
@@ -47,12 +48,12 @@
 	testServer.AddGetResponse("/api/1.0/version/", http.StatusOK, "<html></html>")
 	testServer.Start()
 	suite.AddCleanup(func(*gc.C) { testServer.Close() })
-	testAttrs := corejujutesting.Attrs{}
+	testAttrs := coretesting.Attrs{}
 	for k, v := range maasEnvAttrs {
 		testAttrs[k] = v
 	}
 	testAttrs["maas-server"] = testServer.Server.URL
-	attrs := corejujutesting.FakeConfig().Merge(testAttrs)
+	attrs := coretesting.FakeConfig().Merge(testAttrs)
 	cfg, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 	return NewEnviron(cfg)
@@ -325,7 +326,7 @@
 func (suite *maas2EnvironSuite) TestStartInstance(c *gc.C) {
 	env := suite.injectControllerWithSpacesAndCheck(c, nil, gomaasapi.AllocateMachineArgs{})
 
-	params := environs.StartInstanceParams{}
+	params := environs.StartInstanceParams{ControllerUUID: suite.controllerUUID}
 	result, err := jujutesting.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result.Instance.Id(), gc.Equals, instance.Id("Bruce Sterling"))
@@ -350,8 +351,9 @@
 	suite.setupFakeTools(c)
 	env = suite.makeEnviron(c, nil)
 	params := environs.StartInstanceParams{
-		Placement:   "zone=foo",
-		Constraints: constraints.MustParse("mem=8G"),
+		ControllerUUID: suite.controllerUUID,
+		Placement:      "zone=foo",
+		Constraints:    constraints.MustParse("mem=8G"),
 	}
 	result, err := jujutesting.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, jc.ErrorIsNil)
@@ -679,7 +681,11 @@
 	suite.injectController(controller)
 	suite.setupFakeTools(c)
 	env := suite.makeEnviron(c, nil)
-	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      jujutesting.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, gc.ErrorMatches, "bootstrap instance started but did not change to Deployed state.*")
 }
 
@@ -694,7 +700,11 @@
 	suite.injectController(controller)
 	suite.setupFakeTools(c)
 	env := suite.makeEnviron(c, nil)
-	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      jujutesting.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -874,7 +884,7 @@
 	suite.setupFakeTools(c)
 	env = suite.makeEnviron(c, nil)
 
-	params := environs.StartInstanceParams{}
+	params := environs.StartInstanceParams{ControllerUUID: suite.controllerUUID}
 	result, err := jujutesting.StartInstanceWithParams(env, "1", params)
 	c.Assert(err, jc.ErrorIsNil)
 	expected := []network.InterfaceInfo{{
@@ -1040,7 +1050,8 @@
 		CIDR:          "10.20.19.0/24",
 		InterfaceName: "eth0",
 	}}
-	result, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	result, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, jc.ErrorIsNil)
 	expected := []network.InterfaceInfo{{
 		DeviceIndex:       0,
@@ -1228,7 +1239,8 @@
 		MTU:               1500,
 		GatewayAddress:    network.NewAddressOnSpace("freckles", "192.168.1.1"),
 	}}
-	result, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	result, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(result, jc.DeepEquals, expected)
 }
@@ -1239,7 +1251,8 @@
 	}
 	suite.injectController(controller)
 	env := suite.makeEnviron(c, nil)
-	_, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	_, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, gc.ErrorMatches, errorMatches)
 }
 
@@ -1294,7 +1307,8 @@
 	prepared := []network.InterfaceInfo{
 		{InterfaceName: "eth0", CIDR: "10.20.19.0/24"},
 	}
-	_, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	_, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, gc.ErrorMatches, "boom")
 }
 
@@ -1328,12 +1342,14 @@
 	prepared := []network.InterfaceInfo{
 		{InterfaceName: "eth0", CIDR: "10.20.19.0/24", MACAddress: "DEADBEEF"},
 	}
-	_, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	_, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, gc.ErrorMatches, "boom")
 	args := getArgs(c, machine.Calls())
 	maasArgs, ok := args.(gomaasapi.CreateMachineDeviceArgs)
 	c.Assert(ok, jc.IsTrue)
 	expected := gomaasapi.CreateMachineDeviceArgs{
+		Hostname:      "juju-06f00d-1-lxd-0",
 		Subnet:        subnet,
 		MACAddress:    "DEADBEEF",
 		InterfaceName: "eth0",
@@ -1369,7 +1385,8 @@
 		{InterfaceName: "eth0", CIDR: "10.20.19.0/24", MACAddress: "DEADBEEF"},
 		{InterfaceName: "eth1", CIDR: "10.20.20.0/24", MACAddress: "DEADBEEE"},
 	}
-	_, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	_, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, gc.ErrorMatches, "NIC eth1 subnet 10.20.20.0/24 not found")
 }
 
@@ -1405,7 +1422,8 @@
 		{InterfaceName: "eth0", CIDR: "10.20.19.0/24", MACAddress: "DEADBEEF"},
 		{InterfaceName: "eth1", CIDR: "10.20.20.0/24", MACAddress: "DEADBEEE"},
 	}
-	_, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	_, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, gc.ErrorMatches, "creating device interface: boom")
 	args := getArgs(c, device.Calls())
 	maasArgs, ok := args.(gomaasapi.CreateInterfaceArgs)
@@ -1452,7 +1470,8 @@
 		{InterfaceName: "eth0", CIDR: "10.20.19.0/24", MACAddress: "DEADBEEF"},
 		{InterfaceName: "eth1", CIDR: "10.20.20.0/24", MACAddress: "DEADBEEE"},
 	}
-	_, err := env.AllocateContainerAddresses(instance.Id("1"), prepared)
+	ignored := names.NewMachineTag("1/lxd/0")
+	_, err := env.AllocateContainerAddresses(instance.Id("1"), ignored, prepared)
 	c.Assert(err, gc.ErrorMatches, "cannot link device interface to subnet: boom")
 	args := getArgs(c, interface_.Calls())
 	maasArgs, ok := args.(gomaasapi.LinkSubnetArgs)
@@ -1489,7 +1508,11 @@
 	}
 
 	env := suite.makeEnviron(c, controller)
-	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      jujutesting.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	machine.Stub.CheckCallNames(c, "Start")
@@ -1505,7 +1528,7 @@
 
 	// Test the instance id is correctly recorded for the bootstrap node.
 	// Check that ControllerInstances returns the id of the bootstrap machine.
-	instanceIds, err := env.ControllerInstances()
+	instanceIds, err := env.ControllerInstances(suite.controllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(instanceIds, gc.HasLen, 1)
 	insts, err := env.AllInstances()
@@ -1520,7 +1543,7 @@
 	node1.zoneName = "test_zone"
 	controller.allocateMachine = node1
 
-	instance, hc := jujutesting.AssertStartInstance(c, env, "1")
+	instance, hc := jujutesting.AssertStartInstance(c, env, suite.controllerUUID, "1")
 	c.Check(instance, gc.NotNil)
 	c.Assert(hc, gc.NotNil)
 	c.Check(hc.String(), gc.Equals, fmt.Sprintf("arch=%s cpu-cores=1 mem=1024M availability-zone=test_zone", arch.HostArch()))
@@ -1542,7 +1565,7 @@
 
 	// Trash the tools and try to start another instance.
 	suite.PatchValue(&envtools.DefaultBaseURL, "")
-	instance, _, _, err = jujutesting.StartInstance(env, "2")
+	instance, _, _, err = jujutesting.StartInstance(env, suite.controllerUUID, "2")
 	c.Check(instance, gc.IsNil)
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
 }
@@ -1550,7 +1573,7 @@
 func (suite *maas2EnvironSuite) TestControllerInstances(c *gc.C) {
 	controller := newFakeControllerWithErrors(gomaasapi.NewNoMatchError("state"))
 	env := suite.makeEnviron(c, controller)
-	_, err := env.ControllerInstances()
+	_, err := env.ControllerInstances(suite.controllerUUID)
 	c.Assert(err, gc.Equals, environs.ErrNotBootstrapped)
 
 	tests := [][]instance.Id{{}, {"inst-0"}, {"inst-0", "inst-1"}}
@@ -1562,7 +1585,7 @@
 			name:     "agent-prefix-provider-state",
 			contents: state,
 		}}
-		controllerInstances, err := env.ControllerInstances()
+		controllerInstances, err := env.ControllerInstances(suite.controllerUUID)
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(controllerInstances, jc.SameContents, expected)
 	}
@@ -1571,7 +1594,7 @@
 func (suite *maas2EnvironSuite) TestControllerInstancesFailsIfNoStateInstances(c *gc.C) {
 	env := suite.makeEnviron(c,
 		newFakeControllerWithErrors(gomaasapi.NewNoMatchError("state")))
-	_, err := env.ControllerInstances()
+	_, err := env.ControllerInstances(suite.controllerUUID)
 	c.Check(err, gc.Equals, environs.ErrNotBootstrapped)
 }
 
@@ -1605,7 +1628,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = env.SetConfig(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	err = bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      jujutesting.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Check(err, gc.ErrorMatches, "Juju cannot bootstrap because no tools are available for your model(.|\n)*")
 }
 
@@ -1614,7 +1641,11 @@
 	controller := newFakeController()
 	controller.allocateMachineError = gomaasapi.NewNoMatchError("oops")
 	env := suite.makeEnviron(c, controller)
-	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envjujutesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      jujutesting.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	// Since there are no nodes, the attempt to allocate one returns a
 	// 409: Conflict.
 	c.Check(err, gc.ErrorMatches, ".*cannot run instances.*")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/maas2_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/maas2_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/maas2_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/maas2_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,6 +40,7 @@
 	testAttrs["maas-agent-name"] = "agent-prefix"
 
 	attrs := coretesting.FakeConfig().Merge(testAttrs)
+	suite.controllerUUID = coretesting.FakeControllerConfig().ControllerUUID()
 	cfg, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := NewEnviron(cfg)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/maas_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/maas_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/maas_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/maas_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,8 @@
 	"bytes"
 	"encoding/json"
 	"fmt"
-	"net"
 	"path/filepath"
 	"strconv"
-	"time"
 
 	"github.com/juju/gomaasapi"
 	jc "github.com/juju/testing/checkers"
@@ -24,9 +22,8 @@
 	sstesting "github.com/juju/juju/environs/simplestreams/testing"
 	envtesting "github.com/juju/juju/environs/testing"
 	envtools "github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/network"
 	coretesting "github.com/juju/juju/testing"
 	jujuversion "github.com/juju/juju/version"
@@ -37,10 +34,11 @@
 type baseProviderSuite struct {
 	coretesting.FakeJujuXDGDataHomeSuite
 	envtesting.ToolsFixture
+	controllerUUID string
 }
 
 func (suite *baseProviderSuite) setupFakeTools(c *gc.C) {
-	suite.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	suite.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 	storageDir := c.MkDir()
 	toolsDir := filepath.Join(storageDir, "tools")
 	suite.PatchValue(&envtools.DefaultBaseURL, utils.MakeFileURL(toolsDir))
@@ -55,9 +53,6 @@
 		restoreFinishBootstrap()
 		restoreTimeouts()
 	})
-	s.PatchValue(&nodeDeploymentTimeout, func(*maasEnviron) time.Duration {
-		return coretesting.ShortWait
-	})
 }
 
 func (s *baseProviderSuite) SetUpTest(c *gc.C) {
@@ -66,7 +61,6 @@
 	s.PatchValue(&jujuversion.Current, coretesting.FakeVersionNumber)
 	s.PatchValue(&arch.HostArch, func() string { return arch.AMD64 })
 	s.PatchValue(&series.HostSeries, func() string { return series.LatestLts() })
-	s.SetFeatureFlags(feature.AddressAllocation)
 }
 
 func (s *baseProviderSuite) TearDownTest(c *gc.C) {
@@ -124,7 +118,7 @@
 }
 
 var maasEnvAttrs = coretesting.Attrs{
-	"name":            "test env",
+	"name":            "test-env",
 	"type":            "maas",
 	"maas-oauth":      "a:b:c",
 	"maas-agent-name": exampleAgentName,
@@ -138,6 +132,7 @@
 	}
 	testAttrs["maas-server"] = suite.testMAASObject.TestServer.URL
 	attrs := coretesting.FakeConfig().Merge(testAttrs)
+	suite.controllerUUID = coretesting.FakeControllerConfig().ControllerUUID()
 	cfg, err := config.New(config.NoDefaults, attrs)
 	if err != nil {
 		panic(err)
@@ -180,11 +175,9 @@
 
 func createSubnetInfo(subnetID, spaceID, ipRange uint) network.SubnetInfo {
 	return network.SubnetInfo{
-		CIDR:              fmt.Sprintf("192.168.%d.0/24", ipRange),
-		ProviderId:        network.Id(strconv.Itoa(int(subnetID))),
-		AllocatableIPLow:  net.ParseIP(fmt.Sprintf("192.168.%d.139", ipRange)).To4(),
-		AllocatableIPHigh: net.ParseIP(fmt.Sprintf("192.168.%d.255", ipRange)).To4(),
-		SpaceProviderId:   network.Id(fmt.Sprintf("%d", spaceID)),
+		CIDR:            fmt.Sprintf("192.168.%d.0/24", ipRange),
+		ProviderId:      network.Id(strconv.Itoa(int(subnetID))),
+		SpaceProviderId: network.Id(fmt.Sprintf("%d", spaceID)),
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/Makefile juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/Makefile
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/Makefile	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/Makefile	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 	echo -n '//go:generate make -q\n\n' >> $@
 	echo -n 'import "path"\n\n' >> $@
 	echo -n 'const bridgeScriptName = "add-juju-bridge.py"\n\n' >> $@
-	echo -n 'var bridgeScriptPath = path.Join("/tmp", bridgeScriptName)\n\n' >> $@
+	echo -n 'var bridgeScriptPath = path.Join("/var/tmp", bridgeScriptName)\n\n' >> $@
 	echo -n "const bridgeScriptPython = \`" >> $@
 	cat add-juju-bridge.py >> $@
 	echo -n '`\n' >> $@
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/volumes.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/volumes.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/volumes.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/volumes.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,9 +10,9 @@
 
 	"github.com/dustin/go-humanize"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/schema"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/config"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/volumes_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/volumes_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/maas/volumes_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/maas/volumes_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/gomaasapi"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -104,9 +104,9 @@
 	if err != nil {
 		return nil, err
 	}
-	finalize := func(ctx environs.BootstrapContext, icfg *instancecfg.InstanceConfig) error {
-		icfg.InstanceId = BootstrapInstanceId
-		icfg.HardwareCharacteristics = &hc
+	finalize := func(ctx environs.BootstrapContext, icfg *instancecfg.InstanceConfig, _ environs.BootstrapDialOpts) error {
+		icfg.Bootstrap.BootstrapMachineInstanceId = BootstrapInstanceId
+		icfg.Bootstrap.BootstrapMachineHardwareCharacteristics = &hc
 		if err := instancecfg.FinishInstanceConfig(icfg, e.Config()); err != nil {
 			return err
 		}
@@ -122,7 +122,7 @@
 }
 
 // ControllerInstances is specified in the Environ interface.
-func (e *manualEnviron) ControllerInstances() ([]instance.Id, error) {
+func (e *manualEnviron) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
 	arg0 := filepath.Base(os.Args[0])
 	if arg0 != names.Jujud {
 		// Not running inside the controller, so we must
@@ -244,6 +244,11 @@
 	return err
 }
 
+// DestroyController implements the Environ interface.
+func (e *manualEnviron) DestroyController(controllerUUID string) error {
+	return e.Destroy()
+}
+
 func (*manualEnviron) PrecheckInstance(series string, _ constraints.Value, placement string) error {
 	return errors.New(`use "juju add-machine ssh:[user@]<host>" to provision machines`)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -196,7 +196,7 @@
 		c.Logf("test %d", i)
 		outputResult = test.output
 		errResult = test.err
-		instances, err := s.env.ControllerInstances()
+		instances, err := s.env.ControllerInstances("not-used")
 		if test.expectedErr == "" {
 			c.Assert(err, jc.ErrorIsNil)
 			c.Assert(instances, gc.DeepEquals, []instance.Id{BootstrapInstanceId})
@@ -210,14 +210,14 @@
 func (s *controllerInstancesSuite) TestControllerInstancesStderr(c *gc.C) {
 	// Stderr should not affect the behaviour of ControllerInstances.
 	testing.PatchExecutable(c, s, "ssh", "#!/bin/sh\nhead -n1 > /dev/null; echo abc >&2; exit 0")
-	_, err := s.env.ControllerInstances()
+	_, err := s.env.ControllerInstances("not-used")
 	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *controllerInstancesSuite) TestControllerInstancesError(c *gc.C) {
 	// If the ssh execution fails, its stderr will be captured in the error message.
 	testing.PatchExecutable(c, s, "ssh", "#!/bin/sh\nhead -n1 > /dev/null; echo abc >&2; exit 1")
-	_, err := s.env.ControllerInstances()
+	_, err := s.env.ControllerInstances("not-used")
 	c.Assert(err, gc.ErrorMatches, "abc: .*")
 }
 
@@ -227,7 +227,7 @@
 	// Patch the ssh executable so that it would cause an error if we
 	// were to call it.
 	testing.PatchExecutable(c, s, "ssh", "#!/bin/sh\nhead -n1 > /dev/null; echo abc >&2; exit 1")
-	instances, err := s.env.ControllerInstances()
+	instances, err := s.env.ControllerInstances("not-used")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(instances, gc.DeepEquals, []instance.Id{BootstrapInstanceId})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -46,32 +46,20 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (p manualProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (p manualProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	return cfg, nil
 }
 
 // BootstrapConfig is specified in the EnvironProvider interface.
 func (p manualProvider) BootstrapConfig(args environs.BootstrapConfigParams) (*config.Config, error) {
-	var bootstrapHost string
-	switch {
-	case args.CloudEndpoint != "":
-		// If an endpoint is specified, then we expect that the user
-		// has specified in their clouds.yaml a region with the
-		// bootstrap host as the endpoint.
-		bootstrapHost = args.CloudEndpoint
-	case args.CloudRegion != "":
-		// If only a region is specified, then we expect that the user
-		// has run "juju bootstrap manual/<host>", and treat the region
-		// name as the name of the bootstrap machine.
-		bootstrapHost = args.CloudRegion
-	default:
+	if args.CloudEndpoint == "" {
 		return nil, errors.Errorf(
 			"missing address of host to bootstrap: " +
 				`please specify "juju bootstrap manual/<host>"`,
 		)
 	}
 	cfg, err := args.Config.Apply(map[string]interface{}{
-		"bootstrap-host": bootstrapHost,
+		"bootstrap-host": args.CloudEndpoint,
 	})
 	if err != nil {
 		return nil, errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/provider_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/provider_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/manual/provider_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/manual/provider_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,7 +36,7 @@
 func (s *providerSuite) TestPrepareForCreateEnvironment(c *gc.C) {
 	testConfig, err := config.New(config.UseDefaults, manual.MinimalConfigValues())
 	c.Assert(err, jc.ErrorIsNil)
-	cfg, err := manual.ProviderInstance.PrepareForCreateEnvironment(testConfig)
+	cfg, err := manual.ProviderInstance.PrepareForCreateEnvironment(coretesting.ModelTag.Id(), testConfig)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(cfg, gc.Equals, testConfig)
 }
@@ -44,17 +44,11 @@
 func (s *providerSuite) TestPrepareForBootstrapCloudEndpointAndRegion(c *gc.C) {
 	ctx, err := s.testPrepareForBootstrap(c, "endpoint", "region")
 	c.Assert(err, jc.ErrorIsNil)
-	s.CheckCall(c, 0, "InitUbuntuUser", "endpoint", "", "public auth key\n", ctx.GetStdin(), ctx.GetStdout())
+	s.CheckCall(c, 0, "InitUbuntuUser", "endpoint", "", "", ctx.GetStdin(), ctx.GetStdout())
 }
 
-func (s *providerSuite) TestPrepareForBootstrapCloudRegionOnly(c *gc.C) {
-	ctx, err := s.testPrepareForBootstrap(c, "", "region")
-	c.Assert(err, jc.ErrorIsNil)
-	s.CheckCall(c, 0, "InitUbuntuUser", "region", "", "public auth key\n", ctx.GetStdin(), ctx.GetStdout())
-}
-
-func (s *providerSuite) TestPrepareForBootstrapNoCloudEndpointOrRegion(c *gc.C) {
-	_, err := s.testPrepareForBootstrap(c, "", "")
+func (s *providerSuite) TestPrepareForBootstrapNoCloudEndpoint(c *gc.C) {
+	_, err := s.testPrepareForBootstrap(c, "", "region")
 	c.Assert(err, gc.ErrorMatches,
 		`missing address of host to bootstrap: please specify "juju bootstrap manual/<host>"`)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/cinder_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/cinder_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/cinder_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/cinder_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package openstack_test
 
 import (
@@ -5,7 +8,6 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
@@ -13,6 +15,7 @@
 	"gopkg.in/goose.v1/cinder"
 	"gopkg.in/goose.v1/identity"
 	"gopkg.in/goose.v1/nova"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/tags"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/firewaller.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/firewaller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/firewaller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/firewaller.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,16 +39,18 @@
 	Ports() ([]network.PortRange, error)
 
 	// Implementations are expected to delete all security groups for the
-	// environment. If the environment corresponds to a controller model,
-	// then the implementation should also delete security groups for the
-	// hosted models.
-	DeleteAllGroups() error
+	// environment.
+	DeleteAllModelGroups() error
+
+	// Implementations are expected to delete all security groups for the
+	// controller, ie those for all hosted models.
+	DeleteAllControllerGroups(controllerUUID string) error
 
 	// Implementations should return list of security groups, that belong to given instances.
 	GetSecurityGroups(ids ...instance.Id) ([]string, error)
 
 	// Implementations should set up initial security groups, if any.
-	SetUpGroups(machineId string, apiPort int) ([]nova.SecurityGroup, error)
+	SetUpGroups(controllerUUID, machineId string, apiPort int) ([]nova.SecurityGroup, error)
 
 	// Set of initial networks, that should be added by default to all new instances.
 	InitialNetworks() []nova.ServerNetworks
@@ -91,17 +93,17 @@
 // Note: ideally we'd have a better way to determine group membership so that 2
 // people that happen to share an openstack account and name their environment
 // "openstack" don't end up destroying each other's machines.
-func (c *defaultFirewaller) SetUpGroups(machineId string, apiPort int) ([]nova.SecurityGroup, error) {
-	jujuGroup, err := c.setUpGlobalGroup(c.jujuGroupName(), apiPort)
+func (c *defaultFirewaller) SetUpGroups(controllerUUID, machineId string, apiPort int) ([]nova.SecurityGroup, error) {
+	jujuGroup, err := c.setUpGlobalGroup(c.jujuGroupName(controllerUUID), apiPort)
 	if err != nil {
 		return nil, err
 	}
 	var machineGroup nova.SecurityGroup
 	switch c.environ.Config().FirewallMode() {
 	case config.FwInstance:
-		machineGroup, err = c.ensureGroup(c.machineGroupName(machineId), nil)
+		machineGroup, err = c.ensureGroup(c.machineGroupName(controllerUUID, machineId), nil)
 	case config.FwGlobal:
-		machineGroup, err = c.ensureGroup(c.globalGroupName(), nil)
+		machineGroup, err = c.ensureGroup(c.globalGroupName(controllerUUID), nil)
 	}
 	if err != nil {
 		return nil, err
@@ -210,6 +212,7 @@
 		if err != nil {
 			return nil, err
 		}
+		novaClient := c.environ.nova()
 		securityGroupNames = make([]string, 0, len(ids))
 		for _, inst := range instances {
 			if inst == nil {
@@ -220,31 +223,31 @@
 			if lastDashPos == -1 {
 				return nil, fmt.Errorf("cannot identify machine ID in openstack server name %q", openstackName)
 			}
-			securityGroupName := c.machineGroupName(openstackName[lastDashPos+1:])
-			securityGroupNames = append(securityGroupNames, securityGroupName)
+			serverId := openstackName[lastDashPos+1:]
+			groups, err := novaClient.GetServerSecurityGroups(string(inst.Id()))
+			if err != nil {
+				return nil, err
+			}
+			for _, group := range groups {
+				// We only include the group specifically tied to the instance, not
+				// any group global to the model itself.
+				if strings.HasSuffix(group.Name, fmt.Sprintf("%s-%s", c.environ.Config().UUID(), serverId)) {
+					securityGroupNames = append(securityGroupNames, group.Name)
+				}
+			}
 		}
 	}
 	return securityGroupNames, nil
 }
 
-// DeleteAllGroups implements Firewaller interface.
-func (c *defaultFirewaller) DeleteAllGroups() error {
+func (c *defaultFirewaller) deleteSecurityGroups(prefix string) error {
 	novaClient := c.environ.nova()
 	securityGroups, err := novaClient.ListSecurityGroups()
 	if err != nil {
 		return errors.Annotate(err, "cannot list security groups")
 	}
 
-	var prefix string
-	if cfg := c.environ.Config(); cfg.UUID() == cfg.ControllerUUID() {
-		// Delete all security groups managed by the controller.
-		prefix = c.jujuControllerGroupPrefix()
-	} else {
-		// Delete all security groups for the model.
-		prefix = c.jujuModelGroupPrefix()
-	}
-
-	re, err := regexp.Compile("^" + regexp.QuoteMeta(prefix))
+	re, err := regexp.Compile("^" + prefix)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -256,6 +259,16 @@
 	return nil
 }
 
+// DeleteAllControllerGroups implements Firewaller interface.
+func (c *defaultFirewaller) DeleteAllControllerGroups(controllerUUID string) error {
+	return c.deleteSecurityGroups(c.jujuControllerGroupPrefix(controllerUUID))
+}
+
+// DeleteAllModelGroups implements Firewaller interface.
+func (c *defaultFirewaller) DeleteAllModelGroups() error {
+	return c.deleteSecurityGroups(c.jujuGroupRegexp())
+}
+
 // deleteSecurityGroup attempts to delete the security group. Should it fail,
 // the deletion is retried due to timing issues in openstack. A security group
 // cannot be deleted while it is in use. Theoretically we terminate all the
@@ -282,7 +295,11 @@
 		},
 		Attempts: 30,
 		Delay:    time.Second,
-		Clock:    clock.WallClock,
+		// TODO(dimitern): This should be fixed to take a clock.Clock arg, not
+		// hard-coded WallClock, like in provider/ec2/securitygroups_test.go!
+		// See PR juju:#5197, especially the code around autoAdvancingClock.
+		// LP Bug: http://pad.lv/1580626.
+		Clock: clock.WallClock,
 	})
 	if err != nil {
 		logger.Warningf("cannot delete security group %q. Used by another model?", name)
@@ -295,7 +312,7 @@
 		return fmt.Errorf("invalid firewall mode %q for opening ports on model",
 			c.environ.Config().FirewallMode())
 	}
-	if err := c.openPortsInGroup(c.globalGroupName(), ports); err != nil {
+	if err := c.openPortsInGroup(c.globalGroupRegexp(), ports); err != nil {
 		return err
 	}
 	logger.Infof("opened ports in global group: %v", ports)
@@ -308,7 +325,7 @@
 		return fmt.Errorf("invalid firewall mode %q for closing ports on model",
 			c.environ.Config().FirewallMode())
 	}
-	if err := c.closePortsInGroup(c.globalGroupName(), ports); err != nil {
+	if err := c.closePortsInGroup(c.globalGroupRegexp(), ports); err != nil {
 		return err
 	}
 	logger.Infof("closed ports in global group: %v", ports)
@@ -321,7 +338,7 @@
 		return nil, fmt.Errorf("invalid firewall mode %q for retrieving ports from model",
 			c.environ.Config().FirewallMode())
 	}
-	return c.portsInGroup(c.globalGroupName())
+	return c.portsInGroup(c.globalGroupRegexp())
 }
 
 // OpenInstancePorts implements Firewaller interface.
@@ -330,11 +347,11 @@
 		return fmt.Errorf("invalid firewall mode %q for opening ports on instance",
 			c.environ.Config().FirewallMode())
 	}
-	name := c.machineGroupName(machineId)
-	if err := c.openPortsInGroup(name, ports); err != nil {
+	nameRegexp := c.machineGroupRegexp(machineId)
+	if err := c.openPortsInGroup(nameRegexp, ports); err != nil {
 		return err
 	}
-	logger.Infof("opened ports in security group %s: %v", name, ports)
+	logger.Infof("opened ports in security group %s-%s: %v", c.environ.Config().UUID(), machineId, ports)
 	return nil
 }
 
@@ -344,11 +361,11 @@
 		return fmt.Errorf("invalid firewall mode %q for closing ports on instance",
 			c.environ.Config().FirewallMode())
 	}
-	name := c.machineGroupName(machineId)
-	if err := c.closePortsInGroup(name, ports); err != nil {
+	nameRegexp := c.machineGroupRegexp(machineId)
+	if err := c.closePortsInGroup(nameRegexp, ports); err != nil {
 		return err
 	}
-	logger.Infof("closed ports in security group %s: %v", name, ports)
+	logger.Infof("closed ports in security group %s-%s: %v", c.environ.Config().UUID(), machineId, ports)
 	return nil
 }
 
@@ -358,20 +375,42 @@
 		return nil, fmt.Errorf("invalid firewall mode %q for retrieving ports from instance",
 			c.environ.Config().FirewallMode())
 	}
-	name := c.machineGroupName(machineId)
-	portRanges, err := c.portsInGroup(name)
+	nameRegexp := c.machineGroupRegexp(machineId)
+	portRanges, err := c.portsInGroup(nameRegexp)
 	if err != nil {
 		return nil, err
 	}
 	return portRanges, nil
 }
 
-func (c *defaultFirewaller) openPortsInGroup(name string, portRanges []network.PortRange) error {
+func (c *defaultFirewaller) matchingGroup(nameRegExp string) (nova.SecurityGroup, error) {
+	re, err := regexp.Compile(nameRegExp)
+	if err != nil {
+		return nova.SecurityGroup{}, err
+	}
 	novaclient := c.environ.nova()
-	group, err := novaclient.SecurityGroupByName(name)
+	allGroups, err := novaclient.ListSecurityGroups()
+	if err != nil {
+		return nova.SecurityGroup{}, err
+	}
+	var matchingGroups []nova.SecurityGroup
+	for _, group := range allGroups {
+		if re.MatchString(group.Name) {
+			matchingGroups = append(matchingGroups, group)
+		}
+	}
+	if len(matchingGroups) != 1 {
+		return nova.SecurityGroup{}, errors.NotFoundf("security groups matching %q", nameRegExp)
+	}
+	return matchingGroups[0], nil
+}
+
+func (c *defaultFirewaller) openPortsInGroup(nameRegExp string, portRanges []network.PortRange) error {
+	group, err := c.matchingGroup(nameRegExp)
 	if err != nil {
 		return err
 	}
+	novaclient := c.environ.nova()
 	rules := portsToRuleInfo(group.Id, portRanges)
 	for _, rule := range rules {
 		_, err := novaclient.CreateSecurityGroupRule(rule)
@@ -393,18 +432,18 @@
 		*rule.ToPort == portRange.ToPort
 }
 
-func (c *defaultFirewaller) closePortsInGroup(name string, portRanges []network.PortRange) error {
+func (c *defaultFirewaller) closePortsInGroup(nameRegExp string, portRanges []network.PortRange) error {
 	if len(portRanges) == 0 {
 		return nil
 	}
-	novaclient := c.environ.nova()
-	group, err := novaclient.SecurityGroupByName(name)
+	group, err := c.matchingGroup(nameRegExp)
 	if err != nil {
 		return err
 	}
+	novaclient := c.environ.nova()
 	// TODO: Hey look ma, it's quadratic
 	for _, portRange := range portRanges {
-		for _, p := range (*group).Rules {
+		for _, p := range group.Rules {
 			if !ruleMatchesPortRange(p, portRange) {
 				continue
 			}
@@ -418,12 +457,12 @@
 	return nil
 }
 
-func (c *defaultFirewaller) portsInGroup(name string) (portRanges []network.PortRange, err error) {
-	group, err := c.environ.nova().SecurityGroupByName(name)
+func (c *defaultFirewaller) portsInGroup(nameRegexp string) (portRanges []network.PortRange, err error) {
+	group, err := c.matchingGroup(nameRegexp)
 	if err != nil {
 		return nil, err
 	}
-	for _, p := range (*group).Rules {
+	for _, p := range group.Rules {
 		portRanges = append(portRanges, network.PortRange{
 			Protocol: *p.IPProtocol,
 			FromPort: *p.FromPort,
@@ -434,24 +473,32 @@
 	return portRanges, nil
 }
 
-func (c *defaultFirewaller) globalGroupName() string {
-	return fmt.Sprintf("%s-global", c.jujuGroupName())
+func (c *defaultFirewaller) globalGroupName(controllerUUID string) string {
+	return fmt.Sprintf("%s-global", c.jujuGroupName(controllerUUID))
 }
 
-func (c *defaultFirewaller) machineGroupName(machineId string) string {
-	return fmt.Sprintf("%s-%s", c.jujuGroupName(), machineId)
+func (c *defaultFirewaller) machineGroupName(controllerUUID, machineId string) string {
+	return fmt.Sprintf("%s-%s", c.jujuGroupName(controllerUUID), machineId)
 }
 
-func (c *defaultFirewaller) jujuGroupName() string {
+func (c *defaultFirewaller) jujuGroupName(controllerUUID string) string {
 	cfg := c.environ.Config()
-	return fmt.Sprintf("juju-%v-%v", cfg.ControllerUUID(), cfg.UUID())
+	return fmt.Sprintf("juju-%v-%v", controllerUUID, cfg.UUID())
 }
 
-func (c *defaultFirewaller) jujuModelGroupPrefix() string {
-	return c.jujuGroupName()
+func (c *defaultFirewaller) jujuControllerGroupPrefix(controllerUUID string) string {
+	return fmt.Sprintf("juju-%v-", controllerUUID)
 }
 
-func (c *defaultFirewaller) jujuControllerGroupPrefix() string {
+func (c *defaultFirewaller) jujuGroupRegexp() string {
 	cfg := c.environ.Config()
-	return fmt.Sprintf("juju-%v-", cfg.ControllerUUID())
+	return fmt.Sprintf("juju-.*-%v", cfg.UUID())
+}
+
+func (c *defaultFirewaller) globalGroupRegexp() string {
+	return fmt.Sprintf("%s-global", c.jujuGroupRegexp())
+}
+
+func (c *defaultFirewaller) machineGroupRegexp(machineId string) string {
+	return fmt.Sprintf("%s-%s", c.jujuGroupRegexp(), machineId)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/live_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/live_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/live_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/live_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -223,9 +223,13 @@
 	c.Assert(env, gc.NotNil)
 	defer env.Destroy()
 	// Bootstrap and start an instance.
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      jujutesting.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := jujutesting.AssertStartInstance(c, env, "100")
+	inst, _ := jujutesting.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	// Check whether the instance has the default security group assigned.
 	novaClient := openstack.GetNovaClient(env)
 	groups, err := novaClient.GetServerSecurityGroups(string(inst.Id()))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/local_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/local_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/local_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/local_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,7 +49,7 @@
 	envtesting "github.com/juju/juju/environs/testing"
 	"github.com/juju/juju/environs/tools"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju"
+	"github.com/juju/juju/juju/keys"
 	"github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/jujuclient/jujuclienttesting"
 	"github.com/juju/juju/network"
@@ -315,7 +315,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, gc.ErrorMatches, "(.|\n)*cannot allocate a public IP as needed(.|\n)*")
 }
 
@@ -328,6 +332,7 @@
 		env environs.Environ,
 		inst instance.Instance,
 		instanceConfig *instancecfg.InstanceConfig,
+		_ environs.BootstrapDialOpts,
 	) error {
 		addr, err := inst.Addresses()
 		c.Assert(err, jc.ErrorIsNil)
@@ -349,7 +354,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(bootstrapFinished, jc.IsTrue)
 }
@@ -362,6 +371,7 @@
 		env environs.Environ,
 		inst instance.Instance,
 		instanceConfig *instancecfg.InstanceConfig,
+		_ environs.BootstrapDialOpts,
 	) error {
 		addr, err := inst.Addresses()
 		c.Assert(err, jc.ErrorIsNil)
@@ -381,7 +391,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(bootstrapFinished, jc.IsTrue)
 }
@@ -409,15 +423,19 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	attrs := s.TestConfig.Merge(coretesting.Attrs{"use-floating-ip": false})
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		s.ControllerStore,
 		prepareParams(attrs, s.cred),
 	)
 	c.Assert(err, jc.ErrorIsNil)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := testing.AssertStartInstance(c, env, "100")
+	inst, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	err = env.StopInstances(inst.Id())
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -438,9 +456,13 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	env := s.Prepare(c)
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
-	_, hc := testing.AssertStartInstanceWithConstraints(c, env, "100", constraints.MustParse("mem=1024"))
+	_, hc := testing.AssertStartInstanceWithConstraints(c, env, s.ControllerUUID, "100", constraints.MustParse("mem=1024"))
 	c.Check(*hc.Arch, gc.Equals, "amd64")
 	c.Check(*hc.Mem, gc.Equals, uint64(2048))
 	c.Check(*hc.CpuCores, gc.Equals, uint64(1))
@@ -455,7 +477,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _ := testing.AssertStartInstance(c, env, "100")
+	inst, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	err = env.StopInstances(inst.Id())
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -468,7 +490,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _, _, err := testing.StartInstance(env, "100")
+	inst, _, _, err := testing.StartInstance(env, s.ControllerUUID, "100")
 	c.Check(inst, gc.IsNil)
 	c.Assert(err, gc.ErrorMatches, "No networks exist with label .*")
 }
@@ -481,7 +503,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
-	inst, _, _, err := testing.StartInstance(env, "100")
+	inst, _, _, err := testing.StartInstance(env, s.ControllerUUID, "100")
 	c.Check(inst, gc.IsNil)
 	c.Assert(err, gc.ErrorMatches, "cannot run instance: (\\n|.)*"+
 		"caused by: "+
@@ -536,22 +558,21 @@
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
 	instanceName := "100"
-	inst, _ := testing.AssertStartInstance(c, env, instanceName)
+	inst, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, instanceName)
 	// Openstack now has three security groups for the server, the default
 	// group, one group for the entire environment, and another for the
 	// new instance.
-	cUUID := env.Config().ControllerUUID()
 	modelUUID := env.Config().UUID()
 	allSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, modelUUID),
-		fmt.Sprintf("juju-%v-%v-%v", cUUID, modelUUID, instanceName),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, modelUUID),
+		fmt.Sprintf("juju-%v-%v-%v", s.ControllerUUID, modelUUID, instanceName),
 	}
 	assertSecurityGroups(c, env, allSecurityGroups)
 	err = env.StopInstances(inst.Id())
 	c.Assert(err, jc.ErrorIsNil)
 	// The security group for this instance is now removed.
 	assertSecurityGroups(c, env, []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, modelUUID),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, modelUUID),
 	})
 }
 
@@ -576,12 +597,11 @@
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
 	instanceName := "100"
-	inst, _ := testing.AssertStartInstance(c, env, instanceName)
-	cUUID := env.Config().ControllerUUID()
+	inst, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, instanceName)
 	modelUUID := env.Config().UUID()
 	allSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, modelUUID),
-		fmt.Sprintf("juju-%v-%v-%v", cUUID, modelUUID, instanceName),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, modelUUID),
+		fmt.Sprintf("juju-%v-%v-%v", s.ControllerUUID, modelUUID, instanceName),
 	}
 	assertSecurityGroups(c, env, allSecurityGroups)
 	err = env.StopInstances(inst.Id())
@@ -596,12 +616,11 @@
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
 	instanceName := "100"
-	testing.AssertStartInstance(c, env, instanceName)
-	cUUID := env.Config().ControllerUUID()
+	testing.AssertStartInstance(c, env, s.ControllerUUID, instanceName)
 	modelUUID := env.Config().UUID()
 	allSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, modelUUID),
-		fmt.Sprintf("juju-%v-%v-%v", cUUID, modelUUID, instanceName),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, modelUUID),
+		fmt.Sprintf("juju-%v-%v-%v", s.ControllerUUID, modelUUID, instanceName),
 	}
 	assertSecurityGroups(c, env, allSecurityGroups)
 	err = env.Destroy()
@@ -616,12 +635,11 @@
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
 	instanceName := "100"
-	testing.AssertStartInstance(c, env, instanceName)
-	cUUID := env.Config().ControllerUUID()
+	testing.AssertStartInstance(c, env, s.ControllerUUID, instanceName)
 	modelUUID := env.Config().UUID()
 	allSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, modelUUID),
-		fmt.Sprintf("juju-%v-%v-global", cUUID, modelUUID),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, modelUUID),
+		fmt.Sprintf("juju-%v-%v-global", s.ControllerUUID, modelUUID),
 	}
 	assertSecurityGroups(c, env, allSecurityGroups)
 	err = env.Destroy()
@@ -629,7 +647,7 @@
 	assertSecurityGroups(c, env, []string{"default"})
 }
 
-func (s *localServerSuite) TestDestroyControllerModel(c *gc.C) {
+func (s *localServerSuite) TestDestroyController(c *gc.C) {
 	cfg, err := config.New(config.NoDefaults, s.TestConfig.Merge(coretesting.Attrs{
 		"uuid": utils.MustNewUUID().String(),
 	}))
@@ -642,24 +660,23 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	controllerInstanceName := "100"
-	testing.AssertStartInstance(c, controllerEnv, controllerInstanceName)
+	testing.AssertStartInstance(c, controllerEnv, s.ControllerUUID, controllerInstanceName)
 	hostedModelInstanceName := "200"
-	testing.AssertStartInstance(c, env, hostedModelInstanceName)
-	cUUID := env.Config().ControllerUUID()
+	testing.AssertStartInstance(c, env, s.ControllerUUID, hostedModelInstanceName)
 	modelUUID := env.Config().UUID()
 	allControllerSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, cUUID),
-		fmt.Sprintf("juju-%v-%v-%v", cUUID, cUUID, controllerInstanceName),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, s.ControllerUUID),
+		fmt.Sprintf("juju-%v-%v-%v", s.ControllerUUID, s.ControllerUUID, controllerInstanceName),
 	}
 	allHostedModelSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, modelUUID),
-		fmt.Sprintf("juju-%v-%v-%v", cUUID, modelUUID, hostedModelInstanceName),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, modelUUID),
+		fmt.Sprintf("juju-%v-%v-%v", s.ControllerUUID, modelUUID, hostedModelInstanceName),
 	}
 	assertSecurityGroups(c, controllerEnv, append(
 		allControllerSecurityGroups, allHostedModelSecurityGroups...,
 	))
 
-	err = controllerEnv.Destroy()
+	err = controllerEnv.DestroyController(s.ControllerUUID)
 	c.Check(err, jc.ErrorIsNil)
 	assertSecurityGroups(c, controllerEnv, []string{"default"})
 	assertInstanceIds(c, env)
@@ -679,18 +696,17 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	controllerInstanceName := "100"
-	controllerInstance, _ := testing.AssertStartInstance(c, controllerEnv, controllerInstanceName)
+	controllerInstance, _ := testing.AssertStartInstance(c, controllerEnv, s.ControllerUUID, controllerInstanceName)
 	hostedModelInstanceName := "200"
-	testing.AssertStartInstance(c, env, hostedModelInstanceName)
-	cUUID := env.Config().ControllerUUID()
+	testing.AssertStartInstance(c, env, s.ControllerUUID, hostedModelInstanceName)
 	modelUUID := env.Config().UUID()
 	allControllerSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, cUUID),
-		fmt.Sprintf("juju-%v-%v-%v", cUUID, cUUID, controllerInstanceName),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, s.ControllerUUID),
+		fmt.Sprintf("juju-%v-%v-%v", s.ControllerUUID, s.ControllerUUID, controllerInstanceName),
 	}
 	allHostedModelSecurityGroups := []string{
-		"default", fmt.Sprintf("juju-%v-%v", cUUID, modelUUID),
-		fmt.Sprintf("juju-%v-%v-%v", cUUID, modelUUID, hostedModelInstanceName),
+		"default", fmt.Sprintf("juju-%v-%v", s.ControllerUUID, modelUUID),
+		fmt.Sprintf("juju-%v-%v-%v", s.ControllerUUID, modelUUID, hostedModelInstanceName),
 	}
 	assertSecurityGroups(c, controllerEnv, append(
 		allControllerSecurityGroups, allHostedModelSecurityGroups...,
@@ -752,7 +768,7 @@
 
 func (s *localServerSuite) TestInstanceStatus(c *gc.C) {
 	// goose's test service always returns ACTIVE state.
-	inst, _ := testing.AssertStartInstance(c, s.env, "100")
+	inst, _ := testing.AssertStartInstance(c, s.env, s.ControllerUUID, "100")
 	c.Assert(inst.Status().Status, gc.Equals, status.StatusRunning)
 	err := s.env.StopInstances(inst.Id())
 	c.Assert(err, jc.ErrorIsNil)
@@ -767,8 +783,8 @@
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
 
-	inst0, _ := testing.AssertStartInstance(c, env, "100")
-	inst1, _ := testing.AssertStartInstance(c, env, "101")
+	inst0, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
+	inst1, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "101")
 	defer func() {
 		err := env.StopInstances(inst0.Id(), inst1.Id())
 		c.Assert(err, jc.ErrorIsNil)
@@ -790,9 +806,9 @@
 	env, err := environs.New(cfg)
 	c.Assert(err, jc.ErrorIsNil)
 
-	inst0, _ := testing.AssertStartInstance(c, env, "100")
+	inst0, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "100")
 	id0 := inst0.Id()
-	inst1, _ := testing.AssertStartInstance(c, env, "101")
+	inst1, _ := testing.AssertStartInstance(c, env, s.ControllerUUID, "101")
 	id1 := inst1.Id()
 	defer func() {
 		err := env.StopInstances(inst0.Id(), inst1.Id())
@@ -853,7 +869,7 @@
 		},
 	)
 	defer cleanup()
-	stateInst, _ := testing.AssertStartInstance(c, s.env, "100")
+	stateInst, _ := testing.AssertStartInstance(c, s.env, s.ControllerUUID, "100")
 	defer func() {
 		err := s.env.StopInstances(stateInst.Id())
 		c.Assert(err, jc.ErrorIsNil)
@@ -885,8 +901,8 @@
 		},
 	)
 	defer cleanup()
-	stateInst1, _ := testing.AssertStartInstance(c, s.env, "100")
-	stateInst2, _ := testing.AssertStartInstance(c, s.env, "101")
+	stateInst1, _ := testing.AssertStartInstance(c, s.env, s.ControllerUUID, "100")
+	stateInst2, _ := testing.AssertStartInstance(c, s.env, s.ControllerUUID, "101")
 	defer func() {
 		err := s.env.StopInstances(stateInst1.Id(), stateInst2.Id())
 		c.Assert(err, jc.ErrorIsNil)
@@ -935,11 +951,15 @@
 // TODO (wallyworld) - this test was copied from the ec2 provider.
 // It should be moved to environs.jujutests.Tests.
 func (s *localServerSuite) TestBootstrapInstanceUserDataAndState(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Check that ControllerInstances returns the ID of the bootstrap machine.
-	ids, err := s.env.ControllerInstances()
+	ids, err := s.env.ControllerInstances(s.ControllerUUID)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(ids, gc.HasLen, 1)
 
@@ -1334,7 +1354,7 @@
 	attrs := s.createConfigAttrs(c)
 	c.Assert(attrs["auth-url"].(string)[:8], gc.Equals, "https://")
 	var err error
-	s.env, err = environs.Prepare(
+	s.env, err = bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
 		prepareParams(attrs, s.cred),
@@ -1386,7 +1406,11 @@
 	openstack.UseTestImageData(metadataStorage, s.cred)
 	defer openstack.RemoveTestImageData(metadataStorage)
 
-	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{})
+	err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -1513,7 +1537,11 @@
 }
 
 func (s *localServerSuite) TestAllInstancesIgnoresOtherMachines(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Check that we see 1 instance in the environment
@@ -1591,10 +1619,17 @@
 }
 
 func (t *localServerSuite) testStartInstanceAvailZone(c *gc.C, zone string) (instance.Instance, error) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
-	params := environs.StartInstanceParams{Placement: "zone=" + zone}
+	params := environs.StartInstanceParams{
+		ControllerUUID: t.ControllerUUID,
+		Placement:      "zone=" + zone,
+	}
 	result, err := testing.StartInstanceWithParams(t.env, "1", params)
 	if err != nil {
 		return nil, err
@@ -1668,19 +1703,24 @@
 }
 
 func (t *localServerSuite) TestStartInstanceDistributionParams(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	var mock mockAvailabilityZoneAllocations
 	t.PatchValue(openstack.AvailabilityZoneAllocations, mock.AvailabilityZoneAllocations)
 
 	// no distribution group specified
-	testing.AssertStartInstance(c, t.env, "1")
+	testing.AssertStartInstance(c, t.env, t.ControllerUUID, "1")
 	c.Assert(mock.group, gc.HasLen, 0)
 
 	// distribution group specified: ensure it's passed through to AvailabilityZone.
 	expectedInstances := []instance.Id{"i-0", "i-1"}
 	params := environs.StartInstanceParams{
+		ControllerUUID: t.ControllerUUID,
 		DistributionGroup: func() ([]instance.Id, error) {
 			return expectedInstances, nil
 		},
@@ -1691,19 +1731,24 @@
 }
 
 func (t *localServerSuite) TestStartInstanceDistributionErrors(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	mock := mockAvailabilityZoneAllocations{
 		err: fmt.Errorf("AvailabilityZoneAllocations failed"),
 	}
 	t.PatchValue(openstack.AvailabilityZoneAllocations, mock.AvailabilityZoneAllocations)
-	_, _, _, err = testing.StartInstance(t.env, "1")
+	_, _, _, err = testing.StartInstance(t.env, t.ControllerUUID, "1")
 	c.Assert(jujuerrors.Cause(err), gc.Equals, mock.err)
 
 	mock.err = nil
 	dgErr := fmt.Errorf("DistributionGroup failed")
 	params := environs.StartInstanceParams{
+		ControllerUUID: t.ControllerUUID,
 		DistributionGroup: func() ([]instance.Id, error) {
 			return nil, dgErr
 		},
@@ -1713,12 +1758,16 @@
 }
 
 func (t *localServerSuite) TestStartInstanceDistribution(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	// test-available is the only available AZ, so AvailabilityZoneAllocations
 	// is guaranteed to return that.
-	inst, _ := testing.AssertStartInstance(c, t.env, "1")
+	inst, _ := testing.AssertStartInstance(c, t.env, t.ControllerUUID, "1")
 	c.Assert(openstack.InstanceServerDetail(inst).AvailabilityZone, gc.Equals, "test-available")
 }
 
@@ -1749,7 +1798,11 @@
 		},
 	)
 
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	cleanup := t.srv.Nova.RegisterControlPoint(
@@ -1763,7 +1816,7 @@
 		},
 	)
 	defer cleanup()
-	inst, _ := testing.AssertStartInstance(c, t.env, "1")
+	inst, _ := testing.AssertStartInstance(c, t.env, t.ControllerUUID, "1")
 	c.Assert(openstack.InstanceServerDetail(inst).AvailabilityZone, gc.Equals, "az3")
 }
 
@@ -1787,7 +1840,11 @@
 		},
 	)
 
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	cleanup := t.srv.Nova.RegisterControlPoint(
@@ -1801,12 +1858,16 @@
 		},
 	)
 	defer cleanup()
-	_, _, _, err = testing.StartInstance(t.env, "1")
+	_, _, _, err = testing.StartInstance(t.env, t.ControllerUUID, "1")
 	c.Assert(err, gc.ErrorMatches, "(?s).*Some unknown error.*")
 }
 
 func (t *localServerSuite) TestStartInstanceDistributionAZNotImplemented(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	mock := mockAvailabilityZoneAllocations{
@@ -1815,12 +1876,16 @@
 	t.PatchValue(openstack.AvailabilityZoneAllocations, mock.AvailabilityZoneAllocations)
 
 	// Instance will be created without an availability zone specified.
-	inst, _ := testing.AssertStartInstance(c, t.env, "1")
+	inst, _ := testing.AssertStartInstance(c, t.env, t.ControllerUUID, "1")
 	c.Assert(openstack.InstanceServerDetail(inst).AvailabilityZone, gc.Equals, "")
 }
 
 func (t *localServerSuite) TestInstanceTags(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	instances, err := t.env.AllInstances()
@@ -1839,7 +1904,11 @@
 }
 
 func (t *localServerSuite) TestTagInstance(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), t.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 
 	assertMetadata := func(extraKey, extraValue string) {
@@ -1880,14 +1949,16 @@
 	assertMetadata(extraKey, extraValue)
 }
 
-func prepareParams(attrs map[string]interface{}, cred *identity.Credentials) environs.PrepareParams {
-	return environs.PrepareParams{
-		BaseConfig:     attrs,
-		ControllerName: attrs["name"].(string),
-		Credential:     makeCredential(cred),
-		CloudName:      "openstack",
-		CloudEndpoint:  cred.URL,
-		CloudRegion:    cred.Region,
+func prepareParams(attrs map[string]interface{}, cred *identity.Credentials) bootstrap.PrepareParams {
+	return bootstrap.PrepareParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		BaseConfig:       attrs,
+		ControllerName:   attrs["name"].(string),
+		Credential:       makeCredential(cred),
+		CloudName:        "openstack",
+		CloudEndpoint:    cred.URL,
+		CloudRegion:      cred.Region,
+		AdminSecret:      testing.AdminSecret,
 	}
 }
 
@@ -1917,7 +1988,7 @@
 	s.AddCleanup(func(*gc.C) { restoreFinishBootstrap() })
 
 	s.PatchValue(&imagemetadata.SimplestreamsImagesPublicKey, sstesting.SignedMetadataPublicKey)
-	s.PatchValue(&juju.JujuPublicKey, sstesting.SignedMetadataPublicKey)
+	s.PatchValue(&keys.JujuPublicKey, sstesting.SignedMetadataPublicKey)
 }
 
 func (s *noSwiftSuite) SetUpTest(c *gc.C) {
@@ -1955,7 +2026,7 @@
 	openstack.UseTestImageData(imageStorage, s.cred)
 	imagetesting.PatchOfficialDataSources(&s.CleanupSuite, storageDir)
 
-	env, err := environs.Prepare(
+	env, err := bootstrap.Prepare(
 		envtesting.BootstrapContext(c),
 		jujuclienttesting.NewMemStore(),
 		prepareParams(attrs, s.cred),
@@ -1970,7 +2041,11 @@
 }
 
 func (s *noSwiftSuite) TestBootstrap(c *gc.C) {
-	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{})
+	err := bootstrap.Bootstrap(envtesting.BootstrapContext(c), s.env, bootstrap.BootstrapParams{
+		ControllerConfig: coretesting.FakeControllerConfig(),
+		AdminSecret:      testing.AdminSecret,
+		CAPrivateKey:     coretesting.CAKey,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,6 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/version"
@@ -24,6 +23,7 @@
 	gooseerrors "gopkg.in/goose.v1/errors"
 	"gopkg.in/goose.v1/identity"
 	"gopkg.in/goose.v1/nova"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -108,7 +108,7 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (p EnvironProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (p EnvironProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	return cfg, nil
 }
 
@@ -146,7 +146,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	return p.PrepareForCreateEnvironment(cfg)
+	return p.PrepareForCreateEnvironment(args.ControllerUUID, cfg)
 }
 
 // PrepareForBootstrap is specified in the EnvironProvider interface.
@@ -573,9 +573,9 @@
 	return common.Bootstrap(ctx, e, args)
 }
 
-func (e *Environ) ControllerInstances() ([]instance.Id, error) {
+func (e *Environ) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
 	// Find all instances tagged with tags.JujuIsController.
-	instances, err := e.AllInstances()
+	instances, err := e.allControllerManagedInstances(controllerUUID, e.ecfg().useFloatingIP())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -867,6 +867,9 @@
 
 // StartInstance is specified in the InstanceBroker interface.
 func (e *Environ) StartInstance(args environs.StartInstanceParams) (*environs.StartInstanceResult, error) {
+	if args.ControllerUUID == "" {
+		return nil, errors.New("missing controller UUID")
+	}
 	var availabilityZones []string
 	if args.Placement != "" {
 		placement, err := e.parsePlacement(args.Placement)
@@ -963,9 +966,15 @@
 		}
 	}
 
-	cfg := e.Config()
+	var apiPort int
+	if args.InstanceConfig.Controller != nil {
+		apiPort = args.InstanceConfig.Controller.Config.APIPort()
+	} else {
+		// All ports are the same so pick the first.
+		apiPort = args.InstanceConfig.APIInfo.Ports()[0]
+	}
 	var groupNames = make([]nova.SecurityGroupName, 0)
-	groups, err := e.firewaller.SetUpGroups(args.InstanceConfig.MachineId, cfg.APIPort())
+	groups, err := e.firewaller.SetUpGroups(args.ControllerUUID, args.InstanceConfig.MachineId, apiPort)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot set up groups")
 	}
@@ -1208,32 +1217,31 @@
 // AllInstances returns all instances in this environment.
 func (e *Environ) AllInstances() ([]instance.Instance, error) {
 	filter := e.machinesFilter()
-	allInstances, err := e.allControllerManagedInstances(filter, e.ecfg().useFloatingIP())
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	modelUUID := e.Config().UUID()
-	matching := make([]instance.Instance, 0, len(allInstances))
-	for _, inst := range allInstances {
-		if inst.(*openstackInstance).serverDetail.Metadata[tags.JujuModel] != modelUUID {
-			continue
-		}
-		matching = append(matching, inst)
-	}
-	return matching, nil
+	tagFilter := tagValue{tags.JujuModel, e.ecfg().UUID()}
+	return e.allInstances(filter, tagFilter, e.ecfg().useFloatingIP())
+}
+
+// allControllerManagedInstances returns all instances managed by this
+// environment's controller, matching the optionally specified filter.
+func (e *Environ) allControllerManagedInstances(controllerUUID string, updateFloatingIPAddresses bool) ([]instance.Instance, error) {
+	tagFilter := tagValue{tags.JujuController, controllerUUID}
+	return e.allInstances(nil, tagFilter, updateFloatingIPAddresses)
+}
+
+type tagValue struct {
+	tag, value string
 }
 
 // allControllerManagedInstances returns all instances managed by this
 // environment's controller, matching the optionally specified filter.
-func (e *Environ) allControllerManagedInstances(filter *nova.Filter, updateFloatingIPAddresses bool) ([]instance.Instance, error) {
+func (e *Environ) allInstances(filter *nova.Filter, tagFilter tagValue, updateFloatingIPAddresses bool) ([]instance.Instance, error) {
 	servers, err := e.nova().ListServersDetail(filter)
 	if err != nil {
 		return nil, err
 	}
 	instsById := make(map[string]instance.Instance)
-	controllerUUID := e.Config().ControllerUUID()
 	for _, server := range servers {
-		if server.Metadata[tags.JujuController] != controllerUUID {
+		if server.Metadata[tagFilter.tag] != tagFilter.value {
 			continue
 		}
 		if e.isAliveServer(server) {
@@ -1259,24 +1267,29 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
-	cfg := e.Config()
-	if cfg.UUID() == cfg.ControllerUUID() {
-		// In case any hosted environment hasn't been cleaned up yet,
-		// we also attempt to delete their resources when the controller
-		// environment is destroyed.
-		if err := e.destroyControllerManagedEnvirons(); err != nil {
-			return errors.Annotate(err, "destroying managed environs")
-		}
-	}
 	// Delete all security groups remaining in the model.
-	return e.firewaller.DeleteAllGroups()
+	return e.firewaller.DeleteAllModelGroups()
+}
+
+// DestroyController implements the Environ interface.
+func (e *Environ) DestroyController(controllerUUID string) error {
+	if err := e.Destroy(); err != nil {
+		return errors.Annotate(err, "destroying controller model")
+	}
+	// In case any hosted environment hasn't been cleaned up yet,
+	// we also attempt to delete their resources when the controller
+	// environment is destroyed.
+	if err := e.destroyControllerManagedEnvirons(controllerUUID); err != nil {
+		return errors.Annotate(err, "destroying managed models")
+	}
+	return e.firewaller.DeleteAllControllerGroups(controllerUUID)
 }
 
 // destroyControllerManagedEnvirons destroys all environments managed by this
-// environment's controller.
-func (e *Environ) destroyControllerManagedEnvirons() error {
+// models's controller.
+func (e *Environ) destroyControllerManagedEnvirons(controllerUUID string) error {
 	// Terminate all instances managed by the controller.
-	insts, err := e.allControllerManagedInstances(nil, false)
+	insts, err := e.allControllerManagedInstances(controllerUUID, false)
 	if err != nil {
 		return errors.Annotate(err, "listing instances")
 	}
@@ -1292,7 +1305,7 @@
 	cfg := e.Config()
 	storageAdapter, err := newOpenstackStorageAdapter(cfg)
 	if err == nil {
-		volIds, err := allControllerManagedVolumes(storageAdapter, cfg.ControllerUUID())
+		volIds, err := allControllerManagedVolumes(storageAdapter, controllerUUID)
 		if err != nil {
 			return errors.Annotate(err, "listing volumes")
 		}
@@ -1308,7 +1321,7 @@
 	}
 
 	// Security groups for hosted models are destroyed by the
-	// DeleteAllGroups method call from Destroy().
+	// DeleteAllControllerGroups method call from Destroy().
 	return nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/openstack/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/openstack/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -65,6 +65,7 @@
 
 func (s *openstackstorage) URL(name string) (string, error) {
 	// 10 years should be good enough.
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	expires := time.Now().AddDate(10, 0, 0)
 	return s.swift.SignedURL(s.containerName, name, expires)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/provider.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// The provider package holds constants identifying known provider types.
-// They have hitherto only been used for nefarious purposes; no new code
-// should use them, and when old code is updated to no longer use them
-// they must be deleted.
-package provider
-
-const (
-	Joyent = "joyent"
-	MAAS   = "maas"
-	EC2    = "ec2"
-)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,11 +10,9 @@
 
 	"github.com/juju/errors"
 
-	"github.com/juju/juju/cloudconfig/instancecfg"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/provider/common"
-	"github.com/juju/juju/state/multiwatcher"
 	jujuos "github.com/juju/utils/os"
 	"github.com/juju/utils/series"
 	"github.com/juju/utils/ssh"
@@ -32,10 +30,6 @@
 	return bootstrap(ctx, e, params)
 }
 
-func isController(mcfg *instancecfg.InstanceConfig) bool {
-	return multiwatcher.AnyJobNeedsState(mcfg.Jobs...)
-}
-
 var waitSSH = common.WaitSSH
 
 // StartInstance implements environs.Environ.
@@ -55,7 +49,7 @@
 	}
 	if fwmode != config.FwNone {
 		interrupted := make(chan os.Signal, 1)
-		timeout := config.SSHTimeoutOpts{
+		timeout := environs.BootstrapDialOpts{
 			Timeout:        time.Minute * 5,
 			RetryDelay:     time.Second * 5,
 			AddressesDelay: time.Second * 20,
@@ -66,8 +60,8 @@
 		}
 		client := newInstanceConfigurator(addr)
 		apiPort := 0
-		if isController(args.InstanceConfig) {
-			apiPort = args.InstanceConfig.StateServingInfo.APIPort
+		if args.InstanceConfig.Controller != nil {
+			apiPort = args.InstanceConfig.Controller.Config.APIPort()
 		}
 		err = client.DropAllPorts([]int{apiPort, 22}, addr)
 		if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -41,13 +41,15 @@
 	s.PatchValue(rackspace.Bootstrap, func(ctx environs.BootstrapContext, env environs.Environ, args environs.BootstrapParams) (*environs.BootstrapResult, error) {
 		return s.innerEnviron.Bootstrap(ctx, args)
 	})
-	s.environ.Bootstrap(nil, environs.BootstrapParams{})
+	s.environ.Bootstrap(nil, environs.BootstrapParams{
+		ControllerConfig: testing.FakeControllerConfig(),
+	})
 	c.Check(s.innerEnviron.Pop().name, gc.Equals, "Bootstrap")
 }
 
 func (s *environSuite) TestStartInstance(c *gc.C) {
 	configurator := &fakeConfigurator{}
-	s.PatchValue(rackspace.WaitSSH, func(stdErr io.Writer, interrupted <-chan os.Signal, client ssh.Client, checkHostScript string, inst common.Addresser, timeout config.SSHTimeoutOpts) (addr string, err error) {
+	s.PatchValue(rackspace.WaitSSH, func(stdErr io.Writer, interrupted <-chan os.Signal, client ssh.Client, checkHostScript string, inst common.Addresser, timeout environs.BootstrapDialOpts) (addr string, err error) {
 		addresses, err := inst.Addresses()
 		if err != nil {
 			return "", err
@@ -68,9 +70,7 @@
 	err = s.environ.SetConfig(config)
 	c.Assert(err, gc.IsNil)
 	_, err = s.environ.StartInstance(environs.StartInstanceParams{
-		InstanceConfig: &instancecfg.InstanceConfig{
-			Config: config,
-		},
+		InstanceConfig: &instancecfg.InstanceConfig{},
 		Tools: tools.List{&tools.Tools{
 			Version: version.Binary{Series: "trusty"},
 		}},
@@ -163,7 +163,7 @@
 	return []instance.Instance{&fakeInstance{}}, nil
 }
 
-func (e *fakeEnviron) ControllerInstances() ([]instance.Id, error) {
+func (e *fakeEnviron) ControllerInstances(_ string) ([]instance.Id, error) {
 	e.Push("ControllerInstances")
 	return nil, nil
 }
@@ -172,6 +172,11 @@
 	e.Push("Destroy")
 	return nil
 }
+
+func (e *fakeEnviron) DestroyController(controllerUUID string) error {
+	e.Push("Destroy")
+	return nil
+}
 
 func (e *fakeEnviron) OpenPorts(ports []network.PortRange) error {
 	e.Push("OpenPorts", ports)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/firewaller.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/firewaller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/firewaller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/firewaller.go	2016-07-18 19:45:44.000000000 +0000
@@ -55,8 +55,13 @@
 	return nil, errors.NotSupportedf("Ports")
 }
 
-// DeleteAllGroups implements OpenstackFirewaller interface.
-func (c *rackspaceFirewaller) DeleteAllGroups() error {
+// DeleteAllModelGroups implements OpenstackFirewaller interface.
+func (c *rackspaceFirewaller) DeleteAllModelGroups() error {
+	return nil
+}
+
+// DeleteAllControllerGroups implements OpenstackFirewaller interface.
+func (c *rackspaceFirewaller) DeleteAllControllerGroups(controllerUUID string) error {
 	return nil
 }
 
@@ -66,7 +71,7 @@
 }
 
 // SetUpGroups implements OpenstackFirewaller interface.
-func (c *rackspaceFirewaller) SetUpGroups(machineId string, apiPort int) ([]nova.SecurityGroup, error) {
+func (c *rackspaceFirewaller) SetUpGroups(controllerUUID, machineId string, apiPort int) ([]nova.SecurityGroup, error) {
 	return nil, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/provider_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/provider_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/rackspace/provider_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/rackspace/provider_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -66,8 +66,8 @@
 	return nil
 }
 
-func (p *fakeProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
-	p.MethodCall(p, "PrepareForCreateEnvironment", cfg)
+func (p *fakeProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
+	p.MethodCall(p, "PrepareForCreateEnvironment", controllerUUID, cfg)
 	return nil, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/client.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,7 @@
 
 import (
 	"fmt"
-	"net"
 	"net/url"
-	"strconv"
 	"strings"
 
 	"github.com/juju/errors"
@@ -18,9 +16,7 @@
 	"github.com/juju/govmomi/list"
 	"github.com/juju/govmomi/object"
 	"github.com/juju/govmomi/property"
-	"github.com/juju/govmomi/vim25/methods"
 	"github.com/juju/govmomi/vim25/mo"
-	"github.com/juju/govmomi/vim25/types"
 	"golang.org/x/net/context"
 
 	"github.com/juju/juju/instance"
@@ -29,8 +25,10 @@
 )
 
 const (
-	metadataKeyIsState   = "juju_is_state_key"
-	metadataValueIsState = "juju_is_value_value"
+	metadataKeyIsController     = "juju_is_controller_key"
+	metadataValueIsController   = "juju_is_controller_value"
+	metadataKeyControllerUUID   = "juju_controller_uuid_key"
+	metadataValueControllerUUID = "juju_controller_uuid_value"
 )
 
 type client struct {
@@ -72,14 +70,15 @@
 }
 
 type instanceSpec struct {
-	machineID string
-	zone      *vmwareAvailZone
-	hwc       *instance.HardwareCharacteristics
-	img       *OvaFileMetadata
-	userData  []byte
-	sshKey    string
-	isState   bool
-	apiPort   int
+	machineID      string
+	zone           *vmwareAvailZone
+	hwc            *instance.HardwareCharacteristics
+	img            *OvaFileMetadata
+	userData       []byte
+	sshKey         string
+	isController   bool
+	controllerUUID string
+	apiPort        int
 }
 
 // CreateInstance create new vm in vsphere and run it
@@ -270,14 +269,6 @@
 	}
 
 	res := make([]network.SubnetInfo, 0)
-	req := &types.QueryIpPools{
-		This: *c.connection.ServiceContent.IpPoolManager,
-		Dc:   c.datacenter.Reference(),
-	}
-	ipPools, err := methods.QueryIpPools(context.TODO(), c.connection.Client, req)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
 	for _, vmNet := range vm.Guest.Net {
 		existId := false
 		for _, id := range ids {
@@ -289,53 +280,9 @@
 		if !existId {
 			continue
 		}
-		var netPool *types.IpPool
-		for _, pool := range ipPools.Returnval {
-			for _, association := range pool.NetworkAssociation {
-				if association.NetworkName == vmNet.Network {
-					netPool = &pool
-					break
-				}
-			}
-		}
-		subnet := network.SubnetInfo{
+		res = append(res, network.SubnetInfo{
 			ProviderId: network.Id(vmNet.Network),
-		}
-		if netPool != nil && netPool.Ipv4Config != nil {
-			low, high, err := c.ParseNetworkRange(netPool.Ipv4Config.Range)
-			if err != nil {
-				logger.Warningf(err.Error())
-			} else {
-				subnet.AllocatableIPLow = low
-				subnet.AllocatableIPHigh = high
-			}
-		}
-		res = append(res)
+		})
 	}
 	return res, nil
 }
-
-func (c *client) ParseNetworkRange(netRange string) (net.IP, net.IP, error) {
-	//netPool.Range is specified as a set of ranges separated with commas. One range is given by a start address, a hash (#), and the length of the range.
-	//For example:
-	//192.0.2.235 # 20 is the IPv4 range from 192.0.2.235 to 192.0.2.254
-	ranges := strings.Split(netRange, ",")
-	if len(ranges) > 0 {
-		rangeSplit := strings.Split(ranges[0], "#")
-		if len(rangeSplit) == 2 {
-			if rangeLen, err := strconv.ParseInt(rangeSplit[1], 10, 8); err == nil {
-				ipSplit := strings.Split(rangeSplit[0], ".")
-				if len(ipSplit) == 4 {
-					if lastSegment, err := strconv.ParseInt(ipSplit[3], 10, 8); err != nil {
-						lastSegment += rangeLen - 1
-						if lastSegment > 254 {
-							lastSegment = 254
-						}
-						return net.ParseIP(rangeSplit[0]), net.ParseIP(fmt.Sprintf("%s.%s.%s.%d", ipSplit[0], ipSplit[1], ipSplit[2], lastSegment)), nil
-					}
-				}
-			}
-		}
-	}
-	return nil, nil, errors.Errorf("can't parse netRange: %s", netRange)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_availzones_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_availzones_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_availzones_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_availzones_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/vsphere"
 )
 
@@ -38,7 +37,10 @@
 func (s *environAvailzonesSuite) TestInstanceAvailabilityZoneNames(c *gc.C) {
 	client := vsphere.ExposeEnvFakeClient(s.Env)
 	client.SetPropertyProxyHandler("FakeDatacenter", vsphere.RetrieveDatacenterProperties)
-	vmName := common.MachineFullName(s.Env.Config().UUID(), "1")
+	namespace, err := instance.NewNamespace(s.Env.Config().UUID())
+	c.Assert(err, jc.ErrorIsNil)
+	vmName, err := namespace.Hostname("1")
+	c.Assert(err, jc.ErrorIsNil)
 	s.FakeInstancesWithResourcePool(client, vsphere.InstRp{Inst: vmName, Rp: "rp1"})
 	s.FakeAvailabilityZonesWithResourcePool(client, vsphere.ZoneRp{Zone: "z1", Rp: "rp1"}, vsphere.ZoneRp{Zone: "z2", Rp: "rp2"})
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_broker.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_broker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_broker.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,6 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/provider/common"
-	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/tools"
 )
 
@@ -25,10 +24,6 @@
 	DefaultMemMb    = uint64(2000)
 )
 
-func isController(mcfg *instancecfg.InstanceConfig) bool {
-	return multiwatcher.AnyJobNeedsState(mcfg.Jobs...)
-}
-
 // MaintainInstance is specified in the InstanceBroker interface.
 func (*environ) MaintainInstance(args environs.StartInstanceParams) error {
 	return nil
@@ -80,7 +75,10 @@
 // provisioned, relative to the provided args and spec. Info for that
 // low-level instance is returned.
 func (env *environ) newRawInstance(args environs.StartInstanceParams, img *OvaFileMetadata) (*mo.VirtualMachine, *instance.HardwareCharacteristics, error) {
-	machineID := common.MachineFullName(env.Config().UUID(), args.InstanceConfig.MachineId)
+	machineID, err := env.namespace.Hostname(args.InstanceConfig.MachineId)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
 
 	cloudcfg, err := cloudinit.New(args.Tools.OneSeries())
 	if err != nil {
@@ -131,18 +129,19 @@
 			continue
 		}
 		apiPort := 0
-		if isController(args.InstanceConfig) {
-			apiPort = args.InstanceConfig.StateServingInfo.APIPort
+		if args.InstanceConfig.Controller != nil {
+			apiPort = args.InstanceConfig.Controller.Config.APIPort()
 		}
 		spec := &instanceSpec{
-			machineID: machineID,
-			zone:      availZone,
-			hwc:       hwc,
-			img:       img,
-			userData:  userData,
-			sshKey:    args.InstanceConfig.AuthorizedKeys,
-			isState:   isController(args.InstanceConfig),
-			apiPort:   apiPort,
+			machineID:      machineID,
+			zone:           availZone,
+			hwc:            hwc,
+			img:            img,
+			userData:       userData,
+			sshKey:         args.InstanceConfig.AuthorizedKeys,
+			isController:   args.InstanceConfig.Controller != nil,
+			controllerUUID: args.ControllerUUID,
+			apiPort:        apiPort,
 		}
 		inst, err = env.client.CreateInstance(env.ecfg, spec)
 		if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_broker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_broker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_broker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_broker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,6 +23,7 @@
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/vsphere"
+	coretesting "github.com/juju/juju/testing"
 	coretools "github.com/juju/juju/tools"
 )
 
@@ -56,7 +57,7 @@
 
 	cons := constraints.Value{}
 
-	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(cons, cons, "trusty", "")
+	instanceConfig, err := instancecfg.NewBootstrapInstanceConfig(coretesting.FakeControllerConfig(), cons, cons, "trusty", "")
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = instanceConfig.SetTools(coretools.List{
@@ -66,6 +67,7 @@
 	instanceConfig.AuthorizedKeys = s.Config.AuthorizedKeys()
 
 	return environs.StartInstanceParams{
+		ControllerUUID: instanceConfig.Controller.Config.ControllerUUID(),
 		InstanceConfig: instanceConfig,
 		Tools:          tools,
 		Constraints:    cons,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,6 +12,7 @@
 
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/instance"
 	"github.com/juju/juju/provider/common"
 )
 
@@ -29,6 +30,9 @@
 	archLock               sync.Mutex // archLock protects access to the following fields.
 	supportedArchitectures []string
 
+	// namespace is used to create the machine and device hostnames.
+	namespace instance.Namespace
+
 	lock sync.Mutex // lock protects access the following fields.
 	ecfg *environConfig
 }
@@ -44,10 +48,16 @@
 		return nil, errors.Annotatef(err, "failed to create new client")
 	}
 
+	namespace, err := instance.NewNamespace(cfg.UUID())
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
 	env := &environ{
-		name:   ecfg.Name(),
-		ecfg:   ecfg,
-		client: client,
+		name:      ecfg.Name(),
+		ecfg:      ecfg,
+		client:    client,
+		namespace: namespace,
 	}
 	return env, nil
 }
@@ -104,3 +114,8 @@
 func (env *environ) Destroy() error {
 	return DestroyEnv(env)
 }
+
+// DestroyController implements the Environ interface.
+func (env *environ) DestroyController(controllerUUID string) error {
+	return env.Destroy()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_instance.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,6 @@
 
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/provider/common"
 )
 
 // Instances returns the available instances in the environment that
@@ -62,7 +61,7 @@
 // will see they are not tracked in state, assume they're stale/rogue,
 // and shut them down.
 func (env *environ) instances() ([]instance.Instance, error) {
-	prefix := common.MachineFullName(env.Config().UUID(), "")
+	prefix := env.namespace.Prefix()
 	instances, err := env.client.Instances(prefix)
 	err = errors.Trace(err)
 
@@ -79,9 +78,8 @@
 
 // ControllerInstances returns the IDs of the instances corresponding
 // to juju controllers.
-func (env *environ) ControllerInstances() ([]instance.Id, error) {
-	prefix := common.MachineFullName(env.Config().ControllerUUID(), "")
-	instances, err := env.client.Instances(prefix)
+func (env *environ) ControllerInstances(controllerUUID string) ([]instance.Id, error) {
+	instances, err := env.client.Instances("juju-")
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -91,7 +89,10 @@
 		metadata := inst.Config.ExtraConfig
 		for _, item := range metadata {
 			value := item.GetOptionValue()
-			if value.Key == metadataKeyIsState && value.Value == metadataValueIsState {
+			if value.Key == metadataKeyControllerUUID && value.Value != controllerUUID {
+				continue
+			}
+			if value.Key == metadataKeyIsController && value.Value == metadataValueIsController {
 				results = append(results, instance.Id(inst.Name))
 				break
 			}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_instance_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_instance_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_instance_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_instance_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,25 +11,34 @@
 
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/provider/vsphere"
 )
 
 type environInstanceSuite struct {
 	vsphere.BaseSuite
+	namespace instance.Namespace
 }
 
 var _ = gc.Suite(&environInstanceSuite{})
 
 func (s *environInstanceSuite) SetUpTest(c *gc.C) {
 	s.BaseSuite.SetUpTest(c)
+	namespace, err := instance.NewNamespace(s.Env.Config().UUID())
+	c.Assert(err, jc.ErrorIsNil)
+	s.namespace = namespace
+}
+
+func (s *environInstanceSuite) machineName(c *gc.C, id string) string {
+	name, err := s.namespace.Hostname(id)
+	c.Assert(err, jc.ErrorIsNil)
+	return name
 }
 
-func (s *environAvailzonesSuite) TestInstances(c *gc.C) {
+func (s *environInstanceSuite) TestInstances(c *gc.C) {
 	client := vsphere.ExposeEnvFakeClient(s.Env)
 	client.SetPropertyProxyHandler("FakeDatacenter", vsphere.RetrieveDatacenterProperties)
-	vmName1 := common.MachineFullName(s.Env.Config().UUID(), "1")
-	vmName2 := common.MachineFullName(s.Env.Config().UUID(), "2")
+	vmName1 := s.machineName(c, "1")
+	vmName2 := s.machineName(c, "2")
 	s.FakeInstancesWithResourcePool(client, vsphere.InstRp{Inst: vmName1, Rp: "rp1"}, vsphere.InstRp{Inst: vmName2, Rp: "rp2"})
 
 	instances, err := s.Env.Instances([]instance.Id{instance.Id(vmName1), instance.Id(vmName2)})
@@ -40,7 +49,7 @@
 	c.Assert(string(instances[1].Id()), gc.Equals, vmName2)
 }
 
-func (s *environAvailzonesSuite) TestInstancesReturnNoInstances(c *gc.C) {
+func (s *environInstanceSuite) TestInstancesReturnNoInstances(c *gc.C) {
 	client := vsphere.ExposeEnvFakeClient(s.Env)
 	client.SetPropertyProxyHandler("FakeDatacenter", vsphere.RetrieveDatacenterProperties)
 	s.FakeInstancesWithResourcePool(client, vsphere.InstRp{Inst: "Some name that don't match naming convention", Rp: "rp1"})
@@ -50,11 +59,11 @@
 	c.Assert(err, gc.Equals, environs.ErrNoInstances)
 }
 
-func (s *environAvailzonesSuite) TestInstancesReturnPartialInstances(c *gc.C) {
+func (s *environInstanceSuite) TestInstancesReturnPartialInstances(c *gc.C) {
 	client := vsphere.ExposeEnvFakeClient(s.Env)
 	client.SetPropertyProxyHandler("FakeDatacenter", vsphere.RetrieveDatacenterProperties)
-	vmName1 := common.MachineFullName(s.Env.Config().UUID(), "1")
-	vmName2 := common.MachineFullName(s.Env.Config().UUID(), "2")
+	vmName1 := s.machineName(c, "1")
+	vmName2 := s.machineName(c, "2")
 	s.FakeInstancesWithResourcePool(client, vsphere.InstRp{Inst: vmName1, Rp: "rp1"}, vsphere.InstRp{Inst: "Some inst", Rp: "rp2"})
 
 	_, err := s.Env.Instances([]instance.Id{instance.Id(vmName1), instance.Id(vmName2)})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_network.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_network.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_network.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,54 +7,17 @@
 
 import (
 	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
 )
 
-// AllocateAddress implements environs.Environ.
-func (env *environ) AllocateAddress(instID instance.Id, subnetID network.Id, addr *network.Address, _, _ string) error {
-	return env.changeAddress(instID, subnetID, *addr, true)
-}
-
-// ReleaseAddress implements environs.Environ.
-func (env *environ) ReleaseAddress(instID instance.Id, netID network.Id, addr network.Address, _, _ string) error {
-	return env.changeAddress(instID, netID, addr, false)
-}
-
-func (env *environ) changeAddress(instID instance.Id, netID network.Id, addr network.Address, add bool) error {
-	instances, err := env.Instances([]instance.Id{instID})
-	if err != nil {
-		return errors.Trace(err)
-	}
-	inst := instances[0].(*environInstance)
-	_, client, err := inst.getInstanceConfigurator()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	interfaceName := "eth0"
-	if string(netID) == env.ecfg.externalNetwork() {
-		interfaceName = "eth1"
-	}
-	if add {
-		err = client.AddIpAddress(interfaceName, addr.Value)
-	} else {
-		err = client.ReleaseIpAddress(addr.Value)
-	}
-
-	return errors.Trace(err)
-}
-
 // SupportsSpaces is specified on environs.Networking.
 func (env *environ) SupportsSpaces() (bool, error) {
 	return false, errors.NotSupportedf("spaces")
 }
 
-// SupportsAddressAllocation is specified on environs.Networking.
-func (env *environ) SupportsAddressAllocation(_ network.Id) (bool, error) {
-	return false, errors.NotSupportedf("address allocation")
-}
-
 // Subnets implements environs.Environ.
 func (env *environ) Subnets(inst instance.Id, ids []network.Id) ([]network.SubnetInfo, error) {
 	return env.client.Subnets(inst, ids)
@@ -86,6 +49,6 @@
 	return nil, errors.Trace(errors.NotSupportedf("Ports"))
 }
 
-func (e *environ) AllocateContainerAddresses(hostInstanceID instance.Id, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
+func (e *environ) AllocateContainerAddresses(hostInstanceID instance.Id, containerTag names.MachineTag, preparedInfo []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
 	return nil, errors.NotSupportedf("container address allocation")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_policy.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_policy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_policy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_policy.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,6 @@
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/environs/imagemetadata"
 	"github.com/juju/juju/environs/simplestreams"
-	"github.com/juju/juju/network"
 )
 
 // PrecheckInstance verifies that the provided series and constraints
@@ -96,14 +95,7 @@
 // SupportsUnitPlacement implement via common.SupportsUnitPlacementPolicy
 
 // SupportNetworks returns whether the environment has support to
-// specify networks for services and machines.
+// specify networks for applications and machines.
 func (env *environ) SupportNetworks() bool {
 	return false
 }
-
-// SupportAddressAllocation takes a network.Id and returns a bool
-// and an error. The bool indicates whether that network supports
-// static ip address allocation.
-func (env *environ) SupportAddressAllocation(netID network.Id) (bool, error) {
-	return false, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_policy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_policy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_policy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_policy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -74,17 +74,3 @@
 
 	c.Check(isSupported, jc.IsFalse)
 }
-
-func (s *environPolSuite) TestSupportAddressAllocation(c *gc.C) {
-	isSupported, err := s.Env.SupportAddressAllocation("some-network")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(isSupported, jc.IsFalse)
-}
-
-func (s *environPolSuite) TestSupportAddressAllocationEmpty(c *gc.C) {
-	isSupported, err := s.Env.SupportAddressAllocation("")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(isSupported, jc.IsFalse)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,6 +15,7 @@
 	"github.com/juju/juju/feature"
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/provider/vsphere"
+	"github.com/juju/juju/testing"
 )
 
 type environSuite struct {
@@ -34,7 +35,7 @@
 	})
 
 	os.Setenv(osenv.JujuFeatureFlagEnvKey, feature.VSphereProvider)
-	_, err := s.Env.Bootstrap(nil, environs.BootstrapParams{})
+	_, err := s.Env.Bootstrap(nil, environs.BootstrapParams{ControllerConfig: testing.FakeControllerConfig()})
 	c.Assert(err, gc.ErrorMatches, "Bootstrap called")
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/ova_import_manager.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/ova_import_manager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/ova_import_manager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/ova_import_manager.go	2016-07-18 19:45:44.000000000 +0000
@@ -95,8 +95,13 @@
 		Limit:       int64(*instSpec.hwc.CpuPower),
 		Reservation: int64(*instSpec.hwc.CpuPower),
 	}
-	if instSpec.isState {
-		s.ExtraConfig = append(s.ExtraConfig, &types.OptionValue{Key: metadataKeyIsState, Value: metadataValueIsState})
+	s.ExtraConfig = append(s.ExtraConfig, &types.OptionValue{
+		Key: metadataKeyControllerUUID, Value: instSpec.controllerUUID,
+	})
+	if instSpec.isController {
+		s.ExtraConfig = append(s.ExtraConfig, &types.OptionValue{
+			Key: metadataKeyIsController, Value: metadataValueIsController,
+		})
 	}
 	for _, d := range s.DeviceChange {
 		if disk, ok := d.GetVirtualDeviceConfigSpec().Device.(*types.VirtualDisk); ok {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/provider.go juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/provider.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/provider/vsphere/provider.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/provider/vsphere/provider.go	2016-07-18 19:45:44.000000000 +0000
@@ -46,7 +46,7 @@
 	default:
 		return nil, errors.NotSupportedf("%q auth-type", authType)
 	}
-	return p.PrepareForCreateEnvironment(cfg)
+	return p.PrepareForCreateEnvironment(args.ControllerUUID, cfg)
 }
 
 // PrepareForBootstrap implements environs.EnvironProvider.
@@ -60,7 +60,7 @@
 }
 
 // PrepareForCreateEnvironment is specified in the EnvironProvider interface.
-func (environProvider) PrepareForCreateEnvironment(cfg *config.Config) (*config.Config, error) {
+func (environProvider) PrepareForCreateEnvironment(controllerUUID string, cfg *config.Config) (*config.Config, error) {
 	return cfg, nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,10 +10,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	basetesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/apiserver/params"
@@ -54,7 +54,7 @@
 	return nil
 }
 
-func newResourceResult(c *gc.C, serviceID string, names ...string) ([]resource.Resource, api.ResourcesResult) {
+func newResourceResult(c *gc.C, applicationID string, names ...string) ([]resource.Resource, api.ResourcesResult) {
 	var resources []resource.Resource
 	var apiResult api.ResourcesResult
 	for _, name := range names {
@@ -67,7 +67,7 @@
 }
 
 func newResource(c *gc.C, name, username, data string) (resource.Resource, api.Resource) {
-	opened := resourcetesting.NewResource(c, nil, name, "a-service", data)
+	opened := resourcetesting.NewResource(c, nil, name, "a-application", data)
 	res := opened.Resource
 	res.Revision = 1
 	res.Username = username
@@ -88,10 +88,10 @@
 			Fingerprint: res.Fingerprint.Bytes(),
 			Size:        res.Size,
 		},
-		ID:        res.ID,
-		ServiceID: res.ServiceID,
-		Username:  username,
-		Timestamp: res.Timestamp,
+		ID:            res.ID,
+		ApplicationID: res.ApplicationID,
+		Username:      username,
+		Timestamp:     res.Timestamp,
 	}
 
 	return res, apiRes
@@ -126,7 +126,7 @@
 				apiResult, ok := s.apiResults[service]
 				if !ok {
 					apiResult.Error = &params.Error{
-						Message: fmt.Sprintf("service %q not found", service),
+						Message: fmt.Sprintf("application %q not found", service),
 						Code:    params.CodeNotFound,
 					}
 				}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/client.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -47,7 +47,7 @@
 }
 
 // ListResources calls the ListResources API server method with
-// the given service names.
+// the given application names.
 func (c Client) ListResources(services []string) ([]resource.ServiceResources, error) {
 	args, err := api.NewListResourcesArgs(services)
 	if err != nil {
@@ -104,10 +104,10 @@
 
 // AddPendingResourcesArgs holds the arguments to AddPendingResources().
 type AddPendingResourcesArgs struct {
-	// ServiceID identifies the service being deployed.
-	ServiceID string
+	// ApplicationID identifies the application being deployed.
+	ApplicationID string
 
-	// CharmID identifies the service's charm.
+	// CharmID identifies the application's charm.
 	CharmID charmstore.CharmID
 
 	// CharmStoreMacaroon is the macaroon to use for the charm when
@@ -122,7 +122,7 @@
 // AddPendingResources sends the provided resource info up to Juju
 // without making it available yet.
 func (c Client) AddPendingResources(args AddPendingResourcesArgs) (pendingIDs []string, err error) {
-	apiArgs, err := api.NewAddPendingResourcesArgs(args.ServiceID, args.CharmID, args.CharmStoreMacaroon, args.Resources)
+	apiArgs, err := api.NewAddPendingResourcesArgs(args.ApplicationID, args.CharmID, args.CharmStoreMacaroon, args.Resources)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -151,11 +151,11 @@
 
 // AddPendingResource sends the provided resource blob up to Juju
 // without making it available yet. For example, AddPendingResource()
-// is used before the service is deployed.
-func (c Client) AddPendingResource(serviceID string, res charmresource.Resource, filename string, reader io.ReadSeeker) (pendingID string, err error) {
+// is used before the application is deployed.
+func (c Client) AddPendingResource(applicationID string, res charmresource.Resource, filename string, reader io.ReadSeeker) (pendingID string, err error) {
 	ids, err := c.AddPendingResources(AddPendingResourcesArgs{
-		ServiceID: serviceID,
-		Resources: []charmresource.Resource{res},
+		ApplicationID: applicationID,
+		Resources:     []charmresource.Resource{res},
 	})
 	if err != nil {
 		return "", errors.Trace(err)
@@ -163,7 +163,7 @@
 	pendingID = ids[0]
 
 	if reader != nil {
-		uReq, err := api.NewUploadRequest(serviceID, res.Name, filename, reader)
+		uReq, err := api.NewUploadRequest(applicationID, res.Name, filename, reader)
 		if err != nil {
 			return "", errors.Trace(err)
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/client_listresources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/client_listresources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/client_listresources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/client_listresources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,12 +21,12 @@
 }
 
 func (s *ListResourcesSuite) TestOkay(c *gc.C) {
-	expected, apiResult := newResourceResult(c, "a-service", "spam")
-	s.facade.apiResults["a-service"] = apiResult
+	expected, apiResult := newResourceResult(c, "a-application", "spam")
+	s.facade.apiResults["a-application"] = apiResult
 
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service"}
+	services := []string{"a-application"}
 	results, err := cl.ListResources(services)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -37,7 +37,7 @@
 	s.stub.CheckCall(c, 0, "FacadeCall",
 		"ListResources",
 		&api.ListResourcesArgs{[]params.Entity{{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		}}},
 		&api.ResourcesResults{
 			Results: []api.ResourcesResult{
@@ -48,14 +48,14 @@
 }
 
 func (s *ListResourcesSuite) TestBulk(c *gc.C) {
-	expected1, apiResult1 := newResourceResult(c, "a-service", "spam")
-	s.facade.apiResults["a-service"] = apiResult1
-	expected2, apiResult2 := newResourceResult(c, "other-service", "eggs", "ham")
-	s.facade.apiResults["other-service"] = apiResult2
+	expected1, apiResult1 := newResourceResult(c, "a-application", "spam")
+	s.facade.apiResults["a-application"] = apiResult1
+	expected2, apiResult2 := newResourceResult(c, "other-application", "eggs", "ham")
+	s.facade.apiResults["other-application"] = apiResult2
 
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service", "other-service"}
+	services := []string{"a-application", "other-application"}
 	results, err := cl.ListResources(services)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -68,9 +68,9 @@
 		"ListResources",
 		&api.ListResourcesArgs{[]params.Entity{
 			{
-				Tag: "service-a-service",
+				Tag: "application-a-application",
 			}, {
-				Tag: "service-other-service",
+				Tag: "application-other-application",
 			},
 		}},
 		&api.ResourcesResults{
@@ -99,14 +99,14 @@
 	services := []string{"???"}
 	_, err := cl.ListResources(services)
 
-	c.Check(err, gc.ErrorMatches, `.*invalid service.*`)
+	c.Check(err, gc.ErrorMatches, `.*invalid application.*`)
 	s.stub.CheckNoCalls(c)
 }
 
 func (s *ListResourcesSuite) TestServiceNotFound(c *gc.C) {
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service"}
+	services := []string{"a-application"}
 	_, err := cl.ListResources(services)
 
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
@@ -114,11 +114,11 @@
 }
 
 func (s *ListResourcesSuite) TestServiceEmpty(c *gc.C) {
-	s.facade.apiResults["a-service"] = api.ResourcesResult{}
+	s.facade.apiResults["a-application"] = api.ResourcesResult{}
 
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service"}
+	services := []string{"a-application"}
 	results, err := cl.ListResources(services)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -136,7 +136,7 @@
 
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service"}
+	services := []string{"a-application"}
 	_, err := cl.ListResources(services)
 
 	c.Check(err, gc.ErrorMatches, `<failure>`)
@@ -157,7 +157,7 @@
 
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service", "other-service"}
+	services := []string{"a-application", "other-application"}
 	results, err := cl.ListResources(services)
 
 	c.Check(results, gc.HasLen, 0)
@@ -183,7 +183,7 @@
 
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service", "other-service"}
+	services := []string{"a-application", "other-application"}
 	results, err := cl.ListResources(services)
 
 	c.Check(results, gc.HasLen, 0)
@@ -209,7 +209,7 @@
 
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	services := []string{"a-service"}
+	services := []string{"a-application"}
 	_, err := cl.ListResources(services)
 
 	c.Check(err, gc.ErrorMatches, `.*got bad data.*`)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/client_upload_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/client_upload_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/client/client_upload_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/client/client_upload_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -35,12 +35,12 @@
 
 	_, s.response.Resource = newResource(c, "spam", "a-user", data)
 
-	err := cl.Upload("a-service", "spam", "foo.zip", reader)
+	err := cl.Upload("a-application", "spam", "foo.zip", reader)
 	c.Assert(err, jc.ErrorIsNil)
 
 	fp, err := charmresource.GenerateFingerprint(strings.NewReader(data))
 	c.Assert(err, jc.ErrorIsNil)
-	req, err := http.NewRequest("PUT", "/services/a-service/resources/spam", nil)
+	req, err := http.NewRequest("PUT", "/applications/a-application/resources/spam", nil)
 	c.Assert(err, jc.ErrorIsNil)
 	req.Header.Set("Content-Type", "application/octet-stream")
 	req.Header.Set("Content-SHA384", fp.String())
@@ -57,7 +57,7 @@
 
 	err := cl.Upload("???", "spam", "file.zip", nil)
 
-	c.Check(err, gc.ErrorMatches, `.*invalid service.*`)
+	c.Check(err, gc.ErrorMatches, `.*invalid application.*`)
 	s.stub.CheckNoCalls(c)
 }
 
@@ -67,7 +67,7 @@
 	failure := errors.New("<failure>")
 	s.stub.SetErrors(failure)
 
-	err := cl.Upload("a-service", "spam", "file.zip", reader)
+	err := cl.Upload("a-application", "spam", "file.zip", reader)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c, "Read")
@@ -80,14 +80,14 @@
 	failure := errors.New("<failure>")
 	s.stub.SetErrors(nil, nil, nil, failure)
 
-	err := cl.Upload("a-service", "spam", "file.zip", reader)
+	err := cl.Upload("a-application", "spam", "file.zip", reader)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c, "Read", "Read", "Seek", "Do")
 }
 
 func (s *UploadSuite) TestPendingResources(c *gc.C) {
-	res, apiResult := newResourceResult(c, "a-service", "spam")
+	res, apiResult := newResourceResult(c, "a-application", "spam")
 	resources := []charmresource.Resource{res[0].Resource}
 	uuid, err := utils.NewUUID()
 	c.Assert(err, jc.ErrorIsNil)
@@ -98,7 +98,7 @@
 	cl := client.NewClient(s.facade, s, s.facade)
 
 	pendingIDs, err := cl.AddPendingResources(client.AddPendingResourcesArgs{
-		ServiceID: "a-service",
+		ApplicationID: "a-application",
 		CharmID: charmstore.CharmID{
 			URL: cURL,
 		},
@@ -112,7 +112,7 @@
 }
 
 func (s *UploadSuite) TestPendingResourceOkay(c *gc.C) {
-	res, apiResult := newResourceResult(c, "a-service", "spam")
+	res, apiResult := newResourceResult(c, "a-application", "spam")
 	uuid, err := utils.NewUUID()
 	c.Assert(err, jc.ErrorIsNil)
 	expected := uuid.String()
@@ -123,7 +123,7 @@
 	s.facade.pendingIDs = []string{expected}
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	uploadID, err := cl.AddPendingResource("a-service", res[0].Resource, "file.zip", reader)
+	uploadID, err := cl.AddPendingResource("a-application", res[0].Resource, "file.zip", reader)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
@@ -136,7 +136,7 @@
 
 	fp, err := charmresource.GenerateFingerprint(strings.NewReader(data))
 	c.Assert(err, jc.ErrorIsNil)
-	req, err := http.NewRequest("PUT", "/services/a-service/resources/spam", nil)
+	req, err := http.NewRequest("PUT", "/applications/a-application/resources/spam", nil)
 	c.Assert(err, jc.ErrorIsNil)
 	req.Header.Set("Content-Type", "application/octet-stream")
 	req.Header.Set("Content-SHA384", fp.String())
@@ -150,7 +150,7 @@
 }
 
 func (s *UploadSuite) TestPendingResourceNoFile(c *gc.C) {
-	res, apiResult := newResourceResult(c, "a-service", "spam")
+	res, apiResult := newResourceResult(c, "a-application", "spam")
 	uuid, err := utils.NewUUID()
 	c.Assert(err, jc.ErrorIsNil)
 	expected := uuid.String()
@@ -158,7 +158,7 @@
 	s.facade.pendingIDs = []string{expected}
 	cl := client.NewClient(s.facade, s, s.facade)
 
-	uploadID, err := cl.AddPendingResource("a-service", res[0].Resource, "file.zip", nil)
+	uploadID, err := cl.AddPendingResource("a-application", res[0].Resource, "file.zip", nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
@@ -168,13 +168,13 @@
 }
 
 func (s *UploadSuite) TestPendingResourceBadService(c *gc.C) {
-	res, _ := newResourceResult(c, "a-service", "spam")
+	res, _ := newResourceResult(c, "a-application", "spam")
 	s.facade.FacadeCallFn = nil
 	cl := client.NewClient(s.facade, s, s.facade)
 
 	_, err := cl.AddPendingResource("???", res[0].Resource, "file.zip", nil)
 
-	c.Check(err, gc.ErrorMatches, `.*invalid service.*`)
+	c.Check(err, gc.ErrorMatches, `.*invalid application.*`)
 	s.stub.CheckNoCalls(c)
 }
 
@@ -187,14 +187,14 @@
 	failure := errors.New("<failure>")
 	s.stub.SetErrors(nil, failure)
 
-	_, err := cl.AddPendingResource("a-service", chRes, "file.zip", reader)
+	_, err := cl.AddPendingResource("a-application", chRes, "file.zip", reader)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c, "FacadeCall", "Read")
 }
 
 func (s *UploadSuite) TestPendingResourceRequestFailed(c *gc.C) {
-	res, _ := newResourceResult(c, "a-service", "spam")
+	res, _ := newResourceResult(c, "a-application", "spam")
 	reader := &stubFile{stub: s.stub}
 	reader.returnRead = strings.NewReader("<data>")
 	s.facade.pendingIDs = []string{"some-unique-id"}
@@ -202,7 +202,7 @@
 	failure := errors.New("<failure>")
 	s.stub.SetErrors(nil, nil, nil, nil, failure)
 
-	_, err := cl.AddPendingResource("a-service", res[0].Resource, "file.zip", reader)
+	_, err := cl.AddPendingResource("a-application", res[0].Resource, "file.zip", reader)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/data.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/data.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/data.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/data.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/apiserver/params"
@@ -26,13 +26,13 @@
 	var args ListResourcesArgs
 	var errs []error
 	for _, service := range services {
-		if !names.IsValidService(service) {
-			err := errors.Errorf("invalid service %q", service)
+		if !names.IsValidApplication(service) {
+			err := errors.Errorf("invalid application %q", service)
 			errs = append(errs, err)
 			continue
 		}
 		args.Entities = append(args.Entities, params.Entity{
-			Tag: names.NewServiceTag(service).String(),
+			Tag: names.NewApplicationTag(service).String(),
 		})
 	}
 	if err := resolveErrors(errs); err != nil {
@@ -53,13 +53,13 @@
 
 // NewAddPendingResourcesArgs returns the arguments for the
 // AddPendingResources API endpoint.
-func NewAddPendingResourcesArgs(serviceID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) (AddPendingResourcesArgs, error) {
+func NewAddPendingResourcesArgs(applicationID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) (AddPendingResourcesArgs, error) {
 	var args AddPendingResourcesArgs
 
-	if !names.IsValidService(serviceID) {
-		return args, errors.Errorf("invalid service %q", serviceID)
+	if !names.IsValidApplication(applicationID) {
+		return args, errors.Errorf("invalid application %q", applicationID)
 	}
-	tag := names.NewServiceTag(serviceID).String()
+	tag := names.NewApplicationTag(applicationID).String()
 
 	var apiResources []CharmResource
 	for _, res := range resources {
@@ -86,31 +86,31 @@
 
 	// PendingIDs holds the "pending ID" for each of the requested
 	// resources.
-	PendingIDs []string
+	PendingIDs []string `json:"pending-ids"`
 }
 
 // ResourcesResults holds the resources that result
 // from a bulk API call.
 type ResourcesResults struct {
 	// Results is the list of resource results.
-	Results []ResourcesResult
+	Results []ResourcesResult `json:"results"`
 }
 
 // ResourcesResult holds the resources that result from an API call
-// for a single service.
+// for a single application.
 type ResourcesResult struct {
 	params.ErrorResult
 
-	// Resources is the list of resources for the service.
-	Resources []Resource
+	// Resources is the list of resources for the application.
+	Resources []Resource `json:"resources"`
 
 	// CharmStoreResources is the list of resources associated with the charm in
 	// the charmstore.
-	CharmStoreResources []CharmResource
+	CharmStoreResources []CharmResource `json:"charm-store-resources"`
 
 	// UnitResources contains a list of the resources for each unit in the
-	// service.
-	UnitResources []UnitResources
+	// application.
+	UnitResources []UnitResources `json:"unit-resources"`
 }
 
 // A UnitResources contains a list of the resources the unit defined by Entity.
@@ -118,12 +118,12 @@
 	params.Entity
 
 	// Resources is a list of resources for the unit.
-	Resources []Resource
+	Resources []Resource `json:"resources"`
 
 	// DownloadProgress indicates the number of bytes of a resource file
 	// have been downloaded so far the uniter. Only currently downloading
 	// resources are included.
-	DownloadProgress map[string]int64
+	DownloadProgress map[string]int64 `json:"download-progress"`
 }
 
 // UploadResult is the response from an upload request.
@@ -131,25 +131,25 @@
 	params.ErrorResult
 
 	// Resource describes the resource that was stored in the model.
-	Resource Resource
+	Resource Resource `json:"resource"`
 }
 
 // Resource contains info about a Resource.
 type Resource struct {
 	CharmResource
 
-	// ID uniquely identifies a resource-service pair within the model.
+	// ID uniquely identifies a resource-application pair within the model.
 	// Note that the model ignores pending resources (those with a
 	// pending ID) except for in a few clearly pending-related places.
-	ID string
+	ID string `json:"id"`
 
 	// PendingID identifies that this resource is pending and
 	// distinguishes it from other pending resources with the same model
 	// ID (and from the active resource).
-	PendingID string
+	PendingID string `json:"pending-id"`
 
-	// ServiceID identifies the service for the resource.
-	ServiceID string
+	// ApplicationID identifies the application for the resource.
+	ApplicationID string `json:"application"`
 
 	// Username is the ID of the user that added the revision
 	// to the model (whether implicitly or explicitly).
@@ -183,7 +183,7 @@
 	Fingerprint []byte `json:"fingerprint"`
 
 	// Size is the size of the resource, in bytes.
-	Size int64
+	Size int64 `json:"size"`
 }
 
 func resolveErrors(errs []error) error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/helpers.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/helpers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/helpers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/helpers.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
@@ -22,7 +22,7 @@
 		CharmResource: CharmResource2API(res.Resource),
 		ID:            res.ID,
 		PendingID:     res.PendingID,
-		ServiceID:     res.ServiceID,
+		ApplicationID: res.ApplicationID,
 		Username:      res.Username,
 		Timestamp:     res.Timestamp,
 	}
@@ -129,12 +129,12 @@
 	}
 
 	res = resource.Resource{
-		Resource:  charmRes,
-		ID:        apiRes.ID,
-		PendingID: apiRes.PendingID,
-		ServiceID: apiRes.ServiceID,
-		Username:  apiRes.Username,
-		Timestamp: apiRes.Timestamp,
+		Resource:      charmRes,
+		ID:            apiRes.ID,
+		PendingID:     apiRes.PendingID,
+		ApplicationID: apiRes.ApplicationID,
+		Username:      apiRes.Username,
+		Timestamp:     apiRes.Timestamp,
 	}
 
 	if err := res.Validate(); err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/helpers_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/helpers_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/helpers_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/helpers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/resource"
@@ -51,11 +51,11 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	err = res.Validate()
 	c.Assert(err, jc.ErrorIsNil)
@@ -72,11 +72,11 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	})
 }
 
@@ -97,11 +97,11 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	err = expected.Validate()
 	c.Assert(err, jc.ErrorIsNil)
@@ -119,11 +119,11 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	err = unitExpected.Validate()
 	c.Assert(err, jc.ErrorIsNil)
@@ -139,11 +139,11 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 
 	unitRes := api.Resource{
@@ -157,11 +157,11 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 
 	fp2, err := charmresource.GenerateFingerprint(strings.NewReader("boo!"))
@@ -254,11 +254,11 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	err = expected.Validate()
 	c.Assert(err, jc.ErrorIsNil)
@@ -276,11 +276,11 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	err = unitExpected.Validate()
 	c.Assert(err, jc.ErrorIsNil)
@@ -296,11 +296,11 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 
 	unitRes := api.Resource{
@@ -314,11 +314,11 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 
 	_, err = api.APIResult2ServiceResources(api.ResourcesResult{
@@ -350,8 +350,8 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		ServiceID: "a-service",
+		ID:            "a-application/spam",
+		ApplicationID: "a-application",
 	}
 	failure := errors.New("<failure>")
 
@@ -381,14 +381,14 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		ServiceID: "a-service",
+		ID:            "a-application/spam",
+		ApplicationID: "a-application",
 	}
 
 	_, err := api.APIResult2ServiceResources(api.ResourcesResult{
 		ErrorResult: params.ErrorResult{
 			Error: &params.Error{
-				Message: `service "a-service" not found`,
+				Message: `application "a-application" not found`,
 				Code:    params.CodeNotFound,
 			},
 		},
@@ -413,11 +413,11 @@
 			Fingerprint: []byte(fingerprint),
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -436,11 +436,11 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	err = expected.Validate()
 	c.Assert(err, jc.ErrorIsNil)
@@ -513,11 +513,11 @@
 }
 
 func (HelpersSuite) TestServiceResources2API(c *gc.C) {
-	res1 := resourcetesting.NewResource(c, nil, "res1", "a-service", "data").Resource
-	res2 := resourcetesting.NewResource(c, nil, "res2", "a-service", "data2").Resource
+	res1 := resourcetesting.NewResource(c, nil, "res1", "a-application", "data").Resource
+	res2 := resourcetesting.NewResource(c, nil, "res2", "a-application", "data2").Resource
 
-	tag0 := names.NewUnitTag("a-service/0")
-	tag1 := names.NewUnitTag("a-service/1")
+	tag0 := names.NewUnitTag("a-application/0")
+	tag1 := names.NewUnitTag("a-application/1")
 
 	chres1 := res1.Resource
 	chres2 := res2.Resource
@@ -566,7 +566,7 @@
 		UnitResources: []api.UnitResources{
 			{
 				Entity: params.Entity{
-					Tag: "unit-a-service-0",
+					Tag: "unit-a-application-0",
 				},
 				Resources: []api.Resource{
 					apiRes1,
@@ -580,7 +580,7 @@
 				// we should have a listing for every unit, even if they
 				// have no resources.
 				Entity: params.Entity{
-					Tag: "unit-a-service-1",
+					Tag: "unit-a-application-1",
 				},
 			},
 		},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/http.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/http.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/http.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/http.go	2016-07-18 19:45:44.000000000 +0000
@@ -25,11 +25,11 @@
 	// the API server. This includes wildcards (starting with ":") that
 	// are converted into URL query values by the pattern mux. Also see
 	// apiserver/apiserver.go.
-	HTTPEndpointPattern = "/services/:service/resources/:resource"
+	HTTPEndpointPattern = "/applications/:application/resources/:resource"
 
 	// HTTPEndpointPath is the URL path, with substitutions, for
 	// a resource request.
-	HTTPEndpointPath = "/services/%s/resources/%s"
+	HTTPEndpointPath = "/applications/%s/resources/%s"
 )
 
 const (
@@ -76,7 +76,7 @@
 // ExtractEndpointDetails pulls the endpoint wildcard values from
 // the provided URL.
 func ExtractEndpointDetails(url *url.URL) (service, name string) {
-	service = url.Query().Get(":service")
+	service = url.Query().Get(":application")
 	name = url.Query().Get(":resource")
 	return service, name
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/client/client_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/client/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/client/client_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/client/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -48,7 +48,7 @@
 }
 
 func (s *UnitFacadeClientSuite) TestGetResource(c *gc.C) {
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	s.api.setResource(opened.Resource, opened)
 	cl := client.NewUnitFacadeClient(s.api, s.api)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/data.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/data.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/data.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/data.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,12 +11,12 @@
 )
 
 // ListResourcesArgs holds the arguments for an API request to list
-// resources for a service. The service is implicit to the uniter-
+// resources for an application. The application is implicit to the uniter-
 // specific HTTP connection.
 type ListResourcesArgs struct {
-	// ResourceNames holds the names of the service's resources for
+	// ResourceNames holds the names of the application's resources for
 	// which information should be provided.
-	ResourceNames []string
+	ResourceNames []string `json:"resource-names"`
 }
 
 // ResourcesResult holds the resource info for a list of requested
@@ -26,7 +26,7 @@
 
 	// Resources is the list of results for the requested resources,
 	// in the same order as requested.
-	Resources []ResourceResult
+	Resources []ResourceResult `json:"resources"`
 }
 
 // ResourceResult is the result for a single requested resource.
@@ -34,5 +34,5 @@
 	params.ErrorResult
 
 	// Resource is the info for the requested resource.
-	Resource api.Resource
+	Resource api.Resource `json:"resource"`
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/server/handler_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/server/handler_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/server/handler_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/server/handler_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -43,7 +43,7 @@
 }
 
 func (s *LegacyHTTPHandlerSuite) TestIntegration(c *gc.C) {
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	s.opener.ReturnOpenResource = opened
 	s.deps.ReturnNewResourceOpener = s.opener
 	deps := server.NewLegacyHTTPHandlerDeps(s.deps)
@@ -75,7 +75,7 @@
 
 func (s *LegacyHTTPHandlerSuite) TestServeHTTPDownloadOkay(c *gc.C) {
 	s.deps.ReturnNewResourceOpener = s.opener
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	s.deps.ReturnHandleDownload = opened
 	h := &server.LegacyHTTPHandler{
 		LegacyHTTPHandlerDeps: s.deps,
@@ -120,7 +120,7 @@
 }
 
 func (s *LegacyHTTPHandlerSuite) TestServeHTTPDownloadCopyFailed(c *gc.C) {
-	s.deps.ReturnHandleDownload = resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	s.deps.ReturnHandleDownload = resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	h := &server.LegacyHTTPHandler{
 		LegacyHTTPHandlerDeps: s.deps,
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/server/unitfacade.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/server/unitfacade.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/server/unitfacade.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/server/unitfacade.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,9 +17,9 @@
 const FacadeVersion = 1
 
 // UnitDataStore exposes the data storage functionality needed here.
-// All functionality is tied to the unit's service.
+// All functionality is tied to the unit's application.
 type UnitDataStore interface {
-	// ListResources lists all the resources for the service.
+	// ListResources lists all the resources for the application.
 	ListResources() (resource.ServiceResources, error)
 }
 
@@ -37,7 +37,7 @@
 }
 
 // GetResourceInfo returns the resource info for each of the given
-// resource names (for the implicit service). If any one is missing then
+// resource names (for the implicit application). If any one is missing then
 // the corresponding result is set with errors.NotFound.
 func (uf UnitFacade) GetResourceInfo(args private.ListResourcesArgs) (private.ResourcesResult, error) {
 	var r private.ResourcesResult
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/server/unitfacade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/server/unitfacade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/private/server/unitfacade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/private/server/unitfacade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -42,9 +42,9 @@
 }
 
 func (s *UnitFacadeSuite) TestGetResourceInfoOkay(c *gc.C) {
-	opened1 := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened1 := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	res1 := opened1.Resource
-	opened2 := resourcetesting.NewResource(c, s.stub, "eggs", "a-service", "other data")
+	opened2 := resourcetesting.NewResource(c, s.stub, "eggs", "a-application", "other data")
 	res2 := opened2.Resource
 	store := &stubUnitDataStore{Stub: s.stub}
 	store.ReturnListResources = resource.ServiceResources{
@@ -68,7 +68,7 @@
 }
 
 func (s *UnitFacadeSuite) TestGetResourceInfoEmpty(c *gc.C) {
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	store := &stubUnitDataStore{Stub: s.stub}
 	store.ReturnListResources = resource.ServiceResources{
 		Resources: []resource.Resource{opened.Resource},
@@ -87,7 +87,7 @@
 }
 
 func (s *UnitFacadeSuite) TestGetResourceInfoNotFound(c *gc.C) {
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	store := &stubUnitDataStore{Stub: s.stub}
 	store.ReturnListResources = resource.ServiceResources{
 		Resources: []resource.Resource{opened.Resource},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -45,7 +45,7 @@
 }
 
 func newResource(c *gc.C, name, username, data string) (resource.Resource, api.Resource) {
-	opened := resourcetesting.NewResource(c, nil, name, "a-service", data)
+	opened := resourcetesting.NewResource(c, nil, name, "a-application", data)
 	res := opened.Resource
 	res.Username = username
 	if username == "" {
@@ -62,10 +62,10 @@
 			Fingerprint: res.Fingerprint.Bytes(),
 			Size:        res.Size,
 		},
-		ID:        res.ID,
-		ServiceID: res.ServiceID,
-		Username:  username,
-		Timestamp: res.Timestamp,
+		ID:            res.ID,
+		ApplicationID: res.ApplicationID,
+		Username:      username,
+		Timestamp:     res.Timestamp,
 	}
 
 	return res, apiRes
@@ -118,8 +118,8 @@
 	return s.ReturnGetPendingResource, nil
 }
 
-func (s *stubDataStore) SetResource(serviceID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error) {
-	s.stub.AddCall("SetResource", serviceID, userID, res, r)
+func (s *stubDataStore) SetResource(applicationID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error) {
+	s.stub.AddCall("SetResource", applicationID, userID, res, r)
 	if err := s.stub.NextErr(); err != nil {
 		return resource.Resource{}, errors.Trace(err)
 	}
@@ -127,8 +127,8 @@
 	return s.ReturnSetResource, nil
 }
 
-func (s *stubDataStore) UpdatePendingResource(serviceID, pendingID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error) {
-	s.stub.AddCall("UpdatePendingResource", serviceID, pendingID, userID, res, r)
+func (s *stubDataStore) UpdatePendingResource(applicationID, pendingID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error) {
+	s.stub.AddCall("UpdatePendingResource", applicationID, pendingID, userID, res, r)
 	if err := s.stub.NextErr(); err != nil {
 		return resource.Resource{}, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/handler.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/handler.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/handler.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/handler.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"net/http"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/resource/api"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/handler_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/handler_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/handler_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/handler_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,10 +11,10 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/resource/api"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/server_addpending_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/server_addpending_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/server_addpending_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/server_addpending_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,7 +29,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		Resources: []api.CharmResource{
 			apiRes1.CharmResource,
@@ -38,7 +38,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "AddPendingResource")
-	s.stub.CheckCall(c, 0, "AddPendingResource", "a-service", "", res1.Resource, nil)
+	s.stub.CheckCall(c, 0, "AddPendingResource", "a-application", "", res1.Resource, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -62,7 +62,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 			URL: "cs:~a-user/trusty/spam-5",
@@ -75,7 +75,7 @@
 	c.Assert(result.Error, gc.IsNil)
 
 	s.stub.CheckCallNames(c, "newCSClient", "ListResources", "AddPendingResource")
-	s.stub.CheckCall(c, 2, "AddPendingResource", "a-service", "", res1.Resource, nil)
+	s.stub.CheckCall(c, 2, "AddPendingResource", "a-application", "", res1.Resource, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -101,7 +101,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 			URL: "cs:~a-user/trusty/spam-5",
@@ -114,7 +114,7 @@
 	c.Assert(result.Error, gc.IsNil)
 
 	s.stub.CheckCallNames(c, "newCSClient", "ListResources", "AddPendingResource")
-	s.stub.CheckCall(c, 2, "AddPendingResource", "a-service", "", res1.Resource, nil)
+	s.stub.CheckCall(c, 2, "AddPendingResource", "a-application", "", res1.Resource, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -150,7 +150,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 			URL: "cs:~a-user/trusty/spam-5",
@@ -162,7 +162,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "newCSClient", "ListResources", "ResourceInfo", "AddPendingResource")
-	s.stub.CheckCall(c, 3, "AddPendingResource", "a-service", "", expected, nil)
+	s.stub.CheckCall(c, 3, "AddPendingResource", "a-application", "", expected, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -192,7 +192,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 			URL: "cs:~a-user/trusty/spam-5",
@@ -205,7 +205,7 @@
 	c.Assert(result.Error, gc.IsNil)
 
 	s.stub.CheckCallNames(c, "newCSClient", "ListResources", "AddPendingResource")
-	s.stub.CheckCall(c, 2, "AddPendingResource", "a-service", "", res1.Resource, nil)
+	s.stub.CheckCall(c, 2, "AddPendingResource", "a-application", "", res1.Resource, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -228,7 +228,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 			URL: "local:trusty/spam",
@@ -241,7 +241,7 @@
 	c.Assert(result.Error, gc.IsNil)
 
 	s.stub.CheckCallNames(c, "AddPendingResource")
-	s.stub.CheckCall(c, 0, "AddPendingResource", "a-service", "", expected, nil)
+	s.stub.CheckCall(c, 0, "AddPendingResource", "a-application", "", expected, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -268,7 +268,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 			URL: "cs:~a-user/trusty/spam-5",
@@ -281,7 +281,7 @@
 	c.Assert(result.Error, gc.IsNil)
 
 	s.stub.CheckCallNames(c, "newCSClient", "ListResources", "AddPendingResource")
-	s.stub.CheckCall(c, 2, "AddPendingResource", "a-service", "", res1.Resource, nil)
+	s.stub.CheckCall(c, 2, "AddPendingResource", "a-application", "", res1.Resource, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -298,7 +298,7 @@
 //
 //	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 //		Entity: params.Entity{
-//			Tag: "service-a-service",
+//			Tag: "application-a-application",
 //		},
 //		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 //			URL: "cs:~a-user/trusty/spam-5",
@@ -334,7 +334,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		AddCharmWithAuthorization: params.AddCharmWithAuthorization{
 			URL: "cs:~a-user/trusty/spam-5",
@@ -346,7 +346,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "newCSClient", "ListResources", "AddPendingResource")
-	s.stub.CheckCall(c, 2, "AddPendingResource", "a-service", "", res1.Resource, nil)
+	s.stub.CheckCall(c, 2, "AddPendingResource", "a-application", "", res1.Resource, nil)
 	c.Check(result, jc.DeepEquals, api.AddPendingResourcesResult{
 		PendingIDs: []string{
 			id1,
@@ -363,7 +363,7 @@
 
 	result, err := facade.AddPendingResources(api.AddPendingResourcesArgs{
 		Entity: params.Entity{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		},
 		Resources: []api.CharmResource{
 			apiRes1.CharmResource,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/server.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/server.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/server.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/server.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
 	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	"github.com/juju/juju/apiserver/common"
@@ -77,24 +77,24 @@
 // resourceInfoStore is the portion of Juju's "state" needed
 // for the resources facade.
 type resourceInfoStore interface {
-	// ListResources returns the resources for the given service.
+	// ListResources returns the resources for the given application.
 	ListResources(service string) (resource.ServiceResources, error)
 
 	// AddPendingResource adds the resource to the data store in a
 	// "pending" state. It will stay pending (and unavailable) until
 	// it is resolved. The returned ID is used to identify the pending
 	// resources when resolving it.
-	AddPendingResource(serviceID, userID string, chRes charmresource.Resource, r io.Reader) (string, error)
+	AddPendingResource(applicationID, userID string, chRes charmresource.Resource, r io.Reader) (string, error)
 }
 
-// ListResources returns the list of resources for the given service.
+// ListResources returns the list of resources for the given application.
 func (f Facade) ListResources(args api.ListResourcesArgs) (api.ResourcesResults, error) {
 	var r api.ResourcesResults
 	r.Results = make([]api.ResourcesResult, len(args.Entities))
 
 	for i, e := range args.Entities {
 		logger.Tracef("Listing resources for %q", e.Tag)
-		tag, apierr := parseServiceTag(e.Tag)
+		tag, apierr := parseApplicationTag(e.Tag)
 		if apierr != nil {
 			r.Results[i] = api.ResourcesResult{
 				ErrorResult: params.ErrorResult{
@@ -121,15 +121,15 @@
 func (f Facade) AddPendingResources(args api.AddPendingResourcesArgs) (api.AddPendingResourcesResult, error) {
 	var result api.AddPendingResourcesResult
 
-	tag, apiErr := parseServiceTag(args.Tag)
+	tag, apiErr := parseApplicationTag(args.Tag)
 	if apiErr != nil {
 		result.Error = apiErr
 		return result, nil
 	}
-	serviceID := tag.Id()
+	applicationID := tag.Id()
 
 	channel := csparams.Channel(args.Channel)
-	ids, err := f.addPendingResources(serviceID, args.URL, channel, args.CharmStoreMacaroon, args.Resources)
+	ids, err := f.addPendingResources(applicationID, args.URL, channel, args.CharmStoreMacaroon, args.Resources)
 	if err != nil {
 		result.Error = common.ServerError(err)
 		return result, nil
@@ -138,7 +138,7 @@
 	return result, nil
 }
 
-func (f Facade) addPendingResources(serviceID, chRef string, channel csparams.Channel, csMac *macaroon.Macaroon, apiResources []api.CharmResource) ([]string, error) {
+func (f Facade) addPendingResources(applicationID, chRef string, channel csparams.Channel, csMac *macaroon.Macaroon, apiResources []api.CharmResource) ([]string, error) {
 	var resources []charmresource.Resource
 	for _, apiRes := range apiResources {
 		res, err := api.API2CharmResource(apiRes)
@@ -176,7 +176,7 @@
 
 	var ids []string
 	for _, res := range resources {
-		pendingID, err := f.addPendingResource(serviceID, res)
+		pendingID, err := f.addPendingResource(applicationID, res)
 		if err != nil {
 			// We don't bother aggregating errors since a partial
 			// completion is disruptive and a retry of this endpoint
@@ -305,25 +305,25 @@
 	return res, nil
 }
 
-func (f Facade) addPendingResource(serviceID string, chRes charmresource.Resource) (pendingID string, err error) {
+func (f Facade) addPendingResource(applicationID string, chRes charmresource.Resource) (pendingID string, err error) {
 	userID := ""
 	var reader io.Reader
-	pendingID, err = f.store.AddPendingResource(serviceID, userID, chRes, reader)
+	pendingID, err = f.store.AddPendingResource(applicationID, userID, chRes, reader)
 	if err != nil {
 		return "", errors.Annotatef(err, "while adding pending resource info for %q", chRes.Name)
 	}
 	return pendingID, nil
 }
 
-func parseServiceTag(tagStr string) (names.ServiceTag, *params.Error) { // note the concrete error type
-	serviceTag, err := names.ParseServiceTag(tagStr)
+func parseApplicationTag(tagStr string) (names.ApplicationTag, *params.Error) { // note the concrete error type
+	ApplicationTag, err := names.ParseApplicationTag(tagStr)
 	if err != nil {
-		return serviceTag, &params.Error{
+		return ApplicationTag, &params.Error{
 			Message: err.Error(),
 			Code:    params.CodeBadRequest,
 		}
 	}
-	return serviceTag, nil
+	return ApplicationTag, nil
 }
 
 func errorResult(err error) api.ResourcesResult {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/server_listresources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/server_listresources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/server_listresources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/server_listresources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/resource"
@@ -26,8 +26,8 @@
 	res1, apiRes1 := newResource(c, "spam", "a-user", "spamspamspam")
 	res2, apiRes2 := newResource(c, "eggs", "a-user", "...")
 
-	tag0 := names.NewUnitTag("a-service/0")
-	tag1 := names.NewUnitTag("a-service/1")
+	tag0 := names.NewUnitTag("a-application/0")
+	tag1 := names.NewUnitTag("a-application/1")
 
 	chres1 := res1.Resource
 	chres2 := res2.Resource
@@ -67,7 +67,7 @@
 
 	results, err := facade.ListResources(api.ListResourcesArgs{
 		Entities: []params.Entity{{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		}},
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -81,7 +81,7 @@
 			UnitResources: []api.UnitResources{
 				{
 					Entity: params.Entity{
-						Tag: "unit-a-service-0",
+						Tag: "unit-a-application-0",
 					},
 					Resources: []api.Resource{
 						apiRes1,
@@ -92,7 +92,7 @@
 					// we should have a listing for every unit, even if they
 					// have no resources.
 					Entity: params.Entity{
-						Tag: "unit-a-service-1",
+						Tag: "unit-a-application-1",
 					},
 				},
 			},
@@ -103,7 +103,7 @@
 		}},
 	})
 	s.stub.CheckCallNames(c, "ListResources")
-	s.stub.CheckCall(c, 0, "ListResources", "a-service")
+	s.stub.CheckCall(c, 0, "ListResources", "a-application")
 }
 
 func (s *ListResourcesSuite) TestEmpty(c *gc.C) {
@@ -112,7 +112,7 @@
 
 	results, err := facade.ListResources(api.ListResourcesArgs{
 		Entities: []params.Entity{{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		}},
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -131,7 +131,7 @@
 
 	results, err := facade.ListResources(api.ListResourcesArgs{
 		Entities: []params.Entity{{
-			Tag: "service-a-service",
+			Tag: "application-a-application",
 		}},
 	})
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/upload.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/upload.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/upload.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/upload.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,16 +19,16 @@
 // needed for handling upload requests.
 type UploadDataStore interface {
 	// GetResource returns the identified resource.
-	GetResource(serviceID, name string) (resource.Resource, error)
+	GetResource(applicationID, name string) (resource.Resource, error)
 
 	// GetPendingResource returns the identified resource.
-	GetPendingResource(serviceID, name, pendingID string) (resource.Resource, error)
+	GetPendingResource(applicationID, name, pendingID string) (resource.Resource, error)
 
 	// SetResource adds the resource to blob storage and updates the metadata.
-	SetResource(serviceID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
+	SetResource(applicationID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
 
 	// UpdatePendingResource adds the resource to blob storage and updates the metadata.
-	UpdatePendingResource(serviceID, pendingID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
+	UpdatePendingResource(applicationID, pendingID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
 }
 
 // TODO(ericsnow) Replace UploadedResource with resource.Opened.
@@ -36,7 +36,7 @@
 // UploadedResource holds both the information about an uploaded
 // resource and the reader containing its data.
 type UploadedResource struct {
-	// Service is the name of the service associated with the resource.
+	// Service is the name of the application associated with the resource.
 	Service string
 
 	// PendingID is the resource-specific sub-ID for a pending resource.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/upload_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/upload_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/server/upload_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/server/upload_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -56,14 +56,14 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, body := newUploadRequest(c, "spam", "a-service", content)
+	req, body := newUploadRequest(c, "spam", "a-application", content)
 
 	result, err := uh.HandleRequest(req)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "GetResource", "SetResource")
-	s.stub.CheckCall(c, 0, "GetResource", "a-service", "spam")
-	s.stub.CheckCall(c, 1, "SetResource", "a-service", "a-user", res.Resource, ioutil.NopCloser(body))
+	s.stub.CheckCall(c, 0, "GetResource", "a-application", "spam")
+	s.stub.CheckCall(c, 1, "SetResource", "a-application", "a-user", res.Resource, ioutil.NopCloser(body))
 	c.Check(result, jc.DeepEquals, &api.UploadResult{
 		Resource: api.Resource2API(res),
 	})
@@ -81,7 +81,7 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, _ := newUploadRequest(c, "spam", "a-service", content)
+	req, _ := newUploadRequest(c, "spam", "a-application", content)
 	req.Header.Set("Content-Disposition", "form-data; filename=different.ext")
 
 	_, err := uh.HandleRequest(req)
@@ -100,15 +100,15 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, body := newUploadRequest(c, "spam", "a-service", content)
+	req, body := newUploadRequest(c, "spam", "a-application", content)
 	req.URL.RawQuery += "&pendingid=some-unique-id"
 
 	result, err := uh.HandleRequest(req)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "GetPendingResource", "UpdatePendingResource")
-	s.stub.CheckCall(c, 0, "GetPendingResource", "a-service", "spam", "some-unique-id")
-	s.stub.CheckCall(c, 1, "UpdatePendingResource", "a-service", "some-unique-id", "a-user", res.Resource, ioutil.NopCloser(body))
+	s.stub.CheckCall(c, 0, "GetPendingResource", "a-application", "spam", "some-unique-id")
+	s.stub.CheckCall(c, 1, "UpdatePendingResource", "a-application", "some-unique-id", "a-user", res.Resource, ioutil.NopCloser(body))
 	c.Check(result, jc.DeepEquals, &api.UploadResult{
 		Resource: api.Resource2API(res),
 	})
@@ -122,7 +122,7 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, _ := newUploadRequest(c, "spam", "a-service", content)
+	req, _ := newUploadRequest(c, "spam", "a-application", content)
 	failure := errors.New("<failure>")
 	s.stub.SetErrors(nil, failure)
 
@@ -141,15 +141,15 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, body := newUploadRequest(c, "spam", "a-service", content)
+	req, body := newUploadRequest(c, "spam", "a-application", content)
 
 	uploaded, err := uh.ReadResource(req)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "GetResource")
-	s.stub.CheckCall(c, 0, "GetResource", "a-service", "spam")
+	s.stub.CheckCall(c, 0, "GetResource", "a-application", "spam")
 	c.Check(uploaded, jc.DeepEquals, &server.UploadedResource{
-		Service:  "a-service",
+		Service:  "a-application",
 		Resource: expected.Resource,
 		Data:     ioutil.NopCloser(body),
 	})
@@ -164,16 +164,16 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, body := newUploadRequest(c, "spam", "a-service", content)
+	req, body := newUploadRequest(c, "spam", "a-application", content)
 	req.URL.RawQuery += "&pendingid=some-unique-id"
 
 	uploaded, err := uh.ReadResource(req)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "GetPendingResource")
-	s.stub.CheckCall(c, 0, "GetPendingResource", "a-service", "spam", "some-unique-id")
+	s.stub.CheckCall(c, 0, "GetPendingResource", "a-application", "spam", "some-unique-id")
 	c.Check(uploaded, jc.DeepEquals, &server.UploadedResource{
-		Service:   "a-service",
+		Service:   "a-application",
 		PendingID: "some-unique-id",
 		Resource:  expected.Resource,
 		Data:      ioutil.NopCloser(body),
@@ -185,7 +185,7 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, _ := newUploadRequest(c, "spam", "a-service", "<some data>")
+	req, _ := newUploadRequest(c, "spam", "a-application", "<some data>")
 	req.Header.Set("Content-Type", "text/plain")
 
 	_, err := uh.ReadResource(req)
@@ -199,7 +199,7 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, _ := newUploadRequest(c, "spam", "a-service", "<some data>")
+	req, _ := newUploadRequest(c, "spam", "a-application", "<some data>")
 	failure := errors.New("<failure>")
 	s.stub.SetErrors(failure)
 
@@ -216,7 +216,7 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, _ := newUploadRequest(c, "spam", "a-service", "<some data>")
+	req, _ := newUploadRequest(c, "spam", "a-application", "<some data>")
 	req.Header.Set("Content-SHA384", "bogus")
 
 	_, err := uh.ReadResource(req)
@@ -232,7 +232,7 @@
 		Username: "a-user",
 		Store:    s.data,
 	}
-	req, _ := newUploadRequest(c, "spam", "a-service", "<some data>")
+	req, _ := newUploadRequest(c, "spam", "a-application", "<some data>")
 	req.Header.Set("Content-Length", "should-be-an-int")
 
 	_, err := uh.ReadResource(req)
@@ -246,8 +246,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	method := "PUT"
-	urlStr := "https://api:17017/services/%s/resources/%s"
-	urlStr += "?:service=%s&:resource=%s" // ...added by the mux.
+	urlStr := "https://api:17017/applications/%s/resources/%s"
+	urlStr += "?:application=%s&:resource=%s" // ...added by the mux.
 	urlStr = fmt.Sprintf(urlStr, service, name, service, name)
 	body := strings.NewReader(content)
 	req, err := http.NewRequest(method, urlStr, body)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/upload.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/upload.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/api/upload.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/api/upload.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,15 +10,15 @@
 	"strconv"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/resource"
 )
 
 // UploadRequest defines a single upload request.
 type UploadRequest struct {
-	// Service is the service ID.
+	// Service is the application ID.
 	Service string
 
 	// Name is the resource name.
@@ -39,8 +39,8 @@
 
 // NewUploadRequest generates a new upload request for the given resource.
 func NewUploadRequest(service, name, filename string, r io.ReadSeeker) (UploadRequest, error) {
-	if !names.IsValidService(service) {
-		return UploadRequest{}, errors.Errorf("invalid service %q", service)
+	if !names.IsValidApplication(service) {
+		return UploadRequest{}, errors.Errorf("invalid application %q", service)
 	}
 
 	content, err := resource.GenerateContent(r)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/charmstore/cache.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/charmstore/cache.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/charmstore/cache.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/charmstore/cache.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 )
 
 // EntityCache exposes the functionality needed to cache data from
-// the charm store. The operations apply to a single service (or unit).
+// the charm store. The operations apply to a single application (or unit).
 type EntityCache interface {
 	// GetResource returns the resource data for the identified resource.
 	GetResource(name string) (resource.Resource, error)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/deploy.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/deploy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/deploy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/deploy.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,18 +19,18 @@
 // for deploy.
 type DeployClient interface {
 	// AddPendingResources adds pending metadata for store-based resources.
-	AddPendingResources(serviceID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) (ids []string, err error)
+	AddPendingResources(applicationID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) (ids []string, err error)
 
-	// AddPendingResource uploads data and metadata for a pending resource for the given service.
-	AddPendingResource(serviceID string, resource charmresource.Resource, filename string, r io.ReadSeeker) (id string, err error)
+	// AddPendingResource uploads data and metadata for a pending resource for the given application.
+	AddPendingResource(applicationID string, resource charmresource.Resource, filename string, r io.ReadSeeker) (id string, err error)
 }
 
 // DeployResourcesArgs holds the arguments to DeployResources().
 type DeployResourcesArgs struct {
-	// ServiceID identifies the service being deployed.
-	ServiceID string
+	// ApplicationID identifies the application being deployed.
+	ApplicationID string
 
-	// CharmID identifies the service's charm.
+	// CharmID identifies the application's charm.
 	CharmID charmstore.CharmID
 
 	// CharmStoreMacaroon is the macaroon to use for the charm when
@@ -58,13 +58,13 @@
 // metadata. It returns a map of resource name to pending resource IDs.
 func DeployResources(args DeployResourcesArgs) (ids map[string]string, err error) {
 	d := deployUploader{
-		serviceID: args.ServiceID,
-		chID:      args.CharmID,
-		csMac:     args.CharmStoreMacaroon,
-		client:    args.Client,
-		resources: args.ResourcesMeta,
-		osOpen:    func(s string) (ReadSeekCloser, error) { return os.Open(s) },
-		osStat:    func(s string) error { _, err := os.Stat(s); return err },
+		applicationID: args.ApplicationID,
+		chID:          args.CharmID,
+		csMac:         args.CharmStoreMacaroon,
+		client:        args.Client,
+		resources:     args.ResourcesMeta,
+		osOpen:        func(s string) (ReadSeekCloser, error) { return os.Open(s) },
+		osStat:        func(s string) error { _, err := os.Stat(s); return err },
 	}
 
 	ids, err = d.upload(args.Filenames, args.Revisions)
@@ -75,13 +75,13 @@
 }
 
 type deployUploader struct {
-	serviceID string
-	chID      charmstore.CharmID
-	csMac     *macaroon.Macaroon
-	resources map[string]charmresource.Meta
-	client    DeployClient
-	osOpen    func(path string) (ReadSeekCloser, error)
-	osStat    func(path string) error
+	applicationID string
+	chID          charmstore.CharmID
+	csMac         *macaroon.Macaroon
+	resources     map[string]charmresource.Meta
+	client        DeployClient
+	osOpen        func(path string) (ReadSeekCloser, error)
+	osStat        func(path string) error
 }
 
 func (d deployUploader) upload(files map[string]string, revisions map[string]int) (map[string]string, error) {
@@ -100,7 +100,7 @@
 	storeResources := d.storeResources(files, revisions)
 	pending := map[string]string{}
 	if len(storeResources) > 0 {
-		ids, err := d.client.AddPendingResources(d.serviceID, d.chID, d.csMac, storeResources)
+		ids, err := d.client.AddPendingResources(d.applicationID, d.chID, d.csMac, storeResources)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -188,7 +188,7 @@
 		Origin: charmresource.OriginUpload,
 	}
 
-	id, err = d.client.AddPendingResource(d.serviceID, res, filename, f)
+	id, err = d.client.AddPendingResource(d.applicationID, res, filename, f)
 	if err != nil {
 		return "", errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/deploy_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/deploy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/deploy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/deploy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -54,7 +54,7 @@
 	}
 
 	ids, err := DeployResources(DeployResourcesArgs{
-		ServiceID:          "mysql",
+		ApplicationID:      "mysql",
 		CharmID:            chID,
 		CharmStoreMacaroon: csMac,
 		Filenames:          nil,
@@ -88,10 +88,10 @@
 	}
 	csMac := &macaroon.Macaroon{}
 	du := deployUploader{
-		serviceID: "mysql",
-		chID:      chID,
-		csMac:     csMac,
-		client:    deps,
+		applicationID: "mysql",
+		chID:          chID,
+		csMac:         csMac,
+		client:        deps,
 		resources: map[string]charmresource.Meta{
 			"upload": {
 				Name: "upload",
@@ -145,10 +145,10 @@
 	}
 	csMac := &macaroon.Macaroon{}
 	du := deployUploader{
-		serviceID: "mysql",
-		chID:      chID,
-		csMac:     csMac,
-		client:    deps,
+		applicationID: "mysql",
+		chID:          chID,
+		csMac:         csMac,
+		client:        deps,
 		resources: map[string]charmresource.Meta{
 			"upload": {
 				Name: "upload",
@@ -197,10 +197,10 @@
 	}
 	csMac := &macaroon.Macaroon{}
 	du := deployUploader{
-		serviceID: "mysql",
-		chID:      chID,
-		csMac:     csMac,
-		client:    deps,
+		applicationID: "mysql",
+		chID:          chID,
+		csMac:         csMac,
+		client:        deps,
 		resources: map[string]charmresource.Meta{
 			"upload": {
 				Name: "upload",
@@ -251,8 +251,8 @@
 func (s DeploySuite) TestUploadUnexpectedResourceFile(c *gc.C) {
 	deps := uploadDeps{s.stub, rsc{&bytes.Buffer{}}}
 	du := deployUploader{
-		serviceID: "mysql",
-		client:    deps,
+		applicationID: "mysql",
+		client:        deps,
 		resources: map[string]charmresource.Meta{
 			"res1": {
 				Name: "res1",
@@ -275,8 +275,8 @@
 func (s DeploySuite) TestUploadUnexpectedResourceRevision(c *gc.C) {
 	deps := uploadDeps{s.stub, rsc{&bytes.Buffer{}}}
 	du := deployUploader{
-		serviceID: "mysql",
-		client:    deps,
+		applicationID: "mysql",
+		client:        deps,
 		resources: map[string]charmresource.Meta{
 			"res1": {
 				Name: "res1",
@@ -299,8 +299,8 @@
 func (s DeploySuite) TestMissingResource(c *gc.C) {
 	deps := uploadDeps{s.stub, rsc{&bytes.Buffer{}}}
 	du := deployUploader{
-		serviceID: "mysql",
-		client:    deps,
+		applicationID: "mysql",
+		client:        deps,
 		resources: map[string]charmresource.Meta{
 			"res1": {
 				Name: "res1",
@@ -327,9 +327,9 @@
 	ReadSeekCloser ReadSeekCloser
 }
 
-func (s uploadDeps) AddPendingResources(serviceID string, charmID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) (ids []string, err error) {
+func (s uploadDeps) AddPendingResources(applicationID string, charmID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) (ids []string, err error) {
 	charmresource.Sort(resources)
-	s.stub.AddCall("AddPendingResources", serviceID, charmID, csMac, resources)
+	s.stub.AddCall("AddPendingResources", applicationID, charmID, csMac, resources)
 	if err := s.stub.NextErr(); err != nil {
 		return nil, err
 	}
@@ -340,8 +340,8 @@
 	return ids, nil
 }
 
-func (s uploadDeps) AddPendingResource(serviceID string, resource charmresource.Resource, filename string, r io.ReadSeeker) (id string, err error) {
-	s.stub.AddCall("AddPendingResource", serviceID, resource, filename, r)
+func (s uploadDeps) AddPendingResource(applicationID string, resource charmresource.Resource, filename string, r io.ReadSeeker) (id string, err error) {
+	s.stub.AddCall("AddPendingResource", applicationID, resource, filename, r)
 	if err := s.stub.NextErr(); err != nil {
 		return "", err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/formatted.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/formatted.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/formatted.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/formatted.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,7 @@
 }
 
 // FormattedServiceInfo holds the formatted representation of the information
-// about a service's resources.
+// about an application's resources.
 type FormattedServiceInfo struct {
 	Resources []FormattedSvcResource   `json:"resources,omitempty" yaml:"resources,omitempty"`
 	Updates   []FormattedCharmResource `json:"updates,omitempty" yaml:"updates,omitempty"`
@@ -28,19 +28,19 @@
 // FormattedSvcResource holds the formatted representation of a resource's info.
 type FormattedSvcResource struct {
 	// These fields are exported for the sake of serialization.
-	ID          string    `json:"resourceid,omitempty" yaml:"resourceid,omitempty"`
-	ServiceID   string    `json:"serviceid,omitempty" yaml:"serviceid,omitempty"`
-	Name        string    `json:"name" yaml:"name"`
-	Type        string    `json:"type" yaml:"type"`
-	Path        string    `json:"path" yaml:"path"`
-	Description string    `json:"description,omitempty" yaml:"description,omitempty"`
-	Revision    int       `json:"revision,omitempty" yaml:"revision,omitempty"`
-	Fingerprint string    `json:"fingerprint" yaml:"fingerprint"`
-	Size        int64     `json:"size" yaml:"size"`
-	Origin      string    `json:"origin" yaml:"origin"`
-	Used        bool      `json:"used" yaml:"used"`
-	Timestamp   time.Time `json:"timestamp,omitempty" yaml:"timestamp,omitempty"`
-	Username    string    `json:"username,omitempty" yaml:"username,omitempty"`
+	ID            string    `json:"resourceid,omitempty" yaml:"resourceid,omitempty"`
+	ApplicationID string    `json:"applicationId,omitempty" yaml:"applicationId,omitempty"`
+	Name          string    `json:"name" yaml:"name"`
+	Type          string    `json:"type" yaml:"type"`
+	Path          string    `json:"path" yaml:"path"`
+	Description   string    `json:"description,omitempty" yaml:"description,omitempty"`
+	Revision      int       `json:"revision,omitempty" yaml:"revision,omitempty"`
+	Fingerprint   string    `json:"fingerprint" yaml:"fingerprint"`
+	Size          int64     `json:"size" yaml:"size"`
+	Origin        string    `json:"origin" yaml:"origin"`
+	Used          bool      `json:"used" yaml:"used"`
+	Timestamp     time.Time `json:"timestamp,omitempty" yaml:"timestamp,omitempty"`
+	Username      string    `json:"username,omitempty" yaml:"username,omitempty"`
 
 	// These fields are not exported so they won't be serialized, since they are
 	// specific to the tabular output.
@@ -53,7 +53,7 @@
 type FormattedUnitResource FormattedSvcResource
 
 // FormattedDetailResource is the data for a single line of tabular output for
-// juju resources <service> --details.
+// juju resources <application> --details.
 type FormattedDetailResource struct {
 	UnitID      string               `json:"unitID" yaml:"unitID"`
 	Unit        FormattedSvcResource `json:"unit" yaml:"unit"`
@@ -65,7 +65,7 @@
 }
 
 // FormattedServiceDetails is the data for the tabular output for juju resources
-// <service> --details.
+// <application> --details.
 type FormattedServiceDetails struct {
 	Resources []FormattedDetailResource `json:"resources,omitempty" yaml:"resources,omitempty"`
 	Updates   []FormattedCharmResource  `json:"updates,omitempty" yaml:"updates,omitempty"`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/formatter.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/formatter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/formatter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/formatter.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/juju/resource"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 type charmResourcesFormatter struct {
@@ -59,7 +59,7 @@
 	used := !res.IsPlaceholder()
 	return FormattedSvcResource{
 		ID:               res.ID,
-		ServiceID:        res.ServiceID,
+		ApplicationID:    res.ApplicationID,
 		Name:             res.Name,
 		Type:             res.Type.String(),
 		Path:             res.Path,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/formatter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/formatter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/formatter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/formatter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,11 @@
 	"strings"
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/resource"
 )
@@ -62,16 +62,16 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		Username:  "Bill User",
-		Timestamp: time.Now().Add(-1 * time.Hour * 24 * 365),
-		ID:        "a-service/website",
-		ServiceID: "a-service",
+		Username:      "Bill User",
+		Timestamp:     time.Now().Add(-1 * time.Hour * 24 * 365),
+		ID:            "a-application/website",
+		ApplicationID: "a-application",
 	}
 
 	f := FormatSvcResource(r)
 	c.Assert(f, gc.Equals, FormattedSvcResource{
-		ID:               "a-service/website",
-		ServiceID:        "a-service",
+		ID:               "a-application/website",
+		ApplicationID:    "a-application",
 		Name:             r.Name,
 		Type:             "file",
 		Path:             r.Path,
@@ -107,7 +107,7 @@
 }
 
 func (s *SvcFormatterSuite) TestOriginUploadDeployed(c *gc.C) {
-	// represents what we get when we first deploy a service
+	// represents what we get when we first deploy an application
 	r := resource.Resource{
 		Resource: charmresource.Resource{
 			Origin: charmresource.OriginUpload,
@@ -152,10 +152,10 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		Username:  "Bill User",
-		Timestamp: time.Now().Add(-1 * time.Hour * 24 * 365),
-		ID:        "a-service/website",
-		ServiceID: "a-service",
+		Username:      "Bill User",
+		Timestamp:     time.Now().Add(-1 * time.Hour * 24 * 365),
+		ID:            "a-application/website",
+		ApplicationID: "a-application",
 	}
 
 	fp2, err := charmresource.GenerateFingerprint(strings.NewReader("other"))
@@ -174,19 +174,19 @@
 			Fingerprint: fp2,
 			Size:        15,
 		},
-		Username:  "Bill User",
-		Timestamp: time.Now(),
-		ID:        "a-service/website",
-		ServiceID: "a-service",
+		Username:      "Bill User",
+		Timestamp:     time.Now(),
+		ID:            "a-application/website",
+		ApplicationID: "a-application",
 	}
-	tag := names.NewUnitTag("a-service/55")
+	tag := names.NewUnitTag("a-application/55")
 
 	d, err := FormatDetailResource(tag, svc, unit, 8)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(d, gc.Equals,
 		FormattedDetailResource{
 			unitNumber:  55,
-			UnitID:      "a-service/55",
+			UnitID:      "a-application/55",
 			Expected:    FormatSvcResource(svc),
 			Progress:    8,
 			progress:    "80%",
@@ -213,21 +213,21 @@
 			Fingerprint: fp,
 			Size:        10,
 		},
-		Username:  "Bill User",
-		Timestamp: time.Now().Add(-1 * time.Hour * 24 * 365),
-		ID:        "a-service/website",
-		ServiceID: "a-service",
+		Username:      "Bill User",
+		Timestamp:     time.Now().Add(-1 * time.Hour * 24 * 365),
+		ID:            "a-application/website",
+		ApplicationID: "a-application",
 	}
 
 	unit := resource.Resource{}
-	tag := names.NewUnitTag("a-service/55")
+	tag := names.NewUnitTag("a-application/55")
 
 	d, err := FormatDetailResource(tag, svc, unit, 0)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(d, gc.Equals,
 		FormattedDetailResource{
 			unitNumber:  55,
-			UnitID:      "a-service/55",
+			UnitID:      "a-application/55",
 			Expected:    FormatSvcResource(svc),
 			Progress:    0,
 			progress:    "0%",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/list_charm_resources.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/list_charm_resources.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/list_charm_resources.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/list_charm_resources.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,7 +33,7 @@
 	Close() error
 }
 
-// ListCharmResourcesCommand implements the "juju charm list-resources" command.
+// ListCharmResourcesCommand implements the "juju charm resources" command.
 type ListCharmResourcesCommand struct {
 	modelcmd.ModelCommandBase
 	CharmCommandBase
@@ -71,11 +71,11 @@
 // Info implements cmd.Command.
 func (c *ListCharmResourcesCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-resources",
+		Name:    "resources",
 		Args:    "<charm>",
 		Purpose: "display the resources for a charm in the charm store",
 		Doc:     listCharmResourcesDoc,
-		Aliases: []string{"resources"},
+		Aliases: []string{"list-resources"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/list_charm_resources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/list_charm_resources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/list_charm_resources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/list_charm_resources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -46,7 +46,7 @@
 	info := command.Info()
 
 	c.Check(info, jc.DeepEquals, &jujucmd.Info{
-		Name:    "list-resources",
+		Name:    "resources",
 		Args:    "<charm>",
 		Purpose: "display the resources for a charm in the charm store",
 		Doc: `
@@ -65,7 +65,7 @@
 Where the series is not supplied, the series from your local host is used.
 Thus the above examples imply that the local series is trusty.
 `,
-		Aliases: []string{"resources"},
+		Aliases: []string{"list-resources"},
 	})
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/output_tabular_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/output_tabular_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/output_tabular_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/output_tabular_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -351,7 +351,7 @@
 func fakeFmtSvcRes(name, suffix string) FormattedSvcResource {
 	return FormattedSvcResource{
 		ID:               "ID" + suffix,
-		ServiceID:        "svc",
+		ApplicationID:    "svc",
 		Name:             name,
 		Type:             "Type" + suffix,
 		Path:             "Path + suffix",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/show_service.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/show_service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/show_service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/show_service.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 
 	"github.com/juju/juju/cmd/modelcmd"
@@ -15,7 +15,7 @@
 
 // ShowServiceClient has the API client methods needed by ShowServiceCommand.
 type ShowServiceClient interface {
-	// ListResources returns info about resources for services in the model.
+	// ListResources returns info about resources for applications in the model.
 	ListResources(services []string) ([]resource.ServiceResources, error)
 	// Close closes the connection.
 	Close() error
@@ -24,7 +24,7 @@
 // ShowServiceDeps is a type that contains external functions that ShowService
 // depends on to function.
 type ShowServiceDeps struct {
-	// NewClient returns the value that wraps the API for showing service
+	// NewClient returns the value that wraps the API for showing application
 	// resources from the server.
 	NewClient func(*ShowServiceCommand) (ShowServiceClient, error)
 }
@@ -48,13 +48,13 @@
 // Info implements cmd.Command.Info.
 func (c *ShowServiceCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-resources",
-		Aliases: []string{"resources"},
-		Args:    "service-or-unit",
+		Name:    "resources",
+		Aliases: []string{"list-resources"},
+		Args:    "application-or-unit",
 		Purpose: "show the resources for a service or unit",
 		Doc: `
 This command shows the resources required by and those in use by an existing
-service or unit in your model.  When run for a service, it will also show any
+application or unit in your model.  When run for an application, it will also show any
 updates available for resources from the charmstore.
 `,
 	}
@@ -76,7 +76,7 @@
 // errors.BadRequest if you give it an incorrect number of arguments.
 func (c *ShowServiceCommand) Init(args []string) error {
 	if len(args) == 0 {
-		return errors.NewBadRequest(nil, "missing service name")
+		return errors.NewBadRequest(nil, "missing application name")
 	}
 	c.target = args[0]
 	if err := cmd.CheckEmpty(args[1:]); err != nil {
@@ -95,12 +95,12 @@
 
 	var unit string
 	var service string
-	if names.IsValidService(c.target) {
+	if names.IsValidApplication(c.target) {
 		service = c.target
 	} else {
-		service, err = names.UnitService(c.target)
+		service, err = names.UnitApplication(c.target)
 		if err != nil {
-			return errors.Errorf("%q is neither a service nor a unit", c.target)
+			return errors.Errorf("%q is neither an application nor a unit", c.target)
 		}
 		unit = c.target
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/show_service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/show_service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/show_service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/show_service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 
 	jujucmd "github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/resource"
 )
@@ -61,13 +61,13 @@
 	info := command.Info()
 
 	c.Check(info, jc.DeepEquals, &jujucmd.Info{
-		Name:    "list-resources",
-		Aliases: []string{"resources"},
-		Args:    "service-or-unit",
+		Name:    "resources",
+		Aliases: []string{"list-resources"},
+		Args:    "application-or-unit",
 		Purpose: "show the resources for a service or unit",
 		Doc: `
 This command shows the resources required by and those in use by an existing
-service or unit in your model.  When run for a service, it will also show any
+application or unit in your model.  When run for an application, it will also show any
 updates available for resources from the charmstore.
 `,
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/upload.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/upload.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/upload.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/upload.go	2016-07-18 19:45:44.000000000 +0000
@@ -55,11 +55,11 @@
 func (c *UploadCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "attach",
-		Args:    "service name=file",
-		Purpose: "upload a file as a resource for a service",
+		Args:    "application name=file",
+		Purpose: "upload a file as a resource for an application",
 		Doc: `
 This command uploads a file from your local disk to the juju controller to be
-used as a resource for a service.
+used as a resource for an application.
 `,
 	}
 }
@@ -69,14 +69,14 @@
 func (c *UploadCommand) Init(args []string) error {
 	switch len(args) {
 	case 0:
-		return errors.BadRequestf("missing service name")
+		return errors.BadRequestf("missing application name")
 	case 1:
 		return errors.BadRequestf("no resource specified")
 	}
 
 	service := args[0]
-	if service == "" { // TODO(ericsnow) names.IsValidService
-		return errors.NewNotValid(nil, "missing service name")
+	if service == "" { // TODO(ericsnow) names.IsValidApplication
+		return errors.NewNotValid(nil, "missing application name")
 	}
 	c.service = service
 
@@ -121,7 +121,7 @@
 }
 
 // upload opens the given file and calls the apiclient to upload it to the given
-// service with the given name.
+// application with the given name.
 func (c *UploadCommand) upload(rf resourceFile, client UploadClient) error {
 	f, err := c.deps.OpenResource(rf.filename)
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/upload_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/upload_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/cmd/upload_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/cmd/upload_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -90,11 +90,11 @@
 
 	c.Check(info, jc.DeepEquals, &jujucmd.Info{
 		Name:    "attach",
-		Args:    "service name=file",
-		Purpose: "upload a file as a resource for a service",
+		Args:    "application name=file",
+		Purpose: "upload a file as a resource for an application",
 		Doc: `
 This command uploads a file from your local disk to the juju controller to be
-used as a resource for a service.
+used as a resource for an application.
 `,
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/component.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/component.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/component.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/component.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,3 +8,6 @@
 
 // ComponentName is the name of the Juju component for resource management.
 const ComponentName = "resources"
+
+// FacadeName is the name of the api server facade.
+const FacadeName = "Resources"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/cmd/get.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/cmd/get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/cmd/get.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/cmd/get.go	2016-07-18 19:45:44.000000000 +0000
@@ -45,15 +45,15 @@
 
 If "resource-get" for a resource has not been run before (for the unit)
 then the resource is downloaded from the controller at the revision
-associated with the unit's service. That file is stored in the unit's
+associated with the unit's application. That file is stored in the unit's
 local cache. If "resource-get" *has* been run before then each
 subsequent run syncs the resource with the controller. This ensures
 that the revision of the unit-local copy of the resource matches the
-revision of the resource associated with the unit's service.
+revision of the resource associated with the unit's application.
 
 Either way, the path provided by "resource-get" references the
 up-to-date file for the resource. Note that the resource may get
-updated on the controller for the service at any time, meaning the
+updated on the controller for the application at any time, meaning the
 cached copy *may* be out of date at any time after you call
 "resource-get". Consequently, the command should be run at every
 point where it is critical that the resource be up to date.
@@ -61,7 +61,7 @@
 The "upgrade-charm" hook is useful for keeping your charm's resources
 on a unit up to date.  Run "resource-get" there for each of your
 charm's resources to do so. The hook fires whenever the the file for
-one of the service's resources changes on the controller (in addition
+one of the application's resources changes on the controller (in addition
 to when the charm itself changes). That means it happens in response
 to "juju upgrade-charm" as well as to "juju push-resource".
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/context.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/context.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/context.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/context.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,12 +21,12 @@
 var logger = loggo.GetLogger("juju.resource.context")
 
 // HookContextFacade is the name of the API facade for resources in the uniter.
-const HookContextFacade = resource.ComponentName + "-hook-context"
+const HookContextFacade = "ResourcesHookContext"
 
 // APIClient exposes the uniter API functionality needed for resources.
 type APIClient interface {
 	// GetResource returns the resource info and content for the given
-	// name (and unit-implied service).
+	// name (and unit-implied application).
 	GetResource(resourceName string) (resource.Resource, io.ReadCloser, error)
 }
 
@@ -147,6 +147,10 @@
 	return err
 }
 
+func (deps contextDeps) FingerprintMatches(filename string, expected charmresource.Fingerprint) (bool, error) {
+	return FingerprintMatcher{}.FingerprintMatches(filename, expected)
+}
+
 func (deps contextDeps) Join(path ...string) string {
 	return filepath.Join(path...)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/base_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/base_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/base_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/base_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
 )
 
 func newResource(c *gc.C, stub *testing.Stub, name, content string) (resource.Resource, io.ReadCloser) {
-	opened := resourcetesting.NewResource(c, stub, name, "a-service", content)
+	opened := resourcetesting.NewResource(c, stub, name, "a-application", content)
 	res := opened.Resource
 	if content != "" {
 		return res, opened.ReadCloser
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/resourcedir.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/resourcedir.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/resourcedir.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/resourcedir.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,6 +10,7 @@
 	"io"
 
 	"github.com/juju/errors"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
 )
 
 // DirectorySpec identifies information for a resource directory.
@@ -46,8 +47,9 @@
 
 // IsUpToDate determines whether or not the content matches the resource directory.
 func (spec DirectorySpec) IsUpToDate(content Content) (bool, error) {
-	// TODO(katco): Check to see if we have latest version
-	return false, nil
+	filename := spec.Resolve(spec.Name)
+	ok, err := spec.Deps.FingerprintMatches(filename, content.Fingerprint)
+	return ok, errors.Trace(err)
 }
 
 // Initialize preps the spec'ed directory and returns it.
@@ -63,6 +65,10 @@
 type DirectorySpecDeps interface {
 	DirectoryDeps
 
+	// FingerprintMatches determines whether or not the identified file
+	// exists and has the provided fingerprint.
+	FingerprintMatches(filename string, fp charmresource.Fingerprint) (bool, error)
+
 	// Join exposes the functionality of filepath.Join().
 	Join(...string) string
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/resourcedir_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/resourcedir_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/resourcedir_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/resourcedir_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -65,13 +65,14 @@
 	c.Check(resolved, gc.Equals, dataDir+"/eggs")
 }
 
-func (s *DirectorySpecSuite) TestIsUpToDate(c *gc.C) {
+func (s *DirectorySpecSuite) TestIsUpToDateTrue(c *gc.C) {
 	info, reader := newResource(c, s.stub.Stub, "spam", "some data")
 	content := internal.Content{
 		Data:        reader,
 		Size:        info.Size,
 		Fingerprint: info.Fingerprint,
 	}
+	s.stub.ReturnFingerprintMatches = true
 	dataDir := "/var/lib/juju/agents/unit-spam-1/resources"
 	deps := s.stub
 	spec := internal.NewDirectorySpec(dataDir, "eggs", deps)
@@ -80,8 +81,49 @@
 	isUpToDate, err := spec.IsUpToDate(content)
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckNoCalls(c)
-	c.Check(isUpToDate, jc.IsFalse) // For now, always...
+	s.stub.CheckCallNames(c, "Join", "FingerprintMatches")
+	c.Check(isUpToDate, jc.IsTrue)
+}
+
+func (s *DirectorySpecSuite) TestIsUpToDateFalse(c *gc.C) {
+	info, reader := newResource(c, s.stub.Stub, "spam", "some data")
+	content := internal.Content{
+		Data:        reader,
+		Size:        info.Size,
+		Fingerprint: info.Fingerprint,
+	}
+	s.stub.ReturnFingerprintMatches = false
+	dataDir := "/var/lib/juju/agents/unit-spam-1/resources"
+	deps := s.stub
+	spec := internal.NewDirectorySpec(dataDir, "eggs", deps)
+	s.stub.ResetCalls()
+
+	isUpToDate, err := spec.IsUpToDate(content)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "Join", "FingerprintMatches")
+	c.Check(isUpToDate, jc.IsFalse)
+}
+
+func (s *DirectorySpecSuite) TestIsUpToDateCalls(c *gc.C) {
+	info, reader := newResource(c, s.stub.Stub, "spam", "some data")
+	content := internal.Content{
+		Data:        reader,
+		Size:        info.Size,
+		Fingerprint: info.Fingerprint,
+	}
+	dataDir := "/var/lib/juju/agents/unit-spam-1/resources"
+	deps := s.stub
+	spec := internal.NewDirectorySpec(dataDir, "eggs", deps)
+	s.stub.ResetCalls()
+
+	_, err := spec.IsUpToDate(content)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "Join", "FingerprintMatches")
+	dirname := s.stub.Join(dataDir, "eggs")
+	s.stub.CheckCall(c, 0, "Join", []string{dirname, "eggs"})
+	s.stub.CheckCall(c, 1, "FingerprintMatches", s.stub.Join(dirname, "eggs"), info.Fingerprint)
 }
 
 func (s *DirectorySpecSuite) TestInitialize(c *gc.C) {
@@ -177,7 +219,7 @@
 }
 
 func (s *DirectorySuite) TestWrite(c *gc.C) {
-	res := resourcetesting.NewResource(c, s.stub.Stub, "spam", "a-service", "some data")
+	res := resourcetesting.NewResource(c, s.stub.Stub, "spam", "a-application", "some data")
 	stub := &stubDirectory{
 		internalStub: s.stub,
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/resource.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/resource.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/resource.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/resource.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,7 +17,7 @@
 // OpenedResourceClient exposes the API functionality needed by OpenResource.
 type OpenedResourceClient interface {
 	// GetResource returns the resource info and content for the given
-	// name (and unit-implied service).
+	// name (and unit-implied application).
 	GetResource(resourceName string) (resource.Resource, io.ReadCloser, error)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/stub_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/stub_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/internal/stub_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/internal/stub_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,6 +9,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/testing"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
 
 	"github.com/juju/juju/resource"
 	"github.com/juju/juju/resource/context/internal"
@@ -25,6 +26,7 @@
 	ReturnNewChecker              internal.ContentChecker
 	ReturnCreateWriter            io.WriteCloser
 	ReturnNewTempDir              string
+	ReturnFingerprintMatches      bool
 }
 
 func newInternalStub() *internalStub {
@@ -169,6 +171,14 @@
 
 	return nil
 }
+func (s *internalStub) FingerprintMatches(filename string, fp charmresource.Fingerprint) (bool, error) {
+	s.Stub.AddCall("FingerprintMatches", filename, fp)
+	if err := s.Stub.NextErr(); err != nil {
+		return false, errors.Trace(err)
+	}
+
+	return s.ReturnFingerprintMatches, nil
+}
 
 func (s *internalStub) Join(pth ...string) string {
 	s.Stub.AddCall("Join", pth)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/utils.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/utils.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/utils.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/utils.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,54 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package context
+
+import (
+	"io"
+	"os"
+
+	"github.com/juju/errors"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+)
+
+// TODO(ericsnow) Move FingerprintMatcher to charm/resource (or even utils/hash)?
+
+// FingerprintMatcher supports verifying a file's fingerprint.
+type FingerprintMatcher struct {
+	// Open opens the identified file. It defaults to os.Open.
+	Open func(filename string) (io.ReadCloser, error)
+
+	// GenerateFingerprint produces the fingerprint that corresponds
+	// to the content of the provided reader. It defaults to
+	// charmresource.GenerateFingerprint.
+	GenerateFingerprint func(io.Reader) (charmresource.Fingerprint, error)
+}
+
+// FingerprintMatches determines whether or not the identified file's
+// fingerprint matches the expected fingerprint.
+func (fpm FingerprintMatcher) FingerprintMatches(filename string, expected charmresource.Fingerprint) (bool, error) {
+	open := fpm.Open
+	if open == nil {
+		open = func(filename string) (io.ReadCloser, error) { return os.Open(filename) }
+	}
+	generateFingerprint := fpm.GenerateFingerprint
+	if generateFingerprint == nil {
+		generateFingerprint = charmresource.GenerateFingerprint
+	}
+
+	file, err := open(filename)
+	if os.IsNotExist(errors.Cause(err)) {
+		return false, nil
+	}
+	if err != nil {
+		return false, errors.Trace(err)
+	}
+	defer file.Close()
+
+	fp, err := generateFingerprint(file)
+	if err != nil {
+		return false, errors.Trace(err)
+	}
+	matches := (fp.String() == expected.String())
+	return matches, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/utils_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/utils_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/context/utils_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/context/utils_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,148 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package context_test
+
+import (
+	"bytes"
+	"io"
+	"os"
+	"strings"
+
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/testing/filetesting"
+	gc "gopkg.in/check.v1"
+	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+
+	"github.com/juju/juju/resource/context"
+)
+
+var _ = gc.Suite(&UtilsSuite{})
+
+type UtilsSuite struct {
+	testing.IsolationSuite
+
+	stub    *testing.Stub
+	matcher *stubMatcher
+}
+
+func (s *UtilsSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+
+	s.stub = &testing.Stub{}
+	s.matcher = &stubMatcher{stub: s.stub}
+}
+
+func (s *UtilsSuite) newReader(c *gc.C, content string) (io.ReadCloser, charmresource.Fingerprint) {
+	r := filetesting.NewStubFile(s.stub, bytes.NewBufferString(content))
+
+	tmpReader := strings.NewReader(content)
+	fp, err := charmresource.GenerateFingerprint(tmpReader)
+	c.Assert(err, jc.ErrorIsNil)
+
+	return r, fp
+}
+
+func (s *UtilsSuite) TestFingerprintMatchesOkay(c *gc.C) {
+	r, expected := s.newReader(c, "spam")
+	s.matcher.ReturnOpen = r
+	s.matcher.ReturnGenerateFingerprint = expected
+	matcher := context.FingerprintMatcher{
+		Open:                s.matcher.Open,
+		GenerateFingerprint: s.matcher.GenerateFingerprint,
+	}
+
+	matches, err := matcher.FingerprintMatches("some/filename.txt", expected)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(matches, jc.IsTrue)
+}
+
+func (s *UtilsSuite) TestFingerprintMatchesDepCalls(c *gc.C) {
+	r, expected := s.newReader(c, "spam")
+	s.matcher.ReturnOpen = r
+	s.matcher.ReturnGenerateFingerprint = expected
+	matcher := context.FingerprintMatcher{
+		Open:                s.matcher.Open,
+		GenerateFingerprint: s.matcher.GenerateFingerprint,
+	}
+
+	matches, err := matcher.FingerprintMatches("some/filename.txt", expected)
+	c.Assert(matches, jc.IsTrue)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "Open", "GenerateFingerprint", "Close")
+	s.stub.CheckCall(c, 0, "Open", "some/filename.txt")
+	s.stub.CheckCall(c, 1, "GenerateFingerprint", r)
+}
+
+func (s *UtilsSuite) TestFingerprintMatchesNotFound(c *gc.C) {
+	_, expected := s.newReader(c, "spam")
+	matcher := context.FingerprintMatcher{
+		Open: s.matcher.Open,
+	}
+	s.stub.SetErrors(os.ErrNotExist)
+
+	matches, err := matcher.FingerprintMatches("some/filename.txt", expected)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(matches, jc.IsFalse)
+	s.stub.CheckCallNames(c, "Open")
+}
+
+func (s *UtilsSuite) TestFingerprintMatchesOpenFailed(c *gc.C) {
+	_, expected := s.newReader(c, "spam")
+	matcher := context.FingerprintMatcher{
+		Open: s.matcher.Open,
+	}
+	failure := errors.New("<failed>")
+	s.stub.SetErrors(failure)
+
+	_, err := matcher.FingerprintMatches("some/filename.txt", expected)
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+	s.stub.CheckCallNames(c, "Open")
+}
+
+func (s *UtilsSuite) TestFingerprintMatchesGenerateFingerprintFailed(c *gc.C) {
+	r, expected := s.newReader(c, "spam")
+	s.matcher.ReturnOpen = r
+	matcher := context.FingerprintMatcher{
+		Open:                s.matcher.Open,
+		GenerateFingerprint: s.matcher.GenerateFingerprint,
+	}
+	failure := errors.New("<failed>")
+	s.stub.SetErrors(nil, failure)
+
+	_, err := matcher.FingerprintMatches("some/filename.txt", expected)
+
+	c.Check(errors.Cause(err), gc.Equals, failure)
+	s.stub.CheckCallNames(c, "Open", "GenerateFingerprint", "Close")
+}
+
+type stubMatcher struct {
+	stub *testing.Stub
+
+	ReturnOpen                io.ReadCloser
+	ReturnGenerateFingerprint charmresource.Fingerprint
+}
+
+func (s *stubMatcher) Open(filename string) (io.ReadCloser, error) {
+	s.stub.AddCall("Open", filename)
+	if err := s.stub.NextErr(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	return s.ReturnOpen, nil
+}
+
+func (s *stubMatcher) GenerateFingerprint(r io.Reader) (charmresource.Fingerprint, error) {
+	s.stub.AddCall("GenerateFingerprint", r)
+	if err := s.stub.NextErr(); err != nil {
+		return charmresource.Fingerprint{}, errors.Trace(err)
+	}
+
+	return s.ReturnGenerateFingerprint, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/apiclient.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/apiclient.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/apiclient.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/apiclient.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,7 +26,7 @@
 }
 
 func newAPIClient(apiCaller api.Connection) (*client.Client, error) {
-	caller := base.NewFacadeCallerForVersion(apiCaller, resource.ComponentName, server.Version)
+	caller := base.NewFacadeCallerForVersion(apiCaller, resource.FacadeName, server.Version)
 
 	httpClient, err := apiCaller.HTTPClient()
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/apiserver.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/apiserver.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/apiserver.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/apiserver.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"net/http"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/common/apihttp"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/charmstore.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/charmstore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/charmstore.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/charmstore.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/retry"
 	"github.com/juju/utils/clock"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/charmstore"
 	"github.com/juju/juju/resource"
@@ -20,20 +20,20 @@
 
 // charmstoreEntityCache adapts between resource state and charmstore.EntityCache.
 type charmstoreEntityCache struct {
-	st        state.Resources
-	userID    names.Tag
-	unit      resource.Unit
-	serviceID string
+	st            state.Resources
+	userID        names.Tag
+	unit          resource.Unit
+	applicationID string
 }
 
 // GetResource implements charmstore.EntityCache.
 func (cache *charmstoreEntityCache) GetResource(name string) (resource.Resource, error) {
-	return cache.st.GetResource(cache.serviceID, name)
+	return cache.st.GetResource(cache.applicationID, name)
 }
 
 // SetResource implements charmstore.EntityCache.
 func (cache *charmstoreEntityCache) SetResource(chRes charmresource.Resource, reader io.Reader) (resource.Resource, error) {
-	return cache.st.SetResource(cache.serviceID, cache.userID.Id(), chRes, reader)
+	return cache.st.SetResource(cache.applicationID, cache.userID.Id(), chRes, reader)
 }
 
 // OpenResource implements charmstore.EntityCache.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/deploy.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/deploy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/deploy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/deploy.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,7 @@
 // DeployResources uploads the bytes for the given files to the server and
 // creates pending resource metadata for the all resource mentioned in the
 // metadata. It returns a map of resource name to pending resource IDs.
-func DeployResources(serviceID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, filesAndRevisions map[string]string, resources map[string]charmresource.Meta, conn api.Connection) (ids map[string]string, err error) {
+func DeployResources(applicationID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, filesAndRevisions map[string]string, resources map[string]charmresource.Meta, conn api.Connection) (ids map[string]string, err error) {
 	client, err := newAPIClient(conn)
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -37,7 +37,7 @@
 	}
 
 	ids, err = cmd.DeployResources(cmd.DeployResourcesArgs{
-		ServiceID:          serviceID,
+		ApplicationID:      applicationID,
 		CharmID:            chID,
 		CharmStoreMacaroon: csMac,
 		Filenames:          filenames,
@@ -56,9 +56,9 @@
 }
 
 // AddPendingResources adds pending metadata for store-based resources.
-func (cl *deployClient) AddPendingResources(serviceID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) ([]string, error) {
+func (cl *deployClient) AddPendingResources(applicationID string, chID charmstore.CharmID, csMac *macaroon.Macaroon, resources []charmresource.Resource) ([]string, error) {
 	return cl.Client.AddPendingResources(client.AddPendingResourcesArgs{
-		ServiceID:          serviceID,
+		ApplicationID:      applicationID,
 		CharmID:            chID,
 		CharmStoreMacaroon: csMac,
 		Resources:          resources,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/opener.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/opener.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/opener.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/opener.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	csclient "github.com/juju/juju/charmstore"
 	"github.com/juju/juju/resource"
@@ -26,7 +26,7 @@
 	if ro.unit == nil {
 		return resource.Opened{}, errors.Errorf("missing unit")
 	}
-	svc, err := ro.unit.Service()
+	svc, err := ro.unit.Application()
 	if err != nil {
 		return resource.Opened{}, errors.Trace(err)
 	}
@@ -43,10 +43,10 @@
 	}
 
 	cache := &charmstoreEntityCache{
-		st:        ro.res,
-		userID:    ro.userID,
-		unit:      ro.unit,
-		serviceID: ro.unit.ServiceName(),
+		st:            ro.res,
+		userID:        ro.userID,
+		unit:          ro.unit,
+		applicationID: ro.unit.ApplicationName(),
 	}
 
 	res, reader, err := charmstore.GetResource(charmstore.GetResourceArgs{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/state.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourceadapters/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourceadapters/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/resource"
 	"github.com/juju/juju/resource/state"
@@ -16,17 +16,17 @@
 )
 
 type service struct {
-	*corestate.Service
+	*corestate.Application
 }
 
-// ID returns the service's tag.
-func (s *service) ID() names.ServiceTag {
-	return names.NewServiceTag(s.Name())
+// ID returns the application's tag.
+func (s *service) ID() names.ApplicationTag {
+	return names.NewApplicationTag(s.Name())
 }
 
 // CharmURL implements resource/workers.Service.
 func (s *service) CharmURL() *charm.URL {
-	cURL, _ := s.Service.CharmURL()
+	cURL, _ := s.Application.CharmURL()
 	return cURL
 }
 
@@ -57,9 +57,9 @@
 	return st.persist.NewStorage()
 }
 
-// Units returns the tags for all units in the service.
-func (st rawState) Units(serviceID string) (tags []names.UnitTag, err error) {
-	svc, err := st.base.Service(serviceID)
+// Units returns the tags for all units in the application.
+func (st rawState) Units(applicationID string) (tags []names.UnitTag, err error) {
+	svc, err := st.base.Application(applicationID)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -75,12 +75,12 @@
 
 // VerifyService implements resource/state.RawState.
 func (st rawState) VerifyService(id string) error {
-	svc, err := st.base.Service(id)
+	svc, err := st.base.Application(id)
 	if err != nil {
 		return errors.Trace(err)
 	}
 	if svc.Life() != corestate.Alive {
-		return errors.NewNotFound(nil, fmt.Sprintf("service %q dying or dead", id))
+		return errors.NewNotFound(nil, fmt.Sprintf("application %q dying or dead", id))
 	}
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resource.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resource.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resource.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resource.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,9 +15,9 @@
 
 // Resource defines a single resource within a Juju model.
 //
-// Each service will have have exactly the same resources associated
+// Each application will have have exactly the same resources associated
 // with it as are defined in the charm's metadata, no more, no less.
-// When associated with the service the resource may have additional
+// When associated with the application the resource may have additional
 // information associated with it.
 //
 // A resource may be a "placeholder", meaning it is only partially
@@ -34,13 +34,13 @@
 //   Size
 //
 // A resource may also be added to the model as "pending", meaning it
-// is queued up to be used as a resource for the service. Until it is
+// is queued up to be used as a resource for the application. Until it is
 // "activated", a pending resources is virtually invisible. There may
 // be more that one pending resource for a given resource ID.
 type Resource struct {
 	resource.Resource
 
-	// ID uniquely identifies a resource-service pair within the model.
+	// ID uniquely identifies a resource-application pair within the model.
 	// Note that the model ignores pending resources (those with a
 	// pending ID) except for in a few clearly pending-related places.
 	// ID may be empty if the ID (assigned by the model) is not known.
@@ -49,13 +49,13 @@
 	// PendingID identifies that this resource is pending and
 	// distinguishes it from other pending resources with the same model
 	// ID (and from the active resource). The active resource for the
-	// services will not have PendingID set.
+	// applications will not have PendingID set.
 	PendingID string
 
-	// TODO(ericsnow) Use names.ServiceTag for ServiceID?
+	// TODO(ericsnow) Use names.ApplicationTag for applicationID?
 
-	// ServiceID identifies the service for the resource.
-	ServiceID string
+	// ApplicationID identifies the application for the resource.
+	ApplicationID string
 
 	// TODO(ericsnow) Use names.UserTag for Username?
 
@@ -78,8 +78,8 @@
 		return errors.Annotate(err, "bad info")
 	}
 
-	if res.ServiceID == "" {
-		return errors.NewNotValid(nil, "missing service ID")
+	if res.ApplicationID == "" {
+		return errors.NewNotValid(nil, "missing application ID")
 	}
 
 	// TODO(ericsnow) Require that Username be set if timestamp is?
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resource_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resource_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resource_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resource_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,11 +23,11 @@
 
 func (ResourceSuite) TestValidateUploadUsed(c *gc.C) {
 	res := resource.Resource{
-		Resource:  newFullCharmResource(c, "spam"),
-		ID:        "a-service/spam",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: time.Now(),
+		Resource:      newFullCharmResource(c, "spam"),
+		ID:            "a-application/spam",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     time.Now(),
 	}
 
 	err := res.Validate()
@@ -37,9 +37,9 @@
 
 func (ResourceSuite) TestValidateUploadNotUsed(c *gc.C) {
 	res := resource.Resource{
-		Resource:  newFullCharmResource(c, "spam"),
-		ID:        "a-service/spam",
-		ServiceID: "a-service",
+		Resource:      newFullCharmResource(c, "spam"),
+		ID:            "a-application/spam",
+		ApplicationID: "a-application",
 	}
 
 	err := res.Validate()
@@ -49,12 +49,12 @@
 
 func (ResourceSuite) TestValidateUploadPending(c *gc.C) {
 	res := resource.Resource{
-		Resource:  newFullCharmResource(c, "spam"),
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: time.Now(),
+		Resource:      newFullCharmResource(c, "spam"),
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     time.Now(),
 	}
 
 	err := res.Validate()
@@ -87,10 +87,10 @@
 
 func (ResourceSuite) TestValidateMissingID(c *gc.C) {
 	res := resource.Resource{
-		Resource:  newFullCharmResource(c, "spam"),
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: time.Now(),
+		Resource:      newFullCharmResource(c, "spam"),
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     time.Now(),
 	}
 
 	err := res.Validate()
@@ -98,10 +98,10 @@
 	c.Check(err, jc.ErrorIsNil)
 }
 
-func (ResourceSuite) TestValidateMissingServiceID(c *gc.C) {
+func (ResourceSuite) TestValidateMissingApplicationID(c *gc.C) {
 	res := resource.Resource{
 		Resource:  newFullCharmResource(c, "spam"),
-		ID:        "a-service/spam",
+		ID:        "a-application/spam",
 		Username:  "a-user",
 		Timestamp: time.Now(),
 	}
@@ -109,16 +109,16 @@
 	err := res.Validate()
 
 	c.Check(errors.Cause(err), jc.Satisfies, errors.IsNotValid)
-	c.Check(err, gc.ErrorMatches, `.*missing service ID.*`)
+	c.Check(err, gc.ErrorMatches, `.*missing application ID.*`)
 }
 
 func (ResourceSuite) TestValidateMissingUsername(c *gc.C) {
 	res := resource.Resource{
-		Resource:  newFullCharmResource(c, "spam"),
-		ID:        "a-service/spam",
-		ServiceID: "a-service",
-		Username:  "",
-		Timestamp: time.Now(),
+		Resource:      newFullCharmResource(c, "spam"),
+		ID:            "a-application/spam",
+		ApplicationID: "a-application",
+		Username:      "",
+		Timestamp:     time.Now(),
 	}
 
 	err := res.Validate()
@@ -128,11 +128,11 @@
 
 func (ResourceSuite) TestValidateMissingTimestamp(c *gc.C) {
 	res := resource.Resource{
-		Resource:  newFullCharmResource(c, "spam"),
-		ID:        "a-service/spam",
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: time.Time{},
+		Resource:      newFullCharmResource(c, "spam"),
+		ID:            "a-application/spam",
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     time.Time{},
 	}
 
 	err := res.Validate()
@@ -152,7 +152,7 @@
 			},
 			Origin: charmresource.OriginUpload,
 		},
-		ServiceID: "svc",
+		ApplicationID: "svc",
 	}
 
 	err := res.Validate()
@@ -172,9 +172,9 @@
 			},
 			Origin: charmresource.OriginUpload,
 		},
-		ServiceID: "svc",
-		Username:  "a-user",
-		Timestamp: time.Date(2012, 7, 8, 15, 59, 5, 5, time.UTC),
+		ApplicationID: "svc",
+		Username:      "a-user",
+		Timestamp:     time.Date(2012, 7, 8, 15, 59, 5, 5, time.UTC),
 	}
 
 	err := res.Validate()
@@ -195,9 +195,9 @@
 			Origin:   charmresource.OriginStore,
 			Revision: 7,
 		},
-		ServiceID: "svc",
-		Username:  "a-user",
-		Timestamp: time.Date(2012, 7, 8, 15, 59, 5, 5, time.UTC),
+		ApplicationID: "svc",
+		Username:      "a-user",
+		Timestamp:     time.Date(2012, 7, 8, 15, 59, 5, 5, time.UTC),
 	}
 
 	err := res.Validate()
@@ -207,8 +207,8 @@
 }
 
 func (s *ResourceSuite) TestAsMap(c *gc.C) {
-	spam := newStoreResource(c, "spam", "a-service", 2)
-	eggs := newStoreResource(c, "eggs", "a-service", 3)
+	spam := newStoreResource(c, "spam", "a-application", 2)
+	eggs := newStoreResource(c, "eggs", "a-application", 3)
 	resources := []resource.Resource{
 		spam,
 		eggs,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourcetesting/resource.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourcetesting/resource.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourcetesting/resource.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourcetesting/resource.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,10 +21,10 @@
 // NewResource produces full resource info for the given name and
 // content. The origin is set set to "upload". A reader is also returned
 // which contains the content.
-func NewResource(c *gc.C, stub *testing.Stub, name, serviceID, content string) resource.Opened {
+func NewResource(c *gc.C, stub *testing.Stub, name, applicationID, content string) resource.Opened {
 	username := "a-user"
 	return resource.Opened{
-		Resource:   newResource(c, name, serviceID, username, content),
+		Resource:   newResource(c, name, applicationID, username, content),
 		ReadCloser: newStubReadCloser(stub, content),
 	}
 }
@@ -54,24 +54,25 @@
 // NewPlaceholderResource returns resource info for a resource that
 // has not been uploaded or pulled from the charm store yet. The origin
 // is set to "upload".
-func NewPlaceholderResource(c *gc.C, name, serviceID string) resource.Resource {
-	res := newResource(c, name, serviceID, "", "")
+func NewPlaceholderResource(c *gc.C, name, applicationID string) resource.Resource {
+	res := newResource(c, name, applicationID, "", "")
 	res.Fingerprint = charmresource.Fingerprint{}
 	return res
 }
 
-func newResource(c *gc.C, name, serviceID, username, content string) resource.Resource {
+func newResource(c *gc.C, name, applicationID, username, content string) resource.Resource {
 	var timestamp time.Time
 	if username != "" {
+		// TODO(perrito666) 2016-05-02 lp:1558657
 		timestamp = time.Now().UTC()
 	}
 	res := resource.Resource{
-		Resource:  NewCharmResource(c, name, content),
-		ID:        serviceID + "/" + name,
-		PendingID: "",
-		ServiceID: serviceID,
-		Username:  username,
-		Timestamp: timestamp,
+		Resource:      NewCharmResource(c, name, content),
+		ID:            applicationID + "/" + name,
+		PendingID:     "",
+		ApplicationID: applicationID,
+		Username:      username,
+		Timestamp:     timestamp,
 	}
 	err := res.Validate()
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourcetesting/state.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourcetesting/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/resourcetesting/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/resourcetesting/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,9 +12,9 @@
 type StubUnit struct {
 	*testing.Stub
 
-	ReturnName        string
-	ReturnServiceName string
-	ReturnCharmURL    *charm.URL
+	ReturnName            string
+	ReturnApplicationName string
+	ReturnCharmURL        *charm.URL
 }
 
 // Name implements resource.Unit.
@@ -25,12 +25,12 @@
 	return s.ReturnName
 }
 
-// ServiceName implements resource.Unit.
-func (s *StubUnit) ServiceName() string {
-	s.AddCall("ServiceName")
+// ApplicationName implements resource.Unit.
+func (s *StubUnit) ApplicationName() string {
+	s.AddCall("ApplicationName")
 	s.NextErr() // Pop one off.
 
-	return s.ReturnServiceName
+	return s.ReturnApplicationName
 }
 
 // CharmURL implements resource.Unit.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/service.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,19 +5,19 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 )
 
-// ServiceResources contains the list of resources for the service and all its
+// ServiceResources contains the list of resources for the application and all its
 // units.
 type ServiceResources struct {
-	// Resources are the current version of the resource for the service that
+	// Resources are the current version of the resource for the application that
 	// resource-get will retrieve.
 	Resources []Resource
 
 	// CharmStoreResources provides the resource info from the charm
-	// store for each of the service's resources. The information from
+	// store for each of the application's resources. The information from
 	// the charm store is current as of the last time the charm store
 	// was polled. Each entry here corresponds to the same indexed entry
 	// in the Resources field.
@@ -29,8 +29,8 @@
 }
 
 // Updates returns the list of charm store resources corresponding to
-// the service's resources that are out of date. Note that there must be
-// a charm store resource for each of the service resources and
+// the application's resources that are out of date. Note that there must be
+// a charm store resource for each of the application resources and
 // vice-versa. If they are out of sync then an error is returned.
 func (sr ServiceResources) Updates() ([]resource.Resource, error) {
 	storeResources, err := sr.alignStoreResources()
@@ -55,10 +55,10 @@
 
 func (sr ServiceResources) alignStoreResources() ([]resource.Resource, error) {
 	if len(sr.CharmStoreResources) > len(sr.Resources) {
-		return nil, errors.Errorf("have more charm store resources than service resources")
+		return nil, errors.Errorf("have more charm store resources than application resources")
 	}
 	if len(sr.CharmStoreResources) < len(sr.Resources) {
-		return nil, errors.Errorf("have fewer charm store resources than service resources")
+		return nil, errors.Errorf("have fewer charm store resources than application resources")
 	}
 
 	var store []resource.Resource
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,7 +20,7 @@
 var _ = gc.Suite(&ServiceResourcesSuite{})
 
 func (s *ServiceResourcesSuite) TestUpdatesUploaded(c *gc.C) {
-	csRes := newStoreResource(c, "spam", "a-service", 2)
+	csRes := newStoreResource(c, "spam", "a-application", 2)
 	res := csRes // a copy
 	res.Origin = charmresource.OriginUpload
 	sr := resource.ServiceResources{
@@ -39,8 +39,8 @@
 }
 
 func (s *ServiceResourcesSuite) TestUpdatesDifferent(c *gc.C) {
-	spam := newStoreResource(c, "spam", "a-service", 2)
-	eggs := newStoreResource(c, "eggs", "a-service", 3)
+	spam := newStoreResource(c, "spam", "a-application", 2)
+	eggs := newStoreResource(c, "eggs", "a-application", 3)
 	expected := eggs.Resource
 	expected.Revision += 1
 	sr := resource.ServiceResources{
@@ -61,8 +61,8 @@
 }
 
 func (s *ServiceResourcesSuite) TestUpdatesBadOrdering(c *gc.C) {
-	spam := newStoreResource(c, "spam", "a-service", 2)
-	eggs := newStoreResource(c, "eggs", "a-service", 3)
+	spam := newStoreResource(c, "spam", "a-application", 2)
+	eggs := newStoreResource(c, "eggs", "a-application", 3)
 	expected := eggs.Resource
 	expected.Revision += 1
 	sr := resource.ServiceResources{
@@ -83,8 +83,8 @@
 }
 
 func (s *ServiceResourcesSuite) TestUpdatesNone(c *gc.C) {
-	spam := newStoreResource(c, "spam", "a-service", 2)
-	eggs := newStoreResource(c, "eggs", "a-service", 3)
+	spam := newStoreResource(c, "spam", "a-application", 2)
+	eggs := newStoreResource(c, "eggs", "a-application", 3)
 	sr := resource.ServiceResources{
 		Resources: []resource.Resource{
 			spam,
@@ -102,9 +102,9 @@
 	c.Check(updates, gc.HasLen, 0)
 }
 
-func newStoreResource(c *gc.C, name, serviceID string, revision int) resource.Resource {
+func newStoreResource(c *gc.C, name, applicationID string, revision int) resource.Resource {
 	content := name
-	opened := resourcetesting.NewResource(c, nil, name, serviceID, content)
+	opened := resourcetesting.NewResource(c, nil, name, applicationID, content)
 	res := opened.Resource
 	res.Origin = charmresource.OriginStore
 	res.Revision = revision
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/resource.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/resource.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/resource.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/resource.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,22 +12,23 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"github.com/juju/utils/clock"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/resource"
 )
 
 type resourcePersistence interface {
-	// ListResources returns the resource data for the given service ID.
+	// ListResources returns the resource data for the given application ID.
 	// None of the resources will be pending.
-	ListResources(serviceID string) (resource.ServiceResources, error)
+	ListResources(applicationID string) (resource.ServiceResources, error)
 
 	// ListPendingResources returns the resource data for the given
-	// service ID.
-	ListPendingResources(serviceID string) ([]resource.Resource, error)
+	// application ID.
+	ListPendingResources(applicationID string) ([]resource.Resource, error)
 
 	// GetResource returns the extended, model-related info for the
 	// non-pending resource.
@@ -44,7 +45,7 @@
 
 	// SetCharmStoreResource stores the resource info that was retrieved
 	// from the charm store.
-	SetCharmStoreResource(id, serviceID string, res charmresource.Resource, lastPolled time.Time) error
+	SetCharmStoreResource(id, applicationID string, res charmresource.Resource, lastPolled time.Time) error
 
 	// SetUnitResource stores the resource info for a unit.
 	SetUnitResource(unitID string, args resource.Resource) error
@@ -76,11 +77,11 @@
 }
 
 type rawState interface {
-	// VerifyService ensures that the service is in state.
+	// VerifyService ensures that the application is in state.
 	VerifyService(id string) error
 
-	// Units returns the tags for all units in the service.
-	Units(serviceID string) ([]names.UnitTag, error)
+	// Units returns the tags for all units in the application.
+	Units(applicationID string) ([]names.UnitTag, error)
 }
 
 type resourceStorage interface {
@@ -104,17 +105,17 @@
 	currentTimestamp func() time.Time
 }
 
-// ListResources returns the resource data for the given service ID.
-func (st resourceState) ListResources(serviceID string) (resource.ServiceResources, error) {
-	resources, err := st.persist.ListResources(serviceID)
+// ListResources returns the resource data for the given application ID.
+func (st resourceState) ListResources(applicationID string) (resource.ServiceResources, error) {
+	resources, err := st.persist.ListResources(applicationID)
 	if err != nil {
-		if err := st.raw.VerifyService(serviceID); err != nil {
+		if err := st.raw.VerifyService(applicationID); err != nil {
 			return resource.ServiceResources{}, errors.Trace(err)
 		}
 		return resource.ServiceResources{}, errors.Trace(err)
 	}
 
-	unitIDs, err := st.raw.Units(serviceID)
+	unitIDs, err := st.raw.Units(applicationID)
 	if err != nil {
 		return resource.ServiceResources{}, errors.Trace(err)
 	}
@@ -138,11 +139,11 @@
 }
 
 // GetResource returns the resource data for the identified resource.
-func (st resourceState) GetResource(serviceID, name string) (resource.Resource, error) {
-	id := newResourceID(serviceID, name)
+func (st resourceState) GetResource(applicationID, name string) (resource.Resource, error) {
+	id := newResourceID(applicationID, name)
 	res, _, err := st.persist.GetResource(id)
 	if err != nil {
-		if err := st.raw.VerifyService(serviceID); err != nil {
+		if err := st.raw.VerifyService(applicationID); err != nil {
 			return resource.Resource{}, errors.Trace(err)
 		}
 		return res, errors.Trace(err)
@@ -151,13 +152,13 @@
 }
 
 // GetPendingResource returns the resource data for the identified resource.
-func (st resourceState) GetPendingResource(serviceID, name, pendingID string) (resource.Resource, error) {
+func (st resourceState) GetPendingResource(applicationID, name, pendingID string) (resource.Resource, error) {
 	var res resource.Resource
 
-	resources, err := st.persist.ListPendingResources(serviceID)
+	resources, err := st.persist.ListPendingResources(applicationID)
 	if err != nil {
 		// We do not call VerifyService() here because pending resources
-		// do not have to have an existing service.
+		// do not have to have an existing application.
 		return res, errors.Trace(err)
 	}
 
@@ -172,10 +173,10 @@
 // TODO(ericsnow) Separate setting the metadata from storing the blob?
 
 // SetResource stores the resource in the Juju model.
-func (st resourceState) SetResource(serviceID, userID string, chRes charmresource.Resource, r io.Reader) (resource.Resource, error) {
-	logger.Tracef("adding resource %q for service %q", chRes.Name, serviceID)
+func (st resourceState) SetResource(applicationID, userID string, chRes charmresource.Resource, r io.Reader) (resource.Resource, error) {
+	logger.Tracef("adding resource %q for application %q", chRes.Name, applicationID)
 	pendingID := ""
-	res, err := st.setResource(pendingID, serviceID, userID, chRes, r)
+	res, err := st.setResource(pendingID, applicationID, userID, chRes, r)
 	if err != nil {
 		return res, errors.Trace(err)
 	}
@@ -183,14 +184,14 @@
 }
 
 // AddPendingResource stores the resource in the Juju model.
-func (st resourceState) AddPendingResource(serviceID, userID string, chRes charmresource.Resource, r io.Reader) (pendingID string, err error) {
+func (st resourceState) AddPendingResource(applicationID, userID string, chRes charmresource.Resource, r io.Reader) (pendingID string, err error) {
 	pendingID, err = st.newPendingID()
 	if err != nil {
 		return "", errors.Annotate(err, "could not generate resource ID")
 	}
-	logger.Debugf("adding pending resource %q for service %q (ID: %s)", chRes.Name, serviceID, pendingID)
+	logger.Debugf("adding pending resource %q for application %q (ID: %s)", chRes.Name, applicationID, pendingID)
 
-	if _, err := st.setResource(pendingID, serviceID, userID, chRes, r); err != nil {
+	if _, err := st.setResource(pendingID, applicationID, userID, chRes, r); err != nil {
 		return "", errors.Trace(err)
 	}
 
@@ -198,9 +199,9 @@
 }
 
 // UpdatePendingResource stores the resource in the Juju model.
-func (st resourceState) UpdatePendingResource(serviceID, pendingID, userID string, chRes charmresource.Resource, r io.Reader) (resource.Resource, error) {
-	logger.Tracef("updating pending resource %q (%s) for service %q", chRes.Name, pendingID, serviceID)
-	res, err := st.setResource(pendingID, serviceID, userID, chRes, r)
+func (st resourceState) UpdatePendingResource(applicationID, pendingID, userID string, chRes charmresource.Resource, r io.Reader) (resource.Resource, error) {
+	logger.Tracef("updating pending resource %q (%s) for application %q", chRes.Name, pendingID, applicationID)
+	res, err := st.setResource(pendingID, applicationID, userID, chRes, r)
 	if err != nil {
 		return res, errors.Trace(err)
 	}
@@ -209,14 +210,14 @@
 
 // TODO(ericsnow) Add ResolvePendingResource().
 
-func (st resourceState) setResource(pendingID, serviceID, userID string, chRes charmresource.Resource, r io.Reader) (resource.Resource, error) {
-	id := newResourceID(serviceID, chRes.Name)
+func (st resourceState) setResource(pendingID, applicationID, userID string, chRes charmresource.Resource, r io.Reader) (resource.Resource, error) {
+	id := newResourceID(applicationID, chRes.Name)
 
 	res := resource.Resource{
-		Resource:  chRes,
-		ID:        id,
-		PendingID: pendingID,
-		ServiceID: serviceID,
+		Resource:      chRes,
+		ID:            id,
+		PendingID:     pendingID,
+		ApplicationID: applicationID,
 	}
 	if r != nil {
 		// TODO(ericsnow) Validate the user ID (or use a tag).
@@ -247,7 +248,7 @@
 	// is stored separately and adding to both should be an atomic
 	// operation.
 
-	storagePath := storagePath(res.Name, res.ServiceID, res.PendingID)
+	storagePath := storagePath(res.Name, res.ApplicationID, res.PendingID)
 	staged, err := st.persist.StageResource(res, storagePath)
 	if err != nil {
 		return errors.Trace(err)
@@ -256,17 +257,17 @@
 	hash := res.Fingerprint.String()
 	if err := st.storage.PutAndCheckHash(storagePath, r, res.Size, hash); err != nil {
 		if err := staged.Unstage(); err != nil {
-			logger.Errorf("could not unstage resource %q (service %q): %v", res.Name, res.ServiceID, err)
+			logger.Errorf("could not unstage resource %q (application %q): %v", res.Name, res.ApplicationID, err)
 		}
 		return errors.Trace(err)
 	}
 
 	if err := staged.Activate(); err != nil {
 		if err := st.storage.Remove(storagePath); err != nil {
-			logger.Errorf("could not remove resource %q (service %q) from storage: %v", res.Name, res.ServiceID, err)
+			logger.Errorf("could not remove resource %q (application %q) from storage: %v", res.Name, res.ApplicationID, err)
 		}
 		if err := staged.Unstage(); err != nil {
-			logger.Errorf("could not unstage resource %q (service %q): %v", res.Name, res.ServiceID, err)
+			logger.Errorf("could not unstage resource %q (application %q): %v", res.Name, res.ApplicationID, err)
 		}
 		return errors.Trace(err)
 	}
@@ -276,11 +277,11 @@
 
 // OpenResource returns metadata about the resource, and a reader for
 // the resource.
-func (st resourceState) OpenResource(serviceID, name string) (resource.Resource, io.ReadCloser, error) {
-	id := newResourceID(serviceID, name)
+func (st resourceState) OpenResource(applicationID, name string) (resource.Resource, io.ReadCloser, error) {
+	id := newResourceID(applicationID, name)
 	resourceInfo, storagePath, err := st.persist.GetResource(id)
 	if err != nil {
-		if err := st.raw.VerifyService(serviceID); err != nil {
+		if err := st.raw.VerifyService(applicationID); err != nil {
 			return resource.Resource{}, nil, errors.Trace(err)
 		}
 		return resource.Resource{}, nil, errors.Annotate(err, "while getting resource info")
@@ -306,14 +307,14 @@
 // a reader for the resource. The resource is associated with
 // the unit once the reader is completely exhausted.
 func (st resourceState) OpenResourceForUniter(unit resource.Unit, name string) (resource.Resource, io.ReadCloser, error) {
-	serviceID := unit.ServiceName()
+	applicationID := unit.ApplicationName()
 
 	pendingID, err := newPendingID()
 	if err != nil {
 		return resource.Resource{}, nil, errors.Trace(err)
 	}
 
-	resourceInfo, resourceReader, err := st.OpenResource(serviceID, name)
+	resourceInfo, resourceReader, err := st.OpenResource(applicationID, name)
 	if err != nil {
 		return resource.Resource{}, nil, errors.Trace(err)
 	}
@@ -332,17 +333,18 @@
 		unit:       unit,
 		pending:    pending,
 		resource:   resourceInfo,
+		clock:      clock.WallClock,
 	}
 
 	return resourceInfo, resourceReader, nil
 }
 
 // SetCharmStoreResources sets the "polled" resources for the
-// service to the provided values.
-func (st resourceState) SetCharmStoreResources(serviceID string, info []charmresource.Resource, lastPolled time.Time) error {
+// application to the provided values.
+func (st resourceState) SetCharmStoreResources(applicationID string, info []charmresource.Resource, lastPolled time.Time) error {
 	for _, chRes := range info {
-		id := newResourceID(serviceID, chRes.Name)
-		if err := st.persist.SetCharmStoreResource(id, serviceID, chRes, lastPolled); err != nil {
+		id := newResourceID(applicationID, chRes.Name)
+		if err := st.persist.SetCharmStoreResource(id, applicationID, chRes, lastPolled); err != nil {
 			return errors.Trace(err)
 		}
 		// TODO(ericsnow) Worry about extras? missing?
@@ -360,7 +362,7 @@
 // Leaking mongo details (transaction ops) is a necessary evil since we
 // do not have any machinery to facilitate transactions between
 // different components.
-func (st resourceState) NewResolvePendingResourcesOps(serviceID string, pendingIDs map[string]string) ([]txn.Op, error) {
+func (st resourceState) NewResolvePendingResourcesOps(applicationID string, pendingIDs map[string]string) ([]txn.Op, error) {
 	if len(pendingIDs) == 0 {
 		return nil, nil
 	}
@@ -370,7 +372,7 @@
 
 	var allOps []txn.Op
 	for name, pendingID := range pendingIDs {
-		ops, err := st.newResolvePendingResourceOps(serviceID, name, pendingID)
+		ops, err := st.newResolvePendingResourceOps(applicationID, name, pendingID)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -379,12 +381,12 @@
 	return allOps, nil
 }
 
-func (st resourceState) newResolvePendingResourceOps(serviceID, name, pendingID string) ([]txn.Op, error) {
-	resID := newResourceID(serviceID, name)
+func (st resourceState) newResolvePendingResourceOps(applicationID, name, pendingID string) ([]txn.Op, error) {
+	resID := newResourceID(applicationID, name)
 	return st.persist.NewResolvePendingResourceOps(resID, pendingID)
 }
 
-// TODO(ericsnow) Incorporate the service and resource name into the ID
+// TODO(ericsnow) Incorporate the application and resource name into the ID
 // instead of just using a UUID?
 
 // newPendingID generates a new unique identifier for a resource.
@@ -397,34 +399,36 @@
 }
 
 // newResourceID produces a new ID to use for the resource in the model.
-func newResourceID(serviceID, name string) string {
-	return fmt.Sprintf("%s/%s", serviceID, name)
+func newResourceID(applicationID, name string) string {
+	return fmt.Sprintf("%s/%s", applicationID, name)
 }
 
 // storagePath returns the path used as the location where the resource
 // is stored in state storage. This requires that the returned string
 // be unique and that it be organized in a structured way. In this case
-// we start with a top-level (the service), then under that service use
+// we start with a top-level (the application), then under that application use
 // the "resources" section. The provided ID is located under there.
-func storagePath(name, serviceID, pendingID string) string {
-	// TODO(ericsnow) Use services/<service>/resources/<resource>?
+func storagePath(name, applicationID, pendingID string) string {
+	// TODO(ericsnow) Use applications/<application>/resources/<resource>?
 	id := name
 	if pendingID != "" {
 		// TODO(ericsnow) How to resolve this later?
 		id += "-" + pendingID
 	}
-	return path.Join("service-"+serviceID, "resources", id)
+	return path.Join("application-"+applicationID, "resources", id)
 }
 
 // unitSetter records the resource as in use by a unit when the wrapped
 // reader has been fully read.
 type unitSetter struct {
 	io.ReadCloser
-	persist  resourcePersistence
-	unit     resource.Unit
-	pending  resource.Resource
-	resource resource.Resource
-	progress int64
+	persist            resourcePersistence
+	unit               resource.Unit
+	pending            resource.Resource
+	resource           resource.Resource
+	progress           int64
+	lastProgressUpdate time.Time
+	clock              clock.Clock
 }
 
 // Read implements io.Reader.
@@ -438,9 +442,11 @@
 		}
 	} else {
 		u.progress += int64(n)
-		// TODO(ericsnow) Don't do this every time?
-		if err := u.persist.SetUnitResourceProgress(u.unit.Name(), u.pending, u.progress); err != nil {
-			logger.Errorf("failed to track progress: %v", err)
+		if time.Since(u.lastProgressUpdate) > time.Second {
+			u.lastProgressUpdate = u.clock.Now()
+			if err := u.persist.SetUnitResourceProgress(u.unit.Name(), u.pending, u.progress); err != nil {
+				logger.Errorf("failed to track progress: %v", err)
+			}
 		}
 	}
 	return n, err
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/resource_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/resource_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/resource_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/resource_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,15 +11,16 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/resource"
 	"github.com/juju/juju/resource/resourcetesting"
+	"github.com/juju/utils/clock"
 )
 
 var _ = gc.Suite(&ResourceSuite{})
@@ -68,12 +69,12 @@
 func (s *ResourceSuite) TestListResourcesOkay(c *gc.C) {
 	expected := newUploadResources(c, "spam", "eggs")
 	s.persist.ReturnListResources = resource.ServiceResources{Resources: expected}
-	tag := names.NewUnitTag("a-service/0")
+	tag := names.NewUnitTag("a-application/0")
 	s.raw.ReturnUnits = []names.UnitTag{tag}
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	resources, err := st.ListResources("a-service")
+	resources, err := st.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(resources.Resources, jc.DeepEquals, expected)
@@ -81,7 +82,7 @@
 		Tag: tag,
 	}})
 	s.stub.CheckCallNames(c, "ListResources", "Units")
-	s.stub.CheckCall(c, 0, "ListResources", "a-service")
+	s.stub.CheckCall(c, 0, "ListResources", "a-application")
 }
 
 func (s *ResourceSuite) TestListResourcesNoUnits(c *gc.C) {
@@ -90,23 +91,23 @@
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	resources, err := st.ListResources("a-service")
+	resources, err := st.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(resources.Resources, jc.DeepEquals, expected)
 	c.Check(resources.UnitResources, gc.HasLen, 0)
 	s.stub.CheckCallNames(c, "ListResources", "Units")
-	s.stub.CheckCall(c, 0, "ListResources", "a-service")
+	s.stub.CheckCall(c, 0, "ListResources", "a-application")
 }
 
 func (s *ResourceSuite) TestListResourcesEmpty(c *gc.C) {
 	s.raw.ReturnUnits = []names.UnitTag{
-		names.NewUnitTag("a-service/0"),
+		names.NewUnitTag("a-application/0"),
 	}
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	resources, err := st.ListResources("a-service")
+	resources, err := st.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(resources.Resources, gc.HasLen, 0)
@@ -122,7 +123,7 @@
 	failure := errors.New("<failure>")
 	s.stub.SetErrors(failure)
 
-	_, err := st.ListResources("a-service")
+	_, err := st.ListResources("a-application")
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c, "ListResources", "VerifyService")
@@ -136,11 +137,11 @@
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	res, err := st.GetPendingResource("a-service", "eggs", "other-unique-id")
+	res, err := st.GetPendingResource("a-application", "eggs", "other-unique-id")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "ListPendingResources")
-	s.stub.CheckCall(c, 0, "ListPendingResources", "a-service")
+	s.stub.CheckCall(c, 0, "ListPendingResources", "a-application")
 	c.Check(res, jc.DeepEquals, resources[1])
 }
 
@@ -149,13 +150,13 @@
 	expected.Timestamp = s.timestamp
 	chRes := expected.Resource
 	hash := chRes.Fingerprint.String()
-	path := "service-a-service/resources/spam"
+	path := "application-a-application/resources/spam"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
 	s.stub.ResetCalls()
 
-	res, err := st.SetResource("a-service", "a-user", chRes, file)
+	res, err := st.SetResource("a-application", "a-user", chRes, file)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
@@ -167,11 +168,11 @@
 	s.stub.CheckCall(c, 1, "StageResource", expected, path)
 	s.stub.CheckCall(c, 2, "PutAndCheckHash", path, file, res.Size, hash)
 	c.Check(res, jc.DeepEquals, resource.Resource{
-		Resource:  chRes,
-		ID:        "a-service/" + res.Name,
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: s.timestamp,
+		Resource:      chRes,
+		ID:            "a-application/" + res.Name,
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     s.timestamp,
 	})
 }
 
@@ -184,7 +185,7 @@
 	st.currentTimestamp = s.now
 	s.stub.ResetCalls()
 
-	res, err := st.SetResource("a-service", "a-user", chRes, nil)
+	res, err := st.SetResource("a-application", "a-user", chRes, nil)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
@@ -192,9 +193,9 @@
 	)
 	s.stub.CheckCall(c, 0, "SetResource", expected)
 	c.Check(res, jc.DeepEquals, resource.Resource{
-		Resource:  chRes,
-		ID:        "a-service/" + res.Name,
-		ServiceID: "a-service",
+		Resource:      chRes,
+		ID:            "a-application/" + res.Name,
+		ApplicationID: "a-application",
 	})
 }
 
@@ -206,7 +207,7 @@
 	st.currentTimestamp = s.now
 	s.stub.ResetCalls()
 
-	_, err := st.SetResource("a-service", "a-user", res.Resource, file)
+	_, err := st.SetResource("a-application", "a-user", res.Resource, file)
 
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 	c.Check(err, gc.ErrorMatches, `bad resource metadata.*`)
@@ -216,7 +217,7 @@
 func (s *ResourceSuite) TestSetResourceStagingFailure(c *gc.C) {
 	expected := newUploadResource(c, "spam", "spamspamspam")
 	expected.Timestamp = s.timestamp
-	path := "service-a-service/resources/spam"
+	path := "application-a-application/resources/spam"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
@@ -225,7 +226,7 @@
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, failure, ignoredErr)
 
-	_, err := st.SetResource("a-service", "a-user", expected.Resource, file)
+	_, err := st.SetResource("a-application", "a-user", expected.Resource, file)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c, "currentTimestamp", "StageResource")
@@ -236,7 +237,7 @@
 	expected := newUploadResource(c, "spam", "spamspamspam")
 	expected.Timestamp = s.timestamp
 	hash := expected.Fingerprint.String()
-	path := "service-a-service/resources/spam"
+	path := "application-a-application/resources/spam"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
@@ -245,7 +246,7 @@
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, failure, nil, ignoredErr)
 
-	_, err := st.SetResource("a-service", "a-user", expected.Resource, file)
+	_, err := st.SetResource("a-application", "a-user", expected.Resource, file)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c,
@@ -262,7 +263,7 @@
 	expected := newUploadResource(c, "spam", "spamspamspam")
 	expected.Timestamp = s.timestamp
 	hash := expected.Fingerprint.String()
-	path := "service-a-service/resources/spam"
+	path := "application-a-application/resources/spam"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
@@ -272,7 +273,7 @@
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, failure, extraErr, ignoredErr)
 
-	_, err := st.SetResource("a-service", "a-user", expected.Resource, file)
+	_, err := st.SetResource("a-application", "a-user", expected.Resource, file)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c,
@@ -289,7 +290,7 @@
 	expected := newUploadResource(c, "spam", "spamspamspam")
 	expected.Timestamp = s.timestamp
 	hash := expected.Fingerprint.String()
-	path := "service-a-service/resources/spam"
+	path := "application-a-application/resources/spam"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
@@ -298,7 +299,7 @@
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, failure, nil, nil, ignoredErr)
 
-	_, err := st.SetResource("a-service", "a-user", expected.Resource, file)
+	_, err := st.SetResource("a-application", "a-user", expected.Resource, file)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c,
@@ -318,7 +319,7 @@
 	expected := newUploadResource(c, "spam", "spamspamspam")
 	expected.Timestamp = s.timestamp
 	hash := expected.Fingerprint.String()
-	path := "service-a-service/resources/spam"
+	path := "application-a-application/resources/spam"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
@@ -329,7 +330,7 @@
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, failure, extraErr1, extraErr2, ignoredErr)
 
-	_, err := st.SetResource("a-service", "a-user", expected.Resource, file)
+	_, err := st.SetResource("a-application", "a-user", expected.Resource, file)
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c,
@@ -351,13 +352,13 @@
 	expected.Timestamp = s.timestamp
 	chRes := expected.Resource
 	hash := chRes.Fingerprint.String()
-	path := "service-a-service/resources/spam-some-unique-id"
+	path := "application-a-application/resources/spam-some-unique-id"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
 	s.stub.ResetCalls()
 
-	res, err := st.UpdatePendingResource("a-service", "some-unique-id", "a-user", chRes, file)
+	res, err := st.UpdatePendingResource("a-application", "some-unique-id", "a-user", chRes, file)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
@@ -369,12 +370,12 @@
 	s.stub.CheckCall(c, 1, "StageResource", expected, path)
 	s.stub.CheckCall(c, 2, "PutAndCheckHash", path, file, res.Size, hash)
 	c.Check(res, jc.DeepEquals, resource.Resource{
-		Resource:  chRes,
-		ID:        "a-service/" + res.Name,
-		ServiceID: "a-service",
-		PendingID: "some-unique-id",
-		Username:  "a-user",
-		Timestamp: s.timestamp,
+		Resource:      chRes,
+		ID:            "a-application/" + res.Name,
+		ApplicationID: "a-application",
+		PendingID:     "some-unique-id",
+		Username:      "a-user",
+		Timestamp:     s.timestamp,
 	})
 }
 
@@ -385,14 +386,14 @@
 	expected.Timestamp = s.timestamp
 	chRes := expected.Resource
 	hash := chRes.Fingerprint.String()
-	path := "service-a-service/resources/spam-some-unique-ID-001"
+	path := "application-a-application/resources/spam-some-unique-ID-001"
 	file := &stubReader{stub: s.stub}
 	st := NewState(s.raw)
 	st.currentTimestamp = s.now
 	st.newPendingID = s.newPendingID
 	s.stub.ResetCalls()
 
-	pendingID, err := st.AddPendingResource("a-service", "a-user", chRes, file)
+	pendingID, err := st.AddPendingResource("a-application", "a-user", chRes, file)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
@@ -409,18 +410,18 @@
 
 func (s *ResourceSuite) TestOpenResourceOkay(c *gc.C) {
 	data := "some data"
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", data)
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", data)
 	s.persist.ReturnGetResource = opened.Resource
-	s.persist.ReturnGetResourcePath = "service-a-service/resources/spam"
+	s.persist.ReturnGetResourcePath = "application-a-application/resources/spam"
 	s.storage.ReturnGet = opened.Content()
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	info, reader, err := st.OpenResource("a-service", "spam")
+	info, reader, err := st.OpenResource("a-application", "spam")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "GetResource", "Get")
-	s.stub.CheckCall(c, 1, "Get", "service-a-service/resources/spam")
+	s.stub.CheckCall(c, 1, "Get", "application-a-application/resources/spam")
 	c.Check(info, jc.DeepEquals, opened.Resource)
 	c.Check(reader, gc.Equals, opened.ReadCloser)
 }
@@ -431,36 +432,36 @@
 	errNotFound := errors.NotFoundf("resource")
 	s.stub.SetErrors(errNotFound)
 
-	_, _, err := st.OpenResource("a-service", "spam")
+	_, _, err := st.OpenResource("a-application", "spam")
 
 	s.stub.CheckCallNames(c, "GetResource", "VerifyService")
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ResourceSuite) TestOpenResourcePlaceholder(c *gc.C) {
-	res := resourcetesting.NewPlaceholderResource(c, "spam", "a-service")
+	res := resourcetesting.NewPlaceholderResource(c, "spam", "a-application")
 	s.persist.ReturnGetResource = res
-	s.persist.ReturnGetResourcePath = "service-a-service/resources/spam"
+	s.persist.ReturnGetResourcePath = "application-a-application/resources/spam"
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	_, _, err := st.OpenResource("a-service", "spam")
+	_, _, err := st.OpenResource("a-application", "spam")
 
 	s.stub.CheckCallNames(c, "GetResource")
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ResourceSuite) TestOpenResourceSizeMismatch(c *gc.C) {
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	s.persist.ReturnGetResource = opened.Resource
-	s.persist.ReturnGetResourcePath = "service-a-service/resources/spam"
+	s.persist.ReturnGetResourcePath = "application-a-application/resources/spam"
 	content := opened.Content()
 	content.Size += 1
 	s.storage.ReturnGet = content
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	_, _, err := st.OpenResource("a-service", "spam")
+	_, _, err := st.OpenResource("a-application", "spam")
 
 	s.stub.CheckCallNames(c, "GetResource", "Get")
 	c.Check(err, gc.ErrorMatches, `storage returned a size \(10\) which doesn't match resource metadata \(9\)`)
@@ -468,19 +469,19 @@
 
 func (s *ResourceSuite) TestOpenResourceForUniterOkay(c *gc.C) {
 	data := "some data"
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", data)
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", data)
 	s.persist.ReturnGetResource = opened.Resource
-	s.persist.ReturnGetResourcePath = "service-a-service/resources/spam"
+	s.persist.ReturnGetResourcePath = "application-a-application/resources/spam"
 	s.storage.ReturnGet = opened.Content()
-	unit := newUnit(s.stub, "a-service/0")
+	unit := newUnit(s.stub, "a-application/0")
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
 	info, reader, err := st.OpenResourceForUniter(unit, "spam")
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "ServiceName", "GetResource", "Get", "Name", "SetUnitResourceProgress")
-	s.stub.CheckCall(c, 2, "Get", "service-a-service/resources/spam")
+	s.stub.CheckCallNames(c, "ApplicationName", "GetResource", "Get", "Name", "SetUnitResourceProgress")
+	s.stub.CheckCall(c, 2, "Get", "application-a-application/resources/spam")
 	c.Check(info, jc.DeepEquals, opened.Resource)
 
 	b, err := ioutil.ReadAll(reader)
@@ -490,7 +491,7 @@
 }
 
 func (s *ResourceSuite) TestOpenResourceForUniterNotFound(c *gc.C) {
-	unit := newUnit(s.stub, "a-service/0")
+	unit := newUnit(s.stub, "a-application/0")
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 	errNotFound := errors.NotFoundf("resource")
@@ -498,38 +499,38 @@
 
 	_, _, err := st.OpenResourceForUniter(unit, "spam")
 
-	s.stub.CheckCallNames(c, "ServiceName", "GetResource", "VerifyService")
+	s.stub.CheckCallNames(c, "ApplicationName", "GetResource", "VerifyService")
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ResourceSuite) TestOpenResourceForUniterPlaceholder(c *gc.C) {
-	res := resourcetesting.NewPlaceholderResource(c, "spam", "a-service")
+	res := resourcetesting.NewPlaceholderResource(c, "spam", "a-application")
 	s.persist.ReturnGetResource = res
-	s.persist.ReturnGetResourcePath = "service-a-service/resources/spam"
-	unit := newUnit(s.stub, "a-service/0")
+	s.persist.ReturnGetResourcePath = "application-a-application/resources/spam"
+	unit := newUnit(s.stub, "a-application/0")
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
 	_, _, err := st.OpenResourceForUniter(unit, "spam")
 
-	s.stub.CheckCallNames(c, "ServiceName", "GetResource")
+	s.stub.CheckCallNames(c, "ApplicationName", "GetResource")
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *ResourceSuite) TestOpenResourceForUniterSizeMismatch(c *gc.C) {
-	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-service", "some data")
+	opened := resourcetesting.NewResource(c, s.stub, "spam", "a-application", "some data")
 	s.persist.ReturnGetResource = opened.Resource
-	s.persist.ReturnGetResourcePath = "service-a-service/resources/spam"
+	s.persist.ReturnGetResourcePath = "application-a-application/resources/spam"
 	content := opened.Content()
 	content.Size += 1
 	s.storage.ReturnGet = content
-	unit := newUnit(s.stub, "a-service/0")
+	unit := newUnit(s.stub, "a-application/0")
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
 	_, _, err := st.OpenResourceForUniter(unit, "spam")
 
-	s.stub.CheckCallNames(c, "ServiceName", "GetResource", "Get")
+	s.stub.CheckCallNames(c, "ApplicationName", "GetResource", "Get")
 	c.Check(err, gc.ErrorMatches, `storage returned a size \(10\) which doesn't match resource metadata \(9\)`)
 }
 
@@ -544,15 +545,15 @@
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 
-	err := st.SetCharmStoreResources("a-service", info, lastPolled)
+	err := st.SetCharmStoreResources("a-application", info, lastPolled)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
 		"SetCharmStoreResource",
 		"SetCharmStoreResource",
 	)
-	s.stub.CheckCall(c, 0, "SetCharmStoreResource", "a-service/spam", "a-service", info[0], lastPolled)
-	s.stub.CheckCall(c, 1, "SetCharmStoreResource", "a-service/eggs", "a-service", info[1], lastPolled)
+	s.stub.CheckCall(c, 0, "SetCharmStoreResource", "a-application/spam", "a-application", info[0], lastPolled)
+	s.stub.CheckCall(c, 1, "SetCharmStoreResource", "a-application/eggs", "a-application", info[1], lastPolled)
 }
 
 func (s *ResourceSuite) TestNewResourcePendingResourcesOps(c *gc.C) {
@@ -560,22 +561,22 @@
 	doc2 := map[string]string{"b": "2"}
 	expected := []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#pending-some-unique-ID-001",
+		Id:     "resource#a-application/spam#pending-some-unique-ID-001",
 		Assert: txn.DocExists,
 		Remove: true,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocMissing,
 		Insert: &doc1,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam#pending-some-unique-ID-001",
+		Id:     "resource#a-application/spam#pending-some-unique-ID-001",
 		Assert: txn.DocExists,
 		Remove: true,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocMissing,
 		Insert: &doc2,
 	}}
@@ -583,7 +584,7 @@
 		expected[:2],
 		expected[2:],
 	}
-	serviceID := "a-service"
+	applicationID := "a-application"
 	st := NewState(s.raw)
 	s.stub.ResetCalls()
 	pendingIDs := map[string]string{
@@ -591,7 +592,7 @@
 		"eggs": "other-unique-id",
 	}
 
-	ops, err := st.NewResolvePendingResourcesOps(serviceID, pendingIDs)
+	ops, err := st.NewResolvePendingResourcesOps(applicationID, pendingIDs)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
@@ -599,8 +600,8 @@
 		"NewResolvePendingResourceOps",
 	)
 	c.Check(s.persist.CallsForNewResolvePendingResourceOps, jc.DeepEquals, map[string]string{
-		"a-service/spam": "some-unique-id",
-		"a-service/eggs": "other-unique-id",
+		"a-application/spam": "some-unique-id",
+		"a-application/eggs": "other-unique-id",
 	})
 	c.Check(ops, jc.DeepEquals, expected)
 }
@@ -609,8 +610,9 @@
 	r := unitSetter{
 		ReadCloser: ioutil.NopCloser(&bytes.Buffer{}),
 		persist:    &stubPersistence{stub: s.stub},
-		unit:       newUnit(s.stub, "some-service/0"),
+		unit:       newUnit(s.stub, "some-application/0"),
 		resource:   newUploadResource(c, "res", "res"),
+		clock:      clock.WallClock,
 	}
 	// have to try to read non-zero data, or bytes.buffer will happily return
 	// nil.
@@ -620,15 +622,16 @@
 	c.Assert(err, gc.Equals, io.EOF)
 
 	s.stub.CheckCallNames(c, "Name", "SetUnitResource")
-	s.stub.CheckCall(c, 1, "SetUnitResource", "some-service/0", r.resource)
+	s.stub.CheckCall(c, 1, "SetUnitResource", "some-application/0", r.resource)
 }
 
 func (s *ResourceSuite) TestUnitSetterNoEOF(c *gc.C) {
 	r := unitSetter{
 		ReadCloser: ioutil.NopCloser(bytes.NewBufferString("foobar")),
 		persist:    &stubPersistence{stub: s.stub},
-		unit:       newUnit(s.stub, "some-service/0"),
+		unit:       newUnit(s.stub, "some-application/0"),
 		resource:   newUploadResource(c, "res", "res"),
+		clock:      clock.WallClock,
 	}
 	// read less than the full buffer
 	p := make([]byte, 3)
@@ -645,8 +648,9 @@
 	r := unitSetter{
 		ReadCloser: ioutil.NopCloser(&bytes.Buffer{}),
 		persist:    &stubPersistence{stub: s.stub},
-		unit:       newUnit(s.stub, "some-service/0"),
+		unit:       newUnit(s.stub, "some-application/0"),
 		resource:   newUploadResource(c, "res", "res"),
+		clock:      clock.WallClock,
 	}
 
 	s.stub.SetErrors(errors.Errorf("oops!"))
@@ -660,15 +664,16 @@
 	c.Assert(err, gc.Equals, io.EOF)
 
 	s.stub.CheckCallNames(c, "Name", "SetUnitResource")
-	s.stub.CheckCall(c, 1, "SetUnitResource", "some-service/0", r.resource)
+	s.stub.CheckCall(c, 1, "SetUnitResource", "some-application/0", r.resource)
 }
 
 func (s *ResourceSuite) TestUnitSetterErr(c *gc.C) {
 	r := unitSetter{
 		ReadCloser: ioutil.NopCloser(&stubReader{stub: s.stub}),
 		persist:    &stubPersistence{stub: s.stub},
-		unit:       newUnit(s.stub, "some-service/0"),
+		unit:       newUnit(s.stub, "some-application/0"),
 		resource:   newUploadResource(c, "res", "res"),
+		clock:      clock.WallClock,
 	}
 	expected := errors.Errorf("some-err")
 	s.stub.SetErrors(expected)
@@ -692,7 +697,7 @@
 }
 
 func newUploadResource(c *gc.C, name, data string) resource.Resource {
-	opened := resourcetesting.NewResource(c, nil, name, "a-service", data)
+	opened := resourcetesting.NewResource(c, nil, name, "a-application", data)
 	return opened.Resource
 }
 
@@ -706,7 +711,7 @@
 }
 
 func newStoreResource(c *gc.C, name, data string) resource.Resource {
-	opened := resourcetesting.NewResource(c, nil, name, "a-service", data)
+	opened := resourcetesting.NewResource(c, nil, name, "a-application", data)
 	res := opened.Resource
 	res.Origin = charmresource.OriginStore
 	res.Revision = 1
@@ -716,7 +721,7 @@
 }
 
 func newCharmResource(c *gc.C, name, data string, rev int) charmresource.Resource {
-	opened := resourcetesting.NewResource(c, nil, name, "a-service", data)
+	opened := resourcetesting.NewResource(c, nil, name, "a-application", data)
 	chRes := opened.Resource.Resource
 	chRes.Origin = charmresource.OriginStore
 	chRes.Revision = rev
@@ -725,8 +730,8 @@
 
 func newUnit(stub *testing.Stub, name string) *resourcetesting.StubUnit {
 	return &resourcetesting.StubUnit{
-		Stub:              stub,
-		ReturnName:        name,
-		ReturnServiceName: strings.Split(name, "/")[0],
+		Stub:                  stub,
+		ReturnName:            name,
+		ReturnApplicationName: strings.Split(name, "/")[0],
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/state.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -52,6 +52,7 @@
 			storage:      storage,
 			newPendingID: newPendingID,
 			currentTimestamp: func() time.Time {
+				// TODO(perrito666) 2016-05-02 lp:1558657
 				return time.Now().UTC()
 			},
 		},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/stub_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/stub_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/state/stub_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/state/stub_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/resource"
@@ -39,8 +39,8 @@
 	return s.ReturnStorage
 }
 
-func (s *stubRawState) VerifyService(serviceID string) error {
-	s.stub.AddCall("VerifyService", serviceID)
+func (s *stubRawState) VerifyService(applicationID string) error {
+	s.stub.AddCall("VerifyService", applicationID)
 	if err := s.stub.NextErr(); err != nil {
 		return errors.Trace(err)
 	}
@@ -48,8 +48,8 @@
 	return nil
 }
 
-func (s *stubRawState) Units(serviceID string) ([]names.UnitTag, error) {
-	s.stub.AddCall("Units", serviceID)
+func (s *stubRawState) Units(applicationID string) ([]names.UnitTag, error) {
+	s.stub.AddCall("Units", applicationID)
 	if err := s.stub.NextErr(); err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -70,8 +70,8 @@
 	CallsForNewResolvePendingResourceOps map[string]string
 }
 
-func (s *stubPersistence) ListResources(serviceID string) (resource.ServiceResources, error) {
-	s.stub.AddCall("ListResources", serviceID)
+func (s *stubPersistence) ListResources(applicationID string) (resource.ServiceResources, error) {
+	s.stub.AddCall("ListResources", applicationID)
 	if err := s.stub.NextErr(); err != nil {
 		return resource.ServiceResources{}, errors.Trace(err)
 	}
@@ -79,8 +79,8 @@
 	return s.ReturnListResources, nil
 }
 
-func (s *stubPersistence) ListPendingResources(serviceID string) ([]resource.Resource, error) {
-	s.stub.AddCall("ListPendingResources", serviceID)
+func (s *stubPersistence) ListPendingResources(applicationID string) ([]resource.Resource, error) {
+	s.stub.AddCall("ListPendingResources", applicationID)
 	if err := s.stub.NextErr(); err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -88,8 +88,8 @@
 	return s.ReturnListPendingResources, nil
 }
 
-func (s *stubPersistence) GetResource(serviceID string) (resource.Resource, string, error) {
-	s.stub.AddCall("GetResource", serviceID)
+func (s *stubPersistence) GetResource(applicationID string) (resource.Resource, string, error) {
+	s.stub.AddCall("GetResource", applicationID)
 	if err := s.stub.NextErr(); err != nil {
 		return resource.Resource{}, "", errors.Trace(err)
 	}
@@ -115,8 +115,8 @@
 	return nil
 }
 
-func (s *stubPersistence) SetCharmStoreResource(id, serviceID string, chRes charmresource.Resource, lastPolled time.Time) error {
-	s.stub.AddCall("SetCharmStoreResource", id, serviceID, chRes, lastPolled)
+func (s *stubPersistence) SetCharmStoreResource(id, applicationID string, chRes charmresource.Resource, lastPolled time.Time) error {
+	s.stub.AddCall("SetCharmStoreResource", id, applicationID, chRes, lastPolled)
 	if err := s.stub.NextErr(); err != nil {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,8 +14,8 @@
 	// Name is the name of the Unit.
 	Name() string
 
-	// ServiceName is the name of the service to which the unit belongs.
-	ServiceName() string
+	// ApplicationName is the name of the application to which the unit belongs.
+	ApplicationName() string
 
 	// CharmURL returns the unit's charm URL.
 	CharmURL() (*charm.URL, bool)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -37,10 +37,10 @@
 
 func newFullResource(c *gc.C, name string) resource.Resource {
 	return resource.Resource{
-		Resource:  newFullCharmResource(c, name),
-		ID:        "a-service/" + name,
-		ServiceID: "a-service",
-		Username:  "a-user",
-		Timestamp: time.Now(),
+		Resource:      newFullCharmResource(c, name),
+		ID:            "a-application/" + name,
+		ApplicationID: "a-application",
+		Username:      "a-user",
+		Timestamp:     time.Now(),
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/workers/charmstorepoller.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/workers/charmstorepoller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/workers/charmstorepoller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/workers/charmstorepoller.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/charmstore"
 )
@@ -16,8 +16,8 @@
 // DataStore exposes the functionality of Juju state needed here.
 type DataStore interface {
 	// SetCharmStoreResources sets the "polled from the charm store"
-	// resources for the service to the provided values.
-	SetCharmStoreResources(serviceID string, info []charmresource.Resource, lastPolled time.Time) error
+	// resources for the application to the provided values.
+	SetCharmStoreResources(applicationID string, info []charmresource.Resource, lastPolled time.Time) error
 }
 
 // LatestCharmHandler implements apiserver/charmrevisionupdater.LatestCharmHandler.
@@ -35,8 +35,8 @@
 
 // HandleLatest implements apiserver/charmrevisionupdater.LatestCharmHandler
 // by storing the charm's resources in state.
-func (handler LatestCharmHandler) HandleLatest(serviceID names.ServiceTag, info charmstore.CharmInfo) error {
-	if err := handler.store.SetCharmStoreResources(serviceID.Id(), info.LatestResources, info.Timestamp); err != nil {
+func (handler LatestCharmHandler) HandleLatest(applicationID names.ApplicationTag, info charmstore.CharmInfo) error {
+	if err := handler.store.SetCharmStoreResources(applicationID.Id(), info.LatestResources, info.Timestamp); err != nil {
 		return errors.Trace(err)
 	}
 	return nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/resource/workers/charmstorepoller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/resource/workers/charmstorepoller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/resource/workers/charmstorepoller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/resource/workers/charmstorepoller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,12 +7,12 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/charmstore"
 	"github.com/juju/juju/resource/resourcetesting"
@@ -36,7 +36,7 @@
 }
 
 func (s *LatestCharmHandlerSuite) TestSuccess(c *gc.C) {
-	serviceID := names.NewServiceTag("a-service")
+	applicationID := names.NewApplicationTag("a-application")
 	info := charmstore.CharmInfo{
 		OriginalURL:    &charm.URL{},
 		Timestamp:      time.Now().UTC(),
@@ -47,19 +47,19 @@
 	}
 	handler := workers.NewLatestCharmHandler(s.store)
 
-	err := handler.HandleLatest(serviceID, info)
+	err := handler.HandleLatest(applicationID, info)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "SetCharmStoreResources")
-	s.stub.CheckCall(c, 0, "SetCharmStoreResources", "a-service", info.LatestResources, info.Timestamp)
+	s.stub.CheckCall(c, 0, "SetCharmStoreResources", "a-application", info.LatestResources, info.Timestamp)
 }
 
 type stubDataStore struct {
 	*testing.Stub
 }
 
-func (s *stubDataStore) SetCharmStoreResources(serviceID string, info []charmresource.Resource, lastPolled time.Time) error {
-	s.AddCall("SetCharmStoreResources", serviceID, info, lastPolled)
+func (s *stubDataStore) SetCharmStoreResources(applicationID string, info []charmresource.Resource, lastPolled time.Time) error {
+	s.AddCall("SetCharmStoreResources", applicationID, info, lastPolled)
 	if err := s.NextErr(); err != nil {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/client.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -65,14 +65,13 @@
 	hdr := &Header{
 		RequestId: reqId,
 		Request:   call.Request,
+		Version:   1,
 	}
 	params := call.Params
 	if params == nil {
 		params = struct{}{}
 	}
-	if conn.notifier != nil {
-		conn.notifier.ClientRequest(hdr, params)
-	}
+
 	if err := conn.codec.WriteMessage(hdr, params); err != nil {
 		conn.mutex.Lock()
 		call = conn.clientPending[reqId]
@@ -100,9 +99,6 @@
 		// removed; response is a server telling us about an
 		// error reading request body. We should still attempt
 		// to read error body, but there's no one to give it to.
-		if conn.notifier != nil {
-			conn.notifier.ClientReply(Request{}, hdr, nil)
-		}
 		err = conn.readBody(nil, false)
 	case hdr.Error != "":
 		// Report rpcreflect.NoSuchMethodError with CodeNotImplemented.
@@ -117,15 +113,9 @@
 			Code:    hdr.ErrorCode,
 		}
 		err = conn.readBody(nil, false)
-		if conn.notifier != nil {
-			conn.notifier.ClientReply(call.Request, hdr, nil)
-		}
 		call.done()
 	default:
 		err = conn.readBody(call.Response, false)
-		if conn.notifier != nil {
-			conn.notifier.ClientReply(call.Request, hdr, call.Response)
-		}
 		call.done()
 	}
 	return errors.Annotate(err, "error handling response")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/dispatch_test.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/dispatch_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/dispatch_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/dispatch_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,15 +8,19 @@
 	"net/http"
 	"net/http/httptest"
 
+	"github.com/juju/loggo"
 	jc "github.com/juju/testing/checkers"
 	"golang.org/x/net/websocket"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/rpc"
 	"github.com/juju/juju/rpc/jsoncodec"
+	"github.com/juju/juju/testing"
 )
 
 type dispatchSuite struct {
+	testing.BaseSuite
+
 	server     *httptest.Server
 	serverAddr string
 	ready      chan struct{}
@@ -25,9 +29,10 @@
 var _ = gc.Suite(&dispatchSuite{})
 
 func (s *dispatchSuite) SetUpSuite(c *gc.C) {
+	s.BaseSuite.SetUpSuite(c)
 	rpcServer := func(ws *websocket.Conn) {
 		codec := jsoncodec.NewWebsocket(ws)
-		conn := rpc.NewConn(codec, nil)
+		conn := rpc.NewConn(codec, &notifier{})
 
 		conn.Serve(&DispatchRoot{}, nil)
 		conn.Start()
@@ -38,22 +43,36 @@
 	s.server = httptest.NewServer(nil)
 	s.serverAddr = s.server.Listener.Addr().String()
 	s.ready = make(chan struct{}, 1)
+	s.AddCleanup(func(*gc.C) {
+		s.server.Close()
+	})
 }
 
-func (s *dispatchSuite) TearDownSuite(c *gc.C) {
-	s.server.Close()
+func (s *dispatchSuite) SetUpTest(c *gc.C) {
+	s.BaseSuite.SetUpTest(c)
+	loggo.GetLogger("juju.rpc").SetLogLevel(loggo.TRACE)
 }
 
-func (s *dispatchSuite) TestWSWithoutParams(c *gc.C) {
+func (s *dispatchSuite) TestWSWithoutParamsV0(c *gc.C) {
 	resp := s.request(c, `{"RequestId":1,"Type": "DispatchDummy","Id": "without","Request":"DoSomething"}`)
 	c.Assert(resp, gc.Equals, `{"RequestId":1,"Response":{}}`)
 }
 
-func (s *dispatchSuite) TestWSWithParams(c *gc.C) {
+func (s *dispatchSuite) TestWSWithParamsV0(c *gc.C) {
 	resp := s.request(c, `{"RequestId":2,"Type": "DispatchDummy","Id": "with","Request":"DoSomething", "Params": {}}`)
 	c.Assert(resp, gc.Equals, `{"RequestId":2,"Response":{}}`)
 }
 
+func (s *dispatchSuite) TestWSWithoutParamsV1(c *gc.C) {
+	resp := s.request(c, `{"request-id":1,"type": "DispatchDummy","id": "without","request":"DoSomething"}`)
+	c.Assert(resp, gc.Equals, `{"request-id":1,"response":{}}`)
+}
+
+func (s *dispatchSuite) TestWSWithParamsV1(c *gc.C) {
+	resp := s.request(c, `{"request-id":2,"type": "DispatchDummy","id": "with","request":"DoSomething", "params": {}}`)
+	c.Assert(resp, gc.Equals, `{"request-id":2,"response":{}}`)
+}
+
 // request performs one request to the test server via websockets.
 func (s *dispatchSuite) request(c *gc.C, req string) string {
 	url := fmt.Sprintf("ws://%s/rpc", s.serverAddr)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,3 +4,11 @@
 package rpc
 
 const CodeNotImplemented = codeNotImplemented
+
+// TODO(katco): Remove this as it is exposing internal state of Conn. Age old story: ran out of time to rewrite the tests to do this correctly.
+
+// ClientRequestID exposes the client's request ID which is
+// incremented everytime a connection sends a request.
+func (c *Conn) ClientRequestID() uint64 {
+	return c.reqId
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/jsoncodec/codec.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/jsoncodec/codec.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/jsoncodec/codec.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/jsoncodec/codec.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 // The jsoncodec package provides a JSON codec for the rpc package.
 package jsoncodec
 
@@ -6,7 +9,6 @@
 	"fmt"
 	"io"
 	"sync"
-	"sync/atomic"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
@@ -30,7 +32,7 @@
 type Codec struct {
 	// msg holds the message that's just been read by ReadHeader, so
 	// that the body can be read by ReadBody.
-	msg         inMsg
+	msg         inMsgV1
 	conn        JSONConn
 	logMessages int32
 	mu          sync.Mutex
@@ -45,24 +47,10 @@
 	}
 }
 
-// SetLogging sets whether messages will be logged
-// by the codec.
-func (c *Codec) SetLogging(on bool) {
-	val := int32(0)
-	if on {
-		val = 1
-	}
-	atomic.StoreInt32(&c.logMessages, val)
-}
-
-func (c *Codec) isLogging() bool {
-	return atomic.LoadInt32(&c.logMessages) != 0
-}
-
 // inMsg holds an incoming message.  We don't know the type of the
 // parameters or response yet, so we delay parsing by storing them
 // in a RawMessage.
-type inMsg struct {
+type inMsgV0 struct {
 	RequestId uint64
 	Type      string
 	Version   int
@@ -74,8 +62,20 @@
 	Response  json.RawMessage
 }
 
+type inMsgV1 struct {
+	RequestId uint64          `json:"request-id"`
+	Type      string          `json:"type"`
+	Version   int             `json:"version"`
+	Id        string          `json:"id"`
+	Request   string          `json:"request"`
+	Params    json.RawMessage `json:"params"`
+	Error     string          `json:"error"`
+	ErrorCode string          `json:"error-code"`
+	Response  json.RawMessage `json:"response"`
+}
+
 // outMsg holds an outgoing message.
-type outMsg struct {
+type outMsgV0 struct {
 	RequestId uint64
 	Type      string      `json:",omitempty"`
 	Version   int         `json:",omitempty"`
@@ -87,6 +87,18 @@
 	Response  interface{} `json:",omitempty"`
 }
 
+type outMsgV1 struct {
+	RequestId uint64      `json:"request-id,omitempty"`
+	Type      string      `json:"type,omitempty"`
+	Version   int         `json:"version,omitempty"`
+	Id        string      `json:"id,omitempty"`
+	Request   string      `json:"request,omitempty"`
+	Params    interface{} `json:"params,omitempty"`
+	Error     string      `json:"error,omitempty"`
+	ErrorCode string      `json:"error-code,omitempty"`
+	Response  interface{} `json:"response,omitempty"`
+}
+
 func (c *Codec) Close() error {
 	c.mu.Lock()
 	c.closing = true
@@ -101,19 +113,14 @@
 }
 
 func (c *Codec) ReadHeader(hdr *rpc.Header) error {
-	c.msg = inMsg{} // avoid any potential cross-message contamination.
-	var err error
-	if c.isLogging() {
-		var m json.RawMessage
-		err = c.conn.Receive(&m)
-		if err == nil {
-			logger.Tracef("<- %s", m)
-			err = json.Unmarshal(m, &c.msg)
-		} else {
-			logger.Tracef("<- error: %v (closing %v)", err, c.isClosing())
-		}
+	var m json.RawMessage
+	var version int
+	err := c.conn.Receive(&m)
+	if err == nil {
+		logger.Tracef("<- %s", m)
+		c.msg, version, err = c.readMessage(m)
 	} else {
-		err = c.conn.Receive(&c.msg)
+		logger.Tracef("<- error: %v (closing %v)", err, c.isClosing())
 	}
 	if err != nil {
 		// If we've closed the connection, we may get a spurious error,
@@ -132,9 +139,43 @@
 	}
 	hdr.Error = c.msg.Error
 	hdr.ErrorCode = c.msg.ErrorCode
+	hdr.Version = version
 	return nil
 }
 
+func (c *Codec) readMessage(m json.RawMessage) (inMsgV1, int, error) {
+	var msg inMsgV1
+	if err := json.Unmarshal(m, &msg); err != nil {
+		return msg, -1, errors.Trace(err)
+	}
+	// In order to support both new style tags (lowercase) and the old style tags (camelcase)
+	// we look at the request id. The request id is always greater than one. If the value is
+	// zero, it means that there wasn't a match for the "request-id" tag. This most likely
+	// means that it was "RequestId" which was from the old style.
+	if msg.RequestId == 0 {
+		return c.readV0Message(m)
+	}
+	return msg, 1, nil
+}
+
+func (c *Codec) readV0Message(m json.RawMessage) (inMsgV1, int, error) {
+	var msg inMsgV0
+	if err := json.Unmarshal(m, &msg); err != nil {
+		return inMsgV1{}, -1, errors.Trace(err)
+	}
+	return inMsgV1{
+		RequestId: msg.RequestId,
+		Type:      msg.Type,
+		Version:   msg.Version,
+		Id:        msg.Id,
+		Request:   msg.Request,
+		Params:    msg.Params,
+		Error:     msg.Error,
+		ErrorCode: msg.ErrorCode,
+		Response:  msg.Response,
+	}, 0, nil
+}
+
 func (c *Codec) ReadBody(body interface{}, isRequest bool) error {
 	if body == nil {
 		return nil
@@ -159,9 +200,11 @@
 // If the body cannot be marshalled as JSON, the data
 // will hold a JSON string describing the error.
 func DumpRequest(hdr *rpc.Header, body interface{}) []byte {
-	var m outMsg
-	m.init(hdr, body)
-	data, err := json.Marshal(&m)
+	msg, err := response(hdr, body)
+	if err != nil {
+		return []byte(fmt.Sprintf("%q", err.Error()))
+	}
+	data, err := json.Marshal(msg)
 	if err != nil {
 		return []byte(fmt.Sprintf("%q", "marshal error: "+err.Error()))
 	}
@@ -169,32 +212,71 @@
 }
 
 func (c *Codec) WriteMessage(hdr *rpc.Header, body interface{}) error {
-	var m outMsg
-	m.init(hdr, body)
-	if c.isLogging() {
-		data, err := json.Marshal(&m)
+	msg, err := response(hdr, body)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if logger.IsTraceEnabled() {
+		data, err := json.Marshal(msg)
 		if err != nil {
 			logger.Tracef("-> marshal error: %v", err)
 			return err
 		}
 		logger.Tracef("-> %s", data)
 	}
-	return c.conn.Send(&m)
+	return c.conn.Send(msg)
 }
 
-// init fills out the receiving outMsg with information from the given
+func response(hdr *rpc.Header, body interface{}) (interface{}, error) {
+	switch hdr.Version {
+	case 0:
+		return newOutMsgV0(hdr, body), nil
+	case 1:
+		return newOutMsgV1(hdr, body), nil
+	default:
+		return nil, errors.Errorf("unsupported version %d", hdr.Version)
+	}
+}
+
+// newOutMsgV0 fills out a outMsgV0 with information from the given
 // header and body.
-func (m *outMsg) init(hdr *rpc.Header, body interface{}) {
-	m.RequestId = hdr.RequestId
-	m.Type = hdr.Request.Type
-	m.Version = hdr.Request.Version
-	m.Id = hdr.Request.Id
-	m.Request = hdr.Request.Action
-	m.Error = hdr.Error
-	m.ErrorCode = hdr.ErrorCode
+func newOutMsgV0(hdr *rpc.Header, body interface{}) outMsgV0 {
+	result := outMsgV0{
+		RequestId: hdr.RequestId,
+		Type:      hdr.Request.Type,
+		Version:   hdr.Request.Version,
+		Id:        hdr.Request.Id,
+		Request:   hdr.Request.Action,
+		Error:     hdr.Error,
+		ErrorCode: hdr.ErrorCode,
+	}
+	if hdr.IsRequest() {
+		result.Params = body
+	} else {
+		result.Response = body
+	}
+	return result
+}
+
+// newOutMsgV1 fills out a outMsgV1 with information from the given header and
+// body. This might look a lot like the v0 method, and that is because it is.
+// However, since Go determins structs to be sufficiently different if the
+// tags are different, we can't use the same code. Theoretically we could use
+// reflect, but no.
+func newOutMsgV1(hdr *rpc.Header, body interface{}) outMsgV1 {
+	result := outMsgV1{
+		RequestId: hdr.RequestId,
+		Type:      hdr.Request.Type,
+		Version:   hdr.Request.Version,
+		Id:        hdr.Request.Id,
+		Request:   hdr.Request.Action,
+		Error:     hdr.Error,
+		ErrorCode: hdr.ErrorCode,
+	}
 	if hdr.IsRequest() {
-		m.Params = body
+		result.Params = body
 	} else {
-		m.Response = body
+		result.Response = body
 	}
+	return result
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/jsoncodec/codec_test.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/jsoncodec/codec_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/jsoncodec/codec_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/jsoncodec/codec_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package jsoncodec_test
 
 import (
@@ -5,10 +8,8 @@
 	"errors"
 	"io"
 	"reflect"
-	"regexp"
 	stdtesting "testing"
 
-	"github.com/juju/loggo"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
@@ -31,51 +32,90 @@
 	X string
 }
 
-var readTests = []struct {
-	msg        string
-	expectHdr  rpc.Header
-	expectBody interface{}
-}{{
-	msg: `{"RequestId": 1, "Type": "foo", "Id": "id", "Request": "frob", "Params": {"X": "param"}}`,
-	expectHdr: rpc.Header{
-		RequestId: 1,
-		Request: rpc.Request{
-			Type:   "foo",
-			Id:     "id",
-			Action: "frob",
-		},
-	},
-	expectBody: &value{X: "param"},
-}, {
-	msg: `{"RequestId": 2, "Error": "an error", "ErrorCode": "a code"}`,
-	expectHdr: rpc.Header{
-		RequestId: 2,
-		Error:     "an error",
-		ErrorCode: "a code",
-	},
-	expectBody: new(map[string]interface{}),
-}, {
-	msg: `{"RequestId": 3, "Response": {"X": "result"}}`,
-	expectHdr: rpc.Header{
-		RequestId: 3,
-	},
-	expectBody: &value{X: "result"},
-}, {
-	msg: `{"RequestId": 4, "Type": "foo", "Version": 2, "Id": "id", "Request": "frob", "Params": {"X": "param"}}`,
-	expectHdr: rpc.Header{
-		RequestId: 4,
-		Request: rpc.Request{
-			Type:    "foo",
-			Version: 2,
-			Id:      "id",
-			Action:  "frob",
-		},
-	},
-	expectBody: &value{X: "param"},
-}}
-
 func (*suite) TestRead(c *gc.C) {
-	for i, test := range readTests {
+	for i, test := range []struct {
+		msg        string
+		expectHdr  rpc.Header
+		expectBody interface{}
+	}{{
+		msg: `{"RequestId": 1, "Type": "foo", "Id": "id", "Request": "frob", "Params": {"X": "param"}}`,
+		expectHdr: rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:   "foo",
+				Id:     "id",
+				Action: "frob",
+			},
+		},
+		expectBody: &value{X: "param"},
+	}, {
+		msg: `{"RequestId": 2, "Error": "an error", "ErrorCode": "a code"}`,
+		expectHdr: rpc.Header{
+			RequestId: 2,
+			Error:     "an error",
+			ErrorCode: "a code",
+		},
+		expectBody: new(map[string]interface{}),
+	}, {
+		msg: `{"RequestId": 3, "Response": {"X": "result"}}`,
+		expectHdr: rpc.Header{
+			RequestId: 3,
+		},
+		expectBody: &value{X: "result"},
+	}, {
+		msg: `{"RequestId": 4, "Type": "foo", "Version": 2, "Id": "id", "Request": "frob", "Params": {"X": "param"}}`,
+		expectHdr: rpc.Header{
+			RequestId: 4,
+			Request: rpc.Request{
+				Type:    "foo",
+				Version: 2,
+				Id:      "id",
+				Action:  "frob",
+			},
+		},
+		expectBody: &value{X: "param"},
+	}, {
+		msg: `{"request-id": 1, "type": "foo", "id": "id", "request": "frob", "params": {"X": "param"}}`,
+		expectHdr: rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:   "foo",
+				Id:     "id",
+				Action: "frob",
+			},
+			Version: 1,
+		},
+		expectBody: &value{X: "param"},
+	}, {
+		msg: `{"request-id": 2, "error": "an error", "error-code": "a code"}`,
+		expectHdr: rpc.Header{
+			RequestId: 2,
+			Error:     "an error",
+			ErrorCode: "a code",
+			Version:   1,
+		},
+		expectBody: new(map[string]interface{}),
+	}, {
+		msg: `{"request-id": 3, "response": {"X": "result"}}`,
+		expectHdr: rpc.Header{
+			RequestId: 3,
+			Version:   1,
+		},
+		expectBody: &value{X: "result"},
+	}, {
+		msg: `{"request-id": 4, "type": "foo", "version": 2, "id": "id", "request": "frob", "params": {"X": "param"}}`,
+		expectHdr: rpc.Header{
+			RequestId: 4,
+			Request: rpc.Request{
+				Type:    "foo",
+				Version: 2,
+				Id:      "id",
+				Action:  "frob",
+			},
+			Version: 1,
+		},
+		expectBody: &value{X: "param"},
+	}} {
 		c.Logf("test %d", i)
 		codec := jsoncodec.New(&testConn{
 			readMsgs: []string{test.msg},
@@ -97,106 +137,6 @@
 	}
 }
 
-func (*suite) TestReadHeaderLogsRequests(c *gc.C) {
-	codecLogger := loggo.GetLogger("juju.rpc.jsoncodec")
-	defer codecLogger.SetLogLevel(codecLogger.LogLevel())
-	codecLogger.SetLogLevel(loggo.TRACE)
-	msg := `{"RequestId":1,"Type": "foo","Id": "id","Request":"frob","Params":{"X":"param"}}`
-	codec := jsoncodec.New(&testConn{
-		readMsgs: []string{msg, msg, msg},
-	})
-	// Check that logging is off by default
-	var h rpc.Header
-	err := codec.ReadHeader(&h)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(c.GetTestLog(), gc.Matches, "")
-
-	// Check that we see a log message when we switch logging on.
-	codec.SetLogging(true)
-	err = codec.ReadHeader(&h)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(c.GetTestLog(), gc.Matches, ".*TRACE juju.rpc.jsoncodec <- "+regexp.QuoteMeta(msg)+`\n`)
-
-	// Check that we can switch it off again
-	codec.SetLogging(false)
-	err = codec.ReadHeader(&h)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(c.GetTestLog(), gc.Matches, ".*TRACE juju.rpc.jsoncodec <- "+regexp.QuoteMeta(msg)+`\n`)
-}
-
-func (*suite) TestWriteMessageLogsRequests(c *gc.C) {
-	codecLogger := loggo.GetLogger("juju.rpc.jsoncodec")
-	defer codecLogger.SetLogLevel(codecLogger.LogLevel())
-	codecLogger.SetLogLevel(loggo.TRACE)
-	codec := jsoncodec.New(&testConn{})
-	h := rpc.Header{
-		RequestId: 1,
-		Request: rpc.Request{
-			Type:   "foo",
-			Id:     "id",
-			Action: "frob",
-		},
-	}
-
-	// Check that logging is off by default
-	err := codec.WriteMessage(&h, value{X: "param"})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(c.GetTestLog(), gc.Matches, "")
-
-	// Check that we see a log message when we switch logging on.
-	codec.SetLogging(true)
-	err = codec.WriteMessage(&h, value{X: "param"})
-	c.Assert(err, jc.ErrorIsNil)
-	msg := `{"RequestId":1,"Type":"foo","Id":"id","Request":"frob","Params":{"X":"param"}}`
-	c.Assert(c.GetTestLog(), gc.Matches, `.*TRACE juju.rpc.jsoncodec -> `+regexp.QuoteMeta(msg)+`\n`)
-
-	// Check that we can switch it off again
-	codec.SetLogging(false)
-	err = codec.WriteMessage(&h, value{X: "param"})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(c.GetTestLog(), gc.Matches, `.*TRACE juju.rpc.jsoncodec -> `+regexp.QuoteMeta(msg)+`\n`)
-}
-
-func (*suite) TestConcurrentSetLoggingAndWrite(c *gc.C) {
-	// If log messages are not set atomically, this
-	// test will fail when run under the race detector.
-	codec := jsoncodec.New(&testConn{})
-	done := make(chan struct{})
-	go func() {
-		codec.SetLogging(true)
-		done <- struct{}{}
-	}()
-	h := rpc.Header{
-		RequestId: 1,
-		Request: rpc.Request{
-			Type:   "foo",
-			Id:     "id",
-			Action: "frob",
-		},
-	}
-	err := codec.WriteMessage(&h, value{X: "param"})
-	c.Assert(err, jc.ErrorIsNil)
-	<-done
-}
-
-func (*suite) TestConcurrentSetLoggingAndRead(c *gc.C) {
-	// If log messages are not set atomically, this
-	// test will fail when run under the race detector.
-	msg := `{"RequestId":1,"Type": "foo","Id": "id","Request":"frob","Params":{"X":"param"}}`
-	codec := jsoncodec.New(&testConn{
-		readMsgs: []string{msg, msg, msg},
-	})
-	done := make(chan struct{})
-	go func() {
-		codec.SetLogging(true)
-		done <- struct{}{}
-	}()
-	var h rpc.Header
-	err := codec.ReadHeader(&h)
-	c.Assert(err, jc.ErrorIsNil)
-	<-done
-}
-
 func (*suite) TestErrorAfterClose(c *gc.C) {
 	conn := &testConn{
 		err: errors.New("some error"),
@@ -214,51 +154,89 @@
 	c.Assert(err, gc.Equals, io.EOF)
 }
 
-var writeTests = []struct {
-	hdr       *rpc.Header
-	body      interface{}
-	isRequest bool
-	expect    string
-}{{
-	hdr: &rpc.Header{
-		RequestId: 1,
-		Request: rpc.Request{
-			Type:   "foo",
-			Id:     "id",
-			Action: "frob",
-		},
-	},
-	body:   &value{X: "param"},
-	expect: `{"RequestId": 1, "Type": "foo","Id":"id", "Request": "frob", "Params": {"X": "param"}}`,
-}, {
-	hdr: &rpc.Header{
-		RequestId: 2,
-		Error:     "an error",
-		ErrorCode: "a code",
-	},
-	expect: `{"RequestId": 2, "Error": "an error", "ErrorCode": "a code"}`,
-}, {
-	hdr: &rpc.Header{
-		RequestId: 3,
-	},
-	body:   &value{X: "result"},
-	expect: `{"RequestId": 3, "Response": {"X": "result"}}`,
-}, {
-	hdr: &rpc.Header{
-		RequestId: 4,
-		Request: rpc.Request{
-			Type:    "foo",
-			Version: 2,
-			Id:      "",
-			Action:  "frob",
-		},
-	},
-	body:   &value{X: "param"},
-	expect: `{"RequestId": 4, "Type": "foo", "Version": 2, "Request": "frob", "Params": {"X": "param"}}`,
-}}
-
 func (*suite) TestWrite(c *gc.C) {
-	for i, test := range writeTests {
+	for i, test := range []struct {
+		hdr       *rpc.Header
+		body      interface{}
+		isRequest bool
+		expect    string
+	}{{
+		hdr: &rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:   "foo",
+				Id:     "id",
+				Action: "frob",
+			},
+		},
+		body:   &value{X: "param"},
+		expect: `{"RequestId": 1, "Type": "foo","Id":"id", "Request": "frob", "Params": {"X": "param"}}`,
+	}, {
+		hdr: &rpc.Header{
+			RequestId: 2,
+			Error:     "an error",
+			ErrorCode: "a code",
+		},
+		expect: `{"RequestId": 2, "Error": "an error", "ErrorCode": "a code"}`,
+	}, {
+		hdr: &rpc.Header{
+			RequestId: 3,
+		},
+		body:   &value{X: "result"},
+		expect: `{"RequestId": 3, "Response": {"X": "result"}}`,
+	}, {
+		hdr: &rpc.Header{
+			RequestId: 4,
+			Request: rpc.Request{
+				Type:    "foo",
+				Version: 2,
+				Id:      "",
+				Action:  "frob",
+			},
+		},
+		body:   &value{X: "param"},
+		expect: `{"RequestId": 4, "Type": "foo", "Version": 2, "Request": "frob", "Params": {"X": "param"}}`,
+	}, {
+		hdr: &rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:   "foo",
+				Id:     "id",
+				Action: "frob",
+			},
+			Version: 1,
+		},
+		body:   &value{X: "param"},
+		expect: `{"request-id": 1, "type": "foo","id":"id", "request": "frob", "params": {"X": "param"}}`,
+	}, {
+		hdr: &rpc.Header{
+			RequestId: 2,
+			Error:     "an error",
+			ErrorCode: "a code",
+			Version:   1,
+		},
+		expect: `{"request-id": 2, "error": "an error", "error-code": "a code"}`,
+	}, {
+		hdr: &rpc.Header{
+			RequestId: 3,
+			Version:   1,
+		},
+		body:   &value{X: "result"},
+		expect: `{"request-id": 3, "response": {"X": "result"}}`,
+	}, {
+		hdr: &rpc.Header{
+			RequestId: 4,
+			Request: rpc.Request{
+				Type:    "foo",
+				Version: 2,
+				Id:      "",
+				Action:  "frob",
+			},
+			Version: 1,
+		},
+		body:   &value{X: "param"},
+		expect: `{"request-id": 4, "type": "foo", "version": 2, "request": "frob", "params": {"X": "param"}}`,
+	}} {
 		c.Logf("test %d", i)
 		var conn testConn
 		codec := jsoncodec.New(&conn)
@@ -270,61 +248,112 @@
 	}
 }
 
-var dumpRequestTests = []struct {
-	hdr    rpc.Header
-	body   interface{}
-	expect string
-}{{
-	hdr: rpc.Header{
-		RequestId: 1,
-		Request: rpc.Request{
-			Type:   "Foo",
-			Id:     "id",
-			Action: "Something",
-		},
-	},
-	body:   struct{ Arg string }{Arg: "an arg"},
-	expect: `{"RequestId":1,"Type":"Foo","Id":"id","Request":"Something","Params":{"Arg":"an arg"}}`,
-}, {
-	hdr: rpc.Header{
-		RequestId: 2,
-	},
-	body:   struct{ Ret string }{Ret: "return value"},
-	expect: `{"RequestId":2,"Response":{"Ret":"return value"}}`,
-}, {
-	hdr: rpc.Header{
-		RequestId: 3,
-	},
-	expect: `{"RequestId":3}`,
-}, {
-	hdr: rpc.Header{
-		RequestId: 4,
-		Error:     "an error",
-		ErrorCode: "an error code",
-	},
-	expect: `{"RequestId":4,"Error":"an error","ErrorCode":"an error code"}`,
-}, {
-	hdr: rpc.Header{
-		RequestId: 5,
-	},
-	body:   make(chan int),
-	expect: `"marshal error: json: unsupported type: chan int"`,
-}, {
-	hdr: rpc.Header{
-		RequestId: 1,
-		Request: rpc.Request{
-			Type:    "Foo",
-			Version: 2,
-			Id:      "id",
-			Action:  "Something",
-		},
-	},
-	body:   struct{ Arg string }{Arg: "an arg"},
-	expect: `{"RequestId":1,"Type":"Foo","Version":2,"Id":"id","Request":"Something","Params":{"Arg":"an arg"}}`,
-}}
-
 func (*suite) TestDumpRequest(c *gc.C) {
-	for i, test := range dumpRequestTests {
+	for i, test := range []struct {
+		hdr    rpc.Header
+		body   interface{}
+		expect string
+	}{{
+		hdr: rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:   "Foo",
+				Id:     "id",
+				Action: "Something",
+			},
+		},
+		body:   struct{ Arg string }{Arg: "an arg"},
+		expect: `{"RequestId":1,"Type":"Foo","Id":"id","Request":"Something","Params":{"Arg":"an arg"}}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 2,
+		},
+		body:   struct{ Ret string }{Ret: "return value"},
+		expect: `{"RequestId":2,"Response":{"Ret":"return value"}}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 3,
+		},
+		expect: `{"RequestId":3}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 4,
+			Error:     "an error",
+			ErrorCode: "an error code",
+		},
+		expect: `{"RequestId":4,"Error":"an error","ErrorCode":"an error code"}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 5,
+		},
+		body:   make(chan int),
+		expect: `"marshal error: json: unsupported type: chan int"`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:    "Foo",
+				Version: 2,
+				Id:      "id",
+				Action:  "Something",
+			},
+		},
+		body:   struct{ Arg string }{Arg: "an arg"},
+		expect: `{"RequestId":1,"Type":"Foo","Version":2,"Id":"id","Request":"Something","Params":{"Arg":"an arg"}}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:   "Foo",
+				Id:     "id",
+				Action: "Something",
+			},
+			Version: 1,
+		},
+		body:   struct{ Arg string }{Arg: "an arg"},
+		expect: `{"request-id":1,"type":"Foo","id":"id","request":"Something","params":{"Arg":"an arg"}}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 2,
+			Version:   1,
+		},
+		body:   struct{ Ret string }{Ret: "return value"},
+		expect: `{"request-id":2,"response":{"Ret":"return value"}}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 3,
+			Version:   1,
+		},
+		expect: `{"request-id":3}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 4,
+			Error:     "an error",
+			ErrorCode: "an error code",
+			Version:   1,
+		},
+		expect: `{"request-id":4,"error":"an error","error-code":"an error code"}`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 5,
+			Version:   1,
+		},
+		body:   make(chan int),
+		expect: `"marshal error: json: unsupported type: chan int"`,
+	}, {
+		hdr: rpc.Header{
+			RequestId: 1,
+			Request: rpc.Request{
+				Type:    "Foo",
+				Version: 2,
+				Id:      "id",
+				Action:  "Something",
+			},
+			Version: 1,
+		},
+		body:   struct{ Arg string }{Arg: "an arg"},
+		expect: `{"request-id":1,"type":"Foo","version":2,"id":"id","request":"Something","params":{"Arg":"an arg"}}`,
+	}} {
 		c.Logf("test %d; %#v", i, test.hdr)
 		data := jsoncodec.DumpRequest(&test.hdr, test.body)
 		c.Check(string(data), gc.Equals, test.expect)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/jsoncodec/conn.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/jsoncodec/conn.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/jsoncodec/conn.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/jsoncodec/conn.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package jsoncodec
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/observers.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/observers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/observers.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/observers.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,68 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package rpc
+
+import "sync"
+
+// Observer can be implemented to find out about requests occurring in
+// an RPC conn, for example to print requests for logging
+// purposes. The calls should not block or interact with the Conn
+// object as that can cause delays to the RPC server or deadlock.
+type Observer interface {
+
+	// ServerRequest informs the Observer of a request made
+	// to the Conn. If the request was not recognized or there was
+	// an error reading the body, body will be nil.
+	//
+	// ServerRequest is called just before the server method
+	// is invoked.
+	ServerRequest(hdr *Header, body interface{})
+
+	// ServerReply informs the RequestNotifier of a reply sent to a
+	// server request. The given Request gives details of the call
+	// that was made; the given Header and body are the header and
+	// body sent as reply.
+	//
+	// ServerReply is called just before the reply is written.
+	ServerReply(req Request, hdr *Header, body interface{})
+}
+
+// NewObserverMultiplexer returns a new ObserverMultiplexer
+// with the provided RequestNotifiers.
+func NewObserverMultiplexer(rpcObservers ...Observer) *ObserverMultiplexer {
+	return &ObserverMultiplexer{
+		rpcObservers: rpcObservers,
+	}
+}
+
+// ObserverMultiplexer multiplexes calls to an arbitrary number of
+// Observers.
+type ObserverMultiplexer struct {
+	rpcObservers []Observer
+}
+
+// ServerReply implements Observer.
+func (m *ObserverMultiplexer) ServerReply(req Request, hdr *Header, body interface{}) {
+	mapConcurrent(func(n Observer) { n.ServerReply(req, hdr, body) }, m.rpcObservers)
+}
+
+// ServerRequest implements Observer.
+func (m *ObserverMultiplexer) ServerRequest(hdr *Header, body interface{}) {
+	mapConcurrent(func(n Observer) { n.ServerRequest(hdr, body) }, m.rpcObservers)
+}
+
+// mapConcurrent calls fn on all observers concurrently and then waits
+// for all calls to exit before returning.
+func mapConcurrent(fn func(Observer), requestNotifiers []Observer) {
+	var wg sync.WaitGroup
+	wg.Add(len(requestNotifiers))
+	defer wg.Wait()
+
+	for _, n := range requestNotifiers {
+		go func(notifier Observer) {
+			defer wg.Done()
+			fn(notifier)
+		}(n)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/observers_test.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/observers_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/observers_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/observers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,55 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package rpc_test
+
+import (
+	"github.com/juju/testing"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/apiserver/observer/fakeobserver"
+	"github.com/juju/juju/rpc"
+)
+
+type multiplexerSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&multiplexerSuite{})
+
+func (*multiplexerSuite) TestServerReply_CallsAllObservers(c *gc.C) {
+	observers := []*fakeobserver.RPCInstance{
+		(&fakeobserver.Instance{}).RPCObserver().(*fakeobserver.RPCInstance),
+		(&fakeobserver.Instance{}).RPCObserver().(*fakeobserver.RPCInstance),
+	}
+
+	o := rpc.NewObserverMultiplexer(observers[0], observers[1])
+	var (
+		req  rpc.Request
+		hdr  rpc.Header
+		body string
+	)
+	o.ServerReply(req, &hdr, body)
+
+	for _, f := range observers {
+		f.CheckCall(c, 0, "ServerReply", req, &hdr, body)
+	}
+}
+
+func (*multiplexerSuite) TestServerRequest_CallsAllObservers(c *gc.C) {
+	observers := []*fakeobserver.RPCInstance{
+		(&fakeobserver.Instance{}).RPCObserver().(*fakeobserver.RPCInstance),
+		(&fakeobserver.Instance{}).RPCObserver().(*fakeobserver.RPCInstance),
+	}
+
+	o := rpc.NewObserverMultiplexer(observers[0], observers[1])
+	var (
+		hdr  rpc.Header
+		body string
+	)
+	o.ServerRequest(&hdr, body)
+
+	for _, f := range observers {
+		f.CheckCall(c, 0, "ServerRequest", &hdr, body)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package rpc_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/rpcreflect/value.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/rpcreflect/value.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/rpcreflect/value.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/rpcreflect/value.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"reflect"
 )
 
-// CallNotImplementedError is an error, returned an attempt to call to
+// CallNotImplementedError is the error returned when an attempt to call to
 // an unknown API method is made.
 type CallNotImplementedError struct {
 	RootMethod string
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/rpc_test.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/rpc_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/rpc_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/rpc_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 	"reflect"
 	"regexp"
 	"sync"
-	stdtesting "testing"
 	"time"
 
 	"github.com/juju/errors"
@@ -33,10 +32,6 @@
 
 var _ = gc.Suite(&rpcSuite{})
 
-func TestAll(t *stdtesting.T) {
-	gc.TestingT(t)
-}
-
 type callInfo struct {
 	rcvr   interface{}
 	method string
@@ -379,7 +374,7 @@
 
 func (*rpcSuite) TestRPC(c *gc.C) {
 	root := SimpleRoot()
-	client, srvDone, clientNotifier, serverNotifier := newRPCClientServer(c, root, nil, false)
+	client, srvDone, serverNotifier := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	for narg := 0; narg < 2; narg++ {
 		for nret := 0; nret < 2; nret++ {
@@ -387,7 +382,6 @@
 				retErr := nerr != 0
 				p := testCallParams{
 					client:         client,
-					clientNotifier: clientNotifier,
 					serverNotifier: serverNotifier,
 					entry:          "SimpleMethods",
 					narg:           narg,
@@ -418,9 +412,6 @@
 	// will be used to make the call.
 	client *rpc.Conn
 
-	// clientNotifier holds the notifier for the client side.
-	clientNotifier *notifier
-
 	// serverNotifier holds the notifier for the server side.
 	serverNotifier *notifier
 
@@ -462,24 +453,23 @@
 	return fmt.Sprintf("error calling %s", p.request().Action)
 }
 
-func (root *Root) testCall(c *gc.C, p testCallParams) {
-	p.clientNotifier.reset()
-	p.serverNotifier.reset()
+func (root *Root) testCall(c *gc.C, args testCallParams) {
+	args.serverNotifier.reset()
 	root.calls = nil
-	root.returnErr = p.testErr
-	c.Logf("test call %s", p.request().Action)
-	var r stringVal
-	err := p.client.Call(p.request(), stringVal{"arg"}, &r)
+	root.returnErr = args.testErr
+	c.Logf("test call %s", args.request().Action)
+	var response stringVal
+	err := args.client.Call(args.request(), stringVal{"arg"}, &response)
 	switch {
-	case p.retErr && p.testErr:
+	case args.retErr && args.testErr:
 		c.Assert(errors.Cause(err), gc.DeepEquals, &rpc.RequestError{
-			Message: p.errorMessage(),
+			Message: args.errorMessage(),
 		})
-		c.Assert(r, gc.Equals, stringVal{})
-	case p.nret > 0:
-		c.Check(r, gc.Equals, stringVal{p.request().Action + " ret"})
+		c.Assert(response, gc.Equals, stringVal{})
+	case args.nret > 0:
+		c.Check(response, gc.Equals, stringVal{args.request().Action + " ret"})
 	}
-	if !p.testErr {
+	if !args.testErr {
 		c.Check(err, jc.ErrorIsNil)
 	}
 
@@ -488,11 +478,8 @@
 	root.mu.Lock()
 	defer root.mu.Unlock()
 
-	root.assertCallMade(c, p)
-
-	requestId := root.assertClientNotified(c, p, &r)
-
-	root.assertServerNotified(c, p, requestId)
+	root.assertCallMade(c, args)
+	root.assertServerNotified(c, args, args.client.ClientRequestID())
 }
 
 func (root *Root) assertCallMade(c *gc.C, p testCallParams) {
@@ -507,60 +494,17 @@
 	c.Assert(*root.calls[0], gc.Equals, expectCall)
 }
 
-// assertClientNotified asserts that the right client notifications
-// were made for the given test call parameters. The value of r
-// holds the result parameter passed to the call.
-// It returns the request id.
-func (root *Root) assertClientNotified(c *gc.C, p testCallParams, r interface{}) uint64 {
-	c.Assert(p.clientNotifier.serverRequests, gc.HasLen, 0)
-	c.Assert(p.clientNotifier.serverReplies, gc.HasLen, 0)
-
-	// Test that there was a notification for the request.
-	c.Assert(p.clientNotifier.clientRequests, gc.HasLen, 1)
-	clientReq := p.clientNotifier.clientRequests[0]
-	requestId := clientReq.hdr.RequestId
-	clientReq.hdr.RequestId = 0 // Ignore the exact value of the request id to start with.
-	c.Assert(clientReq.hdr, gc.DeepEquals, rpc.Header{
-		Request: p.request(),
-	})
-	c.Assert(clientReq.body, gc.Equals, stringVal{"arg"})
-
-	// Test that there was a notification for the reply.
-	c.Assert(p.clientNotifier.clientReplies, gc.HasLen, 1)
-	clientReply := p.clientNotifier.clientReplies[0]
-	c.Assert(clientReply.req, gc.Equals, p.request())
-	if p.retErr && p.testErr {
-		c.Assert(clientReply.body, gc.Equals, nil)
-	} else {
-		c.Assert(clientReply.body, gc.Equals, r)
-	}
-	if p.retErr && p.testErr {
-		c.Assert(clientReply.hdr, gc.DeepEquals, rpc.Header{
-			RequestId: requestId,
-			Error:     p.errorMessage(),
-		})
-	} else {
-		c.Assert(clientReply.hdr, gc.DeepEquals, rpc.Header{
-			RequestId: requestId,
-		})
-	}
-	return requestId
-}
-
 // assertServerNotified asserts that the right server notifications
 // were made for the given test call parameters. The id of the request
 // is held in requestId.
 func (root *Root) assertServerNotified(c *gc.C, p testCallParams, requestId uint64) {
-	// Check that the right server notifications were made.
-	c.Assert(p.serverNotifier.clientRequests, gc.HasLen, 0)
-	c.Assert(p.serverNotifier.clientReplies, gc.HasLen, 0)
-
 	// Test that there was a notification for the request.
 	c.Assert(p.serverNotifier.serverRequests, gc.HasLen, 1)
 	serverReq := p.serverNotifier.serverRequests[0]
 	c.Assert(serverReq.hdr, gc.DeepEquals, rpc.Header{
 		RequestId: requestId,
 		Request:   p.request(),
+		Version:   1,
 	})
 	if p.narg > 0 {
 		c.Assert(serverReq.body, gc.Equals, stringVal{"arg"})
@@ -581,21 +525,22 @@
 		c.Assert(serverReply.hdr, gc.Equals, rpc.Header{
 			RequestId: requestId,
 			Error:     p.errorMessage(),
+			Version:   1,
 		})
 	} else {
 		c.Assert(serverReply.hdr, gc.Equals, rpc.Header{
 			RequestId: requestId,
+			Version:   1,
 		})
 	}
 }
 
 func (*rpcSuite) TestInterfaceMethods(c *gc.C) {
 	root := SimpleRoot()
-	client, srvDone, clientNotifier, serverNotifier := newRPCClientServer(c, root, nil, false)
+	client, srvDone, serverNotifier := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	p := testCallParams{
 		client:         client,
-		clientNotifier: clientNotifier,
 		serverNotifier: serverNotifier,
 		entry:          "InterfaceMethods",
 		narg:           1,
@@ -620,12 +565,11 @@
 
 func (*rpcSuite) TestCustomMethodFinderV0(c *gc.C) {
 	root := &CustomMethodFinder{SimpleRoot()}
-	client, srvDone, clientNotifier, serverNotifier := newRPCClientServer(c, root, nil, false)
+	client, srvDone, serverNotifier := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	// V0 of MultiVersion implements only VariableMethods1.Call0r1.
 	p := testCallParams{
 		client:         client,
-		clientNotifier: clientNotifier,
 		serverNotifier: serverNotifier,
 		entry:          "MultiVersion",
 		version:        0,
@@ -647,12 +591,11 @@
 
 func (*rpcSuite) TestCustomMethodFinderV1(c *gc.C) {
 	root := &CustomMethodFinder{SimpleRoot()}
-	client, srvDone, clientNotifier, serverNotifier := newRPCClientServer(c, root, nil, false)
+	client, srvDone, serverNotifier := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	// V1 of MultiVersion implements only VariableMethods2.Call1r1.
 	p := testCallParams{
 		client:         client,
-		clientNotifier: clientNotifier,
 		serverNotifier: serverNotifier,
 		entry:          "MultiVersion",
 		version:        1,
@@ -674,11 +617,10 @@
 
 func (*rpcSuite) TestCustomMethodFinderV2(c *gc.C) {
 	root := &CustomMethodFinder{SimpleRoot()}
-	client, srvDone, clientNotifier, serverNotifier := newRPCClientServer(c, root, nil, false)
+	client, srvDone, serverNotifier := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	p := testCallParams{
 		client:         client,
-		clientNotifier: clientNotifier,
 		serverNotifier: serverNotifier,
 		entry:          "MultiVersion",
 		version:        2,
@@ -702,7 +644,7 @@
 
 func (*rpcSuite) TestCustomMethodFinderUnknownVersion(c *gc.C) {
 	root := &CustomMethodFinder{SimpleRoot()}
-	client, srvDone, _, _ := newRPCClientServer(c, root, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	var r stringVal
 	// Unknown version 5
@@ -726,7 +668,7 @@
 		},
 	}
 
-	client, srvDone, _, _ := newRPCClientServer(c, root, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	call := func(id string, done chan<- struct{}) {
 		var r stringVal
@@ -768,7 +710,7 @@
 	root := &Root{
 		errorInst: &ErrorMethods{&codedError{"message", "code"}},
 	}
-	client, srvDone, _, _ := newRPCClientServer(c, root, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	err := client.Call(rpc.Request{"ErrorMethods", 0, "", "Call"}, nil, nil)
 	c.Assert(err, gc.ErrorMatches, `message \(code\)`)
@@ -789,7 +731,7 @@
 		}
 		return fmt.Errorf("transformed: %v", err)
 	}
-	client, srvDone, _, _ := newRPCClientServer(c, root, tfErr, false)
+	client, srvDone, _ := newRPCClientServer(c, root, tfErr, false)
 	defer closeClient(c, client, srvDone)
 	// First, we don't transform methods we can't find.
 	err := client.Call(rpc.Request{"foo", 0, "", "bar"}, nil, nil)
@@ -835,7 +777,7 @@
 			},
 		},
 	}
-	client, srvDone, _, _ := newRPCClientServer(c, root, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	done := make(chan struct{})
 	go func() {
@@ -871,7 +813,7 @@
 	a0 := &SimpleMethods{root: root, id: "a0"}
 	root.simple["a0"] = a0
 
-	client, srvDone, _, _ := newRPCClientServer(c, root, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 	call := func(method string, arg, ret interface{}) (passedArg interface{}) {
 		root.calls = nil
@@ -909,27 +851,28 @@
 }
 
 func (*rpcSuite) TestBadCall(c *gc.C) {
+	loggo.GetLogger("juju.rpc").SetLogLevel(loggo.TRACE)
 	root := &Root{
 		simple: make(map[string]*SimpleMethods),
 	}
 	a0 := &SimpleMethods{root: root, id: "a0"}
 	root.simple["a0"] = a0
-	client, srvDone, clientNotifier, serverNotifier := newRPCClientServer(c, root, nil, false)
+	client, srvDone, serverNotifier := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 
-	testBadCall(c, client, clientNotifier, serverNotifier,
+	testBadCall(c, client, serverNotifier,
 		rpc.Request{"BadSomething", 0, "a0", "No"},
 		`unknown object type "BadSomething"`,
 		rpc.CodeNotImplemented,
 		false,
 	)
-	testBadCall(c, client, clientNotifier, serverNotifier,
+	testBadCall(c, client, serverNotifier,
 		rpc.Request{"SimpleMethods", 0, "xx", "No"},
 		"no such request - method SimpleMethods.No is not implemented",
 		rpc.CodeNotImplemented,
 		false,
 	)
-	testBadCall(c, client, clientNotifier, serverNotifier,
+	testBadCall(c, client, serverNotifier,
 		rpc.Request{"SimpleMethods", 0, "xx", "Call0r0"},
 		`unknown SimpleMethods id`,
 		"",
@@ -940,13 +883,12 @@
 func testBadCall(
 	c *gc.C,
 	client *rpc.Conn,
-	clientNotifier, serverNotifier *notifier,
+	serverNotifier *notifier,
 	req rpc.Request,
 	expectedErr string,
 	expectedErrCode string,
 	requestKnown bool,
 ) {
-	clientNotifier.reset()
 	serverNotifier.reset()
 	err := client.Call(req, nil, nil)
 	msg := expectedErr
@@ -955,33 +897,6 @@
 	}
 	c.Assert(err, gc.ErrorMatches, regexp.QuoteMeta(msg))
 
-	// Test that there was a notification for the client request.
-	c.Assert(clientNotifier.clientRequests, gc.HasLen, 1)
-	clientReq := clientNotifier.clientRequests[0]
-	requestId := clientReq.hdr.RequestId
-	c.Assert(clientReq, gc.DeepEquals, requestEvent{
-		hdr: rpc.Header{
-			RequestId: requestId,
-			Request:   req,
-		},
-		body: struct{}{},
-	})
-	// Test that there was a notification for the client reply.
-	c.Assert(clientNotifier.clientReplies, gc.HasLen, 1)
-	clientReply := clientNotifier.clientReplies[0]
-	c.Assert(clientReply, gc.DeepEquals, replyEvent{
-		req: req,
-		hdr: rpc.Header{
-			RequestId: requestId,
-			Error:     expectedErr,
-			ErrorCode: expectedErrCode,
-		},
-	})
-
-	// Test that there was a notification for the server request.
-	c.Assert(serverNotifier.serverRequests, gc.HasLen, 1)
-	serverReq := serverNotifier.serverRequests[0]
-
 	// From docs on ServerRequest:
 	// 	If the request was not recognized or there was
 	//	an error reading the body, body will be nil.
@@ -989,10 +904,11 @@
 	if requestKnown {
 		expectBody = struct{}{}
 	}
-	c.Assert(serverReq, gc.DeepEquals, requestEvent{
+	c.Assert(serverNotifier.serverRequests[0], gc.DeepEquals, requestEvent{
 		hdr: rpc.Header{
-			RequestId: requestId,
+			RequestId: client.ClientRequestID(),
 			Request:   req,
+			Version:   1,
 		},
 		body: expectBody,
 	})
@@ -1002,9 +918,10 @@
 	serverReply := serverNotifier.serverReplies[0]
 	c.Assert(serverReply, gc.DeepEquals, replyEvent{
 		hdr: rpc.Header{
-			RequestId: requestId,
+			RequestId: client.ClientRequestID(),
 			Error:     expectedErr,
 			ErrorCode: expectedErrCode,
+			Version:   1,
 		},
 		req:  req,
 		body: struct{}{},
@@ -1017,7 +934,7 @@
 	}
 	a0 := &SimpleMethods{root: root, id: "a0"}
 	root.simple["a0"] = a0
-	client, srvDone, _, _ := newRPCClientServer(c, root, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, root, nil, false)
 	defer closeClient(c, client, srvDone)
 
 	var ret stringVal
@@ -1043,7 +960,7 @@
 }
 
 func (*rpcSuite) TestErrorAfterClientClose(c *gc.C) {
-	client, srvDone, _, _ := newRPCClientServer(c, &Root{}, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, &Root{}, nil, false)
 	err := client.Close()
 	c.Assert(err, jc.ErrorIsNil)
 	err = client.Call(rpc.Request{"Foo", 0, "", "Bar"}, nil, nil)
@@ -1053,7 +970,7 @@
 }
 
 func (*rpcSuite) TestClientCloseIdempotent(c *gc.C) {
-	client, _, _, _ := newRPCClientServer(c, &Root{}, nil, false)
+	client, _, _ := newRPCClientServer(c, &Root{}, nil, false)
 	err := client.Close()
 	c.Assert(err, jc.ErrorIsNil)
 	err = client.Close()
@@ -1077,7 +994,7 @@
 
 func (*rpcSuite) TestRootIsKilledAndCleaned(c *gc.C) {
 	root := &KillerCleanerRoot{}
-	client, srvDone, _, _ := newRPCClientServer(c, root, nil, false)
+	client, srvDone, _ := newRPCClientServer(c, root, nil, false)
 	err := client.Close()
 	c.Assert(err, jc.ErrorIsNil)
 	err = chanReadError(c, srvDone, "server done")
@@ -1088,7 +1005,7 @@
 
 func (*rpcSuite) TestBidirectional(c *gc.C) {
 	srvRoot := &Root{}
-	client, srvDone, _, _ := newRPCClientServer(c, srvRoot, nil, true)
+	client, srvDone, _ := newRPCClientServer(c, srvRoot, nil, true)
 	defer closeClient(c, client, srvDone)
 	clientRoot := &Root{conn: client}
 	client.Serve(clientRoot, nil)
@@ -1100,7 +1017,7 @@
 
 func (*rpcSuite) TestServerRequestWhenNotServing(c *gc.C) {
 	srvRoot := &Root{}
-	client, srvDone, _, _ := newRPCClientServer(c, srvRoot, nil, true)
+	client, srvDone, _ := newRPCClientServer(c, srvRoot, nil, true)
 	defer closeClient(c, client, srvDone)
 	var r int64val
 	err := client.Call(rpc.Request{"CallbackMethods", 0, "", "Factorial"}, int64val{12}, &r)
@@ -1109,7 +1026,7 @@
 
 func (*rpcSuite) TestChangeAPI(c *gc.C) {
 	srvRoot := &Root{}
-	client, srvDone, _, _ := newRPCClientServer(c, srvRoot, nil, true)
+	client, srvDone, _ := newRPCClientServer(c, srvRoot, nil, true)
 	defer closeClient(c, client, srvDone)
 	var s stringVal
 	err := client.Call(rpc.Request{"NewlyAvailable", 0, "", "NewMethod"}, nil, &s)
@@ -1125,7 +1042,7 @@
 
 func (*rpcSuite) TestChangeAPIToNil(c *gc.C) {
 	srvRoot := &Root{}
-	client, srvDone, _, _ := newRPCClientServer(c, srvRoot, nil, true)
+	client, srvDone, _ := newRPCClientServer(c, srvRoot, nil, true)
 	defer closeClient(c, client, srvDone)
 
 	err := client.Call(rpc.Request{"ChangeAPIMethods", 0, "", "RemoveAPI"}, nil, nil)
@@ -1146,7 +1063,7 @@
 	transform := func(err error) error {
 		return fmt.Errorf("transformed: %v", err)
 	}
-	client, srvDone, _, _ := newRPCClientServer(c, srvRoot, transform, true)
+	client, srvDone, _ := newRPCClientServer(c, srvRoot, transform, true)
 	defer closeClient(c, client, srvDone)
 
 	result := make(chan error)
@@ -1187,12 +1104,16 @@
 // single client.  When the server has finished serving the connection,
 // it sends a value on the returned channel.
 // If bidir is true, requests can flow in both directions.
-func newRPCClientServer(c *gc.C, root interface{}, tfErr func(error) error, bidir bool) (client *rpc.Conn, srvDone chan error, clientNotifier, serverNotifier *notifier) {
+func newRPCClientServer(
+	c *gc.C,
+	root interface{},
+	tfErr func(error) error,
+	bidir bool,
+) (client *rpc.Conn, srvDone chan error, serverNotifier *notifier) {
 	l, err := net.Listen("tcp", "127.0.0.1:0")
 	c.Assert(err, jc.ErrorIsNil)
 
 	srvDone = make(chan error, 1)
-	clientNotifier = new(notifier)
 	serverNotifier = new(notifier)
 	go func() {
 		conn, err := l.Accept()
@@ -1225,9 +1146,9 @@
 	if bidir {
 		role = roleBoth
 	}
-	client = rpc.NewConn(NewJSONCodec(conn, role), clientNotifier)
+	client = rpc.NewConn(NewJSONCodec(conn, role), &notifier{})
 	client.Start()
-	return client, srvDone, clientNotifier, serverNotifier
+	return client, srvDone, serverNotifier
 }
 
 func closeClient(c *gc.C, client *rpc.Conn, srvDone <-chan error) {
@@ -1323,8 +1244,15 @@
 	mu             sync.Mutex
 	serverRequests []requestEvent
 	serverReplies  []replyEvent
-	clientRequests []requestEvent
-	clientReplies  []replyEvent
+}
+
+func (n *notifier) RPCObserver() rpc.Observer {
+	// For testing, we usually won't want an actual copy of the
+	// stub. To avoid confusing test failures (e.g. wondering why your
+	// calls aren't showing up on your stub because the underlying
+	// code has called DeepCopy) and immense complexity, just return
+	// the same value.
+	return n
 }
 
 func (n *notifier) reset() {
@@ -1332,8 +1260,6 @@
 	defer n.mu.Unlock()
 	n.serverRequests = nil
 	n.serverReplies = nil
-	n.clientRequests = nil
-	n.clientReplies = nil
 }
 
 func (n *notifier) ServerRequest(hdr *rpc.Header, body interface{}) {
@@ -1345,31 +1271,12 @@
 	})
 }
 
-func (n *notifier) ServerReply(req rpc.Request, hdr *rpc.Header, body interface{}, timeSpent time.Duration) {
+func (n *notifier) ServerReply(req rpc.Request, hdr *rpc.Header, body interface{}) {
 	n.mu.Lock()
 	defer n.mu.Unlock()
 	n.serverReplies = append(n.serverReplies, replyEvent{
 		req:  req,
 		hdr:  *hdr,
 		body: body,
-	})
-}
-
-func (n *notifier) ClientRequest(hdr *rpc.Header, body interface{}) {
-	n.mu.Lock()
-	defer n.mu.Unlock()
-	n.clientRequests = append(n.clientRequests, requestEvent{
-		hdr:  *hdr,
-		body: body,
-	})
-}
-
-func (n *notifier) ClientReply(req rpc.Request, hdr *rpc.Header, body interface{}) {
-	n.mu.Lock()
-	defer n.mu.Unlock()
-	n.clientReplies = append(n.clientReplies, replyEvent{
-		req:  req,
-		hdr:  *hdr,
-		body: body,
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/rpc/server.go juju-core-2.0~beta12/src/github.com/juju/juju/rpc/server.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/rpc/server.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/rpc/server.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,6 @@
 	"io"
 	"reflect"
 	"sync"
-	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
@@ -62,6 +61,9 @@
 
 	// ErrorCode holds the code of the error, if any.
 	ErrorCode string
+
+	// Version defines the wire format of the request and response structure.
+	Version int
 }
 
 // Request represents an RPC to be performed, absent its parameters.
@@ -85,6 +87,15 @@
 	return hdr.Request.Type != "" || hdr.Request.Action != ""
 }
 
+// ObserverFactory is a type which can construct a new Observer.
+type ObserverFactory interface {
+
+	// RPCObserver will return a new Observer usually constructed
+	// from the state previously built up in the Observer. The
+	// returned instance will be utilized per RPC request.
+	RPCObserver() Observer
+}
+
 // Note that we use "client request" and "server request" to name
 // requests initiated locally and remotely respectively.
 
@@ -96,9 +107,6 @@
 	// codec holds the underlying RPC connection.
 	codec Codec
 
-	// notifier is informed about RPC requests.
-	notifier RequestNotifier
-
 	// srvPending represents the current server requests.
 	srvPending sync.WaitGroup
 
@@ -145,75 +153,27 @@
 	// inputLoopError holds the error that caused the input loop to
 	// terminate prematurely.  It is set before dead is closed.
 	inputLoopError error
-}
 
-// RequestNotifier can be implemented to find out about requests
-// occurring in an RPC conn, for example to print requests for logging
-// purposes. The calls should not block or interact with the Conn object
-// as that can cause delays to the RPC server or deadlock.
-// Note that the methods on RequestNotifier may
-// be called concurrently.
-type RequestNotifier interface {
-	// ServerRequest informs the RequestNotifier of a request made
-	// to the Conn. If the request was not recognized or there was
-	// an error reading the body, body will be nil.
-	//
-	// ServerRequest is called just before the server method
-	// is invoked.
-	ServerRequest(hdr *Header, body interface{})
-
-	// ServerReply informs the RequestNotifier of a reply sent to a
-	// server request. The given Request gives details of the call
-	// that was made; the given Header and body are the header and
-	// body sent as reply.
-	//
-	// ServerReply is called just before the reply is written.
-	ServerReply(req Request, hdr *Header, body interface{}, timeSpent time.Duration)
-
-	// ClientRequest informs the RequestNotifier of a request
-	// made from the Conn. It is called just before the request is
-	// written.
-	ClientRequest(hdr *Header, body interface{})
-
-	// ClientReply informs the RequestNotifier of a reply received
-	// to a request. If the reply was to an unrecognised request,
-	// the Request will be zero-valued. If the reply contained an
-	// error, body will be nil; otherwise body will be the value that
-	// was passed to the Conn.Call method.
-	//
-	// ClientReply is called just before the reply is handed to
-	// back to the caller.
-	ClientReply(req Request, hdr *Header, body interface{})
+	observerFactory ObserverFactory
 }
 
 // NewConn creates a new connection that uses the given codec for
 // transport, but it does not start it. Conn.Start must be called before
 // any requests are sent or received. If notifier is non-nil, the
 // appropriate method will be called for every RPC request.
-func NewConn(codec Codec, notifier RequestNotifier) *Conn {
-	if notifier == nil {
-		notifier = new(dummyNotifier)
-	}
+func NewConn(codec Codec, observerFactory ObserverFactory) *Conn {
 	return &Conn{
-		codec:         codec,
-		clientPending: make(map[uint64]*Call),
-		notifier:      notifier,
+		codec:           codec,
+		clientPending:   make(map[uint64]*Call),
+		observerFactory: observerFactory,
 	}
 }
 
-// dummyNotifier is used when no notifier is provided to NewConn.
-type dummyNotifier struct{}
-
-func (*dummyNotifier) ServerRequest(*Header, interface{})                       {}
-func (*dummyNotifier) ServerReply(Request, *Header, interface{}, time.Duration) {}
-func (*dummyNotifier) ClientRequest(*Header, interface{})                       {}
-func (*dummyNotifier) ClientReply(Request, *Header, interface{})                {}
-
-// Start starts the RPC connection running.  It must be called at least
-// once for any RPC connection (client or server side) It has no effect
-// if it has already been called.  By default, a connection serves no
-// methods.  See Conn.Serve for a description of how to serve methods on
-// a Conn.
+// Start starts the RPC connection running.  It must be called at
+// least once for any RPC connection (client or server side) It has no
+// effect if it has already been called.  By default, a connection
+// serves no methods.  See Conn.Serve for a description of how to
+// serve methods on a Conn.
 func (conn *Conn) Start() {
 	conn.mutex.Lock()
 	defer conn.mutex.Unlock()
@@ -442,16 +402,16 @@
 }
 
 func (conn *Conn) handleRequest(hdr *Header) error {
-	startTime := time.Now()
+	observer := conn.observerFactory.RPCObserver()
 	req, err := conn.bindRequest(hdr)
 	if err != nil {
-		conn.notifier.ServerRequest(hdr, nil)
+		observer.ServerRequest(hdr, nil)
 		if err := conn.readBody(nil, true); err != nil {
 			return err
 		}
 		// We don't transform the error here. bindRequest will have
 		// already transformed it and returned a zero req.
-		return conn.writeErrorResponse(hdr, err, startTime)
+		return conn.writeErrorResponse(hdr, err, observer)
 	}
 	var argp interface{}
 	var arg reflect.Value
@@ -461,7 +421,8 @@
 		argp = v.Interface()
 	}
 	if err := conn.readBody(argp, true); err != nil {
-		conn.notifier.ServerRequest(hdr, nil)
+		observer.ServerRequest(hdr, nil)
+
 		// If we get EOF, we know the connection is a
 		// goner, so don't try to respond.
 		if err == io.EOF || err == io.ErrUnexpectedEOF {
@@ -475,32 +436,33 @@
 		// the error is actually a framing or syntax
 		// problem, then the next ReadHeader should pick
 		// up the problem and abort.
-		return conn.writeErrorResponse(hdr, req.transformErrors(err), startTime)
+		return conn.writeErrorResponse(hdr, req.transformErrors(err), observer)
 	}
 	if req.ParamsType() != nil {
-		conn.notifier.ServerRequest(hdr, arg.Interface())
+		observer.ServerRequest(hdr, arg.Interface())
 	} else {
-		conn.notifier.ServerRequest(hdr, struct{}{})
+		observer.ServerRequest(hdr, struct{}{})
 	}
 	conn.mutex.Lock()
 	closing := conn.closing
 	if !closing {
 		conn.srvPending.Add(1)
-		go conn.runRequest(req, arg, startTime)
+		go conn.runRequest(req, arg, hdr.Version, observer)
 	}
 	conn.mutex.Unlock()
 	if closing {
 		// We're closing down - no new requests may be initiated.
-		return conn.writeErrorResponse(hdr, req.transformErrors(ErrShutdown), startTime)
+		return conn.writeErrorResponse(hdr, req.transformErrors(ErrShutdown), observer)
 	}
 	return nil
 }
 
-func (conn *Conn) writeErrorResponse(reqHdr *Header, err error, startTime time.Time) error {
+func (conn *Conn) writeErrorResponse(reqHdr *Header, err error, observer Observer) error {
 	conn.sending.Lock()
 	defer conn.sending.Unlock()
 	hdr := &Header{
 		RequestId: reqHdr.RequestId,
+		Version:   reqHdr.Version,
 	}
 	if err, ok := err.(ErrorCoder); ok {
 		hdr.ErrorCode = err.ErrorCode()
@@ -508,7 +470,8 @@
 		hdr.ErrorCode = ""
 	}
 	hdr.Error = err.Error()
-	conn.notifier.ServerReply(reqHdr.Request, hdr, struct{}{}, time.Since(startTime))
+	observer.ServerReply(reqHdr.Request, hdr, struct{}{})
+
 	return conn.codec.WriteMessage(hdr, struct{}{})
 }
 
@@ -552,14 +515,15 @@
 }
 
 // runRequest runs the given request and sends the reply.
-func (conn *Conn) runRequest(req boundRequest, arg reflect.Value, startTime time.Time) {
+func (conn *Conn) runRequest(req boundRequest, arg reflect.Value, version int, observer Observer) {
 	defer conn.srvPending.Done()
 	rv, err := req.Call(req.hdr.Request.Id, arg)
 	if err != nil {
-		err = conn.writeErrorResponse(&req.hdr, req.transformErrors(err), startTime)
+		err = conn.writeErrorResponse(&req.hdr, req.transformErrors(err), observer)
 	} else {
 		hdr := &Header{
 			RequestId: req.hdr.RequestId,
+			Version:   version,
 		}
 		var rvi interface{}
 		if rv.IsValid() {
@@ -567,7 +531,7 @@
 		} else {
 			rvi = struct{}{}
 		}
-		conn.notifier.ServerReply(req.hdr.Request, hdr, rvi, time.Since(startTime))
+		observer.ServerReply(req.hdr.Request, hdr, rvi)
 		conn.sending.Lock()
 		err = conn.codec.WriteMessage(hdr, rvi)
 		conn.sending.Unlock()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/build-release-tarball/build-release-tarball.bash juju-core-2.0~beta12/src/github.com/juju/juju/scripts/build-release-tarball/build-release-tarball.bash
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/build-release-tarball/build-release-tarball.bash	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/build-release-tarball/build-release-tarball.bash	1970-01-01 00:00:00.000000000 +0000
@@ -1,43 +0,0 @@
-#!/usr/bin/env bash -e
-
-# if someone invokes this with bash
-set -e
-
-unset GOPATH
-
-# build release tarball from a bzr branch
-
-usage() {
-	echo usage: $0 TAG
-	exit 2
-}
-
-test $# -eq 1 ||  usage
-TAG=$1
-TMP_DIR=$(mktemp -d)
-mkdir $TMP_DIR/RELEASE
-WORK=$TMP_DIR/RELEASE
-
-echo "Getting juju-core and all its dependencies."
-GOPATH=$WORK go get -v -d github.com/juju/juju/...
-
-echo "Setting juju-core tree to $TAG."
-(cd "${WORK}/src/github.com/juju/juju/" && bzr revert -r $TAG)
-
-echo "Updating juju-core dependencies to the required versions."
-GOPATH=$WORK godeps -u "${WORK}/src/github.com/juju/juju/dependencies.tsv"
-
-# Smoke test
-GOPATH=$WORK go build -v github.com/juju/juju/...
-
-# Change the generic release to the proper juju-core version.
-VERSION=$(sed -n 's/^const version = "\(.*\)"/\1/p' \
-    $WORK/src/github.com/juju/version/version.go)
-mv $WORK $TMP_DIR/juju-core_${VERSION}/
-
-# Tar it up.
-TARFILE=`pwd`/juju-core_${VERSION}.tar.gz
-cd $TMP_DIR
-tar cfz $TARFILE --exclude .hg --exclude .git --exclude .bzr juju-core_${VERSION}
-
-echo "release tarball: ${TARFILE}"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/checktesting.bash juju-core-2.0~beta12/src/github.com/juju/juju/scripts/checktesting.bash
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/checktesting.bash	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/checktesting.bash	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,6 @@
 #!/bin/bash
+# Copyright 2013 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
 exitstatus=0
 for i in $(go list -f '{{.Dir}}' github.com/juju/juju/...)
 do
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/find-bad-doc-comments.py juju-core-2.0~beta12/src/github.com/juju/juju/scripts/find-bad-doc-comments.py
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/find-bad-doc-comments.py	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/find-bad-doc-comments.py	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,8 @@
 #!/usr/bin/python
 
+# Copyright 2014 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
+
 """
 This quick-and-dirty tool locates Go doc comments in a source tree
 that don't follow the convention of the first word of the comment
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/generate-docs.py juju-core-2.0~beta12/src/github.com/juju/juju/scripts/generate-docs.py
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/generate-docs.py	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/generate-docs.py	2016-07-18 19:45:44.000000000 +0000
@@ -1,6 +1,7 @@
 #!/usr/bin/env python
 
 # Copyright 2013 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
 
 import os
 import sys
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/jujuman.py juju-core-2.0~beta12/src/github.com/juju/juju/scripts/jujuman.py
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/jujuman.py	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/jujuman.py	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+# Copyright 2013 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
+
 """Functions for generating the manpage using the juju command."""
 
 import subprocess
@@ -166,9 +169,6 @@
 .I "~/.local/share/juju/credentials.yaml"
 Records all the cloud credentials known to Juju.
 .TP
-.I "~/.local/share/juju/current-controller"
- A text file containing the name of the current controller.
-.TP
 .I "~/.local/share/juju/models.yaml"
 Records the UUIDs of all models known to Juju.
 .TP
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/pre-push.bash juju-core-2.0~beta12/src/github.com/juju/juju/scripts/pre-push.bash
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/pre-push.bash	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/pre-push.bash	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,6 @@
 #!/bin/bash
+# Copyright 2013 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
 
 set -e
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/release-public-tools/release-public-tools.sh juju-core-2.0~beta12/src/github.com/juju/juju/scripts/release-public-tools/release-public-tools.sh
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/release-public-tools/release-public-tools.sh	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/release-public-tools/release-public-tools.sh	1970-01-01 00:00:00.000000000 +0000
@@ -1,272 +0,0 @@
-#!/usr/bin/env bash
-# Release public tools.
-#
-# Retrieve the published juju-core debs for a specific release.
-# Extract the jujud from the packages.
-# Generate the streams data.
-# Publish to Canonistack, HP, AWS, and Azure.
-#
-# This script requires that the user has credentials to upload the tools
-# to Canonistack, HP Cloud, AWS, and Azure
-
-set -e
-
-
-usage() {
-	echo usage: $0 RELEASE destination-directory
-	exit 1
-}
-
-
-check_deps() {
-    has_deps=1
-    which lftp || has_deps=0
-    which swift || has_deps=0
-    which s3cmd || has_deps=0
-
-    test -f $JUJU_DATA/canonistacktoolsrc || has_deps=0
-    test -f $JUJU_DATA/hptoolsrc || has_deps=0
-    test -f $JUJU_DATA/awstoolsrc || has_deps=0
-    test -f $JUJU_DATA/azuretoolsrc || has_deps=0
-    if [[ $has_deps == 0 ]]; then
-        echo "Install lftp, python-swiftclient, and s3cmd"
-        echo "Your your \$JUJU_DATA dir must contain rc files to publish:"
-        echo "  canonistacktoolsrc, hptoolsrc, awstoolsrc, azuretoolsrc"
-	echo "(if \$JUJU_DATA is not set, we will try \$XDG_DATA_HOME/juju"
-	echo " or,  ~/.local/share/juju if \$XDG_DATA_HOME is not set)"
-        exit 2
-    fi
-}
-
-
-build_tool_tree() {
-    if [[ ! -d $DEST_DEBS ]]; then
-        mkdir $DEST_DEBS
-    fi
-    if [[ ! -d $DEST_TOOLS ]]; then
-        mkdir -p $DEST_TOOLS
-    fi
-    if [[ ! -d $DEST_DIST ]]; then
-        mkdir $DEST_DIST
-    fi
-}
-
-
-retrieve_released_tools() {
-    # Retrieve previously released tools to ensure the metadata continues
-    # to work for historic releases.
-    source ~/.local/share/juju/awstoolsrc
-    s3cmd sync s3://juju-dist/tools/releases/ $DEST_TOOLS
-}
-
-
-retrieve_packages() {
-    # Retrieve the $RELEASE packages that contain jujud.
-    cd $DEST_DEBS
-    for archive in $UBUNTU_ARCH $STABLE_ARCH $DEVEL_ARCH; do
-        echo "checking $archive for $RELEASE."
-        lftp -c mirror -I "juju-core_${RELEASE}*.deb" $archive;
-    done
-    mv juju-core/*deb ./
-    rm -r juju-core
-}
-
-
-get_version() {
-    # Defines $version. $version can be different than $RELEASE used to
-    # match the packages in the archives.
-    control_version=$1
-    version=$(echo "$control_version" |
-        sed -n 's/^\([0-9]\+\).\([0-9]\+\).\([0-9]\+\)-[0-9].*/\1.\2.\3/p')
-    if [ "${version}" == "" ] ; then
-	    echo "Invalid version: $control_version"
-	    exit 3
-    fi
-}
-
-
-get_series() {
-    # Defines $series.
-    control_version=$1
-    pkg_series=$(echo "$control_version" |
-        sed -e 's/~juju.//;' \
-            -e 's/^.*~\(ubuntu[0-9][0-9]\.[0-9][0-9]\|[a-z]\+\).*/\1/')
-    series=${version_names["$pkg_series"]}
-    case "${series}" in
-	    "precise" | "quantal" | "raring" | "saucy" )
-		    ;;
-	    *)
-		    echo "Invalid series: $control_version"
-		    exit 3
-		    ;;
-    esac
-}
-
-
-get_arch() {
-    # Defines $arch.
-    control_file=$1
-    arch=$(sed -n 's/^Architecture: \([a-z]\+\)/\1/p' $control_file)
-    case "${arch}" in
-	    "amd64" | "i386" | "armel" | "armhf" | "arm64" | "ppc64el" )
-		    ;;
-	    *)
-		    echo "Invalid arch: $arch"
-		    exit 3
-		    ;;
-    esac
-}
-
-
-archive_tools() {
-    # Builds the jujud tgz for each series and arch.
-    cd $DESTINATION
-    WORK=$(mktemp -d)
-    mkdir ${WORK}/juju
-    packages=$(ls ${DEST_DEBS}/*.deb)
-    for package in $packages; do
-        echo "Extracting jujud from ${package}."
-        dpkg-deb -e $package ${WORK}/juju
-        control_file="${WORK}/juju/control"
-        control_version=$(sed -n 's/^Version: \(.*\)/\1/p' $control_file)
-        get_version $control_version
-        get_series $control_version
-        get_arch $control_file
-        tool="${DEST_TOOLS}/juju-${version}-${series}-${arch}.tgz"
-        echo "Creating $tool."
-        dpkg-deb -x $package ${WORK}/juju
-        bin_dir="${WORK}/juju/usr/bin"
-        lib_dir="${WORK}/juju/usr/lib/juju-${version}/bin"
-        if [[ -f "${bin_dir}/jujud" ]]; then
-            change_dir=$bin_dir
-        elif [[ -f "${lib_dir}/jujud" ]]; then
-            change_dir=$lib_dir
-        else
-            echo "jujud is not in /usr/bin or /usr/lib"
-            exit 4
-        fi
-        tar cvfz $tool -C $change_dir jujud
-        echo "Created ${tool}."
-        rm -r ${WORK}/juju/*
-    done
-}
-
-
-generate_streams() {
-    # Create the streams metadata and organised the tree for later publication.
-    cd $DESTINATION
-    ${GOPATH}/bin/juju sync-tools --all --dev \
-        --source=${DESTINATION} --destination=${DEST_DIST}
-    # Support old tools location so that deployments can upgrade to new tools.
-    cp ${DEST_DIST}/tools/releases/*tgz ${DEST_DIST}/tools
-    echo "The tools are in ${DEST_DIST}."
-}
-
-
-publish_to_canonistack() {
-    echo "Phase 6.1: Publish to canonistack."
-    cd $DESTINATION
-    source ~/.local/share/juju/canonistacktoolsrc
-    ${GOPATH}/bin/juju --show-log \
-        sync-tools -e public-tools-canonistack --dev --source=${DEST_DIST}
-    # This needed to allow old deployments upgrade.
-    cd ${DEST_DIST}
-    swift upload juju-dist tools/*.tgz
-}
-
-
-publish_to_hp() {
-    echo "Phase 6.2: Publish to HP Cloud."
-    cd $DESTINATION
-    source ~/.local/share/juju/hptoolsrc
-    ${GOPATH}/bin/juju --show-log \
-        sync-tools -e public-tools-hp --dev --source=${DEST_DIST}
-    # Support old tools location so that deployments can upgrade to new tools.
-    cd ${DEST_DIST}
-    swift upload juju-dist tools/*.tgz
-}
-
-
-publish_to_aws() {
-    echo "Phase 6.3: Publish to AWS."
-    cd $DESTINATION
-    source ~/.local/share/juju/awstoolsrc
-    s3cmd sync ${DEST_DIST}/tools s3://juju-dist/
-}
-
-
-publish_to_azure() {
-    # This command sets the tool name from the local path! The local path for
-    # each public file MUST match the destination path :(.
-    echo "Phase 6.4: Publish to Azure."
-    cd $DESTINATION
-    source ~/.local/share/juju/azuretoolsrc
-    cd ${DEST_DIST}
-    public_files=$(find tools -name *.tgz -o -name *.json)
-    for public_file in $public_files; do
-        echo "Uploading $public_file to Azure West US."
-        go run $GOPATH/src/launchpad.net/gwacl/example/storage/run.go \
-            -account=${AZURE_ACCOUNT} -container=juju-tools \
-            -location="West US" \
-            -key=${AZURE_JUJU_TOOLS_KEY} \
-            -filename=$public_file \
-            addblock
-    done
-}
-
-# set $JUJU_DATA, if not set, to the proper path.
-if [ -z "$JUJU_DATA" ]; then
-  if [ -z "$XDG_DATA_HOME" ]; then
-    JUJU_DATA=~/.local/share/juju
-  else
-    JUJU_DATA=$XDG_DATA_HOME/juju
-  fi
-fi
-
-# These are the archives that are search for matching releases.
-UBUNTU_ARCH="http://archive.ubuntu.com/ubuntu/pool/universe/j/juju-core/"
-STABLE_ARCH="http://ppa.launchpad.net/juju/stable/ubuntu/pool/main/j/juju-core/"
-DEVEL_ARCH="http://ppa.launchpad.net/juju/devel/ubuntu/pool/main/j/juju-core/"
-
-# Series names found in package versions need to be normalised.
-declare -A version_names
-version_names+=(["ubuntu12.04"]="precise")
-version_names+=(["ubuntu12.10"]="quantal")
-version_names+=(["ubuntu13.04"]="raring")
-version_names+=(["ubuntu13.10"]="saucy")
-version_names+=(["precise"]="precise")
-version_names+=(["quantal"]="quantal")
-version_names+=(["raring"]="raring")
-version_names+=(["saucy"]="saucy")
-
-test $# -eq 2 || usage
-
-RELEASE=$1
-DESTINATION=$(cd $2; pwd)
-DEST_DEBS="${DESTINATION}/debs"
-DEST_TOOLS="${DESTINATION}/tools/releases"
-DEST_DIST="${DESTINATION}/juju-dist"
-
-echo "Phase 0: Checking requirements."
-check_deps
-
-echo "Phase 1: Building collection and republication tree."
-build_tool_tree
-
-echo "Phase 2: Retrieving released tools."
-retrieve_released_tools
-
-echo "Phase 3: Retrieving juju-core packages from archives"
-retrieve_packages
-
-echo "Phase 4: Extracting jujud from packages and archiving tools."
-archive_tools
-
-echo "Phase 5: Generating streams data."
-generate_streams
-
-echo "Phase 6: Publishing tools."
-publish_to_canonistack
-publish_to_hp
-publish_to_aws
-publish_to_azure
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/setup-lxd.sh juju-core-2.0~beta12/src/github.com/juju/juju/scripts/setup-lxd.sh
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/setup-lxd.sh	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/setup-lxd.sh	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,6 @@
 #!/bin/sh
+# Copyright 2016 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
 set -ex
 
 # Do the manual steps a user has to run on a fresh system to get an lxd
@@ -24,4 +26,4 @@
 dpkg-reconfigure lxd --frontend=noninteractive
 
 # Must run a command for systemd socket activation to start the service
-lxc finger
\ No newline at end of file
+lxc finger
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/stresstest/run.sh juju-core-2.0~beta12/src/github.com/juju/juju/scripts/stresstest/run.sh
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/stresstest/run.sh	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/stresstest/run.sh	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,6 @@
 #!/bin/bash
+# Copyright 2012 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
 
 # basic stress test
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/verify.bash juju-core-2.0~beta12/src/github.com/juju/juju/scripts/verify.bash
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/verify.bash	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/verify.bash	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,6 @@
 #!/bin/bash
+# Copyright 2014 Canonical Ltd.
+# Licensed under the AGPLv3, see LICENCE file for details.
 
 # This is called from pre-push.bash to do some verification checks on 
 # the Go code.  The script will exit non-zero if any of these tests
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/scripts/win-installer/setup.iss juju-core-2.0~beta12/src/github.com/juju/juju/scripts/win-installer/setup.iss
--- juju-core-2.0~beta7/src/github.com/juju/juju/scripts/win-installer/setup.iss	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/scripts/win-installer/setup.iss	2016-07-18 19:45:44.000000000 +0000
@@ -2,7 +2,7 @@
 ; SEE THE DOCUMENTATION FOR DETAILS ON CREATING INNO SETUP SCRIPT FILES!
 
 #define MyAppName "Juju"
-#define MyAppVersion "2.0-beta7"
+#define MyAppVersion "2.0-beta12"
 #define MyAppPublisher "Canonical, Ltd"
 #define MyAppURL "http://juju.ubuntu.com/"
 #define MyAppExeName "juju.exe"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/common/service.go juju-core-2.0~beta12/src/github.com/juju/juju/service/common/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/common/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/common/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"github.com/juju/utils/shell"
 )
 
-// Service is the base type for service.Service implementations.
+// Service is the base type for application.Service implementations.
 type Service struct {
 	// Name is the name of the service.
 	Name string
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/common/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/service/common/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/common/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/common/service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,7 @@
 
 func (*serviceSuite) TestNoConfMissing(c *gc.C) {
 	service := common.Service{
-		Name: "a-service",
+		Name: "a-application",
 	}
 	noConf := service.NoConf()
 
@@ -28,7 +28,7 @@
 
 func (*serviceSuite) TestNoConfEmpty(c *gc.C) {
 	service := common.Service{
-		Name: "a-service",
+		Name: "a-application",
 		Conf: common.Conf{},
 	}
 	noConf := service.NoConf()
@@ -38,7 +38,7 @@
 
 func (*serviceSuite) TestNoConfFalse(c *gc.C) {
 	service := common.Service{
-		Name: "a-service",
+		Name: "a-application",
 		Conf: common.Conf{
 			Desc:      "some service",
 			ExecStart: "/path/to/some-command x y z",
@@ -51,7 +51,7 @@
 
 func (*serviceSuite) TestValidateOkay(c *gc.C) {
 	service := common.Service{
-		Name: "a-service",
+		Name: "a-application",
 		Conf: common.Conf{
 			Desc:      "some service",
 			ExecStart: "/path/to/some-command x y z",
@@ -76,7 +76,7 @@
 
 func (*serviceSuite) TestValidateMissingDesc(c *gc.C) {
 	service := common.Service{
-		Name: "a-service",
+		Name: "a-application",
 		Conf: common.Conf{
 			ExecStart: "/path/to/some-command x y z",
 		},
@@ -88,7 +88,7 @@
 
 func (*serviceSuite) TestValidateMissingExecStart(c *gc.C) {
 	service := common.Service{
-		Name: "a-service",
+		Name: "a-application",
 		Conf: common.Conf{
 			Desc: "some service",
 		},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/discovery.go juju-core-2.0~beta12/src/github.com/juju/juju/service/discovery.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/discovery.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/discovery.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package service
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/discovery_test.go juju-core-2.0~beta12/src/github.com/juju/juju/service/discovery_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/discovery_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/discovery_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -154,7 +154,7 @@
 func (s *discoverySuite) SetUpTest(c *gc.C) {
 	s.BaseSuite.SetUpTest(c)
 
-	s.name = "a-service"
+	s.name = "a-application"
 	s.conf = common.Conf{
 		Desc:      "some service",
 		ExecStart: "/path/to/some-command",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/service.go juju-core-2.0~beta12/src/github.com/juju/juju/service/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -123,7 +123,7 @@
 	case InitSystemSystemd:
 		dataDir, err := paths.DataDir(series)
 		if err != nil {
-			return nil, errors.Annotatef(err, "failed to find juju data dir for service %q", name)
+			return nil, errors.Annotatef(err, "failed to find juju data dir for application %q", name)
 		}
 
 		svc, err := systemd.NewService(name, conf, dataDir)
@@ -203,6 +203,7 @@
 // InstallAndStart installs the provided service and tries starting it.
 // The first few Start failures are ignored.
 func InstallAndStart(svc ServiceActions) error {
+	logger.Infof("Installing and starting service %+v", svc)
 	if err := svc.Install(); err != nil {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/systemd/service.go juju-core-2.0~beta12/src/github.com/juju/juju/service/systemd/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/systemd/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/systemd/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -114,7 +114,7 @@
 }
 
 func (s *Service) errorf(err error, msg string, args ...interface{}) error {
-	msg += " for service %q"
+	msg += " for application %q"
 	args = append(args, s.Service.Name)
 	if err == nil {
 		err = errors.Errorf(msg, args...)
@@ -235,7 +235,7 @@
 func (s Service) newConn() (dbusAPI, error) {
 	conn, err := newConn()
 	if err != nil {
-		logger.Errorf("failed to connect to dbus for service %q: %v", s.Service.Name, err)
+		logger.Errorf("failed to connect to dbus for application %q: %v", s.Service.Name, err)
 	}
 	return conn, err
 }
@@ -282,7 +282,7 @@
 		return errors.Trace(err)
 	}
 	if !installed {
-		return errors.NotFoundf("service " + s.Service.Name)
+		return errors.NotFoundf("application " + s.Service.Name)
 	}
 	running, err := s.Running()
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/systemd/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/service/systemd/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/systemd/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/systemd/service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,12 +11,12 @@
 
 	"github.com/coreos/go-systemd/unit"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/exec"
 	"github.com/juju/utils/shell"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/juju/paths"
 	"github.com/juju/juju/service"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/testing_test.go juju-core-2.0~beta12/src/github.com/juju/juju/service/testing_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/testing_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/testing_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -59,7 +59,7 @@
 
 func (StubSymlinkInfo) Mode() os.FileMode { return os.ModeSymlink }
 
-// BaseSuite is the base test suite for the service package.
+// BaseSuite is the base test suite for the application package.
 type BaseSuite struct {
 	testing.IsolationSuite
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/upstart/upstart.go juju-core-2.0~beta12/src/github.com/juju/juju/service/upstart/upstart.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/upstart/upstart.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/upstart/upstart.go	2016-07-18 19:45:44.000000000 +0000
@@ -162,7 +162,7 @@
 	return nil
 }
 
-// render returns the upstart configuration for the service as a slice of bytes.
+// render returns the upstart configuration for the application as a slice of bytes.
 func (s *Service) render() ([]byte, error) {
 	if err := s.Validate(); err != nil {
 		return nil, err
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/upstart/upstart_test.go juju-core-2.0~beta12/src/github.com/juju/juju/service/upstart/upstart_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/upstart/upstart_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/upstart/upstart_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -43,7 +43,7 @@
 	s.PatchEnvPathPrepend(s.testPath)
 	s.PatchValue(&upstart.InitDir, s.initDir)
 	s.service = upstart.NewService(
-		"some-service",
+		"some-application",
 		common.Conf{
 			Desc:      "some service",
 			ExecStart: "/path/to/some-command",
@@ -56,7 +56,7 @@
 if [ "$1" != "--system" ]; then
   exit 255
 fi
-if [ "$2" != "some-service" ]; then
+if [ "$2" != "some-application" ]; then
   exit 255
 fi
 if [ "$3" != "" ]; then
@@ -71,15 +71,15 @@
 }
 
 func (s *UpstartSuite) StoppedStatus(c *gc.C) {
-	s.MakeTool(c, "status", `echo "some-service stop/waiting"`)
+	s.MakeTool(c, "status", `echo "some-application stop/waiting"`)
 }
 
 func (s *UpstartSuite) RunningStatusNoProcessID(c *gc.C) {
-	s.MakeTool(c, "status", `echo "some-service start/running"`)
+	s.MakeTool(c, "status", `echo "some-application start/running"`)
 }
 
 func (s *UpstartSuite) RunningStatusWithProcessID(c *gc.C) {
-	s.MakeTool(c, "status", `echo "some-service start/running, process 123"`)
+	s.MakeTool(c, "status", `echo "some-application start/running, process 123"`)
 }
 
 func (s *UpstartSuite) goodInstall(c *gc.C) {
@@ -175,7 +175,7 @@
 	err := s.service.Remove()
 	c.Assert(err, jc.ErrorIsNil)
 
-	filename := filepath.Join(upstart.InitDir, "some-service.conf")
+	filename := filepath.Join(upstart.InitDir, "some-application.conf")
 	_, err = os.Stat(filename)
 	c.Check(err, jc.Satisfies, os.IsNotExist)
 }
@@ -184,7 +184,7 @@
 	s.goodInstall(c)
 	s.RunningStatusWithProcessID(c)
 	s.MakeTool(c, "stop", "exit 99")
-	filename := filepath.Join(upstart.InitDir, "some-service.conf")
+	filename := filepath.Join(upstart.InitDir, "some-application.conf")
 	err := s.service.Stop()
 	c.Assert(err, gc.ErrorMatches, ".*exit status 99.*")
 
@@ -206,7 +206,7 @@
 	s.service.Service.Conf = conf
 	s.service.Service.Name = ""
 	check("missing Name")
-	s.service.Service.Name = "some-service"
+	s.service.Service.Name = "some-application"
 	check("missing Desc")
 	s.service.Service.Conf.Desc = "this is an upstart service"
 	check("missing ExecStart")
@@ -229,7 +229,7 @@
 
 func (s *UpstartSuite) assertInstall(c *gc.C, conf common.Conf, expectEnd string) {
 	expectContent := expectStart + expectEnd
-	expectPath := filepath.Join(upstart.InitDir, "some-service.conf")
+	expectPath := filepath.Join(upstart.InitDir, "some-application.conf")
 
 	s.service.Service.Conf = conf
 	svc := s.service
@@ -241,10 +241,10 @@
 	cmds, err = s.service.StartCommands()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(cmds, gc.DeepEquals, []string{
-		"start some-service",
+		"start some-application",
 	})
 
-	s.MakeTool(c, "status", `echo "some-service stop/waiting"`)
+	s.MakeTool(c, "status", `echo "some-application stop/waiting"`)
 	s.MakeTool(c, "start", "exit 99")
 	err = svc.Install()
 	c.Assert(err, jc.ErrorIsNil)
@@ -342,8 +342,8 @@
 	pathTo := func(name string) string {
 		return filepath.Join(s.testPath, name)
 	}
-	s.MakeTool(c, "status-stopped", `echo "some-service stop/waiting"`)
-	s.MakeTool(c, "status-started", `echo "some-service start/running, process 123"`)
+	s.MakeTool(c, "status-stopped", `echo "some-application stop/waiting"`)
+	s.MakeTool(c, "status-started", `echo "some-application start/running, process 123"`)
 	s.MakeTool(c, "stop", fmt.Sprintf(
 		"rm %s; ln -s %s %s",
 		pathTo("status"), pathTo("status-stopped"), pathTo("status"),
@@ -355,7 +355,7 @@
 	err := symlink.New(pathTo("status-started"), pathTo("status"))
 	c.Assert(err, jc.ErrorIsNil)
 
-	svc := upstart.NewService("some-service", s.dummyConf(c))
+	svc := upstart.NewService("some-application", s.dummyConf(c))
 	err = svc.Install()
 	c.Assert(err, jc.ErrorIsNil)
 	installed, err := svc.Running()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2015 Canonical Ltd.
+// Copyright 2015 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package windows_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/stubsvcmanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/stubsvcmanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/stubsvcmanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/stubsvcmanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2015 Canonical Ltd.
+// Copyright 2015 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package windows
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/zpassword_windows.go juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/zpassword_windows.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/zpassword_windows.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/zpassword_windows.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 // go build mksyscall_windows.go && ./mksyscall_windows password_windows.go
 // MACHINE GENERATED BY THE COMMAND ABOVE; DO NOT EDIT
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/zservice_windows.go juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/zservice_windows.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/service/windows/zservice_windows.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/service/windows/zservice_windows.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2015 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 // MACHINE GENERATED BY 'go generate' COMMAND; DO NOT EDIT
 
 package windows
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/action.go juju-core-2.0~beta12/src/github.com/juju/juju/state/action.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/action.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/action.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,8 +8,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/action_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/action_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/action_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/action_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,11 +9,11 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/txn"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	statetesting "github.com/juju/juju/state/testing"
@@ -24,8 +24,8 @@
 	ConnSuite
 	charm             *state.Charm
 	actionlessCharm   *state.Charm
-	service           *state.Service
-	actionlessService *state.Service
+	service           *state.Application
+	actionlessService *state.Application
 	unit              *state.Unit
 	unit2             *state.Unit
 	charmlessUnit     *state.Unit
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/addmachine.go juju-core-2.0~beta12/src/github.com/juju/juju/state/addmachine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/addmachine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/addmachine.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/address.go juju-core-2.0~beta12/src/github.com/juju/juju/state/address.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/address.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/address.go	2016-07-18 19:45:44.000000000 +0000
@@ -77,7 +77,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	config, err := st.ModelConfig()
+	config, err := st.ControllerConfig()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -93,7 +93,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	config, err := st.ModelConfig()
+	config, err := st.ControllerConfig()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/allcollections.go juju-core-2.0~beta12/src/github.com/juju/juju/state/allcollections.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/allcollections.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/allcollections.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,7 +30,7 @@
 //
 //  * local (in opposition to global; and for want of a better term): these
 //    hold information relevant *within* specific models (machines,
-//    services, relations, settings, bookkeeping, etc) and should generally be
+//    applications, relations, settings, bookkeeping, etc) and should generally be
 //    read via an modelStateCollection, and written via a multiModelRunner. This is
 //    the most common form of collection, and the above access should usually
 //    be automatic via Database.Collection and Database.Runner.
@@ -128,10 +128,6 @@
 		// one model.
 		usersC: {
 			global: true,
-			indexes: []mgo.Index{{
-				// TODO(thumper): schema change to remove this index.
-				Key: []string{"name"},
-			}},
 		},
 
 		// This collection holds the last time the user connected to the API server.
@@ -146,6 +142,21 @@
 		// different models at a time.
 		usermodelnameC: {global: true},
 
+		// This collection holds cloud definitions.
+		cloudsC: {global: true},
+
+		// This collection holds users' cloud credentials.
+		cloudCredentialsC: {
+			global: true,
+			indexes: []mgo.Index{{
+				Key: []string{"owner", "cloud"},
+			}},
+		},
+
+		// This collection holds settings from various sources which
+		// are inherited and then forked by new models.
+		globalSettingsC: {global: true},
+
 		// This collection holds workload metrics reported by certain charms
 		// for passing onward to other tools.
 		metricsC: {global: true},
@@ -153,12 +164,6 @@
 		// This collection holds persistent state for the metrics manager.
 		metricsManagerC: {global: true},
 
-		// This collection holds lease data, which is per-model, but is
-		// not itself multi-model-aware; happily it will imminently be
-		// deprecated in favour of the non-global leasesC below.
-		// TODO(fwereade): drop leaseC entirely so can't use wrong const.
-		leaseC: {global: true},
-
 		// This collection was deprecated before multi-model support
 		// was implemented.
 		actionresultsC: {global: true},
@@ -174,10 +179,14 @@
 		// Local collections
 		// =================
 
+		// This collection holds users related to a model and will be usde as one
+		// of the intersection axis of permissionsC
+		modelUsersC: {},
+
 		// This collection is basically a standard SQL intersection table; it
 		// references the global records of the users allowed access to a
-		// given collection.
-		modelUsersC: {},
+		// given operation.
+		permissionsC: {},
 
 		// This collection holds the last time the model user connected
 		// to the model.
@@ -185,6 +194,9 @@
 			rawAccess: true,
 		},
 
+		// This collection holds the source from where model settings came.
+		modelSettingsSourcesC: {},
+
 		// This collection contains governors that prevent certain kinds of
 		// changes from being accepted.
 		blocksC: {},
@@ -199,7 +211,7 @@
 		sequenceC: {},
 
 		// This collection holds lease data. It's currently only used to
-		// implement service leadership, but is namespaced and available
+		// implement application leadership, but is namespaced and available
 		// for use by other clients in future.
 		leasesC: {
 			indexes: []mgo.Index{{
@@ -211,12 +223,12 @@
 
 		// -----
 
-		// These collections hold information associated with services.
-		charmsC:   {},
-		servicesC: {},
+		// These collections hold information associated with applications.
+		charmsC:       {},
+		applicationsC: {},
 		unitsC: {
 			indexes: []mgo.Index{{
-				Key: []string{"model-uuid", "service"},
+				Key: []string{"model-uuid", "application"},
 			}, {
 				Key: []string{"model-uuid", "principal"},
 			}, {
@@ -237,7 +249,7 @@
 			indexes: []mgo.Index{{
 				Key: []string{"model-uuid", "endpoints.relationname"},
 			}, {
-				Key: []string{"model-uuid", "endpoints.servicename"},
+				Key: []string{"model-uuid", "endpoints.applicationname"},
 			}},
 		},
 		relationScopesC: {},
@@ -286,49 +298,14 @@
 
 		// -----
 
-		// These collections hold information associated with networking.
-		// TODO(dimitern): Remove the obsolete collections below once possible.
-		legacyipaddressesC: {
-			indexes: []mgo.Index{{
-				Key: []string{"uuid"},
-			}, {
-				Key: []string{"model-uuid", "state"},
-			}, {
-				Key: []string{"model-uuid", "subnetid"},
-			}},
-		},
-		// TODO(dimitern): End of obsolete networking collections.
-		spacesC: {
-			indexes: []mgo.Index{{
-				Key:    []string{"providerid"},
-				Unique: true,
-				Sparse: true,
-			}},
-		},
-		subnetsC: {
-			indexes: []mgo.Index{{
-				Key:    []string{"providerid"},
-				Unique: true,
-				Sparse: true,
-			}},
-		},
-		linkLayerDevicesC: {
-			indexes: []mgo.Index{{
-				Key:    []string{"providerid"},
-				Unique: true,
-				Sparse: true,
-			}},
-		},
+		providerIDsC:          {},
+		spacesC:               {},
+		subnetsC:              {},
+		linkLayerDevicesC:     {},
 		linkLayerDevicesRefsC: {},
-		ipAddressesC: {
-			indexes: []mgo.Index{{
-				Key:    []string{"providerid"},
-				Unique: true,
-				Sparse: true,
-			}},
-		},
-		endpointBindingsC: {},
-		openedPortsC:      {},
+		ipAddressesC:          {},
+		endpointBindingsC:     {},
+		openedPortsC:          {},
 
 		// -----
 
@@ -365,7 +342,7 @@
 		annotationsC: {},
 
 		// This collection in particular holds an astounding number of
-		// different sorts of data: service config settings by charm version,
+		// different sorts of data: application config settings by charm version,
 		// unit relation settings, model config, etc etc etc.
 		settingsC: {},
 
@@ -374,7 +351,7 @@
 		statusesC:           {},
 		statusesHistoryC: {
 			indexes: []mgo.Index{{
-				Key: []string{"model-uuid", "globalkey"},
+				Key: []string{"model-uuid", "globalkey", "updated"},
 			}},
 		},
 
@@ -387,6 +364,11 @@
 		// ======================
 
 		// metrics; status-history; logs; ..?
+
+		auditingC: {
+			global:    true,
+			rawAccess: true,
+		},
 	}
 }
 
@@ -400,22 +382,24 @@
 	actionsC                 = "actions"
 	annotationsC             = "annotations"
 	assignUnitC              = "assignUnits"
+	auditingC                = "audit.log"
 	bakeryStorageItemsC      = "bakeryStorageItems"
 	blockDevicesC            = "blockdevices"
 	blocksC                  = "blocks"
 	charmsC                  = "charms"
 	cleanupsC                = "cleanups"
 	cloudimagemetadataC      = "cloudimagemetadata"
+	cloudsC                  = "clouds"
+	cloudCredentialsC        = "cloudCredentials"
 	constraintsC             = "constraints"
 	containerRefsC           = "containerRefs"
 	controllersC             = "controllers"
 	filesystemAttachmentsC   = "filesystemAttachments"
 	filesystemsC             = "filesystems"
+	globalSettingsC          = "globalSettings"
 	guimetadataC             = "guimetadata"
 	guisettingsC             = "guisettings"
 	instanceDataC            = "instanceData"
-	legacyipaddressesC       = "ipaddresses"
-	leaseC                   = "lease"
 	leasesC                  = "leases"
 	machinesC                = "machines"
 	meterStatusC             = "meterStatus"
@@ -425,17 +409,20 @@
 	migrationsStatusC        = "migrations.status"
 	migrationsActiveC        = "migrations.active"
 	migrationsC              = "migrations"
+	modelSettingsSourcesC    = "modelSettingsSources"
 	modelUserLastConnectionC = "modelUserLastConnection"
 	modelUsersC              = "modelusers"
 	modelsC                  = "models"
 	modelEntityRefsC         = "modelEntityRefs"
 	openedPortsC             = "openedPorts"
+	permissionsC             = "permissions"
+	providerIDsC             = "providerIDs"
 	rebootC                  = "reboot"
 	relationScopesC          = "relationscopes"
 	relationsC               = "relations"
 	restoreInfoC             = "restoreInfo"
 	sequenceC                = "sequence"
-	servicesC                = "services"
+	applicationsC            = "applications"
 	endpointBindingsC        = "endpointbindings"
 	settingsC                = "settings"
 	settingsrefsC            = "settingsrefs"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/allwatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/state/allwatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/allwatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/allwatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,12 +9,13 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/state/watcher"
+	"github.com/juju/juju/state/workers"
 	"github.com/juju/juju/status"
 )
 
@@ -22,6 +23,7 @@
 // a single model from the State.
 type allWatcherStateBacking struct {
 	st               *State
+	watcher          workers.TxnLogWatcher
 	collectionByName map[string]allWatcherStateCollection
 }
 
@@ -29,6 +31,7 @@
 // for all models from the State.
 type allModelWatcherStateBacking struct {
 	st               *State
+	watcher          workers.TxnLogWatcher
 	stPool           *StatePool
 	collectionByName map[string]allWatcherStateCollection
 }
@@ -65,8 +68,8 @@
 			collection.docType = reflect.TypeOf(backingMachine{})
 		case unitsC:
 			collection.docType = reflect.TypeOf(backingUnit{})
-		case servicesC:
-			collection.docType = reflect.TypeOf(backingService{})
+		case applicationsC:
+			collection.docType = reflect.TypeOf(backingApplication{})
 		case actionsC:
 			collection.docType = reflect.TypeOf(backingAction{})
 		case relationsC:
@@ -110,11 +113,11 @@
 
 func (e *backingModel) updated(st *State, store *multiwatcherStore, id string) error {
 	store.Update(&multiwatcher.ModelInfo{
-		ModelUUID:  e.UUID,
-		Name:       e.Name,
-		Life:       multiwatcher.Life(e.Life.String()),
-		Owner:      e.Owner,
-		ServerUUID: e.ServerUUID,
+		ModelUUID:      e.UUID,
+		Name:           e.Name,
+		Life:           multiwatcher.Life(e.Life.String()),
+		Owner:          e.Owner,
+		ControllerUUID: e.ServerUUID,
 	})
 	return nil
 }
@@ -141,12 +144,21 @@
 		Life:                     multiwatcher.Life(m.Life.String()),
 		Series:                   m.Series,
 		Jobs:                     paramsJobsFromJobs(m.Jobs),
-		Addresses:                network.MergedAddresses(networkAddresses(m.MachineAddresses), networkAddresses(m.Addresses)),
 		SupportedContainers:      m.SupportedContainers,
 		SupportedContainersKnown: m.SupportedContainersKnown,
 		HasVote:                  m.HasVote,
 		WantsVote:                wantsVote(m.Jobs, m.NoVote),
 	}
+	addresses := network.MergedAddresses(networkAddresses(m.MachineAddresses), networkAddresses(m.Addresses))
+	for _, addr := range addresses {
+		info.Addresses = append(info.Addresses, multiwatcher.Address{
+			Value:           addr.Value,
+			Type:            string(addr.Type),
+			Scope:           string(addr.Scope),
+			SpaceName:       string(addr.SpaceName),
+			SpaceProviderId: string(addr.SpaceProviderId),
+		})
+	}
 
 	oldInfo := store.Get(info.EntityId())
 	if oldInfo == nil {
@@ -160,28 +172,28 @@
 		if !ok {
 			return errors.Errorf("the given entity does not support Status %v", entity)
 		}
-		jujuStatus, err := machine.Status()
+		agentStatus, err := machine.Status()
 		if err != nil {
-			return errors.Annotatef(err, "retrieving juju status for machine %q", m.Id)
+			return errors.Annotatef(err, "retrieving agent status for machine %q", m.Id)
 		}
-		info.JujuStatus = multiwatcher.NewStatusInfo(jujuStatus, err)
+		info.AgentStatus = multiwatcher.NewStatusInfo(agentStatus, nil)
 
 		inst := machine.(status.InstanceStatusGetter)
 		if !ok {
 			return errors.Errorf("the given entity does not support InstanceStatus %v", entity)
 		}
 
-		machineStatus, err := inst.InstanceStatus()
+		instanceStatus, err := inst.InstanceStatus()
 		if err != nil {
 			return errors.Annotatef(err, "retrieving instance status for machine %q", m.Id)
 		}
-		info.MachineStatus = multiwatcher.NewStatusInfo(machineStatus, err)
+		info.InstanceStatus = multiwatcher.NewStatusInfo(instanceStatus, nil)
 	} else {
 		// The entry already exists, so preserve the current status and
 		// instance data.
 		oldInfo := oldInfo.(*multiwatcher.MachineInfo)
-		info.JujuStatus = oldInfo.JujuStatus
-		info.MachineStatus = oldInfo.MachineStatus
+		info.AgentStatus = oldInfo.AgentStatus
+		info.InstanceStatus = oldInfo.InstanceStatus
 		info.InstanceId = oldInfo.InstanceId
 		info.HardwareCharacteristics = oldInfo.HardwareCharacteristics
 	}
@@ -254,27 +266,28 @@
 	return portRanges, compatiblePorts, nil
 }
 
-func unitAndAgentStatus(st *State, name string) (unitStatus, agentStatus *status.StatusInfo, err error) {
+func unitAndAgentStatus(st *State, name string) (unitStatus, agentStatus status.StatusInfo, err error) {
+	var empty status.StatusInfo
 	unit, err := st.Unit(name)
 	if err != nil {
-		return nil, nil, errors.Trace(err)
+		return empty, empty, errors.Trace(err)
 	}
 	unitStatusResult, err := unit.Status()
 	if err != nil {
-		return nil, nil, errors.Trace(err)
+		return empty, empty, errors.Trace(err)
 	}
 	agentStatusResult, err := unit.AgentStatus()
 	if err != nil {
-		return nil, nil, errors.Trace(err)
+		return empty, empty, errors.Trace(err)
 	}
-	return &unitStatusResult, &agentStatusResult, nil
+	return unitStatusResult, agentStatusResult, nil
 }
 
 func (u *backingUnit) updated(st *State, store *multiwatcherStore, id string) error {
 	info := &multiwatcher.UnitInfo{
 		ModelUUID:   st.ModelUUID(),
 		Name:        u.Name,
-		Service:     u.Service,
+		Application: u.Application,
 		Series:      u.Series,
 		MachineId:   u.MachineId,
 		Subordinate: u.Principal != "",
@@ -292,34 +305,25 @@
 			return errors.Annotatef(err, "reading unit and agent status for %q", u.Name)
 		}
 		// Unit and workload status.
-		info.WorkloadStatus = multiwatcher.StatusInfo{
-			Current: status.Status(unitStatus.Status),
-			Message: unitStatus.Message,
-			Data:    normaliseStatusData(unitStatus.Data),
-			Since:   unitStatus.Since,
-		}
+		info.WorkloadStatus = multiwatcher.NewStatusInfo(unitStatus, nil)
+		info.AgentStatus = multiwatcher.NewStatusInfo(agentStatus, nil)
 		if u.Tools != nil {
-			info.JujuStatus.Version = u.Tools.Version.Number.String()
-		}
-		info.JujuStatus = multiwatcher.StatusInfo{
-			Current: status.Status(agentStatus.Status),
-			Message: agentStatus.Message,
-			Data:    normaliseStatusData(agentStatus.Data),
-			Since:   agentStatus.Since,
+			info.AgentStatus.Version = u.Tools.Version.Number.String()
 		}
 
 		portRanges, compatiblePorts, err := getUnitPortRangesAndPorts(st, u.Name)
 		if err != nil {
 			return errors.Trace(err)
 		}
-		info.PortRanges = portRanges
-		info.Ports = compatiblePorts
+
+		info.PortRanges = toMultiwatcherPortRanges(portRanges)
+		info.Ports = toMultiwatcherPorts(compatiblePorts)
 
 	} else {
 		// The entry already exists, so preserve the current status and ports.
 		oldInfo := oldInfo.(*multiwatcher.UnitInfo)
 		// Unit and workload status.
-		info.JujuStatus = oldInfo.JujuStatus
+		info.AgentStatus = oldInfo.AgentStatus
 		info.WorkloadStatus = oldInfo.WorkloadStatus
 		info.Ports = oldInfo.Ports
 		info.PortRanges = oldInfo.PortRanges
@@ -347,11 +351,11 @@
 	}
 	publicAddress, err := u.PublicAddress()
 	if err != nil {
-		logger.Warningf("getting a public address for unit %q failed: %q", u.Name(), err)
+		logger.Errorf("getting a public address for unit %q failed: %q", u.Name(), err)
 	}
 	privateAddress, err := u.PrivateAddress()
 	if err != nil {
-		logger.Warningf("getting a private address for unit %q failed: %q", u.Name(), err)
+		logger.Errorf("getting a private address for unit %q failed: %q", u.Name(), err)
 	}
 	return publicAddress.Value, privateAddress.Value, nil
 }
@@ -369,22 +373,17 @@
 	return u.DocID
 }
 
-type backingService serviceDoc
+type backingApplication applicationDoc
 
-func (svc *backingService) updated(st *State, store *multiwatcherStore, id string) error {
+func (svc *backingApplication) updated(st *State, store *multiwatcherStore, id string) error {
 	if svc.CharmURL == nil {
 		return errors.Errorf("charm url is nil")
 	}
-	env, err := st.Model()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	info := &multiwatcher.ServiceInfo{
+	info := &multiwatcher.ApplicationInfo{
 		ModelUUID:   st.ModelUUID(),
 		Name:        svc.Name,
 		Exposed:     svc.Exposed,
 		CharmURL:    svc.CharmURL.String(),
-		OwnerTag:    svc.fixOwnerTag(env),
 		Life:        multiwatcher.Life(svc.Life.String()),
 		MinUnits:    svc.MinUnits,
 		Subordinate: svc.Subordinate,
@@ -392,8 +391,8 @@
 	oldInfo := store.Get(info.EntityId())
 	needConfig := false
 	if oldInfo == nil {
-		logger.Debugf("new service %q added to backing state", svc.Name)
-		key := serviceGlobalKey(svc.Name)
+		logger.Debugf("new application %q added to backing state", svc.Name)
+		key := applicationGlobalKey(svc.Name)
 		// We're adding the entry for the first time,
 		// so fetch the associated child documents.
 		c, err := readConstraints(st, key)
@@ -403,29 +402,26 @@
 		info.Constraints = c
 		needConfig = true
 		// Fetch the status.
-		service, err := st.Service(svc.Name)
+		application, err := st.Application(svc.Name)
 		if err != nil {
 			return errors.Trace(err)
 		}
-		serviceStatus, err := service.Status()
+		applicationStatus, err := application.Status()
 		if err != nil {
-			logger.Warningf("reading service status for key %s: %v", key, err)
-		}
-		if err != nil && !errors.IsNotFound(err) {
-			return errors.Annotatef(err, "reading service status for key %s", key)
+			return errors.Annotatef(err, "reading application status for key %s", key)
 		}
 		if err == nil {
 			info.Status = multiwatcher.StatusInfo{
-				Current: serviceStatus.Status,
-				Message: serviceStatus.Message,
-				Data:    normaliseStatusData(serviceStatus.Data),
-				Since:   serviceStatus.Since,
+				Current: applicationStatus.Status,
+				Message: applicationStatus.Message,
+				Data:    normaliseStatusData(applicationStatus.Data),
+				Since:   applicationStatus.Since,
 			}
 		} else {
 			// TODO(wallyworld) - bug http://pad.lv/1451283
 			// return an error here once we figure out what's happening
 			// Not sure how status can even return NotFound as it is created
-			// with the service initially. For now, we'll log the error as per
+			// with the application initially. For now, we'll log the error as per
 			// the above and return Unknown.
 			// TODO(fwereade): 2016-03-17 lp:1558657
 			now := time.Now()
@@ -437,7 +433,7 @@
 		}
 	} else {
 		// The entry already exists, so preserve the current status.
-		oldInfo := oldInfo.(*multiwatcher.ServiceInfo)
+		oldInfo := oldInfo.(*multiwatcher.ApplicationInfo)
 		info.Constraints = oldInfo.Constraints
 		if info.CharmURL == oldInfo.CharmURL {
 			// The charm URL remains the same - we can continue to
@@ -450,7 +446,7 @@
 		}
 	}
 	if needConfig {
-		doc, err := readSettingsDoc(st, serviceSettingsKey(svc.Name, svc.CharmURL))
+		doc, err := readSettingsDoc(st, settingsC, applicationSettingsKey(svc.Name, svc.CharmURL))
 		if err != nil {
 			return errors.Trace(err)
 		}
@@ -460,25 +456,16 @@
 	return nil
 }
 
-func (svc *backingService) removed(store *multiwatcherStore, modelUUID, id string, _ *State) error {
+func (svc *backingApplication) removed(store *multiwatcherStore, modelUUID, id string, _ *State) error {
 	store.Remove(multiwatcher.EntityId{
-		Kind:      "service",
+		Kind:      "application",
 		ModelUUID: modelUUID,
 		Id:        id,
 	})
 	return nil
 }
 
-// SCHEMACHANGE
-// TODO(mattyw) remove when schema upgrades are possible
-func (svc *backingService) fixOwnerTag(env *Model) string {
-	if svc.OwnerTag != "" {
-		return svc.OwnerTag
-	}
-	return env.Owner().String()
-}
-
-func (svc *backingService) mongoId() string {
+func (svc *backingApplication) mongoId() string {
 	return svc.DocID
 }
 
@@ -521,8 +508,8 @@
 	eps := make([]multiwatcher.Endpoint, len(r.Endpoints))
 	for i, ep := range r.Endpoints {
 		eps[i] = multiwatcher.Endpoint{
-			ServiceName: ep.ServiceName,
-			Relation:    ep.Relation,
+			ApplicationName: ep.ApplicationName,
+			Relation:        multiwatcher.NewCharmRelation(ep.Relation),
 		}
 	}
 	info := &multiwatcher.RelationInfo{
@@ -606,6 +593,15 @@
 
 type backingStatus statusDoc
 
+func (s *backingStatus) toStatusInfo() multiwatcher.StatusInfo {
+	return multiwatcher.StatusInfo{
+		Current: s.Status,
+		Message: s.StatusInfo,
+		Data:    s.StatusData,
+		Since:   unixNanoToTime(s.Updated),
+	}
+}
+
 func (s *backingStatus) updated(st *State, store *multiwatcherStore, id string) error {
 	parentID, ok := backingEntityIdForGlobalKey(st.ModelUUID(), id)
 	if !ok {
@@ -628,27 +624,17 @@
 			return err
 		}
 		info0 = &newInfo
-	case *multiwatcher.ServiceInfo:
+	case *multiwatcher.ApplicationInfo:
 		newInfo := *info
-		newInfo.Status.Current = s.Status
-		newInfo.Status.Message = s.StatusInfo
-		newInfo.Status.Data = normaliseStatusData(s.StatusData)
-		newInfo.Status.Since = unixNanoToTime(s.Updated)
+		newInfo.Status = s.toStatusInfo()
 		info0 = &newInfo
 	case *multiwatcher.MachineInfo:
 		newInfo := *info
 		// lets dissambiguate between juju machine agent and provider instance statuses.
 		if strings.HasSuffix(id, "#instance") {
-			newInfo.MachineStatus.Current = s.Status
-			newInfo.MachineStatus.Message = s.StatusInfo
-			newInfo.MachineStatus.Data = normaliseStatusData(s.StatusData)
-			newInfo.MachineStatus.Since = unixNanoToTime(s.Updated)
-
+			newInfo.InstanceStatus = s.toStatusInfo()
 		} else {
-			newInfo.JujuStatus.Current = s.Status
-			newInfo.JujuStatus.Message = s.StatusInfo
-			newInfo.JujuStatus.Data = normaliseStatusData(s.StatusData)
-			newInfo.JujuStatus.Since = unixNanoToTime(s.Updated)
+			newInfo.AgentStatus = s.toStatusInfo()
 		}
 		info0 = &newInfo
 	default:
@@ -660,49 +646,42 @@
 
 func (s *backingStatus) updatedUnitStatus(st *State, store *multiwatcherStore, id string, unitStatus status.StatusInfo, newInfo *multiwatcher.UnitInfo) error {
 	// Unit or workload status - display the agent status or any error.
+	// NOTE: thumper 2016-06-27, this is truely horrible, and we are lying to our users.
+	// however, this is explicitly what has been asked for as much as we dislike it.
 	if strings.HasSuffix(id, "#charm") || s.Status == status.StatusError {
-		newInfo.WorkloadStatus.Current = s.Status
-		newInfo.WorkloadStatus.Message = s.StatusInfo
-		newInfo.WorkloadStatus.Data = normaliseStatusData(s.StatusData)
-		newInfo.WorkloadStatus.Since = unixNanoToTime(s.Updated)
+		newInfo.WorkloadStatus = s.toStatusInfo()
 	} else {
-		newInfo.JujuStatus.Current = s.Status
-		newInfo.JujuStatus.Message = s.StatusInfo
-		newInfo.JujuStatus.Data = normaliseStatusData(s.StatusData)
-		newInfo.JujuStatus.Since = unixNanoToTime(s.Updated)
+		newInfo.AgentStatus = s.toStatusInfo()
 		// If the unit was in error and now it's not, we need to reset its
 		// status back to what was previously recorded.
 		if newInfo.WorkloadStatus.Current == status.StatusError {
 			newInfo.WorkloadStatus.Current = unitStatus.Status
 			newInfo.WorkloadStatus.Message = unitStatus.Message
-			newInfo.WorkloadStatus.Data = normaliseStatusData(unitStatus.Data)
+			newInfo.WorkloadStatus.Data = unitStatus.Data
 			newInfo.WorkloadStatus.Since = unixNanoToTime(s.Updated)
 		}
 	}
 
-	// A change in a unit's status might also affect it's service.
-	service, err := st.Service(newInfo.Service)
+	// A change in a unit's status might also affect it's application.
+	application, err := st.Application(newInfo.Application)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	serviceId, ok := backingEntityIdForGlobalKey(st.ModelUUID(), service.globalKey())
+	applicationId, ok := backingEntityIdForGlobalKey(st.ModelUUID(), application.globalKey())
 	if !ok {
 		return nil
 	}
-	serviceInfo := store.Get(serviceId)
-	if serviceInfo == nil {
+	applicationInfo := store.Get(applicationId)
+	if applicationInfo == nil {
 		return nil
 	}
-	status, err := service.Status()
+	status, err := application.Status()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	newServiceInfo := *serviceInfo.(*multiwatcher.ServiceInfo)
-	newServiceInfo.Status.Current = status.Status
-	newServiceInfo.Status.Message = status.Message
-	newServiceInfo.Status.Data = normaliseStatusData(status.Data)
-	newServiceInfo.Status.Since = status.Since
-	store.Update(&newServiceInfo)
+	newApplicationInfo := *applicationInfo.(*multiwatcher.ApplicationInfo)
+	newApplicationInfo.Status = multiwatcher.NewStatusInfo(status, nil)
+	store.Update(&newApplicationInfo)
 	return nil
 }
 
@@ -731,7 +710,7 @@
 	case *multiwatcher.UnitInfo, *multiwatcher.MachineInfo:
 		// We don't (yet) publish unit or machine constraints.
 		return nil
-	case *multiwatcher.ServiceInfo:
+	case *multiwatcher.ApplicationInfo:
 		newInfo := *info
 		newInfo.Constraints = constraintsDoc(*c).value()
 		info0 = &newInfo
@@ -762,12 +741,12 @@
 	case nil:
 		// The parent info doesn't exist. Ignore the status until it does.
 		return nil
-	case *multiwatcher.ServiceInfo:
-		// If we're seeing settings for the service with a different
+	case *multiwatcher.ApplicationInfo:
+		// If we're seeing settings for the application with a different
 		// charm URL, we ignore them - we will fetch
 		// them again when the service charm changes.
 		// By doing this we make sure that the settings in the
-		// ServiceInfo are always consistent with the charm URL.
+		// ApplicationInfo are always consistent with the charm URL.
 		if info.CharmURL != url {
 			break
 		}
@@ -788,7 +767,7 @@
 		return nil
 	}
 	parent := store.Get(parentID)
-	if info, ok := parent.(*multiwatcher.ServiceInfo); ok {
+	if info, ok := parent.(*multiwatcher.ApplicationInfo); ok {
 		if info.CharmURL != url {
 			return nil
 		}
@@ -808,7 +787,7 @@
 // settings key. Any extra information in the key is returned in
 // extra.
 func backingEntityIdForSettingsKey(modelUUID, key string) (eid multiwatcher.EntityId, extra string, ok bool) {
-	if !strings.HasPrefix(key, "s#") {
+	if !strings.HasPrefix(key, "a#") {
 		eid, ok = backingEntityIdForGlobalKey(modelUUID, key)
 		return
 	}
@@ -817,7 +796,7 @@
 	if i == -1 {
 		return multiwatcher.EntityId{}, "", false
 	}
-	eid = (&multiwatcher.ServiceInfo{
+	eid = (&multiwatcher.ApplicationInfo{
 		ModelUUID: modelUUID,
 		Name:      key[0:i],
 	}).EntityId()
@@ -875,13 +854,13 @@
 			// always acting a little behind reality. It is reasonable
 			// that entities have been deleted from State but we're
 			// still seeing events related to them from the watcher.
-			logger.Warningf("cannot retrieve units for %q: %v", info.Id, err)
+			logger.Errorf("cannot retrieve units for %q: %v", info.Id, err)
 			return nil
 		}
 		// Update the ports on all units assigned to the machine.
 		for _, u := range units {
 			if err := updateUnitPorts(st, store, u); err != nil {
-				logger.Warningf("cannot update unit ports for %q: %v", u.Name(), err)
+				logger.Errorf("cannot update unit ports for %q: %v", u.Name(), err)
 			}
 		}
 	}
@@ -892,6 +871,29 @@
 	panic("cannot find mongo id from openedPorts document")
 }
 
+func toMultiwatcherPortRanges(portRanges []network.PortRange) []multiwatcher.PortRange {
+	result := make([]multiwatcher.PortRange, len(portRanges))
+	for i, pr := range portRanges {
+		result[i] = multiwatcher.PortRange{
+			FromPort: pr.FromPort,
+			ToPort:   pr.ToPort,
+			Protocol: pr.Protocol,
+		}
+	}
+	return result
+}
+
+func toMultiwatcherPorts(ports []network.Port) []multiwatcher.Port {
+	result := make([]multiwatcher.Port, len(ports))
+	for i, p := range ports {
+		result[i] = multiwatcher.Port{
+			Number:   p.Number,
+			Protocol: p.Protocol,
+		}
+	}
+	return result
+}
+
 // updateUnitPorts updates the Ports and PortRanges info of the given unit.
 func updateUnitPorts(st *State, store *multiwatcherStore, u *Unit) error {
 	eid, ok := backingEntityIdForGlobalKey(st.ModelUUID(), u.globalKey())
@@ -910,8 +912,8 @@
 			return errors.Trace(err)
 		}
 		unitInfo := *oldInfo
-		unitInfo.PortRanges = portRanges
-		unitInfo.Ports = compatiblePorts
+		unitInfo.PortRanges = toMultiwatcherPortRanges(portRanges)
+		unitInfo.Ports = toMultiwatcherPorts(compatiblePorts)
 		store.Update(&unitInfo)
 	default:
 		return nil
@@ -949,8 +951,8 @@
 			ModelUUID: modelUUID,
 			Name:      id,
 		}).EntityId(), true
-	case 's':
-		return (&multiwatcher.ServiceInfo{
+	case 'a':
+		return (&multiwatcher.ApplicationInfo{
 			ModelUUID: modelUUID,
 			Name:      id,
 		}).EntityId(), true
@@ -984,7 +986,7 @@
 	collections := makeAllWatcherCollectionInfo(
 		machinesC,
 		unitsC,
-		servicesC,
+		applicationsC,
 		relationsC,
 		annotationsC,
 		statusesC,
@@ -996,6 +998,7 @@
 	)
 	return &allWatcherStateBacking{
 		st:               st,
+		watcher:          st.workers.TxnLogWatcher(),
 		collectionByName: collections,
 	}
 }
@@ -1008,14 +1011,14 @@
 // Watch watches all the collections.
 func (b *allWatcherStateBacking) Watch(in chan<- watcher.Change) {
 	for _, c := range b.collectionByName {
-		b.st.watcher.WatchCollectionWithFilter(c.name, in, b.filterEnv)
+		b.watcher.WatchCollectionWithFilter(c.name, in, b.filterEnv)
 	}
 }
 
 // Unwatch unwatches all the collections.
 func (b *allWatcherStateBacking) Unwatch(in chan<- watcher.Change) {
 	for _, c := range b.collectionByName {
-		b.st.watcher.UnwatchCollection(c.name, in)
+		b.watcher.UnwatchCollection(c.name, in)
 	}
 }
 
@@ -1064,7 +1067,7 @@
 		modelsC,
 		machinesC,
 		unitsC,
-		servicesC,
+		applicationsC,
 		relationsC,
 		annotationsC,
 		statusesC,
@@ -1074,6 +1077,7 @@
 	)
 	return &allModelWatcherStateBacking{
 		st:               st,
+		watcher:          st.workers.TxnLogWatcher(),
 		stPool:           NewStatePool(st),
 		collectionByName: collections,
 	}
@@ -1082,34 +1086,41 @@
 // Watch watches all the collections.
 func (b *allModelWatcherStateBacking) Watch(in chan<- watcher.Change) {
 	for _, c := range b.collectionByName {
-		b.st.watcher.WatchCollection(c.name, in)
+		b.watcher.WatchCollection(c.name, in)
 	}
 }
 
 // Unwatch unwatches all the collections.
 func (b *allModelWatcherStateBacking) Unwatch(in chan<- watcher.Change) {
 	for _, c := range b.collectionByName {
-		b.st.watcher.UnwatchCollection(c.name, in)
+		b.watcher.UnwatchCollection(c.name, in)
 	}
 }
 
 // GetAll fetches all items that we want to watch from the state.
 func (b *allModelWatcherStateBacking) GetAll(all *multiwatcherStore) error {
-	envs, err := b.st.AllModels()
+	models, err := b.st.AllModels()
 	if err != nil {
 		return errors.Annotate(err, "error loading models")
 	}
-	for _, env := range envs {
-		st, err := b.st.ForModel(env.ModelTag())
-		if err != nil {
+	for _, m := range models {
+		if err := b.loadAllWatcherEntitiesForModel(m, all); err != nil {
 			return errors.Trace(err)
 		}
-		defer st.Close()
+	}
+	return nil
+}
 
-		err = loadAllWatcherEntities(st, b.collectionByName, all)
-		if err != nil {
-			return errors.Annotatef(err, "error loading entities for model %v", env.UUID())
-		}
+func (b *allModelWatcherStateBacking) loadAllWatcherEntitiesForModel(m *Model, all *multiwatcherStore) error {
+	st, err := b.st.ForModel(m.ModelTag())
+	if err != nil {
+		return errors.Trace(err)
+	}
+	defer st.Close()
+
+	err = loadAllWatcherEntities(st, b.collectionByName, all)
+	if err != nil {
+		return errors.Annotatef(err, "error loading entities for model %v", m.UUID())
 	}
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/allwatcher_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/allwatcher_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/allwatcher_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/allwatcher_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,11 +10,11 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
@@ -28,7 +28,7 @@
 var (
 	_ backingEntityDoc = (*backingMachine)(nil)
 	_ backingEntityDoc = (*backingUnit)(nil)
-	_ backingEntityDoc = (*backingService)(nil)
+	_ backingEntityDoc = (*backingApplication)(nil)
 	_ backingEntityDoc = (*backingRelation)(nil)
 	_ backingEntityDoc = (*backingAnnotation)(nil)
 	_ backingEntityDoc = (*backingStatus)(nil)
@@ -55,7 +55,7 @@
 		"name": fmt.Sprintf("testenv%d", s.envCount),
 		"uuid": utils.MustNewUUID().String(),
 	})
-	_, st, err := s.state.NewModel(ModelArgs{Config: cfg, Owner: s.owner})
+	_, st, err := s.state.NewModel(ModelArgs{CloudName: "dummy", Config: cfg, Owner: s.owner})
 	c.Assert(err, jc.ErrorIsNil)
 	s.AddCleanup(func(*gc.C) { st.Close() })
 	return st
@@ -81,28 +81,38 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = m.SetProviderAddresses(network.NewAddress("example.com"))
 	c.Assert(err, jc.ErrorIsNil)
+	var addresses []multiwatcher.Address
+	for _, addr := range m.Addresses() {
+		addresses = append(addresses, multiwatcher.Address{
+			Value:           addr.Value,
+			Type:            string(addr.Type),
+			Scope:           string(addr.Scope),
+			SpaceName:       string(addr.SpaceName),
+			SpaceProviderId: string(addr.SpaceProviderId),
+		})
+	}
 	add(&multiwatcher.MachineInfo{
 		ModelUUID:  modelUUID,
 		Id:         "0",
 		InstanceId: "i-machine-0",
-		JujuStatus: multiwatcher.StatusInfo{
+		AgentStatus: multiwatcher.StatusInfo{
 			Current: status.StatusPending,
 			Data:    map[string]interface{}{},
 		},
-		MachineStatus: multiwatcher.StatusInfo{
+		InstanceStatus: multiwatcher.StatusInfo{
 			Current: status.StatusPending,
 			Data:    map[string]interface{}{},
 		},
 		Life:                    multiwatcher.Life("alive"),
 		Series:                  "quantal",
 		Jobs:                    []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-		Addresses:               m.Addresses(),
+		Addresses:               addresses,
 		HardwareCharacteristics: hc,
 		HasVote:                 true,
 		WantsVote:               false,
 	})
 
-	wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
+	wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 	err = wordpress.SetExposed()
 	c.Assert(err, jc.ErrorIsNil)
 	err = wordpress.SetMinUnits(units)
@@ -110,12 +120,11 @@
 	err = wordpress.SetConstraints(constraints.MustParse("mem=100M"))
 	c.Assert(err, jc.ErrorIsNil)
 	setServiceConfigAttr(c, wordpress, "blog-title", "boring")
-	add(&multiwatcher.ServiceInfo{
+	add(&multiwatcher.ApplicationInfo{
 		ModelUUID:   modelUUID,
 		Name:        "wordpress",
 		Exposed:     true,
 		CharmURL:    serviceCharmURL(wordpress).String(),
-		OwnerTag:    s.owner.String(),
 		Life:        multiwatcher.Life("alive"),
 		MinUnits:    units,
 		Constraints: constraints.MustParse("mem=100M"),
@@ -132,16 +141,15 @@
 	c.Assert(err, jc.ErrorIsNil)
 	add(&multiwatcher.AnnotationInfo{
 		ModelUUID:   modelUUID,
-		Tag:         "service-wordpress",
+		Tag:         "application-wordpress",
 		Annotations: pairs,
 	})
 
-	logging := AddTestingService(c, st, "logging", AddTestingCharm(c, st, "logging"), s.owner)
-	add(&multiwatcher.ServiceInfo{
+	logging := AddTestingService(c, st, "logging", AddTestingCharm(c, st, "logging"))
+	add(&multiwatcher.ApplicationInfo{
 		ModelUUID:   modelUUID,
 		Name:        "logging",
 		CharmURL:    serviceCharmURL(logging).String(),
-		OwnerTag:    s.owner.String(),
 		Life:        multiwatcher.Life("alive"),
 		Config:      charm.Settings{},
 		Subordinate: true,
@@ -161,8 +169,8 @@
 		Key:       "logging:logging-directory wordpress:logging-dir",
 		Id:        rel.Id(),
 		Endpoints: []multiwatcher.Endpoint{
-			{ServiceName: "logging", Relation: charm.Relation{Name: "logging-directory", Role: "requirer", Interface: "logging", Optional: false, Limit: 1, Scope: "container"}},
-			{ServiceName: "wordpress", Relation: charm.Relation{Name: "logging-dir", Role: "provider", Interface: "logging", Optional: false, Limit: 0, Scope: "container"}}},
+			{ApplicationName: "logging", Relation: multiwatcher.CharmRelation{Name: "logging-directory", Role: "requirer", Interface: "logging", Optional: false, Limit: 1, Scope: "container"}},
+			{ApplicationName: "wordpress", Relation: multiwatcher.CharmRelation{Name: "logging-dir", Role: "provider", Interface: "logging", Optional: false, Limit: 0, Scope: "container"}}},
 	})
 
 	for i := 0; i < units; i++ {
@@ -177,17 +185,17 @@
 		add(&multiwatcher.UnitInfo{
 			ModelUUID:   modelUUID,
 			Name:        fmt.Sprintf("wordpress/%d", i),
-			Service:     wordpress.Name(),
+			Application: wordpress.Name(),
 			Series:      m.Series(),
 			MachineId:   m.Id(),
-			Ports:       []network.Port{},
+			Ports:       []multiwatcher.Port{},
 			Subordinate: false,
 			WorkloadStatus: multiwatcher.StatusInfo{
 				Current: "unknown",
 				Message: "Waiting for agent initialization to finish",
 				Data:    map[string]interface{}{},
 			},
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: "allocating",
 				Message: "",
 				Data:    map[string]interface{}{},
@@ -204,7 +212,13 @@
 
 		err = m.SetProvisioned(instance.Id("i-"+m.Tag().String()), "fake_nonce", nil)
 		c.Assert(err, jc.ErrorIsNil)
-		err = m.SetStatus(status.StatusError, m.Tag().String(), nil)
+		now := time.Now()
+		sInfo := status.StatusInfo{
+			Status:  status.StatusError,
+			Message: m.Tag().String(),
+			Since:   &now,
+		}
+		err = m.SetStatus(sInfo)
 		c.Assert(err, jc.ErrorIsNil)
 		hc, err := m.HardwareCharacteristics()
 		c.Assert(err, jc.ErrorIsNil)
@@ -212,19 +226,19 @@
 			ModelUUID:  modelUUID,
 			Id:         fmt.Sprint(i + 1),
 			InstanceId: "i-" + m.Tag().String(),
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusError,
 				Message: m.Tag().String(),
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:                    multiwatcher.Life("alive"),
 			Series:                  "quantal",
 			Jobs:                    []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses:               []network.Address{},
+			Addresses:               []multiwatcher.Address{},
 			HardwareCharacteristics: hc,
 			HasVote:                 false,
 			WantsVote:               false,
@@ -253,16 +267,16 @@
 		add(&multiwatcher.UnitInfo{
 			ModelUUID:   modelUUID,
 			Name:        fmt.Sprintf("logging/%d", i),
-			Service:     "logging",
+			Application: "logging",
 			Series:      "quantal",
-			Ports:       []network.Port{},
+			Ports:       []multiwatcher.Port{},
 			Subordinate: true,
 			WorkloadStatus: multiwatcher.StatusInfo{
 				Current: "unknown",
 				Message: "Waiting for agent initialization to finish",
 				Data:    map[string]interface{}{},
 			},
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: "allocating",
 				Message: "",
 				Data:    map[string]interface{}{},
@@ -312,12 +326,12 @@
 	assertEntitiesEqual(c, gotEntities, expectEntities)
 }
 
-func serviceCharmURL(svc *Service) *charm.URL {
+func serviceCharmURL(svc *Application) *charm.URL {
 	url, _ := svc.CharmURL()
 	return url
 }
 
-func setServiceConfigAttr(c *gc.C, svc *Service, attr string, val interface{}) {
+func setServiceConfigAttr(c *gc.C, svc *Application, attr string, val interface{}) {
 	err := svc.UpdateConfigSettings(charm.Settings{attr: val})
 	c.Assert(err, jc.ErrorIsNil)
 }
@@ -342,34 +356,32 @@
 
 func substNilSinceTimeForStatus(c *gc.C, sInfo *multiwatcher.StatusInfo) {
 	if sInfo.Current != "" {
-		c.Assert(sInfo.Since, gc.NotNil)
+		c.Assert(sInfo.Since, gc.NotNil) // TODO(dfc) WTF does this check do ? separation of concerns much
 	}
 	sInfo.Since = nil
 }
 
-func substNilSinceTimeForStatusNoCheck(sInfo *multiwatcher.StatusInfo) {
-	sInfo.Since = nil
-}
-
 // substNilSinceTimeForEntities zeros out any updated timestamps for unit
 // or service status values so we can easily check the results.
 func substNilSinceTimeForEntities(c *gc.C, entities []multiwatcher.EntityInfo) {
 	// Zero out any updated timestamps for unit or service status values
 	// so we can easily check the results.
-	for i, entity := range entities {
-		if unitInfo, ok := entity.(*multiwatcher.UnitInfo); ok {
+	for i := range entities {
+		switch e := entities[i].(type) {
+		case *multiwatcher.UnitInfo:
+			unitInfo := *e // must copy because this entity came out of the multiwatcher cache.
 			substNilSinceTimeForStatus(c, &unitInfo.WorkloadStatus)
-			substNilSinceTimeForStatus(c, &unitInfo.JujuStatus)
-			entities[i] = unitInfo
-		}
-		if serviceInfo, ok := entity.(*multiwatcher.ServiceInfo); ok {
-			substNilSinceTimeForStatus(c, &serviceInfo.Status)
-			entities[i] = serviceInfo
-		}
-		if machineInfo, ok := entity.(*multiwatcher.MachineInfo); ok {
-			substNilSinceTimeForStatus(c, &machineInfo.JujuStatus)
-			substNilSinceTimeForStatus(c, &machineInfo.MachineStatus)
-			entities[i] = machineInfo
+			substNilSinceTimeForStatus(c, &unitInfo.AgentStatus)
+			entities[i] = &unitInfo
+		case *multiwatcher.ApplicationInfo:
+			applicationInfo := *e // must copy because this entity came out of the multiwatcher cache.
+			substNilSinceTimeForStatus(c, &applicationInfo.Status)
+			entities[i] = &applicationInfo
+		case *multiwatcher.MachineInfo:
+			machineInfo := *e // must copy because this entity came out of the multiwatcher cache.
+			substNilSinceTimeForStatus(c, &machineInfo.AgentStatus)
+			substNilSinceTimeForStatus(c, &machineInfo.InstanceStatus)
+			entities[i] = &machineInfo
 		}
 	}
 }
@@ -377,21 +389,24 @@
 func substNilSinceTimeForEntityNoCheck(entity multiwatcher.EntityInfo) multiwatcher.EntityInfo {
 	// Zero out any updated timestamps for unit or service status values
 	// so we can easily check the results.
-	if unitInfo, ok := entity.(*multiwatcher.UnitInfo); ok {
-		substNilSinceTimeForStatusNoCheck(&unitInfo.WorkloadStatus)
-		substNilSinceTimeForStatusNoCheck(&unitInfo.JujuStatus)
-		return unitInfo
-	}
-	if serviceInfo, ok := entity.(*multiwatcher.ServiceInfo); ok {
-		substNilSinceTimeForStatusNoCheck(&serviceInfo.Status)
-		return serviceInfo
-	}
-	if machineInfo, ok := entity.(*multiwatcher.MachineInfo); ok {
-		substNilSinceTimeForStatusNoCheck(&machineInfo.JujuStatus)
-		substNilSinceTimeForStatusNoCheck(&machineInfo.MachineStatus)
-		return machineInfo
+	switch e := entity.(type) {
+	case *multiwatcher.UnitInfo:
+		unitInfo := *e // must copy because this entity came out of the multiwatcher cache.
+		unitInfo.WorkloadStatus.Since = nil
+		unitInfo.AgentStatus.Since = nil
+		return &unitInfo
+	case *multiwatcher.ApplicationInfo:
+		applicationInfo := *e // must copy because this entity came out of the multiwatcher cache.
+		applicationInfo.Status.Since = nil
+		return &applicationInfo
+	case *multiwatcher.MachineInfo:
+		machineInfo := *e // must copy because we this entity came out of the multiwatcher cache.
+		machineInfo.AgentStatus.Since = nil
+		machineInfo.InstanceStatus.Since = nil
+		return &machineInfo
+	default:
+		return entity
 	}
-	return entity
 }
 
 // changeTestFunc is a function for the preparation of a test and
@@ -449,7 +464,7 @@
 func (s *allWatcherStateSuite) TestChangeActions(c *gc.C) {
 	changeTestFuncs := []changeTestFunc{
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
 			action, err := st.EnqueueAction(u.Tag(), "vacuumdb", map[string]interface{}{})
@@ -552,7 +567,7 @@
 func (s *allWatcherStateSuite) TestClosingPorts(c *gc.C) {
 	defer s.Reset(c)
 	// Init the test model.
-	wordpress := AddTestingService(c, s.state, "wordpress", AddTestingCharm(c, s.state, "wordpress"), s.owner)
+	wordpress := AddTestingService(c, s.state, "wordpress", AddTestingCharm(c, s.state, "wordpress"))
 	u, err := wordpress.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	m, err := s.state.AddMachine("quantal", JobHostUnits)
@@ -584,19 +599,19 @@
 		&multiwatcher.UnitInfo{
 			ModelUUID:      s.state.ModelUUID(),
 			Name:           "wordpress/0",
-			Service:        "wordpress",
+			Application:    "wordpress",
 			Series:         "quantal",
 			MachineId:      "0",
 			PublicAddress:  "1.2.3.4",
 			PrivateAddress: "4.3.2.1",
-			Ports:          []network.Port{{"tcp", 12345}},
-			PortRanges:     []network.PortRange{{12345, 12345, "tcp"}},
+			Ports:          []multiwatcher.Port{{"tcp", 12345}},
+			PortRanges:     []multiwatcher.PortRange{{12345, 12345, "tcp"}},
 			WorkloadStatus: multiwatcher.StatusInfo{
 				Current: "unknown",
 				Message: "Waiting for agent initialization to finish",
 				Data:    map[string]interface{}{},
 			},
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: "allocating",
 				Data:    map[string]interface{}{},
 			},
@@ -615,23 +630,24 @@
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	entities = all.All()
+	substNilSinceTimeForEntities(c, entities)
 	assertEntitiesEqual(c, entities, []multiwatcher.EntityInfo{
 		&multiwatcher.UnitInfo{
 			ModelUUID:      s.state.ModelUUID(),
 			Name:           "wordpress/0",
-			Service:        "wordpress",
+			Application:    "wordpress",
 			Series:         "quantal",
 			MachineId:      "0",
 			PublicAddress:  "1.2.3.4",
 			PrivateAddress: "4.3.2.1",
-			Ports:          []network.Port{},
-			PortRanges:     []network.PortRange{},
+			Ports:          []multiwatcher.Port{},
+			PortRanges:     []multiwatcher.PortRange{},
 			WorkloadStatus: multiwatcher.StatusInfo{
 				Current: "unknown",
 				Message: "Waiting for agent initialization to finish",
 				Data:    map[string]interface{}{},
 			},
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: "allocating",
 				Data:    map[string]interface{}{},
 			},
@@ -646,28 +662,28 @@
 func (s *allWatcherStateSuite) TestSettings(c *gc.C) {
 	defer s.Reset(c)
 	// Init the test model.
-	svc := AddTestingService(c, s.state, "dummy-service", AddTestingCharm(c, s.state, "dummy"), s.owner)
+	svc := AddTestingService(c, s.state, "dummy-application", AddTestingCharm(c, s.state, "dummy"))
 	b := newAllWatcherStateBacking(s.state)
 	all := newStore()
 	// 1st scenario part: set settings and signal change.
 	setServiceConfigAttr(c, svc, "username", "foo")
 	setServiceConfigAttr(c, svc, "outlook", "foo@bar")
-	all.Update(&multiwatcher.ServiceInfo{
+	all.Update(&multiwatcher.ApplicationInfo{
 		ModelUUID: s.state.ModelUUID(),
-		Name:      "dummy-service",
+		Name:      "dummy-application",
 		CharmURL:  "local:quantal/quantal-dummy-1",
 	})
 	err := b.Changed(all, watcher.Change{
 		C:  "settings",
-		Id: s.state.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+		Id: s.state.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	entities := all.All()
 	substNilSinceTimeForEntities(c, entities)
 	assertEntitiesEqual(c, entities, []multiwatcher.EntityInfo{
-		&multiwatcher.ServiceInfo{
+		&multiwatcher.ApplicationInfo{
 			ModelUUID: s.state.ModelUUID(),
-			Name:      "dummy-service",
+			Name:      "dummy-application",
 			CharmURL:  "local:quantal/quantal-dummy-1",
 			Config:    charm.Settings{"outlook": "foo@bar", "username": "foo"},
 		},
@@ -677,14 +693,14 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = b.Changed(all, watcher.Change{
 		C:  "settings",
-		Id: s.state.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+		Id: s.state.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	entities = all.All()
 	assertEntitiesEqual(c, entities, []multiwatcher.EntityInfo{
-		&multiwatcher.ServiceInfo{
+		&multiwatcher.ApplicationInfo{
 			ModelUUID: s.state.ModelUUID(),
-			Name:      "dummy-service",
+			Name:      "dummy-application",
 			CharmURL:  "local:quantal/quantal-dummy-1",
 		},
 	})
@@ -712,12 +728,12 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: s.state.ModelUUID(),
 			Id:        "0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
@@ -725,7 +741,7 @@
 			Life:      multiwatcher.Life("alive"),
 			Series:    "trusty",
 			Jobs:      []multiwatcher.MachineJob{JobManageModel.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: true,
 		},
@@ -733,12 +749,12 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: s.state.ModelUUID(),
 			Id:        "1",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
@@ -746,7 +762,7 @@
 			Life:      multiwatcher.Life("alive"),
 			Series:    "saucy",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
@@ -762,12 +778,12 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: s.state.ModelUUID(),
 			Id:        "1",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
@@ -775,7 +791,7 @@
 			Life:      multiwatcher.Life("dying"),
 			Series:    "saucy",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
@@ -790,12 +806,12 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: s.state.ModelUUID(),
 			Id:        "1",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
@@ -803,7 +819,7 @@
 			Life:      multiwatcher.Life("dead"),
 			Series:    "saucy",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
@@ -826,7 +842,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(m2.Id(), gc.Equals, "2")
 
-	wordpress := AddTestingService(c, s.state, "wordpress", AddTestingCharm(c, s.state, "wordpress"), s.owner)
+	wordpress := AddTestingService(c, s.state, "wordpress", AddTestingCharm(c, s.state, "wordpress"))
 	wu, err := wordpress.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	err = wu.AssignToMachine(m2)
@@ -842,12 +858,12 @@
 			ModelUUID:  s.state.ModelUUID(),
 			Id:         "0",
 			InstanceId: "i-0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
@@ -855,7 +871,7 @@
 			Life:                    multiwatcher.Life("alive"),
 			Series:                  "trusty",
 			Jobs:                    []multiwatcher.MachineJob{JobManageModel.ToParams()},
-			Addresses:               []network.Address{},
+			Addresses:               []multiwatcher.Address{},
 			HardwareCharacteristics: hc,
 			HasVote:                 false,
 			WantsVote:               true,
@@ -870,12 +886,12 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: s.state.ModelUUID(),
 			Id:        "2",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 				Since:   &now,
@@ -883,16 +899,15 @@
 			Life:      multiwatcher.Life("alive"),
 			Series:    "quantal",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
 	}, {
-		Entity: &multiwatcher.ServiceInfo{
+		Entity: &multiwatcher.ApplicationInfo{
 			ModelUUID: s.state.ModelUUID(),
 			Name:      "wordpress",
 			CharmURL:  "local:quantal/quantal-wordpress-3",
-			OwnerTag:  s.owner.String(),
 			Life:      "alive",
 			Config:    make(map[string]interface{}),
 			Status: multiwatcher.StatusInfo{
@@ -903,17 +918,17 @@
 		},
 	}, {
 		Entity: &multiwatcher.UnitInfo{
-			ModelUUID: s.state.ModelUUID(),
-			Name:      "wordpress/0",
-			Service:   "wordpress",
-			Series:    "quantal",
-			MachineId: "2",
+			ModelUUID:   s.state.ModelUUID(),
+			Name:        "wordpress/0",
+			Application: "wordpress",
+			Series:      "quantal",
+			MachineId:   "2",
 			WorkloadStatus: multiwatcher.StatusInfo{
 				Current: "unknown",
 				Message: "Waiting for agent initialization to finish",
 				Data:    map[string]interface{}{},
 			},
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: "allocating",
 				Message: "",
 				Data:    map[string]interface{}{},
@@ -937,17 +952,17 @@
 				c.Assert(m0.Id(), gc.Equals, "0")
 			},
 		}, {
-			about: "services",
+			about: "applications",
 			triggerEvent: func(st *State) {
-				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
+				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			},
 		}, {
 			about: "units",
 			setUpState: func(st *State) {
-				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
+				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			},
 			triggerEvent: func(st *State) {
-				svc, err := st.Service("wordpress")
+				svc, err := st.Application("wordpress")
 				c.Assert(err, jc.ErrorIsNil)
 
 				_, err = svc.AddUnit()
@@ -956,8 +971,8 @@
 		}, {
 			about: "relations",
 			setUpState: func(st *State) {
-				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
-				AddTestingService(c, st, "mysql", AddTestingCharm(c, st, "mysql"), s.owner)
+				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
+				AddTestingService(c, st, "mysql", AddTestingCharm(c, st, "mysql"))
 			},
 			triggerEvent: func(st *State) {
 				eps, err := st.InferEndpoints("mysql", "wordpress")
@@ -992,16 +1007,22 @@
 				m, err := st.Machine("0")
 				c.Assert(err, jc.ErrorIsNil)
 
-				err = m.SetStatus("error", "pete tong", nil)
+				now := time.Now()
+				sInfo := status.StatusInfo{
+					Status:  status.StatusError,
+					Message: "pete tong",
+					Since:   &now,
+				}
+				err = m.SetStatus(sInfo)
 				c.Assert(err, jc.ErrorIsNil)
 			},
 		}, {
 			about: "constraints",
 			setUpState: func(st *State) {
-				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
+				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			},
 			triggerEvent: func(st *State) {
-				svc, err := st.Service("wordpress")
+				svc, err := st.Application("wordpress")
 				c.Assert(err, jc.ErrorIsNil)
 
 				cpuCores := uint64(99)
@@ -1011,10 +1032,10 @@
 		}, {
 			about: "settings",
 			setUpState: func(st *State) {
-				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
+				AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			},
 			triggerEvent: func(st *State) {
-				svc, err := st.Service("wordpress")
+				svc, err := st.Application("wordpress")
 				c.Assert(err, jc.ErrorIsNil)
 
 				err = svc.UpdateConfigSettings(charm.Settings{"blog-title": "boring"})
@@ -1041,16 +1062,16 @@
 				if test.setUpState != nil {
 					test.setUpState(st)
 					// Consume events from setup.
-					w.AssertChanges()
-					w.AssertNoChange()
-					otherW.AssertNoChange()
+					w.AssertChanges(c)
+					w.AssertNoChange(c)
+					otherW.AssertNoChange(c)
 				}
 
 				test.triggerEvent(st)
 				// Check event was isolated to the correct watcher.
-				w.AssertChanges()
-				w.AssertNoChange()
-				otherW.AssertNoChange()
+				w.AssertChanges(c)
+				w.AssertNoChange(c)
+				otherW.AssertNoChange(c)
 			}
 			otherState := s.newState(c)
 
@@ -1060,8 +1081,8 @@
 			defer w2.Stop()
 
 			// The first set of deltas is empty, reflecting an empty model.
-			w1.AssertNoChange()
-			w2.AssertNoChange()
+			w1.AssertNoChange(c)
+			w2.AssertNoChange(c)
 			checkIsolationForEnv(s.state, w1, w2)
 			checkIsolationForEnv(otherState, w2, w1)
 		}()
@@ -1119,23 +1140,19 @@
 
 			entities = all.All()
 
-			// substNilSinceTimeForEntities gets upset if it sees non-nil
-			// times - which the entities for the first env will have - so
-			// build a list of the entities for the second env.
-			newEntities := make([]multiwatcher.EntityInfo, 0)
-			for _, entity := range entities {
-				if entity.EntityId().ModelUUID == s.state1.ModelUUID() {
-					newEntities = append(newEntities, entity)
-				}
-			}
-			substNilSinceTimeForEntities(c, newEntities)
-
 			// Expected to see entities for both envs.
 			var expectedEntities entityInfoSlice = append(
 				test0.expectContents,
 				test1.expectContents...)
 			sort.Sort(entities)
 			sort.Sort(expectedEntities)
+
+			// for some reason substNilSinceTimeForStatus cares if the Current is not blank
+			// and will abort if it is. Apparently this happens and it's totally fine. So we
+			// must use the NoCheck variant, rather than substNilSinceTimeForEntities(c, entities)
+			for i := range entities {
+				entities[i] = substNilSinceTimeForEntityNoCheck(entities[i])
+			}
 			assertEntitiesEqual(c, entities, expectedEntities)
 		}()
 	}
@@ -1191,7 +1208,7 @@
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			env, err := st.Model()
+			model, err := st.Model()
 			c.Assert(err, jc.ErrorIsNil)
 			return changeTestCase{
 				about: "model is added if it's in backing but not in Store",
@@ -1201,58 +1218,58 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.ModelInfo{
-						ModelUUID:  env.UUID(),
-						Name:       env.Name(),
-						Life:       multiwatcher.Life("alive"),
-						Owner:      env.Owner().Id(),
-						ServerUUID: env.ControllerUUID(),
+						ModelUUID:      model.UUID(),
+						Name:           model.Name(),
+						Life:           multiwatcher.Life("alive"),
+						Owner:          model.Owner().Id(),
+						ControllerUUID: model.ControllerUUID(),
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			env, err := st.Model()
+			model, err := st.Model()
 			c.Assert(err, jc.ErrorIsNil)
 			return changeTestCase{
 				about: "model is updated if it's in backing and in Store",
 				initialContents: []multiwatcher.EntityInfo{
 					&multiwatcher.ModelInfo{
-						ModelUUID:  env.UUID(),
-						Name:       "",
-						Life:       multiwatcher.Life("alive"),
-						Owner:      env.Owner().Id(),
-						ServerUUID: env.ControllerUUID(),
+						ModelUUID:      model.UUID(),
+						Name:           "",
+						Life:           multiwatcher.Life("alive"),
+						Owner:          model.Owner().Id(),
+						ControllerUUID: model.ControllerUUID(),
 					},
 				},
 				change: watcher.Change{
 					C:  "models",
-					Id: env.UUID(),
+					Id: model.UUID(),
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.ModelInfo{
-						ModelUUID:  env.UUID(),
-						Name:       env.Name(),
-						Life:       multiwatcher.Life("alive"),
-						Owner:      env.Owner().Id(),
-						ServerUUID: env.ControllerUUID(),
+						ModelUUID:      model.UUID(),
+						Name:           model.Name(),
+						Life:           multiwatcher.Life("alive"),
+						Owner:          model.Owner().Id(),
+						ControllerUUID: model.ControllerUUID(),
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), s.owner)
+			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			err := svc.SetConstraints(constraints.MustParse("mem=4G arch=amd64"))
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
 				about: "status is changed if the service exists in the store",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID:   st.ModelUUID(),
 					Name:        "wordpress",
 					Constraints: constraints.MustParse("mem=99M cpu-cores=2 cpu-power=4"),
 				}},
 				change: watcher.Change{
 					C:  "constraints",
-					Id: st.docID("s#wordpress"),
+					Id: st.docID("a#wordpress"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID:   st.ModelUUID(),
 						Name:        "wordpress",
 						Constraints: constraints.MustParse("mem=4G arch=amd64"),
@@ -1302,18 +1319,18 @@
 	c.Assert(err, jc.ErrorIsNil)
 	expectedEntities = append(expectedEntities,
 		&multiwatcher.ModelInfo{
-			ModelUUID:  env.UUID(),
-			Name:       env.Name(),
-			Life:       multiwatcher.Life("alive"),
-			Owner:      env.Owner().Id(),
-			ServerUUID: env.ControllerUUID(),
+			ModelUUID:      env.UUID(),
+			Name:           env.Name(),
+			Life:           multiwatcher.Life("alive"),
+			Owner:          env.Owner().Id(),
+			ControllerUUID: env.ControllerUUID(),
 		},
 		&multiwatcher.ModelInfo{
-			ModelUUID:  env1.UUID(),
-			Name:       env1.Name(),
-			Life:       multiwatcher.Life("alive"),
-			Owner:      env1.Owner().Id(),
-			ServerUUID: env1.ControllerUUID(),
+			ModelUUID:      env1.UUID(),
+			Name:           env1.Name(),
+			Life:           multiwatcher.Life("alive"),
+			Owner:          env1.Owner().Id(),
+			ControllerUUID: env1.ControllerUUID(),
 		},
 	)
 
@@ -1357,36 +1374,36 @@
 	deltas := tw.All(4)
 	checkDeltasEqual(c, deltas, []multiwatcher.Delta{{
 		Entity: &multiwatcher.ModelInfo{
-			ModelUUID:  env0.UUID(),
-			Name:       env0.Name(),
-			Life:       "alive",
-			Owner:      env0.Owner().Id(),
-			ServerUUID: env0.ControllerUUID(),
+			ModelUUID:      env0.UUID(),
+			Name:           env0.Name(),
+			Life:           "alive",
+			Owner:          env0.Owner().Id(),
+			ControllerUUID: env0.ControllerUUID(),
 		},
 	}, {
 		Entity: &multiwatcher.ModelInfo{
-			ModelUUID:  env1.UUID(),
-			Name:       env1.Name(),
-			Life:       "alive",
-			Owner:      env1.Owner().Id(),
-			ServerUUID: env1.ControllerUUID(),
+			ModelUUID:      env1.UUID(),
+			Name:           env1.Name(),
+			Life:           "alive",
+			Owner:          env1.Owner().Id(),
+			ControllerUUID: env1.ControllerUUID(),
 		},
 	}, {
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: st0.ModelUUID(),
 			Id:        "0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:      multiwatcher.Life("alive"),
 			Series:    "trusty",
 			Jobs:      []multiwatcher.MachineJob{JobManageModel.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: true,
 		},
@@ -1394,18 +1411,18 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: st1.ModelUUID(),
 			Id:        "0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:      multiwatcher.Life("alive"),
 			Series:    "saucy",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
@@ -1421,18 +1438,18 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: st1.ModelUUID(),
 			Id:        "0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:      multiwatcher.Life("dying"),
 			Series:    "saucy",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
@@ -1447,18 +1464,18 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: st1.ModelUUID(),
 			Id:        "0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:      multiwatcher.Life("dead"),
 			Series:    "saucy",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
@@ -1476,7 +1493,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(m11.Id(), gc.Equals, "1")
 
-	wordpress := AddTestingService(c, st1, "wordpress", AddTestingCharm(c, st1, "wordpress"), s.owner)
+	wordpress := AddTestingService(c, st1, "wordpress", AddTestingCharm(c, st1, "wordpress"))
 	wu, err := wordpress.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	err = wu.AssignToMachine(m11)
@@ -1499,18 +1516,18 @@
 			ModelUUID:  st0.ModelUUID(),
 			Id:         "0",
 			InstanceId: "i-0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:                    multiwatcher.Life("alive"),
 			Series:                  "trusty",
 			Jobs:                    []multiwatcher.MachineJob{JobManageModel.ToParams()},
-			Addresses:               []network.Address{},
+			Addresses:               []multiwatcher.Address{},
 			HardwareCharacteristics: &instance.HardwareCharacteristics{},
 			HasVote:                 false,
 			WantsVote:               true,
@@ -1525,27 +1542,26 @@
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: st1.ModelUUID(),
 			Id:        "1",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:      multiwatcher.Life("alive"),
 			Series:    "quantal",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
 	}, {
-		Entity: &multiwatcher.ServiceInfo{
+		Entity: &multiwatcher.ApplicationInfo{
 			ModelUUID: st1.ModelUUID(),
 			Name:      "wordpress",
 			CharmURL:  "local:quantal/quantal-wordpress-3",
-			OwnerTag:  s.owner.String(),
 			Life:      "alive",
 			Config:    make(map[string]interface{}),
 			Status: multiwatcher.StatusInfo{
@@ -1556,17 +1572,17 @@
 		},
 	}, {
 		Entity: &multiwatcher.UnitInfo{
-			ModelUUID: st1.ModelUUID(),
-			Name:      "wordpress/0",
-			Service:   "wordpress",
-			Series:    "quantal",
-			MachineId: "1",
+			ModelUUID:   st1.ModelUUID(),
+			Name:        "wordpress/0",
+			Application: "wordpress",
+			Series:      "quantal",
+			MachineId:   "1",
 			WorkloadStatus: multiwatcher.StatusInfo{
 				Current: "unknown",
 				Message: "Waiting for agent initialization to finish",
 				Data:    map[string]interface{}{},
 			},
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: "allocating",
 				Message: "",
 				Data:    map[string]interface{}{},
@@ -1574,28 +1590,28 @@
 		},
 	}, {
 		Entity: &multiwatcher.ModelInfo{
-			ModelUUID:  env2.UUID(),
-			Name:       env2.Name(),
-			Life:       "alive",
-			Owner:      env2.Owner().Id(),
-			ServerUUID: env2.ControllerUUID(),
+			ModelUUID:      env2.UUID(),
+			Name:           env2.Name(),
+			Life:           "alive",
+			Owner:          env2.Owner().Id(),
+			ControllerUUID: env2.ControllerUUID(),
 		},
 	}, {
 		Entity: &multiwatcher.MachineInfo{
 			ModelUUID: st2.ModelUUID(),
 			Id:        "0",
-			JujuStatus: multiwatcher.StatusInfo{
+			AgentStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
-			MachineStatus: multiwatcher.StatusInfo{
+			InstanceStatus: multiwatcher.StatusInfo{
 				Current: status.StatusPending,
 				Data:    map[string]interface{}{},
 			},
 			Life:      multiwatcher.Life("alive"),
 			Series:    "trusty",
 			Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-			Addresses: []network.Address{},
+			Addresses: []multiwatcher.Address{},
 			HasVote:   false,
 			WantsVote: false,
 		},
@@ -1604,13 +1620,16 @@
 
 func zeroOutTimestampsForDeltas(c *gc.C, deltas []multiwatcher.Delta) {
 	for i, delta := range deltas {
-		if unitInfo, ok := delta.Entity.(*multiwatcher.UnitInfo); ok {
+		switch e := delta.Entity.(type) {
+		case *multiwatcher.UnitInfo:
+			unitInfo := *e // must copy, we may not own this reference
 			substNilSinceTimeForStatus(c, &unitInfo.WorkloadStatus)
-			substNilSinceTimeForStatus(c, &unitInfo.JujuStatus)
-			delta.Entity = unitInfo
-		} else if serviceInfo, ok := delta.Entity.(*multiwatcher.ServiceInfo); ok {
-			substNilSinceTimeForStatus(c, &serviceInfo.Status)
-			delta.Entity = serviceInfo
+			substNilSinceTimeForStatus(c, &unitInfo.AgentStatus)
+			delta.Entity = &unitInfo
+		case *multiwatcher.ApplicationInfo:
+			applicationInfo := *e // must copy, we may not own this reference
+			substNilSinceTimeForStatus(c, &applicationInfo.Status)
+			delta.Entity = &applicationInfo
 		}
 		deltas[i] = delta
 	}
@@ -1732,7 +1751,13 @@
 		func(c *gc.C, st *State) changeTestCase {
 			m, err := st.AddMachine("quantal", JobHostUnits)
 			c.Assert(err, jc.ErrorIsNil)
-			err = m.SetStatus(status.StatusError, "failure", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusError,
+				Message: "failure",
+				Since:   &now,
+			}
+			err = m.SetStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
@@ -1745,19 +1770,19 @@
 					&multiwatcher.MachineInfo{
 						ModelUUID: st.ModelUUID(),
 						Id:        "0",
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: status.StatusError,
 							Message: "failure",
 							Data:    map[string]interface{}{},
 						},
-						MachineStatus: multiwatcher.StatusInfo{
+						InstanceStatus: multiwatcher.StatusInfo{
 							Current: status.StatusPending,
 							Data:    map[string]interface{}{},
 						},
 						Life:      multiwatcher.Life("alive"),
 						Series:    "quantal",
 						Jobs:      []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-						Addresses: []network.Address{},
+						Addresses: []multiwatcher.Address{},
 						HasVote:   false,
 						WantsVote: false,
 					}}}
@@ -1767,7 +1792,7 @@
 			c.Assert(err, jc.ErrorIsNil)
 			err = m.SetProvisioned("i-0", "bootstrap_nonce", nil)
 			c.Assert(err, jc.ErrorIsNil)
-			err = m.SetSupportedContainers([]instance.ContainerType{instance.LXC})
+			err = m.SetSupportedContainers([]instance.ContainerType{instance.LXD})
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
@@ -1776,13 +1801,13 @@
 					&multiwatcher.MachineInfo{
 						ModelUUID: st.ModelUUID(),
 						Id:        "0",
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: status.StatusError,
 							Message: "another failure",
 							Data:    map[string]interface{}{},
 							Since:   &now,
 						},
-						MachineStatus: multiwatcher.StatusInfo{
+						InstanceStatus: multiwatcher.StatusInfo{
 							Current: status.StatusPending,
 							Data:    map[string]interface{}{},
 							Since:   &now,
@@ -1798,21 +1823,21 @@
 						ModelUUID:  st.ModelUUID(),
 						Id:         "0",
 						InstanceId: "i-0",
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: status.StatusError,
 							Message: "another failure",
 							Data:    map[string]interface{}{},
 						},
-						MachineStatus: multiwatcher.StatusInfo{
+						InstanceStatus: multiwatcher.StatusInfo{
 							Current: status.StatusPending,
 							Data:    map[string]interface{}{},
 						},
 						Life:                     multiwatcher.Life("alive"),
 						Series:                   "trusty",
 						Jobs:                     []multiwatcher.MachineJob{JobHostUnits.ToParams()},
-						Addresses:                []network.Address{},
+						Addresses:                []multiwatcher.Address{},
 						HardwareCharacteristics:  &instance.HardwareCharacteristics{},
-						SupportedContainers:      []instance.ContainerType{instance.LXC},
+						SupportedContainers:      []instance.ContainerType{instance.LXD},
 						SupportedContainersKnown: true,
 					}}}
 		},
@@ -1822,7 +1847,7 @@
 				initialContents: []multiwatcher.EntityInfo{&multiwatcher.MachineInfo{
 					ModelUUID: st.ModelUUID(),
 					Id:        "0",
-					JujuStatus: multiwatcher.StatusInfo{
+					AgentStatus: multiwatcher.StatusInfo{
 						Current: status.StatusError,
 						Message: "failure",
 						Data:    map[string]interface{}{},
@@ -1837,7 +1862,7 @@
 					&multiwatcher.MachineInfo{
 						ModelUUID: st.ModelUUID(),
 						Id:        "0",
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: status.StatusError,
 							Message: "failure",
 							Data:    map[string]interface{}{},
@@ -1847,7 +1872,13 @@
 		func(c *gc.C, st *State) changeTestCase {
 			m, err := st.AddMachine("quantal", JobHostUnits)
 			c.Assert(err, jc.ErrorIsNil)
-			err = m.SetStatus(status.StatusStarted, "", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusStarted,
+				Message: "",
+				Since:   &now,
+			}
+			err = m.SetStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
@@ -1855,7 +1886,7 @@
 				initialContents: []multiwatcher.EntityInfo{&multiwatcher.MachineInfo{
 					ModelUUID: st.ModelUUID(),
 					Id:        "0",
-					JujuStatus: multiwatcher.StatusInfo{
+					AgentStatus: multiwatcher.StatusInfo{
 						Current: status.StatusError,
 						Message: "failure",
 						Data:    map[string]interface{}{},
@@ -1870,7 +1901,7 @@
 					&multiwatcher.MachineInfo{
 						ModelUUID: st.ModelUUID(),
 						Id:        "0",
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: status.StatusStarted,
 							Data:    make(map[string]interface{}),
 						},
@@ -1903,8 +1934,8 @@
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
-			AddTestingService(c, st, "logging", AddTestingCharm(c, st, "logging"), owner)
+			AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
+			AddTestingService(c, st, "logging", AddTestingCharm(c, st, "logging"))
 			eps, err := st.InferEndpoints("logging", "wordpress")
 			c.Assert(err, jc.ErrorIsNil)
 			_, err = st.AddRelation(eps...)
@@ -1921,8 +1952,8 @@
 						ModelUUID: st.ModelUUID(),
 						Key:       "logging:logging-directory wordpress:logging-dir",
 						Endpoints: []multiwatcher.Endpoint{
-							{ServiceName: "logging", Relation: charm.Relation{Name: "logging-directory", Role: "requirer", Interface: "logging", Optional: false, Limit: 1, Scope: "container"}},
-							{ServiceName: "wordpress", Relation: charm.Relation{Name: "logging-dir", Role: "provider", Interface: "logging", Optional: false, Limit: 0, Scope: "container"}}},
+							{ApplicationName: "logging", Relation: multiwatcher.CharmRelation{Name: "logging-directory", Role: "requirer", Interface: "logging", Optional: false, Limit: 1, Scope: "container"}},
+							{ApplicationName: "wordpress", Relation: multiwatcher.CharmRelation{Name: "logging-dir", Role: "provider", Interface: "logging", Optional: false, Limit: 0, Scope: "container"}}},
 					}}}
 		},
 	}
@@ -1937,7 +1968,7 @@
 			return changeTestCase{
 				about: "no service in state, no service in store -> do nothing",
 				change: watcher.Change{
-					C:  "services",
+					C:  "applications",
 					Id: st.docID("wordpress"),
 				}}
 		},
@@ -1945,18 +1976,18 @@
 			return changeTestCase{
 				about: "service is removed if it's not in backing",
 				initialContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
 						Name:      "wordpress",
 					},
 				},
 				change: watcher.Change{
-					C:  "services",
+					C:  "applications",
 					Id: st.docID("wordpress"),
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			err := wordpress.SetExposed()
 			c.Assert(err, jc.ErrorIsNil)
 			err = wordpress.SetMinUnits(42)
@@ -1965,16 +1996,15 @@
 			return changeTestCase{
 				about: "service is added if it's in backing but not in Store",
 				change: watcher.Change{
-					C:  "services",
+					C:  "applications",
 					Id: st.docID("wordpress"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
 						Name:      "wordpress",
 						Exposed:   true,
 						CharmURL:  "local:quantal/quantal-wordpress-3",
-						OwnerTag:  owner.String(),
 						Life:      multiwatcher.Life("alive"),
 						MinUnits:  42,
 						Config:    charm.Settings{},
@@ -1986,12 +2016,12 @@
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			setServiceConfigAttr(c, svc, "blog-title", "boring")
 
 			return changeTestCase{
 				about: "service is updated if it's in backing and in multiwatcher.Store",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID:   st.ModelUUID(),
 					Name:        "wordpress",
 					Exposed:     true,
@@ -2001,27 +2031,26 @@
 					Config:      charm.Settings{"blog-title": "boring"},
 				}},
 				change: watcher.Change{
-					C:  "services",
+					C:  "applications",
 					Id: st.docID("wordpress"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID:   st.ModelUUID(),
 						Name:        "wordpress",
 						CharmURL:    "local:quantal/quantal-wordpress-3",
-						OwnerTag:    owner.String(),
 						Life:        multiwatcher.Life("alive"),
 						Constraints: constraints.MustParse("mem=99M"),
 						Config:      charm.Settings{"blog-title": "boring"},
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			setServiceConfigAttr(c, svc, "blog-title", "boring")
 
 			return changeTestCase{
 				about: "service re-reads config when charm URL changes",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID: st.ModelUUID(),
 					Name:      "wordpress",
 					// Note: CharmURL has a different revision number from
@@ -2030,15 +2059,14 @@
 					Config:   charm.Settings{"foo": "bar"},
 				}},
 				change: watcher.Change{
-					C:  "services",
+					C:  "applications",
 					Id: st.docID("wordpress"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
 						Name:      "wordpress",
 						CharmURL:  "local:quantal/quantal-wordpress-3",
-						OwnerTag:  owner.String(),
 						Life:      multiwatcher.Life("alive"),
 						Config:    charm.Settings{"blog-title": "boring"},
 					}}}
@@ -2049,73 +2077,73 @@
 				about: "no service in state -> do nothing",
 				change: watcher.Change{
 					C:  "settings",
-					Id: st.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+					Id: st.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
 			return changeTestCase{
 				about: "no change if service is not in backing",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID: st.ModelUUID(),
-					Name:      "dummy-service",
+					Name:      "dummy-application",
 					CharmURL:  "local:quantal/quantal-dummy-1",
 				}},
 				change: watcher.Change{
 					C:  "settings",
-					Id: st.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+					Id: st.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 				},
-				expectContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				expectContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID: st.ModelUUID(),
-					Name:      "dummy-service",
+					Name:      "dummy-application",
 					CharmURL:  "local:quantal/quantal-dummy-1",
 				}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			svc := AddTestingService(c, st, "dummy-service", AddTestingCharm(c, st, "dummy"), owner)
+			svc := AddTestingService(c, st, "dummy-application", AddTestingCharm(c, st, "dummy"))
 			setServiceConfigAttr(c, svc, "username", "foo")
 			setServiceConfigAttr(c, svc, "outlook", "foo@bar")
 
 			return changeTestCase{
 				about: "service config is changed if service exists in the store with the same URL",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID: st.ModelUUID(),
-					Name:      "dummy-service",
+					Name:      "dummy-application",
 					CharmURL:  "local:quantal/quantal-dummy-1",
 				}},
 				change: watcher.Change{
 					C:  "settings",
-					Id: st.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+					Id: st.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
-						Name:      "dummy-service",
+						Name:      "dummy-application",
 						CharmURL:  "local:quantal/quantal-dummy-1",
 						Config:    charm.Settings{"username": "foo", "outlook": "foo@bar"},
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			svc := AddTestingService(c, st, "dummy-service", AddTestingCharm(c, st, "dummy"), owner)
+			svc := AddTestingService(c, st, "dummy-application", AddTestingCharm(c, st, "dummy"))
 			setServiceConfigAttr(c, svc, "username", "foo")
 			setServiceConfigAttr(c, svc, "outlook", "foo@bar")
 			setServiceConfigAttr(c, svc, "username", nil)
 
 			return changeTestCase{
 				about: "service config is changed after removing of a setting",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID: st.ModelUUID(),
-					Name:      "dummy-service",
+					Name:      "dummy-application",
 					CharmURL:  "local:quantal/quantal-dummy-1",
 					Config:    charm.Settings{"username": "foo", "outlook": "foo@bar"},
 				}},
 				change: watcher.Change{
 					C:  "settings",
-					Id: st.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+					Id: st.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
-						Name:      "dummy-service",
+						Name:      "dummy-application",
 						CharmURL:  "local:quantal/quantal-dummy-1",
 						Config:    charm.Settings{"outlook": "foo@bar"},
 					}}}
@@ -2125,49 +2153,49 @@
 				c, st, "dummy",
 				"config.yaml", dottedConfig,
 				"quantal", 1)
-			svc := AddTestingService(c, st, "dummy-service", testCharm, owner)
+			svc := AddTestingService(c, st, "dummy-application", testCharm)
 			setServiceConfigAttr(c, svc, "key.dotted", "foo")
 
 			return changeTestCase{
 				about: "service config is unescaped when reading from the backing store",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID: st.ModelUUID(),
-					Name:      "dummy-service",
+					Name:      "dummy-application",
 					CharmURL:  "local:quantal/quantal-dummy-1",
 					Config:    charm.Settings{"key.dotted": "bar"},
 				}},
 				change: watcher.Change{
 					C:  "settings",
-					Id: st.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+					Id: st.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
-						Name:      "dummy-service",
+						Name:      "dummy-application",
 						CharmURL:  "local:quantal/quantal-dummy-1",
 						Config:    charm.Settings{"key.dotted": "foo"},
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			svc := AddTestingService(c, st, "dummy-service", AddTestingCharm(c, st, "dummy"), owner)
+			svc := AddTestingService(c, st, "dummy-application", AddTestingCharm(c, st, "dummy"))
 			setServiceConfigAttr(c, svc, "username", "foo")
 
 			return changeTestCase{
 				about: "service config is unchanged if service exists in the store with a different URL",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID: st.ModelUUID(),
-					Name:      "dummy-service",
+					Name:      "dummy-application",
 					CharmURL:  "local:quantal/quantal-dummy-2", // Note different revno.
 					Config:    charm.Settings{"username": "bar"},
 				}},
 				change: watcher.Change{
 					C:  "settings",
-					Id: st.docID("s#dummy-service#local:quantal/quantal-dummy-1"),
+					Id: st.docID("a#dummy-application#local:quantal/quantal-dummy-1"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
-						Name:      "dummy-service",
+						Name:      "dummy-application",
 						CharmURL:  "local:quantal/quantal-dummy-2",
 						Config:    charm.Settings{"username": "bar"},
 					}}}
@@ -2185,7 +2213,7 @@
 				about: "service config change with no charm url is ignored",
 				change: watcher.Change{
 					C:  "settings",
-					Id: st.docID("s#foo"),
+					Id: st.docID("a#foo"),
 				}}
 		},
 	}
@@ -2199,45 +2227,45 @@
 				about: "no service in state -> do nothing",
 				change: watcher.Change{
 					C:  "constraints",
-					Id: st.docID("s#wordpress"),
+					Id: st.docID("a#wordpress"),
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
 			return changeTestCase{
 				about: "no change if service is not in backing",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID:   st.ModelUUID(),
 					Name:        "wordpress",
 					Constraints: constraints.MustParse("mem=99M"),
 				}},
 				change: watcher.Change{
 					C:  "constraints",
-					Id: st.docID("s#wordpress"),
+					Id: st.docID("a#wordpress"),
 				},
-				expectContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				expectContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID:   st.ModelUUID(),
 					Name:        "wordpress",
 					Constraints: constraints.MustParse("mem=99M"),
 				}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			svc := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			err := svc.SetConstraints(constraints.MustParse("mem=4G arch=amd64"))
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
 				about: "status is changed if the service exists in the store",
-				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ServiceInfo{
+				initialContents: []multiwatcher.EntityInfo{&multiwatcher.ApplicationInfo{
 					ModelUUID:   st.ModelUUID(),
 					Name:        "wordpress",
 					Constraints: constraints.MustParse("mem=99M cpu-cores=2 cpu-power=4"),
 				}},
 				change: watcher.Change{
 					C:  "constraints",
-					Id: st.docID("s#wordpress"),
+					Id: st.docID("a#wordpress"),
 				},
 				expectContents: []multiwatcher.EntityInfo{
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID:   st.ModelUUID(),
 						Name:        "wordpress",
 						Constraints: constraints.MustParse("mem=4G arch=amd64"),
@@ -2273,7 +2301,7 @@
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
 			m, err := st.AddMachine("quantal", JobHostUnits)
@@ -2286,7 +2314,13 @@
 			c.Assert(err, jc.ErrorIsNil)
 			err = u.OpenPorts("tcp", 5555, 5558)
 			c.Assert(err, jc.ErrorIsNil)
-			err = u.SetAgentStatus(status.StatusError, "failure", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusError,
+				Message: "failure",
+				Since:   &now,
+			}
+			err = u.SetAgentStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
@@ -2297,12 +2331,12 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
-						Series:    "quantal",
-						MachineId: "0",
-						Ports: []network.Port{
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
+						Series:      "quantal",
+						MachineId:   "0",
+						Ports: []multiwatcher.Port{
 							{"tcp", 5555},
 							{"tcp", 5556},
 							{"tcp", 5557},
@@ -2310,12 +2344,12 @@
 							{"tcp", 12345},
 							{"udp", 54321},
 						},
-						PortRanges: []network.PortRange{
+						PortRanges: []multiwatcher.PortRange{
 							{5555, 5558, "tcp"},
 							{12345, 12345, "tcp"},
 							{54321, 54321, "udp"},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2328,7 +2362,7 @@
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
 			m, err := st.AddMachine("quantal", JobHostUnits)
@@ -2343,7 +2377,7 @@
 				initialContents: []multiwatcher.EntityInfo{&multiwatcher.UnitInfo{
 					ModelUUID: st.ModelUUID(),
 					Name:      "wordpress/0",
-					JujuStatus: multiwatcher.StatusInfo{
+					AgentStatus: multiwatcher.StatusInfo{
 						Current: "idle",
 						Message: "",
 						Data:    map[string]interface{}{},
@@ -2355,8 +2389,8 @@
 						Data:    map[string]interface{}{},
 						Since:   &now,
 					},
-					Ports:      []network.Port{{"udp", 17070}},
-					PortRanges: []network.PortRange{{17070, 17070, "udp"}},
+					Ports:      []multiwatcher.Port{{"udp", 17070}},
+					PortRanges: []multiwatcher.PortRange{{17070, 17070, "udp"}},
 				}},
 				change: watcher.Change{
 					C:  "units",
@@ -2364,14 +2398,14 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID:  st.ModelUUID(),
-						Name:       "wordpress/0",
-						Service:    "wordpress",
-						Series:     "quantal",
-						MachineId:  "0",
-						Ports:      []network.Port{{"udp", 17070}},
-						PortRanges: []network.PortRange{{17070, 17070, "udp"}},
-						JujuStatus: multiwatcher.StatusInfo{
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
+						Series:      "quantal",
+						MachineId:   "0",
+						Ports:       []multiwatcher.Port{{"udp", 17070}},
+						PortRanges:  []multiwatcher.PortRange{{17070, 17070, "udp"}},
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2384,7 +2418,7 @@
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
 			m, err := st.AddMachine("quantal", JobHostUnits)
@@ -2414,8 +2448,8 @@
 					&multiwatcher.UnitInfo{
 						ModelUUID:  st.ModelUUID(),
 						Name:       "wordpress/0",
-						Ports:      []network.Port{{"tcp", 4242}},
-						PortRanges: []network.PortRange{{4242, 4242, "tcp"}},
+						Ports:      []multiwatcher.Port{{"tcp", 4242}},
+						PortRanges: []multiwatcher.PortRange{{4242, 4242, "tcp"}},
 					},
 					&multiwatcher.MachineInfo{
 						ModelUUID: st.ModelUUID(),
@@ -2424,7 +2458,7 @@
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
 			m, err := st.AddMachine("quantal", JobHostUnits)
@@ -2448,22 +2482,22 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
-						Series:    "quantal",
-						MachineId: "0",
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
+						Series:      "quantal",
+						MachineId:   "0",
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "unknown",
 							Message: "Waiting for agent initialization to finish",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "allocating",
 							Data:    map[string]interface{}{},
 						},
-						Ports:      []network.Port{{"tcp", 21}, {"tcp", 22}},
-						PortRanges: []network.PortRange{{21, 22, "tcp"}},
+						Ports:      []multiwatcher.Port{{"tcp", 21}, {"tcp", 22}},
+						PortRanges: []multiwatcher.PortRange{{21, 22, "tcp"}},
 					},
 					&multiwatcher.MachineInfo{
 						ModelUUID: st.ModelUUID(),
@@ -2472,7 +2506,7 @@
 				}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
 			m, err := st.AddMachine("quantal", JobHostUnits)
@@ -2485,7 +2519,13 @@
 			privateAddress := network.NewScopedAddress("private", network.ScopeCloudLocal)
 			err = m.SetProviderAddresses(publicAddress, privateAddress)
 			c.Assert(err, jc.ErrorIsNil)
-			err = u.SetAgentStatus(status.StatusError, "failure", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusError,
+				Message: "failure",
+				Since:   &now,
+			}
+			err = u.SetAgentStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
@@ -2498,14 +2538,14 @@
 					&multiwatcher.UnitInfo{
 						ModelUUID:      st.ModelUUID(),
 						Name:           "wordpress/0",
-						Service:        "wordpress",
+						Application:    "wordpress",
 						Series:         "quantal",
 						PublicAddress:  "public",
 						PrivateAddress: "private",
 						MachineId:      "0",
-						Ports:          []network.Port{{"tcp", 12345}},
-						PortRanges:     []network.PortRange{{12345, 12345, "tcp"}},
-						JujuStatus: multiwatcher.StatusInfo{
+						Ports:          []multiwatcher.Port{{"tcp", 12345}},
+						PortRanges:     []multiwatcher.PortRange{{12345, 12345, "tcp"}},
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2529,10 +2569,10 @@
 			return changeTestCase{
 				about: "no change if status is not in backing",
 				initialContents: []multiwatcher.EntityInfo{&multiwatcher.UnitInfo{
-					ModelUUID: st.ModelUUID(),
-					Name:      "wordpress/0",
-					Service:   "wordpress",
-					JujuStatus: multiwatcher.StatusInfo{
+					ModelUUID:   st.ModelUUID(),
+					Name:        "wordpress/0",
+					Application: "wordpress",
+					AgentStatus: multiwatcher.StatusInfo{
 						Current: "idle",
 						Message: "",
 						Data:    map[string]interface{}{},
@@ -2551,10 +2591,10 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
-						JujuStatus: multiwatcher.StatusInfo{
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2567,19 +2607,25 @@
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
-			err = u.SetAgentStatus(status.StatusIdle, "", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusIdle,
+				Message: "",
+				Since:   &now,
+			}
+			err = u.SetAgentStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
 				about: "status is changed if the unit exists in the store",
 				initialContents: []multiwatcher.EntityInfo{&multiwatcher.UnitInfo{
-					ModelUUID: st.ModelUUID(),
-					Name:      "wordpress/0",
-					Service:   "wordpress",
-					JujuStatus: multiwatcher.StatusInfo{
+					ModelUUID:   st.ModelUUID(),
+					Name:        "wordpress/0",
+					Application: "wordpress",
+					AgentStatus: multiwatcher.StatusInfo{
 						Current: "idle",
 						Message: "",
 						Data:    map[string]interface{}{},
@@ -2598,15 +2644,15 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "maintenance",
 							Message: "working",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2614,21 +2660,32 @@
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
-			err = u.SetAgentStatus(status.StatusIdle, "", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusIdle,
+				Message: "",
+				Since:   &now,
+			}
+			err = u.SetAgentStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
-			err = u.SetStatus(status.StatusMaintenance, "doing work", nil)
+			sInfo = status.StatusInfo{
+				Status:  status.StatusMaintenance,
+				Message: "doing work",
+				Since:   &now,
+			}
+			err = u.SetStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
 				about: "unit status is changed if the agent comes off error state",
 				initialContents: []multiwatcher.EntityInfo{&multiwatcher.UnitInfo{
-					ModelUUID: st.ModelUUID(),
-					Name:      "wordpress/0",
-					Service:   "wordpress",
-					JujuStatus: multiwatcher.StatusInfo{
+					ModelUUID:   st.ModelUUID(),
+					Name:        "wordpress/0",
+					Application: "wordpress",
+					AgentStatus: multiwatcher.StatusInfo{
 						Current: "idle",
 						Message: "",
 						Data:    map[string]interface{}{},
@@ -2647,15 +2704,15 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "maintenance",
 							Message: "doing work",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2663,23 +2720,30 @@
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
-			err = u.SetAgentStatus(status.StatusError, "hook error", map[string]interface{}{
-				"1st-key": "one",
-				"2nd-key": 2,
-				"3rd-key": true,
-			})
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusError,
+				Message: "hook error",
+				Data: map[string]interface{}{
+					"1st-key": "one",
+					"2nd-key": 2,
+					"3rd-key": true,
+				},
+				Since: &now,
+			}
+			err = u.SetAgentStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
 				about: "status is changed with additional status data",
 				initialContents: []multiwatcher.EntityInfo{&multiwatcher.UnitInfo{
-					ModelUUID: st.ModelUUID(),
-					Name:      "wordpress/0",
-					Service:   "wordpress",
-					JujuStatus: multiwatcher.StatusInfo{
+					ModelUUID:   st.ModelUUID(),
+					Name:        "wordpress/0",
+					Application: "wordpress",
+					AgentStatus: multiwatcher.StatusInfo{
 						Current: "idle",
 						Message: "",
 						Data:    map[string]interface{}{},
@@ -2696,9 +2760,9 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "error",
 							Message: "hook error",
@@ -2708,7 +2772,7 @@
 								"3rd-key": true,
 							},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2716,20 +2780,26 @@
 					}}}
 		},
 		func(c *gc.C, st *State) changeTestCase {
-			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+			wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 			u, err := wordpress.AddUnit()
 			c.Assert(err, jc.ErrorIsNil)
-			err = u.SetStatus(status.StatusActive, "", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusActive,
+				Message: "",
+				Since:   &now,
+			}
+			err = u.SetStatus(sInfo)
 			c.Assert(err, jc.ErrorIsNil)
 
 			return changeTestCase{
 				about: "service status is changed if the unit status changes",
 				initialContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
-						JujuStatus: multiwatcher.StatusInfo{
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2742,7 +2812,7 @@
 							Since:   &now,
 						},
 					},
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
 						Name:      "wordpress",
 						Status: multiwatcher.StatusInfo{
@@ -2759,21 +2829,21 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID: st.ModelUUID(),
-						Name:      "wordpress/0",
-						Service:   "wordpress",
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "active",
 							Message: "",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "idle",
 							Message: "",
 							Data:    map[string]interface{}{},
 						},
 					},
-					&multiwatcher.ServiceInfo{
+					&multiwatcher.ApplicationInfo{
 						ModelUUID: st.ModelUUID(),
 						Name:      "wordpress",
 						Status: multiwatcher.StatusInfo{
@@ -2800,7 +2870,7 @@
 
 func testChangeUnitsNonNilPorts(c *gc.C, owner names.UserTag, runChangeTests func(*gc.C, []changeTestFunc)) {
 	initEnv := func(c *gc.C, st *State, flag initFlag) {
-		wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"), owner)
+		wordpress := AddTestingService(c, st, "wordpress", AddTestingCharm(c, st, "wordpress"))
 		u, err := wordpress.AddUnit()
 		c.Assert(err, jc.ErrorIsNil)
 		m, err := st.AddMachine("quantal", JobHostUnits)
@@ -2842,19 +2912,19 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID:  st.ModelUUID(),
-						Name:       "wordpress/0",
-						Service:    "wordpress",
-						Series:     "quantal",
-						MachineId:  "0",
-						Ports:      []network.Port{},
-						PortRanges: []network.PortRange{},
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
+						Series:      "quantal",
+						MachineId:   "0",
+						Ports:       []multiwatcher.Port{},
+						PortRanges:  []multiwatcher.PortRange{},
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "unknown",
 							Message: "Waiting for agent initialization to finish",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "allocating",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2874,19 +2944,19 @@
 					&multiwatcher.UnitInfo{
 						ModelUUID:      st.ModelUUID(),
 						Name:           "wordpress/0",
-						Service:        "wordpress",
+						Application:    "wordpress",
 						Series:         "quantal",
 						MachineId:      "0",
 						PublicAddress:  "1.2.3.4",
 						PrivateAddress: "4.3.2.1",
-						Ports:          []network.Port{{"tcp", 12345}},
-						PortRanges:     []network.PortRange{{12345, 12345, "tcp"}},
+						Ports:          []multiwatcher.Port{{"tcp", 12345}},
+						PortRanges:     []multiwatcher.PortRange{{12345, 12345, "tcp"}},
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "unknown",
 							Message: "Waiting for agent initialization to finish",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "allocating",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2906,19 +2976,19 @@
 					&multiwatcher.UnitInfo{
 						ModelUUID:      st.ModelUUID(),
 						Name:           "wordpress/0",
-						Service:        "wordpress",
+						Application:    "wordpress",
 						Series:         "quantal",
 						MachineId:      "0",
 						PublicAddress:  "1.2.3.4",
 						PrivateAddress: "4.3.2.1",
-						Ports:          []network.Port{},
-						PortRanges:     []network.PortRange{},
+						Ports:          []multiwatcher.Port{},
+						PortRanges:     []multiwatcher.PortRange{},
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "unknown",
 							Message: "Waiting for agent initialization to finish",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "allocating",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2936,18 +3006,18 @@
 				},
 				expectContents: []multiwatcher.EntityInfo{
 					&multiwatcher.UnitInfo{
-						ModelUUID:  st.ModelUUID(),
-						Name:       "wordpress/0",
-						Service:    "wordpress",
-						Series:     "quantal",
-						Ports:      []network.Port{},
-						PortRanges: []network.PortRange{},
+						ModelUUID:   st.ModelUUID(),
+						Name:        "wordpress/0",
+						Application: "wordpress",
+						Series:      "quantal",
+						Ports:       []multiwatcher.Port{},
+						PortRanges:  []multiwatcher.PortRange{},
 						WorkloadStatus: multiwatcher.StatusInfo{
 							Current: "unknown",
 							Message: "Waiting for agent initialization to finish",
 							Data:    map[string]interface{}{},
 						},
-						JujuStatus: multiwatcher.StatusInfo{
+						AgentStatus: multiwatcher.StatusInfo{
 							Current: "allocating",
 							Message: "",
 							Data:    map[string]interface{}{},
@@ -2987,10 +3057,11 @@
 		deltas: make(chan []multiwatcher.Delta),
 	}
 	go func() {
+		defer close(tw.deltas)
 		for {
 			deltas, err := tw.w.Next()
 			if err != nil {
-				break
+				return
 			}
 			tw.deltas <- deltas
 		}
@@ -2998,31 +3069,6 @@
 	return tw
 }
 
-func (tw *testWatcher) Next(timeout time.Duration) []multiwatcher.Delta {
-	select {
-	case d := <-tw.deltas:
-		return d
-	case <-time.After(timeout):
-		return nil
-	}
-}
-
-func (tw *testWatcher) NumDeltas() int {
-	count := 0
-	tw.st.StartSync()
-	for {
-		// TODO(mjs) - this is somewhat fragile. There are no
-		// guarentees that the watcher will be able to return deltas
-		// in ShortWait time.
-		deltas := tw.Next(testing.ShortWait)
-		if len(deltas) == 0 {
-			break
-		}
-		count += len(deltas)
-	}
-	return count
-}
-
 func (tw *testWatcher) All(expectedCount int) []multiwatcher.Delta {
 	var allDeltas []multiwatcher.Delta
 	tw.st.StartSync()
@@ -3034,23 +3080,20 @@
 		maxDuration = testing.ShortWait
 	}
 
-	now := time.Now()
-	maxTime := now.Add(maxDuration)
+done:
 	for {
-		remaining := maxTime.Sub(now)
-		if remaining < time.Duration(0) {
-			break // timed out
-		}
-
-		deltas := tw.Next(remaining)
-		if len(deltas) > 0 {
-			allDeltas = append(allDeltas, deltas...)
-			if len(allDeltas) >= expectedCount {
-				break
+		select {
+		case deltas := <-tw.deltas:
+			if len(deltas) > 0 {
+				allDeltas = append(allDeltas, deltas...)
+				if len(allDeltas) >= expectedCount {
+					break done
+				}
 			}
+		case <-time.After(maxDuration):
+			// timed out
+			break done
 		}
-
-		now = time.Now()
 	}
 	return allDeltas
 }
@@ -3061,12 +3104,35 @@
 	tw.c.Assert(tw.b.Release(), jc.ErrorIsNil)
 }
 
-func (tw *testWatcher) AssertNoChange() {
-	tw.c.Assert(tw.NumDeltas(), gc.Equals, 0)
+func (tw *testWatcher) AssertNoChange(c *gc.C) {
+	tw.st.StartSync()
+	select {
+	case d := <-tw.deltas:
+		if len(d) > 0 {
+			c.Error("change detected")
+		}
+	case <-time.After(testing.ShortWait):
+		// expected
+	}
 }
 
-func (tw *testWatcher) AssertChanges() {
-	tw.c.Assert(tw.NumDeltas(), jc.GreaterThan, 0)
+func (tw *testWatcher) AssertChanges(c *gc.C) {
+	var count int
+	tw.st.StartSync()
+done:
+	for {
+		select {
+		case d := <-tw.deltas:
+			if len(d) == 0 {
+				break done
+			}
+			count += len(d)
+		case <-time.After(testing.LongWait):
+			// no change detected
+			break done
+		}
+	}
+	c.Assert(count, jc.GreaterThan, 0)
 }
 
 type entityInfoSlice []multiwatcher.EntityInfo
@@ -3158,7 +3224,6 @@
 			g := got[i]
 			w := want[i]
 			if !jcDeepEqualsCheck(c, g, w) {
-				firstDiffError += "\n"
 				firstDiffError += fmt.Sprintf("first difference at position %d\n", i)
 				firstDiffError += "got:\n"
 				firstDiffError += fmt.Sprintf("  %T %#v\n", g, g)
@@ -3171,8 +3236,3 @@
 	}
 	c.FailNow()
 }
-
-func deepEqual(c *gc.C, got, want interface{}) bool {
-	same, err := jc.DeepEqual(got, want)
-	return err == nil && same
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/annotations.go juju-core-2.0~beta12/src/github.com/juju/juju/state/annotations.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/annotations.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/annotations.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -112,11 +112,11 @@
 
 	switch tag := tag.(type) {
 	case names.ModelTag:
-		env, err := st.GetModel(tag)
+		model, err := st.GetModel(tag)
 		if err != nil {
 			return nil, errors.Annotatef(err, "inserting annotations")
 		}
-		if env.UUID() == env.ControllerUUID() {
+		if model.UUID() == model.ControllerUUID() {
 			// This is the controller model, and cannot be removed.
 			// Ergo, we can skip the existence check below.
 			return ops, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/annotations_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/annotations_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/annotations_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/annotations_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing"
@@ -179,7 +179,7 @@
 		"uuid": uuid.String(),
 	})
 	owner := names.NewUserTag("test@remote")
-	env, st, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: owner})
+	env, st, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
 	c.Assert(err, jc.ErrorIsNil)
 	return env, st
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/application.go juju-core-2.0~beta12/src/github.com/juju/juju/state/application.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/application.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/application.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,1678 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	stderrors "errors"
+	"fmt"
+	"sort"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/juju/errors"
+	jujutxn "github.com/juju/txn"
+	"github.com/juju/utils/series"
+	"gopkg.in/juju/charm.v6-unstable"
+	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/core/leadership"
+	"github.com/juju/juju/status"
+)
+
+// Application represents the state of an application.
+type Application struct {
+	st  *State
+	doc applicationDoc
+}
+
+// serviceDoc represents the internal state of an application in MongoDB.
+// Note the correspondence with ApplicationInfo in apiserver.
+type applicationDoc struct {
+	DocID                string     `bson:"_id"`
+	Name                 string     `bson:"name"`
+	ModelUUID            string     `bson:"model-uuid"`
+	Series               string     `bson:"series"`
+	Subordinate          bool       `bson:"subordinate"`
+	CharmURL             *charm.URL `bson:"charmurl"`
+	Channel              string     `bson:"cs-channel"`
+	CharmModifiedVersion int        `bson:"charmmodifiedversion"`
+	ForceCharm           bool       `bson:"forcecharm"`
+	Life                 Life       `bson:"life"`
+	UnitCount            int        `bson:"unitcount"`
+	RelationCount        int        `bson:"relationcount"`
+	Exposed              bool       `bson:"exposed"`
+	MinUnits             int        `bson:"minunits"`
+	TxnRevno             int64      `bson:"txn-revno"`
+	MetricCredentials    []byte     `bson:"metric-credentials"`
+}
+
+func newApplication(st *State, doc *applicationDoc) *Application {
+	svc := &Application{
+		st:  st,
+		doc: *doc,
+	}
+	return svc
+}
+
+// Name returns the application name.
+func (s *Application) Name() string {
+	return s.doc.Name
+}
+
+// Tag returns a name identifying the service.
+// The returned name will be different from other Tag values returned by any
+// other entities from the same state.
+func (s *Application) Tag() names.Tag {
+	return s.ApplicationTag()
+}
+
+// ApplicationTag returns the more specific ApplicationTag rather than the generic
+// Tag.
+func (s *Application) ApplicationTag() names.ApplicationTag {
+	return names.NewApplicationTag(s.Name())
+}
+
+// applicationGlobalKey returns the global database key for the application
+// with the given name.
+func applicationGlobalKey(svcName string) string {
+	return "a#" + svcName
+}
+
+// globalKey returns the global database key for the application.
+func (s *Application) globalKey() string {
+	return applicationGlobalKey(s.doc.Name)
+}
+
+func applicationSettingsKey(applicationname string, curl *charm.URL) string {
+	return fmt.Sprintf("a#%s#%s", applicationname, curl)
+}
+
+// settingsKey returns the charm-version-specific settings collection
+// key for the application.
+func (s *Application) settingsKey() string {
+	return applicationSettingsKey(s.doc.Name, s.doc.CharmURL)
+}
+
+// Series returns the specified series for this charm.
+func (s *Application) Series() string {
+	return s.doc.Series
+}
+
+// Life returns whether the application is Alive, Dying or Dead.
+func (s *Application) Life() Life {
+	return s.doc.Life
+}
+
+var errRefresh = stderrors.New("state seems inconsistent, refresh and try again")
+
+// Destroy ensures that the application and all its relations will be removed at
+// some point; if the application has no units, and no relation involving the
+// application has any units in scope, they are all removed immediately.
+func (s *Application) Destroy() (err error) {
+	defer errors.DeferredAnnotatef(&err, "cannot destroy application %q", s)
+	defer func() {
+		if err == nil {
+			// This is a white lie; the document might actually be removed.
+			s.doc.Life = Dying
+		}
+	}()
+	svc := &Application{st: s.st, doc: s.doc}
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		if attempt > 0 {
+			if err := svc.Refresh(); errors.IsNotFound(err) {
+				return nil, jujutxn.ErrNoOperations
+			} else if err != nil {
+				return nil, err
+			}
+		}
+		switch ops, err := svc.destroyOps(); err {
+		case errRefresh:
+		case errAlreadyDying:
+			return nil, jujutxn.ErrNoOperations
+		case nil:
+			return ops, nil
+		default:
+			return nil, err
+		}
+		return nil, jujutxn.ErrTransientFailure
+	}
+	return s.st.run(buildTxn)
+}
+
+// destroyOps returns the operations required to destroy the service. If it
+// returns errRefresh, the application should be refreshed and the destruction
+// operations recalculated.
+func (s *Application) destroyOps() ([]txn.Op, error) {
+	if s.doc.Life == Dying {
+		return nil, errAlreadyDying
+	}
+	rels, err := s.Relations()
+	if err != nil {
+		return nil, err
+	}
+	if len(rels) != s.doc.RelationCount {
+		// This is just an early bail out. The relations obtained may still
+		// be wrong, but that situation will be caught by a combination of
+		// asserts on relationcount and on each known relation, below.
+		return nil, errRefresh
+	}
+	ops := []txn.Op{minUnitsRemoveOp(s.st, s.doc.Name)}
+	removeCount := 0
+	for _, rel := range rels {
+		relOps, isRemove, err := rel.destroyOps(s.doc.Name)
+		if err == errAlreadyDying {
+			relOps = []txn.Op{{
+				C:      relationsC,
+				Id:     rel.doc.DocID,
+				Assert: bson.D{{"life", Dying}},
+			}}
+		} else if err != nil {
+			return nil, err
+		}
+		if isRemove {
+			removeCount++
+		}
+		ops = append(ops, relOps...)
+	}
+	// TODO(ericsnow) Use a generic registry instead.
+	resOps, err := removeResourcesOps(s.st, s.doc.Name)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	ops = append(ops, resOps...)
+	// If the application has no units, and all its known relations will be
+	// removed, the application can also be removed.
+	if s.doc.UnitCount == 0 && s.doc.RelationCount == removeCount {
+		hasLastRefs := bson.D{{"life", Alive}, {"unitcount", 0}, {"relationcount", removeCount}}
+		return append(ops, s.removeOps(hasLastRefs)...), nil
+	}
+	// In all other cases, application removal will be handled as a consequence
+	// of the removal of the last unit or relation referencing it. If any
+	// relations have been removed, they'll be caught by the operations
+	// collected above; but if any has been added, we need to abort and add
+	// a destroy op for that relation too. In combination, it's enough to
+	// check for count equality: an add/remove will not touch the count, but
+	// will be caught by virtue of being a remove.
+	notLastRefs := bson.D{
+		{"life", Alive},
+		{"relationcount", s.doc.RelationCount},
+	}
+	// With respect to unit count, a changing value doesn't matter, so long
+	// as the count's equality with zero does not change, because all we care
+	// about is that *some* unit is, or is not, keeping the application from
+	// being removed: the difference between 1 unit and 1000 is irrelevant.
+	if s.doc.UnitCount > 0 {
+		ops = append(ops, s.st.newCleanupOp(cleanupUnitsForDyingService, s.doc.Name))
+		notLastRefs = append(notLastRefs, bson.D{{"unitcount", bson.D{{"$gt", 0}}}}...)
+	} else {
+		notLastRefs = append(notLastRefs, bson.D{{"unitcount", 0}}...)
+	}
+	update := bson.D{{"$set", bson.D{{"life", Dying}}}}
+	if removeCount != 0 {
+		decref := bson.D{{"$inc", bson.D{{"relationcount", -removeCount}}}}
+		update = append(update, decref...)
+	}
+	return append(ops, txn.Op{
+		C:      applicationsC,
+		Id:     s.doc.DocID,
+		Assert: notLastRefs,
+		Update: update,
+	}), nil
+}
+
+func removeResourcesOps(st *State, serviceID string) ([]txn.Op, error) {
+	persist, err := st.ResourcesPersistence()
+	if errors.IsNotSupported(err) {
+		// Nothing to see here, move along.
+		return nil, nil
+	}
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	ops, err := persist.NewRemoveResourcesOps(serviceID)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return ops, nil
+}
+
+// removeOps returns the operations required to remove the service. Supplied
+// asserts will be included in the operation on the application document.
+func (s *Application) removeOps(asserts bson.D) []txn.Op {
+	settingsDocID := s.st.docID(s.settingsKey())
+	ops := []txn.Op{
+		{
+			C:      applicationsC,
+			Id:     s.doc.DocID,
+			Assert: asserts,
+			Remove: true,
+		}, {
+			C:      settingsrefsC,
+			Id:     settingsDocID,
+			Remove: true,
+		}, {
+			C:      settingsC,
+			Id:     settingsDocID,
+			Remove: true,
+		},
+		removeEndpointBindingsOp(s.globalKey()),
+		removeStorageConstraintsOp(s.globalKey()),
+		removeConstraintsOp(s.st, s.globalKey()),
+		annotationRemoveOp(s.st, s.globalKey()),
+		removeLeadershipSettingsOp(s.Name()),
+		removeStatusOp(s.st, s.globalKey()),
+		removeModelServiceRefOp(s.st, s.Name()),
+	}
+	// For local charms, we also delete the charm itself since the
+	// charm is associated 1:1 with the service. Each different deploy
+	// of a local charm creates a new copy with a different revision.
+	if s.doc.CharmURL.Schema == "local" {
+		ops = append(ops, s.st.newCleanupOp(cleanupCharmForDyingService, s.doc.CharmURL.String()))
+	}
+	return ops
+}
+
+// IsExposed returns whether this application is exposed. The explicitly open
+// ports (with open-port) for exposed services may be accessed from machines
+// outside of the local deployment network. See SetExposed and ClearExposed.
+func (s *Application) IsExposed() bool {
+	return s.doc.Exposed
+}
+
+// SetExposed marks the application as exposed.
+// See ClearExposed and IsExposed.
+func (s *Application) SetExposed() error {
+	return s.setExposed(true)
+}
+
+// ClearExposed removes the exposed flag from the service.
+// See SetExposed and IsExposed.
+func (s *Application) ClearExposed() error {
+	return s.setExposed(false)
+}
+
+func (s *Application) setExposed(exposed bool) (err error) {
+	ops := []txn.Op{{
+		C:      applicationsC,
+		Id:     s.doc.DocID,
+		Assert: isAliveDoc,
+		Update: bson.D{{"$set", bson.D{{"exposed", exposed}}}},
+	}}
+	if err := s.st.runTransaction(ops); err != nil {
+		return fmt.Errorf("cannot set exposed flag for application %q to %v: %v", s, exposed, onAbort(err, errNotAlive))
+	}
+	s.doc.Exposed = exposed
+	return nil
+}
+
+// Charm returns the service's charm and whether units should upgrade to that
+// charm even if they are in an error state.
+func (s *Application) Charm() (ch *Charm, force bool, err error) {
+	// We don't worry about the channel since we aren't interacting
+	// with the charm store here.
+	ch, err = s.st.Charm(s.doc.CharmURL)
+	if err != nil {
+		return nil, false, err
+	}
+	return ch, s.doc.ForceCharm, nil
+}
+
+// IsPrincipal returns whether units of the application can
+// have subordinate units.
+func (s *Application) IsPrincipal() bool {
+	return !s.doc.Subordinate
+}
+
+// CharmModifiedVersion increases whenever the service's charm is changed in any
+// way.
+func (s *Application) CharmModifiedVersion() int {
+	return s.doc.CharmModifiedVersion
+}
+
+// CharmURL returns the service's charm URL, and whether units should upgrade
+// to the charm with that URL even if they are in an error state.
+func (s *Application) CharmURL() (curl *charm.URL, force bool) {
+	return s.doc.CharmURL, s.doc.ForceCharm
+}
+
+// Channel identifies the charm store channel from which the service's
+// charm was deployed. It is only needed when interacting with the charm
+// store.
+func (s *Application) Channel() csparams.Channel {
+	return csparams.Channel(s.doc.Channel)
+}
+
+// Endpoints returns the service's currently available relation endpoints.
+func (s *Application) Endpoints() (eps []Endpoint, err error) {
+	ch, _, err := s.Charm()
+	if err != nil {
+		return nil, err
+	}
+	collect := func(role charm.RelationRole, rels map[string]charm.Relation) {
+		for _, rel := range rels {
+			eps = append(eps, Endpoint{
+				ApplicationName: s.doc.Name,
+				Relation:        rel,
+			})
+		}
+	}
+	meta := ch.Meta()
+	collect(charm.RolePeer, meta.Peers)
+	collect(charm.RoleProvider, meta.Provides)
+	collect(charm.RoleRequirer, meta.Requires)
+	collect(charm.RoleProvider, map[string]charm.Relation{
+		"juju-info": {
+			Name:      "juju-info",
+			Role:      charm.RoleProvider,
+			Interface: "juju-info",
+			Scope:     charm.ScopeGlobal,
+		},
+	})
+	sort.Sort(epSlice(eps))
+	return eps, nil
+}
+
+// Endpoint returns the relation endpoint with the supplied name, if it exists.
+func (s *Application) Endpoint(relationName string) (Endpoint, error) {
+	eps, err := s.Endpoints()
+	if err != nil {
+		return Endpoint{}, err
+	}
+	for _, ep := range eps {
+		if ep.Name == relationName {
+			return ep, nil
+		}
+	}
+	return Endpoint{}, fmt.Errorf("application %q has no %q relation", s, relationName)
+}
+
+// extraPeerRelations returns only the peer relations in newMeta not
+// present in the service's current charm meta data.
+func (s *Application) extraPeerRelations(newMeta *charm.Meta) map[string]charm.Relation {
+	if newMeta == nil {
+		// This should never happen, since we're checking the charm in SetCharm already.
+		panic("newMeta is nil")
+	}
+	ch, _, err := s.Charm()
+	if err != nil {
+		return nil
+	}
+	newPeers := newMeta.Peers
+	oldPeers := ch.Meta().Peers
+	extraPeers := make(map[string]charm.Relation)
+	for relName, rel := range newPeers {
+		if _, ok := oldPeers[relName]; !ok {
+			extraPeers[relName] = rel
+		}
+	}
+	return extraPeers
+}
+
+func (s *Application) checkRelationsOps(ch *Charm, relations []*Relation) ([]txn.Op, error) {
+	asserts := make([]txn.Op, 0, len(relations))
+	// All relations must still exist and their endpoints are implemented by the charm.
+	for _, rel := range relations {
+		if ep, err := rel.Endpoint(s.doc.Name); err != nil {
+			return nil, err
+		} else if !ep.ImplementedBy(ch) {
+			return nil, fmt.Errorf("cannot upgrade application %q to charm %q: would break relation %q", s, ch, rel)
+		}
+		asserts = append(asserts, txn.Op{
+			C:      relationsC,
+			Id:     rel.doc.DocID,
+			Assert: txn.DocExists,
+		})
+	}
+	return asserts, nil
+}
+
+func (s *Application) checkStorageUpgrade(newMeta *charm.Meta) (err error) {
+	defer errors.DeferredAnnotatef(&err, "cannot upgrade application %q to charm %q", s, newMeta.Name)
+	ch, _, err := s.Charm()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	oldMeta := ch.Meta()
+	for name := range oldMeta.Storage {
+		if _, ok := newMeta.Storage[name]; !ok {
+			return errors.Errorf("storage %q removed", name)
+		}
+	}
+	less := func(a, b int) bool {
+		return a != -1 && (b == -1 || a < b)
+	}
+	for name, newStorageMeta := range newMeta.Storage {
+		oldStorageMeta, ok := oldMeta.Storage[name]
+		if !ok {
+			if newStorageMeta.CountMin > 0 {
+				return errors.Errorf("required storage %q added", name)
+			}
+			// New storage is fine as long as it is not required.
+			//
+			// TODO(axw) introduce a way of adding storage at
+			// upgrade time. We should also look at supplying
+			// a way of adding/changing other things during
+			// upgrade, e.g. changing application config.
+			continue
+		}
+		if newStorageMeta.Type != oldStorageMeta.Type {
+			return errors.Errorf(
+				"existing storage %q type changed from %q to %q",
+				name, oldStorageMeta.Type, newStorageMeta.Type,
+			)
+		}
+		if newStorageMeta.Shared != oldStorageMeta.Shared {
+			return errors.Errorf(
+				"existing storage %q shared changed from %v to %v",
+				name, oldStorageMeta.Shared, newStorageMeta.Shared,
+			)
+		}
+		if newStorageMeta.ReadOnly != oldStorageMeta.ReadOnly {
+			return errors.Errorf(
+				"existing storage %q read-only changed from %v to %v",
+				name, oldStorageMeta.ReadOnly, newStorageMeta.ReadOnly,
+			)
+		}
+		if newStorageMeta.Location != oldStorageMeta.Location {
+			return errors.Errorf(
+				"existing storage %q location changed from %q to %q",
+				name, oldStorageMeta.Location, newStorageMeta.Location,
+			)
+		}
+		if newStorageMeta.CountMin > oldStorageMeta.CountMin {
+			return errors.Errorf(
+				"existing storage %q range contracted: min increased from %d to %d",
+				name, oldStorageMeta.CountMin, newStorageMeta.CountMin,
+			)
+		}
+		if less(newStorageMeta.CountMax, oldStorageMeta.CountMax) {
+			var oldCountMax interface{} = oldStorageMeta.CountMax
+			if oldStorageMeta.CountMax == -1 {
+				oldCountMax = "<unbounded>"
+			}
+			return errors.Errorf(
+				"existing storage %q range contracted: max decreased from %v to %d",
+				name, oldCountMax, newStorageMeta.CountMax,
+			)
+		}
+		if oldStorageMeta.Location != "" && oldStorageMeta.CountMax == 1 && newStorageMeta.CountMax != 1 {
+			// If a location is specified, the store may not go
+			// from being a singleton to multiple, since then the
+			// location has a different meaning.
+			return errors.Errorf(
+				"existing storage %q with location changed from singleton to multiple",
+				name,
+			)
+		}
+	}
+	return nil
+}
+
+// changeCharmOps returns the operations necessary to set a service's
+// charm URL to a new value.
+func (s *Application) changeCharmOps(ch *Charm, channel string, forceUnits bool, resourceIDs map[string]string) ([]txn.Op, error) {
+	// Build the new application config from what can be used of the old one.
+	var newSettings charm.Settings
+	oldSettings, err := readSettings(s.st, settingsC, s.settingsKey())
+	if err == nil {
+		// Filter the old settings through to get the new settings.
+		newSettings = ch.Config().FilterSettings(oldSettings.Map())
+	} else if errors.IsNotFound(err) {
+		// No old settings, start with empty new settings.
+		newSettings = make(charm.Settings)
+	} else {
+		return nil, errors.Trace(err)
+	}
+
+	// Create or replace application settings.
+	var settingsOp txn.Op
+	newKey := applicationSettingsKey(s.doc.Name, ch.URL())
+	if _, err := readSettings(s.st, settingsC, newKey); errors.IsNotFound(err) {
+		// No settings for this key yet, create it.
+		settingsOp = createSettingsOp(settingsC, newKey, newSettings)
+	} else if err != nil {
+		return nil, errors.Trace(err)
+	} else {
+		// Settings exist, just replace them with the new ones.
+		settingsOp, _, err = replaceSettingsOp(s.st, settingsC, newKey, newSettings)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+	}
+
+	// Add or create a reference to the new settings doc.
+	incOp, err := settingsIncRefOp(s.st, s.doc.Name, ch.URL(), true)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	var decOps []txn.Op
+	// Drop the reference to the old settings doc (if they exist).
+	if oldSettings != nil {
+		decOps, err = settingsDecRefOps(s.st, s.doc.Name, s.doc.CharmURL) // current charm
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+	}
+
+	// Build the transaction.
+	var ops []txn.Op
+	differentCharm := bson.D{{"charmurl", bson.D{{"$ne", ch.URL()}}}}
+	if oldSettings != nil {
+		// Old settings shouldn't change (when they exist).
+		ops = append(ops, oldSettings.assertUnchangedOp())
+	}
+	ops = append(ops, []txn.Op{
+		// Create or replace new settings.
+		settingsOp,
+		// Increment the ref count.
+		incOp,
+		// Update the charm URL and force flag (if relevant).
+		{
+			C:      applicationsC,
+			Id:     s.doc.DocID,
+			Assert: append(notDeadDoc, differentCharm...),
+			Update: bson.D{{"$set", bson.D{
+				{"charmurl", ch.URL()},
+				{"cs-channel", channel},
+				{"forcecharm", forceUnits},
+			}}},
+		},
+	}...)
+
+	ops = append(ops, incCharmModifiedVersionOps(s.doc.DocID)...)
+
+	// Add any extra peer relations that need creation.
+	newPeers := s.extraPeerRelations(ch.Meta())
+	peerOps, err := s.st.addPeerRelationsOps(s.doc.Name, newPeers)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	if len(resourceIDs) > 0 {
+		// Collect pending resource resolution operations.
+		resOps, err := s.resolveResourceOps(resourceIDs)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		ops = append(ops, resOps...)
+	}
+
+	// Get all relations - we need to check them later.
+	relations, err := s.Relations()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	// Make sure the relation count does not change.
+	sameRelCount := bson.D{{"relationcount", len(relations)}}
+
+	ops = append(ops, peerOps...)
+	// Update the relation count as well.
+	ops = append(ops, txn.Op{
+		C:      applicationsC,
+		Id:     s.doc.DocID,
+		Assert: append(notDeadDoc, sameRelCount...),
+		Update: bson.D{{"$inc", bson.D{{"relationcount", len(newPeers)}}}},
+	})
+	// Check relations to ensure no active relations are removed.
+	relOps, err := s.checkRelationsOps(ch, relations)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	ops = append(ops, relOps...)
+
+	// Update any existing endpoint bindings, using defaults for new endpoints.
+	//
+	// TODO(dimitern): Once upgrade-charm accepts --bind like deploy, pass the
+	// given bindings below, instead of nil.
+	endpointBindingsOp, err := updateEndpointBindingsOp(s.st, s.globalKey(), nil, ch.Meta())
+	if err == nil {
+		ops = append(ops, endpointBindingsOp)
+	} else if !errors.IsNotFound(err) && err != jujutxn.ErrNoOperations {
+		// If endpoint bindings do not exist this most likely means the service
+		// itself no longer exists, which will be caught soon enough anyway.
+		// ErrNoOperations on the other hand means there's nothing to update.
+		return nil, errors.Trace(err)
+	}
+
+	// Check storage to ensure no storage is removed, and no required
+	// storage is added for which there are no constraints.
+	if err := s.checkStorageUpgrade(ch.Meta()); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	// And finally, decrement the old settings.
+	return append(ops, decOps...), nil
+}
+
+// incCharmModifiedVersionOps returns the operations necessary to increment
+// the CharmModifiedVersion field for the given service.
+func incCharmModifiedVersionOps(serviceID string) []txn.Op {
+	return []txn.Op{{
+		C:      applicationsC,
+		Id:     serviceID,
+		Assert: txn.DocExists,
+		Update: bson.D{{"$inc", bson.D{{"charmmodifiedversion", 1}}}},
+	}}
+}
+
+func (s *Application) resolveResourceOps(resourceIDs map[string]string) ([]txn.Op, error) {
+	// Collect pending resource resolution operations.
+	resources, err := s.st.Resources()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return resources.NewResolvePendingResourcesOps(s.doc.Name, resourceIDs)
+}
+
+// SetCharmConfig sets the charm for the application.
+type SetCharmConfig struct {
+	// Charm is the new charm to use for the application.
+	Charm *Charm
+	// Channel is the charm store channel from which charm was pulled.
+	Channel csparams.Channel
+	// ForceUnits forces the upgrade on units in an error state.
+	ForceUnits bool `json:"forceunits"`
+	// ForceSeries forces the use of the charm even if it doesn't match the
+	// series of the unit.
+	ForceSeries bool `json:"forceseries"`
+	// ResourceIDs is a map of resource names to resource IDs to activate during
+	// the upgrade.
+	ResourceIDs map[string]string `json:"resourceids"`
+}
+
+// SetCharm changes the charm for the application. New units will be started with
+// this charm, and existing units will be upgraded to use it.
+// If forceUnits is true, units will be upgraded even if they are in an error state.
+// If forceSeries is true, the charm will be used even if it's the service's series
+// is not supported by the charm.
+func (s *Application) SetCharm(cfg SetCharmConfig) error {
+	if cfg.Charm.Meta().Subordinate != s.doc.Subordinate {
+		return errors.Errorf("cannot change a service's subordinacy")
+	}
+	// For old style charms written for only one series, we still retain
+	// this check. Newer charms written for multi-series have a URL
+	// with series = "".
+	if cfg.Charm.URL().Series != "" {
+		if cfg.Charm.URL().Series != s.doc.Series {
+			return errors.Errorf("cannot change a service's series")
+		}
+	} else if !cfg.ForceSeries {
+		supported := false
+		for _, series := range cfg.Charm.Meta().Series {
+			if series == s.doc.Series {
+				supported = true
+				break
+			}
+		}
+		if !supported {
+			supportedSeries := "no series"
+			if len(cfg.Charm.Meta().Series) > 0 {
+				supportedSeries = strings.Join(cfg.Charm.Meta().Series, ", ")
+			}
+			return errors.Errorf("cannot upgrade charm, only these series are supported: %v", supportedSeries)
+		}
+	} else {
+		// Even with forceSeries=true, we do not allow a charm to be used which is for
+		// a different OS. This assumes the charm declares it has supported series which
+		// we can check for OS compatibility. Otherwise, we just accept the series supplied.
+		currentOS, err := series.GetOSFromSeries(s.doc.Series)
+		if err != nil {
+			// We don't expect an error here but there's not much we can
+			// do to recover.
+			return err
+		}
+		supportedOS := false
+		supportedSeries := cfg.Charm.Meta().Series
+		for _, chSeries := range supportedSeries {
+			charmSeriesOS, err := series.GetOSFromSeries(chSeries)
+			if err != nil {
+				return nil
+			}
+			if currentOS == charmSeriesOS {
+				supportedOS = true
+				break
+			}
+		}
+		if !supportedOS && len(supportedSeries) > 0 {
+			return errors.Errorf("cannot upgrade charm, OS %q not supported by charm", currentOS)
+		}
+	}
+
+	services, closer := s.st.getCollection(applicationsC)
+	defer closer()
+
+	// this value holds the *previous* charm modified version, before this
+	// transaction commits.
+	var charmModifiedVersion int
+	channel := string(cfg.Channel)
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		if attempt > 0 {
+			// NOTE: We're explicitly allowing SetCharm to succeed
+			// when the application is Dying, because service/charm
+			// upgrades should still be allowed to apply to dying
+			// services and units, so that bugs in departed/broken
+			// hooks can be addressed at runtime.
+			if notDead, err := isNotDeadWithSession(services, s.doc.DocID); err != nil {
+				return nil, errors.Trace(err)
+			} else if !notDead {
+				return nil, ErrDead
+			}
+		}
+
+		// We can't update the in-memory application doc inside the transaction, so
+		// we manually udpate it at the end of the SetCharm method. However, we
+		// have no way of knowing what the charmModifiedVersion will be, since
+		// it's just incrementing the value in the DB (and that might be out of
+		// step with the value we have in memory).  What we have to do is read
+		// the DB, store the charmModifiedVersion we get, run the transaction,
+		// assert in the transaction that the charmModifiedVersion hasn't
+		// changed since we retrieved it, and then we know what its value must
+		// be after this transaction ends.  It's hacky, but there's no real
+		// other way to do it, thanks to the way mgo's transactions work.
+		var doc applicationDoc
+		err := services.FindId(s.doc.DocID).One(&doc)
+		var charmModifiedVersion int
+		switch {
+		case err == mgo.ErrNotFound:
+			// 0 is correct, since no previous charm existed.
+		case err != nil:
+			return nil, errors.Annotate(err, "can't open previous copy of charm")
+		default:
+			charmModifiedVersion = doc.CharmModifiedVersion
+		}
+		ops := []txn.Op{{
+			C:      applicationsC,
+			Id:     s.doc.DocID,
+			Assert: bson.D{{"charmmodifiedversion", charmModifiedVersion}},
+		}}
+
+		// Make sure the application doesn't have this charm already.
+		sel := bson.D{{"_id", s.doc.DocID}, {"charmurl", cfg.Charm.URL()}}
+		count, err := services.Find(sel).Count()
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		if count > 0 {
+			// Charm URL already set; just update the force flag and channel.
+			sameCharm := bson.D{{"charmurl", cfg.Charm.URL()}}
+			ops = append(ops, []txn.Op{{
+				C:      applicationsC,
+				Id:     s.doc.DocID,
+				Assert: append(notDeadDoc, sameCharm...),
+				Update: bson.D{{"$set", bson.D{
+					{"cs-channel", channel},
+					{"forcecharm", cfg.ForceUnits},
+				}}},
+			}}...)
+		} else {
+			// Change the charm URL.
+			chng, err := s.changeCharmOps(cfg.Charm, channel, cfg.ForceUnits, cfg.ResourceIDs)
+			if err != nil {
+				return nil, errors.Trace(err)
+			}
+			ops = append(ops, chng...)
+		}
+
+		return ops, nil
+	}
+	err := s.st.run(buildTxn)
+	if err == nil {
+		s.doc.CharmURL = cfg.Charm.URL()
+		s.doc.Channel = channel
+		s.doc.ForceCharm = cfg.ForceUnits
+		s.doc.CharmModifiedVersion = charmModifiedVersion + 1
+	}
+	return err
+}
+
+// String returns the application name.
+func (s *Application) String() string {
+	return s.doc.Name
+}
+
+// Refresh refreshes the contents of the Service from the underlying
+// state. It returns an error that satisfies errors.IsNotFound if the
+// application has been removed.
+func (s *Application) Refresh() error {
+	services, closer := s.st.getCollection(applicationsC)
+	defer closer()
+
+	err := services.FindId(s.doc.DocID).One(&s.doc)
+	if err == mgo.ErrNotFound {
+		return errors.NotFoundf("application %q", s)
+	}
+	if err != nil {
+		return fmt.Errorf("cannot refresh application %q: %v", s, err)
+	}
+	return nil
+}
+
+// newUnitName returns the next unit name.
+func (s *Application) newUnitName() (string, error) {
+	unitSeq, err := s.st.sequence(s.Tag().String())
+	if err != nil {
+		return "", errors.Trace(err)
+	}
+	name := s.doc.Name + "/" + strconv.Itoa(unitSeq)
+	return name, nil
+}
+
+const MessageWaitForAgentInit = "Waiting for agent initialization to finish"
+
+// addUnitOps returns a unique name for a new unit, and a list of txn operations
+// necessary to create that unit. The principalName param must be non-empty if
+// and only if s is a subordinate service. Only one subordinate of a given
+// application will be assigned to a given principal. The asserts param can be used
+// to include additional assertions for the application document.  This method
+// assumes that the application already exists in the db.
+func (s *Application) addUnitOps(principalName string, asserts bson.D) (string, []txn.Op, error) {
+	var cons constraints.Value
+	if !s.doc.Subordinate {
+		scons, err := s.Constraints()
+		if errors.IsNotFound(err) {
+			return "", nil, errors.NotFoundf("application %q", s.Name())
+		}
+		if err != nil {
+			return "", nil, err
+		}
+		cons, err = s.st.resolveConstraints(scons)
+		if err != nil {
+			return "", nil, err
+		}
+	}
+	storageCons, err := s.StorageConstraints()
+	if err != nil {
+		return "", nil, err
+	}
+	args := applicationAddUnitOpsArgs{
+		cons:          cons,
+		principalName: principalName,
+		storageCons:   storageCons,
+	}
+	names, ops, err := s.addUnitOpsWithCons(args)
+	if err != nil {
+		return names, ops, err
+	}
+	// we verify the application is alive
+	asserts = append(isAliveDoc, asserts...)
+	ops = append(ops, s.incUnitCountOp(asserts))
+	return names, ops, err
+}
+
+type applicationAddUnitOpsArgs struct {
+	principalName string
+	cons          constraints.Value
+	storageCons   map[string]StorageConstraints
+}
+
+// addServiceUnitOps is just like addUnitOps but explicitly takes a
+// constraints value (this is used at application creation time).
+func (s *Application) addServiceUnitOps(args applicationAddUnitOpsArgs) (string, []txn.Op, error) {
+	names, ops, err := s.addUnitOpsWithCons(args)
+	if err == nil {
+		ops = append(ops, s.incUnitCountOp(nil))
+	}
+	return names, ops, err
+}
+
+// addUnitOpsWithCons is a helper method for returning addUnitOps.
+func (s *Application) addUnitOpsWithCons(args applicationAddUnitOpsArgs) (string, []txn.Op, error) {
+	if s.doc.Subordinate && args.principalName == "" {
+		return "", nil, fmt.Errorf("application is a subordinate")
+	} else if !s.doc.Subordinate && args.principalName != "" {
+		return "", nil, fmt.Errorf("application is not a subordinate")
+	}
+	name, err := s.newUnitName()
+	if err != nil {
+		return "", nil, err
+	}
+
+	// Create instances of the charm's declared stores.
+	storageOps, numStorageAttachments, err := s.unitStorageOps(name, args.storageCons)
+	if err != nil {
+		return "", nil, errors.Trace(err)
+	}
+
+	docID := s.st.docID(name)
+	globalKey := unitGlobalKey(name)
+	agentGlobalKey := unitAgentGlobalKey(name)
+	udoc := &unitDoc{
+		DocID:                  docID,
+		Name:                   name,
+		Application:            s.doc.Name,
+		Series:                 s.doc.Series,
+		Life:                   Alive,
+		Principal:              args.principalName,
+		StorageAttachmentCount: numStorageAttachments,
+	}
+	// TODO(fwereade): 2016-03-17 lp:1558657
+	now := time.Now()
+	agentStatusDoc := statusDoc{
+		Status:  status.StatusAllocating,
+		Updated: now.UnixNano(),
+	}
+	unitStatusDoc := statusDoc{
+		// TODO(fwereade): this violates the spec. Should be "waiting".
+		Status:     status.StatusUnknown,
+		StatusInfo: MessageWaitForAgentInit,
+		Updated:    now.UnixNano(),
+	}
+	workloadVersionDoc := statusDoc{
+		Status:  status.StatusUnknown,
+		Updated: now.UnixNano(),
+	}
+
+	ops := addUnitOps(s.st, addUnitOpsArgs{
+		unitDoc:            udoc,
+		agentStatusDoc:     agentStatusDoc,
+		workloadStatusDoc:  unitStatusDoc,
+		workloadVersionDoc: workloadVersionDoc,
+		meterStatusDoc:     &meterStatusDoc{Code: MeterNotSet.String()},
+	})
+
+	ops = append(ops, storageOps...)
+
+	if s.doc.Subordinate {
+		ops = append(ops, txn.Op{
+			C:  unitsC,
+			Id: s.st.docID(args.principalName),
+			Assert: append(isAliveDoc, bson.DocElem{
+				"subordinates", bson.D{{"$not", bson.RegEx{Pattern: "^" + s.doc.Name + "/"}}},
+			}),
+			Update: bson.D{{"$addToSet", bson.D{{"subordinates", name}}}},
+		})
+	} else {
+		ops = append(ops, createConstraintsOp(s.st, agentGlobalKey, args.cons))
+	}
+
+	// At the last moment we still have the statusDocs in scope, set the initial
+	// history entries. This is risky, and may lead to extra entries, but that's
+	// an intrinsic problem with mixing txn and non-txn ops -- we can't sync
+	// them cleanly.
+	probablyUpdateStatusHistory(s.st, globalKey, unitStatusDoc)
+	probablyUpdateStatusHistory(s.st, agentGlobalKey, agentStatusDoc)
+	probablyUpdateStatusHistory(s.st, globalWorkloadVersionKey(name), workloadVersionDoc)
+	return name, ops, nil
+}
+
+// incUnitCountOp returns the operation to increment the service's unit count.
+func (s *Application) incUnitCountOp(asserts bson.D) txn.Op {
+	op := txn.Op{
+		C:      applicationsC,
+		Id:     s.doc.DocID,
+		Update: bson.D{{"$inc", bson.D{{"unitcount", 1}}}},
+	}
+	if len(asserts) > 0 {
+		op.Assert = asserts
+	}
+	return op
+}
+
+// unitStorageOps returns operations for creating storage
+// instances and attachments for a new unit. unitStorageOps
+// returns the number of initial storage attachments, to
+// initialise the unit's storage attachment refcount.
+func (s *Application) unitStorageOps(unitName string, cons map[string]StorageConstraints) (ops []txn.Op, numStorageAttachments int, err error) {
+	charm, _, err := s.Charm()
+	if err != nil {
+		return nil, -1, err
+	}
+	meta := charm.Meta()
+	url := charm.URL()
+	tag := names.NewUnitTag(unitName)
+	// TODO(wallyworld) - record constraints info in data model - size and pool name
+	ops, numStorageAttachments, err = createStorageOps(
+		s.st, tag, meta, url, cons,
+		s.doc.Series,
+		false, // unit is not assigned yet; don't create machine storage
+	)
+	if err != nil {
+		return nil, -1, errors.Trace(err)
+	}
+	return ops, numStorageAttachments, nil
+}
+
+// AddUnit adds a new principal unit to the service.
+func (s *Application) AddUnit() (unit *Unit, err error) {
+	defer errors.DeferredAnnotatef(&err, "cannot add unit to application %q", s)
+	name, ops, err := s.addUnitOps("", nil)
+	if err != nil {
+		return nil, err
+	}
+
+	if err := s.st.runTransaction(ops); err == txn.ErrAborted {
+		if alive, err := isAlive(s.st, applicationsC, s.doc.DocID); err != nil {
+			return nil, err
+		} else if !alive {
+			return nil, fmt.Errorf("application is not alive")
+		}
+		return nil, fmt.Errorf("inconsistent state")
+	} else if err != nil {
+		return nil, err
+	}
+	return s.st.Unit(name)
+}
+
+// removeUnitOps returns the operations necessary to remove the supplied unit,
+// assuming the supplied asserts apply to the unit document.
+func (s *Application) removeUnitOps(u *Unit, asserts bson.D) ([]txn.Op, error) {
+	ops, err := u.destroyHostOps(s)
+	if err != nil {
+		return nil, err
+	}
+	portsOps, err := removePortsForUnitOps(s.st, u)
+	if err != nil {
+		return nil, err
+	}
+	storageInstanceOps, err := removeStorageInstancesOps(s.st, u.Tag())
+	if err != nil {
+		return nil, err
+	}
+	// TODO(ericsnow) Use a generic registry instead.
+	resOps, err := removeUnitResourcesOps(s.st, u.doc.Application, u.doc.Name)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	ops = append(ops, resOps...)
+
+	observedFieldsMatch := bson.D{
+		{"charmurl", u.doc.CharmURL},
+		{"machineid", u.doc.MachineId},
+	}
+	ops = append(ops,
+		txn.Op{
+			C:      unitsC,
+			Id:     u.doc.DocID,
+			Assert: append(observedFieldsMatch, asserts...),
+			Remove: true,
+		},
+		removeMeterStatusOp(s.st, u.globalMeterStatusKey()),
+		removeStatusOp(s.st, u.globalAgentKey()),
+		removeStatusOp(s.st, u.globalKey()),
+		removeConstraintsOp(s.st, u.globalAgentKey()),
+		annotationRemoveOp(s.st, u.globalKey()),
+		s.st.newCleanupOp(cleanupRemovedUnit, u.doc.Name),
+	)
+	ops = append(ops, portsOps...)
+	ops = append(ops, storageInstanceOps...)
+	if u.doc.CharmURL != nil {
+		decOps, err := settingsDecRefOps(s.st, s.doc.Name, u.doc.CharmURL)
+		if errors.IsNotFound(err) {
+			return nil, errRefresh
+		} else if err != nil {
+			return nil, err
+		}
+		ops = append(ops, decOps...)
+	}
+	if s.doc.Life == Dying && s.doc.RelationCount == 0 && s.doc.UnitCount == 1 {
+		hasLastRef := bson.D{{"life", Dying}, {"relationcount", 0}, {"unitcount", 1}}
+		return append(ops, s.removeOps(hasLastRef)...), nil
+	}
+	svcOp := txn.Op{
+		C:      applicationsC,
+		Id:     s.doc.DocID,
+		Update: bson.D{{"$inc", bson.D{{"unitcount", -1}}}},
+	}
+	if s.doc.Life == Alive {
+		svcOp.Assert = bson.D{{"life", Alive}, {"unitcount", bson.D{{"$gt", 0}}}}
+	} else {
+		svcOp.Assert = bson.D{
+			{"life", Dying},
+			{"$or", []bson.D{
+				{{"unitcount", bson.D{{"$gt", 1}}}},
+				{{"relationcount", bson.D{{"$gt", 0}}}},
+			}},
+		}
+	}
+	ops = append(ops, svcOp)
+
+	return ops, nil
+}
+
+func removeUnitResourcesOps(st *State, serviceID, unitID string) ([]txn.Op, error) {
+	persist, err := st.ResourcesPersistence()
+	if errors.IsNotSupported(err) {
+		// Nothing to see here, move along.
+		return nil, nil
+	}
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	ops, err := persist.NewRemoveUnitResourcesOps(unitID)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return ops, nil
+}
+
+// AllUnits returns all units of the service.
+func (s *Application) AllUnits() (units []*Unit, err error) {
+	return allUnits(s.st, s.doc.Name)
+}
+
+func allUnits(st *State, application string) (units []*Unit, err error) {
+	unitsCollection, closer := st.getCollection(unitsC)
+	defer closer()
+
+	docs := []unitDoc{}
+	err = unitsCollection.Find(bson.D{{"application", application}}).All(&docs)
+	if err != nil {
+		return nil, fmt.Errorf("cannot get all units from application %q: %v", application, err)
+	}
+	for i := range docs {
+		units = append(units, newUnit(st, &docs[i]))
+	}
+	return units, nil
+}
+
+// Relations returns a Relation for every relation the application is in.
+func (s *Application) Relations() (relations []*Relation, err error) {
+	return applicationRelations(s.st, s.doc.Name)
+}
+
+func applicationRelations(st *State, name string) (relations []*Relation, err error) {
+	defer errors.DeferredAnnotatef(&err, "can't get relations for application %q", name)
+	relationsCollection, closer := st.getCollection(relationsC)
+	defer closer()
+
+	docs := []relationDoc{}
+	err = relationsCollection.Find(bson.D{{"endpoints.applicationname", name}}).All(&docs)
+	if err != nil {
+		return nil, err
+	}
+	for _, v := range docs {
+		relations = append(relations, newRelation(st, &v))
+	}
+	return relations, nil
+}
+
+// ConfigSettings returns the raw user configuration for the application's charm.
+// Unset values are omitted.
+func (s *Application) ConfigSettings() (charm.Settings, error) {
+	settings, err := readSettings(s.st, settingsC, s.settingsKey())
+	if err != nil {
+		return nil, err
+	}
+	return settings.Map(), nil
+}
+
+// UpdateConfigSettings changes a service's charm config settings. Values set
+// to nil will be deleted; unknown and invalid values will return an error.
+func (s *Application) UpdateConfigSettings(changes charm.Settings) error {
+	charm, _, err := s.Charm()
+	if err != nil {
+		return err
+	}
+	changes, err = charm.Config().ValidateSettings(changes)
+	if err != nil {
+		return err
+	}
+	// TODO(fwereade) state.Settings is itself really problematic in just
+	// about every use case. This needs to be resolved some time; but at
+	// least the settings docs are keyed by charm url as well as service
+	// name, so the actual impact of a race is non-threatening.
+	node, err := readSettings(s.st, settingsC, s.settingsKey())
+	if err != nil {
+		return err
+	}
+	for name, value := range changes {
+		if value == nil {
+			node.Delete(name)
+		} else {
+			node.Set(name, value)
+		}
+	}
+	_, err = node.Write()
+	return err
+}
+
+// LeaderSettings returns a service's leader settings. If nothing has been set
+// yet, it will return an empty map; this is not an error.
+func (s *Application) LeaderSettings() (map[string]string, error) {
+	// There's no compelling reason to have these methods on Service -- and
+	// thus require an extra db read to access them -- but it stops the State
+	// type getting even more cluttered.
+
+	doc, err := readSettingsDoc(s.st, settingsC, leadershipSettingsKey(s.doc.Name))
+	if errors.IsNotFound(err) {
+		return nil, errors.NotFoundf("application")
+	} else if err != nil {
+		return nil, errors.Trace(err)
+	}
+	result := make(map[string]string)
+	for escapedKey, interfaceValue := range doc.Settings {
+		key := unescapeReplacer.Replace(escapedKey)
+		if value, _ := interfaceValue.(string); value != "" {
+			// Empty strings are technically bad data -- when set, they clear.
+			result[key] = value
+		} else {
+			// Some bad data isn't reason enough to obscure the good data.
+			logger.Warningf("unexpected leader settings value for %s: %#v", key, interfaceValue)
+		}
+	}
+	return result, nil
+}
+
+// UpdateLeaderSettings updates the service's leader settings with the supplied
+// values, but will fail (with a suitable error) if the supplied Token loses
+// validity. Empty values in the supplied map will be cleared in the database.
+func (s *Application) UpdateLeaderSettings(token leadership.Token, updates map[string]string) error {
+	// There's no compelling reason to have these methods on Service -- and
+	// thus require an extra db read to access them -- but it stops the State
+	// type getting even more cluttered.
+
+	// We can calculate the actual update ahead of time; it's not dependent
+	// upon the current state of the document. (*Writing* it should depend
+	// on document state, but that's handled below.)
+	key := leadershipSettingsKey(s.doc.Name)
+	sets := bson.M{}
+	unsets := bson.M{}
+	for unescapedKey, value := range updates {
+		key := escapeReplacer.Replace(unescapedKey)
+		if value == "" {
+			unsets[key] = 1
+		} else {
+			sets[key] = value
+		}
+	}
+	update := setUnsetUpdateSettings(sets, unsets)
+
+	isNullChange := func(rawMap map[string]interface{}) bool {
+		for key := range unsets {
+			if _, found := rawMap[key]; found {
+				return false
+			}
+		}
+		for key, value := range sets {
+			if current := rawMap[key]; current != value {
+				return false
+			}
+		}
+		return true
+	}
+
+	buildTxn := func(_ int) ([]txn.Op, error) {
+		// Read the current document state so we can abort if there's
+		// no actual change; and the version number so we can assert
+		// on it and prevent these settings from landing late.
+		doc, err := readSettingsDoc(s.st, settingsC, key)
+		if errors.IsNotFound(err) {
+			return nil, errors.NotFoundf("application")
+		} else if err != nil {
+			return nil, errors.Trace(err)
+		}
+		if isNullChange(doc.Settings) {
+			return nil, jujutxn.ErrNoOperations
+		}
+		return []txn.Op{{
+			C:      settingsC,
+			Id:     key,
+			Assert: bson.D{{"version", doc.Version}},
+			Update: update,
+		}}, nil
+	}
+	return s.st.run(buildTxnWithLeadership(buildTxn, token))
+}
+
+var ErrSubordinateConstraints = stderrors.New("constraints do not apply to subordinate services")
+
+// Constraints returns the current application constraints.
+func (s *Application) Constraints() (constraints.Value, error) {
+	if s.doc.Subordinate {
+		return constraints.Value{}, ErrSubordinateConstraints
+	}
+	return readConstraints(s.st, s.globalKey())
+}
+
+// SetConstraints replaces the current application constraints.
+func (s *Application) SetConstraints(cons constraints.Value) (err error) {
+	unsupported, err := s.st.validateConstraints(cons)
+	if len(unsupported) > 0 {
+		logger.Warningf(
+			"setting constraints on application %q: unsupported constraints: %v", s.Name(), strings.Join(unsupported, ","))
+	} else if err != nil {
+		return err
+	}
+	if s.doc.Subordinate {
+		return ErrSubordinateConstraints
+	}
+	defer errors.DeferredAnnotatef(&err, "cannot set constraints")
+	if s.doc.Life != Alive {
+		return errNotAlive
+	}
+	ops := []txn.Op{{
+		C:      applicationsC,
+		Id:     s.doc.DocID,
+		Assert: isAliveDoc,
+	}}
+	ops = append(ops, setConstraintsOp(s.st, s.globalKey(), cons))
+	return onAbort(s.st.runTransaction(ops), errNotAlive)
+}
+
+// EndpointBindings returns the mapping for each endpoint name and the space
+// name it is bound to (or empty if unspecified). When no bindings are stored
+// for the application, defaults are returned.
+func (s *Application) EndpointBindings() (map[string]string, error) {
+	// We don't need the TxnRevno below.
+	bindings, _, err := readEndpointBindings(s.st, s.globalKey())
+	if err != nil && !errors.IsNotFound(err) {
+		return nil, errors.Trace(err)
+	}
+	if bindings == nil {
+		bindings, err = s.defaultEndpointBindings()
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+	}
+	return bindings, nil
+}
+
+// defaultEndpointBindings returns a map with each endpoint from the current
+// charm metadata bound to an empty space. If no charm URL is set yet, it
+// returns an empty map.
+func (s *Application) defaultEndpointBindings() (map[string]string, error) {
+	if s.doc.CharmURL == nil {
+		return map[string]string{}, nil
+	}
+
+	charm, _, err := s.Charm()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	return DefaultEndpointBindingsForCharm(charm.Meta()), nil
+}
+
+// MetricCredentials returns any metric credentials associated with this service.
+func (s *Application) MetricCredentials() []byte {
+	return s.doc.MetricCredentials
+}
+
+// SetMetricCredentials updates the metric credentials associated with this service.
+func (s *Application) SetMetricCredentials(b []byte) error {
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		if attempt > 0 {
+			alive, err := isAlive(s.st, applicationsC, s.doc.DocID)
+			if err != nil {
+				return nil, errors.Trace(err)
+			} else if !alive {
+				return nil, errNotAlive
+			}
+		}
+		ops := []txn.Op{
+			{
+				C:      applicationsC,
+				Id:     s.doc.DocID,
+				Assert: isAliveDoc,
+				Update: bson.M{"$set": bson.M{"metric-credentials": b}},
+			},
+		}
+		return ops, nil
+	}
+	if err := s.st.run(buildTxn); err != nil {
+		if err == errNotAlive {
+			return errors.New("cannot update metric credentials: application " + err.Error())
+		}
+		return errors.Annotatef(err, "cannot update metric credentials")
+	}
+	s.doc.MetricCredentials = b
+	return nil
+}
+
+func (s *Application) StorageConstraints() (map[string]StorageConstraints, error) {
+	return readStorageConstraints(s.st, s.globalKey())
+}
+
+// settingsIncRefOp returns an operation that increments the ref count
+// of the application settings identified by applicationname and curl. If
+// canCreate is false, a missing document will be treated as an error;
+// otherwise, it will be created with a ref count of 1.
+func settingsIncRefOp(st *State, applicationname string, curl *charm.URL, canCreate bool) (txn.Op, error) {
+	settingsrefs, closer := st.getCollection(settingsrefsC)
+	defer closer()
+
+	key := applicationSettingsKey(applicationname, curl)
+	if count, err := settingsrefs.FindId(key).Count(); err != nil {
+		return txn.Op{}, err
+	} else if count == 0 {
+		if !canCreate {
+			return txn.Op{}, errors.NotFoundf("application %q settings for charm %q", applicationname, curl)
+		}
+		return txn.Op{
+			C:      settingsrefsC,
+			Id:     st.docID(key),
+			Assert: txn.DocMissing,
+			Insert: settingsRefsDoc{
+				RefCount:  1,
+				ModelUUID: st.ModelUUID()},
+		}, nil
+	}
+	return txn.Op{
+		C:      settingsrefsC,
+		Id:     st.docID(key),
+		Assert: txn.DocExists,
+		Update: bson.D{{"$inc", bson.D{{"refcount", 1}}}},
+	}, nil
+}
+
+// settingsDecRefOps returns a list of operations that decrement the
+// ref count of the application settings identified by applicationname and
+// curl. If the ref count is set to zero, the appropriate setting and
+// ref count documents will both be deleted.
+func settingsDecRefOps(st *State, applicationname string, curl *charm.URL) ([]txn.Op, error) {
+	settingsrefs, closer := st.getCollection(settingsrefsC)
+	defer closer()
+
+	key := applicationSettingsKey(applicationname, curl)
+	var doc settingsRefsDoc
+	if err := settingsrefs.FindId(key).One(&doc); err == mgo.ErrNotFound {
+		return nil, errors.NotFoundf("application %q settings for charm %q", applicationname, curl)
+	} else if err != nil {
+		return nil, err
+	}
+	docID := st.docID(key)
+	if doc.RefCount == 1 {
+		return []txn.Op{{
+			C:      settingsrefsC,
+			Id:     docID,
+			Assert: bson.D{{"refcount", 1}},
+			Remove: true,
+		}, {
+			C:      settingsC,
+			Id:     docID,
+			Remove: true,
+		}}, nil
+	}
+	return []txn.Op{{
+		C:      settingsrefsC,
+		Id:     docID,
+		Assert: bson.D{{"refcount", bson.D{{"$gt", 1}}}},
+		Update: bson.D{{"$inc", bson.D{{"refcount", -1}}}},
+	}}, nil
+}
+
+// settingsRefsDoc holds the number of units and services using the
+// settings document identified by the document's id. Every time a
+// application upgrades its charm the settings doc ref count for the new
+// charm url is incremented, and the old settings is ref count is
+// decremented. When a unit upgrades to the new charm, the old service
+// settings ref count is decremented and the ref count of the new
+// charm settings is incremented. The last unit upgrading to the new
+// charm is responsible for deleting the old charm's settings doc.
+//
+// Note: We're not using the settingsDoc for this because changing
+// just the ref count is not considered a change worth reporting
+// to watchers and firing config-changed hooks.
+//
+// There is an implicit _id field here, which mongo creates, which is
+// always the same as the settingsDoc's id.
+type settingsRefsDoc struct {
+	RefCount  int
+	ModelUUID string `bson:"model-uuid"`
+}
+
+// Status returns the status of the service.
+// Only unit leaders are allowed to set the status of the service.
+// If no status is recorded, then there are no unit leaders and the
+// status is derived from the unit status values.
+func (s *Application) Status() (status.StatusInfo, error) {
+	statuses, closer := s.st.getCollection(statusesC)
+	defer closer()
+	query := statuses.Find(bson.D{{"_id", s.globalKey()}, {"neverset", true}})
+	if count, err := query.Count(); err != nil {
+		return status.StatusInfo{}, errors.Trace(err)
+	} else if count != 0 {
+		// This indicates that SetStatus has never been called on this service.
+		// This in turn implies the application status document is likely to be
+		// inaccurate, so we return aggregated unit statuses instead.
+		//
+		// TODO(fwereade): this is completely wrong and will produce bad results
+		// in not-very-challenging scenarios. The leader unit remains responsible
+		// for setting the application status in a timely way, *whether or not the
+		// charm's hooks exists or sets an application status*. This logic should be
+		// removed as soon as possible, and the responsibilities implemented in
+		// the right places rather than being applied at seeming random.
+		units, err := s.AllUnits()
+		if err != nil {
+			return status.StatusInfo{}, err
+		}
+		logger.Tracef("service %q has %d units", s.Name(), len(units))
+		if len(units) > 0 {
+			return s.deriveStatus(units)
+		}
+	}
+	return getStatus(s.st, s.globalKey(), "application")
+}
+
+// SetStatus sets the status for the application.
+func (s *Application) SetStatus(statusInfo status.StatusInfo) error {
+	if !status.ValidWorkloadStatus(statusInfo.Status) {
+		return errors.Errorf("cannot set invalid status %q", statusInfo.Status)
+	}
+	return setStatus(s.st, setStatusParams{
+		badge:     "application",
+		globalKey: s.globalKey(),
+		status:    statusInfo.Status,
+		message:   statusInfo.Message,
+		rawData:   statusInfo.Data,
+		updated:   statusInfo.Since,
+	})
+}
+
+// StatusHistory returns a slice of at most filter.Size StatusInfo items
+// or items as old as filter.Date or items newer than now - filter.Delta time
+// representing past statuses for this service.
+func (s *Application) StatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	args := &statusHistoryArgs{
+		st:        s.st,
+		globalKey: s.globalKey(),
+		filter:    filter,
+	}
+	return statusHistory(args)
+}
+
+// ServiceAndUnitsStatus returns the status for this application and all its units.
+func (s *Application) ServiceAndUnitsStatus() (status.StatusInfo, map[string]status.StatusInfo, error) {
+	serviceStatus, err := s.Status()
+	if err != nil {
+		return status.StatusInfo{}, nil, errors.Trace(err)
+	}
+	units, err := s.AllUnits()
+	if err != nil {
+		return status.StatusInfo{}, nil, err
+	}
+	results := make(map[string]status.StatusInfo, len(units))
+	for _, unit := range units {
+		unitStatus, err := unit.Status()
+		if err != nil {
+			return status.StatusInfo{}, nil, err
+		}
+		results[unit.Name()] = unitStatus
+	}
+	return serviceStatus, results, nil
+
+}
+
+func (s *Application) deriveStatus(units []*Unit) (status.StatusInfo, error) {
+	var result status.StatusInfo
+	for _, unit := range units {
+		currentSeverity := statusServerities[result.Status]
+		unitStatus, err := unit.Status()
+		if err != nil {
+			return status.StatusInfo{}, errors.Annotatef(err, "deriving application status from %q", unit.Name())
+		}
+		unitSeverity := statusServerities[unitStatus.Status]
+		if unitSeverity > currentSeverity {
+			result.Status = unitStatus.Status
+			result.Message = unitStatus.Message
+			result.Data = unitStatus.Data
+			result.Since = unitStatus.Since
+		}
+	}
+	return result, nil
+}
+
+// statusSeverities holds status values with a severity measure.
+// Status values with higher severity are used in preference to others.
+var statusServerities = map[status.Status]int{
+	status.StatusError:       100,
+	status.StatusBlocked:     90,
+	status.StatusWaiting:     80,
+	status.StatusMaintenance: 70,
+	status.StatusTerminated:  60,
+	status.StatusActive:      50,
+	status.StatusUnknown:     40,
+}
+
+type addApplicationOpsArgs struct {
+	applicationDoc   *applicationDoc
+	statusDoc        statusDoc
+	constraints      constraints.Value
+	storage          map[string]StorageConstraints
+	settings         map[string]interface{}
+	settingsRefCount int
+	// These are nil when adding a new service, and most likely
+	// non-nil when migrating.
+	leadershipSettings map[string]interface{}
+}
+
+// addApplicationOps returns the operations required to add an application to the
+// services collection, along with all the associated expected other service
+// entries. This method is used by both the *State.AddService method and the
+// migration import code.
+func addApplicationOps(st *State, args addApplicationOpsArgs) []txn.Op {
+	svc := newApplication(st, args.applicationDoc)
+
+	globalKey := svc.globalKey()
+	settingsKey := svc.settingsKey()
+	leadershipKey := leadershipSettingsKey(svc.Name())
+
+	return []txn.Op{
+		createConstraintsOp(st, globalKey, args.constraints),
+		createStorageConstraintsOp(globalKey, args.storage),
+		createSettingsOp(settingsC, settingsKey, args.settings),
+		createSettingsOp(settingsC, leadershipKey, args.leadershipSettings),
+		createStatusOp(st, globalKey, args.statusDoc),
+		addModelServiceRefOp(st, svc.Name()),
+		{
+			C:      settingsrefsC,
+			Id:     settingsKey,
+			Assert: txn.DocMissing,
+			Insert: settingsRefsDoc{
+				RefCount: args.settingsRefCount,
+			},
+		}, {
+			C:      applicationsC,
+			Id:     svc.Name(),
+			Assert: txn.DocMissing,
+			Insert: args.applicationDoc,
+		},
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/application_leader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/application_leader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/application_leader_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/application_leader_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,262 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state_test
+
+import (
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/state/testing"
+	"github.com/juju/juju/testing/factory"
+)
+
+type ServiceLeaderSuite struct {
+	ConnSuite
+	service *state.Application
+}
+
+var _ = gc.Suite(&ServiceLeaderSuite{})
+
+func (s *ServiceLeaderSuite) SetUpTest(c *gc.C) {
+	s.ConnSuite.SetUpTest(c)
+	s.service = s.Factory.MakeApplication(c, nil)
+}
+
+func (s *ServiceLeaderSuite) TestReadEmpty(c *gc.C) {
+	s.checkSettings(c, map[string]string{})
+}
+
+func (s *ServiceLeaderSuite) TestWrite(c *gc.C) {
+	s.writeSettings(c, map[string]string{
+		"foo":     "bar",
+		"baz.qux": "ping",
+		"pong":    "",
+		"$unset":  "foo",
+	})
+
+	s.checkSettings(c, map[string]string{
+		"foo":     "bar",
+		"baz.qux": "ping",
+		// pong: "" value is ignored
+		"$unset": "foo",
+	})
+}
+
+func (s *ServiceLeaderSuite) TestOverwrite(c *gc.C) {
+	s.writeSettings(c, map[string]string{
+		"one":    "foo",
+		"2.0":    "bar",
+		"$three": "baz",
+		"fo-ur":  "qux",
+	})
+
+	s.writeSettings(c, map[string]string{
+		"one":    "",
+		"2.0":    "ping",
+		"$three": "pong",
+		"$unset": "2.0",
+	})
+
+	s.checkSettings(c, map[string]string{
+		// one: "" value is cleared
+		"2.0":    "ping",
+		"$three": "pong",
+		"fo-ur":  "qux",
+		"$unset": "2.0",
+	})
+}
+
+func (s *ServiceLeaderSuite) TestTxnRevnoChange(c *gc.C) {
+	defer state.SetBeforeHooks(c, s.State, func() {
+		s.writeSettings(c, map[string]string{
+			"other":   "values",
+			"slipped": "in",
+			"before":  "we",
+			"managed": "to",
+		})
+	}).Check()
+
+	s.writeSettings(c, map[string]string{
+		"but":       "we",
+		"overwrite": "those",
+		"before":    "",
+	})
+
+	s.checkSettings(c, map[string]string{
+		"other":     "values",
+		"slipped":   "in",
+		"but":       "we",
+		"managed":   "to",
+		"overwrite": "those",
+	})
+}
+
+func (s *ServiceLeaderSuite) TestTokenError(c *gc.C) {
+	err := s.service.UpdateLeaderSettings(&failToken{}, map[string]string{"blah": "blah"})
+	c.Check(err, gc.ErrorMatches, "prerequisites failed: something bad happened")
+}
+
+func (s *ServiceLeaderSuite) TestTokenAssertFailure(c *gc.C) {
+	err := s.service.UpdateLeaderSettings(&raceToken{}, map[string]string{"blah": "blah"})
+	c.Check(err, gc.ErrorMatches, "prerequisites failed: too late")
+}
+
+func (s *ServiceLeaderSuite) TestReadWriteDying(c *gc.C) {
+	s.preventRemove(c)
+	s.destroyService(c)
+
+	s.writeSettings(c, map[string]string{
+		"this":  "should",
+		"still": "work",
+	})
+	s.checkSettings(c, map[string]string{
+		"this":  "should",
+		"still": "work",
+	})
+}
+
+func (s *ServiceLeaderSuite) TestReadRemoved(c *gc.C) {
+	s.destroyService(c)
+
+	actual, err := s.service.LeaderSettings()
+	c.Check(err, gc.ErrorMatches, "application not found")
+	c.Check(err, jc.Satisfies, errors.IsNotFound)
+	c.Check(actual, gc.IsNil)
+}
+
+func (s *ServiceLeaderSuite) TestWriteRemoved(c *gc.C) {
+	s.destroyService(c)
+
+	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
+		"should": "fail",
+	})
+	c.Check(err, gc.ErrorMatches, "application not found")
+	c.Check(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceLeaderSuite) TestWatchInitialEvent(c *gc.C) {
+	w := s.service.WatchLeaderSettings()
+	defer testing.AssertStop(c, w)
+
+	wc := testing.NewNotifyWatcherC(c, s.State, w)
+	wc.AssertOneChange()
+}
+
+func (s *ServiceLeaderSuite) TestWatchDetectChange(c *gc.C) {
+	w := s.service.WatchLeaderSettings()
+	defer testing.AssertStop(c, w)
+	wc := testing.NewNotifyWatcherC(c, s.State, w)
+	wc.AssertOneChange()
+
+	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
+		"something": "changed",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertOneChange()
+}
+
+func (s *ServiceLeaderSuite) TestWatchIgnoreNullChange(c *gc.C) {
+	w := s.service.WatchLeaderSettings()
+	defer testing.AssertStop(c, w)
+	wc := testing.NewNotifyWatcherC(c, s.State, w)
+	wc.AssertOneChange()
+	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
+		"something": "changed",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertOneChange()
+
+	err = s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
+		"something": "changed",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertNoChange()
+}
+
+func (s *ServiceLeaderSuite) TestWatchCoalesceChanges(c *gc.C) {
+	w := s.service.WatchLeaderSettings()
+	defer testing.AssertStop(c, w)
+	wc := testing.NewNotifyWatcherC(c, s.State, w)
+	wc.AssertOneChange()
+
+	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
+		"something": "changed",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
+		"very": "excitingly",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertOneChange()
+}
+
+func (s *ServiceLeaderSuite) writeSettings(c *gc.C, update map[string]string) {
+	err := s.service.UpdateLeaderSettings(&fakeToken{}, update)
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceLeaderSuite) checkSettings(c *gc.C, expect map[string]string) {
+	actual, err := s.service.LeaderSettings()
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(actual, gc.DeepEquals, expect)
+}
+
+func (s *ServiceLeaderSuite) preventRemove(c *gc.C) {
+	s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.service})
+}
+
+func (s *ServiceLeaderSuite) destroyService(c *gc.C) {
+	killService, err := s.State.Application(s.service.Name())
+	c.Assert(err, jc.ErrorIsNil)
+	err = killService.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+// fakeToken implements leadership.Token.
+type fakeToken struct{}
+
+// Check is part of the leadership.Token interface. It always claims success,
+// and never checks or writes the userdata.
+func (*fakeToken) Check(interface{}) error {
+	return nil
+}
+
+// failToken implements leadership.Token.
+type failToken struct{}
+
+// Check is part of the leadership.Token interface. It always returns an error,
+// and never checks or writes the userdata.
+func (*failToken) Check(interface{}) error {
+	return errors.New("something bad happened")
+}
+
+// raceToken implements leadership.Token.
+type raceToken struct {
+	checkedOnce bool
+}
+
+// Check is part of the leadership.Token interface. On the first call, it expects
+// a *[]txn.Op, into which it will copy a failing assertion; on subsequent calls,
+// it just returns an error.
+func (t *raceToken) Check(out interface{}) error {
+	if t.checkedOnce {
+		return errors.New("too late")
+	}
+	t.checkedOnce = true
+	outPtr, ok := out.(*[]txn.Op)
+	if !ok {
+		return errors.Errorf("SUT passed in bad value: %#v", out)
+	}
+	wontExist := utils.MustNewUUID()
+	*outPtr = []txn.Op{{
+		C:      "units", // we have to use a collection defined in the schema
+		Id:     wontExist.String(),
+		Assert: txn.DocExists,
+	}}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/application_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/application_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/application_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/application_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,2480 @@
+// Copyright 2012, 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state_test
+
+import (
+	"fmt"
+	"sort"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	jc "github.com/juju/testing/checkers"
+	jujutxn "github.com/juju/txn"
+	"github.com/juju/utils/set"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/state/testing"
+	"github.com/juju/juju/status"
+	"github.com/juju/juju/storage/provider"
+	"github.com/juju/juju/storage/provider/registry"
+)
+
+type ServiceSuite struct {
+	ConnSuite
+	charm *state.Charm
+	mysql *state.Application
+}
+
+var _ = gc.Suite(&ServiceSuite{})
+
+func (s *ServiceSuite) SetUpTest(c *gc.C) {
+	s.ConnSuite.SetUpTest(c)
+	s.policy.GetConstraintsValidator = func(*config.Config, state.SupportedArchitecturesQuerier) (constraints.Validator, error) {
+		validator := constraints.NewValidator()
+		validator.RegisterConflicts([]string{constraints.InstanceType}, []string{constraints.Mem})
+		validator.RegisterUnsupported([]string{constraints.CpuPower})
+		return validator, nil
+	}
+	s.charm = s.AddTestingCharm(c, "mysql")
+	s.mysql = s.AddTestingService(c, "mysql", s.charm)
+}
+
+func (s *ServiceSuite) TestSetCharm(c *gc.C) {
+	ch, force, err := s.mysql.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL(), gc.DeepEquals, s.charm.URL())
+	c.Assert(force, jc.IsFalse)
+	url, force := s.mysql.CharmURL()
+	c.Assert(url, gc.DeepEquals, s.charm.URL())
+	c.Assert(force, jc.IsFalse)
+
+	// Add a compatible charm and force it.
+	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
+
+	cfg := state.SetCharmConfig{
+		Charm:      sch,
+		ForceUnits: true,
+	}
+	err = s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	ch, force, err = s.mysql.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL(), gc.DeepEquals, sch.URL())
+	c.Assert(force, jc.IsTrue)
+	url, force = s.mysql.CharmURL()
+	c.Assert(url, gc.DeepEquals, sch.URL())
+	c.Assert(force, jc.IsTrue)
+}
+
+func (s *ServiceSuite) TestSetCharmLegacy(c *gc.C) {
+	chDifferentSeries := state.AddTestingCharmForSeries(c, s.State, "precise", "mysql")
+
+	cfg := state.SetCharmConfig{
+		Charm:       chDifferentSeries,
+		ForceSeries: true,
+	}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, gc.ErrorMatches, "cannot change a service's series")
+}
+
+func (s *ServiceSuite) TestClientServiceSetCharmUnsupportedSeries(c *gc.C) {
+	ch := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
+	svc := state.AddTestingServiceForSeries(c, s.State, "precise", "application", ch)
+
+	chDifferentSeries := state.AddTestingCharmMultiSeries(c, s.State, "multi-series2")
+	cfg := state.SetCharmConfig{
+		Charm: chDifferentSeries,
+	}
+	err := svc.SetCharm(cfg)
+	c.Assert(err, gc.ErrorMatches, "cannot upgrade charm, only these series are supported: trusty, wily")
+}
+
+func (s *ServiceSuite) TestClientServiceSetCharmUnsupportedSeriesForce(c *gc.C) {
+	ch := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
+	svc := state.AddTestingServiceForSeries(c, s.State, "precise", "application", ch)
+
+	chDifferentSeries := state.AddTestingCharmMultiSeries(c, s.State, "multi-series2")
+	cfg := state.SetCharmConfig{
+		Charm:       chDifferentSeries,
+		ForceSeries: true,
+	}
+	err := svc.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	svc, err = s.State.Application("application")
+	c.Assert(err, jc.ErrorIsNil)
+	ch, _, err = svc.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ch.URL().String(), gc.Equals, "cs:multi-series2-8")
+}
+
+func (s *ServiceSuite) TestClientServiceSetCharmWrongOS(c *gc.C) {
+	ch := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
+	svc := state.AddTestingServiceForSeries(c, s.State, "precise", "application", ch)
+
+	chDifferentSeries := state.AddTestingCharmMultiSeries(c, s.State, "multi-series-windows")
+	cfg := state.SetCharmConfig{
+		Charm:       chDifferentSeries,
+		ForceSeries: true,
+	}
+	err := svc.SetCharm(cfg)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade charm, OS "Ubuntu" not supported by charm`)
+}
+
+func (s *ServiceSuite) TestSetCharmPreconditions(c *gc.C) {
+	logging := s.AddTestingCharm(c, "logging")
+	cfg := state.SetCharmConfig{Charm: logging}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, gc.ErrorMatches, "cannot change a service's subordinacy")
+
+	othermysql := s.AddSeriesCharm(c, "mysql", "otherseries")
+	cfg2 := state.SetCharmConfig{Charm: othermysql}
+	err = s.mysql.SetCharm(cfg2)
+	c.Assert(err, gc.ErrorMatches, "cannot change a service's series")
+}
+
+func (s *ServiceSuite) TestSetCharmUpdatesBindings(c *gc.C) {
+	_, err := s.State.AddSpace("db", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddSpace("client", "", nil, true)
+	c.Assert(err, jc.ErrorIsNil)
+	oldCharm := s.AddMetaCharm(c, "mysql", metaBase, 44)
+
+	service, err := s.State.AddApplication(state.AddApplicationArgs{
+		Name:  "yoursql",
+		Charm: oldCharm,
+		EndpointBindings: map[string]string{
+			"server": "db",
+			"client": "client",
+		}})
+	c.Assert(err, jc.ErrorIsNil)
+
+	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, 43)
+	cfg := state.SetCharmConfig{Charm: newCharm}
+	err = service.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	updatedBindings, err := service.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(updatedBindings, jc.DeepEquals, map[string]string{
+		// Existing bindings are preserved.
+		"server":  "db",
+		"client":  "client",
+		"cluster": "", // inherited from defaults in AddService.
+		// New endpoints use empty defaults.
+		"foo":  "",
+		"baz":  "",
+		"just": "",
+	})
+}
+
+func (s *ServiceSuite) TestSetCharmWithWeirdlyNamedEndpoints(c *gc.C) {
+	// This test ensures if special characters appear in endpoint names of the
+	// charm metadata, they are properly escaped before saving to mongo, and
+	// unescaped when read back.
+	_, err := s.State.AddSpace("client", "", nil, true)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddSpace("db", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+
+	initialBindings := map[string]string{
+		"$pull":     "db",
+		"$set.foo":  "",
+		"cli ent .": "client",
+		".":         "db",
+	}
+	weirdOldCharm := s.AddMetaCharm(c, "mysql", `
+name: mysql
+summary: "Fake MySQL Database engine"
+description: "Complete with nonsense relations"
+provides:
+  $pull: mysql
+  $set.foo: bar
+requires:
+  foo: something
+  "cli ent .": mysql
+peers:
+  ".": bad
+  "$": mysql
+`, 42)
+	weirdNewCharm := s.AddMetaCharm(c, "mysql", `
+name: mysql
+summary: "Fake MySQL Database engine"
+description: "Complete with nonsense relations"
+provides:
+  ser$ver2: mysql
+  $pull: mysql
+  $set.foo: bar
+requires:
+  "cli ent 2": mysql
+peers:
+  "$": mysql
+  ".": bad
+`, 43)
+
+	weirdService := s.AddTestingServiceWithBindings(c, "weird", weirdOldCharm, initialBindings)
+	readBindings, err := weirdService.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	expectedBindings := map[string]string{
+		"cli ent .": "client",
+		"foo":       "",
+		"$":         "",
+		".":         "db",
+		"$set.foo":  "",
+		"$pull":     "db",
+	}
+	c.Check(readBindings, jc.DeepEquals, expectedBindings)
+
+	cfg := state.SetCharmConfig{Charm: weirdNewCharm}
+	err = weirdService.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	readBindings, err = weirdService.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+
+	expectedBindings = map[string]string{
+		"ser$ver2":  "",
+		"cli ent 2": "",
+		"$":         "",
+		".":         "db",
+		"$set.foo":  "",
+		"$pull":     "db",
+	}
+	c.Check(readBindings, jc.DeepEquals, expectedBindings)
+}
+
+var metaBase = `
+name: mysql
+summary: "Fake MySQL Database engine"
+description: "Complete with nonsense relations"
+provides:
+  server: mysql
+requires:
+  client: mysql
+peers:
+  cluster: mysql
+`
+var metaDifferentProvider = `
+name: mysql
+description: none
+summary: none
+provides:
+  kludge: mysql
+requires:
+  client: mysql
+peers:
+  cluster: mysql
+`
+var metaDifferentRequirer = `
+name: mysql
+description: none
+summary: none
+provides:
+  server: mysql
+requires:
+  kludge: mysql
+peers:
+  cluster: mysql
+`
+var metaDifferentPeer = `
+name: mysql
+description: none
+summary: none
+provides:
+  server: mysql
+requires:
+  client: mysql
+peers:
+  kludge: mysql
+`
+var metaExtraEndpoints = `
+name: mysql
+description: none
+summary: none
+provides:
+  server: mysql
+  foo: bar
+requires:
+  client: mysql
+  baz: woot
+peers:
+  cluster: mysql
+  just: me
+`
+
+var setCharmEndpointsTests = []struct {
+	summary string
+	meta    string
+	err     string
+}{{
+	summary: "different provider (but no relation yet)",
+	meta:    metaDifferentProvider,
+}, {
+	summary: "different requirer (but no relation yet)",
+	meta:    metaDifferentRequirer,
+}, {
+	summary: "different peer",
+	meta:    metaDifferentPeer,
+	err:     `cannot upgrade application "fakemysql" to charm "local:quantal/quantal-mysql-5": would break relation "fakemysql:cluster"`,
+}, {
+	summary: "same relations ok",
+	meta:    metaBase,
+}, {
+	summary: "extra endpoints ok",
+	meta:    metaExtraEndpoints,
+}}
+
+func (s *ServiceSuite) TestSetCharmChecksEndpointsWithoutRelations(c *gc.C) {
+	revno := 2
+	ms := s.AddMetaCharm(c, "mysql", metaBase, revno)
+	svc := s.AddTestingService(c, "fakemysql", ms)
+	cfg := state.SetCharmConfig{Charm: ms}
+	err := svc.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+
+	for i, t := range setCharmEndpointsTests {
+		c.Logf("test %d: %s", i, t.summary)
+
+		newCh := s.AddMetaCharm(c, "mysql", t.meta, revno+i+1)
+		cfg := state.SetCharmConfig{Charm: newCh}
+		err = svc.SetCharm(cfg)
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+		} else {
+			c.Assert(err, jc.ErrorIsNil)
+		}
+	}
+
+	err = svc.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestSetCharmChecksEndpointsWithRelations(c *gc.C) {
+	revno := 2
+	providerCharm := s.AddMetaCharm(c, "mysql", metaDifferentProvider, revno)
+	providerSvc := s.AddTestingService(c, "myprovider", providerCharm)
+
+	cfg := state.SetCharmConfig{Charm: providerCharm}
+	err := providerSvc.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+
+	revno++
+	requirerCharm := s.AddMetaCharm(c, "mysql", metaDifferentRequirer, revno)
+	requirerSvc := s.AddTestingService(c, "myrequirer", requirerCharm)
+	cfg = state.SetCharmConfig{Charm: requirerCharm}
+	err = requirerSvc.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+
+	eps, err := s.State.InferEndpoints("myprovider:kludge", "myrequirer:kludge")
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+
+	revno++
+	baseCharm := s.AddMetaCharm(c, "mysql", metaBase, revno)
+	cfg = state.SetCharmConfig{Charm: baseCharm}
+	err = providerSvc.SetCharm(cfg)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "myprovider" to charm "local:quantal/quantal-mysql-4": would break relation "myrequirer:kludge myprovider:kludge"`)
+	err = requirerSvc.SetCharm(cfg)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "myrequirer" to charm "local:quantal/quantal-mysql-4": would break relation "myrequirer:kludge myprovider:kludge"`)
+}
+
+var stringConfig = `
+options:
+  key: {default: My Key, description: Desc, type: string}
+`
+var emptyConfig = `
+options: {}
+`
+var floatConfig = `
+options:
+  key: {default: 0.42, description: Float key, type: float}
+`
+var newStringConfig = `
+options:
+  key: {default: My Key, description: Desc, type: string}
+  other: {default: None, description: My Other, type: string}
+`
+
+var setCharmConfigTests = []struct {
+	summary     string
+	startconfig string
+	startvalues charm.Settings
+	endconfig   string
+	endvalues   charm.Settings
+	err         string
+}{{
+	summary:     "add float key to empty config",
+	startconfig: emptyConfig,
+	endconfig:   floatConfig,
+}, {
+	summary:     "add string key to empty config",
+	startconfig: emptyConfig,
+	endconfig:   stringConfig,
+}, {
+	summary:     "add string key and preserve existing values",
+	startconfig: stringConfig,
+	startvalues: charm.Settings{"key": "foo"},
+	endconfig:   newStringConfig,
+	endvalues:   charm.Settings{"key": "foo"},
+}, {
+	summary:     "remove string key",
+	startconfig: stringConfig,
+	startvalues: charm.Settings{"key": "value"},
+	endconfig:   emptyConfig,
+}, {
+	summary:     "remove float key",
+	startconfig: floatConfig,
+	startvalues: charm.Settings{"key": 123.45},
+	endconfig:   emptyConfig,
+}, {
+	summary:     "change key type without values",
+	startconfig: stringConfig,
+	endconfig:   floatConfig,
+}, {
+	summary:     "change key type with values",
+	startconfig: stringConfig,
+	startvalues: charm.Settings{"key": "value"},
+	endconfig:   floatConfig,
+}}
+
+func (s *ServiceSuite) TestSetCharmConfig(c *gc.C) {
+	charms := map[string]*state.Charm{
+		stringConfig:    s.AddConfigCharm(c, "wordpress", stringConfig, 1),
+		emptyConfig:     s.AddConfigCharm(c, "wordpress", emptyConfig, 2),
+		floatConfig:     s.AddConfigCharm(c, "wordpress", floatConfig, 3),
+		newStringConfig: s.AddConfigCharm(c, "wordpress", newStringConfig, 4),
+	}
+
+	for i, t := range setCharmConfigTests {
+		c.Logf("test %d: %s", i, t.summary)
+
+		origCh := charms[t.startconfig]
+		svc := s.AddTestingService(c, "wordpress", origCh)
+		err := svc.UpdateConfigSettings(t.startvalues)
+		c.Assert(err, jc.ErrorIsNil)
+
+		newCh := charms[t.endconfig]
+		cfg := state.SetCharmConfig{Charm: newCh}
+		err = svc.SetCharm(cfg)
+		var expectVals charm.Settings
+		var expectCh *state.Charm
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+			expectCh = origCh
+			expectVals = t.startvalues
+		} else {
+			c.Assert(err, jc.ErrorIsNil)
+			expectCh = newCh
+			expectVals = t.endvalues
+		}
+
+		sch, _, err := svc.Charm()
+		c.Assert(err, jc.ErrorIsNil)
+		c.Assert(sch.URL(), gc.DeepEquals, expectCh.URL())
+		settings, err := svc.ConfigSettings()
+		c.Assert(err, jc.ErrorIsNil)
+		if len(expectVals) == 0 {
+			c.Assert(settings, gc.HasLen, 0)
+		} else {
+			c.Assert(settings, gc.DeepEquals, expectVals)
+		}
+
+		err = svc.Destroy()
+		c.Assert(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *ServiceSuite) TestSetCharmWithDyingService(c *gc.C) {
+	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
+
+	_, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	assertLife(c, s.mysql, state.Dying)
+	cfg := state.SetCharmConfig{
+		Charm:      sch,
+		ForceUnits: true,
+	}
+	err = s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestSequenceUnitIdsAfterDestroy(c *gc.C) {
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unit.Name(), gc.Equals, "mysql/0")
+	err = unit.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	s.mysql = s.AddTestingService(c, "mysql", s.charm)
+	unit, err = s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unit.Name(), gc.Equals, "mysql/1")
+}
+
+func (s *ServiceSuite) TestSequenceUnitIds(c *gc.C) {
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unit.Name(), gc.Equals, "mysql/0")
+	unit, err = s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unit.Name(), gc.Equals, "mysql/1")
+}
+
+func (s *ServiceSuite) TestSetCharmWhenDead(c *gc.C) {
+	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
+
+	defer state.SetBeforeHooks(c, s.State, func() {
+		_, err := s.mysql.AddUnit()
+		err = s.mysql.Destroy()
+		c.Assert(err, jc.ErrorIsNil)
+		assertLife(c, s.mysql, state.Dying)
+
+		// Change the service life to Dead manually, as there's no
+		// direct way of doing that otherwise.
+		ops := []txn.Op{{
+			C:      state.ApplicationsC,
+			Id:     state.DocID(s.State, s.mysql.Name()),
+			Update: bson.D{{"$set", bson.D{{"life", state.Dead}}}},
+		}}
+
+		err = state.RunTransaction(s.State, ops)
+		c.Assert(err, jc.ErrorIsNil)
+		assertLife(c, s.mysql, state.Dead)
+	}).Check()
+
+	cfg := state.SetCharmConfig{
+		Charm:      sch,
+		ForceUnits: true,
+	}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, gc.Equals, state.ErrDead)
+}
+
+func (s *ServiceSuite) TestSetCharmWithRemovedService(c *gc.C) {
+	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
+
+	err := s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	assertRemoved(c, s.mysql)
+
+	cfg := state.SetCharmConfig{
+		Charm:      sch,
+		ForceUnits: true,
+	}
+
+	err = s.mysql.SetCharm(cfg)
+	c.Assert(err, gc.Equals, state.ErrDead)
+}
+
+func (s *ServiceSuite) TestSetCharmWhenRemoved(c *gc.C) {
+	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
+
+	defer state.SetBeforeHooks(c, s.State, func() {
+		err := s.mysql.Destroy()
+		c.Assert(err, jc.ErrorIsNil)
+		assertRemoved(c, s.mysql)
+	}).Check()
+
+	cfg := state.SetCharmConfig{
+		Charm:      sch,
+		ForceUnits: true,
+	}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, gc.Equals, state.ErrDead)
+}
+
+func (s *ServiceSuite) TestSetCharmWhenDyingIsOK(c *gc.C) {
+	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
+
+	defer state.SetBeforeHooks(c, s.State, func() {
+		_, err := s.mysql.AddUnit()
+		c.Assert(err, jc.ErrorIsNil)
+		err = s.mysql.Destroy()
+		c.Assert(err, jc.ErrorIsNil)
+		assertLife(c, s.mysql, state.Dying)
+	}).Check()
+
+	cfg := state.SetCharmConfig{
+		Charm:      sch,
+		ForceUnits: true,
+	}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	assertLife(c, s.mysql, state.Dying)
+}
+
+func (s *ServiceSuite) TestSetCharmRetriesWithSameCharmURL(c *gc.C) {
+	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
+
+	defer state.SetTestHooks(c, s.State,
+		jujutxn.TestHook{
+			Before: func() {
+				currentCh, force, err := s.mysql.Charm()
+				c.Assert(err, jc.ErrorIsNil)
+				c.Assert(force, jc.IsFalse)
+				c.Assert(currentCh.URL(), jc.DeepEquals, s.charm.URL())
+
+				cfg := state.SetCharmConfig{Charm: sch}
+				err = s.mysql.SetCharm(cfg)
+				c.Assert(err, jc.ErrorIsNil)
+			},
+			After: func() {
+				// Verify the before hook worked.
+				currentCh, force, err := s.mysql.Charm()
+				c.Assert(err, jc.ErrorIsNil)
+				c.Assert(force, jc.IsFalse)
+				c.Assert(currentCh.URL(), jc.DeepEquals, sch.URL())
+			},
+		},
+		jujutxn.TestHook{
+			Before: nil, // Ensure there will be a retry.
+			After: func() {
+				// Verify it worked after the retry.
+				err := s.mysql.Refresh()
+				c.Assert(err, jc.ErrorIsNil)
+				currentCh, force, err := s.mysql.Charm()
+				c.Assert(err, jc.ErrorIsNil)
+				c.Assert(force, jc.IsTrue)
+				c.Assert(currentCh.URL(), jc.DeepEquals, sch.URL())
+			},
+		},
+	).Check()
+
+	cfg := state.SetCharmConfig{
+		Charm:      sch,
+		ForceUnits: true,
+	}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestSetCharmRetriesWhenOldSettingsChanged(c *gc.C) {
+	revno := 2 // revno 1 is used by SetUpSuite
+	oldCh := s.AddConfigCharm(c, "mysql", stringConfig, revno)
+	newCh := s.AddConfigCharm(c, "mysql", stringConfig, revno+1)
+	cfg := state.SetCharmConfig{Charm: oldCh}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+
+	defer state.SetBeforeHooks(c, s.State,
+		func() {
+			err := s.mysql.UpdateConfigSettings(charm.Settings{"key": "value"})
+			c.Assert(err, jc.ErrorIsNil)
+		},
+		nil, // Ensure there will be a retry.
+	).Check()
+
+	cfg = state.SetCharmConfig{
+		Charm:      newCh,
+		ForceUnits: true,
+	}
+	err = s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestSetCharmRetriesWhenBothOldAndNewSettingsChanged(c *gc.C) {
+	revno := 2 // revno 1 is used by SetUpSuite
+	oldCh := s.AddConfigCharm(c, "mysql", stringConfig, revno)
+	newCh := s.AddConfigCharm(c, "mysql", stringConfig, revno+1)
+
+	defer state.SetTestHooks(c, s.State,
+		jujutxn.TestHook{
+			Before: func() {
+				// Add two units, which will keep the refcount of oldCh
+				// and newCh settings greater than 0, while the service's
+				// charm URLs change between oldCh and newCh. Ensure
+				// refcounts change as expected.
+				unit1, err := s.mysql.AddUnit()
+				c.Assert(err, jc.ErrorIsNil)
+				unit2, err := s.mysql.AddUnit()
+				c.Assert(err, jc.ErrorIsNil)
+				cfg := state.SetCharmConfig{Charm: newCh}
+				err = s.mysql.SetCharm(cfg)
+				c.Assert(err, jc.ErrorIsNil)
+				assertSettingsRef(c, s.State, "mysql", newCh, 1)
+				assertNoSettingsRef(c, s.State, "mysql", oldCh)
+				err = unit1.SetCharmURL(newCh.URL())
+				c.Assert(err, jc.ErrorIsNil)
+				assertSettingsRef(c, s.State, "mysql", newCh, 2)
+				assertNoSettingsRef(c, s.State, "mysql", oldCh)
+				// Update newCh settings, switch to oldCh and update its
+				// settings as well.
+				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value1"})
+				c.Assert(err, jc.ErrorIsNil)
+				cfg = state.SetCharmConfig{Charm: oldCh}
+
+				err = s.mysql.SetCharm(cfg)
+				c.Assert(err, jc.ErrorIsNil)
+				assertSettingsRef(c, s.State, "mysql", newCh, 1)
+				assertSettingsRef(c, s.State, "mysql", oldCh, 1)
+				err = unit2.SetCharmURL(oldCh.URL())
+				c.Assert(err, jc.ErrorIsNil)
+				assertSettingsRef(c, s.State, "mysql", newCh, 1)
+				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
+				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value2"})
+				c.Assert(err, jc.ErrorIsNil)
+			},
+			After: func() {
+				// Verify the charm and refcounts after the second attempt.
+				err := s.mysql.Refresh()
+				c.Assert(err, jc.ErrorIsNil)
+				currentCh, force, err := s.mysql.Charm()
+				c.Assert(err, jc.ErrorIsNil)
+				c.Assert(force, jc.IsFalse)
+				c.Assert(currentCh.URL(), jc.DeepEquals, oldCh.URL())
+				assertSettingsRef(c, s.State, "mysql", newCh, 1)
+				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
+			},
+		},
+		jujutxn.TestHook{
+			Before: func() {
+				// SetCharm has refreshed its cached settings for oldCh
+				// and newCh. Change them again to trigger another
+				// attempt.
+				cfg := state.SetCharmConfig{Charm: newCh}
+
+				err := s.mysql.SetCharm(cfg)
+				c.Assert(err, jc.ErrorIsNil)
+				assertSettingsRef(c, s.State, "mysql", newCh, 2)
+				assertSettingsRef(c, s.State, "mysql", oldCh, 1)
+				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value3"})
+				c.Assert(err, jc.ErrorIsNil)
+
+				cfg = state.SetCharmConfig{Charm: oldCh}
+				err = s.mysql.SetCharm(cfg)
+				c.Assert(err, jc.ErrorIsNil)
+				assertSettingsRef(c, s.State, "mysql", newCh, 1)
+				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
+				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value4"})
+				c.Assert(err, jc.ErrorIsNil)
+			},
+			After: func() {
+				// Verify the charm and refcounts after the third attempt.
+				err := s.mysql.Refresh()
+				c.Assert(err, jc.ErrorIsNil)
+				currentCh, force, err := s.mysql.Charm()
+				c.Assert(err, jc.ErrorIsNil)
+				c.Assert(force, jc.IsFalse)
+				c.Assert(currentCh.URL(), jc.DeepEquals, oldCh.URL())
+				assertSettingsRef(c, s.State, "mysql", newCh, 1)
+				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
+			},
+		},
+		jujutxn.TestHook{
+			Before: nil, // Ensure there will be a (final) retry.
+			After: func() {
+				// Verify the charm and refcounts after the final third attempt.
+				err := s.mysql.Refresh()
+				c.Assert(err, jc.ErrorIsNil)
+				currentCh, force, err := s.mysql.Charm()
+				c.Assert(err, jc.ErrorIsNil)
+				c.Assert(force, jc.IsTrue)
+				c.Assert(currentCh.URL(), jc.DeepEquals, newCh.URL())
+				assertSettingsRef(c, s.State, "mysql", newCh, 2)
+				assertSettingsRef(c, s.State, "mysql", oldCh, 1)
+			},
+		},
+	).Check()
+
+	cfg := state.SetCharmConfig{
+		Charm:      newCh,
+		ForceUnits: true,
+	}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestSetCharmRetriesWhenOldBindingsChanged(c *gc.C) {
+	revno := 2 // revno 1 is used by SetUpSuite
+	mysqlKey := state.ApplicationGlobalKey(s.mysql.Name())
+	oldCharm := s.AddMetaCharm(c, "mysql", metaDifferentRequirer, revno)
+	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, revno+1)
+
+	cfg := state.SetCharmConfig{Charm: oldCharm}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+
+	oldBindings, err := s.mysql.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(oldBindings, jc.DeepEquals, map[string]string{
+		"server":  "",
+		"kludge":  "",
+		"cluster": "",
+	})
+	_, err = s.State.AddSpace("db", "", nil, true)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddSpace("admin", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+
+	updateBindings := func(updatesMap bson.M) {
+		ops := []txn.Op{{
+			C:      state.EndpointBindingsC,
+			Id:     mysqlKey,
+			Update: bson.D{{"$set", updatesMap}},
+		}}
+		err := state.RunTransaction(s.State, ops)
+		c.Assert(err, jc.ErrorIsNil)
+	}
+
+	defer state.SetTestHooks(c, s.State,
+		jujutxn.TestHook{
+			Before: func() {
+				// First change.
+				updateBindings(bson.M{
+					"bindings.server": "db",
+					"bindings.kludge": "admin", // will be removed before newCharm is set.
+				})
+			},
+			After: func() {
+				// Second change.
+				updateBindings(bson.M{
+					"bindings.cluster": "admin",
+				})
+			},
+		},
+		jujutxn.TestHook{
+			Before: nil, // Ensure there will be a (final) retry.
+			After: func() {
+				// Verify final bindings.
+				newBindings, err := s.mysql.EndpointBindings()
+				c.Assert(err, jc.ErrorIsNil)
+				c.Assert(newBindings, jc.DeepEquals, map[string]string{
+					"server":  "db", // from the first change.
+					"foo":     "",
+					"client":  "",
+					"baz":     "",
+					"cluster": "admin", // from the second change.
+					"just":    "",
+				})
+			},
+		},
+	).Check()
+
+	cfg = state.SetCharmConfig{
+		Charm:      newCharm,
+		ForceUnits: true,
+	}
+	err = s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+var serviceUpdateConfigSettingsTests = []struct {
+	about   string
+	initial charm.Settings
+	update  charm.Settings
+	expect  charm.Settings
+	err     string
+}{{
+	about:  "unknown option",
+	update: charm.Settings{"foo": "bar"},
+	err:    `unknown option "foo"`,
+}, {
+	about:  "bad type",
+	update: charm.Settings{"skill-level": "profound"},
+	err:    `option "skill-level" expected int, got "profound"`,
+}, {
+	about:  "set string",
+	update: charm.Settings{"outlook": "positive"},
+	expect: charm.Settings{"outlook": "positive"},
+}, {
+	about:   "unset string and set another",
+	initial: charm.Settings{"outlook": "positive"},
+	update:  charm.Settings{"outlook": nil, "title": "sir"},
+	expect:  charm.Settings{"title": "sir"},
+}, {
+	about:  "unset missing string",
+	update: charm.Settings{"outlook": nil},
+}, {
+	about:   `empty strings are valid`,
+	initial: charm.Settings{"outlook": "positive"},
+	update:  charm.Settings{"outlook": "", "title": ""},
+	expect:  charm.Settings{"outlook": "", "title": ""},
+}, {
+	about:   "preserve existing value",
+	initial: charm.Settings{"title": "sir"},
+	update:  charm.Settings{"username": "admin001"},
+	expect:  charm.Settings{"username": "admin001", "title": "sir"},
+}, {
+	about:   "unset a default value, set a different default",
+	initial: charm.Settings{"username": "admin001", "title": "sir"},
+	update:  charm.Settings{"username": nil, "title": "My Title"},
+	expect:  charm.Settings{"title": "My Title"},
+}, {
+	about:  "non-string type",
+	update: charm.Settings{"skill-level": 303},
+	expect: charm.Settings{"skill-level": int64(303)},
+}, {
+	about:   "unset non-string type",
+	initial: charm.Settings{"skill-level": 303},
+	update:  charm.Settings{"skill-level": nil},
+}}
+
+func (s *ServiceSuite) TestUpdateConfigSettings(c *gc.C) {
+	sch := s.AddTestingCharm(c, "dummy")
+	for i, t := range serviceUpdateConfigSettingsTests {
+		c.Logf("test %d. %s", i, t.about)
+		svc := s.AddTestingService(c, "dummy-application", sch)
+		if t.initial != nil {
+			err := svc.UpdateConfigSettings(t.initial)
+			c.Assert(err, jc.ErrorIsNil)
+		}
+		err := svc.UpdateConfigSettings(t.update)
+		if t.err != "" {
+			c.Assert(err, gc.ErrorMatches, t.err)
+		} else {
+			c.Assert(err, jc.ErrorIsNil)
+			settings, err := svc.ConfigSettings()
+			c.Assert(err, jc.ErrorIsNil)
+			expect := t.expect
+			if expect == nil {
+				expect = charm.Settings{}
+			}
+			c.Assert(settings, gc.DeepEquals, expect)
+		}
+		err = svc.Destroy()
+		c.Assert(err, jc.ErrorIsNil)
+	}
+}
+
+func assertNoSettingsRef(c *gc.C, st *state.State, svcName string, sch *state.Charm) {
+	_, err := state.ServiceSettingsRefCount(st, svcName, sch.URL())
+	c.Assert(err, gc.Equals, mgo.ErrNotFound)
+}
+
+func assertSettingsRef(c *gc.C, st *state.State, svcName string, sch *state.Charm, refcount int) {
+	rc, err := state.ServiceSettingsRefCount(st, svcName, sch.URL())
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(rc, gc.Equals, refcount)
+}
+
+func (s *ServiceSuite) TestSettingsRefCountWorks(c *gc.C) {
+	// This test ensures the service settings per charm URL are
+	// properly reference counted.
+	oldCh := s.AddConfigCharm(c, "wordpress", emptyConfig, 1)
+	newCh := s.AddConfigCharm(c, "wordpress", emptyConfig, 2)
+	svcName := "mywp"
+
+	// Both refcounts are zero initially.
+	assertNoSettingsRef(c, s.State, svcName, oldCh)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// svc is using oldCh, so its settings refcount is incremented.
+	svc := s.AddTestingService(c, svcName, oldCh)
+	assertSettingsRef(c, s.State, svcName, oldCh, 1)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// Changing to the same charm does not change the refcount.
+	cfg := state.SetCharmConfig{Charm: oldCh}
+	err := svc.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	assertSettingsRef(c, s.State, svcName, oldCh, 1)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// Changing from oldCh to newCh causes the refcount of oldCh's
+	// settings to be decremented, while newCh's settings is
+	// incremented. Consequently, because oldCh's refcount is 0, the
+	// settings doc will be removed.
+	cfg = state.SetCharmConfig{Charm: newCh}
+	err = svc.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	assertNoSettingsRef(c, s.State, svcName, oldCh)
+	assertSettingsRef(c, s.State, svcName, newCh, 1)
+
+	// The same but newCh swapped with oldCh.
+	cfg = state.SetCharmConfig{Charm: oldCh}
+	err = svc.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	assertSettingsRef(c, s.State, svcName, oldCh, 1)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// Adding a unit without a charm URL set does not affect the
+	// refcount.
+	u, err := svc.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	curl, ok := u.CharmURL()
+	c.Assert(ok, jc.IsFalse)
+	assertSettingsRef(c, s.State, svcName, oldCh, 1)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// Setting oldCh as the units charm URL increments oldCh, which is
+	// used by svc as well, hence 2.
+	err = u.SetCharmURL(oldCh.URL())
+	c.Assert(err, jc.ErrorIsNil)
+	curl, ok = u.CharmURL()
+	c.Assert(ok, jc.IsTrue)
+	c.Assert(curl, gc.DeepEquals, oldCh.URL())
+	assertSettingsRef(c, s.State, svcName, oldCh, 2)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// A dead unit does not decrement the refcount.
+	err = u.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	assertSettingsRef(c, s.State, svcName, oldCh, 2)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// Once the unit is removed, refcount is decremented.
+	err = u.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	assertSettingsRef(c, s.State, svcName, oldCh, 1)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+
+	// Finally, after the service is destroyed and removed (since the
+	// last unit's gone), the refcount is again decremented.
+	err = svc.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	assertNoSettingsRef(c, s.State, svcName, oldCh)
+	assertNoSettingsRef(c, s.State, svcName, newCh)
+}
+
+const mysqlBaseMeta = `
+name: mysql
+summary: "Database engine"
+description: "A pretty popular database"
+provides:
+  server: mysql
+`
+const onePeerMeta = `
+peers:
+  cluster: mysql
+`
+const twoPeersMeta = `
+peers:
+  cluster: mysql
+  loadbalancer: phony
+`
+
+func (s *ServiceSuite) assertServiceRelations(c *gc.C, svc *state.Application, expectedKeys ...string) []*state.Relation {
+	rels, err := svc.Relations()
+	c.Assert(err, jc.ErrorIsNil)
+	if len(rels) == 0 {
+		return nil
+	}
+	relKeys := make([]string, len(expectedKeys))
+	for i, rel := range rels {
+		relKeys[i] = rel.String()
+	}
+	sort.Strings(relKeys)
+	c.Assert(relKeys, gc.DeepEquals, expectedKeys)
+	return rels
+}
+
+func (s *ServiceSuite) TestNewPeerRelationsAddedOnUpgrade(c *gc.C) {
+	// Original mysql charm has no peer relations.
+	oldCh := s.AddMetaCharm(c, "mysql", mysqlBaseMeta+onePeerMeta, 2)
+	newCh := s.AddMetaCharm(c, "mysql", mysqlBaseMeta+twoPeersMeta, 3)
+
+	// No relations joined yet.
+	s.assertServiceRelations(c, s.mysql)
+
+	cfg := state.SetCharmConfig{Charm: oldCh}
+	err := s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertServiceRelations(c, s.mysql, "mysql:cluster")
+
+	cfg = state.SetCharmConfig{Charm: newCh}
+	err = s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	rels := s.assertServiceRelations(c, s.mysql, "mysql:cluster", "mysql:loadbalancer")
+
+	// Check state consistency by attempting to destroy the service.
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check the peer relations got destroyed as well.
+	for _, rel := range rels {
+		err = rel.Refresh()
+		c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	}
+}
+
+func jujuInfoEp(applicationname string) state.Endpoint {
+	return state.Endpoint{
+		ApplicationName: applicationname,
+		Relation: charm.Relation{
+			Interface: "juju-info",
+			Name:      "juju-info",
+			Role:      charm.RoleProvider,
+			Scope:     charm.ScopeGlobal,
+		},
+	}
+}
+
+func (s *ServiceSuite) TestTag(c *gc.C) {
+	c.Assert(s.mysql.Tag().String(), gc.Equals, "application-mysql")
+}
+
+func (s *ServiceSuite) TestMysqlEndpoints(c *gc.C) {
+	_, err := s.mysql.Endpoint("mysql")
+	c.Assert(err, gc.ErrorMatches, `application "mysql" has no "mysql" relation`)
+
+	jiEP, err := s.mysql.Endpoint("juju-info")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(jiEP, gc.DeepEquals, jujuInfoEp("mysql"))
+
+	serverEP, err := s.mysql.Endpoint("server")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(serverEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "mysql",
+		Relation: charm.Relation{
+			Interface: "mysql",
+			Name:      "server",
+			Role:      charm.RoleProvider,
+			Scope:     charm.ScopeGlobal,
+		},
+	})
+
+	eps, err := s.mysql.Endpoints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(eps, gc.DeepEquals, []state.Endpoint{jiEP, serverEP})
+}
+
+func (s *ServiceSuite) TestRiakEndpoints(c *gc.C) {
+	riak := s.AddTestingService(c, "myriak", s.AddTestingCharm(c, "riak"))
+
+	_, err := riak.Endpoint("garble")
+	c.Assert(err, gc.ErrorMatches, `application "myriak" has no "garble" relation`)
+
+	jiEP, err := riak.Endpoint("juju-info")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(jiEP, gc.DeepEquals, jujuInfoEp("myriak"))
+
+	ringEP, err := riak.Endpoint("ring")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ringEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "myriak",
+		Relation: charm.Relation{
+			Interface: "riak",
+			Name:      "ring",
+			Role:      charm.RolePeer,
+			Scope:     charm.ScopeGlobal,
+			Limit:     1,
+		},
+	})
+
+	adminEP, err := riak.Endpoint("admin")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(adminEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "myriak",
+		Relation: charm.Relation{
+			Interface: "http",
+			Name:      "admin",
+			Role:      charm.RoleProvider,
+			Scope:     charm.ScopeGlobal,
+		},
+	})
+
+	endpointEP, err := riak.Endpoint("endpoint")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(endpointEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "myriak",
+		Relation: charm.Relation{
+			Interface: "http",
+			Name:      "endpoint",
+			Role:      charm.RoleProvider,
+			Scope:     charm.ScopeGlobal,
+		},
+	})
+
+	eps, err := riak.Endpoints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(eps, gc.DeepEquals, []state.Endpoint{adminEP, endpointEP, jiEP, ringEP})
+}
+
+func (s *ServiceSuite) TestWordpressEndpoints(c *gc.C) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+
+	_, err := wordpress.Endpoint("nonsense")
+	c.Assert(err, gc.ErrorMatches, `application "wordpress" has no "nonsense" relation`)
+
+	jiEP, err := wordpress.Endpoint("juju-info")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(jiEP, gc.DeepEquals, jujuInfoEp("wordpress"))
+
+	urlEP, err := wordpress.Endpoint("url")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(urlEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "wordpress",
+		Relation: charm.Relation{
+			Interface: "http",
+			Name:      "url",
+			Role:      charm.RoleProvider,
+			Scope:     charm.ScopeGlobal,
+		},
+	})
+
+	ldEP, err := wordpress.Endpoint("logging-dir")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ldEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "wordpress",
+		Relation: charm.Relation{
+			Interface: "logging",
+			Name:      "logging-dir",
+			Role:      charm.RoleProvider,
+			Scope:     charm.ScopeContainer,
+		},
+	})
+
+	mpEP, err := wordpress.Endpoint("monitoring-port")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(mpEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "wordpress",
+		Relation: charm.Relation{
+			Interface: "monitoring",
+			Name:      "monitoring-port",
+			Role:      charm.RoleProvider,
+			Scope:     charm.ScopeContainer,
+		},
+	})
+
+	dbEP, err := wordpress.Endpoint("db")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dbEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "wordpress",
+		Relation: charm.Relation{
+			Interface: "mysql",
+			Name:      "db",
+			Role:      charm.RoleRequirer,
+			Scope:     charm.ScopeGlobal,
+			Limit:     1,
+		},
+	})
+
+	cacheEP, err := wordpress.Endpoint("cache")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cacheEP, gc.DeepEquals, state.Endpoint{
+		ApplicationName: "wordpress",
+		Relation: charm.Relation{
+			Interface: "varnish",
+			Name:      "cache",
+			Role:      charm.RoleRequirer,
+			Scope:     charm.ScopeGlobal,
+			Limit:     2,
+			Optional:  true,
+		},
+	})
+
+	eps, err := wordpress.Endpoints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(eps, gc.DeepEquals, []state.Endpoint{cacheEP, dbEP, jiEP, ldEP, mpEP, urlEP})
+}
+
+func (s *ServiceSuite) TestServiceRefresh(c *gc.C) {
+	s1, err := s.State.Application(s.mysql.Name())
+	c.Assert(err, jc.ErrorIsNil)
+
+	cfg := state.SetCharmConfig{
+		Charm:      s.charm,
+		ForceUnits: true,
+	}
+
+	err = s.mysql.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+
+	testch, force, err := s1.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(force, jc.IsFalse)
+	c.Assert(testch.URL(), gc.DeepEquals, s.charm.URL())
+
+	err = s1.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	testch, force, err = s1.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(force, jc.IsTrue)
+	c.Assert(testch.URL(), gc.DeepEquals, s.charm.URL())
+
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestServiceExposed(c *gc.C) {
+	// Check that querying for the exposed flag works correctly.
+	c.Assert(s.mysql.IsExposed(), jc.IsFalse)
+
+	// Check that setting and clearing the exposed flag works correctly.
+	err := s.mysql.SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.IsExposed(), jc.IsTrue)
+	err = s.mysql.ClearExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.IsExposed(), jc.IsFalse)
+
+	// Check that setting and clearing the exposed flag repeatedly does not fail.
+	err = s.mysql.SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.ClearExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.ClearExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.IsExposed(), jc.IsTrue)
+
+	// Make the service Dying and check that ClearExposed and SetExposed fail.
+	// TODO(fwereade): maybe service destruction should always unexpose?
+	u, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.ClearExposed()
+	c.Assert(err, gc.ErrorMatches, notAliveErr)
+	err = s.mysql.SetExposed()
+	c.Assert(err, gc.ErrorMatches, notAliveErr)
+
+	// Remove the service and check that both fail.
+	err = u.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = u.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.SetExposed()
+	c.Assert(err, gc.ErrorMatches, notAliveErr)
+	err = s.mysql.ClearExposed()
+	c.Assert(err, gc.ErrorMatches, notAliveErr)
+}
+
+func (s *ServiceSuite) TestAddUnit(c *gc.C) {
+	// Check that principal units can be added on their own.
+	unitZero, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unitZero.Name(), gc.Equals, "mysql/0")
+	c.Assert(unitZero.IsPrincipal(), jc.IsTrue)
+	c.Assert(unitZero.SubordinateNames(), gc.HasLen, 0)
+	c.Assert(state.GetUnitModelUUID(unitZero), gc.Equals, s.State.ModelUUID())
+
+	unitOne, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unitOne.Name(), gc.Equals, "mysql/1")
+	c.Assert(unitOne.IsPrincipal(), jc.IsTrue)
+	c.Assert(unitOne.SubordinateNames(), gc.HasLen, 0)
+
+	// Assign the principal unit to a machine.
+	m, err := s.State.AddMachine("quantal", state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+	err = unitZero.AssignToMachine(m)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Add a subordinate service and check that units cannot be added directly.
+	// to add a subordinate unit.
+	subCharm := s.AddTestingCharm(c, "logging")
+	logging := s.AddTestingService(c, "logging", subCharm)
+	_, err = logging.AddUnit()
+	c.Assert(err, gc.ErrorMatches, `cannot add unit to application "logging": application is a subordinate`)
+
+	// Indirectly create a subordinate unit by adding a relation and entering
+	// scope as a principal.
+	eps, err := s.State.InferEndpoints("logging", "mysql")
+	c.Assert(err, jc.ErrorIsNil)
+	rel, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+	ru, err := rel.Unit(unitZero)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ru.EnterScope(nil)
+	c.Assert(err, jc.ErrorIsNil)
+	subZero, err := s.State.Unit("logging/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check that once it's refreshed unitZero has subordinates.
+	err = unitZero.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unitZero.SubordinateNames(), gc.DeepEquals, []string{"logging/0"})
+
+	// Check the subordinate unit has been assigned its principal's machine.
+	id, err := subZero.AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(id, gc.Equals, m.Id())
+}
+
+func (s *ServiceSuite) TestAddUnitWhenNotAlive(c *gc.C) {
+	u, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.mysql.AddUnit()
+	c.Assert(err, gc.ErrorMatches, `cannot add unit to application "mysql": application is not alive`)
+	err = u.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = u.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.mysql.AddUnit()
+	c.Assert(err, gc.ErrorMatches, `cannot add unit to application "mysql": application "mysql" not found`)
+}
+
+func (s *ServiceSuite) TestReadUnit(c *gc.C) {
+	_, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check that retrieving a unit from state works correctly.
+	unit, err := s.State.Unit("mysql/0")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unit.Name(), gc.Equals, "mysql/0")
+
+	// Check that retrieving a non-existent or an invalidly
+	// named unit fail nicely.
+	unit, err = s.State.Unit("mysql")
+	c.Assert(err, gc.ErrorMatches, `"mysql" is not a valid unit name`)
+	unit, err = s.State.Unit("mysql/0/0")
+	c.Assert(err, gc.ErrorMatches, `"mysql/0/0" is not a valid unit name`)
+	unit, err = s.State.Unit("pressword/0")
+	c.Assert(err, gc.ErrorMatches, `unit "pressword/0" not found`)
+
+	units, err := s.mysql.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sortedUnitNames(units), gc.DeepEquals, []string{"mysql/0", "mysql/1"})
+}
+
+func (s *ServiceSuite) TestReadUnitWhenDying(c *gc.C) {
+	// Test that we can still read units when the service is Dying...
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	preventUnitDestroyRemove(c, unit)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.mysql.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.Unit("mysql/0")
+	c.Assert(err, jc.ErrorIsNil)
+
+	// ...and when those units are Dying or Dead...
+	testWhenDying(c, unit, noErr, noErr, func() error {
+		_, err := s.mysql.AllUnits()
+		return err
+	}, func() error {
+		_, err := s.State.Unit("mysql/0")
+		return err
+	})
+
+	// ...and even, in a very limited way, when the service itself is removed.
+	removeAllUnits(c, s.mysql)
+	_, err = s.mysql.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestDestroySimple(c *gc.C) {
+	err := s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestDestroyStillHasUnits(c *gc.C) {
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+
+	err = unit.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+
+	err = unit.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestDestroyOnceHadUnits(c *gc.C) {
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = unit.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = unit.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestDestroyStaleNonZeroUnitCount(c *gc.C) {
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	err = unit.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = unit.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestDestroyStaleZeroUnitCount(c *gc.C) {
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+
+	err = unit.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
+
+	err = unit.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestDestroyWithRemovableRelation(c *gc.C) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	eps, err := s.State.InferEndpoints("wordpress", "mysql")
+	c.Assert(err, jc.ErrorIsNil)
+	rel, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Destroy a service with no units in relation scope; check service and
+	// unit removed.
+	err = wordpress.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = wordpress.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	err = rel.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestDestroyWithReferencedRelation(c *gc.C) {
+	s.assertDestroyWithReferencedRelation(c, true)
+}
+
+func (s *ServiceSuite) TestDestroyWithReferencedRelationStaleCount(c *gc.C) {
+	s.assertDestroyWithReferencedRelation(c, false)
+}
+
+func (s *ServiceSuite) assertDestroyWithReferencedRelation(c *gc.C, refresh bool) {
+	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
+	eps, err := s.State.InferEndpoints("wordpress", "mysql")
+	c.Assert(err, jc.ErrorIsNil)
+	rel0, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
+	eps, err = s.State.InferEndpoints("logging", "mysql")
+	c.Assert(err, jc.ErrorIsNil)
+	rel1, err := s.State.AddRelation(eps...)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Add a separate reference to the first relation.
+	unit, err := wordpress.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	ru, err := rel0.Unit(unit)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ru.EnterScope(nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Optionally update the service document to get correct relation counts.
+	if refresh {
+		err = s.mysql.Destroy()
+		c.Assert(err, jc.ErrorIsNil)
+	}
+
+	// Destroy, and check that the first relation becomes Dying...
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = rel0.Refresh()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(rel0.Life(), gc.Equals, state.Dying)
+
+	// ...while the second is removed directly.
+	err = rel1.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+
+	// Drop the last reference to the first relation; check the relation and
+	// the service are are both removed.
+	err = ru.LeaveScope()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	err = rel0.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *ServiceSuite) TestDestroyQueuesUnitCleanup(c *gc.C) {
+	// Add 5 units; block quick-remove of mysql/1 and mysql/3
+	units := make([]*state.Unit, 5)
+	for i := range units {
+		unit, err := s.mysql.AddUnit()
+		c.Assert(err, jc.ErrorIsNil)
+		units[i] = unit
+		if i%2 != 0 {
+			preventUnitDestroyRemove(c, unit)
+		}
+	}
+
+	// Check state is clean.
+	dirty, err := s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsFalse)
+
+	// Destroy mysql, and check units are not touched.
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	for _, unit := range units {
+		assertLife(c, unit, state.Alive)
+	}
+
+	// Check a cleanup doc was added.
+	dirty, err = s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsTrue)
+
+	// Run the cleanup and check the units.
+	err = s.State.Cleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	for i, unit := range units {
+		if i%2 != 0 {
+			assertLife(c, unit, state.Dying)
+		} else {
+			assertRemoved(c, unit)
+		}
+	}
+
+	// Check for queued unit cleanups, and run them.
+	dirty, err = s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsTrue)
+	err = s.State.Cleanup()
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Check we're now clean.
+	dirty, err = s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsFalse)
+}
+
+func (s *ServiceSuite) TestRemoveServiceMachine(c *gc.C) {
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(unit.AssignToMachine(machine), gc.IsNil)
+
+	c.Assert(s.mysql.Destroy(), gc.IsNil)
+	assertLife(c, s.mysql, state.Dying)
+
+	// Service.Destroy adds units to cleanup, make it happen now.
+	c.Assert(s.State.Cleanup(), gc.IsNil)
+
+	c.Assert(unit.Refresh(), jc.Satisfies, errors.IsNotFound)
+	assertLife(c, machine, state.Dying)
+}
+
+func (s *ServiceSuite) TestRemoveQueuesLocalCharmCleanup(c *gc.C) {
+	// Check state is clean.
+	dirty, err := s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsFalse)
+
+	err = s.mysql.Destroy()
+
+	// Check a cleanup doc was added.
+	dirty, err = s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsTrue)
+
+	// Run the cleanup and check the charm.
+	err = s.State.Cleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.Charm(s.charm.URL())
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+
+	// Check we're now clean.
+	dirty, err = s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsFalse)
+}
+
+func (s *ServiceSuite) TestRemoveStoreCharmNoCleanup(c *gc.C) {
+	ch := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
+	svc := state.AddTestingServiceForSeries(c, s.State, "precise", "application", ch)
+
+	err := svc.Destroy()
+	dirty, err := s.State.NeedsCleanup()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dirty, jc.IsFalse)
+}
+
+func (s *ServiceSuite) TestReadUnitWithChangingState(c *gc.C) {
+	// Check that reading a unit after removing the service
+	// fails nicely.
+	err := s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	_, err = s.State.Unit("mysql/0")
+	c.Assert(err, gc.ErrorMatches, `unit "mysql/0" not found`)
+}
+
+func uint64p(val uint64) *uint64 {
+	return &val
+}
+
+func (s *ServiceSuite) TestConstraints(c *gc.C) {
+	// Constraints are initially empty (for now).
+	cons, err := s.mysql.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(&cons, jc.Satisfies, constraints.IsEmpty)
+
+	// Constraints can be set.
+	cons2 := constraints.Value{Mem: uint64p(4096)}
+	err = s.mysql.SetConstraints(cons2)
+	cons3, err := s.mysql.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cons3, gc.DeepEquals, cons2)
+
+	// Constraints are completely overwritten when re-set.
+	cons4 := constraints.Value{CpuPower: uint64p(750)}
+	err = s.mysql.SetConstraints(cons4)
+	c.Assert(err, jc.ErrorIsNil)
+	cons5, err := s.mysql.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cons5, gc.DeepEquals, cons4)
+
+	// Destroy the existing service; there's no way to directly assert
+	// that the constraints are deleted...
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+
+	// ...but we can check that old constraints do not affect new services
+	// with matching names.
+	ch, _, err := s.mysql.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+	mysql := s.AddTestingService(c, s.mysql.Name(), ch)
+	cons6, err := mysql.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(&cons6, jc.Satisfies, constraints.IsEmpty)
+}
+
+func (s *ServiceSuite) TestSetInvalidConstraints(c *gc.C) {
+	cons := constraints.MustParse("mem=4G instance-type=foo")
+	err := s.mysql.SetConstraints(cons)
+	c.Assert(err, gc.ErrorMatches, `ambiguous constraints: "instance-type" overlaps with "mem"`)
+}
+
+func (s *ServiceSuite) TestSetUnsupportedConstraintsWarning(c *gc.C) {
+	defer loggo.ResetWriters()
+	logger := loggo.GetLogger("test")
+	logger.SetLogLevel(loggo.DEBUG)
+	var tw loggo.TestWriter
+	c.Assert(loggo.RegisterWriter("constraints-tester", &tw, loggo.DEBUG), gc.IsNil)
+
+	cons := constraints.MustParse("mem=4G cpu-power=10")
+	err := s.mysql.SetConstraints(cons)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(tw.Log(), jc.LogMatches, jc.SimpleMessages{{
+		loggo.WARNING,
+		`setting constraints on application "mysql": unsupported constraints: cpu-power`},
+	})
+	scons, err := s.mysql.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(scons, gc.DeepEquals, cons)
+}
+
+func (s *ServiceSuite) TestConstraintsLifecycle(c *gc.C) {
+	// Dying.
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	cons1 := constraints.MustParse("mem=1G")
+	err = s.mysql.SetConstraints(cons1)
+	c.Assert(err, gc.ErrorMatches, `cannot set constraints: not found or not alive`)
+	scons, err := s.mysql.Constraints()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(&scons, jc.Satisfies, constraints.IsEmpty)
+
+	// Removed (== Dead, for a service).
+	err = unit.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = unit.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.SetConstraints(cons1)
+	c.Assert(err, gc.ErrorMatches, `cannot set constraints: not found or not alive`)
+	_, err = s.mysql.Constraints()
+	c.Assert(err, gc.ErrorMatches, `constraints not found`)
+}
+
+func (s *ServiceSuite) TestSubordinateConstraints(c *gc.C) {
+	loggingCh := s.AddTestingCharm(c, "logging")
+	logging := s.AddTestingService(c, "logging", loggingCh)
+
+	_, err := logging.Constraints()
+	c.Assert(err, gc.Equals, state.ErrSubordinateConstraints)
+
+	err = logging.SetConstraints(constraints.Value{})
+	c.Assert(err, gc.Equals, state.ErrSubordinateConstraints)
+}
+
+func (s *ServiceSuite) TestWatchUnitsBulkEvents(c *gc.C) {
+	// Alive unit...
+	alive, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Dying unit...
+	dying, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	preventUnitDestroyRemove(c, dying)
+	err = dying.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Dead unit...
+	dead, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	preventUnitDestroyRemove(c, dead)
+	err = dead.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = dead.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Gone unit.
+	gone, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = gone.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+
+	// All except gone unit are reported in initial event.
+	w := s.mysql.WatchUnits()
+	defer testing.AssertStop(c, w)
+	wc := testing.NewStringsWatcherC(c, s.State, w)
+	wc.AssertChange(alive.Name(), dying.Name(), dead.Name())
+	wc.AssertNoChange()
+
+	// Remove them all; alive/dying changes reported; dead never mentioned again.
+	err = alive.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = dying.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	err = dying.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	err = dead.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(alive.Name(), dying.Name())
+	wc.AssertNoChange()
+}
+
+func (s *ServiceSuite) TestWatchUnitsLifecycle(c *gc.C) {
+	// Empty initial event when no units.
+	w := s.mysql.WatchUnits()
+	defer testing.AssertStop(c, w)
+	wc := testing.NewStringsWatcherC(c, s.State, w)
+	wc.AssertChange()
+	wc.AssertNoChange()
+
+	// Create one unit, check one change.
+	quick, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(quick.Name())
+	wc.AssertNoChange()
+
+	// Destroy that unit (short-circuited to removal), check one change.
+	err = quick.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(quick.Name())
+	wc.AssertNoChange()
+
+	// Create another, check one change.
+	slow, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(slow.Name())
+	wc.AssertNoChange()
+
+	// Change unit itself, no change.
+	preventUnitDestroyRemove(c, slow)
+	wc.AssertNoChange()
+
+	// Make unit Dying, change detected.
+	err = slow.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(slow.Name())
+	wc.AssertNoChange()
+
+	// Make unit Dead, change detected.
+	err = slow.EnsureDead()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(slow.Name())
+	wc.AssertNoChange()
+
+	// Remove unit, final change not detected.
+	err = slow.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertNoChange()
+}
+
+func (s *ServiceSuite) TestWatchRelations(c *gc.C) {
+	// TODO(fwereade) split this test up a bit.
+	w := s.mysql.WatchRelations()
+	defer testing.AssertStop(c, w)
+	wc := testing.NewStringsWatcherC(c, s.State, w)
+	wc.AssertChange()
+	wc.AssertNoChange()
+
+	// Add a relation; check change.
+	mysqlep, err := s.mysql.Endpoint("server")
+	c.Assert(err, jc.ErrorIsNil)
+	wpch := s.AddTestingCharm(c, "wordpress")
+	wpi := 0
+	addRelation := func() *state.Relation {
+		name := fmt.Sprintf("wp%d", wpi)
+		wpi++
+		wp := s.AddTestingService(c, name, wpch)
+		wpep, err := wp.Endpoint("db")
+		c.Assert(err, jc.ErrorIsNil)
+		rel, err := s.State.AddRelation(mysqlep, wpep)
+		c.Assert(err, jc.ErrorIsNil)
+		return rel
+	}
+	rel0 := addRelation()
+	wc.AssertChange(rel0.String())
+	wc.AssertNoChange()
+
+	// Add another relation; check change.
+	rel1 := addRelation()
+	wc.AssertChange(rel1.String())
+	wc.AssertNoChange()
+
+	// Destroy a relation; check change.
+	err = rel0.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(rel0.String())
+	wc.AssertNoChange()
+
+	// Stop watcher; check change chan is closed.
+	testing.AssertStop(c, w)
+	wc.AssertClosed()
+
+	// Add a new relation; start a new watcher; check initial event.
+	rel2 := addRelation()
+	w = s.mysql.WatchRelations()
+	defer testing.AssertStop(c, w)
+	wc = testing.NewStringsWatcherC(c, s.State, w)
+	wc.AssertChange(rel1.String(), rel2.String())
+	wc.AssertNoChange()
+
+	// Add a unit to the new relation; check no change.
+	unit, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	ru2, err := rel2.Unit(unit)
+	c.Assert(err, jc.ErrorIsNil)
+	err = ru2.EnterScope(nil)
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertNoChange()
+
+	// Destroy the relation with the unit in scope, and add another; check
+	// changes.
+	err = rel2.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	rel3 := addRelation()
+	wc.AssertChange(rel2.String(), rel3.String())
+	wc.AssertNoChange()
+
+	// Leave scope, destroying the relation, and check that change as well.
+	err = ru2.LeaveScope()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertChange(rel2.String())
+	wc.AssertNoChange()
+
+	// Watch relations on the requirer service too (exercises a
+	// different path of the WatchRelations filter function)
+	wpx := s.AddTestingService(c, "wpx", wpch)
+	wpxWatcher := wpx.WatchRelations()
+	defer testing.AssertStop(c, wpxWatcher)
+	wpxWatcherC := testing.NewStringsWatcherC(c, s.State, wpxWatcher)
+	wpxWatcherC.AssertChange()
+	wpxWatcherC.AssertNoChange()
+
+	wpxep, err := wpx.Endpoint("db")
+	c.Assert(err, jc.ErrorIsNil)
+	relx, err := s.State.AddRelation(mysqlep, wpxep)
+	c.Assert(err, jc.ErrorIsNil)
+	wpxWatcherC.AssertChange(relx.String())
+	wpxWatcherC.AssertNoChange()
+}
+
+func removeAllUnits(c *gc.C, s *state.Application) {
+	us, err := s.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	for _, u := range us {
+		err = u.EnsureDead()
+		c.Assert(err, jc.ErrorIsNil)
+		err = u.Remove()
+		c.Assert(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *ServiceSuite) TestWatchService(c *gc.C) {
+	w := s.mysql.Watch()
+	defer testing.AssertStop(c, w)
+
+	// Initial event.
+	wc := testing.NewNotifyWatcherC(c, s.State, w)
+	wc.AssertOneChange()
+
+	// Make one change (to a separate instance), check one event.
+	service, err := s.State.Application(s.mysql.Name())
+	c.Assert(err, jc.ErrorIsNil)
+	err = service.SetExposed()
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertOneChange()
+
+	// Make two changes, check one event.
+	err = service.ClearExposed()
+	c.Assert(err, jc.ErrorIsNil)
+
+	cfg := state.SetCharmConfig{
+		Charm:      s.charm,
+		ForceUnits: true,
+	}
+	err = service.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	wc.AssertOneChange()
+
+	// Stop, check closed.
+	testing.AssertStop(c, w)
+	wc.AssertClosed()
+
+	// Remove service, start new watch, check single event.
+	err = service.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	w = s.mysql.Watch()
+	defer testing.AssertStop(c, w)
+	testing.NewNotifyWatcherC(c, s.State, w).AssertOneChange()
+}
+
+func (s *ServiceSuite) TestMetricCredentials(c *gc.C) {
+	err := s.mysql.SetMetricCredentials([]byte("hello there"))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.mysql.MetricCredentials(), gc.DeepEquals, []byte("hello there"))
+
+	service, err := s.State.Application(s.mysql.Name())
+	c.Assert(service.MetricCredentials(), gc.DeepEquals, []byte("hello there"))
+}
+
+func (s *ServiceSuite) TestMetricCredentialsOnDying(c *gc.C) {
+	_, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.SetMetricCredentials([]byte("set before dying"))
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	assertLife(c, s.mysql, state.Dying)
+	err = s.mysql.SetMetricCredentials([]byte("set after dying"))
+	c.Assert(err, gc.ErrorMatches, "cannot update metric credentials: application not found or not alive")
+}
+
+func (s *ServiceSuite) testStatus(c *gc.C, status1, status2, expected status.Status) {
+	u1, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status1,
+		Message: "status 1",
+		Since:   &now,
+	}
+	err = u1.SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+
+	u2, err := s.mysql.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status2,
+		Message: "status 2",
+		Since:   &now,
+	}
+	if status2 == status.StatusError {
+		err = u2.SetAgentStatus(sInfo)
+	} else {
+		err = u2.SetStatus(sInfo)
+	}
+	c.Assert(err, jc.ErrorIsNil)
+
+	statusInfo, err := s.mysql.Status()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(statusInfo.Since, gc.NotNil)
+	statusInfo.Since = nil
+	c.Assert(statusInfo, jc.DeepEquals, status.StatusInfo{
+		Status:  expected,
+		Message: "status 2",
+		Data:    map[string]interface{}{},
+	})
+}
+
+func (s *ServiceSuite) TestStatus(c *gc.C) {
+	for _, t := range []struct{ status1, status2, expected status.Status }{
+		{status.StatusActive, status.StatusWaiting, status.StatusWaiting},
+		{status.StatusMaintenance, status.StatusWaiting, status.StatusWaiting},
+		{status.StatusActive, status.StatusBlocked, status.StatusBlocked},
+		{status.StatusWaiting, status.StatusBlocked, status.StatusBlocked},
+		{status.StatusMaintenance, status.StatusBlocked, status.StatusBlocked},
+		{status.StatusMaintenance, status.StatusError, status.StatusError},
+		{status.StatusBlocked, status.StatusError, status.StatusError},
+		{status.StatusWaiting, status.StatusError, status.StatusError},
+		{status.StatusActive, status.StatusError, status.StatusError},
+	} {
+		s.testStatus(c, t.status1, t.status2, t.expected)
+	}
+}
+
+const oneRequiredStorageMeta = `
+storage:
+  data0:
+    type: block
+`
+
+const oneOptionalStorageMeta = `
+storage:
+  data0:
+    type: block
+    multiple:
+      range: 0-
+`
+
+const twoRequiredStorageMeta = `
+storage:
+  data0:
+    type: block
+  data1:
+    type: block
+`
+
+const twoOptionalStorageMeta = `
+storage:
+  data0:
+    type: block
+    multiple:
+      range: 0-
+  data1:
+    type: block
+    multiple:
+      range: 0-
+`
+
+const oneRequiredFilesystemStorageMeta = `
+storage:
+  data0:
+    type: filesystem
+`
+
+const oneRequiredSharedStorageMeta = `
+storage:
+  data0:
+    type: block
+    shared: true
+`
+
+const oneRequiredReadOnlyStorageMeta = `
+storage:
+  data0:
+    type: block
+    read-only: true
+`
+
+const oneRequiredLocationStorageMeta = `
+storage:
+  data0:
+    type: filesystem
+    location: /srv
+`
+
+const oneMultipleLocationStorageMeta = `
+storage:
+  data0:
+    type: filesystem
+    location: /srv
+    multiple:
+      range: 1-
+`
+
+func storageRange(min, max int) string {
+	var minStr, maxStr string
+	if min > 0 {
+		minStr = fmt.Sprint(min)
+	}
+	if max > 0 {
+		maxStr = fmt.Sprint(max)
+	}
+	return fmt.Sprintf(`
+    multiple:
+      range: %s-%s
+`[1:], minStr, maxStr)
+}
+
+func (s *ServiceSuite) setCharmFromMeta(c *gc.C, oldMeta, newMeta string) error {
+	registry.RegisterEnvironStorageProviders("someprovider", provider.LoopProviderType)
+	oldCh := s.AddMetaCharm(c, "mysql", oldMeta, 2)
+	newCh := s.AddMetaCharm(c, "mysql", newMeta, 3)
+	svc := s.AddTestingService(c, "test", oldCh)
+
+	cfg := state.SetCharmConfig{Charm: newCh}
+	return svc.SetCharm(cfg)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageRemoved(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+twoOptionalStorageMeta,
+		mysqlBaseMeta+oneOptionalStorageMeta,
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": storage "data1" removed`)
+}
+
+func (s *ServiceSuite) TestSetCharmRequiredStorageAdded(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta,
+		mysqlBaseMeta+twoRequiredStorageMeta,
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": required storage "data1" added`)
+}
+
+func (s *ServiceSuite) TestSetCharmOptionalStorageAdded(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta,
+		mysqlBaseMeta+twoOptionalStorageMeta,
+	)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageCountMinDecreased(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(2, 3),
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 3),
+	)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageCountMinIncreased(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 3),
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(2, 3),
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" range contracted: min increased from 1 to 2`)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageCountMaxDecreased(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 2),
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 1),
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" range contracted: max decreased from 2 to 1`)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageCountMaxUnboundedToBounded(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, -1),
+		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 999),
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" range contracted: max decreased from \<unbounded\> to 999`)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageTypeChanged(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta,
+		mysqlBaseMeta+oneRequiredFilesystemStorageMeta,
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" type changed from "block" to "filesystem"`)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageSharedChanged(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta,
+		mysqlBaseMeta+oneRequiredSharedStorageMeta,
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" shared changed from false to true`)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageReadOnlyChanged(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredStorageMeta,
+		mysqlBaseMeta+oneRequiredReadOnlyStorageMeta,
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" read-only changed from false to true`)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageLocationChanged(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredFilesystemStorageMeta,
+		mysqlBaseMeta+oneRequiredLocationStorageMeta,
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" location changed from "" to "/srv"`)
+}
+
+func (s *ServiceSuite) TestSetCharmStorageWithLocationSingletonToMultipleAdded(c *gc.C) {
+	err := s.setCharmFromMeta(c,
+		mysqlBaseMeta+oneRequiredLocationStorageMeta,
+		mysqlBaseMeta+oneMultipleLocationStorageMeta,
+	)
+	c.Assert(err, gc.ErrorMatches, `cannot upgrade application "test" to charm "mysql": existing storage "data0" with location changed from singleton to multiple`)
+}
+
+func (s *ServiceSuite) assertServiceRemovedWithItsBindings(c *gc.C, service *state.Application) {
+	// Removing the service removes the bindings with it.
+	err := service.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	err = service.Refresh()
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	state.AssertEndpointBindingsNotFoundForService(c, service)
+}
+
+func (s *ServiceSuite) TestEndpointBindingsReturnsDefaultsWhenNotFound(c *gc.C) {
+	ch := s.AddMetaCharm(c, "mysql", metaBase, 42)
+	service := s.AddTestingServiceWithBindings(c, "yoursql", ch, nil)
+	state.RemoveEndpointBindingsForService(c, service)
+
+	s.assertServiceHasOnlyDefaultEndpointBindings(c, service)
+}
+
+func (s *ServiceSuite) assertServiceHasOnlyDefaultEndpointBindings(c *gc.C, service *state.Application) {
+	charm, _, err := service.Charm()
+	c.Assert(err, jc.ErrorIsNil)
+
+	knownEndpoints := set.NewStrings()
+	allBindings := state.DefaultEndpointBindingsForCharm(charm.Meta())
+	for endpoint, _ := range allBindings {
+		knownEndpoints.Add(endpoint)
+	}
+
+	setBindings, err := service.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(setBindings, gc.NotNil)
+
+	for endpoint, space := range setBindings {
+		c.Check(endpoint, gc.Not(gc.Equals), "")
+		c.Check(knownEndpoints.Contains(endpoint), jc.IsTrue)
+		c.Check(space, gc.Equals, "", gc.Commentf("expected empty space for endpoint %q, got %q", endpoint, space))
+	}
+}
+
+func (s *ServiceSuite) TestEndpointBindingsJustDefaults(c *gc.C) {
+	// With unspecified bindings, all endpoints are explicitly bound to the
+	// default space when saved in state.
+	ch := s.AddMetaCharm(c, "mysql", metaBase, 42)
+	service := s.AddTestingServiceWithBindings(c, "yoursql", ch, nil)
+
+	s.assertServiceHasOnlyDefaultEndpointBindings(c, service)
+	s.assertServiceRemovedWithItsBindings(c, service)
+}
+
+func (s *ServiceSuite) TestEndpointBindingsWithExplictOverrides(c *gc.C) {
+	_, err := s.State.AddSpace("db", "", nil, true)
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.State.AddSpace("ha", "", nil, false)
+	c.Assert(err, jc.ErrorIsNil)
+
+	bindings := map[string]string{
+		"server":  "db",
+		"cluster": "ha",
+	}
+	ch := s.AddMetaCharm(c, "mysql", metaBase, 42)
+	service := s.AddTestingServiceWithBindings(c, "yoursql", ch, bindings)
+
+	setBindings, err := service.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(setBindings, jc.DeepEquals, map[string]string{
+		"server":  "db",
+		"client":  "",
+		"cluster": "ha",
+	})
+
+	s.assertServiceRemovedWithItsBindings(c, service)
+}
+
+func (s *ServiceSuite) TestSetCharmExtraBindingsUseDefaults(c *gc.C) {
+	_, err := s.State.AddSpace("db", "", nil, true)
+	c.Assert(err, jc.ErrorIsNil)
+
+	oldCharm := s.AddMetaCharm(c, "mysql", metaDifferentProvider, 42)
+	oldBindings := map[string]string{
+		"kludge": "db",
+		"client": "db",
+	}
+	service := s.AddTestingServiceWithBindings(c, "yoursql", oldCharm, oldBindings)
+	setBindings, err := service.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	effectiveOld := map[string]string{
+		"kludge":  "db",
+		"client":  "db",
+		"cluster": "",
+	}
+	c.Assert(setBindings, jc.DeepEquals, effectiveOld)
+
+	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, 43)
+
+	cfg := state.SetCharmConfig{Charm: newCharm}
+	err = service.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	setBindings, err = service.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	effectiveNew := map[string]string{
+		// These two should be preserved from oldCharm.
+		"client":  "db",
+		"cluster": "",
+		// "kludge" is missing in newMeta, "server" is new and gets the default.
+		"server": "",
+		// All the remaining are new and use the empty default.
+		"foo":  "",
+		"baz":  "",
+		"just": "",
+	}
+	c.Assert(setBindings, jc.DeepEquals, effectiveNew)
+
+	s.assertServiceRemovedWithItsBindings(c, service)
+}
+
+func (s *ServiceSuite) TestSetCharmHandlesMissingBindingsAsDefaults(c *gc.C) {
+	oldCharm := s.AddMetaCharm(c, "mysql", metaDifferentProvider, 69)
+	service := s.AddTestingServiceWithBindings(c, "theirsql", oldCharm, nil)
+	state.RemoveEndpointBindingsForService(c, service)
+
+	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, 70)
+
+	cfg := state.SetCharmConfig{Charm: newCharm}
+	err := service.SetCharm(cfg)
+	c.Assert(err, jc.ErrorIsNil)
+	setBindings, err := service.EndpointBindings()
+	c.Assert(err, jc.ErrorIsNil)
+	effectiveNew := map[string]string{
+		// The following two exist for both oldCharm and newCharm.
+		"client":  "",
+		"cluster": "",
+		// "kludge" is missing in newMeta, "server" is new and gets the default.
+		"server": "",
+		// All the remaining are new and use the empty default.
+		"foo":  "",
+		"baz":  "",
+		"just": "",
+	}
+	c.Assert(setBindings, jc.DeepEquals, effectiveNew)
+
+	s.assertServiceRemovedWithItsBindings(c, service)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/assign_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/assign_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/assign_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/assign_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 	"strconv"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/txn"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
@@ -25,7 +25,7 @@
 
 type AssignSuite struct {
 	ConnSuite
-	wordpress *state.Service
+	wordpress *state.Application
 }
 
 var _ = gc.Suite(&AssignSuite{})
@@ -370,12 +370,12 @@
 	c.Assert(err, jc.ErrorIsNil)
 	machineId := s.assertAssignedUnit(c, unit)
 	c.Assert(state.ParentId(machineId), gc.Not(gc.Equals), "")
-	c.Assert(state.ContainerTypeFromId(machineId), gc.Equals, instance.LXC)
+	c.Assert(state.ContainerTypeFromId(machineId), gc.Equals, instance.LXD)
 }
 
 func (s *AssignSuite) TestAssignUnitToNewMachineContainerConstraint(c *gc.C) {
 	// Set up service constraints.
-	scons := constraints.MustParse("container=lxc")
+	scons := constraints.MustParse("container=lxd")
 	err := s.wordpress.SetConstraints(scons)
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertAssignUnitToNewMachineContainerConstraint(c)
@@ -383,7 +383,7 @@
 
 func (s *AssignSuite) TestAssignUnitToNewMachineDefaultContainerConstraint(c *gc.C) {
 	// Set up env constraints.
-	econs := constraints.MustParse("container=lxc")
+	econs := constraints.MustParse("container=lxd")
 	err := s.State.SetModelConstraints(econs)
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertAssignUnitToNewMachineContainerConstraint(c)
@@ -504,7 +504,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Set up constraints to specify we want to install into a container.
-	econs := constraints.MustParse("container=lxc")
+	econs := constraints.MustParse("container=lxd")
 	err = s.State.SetModelConstraints(econs)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -529,7 +529,7 @@
 
 	mid, err = anotherUnit.AssignedMachineId()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mid, gc.Equals, "2/lxc/0")
+	c.Assert(mid, gc.Equals, "2/lxd/0")
 }
 
 func (s *AssignSuite) TestAssignUnitToNewMachineBecomesHost(c *gc.C) {
@@ -537,7 +537,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Set up constraints to specify we want to install into a container.
-	econs := constraints.MustParse("container=lxc")
+	econs := constraints.MustParse("container=lxd")
 	err = s.State.SetModelConstraints(econs)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -552,7 +552,7 @@
 			_, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 				Series: "quantal",
 				Jobs:   []state.MachineJob{state.JobHostUnits},
-			}, machine.Id(), instance.LXC)
+			}, machine.Id(), instance.LXD)
 			c.Assert(err, jc.ErrorIsNil)
 		},
 	}
@@ -563,7 +563,7 @@
 
 	mid, err := unit.AssignedMachineId()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mid, gc.Equals, "2/lxc/0")
+	c.Assert(mid, gc.Equals, "2/lxd/0")
 }
 
 func (s *AssignSuite) TestAssignUnitBadPolicy(c *gc.C) {
@@ -626,14 +626,14 @@
 	assertMachineCount(c, s.State, 3)
 	id, err := unit.AssignedMachineId()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(id, gc.Equals, "1/lxc/0")
+	c.Assert(id, gc.Equals, "1/lxd/0")
 }
 
 func (s *AssignSuite) TestAssignUnitNewPolicyWithContainerConstraint(c *gc.C) {
 	_, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 	// Set up service constraints.
-	scons := constraints.MustParse("container=lxc")
+	scons := constraints.MustParse("container=lxd")
 	err = s.wordpress.SetConstraints(scons)
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertAssignUnitNewPolicyWithContainerConstraint(c)
@@ -643,7 +643,7 @@
 	_, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 	// Set up env constraints.
-	econs := constraints.MustParse("container=lxc")
+	econs := constraints.MustParse("container=lxd")
 	err = s.State.SetModelConstraints(econs)
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertAssignUnitNewPolicyWithContainerConstraint(c)
@@ -675,7 +675,7 @@
 type assignCleanSuite struct {
 	ConnSuite
 	policy    state.AssignmentPolicy
-	wordpress *state.Service
+	wordpress *state.Application
 }
 
 var _ = gc.Suite(&assignCleanSuite{ConnSuite{}, state.AssignCleanEmpty, nil})
@@ -743,7 +743,7 @@
 	container, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, hostMachine.Id(), instance.LXC)
+	}, hostMachine.Id(), instance.LXD)
 	c.Assert(hostMachine.Clean(), jc.IsTrue)
 	s.assertMachineNotEmpty(c, hostMachine)
 
@@ -1004,7 +1004,7 @@
 	c.Assert(assignedTo.Id(), gc.Equals, "0")
 }
 
-func (s *assignCleanSuite) setupSingleStorage(c *gc.C, kind, pool string) (*state.Service, *state.Unit, names.StorageTag) {
+func (s *assignCleanSuite) setupSingleStorage(c *gc.C, kind, pool string) (*state.Application, *state.Unit, names.StorageTag) {
 	// There are test charms called "storage-block" and
 	// "storage-filesystem" which are what you'd expect.
 	ch := s.AddTestingCharm(c, "storage-"+kind)
@@ -1048,10 +1048,10 @@
 	container, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, machine.Id(), instance.LXC)
+	}, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	err = unit.AssignToMachine(container)
-	c.Assert(err, gc.ErrorMatches, `cannot assign unit "storage-filesystem/0" to machine 0/lxc/0: adding storage to lxc container not supported`)
+	c.Assert(err, gc.ErrorMatches, `cannot assign unit "storage-filesystem/0" to machine 0/lxd/0: adding storage to lxd container not supported`)
 }
 
 func (s *assignCleanSuite) TestAssignUnitWithNonDynamicStorageCleanAvailable(c *gc.C) {
@@ -1165,7 +1165,7 @@
 	container, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, hostMachine.Id(), instance.LXC)
+	}, hostMachine.Id(), instance.LXD)
 	c.Assert(hostMachine.Clean(), jc.IsTrue)
 	s.assertMachineNotEmpty(c, hostMachine)
 	if s.policy == state.AssignClean {
@@ -1206,14 +1206,14 @@
 	container, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, hostMachine.Id(), instance.LXC)
+	}, hostMachine.Id(), instance.LXD)
 	err = hostMachine.Refresh()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(hostMachine.Clean(), jc.IsTrue)
 	s.assertMachineNotEmpty(c, hostMachine)
 
 	// Set up constraints to specify we want to install into a container.
-	econs := constraints.MustParse("container=lxc")
+	econs := constraints.MustParse("container=lxd")
 	err = s.State.SetModelConstraints(econs)
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -1233,7 +1233,7 @@
 		c.Assert(err, jc.ErrorIsNil)
 		mid, err := unit.AssignedMachineId()
 		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(mid, gc.Equals, fmt.Sprintf("%d/lxc/0", expectedNumUnits+1))
+		c.Assert(mid, gc.Equals, fmt.Sprintf("%d/lxd/0", expectedNumUnits+1))
 		assertMachineCount(c, s.State, 2*expectedNumUnits+3)
 
 		// Sanity check that the machine knows about its assigned unit and was
@@ -1260,7 +1260,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	mid, err = unit.AssignedMachineId()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mid, gc.Equals, hostMachine.Id()+"/lxc/0")
+	c.Assert(mid, gc.Equals, hostMachine.Id()+"/lxd/0")
 }
 
 func (s *assignCleanSuite) TestAssignUnitPolicyConcurrently(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backend.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backend.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backend.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backend.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/mongo"
+)
+
+// modelBackend collects together some useful internal state methods for
+// accessing mongo and mapping local and global ids to one another.
+//
+// Its primary purpose is to insulate watcher implementations from the
+// other features of state (specifically, to deny access to the .workers
+// field and prevent a class of bug in which it tries to use two
+// different underlying TxnWatchers), but it's probably also useful
+// elsewhere.
+type modelBackend interface {
+	docID(string) string
+	localID(string) string
+	strictLocalID(string) (string, error)
+	getCollection(name string) (mongo.Collection, func())
+}
+
+// isLocalID returns a watcher filter func that rejects ids not specific
+// to the supplied modelBackend.
+func isLocalID(st modelBackend) func(interface{}) bool {
+	return func(id interface{}) bool {
+		key, ok := id.(string)
+		if !ok {
+			return false
+		}
+		_, err := st.strictLocalID(key)
+		return err == nil
+	}
+}
+
+// docID generates a globally unique id value
+// where the model uuid is prefixed to the
+// localID.
+func (st *State) docID(localID string) string {
+	return ensureModelUUID(st.ModelUUID(), localID)
+}
+
+// localID returns the local id value by stripping
+// off the model uuid prefix if it is there.
+func (st *State) localID(ID string) string {
+	modelUUID, localID, ok := splitDocID(ID)
+	if !ok || modelUUID != st.ModelUUID() {
+		return ID
+	}
+	return localID
+}
+
+// strictLocalID returns the local id value by removing the
+// model UUID prefix.
+//
+// If there is no prefix matching the State's model, an error is
+// returned.
+func (st *State) strictLocalID(ID string) (string, error) {
+	modelUUID, localID, ok := splitDocID(ID)
+	if !ok || modelUUID != st.ModelUUID() {
+		return "", errors.Errorf("unexpected id: %#v", ID)
+	}
+	return localID, nil
+}
+
+// getCollection fetches a named collection using a new session if the
+// database has previously been logged in to. It returns the
+// collection and a closer function for the session.
+//
+// If the collection stores documents for multiple models, the
+// returned collection will automatically perform model
+// filtering where possible. See modelStateCollection below.
+func (st *State) getCollection(name string) (mongo.Collection, func()) {
+	return st.database.GetCollection(name)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/backups.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/backups.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/backups.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/backups.go	2016-07-18 19:45:44.000000000 +0000
@@ -41,8 +41,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/filestorage"
+	"gopkg.in/juju/names.v2"
 )
 
 const (
@@ -102,7 +102,7 @@
 	// Restore updates juju's state to the contents of the backup archive,
 	// it returns the tag string for the machine where the backup originated
 	// or error if the process fails.
-	Restore(backupId string, args RestoreArgs) (names.Tag, error)
+	Restore(backupId string, dbInfo *DBInfo, args RestoreArgs) (names.Tag, error)
 }
 
 type backups struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/backups_linux.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/backups_linux.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/backups_linux.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/backups_linux.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 	"strconv"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/shell"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/juju/paths"
@@ -19,6 +19,7 @@
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/service"
 	"github.com/juju/juju/state"
+	"github.com/juju/juju/version"
 )
 
 func ensureMongoService(agentConfig agent.Config) error {
@@ -60,7 +61,7 @@
 // * updates existing db entries to make sure they hold no references to
 // old instances
 // * updates config in all agents.
-func (b *backups) Restore(backupId string, args RestoreArgs) (names.Tag, error) {
+func (b *backups) Restore(backupId string, dbInfo *DBInfo, args RestoreArgs) (names.Tag, error) {
 	meta, backupReader, err := b.Get(backupId)
 	if err != nil {
 		return nil, errors.Annotatef(err, "could not fetch backup %q", backupId)
@@ -74,12 +75,29 @@
 	}
 	defer workspace.Close()
 
+	// This might actually work, but we don't have a guarantee so we don't allow it.
+	if meta.Origin.Series != args.NewInstSeries {
+		return nil, errors.Errorf("cannot restore a backup made in a machine with series %q into a machine with series %q, %#v", meta.Origin.Series, args.NewInstSeries, meta)
+	}
+
 	// TODO(perrito666) Create a compatibility table of sorts.
-	version := meta.Origin.Version
+	vers := meta.Origin.Version
+	if vers.Major != 2 {
+		return nil, errors.Errorf("Juju version %v cannot restore backups made using Juju version %v", version.Current.Minor, vers)
+	}
 	backupMachine := names.NewMachineTag(meta.Origin.Machine)
 
-	if err := mongo.StopService(); err != nil {
-		return nil, errors.Annotate(err, "cannot stop mongo to replace files")
+	// The path for the config file might change if the tag changed
+	// and also the rest of the path, so we assume as little as possible.
+	oldDatadir, err := paths.DataDir(args.NewInstSeries)
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot determine DataDir for the restored machine")
+	}
+
+	var oldAgentConfig agent.ConfigSetterWriter
+	oldAgentConfigFile := agent.ConfigPath(oldDatadir, args.NewInstTag)
+	if oldAgentConfig, err = agent.ReadConfig(oldAgentConfigFile); err != nil {
+		return nil, errors.Annotate(err, "cannot load old agent config from disk")
 	}
 
 	// delete all the files to be replaced
@@ -91,7 +109,7 @@
 	if err := workspace.UnpackFilesBundle(filesystemRoot()); err != nil {
 		return nil, errors.Annotate(err, "cannot obtain system files from backup")
 	}
-	logger.Infof("placed new files")
+	logger.Infof("placed new restore files")
 
 	var agentConfig agent.ConfigSetterWriter
 	// The path for the config file might change if the tag changed
@@ -113,7 +131,7 @@
 	if err := agentConfig.Write(); err != nil {
 		return nil, errors.Annotate(err, "cannot write new agent configuration")
 	}
-	logger.Infof("wrote new agent config")
+	logger.Infof("wrote new agent config for restore")
 
 	if backupMachine.Id() != "0" {
 		logger.Infof("extra work needed backup belongs to %q machine", backupMachine.String())
@@ -143,18 +161,45 @@
 		return nil, errors.Annotate(err, "failed to reinstall service for juju-db")
 	}
 
+	dialInfo, err := newDialInfo(args.PrivateAddress, agentConfig)
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot produce dial information")
+	}
+
+	oldDialInfo, err := newDialInfo(args.PrivateAddress, oldAgentConfig)
+	if err != nil {
+		return nil, errors.Annotate(err, "cannot produce dial information for existing mongo")
+	}
+
 	logger.Infof("new mongo will be restored")
-	// Restore mongodb from backup
-	if err := placeNewMongoService(workspace.DBDumpDir, version); err != nil {
-		return nil, errors.Annotate(err, "error restoring state from backup")
+	mgoVer := agentConfig.MongoVersion()
+
+	tagUser, tagUserPassword, err := tagUserCredentials(agentConfig)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	rArgs := RestorerArgs{
+		DialInfo:        dialInfo,
+		Version:         mgoVer,
+		TagUser:         tagUser,
+		TagUserPassword: tagUserPassword,
+		RunCommandFn:    runCommand,
+		StartMongo:      mongo.StartService,
+		StopMongo:       mongo.StopService,
+		NewMongoSession: NewMongoSession,
+		GetDB:           GetDB,
 	}
 
-	// Re-start replicaset with the new value for server address
-	dialInfo, err := newDialInfo(args.PrivateAddress, agentConfig)
+	// Restore mongodb from backup
+	restorer, err := NewDBRestorer(rArgs)
 	if err != nil {
-		return nil, errors.Annotate(err, "cannot produce dial information")
+		return nil, errors.Annotate(err, "error preparing for restore")
+	}
+	if err := restorer.Restore(workspace.DBDumpDir, oldDialInfo); err != nil {
+		return nil, errors.Annotate(err, "error restoring state from backup")
 	}
 
+	// Re-start replicaset with the new value for server address
 	logger.Infof("restarting replicaset")
 	memberHostPort := net.JoinHostPort(args.PrivateAddress, strconv.Itoa(ssi.StatePort))
 	err = resetReplicaSet(dialInfo, memberHostPort)
@@ -204,10 +249,14 @@
 	// Mark restoreInfo as Finished so upon restart of the apiserver
 	// the client can reconnect and determine if we where succesful.
 	info := st.RestoreInfo()
-	err = info.SetStatus(state.RestoreFinished)
-	if err != nil {
-		return nil, errors.Trace(err)
+	// In mongo 3.2, even though the backup is made with --oplog, there
+	// are stale transactions in this collection.
+	if err := info.PurgeTxn(); err != nil {
+		return nil, errors.Annotate(err, "cannot purge stale transactions")
+	}
+	if err = info.SetStatus(state.RestoreFinished); err != nil {
+		return nil, errors.Annotate(err, "failed to set status to finished")
 	}
 
-	return backupMachine, errors.Annotate(err, "failed to set status to finished")
+	return backupMachine, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/backups_nonlinux.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/backups_nonlinux.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/backups_nonlinux.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/backups_nonlinux.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,11 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // Restore satisfies the Backups interface on non-Linux OSes (e.g.
 // windows, darwin).
-func (*backups) Restore(_ string, _ RestoreArgs) (names.Tag, error) {
+func (*backups) Restore(_ string, _ *DBInfo, _ RestoreArgs) (names.Tag, error) {
 	return nil, errors.Errorf("backups supported only on Linux")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/db.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/db.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/db.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/db.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,7 @@
 package backups
 
 import (
+	"fmt"
 	"io/ioutil"
 	"os"
 	"os/exec"
@@ -11,7 +12,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/utils/set"
-	"github.com/juju/version"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/mongo"
@@ -225,64 +227,263 @@
 	return databases, nil
 }
 
-// mongoRestoreArgsForVersion returns a string slice containing the args to be used
-// to call mongo restore since these can change depending on the backup method.
-// Version 0: a dump made with --db, stopping the controller.
-// Version 1: a dump made with --oplog with a running controller.
-// TODO (perrito666) change versions to use metadata version
-func mongoRestoreArgsForVersion(ver version.Number, dumpPath string) ([]string, error) {
+var getMongorestorePath = func() (string, error) {
+	return getMongoToolPath(restoreName, os.Stat, exec.LookPath)
+}
+
+// DBDumper is any type that dumps something to a dump dir.
+type DBRestorer interface {
+	// Dump something to dumpDir.
+	Restore(dumpDir string, dialInfo *mgo.DialInfo) error
+}
+
+type mongoRestorer struct {
+	*mgo.DialInfo
+	// binPath is the path to the dump executable.
+	binPath         string
+	tagUser         string
+	tagUserPassword string
+	runCommandFn    func(string, ...string) error
+}
+type mongoRestorer32 struct {
+	mongoRestorer
+	getDB           func(string, MongoSession) MongoDB
+	newMongoSession func(*mgo.DialInfo) (MongoSession, error)
+}
+
+type mongoRestorer24 struct {
+	mongoRestorer
+	stopMongo  func() error
+	startMongo func() error
+}
+
+func (md *mongoRestorer24) options(dumpDir string) []string {
 	dbDir := filepath.Join(agent.DefaultPaths.DataDir, "db")
-	switch {
-	case ver.Major == 1 && ver.Minor < 22:
-		return []string{"--drop", "--journal", "--dbpath", dbDir, dumpPath}, nil
-	case ver.Major == 1 && ver.Minor >= 22,
-		ver.Major == 2:
-		return []string{"--drop", "--journal", "--oplogReplay", "--dbpath", dbDir, dumpPath}, nil
-	default:
-		return nil, errors.Errorf("this backup file is incompatible with the current version of juju")
+	options := []string{
+		"--drop",
+		"--journal",
+		"--oplogReplay",
+		"--dbpath", dbDir,
+		dumpDir,
 	}
+	return options
 }
 
-var getMongorestorePath = func() (string, error) {
-	return getMongoToolPath(restoreName, os.Stat, exec.LookPath)
+func (md *mongoRestorer24) Restore(dumpDir string, _ *mgo.DialInfo) error {
+	logger.Debugf("stopping mongo service for restore")
+	if err := md.stopMongo(); err != nil {
+		return errors.Annotate(err, "cannot stop mongo to replace files")
+	}
+	options := md.options(dumpDir)
+	logger.Infof("restoring database with params %v", options)
+	if err := md.runCommandFn(md.binPath, options...); err != nil {
+		return errors.Annotate(err, "error restoring database")
+	}
+	if err := md.startMongo(); err != nil {
+		return errors.Annotate(err, "cannot start mongo after restore")
+	}
+
+	return nil
+}
+
+// GetDB wraps mgo.Session.DB to ease testing.
+func GetDB(s string, session MongoSession) MongoDB {
+	return session.DB(s)
+}
+
+// NewMongoSession wraps mgo.DialInfo to ease testing.
+func NewMongoSession(dialInfo *mgo.DialInfo) (MongoSession, error) {
+	return mgo.DialWithInfo(dialInfo)
+}
+
+type RestorerArgs struct {
+	DialInfo        *mgo.DialInfo
+	NewMongoSession func(*mgo.DialInfo) (MongoSession, error)
+	Version         mongo.Version
+	TagUser         string
+	TagUserPassword string
+	GetDB           func(string, MongoSession) MongoDB
+
+	RunCommandFn func(string, ...string) error
+	StartMongo   func() error
+	StopMongo    func() error
 }
 
-var restoreArgsForVersion = mongoRestoreArgsForVersion
+var mongoInstalledVersion = mongo.InstalledVersion
 
-// placeNewMongoService wraps placeNewMongo with the proper service stopping
-// and starting before dumping the new mongo db, it is mainly to easy testing
-// of placeNewMongo.
-func placeNewMongoService(newMongoDumpPath string, ver version.Number) error {
-	err := mongo.StopService()
+// NewDBRestorer returns a new structure that can perform a restore
+// on the db pointed in dialInfo.
+func NewDBRestorer(args RestorerArgs) (DBRestorer, error) {
+	mongorestorePath, err := getMongorestorePath()
 	if err != nil {
-		return errors.Annotate(err, "failed to stop mongo")
+		return nil, errors.Annotate(err, "mongorestrore not available")
+	}
+
+	installedMongo := mongoInstalledVersion()
+	// NewerThan will check Major and Minor so migration between micro versions
+	// will work, before changing this bewar, Mongo has been known to break
+	// compatibility between minors.
+	if args.Version.NewerThan(installedMongo) != 0 {
+		return nil, errors.NotSupportedf("restore mongo version %s into version %s", args.Version.String(), installedMongo.String())
+	}
+
+	var restorer DBRestorer
+	mgoRestorer := mongoRestorer{
+		DialInfo:        args.DialInfo,
+		binPath:         mongorestorePath,
+		tagUser:         args.TagUser,
+		tagUserPassword: args.TagUserPassword,
+		runCommandFn:    args.RunCommandFn,
 	}
+	switch args.Version.Major {
+	case 2:
+		restorer = &mongoRestorer24{
+			mongoRestorer: mgoRestorer,
+			startMongo:    args.StartMongo,
+			stopMongo:     args.StopMongo,
+		}
+	case 3:
+		restorer = &mongoRestorer32{
+			mongoRestorer:   mgoRestorer,
+			getDB:           args.GetDB,
+			newMongoSession: args.NewMongoSession,
+		}
+	default:
+		return nil, errors.Errorf("cannot restore from mongo version %q", args.Version.String())
+	}
+	return restorer, nil
+}
 
-	if err := placeNewMongo(newMongoDumpPath, ver); err != nil {
-		return errors.Annotate(err, "cannot place new mongo")
+func (md *mongoRestorer32) options(dumpDir string) []string {
+	options := []string{
+		"--ssl",
+		"--authenticationDatabase", "admin",
+		"--host", md.Addrs[0],
+		"--username", md.Username,
+		"--password", md.Password,
+		"--drop",
+		"--oplogReplay",
+		dumpDir,
 	}
-	err = mongo.StartService()
-	return errors.Annotate(err, "failed to start mongo")
+	return options
 }
 
-// placeNewMongo tries to use mongorestore to replace an existing
-// mongo with the dump in newMongoDumpPath returns an error if its not possible.
-func placeNewMongo(newMongoDumpPath string, ver version.Number) error {
-	mongoRestore, err := getMongorestorePath()
+// MongoDB represents a mgo.DB.
+type MongoDB interface {
+	UpsertUser(*mgo.User) error
+}
+
+// MongoSession represents mgo.Session.
+type MongoSession interface {
+	Run(cmd interface{}, result interface{}) error
+	Close()
+	DB(string) *mgo.Database
+}
+
+// ensureOplogPermissions adds a special role to the admin user, this role
+// is required by mongorestore when doing oplogreplay.
+func (md *mongoRestorer32) ensureOplogPermissions(dialInfo *mgo.DialInfo) error {
+	s, err := md.newMongoSession(dialInfo)
 	if err != nil {
-		return errors.Annotate(err, "mongorestore not available")
+		return errors.Trace(err)
 	}
+	defer s.Close()
 
-	mgoRestoreArgs, err := restoreArgsForVersion(ver, newMongoDumpPath)
+	roles := bson.D{
+		{"createRole", "oploger"},
+		{"privileges", []bson.D{
+			bson.D{
+				{"resource", bson.M{"anyResource": true}},
+				{"actions", []string{"anyAction"}},
+			},
+		}},
+		{"roles", []string{}},
+	}
+	var mgoErr bson.M
+	err = s.Run(roles, &mgoErr)
 	if err != nil {
-		return errors.Errorf("cannot restore this backup version")
+		return errors.Trace(err)
+	}
+	result, ok := mgoErr["ok"]
+	success, isFloat := result.(float64)
+	if (!ok || !isFloat || success != 1) && mgoErr != nil {
+		return errors.Errorf("could not create special role to replay oplog, result was: %#v", mgoErr)
 	}
 
-	err = runCommandFn(mongoRestore, mgoRestoreArgs...)
+	// This will replace old user with the new credentials
+	admin := md.getDB("admin", s)
 
+	grant := bson.D{
+		{"grantRolesToUser", md.DialInfo.Username},
+		{"roles", []string{"oploger"}},
+	}
+
+	err = s.Run(grant, &mgoErr)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	result, ok = mgoErr["ok"]
+	success, isFloat = result.(float64)
+	if (!ok || !isFloat || success != 1) && mgoErr != nil {
+		return errors.Errorf("could not grant special role to %q, result was: %#v", md.DialInfo.Username, mgoErr)
+	}
+
+	grant = bson.D{
+		{"grantRolesToUser", "admin"},
+		{"roles", []string{"oploger"}},
+	}
+
+	err = s.Run(grant, &mgoErr)
 	if err != nil {
-		return errors.Annotate(err, "failed to restore database dump")
+		return errors.Trace(err)
+	}
+	result, ok = mgoErr["ok"]
+	success, isFloat = result.(float64)
+	if (!ok || !isFloat || success != 1) && mgoErr != nil {
+		return errors.Errorf("could not grant special role to \"admin\", result was: %#v", mgoErr)
 	}
 
+	if err := admin.UpsertUser(&mgo.User{
+		Username: md.DialInfo.Username,
+		Password: md.DialInfo.Password,
+	}); err != nil {
+		return errors.Errorf("cannot set new admin credentials: %v", err)
+	}
+
+	return nil
+}
+
+func (md *mongoRestorer32) ensureTagUser() error {
+	s, err := md.newMongoSession(md.DialInfo)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	defer s.Close()
+
+	admin := md.getDB("admin", s)
+
+	if err := admin.UpsertUser(&mgo.User{
+		Username: md.tagUser,
+		Password: md.tagUserPassword,
+	}); err != nil {
+		return fmt.Errorf("cannot set tag user credentials: %v", err)
+	}
+	return nil
+}
+
+func (md *mongoRestorer32) Restore(dumpDir string, dialInfo *mgo.DialInfo) error {
+	if err := md.ensureOplogPermissions(dialInfo); err != nil {
+		return errors.Annotate(err, "setting special user permission in db")
+	}
+
+	options := md.options(dumpDir)
+	logger.Infof("restoring database with params %v", options)
+	if err := md.runCommandFn(md.binPath, options...); err != nil {
+		return errors.Annotate(err, "error restoring database")
+	}
+	logger.Infof("updating user credentials")
+	if err := md.ensureTagUser(); err != nil {
+		return errors.Trace(err)
+	}
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/db_info_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/db_info_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/db_info_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/db_info_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package backups_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/state/backups"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/db_restore_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/db_restore_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/db_restore_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/db_restore_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,13 +4,14 @@
 package backups_test
 
 import (
-	"path/filepath"
+	"errors"
 
 	jc "github.com/juju/testing/checkers"
-	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
 
-	"github.com/juju/juju/agent"
+	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/state/backups"
 	"github.com/juju/juju/testing"
 )
@@ -21,109 +22,133 @@
 	testing.BaseSuite
 }
 
-func (s *mongoRestoreSuite) TestMongoRestoreArgsForVersion121(c *gc.C) {
-	dir := filepath.Join(agent.DefaultPaths.DataDir, "db")
-	versionNumber := version.Number{}
-	versionNumber.Major = 1
-	versionNumber.Minor = 21
-	args, err := backups.MongoRestoreArgsForVersion(versionNumber, "/some/fake/path")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(args, gc.HasLen, 5)
-	c.Assert(args[0:5], jc.DeepEquals, []string{
-		"--drop",
-		"--journal",
-		"--dbpath",
-		dir,
-		"/some/fake/path",
-	})
-}
-
-func (s *mongoRestoreSuite) TestMongoRestoreArgsForVersion122(c *gc.C) {
-	dir := filepath.Join(agent.DefaultPaths.DataDir, "db")
-	versionNumber := version.Number{}
-	versionNumber.Major = 1
-	versionNumber.Minor = 22
-	args, err := backups.MongoRestoreArgsForVersion(versionNumber, "/some/fake/path")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(args, gc.HasLen, 6)
-	c.Assert(args[0:6], jc.DeepEquals, []string{
-		"--drop",
-		"--journal",
-		"--oplogReplay",
-		"--dbpath",
-		dir,
-		"/some/fake/path",
-	})
-}
-
-func (s *mongoRestoreSuite) TestMongoRestoreArgsForVersion2(c *gc.C) {
-	dir := filepath.Join(agent.DefaultPaths.DataDir, "db")
-	versionNumber := version.Number{}
-	versionNumber.Major = 2
-	versionNumber.Minor = 0
-	args, err := backups.MongoRestoreArgsForVersion(versionNumber, "/some/fake/path")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(args, gc.HasLen, 6)
-	c.Assert(args[0:6], jc.DeepEquals, []string{
-		"--drop",
-		"--journal",
-		"--oplogReplay",
-		"--dbpath",
-		dir,
-		"/some/fake/path",
-	})
-}
-
-func (s *mongoRestoreSuite) TestMongoRestoreArgsForOldVersion(c *gc.C) {
-	versionNumber := version.Number{}
-	versionNumber.Major = 0
-	versionNumber.Minor = 0
-	_, err := backups.MongoRestoreArgsForVersion(versionNumber, "/some/fake/path")
-	c.Assert(err, gc.ErrorMatches, "this backup file is incompatible with the current version of juju")
-}
-
-func (s *mongoRestoreSuite) TestPlaceNewMongo(c *gc.C) {
-	var argsVersion version.Number
-	var newMongoDumpPath string
-	ranArgs := make([][]string, 0, 3)
-	ranCommands := []string{}
-
-	restorePathCalled := false
-
-	runCommand := func(command string, mongoRestoreArgs ...string) error {
-		mgoArgs := make([]string, len(mongoRestoreArgs), len(mongoRestoreArgs))
-		for i, v := range mongoRestoreArgs {
-			mgoArgs[i] = v
-		}
-		ranArgs = append(ranArgs, mgoArgs)
-		ranCommands = append(ranCommands, command)
+func (s *mongoRestoreSuite) TestRestoreDatabase24(c *gc.C) {
+	s.PatchValue(backups.GetMongorestorePath, func() (string, error) { return "/a/fake/mongorestore", nil })
+	var ranCommand string
+	var ranWithArgs []string
+	fakeRunCommand := func(c string, args ...string) error {
+		ranCommand = c
+		ranWithArgs = args
 		return nil
 	}
-	s.PatchValue(backups.RunCommand, runCommand)
+	args := backups.RestorerArgs{
+		Version:         mongo.Mongo24,
+		TagUser:         "machine-0",
+		TagUserPassword: "fakePassword",
+		RunCommandFn:    fakeRunCommand,
+		StartMongo:      func() error { return nil },
+		StopMongo:       func() error { return nil },
+	}
+
+	s.PatchValue(backups.MongoInstalledVersion, func() mongo.Version { return mongo.Mongo24 })
+	restorer, err := backups.NewDBRestorer(args)
+	c.Assert(err, jc.ErrorIsNil)
+	err = restorer.Restore("fakePath", nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(ranCommand, gc.Equals, "/a/fake/mongorestore")
+	c.Assert(ranWithArgs, gc.DeepEquals, []string{"--drop", "--journal", "--oplogReplay", "--dbpath", "/var/lib/juju/db", "fakePath"})
+}
+
+type mongoDb struct {
+	user *mgo.User
+}
+
+func (m *mongoDb) UpsertUser(u *mgo.User) error {
+	m.user = u
+	return nil
+}
 
-	restorePath := func() (string, error) {
-		restorePathCalled = true
-		return "/fake/mongo/restore/path", nil
+type mongoSession struct {
+	closed bool
+	cmd    []bson.D
+}
+
+func (m *mongoSession) Run(cmd interface{}, result interface{}) error {
+	bsoncmd, ok := cmd.(bson.D)
+	if !ok {
+		return errors.New("unexpected cmd")
 	}
-	s.PatchValue(backups.RestorePath, restorePath)
+	m.cmd = append(m.cmd, bsoncmd)
+	return nil
+}
+
+func (m *mongoSession) Close() {
+	m.closed = true
+}
+
+func (m *mongoSession) DB(_ string) *mgo.Database {
+	return nil
+}
 
-	ver := version.Number{Major: 1, Minor: 22}
-	args := []string{"a", "set", "of", "args"}
-	restoreArgsForVersion := func(versionNumber version.Number, mongoDumpPath string) ([]string, error) {
-		newMongoDumpPath = mongoDumpPath
-		argsVersion = versionNumber
-		return args, nil
+func (s *mongoRestoreSuite) TestRestoreDatabase32(c *gc.C) {
+	s.PatchValue(backups.GetMongorestorePath, func() (string, error) { return "/a/fake/mongorestore", nil })
+	var ranCommand string
+	var ranWithArgs []string
+	fakeRunCommand := func(c string, args ...string) error {
+		ranCommand = c
+		ranWithArgs = args
+		return nil
 	}
-	s.PatchValue(backups.RestoreArgsForVersion, restoreArgsForVersion)
+	mgoDb := &mongoDb{}
+	mgoSession := &mongoSession{}
 
-	err := backups.PlaceNewMongo("fakemongopath", ver)
-	c.Assert(restorePathCalled, jc.IsTrue)
+	args := backups.RestorerArgs{
+		DialInfo: &mgo.DialInfo{
+			Username: "fakeUsername",
+			Password: "fakePassword",
+			Addrs:    []string{"127.0.0.1"},
+		},
+		Version:         mongo.Mongo32wt,
+		TagUser:         "machine-0",
+		TagUserPassword: "fakePassword",
+		GetDB:           func(string, backups.MongoSession) backups.MongoDB { return mgoDb },
+		NewMongoSession: func(dialInfo *mgo.DialInfo) (backups.MongoSession, error) {
+			return mgoSession, nil
+		},
+		RunCommandFn: fakeRunCommand,
+	}
+	s.PatchValue(backups.MongoInstalledVersion, func() mongo.Version { return mongo.Mongo32wt })
+	restorer, err := backups.NewDBRestorer(args)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(argsVersion, gc.DeepEquals, ver)
-	c.Assert(newMongoDumpPath, gc.Equals, "fakemongopath")
-	expectedCommands := []string{"/fake/mongo/restore/path"}
-	c.Assert(ranCommands, gc.DeepEquals, expectedCommands)
-	c.Assert(len(ranArgs), gc.Equals, 1)
-	expectedArgs := [][]string{{"a", "set", "of", "args"}}
-	c.Assert(ranArgs, gc.DeepEquals, expectedArgs)
+	err = restorer.Restore("fakePath", nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(ranCommand, gc.Equals, "/a/fake/mongorestore")
+	c.Assert(ranWithArgs, gc.DeepEquals, []string{"--ssl", "--authenticationDatabase", "admin", "--host", "127.0.0.1", "--username", "fakeUsername", "--password", "fakePassword", "--drop", "--oplogReplay", "fakePath"})
+	user := &mgo.User{Username: "machine-0", Password: "fakePassword"}
+	c.Assert(mgoDb.user, gc.DeepEquals, user)
+	c.Assert(mgoSession.closed, jc.IsTrue)
+	mgoSessionCmd := []bson.D{
+		bson.D{
+			bson.DocElem{Name: "createRole", Value: "oploger"},
+			bson.DocElem{Name: "privileges", Value: []bson.D{
+				bson.D{
+					bson.DocElem{Name: "resource", Value: bson.M{"anyResource": true}},
+					bson.DocElem{Name: "actions", Value: []string{"anyAction"}}}}},
+			bson.DocElem{Name: "roles", Value: []string{}}},
+		bson.D{
+			bson.DocElem{Name: "grantRolesToUser", Value: "fakeUsername"},
+			bson.DocElem{Name: "roles", Value: []string{"oploger"}}},
+		bson.D{
+			bson.DocElem{Name: "grantRolesToUser", Value: "admin"},
+			bson.DocElem{Name: "roles", Value: []string{"oploger"}}}}
+	c.Assert(mgoSession.cmd, gc.DeepEquals, mgoSessionCmd)
+}
+
+func (s *mongoRestoreSuite) TestRestoreFailsOnOlderMongo(c *gc.C) {
+	s.PatchValue(backups.GetMongorestorePath, func() (string, error) { return "/a/fake/mongorestore", nil })
+	args := backups.RestorerArgs{
+		DialInfo: &mgo.DialInfo{
+			Username: "fakeUsername",
+			Password: "fakePassword",
+			Addrs:    []string{"127.0.0.1"},
+		},
+		Version:         mongo.Mongo32wt,
+		TagUser:         "machine-0",
+		TagUserPassword: "fakePassword",
+	}
+	s.PatchValue(backups.MongoInstalledVersion, func() mongo.Version { return mongo.Mongo24 })
+	_, err := backups.NewDBRestorer(args)
+	c.Assert(err, gc.ErrorMatches, "restore mongo version 3.2/wiredTiger into version 2.4/mmapv1 not supported")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,14 +20,16 @@
 	Create        = create
 	FileTimestamp = fileTimestamp
 
-	TestGetFilesToBackUp = &getFilesToBackUp
-	GetDBDumper          = &getDBDumper
-	RunCreate            = &runCreate
-	FinishMeta           = &finishMeta
-	StoreArchiveRef      = &storeArchive
-	GetMongodumpPath     = &getMongodumpPath
-	RunCommand           = &runCommandFn
-	ReplaceableFolders   = &replaceableFolders
+	TestGetFilesToBackUp  = &getFilesToBackUp
+	GetDBDumper           = &getDBDumper
+	RunCreate             = &runCreate
+	FinishMeta            = &finishMeta
+	StoreArchiveRef       = &storeArchive
+	GetMongodumpPath      = &getMongodumpPath
+	GetMongorestorePath   = &getMongorestorePath
+	RunCommand            = &runCommandFn
+	ReplaceableFolders    = &replaceableFolders
+	MongoInstalledVersion = &mongoInstalledVersion
 )
 
 var _ filestorage.DocStorage = (*backupsDocStorage)(nil)
@@ -164,7 +166,4 @@
 }
 
 // Export for patching in tests
-var PlaceNewMongo = placeNewMongo
-var MongoRestoreArgsForVersion = mongoRestoreArgsForVersion
 var RestorePath = &getMongorestorePath
-var RestoreArgsForVersion = &restoreArgsForVersion
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/files.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/files.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/files.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/files.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,6 @@
 package backups
 
 import (
-	"fmt"
 	"os"
 	"path/filepath"
 	"sort"
@@ -23,10 +22,10 @@
 	agentsDir   = "agents"
 	agentsConfs = "machine-*"
 	toolsDir    = "tools"
+	initDir     = "init"
 
 	sshIdentFile = "system-identity"
 	nonceFile    = "nonce.txt"
-	machineLog   = "machine-%s.log"
 	authKeysFile = "authorized_keys"
 
 	dbPEM    = "server.pem"
@@ -50,6 +49,12 @@
 		return nil, errors.Annotate(err, "failed to fetch agent config files")
 	}
 
+	glob = filepath.Join(rootDir, paths.DataDir, initDir, "*")
+	serviceConfs, err := filepath.Glob(glob)
+	if err != nil {
+		return nil, errors.Annotate(err, "failed to fetch service config files")
+	}
+
 	backupFiles := []string{
 		filepath.Join(rootDir, paths.DataDir, toolsDir),
 
@@ -59,17 +64,7 @@
 		filepath.Join(rootDir, paths.DataDir, dbSecret),
 	}
 	backupFiles = append(backupFiles, agentConfs...)
-
-	// TODO(ericsnow) It might not be machine 0...
-	machinelog := filepath.Join(rootDir, paths.LogsDir, fmt.Sprintf(machineLog, oldmachine))
-	if _, err := os.Stat(machinelog); err != nil {
-		if !os.IsNotExist(err) {
-			return nil, errors.Trace(err)
-		}
-		logger.Errorf("skipping missing file %q", machinelog)
-	} else {
-		backupFiles = append(backupFiles, machinelog)
-	}
+	backupFiles = append(backupFiles, serviceConfs...)
 
 	// Handle nonce.txt (might not exist).
 	nonce := filepath.Join(rootDir, paths.DataDir, nonceFile)
@@ -106,10 +101,13 @@
 
 	for _, replaceable := range []string{
 		filepath.Join(dataDir, "db"),
+		filepath.Join(dataDir, "init"),
 		dataDir,
-		logsDir,
 	} {
 		dirStat, err := os.Stat(replaceable)
+		if os.IsNotExist(err) {
+			continue
+		}
 		if err != nil {
 			return map[string]os.FileMode{}, errors.Annotatef(err, "cannot stat %q", replaceable)
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/files_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/files_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/files_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/files_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -58,11 +58,11 @@
 	dirname = mkdir(filepath.Join(paths.DataDir, "agents"))
 	touch(dirname, "machine-"+machineID+".conf")
 
-	dirname = mkdir(paths.LogsDir)
-	touch(dirname, "machine-"+machineID+".log")
-
 	dirname = mkdir("/home/ubuntu/.ssh")
 	touch(dirname, "authorized_keys")
+
+	dirname = mkdir(filepath.Join(paths.DataDir, "init", "juju-db"))
+	touch(dirname, "juju-db.service")
 }
 
 func (s *filesSuite) checkSameStrings(c *gc.C, actual, expected []string) {
@@ -112,7 +112,7 @@
 		filepath.Join(s.root, "/var/lib/juju/shared-secret"),
 		filepath.Join(s.root, "/var/lib/juju/system-identity"),
 		filepath.Join(s.root, "/var/lib/juju/tools"),
-		filepath.Join(s.root, "/var/log/juju/machine-0.log"),
+		filepath.Join(s.root, "/var/lib/juju/init/juju-db"),
 	}
 	c.Check(files, jc.SameContents, expected)
 	s.checkSameStrings(c, files, expected)
@@ -193,7 +193,7 @@
 		filepath.Join(s.root, "/var/lib/juju/shared-secret"),
 		filepath.Join(s.root, "/var/lib/juju/system-identity"),
 		filepath.Join(s.root, "/var/lib/juju/tools"),
-		filepath.Join(s.root, "/var/log/juju/machine-10.log"),
+		filepath.Join(s.root, "/var/lib/juju/init/juju-db"),
 	}
 	c.Check(files, jc.SameContents, expected)
 	s.checkSameStrings(c, files, expected)
@@ -209,7 +209,6 @@
 	missing := []string{
 		"/var/lib/juju/nonce.txt",
 		"/home/ubuntu/.ssh/authorized_keys",
-		"/var/log/juju/machine-0.log",
 	}
 	for _, filename := range missing {
 		err := os.Remove(filepath.Join(s.root, filename))
@@ -225,6 +224,7 @@
 		filepath.Join(s.root, "/var/lib/juju/shared-secret"),
 		filepath.Join(s.root, "/var/lib/juju/system-identity"),
 		filepath.Join(s.root, "/var/lib/juju/tools"),
+		filepath.Join(s.root, "/var/lib/juju/init/juju-db"),
 	}
 	// This got re-created.
 	expected = append(expected, filepath.Join(s.root, "/home/ubuntu/.ssh/authorized_keys"))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/metadata.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/metadata.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/metadata.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/metadata.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,6 +32,7 @@
 	Machine  string
 	Hostname string
 	Version  version.Number
+	Series   string
 }
 
 // UnknownString is a marker value for string fields with unknown values.
@@ -96,7 +97,7 @@
 // NewMetadataState composes a new backup metadata with its origin
 // values set.  The model UUID comes from state.  The hostname is
 // retrieved from the OS.
-func NewMetadataState(db DB, machine string) (*Metadata, error) {
+func NewMetadataState(db DB, machine, series string) (*Metadata, error) {
 	// hostname could be derived from the model...
 	hostname, err := os.Hostname()
 	if err != nil {
@@ -109,16 +110,17 @@
 	meta.Origin.Model = db.ModelTag().Id()
 	meta.Origin.Machine = machine
 	meta.Origin.Hostname = hostname
+	meta.Origin.Series = series
 
 	si, err := db.StateServingInfo()
 	if err != nil {
 		return nil, errors.Annotate(err, "could not get server secrets")
 	}
-	cfg, err := db.ModelConfig()
+	controllerCfg, err := db.ControllerConfig()
 	if err != nil {
-		return nil, errors.Annotate(err, "could not get model config")
+		return nil, errors.Annotate(err, "could not get controller config")
 	}
-	meta.CACert, _ = cfg.CACert()
+	meta.CACert, _ = controllerCfg.CACert()
 	meta.CAPrivateKey = si.CAPrivateKey
 	return meta, nil
 }
@@ -163,6 +165,7 @@
 	Machine     string
 	Hostname    string
 	Version     version.Number
+	Series      string
 
 	CACert       string
 	CAPrivateKey string
@@ -185,6 +188,7 @@
 		Machine:      m.Origin.Machine,
 		Hostname:     m.Origin.Hostname,
 		Version:      m.Origin.Version,
+		Series:       m.Origin.Series,
 		CACert:       m.CACert,
 		CAPrivateKey: m.CAPrivateKey,
 	}
@@ -234,6 +238,7 @@
 		Machine:  flat.Machine,
 		Hostname: flat.Hostname,
 		Version:  flat.Version,
+		Series:   flat.Series,
 	}
 
 	// TODO(wallyworld) - put these in a separate file.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/metadata_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/metadata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/metadata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/metadata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,6 +30,7 @@
 		Machine:  "0",
 		Hostname: "myhost",
 		Version:  version.MustParse("1.21-alpha3"),
+		Series:   "trusty",
 	}
 	meta.Started = time.Date(2014, time.Month(9), 9, 11, 59, 34, 0, time.UTC)
 
@@ -59,6 +60,7 @@
 		`"Machine":"0",`+
 		`"Hostname":"myhost",`+
 		`"Version":"1.21-alpha3",`+
+		`"Series":"trusty",`+
 		`"CACert":"ca-cert",`+
 		`"CAPrivateKey":"ca-private-key"`+
 		`}`+"\n")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,13 @@
 import (
 	stdtesting "testing"
 
+	"github.com/juju/utils/os"
+
 	"github.com/juju/juju/testing"
 )
 
 func Test(t *stdtesting.T) {
-	testing.MgoTestPackage(t)
+	if os.HostOS() == os.Ubuntu {
+		testing.MgoTestPackage(t)
+	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/params.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/params.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/params.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/params.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package backups
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/restore.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/restore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/restore.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/restore.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,9 +15,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/ssh"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 
@@ -49,6 +49,27 @@
 	return string(os.PathSeparator)
 }
 
+// tagUserCredentials is a convenience function that extracts the
+// tag user and apipassword, required to access mongodb.
+func tagUserCredentials(conf agent.Config) (string, string, error) {
+	username := conf.Tag().String()
+	var password string
+	// TODO(perrito) we might need an accessor for the actual state password
+	// just in case it ever changes from the same as api password.
+	apiInfo, ok := conf.APIInfo()
+	if ok {
+		password = apiInfo.Password
+	} else {
+		// There seems to be no way to reach this inconsistence other than making a
+		// backup on a machine where these fields are corrupted and even so I find
+		// no reasonable way to reach this state, yet since APIInfo has it as a
+		// possibility I prefer to handle it, we cannot recover from this since
+		// it would mean that the agent.conf is corrupted.
+		return "", "", errors.New("cannot obtain password to access the controller")
+	}
+	return username, password, nil
+}
+
 // newDialInfo returns mgo.DialInfo with the given address using the minimal
 // possible setup.
 func newDialInfo(privateAddr string, conf agent.Config) (*mgo.DialInfo, error) {
@@ -70,20 +91,9 @@
 		dialInfo.Username = "admin"
 		dialInfo.Password = conf.OldPassword()
 	} else {
-		dialInfo.Username = conf.Tag().String()
-		// TODO(perrito) we might need an accessor for the actual state password
-		// just in case it ever changes from the same as api password.
-		apiInfo, ok := conf.APIInfo()
-		if ok {
-			dialInfo.Password = apiInfo.Password
-			logger.Infof("using API password to access controller.")
-		} else {
-			// There seems to be no way to reach this inconsistence other than making a
-			// backup on a machine where these fields are corrupted and even so I find
-			// no reasonable way to reach this state, yet since APIInfo has it as a
-			// possibility I prefer to handle it, we cannot recover from this since
-			// it would mean that the agent.conf is corrupted.
-			return nil, errors.New("cannot obtain password to access the controller")
+		dialInfo.Username, dialInfo.Password, err = tagUserCredentials(conf)
+		if err != nil {
+			return nil, errors.Trace(err)
 		}
 	}
 	return dialInfo, nil
@@ -234,7 +244,7 @@
 func runMachineUpdate(machine *state.Machine, sshArg string) error {
 	addr, err := machine.PublicAddress()
 	if err != nil {
-		if network.IsNoAddress(err) {
+		if network.IsNoAddressError(err) {
 			return errors.Annotatef(err, "no appropriate public address found")
 		}
 		return errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/restore_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/restore_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/restore_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/restore_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,12 +14,12 @@
 	"strconv"
 	"strings"
 
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/ssh"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/agent"
@@ -261,7 +261,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	defer server.DestroyWithLog()
 
-	st := statetesting.Initialize(c, names.NewLocalUserTag("test-admin"), nil, nil)
+	st := statetesting.Initialize(c, names.NewLocalUserTag("test-admin"), nil, nil, nil)
 	c.Assert(st.Close(), jc.ErrorIsNil)
 
 	r.PatchValue(&mongoDefaultDialOpts, mongotest.DialOpts)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,13 +9,14 @@
 	"time"
 
 	"github.com/juju/errors"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/state"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"github.com/juju/utils/filestorage"
 	"github.com/juju/version"
 	"gopkg.in/juju/blobstore.v2"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -52,6 +53,7 @@
 	Machine  string         `bson:"machine"`
 	Hostname string         `bson:"hostname"`
 	Version  version.Number `bson:"version"`
+	Series   string         `bson:"series"`
 }
 
 func (doc *storageMetaDoc) isFileInfoComplete() bool {
@@ -126,6 +128,7 @@
 	meta.Origin.Machine = doc.Machine
 	meta.Origin.Hostname = doc.Hostname
 	meta.Origin.Version = doc.Version
+	meta.Origin.Series = doc.Series
 
 	meta.SetID(doc.ID)
 
@@ -176,6 +179,7 @@
 	doc.Machine = meta.Origin.Machine
 	doc.Hostname = meta.Origin.Hostname
 	doc.Version = meta.Origin.Version
+	doc.Series = meta.Origin.Series
 
 	return doc
 }
@@ -458,6 +462,7 @@
 	dbWrap := newStorageDBWrapper(s.db, storageMetaName, s.modelUUID)
 	defer dbWrap.Close()
 
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	err := setStorageStoredTime(dbWrap, id, time.Now())
 	return errors.Trace(err)
 }
@@ -536,6 +541,9 @@
 	// ModelConfig is the config of the model being backedup.
 	ModelConfig() (*config.Config, error)
 
+	// ControllerConfig is the config of the controller being backedup.
+	ControllerConfig() (controller.Config, error)
+
 	// StateServingInfo is the secrets of the controller.
 	StateServingInfo() (state.StateServingInfo, error)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/testing/fakes.go juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/testing/fakes.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/backups/testing/fakes.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/backups/testing/fakes.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"io"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/filestorage"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/state/backups"
@@ -97,7 +97,7 @@
 }
 
 // Restore restores a machine to a backed up status.
-func (b *FakeBackups) Restore(bkpId string, args backups.RestoreArgs) (names.Tag, error) {
+func (b *FakeBackups) Restore(bkpId string, dbInfo *backups.DBInfo, args backups.RestoreArgs) (names.Tag, error) {
 	b.Calls = append(b.Calls, "Restore")
 	b.PrivateAddr = args.PrivateAddress
 	b.InstanceId = args.NewInstId
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/binarystorage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/binarystorage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/binarystorage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/binarystorage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,6 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	jujutxn "github.com/juju/txn"
 	"github.com/juju/utils"
@@ -17,6 +16,7 @@
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/blobstore.v2"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/state"
@@ -83,8 +83,9 @@
 		"uuid": s.modelUUID,
 	})
 	_, s.st, err = s.State.NewModel(state.ModelArgs{
-		Config: cfg,
-		Owner:  names.NewLocalUserTag("test-admin"),
+		CloudName: "dummy",
+		Config:    cfg,
+		Owner:     names.NewLocalUserTag("test-admin"),
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	s.AddCleanup(func(*gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/blockdevices.go juju-core-2.0~beta12/src/github.com/juju/juju/state/blockdevices.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/blockdevices.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/blockdevices.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"reflect"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -53,10 +53,10 @@
 
 // BlockDevices returns the BlockDeviceInfo for the specified machine.
 func (st *State) BlockDevices(machine names.MachineTag) ([]BlockDeviceInfo, error) {
-	return st.blockDevices(machine.Id())
+	return getBlockDevices(st, machine.Id())
 }
 
-func (st *State) blockDevices(machineId string) ([]BlockDeviceInfo, error) {
+func getBlockDevices(st modelBackend, machineId string) ([]BlockDeviceInfo, error) {
 	coll, cleanup := st.getCollection(blockDevicesC)
 	defer cleanup()
 
@@ -75,7 +75,7 @@
 // not in the list will be removed.
 func setMachineBlockDevices(st *State, machineId string, newInfo []BlockDeviceInfo) error {
 	buildTxn := func(attempt int) ([]txn.Op, error) {
-		oldInfo, err := st.blockDevices(machineId)
+		oldInfo, err := getBlockDevices(st, machineId)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/blockdevices_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/blockdevices_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/blockdevices_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/blockdevices_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/block.go juju-core-2.0~beta12/src/github.com/juju/juju/state/block.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/block.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/block.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/block_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/block_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/block_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/block_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing"
@@ -116,7 +116,7 @@
 
 func (s *blockSuite) TestMultiEnvBlocked(c *gc.C) {
 	// create another env
-	_, st2 := s.createTestEnv(c)
+	_, st2 := s.createTestModel(c)
 	defer st2.Close()
 
 	// switch one block type on
@@ -132,7 +132,7 @@
 }
 
 func (s *blockSuite) TestAllBlocksForController(c *gc.C) {
-	_, st2 := s.createTestEnv(c)
+	_, st2 := s.createTestModel(c)
 	defer st2.Close()
 
 	err := st2.SwitchBlockOn(state.ChangeBlock, "block test")
@@ -146,7 +146,7 @@
 }
 
 func (s *blockSuite) TestRemoveAllBlocksForController(c *gc.C) {
-	_, st2 := s.createTestEnv(c)
+	_, st2 := s.createTestModel(c)
 	defer st2.Close()
 
 	err := st2.SwitchBlockOn(state.ChangeBlock, "block test")
@@ -163,7 +163,7 @@
 }
 
 func (s *blockSuite) TestRemoveAllBlocksForControllerNoBlocks(c *gc.C) {
-	_, st2 := s.createTestEnv(c)
+	_, st2 := s.createTestModel(c)
 	defer st2.Close()
 
 	err := st2.RemoveAllBlocksForController()
@@ -186,7 +186,7 @@
 	c.Assert(blocks[0].ModelUUID(), gc.Equals, st.ModelUUID())
 }
 
-func (s *blockSuite) createTestEnv(c *gc.C) (*state.Model, *state.State) {
+func (s *blockSuite) createTestModel(c *gc.C) (*state.Model, *state.State) {
 	uuid, err := utils.NewUUID()
 	c.Assert(err, jc.ErrorIsNil)
 	cfg := testing.CustomModelConfig(c, testing.Attrs{
@@ -194,7 +194,7 @@
 		"uuid": uuid.String(),
 	})
 	owner := names.NewUserTag("test@remote")
-	env, st, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: owner})
+	env, st, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
 	c.Assert(err, jc.ErrorIsNil)
 	return env, st
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/charm.go juju-core-2.0~beta12/src/github.com/juju/juju/state/charm.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/charm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/charm.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,13 +8,18 @@
 	"regexp"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	jujutxn "github.com/juju/txn"
+	"github.com/juju/version"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
+	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/mongo"
+	"github.com/juju/juju/state/storage"
+	jujuversion "github.com/juju/juju/version"
 )
 
 // MacaroonCache is a type that wraps State and implements charmstore.MacaroonCache.
@@ -386,3 +391,323 @@
 	}
 	return nil
 }
+
+// deleteCharmArchive deletes a charm archive from blob storage
+// and removes the corresponding charm record from state.
+func (st *State) deleteCharmArchive(curl *charm.URL, storagePath string) error {
+	if err := st.deleteCharm(curl); err != nil {
+		return errors.Annotate(err, "cannot delete charm record from state")
+	}
+	stor := storage.NewStorage(st.ModelUUID(), st.MongoSession())
+	if err := stor.Remove(storagePath); err != nil {
+		return errors.Annotate(err, "cannot delete charm from storage")
+	}
+	return nil
+}
+
+// AddCharm adds the ch charm with curl to the state.
+// On success the newly added charm state is returned.
+func (st *State) AddCharm(info CharmInfo) (stch *Charm, err error) {
+	charms, closer := st.getCollection(charmsC)
+	defer closer()
+
+	if err := validateCharmVersion(info.Charm); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	query := charms.FindId(info.ID.String()).Select(bson.D{{"placeholder", 1}})
+
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		var placeholderDoc struct {
+			Placeholder bool `bson:"placeholder"`
+		}
+		if err := query.One(&placeholderDoc); err == mgo.ErrNotFound {
+
+			return insertCharmOps(st, info)
+		} else if err != nil {
+			return nil, errors.Trace(err)
+		} else if placeholderDoc.Placeholder {
+			return updateCharmOps(st, info, stillPlaceholder)
+		}
+		return nil, errors.AlreadyExistsf("charm %q", info.ID)
+	}
+	if err = st.run(buildTxn); err == nil {
+		return st.Charm(info.ID)
+	}
+	return nil, errors.Trace(err)
+}
+
+// deleteCharm removes the charm record with curl from state.
+func (st *State) deleteCharm(curl *charm.URL) error {
+	op := []txn.Op{{
+		C:      charmsC,
+		Id:     curl.String(),
+		Remove: true,
+	}}
+	err := st.runTransaction(op)
+	if err == mgo.ErrNotFound {
+		return nil
+	}
+	return errors.Trace(err)
+}
+
+type hasMeta interface {
+	Meta() *charm.Meta
+}
+
+func validateCharmVersion(ch hasMeta) error {
+	minver := ch.Meta().MinJujuVersion
+	if minver != version.Zero {
+		if minver.Compare(jujuversion.Current) > 0 {
+			return errors.Errorf("Charm's min version (%s) is higher than this juju environment's version (%s)", minver, jujuversion.Current)
+		}
+	}
+	return nil
+}
+
+// AllCharms returns all charms in state.
+func (st *State) AllCharms() ([]*Charm, error) {
+	charmsCollection, closer := st.getCollection(charmsC)
+	defer closer()
+	var cdoc charmDoc
+	var charms []*Charm
+	iter := charmsCollection.Find(nil).Iter()
+	for iter.Next(&cdoc) {
+		ch := newCharm(st, &cdoc)
+		charms = append(charms, ch)
+	}
+	return charms, errors.Trace(iter.Close())
+}
+
+// Charm returns the charm with the given URL. Charms pending upload
+// to storage and placeholders are never returned.
+func (st *State) Charm(curl *charm.URL) (*Charm, error) {
+	charms, closer := st.getCollection(charmsC)
+	defer closer()
+
+	cdoc := &charmDoc{}
+	what := bson.D{
+		{"_id", curl.String()},
+		{"placeholder", bson.D{{"$ne", true}}},
+		{"pendingupload", bson.D{{"$ne", true}}},
+	}
+	err := charms.Find(what).One(&cdoc)
+	if err == mgo.ErrNotFound {
+		return nil, errors.NotFoundf("charm %q", curl)
+	}
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot get charm %q", curl)
+	}
+	if err := cdoc.Meta.Check(); err != nil {
+		return nil, errors.Annotatef(err, "malformed charm metadata found in state")
+	}
+	return newCharm(st, cdoc), nil
+}
+
+// LatestPlaceholderCharm returns the latest charm described by the
+// given URL but which is not yet deployed.
+func (st *State) LatestPlaceholderCharm(curl *charm.URL) (*Charm, error) {
+	charms, closer := st.getCollection(charmsC)
+	defer closer()
+
+	noRevURL := curl.WithRevision(-1)
+	curlRegex := "^" + regexp.QuoteMeta(st.docID(noRevURL.String()))
+	var docs []charmDoc
+	err := charms.Find(bson.D{{"_id", bson.D{{"$regex", curlRegex}}}, {"placeholder", true}}).All(&docs)
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot get charm %q", curl)
+	}
+	// Find the highest revision.
+	var latest charmDoc
+	for _, doc := range docs {
+		if latest.URL == nil || doc.URL.Revision > latest.URL.Revision {
+			latest = doc
+		}
+	}
+	if latest.URL == nil {
+		return nil, errors.NotFoundf("placeholder charm %q", noRevURL)
+	}
+	return newCharm(st, &latest), nil
+}
+
+// PrepareLocalCharmUpload must be called before a local charm is
+// uploaded to the provider storage in order to create a charm
+// document in state. It returns the chosen unique charm URL reserved
+// in state for the charm.
+//
+// The url's schema must be "local" and it must include a revision.
+func (st *State) PrepareLocalCharmUpload(curl *charm.URL) (chosenUrl *charm.URL, err error) {
+	// Perform a few sanity checks first.
+	if curl.Schema != "local" {
+		return nil, errors.Errorf("expected charm URL with local schema, got %q", curl)
+	}
+	if curl.Revision < 0 {
+		return nil, errors.Errorf("expected charm URL with revision, got %q", curl)
+	}
+	// Get a regex with the charm URL and no revision.
+	noRevURL := curl.WithRevision(-1)
+	curlRegex := "^" + regexp.QuoteMeta(st.docID(noRevURL.String()))
+
+	charms, closer := st.getCollection(charmsC)
+	defer closer()
+
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		// Find the highest revision of that charm in state.
+		var docs []charmDoc
+		query := bson.D{{"_id", bson.D{{"$regex", curlRegex}}}}
+		err = charms.Find(query).Select(bson.D{{"_id", 1}, {"url", 1}}).All(&docs)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		// Find the highest revision.
+		maxRevision := -1
+		for _, doc := range docs {
+			if doc.URL.Revision > maxRevision {
+				maxRevision = doc.URL.Revision
+			}
+		}
+
+		// Respect the local charm's revision first.
+		chosenRevision := curl.Revision
+		if maxRevision >= chosenRevision {
+			// More recent revision exists in state, pick the next.
+			chosenRevision = maxRevision + 1
+		}
+		chosenUrl = curl.WithRevision(chosenRevision)
+		return insertPendingCharmOps(st, chosenUrl)
+	}
+	if err = st.run(buildTxn); err == nil {
+		return chosenUrl, nil
+	}
+	return nil, errors.Trace(err)
+}
+
+// PrepareStoreCharmUpload must be called before a charm store charm
+// is uploaded to the provider storage in order to create a charm
+// document in state. If a charm with the same URL is already in
+// state, it will be returned as a *state.Charm (it can be still
+// pending or already uploaded). Otherwise, a new charm document is
+// added in state with just the given charm URL and
+// PendingUpload=true, which is then returned as a *state.Charm.
+//
+// The url's schema must be "cs" and it must include a revision.
+func (st *State) PrepareStoreCharmUpload(curl *charm.URL) (*Charm, error) {
+	// Perform a few sanity checks first.
+	if curl.Schema != "cs" {
+		return nil, errors.Errorf("expected charm URL with cs schema, got %q", curl)
+	}
+	if curl.Revision < 0 {
+		return nil, errors.Errorf("expected charm URL with revision, got %q", curl)
+	}
+
+	charms, closer := st.getCollection(charmsC)
+	defer closer()
+
+	var (
+		uploadedCharm charmDoc
+		err           error
+	)
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		// Find an uploaded or pending charm with the given exact curl.
+		err := charms.FindId(curl.String()).One(&uploadedCharm)
+		switch {
+		case err == mgo.ErrNotFound:
+			uploadedCharm = charmDoc{
+				DocID:         st.docID(curl.String()),
+				ModelUUID:     st.ModelTag().Id(),
+				URL:           curl,
+				PendingUpload: true,
+			}
+			return insertAnyCharmOps(&uploadedCharm)
+		case err != nil:
+			return nil, errors.Trace(err)
+		case uploadedCharm.Placeholder:
+			// Update the fields of the document we're returning.
+			uploadedCharm.PendingUpload = true
+			uploadedCharm.Placeholder = false
+			return convertPlaceholderCharmOps(uploadedCharm.DocID)
+		default:
+			// The charm exists and it's either uploaded or still
+			// pending, but it's not a placeholder. In any case,
+			// there's nothing to do.
+			return nil, jujutxn.ErrNoOperations
+		}
+	}
+	if err = st.run(buildTxn); err == nil {
+		return newCharm(st, &uploadedCharm), nil
+	}
+	return nil, errors.Trace(err)
+}
+
+var (
+	stillPending     = bson.D{{"pendingupload", true}}
+	stillPlaceholder = bson.D{{"placeholder", true}}
+)
+
+// AddStoreCharmPlaceholder creates a charm document in state for the given charm URL which
+// must reference a charm from the store. The charm document is marked as a placeholder which
+// means that if the charm is to be deployed, it will need to first be uploaded to env storage.
+func (st *State) AddStoreCharmPlaceholder(curl *charm.URL) (err error) {
+	// Perform sanity checks first.
+	if curl.Schema != "cs" {
+		return errors.Errorf("expected charm URL with cs schema, got %q", curl)
+	}
+	if curl.Revision < 0 {
+		return errors.Errorf("expected charm URL with revision, got %q", curl)
+	}
+	charms, closer := st.getCollection(charmsC)
+	defer closer()
+
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		// See if the charm already exists in state and exit early if that's the case.
+		var doc charmDoc
+		err := charms.Find(bson.D{{"_id", curl.String()}}).Select(bson.D{{"_id", 1}}).One(&doc)
+		if err != nil && err != mgo.ErrNotFound {
+			return nil, errors.Trace(err)
+		}
+		if err == nil {
+			return nil, jujutxn.ErrNoOperations
+		}
+
+		// Delete all previous placeholders so we don't fill up the database with unused data.
+		deleteOps, err := deleteOldPlaceholderCharmsOps(st, charms, curl)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		insertOps, err := insertPlaceholderCharmOps(st, curl)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		ops := append(deleteOps, insertOps...)
+		return ops, nil
+	}
+	return errors.Trace(st.run(buildTxn))
+}
+
+// UpdateUploadedCharm marks the given charm URL as uploaded and
+// updates the rest of its data, returning it as *state.Charm.
+func (st *State) UpdateUploadedCharm(info CharmInfo) (*Charm, error) {
+	charms, closer := st.getCollection(charmsC)
+	defer closer()
+
+	doc := &charmDoc{}
+	err := charms.FindId(info.ID.String()).One(&doc)
+	if err == mgo.ErrNotFound {
+		return nil, errors.NotFoundf("charm %q", info.ID)
+	}
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if !doc.PendingUpload {
+		return nil, errors.Trace(&ErrCharmAlreadyUploaded{info.ID})
+	}
+
+	ops, err := updateCharmOps(st, info, stillPending)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if err := st.runTransaction(ops); err != nil {
+		return nil, onAbort(err, ErrCharmRevisionAlreadyModified)
+	}
+	return st.Charm(info.ID)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/charm_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/charm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/charm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/charm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,18 @@
 
 import (
 	"bytes"
+	"fmt"
+	"path/filepath"
 
 	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/txn"
+	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/macaroon.v1"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testcharms"
@@ -42,7 +49,7 @@
 	c.Assert(config.Options["title"], gc.Equals,
 		charm.Option{
 			Default:     "My Title",
-			Description: "A descriptive title used for the service.",
+			Description: "A descriptive title used for the application.",
 			Type:        "string",
 		},
 	)
@@ -76,6 +83,438 @@
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
+func (s *CharmSuite) dummyCharm(c *gc.C, curlOverride string) state.CharmInfo {
+	info := state.CharmInfo{
+		Charm:       testcharms.Repo.CharmDir("dummy"),
+		StoragePath: "dummy-1",
+		SHA256:      "dummy-1-sha256",
+	}
+	if curlOverride != "" {
+		info.ID = charm.MustParseURL(curlOverride)
+	} else {
+		info.ID = charm.MustParseURL(
+			fmt.Sprintf("local:quantal/%s-%d", info.Charm.Meta().Name, info.Charm.Revision()),
+		)
+	}
+	return info
+}
+
+func (s *CharmSuite) TestAddCharm(c *gc.C) {
+	// Check that adding charms from scratch works correctly.
+	info := s.dummyCharm(c, "")
+	dummy, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dummy.URL().String(), gc.Equals, info.ID.String())
+
+	doc := state.CharmDoc{}
+	err = s.charms.FindId(state.DocID(s.State, info.ID.String())).One(&doc)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Logf("%#v", doc)
+	c.Assert(doc.URL, gc.DeepEquals, info.ID)
+}
+
+func (s *CharmSuite) TestAddCharmWithAuth(c *gc.C) {
+	// Check that adding charms from scratch works correctly.
+	info := s.dummyCharm(c, "")
+	m, err := macaroon.New([]byte("rootkey"), "id", "loc")
+	c.Assert(err, jc.ErrorIsNil)
+	info.Macaroon = macaroon.Slice{m}
+	dummy, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+	ms, err := dummy.Macaroon()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ms, gc.DeepEquals, info.Macaroon)
+}
+
+func (s *CharmSuite) TestAddCharmUpdatesPlaceholder(c *gc.C) {
+	// Check that adding charms updates any existing placeholder charm
+	// with the same URL.
+	ch := testcharms.Repo.CharmDir("dummy")
+
+	// Add a placeholder charm.
+	curl := charm.MustParseURL("cs:quantal/dummy-1")
+	err := s.State.AddStoreCharmPlaceholder(curl)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Add a deployed charm.
+	info := state.CharmInfo{
+		Charm:       ch,
+		ID:          curl,
+		StoragePath: "dummy-1",
+		SHA256:      "dummy-1-sha256",
+	}
+	dummy, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(dummy.URL().String(), gc.Equals, curl.String())
+
+	// Charm doc has been updated.
+	var docs []state.CharmDoc
+	err = s.charms.FindId(state.DocID(s.State, curl.String())).All(&docs)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(docs, gc.HasLen, 1)
+	c.Assert(docs[0].URL, gc.DeepEquals, curl)
+	c.Assert(docs[0].StoragePath, gc.DeepEquals, info.StoragePath)
+
+	// No more placeholder charm.
+	_, err = s.State.LatestPlaceholderCharm(curl)
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *CharmSuite) assertPendingCharmExists(c *gc.C, curl *charm.URL) {
+	// Find charm directly and verify only the charm URL and
+	// PendingUpload are set.
+	doc := state.CharmDoc{}
+	err := s.charms.FindId(state.DocID(s.State, curl.String())).One(&doc)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Logf("%#v", doc)
+	c.Assert(doc.URL, gc.DeepEquals, curl)
+	c.Assert(doc.PendingUpload, jc.IsTrue)
+	c.Assert(doc.Placeholder, jc.IsFalse)
+	c.Assert(doc.Meta, gc.IsNil)
+	c.Assert(doc.Config, gc.IsNil)
+	c.Assert(doc.StoragePath, gc.Equals, "")
+	c.Assert(doc.BundleSha256, gc.Equals, "")
+
+	// Make sure we can't find it with st.Charm().
+	_, err = s.State.Charm(curl)
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *CharmSuite) TestPrepareLocalCharmUpload(c *gc.C) {
+	// First test the sanity checks.
+	curl, err := s.State.PrepareLocalCharmUpload(charm.MustParseURL("local:quantal/dummy"))
+	c.Assert(err, gc.ErrorMatches, "expected charm URL with revision, got .*")
+	c.Assert(curl, gc.IsNil)
+	curl, err = s.State.PrepareLocalCharmUpload(charm.MustParseURL("cs:quantal/dummy"))
+	c.Assert(err, gc.ErrorMatches, "expected charm URL with local schema, got .*")
+	c.Assert(curl, gc.IsNil)
+
+	// No charm in state, so the call should respect given revision.
+	testCurl := charm.MustParseURL("local:quantal/missing-123")
+	curl, err = s.State.PrepareLocalCharmUpload(testCurl)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(curl, gc.DeepEquals, testCurl)
+	s.assertPendingCharmExists(c, curl)
+
+	// Try adding it again with the same revision and ensure it gets bumped.
+	curl, err = s.State.PrepareLocalCharmUpload(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(curl.Revision, gc.Equals, 124)
+
+	// Also ensure the revision cannot decrease.
+	curl, err = s.State.PrepareLocalCharmUpload(curl.WithRevision(42))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(curl.Revision, gc.Equals, 125)
+
+	// Check the given revision is respected.
+	curl, err = s.State.PrepareLocalCharmUpload(curl.WithRevision(1234))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(curl.Revision, gc.Equals, 1234)
+}
+
+func (s *CharmSuite) TestPrepareStoreCharmUpload(c *gc.C) {
+	// First test the sanity checks.
+	sch, err := s.State.PrepareStoreCharmUpload(charm.MustParseURL("cs:quantal/dummy"))
+	c.Assert(err, gc.ErrorMatches, "expected charm URL with revision, got .*")
+	c.Assert(sch, gc.IsNil)
+	sch, err = s.State.PrepareStoreCharmUpload(charm.MustParseURL("local:quantal/dummy"))
+	c.Assert(err, gc.ErrorMatches, "expected charm URL with cs schema, got .*")
+	c.Assert(sch, gc.IsNil)
+
+	// No charm in state, so the call should respect given revision.
+	testCurl := charm.MustParseURL("cs:quantal/missing-123")
+	sch, err = s.State.PrepareStoreCharmUpload(testCurl)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sch.URL(), gc.DeepEquals, testCurl)
+	c.Assert(sch.IsUploaded(), jc.IsFalse)
+
+	s.assertPendingCharmExists(c, sch.URL())
+
+	// Try adding it again with the same revision and ensure we get the same document.
+	schCopy, err := s.State.PrepareStoreCharmUpload(testCurl)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sch, jc.DeepEquals, schCopy)
+
+	// Now add a charm and try again - we should get the same result
+	// as with AddCharm.
+	info := s.dummyCharm(c, "cs:precise/dummy-2")
+	sch, err = s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+	schCopy, err = s.State.PrepareStoreCharmUpload(info.ID)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sch, jc.DeepEquals, schCopy)
+
+	// Finally, try poking around the state with a placeholder and
+	// bundlesha256 to make sure we do the right thing.
+	curl := info.ID.WithRevision(999)
+	first := txn.TestHook{
+		Before: func() {
+			err := s.State.AddStoreCharmPlaceholder(curl)
+			c.Assert(err, jc.ErrorIsNil)
+		},
+		After: func() {
+			err := s.charms.RemoveId(state.DocID(s.State, curl.String()))
+			c.Assert(err, jc.ErrorIsNil)
+		},
+	}
+	second := txn.TestHook{
+		Before: func() {
+			err := s.State.AddStoreCharmPlaceholder(curl)
+			c.Assert(err, jc.ErrorIsNil)
+		},
+		After: func() {
+			err := s.charms.UpdateId(state.DocID(s.State, curl.String()), bson.D{{"$set", bson.D{
+				{"bundlesha256", "fake"}},
+			}})
+			c.Assert(err, jc.ErrorIsNil)
+		},
+	}
+	defer state.SetTestHooks(c, s.State, first, second, first).Check()
+
+	_, err = s.State.PrepareStoreCharmUpload(curl)
+	cause := errors.Cause(err)
+	c.Assert(cause, gc.Equals, txn.ErrExcessiveContention)
+}
+
+func (s *CharmSuite) TestUpdateUploadedCharm(c *gc.C) {
+	info := s.dummyCharm(c, "")
+	_, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Test with already uploaded and a missing charms.
+	sch, err := s.State.UpdateUploadedCharm(info)
+	c.Assert(err, gc.ErrorMatches, fmt.Sprintf("charm %q already uploaded", info.ID))
+	c.Assert(sch, gc.IsNil)
+	info.ID = charm.MustParseURL("local:quantal/missing-1")
+	info.SHA256 = "missing"
+	sch, err = s.State.UpdateUploadedCharm(info)
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	c.Assert(sch, gc.IsNil)
+
+	// Test with with an uploaded local charm.
+	_, err = s.State.PrepareLocalCharmUpload(info.ID)
+	c.Assert(err, jc.ErrorIsNil)
+
+	m, err := macaroon.New([]byte("rootkey"), "id", "loc")
+	c.Assert(err, jc.ErrorIsNil)
+	info.Macaroon = macaroon.Slice{m}
+	c.Assert(err, jc.ErrorIsNil)
+	sch, err = s.State.UpdateUploadedCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sch.URL(), gc.DeepEquals, info.ID)
+	c.Assert(sch.Revision(), gc.Equals, info.ID.Revision)
+	c.Assert(sch.IsUploaded(), jc.IsTrue)
+	c.Assert(sch.IsPlaceholder(), jc.IsFalse)
+	c.Assert(sch.Meta(), gc.DeepEquals, info.Charm.Meta())
+	c.Assert(sch.Config(), gc.DeepEquals, info.Charm.Config())
+	c.Assert(sch.StoragePath(), gc.DeepEquals, info.StoragePath)
+	c.Assert(sch.BundleSha256(), gc.Equals, "missing")
+	ms, err := sch.Macaroon()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ms, gc.DeepEquals, info.Macaroon)
+}
+
+func (s *CharmSuite) TestUpdateUploadedCharmEscapesSpecialCharsInConfig(c *gc.C) {
+	// Make sure when we have mongodb special characters like "$" and
+	// "." in the name of any charm config option, we do proper
+	// escaping before storing them and unescaping after loading. See
+	// also http://pad.lv/1308146.
+
+	// Clone the dummy charm and change the config.
+	configWithProblematicKeys := []byte(`
+options:
+  $bad.key: {default: bad, description: bad, type: string}
+  not.ok.key: {description: not ok, type: int}
+  valid-key: {description: all good, type: boolean}
+  still$bad.: {description: not good, type: float}
+  $.$: {description: awful, type: string}
+  ...: {description: oh boy, type: int}
+  just$: {description: no no, type: float}
+`[1:])
+	chDir := testcharms.Repo.ClonedDirPath(c.MkDir(), "dummy")
+	err := utils.AtomicWriteFile(
+		filepath.Join(chDir, "config.yaml"),
+		configWithProblematicKeys,
+		0666,
+	)
+	c.Assert(err, jc.ErrorIsNil)
+	ch, err := charm.ReadCharmDir(chDir)
+	c.Assert(err, jc.ErrorIsNil)
+	missingCurl := charm.MustParseURL("local:quantal/missing-1")
+	storagePath := "dummy-1"
+
+	preparedCurl, err := s.State.PrepareLocalCharmUpload(missingCurl)
+	c.Assert(err, jc.ErrorIsNil)
+	info := state.CharmInfo{
+		Charm:       ch,
+		ID:          preparedCurl,
+		StoragePath: "dummy-1",
+		SHA256:      "missing",
+	}
+	sch, err := s.State.UpdateUploadedCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sch.URL(), gc.DeepEquals, missingCurl)
+	c.Assert(sch.Revision(), gc.Equals, missingCurl.Revision)
+	c.Assert(sch.IsUploaded(), jc.IsTrue)
+	c.Assert(sch.IsPlaceholder(), jc.IsFalse)
+	c.Assert(sch.Meta(), gc.DeepEquals, ch.Meta())
+	c.Assert(sch.Config(), gc.DeepEquals, ch.Config())
+	c.Assert(sch.StoragePath(), gc.DeepEquals, storagePath)
+	c.Assert(sch.BundleSha256(), gc.Equals, "missing")
+}
+
+func (s *CharmSuite) assertPlaceholderCharmExists(c *gc.C, curl *charm.URL) {
+	// Find charm directly and verify only the charm URL and
+	// Placeholder are set.
+	doc := state.CharmDoc{}
+	err := s.charms.FindId(state.DocID(s.State, curl.String())).One(&doc)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(doc.URL, gc.DeepEquals, curl)
+	c.Assert(doc.PendingUpload, jc.IsFalse)
+	c.Assert(doc.Placeholder, jc.IsTrue)
+	c.Assert(doc.Meta, gc.IsNil)
+	c.Assert(doc.Config, gc.IsNil)
+	c.Assert(doc.StoragePath, gc.Equals, "")
+	c.Assert(doc.BundleSha256, gc.Equals, "")
+
+	// Make sure we can't find it with st.Charm().
+	_, err = s.State.Charm(curl)
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
+func (s *CharmSuite) TestLatestPlaceholderCharm(c *gc.C) {
+	// Add a deployed charm
+	info := s.dummyCharm(c, "cs:quantal/dummy-1")
+	_, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Deployed charm not found.
+	_, err = s.State.LatestPlaceholderCharm(info.ID)
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+
+	// Add a charm reference
+	curl2 := charm.MustParseURL("cs:quantal/dummy-2")
+	err = s.State.AddStoreCharmPlaceholder(curl2)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertPlaceholderCharmExists(c, curl2)
+
+	// Use a URL with an arbitrary rev to search.
+	curl := charm.MustParseURL("cs:quantal/dummy-23")
+	pending, err := s.State.LatestPlaceholderCharm(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(pending.URL(), gc.DeepEquals, curl2)
+	c.Assert(pending.IsPlaceholder(), jc.IsTrue)
+	c.Assert(pending.Meta(), gc.IsNil)
+	c.Assert(pending.Config(), gc.IsNil)
+	c.Assert(pending.StoragePath(), gc.Equals, "")
+	c.Assert(pending.BundleSha256(), gc.Equals, "")
+}
+
+func (s *CharmSuite) TestAddStoreCharmPlaceholderErrors(c *gc.C) {
+	ch := testcharms.Repo.CharmDir("dummy")
+	curl := charm.MustParseURL(
+		fmt.Sprintf("local:quantal/%s-%d", ch.Meta().Name, ch.Revision()),
+	)
+	err := s.State.AddStoreCharmPlaceholder(curl)
+	c.Assert(err, gc.ErrorMatches, "expected charm URL with cs schema, got .*")
+
+	curl = charm.MustParseURL("cs:quantal/dummy")
+	err = s.State.AddStoreCharmPlaceholder(curl)
+	c.Assert(err, gc.ErrorMatches, "expected charm URL with revision, got .*")
+}
+
+func (s *CharmSuite) TestAddStoreCharmPlaceholder(c *gc.C) {
+	curl := charm.MustParseURL("cs:quantal/dummy-1")
+	err := s.State.AddStoreCharmPlaceholder(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertPlaceholderCharmExists(c, curl)
+
+	// Add the same one again, should be a no-op
+	err = s.State.AddStoreCharmPlaceholder(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertPlaceholderCharmExists(c, curl)
+}
+
+func (s *CharmSuite) assertAddStoreCharmPlaceholder(c *gc.C) (*charm.URL, *charm.URL, *state.Charm) {
+	// Add a deployed charm
+	info := s.dummyCharm(c, "cs:quantal/dummy-1")
+	dummy, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Add a charm placeholder
+	curl2 := charm.MustParseURL("cs:quantal/dummy-2")
+	err = s.State.AddStoreCharmPlaceholder(curl2)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertPlaceholderCharmExists(c, curl2)
+
+	// Deployed charm is still there.
+	existing, err := s.State.Charm(info.ID)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(existing, jc.DeepEquals, dummy)
+
+	return info.ID, curl2, dummy
+}
+
+func (s *CharmSuite) TestAddStoreCharmPlaceholderLeavesDeployedCharmsAlone(c *gc.C) {
+	s.assertAddStoreCharmPlaceholder(c)
+}
+
+func (s *CharmSuite) TestAddStoreCharmPlaceholderDeletesOlder(c *gc.C) {
+	curl, curlOldRef, dummy := s.assertAddStoreCharmPlaceholder(c)
+
+	// Add a new charm placeholder
+	curl3 := charm.MustParseURL("cs:quantal/dummy-3")
+	err := s.State.AddStoreCharmPlaceholder(curl3)
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertPlaceholderCharmExists(c, curl3)
+
+	// Deployed charm is still there.
+	existing, err := s.State.Charm(curl)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(existing, jc.DeepEquals, dummy)
+
+	// Older charm placeholder is gone.
+	doc := state.CharmDoc{}
+	err = s.charms.FindId(curlOldRef).One(&doc)
+	c.Assert(err, gc.Equals, mgo.ErrNotFound)
+}
+
+func (s *CharmSuite) TestAllCharms(c *gc.C) {
+	// Add a deployed charm
+	info := s.dummyCharm(c, "cs:quantal/dummy-1")
+	sch, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Add a charm reference
+	curl2 := charm.MustParseURL("cs:quantal/dummy-2")
+	err = s.State.AddStoreCharmPlaceholder(curl2)
+	c.Assert(err, jc.ErrorIsNil)
+
+	charms, err := s.State.AllCharms()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(charms, gc.HasLen, 3)
+
+	c.Assert(charms[0].URL().String(), gc.Equals, "local:quantal/quantal-dummy-1")
+	c.Assert(charms[1], gc.DeepEquals, sch)
+	c.Assert(charms[2].URL(), gc.DeepEquals, curl2)
+}
+
+func (s *CharmSuite) TestDeleteCharm(c *gc.C) {
+	info := s.dummyCharm(c, "cs:quantal/dummy-1")
+	sch, err := s.State.AddCharm(info)
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = state.DeleteCharm(s.State, sch.URL())
+	c.Assert(err, jc.ErrorIsNil)
+
+	_, err = s.State.Charm(sch.URL())
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+
+	// Deleting again is a no-op.
+	err = state.DeleteCharm(s.State, sch.URL())
+	c.Assert(err, jc.ErrorIsNil)
+}
+
 type CharmTestHelperSuite struct {
 	ConnSuite
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/cleanup.go juju-core-2.0~beta12/src/github.com/juju/juju/state/cleanup.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/cleanup.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/cleanup.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -20,9 +20,10 @@
 	// SCHEMACHANGE: the names are expressive, the values not so much.
 	cleanupRelationSettings              cleanupKind = "settings"
 	cleanupUnitsForDyingService          cleanupKind = "units"
+	cleanupCharmForDyingService          cleanupKind = "charm"
 	cleanupDyingUnit                     cleanupKind = "dyingUnit"
 	cleanupRemovedUnit                   cleanupKind = "removedUnit"
-	cleanupServicesForDyingModel         cleanupKind = "services"
+	cleanupServicesForDyingModel         cleanupKind = "applications"
 	cleanupDyingMachine                  cleanupKind = "dyingMachine"
 	cleanupForceDestroyedMachine         cleanupKind = "machine"
 	cleanupAttachmentsForDyingStorage    cleanupKind = "storageAttachments"
@@ -83,6 +84,8 @@
 		switch doc.Kind {
 		case cleanupRelationSettings:
 			err = st.cleanupRelationSettings(doc.Prefix)
+		case cleanupCharmForDyingService:
+			err = st.cleanupCharmForDyingService(doc.Prefix)
 		case cleanupUnitsForDyingService:
 			err = st.cleanupUnitsForDyingService(doc.Prefix)
 		case cleanupDyingUnit:
@@ -108,14 +111,14 @@
 		default:
 			handler, ok := cleanupHandlers[doc.Kind]
 			if !ok {
-				err = fmt.Errorf("unknown cleanup kind %q", doc.Kind)
+				err = errors.Errorf("unknown cleanup kind %q", doc.Kind)
 			} else {
 				persist := st.newPersistence()
 				err = handler(st, persist, doc.Prefix)
 			}
 		}
 		if err != nil {
-			logger.Warningf("cleanup failed: %v", err)
+			logger.Errorf("cleanup failed: %v", err)
 			continue
 		}
 		ops := []txn.Op{{
@@ -124,7 +127,7 @@
 			Remove: true,
 		}}
 		if err := st.runTransaction(ops); err != nil {
-			logger.Warningf("cannot remove empty cleanup document: %v", err)
+			return errors.Annotate(err, "cannot remove empty cleanup document")
 		}
 	}
 	return nil
@@ -174,12 +177,9 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
-	for _, env := range models {
-
-		if env.Life() == Alive {
-			if err := env.Destroy(); err != nil {
-				return errors.Trace(err)
-			}
+	for _, model := range models {
+		if err := model.Destroy(); err != nil {
+			return errors.Trace(err)
 		}
 	}
 	return nil
@@ -224,14 +224,14 @@
 	// This won't miss services, because a Dying model cannot have
 	// services added to it. But we do have to remove the services themselves
 	// via individual transactions, because they could be in any state at all.
-	services, closer := st.getCollection(servicesC)
+	applications, closer := st.getCollection(applicationsC)
 	defer closer()
-	service := Service{st: st}
+	application := Application{st: st}
 	sel := bson.D{{"life", Alive}}
-	iter := services.Find(sel).Iter()
+	iter := applications.Find(sel).Iter()
 	defer closeIter(iter, &err, "reading service document")
-	for iter.Next(&service.doc) {
-		if err := service.Destroy(); err != nil {
+	for iter.Next(&application.doc) {
+		if err := application.Destroy(); err != nil {
 			return err
 		}
 	}
@@ -241,21 +241,15 @@
 // cleanupUnitsForDyingService sets all units with the given prefix to Dying,
 // if they are not already Dying or Dead. It's expected to be used when a
 // service is destroyed.
-func (st *State) cleanupUnitsForDyingService(serviceName string) (err error) {
+func (st *State) cleanupUnitsForDyingService(applicationname string) (err error) {
 	// This won't miss units, because a Dying service cannot have units added
 	// to it. But we do have to remove the units themselves via individual
 	// transactions, because they could be in any state at all.
 	units, closer := st.getCollection(unitsC)
 	defer closer()
 
-	// TODO(mjs) - remove this post v1.21
-	// Older versions of the code put a trailing forward slash on the
-	// end of the service name. Remove it here in case a pre-upgrade
-	// cleanup document is seen.
-	serviceName = strings.TrimSuffix(serviceName, "/")
-
 	unit := Unit{st: st}
-	sel := bson.D{{"service", serviceName}, {"life", Alive}}
+	sel := bson.D{{"application", applicationname}, {"life", Alive}}
 	iter := units.Find(sel).Iter()
 	defer closeIter(iter, &err, "reading unit document")
 	for iter.Next(&unit.doc) {
@@ -265,6 +259,25 @@
 	}
 	return nil
 }
+
+func (st *State) cleanupCharmForDyingService(charmURL string) error {
+	curl, err := charm.ParseURL(charmURL)
+	if err != nil {
+		return errors.Annotatef(err, "invalid charm URL %v", charmURL)
+	}
+	ch, err := st.Charm(curl)
+	if errors.IsNotFound(err) {
+		// Charm already removed.
+		return nil
+	}
+	if err != nil {
+		return errors.Annotate(err, "cannot read charm record from state")
+	}
+	if err := st.deleteCharmArchive(curl, ch.StoragePath()); err != nil && !errors.IsNotFound(err) {
+		return errors.Annotate(err, "cannot remove charm archive from storage")
+	}
+	return nil
+}
 
 // cleanupDyingUnit marks resources owned by the unit as dying, to ensure
 // they are cleaned up as well.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/cleanup_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/cleanup_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/cleanup_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/cleanup_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,16 +4,18 @@
 package state_test
 
 import (
+	"bytes"
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/state"
+	"github.com/juju/juju/state/storage"
 	"github.com/juju/juju/storage/provider"
 	"github.com/juju/juju/storage/provider/registry"
 	"github.com/juju/juju/testing/factory"
@@ -72,13 +74,37 @@
 	s.assertCleanupCount(c, 1)
 }
 
+func (s *CleanupSuite) TestCleanupDyingServiceCharm(c *gc.C) {
+	// Create a service and  a charm.
+	ch := s.AddTestingCharm(c, "mysql")
+	mysql := s.AddTestingService(c, "mysql", ch)
+
+	// Create a dummy archive blob.
+	stor := storage.NewStorage(s.State.ModelUUID(), s.State.MongoSession())
+	storagePath := "dummy-path"
+	err := stor.Put(storagePath, bytes.NewReader([]byte("data")), 4)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Destroy the service and check that a cleanup has been scheduled.
+	err = mysql.Destroy()
+	c.Assert(err, jc.ErrorIsNil)
+	s.assertNeedsCleanup(c)
+
+	// Run the cleanup, and check that the charm is removed.
+	s.assertCleanupRuns(c)
+	_, _, err = stor.Get(storagePath)
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+	_, err = s.State.Charm(ch.URL())
+	c.Assert(err, jc.Satisfies, errors.IsNotFound)
+}
+
 func (s *CleanupSuite) TestCleanupControllerModels(c *gc.C) {
 	s.assertDoesNotNeedCleanup(c)
 
 	// Create a non-empty hosted model.
 	otherSt := s.Factory.MakeModel(c, nil)
 	defer otherSt.Close()
-	factory.NewFactory(otherSt).MakeService(c, nil)
+	factory.NewFactory(otherSt).MakeApplication(c, nil)
 	otherEnv, err := otherSt.Model()
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -110,7 +136,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Create a relation with a unit in scope and assigned to the hosted machine.
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 	err = pr.u0.AssignToMachine(machine)
 	c.Assert(err, jc.ErrorIsNil)
 	err = pr.ru0.EnterScope(nil)
@@ -151,7 +177,7 @@
 	s.assertDoesNotNeedCleanup(c)
 
 	// Destroy the model and check the service and units are
-	// unaffected, but a cleanup for the service has been scheduled.
+	// unaffected, but a cleanup for the application has been scheduled.
 	env, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
 	err = env.Destroy()
@@ -183,7 +209,7 @@
 
 func (s *CleanupSuite) TestCleanupRelationSettings(c *gc.C) {
 	// Create a relation with a unit in scope.
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 	rel := pr.ru0.Relation()
 	err := pr.ru0.EnterScope(map[string]interface{}{"some": "settings"})
 	c.Assert(err, jc.ErrorIsNil)
@@ -230,7 +256,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Create a relation with a unit in scope and assigned to the machine.
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 	err = pr.u0.AssignToMachine(machine)
 	c.Assert(err, jc.ErrorIsNil)
 	err = pr.ru0.EnterScope(nil)
@@ -261,7 +287,7 @@
 	container, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, machine.Id(), instance.LXC)
+	}, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Create active units (in relation scope, with subordinates).
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/cloudcredentials.go juju-core-2.0~beta12/src/github.com/juju/juju/state/cloudcredentials.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/cloudcredentials.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/cloudcredentials.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,139 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	"fmt"
+
+	"github.com/juju/errors"
+	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/cloud"
+)
+
+// cloudCredentialDoc records information about a user's cloud credentials.
+type cloudCredentialDoc struct {
+	DocID      string            `bson:"_id"`
+	Owner      string            `bson:"owner"`
+	Cloud      string            `bson:"cloud"`
+	Name       string            `bson:"name"`
+	AuthType   string            `bson:"auth-type"`
+	Attributes map[string]string `bson:"attributes,omitempty"`
+}
+
+// CloudCredentials returns the user's cloud credentials for a given cloud,
+// keyed by credential name.
+func (st *State) CloudCredentials(user names.UserTag, cloudName string) (map[string]cloud.Credential, error) {
+	coll, cleanup := st.getCollection(cloudCredentialsC)
+	defer cleanup()
+
+	var doc cloudCredentialDoc
+	credentials := make(map[string]cloud.Credential)
+	iter := coll.Find(bson.D{
+		{"owner", user.Canonical()},
+		{"cloud", cloudName},
+	}).Iter()
+	for iter.Next(&doc) {
+		credentials[doc.Name] = doc.toCredential()
+	}
+	if err := iter.Close(); err != nil {
+		return nil, errors.Annotatef(
+			err, "cannot get cloud credentials for user %q, cloud %q",
+			user.Canonical(), cloudName,
+		)
+	}
+	return credentials, nil
+}
+
+// UpdateCloudCredentials updates the user's cloud credentials. Any existing
+// credentials with the same names will be replaced, and any other credentials
+// not in the updated set will be untouched.
+func (st *State) UpdateCloudCredentials(user names.UserTag, cloudName string, credentials map[string]cloud.Credential) error {
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		cloud, err := st.Cloud(cloudName)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		ops, err := validateCloudCredentials(cloud, cloudName, credentials)
+		if err != nil {
+			return nil, errors.Annotate(err, "validating cloud credentials")
+		}
+		ops = append(ops, updateCloudCredentialsOps(user, cloudName, credentials)...)
+		return ops, nil
+	}
+	if err := st.run(buildTxn); err != nil {
+		return errors.Annotatef(
+			err, "updating cloud credentials for user %q, cloud %q",
+			user.String(), cloudName,
+		)
+	}
+	return nil
+}
+
+// updateCloudCredentialsOps returns a list of txn.Ops that will create
+// or update a set of cloud credentials for a user.
+func updateCloudCredentialsOps(user names.UserTag, cloudName string, credentials map[string]cloud.Credential) []txn.Op {
+	owner := user.Canonical()
+	ops := make([]txn.Op, 0, len(credentials))
+	for name, credential := range credentials {
+		ops = append(ops, txn.Op{
+			C:      cloudCredentialsC,
+			Id:     cloudCredentialDocID(user, cloudName, name),
+			Assert: txn.DocMissing,
+			Insert: &cloudCredentialDoc{
+				Owner:      owner,
+				Cloud:      cloudName,
+				Name:       name,
+				AuthType:   string(credential.AuthType()),
+				Attributes: credential.Attributes(),
+			},
+		})
+	}
+	return ops
+}
+
+func cloudCredentialDocID(user names.UserTag, cloudName, credentialName string) string {
+	return fmt.Sprintf("%s#%s#%s", user.Canonical(), cloudName, credentialName)
+}
+
+func (c cloudCredentialDoc) toCredential() cloud.Credential {
+	out := cloud.NewCredential(cloud.AuthType(c.AuthType), c.Attributes)
+	out.Label = c.Name
+	return out
+}
+
+// validateCloudCredentials checks that the supplied cloud credentials are
+// valid for use with the controller's cloud, and returns a set of txn.Ops
+// to assert the same in a transaction.
+func validateCloudCredentials(cloud cloud.Cloud, cloudName string, credentials map[string]cloud.Credential) ([]txn.Op, error) {
+	requiredAuthTypes := make(set.Strings)
+	for name, credential := range credentials {
+		var found bool
+		for _, authType := range cloud.AuthTypes {
+			if credential.AuthType() == authType {
+				found = true
+				break
+			}
+		}
+		if !found {
+			return nil, errors.NewNotValid(nil, fmt.Sprintf(
+				"credential %q with auth-type %q is not supported (expected one of %q)",
+				name, credential.AuthType(), cloud.AuthTypes,
+			))
+		}
+		requiredAuthTypes.Add(string(credential.AuthType()))
+	}
+	ops := make([]txn.Op, len(requiredAuthTypes))
+	for i, authType := range requiredAuthTypes.SortedValues() {
+		ops[i] = txn.Op{
+			C:      cloudsC,
+			Id:     cloudName,
+			Assert: bson.D{{"auth-types", authType}},
+		}
+	}
+	return ops, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/cloud.go juju-core-2.0~beta12/src/github.com/juju/juju/state/cloud.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/cloud.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/cloud.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,122 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/utils/set"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/cloud"
+)
+
+// cloudGlobalKey returns the global database key for the specified cloud.
+func cloudGlobalKey(name string) string {
+	return "cloud#" + name
+}
+
+// cloudDoc records information about the cloud that the controller operates in.
+type cloudDoc struct {
+	DocID           string                       `bson:"_id"`
+	Name            string                       `bson:"name"`
+	Type            string                       `bson:"type"`
+	AuthTypes       []string                     `bson:"auth-types"`
+	Endpoint        string                       `bson:"endpoint"`
+	StorageEndpoint string                       `bson:"storage-endpoint,omitempty"`
+	Regions         map[string]cloudRegionSubdoc `bson:"regions,omitempty"`
+}
+
+// cloudRegionSubdoc records information about cloud regions.
+type cloudRegionSubdoc struct {
+	Endpoint        string `bson:"endpoint,omitempty"`
+	StorageEndpoint string `bson:"storage-endpoint,omitempty"`
+}
+
+// createCloudOp returns a list of txn.Ops that will initialize
+// the cloud definition for the controller.
+func createCloudOp(cloud cloud.Cloud, cloudName string) txn.Op {
+	authTypes := make([]string, len(cloud.AuthTypes))
+	for i, authType := range cloud.AuthTypes {
+		authTypes[i] = string(authType)
+	}
+	regions := make(map[string]cloudRegionSubdoc)
+	for _, region := range cloud.Regions {
+		regions[region.Name] = cloudRegionSubdoc{
+			region.Endpoint,
+			region.StorageEndpoint,
+		}
+	}
+	return txn.Op{
+		C:      cloudsC,
+		Id:     cloudName,
+		Assert: txn.DocMissing,
+		Insert: &cloudDoc{
+			Name:            cloudName,
+			Type:            cloud.Type,
+			AuthTypes:       authTypes,
+			Endpoint:        cloud.Endpoint,
+			StorageEndpoint: cloud.StorageEndpoint,
+			Regions:         regions,
+		},
+	}
+}
+
+func (d cloudDoc) toCloud() cloud.Cloud {
+	authTypes := make([]cloud.AuthType, len(d.AuthTypes))
+	for i, authType := range d.AuthTypes {
+		authTypes[i] = cloud.AuthType(authType)
+	}
+	regionNames := make(set.Strings)
+	for name := range d.Regions {
+		regionNames.Add(name)
+	}
+	regions := make([]cloud.Region, len(d.Regions))
+	for i, name := range regionNames.SortedValues() {
+		region := d.Regions[name]
+		regions[i] = cloud.Region{
+			name,
+			region.Endpoint,
+			region.StorageEndpoint,
+		}
+	}
+	return cloud.Cloud{
+		d.Type,
+		authTypes,
+		d.Endpoint,
+		d.StorageEndpoint,
+		regions,
+		nil, // Config is not stored, only relevant to bootstrap
+	}
+}
+
+// Cloud returns the controller's cloud definition.
+func (st *State) Cloud(name string) (cloud.Cloud, error) {
+	coll, cleanup := st.getCollection(cloudsC)
+	defer cleanup()
+
+	var doc cloudDoc
+	err := coll.FindId(name).One(&doc)
+	if err == mgo.ErrNotFound {
+		return cloud.Cloud{}, errors.NotFoundf("cloud %q", name)
+	}
+	if err != nil {
+		return cloud.Cloud{}, errors.Annotatef(err, "cannot get cloud %q", name)
+	}
+	return doc.toCloud(), nil
+}
+
+// validateCloud checks that the supplied cloud is valid.
+func validateCloud(cloud cloud.Cloud) error {
+	if cloud.Type == "" {
+		return errors.NotValidf("empty Type")
+	}
+	if len(cloud.AuthTypes) == 0 {
+		return errors.NotValidf("empty auth-types")
+	}
+	// TODO(axw) we should ensure that the cloud auth-types is a subset
+	// of the auth-types supported by the provider. To do that, we'll
+	// need a new "policy".
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/collection.go juju-core-2.0~beta12/src/github.com/juju/juju/state/collection.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/collection.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/collection.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,17 +11,6 @@
 	"github.com/juju/juju/mongo"
 )
 
-// getCollection fetches a named collection using a new session if the
-// database has previously been logged in to. It returns the
-// collection and a closer function for the session.
-//
-// If the collection stores documents for multiple models, the
-// returned collection will automatically perform model
-// filtering where possible. See modelStateCollection below.
-func (st *State) getCollection(name string) (mongo.Collection, func()) {
-	return st.database.GetCollection(name)
-}
-
 // getRawCollection returns the named mgo Collection. As no automatic
 // model filtering is performed by the returned collection it
 // should be rarely used. getCollection() should be used in almost all
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/conn_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/conn_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/conn_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/conn_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package state_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/state"
@@ -47,7 +47,7 @@
 	cs.machines = jujuDB.C("machines")
 	cs.instanceData = jujuDB.C("instanceData")
 	cs.relations = jujuDB.C("relations")
-	cs.services = jujuDB.C("services")
+	cs.services = jujuDB.C("applications")
 	cs.units = jujuDB.C("units")
 	cs.controllers = jujuDB.C("controllers")
 
@@ -58,16 +58,16 @@
 	return state.AddTestingCharm(c, s.State, name)
 }
 
-func (s *ConnSuite) AddTestingService(c *gc.C, name string, ch *state.Charm) *state.Service {
-	return state.AddTestingService(c, s.State, name, ch, s.Owner)
+func (s *ConnSuite) AddTestingService(c *gc.C, name string, ch *state.Charm) *state.Application {
+	return state.AddTestingService(c, s.State, name, ch)
 }
 
-func (s *ConnSuite) AddTestingServiceWithStorage(c *gc.C, name string, ch *state.Charm, storage map[string]state.StorageConstraints) *state.Service {
-	return state.AddTestingServiceWithStorage(c, s.State, name, ch, s.Owner, storage)
+func (s *ConnSuite) AddTestingServiceWithStorage(c *gc.C, name string, ch *state.Charm, storage map[string]state.StorageConstraints) *state.Application {
+	return state.AddTestingServiceWithStorage(c, s.State, name, ch, storage)
 }
 
-func (s *ConnSuite) AddTestingServiceWithBindings(c *gc.C, name string, ch *state.Charm, bindings map[string]string) *state.Service {
-	return state.AddTestingServiceWithBindings(c, s.State, name, ch, s.Owner, bindings)
+func (s *ConnSuite) AddTestingServiceWithBindings(c *gc.C, name string, ch *state.Charm, bindings map[string]string) *state.Application {
+	return state.AddTestingServiceWithBindings(c, s.State, name, ch, bindings)
 }
 
 func (s *ConnSuite) AddSeriesCharm(c *gc.C, name, series string) *state.Charm {
@@ -107,7 +107,7 @@
 		"uuid": utils.MustNewUUID().String(),
 	})
 	otherOwner := names.NewLocalUserTag("test-admin")
-	_, otherState, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: otherOwner})
+	_, otherState, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: otherOwner})
 
 	c.Assert(err, jc.ErrorIsNil)
 	s.AddCleanup(func(*gc.C) { otherState.Close() })
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/constraintsvalidation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/constraintsvalidation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/constraintsvalidation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/constraintsvalidation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -163,14 +163,14 @@
 }, {
 	about:        "container type can only be used for deployment, not provisioning",
 	consToSet:    "container=kvm arch=amd64",
-	consFallback: "container=lxc mem=8G",
+	consFallback: "container=lxd mem=8G",
 
 	// service deployment constraints are transformed into machine
 	// provisioning constraints, and the container type only makes
 	// sense currently as a deployment constraint, so it's cleared
 	// when merging service/model deployment constraints into
 	// effective machine provisioning constraints.
-	effectiveModelCons:   "container=lxc mem=8G",
+	effectiveModelCons:   "container=lxd mem=8G",
 	effectiveServiceCons: "container=kvm arch=amd64",
 	effectiveUnitCons:    "container=kvm mem=8G arch=amd64",
 	effectiveMachineCons: "mem=8G arch=amd64",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/controller.go juju-core-2.0~beta12/src/github.com/juju/juju/state/controller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/controller.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/controller.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,27 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	"github.com/juju/errors"
+
+	jujucontroller "github.com/juju/juju/controller"
+)
+
+const (
+	// controllerSettingsGlobalKey is the key for the controller and its settings.
+	controllerSettingsGlobalKey = "controllerSettings"
+
+	// controllerInheritedSettingsGlobalKey is the key for default settings shared across models.
+	controllerInheritedSettingsGlobalKey = "controllerInheritedSettings"
+)
+
+// ControllerConfig returns the config values for the controller.
+func (st *State) ControllerConfig() (jujucontroller.Config, error) {
+	settings, err := readSettings(st, controllersC, controllerSettingsGlobalKey)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return settings.Map(), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/controller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/controller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/controller_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/controller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,44 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state_test
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/state"
+)
+
+type ControllerConfigSuite struct {
+	ConnSuite
+}
+
+var _ = gc.Suite(&ControllerConfigSuite{})
+
+func (s *ControllerConfigSuite) TestControllerAndModelConfigInitialisation(c *gc.C) {
+	// Test setup has created model using a fully populated environs.Config.
+	// This test ensure that the controller specific attributes have been separated out.
+	controllerSettings, err := s.State.ReadSettings(state.ControllersC, "controllerSettings")
+	c.Assert(err, jc.ErrorIsNil)
+
+	optional := func(attr string) bool {
+		return attr == controller.IdentityURL || attr == controller.IdentityPublicKey
+	}
+	for _, controllerAttr := range controller.ControllerOnlyConfigAttributes {
+		v, ok := controllerSettings.Get(controllerAttr)
+		if !optional(controllerAttr) {
+			c.Assert(ok, jc.IsTrue)
+			c.Assert(v, gc.Not(gc.Equals), "")
+		}
+	}
+}
+
+func (s *ControllerConfigSuite) TestControllerConfig(c *gc.C) {
+	cfg, err := s.State.ControllerConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	m, err := s.State.ControllerModel()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg["controller-uuid"], gc.Equals, m.ControllerUUID())
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/database.go juju-core-2.0~beta12/src/github.com/juju/juju/state/database.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/database.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/database.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/mongo"
@@ -171,7 +171,7 @@
 func (db *database) GetCollection(name string) (collection mongo.Collection, closer SessionCloser) {
 	info, found := db.schema[name]
 	if !found {
-		logger.Warningf("using unknown collection %q", name)
+		logger.Errorf("using unknown collection %q", name)
 	}
 
 	// Copy session if necessary.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/distribution.go juju-core-2.0~beta12/src/github.com/juju/juju/state/distribution.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/distribution.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/distribution.go	2016-07-18 19:45:44.000000000 +0000
@@ -35,7 +35,7 @@
 	if distributor == nil {
 		return nil, fmt.Errorf("policy returned nil instance distributor without an error")
 	}
-	distributionGroup, err := ServiceInstances(u.st, u.doc.Service)
+	distributionGroup, err := ServiceInstances(u.st, u.doc.Application)
 	if err != nil {
 		return nil, err
 	}
@@ -46,9 +46,9 @@
 }
 
 // ServiceInstances returns the instance IDs of provisioned
-// machines that are assigned units of the specified service.
-func ServiceInstances(st *State, service string) ([]instance.Id, error) {
-	units, err := allUnits(st, service)
+// machines that are assigned units of the specified application.
+func ServiceInstances(st *State, application string) ([]instance.Id, error) {
+	units, err := allUnits(st, application)
 	if err != nil {
 		return nil, err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/distribution_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/distribution_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/distribution_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/distribution_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,7 +18,7 @@
 type InstanceDistributorSuite struct {
 	ConnSuite
 	distributor mockInstanceDistributor
-	wordpress   *state.Service
+	wordpress   *state.Application
 	machines    []*state.Machine
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/endpoint_bindings.go juju-core-2.0~beta12/src/github.com/juju/juju/state/endpoint_bindings.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/endpoint_bindings.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/endpoint_bindings.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,8 +18,7 @@
 // endpointBindingsDoc per service.
 type endpointBindingsDoc struct {
 	// DocID is always the same as a service's global key.
-	DocID   string `bson:"_id"`
-	EnvUUID string `bson:"env-uuid"`
+	DocID string `bson:"_id"`
 
 	// Bindings maps a service endpoint name to the space name it is bound to.
 	Bindings bindingsMap `bson:"bindings"`
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/endpoint.go juju-core-2.0~beta12/src/github.com/juju/juju/state/endpoint.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/endpoint.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/endpoint.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,18 +29,21 @@
 
 // Endpoint represents one endpoint of a relation.
 type Endpoint struct {
-	ServiceName string
+	ApplicationName string
+	// TODO: thumper 2016-06-27
+	// This is pure evil and we should not be storing structures from
+	// external packages directly in mongo.
 	charm.Relation
 }
 
 // String returns the unique identifier of the relation endpoint.
 func (ep Endpoint) String() string {
-	return ep.ServiceName + ":" + ep.Name
+	return ep.ApplicationName + ":" + ep.Name
 }
 
 // CanRelateTo returns whether a relation may be established between e and other.
 func (ep Endpoint) CanRelateTo(other Endpoint) bool {
-	return ep.ServiceName != other.ServiceName &&
+	return ep.ApplicationName != other.ApplicationName &&
 		ep.Interface == other.Interface &&
 		ep.Role != charm.RolePeer &&
 		counterpartRole(ep.Role) == other.Role
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/endpoint_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/endpoint_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/endpoint_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/endpoint_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,7 +32,7 @@
 	for i, t := range canRelateTests {
 		c.Logf("test %d", i)
 		ep1 := state.Endpoint{
-			ServiceName: "one-service",
+			ApplicationName: "one-service",
 			Relation: charm.Relation{
 				Interface: "ifce",
 				Name:      "foo",
@@ -41,7 +41,7 @@
 			},
 		}
 		ep2 := state.Endpoint{
-			ServiceName: "another-service",
+			ApplicationName: "another-service",
 			Relation: charm.Relation{
 				Interface: "ifce",
 				Name:      "bar",
@@ -58,7 +58,7 @@
 		c.Assert(ep2.CanRelateTo(ep1), jc.IsFalse)
 	}
 	ep1 := state.Endpoint{
-		ServiceName: "same-service",
+		ApplicationName: "same-service",
 		Relation: charm.Relation{
 			Interface: "ifce",
 			Name:      "foo",
@@ -67,7 +67,7 @@
 		},
 	}
 	ep2 := state.Endpoint{
-		ServiceName: "same-service",
+		ApplicationName: "same-service",
 		Relation: charm.Relation{
 			Interface: "ifce",
 			Name:      "bar",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/environcapability_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/environcapability_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/environcapability_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/environcapability_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -63,7 +63,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	_, err := s.State.AddMachineInsideNewMachine(template, template, instance.LXC)
+	_, err := s.State.AddMachineInsideNewMachine(template, template, instance.LXD)
 	return err
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,12 +11,12 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	jujutxn "github.com/juju/txn"
 	txntesting "github.com/juju/txn/testing"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -25,45 +25,43 @@
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/testcharms"
+	"github.com/juju/juju/version"
 )
 
 const (
-	InstanceDataC     = instanceDataC
 	MachinesC         = machinesC
-	ServicesC         = servicesC
+	ApplicationsC     = applicationsC
 	EndpointBindingsC = endpointBindingsC
-	SettingsC         = settingsC
-	UnitsC            = unitsC
+	ControllersC      = controllersC
 	UsersC            = usersC
 	BlockDevicesC     = blockDevicesC
 	StorageInstancesC = storageInstancesC
-	StatusesHistoryC  = statusesHistoryC
 	GUISettingsC      = guisettingsC
+	GlobalSettingsC   = globalSettingsC
 )
 
 var (
-	BinarystorageNew       = &binarystorageNew
-	ImageStorageNewStorage = &imageStorageNewStorage
-	MachineIdLessThan      = machineIdLessThan
-	ControllerAvailable    = &controllerAvailable
-	GetOrCreatePorts       = getOrCreatePorts
-	GetPorts               = getPorts
-	PortsGlobalKey         = portsGlobalKey
-	CurrentUpgradeId       = currentUpgradeId
-	NowToTheSecond         = nowToTheSecond
-	PickAddress            = &pickAddress
-	AddVolumeOps           = (*State).addVolumeOps
-	CombineMeterStatus     = combineMeterStatus
-	ServiceGlobalKey       = serviceGlobalKey
-	MergeBindings          = mergeBindings
-	UpgradeInProgressError = errUpgradeInProgress
+	BinarystorageNew                     = &binarystorageNew
+	ImageStorageNewStorage               = &imageStorageNewStorage
+	MachineIdLessThan                    = machineIdLessThan
+	ControllerAvailable                  = &controllerAvailable
+	GetOrCreatePorts                     = getOrCreatePorts
+	GetPorts                             = getPorts
+	NowToTheSecond                       = nowToTheSecond
+	AddVolumeOps                         = (*State).addVolumeOps
+	CombineMeterStatus                   = combineMeterStatus
+	ApplicationGlobalKey                 = applicationGlobalKey
+	ReadSettings                         = readSettings
+	ControllerInheritedSettingsGlobalKey = controllerInheritedSettingsGlobalKey
+	MergeBindings                        = mergeBindings
+	UpgradeInProgressError               = errUpgradeInProgress
 )
 
 type (
 	CharmDoc        charmDoc
 	MachineDoc      machineDoc
 	RelationDoc     relationDoc
-	ServiceDoc      serviceDoc
+	ApplicationDoc  applicationDoc
 	UnitDoc         unitDoc
 	BlockDevicesDoc blockDevicesDoc
 )
@@ -104,11 +102,11 @@
 	return m.String()
 }
 
-func ServiceSettingsRefCount(st *State, serviceName string, curl *charm.URL) (int, error) {
+func ServiceSettingsRefCount(st *State, applicationname string, curl *charm.URL) (int, error) {
 	settingsRefsCollection, closer := st.getCollection(settingsrefsC)
 	defer closer()
 
-	key := serviceSettingsKey(serviceName, curl)
+	key := applicationSettingsKey(applicationname, curl)
 	var doc settingsRefsDoc
 	if err := settingsRefsCollection.FindId(key).One(&doc); err == nil {
 		return doc.RefCount, nil
@@ -139,28 +137,27 @@
 	return sch
 }
 
-func AddTestingService(c *gc.C, st *State, name string, ch *Charm, owner names.UserTag) *Service {
-	return addTestingService(c, st, "", name, ch, owner, nil, nil)
+func AddTestingService(c *gc.C, st *State, name string, ch *Charm) *Application {
+	return addTestingService(c, st, "", name, ch, nil, nil)
 }
 
-func AddTestingServiceForSeries(c *gc.C, st *State, series, name string, ch *Charm, owner names.UserTag) *Service {
-	return addTestingService(c, st, series, name, ch, owner, nil, nil)
+func AddTestingServiceForSeries(c *gc.C, st *State, series, name string, ch *Charm) *Application {
+	return addTestingService(c, st, series, name, ch, nil, nil)
 }
 
-func AddTestingServiceWithStorage(c *gc.C, st *State, name string, ch *Charm, owner names.UserTag, storage map[string]StorageConstraints) *Service {
-	return addTestingService(c, st, "", name, ch, owner, nil, storage)
+func AddTestingServiceWithStorage(c *gc.C, st *State, name string, ch *Charm, storage map[string]StorageConstraints) *Application {
+	return addTestingService(c, st, "", name, ch, nil, storage)
 }
 
-func AddTestingServiceWithBindings(c *gc.C, st *State, name string, ch *Charm, owner names.UserTag, bindings map[string]string) *Service {
-	return addTestingService(c, st, "", name, ch, owner, bindings, nil)
+func AddTestingServiceWithBindings(c *gc.C, st *State, name string, ch *Charm, bindings map[string]string) *Application {
+	return addTestingService(c, st, "", name, ch, bindings, nil)
 }
 
-func addTestingService(c *gc.C, st *State, series, name string, ch *Charm, owner names.UserTag, bindings map[string]string, storage map[string]StorageConstraints) *Service {
+func addTestingService(c *gc.C, st *State, series, name string, ch *Charm, bindings map[string]string, storage map[string]StorageConstraints) *Application {
 	c.Assert(ch, gc.NotNil)
-	service, err := st.AddService(AddServiceArgs{
+	service, err := st.AddApplication(AddApplicationArgs{
 		Name:             name,
 		Series:           series,
-		Owner:            owner.String(),
 		Charm:            ch,
 		EndpointBindings: bindings,
 		Storage:          storage,
@@ -216,18 +213,6 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-// SCHEMACHANGE
-// This method is used to reset the ownertag attribute
-func SetServiceOwnerTag(s *Service, ownerTag string) {
-	s.doc.OwnerTag = ownerTag
-}
-
-// SCHEMACHANGE
-// Get the owner directly
-func GetServiceOwnerTag(s *Service) string {
-	return s.doc.OwnerTag
-}
-
 func SetPasswordHash(e Authenticator, passwordHash string) error {
 	type hasSetPasswordHash interface {
 		setPasswordHash(string) error
@@ -265,12 +250,12 @@
 }
 
 // MinUnitsRevno returns the Revno of the minUnits document
-// associated with the given service name.
-func MinUnitsRevno(st *State, serviceName string) (int, error) {
+// associated with the given application name.
+func MinUnitsRevno(st *State, applicationname string) (int, error) {
 	minUnitsCollection, closer := st.getCollection(minUnitsC)
 	defer closer()
 	var doc minUnitsDoc
-	if err := minUnitsCollection.FindId(serviceName).One(&doc); err != nil {
+	if err := minUnitsCollection.FindId(applicationname).One(&doc); err != nil {
 		return 0, err
 	}
 	return doc.Revno, nil
@@ -447,12 +432,13 @@
 ) *logDoc {
 	return &logDoc{
 		Id:        bson.NewObjectId(),
-		Time:      t,
+		Time:      t.UnixNano(),
 		ModelUUID: modelUUID,
 		Entity:    entity.String(),
+		Version:   version.Current.String(),
 		Module:    module,
 		Location:  location,
-		Level:     level,
+		Level:     int(level),
 		Message:   msg,
 	}
 }
@@ -475,7 +461,7 @@
 	return e.updateLastConnection(when)
 }
 
-func RemoveEndpointBindingsForService(c *gc.C, service *Service) {
+func RemoveEndpointBindingsForService(c *gc.C, service *Application) {
 	globalKey := service.globalKey()
 	removeOp := removeEndpointBindingsOp(globalKey)
 
@@ -484,11 +470,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func RelationCount(service *Service) int {
+func RelationCount(service *Application) int {
 	return service.doc.RelationCount
 }
 
-func AssertEndpointBindingsNotFoundForService(c *gc.C, service *Service) {
+func AssertEndpointBindingsNotFoundForService(c *gc.C, service *Application) {
 	globalKey := service.globalKey()
 	storedBindings, _, err := readEndpointBindings(service.st, globalKey)
 	c.Assert(storedBindings, gc.IsNil)
@@ -496,6 +482,14 @@
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
-func LeadershipLeases(st *State) map[string]lease.Info {
-	return st.leadershipClient.Leases()
+func LeadershipLeases(st *State) (map[string]lease.Info, error) {
+	client, err := st.getLeadershipLeaseClient()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return client.Leases(), nil
+}
+
+func DeleteCharm(st *State, curl *charm.URL) error {
+	return st.deleteCharm(curl)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/filesystem.go juju-core-2.0~beta12/src/github.com/juju/juju/state/filesystem.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/filesystem.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/filesystem.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,9 +10,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -275,8 +275,8 @@
 }
 
 // SetStatus is required to implement StatusSetter.
-func (f *filesystem) SetStatus(fsStatus status.Status, info string, data map[string]interface{}) error {
-	return f.st.SetFilesystemStatus(f.FilesystemTag(), fsStatus, info, data)
+func (f *filesystem) SetStatus(fsStatus status.StatusInfo) error {
+	return f.st.SetFilesystemStatus(f.FilesystemTag(), fsStatus.Status, fsStatus.Message, fsStatus.Data, fsStatus.Since)
 }
 
 // Filesystem is required to implement FilesystemAttachment.
@@ -1140,7 +1140,7 @@
 }
 
 // SetFilesystemStatus sets the status of the specified filesystem.
-func (st *State) SetFilesystemStatus(tag names.FilesystemTag, fsStatus status.Status, info string, data map[string]interface{}) error {
+func (st *State) SetFilesystemStatus(tag names.FilesystemTag, fsStatus status.Status, info string, data map[string]interface{}, updated *time.Time) error {
 	switch fsStatus {
 	case status.StatusAttaching, status.StatusAttached, status.StatusDetaching, status.StatusDetached, status.StatusDestroying:
 	case status.StatusError:
@@ -1168,5 +1168,6 @@
 		status:    fsStatus,
 		message:   info,
 		rawData:   data,
+		updated:   updated,
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/filesystem_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/filesystem_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/filesystem_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/filesystem_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/testing"
@@ -25,7 +25,7 @@
 	storage := map[string]state.StorageConstraints{
 		"data": makeStorageCons("invalid-pool", 1024, 1),
 	}
-	_, err := s.State.AddService(state.AddServiceArgs{Name: "storage-filesystem", Owner: s.Owner.String(), Charm: ch, Storage: storage})
+	_, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-filesystem", Charm: ch, Storage: storage})
 	c.Assert(err, gc.ErrorMatches, `.* pool "invalid-pool" not found`)
 }
 
@@ -56,14 +56,13 @@
 		"data": makeStorageCons("", 1024, 1),
 	}
 
-	args := state.AddServiceArgs{
+	args := state.AddApplicationArgs{
 		Name:     "storage-filesystem",
-		Owner:    s.Owner.String(),
 		Charm:    ch,
 		Storage:  storage,
 		NumUnits: numUnits,
 	}
-	svc, err := s.State.AddService(args)
+	svc, err := s.State.AddApplication(args)
 	c.Assert(err, jc.ErrorIsNil)
 	cons, err := svc.StorageConstraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -76,7 +75,7 @@
 	}
 	c.Assert(cons, jc.DeepEquals, expected)
 
-	svc, err = s.State.Service(args.Name)
+	svc, err = s.State.Application(args.Name)
 	c.Assert(err, jc.ErrorIsNil)
 
 	units, err := svc.AllUnits()
@@ -442,7 +441,7 @@
 	}
 	assertValid("0:0", names.NewMachineTag("0"), names.NewFilesystemTag("0"))
 	assertValid("0:0/1", names.NewMachineTag("0"), names.NewFilesystemTag("0/1"))
-	assertValid("0/lxc/0:1", names.NewMachineTag("0/lxc/0"), names.NewFilesystemTag("1"))
+	assertValid("0/lxd/0:1", names.NewMachineTag("0/lxd/0"), names.NewFilesystemTag("1"))
 }
 
 func (s *FilesystemStateSuite) TestParseFilesystemAttachmentIdError(c *gc.C) {
@@ -916,7 +915,7 @@
 		"data": makeStorageCons("rootfs", 1024, 1),
 	}
 
-	deploy := func(rev int, location, serviceName string) error {
+	deploy := func(rev int, location, applicationname string) error {
 		ch := s.createStorageCharmRev(c, "storage-filesystem", charm.Storage{
 			Name:     "data",
 			Type:     charm.StorageFilesystem,
@@ -924,7 +923,7 @@
 			CountMax: 1,
 			Location: location,
 		}, rev)
-		service := s.AddTestingServiceWithStorage(c, serviceName, ch, storage)
+		service := s.AddTestingServiceWithStorage(c, applicationname, ch, storage)
 		unit, err := service.AddUnit()
 		c.Assert(err, jc.ErrorIsNil)
 		return unit.AssignToMachine(machine)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/initialize_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/initialize_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/initialize_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/initialize_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,12 +4,14 @@
 package state_test
 
 import (
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/mongo/mongotest"
 	"github.com/juju/juju/state"
@@ -65,7 +67,45 @@
 	uuid := cfg.UUID()
 	initial := cfg.AllAttrs()
 	owner := names.NewLocalUserTag("initialize-admin")
-	st, err := state.Initialize(owner, statetesting.NewMongoInfo(), cfg, mongotest.DialOpts(), nil)
+
+	userpassCredential := cloud.NewCredential(
+		cloud.UserPassAuthType,
+		map[string]string{
+			"username": "alice",
+			"password": "hunter2",
+		},
+	)
+	userpassCredential.Label = "some-credential"
+	emptyCredential := cloud.NewEmptyCredential()
+	emptyCredential.Label = "empty-credential"
+	cloudCredentialsIn := map[string]cloud.Credential{
+		userpassCredential.Label: userpassCredential,
+		emptyCredential.Label:    emptyCredential,
+	}
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = uuid
+
+	st, err := state.Initialize(state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			Owner:           owner,
+			Config:          cfg,
+			CloudName:       "dummy",
+			CloudRegion:     "some-region",
+			CloudCredential: "some-credential",
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type: "dummy",
+			AuthTypes: []cloud.AuthType{
+				cloud.EmptyAuthType, cloud.UserPassAuthType,
+			},
+			Regions: []cloud.Region{{Name: "some-region"}},
+		},
+		CloudCredentials: cloudCredentialsIn,
+		MongoInfo:        statetesting.NewMongoInfo(),
+		MongoDialOpts:    mongotest.DialOpts(),
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(st, gc.NotNil)
 	modelTag := st.ModelTag()
@@ -77,22 +117,23 @@
 
 	cfg, err = s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cfg.AllAttrs(), gc.DeepEquals, initial)
+	c.Assert(cfg.AllAttrs(), jc.DeepEquals, initial)
 	// Check that the model has been created.
-	env, err := s.State.Model()
+	model, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(env.Tag(), gc.Equals, modelTag)
+	c.Assert(model.Tag(), gc.Equals, modelTag)
+	c.Assert(model.CloudRegion(), gc.Equals, "some-region")
 	// Check that the owner has been created.
-	c.Assert(env.Owner(), gc.Equals, owner)
+	c.Assert(model.Owner(), gc.Equals, owner)
 	// Check that the owner can be retrieved by the tag.
-	entity, err := s.State.FindEntity(env.Owner())
+	entity, err := s.State.FindEntity(model.Owner())
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(entity.Tag(), gc.Equals, owner)
 	// Check that the owner has an ModelUser created for the bootstrapped model.
-	modelUser, err := s.State.ModelUser(env.Owner())
+	modelUser, err := s.State.ModelUser(model.Owner())
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(modelUser.UserTag(), gc.Equals, owner)
-	c.Assert(modelUser.ModelTag(), gc.Equals, env.Tag())
+	c.Assert(modelUser.ModelTag(), gc.Equals, model.Tag())
 
 	// Check that the model can be found through the tag.
 	entity, err = s.State.FindEntity(modelTag)
@@ -107,7 +148,90 @@
 
 	info, err := s.State.ControllerInfo()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(info, jc.DeepEquals, &state.ControllerInfo{ModelTag: modelTag})
+	c.Assert(info, jc.DeepEquals, &state.ControllerInfo{ModelTag: modelTag, CloudName: "dummy"})
+
+	// Check that the model's cloud and credential names are as
+	// expected, and the owner's cloud credentials are initialised.
+	c.Assert(model.Cloud(), gc.Equals, "dummy")
+	c.Assert(model.CloudCredential(), gc.Equals, "some-credential")
+	cloudCredentials, err := s.State.CloudCredentials(model.Owner(), "dummy")
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cloudCredentials, jc.DeepEquals, cloudCredentialsIn)
+}
+
+func (s *InitializeSuite) TestInitializeWithInvalidCredentialType(c *gc.C) {
+	owner := names.NewLocalUserTag("initialize-admin")
+	modelCfg := testing.ModelConfig(c)
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = modelCfg.UUID()
+	_, err := state.Initialize(state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			CloudName: "dummy",
+			Owner:     owner,
+			Config:    modelCfg,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type: "dummy",
+			AuthTypes: []cloud.AuthType{
+				cloud.AccessKeyAuthType, cloud.OAuth1AuthType,
+			},
+		},
+		CloudCredentials: map[string]cloud.Credential{
+			"borken": cloud.NewCredential(cloud.UserPassAuthType, nil),
+		},
+		MongoInfo:     statetesting.NewMongoInfo(),
+		MongoDialOpts: mongotest.DialOpts(),
+	})
+	c.Assert(err, gc.ErrorMatches,
+		`validating initialization args: validating cloud credentials: credential "borken" with auth-type "userpass" is not supported \(expected one of \["access-key" "oauth1"\]\)`,
+	)
+}
+
+func (s *InitializeSuite) TestInitializeWithControllerinheritedconfig(c *gc.C) {
+	cfg := testing.ModelConfig(c)
+	uuid := cfg.UUID()
+	initial := cfg.AllAttrs()
+	controllerInheritedConfigIn := map[string]interface{}{
+		"default-series": initial["default-series"],
+	}
+	owner := names.NewLocalUserTag("initialize-admin")
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = uuid
+
+	st, err := state.Initialize(state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			CloudName: "dummy",
+			Owner:     owner,
+			Config:    cfg,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		ControllerInheritedConfig: controllerInheritedConfigIn,
+		MongoInfo:                 statetesting.NewMongoInfo(),
+		MongoDialOpts:             mongotest.DialOpts(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(st, gc.NotNil)
+	modelTag := st.ModelTag()
+	c.Assert(modelTag.Id(), gc.Equals, uuid)
+	err = st.Close()
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.openState(c, modelTag)
+
+	ControllerInheritedConfig, err := state.ReadSettings(s.State, state.GlobalSettingsC, state.ControllerInheritedSettingsGlobalKey)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ControllerInheritedConfig.Map(), jc.DeepEquals, controllerInheritedConfigIn)
+
+	cfg, err = s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg.AllAttrs(), jc.DeepEquals, initial)
 }
 
 func (s *InitializeSuite) TestDoubleInitializeConfig(c *gc.C) {
@@ -116,12 +240,30 @@
 
 	mgoInfo := statetesting.NewMongoInfo()
 	dialOpts := mongotest.DialOpts()
-	st, err := state.Initialize(owner, mgoInfo, cfg, dialOpts, state.Policy(nil))
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = cfg.UUID()
+
+	args := state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			CloudName: "dummy",
+			Owner:     owner,
+			Config:    cfg,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		MongoInfo:     mgoInfo,
+		MongoDialOpts: dialOpts,
+	}
+	st, err := state.Initialize(args)
 	c.Assert(err, jc.ErrorIsNil)
 	err = st.Close()
 	c.Check(err, jc.ErrorIsNil)
 
-	st, err = state.Initialize(owner, mgoInfo, cfg, dialOpts, state.Policy(nil))
+	st, err = state.Initialize(args)
 	c.Check(err, gc.ErrorMatches, "already initialized")
 	if !c.Check(st, gc.IsNil) {
 		err = st.Close()
@@ -130,51 +272,102 @@
 }
 
 func (s *InitializeSuite) TestModelConfigWithAdminSecret(c *gc.C) {
-	// admin-secret blocks Initialize.
-	good := testing.ModelConfig(c)
-	badUpdateAttrs := map[string]interface{}{"admin-secret": "foo"}
-	bad, err := good.Apply(badUpdateAttrs)
-	owner := names.NewLocalUserTag("initialize-admin")
-
-	_, err = state.Initialize(owner, statetesting.NewMongoInfo(), bad, mongotest.DialOpts(), state.Policy(nil))
-	c.Assert(err, gc.ErrorMatches, "admin-secret should never be written to the state")
-
-	// admin-secret blocks UpdateModelConfig.
-	st := statetesting.Initialize(c, owner, good, nil)
-	st.Close()
-
-	s.openState(c, st.ModelTag())
-	err = s.State.UpdateModelConfig(badUpdateAttrs, nil, nil)
-	c.Assert(err, gc.ErrorMatches, "admin-secret should never be written to the state")
+	update := map[string]interface{}{"admin-secret": "foo"}
+	remove := []string{}
+	s.testBadModelConfig(c, update, remove, "admin-secret should never be written to the state")
+}
 
-	// ModelConfig remains inviolate.
-	cfg, err := s.State.ModelConfig()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cfg.AllAttrs(), gc.DeepEquals, good.AllAttrs())
+func (s *InitializeSuite) TestModelConfigWithCAPrivateKey(c *gc.C) {
+	update := map[string]interface{}{"ca-private-key": "foo"}
+	remove := []string{}
+	s.testBadModelConfig(c, update, remove, "ca-private-key should never be written to the state")
 }
 
 func (s *InitializeSuite) TestModelConfigWithoutAgentVersion(c *gc.C) {
-	// admin-secret blocks Initialize.
+	update := map[string]interface{}{}
+	remove := []string{"agent-version"}
+	s.testBadModelConfig(c, update, remove, "agent-version must always be set in state")
+}
+
+func (s *InitializeSuite) testBadModelConfig(c *gc.C, update map[string]interface{}, remove []string, expect string) {
 	good := testing.ModelConfig(c)
-	attrs := good.AllAttrs()
-	delete(attrs, "agent-version")
-	bad, err := config.New(config.NoDefaults, attrs)
+	bad, err := good.Apply(update)
+	c.Assert(err, jc.ErrorIsNil)
+	bad, err = bad.Remove(remove)
 	c.Assert(err, jc.ErrorIsNil)
+
 	owner := names.NewLocalUserTag("initialize-admin")
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = good.UUID()
 
-	_, err = state.Initialize(owner, statetesting.NewMongoInfo(), bad, mongotest.DialOpts(), state.Policy(nil))
-	c.Assert(err, gc.ErrorMatches, "agent-version must always be set in state")
+	args := state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			CloudName: "dummy",
+			Owner:     owner,
+			Config:    bad,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		MongoInfo:     statetesting.NewMongoInfo(),
+		MongoDialOpts: mongotest.DialOpts(),
+	}
+	_, err = state.Initialize(args)
+	c.Assert(err, gc.ErrorMatches, expect)
 
-	st := statetesting.Initialize(c, owner, good, nil)
-	// yay side effects
+	args.ControllerModelArgs.Config = good
+	st, err := state.Initialize(args)
+	c.Assert(err, jc.ErrorIsNil)
 	st.Close()
 
 	s.openState(c, st.ModelTag())
-	err = s.State.UpdateModelConfig(map[string]interface{}{}, []string{"agent-version"}, nil)
-	c.Assert(err, gc.ErrorMatches, "agent-version must always be set in state")
+	err = s.State.UpdateModelConfig(update, remove, nil)
+	c.Assert(err, gc.ErrorMatches, expect)
 
 	// ModelConfig remains inviolate.
 	cfg, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cfg.AllAttrs(), gc.DeepEquals, good.AllAttrs())
+	goodAttrs := good.AllAttrs()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg.AllAttrs(), jc.DeepEquals, goodAttrs)
+}
+
+func (s *InitializeSuite) TestCloudConfigWithForbiddenValues(c *gc.C) {
+	badAttrNames := []string{
+		"admin-secret",
+		"ca-private-key",
+		config.AgentVersionKey,
+	}
+	for _, attr := range controller.ControllerOnlyConfigAttributes {
+		badAttrNames = append(badAttrNames, attr)
+	}
+
+	modelCfg := testing.ModelConfig(c)
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = modelCfg.UUID()
+	args := state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			CloudName: "dummy",
+			Owner:     names.NewLocalUserTag("initialize-admin"),
+			Config:    modelCfg,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		MongoInfo:     statetesting.NewMongoInfo(),
+		MongoDialOpts: mongotest.DialOpts(),
+	}
+
+	for _, badAttrName := range badAttrNames {
+		badAttrs := map[string]interface{}{badAttrName: "foo"}
+		args.ControllerInheritedConfig = badAttrs
+		_, err := state.Initialize(args)
+		c.Assert(err, gc.ErrorMatches, "local cloud config cannot contain .*")
+	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/state/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,10 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/status"
@@ -27,10 +28,10 @@
 	Tag() names.Tag
 }
 
-// EntityWithService is implemented by Units it is intended
-// for anything that can return its Service.
-type EntityWithService interface {
-	Service() (*Service, error)
+// EntityWithApplication is implemented by Units it is intended
+// for anything that can return its Application.
+type EntityWithApplication interface {
+	Application() (*Application, error)
 }
 
 // Lifer represents an entity with a life.
@@ -104,6 +105,12 @@
 	ModelConfig() (*config.Config, error)
 }
 
+// ControllerAccessor defines the methods needed to
+// access controller information.
+type ControllerAccessor interface {
+	ControllerConfig() (controller.Config, error)
+}
+
 // UnitsWatcher defines the methods needed to retrieve an entity (a
 // machine or a service) and watch its units.
 type UnitsWatcher interface {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/interface_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/interface_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/interface_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/interface_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,16 +11,15 @@
 	_ Entity = (*Machine)(nil)
 	_ Entity = (*Unit)(nil)
 	_ Entity = (*UnitAgent)(nil)
-	_ Entity = (*Service)(nil)
+	_ Entity = (*Application)(nil)
 	_ Entity = (*Model)(nil)
 	_ Entity = (*User)(nil)
-	_ Entity = (*IPAddress)(nil)
 
-	_ EntityWithService = (*Unit)(nil)
+	_ EntityWithApplication = (*Unit)(nil)
 
 	_ Lifer = (*Machine)(nil)
 	_ Lifer = (*Unit)(nil)
-	_ Lifer = (*Service)(nil)
+	_ Lifer = (*Application)(nil)
 	_ Lifer = (*Relation)(nil)
 
 	_ EnsureDeader = (*Machine)(nil)
@@ -35,7 +34,7 @@
 
 	_ NotifyWatcherFactory = (*Machine)(nil)
 	_ NotifyWatcherFactory = (*Unit)(nil)
-	_ NotifyWatcherFactory = (*Service)(nil)
+	_ NotifyWatcherFactory = (*Application)(nil)
 	_ NotifyWatcherFactory = (*Model)(nil)
 
 	_ AgentEntity = (*Machine)(nil)
@@ -44,7 +43,7 @@
 	_ ModelAccessor = (*State)(nil)
 
 	_ UnitsWatcher = (*Machine)(nil)
-	_ UnitsWatcher = (*Service)(nil)
+	_ UnitsWatcher = (*Application)(nil)
 
 	_ ModelMachinesWatcher = (*State)(nil)
 
@@ -55,12 +54,12 @@
 	// _ ActionsWatcher = (*Service)(nil)
 
 	_ ActionReceiver = (*Unit)(nil)
-	// TODO(jcw4) - use when Actions can be queued for Services.
+	// TODO(jcw4) - use when Actions can be queued for applications.
 	//_ ActionReceiver = (*Service)(nil)
 
 	_ GlobalEntity = (*Machine)(nil)
 	_ GlobalEntity = (*Unit)(nil)
-	_ GlobalEntity = (*Service)(nil)
+	_ GlobalEntity = (*Application)(nil)
 	_ GlobalEntity = (*Charm)(nil)
 	_ GlobalEntity = (*Model)(nil)
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/internal/audit/audit.go juju-core-2.0~beta12/src/github.com/juju/juju/state/internal/audit/audit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/internal/audit/audit.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/internal/audit/audit.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,85 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package audit
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/audit"
+	"github.com/juju/version"
+
+	"github.com/juju/juju/mongo/utils"
+)
+
+// auditEntryDoc is the doc that is persisted to the audit collection.
+type auditEntryDoc struct {
+
+	// JujuServerVersion is the version of jujud that recorded this
+	// entry.
+	JujuServerVersion version.Number `bson:"juju-server-version"`
+
+	// ModelID is the ID of the model the audit entry was written on.
+	ModelUUID string `bson:"model-uuid"`
+
+	// Timestamp is when the audit entry was written. It is marshaled
+	// to a bytestream via time.Time::MarshalText and can be
+	// unmarshaled via time.Time::UnmarshalText.
+	Timestamp string `bson:"timestamp"`
+
+	// RemoteAddress is the IP of the machine from which the
+	// audit-event was triggered.
+	RemoteAddress string `bson:"remote-address"`
+
+	// OriginType is the type of entity (e.g. model, user, action)
+	// which triggered the audit event.
+	OriginType string `bson:"origin-type"`
+
+	// OriginName is the name of the origin which triggered the
+	// audit-event.
+	OriginName string `bson:"origin-name"`
+
+	// Operation is the operation that was performed that triggered
+	// the audit event.
+	Operation string `bson:"operation"`
+
+	// Data is a catch-all for storing random data.
+	Data map[string]interface{} `bson:"data"`
+}
+
+// PutAuditEntryFn creates a closure which when passed an AuditEntry
+// will write it to the audit collection.
+func PutAuditEntryFn(
+	collectionName string,
+	insertDoc func(string, ...interface{}) error,
+) func(audit.AuditEntry) error {
+	return func(auditEntry audit.AuditEntry) error {
+		if err := auditEntry.Validate(); err != nil {
+			return errors.Trace(err)
+		}
+		auditEntryDoc, err := auditEntryDocFromAuditEntry(auditEntry)
+		if err != nil {
+			return errors.Trace(err)
+		}
+		return errors.Trace(insertDoc(collectionName, auditEntryDoc))
+	}
+}
+
+func auditEntryDocFromAuditEntry(auditEntry audit.AuditEntry) (auditEntryDoc, error) {
+
+	timeAsBlob, err := auditEntry.Timestamp.MarshalText()
+	if err != nil {
+		return auditEntryDoc{}, errors.Trace(err)
+	}
+
+	return auditEntryDoc{
+		JujuServerVersion: auditEntry.JujuServerVersion,
+		ModelUUID:         auditEntry.ModelUUID,
+		Timestamp:         string(timeAsBlob),
+		RemoteAddress:     auditEntry.RemoteAddress,
+		OriginType:        auditEntry.OriginType,
+		OriginName:        auditEntry.OriginName,
+		Operation:         auditEntry.Operation,
+		Data:              utils.EscapeKeys(auditEntry.Data),
+	}, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/internal/audit/audit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/internal/audit/audit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/internal/audit/audit_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/internal/audit/audit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,114 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package audit_test
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/version"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/mgo.v2/bson"
+
+	"github.com/juju/juju/audit"
+	mongoutils "github.com/juju/juju/mongo/utils"
+	stateaudit "github.com/juju/juju/state/internal/audit"
+	"github.com/juju/utils"
+)
+
+type AuditSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&AuditSuite{})
+
+func (*AuditSuite) TestPutAuditEntry_PersistAuditEntry(c *gc.C) {
+
+	requested := audit.AuditEntry{
+		JujuServerVersion: version.MustParse("1.0.0"),
+		ModelUUID:         utils.MustNewUUID().String(),
+		Timestamp:         time.Now().UTC(),
+		RemoteAddress:     "8.8.8.8",
+		OriginType:        "user",
+		OriginName:        "bob",
+		Operation:         "status",
+		Data: map[string]interface{}{
+			"a": "b",
+			"$a.b": map[string]interface{}{
+				"b.$a": "c",
+			},
+		},
+	}
+
+	var insertDocsCalled bool
+	insertDocs := func(collectionName string, docs ...interface{}) error {
+		insertDocsCalled = true
+		c.Check(collectionName, gc.Equals, "audit.log")
+		c.Assert(docs, gc.HasLen, 1)
+
+		serializedAuditDoc, err := bson.Marshal(docs[0])
+		c.Assert(err, jc.ErrorIsNil)
+
+		requestedTimeBlob, err := requested.Timestamp.MarshalText()
+		c.Assert(err, jc.ErrorIsNil)
+
+		c.Check(string(serializedAuditDoc), jc.BSONEquals, map[string]interface{}{
+			"juju-server-version": requested.JujuServerVersion,
+			"model-uuid":          requested.ModelUUID,
+			"timestamp":           string(requestedTimeBlob),
+			"remote-address":      "8.8.8.8",
+			"origin-type":         requested.OriginType,
+			"origin-name":         requested.OriginName,
+			"operation":           requested.Operation,
+			"data":                mongoutils.EscapeKeys(requested.Data),
+		})
+
+		return nil
+	}
+
+	putAuditEntry := stateaudit.PutAuditEntryFn("audit.log", insertDocs)
+	err := putAuditEntry(requested)
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(insertDocsCalled, jc.IsTrue)
+}
+
+func (*AuditSuite) TestPutAuditEntry_PropagatesWriteError(c *gc.C) {
+	const errMsg = "my error"
+	insertDocs := func(string, ...interface{}) error {
+		return errors.New(errMsg)
+	}
+	putAuditEntry := stateaudit.PutAuditEntryFn("audit.log", insertDocs)
+
+	uuid, err := utils.NewUUID()
+	c.Assert(err, jc.ErrorIsNil)
+
+	auditEntry := audit.AuditEntry{
+		JujuServerVersion: version.MustParse("1.0.0"),
+		ModelUUID:         uuid.String(),
+		Timestamp:         time.Now().UTC(),
+		RemoteAddress:     "8.8.8.8",
+		OriginType:        "user",
+		OriginName:        "bob",
+		Operation:         "status",
+	}
+	c.Assert(auditEntry.Validate(), jc.ErrorIsNil)
+
+	err = putAuditEntry(auditEntry)
+	c.Check(err, gc.ErrorMatches, errMsg)
+}
+
+func (*AuditSuite) TestPutAuditEntry_ValidateAuditEntry(c *gc.C) {
+	var auditEntry audit.AuditEntry
+
+	// Don't care what the error is; just that it's not valid.
+	validationErr := auditEntry.Validate()
+	c.Assert(validationErr, gc.NotNil)
+
+	putAuditEntry := stateaudit.PutAuditEntryFn("", nil)
+	err := putAuditEntry(auditEntry)
+	c.Check(err, gc.ErrorMatches, validationErr.Error())
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/internal/audit/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/internal/audit/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/internal/audit/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/internal/audit/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package audit_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestPackage(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,12 @@
 package state
 
 import (
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/mongo/mongotest"
 	"github.com/juju/juju/testing"
@@ -48,8 +49,24 @@
 			CACert: testing.CACert,
 		},
 	}
-	dialopts := mongotest.DialOpts()
-	st, err := Initialize(s.owner, info, testing.ModelConfig(c), dialopts, nil)
+	modelCfg := testing.ModelConfig(c)
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = modelCfg.UUID()
+	st, err := Initialize(InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: ModelArgs{
+			CloudName: "dummy",
+			Owner:     s.owner,
+			Config:    modelCfg,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		MongoInfo:     info,
+		MongoDialOpts: mongotest.DialOpts(),
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	s.state = st
 	s.AddCleanup(func(*gc.C) { s.state.Close() })
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/ipaddresses_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/ipaddresses_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/ipaddresses_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/ipaddresses_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -51,17 +51,9 @@
 	c.Assert(result.ProviderID(), gc.Equals, network.Id(""))
 }
 
-func (s *ipAddressesInternalSuite) TestProviderIDDoesNotIncludeModelUUIDWhenSet(c *gc.C) {
-	const localProviderID = "foo"
-	globalProviderID := coretesting.ModelTag.Id() + ":" + localProviderID
-
-	result := s.newIPAddressWithDummyState(ipAddressDoc{ProviderID: localProviderID})
-	c.Assert(result.ProviderID(), gc.Equals, network.Id(localProviderID))
-	c.Assert(result.localProviderID(), gc.Equals, localProviderID)
-
-	result = s.newIPAddressWithDummyState(ipAddressDoc{ProviderID: globalProviderID})
-	c.Assert(result.ProviderID(), gc.Equals, network.Id(localProviderID))
-	c.Assert(result.localProviderID(), gc.Equals, localProviderID)
+func (s *ipAddressesInternalSuite) TestProviderID(c *gc.C) {
+	result := s.newIPAddressWithDummyState(ipAddressDoc{ProviderID: "foo"})
+	c.Assert(result.ProviderID(), gc.Equals, network.Id("foo"))
 }
 
 func (s *ipAddressesInternalSuite) TestIPAddressGlobalKeyHelper(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/ipaddresses_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/ipaddresses_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/ipaddresses_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/ipaddresses_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -240,6 +240,23 @@
 	s.removeAllAddressesOnMachineAndAssertNoneRemain(c)
 }
 
+func (s *ipAddressesStateSuite) TestMachineRemoveAllAddressesRemovesProviderIDReferences(c *gc.C) {
+	s.addNamedDevice(c, "foo")
+	addrArgs := state.LinkLayerDeviceAddress{
+		DeviceName:   "foo",
+		ConfigMethod: state.StaticAddress,
+		CIDRAddress:  "0.1.2.3/24",
+		ProviderID:   "bar",
+	}
+	err := s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, jc.ErrorIsNil)
+	s.removeAllAddressesOnMachineAndAssertNoneRemain(c)
+
+	// Re-adding the same address to a new device should now succeed.
+	err = s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
 func (s *ipAddressesStateSuite) addTwoDevicesWithTwoAddressesEach(c *gc.C) []*state.Address {
 	_, device1Addresses := s.addNamedDeviceWithAddresses(c, "eth1", "10.20.0.1/16", "10.20.0.2/16")
 	_, device2Addresses := s.addNamedDeviceWithAddresses(c, "eth0", "10.20.100.2/16", "fc00::/64")
@@ -479,6 +496,62 @@
 	}
 }
 
+func (s *ipAddressesStateSuite) TestRemoveAddressRemovesProviderID(c *gc.C) {
+	device := s.addNamedDevice(c, "eth0")
+	addrArgs := state.LinkLayerDeviceAddress{
+		DeviceName:   "eth0",
+		ConfigMethod: state.ManualAddress,
+		CIDRAddress:  "0.1.2.3/24",
+		ProviderID:   "id-0123",
+	}
+	err := s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, jc.ErrorIsNil)
+	addresses, err := device.Addresses()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(addresses, gc.HasLen, 1)
+	addr := addresses[0]
+	err = addr.Remove()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ipAddressesStateSuite) TestUpdateAddressFailsToChangeProviderID(c *gc.C) {
+	s.addNamedDevice(c, "eth0")
+	addrArgs := state.LinkLayerDeviceAddress{
+		DeviceName:   "eth0",
+		ConfigMethod: state.ManualAddress,
+		CIDRAddress:  "0.1.2.3/24",
+		ProviderID:   "id-0123",
+	}
+	err := s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, jc.ErrorIsNil)
+	addrArgs.ProviderID = "id-0124"
+	err = s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, gc.ErrorMatches, `.*cannot change ProviderID of link address "0.1.2.3"`)
+}
+
+func (s *ipAddressesStateSuite) TestUpdateAddressPreventsDuplicateProviderID(c *gc.C) {
+	s.addNamedDevice(c, "eth0")
+	addrArgs := state.LinkLayerDeviceAddress{
+		DeviceName:   "eth0",
+		ConfigMethod: state.ManualAddress,
+		CIDRAddress:  "0.1.2.3/24",
+	}
+	err := s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Set the provider id through an update.
+	addrArgs.ProviderID = "id-0123"
+	err = s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, jc.ErrorIsNil)
+
+	// Adding a new address with the same provider id should now fail.
+	addrArgs.CIDRAddress = "0.1.2.4/24"
+	err = s.machine.SetDevicesAddresses(addrArgs)
+	c.Assert(err, gc.ErrorMatches, `.*invalid address "0.1.2.4/24": ProviderID\(s\) not unique: id-0123`)
+}
+
 func (s *ipAddressesStateSuite) checkAddressMatchesArgs(c *gc.C, address *state.Address, args state.LinkLayerDeviceAddress) {
 	c.Check(address.DeviceName(), gc.Equals, args.DeviceName)
 	c.Check(address.MachineID(), gc.Equals, s.machine.Id())
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/leadership.go juju-core-2.0~beta12/src/github.com/juju/juju/state/leadership.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/leadership.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/leadership.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package state
 
 import (
@@ -5,33 +8,33 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/core/leadership"
 	corelease "github.com/juju/juju/core/lease"
-	"github.com/juju/juju/worker/lease"
+	"github.com/juju/juju/state/workers"
 )
 
-func removeLeadershipSettingsOp(serviceId string) txn.Op {
-	return removeSettingsOp(leadershipSettingsKey(serviceId))
+func removeLeadershipSettingsOp(applicationId string) txn.Op {
+	return removeSettingsOp(settingsC, leadershipSettingsKey(applicationId))
 }
 
-func leadershipSettingsKey(serviceId string) string {
-	return fmt.Sprintf("s#%s#leader", serviceId)
+func leadershipSettingsKey(applicationId string) string {
+	return fmt.Sprintf("a#%s#leader", applicationId)
 }
 
 // LeadershipClaimer returns a leadership.Claimer for units and services in the
 // state's model.
 func (st *State) LeadershipClaimer() leadership.Claimer {
-	return leadershipClaimer{st.leadershipManager}
+	return leadershipClaimer{st.workers.LeadershipManager()}
 }
 
 // LeadershipChecker returns a leadership.Checker for units and services in the
 // state's model.
 func (st *State) LeadershipChecker() leadership.Checker {
-	return leadershipChecker{st.leadershipManager}
+	return leadershipChecker{st.workers.LeadershipManager()}
 }
 
 // HackLeadership stops the state's internal leadership manager to prevent it
@@ -50,8 +53,7 @@
 	// close them all on their own schedule, without panics -- but the failure of
 	// the shared component should successfully goose them all into shutting down,
 	// in parallel, of their own accord.)
-	st.leadershipManager.Kill()
-	st.singularManager.Kill()
+	st.workers.Kill()
 }
 
 // buildTxnWithLeadership returns a transaction source that combines the supplied source
@@ -73,13 +75,13 @@
 }
 
 // leadershipSecretary implements lease.Secretary; it checks that leases are
-// service names, and holders are unit names.
+// application names, and holders are unit names.
 type leadershipSecretary struct{}
 
 // CheckLease is part of the lease.Secretary interface.
 func (leadershipSecretary) CheckLease(name string) error {
-	if !names.IsValidService(name) {
-		return errors.NewNotValid(nil, "not a service name")
+	if !names.IsValidApplication(name) {
+		return errors.NewNotValid(nil, "not an application name")
 	}
 	return nil
 }
@@ -100,45 +102,45 @@
 	return nil
 }
 
-// leadershipChecker implements leadership.Checker by wrapping a lease.Manager.
+// leadershipChecker implements leadership.Checker by wrapping a LeaseManager.
 type leadershipChecker struct {
-	manager *lease.Manager
+	manager workers.LeaseManager
 }
 
 // LeadershipCheck is part of the leadership.Checker interface.
-func (m leadershipChecker) LeadershipCheck(serviceName, unitName string) leadership.Token {
-	token := m.manager.Token(serviceName, unitName)
+func (m leadershipChecker) LeadershipCheck(applicationname, unitName string) leadership.Token {
+	token := m.manager.Token(applicationname, unitName)
 	return leadershipToken{
-		serviceName: serviceName,
-		unitName:    unitName,
-		token:       token,
+		applicationname: applicationname,
+		unitName:        unitName,
+		token:           token,
 	}
 }
 
 // leadershipToken implements leadership.Token by wrapping a corelease.Token.
 type leadershipToken struct {
-	serviceName string
-	unitName    string
-	token       corelease.Token
+	applicationname string
+	unitName        string
+	token           corelease.Token
 }
 
 // Check is part of the leadership.Token interface.
 func (t leadershipToken) Check(out interface{}) error {
 	err := t.token.Check(out)
 	if errors.Cause(err) == corelease.ErrNotHeld {
-		return errors.Errorf("%q is not leader of %q", t.unitName, t.serviceName)
+		return errors.Errorf("%q is not leader of %q", t.unitName, t.applicationname)
 	}
 	return errors.Trace(err)
 }
 
-// leadershipClaimer implements leadership.Claimer by wrappping a lease.Manager.
+// leadershipClaimer implements leadership.Claimer by wrappping a LeaseManager.
 type leadershipClaimer struct {
-	manager *lease.Manager
+	manager workers.LeaseManager
 }
 
 // ClaimLeadership is part of the leadership.Claimer interface.
-func (m leadershipClaimer) ClaimLeadership(serviceName, unitName string, duration time.Duration) error {
-	err := m.manager.Claim(serviceName, unitName, duration)
+func (m leadershipClaimer) ClaimLeadership(applicationname, unitName string, duration time.Duration) error {
+	err := m.manager.Claim(applicationname, unitName, duration)
 	if errors.Cause(err) == corelease.ErrClaimDenied {
 		return leadership.ErrClaimDenied
 	}
@@ -146,7 +148,7 @@
 }
 
 // BlockUntilLeadershipReleased is part of the leadership.Claimer interface.
-func (m leadershipClaimer) BlockUntilLeadershipReleased(serviceName string) error {
-	err := m.manager.WaitUntilExpired(serviceName)
+func (m leadershipClaimer) BlockUntilLeadershipReleased(applicationname string) error {
+	err := m.manager.WaitUntilExpired(applicationname)
 	return errors.Trace(err)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/legacy_ipaddresses.go juju-core-2.0~beta12/src/github.com/juju/juju/state/legacy_ipaddresses.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/legacy_ipaddresses.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/legacy_ipaddresses.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,468 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package state
-
-import (
-	"net"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	jujutxn "github.com/juju/txn"
-	"github.com/juju/utils"
-	"gopkg.in/mgo.v2"
-	"gopkg.in/mgo.v2/bson"
-	"gopkg.in/mgo.v2/txn"
-
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-)
-
-// addIPAddress implements the State method to add an IP address.
-func addIPAddress(st *State, addr network.Address, subnetid string) (ipaddress *IPAddress, err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot add IP address %q", addr)
-
-	// This checks for a missing value as well as invalid values
-	ip := net.ParseIP(addr.Value)
-	if ip == nil {
-		return nil, errors.NotValidf("address")
-	}
-
-	// Generate the UUID for the new IP address.
-	uuid, err := utils.NewUUID()
-	if err != nil {
-		return nil, err
-	}
-
-	addressID := st.docID(addr.Value)
-	ipDoc := ipaddressDoc{
-		DocID:     addressID,
-		ModelUUID: st.ModelUUID(),
-		UUID:      uuid.String(),
-		Life:      Alive,
-		State:     AddressStateUnknown,
-		SubnetId:  subnetid,
-		Value:     addr.Value,
-		Type:      string(addr.Type),
-		Scope:     string(addr.Scope),
-		SpaceName: string(addr.SpaceName),
-	}
-
-	ipaddress = &IPAddress{doc: ipDoc, st: st}
-	ops := []txn.Op{
-		assertModelActiveOp(st.ModelUUID()),
-		{
-			C:      legacyipaddressesC,
-			Id:     addressID,
-			Assert: txn.DocMissing,
-			Insert: ipDoc,
-		},
-	}
-
-	err = st.runTransaction(ops)
-	switch err {
-	case txn.ErrAborted:
-		if err := checkModelActive(st); err != nil {
-			return nil, errors.Trace(err)
-		}
-		if _, err = st.IPAddress(addr.Value); err == nil {
-			return nil, errors.AlreadyExistsf("address")
-		}
-	case nil:
-		return ipaddress, nil
-	}
-	return nil, errors.Trace(err)
-}
-
-// ipAddress implements the State method to return an existing IP
-// address by its value.
-func ipAddress(st *State, value string) (*IPAddress, error) {
-	addresses, closer := st.getCollection(legacyipaddressesC)
-	defer closer()
-
-	doc := &ipaddressDoc{}
-	err := addresses.FindId(value).One(doc)
-	if err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("IP address %q", value)
-	}
-	if err != nil {
-		return nil, errors.Annotatef(err, "cannot get IP address %q", value)
-	}
-	return &IPAddress{st, *doc}, nil
-}
-
-// ipAddressByTag implements the State method to return an existing IP
-// address by its tag.
-func ipAddressByTag(st *State, tag names.IPAddressTag) (*IPAddress, error) {
-	addresses, closer := st.getCollection(legacyipaddressesC)
-	defer closer()
-
-	doc := &ipaddressDoc{}
-	err := addresses.Find(bson.D{{"uuid", tag.Id()}}).One(doc)
-	if err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("IP address %q", tag)
-	}
-	if err != nil {
-		return nil, errors.Annotatef(err, "cannot get IP address %q", tag)
-	}
-	return &IPAddress{st, *doc}, nil
-}
-
-// fetchIPAddresses is a helper function for finding IP addresses
-func fetchIPAddresses(st *State, query bson.D) ([]*IPAddress, error) {
-	addresses, closer := st.getCollection(legacyipaddressesC)
-	result := []*IPAddress{}
-	defer closer()
-	doc := ipaddressDoc{}
-	iter := addresses.Find(query).Iter()
-	for iter.Next(&doc) {
-		addr := &IPAddress{
-			st:  st,
-			doc: doc,
-		}
-		result = append(result, addr)
-	}
-	if err := iter.Close(); err != nil {
-		return result, err
-	}
-	return result, nil
-}
-
-// AddressState represents the states an IP address can be in. They are created
-// in an unknown state and then either become allocated or unavailable if
-// allocation fails.
-type AddressState string
-
-const (
-	// AddressStateUnknown is the initial state an IP address is
-	// created with.
-	AddressStateUnknown AddressState = ""
-
-	// AddressStateAllocated means that the IP address has
-	// successfully been allocated by the provider and is now in use
-	// by an interface on a machine.
-	AddressStateAllocated AddressState = "allocated"
-
-	// AddressStateUnavailable means that allocating the address with
-	// the provider failed. We shouldn't use this address, nor should
-	// we attempt to allocate it again in the future.
-	AddressStateUnavailable AddressState = "unavailable"
-)
-
-// String implements fmt.Stringer.
-func (s AddressState) String() string {
-	if s == AddressStateUnknown {
-		return "<unknown>"
-	}
-	return string(s)
-}
-
-// IPAddress represents the state of an IP address.
-type IPAddress struct {
-	st  *State
-	doc ipaddressDoc
-}
-
-type ipaddressDoc struct {
-	DocID       string       `bson:"_id"`
-	ModelUUID   string       `bson:"model-uuid"`
-	UUID        string       `bson:"uuid"`
-	Life        Life         `bson:"life"`
-	SubnetId    string       `bson:"subnetid,omitempty"`
-	MachineId   string       `bson:"machineid,omitempty"`
-	MACAddress  string       `bson:"macaddress,omitempty"`
-	InstanceId  string       `bson:"instanceid,omitempty"`
-	InterfaceId string       `bson:"interfaceid,omitempty"`
-	Value       string       `bson:"value"`
-	Type        string       `bson:"type"`
-	Scope       string       `bson:"networkscope,omitempty"`
-	State       AddressState `bson:"state"`
-	SpaceName   string       `bson:"spacename,omitempty"`
-}
-
-// Life returns whether the IP address is Alive, Dying or Dead.
-func (i *IPAddress) Life() Life {
-	return i.doc.Life
-}
-
-// Id returns the ID of the IP address.
-func (i *IPAddress) Id() string {
-	return i.doc.DocID
-}
-
-// UUID returns the globally unique ID of the IP address.
-func (i *IPAddress) UUID() (utils.UUID, error) {
-	return utils.UUIDFromString(i.doc.UUID)
-}
-
-// Tag returns the tag of the IP address.
-func (i *IPAddress) Tag() names.Tag {
-	return names.NewIPAddressTag(i.doc.UUID)
-}
-
-// SubnetId returns the ID of the subnet the IP address is associated with. If
-// the address is not associated with a subnet this returns "".
-func (i *IPAddress) SubnetId() string {
-	return i.doc.SubnetId
-}
-
-// MachineId returns the ID of the machine the IP address is associated with. If
-// the address is not associated with a machine this returns "".
-func (i *IPAddress) MachineId() string {
-	return i.doc.MachineId
-}
-
-// InstanceId returns the provider ID of the instance the IP address is
-// associated with. For a container this will be the ID of the host. If
-// the address is not associated with an instance this returns "" (the same as
-// instance.UnknownId).
-func (i *IPAddress) InstanceId() instance.Id {
-	return instance.Id(i.doc.InstanceId)
-}
-
-// MACAddress returns the MAC address of the container NIC the IP address is
-// associated with.
-func (i *IPAddress) MACAddress() string {
-	return i.doc.MACAddress
-}
-
-// InterfaceId returns the ID of the network interface the IP address is
-// associated with. If the address is not associated with a network interface
-// this returns "".
-func (i *IPAddress) InterfaceId() string {
-	return i.doc.InterfaceId
-}
-
-// Value returns the IP address.
-func (i *IPAddress) Value() string {
-	return i.doc.Value
-}
-
-// Address returns the network.Address represent the IP address
-func (i *IPAddress) Address() network.Address {
-	return network.NewScopedAddress(i.doc.Value, i.Scope())
-}
-
-// Type returns the type of the IP address. The IP address will have a type of
-// IPv4, IPv6 or hostname.
-func (i *IPAddress) Type() network.AddressType {
-	return network.AddressType(i.doc.Type)
-}
-
-// Scope returns the scope of the IP address. If the scope is not set this
-// returns "".
-func (i *IPAddress) Scope() network.Scope {
-	return network.Scope(i.doc.Scope)
-}
-
-// State returns the state of an IP address.
-func (i *IPAddress) State() AddressState {
-	return i.doc.State
-}
-
-// String implements fmt.Stringer.
-func (i *IPAddress) String() string {
-	return i.Address().String()
-}
-
-// GoString implements fmt.GoStringer.
-func (i *IPAddress) GoString() string {
-	return i.String()
-}
-
-// EnsureDead sets the Life of the IP address to Dead, if it's Alive. It
-// does nothing otherwise.
-func (i *IPAddress) EnsureDead() (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot set address %q to dead", i)
-
-	if i.doc.Life == Dead {
-		return nil
-	}
-
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			if err := i.Refresh(); err != nil {
-				// Address is either gone or
-				// another error occurred.
-				return nil, err
-			}
-			if i.Life() == Dead {
-				return nil, jujutxn.ErrNoOperations
-			}
-			return nil, errors.Errorf("unexpected life value: %s", i.Life().String())
-		}
-		op := ensureIPAddressDeadOp(i)
-		op.Assert = isAliveDoc
-		return []txn.Op{op}, nil
-	}
-
-	err = i.st.run(buildTxn)
-	if err != nil {
-		return err
-	}
-
-	i.doc.Life = Dead
-	return nil
-}
-
-// Remove removes an existing IP address. Trying to remove a missing
-// address is not an error.
-func (i *IPAddress) Remove() (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot remove IP address %q", i)
-
-	if i.doc.Life != Dead {
-		return errors.New("IP address is not dead")
-	}
-
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			if err := i.Refresh(); errors.IsNotFound(err) {
-				return nil, jujutxn.ErrNoOperations
-			} else if err != nil {
-				return nil, err
-			}
-			if i.Life() != Dead {
-				return nil, errors.New("address is not dead")
-			}
-		}
-		return []txn.Op{{
-			C:      legacyipaddressesC,
-			Id:     i.doc.DocID,
-			Assert: isDeadDoc,
-			Remove: true,
-		}}, nil
-	}
-
-	return i.st.run(buildTxn)
-}
-
-// SetState sets the State of an IPAddress. Valid state transitions
-// are Unknown to Allocated or Unavailable, as well as setting the
-// same state more than once. Any other transition will result in
-// returning an error satisfying errors.IsNotValid().
-func (i *IPAddress) SetState(newState AddressState) (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot set IP address %q to state %q", i, newState)
-
-	validStates := []AddressState{AddressStateUnknown, newState}
-	unknownOrSame := bson.DocElem{"state", bson.D{{"$in", validStates}}}
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			if err := i.Refresh(); errors.IsNotFound(err) {
-				return nil, err
-			} else if i.Life() == Dead {
-				return nil, errors.New("address is dead")
-			} else if i.State() != AddressStateUnknown {
-				return nil, errors.NotValidf("transition from %q", i.doc.State)
-			} else if err != nil {
-				return nil, err
-			}
-
-		}
-		return []txn.Op{{
-			C:      legacyipaddressesC,
-			Id:     i.doc.DocID,
-			Assert: append(isAliveDoc, unknownOrSame),
-			Update: bson.D{{"$set", bson.D{{"state", string(newState)}}}},
-		}}, nil
-	}
-
-	err = i.st.run(buildTxn)
-	if err != nil {
-		return err
-	}
-
-	i.doc.State = newState
-	return nil
-}
-
-// AllocateTo sets the machine ID, MAC address and interface ID of the IP address.
-// It will fail if the state is not AddressStateUnknown. On success,
-// the address state will also change to AddressStateAllocated.
-func (i *IPAddress) AllocateTo(machineId, interfaceId, macAddress string) (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot allocate IP address %q to machine %q, interface %q", i, machineId, interfaceId)
-
-	var instId instance.Id
-	machine, err := i.st.Machine(machineId)
-	if err != nil {
-		return errors.Annotatef(err, "cannot get allocated machine %q", machineId)
-	} else {
-		instId, err = machine.InstanceId()
-
-		if errors.IsNotProvisioned(err) {
-			// The machine is not yet provisioned. The instance ID will be
-			// set on provisioning.
-			instId = instance.UnknownId
-		} else if err != nil {
-			return errors.Annotatef(err, "cannot get machine %q instance ID", machineId)
-		}
-	}
-
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			if err := checkModelActive(i.st); err != nil {
-				return nil, errors.Trace(err)
-			}
-			if err := i.Refresh(); errors.IsNotFound(err) {
-				return nil, err
-			} else if i.Life() == Dead {
-				return nil, errors.New("address is dead")
-			} else if i.State() != AddressStateUnknown {
-				return nil, errors.Errorf("already allocated or unavailable")
-			} else if err != nil {
-				return nil, err
-			}
-
-		}
-		return []txn.Op{
-			assertModelActiveOp(i.st.ModelUUID()),
-			{
-				C:      legacyipaddressesC,
-				Id:     i.doc.DocID,
-				Assert: append(isAliveDoc, bson.DocElem{"state", AddressStateUnknown}),
-				Update: bson.D{{"$set", bson.D{
-					{"machineid", machineId},
-					{"interfaceid", interfaceId},
-					{"instanceid", instId},
-					{"macaddress", macAddress},
-					{"state", string(AddressStateAllocated)},
-				}}},
-			}}, nil
-	}
-
-	err = i.st.run(buildTxn)
-	if err != nil {
-		return err
-	}
-	i.doc.MachineId = machineId
-	i.doc.MACAddress = macAddress
-	i.doc.InterfaceId = interfaceId
-	i.doc.State = AddressStateAllocated
-	i.doc.InstanceId = string(instId)
-	return nil
-}
-
-// Refresh refreshes the contents of the IPAddress from the underlying
-// state. It an error that satisfies errors.IsNotFound if the Subnet has
-// been removed.
-func (i *IPAddress) Refresh() error {
-	addresses, closer := i.st.getCollection(legacyipaddressesC)
-	defer closer()
-
-	err := addresses.FindId(i.doc.DocID).One(&i.doc)
-	if err == mgo.ErrNotFound {
-		return errors.NotFoundf("IP address %q", i)
-	}
-	if err != nil {
-		return errors.Annotatef(err, "cannot refresh IP address %q", i)
-	}
-	return nil
-}
-
-func ensureIPAddressDeadOp(addr *IPAddress) txn.Op {
-	op := txn.Op{
-		C:      legacyipaddressesC,
-		Id:     addr.Id(),
-		Update: bson.D{{"$set", bson.D{{"life", Dead}}}},
-	}
-	return op
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/legacy_ipaddresses_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/legacy_ipaddresses_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/legacy_ipaddresses_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/legacy_ipaddresses_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,405 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package state_test
-
-import (
-	"fmt"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-)
-
-type IPAddressSuite struct {
-	ConnSuite
-}
-
-var _ = gc.Suite(&IPAddressSuite{})
-
-func (s *IPAddressSuite) assertAddress(
-	c *gc.C,
-	ipAddr *state.IPAddress,
-	addr network.Address,
-	ipState state.AddressState,
-	machineId, ifaceId, subnetId string,
-) {
-	c.Assert(ipAddr, gc.NotNil)
-	c.Assert(ipAddr.MachineId(), gc.Equals, machineId)
-	c.Assert(ipAddr.InterfaceId(), gc.Equals, ifaceId)
-	c.Assert(ipAddr.SubnetId(), gc.Equals, subnetId)
-	c.Assert(ipAddr.Value(), gc.Equals, addr.Value)
-	c.Assert(ipAddr.Type(), gc.Equals, addr.Type)
-	c.Assert(ipAddr.Scope(), gc.Equals, addr.Scope)
-	c.Assert(ipAddr.State(), gc.Equals, ipState)
-	c.Assert(ipAddr.Address(), jc.DeepEquals, addr)
-	c.Assert(ipAddr.String(), gc.Equals, addr.String())
-	c.Assert(ipAddr.Id(), gc.Equals, s.State.ModelUUID()+":"+addr.Value)
-	c.Assert(ipAddr.InstanceId(), gc.Equals, instance.UnknownId)
-	c.Assert(ipAddr.MACAddress(), gc.Equals, "")
-}
-
-func (s *IPAddressSuite) createMachine(c *gc.C) *state.Machine {
-	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	err = machine.SetProvisioned("foo", "fake_nonce", nil)
-	c.Assert(err, jc.ErrorIsNil)
-	return machine
-}
-
-func (s *IPAddressSuite) TestAddIPAddress(c *gc.C) {
-	for i, test := range []string{"0.1.2.3", "2001:db8::1"} {
-		c.Logf("test %d: %q", i, test)
-		addr := network.NewScopedAddress(test, network.ScopePublic)
-		ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-		c.Assert(err, jc.ErrorIsNil)
-		s.assertAddress(c, ipAddr, addr, state.AddressStateUnknown, "", "", "foobar")
-		c.Assert(ipAddr.Life(), gc.Equals, state.Alive)
-
-		// verify the address was stored in the state
-		ipAddr, err = s.State.IPAddress(test)
-		c.Assert(err, jc.ErrorIsNil)
-		s.assertAddress(c, ipAddr, addr, state.AddressStateUnknown, "", "", "foobar")
-	}
-}
-
-func (s *IPAddressSuite) TestAddIPAddressInvalid(c *gc.C) {
-	addr := network.Address{Value: "foo"}
-	_, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.Satisfies, errors.IsNotValid)
-	c.Assert(err, gc.ErrorMatches, `cannot add IP address "foo": address not valid`)
-}
-
-func (s *IPAddressSuite) TestAddIPAddressAlreadyExists(c *gc.C) {
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	_, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.Satisfies, errors.IsAlreadyExists)
-	c.Assert(err, gc.ErrorMatches,
-		`cannot add IP address "public:0.1.2.3": address already exists`,
-	)
-}
-
-func (s *IPAddressSuite) TestIPAddressNotFound(c *gc.C) {
-	_, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	c.Assert(err, gc.ErrorMatches, `IP address "0.1.2.3" not found`)
-}
-
-func (s *IPAddressSuite) TestIPAddressByTag(c *gc.C) {
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	added, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	uuid, err := added.UUID()
-	c.Assert(err, jc.ErrorIsNil)
-	tag := names.NewIPAddressTag(uuid.String())
-	found, err := s.State.IPAddressByTag(tag)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(found.Id(), gc.Equals, added.Id())
-}
-
-func (s *IPAddressSuite) TestIPAddressFindEntity(c *gc.C) {
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	added, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	uuid, err := added.UUID()
-	c.Assert(err, jc.ErrorIsNil)
-	tag := names.NewIPAddressTag(uuid.String())
-	found, err := s.State.FindEntity(tag)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(found.Tag(), gc.Equals, tag)
-}
-
-func (s *IPAddressSuite) TestIPAddressByTagNotFound(c *gc.C) {
-	tag := names.NewIPAddressTag("42424242-1111-2222-3333-0123456789ab")
-	_, err := s.State.IPAddressByTag(tag)
-	c.Assert(err, gc.ErrorMatches, `IP address "ipaddress-42424242-1111-2222-3333-0123456789ab" not found`)
-}
-
-func (s *IPAddressSuite) TestEnsureDeadRemove(c *gc.C) {
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Should not be able to remove an Alive IP address.
-	c.Assert(ipAddr.Life(), gc.Equals, state.Alive)
-	err = ipAddr.Remove()
-	msg := fmt.Sprintf("cannot remove IP address %q: IP address is not dead", ipAddr.String())
-	c.Assert(err, gc.ErrorMatches, msg)
-
-	err = ipAddr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// EnsureDead twice should not be an error
-	err = ipAddr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = ipAddr.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Remove twice is also fine.
-	err = ipAddr.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-
-	_, err = s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	c.Assert(err, gc.ErrorMatches, `IP address "0.1.2.3" not found`)
-}
-
-func (s *IPAddressSuite) TestSetStateDead(c *gc.C) {
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	copyIPAddr, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.ErrorIsNil)
-	err = copyIPAddr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = ipAddr.SetState(state.AddressStateAllocated)
-	msg := fmt.Sprintf(`cannot set IP address %q to state "allocated": address is dead`, ipAddr.String())
-	c.Assert(err, gc.ErrorMatches, msg)
-}
-
-func (s *IPAddressSuite) TestAllocateToDead(c *gc.C) {
-	machine := s.createMachine(c)
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	copyIPAddr, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.ErrorIsNil)
-	err = copyIPAddr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	msg := fmt.Sprintf(`cannot allocate IP address %q to machine %q, interface "frogger": address is dead`, ipAddr.String(), machine.Id())
-	err = ipAddr.AllocateTo(machine.Id(), "frogger", "01:23:45:67:89:ab")
-	c.Assert(err, gc.ErrorMatches, msg)
-}
-
-func (s *IPAddressSuite) TestAllocateToProvisionedMachine(c *gc.C) {
-	machine := s.createMachine(c)
-
-	addr := network.NewAddress("0.1.2.3")
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = ipAddr.AllocateTo(machine.Id(), "fake", "01:23:45:67:89:ab")
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(ipAddr.InstanceId(), gc.Equals, instance.Id("foo"))
-	c.Assert(ipAddr.MACAddress(), gc.Equals, "01:23:45:67:89:ab")
-}
-
-func (s *IPAddressSuite) TestAddressStateString(c *gc.C) {
-	for i, test := range []struct {
-		ipState state.AddressState
-		expect  string
-	}{{
-		state.AddressStateUnknown,
-		"<unknown>",
-	}, {
-		state.AddressStateAllocated,
-		"allocated",
-	}, {
-		state.AddressStateUnavailable,
-		"unavailable",
-	}} {
-		c.Logf("test %d: %q -> %q", i, test.ipState, test.expect)
-		c.Check(test.ipState.String(), gc.Equals, test.expect)
-	}
-}
-
-func (s *IPAddressSuite) TestSetState(c *gc.C) {
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-
-	for i, test := range []struct {
-		initial, changeTo state.AddressState
-		err               string
-	}{{
-		initial:  state.AddressStateUnknown,
-		changeTo: state.AddressStateUnknown,
-	}, {
-		initial:  state.AddressStateUnknown,
-		changeTo: state.AddressStateAllocated,
-	}, {
-		initial:  state.AddressStateUnknown,
-		changeTo: state.AddressStateUnavailable,
-	}, {
-		initial:  state.AddressStateAllocated,
-		changeTo: state.AddressStateAllocated,
-	}, {
-		initial:  state.AddressStateUnavailable,
-		changeTo: state.AddressStateUnavailable,
-	}, {
-		initial:  state.AddressStateAllocated,
-		changeTo: state.AddressStateUnknown,
-		err: `cannot set IP address "public:0.1.2.3" to state "<unknown>": ` +
-			`transition from "allocated" not valid`,
-	}, {
-		initial:  state.AddressStateUnavailable,
-		changeTo: state.AddressStateUnknown,
-		err: `cannot set IP address "public:0.1.2.3" to state "<unknown>": ` +
-			`transition from "unavailable" not valid`,
-	}, {
-		initial:  state.AddressStateAllocated,
-		changeTo: state.AddressStateUnavailable,
-		err: `cannot set IP address "public:0.1.2.3" to state "unavailable": ` +
-			`transition from "allocated" not valid`,
-	}, {
-		initial:  state.AddressStateUnavailable,
-		changeTo: state.AddressStateAllocated,
-		err: `cannot set IP address "public:0.1.2.3" to state "allocated": ` +
-			`transition from "unavailable" not valid`,
-	}} {
-		c.Logf("test %d: %q -> %q ok:%v", i, test.initial, test.changeTo, test.err == "")
-		ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-		c.Check(err, jc.ErrorIsNil)
-
-		// Initially, all addresses have AddressStateUnknown.
-		c.Assert(ipAddr.State(), gc.Equals, state.AddressStateUnknown)
-
-		if test.initial != state.AddressStateUnknown {
-			err = ipAddr.SetState(test.initial)
-			c.Check(err, jc.ErrorIsNil)
-		}
-		err = ipAddr.SetState(test.changeTo)
-		if test.err != "" {
-			c.Check(err, gc.ErrorMatches, test.err)
-			c.Check(err, jc.Satisfies, errors.IsNotValid)
-			c.Check(ipAddr.EnsureDead(), jc.ErrorIsNil)
-			c.Check(ipAddr.Remove(), jc.ErrorIsNil)
-			continue
-		}
-		c.Check(err, jc.ErrorIsNil)
-		c.Check(ipAddr.State(), gc.Equals, test.changeTo)
-		c.Check(ipAddr.EnsureDead(), jc.ErrorIsNil)
-		c.Check(ipAddr.Remove(), jc.ErrorIsNil)
-	}
-}
-
-func (s *IPAddressSuite) TestAllocateTo(c *gc.C) {
-	machine := s.createMachine(c)
-
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ipAddr.State(), gc.Equals, state.AddressStateUnknown)
-	c.Assert(ipAddr.MachineId(), gc.Equals, "")
-	c.Assert(ipAddr.InterfaceId(), gc.Equals, "")
-	c.Assert(ipAddr.InstanceId(), gc.Equals, instance.UnknownId)
-
-	err = ipAddr.AllocateTo(machine.Id(), "wobble", "01:23:45:67:89:ab")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ipAddr.State(), gc.Equals, state.AddressStateAllocated)
-	c.Assert(ipAddr.MachineId(), gc.Equals, machine.Id())
-	c.Assert(ipAddr.InterfaceId(), gc.Equals, "wobble")
-	c.Assert(ipAddr.InstanceId(), gc.Equals, instance.Id("foo"))
-	c.Assert(ipAddr.MACAddress(), gc.Equals, "01:23:45:67:89:ab")
-
-	freshCopy, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(freshCopy.State(), gc.Equals, state.AddressStateAllocated)
-	c.Assert(freshCopy.MachineId(), gc.Equals, machine.Id())
-	c.Assert(freshCopy.InterfaceId(), gc.Equals, "wobble")
-	c.Assert(freshCopy.InstanceId(), gc.Equals, instance.Id("foo"))
-	c.Assert(freshCopy.MACAddress(), gc.Equals, "01:23:45:67:89:ab")
-
-	// allocating twice should fail.
-	machine2 := s.createMachine(c)
-	err = ipAddr.AllocateTo(machine2.Id(), "i", "01:23:45:67:89:ac")
-
-	msg := fmt.Sprintf(
-		`cannot allocate IP address "public:0.1.2.3" to machine %q, interface "i": `+
-			`already allocated or unavailable`, machine2.Id())
-	c.Assert(err, gc.ErrorMatches, msg)
-}
-
-func (s *IPAddressSuite) TestAddress(c *gc.C) {
-	addr := network.NewScopedAddress("0.1.2.3", network.ScopePublic)
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ipAddr.Address(), jc.DeepEquals, addr)
-}
-
-func (s *IPAddressSuite) TestAllocatedIPAddresses(c *gc.C) {
-	machine := s.createMachine(c)
-	machine2 := s.createMachine(c)
-	addresses := [][]string{
-		{"0.1.2.3", machine.Id()},
-		{"0.1.2.4", machine.Id()},
-		{"0.1.2.5", machine2.Id()},
-	}
-	for _, details := range addresses {
-		addr := network.NewScopedAddress(details[0], network.ScopePublic)
-		ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-		c.Assert(err, jc.ErrorIsNil)
-		err = ipAddr.AllocateTo(details[1], "wobble", "01:23:45:67:89:ab")
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	result, err := s.State.AllocatedIPAddresses(machine.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	addr1, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.ErrorIsNil)
-	addr2, err := s.State.IPAddress("0.1.2.4")
-	c.Assert(err, jc.ErrorIsNil)
-	expected := []*state.IPAddress{addr1, addr2}
-	c.Assert(result, jc.SameContents, expected)
-}
-
-func (s *IPAddressSuite) TestDeadIPAddresses(c *gc.C) {
-	machine := s.createMachine(c)
-
-	addresses := []string{
-		"0.1.2.3",
-		"0.1.2.4",
-		"0.1.2.5",
-		"0.1.2.6",
-	}
-	for i, details := range addresses {
-		addr := network.NewAddress(details)
-		ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-		c.Assert(err, jc.ErrorIsNil)
-		err = ipAddr.AllocateTo(machine.Id(), "wobble", "01:23:45:67:89:ab")
-		c.Assert(err, jc.ErrorIsNil)
-		if i%2 == 0 {
-			err := ipAddr.EnsureDead()
-			c.Assert(err, jc.ErrorIsNil)
-		} else {
-			c.Assert(ipAddr.Life(), gc.Equals, state.Alive)
-		}
-	}
-
-	ipAddresses, err := s.State.DeadIPAddresses()
-	c.Assert(err, jc.ErrorIsNil)
-	addr1, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.ErrorIsNil)
-	addr3, err := s.State.IPAddress("0.1.2.5")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ipAddresses, jc.SameContents, []*state.IPAddress{addr1, addr3})
-}
-
-func (s *IPAddressSuite) TestRefresh(c *gc.C) {
-	rawAddr := network.NewAddress("0.1.2.3")
-	addr, err := s.State.AddIPAddress(rawAddr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-
-	addrCopy, err := s.State.IPAddress(rawAddr.Value)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = addr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(addrCopy.Life(), gc.Equals, state.Alive)
-	err = addrCopy.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addrCopy.Life(), gc.Equals, state.Dead)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/life_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/life_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/life_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/life_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,7 @@
 type LifeSuite struct {
 	ConnSuite
 	charm *state.Charm
-	svc   *state.Service
+	svc   *state.Application
 }
 
 func (s *LifeSuite) SetUpTest(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices.go juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices.go	2016-07-18 19:45:44.000000000 +0000
@@ -118,11 +118,7 @@
 
 // ProviderID returns the provider-specific device ID, if set.
 func (dev *LinkLayerDevice) ProviderID() network.Id {
-	return network.Id(dev.localProviderID())
-}
-
-func (dev *LinkLayerDevice) localProviderID() string {
-	return dev.st.localID(dev.doc.ProviderID)
+	return network.Id(dev.doc.ProviderID)
 }
 
 // MachineID returns the ID of the machine this device belongs to.
@@ -225,7 +221,15 @@
 				return nil, err
 			}
 		}
-		return removeLinkLayerDeviceOps(dev.st, dev.DocID(), dev.parentDocID())
+		ops, err := removeLinkLayerDeviceOps(dev.st, dev.DocID(), dev.parentDocID())
+		if err != nil {
+			return nil, err
+		}
+		if dev.ProviderID() != "" {
+			op := dev.st.networkEntityGlobalKeyRemoveOp("linklayerdevice", dev.ProviderID())
+			ops = append(ops, op)
+		}
+		return ops, nil
 	}
 	return dev.st.run(buildTxn)
 }
@@ -460,7 +464,7 @@
 	}
 
 	findQuery := findAddressesQuery(dev.doc.MachineID, dev.doc.Name)
-	if err := dev.st.forEachIPAddressDoc(findQuery, nil, callbackFunc); err != nil {
+	if err := dev.st.forEachIPAddressDoc(findQuery, callbackFunc); err != nil {
 		return nil, errors.Trace(err)
 	}
 	return allAddresses, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -56,15 +56,9 @@
 
 func (s *linkLayerDevicesInternalSuite) TestProviderIDDoesNotIncludeModelUUIDWhenSet(c *gc.C) {
 	const localProviderID = "foo"
-	globalProviderID := coretesting.ModelTag.Id() + ":" + localProviderID
-
 	result := s.newLinkLayerDeviceWithDummyState(linkLayerDeviceDoc{ProviderID: localProviderID})
 	c.Assert(result.ProviderID(), gc.Equals, network.Id(localProviderID))
-	c.Assert(result.localProviderID(), gc.Equals, localProviderID)
 
-	result = s.newLinkLayerDeviceWithDummyState(linkLayerDeviceDoc{ProviderID: globalProviderID})
-	c.Assert(result.ProviderID(), gc.Equals, network.Id(localProviderID))
-	c.Assert(result.localProviderID(), gc.Equals, localProviderID)
 }
 
 func (s *linkLayerDevicesInternalSuite) TestParentDeviceReturnsNoErrorWhenParentNameNotSet(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices_ipaddresses.go juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices_ipaddresses.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices_ipaddresses.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices_ipaddresses.go	2016-07-18 19:45:44.000000000 +0000
@@ -88,9 +88,6 @@
 
 // Address represents the state of an IP address assigned to a link-layer
 // network device on a machine.
-//
-// TODO(dimitern): Rename to IPAddress once the IPAddress type is gone
-// along with the addressable containers handling code?
 type Address struct {
 	st  *State
 	doc ipAddressDoc
@@ -108,11 +105,7 @@
 
 // ProviderID returns the provider-specific IP address ID, if set.
 func (addr *Address) ProviderID() network.Id {
-	return network.Id(addr.localProviderID())
-}
-
-func (addr *Address) localProviderID() string {
-	return addr.st.localID(addr.doc.ProviderID)
+	return network.Id(addr.doc.ProviderID)
 }
 
 // MachineID returns the ID of the machine this IP address belongs to.
@@ -207,7 +200,12 @@
 	defer errors.DeferredAnnotatef(&err, "cannot remove %s", addr)
 
 	removeOp := removeIPAddressDocOp(addr.doc.DocID)
-	return addr.st.runTransaction([]txn.Op{removeOp})
+	ops := []txn.Op{removeOp}
+	if addr.ProviderID() != "" {
+		op := addr.st.networkEntityGlobalKeyRemoveOp("address", addr.ProviderID())
+		ops = append(ops, op)
+	}
+	return addr.st.runTransaction(ops)
 }
 
 // removeIPAddressDocOpOp returns an operation to remove the ipAddressDoc
@@ -298,10 +296,14 @@
 	var ops []txn.Op
 	callbackFunc := func(resultDoc *ipAddressDoc) {
 		ops = append(ops, removeIPAddressDocOp(resultDoc.DocID))
+		if resultDoc.ProviderID != "" {
+			addrID := network.Id(resultDoc.ProviderID)
+			op := st.networkEntityGlobalKeyRemoveOp("address", addrID)
+			ops = append(ops, op)
+		}
 	}
 
-	selectDocIDOnly := bson.D{{"_id", 1}}
-	err := st.forEachIPAddressDoc(findQuery, selectDocIDOnly, callbackFunc)
+	err := st.forEachIPAddressDoc(findQuery, callbackFunc)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -309,14 +311,11 @@
 	return ops, nil
 }
 
-func (st *State) forEachIPAddressDoc(findQuery, docFieldsToSelect bson.D, callbackFunc func(resultDoc *ipAddressDoc)) error {
+func (st *State) forEachIPAddressDoc(findQuery bson.D, callbackFunc func(resultDoc *ipAddressDoc)) error {
 	addresses, closer := st.getCollection(ipAddressesC)
 	defer closer()
 
 	query := addresses.Find(findQuery)
-	if docFieldsToSelect != nil {
-		query = query.Select(docFieldsToSelect)
-	}
 	iter := query.Iter()
 
 	var resultDoc ipAddressDoc
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/linklayerdevices_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/linklayerdevices_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -264,7 +264,18 @@
 	s.assertMachineSetLinkLayerDevicesSucceedsAndResultMatchesArgs(c, s.otherStateMachine, args, s.otherState.ModelUUID())
 }
 
-func (s *linkLayerDevicesStateSuite) TestSetLinkLayerDevicesWithDuplicateNameAndProviderIDFailsInSameModel(c *gc.C) {
+func (s *linkLayerDevicesStateSuite) TestSetLinkLayerDevicesUpdatesProviderIDWhenNotSetOriginally(c *gc.C) {
+	args := state.LinkLayerDeviceArgs{
+		Name: "foo",
+		Type: state.EthernetDevice,
+	}
+	s.assertSetLinkLayerDevicesSucceedsAndResultMatchesArgs(c, args)
+
+	args.ProviderID = "42"
+	s.assertSetLinkLayerDevicesSucceedsAndResultMatchesArgs(c, args)
+}
+
+func (s *linkLayerDevicesStateSuite) TestSetLinkLayerDevicesFailsForProviderIDChange(c *gc.C) {
 	args := state.LinkLayerDeviceArgs{
 		Name:       "foo",
 		Type:       state.EthernetDevice,
@@ -272,19 +283,24 @@
 	}
 	s.assertSetLinkLayerDevicesSucceedsAndResultMatchesArgs(c, args)
 
-	err := s.assertSetLinkLayerDevicesFailsValidationForArgs(c, args, `ProviderID\(s\) not unique: 42`)
-	c.Assert(err, jc.Satisfies, state.IsProviderIDNotUniqueError)
+	args.ProviderID = "43"
+	s.assertSetLinkLayerDevicesFailsForArgs(c, args, `cannot change ProviderID of link layer device "foo"`)
 }
 
-func (s *linkLayerDevicesStateSuite) TestSetLinkLayerDevicesUpdatesProviderIDWhenNotSetOriginally(c *gc.C) {
+func (s *linkLayerDevicesStateSuite) TestSetLinkLayerDevicesUpdateWithDuplicateProviderIDFails(c *gc.C) {
 	args := state.LinkLayerDeviceArgs{
-		Name: "foo",
-		Type: state.EthernetDevice,
+		Name:       "foo",
+		Type:       state.EthernetDevice,
+		ProviderID: "42",
 	}
 	s.assertSetLinkLayerDevicesSucceedsAndResultMatchesArgs(c, args)
+	args.Name = "bar"
+	args.ProviderID = ""
+	s.assertSetLinkLayerDevicesSucceedsAndResultMatchesArgs(c, args)
 
 	args.ProviderID = "42"
-	s.assertSetLinkLayerDevicesSucceedsAndResultMatchesArgs(c, args)
+	err := s.assertSetLinkLayerDevicesFailsValidationForArgs(c, args, `ProviderID\(s\) not unique: 42`)
+	c.Assert(err, jc.Satisfies, state.IsProviderIDNotUniqueError)
 }
 
 func (s *linkLayerDevicesStateSuite) TestSetLinkLayerDevicesDoesNotClearProviderIDOnceSet(c *gc.C) {
@@ -544,6 +560,23 @@
 	s.assertNoDevicesOnMachine(c, s.machine)
 }
 
+func (s *linkLayerDevicesStateSuite) TestLinkLayerDeviceRemoveRemovesProviderID(c *gc.C) {
+	args := state.LinkLayerDeviceArgs{
+		Name:       "foo",
+		Type:       state.EthernetDevice,
+		ProviderID: "bar",
+	}
+	err := s.machine.SetLinkLayerDevices(args)
+	c.Assert(err, jc.ErrorIsNil)
+	device, err := s.machine.LinkLayerDevice("foo")
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.removeDeviceAndAssertSuccess(c, device)
+	// Re-adding the same device should now succeed.
+	err = s.machine.SetLinkLayerDevices(args)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
 func (s *linkLayerDevicesStateSuite) removeDeviceAndAssertSuccess(c *gc.C, givenDevice *state.LinkLayerDevice) {
 	err := givenDevice.Remove()
 	c.Assert(err, jc.ErrorIsNil)
@@ -698,7 +731,7 @@
 			ParentName: parentDeviceGlobalKey,
 		}
 		err := s.containerMachine.SetLinkLayerDevices(containerDeviceArgs)
-		expectedError := `cannot set .* to machine "0/lxc/0": ` +
+		expectedError := `cannot set .* to machine "0/lxd/0": ` +
 			`invalid device "eth0": ` +
 			`parent device ".*" on host machine "0" must be of type "bridge", not type ".*"`
 		c.Check(err, gc.ErrorMatches, expectedError)
@@ -713,7 +746,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	container, err := s.State.AddMachineInsideMachine(containerTemplate, s.machine.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(containerTemplate, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	s.containerMachine = container
 }
@@ -994,3 +1027,75 @@
 		c.Check(containerDevice.ParentName(), gc.Matches, `m#0#d#br-bond0(|\.12|\.34)`)
 	}
 }
+
+func (s *linkLayerDevicesStateSuite) TestSetContainerLinkLayerDevicesCorrectlyPaired(c *gc.C) {
+	// The device names chosen and the order are very explicit. We
+	// need to ensure that we have a list that does not sort well
+	// alphabetically. This is because SetParentLinkLayerDevices()
+	// uses a natural sort ordering and we want to verify the
+	// pairing between the container's NIC name and its parent in
+	// the host machine during this unit test.
+
+	devicesArgs := []state.LinkLayerDeviceArgs{
+		state.LinkLayerDeviceArgs{
+			Name: "br-eth10",
+			Type: state.BridgeDevice,
+		},
+		state.LinkLayerDeviceArgs{
+			Name: "br-eth1",
+			Type: state.BridgeDevice,
+		},
+		state.LinkLayerDeviceArgs{
+			Name: "br-eth10.100",
+			Type: state.BridgeDevice,
+		},
+		state.LinkLayerDeviceArgs{
+			Name: "br-eth2",
+			Type: state.BridgeDevice,
+		},
+		state.LinkLayerDeviceArgs{
+			Name: "br-eth0",
+			Type: state.BridgeDevice,
+		},
+		state.LinkLayerDeviceArgs{
+			Name: "br-eth4",
+			Type: state.BridgeDevice,
+		},
+		state.LinkLayerDeviceArgs{
+			Name: "br-eth3",
+			Type: state.BridgeDevice,
+		},
+	}
+
+	expectedParents := []string{
+		"br-eth0",
+		"br-eth1",
+		"br-eth2",
+		"br-eth3",
+		"br-eth4",
+		"br-eth10",
+		"br-eth10.100",
+	}
+
+	err := s.machine.SetParentLinkLayerDevicesBeforeTheirChildren(devicesArgs[:])
+	c.Assert(err, jc.ErrorIsNil)
+	s.addContainerMachine(c)
+	s.assertNoDevicesOnMachine(c, s.containerMachine)
+
+	err = s.machine.SetContainerLinkLayerDevices(s.containerMachine)
+	c.Assert(err, jc.ErrorIsNil)
+
+	containerDevices, err := s.containerMachine.AllLinkLayerDevices()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(containerDevices, gc.HasLen, len(devicesArgs))
+
+	for i, containerDevice := range containerDevices {
+		c.Check(containerDevice.Name(), gc.Matches, "eth"+strconv.Itoa(i))
+		c.Check(containerDevice.Type(), gc.Equals, state.EthernetDevice)
+		c.Check(containerDevice.MTU(), gc.Equals, uint(0)) // inherited from the parent device.
+		c.Check(containerDevice.MACAddress(), gc.Matches, "00:16:3e(:[0-9a-f]{2}){3}")
+		c.Check(containerDevice.IsUp(), jc.IsTrue)
+		c.Check(containerDevice.IsAutoStart(), jc.IsTrue)
+		c.Check(containerDevice.ParentName(), gc.Equals, fmt.Sprintf("m#0#d#%s", expectedParents[i]))
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/logs.go juju-core-2.0~beta12/src/github.com/juju/juju/state/logs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/logs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/logs.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,9 +15,10 @@
 	"github.com/dustin/go-humanize"
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/deque"
 	"github.com/juju/utils/set"
+	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"launchpad.net/tomb"
@@ -25,24 +26,39 @@
 	"github.com/juju/juju/mongo"
 )
 
+// TODO(wallyworld) - lp:1602508 - collections need to be defined in collections.go
 const (
 	logsDB     = "logs"
 	logsC      = "logs"
 	forwardedC = "forwarded"
 )
 
-// ErrNeverForwarded signals to the caller that the timestamp of a
+// ErrNeverForwarded signals to the caller that the ID of a
 // previously forwarded log record could not be found.
-var ErrNeverForwarded = errors.Errorf("cannot find timestamp of the last forwarded record")
+var ErrNeverForwarded = errors.Errorf("cannot find ID of the last forwarded record")
 
-// LoggingState describes the methods on State required for logging to
-// the database.
-type LoggingState interface {
-	ModelUUID() string
+// MongoSessioner supports creating new mongo sessions.
+type MongoSessioner interface {
+	// MongoSession creates a new Mongo session.
 	MongoSession() *mgo.Session
+}
+
+// ModelSessioner supports creating new mongo sessions for the controller.
+type ControllerSessioner interface {
+	MongoSessioner
+
+	// IsController indicates if current state is controller.
 	IsController() bool
 }
 
+// ModelSessioner supports creating new mongo sessions for a model.
+type ModelSessioner interface {
+	MongoSessioner
+
+	// ModelUUID returns the ID of the current model.
+	ModelUUID() string
+}
+
 // InitDbLogs sets up the indexes for the logs collection. It should
 // be called as state is opened. It is idempotent.
 func InitDbLogs(session *mgo.Session) error {
@@ -59,60 +75,114 @@
 // lastSentDoc captures timestamp of the last log record forwarded
 // to a log sink.
 type lastSentDoc struct {
-	ID        string `bson:"_id"`
+	// ID is the unique ID mongo will use for the doc.
+	ID string `bson:"_id"`
+
+	// ModelUUID identifies the model for which the identified record
+	// was last sent.
 	ModelUUID string `bson:"model-uuid"`
-	Sink      string `bson:"sink"`
-	Time      int64  `bson:"timestamp"`
+
+	// Sink identifies the log forwarding target to which the identified
+	// log record was sent.
+	Sink string `bson:"sink"`
+
+	// TODO(ericsnow) Solve the problems with using the timestamp
+	// as the record ID.
+
+	// RecordTimestamp identifies the last record sent to the log sink
+	// for the model. It is used to look up log records in the DB.
+	//
+	// Currently we use the record's timestamp (unix nano UTC), which
+	// has a risk of collisions. Log record timestamps have nanosecond
+	// precision. The likelihood of multiple log records having the
+	// same timestamp is small, though it increases with the size and
+	// activity of the model.
+	//
+	// Using the timestamp also has the problem that a faulty clock may
+	// introduce records with a timestamp earlier that the "last sent"
+	// value. Such records would never get forwarded.
+	//
+	// The solution to both these issues will likely involve using an
+	// int sequence for the ID rather than the timestamp. That sequence
+	// would be shared by all models.
+	RecordTimestamp int64 `bson:"record-timestamp"`
+
+	// RecordID is the ID of the last record sent to the log sink.
+	// We record it but currently just use the timestamp when querying
+	// the log collection.
+	RecordID int64 `bson:"record-id"`
+}
+
+// LastSentLogTracker records and retrieves timestamps of the most recent
+// log records forwarded to a log sink for a model.
+type LastSentLogTracker struct {
+	session *mgo.Session
+	id      string
+	model   string
+	sink    string
+}
+
+// NewLastSentLogTracker returns a new tracker that records and retrieves
+// the timestamps of the most recent log records forwarded to the
+// identified log sink for the current model.
+func NewLastSentLogTracker(st ModelSessioner, modelUUID, sink string) *LastSentLogTracker {
+	return newLastSentLogTracker(st, modelUUID, sink)
+}
+
+// NewAllLastSentLogTracker returns a new tracker that records and retrieves
+// the timestamps of the most recent log records forwarded to the
+// identified log sink for *all* models.
+func NewAllLastSentLogTracker(st ControllerSessioner, sink string) (*LastSentLogTracker, error) {
+	if !st.IsController() {
+		return nil, errors.New("only the admin model can track all log records")
+	}
+	return newLastSentLogTracker(st, "", sink), nil
 }
 
-// NewLastSentLogger returns a NewLastSentLogger struct that records and retrieves
-// the timestamps of the most recent log records forwarded to the log sink.
-func NewLastSentLogger(st LoggingState, sink string) *DbLoggerLastSent {
-	return &DbLoggerLastSent{
-		id:      fmt.Sprintf("%v#%v", st.ModelUUID(), sink),
-		model:   st.ModelUUID(),
+func newLastSentLogTracker(st MongoSessioner, model, sink string) *LastSentLogTracker {
+	session := st.MongoSession().Copy()
+	return &LastSentLogTracker{
+		id:      fmt.Sprintf("%s#%s", model, sink),
+		model:   model,
 		sink:    sink,
-		session: st.MongoSession(),
+		session: session,
 	}
 }
 
-// DBLoggerLastSent returns a struct that records and retrieves timestamps of the
-// most recent log records forwarded to the log sink.
-type DbLoggerLastSent struct {
-	session *mgo.Session
-	id      string
-	model   string
-	sink    string
+// Close implements io.Closer
+func (logger *LastSentLogTracker) Close() error {
+	logger.session.Close()
+	return nil
 }
 
 // Set records the timestamp.
-func (logger *DbLoggerLastSent) Set(t time.Time) error {
+func (logger *LastSentLogTracker) Set(recID, recTimestamp int64) error {
 	collection := logger.session.DB(logsDB).C(forwardedC)
 	_, err := collection.UpsertId(
 		logger.id,
 		lastSentDoc{
-			ID:        logger.id,
-			ModelUUID: logger.model,
-			Sink:      logger.sink,
-			Time:      t.UnixNano(),
+			ID:              logger.id,
+			ModelUUID:       logger.model,
+			Sink:            logger.sink,
+			RecordID:        recID,
+			RecordTimestamp: recTimestamp,
 		},
 	)
 	return errors.Trace(err)
 }
 
-// Get retrieves the timestamp.
-func (logger *DbLoggerLastSent) Get() (time.Time, error) {
-	zeroTime := time.Time{}
+// Get retrieves the id and timestamp.
+func (logger *LastSentLogTracker) Get() (int64, int64, error) {
 	collection := logger.session.DB(logsDB).C(forwardedC)
-	var lastSent lastSentDoc
-	err := collection.FindId(logger.id).One(&lastSent)
+	var doc lastSentDoc
+	err := collection.FindId(logger.id).One(&doc)
 	if err != nil {
 		if err == mgo.ErrNotFound {
-			return zeroTime, errors.Trace(ErrNeverForwarded)
+			return 0, 0, errors.Trace(ErrNeverForwarded)
 		}
-		return zeroTime, errors.Trace(err)
+		return 0, 0, errors.Trace(err)
 	}
-	return time.Unix(0, lastSent.Time).UTC(), nil
+	return doc.RecordID, doc.RecordTimestamp, nil
 }
 
 // logDoc describes log messages stored in MongoDB.
@@ -124,12 +194,13 @@
 // for increased precision.
 type logDoc struct {
 	Id        bson.ObjectId `bson:"_id"`
-	Time      time.Time     `bson:"t"`
+	Time      int64         `bson:"t"` // unix nano UTC
 	ModelUUID string        `bson:"e"`
 	Entity    string        `bson:"n"` // e.g. "machine-0"
+	Version   string        `bson:"r"`
 	Module    string        `bson:"m"` // e.g. "juju.worker.firewaller"
 	Location  string        `bson:"l"` // "filename:lineno"
-	Level     loggo.Level   `bson:"v"`
+	Level     int           `bson:"v"`
 	Message   string        `bson:"x"`
 }
 
@@ -137,29 +208,37 @@
 	logsColl  *mgo.Collection
 	modelUUID string
 	entity    string
+	version   string
 }
 
 // NewDbLogger returns a DbLogger instance which is used to write logs
 // to the database.
-func NewDbLogger(st LoggingState, entity names.Tag) *DbLogger {
+func NewDbLogger(st ModelSessioner, entity names.Tag, ver version.Number) *DbLogger {
 	_, logsColl := initLogsSession(st)
 	return &DbLogger{
 		logsColl:  logsColl,
 		modelUUID: st.ModelUUID(),
 		entity:    entity.String(),
+		version:   ver.String(),
 	}
 }
 
 // Log writes a log message to the database.
 func (logger *DbLogger) Log(t time.Time, module string, location string, level loggo.Level, msg string) error {
+	// TODO(ericsnow) Use a controller-global int sequence for Id.
+
+	// UnixNano() returns the "absolute" (UTC) number of nanoseconds
+	// since the Unix "epoch".
+	unixEpochNanoUTC := t.UnixNano()
 	return logger.logsColl.Insert(&logDoc{
 		Id:        bson.NewObjectId(),
-		Time:      t,
+		Time:      unixEpochNanoUTC,
 		ModelUUID: logger.modelUUID,
 		Entity:    logger.entity,
+		Version:   logger.version,
 		Module:    module,
 		Location:  location,
-		Level:     level,
+		Level:     int(level),
 		Message:   msg,
 	})
 }
@@ -196,18 +275,26 @@
 // LogRecord defines a single Juju log message as returned by
 // LogTailer.
 type LogRecord struct {
-	Time      time.Time
-	Entity    string
-	Module    string
-	Location  string
-	Level     loggo.Level
-	Message   string
+	// universal fields
+	ID   int64
+	Time time.Time
+
+	// origin fields
 	ModelUUID string
+	Entity    names.Tag
+	Version   version.Number
+
+	// logging-specific fields
+	Level    loggo.Level
+	Module   string
+	Location string
+	Message  string
 }
 
 // LogTailerParams specifies the filtering a LogTailer should apply to
 // logs in order to decide which to return.
 type LogTailerParams struct {
+	StartID       int64
 	StartTime     time.Time
 	MinLevel      loggo.Level
 	InitialLines  int
@@ -237,9 +324,18 @@
 // output of large broken models with logging at DEBUG.
 var maxRecentLogIds = int(oplogOverlap.Minutes() * 150000)
 
+// LogTailerState describes the methods on State required for logging to
+// the database.
+type LogTailerState interface {
+	ModelSessioner
+
+	// IsController indicates whether or not the model is the admin model.
+	IsController() bool
+}
+
 // NewLogTailer returns a LogTailer which filters according to the
 // parameters given.
-func NewLogTailer(st LoggingState, params *LogTailerParams) (LogTailer, error) {
+func NewLogTailer(st LogTailerState, params *LogTailerParams) (LogTailer, error) {
 	if !st.IsController() && params.AllModels {
 		return nil, errors.NewNotValid(nil, "not allowed to tail logs from all models: not a controller")
 	}
@@ -270,6 +366,7 @@
 	logsColl  *mgo.Collection
 	params    *LogTailerParams
 	logCh     chan *LogRecord
+	lastID    int64
 	lastTime  time.Time
 	recentIds *recentIdTracker
 }
@@ -325,14 +422,33 @@
 		}
 	}
 
-	iter := query.Sort("t").Iter()
+	// In tests, sorting by time can leave the result ordering
+	// underconstrained. Since object ids are (timestamp, machine id,
+	// process id, counter)
+	// https://docs.mongodb.com/manual/reference/bson-types/#objectid
+	// and the tests only run one mongod process, including _id
+	// guarantees getting log messages in a predictable order.
+	//
+	// Important: it is critical that the sort on _id is done
+	// separately from the sort on {model, time}. Combining the sort
+	// fields means that MongoDB won't use the indexes that are in
+	// place, which risks hitting MongoDB's 32MB sort limit.  See
+	// https://pad.lv/1590605.
+	//
+	// TODO(ericsnow) Sort only by _id once it is a sequential int.
+	iter := query.Sort("e", "t").Sort("_id").Iter()
 	doc := new(logDoc)
 	for iter.Next(doc) {
+		rec, err := logDocToRecord(doc)
+		if err != nil {
+			return errors.Annotate(err, "deserialization failed (possible DB corruption)")
+		}
 		select {
 		case <-t.tomb.Dying():
 			return errors.Trace(tomb.ErrDying)
-		case t.logCh <- logDocToRecord(doc):
-			t.lastTime = doc.Time
+		case t.logCh <- rec:
+			t.lastID = rec.ID
+			t.lastTime = rec.Time
 			t.recentIds.Add(doc.Id)
 		}
 	}
@@ -343,7 +459,7 @@
 	recentIds := t.recentIds.AsSet()
 
 	newParams := t.params
-	newParams.StartTime = t.lastTime
+	newParams.StartID = t.lastID // (t.lastID + 1) once Id is a sequential int.
 	oplogSel := append(t.paramsToSelector(newParams, "o."),
 		bson.DocElem{"ns", logsDB + "." + logsC},
 	)
@@ -354,7 +470,7 @@
 	}
 
 	minOplogTs := t.lastTime.Add(-oplogOverlap)
-	oplogTailer := mongo.NewOplogTailer(oplog, oplogSel, minOplogTs)
+	oplogTailer := mongo.NewOplogTailer(mongo.NewOplogSession(oplog, oplogSel), minOplogTs)
 	defer oplogTailer.Stop()
 
 	logger.Tracef("LogTailer starting oplog tailing: recent id count=%d, lastTime=%s, minOplogTs=%s",
@@ -384,24 +500,29 @@
 				}
 				continue
 			}
+			rec, err := logDocToRecord(doc)
+			if err != nil {
+				return errors.Annotate(err, "deserialization failed (possible DB corruption)")
+			}
 			select {
 			case <-t.tomb.Dying():
 				return errors.Trace(tomb.ErrDying)
-			case t.logCh <- logDocToRecord(doc):
+			case t.logCh <- rec:
 			}
 		}
 	}
 }
 
 func (t *logTailer) paramsToSelector(params *LogTailerParams, prefix string) bson.D {
-	sel := bson.D{
-		{"t", bson.M{"$gte": params.StartTime}},
+	sel := bson.D{}
+	if !params.StartTime.IsZero() {
+		sel = append(sel, bson.DocElem{"t", bson.M{"$gte": params.StartTime.UnixNano()}})
 	}
 	if !params.AllModels {
 		sel = append(sel, bson.DocElem{"e", t.modelUUID})
 	}
 	if params.MinLevel > loggo.UNSPECIFIED {
-		sel = append(sel, bson.DocElem{"v", bson.M{"$gte": params.MinLevel}})
+		sel = append(sel, bson.DocElem{"v", bson.M{"$gte": int(params.MinLevel)}})
 	}
 	if len(params.IncludeEntity) > 0 {
 		sel = append(sel,
@@ -493,23 +614,47 @@
 	return len(s.ids)
 }
 
-func logDocToRecord(doc *logDoc) *LogRecord {
-	return &LogRecord{
-		Time:      doc.Time,
-		Entity:    doc.Entity,
-		Module:    doc.Module,
-		Location:  doc.Location,
-		Level:     doc.Level,
-		Message:   doc.Message,
+func logDocToRecord(doc *logDoc) (*LogRecord, error) {
+	var ver version.Number
+	if doc.Version != "" {
+		parsed, err := version.Parse(doc.Version)
+		if err != nil {
+			return nil, errors.Annotatef(err, "invalid version %q", doc.Version)
+		}
+		ver = parsed
+	}
+
+	level := loggo.Level(doc.Level)
+	if level > loggo.CRITICAL {
+		return nil, errors.Errorf("unrecognized log level %q", doc.Level)
+	}
+
+	entity, err := names.ParseTag(doc.Entity)
+	if err != nil {
+		return nil, errors.Annotate(err, "while parsing entity tag")
+	}
+
+	rec := &LogRecord{
+		ID:   doc.Time,
+		Time: time.Unix(0, doc.Time).UTC(), // not worth preserving TZ
+
 		ModelUUID: doc.ModelUUID,
+		Entity:    entity,
+		Version:   ver,
+
+		Level:    level,
+		Module:   doc.Module,
+		Location: doc.Location,
+		Message:  doc.Message,
 	}
+	return rec, nil
 }
 
 // PruneLogs removes old log documents in order to control the size of
 // logs collection. All logs older than minLogTime are
 // removed. Further removal is also performed if the logs collection
 // size is greater than maxLogsMB.
-func PruneLogs(st LoggingState, minLogTime time.Time, maxLogsMB int) error {
+func PruneLogs(st MongoSessioner, minLogTime time.Time, maxLogsMB int) error {
 	session, logsColl := initLogsSession(st)
 	defer session.Close()
 
@@ -525,7 +670,7 @@
 	for _, modelUUID := range modelUUIDs {
 		removeInfo, err := logsColl.RemoveAll(bson.M{
 			"e": modelUUID,
-			"t": bson.M{"$lt": minLogTime},
+			"t": bson.M{"$lt": minLogTime.UnixNano()},
 		})
 		if err != nil {
 			return errors.Annotate(err, "failed to prune logs by time")
@@ -558,7 +703,7 @@
 		// NOTE: this assumes that there are no more logs being added
 		// for the time range being pruned (which should be true for
 		// any realistic minimum log collection size).
-		tsQuery := logsColl.Find(bson.M{"e": modelUUID}).Sort("t")
+		tsQuery := logsColl.Find(bson.M{"e": modelUUID}).Sort("e", "t")
 		tsQuery = tsQuery.Skip(toRemove)
 		tsQuery = tsQuery.Select(bson.M{"t": 1})
 		var doc bson.M
@@ -566,7 +711,7 @@
 		if err != nil {
 			return errors.Annotate(err, "log pruning timestamp query failed")
 		}
-		thresholdTs := doc["t"].(time.Time)
+		thresholdTs := doc["t"]
 
 		// Remove old records.
 		removeInfo, err := logsColl.RemoveAll(bson.M{
@@ -590,7 +735,7 @@
 // initLogsSession creates a new session suitable for logging updates,
 // returning the session and a logs mgo.Collection connected to that
 // session.
-func initLogsSession(st LoggingState) (*mgo.Session, *mgo.Collection) {
+func initLogsSession(st MongoSessioner) (*mgo.Session, *mgo.Collection) {
 	// To improve throughput, only wait for the logs to be written to
 	// the primary. For some reason, this makes a huge difference even
 	// when the replicaset only has one member (i.e. a single primary).
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/logs_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/logs_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/logs_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/logs_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,14 +10,16 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/state"
 	coretesting "github.com/juju/juju/testing"
+	jujuversion "github.com/juju/juju/version"
 )
 
 type LogsSuite struct {
@@ -34,36 +36,120 @@
 	s.logsColl = session.DB("logs").C("logs")
 }
 
-func (s *LogsSuite) TestLastSentLoggerSetGet(c *gc.C) {
-	logger0 := state.NewLastSentLogger(s.State, "test-sink0")
-	logger1 := state.NewLastSentLogger(s.State, "test-sink1")
-	t := time.Date(2016, 04, 15, 16, 0, 0, 42, time.UTC)
-	err := logger0.Set(t)
+func (s *LogsSuite) TestLastSentLogTrackerSetGet(c *gc.C) {
+	tracker := state.NewLastSentLogTracker(s.State, s.State.ModelUUID(), "test-sink")
+	defer tracker.Close()
+
+	err := tracker.Set(10, 100)
+	c.Assert(err, jc.ErrorIsNil)
+	id1, ts1, err := tracker.Get()
+	c.Assert(err, jc.ErrorIsNil)
+	err = tracker.Set(20, 200)
+	c.Assert(err, jc.ErrorIsNil)
+	id2, ts2, err := tracker.Get()
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(id1, gc.Equals, int64(10))
+	c.Check(ts1, gc.Equals, int64(100))
+	c.Check(id2, gc.Equals, int64(20))
+	c.Check(ts2, gc.Equals, int64(200))
+}
+
+func (s *LogsSuite) TestLastSentLogTrackerGetNeverSet(c *gc.C) {
+	tracker := state.NewLastSentLogTracker(s.State, s.State.ModelUUID(), "test")
+	defer tracker.Close()
+
+	_, _, err := tracker.Get()
+
+	c.Check(err, gc.ErrorMatches, state.ErrNeverForwarded.Error())
+}
+
+func (s *LogsSuite) TestLastSentLogTrackerIndependentModels(c *gc.C) {
+	tracker0 := state.NewLastSentLogTracker(s.State, s.State.ModelUUID(), "test-sink")
+	defer tracker0.Close()
+	otherModel := s.NewStateForModelNamed(c, "test-model")
+	defer otherModel.Close()
+	tracker1 := state.NewLastSentLogTracker(otherModel, otherModel.ModelUUID(), "test-sink") // same sink
+	defer tracker1.Close()
+	err := tracker0.Set(10, 100)
+	c.Assert(err, jc.ErrorIsNil)
+	id0, ts0, err := tracker0.Get()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(id0, gc.Equals, int64(10))
+	c.Assert(ts0, gc.Equals, int64(100))
+
+	_, _, errBefore := tracker1.Get()
+	err = tracker1.Set(20, 200)
+	c.Assert(err, jc.ErrorIsNil)
+	id1, ts1, errAfter := tracker1.Get()
+	c.Assert(errAfter, jc.ErrorIsNil)
+	id0, ts0, err = tracker0.Get()
 	c.Assert(err, jc.ErrorIsNil)
-	t1, err := logger0.Get()
+
+	c.Check(errBefore, gc.ErrorMatches, state.ErrNeverForwarded.Error())
+	c.Check(id1, gc.Equals, int64(20))
+	c.Check(ts1, gc.Equals, int64(200))
+	c.Check(id0, gc.Equals, int64(10))
+	c.Check(ts0, gc.Equals, int64(100))
+}
+
+func (s *LogsSuite) TestLastSentLogTrackerIndependentSinks(c *gc.C) {
+	tracker0 := state.NewLastSentLogTracker(s.State, s.State.ModelUUID(), "test-sink0")
+	defer tracker0.Close()
+	tracker1 := state.NewLastSentLogTracker(s.State, s.State.ModelUUID(), "test-sink1")
+	defer tracker1.Close()
+	err := tracker0.Set(10, 100)
+	c.Assert(err, jc.ErrorIsNil)
+	id0, ts0, err := tracker0.Get()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(t1, gc.DeepEquals, t)
-	t2 := t.Add(time.Hour)
-	err = logger0.Set(t2)
+	c.Assert(id0, gc.Equals, int64(10))
+	c.Assert(ts0, gc.Equals, int64(100))
+
+	_, _, errBefore := tracker1.Get()
+	err = tracker1.Set(20, 200)
+	c.Assert(err, jc.ErrorIsNil)
+	id1, ts1, errAfter := tracker1.Get()
+	c.Assert(errAfter, jc.ErrorIsNil)
+	id0, ts0, err = tracker0.Get()
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(errBefore, gc.ErrorMatches, state.ErrNeverForwarded.Error())
+	c.Check(id1, gc.Equals, int64(20))
+	c.Check(ts1, gc.Equals, int64(200))
+	c.Check(id0, gc.Equals, int64(10))
+	c.Check(ts0, gc.Equals, int64(100))
+}
+
+func (s *LogsSuite) TestAllLastSentLogTrackerSetGet(c *gc.C) {
+	st, err := s.State.ForModel(names.NewModelTag(s.State.ControllerUUID()))
 	c.Assert(err, jc.ErrorIsNil)
-	t3, err := logger0.Get()
+	defer st.Close()
+	tracker, err := state.NewAllLastSentLogTracker(st, "test-sink")
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(t3, gc.DeepEquals, t2)
-	_, err = logger1.Get()
-	c.Assert(err, gc.ErrorMatches, state.ErrNeverForwarded.Error())
+	defer tracker.Close()
 
-	t5 := time.Date(2016, 4, 15, 16, 0, 0, 43, time.Local)
-	err = logger1.Set(t5)
+	err = tracker.Set(10, 100)
+	c.Assert(err, jc.ErrorIsNil)
+	id1, ts1, err := tracker.Get()
+	c.Assert(err, jc.ErrorIsNil)
+	err = tracker.Set(20, 200)
 	c.Assert(err, jc.ErrorIsNil)
-	t6, err := logger1.Get()
+	id2, ts2, err := tracker.Get()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(t6, gc.DeepEquals, t5.UTC())
+
+	c.Check(id1, gc.Equals, int64(10))
+	c.Check(ts1, gc.Equals, int64(100))
+	c.Check(id2, gc.Equals, int64(20))
+	c.Check(ts2, gc.Equals, int64(200))
 }
 
-func (s *LogsSuite) TestLastSentLoggerNoSet(c *gc.C) {
-	logger := state.NewLastSentLogger(s.State, "test")
-	_, err := logger.Get()
-	c.Assert(err, gc.ErrorMatches, state.ErrNeverForwarded.Error())
+func (s *LogsSuite) TestAllLastSentLogTrackerNotController(c *gc.C) {
+	st := s.NewStateForModelNamed(c, "test-model")
+	defer st.Close()
+
+	_, err := state.NewAllLastSentLogTracker(st, "test")
+
+	c.Check(err, gc.ErrorMatches, `only the admin model can track all log records`)
 }
 
 func (s *LogsSuite) TestIndexesCreated(c *gc.C) {
@@ -82,7 +168,7 @@
 }
 
 func (s *LogsSuite) TestDbLogger(c *gc.C) {
-	logger := state.NewDbLogger(s.State, names.NewMachineTag("22"))
+	logger := state.NewDbLogger(s.State, names.NewMachineTag("22"), jujuversion.Current)
 	defer logger.Close()
 	t0 := time.Now().Truncate(time.Millisecond) // MongoDB only stores timestamps with ms precision.
 	logger.Log(t0, "some.where", "foo.go:99", loggo.INFO, "all is well")
@@ -94,7 +180,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(docs, gc.HasLen, 2)
 
-	c.Assert(docs[0]["t"], gc.Equals, t0)
+	c.Assert(docs[0]["t"], gc.Equals, t0.UnixNano())
 	c.Assert(docs[0]["e"], gc.Equals, s.State.ModelUUID())
 	c.Assert(docs[0]["n"], gc.Equals, "machine-22")
 	c.Assert(docs[0]["m"], gc.Equals, "some.where")
@@ -102,7 +188,7 @@
 	c.Assert(docs[0]["v"], gc.Equals, int(loggo.INFO))
 	c.Assert(docs[0]["x"], gc.Equals, "all is well")
 
-	c.Assert(docs[1]["t"], gc.Equals, t1)
+	c.Assert(docs[1]["t"], gc.Equals, t1.UnixNano())
 	c.Assert(docs[1]["e"], gc.Equals, s.State.ModelUUID())
 	c.Assert(docs[1]["n"], gc.Equals, "machine-22")
 	c.Assert(docs[1]["m"], gc.Equals, "else.where")
@@ -112,7 +198,7 @@
 }
 
 func (s *LogsSuite) TestPruneLogsByTime(c *gc.C) {
-	dbLogger := state.NewDbLogger(s.State, names.NewMachineTag("22"))
+	dbLogger := state.NewDbLogger(s.State, names.NewMachineTag("22"), jujuversion.Current)
 	defer dbLogger.Close()
 	log := func(t time.Time, msg string) {
 		err := dbLogger.Log(t, "module", "loc", loggo.INFO, msg)
@@ -180,7 +266,7 @@
 		var doc bson.M
 		err := s.logsColl.Find(bson.M{"e": st.ModelUUID()}).Sort("-t").One(&doc)
 		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(doc["t"].(time.Time), gc.Equals, now)
+		c.Assert(doc["t"], gc.Equals, now.UnixNano())
 	}
 	assertLatestTs(s0)
 	assertLatestTs(s1)
@@ -188,7 +274,7 @@
 }
 
 func (s *LogsSuite) generateLogs(c *gc.C, st *state.State, endTime time.Time, count int) {
-	dbLogger := state.NewDbLogger(st, names.NewMachineTag("0"))
+	dbLogger := state.NewDbLogger(st, names.NewMachineTag("0"), jujuversion.Current)
 	defer dbLogger.Close()
 	for i := 0; i < count; i++ {
 		ts := endTime.Add(-time.Duration(i) * time.Second)
@@ -672,6 +758,7 @@
 type logTemplate struct {
 	ModelUUID string
 	Entity    names.Tag
+	Version   version.Number
 	Module    string
 	Location  string
 	Level     loggo.Level
@@ -721,6 +808,9 @@
 	if lt.Entity == nil {
 		lt.Entity = names.NewMachineTag("0")
 	}
+	if lt.Version == version.Zero {
+		lt.Version = jujuversion.Current
+	}
 	if lt.Module == "" {
 		lt.Module = "module"
 	}
@@ -759,7 +849,8 @@
 			if !ok {
 				c.Fatalf("tailer died unexpectedly: %v", tailer.Err())
 			}
-			c.Assert(log.Entity, gc.Equals, lt.Entity.String())
+			c.Assert(log.Version, gc.Equals, lt.Version)
+			c.Assert(log.Entity, gc.Equals, lt.Entity)
 			c.Assert(log.Module, gc.Equals, lt.Module)
 			c.Assert(log.Location, gc.Equals, lt.Location)
 			c.Assert(log.Level, gc.Equals, lt.Level)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/machine.go juju-core-2.0~beta12/src/github.com/juju/juju/state/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,11 +9,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"github.com/juju/utils"
 	"github.com/juju/utils/set"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -43,19 +43,16 @@
 	_ MachineJob = iota
 	JobHostUnits
 	JobManageModel
-	JobManageNetworking
 )
 
 var (
 	jobNames = map[MachineJob]multiwatcher.MachineJob{
-		JobHostUnits:        multiwatcher.JobHostUnits,
-		JobManageModel:      multiwatcher.JobManageModel,
-		JobManageNetworking: multiwatcher.JobManageNetworking,
+		JobHostUnits:   multiwatcher.JobHostUnits,
+		JobManageModel: multiwatcher.JobManageModel,
 	}
 	jobMigrationValue = map[MachineJob]string{
-		JobHostUnits:        "host-units",
-		JobManageModel:      "api-server",
-		JobManageNetworking: "manage-networking",
+		JobHostUnits:   "host-units",
+		JobManageModel: "api-server",
 	}
 )
 
@@ -64,7 +61,6 @@
 	return []MachineJob{
 		JobHostUnits,
 		JobManageModel,
-		JobManageNetworking,
 	}
 }
 
@@ -690,9 +686,9 @@
 				if err != nil {
 					return nil, errors.Annotatef(err, "reading machine %s principal unit %v", m, m.doc.Principals[0])
 				}
-				svc, err := u.Service()
+				svc, err := u.Application()
 				if err != nil {
-					return nil, errors.Annotatef(err, "reading machine %s principal unit service %v", m, u.doc.Service)
+					return nil, errors.Annotatef(err, "reading machine %s principal unit service %v", m, u.doc.Application)
 				}
 				if u.Life() == Alive && svc.Life() == Alive {
 					canDie = false
@@ -886,14 +882,6 @@
 	ops = append(ops, removeContainerRefOps(m.st, m.Id())...)
 	ops = append(ops, filesystemOps...)
 	ops = append(ops, volumeOps...)
-	ipAddresses, err := m.st.AllocatedIPAddresses(m.Id())
-	if err != nil {
-		return errors.Trace(err)
-	}
-	for _, address := range ipAddresses {
-		logger.Tracef("creating op to set IP addr %q to Dead", address.Value())
-		ops = append(ops, ensureIPAddressDeadOp(address))
-	}
 	logger.Tracef("removing machine %q", m.Id())
 	// The only abort conditions in play indicate that the machine has already
 	// been removed.
@@ -917,16 +905,17 @@
 
 // AgentPresence returns whether the respective remote agent is alive.
 func (m *Machine) AgentPresence() (bool, error) {
-	b, err := m.st.pwatcher.Alive(m.globalKey())
-	return b, err
+	pwatcher := m.st.workers.PresenceWatcher()
+	return pwatcher.Alive(m.globalKey())
 }
 
 // WaitAgentPresence blocks until the respective agent is alive.
 func (m *Machine) WaitAgentPresence(timeout time.Duration) (err error) {
 	defer errors.DeferredAnnotatef(&err, "waiting for agent of machine %v", m)
 	ch := make(chan presence.Change)
-	m.st.pwatcher.Watch(m.globalKey(), ch)
-	defer m.st.pwatcher.Unwatch(m.globalKey(), ch)
+	pwatcher := m.st.workers.PresenceWatcher()
+	pwatcher.Watch(m.globalKey(), ch)
+	defer pwatcher.Unwatch(m.globalKey(), ch)
 	for i := 0; i < 2; i++ {
 		select {
 		case change := <-ch:
@@ -936,8 +925,8 @@
 		case <-time.After(timeout):
 			// TODO(fwereade): 2016-03-17 lp:1558657
 			return fmt.Errorf("still not alive after timeout")
-		case <-m.st.pwatcher.Dead():
-			return m.st.pwatcher.Err()
+		case <-pwatcher.Dead():
+			return pwatcher.Err()
 		}
 	}
 	panic(fmt.Sprintf("presence reported dead status twice in a row for machine %v", m))
@@ -946,7 +935,7 @@
 // SetAgentPresence signals that the agent for machine m is alive.
 // It returns the started pinger.
 func (m *Machine) SetAgentPresence() (*presence.Pinger, error) {
-	presenceCollection := m.st.getPresence()
+	presenceCollection := m.st.getPresenceCollection()
 	p := presence.NewPinger(presenceCollection, m.st.modelTag, m.globalKey())
 	err := p.Start()
 	if err != nil {
@@ -960,7 +949,7 @@
 	//
 	// TODO: Does not work for multiple controllers. Trigger a sync across all controllers.
 	if m.IsManager() {
-		m.st.pwatcher.Sync()
+		m.st.workers.PresenceWatcher().Sync()
 	}
 	return p, nil
 }
@@ -990,23 +979,30 @@
 }
 
 // SetInstanceStatus sets the provider specific instance status for a machine.
-func (m *Machine) SetInstanceStatus(instanceStatus status.Status, info string, data map[string]interface{}) (err error) {
+func (m *Machine) SetInstanceStatus(sInfo status.StatusInfo) (err error) {
 	return setStatus(m.st, setStatusParams{
 		badge:     "instance",
 		globalKey: m.globalInstanceKey(),
-		status:    instanceStatus,
-		message:   info,
-		rawData:   data,
+		status:    sInfo.Status,
+		message:   sInfo.Message,
+		rawData:   sInfo.Data,
+		updated:   sInfo.Since,
 	})
 
 }
 
-// InstanceStatusHistory returns a slice of at most <size> StatusInfo items
+// InstanceStatusHistory returns a slice of at most filter.Size StatusInfo items
+// or items as old as filter.Date or items newer than now - filter.Delta time
 // representing past statuses for this machine instance.
 // Instance represents the provider underlying [v]hardware or container where
 // this juju machine is deployed.
-func (u *Machine) InstanceStatusHistory(size int) ([]status.StatusInfo, error) {
-	return statusHistory(u.st, u.globalInstanceKey(), size)
+func (m *Machine) InstanceStatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	args := &statusHistoryArgs{
+		st:        m.st,
+		globalKey: m.globalInstanceKey(),
+		filter:    filter,
+	}
+	return statusHistory(args)
 }
 
 // AvailabilityZone returns the provier-specific instance availability
@@ -1156,12 +1152,12 @@
 }
 
 // PublicAddress returns a public address for the machine. If no address is
-// available it returns an error that satisfies network.IsNoAddress.
+// available it returns an error that satisfies network.IsNoAddressError().
 func (m *Machine) PublicAddress() (network.Address, error) {
 	publicAddress := m.doc.PreferredPublicAddress.networkAddress()
 	var err error
 	if publicAddress.Value == "" {
-		err = network.NoAddressf("public")
+		err = network.NoAddressError("public")
 	}
 	return publicAddress, err
 }
@@ -1208,12 +1204,12 @@
 }
 
 // PrivateAddress returns a private address for the machine. If no address is
-// available it returns an error that satisfies network.IsNoAddress.
+// available it returns an error that satisfies network.IsNoAddressError().
 func (m *Machine) PrivateAddress() (network.Address, error) {
 	privateAddress := m.doc.PreferredPrivateAddress.networkAddress()
 	var err error
 	if privateAddress.Value == "" {
-		err = network.NoAddressf("private")
+		err = network.NoAddressError("private")
 	}
 	return privateAddress, err
 }
@@ -1227,7 +1223,28 @@
 	}
 	// Assert that the field is either missing (never been set) or is
 	// unchanged from its previous value.
-	assert := bson.D{{"$or", []bson.D{{{fieldName, current}}, {{fieldName, nil}}}}}
+
+	// Since using a struct in the assert also asserts ordering, and we know that mgo
+	// can change the ordering, we assert on the dotted values, effectively checking each
+	// of the attributes of the address.
+	currentD := []bson.D{
+		{{fieldName + ".value", current.Value}},
+		{{fieldName + ".addresstype", current.AddressType}},
+	}
+	// Since scope, origin, and space have omitempty, we don't add them if they are empty.
+	if current.Scope != "" {
+		currentD = append(currentD, bson.D{{fieldName + ".networkscope", current.Scope}})
+	}
+	if current.Origin != "" {
+		currentD = append(currentD, bson.D{{fieldName + ".origin", current.Origin}})
+	}
+	if current.SpaceName != "" {
+		currentD = append(currentD, bson.D{{fieldName + ".spacename", current.SpaceName}})
+	}
+
+	assert := bson.D{{"$or", []bson.D{
+		{{"$and", currentD}},
+		{{fieldName, nil}}}}}
 
 	ops := []txn.Op{{
 		C:      machinesC,
@@ -1332,52 +1349,22 @@
 // only predicated on the machine not being Dead; concurrent address
 // changes are ignored.
 func (m *Machine) setAddresses(addresses []network.Address, field *[]address, fieldName string) error {
-	var addressesToSet []network.Address
-	if !m.IsContainer() {
-		// Check addresses first. We'll only add those addresses
-		// which are not in the IP address collection.
-		ipAddresses, closer := m.st.getCollection(legacyipaddressesC)
-		defer closer()
-
-		addressValues := make([]string, len(addresses))
-		for i, address := range addresses {
-			addressValues[i] = address.Value
-		}
-		ipDocs := []ipaddressDoc{}
-		sel := bson.D{{"value", bson.D{{"$in", addressValues}}}, {"state", AddressStateAllocated}}
-		err := ipAddresses.Find(sel).All(&ipDocs)
-		if err != nil {
-			return err
-		}
-		ipDocValues := set.NewStrings()
-		for _, ipDoc := range ipDocs {
-			ipDocValues.Add(ipDoc.Value)
-		}
-		for _, address := range addresses {
-			if !ipDocValues.Contains(address.Value) {
-				addressesToSet = append(addressesToSet, address)
-			}
-		}
-	} else {
-		// Containers will set all addresses.
-		addressesToSet = make([]network.Address, len(addresses))
-		copy(addressesToSet, addresses)
-	}
+	addressesToSet := make([]network.Address, len(addresses))
+	copy(addressesToSet, addresses)
 
 	// Update addresses now.
-	envConfig, err := m.st.ModelConfig()
-	if err != nil {
-		return err
-	}
-	network.SortAddresses(addressesToSet, envConfig.PreferIPv6())
+	network.SortAddresses(addressesToSet)
 	origin := OriginProvider
 	if fieldName == "machineaddresses" {
 		origin = OriginMachine
 	}
 	stateAddresses := fromNetworkAddresses(addressesToSet, origin)
 
-	var newPrivate, newPublic address
-	var changedPrivate, changedPublic bool
+	var (
+		newPrivate, newPublic         address
+		changedPrivate, changedPublic bool
+		err                           error
+	)
 	machine := m
 	buildTxn := func(attempt int) ([]txn.Op, error) {
 		if attempt != 0 {
@@ -1413,10 +1400,9 @@
 		return ops, nil
 	}
 	err = m.st.run(buildTxn)
-	if err != nil {
-		if err == txn.ErrAborted {
-			return ErrDead
-		}
+	if err == txn.ErrAborted {
+		return ErrDead
+	} else if err != nil {
 		return errors.Trace(err)
 	}
 
@@ -1510,12 +1496,12 @@
 }
 
 // SetStatus sets the status of the machine.
-func (m *Machine) SetStatus(machineStatus status.Status, info string, data map[string]interface{}) error {
-	switch machineStatus {
+func (m *Machine) SetStatus(statusInfo status.StatusInfo) error {
+	switch statusInfo.Status {
 	case status.StatusStarted, status.StatusStopped:
 	case status.StatusError:
-		if info == "" {
-			return errors.Errorf("cannot set status %q without info", machineStatus)
+		if statusInfo.Message == "" {
+			return errors.Errorf("cannot set status %q without info", statusInfo.Status)
 		}
 	case status.StatusPending:
 		// If a machine is not yet provisioned, we allow its status
@@ -1527,23 +1513,30 @@
 		}
 		fallthrough
 	case status.StatusDown:
-		return errors.Errorf("cannot set status %q", machineStatus)
+		return errors.Errorf("cannot set status %q", statusInfo.Status)
 	default:
-		return errors.Errorf("cannot set invalid status %q", machineStatus)
+		return errors.Errorf("cannot set invalid status %q", statusInfo.Status)
 	}
 	return setStatus(m.st, setStatusParams{
 		badge:     "machine",
 		globalKey: m.globalKey(),
-		status:    machineStatus,
-		message:   info,
-		rawData:   data,
+		status:    statusInfo.Status,
+		message:   statusInfo.Message,
+		rawData:   statusInfo.Data,
+		updated:   statusInfo.Since,
 	})
 }
 
-// StatusHistory returns a slice of at most <size> StatusInfo items
+// StatusHistory returns a slice of at most filter.Size StatusInfo items
+// or items as old as filter.Date or items newer than now - filter.Delta time
 // representing past statuses for this machine.
-func (m *Machine) StatusHistory(size int) ([]status.StatusInfo, error) {
-	return statusHistory(m.st, m.globalKey(), size)
+func (m *Machine) StatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	args := &statusHistoryArgs{
+		st:        m.st,
+		globalKey: m.globalKey(),
+		filter:    filter,
+	}
+	return statusHistory(args)
 }
 
 // Clean returns true if the machine does not have any deployed units or containers.
@@ -1637,8 +1630,15 @@
 			}
 			if statusInfo.Status == status.StatusPending {
 				containerType := ContainerTypeFromId(containerId)
-				container.SetStatus(
-					status.StatusError, "unsupported container", map[string]interface{}{"type": containerType})
+				// TODO(perrito666) 2016-05-02 lp:1558657
+				now := time.Now()
+				s := status.StatusInfo{
+					Status:  status.StatusError,
+					Message: "unsupported container",
+					Data:    map[string]interface{}{"type": containerType},
+					Since:   &now,
+				}
+				container.SetStatus(s)
 			} else {
 				logger.Errorf("unsupported container %v has unexpected status %v", containerId, statusInfo.Status)
 			}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/machine_linklayerdevices.go juju-core-2.0~beta12/src/github.com/juju/juju/state/machine_linklayerdevices.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/machine_linklayerdevices.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/machine_linklayerdevices.go	2016-07-18 19:45:44.000000000 +0000
@@ -97,6 +97,11 @@
 	callbackFunc := func(resultDoc *linkLayerDeviceDoc) {
 		removeOps := removeLinkLayerDeviceUnconditionallyOps(resultDoc.DocID)
 		ops = append(ops, removeOps...)
+		if resultDoc.ProviderID != "" {
+			providerId := network.Id(resultDoc.ProviderID)
+			op := m.st.networkEntityGlobalKeyRemoveOp("linklayerdevice", providerId)
+			ops = append(ops, op)
+		}
 	}
 
 	selectDocIDOnly := bson.D{{"_id", 1}}
@@ -159,11 +164,7 @@
 	}
 
 	buildTxn := func(attempt int) ([]txn.Op, error) {
-		existingProviderIDs, err := m.st.allProviderIDsForModelLinkLayerDevices()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		newDocs, err := m.prepareToSetLinkLayerDevices(devicesArgs, existingProviderIDs)
+		newDocs, err := m.prepareToSetLinkLayerDevices(devicesArgs)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -175,6 +176,16 @@
 			if err := m.isStillAlive(); err != nil {
 				return nil, errors.Trace(err)
 			}
+			allIds, err := m.st.allProviderIDsForLinkLayerDevices()
+			if err != nil {
+				return nil, errors.Trace(err)
+			}
+			for _, args := range devicesArgs {
+				if allIds.Contains(string(args.ProviderID)) {
+					err := NewProviderIDNotUniqueError(args.ProviderID)
+					return nil, errors.Annotatef(err, "invalid device %q", args.Name)
+				}
+			}
 		}
 
 		ops := []txn.Op{
@@ -194,28 +205,28 @@
 	return nil
 }
 
-func (st *State) allProviderIDsForModelLinkLayerDevices() (set.Strings, error) {
-	return st.allProviderIDsForModelCollection(linkLayerDevicesC, "link-layer devices")
+func (st *State) allProviderIDsForLinkLayerDevices() (set.Strings, error) {
+	return st.allProviderIDsForEntity("linklayerdevice")
 }
 
-func (st *State) allProviderIDsForModelCollection(collectionName, entityLabelPlural string) (_ set.Strings, err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot get ProviderIDs for all %s", entityLabelPlural)
+func (st *State) allProviderIDsForAddresses() (set.Strings, error) {
+	return st.allProviderIDsForEntity("address")
+}
 
-	entities, closer := st.getCollection(collectionName)
+func (st *State) allProviderIDsForEntity(entityName string) (set.Strings, error) {
+	idCollection, closer := st.getCollection(providerIDsC)
 	defer closer()
 
 	allProviderIDs := set.NewStrings()
 	var doc struct {
-		ProviderID string `bson:"providerid"`
+		ID string `bson:"_id"`
 	}
 
-	pattern := fmt.Sprintf("^%s:.+$", st.ModelUUID())
-	modelProviderIDs := bson.D{{"providerid", bson.D{{"$regex", pattern}}}}
-	onlyProviderIDField := bson.D{{"providerid", 1}}
-
-	iter := entities.Find(modelProviderIDs).Select(onlyProviderIDField).Iter()
+	pattern := fmt.Sprintf("^%s:%s:.+$", st.ModelUUID(), entityName)
+	modelProviderIDs := bson.D{{"_id", bson.D{{"$regex", pattern}}}}
+	iter := idCollection.Find(modelProviderIDs).Iter()
 	for iter.Next(&doc) {
-		localProviderID := st.localID(doc.ProviderID)
+		localProviderID := st.localID(doc.ID)[len(entityName)+1:]
 		allProviderIDs.Add(localProviderID)
 	}
 	if err := iter.Close(); err != nil {
@@ -224,26 +235,22 @@
 	return allProviderIDs, nil
 }
 
-func (m *Machine) prepareToSetLinkLayerDevices(devicesArgs []LinkLayerDeviceArgs, existingProviderIDs set.Strings) ([]linkLayerDeviceDoc, error) {
+func (m *Machine) prepareToSetLinkLayerDevices(devicesArgs []LinkLayerDeviceArgs) ([]linkLayerDeviceDoc, error) {
 	var pendingDocs []linkLayerDeviceDoc
 	pendingNames := set.NewStrings()
-	allProviderIDs := set.NewStrings(existingProviderIDs.Values()...)
 
 	for _, args := range devicesArgs {
-		newDoc, err := m.prepareOneSetLinkLayerDeviceArgs(&args, pendingNames, allProviderIDs)
+		newDoc, err := m.prepareOneSetLinkLayerDeviceArgs(&args, pendingNames)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
 		pendingNames.Add(args.Name)
 		pendingDocs = append(pendingDocs, *newDoc)
-		if args.ProviderID != "" {
-			allProviderIDs.Add(string(args.ProviderID))
-		}
 	}
 	return pendingDocs, nil
 }
 
-func (m *Machine) prepareOneSetLinkLayerDeviceArgs(args *LinkLayerDeviceArgs, pendingNames, allProviderIDs set.Strings) (_ *linkLayerDeviceDoc, err error) {
+func (m *Machine) prepareOneSetLinkLayerDeviceArgs(args *LinkLayerDeviceArgs, pendingNames set.Strings) (_ *linkLayerDeviceDoc, err error) {
 	defer errors.DeferredAnnotatef(&err, "invalid device %q", args.Name)
 
 	if err := m.validateSetLinkLayerDeviceArgs(args); err != nil {
@@ -254,10 +261,6 @@
 		return nil, errors.NewNotValid(nil, "Name specified more than once")
 	}
 
-	if allProviderIDs.Contains(string(args.ProviderID)) {
-		return nil, NewProviderIDNotUniqueError(args.ProviderID)
-	}
-
 	return m.newLinkLayerDeviceDocFromArgs(args), nil
 }
 
@@ -381,10 +384,6 @@
 	linkLayerDeviceDocID := m.linkLayerDeviceDocIDFromName(args.Name)
 
 	providerID := string(args.ProviderID)
-	if providerID != "" {
-		providerID = m.st.docID(providerID)
-	}
-
 	modelUUID := m.st.ModelUUID()
 
 	return &linkLayerDeviceDoc{
@@ -461,6 +460,10 @@
 			ops = append(ops, incrementDeviceNumChildrenOp(newParentDocID))
 		}
 	}
+	if newDoc.ProviderID != "" {
+		id := network.Id(newDoc.ProviderID)
+		ops = append(ops, m.st.networkEntityGlobalKeyOp("linklayerdevice", id))
+	}
 	return append(ops,
 		insertLinkLayerDeviceDocOp(newDoc),
 		insertLinkLayerDevicesRefsOp(modelUUID, linkLayerDeviceDocID),
@@ -510,7 +513,19 @@
 		ops = append(ops, assertLinkLayerDeviceExistsOp(existingParentDocID))
 		ops = append(ops, decrementDeviceNumChildrenOp(existingParentDocID))
 	}
-	return append(ops, updateLinkLayerDeviceDocOp(existingDoc, newDoc)), nil
+	ops = append(ops, updateLinkLayerDeviceDocOp(existingDoc, newDoc))
+
+	if newDoc.ProviderID != "" {
+		if existingDoc.ProviderID != "" && existingDoc.ProviderID != newDoc.ProviderID {
+			return nil, errors.Errorf("cannot change ProviderID of link layer device %q", existingDoc.Name)
+		}
+		if existingDoc.ProviderID != newDoc.ProviderID {
+			// Need to insert the new provider id in providerIDsC
+			id := network.Id(newDoc.ProviderID)
+			ops = append(ops, m.st.networkEntityGlobalKeyOp("linklayerdevice", id))
+		}
+	}
+	return ops, nil
 }
 
 // LinkLayerDeviceAddress contains an IP address assigned to a link-layer
@@ -562,11 +577,7 @@
 	}
 
 	buildTxn := func(attempt int) ([]txn.Op, error) {
-		existingProviderIDs, err := m.st.allProviderIDsForModelIPAddresses()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		newDocs, err := m.prepareToSetDevicesAddresses(devicesAddresses, existingProviderIDs)
+		newDocs, err := m.prepareToSetDevicesAddresses(devicesAddresses)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -578,6 +589,16 @@
 			if err := m.isStillAlive(); err != nil {
 				return nil, errors.Trace(err)
 			}
+			allIds, err := m.st.allProviderIDsForAddresses()
+			if err != nil {
+				return nil, errors.Trace(err)
+			}
+			for _, args := range devicesAddresses {
+				if allIds.Contains(string(args.ProviderID)) {
+					err := NewProviderIDNotUniqueError(args.ProviderID)
+					return nil, errors.Annotatef(err, "invalid address %q", args.CIDRAddress)
+				}
+			}
 		}
 
 		ops := []txn.Op{
@@ -597,38 +618,24 @@
 	return nil
 }
 
-func (st *State) allProviderIDsForModelIPAddresses() (set.Strings, error) {
-	return st.allProviderIDsForModelCollection(ipAddressesC, "IP addresses")
-}
-
-func (m *Machine) prepareToSetDevicesAddresses(devicesAddresses []LinkLayerDeviceAddress, existingProviderIDs set.Strings) ([]ipAddressDoc, error) {
+func (m *Machine) prepareToSetDevicesAddresses(devicesAddresses []LinkLayerDeviceAddress) ([]ipAddressDoc, error) {
 	var pendingDocs []ipAddressDoc
-	allProviderIDs := set.NewStrings(existingProviderIDs.Values()...)
-
 	for _, args := range devicesAddresses {
-		newDoc, err := m.prepareOneSetDevicesAddresses(&args, allProviderIDs)
+		newDoc, err := m.prepareOneSetDevicesAddresses(&args)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
 		pendingDocs = append(pendingDocs, *newDoc)
-		if args.ProviderID != "" {
-			allProviderIDs.Add(string(args.ProviderID))
-		}
 	}
 	return pendingDocs, nil
 }
 
-func (m *Machine) prepareOneSetDevicesAddresses(args *LinkLayerDeviceAddress, allProviderIDs set.Strings) (_ *ipAddressDoc, err error) {
+func (m *Machine) prepareOneSetDevicesAddresses(args *LinkLayerDeviceAddress) (_ *ipAddressDoc, err error) {
 	defer errors.DeferredAnnotatef(&err, "invalid address %q", args.CIDRAddress)
 
 	if err := m.validateSetDevicesAddressesArgs(args); err != nil {
 		return nil, errors.Trace(err)
 	}
-
-	if allProviderIDs.Contains(string(args.ProviderID)) {
-		return nil, NewProviderIDNotUniqueError(args.ProviderID)
-	}
-
 	return m.newIPAddressDocFromArgs(args)
 }
 
@@ -698,11 +705,8 @@
 
 	globalKey := ipAddressGlobalKey(m.doc.Id, args.DeviceName, addressValue)
 	ipAddressDocID := m.st.docID(globalKey)
-
 	providerID := string(args.ProviderID)
-	if providerID != "" {
-		providerID = m.st.docID(providerID)
-	}
+
 	modelUUID := m.st.ModelUUID()
 
 	newDoc := &ipAddressDoc{
@@ -743,9 +747,23 @@
 		if err == mgo.ErrNotFound {
 			// Address does not exist yet - insert it.
 			ops = append(ops, insertIPAddressDocOp(&newDoc))
+			if newDoc.ProviderID != "" {
+				id := network.Id(newDoc.ProviderID)
+				ops = append(ops, m.st.networkEntityGlobalKeyOp("address", id))
+			}
 		} else if err == nil {
 			// Address already exists - update what's possible.
 			ops = append(ops, updateIPAddressDocOp(&existingDoc, &newDoc))
+			if newDoc.ProviderID != "" {
+				if existingDoc.ProviderID != "" && existingDoc.ProviderID != newDoc.ProviderID {
+					return nil, errors.Errorf("cannot change ProviderID of link address %q", existingDoc.Value)
+				}
+				if existingDoc.ProviderID != newDoc.ProviderID {
+					// Need to insert the new provider id in providerIDsC
+					id := network.Id(newDoc.ProviderID)
+					ops = append(ops, m.st.networkEntityGlobalKeyOp("address", id))
+				}
+			}
 		} else {
 			return nil, errors.Trace(err)
 		}
@@ -804,7 +822,7 @@
 	}
 
 	findQuery := findAddressesQuery(m.doc.Id, "")
-	if err := m.st.forEachIPAddressDoc(findQuery, nil, callbackFunc); err != nil {
+	if err := m.st.forEachIPAddressDoc(findQuery, callbackFunc); err != nil {
 		return nil, errors.Trace(err)
 	}
 	return allAddresses, nil
@@ -833,6 +851,8 @@
 		logger.Debugf("setting link-layer devices %+v", argsToSet)
 		if err := m.SetLinkLayerDevices(argsToSet...); IsProviderIDNotUniqueError(err) {
 			// FIXME: Make updating devices with unchanged ProviderID idempotent.
+			// FIXME: this obliterates the ProviderID of *all*
+			// devices if any *one* of them is not unique.
 			for i, args := range argsToSet {
 				args.ProviderID = ""
 				argsToSet[i] = args
@@ -856,6 +876,8 @@
 func (m *Machine) SetDevicesAddressesIdempotently(devicesAddresses []LinkLayerDeviceAddress) error {
 	if err := m.SetDevicesAddresses(devicesAddresses...); IsProviderIDNotUniqueError(err) {
 		// FIXME: Make updating addresses with unchanged ProviderID idempotent.
+		// FIXME: this obliterates the ProviderID of *all*
+		// addresses if any *one* of them is not unique.
 		for i, args := range devicesAddresses {
 			args.ProviderID = ""
 			devicesAddresses[i] = args
@@ -877,23 +899,31 @@
 	if err != nil {
 		return errors.Annotate(err, "cannot get host machine devices")
 	}
-	logger.Debugf("using host machine %q devices: %+v", m.Id(), allDevices)
 
-	var containerDevicesArgs []LinkLayerDeviceArgs
+	bridgeDevicesByName := make(map[string]*LinkLayerDevice)
+	bridgeDeviceNames := make([]string, 0, len(allDevices))
+
 	for _, hostDevice := range allDevices {
 		if hostDevice.Type() == BridgeDevice {
-			containerDeviceName := fmt.Sprintf("eth%d", len(containerDevicesArgs))
-			generatedMAC := generateMACAddress()
-			args := LinkLayerDeviceArgs{
-				Name:        containerDeviceName,
-				Type:        EthernetDevice,
-				MACAddress:  generatedMAC,
-				MTU:         hostDevice.MTU(),
-				IsUp:        true,
-				IsAutoStart: true,
-				ParentName:  hostDevice.globalKey(),
-			}
-			containerDevicesArgs = append(containerDevicesArgs, args)
+			bridgeDevicesByName[hostDevice.Name()] = hostDevice
+			bridgeDeviceNames = append(bridgeDeviceNames, hostDevice.Name())
+		}
+	}
+
+	sortedBridgeDeviceNames := network.NaturallySortDeviceNames(bridgeDeviceNames...)
+	logger.Debugf("using host machine %q bridge devices: %v", m.Id(), sortedBridgeDeviceNames)
+	containerDevicesArgs := make([]LinkLayerDeviceArgs, len(bridgeDeviceNames))
+
+	for i, hostBridgeName := range sortedBridgeDeviceNames {
+		hostBridge := bridgeDevicesByName[hostBridgeName]
+		containerDevicesArgs[i] = LinkLayerDeviceArgs{
+			Name:        fmt.Sprintf("eth%d", i),
+			Type:        EthernetDevice,
+			MACAddress:  generateMACAddress(),
+			MTU:         hostBridge.MTU(),
+			IsUp:        true,
+			IsAutoStart: true,
+			ParentName:  hostBridge.globalKey(),
 		}
 	}
 	logger.Debugf("prepared container %q network config: %+v", containerMachine.Id(), containerDevicesArgs)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,14 +5,15 @@
 
 import (
 	"sort"
+	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	jujutxn "github.com/juju/txn"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 
@@ -28,6 +29,7 @@
 	"github.com/juju/juju/storage/provider"
 	"github.com/juju/juju/storage/provider/registry"
 	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/worker"
 )
 
 type MachineSuite struct {
@@ -118,7 +120,7 @@
 	_, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.machine.Id(), instance.LXC)
+	}, s.machine.Id(), instance.LXD)
 	c.Assert(err, gc.ErrorMatches, `model "testenv" is no longer alive`)
 }
 
@@ -130,7 +132,7 @@
 	_, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.machine.Id(), instance.LXC)
+	}, s.machine.Id(), instance.LXD)
 	c.Assert(err, gc.ErrorMatches, `model "testenv" is being migrated`)
 }
 
@@ -139,14 +141,14 @@
 	c1, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.machine.Id(), instance.LXC)
+	}, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Add second container.
 	c2, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, c1.Id(), instance.LXC)
+	}, c1.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	err = c2.SetRebootFlag(true)
@@ -198,7 +200,7 @@
 	container, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.machine.Id(), instance.LXC)
+	}, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	parentId, ok = container.ParentId()
 	c.Assert(parentId, gc.Equals, s.machine.Id())
@@ -259,7 +261,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(machine.IsContainer(), jc.IsFalse)
@@ -282,11 +284,11 @@
 	_, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.machine.Id(), instance.LXC)
+	}, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	err = s.machine.Destroy()
 	c.Assert(err, gc.FitsTypeOf, &state.HasContainersError{})
-	c.Assert(err, gc.ErrorMatches, `machine 1 is hosting containers "1/lxc/0"`)
+	c.Assert(err, gc.ErrorMatches, `machine 1 is hosting containers "1/lxd/0"`)
 	err1 := s.machine.EnsureDead()
 	c.Assert(err1, gc.DeepEquals, err)
 	c.Assert(s.machine.Life(), gc.Equals, state.Alive)
@@ -479,7 +481,7 @@
 		_, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 			Series: "quantal",
 			Jobs:   []state.MachineJob{state.JobHostUnits},
-		}, s.machine.Id(), instance.LXC)
+		}, s.machine.Id(), instance.LXD)
 		c.Assert(err, jc.ErrorIsNil)
 	}).Check()
 
@@ -519,51 +521,6 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *MachineSuite) TestRemoveMarksAddressesAsDead(c *gc.C) {
-	err := s.machine.SetProvisioned("fake", "totally-fake", nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	addr1, err := s.State.AddIPAddress(network.NewAddress("10.0.0.1"), "foo")
-	c.Assert(err, jc.ErrorIsNil)
-	err = addr1.AllocateTo(s.machine.Id(), "bar", "01:23:45:67:89:ab")
-	c.Assert(err, jc.ErrorIsNil)
-
-	addr2, err := s.State.AddIPAddress(network.NewAddress("10.0.0.2"), "foo")
-	c.Assert(err, jc.ErrorIsNil)
-	err = addr2.AllocateTo(s.machine.Id(), "bar", "01:23:45:67:89:ab")
-	c.Assert(err, jc.ErrorIsNil)
-
-	addr3, err := s.State.AddIPAddress(network.NewAddress("10.0.0.3"), "bar")
-	c.Assert(err, jc.ErrorIsNil)
-	err = addr3.AllocateTo(s.machine0.Id(), "bar", "01:23:45:67:89:ab")
-	c.Assert(err, jc.ErrorIsNil)
-
-	addr4, err := s.State.AddIPAddress(network.NewAddress("10.0.0.4"), "foo")
-	c.Assert(err, jc.ErrorIsNil)
-	err = addr4.AllocateTo(s.machine.Id(), "bar", "01:23:45:67:89:ab")
-	c.Assert(err, jc.ErrorIsNil)
-	err = addr4.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.machine.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.machine.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = addr1.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addr1.Life(), gc.Equals, state.Dead)
-	err = addr2.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addr2.Life(), gc.Equals, state.Dead)
-	err = addr3.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addr3.Life(), gc.Equals, state.Alive)
-	err = addr4.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addr4.Life(), gc.Equals, state.Dead)
-}
-
 func (s *MachineSuite) TestHasVote(c *gc.C) {
 	c.Assert(s.machine.HasVote(), jc.IsFalse)
 
@@ -626,7 +583,9 @@
 	pinger, err := s.machine.SetAgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(pinger, gc.NotNil)
-	defer pinger.Stop()
+	defer func() {
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
+	}()
 
 	s.State.StartSync()
 	alive, err = s.machine.AgentPresence()
@@ -711,30 +670,6 @@
 	})
 }
 
-func (s *MachineSuite) TestSetPasswordPreModelUUID(c *gc.C) {
-	// Ensure that SetPassword works for machines even when the env
-	// UUID upgrade migrations haven't run yet.
-	type oldMachineDoc struct {
-		Id     string `bson:"_id"`
-		Series string
-	}
-	s.machines.Insert(&oldMachineDoc{"99", "quantal"})
-
-	m, err := s.State.Machine("99")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Set the password and make sure it sticks.
-	c.Assert(m.PasswordValid(goodPassword), jc.IsFalse)
-	err = m.SetPassword(goodPassword)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.PasswordValid(goodPassword), jc.IsTrue)
-
-	// Check a newly-fetched entity has the same password.
-	err = m.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.PasswordValid(goodPassword), jc.IsTrue)
-}
-
 func (s *MachineSuite) TestMachineWaitAgentPresence(c *gc.C) {
 	alive, err := s.machine.AgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
@@ -968,7 +903,13 @@
 	err := s.machine.SetProvisioned("umbrella/0", "fake_nonce", nil)
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = s.machine.SetInstanceStatus(status.StatusRunning, "alive", map[string]interface{}{})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusRunning,
+		Message: "alive",
+		Since:   &now,
+	}
+	err = s.machine.SetInstanceStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Reload machine and check result.
@@ -1033,7 +974,7 @@
 	s3 := s.AddTestingService(c, "s3", logging)
 
 	units := make([][]*state.Unit, 4)
-	for i, svc := range []*state.Service{s0, s1, s2} {
+	for i, svc := range []*state.Application{s0, s1, s2} {
 		units[i] = make([]*state.Unit, 3)
 		for j := range units[i] {
 			units[i][j], err = svc.AddUnit()
@@ -1097,7 +1038,7 @@
 	return names
 }
 
-func (s *MachineSuite) assertMachineDirtyAfterAddingUnit(c *gc.C) (*state.Machine, *state.Service, *state.Unit) {
+func (s *MachineSuite) assertMachineDirtyAfterAddingUnit(c *gc.C) (*state.Machine, *state.Application, *state.Unit) {
 	m, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(m.Clean(), jc.IsTrue)
@@ -1215,7 +1156,13 @@
 	wc.AssertNoChange()
 
 	// Change the unit; no change.
-	err = mysql0.SetAgentStatus(status.StatusIdle, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = mysql0.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 
@@ -1244,7 +1191,12 @@
 	wc.AssertNoChange()
 
 	// Change the subordinate; no change.
-	err = logging0.SetAgentStatus(status.StatusIdle, "", nil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = logging0.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 
@@ -1319,7 +1271,13 @@
 	wc.AssertNoChange()
 
 	// Change the unit; no change.
-	err = mysql0.SetAgentStatus(status.StatusIdle, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = mysql0.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 
@@ -1349,7 +1307,12 @@
 	wc.AssertNoChange()
 
 	// Change the subordinate; no change.
-	err = logging0.SetAgentStatus(status.StatusIdle, "", nil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = logging0.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 
@@ -1519,31 +1482,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(machine.Addresses(), gc.HasLen, 0)
 
-	// Create subnet and pick two addresses.
-	subnetInfo := state.SubnetInfo{
-		CIDR:              "192.168.1.0/24",
-		AllocatableIPLow:  "192.168.1.0",
-		AllocatableIPHigh: "192.168.1.10",
-	}
-	subnet, err := s.State.AddSubnet(subnetInfo)
-	c.Assert(err, jc.ErrorIsNil)
-
-	ipAddr1, err := subnet.PickNewAddress()
-	c.Assert(err, jc.ErrorIsNil)
-	err = ipAddr1.SetState(state.AddressStateAllocated)
-	c.Assert(err, jc.ErrorIsNil)
-	ipAddr2, err := subnet.PickNewAddress()
-	c.Assert(err, jc.ErrorIsNil)
-	err = ipAddr2.SetState(state.AddressStateAllocated)
-	c.Assert(err, jc.ErrorIsNil)
-
 	// When setting all addresses the subnet addresses have to be
 	// filtered out.
 	addresses := network.NewAddresses(
 		"127.0.0.1",
 		"8.8.8.8",
-		ipAddr1.Value(),
-		ipAddr2.Value(),
 	)
 	err = machine.SetProviderAddresses(addresses...)
 	c.Assert(err, jc.ErrorIsNil)
@@ -1559,36 +1502,22 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(machine.Addresses(), gc.HasLen, 0)
 
-	// Create subnet and pick two addresses.
-	subnetInfo := state.SubnetInfo{
-		CIDR:              "192.168.1.0/24",
-		AllocatableIPLow:  "192.168.1.0",
-		AllocatableIPHigh: "192.168.1.10",
-	}
-	subnet, err := s.State.AddSubnet(subnetInfo)
-	c.Assert(err, jc.ErrorIsNil)
-
-	ipAddr, err := subnet.PickNewAddress()
-	c.Assert(err, jc.ErrorIsNil)
-	err = ipAddr.SetState(state.AddressStateAllocated)
-	c.Assert(err, jc.ErrorIsNil)
-
 	// Create an LXC container inside the machine.
 	template := state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// When setting all addresses the subnet address has to accepted.
-	addresses := network.NewAddresses("127.0.0.1", ipAddr.Value())
+	addresses := network.NewAddresses("127.0.0.1")
 	err = container.SetProviderAddresses(addresses...)
 	c.Assert(err, jc.ErrorIsNil)
 	err = container.Refresh()
 	c.Assert(err, jc.ErrorIsNil)
 
-	expectedAddresses := network.NewAddresses(ipAddr.Value(), "127.0.0.1")
+	expectedAddresses := network.NewAddresses("127.0.0.1")
 	c.Assert(container.Addresses(), jc.DeepEquals, expectedAddresses)
 }
 
@@ -1680,35 +1609,6 @@
 		"127.0.0.1",
 		"fe80::1",
 	))
-
-	// Now simulate prefer-ipv6: true
-	c.Assert(
-		s.State.UpdateModelConfig(
-			map[string]interface{}{"prefer-ipv6": true},
-			nil, nil,
-		),
-		gc.IsNil,
-	)
-
-	err = machine.SetProviderAddresses(providerAddresses...)
-	c.Assert(err, jc.ErrorIsNil)
-	err = machine.SetMachineAddresses(machineAddresses...)
-	c.Assert(err, jc.ErrorIsNil)
-	err = machine.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(machine.Addresses(), jc.DeepEquals, network.NewAddresses(
-		"2001:db8::1",
-		"8.8.8.8",
-		"example.org",
-		"fc00::1",
-		"::1",
-		"127.0.0.2",
-		"localhost",
-		"fd00::1",
-		"192.168.0.1",
-		"127.0.0.1",
-		"fe80::1",
-	))
 }
 
 func (s *MachineSuite) TestSetProviderAddressesConcurrentChangeDifferent(c *gc.C) {
@@ -1829,7 +1729,7 @@
 	c.Assert(machine.Addresses(), gc.HasLen, 0)
 
 	addr, err := machine.PublicAddress()
-	c.Assert(err, jc.Satisfies, network.IsNoAddress)
+	c.Assert(err, jc.Satisfies, network.IsNoAddressError)
 	c.Assert(addr.Value, gc.Equals, "")
 }
 
@@ -1839,7 +1739,7 @@
 	c.Assert(machine.Addresses(), gc.HasLen, 0)
 
 	addr, err := machine.PrivateAddress()
-	c.Assert(err, jc.Satisfies, network.IsNoAddress)
+	c.Assert(err, jc.Satisfies, network.IsNoAddressError)
 	c.Assert(addr.Value, gc.Equals, "")
 }
 
@@ -2202,7 +2102,7 @@
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = machine.SetSupportedContainers([]instance.ContainerType{instance.LXC, instance.NONE})
+	err = machine.SetSupportedContainers([]instance.ContainerType{instance.LXD, instance.NONE})
 	c.Assert(err, gc.ErrorMatches, `"none" is not a valid container type`)
 	assertSupportedContainersUnknown(c, machine)
 	err = machine.Refresh()
@@ -2211,7 +2111,7 @@
 }
 
 func (s *MachineSuite) TestSupportsNoContainersOverwritesExisting(c *gc.C) {
-	machine := s.addMachineWithSupportedContainer(c, instance.LXC)
+	machine := s.addMachineWithSupportedContainer(c, instance.LXD)
 
 	err := machine.SupportsNoContainers()
 	c.Assert(err, jc.ErrorIsNil)
@@ -2222,52 +2122,52 @@
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = machine.SetSupportedContainers([]instance.ContainerType{instance.LXC})
+	err = machine.SetSupportedContainers([]instance.ContainerType{instance.LXD})
 	c.Assert(err, jc.ErrorIsNil)
-	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXC})
+	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXD})
 }
 
 func (s *MachineSuite) TestSetSupportedContainersSame(c *gc.C) {
-	machine := s.addMachineWithSupportedContainer(c, instance.LXC)
+	machine := s.addMachineWithSupportedContainer(c, instance.LXD)
 
-	err := machine.SetSupportedContainers([]instance.ContainerType{instance.LXC})
+	err := machine.SetSupportedContainers([]instance.ContainerType{instance.LXD})
 	c.Assert(err, jc.ErrorIsNil)
-	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXC})
+	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXD})
 }
 
 func (s *MachineSuite) TestSetSupportedContainersNew(c *gc.C) {
-	machine := s.addMachineWithSupportedContainer(c, instance.LXC)
+	machine := s.addMachineWithSupportedContainer(c, instance.LXD)
 
-	err := machine.SetSupportedContainers([]instance.ContainerType{instance.LXC, instance.KVM})
+	err := machine.SetSupportedContainers([]instance.ContainerType{instance.LXD, instance.KVM})
 	c.Assert(err, jc.ErrorIsNil)
-	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXC, instance.KVM})
+	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXD, instance.KVM})
 }
 
 func (s *MachineSuite) TestSetSupportedContainersMultipeNew(c *gc.C) {
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = machine.SetSupportedContainers([]instance.ContainerType{instance.LXC, instance.KVM})
+	err = machine.SetSupportedContainers([]instance.ContainerType{instance.LXD, instance.KVM})
 	c.Assert(err, jc.ErrorIsNil)
-	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXC, instance.KVM})
+	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXD, instance.KVM})
 }
 
 func (s *MachineSuite) TestSetSupportedContainersMultipleExisting(c *gc.C) {
-	machine := s.addMachineWithSupportedContainer(c, instance.LXC)
+	machine := s.addMachineWithSupportedContainer(c, instance.LXD)
 
-	err := machine.SetSupportedContainers([]instance.ContainerType{instance.LXC, instance.KVM})
+	err := machine.SetSupportedContainers([]instance.ContainerType{instance.LXD, instance.KVM})
 	c.Assert(err, jc.ErrorIsNil)
-	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXC, instance.KVM})
+	assertSupportedContainers(c, machine, []instance.ContainerType{instance.LXD, instance.KVM})
 }
 
 func (s *MachineSuite) TestSetSupportedContainersSetsUnknownToError(c *gc.C) {
-	// Create a machine and add lxc and kvm containers prior to calling SetSupportedContainers
+	// Create a machine and add lxd and kvm containers prior to calling SetSupportedContainers
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	template := state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	supportedContainer, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.KVM)
 	c.Assert(err, jc.ErrorIsNil)
@@ -2281,14 +2181,14 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(statusInfo.Status, gc.Equals, status.StatusPending)
 
-	// An unsupported (lxc) container will have an error status.
+	// An unsupported (lxd) container will have an error status.
 	err = container.Refresh()
 	c.Assert(err, jc.ErrorIsNil)
 	statusInfo, err = container.Status()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(statusInfo.Status, gc.Equals, status.StatusError)
 	c.Assert(statusInfo.Message, gc.Equals, "unsupported container")
-	c.Assert(statusInfo.Data, gc.DeepEquals, map[string]interface{}{"type": "lxc"})
+	c.Assert(statusInfo.Data, gc.DeepEquals, map[string]interface{}{"type": "lxd"})
 }
 
 func (s *MachineSuite) TestSupportsNoContainersSetsAllToError(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/metrics.go juju-core-2.0~beta12/src/github.com/juju/juju/state/metrics.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/metrics.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/metrics.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -97,7 +97,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	service, err := unit.Service()
+	application, err := unit.Application()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -112,7 +112,7 @@
 			Sent:        false,
 			Created:     batch.Created,
 			Metrics:     batch.Metrics,
-			Credentials: service.MetricCredentials(),
+			Credentials: application.MetricCredentials(),
 		},
 	}
 	if err := metric.validate(); err != nil {
@@ -195,9 +195,9 @@
 	return st.queryLocalMetricBatches(bson.M{"unit": unit})
 }
 
-// MetricBatchesUnit returns metric batches for the given service.
-func (st *State) MetricBatchesForService(service string) ([]MetricBatch, error) {
-	svc, err := st.Service(service)
+// MetricBatchesUnit returns metric batches for the given application.
+func (st *State) MetricBatchesForService(application string) ([]MetricBatch, error) {
+	svc, err := st.Application(application)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/metrics_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/metrics_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/metrics_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/metrics_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing/factory"
@@ -19,7 +19,7 @@
 type MetricSuite struct {
 	ConnSuite
 	unit         *state.Unit
-	service      *state.Service
+	service      *state.Application
 	meteredCharm *state.Charm
 }
 
@@ -55,8 +55,8 @@
 
 func (s *MetricSuite) assertAddUnit(c *gc.C) {
 	s.meteredCharm = s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	s.service = s.Factory.MakeService(c, &factory.ServiceParams{Charm: s.meteredCharm})
-	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.service, SetCharmURL: true})
+	s.service = s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: s.meteredCharm})
+	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.service, SetCharmURL: true})
 }
 
 func (s *MetricSuite) TestAddMetric(c *gc.C) {
@@ -391,8 +391,8 @@
 
 func (s *MetricSuite) TestMetricValidation(c *gc.C) {
 	nonMeteredUnit := s.Factory.MakeUnit(c, &factory.UnitParams{SetCharmURL: true})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Name: "metered-service", Charm: s.meteredCharm})
-	meteredUnit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredService := s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "metered-service", Charm: s.meteredCharm})
+	meteredUnit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredService, SetCharmURL: true})
 	dyingUnit, err := meteredService.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	err = dyingUnit.SetCharmURL(s.meteredCharm.URL())
@@ -485,8 +485,8 @@
 	defer st.Close()
 	f := factory.NewFactory(st)
 	meteredCharm := f.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	service := f.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := f.MakeUnit(c, &factory.UnitParams{Service: service, SetCharmURL: true})
+	service := f.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := f.MakeUnit(c, &factory.UnitParams{Application: service, SetCharmURL: true})
 	m2, err := s.State.AddMetrics(
 		state.BatchParam{
 			UUID:     utils.MustNewUUID().String(),
@@ -633,8 +633,8 @@
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	localMeteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Name: "localmetered", Charm: localMeteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: service, SetCharmURL: true})
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "localmetered", Charm: localMeteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: service, SetCharmURL: true})
 	_, err = s.State.AddMetrics(
 		state.BatchParam{
 			UUID:     utils.MustNewUUID().String(),
@@ -655,7 +655,7 @@
 type MetricLocalCharmSuite struct {
 	ConnSuite
 	unit         *state.Unit
-	service      *state.Service
+	service      *state.Application
 	meteredCharm *state.Charm
 }
 
@@ -668,8 +668,8 @@
 
 func (s *MetricLocalCharmSuite) assertAddLocalUnit(c *gc.C) {
 	s.meteredCharm = s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "local:quantal/metered"})
-	s.service = s.Factory.MakeService(c, &factory.ServiceParams{Charm: s.meteredCharm})
-	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.service, SetCharmURL: true})
+	s.service = s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: s.meteredCharm})
+	s.unit = s.Factory.MakeUnit(c, &factory.UnitParams{Application: s.service, SetCharmURL: true})
 }
 
 func (s *MetricLocalCharmSuite) TestUnitMetricBatches(c *gc.C) {
@@ -776,8 +776,8 @@
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	csMeteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Name: "csmetered", Charm: csMeteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: service, SetCharmURL: true})
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "csmetered", Charm: csMeteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: service, SetCharmURL: true})
 	_, err = s.State.AddMetrics(
 		state.BatchParam{
 			UUID:     utils.MustNewUUID().String(),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_export.go juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_export.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_export.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_export.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/core/description"
@@ -44,9 +44,9 @@
 		return nil, errors.Trace(err)
 	}
 
-	envConfig, found := export.settings[modelGlobalKey]
+	modelConfig, found := export.modelSettings[modelGlobalKey]
 	if !found {
-		return nil, errors.New("missing environ config")
+		return nil, errors.New("missing model config")
 	}
 
 	blocks, err := export.readBlocks()
@@ -55,8 +55,10 @@
 	}
 
 	args := description.ModelArgs{
+		Cloud:              dbModel.Cloud(),
+		CloudRegion:        dbModel.CloudRegion(),
 		Owner:              dbModel.Owner(),
-		Config:             envConfig.Settings,
+		Config:             modelConfig.Settings,
 		LatestToolsVersion: dbModel.LatestToolsVersion(),
 		Blocks:             blocks,
 	}
@@ -78,7 +80,7 @@
 	if err := export.machines(); err != nil {
 		return nil, errors.Trace(err)
 	}
-	if err := export.services(); err != nil {
+	if err := export.applications(); err != nil {
 		return nil, errors.Trace(err)
 	}
 	if err := export.relations(); err != nil {
@@ -102,11 +104,11 @@
 
 	annotations   map[string]annotatorDoc
 	constraints   map[string]bson.M
-	settings      map[string]settingsDoc
+	modelSettings map[string]settingsDoc
 	status        map[string]bson.M
 	statusHistory map[string][]historicalStatusDoc
-	// Map of service name to units. Populated as part
-	// of the services export.
+	// Map of application name to units. Populated as part
+	// of the applications export.
 	units map[string][]*Unit
 }
 
@@ -153,8 +155,18 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
-
 	for _, user := range users {
+		var access string
+		switch {
+		case user.IsAdmin():
+			access = string(AdminAccess)
+		case user.IsReadWrite():
+			access = string(WriteAccess)
+		default:
+			access = string(ReadAccess)
+
+		}
+
 		lastConn := lastConnections[strings.ToLower(user.UserName())]
 		arg := description.UserArgs{
 			Name:           user.UserTag(),
@@ -162,7 +174,7 @@
 			CreatedBy:      names.NewUserTag(user.CreatedBy()),
 			DateCreated:    user.DateCreated(),
 			LastConnection: lastConn,
-			ReadOnly:       user.ReadOnly(),
+			Access:         access,
 		}
 		e.model.AddUser(arg)
 	}
@@ -374,12 +386,12 @@
 	return inst
 }
 
-func (e *exporter) services() error {
-	services, err := e.st.AllServices()
+func (e *exporter) applications() error {
+	applications, err := e.st.AllApplications()
 	if err != nil {
 		return errors.Trace(err)
 	}
-	e.logger.Debugf("found %d services", len(services))
+	e.logger.Debugf("found %d applications", len(applications))
 
 	refcounts, err := e.readAllSettingsRefCounts()
 	if err != nil {
@@ -396,75 +408,83 @@
 		return errors.Trace(err)
 	}
 
-	leaders := e.readServiceLeaders()
+	leaders, err := e.readApplicationLeaders()
+	if err != nil {
+		return errors.Trace(err)
+	}
 
-	for _, service := range services {
-		serviceUnits := e.units[service.Name()]
-		leader := leaders[service.Name()]
-		if err := e.addService(service, refcounts, serviceUnits, meterStatus, leader); err != nil {
+	for _, application := range applications {
+		applicationUnits := e.units[application.Name()]
+		leader := leaders[application.Name()]
+		if err := e.addApplication(application, refcounts, applicationUnits, meterStatus, leader); err != nil {
 			return errors.Trace(err)
 		}
 	}
 	return nil
 }
 
-func (e *exporter) readServiceLeaders() map[string]string {
-	result := make(map[string]string)
-	for key, value := range e.st.leadershipClient.Leases() {
+func (e *exporter) readApplicationLeaders() (map[string]string, error) {
+	client, err := e.st.getLeadershipLeaseClient()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	leases := client.Leases()
+	result := make(map[string]string, len(leases))
+	for key, value := range leases {
 		result[key] = value.Holder
 	}
-	return result
+	return result, nil
 }
 
-func (e *exporter) addService(service *Service, refcounts map[string]int, units []*Unit, meterStatus map[string]*meterStatusDoc, leader string) error {
-	settingsKey := service.settingsKey()
-	leadershipKey := leadershipSettingsKey(service.Name())
+func (e *exporter) addApplication(application *Application, refcounts map[string]int, units []*Unit, meterStatus map[string]*meterStatusDoc, leader string) error {
+	settingsKey := application.settingsKey()
+	leadershipKey := leadershipSettingsKey(application.Name())
 
-	serviceSettingsDoc, found := e.settings[settingsKey]
+	applicationSettingsDoc, found := e.modelSettings[settingsKey]
 	if !found {
-		return errors.Errorf("missing settings for service %q", service.Name())
+		return errors.Errorf("missing settings for application %q", application.Name())
 	}
 	refCount, found := refcounts[settingsKey]
 	if !found {
-		return errors.Errorf("missing settings refcount for service %q", service.Name())
+		return errors.Errorf("missing settings refcount for application %q", application.Name())
 	}
-	leadershipSettingsDoc, found := e.settings[leadershipKey]
+	leadershipSettingsDoc, found := e.modelSettings[leadershipKey]
 	if !found {
-		return errors.Errorf("missing leadership settings for service %q", service.Name())
+		return errors.Errorf("missing leadership settings for application %q", application.Name())
 	}
 
-	args := description.ServiceArgs{
-		Tag:                  service.ServiceTag(),
-		Series:               service.doc.Series,
-		Subordinate:          service.doc.Subordinate,
-		CharmURL:             service.doc.CharmURL.String(),
-		Channel:              service.doc.Channel,
-		CharmModifiedVersion: service.doc.CharmModifiedVersion,
-		ForceCharm:           service.doc.ForceCharm,
-		Exposed:              service.doc.Exposed,
-		MinUnits:             service.doc.MinUnits,
-		Settings:             serviceSettingsDoc.Settings,
+	args := description.ApplicationArgs{
+		Tag:                  application.ApplicationTag(),
+		Series:               application.doc.Series,
+		Subordinate:          application.doc.Subordinate,
+		CharmURL:             application.doc.CharmURL.String(),
+		Channel:              application.doc.Channel,
+		CharmModifiedVersion: application.doc.CharmModifiedVersion,
+		ForceCharm:           application.doc.ForceCharm,
+		Exposed:              application.doc.Exposed,
+		MinUnits:             application.doc.MinUnits,
+		Settings:             applicationSettingsDoc.Settings,
 		SettingsRefCount:     refCount,
 		Leader:               leader,
 		LeadershipSettings:   leadershipSettingsDoc.Settings,
-		MetricsCredentials:   service.doc.MetricCredentials,
+		MetricsCredentials:   application.doc.MetricCredentials,
 	}
-	exService := e.model.AddService(args)
-	// Find the current service status.
-	globalKey := service.globalKey()
+	exApplication := e.model.AddApplication(args)
+	// Find the current application status.
+	globalKey := application.globalKey()
 	statusArgs, err := e.statusArgs(globalKey)
 	if err != nil {
-		return errors.Annotatef(err, "status for service %s", service.Name())
+		return errors.Annotatef(err, "status for application %s", application.Name())
 	}
-	exService.SetStatus(statusArgs)
-	exService.SetStatusHistory(e.statusHistoryArgs(globalKey))
-	exService.SetAnnotations(e.getAnnotations(globalKey))
+	exApplication.SetStatus(statusArgs)
+	exApplication.SetStatusHistory(e.statusHistoryArgs(globalKey))
+	exApplication.SetAnnotations(e.getAnnotations(globalKey))
 
 	constraintsArgs, err := e.constraintsArgs(globalKey)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	exService.SetConstraints(constraintsArgs)
+	exApplication.SetConstraints(constraintsArgs)
 
 	for _, unit := range units {
 		agentKey := unit.globalAgentKey()
@@ -473,9 +493,14 @@
 			return errors.Errorf("missing meter status for unit %s", unit.Name())
 		}
 
+		workloadVersion, err := unit.WorkloadVersion()
+		if err != nil {
+			return errors.Trace(err)
+		}
 		args := description.UnitArgs{
 			Tag:             unit.UnitTag(),
 			Machine:         names.NewMachineTag(unit.doc.MachineId),
+			WorkloadVersion: workloadVersion,
 			PasswordHash:    unit.doc.PasswordHash,
 			MeterStatusCode: unitMeterStatus.Code,
 			MeterStatusInfo: unitMeterStatus.Info,
@@ -488,8 +513,9 @@
 				args.Subordinates = append(args.Subordinates, names.NewUnitTag(subName))
 			}
 		}
-		exUnit := exService.AddUnit(args)
-		// workload uses globalKey, agent uses globalAgentKey.
+		exUnit := exApplication.AddUnit(args)
+		// workload uses globalKey, agent uses globalAgentKey,
+		// workload version uses globalWorkloadVersionKey.
 		globalKey := unit.globalKey()
 		statusArgs, err := e.statusArgs(globalKey)
 		if err != nil {
@@ -497,6 +523,7 @@
 		}
 		exUnit.SetWorkloadStatus(statusArgs)
 		exUnit.SetWorkloadStatusHistory(e.statusHistoryArgs(globalKey))
+
 		statusArgs, err = e.statusArgs(agentKey)
 		if err != nil {
 			return errors.Annotatef(err, "agent status for unit %s", unit.Name())
@@ -504,6 +531,9 @@
 		exUnit.SetAgentStatus(statusArgs)
 		exUnit.SetAgentStatusHistory(e.statusHistoryArgs(agentKey))
 
+		workloadVersionKey := unit.globalWorkloadVersionKey()
+		exUnit.SetWorkloadVersionHistory(e.statusHistoryArgs(workloadVersionKey))
+
 		tools, err := unit.AgentTools()
 		if err != nil {
 			// This means the tools aren't set, but they should be.
@@ -546,17 +576,17 @@
 		})
 		for _, ep := range relation.Endpoints() {
 			exEndPoint := exRelation.AddEndpoint(description.EndpointArgs{
-				ServiceName: ep.ServiceName,
-				Name:        ep.Name,
-				Role:        string(ep.Role),
-				Interface:   ep.Interface,
-				Optional:    ep.Optional,
-				Limit:       ep.Limit,
-				Scope:       string(ep.Scope),
+				ApplicationName: ep.ApplicationName,
+				Name:            ep.Name,
+				Role:            string(ep.Role),
+				Interface:       ep.Interface,
+				Optional:        ep.Optional,
+				Limit:           ep.Limit,
+				Scope:           string(ep.Scope),
 			})
 			// We expect a relationScope and settings for each of the
-			// units of the specified service.
-			units := e.units[ep.ServiceName]
+			// units of the specified application.
+			units := e.units[ep.ApplicationName]
 			for _, unit := range units {
 				ru, err := relation.Unit(unit)
 				if err != nil {
@@ -566,7 +596,7 @@
 				if !relationScopes.Contains(key) {
 					return errors.Errorf("missing relation scope for %s and %s", relation, unit.Name())
 				}
-				settingsDoc, found := e.settings[key]
+				settingsDoc, found := e.modelSettings[key]
 				if !found {
 					return errors.Errorf("missing relation settings for %s and %s", relation, unit.Name())
 				}
@@ -607,8 +637,8 @@
 	e.logger.Debugf("found %d unit docs", len(docs))
 	result := make(map[string][]*Unit)
 	for _, doc := range docs {
-		units := result[doc.Service]
-		result[doc.Service] = append(units, newUnit(e.st, &doc))
+		units := result[doc.Application]
+		result[doc.Application] = append(units, newUnit(e.st, &doc))
 	}
 	return result, nil
 }
@@ -710,10 +740,10 @@
 		return errors.Trace(err)
 	}
 
-	e.settings = make(map[string]settingsDoc)
+	e.modelSettings = make(map[string]settingsDoc)
 	for _, doc := range docs {
 		key := e.st.localID(doc.DocID)
-		e.settings[key] = doc
+		e.modelSettings[key] = doc
 	}
 	return nil
 }
@@ -749,7 +779,10 @@
 	count := 0
 	e.statusHistory = make(map[string][]historicalStatusDoc)
 	var doc historicalStatusDoc
-	iter := statuses.Find(nil).Sort("-updated").Iter()
+	// In tests, sorting by time can leave the results
+	// underconstrained - include document id for deterministic
+	// ordering in those cases.
+	iter := statuses.Find(nil).Sort("-updated", "-_id").Iter()
 	defer iter.Close()
 	for iter.Next(&doc) {
 		history := e.statusHistory[doc.GlobalKey]
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"math/rand"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/core/description"
@@ -59,25 +59,25 @@
 func (s *MigrationSuite) primeStatusHistory(c *gc.C, entity statusSetter, statusVal status.Status, count int) {
 	primeStatusHistory(c, entity, statusVal, count, func(i int) map[string]interface{} {
 		return map[string]interface{}{"index": count - i}
-	})
+	}, 0)
 }
 
-func (s *MigrationSuite) makeServiceWithLeader(c *gc.C, serviceName string, count int, leader int) {
+func (s *MigrationSuite) makeApplicationWithLeader(c *gc.C, applicationname string, count int, leader int) {
 	c.Assert(leader < count, jc.IsTrue)
 	units := make([]*state.Unit, count)
-	service := s.Factory.MakeService(c, &factory.ServiceParams{
-		Name: serviceName,
+	application := s.Factory.MakeApplication(c, &factory.ApplicationParams{
+		Name: applicationname,
 		Charm: s.Factory.MakeCharm(c, &factory.CharmParams{
-			Name: serviceName,
+			Name: applicationname,
 		}),
 	})
 	for i := 0; i < count; i++ {
 		units[i] = s.Factory.MakeUnit(c, &factory.UnitParams{
-			Service: service,
+			Application: application,
 		})
 	}
 	err := s.State.LeadershipClaimer().ClaimLeadership(
-		service.Name(),
+		application.Name(),
 		units[leader].Name(),
 		time.Minute)
 	c.Assert(err, jc.ErrorIsNil)
@@ -108,7 +108,7 @@
 	err = s.State.SetModelConstraints(constraints.MustParse("arch=amd64 mem=8G"))
 	c.Assert(err, jc.ErrorIsNil)
 	machineSeq := s.setRandSequenceValue(c, "machine")
-	fooSeq := s.setRandSequenceValue(c, "service-foo")
+	fooSeq := s.setRandSequenceValue(c, "application-foo")
 	s.State.SwitchBlockOn(state.ChangeBlock, "locked down")
 
 	model, err := s.State.Export()
@@ -118,9 +118,10 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(model.Tag(), gc.Equals, dbModel.ModelTag())
 	c.Assert(model.Owner(), gc.Equals, dbModel.Owner())
-	config, err := dbModel.Config()
+	dbModelCfg, err := dbModel.Config()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(model.Config(), jc.DeepEquals, config.AllAttrs())
+	modelAttrs := dbModelCfg.AllAttrs()
+	c.Assert(model.Config(), jc.DeepEquals, modelAttrs)
 	c.Assert(model.LatestToolsVersion(), gc.Equals, latestTools)
 	c.Assert(model.Annotations(), jc.DeepEquals, testAnnotations)
 	constraints := model.Constraints()
@@ -128,8 +129,8 @@
 	c.Assert(constraints.Architecture(), gc.Equals, "amd64")
 	c.Assert(constraints.Memory(), gc.Equals, 8*gig)
 	c.Assert(model.Sequences(), jc.DeepEquals, map[string]int{
-		"machine":     machineSeq,
-		"service-foo": fooSeq,
+		"machine":         machineSeq,
+		"application-foo": fooSeq,
 		// blocks is added by the switch block on call above.
 		"block": 1,
 	})
@@ -151,7 +152,7 @@
 	bob, err := s.State.AddModelUser(state.ModelUserSpec{
 		User:      bobTag,
 		CreatedBy: s.Owner,
-		Access:    state.ModelReadAccess,
+		Access:    state.ReadAccess,
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	err = state.UpdateModelUserLastConnection(bob, lastConnection)
@@ -172,14 +173,14 @@
 	c.Assert(exportedAdmin.CreatedBy(), gc.Equals, s.Owner)
 	c.Assert(exportedAdmin.DateCreated(), gc.Equals, owner.DateCreated())
 	c.Assert(exportedAdmin.LastConnection(), gc.Equals, lastConnection)
-	c.Assert(exportedAdmin.ReadOnly(), jc.IsFalse)
+	c.Assert(exportedAdmin.IsReadOnly(), jc.IsFalse)
 
 	c.Assert(exportedBob.Name(), gc.Equals, bobTag)
 	c.Assert(exportedBob.DisplayName(), gc.Equals, "")
 	c.Assert(exportedBob.CreatedBy(), gc.Equals, s.Owner)
 	c.Assert(exportedBob.DateCreated(), gc.Equals, bob.DateCreated())
 	c.Assert(exportedBob.LastConnection(), gc.Equals, lastConnection)
-	c.Assert(exportedBob.ReadOnly(), jc.IsTrue)
+	c.Assert(exportedBob.IsReadOnly(), jc.IsTrue)
 }
 
 func (s *MigrationExportSuite) TestMachines(c *gc.C) {
@@ -223,33 +224,33 @@
 	c.Assert(container.Tag(), gc.Equals, nested.MachineTag())
 }
 
-func (s *MigrationExportSuite) TestServices(c *gc.C) {
-	service := s.Factory.MakeService(c, &factory.ServiceParams{
+func (s *MigrationExportSuite) TestApplications(c *gc.C) {
+	application := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Settings: map[string]interface{}{
 			"foo": "bar",
 		},
 		Constraints: constraints.MustParse("arch=amd64 mem=8G"),
 	})
-	err := service.UpdateLeaderSettings(&goodToken{}, map[string]string{
+	err := application.UpdateLeaderSettings(&goodToken{}, map[string]string{
 		"leader": "true",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = service.SetMetricCredentials([]byte("sekrit"))
+	err = application.SetMetricCredentials([]byte("sekrit"))
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.State.SetAnnotations(service, testAnnotations)
+	err = s.State.SetAnnotations(application, testAnnotations)
 	c.Assert(err, jc.ErrorIsNil)
-	s.primeStatusHistory(c, service, status.StatusActive, addedHistoryCount)
+	s.primeStatusHistory(c, application, status.StatusActive, addedHistoryCount)
 
 	model, err := s.State.Export()
 	c.Assert(err, jc.ErrorIsNil)
 
-	services := model.Services()
-	c.Assert(services, gc.HasLen, 1)
+	applications := model.Applications()
+	c.Assert(applications, gc.HasLen, 1)
 
-	exported := services[0]
-	c.Assert(exported.Name(), gc.Equals, service.Name())
-	c.Assert(exported.Tag(), gc.Equals, service.ServiceTag())
-	c.Assert(exported.Series(), gc.Equals, service.Series())
+	exported := applications[0]
+	c.Assert(exported.Name(), gc.Equals, application.Name())
+	c.Assert(exported.Tag(), gc.Equals, application.ApplicationTag())
+	c.Assert(exported.Series(), gc.Equals, application.Series())
 	c.Assert(exported.Annotations(), jc.DeepEquals, testAnnotations)
 
 	c.Assert(exported.Settings(), jc.DeepEquals, map[string]interface{}{
@@ -271,16 +272,16 @@
 	s.checkStatusHistory(c, history[:addedHistoryCount], status.StatusActive)
 }
 
-func (s *MigrationExportSuite) TestMultipleServices(c *gc.C) {
-	s.Factory.MakeService(c, &factory.ServiceParams{Name: "first"})
-	s.Factory.MakeService(c, &factory.ServiceParams{Name: "second"})
-	s.Factory.MakeService(c, &factory.ServiceParams{Name: "third"})
+func (s *MigrationExportSuite) TestMultipleApplications(c *gc.C) {
+	s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "first"})
+	s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "second"})
+	s.Factory.MakeApplication(c, &factory.ApplicationParams{Name: "third"})
 
 	model, err := s.State.Export()
 	c.Assert(err, jc.ErrorIsNil)
 
-	services := model.Services()
-	c.Assert(services, gc.HasLen, 3)
+	applications := model.Applications()
+	c.Assert(applications, gc.HasLen, 3)
 }
 
 func (s *MigrationExportSuite) TestUnits(c *gc.C) {
@@ -289,6 +290,10 @@
 	})
 	err := unit.SetMeterStatus("GREEN", "some info")
 	c.Assert(err, jc.ErrorIsNil)
+	for _, version := range []string{"garnet", "amethyst", "pearl", "steven"} {
+		err = unit.SetWorkloadVersion(version)
+		c.Assert(err, jc.ErrorIsNil)
+	}
 	err = s.State.SetAnnotations(unit, testAnnotations)
 	c.Assert(err, jc.ErrorIsNil)
 	s.primeStatusHistory(c, unit, status.StatusActive, addedHistoryCount)
@@ -297,11 +302,11 @@
 	model, err := s.State.Export()
 	c.Assert(err, jc.ErrorIsNil)
 
-	services := model.Services()
-	c.Assert(services, gc.HasLen, 1)
+	applications := model.Applications()
+	c.Assert(applications, gc.HasLen, 1)
 
-	service := services[0]
-	units := service.Units()
+	application := applications[0]
+	units := application.Units()
 	c.Assert(units, gc.HasLen, 1)
 
 	exported := units[0]
@@ -311,6 +316,7 @@
 	c.Assert(exported.Validate(), jc.ErrorIsNil)
 	c.Assert(exported.MeterStatusCode(), gc.Equals, "GREEN")
 	c.Assert(exported.MeterStatusInfo(), gc.Equals, "some info")
+	c.Assert(exported.WorkloadVersion(), gc.Equals, "steven")
 	c.Assert(exported.Annotations(), jc.DeepEquals, testAnnotations)
 	constraints := exported.Constraints()
 	c.Assert(constraints, gc.NotNil)
@@ -324,18 +330,28 @@
 	agentHistory := exported.AgentStatusHistory()
 	c.Assert(agentHistory, gc.HasLen, expectedHistoryCount)
 	s.checkStatusHistory(c, agentHistory[:addedHistoryCount], status.StatusIdle)
+
+	versionHistory := exported.WorkloadVersionHistory()
+	// There are extra entries at the start that we don't care about.
+	c.Assert(len(versionHistory) >= 4, jc.IsTrue)
+	versions := make([]string, 4)
+	for i, status := range versionHistory[:4] {
+		versions[i] = status.Message()
+	}
+	// The exporter reads history in reverse time order.
+	c.Assert(versions, gc.DeepEquals, []string{"steven", "pearl", "amethyst", "garnet"})
 }
 
 func (s *MigrationExportSuite) TestServiceLeadership(c *gc.C) {
-	s.makeServiceWithLeader(c, "mysql", 2, 1)
-	s.makeServiceWithLeader(c, "wordpress", 4, 2)
+	s.makeApplicationWithLeader(c, "mysql", 2, 1)
+	s.makeApplicationWithLeader(c, "wordpress", 4, 2)
 
 	model, err := s.State.Export()
 	c.Assert(err, jc.ErrorIsNil)
 
 	leaders := make(map[string]string)
-	for _, service := range model.Services() {
-		leaders[service.Name()] = service.Leader()
+	for _, application := range model.Applications() {
+		leaders[application.Name()] = application.Leader()
 	}
 	c.Assert(leaders, jc.DeepEquals, map[string]string{
 		"mysql":     "mysql/1",
@@ -365,18 +381,16 @@
 }
 
 func (s *MigrationExportSuite) TestRelations(c *gc.C) {
-	// Need to remove owner from service.
-	ignored := s.Owner
-	wordpress := state.AddTestingService(c, s.State, "wordpress", state.AddTestingCharm(c, s.State, "wordpress"), ignored)
-	mysql := state.AddTestingService(c, s.State, "mysql", state.AddTestingCharm(c, s.State, "mysql"), ignored)
+	wordpress := state.AddTestingService(c, s.State, "wordpress", state.AddTestingCharm(c, s.State, "wordpress"))
+	mysql := state.AddTestingService(c, s.State, "mysql", state.AddTestingCharm(c, s.State, "mysql"))
 	// InferEndpoints will always return provider, requirer
 	eps, err := s.State.InferEndpoints("mysql", "wordpress")
 	c.Assert(err, jc.ErrorIsNil)
 	rel, err := s.State.AddRelation(eps...)
 	msEp, wpEp := eps[0], eps[1]
 	c.Assert(err, jc.ErrorIsNil)
-	wordpress_0 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: wordpress})
-	mysql_0 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: mysql})
+	wordpress_0 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: wordpress})
+	mysql_0 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: mysql})
 
 	ru, err := rel.Unit(wordpress_0)
 	c.Assert(err, jc.ErrorIsNil)
@@ -414,7 +428,7 @@
 		settings map[string]interface{},
 	) {
 		c.Logf("%#v", exEndpoint)
-		c.Check(exEndpoint.ServiceName(), gc.Equals, ep.ServiceName)
+		c.Check(exEndpoint.ApplicationName(), gc.Equals, ep.ApplicationName)
 		c.Check(exEndpoint.Name(), gc.Equals, ep.Name)
 		c.Check(exEndpoint.UnitCount(), gc.Equals, 1)
 		c.Check(exEndpoint.Settings(unitName), jc.DeepEquals, settings)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_import.go juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_import.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_import.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_import.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,6 +49,8 @@
 		return nil, nil, errors.Trace(err)
 	}
 	dbModel, newSt, err := st.NewModel(ModelArgs{
+		CloudName:     model.Cloud(),
+		CloudRegion:   model.CloudRegion(),
 		Config:        cfg,
 		Owner:         model.Owner(),
 		MigrationMode: MigrationModeImporting,
@@ -88,8 +90,8 @@
 	if err := restore.machines(); err != nil {
 		return nil, nil, errors.Annotate(err, "machines")
 	}
-	if err := restore.services(); err != nil {
-		return nil, nil, errors.Annotate(err, "services")
+	if err := restore.applications(); err != nil {
+		return nil, nil, errors.Annotate(err, "applications")
 	}
 	if err := restore.relations(); err != nil {
 		return nil, nil, errors.Annotate(err, "relations")
@@ -111,9 +113,9 @@
 	dbModel *Model
 	model   description.Model
 	logger  loggo.Logger
-	// serviceUnits is populated at the end of loading the services, and is a
-	// map of service name to units of that service.
-	serviceUnits map[string][]*Unit
+	// applicationUnits is populated at the end of loading the applications, and is a
+	// map of application name to units of that application.
+	applicationUnits map[string][]*Unit
 }
 
 func (i *importer) modelExtras() error {
@@ -186,17 +188,23 @@
 	modelUUID := i.dbModel.UUID()
 	var ops []txn.Op
 	for _, user := range users {
-		access := ModelAdminAccess
-		if user.ReadOnly() {
-			access = ModelReadAccess
+		var access Access
+		switch {
+		case user.IsReadOnly():
+			access = ReadAccess
+		case user.IsReadWrite():
+			access = WriteAccess
+		default:
+			access = AdminAccess
 		}
-		ops = append(ops, createModelUserOp(
+		ops = append(ops, createModelUserOps(
 			modelUUID,
 			user.Name(),
 			user.CreatedBy(),
 			user.DisplayName(),
 			user.DateCreated(),
-			access))
+			access)...,
+		)
 	}
 	if err := i.st.runTransaction(ops); err != nil {
 		return errors.Trace(err)
@@ -432,8 +440,6 @@
 			result = append(result, JobHostUnits)
 		case "api-server":
 			result = append(result, JobManageModel)
-		case "manage-networking":
-			result = append(result, JobManageNetworking)
 		default:
 			return nil, errors.Errorf("unknown machine job: %q", job)
 		}
@@ -473,11 +479,11 @@
 	return result
 }
 
-func (i *importer) services() error {
-	i.logger.Debugf("importing services")
-	for _, s := range i.model.Services() {
-		if err := i.service(s); err != nil {
-			i.logger.Errorf("error importing service %s: %s", s.Name(), err)
+func (i *importer) applications() error {
+	i.logger.Debugf("importing applications")
+	for _, s := range i.model.Applications() {
+		if err := i.application(s); err != nil {
+			i.logger.Errorf("error importing application %s: %s", s.Name(), err)
 			return errors.Annotate(err, s.Name())
 		}
 	}
@@ -485,7 +491,7 @@
 	if err := i.loadUnits(); err != nil {
 		return errors.Annotate(err, "loading new units from db")
 	}
-	i.logger.Debugf("importing services succeeded")
+	i.logger.Debugf("importing applications succeeded")
 	return nil
 }
 
@@ -501,10 +507,10 @@
 
 	result := make(map[string][]*Unit)
 	for _, doc := range docs {
-		units := result[doc.Service]
-		result[doc.Service] = append(units, newUnit(i.st, &doc))
+		units := result[doc.Application]
+		result[doc.Application] = append(units, newUnit(i.st, &doc))
 	}
-	i.serviceUnits = result
+	i.applicationUnits = result
 	return nil
 
 }
@@ -519,12 +525,12 @@
 	}
 }
 
-func (i *importer) service(s description.Service) error {
-	// Import this service, then soon, its units.
-	i.logger.Debugf("importing service %s", s.Name())
+func (i *importer) application(s description.Application) error {
+	// Import this application, then soon, its units.
+	i.logger.Debugf("importing application %s", s.Name())
 
-	// 1. construct a serviceDoc
-	sdoc, err := i.makeServiceDoc(s)
+	// 1. construct an applicationDoc
+	sdoc, err := i.makeApplicationDoc(s)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -537,10 +543,10 @@
 	statusDoc := i.makeStatusDoc(status)
 	// TODO: update never set malarky... maybe...
 
-	ops := addServiceOps(i.st, addServiceOpsArgs{
-		serviceDoc:  sdoc,
-		statusDoc:   statusDoc,
-		constraints: i.constraints(s.Constraints()),
+	ops := addApplicationOps(i.st, addApplicationOpsArgs{
+		applicationDoc: sdoc,
+		statusDoc:      statusDoc,
+		constraints:    i.constraints(s.Constraints()),
 		// storage          TODO,
 		settings:           s.Settings(),
 		settingsRefCount:   s.SettingsRefCount(),
@@ -551,7 +557,7 @@
 		return errors.Trace(err)
 	}
 
-	svc := newService(i.st, sdoc)
+	svc := newApplication(i.st, sdoc)
 	if annotations := s.Annotations(); len(annotations) > 0 {
 		if err := i.st.SetAnnotations(svc, annotations); err != nil {
 			return errors.Trace(err)
@@ -579,7 +585,7 @@
 	return nil
 }
 
-func (i *importer) unit(s description.Service, u description.Unit) error {
+func (i *importer) unit(s description.Application, u description.Unit) error {
 	i.logger.Debugf("importing unit %s", u.Name())
 
 	// 1. construct a unitDoc
@@ -601,10 +607,21 @@
 	}
 	workloadStatusDoc := i.makeStatusDoc(workloadStatus)
 
+	workloadVersion := u.WorkloadVersion()
+	versionStatus := status.StatusActive
+	if workloadVersion == "" {
+		versionStatus = status.StatusUnknown
+	}
+	workloadVersionDoc := statusDoc{
+		Status:     versionStatus,
+		StatusInfo: workloadVersion,
+	}
+
 	ops := addUnitOps(i.st, addUnitOpsArgs{
-		unitDoc:           udoc,
-		agentStatusDoc:    agentStatusDoc,
-		workloadStatusDoc: workloadStatusDoc,
+		unitDoc:            udoc,
+		agentStatusDoc:     agentStatusDoc,
+		workloadStatusDoc:  workloadStatusDoc,
+		workloadVersionDoc: workloadVersionDoc,
 		meterStatusDoc: &meterStatusDoc{
 			Code: u.MeterStatusCode(),
 			Info: u.MeterStatusInfo(),
@@ -645,17 +662,20 @@
 	if err := i.importStatusHistory(unit.globalAgentKey(), u.AgentStatusHistory()); err != nil {
 		return errors.Trace(err)
 	}
+	if err := i.importStatusHistory(unit.globalWorkloadVersionKey(), u.WorkloadVersionHistory()); err != nil {
+		return errors.Trace(err)
+	}
 
 	return nil
 }
 
-func (i *importer) makeServiceDoc(s description.Service) (*serviceDoc, error) {
+func (i *importer) makeApplicationDoc(s description.Application) (*applicationDoc, error) {
 	charmUrl, err := charm.ParseURL(s.CharmURL())
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 
-	return &serviceDoc{
+	return &applicationDoc{
 		Name:                 s.Name(),
 		Series:               s.Series(),
 		Subordinate:          s.Subordinate(),
@@ -672,12 +692,12 @@
 	}, nil
 }
 
-func (i *importer) relationCount(service string) int {
+func (i *importer) relationCount(application string) int {
 	count := 0
 
 	for _, rel := range i.model.Relations() {
 		for _, ep := range rel.Endpoints() {
-			if ep.ServiceName() == service {
+			if ep.ApplicationName() == application {
 				count++
 			}
 		}
@@ -686,11 +706,11 @@
 	return count
 }
 
-func (i *importer) makeUnitDoc(s description.Service, u description.Unit) (*unitDoc, error) {
+func (i *importer) makeUnitDoc(s description.Application, u description.Unit) (*unitDoc, error) {
 	// NOTE: if we want to support units having different charms deployed
-	// than the service recomments and migrate that, then we should serialize
-	// the charm url for each unit rather than grabbing the services charm url.
-	// Currently the units charm url matching the service is a precondiation
+	// than the application recomments and migrate that, then we should serialize
+	// the charm url for each unit rather than grabbing the applications charm url.
+	// Currently the units charm url matching the application is a precondiation
 	// to migration.
 	charmUrl, err := charm.ParseURL(s.CharmURL())
 	if err != nil {
@@ -706,7 +726,7 @@
 
 	return &unitDoc{
 		Name:         u.Name(),
-		Service:      s.Name(),
+		Application:  s.Name(),
 		Series:       s.Series(),
 		CharmURL:     charmUrl,
 		Principal:    u.Principal().Id(),
@@ -745,10 +765,10 @@
 
 	dbRelation := newRelation(i.st, relationDoc)
 	// Add an op that adds the relation scope document for each
-	// unit of the service, and an op that adds the relation settings
+	// unit of the application, and an op that adds the relation settings
 	// for each unit.
 	for _, endpoint := range rel.Endpoints() {
-		units := i.serviceUnits[endpoint.ServiceName()]
+		units := i.applicationUnits[endpoint.ApplicationName()]
 		for _, unit := range units {
 			ru, err := dbRelation.Unit(unit)
 			if err != nil {
@@ -763,7 +783,7 @@
 					Key: ruKey,
 				},
 			},
-				createSettingsOp(ruKey, endpoint.Settings(unit.Name())),
+				createSettingsOp(settingsC, ruKey, endpoint.Settings(unit.Name())),
 			)
 		}
 	}
@@ -785,7 +805,7 @@
 	}
 	for i, ep := range endpoints {
 		doc.Endpoints[i] = Endpoint{
-			ServiceName: ep.ServiceName(),
+			ApplicationName: ep.ApplicationName(),
 			Relation: charm.Relation{
 				Name:      ep.Name(),
 				Role:      charm.RelationRole(ep.Role()),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_import_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_import_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_import_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_import_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/core/description"
@@ -28,9 +28,9 @@
 var _ = gc.Suite(&MigrationImportSuite{})
 
 func (s *MigrationImportSuite) checkStatusHistory(c *gc.C, exported, imported status.StatusHistoryGetter, size int) {
-	exportedHistory, err := exported.StatusHistory(size)
+	exportedHistory, err := exported.StatusHistory(status.StatusHistoryFilter{Size: size})
 	c.Assert(err, jc.ErrorIsNil)
-	importedHistory, err := imported.StatusHistory(size)
+	importedHistory, err := imported.StatusHistory(status.StatusHistoryFilter{Size: size})
 	c.Assert(err, jc.ErrorIsNil)
 	for i := 0; i < size; i++ {
 		c.Check(importedHistory[i].Status, gc.Equals, exportedHistory[i].Status)
@@ -72,7 +72,7 @@
 	s.setLatestTools(c, latestTools)
 	c.Assert(s.State.SetModelConstraints(cons), jc.ErrorIsNil)
 	machineSeq := s.setRandSequenceValue(c, "machine")
-	fooSeq := s.setRandSequenceValue(c, "service-foo")
+	fooSeq := s.setRandSequenceValue(c, "application-foo")
 	s.State.SwitchBlockOn(state.ChangeBlock, "locked down")
 
 	original, err := s.State.Model()
@@ -122,7 +122,7 @@
 	seq, err := state.Sequence(newSt, "machine")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(seq, gc.Equals, machineSeq)
-	seq, err = state.Sequence(newSt, "service-foo")
+	seq, err = state.Sequence(newSt, "application-foo")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(seq, gc.Equals, fooSeq)
 
@@ -134,9 +134,9 @@
 }
 
 func (s *MigrationImportSuite) newModelUser(c *gc.C, name string, readOnly bool, lastConnection time.Time) *state.ModelUser {
-	access := state.ModelAdminAccess
+	access := state.AdminAccess
 	if readOnly {
-		access = state.ModelReadAccess
+		access = state.ReadAccess
 	}
 	user, err := s.State.AddModelUser(state.ModelUserSpec{
 		User:      names.NewUserTag(name),
@@ -156,7 +156,7 @@
 	c.Assert(newUser.DisplayName(), gc.Equals, oldUser.DisplayName())
 	c.Assert(newUser.CreatedBy(), gc.Equals, oldUser.CreatedBy())
 	c.Assert(newUser.DateCreated(), gc.Equals, oldUser.DateCreated())
-	c.Assert(newUser.ReadOnly(), gc.Equals, oldUser.ReadOnly())
+	c.Assert(newUser.IsReadOnly(), gc.Equals, newUser.IsReadOnly())
 
 	connTime, err := oldUser.LastConnection()
 	if state.IsNeverConnectedError(err) {
@@ -270,10 +270,10 @@
 	c.Assert(newCons.String(), gc.Equals, cons.String())
 }
 
-func (s *MigrationImportSuite) TestServices(c *gc.C) {
+func (s *MigrationImportSuite) TestApplications(c *gc.C) {
 	// Add a service with both settings and leadership settings.
 	cons := constraints.MustParse("arch=amd64 mem=8G")
-	service := s.Factory.MakeService(c, &factory.ServiceParams{
+	service := s.Factory.MakeApplication(c, &factory.ApplicationParams{
 		Settings: map[string]interface{}{
 			"foo": "bar",
 		},
@@ -291,21 +291,21 @@
 	c.Assert(err, jc.ErrorIsNil)
 	s.primeStatusHistory(c, service, status.StatusActive, 5)
 
-	allServices, err := s.State.AllServices()
+	allServices, err := s.State.AllApplications()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(allServices, gc.HasLen, 1)
 
 	_, newSt := s.importModel(c)
 	defer newSt.Close()
 
-	importedServices, err := newSt.AllServices()
+	importedServices, err := newSt.AllApplications()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(importedServices, gc.HasLen, 1)
 
 	exported := allServices[0]
 	imported := importedServices[0]
 
-	c.Assert(imported.ServiceTag(), gc.Equals, exported.ServiceTag())
+	c.Assert(imported.ApplicationTag(), gc.Equals, exported.ApplicationTag())
 	c.Assert(imported.Series(), gc.Equals, exported.Series())
 	c.Assert(imported.IsExposed(), gc.Equals, exported.IsExposed())
 	c.Assert(imported.MetricCredentials(), jc.DeepEquals, exported.MetricCredentials())
@@ -331,15 +331,17 @@
 	c.Assert(newCons.String(), gc.Equals, cons.String())
 }
 
-func (s *MigrationImportSuite) TestServiceLeaders(c *gc.C) {
-	s.makeServiceWithLeader(c, "mysql", 2, 1)
-	s.makeServiceWithLeader(c, "wordpress", 4, 2)
+func (s *MigrationImportSuite) TestApplicationLeaders(c *gc.C) {
+	s.makeApplicationWithLeader(c, "mysql", 2, 1)
+	s.makeApplicationWithLeader(c, "wordpress", 4, 2)
 
 	_, newSt := s.importModel(c)
 	defer newSt.Close()
 
 	leaders := make(map[string]string)
-	for key, value := range state.LeadershipLeases(newSt) {
+	leases, err := state.LeadershipLeases(newSt)
+	c.Assert(err, jc.ErrorIsNil)
+	for key, value := range leases {
 		leaders[key] = value.Holder
 	}
 	c.Assert(leaders, jc.DeepEquals, map[string]string{
@@ -355,6 +357,8 @@
 	})
 	err := exported.SetMeterStatus("GREEN", "some info")
 	c.Assert(err, jc.ErrorIsNil)
+	err = exported.SetWorkloadVersion("amethyst")
+	c.Assert(err, jc.ErrorIsNil)
 	err = s.State.SetAnnotations(exported, testAnnotations)
 	c.Assert(err, jc.ErrorIsNil)
 	s.primeStatusHistory(c, exported, status.StatusActive, 5)
@@ -363,7 +367,7 @@
 	_, newSt := s.importModel(c)
 	defer newSt.Close()
 
-	importedServices, err := newSt.AllServices()
+	importedServices, err := newSt.AllApplications()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(importedServices, gc.HasLen, 1)
 
@@ -374,6 +378,9 @@
 
 	c.Assert(imported.UnitTag(), gc.Equals, exported.UnitTag())
 	c.Assert(imported.PasswordValid(pwd), jc.IsTrue)
+	version, err := imported.WorkloadVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(version, gc.Equals, "amethyst")
 
 	exportedMachineId, err := exported.AssignedMachineId()
 	c.Assert(err, jc.ErrorIsNil)
@@ -394,6 +401,7 @@
 	s.assertAnnotations(c, newSt, imported)
 	s.checkStatusHistory(c, exported, imported, 5)
 	s.checkStatusHistory(c, exported.Agent(), imported.Agent(), 5)
+	s.checkStatusHistory(c, exported.WorkloadVersionHistory(), imported.WorkloadVersionHistory(), 1)
 
 	newCons, err := imported.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -402,15 +410,13 @@
 }
 
 func (s *MigrationImportSuite) TestRelations(c *gc.C) {
-	// Need to remove owner from service.
-	ignored := s.Owner
-	wordpress := state.AddTestingService(c, s.State, "wordpress", state.AddTestingCharm(c, s.State, "wordpress"), ignored)
-	state.AddTestingService(c, s.State, "mysql", state.AddTestingCharm(c, s.State, "mysql"), ignored)
+	wordpress := state.AddTestingService(c, s.State, "wordpress", state.AddTestingCharm(c, s.State, "wordpress"))
+	state.AddTestingService(c, s.State, "mysql", state.AddTestingCharm(c, s.State, "mysql"))
 	eps, err := s.State.InferEndpoints("mysql", "wordpress")
 	c.Assert(err, jc.ErrorIsNil)
 	rel, err := s.State.AddRelation(eps...)
 	c.Assert(err, jc.ErrorIsNil)
-	wordpress_0 := s.Factory.MakeUnit(c, &factory.UnitParams{Service: wordpress})
+	wordpress_0 := s.Factory.MakeUnit(c, &factory.UnitParams{Application: wordpress})
 
 	ru, err := rel.Unit(wordpress_0)
 	c.Assert(err, jc.ErrorIsNil)
@@ -423,7 +429,7 @@
 	_, newSt := s.importModel(c)
 	defer newSt.Close()
 
-	newWordpress, err := newSt.Service("wordpress")
+	newWordpress, err := newSt.Application("wordpress")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(state.RelationCount(newWordpress), gc.Equals, 1)
 	rels, err := newWordpress.Relations()
@@ -478,7 +484,7 @@
 }
 
 func (s *MigrationImportSuite) TestDestroyModelWithService(c *gc.C) {
-	s.Factory.MakeService(c, nil)
+	s.Factory.MakeApplication(c, nil)
 	newModel, newSt := s.importModel(c)
 	defer newSt.Close()
 	s.assertDestroyModelAdvancesLife(c, newModel, state.Dying)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/migration_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/migration_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,6 +23,7 @@
 		modelsC,
 		modelUsersC,
 		modelUserLastConnectionC,
+		permissionsC,
 		settingsC,
 		sequenceC,
 		statusesC,
@@ -35,11 +36,11 @@
 
 		// service / unit
 		leasesC,
-		servicesC,
+		applicationsC,
 		unitsC,
 		meterStatusC, // red / green status for metrics of units
 
-		// settings reference counts are only used for services
+		// settings reference counts are only used for applications
 		settingsrefsC,
 
 		// relation
@@ -52,6 +53,12 @@
 		cleanupsC,
 		// We don't export the controller model at this stage.
 		controllersC,
+		// Clouds aren't migrated. They must exist in the
+		// target controller already.
+		cloudsC,
+		// Cloud credentials aren't migrated. They must exist in the
+		// target controller already.
+		cloudCredentialsC,
 		// This is controller global, and related to the system state of the
 		// embedded GUI.
 		guimetadataC,
@@ -64,8 +71,6 @@
 		usermodelnameC,
 		// Metrics aren't migrated.
 		metricsC,
-		// leaseC is deprecated in favour of leasesC.
-		leaseC,
 		// Backup and restore information is not migrated.
 		restoreInfoC,
 		// upgradeInfoC is used to coordinate upgrades and schema migrations,
@@ -105,10 +110,6 @@
 		// separately.
 		modelEntityRefsC,
 
-		// This has been deprecated in 2.0, and should not contain any data
-		// we actually care about migrating.
-		legacyipaddressesC,
-
 		// The SSH host keys for each machine will be reported as each
 		// machine agent starts up.
 		sshHostKeysC,
@@ -116,6 +117,10 @@
 
 	// THIS SET WILL BE REMOVED WHEN MIGRATIONS ARE COMPLETE
 	todoCollections := set.NewStrings(
+		// model configuration
+		modelSettingsSourcesC,
+		globalSettingsC,
+
 		// model
 		cloudimagemetadataC,
 
@@ -140,6 +145,7 @@
 
 		// network
 		ipAddressesC,
+		providerIDsC,
 		linkLayerDevicesC,
 		linkLayerDevicesRefsC,
 		subnetsC,
@@ -152,6 +158,7 @@
 
 		// uncategorised
 		metricsManagerC, // should really be copied across
+		auditingC,
 	)
 
 	envCollections := set.NewStrings()
@@ -182,6 +189,9 @@
 
 		"MigrationMode",
 		"Owner",
+		"Cloud",
+		"CloudRegion",
+		"CloudCredential",
 		"LatestAvailableTools",
 	)
 	s.AssertExportedFields(c, modelDoc{}, fields)
@@ -199,11 +209,20 @@
 		"DisplayName",
 		"CreatedBy",
 		"DateCreated",
-		"Access",
 	)
 	s.AssertExportedFields(c, modelUserDoc{}, fields)
 }
 
+func (s *MigrationSuite) TestPermissionDocFields(c *gc.C) {
+	fields := set.NewStrings(
+		"ID",
+		"ObjectGlobalKey",
+		"SubjectGlobalKey",
+		"Access",
+	)
+	s.AssertExportedFields(c, permissionDoc{}, fields)
+}
+
 func (s *MigrationSuite) TestEnvUserLastConnectionDocFields(c *gc.C) {
 	fields := set.NewStrings(
 		// ID is the same as UserName (but lowercased)
@@ -290,13 +309,11 @@
 		"ModelUUID",
 		// Always alive, not explicitly exported.
 		"Life",
-		// OwnerTag is deprecated and should be deleted.
-		"OwnerTag",
 		// TxnRevno is mgo internals and should not be migrated.
 		"TxnRevno",
 		// UnitCount is handled by the number of units for the exported service.
 		"UnitCount",
-		// RelationCount is handled by the number of times the service name
+		// RelationCount is handled by the number of times the application name
 		// appears in relation endpoints.
 		"RelationCount",
 	)
@@ -312,7 +329,7 @@
 		"MinUnits",
 		"MetricCredentials",
 	)
-	s.AssertExportedFields(c, serviceDoc{}, migrated.Union(ignored))
+	s.AssertExportedFields(c, applicationDoc{}, migrated.Union(ignored))
 }
 
 func (s *MigrationSuite) TestSettingsRefsDocFields(c *gc.C) {
@@ -334,8 +351,8 @@
 		// ModelUUID shouldn't be exported, and is inherited
 		// from the model definition.
 		"ModelUUID",
-		// Service is implicit in the migration structure through containment.
-		"Service",
+		// Application is implicit in the migration structure through containment.
+		"Application",
 		// Series, CharmURL, and Channel also come from the service.
 		"Series",
 		"CharmURL",
@@ -350,10 +367,6 @@
 		// TxnRevno isn't migrated.
 		"TxnRevno",
 		"PasswordHash",
-		// Obsolete and not migrated.
-		"Ports",
-		"PublicAddress",
-		"PrivateAddress",
 	)
 	todo := set.NewStrings(
 		"StorageAttachmentCount",
@@ -410,7 +423,7 @@
 	)
 	s.AssertExportedFields(c, relationDoc{}, fields)
 	// We also need to check the Endpoint and nested charm.Relation field.
-	endpointFields := set.NewStrings("ServiceName", "Relation")
+	endpointFields := set.NewStrings("ApplicationName", "Relation")
 	s.AssertExportedFields(c, Endpoint{}, endpointFields)
 	charmRelationFields := set.NewStrings(
 		"Name",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/minimumunits.go juju-core-2.0~beta12/src/github.com/juju/juju/state/minimumunits.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/minimumunits.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/minimumunits.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,27 +11,27 @@
 )
 
 // minUnitsDoc keeps track of relevant changes on the service's MinUnits field
-// and on the number of alive units for the service.
+// and on the number of alive units for the application.
 // A new document is created when MinUnits is set to a non zero value.
 // A document is deleted when either the associated service is destroyed
 // or MinUnits is restored to zero. The Revno is increased when either MinUnits
 // for a service is increased or a unit is destroyed.
 // TODO(frankban): the MinUnitsWatcher reacts to changes by sending events,
 // each one describing one or more services. A worker reacts to those events
-// ensuring the number of units for the service is never less than the actual
+// ensuring the number of units for the application is never less than the actual
 // alive units: new units are added if required.
 type minUnitsDoc struct {
-	// ServiceName is safe to be used here in place of its globalKey, since
+	// ApplicationName is safe to be used here in place of its globalKey, since
 	// the referred entity type is always the Service.
-	DocID       string `bson:"_id"`
-	ServiceName string
-	ModelUUID   string `bson:"model-uuid"`
-	Revno       int
+	DocID           string `bson:"_id"`
+	ApplicationName string
+	ModelUUID       string `bson:"model-uuid"`
+	Revno           int
 }
 
 // SetMinUnits changes the number of minimum units required by the service.
-func (s *Service) SetMinUnits(minUnits int) (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot set minimum units for service %q", s)
+func (s *Application) SetMinUnits(minUnits int) (err error) {
+	defer errors.DeferredAnnotatef(&err, "cannot set minimum units for application %q", s)
 	defer func() {
 		if err == nil {
 			s.doc.MinUnits = minUnits
@@ -40,7 +40,7 @@
 	if minUnits < 0 {
 		return errors.New("cannot set a negative minimum number of units")
 	}
-	service := &Service{st: s.st, doc: s.doc}
+	service := &Application{st: s.st, doc: s.doc}
 	// Removing the document never fails. Racing clients trying to create the
 	// document generate one failure, but the second attempt should succeed.
 	// If one client tries to update the document, and a racing client removes
@@ -54,7 +54,7 @@
 			}
 		}
 		if service.doc.Life != Alive {
-			return nil, errors.New("service is no longer alive")
+			return nil, errors.New("application is no longer alive")
 		}
 		if minUnits == service.doc.MinUnits {
 			return nil, jujutxn.ErrNoOperations
@@ -66,31 +66,31 @@
 
 // setMinUnitsOps returns the operations required to set MinUnits on the
 // service and to create/update/remove the minUnits document in MongoDB.
-func setMinUnitsOps(service *Service, minUnits int) []txn.Op {
+func setMinUnitsOps(service *Application, minUnits int) []txn.Op {
 	state := service.st
-	serviceName := service.Name()
+	applicationname := service.Name()
 	ops := []txn.Op{{
-		C:      servicesC,
-		Id:     state.docID(serviceName),
+		C:      applicationsC,
+		Id:     state.docID(applicationname),
 		Assert: isAliveDoc,
 		Update: bson.D{{"$set", bson.D{{"minunits", minUnits}}}},
 	}}
 	if service.doc.MinUnits == 0 {
 		return append(ops, txn.Op{
 			C:      minUnitsC,
-			Id:     state.docID(serviceName),
+			Id:     state.docID(applicationname),
 			Assert: txn.DocMissing,
 			Insert: &minUnitsDoc{
-				ServiceName: serviceName,
-				ModelUUID:   service.st.ModelUUID(),
+				ApplicationName: applicationname,
+				ModelUUID:       service.st.ModelUUID(),
 			},
 		})
 	}
 	if minUnits == 0 {
-		return append(ops, minUnitsRemoveOp(state, serviceName))
+		return append(ops, minUnitsRemoveOp(state, applicationname))
 	}
 	if minUnits > service.doc.MinUnits {
-		op := minUnitsTriggerOp(state, serviceName)
+		op := minUnitsTriggerOp(state, applicationname)
 		op.Assert = txn.DocExists
 		return append(ops, op)
 	}
@@ -98,49 +98,49 @@
 }
 
 // minUnitsTriggerOp returns the operation required to increase the minimum
-// units revno for the service in MongoDB, ignoring the case of document not
+// units revno for the application in MongoDB, ignoring the case of document not
 // existing. This is included in the operations performed when a unit is
 // destroyed: if the document exists, then we need to update the Revno.
 // If the service does not require a minimum number of units, then the
 // operation is a noop.
-func minUnitsTriggerOp(st *State, serviceName string) txn.Op {
+func minUnitsTriggerOp(st *State, applicationname string) txn.Op {
 	return txn.Op{
 		C:      minUnitsC,
-		Id:     st.docID(serviceName),
+		Id:     st.docID(applicationname),
 		Update: bson.D{{"$inc", bson.D{{"revno", 1}}}},
 	}
 }
 
 // minUnitsRemoveOp returns the operation required to remove the minimum
 // units document from MongoDB.
-func minUnitsRemoveOp(st *State, serviceName string) txn.Op {
+func minUnitsRemoveOp(st *State, applicationname string) txn.Op {
 	return txn.Op{
 		C:      minUnitsC,
-		Id:     st.docID(serviceName),
+		Id:     st.docID(applicationname),
 		Remove: true,
 	}
 }
 
-// MinUnits returns the minimum units count for the service.
-func (s *Service) MinUnits() int {
+// MinUnits returns the minimum units count for the application.
+func (s *Application) MinUnits() int {
 	return s.doc.MinUnits
 }
 
 // EnsureMinUnits adds new units if the service's MinUnits value is greater
 // than the number of alive units.
-func (s *Service) EnsureMinUnits() (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot ensure minimum units for service %q", s)
-	service := &Service{st: s.st, doc: s.doc}
+func (s *Application) EnsureMinUnits() (err error) {
+	defer errors.DeferredAnnotatef(&err, "cannot ensure minimum units for application %q", s)
+	service := &Application{st: s.st, doc: s.doc}
 	for {
 		// Ensure the service is alive.
 		if service.doc.Life != Alive {
-			return errors.New("service is not alive")
+			return errors.New("application is not alive")
 		}
-		// Exit without errors if the MinUnits for the service is not set.
+		// Exit without errors if the MinUnits for the application is not set.
 		if service.doc.MinUnits == 0 {
 			return nil
 		}
-		// Retrieve the number of alive units for the service.
+		// Retrieve the number of alive units for the application.
 		aliveUnits, err := aliveUnitsCount(service)
 		if err != nil {
 			return err
@@ -181,19 +181,19 @@
 	}
 }
 
-// aliveUnitsCount returns the number a alive units for the service.
-func aliveUnitsCount(service *Service) (int, error) {
+// aliveUnitsCount returns the number a alive units for the application.
+func aliveUnitsCount(service *Application) (int, error) {
 	units, closer := service.st.getCollection(unitsC)
 	defer closer()
 
-	query := bson.D{{"service", service.doc.Name}, {"life", Alive}}
+	query := bson.D{{"application", service.doc.Name}, {"life", Alive}}
 	return units.Find(query).Count()
 }
 
 // ensureMinUnitsOps returns the operations required to add a unit for the
 // service in MongoDB and the name for the new unit. The resulting transaction
 // will be aborted if the service document changes when running the operations.
-func ensureMinUnitsOps(service *Service) (string, []txn.Op, error) {
+func ensureMinUnitsOps(service *Application) (string, []txn.Op, error) {
 	asserts := bson.D{{"txn-revno", service.doc.TxnRevno}}
 	return service.addUnitOps("", asserts)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/minimumunits_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/minimumunits_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/minimumunits_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/minimumunits_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,14 +13,14 @@
 
 type MinUnitsSuite struct {
 	ConnSuite
-	service *state.Service
+	service *state.Application
 }
 
 var _ = gc.Suite(&MinUnitsSuite{})
 
 func (s *MinUnitsSuite) SetUpTest(c *gc.C) {
 	s.ConnSuite.SetUpTest(c)
-	s.service = s.AddTestingService(c, "dummy-service", s.AddTestingCharm(c, "dummy"))
+	s.service = s.AddTestingService(c, "dummy-application", s.AddTestingCharm(c, "dummy"))
 }
 
 func (s *MinUnitsSuite) assertRevno(c *gc.C, expectedRevno int, expectedErr error) {
@@ -106,7 +106,7 @@
 
 func (s *MinUnitsSuite) TestInvalidMinUnits(c *gc.C) {
 	err := s.service.SetMinUnits(-1)
-	c.Assert(err, gc.ErrorMatches, `cannot set minimum units for service "dummy-service": cannot set a negative minimum number of units`)
+	c.Assert(err, gc.ErrorMatches, `cannot set minimum units for application "dummy-application": cannot set a negative minimum number of units`)
 }
 
 func (s *MinUnitsSuite) TestMinUnitsInsertRetry(c *gc.C) {
@@ -153,9 +153,9 @@
 func (s *MinUnitsSuite) testDestroyOrRemoveServiceBefore(c *gc.C, initial, input int, preventRemoval bool) {
 	err := s.service.SetMinUnits(initial)
 	c.Assert(err, jc.ErrorIsNil)
-	expectedErr := `cannot set minimum units for service "dummy-service": service "dummy-service" not found`
+	expectedErr := `cannot set minimum units for application "dummy-application": application "dummy-application" not found`
 	if preventRemoval {
-		expectedErr = `cannot set minimum units for service "dummy-service": service is no longer alive`
+		expectedErr = `cannot set minimum units for application "dummy-application": application is no longer alive`
 		s.addUnits(c, 1)
 	}
 	defer state.SetBeforeHooks(c, s.State, func() {
@@ -243,7 +243,7 @@
 	s.assertRevno(c, 0, mgo.ErrNotFound)
 }
 
-func assertAllUnits(c *gc.C, service *state.Service, expected int) {
+func assertAllUnits(c *gc.C, service *state.Application, expected int) {
 	units, err := service.AllUnits()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(units, gc.HasLen, expected)
@@ -254,7 +254,7 @@
 	for i, t := range []struct {
 		about    string // Test description.
 		initial  int    // Initial number of units.
-		minimum  int    // Minimum number of units for the service.
+		minimum  int    // Minimum number of units for the application.
 		destroy  int    // Number of units to be destroyed before calling EnsureMinUnits.
 		expected int    // Expected number of units after calling EnsureMinUnits.
 	}{{
@@ -324,9 +324,9 @@
 	s.addUnits(c, 1)
 	err = s.service.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
-	expectedErr := `cannot ensure minimum units for service "dummy-service": service is not alive`
+	expectedErr := `cannot ensure minimum units for application "dummy-application": application is not alive`
 
-	// An error is returned if the service is not alive.
+	// An error is returned if the application is not alive.
 	c.Assert(s.service.EnsureMinUnits(), gc.ErrorMatches, expectedErr)
 
 	// An error is returned if the service was removed.
@@ -404,7 +404,7 @@
 		c.Assert(err, jc.ErrorIsNil)
 	}).Check()
 	c.Assert(s.service.EnsureMinUnits(), gc.ErrorMatches,
-		`cannot ensure minimum units for service "dummy-service": service is not alive`)
+		`cannot ensure minimum units for application "dummy-application": application is not alive`)
 }
 
 func (s *MinUnitsSuite) TestEnsureMinUnitsDecreaseMinUnitsAfter(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/modelconfig.go juju-core-2.0~beta12/src/github.com/juju/juju/state/modelconfig.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/modelconfig.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/modelconfig.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,262 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	"github.com/juju/errors"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/mgo.v2/txn"
+
+	"github.com/juju/juju/controller"
+	"github.com/juju/juju/environs/config"
+)
+
+var disallowedModelConfigAttrs = [...]string{
+	"admin-secret",
+	"ca-private-key",
+}
+
+// ModelConfig returns the complete config for the model represented
+// by this state.
+func (st *State) ModelConfig() (*config.Config, error) {
+	modelSettings, err := readSettings(st, settingsC, modelGlobalKey)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return config.New(config.NoDefaults, modelSettings.Map())
+}
+
+// checkModelConfig returns an error if the config is definitely invalid.
+func checkModelConfig(cfg *config.Config) error {
+	allAttrs := cfg.AllAttrs()
+	for _, attr := range disallowedModelConfigAttrs {
+		if _, ok := allAttrs[attr]; ok {
+			return errors.Errorf(attr + " should never be written to the state")
+		}
+	}
+	if _, ok := cfg.AgentVersion(); !ok {
+		return errors.Errorf("agent-version must always be set in state")
+	}
+	for attr := range allAttrs {
+		if controller.ControllerOnlyAttribute(attr) {
+			return errors.Errorf("cannot set controller attribute %q on a model", attr)
+		}
+	}
+	return nil
+}
+
+// ModelConfigValues returns the config values for the model represented
+// by this state.
+func (st *State) ModelConfigValues() (config.ConfigValues, error) {
+	modelSettings, err := readSettings(st, settingsC, modelGlobalKey)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	// TODO(wallyworld) - this data should not be stored separately
+	sources, closer := st.getCollection(modelSettingsSourcesC)
+	defer closer()
+
+	var settingsSources settingsSourcesDoc
+	err = sources.FindId(modelGlobalKey).One(&settingsSources)
+	if err == mgo.ErrNotFound {
+		err = errors.NotFoundf("settings sources")
+	}
+	if err != nil {
+		return nil, err
+	}
+	result := make(config.ConfigValues)
+	for attr, val := range modelSettings.Map() {
+		source, ok := settingsSources.Sources[attr]
+		if !ok {
+			source = config.JujuModelConfigSource
+		}
+		result[attr] = config.ConfigValue{
+			Value:  val,
+			Source: source,
+		}
+	}
+	return result, nil
+}
+
+// checkControllerInheritedConfig returns an error if the shared local cloud config is definitely invalid.
+func checkControllerInheritedConfig(attrs map[string]interface{}) error {
+	disallowedCloudConfigAttrs := append(disallowedModelConfigAttrs[:], config.AgentVersionKey)
+	for _, attr := range disallowedCloudConfigAttrs {
+		if _, ok := attrs[attr]; ok {
+			return errors.Errorf("local cloud config cannot contain " + attr)
+		}
+	}
+	for attrName := range attrs {
+		if controller.ControllerOnlyAttribute(attrName) {
+			return errors.Errorf("local cloud config cannot contain controller attribute %q", attrName)
+		}
+	}
+	return nil
+}
+
+func (st *State) buildAndValidateModelConfig(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) (validCfg *config.Config, err error) {
+	newConfig, err := oldConfig.Apply(updateAttrs)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if len(removeAttrs) != 0 {
+		newConfig, err = newConfig.Remove(removeAttrs)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+	}
+	if err := checkModelConfig(newConfig); err != nil {
+		return nil, errors.Trace(err)
+	}
+	return st.validate(newConfig, oldConfig)
+}
+
+type ValidateConfigFunc func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error
+
+// UpdateModelConfig adds, updates or removes attributes in the current
+// configuration of the model with the provided updateAttrs and
+// removeAttrs.
+func (st *State) UpdateModelConfig(updateAttrs map[string]interface{}, removeAttrs []string, additionalValidation ValidateConfigFunc) error {
+	if len(updateAttrs)+len(removeAttrs) == 0 {
+		return nil
+	}
+
+	// TODO(axw) 2013-12-6 #1167616
+	// Ensure that the settings on disk have not changed
+	// underneath us. The settings changes are actually
+	// applied as a delta to what's on disk; if there has
+	// been a concurrent update, the change may not be what
+	// the user asked for.
+
+	modelSettings, err := readSettings(st, settingsC, modelGlobalKey)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	// Get the existing model config from state.
+	oldConfig, err := st.ModelConfig()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if additionalValidation != nil {
+		err = additionalValidation(updateAttrs, removeAttrs, oldConfig)
+		if err != nil {
+			return errors.Trace(err)
+		}
+	}
+	validCfg, err := st.buildAndValidateModelConfig(updateAttrs, removeAttrs, oldConfig)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
+	validAttrs := validCfg.AllAttrs()
+	for k := range oldConfig.AllAttrs() {
+		if _, ok := validAttrs[k]; !ok {
+			modelSettings.Delete(k)
+		}
+	}
+
+	modelSettings.Update(validAttrs)
+	changes, ops := modelSettings.settingsUpdateOps()
+	ops = append(ops, updateModelSourcesOps(changes)...)
+	return modelSettings.write(ops)
+}
+
+func updateModelSourcesOps(changes []ItemChange) []txn.Op {
+	var update bson.D
+	var set = make(bson.M)
+	for _, c := range changes {
+		set["sources."+c.Key] = "model"
+	}
+	update = append(update, bson.DocElem{"$set", set})
+
+	ops := []txn.Op{{
+		C:      modelSettingsSourcesC,
+		Id:     modelGlobalKey,
+		Assert: txn.DocExists,
+		Update: update,
+	}}
+	return ops
+}
+
+// settingsSourcesDoc stores for each model attribute,
+// the source of the attribute.
+type settingsSourcesDoc struct {
+	// Sources defines the named source for each settings attribute.
+	Sources map[string]string `bson:"sources,omitempty"`
+}
+
+func createSettingsSourceOp(values map[string]string) txn.Op {
+	return txn.Op{
+		C:      modelSettingsSourcesC,
+		Id:     modelGlobalKey,
+		Assert: txn.DocMissing,
+		Insert: &settingsSourcesDoc{
+			Sources: values,
+		},
+	}
+}
+
+type modelConfigSourceFunc func() (map[string]interface{}, error)
+
+type modelConfigSource struct {
+	name       string
+	sourceFunc modelConfigSourceFunc
+}
+
+// modelConfigSources returns a slice of named model config
+// sources, in hierarchical order. Starting from the first source,
+// config is retrieved and each subsequent source adds to the
+// overall config values, later values override earlier ones.
+func modelConfigSources(st *State) []modelConfigSource {
+	return []modelConfigSource{
+		{config.JujuControllerSource, st.ControllerInheritedConfig},
+		// We will also support local cloud region, tenant, user etc
+	}
+}
+
+// ControllerInheritedConfig returns the inherited config values
+// sourced from the local cloud config.
+func (st *State) ControllerInheritedConfig() (map[string]interface{}, error) {
+	settings, err := readSettings(st, globalSettingsC, controllerInheritedSettingsGlobalKey)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return settings.Map(), nil
+}
+
+// composeModelConfigAttributes returns a set of model config settings composed from known
+// sources of default values overridden by model specific attributes.
+// Also returned is a map containing the source location for each model attribute.
+// The source location is the name of the config values from which an attribute came.
+func composeModelConfigAttributes(
+	modelAttr map[string]interface{}, configSources ...modelConfigSource,
+) (map[string]interface{}, map[string]string, error) {
+	resultAttrs := make(map[string]interface{})
+	settingsSources := make(map[string]string)
+
+	// Compose default settings from all known sources.
+	for _, source := range configSources {
+		newSettings, err := source.sourceFunc()
+		if errors.IsNotFound(err) {
+			continue
+		}
+		if err != nil {
+			return nil, nil, errors.Annotatef(err, "reading %s settings", source.name)
+		}
+		for name, val := range newSettings {
+			resultAttrs[name] = val
+			settingsSources[name] = source.name
+		}
+	}
+
+	// Merge in model specific settings.
+	for attr, val := range modelAttr {
+		resultAttrs[attr] = val
+		settingsSources[attr] = config.JujuModelConfigSource
+	}
+
+	return resultAttrs, settingsSources, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/modelconfig_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/modelconfig_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/modelconfig_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/modelconfig_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,234 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state_test
+
+import (
+	"fmt"
+
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/testing"
+)
+
+type ModelConfigSuite struct {
+	ConnSuite
+}
+
+var _ = gc.Suite(&ModelConfigSuite{})
+
+func (s *ModelConfigSuite) SetUpTest(c *gc.C) {
+	s.ConnSuite.SetUpTest(c)
+	s.policy.GetConstraintsValidator = func(*config.Config, state.SupportedArchitecturesQuerier) (constraints.Validator, error) {
+		validator := constraints.NewValidator()
+		validator.RegisterConflicts([]string{constraints.InstanceType}, []string{constraints.Mem})
+		validator.RegisterUnsupported([]string{constraints.CpuPower})
+		return validator, nil
+	}
+}
+
+func (s *ModelConfigSuite) TestAdditionalValidation(c *gc.C) {
+	updateAttrs := map[string]interface{}{"logging-config": "juju=ERROR"}
+	configValidator1 := func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error {
+		c.Assert(updateAttrs, gc.DeepEquals, map[string]interface{}{"logging-config": "juju=ERROR"})
+		if _, found := updateAttrs["logging-config"]; found {
+			return fmt.Errorf("cannot change logging-config")
+		}
+		return nil
+	}
+	removeAttrs := []string{"logging-config"}
+	configValidator2 := func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error {
+		c.Assert(removeAttrs, gc.DeepEquals, []string{"logging-config"})
+		for _, i := range removeAttrs {
+			if i == "logging-config" {
+				return fmt.Errorf("cannot remove logging-config")
+			}
+		}
+		return nil
+	}
+	configValidator3 := func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error {
+		return nil
+	}
+
+	err := s.State.UpdateModelConfig(updateAttrs, nil, configValidator1)
+	c.Assert(err, gc.ErrorMatches, "cannot change logging-config")
+	err = s.State.UpdateModelConfig(nil, removeAttrs, configValidator2)
+	c.Assert(err, gc.ErrorMatches, "cannot remove logging-config")
+	err = s.State.UpdateModelConfig(updateAttrs, nil, configValidator3)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ModelConfigSuite) TestModelConfig(c *gc.C) {
+	attrs := map[string]interface{}{
+		"authorized-keys": "different-keys",
+		"arbitrary-key":   "shazam!",
+	}
+	cfg, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	err = s.State.UpdateModelConfig(attrs, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+	cfg, err = cfg.Apply(attrs)
+	c.Assert(err, jc.ErrorIsNil)
+	oldCfg, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(oldCfg, gc.DeepEquals, cfg)
+}
+
+func (s *ModelConfigSuite) TestUpdateModelConfigRejectsControllerConfig(c *gc.C) {
+	updateAttrs := map[string]interface{}{"api-port": 1234}
+	err := s.State.UpdateModelConfig(updateAttrs, nil, nil)
+	c.Assert(err, gc.ErrorMatches, `cannot set controller attribute "api-port" on a model`)
+}
+
+type ModelConfigSourceSuite struct {
+	ConnSuite
+}
+
+var _ = gc.Suite(&ModelConfigSourceSuite{})
+
+func (s *ModelConfigSourceSuite) SetUpTest(c *gc.C) {
+	s.ControllerInheritedConfig = map[string]interface{}{
+		"apt-mirror": "http://cloud-mirror",
+		"http-proxy": "http://proxy",
+	}
+	s.ConnSuite.SetUpTest(c)
+
+	localControllerSettings, err := s.State.ReadSettings(state.GlobalSettingsC, state.ControllerInheritedSettingsGlobalKey)
+	c.Assert(err, jc.ErrorIsNil)
+	localControllerSettings.Set("apt-mirror", "http://mirror")
+	_, err = localControllerSettings.Write()
+	c.Assert(err, jc.ErrorIsNil)
+}
+
+func (s *ModelConfigSourceSuite) TestModelConfigWhenSetOverridesCloudValue(c *gc.C) {
+	attrs := map[string]interface{}{
+		"authorized-keys": "different-keys",
+		"apt-mirror":      "http://anothermirror",
+	}
+	err := s.State.UpdateModelConfig(attrs, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	cfg, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg.AllAttrs()["apt-mirror"], gc.Equals, "http://anothermirror")
+}
+
+func (s *ModelConfigSourceSuite) TestControllerModelConfigForksControllerValue(c *gc.C) {
+	modelCfg, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(modelCfg.AllAttrs()["apt-mirror"], gc.Equals, "http://cloud-mirror")
+
+	// Change the local controller settings and ensure the model setting stays the same.
+	localControllerSettings, err := s.State.ReadSettings(state.GlobalSettingsC, state.ControllerInheritedSettingsGlobalKey)
+	c.Assert(err, jc.ErrorIsNil)
+	localControllerSettings.Set("apt-mirror", "http://anothermirror")
+	_, err = localControllerSettings.Write()
+	c.Assert(err, jc.ErrorIsNil)
+
+	modelCfg, err = s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(modelCfg.AllAttrs()["apt-mirror"], gc.Equals, "http://cloud-mirror")
+}
+
+func (s *ModelConfigSourceSuite) TestNewModelConfigForksControllerValue(c *gc.C) {
+	uuid, err := utils.NewUUID()
+	c.Assert(err, jc.ErrorIsNil)
+	cfg := testing.CustomModelConfig(c, testing.Attrs{
+		"name": "another",
+		"uuid": uuid.String(),
+	})
+	owner := names.NewUserTag("test@remote")
+	_, st, err := s.State.NewModel(state.ModelArgs{
+		Config: cfg, Owner: owner, CloudName: "dummy",
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	defer st.Close()
+
+	modelCfg, err := st.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(modelCfg.AllAttrs()["apt-mirror"], gc.Equals, "http://mirror")
+
+	// Change the local controller settings and ensure the model setting stays the same.
+	localCloudSettings, err := s.State.ReadSettings(state.GlobalSettingsC, state.ControllerInheritedSettingsGlobalKey)
+	c.Assert(err, jc.ErrorIsNil)
+	localCloudSettings.Set("apt-mirror", "http://anothermirror")
+	_, err = localCloudSettings.Write()
+	c.Assert(err, jc.ErrorIsNil)
+
+	modelCfg, err = st.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(modelCfg.AllAttrs()["apt-mirror"], gc.Equals, "http://mirror")
+}
+
+func (s *ModelConfigSourceSuite) TestModelConfigValues(c *gc.C) {
+	modelCfg, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	expectedValues := make(config.ConfigValues)
+	for attr, val := range modelCfg.AllAttrs() {
+		source := "model"
+		if attr == "apt-mirror" || attr == "http-proxy" {
+			source = "controller"
+		}
+		expectedValues[attr] = config.ConfigValue{
+			Value:  val,
+			Source: source,
+		}
+	}
+	sources, err := s.State.ModelConfigValues()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sources, jc.DeepEquals, expectedValues)
+}
+
+func (s *ModelConfigSourceSuite) TestModelConfigUpdateSetsSource(c *gc.C) {
+	attrs := map[string]interface{}{
+		"http-proxy": "http://anotherproxy",
+	}
+	err := s.State.UpdateModelConfig(attrs, nil, nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	modelCfg, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	expectedValues := make(config.ConfigValues)
+	for attr, val := range modelCfg.AllAttrs() {
+		source := "model"
+		if attr == "apt-mirror" {
+			source = "controller"
+		}
+		expectedValues[attr] = config.ConfigValue{
+			Value:  val,
+			Source: source,
+		}
+	}
+	sources, err := s.State.ModelConfigValues()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sources, jc.DeepEquals, expectedValues)
+}
+
+func (s *ModelConfigSourceSuite) TestModelConfigDeleteSetsSource(c *gc.C) {
+	err := s.State.UpdateModelConfig(nil, []string{"apt-mirror"}, nil)
+	c.Assert(err, jc.ErrorIsNil)
+
+	modelCfg, err := s.State.ModelConfig()
+	c.Assert(err, jc.ErrorIsNil)
+	expectedValues := make(config.ConfigValues)
+	for attr, val := range modelCfg.AllAttrs() {
+		source := "model"
+		if attr == "http-proxy" {
+			source = "controller"
+		}
+		expectedValues[attr] = config.ConfigValue{
+			Value:  val,
+			Source: source,
+		}
+	}
+	sources, err := s.State.ModelConfigValues()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(sources, jc.DeepEquals, expectedValues)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/model.go juju-core-2.0~beta12/src/github.com/juju/juju/state/model.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/model.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/model.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,12 +8,14 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
 
+	jujucloud "github.com/juju/juju/cloud"
+	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/status"
@@ -60,6 +62,18 @@
 	ServerUUID    string        `bson:"server-uuid"`
 	MigrationMode MigrationMode `bson:"migration-mode"`
 
+	// Cloud is the name of the cloud to which the model is deployed.
+	Cloud string `bson:"cloud"`
+
+	// CloudRegion is the name of the cloud region to which the model is
+	// deployed. This will be empty for clouds that do not support regions.
+	CloudRegion string `bson:"cloud-region,omitempty"`
+
+	// CloudCredential is the name of the cloud credential that is used
+	// for managing cloud resources for this model. This will be empty
+	// for clouds that do not require credentials.
+	CloudCredential string `bson:"cloud-credential,omitempty"`
+
 	// LatestAvailableTools is a string representing the newest version
 	// found while checking streams for new versions.
 	LatestAvailableTools string `bson:"available-tools,omitempty"`
@@ -74,7 +88,7 @@
 	Machines []string `bson:"machines"`
 
 	// Services contains the names of the services in the model.
-	Services []string `bson:"services"`
+	Services []string `bson:"applications"`
 }
 
 // ControllerModel returns the model that was bootstrapped.
@@ -101,15 +115,7 @@
 
 // Model returns the model entity.
 func (st *State) Model() (*Model, error) {
-	models, closer := st.getCollection(modelsC)
-	defer closer()
-
-	env := &Model{st: st}
-	uuid := st.modelTag.Id()
-	if err := env.refresh(models.FindId(uuid)); err != nil {
-		return nil, errors.Trace(err)
-	}
-	return env, nil
+	return st.GetModel(st.modelTag)
 }
 
 // GetModel looks for the model identified by the uuid passed in.
@@ -117,11 +123,11 @@
 	models, closer := st.getCollection(modelsC)
 	defer closer()
 
-	env := &Model{st: st}
-	if err := env.refresh(models.FindId(tag.Id())); err != nil {
+	model := &Model{st: st}
+	if err := model.refresh(models.FindId(tag.Id())); err != nil {
 		return nil, errors.Trace(err)
 	}
-	return env, nil
+	return model, nil
 }
 
 // AllModels returns all the models in the system.
@@ -145,11 +151,50 @@
 
 // ModelArgs is a params struct for creating a new model.
 type ModelArgs struct {
-	Config        *config.Config
-	Owner         names.UserTag
+	// CloudName is the name of the cloud to which the model is deployed.
+	CloudName string
+
+	// CloudRegion is the name of the cloud region to which the model is
+	// deployed. This will be empty for clouds that do not support regions.
+	CloudRegion string
+
+	// CloudCredential is the name of the cloud credential that will be
+	// used for managing cloud resources for this model. This will be empty
+	// for clouds that do not require credentials.
+	CloudCredential string
+
+	// Config is the model config.
+	Config *config.Config
+
+	// Constraints contains the initial constraints for the model.
+	Constraints constraints.Value
+
+	// Owner is the user that owns the model.
+	Owner names.UserTag
+
+	// MigrationMode is the initial migration mode of the model.
 	MigrationMode MigrationMode
 }
 
+// Validate validates the ModelArgs.
+func (m ModelArgs) Validate() error {
+	if m.Config == nil {
+		return errors.NotValidf("nil Config")
+	}
+	if m.CloudName == "" {
+		return errors.NotValidf("empty Cloud Name")
+	}
+	if m.Owner == (names.UserTag{}) {
+		return errors.NotValidf("empty Owner")
+	}
+	switch m.MigrationMode {
+	case MigrationModeActive, MigrationModeImporting:
+	default:
+		return errors.NotValidf("initial migration mode %q", m.MigrationMode)
+	}
+	return nil
+}
+
 // NewModel creates a new model with its own UUID and
 // prepares it for use. Model and State instances for the new
 // model are returned.
@@ -160,34 +205,75 @@
 // models, perhaps for future use around cross model
 // relations.
 func (st *State) NewModel(args ModelArgs) (_ *Model, _ *State, err error) {
+	if err := args.Validate(); err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+	// For now, the model cloud must be the same as the controller cloud.
+	controllerInfo, err := st.ControllerInfo()
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+	if controllerInfo.CloudName != args.CloudName {
+		return nil, nil, errors.NewNotValid(
+			nil, fmt.Sprintf("controller cloud %s does not match model cloud %s", controllerInfo.CloudName, args.CloudName))
+	}
+
+	// Ensure that the cloud region is valid, or if one is not specified,
+	// that the cloud does not support regions.
+	controllerCloud, err := st.Cloud(args.CloudName)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+	assertCloudRegionOp, err := validateCloudRegion(controllerCloud, args.CloudName, args.CloudRegion)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+
+	// Ensure that the cloud credential is valid, or if one is not
+	// specified, that the cloud supports the "empty" authentication
+	// type.
 	owner := args.Owner
+	cloudCredentials, err := st.CloudCredentials(owner, args.CloudName)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+	assertCloudCredentialOp, err := validateCloudCredential(
+		controllerCloud, args.CloudName, cloudCredentials, args.CloudCredential, owner,
+	)
+	if err != nil {
+		return nil, nil, errors.Trace(err)
+	}
+
 	if owner.IsLocal() {
 		if _, err := st.User(owner); err != nil {
 			return nil, nil, errors.Annotate(err, "cannot create model")
 		}
 	}
 
-	ssEnv, err := st.ControllerModel()
-	if err != nil {
-		return nil, nil, errors.Annotate(err, "could not load controller model")
-	}
-
 	uuid := args.Config.UUID()
-	newState, err := st.ForModel(names.NewModelTag(uuid))
+	session := st.session.Copy()
+	newSt, err := newState(names.NewModelTag(uuid), session, st.mongoInfo, st.policy)
 	if err != nil {
 		return nil, nil, errors.Annotate(err, "could not create state for new model")
 	}
 	defer func() {
 		if err != nil {
-			newState.Close()
+			newSt.Close()
 		}
 	}()
+	newSt.controllerTag = st.controllerTag
 
-	ops, err := newState.modelSetupOps(args.Config, uuid, ssEnv.UUID(), owner, args.MigrationMode)
+	modelOps, err := newSt.modelSetupOps(args, nil)
 	if err != nil {
 		return nil, nil, errors.Annotate(err, "failed to create new model")
 	}
-	err = newState.runTransaction(ops)
+
+	prereqOps := []txn.Op{
+		assertCloudRegionOp,
+		assertCloudCredentialOp,
+	}
+	ops := append(prereqOps, modelOps...)
+	err = newSt.runTransaction(ops)
 	if err == txn.ErrAborted {
 
 		// We have a  unique key restriction on the "owner" and "name" fields,
@@ -213,12 +299,85 @@
 		return nil, nil, errors.Trace(err)
 	}
 
-	newEnv, err := newState.Model()
+	err = newSt.start(st.controllerTag)
+	if err != nil {
+		return nil, nil, errors.Annotate(err, "could not start state for new model")
+	}
+
+	newModel, err := newSt.Model()
 	if err != nil {
 		return nil, nil, errors.Trace(err)
 	}
 
-	return newEnv, newState, nil
+	return newModel, newSt, nil
+}
+
+// validateCloudRegion validates the given region name against the
+// provided Cloud definition, and returns a txn.Op to include in a
+// transaction to assert the same.
+func validateCloudRegion(cloud jujucloud.Cloud, cloudName, regionName string) (txn.Op, error) {
+	// Ensure that the cloud region is valid, or if one is not specified,
+	// that the cloud does not support regions.
+	assertCloudRegionOp := txn.Op{
+		C:  cloudsC,
+		Id: cloudName,
+	}
+	if regionName != "" {
+		region, err := jujucloud.RegionByName(cloud.Regions, regionName)
+		if err != nil {
+			return txn.Op{}, errors.Trace(err)
+		}
+		assertCloudRegionOp.Assert = bson.D{
+			{"regions." + region.Name, bson.D{{"$exists", true}}},
+		}
+	} else {
+		if len(cloud.Regions) > 0 {
+			return txn.Op{}, errors.NotValidf("missing CloudRegion")
+		}
+		assertCloudRegionOp.Assert = bson.D{
+			{"regions", bson.D{{"$exists", false}}},
+		}
+	}
+	return assertCloudRegionOp, nil
+}
+
+// validateCloudCredential validates the given cloud credential
+// name against the provided cloud definition and credentials,
+// and returns a txn.Op to include in a transaction to assert the
+// same.
+func validateCloudCredential(
+	cloud jujucloud.Cloud,
+	cloudName string,
+	cloudCredentials map[string]jujucloud.Credential,
+	cloudCredentialName string,
+	cloudCredentialOwner names.UserTag,
+) (txn.Op, error) {
+	if cloudCredentialName != "" {
+		if _, ok := cloudCredentials[cloudCredentialName]; !ok {
+			return txn.Op{}, errors.NotFoundf("credential %q", cloudCredentialName)
+		}
+		return txn.Op{
+			C:      cloudCredentialsC,
+			Id:     cloudCredentialDocID(cloudCredentialOwner, cloudName, cloudCredentialName),
+			Assert: txn.DocExists,
+		}, nil
+	}
+	var hasEmptyAuth bool
+	for _, authType := range cloud.AuthTypes {
+		if authType != jujucloud.EmptyAuthType {
+			continue
+		}
+		hasEmptyAuth = true
+		break
+	}
+	if !hasEmptyAuth {
+		return txn.Op{}, errors.NotValidf("missing CloudCredential")
+	}
+	return txn.Op{
+		C:      cloudsC,
+		Id:     cloudName,
+		Assert: bson.D{{"auth-types", string(jujucloud.EmptyAuthType)}},
+	}, nil
 }
 
 // Tag returns a name identifying the model.
@@ -255,6 +414,22 @@
 	return m.doc.Name
 }
 
+// Cloud returns the name of the cloud to which the model is deployed.
+func (m *Model) Cloud() string {
+	return m.doc.Cloud
+}
+
+// CloudRegion returns the name of the cloud region to which the model is deployed.
+func (m *Model) CloudRegion() string {
+	return m.doc.CloudRegion
+}
+
+// CloudCredential returns the name of the cloud credential used for managing the
+// model's cloud resources.
+func (m *Model) CloudCredential() string {
+	return m.doc.CloudCredential
+}
+
 // MigrationMode returns whether the model is active or being migrated.
 func (m *Model) MigrationMode() MigrationMode {
 	return m.doc.MigrationMode
@@ -306,21 +481,22 @@
 }
 
 // SetStatus sets the status of the model.
-func (m *Model) SetStatus(modelStatus status.Status, info string, data map[string]interface{}) error {
+func (m *Model) SetStatus(sInfo status.StatusInfo) error {
 	st, closeState, err := m.getState()
 	if err != nil {
 		return errors.Trace(err)
 	}
 	defer closeState()
-	if !status.ValidModelStatus(modelStatus) {
-		return errors.Errorf("cannot set invalid status %q", modelStatus)
+	if !status.ValidModelStatus(sInfo.Status) {
+		return errors.Errorf("cannot set invalid status %q", sInfo.Status)
 	}
 	return setStatus(st, setStatusParams{
 		badge:     "model",
 		globalKey: m.globalKey(),
-		status:    modelStatus,
-		message:   info,
-		rawData:   data,
+		status:    sInfo.Status,
+		message:   sInfo.Message,
+		rawData:   sInfo.Data,
+		updated:   sInfo.Since,
 	})
 }
 
@@ -334,6 +510,16 @@
 	return st.ModelConfig()
 }
 
+// ConfigValues returns the config values for the model.
+func (m *Model) ConfigValues() (config.ConfigValues, error) {
+	st, closeState, err := m.getState()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	defer closeState()
+	return st.ModelConfigValues()
+}
+
 // UpdateLatestToolsVersion looks up for the latest available version of
 // juju tools and updates environementDoc with it.
 func (m *Model) UpdateLatestToolsVersion(ver version.Number) error {
@@ -406,10 +592,11 @@
 
 	var modelUsers []*ModelUser
 	for _, doc := range userDocs {
-		modelUsers = append(modelUsers, &ModelUser{
-			st:  m.st,
-			doc: doc,
-		})
+		mu, err := NewModelUser(m.st, doc)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+		modelUsers = append(modelUsers, mu)
 	}
 
 	return modelUsers, nil
@@ -423,7 +610,7 @@
 // If called on a controller model, and that controller is
 // hosting any non-Dead models, this method will return an
 // error satisfying IsHasHostedsError.
-func (m *Model) Destroy() (err error) {
+func (m *Model) Destroy() error {
 	ensureNoHostedModels := false
 	if m.doc.UUID == m.doc.ServerUUID {
 		ensureNoHostedModels = true
@@ -511,22 +698,29 @@
 
 	// Check if the model is empty. If it is, we can advance the model's
 	// lifecycle state directly to Dead.
-	var prereqOps []txn.Op
 	checkEmptyErr := m.checkEmpty()
 	isEmpty := checkEmptyErr == nil
-	uuid := m.UUID()
 	if ensureEmpty && !isEmpty {
 		return nil, errors.Trace(checkEmptyErr)
 	}
+
+	modelUUID := m.UUID()
+	nextLife := Dying
+	var prereqOps []txn.Op
 	if isEmpty {
-		prereqOps = append(prereqOps, txn.Op{
+		prereqOps = []txn.Op{{
 			C:  modelEntityRefsC,
-			Id: uuid,
+			Id: modelUUID,
 			Assert: bson.D{
 				{"machines", bson.D{{"$size", 0}}},
-				{"services", bson.D{{"$size", 0}}},
+				{"applications", bson.D{{"$size", 0}}},
 			},
-		})
+		}}
+		if modelUUID != m.doc.ServerUUID {
+			// The model is empty, and is not the controller
+			// model, so we can move it straight to Dead.
+			nextLife = Dead
+		}
 	}
 
 	if ensureNoHostedModels {
@@ -583,18 +777,12 @@
 		prereqOps = append(prereqOps, assertHostedModelsOp(aliveEmpty+dead))
 	}
 
-	life := Dying
-	if isEmpty && uuid != m.doc.ServerUUID {
-		// The model is empty, and is not the admin
-		// model, so we can move it straight to Dead.
-		life = Dead
-	}
 	timeOfDying := nowToTheSecond()
 	modelUpdateValues := bson.D{
-		{"life", life},
+		{"life", nextLife},
 		{"time-of-dying", timeOfDying},
 	}
-	if life == Dead {
+	if nextLife == Dead {
 		modelUpdateValues = append(modelUpdateValues, bson.DocElem{
 			"time-of-death", timeOfDying,
 		})
@@ -602,7 +790,7 @@
 
 	ops := []txn.Op{{
 		C:      modelsC,
-		Id:     uuid,
+		Id:     modelUUID,
 		Assert: isAliveDoc,
 		Update: bson.D{{"$set", modelUpdateValues}},
 	}}
@@ -611,8 +799,8 @@
 	// arbitrarily long delays, we need to make sure every op
 	// causes a state change that's still consistent; so we make
 	// sure the cleanup ops are the last thing that will execute.
-	if uuid == m.doc.ServerUUID {
-		cleanupOp := st.newCleanupOp(cleanupModelsForDyingController, uuid)
+	if modelUUID == m.doc.ServerUUID {
+		cleanupOp := st.newCleanupOp(cleanupModelsForDyingController, modelUUID)
 		ops = append(ops, cleanupOp)
 	}
 	if !isEmpty {
@@ -622,10 +810,9 @@
 		// hosted model in the course of destroying the controller. In
 		// that case we'll get errors if we try to enqueue hosted-model
 		// cleanups, because the cleanups collection is non-global.
-		cleanupMachinesOp := st.newCleanupOp(cleanupMachinesForDyingModel, uuid)
-		ops = append(ops, cleanupMachinesOp)
-		cleanupServicesOp := st.newCleanupOp(cleanupServicesForDyingModel, uuid)
-		ops = append(ops, cleanupServicesOp)
+		cleanupMachinesOp := st.newCleanupOp(cleanupMachinesForDyingModel, modelUUID)
+		cleanupServicesOp := st.newCleanupOp(cleanupServicesForDyingModel, modelUUID)
+		ops = append(ops, cleanupMachinesOp, cleanupServicesOp)
 	}
 	return append(prereqOps, ops...), nil
 }
@@ -676,20 +863,20 @@
 	}
 }
 
-func addModelServiceRefOp(st *State, serviceName string) txn.Op {
+func addModelServiceRefOp(st *State, applicationname string) txn.Op {
 	return txn.Op{
 		C:      modelEntityRefsC,
 		Id:     st.ModelUUID(),
 		Assert: txn.DocExists,
-		Update: bson.D{{"$addToSet", bson.D{{"services", serviceName}}}},
+		Update: bson.D{{"$addToSet", bson.D{{"applications", applicationname}}}},
 	}
 }
 
-func removeModelServiceRefOp(st *State, serviceName string) txn.Op {
+func removeModelServiceRefOp(st *State, applicationname string) txn.Op {
 	return txn.Op{
 		C:      modelEntityRefsC,
 		Id:     st.ModelUUID(),
-		Update: bson.D{{"$pull", bson.D{{"services", serviceName}}}},
+		Update: bson.D{{"$pull", bson.D{{"applications", applicationname}}}},
 	}
 }
 
@@ -742,14 +929,21 @@
 
 // createModelOp returns the operation needed to create
 // an model document with the given name and UUID.
-func createModelOp(st *State, owner names.UserTag, name, uuid, server string, mode MigrationMode) txn.Op {
+func createModelOp(
+	owner names.UserTag,
+	name, uuid, server, cloudName, cloudRegion, cloudCredential string,
+	migrationMode MigrationMode,
+) txn.Op {
 	doc := &modelDoc{
-		UUID:          uuid,
-		Name:          name,
-		Life:          Alive,
-		Owner:         owner.Canonical(),
-		ServerUUID:    server,
-		MigrationMode: mode,
+		UUID:            uuid,
+		Name:            name,
+		Life:            Alive,
+		Owner:           owner.Canonical(),
+		ServerUUID:      server,
+		MigrationMode:   migrationMode,
+		Cloud:           cloudName,
+		CloudRegion:     cloudRegion,
+		CloudCredential: cloudCredential,
 	}
 	return txn.Op{
 		C:      modelsC,
@@ -759,7 +953,7 @@
 	}
 }
 
-func createModelEntityRefsOp(st *State, uuid string) txn.Op {
+func createModelEntityRefsOp(uuid string) txn.Op {
 	return txn.Op{
 		C:      modelEntityRefsC,
 		Id:     uuid,
@@ -776,10 +970,6 @@
 	RefCount int `bson:"refcount"`
 }
 
-func assertNoHostedModelsOp() txn.Op {
-	return assertHostedModelsOp(0)
-}
-
 func assertHostedModelsOp(n int) txn.Op {
 	return txn.Op{
 		C:      controllersC,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/modelmigration.go juju-core-2.0~beta12/src/github.com/juju/juju/state/modelmigration.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/modelmigration.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/modelmigration.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/modelmigration_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/modelmigration_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/modelmigration_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/modelmigration_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/core/migration"
 	"github.com/juju/juju/state"
@@ -412,17 +412,21 @@
 func (s *ModelMigrationSuite) TestWatchForModelMigration(c *gc.C) {
 	// Start watching for migration.
 	w, wc := s.createWatcher(c, s.State2)
-	wc.AssertNoChange()
+	wc.AssertOneChange()
 
 	// Create the migration - should be reported.
 	mig, err := s.State2.CreateModelMigration(s.stdSpec)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertOneChange()
 
-	// Ending the migration should not be reported.
+	// Mere phase changes should not be reported.
 	c.Check(mig.SetPhase(migration.ABORT), jc.ErrorIsNil)
 	wc.AssertNoChange()
 
+	// Ending the migration should be reported.
+	c.Check(mig.SetPhase(migration.ABORTDONE), jc.ErrorIsNil)
+	wc.AssertOneChange()
+
 	statetesting.AssertStop(c, w)
 	wc.AssertClosed()
 }
@@ -439,14 +443,14 @@
 
 func (s *ModelMigrationSuite) TestWatchForModelMigrationMultiModel(c *gc.C) {
 	_, wc2 := s.createWatcher(c, s.State2)
-	wc2.AssertNoChange()
+	wc2.AssertOneChange()
 
 	// Create another hosted model to migrate and watch for
 	// migrations.
 	State3 := s.Factory.MakeModel(c, nil)
 	s.AddCleanup(func(*gc.C) { State3.Close() })
 	_, wc3 := s.createWatcher(c, State3)
-	wc3.AssertNoChange()
+	wc3.AssertOneChange()
 
 	// Create a migration for 2.
 	_, err := s.State2.CreateModelMigration(s.stdSpec)
@@ -464,8 +468,7 @@
 func (s *ModelMigrationSuite) createWatcher(c *gc.C, st *state.State) (
 	state.NotifyWatcher, statetesting.NotifyWatcherC,
 ) {
-	w, err := st.WatchForModelMigration()
-	c.Assert(err, jc.ErrorIsNil)
+	w := st.WatchForModelMigration()
 	s.AddCleanup(func(c *gc.C) { statetesting.AssertStop(c, w) })
 	return w, statetesting.NewNotifyWatcherC(c, st, w)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/model_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/model_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/model_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/model_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,13 +8,17 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/mongo/mongotest"
 	"github.com/juju/juju/state"
+	statetesting "github.com/juju/juju/state/testing"
 	"github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
 )
@@ -55,19 +59,19 @@
 }
 
 func (s *ModelSuite) TestNewModelNonExistentLocalUser(c *gc.C) {
-	cfg, _ := s.createTestEnvConfig(c)
+	cfg, _ := s.createTestModelConfig(c)
 	owner := names.NewUserTag("non-existent@local")
 
-	_, _, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: owner})
+	_, _, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
 	c.Assert(err, gc.ErrorMatches, `cannot create model: user "non-existent" not found`)
 }
 
 func (s *ModelSuite) TestNewModelSameUserSameNameFails(c *gc.C) {
-	cfg, _ := s.createTestEnvConfig(c)
+	cfg, _ := s.createTestModelConfig(c)
 	owner := s.Factory.MakeUser(c, nil).UserTag()
 
 	// Create the first model.
-	_, st1, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: owner})
+	_, st1, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
 	c.Assert(err, jc.ErrorIsNil)
 	defer st1.Close()
 
@@ -79,7 +83,7 @@
 		"name": cfg.Name(),
 		"uuid": newUUID.String(),
 	})
-	_, _, err = s.State.NewModel(state.ModelArgs{Config: cfg2, Owner: owner})
+	_, _, err = s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg2, Owner: owner})
 	errMsg := fmt.Sprintf("model %q for %s already exists", cfg2.Name(), owner.Canonical())
 	c.Assert(err, gc.ErrorMatches, errMsg)
 	c.Assert(errors.IsAlreadyExists(err), jc.IsTrue)
@@ -98,7 +102,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// We should now be able to create the other model.
-	env2, st2, err := s.State.NewModel(state.ModelArgs{Config: cfg2, Owner: owner})
+	env2, st2, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg2, Owner: owner})
 	c.Assert(err, jc.ErrorIsNil)
 	defer st2.Close()
 	c.Assert(env2, gc.NotNil)
@@ -106,33 +110,33 @@
 }
 
 func (s *ModelSuite) TestNewModel(c *gc.C) {
-	cfg, uuid := s.createTestEnvConfig(c)
+	cfg, uuid := s.createTestModelConfig(c)
 	owner := names.NewUserTag("test@remote")
 
-	env, st, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: owner})
+	model, st, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
 	c.Assert(err, jc.ErrorIsNil)
 	defer st.Close()
 
 	modelTag := names.NewModelTag(uuid)
-	assertEnvMatches := func(env *state.Model) {
-		c.Assert(env.UUID(), gc.Equals, modelTag.Id())
-		c.Assert(env.Tag(), gc.Equals, modelTag)
-		c.Assert(env.ControllerTag(), gc.Equals, s.modelTag)
-		c.Assert(env.Owner(), gc.Equals, owner)
-		c.Assert(env.Name(), gc.Equals, "testing")
-		c.Assert(env.Life(), gc.Equals, state.Alive)
+	assertModelMatches := func(model *state.Model) {
+		c.Assert(model.UUID(), gc.Equals, modelTag.Id())
+		c.Assert(model.Tag(), gc.Equals, modelTag)
+		c.Assert(model.ControllerTag(), gc.Equals, s.modelTag)
+		c.Assert(model.Owner(), gc.Equals, owner)
+		c.Assert(model.Name(), gc.Equals, "testing")
+		c.Assert(model.Life(), gc.Equals, state.Alive)
 	}
-	assertEnvMatches(env)
+	assertModelMatches(model)
 
 	// Since the model tag for the State connection is different,
 	// asking for this model through FindEntity returns a not found error.
-	env, err = s.State.GetModel(modelTag)
+	model, err = s.State.GetModel(modelTag)
 	c.Assert(err, jc.ErrorIsNil)
-	assertEnvMatches(env)
+	assertModelMatches(model)
 
-	env, err = st.Model()
+	model, err = st.Model()
 	c.Assert(err, jc.ErrorIsNil)
-	assertEnvMatches(env)
+	assertModelMatches(model)
 
 	_, err = s.State.FindEntity(modelTag)
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
@@ -147,10 +151,11 @@
 }
 
 func (s *ModelSuite) TestNewModelImportingMode(c *gc.C) {
-	cfg, _ := s.createTestEnvConfig(c)
+	cfg, _ := s.createTestModelConfig(c)
 	owner := names.NewUserTag("test@remote")
 
 	env, st, err := s.State.NewModel(state.ModelArgs{
+		CloudName:     "dummy",
 		Config:        cfg,
 		Owner:         owner,
 		MigrationMode: state.MigrationModeImporting,
@@ -162,10 +167,10 @@
 }
 
 func (s *ModelSuite) TestSetMigrationMode(c *gc.C) {
-	cfg, _ := s.createTestEnvConfig(c)
+	cfg, _ := s.createTestModelConfig(c)
 	owner := names.NewUserTag("test@remote")
 
-	env, st, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: owner})
+	env, st, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
 	c.Assert(err, jc.ErrorIsNil)
 	defer st.Close()
 
@@ -187,11 +192,13 @@
 }
 
 func (s *ModelSuite) TestControllerModelAccessibleFromOtherModels(c *gc.C) {
-	cfg, _ := s.createTestEnvConfig(c)
+	cfg, _ := s.createTestModelConfig(c)
 	_, st, err := s.State.NewModel(state.ModelArgs{
-		Config: cfg,
-		Owner:  names.NewUserTag("test@remote"),
+		CloudName: "dummy",
+		Config:    cfg,
+		Owner:     names.NewUserTag("test@remote"),
 	})
+	c.Assert(err, jc.ErrorIsNil)
 	defer st.Close()
 
 	env, err := st.ControllerModel()
@@ -233,10 +240,17 @@
 	c.Assert(conf.UUID(), gc.Equals, otherEnv.UUID())
 }
 
-// createTestEnvConfig returns a new model config and its UUID for testing.
-func (s *ModelSuite) createTestEnvConfig(c *gc.C) (*config.Config, string) {
+// createTestModelConfig returns a new model config and its UUID for testing.
+func (s *ModelSuite) createTestModelConfig(c *gc.C) (*config.Config, string) {
+	return createTestModelConfig(c, s.modelTag.Id())
+}
+
+func createTestModelConfig(c *gc.C, controllerUUID string) (*config.Config, string) {
 	uuid, err := utils.NewUUID()
 	c.Assert(err, jc.ErrorIsNil)
+	if controllerUUID == "" {
+		controllerUUID = uuid.String()
+	}
 	return testing.CustomModelConfig(c, testing.Attrs{
 		"name": "testing",
 		"uuid": uuid.String(),
@@ -282,7 +296,7 @@
 func (s *ModelSuite) TestDestroyControllerNonEmptyModelFails(c *gc.C) {
 	st2 := s.Factory.MakeModel(c, nil)
 	defer st2.Close()
-	factory.NewFactory(st2).MakeService(c, nil)
+	factory.NewFactory(st2).MakeApplication(c, nil)
 
 	env, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
@@ -307,7 +321,7 @@
 func (s *ModelSuite) TestDestroyControllerAndHostedModels(c *gc.C) {
 	st2 := s.Factory.MakeModel(c, nil)
 	defer st2.Close()
-	factory.NewFactory(st2).MakeService(c, nil)
+	factory.NewFactory(st2).MakeApplication(c, nil)
 
 	controllerEnv, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
@@ -350,7 +364,7 @@
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(machines, gc.HasLen, expectedMachines)
 
-		services, err := st.AllServices()
+		services, err := st.AllApplications()
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(services, gc.HasLen, expectedServices)
 	}
@@ -360,16 +374,15 @@
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = otherSt.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Creator: otherEnv.Owner()})
+	service := s.Factory.MakeApplication(c, nil)
 	ch, _, err := service.Charm()
 	c.Assert(err, jc.ErrorIsNil)
 
-	args := state.AddServiceArgs{
+	args := state.AddApplicationArgs{
 		Name:  service.Name(),
-		Owner: service.GetOwnerTag(),
 		Charm: ch,
 	}
-	service, err = otherSt.AddService(args)
+	service, err = otherSt.AddApplication(args)
 	c.Assert(err, jc.ErrorIsNil)
 
 	controllerEnv, err := s.State.Model()
@@ -430,7 +443,7 @@
 		// the controller from being destroyed.
 		st3 := s.Factory.MakeModel(c, nil)
 		defer st3.Close()
-		factory.NewFactory(st3).MakeService(c, nil)
+		factory.NewFactory(st3).MakeApplication(c, nil)
 	}).Check()
 
 	env, err := s.State.Model()
@@ -444,7 +457,7 @@
 	defer state.SetBeforeHooks(c, s.State, func() {
 		st := s.Factory.MakeModel(c, nil)
 		defer st.Close()
-		factory.NewFactory(st).MakeService(c, nil)
+		factory.NewFactory(st).MakeApplication(c, nil)
 	}).Check()
 
 	env, err := s.State.Model()
@@ -478,7 +491,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Add a service to prevent the model from transitioning directly to Dead.
-	s.Factory.MakeService(c, nil)
+	s.Factory.MakeApplication(c, nil)
 
 	c.Assert(m.Destroy(), jc.ErrorIsNil)
 	c.Assert(m.Refresh(), jc.ErrorIsNil)
@@ -492,7 +505,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	defer state.SetBeforeHooks(c, st, func() {
-		factory.NewFactory(st).MakeService(c, nil)
+		factory.NewFactory(st).MakeApplication(c, nil)
 	}).Check()
 
 	c.Assert(m.Destroy(), jc.ErrorIsNil)
@@ -540,7 +553,7 @@
 	// Add a service to prevent the model from transitioning directly to Dead.
 	// Add the service before getting the Model, otherwise we'll have to run
 	// the transaction twice, and hit the hook point too early.
-	svc := factory.NewFactory(st).MakeService(c, nil)
+	svc := factory.NewFactory(st).MakeApplication(c, nil)
 	env, err := st.Model()
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -576,15 +589,14 @@
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = st.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	service := s.Factory.MakeService(c, &factory.ServiceParams{Creator: env.Owner()})
+	service := s.Factory.MakeApplication(c, nil)
 	ch, _, err := service.Charm()
 	c.Assert(err, jc.ErrorIsNil)
-	args := state.AddServiceArgs{
+	args := state.AddApplicationArgs{
 		Name:  service.Name(),
-		Owner: service.GetOwnerTag(),
 		Charm: ch,
 	}
-	service, err = st.AddService(args)
+	service, err = st.AddApplication(args)
 	c.Assert(err, jc.ErrorIsNil)
 
 	assertEnv := func(life state.Life, expectedMachines, expectedServices int) {
@@ -595,7 +607,7 @@
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(machines, gc.HasLen, expectedMachines)
 
-		services, err := st.AllServices()
+		services, err := st.AllApplications()
 		c.Assert(err, jc.ErrorIsNil)
 		c.Assert(services, gc.HasLen, expectedServices)
 	}
@@ -617,7 +629,7 @@
 	// Add a non-empty model to the controller.
 	st := s.Factory.MakeModel(c, nil)
 	defer st.Close()
-	factory.NewFactory(st).MakeService(c, nil)
+	factory.NewFactory(st).MakeApplication(c, nil)
 
 	controllerEnv, err := s.State.Model()
 	c.Assert(err, jc.ErrorIsNil)
@@ -752,6 +764,125 @@
 	c.Assert(state.HostedModelCount(c, s.State), gc.Equals, 0)
 }
 
+type ModelCloudValidationSuite struct {
+	gitjujutesting.MgoSuite
+}
+
+var _ = gc.Suite(&ModelCloudValidationSuite{})
+
+// TODO(axw) concurrency tests when we can modify the cloud definition,
+// and update/remove credentials.
+
+func (s *ModelCloudValidationSuite) TestNewModelCloudNameMismatch(c *gc.C) {
+	st, owner := s.initializeState(c, []cloud.Region{{Name: "some-region"}}, []cloud.AuthType{cloud.EmptyAuthType}, nil)
+	defer st.Close()
+	cfg, _ := createTestModelConfig(c, st.ModelUUID())
+	_, _, err := st.NewModel(state.ModelArgs{CloudName: "another", Config: cfg, Owner: owner})
+	c.Assert(err, gc.ErrorMatches, "controller cloud dummy does not match model cloud another")
+}
+
+func (s *ModelCloudValidationSuite) TestNewModelUnknownCloudRegion(c *gc.C) {
+	st, owner := s.initializeState(c, []cloud.Region{{Name: "some-region"}}, []cloud.AuthType{cloud.EmptyAuthType}, nil)
+	defer st.Close()
+	cfg, _ := createTestModelConfig(c, st.ModelUUID())
+	_, _, err := st.NewModel(state.ModelArgs{
+		CloudName: "dummy",
+		Config:    cfg, Owner: owner, CloudRegion: "missing-region",
+	})
+	c.Assert(err, gc.ErrorMatches, `region "missing-region" not found \(expected one of \["some-region"\]\)`)
+}
+
+func (s *ModelCloudValidationSuite) TestNewModelMissingCloudRegion(c *gc.C) {
+	st, owner := s.initializeState(c, []cloud.Region{{Name: "some-region"}}, []cloud.AuthType{cloud.EmptyAuthType}, nil)
+	defer st.Close()
+	cfg, _ := createTestModelConfig(c, st.ModelUUID())
+	_, _, err := st.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
+	c.Assert(err, gc.ErrorMatches, "missing CloudRegion not valid")
+}
+
+func (s *ModelCloudValidationSuite) TestNewModelUnknownCloudCredential(c *gc.C) {
+	st, owner := s.initializeState(
+		c, nil, []cloud.AuthType{cloud.UserPassAuthType}, map[string]cloud.Credential{
+			"controller-credentials": cloud.NewCredential(cloud.UserPassAuthType, nil),
+		},
+	)
+	defer st.Close()
+	cfg, _ := createTestModelConfig(c, st.ModelUUID())
+	_, _, err := st.NewModel(state.ModelArgs{
+		CloudName: "dummy",
+		Config:    cfg, Owner: owner, CloudCredential: "unknown-credential",
+	})
+	c.Assert(err, gc.ErrorMatches, `credential "unknown-credential" not found`)
+}
+
+func (s *ModelCloudValidationSuite) TestNewModelMissingCloudCredential(c *gc.C) {
+	st, owner := s.initializeState(
+		c, nil, []cloud.AuthType{cloud.UserPassAuthType}, map[string]cloud.Credential{
+			"controller-credentials": cloud.NewCredential(cloud.UserPassAuthType, nil),
+		},
+	)
+	defer st.Close()
+	cfg, _ := createTestModelConfig(c, st.ModelUUID())
+	_, _, err := st.NewModel(state.ModelArgs{
+		CloudName: "dummy",
+		Config:    cfg, Owner: owner,
+	})
+	c.Assert(err, gc.ErrorMatches, "missing CloudCredential not valid")
+}
+
+func (s *ModelCloudValidationSuite) TestNewModelMissingCloudCredentialSupportsEmptyAuth(c *gc.C) {
+	st, owner := s.initializeState(c, nil, []cloud.AuthType{cloud.EmptyAuthType}, nil)
+	defer st.Close()
+	cfg, _ := createTestModelConfig(c, st.ModelUUID())
+	cfg, err := cfg.Apply(map[string]interface{}{"name": "whatever"})
+	c.Assert(err, jc.ErrorIsNil)
+	_, newSt, err := st.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
+	c.Assert(err, jc.ErrorIsNil)
+	newSt.Close()
+}
+
+func (s *ModelCloudValidationSuite) initializeState(
+	c *gc.C,
+	regions []cloud.Region,
+	authTypes []cloud.AuthType,
+	credentials map[string]cloud.Credential,
+) (*state.State, names.UserTag) {
+	owner := names.NewUserTag("test@remote")
+	cfg, _ := createTestModelConfig(c, "")
+	var controllerRegion, controllerCredential string
+	if len(regions) > 0 {
+		controllerRegion = regions[0].Name
+	}
+	if len(credentials) > 0 {
+		// pick an arbitrary credential
+		for controllerCredential = range credentials {
+		}
+	}
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = cfg.UUID()
+	st, err := state.Initialize(state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			Owner:           owner,
+			Config:          cfg,
+			CloudName:       "dummy",
+			CloudRegion:     controllerRegion,
+			CloudCredential: controllerCredential,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: authTypes,
+			Regions:   regions,
+		},
+		CloudCredentials: credentials,
+		MongoInfo:        statetesting.NewMongoInfo(),
+		MongoDialOpts:    mongotest.DialOpts(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	return st, owner
+}
+
 func assertCleanupRuns(c *gc.C, st *state.State) {
 	err := st.Cleanup()
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/modeluser.go juju-core-2.0~beta12/src/github.com/juju/juju/state/modeluser.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/modeluser.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/modeluser.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -20,35 +21,31 @@
 // model user always represents a single user for a single model.
 // There should be no more than one ModelUser per model.
 type ModelUser struct {
-	st  *State
-	doc modelUserDoc
+	st              *State
+	doc             modelUserDoc
+	modelPermission *permission
 }
 
-type modelUserDoc struct {
-	ID          string      `bson:"_id"`
-	ModelUUID   string      `bson:"model-uuid"`
-	UserName    string      `bson:"user"`
-	DisplayName string      `bson:"displayname"`
-	CreatedBy   string      `bson:"createdby"`
-	DateCreated time.Time   `bson:"datecreated"`
-	Access      ModelAccess `bson:"access"`
-}
-
-// ModelAccess represents the level of access granted to a user on a model.
-type ModelAccess string
-
-const (
-	// ModelUndefinedAccess is not a valid access type. It is the value
-	// unmarshaled when access is not defined by the document at all.
-	ModelUndefinedAccess ModelAccess = ""
-
-	// ModelReadAccess allows a user to read information about a model, without
-	// being able to make any changes.
-	ModelReadAccess ModelAccess = "read"
+// NewModelUser returns a ModelUser with permissions.
+func NewModelUser(st *State, doc modelUserDoc) (*ModelUser, error) {
+	mu := &ModelUser{
+		st:  st,
+		doc: doc,
+	}
+	if err := mu.refreshPermission(); err != nil {
+		return nil, errors.Trace(err)
+	}
+	return mu, nil
+}
 
-	// ModelAdminAccess allows a user full control over the model.
-	ModelAdminAccess ModelAccess = "admin"
-)
+type modelUserDoc struct {
+	ID          string    `bson:"_id"`
+	ModelUUID   string    `bson:"model-uuid"`
+	UserName    string    `bson:"user"`
+	DisplayName string    `bson:"displayname"`
+	CreatedBy   string    `bson:"createdby"`
+	DateCreated time.Time `bson:"datecreated"`
+}
 
 // modelUserLastConnectionDoc is updated by the apiserver whenever the user
 // connects over the API. This update is not done using mgo.txn so the values
@@ -97,33 +94,53 @@
 	return e.doc.DateCreated.UTC()
 }
 
-// ReadOnly returns whether or not the user has write access or only
+// refreshPermission reloads the permission for this model user from persistence.
+func (e *ModelUser) refreshPermission() error {
+	perm, err := e.st.userPermission(modelGlobalKey, e.globalKey())
+	if err != nil {
+		return errors.Annotate(err, "updating permission")
+	}
+	e.modelPermission = perm
+	return nil
+}
+
+// IsReadOnly returns whether or not the user has write access or only
 // read access to the model.
-func (e *ModelUser) ReadOnly() bool {
-	// Fall back to read-only if access is undefined.
-	return e.doc.Access == ModelUndefinedAccess || e.doc.Access == ModelReadAccess
+func (e *ModelUser) IsReadOnly() bool {
+	return e.modelPermission.isReadOnly()
+}
+
+// IsAdmin is a convenience method that
+// returns whether or not the user has AdminAccess.
+func (e *ModelUser) IsAdmin() bool {
+	return e.modelPermission.isAdmin()
 }
 
-// Access returns the access permission that the user has to the model.
-func (e *ModelUser) Access() ModelAccess {
-	return e.doc.Access
+// IsReadWrite is a convenience method that
+// returns whether or not the user has WriteAccess.
+func (e *ModelUser) IsReadWrite() bool {
+	return e.modelPermission.isReadWrite()
+}
+
+// IsGreaterAccess returns true if provided access is higher than
+// the current one.
+func (e *ModelUser) IsGreaterAccess(a Access) bool {
+	return e.modelPermission.isGreaterAccess(a)
 }
 
 // SetAccess changes the user's access permissions on the model.
-func (e *ModelUser) SetAccess(access ModelAccess) error {
+func (e *ModelUser) SetAccess(access Access) error {
 	switch access {
-	case ModelReadAccess, ModelAdminAccess:
+	case ReadAccess, AdminAccess, WriteAccess:
 	default:
 		return errors.Errorf("invalid model access %q", access)
 	}
-	op := txn.Op{
-		C:      modelUsersC,
-		Id:     e.st.docID(strings.ToLower(e.UserName())),
-		Assert: txn.DocExists,
-		Update: bson.D{{"$set", bson.D{{"access", access}}}},
-	}
+	op := updatePermissionOp(modelGlobalKey, e.globalKey(), access)
 	err := e.st.runTransaction([]txn.Op{op})
-	return errors.Trace(err)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return e.refreshPermission()
 }
 
 // LastConnection returns when this ModelUser last connected through the API
@@ -187,6 +204,17 @@
 	return errors.Trace(err)
 }
 
+func modelUserGlobalKey(userID string) string {
+	// mu stands for model user.
+	return fmt.Sprintf("mu#%s", userID)
+}
+
+func (e *ModelUser) globalKey() string {
+	// TODO(perrito666) this asumes out of band knowledge of how modelUserID is crafted
+	username := strings.ToLower(e.UserName())
+	return modelUserGlobalKey(username)
+}
+
 // ModelUser returns the model user.
 func (st *State) ModelUser(user names.UserTag) (*ModelUser, error) {
 	modelUser := &ModelUser{st: st}
@@ -201,6 +229,9 @@
 	// DateCreated is inserted as UTC, but read out as local time. So we
 	// convert it back to UTC here.
 	modelUser.doc.DateCreated = modelUser.doc.DateCreated.UTC()
+	if err := modelUser.refreshPermission(); err != nil {
+		return nil, errors.Trace(err)
+	}
 	return modelUser, nil
 }
 
@@ -210,7 +241,7 @@
 	User        names.UserTag
 	CreatedBy   names.UserTag
 	DisplayName string
-	Access      ModelAccess
+	Access      Access
 }
 
 // AddModelUser adds a new user to the database.
@@ -234,20 +265,21 @@
 	}
 
 	// Default to read access if not otherwise specified.
-	if spec.Access == ModelUndefinedAccess {
-		spec.Access = ModelReadAccess
+	if spec.Access == UndefinedAccess {
+		spec.Access = ReadAccess
 	}
 
 	modelUUID := st.ModelUUID()
-	op := createModelUserOp(modelUUID, spec.User, spec.CreatedBy, spec.DisplayName, nowToTheSecond(), spec.Access)
-	err := st.runTransaction([]txn.Op{op})
-	if err == txn.ErrAborted {
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		return createModelUserOps(modelUUID, spec.User, spec.CreatedBy, spec.DisplayName, nowToTheSecond(), spec.Access), nil
+	}
+	err := st.run(buildTxn)
+	if err == jujutxn.ErrExcessiveContention {
 		err = errors.AlreadyExistsf("model user %q", spec.User.Canonical())
 	}
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	// Re-read from DB to get the multi-env updated values.
 	return st.ModelUser(spec.User)
 }
 
@@ -257,33 +289,39 @@
 	return strings.ToLower(username)
 }
 
-func createModelUserOp(modelUUID string, user, createdBy names.UserTag, displayName string, dateCreated time.Time, access ModelAccess) txn.Op {
+func createModelUserOps(modelUUID string, user, createdBy names.UserTag, displayName string, dateCreated time.Time, access Access) []txn.Op {
 	creatorname := createdBy.Canonical()
 	doc := &modelUserDoc{
 		ID:          modelUserID(user),
 		ModelUUID:   modelUUID,
 		UserName:    user.Canonical(),
 		DisplayName: displayName,
-		Access:      access,
 		CreatedBy:   creatorname,
 		DateCreated: dateCreated,
 	}
-	return txn.Op{
-		C:      modelUsersC,
-		Id:     modelUserID(user),
-		Assert: txn.DocMissing,
-		Insert: doc,
+	ops := []txn.Op{
+		createPermissionOp(modelGlobalKey, modelUserGlobalKey(modelUserID(user)), access),
+		{
+			C:      modelUsersC,
+			Id:     modelUserID(user),
+			Assert: txn.DocMissing,
+			Insert: doc,
+		},
 	}
+	return ops
 }
 
 // RemoveModelUser removes a user from the database.
 func (st *State) RemoveModelUser(user names.UserTag) error {
-	ops := []txn.Op{{
-		C:      modelUsersC,
-		Id:     modelUserID(user),
-		Assert: txn.DocExists,
-		Remove: true,
-	}}
+	ops := []txn.Op{
+		removePermissionOp(modelGlobalKey, modelUserGlobalKey(modelUserID(user))),
+		{
+			C:      modelUsersC,
+			Id:     modelUserID(user),
+			Assert: txn.DocExists,
+			Remove: true,
+		}}
+
 	err := st.runTransaction(ops)
 	if err == txn.ErrAborted {
 		err = errors.NewNotFound(nil, fmt.Sprintf("model user %q does not exist", user.Canonical()))
@@ -327,7 +365,6 @@
 	modelUsers, userCloser := st.getRawCollection(modelUsersC)
 	defer userCloser()
 
-	// TODO: consider adding an index to the modelUsers collection on the username.
 	var userSlice []modelUserDoc
 	err := modelUsers.Find(bson.D{{"user", user.Canonical()}}).Select(bson.D{{"model-uuid", 1}, {"_id", 1}}).All(&userSlice)
 	if err != nil {
@@ -358,13 +395,22 @@
 
 	serverUUID := ssinfo.ModelTag.Id()
 
-	modelUsers, userCloser := st.getRawCollection(modelUsersC)
-	defer userCloser()
+	modelPermission, closer := st.getRawCollection(permissionsC)
+	defer closer()
+
+	username := strings.ToLower(user.Canonical())
+	subjectGlobalKey := modelUserGlobalKey(username)
 
-	count, err := modelUsers.Find(bson.D{
-		{"model-uuid", serverUUID},
-		{"user", user.Canonical()},
-		{"access", ModelAdminAccess},
+	// TODO(perrito666) 20160606 this is prone to errors, it will just
+	// yield ErrPerm and be hard to trace, use ModelUser and Permission.
+	// TODO(perrito666) 20160614 since last change on this query it has
+	// too much out of band knowledge, it should go away when controller
+	// permissions are implemented.
+	count, err := modelPermission.Find(bson.D{
+		{"_id", fmt.Sprintf("%s:%s", serverUUID, permissionID(modelGlobalKey, subjectGlobalKey))},
+		{"object-global-key", modelGlobalKey},
+		{"subject-global-key", subjectGlobalKey},
+		{"access", AdminAccess},
 	}).Count()
 	if err != nil {
 		return false, errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/modeluser_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/modeluser_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/modeluser_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/modeluser_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"sort"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing"
@@ -24,19 +24,44 @@
 
 var _ = gc.Suite(&ModelUserSuite{})
 
+type userWithPermissions interface {
+	IsReadOnly() bool
+	IsReadWrite() bool
+	IsAdmin() bool
+}
+
+func checkModelUserHasRightAccess(c *gc.C, expected state.Access, user userWithPermissions) {
+	switch expected {
+	case state.ReadAccess:
+		c.Assert(user.IsReadOnly(), jc.IsTrue)
+		c.Assert(user.IsReadWrite(), jc.IsFalse)
+		c.Assert(user.IsAdmin(), jc.IsFalse)
+	case state.WriteAccess:
+		c.Assert(user.IsReadOnly(), jc.IsFalse)
+		c.Assert(user.IsReadWrite(), jc.IsTrue)
+		c.Assert(user.IsAdmin(), jc.IsFalse)
+	case state.AdminAccess:
+		c.Assert(user.IsReadOnly(), jc.IsFalse)
+		c.Assert(user.IsReadWrite(), jc.IsFalse)
+		c.Assert(user.IsAdmin(), jc.IsTrue)
+	default:
+		c.FailNow()
+	}
+}
+
 func (s *ModelUserSuite) TestAddModelUser(c *gc.C) {
 	now := state.NowToTheSecond()
 	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "validusername", NoModelUser: true})
 	createdBy := s.Factory.MakeUser(c, &factory.UserParams{Name: "createdby"})
 	modelUser, err := s.State.AddModelUser(state.ModelUserSpec{
-		User: user.UserTag(), CreatedBy: createdBy.UserTag()})
+		User: user.UserTag(), CreatedBy: createdBy.UserTag(), Access: state.WriteAccess})
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(modelUser.ID(), gc.Equals, fmt.Sprintf("%s:validusername@local", s.modelTag.Id()))
 	c.Assert(modelUser.ModelTag(), gc.Equals, s.modelTag)
 	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
 	c.Assert(modelUser.DisplayName(), gc.Equals, user.DisplayName())
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	checkModelUserHasRightAccess(c, state.WriteAccess, modelUser)
 	c.Assert(modelUser.CreatedBy(), gc.Equals, "createdby@local")
 	c.Assert(modelUser.DateCreated().Equal(now) || modelUser.DateCreated().After(now), jc.IsTrue)
 	when, err := modelUser.LastConnection()
@@ -49,7 +74,7 @@
 	c.Assert(modelUser.ModelTag(), gc.Equals, s.modelTag)
 	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
 	c.Assert(modelUser.DisplayName(), gc.Equals, user.DisplayName())
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	checkModelUserHasRightAccess(c, state.WriteAccess, modelUser)
 	c.Assert(modelUser.CreatedBy(), gc.Equals, "createdby@local")
 	c.Assert(modelUser.DateCreated().Equal(now) || modelUser.DateCreated().After(now), jc.IsTrue)
 	when, err = modelUser.LastConnection()
@@ -61,18 +86,54 @@
 	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "validusername", NoModelUser: true})
 	createdBy := s.Factory.MakeUser(c, &factory.UserParams{Name: "createdby"})
 	modelUser, err := s.State.AddModelUser(state.ModelUserSpec{
-		User: user.UserTag(), CreatedBy: createdBy.UserTag(), Access: state.ModelReadAccess})
+		User: user.UserTag(), CreatedBy: createdBy.UserTag(), Access: state.ReadAccess})
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
 	c.Assert(modelUser.DisplayName(), gc.Equals, user.DisplayName())
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	checkModelUserHasRightAccess(c, state.ReadAccess, modelUser)
 
 	// Make sure that it is set when we read the user out.
 	modelUser, err = s.State.ModelUser(user.UserTag())
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
+	checkModelUserHasRightAccess(c, state.ReadAccess, modelUser)
+}
+
+func (s *ModelUserSuite) TestAddReadWriteModelUser(c *gc.C) {
+	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "validusername", NoModelUser: true})
+	createdBy := s.Factory.MakeUser(c, &factory.UserParams{Name: "createdby"})
+	modelUser, err := s.State.AddModelUser(state.ModelUserSpec{
+		User: user.UserTag(), CreatedBy: createdBy.UserTag(), Access: state.WriteAccess})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
+	c.Assert(modelUser.DisplayName(), gc.Equals, user.DisplayName())
+	checkModelUserHasRightAccess(c, state.WriteAccess, modelUser)
+
+	// Make sure that it is set when we read the user out.
+	modelUser, err = s.State.ModelUser(user.UserTag())
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
+	checkModelUserHasRightAccess(c, state.WriteAccess, modelUser)
+}
+
+func (s *ModelUserSuite) TestAddAdminModelUser(c *gc.C) {
+	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "validusername", NoModelUser: true})
+	createdBy := s.Factory.MakeUser(c, &factory.UserParams{Name: "createdby"})
+	modelUser, err := s.State.AddModelUser(state.ModelUserSpec{
+		User: user.UserTag(), CreatedBy: createdBy.UserTag(), Access: state.AdminAccess})
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
+	c.Assert(modelUser.DisplayName(), gc.Equals, user.DisplayName())
+	checkModelUserHasRightAccess(c, state.AdminAccess, modelUser)
+
+	// Make sure that it is set when we read the user out.
+	modelUser, err = s.State.ModelUser(user.UserTag())
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(modelUser.UserName(), gc.Equals, "validusername@local")
+	checkModelUserHasRightAccess(c, state.AdminAccess, modelUser)
 }
 
 func (s *ModelUserSuite) TestDefaultAccessModelUser(c *gc.C) {
@@ -81,25 +142,21 @@
 	modelUser, err := s.State.AddModelUser(state.ModelUserSpec{
 		User: user.UserTag(), CreatedBy: createdBy.UserTag()})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
-	c.Assert(modelUser.Access(), gc.Equals, state.ModelReadAccess)
+	checkModelUserHasRightAccess(c, state.ReadAccess, modelUser)
 }
 
 func (s *ModelUserSuite) TestSetAccessModelUser(c *gc.C) {
 	user := s.Factory.MakeUser(c, &factory.UserParams{Name: "validusername", NoModelUser: true})
 	createdBy := s.Factory.MakeUser(c, &factory.UserParams{Name: "createdby"})
 	modelUser, err := s.State.AddModelUser(state.ModelUserSpec{
-		User: user.UserTag(), CreatedBy: createdBy.UserTag(), Access: state.ModelAdminAccess})
+		User: user.UserTag(), CreatedBy: createdBy.UserTag(), Access: state.AdminAccess})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(modelUser.ReadOnly(), jc.IsFalse)
-	c.Assert(modelUser.Access(), gc.Equals, state.ModelAdminAccess)
+	checkModelUserHasRightAccess(c, state.AdminAccess, modelUser)
 
-	modelUser.SetAccess(state.ModelReadAccess)
+	modelUser.SetAccess(state.ReadAccess)
 
 	modelUser, err = s.State.ModelUser(user.UserTag())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(modelUser.ReadOnly(), jc.IsTrue)
-	c.Assert(modelUser.Access(), gc.Equals, state.ModelReadAccess)
+	checkModelUserHasRightAccess(c, state.ReadAccess, modelUser)
 }
 
 func (s *ModelUserSuite) TestCaseUserNameVsId(c *gc.C) {
@@ -290,7 +347,7 @@
 		"name": name,
 		"uuid": uuid.String(),
 	})
-	model, st, err := s.State.NewModel(state.ModelArgs{Config: cfg, Owner: owner})
+	model, st, err := s.State.NewModel(state.ModelArgs{CloudName: "dummy", Config: cfg, Owner: owner})
 	c.Assert(err, jc.ErrorIsNil)
 	defer st.Close()
 	return model
@@ -368,7 +425,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(isAdmin, jc.IsTrue)
 
-	readonly := s.Factory.MakeModelUser(c, &factory.ModelUserParams{Access: state.ModelReadAccess})
+	readonly := s.Factory.MakeModelUser(c, &factory.ModelUserParams{Access: state.ReadAccess})
 	isAdmin, err = s.State.IsControllerAdministrator(readonly.UserTag())
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(isAdmin, jc.IsFalse)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/mongo.go juju-core-2.0~beta12/src/github.com/juju/juju/state/mongo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/mongo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/mongo.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/network"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher/multiwatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher/multiwatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher/multiwatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher/multiwatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,6 @@
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/status"
 )
 
@@ -32,18 +31,18 @@
 // EntityId uniquely identifies an entity being tracked by the
 // multiwatcherStore.
 type EntityId struct {
-	Kind      string
-	ModelUUID string
-	Id        string
+	Kind      string `json:"kind"`
+	ModelUUID string `json:"model-uuid"`
+	Id        string `json:"id"`
 }
 
 // Delta holds details of a change to the model.
 type Delta struct {
 	// If Removed is true, the entity has been removed;
 	// otherwise it has been created or changed.
-	Removed bool
+	Removed bool `json:"removed"`
 	// Entity holds data about the entity that has changed.
-	Entity EntityInfo
+	Entity EntityInfo `json:"entity"`
 }
 
 // MarshalJSON implements json.Marshaler.
@@ -92,8 +91,8 @@
 		d.Entity = new(ModelInfo)
 	case "machine":
 		d.Entity = new(MachineInfo)
-	case "service":
-		d.Entity = new(ServiceInfo)
+	case "application":
+		d.Entity = new(ApplicationInfo)
 	case "unit":
 		d.Entity = new(UnitInfo)
 	case "relation":
@@ -110,23 +109,32 @@
 	return json.Unmarshal(elements[2], &d.Entity)
 }
 
+// Address describes a network address.
+type Address struct {
+	Value           string `json:"value"`
+	Type            string `json:"type"`
+	Scope           string `json:"scope"`
+	SpaceName       string `json:"space-name,omitempty"`
+	SpaceProviderId string `json:"space-provider-id,omitempty"`
+}
+
 // MachineInfo holds the information about a machine
 // that is tracked by multiwatcherStore.
 type MachineInfo struct {
-	ModelUUID                string
-	Id                       string
-	InstanceId               string
-	JujuStatus               StatusInfo
-	MachineStatus            StatusInfo
-	Life                     Life
-	Series                   string
-	SupportedContainers      []instance.ContainerType
-	SupportedContainersKnown bool
-	HardwareCharacteristics  *instance.HardwareCharacteristics `json:",omitempty"`
-	Jobs                     []MachineJob
-	Addresses                []network.Address
-	HasVote                  bool
-	WantsVote                bool
+	ModelUUID                string                            `json:"model-uuid"`
+	Id                       string                            `json:"id"`
+	InstanceId               string                            `json:"instance-id"`
+	AgentStatus              StatusInfo                        `json:"agent-status"`
+	InstanceStatus           StatusInfo                        `json:"instance-status"`
+	Life                     Life                              `json:"life"`
+	Series                   string                            `json:"series"`
+	SupportedContainers      []instance.ContainerType          `json:"supported-containers"`
+	SupportedContainersKnown bool                              `json:"supported-containers-known"`
+	HardwareCharacteristics  *instance.HardwareCharacteristics `json:"hardware-characteristics,omitempty"`
+	Jobs                     []MachineJob                      `json:"jobs"`
+	Addresses                []Address                         `json:"addresses"`
+	HasVote                  bool                              `json:"has-vote"`
+	WantsVote                bool                              `json:"wants-vote"`
 }
 
 // EntityId returns a unique identifier for a machine across
@@ -140,14 +148,14 @@
 }
 
 // StatusInfo holds the unit and machine status information. It is
-// used by ServiceInfo and UnitInfo.
+// used by ApplicationInfo and UnitInfo.
 type StatusInfo struct {
-	Err     error
-	Current status.Status
-	Message string
-	Since   *time.Time
-	Version string
-	Data    map[string]interface{}
+	Err     error                  `json:"err,omitempty"`
+	Current status.Status          `json:"current"`
+	Message string                 `json:"message"`
+	Since   *time.Time             `json:"since,omitempty"`
+	Version string                 `json:"version"`
+	Data    map[string]interface{} `json:"data,omitempty"`
 }
 
 // NewStatusInfo return a new multiwatcher StatusInfo from a
@@ -162,49 +170,62 @@
 	}
 }
 
-// ServiceInfo holds the information about a service that is tracked
+// ApplicationInfo holds the information about an application that is tracked
 // by multiwatcherStore.
-type ServiceInfo struct {
-	ModelUUID   string
-	Name        string
-	Exposed     bool
-	CharmURL    string
-	OwnerTag    string
-	Life        Life
-	MinUnits    int
-	Constraints constraints.Value
-	Config      map[string]interface{}
-	Subordinate bool
-	Status      StatusInfo
+type ApplicationInfo struct {
+	ModelUUID   string                 `json:"model-uuid"`
+	Name        string                 `json:"name"`
+	Exposed     bool                   `json:"exposed"`
+	CharmURL    string                 `json:"charm-url"`
+	OwnerTag    string                 `json:"owner-tag"`
+	Life        Life                   `json:"life"`
+	MinUnits    int                    `json:"min-units"`
+	Constraints constraints.Value      `json:"constraints"`
+	Config      map[string]interface{} `json:"config,omitempty"`
+	Subordinate bool                   `json:"subordinate"`
+	Status      StatusInfo             `json:"status"`
 }
 
-// EntityId returns a unique identifier for a service across
+// EntityId returns a unique identifier for an application across
 // models.
-func (i *ServiceInfo) EntityId() EntityId {
+func (i *ApplicationInfo) EntityId() EntityId {
 	return EntityId{
-		Kind:      "service",
+		Kind:      "application",
 		ModelUUID: i.ModelUUID,
 		Id:        i.Name,
 	}
 }
 
+// Port identifies a network port number for a particular protocol.
+type Port struct {
+	Protocol string `json:"protocol"`
+	Number   int    `json:"number"`
+}
+
+// PortRange represents a single range of ports.
+type PortRange struct {
+	FromPort int    `json:"from-port"`
+	ToPort   int    `json:"to-port"`
+	Protocol string `json:"protocol"`
+}
+
 // UnitInfo holds the information about a unit
 // that is tracked by multiwatcherStore.
 type UnitInfo struct {
-	ModelUUID      string
-	Name           string
-	Service        string
-	Series         string
-	CharmURL       string
-	PublicAddress  string
-	PrivateAddress string
-	MachineId      string
-	Ports          []network.Port
-	PortRanges     []network.PortRange
-	Subordinate    bool
+	ModelUUID      string      `json:"model-uuid"`
+	Name           string      `json:"name"`
+	Application    string      `json:"application"`
+	Series         string      `json:"series"`
+	CharmURL       string      `json:"charm-url"`
+	PublicAddress  string      `json:"public-address"`
+	PrivateAddress string      `json:"private-address"`
+	MachineId      string      `json:"machine-id"`
+	Ports          []Port      `json:"ports"`
+	PortRanges     []PortRange `json:"port-ranges"`
+	Subordinate    bool        `json:"subordinate"`
 	// Workload and agent state are modelled separately.
-	WorkloadStatus StatusInfo
-	JujuStatus     StatusInfo
+	WorkloadStatus StatusInfo `json:"workload-status"`
+	AgentStatus    StatusInfo `json:"agent-status"`
 }
 
 // EntityId returns a unique identifier for a unit across
@@ -220,17 +241,17 @@
 // ActionInfo holds the information about a action that is tracked by
 // multiwatcherStore.
 type ActionInfo struct {
-	ModelUUID  string
-	Id         string
-	Receiver   string
-	Name       string
-	Parameters map[string]interface{}
-	Status     string
-	Message    string
-	Results    map[string]interface{}
-	Enqueued   time.Time
-	Started    time.Time
-	Completed  time.Time
+	ModelUUID  string                 `json:"model-uuid"`
+	Id         string                 `json:"id"`
+	Receiver   string                 `json:"receiver"`
+	Name       string                 `json:"name"`
+	Parameters map[string]interface{} `json:"parameters,omitempty"`
+	Status     string                 `json:"status"`
+	Message    string                 `json:"message"`
+	Results    map[string]interface{} `json:"results,omitempty"`
+	Enqueued   time.Time              `json:"enqueued"`
+	Started    time.Time              `json:"started"`
+	Completed  time.Time              `json:"completed"`
 }
 
 // EntityId returns a unique identifier for an action across
@@ -246,16 +267,41 @@
 // RelationInfo holds the information about a relation that is tracked
 // by multiwatcherStore.
 type RelationInfo struct {
-	ModelUUID string
-	Key       string
-	Id        int
-	Endpoints []Endpoint
+	ModelUUID string     `json:"model-uuid"`
+	Key       string     `json:"key"`
+	Id        int        `json:"id"`
+	Endpoints []Endpoint `json:"endpoints"`
+}
+
+// CharmRelation is a mirror struct for charm.Relation.
+type CharmRelation struct {
+	Name      string `json:"name"`
+	Role      string `json:"role"`
+	Interface string `json:"interface"`
+	Optional  bool   `json:"optional"`
+	Limit     int    `json:"limit"`
+	Scope     string `json:"scope"`
+}
+
+// NewCharmRelation creates a new local CharmRelation structure from  the
+// charm.Relation structure. NOTE: when we update the database to not store a
+// charm.Relation directly in the database, this method should take the state
+// structure type.
+func NewCharmRelation(cr charm.Relation) CharmRelation {
+	return CharmRelation{
+		Name:      cr.Name,
+		Role:      string(cr.Role),
+		Interface: cr.Interface,
+		Optional:  cr.Optional,
+		Limit:     cr.Limit,
+		Scope:     string(cr.Scope),
+	}
 }
 
-// Endpoint holds a service-relation pair.
+// Endpoint holds an application-relation pair.
 type Endpoint struct {
-	ServiceName string
-	Relation    charm.Relation
+	ApplicationName string        `json:"application-name"`
+	Relation        CharmRelation `json:"relation"`
 }
 
 // EntityId returns a unique identifier for a relation across
@@ -271,9 +317,9 @@
 // AnnotationInfo holds the information about an annotation that is
 // tracked by multiwatcherStore.
 type AnnotationInfo struct {
-	ModelUUID   string
-	Tag         string
-	Annotations map[string]string
+	ModelUUID   string            `json:"model-uuid"`
+	Tag         string            `json:"tag"`
+	Annotations map[string]string `json:"annotations"`
 }
 
 // EntityId returns a unique identifier for an annotation across
@@ -291,9 +337,8 @@
 type MachineJob string
 
 const (
-	JobHostUnits        MachineJob = "JobHostUnits"
-	JobManageModel      MachineJob = "JobManageModel"
-	JobManageNetworking MachineJob = "JobManageNetworking"
+	JobHostUnits   MachineJob = "JobHostUnits"
+	JobManageModel MachineJob = "JobManageModel"
 )
 
 // NeedsState returns true if the job requires a state connection.
@@ -315,11 +360,11 @@
 // BlockInfo holds the information about a block that is tracked by
 // multiwatcherStore.
 type BlockInfo struct {
-	ModelUUID string
-	Id        string
-	Type      BlockType
-	Message   string
-	Tag       string
+	ModelUUID string    `json:"model-uuid"`
+	Id        string    `json:"id"`
+	Type      BlockType `json:"type"`
+	Message   string    `json:"message"`
+	Tag       string    `json:"tag"`
 }
 
 // EntityId returns a unique identifier for a block across
@@ -349,11 +394,11 @@
 // ModelInfo holds the information about an model that is
 // tracked by multiwatcherStore.
 type ModelInfo struct {
-	ModelUUID  string
-	Name       string
-	Life       Life
-	Owner      string
-	ServerUUID string
+	ModelUUID      string `json:"model-uuid"`
+	Name           string `json:"name"`
+	Life           Life   `json:"life"`
+	Owner          string `json:"owner"`
+	ControllerUUID string `json:"controller-uuid"`
 }
 
 // EntityId returns a unique identifier for an model.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher/multiwatcher_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher/multiwatcher_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher/multiwatcher_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher/multiwatcher_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 
 var (
 	_ EntityInfo = (*MachineInfo)(nil)
-	_ EntityInfo = (*ServiceInfo)(nil)
+	_ EntityInfo = (*ApplicationInfo)(nil)
 	_ EntityInfo = (*UnitInfo)(nil)
 	_ EntityInfo = (*RelationInfo)(nil)
 	_ EntityInfo = (*AnnotationInfo)(nil)
@@ -32,7 +32,6 @@
 func (s *ConstantsSuite) TestAnyJobNeedsState(c *gc.C) {
 	c.Assert(AnyJobNeedsState(), jc.IsFalse)
 	c.Assert(AnyJobNeedsState(JobHostUnits), jc.IsFalse)
-	c.Assert(AnyJobNeedsState(JobManageNetworking), jc.IsFalse)
 	c.Assert(AnyJobNeedsState(JobManageModel), jc.IsTrue)
 	c.Assert(AnyJobNeedsState(JobHostUnits, JobManageModel), jc.IsTrue)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -414,7 +414,7 @@
 // add adds a new entity with the given id and associated
 // information to the list.
 func (a *multiwatcherStore) add(id interface{}, info multiwatcher.EntityInfo) {
-	if a.entities[id] != nil {
+	if _, ok := a.entities[id]; ok {
 		panic("adding new entry with duplicate id")
 	}
 	a.latestRevno++
@@ -439,8 +439,8 @@
 		return
 	}
 	id := entry.info.EntityId()
-	elem := a.entities[id]
-	if elem == nil {
+	elem, ok := a.entities[id]
+	if !ok {
 		panic("delete of non-existent entry")
 	}
 	delete(a.entities, id)
@@ -449,8 +449,8 @@
 
 // delete deletes the entry with the given info id.
 func (a *multiwatcherStore) delete(id multiwatcher.EntityId) {
-	elem := a.entities[id]
-	if elem == nil {
+	elem, ok := a.entities[id]
+	if !ok {
 		return
 	}
 	delete(a.entities, id)
@@ -480,8 +480,8 @@
 // Update updates the information for the given entity.
 func (a *multiwatcherStore) Update(info multiwatcher.EntityInfo) {
 	id := info.EntityId()
-	elem := a.entities[id]
-	if elem == nil {
+	elem, ok := a.entities[id]
+	if !ok {
 		a.add(id, info)
 		return
 	}
@@ -498,14 +498,14 @@
 	a.list.MoveToFront(elem)
 }
 
-// Get returns the stored entity with the given
-// id, or nil if none was found. The contents of the returned entity
-// should not be changed.
+// Get returns the stored entity with the given id, or nil if none was found.
+// The contents of the returned entity MUST not be changed.
 func (a *multiwatcherStore) Get(id multiwatcher.EntityId) multiwatcher.EntityInfo {
-	if e := a.entities[id]; e != nil {
-		return e.Value.(*entityEntry).info
+	e, ok := a.entities[id]
+	if !ok {
+		return nil
 	}
-	return nil
+	return e.Value.(*entityEntry).info
 }
 
 // ChangesSince returns any changes that have occurred since
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/multiwatcher_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/multiwatcher_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -57,7 +57,7 @@
 			Id:         "0",
 			InstanceId: "i-0",
 		})
-		all.Update(&multiwatcher.ServiceInfo{
+		all.Update(&multiwatcher.ApplicationInfo{
 			Name:    "wordpress",
 			Exposed: true,
 		})
@@ -73,7 +73,7 @@
 	}, {
 		creationRevno: 2,
 		revno:         2,
-		info: &multiwatcher.ServiceInfo{
+		info: &multiwatcher.ApplicationInfo{
 			Name:    "wordpress",
 			Exposed: true,
 		},
@@ -624,8 +624,8 @@
 func (*storeManagerSuite) TestRun(c *gc.C) {
 	b := newTestBacking([]multiwatcher.EntityInfo{
 		&multiwatcher.MachineInfo{ModelUUID: "uuid", Id: "0"},
-		&multiwatcher.ServiceInfo{ModelUUID: "uuid", Name: "logging"},
-		&multiwatcher.ServiceInfo{ModelUUID: "uuid", Name: "wordpress"},
+		&multiwatcher.ApplicationInfo{ModelUUID: "uuid", Name: "logging"},
+		&multiwatcher.ApplicationInfo{ModelUUID: "uuid", Name: "wordpress"},
 	})
 	sm := newStoreManager(b)
 	defer func() {
@@ -634,8 +634,8 @@
 	w := &Multiwatcher{all: sm}
 	checkNext(c, w, []multiwatcher.Delta{
 		{Entity: &multiwatcher.MachineInfo{ModelUUID: "uuid", Id: "0"}},
-		{Entity: &multiwatcher.ServiceInfo{ModelUUID: "uuid", Name: "logging"}},
-		{Entity: &multiwatcher.ServiceInfo{ModelUUID: "uuid", Name: "wordpress"}},
+		{Entity: &multiwatcher.ApplicationInfo{ModelUUID: "uuid", Name: "logging"}},
+		{Entity: &multiwatcher.ApplicationInfo{ModelUUID: "uuid", Name: "wordpress"}},
 	}, "")
 	b.updateEntity(&multiwatcher.MachineInfo{ModelUUID: "uuid", Id: "0", InstanceId: "i-0"})
 	checkNext(c, w, []multiwatcher.Delta{
@@ -660,11 +660,11 @@
 func (*storeManagerSuite) TestMultipleEnvironments(c *gc.C) {
 	b := newTestBacking([]multiwatcher.EntityInfo{
 		&multiwatcher.MachineInfo{ModelUUID: "uuid0", Id: "0"},
-		&multiwatcher.ServiceInfo{ModelUUID: "uuid0", Name: "logging"},
-		&multiwatcher.ServiceInfo{ModelUUID: "uuid0", Name: "wordpress"},
+		&multiwatcher.ApplicationInfo{ModelUUID: "uuid0", Name: "logging"},
+		&multiwatcher.ApplicationInfo{ModelUUID: "uuid0", Name: "wordpress"},
 		&multiwatcher.MachineInfo{ModelUUID: "uuid1", Id: "0"},
-		&multiwatcher.ServiceInfo{ModelUUID: "uuid1", Name: "logging"},
-		&multiwatcher.ServiceInfo{ModelUUID: "uuid1", Name: "wordpress"},
+		&multiwatcher.ApplicationInfo{ModelUUID: "uuid1", Name: "logging"},
+		&multiwatcher.ApplicationInfo{ModelUUID: "uuid1", Name: "wordpress"},
 		&multiwatcher.MachineInfo{ModelUUID: "uuid2", Id: "0"},
 	})
 	sm := newStoreManager(b)
@@ -674,11 +674,11 @@
 	w := &Multiwatcher{all: sm}
 	checkNext(c, w, []multiwatcher.Delta{
 		{Entity: &multiwatcher.MachineInfo{ModelUUID: "uuid0", Id: "0"}},
-		{Entity: &multiwatcher.ServiceInfo{ModelUUID: "uuid0", Name: "logging"}},
-		{Entity: &multiwatcher.ServiceInfo{ModelUUID: "uuid0", Name: "wordpress"}},
+		{Entity: &multiwatcher.ApplicationInfo{ModelUUID: "uuid0", Name: "logging"}},
+		{Entity: &multiwatcher.ApplicationInfo{ModelUUID: "uuid0", Name: "wordpress"}},
 		{Entity: &multiwatcher.MachineInfo{ModelUUID: "uuid1", Id: "0"}},
-		{Entity: &multiwatcher.ServiceInfo{ModelUUID: "uuid1", Name: "logging"}},
-		{Entity: &multiwatcher.ServiceInfo{ModelUUID: "uuid1", Name: "wordpress"}},
+		{Entity: &multiwatcher.ApplicationInfo{ModelUUID: "uuid1", Name: "logging"}},
+		{Entity: &multiwatcher.ApplicationInfo{ModelUUID: "uuid1", Name: "wordpress"}},
 		{Entity: &multiwatcher.MachineInfo{ModelUUID: "uuid2", Id: "0"}},
 	}, "")
 	b.updateEntity(&multiwatcher.MachineInfo{ModelUUID: "uuid1", Id: "0", InstanceId: "i-0"})
@@ -689,9 +689,9 @@
 	checkNext(c, w, []multiwatcher.Delta{
 		{Removed: true, Entity: &multiwatcher.MachineInfo{ModelUUID: "uuid2", Id: "0"}},
 	}, "")
-	b.updateEntity(&multiwatcher.ServiceInfo{ModelUUID: "uuid0", Name: "logging", Exposed: true})
+	b.updateEntity(&multiwatcher.ApplicationInfo{ModelUUID: "uuid0", Name: "logging", Exposed: true})
 	checkNext(c, w, []multiwatcher.Delta{
-		{Entity: &multiwatcher.ServiceInfo{ModelUUID: "uuid0", Name: "logging", Exposed: true}},
+		{Entity: &multiwatcher.ApplicationInfo{ModelUUID: "uuid0", Name: "logging", Exposed: true}},
 	}, "")
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/open.go juju-core-2.0~beta12/src/github.com/juju/juju/state/open.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/open.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/open.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,16 +9,17 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/txn"
 
-	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/cloud"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/mongo"
-	"github.com/juju/juju/state/watcher"
 	"github.com/juju/juju/status"
+	"github.com/juju/juju/worker"
 )
 
 // Open connects to the server described by the given
@@ -37,13 +38,13 @@
 	}
 	if _, err := st.Model(); err != nil {
 		if err := st.Close(); err != nil {
-			logger.Errorf("error closing state for unreadable model %s: %v", tag.Id(), err)
+			logger.Errorf("closing State for %s: %v", tag, err)
 		}
 		return nil, errors.Annotatef(err, "cannot read model %s", tag.Id())
 	}
 
 	// State should only be Opened on behalf of a controller environ; all
-	// other *States should be created via ForEnviron.
+	// other *States should be created via ForModel.
 	if err := st.start(tag); err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -80,9 +81,8 @@
 		tag = ssInfo.ModelTag
 	}
 
-	st, err := newState(tag, session, info, opts, policy)
+	st, err := newState(tag, session, info, policy)
 	if err != nil {
-		session.Close()
 		return nil, errors.Trace(err)
 	}
 	return st, nil
@@ -103,13 +103,99 @@
 	return nil
 }
 
+// InitializeParams contains the parameters for initializing the state database.
+type InitializeParams struct {
+	// ControllerModelArgs contains the arguments for creating
+	// the controller model.
+	ControllerModelArgs ModelArgs
+
+	// CloudName is the name of the cloud that the controller
+	// runs in.
+	CloudName string
+
+	// Cloud contains the properties of the cloud that the
+	// controller runs in.
+	Cloud cloud.Cloud
+
+	// CloudCredentials contains the credentials for the owner of
+	// the controller model to store in the controller.
+	CloudCredentials map[string]cloud.Credential
+
+	// ControllerConfig contains config attributes for
+	// the controller.
+	ControllerConfig controller.Config
+
+	// ControllerInheritedConfig contains default config attributes for
+	// models on the specified cloud.
+	ControllerInheritedConfig map[string]interface{}
+
+	// Policy is the set of state policies to apply.
+	Policy Policy
+
+	// MongoInfo contains the information required to address and
+	// authenticate with Mongo.
+	MongoInfo *mongo.MongoInfo
+
+	// MongoDialOpts contains the dial options for connecting to
+	// Mongo.
+	MongoDialOpts mongo.DialOpts
+}
+
+// Validate checks that the state initialization parameters are valid.
+func (p InitializeParams) Validate() error {
+	if err := p.ControllerModelArgs.Validate(); err != nil {
+		return errors.Trace(err)
+	}
+	if p.ControllerModelArgs.MigrationMode != MigrationModeActive {
+		return errors.NotValidf("migration mode %q", p.ControllerModelArgs.MigrationMode)
+	}
+	uuid := p.ControllerModelArgs.Config.UUID()
+	controllerUUID := p.ControllerConfig.ControllerUUID()
+	if uuid != controllerUUID {
+		return errors.NotValidf("mismatching uuid (%v) and controller-uuid (%v)", uuid, controllerUUID)
+	}
+	if p.MongoInfo == nil {
+		return errors.NotValidf("nil MongoInfo")
+	}
+	if p.CloudName == "" {
+		return errors.NotValidf("empty CloudName")
+	}
+	if p.Cloud.Type == "" {
+		return errors.NotValidf("empty Cloud")
+	}
+	if err := validateCloud(p.Cloud); err != nil {
+		return errors.Annotate(err, "validating cloud")
+	}
+	if _, err := validateCloudRegion(p.Cloud, p.CloudName, p.ControllerModelArgs.CloudRegion); err != nil {
+		return errors.Annotate(err, "validating controller model cloud region")
+	}
+	if _, err := validateCloudCredentials(p.Cloud, p.CloudName, p.CloudCredentials); err != nil {
+		return errors.Annotate(err, "validating cloud credentials")
+	}
+	if _, err := validateCloudCredential(
+		p.Cloud,
+		p.CloudName,
+		p.CloudCredentials,
+		p.ControllerModelArgs.CloudCredential,
+		p.ControllerModelArgs.Owner,
+	); err != nil {
+		return errors.Annotate(err, "validating controller model cloud credential")
+	}
+	return nil
+}
+
 // Initialize sets up an initial empty state and returns it.
 // This needs to be performed only once for the initial controller model.
 // It returns unauthorizedError if access is unauthorized.
-func Initialize(owner names.UserTag, info *mongo.MongoInfo, cfg *config.Config, opts mongo.DialOpts, policy Policy) (_ *State, err error) {
-	uuid := cfg.UUID()
-	modelTag := names.NewModelTag(uuid)
-	st, err := open(modelTag, info, opts, policy)
+func Initialize(args InitializeParams) (_ *State, err error) {
+	if err := args.Validate(); err != nil {
+		return nil, errors.Annotate(err, "validating initialization args")
+	}
+
+	// When creating the controller model, the new model
+	// UUID is also used as the controller UUID.
+	modelTag := names.NewModelTag(args.ControllerModelArgs.Config.UUID())
+	st, err := open(modelTag, args.MongoInfo, args.MongoDialOpts, args.Policy)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -120,6 +206,7 @@
 			}
 		}
 	}()
+	st.controllerTag = modelTag
 
 	// A valid model is used as a signal that the
 	// state has already been initalized. If this is the case
@@ -130,10 +217,9 @@
 		return nil, errors.Trace(err)
 	}
 
-	// When creating the controller model, the new model
-	// UUID is also used as the controller UUID.
-	logger.Infof("initializing controller model %s", uuid)
-	modelOps, err := st.modelSetupOps(cfg, uuid, uuid, owner, MigrationModeActive)
+	logger.Infof("initializing controller model %s", modelTag.Id())
+
+	modelOps, err := st.modelSetupOps(args.ControllerModelArgs, args.ControllerInheritedConfig)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -141,34 +227,47 @@
 	if err != nil {
 		return nil, err
 	}
+
 	ops := []txn.Op{
-		createInitialUserOp(st, owner, info.Password, salt),
-		txn.Op{
+		createInitialUserOp(st, args.ControllerModelArgs.Owner, args.MongoInfo.Password, salt),
+		{
 			C:      controllersC,
 			Id:     modelGlobalKey,
 			Assert: txn.DocMissing,
 			Insert: &controllersDoc{
+				CloudName: args.CloudName,
 				ModelUUID: st.ModelUUID(),
 			},
 		},
-		txn.Op{
+		createCloudOp(args.Cloud, args.CloudName),
+		{
 			C:      controllersC,
 			Id:     apiHostPortsKey,
 			Assert: txn.DocMissing,
 			Insert: &apiHostPortsDoc{},
 		},
-		txn.Op{
+		{
 			C:      controllersC,
 			Id:     stateServingInfoKey,
 			Assert: txn.DocMissing,
 			Insert: &StateServingInfo{},
 		},
-		txn.Op{
+		{
 			C:      controllersC,
 			Id:     hostedModelCountKey,
 			Assert: txn.DocMissing,
 			Insert: &hostedModelCountDoc{},
 		},
+		createSettingsOp(controllersC, controllerSettingsGlobalKey, args.ControllerConfig),
+		createSettingsOp(globalSettingsC, controllerInheritedSettingsGlobalKey, args.ControllerInheritedConfig),
+	}
+	if len(args.CloudCredentials) > 0 {
+		credentialsOps := updateCloudCredentialsOps(
+			args.ControllerModelArgs.Owner,
+			args.CloudName,
+			args.CloudCredentials,
+		)
+		ops = append(ops, credentialsOps...)
 	}
 	ops = append(ops, modelOps...)
 
@@ -181,11 +280,17 @@
 	return st, nil
 }
 
-func (st *State) modelSetupOps(cfg *config.Config, modelUUID, serverUUID string, owner names.UserTag, mode MigrationMode) ([]txn.Op, error) {
-	if err := checkModelConfig(cfg); err != nil {
+// modelSetupOps returns the transactions necessary to set up a model.
+func (st *State) modelSetupOps(args ModelArgs, ControllerInheritedConfig map[string]interface{}) ([]txn.Op, error) {
+	if err := checkControllerInheritedConfig(ControllerInheritedConfig); err != nil {
+		return nil, errors.Trace(err)
+	}
+	if err := checkModelConfig(args.Config); err != nil {
 		return nil, errors.Trace(err)
 	}
 
+	controllerUUID := st.controllerTag.Id()
+	modelUUID := args.Config.UUID()
 	modelStatusDoc := statusDoc{
 		ModelUUID: modelUUID,
 		// TODO(fwereade): 2016-03-17 lp:1558657
@@ -198,24 +303,51 @@
 
 	// When creating the controller model, the new model
 	// UUID is also used as the controller UUID.
-	if serverUUID == "" {
-		serverUUID = modelUUID
-	}
-	modelUserOp := createModelUserOp(modelUUID, owner, owner, owner.Name(), nowToTheSecond(), ModelAdminAccess)
+	isHostedModel := controllerUUID != modelUUID
+
+	modelUserOps := createModelUserOps(
+		modelUUID, args.Owner, args.Owner, args.Owner.Name(), nowToTheSecond(), AdminAccess,
+	)
 	ops := []txn.Op{
 		createStatusOp(st, modelGlobalKey, modelStatusDoc),
-		createConstraintsOp(st, modelGlobalKey, constraints.Value{}),
-		createSettingsOp(modelGlobalKey, cfg.AllAttrs()),
+		createConstraintsOp(st, modelGlobalKey, args.Constraints),
 	}
-	if modelUUID != serverUUID {
+	if isHostedModel {
 		ops = append(ops, incHostedModelCountOp())
 	}
+
+	// Create the final map of config attributes for the model.
+	// If we have ControllerInheritedConfig passed in, that means state
+	// is being initialised and there won't be any config sources
+	// in state.
+	var configSources []modelConfigSource
+	if len(ControllerInheritedConfig) > 0 {
+		configSources = []modelConfigSource{{
+			name: config.JujuControllerSource,
+			sourceFunc: modelConfigSourceFunc(func() (map[string]interface{}, error) {
+				return ControllerInheritedConfig, nil
+			})}}
+	} else {
+		configSources = modelConfigSources(st)
+	}
+	modelCfg, cfgSource, err := composeModelConfigAttributes(args.Config.AllAttrs(), configSources...)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
 	ops = append(ops,
-		createModelEntityRefsOp(st, modelUUID),
-		createModelOp(st, owner, cfg.Name(), modelUUID, serverUUID, mode),
-		createUniqueOwnerModelNameOp(owner, cfg.Name()),
-		modelUserOp,
+		createSettingsOp(settingsC, modelGlobalKey, modelCfg),
+		createSettingsSourceOp(cfgSource),
+		createModelEntityRefsOp(modelUUID),
+		createModelOp(
+			args.Owner,
+			args.Config.Name(),
+			modelUUID, controllerUUID,
+			args.CloudName, args.CloudRegion, args.CloudCredential,
+			args.MigrationMode,
+		),
+		createUniqueOwnerModelNameOp(args.Owner, args.Config.Name()),
 	)
+	ops = append(ops, modelUserOps...)
 	return ops, nil
 }
 
@@ -249,10 +381,20 @@
 	return false
 }
 
-// newState creates an incomplete *State, with a configured watcher but no
-// pwatcher, leadershipManager, or controllerTag. You must start() the returned
-// *State before it will function correctly.
-func newState(modelTag names.ModelTag, session *mgo.Session, mongoInfo *mongo.MongoInfo, dialOpts mongo.DialOpts, policy Policy) (_ *State, resultErr error) {
+// newState creates an incomplete *State, with no running workers or
+// controllerTag. You must start() the returned *State before it will
+// function correctly.
+//
+// newState takes responsibility for the supplied *mgo.Session, and will
+// close it if it cannot be returned under the aegis of a *State.
+func newState(modelTag names.ModelTag, session *mgo.Session, mongoInfo *mongo.MongoInfo, policy Policy) (_ *State, err error) {
+
+	defer func() {
+		if err != nil {
+			session.Close()
+		}
+	}()
+
 	// Set up database.
 	rawDB := session.DB(jujuDB)
 	database, err := allCollections().Load(rawDB, modelTag.Id())
@@ -265,13 +407,11 @@
 
 	// Create State.
 	return &State{
-		modelTag:      modelTag,
-		mongoInfo:     mongoInfo,
-		mongoDialOpts: dialOpts,
-		session:       session,
-		database:      database,
-		policy:        policy,
-		watcher:       watcher.New(rawDB.C(txnLogC)),
+		modelTag:  modelTag,
+		mongoInfo: mongoInfo,
+		session:   session,
+		database:  database,
+		policy:    policy,
 	}, nil
 }
 
@@ -289,28 +429,16 @@
 func (st *State) Close() (err error) {
 	defer errors.DeferredAnnotatef(&err, "closing state failed")
 
-	// TODO(fwereade): we have no defence against these components failing
-	// and leaving other parts of state going. They should be managed by a
-	// dependency.Engine (or perhaps worker.Runner).
 	var errs []error
 	handle := func(name string, err error) {
 		if err != nil {
 			errs = append(errs, errors.Annotatef(err, "error stopping %s", name))
 		}
 	}
-
-	handle("transaction watcher", st.watcher.Stop())
-	if st.pwatcher != nil {
-		handle("presence watcher", st.pwatcher.Stop())
-	}
-	if st.leadershipManager != nil {
-		st.leadershipManager.Kill()
-		handle("leadership manager", st.leadershipManager.Wait())
-	}
-	if st.singularManager != nil {
-		st.singularManager.Kill()
-		handle("singular manager", st.singularManager.Wait())
+	if st.workers != nil {
+		handle("standard workers", worker.Stop(st.workers))
 	}
+
 	st.mu.Lock()
 	if st.allManager != nil {
 		handle("allwatcher manager", st.allManager.Stop())
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,16 +4,18 @@
 package state_test
 
 import (
-	stdtesting "testing"
-
-	"github.com/juju/testing"
+	"testing"
 
 	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/utils/os"
 )
 
-func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1519095")
+func TestPackage(t *testing.T) {
+	// At this stage, Juju only supports running the apiservers and database
+	// on Ubuntu. If we end up officially supporting CentOS, then we should
+	// make sure we run the tests there.
+	if os.HostOS() != os.Ubuntu {
+		t.Skipf("skipping tests on %v", os.HostOS())
 	}
 	coretesting.MgoTestPackage(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/payloads.go juju-core-2.0~beta12/src/github.com/juju/juju/state/payloads.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/payloads.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/payloads.go	2016-07-18 19:45:44.000000000 +0000
@@ -45,23 +45,7 @@
 
 // TODO(ericsnow) Use a more generic component registration mechanism?
 
-// PayloadsEnvPersistence provides all the information needed to produce
-// a new EnvPayloads value.
-type PayloadsEnvPersistence interface {
-	Persistence
-
-	// TODO(ericsnow) Drop the machine-related API and provide UnitTags()?
-
-	// Machines builds the list of the names that identify
-	// all machines in State.
-	Machines() ([]string, error)
-
-	// Machines builds the list of names that identify all units
-	// for a given machine.
-	MachineUnits(machineName string) ([]string, error)
-}
-
-type newEnvPayloadsFunc func(PayloadsEnvPersistence) (EnvPayloads, error)
+type newEnvPayloadsFunc func(Persistence) (EnvPayloads, error)
 type newUnitPayloadsFunc func(persist Persistence, unit, machine string) (UnitPayloads, error)
 
 // TODO(ericsnow) Merge the 2 vars
@@ -83,11 +67,8 @@
 		return nil, errors.Errorf("payloads not supported")
 	}
 
-	persist := &payloadsEnvPersistence{
-		Persistence: st.newPersistence(),
-		st:          st,
-	}
-	envPayloads, err := newEnvPayloads(persist)
+	db := st.newPersistence()
+	envPayloads, err := newEnvPayloads(db)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -116,34 +97,3 @@
 
 	return unitPayloads, nil
 }
-
-type payloadsEnvPersistence struct {
-	Persistence
-	st *State
-}
-
-// Machines implements PayloadsEnvPersistence.
-func (ep *payloadsEnvPersistence) Machines() ([]string, error) {
-	ms, err := ep.st.AllMachines()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	var names []string
-	for _, m := range ms {
-		names = append(names, m.Id())
-	}
-	return names, nil
-}
-
-// MachineUnits implements PayloadsEnvPersistence.
-func (ep *payloadsEnvPersistence) MachineUnits(machine string) ([]string, error) {
-	us, err := ep.st.UnitsFor(machine)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	var names []string
-	for _, u := range us {
-		names = append(names, u.UnitTag().Id())
-	}
-	return names, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/payloads_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/payloads_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/payloads_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/payloads_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,6 @@
 package state_test
 
 import (
-	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
@@ -33,7 +32,7 @@
 	machine := "0"
 	unit := addUnit(c, s.ConnSuite, unitArgs{
 		charm:    "dummy",
-		service:  "a-service",
+		service:  "a-application",
 		metadata: payloadsMetaYAML,
 		machine:  machine,
 	})
@@ -55,7 +54,7 @@
 		},
 		Status: payload.StateRunning,
 		ID:     "xyz",
-		Unit:   "a-service/0",
+		Unit:   "a-application/0",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -74,7 +73,7 @@
 			ID:     "xyz",
 			Status: payload.StateRunning,
 			Labels: []string{},
-			Unit:   "a-service/0",
+			Unit:   "a-application/0",
 		},
 		Machine: machine,
 	}})
@@ -98,7 +97,7 @@
 	machine := "0"
 	unit := addUnit(c, s.ConnSuite, unitArgs{
 		charm:    "dummy",
-		service:  "a-service",
+		service:  "a-application",
 		metadata: payloadsMetaYAML,
 		machine:  machine,
 	})
@@ -117,7 +116,7 @@
 		},
 		ID:     "xyz",
 		Status: payload.StateRunning,
-		Unit:   "a-service/0",
+		Unit:   "a-application/0",
 	}
 	err = st.Track(pl)
 	c.Assert(err, jc.ErrorIsNil)
@@ -164,12 +163,20 @@
 		},
 	}})
 
-	// Ensure duplicates are not allowed.
-	err = st.Track(pl)
-	c.Check(err, jc.Satisfies, errors.IsAlreadyExists)
+	// Ensure existing ones are replaced.
+	update := pl
+	update.ID = "abc"
+	err = st.Track(update)
+	c.Check(err, jc.ErrorIsNil)
 	results, err = st.List()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Check(results, gc.HasLen, 1)
+	c.Check(results, jc.DeepEquals, []payload.Result{{
+		ID: id,
+		Payload: &payload.FullPayloadInfo{
+			Payload: update,
+			Machine: machine,
+		},
+	}})
 
 	err = st.Untrack(id)
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/persistence.go juju-core-2.0~beta12/src/github.com/juju/juju/state/persistence.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/persistence.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/persistence.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,13 +29,13 @@
 	// NewStorage returns a new blob storage for the environment.
 	NewStorage() storage.Storage
 
-	// ServiceExistsOps returns the operations that verify that the
-	// identified service exists.
-	ServiceExistsOps(serviceID string) []txn.Op
+	// ApplicationExistsOps returns the operations that verify that the
+	// identified application exists.
+	ApplicationExistsOps(applicationID string) []txn.Op
 
 	// IncCharmModifiedVersionOps returns the operations necessary to increment
-	// the CharmModifiedVersion field for the given service.
-	IncCharmModifiedVersionOps(serviceID string) []txn.Op
+	// the CharmModifiedVersion field for the given application.
+	IncCharmModifiedVersionOps(applicationID string) []txn.Op
 
 	// NewCleanupOp creates a mgo transaction operation that queues up
 	// some cleanup action in state.
@@ -94,24 +94,24 @@
 	return store
 }
 
-// ServiceExistsOps returns the operations that verify that the
+// ApplicationExistsOps returns the operations that verify that the
 // identified service exists.
-func (sp *statePersistence) ServiceExistsOps(serviceID string) []txn.Op {
+func (sp *statePersistence) ApplicationExistsOps(applicationID string) []txn.Op {
 	return []txn.Op{{
-		C:      servicesC,
-		Id:     serviceID,
+		C:      applicationsC,
+		Id:     applicationID,
 		Assert: txn.DocExists,
 	}, {
-		C:      servicesC,
-		Id:     serviceID,
+		C:      applicationsC,
+		Id:     applicationID,
 		Assert: isAliveDoc,
 	}}
 }
 
 // IncCharmModifiedVersionOps returns the operations necessary to increment the
 // CharmModifiedVersion field for the given service.
-func (sp *statePersistence) IncCharmModifiedVersionOps(serviceID string) []txn.Op {
-	return incCharmModifiedVersionOps(serviceID)
+func (sp *statePersistence) IncCharmModifiedVersionOps(applicationID string) []txn.Op {
+	return incCharmModifiedVersionOps(applicationID)
 }
 
 // NewCleanupOp creates a mgo transaction operation that queues up
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/pool.go juju-core-2.0~beta12/src/github.com/juju/juju/state/pool.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/pool.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/pool.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"sync"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // NewStatePool returns a new StatePool instance. It takes a State
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/ports.go juju-core-2.0~beta12/src/github.com/juju/juju/state/ports.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/ports.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/ports.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	statetxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/ports_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/ports_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/ports_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/ports_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,7 +20,7 @@
 type PortsDocSuite struct {
 	ConnSuite
 	charm              *state.Charm
-	service            *state.Service
+	service            *state.Application
 	unit1              *state.Unit
 	unit2              *state.Unit
 	machine            *state.Machine
@@ -36,10 +36,10 @@
 
 	f := factory.NewFactory(s.State)
 	s.charm = f.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-	s.service = f.MakeService(c, &factory.ServiceParams{Name: "wordpress", Charm: s.charm})
+	s.service = f.MakeApplication(c, &factory.ApplicationParams{Name: "wordpress", Charm: s.charm})
 	s.machine = f.MakeMachine(c, &factory.MachineParams{Series: "quantal"})
-	s.unit1 = f.MakeUnit(c, &factory.UnitParams{Service: s.service, Machine: s.machine})
-	s.unit2 = f.MakeUnit(c, &factory.UnitParams{Service: s.service, Machine: s.machine})
+	s.unit1 = f.MakeUnit(c, &factory.UnitParams{Application: s.service, Machine: s.machine})
+	s.unit2 = f.MakeUnit(c, &factory.UnitParams{Application: s.service, Machine: s.machine})
 
 	var err error
 	s.subnet, err = s.State.AddSubnet(state.SubnetInfo{CIDR: "0.1.2.0/24"})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/prechecker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/prechecker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/prechecker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/prechecker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -138,7 +138,7 @@
 		Jobs:      []state.MachineJob{state.JobHostUnits},
 		Placement: "intertubes",
 	}
-	_, err := s.State.AddMachineInsideNewMachine(template, template, instance.LXC)
+	_, err := s.State.AddMachineInsideNewMachine(template, template, instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.prechecker.precheckInstanceSeries, gc.Equals, template.Series)
 	c.Assert(s.prechecker.precheckInstancePlacement, gc.Equals, template.Placement)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/presence/presence.go juju-core-2.0~beta12/src/github.com/juju/juju/state/presence/presence.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/presence/presence.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/presence/presence.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,8 +14,9 @@
 	"time"
 
 	"github.com/juju/errors"
+	"github.com/juju/juju/worker"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"launchpad.net/tomb"
@@ -156,10 +157,19 @@
 	return w
 }
 
+// Kill is part of the worker.Worker interface.
+func (w *Watcher) Kill() {
+	w.tomb.Kill(nil)
+}
+
+// Wait is part of the worker.Worker interface.
+func (w *Watcher) Wait() error {
+	return w.tomb.Wait()
+}
+
 // Stop stops all the watcher activities.
 func (w *Watcher) Stop() error {
-	w.tomb.Kill(nil)
-	return errors.Trace(w.tomb.Wait())
+	return worker.Stop(w)
 }
 
 // Dead returns a channel that is closed when the watcher has stopped.
@@ -343,14 +353,14 @@
 }
 
 type beingInfo struct {
-	DocID     string `bson:"_id,omitempty"`
+	DocID     string `bson:"_id"`
 	Seq       int64  `bson:"seq,omitempty"`
 	ModelUUID string `bson:"model-uuid,omitempty"`
 	Key       string `bson:"key,omitempty"`
 }
 
 type pingInfo struct {
-	DocID string           `bson:"_id,omitempty"`
+	DocID string           `bson:"_id"`
 	Slot  int64            `bson:"slot,omitempty"`
 	Alive map[string]int64 `bson:",omitempty"`
 	Dead  map[string]int64 `bson:",omitempty"`
@@ -386,6 +396,7 @@
 			return errors.Trace(err)
 		}
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	s := timeSlot(time.Now(), w.delta)
 	slot := docIDInt64(w.modelUUID, s)
 	previousSlot := docIDInt64(w.modelUUID, s-period)
@@ -395,7 +406,7 @@
 	var ping []pingInfo
 	q := bson.D{{"$or", []pingInfo{{DocID: slot}, {DocID: previousSlot}}}}
 	err := pings.Find(q).All(&ping)
-	if err != nil && err == mgo.ErrNotFound {
+	if err != nil && err != mgo.ErrNotFound {
 		return errors.Trace(err)
 	}
 
@@ -456,7 +467,8 @@
 					if err == mgo.ErrNotFound {
 						logger.Tracef("found seq=%d unowned", seq)
 						continue
-					} else if err != nil {
+					}
+					if err != nil {
 						return errors.Trace(err)
 					}
 				}
@@ -554,6 +566,11 @@
 	return nil
 }
 
+// Kill is part of the worker.Worker interface.
+func (p *Pinger) Kill() {
+	p.tomb.Kill(nil)
+}
+
 // Wait returns when the Pinger has stopped, and returns the first error
 // it encountered.
 func (p *Pinger) Wait() error {
@@ -618,6 +635,7 @@
 	if err := p.prepare(); err != nil {
 		return err
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	slot := timeSlot(time.Now(), p.delta)
 	udoc := bson.D{
 		{"$set", bson.D{{"slot", slot}}},
@@ -700,6 +718,7 @@
 		}
 		p.delta = delta
 	}
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	slot := timeSlot(time.Now(), p.delta)
 	if slot == p.lastSlot {
 		// Never, ever, ping the same slot twice.
@@ -737,8 +756,10 @@
 		if supportsMasterLocalTime {
 			// Try isMaster.localTime, which is present since MongoDB 2.2
 			// and does not require admin privileges.
+			// TODO(perrito666) 2016-05-02 lp:1558657
 			before = time.Now()
 			err := db.Run("isMaster", &isMaster)
+			// TODO(perrito666) 2016-05-02 lp:1558657
 			after = time.Now()
 			if err != nil {
 				return 0, errors.Trace(err)
@@ -763,8 +784,10 @@
 			// eval could take a relatively long time to acquire
 			// the lock and thus cause a retry on the callDelay
 			// check below on a busy server.
+			// TODO(perrito666) 2016-05-02 lp:1558657
 			before = time.Now()
 			err := db.Run(bson.D{{"$eval", "function() { return new Date(); }"}}, &server)
+			// TODO(perrito666) 2016-05-02 lp:1558657
 			after = time.Now()
 			if err != nil {
 				return 0, errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/presence/presence_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/presence/presence_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/presence/presence_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/presence/presence_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,16 +9,17 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/state/presence"
 	"github.com/juju/juju/testing"
+	"github.com/juju/juju/worker"
 )
 
 func TestPackage(t *stdtesting.T) {
@@ -92,9 +93,17 @@
 	c.Assert(alive, gc.Equals, alive)
 }
 
+// assertStopped stops a worker and waits until it reports stopped.
+// Use this method in favor of defer w.Stop() because you _must_ ensure
+// that the worker has stopped, and thus is no longer using its mgo
+// session before TearDownTest shuts down the connection.
+func assertStopped(c *gc.C, w worker.Worker) {
+	c.Assert(worker.Stop(w), gc.IsNil)
+}
+
 func (s *PresenceSuite) TestErrAndDead(c *gc.C) {
 	w := presence.NewWatcher(s.presence, s.modelTag)
-	defer w.Stop()
+	defer assertStopped(c, w)
 
 	c.Assert(errors.Cause(w.Err()), gc.Equals, tomb.ErrStillAlive)
 	select {
@@ -118,15 +127,16 @@
 	alive, err := w.Alive("a")
 	c.Assert(err, gc.ErrorMatches, ".*: watcher is dying")
 	c.Assert(alive, jc.IsFalse)
+	w.Wait()
 }
 
 func (s *PresenceSuite) TestWorkflow(c *gc.C) {
 	w := presence.NewWatcher(s.presence, s.modelTag)
 	pa := presence.NewPinger(s.presence, s.modelTag, "a")
 	pb := presence.NewPinger(s.presence, s.modelTag, "b")
-	defer w.Stop()
-	defer pa.Stop()
-	defer pb.Stop()
+	defer assertStopped(c, w)
+	defer assertStopped(c, pa)
+	defer assertStopped(c, pb)
 
 	assertAlive(c, w, "a", false)
 	assertAlive(c, w, "b", false)
@@ -194,7 +204,7 @@
 	assertChange(c, cha, presence.Change{"a", false})
 	assertChange(c, chb, presence.Change{"b", false})
 
-	c.Assert(w.Stop(), gc.IsNil)
+	assertStopped(c, w)
 }
 
 func (s *PresenceSuite) TestScale(c *gc.C) {
@@ -220,7 +230,7 @@
 
 	c.Logf("Checking who's still alive...")
 	w := presence.NewWatcher(s.presence, s.modelTag)
-	defer w.Stop()
+	defer assertStopped(c, w)
 	w.Sync()
 	ch := make(chan presence.Change)
 	for i := 0; i < N; i++ {
@@ -237,8 +247,8 @@
 func (s *PresenceSuite) TestExpiry(c *gc.C) {
 	w := presence.NewWatcher(s.presence, s.modelTag)
 	p := presence.NewPinger(s.presence, s.modelTag, "a")
-	defer w.Stop()
-	defer p.Stop()
+	defer assertStopped(c, w)
+	defer assertStopped(c, p)
 
 	ch := make(chan presence.Change)
 	w.Watch("a", ch)
@@ -270,8 +280,8 @@
 
 	w := presence.NewWatcher(s.presence, s.modelTag)
 	p := presence.NewPinger(s.presence, s.modelTag, "a")
-	defer w.Stop()
-	defer p.Stop()
+	defer assertStopped(c, w)
+	defer assertStopped(c, p)
 
 	ch := make(chan presence.Change)
 	w.Watch("a", ch)
@@ -288,7 +298,8 @@
 
 func (s *PresenceSuite) TestWatchUnwatchOnQueue(c *gc.C) {
 	w := presence.NewWatcher(s.presence, s.modelTag)
-	ch := make(chan presence.Change)
+	defer assertStopped(c, w)
+	ch := make(chan presence.Change, 100)
 	for i := 0; i < 100; i++ {
 		key := strconv.Itoa(i)
 		c.Logf("Adding %q", key)
@@ -315,7 +326,7 @@
 func (s *PresenceSuite) TestRestartWithoutGaps(c *gc.C) {
 	p := presence.NewPinger(s.presence, s.modelTag, "a")
 	c.Assert(p.Start(), gc.IsNil)
-	defer p.Stop()
+	defer assertStopped(c, p)
 
 	done := make(chan bool)
 	go func() {
@@ -339,7 +350,7 @@
 			w := presence.NewWatcher(s.presence, s.modelTag)
 			w.Sync()
 			alive, err := w.Alive("a")
-			c.Check(w.Stop(), gc.IsNil)
+			assertStopped(c, w)
 			if !c.Check(err, jc.ErrorIsNil) || !c.Check(alive, jc.IsTrue) {
 				break
 			}
@@ -369,9 +380,9 @@
 	w := presence.NewWatcher(s.presence, s.modelTag)
 	p1 := presence.NewPinger(s.presence, s.modelTag, "a")
 	p2 := presence.NewPinger(s.presence, s.modelTag, "a")
-	defer w.Stop()
-	defer p1.Stop()
-	defer p2.Stop()
+	defer assertStopped(c, w)
+	defer assertStopped(c, p1)
+	defer assertStopped(c, p2)
 
 	// Start p1 and let it go on.
 	c.Assert(p1.Start(), gc.IsNil)
@@ -399,8 +410,8 @@
 func (s *PresenceSuite) TestStartSync(c *gc.C) {
 	w := presence.NewWatcher(s.presence, s.modelTag)
 	p := presence.NewPinger(s.presence, s.modelTag, "a")
-	defer w.Stop()
-	defer p.Stop()
+	defer assertStopped(c, w)
+	defer assertStopped(c, p)
 
 	ch := make(chan presence.Change)
 	w.Watch("a", ch)
@@ -428,8 +439,8 @@
 func (s *PresenceSuite) TestSync(c *gc.C) {
 	w := presence.NewWatcher(s.presence, s.modelTag)
 	p := presence.NewPinger(s.presence, s.modelTag, "a")
-	defer w.Stop()
-	defer p.Stop()
+	defer assertStopped(c, w)
+	defer assertStopped(c, p)
 
 	ch := make(chan presence.Change)
 	w.Watch("a", ch)
@@ -467,8 +478,8 @@
 func (s *PresenceSuite) TestFindAllBeings(c *gc.C) {
 	w := presence.NewWatcher(s.presence, s.modelTag)
 	p := presence.NewPinger(s.presence, s.modelTag, "a")
-	defer w.Stop()
-	defer p.Stop()
+	defer assertStopped(c, w)
+	defer assertStopped(c, p)
 
 	ch := make(chan presence.Change)
 	w.Watch("a", ch)
@@ -493,12 +504,12 @@
 func (s *PresenceSuite) TestTwoEnvironments(c *gc.C) {
 	key := "a"
 	w1, p1, ch1 := s.setup(c, key)
-	defer w1.Stop()
-	defer p1.Stop()
+	defer assertStopped(c, w1)
+	defer assertStopped(c, p1)
 
 	w2, p2, ch2 := s.setup(c, key)
-	defer w2.Stop()
-	defer p2.Stop()
+	defer assertStopped(c, w2)
+	defer assertStopped(c, p2)
 
 	c.Assert(p1.Start(), gc.IsNil)
 	w1.StartSync()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/reboot.go juju-core-2.0~beta12/src/github.com/juju/juju/state/reboot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/reboot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/reboot.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package state
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/reboot_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/reboot_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/reboot_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/reboot_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -45,20 +45,20 @@
 	s.c1, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.machine.Id(), instance.LXC)
+	}, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	// Add second container
 	s.c2, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.c1.Id(), instance.LXC)
+	}, s.c1.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Add container on the same level as the first container.
 	s.c3, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, s.machine.Id(), instance.LXC)
+	}, s.machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.w, err = s.machine.WatchForRebootEvent()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/relation.go juju-core-2.0~beta12/src/github.com/juju/juju/state/relation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/relation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/relation.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,9 +11,9 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -179,7 +179,7 @@
 	}
 	ops := []txn.Op{relOp}
 	for _, ep := range r.doc.Endpoints {
-		if ep.ServiceName == ignoreService {
+		if ep.ApplicationName == ignoreService {
 			continue
 		}
 		var asserts bson.D
@@ -189,20 +189,20 @@
 			// or one of its services, and can therefore be assured that both
 			// services are Alive.
 			asserts = append(hasRelation, isAliveDoc...)
-		} else if ep.ServiceName == departingUnit.ServiceName() {
+		} else if ep.ApplicationName == departingUnit.ApplicationName() {
 			// This service must have at least one unit -- the one that's
 			// departing the relation -- so it cannot be ready for removal.
 			cannotDieYet := bson.D{{"unitcount", bson.D{{"$gt", 0}}}}
 			asserts = append(hasRelation, cannotDieYet...)
 		} else {
 			// This service may require immediate removal.
-			services, closer := r.st.getCollection(servicesC)
+			applications, closer := r.st.getCollection(applicationsC)
 			defer closer()
 
-			svc := &Service{st: r.st}
+			svc := &Application{st: r.st}
 			hasLastRef := bson.D{{"life", Dying}, {"unitcount", 0}, {"relationcount", 1}}
-			removable := append(bson.D{{"_id", ep.ServiceName}}, hasLastRef...)
-			if err := services.Find(removable).One(&svc.doc); err == nil {
+			removable := append(bson.D{{"_id", ep.ApplicationName}}, hasLastRef...)
+			if err := applications.Find(removable).One(&svc.doc); err == nil {
 				ops = append(ops, svc.removeOps(hasLastRef)...)
 				continue
 			} else if err != mgo.ErrNotFound {
@@ -217,8 +217,8 @@
 			}}}
 		}
 		ops = append(ops, txn.Op{
-			C:      servicesC,
-			Id:     r.st.docID(ep.ServiceName),
+			C:      applicationsC,
+			Id:     r.st.docID(ep.ApplicationName),
 			Assert: asserts,
 			Update: bson.D{{"$inc", bson.D{{"relationcount", -1}}}},
 		})
@@ -237,13 +237,13 @@
 
 // Endpoint returns the endpoint of the relation for the named service.
 // If the service is not part of the relation, an error will be returned.
-func (r *Relation) Endpoint(serviceName string) (Endpoint, error) {
+func (r *Relation) Endpoint(applicationname string) (Endpoint, error) {
 	for _, ep := range r.doc.Endpoints {
-		if ep.ServiceName == serviceName {
+		if ep.ApplicationName == applicationname {
 			return ep, nil
 		}
 	}
-	return Endpoint{}, errors.Errorf("service %q is not a member of %q", serviceName, r)
+	return Endpoint{}, errors.Errorf("application %q is not a member of %q", applicationname, r)
 }
 
 // Endpoints returns the endpoints for the relation.
@@ -254,8 +254,8 @@
 // RelatedEndpoints returns the endpoints of the relation r with which
 // units of the named service will establish relations. If the service
 // is not part of the relation r, an error will be returned.
-func (r *Relation) RelatedEndpoints(serviceName string) ([]Endpoint, error) {
-	local, err := r.Endpoint(serviceName)
+func (r *Relation) RelatedEndpoints(applicationname string) ([]Endpoint, error) {
+	local, err := r.Endpoint(applicationname)
 	if err != nil {
 		return nil, err
 	}
@@ -267,14 +267,14 @@
 		}
 	}
 	if eps == nil {
-		return nil, errors.Errorf("no endpoints of %q relate to service %q", r, serviceName)
+		return nil, errors.Errorf("no endpoints of %q relate to application %q", r, applicationname)
 	}
 	return eps, nil
 }
 
 // Unit returns a RelationUnit for the supplied unit.
 func (r *Relation) Unit(u *Unit) (*RelationUnit, error) {
-	ep, err := r.Endpoint(u.doc.Service)
+	ep, err := r.Endpoint(u.doc.Application)
 	if err != nil {
 		return nil, err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/relation_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/relation_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/relation_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/relation_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,14 +24,14 @@
 		Scope:     charm.ScopeGlobal,
 	}
 	eps := []Endpoint{{
-		ServiceName: "jeff",
-		Relation:    rel,
+		ApplicationName: "jeff",
+		Relation:        rel,
 	}, {
-		ServiceName: "mike",
-		Relation:    rel,
+		ApplicationName: "mike",
+		Relation:        rel,
 	}, {
-		ServiceName: "mike",
-		Relation:    rel,
+		ApplicationName: "mike",
+		Relation:        rel,
 	}}
 	r := &Relation{nil, relationDoc{Endpoints: eps}}
 	relatedEps, err := r.RelatedEndpoints("mike")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/relation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/relation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/relation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/relation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,9 +31,9 @@
 
 	// Check we can't add a relation with services that don't exist.
 	yoursqlEP := mysqlEP
-	yoursqlEP.ServiceName = "yoursql"
+	yoursqlEP.ApplicationName = "yoursql"
 	_, err = s.State.AddRelation(yoursqlEP, wordpressEP)
-	c.Assert(err, gc.ErrorMatches, `cannot add relation "wordpress:db yoursql:server": service "yoursql" does not exist`)
+	c.Assert(err, gc.ErrorMatches, `cannot add relation "wordpress:db yoursql:server": application "yoursql" does not exist`)
 	assertNoRelations(c, wordpress)
 	assertNoRelations(c, mysql)
 
@@ -73,7 +73,7 @@
 	err = wordpress.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = s.State.AddRelation(mysqlEP, wordpressEP)
-	c.Assert(err, gc.ErrorMatches, `cannot add relation "wordpress:db mysql:server": service "wordpress" is not alive`)
+	c.Assert(err, gc.ErrorMatches, `cannot add relation "wordpress:db mysql:server": application "wordpress" is not alive`)
 	assertNoRelations(c, wordpress)
 	assertNoRelations(c, mysql)
 }
@@ -102,7 +102,7 @@
 
 func (s *RelationSuite) TestRetrieveNotFound(c *gc.C) {
 	subway := state.Endpoint{
-		ServiceName: "subway",
+		ApplicationName: "subway",
 		Relation: charm.Relation{
 			Name:      "db",
 			Interface: "mongodb",
@@ -111,7 +111,7 @@
 		},
 	}
 	mongo := state.Endpoint{
-		ServiceName: "mongo",
+		ApplicationName: "mongo",
 		Relation: charm.Relation{
 			Name:      "server",
 			Interface: "mongodb",
@@ -196,7 +196,7 @@
 	loggingEP, err := logging.Endpoint("info")
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = s.State.AddRelation(wordpressEP, loggingEP)
-	c.Assert(err, gc.ErrorMatches, `cannot add relation "logging:info wordpress:juju-info": principal and subordinate services' series must match`)
+	c.Assert(err, gc.ErrorMatches, `cannot add relation "logging:info wordpress:juju-info": principal and subordinate applications' series must match`)
 }
 
 func (s *RelationSuite) TestAddContainerRelationWithNoSubordinate(c *gc.C) {
@@ -210,7 +210,7 @@
 
 	_, err = s.State.AddRelation(mysqlEP, wordpressSubEP)
 	c.Assert(err, gc.ErrorMatches,
-		`cannot add relation "wordpress:db mysql:server": container scoped relation requires at least one subordinate service`)
+		`cannot add relation "wordpress:db mysql:server": container scoped relation requires at least one subordinate application`)
 	assertNoRelations(c, wordpress)
 	assertNoRelations(c, mysql)
 }
@@ -286,13 +286,13 @@
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
-func assertNoRelations(c *gc.C, srv *state.Service) {
+func assertNoRelations(c *gc.C, srv *state.Application) {
 	rels, err := srv.Relations()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(rels, gc.HasLen, 0)
 }
 
-func assertOneRelation(c *gc.C, srv *state.Service, relId int, endpoints ...state.Endpoint) *state.Relation {
+func assertOneRelation(c *gc.C, srv *state.Application, relId int, endpoints ...state.Endpoint) *state.Relation {
 	rels, err := srv.Relations()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(rels, gc.HasLen, 1)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/relationunit.go juju-core-2.0~beta12/src/github.com/juju/juju/state/relationunit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/relationunit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/relationunit.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -112,10 +112,10 @@
 	if count, err := settingsColl.FindId(ruKey).Count(); err != nil {
 		return err
 	} else if count == 0 {
-		ops = append(ops, createSettingsOp(ruKey, settings))
+		ops = append(ops, createSettingsOp(settingsC, ruKey, settings))
 	} else {
 		var rop txn.Op
-		rop, settingsChanged, err = replaceSettingsOp(ru.st, ruKey, settings)
+		rop, settingsChanged, err = replaceSettingsOp(ru.st, settingsC, ruKey, settings)
 		if err != nil {
 			return err
 		}
@@ -210,22 +210,22 @@
 	if !ru.unit.IsPrincipal() || ru.endpoint.Scope != charm.ScopeContainer {
 		return nil, "", nil
 	}
-	related, err := ru.relation.RelatedEndpoints(ru.endpoint.ServiceName)
+	related, err := ru.relation.RelatedEndpoints(ru.endpoint.ApplicationName)
 	if err != nil {
 		return nil, "", err
 	}
 	if len(related) != 1 {
 		return nil, "", fmt.Errorf("expected single related endpoint, got %v", related)
 	}
-	serviceName, unitName := related[0].ServiceName, ru.unit.doc.Name
-	selSubordinate := bson.D{{"service", serviceName}, {"principal", unitName}}
+	applicationname, unitName := related[0].ApplicationName, ru.unit.doc.Name
+	selSubordinate := bson.D{{"application", applicationname}, {"principal", unitName}}
 	var lDoc lifeDoc
 	if err := units.Find(selSubordinate).One(&lDoc); err == mgo.ErrNotFound {
-		service, err := ru.st.Service(serviceName)
+		application, err := ru.st.Application(applicationname)
 		if err != nil {
 			return nil, "", err
 		}
-		_, ops, err := service.addUnitOps(unitName, nil)
+		_, ops, err := application.addUnitOps(unitName, nil)
 		return ops, "", err
 	} else if err != nil {
 		return nil, "", err
@@ -378,7 +378,7 @@
 // Settings returns a Settings which allows access to the unit's settings
 // within the relation.
 func (ru *RelationUnit) Settings() (*Settings, error) {
-	return readSettings(ru.st, ru.key())
+	return readSettings(ru.st, settingsC, ru.key())
 }
 
 // ReadSettings returns a map holding the settings of the unit with the
@@ -397,7 +397,7 @@
 	if err != nil {
 		return nil, err
 	}
-	node, err := readSettings(ru.st, key)
+	node, err := readSettings(ru.st, settingsC, key)
 	if err != nil {
 		return nil, err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/relationunit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/relationunit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/relationunit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/relationunit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
@@ -69,7 +68,7 @@
 	_, err = ru0.ReadSettings("nonsense")
 	c.Assert(err, gc.ErrorMatches, `cannot read settings for unit "nonsense" in relation "riak:ring": "nonsense" is not a valid unit name`)
 	_, err = ru0.ReadSettings("unknown/0")
-	c.Assert(err, gc.ErrorMatches, `cannot read settings for unit "unknown/0" in relation "riak:ring": service "unknown" is not a member of "riak:ring"`)
+	c.Assert(err, gc.ErrorMatches, `cannot read settings for unit "unknown/0" in relation "riak:ring": application "unknown" is not a member of "riak:ring"`)
 	_, err = ru0.ReadSettings("riak/pressure")
 	c.Assert(err, gc.ErrorMatches, `cannot read settings for unit "riak/pressure" in relation "riak:ring": "riak/pressure" is not a valid unit name`)
 	_, err = ru0.ReadSettings("riak/1")
@@ -77,7 +76,7 @@
 }
 
 func (s *RelationUnitSuite) TestPeerSettings(c *gc.C) {
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 	rus := RUs{pr.ru0, pr.ru1}
 
 	// Check missing settings cannot be read by any RU.
@@ -294,7 +293,7 @@
 }
 
 func (s *RelationUnitSuite) TestDestroyRelationWithUnitsInScope(c *gc.C) {
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 	rel := pr.ru0.Relation()
 
 	// Enter two units, and check that Destroying the service sets the
@@ -361,7 +360,7 @@
 }
 
 func (s *RelationUnitSuite) TestAliveRelationScope(c *gc.C) {
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 	rel := pr.ru0.Relation()
 
 	// Two units enter...
@@ -412,7 +411,7 @@
 
 func (s *StateSuite) TestWatchWatchScopeDiesOnStateClose(c *gc.C) {
 	testWatcherDiesWhenStateCloses(c, s.modelTag, func(c *gc.C, st *state.State) waiter {
-		pr := NewPeerRelation(c, st, s.Owner)
+		pr := NewPeerRelation(c, st)
 		w := pr.ru0.WatchScope()
 		<-w.Changes()
 		return w
@@ -420,7 +419,7 @@
 }
 
 func (s *RelationUnitSuite) TestPeerWatchScope(c *gc.C) {
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 
 	// Test empty initial event.
 	w0 := pr.ru0.WatchScope()
@@ -637,7 +636,7 @@
 }
 
 func (s *RelationUnitSuite) TestCoalesceWatchScope(c *gc.C) {
-	pr := NewPeerRelation(c, s.State, s.Owner)
+	pr := NewPeerRelation(c, s.State)
 
 	// Test empty initial event.
 	w0 := pr.ru0.WatchScope()
@@ -746,13 +745,13 @@
 
 type PeerRelation struct {
 	rel                *state.Relation
-	svc                *state.Service
+	svc                *state.Application
 	u0, u1, u2, u3     *state.Unit
 	ru0, ru1, ru2, ru3 *state.RelationUnit
 }
 
-func NewPeerRelation(c *gc.C, st *state.State, owner names.UserTag) *PeerRelation {
-	svc := state.AddTestingService(c, st, "riak", state.AddTestingCharm(c, st, "riak"), owner)
+func NewPeerRelation(c *gc.C, st *state.State) *PeerRelation {
+	svc := state.AddTestingService(c, st, "riak", state.AddTestingCharm(c, st, "riak"))
 	ep, err := svc.Endpoint("ring")
 	c.Assert(err, jc.ErrorIsNil)
 	rel, err := st.EndpointsRelation(ep)
@@ -767,14 +766,14 @@
 
 type ProReqRelation struct {
 	rel                    *state.Relation
-	psvc, rsvc             *state.Service
+	psvc, rsvc             *state.Application
 	pu0, pu1, ru0, ru1     *state.Unit
 	pru0, pru1, rru0, rru1 *state.RelationUnit
 }
 
 func NewProReqRelation(c *gc.C, s *ConnSuite, scope charm.RelationScope) *ProReqRelation {
 	psvc := s.AddTestingService(c, "mysql", s.AddTestingCharm(c, "mysql"))
-	var rsvc *state.Service
+	var rsvc *state.Application
 	if scope == charm.ScopeGlobal {
 		rsvc = s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
 	} else {
@@ -804,7 +803,7 @@
 	}
 }
 
-func addRU(c *gc.C, svc *state.Service, rel *state.Relation, principal *state.Unit) (*state.Unit, *state.RelationUnit) {
+func addRU(c *gc.C, svc *state.Application, rel *state.Relation, principal *state.Unit) (*state.Unit, *state.RelationUnit) {
 	// Given the service svc in the relation rel, add a unit of svc and create
 	// a RelationUnit with rel. If principal is supplied, svc is assumed to be
 	// subordinate and the unit will be created by temporarily entering the
@@ -998,7 +997,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Add some units to the services and set their private addresses.
-	addUnit := func(srv *state.Service, sub string, ep state.Endpoint) *state.RelationUnit {
+	addUnit := func(srv *state.Application, sub string, ep state.Endpoint) *state.RelationUnit {
 		unit, err := srv.AddUnit()
 		c.Assert(err, jc.ErrorIsNil)
 		ru, err := rel.Unit(unit)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,41 +17,41 @@
 // Resources describes the state functionality for resources.
 type Resources interface {
 	// ListResources returns the list of resources for the given service.
-	ListResources(serviceID string) (resource.ServiceResources, error)
+	ListResources(applicationID string) (resource.ServiceResources, error)
 
 	// AddPendingResource adds the resource to the data store in a
 	// "pending" state. It will stay pending (and unavailable) until
 	// it is resolved. The returned ID is used to identify the pending
 	// resources when resolving it.
-	AddPendingResource(serviceID, userID string, chRes charmresource.Resource, r io.Reader) (string, error)
+	AddPendingResource(applicationID, userID string, chRes charmresource.Resource, r io.Reader) (string, error)
 
 	// GetResource returns the identified resource.
-	GetResource(serviceID, name string) (resource.Resource, error)
+	GetResource(applicationID, name string) (resource.Resource, error)
 
 	// GetPendingResource returns the identified resource.
-	GetPendingResource(serviceID, name, pendingID string) (resource.Resource, error)
+	GetPendingResource(applicationID, name, pendingID string) (resource.Resource, error)
 
 	// SetResource adds the resource to blob storage and updates the metadata.
-	SetResource(serviceID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
+	SetResource(applicationID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
 
 	// UpdatePendingResource adds the resource to blob storage and updates the metadata.
-	UpdatePendingResource(serviceID, pendingID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
+	UpdatePendingResource(applicationID, pendingID, userID string, res charmresource.Resource, r io.Reader) (resource.Resource, error)
 
 	// OpenResource returns the metadata for a resource and a reader for the resource.
-	OpenResource(serviceID, name string) (resource.Resource, io.ReadCloser, error)
+	OpenResource(applicationID, name string) (resource.Resource, io.ReadCloser, error)
 
 	// OpenResourceForUniter returns the metadata for a resource and a reader for the resource.
 	OpenResourceForUniter(unit resource.Unit, name string) (resource.Resource, io.ReadCloser, error)
 
 	// SetCharmStoreResources sets the "polled" resources for the
 	// service to the provided values.
-	SetCharmStoreResources(serviceID string, info []charmresource.Resource, lastPolled time.Time) error
+	SetCharmStoreResources(applicationID string, info []charmresource.Resource, lastPolled time.Time) error
 
 	// TODO(ericsnow) Move this down to ResourcesPersistence.
 
 	// NewResolvePendingResourcesOps generates mongo transaction operations
 	// to set the identified resources as active.
-	NewResolvePendingResourcesOps(serviceID string, pendingIDs map[string]string) ([]txn.Op, error)
+	NewResolvePendingResourcesOps(applicationID string, pendingIDs map[string]string) ([]txn.Op, error)
 }
 
 var newResources func(Persistence, *State) Resources
@@ -82,7 +82,7 @@
 
 	// NewRemoveResourcesOps returns mgo transaction operations that
 	// remove all the service's resources from state.
-	NewRemoveResourcesOps(serviceID string) ([]txn.Op, error)
+	NewRemoveResourcesOps(applicationID string) ([]txn.Op, error)
 }
 
 var newResourcesPersistence func(Persistence) ResourcesPersistence
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_mongo.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_mongo.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_mongo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_mongo.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,7 +30,7 @@
 	return fmt.Sprintf("resource#%s#%s-%s", id, subType, subID)
 }
 
-func serviceResourceID(id string) string {
+func applicationResourceID(id string) string {
 	return resourceID(id, "", "")
 }
 
@@ -39,7 +39,7 @@
 }
 
 func charmStoreResourceID(id string) string {
-	return serviceResourceID(id) + resourcesCharmstoreIDSuffix
+	return applicationResourceID(id) + resourcesCharmstoreIDSuffix
 }
 
 func unitResourceID(id, unitID string) string {
@@ -49,7 +49,7 @@
 // stagedResourceID converts an external resource ID into an internal
 // staged one.
 func stagedResourceID(id string) string {
-	return serviceResourceID(id) + resourcesStagedIDSuffix
+	return applicationResourceID(id) + resourcesStagedIDSuffix
 }
 
 // storedResource holds all model-stored information for a resource.
@@ -64,9 +64,9 @@
 // charm store at as specific point in time.
 type charmStoreResource struct {
 	charmresource.Resource
-	id         string
-	serviceID  string
-	lastPolled time.Time
+	id            string
+	applicationID string
+	lastPolled    time.Time
 }
 
 func newInsertStagedResourceOps(stored storedResource) []txn.Op {
@@ -208,11 +208,12 @@
 		Remove: true,
 	}}
 
+	// TODO(perrito666) 2016-05-02 lp:1558657
 	csRes := charmStoreResource{
-		Resource:   newRes.Resource.Resource,
-		id:         newRes.ID,
-		serviceID:  newRes.ServiceID,
-		lastPolled: time.Now().UTC(),
+		Resource:      newRes.Resource.Resource,
+		id:            newRes.ID,
+		applicationID: newRes.ApplicationID,
+		lastPolled:    time.Now().UTC(),
 	}
 
 	if exists {
@@ -238,7 +239,7 @@
 
 // newResourceDoc generates a doc that represents the given resource.
 func newResourceDoc(stored storedResource) *resourceDoc {
-	fullID := serviceResourceID(stored.ID)
+	fullID := applicationResourceID(stored.ID)
 	if stored.PendingID != "" {
 		fullID = pendingResourceID(stored.ID, stored.PendingID)
 	}
@@ -252,11 +253,11 @@
 	return resource2doc(stagedID, stored)
 }
 
-// resources returns the resource docs for the given service.
-func (p ResourcePersistence) resources(serviceID string) ([]resourceDoc, error) {
-	logger.Tracef("querying db for resources for %q", serviceID)
+// resources returns the resource docs for the given application.
+func (p ResourcePersistence) resources(applicationID string) ([]resourceDoc, error) {
+	logger.Tracef("querying db for resources for %q", applicationID)
 	var docs []resourceDoc
-	query := bson.D{{"service-id", serviceID}}
+	query := bson.D{{"application-id", applicationID}}
 	if err := p.base.All(resourcesC, query, &docs); err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -276,7 +277,7 @@
 // getOne returns the resource that matches the provided model ID.
 func (p ResourcePersistence) getOne(resID string) (resourceDoc, error) {
 	logger.Tracef("querying db for resource %q", resID)
-	id := serviceResourceID(resID)
+	id := applicationResourceID(resID)
 	var doc resourceDoc
 	if err := p.base.One(resourcesC, id, &doc); err != nil {
 		return doc, errors.Trace(err)
@@ -298,12 +299,11 @@
 // resourceDoc is the top-level document for resources.
 type resourceDoc struct {
 	DocID     string `bson:"_id"`
-	EnvUUID   string `bson:"env-uuid"`
 	ID        string `bson:"resource-id"`
 	PendingID string `bson:"pending-id"`
 
-	ServiceID string `bson:"service-id"`
-	UnitID    string `bson:"unit-id"`
+	ApplicationID string `bson:"application-id"`
+	UnitID        string `bson:"unit-id"`
 
 	Name        string `bson:"name"`
 	Type        string `bson:"type"`
@@ -328,9 +328,9 @@
 func charmStoreResource2Doc(id string, res charmStoreResource) *resourceDoc {
 	stored := storedResource{
 		Resource: resource.Resource{
-			Resource:  res.Resource,
-			ID:        res.id,
-			ServiceID: res.serviceID,
+			Resource:      res.Resource,
+			ID:            res.id,
+			ApplicationID: res.applicationID,
 		},
 	}
 	doc := resource2doc(id, stored)
@@ -354,7 +354,7 @@
 		ID:        res.ID,
 		PendingID: res.PendingID,
 
-		ServiceID: res.ServiceID,
+		ApplicationID: res.ApplicationID,
 
 		Name:        res.Name,
 		Type:        res.Type.String(),
@@ -419,11 +419,11 @@
 			Fingerprint: fp,
 			Size:        doc.Size,
 		},
-		ID:        doc.ID,
-		PendingID: doc.PendingID,
-		ServiceID: doc.ServiceID,
-		Username:  doc.Username,
-		Timestamp: doc.Timestamp,
+		ID:            doc.ID,
+		PendingID:     doc.PendingID,
+		ApplicationID: doc.ApplicationID,
+		Username:      doc.Username,
+		Timestamp:     doc.Timestamp,
 	}
 	if err := res.Validate(); err != nil {
 		return res, errors.Annotate(err, "got invalid data from DB")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_mongo_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_mongo_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_mongo_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_mongo_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,8 +27,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	now := time.Now().UTC()
 
-	serviceID := "a-service"
-	docID := serviceResourceID("spam")
+	applicationID := "a-application"
+	docID := applicationResourceID("spam")
 	res := resource.Resource{
 		Resource: charmresource.Resource{
 			Meta: charmresource.Meta{
@@ -42,22 +42,22 @@
 			Fingerprint: fp,
 			Size:        int64(len(content)),
 		},
-		ID:        serviceID + "/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: serviceID,
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            applicationID + "/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: applicationID,
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	doc := resource2doc(docID, storedResource{
 		Resource:    res,
-		storagePath: "service-a-service/resources/spam",
+		storagePath: "application-a-application/resources/spam",
 	})
 
 	c.Check(doc, jc.DeepEquals, &resourceDoc{
-		DocID:     docID,
-		ID:        res.ID,
-		PendingID: "some-unique-ID",
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            res.ID,
+		PendingID:     "some-unique-ID",
+		ApplicationID: applicationID,
 
 		Name:        "spam",
 		Type:        "file",
@@ -72,7 +72,7 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 }
 
@@ -82,8 +82,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	now := time.Now().UTC()
 
-	serviceID := "a-service"
-	docID := serviceResourceID("spam")
+	applicationID := "a-application"
+	docID := applicationResourceID("spam")
 	res := resource.Resource{
 		Resource: charmresource.Resource{
 			Meta: charmresource.Meta{
@@ -95,20 +95,20 @@
 			Fingerprint: fp,
 			Size:        int64(len(content)),
 		},
-		ID:        serviceID + "/spam",
-		ServiceID: serviceID,
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            applicationID + "/spam",
+		ApplicationID: applicationID,
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	doc := resource2doc(docID, storedResource{
 		Resource:    res,
-		storagePath: "service-a-service/resources/spam",
+		storagePath: "application-a-application/resources/spam",
 	})
 
 	c.Check(doc, jc.DeepEquals, &resourceDoc{
-		DocID:     docID,
-		ID:        res.ID,
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            res.ID,
+		ApplicationID: applicationID,
 
 		Name: "spam",
 		Type: "file",
@@ -121,7 +121,7 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 }
 
@@ -131,7 +131,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	now := time.Now().UTC()
 
-	serviceID := "a-service"
+	applicationID := "a-application"
 	docID := pendingResourceID("spam", "some-unique-ID-001")
 	res := resource.Resource{
 		Resource: charmresource.Resource{
@@ -144,22 +144,22 @@
 			Fingerprint: fp,
 			Size:        int64(len(content)),
 		},
-		ID:        serviceID + "/spam",
-		PendingID: "some-unique-ID-001",
-		ServiceID: serviceID,
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            applicationID + "/spam",
+		PendingID:     "some-unique-ID-001",
+		ApplicationID: applicationID,
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	doc := resource2doc(docID, storedResource{
 		Resource:    res,
-		storagePath: "service-a-service/resources/spam",
+		storagePath: "application-a-application/resources/spam",
 	})
 
 	c.Check(doc, jc.DeepEquals, &resourceDoc{
-		DocID:     docID,
-		ID:        res.ID,
-		PendingID: "some-unique-ID-001",
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            res.ID,
+		PendingID:     "some-unique-ID-001",
+		ApplicationID: applicationID,
 
 		Name: "spam",
 		Type: "file",
@@ -172,12 +172,12 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 }
 
 func (s *ResourcesMongoSuite) TestDoc2Resource(c *gc.C) {
-	serviceID := "a-service"
+	applicationID := "a-application"
 	docID := pendingResourceID("spam", "some-unique-ID-001")
 	content := "some data\n..."
 	fp, err := charmresource.GenerateFingerprint(strings.NewReader(content))
@@ -185,10 +185,10 @@
 	now := time.Now().UTC()
 
 	res, err := doc2resource(resourceDoc{
-		DocID:     docID,
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID-001",
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID-001",
+		ApplicationID: applicationID,
 
 		Name: "spam",
 		Type: "file",
@@ -201,7 +201,7 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam-some-unique-ID-001",
+		StoragePath: "application-a-application/resources/spam-some-unique-ID-001",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -217,18 +217,18 @@
 				Fingerprint: fp,
 				Size:        int64(len(content)),
 			},
-			ID:        "a-service/spam",
-			PendingID: "some-unique-ID-001",
-			ServiceID: serviceID,
-			Username:  "a-user",
-			Timestamp: now,
+			ID:            "a-application/spam",
+			PendingID:     "some-unique-ID-001",
+			ApplicationID: applicationID,
+			Username:      "a-user",
+			Timestamp:     now,
 		},
-		storagePath: "service-a-service/resources/spam-some-unique-ID-001",
+		storagePath: "application-a-application/resources/spam-some-unique-ID-001",
 	})
 }
 
 func (s *ResourcesMongoSuite) TestDoc2BasicResourceUploadFull(c *gc.C) {
-	serviceID := "a-service"
+	applicationID := "a-application"
 	docID := pendingResourceID("spam", "some-unique-ID-001")
 	content := "some data\n..."
 	fp, err := charmresource.GenerateFingerprint(strings.NewReader(content))
@@ -236,10 +236,10 @@
 	now := time.Now().UTC()
 
 	res, err := doc2basicResource(resourceDoc{
-		DocID:     docID,
-		ID:        "a-service/spam",
-		ServiceID: serviceID,
-		PendingID: "some-unique-ID-001",
+		DocID:         docID,
+		ID:            "a-application/spam",
+		ApplicationID: applicationID,
+		PendingID:     "some-unique-ID-001",
 
 		Name:        "spam",
 		Type:        "file",
@@ -254,7 +254,7 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -271,26 +271,26 @@
 			Fingerprint: fp,
 			Size:        int64(len(content)),
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID-001",
-		ServiceID: serviceID,
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID-001",
+		ApplicationID: applicationID,
+		Username:      "a-user",
+		Timestamp:     now,
 	})
 }
 
 func (s *ResourcesMongoSuite) TestDoc2BasicResourceUploadBasic(c *gc.C) {
-	serviceID := "a-service"
-	docID := serviceResourceID("spam")
+	applicationID := "a-application"
+	docID := applicationResourceID("spam")
 	content := "some data\n..."
 	fp, err := charmresource.GenerateFingerprint(strings.NewReader(content))
 	c.Assert(err, jc.ErrorIsNil)
 	now := time.Now().UTC()
 
 	res, err := doc2basicResource(resourceDoc{
-		DocID:     docID,
-		ID:        "a-service/spam",
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            "a-application/spam",
+		ApplicationID: applicationID,
 
 		Name: "spam",
 		Type: "file",
@@ -303,7 +303,7 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -318,10 +318,10 @@
 			Fingerprint: fp,
 			Size:        int64(len(content)),
 		},
-		ID:        "a-service/spam",
-		ServiceID: serviceID,
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		ApplicationID: applicationID,
+		Username:      "a-user",
+		Timestamp:     now,
 	})
 }
 
@@ -331,8 +331,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	now := time.Now().UTC()
 
-	serviceID := "a-service"
-	docID := serviceResourceID("spam")
+	applicationID := "a-application"
+	docID := applicationResourceID("spam")
 	res := resource.Resource{
 		Resource: charmresource.Resource{
 			Meta: charmresource.Meta{
@@ -346,15 +346,15 @@
 			Fingerprint: fp,
 			Size:        int64(len(content)),
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: serviceID,
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: applicationID,
+		Username:      "a-user",
+		Timestamp:     now,
 	}
 	doc := resource2doc(docID, storedResource{
 		Resource:    res,
-		storagePath: "service-a-service/resources/spam",
+		storagePath: "application-a-application/resources/spam",
 	})
 
 	c.Check(doc, jc.DeepEquals, &resourceDoc{
@@ -362,7 +362,7 @@
 		ID:        res.ID,
 		PendingID: "some-unique-ID",
 
-		ServiceID: serviceID,
+		ApplicationID: applicationID,
 
 		Name:        "spam",
 		Type:        "file",
@@ -377,13 +377,13 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 }
 
 func (s *ResourcesMongoSuite) TestDoc2BasicResourceCharmstoreFull(c *gc.C) {
-	serviceID := "a-service"
-	docID := serviceResourceID("spam")
+	applicationID := "a-application"
+	docID := applicationResourceID("spam")
 	content := "some data\n..."
 	fp, err := charmresource.GenerateFingerprint(strings.NewReader(content))
 	c.Assert(err, jc.ErrorIsNil)
@@ -391,10 +391,10 @@
 
 	res, err := doc2basicResource(resourceDoc{
 		DocID:     docID,
-		ID:        "a-service/spam",
+		ID:        "a-application/spam",
 		PendingID: "some-unique-ID",
 
-		ServiceID: serviceID,
+		ApplicationID: applicationID,
 
 		Name:        "spam",
 		Type:        "file",
@@ -409,7 +409,7 @@
 		Username:  "a-user",
 		Timestamp: now,
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -426,21 +426,21 @@
 			Fingerprint: fp,
 			Size:        int64(len(content)),
 		},
-		ID:        "a-service/spam",
-		PendingID: "some-unique-ID",
-		ServiceID: serviceID,
-		Username:  "a-user",
-		Timestamp: now,
+		ID:            "a-application/spam",
+		PendingID:     "some-unique-ID",
+		ApplicationID: applicationID,
+		Username:      "a-user",
+		Timestamp:     now,
 	})
 }
 
 func (s *ResourcesMongoSuite) TestDoc2BasicResourcePlaceholder(c *gc.C) {
-	serviceID := "a-service"
-	docID := serviceResourceID("spam")
+	applicationID := "a-application"
+	docID := applicationResourceID("spam")
 	res, err := doc2basicResource(resourceDoc{
-		DocID:     docID,
-		ID:        "a-service/spam",
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            "a-application/spam",
+		ApplicationID: applicationID,
 
 		Name: "spam",
 		Type: "file",
@@ -448,7 +448,7 @@
 
 		Origin: "upload",
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -461,14 +461,14 @@
 			},
 			Origin: charmresource.OriginUpload,
 		},
-		ID:        "a-service/spam",
-		ServiceID: serviceID,
+		ID:            "a-application/spam",
+		ApplicationID: applicationID,
 	})
 }
 
 func (s *ResourcesMongoSuite) TestResource2DocLocalPlaceholder(c *gc.C) {
-	serviceID := "a-service"
-	docID := serviceResourceID("spam")
+	applicationID := "a-application"
+	docID := applicationResourceID("spam")
 	res := resource.Resource{
 		Resource: charmresource.Resource{
 			Meta: charmresource.Meta{
@@ -478,18 +478,18 @@
 			},
 			Origin: charmresource.OriginUpload,
 		},
-		ID:        "a-service/spam",
-		ServiceID: serviceID,
+		ID:            "a-application/spam",
+		ApplicationID: applicationID,
 	}
 	doc := resource2doc(docID, storedResource{
 		Resource:    res,
-		storagePath: "service-a-service/resources/spam",
+		storagePath: "application-a-application/resources/spam",
 	})
 
 	c.Check(doc, jc.DeepEquals, &resourceDoc{
-		DocID:     docID,
-		ID:        res.ID,
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            res.ID,
+		ApplicationID: applicationID,
 
 		Name: "spam",
 		Type: "file",
@@ -497,7 +497,7 @@
 
 		Origin: "upload",
 
-		StoragePath: "service-a-service/resources/spam",
+		StoragePath: "application-a-application/resources/spam",
 	})
 }
 
@@ -507,9 +507,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 	now := time.Now().UTC()
 
-	serviceID := "a-service"
-	id := serviceID + "/spam"
-	docID := serviceResourceID("spam") + "#charmstore"
+	applicationID := "a-application"
+	id := applicationID + "/spam"
+	docID := applicationResourceID("spam") + "#charmstore"
 	res := charmresource.Resource{
 		Meta: charmresource.Meta{
 			Name:        "spam",
@@ -523,16 +523,16 @@
 		Size:        int64(len(content)),
 	}
 	doc := charmStoreResource2Doc(docID, charmStoreResource{
-		Resource:   res,
-		id:         id,
-		serviceID:  serviceID,
-		lastPolled: now,
+		Resource:      res,
+		id:            id,
+		applicationID: applicationID,
+		lastPolled:    now,
 	})
 
 	c.Check(doc, jc.DeepEquals, &resourceDoc{
-		DocID:     docID,
-		ID:        id,
-		ServiceID: serviceID,
+		DocID:         docID,
+		ID:            id,
+		ApplicationID: applicationID,
 
 		Name:        "spam",
 		Type:        "file",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	charmresource "gopkg.in/juju/charm.v6-unstable/resource"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/resource"
@@ -36,13 +36,13 @@
 	// function. It may be retried several times.
 	Run(transactions jujutxn.TransactionSource) error
 
-	// ServiceExistsOps returns the operations that verify that the
-	// identified service exists.
-	ServiceExistsOps(serviceID string) []txn.Op
+	// ApplicationExistsOps returns the operations that verify that the
+	// identified application exists.
+	ApplicationExistsOps(applicationID string) []txn.Op
 
 	// IncCharmModifiedVersionOps returns the operations necessary to increment
-	// the CharmModifiedVersion field for the given service.
-	IncCharmModifiedVersionOps(serviceID string) []txn.Op
+	// the CharmModifiedVersion field for the given application.
+	IncCharmModifiedVersionOps(applicationID string) []txn.Op
 
 	// NewCleanupOp creates a mgo transaction operation that queues up
 	// some cleanup action in state.
@@ -64,10 +64,10 @@
 
 // ListResources returns the info for each non-pending resource of the
 // identified service.
-func (p ResourcePersistence) ListResources(serviceID string) (resource.ServiceResources, error) {
-	logger.Tracef("listing all resources for service %q", serviceID)
+func (p ResourcePersistence) ListResources(applicationID string) (resource.ServiceResources, error) {
+	logger.Tracef("listing all resources for application %q", applicationID)
 
-	docs, err := p.resources(serviceID)
+	docs, err := p.resources(applicationID)
 	if err != nil {
 		return resource.ServiceResources{}, errors.Trace(err)
 	}
@@ -121,8 +121,8 @@
 
 // ListPendingResources returns the extended, model-related info for
 // each pending resource of the identifies service.
-func (p ResourcePersistence) ListPendingResources(serviceID string) ([]resource.Resource, error) {
-	docs, err := p.resources(serviceID)
+func (p ResourcePersistence) ListPendingResources(applicationID string) ([]resource.Resource, error) {
+	docs, err := p.resources(applicationID)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -218,7 +218,7 @@
 		}
 		if stored.PendingID == "" {
 			// Only non-pending resources must have an existing service.
-			ops = append(ops, p.base.ServiceExistsOps(res.ServiceID)...)
+			ops = append(ops, p.base.ApplicationExistsOps(res.ApplicationID)...)
 		}
 		return ops, nil
 	}
@@ -230,16 +230,16 @@
 
 // SetCharmStoreResource stores the resource info that was retrieved
 // from the charm store.
-func (p ResourcePersistence) SetCharmStoreResource(id, serviceID string, res charmresource.Resource, lastPolled time.Time) error {
+func (p ResourcePersistence) SetCharmStoreResource(id, applicationID string, res charmresource.Resource, lastPolled time.Time) error {
 	if err := res.Validate(); err != nil {
 		return errors.Annotate(err, "bad resource")
 	}
 
 	csRes := charmStoreResource{
-		Resource:   res,
-		id:         id,
-		serviceID:  serviceID,
-		lastPolled: lastPolled,
+		Resource:      res,
+		id:            id,
+		applicationID: applicationID,
+		lastPolled:    lastPolled,
 	}
 
 	buildTxn := func(attempt int) ([]txn.Op, error) {
@@ -255,7 +255,7 @@
 			return nil, errors.New("setting the resource failed")
 		}
 		// No pending resources so we always do this here.
-		ops = append(ops, p.base.ServiceExistsOps(serviceID)...)
+		ops = append(ops, p.base.ApplicationExistsOps(applicationID)...)
 		return ops, nil
 	}
 	if err := p.base.Run(buildTxn); err != nil {
@@ -265,7 +265,7 @@
 }
 
 // SetUnitResource stores the resource info for a particular unit. The
-// resource must already be set for the service.
+// resource must already be set for the application.
 func (p ResourcePersistence) SetUnitResource(unitID string, res resource.Resource) error {
 	if res.PendingID != "" {
 		return errors.Errorf("pending resources not allowed")
@@ -274,7 +274,7 @@
 }
 
 // SetUnitResource stores the resource info for a particular unit. The
-// resource must already be set for the service. The provided progress
+// resource must already be set for the application. The provided progress
 // is stored in the DB.
 func (p ResourcePersistence) SetUnitResourceProgress(unitID string, res resource.Resource, progress int64) error {
 	if res.PendingID == "" {
@@ -309,7 +309,7 @@
 			return nil, errors.New("setting the resource failed")
 		}
 		// No pending resources so we always do this here.
-		ops = append(ops, p.base.ServiceExistsOps(res.ServiceID)...)
+		ops = append(ops, p.base.ApplicationExistsOps(res.ApplicationID)...)
 		return ops, nil
 	}
 	if err := p.base.Run(buildTxn); err != nil {
@@ -379,14 +379,14 @@
 
 	ops := newRemoveResourcesOps(docs)
 	// We do not remove the resource from the blob store here. That is
-	// a service-level matter.
+	// an application-level matter.
 	return ops, nil
 }
 
 // NewRemoveResourcesOps returns mgo transaction operations that
 // remove all the service's resources from state.
-func (p ResourcePersistence) NewRemoveResourcesOps(serviceID string) ([]txn.Op, error) {
-	docs, err := p.resources(serviceID)
+func (p ResourcePersistence) NewRemoveResourcesOps(applicationID string) ([]txn.Op, error) {
+	docs, err := p.resources(applicationID)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence_staged.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence_staged.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence_staged.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence_staged.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,7 +33,7 @@
 		}
 		if staged.stored.PendingID == "" {
 			// Only non-pending resources must have an existing service.
-			ops = append(ops, staged.base.ServiceExistsOps(staged.stored.ServiceID)...)
+			ops = append(ops, staged.base.ApplicationExistsOps(staged.stored.ApplicationID)...)
 		}
 
 		return ops, nil
@@ -78,7 +78,7 @@
 		}
 		if staged.stored.PendingID == "" {
 			// Only non-pending resources must have an existing service.
-			ops = append(ops, staged.base.ServiceExistsOps(staged.stored.ServiceID)...)
+			ops = append(ops, staged.base.ApplicationExistsOps(staged.stored.ApplicationID)...)
 		}
 		// No matter what, we always remove any staging.
 		ops = append(ops, newRemoveStagedResourceOps(staged.id)...)
@@ -93,7 +93,7 @@
 				return nil, errors.Trace(err)
 			}
 			if hasNewBytes {
-				incOps := staged.base.IncCharmModifiedVersionOps(staged.stored.ServiceID)
+				incOps := staged.base.IncCharmModifiedVersionOps(staged.stored.ApplicationID)
 				ops = append(ops, incOps...)
 			}
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence_staged_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence_staged_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence_staged_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence_staged_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,9 +27,9 @@
 
 	s.stub = &testing.Stub{}
 	s.base = statetest.NewStubPersistence(s.stub)
-	s.base.ReturnServiceExistsOps = []txn.Op{{
-		C:      "service",
-		Id:     "a-service",
+	s.base.ReturnApplicationExistsOps = []txn.Op{{
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}}
 }
@@ -47,7 +47,7 @@
 }
 
 func (s *StagedResourceSuite) TestStageOkay(c *gc.C) {
-	staged, doc := s.newStagedResource(c, "a-service", "spam")
+	staged, doc := s.newStagedResource(c, "a-application", "spam")
 	doc.DocID += "#staged"
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, ignoredErr)
@@ -55,21 +55,21 @@
 	err := staged.stage()
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "Run", "ServiceExistsOps", "RunTransaction")
+	s.stub.CheckCallNames(c, "Run", "ApplicationExistsOps", "RunTransaction")
 	s.stub.CheckCall(c, 2, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *StagedResourceSuite) TestStageExists(c *gc.C) {
-	staged, doc := s.newStagedResource(c, "a-service", "spam")
+	staged, doc := s.newStagedResource(c, "a-application", "spam")
 	doc.DocID += "#staged"
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, txn.ErrAborted, nil, nil, ignoredErr)
@@ -77,30 +77,30 @@
 	err := staged.stage()
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "Run", "ServiceExistsOps", "RunTransaction", "ServiceExistsOps", "RunTransaction")
+	s.stub.CheckCallNames(c, "Run", "ApplicationExistsOps", "RunTransaction", "ApplicationExistsOps", "RunTransaction")
 	s.stub.CheckCall(c, 2, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 	s.stub.CheckCall(c, 4, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Assert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *StagedResourceSuite) TestUnstageOkay(c *gc.C) {
-	staged, _ := s.newStagedResource(c, "a-service", "spam")
+	staged, _ := s.newStagedResource(c, "a-application", "spam")
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, ignoredErr)
 
@@ -110,79 +110,79 @@
 	s.stub.CheckCallNames(c, "Run", "RunTransaction")
 	s.stub.CheckCall(c, 1, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Remove: true,
 	}})
 }
 
 func (s *StagedResourceSuite) TestActivateOkay(c *gc.C) {
-	staged, doc := s.newStagedResource(c, "a-service", "spam")
+	staged, doc := s.newStagedResource(c, "a-application", "spam")
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, nil, nil, ignoredErr)
 
 	err := staged.Activate()
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "Run", "ServiceExistsOps", "One", "IncCharmModifiedVersionOps", "RunTransaction")
-	s.stub.CheckCall(c, 3, "IncCharmModifiedVersionOps", "a-service")
+	s.stub.CheckCallNames(c, "Run", "ApplicationExistsOps", "One", "IncCharmModifiedVersionOps", "RunTransaction")
+	s.stub.CheckCall(c, 3, "IncCharmModifiedVersionOps", "a-application")
 	s.stub.CheckCall(c, 4, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Remove: true,
 	}})
 }
 
 func (s *StagedResourceSuite) TestActivateExists(c *gc.C) {
-	staged, doc := s.newStagedResource(c, "a-service", "spam")
+	staged, doc := s.newStagedResource(c, "a-application", "spam")
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, nil, txn.ErrAborted, nil, nil, nil, nil, ignoredErr)
 
 	err := staged.Activate()
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "Run", "ServiceExistsOps", "One", "IncCharmModifiedVersionOps", "RunTransaction", "ServiceExistsOps", "One", "IncCharmModifiedVersionOps", "RunTransaction")
-	s.stub.CheckCall(c, 3, "IncCharmModifiedVersionOps", "a-service")
+	s.stub.CheckCallNames(c, "Run", "ApplicationExistsOps", "One", "IncCharmModifiedVersionOps", "RunTransaction", "ApplicationExistsOps", "One", "IncCharmModifiedVersionOps", "RunTransaction")
+	s.stub.CheckCall(c, 3, "IncCharmModifiedVersionOps", "a-application")
 	s.stub.CheckCall(c, 4, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Remove: true,
 	}})
-	s.stub.CheckCall(c, 7, "IncCharmModifiedVersionOps", "a-service")
+	s.stub.CheckCall(c, 7, "IncCharmModifiedVersionOps", "a-application")
 	s.stub.CheckCall(c, 8, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocExists,
 		Remove: true,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Remove: true,
 	}})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_persistence_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_persistence_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
 
@@ -33,22 +33,22 @@
 
 	s.stub = &testing.Stub{}
 	s.base = statetest.NewStubPersistence(s.stub)
-	s.base.ReturnServiceExistsOps = []txn.Op{{
-		C:      "service",
-		Id:     "a-service",
+	s.base.ReturnApplicationExistsOps = []txn.Op{{
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}}
 }
 
 func (s *ResourcePersistenceSuite) TestListResourcesOkay(c *gc.C) {
-	expected, docs := newPersistenceResources(c, "a-service", "spam", "eggs")
+	expected, docs := newPersistenceResources(c, "a-application", "spam", "eggs")
 	expected.CharmStoreResources[1].Revision += 1
 	docs[3].Revision += 1
-	unitRes, unitDocs := newPersistenceUnitResources(c, "a-service", "a-service/0", expected.Resources)
+	unitRes, unitDocs := newPersistenceUnitResources(c, "a-application", "a-application/0", expected.Resources)
 	var progress int64 = 3
 	unitDocs[1].DownloadProgress = &progress // the "eggs" doc
 	expected.UnitResources = []resource.UnitResources{{
-		Tag:       names.NewUnitTag("a-service/0"),
+		Tag:       names.NewUnitTag("a-application/0"),
 		Resources: unitRes,
 		DownloadProgress: map[string]int64{
 			"eggs": progress,
@@ -58,13 +58,13 @@
 	s.base.ReturnAll = docs
 	p := NewResourcePersistence(s.base)
 
-	resources, err := p.ListResources("a-service")
+	resources, err := p.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "All")
 	s.stub.CheckCall(c, 0, "All",
 		"resources",
-		bson.D{{"service-id", "a-service"}},
+		bson.D{{"application-id", "a-application"}},
 		&docs,
 	)
 	c.Check(resources, jc.DeepEquals, expected)
@@ -72,32 +72,32 @@
 
 func (s *ResourcePersistenceSuite) TestListResourcesNoResources(c *gc.C) {
 	p := NewResourcePersistence(s.base)
-	resources, err := p.ListResources("a-service")
+	resources, err := p.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(resources.Resources, gc.HasLen, 0)
 	s.stub.CheckCallNames(c, "All")
 	s.stub.CheckCall(c, 0, "All",
 		"resources",
-		bson.D{{"service-id", "a-service"}},
+		bson.D{{"application-id", "a-application"}},
 		&[]resourceDoc{},
 	)
 }
 
 func (s *ResourcePersistenceSuite) TestListResourcesIgnorePending(c *gc.C) {
-	expected, docs := newPersistenceResources(c, "a-service", "spam", "eggs")
+	expected, docs := newPersistenceResources(c, "a-application", "spam", "eggs")
 	expected.Resources = expected.Resources[:1]
 	docs[2].PendingID = "some-unique-ID-001"
 	s.base.ReturnAll = docs
 	p := NewResourcePersistence(s.base)
 
-	resources, err := p.ListResources("a-service")
+	resources, err := p.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "All")
 	s.stub.CheckCall(c, 0, "All",
 		"resources",
-		bson.D{{"service-id", "a-service"}},
+		bson.D{{"application-id", "a-application"}},
 		&docs,
 	)
 	checkResources(c, resources, expected)
@@ -108,30 +108,30 @@
 	s.stub.SetErrors(failure)
 
 	p := NewResourcePersistence(s.base)
-	_, err := p.ListResources("a-service")
+	_, err := p.ListResources("a-application")
 
 	c.Check(errors.Cause(err), gc.Equals, failure)
 	s.stub.CheckCallNames(c, "All")
 	s.stub.CheckCall(c, 0, "All",
 		"resources",
-		bson.D{{"service-id", "a-service"}},
+		bson.D{{"application-id", "a-application"}},
 		&[]resourceDoc{},
 	)
 }
 
 func (s *ResourcePersistenceSuite) TestListResourcesBadDoc(c *gc.C) {
-	_, docs := newPersistenceResources(c, "a-service", "spam", "eggs")
+	_, docs := newPersistenceResources(c, "a-application", "spam", "eggs")
 	docs[0].Timestamp = time.Time{}
 	s.base.ReturnAll = docs
 
 	p := NewResourcePersistence(s.base)
-	_, err := p.ListResources("a-service")
+	_, err := p.ListResources("a-application")
 
 	c.Check(err, gc.ErrorMatches, `got invalid data from DB.*`)
 	s.stub.CheckCallNames(c, "All")
 	s.stub.CheckCall(c, 0, "All",
 		"resources",
-		bson.D{{"service-id", "a-service"}},
+		bson.D{{"application-id", "a-application"}},
 		&docs,
 	)
 }
@@ -140,7 +140,7 @@
 	var expected []resource.Resource
 	var docs []resourceDoc
 	for _, name := range []string{"spam", "ham"} {
-		res, doc := newPersistenceResource(c, "a-service", name)
+		res, doc := newPersistenceResource(c, "a-application", name)
 		expected = append(expected, res.Resource)
 		docs = append(docs, doc)
 	}
@@ -150,23 +150,23 @@
 	s.base.ReturnAll = docs
 	p := NewResourcePersistence(s.base)
 
-	resources, err := p.ListPendingResources("a-service")
+	resources, err := p.ListPendingResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "All")
 	s.stub.CheckCall(c, 0, "All",
 		"resources",
-		bson.D{{"service-id", "a-service"}},
+		bson.D{{"application-id", "a-application"}},
 		&docs,
 	)
 	checkBasicResources(c, resources, expected)
 }
 
 func (s *ResourcePersistenceSuite) TestGetResourceOkay(c *gc.C) {
-	expected, doc := newPersistenceResource(c, "a-service", "spam")
+	expected, doc := newPersistenceResource(c, "a-application", "spam")
 	unitDoc := doc // a copy
-	unitDoc.ID = doc.ID + "#unit-a-service/0"
-	unitDoc.UnitID = "a-service/0"
+	unitDoc.ID = doc.ID + "#unit-a-application/0"
+	unitDoc.UnitID = "a-application/0"
 	pendingDoc := doc // a copy
 	pendingDoc.ID = doc.ID + "#pending-some-unique-ID"
 	pendingDoc.PendingID = "some-unique-ID"
@@ -178,17 +178,17 @@
 	s.base.ReturnOne = doc
 	p := NewResourcePersistence(s.base)
 
-	res, storagePath, err := p.GetResource("a-service/spam")
+	res, storagePath, err := p.GetResource("a-application/spam")
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "One")
-	s.stub.CheckCall(c, 0, "One", "resources", "resource#a-service/spam", &doc)
+	s.stub.CheckCall(c, 0, "One", "resources", "resource#a-application/spam", &doc)
 	c.Check(res, jc.DeepEquals, expected.Resource)
 	c.Check(storagePath, gc.Equals, expected.storagePath)
 }
 
 func (s *ResourcePersistenceSuite) TestStageResourceOkay(c *gc.C) {
-	res, doc := newPersistenceResource(c, "a-service", "spam")
+	res, doc := newPersistenceResource(c, "a-application", "spam")
 	doc.DocID += "#staged"
 	p := NewResourcePersistence(s.base)
 	ignoredErr := errors.New("<never reached>")
@@ -197,15 +197,15 @@
 	staged, err := p.StageResource(res.Resource, res.storagePath)
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "Run", "ServiceExistsOps", "RunTransaction")
+	s.stub.CheckCallNames(c, "Run", "ApplicationExistsOps", "RunTransaction")
 	s.stub.CheckCall(c, 2, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#staged",
+		Id:     "resource#a-application/spam#staged",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 	c.Check(staged, jc.DeepEquals, &StagedResource{
@@ -216,7 +216,7 @@
 }
 
 func (s *ResourcePersistenceSuite) TestStageResourceMissingStoragePath(c *gc.C) {
-	res, _ := newPersistenceResource(c, "a-service", "spam")
+	res, _ := newPersistenceResource(c, "a-application", "spam")
 	p := NewResourcePersistence(s.base)
 
 	_, err := p.StageResource(res.Resource, "")
@@ -226,7 +226,7 @@
 }
 
 func (s *ResourcePersistenceSuite) TestStageResourceBadResource(c *gc.C) {
-	res, _ := newPersistenceResource(c, "a-service", "spam")
+	res, _ := newPersistenceResource(c, "a-application", "spam")
 	res.Resource.Timestamp = time.Time{}
 	p := NewResourcePersistence(s.base)
 
@@ -239,8 +239,8 @@
 }
 
 func (s *ResourcePersistenceSuite) TestSetResourceOkay(c *gc.C) {
-	servicename := "a-service"
-	res, doc := newPersistenceResource(c, servicename, "spam")
+	applicationname := "a-application"
+	res, doc := newPersistenceResource(c, applicationname, "spam")
 	s.base.ReturnOne = doc
 	p := NewResourcePersistence(s.base)
 	ignoredErr := errors.New("<never reached>")
@@ -252,24 +252,24 @@
 	s.stub.CheckCallNames(c,
 		"One",
 		"Run",
-		"ServiceExistsOps",
+		"ApplicationExistsOps",
 		"RunTransaction",
 	)
 	s.stub.CheckCall(c, 3, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *ResourcePersistenceSuite) TestSetResourceNotFound(c *gc.C) {
-	servicename := "a-service"
-	res, doc := newPersistenceResource(c, servicename, "spam")
+	applicationname := "a-application"
+	res, doc := newPersistenceResource(c, applicationname, "spam")
 	s.base.ReturnOne = doc
 	expected := doc // a copy
 	expected.StoragePath = ""
@@ -284,25 +284,25 @@
 	s.stub.CheckCallNames(c,
 		"One",
 		"Run",
-		"ServiceExistsOps",
+		"ApplicationExistsOps",
 		"RunTransaction",
 	)
 	s.stub.CheckCall(c, 3, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam",
+		Id:     "resource#a-application/spam",
 		Assert: txn.DocMissing,
 		Insert: &expected,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *ResourcePersistenceSuite) TestSetCharmStoreResourceOkay(c *gc.C) {
 	lastPolled := time.Now().UTC()
-	servicename := "a-service"
-	res, doc := newPersistenceResource(c, servicename, "spam")
+	applicationname := "a-application"
+	res, doc := newPersistenceResource(c, applicationname, "spam")
 	expected := doc // a copy
 	expected.DocID += "#charmstore"
 	expected.Username = ""
@@ -313,60 +313,60 @@
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, ignoredErr)
 
-	err := p.SetCharmStoreResource(res.ID, res.ServiceID, res.Resource.Resource, lastPolled)
+	err := p.SetCharmStoreResource(res.ID, res.ApplicationID, res.Resource.Resource, lastPolled)
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c,
 		"Run",
-		"ServiceExistsOps",
+		"ApplicationExistsOps",
 		"RunTransaction",
 	)
 	s.stub.CheckCall(c, 2, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#charmstore",
+		Id:     "resource#a-application/spam#charmstore",
 		Assert: txn.DocMissing,
 		Insert: &expected,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *ResourcePersistenceSuite) TestSetUnitResourceOkay(c *gc.C) {
-	servicename := "a-service"
-	unitname := "a-service/0"
-	res, doc := newPersistenceUnitResource(c, servicename, unitname, "eggs")
+	applicationname := "a-application"
+	unitname := "a-application/0"
+	res, doc := newPersistenceUnitResource(c, applicationname, unitname, "eggs")
 	s.base.ReturnOne = doc
 	p := NewResourcePersistence(s.base)
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, nil, ignoredErr)
 
-	err := p.SetUnitResource("a-service/0", res)
+	err := p.SetUnitResource("a-application/0", res)
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "One", "Run", "ServiceExistsOps", "RunTransaction")
+	s.stub.CheckCallNames(c, "One", "Run", "ApplicationExistsOps", "RunTransaction")
 	s.stub.CheckCall(c, 3, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/eggs#unit-a-service/0",
+		Id:     "resource#a-application/eggs#unit-a-application/0",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *ResourcePersistenceSuite) TestSetUnitResourceNotFound(c *gc.C) {
-	servicename := "a-service"
-	unitname := "a-service/0"
-	res, _ := newPersistenceUnitResource(c, servicename, unitname, "eggs")
+	applicationname := "a-application"
+	unitname := "a-application/0"
+	res, _ := newPersistenceUnitResource(c, applicationname, unitname, "eggs")
 	p := NewResourcePersistence(s.base)
 	notFound := errors.NewNotFound(nil, "")
 	s.stub.SetErrors(notFound)
 
-	err := p.SetUnitResource("a-service/0", res)
+	err := p.SetUnitResource("a-application/0", res)
 
 	s.stub.CheckCallNames(c, "One")
 	c.Check(err, jc.Satisfies, errors.IsNotFound)
@@ -374,50 +374,50 @@
 }
 
 func (s *ResourcePersistenceSuite) TestSetUnitResourceExists(c *gc.C) {
-	res, doc := newPersistenceUnitResource(c, "a-service", "a-service/0", "spam")
+	res, doc := newPersistenceUnitResource(c, "a-application", "a-application/0", "spam")
 	s.base.ReturnOne = doc
 	p := NewResourcePersistence(s.base)
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, txn.ErrAborted, nil, nil, ignoredErr)
 
-	err := p.SetUnitResource("a-service/0", res)
+	err := p.SetUnitResource("a-application/0", res)
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "One", "Run", "ServiceExistsOps", "RunTransaction", "ServiceExistsOps", "RunTransaction")
+	s.stub.CheckCallNames(c, "One", "Run", "ApplicationExistsOps", "RunTransaction", "ApplicationExistsOps", "RunTransaction")
 	s.stub.CheckCall(c, 3, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#unit-a-service/0",
+		Id:     "resource#a-application/spam#unit-a-application/0",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 	s.stub.CheckCall(c, 5, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/spam#unit-a-service/0",
+		Id:     "resource#a-application/spam#unit-a-application/0",
 		Assert: txn.DocExists,
 		Remove: true,
 	}, {
 		C:      "resources",
-		Id:     "resource#a-service/spam#unit-a-service/0",
+		Id:     "resource#a-application/spam#unit-a-application/0",
 		Assert: txn.DocMissing,
 		Insert: &doc,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *ResourcePersistenceSuite) TestSetUnitResourceBadResource(c *gc.C) {
-	res, doc := newPersistenceUnitResource(c, "a-service", "a-service/0", "spam")
+	res, doc := newPersistenceUnitResource(c, "a-application", "a-application/0", "spam")
 	s.base.ReturnOne = doc
 	res.Timestamp = time.Time{}
 	p := NewResourcePersistence(s.base)
 
-	err := p.SetUnitResource("a-service/0", res)
+	err := p.SetUnitResource("a-application/0", res)
 
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 	c.Check(err, gc.ErrorMatches, `bad resource.*`)
@@ -426,9 +426,9 @@
 }
 
 func (s *ResourcePersistenceSuite) TestSetUnitResourceProgress(c *gc.C) {
-	servicename := "a-service"
-	unitname := "a-service/0"
-	res, doc := newPersistenceUnitResource(c, servicename, unitname, "eggs")
+	applicationname := "a-application"
+	unitname := "a-application/0"
+	res, doc := newPersistenceUnitResource(c, applicationname, unitname, "eggs")
 	s.base.ReturnOne = doc
 	pendingID := "<a pending ID>"
 	res.PendingID = pendingID
@@ -440,25 +440,25 @@
 	ignoredErr := errors.New("<never reached>")
 	s.stub.SetErrors(nil, nil, nil, nil, ignoredErr)
 
-	err := p.SetUnitResourceProgress("a-service/0", res, progress)
+	err := p.SetUnitResourceProgress("a-application/0", res, progress)
 	c.Assert(err, jc.ErrorIsNil)
 
-	s.stub.CheckCallNames(c, "One", "Run", "ServiceExistsOps", "RunTransaction")
+	s.stub.CheckCallNames(c, "One", "Run", "ApplicationExistsOps", "RunTransaction")
 	s.stub.CheckCall(c, 3, "RunTransaction", []txn.Op{{
 		C:      "resources",
-		Id:     "resource#a-service/eggs#unit-a-service/0",
+		Id:     "resource#a-application/eggs#unit-a-application/0",
 		Assert: txn.DocMissing,
 		Insert: &expected,
 	}, {
-		C:      "service",
-		Id:     "a-service",
+		C:      "application",
+		Id:     "a-application",
 		Assert: txn.DocExists,
 	}})
 }
 
 func (s *ResourcePersistenceSuite) TestNewResourcePendingResourceOpsExists(c *gc.C) {
 	pendingID := "some-unique-ID-001"
-	stored, expected := newPersistenceResource(c, "a-service", "spam")
+	stored, expected := newPersistenceResource(c, "a-application", "spam")
 	stored.PendingID = pendingID
 	doc := expected // a copy
 	doc.DocID = pendingResourceID(stored.ID, pendingID)
@@ -472,7 +472,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	csresourceDoc := expected
-	csresourceDoc.DocID = "resource#a-service/spam#charmstore"
+	csresourceDoc.DocID = "resource#a-application/spam#charmstore"
 	csresourceDoc.Username = ""
 	csresourceDoc.Timestamp = time.Time{}
 	csresourceDoc.StoragePath = ""
@@ -482,7 +482,7 @@
 	res.LastPolled = res.LastPolled.Round(time.Second)
 
 	s.stub.CheckCallNames(c, "One", "One")
-	s.stub.CheckCall(c, 0, "One", "resources", "resource#a-service/spam#pending-some-unique-ID-001", &doc)
+	s.stub.CheckCall(c, 0, "One", "resources", "resource#a-application/spam#pending-some-unique-ID-001", &doc)
 	c.Check(ops, jc.DeepEquals, []txn.Op{
 		{
 			C:      "resources",
@@ -517,7 +517,7 @@
 
 func (s *ResourcePersistenceSuite) TestNewResourcePendingResourceOpsNotFound(c *gc.C) {
 	pendingID := "some-unique-ID-001"
-	stored, expected := newPersistenceResource(c, "a-service", "spam")
+	stored, expected := newPersistenceResource(c, "a-application", "spam")
 	stored.PendingID = pendingID
 	doc := expected // a copy
 	doc.DocID = pendingResourceID(stored.ID, pendingID)
@@ -532,10 +532,10 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.stub.CheckCallNames(c, "One", "One")
-	s.stub.CheckCall(c, 0, "One", "resources", "resource#a-service/spam#pending-some-unique-ID-001", &doc)
+	s.stub.CheckCall(c, 0, "One", "resources", "resource#a-application/spam#pending-some-unique-ID-001", &doc)
 
 	csresourceDoc := expected
-	csresourceDoc.DocID = "resource#a-service/spam#charmstore"
+	csresourceDoc.DocID = "resource#a-application/spam#charmstore"
 	csresourceDoc.Username = ""
 	csresourceDoc.Timestamp = time.Time{}
 	csresourceDoc.StoragePath = ""
@@ -609,13 +609,13 @@
 
 	stored := storedResource{
 		Resource:    res,
-		storagePath: "service-" + serviceID + "/resources/" + name,
+		storagePath: "application-" + serviceID + "/resources/" + name,
 	}
 
 	doc := resourceDoc{
-		DocID:     "resource#" + res.ID,
-		ID:        res.ID,
-		ServiceID: res.ServiceID,
+		DocID:         "resource#" + res.ID,
+		ID:            res.ID,
+		ApplicationID: res.ApplicationID,
 
 		Name:        res.Name,
 		Type:        res.Type.String(),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/resources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/resources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,12 +30,12 @@
 
 func (s *ResourcesSuite) TestFunctional(c *gc.C) {
 	ch := s.ConnSuite.AddTestingCharm(c, "wordpress")
-	s.ConnSuite.AddTestingService(c, "a-service", ch)
+	s.ConnSuite.AddTestingService(c, "a-application", ch)
 
 	st, err := s.State.Resources()
 	c.Assert(err, jc.ErrorIsNil)
 
-	resources, err := st.ListResources("a-service")
+	resources, err := st.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(resources.Resources, gc.HasLen, 0)
@@ -44,14 +44,14 @@
 	res := newResource(c, "spam", data)
 	file := bytes.NewBufferString(data)
 
-	_, err = st.SetResource("a-service", res.Username, res.Resource, file)
+	_, err = st.SetResource("a-application", res.Username, res.Resource, file)
 	c.Assert(err, jc.ErrorIsNil)
 
 	csResources := []charmresource.Resource{res.Resource}
-	err = st.SetCharmStoreResources("a-service", csResources, time.Now())
+	err = st.SetCharmStoreResources("a-application", csResources, time.Now())
 	c.Assert(err, jc.ErrorIsNil)
 
-	resources, err = st.ListResources("a-service")
+	resources, err = st.ListResources("a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	res.Timestamp = resources.Resources[0].Timestamp
@@ -64,7 +64,7 @@
 }
 
 func newResource(c *gc.C, name, data string) resource.Resource {
-	opened := resourcetesting.NewResource(c, nil, name, "a-service", data)
+	opened := resourcetesting.NewResource(c, nil, name, "a-application", data)
 	res := opened.Resource
 	res.Timestamp = time.Unix(res.Timestamp.Unix(), 0)
 	return res
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/restore.go juju-core-2.0~beta12/src/github.com/juju/juju/state/restore.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/restore.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/restore.go	2016-07-18 19:45:44.000000000 +0000
@@ -84,6 +84,16 @@
 	return doc.Status, nil
 }
 
+// PurgeTxn purges missing transation from restoreInfoC collection.
+// These can be caused because this collection is heavy use while backing
+// up and mongo 3.2 does not like this.
+func (info *RestoreInfo) PurgeTxn() error {
+	restoreInfo, closer := info.st.getRawCollection(restoreInfoC)
+	defer closer()
+	r := txn.NewRunner(restoreInfo)
+	return r.PurgeMissing(restoreInfoC)
+}
+
 // SetStatus sets the status of the current restore. Checks are made
 // to ensure that status changes are performed in the correct order.
 func (info *RestoreInfo) SetStatus(status RestoreStatus) error {
@@ -106,7 +116,7 @@
 		return ops, nil
 	}
 	if err := info.st.run(buildTxn); err != nil {
-		return errors.Trace(err)
+		return errors.Annotatef(err, "setting status %q", status)
 	}
 	return nil
 }
@@ -135,9 +145,17 @@
 			return nil, errInvalid
 		}
 	case RestoreFinished:
-		if before != RestoreInProgress {
+		// RestoreFinished is set after a restore so we cannot ensure
+		// what will be on the db state since it will deppend on
+		// what was set during backup.
+		switch before {
+		case RestoreNotActive:
+			return createRestoreStatusFinishedOps(), nil
+		case RestoreFailed:
+			// except for the case of Failed,this is most likely a race condition.
 			return nil, errInvalid
 		}
+
 	case RestoreChecked:
 		if before != RestoreFinished {
 			return nil, errInvalid
@@ -148,6 +166,17 @@
 	return updateRestoreStatusChangeOps(before, after), nil
 }
 
+// createRestoreStatusFinishedOps is useful when setting finished on
+// a non initated restore document.
+func createRestoreStatusFinishedOps() []txn.Op {
+	return []txn.Op{{
+		C:      restoreInfoC,
+		Id:     currentRestoreId,
+		Assert: txn.DocMissing,
+		Insert: bson.D{{"status", RestoreFinished}},
+	}}
+}
+
 // createRestoreStatusPendingOps is the only valid way to create a
 // restore document.
 func createRestoreStatusPendingOps() []txn.Op {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/restore_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/restore_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/restore_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/restore_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -106,7 +106,7 @@
 		perturb,
 	).Check()
 	err := s.info.SetStatus(state.RestoreInProgress)
-	c.Check(err, gc.ErrorMatches, "state changing too quickly; try again soon")
+	c.Check(err, gc.ErrorMatches, "setting status \"RESTORING\": state changing too quickly; try again soon")
 }
 
 //--------------------------------------
@@ -120,11 +120,7 @@
 }
 
 func (s *RestoreInfoSuite) TestNotActiveSetInProgress(c *gc.C) {
-	s.checkBadSetStatus(c, state.RestoreFinished)
-}
-
-func (s *RestoreInfoSuite) TestNotActiveSetFinished(c *gc.C) {
-	s.checkBadSetStatus(c, state.RestoreFinished)
+	s.checkBadSetStatus(c, state.RestoreInProgress)
 }
 
 func (s *RestoreInfoSuite) TestNotActiveSetChecked(c *gc.C) {
@@ -156,11 +152,6 @@
 	s.checkSetStatus(c, state.RestoreInProgress)
 }
 
-func (s *RestoreInfoSuite) TestPendingSetFinished(c *gc.C) {
-	s.setupPending(c)
-	s.checkBadSetStatus(c, state.RestoreFinished)
-}
-
 func (s *RestoreInfoSuite) TestPendingSetChecked(c *gc.C) {
 	s.setupPending(c)
 	s.checkBadSetStatus(c, state.RestoreChecked)
@@ -270,11 +261,6 @@
 	s.checkBadSetStatus(c, state.RestoreInProgress)
 }
 
-func (s *RestoreInfoSuite) TestCheckedSetFinished(c *gc.C) {
-	s.setupChecked(c)
-	s.checkBadSetStatus(c, state.RestoreFinished)
-}
-
 func (s *RestoreInfoSuite) TestCheckedSetChecked(c *gc.C) {
 	s.setupChecked(c)
 	s.checkSetStatus(c, state.RestoreChecked)
@@ -338,6 +324,6 @@
 
 func (s *RestoreInfoSuite) checkBadSetStatus(c *gc.C, status state.RestoreStatus) {
 	err := s.info.SetStatus(status)
-	expect := fmt.Sprintf("invalid restore transition: [-A-Z]+ => %s", status)
+	expect := fmt.Sprintf("setting status %q: invalid restore transition: [-A-Z]+ => %s", status, status)
 	c.Check(err, gc.ErrorMatches, expect)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/service.go juju-core-2.0~beta12/src/github.com/juju/juju/state/service.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/service.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,1672 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package state
-
-import (
-	stderrors "errors"
-	"fmt"
-	"sort"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	jujutxn "github.com/juju/txn"
-	"github.com/juju/utils/series"
-	"gopkg.in/juju/charm.v6-unstable"
-	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-	"gopkg.in/mgo.v2"
-	"gopkg.in/mgo.v2/bson"
-	"gopkg.in/mgo.v2/txn"
-
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/core/leadership"
-	"github.com/juju/juju/status"
-)
-
-// Service represents the state of a service.
-type Service struct {
-	st  *State
-	doc serviceDoc
-}
-
-// serviceDoc represents the internal state of a service in MongoDB.
-// Note the correspondence with ServiceInfo in apiserver.
-type serviceDoc struct {
-	DocID                string     `bson:"_id"`
-	Name                 string     `bson:"name"`
-	ModelUUID            string     `bson:"model-uuid"`
-	Series               string     `bson:"series"`
-	Subordinate          bool       `bson:"subordinate"`
-	CharmURL             *charm.URL `bson:"charmurl"`
-	Channel              string     `bson:"cs-channel"`
-	CharmModifiedVersion int        `bson:"charmmodifiedversion"`
-	ForceCharm           bool       `bson:"forcecharm"`
-	Life                 Life       `bson:"life"`
-	UnitCount            int        `bson:"unitcount"`
-	RelationCount        int        `bson:"relationcount"`
-	Exposed              bool       `bson:"exposed"`
-	MinUnits             int        `bson:"minunits"`
-	OwnerTag             string     `bson:"ownertag"`
-	TxnRevno             int64      `bson:"txn-revno"`
-	MetricCredentials    []byte     `bson:"metric-credentials"`
-}
-
-func newService(st *State, doc *serviceDoc) *Service {
-	svc := &Service{
-		st:  st,
-		doc: *doc,
-	}
-	return svc
-}
-
-// Name returns the service name.
-func (s *Service) Name() string {
-	return s.doc.Name
-}
-
-// Tag returns a name identifying the service.
-// The returned name will be different from other Tag values returned by any
-// other entities from the same state.
-func (s *Service) Tag() names.Tag {
-	return s.ServiceTag()
-}
-
-// ServiceTag returns the more specific ServiceTag rather than the generic
-// Tag.
-func (s *Service) ServiceTag() names.ServiceTag {
-	return names.NewServiceTag(s.Name())
-}
-
-// serviceGlobalKey returns the global database key for the service
-// with the given name.
-func serviceGlobalKey(svcName string) string {
-	return "s#" + svcName
-}
-
-// globalKey returns the global database key for the service.
-func (s *Service) globalKey() string {
-	return serviceGlobalKey(s.doc.Name)
-}
-
-func serviceSettingsKey(serviceName string, curl *charm.URL) string {
-	return fmt.Sprintf("s#%s#%s", serviceName, curl)
-}
-
-// settingsKey returns the charm-version-specific settings collection
-// key for the service.
-func (s *Service) settingsKey() string {
-	return serviceSettingsKey(s.doc.Name, s.doc.CharmURL)
-}
-
-// Series returns the specified series for this charm.
-func (s *Service) Series() string {
-	return s.doc.Series
-}
-
-// Life returns whether the service is Alive, Dying or Dead.
-func (s *Service) Life() Life {
-	return s.doc.Life
-}
-
-var errRefresh = stderrors.New("state seems inconsistent, refresh and try again")
-
-// Destroy ensures that the service and all its relations will be removed at
-// some point; if the service has no units, and no relation involving the
-// service has any units in scope, they are all removed immediately.
-func (s *Service) Destroy() (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot destroy service %q", s)
-	defer func() {
-		if err == nil {
-			// This is a white lie; the document might actually be removed.
-			s.doc.Life = Dying
-		}
-	}()
-	svc := &Service{st: s.st, doc: s.doc}
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			if err := svc.Refresh(); errors.IsNotFound(err) {
-				return nil, jujutxn.ErrNoOperations
-			} else if err != nil {
-				return nil, err
-			}
-		}
-		switch ops, err := svc.destroyOps(); err {
-		case errRefresh:
-		case errAlreadyDying:
-			return nil, jujutxn.ErrNoOperations
-		case nil:
-			return ops, nil
-		default:
-			return nil, err
-		}
-		return nil, jujutxn.ErrTransientFailure
-	}
-	return s.st.run(buildTxn)
-}
-
-// destroyOps returns the operations required to destroy the service. If it
-// returns errRefresh, the service should be refreshed and the destruction
-// operations recalculated.
-func (s *Service) destroyOps() ([]txn.Op, error) {
-	if s.doc.Life == Dying {
-		return nil, errAlreadyDying
-	}
-	rels, err := s.Relations()
-	if err != nil {
-		return nil, err
-	}
-	if len(rels) != s.doc.RelationCount {
-		// This is just an early bail out. The relations obtained may still
-		// be wrong, but that situation will be caught by a combination of
-		// asserts on relationcount and on each known relation, below.
-		return nil, errRefresh
-	}
-	ops := []txn.Op{minUnitsRemoveOp(s.st, s.doc.Name)}
-	removeCount := 0
-	for _, rel := range rels {
-		relOps, isRemove, err := rel.destroyOps(s.doc.Name)
-		if err == errAlreadyDying {
-			relOps = []txn.Op{{
-				C:      relationsC,
-				Id:     rel.doc.DocID,
-				Assert: bson.D{{"life", Dying}},
-			}}
-		} else if err != nil {
-			return nil, err
-		}
-		if isRemove {
-			removeCount++
-		}
-		ops = append(ops, relOps...)
-	}
-	// TODO(ericsnow) Use a generic registry instead.
-	resOps, err := removeResourcesOps(s.st, s.doc.Name)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	ops = append(ops, resOps...)
-	// If the service has no units, and all its known relations will be
-	// removed, the service can also be removed.
-	if s.doc.UnitCount == 0 && s.doc.RelationCount == removeCount {
-		hasLastRefs := bson.D{{"life", Alive}, {"unitcount", 0}, {"relationcount", removeCount}}
-		return append(ops, s.removeOps(hasLastRefs)...), nil
-	}
-	// In all other cases, service removal will be handled as a consequence
-	// of the removal of the last unit or relation referencing it. If any
-	// relations have been removed, they'll be caught by the operations
-	// collected above; but if any has been added, we need to abort and add
-	// a destroy op for that relation too. In combination, it's enough to
-	// check for count equality: an add/remove will not touch the count, but
-	// will be caught by virtue of being a remove.
-	notLastRefs := bson.D{
-		{"life", Alive},
-		{"relationcount", s.doc.RelationCount},
-	}
-	// With respect to unit count, a changing value doesn't matter, so long
-	// as the count's equality with zero does not change, because all we care
-	// about is that *some* unit is, or is not, keeping the service from
-	// being removed: the difference between 1 unit and 1000 is irrelevant.
-	if s.doc.UnitCount > 0 {
-		ops = append(ops, s.st.newCleanupOp(cleanupUnitsForDyingService, s.doc.Name))
-		notLastRefs = append(notLastRefs, bson.D{{"unitcount", bson.D{{"$gt", 0}}}}...)
-	} else {
-		notLastRefs = append(notLastRefs, bson.D{{"unitcount", 0}}...)
-	}
-	update := bson.D{{"$set", bson.D{{"life", Dying}}}}
-	if removeCount != 0 {
-		decref := bson.D{{"$inc", bson.D{{"relationcount", -removeCount}}}}
-		update = append(update, decref...)
-	}
-	return append(ops, txn.Op{
-		C:      servicesC,
-		Id:     s.doc.DocID,
-		Assert: notLastRefs,
-		Update: update,
-	}), nil
-}
-
-func removeResourcesOps(st *State, serviceID string) ([]txn.Op, error) {
-	persist, err := st.ResourcesPersistence()
-	if errors.IsNotSupported(err) {
-		// Nothing to see here, move along.
-		return nil, nil
-	}
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	ops, err := persist.NewRemoveResourcesOps(serviceID)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return ops, nil
-}
-
-// removeOps returns the operations required to remove the service. Supplied
-// asserts will be included in the operation on the service document.
-func (s *Service) removeOps(asserts bson.D) []txn.Op {
-	settingsDocID := s.st.docID(s.settingsKey())
-	ops := []txn.Op{
-		{
-			C:      servicesC,
-			Id:     s.doc.DocID,
-			Assert: asserts,
-			Remove: true,
-		}, {
-			C:      settingsrefsC,
-			Id:     settingsDocID,
-			Remove: true,
-		}, {
-			C:      settingsC,
-			Id:     settingsDocID,
-			Remove: true,
-		},
-		removeEndpointBindingsOp(s.globalKey()),
-		removeStorageConstraintsOp(s.globalKey()),
-		removeConstraintsOp(s.st, s.globalKey()),
-		annotationRemoveOp(s.st, s.globalKey()),
-		removeLeadershipSettingsOp(s.Name()),
-		removeStatusOp(s.st, s.globalKey()),
-		removeModelServiceRefOp(s.st, s.Name()),
-	}
-	return ops
-}
-
-// IsExposed returns whether this service is exposed. The explicitly open
-// ports (with open-port) for exposed services may be accessed from machines
-// outside of the local deployment network. See SetExposed and ClearExposed.
-func (s *Service) IsExposed() bool {
-	return s.doc.Exposed
-}
-
-// SetExposed marks the service as exposed.
-// See ClearExposed and IsExposed.
-func (s *Service) SetExposed() error {
-	return s.setExposed(true)
-}
-
-// ClearExposed removes the exposed flag from the service.
-// See SetExposed and IsExposed.
-func (s *Service) ClearExposed() error {
-	return s.setExposed(false)
-}
-
-func (s *Service) setExposed(exposed bool) (err error) {
-	ops := []txn.Op{{
-		C:      servicesC,
-		Id:     s.doc.DocID,
-		Assert: isAliveDoc,
-		Update: bson.D{{"$set", bson.D{{"exposed", exposed}}}},
-	}}
-	if err := s.st.runTransaction(ops); err != nil {
-		return fmt.Errorf("cannot set exposed flag for service %q to %v: %v", s, exposed, onAbort(err, errNotAlive))
-	}
-	s.doc.Exposed = exposed
-	return nil
-}
-
-// Charm returns the service's charm and whether units should upgrade to that
-// charm even if they are in an error state.
-func (s *Service) Charm() (ch *Charm, force bool, err error) {
-	// We don't worry about the channel since we aren't interacting
-	// with the charm store here.
-	ch, err = s.st.Charm(s.doc.CharmURL)
-	if err != nil {
-		return nil, false, err
-	}
-	return ch, s.doc.ForceCharm, nil
-}
-
-// IsPrincipal returns whether units of the service can
-// have subordinate units.
-func (s *Service) IsPrincipal() bool {
-	return !s.doc.Subordinate
-}
-
-// CharmModifiedVersion increases whenever the service's charm is changed in any
-// way.
-func (s *Service) CharmModifiedVersion() int {
-	return s.doc.CharmModifiedVersion
-}
-
-// CharmURL returns the service's charm URL, and whether units should upgrade
-// to the charm with that URL even if they are in an error state.
-func (s *Service) CharmURL() (curl *charm.URL, force bool) {
-	return s.doc.CharmURL, s.doc.ForceCharm
-}
-
-// Channel identifies the charm store channel from which the service's
-// charm was deployed. It is only needed when interacting with the charm
-// store.
-func (s *Service) Channel() csparams.Channel {
-	return csparams.Channel(s.doc.Channel)
-}
-
-// Endpoints returns the service's currently available relation endpoints.
-func (s *Service) Endpoints() (eps []Endpoint, err error) {
-	ch, _, err := s.Charm()
-	if err != nil {
-		return nil, err
-	}
-	collect := func(role charm.RelationRole, rels map[string]charm.Relation) {
-		for _, rel := range rels {
-			eps = append(eps, Endpoint{
-				ServiceName: s.doc.Name,
-				Relation:    rel,
-			})
-		}
-	}
-	meta := ch.Meta()
-	collect(charm.RolePeer, meta.Peers)
-	collect(charm.RoleProvider, meta.Provides)
-	collect(charm.RoleRequirer, meta.Requires)
-	collect(charm.RoleProvider, map[string]charm.Relation{
-		"juju-info": {
-			Name:      "juju-info",
-			Role:      charm.RoleProvider,
-			Interface: "juju-info",
-			Scope:     charm.ScopeGlobal,
-		},
-	})
-	sort.Sort(epSlice(eps))
-	return eps, nil
-}
-
-// Endpoint returns the relation endpoint with the supplied name, if it exists.
-func (s *Service) Endpoint(relationName string) (Endpoint, error) {
-	eps, err := s.Endpoints()
-	if err != nil {
-		return Endpoint{}, err
-	}
-	for _, ep := range eps {
-		if ep.Name == relationName {
-			return ep, nil
-		}
-	}
-	return Endpoint{}, fmt.Errorf("service %q has no %q relation", s, relationName)
-}
-
-// extraPeerRelations returns only the peer relations in newMeta not
-// present in the service's current charm meta data.
-func (s *Service) extraPeerRelations(newMeta *charm.Meta) map[string]charm.Relation {
-	if newMeta == nil {
-		// This should never happen, since we're checking the charm in SetCharm already.
-		panic("newMeta is nil")
-	}
-	ch, _, err := s.Charm()
-	if err != nil {
-		return nil
-	}
-	newPeers := newMeta.Peers
-	oldPeers := ch.Meta().Peers
-	extraPeers := make(map[string]charm.Relation)
-	for relName, rel := range newPeers {
-		if _, ok := oldPeers[relName]; !ok {
-			extraPeers[relName] = rel
-		}
-	}
-	return extraPeers
-}
-
-func (s *Service) checkRelationsOps(ch *Charm, relations []*Relation) ([]txn.Op, error) {
-	asserts := make([]txn.Op, 0, len(relations))
-	// All relations must still exist and their endpoints are implemented by the charm.
-	for _, rel := range relations {
-		if ep, err := rel.Endpoint(s.doc.Name); err != nil {
-			return nil, err
-		} else if !ep.ImplementedBy(ch) {
-			return nil, fmt.Errorf("cannot upgrade service %q to charm %q: would break relation %q", s, ch, rel)
-		}
-		asserts = append(asserts, txn.Op{
-			C:      relationsC,
-			Id:     rel.doc.DocID,
-			Assert: txn.DocExists,
-		})
-	}
-	return asserts, nil
-}
-
-func (s *Service) checkStorageUpgrade(newMeta *charm.Meta) (err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot upgrade service %q to charm %q", s, newMeta.Name)
-	ch, _, err := s.Charm()
-	if err != nil {
-		return errors.Trace(err)
-	}
-	oldMeta := ch.Meta()
-	for name := range oldMeta.Storage {
-		if _, ok := newMeta.Storage[name]; !ok {
-			return errors.Errorf("storage %q removed", name)
-		}
-	}
-	less := func(a, b int) bool {
-		return a != -1 && (b == -1 || a < b)
-	}
-	for name, newStorageMeta := range newMeta.Storage {
-		oldStorageMeta, ok := oldMeta.Storage[name]
-		if !ok {
-			if newStorageMeta.CountMin > 0 {
-				return errors.Errorf("required storage %q added", name)
-			}
-			// New storage is fine as long as it is not required.
-			//
-			// TODO(axw) introduce a way of adding storage at
-			// upgrade time. We should also look at supplying
-			// a way of adding/changing other things during
-			// upgrade, e.g. changing service config.
-			continue
-		}
-		if newStorageMeta.Type != oldStorageMeta.Type {
-			return errors.Errorf(
-				"existing storage %q type changed from %q to %q",
-				name, oldStorageMeta.Type, newStorageMeta.Type,
-			)
-		}
-		if newStorageMeta.Shared != oldStorageMeta.Shared {
-			return errors.Errorf(
-				"existing storage %q shared changed from %v to %v",
-				name, oldStorageMeta.Shared, newStorageMeta.Shared,
-			)
-		}
-		if newStorageMeta.ReadOnly != oldStorageMeta.ReadOnly {
-			return errors.Errorf(
-				"existing storage %q read-only changed from %v to %v",
-				name, oldStorageMeta.ReadOnly, newStorageMeta.ReadOnly,
-			)
-		}
-		if newStorageMeta.Location != oldStorageMeta.Location {
-			return errors.Errorf(
-				"existing storage %q location changed from %q to %q",
-				name, oldStorageMeta.Location, newStorageMeta.Location,
-			)
-		}
-		if newStorageMeta.CountMin > oldStorageMeta.CountMin {
-			return errors.Errorf(
-				"existing storage %q range contracted: min increased from %d to %d",
-				name, oldStorageMeta.CountMin, newStorageMeta.CountMin,
-			)
-		}
-		if less(newStorageMeta.CountMax, oldStorageMeta.CountMax) {
-			var oldCountMax interface{} = oldStorageMeta.CountMax
-			if oldStorageMeta.CountMax == -1 {
-				oldCountMax = "<unbounded>"
-			}
-			return errors.Errorf(
-				"existing storage %q range contracted: max decreased from %v to %d",
-				name, oldCountMax, newStorageMeta.CountMax,
-			)
-		}
-		if oldStorageMeta.Location != "" && oldStorageMeta.CountMax == 1 && newStorageMeta.CountMax != 1 {
-			// If a location is specified, the store may not go
-			// from being a singleton to multiple, since then the
-			// location has a different meaning.
-			return errors.Errorf(
-				"existing storage %q with location changed from singleton to multiple",
-				name,
-			)
-		}
-	}
-	return nil
-}
-
-// changeCharmOps returns the operations necessary to set a service's
-// charm URL to a new value.
-func (s *Service) changeCharmOps(ch *Charm, channel string, forceUnits bool, resourceIDs map[string]string) ([]txn.Op, error) {
-	// Build the new service config from what can be used of the old one.
-	var newSettings charm.Settings
-	oldSettings, err := readSettings(s.st, s.settingsKey())
-	if err == nil {
-		// Filter the old settings through to get the new settings.
-		newSettings = ch.Config().FilterSettings(oldSettings.Map())
-	} else if errors.IsNotFound(err) {
-		// No old settings, start with empty new settings.
-		newSettings = make(charm.Settings)
-	} else {
-		return nil, errors.Trace(err)
-	}
-
-	// Create or replace service settings.
-	var settingsOp txn.Op
-	newKey := serviceSettingsKey(s.doc.Name, ch.URL())
-	if _, err := readSettings(s.st, newKey); errors.IsNotFound(err) {
-		// No settings for this key yet, create it.
-		settingsOp = createSettingsOp(newKey, newSettings)
-	} else if err != nil {
-		return nil, errors.Trace(err)
-	} else {
-		// Settings exist, just replace them with the new ones.
-		settingsOp, _, err = replaceSettingsOp(s.st, newKey, newSettings)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-	}
-
-	// Add or create a reference to the new settings doc.
-	incOp, err := settingsIncRefOp(s.st, s.doc.Name, ch.URL(), true)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	var decOps []txn.Op
-	// Drop the reference to the old settings doc (if they exist).
-	if oldSettings != nil {
-		decOps, err = settingsDecRefOps(s.st, s.doc.Name, s.doc.CharmURL) // current charm
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-	}
-
-	// Build the transaction.
-	var ops []txn.Op
-	differentCharm := bson.D{{"charmurl", bson.D{{"$ne", ch.URL()}}}}
-	if oldSettings != nil {
-		// Old settings shouldn't change (when they exist).
-		ops = append(ops, oldSettings.assertUnchangedOp())
-	}
-	ops = append(ops, []txn.Op{
-		// Create or replace new settings.
-		settingsOp,
-		// Increment the ref count.
-		incOp,
-		// Update the charm URL and force flag (if relevant).
-		{
-			C:      servicesC,
-			Id:     s.doc.DocID,
-			Assert: append(notDeadDoc, differentCharm...),
-			Update: bson.D{{"$set", bson.D{
-				{"charmurl", ch.URL()},
-				{"cs-channel", channel},
-				{"forcecharm", forceUnits},
-			}}},
-		},
-	}...)
-
-	ops = append(ops, incCharmModifiedVersionOps(s.doc.DocID)...)
-
-	// Add any extra peer relations that need creation.
-	newPeers := s.extraPeerRelations(ch.Meta())
-	peerOps, err := s.st.addPeerRelationsOps(s.doc.Name, newPeers)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	if len(resourceIDs) > 0 {
-		// Collect pending resource resolution operations.
-		resOps, err := s.resolveResourceOps(resourceIDs)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		ops = append(ops, resOps...)
-	}
-
-	// Get all relations - we need to check them later.
-	relations, err := s.Relations()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	// Make sure the relation count does not change.
-	sameRelCount := bson.D{{"relationcount", len(relations)}}
-
-	ops = append(ops, peerOps...)
-	// Update the relation count as well.
-	ops = append(ops, txn.Op{
-		C:      servicesC,
-		Id:     s.doc.DocID,
-		Assert: append(notDeadDoc, sameRelCount...),
-		Update: bson.D{{"$inc", bson.D{{"relationcount", len(newPeers)}}}},
-	})
-	// Check relations to ensure no active relations are removed.
-	relOps, err := s.checkRelationsOps(ch, relations)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	ops = append(ops, relOps...)
-
-	// Update any existing endpoint bindings, using defaults for new endpoints.
-	//
-	// TODO(dimitern): Once upgrade-charm accepts --bind like deploy, pass the
-	// given bindings below, instead of nil.
-	endpointBindingsOp, err := updateEndpointBindingsOp(s.st, s.globalKey(), nil, ch.Meta())
-	if err == nil {
-		ops = append(ops, endpointBindingsOp)
-	} else if !errors.IsNotFound(err) && err != jujutxn.ErrNoOperations {
-		// If endpoint bindings do not exist this most likely means the service
-		// itself no longer exists, which will be caught soon enough anyway.
-		// ErrNoOperations on the other hand means there's nothing to update.
-		return nil, errors.Trace(err)
-	}
-
-	// Check storage to ensure no storage is removed, and no required
-	// storage is added for which there are no constraints.
-	if err := s.checkStorageUpgrade(ch.Meta()); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	// And finally, decrement the old settings.
-	return append(ops, decOps...), nil
-}
-
-// incCharmModifiedVersionOps returns the operations necessary to increment
-// the CharmModifiedVersion field for the given service.
-func incCharmModifiedVersionOps(serviceID string) []txn.Op {
-	return []txn.Op{{
-		C:      servicesC,
-		Id:     serviceID,
-		Assert: txn.DocExists,
-		Update: bson.D{{"$inc", bson.D{{"charmmodifiedversion", 1}}}},
-	}}
-}
-
-func (s *Service) resolveResourceOps(resourceIDs map[string]string) ([]txn.Op, error) {
-	// Collect pending resource resolution operations.
-	resources, err := s.st.Resources()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return resources.NewResolvePendingResourcesOps(s.doc.Name, resourceIDs)
-}
-
-// SetCharmConfig sets the charm for the service.
-type SetCharmConfig struct {
-	// Charm is the new charm to use for the service.
-	Charm *Charm
-	// Channel is the charm store channel from which charm was pulled.
-	Channel csparams.Channel
-	// ForceUnits forces the upgrade on units in an error state.
-	ForceUnits bool `json:"forceunits"`
-	// ForceSeries forces the use of the charm even if it doesn't match the
-	// series of the unit.
-	ForceSeries bool `json:"forceseries"`
-	// ResourceIDs is a map of resource names to resource IDs to activate during
-	// the upgrade.
-	ResourceIDs map[string]string `json:"resourceids"`
-}
-
-// SetCharm changes the charm for the service. New units will be started with
-// this charm, and existing units will be upgraded to use it.
-// If forceUnits is true, units will be upgraded even if they are in an error state.
-// If forceSeries is true, the charm will be used even if it's the service's series
-// is not supported by the charm.
-func (s *Service) SetCharm(cfg SetCharmConfig) error {
-	if cfg.Charm.Meta().Subordinate != s.doc.Subordinate {
-		return errors.Errorf("cannot change a service's subordinacy")
-	}
-	// For old style charms written for only one series, we still retain
-	// this check. Newer charms written for multi-series have a URL
-	// with series = "".
-	if cfg.Charm.URL().Series != "" {
-		if cfg.Charm.URL().Series != s.doc.Series {
-			return errors.Errorf("cannot change a service's series")
-		}
-	} else if !cfg.ForceSeries {
-		supported := false
-		for _, series := range cfg.Charm.Meta().Series {
-			if series == s.doc.Series {
-				supported = true
-				break
-			}
-		}
-		if !supported {
-			supportedSeries := "no series"
-			if len(cfg.Charm.Meta().Series) > 0 {
-				supportedSeries = strings.Join(cfg.Charm.Meta().Series, ", ")
-			}
-			return errors.Errorf("cannot upgrade charm, only these series are supported: %v", supportedSeries)
-		}
-	} else {
-		// Even with forceSeries=true, we do not allow a charm to be used which is for
-		// a different OS. This assumes the charm declares it has supported series which
-		// we can check for OS compatibility. Otherwise, we just accept the series supplied.
-		currentOS, err := series.GetOSFromSeries(s.doc.Series)
-		if err != nil {
-			// We don't expect an error here but there's not much we can
-			// do to recover.
-			return err
-		}
-		supportedOS := false
-		supportedSeries := cfg.Charm.Meta().Series
-		for _, chSeries := range supportedSeries {
-			charmSeriesOS, err := series.GetOSFromSeries(chSeries)
-			if err != nil {
-				return nil
-			}
-			if currentOS == charmSeriesOS {
-				supportedOS = true
-				break
-			}
-		}
-		if !supportedOS && len(supportedSeries) > 0 {
-			return errors.Errorf("cannot upgrade charm, OS %q not supported by charm", currentOS)
-		}
-	}
-
-	services, closer := s.st.getCollection(servicesC)
-	defer closer()
-
-	// this value holds the *previous* charm modified version, before this
-	// transaction commits.
-	var charmModifiedVersion int
-	channel := string(cfg.Channel)
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			// NOTE: We're explicitly allowing SetCharm to succeed
-			// when the service is Dying, because service/charm
-			// upgrades should still be allowed to apply to dying
-			// services and units, so that bugs in departed/broken
-			// hooks can be addressed at runtime.
-			if notDead, err := isNotDeadWithSession(services, s.doc.DocID); err != nil {
-				return nil, errors.Trace(err)
-			} else if !notDead {
-				return nil, ErrDead
-			}
-		}
-
-		// We can't update the in-memory service doc inside the transaction, so
-		// we manually udpate it at the end of the SetCharm method. However, we
-		// have no way of knowing what the charmModifiedVersion will be, since
-		// it's just incrementing the value in the DB (and that might be out of
-		// step with the value we have in memory).  What we have to do is read
-		// the DB, store the charmModifiedVersion we get, run the transaction,
-		// assert in the transaction that the charmModifiedVersion hasn't
-		// changed since we retrieved it, and then we know what its value must
-		// be after this transaction ends.  It's hacky, but there's no real
-		// other way to do it, thanks to the way mgo's transactions work.
-		var doc serviceDoc
-		err := services.FindId(s.doc.DocID).One(&doc)
-		var charmModifiedVersion int
-		switch {
-		case err == mgo.ErrNotFound:
-			// 0 is correct, since no previous charm existed.
-		case err != nil:
-			return nil, errors.Annotate(err, "can't open previous copy of charm")
-		default:
-			charmModifiedVersion = doc.CharmModifiedVersion
-		}
-		ops := []txn.Op{{
-			C:      servicesC,
-			Id:     s.doc.DocID,
-			Assert: bson.D{{"charmmodifiedversion", charmModifiedVersion}},
-		}}
-
-		// Make sure the service doesn't have this charm already.
-		sel := bson.D{{"_id", s.doc.DocID}, {"charmurl", cfg.Charm.URL()}}
-		count, err := services.Find(sel).Count()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		if count > 0 {
-			// Charm URL already set; just update the force flag and channel.
-			sameCharm := bson.D{{"charmurl", cfg.Charm.URL()}}
-			ops = append(ops, []txn.Op{{
-				C:      servicesC,
-				Id:     s.doc.DocID,
-				Assert: append(notDeadDoc, sameCharm...),
-				Update: bson.D{{"$set", bson.D{
-					{"cs-channel", channel},
-					{"forcecharm", cfg.ForceUnits},
-				}}},
-			}}...)
-		} else {
-			// Change the charm URL.
-			chng, err := s.changeCharmOps(cfg.Charm, channel, cfg.ForceUnits, cfg.ResourceIDs)
-			if err != nil {
-				return nil, errors.Trace(err)
-			}
-			ops = append(ops, chng...)
-		}
-
-		return ops, nil
-	}
-	err := s.st.run(buildTxn)
-	if err == nil {
-		s.doc.CharmURL = cfg.Charm.URL()
-		s.doc.Channel = channel
-		s.doc.ForceCharm = cfg.ForceUnits
-		s.doc.CharmModifiedVersion = charmModifiedVersion + 1
-	}
-	return err
-}
-
-// String returns the service name.
-func (s *Service) String() string {
-	return s.doc.Name
-}
-
-// Refresh refreshes the contents of the Service from the underlying
-// state. It returns an error that satisfies errors.IsNotFound if the
-// service has been removed.
-func (s *Service) Refresh() error {
-	services, closer := s.st.getCollection(servicesC)
-	defer closer()
-
-	err := services.FindId(s.doc.DocID).One(&s.doc)
-	if err == mgo.ErrNotFound {
-		return errors.NotFoundf("service %q", s)
-	}
-	if err != nil {
-		return fmt.Errorf("cannot refresh service %q: %v", s, err)
-	}
-	return nil
-}
-
-// newUnitName returns the next unit name.
-func (s *Service) newUnitName() (string, error) {
-	unitSeq, err := s.st.sequence(s.Tag().String())
-	if err != nil {
-		return "", errors.Trace(err)
-	}
-	name := s.doc.Name + "/" + strconv.Itoa(unitSeq)
-	return name, nil
-}
-
-const MessageWaitForAgentInit = "Waiting for agent initialization to finish"
-
-// addUnitOps returns a unique name for a new unit, and a list of txn operations
-// necessary to create that unit. The principalName param must be non-empty if
-// and only if s is a subordinate service. Only one subordinate of a given
-// service will be assigned to a given principal. The asserts param can be used
-// to include additional assertions for the service document.  This method
-// assumes that the service already exists in the db.
-func (s *Service) addUnitOps(principalName string, asserts bson.D) (string, []txn.Op, error) {
-	var cons constraints.Value
-	if !s.doc.Subordinate {
-		scons, err := s.Constraints()
-		if errors.IsNotFound(err) {
-			return "", nil, errors.NotFoundf("service %q", s.Name())
-		}
-		if err != nil {
-			return "", nil, err
-		}
-		cons, err = s.st.resolveConstraints(scons)
-		if err != nil {
-			return "", nil, err
-		}
-	}
-	storageCons, err := s.StorageConstraints()
-	if err != nil {
-		return "", nil, err
-	}
-	args := serviceAddUnitOpsArgs{
-		cons:          cons,
-		principalName: principalName,
-		storageCons:   storageCons,
-	}
-	names, ops, err := s.addUnitOpsWithCons(args)
-	if err != nil {
-		return names, ops, err
-	}
-	// we verify the service is alive
-	asserts = append(isAliveDoc, asserts...)
-	ops = append(ops, s.incUnitCountOp(asserts))
-	return names, ops, err
-}
-
-type serviceAddUnitOpsArgs struct {
-	principalName string
-	cons          constraints.Value
-	storageCons   map[string]StorageConstraints
-}
-
-// addServiceUnitOps is just like addUnitOps but explicitly takes a
-// constraints value (this is used at service creation time).
-func (s *Service) addServiceUnitOps(args serviceAddUnitOpsArgs) (string, []txn.Op, error) {
-	names, ops, err := s.addUnitOpsWithCons(args)
-	if err == nil {
-		ops = append(ops, s.incUnitCountOp(nil))
-	}
-	return names, ops, err
-}
-
-// addUnitOpsWithCons is a helper method for returning addUnitOps.
-func (s *Service) addUnitOpsWithCons(args serviceAddUnitOpsArgs) (string, []txn.Op, error) {
-	if s.doc.Subordinate && args.principalName == "" {
-		return "", nil, fmt.Errorf("service is a subordinate")
-	} else if !s.doc.Subordinate && args.principalName != "" {
-		return "", nil, fmt.Errorf("service is not a subordinate")
-	}
-	name, err := s.newUnitName()
-	if err != nil {
-		return "", nil, err
-	}
-
-	// Create instances of the charm's declared stores.
-	storageOps, numStorageAttachments, err := s.unitStorageOps(name, args.storageCons)
-	if err != nil {
-		return "", nil, errors.Trace(err)
-	}
-
-	docID := s.st.docID(name)
-	globalKey := unitGlobalKey(name)
-	agentGlobalKey := unitAgentGlobalKey(name)
-	udoc := &unitDoc{
-		DocID:                  docID,
-		Name:                   name,
-		Service:                s.doc.Name,
-		Series:                 s.doc.Series,
-		Life:                   Alive,
-		Principal:              args.principalName,
-		StorageAttachmentCount: numStorageAttachments,
-	}
-	// TODO(fwereade): 2016-03-17 lp:1558657
-	now := time.Now()
-	agentStatusDoc := statusDoc{
-		Status:  status.StatusAllocating,
-		Updated: now.UnixNano(),
-	}
-	unitStatusDoc := statusDoc{
-		// TODO(fwereade): this violates the spec. Should be "waiting".
-		Status:     status.StatusUnknown,
-		StatusInfo: MessageWaitForAgentInit,
-		Updated:    now.UnixNano(),
-	}
-
-	ops := addUnitOps(s.st, addUnitOpsArgs{
-		unitDoc:           udoc,
-		agentStatusDoc:    agentStatusDoc,
-		workloadStatusDoc: unitStatusDoc,
-		meterStatusDoc:    &meterStatusDoc{Code: MeterNotSet.String()},
-	})
-
-	ops = append(ops, storageOps...)
-
-	if s.doc.Subordinate {
-		ops = append(ops, txn.Op{
-			C:  unitsC,
-			Id: s.st.docID(args.principalName),
-			Assert: append(isAliveDoc, bson.DocElem{
-				"subordinates", bson.D{{"$not", bson.RegEx{Pattern: "^" + s.doc.Name + "/"}}},
-			}),
-			Update: bson.D{{"$addToSet", bson.D{{"subordinates", name}}}},
-		})
-	} else {
-		ops = append(ops, createConstraintsOp(s.st, agentGlobalKey, args.cons))
-	}
-
-	// At the last moment we still have the statusDocs in scope, set the initial
-	// history entries. This is risky, and may lead to extra entries, but that's
-	// an intrinsic problem with mixing txn and non-txn ops -- we can't sync
-	// them cleanly.
-	probablyUpdateStatusHistory(s.st, globalKey, unitStatusDoc)
-	probablyUpdateStatusHistory(s.st, agentGlobalKey, agentStatusDoc)
-	return name, ops, nil
-}
-
-// incUnitCountOp returns the operation to increment the service's unit count.
-func (s *Service) incUnitCountOp(asserts bson.D) txn.Op {
-	op := txn.Op{
-		C:      servicesC,
-		Id:     s.doc.DocID,
-		Update: bson.D{{"$inc", bson.D{{"unitcount", 1}}}},
-	}
-	if len(asserts) > 0 {
-		op.Assert = asserts
-	}
-	return op
-}
-
-// unitStorageOps returns operations for creating storage
-// instances and attachments for a new unit. unitStorageOps
-// returns the number of initial storage attachments, to
-// initialise the unit's storage attachment refcount.
-func (s *Service) unitStorageOps(unitName string, cons map[string]StorageConstraints) (ops []txn.Op, numStorageAttachments int, err error) {
-	charm, _, err := s.Charm()
-	if err != nil {
-		return nil, -1, err
-	}
-	meta := charm.Meta()
-	url := charm.URL()
-	tag := names.NewUnitTag(unitName)
-	// TODO(wallyworld) - record constraints info in data model - size and pool name
-	ops, numStorageAttachments, err = createStorageOps(
-		s.st, tag, meta, url, cons,
-		s.doc.Series,
-		false, // unit is not assigned yet; don't create machine storage
-	)
-	if err != nil {
-		return nil, -1, errors.Trace(err)
-	}
-	return ops, numStorageAttachments, nil
-}
-
-// SCHEMACHANGE
-// TODO(mattyw) remove when schema upgrades are possible
-func (s *Service) GetOwnerTag() string {
-	owner := s.doc.OwnerTag
-	if owner == "" {
-		// We know that if there was no owner, it was created with an early
-		// version of juju, and that admin was the only user.
-		owner = names.NewUserTag("admin").String()
-	}
-	return owner
-}
-
-// AddUnit adds a new principal unit to the service.
-func (s *Service) AddUnit() (unit *Unit, err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot add unit to service %q", s)
-	name, ops, err := s.addUnitOps("", nil)
-	if err != nil {
-		return nil, err
-	}
-
-	if err := s.st.runTransaction(ops); err == txn.ErrAborted {
-		if alive, err := isAlive(s.st, servicesC, s.doc.DocID); err != nil {
-			return nil, err
-		} else if !alive {
-			return nil, fmt.Errorf("service is not alive")
-		}
-		return nil, fmt.Errorf("inconsistent state")
-	} else if err != nil {
-		return nil, err
-	}
-	return s.st.Unit(name)
-}
-
-// removeUnitOps returns the operations necessary to remove the supplied unit,
-// assuming the supplied asserts apply to the unit document.
-func (s *Service) removeUnitOps(u *Unit, asserts bson.D) ([]txn.Op, error) {
-	ops, err := u.destroyHostOps(s)
-	if err != nil {
-		return nil, err
-	}
-	portsOps, err := removePortsForUnitOps(s.st, u)
-	if err != nil {
-		return nil, err
-	}
-	storageInstanceOps, err := removeStorageInstancesOps(s.st, u.Tag())
-	if err != nil {
-		return nil, err
-	}
-	// TODO(ericsnow) Use a generic registry instead.
-	resOps, err := removeUnitResourcesOps(s.st, u.doc.Service, u.doc.Name)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	ops = append(ops, resOps...)
-
-	observedFieldsMatch := bson.D{
-		{"charmurl", u.doc.CharmURL},
-		{"machineid", u.doc.MachineId},
-	}
-	ops = append(ops,
-		txn.Op{
-			C:      unitsC,
-			Id:     u.doc.DocID,
-			Assert: append(observedFieldsMatch, asserts...),
-			Remove: true,
-		},
-		removeMeterStatusOp(s.st, u.globalMeterStatusKey()),
-		removeStatusOp(s.st, u.globalAgentKey()),
-		removeStatusOp(s.st, u.globalKey()),
-		removeConstraintsOp(s.st, u.globalAgentKey()),
-		annotationRemoveOp(s.st, u.globalKey()),
-		s.st.newCleanupOp(cleanupRemovedUnit, u.doc.Name),
-	)
-	ops = append(ops, portsOps...)
-	ops = append(ops, storageInstanceOps...)
-	if u.doc.CharmURL != nil {
-		decOps, err := settingsDecRefOps(s.st, s.doc.Name, u.doc.CharmURL)
-		if errors.IsNotFound(err) {
-			return nil, errRefresh
-		} else if err != nil {
-			return nil, err
-		}
-		ops = append(ops, decOps...)
-	}
-	if s.doc.Life == Dying && s.doc.RelationCount == 0 && s.doc.UnitCount == 1 {
-		hasLastRef := bson.D{{"life", Dying}, {"relationcount", 0}, {"unitcount", 1}}
-		return append(ops, s.removeOps(hasLastRef)...), nil
-	}
-	svcOp := txn.Op{
-		C:      servicesC,
-		Id:     s.doc.DocID,
-		Update: bson.D{{"$inc", bson.D{{"unitcount", -1}}}},
-	}
-	if s.doc.Life == Alive {
-		svcOp.Assert = bson.D{{"life", Alive}, {"unitcount", bson.D{{"$gt", 0}}}}
-	} else {
-		svcOp.Assert = bson.D{
-			{"life", Dying},
-			{"$or", []bson.D{
-				{{"unitcount", bson.D{{"$gt", 1}}}},
-				{{"relationcount", bson.D{{"$gt", 0}}}},
-			}},
-		}
-	}
-	ops = append(ops, svcOp)
-
-	return ops, nil
-}
-
-func removeUnitResourcesOps(st *State, serviceID, unitID string) ([]txn.Op, error) {
-	persist, err := st.ResourcesPersistence()
-	if errors.IsNotSupported(err) {
-		// Nothing to see here, move along.
-		return nil, nil
-	}
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	ops, err := persist.NewRemoveUnitResourcesOps(unitID)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return ops, nil
-}
-
-// AllUnits returns all units of the service.
-func (s *Service) AllUnits() (units []*Unit, err error) {
-	return allUnits(s.st, s.doc.Name)
-}
-
-func allUnits(st *State, service string) (units []*Unit, err error) {
-	unitsCollection, closer := st.getCollection(unitsC)
-	defer closer()
-
-	docs := []unitDoc{}
-	err = unitsCollection.Find(bson.D{{"service", service}}).All(&docs)
-	if err != nil {
-		return nil, fmt.Errorf("cannot get all units from service %q: %v", service, err)
-	}
-	for i := range docs {
-		units = append(units, newUnit(st, &docs[i]))
-	}
-	return units, nil
-}
-
-// Relations returns a Relation for every relation the service is in.
-func (s *Service) Relations() (relations []*Relation, err error) {
-	return serviceRelations(s.st, s.doc.Name)
-}
-
-func serviceRelations(st *State, name string) (relations []*Relation, err error) {
-	defer errors.DeferredAnnotatef(&err, "can't get relations for service %q", name)
-	relationsCollection, closer := st.getCollection(relationsC)
-	defer closer()
-
-	docs := []relationDoc{}
-	err = relationsCollection.Find(bson.D{{"endpoints.servicename", name}}).All(&docs)
-	if err != nil {
-		return nil, err
-	}
-	for _, v := range docs {
-		relations = append(relations, newRelation(st, &v))
-	}
-	return relations, nil
-}
-
-// ConfigSettings returns the raw user configuration for the service's charm.
-// Unset values are omitted.
-func (s *Service) ConfigSettings() (charm.Settings, error) {
-	settings, err := readSettings(s.st, s.settingsKey())
-	if err != nil {
-		return nil, err
-	}
-	return settings.Map(), nil
-}
-
-// UpdateConfigSettings changes a service's charm config settings. Values set
-// to nil will be deleted; unknown and invalid values will return an error.
-func (s *Service) UpdateConfigSettings(changes charm.Settings) error {
-	charm, _, err := s.Charm()
-	if err != nil {
-		return err
-	}
-	changes, err = charm.Config().ValidateSettings(changes)
-	if err != nil {
-		return err
-	}
-	// TODO(fwereade) state.Settings is itself really problematic in just
-	// about every use case. This needs to be resolved some time; but at
-	// least the settings docs are keyed by charm url as well as service
-	// name, so the actual impact of a race is non-threatening.
-	node, err := readSettings(s.st, s.settingsKey())
-	if err != nil {
-		return err
-	}
-	for name, value := range changes {
-		if value == nil {
-			node.Delete(name)
-		} else {
-			node.Set(name, value)
-		}
-	}
-	_, err = node.Write()
-	return err
-}
-
-// LeaderSettings returns a service's leader settings. If nothing has been set
-// yet, it will return an empty map; this is not an error.
-func (s *Service) LeaderSettings() (map[string]string, error) {
-	// There's no compelling reason to have these methods on Service -- and
-	// thus require an extra db read to access them -- but it stops the State
-	// type getting even more cluttered.
-
-	doc, err := readSettingsDoc(s.st, leadershipSettingsKey(s.doc.Name))
-	if errors.IsNotFound(err) {
-		return nil, errors.NotFoundf("service")
-	} else if err != nil {
-		return nil, errors.Trace(err)
-	}
-	result := make(map[string]string)
-	for escapedKey, interfaceValue := range doc.Settings {
-		key := unescapeReplacer.Replace(escapedKey)
-		if value, _ := interfaceValue.(string); value != "" {
-			// Empty strings are technically bad data -- when set, they clear.
-			result[key] = value
-		} else {
-			// Some bad data isn't reason enough to obscure the good data.
-			logger.Warningf("unexpected leader settings value for %s: %#v", key, interfaceValue)
-		}
-	}
-	return result, nil
-}
-
-// UpdateLeaderSettings updates the service's leader settings with the supplied
-// values, but will fail (with a suitable error) if the supplied Token loses
-// validity. Empty values in the supplied map will be cleared in the database.
-func (s *Service) UpdateLeaderSettings(token leadership.Token, updates map[string]string) error {
-	// There's no compelling reason to have these methods on Service -- and
-	// thus require an extra db read to access them -- but it stops the State
-	// type getting even more cluttered.
-
-	// We can calculate the actual update ahead of time; it's not dependent
-	// upon the current state of the document. (*Writing* it should depend
-	// on document state, but that's handled below.)
-	key := leadershipSettingsKey(s.doc.Name)
-	sets := bson.M{}
-	unsets := bson.M{}
-	for unescapedKey, value := range updates {
-		key := escapeReplacer.Replace(unescapedKey)
-		if value == "" {
-			unsets[key] = 1
-		} else {
-			sets[key] = value
-		}
-	}
-	update := setUnsetUpdateSettings(sets, unsets)
-
-	isNullChange := func(rawMap map[string]interface{}) bool {
-		for key := range unsets {
-			if _, found := rawMap[key]; found {
-				return false
-			}
-		}
-		for key, value := range sets {
-			if current := rawMap[key]; current != value {
-				return false
-			}
-		}
-		return true
-	}
-
-	buildTxn := func(_ int) ([]txn.Op, error) {
-		// Read the current document state so we can abort if there's
-		// no actual change; and the version number so we can assert
-		// on it and prevent these settings from landing late.
-		doc, err := readSettingsDoc(s.st, key)
-		if errors.IsNotFound(err) {
-			return nil, errors.NotFoundf("service")
-		} else if err != nil {
-			return nil, errors.Trace(err)
-		}
-		if isNullChange(doc.Settings) {
-			return nil, jujutxn.ErrNoOperations
-		}
-		return []txn.Op{{
-			C:      settingsC,
-			Id:     key,
-			Assert: bson.D{{"version", doc.Version}},
-			Update: update,
-		}}, nil
-	}
-	return s.st.run(buildTxnWithLeadership(buildTxn, token))
-}
-
-var ErrSubordinateConstraints = stderrors.New("constraints do not apply to subordinate services")
-
-// Constraints returns the current service constraints.
-func (s *Service) Constraints() (constraints.Value, error) {
-	if s.doc.Subordinate {
-		return constraints.Value{}, ErrSubordinateConstraints
-	}
-	return readConstraints(s.st, s.globalKey())
-}
-
-// SetConstraints replaces the current service constraints.
-func (s *Service) SetConstraints(cons constraints.Value) (err error) {
-	unsupported, err := s.st.validateConstraints(cons)
-	if len(unsupported) > 0 {
-		logger.Warningf(
-			"setting constraints on service %q: unsupported constraints: %v", s.Name(), strings.Join(unsupported, ","))
-	} else if err != nil {
-		return err
-	}
-	if s.doc.Subordinate {
-		return ErrSubordinateConstraints
-	}
-	defer errors.DeferredAnnotatef(&err, "cannot set constraints")
-	if s.doc.Life != Alive {
-		return errNotAlive
-	}
-	ops := []txn.Op{{
-		C:      servicesC,
-		Id:     s.doc.DocID,
-		Assert: isAliveDoc,
-	}}
-	ops = append(ops, setConstraintsOp(s.st, s.globalKey(), cons))
-	return onAbort(s.st.runTransaction(ops), errNotAlive)
-}
-
-// EndpointBindings returns the mapping for each endpoint name and the space
-// name it is bound to (or empty if unspecified). When no bindings are stored
-// for the service, defaults are returned.
-func (s *Service) EndpointBindings() (map[string]string, error) {
-	// We don't need the TxnRevno below.
-	bindings, _, err := readEndpointBindings(s.st, s.globalKey())
-	if err != nil && !errors.IsNotFound(err) {
-		return nil, errors.Trace(err)
-	}
-	if bindings == nil {
-		bindings, err = s.defaultEndpointBindings()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-	}
-	return bindings, nil
-}
-
-// defaultEndpointBindings returns a map with each endpoint from the current
-// charm metadata bound to an empty space. If no charm URL is set yet, it
-// returns an empty map.
-func (s *Service) defaultEndpointBindings() (map[string]string, error) {
-	if s.doc.CharmURL == nil {
-		return map[string]string{}, nil
-	}
-
-	charm, _, err := s.Charm()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	return DefaultEndpointBindingsForCharm(charm.Meta()), nil
-}
-
-// MetricCredentials returns any metric credentials associated with this service.
-func (s *Service) MetricCredentials() []byte {
-	return s.doc.MetricCredentials
-}
-
-// SetMetricCredentials updates the metric credentials associated with this service.
-func (s *Service) SetMetricCredentials(b []byte) error {
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		if attempt > 0 {
-			alive, err := isAlive(s.st, servicesC, s.doc.DocID)
-			if err != nil {
-				return nil, errors.Trace(err)
-			} else if !alive {
-				return nil, errNotAlive
-			}
-		}
-		ops := []txn.Op{
-			{
-				C:      servicesC,
-				Id:     s.doc.DocID,
-				Assert: isAliveDoc,
-				Update: bson.M{"$set": bson.M{"metric-credentials": b}},
-			},
-		}
-		return ops, nil
-	}
-	if err := s.st.run(buildTxn); err != nil {
-		if err == errNotAlive {
-			return errors.New("cannot update metric credentials: service " + err.Error())
-		}
-		return errors.Annotatef(err, "cannot update metric credentials")
-	}
-	s.doc.MetricCredentials = b
-	return nil
-}
-
-func (s *Service) StorageConstraints() (map[string]StorageConstraints, error) {
-	return readStorageConstraints(s.st, s.globalKey())
-}
-
-// settingsIncRefOp returns an operation that increments the ref count
-// of the service settings identified by serviceName and curl. If
-// canCreate is false, a missing document will be treated as an error;
-// otherwise, it will be created with a ref count of 1.
-func settingsIncRefOp(st *State, serviceName string, curl *charm.URL, canCreate bool) (txn.Op, error) {
-	settingsrefs, closer := st.getCollection(settingsrefsC)
-	defer closer()
-
-	key := serviceSettingsKey(serviceName, curl)
-	if count, err := settingsrefs.FindId(key).Count(); err != nil {
-		return txn.Op{}, err
-	} else if count == 0 {
-		if !canCreate {
-			return txn.Op{}, errors.NotFoundf("service %q settings for charm %q", serviceName, curl)
-		}
-		return txn.Op{
-			C:      settingsrefsC,
-			Id:     st.docID(key),
-			Assert: txn.DocMissing,
-			Insert: settingsRefsDoc{
-				RefCount:  1,
-				ModelUUID: st.ModelUUID()},
-		}, nil
-	}
-	return txn.Op{
-		C:      settingsrefsC,
-		Id:     st.docID(key),
-		Assert: txn.DocExists,
-		Update: bson.D{{"$inc", bson.D{{"refcount", 1}}}},
-	}, nil
-}
-
-// settingsDecRefOps returns a list of operations that decrement the
-// ref count of the service settings identified by serviceName and
-// curl. If the ref count is set to zero, the appropriate setting and
-// ref count documents will both be deleted.
-func settingsDecRefOps(st *State, serviceName string, curl *charm.URL) ([]txn.Op, error) {
-	settingsrefs, closer := st.getCollection(settingsrefsC)
-	defer closer()
-
-	key := serviceSettingsKey(serviceName, curl)
-	var doc settingsRefsDoc
-	if err := settingsrefs.FindId(key).One(&doc); err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("service %q settings for charm %q", serviceName, curl)
-	} else if err != nil {
-		return nil, err
-	}
-	docID := st.docID(key)
-	if doc.RefCount == 1 {
-		return []txn.Op{{
-			C:      settingsrefsC,
-			Id:     docID,
-			Assert: bson.D{{"refcount", 1}},
-			Remove: true,
-		}, {
-			C:      settingsC,
-			Id:     docID,
-			Remove: true,
-		}}, nil
-	}
-	return []txn.Op{{
-		C:      settingsrefsC,
-		Id:     docID,
-		Assert: bson.D{{"refcount", bson.D{{"$gt", 1}}}},
-		Update: bson.D{{"$inc", bson.D{{"refcount", -1}}}},
-	}}, nil
-}
-
-// settingsRefsDoc holds the number of units and services using the
-// settings document identified by the document's id. Every time a
-// service upgrades its charm the settings doc ref count for the new
-// charm url is incremented, and the old settings is ref count is
-// decremented. When a unit upgrades to the new charm, the old service
-// settings ref count is decremented and the ref count of the new
-// charm settings is incremented. The last unit upgrading to the new
-// charm is responsible for deleting the old charm's settings doc.
-//
-// Note: We're not using the settingsDoc for this because changing
-// just the ref count is not considered a change worth reporting
-// to watchers and firing config-changed hooks.
-//
-// There is an implicit _id field here, which mongo creates, which is
-// always the same as the settingsDoc's id.
-type settingsRefsDoc struct {
-	RefCount  int
-	ModelUUID string `bson:"model-uuid"`
-}
-
-// Status returns the status of the service.
-// Only unit leaders are allowed to set the status of the service.
-// If no status is recorded, then there are no unit leaders and the
-// status is derived from the unit status values.
-func (s *Service) Status() (status.StatusInfo, error) {
-	statuses, closer := s.st.getCollection(statusesC)
-	defer closer()
-	query := statuses.Find(bson.D{{"_id", s.globalKey()}, {"neverset", true}})
-	if count, err := query.Count(); err != nil {
-		return status.StatusInfo{}, errors.Trace(err)
-	} else if count != 0 {
-		// This indicates that SetStatus has never been called on this service.
-		// This in turn implies the service status document is likely to be
-		// inaccurate, so we return aggregated unit statuses instead.
-		//
-		// TODO(fwereade): this is completely wrong and will produce bad results
-		// in not-very-challenging scenarios. The leader unit remains responsible
-		// for setting the service status in a timely way, *whether or not the
-		// charm's hooks exists or sets a service status*. This logic should be
-		// removed as soon as possible, and the responsibilities implemented in
-		// the right places rather than being applied at seeming random.
-		units, err := s.AllUnits()
-		if err != nil {
-			return status.StatusInfo{}, err
-		}
-		logger.Tracef("service %q has %d units", s.Name(), len(units))
-		if len(units) > 0 {
-			return s.deriveStatus(units)
-		}
-	}
-	return getStatus(s.st, s.globalKey(), "service")
-}
-
-// SetStatus sets the status for the service.
-func (s *Service) SetStatus(serviceStatus status.Status, info string, data map[string]interface{}) error {
-	if !status.ValidWorkloadStatus(serviceStatus) {
-		return errors.Errorf("cannot set invalid status %q", serviceStatus)
-	}
-	return setStatus(s.st, setStatusParams{
-		badge:     "service",
-		globalKey: s.globalKey(),
-		status:    serviceStatus,
-		message:   info,
-		rawData:   data,
-	})
-}
-
-// StatusHistory returns a slice of at most <size> StatusInfo items
-// representing past statuses for this service.
-func (s *Service) StatusHistory(size int) ([]status.StatusInfo, error) {
-	return statusHistory(s.st, s.globalKey(), size)
-}
-
-// ServiceAndUnitsStatus returns the status for this service and all its units.
-func (s *Service) ServiceAndUnitsStatus() (status.StatusInfo, map[string]status.StatusInfo, error) {
-	serviceStatus, err := s.Status()
-	if err != nil {
-		return status.StatusInfo{}, nil, errors.Trace(err)
-	}
-	units, err := s.AllUnits()
-	if err != nil {
-		return status.StatusInfo{}, nil, err
-	}
-	results := make(map[string]status.StatusInfo, len(units))
-	for _, unit := range units {
-		unitStatus, err := unit.Status()
-		if err != nil {
-			return status.StatusInfo{}, nil, err
-		}
-		results[unit.Name()] = unitStatus
-	}
-	return serviceStatus, results, nil
-
-}
-
-func (s *Service) deriveStatus(units []*Unit) (status.StatusInfo, error) {
-	var result status.StatusInfo
-	for _, unit := range units {
-		currentSeverity := statusServerities[result.Status]
-		unitStatus, err := unit.Status()
-		if err != nil {
-			return status.StatusInfo{}, errors.Annotatef(err, "deriving service status from %q", unit.Name())
-		}
-		unitSeverity := statusServerities[unitStatus.Status]
-		if unitSeverity > currentSeverity {
-			result.Status = unitStatus.Status
-			result.Message = unitStatus.Message
-			result.Data = unitStatus.Data
-			result.Since = unitStatus.Since
-		}
-	}
-	return result, nil
-}
-
-// statusSeverities holds status values with a severity measure.
-// Status values with higher severity are used in preference to others.
-var statusServerities = map[status.Status]int{
-	status.StatusError:       100,
-	status.StatusBlocked:     90,
-	status.StatusWaiting:     80,
-	status.StatusMaintenance: 70,
-	status.StatusTerminated:  60,
-	status.StatusActive:      50,
-	status.StatusUnknown:     40,
-}
-
-type addServiceOpsArgs struct {
-	serviceDoc       *serviceDoc
-	statusDoc        statusDoc
-	constraints      constraints.Value
-	storage          map[string]StorageConstraints
-	settings         map[string]interface{}
-	settingsRefCount int
-	// These are nil when adding a new service, and most likely
-	// non-nil when migrating.
-	leadershipSettings map[string]interface{}
-}
-
-// addServiceOps returns the operations required to add a service to the
-// services collection, along with all the associated expected other service
-// entries. This method is used by both the *State.AddService method and the
-// migration import code.
-func addServiceOps(st *State, args addServiceOpsArgs) []txn.Op {
-	svc := newService(st, args.serviceDoc)
-
-	globalKey := svc.globalKey()
-	settingsKey := svc.settingsKey()
-	leadershipKey := leadershipSettingsKey(svc.Name())
-
-	return []txn.Op{
-		createConstraintsOp(st, globalKey, args.constraints),
-		createStorageConstraintsOp(globalKey, args.storage),
-		createSettingsOp(settingsKey, args.settings),
-		createSettingsOp(leadershipKey, args.leadershipSettings),
-		createStatusOp(st, globalKey, args.statusDoc),
-		addModelServiceRefOp(st, svc.Name()),
-		{
-			C:      settingsrefsC,
-			Id:     settingsKey,
-			Assert: txn.DocMissing,
-			Insert: settingsRefsDoc{
-				RefCount: args.settingsRefCount,
-			},
-		}, {
-			C:      servicesC,
-			Id:     svc.Name(),
-			Assert: txn.DocMissing,
-			Insert: args.serviceDoc,
-		},
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/service_leader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/service_leader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/service_leader_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/service_leader_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,262 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package state_test
-
-import (
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/mgo.v2/txn"
-
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/testing"
-	"github.com/juju/juju/testing/factory"
-)
-
-type ServiceLeaderSuite struct {
-	ConnSuite
-	service *state.Service
-}
-
-var _ = gc.Suite(&ServiceLeaderSuite{})
-
-func (s *ServiceLeaderSuite) SetUpTest(c *gc.C) {
-	s.ConnSuite.SetUpTest(c)
-	s.service = s.Factory.MakeService(c, nil)
-}
-
-func (s *ServiceLeaderSuite) TestReadEmpty(c *gc.C) {
-	s.checkSettings(c, map[string]string{})
-}
-
-func (s *ServiceLeaderSuite) TestWrite(c *gc.C) {
-	s.writeSettings(c, map[string]string{
-		"foo":     "bar",
-		"baz.qux": "ping",
-		"pong":    "",
-		"$unset":  "foo",
-	})
-
-	s.checkSettings(c, map[string]string{
-		"foo":     "bar",
-		"baz.qux": "ping",
-		// pong: "" value is ignored
-		"$unset": "foo",
-	})
-}
-
-func (s *ServiceLeaderSuite) TestOverwrite(c *gc.C) {
-	s.writeSettings(c, map[string]string{
-		"one":    "foo",
-		"2.0":    "bar",
-		"$three": "baz",
-		"fo-ur":  "qux",
-	})
-
-	s.writeSettings(c, map[string]string{
-		"one":    "",
-		"2.0":    "ping",
-		"$three": "pong",
-		"$unset": "2.0",
-	})
-
-	s.checkSettings(c, map[string]string{
-		// one: "" value is cleared
-		"2.0":    "ping",
-		"$three": "pong",
-		"fo-ur":  "qux",
-		"$unset": "2.0",
-	})
-}
-
-func (s *ServiceLeaderSuite) TestTxnRevnoChange(c *gc.C) {
-	defer state.SetBeforeHooks(c, s.State, func() {
-		s.writeSettings(c, map[string]string{
-			"other":   "values",
-			"slipped": "in",
-			"before":  "we",
-			"managed": "to",
-		})
-	}).Check()
-
-	s.writeSettings(c, map[string]string{
-		"but":       "we",
-		"overwrite": "those",
-		"before":    "",
-	})
-
-	s.checkSettings(c, map[string]string{
-		"other":     "values",
-		"slipped":   "in",
-		"but":       "we",
-		"managed":   "to",
-		"overwrite": "those",
-	})
-}
-
-func (s *ServiceLeaderSuite) TestTokenError(c *gc.C) {
-	err := s.service.UpdateLeaderSettings(&failToken{}, map[string]string{"blah": "blah"})
-	c.Check(err, gc.ErrorMatches, "prerequisites failed: something bad happened")
-}
-
-func (s *ServiceLeaderSuite) TestTokenAssertFailure(c *gc.C) {
-	err := s.service.UpdateLeaderSettings(&raceToken{}, map[string]string{"blah": "blah"})
-	c.Check(err, gc.ErrorMatches, "prerequisites failed: too late")
-}
-
-func (s *ServiceLeaderSuite) TestReadWriteDying(c *gc.C) {
-	s.preventRemove(c)
-	s.destroyService(c)
-
-	s.writeSettings(c, map[string]string{
-		"this":  "should",
-		"still": "work",
-	})
-	s.checkSettings(c, map[string]string{
-		"this":  "should",
-		"still": "work",
-	})
-}
-
-func (s *ServiceLeaderSuite) TestReadRemoved(c *gc.C) {
-	s.destroyService(c)
-
-	actual, err := s.service.LeaderSettings()
-	c.Check(err, gc.ErrorMatches, "service not found")
-	c.Check(err, jc.Satisfies, errors.IsNotFound)
-	c.Check(actual, gc.IsNil)
-}
-
-func (s *ServiceLeaderSuite) TestWriteRemoved(c *gc.C) {
-	s.destroyService(c)
-
-	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
-		"should": "fail",
-	})
-	c.Check(err, gc.ErrorMatches, "service not found")
-	c.Check(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceLeaderSuite) TestWatchInitialEvent(c *gc.C) {
-	w := s.service.WatchLeaderSettings()
-	defer testing.AssertStop(c, w)
-
-	wc := testing.NewNotifyWatcherC(c, s.State, w)
-	wc.AssertOneChange()
-}
-
-func (s *ServiceLeaderSuite) TestWatchDetectChange(c *gc.C) {
-	w := s.service.WatchLeaderSettings()
-	defer testing.AssertStop(c, w)
-	wc := testing.NewNotifyWatcherC(c, s.State, w)
-	wc.AssertOneChange()
-
-	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
-		"something": "changed",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertOneChange()
-}
-
-func (s *ServiceLeaderSuite) TestWatchIgnoreNullChange(c *gc.C) {
-	w := s.service.WatchLeaderSettings()
-	defer testing.AssertStop(c, w)
-	wc := testing.NewNotifyWatcherC(c, s.State, w)
-	wc.AssertOneChange()
-	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
-		"something": "changed",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertOneChange()
-
-	err = s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
-		"something": "changed",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertNoChange()
-}
-
-func (s *ServiceLeaderSuite) TestWatchCoalesceChanges(c *gc.C) {
-	w := s.service.WatchLeaderSettings()
-	defer testing.AssertStop(c, w)
-	wc := testing.NewNotifyWatcherC(c, s.State, w)
-	wc.AssertOneChange()
-
-	err := s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
-		"something": "changed",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.service.UpdateLeaderSettings(&fakeToken{}, map[string]string{
-		"very": "excitingly",
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertOneChange()
-}
-
-func (s *ServiceLeaderSuite) writeSettings(c *gc.C, update map[string]string) {
-	err := s.service.UpdateLeaderSettings(&fakeToken{}, update)
-	c.Check(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceLeaderSuite) checkSettings(c *gc.C, expect map[string]string) {
-	actual, err := s.service.LeaderSettings()
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(actual, gc.DeepEquals, expect)
-}
-
-func (s *ServiceLeaderSuite) preventRemove(c *gc.C) {
-	s.Factory.MakeUnit(c, &factory.UnitParams{Service: s.service})
-}
-
-func (s *ServiceLeaderSuite) destroyService(c *gc.C) {
-	killService, err := s.State.Service(s.service.Name())
-	c.Assert(err, jc.ErrorIsNil)
-	err = killService.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-// fakeToken implements leadership.Token.
-type fakeToken struct{}
-
-// Check is part of the leadership.Token interface. It always claims success,
-// and never checks or writes the userdata.
-func (*fakeToken) Check(interface{}) error {
-	return nil
-}
-
-// failToken implements leadership.Token.
-type failToken struct{}
-
-// Check is part of the leadership.Token interface. It always returns an error,
-// and never checks or writes the userdata.
-func (*failToken) Check(interface{}) error {
-	return errors.New("something bad happened")
-}
-
-// raceToken implements leadership.Token.
-type raceToken struct {
-	checkedOnce bool
-}
-
-// Check is part of the leadership.Token interface. On the first call, it expects
-// a *[]txn.Op, into which it will copy a failing assertion; on subsequent calls,
-// it just returns an error.
-func (t *raceToken) Check(out interface{}) error {
-	if t.checkedOnce {
-		return errors.New("too late")
-	}
-	t.checkedOnce = true
-	outPtr, ok := out.(*[]txn.Op)
-	if !ok {
-		return errors.Errorf("SUT passed in bad value: %#v", out)
-	}
-	wontExist := utils.MustNewUUID()
-	*outPtr = []txn.Op{{
-		C:      "units", // we have to use a collection defined in the schema
-		Id:     wontExist.String(),
-		Assert: txn.DocExists,
-	}}
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/service_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,2445 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package state_test
-
-import (
-	"fmt"
-	"sort"
-
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	jc "github.com/juju/testing/checkers"
-	jujutxn "github.com/juju/txn"
-	"github.com/juju/utils/set"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/mgo.v2"
-	"gopkg.in/mgo.v2/bson"
-	"gopkg.in/mgo.v2/txn"
-
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/testing"
-	"github.com/juju/juju/status"
-	"github.com/juju/juju/storage/provider"
-	"github.com/juju/juju/storage/provider/registry"
-)
-
-type ServiceSuite struct {
-	ConnSuite
-	charm *state.Charm
-	mysql *state.Service
-}
-
-var _ = gc.Suite(&ServiceSuite{})
-
-func (s *ServiceSuite) SetUpTest(c *gc.C) {
-	s.ConnSuite.SetUpTest(c)
-	s.policy.GetConstraintsValidator = func(*config.Config, state.SupportedArchitecturesQuerier) (constraints.Validator, error) {
-		validator := constraints.NewValidator()
-		validator.RegisterConflicts([]string{constraints.InstanceType}, []string{constraints.Mem})
-		validator.RegisterUnsupported([]string{constraints.CpuPower})
-		return validator, nil
-	}
-	s.charm = s.AddTestingCharm(c, "mysql")
-	s.mysql = s.AddTestingService(c, "mysql", s.charm)
-}
-
-func (s *ServiceSuite) TestSetCharm(c *gc.C) {
-	ch, force, err := s.mysql.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL(), gc.DeepEquals, s.charm.URL())
-	c.Assert(force, jc.IsFalse)
-	url, force := s.mysql.CharmURL()
-	c.Assert(url, gc.DeepEquals, s.charm.URL())
-	c.Assert(force, jc.IsFalse)
-
-	// Add a compatible charm and force it.
-	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
-
-	cfg := state.SetCharmConfig{
-		Charm:      sch,
-		ForceUnits: true,
-	}
-	err = s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	ch, force, err = s.mysql.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL(), gc.DeepEquals, sch.URL())
-	c.Assert(force, jc.IsTrue)
-	url, force = s.mysql.CharmURL()
-	c.Assert(url, gc.DeepEquals, sch.URL())
-	c.Assert(force, jc.IsTrue)
-}
-
-func (s *ServiceSuite) TestSetCharmLegacy(c *gc.C) {
-	chDifferentSeries := state.AddTestingCharmForSeries(c, s.State, "precise", "mysql")
-
-	cfg := state.SetCharmConfig{
-		Charm:       chDifferentSeries,
-		ForceSeries: true,
-	}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, gc.ErrorMatches, "cannot change a service's series")
-}
-
-func (s *ServiceSuite) TestClientServiceSetCharmUnsupportedSeries(c *gc.C) {
-	ch := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
-	svc := state.AddTestingServiceForSeries(c, s.State, "precise", "service", ch, s.Owner)
-
-	chDifferentSeries := state.AddTestingCharmMultiSeries(c, s.State, "multi-series2")
-	cfg := state.SetCharmConfig{
-		Charm: chDifferentSeries,
-	}
-	err := svc.SetCharm(cfg)
-	c.Assert(err, gc.ErrorMatches, "cannot upgrade charm, only these series are supported: trusty, wily")
-}
-
-func (s *ServiceSuite) TestClientServiceSetCharmUnsupportedSeriesForce(c *gc.C) {
-	ch := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
-	svc := state.AddTestingServiceForSeries(c, s.State, "precise", "service", ch, s.Owner)
-
-	chDifferentSeries := state.AddTestingCharmMultiSeries(c, s.State, "multi-series2")
-	cfg := state.SetCharmConfig{
-		Charm:       chDifferentSeries,
-		ForceSeries: true,
-	}
-	err := svc.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	svc, err = s.State.Service("service")
-	c.Assert(err, jc.ErrorIsNil)
-	ch, _, err = svc.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ch.URL().String(), gc.Equals, "cs:multi-series2-8")
-}
-
-func (s *ServiceSuite) TestClientServiceSetCharmWrongOS(c *gc.C) {
-	ch := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
-	svc := state.AddTestingServiceForSeries(c, s.State, "precise", "service", ch, s.Owner)
-
-	chDifferentSeries := state.AddTestingCharmMultiSeries(c, s.State, "multi-series-windows")
-	cfg := state.SetCharmConfig{
-		Charm:       chDifferentSeries,
-		ForceSeries: true,
-	}
-	err := svc.SetCharm(cfg)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade charm, OS "Ubuntu" not supported by charm`)
-}
-
-func (s *ServiceSuite) TestSetCharmPreconditions(c *gc.C) {
-	logging := s.AddTestingCharm(c, "logging")
-	cfg := state.SetCharmConfig{Charm: logging}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, gc.ErrorMatches, "cannot change a service's subordinacy")
-
-	othermysql := s.AddSeriesCharm(c, "mysql", "otherseries")
-	cfg2 := state.SetCharmConfig{Charm: othermysql}
-	err = s.mysql.SetCharm(cfg2)
-	c.Assert(err, gc.ErrorMatches, "cannot change a service's series")
-}
-
-func (s *ServiceSuite) TestSetCharmUpdatesBindings(c *gc.C) {
-	_, err := s.State.AddSpace("db", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddSpace("client", "", nil, true)
-	c.Assert(err, jc.ErrorIsNil)
-	oldCharm := s.AddMetaCharm(c, "mysql", metaBase, 44)
-
-	service, err := s.State.AddService(state.AddServiceArgs{
-		Name:  "yoursql",
-		Owner: s.Owner.String(),
-		Charm: oldCharm,
-		EndpointBindings: map[string]string{
-			"server": "db",
-			"client": "client",
-		}})
-	c.Assert(err, jc.ErrorIsNil)
-
-	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, 43)
-	cfg := state.SetCharmConfig{Charm: newCharm}
-	err = service.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	updatedBindings, err := service.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(updatedBindings, jc.DeepEquals, map[string]string{
-		// Existing bindings are preserved.
-		"server":  "db",
-		"client":  "client",
-		"cluster": "", // inherited from defaults in AddService.
-		// New endpoints use empty defaults.
-		"foo":  "",
-		"baz":  "",
-		"just": "",
-	})
-}
-
-func (s *ServiceSuite) TestSetCharmWithWeirdlyNamedEndpoints(c *gc.C) {
-	// This test ensures if special characters appear in endpoint names of the
-	// charm metadata, they are properly escaped before saving to mongo, and
-	// unescaped when read back.
-	_, err := s.State.AddSpace("client", "", nil, true)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddSpace("db", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-
-	initialBindings := map[string]string{
-		"$pull":     "db",
-		"$set.foo":  "",
-		"cli ent .": "client",
-		".":         "db",
-	}
-	weirdOldCharm := s.AddMetaCharm(c, "mysql", `
-name: mysql
-summary: "Fake MySQL Database engine"
-description: "Complete with nonsense relations"
-provides:
-  $pull: mysql
-  $set.foo: bar
-requires:
-  foo: something
-  "cli ent .": mysql
-peers:
-  ".": bad
-  "$": mysql
-`, 42)
-	weirdNewCharm := s.AddMetaCharm(c, "mysql", `
-name: mysql
-summary: "Fake MySQL Database engine"
-description: "Complete with nonsense relations"
-provides:
-  ser$ver2: mysql
-  $pull: mysql
-  $set.foo: bar
-requires:
-  "cli ent 2": mysql
-peers:
-  "$": mysql
-  ".": bad
-`, 43)
-
-	weirdService := s.AddTestingServiceWithBindings(c, "weird", weirdOldCharm, initialBindings)
-	readBindings, err := weirdService.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	expectedBindings := map[string]string{
-		"cli ent .": "client",
-		"foo":       "",
-		"$":         "",
-		".":         "db",
-		"$set.foo":  "",
-		"$pull":     "db",
-	}
-	c.Check(readBindings, jc.DeepEquals, expectedBindings)
-
-	cfg := state.SetCharmConfig{Charm: weirdNewCharm}
-	err = weirdService.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	readBindings, err = weirdService.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-
-	expectedBindings = map[string]string{
-		"ser$ver2":  "",
-		"cli ent 2": "",
-		"$":         "",
-		".":         "db",
-		"$set.foo":  "",
-		"$pull":     "db",
-	}
-	c.Check(readBindings, jc.DeepEquals, expectedBindings)
-}
-
-var metaBase = `
-name: mysql
-summary: "Fake MySQL Database engine"
-description: "Complete with nonsense relations"
-provides:
-  server: mysql
-requires:
-  client: mysql
-peers:
-  cluster: mysql
-`
-var metaDifferentProvider = `
-name: mysql
-description: none
-summary: none
-provides:
-  kludge: mysql
-requires:
-  client: mysql
-peers:
-  cluster: mysql
-`
-var metaDifferentRequirer = `
-name: mysql
-description: none
-summary: none
-provides:
-  server: mysql
-requires:
-  kludge: mysql
-peers:
-  cluster: mysql
-`
-var metaDifferentPeer = `
-name: mysql
-description: none
-summary: none
-provides:
-  server: mysql
-requires:
-  client: mysql
-peers:
-  kludge: mysql
-`
-var metaExtraEndpoints = `
-name: mysql
-description: none
-summary: none
-provides:
-  server: mysql
-  foo: bar
-requires:
-  client: mysql
-  baz: woot
-peers:
-  cluster: mysql
-  just: me
-`
-
-var setCharmEndpointsTests = []struct {
-	summary string
-	meta    string
-	err     string
-}{{
-	summary: "different provider (but no relation yet)",
-	meta:    metaDifferentProvider,
-}, {
-	summary: "different requirer (but no relation yet)",
-	meta:    metaDifferentRequirer,
-}, {
-	summary: "different peer",
-	meta:    metaDifferentPeer,
-	err:     `cannot upgrade service "fakemysql" to charm "local:quantal/quantal-mysql-5": would break relation "fakemysql:cluster"`,
-}, {
-	summary: "same relations ok",
-	meta:    metaBase,
-}, {
-	summary: "extra endpoints ok",
-	meta:    metaExtraEndpoints,
-}}
-
-func (s *ServiceSuite) TestSetCharmChecksEndpointsWithoutRelations(c *gc.C) {
-	revno := 2
-	ms := s.AddMetaCharm(c, "mysql", metaBase, revno)
-	svc := s.AddTestingService(c, "fakemysql", ms)
-	cfg := state.SetCharmConfig{Charm: ms}
-	err := svc.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	for i, t := range setCharmEndpointsTests {
-		c.Logf("test %d: %s", i, t.summary)
-
-		newCh := s.AddMetaCharm(c, "mysql", t.meta, revno+i+1)
-		cfg := state.SetCharmConfig{Charm: newCh}
-		err = svc.SetCharm(cfg)
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-		} else {
-			c.Assert(err, jc.ErrorIsNil)
-		}
-	}
-
-	err = svc.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestSetCharmChecksEndpointsWithRelations(c *gc.C) {
-	revno := 2
-	providerCharm := s.AddMetaCharm(c, "mysql", metaDifferentProvider, revno)
-	providerSvc := s.AddTestingService(c, "myprovider", providerCharm)
-
-	cfg := state.SetCharmConfig{Charm: providerCharm}
-	err := providerSvc.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	revno++
-	requirerCharm := s.AddMetaCharm(c, "mysql", metaDifferentRequirer, revno)
-	requirerSvc := s.AddTestingService(c, "myrequirer", requirerCharm)
-	cfg = state.SetCharmConfig{Charm: requirerCharm}
-	err = requirerSvc.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	eps, err := s.State.InferEndpoints("myprovider:kludge", "myrequirer:kludge")
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-
-	revno++
-	baseCharm := s.AddMetaCharm(c, "mysql", metaBase, revno)
-	cfg = state.SetCharmConfig{Charm: baseCharm}
-	err = providerSvc.SetCharm(cfg)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "myprovider" to charm "local:quantal/quantal-mysql-4": would break relation "myrequirer:kludge myprovider:kludge"`)
-	err = requirerSvc.SetCharm(cfg)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "myrequirer" to charm "local:quantal/quantal-mysql-4": would break relation "myrequirer:kludge myprovider:kludge"`)
-}
-
-var stringConfig = `
-options:
-  key: {default: My Key, description: Desc, type: string}
-`
-var emptyConfig = `
-options: {}
-`
-var floatConfig = `
-options:
-  key: {default: 0.42, description: Float key, type: float}
-`
-var newStringConfig = `
-options:
-  key: {default: My Key, description: Desc, type: string}
-  other: {default: None, description: My Other, type: string}
-`
-
-var setCharmConfigTests = []struct {
-	summary     string
-	startconfig string
-	startvalues charm.Settings
-	endconfig   string
-	endvalues   charm.Settings
-	err         string
-}{{
-	summary:     "add float key to empty config",
-	startconfig: emptyConfig,
-	endconfig:   floatConfig,
-}, {
-	summary:     "add string key to empty config",
-	startconfig: emptyConfig,
-	endconfig:   stringConfig,
-}, {
-	summary:     "add string key and preserve existing values",
-	startconfig: stringConfig,
-	startvalues: charm.Settings{"key": "foo"},
-	endconfig:   newStringConfig,
-	endvalues:   charm.Settings{"key": "foo"},
-}, {
-	summary:     "remove string key",
-	startconfig: stringConfig,
-	startvalues: charm.Settings{"key": "value"},
-	endconfig:   emptyConfig,
-}, {
-	summary:     "remove float key",
-	startconfig: floatConfig,
-	startvalues: charm.Settings{"key": 123.45},
-	endconfig:   emptyConfig,
-}, {
-	summary:     "change key type without values",
-	startconfig: stringConfig,
-	endconfig:   floatConfig,
-}, {
-	summary:     "change key type with values",
-	startconfig: stringConfig,
-	startvalues: charm.Settings{"key": "value"},
-	endconfig:   floatConfig,
-}}
-
-func (s *ServiceSuite) TestSetCharmConfig(c *gc.C) {
-	charms := map[string]*state.Charm{
-		stringConfig:    s.AddConfigCharm(c, "wordpress", stringConfig, 1),
-		emptyConfig:     s.AddConfigCharm(c, "wordpress", emptyConfig, 2),
-		floatConfig:     s.AddConfigCharm(c, "wordpress", floatConfig, 3),
-		newStringConfig: s.AddConfigCharm(c, "wordpress", newStringConfig, 4),
-	}
-
-	for i, t := range setCharmConfigTests {
-		c.Logf("test %d: %s", i, t.summary)
-
-		origCh := charms[t.startconfig]
-		svc := s.AddTestingService(c, "wordpress", origCh)
-		err := svc.UpdateConfigSettings(t.startvalues)
-		c.Assert(err, jc.ErrorIsNil)
-
-		newCh := charms[t.endconfig]
-		cfg := state.SetCharmConfig{Charm: newCh}
-		err = svc.SetCharm(cfg)
-		var expectVals charm.Settings
-		var expectCh *state.Charm
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-			expectCh = origCh
-			expectVals = t.startvalues
-		} else {
-			c.Assert(err, jc.ErrorIsNil)
-			expectCh = newCh
-			expectVals = t.endvalues
-		}
-
-		sch, _, err := svc.Charm()
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(sch.URL(), gc.DeepEquals, expectCh.URL())
-		settings, err := svc.ConfigSettings()
-		c.Assert(err, jc.ErrorIsNil)
-		if len(expectVals) == 0 {
-			c.Assert(settings, gc.HasLen, 0)
-		} else {
-			c.Assert(settings, gc.DeepEquals, expectVals)
-		}
-
-		err = svc.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
-func (s *ServiceSuite) TestSetCharmWithDyingService(c *gc.C) {
-	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
-
-	_, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	assertLife(c, s.mysql, state.Dying)
-	cfg := state.SetCharmConfig{
-		Charm:      sch,
-		ForceUnits: true,
-	}
-	err = s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestSequenceUnitIdsAfterDestroy(c *gc.C) {
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unit.Name(), gc.Equals, "mysql/0")
-	err = unit.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	s.mysql = s.AddTestingService(c, "mysql", s.charm)
-	unit, err = s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unit.Name(), gc.Equals, "mysql/1")
-}
-
-func (s *ServiceSuite) TestSequenceUnitIds(c *gc.C) {
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unit.Name(), gc.Equals, "mysql/0")
-	unit, err = s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unit.Name(), gc.Equals, "mysql/1")
-}
-
-func (s *ServiceSuite) TestSetCharmWhenDead(c *gc.C) {
-	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
-
-	defer state.SetBeforeHooks(c, s.State, func() {
-		_, err := s.mysql.AddUnit()
-		err = s.mysql.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-		assertLife(c, s.mysql, state.Dying)
-
-		// Change the service life to Dead manually, as there's no
-		// direct way of doing that otherwise.
-		ops := []txn.Op{{
-			C:      state.ServicesC,
-			Id:     state.DocID(s.State, s.mysql.Name()),
-			Update: bson.D{{"$set", bson.D{{"life", state.Dead}}}},
-		}}
-
-		err = state.RunTransaction(s.State, ops)
-		c.Assert(err, jc.ErrorIsNil)
-		assertLife(c, s.mysql, state.Dead)
-	}).Check()
-
-	cfg := state.SetCharmConfig{
-		Charm:      sch,
-		ForceUnits: true,
-	}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, gc.Equals, state.ErrDead)
-}
-
-func (s *ServiceSuite) TestSetCharmWithRemovedService(c *gc.C) {
-	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
-
-	err := s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	assertRemoved(c, s.mysql)
-
-	cfg := state.SetCharmConfig{
-		Charm:      sch,
-		ForceUnits: true,
-	}
-
-	err = s.mysql.SetCharm(cfg)
-	c.Assert(err, gc.Equals, state.ErrDead)
-}
-
-func (s *ServiceSuite) TestSetCharmWhenRemoved(c *gc.C) {
-	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
-
-	defer state.SetBeforeHooks(c, s.State, func() {
-		err := s.mysql.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-		assertRemoved(c, s.mysql)
-	}).Check()
-
-	cfg := state.SetCharmConfig{
-		Charm:      sch,
-		ForceUnits: true,
-	}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, gc.Equals, state.ErrDead)
-}
-
-func (s *ServiceSuite) TestSetCharmWhenDyingIsOK(c *gc.C) {
-	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
-
-	defer state.SetBeforeHooks(c, s.State, func() {
-		_, err := s.mysql.AddUnit()
-		c.Assert(err, jc.ErrorIsNil)
-		err = s.mysql.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-		assertLife(c, s.mysql, state.Dying)
-	}).Check()
-
-	cfg := state.SetCharmConfig{
-		Charm:      sch,
-		ForceUnits: true,
-	}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	assertLife(c, s.mysql, state.Dying)
-}
-
-func (s *ServiceSuite) TestSetCharmRetriesWithSameCharmURL(c *gc.C) {
-	sch := s.AddMetaCharm(c, "mysql", metaBase, 2)
-
-	defer state.SetTestHooks(c, s.State,
-		jujutxn.TestHook{
-			Before: func() {
-				currentCh, force, err := s.mysql.Charm()
-				c.Assert(err, jc.ErrorIsNil)
-				c.Assert(force, jc.IsFalse)
-				c.Assert(currentCh.URL(), jc.DeepEquals, s.charm.URL())
-
-				cfg := state.SetCharmConfig{Charm: sch}
-				err = s.mysql.SetCharm(cfg)
-				c.Assert(err, jc.ErrorIsNil)
-			},
-			After: func() {
-				// Verify the before hook worked.
-				currentCh, force, err := s.mysql.Charm()
-				c.Assert(err, jc.ErrorIsNil)
-				c.Assert(force, jc.IsFalse)
-				c.Assert(currentCh.URL(), jc.DeepEquals, sch.URL())
-			},
-		},
-		jujutxn.TestHook{
-			Before: nil, // Ensure there will be a retry.
-			After: func() {
-				// Verify it worked after the retry.
-				err := s.mysql.Refresh()
-				c.Assert(err, jc.ErrorIsNil)
-				currentCh, force, err := s.mysql.Charm()
-				c.Assert(err, jc.ErrorIsNil)
-				c.Assert(force, jc.IsTrue)
-				c.Assert(currentCh.URL(), jc.DeepEquals, sch.URL())
-			},
-		},
-	).Check()
-
-	cfg := state.SetCharmConfig{
-		Charm:      sch,
-		ForceUnits: true,
-	}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestSetCharmRetriesWhenOldSettingsChanged(c *gc.C) {
-	revno := 2 // revno 1 is used by SetUpSuite
-	oldCh := s.AddConfigCharm(c, "mysql", stringConfig, revno)
-	newCh := s.AddConfigCharm(c, "mysql", stringConfig, revno+1)
-	cfg := state.SetCharmConfig{Charm: oldCh}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	defer state.SetBeforeHooks(c, s.State,
-		func() {
-			err := s.mysql.UpdateConfigSettings(charm.Settings{"key": "value"})
-			c.Assert(err, jc.ErrorIsNil)
-		},
-		nil, // Ensure there will be a retry.
-	).Check()
-
-	cfg = state.SetCharmConfig{
-		Charm:      newCh,
-		ForceUnits: true,
-	}
-	err = s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestSetCharmRetriesWhenBothOldAndNewSettingsChanged(c *gc.C) {
-	revno := 2 // revno 1 is used by SetUpSuite
-	oldCh := s.AddConfigCharm(c, "mysql", stringConfig, revno)
-	newCh := s.AddConfigCharm(c, "mysql", stringConfig, revno+1)
-
-	defer state.SetTestHooks(c, s.State,
-		jujutxn.TestHook{
-			Before: func() {
-				// Add two units, which will keep the refcount of oldCh
-				// and newCh settings greater than 0, while the service's
-				// charm URLs change between oldCh and newCh. Ensure
-				// refcounts change as expected.
-				unit1, err := s.mysql.AddUnit()
-				c.Assert(err, jc.ErrorIsNil)
-				unit2, err := s.mysql.AddUnit()
-				c.Assert(err, jc.ErrorIsNil)
-				cfg := state.SetCharmConfig{Charm: newCh}
-				err = s.mysql.SetCharm(cfg)
-				c.Assert(err, jc.ErrorIsNil)
-				assertSettingsRef(c, s.State, "mysql", newCh, 1)
-				assertNoSettingsRef(c, s.State, "mysql", oldCh)
-				err = unit1.SetCharmURL(newCh.URL())
-				c.Assert(err, jc.ErrorIsNil)
-				assertSettingsRef(c, s.State, "mysql", newCh, 2)
-				assertNoSettingsRef(c, s.State, "mysql", oldCh)
-				// Update newCh settings, switch to oldCh and update its
-				// settings as well.
-				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value1"})
-				c.Assert(err, jc.ErrorIsNil)
-				cfg = state.SetCharmConfig{Charm: oldCh}
-
-				err = s.mysql.SetCharm(cfg)
-				c.Assert(err, jc.ErrorIsNil)
-				assertSettingsRef(c, s.State, "mysql", newCh, 1)
-				assertSettingsRef(c, s.State, "mysql", oldCh, 1)
-				err = unit2.SetCharmURL(oldCh.URL())
-				c.Assert(err, jc.ErrorIsNil)
-				assertSettingsRef(c, s.State, "mysql", newCh, 1)
-				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
-				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value2"})
-				c.Assert(err, jc.ErrorIsNil)
-			},
-			After: func() {
-				// Verify the charm and refcounts after the second attempt.
-				err := s.mysql.Refresh()
-				c.Assert(err, jc.ErrorIsNil)
-				currentCh, force, err := s.mysql.Charm()
-				c.Assert(err, jc.ErrorIsNil)
-				c.Assert(force, jc.IsFalse)
-				c.Assert(currentCh.URL(), jc.DeepEquals, oldCh.URL())
-				assertSettingsRef(c, s.State, "mysql", newCh, 1)
-				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
-			},
-		},
-		jujutxn.TestHook{
-			Before: func() {
-				// SetCharm has refreshed its cached settings for oldCh
-				// and newCh. Change them again to trigger another
-				// attempt.
-				cfg := state.SetCharmConfig{Charm: newCh}
-
-				err := s.mysql.SetCharm(cfg)
-				c.Assert(err, jc.ErrorIsNil)
-				assertSettingsRef(c, s.State, "mysql", newCh, 2)
-				assertSettingsRef(c, s.State, "mysql", oldCh, 1)
-				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value3"})
-				c.Assert(err, jc.ErrorIsNil)
-
-				cfg = state.SetCharmConfig{Charm: oldCh}
-				err = s.mysql.SetCharm(cfg)
-				c.Assert(err, jc.ErrorIsNil)
-				assertSettingsRef(c, s.State, "mysql", newCh, 1)
-				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
-				err = s.mysql.UpdateConfigSettings(charm.Settings{"key": "value4"})
-				c.Assert(err, jc.ErrorIsNil)
-			},
-			After: func() {
-				// Verify the charm and refcounts after the third attempt.
-				err := s.mysql.Refresh()
-				c.Assert(err, jc.ErrorIsNil)
-				currentCh, force, err := s.mysql.Charm()
-				c.Assert(err, jc.ErrorIsNil)
-				c.Assert(force, jc.IsFalse)
-				c.Assert(currentCh.URL(), jc.DeepEquals, oldCh.URL())
-				assertSettingsRef(c, s.State, "mysql", newCh, 1)
-				assertSettingsRef(c, s.State, "mysql", oldCh, 2)
-			},
-		},
-		jujutxn.TestHook{
-			Before: nil, // Ensure there will be a (final) retry.
-			After: func() {
-				// Verify the charm and refcounts after the final third attempt.
-				err := s.mysql.Refresh()
-				c.Assert(err, jc.ErrorIsNil)
-				currentCh, force, err := s.mysql.Charm()
-				c.Assert(err, jc.ErrorIsNil)
-				c.Assert(force, jc.IsTrue)
-				c.Assert(currentCh.URL(), jc.DeepEquals, newCh.URL())
-				assertSettingsRef(c, s.State, "mysql", newCh, 2)
-				assertSettingsRef(c, s.State, "mysql", oldCh, 1)
-			},
-		},
-	).Check()
-
-	cfg := state.SetCharmConfig{
-		Charm:      newCh,
-		ForceUnits: true,
-	}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestSetCharmRetriesWhenOldBindingsChanged(c *gc.C) {
-	revno := 2 // revno 1 is used by SetUpSuite
-	mysqlKey := state.ServiceGlobalKey(s.mysql.Name())
-	oldCharm := s.AddMetaCharm(c, "mysql", metaDifferentRequirer, revno)
-	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, revno+1)
-
-	cfg := state.SetCharmConfig{Charm: oldCharm}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	oldBindings, err := s.mysql.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(oldBindings, jc.DeepEquals, map[string]string{
-		"server":  "",
-		"kludge":  "",
-		"cluster": "",
-	})
-	_, err = s.State.AddSpace("db", "", nil, true)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddSpace("admin", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-
-	updateBindings := func(updatesMap bson.M) {
-		ops := []txn.Op{{
-			C:      state.EndpointBindingsC,
-			Id:     mysqlKey,
-			Update: bson.D{{"$set", updatesMap}},
-		}}
-		err := state.RunTransaction(s.State, ops)
-		c.Assert(err, jc.ErrorIsNil)
-	}
-
-	defer state.SetTestHooks(c, s.State,
-		jujutxn.TestHook{
-			Before: func() {
-				// First change.
-				updateBindings(bson.M{
-					"bindings.server": "db",
-					"bindings.kludge": "admin", // will be removed before newCharm is set.
-				})
-			},
-			After: func() {
-				// Second change.
-				updateBindings(bson.M{
-					"bindings.cluster": "admin",
-				})
-			},
-		},
-		jujutxn.TestHook{
-			Before: nil, // Ensure there will be a (final) retry.
-			After: func() {
-				// Verify final bindings.
-				newBindings, err := s.mysql.EndpointBindings()
-				c.Assert(err, jc.ErrorIsNil)
-				c.Assert(newBindings, jc.DeepEquals, map[string]string{
-					"server":  "db", // from the first change.
-					"foo":     "",
-					"client":  "",
-					"baz":     "",
-					"cluster": "admin", // from the second change.
-					"just":    "",
-				})
-			},
-		},
-	).Check()
-
-	cfg = state.SetCharmConfig{
-		Charm:      newCharm,
-		ForceUnits: true,
-	}
-	err = s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-var serviceUpdateConfigSettingsTests = []struct {
-	about   string
-	initial charm.Settings
-	update  charm.Settings
-	expect  charm.Settings
-	err     string
-}{{
-	about:  "unknown option",
-	update: charm.Settings{"foo": "bar"},
-	err:    `unknown option "foo"`,
-}, {
-	about:  "bad type",
-	update: charm.Settings{"skill-level": "profound"},
-	err:    `option "skill-level" expected int, got "profound"`,
-}, {
-	about:  "set string",
-	update: charm.Settings{"outlook": "positive"},
-	expect: charm.Settings{"outlook": "positive"},
-}, {
-	about:   "unset string and set another",
-	initial: charm.Settings{"outlook": "positive"},
-	update:  charm.Settings{"outlook": nil, "title": "sir"},
-	expect:  charm.Settings{"title": "sir"},
-}, {
-	about:  "unset missing string",
-	update: charm.Settings{"outlook": nil},
-}, {
-	about:   `empty strings are valid`,
-	initial: charm.Settings{"outlook": "positive"},
-	update:  charm.Settings{"outlook": "", "title": ""},
-	expect:  charm.Settings{"outlook": "", "title": ""},
-}, {
-	about:   "preserve existing value",
-	initial: charm.Settings{"title": "sir"},
-	update:  charm.Settings{"username": "admin001"},
-	expect:  charm.Settings{"username": "admin001", "title": "sir"},
-}, {
-	about:   "unset a default value, set a different default",
-	initial: charm.Settings{"username": "admin001", "title": "sir"},
-	update:  charm.Settings{"username": nil, "title": "My Title"},
-	expect:  charm.Settings{"title": "My Title"},
-}, {
-	about:  "non-string type",
-	update: charm.Settings{"skill-level": 303},
-	expect: charm.Settings{"skill-level": int64(303)},
-}, {
-	about:   "unset non-string type",
-	initial: charm.Settings{"skill-level": 303},
-	update:  charm.Settings{"skill-level": nil},
-}}
-
-func (s *ServiceSuite) TestUpdateConfigSettings(c *gc.C) {
-	sch := s.AddTestingCharm(c, "dummy")
-	for i, t := range serviceUpdateConfigSettingsTests {
-		c.Logf("test %d. %s", i, t.about)
-		svc := s.AddTestingService(c, "dummy-service", sch)
-		if t.initial != nil {
-			err := svc.UpdateConfigSettings(t.initial)
-			c.Assert(err, jc.ErrorIsNil)
-		}
-		err := svc.UpdateConfigSettings(t.update)
-		if t.err != "" {
-			c.Assert(err, gc.ErrorMatches, t.err)
-		} else {
-			c.Assert(err, jc.ErrorIsNil)
-			settings, err := svc.ConfigSettings()
-			c.Assert(err, jc.ErrorIsNil)
-			expect := t.expect
-			if expect == nil {
-				expect = charm.Settings{}
-			}
-			c.Assert(settings, gc.DeepEquals, expect)
-		}
-		err = svc.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
-func assertNoSettingsRef(c *gc.C, st *state.State, svcName string, sch *state.Charm) {
-	_, err := state.ServiceSettingsRefCount(st, svcName, sch.URL())
-	c.Assert(err, gc.Equals, mgo.ErrNotFound)
-}
-
-func assertSettingsRef(c *gc.C, st *state.State, svcName string, sch *state.Charm, refcount int) {
-	rc, err := state.ServiceSettingsRefCount(st, svcName, sch.URL())
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(rc, gc.Equals, refcount)
-}
-
-func (s *ServiceSuite) TestSettingsRefCountWorks(c *gc.C) {
-	// This test ensures the service settings per charm URL are
-	// properly reference counted.
-	oldCh := s.AddConfigCharm(c, "wordpress", emptyConfig, 1)
-	newCh := s.AddConfigCharm(c, "wordpress", emptyConfig, 2)
-	svcName := "mywp"
-
-	// Both refcounts are zero initially.
-	assertNoSettingsRef(c, s.State, svcName, oldCh)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// svc is using oldCh, so its settings refcount is incremented.
-	svc := s.AddTestingService(c, svcName, oldCh)
-	assertSettingsRef(c, s.State, svcName, oldCh, 1)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// Changing to the same charm does not change the refcount.
-	cfg := state.SetCharmConfig{Charm: oldCh}
-	err := svc.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	assertSettingsRef(c, s.State, svcName, oldCh, 1)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// Changing from oldCh to newCh causes the refcount of oldCh's
-	// settings to be decremented, while newCh's settings is
-	// incremented. Consequently, because oldCh's refcount is 0, the
-	// settings doc will be removed.
-	cfg = state.SetCharmConfig{Charm: newCh}
-	err = svc.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	assertNoSettingsRef(c, s.State, svcName, oldCh)
-	assertSettingsRef(c, s.State, svcName, newCh, 1)
-
-	// The same but newCh swapped with oldCh.
-	cfg = state.SetCharmConfig{Charm: oldCh}
-	err = svc.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	assertSettingsRef(c, s.State, svcName, oldCh, 1)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// Adding a unit without a charm URL set does not affect the
-	// refcount.
-	u, err := svc.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	curl, ok := u.CharmURL()
-	c.Assert(ok, jc.IsFalse)
-	assertSettingsRef(c, s.State, svcName, oldCh, 1)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// Setting oldCh as the units charm URL increments oldCh, which is
-	// used by svc as well, hence 2.
-	err = u.SetCharmURL(oldCh.URL())
-	c.Assert(err, jc.ErrorIsNil)
-	curl, ok = u.CharmURL()
-	c.Assert(ok, jc.IsTrue)
-	c.Assert(curl, gc.DeepEquals, oldCh.URL())
-	assertSettingsRef(c, s.State, svcName, oldCh, 2)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// A dead unit does not decrement the refcount.
-	err = u.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	assertSettingsRef(c, s.State, svcName, oldCh, 2)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// Once the unit is removed, refcount is decremented.
-	err = u.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	assertSettingsRef(c, s.State, svcName, oldCh, 1)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-
-	// Finally, after the service is destroyed and removed (since the
-	// last unit's gone), the refcount is again decremented.
-	err = svc.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	assertNoSettingsRef(c, s.State, svcName, oldCh)
-	assertNoSettingsRef(c, s.State, svcName, newCh)
-}
-
-const mysqlBaseMeta = `
-name: mysql
-summary: "Database engine"
-description: "A pretty popular database"
-provides:
-  server: mysql
-`
-const onePeerMeta = `
-peers:
-  cluster: mysql
-`
-const twoPeersMeta = `
-peers:
-  cluster: mysql
-  loadbalancer: phony
-`
-
-func (s *ServiceSuite) assertServiceRelations(c *gc.C, svc *state.Service, expectedKeys ...string) []*state.Relation {
-	rels, err := svc.Relations()
-	c.Assert(err, jc.ErrorIsNil)
-	if len(rels) == 0 {
-		return nil
-	}
-	relKeys := make([]string, len(expectedKeys))
-	for i, rel := range rels {
-		relKeys[i] = rel.String()
-	}
-	sort.Strings(relKeys)
-	c.Assert(relKeys, gc.DeepEquals, expectedKeys)
-	return rels
-}
-
-func (s *ServiceSuite) TestNewPeerRelationsAddedOnUpgrade(c *gc.C) {
-	// Original mysql charm has no peer relations.
-	oldCh := s.AddMetaCharm(c, "mysql", mysqlBaseMeta+onePeerMeta, 2)
-	newCh := s.AddMetaCharm(c, "mysql", mysqlBaseMeta+twoPeersMeta, 3)
-
-	// No relations joined yet.
-	s.assertServiceRelations(c, s.mysql)
-
-	cfg := state.SetCharmConfig{Charm: oldCh}
-	err := s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertServiceRelations(c, s.mysql, "mysql:cluster")
-
-	cfg = state.SetCharmConfig{Charm: newCh}
-	err = s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	rels := s.assertServiceRelations(c, s.mysql, "mysql:cluster", "mysql:loadbalancer")
-
-	// Check state consistency by attempting to destroy the service.
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check the peer relations got destroyed as well.
-	for _, rel := range rels {
-		err = rel.Refresh()
-		c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	}
-}
-
-func jujuInfoEp(serviceName string) state.Endpoint {
-	return state.Endpoint{
-		ServiceName: serviceName,
-		Relation: charm.Relation{
-			Interface: "juju-info",
-			Name:      "juju-info",
-			Role:      charm.RoleProvider,
-			Scope:     charm.ScopeGlobal,
-		},
-	}
-}
-
-func (s *ServiceSuite) TestTag(c *gc.C) {
-	c.Assert(s.mysql.Tag().String(), gc.Equals, "service-mysql")
-}
-
-func (s *ServiceSuite) TestMysqlEndpoints(c *gc.C) {
-	_, err := s.mysql.Endpoint("mysql")
-	c.Assert(err, gc.ErrorMatches, `service "mysql" has no "mysql" relation`)
-
-	jiEP, err := s.mysql.Endpoint("juju-info")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(jiEP, gc.DeepEquals, jujuInfoEp("mysql"))
-
-	serverEP, err := s.mysql.Endpoint("server")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(serverEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "mysql",
-		Relation: charm.Relation{
-			Interface: "mysql",
-			Name:      "server",
-			Role:      charm.RoleProvider,
-			Scope:     charm.ScopeGlobal,
-		},
-	})
-
-	eps, err := s.mysql.Endpoints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(eps, gc.DeepEquals, []state.Endpoint{jiEP, serverEP})
-}
-
-func (s *ServiceSuite) TestRiakEndpoints(c *gc.C) {
-	riak := s.AddTestingService(c, "myriak", s.AddTestingCharm(c, "riak"))
-
-	_, err := riak.Endpoint("garble")
-	c.Assert(err, gc.ErrorMatches, `service "myriak" has no "garble" relation`)
-
-	jiEP, err := riak.Endpoint("juju-info")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(jiEP, gc.DeepEquals, jujuInfoEp("myriak"))
-
-	ringEP, err := riak.Endpoint("ring")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ringEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "myriak",
-		Relation: charm.Relation{
-			Interface: "riak",
-			Name:      "ring",
-			Role:      charm.RolePeer,
-			Scope:     charm.ScopeGlobal,
-			Limit:     1,
-		},
-	})
-
-	adminEP, err := riak.Endpoint("admin")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(adminEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "myriak",
-		Relation: charm.Relation{
-			Interface: "http",
-			Name:      "admin",
-			Role:      charm.RoleProvider,
-			Scope:     charm.ScopeGlobal,
-		},
-	})
-
-	endpointEP, err := riak.Endpoint("endpoint")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(endpointEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "myriak",
-		Relation: charm.Relation{
-			Interface: "http",
-			Name:      "endpoint",
-			Role:      charm.RoleProvider,
-			Scope:     charm.ScopeGlobal,
-		},
-	})
-
-	eps, err := riak.Endpoints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(eps, gc.DeepEquals, []state.Endpoint{adminEP, endpointEP, jiEP, ringEP})
-}
-
-func (s *ServiceSuite) TestWordpressEndpoints(c *gc.C) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-
-	_, err := wordpress.Endpoint("nonsense")
-	c.Assert(err, gc.ErrorMatches, `service "wordpress" has no "nonsense" relation`)
-
-	jiEP, err := wordpress.Endpoint("juju-info")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(jiEP, gc.DeepEquals, jujuInfoEp("wordpress"))
-
-	urlEP, err := wordpress.Endpoint("url")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(urlEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "wordpress",
-		Relation: charm.Relation{
-			Interface: "http",
-			Name:      "url",
-			Role:      charm.RoleProvider,
-			Scope:     charm.ScopeGlobal,
-		},
-	})
-
-	ldEP, err := wordpress.Endpoint("logging-dir")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ldEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "wordpress",
-		Relation: charm.Relation{
-			Interface: "logging",
-			Name:      "logging-dir",
-			Role:      charm.RoleProvider,
-			Scope:     charm.ScopeContainer,
-		},
-	})
-
-	mpEP, err := wordpress.Endpoint("monitoring-port")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(mpEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "wordpress",
-		Relation: charm.Relation{
-			Interface: "monitoring",
-			Name:      "monitoring-port",
-			Role:      charm.RoleProvider,
-			Scope:     charm.ScopeContainer,
-		},
-	})
-
-	dbEP, err := wordpress.Endpoint("db")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dbEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "wordpress",
-		Relation: charm.Relation{
-			Interface: "mysql",
-			Name:      "db",
-			Role:      charm.RoleRequirer,
-			Scope:     charm.ScopeGlobal,
-			Limit:     1,
-		},
-	})
-
-	cacheEP, err := wordpress.Endpoint("cache")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cacheEP, gc.DeepEquals, state.Endpoint{
-		ServiceName: "wordpress",
-		Relation: charm.Relation{
-			Interface: "varnish",
-			Name:      "cache",
-			Role:      charm.RoleRequirer,
-			Scope:     charm.ScopeGlobal,
-			Limit:     2,
-			Optional:  true,
-		},
-	})
-
-	eps, err := wordpress.Endpoints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(eps, gc.DeepEquals, []state.Endpoint{cacheEP, dbEP, jiEP, ldEP, mpEP, urlEP})
-}
-
-func (s *ServiceSuite) TestServiceRefresh(c *gc.C) {
-	s1, err := s.State.Service(s.mysql.Name())
-	c.Assert(err, jc.ErrorIsNil)
-
-	cfg := state.SetCharmConfig{
-		Charm:      s.charm,
-		ForceUnits: true,
-	}
-
-	err = s.mysql.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-
-	testch, force, err := s1.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(force, jc.IsFalse)
-	c.Assert(testch.URL(), gc.DeepEquals, s.charm.URL())
-
-	err = s1.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	testch, force, err = s1.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(force, jc.IsTrue)
-	c.Assert(testch.URL(), gc.DeepEquals, s.charm.URL())
-
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestServiceExposed(c *gc.C) {
-	// Check that querying for the exposed flag works correctly.
-	c.Assert(s.mysql.IsExposed(), jc.IsFalse)
-
-	// Check that setting and clearing the exposed flag works correctly.
-	err := s.mysql.SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.IsExposed(), jc.IsTrue)
-	err = s.mysql.ClearExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.IsExposed(), jc.IsFalse)
-
-	// Check that setting and clearing the exposed flag repeatedly does not fail.
-	err = s.mysql.SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.ClearExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.ClearExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.IsExposed(), jc.IsTrue)
-
-	// Make the service Dying and check that ClearExposed and SetExposed fail.
-	// TODO(fwereade): maybe service destruction should always unexpose?
-	u, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.ClearExposed()
-	c.Assert(err, gc.ErrorMatches, notAliveErr)
-	err = s.mysql.SetExposed()
-	c.Assert(err, gc.ErrorMatches, notAliveErr)
-
-	// Remove the service and check that both fail.
-	err = u.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = u.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.SetExposed()
-	c.Assert(err, gc.ErrorMatches, notAliveErr)
-	err = s.mysql.ClearExposed()
-	c.Assert(err, gc.ErrorMatches, notAliveErr)
-}
-
-func (s *ServiceSuite) TestAddUnit(c *gc.C) {
-	// Check that principal units can be added on their own.
-	unitZero, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unitZero.Name(), gc.Equals, "mysql/0")
-	c.Assert(unitZero.IsPrincipal(), jc.IsTrue)
-	c.Assert(unitZero.SubordinateNames(), gc.HasLen, 0)
-	c.Assert(state.GetUnitModelUUID(unitZero), gc.Equals, s.State.ModelUUID())
-
-	unitOne, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unitOne.Name(), gc.Equals, "mysql/1")
-	c.Assert(unitOne.IsPrincipal(), jc.IsTrue)
-	c.Assert(unitOne.SubordinateNames(), gc.HasLen, 0)
-
-	// Assign the principal unit to a machine.
-	m, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	err = unitZero.AssignToMachine(m)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Add a subordinate service and check that units cannot be added directly.
-	// to add a subordinate unit.
-	subCharm := s.AddTestingCharm(c, "logging")
-	logging := s.AddTestingService(c, "logging", subCharm)
-	_, err = logging.AddUnit()
-	c.Assert(err, gc.ErrorMatches, `cannot add unit to service "logging": service is a subordinate`)
-
-	// Indirectly create a subordinate unit by adding a relation and entering
-	// scope as a principal.
-	eps, err := s.State.InferEndpoints("logging", "mysql")
-	c.Assert(err, jc.ErrorIsNil)
-	rel, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-	ru, err := rel.Unit(unitZero)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ru.EnterScope(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	subZero, err := s.State.Unit("logging/0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check that once it's refreshed unitZero has subordinates.
-	err = unitZero.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unitZero.SubordinateNames(), gc.DeepEquals, []string{"logging/0"})
-
-	// Check the subordinate unit has been assigned its principal's machine.
-	id, err := subZero.AssignedMachineId()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(id, gc.Equals, m.Id())
-}
-
-func (s *ServiceSuite) TestAddUnitWhenNotAlive(c *gc.C) {
-	u, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.mysql.AddUnit()
-	c.Assert(err, gc.ErrorMatches, `cannot add unit to service "mysql": service is not alive`)
-	err = u.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = u.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.mysql.AddUnit()
-	c.Assert(err, gc.ErrorMatches, `cannot add unit to service "mysql": service "mysql" not found`)
-}
-
-func (s *ServiceSuite) TestReadUnit(c *gc.C) {
-	_, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check that retrieving a unit from state works correctly.
-	unit, err := s.State.Unit("mysql/0")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unit.Name(), gc.Equals, "mysql/0")
-
-	// Check that retrieving a non-existent or an invalidly
-	// named unit fail nicely.
-	unit, err = s.State.Unit("mysql")
-	c.Assert(err, gc.ErrorMatches, `"mysql" is not a valid unit name`)
-	unit, err = s.State.Unit("mysql/0/0")
-	c.Assert(err, gc.ErrorMatches, `"mysql/0/0" is not a valid unit name`)
-	unit, err = s.State.Unit("pressword/0")
-	c.Assert(err, gc.ErrorMatches, `unit "pressword/0" not found`)
-
-	units, err := s.mysql.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(sortedUnitNames(units), gc.DeepEquals, []string{"mysql/0", "mysql/1"})
-}
-
-func (s *ServiceSuite) TestReadUnitWhenDying(c *gc.C) {
-	// Test that we can still read units when the service is Dying...
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	preventUnitDestroyRemove(c, unit)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.mysql.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.Unit("mysql/0")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// ...and when those units are Dying or Dead...
-	testWhenDying(c, unit, noErr, noErr, func() error {
-		_, err := s.mysql.AllUnits()
-		return err
-	}, func() error {
-		_, err := s.State.Unit("mysql/0")
-		return err
-	})
-
-	// ...and even, in a very limited way, when the service itself is removed.
-	removeAllUnits(c, s.mysql)
-	_, err = s.mysql.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestDestroySimple(c *gc.C) {
-	err := s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestDestroyStillHasUnits(c *gc.C) {
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-
-	err = unit.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-
-	err = unit.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestDestroyOnceHadUnits(c *gc.C) {
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = unit.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = unit.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestDestroyStaleNonZeroUnitCount(c *gc.C) {
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	err = unit.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = unit.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestDestroyStaleZeroUnitCount(c *gc.C) {
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-
-	err = unit.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.Life(), gc.Equals, state.Dying)
-
-	err = unit.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestDestroyWithRemovableRelation(c *gc.C) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	eps, err := s.State.InferEndpoints("wordpress", "mysql")
-	c.Assert(err, jc.ErrorIsNil)
-	rel, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Destroy a service with no units in relation scope; check service and
-	// unit removed.
-	err = wordpress.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = wordpress.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	err = rel.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestDestroyWithReferencedRelation(c *gc.C) {
-	s.assertDestroyWithReferencedRelation(c, true)
-}
-
-func (s *ServiceSuite) TestDestroyWithReferencedRelationStaleCount(c *gc.C) {
-	s.assertDestroyWithReferencedRelation(c, false)
-}
-
-func (s *ServiceSuite) assertDestroyWithReferencedRelation(c *gc.C, refresh bool) {
-	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
-	eps, err := s.State.InferEndpoints("wordpress", "mysql")
-	c.Assert(err, jc.ErrorIsNil)
-	rel0, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
-	eps, err = s.State.InferEndpoints("logging", "mysql")
-	c.Assert(err, jc.ErrorIsNil)
-	rel1, err := s.State.AddRelation(eps...)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Add a separate reference to the first relation.
-	unit, err := wordpress.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	ru, err := rel0.Unit(unit)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ru.EnterScope(nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Optionally update the service document to get correct relation counts.
-	if refresh {
-		err = s.mysql.Destroy()
-		c.Assert(err, jc.ErrorIsNil)
-	}
-
-	// Destroy, and check that the first relation becomes Dying...
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = rel0.Refresh()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(rel0.Life(), gc.Equals, state.Dying)
-
-	// ...while the second is removed directly.
-	err = rel1.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-
-	// Drop the last reference to the first relation; check the relation and
-	// the service are are both removed.
-	err = ru.LeaveScope()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	err = rel0.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *ServiceSuite) TestDestroyQueuesUnitCleanup(c *gc.C) {
-	// Add 5 units; block quick-remove of mysql/1 and mysql/3
-	units := make([]*state.Unit, 5)
-	for i := range units {
-		unit, err := s.mysql.AddUnit()
-		c.Assert(err, jc.ErrorIsNil)
-		units[i] = unit
-		if i%2 != 0 {
-			preventUnitDestroyRemove(c, unit)
-		}
-	}
-
-	// Check state is clean.
-	dirty, err := s.State.NeedsCleanup()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dirty, jc.IsFalse)
-
-	// Destroy mysql, and check units are not touched.
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	for _, unit := range units {
-		assertLife(c, unit, state.Alive)
-	}
-
-	// Check a cleanup doc was added.
-	dirty, err = s.State.NeedsCleanup()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dirty, jc.IsTrue)
-
-	// Run the cleanup and check the units.
-	err = s.State.Cleanup()
-	c.Assert(err, jc.ErrorIsNil)
-	for i, unit := range units {
-		if i%2 != 0 {
-			assertLife(c, unit, state.Dying)
-		} else {
-			assertRemoved(c, unit)
-		}
-	}
-
-	// Check for queued unit cleanups, and run them.
-	dirty, err = s.State.NeedsCleanup()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dirty, jc.IsTrue)
-	err = s.State.Cleanup()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Check we're now clean.
-	dirty, err = s.State.NeedsCleanup()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dirty, jc.IsFalse)
-}
-
-func (s *ServiceSuite) TestRemoveServiceMachine(c *gc.C) {
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(unit.AssignToMachine(machine), gc.IsNil)
-
-	c.Assert(s.mysql.Destroy(), gc.IsNil)
-	assertLife(c, s.mysql, state.Dying)
-
-	// Service.Destroy adds units to cleanup, make it happen now.
-	c.Assert(s.State.Cleanup(), gc.IsNil)
-
-	c.Assert(unit.Refresh(), jc.Satisfies, errors.IsNotFound)
-	assertLife(c, machine, state.Dying)
-}
-
-func (s *ServiceSuite) TestReadUnitWithChangingState(c *gc.C) {
-	// Check that reading a unit after removing the service
-	// fails nicely.
-	err := s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	_, err = s.State.Unit("mysql/0")
-	c.Assert(err, gc.ErrorMatches, `unit "mysql/0" not found`)
-}
-
-func uint64p(val uint64) *uint64 {
-	return &val
-}
-
-func (s *ServiceSuite) TestConstraints(c *gc.C) {
-	// Constraints are initially empty (for now).
-	cons, err := s.mysql.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(&cons, jc.Satisfies, constraints.IsEmpty)
-
-	// Constraints can be set.
-	cons2 := constraints.Value{Mem: uint64p(4096)}
-	err = s.mysql.SetConstraints(cons2)
-	cons3, err := s.mysql.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cons3, gc.DeepEquals, cons2)
-
-	// Constraints are completely overwritten when re-set.
-	cons4 := constraints.Value{CpuPower: uint64p(750)}
-	err = s.mysql.SetConstraints(cons4)
-	c.Assert(err, jc.ErrorIsNil)
-	cons5, err := s.mysql.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cons5, gc.DeepEquals, cons4)
-
-	// Destroy the existing service; there's no way to directly assert
-	// that the constraints are deleted...
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-
-	// ...but we can check that old constraints do not affect new services
-	// with matching names.
-	ch, _, err := s.mysql.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-	mysql := s.AddTestingService(c, s.mysql.Name(), ch)
-	cons6, err := mysql.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(&cons6, jc.Satisfies, constraints.IsEmpty)
-}
-
-func (s *ServiceSuite) TestSetInvalidConstraints(c *gc.C) {
-	cons := constraints.MustParse("mem=4G instance-type=foo")
-	err := s.mysql.SetConstraints(cons)
-	c.Assert(err, gc.ErrorMatches, `ambiguous constraints: "instance-type" overlaps with "mem"`)
-}
-
-func (s *ServiceSuite) TestSetUnsupportedConstraintsWarning(c *gc.C) {
-	defer loggo.ResetWriters()
-	logger := loggo.GetLogger("test")
-	logger.SetLogLevel(loggo.DEBUG)
-	var tw loggo.TestWriter
-	c.Assert(loggo.RegisterWriter("constraints-tester", &tw, loggo.DEBUG), gc.IsNil)
-
-	cons := constraints.MustParse("mem=4G cpu-power=10")
-	err := s.mysql.SetConstraints(cons)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(tw.Log(), jc.LogMatches, jc.SimpleMessages{{
-		loggo.WARNING,
-		`setting constraints on service "mysql": unsupported constraints: cpu-power`},
-	})
-	scons, err := s.mysql.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(scons, gc.DeepEquals, cons)
-}
-
-func (s *ServiceSuite) TestConstraintsLifecycle(c *gc.C) {
-	// Dying.
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	cons1 := constraints.MustParse("mem=1G")
-	err = s.mysql.SetConstraints(cons1)
-	c.Assert(err, gc.ErrorMatches, `cannot set constraints: not found or not alive`)
-	scons, err := s.mysql.Constraints()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(&scons, jc.Satisfies, constraints.IsEmpty)
-
-	// Removed (== Dead, for a service).
-	err = unit.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = unit.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.SetConstraints(cons1)
-	c.Assert(err, gc.ErrorMatches, `cannot set constraints: not found or not alive`)
-	_, err = s.mysql.Constraints()
-	c.Assert(err, gc.ErrorMatches, `constraints not found`)
-}
-
-func (s *ServiceSuite) TestSubordinateConstraints(c *gc.C) {
-	loggingCh := s.AddTestingCharm(c, "logging")
-	logging := s.AddTestingService(c, "logging", loggingCh)
-
-	_, err := logging.Constraints()
-	c.Assert(err, gc.Equals, state.ErrSubordinateConstraints)
-
-	err = logging.SetConstraints(constraints.Value{})
-	c.Assert(err, gc.Equals, state.ErrSubordinateConstraints)
-}
-
-func (s *ServiceSuite) TestWatchUnitsBulkEvents(c *gc.C) {
-	// Alive unit...
-	alive, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Dying unit...
-	dying, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	preventUnitDestroyRemove(c, dying)
-	err = dying.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Dead unit...
-	dead, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	preventUnitDestroyRemove(c, dead)
-	err = dead.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = dead.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Gone unit.
-	gone, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = gone.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// All except gone unit are reported in initial event.
-	w := s.mysql.WatchUnits()
-	defer testing.AssertStop(c, w)
-	wc := testing.NewStringsWatcherC(c, s.State, w)
-	wc.AssertChange(alive.Name(), dying.Name(), dead.Name())
-	wc.AssertNoChange()
-
-	// Remove them all; alive/dying changes reported; dead never mentioned again.
-	err = alive.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = dying.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = dying.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	err = dead.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(alive.Name(), dying.Name())
-	wc.AssertNoChange()
-}
-
-func (s *ServiceSuite) TestWatchUnitsLifecycle(c *gc.C) {
-	// Empty initial event when no units.
-	w := s.mysql.WatchUnits()
-	defer testing.AssertStop(c, w)
-	wc := testing.NewStringsWatcherC(c, s.State, w)
-	wc.AssertChange()
-	wc.AssertNoChange()
-
-	// Create one unit, check one change.
-	quick, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(quick.Name())
-	wc.AssertNoChange()
-
-	// Destroy that unit (short-circuited to removal), check one change.
-	err = quick.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(quick.Name())
-	wc.AssertNoChange()
-
-	// Create another, check one change.
-	slow, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(slow.Name())
-	wc.AssertNoChange()
-
-	// Change unit itself, no change.
-	preventUnitDestroyRemove(c, slow)
-	wc.AssertNoChange()
-
-	// Make unit Dying, change detected.
-	err = slow.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(slow.Name())
-	wc.AssertNoChange()
-
-	// Make unit Dead, change detected.
-	err = slow.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(slow.Name())
-	wc.AssertNoChange()
-
-	// Remove unit, final change not detected.
-	err = slow.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertNoChange()
-}
-
-func (s *ServiceSuite) TestWatchRelations(c *gc.C) {
-	// TODO(fwereade) split this test up a bit.
-	w := s.mysql.WatchRelations()
-	defer testing.AssertStop(c, w)
-	wc := testing.NewStringsWatcherC(c, s.State, w)
-	wc.AssertChange()
-	wc.AssertNoChange()
-
-	// Add a relation; check change.
-	mysqlep, err := s.mysql.Endpoint("server")
-	c.Assert(err, jc.ErrorIsNil)
-	wpch := s.AddTestingCharm(c, "wordpress")
-	wpi := 0
-	addRelation := func() *state.Relation {
-		name := fmt.Sprintf("wp%d", wpi)
-		wpi++
-		wp := s.AddTestingService(c, name, wpch)
-		wpep, err := wp.Endpoint("db")
-		c.Assert(err, jc.ErrorIsNil)
-		rel, err := s.State.AddRelation(mysqlep, wpep)
-		c.Assert(err, jc.ErrorIsNil)
-		return rel
-	}
-	rel0 := addRelation()
-	wc.AssertChange(rel0.String())
-	wc.AssertNoChange()
-
-	// Add another relation; check change.
-	rel1 := addRelation()
-	wc.AssertChange(rel1.String())
-	wc.AssertNoChange()
-
-	// Destroy a relation; check change.
-	err = rel0.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(rel0.String())
-	wc.AssertNoChange()
-
-	// Stop watcher; check change chan is closed.
-	testing.AssertStop(c, w)
-	wc.AssertClosed()
-
-	// Add a new relation; start a new watcher; check initial event.
-	rel2 := addRelation()
-	w = s.mysql.WatchRelations()
-	defer testing.AssertStop(c, w)
-	wc = testing.NewStringsWatcherC(c, s.State, w)
-	wc.AssertChange(rel1.String(), rel2.String())
-	wc.AssertNoChange()
-
-	// Add a unit to the new relation; check no change.
-	unit, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	ru2, err := rel2.Unit(unit)
-	c.Assert(err, jc.ErrorIsNil)
-	err = ru2.EnterScope(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertNoChange()
-
-	// Destroy the relation with the unit in scope, and add another; check
-	// changes.
-	err = rel2.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	rel3 := addRelation()
-	wc.AssertChange(rel2.String(), rel3.String())
-	wc.AssertNoChange()
-
-	// Leave scope, destroying the relation, and check that change as well.
-	err = ru2.LeaveScope()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange(rel2.String())
-	wc.AssertNoChange()
-
-	// Watch relations on the requirer service too (exercises a
-	// different path of the WatchRelations filter function)
-	wpx := s.AddTestingService(c, "wpx", wpch)
-	wpxWatcher := wpx.WatchRelations()
-	defer testing.AssertStop(c, wpxWatcher)
-	wpxWatcherC := testing.NewStringsWatcherC(c, s.State, wpxWatcher)
-	wpxWatcherC.AssertChange()
-	wpxWatcherC.AssertNoChange()
-
-	wpxep, err := wpx.Endpoint("db")
-	c.Assert(err, jc.ErrorIsNil)
-	relx, err := s.State.AddRelation(mysqlep, wpxep)
-	c.Assert(err, jc.ErrorIsNil)
-	wpxWatcherC.AssertChange(relx.String())
-	wpxWatcherC.AssertNoChange()
-}
-
-func removeAllUnits(c *gc.C, s *state.Service) {
-	us, err := s.AllUnits()
-	c.Assert(err, jc.ErrorIsNil)
-	for _, u := range us {
-		err = u.EnsureDead()
-		c.Assert(err, jc.ErrorIsNil)
-		err = u.Remove()
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
-func (s *ServiceSuite) TestWatchService(c *gc.C) {
-	w := s.mysql.Watch()
-	defer testing.AssertStop(c, w)
-
-	// Initial event.
-	wc := testing.NewNotifyWatcherC(c, s.State, w)
-	wc.AssertOneChange()
-
-	// Make one change (to a separate instance), check one event.
-	service, err := s.State.Service(s.mysql.Name())
-	c.Assert(err, jc.ErrorIsNil)
-	err = service.SetExposed()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertOneChange()
-
-	// Make two changes, check one event.
-	err = service.ClearExposed()
-	c.Assert(err, jc.ErrorIsNil)
-
-	cfg := state.SetCharmConfig{
-		Charm:      s.charm,
-		ForceUnits: true,
-	}
-	err = service.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertOneChange()
-
-	// Stop, check closed.
-	testing.AssertStop(c, w)
-	wc.AssertClosed()
-
-	// Remove service, start new watch, check single event.
-	err = service.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	w = s.mysql.Watch()
-	defer testing.AssertStop(c, w)
-	testing.NewNotifyWatcherC(c, s.State, w).AssertOneChange()
-}
-
-// SCHEMACHANGE
-// TODO(mattyw) remove when schema upgrades are possible
-// Check that GetOwnerTag returns user-admin even
-// when the service has no owner
-func (s *ServiceSuite) TestOwnerTagSchemaProtection(c *gc.C) {
-	service := s.AddTestingService(c, "foobar", s.charm)
-	state.SetServiceOwnerTag(service, "")
-	c.Assert(state.GetServiceOwnerTag(service), gc.Equals, "")
-	c.Assert(service.GetOwnerTag(), gc.Equals, "user-admin")
-}
-
-func (s *ServiceSuite) TestMetricCredentials(c *gc.C) {
-	err := s.mysql.SetMetricCredentials([]byte("hello there"))
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(s.mysql.MetricCredentials(), gc.DeepEquals, []byte("hello there"))
-
-	service, err := s.State.Service(s.mysql.Name())
-	c.Assert(service.MetricCredentials(), gc.DeepEquals, []byte("hello there"))
-}
-
-func (s *ServiceSuite) TestMetricCredentialsOnDying(c *gc.C) {
-	_, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.SetMetricCredentials([]byte("set before dying"))
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.mysql.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	assertLife(c, s.mysql, state.Dying)
-	err = s.mysql.SetMetricCredentials([]byte("set after dying"))
-	c.Assert(err, gc.ErrorMatches, "cannot update metric credentials: service not found or not alive")
-}
-
-func (s *ServiceSuite) testStatus(c *gc.C, status1, status2, expected status.Status) {
-	u1, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	err = u1.SetStatus(status1, "status 1", nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	u2, err := s.mysql.AddUnit()
-	c.Assert(err, jc.ErrorIsNil)
-	if status2 == status.StatusError {
-		err = u2.SetAgentStatus(status2, "status 2", nil)
-	} else {
-		err = u2.SetStatus(status2, "status 2", nil)
-	}
-	c.Assert(err, jc.ErrorIsNil)
-
-	statusInfo, err := s.mysql.Status()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(statusInfo.Since, gc.NotNil)
-	statusInfo.Since = nil
-	c.Assert(statusInfo, jc.DeepEquals, status.StatusInfo{
-		Status:  expected,
-		Message: "status 2",
-		Data:    map[string]interface{}{},
-	})
-}
-
-func (s *ServiceSuite) TestStatus(c *gc.C) {
-	for _, t := range []struct{ status1, status2, expected status.Status }{
-		{status.StatusActive, status.StatusWaiting, status.StatusWaiting},
-		{status.StatusMaintenance, status.StatusWaiting, status.StatusWaiting},
-		{status.StatusActive, status.StatusBlocked, status.StatusBlocked},
-		{status.StatusWaiting, status.StatusBlocked, status.StatusBlocked},
-		{status.StatusMaintenance, status.StatusBlocked, status.StatusBlocked},
-		{status.StatusMaintenance, status.StatusError, status.StatusError},
-		{status.StatusBlocked, status.StatusError, status.StatusError},
-		{status.StatusWaiting, status.StatusError, status.StatusError},
-		{status.StatusActive, status.StatusError, status.StatusError},
-	} {
-		s.testStatus(c, t.status1, t.status2, t.expected)
-	}
-}
-
-const oneRequiredStorageMeta = `
-storage:
-  data0:
-    type: block
-`
-
-const oneOptionalStorageMeta = `
-storage:
-  data0:
-    type: block
-    multiple:
-      range: 0-
-`
-
-const twoRequiredStorageMeta = `
-storage:
-  data0:
-    type: block
-  data1:
-    type: block
-`
-
-const twoOptionalStorageMeta = `
-storage:
-  data0:
-    type: block
-    multiple:
-      range: 0-
-  data1:
-    type: block
-    multiple:
-      range: 0-
-`
-
-const oneRequiredFilesystemStorageMeta = `
-storage:
-  data0:
-    type: filesystem
-`
-
-const oneRequiredSharedStorageMeta = `
-storage:
-  data0:
-    type: block
-    shared: true
-`
-
-const oneRequiredReadOnlyStorageMeta = `
-storage:
-  data0:
-    type: block
-    read-only: true
-`
-
-const oneRequiredLocationStorageMeta = `
-storage:
-  data0:
-    type: filesystem
-    location: /srv
-`
-
-const oneMultipleLocationStorageMeta = `
-storage:
-  data0:
-    type: filesystem
-    location: /srv
-    multiple:
-      range: 1-
-`
-
-func storageRange(min, max int) string {
-	var minStr, maxStr string
-	if min > 0 {
-		minStr = fmt.Sprint(min)
-	}
-	if max > 0 {
-		maxStr = fmt.Sprint(max)
-	}
-	return fmt.Sprintf(`
-    multiple:
-      range: %s-%s
-`[1:], minStr, maxStr)
-}
-
-func (s *ServiceSuite) setCharmFromMeta(c *gc.C, oldMeta, newMeta string) error {
-	registry.RegisterEnvironStorageProviders("someprovider", provider.LoopProviderType)
-	oldCh := s.AddMetaCharm(c, "mysql", oldMeta, 2)
-	newCh := s.AddMetaCharm(c, "mysql", newMeta, 3)
-	svc := s.AddTestingService(c, "test", oldCh)
-
-	cfg := state.SetCharmConfig{Charm: newCh}
-	return svc.SetCharm(cfg)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageRemoved(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+twoOptionalStorageMeta,
-		mysqlBaseMeta+oneOptionalStorageMeta,
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": storage "data1" removed`)
-}
-
-func (s *ServiceSuite) TestSetCharmRequiredStorageAdded(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta,
-		mysqlBaseMeta+twoRequiredStorageMeta,
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": required storage "data1" added`)
-}
-
-func (s *ServiceSuite) TestSetCharmOptionalStorageAdded(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta,
-		mysqlBaseMeta+twoOptionalStorageMeta,
-	)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageCountMinDecreased(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(2, 3),
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 3),
-	)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageCountMinIncreased(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 3),
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(2, 3),
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" range contracted: min increased from 1 to 2`)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageCountMaxDecreased(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 2),
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 1),
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" range contracted: max decreased from 2 to 1`)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageCountMaxUnboundedToBounded(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, -1),
-		mysqlBaseMeta+oneRequiredStorageMeta+storageRange(1, 999),
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" range contracted: max decreased from \<unbounded\> to 999`)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageTypeChanged(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta,
-		mysqlBaseMeta+oneRequiredFilesystemStorageMeta,
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" type changed from "block" to "filesystem"`)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageSharedChanged(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta,
-		mysqlBaseMeta+oneRequiredSharedStorageMeta,
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" shared changed from false to true`)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageReadOnlyChanged(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredStorageMeta,
-		mysqlBaseMeta+oneRequiredReadOnlyStorageMeta,
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" read-only changed from false to true`)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageLocationChanged(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredFilesystemStorageMeta,
-		mysqlBaseMeta+oneRequiredLocationStorageMeta,
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" location changed from "" to "/srv"`)
-}
-
-func (s *ServiceSuite) TestSetCharmStorageWithLocationSingletonToMultipleAdded(c *gc.C) {
-	err := s.setCharmFromMeta(c,
-		mysqlBaseMeta+oneRequiredLocationStorageMeta,
-		mysqlBaseMeta+oneMultipleLocationStorageMeta,
-	)
-	c.Assert(err, gc.ErrorMatches, `cannot upgrade service "test" to charm "mysql": existing storage "data0" with location changed from singleton to multiple`)
-}
-
-func (s *ServiceSuite) assertServiceRemovedWithItsBindings(c *gc.C, service *state.Service) {
-	// Removing the service removes the bindings with it.
-	err := service.Destroy()
-	c.Assert(err, jc.ErrorIsNil)
-	err = service.Refresh()
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	state.AssertEndpointBindingsNotFoundForService(c, service)
-}
-
-func (s *ServiceSuite) TestEndpointBindingsReturnsDefaultsWhenNotFound(c *gc.C) {
-	ch := s.AddMetaCharm(c, "mysql", metaBase, 42)
-	service := s.AddTestingServiceWithBindings(c, "yoursql", ch, nil)
-	state.RemoveEndpointBindingsForService(c, service)
-
-	s.assertServiceHasOnlyDefaultEndpointBindings(c, service)
-}
-
-func (s *ServiceSuite) assertServiceHasOnlyDefaultEndpointBindings(c *gc.C, service *state.Service) {
-	charm, _, err := service.Charm()
-	c.Assert(err, jc.ErrorIsNil)
-
-	knownEndpoints := set.NewStrings()
-	allBindings := state.DefaultEndpointBindingsForCharm(charm.Meta())
-	for endpoint, _ := range allBindings {
-		knownEndpoints.Add(endpoint)
-	}
-
-	setBindings, err := service.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(setBindings, gc.NotNil)
-
-	for endpoint, space := range setBindings {
-		c.Check(endpoint, gc.Not(gc.Equals), "")
-		c.Check(knownEndpoints.Contains(endpoint), jc.IsTrue)
-		c.Check(space, gc.Equals, "", gc.Commentf("expected empty space for endpoint %q, got %q", endpoint, space))
-	}
-}
-
-func (s *ServiceSuite) TestEndpointBindingsJustDefaults(c *gc.C) {
-	// With unspecified bindings, all endpoints are explicitly bound to the
-	// default space when saved in state.
-	ch := s.AddMetaCharm(c, "mysql", metaBase, 42)
-	service := s.AddTestingServiceWithBindings(c, "yoursql", ch, nil)
-
-	s.assertServiceHasOnlyDefaultEndpointBindings(c, service)
-	s.assertServiceRemovedWithItsBindings(c, service)
-}
-
-func (s *ServiceSuite) TestEndpointBindingsWithExplictOverrides(c *gc.C) {
-	_, err := s.State.AddSpace("db", "", nil, true)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddSpace("ha", "", nil, false)
-	c.Assert(err, jc.ErrorIsNil)
-
-	bindings := map[string]string{
-		"server":  "db",
-		"cluster": "ha",
-	}
-	ch := s.AddMetaCharm(c, "mysql", metaBase, 42)
-	service := s.AddTestingServiceWithBindings(c, "yoursql", ch, bindings)
-
-	setBindings, err := service.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(setBindings, jc.DeepEquals, map[string]string{
-		"server":  "db",
-		"client":  "",
-		"cluster": "ha",
-	})
-
-	s.assertServiceRemovedWithItsBindings(c, service)
-}
-
-func (s *ServiceSuite) TestSetCharmExtraBindingsUseDefaults(c *gc.C) {
-	_, err := s.State.AddSpace("db", "", nil, true)
-	c.Assert(err, jc.ErrorIsNil)
-
-	oldCharm := s.AddMetaCharm(c, "mysql", metaDifferentProvider, 42)
-	oldBindings := map[string]string{
-		"kludge": "db",
-		"client": "db",
-	}
-	service := s.AddTestingServiceWithBindings(c, "yoursql", oldCharm, oldBindings)
-	setBindings, err := service.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	effectiveOld := map[string]string{
-		"kludge":  "db",
-		"client":  "db",
-		"cluster": "",
-	}
-	c.Assert(setBindings, jc.DeepEquals, effectiveOld)
-
-	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, 43)
-
-	cfg := state.SetCharmConfig{Charm: newCharm}
-	err = service.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	setBindings, err = service.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	effectiveNew := map[string]string{
-		// These two should be preserved from oldCharm.
-		"client":  "db",
-		"cluster": "",
-		// "kludge" is missing in newMeta, "server" is new and gets the default.
-		"server": "",
-		// All the remaining are new and use the empty default.
-		"foo":  "",
-		"baz":  "",
-		"just": "",
-	}
-	c.Assert(setBindings, jc.DeepEquals, effectiveNew)
-
-	s.assertServiceRemovedWithItsBindings(c, service)
-}
-
-func (s *ServiceSuite) TestSetCharmHandlesMissingBindingsAsDefaults(c *gc.C) {
-	oldCharm := s.AddMetaCharm(c, "mysql", metaDifferentProvider, 69)
-	service := s.AddTestingServiceWithBindings(c, "theirsql", oldCharm, nil)
-	state.RemoveEndpointBindingsForService(c, service)
-
-	newCharm := s.AddMetaCharm(c, "mysql", metaExtraEndpoints, 70)
-
-	cfg := state.SetCharmConfig{Charm: newCharm}
-	err := service.SetCharm(cfg)
-	c.Assert(err, jc.ErrorIsNil)
-	setBindings, err := service.EndpointBindings()
-	c.Assert(err, jc.ErrorIsNil)
-	effectiveNew := map[string]string{
-		// The following two exist for both oldCharm and newCharm.
-		"client":  "",
-		"cluster": "",
-		// "kludge" is missing in newMeta, "server" is new and gets the default.
-		"server": "",
-		// All the remaining are new and use the empty default.
-		"foo":  "",
-		"baz":  "",
-		"just": "",
-	}
-	c.Assert(setBindings, jc.DeepEquals, effectiveNew)
-
-	s.assertServiceRemovedWithItsBindings(c, service)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/settings.go juju-core-2.0~beta12/src/github.com/juju/juju/state/settings.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/settings.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/settings.go	2016-07-18 19:45:44.000000000 +0000
@@ -93,8 +93,9 @@
 // A Settings manages changes to settings as a delta in memory and merges
 // them back in the database when explicitly requested.
 type Settings struct {
-	st  *State
-	key string
+	st         *State
+	collection string
+	key        string
 
 	// disk holds the values in the config node before
 	// any keys have been changed. It is reset on Read and Write
@@ -114,9 +115,9 @@
 }
 
 // Keys returns the current keys in alphabetical order.
-func (c *Settings) Keys() []string {
+func (s *Settings) Keys() []string {
 	keys := []string{}
-	for key := range c.core {
+	for key := range s.core {
 		keys = append(keys, key)
 	}
 	sort.Strings(keys)
@@ -124,31 +125,31 @@
 }
 
 // Get returns the value of key and whether it was found.
-func (c *Settings) Get(key string) (value interface{}, found bool) {
-	value, found = c.core[key]
+func (s *Settings) Get(key string) (value interface{}, found bool) {
+	value, found = s.core[key]
 	return
 }
 
 // Map returns all keys and values of the node.
-func (c *Settings) Map() map[string]interface{} {
-	return copyMap(c.core, nil)
+func (s *Settings) Map() map[string]interface{} {
+	return copyMap(s.core, nil)
 }
 
 // Set sets key to value
-func (c *Settings) Set(key string, value interface{}) {
-	c.core[key] = value
+func (s *Settings) Set(key string, value interface{}) {
+	s.core[key] = value
 }
 
 // Update sets multiple key/value pairs.
-func (c *Settings) Update(kv map[string]interface{}) {
+func (s *Settings) Update(kv map[string]interface{}) {
 	for key, value := range kv {
-		c.core[key] = value
+		s.core[key] = value
 	}
 }
 
 // Delete removes key.
-func (c *Settings) Delete(key string) {
-	delete(c.core, key)
+func (s *Settings) Delete(key string) {
+	delete(s.core, key)
 }
 
 // cacheKeys returns the keys of all caches as a key=>true map.
@@ -162,16 +163,15 @@
 	return keys
 }
 
-// Write writes changes made to c back onto its node.  Changes are written
-// as a delta applied on top of the latest version of the node, to prevent
-// overwriting unrelated changes made to the node since it was last read.
-func (c *Settings) Write() ([]ItemChange, error) {
+// settingsUpdateOps returns the item changes and txn ops necessary
+// to write the changes made to c back onto its node.
+func (s *Settings) settingsUpdateOps() ([]ItemChange, []txn.Op) {
 	changes := []ItemChange{}
 	updates := bson.M{}
 	deletions := bson.M{}
-	for key := range cacheKeys(c.disk, c.core) {
-		old, ondisk := c.disk[key]
-		new, incore := c.core[key]
+	for key := range cacheKeys(s.disk, s.core) {
+		old, ondisk := s.disk[key]
+		new, incore := s.core[key]
 		if new == old {
 			continue
 		}
@@ -197,37 +197,45 @@
 	}
 	sort.Sort(itemChangeSlice(changes))
 	ops := []txn.Op{{
-		C:      settingsC,
-		Id:     c.key,
+		C:      s.collection,
+		Id:     s.key,
 		Assert: txn.DocExists,
 		Update: setUnsetUpdateSettings(updates, deletions),
 	}}
-	err := c.st.runTransaction(ops)
+	return changes, ops
+}
+
+func (s *Settings) write(ops []txn.Op) error {
+	err := s.st.runTransaction(ops)
 	if err == txn.ErrAborted {
-		return nil, errors.NotFoundf("settings")
+		return errors.NotFoundf("settings")
 	}
 	if err != nil {
-		return nil, fmt.Errorf("cannot write settings: %v", err)
+		return fmt.Errorf("cannot write settings: %v", err)
 	}
-	c.disk = copyMap(c.core, nil)
-	return changes, nil
+	s.disk = copyMap(s.core, nil)
+	return nil
 }
 
-func newSettings(st *State, key string) *Settings {
-	return &Settings{
-		st:   st,
-		key:  key,
-		core: make(map[string]interface{}),
+// Write writes changes made to c back onto its node.  Changes are written
+// as a delta applied on top of the latest version of the node, to prevent
+// overwriting unrelated changes made to the node since it was last read.
+func (s *Settings) Write() ([]ItemChange, error) {
+	changes, ops := s.settingsUpdateOps()
+	err := s.write(ops)
+	if err != nil {
+		return nil, err
 	}
+	s.disk = copyMap(s.core, nil)
+	return changes, nil
 }
 
-func newSettingsWithDoc(st *State, key string, doc *settingsDoc) *Settings {
+func newSettings(st *State, collection, key string) *Settings {
 	return &Settings{
-		st:      st,
-		key:     key,
-		version: doc.Version,
-		disk:    doc.Settings,
-		core:    copyMap(doc.Settings, nil),
+		st:         st,
+		collection: collection,
+		key:        key,
+		core:       make(map[string]interface{}),
 	}
 }
 
@@ -257,26 +265,26 @@
 }
 
 // Read (re)reads the node data into c.
-func (c *Settings) Read() error {
-	doc, err := readSettingsDoc(c.st, c.key)
+func (s *Settings) Read() error {
+	doc, err := readSettingsDoc(s.st, s.collection, s.key)
 	if errors.IsNotFound(err) {
-		c.disk = nil
-		c.core = make(map[string]interface{})
+		s.disk = nil
+		s.core = make(map[string]interface{})
 		return err
 	}
 	if err != nil {
 		return errors.Annotate(err, "cannot read settings")
 	}
-	c.version = doc.Version
-	c.disk = doc.Settings
-	c.core = copyMap(c.disk, nil)
+	s.version = doc.Version
+	s.disk = doc.Settings
+	s.core = copyMap(s.disk, nil)
 	return nil
 }
 
 // readSettingsDoc reads the settings doc with the given key.
-func readSettingsDoc(st *State, key string) (*settingsDoc, error) {
+func readSettingsDoc(st modelBackend, collection, key string) (*settingsDoc, error) {
 	var doc settingsDoc
-	if err := readSettingsDocInto(st, key, &doc); err != nil {
+	if err := readSettingsDocInto(st, collection, key, &doc); err != nil {
 		return nil, errors.Trace(err)
 	}
 	return &doc, nil
@@ -284,18 +292,11 @@
 
 // readSettingsDocInto reads the settings doc with the given key
 // into the provided output structure.
-func readSettingsDocInto(st *State, key string, out interface{}) error {
-	settings, closer := st.getRawCollection(settingsC)
+func readSettingsDocInto(st modelBackend, collection, key string, out interface{}) error {
+	settings, closer := st.getCollection(collection)
 	defer closer()
 
-	err := settings.FindId(st.docID(key)).One(out)
-
-	// This is required to allow loading of environ settings before the
-	// model UUID migration has been applied to the settings collection.
-	// Without this, an agent's version cannot be read, blocking the upgrade.
-	if err == mgo.ErrNotFound && key == modelGlobalKey {
-		err = settings.FindId(modelGlobalKey).One(out)
-	}
+	err := settings.FindId(key).One(out)
 	if err == mgo.ErrNotFound {
 		err = errors.NotFoundf("settings")
 	}
@@ -303,13 +304,13 @@
 }
 
 // ReadSettings returns the settings for the given key.
-func (st *State) ReadSettings(key string) (*Settings, error) {
-	return readSettings(st, key)
+func (st *State) ReadSettings(collection, key string) (*Settings, error) {
+	return readSettings(st, collection, key)
 }
 
 // readSettings returns the Settings for key.
-func readSettings(st *State, key string) (*Settings, error) {
-	s := newSettings(st, key)
+func readSettings(st *State, collection, key string) (*Settings, error) {
+	s := newSettings(st, collection, key)
 	if err := s.Read(); err != nil {
 		return nil, err
 	}
@@ -318,10 +319,10 @@
 
 var errSettingsExist = fmt.Errorf("cannot overwrite existing settings")
 
-func createSettingsOp(key string, values map[string]interface{}) txn.Op {
+func createSettingsOp(collection, key string, values map[string]interface{}) txn.Op {
 	newValues := copyMap(values, escapeReplacer.Replace)
 	return txn.Op{
-		C:      settingsC,
+		C:      collection,
 		Id:     key,
 		Assert: txn.DocMissing,
 		Insert: &settingsDoc{
@@ -331,10 +332,10 @@
 }
 
 // createSettings writes an initial config node.
-func createSettings(st *State, key string, values map[string]interface{}) (*Settings, error) {
-	s := newSettings(st, key)
+func createSettings(st *State, collection, key string, values map[string]interface{}) (*Settings, error) {
+	s := newSettings(st, collection, key)
 	s.core = copyMap(values, nil)
-	ops := []txn.Op{createSettingsOp(key, values)}
+	ops := []txn.Op{createSettingsOp(collection, key, values)}
 	err := s.st.runTransaction(ops)
 	if err == txn.ErrAborted {
 		return nil, errSettingsExist
@@ -346,8 +347,8 @@
 }
 
 // removeSettings removes the Settings for key.
-func removeSettings(st *State, key string) error {
-	err := st.runTransaction([]txn.Op{removeSettingsOp(key)})
+func removeSettings(st *State, collection, key string) error {
+	err := st.runTransaction([]txn.Op{removeSettingsOp(collection, key)})
 	if err == txn.ErrAborted {
 		return errors.NotFoundf("settings")
 	} else if err != nil {
@@ -356,9 +357,9 @@
 	return nil
 }
 
-func removeSettingsOp(key string) txn.Op {
+func removeSettingsOp(collection, key string) txn.Op {
 	return txn.Op{
-		C:      settingsC,
+		C:      collection,
 		Id:     key,
 		Assert: txn.DocExists,
 		Remove: true,
@@ -366,8 +367,8 @@
 }
 
 // listSettings returns all the settings with the specified key prefix.
-func listSettings(st *State, keyPrefix string) (map[string]map[string]interface{}, error) {
-	settings, closer := st.getRawCollection(settingsC)
+func listSettings(st *State, collection, keyPrefix string) (map[string]map[string]interface{}, error) {
+	settings, closer := st.getRawCollection(collection)
 	defer closer()
 
 	var matchingSettings []settingsDoc
@@ -386,8 +387,8 @@
 // replaces it with the supplied values, and a function that should be called on
 // txn failure to determine whether this operation failed (due to a concurrent
 // settings change).
-func replaceSettingsOp(st *State, key string, values map[string]interface{}) (txn.Op, func() (bool, error), error) {
-	s, err := readSettings(st, key)
+func replaceSettingsOp(st *State, collection, key string, values map[string]interface{}) (txn.Op, func() (bool, error), error) {
+	s, err := readSettings(st, collection, key)
 	if err != nil {
 		return txn.Op{}, nil, err
 	}
@@ -401,7 +402,7 @@
 	op := s.assertUnchangedOp()
 	op.Update = setUnsetUpdateSettings(bson.M(newValues), deletes)
 	assertFailed := func() (bool, error) {
-		latest, err := readSettings(st, key)
+		latest, err := readSettings(st, collection, key)
 		if err != nil {
 			return false, err
 		}
@@ -412,7 +413,7 @@
 
 func (s *Settings) assertUnchangedOp() txn.Op {
 	return txn.Op{
-		C:      settingsC,
+		C:      s.collection,
 		Id:     s.key,
 		Assert: bson.D{{"version", s.version}},
 	}
@@ -431,7 +432,7 @@
 }
 
 // setUnsetUpdateSettings returns a bson.D for use
-// in a settingsC txn.Op's Update field, containing
+// in a s.collection txn.Op's Update field, containing
 // $set and $unset operators if the corresponding
 // operands are non-empty.
 func setUnsetUpdateSettings(set, unset bson.M) bson.D {
@@ -453,23 +454,24 @@
 
 // StateSettings is used to expose various settings APIs outside of the state package.
 type StateSettings struct {
-	st *State
+	st         *State
+	collection string
 }
 
 // NewStateSettings creates a StateSettings from state.
 func NewStateSettings(st *State) *StateSettings {
-	return &StateSettings{st}
+	return &StateSettings{st, settingsC}
 }
 
 // CreateSettings exposes createSettings on state for use outside the state package.
 func (s *StateSettings) CreateSettings(key string, settings map[string]interface{}) error {
-	_, err := createSettings(s.st, key, settings)
+	_, err := createSettings(s.st, s.collection, key, settings)
 	return err
 }
 
 // ReadSettings exposes readSettings on state for use outside the state package.
 func (s *StateSettings) ReadSettings(key string) (map[string]interface{}, error) {
-	if settings, err := readSettings(s.st, key); err != nil {
+	if settings, err := readSettings(s.st, s.collection, key); err != nil {
 		return nil, err
 	} else {
 		return settings.Map(), nil
@@ -478,10 +480,10 @@
 
 // RemoveSettings exposes removeSettings on state for use outside the state package.
 func (s *StateSettings) RemoveSettings(key string) error {
-	return removeSettings(s.st, key)
+	return removeSettings(s.st, s.collection, key)
 }
 
 // ListSettings exposes listSettings on state for use outside the state package.
 func (s *StateSettings) ListSettings(keyPrefix string) (map[string]map[string]interface{}, error) {
-	return listSettings(s.st, keyPrefix)
+	return listSettings(s.st, s.collection, keyPrefix)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/settings_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/settings_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/settings_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/settings_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,8 @@
 
 type SettingsSuite struct {
 	internalStateSuite
-	key string
+	key        string
+	collection string
 }
 
 var _ = gc.Suite(&SettingsSuite{})
@@ -20,32 +21,41 @@
 func (s *SettingsSuite) SetUpTest(c *gc.C) {
 	s.internalStateSuite.SetUpTest(c)
 	s.key = "config"
+	s.collection = settingsC
+}
+
+func (s *SettingsSuite) createSettings(key string, values map[string]interface{}) (*Settings, error) {
+	return createSettings(s.state, s.collection, key, values)
+}
+
+func (s *SettingsSuite) readSettings() (*Settings, error) {
+	return readSettings(s.state, s.collection, s.key)
 }
 
 func (s *SettingsSuite) TestCreateEmptySettings(c *gc.C) {
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(node.Keys(), gc.DeepEquals, []string{})
 }
 
 func (s *SettingsSuite) TestCannotOverwrite(c *gc.C) {
-	_, err := createSettings(s.state, s.key, nil)
+	_, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = createSettings(s.state, s.key, nil)
+	_, err = s.createSettings(s.key, nil)
 	c.Assert(err, gc.ErrorMatches, "cannot overwrite existing settings")
 }
 
 func (s *SettingsSuite) TestCannotReadMissing(c *gc.C) {
-	_, err := readSettings(s.state, s.key)
+	_, err := s.readSettings()
 	c.Assert(err, gc.ErrorMatches, "settings not found")
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
 func (s *SettingsSuite) TestCannotWriteMissing(c *gc.C) {
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = removeSettings(s.state, s.key)
+	err = removeSettings(s.state, s.collection, s.key)
 	c.Assert(err, jc.ErrorIsNil)
 
 	node.Set("foo", "bar")
@@ -55,7 +65,7 @@
 }
 
 func (s *SettingsSuite) TestUpdateWithWrite(c *gc.C) {
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	options := map[string]interface{}{"alpha": "beta", "one": 1}
 	node.Update(options)
@@ -82,9 +92,9 @@
 
 func (s *SettingsSuite) TestConflictOnSet(c *gc.C) {
 	// Check version conflict errors.
-	nodeOne, err := createSettings(s.state, s.key, nil)
+	nodeOne, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
-	nodeTwo, err := readSettings(s.state, s.key)
+	nodeTwo, err := s.readSettings()
 	c.Assert(err, jc.ErrorIsNil)
 
 	optionsOld := map[string]interface{}{"alpha": "beta", "one": 1}
@@ -141,7 +151,7 @@
 
 func (s *SettingsSuite) TestSetItem(c *gc.C) {
 	// Check that Set works as expected.
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	options := map[string]interface{}{"alpha": "beta", "one": 1}
 	node.Set("alpha", "beta")
@@ -167,7 +177,7 @@
 
 func (s *SettingsSuite) TestSetItemEscape(c *gc.C) {
 	// Check that Set works as expected.
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	options := map[string]interface{}{"$bar": 1, "foo.alpha": "beta"}
 	node.Set("foo.alpha", "beta")
@@ -195,7 +205,7 @@
 	// Now get another state by reading from the database instance and
 	// check read state has replaced '.' and '$' after fetching from
 	// MongoDB.
-	nodeTwo, err := readSettings(s.state, s.key)
+	nodeTwo, err := s.readSettings()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(nodeTwo.disk, gc.DeepEquals, options)
 	c.Assert(nodeTwo.core, gc.DeepEquals, options)
@@ -203,7 +213,7 @@
 
 func (s *SettingsSuite) TestReplaceSettingsEscape(c *gc.C) {
 	// Check that replaceSettings works as expected.
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	node.Set("foo.alpha", "beta")
 	node.Set("$bar", 1)
@@ -211,7 +221,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	options := map[string]interface{}{"$baz": 1, "foo.bar": "beta"}
-	rop, settingsChanged, err := replaceSettingsOp(s.state, s.key, options)
+	rop, settingsChanged, err := replaceSettingsOp(s.state, s.collection, s.key, options)
 	c.Assert(err, jc.ErrorIsNil)
 	ops := []txn.Op{rop}
 	err = node.st.runTransaction(ops)
@@ -236,7 +246,7 @@
 func (s *SettingsSuite) TestcreateSettingsEscape(c *gc.C) {
 	// Check that createSettings works as expected.
 	options := map[string]interface{}{"$baz": 1, "foo.bar": "beta"}
-	node, err := createSettings(s.state, s.key, options)
+	node, err := s.createSettings(s.key, options)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Check local state.
@@ -257,7 +267,7 @@
 
 func (s *SettingsSuite) TestMultipleReads(c *gc.C) {
 	// Check that reads without writes always resets the data.
-	nodeOne, err := createSettings(s.state, s.key, nil)
+	nodeOne, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	nodeOne.Update(map[string]interface{}{"alpha": "beta", "foo": "bar"})
 	value, ok := nodeOne.Get("alpha")
@@ -290,7 +300,7 @@
 	c.Assert(value, gc.Equals, "bar")
 
 	// Now get another state instance and change underlying state.
-	nodeTwo, err := readSettings(s.state, s.key)
+	nodeTwo, err := s.readSettings()
 	c.Assert(err, jc.ErrorIsNil)
 	nodeTwo.Update(map[string]interface{}{"foo": "different"})
 	changes, err = nodeTwo.Write()
@@ -311,7 +321,7 @@
 }
 
 func (s *SettingsSuite) TestDeleteEmptiesState(c *gc.C) {
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	node.Set("a", "foo")
 	changes, err := node.Write()
@@ -330,7 +340,7 @@
 
 func (s *SettingsSuite) TestReadResync(c *gc.C) {
 	// Check that read pulls the data into the node.
-	nodeOne, err := createSettings(s.state, s.key, nil)
+	nodeOne, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	nodeOne.Set("a", "foo")
 	changes, err := nodeOne.Write()
@@ -338,7 +348,7 @@
 	c.Assert(changes, gc.DeepEquals, []ItemChange{
 		{ItemAdded, "a", nil, "foo"},
 	})
-	nodeTwo, err := readSettings(s.state, s.key)
+	nodeTwo, err := s.readSettings()
 	c.Assert(err, jc.ErrorIsNil)
 	nodeTwo.Delete("a")
 	changes, err = nodeTwo.Write()
@@ -362,7 +372,7 @@
 
 func (s *SettingsSuite) TestMultipleWrites(c *gc.C) {
 	// Check that multiple writes only do the right changes.
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	node.Update(map[string]interface{}{"foo": "bar", "this": "that"})
 	changes, err := node.Write()
@@ -397,7 +407,7 @@
 }
 
 func (s *SettingsSuite) TestMultipleWritesAreStable(c *gc.C) {
-	node, err := createSettings(s.state, s.key, nil)
+	node, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	node.Update(map[string]interface{}{"foo": "bar", "this": "that"})
 	_, err = node.Write()
@@ -428,7 +438,7 @@
 
 func (s *SettingsSuite) TestWriteTwice(c *gc.C) {
 	// Check the correct writing into a node by two config nodes.
-	nodeOne, err := createSettings(s.state, s.key, nil)
+	nodeOne, err := s.createSettings(s.key, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	nodeOne.Set("a", "foo")
 	changes, err := nodeOne.Write()
@@ -437,7 +447,7 @@
 		{ItemAdded, "a", nil, "foo"},
 	})
 
-	nodeTwo, err := readSettings(s.state, s.key)
+	nodeTwo, err := s.readSettings()
 	c.Assert(err, jc.ErrorIsNil)
 	nodeTwo.Set("a", "bar")
 	changes, err = nodeTwo.Write()
@@ -460,14 +470,14 @@
 }
 
 func (s *SettingsSuite) TestList(c *gc.C) {
-	_, err := createSettings(s.state, "key#1", map[string]interface{}{"foo1": "bar1"})
+	_, err := s.createSettings("key#1", map[string]interface{}{"foo1": "bar1"})
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = createSettings(s.state, "key#2", map[string]interface{}{"foo2": "bar2"})
+	_, err = s.createSettings("key#2", map[string]interface{}{"foo2": "bar2"})
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = createSettings(s.state, "another#1", map[string]interface{}{"foo2": "bar2"})
+	_, err = s.createSettings("another#1", map[string]interface{}{"foo2": "bar2"})
 	c.Assert(err, jc.ErrorIsNil)
 
-	nodes, err := listSettings(s.state, "key#")
+	nodes, err := listSettings(s.state, s.collection, "key#")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(nodes, jc.DeepEquals, map[string]map[string]interface{}{
 		"key#1": {"foo1": "bar1"},
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/singular.go juju-core-2.0~beta12/src/github.com/juju/juju/state/singular.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/singular.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/singular.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/core/lease"
 )
@@ -51,5 +51,5 @@
 // SingularClaimer returns a lease.Claimer representing the exclusive right to
 // manage the environment.
 func (st *State) SingularClaimer() lease.Claimer {
-	return st.singularManager
+	return st.workers.SingularManager()
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/singular_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/singular_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/singular_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/singular_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -49,7 +49,7 @@
 func (s *SingularSuite) TestClaimBadDuration(c *gc.C) {
 	claimer := s.State.SingularClaimer()
 	err := claimer.Claim(s.modelTag.Id(), "machine-123", 0)
-	c.Check(err, gc.ErrorMatches, `cannot claim lease for 0: non-positive`)
+	c.Check(err, gc.ErrorMatches, `cannot claim lease for 0s?: non-positive`)
 }
 
 func (s *SingularSuite) TestClaim(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/spaces.go juju-core-2.0~beta12/src/github.com/juju/juju/state/spaces.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/spaces.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/spaces.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -51,7 +51,7 @@
 // ProviderId returns the provider id of the space. This will be the empty
 // string except on substrates that directly support spaces.
 func (s *Space) ProviderId() network.Id {
-	return network.Id(s.st.localID(s.doc.ProviderId))
+	return network.Id(s.doc.ProviderId)
 }
 
 // Subnets returns all the subnets associated with the Space.
@@ -83,18 +83,13 @@
 	}
 
 	spaceID := st.docID(name)
-	var modelLocalProviderID string
-	if providerId != "" {
-		modelLocalProviderID = st.docID(string(providerId))
-	}
-
 	spaceDoc := spaceDoc{
 		DocID:      spaceID,
 		ModelUUID:  st.ModelUUID(),
 		Life:       Alive,
 		Name:       name,
 		IsPublic:   isPublic,
-		ProviderId: string(modelLocalProviderID),
+		ProviderId: string(providerId),
 	}
 	newSpace = &Space{doc: spaceDoc, st: st}
 
@@ -105,6 +100,10 @@
 		Insert: spaceDoc,
 	}}
 
+	if providerId != "" {
+		ops = append(ops, st.networkEntityGlobalKeyOp("space", providerId))
+	}
+
 	for _, subnetId := range subnets {
 		// TODO:(mfoord) once we have refcounting for subnets we should
 		// also assert that the refcount is zero as moving the space of a
@@ -126,20 +125,16 @@
 				return nil, err
 			}
 		}
-	} else if err != nil {
-		return nil, err
-	}
-
-	// If the ProviderId was not unique adding the space can fail without an
-	// error. Refreshing catches this by returning NotFoundError.
-	err = newSpace.Refresh()
-	if err != nil {
-		if errors.IsNotFound(err) {
-			return nil, errors.Errorf("ProviderId %q not unique", providerId)
+		if err := newSpace.Refresh(); err != nil {
+			if errors.IsNotFound(err) {
+				return nil, errors.Errorf("ProviderId %q not unique", providerId)
+			}
+			return nil, errors.Trace(err)
 		}
 		return nil, errors.Trace(err)
+	} else if err != nil {
+		return nil, err
 	}
-
 	return newSpace, nil
 }
 
@@ -218,6 +213,9 @@
 		Remove: true,
 		Assert: isDeadDoc,
 	}}
+	if s.ProviderId() != "" {
+		ops = append(ops, s.st.networkEntityGlobalKeyRemoveOp("space", s.ProviderId()))
+	}
 
 	txnErr := s.st.runTransaction(ops)
 	if txnErr == nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/spaces_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/spaces_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/spaces_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/spaces_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,34 +39,13 @@
 func (s *SpacesSuite) makeSubnetInfosForCIDRs(c *gc.C, CIDRs []string) []state.SubnetInfo {
 	infos := make([]state.SubnetInfo, len(CIDRs))
 	for i, cidr := range CIDRs {
-		ip, ipNet, err := net.ParseCIDR(cidr)
+		_, _, err := net.ParseCIDR(cidr)
 		c.Assert(err, jc.ErrorIsNil)
 
-		// Generate the high IP address from the CIDR
-		// First create a copy of the low IP address
-		highIp := ip
-
-		// By default we always get 16 bytes for each IP address. We want to
-		// reduce this to 4 if we were provided an IPv4 address.
-		if ip.To4() != nil {
-			highIp = ip.To4()
-			ip = ip.To4()
-		}
-
-		// To generate a high IP address we bitwise not each byte of the subnet
-		// mask and OR it to the low IP address.
-		for j, b := range ipNet.Mask {
-			if j < len(ip) {
-				highIp[j] |= ^b
-			}
-		}
-
 		infos[i] = state.SubnetInfo{
-			CIDR:              cidr,
-			VLANTag:           79,
-			AllocatableIPLow:  ip.String(),
-			AllocatableIPHigh: highIp.String(),
-			AvailabilityZone:  "AvailabilityZone",
+			CIDR:             cidr,
+			VLANTag:          79,
+			AvailabilityZone: "AvailabilityZone",
 		}
 
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/sshhostkeys.go juju-core-2.0~beta12/src/github.com/juju/juju/state/sshhostkeys.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/sshhostkeys.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/sshhostkeys.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -38,9 +38,9 @@
 	var doc sshHostKeysDoc
 	err := coll.FindId(machineGlobalKey(tag.Id())).One(&doc)
 	if err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("SSH host keys for %s", tag)
+		return nil, errors.NotFoundf("keys")
 	} else if err != nil {
-		return nil, errors.Annotate(err, "SSH host key lookup failed")
+		return nil, errors.Annotate(err, "key lookup failed")
 	}
 	return SSHHostKeys(doc.Keys), nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/sshhostkeys_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/sshhostkeys_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/sshhostkeys_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/sshhostkeys_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing/factory"
@@ -58,7 +58,7 @@
 func checkKeysNotFound(c *gc.C, st *state.State, tag names.MachineTag) {
 	_, err := st.GetSSHHostKeys(tag)
 	c.Check(errors.IsNotFound(err), jc.IsTrue)
-	c.Check(err, gc.ErrorMatches, "SSH host keys for .+ not found")
+	c.Check(err, gc.ErrorMatches, "keys not found")
 }
 
 func checkGet(c *gc.C, st *state.State, tag names.MachineTag, expected state.SSHHostKeys) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/state.go juju-core-2.0~beta12/src/github.com/juju/juju/state/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,7 +17,6 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"github.com/juju/utils"
 	"github.com/juju/utils/os"
@@ -26,24 +25,24 @@
 	"github.com/juju/version"
 	"gopkg.in/juju/charm.v6-unstable"
 	csparams "gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/audit"
 	"github.com/juju/juju/constraints"
-	corelease "github.com/juju/juju/core/lease"
-	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/core/lease"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state/cloudimagemetadata"
+	stateaudit "github.com/juju/juju/state/internal/audit"
 	statelease "github.com/juju/juju/state/lease"
-	"github.com/juju/juju/state/presence"
-	"github.com/juju/juju/state/watcher"
+	"github.com/juju/juju/state/workers"
 	"github.com/juju/juju/status"
 	jujuversion "github.com/juju/juju/version"
-	"github.com/juju/juju/worker/lease"
 )
 
 var logger = loggo.GetLogger("juju.state")
@@ -59,37 +58,46 @@
 	// blobstoreDB is the name of the blobstore GridFS database.
 	blobstoreDB = "blobstore"
 
-	// serviceLeadershipNamespace is the name of the lease.Client namespace
+	// applicationLeadershipNamespace is the name of the lease.Client namespace
 	// used by the leadership manager.
-	serviceLeadershipNamespace = "service-leadership"
+	applicationLeadershipNamespace = "application-leadership"
 
 	// singularControllerNamespace is the name of the lease.Client namespace
 	// used by the singular manager
 	singularControllerNamespace = "singular-controller"
 )
 
+type providerIdDoc struct {
+	ID string `bson:"_id"` // format: "<model-uuid>:<global-key>:<provider-id>"
+}
+
 // State represents the state of an model
 // managed by juju.
 type State struct {
 	modelTag      names.ModelTag
 	controllerTag names.ModelTag
 	mongoInfo     *mongo.MongoInfo
-	mongoDialOpts mongo.DialOpts
 	session       *mgo.Session
 	database      Database
 	policy        Policy
 
-	// TODO(fwereade): move these out of state and make them independent
-	// workers on which state depends.
-	watcher  *watcher.Watcher
-	pwatcher *presence.Watcher
-	// leadershipManager keeps track of units' service leadership leases
-	// within this environment.
-	leadershipClient  corelease.Client
-	leadershipManager *lease.Manager
-	// singularManager keeps track of which controller machine is responsible
-	// for managing this state's environment.
-	singularManager *lease.Manager
+	// cloudName is the name of the cloud on which the model
+	// represented by this state runs.
+	cloudName string
+
+	// leaseClientId is used by the lease infrastructure to
+	// differentiate between machines whose clocks may be
+	// relatively-skewed.
+	leaseClientId string
+
+	// workers is responsible for keeping the various sub-workers
+	// available by starting new ones as they fail. It doesn't do
+	// that yet, but having a type that collects them together is the
+	// first step.
+	//
+	// note that the allManager stuff below probably ought to be
+	// folded in as well, but that feels like its own task.
+	workers workers.Workers
 
 	// mu guards allManager, allModelManager & allModelWatcherBacking
 	mu                     sync.Mutex
@@ -104,6 +112,12 @@
 // StateServingInfo holds information needed by a controller.
 // This type is a copy of the type of the same name from the api/params package.
 // It is replicated here to avoid the state pacakge depending on api/params.
+//
+// NOTE(fwereade): the api/params type exists *purely* for representing
+// this data over the wire, and has a legitimate reason to exist. This
+// type does not: it's non-implementation-specific and shoudl be defined
+// under core/ somewhere, so it can be used both here and in the agent
+// without dragging unnecessary/irrelevant packages into scope.
 type StateServingInfo struct {
 	APIPort      int
 	StatePort    int
@@ -121,6 +135,12 @@
 	return st.modelTag == st.controllerTag
 }
 
+// ControllerUUID returns the model UUID for the controller model
+// of this state instance.
+func (st *State) ControllerUUID() string {
+	return st.controllerTag.Id()
+}
+
 // RemoveAllModelDocs removes all documents from multi-model
 // collections. The model should be put into a dying state before call
 // this method. Otherwise, there is a race condition in which collections
@@ -166,57 +186,95 @@
 		if info.global {
 			continue
 		}
-		coll, closer := st.getCollection(name)
-		defer closer()
-
-		var ids []bson.M
-		err := coll.Find(nil).Select(bson.D{{"_id", 1}}).All(&ids)
+		if info.rawAccess {
+			if err := st.removeAllInCollectionRaw(name); err != nil {
+				return errors.Trace(err)
+			}
+			continue
+		}
+		// TODO(rog): 2016-05-06 lp:1579010
+		// We can end up with an enormous transaction here,
+		// because we'll have one operation for each document in the
+		// whole model.
+		var err error
+		ops, err = st.appendRemoveAllInCollectionOps(ops, name)
 		if err != nil {
 			return errors.Trace(err)
 		}
-		for _, id := range ids {
-			if info.rawAccess {
-				if err := coll.Writeable().RemoveId(id["_id"]); err != nil {
-					return errors.Trace(err)
-				}
-			} else {
-				ops = append(ops, txn.Op{
-					C:      name,
-					Id:     id["_id"],
-					Remove: true,
-				})
-			}
-		}
 	}
-
 	return st.runTransaction(ops)
 }
 
+// removeAllInCollectionRaw removes all the documents from the given
+// named collection.
+func (st *State) removeAllInCollectionRaw(name string) error {
+	coll, closer := st.getCollection(name)
+	defer closer()
+	_, err := coll.Writeable().RemoveAll(nil)
+	return errors.Trace(err)
+}
+
+// appendRemoveAllInCollectionOps appends to ops operations to
+// remove all the documents in the given named collection.
+func (st *State) appendRemoveAllInCollectionOps(ops []txn.Op, name string) ([]txn.Op, error) {
+	coll, closer := st.getCollection(name)
+	defer closer()
+
+	var ids []bson.M
+	err := coll.Find(nil).Select(bson.D{{"_id", 1}}).All(&ids)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	for _, id := range ids {
+		ops = append(ops, txn.Op{
+			C:      name,
+			Id:     id["_id"],
+			Remove: true,
+		})
+	}
+	return ops, nil
+}
+
 // ForModel returns a connection to mongo for the specified model. The
 // connection uses the same credentials and policy as the existing connection.
-func (st *State) ForModel(env names.ModelTag) (*State, error) {
-	newState, err := open(env, st.mongoInfo, st.mongoDialOpts, st.policy)
+func (st *State) ForModel(model names.ModelTag) (*State, error) {
+	session := st.session.Copy()
+	newSt, err := newState(
+		model, session, st.mongoInfo, st.policy,
+	)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	if err := newState.start(st.controllerTag); err != nil {
+	if err := newSt.start(st.controllerTag); err != nil {
 		return nil, errors.Trace(err)
 	}
-	return newState, nil
+	return newSt, nil
 }
 
-// start starts the presence watcher, leadership manager and images metadata storage,
-// and fills in the controllerTag field with the supplied value.
-func (st *State) start(controllerTag names.ModelTag) error {
+// start makes a *State functional post-creation, by:
+//   * setting controllerTag, cloudName and leaseClientId
+//   * starting lease managers and watcher backends
+//   * creating cloud metadata storage
+//
+// start will close the *State if it fails.
+func (st *State) start(controllerTag names.ModelTag) (err error) {
+	defer func() {
+		if err == nil {
+			return
+		}
+		if err2 := st.Close(); err2 != nil {
+			logger.Errorf("closing State for %s: %v", st.modelTag, err2)
+		}
+	}()
+
 	st.controllerTag = controllerTag
 
-	var clientId string
 	if identity := st.mongoInfo.Tag; identity != nil {
 		// TODO(fwereade): it feels a bit wrong to take this from MongoInfo -- I
 		// think it's just coincidental that the mongodb user happens to map to
 		// the machine that's executing the code -- but there doesn't seem to be
 		// an accessible alternative.
-		clientId = identity.String()
+		st.leaseClientId = identity.String()
 	} else {
 		// If we're running state anonymously, we can still use the lease
 		// manager; but we need to make sure we use a unique client ID, and
@@ -226,63 +284,64 @@
 		if err != nil {
 			return errors.Trace(err)
 		}
-		clientId = fmt.Sprintf("anon-%s", uuid.String())
+		st.leaseClientId = fmt.Sprintf("anon-%s", uuid.String())
 	}
+	// now we've set up leaseClientId, we can use workersFactory
 
-	logger.Infof("creating lease clients as %s", clientId)
+	logger.Infof("starting standard state workers")
 	clock := GetClock()
-	datastore := &environMongo{st}
-	leadershipClient, err := statelease.NewClient(statelease.ClientConfig{
-		Id:         clientId,
-		Namespace:  serviceLeadershipNamespace,
-		Collection: leasesC,
-		Mongo:      datastore,
-		Clock:      clock,
+	factory := workersFactory{
+		st:    st,
+		clock: clock,
+	}
+	workers, err := workers.NewRestartWorkers(workers.RestartConfig{
+		Factory: factory,
+		Logger:  loggo.GetLogger(logger.Name() + ".workers"),
+		Clock:   clock,
+		Delay:   time.Second,
 	})
 	if err != nil {
-		return errors.Annotatef(err, "cannot create leadership lease client")
+		return errors.Annotatef(err, "cannot create standard state workers")
 	}
-	st.leadershipClient = leadershipClient
-	logger.Infof("starting leadership lease manager")
-	leadershipManager, err := lease.NewManager(lease.ManagerConfig{
-		Secretary: leadershipSecretary{},
-		Client:    leadershipClient,
-		Clock:     clock,
-		MaxSleep:  time.Minute,
+	st.workers = workers
+
+	logger.Infof("creating cloud image metadata storage")
+	st.CloudImageMetadataStorage = cloudimagemetadata.NewStorage(
+		st.ModelUUID(),
+		cloudimagemetadataC,
+		&environMongo{st},
+	)
+
+	logger.Infof("started state for %s successfully", st.modelTag)
+	return nil
+}
+
+func (st *State) getLeadershipLeaseClient() (lease.Client, error) {
+	client, err := statelease.NewClient(statelease.ClientConfig{
+		Id:         st.leaseClientId,
+		Namespace:  applicationLeadershipNamespace,
+		Collection: leasesC,
+		Mongo:      &environMongo{st},
+		Clock:      GetClock(),
 	})
 	if err != nil {
-		return errors.Annotatef(err, "cannot create leadership lease manager")
+		return nil, errors.Annotatef(err, "cannot create leadership lease client")
 	}
-	st.leadershipManager = leadershipManager
+	return client, nil
+}
 
-	singularClient, err := statelease.NewClient(statelease.ClientConfig{
-		Id:         clientId,
+func (st *State) getSingularLeaseClient() (lease.Client, error) {
+	client, err := statelease.NewClient(statelease.ClientConfig{
+		Id:         st.leaseClientId,
 		Namespace:  singularControllerNamespace,
 		Collection: leasesC,
-		Mongo:      datastore,
-		Clock:      clock,
-	})
-	if err != nil {
-		return errors.Annotatef(err, "cannot create singular lease client")
-	}
-	logger.Infof("starting singular lease manager")
-	singularManager, err := lease.NewManager(lease.ManagerConfig{
-		Secretary: singularSecretary{st.modelTag.Id()},
-		Client:    singularClient,
-		Clock:     clock,
-		MaxSleep:  time.Minute,
+		Mongo:      &environMongo{st},
+		Clock:      GetClock(),
 	})
 	if err != nil {
-		return errors.Annotatef(err, "cannot create singular lease manager")
+		return nil, errors.Annotatef(err, "cannot create singular lease client")
 	}
-	st.singularManager = singularManager
-
-	logger.Infof("creating cloud image metadata storage")
-	st.CloudImageMetadataStorage = cloudimagemetadata.NewStorage(st.ModelUUID(), cloudimagemetadataC, datastore)
-
-	logger.Infof("starting presence watcher")
-	st.pwatcher = presence.NewWatcher(st.getPresence(), st.modelTag)
-	return nil
+	return client, nil
 }
 
 // ModelTag() returns the model tag for the model controlled by
@@ -338,11 +397,18 @@
 	return nil
 }
 
-// getPresence returns the presence m.
-func (st *State) getPresence() *mgo.Collection {
+// getPresenceCollection returns the raw mongodb presence collection,
+// which is needed to interact with the state/presence package.
+func (st *State) getPresenceCollection() *mgo.Collection {
 	return st.session.DB(presenceDB).C(presenceC)
 }
 
+// getTxnLogCollection returns the raw mongodb txns collection, which is
+// needed to interact with the state/watcher package.
+func (st *State) getTxnLogCollection() *mgo.Collection {
+	return st.session.DB(jujuDB).C(txnLogC)
+}
+
 // newDB returns a database connection using a new session, along with
 // a closer function for the session. This is useful where you need to work
 // with various collections in a single session, so don't want to call
@@ -393,26 +459,6 @@
 	return NewMultiwatcher(st.allModelManager)
 }
 
-func (st *State) ModelConfig() (*config.Config, error) {
-	settings, err := readSettings(st, modelGlobalKey)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	attrs := settings.Map()
-	return config.New(config.NoDefaults, attrs)
-}
-
-// checkModelConfig returns an error if the config is definitely invalid.
-func checkModelConfig(cfg *config.Config) error {
-	if cfg.AdminSecret() != "" {
-		return errors.Errorf("admin-secret should never be written to the state")
-	}
-	if _, ok := cfg.AgentVersion(); !ok {
-		return errors.Errorf("agent-version must always be set in state")
-	}
-	return nil
-}
-
 // versionInconsistentError indicates one or more agents have a
 // different version from the current one (even empty, when not yet
 // set).
@@ -508,7 +554,7 @@
 	}
 
 	buildTxn := func(attempt int) ([]txn.Op, error) {
-		settings, err := readSettings(st, modelGlobalKey)
+		settings, err := readSettings(st, settingsC, modelGlobalKey)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -559,71 +605,6 @@
 	return errors.Trace(err)
 }
 
-func (st *State) buildAndValidateModelConfig(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) (validCfg *config.Config, err error) {
-	newConfig, err := oldConfig.Apply(updateAttrs)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if len(removeAttrs) != 0 {
-		newConfig, err = newConfig.Remove(removeAttrs)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-	}
-	if err := checkModelConfig(newConfig); err != nil {
-		return nil, errors.Trace(err)
-	}
-	return st.validate(newConfig, oldConfig)
-}
-
-type ValidateConfigFunc func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error
-
-// UpdateModelConfig adds, updates or removes attributes in the current
-// configuration of the model with the provided updateAttrs and
-// removeAttrs.
-func (st *State) UpdateModelConfig(updateAttrs map[string]interface{}, removeAttrs []string, additionalValidation ValidateConfigFunc) error {
-	if len(updateAttrs)+len(removeAttrs) == 0 {
-		return nil
-	}
-
-	// TODO(axw) 2013-12-6 #1167616
-	// Ensure that the settings on disk have not changed
-	// underneath us. The settings changes are actually
-	// applied as a delta to what's on disk; if there has
-	// been a concurrent update, the change may not be what
-	// the user asked for.
-	settings, err := readSettings(st, modelGlobalKey)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	// Get the existing model config from state.
-	oldConfig, err := config.New(config.NoDefaults, settings.Map())
-	if err != nil {
-		return errors.Trace(err)
-	}
-	if additionalValidation != nil {
-		err = additionalValidation(updateAttrs, removeAttrs, oldConfig)
-		if err != nil {
-			return errors.Trace(err)
-		}
-	}
-	validCfg, err := st.buildAndValidateModelConfig(updateAttrs, removeAttrs, oldConfig)
-	if err != nil {
-		return errors.Trace(err)
-	}
-
-	validAttrs := validCfg.AllAttrs()
-	for k := range oldConfig.AllAttrs() {
-		if _, ok := validAttrs[k]; !ok {
-			settings.Delete(k)
-		}
-	}
-	settings.Update(validAttrs)
-	_, err = settings.Write()
-	return errors.Trace(err)
-}
-
 // ModelConstraints returns the current model constraints.
 func (st *State) ModelConstraints() (constraints.Value, error) {
 	cons, err := readConstraints(st, modelGlobalKey)
@@ -720,26 +701,15 @@
 }
 
 func (st *State) getMachineDoc(id string) (*machineDoc, error) {
-	machinesCollection, closer := st.getRawCollection(machinesC)
+	machinesCollection, closer := st.getCollection(machinesC)
 	defer closer()
 
 	var err error
 	mdoc := &machineDoc{}
-	for _, tryId := range []string{st.docID(id), id} {
-		err = machinesCollection.FindId(tryId).One(mdoc)
-		if err != mgo.ErrNotFound {
-			break
-		}
-	}
+	err = machinesCollection.FindId(id).One(mdoc)
+
 	switch err {
 	case nil:
-		// This is required to allow loading of machines before the
-		// model UUID migration has been applied to the machines
-		// collection. Without this, a machine agent can't come up to
-		// run the database migration.
-		if mdoc.Id == "" {
-			mdoc.Id = mdoc.DocID
-		}
 		return mdoc, nil
 	case mgo.ErrNotFound:
 		return nil, errors.NotFoundf("machine %s", id)
@@ -762,8 +732,8 @@
 		return st.Unit(id)
 	case names.UserTag:
 		return st.User(tag)
-	case names.ServiceTag:
-		return st.Service(id)
+	case names.ApplicationTag:
+		return st.Application(id)
 	case names.ModelTag:
 		env, err := st.Model()
 		if err != nil {
@@ -790,8 +760,6 @@
 		return env, nil
 	case names.RelationTag:
 		return st.KeyRelation(id)
-	case names.IPAddressTag:
-		return st.IPAddressByTag(tag)
 	case names.ActionTag:
 		return st.ActionByTag(tag)
 	case names.CharmTag:
@@ -822,8 +790,8 @@
 	case names.MachineTag:
 		coll = machinesC
 		id = st.docID(id)
-	case names.ServiceTag:
-		coll = servicesC
+	case names.ApplicationTag:
+		coll = applicationsC
 		id = st.docID(id)
 	case names.UnitTag:
 		coll = unitsC
@@ -851,302 +819,9 @@
 	return coll, id, nil
 }
 
-// AddCharm adds the ch charm with curl to the state.
-// On success the newly added charm state is returned.
-func (st *State) AddCharm(info CharmInfo) (stch *Charm, err error) {
-	charms, closer := st.getCollection(charmsC)
-	defer closer()
-
-	if err := validateCharmVersion(info.Charm); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	query := charms.FindId(info.ID.String()).Select(bson.D{{"placeholder", 1}})
-
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		var placeholderDoc struct {
-			Placeholder bool `bson:"placeholder"`
-		}
-		if err := query.One(&placeholderDoc); err == mgo.ErrNotFound {
-
-			return insertCharmOps(st, info)
-		} else if err != nil {
-			return nil, errors.Trace(err)
-		} else if placeholderDoc.Placeholder {
-			return updateCharmOps(st, info, stillPlaceholder)
-		}
-		return nil, errors.AlreadyExistsf("charm %q", info.ID)
-	}
-	if err = st.run(buildTxn); err == nil {
-		return st.Charm(info.ID)
-	}
-	return nil, errors.Trace(err)
-}
-
-type hasMeta interface {
-	Meta() *charm.Meta
-}
-
-func validateCharmVersion(ch hasMeta) error {
-	minver := ch.Meta().MinJujuVersion
-	if minver != version.Zero {
-		if minver.Compare(jujuversion.Current) > 0 {
-			return errors.Errorf("Charm's min version (%s) is higher than this juju environment's version (%s)", minver, jujuversion.Current)
-		}
-	}
-	return nil
-}
-
-// AllCharms returns all charms in state.
-func (st *State) AllCharms() ([]*Charm, error) {
-	charmsCollection, closer := st.getCollection(charmsC)
-	defer closer()
-	var cdoc charmDoc
-	var charms []*Charm
-	iter := charmsCollection.Find(nil).Iter()
-	for iter.Next(&cdoc) {
-		ch := newCharm(st, &cdoc)
-		charms = append(charms, ch)
-	}
-	return charms, errors.Trace(iter.Close())
-}
-
-// Charm returns the charm with the given URL. Charms pending upload
-// to storage and placeholders are never returned.
-func (st *State) Charm(curl *charm.URL) (*Charm, error) {
-	charms, closer := st.getCollection(charmsC)
-	defer closer()
-
-	cdoc := &charmDoc{}
-	what := bson.D{
-		{"_id", curl.String()},
-		{"placeholder", bson.D{{"$ne", true}}},
-		{"pendingupload", bson.D{{"$ne", true}}},
-	}
-	err := charms.Find(what).One(&cdoc)
-	if err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("charm %q", curl)
-	}
-	if err != nil {
-		return nil, errors.Annotatef(err, "cannot get charm %q", curl)
-	}
-	if err := cdoc.Meta.Check(); err != nil {
-		return nil, errors.Annotatef(err, "malformed charm metadata found in state")
-	}
-	return newCharm(st, cdoc), nil
-}
-
-// LatestPlaceholderCharm returns the latest charm described by the
-// given URL but which is not yet deployed.
-func (st *State) LatestPlaceholderCharm(curl *charm.URL) (*Charm, error) {
-	charms, closer := st.getCollection(charmsC)
-	defer closer()
-
-	noRevURL := curl.WithRevision(-1)
-	curlRegex := "^" + regexp.QuoteMeta(st.docID(noRevURL.String()))
-	var docs []charmDoc
-	err := charms.Find(bson.D{{"_id", bson.D{{"$regex", curlRegex}}}, {"placeholder", true}}).All(&docs)
-	if err != nil {
-		return nil, errors.Annotatef(err, "cannot get charm %q", curl)
-	}
-	// Find the highest revision.
-	var latest charmDoc
-	for _, doc := range docs {
-		if latest.URL == nil || doc.URL.Revision > latest.URL.Revision {
-			latest = doc
-		}
-	}
-	if latest.URL == nil {
-		return nil, errors.NotFoundf("placeholder charm %q", noRevURL)
-	}
-	return newCharm(st, &latest), nil
-}
-
-// PrepareLocalCharmUpload must be called before a local charm is
-// uploaded to the provider storage in order to create a charm
-// document in state. It returns the chosen unique charm URL reserved
-// in state for the charm.
-//
-// The url's schema must be "local" and it must include a revision.
-func (st *State) PrepareLocalCharmUpload(curl *charm.URL) (chosenUrl *charm.URL, err error) {
-	// Perform a few sanity checks first.
-	if curl.Schema != "local" {
-		return nil, errors.Errorf("expected charm URL with local schema, got %q", curl)
-	}
-	if curl.Revision < 0 {
-		return nil, errors.Errorf("expected charm URL with revision, got %q", curl)
-	}
-	// Get a regex with the charm URL and no revision.
-	noRevURL := curl.WithRevision(-1)
-	curlRegex := "^" + regexp.QuoteMeta(st.docID(noRevURL.String()))
-
-	charms, closer := st.getCollection(charmsC)
-	defer closer()
-
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		// Find the highest revision of that charm in state.
-		var docs []charmDoc
-		query := bson.D{{"_id", bson.D{{"$regex", curlRegex}}}}
-		err = charms.Find(query).Select(bson.D{{"_id", 1}, {"url", 1}}).All(&docs)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		// Find the highest revision.
-		maxRevision := -1
-		for _, doc := range docs {
-			if doc.URL.Revision > maxRevision {
-				maxRevision = doc.URL.Revision
-			}
-		}
-
-		// Respect the local charm's revision first.
-		chosenRevision := curl.Revision
-		if maxRevision >= chosenRevision {
-			// More recent revision exists in state, pick the next.
-			chosenRevision = maxRevision + 1
-		}
-		chosenUrl = curl.WithRevision(chosenRevision)
-		return insertPendingCharmOps(st, chosenUrl)
-	}
-	if err = st.run(buildTxn); err == nil {
-		return chosenUrl, nil
-	}
-	return nil, errors.Trace(err)
-}
-
-// PrepareStoreCharmUpload must be called before a charm store charm
-// is uploaded to the provider storage in order to create a charm
-// document in state. If a charm with the same URL is already in
-// state, it will be returned as a *state.Charm (it can be still
-// pending or already uploaded). Otherwise, a new charm document is
-// added in state with just the given charm URL and
-// PendingUpload=true, which is then returned as a *state.Charm.
-//
-// The url's schema must be "cs" and it must include a revision.
-func (st *State) PrepareStoreCharmUpload(curl *charm.URL) (*Charm, error) {
-	// Perform a few sanity checks first.
-	if curl.Schema != "cs" {
-		return nil, errors.Errorf("expected charm URL with cs schema, got %q", curl)
-	}
-	if curl.Revision < 0 {
-		return nil, errors.Errorf("expected charm URL with revision, got %q", curl)
-	}
-
-	charms, closer := st.getCollection(charmsC)
-	defer closer()
-
-	var (
-		uploadedCharm charmDoc
-		err           error
-	)
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		// Find an uploaded or pending charm with the given exact curl.
-		err := charms.FindId(curl.String()).One(&uploadedCharm)
-		switch {
-		case err == mgo.ErrNotFound:
-			uploadedCharm = charmDoc{
-				DocID:         st.docID(curl.String()),
-				ModelUUID:     st.ModelTag().Id(),
-				URL:           curl,
-				PendingUpload: true,
-			}
-			return insertAnyCharmOps(&uploadedCharm)
-		case err != nil:
-			return nil, errors.Trace(err)
-		case uploadedCharm.Placeholder:
-			// Update the fields of the document we're returning.
-			uploadedCharm.PendingUpload = true
-			uploadedCharm.Placeholder = false
-			return convertPlaceholderCharmOps(uploadedCharm.DocID)
-		default:
-			// The charm exists and it's either uploaded or still
-			// pending, but it's not a placeholder. In any case,
-			// there's nothing to do.
-			return nil, jujutxn.ErrNoOperations
-		}
-	}
-	if err = st.run(buildTxn); err == nil {
-		return newCharm(st, &uploadedCharm), nil
-	}
-	return nil, errors.Trace(err)
-}
-
-var (
-	stillPending     = bson.D{{"pendingupload", true}}
-	stillPlaceholder = bson.D{{"placeholder", true}}
-)
-
-// AddStoreCharmPlaceholder creates a charm document in state for the given charm URL which
-// must reference a charm from the store. The charm document is marked as a placeholder which
-// means that if the charm is to be deployed, it will need to first be uploaded to env storage.
-func (st *State) AddStoreCharmPlaceholder(curl *charm.URL) (err error) {
-	// Perform sanity checks first.
-	if curl.Schema != "cs" {
-		return errors.Errorf("expected charm URL with cs schema, got %q", curl)
-	}
-	if curl.Revision < 0 {
-		return errors.Errorf("expected charm URL with revision, got %q", curl)
-	}
-	charms, closer := st.getCollection(charmsC)
-	defer closer()
-
-	buildTxn := func(attempt int) ([]txn.Op, error) {
-		// See if the charm already exists in state and exit early if that's the case.
-		var doc charmDoc
-		err := charms.Find(bson.D{{"_id", curl.String()}}).Select(bson.D{{"_id", 1}}).One(&doc)
-		if err != nil && err != mgo.ErrNotFound {
-			return nil, errors.Trace(err)
-		}
-		if err == nil {
-			return nil, jujutxn.ErrNoOperations
-		}
-
-		// Delete all previous placeholders so we don't fill up the database with unused data.
-		deleteOps, err := deleteOldPlaceholderCharmsOps(st, charms, curl)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		insertOps, err := insertPlaceholderCharmOps(st, curl)
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-		ops := append(deleteOps, insertOps...)
-		return ops, nil
-	}
-	return errors.Trace(st.run(buildTxn))
-}
-
-// UpdateUploadedCharm marks the given charm URL as uploaded and
-// updates the rest of its data, returning it as *state.Charm.
-func (st *State) UpdateUploadedCharm(info CharmInfo) (*Charm, error) {
-	charms, closer := st.getCollection(charmsC)
-	defer closer()
-
-	doc := &charmDoc{}
-	err := charms.FindId(info.ID.String()).One(&doc)
-	if err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("charm %q", info.ID)
-	}
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if !doc.PendingUpload {
-		return nil, errors.Trace(&ErrCharmAlreadyUploaded{info.ID})
-	}
-
-	ops, err := updateCharmOps(st, info, stillPending)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	if err := st.runTransaction(ops); err != nil {
-		return nil, onAbort(err, ErrCharmRevisionAlreadyModified)
-	}
-	return st.Charm(info.ID)
-}
-
 // addPeerRelationsOps returns the operations necessary to add the
 // specified service peer relations to the state.
-func (st *State) addPeerRelationsOps(serviceName string, peers map[string]charm.Relation) ([]txn.Op, error) {
+func (st *State) addPeerRelationsOps(applicationname string, peers map[string]charm.Relation) ([]txn.Op, error) {
 	var ops []txn.Op
 	for _, rel := range peers {
 		relId, err := st.sequence("relation")
@@ -1154,8 +829,8 @@
 			return nil, errors.Trace(err)
 		}
 		eps := []Endpoint{{
-			ServiceName: serviceName,
-			Relation:    rel,
+			ApplicationName: applicationname,
+			Relation:        rel,
 		}}
 		relKey := relationKey(eps)
 		relDoc := &relationDoc{
@@ -1176,10 +851,9 @@
 	return ops, nil
 }
 
-type AddServiceArgs struct {
+type AddApplicationArgs struct {
 	Name             string
 	Series           string
-	Owner            string
 	Charm            *Charm
 	Channel          csparams.Channel
 	Storage          map[string]StorageConstraints
@@ -1191,17 +865,13 @@
 	Resources        map[string]string
 }
 
-// AddService creates a new service, running the supplied charm, with the
+// AddApplication creates a new application, running the supplied charm, with the
 // supplied name (which must be unique). If the charm defines peer relations,
 // they will be created automatically.
-func (st *State) AddService(args AddServiceArgs) (service *Service, err error) {
-	defer errors.DeferredAnnotatef(&err, "cannot add service %q", args.Name)
-	ownerTag, err := names.ParseUserTag(args.Owner)
-	if err != nil {
-		return nil, errors.Annotatef(err, "Invalid ownertag %s", args.Owner)
-	}
+func (st *State) AddApplication(args AddApplicationArgs) (_ *Application, err error) {
+	defer errors.DeferredAnnotatef(&err, "cannot add application %q", args.Name)
 	// Sanity checks.
-	if !names.IsValidService(args.Name) {
+	if !names.IsValidApplication(args.Name) {
 		return nil, errors.Errorf("invalid name")
 	}
 	if args.Charm == nil {
@@ -1212,17 +882,14 @@
 		return nil, errors.Trace(err)
 	}
 
-	if exists, err := isNotDead(st, servicesC, args.Name); err != nil {
+	if exists, err := isNotDead(st, applicationsC, args.Name); err != nil {
 		return nil, errors.Trace(err)
 	} else if exists {
-		return nil, errors.Errorf("service already exists")
+		return nil, errors.Errorf("application already exists")
 	}
 	if err := checkModelActive(st); err != nil {
 		return nil, errors.Trace(err)
 	}
-	if _, err := st.ModelUser(ownerTag); err != nil {
-		return nil, errors.Trace(err)
-	}
 	if args.Storage == nil {
 		args.Storage = make(map[string]StorageConstraints)
 	}
@@ -1308,15 +975,15 @@
 		}
 	}
 
-	serviceID := st.docID(args.Name)
+	applicationID := st.docID(args.Name)
 
 	// Create the service addition operations.
 	peers := args.Charm.Meta().Peers
 
 	// The doc defaults to CharmModifiedVersion = 0, which is correct, since it
 	// has, by definition, at its initial state.
-	svcDoc := &serviceDoc{
-		DocID:         serviceID,
+	svcDoc := &applicationDoc{
+		DocID:         applicationID,
 		Name:          args.Name,
 		ModelUUID:     st.ModelUUID(),
 		Series:        args.Series,
@@ -1325,10 +992,9 @@
 		Channel:       string(args.Channel),
 		RelationCount: len(peers),
 		Life:          Alive,
-		OwnerTag:      args.Owner,
 	}
 
-	svc := newService(st, svcDoc)
+	svc := newApplication(st, svcDoc)
 
 	endpointBindingsOp, err := createEndpointBindingsOp(
 		st, svc.globalKey(),
@@ -1360,8 +1026,8 @@
 			assertModelActiveOp(st.ModelUUID()),
 			endpointBindingsOp,
 		},
-		addServiceOps(st, addServiceOpsArgs{
-			serviceDoc:       svcDoc,
+		addApplicationOps(st, addApplicationOpsArgs{
+			applicationDoc:   svcDoc,
 			statusDoc:        statusDoc,
 			constraints:      args.Constraints,
 			storage:          args.Storage,
@@ -1394,7 +1060,7 @@
 
 	// Collect unit-adding operations.
 	for x := 0; x < args.NumUnits; x++ {
-		unitName, unitOps, err := svc.addServiceUnitOps(serviceAddUnitOpsArgs{cons: args.Constraints, storageCons: args.Storage})
+		unitName, unitOps, err := svc.addServiceUnitOps(applicationAddUnitOpsArgs{cons: args.Constraints, storageCons: args.Storage})
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -1412,7 +1078,7 @@
 		if err := checkModelActive(st); err != nil {
 			return nil, errors.Trace(err)
 		}
-		return nil, errors.Errorf("service already exists")
+		return nil, errors.Errorf("application already exists")
 	} else if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -1425,7 +1091,7 @@
 }
 
 // TODO(natefinch) DEMO code, revisit after demo!
-var AddServicePostFuncs = map[string]func(*State, AddServiceArgs) error{}
+var AddServicePostFuncs = map[string]func(*State, AddApplicationArgs) error{}
 
 // assignUnitOps returns the db ops to save unit assignment for use by the
 // UnitAssigner worker.
@@ -1592,7 +1258,10 @@
 			Dirty:       true,
 			Constraints: *unitCons,
 		}
-		return st.AddMachineInsideMachine(template, data.machineId, data.containerType)
+		if data.machineId != "" {
+			return st.AddMachineInsideMachine(template, data.machineId, data.containerType)
+		}
+		return st.AddMachineInsideNewMachine(template, template, data.containerType)
 	case directivePlacement:
 		// If a placement directive is to be used, do that here.
 		template := MachineTemplate{
@@ -1609,191 +1278,39 @@
 	}
 }
 
-// AddIPAddress creates and returns a new IP address. It can return an
-// error satisfying IsNotValid() or IsAlreadyExists() when the addr
-// does not contain a valid IP, or when addr is already added.
-func (st *State) AddIPAddress(addr network.Address, subnetID string) (*IPAddress, error) {
-	return addIPAddress(st, addr, subnetID)
-}
-
-// IPAddress returns an existing IP address from the state.
-func (st *State) IPAddress(value string) (*IPAddress, error) {
-	return ipAddress(st, value)
-}
-
-// IPAddressByTag returns an existing IP address from the state
-// identified by its tag.
-func (st *State) IPAddressByTag(tag names.IPAddressTag) (*IPAddress, error) {
-	return ipAddressByTag(st, tag)
-}
-
-// AllocatedIPAddresses returns all the allocated addresses for a machine
-func (st *State) AllocatedIPAddresses(machineId string) ([]*IPAddress, error) {
-	return fetchIPAddresses(st, bson.D{{"machineid", machineId}})
-}
-
-// DeadIPAddresses returns all IP addresses with a Life of Dead
-func (st *State) DeadIPAddresses() ([]*IPAddress, error) {
-	return fetchIPAddresses(st, isDeadDoc)
-}
-
-// AddSubnet creates and returns a new subnet
-func (st *State) AddSubnet(args SubnetInfo) (subnet *Subnet, err error) {
-	defer errors.DeferredAnnotatef(&err, "adding subnet %q", args.CIDR)
-
-	subnetID := st.docID(args.CIDR)
-	var modelLocalProviderID string
-	if args.ProviderId != "" {
-		modelLocalProviderID = st.docID(string(args.ProviderId))
-	}
-
-	subDoc := subnetDoc{
-		DocID:             subnetID,
-		ModelUUID:         st.ModelUUID(),
-		Life:              Alive,
-		CIDR:              args.CIDR,
-		VLANTag:           args.VLANTag,
-		ProviderId:        modelLocalProviderID,
-		AllocatableIPHigh: args.AllocatableIPHigh,
-		AllocatableIPLow:  args.AllocatableIPLow,
-		AvailabilityZone:  args.AvailabilityZone,
-		SpaceName:         args.SpaceName,
-	}
-	subnet = &Subnet{doc: subDoc, st: st}
-	err = subnet.Validate()
-	if err != nil {
-		return nil, err
-	}
-	ops := []txn.Op{
-		assertModelActiveOp(st.ModelUUID()),
-		{
-			C:      subnetsC,
-			Id:     subnetID,
-			Assert: txn.DocMissing,
-			Insert: subDoc,
-		},
-	}
-
-	err = st.runTransaction(ops)
-	switch err {
-	case txn.ErrAborted:
-		if err := checkModelActive(st); err != nil {
-			return nil, errors.Trace(err)
-		}
-		if _, err = st.Subnet(args.CIDR); err == nil {
-			return nil, errors.AlreadyExistsf("subnet %q", args.CIDR)
-		} else if err != nil {
-			return nil, errors.Trace(err)
-		}
-	case nil:
-		// If the ProviderId was not unique adding the subnet can fail without
-		// an error. Refreshing catches this by returning NotFoundError.
-		err = subnet.Refresh()
-		if err != nil {
-			if errors.IsNotFound(err) {
-				return nil, errors.Errorf("ProviderId %q not unique", args.ProviderId)
-			}
-			return nil, errors.Trace(err)
-		}
-		return subnet, nil
-	}
-	return nil, errors.Trace(err)
-}
-
-func (st *State) Subnet(cidr string) (*Subnet, error) {
-	subnets, closer := st.getCollection(subnetsC)
-	defer closer()
-
-	doc := &subnetDoc{}
-	err := subnets.FindId(cidr).One(doc)
-	if err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("subnet %q", cidr)
-	}
-	if err != nil {
-		return nil, errors.Annotatef(err, "cannot get subnet %q", cidr)
-	}
-	return &Subnet{st, *doc}, nil
-}
-
-// AllSubnets returns all known subnets in the model.
-func (st *State) AllSubnets() (subnets []*Subnet, err error) {
-	subnetsCollection, closer := st.getCollection(subnetsC)
-	defer closer()
-
-	docs := []subnetDoc{}
-	err = subnetsCollection.Find(nil).All(&docs)
-	if err != nil {
-		return nil, errors.Annotatef(err, "cannot get all subnets")
-	}
-	for _, doc := range docs {
-		subnets = append(subnets, &Subnet{st, doc})
-	}
-	return subnets, nil
-}
-
 // Service returns a service state by name.
-func (st *State) Service(name string) (service *Service, err error) {
-	services, closer := st.getCollection(servicesC)
+func (st *State) Application(name string) (_ *Application, err error) {
+	applications, closer := st.getCollection(applicationsC)
 	defer closer()
 
-	if !names.IsValidService(name) {
-		return nil, errors.Errorf("%q is not a valid service name", name)
+	if !names.IsValidApplication(name) {
+		return nil, errors.Errorf("%q is not a valid application name", name)
 	}
-	sdoc := &serviceDoc{}
-	err = services.FindId(name).One(sdoc)
+	sdoc := &applicationDoc{}
+	err = applications.FindId(name).One(sdoc)
 	if err == mgo.ErrNotFound {
-		return nil, errors.NotFoundf("service %q", name)
+		return nil, errors.NotFoundf("application %q", name)
 	}
 	if err != nil {
-		return nil, errors.Annotatef(err, "cannot get service %q", name)
+		return nil, errors.Annotatef(err, "cannot get application %q", name)
 	}
-	return newService(st, sdoc), nil
+	return newApplication(st, sdoc), nil
 }
 
-// AllServices returns all deployed services in the model.
-func (st *State) AllServices() (services []*Service, err error) {
-	servicesCollection, closer := st.getCollection(servicesC)
+// AllApplications returns all deployed services in the model.
+func (st *State) AllApplications() (applications []*Application, err error) {
+	applicationsCollection, closer := st.getCollection(applicationsC)
 	defer closer()
 
-	sdocs := []serviceDoc{}
-	err = servicesCollection.Find(bson.D{}).All(&sdocs)
+	sdocs := []applicationDoc{}
+	err = applicationsCollection.Find(bson.D{}).All(&sdocs)
 	if err != nil {
-		return nil, errors.Errorf("cannot get all services")
+		return nil, errors.Errorf("cannot get all applications")
 	}
 	for _, v := range sdocs {
-		services = append(services, newService(st, &v))
-	}
-	return services, nil
-}
-
-// docID generates a globally unique id value
-// where the model uuid is prefixed to the
-// localID.
-func (st *State) docID(localID string) string {
-	return ensureModelUUID(st.ModelUUID(), localID)
-}
-
-// localID returns the local id value by stripping
-// off the model uuid prefix if it is there.
-func (st *State) localID(ID string) string {
-	modelUUID, localID, ok := splitDocID(ID)
-	if !ok || modelUUID != st.ModelUUID() {
-		return ID
-	}
-	return localID
-}
-
-// strictLocalID returns the local id value by removing the
-// model UUID prefix.
-//
-// If there is no prefix matching the State's model, an error is
-// returned.
-func (st *State) strictLocalID(ID string) (string, error) {
-	modelUUID, localID, ok := splitDocID(ID)
-	if !ok || modelUUID != st.ModelUUID() {
-		return "", errors.Errorf("unexpected id: %#v", ID)
+		applications = append(applications, newApplication(st, &v))
 	}
-	return localID, nil
+	return applications, nil
 }
 
 // InferEndpoints returns the endpoints corresponding to the supplied names.
@@ -1875,7 +1392,7 @@
 	}
 	var subordinateCount int
 	for _, ep := range []Endpoint{ep1, ep2} {
-		svc, err := st.Service(ep.ServiceName)
+		svc, err := st.Application(ep.ApplicationName)
 		if err != nil {
 			return false
 		}
@@ -1899,7 +1416,7 @@
 	} else {
 		return nil, errors.Errorf("invalid endpoint %q", name)
 	}
-	svc, err := st.Service(svcName)
+	svc, err := st.Application(svcName)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -1967,13 +1484,13 @@
 		var subordinateCount int
 		series := map[string]bool{}
 		for _, ep := range eps {
-			svc, err := st.Service(ep.ServiceName)
+			svc, err := st.Application(ep.ApplicationName)
 			if errors.IsNotFound(err) {
-				return nil, errors.Errorf("service %q does not exist", ep.ServiceName)
+				return nil, errors.Errorf("application %q does not exist", ep.ApplicationName)
 			} else if err != nil {
 				return nil, errors.Trace(err)
 			} else if svc.doc.Life != Alive {
-				return nil, errors.Errorf("service %q is not alive", ep.ServiceName)
+				return nil, errors.Errorf("application %q is not alive", ep.ApplicationName)
 			}
 			if svc.doc.Subordinate {
 				subordinateCount++
@@ -1984,20 +1501,20 @@
 				return nil, errors.Trace(err)
 			}
 			if !ep.ImplementedBy(ch) {
-				return nil, errors.Errorf("%q does not implement %q", ep.ServiceName, ep)
+				return nil, errors.Errorf("%q does not implement %q", ep.ApplicationName, ep)
 			}
 			ops = append(ops, txn.Op{
-				C:      servicesC,
-				Id:     st.docID(ep.ServiceName),
+				C:      applicationsC,
+				Id:     st.docID(ep.ApplicationName),
 				Assert: bson.D{{"life", Alive}, {"charmurl", ch.URL()}},
 				Update: bson.D{{"$inc", bson.D{{"relationcount", 1}}}},
 			})
 		}
 		if matchSeries && len(series) != 1 {
-			return nil, errors.Errorf("principal and subordinate services' series must match")
+			return nil, errors.Errorf("principal and subordinate applications' series must match")
 		}
 		if eps[0].Scope == charm.ScopeContainer && subordinateCount < 1 {
-			return nil, errors.Errorf("container scoped relation requires at least one subordinate service")
+			return nil, errors.Errorf("container scoped relation requires at least one subordinate application")
 		}
 
 		// Create a new unique id if that has not already been done, and add
@@ -2162,8 +1679,8 @@
 // StartSync forces watchers to resynchronize their state with the
 // database immediately. This will happen periodically automatically.
 func (st *State) StartSync() {
-	st.watcher.StartSync()
-	st.pwatcher.Sync()
+	st.workers.TxnLogWatcher().StartSync()
+	st.workers.PresenceWatcher().Sync()
 }
 
 // SetAdminMongoPassword sets the administrative password
@@ -2177,6 +1694,7 @@
 
 type controllersDoc struct {
 	Id               string `bson:"_id"`
+	CloudName        string `bson:"cloud"`
 	ModelUUID        string `bson:"model-uuid"`
 	MachineIds       []string
 	VotingMachineIds []string
@@ -2187,6 +1705,9 @@
 // ControllerInfo holds information about currently
 // configured controller machines.
 type ControllerInfo struct {
+	// CloudName is the name of the cloud to which this controller is deployed.
+	CloudName string
+
 	// ModelTag identifies the initial model. Only the initial
 	// model is able to have machines that manage state. The initial
 	// model is the model that is created when bootstrapping.
@@ -2239,35 +1760,14 @@
 
 	var doc controllersDoc
 	err := controllers.Find(bson.D{{"_id", modelGlobalKey}}).One(&doc)
+	if err == mgo.ErrNotFound {
+		return nil, errors.NotFoundf("controllers document")
+	}
 	if err != nil {
 		return nil, errors.Annotatef(err, "cannot get controllers document")
 	}
-
-	if doc.ModelUUID == "" {
-		logger.Warningf("controllers info has no model UUID so retrieving it from model")
-
-		// This only happens when migrating from 1.20 to 1.21 before
-		// upgrade steps have been run. Without this hack modelTag
-		// on State ends up empty, breaking basic functionality needed
-		// to run upgrade steps (a chicken-and-egg scenario).
-		environments := db.C(modelsC)
-
-		var envDoc modelDoc
-		query := environments.Find(nil)
-		count, err := query.Count()
-		if err != nil {
-			return nil, errors.Annotate(err, "cannot get model document count")
-		}
-		if count != 1 {
-			return nil, errors.New("expected just one model to get UUID from")
-		}
-		if err := query.One(&envDoc); err != nil {
-			return nil, errors.Annotate(err, "cannot load model document")
-		}
-		doc.ModelUUID = envDoc.UUID
-	}
-
 	return &ControllerInfo{
+		CloudName:        doc.CloudName,
 		ModelTag:         names.NewModelTag(doc.ModelUUID),
 		MachineIds:       doc.MachineIds,
 		VotingMachineIds: doc.VotingMachineIds,
@@ -2399,9 +1899,46 @@
 	return st.runTransaction(ops)
 }
 
+func (st *State) networkEntityGlobalKeyOp(globalKey string, providerId network.Id) txn.Op {
+	key := st.networkEntityGlobalKey(globalKey, providerId)
+	return txn.Op{
+		C:      providerIDsC,
+		Id:     key,
+		Assert: txn.DocMissing,
+		Insert: providerIdDoc{ID: key},
+	}
+}
+
+func (st *State) networkEntityGlobalKeyRemoveOp(globalKey string, providerId network.Id) txn.Op {
+	key := st.networkEntityGlobalKey(globalKey, providerId)
+	return txn.Op{
+		C:      providerIDsC,
+		Id:     key,
+		Remove: true,
+	}
+}
+
+func (st *State) networkEntityGlobalKey(globalKey string, providerId network.Id) string {
+	return st.docID(globalKey + ":" + string(providerId))
+}
+
+// PutAuditEntryFn returns a function which will persist
+// audit.AuditEntry instances to the database.
+func (st *State) PutAuditEntryFn() func(audit.AuditEntry) error {
+	insert := func(collectionName string, docs ...interface{}) error {
+		collection, closeCollection := st.getCollection(collectionName)
+		defer closeCollection()
+
+		writeableCollection := collection.Writeable()
+
+		return errors.Trace(writeableCollection.Insert(docs...))
+	}
+	return stateaudit.PutAuditEntryFn(auditingC, insert)
+}
+
 var tagPrefix = map[byte]string{
 	'm': names.MachineTagKind + "-",
-	's': names.ServiceTagKind + "-",
+	'a': names.ApplicationTagKind + "-",
 	'u': names.UnitTagKind + "-",
 	'e': names.ModelTagKind + "-",
 	'r': names.RelationTagKind + "-",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/state_leader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/state_leader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/state_leader_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/state_leader_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,69 +40,69 @@
 	s.claimer = s.State.LeadershipClaimer()
 }
 
-func (s *LeadershipSuite) TestClaimValidatesServiceName(c *gc.C) {
+func (s *LeadershipSuite) TestClaimValidatesApplicationname(c *gc.C) {
 	err := s.claimer.ClaimLeadership("not/a/service", "u/0", time.Minute)
-	c.Check(err, gc.ErrorMatches, `cannot claim lease "not/a/service": not a service name`)
+	c.Check(err, gc.ErrorMatches, `cannot claim lease "not/a/service": not an application name`)
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 }
 
 func (s *LeadershipSuite) TestClaimValidatesUnitName(c *gc.C) {
-	err := s.claimer.ClaimLeadership("service", "not/a/unit", time.Minute)
+	err := s.claimer.ClaimLeadership("application", "not/a/unit", time.Minute)
 	c.Check(err, gc.ErrorMatches, `cannot claim lease for holder "not/a/unit": not a unit name`)
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 }
 
 func (s *LeadershipSuite) TestClaimValidateDuration(c *gc.C) {
-	err := s.claimer.ClaimLeadership("service", "u/0", 0)
-	c.Check(err, gc.ErrorMatches, `cannot claim lease for 0: non-positive`)
+	err := s.claimer.ClaimLeadership("application", "u/0", 0)
+	c.Check(err, gc.ErrorMatches, `cannot claim lease for 0s?: non-positive`)
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 }
 
-func (s *LeadershipSuite) TestCheckValidatesServiceName(c *gc.C) {
+func (s *LeadershipSuite) TestCheckValidatesApplicationname(c *gc.C) {
 	token := s.checker.LeadershipCheck("not/a/service", "u/0")
 	err := token.Check(nil)
-	c.Check(err, gc.ErrorMatches, `cannot check lease "not/a/service": not a service name`)
+	c.Check(err, gc.ErrorMatches, `cannot check lease "not/a/service": not an application name`)
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 }
 
 func (s *LeadershipSuite) TestCheckValidatesUnitName(c *gc.C) {
-	token := s.checker.LeadershipCheck("service", "not/a/unit")
+	token := s.checker.LeadershipCheck("application", "not/a/unit")
 	err := token.Check(nil)
 	c.Check(err, gc.ErrorMatches, `cannot check holder "not/a/unit": not a unit name`)
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 }
 
-func (s *LeadershipSuite) TestBlockValidatesServiceName(c *gc.C) {
+func (s *LeadershipSuite) TestBlockValidatesApplicationname(c *gc.C) {
 	err := s.claimer.BlockUntilLeadershipReleased("not/a/service")
-	c.Check(err, gc.ErrorMatches, `cannot wait for lease "not/a/service" expiry: not a service name`)
+	c.Check(err, gc.ErrorMatches, `cannot wait for lease "not/a/service" expiry: not an application name`)
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
 }
 
 func (s *LeadershipSuite) TestClaimExpire(c *gc.C) {
 
 	// Claim on behalf of one unit.
-	err := s.claimer.ClaimLeadership("service", "service/0", time.Minute)
+	err := s.claimer.ClaimLeadership("application", "application/0", time.Minute)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Claim on behalf of another.
-	err = s.claimer.ClaimLeadership("service", "service/1", time.Minute)
+	err = s.claimer.ClaimLeadership("application", "service/1", time.Minute)
 	c.Check(err, gc.Equals, leadership.ErrClaimDenied)
 
 	// Allow the first claim to expire.
-	s.expire(c, "service")
+	s.expire(c, "application")
 
 	// Reclaim on behalf of another.
-	err = s.claimer.ClaimLeadership("service", "service/1", time.Minute)
+	err = s.claimer.ClaimLeadership("application", "service/1", time.Minute)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
 func (s *LeadershipSuite) TestCheck(c *gc.C) {
 
 	// Create a single token for use by the whole test.
-	token := s.checker.LeadershipCheck("service", "service/0")
+	token := s.checker.LeadershipCheck("application", "application/0")
 
 	// Claim leadership.
-	err := s.claimer.ClaimLeadership("service", "service/0", time.Minute)
+	err := s.claimer.ClaimLeadership("application", "application/0", time.Minute)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Check token reports current leadership state.
@@ -112,12 +112,12 @@
 	c.Check(ops, gc.HasLen, 1)
 
 	// Allow leadership to expire.
-	s.expire(c, "service")
+	s.expire(c, "application")
 
 	// Check leadership still reported accurately.
 	var ops2 []txn.Op
 	err = token.Check(&ops2)
-	c.Check(err, gc.ErrorMatches, `"service/0" is not leader of "service"`)
+	c.Check(err, gc.ErrorMatches, `"application/0" is not leader of "application"`)
 	c.Check(ops2, gc.IsNil)
 }
 
@@ -134,17 +134,17 @@
 	}
 }
 
-func (s *LeadershipSuite) expire(c *gc.C, serviceName string) {
+func (s *LeadershipSuite) expire(c *gc.C, applicationname string) {
 	s.clock.Advance(time.Hour)
 	select {
-	case err := <-s.expiryChan(serviceName):
+	case err := <-s.expiryChan(applicationname):
 		c.Assert(err, jc.ErrorIsNil)
 	case <-time.After(coretesting.LongWait):
 		c.Fatalf("never unblocked")
 	}
 }
 
-func (s *LeadershipSuite) expiryChan(serviceName string) <-chan error {
+func (s *LeadershipSuite) expiryChan(applicationname string) <-chan error {
 	expired := make(chan error, 1)
 	go func() {
 		expired <- s.claimer.BlockUntilLeadershipReleased("blah")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/statetest/persistence_stubs.go juju-core-2.0~beta12/src/github.com/juju/juju/state/statetest/persistence_stubs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/statetest/persistence_stubs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/statetest/persistence_stubs.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,7 +20,7 @@
 	ReturnAll interface{} // homegenous(?) list of doc struct (not pointers)
 	ReturnOne interface{} // a doc struct (not a pointer)
 
-	ReturnServiceExistsOps           []txn.Op
+	ReturnApplicationExistsOps       []txn.Op
 	ReturnIncCharmModifiedVersionOps []txn.Op
 	ReturnNewCleanupOp               *txn.Op
 }
@@ -95,12 +95,8 @@
 		if errors.Cause(err) == txn.ErrAborted {
 			continue
 		}
-		if err != nil {
-			return err
-		}
-		return nil
+		return err
 	}
-	return nil
 }
 
 func (s *StubPersistence) RunTransaction(ops []txn.Op) error {
@@ -112,13 +108,13 @@
 	return nil
 }
 
-func (s *StubPersistence) ServiceExistsOps(serviceID string) []txn.Op {
-	s.AddCall("ServiceExistsOps", serviceID)
+func (s *StubPersistence) ApplicationExistsOps(serviceID string) []txn.Op {
+	s.AddCall("ApplicationExistsOps", serviceID)
 	// pop off an error so num errors == num calls, even though this call
 	// doesn't actually use the error.
 	s.NextErr()
 
-	return s.ReturnServiceExistsOps
+	return s.ReturnApplicationExistsOps
 }
 
 func (s *StubPersistence) IncCharmModifiedVersionOps(serviceID string) []txn.Op {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/state_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/state_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/state_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/state_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,14 +5,12 @@
 
 import (
 	"fmt"
-	"path/filepath"
 	"sort"
 	"strconv"
 	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/replicaset"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
@@ -23,12 +21,12 @@
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/macaroon.v1"
-	"gopkg.in/mgo.v2"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 	mgotxn "gopkg.in/mgo.v2/txn"
 
 	"github.com/juju/juju/agent"
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
@@ -42,7 +40,6 @@
 	"github.com/juju/juju/storage/poolmanager"
 	"github.com/juju/juju/storage/provider"
 	"github.com/juju/juju/storage/provider/registry"
-	"github.com/juju/juju/testcharms"
 	"github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
 	jujuversion "github.com/juju/juju/version"
@@ -57,7 +54,13 @@
 // asserting the behaviour of a given method in each state, and the unit quick-
 // remove change caused many of these to fail.
 func preventUnitDestroyRemove(c *gc.C, u *state.Unit) {
-	err := u.SetAgentStatus(status.StatusIdle, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err := u.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
@@ -173,7 +176,7 @@
 
 func (s *StateSuite) TestNoModelDocs(c *gc.C) {
 	c.Assert(s.State.EnsureModelRemoved(), gc.ErrorMatches,
-		fmt.Sprintf("found documents for model with uuid %s: 1 constraints doc, 2 leases doc, 1 modelusers doc, 1 settings doc, 1 statuses doc", s.State.ModelUUID()))
+		fmt.Sprintf("found documents for model with uuid %s: 1 constraints doc, 2 leases doc, 1 modelSettingsSources doc, 1 modelusers doc, 1 permissions doc, 1 settings doc, 1 statuses doc", s.State.ModelUUID()))
 }
 
 func (s *StateSuite) TestMongoSession(c *gc.C) {
@@ -333,12 +336,12 @@
 				c.Assert(err, jc.ErrorIsNil)
 			},
 		}, {
-			about: "LXC only containers",
+			about: "lxd only containers",
 			getWatcher: func(st *state.State) interface{} {
 				f := factory.NewFactory(st)
 				m := f.MakeMachine(c, nil)
 				c.Assert(m.Id(), gc.Equals, "0")
-				return m.WatchContainers(instance.LXC)
+				return m.WatchContainers(instance.LXD)
 			},
 			triggerEvent: func(st *state.State) {
 				m, err := st.Machine("0")
@@ -349,7 +352,7 @@
 						Jobs:   []state.MachineJob{state.JobHostUnits},
 					},
 					m.Id(),
-					instance.LXC,
+					instance.LXD,
 				)
 				c.Assert(err, jc.ErrorIsNil)
 			},
@@ -368,26 +371,26 @@
 				f.MakeUnit(c, &factory.UnitParams{Machine: m})
 			},
 		}, {
-			about: "services",
+			about: "applications",
 			getWatcher: func(st *state.State) interface{} {
 				return st.WatchServices()
 			},
 			triggerEvent: func(st *state.State) {
 				f := factory.NewFactory(st)
-				f.MakeService(c, nil)
+				f.MakeApplication(c, nil)
 			},
 		}, {
 			about: "relations",
 			getWatcher: func(st *state.State) interface{} {
 				f := factory.NewFactory(st)
 				wordpressCharm := f.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-				wordpress := f.MakeService(c, &factory.ServiceParams{Name: "wordpress", Charm: wordpressCharm})
+				wordpress := f.MakeApplication(c, &factory.ApplicationParams{Name: "wordpress", Charm: wordpressCharm})
 				return wordpress.WatchRelations()
 			},
 			setUpState: func(st *state.State) bool {
 				f := factory.NewFactory(st)
 				mysqlCharm := f.MakeCharm(c, &factory.CharmParams{Name: "mysql"})
-				f.MakeService(c, &factory.ServiceParams{Name: "mysql", Charm: mysqlCharm})
+				f.MakeApplication(c, &factory.ApplicationParams{Name: "mysql", Charm: mysqlCharm})
 				return false
 			},
 			triggerEvent: func(st *state.State) {
@@ -403,8 +406,8 @@
 			},
 			setUpState: func(st *state.State) bool {
 				f := factory.NewFactory(st)
-				mysql := f.MakeService(c, &factory.ServiceParams{Name: "mysql"})
-				f.MakeUnit(c, &factory.UnitParams{Service: mysql})
+				mysql := f.MakeApplication(c, &factory.ApplicationParams{Name: "mysql"})
+				f.MakeUnit(c, &factory.UnitParams{Application: mysql})
 				return false
 			},
 			triggerEvent: func(st *state.State) {
@@ -421,9 +424,9 @@
 			setUpState: func(st *state.State) bool {
 				f := factory.NewFactory(st)
 				wordpressCharm := f.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-				f.MakeService(c, &factory.ServiceParams{Name: "wordpress", Charm: wordpressCharm})
+				f.MakeApplication(c, &factory.ApplicationParams{Name: "wordpress", Charm: wordpressCharm})
 				mysqlCharm := f.MakeCharm(c, &factory.CharmParams{Name: "mysql"})
-				f.MakeService(c, &factory.ServiceParams{Name: "mysql", Charm: mysqlCharm})
+				f.MakeApplication(c, &factory.ApplicationParams{Name: "mysql", Charm: mysqlCharm})
 
 				// add and destroy a relation, so there is something to cleanup.
 				eps, err := st.InferEndpoints("wordpress", "mysql")
@@ -495,7 +498,13 @@
 				m, err := st.Machine("0")
 				c.Assert(err, jc.ErrorIsNil)
 
-				err = m.SetStatus("error", "some status", nil)
+				now := time.Now()
+				sInfo := status.StatusInfo{
+					Status:  status.StatusError,
+					Message: "some status",
+					Since:   &now,
+				}
+				err = m.SetStatus(sInfo)
 				c.Assert(err, jc.ErrorIsNil)
 			},
 		}, {
@@ -506,11 +515,11 @@
 			setUpState: func(st *state.State) bool {
 				f := factory.NewFactory(st)
 				wordpressCharm := f.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-				f.MakeService(c, &factory.ServiceParams{Name: "wordpress", Charm: wordpressCharm})
+				f.MakeApplication(c, &factory.ApplicationParams{Name: "wordpress", Charm: wordpressCharm})
 				return false
 			},
 			triggerEvent: func(st *state.State) {
-				svc, err := st.Service("wordpress")
+				svc, err := st.Application("wordpress")
 				c.Assert(err, jc.ErrorIsNil)
 
 				err = svc.UpdateConfigSettings(charm.Settings{"blog-title": "awesome"})
@@ -521,7 +530,7 @@
 			getWatcher: func(st *state.State) interface{} {
 				f := factory.NewFactory(st)
 				dummyCharm := f.MakeCharm(c, &factory.CharmParams{Name: "dummy"})
-				service := f.MakeService(c, &factory.ServiceParams{Name: "dummy", Charm: dummyCharm})
+				service := f.MakeApplication(c, &factory.ApplicationParams{Name: "dummy", Charm: dummyCharm})
 
 				unit, err := service.AddUnit()
 				c.Assert(err, jc.ErrorIsNil)
@@ -541,11 +550,11 @@
 			setUpState: func(st *state.State) bool {
 				f := factory.NewFactory(st)
 				wordpressCharm := f.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-				_ = f.MakeService(c, &factory.ServiceParams{Name: "wordpress", Charm: wordpressCharm})
+				_ = f.MakeApplication(c, &factory.ApplicationParams{Name: "wordpress", Charm: wordpressCharm})
 				return false
 			},
 			triggerEvent: func(st *state.State) {
-				wordpress, err := st.Service("wordpress")
+				wordpress, err := st.Application("wordpress")
 				c.Assert(err, jc.ErrorIsNil)
 				err = wordpress.SetMinUnits(2)
 				c.Assert(err, jc.ErrorIsNil)
@@ -685,25 +694,25 @@
 		})
 		c.Assert(err, jc.ErrorIsNil)
 	}
-	envConfig, err := s.State.ModelConfig()
+	cfg, err := s.State.ControllerConfig()
 	c.Assert(err, jc.ErrorIsNil)
 
 	addrs, err := s.State.Addresses()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(addrs, gc.HasLen, 3)
 	c.Assert(addrs, jc.SameContents, []string{
-		fmt.Sprintf("10.0.0.0:%d", envConfig.StatePort()),
-		fmt.Sprintf("10.0.0.2:%d", envConfig.StatePort()),
-		fmt.Sprintf("10.0.0.3:%d", envConfig.StatePort()),
+		fmt.Sprintf("10.0.0.0:%d", cfg.StatePort()),
+		fmt.Sprintf("10.0.0.2:%d", cfg.StatePort()),
+		fmt.Sprintf("10.0.0.3:%d", cfg.StatePort()),
 	})
 
 	addrs, err = s.State.APIAddressesFromMachines()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(addrs, gc.HasLen, 3)
 	c.Assert(addrs, jc.SameContents, []string{
-		fmt.Sprintf("10.0.0.0:%d", envConfig.APIPort()),
-		fmt.Sprintf("10.0.0.2:%d", envConfig.APIPort()),
-		fmt.Sprintf("10.0.0.3:%d", envConfig.APIPort()),
+		fmt.Sprintf("10.0.0.0:%d", cfg.APIPort()),
+		fmt.Sprintf("10.0.0.2:%d", cfg.APIPort()),
+		fmt.Sprintf("10.0.0.3:%d", cfg.APIPort()),
 	})
 }
 
@@ -720,421 +729,6 @@
 	c.Assert(err2, jc.Satisfies, errors.IsNotFound)
 }
 
-func (s *StateSuite) dummyCharm(c *gc.C, curlOverride string) state.CharmInfo {
-	info := state.CharmInfo{
-		Charm:       testcharms.Repo.CharmDir("dummy"),
-		StoragePath: "dummy-1",
-		SHA256:      "dummy-1-sha256",
-	}
-	if curlOverride != "" {
-		info.ID = charm.MustParseURL(curlOverride)
-	} else {
-		info.ID = charm.MustParseURL(
-			fmt.Sprintf("local:quantal/%s-%d", info.Charm.Meta().Name, info.Charm.Revision()),
-		)
-	}
-	return info
-}
-
-func (s *StateSuite) TestAddCharm(c *gc.C) {
-	// Check that adding charms from scratch works correctly.
-	info := s.dummyCharm(c, "")
-	dummy, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dummy.URL().String(), gc.Equals, info.ID.String())
-
-	doc := state.CharmDoc{}
-	err = s.charms.FindId(state.DocID(s.State, info.ID.String())).One(&doc)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Logf("%#v", doc)
-	c.Assert(doc.URL, gc.DeepEquals, info.ID)
-}
-
-func (s *StateSuite) TestAddCharmWithAuth(c *gc.C) {
-	// Check that adding charms from scratch works correctly.
-	info := s.dummyCharm(c, "")
-	m, err := macaroon.New([]byte("rootkey"), "id", "loc")
-	c.Assert(err, jc.ErrorIsNil)
-	info.Macaroon = macaroon.Slice{m}
-	dummy, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	ms, err := dummy.Macaroon()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ms, gc.DeepEquals, info.Macaroon)
-}
-
-func (s *StateSuite) TestAddCharmUpdatesPlaceholder(c *gc.C) {
-	// Check that adding charms updates any existing placeholder charm
-	// with the same URL.
-	ch := testcharms.Repo.CharmDir("dummy")
-
-	// Add a placeholder charm.
-	curl := charm.MustParseURL("cs:quantal/dummy-1")
-	err := s.State.AddStoreCharmPlaceholder(curl)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Add a deployed charm.
-	info := state.CharmInfo{
-		Charm:       ch,
-		ID:          curl,
-		StoragePath: "dummy-1",
-		SHA256:      "dummy-1-sha256",
-	}
-	dummy, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dummy.URL().String(), gc.Equals, curl.String())
-
-	// Charm doc has been updated.
-	var docs []state.CharmDoc
-	err = s.charms.FindId(state.DocID(s.State, curl.String())).All(&docs)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(docs, gc.HasLen, 1)
-	c.Assert(docs[0].URL, gc.DeepEquals, curl)
-	c.Assert(docs[0].StoragePath, gc.DeepEquals, info.StoragePath)
-
-	// No more placeholder charm.
-	_, err = s.State.LatestPlaceholderCharm(curl)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *StateSuite) assertPendingCharmExists(c *gc.C, curl *charm.URL) {
-	// Find charm directly and verify only the charm URL and
-	// PendingUpload are set.
-	doc := state.CharmDoc{}
-	err := s.charms.FindId(state.DocID(s.State, curl.String())).One(&doc)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Logf("%#v", doc)
-	c.Assert(doc.URL, gc.DeepEquals, curl)
-	c.Assert(doc.PendingUpload, jc.IsTrue)
-	c.Assert(doc.Placeholder, jc.IsFalse)
-	c.Assert(doc.Meta, gc.IsNil)
-	c.Assert(doc.Config, gc.IsNil)
-	c.Assert(doc.StoragePath, gc.Equals, "")
-	c.Assert(doc.BundleSha256, gc.Equals, "")
-
-	// Make sure we can't find it with st.Charm().
-	_, err = s.State.Charm(curl)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *StateSuite) TestPrepareLocalCharmUpload(c *gc.C) {
-	// First test the sanity checks.
-	curl, err := s.State.PrepareLocalCharmUpload(charm.MustParseURL("local:quantal/dummy"))
-	c.Assert(err, gc.ErrorMatches, "expected charm URL with revision, got .*")
-	c.Assert(curl, gc.IsNil)
-	curl, err = s.State.PrepareLocalCharmUpload(charm.MustParseURL("cs:quantal/dummy"))
-	c.Assert(err, gc.ErrorMatches, "expected charm URL with local schema, got .*")
-	c.Assert(curl, gc.IsNil)
-
-	// No charm in state, so the call should respect given revision.
-	testCurl := charm.MustParseURL("local:quantal/missing-123")
-	curl, err = s.State.PrepareLocalCharmUpload(testCurl)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(curl, gc.DeepEquals, testCurl)
-	s.assertPendingCharmExists(c, curl)
-
-	// Try adding it again with the same revision and ensure it gets bumped.
-	curl, err = s.State.PrepareLocalCharmUpload(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(curl.Revision, gc.Equals, 124)
-
-	// Also ensure the revision cannot decrease.
-	curl, err = s.State.PrepareLocalCharmUpload(curl.WithRevision(42))
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(curl.Revision, gc.Equals, 125)
-
-	// Check the given revision is respected.
-	curl, err = s.State.PrepareLocalCharmUpload(curl.WithRevision(1234))
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(curl.Revision, gc.Equals, 1234)
-}
-
-func (s *StateSuite) TestPrepareStoreCharmUpload(c *gc.C) {
-	// First test the sanity checks.
-	sch, err := s.State.PrepareStoreCharmUpload(charm.MustParseURL("cs:quantal/dummy"))
-	c.Assert(err, gc.ErrorMatches, "expected charm URL with revision, got .*")
-	c.Assert(sch, gc.IsNil)
-	sch, err = s.State.PrepareStoreCharmUpload(charm.MustParseURL("local:quantal/dummy"))
-	c.Assert(err, gc.ErrorMatches, "expected charm URL with cs schema, got .*")
-	c.Assert(sch, gc.IsNil)
-
-	// No charm in state, so the call should respect given revision.
-	testCurl := charm.MustParseURL("cs:quantal/missing-123")
-	sch, err = s.State.PrepareStoreCharmUpload(testCurl)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(sch.URL(), gc.DeepEquals, testCurl)
-	c.Assert(sch.IsUploaded(), jc.IsFalse)
-
-	s.assertPendingCharmExists(c, sch.URL())
-
-	// Try adding it again with the same revision and ensure we get the same document.
-	schCopy, err := s.State.PrepareStoreCharmUpload(testCurl)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(sch, jc.DeepEquals, schCopy)
-
-	// Now add a charm and try again - we should get the same result
-	// as with AddCharm.
-	info := s.dummyCharm(c, "cs:precise/dummy-2")
-	sch, err = s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	schCopy, err = s.State.PrepareStoreCharmUpload(info.ID)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(sch, jc.DeepEquals, schCopy)
-
-	// Finally, try poking around the state with a placeholder and
-	// bundlesha256 to make sure we do the right thing.
-	curl := info.ID.WithRevision(999)
-	first := txn.TestHook{
-		Before: func() {
-			err := s.State.AddStoreCharmPlaceholder(curl)
-			c.Assert(err, jc.ErrorIsNil)
-		},
-		After: func() {
-			err := s.charms.RemoveId(state.DocID(s.State, curl.String()))
-			c.Assert(err, jc.ErrorIsNil)
-		},
-	}
-	second := txn.TestHook{
-		Before: func() {
-			err := s.State.AddStoreCharmPlaceholder(curl)
-			c.Assert(err, jc.ErrorIsNil)
-		},
-		After: func() {
-			err := s.charms.UpdateId(state.DocID(s.State, curl.String()), bson.D{{"$set", bson.D{
-				{"bundlesha256", "fake"}},
-			}})
-			c.Assert(err, jc.ErrorIsNil)
-		},
-	}
-	defer state.SetTestHooks(c, s.State, first, second, first).Check()
-
-	_, err = s.State.PrepareStoreCharmUpload(curl)
-	cause := errors.Cause(err)
-	c.Assert(cause, gc.Equals, txn.ErrExcessiveContention)
-}
-
-func (s *StateSuite) TestUpdateUploadedCharm(c *gc.C) {
-	info := s.dummyCharm(c, "")
-	_, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Test with already uploaded and a missing charms.
-	sch, err := s.State.UpdateUploadedCharm(info)
-	c.Assert(err, gc.ErrorMatches, fmt.Sprintf("charm %q already uploaded", info.ID))
-	c.Assert(sch, gc.IsNil)
-	info.ID = charm.MustParseURL("local:quantal/missing-1")
-	info.SHA256 = "missing"
-	sch, err = s.State.UpdateUploadedCharm(info)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	c.Assert(sch, gc.IsNil)
-
-	// Test with with an uploaded local charm.
-	_, err = s.State.PrepareLocalCharmUpload(info.ID)
-	c.Assert(err, jc.ErrorIsNil)
-
-	m, err := macaroon.New([]byte("rootkey"), "id", "loc")
-	c.Assert(err, jc.ErrorIsNil)
-	info.Macaroon = macaroon.Slice{m}
-	c.Assert(err, jc.ErrorIsNil)
-	sch, err = s.State.UpdateUploadedCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(sch.URL(), gc.DeepEquals, info.ID)
-	c.Assert(sch.Revision(), gc.Equals, info.ID.Revision)
-	c.Assert(sch.IsUploaded(), jc.IsTrue)
-	c.Assert(sch.IsPlaceholder(), jc.IsFalse)
-	c.Assert(sch.Meta(), gc.DeepEquals, info.Charm.Meta())
-	c.Assert(sch.Config(), gc.DeepEquals, info.Charm.Config())
-	c.Assert(sch.StoragePath(), gc.DeepEquals, info.StoragePath)
-	c.Assert(sch.BundleSha256(), gc.Equals, "missing")
-	ms, err := sch.Macaroon()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ms, gc.DeepEquals, info.Macaroon)
-}
-
-func (s *StateSuite) TestUpdateUploadedCharmEscapesSpecialCharsInConfig(c *gc.C) {
-	// Make sure when we have mongodb special characters like "$" and
-	// "." in the name of any charm config option, we do proper
-	// escaping before storing them and unescaping after loading. See
-	// also http://pad.lv/1308146.
-
-	// Clone the dummy charm and change the config.
-	configWithProblematicKeys := []byte(`
-options:
-  $bad.key: {default: bad, description: bad, type: string}
-  not.ok.key: {description: not ok, type: int}
-  valid-key: {description: all good, type: boolean}
-  still$bad.: {description: not good, type: float}
-  $.$: {description: awful, type: string}
-  ...: {description: oh boy, type: int}
-  just$: {description: no no, type: float}
-`[1:])
-	chDir := testcharms.Repo.ClonedDirPath(c.MkDir(), "dummy")
-	err := utils.AtomicWriteFile(
-		filepath.Join(chDir, "config.yaml"),
-		configWithProblematicKeys,
-		0666,
-	)
-	c.Assert(err, jc.ErrorIsNil)
-	ch, err := charm.ReadCharmDir(chDir)
-	c.Assert(err, jc.ErrorIsNil)
-	missingCurl := charm.MustParseURL("local:quantal/missing-1")
-	storagePath := "dummy-1"
-
-	preparedCurl, err := s.State.PrepareLocalCharmUpload(missingCurl)
-	c.Assert(err, jc.ErrorIsNil)
-	info := state.CharmInfo{
-		Charm:       ch,
-		ID:          preparedCurl,
-		StoragePath: "dummy-1",
-		SHA256:      "missing",
-	}
-	sch, err := s.State.UpdateUploadedCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(sch.URL(), gc.DeepEquals, missingCurl)
-	c.Assert(sch.Revision(), gc.Equals, missingCurl.Revision)
-	c.Assert(sch.IsUploaded(), jc.IsTrue)
-	c.Assert(sch.IsPlaceholder(), jc.IsFalse)
-	c.Assert(sch.Meta(), gc.DeepEquals, ch.Meta())
-	c.Assert(sch.Config(), gc.DeepEquals, ch.Config())
-	c.Assert(sch.StoragePath(), gc.DeepEquals, storagePath)
-	c.Assert(sch.BundleSha256(), gc.Equals, "missing")
-}
-
-func (s *StateSuite) assertPlaceholderCharmExists(c *gc.C, curl *charm.URL) {
-	// Find charm directly and verify only the charm URL and
-	// Placeholder are set.
-	doc := state.CharmDoc{}
-	err := s.charms.FindId(state.DocID(s.State, curl.String())).One(&doc)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(doc.URL, gc.DeepEquals, curl)
-	c.Assert(doc.PendingUpload, jc.IsFalse)
-	c.Assert(doc.Placeholder, jc.IsTrue)
-	c.Assert(doc.Meta, gc.IsNil)
-	c.Assert(doc.Config, gc.IsNil)
-	c.Assert(doc.StoragePath, gc.Equals, "")
-	c.Assert(doc.BundleSha256, gc.Equals, "")
-
-	// Make sure we can't find it with st.Charm().
-	_, err = s.State.Charm(curl)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
-func (s *StateSuite) TestLatestPlaceholderCharm(c *gc.C) {
-	// Add a deployed charm
-	info := s.dummyCharm(c, "cs:quantal/dummy-1")
-	_, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Deployed charm not found.
-	_, err = s.State.LatestPlaceholderCharm(info.ID)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-
-	// Add a charm reference
-	curl2 := charm.MustParseURL("cs:quantal/dummy-2")
-	err = s.State.AddStoreCharmPlaceholder(curl2)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertPlaceholderCharmExists(c, curl2)
-
-	// Use a URL with an arbitrary rev to search.
-	curl := charm.MustParseURL("cs:quantal/dummy-23")
-	pending, err := s.State.LatestPlaceholderCharm(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(pending.URL(), gc.DeepEquals, curl2)
-	c.Assert(pending.IsPlaceholder(), jc.IsTrue)
-	c.Assert(pending.Meta(), gc.IsNil)
-	c.Assert(pending.Config(), gc.IsNil)
-	c.Assert(pending.StoragePath(), gc.Equals, "")
-	c.Assert(pending.BundleSha256(), gc.Equals, "")
-}
-
-func (s *StateSuite) TestAddStoreCharmPlaceholderErrors(c *gc.C) {
-	ch := testcharms.Repo.CharmDir("dummy")
-	curl := charm.MustParseURL(
-		fmt.Sprintf("local:quantal/%s-%d", ch.Meta().Name, ch.Revision()),
-	)
-	err := s.State.AddStoreCharmPlaceholder(curl)
-	c.Assert(err, gc.ErrorMatches, "expected charm URL with cs schema, got .*")
-
-	curl = charm.MustParseURL("cs:quantal/dummy")
-	err = s.State.AddStoreCharmPlaceholder(curl)
-	c.Assert(err, gc.ErrorMatches, "expected charm URL with revision, got .*")
-}
-
-func (s *StateSuite) TestAddStoreCharmPlaceholder(c *gc.C) {
-	curl := charm.MustParseURL("cs:quantal/dummy-1")
-	err := s.State.AddStoreCharmPlaceholder(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertPlaceholderCharmExists(c, curl)
-
-	// Add the same one again, should be a no-op
-	err = s.State.AddStoreCharmPlaceholder(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertPlaceholderCharmExists(c, curl)
-}
-
-func (s *StateSuite) assertAddStoreCharmPlaceholder(c *gc.C) (*charm.URL, *charm.URL, *state.Charm) {
-	// Add a deployed charm
-	info := s.dummyCharm(c, "cs:quantal/dummy-1")
-	dummy, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Add a charm placeholder
-	curl2 := charm.MustParseURL("cs:quantal/dummy-2")
-	err = s.State.AddStoreCharmPlaceholder(curl2)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertPlaceholderCharmExists(c, curl2)
-
-	// Deployed charm is still there.
-	existing, err := s.State.Charm(info.ID)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(existing, jc.DeepEquals, dummy)
-
-	return info.ID, curl2, dummy
-}
-
-func (s *StateSuite) TestAddStoreCharmPlaceholderLeavesDeployedCharmsAlone(c *gc.C) {
-	s.assertAddStoreCharmPlaceholder(c)
-}
-
-func (s *StateSuite) TestAddStoreCharmPlaceholderDeletesOlder(c *gc.C) {
-	curl, curlOldRef, dummy := s.assertAddStoreCharmPlaceholder(c)
-
-	// Add a new charm placeholder
-	curl3 := charm.MustParseURL("cs:quantal/dummy-3")
-	err := s.State.AddStoreCharmPlaceholder(curl3)
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertPlaceholderCharmExists(c, curl3)
-
-	// Deployed charm is still there.
-	existing, err := s.State.Charm(curl)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(existing, jc.DeepEquals, dummy)
-
-	// Older charm placeholder is gone.
-	doc := state.CharmDoc{}
-	err = s.charms.FindId(curlOldRef).One(&doc)
-	c.Assert(err, gc.Equals, mgo.ErrNotFound)
-}
-
-func (s *StateSuite) TestAllCharms(c *gc.C) {
-	// Add a deployed charm
-	info := s.dummyCharm(c, "cs:quantal/dummy-1")
-	sch, err := s.State.AddCharm(info)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Add a charm reference
-	curl2 := charm.MustParseURL("cs:quantal/dummy-2")
-	err = s.State.AddStoreCharmPlaceholder(curl2)
-	c.Assert(err, jc.ErrorIsNil)
-
-	charms, err := s.State.AllCharms()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(charms, gc.HasLen, 2)
-
-	c.Assert(charms[0], gc.DeepEquals, sch)
-	c.Assert(charms[1].URL(), gc.DeepEquals, curl2)
-}
-
 func (s *StateSuite) AssertMachineCount(c *gc.C, expect int) {
 	ms, err := s.State.AllMachines()
 	c.Assert(err, jc.ErrorIsNil)
@@ -1377,11 +971,11 @@
 		Series: "raring",
 		Jobs:   oneJob,
 	}
-	m, err := s.State.AddMachineInsideNewMachine(template, parentTemplate, instance.LXC)
+	m, err := s.State.AddMachineInsideNewMachine(template, parentTemplate, instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.Id(), gc.Equals, "0/lxc/0")
+	c.Assert(m.Id(), gc.Equals, "0/lxd/0")
 	c.Assert(m.Series(), gc.Equals, "quantal")
-	c.Assert(m.ContainerType(), gc.Equals, instance.LXC)
+	c.Assert(m.ContainerType(), gc.Equals, instance.LXD)
 	mcons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(&mcons, jc.Satisfies, constraints.IsEmpty)
@@ -1389,10 +983,10 @@
 
 	m, err = s.State.Machine("0")
 	c.Assert(err, jc.ErrorIsNil)
-	s.assertMachineContainers(c, m, []string{"0/lxc/0"})
+	s.assertMachineContainers(c, m, []string{"0/lxd/0"})
 	c.Assert(m.Series(), gc.Equals, "raring")
 
-	m, err = s.State.Machine("0/lxc/0")
+	m, err = s.State.Machine("0/lxd/0")
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertMachineContainers(c, m, nil)
 	c.Assert(m.Jobs(), gc.DeepEquals, oneJob)
@@ -1409,20 +1003,20 @@
 	m, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, "1", instance.LXC)
+	}, "1", instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.Id(), gc.Equals, "1/lxc/0")
+	c.Assert(m.Id(), gc.Equals, "1/lxd/0")
 	c.Assert(m.Series(), gc.Equals, "quantal")
-	c.Assert(m.ContainerType(), gc.Equals, instance.LXC)
+	c.Assert(m.ContainerType(), gc.Equals, instance.LXD)
 	mcons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(&mcons, jc.Satisfies, constraints.IsEmpty)
 	c.Assert(m.Jobs(), gc.DeepEquals, oneJob)
-	s.assertMachineContainers(c, m1, []string{"1/lxc/0"})
+	s.assertMachineContainers(c, m1, []string{"1/lxd/0"})
 
 	s.assertMachineContainers(c, m0, nil)
-	s.assertMachineContainers(c, m1, []string{"1/lxc/0"})
-	m, err = s.State.Machine("1/lxc/0")
+	s.assertMachineContainers(c, m1, []string{"1/lxd/0"})
+	m, err = s.State.Machine("1/lxd/0")
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertMachineContainers(c, m, nil)
 
@@ -1430,13 +1024,13 @@
 	m, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, "1", instance.LXC)
+	}, "1", instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.Id(), gc.Equals, "1/lxc/1")
+	c.Assert(m.Id(), gc.Equals, "1/lxd/1")
 	c.Assert(m.Series(), gc.Equals, "quantal")
-	c.Assert(m.ContainerType(), gc.Equals, instance.LXC)
+	c.Assert(m.ContainerType(), gc.Equals, instance.LXD)
 	c.Assert(m.Jobs(), gc.DeepEquals, oneJob)
-	s.assertMachineContainers(c, m1, []string{"1/lxc/0", "1/lxc/1"})
+	s.assertMachineContainers(c, m1, []string{"1/lxd/0", "1/lxd/1"})
 }
 
 func (s *StateSuite) TestAddContainerToMachineWithKnownSupportedContainers(c *gc.C) {
@@ -1465,8 +1059,8 @@
 	_, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, "0", instance.LXC)
-	c.Assert(err, gc.ErrorMatches, "cannot add a new machine: machine 0 cannot host lxc containers")
+	}, "0", instance.LXD)
+	c.Assert(err, gc.ErrorMatches, "cannot add a new machine: machine 0 cannot host lxd containers")
 	s.assertMachineContainers(c, host, nil)
 }
 
@@ -1480,8 +1074,8 @@
 	_, err = s.State.AddMachineInsideMachine(state.MachineTemplate{
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}, "0", instance.LXC)
-	c.Assert(err, gc.ErrorMatches, "cannot add a new machine: machine 0 cannot host lxc containers")
+	}, "0", instance.LXD)
+	c.Assert(err, gc.ErrorMatches, "cannot add a new machine: machine 0 cannot host lxd containers")
 	s.assertMachineContainers(c, host, nil)
 }
 
@@ -1495,13 +1089,13 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	_, err := s.State.AddMachineInsideMachine(instIdTemplate, "0", instance.LXC)
+	_, err := s.State.AddMachineInsideMachine(instIdTemplate, "0", instance.LXD)
 	c.Check(err, gc.ErrorMatches, "cannot add a new machine: cannot specify instance id for a new container")
 
-	_, err = s.State.AddMachineInsideNewMachine(instIdTemplate, normalTemplate, instance.LXC)
+	_, err = s.State.AddMachineInsideNewMachine(instIdTemplate, normalTemplate, instance.LXD)
 	c.Check(err, gc.ErrorMatches, "cannot add a new machine: cannot specify instance id for a new container")
 
-	_, err = s.State.AddMachineInsideNewMachine(normalTemplate, instIdTemplate, instance.LXC)
+	_, err = s.State.AddMachineInsideNewMachine(normalTemplate, instIdTemplate, instance.LXD)
 	c.Check(err, gc.ErrorMatches, "cannot add a new machine: cannot specify instance id for a new container")
 
 	_, err = s.State.AddOneMachine(instIdTemplate)
@@ -1521,13 +1115,13 @@
 	_, err = s.State.AddOneMachine(noSeriesTemplate)
 	c.Check(err, gc.ErrorMatches, "cannot add a new machine: no series specified")
 
-	_, err = s.State.AddMachineInsideNewMachine(noSeriesTemplate, normalTemplate, instance.LXC)
+	_, err = s.State.AddMachineInsideNewMachine(noSeriesTemplate, normalTemplate, instance.LXD)
 	c.Check(err, gc.ErrorMatches, "cannot add a new machine: no series specified")
 
-	_, err = s.State.AddMachineInsideNewMachine(normalTemplate, noSeriesTemplate, instance.LXC)
+	_, err = s.State.AddMachineInsideNewMachine(normalTemplate, noSeriesTemplate, instance.LXD)
 	c.Check(err, gc.ErrorMatches, "cannot add a new machine: no series specified")
 
-	_, err = s.State.AddMachineInsideMachine(noSeriesTemplate, "0", instance.LXC)
+	_, err = s.State.AddMachineInsideMachine(noSeriesTemplate, "0", instance.LXD)
 	c.Check(err, gc.ErrorMatches, "cannot add a new machine: no series specified")
 }
 
@@ -1536,7 +1130,7 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	_, err := s.State.AddMachineInsideMachine(template, "10", instance.LXC)
+	_, err := s.State.AddMachineInsideMachine(template, "10", instance.LXD)
 	c.Assert(err, gc.ErrorMatches, "cannot add a new machine: machine 10 not found")
 	_, err = s.State.AddMachineInsideMachine(template, "10", "")
 	c.Assert(err, gc.ErrorMatches, "cannot add a new machine: no container type specified")
@@ -1614,25 +1208,25 @@
 		Series: "quantal",
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	m, err := s.State.AddMachineInsideMachine(template, "0", instance.LXC)
+	m, err := s.State.AddMachineInsideMachine(template, "0", instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.Id(), gc.Equals, "0/lxc/0")
+	c.Assert(m.Id(), gc.Equals, "0/lxd/0")
 	c.Assert(m.Series(), gc.Equals, "quantal")
-	c.Assert(m.ContainerType(), gc.Equals, instance.LXC)
+	c.Assert(m.ContainerType(), gc.Equals, instance.LXD)
 	mcons, err := m.Constraints()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(&mcons, jc.Satisfies, constraints.IsEmpty)
 	c.Assert(m.Jobs(), gc.DeepEquals, oneJob)
-	s.assertMachineContainers(c, m0, []string{"0/lxc/0"})
+	s.assertMachineContainers(c, m0, []string{"0/lxd/0"})
 
 	// Add second container.
-	m, err = s.State.AddMachineInsideMachine(template, "0", instance.LXC)
+	m, err = s.State.AddMachineInsideMachine(template, "0", instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(m.Id(), gc.Equals, "0/lxc/1")
+	c.Assert(m.Id(), gc.Equals, "0/lxd/1")
 	c.Assert(m.Series(), gc.Equals, "quantal")
-	c.Assert(m.ContainerType(), gc.Equals, instance.LXC)
+	c.Assert(m.ContainerType(), gc.Equals, instance.LXD)
 	c.Assert(m.Jobs(), gc.DeepEquals, oneJob)
-	s.assertMachineContainers(c, m0, []string{"0/lxc/0", "0/lxc/1"})
+	s.assertMachineContainers(c, m0, []string{"0/lxd/0", "0/lxd/1"})
 }
 
 func (s *StateSuite) TestAddMachineCanOnlyAddControllerForMachine0(c *gc.C) {
@@ -1658,10 +1252,10 @@
 	m, err = s.State.AddOneMachine(template)
 	c.Assert(err, gc.ErrorMatches, errCannotAdd)
 
-	m, err = s.State.AddMachineInsideMachine(template, "0", instance.LXC)
+	m, err = s.State.AddMachineInsideMachine(template, "0", instance.LXD)
 	c.Assert(err, gc.ErrorMatches, errCannotAdd)
 
-	m, err = s.State.AddMachineInsideNewMachine(template, template, instance.LXC)
+	m, err = s.State.AddMachineInsideNewMachine(template, template, instance.LXD)
 	c.Assert(err, gc.ErrorMatches, errCannotAdd)
 }
 
@@ -1674,21 +1268,6 @@
 	c.Assert(machine.Id(), gc.Equals, expectedId)
 }
 
-func (s *StateSuite) TestReadPreModelUUIDMachine(c *gc.C) {
-	type oldMachineDoc struct {
-		Id     string `bson:"_id"`
-		Series string
-	}
-
-	s.machines.Insert(&oldMachineDoc{"99", "quantal"})
-
-	machine, err := s.State.Machine("99")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(machine.Id(), gc.Equals, "99")
-	c.Assert(machine.Tag(), gc.Equals, names.NewMachineTag("99"))
-	c.Assert(machine.Series(), gc.Equals, "quantal") // Sanity check.
-}
-
 func (s *StateSuite) TestMachineNotFound(c *gc.C) {
 	_, err := s.State.Machine("0")
 	c.Assert(err, gc.ErrorMatches, "machine 0 not found")
@@ -1700,12 +1279,12 @@
 	c.Assert(state.MachineIdLessThan("0", "1"), jc.IsTrue)
 	c.Assert(state.MachineIdLessThan("1", "0"), jc.IsFalse)
 	c.Assert(state.MachineIdLessThan("10", "2"), jc.IsFalse)
-	c.Assert(state.MachineIdLessThan("0", "0/lxc/0"), jc.IsTrue)
-	c.Assert(state.MachineIdLessThan("0/lxc/0", "0"), jc.IsFalse)
-	c.Assert(state.MachineIdLessThan("1", "0/lxc/0"), jc.IsFalse)
-	c.Assert(state.MachineIdLessThan("0/lxc/0", "1"), jc.IsTrue)
-	c.Assert(state.MachineIdLessThan("0/lxc/0/lxc/1", "0/lxc/0"), jc.IsFalse)
-	c.Assert(state.MachineIdLessThan("0/kvm/0", "0/lxc/0"), jc.IsTrue)
+	c.Assert(state.MachineIdLessThan("0", "0/lxd/0"), jc.IsTrue)
+	c.Assert(state.MachineIdLessThan("0/lxd/0", "0"), jc.IsFalse)
+	c.Assert(state.MachineIdLessThan("1", "0/lxd/0"), jc.IsFalse)
+	c.Assert(state.MachineIdLessThan("0/lxd/0", "1"), jc.IsTrue)
+	c.Assert(state.MachineIdLessThan("0/lxd/0/lxd/1", "0/lxd/0"), jc.IsFalse)
+	c.Assert(state.MachineIdLessThan("0/kvm/0", "0/lxd/0"), jc.IsTrue)
 }
 
 func (s *StateSuite) TestAllMachines(c *gc.C) {
@@ -1743,11 +1322,11 @@
 	c.Assert(err, jc.ErrorIsNil)
 	wordpressCharm := s.AddTestingCharm(c, "wordpress")
 	for i := 0; i < numRelations; i++ {
-		serviceName := fmt.Sprintf("wordpress%d", i)
-		wordpress := s.AddTestingService(c, serviceName, wordpressCharm)
+		applicationname := fmt.Sprintf("wordpress%d", i)
+		wordpress := s.AddTestingService(c, applicationname, wordpressCharm)
 		_, err = wordpress.AddUnit()
 		c.Assert(err, jc.ErrorIsNil)
-		eps, err := s.State.InferEndpoints(serviceName, "mysql")
+		eps, err := s.State.InferEndpoints(applicationname, "mysql")
 		c.Assert(err, jc.ErrorIsNil)
 		_, err = s.State.AddRelation(eps...)
 		c.Assert(err, jc.ErrorIsNil)
@@ -1762,38 +1341,38 @@
 	}
 }
 
-func (s *StateSuite) TestAddService(c *gc.C) {
+func (s *StateSuite) TestAddApplication(c *gc.C) {
 	ch := s.AddTestingCharm(c, "dummy")
-	_, err := s.State.AddService(state.AddServiceArgs{Name: "haha/borken", Owner: s.Owner.String(), Charm: ch})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "haha/borken": invalid name`)
-	_, err = s.State.Service("haha/borken")
-	c.Assert(err, gc.ErrorMatches, `"haha/borken" is not a valid service name`)
+	_, err := s.State.AddApplication(state.AddApplicationArgs{Name: "haha/borken", Charm: ch})
+	c.Assert(err, gc.ErrorMatches, `cannot add application "haha/borken": invalid name`)
+	_, err = s.State.Application("haha/borken")
+	c.Assert(err, gc.ErrorMatches, `"haha/borken" is not a valid application name`)
 
 	// set that a nil charm is handled correctly
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "umadbro", Owner: s.Owner.String()})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "umadbro": charm is nil`)
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "umadbro"})
+	c.Assert(err, gc.ErrorMatches, `cannot add application "umadbro": charm is nil`)
 
 	insettings := charm.Settings{"tuning": "optimized"}
 
-	wordpress, err := s.State.AddService(state.AddServiceArgs{Name: "wordpress", Owner: s.Owner.String(), Charm: ch, Settings: insettings})
+	wordpress, err := s.State.AddApplication(state.AddApplicationArgs{Name: "wordpress", Charm: ch, Settings: insettings})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(wordpress.Name(), gc.Equals, "wordpress")
 	outsettings, err := wordpress.ConfigSettings()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(outsettings, gc.DeepEquals, insettings)
 
-	mysql, err := s.State.AddService(state.AddServiceArgs{Name: "mysql", Owner: s.Owner.String(), Charm: ch})
+	mysql, err := s.State.AddApplication(state.AddApplicationArgs{Name: "mysql", Charm: ch})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(mysql.Name(), gc.Equals, "mysql")
 
 	// Check that retrieving the new created services works correctly.
-	wordpress, err = s.State.Service("wordpress")
+	wordpress, err = s.State.Application("wordpress")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(wordpress.Name(), gc.Equals, "wordpress")
 	ch, _, err = wordpress.Charm()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(ch.URL(), gc.DeepEquals, ch.URL())
-	mysql, err = s.State.Service("mysql")
+	mysql, err = s.State.Application("mysql")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(mysql.Name(), gc.Equals, "mysql")
 	ch, _, err = mysql.Charm()
@@ -1808,8 +1387,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = env.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "s1", Owner: s.Owner.String(), Charm: charm})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "s1": model "testenv" is no longer alive`)
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "s1", Charm: charm})
+	c.Assert(err, gc.ErrorMatches, `cannot add application "s1": model "testenv" is no longer alive`)
 }
 
 func (s *StateSuite) TestAddServiceEnvironmentMigrating(c *gc.C) {
@@ -1819,8 +1398,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	err = env.SetMigrationMode(state.MigrationModeExporting)
 	c.Assert(err, jc.ErrorIsNil)
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "s1", Owner: s.Owner.String(), Charm: charm})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "s1": model "testenv" is being migrated`)
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "s1", Charm: charm})
+	c.Assert(err, gc.ErrorMatches, `cannot add application "s1": model "testenv" is being migrated`)
 }
 
 func (s *StateSuite) TestAddServiceEnvironmentDyingAfterInitial(c *gc.C) {
@@ -1834,39 +1413,20 @@
 		c.Assert(env.Life(), gc.Equals, state.Alive)
 		c.Assert(env.Destroy(), gc.IsNil)
 	}).Check()
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "s1", Owner: s.Owner.String(), Charm: charm})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "s1": model "testenv" is no longer alive`)
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "s1", Charm: charm})
+	c.Assert(err, gc.ErrorMatches, `cannot add application "s1": model "testenv" is no longer alive`)
 }
 
 func (s *StateSuite) TestServiceNotFound(c *gc.C) {
-	_, err := s.State.Service("bummer")
-	c.Assert(err, gc.ErrorMatches, `service "bummer" not found`)
+	_, err := s.State.Application("bummer")
+	c.Assert(err, gc.ErrorMatches, `application "bummer" not found`)
 	c.Assert(err, jc.Satisfies, errors.IsNotFound)
 }
 
-func (s *StateSuite) TestAddServiceNoTag(c *gc.C) {
-	charm := s.AddTestingCharm(c, "dummy")
-	_, err := s.State.AddService(state.AddServiceArgs{Name: "wordpress", Owner: "admin", Charm: charm})
-	c.Assert(err, gc.ErrorMatches, "cannot add service \"wordpress\": Invalid ownertag admin: \"admin\" is not a valid tag")
-}
-
-func (s *StateSuite) TestAddServiceNotUserTag(c *gc.C) {
-	charm := s.AddTestingCharm(c, "dummy")
-	_, err := s.State.AddService(state.AddServiceArgs{Name: "wordpress", Owner: "machine-3", Charm: charm})
-	c.Assert(err, gc.ErrorMatches, "cannot add service \"wordpress\": Invalid ownertag machine-3: \"machine-3\" is not a valid user tag")
-}
-
-func (s *StateSuite) TestAddServiceNonExistentUser(c *gc.C) {
-	charm := s.AddTestingCharm(c, "dummy")
-	_, err := s.State.AddService(state.AddServiceArgs{Name: "wordpress", Owner: "user-notAuser", Charm: charm})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "wordpress": model user "notAuser@local" not found`)
-}
-
 func (s *StateSuite) TestAddServiceWithDefaultBindings(c *gc.C) {
 	ch := s.AddMetaCharm(c, "mysql", metaBase, 42)
-	svc, err := s.State.AddService(state.AddServiceArgs{
+	svc, err := s.State.AddApplication(state.AddApplicationArgs{
 		Name:  "yoursql",
-		Owner: s.Owner.String(),
 		Charm: ch,
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -1898,9 +1458,8 @@
 
 	// Specify some bindings, but not all when adding the service.
 	ch := s.AddMetaCharm(c, "mysql", metaBase, 43)
-	svc, err := s.State.AddService(state.AddServiceArgs{
+	svc, err := s.State.AddApplication(state.AddApplicationArgs{
 		Name:  "yoursql",
-		Owner: s.Owner.String(),
 		Charm: ch,
 		EndpointBindings: map[string]string{
 			"client":  "client",
@@ -1963,13 +1522,12 @@
 	}} {
 		c.Logf("test #%d: %s", i, test.about)
 
-		_, err := s.State.AddService(state.AddServiceArgs{
+		_, err := s.State.AddApplication(state.AddApplicationArgs{
 			Name:             "yoursql",
-			Owner:            s.Owner.String(),
 			Charm:            charm,
 			EndpointBindings: test.bindings,
 		})
-		c.Check(err, gc.ErrorMatches, `cannot add service "yoursql": `+test.expectedError)
+		c.Check(err, gc.ErrorMatches, `cannot add application "yoursql": `+test.expectedError)
 		c.Check(err, jc.Satisfies, errors.IsNotValid)
 	}
 }
@@ -1979,32 +1537,32 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	charm := s.AddTestingCharm(c, "dummy")
-	_, err = s.State.AddService(state.AddServiceArgs{
-		Name: "wordpress", Owner: s.Owner.String(), Charm: charm,
+	_, err = s.State.AddApplication(state.AddApplicationArgs{
+		Name: "wordpress", Charm: charm,
 		Placement: []*instance.Placement{
 			{instance.MachineScope, m.Id()},
 		},
 	})
-	c.Assert(err, gc.ErrorMatches, "cannot add service \"wordpress\": cannot deploy to machine .*: series does not match")
+	c.Assert(err, gc.ErrorMatches, "cannot add application \"wordpress\": cannot deploy to machine .*: series does not match")
 }
 
 func (s *StateSuite) TestAddServiceIncompatibleOSWithSeriesInURL(c *gc.C) {
 	charm := s.AddTestingCharm(c, "dummy")
 	// A charm with a series in its URL is implicitly supported by that
 	// series only.
-	_, err := s.State.AddService(state.AddServiceArgs{
-		Name: "wordpress", Owner: s.Owner.String(), Charm: charm,
+	_, err := s.State.AddApplication(state.AddApplicationArgs{
+		Name: "wordpress", Charm: charm,
 		Series: "centos7",
 	})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "wordpress": series "centos7" \(OS \"CentOS"\) not supported by charm, supported series are "quantal"`)
+	c.Assert(err, gc.ErrorMatches, `cannot add application "wordpress": series "centos7" \(OS \"CentOS"\) not supported by charm, supported series are "quantal"`)
 }
 
 func (s *StateSuite) TestAddServiceCompatibleOSWithSeriesInURL(c *gc.C) {
 	charm := s.AddTestingCharm(c, "dummy")
 	// A charm with a series in its URL is implicitly supported by that
 	// series only.
-	_, err := s.State.AddService(state.AddServiceArgs{
-		Name: "wordpress", Owner: s.Owner.String(), Charm: charm,
+	_, err := s.State.AddApplication(state.AddApplicationArgs{
+		Name: "wordpress", Charm: charm,
 		Series: charm.URL().Series,
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -2013,8 +1571,8 @@
 func (s *StateSuite) TestAddServiceCompatibleOSWithNoExplicitSupportedSeries(c *gc.C) {
 	// If a charm doesn't declare any series, we can add it with any series we choose.
 	charm := s.AddSeriesCharm(c, "dummy", "")
-	_, err := s.State.AddService(state.AddServiceArgs{
-		Name: "wordpress", Owner: s.Owner.String(), Charm: charm,
+	_, err := s.State.AddApplication(state.AddApplicationArgs{
+		Name: "wordpress", Charm: charm,
 		Series: "quantal",
 	})
 	c.Assert(err, jc.ErrorIsNil)
@@ -2024,29 +1582,29 @@
 	charm := state.AddTestingCharmMultiSeries(c, s.State, "multi-series")
 	// A charm with supported series can only be force-deployed to series
 	// of the same operating systems as the suppoted series.
-	_, err := s.State.AddService(state.AddServiceArgs{
-		Name: "wordpress", Owner: s.Owner.String(), Charm: charm,
+	_, err := s.State.AddApplication(state.AddApplicationArgs{
+		Name: "wordpress", Charm: charm,
 		Series: "centos7",
 	})
-	c.Assert(err, gc.ErrorMatches, `cannot add service "wordpress": series "centos7" \(OS "CentOS"\) not supported by charm, supported series are "precise, trusty"`)
+	c.Assert(err, gc.ErrorMatches, `cannot add application "wordpress": series "centos7" \(OS "CentOS"\) not supported by charm, supported series are "precise, trusty"`)
 }
 
-func (s *StateSuite) TestAllServices(c *gc.C) {
+func (s *StateSuite) TestAllApplications(c *gc.C) {
 	charm := s.AddTestingCharm(c, "dummy")
-	services, err := s.State.AllServices()
+	services, err := s.State.AllApplications()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(len(services), gc.Equals, 0)
 
 	// Check that after adding services the result is ok.
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "wordpress", Owner: s.Owner.String(), Charm: charm})
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "wordpress", Charm: charm})
 	c.Assert(err, jc.ErrorIsNil)
-	services, err = s.State.AllServices()
+	services, err = s.State.AllApplications()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(len(services), gc.Equals, 1)
 
-	_, err = s.State.AddService(state.AddServiceArgs{Name: "mysql", Owner: s.Owner.String(), Charm: charm})
+	_, err = s.State.AddApplication(state.AddApplicationArgs{Name: "mysql", Charm: charm})
 	c.Assert(err, jc.ErrorIsNil)
-	services, err = s.State.AllServices()
+	services, err = s.State.AllApplications()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(services, gc.HasLen, 2)
 
@@ -2085,7 +1643,7 @@
 	}, {
 		summary: "unknown service",
 		inputs:  [][]string{{"wooble"}},
-		err:     `service "wooble" not found`,
+		err:     `application "wooble" not found`,
 	}, {
 		summary: "invalid relations",
 		inputs: [][]string{
@@ -2105,7 +1663,7 @@
 		summary: "container scoped relations between 2 subordinates is ok",
 		inputs:  [][]string{{"lg:logging-directory", "lg2:logging-client"}},
 		eps: []state.Endpoint{{
-			ServiceName: "lg",
+			ApplicationName: "lg",
 			Relation: charm.Relation{
 				Name:      "logging-directory",
 				Role:      "requirer",
@@ -2113,7 +1671,7 @@
 				Limit:     1,
 				Scope:     charm.ScopeContainer,
 			}}, {
-			ServiceName: "lg2",
+			ApplicationName: "lg2",
 			Relation: charm.Relation{
 				Name:      "logging-client",
 				Role:      "provider",
@@ -2130,7 +1688,7 @@
 			{"rk1:ring"},
 		},
 		eps: []state.Endpoint{{
-			ServiceName: "rk1",
+			ApplicationName: "rk1",
 			Relation: charm.Relation{
 				Name:      "ring",
 				Interface: "riak",
@@ -2153,7 +1711,7 @@
 			{"ms:dev", "wp:db"},
 		},
 		eps: []state.Endpoint{{
-			ServiceName: "ms",
+			ApplicationName: "ms",
 			Relation: charm.Relation{
 				Interface: "mysql",
 				Name:      "dev",
@@ -2162,7 +1720,7 @@
 				Limit:     2,
 			},
 		}, {
-			ServiceName: "wp",
+			ApplicationName: "wp",
 			Relation: charm.Relation{
 				Interface: "mysql",
 				Name:      "db",
@@ -2175,7 +1733,7 @@
 		summary: "explicit logging relation is preferred over implicit juju-info",
 		inputs:  [][]string{{"lg", "wp"}},
 		eps: []state.Endpoint{{
-			ServiceName: "lg",
+			ApplicationName: "lg",
 			Relation: charm.Relation{
 				Interface: "logging",
 				Name:      "logging-directory",
@@ -2184,7 +1742,7 @@
 				Limit:     1,
 			},
 		}, {
-			ServiceName: "wp",
+			ApplicationName: "wp",
 			Relation: charm.Relation{
 				Interface: "logging",
 				Name:      "logging-dir",
@@ -2200,7 +1758,7 @@
 			{"lg:info", "wp:juju-info"},
 		},
 		eps: []state.Endpoint{{
-			ServiceName: "lg",
+			ApplicationName: "lg",
 			Relation: charm.Relation{
 				Interface: "juju-info",
 				Name:      "info",
@@ -2209,7 +1767,7 @@
 				Limit:     1,
 			},
 		}, {
-			ServiceName: "wp",
+			ApplicationName: "wp",
 			Relation: charm.Relation{
 				Interface: "juju-info",
 				Name:      "juju-info",
@@ -2221,7 +1779,7 @@
 		summary: "implicit relations will be chosen if there are no other options",
 		inputs:  [][]string{{"lg", "ms"}},
 		eps: []state.Endpoint{{
-			ServiceName: "lg",
+			ApplicationName: "lg",
 			Relation: charm.Relation{
 				Interface: "juju-info",
 				Name:      "info",
@@ -2230,7 +1788,7 @@
 				Limit:     1,
 			},
 		}, {
-			ServiceName: "ms",
+			ApplicationName: "ms",
 			Relation: charm.Relation{
 				Interface: "juju-info",
 				Name:      "juju-info",
@@ -2267,23 +1825,6 @@
 	}
 }
 
-func (s *StateSuite) TestModelConfig(c *gc.C) {
-	attrs := map[string]interface{}{
-		"authorized-keys": "different-keys",
-		"arbitrary-key":   "shazam!",
-	}
-	cfg, err := s.State.ModelConfig()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.State.UpdateModelConfig(attrs, nil, nil)
-	c.Assert(err, jc.ErrorIsNil)
-	cfg, err = cfg.Apply(attrs)
-	c.Assert(err, jc.ErrorIsNil)
-	oldCfg, err := s.State.ModelConfig()
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(oldCfg, gc.DeepEquals, cfg)
-}
-
 func (s *StateSuite) TestModelConstraints(c *gc.C) {
 	// Environ constraints start out empty (for now).
 	cons, err := s.State.ModelConstraints()
@@ -2332,23 +1873,6 @@
 	c.Assert(econs, gc.DeepEquals, cons)
 }
 
-func (s *StateSuite) TestWatchIPAddresses(c *gc.C) {
-	w := s.State.WatchIPAddresses()
-	defer statetesting.AssertStop(c, w)
-	wc := statetesting.NewStringsWatcherC(c, s.State, w)
-	wc.AssertChangeInSingleEvent()
-
-	// add an IP address
-	addr, err := s.State.AddIPAddress(network.NewAddress("0.1.2.3"), "foo")
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChangeInSingleEvent(addr.Value())
-
-	// Make it Dead: reported.
-	err = addr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChangeInSingleEvent(addr.Value())
-}
-
 func (s *StateSuite) TestWatchModelsBulkEvents(c *gc.C) {
 	// Alive model...
 	alive, err := s.State.Model()
@@ -2358,7 +1882,7 @@
 	st1 := s.Factory.MakeModel(c, nil)
 	defer st1.Close()
 	// Add a service so Destroy doesn't advance to Dead.
-	svc := factory.NewFactory(st1).MakeService(c, nil)
+	svc := factory.NewFactory(st1).MakeApplication(c, nil)
 	dying, err := st1.Model()
 	c.Assert(err, jc.ErrorIsNil)
 	err = dying.Destroy()
@@ -2401,7 +1925,7 @@
 	// Add a non-empty model: reported.
 	st1 := s.Factory.MakeModel(c, nil)
 	defer st1.Close()
-	svc := factory.NewFactory(st1).MakeService(c, nil)
+	svc := factory.NewFactory(st1).MakeApplication(c, nil)
 	env, err := st1.Model()
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertChange(env.UUID())
@@ -2466,8 +1990,8 @@
 	wc.AssertNoChange()
 
 	// Add a service: reported.
-	service := s.AddTestingService(c, "service", s.AddTestingCharm(c, "dummy"))
-	wc.AssertChange("service")
+	service := s.AddTestingService(c, "application", s.AddTestingCharm(c, "dummy"))
+	wc.AssertChange("application")
 	wc.AssertNoChange()
 
 	// Change the service: not reported.
@@ -2478,13 +2002,13 @@
 	// Make it Dying: reported.
 	err = service.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange("service")
+	wc.AssertChange("application")
 	wc.AssertNoChange()
 
 	// Make it Dead(/removed): reported.
 	err = keepDying.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange("service")
+	wc.AssertChange("application")
 	wc.AssertNoChange()
 }
 
@@ -2626,7 +2150,7 @@
 	wc.AssertNoChange()
 
 	// Add a container: not reported.
-	m, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXC)
+	m, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 
@@ -2659,7 +2183,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Initial event is empty when no containers.
-	w := machine.WatchContainers(instance.LXC)
+	w := machine.WatchContainers(instance.LXD)
 	defer statetesting.AssertStop(c, w)
 	wAll := machine.WatchAllContainers()
 	defer statetesting.AssertStop(c, wAll)
@@ -2673,11 +2197,11 @@
 	wcAll.AssertNoChange()
 
 	// Add a container of the required type: reported.
-	m, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXC)
+	m, err := s.State.AddMachineInsideMachine(template, machine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange("0/lxc/0")
+	wc.AssertChange("0/lxd/0")
 	wc.AssertNoChange()
-	wcAll.AssertChange("0/lxc/0")
+	wcAll.AssertChange("0/lxd/0")
 	wcAll.AssertNoChange()
 
 	// Add a container of a different type: not reported.
@@ -2689,28 +2213,28 @@
 	wcAll.AssertNoChange()
 
 	// Add a nested container of the right type: not reported.
-	mchild, err := s.State.AddMachineInsideMachine(template, m.Id(), instance.LXC)
+	mchild, err := s.State.AddMachineInsideMachine(template, m.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 	wcAll.AssertNoChange()
 
 	// Add a container of a different machine: not reported.
-	m2, err := s.State.AddMachineInsideMachine(template, otherMachine.Id(), instance.LXC)
+	m2, err := s.State.AddMachineInsideMachine(template, otherMachine.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 	wc.AssertNoChange()
 	statetesting.AssertStop(c, w)
 	wcAll.AssertNoChange()
 	statetesting.AssertStop(c, wAll)
 
-	w = machine.WatchContainers(instance.LXC)
+	w = machine.WatchContainers(instance.LXD)
 	defer statetesting.AssertStop(c, w)
 	wc = statetesting.NewStringsWatcherC(c, s.State, w)
 	wAll = machine.WatchAllContainers()
 	defer statetesting.AssertStop(c, wAll)
 	wcAll = statetesting.NewStringsWatcherC(c, s.State, wAll)
-	wc.AssertChange("0/lxc/0")
+	wc.AssertChange("0/lxd/0")
 	wc.AssertNoChange()
-	wcAll.AssertChange("0/kvm/0", "0/lxc/0")
+	wcAll.AssertChange("0/kvm/0", "0/lxd/0")
 	wcAll.AssertNoChange()
 
 	// Make the container Dying: cannot because of nested container.
@@ -2725,9 +2249,9 @@
 	// Make the container Dying: reported.
 	err = m.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange("0/lxc/0")
+	wc.AssertChange("0/lxd/0")
 	wc.AssertNoChange()
-	wcAll.AssertChange("0/lxc/0")
+	wcAll.AssertChange("0/lxd/0")
 	wcAll.AssertNoChange()
 
 	// Make the other containers Dying: not reported.
@@ -2743,9 +2267,9 @@
 	// Make the container Dead: reported.
 	err = m.EnsureDead()
 	c.Assert(err, jc.ErrorIsNil)
-	wc.AssertChange("0/lxc/0")
+	wc.AssertChange("0/lxd/0")
 	wc.AssertNoChange()
-	wcAll.AssertChange("0/lxc/0")
+	wcAll.AssertChange("0/lxd/0")
 	wcAll.AssertNoChange()
 
 	// Make the other containers Dead: not reported.
@@ -2802,6 +2326,7 @@
 	info, err := s.State.ControllerInfo()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(info, jc.DeepEquals, &state.ControllerInfo{
+		CloudName:        "dummy",
 		ModelTag:         s.modelTag,
 		MachineIds:       []string{"0"},
 		VotingMachineIds: []string{"0"},
@@ -2820,43 +2345,13 @@
 	info, err = s.State.ControllerInfo()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(info, jc.DeepEquals, &state.ControllerInfo{
+		CloudName:        "dummy",
 		ModelTag:         s.modelTag,
 		MachineIds:       []string{"0", "1", "2"},
 		VotingMachineIds: []string{"0", "1", "2"},
 	})
 }
 
-func (s *StateSuite) TestAdditionalValidation(c *gc.C) {
-	updateAttrs := map[string]interface{}{"logging-config": "juju=ERROR"}
-	configValidator1 := func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error {
-		c.Assert(updateAttrs, gc.DeepEquals, map[string]interface{}{"logging-config": "juju=ERROR"})
-		if _, found := updateAttrs["logging-config"]; found {
-			return fmt.Errorf("cannot change logging-config")
-		}
-		return nil
-	}
-	removeAttrs := []string{"logging-config"}
-	configValidator2 := func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error {
-		c.Assert(removeAttrs, gc.DeepEquals, []string{"logging-config"})
-		for _, i := range removeAttrs {
-			if i == "logging-config" {
-				return fmt.Errorf("cannot remove logging-config")
-			}
-		}
-		return nil
-	}
-	configValidator3 := func(updateAttrs map[string]interface{}, removeAttrs []string, oldConfig *config.Config) error {
-		return nil
-	}
-
-	err := s.State.UpdateModelConfig(updateAttrs, nil, configValidator1)
-	c.Assert(err, gc.ErrorMatches, "cannot change logging-config")
-	err = s.State.UpdateModelConfig(nil, removeAttrs, configValidator2)
-	c.Assert(err, gc.ErrorMatches, "cannot remove logging-config")
-	err = s.State.UpdateModelConfig(updateAttrs, nil, configValidator3)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
 func (s *StateSuite) insertFakeModelDocs(c *gc.C, st *state.State) string {
 	// insert one doc for each multiEnvCollection
 	var ops []mgotxn.Op
@@ -3000,51 +2495,6 @@
 
 type attrs map[string]interface{}
 
-func (s *StateSuite) TestWatchModelConfig(c *gc.C) {
-	w := s.State.WatchModelConfig()
-	defer statetesting.AssertStop(c, w)
-
-	// TODO(fwereade) just use a NotifyWatcher and NotifyWatcherC to test it.
-	assertNoChange := func() {
-		s.State.StartSync()
-		select {
-		case got := <-w.Changes():
-			c.Fatalf("got unexpected change: %#v", got)
-		case <-time.After(testing.ShortWait):
-		}
-	}
-	assertChange := func(change attrs) {
-		cfg, err := s.State.ModelConfig()
-		c.Assert(err, jc.ErrorIsNil)
-		cfg, err = cfg.Apply(change)
-		c.Assert(err, jc.ErrorIsNil)
-		if change != nil {
-			err = s.State.UpdateModelConfig(change, nil, nil)
-			c.Assert(err, jc.ErrorIsNil)
-		}
-		s.State.StartSync()
-		select {
-		case got, ok := <-w.Changes():
-			c.Assert(ok, jc.IsTrue)
-			c.Assert(got.AllAttrs(), gc.DeepEquals, cfg.AllAttrs())
-		case <-time.After(testing.LongWait):
-			c.Fatalf("did not get change: %#v", change)
-		}
-		assertNoChange()
-	}
-	assertChange(nil)
-	assertChange(attrs{"default-series": "another-series"})
-	assertChange(attrs{"fancy-new-key": "arbitrary-value"})
-}
-
-func (s *StateSuite) TestWatchModelConfigDiesOnStateClose(c *gc.C) {
-	testWatcherDiesWhenStateCloses(c, s.modelTag, func(c *gc.C, st *state.State) waiter {
-		w := st.WatchModelConfig()
-		<-w.Changes()
-		return w
-	})
-}
-
 func (s *StateSuite) TestWatchForModelConfigChanges(c *gc.C) {
 	cur := jujuversion.Current
 	err := statetesting.SetAgentVersion(s.State, cur)
@@ -3074,57 +2524,12 @@
 	wc.AssertNoChange()
 }
 
-func (s *StateSuite) TestWatchModelConfigCorruptConfig(c *gc.C) {
-	cfg, err := s.State.ModelConfig()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Corrupt the model configuration.
-	settings := s.Session.DB("juju").C("settings")
-	err = settings.UpdateId(state.DocID(s.State, "e"), bson.D{{"$unset", bson.D{{"settings.name", 1}}}})
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.State.StartSync()
-
-	// Start watching the configuration.
-	watcher := s.State.WatchModelConfig()
-	defer watcher.Stop()
-	done := make(chan *config.Config)
-	go func() {
-		select {
-		case cfg, ok := <-watcher.Changes():
-			if !ok {
-				c.Errorf("watcher channel closed")
-			} else {
-				done <- cfg
-			}
-		case <-time.After(5 * time.Second):
-			c.Fatalf("no model configuration observed")
-		}
-	}()
-
-	s.State.StartSync()
-
-	// The invalid configuration must not have been generated.
-	select {
-	case <-done:
-		c.Fatalf("configuration returned too soon")
-	case <-time.After(testing.ShortWait):
-	}
-
-	// Fix the configuration.
-	err = settings.UpdateId(state.DocID(s.State, "e"), bson.D{{"$set", bson.D{{"settings.name", "foo"}}}})
-	c.Assert(err, jc.ErrorIsNil)
-	fixed := cfg.AllAttrs()
-	err = s.State.UpdateModelConfig(fixed, nil, nil)
-	c.Assert(err, jc.ErrorIsNil)
+func (s *StateSuite) TestWatchForModelConfigControllerChanges(c *gc.C) {
+	w := s.State.WatchForModelConfigChanges()
+	defer statetesting.AssertStop(c, w)
 
-	s.State.StartSync()
-	select {
-	case got := <-done:
-		c.Assert(got.AllAttrs(), gc.DeepEquals, fixed)
-	case <-time.After(5 * time.Second):
-		c.Fatalf("no model configuration observed")
-	}
+	wc := statetesting.NewNotifyWatcherC(c, s.State, w)
+	wc.AssertOneChange()
 }
 
 func (s *StateSuite) TestAddAndGetEquivalence(c *gc.C) {
@@ -3148,7 +2553,7 @@
 	c.Assert(charm1, jc.DeepEquals, charm2)
 
 	wordpress1 := s.AddTestingService(c, "wordpress", charm1)
-	wordpress2, err := s.State.Service("wordpress")
+	wordpress2, err := s.State.Application("wordpress")
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(wordpress1, jc.DeepEquals, wordpress2)
 
@@ -3278,7 +2683,7 @@
 }, {
 	tag: names.NewMachineTag("0"),
 }, {
-	tag: names.NewServiceTag("ser-vice2"),
+	tag: names.NewApplicationTag("ser-vice2"),
 }, {
 	tag: names.NewRelationTag("wordpress:db ser-vice2:server"),
 }, {
@@ -3298,13 +2703,13 @@
 }}
 
 var entityTypes = map[string]interface{}{
-	names.UserTagKind:     (*state.User)(nil),
-	names.ModelTagKind:    (*state.Model)(nil),
-	names.ServiceTagKind:  (*state.Service)(nil),
-	names.UnitTagKind:     (*state.Unit)(nil),
-	names.MachineTagKind:  (*state.Machine)(nil),
-	names.RelationTagKind: (*state.Relation)(nil),
-	names.ActionTagKind:   (state.Action)(nil),
+	names.UserTagKind:        (*state.User)(nil),
+	names.ModelTagKind:       (*state.Model)(nil),
+	names.ApplicationTagKind: (*state.Application)(nil),
+	names.UnitTagKind:        (*state.Unit)(nil),
+	names.MachineTagKind:     (*state.Machine)(nil),
+	names.RelationTagKind:    (*state.Relation)(nil),
+	names.ActionTagKind:      (state.Action)(nil),
 }
 
 func (s *StateSuite) TestFindEntity(c *gc.C) {
@@ -3374,11 +2779,11 @@
 	c.Assert(id, gc.Equals, state.DocID(s.State, m.Id()))
 }
 
-func (s *StateSuite) TestParseServiceTag(c *gc.C) {
+func (s *StateSuite) TestParseApplicationTag(c *gc.C) {
 	svc := s.AddTestingService(c, "ser-vice2", s.AddTestingCharm(c, "dummy"))
 	coll, id, err := state.ConvertTagToCollectionNameAndId(s.State, svc.Tag())
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(coll, gc.Equals, "services")
+	c.Assert(coll, gc.Equals, "applications")
 	c.Assert(id, gc.Equals, state.DocID(s.State, svc.Name()))
 }
 
@@ -3561,7 +2966,7 @@
 	wc.AssertNoChange()
 
 	// Two actions: destroy a unit and increase minimum units for a service.
-	// A single change should occur, and the service name should appear only
+	// A single change should occur, and the application name should appear only
 	// one time in the change.
 	err = wordpress.SetMinUnits(5)
 	c.Assert(err, jc.ErrorIsNil)
@@ -3600,26 +3005,26 @@
 
 func (s *StateSuite) TestNestingLevel(c *gc.C) {
 	c.Assert(state.NestingLevel("0"), gc.Equals, 0)
-	c.Assert(state.NestingLevel("0/lxc/1"), gc.Equals, 1)
-	c.Assert(state.NestingLevel("0/lxc/1/kvm/0"), gc.Equals, 2)
+	c.Assert(state.NestingLevel("0/lxd/1"), gc.Equals, 1)
+	c.Assert(state.NestingLevel("0/lxd/1/kvm/0"), gc.Equals, 2)
 }
 
 func (s *StateSuite) TestTopParentId(c *gc.C) {
 	c.Assert(state.TopParentId("0"), gc.Equals, "0")
-	c.Assert(state.TopParentId("0/lxc/1"), gc.Equals, "0")
-	c.Assert(state.TopParentId("0/lxc/1/kvm/2"), gc.Equals, "0")
+	c.Assert(state.TopParentId("0/lxd/1"), gc.Equals, "0")
+	c.Assert(state.TopParentId("0/lxd/1/kvm/2"), gc.Equals, "0")
 }
 
 func (s *StateSuite) TestParentId(c *gc.C) {
 	c.Assert(state.ParentId("0"), gc.Equals, "")
-	c.Assert(state.ParentId("0/lxc/1"), gc.Equals, "0")
-	c.Assert(state.ParentId("0/lxc/1/kvm/0"), gc.Equals, "0/lxc/1")
+	c.Assert(state.ParentId("0/lxd/1"), gc.Equals, "0")
+	c.Assert(state.ParentId("0/lxd/1/kvm/0"), gc.Equals, "0/lxd/1")
 }
 
 func (s *StateSuite) TestContainerTypeFromId(c *gc.C) {
 	c.Assert(state.ContainerTypeFromId("0"), gc.Equals, instance.ContainerType(""))
-	c.Assert(state.ContainerTypeFromId("0/lxc/1"), gc.Equals, instance.LXC)
-	c.Assert(state.ContainerTypeFromId("0/lxc/1/kvm/0"), gc.Equals, instance.KVM)
+	c.Assert(state.ContainerTypeFromId("0/lxd/1"), gc.Equals, instance.LXD)
+	c.Assert(state.ContainerTypeFromId("0/lxd/1/kvm/0"), gc.Equals, instance.KVM)
 }
 
 func (s *StateSuite) TestIsUpgradeInProgressError(c *gc.C) {
@@ -3663,7 +3068,7 @@
 	// Add a service and 4 units: one with a different version, one
 	// with an empty version, one with the current version, and one
 	// with the new version.
-	service, err := s.State.AddService(state.AddServiceArgs{Name: "wordpress", Owner: s.Owner.String(), Charm: s.AddTestingCharm(c, "wordpress")})
+	service, err := s.State.AddApplication(state.AddApplicationArgs{Name: "wordpress", Charm: s.AddTestingCharm(c, "wordpress")})
 	c.Assert(err, jc.ErrorIsNil)
 	unit0, err := service.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
@@ -3713,7 +3118,7 @@
 	// Add a machine and a unit with the current version.
 	machine, err := st.AddMachine("series", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	service, err := st.AddService(state.AddServiceArgs{Name: "wordpress", Owner: s.Owner.String(), Charm: s.AddTestingCharm(c, "wordpress")})
+	service, err := st.AddApplication(state.AddApplicationArgs{Name: "wordpress", Charm: s.AddTestingCharm(c, "wordpress")})
 	c.Assert(err, jc.ErrorIsNil)
 	unit, err := service.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
@@ -3820,11 +3225,11 @@
 	assertAgentVersion(c, s.State, currentVersion)
 }
 
-func (s *StateSuite) TestSetEnvironAgentFailsIfUpgrading(c *gc.C) {
+func (s *StateSuite) TestSetModelAgentFailsIfUpgrading(c *gc.C) {
 	// Get the agent-version set in the model.
-	envConfig, err := s.State.ModelConfig()
+	modelConfig, err := s.State.ModelConfig()
 	c.Assert(err, jc.ErrorIsNil)
-	agentVersion, ok := envConfig.AgentVersion()
+	agentVersion, ok := modelConfig.AgentVersion()
 	c.Assert(ok, jc.IsTrue)
 
 	machine, err := s.State.AddMachine("series", state.JobManageModel)
@@ -3905,6 +3310,7 @@
 func (s *StateSuite) TestControllerInfo(c *gc.C) {
 	ids, err := s.State.ControllerInfo()
 	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(ids.CloudName, gc.Equals, "dummy")
 	c.Assert(ids.ModelTag, gc.Equals, s.modelTag)
 	c.Assert(ids.MachineIds, gc.HasLen, 0)
 	c.Assert(ids.VotingMachineIds, gc.HasLen, 0)
@@ -3913,21 +3319,10 @@
 	// controllers.
 }
 
-func (s *StateSuite) TestControllerInfoWithPreMigrationDoc(c *gc.C) {
-	err := s.controllers.Update(
-		nil,
-		bson.D{{"$unset", bson.D{{"model-uuid", 1}}}},
-	)
-	c.Assert(err, jc.ErrorIsNil)
-
-	ids, err := s.State.ControllerInfo()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ids.ModelTag, gc.Equals, s.modelTag)
-}
-
 func (s *StateSuite) TestReopenWithNoMachines(c *gc.C) {
 	expected := &state.ControllerInfo{
-		ModelTag: s.modelTag,
+		CloudName: "dummy",
+		ModelTag:  s.modelTag,
 	}
 	info, err := s.State.ControllerInfo()
 	c.Assert(err, jc.ErrorIsNil)
@@ -4660,21 +4055,57 @@
 
 var _ = gc.Suite(&SetAdminMongoPasswordSuite{})
 
+func setAdminPassword(c *gc.C, inst *gitjujutesting.MgoInstance, owner names.UserTag, password string) {
+	session, err := inst.Dial()
+	c.Assert(err, jc.ErrorIsNil)
+	defer session.Close()
+	err = mongo.SetAdminMongoPassword(session, owner.String(), password)
+	c.Assert(err, jc.ErrorIsNil)
+}
+
 func (s *SetAdminMongoPasswordSuite) TestSetAdminMongoPassword(c *gc.C) {
 	inst := &gitjujutesting.MgoInstance{EnableAuth: true}
 	err := inst.Start(testing.Certs)
 	c.Assert(err, jc.ErrorIsNil)
 	defer inst.DestroyWithLog()
 
+	// We need to make an admin user before we initialize the state
+	// because in Mongo3.2 the localhost exception no longer has
+	// permission to create indexes.
+	// https://docs.mongodb.com/manual/core/security-users/#localhost-exception
 	owner := names.NewLocalUserTag("initialize-admin")
-	mongoInfo := &mongo.MongoInfo{
+	password := "huggies"
+	setAdminPassword(c, inst, owner, password)
+
+	noAuthInfo := &mongo.MongoInfo{
 		Info: mongo.Info{
 			Addrs:  []string{inst.Addr()},
 			CACert: testing.CACert,
 		},
 	}
+	authInfo := &mongo.MongoInfo{
+		Info:     noAuthInfo.Info,
+		Tag:      owner,
+		Password: password,
+	}
 	cfg := testing.ModelConfig(c)
-	st, err := state.Initialize(owner, mongoInfo, cfg, mongotest.DialOpts(), nil)
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = cfg.UUID()
+	st, err := state.Initialize(state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			CloudName: "dummy",
+			Owner:     owner,
+			Config:    cfg,
+		},
+		CloudName: "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		MongoInfo:     authInfo,
+		MongoDialOpts: mongotest.DialOpts(),
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	defer st.Close()
 
@@ -4688,20 +4119,20 @@
 	err = st.MongoSession().DB("admin").Login("admin", "foo")
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = tryOpenState(st.ModelTag(), mongoInfo)
+	err = tryOpenState(st.ModelTag(), noAuthInfo)
 	c.Check(errors.Cause(err), jc.Satisfies, errors.IsUnauthorized)
 	// note: collections are set up in arbitrary order, proximate cause of
 	// failure may differ.
 	c.Check(err, gc.ErrorMatches, `[^:]+: unauthorized mongo access: .*`)
 
-	mongoInfo.Password = "foo"
-	err = tryOpenState(st.ModelTag(), mongoInfo)
-	c.Assert(err, jc.ErrorIsNil)
-
-	err = st.SetAdminMongoPassword("")
-	c.Assert(err, jc.ErrorIsNil)
+	passwordOnlyInfo := *noAuthInfo
+	passwordOnlyInfo.Password = "foo"
 
-	mongoInfo.Password = ""
-	err = tryOpenState(st.ModelTag(), mongoInfo)
+	// Under mongo 3.2 it's not possible to create collections and
+	// indexes with no user - the localhost exception only permits
+	// creating users. There were some checks for unsetting the
+	// password and then creating the state in an older version of
+	// this test, but they couldn't be made to work with 3.2.
+	err = tryOpenState(st.ModelTag(), &passwordOnlyInfo)
 	c.Assert(err, jc.ErrorIsNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_filesystem_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_filesystem_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_filesystem_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_filesystem_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package state_test
 
 import (
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -58,23 +60,42 @@
 }
 
 func (s *FilesystemStatusSuite) TestSetErrorStatusWithoutInfo(c *gc.C) {
-	err := s.filesystem.SetStatus(status.StatusError, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.filesystem.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "error" without info`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *FilesystemStatusSuite) TestSetUnknownStatus(c *gc.C) {
-	err := s.filesystem.SetStatus(status.Status("vliegkat"), "orville", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.Status("vliegkat"),
+		Message: "orville",
+		Since:   &now,
+	}
+	err := s.filesystem.SetStatus(sInfo)
 	c.Assert(err, gc.ErrorMatches, `cannot set invalid status "vliegkat"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *FilesystemStatusSuite) TestSetOverwritesData(c *gc.C) {
-	err := s.filesystem.SetStatus(status.StatusAttaching, "blah", map[string]interface{}{
-		"pew.pew": "zap",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAttaching,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"pew.pew": "zap",
+		},
+		Since: &now,
+	}
+	err := s.filesystem.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	s.checkGetSetStatus(c)
@@ -85,11 +106,18 @@
 }
 
 func (s *FilesystemStatusSuite) checkGetSetStatus(c *gc.C) {
-	err := s.filesystem.SetStatus(status.StatusAttaching, "blah", map[string]interface{}{
-		"$foo.bar.baz": map[string]interface{}{
-			"pew.pew": "zap",
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAttaching,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"$foo.bar.baz": map[string]interface{}{
+				"pew.pew": "zap",
+			},
 		},
-	})
+		Since: &now,
+	}
+	err := s.filesystem.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	filesystem, err := s.State.Filesystem(s.filesystem.FilesystemTag())
@@ -135,7 +163,13 @@
 func (s *FilesystemStatusSuite) TestGetSetStatusGone(c *gc.C) {
 	s.obliterateFilesystem(c, s.filesystem.FilesystemTag())
 
-	err := s.filesystem.SetStatus(status.StatusAttaching, "not really", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAttaching,
+		Message: "not really",
+		Since:   &now,
+	}
+	err := s.filesystem.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status: filesystem not found`)
 
 	statusInfo, err := s.filesystem.Status()
@@ -144,7 +178,13 @@
 }
 
 func (s *FilesystemStatusSuite) TestSetStatusPendingUnprovisioned(c *gc.C) {
-	err := s.filesystem.SetStatus(status.StatusPending, "still", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusPending,
+		Message: "still",
+		Since:   &now,
+	}
+	err := s.filesystem.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 }
 
@@ -153,6 +193,12 @@
 		FilesystemId: "fs-id",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.filesystem.SetStatus(status.StatusPending, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusPending,
+		Message: "",
+		Since:   &now,
+	}
+	err = s.filesystem.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "pending"`)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,6 +14,7 @@
 
 	"github.com/juju/juju/core/leadership"
 	"github.com/juju/juju/mongo"
+	"github.com/juju/juju/mongo/utils"
 	"github.com/juju/juju/status"
 )
 
@@ -45,31 +46,6 @@
 	return &t
 }
 
-// mapKeys returns a copy of the supplied map, with all nested map[string]interface{}
-// keys transformed by f. All other types are ignored.
-func mapKeys(f func(string) string, input map[string]interface{}) map[string]interface{} {
-	result := make(map[string]interface{})
-	for key, value := range input {
-		if submap, ok := value.(map[string]interface{}); ok {
-			value = mapKeys(f, submap)
-		}
-		result[f(key)] = value
-	}
-	return result
-}
-
-// escapeKeys is used to escape bad keys in StatusData. A statusDoc without
-// escaped keys is broken.
-func escapeKeys(input map[string]interface{}) map[string]interface{} {
-	return mapKeys(escapeReplacer.Replace, input)
-}
-
-// unescapeKeys is used to restore escaped keys from StatusData to their
-// original values.
-func unescapeKeys(input map[string]interface{}) map[string]interface{} {
-	return mapKeys(unescapeReplacer.Replace, input)
-}
-
 // getStatus retrieves the status document associated with the given
 // globalKey and converts it to a StatusInfo. If the status document
 // is not found, a NotFoundError referencing badge will be returned.
@@ -89,7 +65,7 @@
 	return status.StatusInfo{
 		Status:  doc.Status,
 		Message: doc.StatusInfo,
-		Data:    unescapeKeys(doc.StatusData),
+		Data:    utils.UnescapeKeys(doc.StatusData),
 		Since:   unixNanoToTime(doc.Updated),
 	}, nil
 }
@@ -117,23 +93,20 @@
 	// token, if present, must accept an *[]txn.Op passed to its Check method,
 	// and will prevent any change if it becomes invalid.
 	token leadership.Token
+
+	// udpated, the time the status was set.
+	updated *time.Time
 }
 
 // setStatus inteprets the supplied params as documented on the type.
 func setStatus(st *State, params setStatusParams) (err error) {
 	defer errors.DeferredAnnotatef(&err, "cannot set status")
 
-	// TODO(fwereade): this can/should probably be recording the time the
-	// status was *set*, not the time it happened to arrive in state.
-	// We should almost certainly be accepting StatusInfo in the exposed
-	// SetStatus methods, for symetry with the Status methods.
-	// TODO(fwereade): 2016-03-17 lp:1558657
-	now := time.Now().UnixNano()
 	doc := statusDoc{
 		Status:     params.status,
 		StatusInfo: params.message,
-		StatusData: escapeKeys(params.rawData),
-		Updated:    now,
+		StatusData: utils.EscapeKeys(params.rawData),
+		Updated:    params.updated.UnixNano(),
 	}
 	probablyUpdateStatusHistory(st, params.globalKey, doc)
 
@@ -219,13 +192,41 @@
 	}
 }
 
-func statusHistory(st *State, globalKey string, size int) ([]status.StatusInfo, error) {
-	statusHistory, closer := st.getCollection(statusesHistoryC)
+// statusHistoryArgs hold the arguments to call statusHistory.
+type statusHistoryArgs struct {
+	st        *State
+	globalKey string
+	filter    status.StatusHistoryFilter
+}
+
+func statusHistory(args *statusHistoryArgs) ([]status.StatusInfo, error) {
+	filter := args.filter
+	if err := args.filter.Validate(); err != nil {
+		return nil, errors.Annotate(err, "validating arguments")
+	}
+	statusHistory, closer := args.st.getCollection(statusesHistoryC)
 	defer closer()
 
-	var docs []historicalStatusDoc
-	query := statusHistory.Find(bson.D{{"globalkey", globalKey}})
-	err := query.Sort("-updated").Limit(size).All(&docs)
+	var (
+		docs  []historicalStatusDoc
+		query mongo.Query
+	)
+	baseQuery := bson.M{"globalkey": args.globalKey}
+	if filter.Delta != nil {
+		delta := *filter.Delta
+		// TODO(perrito666) 2016-05-02 lp:1558657
+		updated := time.Now().Add(-delta)
+		baseQuery = bson.M{"updated": bson.M{"$gt": updated.UnixNano()}, "globalkey": args.globalKey}
+	}
+	if filter.Date != nil {
+		baseQuery = bson.M{"updated": bson.M{"$gt": filter.Date.UnixNano()}, "globalkey": args.globalKey}
+	}
+	query = statusHistory.Find(baseQuery).Sort("-updated")
+	if filter.Size > 0 {
+		query = query.Limit(filter.Size)
+	}
+	err := query.All(&docs)
+
 	if err == mgo.ErrNotFound {
 		return []status.StatusInfo{}, errors.NotFoundf("status history")
 	} else if err != nil {
@@ -237,7 +238,7 @@
 		results[i] = status.StatusInfo{
 			Status:  doc.Status,
 			Message: doc.StatusInfo,
-			Data:    unescapeKeys(doc.StatusData),
+			Data:    utils.UnescapeKeys(doc.StatusData),
 			Since:   unixNanoToTime(doc.Updated),
 		}
 	}
@@ -245,68 +246,73 @@
 }
 
 // PruneStatusHistory removes status history entries until
-// only the maxLogsPerEntity newest records per unit remain.
-func PruneStatusHistory(st *State, maxLogsPerEntity int) error {
-	history, closer := st.getCollection(statusesHistoryC)
+// only logs newer than <maxLogTime> remain and also ensures
+// that the collection is smaller than <maxLogsMB> after the
+// deletion.
+func PruneStatusHistory(st *State, maxHistoryTime time.Duration, maxHistoryMB int) error {
+	if maxHistoryMB < 0 {
+		return errors.NotValidf("non-positive maxHistoryMB")
+	}
+	if maxHistoryTime < 0 {
+		return errors.NotValidf("non-positive maxHistoryTime")
+	}
+	if maxHistoryMB == 0 && maxHistoryTime == 0 {
+		return errors.NotValidf("backlog size and time constraints are both 0")
+	}
+	history, closer := st.getRawCollection(statusesHistoryC)
 	defer closer()
 
-	historyW := history.Writeable()
-
-	// TODO(fwereade): This is a very strange implementation.
-	//
-	// It goes to a lot of effort to keep a *different* span of history for
-	// each entity -- which effectively hides interaction history older than
-	// the recorded span of the most-frequently-updated object.
-	//
-	// It would be much less surprising -- and much more efficient -- to keep
-	// either a fixed total number of records, or a fixed total span of history,
-	// -- but either way we should be deleting only the oldest records at any
-	// given time.
-	globalKeys, err := getEntitiesWithStatuses(historyW)
-	if err != nil {
-		return errors.Trace(err)
-	}
-	for _, globalKey := range globalKeys {
-		keepUpTo, ok, err := getOldestTimeToKeep(historyW, globalKey, maxLogsPerEntity)
-		if err != nil {
-			return errors.Trace(err)
-		}
-		if !ok {
-			continue
-		}
-		_, err = historyW.RemoveAll(bson.D{
-			{"globalkey", globalKey},
-			{"updated", bson.M{"$lt": keepUpTo}},
+	// Status Record Age
+	// TODO(perrito666): 2016-04-26 lp:1558657
+	if maxHistoryTime > 0 {
+		t := time.Now().Add(-maxHistoryTime)
+		_, err := history.RemoveAll(bson.D{
+			{"updated", bson.M{"$lt": t.UnixNano()}},
 		})
 		if err != nil {
 			return errors.Trace(err)
 		}
 	}
-	return nil
-}
-
-// getOldestTimeToKeep returns the create time for the oldest
-// status log to be kept.
-func getOldestTimeToKeep(coll mongo.Collection, globalKey string, size int) (int64, bool, error) {
-	result := historicalStatusDoc{}
-	err := coll.Find(bson.D{{"globalkey", globalKey}}).Sort("-updated").Skip(size - 1).One(&result)
-	if err == mgo.ErrNotFound {
-		return -1, false, nil
+	if maxHistoryMB == 0 {
+		return nil
 	}
+	// Collection Size
+	collMB, err := getCollectionMB(history)
 	if err != nil {
-		return -1, false, errors.Trace(err)
+		return errors.Annotate(err, "retrieving status history collection size")
+	}
+	if collMB <= maxHistoryMB {
+		return nil
+	}
+	// TODO(perrito666) explore if there would be any beneffit from having the
+	// size limit be per model
+	count, err := history.Count()
+	if err == mgo.ErrNotFound || count <= 0 {
+		return nil
 	}
-	return result.Updated, true, nil
-
-}
-
-// getEntitiesWithStatuses returns the ids for all entities that
-// have history entries
-func getEntitiesWithStatuses(coll mongo.Collection) ([]string, error) {
-	var globalKeys []string
-	err := coll.Find(nil).Distinct("globalkey", &globalKeys)
 	if err != nil {
-		return nil, errors.Trace(err)
+		return errors.Annotate(err, "counting status history records")
+	}
+	// We are making the assumption that status sizes can be averaged for
+	// large numbers and we will get a reasonable approach on the size.
+	// Note: Capped collections are not used for this because they, currently
+	// at least, lack a way to be resized and the size is expected to change
+	// as real life data of the history usage is gathered.
+	sizePerStatus := float64(collMB) / float64(count)
+	if sizePerStatus == 0 {
+		return errors.New("unexpected result calculating status history entry size")
 	}
-	return globalKeys, nil
+	deleteStatuses := count - int(float64(collMB-maxHistoryMB)/sizePerStatus)
+	result := historicalStatusDoc{}
+	err = history.Find(nil).Sort("-updated").Skip(deleteStatuses).One(&result)
+	if err != nil {
+		return errors.Trace(err)
+	}
+	_, err = history.RemoveAll(bson.D{
+		{"updated", bson.M{"$lt": result.Updated}},
+	})
+	if err != nil {
+		return errors.Trace(err)
+	}
+	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_history_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_history_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_history_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_history_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,14 @@
 package state_test
 
 import (
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/state"
 	statetesting "github.com/juju/juju/state/testing"
+	"github.com/juju/juju/status"
 	"github.com/juju/juju/testing/factory"
 )
 
@@ -18,7 +21,30 @@
 
 var _ = gc.Suite(&StatusHistorySuite{})
 
-func (s *StatusHistorySuite) TestPruneStatusHistory(c *gc.C) {
+func (s *StatusHistorySuite) TestPruneStatusHistoryBySize(c *gc.C) {
+	service := s.Factory.MakeApplication(c, nil)
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: service})
+	primeUnitStatusHistory(c, unit, 20000, 0)
+
+	history, err := unit.StatusHistory(status.StatusHistoryFilter{Size: 25000})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Logf("%d\n", len(history))
+	c.Assert(history, gc.HasLen, 20001)
+
+	err = state.PruneStatusHistory(s.State, 0, 1)
+	c.Assert(err, jc.ErrorIsNil)
+
+	history, err = unit.StatusHistory(status.StatusHistoryFilter{Size: 25000})
+	c.Assert(err, jc.ErrorIsNil)
+	historyLen := len(history)
+	// When writing this test, the size was 6670 for about 0,00015 MB per entry
+	// but that is a size that can most likely change so I wont risk a flaky test
+	// here, enough to say that if this size suddenly is no longer less than
+	// half its good reason for suspicion.
+	c.Assert(historyLen, jc.LessThan, 10000)
+}
+
+func (s *StatusHistorySuite) TestPruneStatusHistoryByDate(c *gc.C) {
 
 	// NOTE: the behaviour is bad, and the test is ugly. I'm just verifying
 	// the existing logic here.
@@ -32,63 +58,167 @@
 	const count = 3
 	units := make([]*state.Unit, count)
 	agents := make([]*state.UnitAgent, count)
-	service := s.Factory.MakeService(c, nil)
+	service := s.Factory.MakeApplication(c, nil)
 	for i := 0; i < count; i++ {
-		units[i] = s.Factory.MakeUnit(c, &factory.UnitParams{Service: service})
+		units[i] = s.Factory.MakeUnit(c, &factory.UnitParams{Application: service})
 		agents[i] = units[i].Agent()
 	}
 
-	primeUnitStatusHistory(c, units[0], 10)
-	primeUnitStatusHistory(c, units[1], 50)
-	primeUnitStatusHistory(c, units[2], 100)
-	primeUnitAgentStatusHistory(c, agents[0], 100)
-	primeUnitAgentStatusHistory(c, agents[1], 50)
-	primeUnitAgentStatusHistory(c, agents[2], 10)
+	primeUnitStatusHistory(c, units[0], 10, 0)
+	primeUnitStatusHistory(c, units[0], 10, 24*time.Hour)
+	primeUnitStatusHistory(c, units[1], 50, 0)
+	primeUnitStatusHistory(c, units[1], 50, 24*time.Hour)
+	primeUnitStatusHistory(c, units[2], 100, 0)
+	primeUnitStatusHistory(c, units[2], 100, 24*time.Hour)
+	primeUnitAgentStatusHistory(c, agents[0], 100, 0)
+	primeUnitAgentStatusHistory(c, agents[0], 100, 24*time.Hour)
+	primeUnitAgentStatusHistory(c, agents[1], 50, 0)
+	primeUnitAgentStatusHistory(c, agents[1], 50, 24*time.Hour)
+	primeUnitAgentStatusHistory(c, agents[2], 10, 0)
+	primeUnitAgentStatusHistory(c, agents[2], 10, 24*time.Hour)
 
-	err := state.PruneStatusHistory(s.State, 30)
+	history, err := units[0].StatusHistory(status.StatusHistoryFilter{Size: 50})
 	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 21)
+	checkInitialWorkloadStatus(c, history[10])
+	for i, statusInfo := range history[:10] {
+		checkPrimedUnitStatus(c, statusInfo, 9-i, 0)
+	}
+	for i, statusInfo := range history[11:20] {
+		checkPrimedUnitStatus(c, statusInfo, 9-i, 24*time.Hour)
+	}
 
-	history, err := units[0].StatusHistory(50)
+	err = state.PruneStatusHistory(s.State, 10*time.Hour, 1024)
+	c.Assert(err, jc.ErrorIsNil)
+
+	history, err = units[0].StatusHistory(status.StatusHistoryFilter{Size: 50})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(history, gc.HasLen, 11)
 	checkInitialWorkloadStatus(c, history[10])
 	for i, statusInfo := range history[:10] {
-		checkPrimedUnitStatus(c, statusInfo, 9-i)
+		checkPrimedUnitStatus(c, statusInfo, 9-i, 0)
 	}
 
-	history, err = units[1].StatusHistory(50)
+	history, err = units[1].StatusHistory(status.StatusHistoryFilter{Size: 100})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(history, gc.HasLen, 30)
-	for i, statusInfo := range history {
-		checkPrimedUnitStatus(c, statusInfo, 49-i)
+	c.Assert(history, gc.HasLen, 51)
+	for i, statusInfo := range history[:50] {
+		checkPrimedUnitStatus(c, statusInfo, 49-i, 0)
 	}
 
-	history, err = units[2].StatusHistory(50)
+	history, err = units[2].StatusHistory(status.StatusHistoryFilter{Size: 200})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(history, gc.HasLen, 30)
-	for i, statusInfo := range history {
-		checkPrimedUnitStatus(c, statusInfo, 99-i)
+	c.Assert(history, gc.HasLen, 101)
+	for i, statusInfo := range history[:100] {
+		checkPrimedUnitStatus(c, statusInfo, 99-i, 0)
 	}
 
-	history, err = agents[0].StatusHistory(50)
+	history, err = agents[0].StatusHistory(status.StatusHistoryFilter{Size: 200})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(history, gc.HasLen, 30)
-	for i, statusInfo := range history {
-		checkPrimedUnitAgentStatus(c, statusInfo, 99-i)
+	c.Assert(history, gc.HasLen, 101)
+	for i, statusInfo := range history[:100] {
+		checkPrimedUnitAgentStatus(c, statusInfo, 99-i, 0)
 	}
 
-	history, err = agents[1].StatusHistory(50)
+	history, err = agents[1].StatusHistory(status.StatusHistoryFilter{Size: 100})
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(history, gc.HasLen, 30)
-	for i, statusInfo := range history {
-		checkPrimedUnitAgentStatus(c, statusInfo, 49-i)
+	c.Assert(history, gc.HasLen, 51)
+	for i, statusInfo := range history[:50] {
+		checkPrimedUnitAgentStatus(c, statusInfo, 49-i, 0)
 	}
 
-	history, err = agents[2].StatusHistory(50)
+	history, err = agents[2].StatusHistory(status.StatusHistoryFilter{Size: 50})
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(history, gc.HasLen, 11)
 	checkInitialUnitAgentStatus(c, history[10])
 	for i, statusInfo := range history[:10] {
-		checkPrimedUnitAgentStatus(c, statusInfo, 9-i)
+		checkPrimedUnitAgentStatus(c, statusInfo, 9-i, 0)
 	}
 }
+
+func (s *StatusHistorySuite) TestStatusHistoryFiltersByDateAndDelta(c *gc.C) {
+	// TODO(perrito666) setup should be extracted into a fixture and the
+	// 6 or 7 test cases each get their own method.
+	service := s.Factory.MakeApplication(c, nil)
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: service})
+
+	twoDaysBack := time.Hour * 48
+	threeDaysBack := time.Hour * 72
+	now := time.Now()
+	twoDaysAgo := now.Add(-twoDaysBack)
+	threeDaysAgo := now.Add(-threeDaysBack)
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "current status",
+		Since:   &now,
+	}
+	err := unit.SetStatus(sInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "2 days ago",
+		Since:   &twoDaysAgo,
+	}
+	unit.SetStatus(sInfo)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "3 days ago",
+		Since:   &threeDaysAgo,
+	}
+	unit.SetStatus(sInfo)
+	history, err := unit.StatusHistory(status.StatusHistoryFilter{Size: 50})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 4)
+	c.Assert(history[0].Message, gc.Equals, "current status")
+	c.Assert(history[1].Message, gc.Equals, "Waiting for agent initialization to finish")
+	c.Assert(history[2].Message, gc.Equals, "2 days ago")
+	c.Assert(history[3].Message, gc.Equals, "3 days ago")
+	now = now.Add(10 * time.Second) // lets add some padding to prevent races here.
+
+	// logs up to one day back, using delta.
+	oneDayBack := time.Hour * 24
+	history, err = unit.StatusHistory(status.StatusHistoryFilter{Delta: &oneDayBack})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 2)
+	c.Assert(history[0].Message, gc.Equals, "current status")
+	c.Assert(history[1].Message, gc.Equals, "Waiting for agent initialization to finish")
+
+	// logs up to one day back, using date.
+	yesterday := now.Add(-(time.Hour * 24))
+	history, err = unit.StatusHistory(status.StatusHistoryFilter{Date: &yesterday})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 2)
+	c.Assert(history[0].Message, gc.Equals, "current status")
+	c.Assert(history[1].Message, gc.Equals, "Waiting for agent initialization to finish")
+
+	// Logs up to two days ago, using delta.
+	history, err = unit.StatusHistory(status.StatusHistoryFilter{Delta: &twoDaysBack})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 2)
+	c.Assert(history[0].Message, gc.Equals, "current status")
+	c.Assert(history[1].Message, gc.Equals, "Waiting for agent initialization to finish")
+
+	// Logs up to two days ago, using date.
+
+	history, err = unit.StatusHistory(status.StatusHistoryFilter{Date: &twoDaysAgo})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 2)
+	c.Assert(history[0].Message, gc.Equals, "current status")
+	c.Assert(history[1].Message, gc.Equals, "Waiting for agent initialization to finish")
+
+	// Logs up to three days ago, using delta.
+	history, err = unit.StatusHistory(status.StatusHistoryFilter{Delta: &threeDaysBack})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 3)
+	c.Assert(history[0].Message, gc.Equals, "current status")
+	c.Assert(history[1].Message, gc.Equals, "Waiting for agent initialization to finish")
+	c.Assert(history[2].Message, gc.Equals, "2 days ago")
+
+	// Logs up to three days ago, using date.
+	history, err = unit.StatusHistory(status.StatusHistoryFilter{Date: &threeDaysAgo})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(history, gc.HasLen, 3)
+	c.Assert(history[0].Message, gc.Equals, "current status")
+	c.Assert(history[1].Message, gc.Equals, "Waiting for agent initialization to finish")
+	c.Assert(history[2].Message, gc.Equals, "2 days ago")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package state_test
 
 import (
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -37,30 +39,55 @@
 }
 
 func (s *MachineStatusSuite) TestSetErrorStatusWithoutInfo(c *gc.C) {
-	err := s.machine.SetStatus(status.StatusError, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.machine.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "error" without info`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *MachineStatusSuite) TestSetDownStatus(c *gc.C) {
-	err := s.machine.SetStatus(status.StatusDown, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusDown,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.machine.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "down"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *MachineStatusSuite) TestSetUnknownStatus(c *gc.C) {
-	err := s.machine.SetStatus(status.Status("vliegkat"), "orville", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.Status("vliegkat"),
+		Message: "orville",
+		Since:   &now,
+	}
+	err := s.machine.SetStatus(sInfo)
 	c.Assert(err, gc.ErrorMatches, `cannot set invalid status "vliegkat"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *MachineStatusSuite) TestSetOverwritesData(c *gc.C) {
-	err := s.machine.SetStatus(status.StatusStarted, "blah", map[string]interface{}{
-		"pew.pew": "zap",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"pew.pew": "zap",
+		},
+		Since: &now,
+	}
+	err := s.machine.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	s.checkGetSetStatus(c)
@@ -71,11 +98,18 @@
 }
 
 func (s *MachineStatusSuite) checkGetSetStatus(c *gc.C) {
-	err := s.machine.SetStatus(status.StatusStarted, "blah", map[string]interface{}{
-		"$foo.bar.baz": map[string]interface{}{
-			"pew.pew": "zap",
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"$foo.bar.baz": map[string]interface{}{
+				"pew.pew": "zap",
+			},
 		},
-	})
+		Since: &now,
+	}
+	err := s.machine.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	machine, err := s.State.Machine(s.machine.Id())
@@ -116,7 +150,13 @@
 	err = s.machine.Remove()
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = s.machine.SetStatus(status.StatusStarted, "not really", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusStarted,
+		Message: "not really",
+		Since:   &now,
+	}
+	err = s.machine.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status: machine not found`)
 
 	statusInfo, err := s.machine.Status()
@@ -125,13 +165,25 @@
 }
 
 func (s *MachineStatusSuite) TestSetStatusPendingProvisioned(c *gc.C) {
-	err := s.machine.SetStatus(status.StatusPending, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusPending,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.machine.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "pending"`)
 }
 
 func (s *MachineStatusSuite) TestSetStatusPendingUnprovisioned(c *gc.C) {
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
 	c.Assert(err, jc.ErrorIsNil)
-	err = machine.SetStatus(status.StatusPending, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusPending,
+		Message: "",
+		Since:   &now,
+	}
+	err = machine.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_model_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_model_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_model_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_model_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package state_test
 
 import (
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -51,16 +53,29 @@
 }
 
 func (s *ModelStatusSuite) TestSetUnknownStatus(c *gc.C) {
-	err := s.model.SetStatus(status.Status("vliegkat"), "orville", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.Status("vliegkat"),
+		Message: "orville",
+		Since:   &now,
+	}
+	err := s.model.SetStatus(sInfo)
 	c.Assert(err, gc.ErrorMatches, `cannot set invalid status "vliegkat"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *ModelStatusSuite) TestSetOverwritesData(c *gc.C) {
-	err := s.model.SetStatus(status.StatusAvailable, "blah", map[string]interface{}{
-		"pew.pew": "zap",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAvailable,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"pew.pew": "zap",
+		},
+		Since: &now,
+	}
+	err := s.model.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	s.checkGetSetStatus(c)
@@ -94,7 +109,13 @@
 	err = s.st.RemoveAllModelDocs()
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = s.model.SetStatus(status.StatusAvailable, "not really", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAvailable,
+		Message: "not really",
+		Since:   &now,
+	}
+	err = s.model.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status: model not found`)
 
 	_, err = s.model.Status()
@@ -102,11 +123,17 @@
 }
 
 func (s *ModelStatusSuite) checkGetSetStatus(c *gc.C) {
-	err := s.model.SetStatus(status.StatusAvailable, "blah", map[string]interface{}{
-		"$foo.bar.baz": map[string]interface{}{
-			"pew.pew": "zap",
-		},
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAvailable,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"$foo.bar.baz": map[string]interface{}{
+				"pew.pew": "zap",
+			}},
+		Since: &now,
+	}
+	err := s.model.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	model, err := s.State.GetModel(s.model.ModelTag())
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_service_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,14 +15,14 @@
 
 type ServiceStatusSuite struct {
 	ConnSuite
-	service *state.Service
+	service *state.Application
 }
 
 var _ = gc.Suite(&ServiceStatusSuite{})
 
 func (s *ServiceStatusSuite) SetUpTest(c *gc.C) {
 	s.ConnSuite.SetUpTest(c)
-	s.service = s.Factory.MakeService(c, nil)
+	s.service = s.Factory.MakeApplication(c, nil)
 }
 
 func (s *ServiceStatusSuite) TestInitialStatus(c *gc.C) {
@@ -36,16 +36,29 @@
 }
 
 func (s *ServiceStatusSuite) TestSetUnknownStatus(c *gc.C) {
-	err := s.service.SetStatus(status.Status("vliegkat"), "orville", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.Status("vliegkat"),
+		Message: "orville",
+		Since:   &now,
+	}
+	err := s.service.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set invalid status "vliegkat"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *ServiceStatusSuite) TestSetOverwritesData(c *gc.C) {
-	err := s.service.SetStatus(status.StatusActive, "healthy", map[string]interface{}{
-		"pew.pew": "zap",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "healthy",
+		Data: map[string]interface{}{
+			"pew.pew": "zap",
+		},
+		Since: &now,
+	}
+	err := s.service.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	s.checkGetSetStatus(c)
@@ -56,14 +69,21 @@
 }
 
 func (s *ServiceStatusSuite) checkGetSetStatus(c *gc.C) {
-	err := s.service.SetStatus(status.StatusActive, "healthy", map[string]interface{}{
-		"$ping": map[string]interface{}{
-			"foo.bar": 123,
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "healthy",
+		Data: map[string]interface{}{
+			"$ping": map[string]interface{}{
+				"foo.bar": 123,
+			},
 		},
-	})
+		Since: &now,
+	}
+	err := s.service.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
-	service, err := s.State.Service(s.service.Name())
+	service, err := s.State.Application(s.service.Name())
 	c.Assert(err, jc.ErrorIsNil)
 
 	statusInfo, err := service.Status()
@@ -91,18 +111,28 @@
 	err := s.service.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = s.service.SetStatus(status.StatusActive, "not really", nil)
-	c.Check(err, gc.ErrorMatches, `cannot set status: service not found`)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "not really",
+		Since:   &now,
+	}
+	err = s.service.SetStatus(sInfo)
+	c.Check(err, gc.ErrorMatches, `cannot set status: application not found`)
 
 	statusInfo, err := s.service.Status()
-	c.Check(err, gc.ErrorMatches, `cannot get status: service not found`)
+	c.Check(err, gc.ErrorMatches, `cannot get status: application not found`)
 	c.Check(statusInfo, gc.DeepEquals, status.StatusInfo{})
 }
 
 func (s *ServiceStatusSuite) TestSetStatusSince(c *gc.C) {
 	now := time.Now()
-
-	err := s.service.SetStatus(status.StatusMaintenance, "", nil)
+	sInfo := status.StatusInfo{
+		Status:  status.StatusMaintenance,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.service.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	statusInfo, err := s.service.Status()
 	c.Assert(err, jc.ErrorIsNil)
@@ -111,7 +141,13 @@
 	c.Assert(timeBeforeOrEqual(now, *firstTime), jc.IsTrue)
 
 	// Setting the same status a second time also updates the timestamp.
-	err = s.service.SetStatus(status.StatusMaintenance, "", nil)
+	now = now.Add(1 * time.Second)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusMaintenance,
+		Message: "",
+		Since:   &now,
+	}
+	err = s.service.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	statusInfo, err = s.service.Status()
 	c.Assert(err, jc.ErrorIsNil)
@@ -124,10 +160,16 @@
 	// place.
 
 	// Create a unit with each possible status.
-	addUnit := func(status status.Status) *state.Unit {
+	addUnit := func(unitStatus status.Status) *state.Unit {
 		unit, err := s.service.AddUnit()
 		c.Assert(err, gc.IsNil)
-		err = unit.SetStatus(status, "blam", nil)
+		now := time.Now()
+		sInfo := status.StatusInfo{
+			Status:  unitStatus,
+			Message: "blam",
+			Since:   &now,
+		}
+		err = unit.SetStatus(sInfo)
 		c.Assert(err, gc.IsNil)
 		return unit
 	}
@@ -141,7 +183,13 @@
 	// ...and create one with error status by setting it on the agent :-/.
 	errorUnit, err := s.service.AddUnit()
 	c.Assert(err, gc.IsNil)
-	err = errorUnit.Agent().SetStatus(status.StatusError, "blam", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "blam",
+		Since:   &now,
+	}
+	err = errorUnit.Agent().SetStatus(sInfo)
 	c.Assert(err, gc.IsNil)
 
 	// For each status, in order of severity, check the service status is
@@ -171,9 +219,20 @@
 func (s *ServiceStatusSuite) TestServiceStatusOverridesDerivedStatus(c *gc.C) {
 	unit, err := s.service.AddUnit()
 	c.Assert(err, gc.IsNil)
-	err = unit.SetStatus(status.StatusBlocked, "pow", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusBlocked,
+		Message: "pow",
+		Since:   &now,
+	}
+	err = unit.SetStatus(sInfo)
 	c.Assert(err, gc.IsNil)
-	err = s.service.SetStatus(status.StatusMaintenance, "zot", nil)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusMaintenance,
+		Message: "zot",
+		Since:   &now,
+	}
+	err = s.service.SetStatus(sInfo)
 	c.Assert(err, gc.IsNil)
 
 	info, err := s.service.Status()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_unitagent_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_unitagent_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_unitagent_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_unitagent_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -38,23 +38,42 @@
 }
 
 func (s *StatusUnitAgentSuite) TestSetUnknownStatus(c *gc.C) {
-	err := s.agent.SetStatus(status.Status("vliegkat"), "orville", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.Status("vliegkat"),
+		Message: "orville",
+		Since:   &now,
+	}
+	err := s.agent.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set invalid status "vliegkat"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *StatusUnitAgentSuite) TestSetErrorStatusWithoutInfo(c *gc.C) {
-	err := s.agent.SetStatus(status.StatusError, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.agent.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "error" without info`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *StatusUnitAgentSuite) TestSetOverwritesData(c *gc.C) {
-	err := s.agent.SetStatus(status.StatusIdle, "something", map[string]interface{}{
-		"pew.pew": "zap",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "something",
+		Data: map[string]interface{}{
+			"pew.pew": "zap",
+		},
+		Since: &now,
+	}
+	err := s.agent.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	s.checkGetSetStatus(c)
@@ -65,13 +84,20 @@
 }
 
 func (s *StatusUnitAgentSuite) checkGetSetStatus(c *gc.C) {
-	err := s.agent.SetStatus(status.StatusIdle, "something", map[string]interface{}{
-		"$foo":    "bar",
-		"baz.qux": "ping",
-		"pong": map[string]interface{}{
-			"$unset": "txn-revno",
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "something",
+		Data: map[string]interface{}{
+			"$foo":    "bar",
+			"baz.qux": "ping",
+			"pong": map[string]interface{}{
+				"$unset": "txn-revno",
+			},
 		},
-	})
+		Since: &now,
+	}
+	err := s.agent.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	unit, err := s.State.Unit(s.unit.Name())
@@ -117,7 +143,13 @@
 	err := s.unit.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = s.agent.SetStatus(status.StatusIdle, "not really", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "not really",
+		Since:   &now,
+	}
+	err = s.agent.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status: agent not found`)
 
 	statusInfo, err := s.agent.Status()
@@ -126,9 +158,16 @@
 }
 
 func (s *StatusUnitAgentSuite) TestGetSetErrorStatus(c *gc.C) {
-	err := s.agent.SetStatus(status.StatusError, "test-hook failed", map[string]interface{}{
-		"foo": "bar",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "test-hook failed",
+		Data: map[string]interface{}{
+			"foo": "bar",
+		},
+		Since: &now,
+	}
+	err := s.agent.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Agent error is reported as unit error.
@@ -154,7 +193,12 @@
 
 func (s *StatusUnitAgentSuite) TestSetAgentStatusSince(c *gc.C) {
 	now := time.Now()
-	err := s.agent.SetStatus(status.StatusIdle, "", nil)
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.agent.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	statusInfo, err := s.agent.Status()
 	c.Assert(err, jc.ErrorIsNil)
@@ -163,7 +207,13 @@
 	c.Assert(timeBeforeOrEqual(now, *firstTime), jc.IsTrue)
 
 	// Setting the same status a second time also updates the timestamp.
-	err = s.agent.SetStatus(status.StatusIdle, "", nil)
+	now = now.Add(1 * time.Second)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = s.agent.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	statusInfo, err = s.agent.Status()
 	c.Assert(err, jc.ErrorIsNil)
@@ -171,7 +221,7 @@
 }
 
 func (s *StatusUnitAgentSuite) TestStatusHistoryInitial(c *gc.C) {
-	history, err := s.agent.StatusHistory(1)
+	history, err := s.agent.StatusHistory(status.StatusHistoryFilter{Size: 1})
 	c.Check(err, jc.ErrorIsNil)
 	c.Assert(history, gc.HasLen, 1)
 
@@ -179,26 +229,26 @@
 }
 
 func (s *StatusUnitAgentSuite) TestStatusHistoryShort(c *gc.C) {
-	primeUnitAgentStatusHistory(c, s.agent, 5)
+	primeUnitAgentStatusHistory(c, s.agent, 5, 0)
 
-	history, err := s.agent.StatusHistory(10)
+	history, err := s.agent.StatusHistory(status.StatusHistoryFilter{Size: 10})
 	c.Check(err, jc.ErrorIsNil)
 	c.Assert(history, gc.HasLen, 6)
 
 	checkInitialUnitAgentStatus(c, history[5])
 	history = history[:5]
 	for i, statusInfo := range history {
-		checkPrimedUnitAgentStatus(c, statusInfo, 4-i)
+		checkPrimedUnitAgentStatus(c, statusInfo, 4-i, 0)
 	}
 }
 
 func (s *StatusUnitAgentSuite) TestStatusHistoryLong(c *gc.C) {
-	primeUnitAgentStatusHistory(c, s.agent, 25)
+	primeUnitAgentStatusHistory(c, s.agent, 25, 0)
 
-	history, err := s.agent.StatusHistory(15)
+	history, err := s.agent.StatusHistory(status.StatusHistoryFilter{Size: 15})
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(history, gc.HasLen, 15)
 	for i, statusInfo := range history {
-		checkPrimedUnitAgentStatus(c, statusInfo, 24-i)
+		checkPrimedUnitAgentStatus(c, statusInfo, 24-i, 0)
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,16 +36,29 @@
 }
 
 func (s *UnitStatusSuite) TestSetUnknownStatus(c *gc.C) {
-	err := s.unit.SetStatus(status.Status("vliegkat"), "orville", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.Status("vliegkat"),
+		Message: "orville",
+		Since:   &now,
+	}
+	err := s.unit.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set invalid status "vliegkat"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *UnitStatusSuite) TestSetOverwritesData(c *gc.C) {
-	err := s.unit.SetStatus(status.StatusActive, "healthy", map[string]interface{}{
-		"pew.pew": "zap",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "healthy",
+		Data: map[string]interface{}{
+			"pew.pew": "zap",
+		},
+		Since: &now,
+	}
+	err := s.unit.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	s.checkGetSetStatus(c)
@@ -56,11 +69,17 @@
 }
 
 func (s *UnitStatusSuite) checkGetSetStatus(c *gc.C) {
-	err := s.unit.SetStatus(status.StatusActive, "healthy", map[string]interface{}{
-		"$ping": map[string]interface{}{
-			"foo.bar": 123,
-		},
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "healthy",
+		Data: map[string]interface{}{
+			"$ping": map[string]interface{}{
+				"foo.bar": 123,
+			}},
+		Since: &now,
+	}
+	err := s.unit.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	unit, err := s.State.Unit(s.unit.Name())
@@ -103,7 +122,13 @@
 	err := s.unit.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = s.unit.SetStatus(status.StatusActive, "not really", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "not really",
+		Since:   &now,
+	}
+	err = s.unit.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status: unit not found`)
 
 	statusInfo, err := s.unit.Status()
@@ -113,7 +138,12 @@
 
 func (s *UnitStatusSuite) TestSetUnitStatusSince(c *gc.C) {
 	now := time.Now()
-	err := s.unit.SetStatus(status.StatusMaintenance, "", nil)
+	sInfo := status.StatusInfo{
+		Status:  status.StatusMaintenance,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.unit.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	statusInfo, err := s.unit.Status()
 	c.Assert(err, jc.ErrorIsNil)
@@ -122,7 +152,13 @@
 	c.Assert(timeBeforeOrEqual(now, *firstTime), jc.IsTrue)
 
 	// Setting the same status a second time also updates the timestamp.
-	err = s.unit.SetStatus(status.StatusMaintenance, "", nil)
+	now = now.Add(1 * time.Second)
+	sInfo = status.StatusInfo{
+		Status:  status.StatusMaintenance,
+		Message: "",
+		Since:   &now,
+	}
+	err = s.unit.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	statusInfo, err = s.unit.Status()
 	c.Assert(err, jc.ErrorIsNil)
@@ -130,7 +166,7 @@
 }
 
 func (s *UnitStatusSuite) TestStatusHistoryInitial(c *gc.C) {
-	history, err := s.unit.StatusHistory(1)
+	history, err := s.unit.StatusHistory(status.StatusHistoryFilter{Size: 1})
 	c.Check(err, jc.ErrorIsNil)
 	c.Assert(history, gc.HasLen, 1)
 
@@ -138,26 +174,26 @@
 }
 
 func (s *UnitStatusSuite) TestStatusHistoryShort(c *gc.C) {
-	primeUnitStatusHistory(c, s.unit, 5)
+	primeUnitStatusHistory(c, s.unit, 5, 0)
 
-	history, err := s.unit.StatusHistory(10)
+	history, err := s.unit.StatusHistory(status.StatusHistoryFilter{Size: 10})
 	c.Check(err, jc.ErrorIsNil)
 	c.Assert(history, gc.HasLen, 6)
 
 	checkInitialWorkloadStatus(c, history[5])
 	history = history[:5]
 	for i, statusInfo := range history {
-		checkPrimedUnitStatus(c, statusInfo, 4-i)
+		checkPrimedUnitStatus(c, statusInfo, 4-i, 0)
 	}
 }
 
 func (s *UnitStatusSuite) TestStatusHistoryLong(c *gc.C) {
-	primeUnitStatusHistory(c, s.unit, 25)
+	primeUnitStatusHistory(c, s.unit, 25, 0)
 
-	history, err := s.unit.StatusHistory(15)
+	history, err := s.unit.StatusHistory(status.StatusHistoryFilter{Size: 15})
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(history, gc.HasLen, 15)
 	for i, statusInfo := range history {
-		checkPrimedUnitStatus(c, statusInfo, 24-i)
+		checkPrimedUnitStatus(c, statusInfo, 24-i, 0)
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,15 +17,23 @@
 type statusHistoryFunc func(int) ([]status.StatusInfo, error)
 
 type statusSetter interface {
-	SetStatus(status.Status, string, map[string]interface{}) error
+	SetStatus(status.StatusInfo) error
 }
 
-func primeStatusHistory(c *gc.C, entity statusSetter, statusVal status.Status, count int, nextData func(int) map[string]interface{}) {
+func primeStatusHistory(c *gc.C, entity statusSetter, statusVal status.Status, count int, nextData func(int) map[string]interface{}, delta time.Duration) {
 	info := ""
+	now := time.Now().Add(-delta)
 	for i := 0; i < count; i++ {
 		c.Logf("setting status for %v", entity)
 		data := nextData(i)
-		err := entity.SetStatus(statusVal, info, data)
+		t := now.Add(time.Duration(i) * time.Second)
+		s := status.StatusInfo{
+			Status:  statusVal,
+			Message: info,
+			Data:    data,
+			Since:   &t,
+		}
+		err := entity.SetStatus(s)
 		c.Assert(err, jc.ErrorIsNil)
 		if runtime.GOOS == "windows" {
 			// The default clock tick on Windows is 15.6 ms.
@@ -41,16 +49,16 @@
 	c.Check(statusInfo.Since, gc.NotNil)
 }
 
-func primeUnitStatusHistory(c *gc.C, unit *state.Unit, count int) {
+func primeUnitStatusHistory(c *gc.C, unit *state.Unit, count int, delta time.Duration) {
 	primeStatusHistory(c, unit, status.StatusActive, count, func(i int) map[string]interface{} {
-		return map[string]interface{}{"$foo": i}
-	})
+		return map[string]interface{}{"$foo": i, "$delta": delta}
+	}, delta)
 }
 
-func checkPrimedUnitStatus(c *gc.C, statusInfo status.StatusInfo, expect int) {
+func checkPrimedUnitStatus(c *gc.C, statusInfo status.StatusInfo, expect int, expectDelta time.Duration) {
 	c.Check(statusInfo.Status, gc.Equals, status.StatusActive)
 	c.Check(statusInfo.Message, gc.Equals, "")
-	c.Check(statusInfo.Data, jc.DeepEquals, map[string]interface{}{"$foo": expect})
+	c.Check(statusInfo.Data, jc.DeepEquals, map[string]interface{}{"$foo": expect, "$delta": int64(expectDelta)})
 	c.Check(statusInfo.Since, gc.NotNil)
 }
 
@@ -61,15 +69,15 @@
 	c.Assert(statusInfo.Since, gc.NotNil)
 }
 
-func primeUnitAgentStatusHistory(c *gc.C, agent *state.UnitAgent, count int) {
+func primeUnitAgentStatusHistory(c *gc.C, agent *state.UnitAgent, count int, delta time.Duration) {
 	primeStatusHistory(c, agent, status.StatusExecuting, count, func(i int) map[string]interface{} {
-		return map[string]interface{}{"$bar": i}
-	})
+		return map[string]interface{}{"$bar": i, "$delta": delta}
+	}, delta)
 }
 
-func checkPrimedUnitAgentStatus(c *gc.C, statusInfo status.StatusInfo, expect int) {
+func checkPrimedUnitAgentStatus(c *gc.C, statusInfo status.StatusInfo, expect int, expectDelta time.Duration) {
 	c.Check(statusInfo.Status, gc.Equals, status.StatusExecuting)
 	c.Check(statusInfo.Message, gc.Equals, "")
-	c.Check(statusInfo.Data, jc.DeepEquals, map[string]interface{}{"$bar": expect})
+	c.Check(statusInfo.Data, jc.DeepEquals, map[string]interface{}{"$bar": expect, "$delta": int64(expectDelta)})
 	c.Check(statusInfo.Since, gc.NotNil)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/status_volume_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/status_volume_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/status_volume_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/status_volume_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package state_test
 
 import (
+	"time"
+
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -58,23 +60,42 @@
 }
 
 func (s *VolumeStatusSuite) TestSetErrorStatusWithoutInfo(c *gc.C) {
-	err := s.volume.SetStatus(status.StatusError, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "",
+		Since:   &now,
+	}
+	err := s.volume.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "error" without info`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *VolumeStatusSuite) TestSetUnknownStatus(c *gc.C) {
-	err := s.volume.SetStatus(status.Status("vliegkat"), "orville", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.Status("vliegkat"),
+		Message: "orville",
+		Since:   &now,
+	}
+	err := s.volume.SetStatus(sInfo)
 	c.Assert(err, gc.ErrorMatches, `cannot set invalid status "vliegkat"`)
 
 	s.checkInitialStatus(c)
 }
 
 func (s *VolumeStatusSuite) TestSetOverwritesData(c *gc.C) {
-	err := s.volume.SetStatus(status.StatusAttaching, "blah", map[string]interface{}{
-		"pew.pew": "zap",
-	})
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAttaching,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"pew.pew": "zap",
+		},
+		Since: &now,
+	}
+	err := s.volume.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	s.checkGetSetStatus(c, status.StatusAttaching)
@@ -90,12 +111,19 @@
 	}
 }
 
-func (s *VolumeStatusSuite) checkGetSetStatus(c *gc.C, status status.Status) {
-	err := s.volume.SetStatus(status, "blah", map[string]interface{}{
-		"$foo.bar.baz": map[string]interface{}{
-			"pew.pew": "zap",
+func (s *VolumeStatusSuite) checkGetSetStatus(c *gc.C, volumeStatus status.Status) {
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  volumeStatus,
+		Message: "blah",
+		Data: map[string]interface{}{
+			"$foo.bar.baz": map[string]interface{}{
+				"pew.pew": "zap",
+			},
 		},
-	})
+		Since: &now,
+	}
+	err := s.volume.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 
 	volume, err := s.State.Volume(s.volume.VolumeTag())
@@ -103,7 +131,7 @@
 
 	statusInfo, err := volume.Status()
 	c.Check(err, jc.ErrorIsNil)
-	c.Check(statusInfo.Status, gc.Equals, status)
+	c.Check(statusInfo.Status, gc.Equals, volumeStatus)
 	c.Check(statusInfo.Message, gc.Equals, "blah")
 	c.Check(statusInfo.Data, jc.DeepEquals, map[string]interface{}{
 		"$foo.bar.baz": map[string]interface{}{
@@ -141,7 +169,13 @@
 func (s *VolumeStatusSuite) TestGetSetStatusGone(c *gc.C) {
 	s.obliterateVolume(c, s.volume.VolumeTag())
 
-	err := s.volume.SetStatus(status.StatusAttaching, "not really", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusAttaching,
+		Message: "not really",
+		Since:   &now,
+	}
+	err := s.volume.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status: volume not found`)
 
 	statusInfo, err := s.volume.Status()
@@ -150,7 +184,13 @@
 }
 
 func (s *VolumeStatusSuite) TestSetStatusPendingUnprovisioned(c *gc.C) {
-	err := s.volume.SetStatus(status.StatusPending, "still", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusPending,
+		Message: "still",
+		Since:   &now,
+	}
+	err := s.volume.SetStatus(sInfo)
 	c.Check(err, jc.ErrorIsNil)
 }
 
@@ -159,6 +199,12 @@
 		VolumeId: "vol-ume",
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = s.volume.SetStatus(status.StatusPending, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusPending,
+		Message: "",
+		Since:   &now,
+	}
+	err = s.volume.SetStatus(sInfo)
 	c.Check(err, gc.ErrorMatches, `cannot set status "pending"`)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/storage_dynamicadd_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/storage_dynamicadd_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/storage_dynamicadd_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/storage_dynamicadd_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 )
@@ -30,7 +30,7 @@
 		"multi1to10": makeStorageCons("loop", 0, 3),
 	}
 	charm := s.AddTestingCharm(c, "storage-block2")
-	service, err := s.State.AddService(state.AddServiceArgs{Name: "storage-block2", Owner: "user-test-admin@local", Charm: charm, Storage: storageCons})
+	service, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block2", Charm: charm, Storage: storageCons})
 	c.Assert(err, jc.ErrorIsNil)
 	u, err := service.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/state/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 
 	"github.com/dustin/go-humanize"
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"github.com/juju/utils/set"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -23,7 +23,7 @@
 	"github.com/juju/juju/storage/provider/registry"
 )
 
-// StorageInstance represents the state of a unit or service-wide storage
+// StorageInstance represents the state of a unit or application-wide storage
 // instance in the model.
 type StorageInstance interface {
 	Entity
@@ -348,11 +348,11 @@
 
 	createdShared := false
 	switch entity := entity.(type) {
-	case names.ServiceTag:
+	case names.ApplicationTag:
 		createdShared = true
 	case names.UnitTag:
 	default:
-		return nil, -1, errors.Errorf("expected service or unit tag, got %T", entity)
+		return nil, -1, errors.Errorf("expected application or unit tag, got %T", entity)
 	}
 
 	// Create storage instances in order of name, to simplify testing.
@@ -1074,7 +1074,7 @@
 		return errors.Trace(err)
 	}
 
-	s, err := u.Service()
+	s, err := u.Application()
 	if err != nil {
 		return errors.Annotatef(err, "getting service for unit %v", u.Tag().Id())
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/storage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,11 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 
 	"github.com/juju/juju/state"
@@ -82,7 +82,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *StorageStateSuiteBase) setupSingleStorage(c *gc.C, kind, pool string) (*state.Service, *state.Unit, names.StorageTag) {
+func (s *StorageStateSuiteBase) setupSingleStorage(c *gc.C, kind, pool string) (*state.Application, *state.Unit, names.StorageTag) {
 	// There are test charms called "storage-block" and
 	// "storage-filesystem" which are what you'd expect.
 	ch := s.AddTestingCharm(c, "storage-"+kind)
@@ -133,7 +133,7 @@
 	return ch
 }
 
-func (s *StorageStateSuiteBase) setupMixedScopeStorageService(c *gc.C, kind string) *state.Service {
+func (s *StorageStateSuiteBase) setupMixedScopeStorageService(c *gc.C, kind string) *state.Application {
 	storageCons := map[string]state.StorageConstraints{
 		"multi1to10": makeStorageCons("environscoped", 1024, 1),
 		"multi2up":   makeStorageCons("machinescoped", 2048, 2),
@@ -369,7 +369,7 @@
 
 func (s *StorageStateSuite) TestAddServiceStorageConstraintsDefault(c *gc.C) {
 	ch := s.AddTestingCharm(c, "storage-block")
-	storageBlock, err := s.State.AddService(state.AddServiceArgs{Name: "storage-block", Owner: "user-test-admin@local", Charm: ch})
+	storageBlock, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block", Charm: ch})
 	c.Assert(err, jc.ErrorIsNil)
 	constraints, err := storageBlock.StorageConstraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -387,7 +387,7 @@
 	})
 
 	ch = s.AddTestingCharm(c, "storage-filesystem")
-	storageFilesystem, err := s.State.AddService(state.AddServiceArgs{Name: "storage-filesystem", Owner: "user-test-admin@local", Charm: ch})
+	storageFilesystem, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-filesystem", Charm: ch})
 	c.Assert(err, jc.ErrorIsNil)
 	constraints, err = storageFilesystem.StorageConstraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -402,8 +402,8 @@
 
 func (s *StorageStateSuite) TestAddServiceStorageConstraintsValidation(c *gc.C) {
 	ch := s.AddTestingCharm(c, "storage-block2")
-	addService := func(storage map[string]state.StorageConstraints) (*state.Service, error) {
-		return s.State.AddService(state.AddServiceArgs{Name: "storage-block2", Owner: "user-test-admin@local", Charm: ch, Storage: storage})
+	addService := func(storage map[string]state.StorageConstraints) (*state.Application, error) {
+		return s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block2", Charm: ch, Storage: storage})
 	}
 	assertErr := func(storage map[string]state.StorageConstraints, expect string) {
 		_, err := addService(storage)
@@ -414,14 +414,14 @@
 		"multi1to10": makeStorageCons("loop-pool", 1024, 1),
 		"multi2up":   makeStorageCons("loop-pool", 2048, 1),
 	}
-	assertErr(storageCons, `cannot add service "storage-block2": charm "storage-block2" store "multi2up": 2 instances required, 1 specified`)
+	assertErr(storageCons, `cannot add application "storage-block2": charm "storage-block2" store "multi2up": 2 instances required, 1 specified`)
 	storageCons["multi2up"] = makeStorageCons("loop-pool", 1024, 2)
-	assertErr(storageCons, `cannot add service "storage-block2": charm "storage-block2" store "multi2up": minimum storage size is 2.0GB, 1.0GB specified`)
+	assertErr(storageCons, `cannot add application "storage-block2": charm "storage-block2" store "multi2up": minimum storage size is 2.0GB, 1.0GB specified`)
 	storageCons["multi2up"] = makeStorageCons("loop-pool", 2048, 2)
 	storageCons["multi1to10"] = makeStorageCons("loop-pool", 1024, 11)
-	assertErr(storageCons, `cannot add service "storage-block2": charm "storage-block2" store "multi1to10": at most 10 instances supported, 11 specified`)
+	assertErr(storageCons, `cannot add application "storage-block2": charm "storage-block2" store "multi1to10": at most 10 instances supported, 11 specified`)
 	storageCons["multi1to10"] = makeStorageCons("ebs-fast", 1024, 10)
-	assertErr(storageCons, `cannot add service "storage-block2": pool "ebs-fast" not found`)
+	assertErr(storageCons, `cannot add application "storage-block2": pool "ebs-fast" not found`)
 	storageCons["multi1to10"] = makeStorageCons("loop-pool", 1024, 10)
 	_, err := addService(storageCons)
 	c.Assert(err, jc.ErrorIsNil)
@@ -435,7 +435,7 @@
 		c.Assert(err, jc.ErrorIsNil)
 	}
 	ch := s.AddTestingCharm(c, "storage-block")
-	service, err := s.State.AddService(state.AddServiceArgs{Name: "storage-block2", Owner: "user-test-admin@local", Charm: ch, Storage: cons})
+	service, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block2", Charm: ch, Storage: cons})
 	c.Assert(err, jc.ErrorIsNil)
 	savedCons, err := service.StorageConstraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -507,7 +507,7 @@
 		"multi2up":   makeStorageCons("loop", 2048, 2),
 	}
 	ch := s.AddTestingCharm(c, "storage-block2")
-	service, err := s.State.AddService(state.AddServiceArgs{Name: "storage-block2", Owner: "user-test-admin@local", Charm: ch, Storage: storageCons})
+	service, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block2", Charm: ch, Storage: storageCons})
 	c.Assert(err, jc.ErrorIsNil)
 	savedCons, err := service.StorageConstraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -516,8 +516,8 @@
 
 func (s *StorageStateSuite) TestProviderFallbackToType(c *gc.C) {
 	ch := s.AddTestingCharm(c, "storage-block")
-	addService := func(storage map[string]state.StorageConstraints) (*state.Service, error) {
-		return s.State.AddService(state.AddServiceArgs{Name: "storage-block", Owner: "user-test-admin@local", Charm: ch, Storage: storage})
+	addService := func(storage map[string]state.StorageConstraints) (*state.Application, error) {
+		return s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block", Charm: ch, Storage: storage})
 	}
 	storageCons := map[string]state.StorageConstraints{
 		"data": makeStorageCons("loop", 1024, 1),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/subnets.go juju-core-2.0~beta12/src/github.com/juju/juju/state/subnets.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/subnets.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/subnets.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,6 @@
 package state
 
 import (
-	"math/rand"
 	"net"
 
 	"github.com/juju/errors"
@@ -27,14 +26,6 @@
 	// networks. It's defined by IEEE 802.1Q standard.
 	VLANTag int
 
-	// AllocatableIPHigh and Low describe the allocatable portion of the
-	// subnet. The remainder, if any, is reserved by the provider.
-	// Either both of these must be set or neither, if they're empty it
-	// means that none of the subnet is allocatable. If present they must
-	// be valid IP addresses within the subnet CIDR.
-	AllocatableIPHigh string
-	AllocatableIPLow  string
-
 	// AvailabilityZone describes which availability zone this subnet is in. It can
 	// be empty if the provider does not support availability zones.
 	AvailabilityZone string
@@ -50,18 +41,15 @@
 }
 
 type subnetDoc struct {
-	DocID             string `bson:"_id"`
-	ModelUUID         string `bson:"model-uuid"`
-	Life              Life   `bson:"life"`
-	ProviderId        string `bson:"providerid,omitempty"`
-	CIDR              string `bson:"cidr"`
-	AllocatableIPHigh string `bson:"allocatableiphigh,omitempty"`
-	AllocatableIPLow  string `bson:"allocatableiplow,omitempty"`
-	VLANTag           int    `bson:"vlantag,omitempty"`
-	AvailabilityZone  string `bson:"availabilityzone,omitempty"`
-	IsPublic          bool   `bson:"is-public,omitempty"`
-	// TODO(dooferlad 2015-08-03): add an upgrade step to insert IsPublic=false
-	SpaceName string `bson:"space-name,omitempty"`
+	DocID            string `bson:"_id"`
+	ModelUUID        string `bson:"model-uuid"`
+	Life             Life   `bson:"life"`
+	ProviderId       string `bson:"providerid,omitempty"`
+	CIDR             string `bson:"cidr"`
+	VLANTag          int    `bson:"vlantag,omitempty"`
+	AvailabilityZone string `bson:"availabilityzone,omitempty"`
+	IsPublic         bool   `bson:"is-public,omitempty"`
+	SpaceName        string `bson:"space-name,omitempty"`
 }
 
 // Life returns whether the subnet is Alive, Dying or Dead.
@@ -119,32 +107,16 @@
 		return errors.New("subnet is not dead")
 	}
 
-	addresses, closer := s.st.getCollection(legacyipaddressesC)
-	defer closer()
-
-	var ops []txn.Op
-	id := s.ID()
-	var doc struct {
-		DocID string `bson:"_id"`
-	}
-	iter := addresses.Find(bson.D{{"subnetid", id}}).Iter()
-	for iter.Next(&doc) {
-		ops = append(ops, txn.Op{
-			C:      legacyipaddressesC,
-			Id:     doc.DocID,
-			Remove: true,
-		})
-	}
-	if err = iter.Close(); err != nil {
-		return errors.Annotate(err, "cannot read addresses")
-	}
-
-	ops = append(ops, txn.Op{
+	ops := []txn.Op{{
 		C:      subnetsC,
 		Id:     s.doc.DocID,
 		Remove: true,
 		Assert: isDeadDoc,
-	})
+	}}
+	if s.doc.ProviderId != "" {
+		op := s.st.networkEntityGlobalKeyRemoveOp("subnet", s.ProviderId())
+		ops = append(ops, op)
+	}
 
 	txnErr := s.st.runTransaction(ops)
 	if txnErr == nil {
@@ -155,7 +127,7 @@
 
 // ProviderId returns the provider-specific id of the subnet.
 func (s *Subnet) ProviderId() network.Id {
-	return network.Id(s.st.localID(s.doc.ProviderId))
+	return network.Id(s.doc.ProviderId)
 }
 
 // CIDR returns the subnet CIDR (e.g. 192.168.50.0/24).
@@ -169,16 +141,6 @@
 	return s.doc.VLANTag
 }
 
-// AllocatableIPLow returns the lowest allocatable IP address in the subnet
-func (s *Subnet) AllocatableIPLow() string {
-	return s.doc.AllocatableIPLow
-}
-
-// AllocatableIPHigh returns the hightest allocatable IP address in the subnet.
-func (s *Subnet) AllocatableIPHigh() string {
-	return s.doc.AllocatableIPHigh
-}
-
 // AvailabilityZone returns the availability zone of the subnet. If the subnet
 // is not associated with an availability zone it will be the empty string.
 func (s *Subnet) AvailabilityZone() string {
@@ -191,45 +153,21 @@
 	return s.doc.SpaceName
 }
 
-// Validate validates the subnet, checking the CIDR, VLANTag and
-// AllocatableIPHigh and Low, if present.
+// Validate validates the subnet, checking the CIDR, and VLANTag, if present.
 func (s *Subnet) Validate() error {
-	var mask *net.IPNet
-	var err error
 	if s.doc.CIDR != "" {
-		_, mask, err = net.ParseCIDR(s.doc.CIDR)
+		_, _, err := net.ParseCIDR(s.doc.CIDR)
 		if err != nil {
 			return errors.Trace(err)
 		}
 	} else {
 		return errors.Errorf("missing CIDR")
 	}
+
 	if s.doc.VLANTag < 0 || s.doc.VLANTag > 4094 {
 		return errors.Errorf("invalid VLAN tag %d: must be between 0 and 4094", s.doc.VLANTag)
 	}
-	present := func(str string) bool {
-		return str != ""
-	}
-	either := present(s.doc.AllocatableIPLow) || present(s.doc.AllocatableIPHigh)
-	both := present(s.doc.AllocatableIPLow) && present(s.doc.AllocatableIPHigh)
 
-	if either && !both {
-		return errors.Errorf("either both AllocatableIPLow and AllocatableIPHigh must be set or neither set")
-	}
-
-	// TODO (mfoord 26-11-2014) we could also validate that the IPs are the
-	// same type (IPv4 or IPv6) and that IPLow is lower than or equal to
-	// IPHigh.
-	if s.doc.AllocatableIPHigh != "" {
-		highIP := net.ParseIP(s.doc.AllocatableIPHigh)
-		if highIP == nil || !mask.Contains(highIP) {
-			return errors.Errorf("invalid AllocatableIPHigh %q", s.doc.AllocatableIPHigh)
-		}
-		lowIP := net.ParseIP(s.doc.AllocatableIPLow)
-		if lowIP == nil || !mask.Contains(lowIP) {
-			return errors.Errorf("invalid AllocatableIPLow %q", s.doc.AllocatableIPLow)
-		}
-	}
 	return nil
 }
 
@@ -250,109 +188,92 @@
 	return nil
 }
 
-// PickNewAddress returns a new IPAddress that isn't in use for the subnet.
-// The address starts with AddressStateUnknown, for later allocation.
-// This will fail if the subnet is not alive.
-func (s *Subnet) PickNewAddress() (*IPAddress, error) {
-	for {
-		addr, err := s.attemptToPickNewAddress()
-		if err == nil {
-			return addr, err
+// AddSubnet creates and returns a new subnet
+func (st *State) AddSubnet(args SubnetInfo) (subnet *Subnet, err error) {
+	defer errors.DeferredAnnotatef(&err, "adding subnet %q", args.CIDR)
+
+	subnetID := st.docID(args.CIDR)
+	subDoc := subnetDoc{
+		DocID:            subnetID,
+		ModelUUID:        st.ModelUUID(),
+		Life:             Alive,
+		CIDR:             args.CIDR,
+		VLANTag:          args.VLANTag,
+		ProviderId:       string(args.ProviderId),
+		AvailabilityZone: args.AvailabilityZone,
+		SpaceName:        args.SpaceName,
+	}
+	subnet = &Subnet{doc: subDoc, st: st}
+	err = subnet.Validate()
+	if err != nil {
+		return nil, err
+	}
+
+	buildTxn := func(attempt int) ([]txn.Op, error) {
+		ops := []txn.Op{
+			assertModelActiveOp(st.ModelUUID()),
+			{
+				C:      subnetsC,
+				Id:     subnetID,
+				Assert: txn.DocMissing,
+				Insert: subDoc,
+			},
+		}
+		if args.ProviderId != "" {
+			ops = append(ops, st.networkEntityGlobalKeyOp("subnet", args.ProviderId))
 		}
-		if !errors.IsAlreadyExists(err) {
-			return addr, err
+
+		if attempt != 0 {
+			if err := checkModelActive(st); err != nil {
+				return nil, errors.Trace(err)
+			}
+			if _, err = st.Subnet(args.CIDR); err == nil {
+				return nil, errors.AlreadyExistsf("subnet %q", args.CIDR)
+			}
+			if err := subnet.Refresh(); err != nil {
+				if errors.IsNotFound(err) {
+					return nil, errors.Errorf("ProviderId %q not unique", args.ProviderId)
+				}
+				return nil, errors.Trace(err)
+			}
 		}
+		return ops, nil
+	}
+	err = st.run(buildTxn)
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
+	return subnet, nil
 }
 
-// attemptToPickNewAddress will try to pick a new address. It can fail
-// with AlreadyExists due to a race condition between fetching the
-// list of addresses already in use and allocating a new one. If the
-// subnet is not alive, it will also fail. It is called in a loop by
-// PickNewAddress until it gets one or there are no more available!
-func (s *Subnet) attemptToPickNewAddress() (*IPAddress, error) {
-	if s.doc.Life != Alive {
-		return nil, errors.Errorf("cannot pick address: subnet %q is not alive", s)
-	}
-	high := s.doc.AllocatableIPHigh
-	low := s.doc.AllocatableIPLow
-	if low == "" || high == "" {
-		return nil, errors.Errorf("no allocatable IP addresses for subnet %q", s)
-	}
+// Subnet returns the subnet specified by the cidr.
+func (st *State) Subnet(cidr string) (*Subnet, error) {
+	subnets, closer := st.getCollection(subnetsC)
+	defer closer()
 
-	// convert low and high to decimals as the bounds
-	lowDecimal, err := network.IPv4ToDecimal(net.ParseIP(low))
-	if err != nil {
-		// these addresses are validated so should never happen
-		return nil, errors.Annotatef(err, "invalid AllocatableIPLow %q for subnet %q", low, s)
+	doc := &subnetDoc{}
+	err := subnets.FindId(cidr).One(doc)
+	if err == mgo.ErrNotFound {
+		return nil, errors.NotFoundf("subnet %q", cidr)
 	}
-	highDecimal, err := network.IPv4ToDecimal(net.ParseIP(high))
 	if err != nil {
-		// these addresses are validated so should never happen
-		return nil, errors.Annotatef(err, "invalid AllocatableIPHigh %q for subnet %q", high, s)
+		return nil, errors.Annotatef(err, "cannot get subnet %q", cidr)
 	}
+	return &Subnet{st, *doc}, nil
+}
 
-	// find all addresses for this subnet and convert them to decimals
-	addresses, closer := s.st.getCollection(legacyipaddressesC)
+// AllSubnets returns all known subnets in the model.
+func (st *State) AllSubnets() (subnets []*Subnet, err error) {
+	subnetsCollection, closer := st.getCollection(subnetsC)
 	defer closer()
 
-	id := s.ID()
-	var doc struct {
-		Value string
-	}
-	allocated := make(map[uint32]bool)
-	iter := addresses.Find(bson.D{{"subnetid", id}}).Iter()
-	for iter.Next(&doc) {
-		// skip invalid values. Can't happen anyway as we validate.
-		value, err := network.IPv4ToDecimal(net.ParseIP(doc.Value))
-		if err != nil {
-			continue
-		}
-		allocated[value] = true
-	}
-	if err := iter.Close(); err != nil {
-		return nil, errors.Annotatef(err, "cannot read addresses of subnet %q", s)
+	docs := []subnetDoc{}
+	err = subnetsCollection.Find(nil).All(&docs)
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot get all subnets")
 	}
-
-	// Check that the number of addresses in use is less than the
-	// difference between low and high - i.e. we haven't exhausted all
-	// possible addresses.
-	if len(allocated) >= int(highDecimal-lowDecimal)+1 {
-		return nil, errors.Errorf("allocatable IP addresses exhausted for subnet %q", s)
-	}
-
-	// pick a new random decimal between the low and high bounds that
-	// doesn't match an existing one
-	newDecimal := pickAddress(lowDecimal, highDecimal, allocated)
-
-	// convert it back to a dotted-quad
-	newIP := network.DecimalToIPv4(newDecimal)
-	newAddr := network.NewAddress(newIP.String())
-
-	// and create a new IPAddress from it and return it
-	return s.st.AddIPAddress(newAddr, s.ID())
-}
-
-// pickAddress will pick a number, representing an IPv4 address, between low
-// and high (inclusive) that isn't in the allocated map. There must be at least
-// one available address between low and high and not in allocated.
-// e.g. pickAddress(uint32(2700), uint32(2800), map[uint32]bool{uint32(2701): true})
-// The allocated map is just being used as a set of unavailable addresses, so
-// the bool value isn't significant.
-var pickAddress = func(low, high uint32, allocated map[uint32]bool) uint32 {
-	// +1 because Int63n will pick a number up to, but not including, the
-	// bounds we provide.
-	bounds := uint32(high-low) + 1
-	if bounds == 1 {
-		// we've already checked that there is a free IP address, so
-		// this must be it!
-		return low
-	}
-	for {
-		inBounds := rand.Int63n(int64(bounds))
-		value := uint32(inBounds) + low
-		if _, ok := allocated[value]; !ok {
-			return value
-		}
+	for _, doc := range docs {
+		subnets = append(subnets, &Subnet{st, doc})
 	}
+	return subnets, nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/subnets_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/subnets_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/subnets_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/subnets_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,15 +5,11 @@
 
 import (
 	"fmt"
-	"sort"
-	"sync"
-	"sync/atomic"
 
 	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
 )
 
@@ -25,13 +21,11 @@
 
 func (s *SubnetSuite) TestAddSubnetSucceedsWithFullyPopulatedInfo(c *gc.C) {
 	subnetInfo := state.SubnetInfo{
-		ProviderId:        "foo",
-		CIDR:              "192.168.1.0/24",
-		VLANTag:           79,
-		AllocatableIPLow:  "192.168.1.0",
-		AllocatableIPHigh: "192.168.1.1",
-		AvailabilityZone:  "Timbuktu",
-		SpaceName:         "foo",
+		ProviderId:       "foo",
+		CIDR:             "192.168.1.0/24",
+		VLANTag:          79,
+		AvailabilityZone: "Timbuktu",
+		SpaceName:        "foo",
 	}
 
 	subnet, err := s.State.AddSubnet(subnetInfo)
@@ -48,8 +42,6 @@
 	c.Assert(subnet.ProviderId(), gc.Equals, info.ProviderId)
 	c.Assert(subnet.CIDR(), gc.Equals, info.CIDR)
 	c.Assert(subnet.VLANTag(), gc.Equals, info.VLANTag)
-	c.Assert(subnet.AllocatableIPLow(), gc.Equals, info.AllocatableIPLow)
-	c.Assert(subnet.AllocatableIPHigh(), gc.Equals, info.AllocatableIPHigh)
 	c.Assert(subnet.AvailabilityZone(), gc.Equals, info.AvailabilityZone)
 	c.Assert(subnet.String(), gc.Equals, info.CIDR)
 	c.Assert(subnet.GoString(), gc.Equals, info.CIDR)
@@ -79,58 +71,6 @@
 	s.assertAddSubnetForInfoFailsWithSuffix(c, subnetInfo, "invalid VLAN tag 4095: must be between 0 and 4094")
 }
 
-func (s *SubnetSuite) TestAddSubnetFailsWhenAllocatableIPHighSetButAllocatableIPLowNotSet(c *gc.C) {
-	subnetInfo := state.SubnetInfo{CIDR: "192.168.0.1/24", AllocatableIPHigh: "192.168.0.1"}
-	s.assertAddSubnetForInfoFailsWithSuffix(
-		c, subnetInfo,
-		"either both AllocatableIPLow and AllocatableIPHigh must be set or neither set",
-	)
-}
-
-func (s *SubnetSuite) TestAddSubnetFailsWhenAllocatableIPLowSetButAllocatableIPHighNotSet(c *gc.C) {
-	subnetInfo := state.SubnetInfo{CIDR: "192.168.0.1/24", AllocatableIPLow: "192.168.0.1"}
-	s.assertAddSubnetForInfoFailsWithSuffix(
-		c, subnetInfo,
-		"either both AllocatableIPLow and AllocatableIPHigh must be set or neither set",
-	)
-}
-
-func (s *SubnetSuite) TestAddSubnetFailsWithInvalidAllocatableIPHigh(c *gc.C) {
-	subnetInfo := state.SubnetInfo{
-		CIDR:              "192.168.0.1/24",
-		AllocatableIPLow:  "192.168.0.1",
-		AllocatableIPHigh: "foobar",
-	}
-	s.assertAddSubnetForInfoFailsWithSuffix(c, subnetInfo, `invalid AllocatableIPHigh "foobar"`)
-}
-
-func (s *SubnetSuite) TestAddSubnetFailsWithInvalidAllocatableIPLow(c *gc.C) {
-	subnetInfo := state.SubnetInfo{
-		CIDR:              "192.168.0.1/24",
-		AllocatableIPLow:  "foobar",
-		AllocatableIPHigh: "192.168.0.1",
-	}
-	s.assertAddSubnetForInfoFailsWithSuffix(c, subnetInfo, `invalid AllocatableIPLow "foobar"`)
-}
-
-func (s *SubnetSuite) TestAddSubnetFailsWithOutOfRangeAllocatableIPHigh(c *gc.C) {
-	subnetInfo := state.SubnetInfo{
-		CIDR:              "192.168.0.1/24",
-		AllocatableIPLow:  "192.168.0.1",
-		AllocatableIPHigh: "172.168.1.0",
-	}
-	s.assertAddSubnetForInfoFailsWithSuffix(c, subnetInfo, `invalid AllocatableIPHigh "172.168.1.0"`)
-}
-
-func (s *SubnetSuite) TestAddSubnetFailsWithOutOfRangeAllocatableIPLow(c *gc.C) {
-	subnetInfo := state.SubnetInfo{
-		CIDR:              "192.168.0.1/24",
-		AllocatableIPLow:  "172.168.1.0",
-		AllocatableIPHigh: "192.168.0.10",
-	}
-	s.assertAddSubnetForInfoFailsWithSuffix(c, subnetInfo, `invalid AllocatableIPLow "172.168.1.0"`)
-}
-
 func (s *SubnetSuite) TestAddSubnetFailsWithAlreadyExistsForDuplicateCIDRInSameModel(c *gc.C) {
 	subnetInfo := state.SubnetInfo{CIDR: "192.168.0.1/24"}
 	subnet, err := s.State.AddSubnet(subnetInfo)
@@ -286,30 +226,6 @@
 	c.Assert(err, gc.ErrorMatches, `cannot remove subnet "192.168.0.1/24": not found or not dead`)
 }
 
-func (s *SubnetSuite) TestRemoveKillsAddedIPAddresses(c *gc.C) {
-	subnet := s.addAliveSubnet(c, "192.168.1.0/24")
-	s.addIPAddressForSubnet(c, "192.168.1.0", subnet)
-	s.addIPAddressForSubnet(c, "192.168.1.1", subnet)
-
-	err := subnet.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = subnet.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.assertIPAddressNotFound(c, "192.168.1.0")
-	s.assertIPAddressNotFound(c, "192.168.1.1")
-}
-
-func (s *SubnetSuite) addIPAddressForSubnet(c *gc.C, ipAddress string, subnet *state.Subnet) {
-	_, err := s.State.AddIPAddress(network.NewAddress(ipAddress), subnet.ID())
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *SubnetSuite) assertIPAddressNotFound(c *gc.C, ipAddress string) {
-	_, err := s.State.IPAddress(ipAddress)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
-
 func (s *SubnetSuite) TestRefreshUpdatesStaleDocData(c *gc.C) {
 	subnet := s.addAliveSubnet(c, "fc00::/64")
 	subnetCopy, err := s.State.Subnet("fc00::/64")
@@ -356,105 +272,3 @@
 		c.Assert(subnet.AvailabilityZone(), gc.Equals, subnetInfos[i].AvailabilityZone)
 	}
 }
-
-func (s *SubnetSuite) TestPickNewAddressNoAddresses(c *gc.C) {
-	subnet := s.addAliveSubnet(c, "192.168.1.0/24")
-
-	_, err := subnet.PickNewAddress()
-	c.Assert(err, gc.ErrorMatches, "no allocatable IP addresses for subnet .*")
-}
-
-func (s *SubnetSuite) TestPickNewAddressWhenSubnetIsDead(c *gc.C) {
-	subnet := s.addSubnetWithAllocatableIPHigh(c, "192.168.1.0")
-	s.ensureDeadAndAssertLifeIsDead(c, subnet)
-
-	_, err := subnet.PickNewAddress()
-	c.Assert(err, gc.ErrorMatches,
-		`cannot pick address: subnet "192.168.1.0/24" is not alive`,
-	)
-}
-
-func (s *SubnetSuite) addSubnetWithAllocatableIPHigh(c *gc.C, allocatableHigh string) *state.Subnet {
-	subnetInfo := state.SubnetInfo{
-		CIDR:              "192.168.1.0/24",
-		AllocatableIPLow:  "192.168.1.0",
-		AllocatableIPHigh: allocatableHigh,
-	}
-	subnet, err := s.State.AddSubnet(subnetInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	return subnet
-}
-
-func (s *SubnetSuite) TestPickNewAddressAddressesExhausted(c *gc.C) {
-	subnet := s.addSubnetWithAllocatableIPHigh(c, "192.168.1.0")
-	s.addIPAddressForSubnet(c, "192.168.1.0", subnet)
-
-	_, err := subnet.PickNewAddress()
-	c.Assert(err, gc.ErrorMatches, "allocatable IP addresses exhausted for subnet .*")
-}
-
-func (s *SubnetSuite) TestPickNewAddressOneAddress(c *gc.C) {
-	subnet := s.addSubnetWithAllocatableIPHigh(c, "192.168.1.0")
-
-	addr, err := subnet.PickNewAddress()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(addr.Value(), gc.Equals, "192.168.1.0")
-}
-
-func (s *SubnetSuite) TestPickNewAddressSkipsAllocated(c *gc.C) {
-	subnet := s.addSubnetWithAllocatableIPHigh(c, "192.168.1.1")
-	s.addIPAddressForSubnet(c, "192.168.1.0", subnet)
-
-	ipAddr, err := subnet.PickNewAddress()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ipAddr.Value(), gc.Equals, "192.168.1.1")
-}
-
-func (s *SubnetSuite) TestPickNewAddressRace(c *gc.C) {
-	// represents 192.168.1.0
-	initialIP := uint32(3232235776)
-	var index int32 = -1
-	addresses := []uint32{initialIP, initialIP, initialIP + 1}
-
-	// the first two calls will get the same address (which simulates the
-	// inherent race condition in the code). The third call will get
-	// a new one. We should see two different addresses come out of the
-	// two calls: i.e. we will have detected the race condition and tried
-	// again.
-	mockPickAddress := func(_, _ uint32, _ map[uint32]bool) uint32 {
-		theIndex := atomic.AddInt32(&index, 1)
-		return addresses[theIndex]
-	}
-	s.PatchValue(&state.PickAddress, &mockPickAddress)
-
-	// 192.168.1.0 and 192.168.1.1 are the only valid addresses
-	subnet := s.addSubnetWithAllocatableIPHigh(c, "192.168.1.1")
-
-	waiter := sync.WaitGroup{}
-	waiter.Add(2)
-
-	var firstResult *state.IPAddress
-	var firstError error
-	var secondResult *state.IPAddress
-	var secondError error
-	go func() {
-		firstResult, firstError = subnet.PickNewAddress()
-		waiter.Done()
-	}()
-	go func() {
-		secondResult, secondError = subnet.PickNewAddress()
-		waiter.Done()
-	}()
-	waiter.Wait()
-
-	c.Assert(firstError, jc.ErrorIsNil)
-	c.Assert(secondError, jc.ErrorIsNil)
-	c.Assert(firstResult, gc.NotNil)
-	c.Assert(secondResult, gc.NotNil)
-
-	ipAddresses := []string{firstResult.Value(), secondResult.Value()}
-	sort.Strings(ipAddresses)
-
-	expected := []string{"192.168.1.0", "192.168.1.1"}
-	c.Assert(ipAddresses, jc.DeepEquals, expected)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/testing/conn.go juju-core-2.0~beta12/src/github.com/juju/juju/state/testing/conn.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/testing/conn.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/testing/conn.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,12 @@
 package testing
 
 import (
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/mongo/mongotest"
@@ -19,14 +20,32 @@
 // Initialize initializes the state and returns it. If state was not
 // already initialized, and cfg is nil, the minimal default model
 // configuration will be used.
-func Initialize(c *gc.C, owner names.UserTag, cfg *config.Config, policy state.Policy) *state.State {
+func Initialize(c *gc.C, owner names.UserTag, cfg *config.Config, controllerInheritedConfig map[string]interface{}, policy state.Policy) *state.State {
 	if cfg == nil {
 		cfg = testing.ModelConfig(c)
 	}
 	mgoInfo := NewMongoInfo()
 	dialOpts := mongotest.DialOpts()
 
-	st, err := state.Initialize(owner, mgoInfo, cfg, dialOpts, policy)
+	controllerCfg := testing.FakeControllerConfig()
+	controllerCfg["controller-uuid"] = cfg.UUID()
+	st, err := state.Initialize(state.InitializeParams{
+		ControllerConfig: controllerCfg,
+		ControllerModelArgs: state.ModelArgs{
+			CloudName: "dummy",
+			Config:    cfg,
+			Owner:     owner,
+		},
+		ControllerInheritedConfig: controllerInheritedConfig,
+		CloudName:                 "dummy",
+		Cloud: cloud.Cloud{
+			Type:      "dummy",
+			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
+		},
+		MongoInfo:     mgoInfo,
+		MongoDialOpts: dialOpts,
+		Policy:        policy,
+	})
 	c.Assert(err, jc.ErrorIsNil)
 	return st
 }
@@ -48,5 +67,5 @@
 	owner := names.NewLocalUserTag("test-admin")
 	cfg := testing.ModelConfig(c)
 	policy := MockPolicy{}
-	return Initialize(c, owner, cfg, &policy)
+	return Initialize(c, owner, cfg, nil, &policy)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/testing/suite.go juju-core-2.0~beta12/src/github.com/juju/juju/state/testing/suite.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/testing/suite.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/testing/suite.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package testing
 
 import (
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/state"
@@ -21,11 +21,12 @@
 type StateSuite struct {
 	jujutesting.MgoSuite
 	testing.BaseSuite
-	Policy        state.Policy
-	State         *state.State
-	Owner         names.UserTag
-	Factory       *factory.Factory
-	InitialConfig *config.Config
+	Policy                    state.Policy
+	State                     *state.State
+	Owner                     names.UserTag
+	Factory                   *factory.Factory
+	InitialConfig             *config.Config
+	ControllerInheritedConfig map[string]interface{}
 }
 
 func (s *StateSuite) SetUpSuite(c *gc.C) {
@@ -43,7 +44,7 @@
 	s.BaseSuite.SetUpTest(c)
 
 	s.Owner = names.NewLocalUserTag("test-admin")
-	s.State = Initialize(c, s.Owner, s.InitialConfig, s.Policy)
+	s.State = Initialize(c, s.Owner, s.InitialConfig, s.ControllerInheritedConfig, s.Policy)
 	s.AddCleanup(func(*gc.C) { s.State.Close() })
 	s.Factory = factory.NewFactory(s.State)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/undertaker.go juju-core-2.0~beta12/src/github.com/juju/juju/state/undertaker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/undertaker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/undertaker.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package state
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/unitagent.go juju-core-2.0~beta12/src/github.com/juju/juju/state/unitagent.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/unitagent.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/unitagent.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/juju/status"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // UnitAgent represents the state of a service's unit agent.
@@ -55,31 +55,38 @@
 
 // SetStatus sets the status of the unit agent. The optional values
 // allow to pass additional helpful status data.
-func (u *UnitAgent) SetStatus(unitAgentStatus status.Status, info string, data map[string]interface{}) (err error) {
-	switch unitAgentStatus {
+func (u *UnitAgent) SetStatus(unitAgentStatus status.StatusInfo) (err error) {
+	switch unitAgentStatus.Status {
 	case status.StatusIdle, status.StatusExecuting, status.StatusRebooting, status.StatusFailed:
 	case status.StatusError:
-		if info == "" {
-			return errors.Errorf("cannot set status %q without info", unitAgentStatus)
+		if unitAgentStatus.Message == "" {
+			return errors.Errorf("cannot set status %q without info", unitAgentStatus.Status)
 		}
 	case status.StatusAllocating, status.StatusLost:
-		return errors.Errorf("cannot set status %q", unitAgentStatus)
+		return errors.Errorf("cannot set status %q", unitAgentStatus.Status)
 	default:
-		return errors.Errorf("cannot set invalid status %q", unitAgentStatus)
+		return errors.Errorf("cannot set invalid status %q", unitAgentStatus.Status)
 	}
 	return setStatus(u.st, setStatusParams{
 		badge:     "agent",
 		globalKey: u.globalKey(),
-		status:    unitAgentStatus,
-		message:   info,
-		rawData:   data,
+		status:    unitAgentStatus.Status,
+		message:   unitAgentStatus.Message,
+		rawData:   unitAgentStatus.Data,
+		updated:   unitAgentStatus.Since,
 	})
 }
 
-// StatusHistory returns a slice of at most <size> StatusInfo items
+// StatusHistory returns a slice of at most filter.Size StatusInfo items
+// or items as old as filter.Date or items newer than now - filter.Delta time
 // representing past statuses for this agent.
-func (u *UnitAgent) StatusHistory(size int) ([]status.StatusInfo, error) {
-	return statusHistory(u.st, u.globalKey(), size)
+func (u *UnitAgent) StatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	args := &statusHistoryArgs{
+		st:        u.st,
+		globalKey: u.globalKey(),
+		filter:    filter,
+	}
+	return statusHistory(args)
 }
 
 // unitAgentGlobalKey returns the global database key for the named unit.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/unit_assignment_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/unit_assignment_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/unit_assignment_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/unit_assignment_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,13 +18,13 @@
 
 var _ = gc.Suite(&UnitAssignmentSuite{})
 
-func (s *UnitAssignmentSuite) testAddServiceUnitAssignment(c *gc.C) (*state.Service, []state.UnitAssignment) {
+func (s *UnitAssignmentSuite) testAddServiceUnitAssignment(c *gc.C) (*state.Application, []state.UnitAssignment) {
 	charm := s.AddTestingCharm(c, "dummy")
-	svc, err := s.State.AddService(state.AddServiceArgs{
-		Name: "dummy", Owner: s.Owner.String(),
-		Charm: charm, NumUnits: 2,
+	svc, err := s.State.AddApplication(state.AddApplicationArgs{
+		Name: "dummy", Charm: charm, NumUnits: 2,
 		Placement: []*instance.Placement{{s.State.ModelUUID(), "abc"}},
 	})
+	c.Assert(err, jc.ErrorIsNil)
 	units, err := svc.AllUnits()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(units, gc.HasLen, 2)
@@ -71,3 +71,34 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(assignments, gc.HasLen, 0)
 }
+
+func (s *UnitAssignmentSuite) TestAssignUnitWithPlacementMakesContainerInNewMachine(c *gc.C) {
+	// Enables juju deploy <charm> --to <container-type>
+	// It creates a new machine with a new container of that type.
+	// https://bugs.launchpad.net/juju-core/+bug/1590960
+	charm := s.AddTestingCharm(c, "dummy")
+	placement := instance.Placement{Scope: "lxd"}
+	svc, err := s.State.AddApplication(state.AddApplicationArgs{
+		Name:      "dummy",
+		Charm:     charm,
+		NumUnits:  1,
+		Placement: []*instance.Placement{&placement},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	units, err := svc.AllUnits()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(units, gc.HasLen, 1)
+	unit := units[0]
+
+	err = s.State.AssignUnitWithPlacement(unit, &placement)
+	c.Assert(err, jc.ErrorIsNil)
+
+	machineId, err := unit.AssignedMachineId()
+	c.Assert(err, jc.ErrorIsNil)
+	machine, err := s.State.Machine(machineId)
+	c.Assert(err, jc.ErrorIsNil)
+	parentId, isContainer := machine.ParentId()
+	c.Assert(isContainer, jc.IsTrue)
+	_, err = s.State.Machine(parentId)
+	c.Assert(err, jc.ErrorIsNil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/unit.go juju-core-2.0~beta12/src/github.com/juju/juju/state/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,16 +5,17 @@
 
 import (
 	"fmt"
+	"sort"
 	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
 	"github.com/juju/utils"
 	"github.com/juju/utils/set"
 	"github.com/juju/version"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -78,7 +79,7 @@
 	DocID                  string `bson:"_id"`
 	Name                   string `bson:"name"`
 	ModelUUID              string `bson:"model-uuid"`
-	Service                string
+	Application            string
 	Series                 string
 	CharmURL               *charm.URL
 	Principal              string
@@ -90,12 +91,6 @@
 	Life                   Life
 	TxnRevno               int64 `bson:"txn-revno"`
 	PasswordHash           string
-
-	// TODO(mue) No longer actively used, only in upgrades.go.
-	// To be removed later.
-	Ports          []port `bson:"ports"`
-	PublicAddress  string `bson:"publicaddress"`
-	PrivateAddress string `bson:"privateaddress"`
 }
 
 // Unit represents the state of a service unit.
@@ -112,9 +107,9 @@
 	return unit
 }
 
-// Service returns the service.
-func (u *Unit) Service() (*Service, error) {
-	return u.st.Service(u.doc.Service)
+// Application returns the application.
+func (u *Unit) Application() (*Application, error) {
+	return u.st.Application(u.doc.Application)
 }
 
 // ConfigSettings returns the complete set of service charm config settings
@@ -125,7 +120,7 @@
 	if u.doc.CharmURL == nil {
 		return nil, fmt.Errorf("unit charm not set")
 	}
-	settings, err := readSettings(u.st, serviceSettingsKey(u.doc.Service, u.doc.CharmURL))
+	settings, err := readSettings(u.st, settingsC, applicationSettingsKey(u.doc.Application, u.doc.CharmURL))
 	if err != nil {
 		return nil, err
 	}
@@ -140,9 +135,9 @@
 	return result, nil
 }
 
-// ServiceName returns the service name.
-func (u *Unit) ServiceName() string {
-	return u.doc.Service
+// ApplicationName returns the application name.
+func (u *Unit) ApplicationName() string {
+	return u.doc.Application
 }
 
 // Series returns the deployed charm's series.
@@ -165,6 +160,12 @@
 	return "u#" + name + "#charm"
 }
 
+// globalWorkloadVersionKey returns the global database key for the
+// workload version status key for this unit.
+func globalWorkloadVersionKey(name string) string {
+	return unitGlobalKey(name) + "#sat#workload-version"
+}
+
 // globalAgentKey returns the global database key for the unit.
 func (u *Unit) globalAgentKey() string {
 	return unitAgentGlobalKey(u.doc.Name)
@@ -180,11 +181,53 @@
 	return unitGlobalKey(u.doc.Name)
 }
 
+// globalWorkloadVersionKey returns the global database key for the unit's
+// workload version info.
+func (u *Unit) globalWorkloadVersionKey() string {
+	return globalWorkloadVersionKey(u.doc.Name)
+}
+
 // Life returns whether the unit is Alive, Dying or Dead.
 func (u *Unit) Life() Life {
 	return u.doc.Life
 }
 
+// WorkloadVersion returns the version of the running workload set by
+// the charm (eg, the version of postgresql that is running, as
+// opposed to the version of the postgresql charm).
+func (u *Unit) WorkloadVersion() (string, error) {
+	status, err := getStatus(u.st, u.globalWorkloadVersionKey(), "workload")
+	if errors.IsNotFound(err) {
+		return "", nil
+	} else if err != nil {
+		return "", errors.Trace(err)
+	}
+	return status.Message, nil
+}
+
+// SetWorkloadVersion sets the version of the workload that the unit
+// is currently running.
+func (u *Unit) SetWorkloadVersion(version string) error {
+	// Store in status rather than an attribute of the unit doc - we
+	// want to avoid everything being an attr of the main docs to
+	// stop a swarm of watchers being notified for irrelevant changes.
+	// TODO(babbageclunk) lp:1558657 - should use clock stored on unit
+	now := time.Now()
+	return setStatus(u.st, setStatusParams{
+		badge:     "workload",
+		globalKey: u.globalWorkloadVersionKey(),
+		status:    status.StatusActive,
+		message:   version,
+		updated:   &now,
+	})
+}
+
+// WorkloadVersionHistory returns a HistoryGetter which enables the
+// caller to request past workload version changes.
+func (u *Unit) WorkloadVersionHistory() *HistoryGetter {
+	return &HistoryGetter{st: u.st, globalKey: u.globalWorkloadVersionKey()}
+}
+
 // AgentTools returns the tools that the agent is currently running.
 // It an error that satisfies errors.IsNotFound if the tools have not
 // yet been set.
@@ -349,7 +392,7 @@
 	// lose much time and (2) by maintaining this restriction, I can reduce
 	// the number of tests that have to change and defer that improvement to
 	// its own CL.
-	minUnitsOp := minUnitsTriggerOp(u.st, u.ServiceName())
+	minUnitsOp := minUnitsTriggerOp(u.st, u.ApplicationName())
 	cleanupOp := u.st.newCleanupOp(cleanupDyingUnit, u.doc.Name)
 	setDyingOp := txn.Op{
 		C:      unitsC,
@@ -399,7 +442,7 @@
 
 // destroyHostOps returns all necessary operations to destroy the service unit's host machine,
 // or ensure that the conditions preventing its destruction remain stable through the transaction.
-func (u *Unit) destroyHostOps(s *Service) (ops []txn.Op, err error) {
+func (u *Unit) destroyHostOps(s *Application) (ops []txn.Op, err error) {
 	if s.doc.Subordinate {
 		return []txn.Op{{
 			C:      unitsC,
@@ -493,7 +536,7 @@
 // removeOps returns the operations necessary to remove the unit, assuming
 // the supplied asserts apply to the unit document.
 func (u *Unit) removeOps(asserts bson.D) ([]txn.Op, error) {
-	svc, err := u.st.Service(u.doc.Service)
+	svc, err := u.st.Application(u.doc.Application)
 	if errors.IsNotFound(err) {
 		// If the service has been removed, the unit must already have been.
 		return nil, errAlreadyRemoved
@@ -585,7 +628,7 @@
 	// EnsureDead does not require that it already be Dying, so this is the
 	// only point at which we can safely backstop lp:1233457 and mitigate
 	// the impact of unit agent bugs that leave relation scopes occupied).
-	relations, err := serviceRelations(u.st, u.doc.Service)
+	relations, err := applicationRelations(u.st, u.doc.Application)
 	if err != nil {
 		return err
 	}
@@ -662,7 +705,7 @@
 
 // relations implements RelationsJoined and RelationsInScope.
 func (u *Unit) relations(predicate relationPredicate) ([]*Relation, error) {
-	candidates, err := serviceRelations(u.st, u.doc.Service)
+	candidates, err := applicationRelations(u.st, u.doc.Application)
 	if err != nil {
 		return nil, err
 	}
@@ -772,9 +815,15 @@
 // SetAgentStatus calls SetStatus for this unit's agent, this call
 // is equivalent to the former call to SetStatus when Agent and Unit
 // where not separate entities.
-func (u *Unit) SetAgentStatus(agentStatus status.Status, info string, data map[string]interface{}) error {
+func (u *Unit) SetAgentStatus(agentStatus status.StatusInfo) error {
 	agent := newUnitAgent(u.st, u.Tag(), u.Name())
-	return agent.SetStatus(agentStatus, info, data)
+	s := status.StatusInfo{
+		Status:  agentStatus.Status,
+		Message: agentStatus.Message,
+		Data:    agentStatus.Data,
+		Since:   agentStatus.Since,
+	}
+	return agent.SetStatus(s)
 }
 
 // AgentStatus calls Status for this unit's agent, this call
@@ -786,9 +835,15 @@
 }
 
 // StatusHistory returns a slice of at most <size> StatusInfo items
+// or items as old as <date> or items newer than now - <delta> time
 // representing past statuses for this unit.
-func (u *Unit) StatusHistory(size int) ([]status.StatusInfo, error) {
-	return statusHistory(u.st, u.globalKey(), size)
+func (u *Unit) StatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	args := &statusHistoryArgs{
+		st:        u.st,
+		globalKey: u.globalKey(),
+		filter:    filter,
+	}
+	return statusHistory(args)
 }
 
 // Status returns the status of the unit.
@@ -819,16 +874,17 @@
 // This method relies on globalKey instead of globalAgentKey since it is part of
 // the effort to separate Unit from UnitAgent. Now the SetStatus for UnitAgent is in
 // the UnitAgent struct.
-func (u *Unit) SetStatus(unitStatus status.Status, info string, data map[string]interface{}) error {
-	if !status.ValidWorkloadStatus(unitStatus) {
-		return errors.Errorf("cannot set invalid status %q", unitStatus)
+func (u *Unit) SetStatus(unitStatus status.StatusInfo) error {
+	if !status.ValidWorkloadStatus(unitStatus.Status) {
+		return errors.Errorf("cannot set invalid status %q", unitStatus.Status)
 	}
 	return setStatus(u.st, setStatusParams{
 		badge:     "unit",
 		globalKey: u.globalKey(),
-		status:    unitStatus,
-		message:   info,
-		rawData:   data,
+		status:    unitStatus.Status,
+		message:   unitStatus.Message,
+		rawData:   unitStatus.Data,
+		updated:   unitStatus.Since,
 	})
 }
 
@@ -1044,7 +1100,7 @@
 		}
 
 		// Add a reference to the service settings for the new charm.
-		incOp, err := settingsIncRefOp(u.st, u.doc.Service, curl, false)
+		incOp, err := settingsIncRefOp(u.st, u.doc.Application, curl, false)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
@@ -1061,7 +1117,7 @@
 			}}
 		if u.doc.CharmURL != nil {
 			// Drop the reference to the old charm.
-			decOps, err := settingsDecRefOps(u.st, u.doc.Service, u.doc.CharmURL)
+			decOps, err := settingsDecRefOps(u.st, u.doc.Application, u.doc.CharmURL)
 			if err != nil {
 				return nil, errors.Trace(err)
 			}
@@ -1078,7 +1134,8 @@
 
 // AgentPresence returns whether the respective remote agent is alive.
 func (u *Unit) AgentPresence() (bool, error) {
-	return u.st.pwatcher.Alive(u.globalAgentKey())
+	pwatcher := u.st.workers.PresenceWatcher()
+	return pwatcher.Alive(u.globalAgentKey())
 }
 
 // Tag returns a name identifying the unit.
@@ -1098,8 +1155,9 @@
 func (u *Unit) WaitAgentPresence(timeout time.Duration) (err error) {
 	defer errors.DeferredAnnotatef(&err, "waiting for agent of unit %q", u)
 	ch := make(chan presence.Change)
-	u.st.pwatcher.Watch(u.globalAgentKey(), ch)
-	defer u.st.pwatcher.Unwatch(u.globalAgentKey(), ch)
+	pwatcher := u.st.workers.PresenceWatcher()
+	pwatcher.Watch(u.globalAgentKey(), ch)
+	defer pwatcher.Unwatch(u.globalAgentKey(), ch)
 	for i := 0; i < 2; i++ {
 		select {
 		case change := <-ch:
@@ -1109,8 +1167,8 @@
 		case <-time.After(timeout):
 			// TODO(fwereade): 2016-03-17 lp:1558657
 			return fmt.Errorf("still not alive after timeout")
-		case <-u.st.pwatcher.Dead():
-			return u.st.pwatcher.Err()
+		case <-pwatcher.Dead():
+			return pwatcher.Err()
 		}
 	}
 	panic(fmt.Sprintf("presence reported dead status twice in a row for unit %q", u))
@@ -1119,7 +1177,7 @@
 // SetAgentPresence signals that the agent for unit u is alive.
 // It returns the started pinger.
 func (u *Unit) SetAgentPresence() (*presence.Pinger, error) {
-	presenceCollection := u.st.getPresence()
+	presenceCollection := u.st.getPresenceCollection()
 	p := presence.NewPinger(presenceCollection, u.st.ModelTag(), u.globalAgentKey())
 	err := p.Start()
 	if err != nil {
@@ -1616,6 +1674,15 @@
 	return u.assignToNewMachine(template, "", containerType)
 }
 
+type byStorageInstance []StorageAttachment
+
+func (b byStorageInstance) Len() int      { return len(b) }
+func (b byStorageInstance) Swap(i, j int) { b[i], b[j] = b[j], b[i] }
+
+func (b byStorageInstance) Less(i, j int) bool {
+	return b[i].StorageInstance().String() < b[j].StorageInstance().String()
+}
+
 // machineStorageParams returns parameters for creating volumes/filesystems
 // and volume/filesystem attachments for a machine that the unit will be
 // assigned to.
@@ -1624,13 +1691,13 @@
 	if err != nil {
 		return nil, errors.Annotate(err, "getting storage attachments")
 	}
-	svc, err := u.Service()
+	svc, err := u.Application()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 	curl, _ := svc.CharmURL()
 	if curl == nil {
-		return nil, errors.Errorf("no URL set for service %q", svc.Name())
+		return nil, errors.Errorf("no URL set for application %q", svc.Name())
 	}
 	ch, err := u.st.Charm(curl)
 	if err != nil {
@@ -1641,6 +1708,9 @@
 		return nil, errors.Annotatef(err, "getting storage constraints")
 	}
 
+	// Sort storage attachments so the volume ids are consistent (for testing).
+	sort.Sort(byStorageInstance(storageAttachments))
+
 	chMeta := ch.Meta()
 
 	var volumes []MachineVolumeParams
@@ -2088,13 +2158,13 @@
 	curl, _ := u.CharmURL()
 	if curl == nil {
 		// If unit charm URL is not yet set, fall back to service
-		svc, err := u.Service()
+		svc, err := u.Application()
 		if err != nil {
 			return none, err
 		}
 		curl, _ = svc.CharmURL()
 		if curl == nil {
-			return none, errors.Errorf("no URL set for service %q", svc.Name())
+			return none, errors.Errorf("no URL set for application %q", svc.Name())
 		}
 	}
 	ch, err := u.st.Charm(curl)
@@ -2219,14 +2289,15 @@
 func (u *Unit) StorageConstraints() (map[string]StorageConstraints, error) {
 	// TODO(axw) eventually we should be able to override service
 	// storage constraints at the unit level.
-	return readStorageConstraints(u.st, serviceGlobalKey(u.doc.Service))
+	return readStorageConstraints(u.st, applicationGlobalKey(u.doc.Application))
 }
 
 type addUnitOpsArgs struct {
-	unitDoc           *unitDoc
-	agentStatusDoc    statusDoc
-	workloadStatusDoc statusDoc
-	meterStatusDoc    *meterStatusDoc
+	unitDoc            *unitDoc
+	agentStatusDoc     statusDoc
+	workloadStatusDoc  statusDoc
+	workloadVersionDoc statusDoc
+	meterStatusDoc     *meterStatusDoc
 }
 
 // addUnitOps returns the operations required to add a unit to the units
@@ -2241,6 +2312,7 @@
 	return []txn.Op{
 		createStatusOp(st, unitGlobalKey(name), args.workloadStatusDoc),
 		createStatusOp(st, agentGlobalKey, args.agentStatusDoc),
+		createStatusOp(st, globalWorkloadVersionKey(name), args.workloadVersionDoc),
 		createMeterStatusOp(st, agentGlobalKey, args.meterStatusDoc),
 		{
 			C:      unitsC,
@@ -2250,3 +2322,19 @@
 		},
 	}
 }
+
+// HistoryGetter allows getting the status history based on some identifying key.
+type HistoryGetter struct {
+	st        *State
+	globalKey string
+}
+
+// StatusHistory implements status.StatusHistoryGetter.
+func (g *HistoryGetter) StatusHistory(filter status.StatusHistoryFilter) ([]status.StatusInfo, error) {
+	args := &statusHistoryArgs{
+		st:        g.st,
+		globalKey: g.globalKey,
+		filter:    filter,
+	}
+	return statusHistory(args)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/unit_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,6 +19,7 @@
 	"github.com/juju/juju/state/testing"
 	"github.com/juju/juju/status"
 	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/worker"
 )
 
 const (
@@ -28,7 +29,7 @@
 type UnitSuite struct {
 	ConnSuite
 	charm   *state.Charm
-	service *state.Service
+	service *state.Application
 	unit    *state.Unit
 }
 
@@ -52,9 +53,9 @@
 }
 
 func (s *UnitSuite) TestService(c *gc.C) {
-	svc, err := s.unit.Service()
+	svc, err := s.unit.Application()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(svc.Name(), gc.Equals, s.unit.ServiceName())
+	c.Assert(svc.Name(), gc.Equals, s.unit.ApplicationName())
 }
 
 func (s *UnitSuite) TestConfigSettingsNeedCharmURLSet(c *gc.C) {
@@ -217,7 +218,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	_, err = s.unit.PublicAddress()
-	c.Assert(err, jc.Satisfies, network.IsNoAddress)
+	c.Assert(err, jc.Satisfies, network.IsNoAddressError)
 
 	public := network.NewScopedAddress("8.8.8.8", network.ScopePublic)
 	private := network.NewScopedAddress("127.0.0.1", network.ScopeCloudLocal)
@@ -314,7 +315,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	_, err = s.unit.PrivateAddress()
-	c.Assert(err, jc.Satisfies, network.IsNoAddress)
+	c.Assert(err, jc.Satisfies, network.IsNoAddressError)
 
 	public := network.NewScopedAddress("8.8.8.8", network.ScopePublic)
 	private := network.NewScopedAddress("127.0.0.1", network.ScopeCloudLocal)
@@ -368,7 +369,7 @@
 		_, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 			Series: "quantal",
 			Jobs:   []state.MachineJob{state.JobHostUnits},
-		}, tc.host.Id(), instance.LXC)
+		}, tc.host.Id(), instance.LXD)
 		c.Assert(err, jc.ErrorIsNil)
 		tc.target, err = s.service.AddUnit()
 		c.Assert(err, jc.ErrorIsNil)
@@ -502,7 +503,7 @@
 			machine, err := s.State.AddMachineInsideMachine(state.MachineTemplate{
 				Series: "quantal",
 				Jobs:   []state.MachineJob{state.JobHostUnits},
-			}, host.Id(), instance.LXC)
+			}, host.Id(), instance.LXD)
 			c.Assert(err, jc.ErrorIsNil)
 			assertLife(c, machine, state.Alive)
 
@@ -682,7 +683,13 @@
 
 func (s *UnitSuite) TestDestroySetStatusRetry(c *gc.C) {
 	defer state.SetRetryHooks(c, s.State, func() {
-		err := s.unit.SetAgentStatus(status.StatusIdle, "", nil)
+		now := time.Now()
+		sInfo := status.StatusInfo{
+			Status:  status.StatusIdle,
+			Message: "",
+			Since:   &now,
+		}
+		err := s.unit.SetAgentStatus(sInfo)
 		c.Assert(err, jc.ErrorIsNil)
 	}, func() {
 		assertLife(c, s.unit, state.Dying)
@@ -800,7 +807,13 @@
 		c.Logf("test %d: %s", i, test.status)
 		unit, err := s.service.AddUnit()
 		c.Assert(err, jc.ErrorIsNil)
-		err = unit.SetAgentStatus(test.status, test.info, nil)
+		now := time.Now()
+		sInfo := status.StatusInfo{
+			Status:  test.status,
+			Message: test.info,
+			Since:   &now,
+		}
+		err = unit.SetAgentStatus(sInfo)
 		c.Assert(err, jc.ErrorIsNil)
 		err = unit.Destroy()
 		c.Assert(err, jc.ErrorIsNil)
@@ -863,8 +876,9 @@
 	pinger, err := s.unit.SetAgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(pinger, gc.NotNil)
-	defer pinger.Stop()
-
+	defer func() {
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
+	}()
 	s.State.StartSync()
 	alive, err = s.unit.AgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
@@ -906,7 +920,13 @@
 	err = s.unit.Resolve(true)
 	c.Assert(err, gc.ErrorMatches, `unit "wordpress/0" is not in an error state`)
 
-	err = s.unit.SetAgentStatus(status.StatusError, "gaaah", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusError,
+		Message: "gaaah",
+		Since:   &now,
+	}
+	err = s.unit.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	err = s.unit.Resolve(false)
 	c.Assert(err, jc.ErrorIsNil)
@@ -1751,3 +1771,25 @@
 		c.Assert(action.Name(), gc.Matches, "^action-b-.")
 	}
 }
+
+func (s *UnitSuite) TestWorkloadVersion(c *gc.C) {
+	ch := state.AddTestingCharm(c, s.State, "dummy")
+	app := state.AddTestingService(c, s.State, "alexandrite", ch)
+	unit, err := app.AddUnit()
+	c.Assert(err, jc.ErrorIsNil)
+
+	version, err := unit.WorkloadVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Check(version, gc.Equals, "")
+
+	unit.SetWorkloadVersion("3.combined")
+	version, err = unit.WorkloadVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Check(version, gc.Equals, "3.combined")
+
+	regotUnit, err := s.State.Unit("alexandrite/0")
+	c.Assert(err, jc.ErrorIsNil)
+	version, err = regotUnit.WorkloadVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Check(version, gc.Equals, "3.combined")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/upgrades.go juju-core-2.0~beta12/src/github.com/juju/juju/state/upgrades.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/upgrades.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/upgrades.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"github.com/juju/errors"
 	"github.com/juju/juju/status"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
 )
@@ -86,6 +86,7 @@
 			if err != nil {
 				return errors.Annotate(err, "deciding filesystem status")
 			}
+			// TODO(perrito666) 2016-05-02 lp:1558657
 			ops = append(ops, createStatusOp(st, filesystem.globalKey(), statusDoc{
 				Status:  status,
 				Updated: time.Now().UnixNano(),
@@ -214,28 +215,28 @@
 }
 
 func addDefaultBindingsToServices(st *State) error {
-	services, err := st.AllServices()
+	applications, err := st.AllApplications()
 	if err != nil {
 		return errors.Trace(err)
 	}
 
-	upgradesLogger.Debugf("adding default endpoint bindings to services (where missing)")
-	ops := make([]txn.Op, 0, len(services))
-	for _, service := range services {
-		ch, _, err := service.Charm()
+	upgradesLogger.Debugf("adding default endpoint bindings to applications (where missing)")
+	ops := make([]txn.Op, 0, len(applications))
+	for _, application := range applications {
+		ch, _, err := application.Charm()
 		if err != nil {
-			return errors.Annotatef(err, "cannot get charm for service %q", service.Name())
+			return errors.Annotatef(err, "cannot get charm for application %q", application.Name())
 		}
-		if _, err := service.EndpointBindings(); err == nil {
-			upgradesLogger.Debugf("service %q already has bindings (skipping)", service.Name())
+		if _, err := application.EndpointBindings(); err == nil {
+			upgradesLogger.Debugf("application %q already has bindings (skipping)", application.Name())
 			continue
 		} else if !errors.IsNotFound(err) {
-			return errors.Annotatef(err, "checking service %q for existing bindings", service.Name())
+			return errors.Annotatef(err, "checking application %q for existing bindings", application.Name())
 		}
 		// Passing nil for the bindings map will use the defaults.
-		createOp, err := createEndpointBindingsOp(st, service.globalKey(), nil, ch.Meta())
+		createOp, err := createEndpointBindingsOp(st, application.globalKey(), nil, ch.Meta())
 		if err != nil {
-			return errors.Annotatef(err, "setting default endpoint bindings for service %q", service.Name())
+			return errors.Annotatef(err, "setting default endpoint bindings for application %q", application.Name())
 		}
 		ops = append(ops, createOp)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/upgrades_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/upgrades_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/upgrades_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/upgrades_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,8 @@
 package state
 
 import (
+	"time"
+
 	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
@@ -79,14 +81,14 @@
 	if publicAddress != "" {
 		c.Assert(err, jc.ErrorIsNil)
 	} else {
-		c.Assert(err, jc.Satisfies, network.IsNoAddress)
+		c.Assert(err, jc.Satisfies, network.IsNoAddressError)
 	}
 	c.Assert(addr.Value, gc.Equals, publicAddress)
 	privAddr, err := machine.PrivateAddress()
 	if privateAddress != "" {
 		c.Assert(err, jc.ErrorIsNil)
 	} else {
-		c.Assert(err, jc.Satisfies, network.IsNoAddress)
+		c.Assert(err, jc.Satisfies, network.IsNoAddressError)
 	}
 	c.Assert(privAddr.Value, gc.Equals, privateAddress)
 }
@@ -271,7 +273,13 @@
 	_, _, filesystem, cleanup := setupMachineBoundStorageTests(c, s.state)
 	defer cleanup()
 
-	err := filesystem.SetStatus(status.StatusDestroying, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusDestroying,
+		Message: "",
+		Since:   &now,
+	}
+	err := filesystem.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	s.assertAddFilesystemStatus(c, filesystem, status.StatusDestroying)
 }
@@ -447,7 +455,7 @@
 	}
 }
 
-func (s *upgradesSuite) setupAddDefaultEndpointBindingsToServices(c *gc.C) []*Service {
+func (s *upgradesSuite) setupAddDefaultEndpointBindingsToServices(c *gc.C) []*Application {
 	// Add an owner user.
 	stateOwner, err := s.state.AddUser("bob", "notused", "notused", "bob")
 	c.Assert(err, jc.ErrorIsNil)
@@ -481,15 +489,15 @@
 	msBindings := map[string]string{
 		"server": "db",
 	}
-	services := []*Service{
-		AddTestingService(c, s.state, "wp-no-bindings", charms[0], ownerTag),
-		AddTestingService(c, s.state, "ms-no-bindings", charms[1], ownerTag),
+	services := []*Application{
+		AddTestingService(c, s.state, "wp-no-bindings", charms[0]),
+		AddTestingService(c, s.state, "ms-no-bindings", charms[1]),
 
-		AddTestingService(c, s.state, "wp-default-bindings", charms[0], ownerTag),
-		AddTestingService(c, s.state, "ms-default-bindings", charms[1], ownerTag),
+		AddTestingService(c, s.state, "wp-default-bindings", charms[0]),
+		AddTestingService(c, s.state, "ms-default-bindings", charms[1]),
 
-		AddTestingServiceWithBindings(c, s.state, "wp-given-bindings", charms[0], ownerTag, wpBindings),
-		AddTestingServiceWithBindings(c, s.state, "ms-given-bindings", charms[1], ownerTag, msBindings),
+		AddTestingServiceWithBindings(c, s.state, "wp-given-bindings", charms[0], wpBindings),
+		AddTestingServiceWithBindings(c, s.state, "ms-given-bindings", charms[1], msBindings),
 	}
 
 	// Drop the added endpoint bindings doc directly for the first two services.
@@ -503,15 +511,15 @@
 	return services
 }
 
-func (s *upgradesSuite) getServicesBindings(c *gc.C, services []*Service) map[string]map[string]string {
+func (s *upgradesSuite) getServicesBindings(c *gc.C, services []*Application) map[string]map[string]string {
 	currentBindings := make(map[string]map[string]string, len(services))
 	for i := range services {
-		serviceName := services[i].Name()
+		applicationname := services[i].Name()
 		serviceBindings, err := services[i].EndpointBindings()
 		if err != nil {
-			c.Fatalf("unexpected error getting service %q bindings: %v", serviceName, err)
+			c.Fatalf("unexpected error getting service %q bindings: %v", applicationname, err)
 		}
-		currentBindings[serviceName] = serviceBindings
+		currentBindings[applicationname] = serviceBindings
 	}
 	return currentBindings
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/upgrade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/upgrade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/upgrade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/upgrade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,12 +11,12 @@
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/state"
 	statetesting "github.com/juju/juju/state/testing"
+	"github.com/juju/juju/worker"
 )
 
 type UpgradeSuite struct {
@@ -62,8 +62,7 @@
 	pinger, err := controller.SetAgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
 	s.AddCleanup(func(c *gc.C) {
-		err := pinger.Stop()
-		c.Check(err, jc.ErrorIsNil)
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
 	})
 	s.serverIdA = controller.Id()
 	s.provision(c, s.serverIdA)
@@ -400,61 +399,6 @@
 	assertReady(false)
 
 	info, err = s.State.EnsureUpgradeInfo(serverIdC, v111, v123)
-	c.Assert(err, jc.ErrorIsNil)
-	assertReady(true)
-}
-
-func (s *UpgradeSuite) TestAllProvisionedControllersReadyWithPreModelUUIDSchema(c *gc.C) {
-	serverIdB, serverIdC := s.addControllers(c)
-
-	machines, closer := state.GetRawCollection(s.State, state.MachinesC)
-	defer closer()
-	instanceData, closer := state.GetRawCollection(s.State, state.InstanceDataC)
-	defer closer()
-
-	// Add minimal machine and instanceData docs for the controllers
-	// that look how these documents did before the model UUID
-	// migration.
-	_, err := instanceData.RemoveAll(nil)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = machines.RemoveAll(nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	addLegacyMachine := func(machineId string) {
-		err := machines.Insert(bson.M{"_id": machineId})
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	addLegacyMachine(s.serverIdA)
-	addLegacyMachine(serverIdB)
-	addLegacyMachine(serverIdC)
-
-	legacyProvision := func(machineId string) {
-		err := instanceData.Insert(bson.M{"_id": machineId})
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	legacyProvision(s.serverIdA)
-	legacyProvision(serverIdB)
-
-	v111 := vers("1.1.1")
-	v123 := vers("1.2.3")
-	info, err := s.State.EnsureUpgradeInfo(s.serverIdA, v111, v123)
-	c.Assert(err, jc.ErrorIsNil)
-
-	assertReady := func(expect bool) {
-		ok, err := info.AllProvisionedControllersReady()
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(ok, gc.Equals, expect)
-	}
-	assertReady(false)
-
-	info, err = s.State.EnsureUpgradeInfo(serverIdB, v111, v123)
-	c.Assert(err, jc.ErrorIsNil)
-	assertReady(true)
-
-	legacyProvision(serverIdC)
-	assertReady(false)
-
-	info, err = s.State.EnsureUpgradeInfo(serverIdC, v111, v123)
 	c.Assert(err, jc.ErrorIsNil)
 	assertReady(true)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/user.go juju-core-2.0~beta12/src/github.com/juju/juju/state/user.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/user.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/user.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,8 +16,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -240,11 +240,6 @@
 // UserTag returns the Tag for the User.
 func (u *User) UserTag() names.UserTag {
 	name := u.doc.Name
-	if name == "" {
-		// TODO(waigani) This is a hack for upgrades to 1.23. Once we are no
-		// longer tied to 1.23, we can confidently always use u.doc.Name.
-		name = u.doc.DocID
-	}
 	return names.NewLocalUserTag(name)
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/user_internal_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/user_internal_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/user_internal_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/user_internal_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,8 +4,8 @@
 package state
 
 import (
-	"github.com/juju/names"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 )
 
 type internalUserSuite struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/userpermission.go juju-core-2.0~beta12/src/github.com/juju/juju/state/userpermission.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/userpermission.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/userpermission.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,138 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	"fmt"
+
+	"github.com/juju/errors"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/mgo.v2/txn"
+)
+
+// permission represents the permission a user has
+// on a given scope.
+type permission struct {
+	doc permissionDoc
+}
+
+type permissionDoc struct {
+	ID string `bson:"_id"`
+	// ObjectGlobalKey holds the id for the object of the permission.
+	// ie. a model globalKey or a controller globalKey.
+	ObjectGlobalKey string `bson:"object-global-key"`
+	// SubjectGlobalKey holds the id for the user/group that is given permission.
+	SubjectGlobalKey string `bson:"subject-global-key"`
+	// Access is the permission level.
+	Access Access `bson:"access"`
+}
+
+// userPermission returns a Permission for the given Subject and User.
+func (st *State) userPermission(objectKey, subjectKey string) (*permission, error) {
+	userPermission := &permission{}
+	permissions, closer := st.getCollection(permissionsC)
+	defer closer()
+
+	err := permissions.FindId(permissionID(objectKey, subjectKey)).One(&userPermission.doc)
+	if err == mgo.ErrNotFound {
+		return nil, errors.NotFoundf("user permissions for user %q", subjectKey)
+	}
+	return userPermission, nil
+
+}
+
+// isReadOnly returns whether or not the user has write access or only
+// read access to the model.
+func (p *permission) isReadOnly() bool {
+	return p.doc.Access == UndefinedAccess || p.doc.Access == ReadAccess
+}
+
+// isAdmin is a convenience method that
+// returns whether or not the user has AdminAccess.
+func (p *permission) isAdmin() bool {
+	return p.doc.Access == AdminAccess
+}
+
+// isReadWrite is a convenience method that
+// returns whether or not the user has WriteAccess.
+func (p *permission) isReadWrite() bool {
+	return p.doc.Access == WriteAccess
+}
+
+func (p *permission) access() Access {
+	return p.doc.Access
+}
+
+func (p *permission) isGreaterAccess(a Access) bool {
+	switch p.doc.Access {
+	case UndefinedAccess:
+		return a == ReadAccess || a == WriteAccess || a == AdminAccess
+	case ReadAccess:
+		return a == WriteAccess || a == AdminAccess
+	case WriteAccess:
+		return a == AdminAccess
+	}
+	return false
+}
+
+func permissionID(objectKey, subjectKey string) string {
+	// example: e#mo#jim
+	// e: model global key (its always e).
+	// mo: model user key prefix.
+	// jim: an arbitrary username.
+	return fmt.Sprintf("%s#%s", objectKey, subjectKey)
+}
+
+func updatePermissionOp(objectGlobalKey, subjectGlobalKey string, access Access) txn.Op {
+	return txn.Op{
+		C:      permissionsC,
+		Id:     permissionID(objectGlobalKey, subjectGlobalKey),
+		Assert: txn.DocExists,
+		Update: bson.D{{"$set", bson.D{{"access", access}}}},
+	}
+}
+
+func removePermissionOp(objectGlobalKey, subjectGlobalKey string) txn.Op {
+	return txn.Op{
+		C:      permissionsC,
+		Id:     permissionID(objectGlobalKey, subjectGlobalKey),
+		Assert: txn.DocExists,
+		Remove: true,
+	}
+
+}
+func createPermissionOp(objectGlobalKey, subjectGlobalKey string, access Access) txn.Op {
+	doc := &permissionDoc{
+		ID:               permissionID(objectGlobalKey, subjectGlobalKey),
+		SubjectGlobalKey: subjectGlobalKey,
+		ObjectGlobalKey:  objectGlobalKey,
+		Access:           access,
+	}
+	return txn.Op{
+		C:      permissionsC,
+		Id:     permissionID(objectGlobalKey, subjectGlobalKey),
+		Assert: txn.DocMissing,
+		Insert: doc,
+	}
+}
+
+// Access represents the level of access granted to a user on a model.
+type Access string
+
+const (
+	// UndefinedAccess is not a valid access type. It is the value
+	// unmarshaled when access is not defined by the document at all.
+	UndefinedAccess Access = ""
+
+	// ReadAccess allows a user to read information about a model, without
+	// being able to make any changes.
+	ReadAccess Access = "read"
+
+	// WriteAccess allows a user to make changes to a model.
+	WriteAccess Access = "write"
+
+	// AdminAccess allows a user full control over the model.
+	AdminAccess Access = "admin"
+)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/user_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/user_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/user_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/user_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing/factory"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/charm.go juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/charm.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/charm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/charm.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,20 +10,15 @@
 	"github.com/juju/juju/state"
 )
 
-// CharmMetadata returns the charm metadata for the identified service.
-func CharmMetadata(st *state.State, serviceID string) (*charm.Meta, error) {
-	return charmMetadata(NewCharmState(st), serviceID)
-}
-
-func charmMetadata(st CharmState, serviceID string) (*charm.Meta, error) {
-	service, err := st.Service(serviceID)
+func charmMetadata(st CharmState, applicationID string) (*charm.Meta, error) {
+	application, err := st.Service(applicationID)
 	if err != nil {
-		return nil, errors.Annotatef(err, "while looking up service %q", serviceID)
+		return nil, errors.Annotatef(err, "while looking up application %q", applicationID)
 	}
 
-	ch, err := service.Charm()
+	ch, err := application.Charm()
 	if err != nil {
-		return nil, errors.Annotatef(err, "while looking up charm info for service %q", serviceID)
+		return nil, errors.Annotatef(err, "while looking up charm info for application %q", applicationID)
 	}
 
 	meta := ch.Meta()
@@ -57,7 +52,7 @@
 
 // Service implements CharmState.
 func (st charmState) Service(id string) (CharmService, error) {
-	raw, err := st.raw.Service(id)
+	raw, err := st.raw.Application(id)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -65,7 +60,7 @@
 }
 
 type charmService struct {
-	raw *state.Service
+	raw *state.Application
 }
 
 // Charm implements CharmService.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/charm_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/charm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/charm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/charm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,12 +36,12 @@
 	}
 	st.ReturnMeta = expected
 
-	meta, err := utils.TestingCharmMetadata(st, "a-service")
+	meta, err := utils.TestingCharmMetadata(st, "a-application")
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(meta, jc.DeepEquals, expected)
 	s.stub.CheckCallNames(c, "Service", "Charm", "Meta")
-	s.stub.CheckCall(c, 0, "Service", "a-service")
+	s.stub.CheckCall(c, 0, "Service", "a-application")
 }
 
 type stubCharmState struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/environ.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,22 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package utils
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/state"
-)
-
-// GetEnviron returns the environs.Environ ("provider") associated
-// with the model.
-func GetEnviron(st *state.State) (environs.Environ, error) {
-	envcfg, err := st.ModelConfig()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	env, err := environs.New(envcfg)
-	return env, errors.Trace(err)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/environ_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,28 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package utils_test
-
-import (
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/state/utils"
-)
-
-type environSuite struct {
-	testing.JujuConnSuite
-}
-
-var _ = gc.Suite(&environSuite{})
-
-func (s *environSuite) TestGetEnvironment(c *gc.C) {
-	env, err := utils.GetEnviron(s.State)
-	c.Assert(err, jc.ErrorIsNil)
-	config, err := s.State.ModelConfig()
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Check(env.Config(), jc.DeepEquals, config)
-	c.Check(env, gc.Not(gc.Equals), s.Environ)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package utils
 
 var (
-	PatchedGetEnvironment = &getEnviron
+	PatchedNewEnvironment = &newEnviron
 
 	TestingCharmMetadata = charmMetadata
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,18 +6,19 @@
 import (
 	"github.com/juju/errors"
 
+	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/provider/common"
 	"github.com/juju/juju/state"
 )
 
-var getEnviron = GetEnviron
+var newEnviron = environs.New
 
 // AvailabilityZone returns the availability zone associated with
 // an instance ID.
 func AvailabilityZone(st *state.State, instID instance.Id) (string, error) {
 	// Get the provider.
-	env, err := getEnviron(st)
+	env, err := environs.GetEnviron(st, newEnviron)
 	if err != nil {
 		return "", errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/instance_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/instance_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/utils/instance_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/utils/instance_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/environs"
+	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/state"
 	"github.com/juju/juju/state/utils"
 )
 
@@ -23,7 +23,7 @@
 func (s *instanceSuite) TestAvailabilityZone(c *gc.C) {
 	env := fakeZonedEnv{Environ: s.Environ}
 	env.instZones = []string{"a_zone"}
-	s.PatchValue(utils.PatchedGetEnvironment, func(st *state.State) (environs.Environ, error) {
+	s.PatchValue(utils.PatchedNewEnvironment, func(config *config.Config) (environs.Environ, error) {
 		return &env, nil
 	})
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/volume.go juju-core-2.0~beta12/src/github.com/juju/juju/state/volume.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/volume.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/volume.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutxn "github.com/juju/txn"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/mgo.v2/txn"
@@ -242,8 +242,8 @@
 }
 
 // SetStatus is required to implement StatusSetter.
-func (v *volume) SetStatus(volumeStatus status.Status, info string, data map[string]interface{}) error {
-	return v.st.SetVolumeStatus(v.VolumeTag(), volumeStatus, info, data)
+func (v *volume) SetStatus(volumeStatus status.StatusInfo) error {
+	return v.st.SetVolumeStatus(v.VolumeTag(), volumeStatus.Status, volumeStatus.Message, volumeStatus.Data, volumeStatus.Since)
 }
 
 // Volume is required to implement VolumeAttachment.
@@ -1033,7 +1033,7 @@
 }
 
 // SetVolumeStatus sets the status of the specified volume.
-func (st *State) SetVolumeStatus(tag names.VolumeTag, volumeStatus status.Status, info string, data map[string]interface{}) error {
+func (st *State) SetVolumeStatus(tag names.VolumeTag, volumeStatus status.Status, info string, data map[string]interface{}, updated *time.Time) error {
 	switch volumeStatus {
 	case status.StatusAttaching, status.StatusAttached, status.StatusDetaching, status.StatusDetached, status.StatusDestroying:
 	case status.StatusError:
@@ -1061,5 +1061,6 @@
 		status:    volumeStatus,
 		message:   info,
 		rawData:   data,
+		updated:   updated,
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/volume_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/volume_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/volume_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/volume_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
@@ -83,7 +83,7 @@
 	storage := map[string]state.StorageConstraints{
 		"data": makeStorageCons("invalid-pool", 1024, 1),
 	}
-	_, err := s.State.AddService(state.AddServiceArgs{Name: "storage-block", Owner: s.Owner.String(), Charm: ch, Storage: storage})
+	_, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block", Charm: ch, Storage: storage})
 	c.Assert(err, gc.ErrorMatches, `.* pool "invalid-pool" not found`)
 }
 
@@ -92,7 +92,7 @@
 	storage := map[string]state.StorageConstraints{
 		"data": makeStorageCons("", 1024, 1),
 	}
-	service, err := s.State.AddService(state.AddServiceArgs{Name: "storage-block", Owner: s.Owner.String(), Charm: ch, Storage: storage})
+	service, err := s.State.AddApplication(state.AddApplicationArgs{Name: "storage-block", Charm: ch, Storage: storage})
 	c.Assert(err, jc.ErrorIsNil)
 	cons, err := service.StorageConstraints()
 	c.Assert(err, jc.ErrorIsNil)
@@ -434,7 +434,7 @@
 	}
 	assertValid("0:0", names.NewMachineTag("0"), names.NewVolumeTag("0"))
 	assertValid("0:0/1", names.NewMachineTag("0"), names.NewVolumeTag("0/1"))
-	assertValid("0/lxc/0:1", names.NewMachineTag("0/lxc/0"), names.NewVolumeTag("1"))
+	assertValid("0/lxd/0:1", names.NewMachineTag("0/lxd/0"), names.NewVolumeTag("1"))
 }
 
 func (s *VolumeStateSuite) TestParseVolumeAttachmentIdError(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/watcher/watcher.go juju-core-2.0~beta12/src/github.com/juju/juju/state/watcher/watcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/watcher/watcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/watcher/watcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,6 +11,7 @@
 	"time"
 
 	"github.com/juju/errors"
+	"github.com/juju/juju/worker"
 	"github.com/juju/loggo"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
@@ -126,10 +127,19 @@
 	return w
 }
 
+// Kill is part of the worker.Worker interface.
+func (w *Watcher) Kill() {
+	w.tomb.Kill(nil)
+}
+
+// Wait is part of the worker.Worker interface.
+func (w *Watcher) Wait() error {
+	return w.tomb.Wait()
+}
+
 // Stop stops all the watcher activities.
 func (w *Watcher) Stop() error {
-	w.tomb.Kill(nil)
-	return errors.Trace(w.tomb.Wait())
+	return worker.Stop(w)
 }
 
 // Dead returns a channel that is closed when the watcher has stopped.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/watcher.go juju-core-2.0~beta12/src/github.com/juju/juju/state/watcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/watcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/watcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,16 +12,16 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 	"launchpad.net/tomb"
 
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/mongo"
 	"github.com/juju/juju/state/watcher"
+	"github.com/juju/juju/state/workers"
 
 	// TODO(fwereade): 2015-11-18 lp:1517428
 	//
@@ -83,10 +83,23 @@
 	Changes() <-chan params.RelationUnitsChange
 }
 
+// newCommonWatcher exists so that all embedders have a place from which
+// to get a single TxnLogWatcher that will not be replaced in the lifetime
+// of the embedder (and also to restrict the width of the interface by
+// which they can access the rest of State, by storing st as a
+// modelBackend).
+func newCommonWatcher(st *State) commonWatcher {
+	return commonWatcher{
+		st:      st,
+		watcher: st.workers.TxnLogWatcher(),
+	}
+}
+
 // commonWatcher is part of all client watchers.
 type commonWatcher struct {
-	st   *State
-	tomb tomb.Tomb
+	st      modelBackend
+	watcher workers.TxnLogWatcher
+	tomb    tomb.Tomb
 }
 
 // Stop stops the watcher, and returns any error encountered while running
@@ -189,12 +202,6 @@
 	return newLifecycleWatcher(st, modelsC, nil, nil, nil)
 }
 
-// WatchIPAddresses returns a StringsWatcher that notifies of changes to the
-// lifecycles of IP addresses.
-func (st *State) WatchIPAddresses() StringsWatcher {
-	return newLifecycleWatcher(st, legacyipaddressesC, nil, nil, nil)
-}
-
 // WatchModelVolumes returns a StringsWatcher that notifies of changes to
 // the lifecycles of all model-scoped volumes.
 func (st *State) WatchModelVolumes() StringsWatcher {
@@ -308,7 +315,7 @@
 // WatchServices returns a StringsWatcher that notifies of changes to
 // the lifecycles of the services in the model.
 func (st *State) WatchServices() StringsWatcher {
-	return newLifecycleWatcher(st, servicesC, nil, st.isForStateEnv, nil)
+	return newLifecycleWatcher(st, applicationsC, nil, isLocalID(st), nil)
 }
 
 // WatchStorageAttachments returns a StringsWatcher that notifies of
@@ -333,8 +340,8 @@
 
 // WatchUnits returns a StringsWatcher that notifies of changes to the
 // lifecycles of units of s.
-func (s *Service) WatchUnits() StringsWatcher {
-	members := bson.D{{"service", s.doc.Name}}
+func (s *Application) WatchUnits() StringsWatcher {
+	members := bson.D{{"application", s.doc.Name}}
 	prefix := s.doc.Name + "/"
 	filter := func(unitDocID interface{}) bool {
 		unitName, err := s.st.strictLocalID(unitDocID.(string))
@@ -348,7 +355,7 @@
 
 // WatchRelations returns a StringsWatcher that notifies of changes to the
 // lifecycles of relations involving s.
-func (s *Service) WatchRelations() StringsWatcher {
+func (s *Application) WatchRelations() StringsWatcher {
 	prefix := s.doc.Name + ":"
 	infix := " " + prefix
 	filter := func(id interface{}) bool {
@@ -360,7 +367,7 @@
 		return out
 	}
 
-	members := bson.D{{"endpoints.servicename", s.doc.Name}}
+	members := bson.D{{"endpoints.applicationname", s.doc.Name}}
 	return newLifecycleWatcher(s.st, relationsC, members, filter, nil)
 }
 
@@ -417,7 +424,7 @@
 	transform func(id string) string,
 ) StringsWatcher {
 	w := &lifecycleWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		coll:          collFactory(st, collName),
 		collName:      collName,
 		members:       members,
@@ -533,8 +540,8 @@
 
 func (w *lifecycleWatcher) loop() error {
 	in := make(chan watcher.Change)
-	w.st.watcher.WatchCollectionWithFilter(w.collName, in, w.filter)
-	defer w.st.watcher.UnwatchCollection(w.collName, in)
+	w.watcher.WatchCollectionWithFilter(w.collName, in, w.filter)
+	defer w.watcher.UnwatchCollection(w.collName, in)
 	ids, err := w.initial()
 	if err != nil {
 		return err
@@ -550,8 +557,8 @@
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case ch := <-in:
 			updates, ok := collect(ch, in, w.tomb.Dying())
 			if !ok {
@@ -572,7 +579,7 @@
 
 // minUnitsWatcher notifies about MinUnits changes of the services requiring
 // a minimum number of units to be alive. The first event returned by the
-// watcher is the set of service names requiring a minimum number of units.
+// watcher is the set of application names requiring a minimum number of units.
 // Subsequent events are generated when a service increases MinUnits, or when
 // one or more units belonging to a service are destroyed.
 type minUnitsWatcher struct {
@@ -585,7 +592,7 @@
 
 func newMinUnitsWatcher(st *State) StringsWatcher {
 	w := &minUnitsWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		known:         make(map[string]int),
 		out:           make(chan []string),
 	}
@@ -603,24 +610,24 @@
 }
 
 func (w *minUnitsWatcher) initial() (set.Strings, error) {
-	serviceNames := make(set.Strings)
+	applicationnames := make(set.Strings)
 	var doc minUnitsDoc
 	newMinUnits, closer := w.st.getCollection(minUnitsC)
 	defer closer()
 
 	iter := newMinUnits.Find(nil).Iter()
 	for iter.Next(&doc) {
-		w.known[doc.ServiceName] = doc.Revno
-		serviceNames.Add(doc.ServiceName)
+		w.known[doc.ApplicationName] = doc.Revno
+		applicationnames.Add(doc.ApplicationName)
 	}
-	return serviceNames, iter.Close()
+	return applicationnames, iter.Close()
 }
 
-func (w *minUnitsWatcher) merge(serviceNames set.Strings, change watcher.Change) error {
-	serviceName := w.st.localID(change.Id.(string))
+func (w *minUnitsWatcher) merge(applicationnames set.Strings, change watcher.Change) error {
+	applicationname := w.st.localID(change.Id.(string))
 	if change.Revno == -1 {
-		delete(w.known, serviceName)
-		serviceNames.Remove(serviceName)
+		delete(w.known, applicationname)
+		applicationnames.Remove(applicationname)
 		return nil
 	}
 	doc := minUnitsDoc{}
@@ -629,19 +636,19 @@
 	if err := newMinUnits.FindId(change.Id).One(&doc); err != nil {
 		return err
 	}
-	revno, known := w.known[serviceName]
-	w.known[serviceName] = doc.Revno
+	revno, known := w.known[applicationname]
+	w.known[applicationname] = doc.Revno
 	if !known || doc.Revno > revno {
-		serviceNames.Add(serviceName)
+		applicationnames.Add(applicationname)
 	}
 	return nil
 }
 
 func (w *minUnitsWatcher) loop() (err error) {
 	ch := make(chan watcher.Change)
-	w.st.watcher.WatchCollectionWithFilter(minUnitsC, ch, w.st.isForStateEnv)
-	defer w.st.watcher.UnwatchCollection(minUnitsC, ch)
-	serviceNames, err := w.initial()
+	w.watcher.WatchCollectionWithFilter(minUnitsC, ch, isLocalID(w.st))
+	defer w.watcher.UnwatchCollection(minUnitsC, ch)
+	applicationnames, err := w.initial()
 	if err != nil {
 		return err
 	}
@@ -650,18 +657,18 @@
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case change := <-ch:
-			if err = w.merge(serviceNames, change); err != nil {
+			if err = w.merge(applicationnames, change); err != nil {
 				return err
 			}
-			if !serviceNames.IsEmpty() {
+			if !applicationnames.IsEmpty() {
 				out = w.out
 			}
-		case out <- serviceNames.Values():
+		case out <- applicationnames.Values():
 			out = nil
-			serviceNames = set.NewStrings()
+			applicationnames = set.NewStrings()
 		}
 	}
 }
@@ -670,11 +677,6 @@
 	return w.out
 }
 
-func (st *State) isForStateEnv(id interface{}) bool {
-	_, err := st.strictLocalID(id.(string))
-	return err == nil
-}
-
 // scopeInfo holds a RelationScopeWatcher's last-delivered state, and any
 // known but undelivered changes thereto.
 type scopeInfo struct {
@@ -745,7 +747,7 @@
 
 func newRelationScopeWatcher(st *State, scope, ignore string) *RelationScopeWatcher {
 	w := &RelationScopeWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		prefix:        scope + "#",
 		ignore:        ignore,
 		out:           make(chan *RelationScopeChange),
@@ -837,8 +839,8 @@
 	filter := func(id interface{}) bool {
 		return strings.HasPrefix(id.(string), fullPrefix)
 	}
-	w.st.watcher.WatchCollectionWithFilter(relationScopesC, in, filter)
-	defer w.st.watcher.UnwatchCollection(relationScopesC, in)
+	w.watcher.WatchCollectionWithFilter(relationScopesC, in, filter)
+	defer w.watcher.UnwatchCollection(relationScopesC, in)
 	info, err := w.initialInfo()
 	if err != nil {
 		return err
@@ -847,8 +849,8 @@
 	out := w.out
 	for {
 		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
 		case ch := <-in:
@@ -891,7 +893,7 @@
 
 func newRelationUnitsWatcher(ru *RelationUnit) RelationUnitsWatcher {
 	w := &relationUnitsWatcher{
-		commonWatcher: commonWatcher{st: ru.st},
+		commonWatcher: newCommonWatcher(ru.st),
 		sw:            ru.WatchScope(),
 		watching:      make(set.Strings),
 		updates:       make(chan watcher.Change),
@@ -933,7 +935,7 @@
 		TxnRevno int64 `bson:"txn-revno"`
 		Version  int64 `bson:"version"`
 	}
-	if err := readSettingsDocInto(w.st, key, &doc); err != nil {
+	if err := readSettingsDocInto(w.st, settingsC, key, &doc); err != nil {
 		return -1, err
 	}
 	setRelationUnitChangeVersion(changes, key, doc.Version)
@@ -952,7 +954,7 @@
 			return err
 		}
 		changes.Departed = remove(changes.Departed, name)
-		w.st.watcher.Watch(settingsC, docID, revno, w.updates)
+		w.watcher.Watch(settingsC, docID, revno, w.updates)
 		w.watching.Add(docID)
 	}
 	for _, name := range c.Left {
@@ -962,7 +964,7 @@
 		if changes.Changed != nil {
 			delete(changes.Changed, name)
 		}
-		w.st.watcher.Unwatch(settingsC, docID, w.updates)
+		w.watcher.Unwatch(settingsC, docID, w.updates)
 		w.watching.Remove(docID)
 	}
 	return nil
@@ -982,7 +984,7 @@
 func (w *relationUnitsWatcher) finish() {
 	watcher.Stop(w.sw, &w.tomb)
 	for _, watchedValue := range w.watching.Values() {
-		w.st.watcher.Unwatch(settingsC, watchedValue, w.updates)
+		w.watcher.Unwatch(settingsC, watchedValue, w.updates)
 	}
 	close(w.updates)
 	close(w.out)
@@ -997,8 +999,8 @@
 	)
 	for {
 		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
 		case c, ok := <-w.sw.Changes():
@@ -1075,7 +1077,7 @@
 
 func newUnitsWatcher(st *State, tag names.Tag, getUnits func() ([]string, error), coll, id string) StringsWatcher {
 	w := &unitsWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		tag:           tag.String(),
 		getUnits:      getUnits,
 		life:          map[string]Life{},
@@ -1133,7 +1135,7 @@
 		changes = append(changes, unitName)
 		if doc.Life != Dead {
 			w.life[unitName] = doc.Life
-			w.st.watcher.Watch(unitsC, doc.Id, doc.TxnRevno, w.in)
+			w.watcher.Watch(unitsC, doc.Id, doc.TxnRevno, w.in)
 		}
 	}
 	return changes, nil
@@ -1162,7 +1164,7 @@
 			changes = append(changes, name)
 		}
 		delete(w.life, name)
-		w.st.watcher.Unwatch(unitsC, w.st.docID(name), w.in)
+		w.watcher.Unwatch(unitsC, w.st.docID(name), w.in)
 	}
 	return changes, nil
 }
@@ -1188,9 +1190,9 @@
 	switch {
 	case known && gone:
 		delete(w.life, name)
-		w.st.watcher.Unwatch(unitsC, unitDocID, w.in)
+		w.watcher.Unwatch(unitsC, unitDocID, w.in)
 	case !known && !gone:
-		w.st.watcher.Watch(unitsC, unitDocID, doc.TxnRevno, w.in)
+		w.watcher.Watch(unitsC, unitDocID, doc.TxnRevno, w.in)
 		w.life[name] = doc.Life
 	case known && life != doc.Life:
 		w.life[name] = doc.Life
@@ -1211,11 +1213,11 @@
 		return err
 	}
 
-	w.st.watcher.Watch(coll, id, revno, w.in)
+	w.watcher.Watch(coll, id, revno, w.in)
 	defer func() {
-		w.st.watcher.Unwatch(coll, id, w.in)
+		w.watcher.Unwatch(coll, id, w.in)
 		for name := range w.life {
-			w.st.watcher.Unwatch(unitsC, w.st.docID(name), w.in)
+			w.watcher.Unwatch(unitsC, w.st.docID(name), w.in)
 		}
 	}()
 	changes, err := w.initial()
@@ -1226,8 +1228,8 @@
 	out := w.out
 	for {
 		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
 		case c := <-w.in:
@@ -1250,147 +1252,6 @@
 	}
 }
 
-// ModelConfigWatcher observes changes to the
-// model configuration.
-type ModelConfigWatcher struct {
-	commonWatcher
-	out chan *config.Config
-}
-
-var _ Watcher = (*ModelConfigWatcher)(nil)
-
-// WatchModelConfig returns a watcher for observing changes
-// to the model configuration.
-func (st *State) WatchModelConfig() *ModelConfigWatcher {
-	return newModelConfigWatcher(st)
-}
-
-func newModelConfigWatcher(s *State) *ModelConfigWatcher {
-	w := &ModelConfigWatcher{
-		commonWatcher: commonWatcher{st: s},
-		out:           make(chan *config.Config),
-	}
-	go func() {
-		defer w.tomb.Done()
-		defer close(w.out)
-		w.tomb.Kill(w.loop())
-	}()
-	return w
-}
-
-// Changes returns a channel that will receive the new model
-// configuration when a change is detected. Note that multiple changes may
-// be observed as a single event in the channel.
-func (w *ModelConfigWatcher) Changes() <-chan *config.Config {
-	return w.out
-}
-
-func (w *ModelConfigWatcher) loop() (err error) {
-	sw := w.st.watchSettings(modelGlobalKey)
-	defer sw.Stop()
-	out := w.out
-	out = nil
-	cfg := &config.Config{}
-	for {
-		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
-		case <-w.tomb.Dying():
-			return tomb.ErrDying
-		case settings, ok := <-sw.Changes():
-			if !ok {
-				return watcher.EnsureErr(sw)
-			}
-			cfg, err = config.New(config.NoDefaults, settings.Map())
-			if err == nil {
-				out = w.out
-			} else {
-				out = nil
-			}
-		case out <- cfg:
-			out = nil
-		}
-	}
-}
-
-type settingsWatcher struct {
-	commonWatcher
-	out chan *Settings
-}
-
-var _ Watcher = (*settingsWatcher)(nil)
-
-// watchSettings creates a watcher for observing changes to settings.
-func (st *State) watchSettings(key string) *settingsWatcher {
-	return newSettingsWatcher(st, key)
-}
-
-func newSettingsWatcher(s *State, key string) *settingsWatcher {
-	w := &settingsWatcher{
-		commonWatcher: commonWatcher{st: s},
-		out:           make(chan *Settings),
-	}
-	go func() {
-		defer w.tomb.Done()
-		defer close(w.out)
-		w.tomb.Kill(w.loop(key))
-	}()
-	return w
-}
-
-// Changes returns a channel that will receive the new settings.
-// Multiple changes may be observed as a single event in the channel.
-func (w *settingsWatcher) Changes() <-chan *Settings {
-	return w.out
-}
-
-func (w *settingsWatcher) loop(key string) (err error) {
-	ch := make(chan watcher.Change)
-	revno := int64(-1)
-
-	var settings *Settings
-	var rawDoc bson.Raw
-	if err := readSettingsDocInto(w.st, key, &rawDoc); err == nil {
-		var revnoDoc struct {
-			TxnRevno int64 `bson:"txn-revno"`
-		}
-		if err := rawDoc.Unmarshal(&revnoDoc); err != nil {
-			return err
-		}
-		revno = revnoDoc.TxnRevno
-		var doc settingsDoc
-		if err := rawDoc.Unmarshal(&doc); err != nil {
-			return err
-		}
-		settings = newSettingsWithDoc(w.st, key, &doc)
-	} else if !errors.IsNotFound(err) {
-		return err
-	}
-
-	w.st.watcher.Watch(settingsC, w.st.docID(key), revno, ch)
-	defer w.st.watcher.Unwatch(settingsC, w.st.docID(key), ch)
-	out := w.out
-	if revno == -1 {
-		out = nil
-	}
-	for {
-		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
-		case <-w.tomb.Dying():
-			return tomb.ErrDying
-		case <-ch:
-			settings, err = readSettings(w.st, key)
-			if err != nil {
-				return err
-			}
-			out = w.out
-		case out <- settings:
-			out = nil
-		}
-	}
-}
-
 // WatchHardwareCharacteristics returns a watcher for observing changes to a machine's hardware characteristics.
 func (m *Machine) WatchHardwareCharacteristics() NotifyWatcher {
 	return newEntityWatcher(m.st, instanceDataC, m.doc.DocID)
@@ -1407,13 +1268,13 @@
 }
 
 // Watch returns a watcher for observing changes to a service.
-func (s *Service) Watch() NotifyWatcher {
-	return newEntityWatcher(s.st, servicesC, s.doc.DocID)
+func (s *Application) Watch() NotifyWatcher {
+	return newEntityWatcher(s.st, applicationsC, s.doc.DocID)
 }
 
 // WatchLeaderSettings returns a watcher for observing changed to a service's
 // leader settings.
-func (s *Service) WatchLeaderSettings() NotifyWatcher {
+func (s *Application) WatchLeaderSettings() NotifyWatcher {
 	docId := s.st.docID(leadershipSettingsKey(s.Name()))
 	return newEntityWatcher(s.st, settingsC, docId)
 }
@@ -1441,8 +1302,7 @@
 }
 
 // WatchForModelConfigChanges returns a NotifyWatcher waiting for the Model
-// Config to change. This differs from WatchModelConfig in that the watcher
-// is a NotifyWatcher that does not give content during Changes()
+// Config to change.
 func (st *State) WatchForModelConfigChanges() NotifyWatcher {
 	return newEntityWatcher(st, settingsC, st.docID(modelGlobalKey))
 }
@@ -1490,7 +1350,7 @@
 	if u.doc.CharmURL == nil {
 		return nil, fmt.Errorf("unit charm not set")
 	}
-	settingsKey := serviceSettingsKey(u.doc.Service, u.doc.CharmURL)
+	settingsKey := applicationSettingsKey(u.doc.Application, u.doc.CharmURL)
 	return newEntityWatcher(u.st, settingsC, u.st.docID(settingsKey)), nil
 }
 
@@ -1533,7 +1393,7 @@
 // docKeys identifies the documents that should be watched (their id and which collection they are in)
 func newDocWatcher(st *State, docKeys []docKey) NotifyWatcher {
 	w := &docWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		out:           make(chan struct{}),
 	}
 	go func() {
@@ -1575,16 +1435,16 @@
 		if err != nil {
 			return err
 		}
-		w.st.watcher.Watch(coll.Name(), k.docId, txnRevno, in)
-		defer w.st.watcher.Unwatch(coll.Name(), k.docId, in)
+		w.watcher.Watch(coll.Name(), k.docId, txnRevno, in)
+		defer w.watcher.Unwatch(coll.Name(), k.docId, in)
 	}
 	out := w.out
 	for {
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case ch := <-in:
 			if _, ok := collect(ch, in, w.tomb.Dying()); !ok {
 				return tomb.ErrDying
@@ -1623,7 +1483,7 @@
 
 func newMachineUnitsWatcher(m *Machine) StringsWatcher {
 	w := &machineUnitsWatcher{
-		commonWatcher: commonWatcher{st: m.st},
+		commonWatcher: newCommonWatcher(m.st),
 		out:           make(chan []string),
 		in:            make(chan watcher.Change),
 		known:         make(map[string]Life),
@@ -1671,14 +1531,14 @@
 		// Unit was removed or unassigned from w.machine.
 		if known {
 			delete(w.known, unitName)
-			w.st.watcher.Unwatch(unitsC, w.st.docID(unitName), w.in)
+			w.watcher.Unwatch(unitsC, w.st.docID(unitName), w.in)
 			if life != Dead && !hasString(pending, unitName) {
 				pending = append(pending, unitName)
 			}
 			for _, subunitName := range doc.Subordinates {
 				if sublife, subknown := w.known[subunitName]; subknown {
 					delete(w.known, subunitName)
-					w.st.watcher.Unwatch(unitsC, w.st.docID(subunitName), w.in)
+					w.watcher.Unwatch(unitsC, w.st.docID(subunitName), w.in)
 					if sublife != Dead && !hasString(pending, subunitName) {
 						pending = append(pending, subunitName)
 					}
@@ -1688,7 +1548,7 @@
 		return pending, nil
 	}
 	if !known {
-		w.st.watcher.Watch(unitsC, doc.DocID, doc.TxnRevno, w.in)
+		w.watcher.Watch(unitsC, doc.DocID, doc.TxnRevno, w.in)
 		pending = append(pending, unitName)
 	} else if life != doc.Life && !hasString(pending, unitName) {
 		pending = append(pending, unitName)
@@ -1708,7 +1568,7 @@
 func (w *machineUnitsWatcher) loop() error {
 	defer func() {
 		for unit := range w.known {
-			w.st.watcher.Unwatch(unitsC, w.st.docID(unit), w.in)
+			w.watcher.Unwatch(unitsC, w.st.docID(unit), w.in)
 		}
 	}()
 
@@ -1719,8 +1579,8 @@
 		return err
 	}
 	machineCh := make(chan watcher.Change)
-	w.st.watcher.Watch(machinesC, w.machine.doc.DocID, revno, machineCh)
-	defer w.st.watcher.Unwatch(machinesC, w.machine.doc.DocID, machineCh)
+	w.watcher.Watch(machinesC, w.machine.doc.DocID, revno, machineCh)
+	defer w.watcher.Unwatch(machinesC, w.machine.doc.DocID, machineCh)
 	changes, err := w.updateMachine([]string(nil))
 	if err != nil {
 		return err
@@ -1728,8 +1588,8 @@
 	out := w.out
 	for {
 		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
 		case <-machineCh:
@@ -1775,7 +1635,7 @@
 
 func newMachineAddressesWatcher(m *Machine) NotifyWatcher {
 	w := &machineAddressesWatcher{
-		commonWatcher: commonWatcher{st: m.st},
+		commonWatcher: newCommonWatcher(m.st),
 		out:           make(chan struct{}),
 		machine:       &Machine{st: m.st, doc: m.doc}, // Copy so it may be freely refreshed
 	}
@@ -1800,14 +1660,14 @@
 		return err
 	}
 	machineCh := make(chan watcher.Change)
-	w.st.watcher.Watch(machinesC, w.machine.doc.DocID, revno, machineCh)
-	defer w.st.watcher.Unwatch(machinesC, w.machine.doc.DocID, machineCh)
+	w.watcher.Watch(machinesC, w.machine.doc.DocID, revno, machineCh)
+	defer w.watcher.Unwatch(machinesC, w.machine.doc.DocID, machineCh)
 	addresses := w.machine.Addresses()
 	out := w.out
 	for {
 		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
 		case <-machineCh:
@@ -1840,7 +1700,7 @@
 
 func newCleanupWatcher(st *State) NotifyWatcher {
 	w := &cleanupWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		out:           make(chan struct{}),
 	}
 	go func() {
@@ -1858,16 +1718,16 @@
 
 func (w *cleanupWatcher) loop() (err error) {
 	in := make(chan watcher.Change)
-	w.st.watcher.WatchCollectionWithFilter(cleanupsC, in, w.st.isForStateEnv)
-	defer w.st.watcher.UnwatchCollection(cleanupsC, in)
+	w.watcher.WatchCollectionWithFilter(cleanupsC, in, isLocalID(w.st))
+	defer w.watcher.UnwatchCollection(cleanupsC, in)
 
 	out := w.out
 	for {
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case ch := <-in:
 			if _, ok := collect(ch, in, w.tomb.Dying()); !ok {
 				return tomb.ErrDying
@@ -1898,7 +1758,7 @@
 func newActionStatusWatcher(st *State, receivers []ActionReceiver, statusSet ...ActionStatus) StringsWatcher {
 	watchLogger.Debugf("newActionStatusWatcher receivers:'%+v', statuses'%+v'", receivers, statusSet)
 	w := &actionStatusWatcher{
-		commonWatcher:  commonWatcher{st: st},
+		commonWatcher:  newCommonWatcher(st),
 		source:         make(chan watcher.Change),
 		sink:           make(chan []string),
 		receiverFilter: actionReceiverInCollectionOp(receivers...),
@@ -1932,8 +1792,8 @@
 		in      <-chan watcher.Change = w.source
 		out     chan<- []string       = w.sink
 	)
-	w.st.watcher.WatchCollectionWithFilter(actionsC, w.source, w.st.isForStateEnv)
-	defer w.st.watcher.UnwatchCollection(actionsC, w.source)
+	w.watcher.WatchCollectionWithFilter(actionsC, w.source, isLocalID(w.st))
+	defer w.watcher.UnwatchCollection(actionsC, w.source)
 
 	changes, err := w.initial()
 	if err != nil {
@@ -1944,14 +1804,14 @@
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case ch := <-in:
 			updates, ok := collect(ch, in, w.tomb.Dying())
 			if !ok {
 				return tomb.ErrDying
 			}
-			if err := w.filterAndMergeIds(w.st, &changes, updates); err != nil {
+			if err := w.filterAndMergeIds(&changes, updates); err != nil {
 				return err
 			}
 			if len(changes) > 0 {
@@ -1998,13 +1858,13 @@
 // If the upstream changes do not match the ActionReceivers and
 // ActionStatus set filters defined on the watcher, they are silently
 // dropped.
-func (w *actionStatusWatcher) filterAndMergeIds(st *State, changes *[]string, updates map[interface{}]bool) error {
+func (w *actionStatusWatcher) filterAndMergeIds(changes *[]string, updates map[interface{}]bool) error {
 	watchLogger.Tracef("actionStatusWatcher filterAndMergeIds(changes:'%+v', updates:'%+v')", changes, updates)
 	var adds []string
 	for id, exists := range updates {
 		switch id := id.(type) {
 		case string:
-			localId := st.localID(id)
+			localId := w.st.localID(id)
 			chIx, idAlreadyInChangeset := indexOf(localId, *changes)
 			if exists {
 				if !idAlreadyInChangeset {
@@ -2046,7 +1906,7 @@
 
 // localIdInCollectionOp is a special form of inCollectionOp that just
 // converts id's to their model-uuid prefixed form.
-func localIdInCollectionOp(st *State, localIds ...string) bson.D {
+func localIdInCollectionOp(st modelBackend, localIds ...string) bson.D {
 	ids := make([]string, len(localIds))
 	for i, id := range localIds {
 		ids[i] = st.docID(id)
@@ -2100,12 +1960,13 @@
 func newcollectionWatcher(st *State, cfg colWCfg) StringsWatcher {
 	// Always ensure that there is at least filtering on the
 	// model in place.
+	backstop := isLocalID(st)
 	if cfg.filter == nil {
-		cfg.filter = st.isForStateEnv
+		cfg.filter = backstop
 	} else {
 		innerFilter := cfg.filter
 		cfg.filter = func(id interface{}) bool {
-			if !st.isForStateEnv(id) {
+			if !backstop(id) {
 				return false
 			}
 			return innerFilter(id)
@@ -2114,7 +1975,7 @@
 
 	w := &collectionWatcher{
 		colWCfg:       cfg,
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		source:        make(chan watcher.Change),
 		sink:          make(chan []string),
 	}
@@ -2143,8 +2004,8 @@
 		out     = (chan<- []string)(w.sink)
 	)
 
-	w.st.watcher.WatchCollectionWithFilter(w.col, w.source, w.filter)
-	defer w.st.watcher.UnwatchCollection(w.col, w.source)
+	w.watcher.WatchCollectionWithFilter(w.col, w.source, w.filter)
+	defer w.watcher.UnwatchCollection(w.col, w.source)
 
 	changes, err := w.initial()
 	if err != nil {
@@ -2155,14 +2016,14 @@
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case ch := <-in:
 			updates, ok := collect(ch, in, w.tomb.Dying())
 			if !ok {
 				return tomb.ErrDying
 			}
-			if err := w.mergeIds(w.st, &changes, updates); err != nil {
+			if err := w.mergeIds(&changes, updates); err != nil {
 				return err
 			}
 			if len(changes) > 0 {
@@ -2233,11 +2094,11 @@
 // watcher.
 // Additionally, mergeIds strips the model UUID prefix from the id
 // before emitting it through the watcher.
-func (w *collectionWatcher) mergeIds(st *State, changes *[]string, updates map[interface{}]bool) error {
-	return mergeIds(st, changes, updates, w.idconv)
+func (w *collectionWatcher) mergeIds(changes *[]string, updates map[interface{}]bool) error {
+	return mergeIds(w.st, changes, updates, w.idconv)
 }
 
-func mergeIds(st *State, changes *[]string, updates map[interface{}]bool, idconv func(string) string) error {
+func mergeIds(st modelBackend, changes *[]string, updates map[interface{}]bool, idconv func(string) string) error {
 	for val, idExists := range updates {
 		id, ok := val.(string)
 		if !ok {
@@ -2383,7 +2244,7 @@
 
 func newOpenedPortsWatcher(st *State) StringsWatcher {
 	w := &openedPortsWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		known:         make(map[string]int64),
 		out:           make(chan []string),
 	}
@@ -2443,16 +2304,16 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
-	w.st.watcher.WatchCollectionWithFilter(openedPortsC, in, w.st.isForStateEnv)
-	defer w.st.watcher.UnwatchCollection(openedPortsC, in)
+	w.watcher.WatchCollectionWithFilter(openedPortsC, in, isLocalID(w.st))
+	defer w.watcher.UnwatchCollection(openedPortsC, in)
 
 	out := w.out
 	for {
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case ch := <-in:
 			if err = w.merge(changes, ch); err != nil {
 				return errors.Trace(err)
@@ -2522,7 +2383,7 @@
 
 func newRebootWatcher(st *State, machines set.Strings) NotifyWatcher {
 	w := &rebootWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		machines:      machines,
 		out:           make(chan struct{}),
 	}
@@ -2552,15 +2413,15 @@
 		w.tomb.Kill(fmt.Errorf("expected string, got %T: %v", key, key))
 		return false
 	}
-	w.st.watcher.WatchCollectionWithFilter(rebootC, in, filter)
-	defer w.st.watcher.UnwatchCollection(rebootC, in)
+	w.watcher.WatchCollectionWithFilter(rebootC, in, filter)
+	defer w.watcher.UnwatchCollection(rebootC, in)
 	out := w.out
 	for {
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case ch := <-in:
 			if _, ok := collect(ch, in, w.tomb.Dying()); !ok {
 				return tomb.ErrDying
@@ -2585,7 +2446,7 @@
 
 func newBlockDevicesWatcher(st *State, machineId string) NotifyWatcher {
 	w := &blockDevicesWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		machineId:     machineId,
 		out:           make(chan struct{}),
 	}
@@ -2611,21 +2472,21 @@
 		return errors.Trace(err)
 	}
 	changes := make(chan watcher.Change)
-	w.st.watcher.Watch(blockDevicesC, docID, revno, changes)
-	defer w.st.watcher.Unwatch(blockDevicesC, docID, changes)
-	blockDevices, err := w.st.blockDevices(w.machineId)
+	w.watcher.Watch(blockDevicesC, docID, revno, changes)
+	defer w.watcher.Unwatch(blockDevicesC, docID, changes)
+	blockDevices, err := getBlockDevices(w.st, w.machineId)
 	if err != nil {
 		return errors.Trace(err)
 	}
 	out := w.out
 	for {
 		select {
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
 		case <-changes:
-			newBlockDevices, err := w.st.blockDevices(w.machineId)
+			newBlockDevices, err := getBlockDevices(w.st, w.machineId)
 			if err != nil {
 				return errors.Trace(err)
 			}
@@ -2641,21 +2502,23 @@
 
 // WatchForModelMigration returns a notify watcher which reports when
 // a migration is in progress for the model associated with the
-// State. Only in-progress and newly created migrations are reported.
-func (st *State) WatchForModelMigration() (NotifyWatcher, error) {
-	return newMigrationActiveWatcher(st), nil
+// State.
+func (st *State) WatchForModelMigration() NotifyWatcher {
+	return newMigrationActiveWatcher(st)
 }
 
 type migrationActiveWatcher struct {
 	commonWatcher
 	collName string
+	id       string
 	sink     chan struct{}
 }
 
 func newMigrationActiveWatcher(st *State) NotifyWatcher {
 	w := &migrationActiveWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		collName:      migrationsActiveC,
+		id:            st.ModelUUID(),
 		sink:          make(chan struct{}),
 	}
 	go func() {
@@ -2672,38 +2535,25 @@
 }
 
 func (w *migrationActiveWatcher) loop() error {
-	in := make(chan watcher.Change)
-	filter := func(id interface{}) bool {
-		// Only report migrations for the requested model.
-		if id, ok := id.(string); ok {
-			return id == w.st.ModelUUID()
-		}
-		return false
-	}
-	w.st.watcher.WatchCollectionWithFilter(w.collName, in, filter)
-	defer w.st.watcher.UnwatchCollection(w.collName, in)
-
-	var out chan<- struct{}
-
-	// Check if a migration is already in progress and if so, report it immediately.
-	if active, err := w.st.IsModelMigrationActive(); err != nil {
+	collection, closer := w.st.getCollection(w.collName)
+	revno, err := getTxnRevno(collection, w.id)
+	closer()
+	if err != nil {
 		return errors.Trace(err)
-	} else if active {
-		out = w.sink
 	}
 
+	in := make(chan watcher.Change)
+	w.watcher.Watch(w.collName, w.id, revno, in)
+	defer w.watcher.Unwatch(w.collName, w.id, in)
+
+	out := w.sink
 	for {
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case change := <-in:
-			// Ignore removals from the collection.
-			if change.Revno == -1 {
-				continue
-			}
-
 			if _, ok := collect(change, in, w.tomb.Dying()); !ok {
 				return tomb.ErrDying
 			}
@@ -2734,7 +2584,7 @@
 
 func newMigrationStatusWatcher(st *State) NotifyWatcher {
 	w := &migrationStatusWatcher{
-		commonWatcher: commonWatcher{st: st},
+		commonWatcher: newCommonWatcher(st),
 		collName:      migrationsStatusC,
 		sink:          make(chan struct{}),
 	}
@@ -2764,20 +2614,16 @@
 	// there will only be one active migration per model. The watcher
 	// will only see changes for one migration status document at a
 	// time for the model.
-	filter := func(id interface{}) bool {
-		_, err := w.st.strictLocalID(id.(string))
-		return err == nil
-	}
-	w.st.watcher.WatchCollectionWithFilter(w.collName, in, filter)
-	defer w.st.watcher.UnwatchCollection(w.collName, in)
+	w.watcher.WatchCollectionWithFilter(w.collName, in, isLocalID(w.st))
+	defer w.watcher.UnwatchCollection(w.collName, in)
 
 	out := w.sink // out set so that initial event is sent.
 	for {
 		select {
 		case <-w.tomb.Dying():
 			return tomb.ErrDying
-		case <-w.st.watcher.Dead():
-			return stateWatcherDeadError(w.st.watcher.Err())
+		case <-w.watcher.Dead():
+			return stateWatcherDeadError(w.watcher.Err())
 		case change := <-in:
 			if change.Revno == -1 {
 				return errors.New("model migration status disappeared (shouldn't happen)")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/dumb.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/dumb.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/dumb.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/dumb.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,166 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package workers
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/catacomb"
+)
+
+// DumbConfig holds a DumbWorkers' dependencies.
+type DumbConfig struct {
+	Factory Factory
+	Logger  loggo.Logger
+}
+
+// Validate returns an error if config cannot drive a DumbWorkers.
+func (config DumbConfig) Validate() error {
+	if config.Factory == nil {
+		return errors.NotValidf("nil Factory")
+	}
+	if config.Logger == (loggo.Logger{}) {
+		return errors.NotValidf("uninitialized Logger")
+	}
+	return nil
+}
+
+// NewDumbWorkers returns a worker that will live until Kill()ed,
+// giving access to a set of sub-workers needed by the state package.
+//
+// These workers may die of their own accord at any time, and will
+// not be replaced; they will also all be stopped before Wait returns.
+func NewDumbWorkers(config DumbConfig) (_ *DumbWorkers, err error) {
+	if err := config.Validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
+	logger := config.Logger
+
+	w := &DumbWorkers{config: config}
+	defer func() {
+		if err == nil {
+			return
+		}
+		// this is ok because cleanup can handle nil fields
+		if cleanupErr := w.cleanup(); cleanupErr != nil {
+			logger.Errorf("while aborting DumbWorkers creation: %v", cleanupErr)
+		}
+	}()
+
+	logger.Debugf("starting leadership lease manager")
+	w.leadershipWorker, err = config.Factory.NewLeadershipWorker()
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot create leadership lease manager")
+	}
+
+	logger.Debugf("starting singular lease manager")
+	w.singularWorker, err = config.Factory.NewSingularWorker()
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot create singular lease manager")
+	}
+
+	logger.Debugf("starting transaction log watcher")
+	w.txnLogWorker, err = config.Factory.NewTxnLogWorker()
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot create transaction log watcher")
+	}
+
+	logger.Debugf("starting presence watcher")
+	w.presenceWorker, err = config.Factory.NewPresenceWorker()
+	if err != nil {
+		return nil, errors.Annotatef(err, "cannot create presence watcher")
+	}
+
+	// note that we specifically *don't* want to use catacomb's
+	// worker-tracking features like Add and Init, because we want
+	// this type to live until externally killed, regardless of the
+	// state of the inner workers. We're just using catacomb because
+	// it's slightly safer than tomb.
+	err = catacomb.Invoke(catacomb.Plan{
+		Site: &w.catacomb,
+		Work: w.run,
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return w, nil
+}
+
+// DumbWorkers holds references to standard state workers. The workers
+// are not guaranteed to be running; but they are guaranteed to be
+// stopped when the DumbWorkers is stopped.
+type DumbWorkers struct {
+	config           DumbConfig
+	catacomb         catacomb.Catacomb
+	txnLogWorker     TxnLogWorker
+	presenceWorker   PresenceWorker
+	leadershipWorker LeaseWorker
+	singularWorker   LeaseWorker
+}
+
+// TxnLogWatcher is part of the Workers interface.
+func (dw *DumbWorkers) TxnLogWatcher() TxnLogWatcher {
+	return dw.txnLogWorker
+}
+
+// PresenceWatcher is part of the Workers interface.
+func (dw *DumbWorkers) PresenceWatcher() PresenceWatcher {
+	return dw.presenceWorker
+}
+
+// LeadershipManager is part of the Workers interface.
+func (dw *DumbWorkers) LeadershipManager() LeaseManager {
+	return dw.leadershipWorker
+}
+
+// SingularManager is part of the Workers interface.
+func (dw *DumbWorkers) SingularManager() LeaseManager {
+	return dw.singularWorker
+}
+
+// Kill is part of the worker.Worker interface.
+func (dw *DumbWorkers) Kill() {
+	dw.catacomb.Kill(nil)
+}
+
+// Wait is part of the worker.Worker interface.
+func (dw *DumbWorkers) Wait() error {
+	return dw.catacomb.Wait()
+}
+
+func (dw *DumbWorkers) run() error {
+	<-dw.catacomb.Dying()
+	if err := dw.cleanup(); err != nil {
+		return errors.Trace(err)
+	}
+	return dw.catacomb.ErrDying()
+}
+
+func (dw *DumbWorkers) cleanup() error {
+	var errs []error
+	handle := func(name string, w worker.Worker) {
+		if w == nil {
+			return
+		}
+		if err := worker.Stop(w); err != nil {
+			errs = append(errs, errors.Annotatef(err, "error stopping %s", name))
+		}
+	}
+
+	handle("transaction log watcher", dw.txnLogWorker)
+	handle("presence watcher", dw.presenceWorker)
+	handle("leadership lease manager", dw.leadershipWorker)
+	handle("singular lease manager", dw.singularWorker)
+	if len(errs) > 0 {
+		for _, err := range errs[1:] {
+			dw.config.Logger.Errorf("while stopping state workers: %v", err)
+		}
+		return errs[0]
+	}
+
+	dw.config.Logger.Debugf("stopped state workers without error")
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/dumb_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/dumb_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/dumb_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/dumb_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,198 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package workers_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/state/workers"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/workertest"
+)
+
+type DumbWorkersSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&DumbWorkersSuite{})
+
+func (*DumbWorkersSuite) TestValidateSuccess(c *gc.C) {
+	config := workers.DumbConfig{
+		Factory: struct{ workers.Factory }{},
+		Logger:  loggo.GetLogger("test"),
+	}
+	err := config.Validate()
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (*DumbWorkersSuite) TestValidateUninitializedLogger(c *gc.C) {
+	config := workers.DumbConfig{
+		Factory: struct{ workers.Factory }{},
+	}
+	check := func(err error) {
+		c.Check(err, gc.ErrorMatches, "uninitialized Logger not valid")
+		c.Check(err, jc.Satisfies, errors.IsNotValid)
+	}
+
+	check(config.Validate())
+	w, err := workers.NewDumbWorkers(config)
+	if !c.Check(w, gc.IsNil) {
+		workertest.CleanKill(c, w)
+	}
+	check(err)
+}
+
+func (*DumbWorkersSuite) TestValidateMissingFactory(c *gc.C) {
+	config := workers.DumbConfig{
+		Logger: loggo.GetLogger("test"),
+	}
+	check := func(err error) {
+		c.Check(err, gc.ErrorMatches, "nil Factory not valid")
+		c.Check(err, jc.Satisfies, errors.IsNotValid)
+	}
+
+	check(config.Validate())
+	w, err := workers.NewDumbWorkers(config)
+	if !c.Check(w, gc.IsNil) {
+		workertest.CleanKill(c, w)
+	}
+	check(err)
+}
+
+func (*DumbWorkersSuite) TestNewLeadershipManagerError(c *gc.C) {
+	fix := Fixture{
+		LW_errors: []error{ErrFailStart},
+	}
+	fix.FailDumb(c, "cannot create leadership lease manager: bad start")
+}
+
+func (*DumbWorkersSuite) TestNewSingularManagerError(c *gc.C) {
+	fix := Fixture{
+		LW_errors: []error{nil},
+		SW_errors: []error{ErrFailStart},
+	}
+	fix.FailDumb(c, "cannot create singular lease manager: bad start")
+}
+
+func (*DumbWorkersSuite) TestNewTxnLogWatcherError(c *gc.C) {
+	fix := Fixture{
+		LW_errors:  []error{nil},
+		SW_errors:  []error{nil},
+		TLW_errors: []error{ErrFailStart},
+	}
+	fix.FailDumb(c, "cannot create transaction log watcher: bad start")
+}
+
+func (*DumbWorkersSuite) TestNewPresenceWatcherError(c *gc.C) {
+	fix := BasicFixture()
+	fix.PW_errors = []error{ErrFailStart}
+	fix.FailDumb(c, "cannot create presence watcher: bad start")
+}
+
+func (*DumbWorkersSuite) TestLeadershipManagerFails(c *gc.C) {
+	fix := BasicFixture()
+	fix.LW_errors = []error{errors.New("zap")}
+	fix.RunDumb(c, func(ctx Context, dw *workers.DumbWorkers) {
+		w := NextWorker(c, ctx.LWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, dw.LeadershipManager(), w)
+
+		w.Kill()
+		workertest.CheckAlive(c, dw)
+		AssertWorker(c, dw.LeadershipManager(), w)
+
+		err := workertest.CheckKill(c, dw)
+		c.Check(err, gc.ErrorMatches, "error stopping leadership lease manager: zap")
+	})
+}
+
+func (*DumbWorkersSuite) TestSingularManagerFails(c *gc.C) {
+	fix := BasicFixture()
+	fix.SW_errors = []error{errors.New("zap")}
+	fix.RunDumb(c, func(ctx Context, dw *workers.DumbWorkers) {
+		w := NextWorker(c, ctx.SWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, dw.SingularManager(), w)
+
+		w.Kill()
+		workertest.CheckAlive(c, dw)
+		AssertWorker(c, dw.SingularManager(), w)
+
+		err := workertest.CheckKill(c, dw)
+		c.Check(err, gc.ErrorMatches, "error stopping singular lease manager: zap")
+	})
+}
+
+func (*DumbWorkersSuite) TestTxnLogWatcherFails(c *gc.C) {
+	fix := BasicFixture()
+	fix.TLW_errors = []error{errors.New("zap")}
+	fix.RunDumb(c, func(ctx Context, dw *workers.DumbWorkers) {
+		w := NextWorker(c, ctx.TLWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, dw.TxnLogWatcher(), w)
+
+		w.Kill()
+		workertest.CheckAlive(c, dw)
+		AssertWorker(c, dw.TxnLogWatcher(), w)
+
+		err := workertest.CheckKill(c, dw)
+		c.Check(err, gc.ErrorMatches, "error stopping transaction log watcher: zap")
+	})
+}
+
+func (*DumbWorkersSuite) TestPresenceWatcherFails(c *gc.C) {
+	fix := BasicFixture()
+	fix.PW_errors = []error{errors.New("zap")}
+	fix.RunDumb(c, func(ctx Context, dw *workers.DumbWorkers) {
+		w := NextWorker(c, ctx.PWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, dw.PresenceWatcher(), w)
+
+		w.Kill()
+		workertest.CheckAlive(c, dw)
+		AssertWorker(c, dw.PresenceWatcher(), w)
+
+		err := workertest.CheckKill(c, dw)
+		c.Check(err, gc.ErrorMatches, "error stopping presence watcher: zap")
+	})
+}
+
+func (*DumbWorkersSuite) TestEverythingFails(c *gc.C) {
+	fix := Fixture{
+		LW_errors:  []error{errors.New("zot")},
+		SW_errors:  []error{errors.New("bif")},
+		TLW_errors: []error{errors.New("pow")},
+		PW_errors:  []error{errors.New("arg")},
+	}
+	fix.RunDumb(c, func(ctx Context, dw *workers.DumbWorkers) {
+		for _, ch := range []<-chan worker.Worker{
+			ctx.LWs(), ctx.SWs(), ctx.TLWs(), ctx.PWs(),
+		} {
+			w := NextWorker(c, ch)
+			c.Assert(w, gc.NotNil)
+			w.Kill()
+		}
+
+		workertest.CheckAlive(c, dw)
+		err := workertest.CheckKill(c, dw)
+		c.Check(err, gc.ErrorMatches, "error stopping transaction log watcher: pow")
+	})
+}
+
+func (*DumbWorkersSuite) TestStopsAllWorkers(c *gc.C) {
+	fix := BasicFixture()
+	fix.RunDumb(c, func(ctx Context, dw *workers.DumbWorkers) {
+		workertest.CleanKill(c, dw)
+		for _, ch := range []<-chan worker.Worker{
+			ctx.LWs(), ctx.SWs(), ctx.TLWs(), ctx.PWs(),
+		} {
+			w := NextWorker(c, ch)
+			workertest.CheckKilled(c, w)
+		}
+	})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/fixture_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/fixture_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/fixture_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/fixture_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,364 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package workers_test
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/state/workers"
+	"github.com/juju/juju/testing"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/workertest"
+)
+
+const (
+	fiveSeconds       = 5 * time.Second
+	almostFiveSeconds = fiveSeconds - time.Nanosecond
+)
+
+// Context gives a test func access to the harness driving the Workers
+// implementation under test.
+type Context interface {
+	Clock() *testing.Clock
+	Factory() workers.Factory
+	LWs() <-chan worker.Worker
+	SWs() <-chan worker.Worker
+	TLWs() <-chan worker.Worker
+	PWs() <-chan worker.Worker
+}
+
+// NextWorker reads a worker from the supplied channel and returns it,
+// or times out. The result might be nil.
+func NextWorker(c *gc.C, ch <-chan worker.Worker) worker.Worker {
+	select {
+	case worker := <-ch:
+		return worker
+	case <-time.After(testing.LongWait):
+		c.Fatalf("expected worker never started")
+	}
+	panic("unreachable") // I hate doing this :-|.
+}
+
+// ErrFailStart can be used in any of a Fixture's *_errors fields to
+// indicate that we should fail to start a worker.
+var ErrFailStart = errors.New("test control value, should not be seen")
+
+// BasicFixture returns a Fixture that expects each worker to be started
+// once only, and to stop without error.
+func BasicFixture() Fixture {
+	return Fixture{
+		LW_errors:  []error{nil},
+		SW_errors:  []error{nil},
+		TLW_errors: []error{nil},
+		PW_errors:  []error{nil},
+	}
+}
+
+// Fixture allows you to run tests against a DumbWorkers or a
+// RestartWorkers by specifying a list of errors per worker.
+type Fixture struct {
+	LW_errors  []error
+	SW_errors  []error
+	TLW_errors []error
+	PW_errors  []error
+}
+
+// Run runs a test func inside a fresh Context.
+func (fix Fixture) Run(c *gc.C, test func(Context)) {
+	ctx := fix.newContext()
+	defer ctx.cleanup(c)
+	test(ctx)
+}
+
+// RunDumb starts a DumbWorkers inside a fresh Context and supplies it
+// to a test func.
+func (fix Fixture) RunDumb(c *gc.C, test func(Context, *workers.DumbWorkers)) {
+	fix.Run(c, func(ctx Context) {
+		dw, err := workers.NewDumbWorkers(workers.DumbConfig{
+			Factory: ctx.Factory(),
+			Logger:  loggo.GetLogger("test"),
+		})
+		c.Assert(err, jc.ErrorIsNil)
+		defer workertest.DirtyKill(c, dw)
+		test(ctx, dw)
+	})
+}
+
+// FailDumb verifies that a DumbWorkers cannot start successfully, and
+// checks that the returned error matches.
+func (fix Fixture) FailDumb(c *gc.C, match string) {
+	fix.Run(c, func(ctx Context) {
+		dw, err := workers.NewDumbWorkers(workers.DumbConfig{
+			Factory: ctx.Factory(),
+			Logger:  loggo.GetLogger("test"),
+		})
+		if !c.Check(dw, gc.IsNil) {
+			workertest.DirtyKill(c, dw)
+		}
+		c.Check(err, gc.ErrorMatches, match)
+	})
+}
+
+// RunRestart starts a RestartWorkers inside a fresh Context and
+// supplies it to a test func.
+func (fix Fixture) RunRestart(c *gc.C, test func(Context, *workers.RestartWorkers)) {
+	fix.Run(c, func(ctx Context) {
+		rw, err := workers.NewRestartWorkers(workers.RestartConfig{
+			Factory: ctx.Factory(),
+			Logger:  loggo.GetLogger("test"),
+			Clock:   ctx.Clock(),
+			Delay:   fiveSeconds,
+		})
+		c.Assert(err, jc.ErrorIsNil)
+		defer workertest.DirtyKill(c, rw)
+		test(ctx, rw)
+	})
+}
+
+// FailRestart verifies that a RestartWorkers cannot start successfully, and
+// checks that the returned error matches.
+func (fix Fixture) FailRestart(c *gc.C, match string) {
+	fix.Run(c, func(ctx Context) {
+		rw, err := workers.NewRestartWorkers(workers.RestartConfig{
+			Factory: ctx.Factory(),
+			Logger:  loggo.GetLogger("test"),
+			Clock:   ctx.Clock(),
+			Delay:   fiveSeconds,
+		})
+		if !c.Check(rw, gc.IsNil) {
+			workertest.DirtyKill(c, rw)
+		}
+		c.Check(err, gc.ErrorMatches, match)
+	})
+}
+
+func (fix Fixture) newContext() *context {
+	return &context{
+		clock:   testing.NewClock(time.Now()),
+		lwList:  newWorkerList(fix.LW_errors),
+		swList:  newWorkerList(fix.SW_errors),
+		tlwList: newWorkerList(fix.TLW_errors),
+		pwList:  newWorkerList(fix.PW_errors),
+	}
+}
+
+// newWorkerList converts the supplied errors into a list of workers to
+// be returned in order from the result's Next func (at which point they
+// are sent on the reports chan as well).
+func newWorkerList(errs []error) *workerList {
+	count := len(errs)
+	reports := make(chan worker.Worker, count)
+	workers := make([]worker.Worker, count)
+	for i, err := range errs {
+		if err == ErrFailStart {
+			workers[i] = nil
+		} else {
+			workers[i] = workertest.NewErrorWorker(err)
+		}
+	}
+	return &workerList{
+		workers: workers,
+		reports: reports,
+	}
+}
+
+type workerList struct {
+	next    int
+	workers []worker.Worker
+	reports chan worker.Worker
+}
+
+// Next starts and returns the next configured worker, or an error.
+// In either case, a value is sent on the worker channel.
+func (wl *workerList) Next() (worker.Worker, error) {
+	worker := wl.workers[wl.next]
+	wl.next++
+	wl.reports <- worker
+	if worker == nil {
+		return nil, errors.New("bad start")
+	}
+	return worker, nil
+}
+
+// cleanup checks that every expected worker has already been stopped by
+// the SUT. (i.e.: don't set up more workers than your fixture needs).
+func (wl *workerList) cleanup(c *gc.C) {
+	for _, w := range wl.workers {
+		if w != nil {
+			workertest.CheckKilled(c, w)
+		}
+	}
+}
+
+// context implements Context.
+type context struct {
+	clock   *testing.Clock
+	lwList  *workerList
+	swList  *workerList
+	tlwList *workerList
+	pwList  *workerList
+}
+
+func (ctx *context) cleanup(c *gc.C) {
+	c.Logf("cleaning up test context")
+	for _, list := range []*workerList{
+		ctx.lwList,
+		ctx.swList,
+		ctx.tlwList,
+		ctx.pwList,
+	} {
+		list.cleanup(c)
+	}
+}
+
+func (ctx *context) LWs() <-chan worker.Worker {
+	return ctx.lwList.reports
+}
+
+func (ctx *context) SWs() <-chan worker.Worker {
+	return ctx.swList.reports
+}
+
+func (ctx *context) TLWs() <-chan worker.Worker {
+	return ctx.tlwList.reports
+}
+
+func (ctx *context) PWs() <-chan worker.Worker {
+	return ctx.pwList.reports
+}
+
+func (ctx *context) Clock() *testing.Clock {
+	return ctx.clock
+}
+
+func (ctx *context) Factory() workers.Factory {
+	return &factory{ctx}
+}
+
+// factory implements workers.Factory for the convenience of the tests.
+type factory struct {
+	ctx *context
+}
+
+func (f *factory) NewLeadershipWorker() (workers.LeaseWorker, error) {
+	worker, err := f.ctx.lwList.Next()
+	if err != nil {
+		return nil, err
+	}
+	return fakeLeaseWorker{Worker: worker}, nil
+}
+
+func (f *factory) NewSingularWorker() (workers.LeaseWorker, error) {
+	worker, err := f.ctx.swList.Next()
+	if err != nil {
+		return nil, err
+	}
+	return fakeLeaseWorker{Worker: worker}, nil
+}
+
+func (f *factory) NewTxnLogWorker() (workers.TxnLogWorker, error) {
+	worker, err := f.ctx.tlwList.Next()
+	if err != nil {
+		return nil, err
+	}
+	return fakeTxnLogWorker{Worker: worker}, nil
+}
+
+func (f *factory) NewPresenceWorker() (workers.PresenceWorker, error) {
+	worker, err := f.ctx.pwList.Next()
+	if err != nil {
+		return nil, err
+	}
+	return fakePresenceWorker{Worker: worker}, nil
+}
+
+type fakeLeaseWorker struct {
+	worker.Worker
+	workers.LeaseManager
+}
+
+type fakeTxnLogWorker struct {
+	worker.Worker
+	workers.TxnLogWatcher
+}
+
+type fakePresenceWorker struct {
+	worker.Worker
+	workers.PresenceWatcher
+}
+
+// IsWorker returns true if `wrapped` is one of the above fake*Worker
+// types (as returned by the factory methods) and also wraps the
+// `expect` worker.
+func IsWorker(wrapped interface{}, expect worker.Worker) bool {
+	var actual worker.Worker
+	switch wrapped := wrapped.(type) {
+	case fakeLeaseWorker:
+		actual = wrapped.Worker
+	case fakeTxnLogWorker:
+		actual = wrapped.Worker
+	case fakePresenceWorker:
+		actual = wrapped.Worker
+	default:
+		return false
+	}
+	return actual == expect
+}
+
+// AssertWorker fails if IsWorker returns false.
+func AssertWorker(c *gc.C, wrapped interface{}, expect worker.Worker) {
+	c.Assert(IsWorker(wrapped, expect), jc.IsTrue)
+}
+
+func LM_getter(w workers.Workers) func() interface{} {
+	return func() interface{} { return w.LeadershipManager() }
+}
+
+func SM_getter(w workers.Workers) func() interface{} {
+	return func() interface{} { return w.SingularManager() }
+}
+
+func TLW_getter(w workers.Workers) func() interface{} {
+	return func() interface{} { return w.TxnLogWatcher() }
+}
+
+func PW_getter(w workers.Workers) func() interface{} {
+	return func() interface{} { return w.PresenceWatcher() }
+}
+
+// WaitWorker blocks until getter returns something that satifies
+// IsWorker, or until it times out.
+func WaitWorker(c *gc.C, getter func() interface{}, expect worker.Worker) {
+	var delay time.Duration
+	timeout := time.After(testing.LongWait)
+	for {
+		select {
+		case <-timeout:
+			c.Fatalf("expected worker")
+		case <-time.After(delay):
+			delay = testing.ShortWait
+		}
+		if IsWorker(getter(), expect) {
+			return
+		}
+	}
+}
+
+// WaitAlarms waits until the supplied clock has sent count values on
+// its Alarms channel.
+func WaitAlarms(c *gc.C, clock *testing.Clock, count int) {
+	timeout := time.After(testing.LongWait)
+	for i := 0; i < count; i++ {
+		select {
+		case <-timeout:
+			c.Fatalf("never saw alarm %d", i)
+		case <-clock.Alarms():
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/interface.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,114 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package workers
+
+import (
+	"github.com/juju/juju/core/lease"
+	"github.com/juju/juju/state/presence"
+	"github.com/juju/juju/state/watcher"
+	"github.com/juju/juju/worker"
+)
+
+// Workers doesn't really need to exist -- it could basically just exist
+// in the state package -- but that'd entail duplication of the
+// TxnLogWatcher, PresenceWatcher, and LeaseManager interfaces in both
+// packages to avoid import cycles, and, yuck.
+//
+// See the DumbWorkers and RestartWorkers types for implementations.
+type Workers interface {
+	worker.Worker
+
+	TxnLogWatcher() TxnLogWatcher
+	PresenceWatcher() PresenceWatcher
+	LeadershipManager() LeaseManager
+	SingularManager() LeaseManager
+}
+
+// Factory supplies implementations of various workers used in state,
+// and is generally a critical dependency of a Workers implementation
+// such as DumbWorkers or RestartWorkers.
+//
+// It'll generally just be a thin wrapper over a *State -- this package
+// exists only to paper over worker-lifetime issues that are hard to
+// address in the state package, not really to pave the way to alternate
+// backends or anything.
+type Factory interface {
+	NewTxnLogWorker() (TxnLogWorker, error)
+	NewPresenceWorker() (PresenceWorker, error)
+	NewLeadershipWorker() (LeaseWorker, error)
+	NewSingularWorker() (LeaseWorker, error)
+}
+
+// ExposedFailer encapsulates methods for shutdown detection and
+// handling, used widely inside state watcher types.
+//
+// Would be lovely to remove this dependency -- by adding new watchers
+// to something that tracked watcher and/or state validity, and stopped
+// them automatically -- but that's likely to have impacts reverberating
+// through state and apiserver and deserves its own careful analysis.
+type ExposedFailer interface {
+	Dead() <-chan struct{}
+	Err() error
+}
+
+// TxnLogWatcher exposes the methods of watcher.Watcher that are needed
+// by the state package.
+type TxnLogWatcher interface {
+	ExposedFailer
+
+	// horrible hack for goosing it into activity (for tests).
+	StartSync()
+
+	// single-document watching
+	Watch(coll string, id interface{}, revno int64, ch chan<- watcher.Change)
+	Unwatch(coll string, id interface{}, ch chan<- watcher.Change)
+
+	// collection-watching
+	WatchCollection(coll string, ch chan<- watcher.Change)
+	WatchCollectionWithFilter(coll string, ch chan<- watcher.Change, filter func(interface{}) bool)
+	UnwatchCollection(coll string, ch chan<- watcher.Change)
+}
+
+// TxnLogWorker includes the watcher.Watcher's worker.Worker methods,
+// so that a Workers implementation can manage its lifetime.
+type TxnLogWorker interface {
+	worker.Worker
+	TxnLogWatcher
+}
+
+// PresenceWatcher exposes the methods of presence.Watcher that are
+// needed by the state package.
+type PresenceWatcher interface {
+	ExposedFailer
+
+	// Horrible hack for goosing it into activity. Not clear why
+	// this is used by state in place of StartSync, but it is.
+	Sync()
+
+	// Presence-reading and -watching.
+	Alive(key string) (bool, error)
+	Watch(key string, ch chan<- presence.Change)
+	Unwatch(key string, ch chan<- presence.Change)
+}
+
+// PresenceWorker includes the presence.Watcher's worker.Worker methods,
+// so that a Workers implementation can manage its lifetime.
+type PresenceWorker interface {
+	worker.Worker
+	PresenceWatcher
+}
+
+// LeaseManager exposes the methods of lease.Manager that are needed by
+// the state package.
+type LeaseManager interface {
+	lease.Claimer
+	lease.Checker
+}
+
+// LeaseWorker includes the lease.Manager's worker.Worker methods,
+// so that a Workers implementation can manage its lifetime.
+type LeaseWorker interface {
+	worker.Worker
+	LeaseManager
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package workers_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestPackage(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/restart.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/restart.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/restart.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/restart.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,307 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package workers
+
+import (
+	"sync"
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/utils/clock"
+
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/catacomb"
+)
+
+// RestartConfig holds a RestartWorkers' dependencies and configuration.
+type RestartConfig struct {
+	Factory Factory
+	Logger  loggo.Logger
+	Clock   clock.Clock
+	Delay   time.Duration
+}
+
+// Validate returns an error if config cannot drive a RestartWorkers.
+func (config RestartConfig) Validate() error {
+	if config.Factory == nil {
+		return errors.NotValidf("nil Factory")
+	}
+	if config.Logger == (loggo.Logger{}) {
+		return errors.NotValidf("uninitialized Logger")
+	}
+	if config.Clock == nil {
+		return errors.NotValidf("nil Clock")
+	}
+	if config.Delay <= 0 {
+		return errors.NotValidf("non-positive Delay")
+	}
+	return nil
+}
+
+// NewRestartWorkers returns a worker that will live until Kill()ed,
+// giving access to a set of sub-workers needed by the state package.
+//
+// These workers may die of their own accord at any time, and will be
+// replaced after the configured delay; all active workers will be
+// stopped before Wait returns.
+func NewRestartWorkers(config RestartConfig) (*RestartWorkers, error) {
+	if err := config.Validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	dw, err := NewDumbWorkers(DumbConfig{
+		Factory: config.Factory,
+		Logger:  config.Logger,
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	rw := &RestartWorkers{
+		config:  config,
+		workers: dw,
+	}
+	err = catacomb.Invoke(catacomb.Plan{
+		Site: &rw.catacomb,
+		Work: rw.run,
+		Init: []worker.Worker{dw},
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return rw, nil
+}
+
+// RestartWorkers wraps a DumbWorkers and restarts/replaces workers as
+// they fail.
+type RestartWorkers struct {
+	config   RestartConfig
+	catacomb catacomb.Catacomb
+
+	// mu protects workers.
+	mu      sync.Mutex
+	workers *DumbWorkers
+
+	// wg tracks maintainer goroutines.
+	wg sync.WaitGroup
+}
+
+// TxnLogWatcher is part of the Workers interface.
+func (rw *RestartWorkers) TxnLogWatcher() TxnLogWatcher {
+	rw.mu.Lock()
+	defer rw.mu.Unlock()
+	return rw.workers.txnLogWorker
+}
+
+// PresenceWatcher is part of the Workers interface.
+func (rw *RestartWorkers) PresenceWatcher() PresenceWatcher {
+	rw.mu.Lock()
+	defer rw.mu.Unlock()
+	return rw.workers.presenceWorker
+}
+
+// LeadershipManager is part of the Workers interface.
+func (rw *RestartWorkers) LeadershipManager() LeaseManager {
+	rw.mu.Lock()
+	defer rw.mu.Unlock()
+	return rw.workers.leadershipWorker
+}
+
+// SingularManager is part of the Workers interface.
+func (rw *RestartWorkers) SingularManager() LeaseManager {
+	rw.mu.Lock()
+	defer rw.mu.Unlock()
+	return rw.workers.singularWorker
+}
+
+// Kill is part of the worker.Worker interface.
+func (rw *RestartWorkers) Kill() {
+	rw.catacomb.Kill(nil)
+}
+
+// Wait is part of the worker.Worker interface.
+func (rw *RestartWorkers) Wait() error {
+	return rw.catacomb.Wait()
+}
+
+func (rw *RestartWorkers) run() error {
+
+	replacers := []replacer{
+		&txnLogWorkerReplacer{
+			start:   rw.config.Factory.NewTxnLogWorker,
+			current: rw.workers.txnLogWorker,
+			target:  &rw.workers.txnLogWorker,
+		},
+		&presenceWorkerReplacer{
+			start:   rw.config.Factory.NewPresenceWorker,
+			current: rw.workers.presenceWorker,
+			target:  &rw.workers.presenceWorker,
+		},
+		&leaseWorkerReplacer{
+			start:   rw.config.Factory.NewLeadershipWorker,
+			current: rw.workers.leadershipWorker,
+			target:  &rw.workers.leadershipWorker,
+		},
+		&leaseWorkerReplacer{
+			start:   rw.config.Factory.NewSingularWorker,
+			current: rw.workers.singularWorker,
+			target:  &rw.workers.singularWorker,
+		},
+	}
+
+	// begin critical section: cannot touch workers without mutex
+	for _, replacer := range replacers {
+		rw.wg.Add(1)
+		go rw.maintain(replacer)
+	}
+	<-rw.catacomb.Dying()
+	rw.wg.Wait()
+	// end critical section: potential workers writes all finished
+
+	return worker.Stop(rw.workers)
+}
+
+// maintain drives a replacer. See commentary in func, and docs on
+// the replacer interface.
+func (rw *RestartWorkers) maintain(replacer replacer) {
+
+	// Signal to the RestartWorkers that we've stopped trying to
+	// maintain a worker once we return from this func.
+	defer rw.wg.Done()
+
+	// First, wait until the worker actually needs replacement.
+	select {
+	case <-rw.catacomb.Dying():
+		return
+	case <-replacer.needed():
+	}
+
+	// Then try to create a replacement until we succeed...
+	for {
+		select {
+		case <-rw.catacomb.Dying():
+			return
+		case <-rw.config.Clock.After(rw.config.Delay):
+		}
+		if replacer.prepare() {
+			break
+		}
+	}
+
+	// ...at which point it's OK to take the lock for long enough to
+	// set the replacement worker.
+	rw.mu.Lock()
+	replacer.replace()
+	rw.mu.Unlock()
+
+	// Finally, signal to the RestartWorkers that we'll maintain the
+	// new worker, effectively undoing the deferred Done above...
+	rw.wg.Add(1)
+
+	// ...and start again from the top.
+	go rw.maintain(replacer)
+}
+
+// replacer exists to satisfy the very narrow constraints of the
+// RestartWorkers.maintain method. The methods will be called
+// in the order defined, as annotated:
+type replacer interface {
+
+	// needed returns a channel that will be closed when the
+	// original worker has failed and needs to be restarted;
+	// once this has happened...
+	needed() <-chan struct{}
+
+	// ...prepare will then be called repeatedly until it returns
+	// true, indicating that it's created a replacement worker; at
+	// which point...
+	prepare() bool
+
+	// ...the workers mutex will be acquired, and it's safe for the
+	// replacer to write the new worker to the target pointer (and
+	// update its own internal references so that the next call to
+	// needed() returns a channel tied to the new worker's
+	// lifetime).
+	replace()
+
+	// The actual *implementation* of the various kinds of replacer
+	// should not vary -- they'd be great candidates for codegen or
+	// even generics(!).
+}
+
+// txnLogWorkerReplacer implements replacer. Apart from the types, it
+// should be identical to presenceWorkerReplacer and leaseWorkerReplacer.
+type txnLogWorkerReplacer struct {
+	start   func() (TxnLogWorker, error)
+	current TxnLogWorker
+	next    TxnLogWorker
+	target  *TxnLogWorker
+}
+
+func (r *txnLogWorkerReplacer) needed() <-chan struct{} {
+	return worker.Dead(r.current)
+}
+
+func (r *txnLogWorkerReplacer) prepare() bool {
+	var err error
+	r.next, err = r.start()
+	return err == nil
+}
+
+func (r *txnLogWorkerReplacer) replace() {
+	*r.target = r.next
+	r.current = r.next
+	r.next = nil
+}
+
+// presenceWorkerReplacer implements replacer. Apart from the types, it
+// should be identical to txnLogWorkerReplacer and leaseWorkerReplacer.
+type presenceWorkerReplacer struct {
+	start   func() (PresenceWorker, error)
+	current PresenceWorker
+	next    PresenceWorker
+	target  *PresenceWorker
+}
+
+func (r *presenceWorkerReplacer) needed() <-chan struct{} {
+	return worker.Dead(r.current)
+}
+
+func (r *presenceWorkerReplacer) prepare() bool {
+	var err error
+	r.next, err = r.start()
+	return err == nil
+}
+
+func (r *presenceWorkerReplacer) replace() {
+	*r.target = r.next
+	r.current = r.next
+	r.next = nil
+}
+
+// leaseWorkerReplacer implements replacer. Apart from the types, it
+// should be identical to presenceWorkerReplacer and txnLogWorkerReplacer.
+type leaseWorkerReplacer struct {
+	start   func() (LeaseWorker, error)
+	current LeaseWorker
+	next    LeaseWorker
+	target  *LeaseWorker
+}
+
+func (r *leaseWorkerReplacer) needed() <-chan struct{} {
+	return worker.Dead(r.current)
+}
+
+func (r *leaseWorkerReplacer) prepare() bool {
+	var err error
+	r.next, err = r.start()
+	return err == nil
+}
+
+func (r *leaseWorkerReplacer) replace() {
+	*r.target = r.next
+	r.current = r.next
+	r.next = nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/restart_test.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/restart_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers/restart_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers/restart_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,290 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package workers_test
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/clock"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/state/workers"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/workertest"
+)
+
+type RestartWorkersSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&RestartWorkersSuite{})
+
+func (*RestartWorkersSuite) TestValidateSuccess(c *gc.C) {
+	config := workers.RestartConfig{
+		Factory: struct{ workers.Factory }{},
+		Logger:  loggo.GetLogger("test"),
+		Clock:   struct{ clock.Clock }{},
+		Delay:   time.Nanosecond,
+	}
+	err := config.Validate()
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (*RestartWorkersSuite) TestValidateMissingFactory(c *gc.C) {
+	config := validRestartConfig()
+	config.Factory = nil
+	checkInvalidRestartConfig(c, config, "nil Factory not valid")
+}
+
+func (*RestartWorkersSuite) TestValidateUninitializedLogger(c *gc.C) {
+	config := validRestartConfig()
+	config.Logger = loggo.Logger{}
+	checkInvalidRestartConfig(c, config, "uninitialized Logger not valid")
+}
+
+func (*RestartWorkersSuite) TestValidateMissingClock(c *gc.C) {
+	config := validRestartConfig()
+	config.Clock = nil
+	checkInvalidRestartConfig(c, config, "nil Clock not valid")
+}
+
+func (*RestartWorkersSuite) TestValidateMissingDelay(c *gc.C) {
+	config := validRestartConfig()
+	config.Delay = 0
+	checkInvalidRestartConfig(c, config, "non-positive Delay not valid")
+}
+
+func (*RestartWorkersSuite) TestValidateNegativeDelay(c *gc.C) {
+	config := validRestartConfig()
+	config.Delay = -time.Second
+	checkInvalidRestartConfig(c, config, "non-positive Delay not valid")
+}
+
+func (*RestartWorkersSuite) TestNewLeadershipManagerError(c *gc.C) {
+	fix := Fixture{
+		LW_errors: []error{ErrFailStart},
+	}
+	fix.FailRestart(c, "cannot create leadership lease manager: bad start")
+}
+
+func (*RestartWorkersSuite) TestNewSingularManagerError(c *gc.C) {
+	fix := Fixture{
+		LW_errors: []error{nil},
+		SW_errors: []error{ErrFailStart},
+	}
+	fix.FailRestart(c, "cannot create singular lease manager: bad start")
+}
+
+func (*RestartWorkersSuite) TestNewTxnLogWatcherError(c *gc.C) {
+	fix := Fixture{
+		LW_errors:  []error{nil},
+		SW_errors:  []error{nil},
+		TLW_errors: []error{ErrFailStart},
+	}
+	fix.FailRestart(c, "cannot create transaction log watcher: bad start")
+}
+
+func (*RestartWorkersSuite) TestNewPresenceWatcherError(c *gc.C) {
+	fix := BasicFixture()
+	fix.PW_errors = []error{ErrFailStart}
+	fix.FailRestart(c, "cannot create presence watcher: bad start")
+}
+
+func (*RestartWorkersSuite) TestLeadershipManagerDelay(c *gc.C) {
+	fix := BasicFixture()
+	fix.LW_errors = []error{errors.New("oof")}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.LWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.LeadershipManager(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(almostFiveSeconds)
+		AssertWorker(c, rw.LeadershipManager(), w)
+
+		err := workertest.CheckKill(c, rw)
+		c.Check(err, gc.ErrorMatches, "error stopping leadership lease manager: oof")
+	})
+}
+
+func (*RestartWorkersSuite) TestSingularManagerDelay(c *gc.C) {
+	fix := BasicFixture()
+	fix.SW_errors = []error{errors.New("oof")}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.SWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.SingularManager(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(almostFiveSeconds)
+		AssertWorker(c, rw.SingularManager(), w)
+
+		err := workertest.CheckKill(c, rw)
+		c.Check(err, gc.ErrorMatches, "error stopping singular lease manager: oof")
+	})
+}
+
+func (*RestartWorkersSuite) TestTxnLogWatcherDelay(c *gc.C) {
+	fix := BasicFixture()
+	fix.TLW_errors = []error{errors.New("oof")}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.TLWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.TxnLogWatcher(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(almostFiveSeconds)
+		AssertWorker(c, rw.TxnLogWatcher(), w)
+
+		err := workertest.CheckKill(c, rw)
+		c.Check(err, gc.ErrorMatches, "error stopping transaction log watcher: oof")
+	})
+}
+
+func (*RestartWorkersSuite) TestPresenceWatcherDelay(c *gc.C) {
+	fix := BasicFixture()
+	fix.PW_errors = []error{errors.New("oof")}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.PWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.PresenceWatcher(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(almostFiveSeconds)
+		AssertWorker(c, rw.PresenceWatcher(), w)
+
+		err := workertest.CheckKill(c, rw)
+		c.Check(err, gc.ErrorMatches, "error stopping presence watcher: oof")
+	})
+}
+
+func (*RestartWorkersSuite) TestLeadershipManagerRestart(c *gc.C) {
+	fix := BasicFixture()
+	fix.LW_errors = []error{errors.New("oof"), nil}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.LWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.LeadershipManager(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(fiveSeconds)
+		w2 := NextWorker(c, ctx.LWs())
+		c.Assert(w, gc.NotNil)
+		WaitWorker(c, LM_getter(rw), w2)
+
+		workertest.CleanKill(c, rw)
+	})
+}
+
+func (*RestartWorkersSuite) TestSingularManagerRestart(c *gc.C) {
+	fix := BasicFixture()
+	fix.SW_errors = []error{errors.New("oof"), nil}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.SWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.SingularManager(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(fiveSeconds)
+		w2 := NextWorker(c, ctx.SWs())
+		c.Assert(w, gc.NotNil)
+		WaitWorker(c, SM_getter(rw), w2)
+
+		workertest.CleanKill(c, rw)
+	})
+}
+
+func (*RestartWorkersSuite) TestTxnLogWatcherRestart(c *gc.C) {
+	fix := BasicFixture()
+	fix.TLW_errors = []error{errors.New("oof"), nil}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.TLWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.TxnLogWatcher(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(fiveSeconds)
+		w2 := NextWorker(c, ctx.TLWs())
+		c.Assert(w, gc.NotNil)
+		WaitWorker(c, TLW_getter(rw), w2)
+
+		workertest.CleanKill(c, rw)
+	})
+}
+
+func (*RestartWorkersSuite) TestPresenceWatcherRestart(c *gc.C) {
+	fix := BasicFixture()
+	fix.PW_errors = []error{errors.New("oof"), nil}
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		w := NextWorker(c, ctx.PWs())
+		c.Assert(w, gc.NotNil)
+		AssertWorker(c, rw.PresenceWatcher(), w)
+		w.Kill()
+
+		clock := ctx.Clock()
+		WaitAlarms(c, clock, 1)
+		clock.Advance(fiveSeconds)
+		w2 := NextWorker(c, ctx.PWs())
+		c.Assert(w, gc.NotNil)
+		WaitWorker(c, PW_getter(rw), w2)
+
+		workertest.CleanKill(c, rw)
+	})
+}
+
+func (*RestartWorkersSuite) TestStopsAllWorkers(c *gc.C) {
+	fix := BasicFixture()
+	fix.RunRestart(c, func(ctx Context, rw *workers.RestartWorkers) {
+		workertest.CleanKill(c, rw)
+		for _, ch := range []<-chan worker.Worker{
+			ctx.LWs(), ctx.SWs(), ctx.TLWs(), ctx.PWs(),
+		} {
+			w := NextWorker(c, ch)
+			workertest.CheckKilled(c, w)
+		}
+	})
+}
+
+func validRestartConfig() workers.RestartConfig {
+	return workers.RestartConfig{
+		Factory: struct{ workers.Factory }{},
+		Logger:  loggo.GetLogger("test"),
+		Clock:   struct{ clock.Clock }{},
+		Delay:   time.Nanosecond,
+	}
+}
+
+func checkInvalidRestartConfig(c *gc.C, config workers.RestartConfig, match string) {
+	check := func(err error) {
+		c.Check(err, jc.Satisfies, errors.IsNotValid)
+		c.Check(err, gc.ErrorMatches, match)
+	}
+
+	err := config.Validate()
+	check(err)
+
+	rw, err := workers.NewRestartWorkers(config)
+	if !c.Check(rw, gc.IsNil) {
+		workertest.DirtyKill(c, rw)
+	}
+	check(err)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/state/workers.go juju-core-2.0~beta12/src/github.com/juju/juju/state/workers.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/state/workers.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/state/workers.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,67 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package state
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/utils/clock"
+
+	"github.com/juju/juju/state/presence"
+	"github.com/juju/juju/state/watcher"
+	"github.com/juju/juju/state/workers"
+	"github.com/juju/juju/worker/lease"
+)
+
+type workersFactory struct {
+	st    *State
+	clock clock.Clock
+}
+
+func (wf workersFactory) NewTxnLogWorker() (workers.TxnLogWorker, error) {
+	coll := wf.st.getTxnLogCollection()
+	worker := watcher.New(coll)
+	return worker, nil
+}
+
+func (wf workersFactory) NewPresenceWorker() (workers.PresenceWorker, error) {
+	coll := wf.st.getPresenceCollection()
+	worker := presence.NewWatcher(coll, wf.st.ModelTag())
+	return worker, nil
+}
+
+func (wf workersFactory) NewLeadershipWorker() (workers.LeaseWorker, error) {
+	client, err := wf.st.getLeadershipLeaseClient()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	manager, err := lease.NewManager(lease.ManagerConfig{
+		Secretary: leadershipSecretary{},
+		Client:    client,
+		Clock:     wf.clock,
+		MaxSleep:  time.Minute,
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return manager, nil
+}
+
+func (wf workersFactory) NewSingularWorker() (workers.LeaseWorker, error) {
+	client, err := wf.st.getSingularLeaseClient()
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	manager, err := lease.NewManager(lease.ManagerConfig{
+		Secretary: singularSecretary{wf.st.ModelUUID()},
+		Client:    client,
+		Clock:     wf.clock,
+		MaxSleep:  time.Minute,
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return manager, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/status/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/status/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/status/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/status/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package status_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/status/status.go juju-core-2.0~beta12/src/github.com/juju/juju/status/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/status/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/status/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,7 +3,9 @@
 
 package status
 
-import "time"
+import (
+	"time"
+)
 
 // Status used to represent the status of an entity, but has recently become
 // and applies to "workloads" as well, which we don't currently model, for no
@@ -13,6 +15,11 @@
 // (workloads), service (workloads), volumes, filesystems, and models.
 type Status string
 
+// String returns a string representation of the Status.
+func (s Status) String() string {
+	return string(s)
+}
+
 // StatusInfo holds a Status and associated information.
 type StatusInfo struct {
 	Status  Status
@@ -23,7 +30,7 @@
 
 // StatusSetter represents a type whose status can be set.
 type StatusSetter interface {
-	SetStatus(status Status, info string, data map[string]interface{}) error
+	SetStatus(StatusInfo) error
 }
 
 // StatusGetter represents a type whose status can be read.
@@ -36,16 +43,6 @@
 	InstanceStatus() (StatusInfo, error)
 }
 
-// StatusHistoryGetter instances can fetch their status history.
-type StatusHistoryGetter interface {
-	StatusHistory(size int) ([]StatusInfo, error)
-}
-
-// InstanceStatusHistoryGetter instances can fetch their instance status history.
-type InstanceStatusHistoryGetter interface {
-	InstanceStatusHistory(size int) ([]StatusInfo, error)
-}
-
 const (
 	// Status values common to machine and unit agents.
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/status/status_history.go juju-core-2.0~beta12/src/github.com/juju/juju/status/status_history.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/status/status_history.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/status/status_history.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,180 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package status
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/juju/errors"
+)
+
+// StatusHistoryFilter holds arguments that can be use to filter a status history backlog.
+type StatusHistoryFilter struct {
+	Size  int
+	Date  *time.Time
+	Delta *time.Duration
+}
+
+// Validate checks that the minimum requirements of a StatusHistoryFilter are met.
+func (f *StatusHistoryFilter) Validate() error {
+	s := f.Size > 0
+	t := f.Date != nil
+	d := f.Delta != nil
+
+	switch {
+	case !(s || t || d):
+		return errors.NotValidf("empty struct")
+	case s && t:
+		return errors.NotValidf("Size and Date together")
+	case s && d:
+		return errors.NotValidf("Size and Delta together")
+	case t && d:
+		return errors.NotValidf("Date and Delta together")
+	}
+	return nil
+}
+
+// StatusHistoryGetter instances can fetch their status history.
+type StatusHistoryGetter interface {
+	StatusHistory(filter StatusHistoryFilter) ([]StatusInfo, error)
+}
+
+// InstanceStatusHistoryGetter instances can fetch their instance status history.
+type InstanceStatusHistoryGetter interface {
+	InstanceStatusHistory(filter StatusHistoryFilter) ([]StatusInfo, error)
+}
+
+// DetailedStatus holds status info about a machine or unit agent.
+type DetailedStatus struct {
+	Status  Status
+	Info    string
+	Data    map[string]interface{}
+	Since   *time.Time
+	Kind    HistoryKind
+	Version string
+	// TODO(perrito666) make sure this is not used and remove.
+	Life string
+	Err  error
+}
+
+// History holds many DetailedStatus,
+type History []DetailedStatus
+
+// push will take an input DetailedStatus and put it as element
+// 0 of the current history pushing all other elements by 1
+// and return the last element, now out of the slice.
+func (h *History) push(new DetailedStatus) DetailedStatus {
+	ch := *h
+	old := ch[0]
+	for i := 0; i < len(ch)-1; i++ {
+		ch[i] = ch[i+1]
+	}
+	ch[len(ch)-1] = new
+	return old
+}
+
+// SquashLogs will find repetitions of N consequent status log entries into just
+// one appearance of them and information about repetition.
+func (h *History) SquashLogs(cycleSize int) History {
+	statuses := *h
+	if len(statuses) <= cycleSize {
+		return statuses
+	}
+	buffer := History{}
+	for i := 0; i < cycleSize; i++ {
+		buffer = append(buffer, statuses[i])
+	}
+	result := []DetailedStatus{}
+	// TODO(perrito666) 2016-05-02 lp:1558657
+	now := time.Now()
+	var repeat int
+	var i int
+	repeatStatus := DetailedStatus{
+		Status: StatusIdle,
+		Info:   "",
+		Since:  &now,
+	}
+
+	for i = cycleSize; i < len(statuses); {
+		if i+cycleSize > len(statuses) {
+			break
+		}
+		subset := statuses[i : i+cycleSize]
+		repetition := true
+		for j := range subset {
+			if subset[j].Status != buffer[j].Status || subset[j].Info != buffer[j].Info {
+				repetition = false
+			}
+		}
+		if repetition {
+			repeat++
+			i = i + cycleSize
+			continue
+		}
+		if repeat > 0 {
+			rstatus := fmt.Sprintf("last %d statuses repeated %d times", cycleSize, repeat)
+			repeat = 0
+			repeatStatus.Info = rstatus
+			for j := 0; j < cycleSize; j++ {
+				result = append(result, buffer.push(subset[j]))
+			}
+			result = append(result, repeatStatus)
+			i = i + cycleSize
+			continue
+		}
+		result = append(result, buffer.push(statuses[i]))
+		i++
+	}
+	for j := 0; j < cycleSize; j++ {
+		result = append(result, buffer[j])
+	}
+	if repeat > 0 {
+		rstatus := fmt.Sprintf("last %d statuses repeated %d times", cycleSize, repeat)
+		repeatStatus.Info = rstatus
+		result = append(result, repeatStatus)
+	}
+	if i < len(statuses)-1 {
+		result = append(result, statuses[i+1:]...)
+	}
+
+	return result
+}
+
+// HistoryKind represents the possible types of
+// status history entries.
+type HistoryKind string
+
+const (
+	// KindUnit represents agent and workload combined.
+	KindUnit HistoryKind = "unit"
+	// KindUnitAgent represent a unit agent status history entry.
+	KindUnitAgent HistoryKind = "juju-unit"
+	// KindWorkload represents a charm workload status history entry.
+	KindWorkload HistoryKind = "workload"
+	// KindMachineInstance represents an entry for a machine instance.
+	KindMachineInstance = "machine"
+	// KindMachine represents an entry for a machine agent.
+	KindMachine = "juju-machine"
+	// KindContainerInstance represents an entry for a container instance.
+	KindContainerInstance = "container"
+	// KindContainer represents an entry for a container agent.
+	KindContainer = "juju-container"
+)
+
+// String returns a string representation of the HistoryKind.
+func (k HistoryKind) String() string {
+	return string(k)
+}
+
+// Valid will return true if the current kind is a valid one.
+func (k HistoryKind) Valid() bool {
+	switch k {
+	case KindUnit, KindUnitAgent, KindWorkload,
+		KindMachineInstance, KindMachine,
+		KindContainerInstance, KindContainer:
+		return true
+	}
+	return false
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/status/status_test.go juju-core-2.0~beta12/src/github.com/juju/juju/status/status_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/status/status_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/status/status_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,107 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package status_test
+
+import (
+	"time"
+
+	"github.com/juju/juju/status"
+	"github.com/juju/testing"
+	gc "gopkg.in/check.v1"
+)
+
+type statusHistorySuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&statusHistorySuite{})
+
+func (h *statusHistorySuite) TestStatusSquashing(c *gc.C) {
+	since := time.Now()
+	statuses := status.History{
+		{
+			Status: status.StatusActive,
+			Info:   "unique status one",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusActive,
+			Info:   "unique status two",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusActive,
+			Info:   "unique status three",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusExecuting,
+			Info:   "repeated status one",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusIdle,
+			Info:   "repeated status two",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusExecuting,
+			Info:   "repeated status one",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusIdle,
+			Info:   "repeated status two",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusExecuting,
+			Info:   "repeated status one",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusIdle,
+			Info:   "repeated status two",
+			Since:  &since,
+		},
+	}
+	newStatuses := statuses.SquashLogs(2)
+	c.Assert(newStatuses, gc.HasLen, 6)
+
+	newStatuses[5].Since = &since
+	expectedStatuses := status.History{
+		{
+			Status: status.StatusActive,
+			Info:   "unique status one",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusActive,
+			Info:   "unique status two",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusActive,
+			Info:   "unique status three",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusExecuting,
+			Info:   "repeated status one",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusIdle,
+			Info:   "repeated status two",
+			Since:  &since,
+		},
+		{
+			Status: status.StatusIdle,
+			Info:   "last 2 statuses repeated 2 times",
+			Since:  &since,
+		},
+	}
+
+	c.Assert(newStatuses, gc.DeepEquals, expectedStatuses)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/constraints.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/constraints.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/constraints.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/constraints.go	2016-07-18 19:45:44.000000000 +0000
@@ -62,7 +62,7 @@
 		}
 		if IsValidPoolName(field) {
 			if cons.Pool != "" {
-				logger.Warningf("pool name is already set to %q, ignoring %q", cons.Pool, field)
+				logger.Debugf("pool name is already set to %q, ignoring %q", cons.Pool, field)
 			} else {
 				cons.Pool = field
 			}
@@ -82,7 +82,7 @@
 			cons.Size = size
 			continue
 		}
-		logger.Warningf("ignoring unknown storage constraint %q", field)
+		logger.Debugf("ignoring unknown storage constraint %q", field)
 	}
 	if cons.Count == 0 && cons.Size == 0 && cons.Pool == "" {
 		return Constraints{}, errors.New("storage constraints require at least one field to be specified")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/filesystem.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/filesystem.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/filesystem.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/filesystem.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,7 +3,7 @@
 
 package storage
 
-import "github.com/juju/names"
+import "gopkg.in/juju/names.v2"
 
 // Filesystem identifies and describes a filesystem, either local or remote
 // (NFS, Ceph etc).
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package storage
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/path_test.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/path_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/path_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/path_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -37,3 +37,24 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(path, jc.SamePath, expect)
 }
+
+func (s *BlockDevicePathSuite) TestSortBlockDevices(c *gc.C) {
+	devices := []storage.BlockDevice{{
+		DeviceName:  "sdb",
+		DeviceLinks: []string{"by-b", "by-a"},
+	}, {
+		DeviceName:  "sda",
+		DeviceLinks: []string{"by-c", "by-d"},
+	}}
+	storage.SortBlockDevices(devices)
+
+	expected := []storage.BlockDevice{{
+		DeviceName:  "sda",
+		DeviceLinks: []string{"by-c", "by-d"},
+	}, {
+		DeviceName:  "sdb",
+		DeviceLinks: []string{"by-a", "by-b"},
+	}}
+
+	c.Assert(devices, jc.DeepEquals, expected)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/common_test.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/common_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"path/filepath"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 	"github.com/juju/juju/storage/provider"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/dummy/volumesource.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/dummy/volumesource.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/dummy/volumesource.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/dummy/volumesource.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package dummy
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,8 +8,8 @@
 	"strings"
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/loop.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/loop.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/loop.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/loop.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/storage"
@@ -229,7 +229,7 @@
 		return errors.Annotate(err, "locating loop device")
 	}
 	if len(deviceNames) > 1 {
-		logger.Warningf("expected 1 loop device, got %d", len(deviceNames))
+		logger.Errorf("expected 1 loop device, got %d", len(deviceNames))
 	}
 	for _, deviceName := range deviceNames {
 		if err := detachLoopDevice(lvs.run, deviceName); err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/loop_test.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/loop_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/loop_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/loop_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 	"github.com/juju/juju/storage/provider"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/managedfs.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/managedfs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/managedfs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/managedfs.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"unicode"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/managedfs_test.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/managedfs_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/managedfs_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/managedfs_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"path/filepath"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 	"github.com/juju/juju/storage/provider"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/rootfs.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/rootfs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/rootfs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/rootfs.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/storage"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/rootfs_test.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/rootfs_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/rootfs_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/rootfs_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"path/filepath"
 	"runtime"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 	"github.com/juju/juju/storage/provider"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/tmpfs.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/tmpfs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/tmpfs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/tmpfs.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/storage"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/tmpfs_test.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/tmpfs_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/provider/tmpfs_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/provider/tmpfs_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"errors"
 	"runtime"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 	"github.com/juju/juju/storage/provider"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/sort.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/sort.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/sort.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/sort.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,10 @@
 // SortBlockDevices sorts block devices by device name.
 func SortBlockDevices(devices []BlockDevice) {
 	sort.Sort(byDeviceName(devices))
+
+	for i := range devices {
+		sort.Strings(devices[i].DeviceLinks)
+	}
 }
 
 type byDeviceName []BlockDevice
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,7 +3,7 @@
 
 package storage
 
-import "github.com/juju/names"
+import "gopkg.in/juju/names.v2"
 
 // StorageKind defines the type of the datastore: whether it
 // is a raw block device, or a filesystem.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/storage/volume.go juju-core-2.0~beta12/src/github.com/juju/juju/storage/volume.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/storage/volume.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/storage/volume.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,7 +3,7 @@
 
 package storage
 
-import "github.com/juju/names"
+import "gopkg.in/juju/names.v2"
 
 // Volume identifies and describes a volume (disk, logical volume, etc.)
 type Volume struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/actionless/config.yaml juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/actionless/config.yaml
--- juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/actionless/config.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/actionless/config.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 options:
-  title: {default: My Title, description: A descriptive title used for the service., type: string}
+  title: {default: My Title, description: A descriptive title used for the application., type: string}
   outlook: {description: No default outlook., type: string}
   username: {default: admin001, description: The name of the initial account (given admin permissions)., type: string}
   skill-level: {description: A number indicating skill., type: int}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/dummy/config.yaml juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/dummy/config.yaml
--- juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/dummy/config.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/dummy/config.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 options:
-  title: {default: My Title, description: A descriptive title used for the service., type: string}
+  title: {default: My Title, description: A descriptive title used for the application., type: string}
   outlook: {description: No default outlook., type: string}
   username: {default: admin001, description: The name of the initial account (given admin permissions)., type: string}
   skill-level: {description: A number indicating skill., type: int}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms1/config.yaml juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms1/config.yaml
--- juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms1/config.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms1/config.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 options:
-  title: {default: My Title, description: A descriptive title used for the service., type: string}
+  title: {default: My Title, description: A descriptive title used for the application., type: string}
   outlook: {description: No default outlook., type: string}
   username: {default: admin001, description: The name of the initial account (given admin permissions)., type: string}
   skill-level: {description: A number indicating skill., type: int}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms2/config.yaml juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms2/config.yaml
--- juju-core-2.0~beta7/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms2/config.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testcharms/charm-repo/quantal/terms2/config.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 options:
-  title: {default: My Title, description: A descriptive title used for the service., type: string}
+  title: {default: My Title, description: A descriptive title used for the application., type: string}
   outlook: {description: No default outlook., type: string}
   username: {default: admin001, description: The name of the initial account (given admin permissions)., type: string}
   skill-level: {description: A number indicating skill., type: int}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testing/attrs.go juju-core-2.0~beta12/src/github.com/juju/juju/testing/attrs.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/testing/attrs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testing/attrs.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package testing
 
 // Attrs is a convenience type for messing
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testing/base.go juju-core-2.0~beta12/src/github.com/juju/juju/testing/base.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/testing/base.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testing/base.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,7 +21,6 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/juju/osenv"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/wrench"
 )
 
@@ -161,7 +160,6 @@
 	// We can't always just use IsolationSuite because we still need
 	// PATH and possibly a couple other envars.
 	s.PatchEnvironment("BASH_ENV", "")
-	network.SetPreferIPv6(false)
 }
 
 func (s *BaseSuite) TearDownTest(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testing/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/testing/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/testing/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testing/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,6 @@
 import (
 	"os"
 
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
@@ -14,7 +13,9 @@
 	"github.com/juju/utils/ssh"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/juju/osenv"
 )
@@ -37,6 +38,18 @@
 // ModelTag is a defined known valid UUID that can be used in testing.
 var ModelTag = names.NewModelTag("deadbeef-0bad-400d-8000-4b1d0d06f00d")
 
+// FakeControllerConfig() returns an environment configuration
+// that is expected to be found in state for a fake controller.
+func FakeControllerConfig() controller.Config {
+	return controller.Config{
+		"controller-uuid":         ModelTag.Id(),
+		"ca-cert":                 CACert,
+		"state-port":              1234,
+		"api-port":                17777,
+		"set-numa-control-policy": false,
+	}
+}
+
 // FakeConfig() returns an environment configuration for a
 // fake provider with all required attributes set.
 func FakeConfig() Attrs {
@@ -44,16 +57,10 @@
 		"type":                      "someprovider",
 		"name":                      "testenv",
 		"uuid":                      ModelTag.Id(),
-		"controller-uuid":           ModelTag.Id(),
 		"authorized-keys":           FakeAuthKeys,
 		"firewall-mode":             config.FwInstance,
-		"admin-secret":              "fish",
-		"ca-cert":                   CACert,
-		"ca-private-key":            CAKey,
 		"ssl-hostname-verification": true,
 		"development":               false,
-		"state-port":                19034,
-		"api-port":                  17777,
 		"default-series":            series.LatestLts(),
 	}
 }
@@ -61,7 +68,8 @@
 // ModelConfig returns a default environment configuration suitable for
 // setting in the state.
 func ModelConfig(c *gc.C) *config.Config {
-	return CustomModelConfig(c, Attrs{"uuid": mustUUID()})
+	uuid := mustUUID()
+	return CustomModelConfig(c, Attrs{"uuid": uuid})
 }
 
 // mustUUID returns a stringified uuid or panics
@@ -78,7 +86,7 @@
 func CustomModelConfig(c *gc.C, extra Attrs) *config.Config {
 	attrs := FakeConfig().Merge(Attrs{
 		"agent-version": "1.2.3",
-	}).Merge(extra).Delete("admin-secret", "ca-private-key")
+	}).Merge(extra).Delete("admin-secret")
 	cfg, err := config.New(config.NoDefaults, attrs)
 	c.Assert(err, jc.ErrorIsNil)
 	return cfg
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testing/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/testing/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/testing/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testing/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,11 +6,11 @@
 import (
 	"os"
 
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/juju/osenv"
 	"github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testing/factory/factory.go juju-core-2.0~beta12/src/github.com/juju/juju/testing/factory/factory.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/testing/factory/factory.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testing/factory/factory.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,15 +10,14 @@
 	"sync/atomic"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
-	"github.com/juju/juju/cloud"
 	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
@@ -52,7 +51,7 @@
 	Creator     names.Tag
 	NoModelUser bool
 	Disabled    bool
-	Access      state.ModelAccess
+	Access      state.Access
 }
 
 // ModelUserParams defines the parameters for creating an environment user.
@@ -60,7 +59,7 @@
 	User        string
 	DisplayName string
 	CreatedBy   names.Tag
-	Access      state.ModelAccess
+	Access      state.Access
 }
 
 // CharmParams defines the parameters for creating a charm.
@@ -85,11 +84,10 @@
 	Filesystems     []state.MachineFilesystemParams
 }
 
-// ServiceParams is used when specifying parameters for a new service.
-type ServiceParams struct {
+// ApplicationParams is used when specifying parameters for a new application.
+type ApplicationParams struct {
 	Name        string
 	Charm       *state.Charm
-	Creator     names.Tag
 	Status      *status.StatusInfo
 	Settings    map[string]interface{}
 	Constraints constraints.Value
@@ -97,7 +95,7 @@
 
 // UnitParams are used to create units.
 type UnitParams struct {
-	Service     *state.Service
+	Application *state.Application
 	Machine     *state.Machine
 	Password    string
 	SetCharmURL bool
@@ -119,15 +117,12 @@
 }
 
 type ModelParams struct {
-	Name        string
-	Owner       names.Tag
-	ConfigAttrs testing.Attrs
-
-	// If Prepare is true, the environment will be "prepared for bootstrap".
-	Prepare       bool
-	Credential    *cloud.Credential
-	CloudEndpoint string
-	CloudRegion   string
+	Name            string
+	Owner           names.Tag
+	ConfigAttrs     testing.Attrs
+	CloudName       string
+	CloudRegion     string
+	CloudCredential string
 }
 
 // RandomSuffix adds a random 5 character suffix to the presented string.
@@ -174,8 +169,8 @@
 		c.Assert(err, jc.ErrorIsNil)
 		params.Creator = env.Owner()
 	}
-	if params.Access == state.ModelUndefinedAccess {
-		params.Access = state.ModelAdminAccess
+	if params.Access == state.UndefinedAccess {
+		params.Access = state.AdminAccess
 	}
 	creatorUserTag := params.Creator.(names.UserTag)
 	user, err := factory.st.AddUser(
@@ -212,8 +207,8 @@
 	if params.DisplayName == "" {
 		params.DisplayName = uniqueString("display name")
 	}
-	if params.Access == state.ModelUndefinedAccess {
-		params.Access = state.ModelAdminAccess
+	if params.Access == state.UndefinedAccess {
+		params.Access = state.AdminAccess
 	}
 	if params.CreatedBy == nil {
 		env, err := factory.st.Model()
@@ -279,7 +274,7 @@
 	m, err := factory.st.AddMachineInsideMachine(
 		machineTemplate,
 		parentId,
-		instance.LXC,
+		instance.LXD,
 	)
 	c.Assert(err, jc.ErrorIsNil)
 	err = m.SetProvisioned(params.InstanceId, params.Nonce, params.Characteristics)
@@ -376,12 +371,12 @@
 	return charm
 }
 
-// MakeService creates a service with the specified parameters, substituting
+// MakeApplication creates an application with the specified parameters, substituting
 // sane defaults for missing values.
 // If params is not specified, defaults are used.
-func (factory *Factory) MakeService(c *gc.C, params *ServiceParams) *state.Service {
+func (factory *Factory) MakeApplication(c *gc.C, params *ApplicationParams) *state.Application {
 	if params == nil {
-		params = &ServiceParams{}
+		params = &ApplicationParams{}
 	}
 	if params.Charm == nil {
 		params.Charm = factory.MakeCharm(c, nil)
@@ -389,14 +384,8 @@
 	if params.Name == "" {
 		params.Name = params.Charm.Meta().Name
 	}
-	if params.Creator == nil {
-		creator := factory.MakeUser(c, nil)
-		params.Creator = creator.Tag()
-	}
-	_ = params.Creator.(names.UserTag)
-	service, err := factory.st.AddService(state.AddServiceArgs{
+	application, err := factory.st.AddApplication(state.AddApplicationArgs{
 		Name:        params.Name,
-		Owner:       params.Creator.String(),
 		Charm:       params.Charm,
 		Settings:    charm.Settings(params.Settings),
 		Constraints: params.Constraints,
@@ -404,14 +393,21 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	if params.Status != nil {
-		err = service.SetStatus(params.Status.Status, params.Status.Message, params.Status.Data)
+		now := time.Now()
+		s := status.StatusInfo{
+			Status:  params.Status.Status,
+			Message: params.Status.Message,
+			Data:    params.Status.Data,
+			Since:   &now,
+		}
+		err = application.SetStatus(s)
 		c.Assert(err, jc.ErrorIsNil)
 	}
 
-	return service
+	return application
 }
 
-// MakeUnit creates a service unit with specified params, filling in
+// MakeUnit creates an application unit with specified params, filling in
 // sane defaults for missing values.
 // If params is not specified, defaults are used.
 func (factory *Factory) MakeUnit(c *gc.C, params *UnitParams) *state.Unit {
@@ -419,7 +415,7 @@
 	return unit
 }
 
-// MakeUnit creates a service unit with specified params, filling in sane
+// MakeUnit creates an application unit with specified params, filling in sane
 // defaults for missing values. If params is not specified, defaults are used.
 // The unit and its password are returned.
 func (factory *Factory) MakeUnitReturningPassword(c *gc.C, params *UnitParams) (*state.Unit, string) {
@@ -429,8 +425,8 @@
 	if params.Machine == nil {
 		params.Machine = factory.MakeMachine(c, nil)
 	}
-	if params.Service == nil {
-		params.Service = factory.MakeService(c, &ServiceParams{
+	if params.Application == nil {
+		params.Application = factory.MakeApplication(c, &ApplicationParams{
 			Constraints: params.Constraints,
 		})
 	}
@@ -439,7 +435,7 @@
 		params.Password, err = utils.RandomPassword()
 		c.Assert(err, jc.ErrorIsNil)
 	}
-	unit, err := params.Service.AddUnit()
+	unit, err := params.Application.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	err = unit.AssignToMachine(params.Machine)
 	c.Assert(err, jc.ErrorIsNil)
@@ -447,20 +443,27 @@
 	agentTools := version.Binary{
 		Number: jujuversion.Current,
 		Arch:   arch.HostArch(),
-		Series: params.Service.Series(),
+		Series: params.Application.Series(),
 	}
 	err = unit.SetAgentVersion(agentTools)
 	c.Assert(err, jc.ErrorIsNil)
 	if params.SetCharmURL {
-		serviceCharmURL, _ := params.Service.CharmURL()
-		err = unit.SetCharmURL(serviceCharmURL)
+		applicationCharmURL, _ := params.Application.CharmURL()
+		err = unit.SetCharmURL(applicationCharmURL)
 		c.Assert(err, jc.ErrorIsNil)
 	}
 	err = unit.SetPassword(params.Password)
 	c.Assert(err, jc.ErrorIsNil)
 
 	if params.Status != nil {
-		err = unit.SetStatus(params.Status.Status, params.Status.Message, params.Status.Data)
+		now := time.Now()
+		s := status.StatusInfo{
+			Status:  params.Status.Status,
+			Message: params.Status.Message,
+			Data:    params.Status.Data,
+			Since:   &now,
+		}
+		err = unit.SetStatus(s)
 		c.Assert(err, jc.ErrorIsNil)
 	}
 
@@ -477,8 +480,8 @@
 	}
 	if params.Unit == nil {
 		meteredCharm := factory.MakeCharm(c, &CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-		meteredService := factory.MakeService(c, &ServiceParams{Charm: meteredCharm})
-		params.Unit = factory.MakeUnit(c, &UnitParams{Service: meteredService, SetCharmURL: true})
+		meteredApplication := factory.MakeApplication(c, &ApplicationParams{Charm: meteredCharm})
+		params.Unit = factory.MakeUnit(c, &UnitParams{Application: meteredApplication, SetCharmURL: true})
 	}
 	if params.Time == nil {
 		params.Time = &now
@@ -518,7 +521,7 @@
 		params = &RelationParams{}
 	}
 	if len(params.Endpoints) == 0 {
-		s1 := factory.MakeService(c, &ServiceParams{
+		s1 := factory.MakeApplication(c, &ApplicationParams{
 			Charm: factory.MakeCharm(c, &CharmParams{
 				Name: "mysql",
 			}),
@@ -526,7 +529,7 @@
 		e1, err := s1.Endpoint("server")
 		c.Assert(err, jc.ErrorIsNil)
 
-		s2 := factory.MakeService(c, &ServiceParams{
+		s2 := factory.MakeApplication(c, &ApplicationParams{
 			Charm: factory.MakeCharm(c, &CharmParams{
 				Name: "wordpress",
 			}),
@@ -556,6 +559,9 @@
 	if params.Name == "" {
 		params.Name = uniqueString("testenv")
 	}
+	if params.CloudName == "" {
+		params.CloudName = "dummy"
+	}
 	if params.Owner == nil {
 		origEnv, err := factory.st.Model()
 		c.Assert(err, jc.ErrorIsNil)
@@ -569,15 +575,16 @@
 	uuid, err := utils.NewUUID()
 	c.Assert(err, jc.ErrorIsNil)
 	cfg := testing.CustomModelConfig(c, testing.Attrs{
-		"name":       params.Name,
-		"uuid":       uuid.String(),
-		"type":       currentCfg.Type(),
-		"state-port": currentCfg.StatePort(),
-		"api-port":   currentCfg.APIPort(),
+		"name": params.Name,
+		"uuid": uuid.String(),
+		"type": currentCfg.Type(),
 	}.Merge(params.ConfigAttrs))
 	_, st, err := factory.st.NewModel(state.ModelArgs{
-		Config: cfg,
-		Owner:  params.Owner.(names.UserTag),
+		CloudName:       params.CloudName,
+		CloudRegion:     params.CloudRegion,
+		CloudCredential: params.CloudCredential,
+		Config:          cfg,
+		Owner:           params.Owner.(names.UserTag),
 	})
 	c.Assert(err, jc.ErrorIsNil)
 	return st
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/testing/factory/factory_test.go juju-core-2.0~beta12/src/github.com/juju/juju/testing/factory/factory_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/testing/factory/factory_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/testing/factory/factory_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,11 +9,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/state"
@@ -332,52 +332,35 @@
 	c.Assert(saved.BundleSha256(), gc.Equals, ch.BundleSha256())
 }
 
-func (s *factorySuite) TestMakeServiceNil(c *gc.C) {
-	service := s.Factory.MakeService(c, nil)
-	c.Assert(service, gc.NotNil)
+func (s *factorySuite) TestMakeApplicationNil(c *gc.C) {
+	application := s.Factory.MakeApplication(c, nil)
+	c.Assert(application, gc.NotNil)
 
-	saved, err := s.State.Service(service.Name())
+	saved, err := s.State.Application(application.Name())
 	c.Assert(err, jc.ErrorIsNil)
 
-	c.Assert(saved.Name(), gc.Equals, service.Name())
-	c.Assert(saved.Tag(), gc.Equals, service.Tag())
-	c.Assert(saved.Life(), gc.Equals, service.Life())
+	c.Assert(saved.Name(), gc.Equals, application.Name())
+	c.Assert(saved.Tag(), gc.Equals, application.Tag())
+	c.Assert(saved.Life(), gc.Equals, application.Life())
 }
 
-func (s *factorySuite) TestMakeService(c *gc.C) {
+func (s *factorySuite) TestMakeApplication(c *gc.C) {
 	charm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "wordpress"})
-	creator := s.Factory.MakeUser(c, &factory.UserParams{Name: "bill"}).Tag()
-	service := s.Factory.MakeService(c, &factory.ServiceParams{
-		Charm:   charm,
-		Creator: creator,
-	})
-	c.Assert(service, gc.NotNil)
-
-	c.Assert(service.Name(), gc.Equals, "wordpress")
-	c.Assert(service.GetOwnerTag(), gc.Equals, creator.String())
-	curl, _ := service.CharmURL()
+	application := s.Factory.MakeApplication(c, &factory.ApplicationParams{
+		Charm: charm,
+	})
+	c.Assert(application, gc.NotNil)
+
+	c.Assert(application.Name(), gc.Equals, "wordpress")
+	curl, _ := application.CharmURL()
 	c.Assert(curl, gc.DeepEquals, charm.URL())
 
-	saved, err := s.State.Service(service.Name())
+	saved, err := s.State.Application(application.Name())
 	c.Assert(err, jc.ErrorIsNil)
 
-	c.Assert(saved.Name(), gc.Equals, service.Name())
-	c.Assert(saved.Tag(), gc.Equals, service.Tag())
-	c.Assert(saved.Life(), gc.Equals, service.Life())
-}
-
-func (s *factorySuite) TestMakeServiceInvalidCreator(c *gc.C) {
-	serviceName := "mysql"
-	invalidFunc := func() {
-		s.Factory.MakeService(c, &factory.ServiceParams{
-			Name:    serviceName,
-			Creator: names.NewMachineTag("0"),
-		})
-	}
-	c.Assert(invalidFunc, gc.PanicMatches, `interface conversion: .*`)
-	saved, err := s.State.Service(serviceName)
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-	c.Assert(saved, gc.IsNil)
+	c.Assert(saved.Name(), gc.Equals, application.Name())
+	c.Assert(saved.Tag(), gc.Equals, application.Tag())
+	c.Assert(saved.Life(), gc.Equals, application.Life())
 }
 
 func (s *factorySuite) TestMakeUnitNil(c *gc.C) {
@@ -388,32 +371,32 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(saved.Name(), gc.Equals, unit.Name())
-	c.Assert(saved.ServiceName(), gc.Equals, unit.ServiceName())
+	c.Assert(saved.ApplicationName(), gc.Equals, unit.ApplicationName())
 	c.Assert(saved.Series(), gc.Equals, unit.Series())
 	c.Assert(saved.Life(), gc.Equals, unit.Life())
 }
 
 func (s *factorySuite) TestMakeUnit(c *gc.C) {
-	service := s.Factory.MakeService(c, nil)
+	application := s.Factory.MakeApplication(c, nil)
 	unit := s.Factory.MakeUnit(c, &factory.UnitParams{
-		Service:     service,
+		Application: application,
 		SetCharmURL: true,
 	})
 	c.Assert(unit, gc.NotNil)
 
-	c.Assert(unit.ServiceName(), gc.Equals, service.Name())
+	c.Assert(unit.ApplicationName(), gc.Equals, application.Name())
 
 	saved, err := s.State.Unit(unit.Name())
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(saved.Name(), gc.Equals, unit.Name())
-	c.Assert(saved.ServiceName(), gc.Equals, unit.ServiceName())
+	c.Assert(saved.ApplicationName(), gc.Equals, unit.ApplicationName())
 	c.Assert(saved.Series(), gc.Equals, unit.Series())
 	c.Assert(saved.Life(), gc.Equals, unit.Life())
 
-	serviceCharmURL, _ := service.CharmURL()
+	applicationCharmURL, _ := application.CharmURL()
 	unitCharmURL, _ := saved.CharmURL()
-	c.Assert(unitCharmURL, gc.DeepEquals, serviceCharmURL)
+	c.Assert(unitCharmURL, gc.DeepEquals, applicationCharmURL)
 }
 
 func (s *factorySuite) TestMakeRelationNil(c *gc.C) {
@@ -430,8 +413,8 @@
 }
 
 func (s *factorySuite) TestMakeRelation(c *gc.C) {
-	s1 := s.Factory.MakeService(c, &factory.ServiceParams{
-		Name: "service1",
+	s1 := s.Factory.MakeApplication(c, &factory.ApplicationParams{
+		Name: "application1",
 		Charm: s.Factory.MakeCharm(c, &factory.CharmParams{
 			Name: "wordpress",
 		}),
@@ -439,8 +422,8 @@
 	e1, err := s1.Endpoint("db")
 	c.Assert(err, jc.ErrorIsNil)
 
-	s2 := s.Factory.MakeService(c, &factory.ServiceParams{
-		Name: "service2",
+	s2 := s.Factory.MakeApplication(c, &factory.ApplicationParams{
+		Name: "application2",
 		Charm: s.Factory.MakeCharm(c, &factory.CharmParams{
 			Name: "mysql",
 		}),
@@ -483,8 +466,8 @@
 func (s *factorySuite) TestMakeMetric(c *gc.C) {
 	now := time.Now().Round(time.Second).UTC()
 	meteredCharm := s.Factory.MakeCharm(c, &factory.CharmParams{Name: "metered", URL: "cs:quantal/metered"})
-	meteredService := s.Factory.MakeService(c, &factory.ServiceParams{Charm: meteredCharm})
-	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Service: meteredService, SetCharmURL: true})
+	meteredApplication := s.Factory.MakeApplication(c, &factory.ApplicationParams{Charm: meteredCharm})
+	unit := s.Factory.MakeUnit(c, &factory.UnitParams{Application: meteredApplication, SetCharmURL: true})
 	metric := s.Factory.MakeMetric(c, &factory.MetricParams{
 		Unit:    unit,
 		Time:    &now,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/client.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -279,7 +279,7 @@
 		if strings.HasPrefix(line, "USE_LXD_BRIDGE=") {
 			b, err := strconv.ParseBool(strings.Trim(line[len("USE_LXD_BRIDGE="):], " \""))
 			if err != nil {
-				logger.Warningf("couldn't parse bool, skipping USE_LXD_BRIDGE check: %s", err)
+				logger.Debugf("couldn't parse bool, skipping USE_LXD_BRIDGE check: %s", err)
 				continue
 			}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/client_image.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/client_image.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/client_image.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/client_image.go	2016-07-18 19:45:44.000000000 +0000
@@ -145,13 +145,7 @@
 			forward: forwarder.Forward,
 		}
 		err = source.CopyImage(target, i.raw, []string{name}, adapter.copyProgress)
-		if err != nil {
-			// TODO(jam) Should this be fatal? Or just set lastErr
-			// and then continue on?
-			logger.Warningf("error copying image: %s", err)
-			return errors.Annotatef(err, "unable to get LXD image for %s", name)
-		}
-		return nil
+		return errors.Annotatef(err, "unable to get LXD image for %s", name)
 	}
 	return lastErr
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/client_instance.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/client_instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/client_instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/client_instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,6 +6,7 @@
 package lxdclient
 
 import (
+	"fmt"
 	"strings"
 
 	"github.com/juju/errors"
@@ -16,6 +17,9 @@
 	"github.com/juju/juju/network"
 )
 
+type Device map[string]string
+type Devices map[string]Device
+
 // TODO(ericsnow) We probably need to address some of the things that
 // get handled in container/lxc/clonetemplate.go.
 
@@ -28,6 +32,7 @@
 
 	WaitForSuccess(waitURL string) error
 	ContainerState(name string) (*shared.ContainerState, error)
+	ContainerDeviceAdd(container, devname, devtype string, props []string) (*lxd.Response, error)
 }
 
 type instanceClient struct {
@@ -35,6 +40,16 @@
 	remote string
 }
 
+func deviceProperties(device Device) []string {
+	var props []string
+
+	for k, v := range device {
+		props = append(props, fmt.Sprintf("%s=%s", k, v))
+	}
+
+	return props
+}
+
 func (client *instanceClient) addInstance(spec InstanceSpec) error {
 	imageRemote := spec.ImageRemote
 	if imageRemote == "" {
@@ -65,6 +80,23 @@
 		return errors.Trace(err)
 	}
 
+	for name, device := range spec.Devices {
+		deviceType, ok := device["type"]
+		if !ok {
+			continue
+		}
+		props := deviceProperties(device)
+		logger.Infof("adding device=%s, type=%s with properties=%q to container %s",
+			name, deviceType, props, spec.Name)
+		resp, err := client.raw.ContainerDeviceAdd(spec.Name, name, deviceType, props)
+		if err != nil {
+			return errors.Trace(err)
+		}
+		if err := client.raw.WaitForSuccess(resp.Operation); err != nil {
+			return errors.Trace(err)
+		}
+	}
+
 	return nil
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/config.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,12 +11,6 @@
 
 // Config contains the config values used for a connection to the LXD API.
 type Config struct {
-	// Namespace identifies the namespace to associate with containers
-	// and other resources with which the client interacts. It may be
-	// blank.
-	// TODO(jam) This doesn't appear to do much at the moment.
-	Namespace string
-
 	// Remote identifies the remote server to which the client should
 	// connect. For the default "remote" use Local.
 	Remote Remote
@@ -38,7 +32,6 @@
 
 // Validate checks the client's fields for invalid values.
 func (cfg Config) Validate() error {
-	// TODO(ericsnow) Check cfg.Namespace (if provided)?
 	if err := cfg.Remote.Validate(); err != nil {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -42,8 +42,7 @@
 
 func (s *configSuite) TestWithDefaultsOkay(c *gc.C) {
 	cfg := lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    s.remote,
+		Remote: s.remote,
 	}
 	updated, err := cfg.WithDefaults()
 	c.Assert(err, jc.ErrorIsNil)
@@ -52,36 +51,30 @@
 }
 
 func (s *configSuite) TestWithDefaultsMissingRemote(c *gc.C) {
-	cfg := lxdclient.Config{
-		Namespace: "my-ns",
-	}
+	cfg := lxdclient.Config{}
 	updated, err := cfg.WithDefaults()
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(updated, jc.DeepEquals, lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    lxdclient.Local,
+		Remote: lxdclient.Local,
 	})
 }
 
 func (s *configSuite) TestWithDefaultsMissingStream(c *gc.C) {
 	cfg := lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    s.remote,
+		Remote: s.remote,
 	}
 	updated, err := cfg.WithDefaults()
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Check(updated, jc.DeepEquals, lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    s.remote,
+		Remote: s.remote,
 	})
 }
 
 func (s *configSuite) TestValidateOkay(c *gc.C) {
 	cfg := lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    s.remote,
+		Remote: s.remote,
 	}
 	err := cfg.Validate()
 
@@ -98,9 +91,7 @@
 }
 
 func (s *configSuite) TestValidateMissingRemote(c *gc.C) {
-	cfg := lxdclient.Config{
-		Namespace: "my-ns",
-	}
+	cfg := lxdclient.Config{}
 	err := cfg.Validate()
 
 	c.Check(err, jc.Satisfies, errors.IsNotValid)
@@ -115,8 +106,7 @@
 
 func (s *configSuite) TestUsingTCPRemoteNoop(c *gc.C) {
 	cfg := lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    s.remote,
+		Remote: s.remote,
 	}
 	nonlocal, err := cfg.UsingTCPRemote()
 	c.Assert(err, jc.ErrorIsNil)
@@ -165,15 +155,13 @@
 	lxdclient.PatchGenerateCertificate(&s.CleanupSuite, testingCert, testingKey)
 
 	cfg := lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    lxdclient.Local,
+		Remote: lxdclient.Local,
 	}
 	nonlocal, err := cfg.UsingTCPRemote()
 	c.Assert(err, jc.ErrorIsNil)
 
 	checkValidRemote(c, &nonlocal.Remote)
 	c.Check(nonlocal, jc.DeepEquals, lxdclient.Config{
-		Namespace: "my-ns",
 		Remote: lxdclient.Remote{
 			Name:          lxdclient.Local.Name,
 			Host:          nonlocal.Remote.Host,
@@ -191,8 +179,7 @@
 
 func newLocalClient(c *gc.C) *lxdclient.Client {
 	client, err := lxdclient.Connect(lxdclient.Config{
-		Namespace: "my-ns",
-		Remote:    lxdclient.Local,
+		Remote: lxdclient.Local,
 	})
 	if err != nil {
 		c.Log(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/instance.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/instance.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/instance.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/instance.go	2016-07-18 19:45:44.000000000 +0000
@@ -76,6 +76,9 @@
 	// Metadata is the instance metadata.
 	Metadata map[string]string
 
+	// Devices to be added at container initialisation time
+	Devices
+
 	// TODO(ericsnow) Other possible fields:
 	// Disks
 	// Networks
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/lxd_client.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/lxd_client.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/lxd_client.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/lxd_client.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,8 +27,6 @@
 	StatusCancelled        = "Canceled"
 	StatusSuccess          = "Success"
 	StatusFailure          = "Failure"
-
-	DefaultLXDBridge = "lxdbr0"
 )
 
 var allStatuses = map[string]shared.StatusCode{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/lxd_go12.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/lxd_go12.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/lxd_go12.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/lxd_go12.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,8 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// +build !go1.3
-
-package lxdclient
-
-const DefaultLXDBridge = "INVALIDLXDBRIDGEGO12"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/remote.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/remote.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/remote.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/remote.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,6 +9,8 @@
 	"github.com/juju/errors"
 	"github.com/juju/utils"
 	lxdshared "github.com/lxc/lxd/shared"
+
+	"github.com/juju/juju/network"
 )
 
 const (
@@ -191,7 +193,7 @@
 	// TODO: jam 2016-02-25 This should be updated for systems that are
 	// 	 space aware, as we may not be just using the default LXC
 	// 	 bridge.
-	addr, err := utils.GetAddressForInterface(DefaultLXDBridge)
+	addr, err := utils.GetAddressForInterface(network.DefaultLXDBridge)
 	if err != nil {
 		return r, errors.Trace(err)
 	}
@@ -206,9 +208,3 @@
 
 	return r, nil
 }
-
-// TODO(ericsnow) Add a "Connect(Config)" method that connects
-// to the remote and returns the corresponding Client.
-
-// TODO(ericsnow) Add a "Register" method to Client that adds the remote
-// to the client's remote?
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/remote_test.go juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/remote_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/tools/lxdclient/remote_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/tools/lxdclient/remote_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,12 +6,15 @@
 package lxdclient_test
 
 import (
+	"fmt"
 	"net"
 
 	"github.com/juju/errors"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 
+	"github.com/juju/juju/network"
 	"github.com/juju/juju/tools/lxdclient"
 )
 
@@ -406,11 +409,6 @@
 	c.Check(id, gc.Equals, "local")
 }
 
-func (s *remoteSuite) TestUsingTCPOkay(c *gc.C) {
-	c.Skip("not implemented yet")
-	// TODO(ericsnow) Finish this!
-}
-
 func (s *remoteSuite) TestUsingTCPNoop(c *gc.C) {
 	remote := lxdclient.Remote{
 		Name:     "my-remote",
@@ -429,9 +427,12 @@
 }
 
 func (s *remoteFunctionalSuite) TestUsingTCP(c *gc.C) {
-	if _, err := net.InterfaceByName(lxdclient.DefaultLXDBridge); err != nil {
+	if _, err := net.InterfaceByName(network.DefaultLXDBridge); err != nil {
 		c.Skip("network bridge interface not found")
 	}
+	if _, err := utils.GetAddressForInterface(network.DefaultLXDBridge); err != nil {
+		c.Skip(fmt.Sprintf("no IPv4 address available for %s", network.DefaultLXDBridge))
+	}
 	lxdclient.PatchGenerateCertificate(&s.CleanupSuite, testingCert, testingKey)
 
 	remote := lxdclient.Remote{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/operations.go juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/operations.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/operations.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/operations.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,9 +18,10 @@
 // (below).
 var stateUpgradeOperations = func() []Operation {
 	steps := []Operation{
+		// Replace when we have upgrades to do
 		upgradeToVersion{
-			version.MustParse("1.26.0"),
-			stateStepsFor126(),
+			version.MustParse("1.26-placeholder1"),
+			[]Step{},
 		},
 	}
 	return steps
@@ -31,9 +32,10 @@
 // state-based operations above, ordering is important.
 var upgradeOperations = func() []Operation {
 	steps := []Operation{
+		// Replace when we have upgrades to do
 		upgradeToVersion{
-			version.MustParse("1.26.0"),
-			stepsFor126(),
+			version.MustParse("1.26-placeholder1"),
+			[]Step{},
 		},
 	}
 	return steps
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/preupgradesteps.go juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/preupgradesteps.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/preupgradesteps.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/preupgradesteps.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,16 +18,15 @@
 // If any check fails, an error is returned which aborts the upgrade.
 func PreUpgradeSteps(st *state.State, agentConf agent.Config, isController, isMaster bool) error {
 	if err := checkDiskSpace(agentConf.DataDir()); err != nil {
-		return err
+		return errors.Trace(err)
 	}
 	if isController {
 		// Update distro info in case the new Juju controller version
 		// is aware of new supported series. We'll keep going if this
 		// fails, and the user can manually update it if they need to.
 		logger.Infof("updating distro-info")
-		if err := updateDistroInfo(); err != nil {
-			logger.Warningf("failed to update distro-info: %v", err)
-		}
+		err := updateDistroInfo()
+		return errors.Annotate(err, "failed to update distro-info")
 	}
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/steps126.go juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/steps126.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/steps126.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/steps126.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,77 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package upgrades
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/state/utils"
-	"github.com/juju/version"
-)
-
-// stepsFor126 returns upgrade steps for Juju 1.26.
-func stepsFor126() []Step {
-	return []Step{}
-}
-
-// stateStepsFor126 returns upgrade steps for Juju 1.26 that manipulate state directly.
-func stateStepsFor126() []Step {
-	return []Step{
-		&upgradeStep{
-			description: "add the version field to all settings docs",
-			targets:     []Target{DatabaseMaster},
-			run: func(context Context) error {
-				return state.MigrateSettingsSchema(context.State())
-			},
-		},
-		&upgradeStep{
-			description: "add status to filesystem",
-			targets:     []Target{DatabaseMaster},
-			run: func(context Context) error {
-				return state.AddFilesystemStatus(context.State())
-			},
-		},
-		&upgradeStep{
-			description: "upgrade model config",
-			targets:     []Target{DatabaseMaster},
-			run: func(context Context) error {
-				// TODO(axw) updateModelConfig should be
-				// called for all upgrades, to decouple this
-				// package from provider-specific upgrades.
-				st := context.State()
-				return upgradeModelConfig(st, st, environs.GlobalProviderRegistry())
-			},
-		},
-		//TODO(perrito666) make this an unconditional upgrade step.
-		// it would be ideal not to have to modify this package whenever we add provider upgrade steps.
-		&upgradeStep{
-			description: "provider side upgrades",
-			targets:     []Target{DatabaseMaster},
-			run: func(context Context) error {
-				st := context.State()
-				env, err := utils.GetEnviron(st)
-				if err != nil {
-					return errors.Annotate(err, "getting provider for upgrade")
-				}
-				return upgradeProviderChanges(env, st, version.Number{Major: 1, Minor: 26})
-			},
-		},
-		&upgradeStep{
-			description: "update machine preferred addresses",
-			targets:     []Target{DatabaseMaster},
-			run: func(context Context) error {
-				return state.AddPreferredAddressesToMachines(context.State())
-			},
-		},
-		&upgradeStep{
-			description: "add default endpoint bindings to services",
-			targets:     []Target{DatabaseMaster},
-			run: func(context Context) error {
-				return state.AddDefaultEndpointBindingsToServices(context.State())
-			},
-		},
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/steps126_test.go juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/steps126_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/steps126_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/steps126_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,34 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package upgrades_test
-
-import (
-	"github.com/juju/version"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/testing"
-)
-
-type steps126Suite struct {
-	testing.BaseSuite
-}
-
-var _ = gc.Suite(&steps126Suite{})
-
-func (s *steps126Suite) TestStepsFor126(c *gc.C) {
-	expected := []string{}
-	assertSteps(c, version.MustParse("1.26.0"), expected)
-}
-
-func (s *steps126Suite) TestStateStepsFor126(c *gc.C) {
-	expected := []string{
-		"add the version field to all settings docs",
-		"add status to filesystem",
-		"upgrade model config",
-		"provider side upgrades",
-		"update machine preferred addresses",
-		"add default endpoint bindings to services",
-	}
-	assertStateSteps(c, version.MustParse("1.26.0"), expected)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/upgrade_test.go juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/upgrade_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/upgrades/upgrade_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/upgrades/upgrade_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,10 +10,10 @@
 	"strings"
 	stdtesting "testing"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
@@ -669,16 +669,14 @@
 func (s *upgradeSuite) TestStateUpgradeOperationsVersions(c *gc.C) {
 	versions := extractUpgradeVersions(c, (*upgrades.StateUpgradeOperations)())
 	c.Assert(versions, gc.DeepEquals, []string{
-		// TODO(axw) change to 2.0 when we update version
-		"1.26.0",
+		"1.26-placeholder1",
 	})
 }
 
 func (s *upgradeSuite) TestUpgradeOperationsVersions(c *gc.C) {
 	versions := extractUpgradeVersions(c, (*upgrades.UpgradeOperations)())
 	c.Assert(versions, gc.DeepEquals, []string{
-		// TODO(axw) change to 2.0 when we update version
-		"1.26.0",
+		"1.26-placeholder1",
 	})
 }
 
@@ -687,7 +685,7 @@
 	for _, utv := range ops {
 		vers := utv.TargetVersion()
 		// Upgrade steps should only be targeted at final versions (not alpha/beta).
-		c.Check(vers.Tag, gc.Equals, "")
+		c.Check(vers.Tag, gc.Equals, "placeholder")
 		versions = append(versions, vers.String())
 	}
 	return versions
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,10 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package filelock
-
-// IsLocked is used just to see if the local lock instance is locked, and
-// is only required for use in tests.
-func IsLocked(lock *Lock) bool {
-	return lock.lockFile != nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/flock.go juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/flock.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/flock.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/flock.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,18 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// +build !windows
-
-package filelock
-
-import (
-	"syscall"
-)
-
-func flockLock(fd int) (err error) {
-	return syscall.Flock(fd, syscall.LOCK_EX)
-}
-
-func flockUnlock(fd int) (err error) {
-	return syscall.Flock(fd, syscall.LOCK_UN)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/flock_windows.go juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/flock_windows.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/flock_windows.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/flock_windows.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,16 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// +build windows
-
-package filelock
-
-import "fmt"
-
-func flockLock(fd int) (err error) {
-	return fmt.Errorf("not implemented")
-}
-
-func flockUnlock(fd int) (err error) {
-	return fmt.Errorf("not implemented")
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/lock.go juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/lock.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/lock.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/lock.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,82 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// filelock provides a machine wide file lock.
-package filelock
-
-import (
-	"fmt"
-	"os"
-	"path/filepath"
-	"regexp"
-
-	"github.com/juju/loggo"
-)
-
-const (
-	// NameRegexp specifies the regular expression used to identify valid lock names.
-	NameRegexp = "^[a-z]+[a-z0-9.-]*$"
-)
-
-var (
-	validName = regexp.MustCompile(NameRegexp)
-	logger    = loggo.GetLogger("juju.utils.filelock")
-)
-
-// Lock represents a machine wide file lock.
-type Lock struct {
-	name     string
-	lockDir  string
-	lockFile *os.File
-}
-
-// NewLock returns a new lock with the given name, using the given lock
-// directory, without acquiring it. The lock name must match the regular
-// expression defined by NameRegexp.
-func NewLock(dir, name string) (*Lock, error) {
-	if !validName.MatchString(name) {
-		return nil, fmt.Errorf("Invalid lock name %q.  Names must match %q", name, NameRegexp)
-	}
-	lockDir := filepath.Join(dir, name)
-	lock := &Lock{
-		name:    name,
-		lockDir: lockDir,
-	}
-	// Ensure the lockDir exists.
-	if err := os.MkdirAll(lockDir, 0755); err != nil {
-		return nil, err
-	}
-	return lock, nil
-}
-
-// Lock blocks until it is able to acquire the lock. It is good behaviour to
-// provide a message that is output in debugging information.
-func (lock *Lock) Lock(message string) error {
-	f, err := os.Open(lock.lockDir)
-	if err != nil {
-		return err
-	}
-	fd := int(f.Fd())
-	if err := flockLock(fd); err != nil {
-		f.Close()
-		return err
-	}
-	logger.Infof("acquired lock %q, %s", lock.name, message)
-	lock.lockFile = f
-	return nil
-}
-
-// Unlock releases a held lock.
-func (lock *Lock) Unlock() error {
-	if lock.lockFile == nil {
-		return nil
-	}
-	fd := int(lock.lockFile.Fd())
-	err := flockUnlock(fd)
-	if err == nil {
-		logger.Infof("release lock %q", lock.name)
-		lock.lockFile.Close()
-		lock.lockFile = nil
-	}
-	return err
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/lock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/lock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/lock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/lock_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,167 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-// +build !windows
-
-package filelock_test
-
-import (
-	"fmt"
-	"os"
-	"runtime"
-	"sync/atomic"
-	"time"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/juju/utils/filelock"
-)
-
-type flockSuite struct{}
-
-var _ = gc.Suite(&flockSuite{})
-
-// This test also happens to test that locks can get created when the
-// lock directory doesn't exist.
-func (s *flockSuite) TestValidNamesLockDir(c *gc.C) {
-
-	for _, name := range []string{
-		"a",
-		"longer",
-		"longer-with.special-characters",
-	} {
-		dir := c.MkDir()
-		_, err := filelock.NewLock(dir, name)
-		c.Assert(err, jc.ErrorIsNil)
-	}
-}
-
-func (s *flockSuite) TestInvalidNames(c *gc.C) {
-
-	for _, name := range []string{
-		".start",
-		"-start",
-		"NoCapitals",
-		"no+plus",
-		"no/slash",
-		"no\\backslash",
-		"no$dollar",
-		"no:colon",
-	} {
-		dir := c.MkDir()
-		_, err := filelock.NewLock(dir, name)
-		c.Assert(err, gc.ErrorMatches, "Invalid lock name .*")
-	}
-}
-
-func (s *flockSuite) TestNewLockWithExistingDir(c *gc.C) {
-	dir := c.MkDir()
-	err := os.MkdirAll(dir, 0755)
-	c.Assert(err, jc.ErrorIsNil)
-	_, err = filelock.NewLock(dir, "special")
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *flockSuite) TestLockBlocks(c *gc.C) {
-
-	dir := c.MkDir()
-	lock1, err := filelock.NewLock(dir, "testing")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(filelock.IsLocked(lock1), jc.IsFalse)
-	lock2, err := filelock.NewLock(dir, "testing")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(filelock.IsLocked(lock2), jc.IsFalse)
-
-	acquired := make(chan struct{})
-	err = lock1.Lock("")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(filelock.IsLocked(lock1), jc.IsTrue)
-
-	go func() {
-		lock2.Lock("")
-		c.Assert(filelock.IsLocked(lock2), jc.IsTrue)
-		acquired <- struct{}{}
-		close(acquired)
-	}()
-
-	// Waiting for something not to happen is inherently hard...
-	select {
-	case <-acquired:
-		c.Fatalf("Unexpected lock acquisition")
-	case <-time.After(coretesting.ShortWait):
-		// all good
-	}
-
-	err = lock1.Unlock()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(filelock.IsLocked(lock1), jc.IsFalse)
-
-	select {
-	case <-acquired:
-		// all good
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("Expected lock acquisition")
-	}
-}
-
-func (s *flockSuite) TestUnlock(c *gc.C) {
-	dir := c.MkDir()
-	lock, err := filelock.NewLock(dir, "testing")
-	c.Assert(err, jc.ErrorIsNil)
-	err = lock.Lock("test")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(filelock.IsLocked(lock), jc.IsTrue)
-
-	err = lock.Unlock()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(filelock.IsLocked(lock), jc.IsFalse)
-}
-
-func (s *flockSuite) TestStress(c *gc.C) {
-	const lockAttempts = 200
-	const concurrentLocks = 10
-
-	var counter = new(int64)
-	// Use atomics to update lockState to make sure the lock isn't held by
-	// someone else. A value of 1 means locked, 0 means unlocked.
-	var lockState = new(int32)
-	var done = make(chan struct{})
-	defer close(done)
-
-	dir := c.MkDir()
-
-	var stress = func(name string) {
-		defer func() { done <- struct{}{} }()
-		lock, err := filelock.NewLock(dir, "testing")
-		if err != nil {
-			c.Errorf("Failed to create a new lock")
-			return
-		}
-		for i := 0; i < lockAttempts; i++ {
-			err = lock.Lock(name)
-			c.Assert(err, jc.ErrorIsNil)
-			state := atomic.AddInt32(lockState, 1)
-			c.Assert(state, gc.Equals, int32(1))
-			// Tell the go routine scheduler to give a slice to someone else
-			// while we have this locked.
-			runtime.Gosched()
-			// need to decrement prior to unlock to avoid the race of someone
-			// else grabbing the lock before we decrement the state.
-			atomic.AddInt32(lockState, -1)
-			err = lock.Unlock()
-			c.Assert(err, jc.ErrorIsNil)
-			// increment the general counter
-			atomic.AddInt64(counter, 1)
-		}
-	}
-
-	for i := 0; i < concurrentLocks; i++ {
-		go stress(fmt.Sprintf("Lock %d", i))
-	}
-	for i := 0; i < concurrentLocks; i++ {
-		<-done
-	}
-	c.Assert(*counter, gc.Equals, int64(lockAttempts*concurrentLocks))
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/utils/filelock/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/utils/filelock/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package filelock_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/version/version.go juju-core-2.0~beta12/src/github.com/juju/juju/version/version.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/version/version.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/version/version.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,7 +19,7 @@
 // The presence and format of this constant is very important.
 // The debian/rules build recipe uses this value for the version
 // number of the release package.
-const version = "2.0-beta7"
+const version = "2.0-beta12"
 
 // The version that we switched over from old style numbering to new style.
 var switchOverVersion = semversion.MustParse("1.19.9")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/manifold.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,35 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/api/addresser"
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-)
-
-// ManifoldConfig describes the resources used by the addresser worker.
-type ManifoldConfig util.ApiManifoldConfig
-
-// Manifold returns a Manifold that encapsulates the addresser worker.
-func Manifold(config ManifoldConfig) dependency.Manifold {
-	return util.ApiManifold(
-		util.ApiManifoldConfig(config),
-		manifoldStart,
-	)
-}
-
-// manifoldStart creates an addresser worker, given a base.APICaller.
-func manifoldStart(apiCaller base.APICaller) (worker.Worker, error) {
-	api := addresser.NewAPI(apiCaller)
-	w, err := NewWorker(api)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return w, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,19 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser_test
-
-import (
-	stdtesting "testing"
-
-	"github.com/juju/testing"
-
-	coretesting "github.com/juju/juju/testing"
-)
-
-func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1519191")
-	}
-	coretesting.MgoTestPackage(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/worker.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,71 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-
-	apiaddresser "github.com/juju/juju/api/addresser"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/watcher"
-	"github.com/juju/juju/worker"
-)
-
-var logger = loggo.GetLogger("juju.worker.addresser")
-
-type addresserHandler struct {
-	api *apiaddresser.API
-}
-
-// NewWorker returns a worker that keeps track of IP address
-// lifecycles, releaseing and removing dead addresses.
-func NewWorker(api *apiaddresser.API) (worker.Worker, error) {
-	ok, err := api.CanDeallocateAddresses()
-	if err != nil {
-		return nil, errors.Annotate(err, "checking address deallocation")
-	}
-	if !ok {
-		// Environment does not support IP address
-		// deallocation.
-		logger.Debugf("address deallocation not supported; not starting worker")
-		return worker.FinishedWorker{}, nil
-	}
-	handler := &addresserHandler{api: api}
-	aw, err := watcher.NewStringsWorker(watcher.StringsConfig{
-		Handler: handler,
-	})
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return aw, nil
-}
-
-// SetUp is part of the StringsWorker interface.
-func (a *addresserHandler) SetUp() (watcher.StringsWatcher, error) {
-	return a.api.WatchIPAddresses()
-}
-
-// TearDown is part of the StringsWorker interface.
-func (a *addresserHandler) TearDown() error {
-	return nil
-}
-
-// Handle is part of the StringsWorker interface.
-func (a *addresserHandler) Handle(_ <-chan struct{}, watcherTags []string) error {
-	// Changed IP address lifes are reported, clean them up.
-	err := a.api.CleanupIPAddresses()
-	if err != nil {
-		// TryAgainError are already logged on server-side.
-		// TODO(mue) Add a time based trigger for the cleanup
-		// so that those to try again will be cleaned up even
-		// without lifecycle changes of IP addresses.
-		if !params.IsCodeTryAgain(err) {
-			return errors.Annotate(err, "cannot cleanup IP addresses")
-		}
-	} else {
-		logger.Tracef("released and removed dead IP addresses")
-	}
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/addresser/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/addresser/worker_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,351 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package addresser_test
-
-import (
-	"fmt"
-	"time"
-
-	"github.com/juju/errors"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/api"
-	apiaddresser "github.com/juju/juju/api/addresser"
-	"github.com/juju/juju/feature"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/provider/common"
-	"github.com/juju/juju/provider/dummy"
-	"github.com/juju/juju/state"
-	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/addresser"
-)
-
-type workerSuite struct {
-	testing.JujuConnSuite
-
-	Enabled  bool
-	MachineA *state.Machine
-	MachineB *state.Machine
-
-	Worker  worker.Worker
-	OpsChan chan dummy.Operation
-
-	APIConnection api.Connection
-	API           *apiaddresser.API
-}
-
-func (s *workerSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-	if s.Enabled {
-		s.SetFeatureFlags(feature.AddressAllocation)
-	}
-
-	// Unbreak dummy provider methods.
-	s.AssertConfigParameterUpdated(c, "broken", "")
-
-	s.APIConnection, _ = s.OpenAPIAsNewMachine(c, state.JobManageModel)
-	s.API = s.APIConnection.Addresser()
-
-	machineA, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	s.MachineA = machineA
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.MachineA.SetProvisioned("foo", "fake_nonce", nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// This machine will be destroyed after address creation to test the
-	// handling of addresses for machines that have gone.
-	machineB, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	s.MachineB = machineB
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.createAddresses(c)
-	s.State.StartSync()
-
-	s.OpsChan = make(chan dummy.Operation, 10)
-	dummy.Listen(s.OpsChan)
-
-	// Start the Addresser worker.
-	w, err := addresser.NewWorker(s.API)
-	c.Assert(err, jc.ErrorIsNil)
-	s.Worker = w
-
-	s.waitForInitialDead(c)
-}
-
-func (s *workerSuite) TearDownTest(c *gc.C) {
-	c.Assert(worker.Stop(s.Worker), jc.ErrorIsNil)
-	s.JujuConnSuite.TearDownTest(c)
-}
-
-func (s *workerSuite) createAddresses(c *gc.C) {
-	addresses := []string{
-		"0.1.2.3", "0.1.2.4", "0.1.2.5", "0.1.2.6",
-	}
-	for i, rawAddr := range addresses {
-		addr := network.NewAddress(rawAddr)
-		ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-		c.Assert(err, jc.ErrorIsNil)
-		if i%2 == 1 {
-			err = ipAddr.AllocateTo(s.MachineB.Id(), "wobble", "")
-		} else {
-			err = ipAddr.AllocateTo(s.MachineA.Id(), "wobble", "")
-			c.Assert(err, jc.ErrorIsNil)
-		}
-	}
-	// Two of the addresses start out allocated to this
-	// machine which we destroy to test the handling of
-	// addresses allocated to dead machines.
-	err := s.MachineB.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = s.MachineB.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *workerSuite) waitForInitialDead(c *gc.C) {
-	for a := common.ShortAttempt.Start(); a.Next(); {
-		dead, err := s.State.DeadIPAddresses()
-		c.Assert(err, jc.ErrorIsNil)
-		if s.Enabled {
-			// We expect dead IP addresses to be removed with
-			// enabled Addresser worker.
-			if len(dead) == 0 {
-				break
-			}
-			if !a.HasNext() {
-				c.Fatalf("timeout waiting for initial change (dead: %#v)", dead)
-			}
-		} else {
-			// Without Addresser worker the dead IP addresses
-			// will stay.
-			if len(dead) == 0 {
-				c.Fatal("IP addresses unexpectedly removed")
-			}
-		}
-	}
-}
-
-func (s *workerSuite) waitForReleaseOp(c *gc.C) dummy.OpReleaseAddress {
-	var releaseOp dummy.OpReleaseAddress
-	var ok bool
-	select {
-	case op := <-s.OpsChan:
-		releaseOp, ok = op.(dummy.OpReleaseAddress)
-		c.Assert(ok, jc.IsTrue)
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timeout while expecting release operation")
-	}
-	return releaseOp
-}
-
-func (s *workerSuite) assertNoReleaseOp(c *gc.C) {
-	select {
-	case op := <-s.OpsChan:
-		_, ok := op.(dummy.OpReleaseAddress)
-		if ok {
-			c.Fatalf("received unexpected release operation")
-		}
-	case <-time.After(coretesting.ShortWait):
-		return
-	}
-}
-
-func (s *workerSuite) makeReleaseOp(digit int) dummy.OpReleaseAddress {
-	return dummy.OpReleaseAddress{
-		Env:        "admin",
-		InstanceId: "foo",
-		SubnetId:   "foobar",
-		Address:    network.NewAddress(fmt.Sprintf("0.1.2.%d", digit)),
-	}
-}
-
-func (s *workerSuite) assertIPAddressLife(c *gc.C, value string, life state.Life) {
-	ipAddr, err := s.State.IPAddress(value)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ipAddr.Life(), gc.Equals, life)
-}
-
-func (s *workerSuite) assertIPAddressRemoved(c *gc.C, value string) {
-	for a := common.ShortAttempt.Start(); a.Next(); {
-		_, err := s.State.IPAddress(value)
-		if errors.IsNotFound(err) {
-			break
-		}
-		if !a.HasNext() {
-			c.Fatalf("IP address not removed")
-		}
-	}
-}
-
-// workerEnabledSuite runs the test with the enabled address allocation.
-type workerEnabledSuite struct {
-	workerSuite
-}
-
-var _ = gc.Suite(&workerEnabledSuite{})
-
-func (s *workerEnabledSuite) SetUpTest(c *gc.C) {
-	s.workerSuite.Enabled = true
-
-	s.workerSuite.SetUpTest(c)
-}
-
-func (s *workerEnabledSuite) TestWorkerIsStringsWorker(c *gc.C) {
-	// In case of an environment able to allocte/deallocate
-	// IP addresses the addresser worker is no finished worker.
-	// See also TestWorkerIsFinishedWorker.
-	c.Assert(s.Worker, gc.Not(gc.FitsTypeOf), worker.FinishedWorker{})
-}
-
-func (s *workerEnabledSuite) TestWorkerReleasesAlreadyDead(c *gc.C) {
-	// Wait for releases of 0.1.2.4 and 0.1.2.6 first. It's
-	// explicitely needed for this test for the assertion.
-	op1 := s.waitForReleaseOp(c)
-	op2 := s.waitForReleaseOp(c)
-
-	expected := []dummy.OpReleaseAddress{s.makeReleaseOp(4), s.makeReleaseOp(6)}
-
-	// The machines are dead, so ReleaseAddress should be called with
-	// instance.UnknownId.
-	expected[0].InstanceId = instance.UnknownId
-	expected[1].InstanceId = instance.UnknownId
-
-	c.Assert([]dummy.OpReleaseAddress{op1, op2}, jc.SameContents, expected)
-}
-
-func (s *workerEnabledSuite) TestWorkerIgnoresAliveAddresses(c *gc.C) {
-	// Wait for releases of 0.1.2.4 and 0.1.2.6 first. Result is not needed.
-	s.waitForReleaseOp(c)
-	s.waitForReleaseOp(c)
-
-	// Add a new alive address.
-	addr := network.NewAddress("0.1.2.9")
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-	err = ipAddr.AllocateTo(s.MachineA.Id(), "wobble", "")
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Assert no ReleaseAddress call..
-	s.assertNoReleaseOp(c)
-
-	// The worker must not kill this address.
-	for a := common.ShortAttempt.Start(); a.Next(); {
-		s.assertIPAddressLife(c, "0.1.2.9", state.Alive)
-	}
-}
-
-func (s *workerEnabledSuite) TestWorkerRemovesDeadAddress(c *gc.C) {
-	// Wait for releases of 0.1.2.4 and 0.1.2.6 first. Result is not needed.
-	s.waitForReleaseOp(c)
-	s.waitForReleaseOp(c)
-
-	// Kill IP address.
-	addr, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.ErrorIsNil)
-	err = addr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Wait for ReleaseAddress attempt.
-	op := s.waitForReleaseOp(c)
-	c.Assert(op, jc.DeepEquals, s.makeReleaseOp(3))
-
-	// The address should have been removed from state.
-	s.assertIPAddressRemoved(c, "0.1.2.3")
-}
-
-func (s *workerEnabledSuite) TestWorkerAcceptsBrokenRelease(c *gc.C) {
-	// Wait for releases of 0.1.2.4 and 0.1.2.6 first. Result is not needed.
-	s.waitForReleaseOp(c)
-	s.waitForReleaseOp(c)
-
-	// Break ReleaseAddress and kill IP address 0.1.2.3.
-	s.AssertConfigParameterUpdated(c, "broken", "ReleaseAddress")
-
-	ipAddr, err := s.State.IPAddress("0.1.2.3")
-	c.Assert(err, jc.ErrorIsNil)
-	err = ipAddr.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-
-	// The address should stay in state.
-	s.assertIPAddressLife(c, "0.1.2.3", state.Dead)
-	s.assertNoReleaseOp(c)
-
-	// Make ReleaseAddress work again, it must be cleaned up then.
-	s.AssertConfigParameterUpdated(c, "broken", "")
-
-	// The address should have been removed from state.
-	s.assertIPAddressRemoved(c, "0.1.2.3")
-}
-
-func (s *workerEnabledSuite) TestMachineRemovalTriggersWorker(c *gc.C) {
-	// Wait for releases of 0.1.2.4 and 0.1.2.6 first. Result is not needed.
-	s.waitForReleaseOp(c)
-	s.waitForReleaseOp(c)
-
-	// Add special test machine.
-	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-	err = machine.SetProvisioned("foo", "really-fake", nil)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Add a new alive address.
-	addr := network.NewAddress("0.1.2.9")
-	ipAddr, err := s.State.AddIPAddress(addr, "foobar")
-	c.Assert(err, jc.ErrorIsNil)
-	err = ipAddr.AllocateTo(machine.Id(), "foo", "")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(ipAddr.InstanceId(), gc.Equals, instance.Id("foo"))
-
-	// Ensure the alive address is not changed.
-	for a := common.ShortAttempt.Start(); a.Next(); {
-		s.assertIPAddressLife(c, ipAddr.Value(), state.Alive)
-	}
-
-	err = machine.EnsureDead()
-	c.Assert(err, jc.ErrorIsNil)
-	err = machine.Remove()
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.assertIPAddressLife(c, ipAddr.Value(), state.Dead)
-
-	// Wait for ReleaseAddress attempt.
-	op := s.waitForReleaseOp(c)
-	c.Assert(op, jc.DeepEquals, s.makeReleaseOp(9))
-
-	// The address should have been removed from state.
-	s.assertIPAddressRemoved(c, "0.1.2.9")
-}
-
-// workerEnabledSuite runs the test with the disabled address allocation.
-type workerDisabledSuite struct {
-	workerSuite
-}
-
-var _ = gc.Suite(&workerDisabledSuite{})
-
-func (s *workerDisabledSuite) SetUpTest(c *gc.C) {
-	s.workerSuite.Enabled = false
-
-	s.workerSuite.SetUpTest(c)
-}
-
-func (s *workerDisabledSuite) TestWorkerIsFinishedWorker(c *gc.C) {
-	// In case of an environment not able to allocte/deallocate
-	// IP addresses the worker is a finished worker.
-	// See also TestWorkerIsStringsWorker.
-	c.Assert(s.Worker, gc.FitsTypeOf, worker.FinishedWorker{})
-}
-
-func (s *workerDisabledSuite) TestWorkerIgnoresAddresses(c *gc.C) {
-	// The worker must not kill these addresses.
-	for a := common.ShortAttempt.Start(); a.Next(); {
-		s.assertIPAddressLife(c, "0.1.2.3", state.Alive)
-		s.assertIPAddressLife(c, "0.1.2.4", state.Dead)
-		s.assertIPAddressLife(c, "0.1.2.5", state.Alive)
-		s.assertIPAddressLife(c, "0.1.2.6", state.Dead)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater.go	2016-07-18 19:45:44.000000000 +0000
@@ -67,11 +67,12 @@
 		return fmt.Errorf("error getting addresses: %v", err)
 	}
 
-	// Filter out any LXC bridge addresses. See LP bug #1416928.
+	// Filter out any LXC or LXD bridge addresses. See LP bug #1416928. and
+	// bug #1567683
 	hpsToSet := make([][]network.HostPort, 0, len(addresses))
 	for _, hostPorts := range addresses {
 		// Strip ports, filter, then add ports again.
-		filtered := network.FilterLXCAddresses(network.HostsWithoutPort(hostPorts))
+		filtered := network.FilterBridgeAddresses(network.HostsWithoutPort(hostPorts))
 		hps := make([]network.HostPort, 0, len(filtered))
 		for _, hostPort := range hostPorts {
 			for _, addr := range filtered {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/apiaddressupdater/apiaddressupdater_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -108,7 +108,7 @@
 	}
 }
 
-func (s *APIAddressUpdaterSuite) TestLXCBridgeAddressesFiltering(c *gc.C) {
+func (s *APIAddressUpdaterSuite) TestBridgeAddressesFiltering(c *gc.C) {
 	lxcFakeNetConfig := filepath.Join(c.MkDir(), "lxc-net")
 	netConf := []byte(`
   # comments ignored
@@ -120,11 +120,21 @@
 	err := ioutil.WriteFile(lxcFakeNetConfig, netConf, 0644)
 	c.Assert(err, jc.ErrorIsNil)
 	s.PatchValue(&network.InterfaceByNameAddrs, func(name string) ([]net.Addr, error) {
-		c.Assert(name, gc.Equals, "foobar")
-		return []net.Addr{
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
-		}, nil
+		if name == "foobar" {
+			// The addresses on the LXC bridge
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
+			}, nil
+		} else if name == network.DefaultLXDBridge {
+			// The addresses on the LXD bridge
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 4, 1)},
+				&net.IPAddr{IP: net.IPv4(10, 0, 4, 4)},
+			}, nil
+		}
+		c.Fatalf("unknown bridge in testing: %v", name)
+		return nil, nil
 	})
 	s.PatchValue(&network.LXCNetDefaultConfig, lxcFakeNetConfig)
 
@@ -134,6 +144,8 @@
 			4321,
 			"10.0.3.1", // filtered
 			"10.0.3.3", // not filtered (not a lxc bridge address)
+			"10.0.4.1", // filtered lxd bridge address
+			"10.0.4.2", // not filtered
 		),
 		network.NewHostPorts(4242, "10.0.3.4"), // filtered
 	}
@@ -155,6 +167,7 @@
 			"10.0.3.3", // not filtered (not a lxc bridge address)
 		),
 		network.NewHostPorts(4200, "10.0.3.4"), // filtered
+		network.NewHostPorts(4200, "10.0.4.1"), // filtered
 	}
 	// SetAPIHostPorts should be called with the initial value, and
 	// then the updated value, but filtering occurs in both cases.
@@ -165,7 +178,7 @@
 		c.Assert(servers, gc.HasLen, 2)
 		c.Assert(servers, jc.DeepEquals, [][]network.HostPort{
 			network.NewHostPorts(1234, "localhost", "127.0.0.1"),
-			network.NewHostPorts(4321, "10.0.3.3"),
+			network.NewHostPorts(4321, "10.0.3.3", "10.0.4.2"),
 		})
 	}
 	err = s.State.SetAPIHostPorts(updatedServers)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/apiaddressupdater/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/apiaddressupdater/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/apiaddressupdater/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/apiaddressupdater/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,27 +6,27 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/juju/api/machiner"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/uniter"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs an API address updater worker,
 // using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
-// newWorker trivially wraps NewAPIAddressUpdater for use in a util.AgentApiManifold.
+// newWorker trivially wraps NewAPIAddressUpdater for use in a engine.AgentApiManifold.
 // It's not tested at the moment, because the scaffolding necessary is too
 // unwieldy/distracting to introduce at this point.
 var newWorker = func(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/apicaller/connect.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/apicaller/connect.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/apicaller/connect.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/apicaller/connect.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,6 +12,7 @@
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	apiagent "github.com/juju/juju/api/agent"
+	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 )
 
@@ -103,17 +104,25 @@
 		conn, err = apiOpen(info, api.DialOpts{})
 	}
 
+	didFallback = info.Password == ""
 	// Try to connect, trying both the primary and fallback
 	// passwords if necessary; and update info, and remember
 	// which password we used.
-	tryConnect()
-	if params.IsCodeUnauthorized(err) {
+	if !didFallback {
+		logger.Debugf("connecting with current password")
+		tryConnect()
+		if params.IsCodeUnauthorized(err) || errors.Cause(err) == common.ErrBadCreds {
+			didFallback = true
+
+		}
+	}
+	if didFallback {
 		// We've perhaps used the wrong password, so
 		// try again with the fallback password.
 		infoCopy := *info
 		info = &infoCopy
 		info.Password = fallbackPassword
-		didFallback = true
+		logger.Debugf("connecting with old password")
 		tryConnect()
 	}
 
@@ -140,8 +149,10 @@
 	// At this point we've run out of reasons to retry connecting,
 	// and just go with whatever error we last saw (if any).
 	if err != nil {
+		logger.Debugf("failed to connect")
 		return nil, false, errors.Trace(err)
 	}
+	logger.Debugf("connected")
 	return conn, didFallback, nil
 }
 
@@ -199,7 +210,10 @@
 	// Update the agent config if necessary; this should just read the
 	// conn's properties, rather than making api calls, so we don't
 	// need to think about facades yet.
-	maybeSetAgentModelTag(a, conn)
+	if err := maybeSetAgentModelTag(a, conn); err != nil {
+		// apperently it's fine for this to fail
+		logger.Errorf("maybeSetAgentModelTag failed: %v", err)
+	}
 
 	// newConnFacade is patched out in export_test, because exhaustion.
 	// proper config/params struct would be better.
@@ -255,7 +269,7 @@
 // it's missing a model tag. It doesn't *really* matter if it fails,
 // because we can demonstrably connect without it, so we log any
 // errors encountered and never return any to the client.
-func maybeSetAgentModelTag(a agent.Agent, conn api.Connection) {
+func maybeSetAgentModelTag(a agent.Agent, conn api.Connection) error {
 	if a.CurrentConfig().Model().Id() == "" {
 		err := a.ChangeConfig(func(setter agent.ConfigSetter) error {
 			modelTag, err := conn.ModelTag()
@@ -266,11 +280,9 @@
 				Model: modelTag,
 			})
 		})
-		if err != nil {
-			logger.Warningf("unable to save model uuid: %v", err)
-			// Not really fatal, just annoying.
-		}
+		return errors.Annotate(err, "unable to save model uuid")
 	}
+	return nil
 }
 
 // changePassword generates a new random password and records it in
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/apicaller/connect_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/apicaller/connect_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/apicaller/connect_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/apicaller/connect_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,14 +6,15 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	apiagent "github.com/juju/juju/api/agent"
+	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/worker/apicaller"
@@ -49,7 +50,7 @@
 
 	// to make the point that this code should be entity-agnostic,
 	// use an entity that doesn't correspond to an agent at all.
-	entity := names.NewServiceTag("omg")
+	entity := names.NewApplicationTag("omg")
 	connect := func() (api.Connection, error) {
 		return apicaller.ScaryConnect(&mockAgent{
 			stub:   stub,
@@ -118,7 +119,7 @@
 		return expectConn, nil
 	}
 
-	entity := names.NewServiceTag("omg")
+	entity := names.NewApplicationTag("omg")
 	connect := func() (api.Connection, error) {
 		return apicaller.ScaryConnect(&mockAgent{
 			stub: stub,
@@ -140,7 +141,7 @@
 		return expectConn, nil
 	}
 
-	entity := names.NewServiceTag("omg")
+	entity := names.NewApplicationTag("omg")
 	connect := func() (api.Connection, error) {
 		return apicaller.ScaryConnect(&mockAgent{
 			stub:   stub,
@@ -169,7 +170,7 @@
 		return expectConn, nil
 	}
 
-	entity := names.NewServiceTag("omg")
+	entity := names.NewApplicationTag("omg")
 	connect := func() (api.Connection, error) {
 		return apicaller.ScaryConnect(&mockAgent{
 			stub:   stub,
@@ -197,7 +198,7 @@
 		return expectConn, nil
 	}
 
-	entity := names.NewServiceTag("omg")
+	entity := names.NewApplicationTag("omg")
 	connect := func() (api.Connection, error) {
 		return apicaller.ScaryConnect(&mockAgent{
 			stub:   stub,
@@ -219,7 +220,8 @@
 
 func (*ScaryConnectSuite) TestChangePasswordConfigError(c *gc.C) {
 	// "random" failure case
-	stub, err := checkChangePassword(c, nil, errors.New("zap"))
+	stub := createUnauthorisedStub(nil, errors.New("zap"))
+	err := checkChangePassword(c, stub)
 	c.Check(err, gc.ErrorMatches, "zap")
 	stub.CheckCallNames(c,
 		"Life", "ChangeConfig",
@@ -229,9 +231,8 @@
 
 func (*ScaryConnectSuite) TestChangePasswordRemoteError(c *gc.C) {
 	// "random" failure case
-	stub, err := checkChangePassword(c,
-		nil, nil, nil, nil, errors.New("pow"),
-	)
+	stub := createUnauthorisedStub(nil, nil, nil, nil, errors.New("pow"))
+	err := checkChangePassword(c, stub)
 	c.Check(err, gc.ErrorMatches, "pow")
 	stub.CheckCallNames(c,
 		"Life", "ChangeConfig",
@@ -244,9 +245,8 @@
 
 func (*ScaryConnectSuite) TestChangePasswordRemoteDenied(c *gc.C) {
 	// permanent failure case
-	stub, err := checkChangePassword(c,
-		nil, nil, nil, nil, apiagent.ErrDenied,
-	)
+	stub := createUnauthorisedStub(nil, nil, nil, nil, apiagent.ErrDenied)
+	err := checkChangePassword(c, stub)
 	c.Check(err, gc.Equals, apicaller.ErrConnectImpossible)
 	stub.CheckCallNames(c,
 		"Life", "ChangeConfig",
@@ -257,9 +257,20 @@
 	checkSaneChange(c, stub.Calls()[2:5])
 }
 
-func (*ScaryConnectSuite) TestChangePasswordSuccess(c *gc.C) {
-	// retry-please failure case
-	stub, err := checkChangePassword(c)
+func (s *ScaryConnectSuite) TestChangePasswordSuccessAfterUnauthorisedError(c *gc.C) {
+	// This will try to login with old password if current one fails.
+	stub := createUnauthorisedStub()
+	s.assertChangePasswordSuccess(c, stub)
+}
+
+func (s *ScaryConnectSuite) TestChangePasswordSuccessAfterBadCurrentPasswordError(c *gc.C) {
+	// This will try to login with old password if current one fails.
+	stub := createPasswordCheckStub(common.ErrBadCreds)
+	s.assertChangePasswordSuccess(c, stub)
+}
+
+func (*ScaryConnectSuite) assertChangePasswordSuccess(c *gc.C, stub *testing.Stub) {
+	err := checkChangePassword(c, stub)
 	c.Check(err, gc.Equals, apicaller.ErrChangedPassword)
 	stub.CheckCallNames(c,
 		"Life", "ChangeConfig",
@@ -270,14 +281,26 @@
 	checkSaneChange(c, stub.Calls()[2:5])
 }
 
-func checkChangePassword(c *gc.C, errs ...error) (*testing.Stub, error) {
-	// We prepend the unauth/success pair that triggers password
-	// change, and consume them in apiOpen below...
-	errUnauth := &params.Error{Code: params.CodeUnauthorized}
-	allErrs := append([]error{errUnauth, nil}, errs...)
+func createUnauthorisedStub(errs ...error) *testing.Stub {
+	return createPasswordCheckStub(&params.Error{Code: params.CodeUnauthorized}, errs...)
+}
+
+func createPasswordCheckStub(currentPwdLoginErr error, errs ...error) *testing.Stub {
+	allErrs := append([]error{currentPwdLoginErr, nil}, errs...)
 
 	stub := &testing.Stub{}
 	stub.SetErrors(allErrs...)
+	return stub
+}
+
+func checkChangePassword(c *gc.C, stub *testing.Stub) error {
+	// We prepend the unauth/success pair that triggers password
+	// change, and consume them in apiOpen below...
+	//errUnauth := &params.Error{Code: params.CodeUnauthorized}
+	//allErrs := append([]error{errUnauth, nil}, errs...)
+	//
+	//stub := &testing.Stub{}
+	//stub.SetErrors(allErrs...)
 	expectConn := &mockConn{stub: stub}
 	apiOpen := func(info *api.Info, opts api.DialOpts) (api.Connection, error) {
 		// ...but we *don't* record the calls themselves; they
@@ -289,7 +312,7 @@
 		return expectConn, nil
 	}
 
-	entity := names.NewServiceTag("omg")
+	entity := names.NewApplicationTag("omg")
 	connect := func() (api.Connection, error) {
 		return apicaller.ScaryConnect(&mockAgent{
 			stub:   stub,
@@ -300,7 +323,7 @@
 
 	conn, err := lifeTest(c, stub, apiagent.Alive, connect)
 	c.Check(conn, gc.IsNil)
-	return stub, err
+	return err
 }
 
 func checkSaneChange(c *gc.C, calls []testing.StubCall) {
@@ -324,6 +347,6 @@
 	})
 	c.Check(remoteSet, jc.DeepEquals, testing.StubCall{
 		FuncName: "SetPassword",
-		Args:     []interface{}{names.NewServiceTag("omg"), chosePassword},
+		Args:     []interface{}{names.NewApplicationTag("omg"), chosePassword},
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/apicaller/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/apicaller/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/apicaller/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/apicaller/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,11 @@
 package apicaller_test
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/fixture_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/fixture_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/fixture_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/fixture_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,106 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"time"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/watcher"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/applicationscaler"
+	"github.com/juju/juju/worker/workertest"
+)
+
+// fixture is used to test the operation of an applicationscaler worker.
+type fixture struct {
+	testing.Stub
+}
+
+func newFixture(c *gc.C, callErrors ...error) *fixture {
+	fix := &fixture{}
+	fix.SetErrors(callErrors...)
+	return fix
+}
+
+// Run will create an applicationscaler worker; start recording the calls
+// it makes; and pass it to the supplied test func, which will be invoked
+// on a new goroutine. If Run returns, it is safe to inspect the recorded
+// calls via the embedded testing.Stub.
+func (fix *fixture) Run(c *gc.C, test func(worker.Worker)) {
+	stubFacade := newFacade(&fix.Stub)
+	scaler, err := applicationscaler.New(applicationscaler.Config{
+		Facade: stubFacade,
+	})
+	c.Assert(err, jc.ErrorIsNil)
+
+	done := make(chan struct{})
+	go func() {
+		defer close(done)
+		defer worker.Stop(scaler)
+		test(scaler)
+	}()
+	select {
+	case <-done:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("test func timed out")
+	}
+}
+
+// stubFacade implements applicationscaler.Facade and records calls to its
+// interface methods.
+type stubFacade struct {
+	stub    *testing.Stub
+	watcher *stubWatcher
+}
+
+func newFacade(stub *testing.Stub) *stubFacade {
+	return &stubFacade{
+		stub:    stub,
+		watcher: newStubWatcher(),
+	}
+}
+
+// Watch is part of the applicationscaler.Facade interface.
+func (facade *stubFacade) Watch() (watcher.StringsWatcher, error) {
+	facade.stub.AddCall("Watch")
+	err := facade.stub.NextErr()
+	if err != nil {
+		return nil, err
+	}
+	return facade.watcher, nil
+}
+
+// Rescale is part of the applicationscaler.Facade interface.
+func (facade *stubFacade) Rescale(serviceNames []string) error {
+	facade.stub.AddCall("Rescale", serviceNames)
+	return facade.stub.NextErr()
+}
+
+// stubWatcher implements watcher.StringsWatcher and supplied canned
+// data over the Changes() channel.
+type stubWatcher struct {
+	worker.Worker
+	changes chan []string
+}
+
+func newStubWatcher() *stubWatcher {
+	changes := make(chan []string, 3)
+	changes <- []string{"expected", "first"}
+	changes <- []string{"expected", "second"}
+	changes <- []string{"unexpected?"}
+	return &stubWatcher{
+		Worker:  workertest.NewErrorWorker(nil),
+		changes: changes,
+	}
+}
+
+// Changes is part of the watcher.StringsWatcher interface.
+func (stubWatcher *stubWatcher) Changes() watcher.StringsChannel {
+	return stubWatcher.changes
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/manifold.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,40 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+)
+
+// ManifoldConfig holds dependencies and configuration for an
+// applicationscaler worker.
+type ManifoldConfig struct {
+	APICallerName string
+	NewFacade     func(base.APICaller) (Facade, error)
+	NewWorker     func(Config) (worker.Worker, error)
+}
+
+// start is a method on ManifoldConfig because that feels a bit cleaner
+// than closing over config in Manifold.
+func (config ManifoldConfig) start(apiCaller base.APICaller) (worker.Worker, error) {
+	facade, err := config.NewFacade(apiCaller)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return config.NewWorker(Config{
+		Facade: facade,
+	})
+}
+
+// Manifold returns a dependency.Manifold that runs an applicationscaler worker.
+func Manifold(config ManifoldConfig) dependency.Manifold {
+	return engine.ApiManifold(
+		engine.ApiManifoldConfig{config.APICallerName},
+		config.start,
+	)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/manifold_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,120 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/applicationscaler"
+	"github.com/juju/juju/worker/dependency"
+	dt "github.com/juju/juju/worker/dependency/testing"
+)
+
+type ManifoldSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&ManifoldSuite{})
+
+func (s *ManifoldSuite) TestInputs(c *gc.C) {
+	manifold := applicationscaler.Manifold(applicationscaler.ManifoldConfig{
+		APICallerName: "washington the terrible",
+	})
+	c.Check(manifold.Inputs, jc.DeepEquals, []string{"washington the terrible"})
+}
+
+func (s *ManifoldSuite) TestOutput(c *gc.C) {
+	manifold := applicationscaler.Manifold(applicationscaler.ManifoldConfig{})
+	c.Check(manifold.Output, gc.IsNil)
+}
+
+func (s *ManifoldSuite) TestStartMissingAPICaller(c *gc.C) {
+	manifold := applicationscaler.Manifold(applicationscaler.ManifoldConfig{
+		APICallerName: "api-caller",
+	})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"api-caller": dependency.ErrMissing,
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
+	c.Check(worker, gc.IsNil)
+}
+
+func (s *ManifoldSuite) TestStartFacadeError(c *gc.C) {
+	expectCaller := &fakeCaller{}
+	manifold := applicationscaler.Manifold(applicationscaler.ManifoldConfig{
+		APICallerName: "api-caller",
+		NewFacade: func(apiCaller base.APICaller) (applicationscaler.Facade, error) {
+			c.Check(apiCaller, gc.Equals, expectCaller)
+			return nil, errors.New("blort")
+		},
+	})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"api-caller": expectCaller,
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(err, gc.ErrorMatches, "blort")
+	c.Check(worker, gc.IsNil)
+}
+
+func (s *ManifoldSuite) TestStartWorkerError(c *gc.C) {
+	expectFacade := &fakeFacade{}
+	manifold := applicationscaler.Manifold(applicationscaler.ManifoldConfig{
+		APICallerName: "api-caller",
+		NewFacade: func(_ base.APICaller) (applicationscaler.Facade, error) {
+			return expectFacade, nil
+		},
+		NewWorker: func(config applicationscaler.Config) (worker.Worker, error) {
+			c.Check(config.Validate(), jc.ErrorIsNil)
+			c.Check(config.Facade, gc.Equals, expectFacade)
+			return nil, errors.New("splot")
+		},
+	})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"api-caller": &fakeCaller{},
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(err, gc.ErrorMatches, "splot")
+	c.Check(worker, gc.IsNil)
+}
+
+func (s *ManifoldSuite) TestSuccess(c *gc.C) {
+	expectWorker := &fakeWorker{}
+	manifold := applicationscaler.Manifold(applicationscaler.ManifoldConfig{
+		APICallerName: "api-caller",
+		NewFacade: func(_ base.APICaller) (applicationscaler.Facade, error) {
+			return &fakeFacade{}, nil
+		},
+		NewWorker: func(_ applicationscaler.Config) (worker.Worker, error) {
+			return expectWorker, nil
+		},
+	})
+	context := dt.StubContext(nil, map[string]interface{}{
+		"api-caller": &fakeCaller{},
+	})
+
+	worker, err := manifold.Start(context)
+	c.Check(err, jc.ErrorIsNil)
+	c.Check(worker, gc.Equals, expectWorker)
+}
+
+type fakeCaller struct {
+	base.APICaller
+}
+
+type fakeFacade struct {
+	applicationscaler.Facade
+}
+
+type fakeWorker struct {
+	worker.Worker
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestPackage(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/shim.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/shim.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,19 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler
+
+import (
+	"github.com/juju/juju/api/applicationscaler"
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/api/watcher"
+)
+
+// NewFacade creates a Facade from a base.APICaller.
+// It's a sensible value for ManifoldConfig.NewFacade.
+func NewFacade(apiCaller base.APICaller) (Facade, error) {
+	return applicationscaler.NewAPI(
+		apiCaller,
+		watcher.NewStringsWatcher,
+	), nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/worker.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,70 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/watcher"
+	"github.com/juju/juju/worker"
+)
+
+// Facade defines the capabilities required by the worker.
+type Facade interface {
+
+	// Watch returns a StringsWatcher reporting names of
+	// services which may have insufficient units.
+	Watch() (watcher.StringsWatcher, error)
+
+	// Rescale scales up any named service observed to be
+	// running too few units.
+	Rescale(services []string) error
+}
+
+// Config defines a worker's dependencies.
+type Config struct {
+	Facade Facade
+}
+
+// Validate returns an error if the config can't be expected
+// to run a functional worker.
+func (config Config) Validate() error {
+	if config.Facade == nil {
+		return errors.NotValidf("nil Facade")
+	}
+	return nil
+}
+
+// New returns a worker that will attempt to rescale any
+// services that might be undersized.
+func New(config Config) (worker.Worker, error) {
+	if err := config.Validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
+	swConfig := watcher.StringsConfig{
+		Handler: &handler{config},
+	}
+	return watcher.NewStringsWorker(swConfig)
+}
+
+// handler implements watcher.StringsHandler, backed by the
+// configured facade.
+type handler struct {
+	config Config
+}
+
+// SetUp is part of the watcher.StringsHandler interface.
+func (handler *handler) SetUp() (watcher.StringsWatcher, error) {
+	return handler.config.Facade.Watch()
+}
+
+// Handle is part of the watcher.StringsHandler interface.
+func (handler *handler) Handle(_ <-chan struct{}, services []string) error {
+	return handler.config.Facade.Rescale(services)
+}
+
+// TearDown is part of the watcher.StringsHandler interface.
+func (handler *handler) TearDown() error {
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/applicationscaler/worker_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/applicationscaler/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,61 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package applicationscaler_test
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/applicationscaler"
+)
+
+type WorkerSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&WorkerSuite{})
+
+func (s *WorkerSuite) TestValidate(c *gc.C) {
+	config := applicationscaler.Config{}
+	check := func(err error) {
+		c.Check(err, gc.ErrorMatches, "nil Facade not valid")
+		c.Check(err, jc.Satisfies, errors.IsNotValid)
+	}
+
+	err := config.Validate()
+	check(err)
+
+	worker, err := applicationscaler.New(config)
+	check(err)
+	c.Check(worker, gc.IsNil)
+}
+
+func (s *WorkerSuite) TestWatchError(c *gc.C) {
+	fix := newFixture(c, errors.New("zap ouch"))
+	fix.Run(c, func(worker worker.Worker) {
+		err := worker.Wait()
+		c.Check(err, gc.ErrorMatches, "zap ouch")
+	})
+	fix.CheckCallNames(c, "Watch")
+}
+
+func (s *WorkerSuite) TestRescaleThenError(c *gc.C) {
+	fix := newFixture(c, nil, nil, errors.New("pew squish"))
+	fix.Run(c, func(worker worker.Worker) {
+		err := worker.Wait()
+		c.Check(err, gc.ErrorMatches, "pew squish")
+	})
+	fix.CheckCalls(c, []testing.StubCall{{
+		FuncName: "Watch",
+	}, {
+		FuncName: "Rescale",
+		Args:     []interface{}{[]string{"expected", "first"}},
+	}, {
+		FuncName: "Rescale",
+		Args:     []interface{}{[]string{"expected", "second"}},
+	}})
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/authenticationworker/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/authenticationworker/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/authenticationworker/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/authenticationworker/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,20 +9,20 @@
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/keyupdater"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs a authenticationworker worker,
 // using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
+	typedConfig := engine.AgentApiManifoldConfig(config)
 
-	return util.AgentApiManifold(typedConfig, newWorker)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
 func newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/authenticationworker/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/authenticationworker/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/authenticationworker/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/authenticationworker/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/os"
 	"github.com/juju/utils/set"
 	"github.com/juju/utils/ssh"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/agent"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/authenticationworker/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/authenticationworker/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/authenticationworker/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/authenticationworker/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"strings"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/ssh"
 	sshtesting "github.com/juju/utils/ssh/testing"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/catacomb/catacomb.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/catacomb/catacomb.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/catacomb/catacomb.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/catacomb/catacomb.go	2016-07-18 19:45:44.000000000 +0000
@@ -163,25 +163,20 @@
 // error encountered by the worker; and (2) kill the worker when the
 // catacomb starts dying.
 func (catacomb *Catacomb) add(w worker.Worker) {
-
-	// The coordination via stopped is not reliably observable, and hence not
-	// tested, but it's yucky to leave the second goroutine running when we
-	// don't need to.
-	stopped := make(chan struct{})
-	catacomb.wg.Add(1)
+	// We must wait for _both_ goroutines to exit in
+	// arbitrary order depending on the order of the worker
+	// and the catacomb shutting down.
+	catacomb.wg.Add(2)
 	go func() {
 		defer catacomb.wg.Done()
-		defer close(stopped)
 		if err := w.Wait(); err != nil {
 			catacomb.Kill(err)
 		}
 	}()
 	go func() {
-		select {
-		case <-stopped:
-		case <-catacomb.tomb.Dying():
-			w.Kill()
-		}
+		defer catacomb.wg.Done()
+		<-catacomb.tomb.Dying()
+		worker.Stop(w)
 	}()
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/certupdater/certupdater.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/certupdater/certupdater.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/certupdater/certupdater.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/certupdater/certupdater.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cert"
-	"github.com/juju/juju/environs/config"
+	"github.com/juju/juju/controller"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/watcher/legacy"
@@ -30,7 +30,7 @@
 	addressWatcher  AddressWatcher
 	getter          StateServingInfoGetter
 	setter          StateServingInfoSetter
-	configGetter    ModelConfigGetter
+	configGetter    ControllerConfigGetter
 	hostPortsGetter APIHostPortsGetter
 	addresses       []network.Address
 }
@@ -42,10 +42,10 @@
 	Addresses() (addresses []network.Address)
 }
 
-// ModelConfigGetter is an interface that is provided to NewCertificateUpdater
-// which can be used to get environment config.
-type ModelConfigGetter interface {
-	ModelConfig() (*config.Config, error)
+// ControllerConfigGetter is an interface that is provided to NewCertificateUpdater
+// which can be used to get the controller config.
+type ControllerConfigGetter interface {
+	ControllerConfig() (controller.Config, error)
 }
 
 // StateServingInfoGetter is an interface that is provided to NewCertificateUpdater
@@ -68,7 +68,7 @@
 // machine addresses and then generates a new controller certificate with those
 // addresses in the certificate's SAN value.
 func NewCertificateUpdater(addressWatcher AddressWatcher, getter StateServingInfoGetter,
-	configGetter ModelConfigGetter, hostPortsGetter APIHostPortsGetter, setter StateServingInfoSetter,
+	configGetter ControllerConfigGetter, hostPortsGetter APIHostPortsGetter, setter StateServingInfoSetter,
 ) worker.Worker {
 	return legacy.NewNotifyWorker(&CertificateUpdater{
 		addressWatcher:  addressWatcher,
@@ -122,22 +122,17 @@
 	// available.
 	stateInfo, ok := c.getter.StateServingInfo()
 	if !ok {
-		logger.Warningf("no state serving info, cannot regenerate server certificate")
-		return nil
+		return errors.New("no state serving info, cannot regenerate server certificate")
 	}
 	caPrivateKey := stateInfo.CAPrivateKey
 	if caPrivateKey == "" {
-		logger.Warningf("no CA cert private key, cannot regenerate server certificate")
+		logger.Errorf("no CA cert private key, cannot regenerate server certificate")
 		return nil
 	}
-	// Grab the env config and update a copy with ca cert private key.
-	envConfig, err := c.configGetter.ModelConfig()
-	if err != nil {
-		return errors.Annotate(err, "cannot read model config")
-	}
-	envConfig, err = envConfig.Apply(map[string]interface{}{"ca-private-key": caPrivateKey})
+
+	cfg, err := c.configGetter.ControllerConfig()
 	if err != nil {
-		return errors.Annotate(err, "cannot add CA private key to model config")
+		return errors.Annotate(err, "cannot read controller config")
 	}
 
 	// For backwards compatibility, we must include "anything", "juju-apiserver"
@@ -162,7 +157,11 @@
 	}
 
 	// Generate a new controller certificate with the machine addresses in the SAN value.
-	newCert, newKey, err := envConfig.GenerateControllerCertAndKey(newServerAddrs)
+	caCert, hasCACert := cfg.CACert()
+	if !hasCACert {
+		return errors.New("configuration has no ca-cert")
+	}
+	newCert, newKey, err := controller.GenerateControllerCertAndKey(caCert, caPrivateKey, newServerAddrs)
 	if err != nil {
 		return errors.Annotate(err, "cannot generate controller certificate")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/certupdater/certupdater_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/certupdater/certupdater_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/certupdater/certupdater_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/certupdater/certupdater_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,7 @@
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cert"
-	"github.com/juju/juju/environs/config"
+	jujucontroller "github.com/juju/juju/controller"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
 	coretesting "github.com/juju/juju/testing"
@@ -90,9 +90,10 @@
 
 type mockConfigGetter struct{}
 
-func (g *mockConfigGetter) ModelConfig() (*config.Config, error) {
-	return config.New(config.NoDefaults, coretesting.FakeConfig())
-
+func (g *mockConfigGetter) ControllerConfig() (jujucontroller.Config, error) {
+	return map[string]interface{}{
+		jujucontroller.CACertKey: coretesting.CACert,
+	}, nil
 }
 
 type mockAPIHostGetter struct{}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/cleaner/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/cleaner/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/cleaner/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/cleaner/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,18 +8,18 @@
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/cleaner"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig describes the resources used by the cleanup worker.
-type ManifoldConfig util.ApiManifoldConfig
+type ManifoldConfig engine.ApiManifoldConfig
 
 // Manifold returns a Manifold that encapsulates the cleanup worker.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	return util.ApiManifold(
-		util.ApiManifoldConfig(config),
+	return engine.ApiManifold(
+		engine.ApiManifoldConfig(config),
 		manifoldStart,
 	)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/conv2state/converter.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/conv2state/converter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/conv2state/converter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/conv2state/converter.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/machiner"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/conv2state/converter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/conv2state/converter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/conv2state/converter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/conv2state/converter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"testing"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/state/multiwatcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/conv2state/fakes_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/conv2state/fakes_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/conv2state/fakes_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/conv2state/fakes_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package conv2state
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/dblogpruner/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/dblogpruner/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/dblogpruner/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/dblogpruner/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,15 +8,16 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2"
 	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/state"
 	statetesting "github.com/juju/juju/state/testing"
 	"github.com/juju/juju/testing"
+	"github.com/juju/juju/version"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dblogpruner"
 )
@@ -107,7 +108,7 @@
 }
 
 func (s *suite) addLogs(c *gc.C, t0 time.Time, text string, count int) {
-	dbLogger := state.NewDbLogger(s.State, names.NewMachineTag("0"))
+	dbLogger := state.NewDbLogger(s.State, names.NewMachineTag("0"), version.Current)
 	defer dbLogger.Close()
 
 	for offset := 0; offset < count; offset++ {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/dependency/doc.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/dependency/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/dependency/doc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/dependency/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -169,7 +169,6 @@
 
         // The names of the various dependencies, e.g.
         APICallerName   string
-        MachineLockName string
 
         // Any other required top-level configuration, e.g.
         Period time.Duration
@@ -193,16 +192,12 @@
                 if err := getResource(config.APICallerName, &apicaller); err != nil {
                     return nil, err
                 }
-                var machineLock *fslock.Lock
-                if err := getResource(config.MachineLockName, &machineLock); err != nil {
-                    return nil, err
-                }
-                return newSomethingWorker(apicaller, machineLock, config.Period)
+                return newSomethingWorker(apicaller, config.Period)
             },
 
             // * output func is not obligatory, and should be skipped if you
             //   don't know what you'll be exposing or to whom.
-            // * see `worker/machinelock`, `worker/gate`, `worker/util`, and
+            // * see `worker/gate`, `worker/util`, and
             //   `worker/dependency/testing` for examples of output funcs.
             // * if you do supply an output func, be sure to document it on the
             //   Manifold func; for example:
@@ -219,8 +214,9 @@
 accessed via those names. Don't hardcode anything, please.
 
 If you find yourself using the same manifold configuration in several places,
-consider adding helpers to cmd/jujud/agent/util, which includes mechanisms for simple
-definition of manifolds that depend on an API caller; on an agent; or on both.
+consider adding helpers to cmd/jujud/agent/engine, which includes mechanisms
+for simple definition of manifolds that depend on an API caller; on an agent;
+or on both.
 
 
 Testing
@@ -248,7 +244,7 @@
 separately depend upon C; and C itself can start a degenerate worker that never
 errors of its own accord.
 
-For examples of this technique, search for usage of `cmd/jujud/agent/util.NewValueWorker`
+For examples of this technique, search for `cmd/jujud/agent/engine.NewValueWorker`
 (which is generally used inside other manifolds to pass snippets of agent config
 down to workers that don't have a good reason to see, or write, the full agent
 config); and `worker/gate.Manifold`, which is for one-way coordination between
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/deployer.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/deployer.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/deployer.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/deployer.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apideployer "github.com/juju/juju/api/deployer"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/deployer_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/deployer_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/deployer_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/deployer_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -77,7 +77,13 @@
 	s.waitFor(c, isDeployed(ctx, u0.Name(), u1.Name()))
 
 	// Cause a unit to become Dying, and check no change.
-	err = u1.SetAgentStatus(status.StatusIdle, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = u1.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	err = u1.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
@@ -120,7 +126,13 @@
 	// note: this is not a sane state; for the unit to have a status it must
 	// have been deployed. But it's instructive to check that the right thing
 	// would happen if it were possible to have a dying unit in this situation.
-	err = u1.SetAgentStatus(status.StatusIdle, "", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusIdle,
+		Message: "",
+		Since:   &now,
+	}
+	err = u1.SetAgentStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 	err = u1.Destroy()
 	c.Assert(err, jc.ErrorIsNil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,13 +5,13 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apiagent "github.com/juju/juju/api/agent"
 	"github.com/juju/juju/api/base"
 	apideployer "github.com/juju/juju/api/deployer"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
@@ -27,14 +27,14 @@
 // Manifold returns a dependency manifold that runs a deployer worker,
 // using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig{
+	typedConfig := engine.AgentApiManifoldConfig{
 		AgentName:     config.AgentName,
 		APICallerName: config.APICallerName,
 	}
-	return util.AgentApiManifold(typedConfig, config.newWorker)
+	return engine.AgentApiManifold(typedConfig, config.newWorker)
 }
 
-// newWorker trivially wraps NewDeployer for use in a util.AgentApiManifold.
+// newWorker trivially wraps NewDeployer for use in a engine.AgentApiManifold.
 //
 // It's not tested at the moment, because the scaffolding
 // necessary is too unwieldy/distracting to introduce at this point.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/simple.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/simple.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/simple.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/simple.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,11 +10,11 @@
 	"regexp"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/utils/shell"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/agent/tools"
@@ -286,7 +286,7 @@
 func removeOnErr(err *error, path string) {
 	if *err != nil {
 		if err := os.RemoveAll(path); err != nil {
-			logger.Warningf("installer: cannot remove %q: %v", path, err)
+			logger.Errorf("installer: cannot remove %q: %v", path, err)
 		}
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/simple_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/simple_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/deployer/simple_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/deployer/simple_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,12 +12,12 @@
 	"runtime"
 	"sort"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/agent/tools"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/discoverspaces/discoverspaces.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/discoverspaces/discoverspaces.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/discoverspaces/discoverspaces.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/discoverspaces/discoverspaces.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/discoverspaces/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/discoverspaces/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/discoverspaces/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/discoverspaces/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"sync/atomic"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apidiscoverspaces "github.com/juju/juju/api/discoverspaces"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/diskmanager/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/diskmanager/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/diskmanager/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/diskmanager/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,27 +5,27 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
 	apidiskmanager "github.com/juju/juju/api/diskmanager"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs a diskmanager worker,
 // using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
-// newWorker trivially wraps NewWorker for use in a util.AgentApiManifold.
+// newWorker trivially wraps NewWorker for use in a engine.AgentApiManifold.
 func newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
 	t := a.CurrentConfig().Tag()
 	tag, ok := t.(names.MachineTag)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/diskmanager/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/diskmanager/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/diskmanager/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/diskmanager/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	apidiskmanager "github.com/juju/juju/api/diskmanager"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	basetesting "github.com/juju/juju/api/base/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/environ.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,20 +7,14 @@
 	"github.com/juju/errors"
 
 	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/config"
 	"github.com/juju/juju/watcher"
 	"github.com/juju/juju/worker/catacomb"
 )
 
-// ConfigGetter exposes a model configuration to its clients.
-type ConfigGetter interface {
-	ModelConfig() (*config.Config, error)
-}
-
 // ConfigObserver exposes a model configuration and a watch constructor
 // that allows clients to be informed of changes to the configuration.
 type ConfigObserver interface {
-	ConfigGetter
+	environs.EnvironConfigGetter
 	WatchForModelConfigChanges() (watcher.NotifyWatcher, error)
 }
 
@@ -30,13 +24,9 @@
 // use of model config in this package.
 type Config struct {
 	Observer       ConfigObserver
-	NewEnvironFunc NewEnvironFunc
+	NewEnvironFunc environs.NewEnvironFunc
 }
 
-// NewEnvironFunc is the type of a function that, given a model config,
-// returns an Environ. This will typically be environs.New.
-type NewEnvironFunc func(*config.Config) (environs.Environ, error)
-
 // Validate returns an error if the config cannot be used to start a Tracker.
 func (config Config) Validate() error {
 	if config.Observer == nil {
@@ -66,11 +56,7 @@
 	if err := config.Validate(); err != nil {
 		return nil, errors.Trace(err)
 	}
-	modelConfig, err := config.Observer.ModelConfig()
-	if err != nil {
-		return nil, errors.Annotate(err, "cannot read environ config")
-	}
-	environ, err := config.NewEnvironFunc(modelConfig)
+	environ, err := environs.GetEnviron(config.Observer, config.NewEnvironFunc)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot create environ")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/environ_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -61,7 +61,7 @@
 			Observer:       context,
 			NewEnvironFunc: newMockEnviron,
 		})
-		c.Check(err, gc.ErrorMatches, "cannot read environ config: no yuo")
+		c.Check(err, gc.ErrorMatches, "cannot create environ: no yuo")
 		c.Check(tracker, gc.IsNil)
 		context.CheckCallNames(c, "ModelConfig")
 	})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,7 +16,7 @@
 // ManifoldConfig describes the resources used by a Tracker.
 type ManifoldConfig struct {
 	APICallerName  string
-	NewEnvironFunc NewEnvironFunc
+	NewEnvironFunc environs.NewEnvironFunc
 }
 
 // Manifold returns a Manifold that encapsulates a *Tracker and exposes it as
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/wait.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/wait.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/environ/wait.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/environ/wait.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,8 +32,8 @@
 // whether this func succeeds or fails.
 func WaitForEnviron(
 	w watcher.NotifyWatcher,
-	getter ConfigGetter,
-	newEnviron NewEnvironFunc,
+	getter environs.EnvironConfigGetter,
+	newEnviron environs.NewEnvironFunc,
 	abort <-chan struct{},
 ) (environs.Environ, error) {
 	for {
@@ -44,11 +44,14 @@
 			if !ok {
 				return nil, errors.New("environ config watch closed")
 			}
-			config, err := getter.ModelConfig()
-			if err != nil {
+			// First check the model config is valid as we want to exit with
+			// an error if we have received a config but it is not valid.
+			// This distinguishes from the case where environ construction fails
+			// because no config has been received yet.
+			if _, err := getter.ModelConfig(); err != nil {
 				return nil, errors.Annotate(err, "cannot read environ config")
 			}
-			environ, err := newEnviron(config)
+			environ, err := environs.GetEnviron(getter, newEnviron)
 			if err == nil {
 				return environ, nil
 			}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/firewaller/firewaller.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/firewaller/firewaller.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/firewaller/firewaller.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/firewaller/firewaller.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/firewaller"
 	"github.com/juju/juju/apiserver/params"
@@ -36,7 +36,7 @@
 	machineds       map[names.MachineTag]*machineData
 	unitsChange     chan *unitsChange
 	unitds          map[names.UnitTag]*unitData
-	serviceds       map[names.ServiceTag]*serviceData
+	applicationids  map[names.ApplicationTag]*serviceData
 	exposedChange   chan *exposedChange
 	globalMode      bool
 	globalPortRef   map[network.PortRange]int
@@ -47,13 +47,13 @@
 // depending on what the API supports.
 func NewFirewaller(st *firewaller.State) (worker.Worker, error) {
 	fw := &Firewaller{
-		st:            st,
-		machineds:     make(map[names.MachineTag]*machineData),
-		unitsChange:   make(chan *unitsChange),
-		unitds:        make(map[names.UnitTag]*unitData),
-		serviceds:     make(map[names.ServiceTag]*serviceData),
-		exposedChange: make(chan *exposedChange),
-		machinePorts:  make(map[names.MachineTag]machineRanges),
+		st:             st,
+		machineds:      make(map[names.MachineTag]*machineData),
+		unitsChange:    make(chan *unitsChange),
+		unitds:         make(map[names.UnitTag]*unitData),
+		applicationids: make(map[names.ApplicationTag]*serviceData),
+		exposedChange:  make(chan *exposedChange),
+		machinePorts:   make(map[names.MachineTag]machineRanges),
 	}
 	err := catacomb.Invoke(catacomb.Plan{
 		Site: &fw.catacomb,
@@ -249,18 +249,20 @@
 		delete(fw.machineds, tag)
 		return errors.Trace(err)
 	}
-	return nil
+
+	// register the machined with the firewaller's catacomb.
+	return fw.catacomb.Add(machined)
 }
 
 // startUnit creates a new data value for tracking details of the unit
 // The provided machineTag must be the tag for the machine the unit was last
 // observed to be assigned to.
 func (fw *Firewaller) startUnit(unit *firewaller.Unit, machineTag names.MachineTag) error {
-	service, err := unit.Service()
+	application, err := unit.Application()
 	if err != nil {
 		return err
 	}
-	serviceTag := service.Tag()
+	applicationTag := application.Tag()
 	unitTag := unit.Tag()
 	if err != nil {
 		return err
@@ -274,14 +276,14 @@
 
 	unitd.machined = fw.machineds[machineTag]
 	unitd.machined.unitds[unitTag] = unitd
-	if fw.serviceds[serviceTag] == nil {
-		err := fw.startService(service)
+	if fw.applicationids[applicationTag] == nil {
+		err := fw.startService(application)
 		if err != nil {
 			delete(fw.unitds, unitTag)
 			return err
 		}
 	}
-	unitd.serviced = fw.serviceds[serviceTag]
+	unitd.serviced = fw.applicationids[applicationTag]
 	unitd.serviced.unitds[unitTag] = unitd
 
 	m, err := unitd.machined.machine()
@@ -306,16 +308,16 @@
 
 // startService creates a new data value for tracking details of the
 // service and starts watching the service for exposure changes.
-func (fw *Firewaller) startService(service *firewaller.Service) error {
+func (fw *Firewaller) startService(service *firewaller.Application) error {
 	exposed, err := service.IsExposed()
 	if err != nil {
 		return err
 	}
 	serviced := &serviceData{
-		fw:      fw,
-		service: service,
-		exposed: exposed,
-		unitds:  make(map[names.UnitTag]*unitData),
+		fw:          fw,
+		application: service,
+		exposed:     exposed,
+		unitds:      make(map[names.UnitTag]*unitData),
 	}
 	err = catacomb.Invoke(catacomb.Plan{
 		Site: &serviced.catacomb,
@@ -329,7 +331,7 @@
 	if err := fw.catacomb.Add(serviced); err != nil {
 		return errors.Trace(err)
 	}
-	fw.serviceds[service.Tag()] = serviced
+	fw.applicationids[service.Tag()] = serviced
 	return nil
 }
 
@@ -389,12 +391,13 @@
 				return err
 			}
 			continue
-		} else if err != nil {
+		}
+		if err != nil {
 			return err
 		}
 		instanceId, err := m.InstanceId()
 		if errors.IsNotProvisioned(err) {
-			logger.Warningf("Machine not yet provisioned: %v", err)
+			logger.Errorf("Machine not yet provisioned: %v", err)
 			continue
 		}
 		if err != nil {
@@ -403,7 +406,8 @@
 		instances, err := fw.environ.Instances([]instance.Id{instanceId})
 		if err == environs.ErrNoInstances {
 			return nil
-		} else if err != nil {
+		}
+		if err != nil {
 			return err
 		}
 		machineId := machined.tag.Id()
@@ -723,9 +727,9 @@
 	delete(serviced.unitds, unitd.tag)
 	logger.Debugf("stopped watching %q", unitd.tag)
 	if stoppedService {
-		serviceTag := serviced.service.Tag()
-		delete(fw.serviceds, serviceTag)
-		logger.Debugf("stopped watching %q", serviceTag)
+		applicationTag := serviced.application.Tag()
+		delete(fw.applicationids, applicationTag)
+		logger.Debugf("stopped watching %q", applicationTag)
 	}
 }
 
@@ -809,16 +813,16 @@
 
 // serviceData holds service details and watches exposure changes.
 type serviceData struct {
-	catacomb catacomb.Catacomb
-	fw       *Firewaller
-	service  *firewaller.Service
-	exposed  bool
-	unitds   map[names.UnitTag]*unitData
+	catacomb    catacomb.Catacomb
+	fw          *Firewaller
+	application *firewaller.Application
+	exposed     bool
+	unitds      map[names.UnitTag]*unitData
 }
 
 // watchLoop watches the service's exposed flag for changes.
 func (sd *serviceData) watchLoop(exposed bool) error {
-	serviceWatcher, err := sd.service.Watch()
+	serviceWatcher, err := sd.application.Watch()
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -833,13 +837,13 @@
 			if !ok {
 				return errors.New("service watcher closed")
 			}
-			if err := sd.service.Refresh(); err != nil {
+			if err := sd.application.Refresh(); err != nil {
 				if !params.IsCodeNotFound(err) {
 					return errors.Trace(err)
 				}
 				return nil
 			}
-			change, err := sd.service.IsExposed()
+			change, err := sd.application.IsExposed()
 			if err != nil {
 				return errors.Trace(err)
 			}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/firewaller/firewaller_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/firewaller/firewaller_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/firewaller/firewaller_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/firewaller/firewaller_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -42,7 +42,7 @@
 
 func (s *firewallerBaseSuite) setUpTest(c *gc.C, firewallMode string) {
 	add := map[string]interface{}{"firewall-mode": firewallMode}
-	s.DummyConfig = dummy.SampleConfig().Merge(add).Delete("admin-secret", "ca-private-key")
+	s.DummyConfig = dummy.SampleConfig().Merge(add).Delete("admin-secret")
 
 	s.JujuConnSuite.SetUpTest(c)
 	s.charm = s.AddTestingCharm(c, "dummy")
@@ -114,7 +114,7 @@
 	}
 }
 
-func (s *firewallerBaseSuite) addUnit(c *gc.C, svc *state.Service) (*state.Unit, *state.Machine) {
+func (s *firewallerBaseSuite) addUnit(c *gc.C, svc *state.Application) (*state.Unit, *state.Machine) {
 	units, err := juju.AddUnits(s.State, svc, 1, nil)
 	c.Assert(err, jc.ErrorIsNil)
 	u := units[0]
@@ -127,7 +127,7 @@
 
 // startInstance starts a new instance for the given machine.
 func (s *firewallerBaseSuite) startInstance(c *gc.C, m *state.Machine) instance.Instance {
-	inst, hc := testing.AssertStartInstance(c, s.Environ, m.Id())
+	inst, hc := testing.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), m.Id())
 	err := m.SetProvisioned(inst.Id(), "fake_nonce", hc)
 	c.Assert(err, jc.ErrorIsNil)
 	return inst
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/firewaller/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/firewaller/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/firewaller/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/firewaller/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,18 +8,18 @@
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/firewaller"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig describes the resources used by the firewaller worker.
-type ManifoldConfig util.ApiManifoldConfig
+type ManifoldConfig engine.ApiManifoldConfig
 
 // Manifold returns a Manifold that encapsulates the firewaller worker.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	return util.ApiManifold(
-		util.ApiManifoldConfig(config),
+	return engine.ApiManifold(
+		engine.ApiManifoldConfig(config),
 		manifoldStart,
 	)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/gate/flag.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/gate/flag.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/gate/flag.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/gate/flag.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"github.com/juju/errors"
 	"launchpad.net/tomb"
 
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
@@ -33,18 +33,18 @@
 
 }
 
-// FlagManifold runs a worker that implements util.Flag such that
+// FlagManifold runs a worker that implements engine.Flag such that
 // it's only considered set when the referenced gate is unlocked.
 func FlagManifold(config FlagManifoldConfig) dependency.Manifold {
 	return dependency.Manifold{
 		Inputs: []string{config.GateName},
 		Start:  config.start,
-		Output: util.FlagOutput,
+		Output: engine.FlagOutput,
 		Filter: bounceUnlocked,
 	}
 }
 
-// NewFlag returns a worker that implements util.Flag,
+// NewFlag returns a worker that implements engine.Flag,
 // backed by the supplied gate's unlockedness.
 func NewFlag(gate Waiter) (*Flag, error) {
 	w := &Flag{
@@ -58,7 +58,7 @@
 	return w, nil
 }
 
-// Flag uses a gate to implement util.Flag.
+// Flag uses a gate to implement engine.Flag.
 type Flag struct {
 	tomb     tomb.Tomb
 	gate     Waiter
@@ -75,7 +75,7 @@
 	return w.tomb.Wait()
 }
 
-// Check is part of the util.Flag interface.
+// Check is part of the engine.Flag interface.
 func (w *Flag) Check() bool {
 	return w.unlocked
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/gate/flag_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/gate/flag_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/gate/flag_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/gate/flag_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 	dt "github.com/juju/juju/worker/dependency/testing"
@@ -33,7 +33,7 @@
 func (*FlagSuite) TestManifoldOutputBadWorker(c *gc.C) {
 	manifold := gate.FlagManifold(gate.FlagManifoldConfig{})
 	in := &dummyWorker{}
-	var out util.Flag
+	var out engine.Flag
 	err := manifold.Output(in, &out)
 	c.Check(err, gc.ErrorMatches, `expected in to implement Flag; got a .*`)
 	c.Check(out, gc.IsNil)
@@ -51,7 +51,7 @@
 func (*FlagSuite) TestManifoldOutputSuccess(c *gc.C) {
 	manifold := gate.FlagManifold(gate.FlagManifoldConfig{})
 	in := &gate.Flag{}
-	var out util.Flag
+	var out engine.Flag
 	err := manifold.Output(in, &out)
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(out, gc.Equals, in)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/hostkeyreporter/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/hostkeyreporter/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/hostkeyreporter/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/hostkeyreporter/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"runtime"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/hostkeyreporter/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/hostkeyreporter/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/hostkeyreporter/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/hostkeyreporter/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -89,10 +89,12 @@
 
 func (w *hostkeyreporter) readSSHKeys() ([]string, error) {
 	sshDir := w.sshDir()
-	if _, err := os.Stat(sshDir); os.IsNotExist(err) {
-		logger.Warningf("%s doesn't exist - giving up", sshDir)
+	_, err := os.Stat(sshDir)
+	if os.IsNotExist(err) {
+		logger.Errorf("%s doesn't exist - giving up", sshDir)
 		return nil, dependency.ErrUninstall
-	} else if err != nil {
+	}
+	if err != nil {
 		return nil, errors.Trace(err)
 	}
 
@@ -104,7 +106,7 @@
 	for _, filename := range filenames {
 		key, err := ioutil.ReadFile(filename)
 		if err != nil {
-			logger.Warningf("unable to read SSH host key (skipping): %v", err)
+			logger.Debugf("unable to read SSH host key (skipping): %v", err)
 			continue
 		}
 		keys = append(keys, string(key))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/identityfilewriter/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/identityfilewriter/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/identityfilewriter/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/identityfilewriter/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,28 +6,28 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apiagent "github.com/juju/juju/api/agent"
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs an identity file writer worker,
 // using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
-// newWorker trivially wraps NewWorker for use in a util.AgentApiManifold.
+// newWorker trivially wraps NewWorker for use in a engine.AgentApiManifold.
 func newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
 	cfg := a.CurrentConfig()
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/identityfilewriter/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/identityfilewriter/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/identityfilewriter/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/identityfilewriter/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,18 +5,18 @@
 
 import (
 	"github.com/juju/juju/worker/dependency"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/jujud/agent/engine/enginetest"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/identityfilewriter"
-	workertesting "github.com/juju/juju/worker/testing"
 )
 
 type ManifoldSuite struct {
@@ -37,8 +37,8 @@
 }
 
 func (s *ManifoldSuite) TestMachine(c *gc.C) {
-	config := identityfilewriter.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := identityfilewriter.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		identityfilewriter.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		mockAPICaller(multiwatcher.JobManageModel))
@@ -47,8 +47,8 @@
 }
 
 func (s *ManifoldSuite) TestMachineNotModelManagerErrors(c *gc.C) {
-	config := identityfilewriter.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := identityfilewriter.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		identityfilewriter.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		mockAPICaller(multiwatcher.JobHostUnits))
@@ -57,8 +57,8 @@
 }
 
 func (s *ManifoldSuite) TestNonMachineAgent(c *gc.C) {
-	config := identityfilewriter.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := identityfilewriter.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		identityfilewriter.Manifold(config),
 		&fakeAgent{tag: names.NewUnitTag("foo/0")},
 		mockAPICaller(""))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/aggregate.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/aggregate.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/aggregate.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/aggregate.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,33 +7,59 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/ratelimit"
-	"launchpad.net/tomb"
+	"github.com/juju/utils/clock"
 
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
+	"github.com/juju/juju/worker/catacomb"
 )
 
-type instanceGetter interface {
+type InstanceGetter interface {
 	Instances(ids []instance.Id) ([]instance.Instance, error)
 }
 
+type aggregatorConfig struct {
+	Clock   clock.Clock
+	Delay   time.Duration
+	Environ InstanceGetter
+}
+
+func (c aggregatorConfig) validate() error {
+	if c.Clock == nil {
+		return errors.NotValidf("nil clock.Clock")
+	}
+	if c.Delay == 0 {
+		return errors.NotValidf("zero Delay")
+	}
+	if c.Environ == nil {
+		return errors.NotValidf("nil Environ")
+	}
+	return nil
+
+}
+
 type aggregator struct {
-	environ instanceGetter
-	reqc    chan instanceInfoReq
-	tomb    tomb.Tomb
+	config   aggregatorConfig
+	catacomb catacomb.Catacomb
+	reqc     chan instanceInfoReq
 }
 
-func newAggregator(env instanceGetter) *aggregator {
+func newAggregator(config aggregatorConfig) (*aggregator, error) {
+	if err := config.validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
 	a := &aggregator{
-		environ: env,
-		reqc:    make(chan instanceInfoReq),
+		config: config,
+		reqc:   make(chan instanceInfoReq),
+	}
+	err := catacomb.Invoke(catacomb.Plan{
+		Site: &a.catacomb,
+		Work: a.loop,
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
-	go func() {
-		defer a.tomb.Done()
-		a.tomb.Kill(a.loop())
-	}()
-	return a
+	return a, nil
 }
 
 type instanceInfoReq struct {
@@ -51,7 +77,7 @@
 	reqc := a.reqc
 	for {
 		select {
-		case <-a.tomb.Dying():
+		case <-a.catacomb.Dying():
 			return instanceInfo{}, errors.New("instanceInfo call aborted")
 		case reqc <- instanceInfoReq{id, reply}:
 			reqc = nil
@@ -61,50 +87,63 @@
 	}
 }
 
-var gatherTime = 3 * time.Second
-
 func (a *aggregator) loop() error {
-	// TODO(fwereade): 2016-03-17 lp:1558657
-	timer := time.NewTimer(0)
-	timer.Stop()
-	var reqs []instanceInfoReq
-	// We use a capacity of 1 so that sporadic requests will
-	// be serviced immediately without having to wait.
-	bucket := ratelimit.NewBucket(gatherTime, 1)
+	var (
+		next time.Time
+		reqs []instanceInfoReq
+	)
+
 	for {
+		var ready <-chan time.Time
+		if !next.IsZero() {
+			when := next.Add(a.config.Delay)
+			ready = clock.Alarm(a.config.Clock, when)
+		}
 		select {
-		case <-a.tomb.Dying():
-			return tomb.ErrDying
+		case <-a.catacomb.Dying():
+			return a.catacomb.ErrDying()
+
 		case req := <-a.reqc:
-			if len(reqs) == 0 {
-				waitTime := bucket.Take(1)
-				timer.Reset(waitTime)
-			}
 			reqs = append(reqs, req)
-		case <-timer.C:
-			ids := make([]instance.Id, len(reqs))
-			for i, req := range reqs {
-				ids[i] = req.instId
+
+			if next.IsZero() {
+				next = a.config.Clock.Now()
 			}
-			insts, err := a.environ.Instances(ids)
-			for i, req := range reqs {
-				var reply instanceInfoReply
-				if err != nil && err != environs.ErrPartialInstances {
-					reply.err = err
-				} else {
-					reply.info, reply.err = a.instInfo(req.instId, insts[i])
-				}
-				select {
-				case <-a.tomb.Dying():
-					return tomb.ErrDying
-				case req.reply <- reply:
-				}
+
+		case <-ready:
+			if err := a.doRequests(reqs); err != nil {
+				return errors.Trace(err)
 			}
+			next = time.Time{}
 			reqs = nil
 		}
 	}
 }
 
+func (a *aggregator) doRequests(reqs []instanceInfoReq) error {
+	ids := make([]instance.Id, len(reqs))
+	for i, req := range reqs {
+		ids[i] = req.instId
+	}
+	insts, err := a.config.Environ.Instances(ids)
+	for i, req := range reqs {
+		var reply instanceInfoReply
+		if err != nil && err != environs.ErrPartialInstances {
+			reply.err = err
+		} else {
+			reply.info, reply.err = a.instInfo(req.instId, insts[i])
+		}
+		select {
+		// Per review http://reviews.vapour.ws/r/4885/ it's dumb to block
+		// the main goroutine on these responses.
+		case <-a.catacomb.Dying():
+			return a.catacomb.ErrDying()
+		case req.reply <- reply:
+		}
+	}
+	return nil
+}
+
 // instInfo returns the instance info for the given id
 // and instance. If inst is nil, it returns a not-found error.
 func (*aggregator) instInfo(id instance.Id, inst instance.Instance) (instanceInfo, error) {
@@ -122,9 +161,9 @@
 }
 
 func (a *aggregator) Kill() {
-	a.tomb.Kill(nil)
+	a.catacomb.Kill(nil)
 }
 
 func (a *aggregator) Wait() error {
-	return a.tomb.Wait()
+	return a.catacomb.Wait()
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/aggregate_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/aggregate_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/aggregate_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/aggregate_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,6 @@
 package instancepoller
 
 import (
-	"fmt"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -18,6 +17,7 @@
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/status"
 	"github.com/juju/juju/testing"
+	"github.com/juju/juju/worker/workertest"
 )
 
 type aggregateSuite struct {
@@ -52,6 +52,7 @@
 }
 
 type testInstanceGetter struct {
+	sync.RWMutex
 	// ids is set when the Instances method is called.
 	ids     []instance.Id
 	results map[instance.Id]instance.Instance
@@ -84,206 +85,360 @@
 	return thisInstance
 }
 
+// Test that one request gets sent after suitable delay.
 func (s *aggregateSuite) TestSingleRequest(c *gc.C) {
+	// We setup a couple variables here so that we can use them locally without
+	// type assertions. Then we use them in the aggregatorConfig.
 	testGetter := new(testInstanceGetter)
-	instance1 := testGetter.newTestInstance("foo", "foobar", []string{"127.0.0.1", "192.168.1.1"})
-	aggregator := newAggregator(testGetter)
+	clock := testing.NewClock(time.Now())
+	delay := time.Minute
+	cfg := aggregatorConfig{
+		Clock:   clock,
+		Delay:   delay,
+		Environ: testGetter,
+	}
+
+	// Add a new test instance.
+	testGetter.newTestInstance("foo", "foobar", []string{"127.0.0.1", "192.168.1.1"})
+
+	aggregator, err := newAggregator(cfg)
+	c.Check(err, jc.ErrorIsNil)
+
+	// Ensure the worker is killed and cleaned up if the test exits early.
+	defer workertest.CleanKill(c, aggregator)
+
+	// Create a test in a goroutine and make sure we wait for it to finish.
+	var wg sync.WaitGroup
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		info, err := aggregator.instanceInfo("foo")
+		c.Check(err, jc.ErrorIsNil)
+		c.Check(info.status.Message, gc.DeepEquals, "foobar")
+	}()
+
+	// Unwind the test clock
+	waitAlarms(c, clock, 1)
+	clock.Advance(delay)
+
+	wg.Wait()
 
-	info, err := aggregator.instanceInfo("foo")
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(info, gc.DeepEquals, instanceInfo{
-		status:    instance.InstanceStatus{Status: status.StatusUnknown, Message: "foobar"},
-		addresses: instance1.addresses,
-	})
-	c.Assert(testGetter.ids, gc.DeepEquals, []instance.Id{"foo"})
+	// Ensure we kill the worker before looking at our testInstanceGetter to
+	// ensure there's no possibility of a race.
+	workertest.CleanKill(c, aggregator)
+
+	ids := testGetter.ids
+	c.Assert(ids, gc.DeepEquals, []instance.Id{"foo"})
 }
 
+// Test several requests in a short space of time get batched.
 func (s *aggregateSuite) TestMultipleResponseHandling(c *gc.C) {
-	s.PatchValue(&gatherTime, 30*time.Millisecond)
+	// We setup a couple variables here so that we can use them locally without
+	// type assertions. Then we use them in the aggregatorConfig.
 	testGetter := new(testInstanceGetter)
+	clock := testing.NewClock(time.Now())
+	delay := time.Minute
+	cfg := aggregatorConfig{
+		Clock:   clock,
+		Delay:   delay,
+		Environ: testGetter,
+	}
 
+	// Setup multiple instances to batch
 	testGetter.newTestInstance("foo", "foobar", []string{"127.0.0.1", "192.168.1.1"})
-	aggregator := newAggregator(testGetter)
-
-	replyChan := make(chan instanceInfoReply)
-	req := instanceInfoReq{
-		reply:  replyChan,
-		instId: instance.Id("foo"),
-	}
-	aggregator.reqc <- req
-	reply := <-replyChan
-	c.Assert(reply.err, gc.IsNil)
-
 	testGetter.newTestInstance("foo2", "not foobar", []string{"192.168.1.2"})
 	testGetter.newTestInstance("foo3", "ok-ish", []string{"192.168.1.3"})
 
+	aggregator, err := newAggregator(cfg)
+	c.Check(err, jc.ErrorIsNil)
+
+	// Ensure the worker is killed and cleaned up if the test exits early.
+	defer workertest.CleanKill(c, aggregator)
+
+	// Create a closure for tests we can launch in goroutines.
 	var wg sync.WaitGroup
 	checkInfo := func(id instance.Id, expectStatus string) {
+		defer wg.Done()
 		info, err := aggregator.instanceInfo(id)
 		c.Check(err, jc.ErrorIsNil)
 		c.Check(info.status.Message, gc.Equals, expectStatus)
-		wg.Done()
 	}
 
+	// Launch and wait for these
 	wg.Add(2)
 	go checkInfo("foo2", "not foobar")
 	go checkInfo("foo3", "ok-ish")
-	wg.Wait()
 
-	c.Assert(len(testGetter.ids), gc.DeepEquals, 2)
-}
+	// Unwind the testing clock to let our requests through.
+	waitAlarms(c, clock, 2)
+	clock.Advance(delay)
 
-// notifyingInstanceGetter wraps testInstanceGetter, notifying via
-// a channel when Instances() is called.
-type notifyingInstanceGetter struct {
-	testInstanceGetter
-	instancesc chan bool
-}
+	// Check we're still alive.
+	workertest.CheckAlive(c, aggregator)
 
-func (g *notifyingInstanceGetter) Instances(ids []instance.Id) ([]instance.Instance, error) {
-	g.instancesc <- true
-	return g.testInstanceGetter.Instances(ids)
-}
-
-func (s *aggregateSuite) TestDyingWhileHandlingRequest(c *gc.C) {
-	// This tests a regression where the aggregator couldn't shut down
-	// if the the tomb was killed while a request was being handled,
-	// leaving the reply channel unread.
+	// Wait until the tests pass.
+	wg.Wait()
 
-	s.PatchValue(&gatherTime, 30*time.Millisecond)
+	// Ensure we kill the worker before looking at our testInstanceGetter to
+	// ensure there's no possibility of a race.
+	workertest.CleanKill(c, aggregator)
+
+	// Ensure we got our list back with the expected contents.
+	c.Assert(testGetter.ids, jc.SameContents, []instance.Id{"foo2", "foo3"})
+
+	// Ensure we called instances once and have no errors there.
+	c.Assert(testGetter.err, jc.ErrorIsNil)
+	c.Assert(testGetter.counter, gc.DeepEquals, int32(1))
+}
+
+// Test that advancing delay-time.Nanosecond and then killing causes all
+// pending reqs to fail.
+func (s *aggregateSuite) TestKillingWorkerKillsPendinReqs(c *gc.C) {
+	// Setup local variables.
+	testGetter := new(testInstanceGetter)
+	clock := testing.NewClock(time.Now())
+	delay := time.Minute
+	cfg := aggregatorConfig{
+		Clock:   clock,
+		Delay:   delay,
+		Environ: testGetter,
+	}
 
-	// Set up the aggregator with the instance getter.
-	testGetter := &notifyingInstanceGetter{instancesc: make(chan bool)}
 	testGetter.newTestInstance("foo", "foobar", []string{"127.0.0.1", "192.168.1.1"})
-	aggregator := newAggregator(testGetter)
+	testGetter.newTestInstance("foo2", "not foobar", []string{"192.168.1.2"})
+	testGetter.newTestInstance("foo3", "ok-ish", []string{"192.168.1.3"})
 
-	// Make a request with a reply channel that will never be read.
-	req := instanceInfoReq{
-		reply:  make(chan instanceInfoReply),
-		instId: instance.Id("foo"),
-	}
-	aggregator.reqc <- req
+	aggregator, err := newAggregator(cfg)
+	c.Check(err, jc.ErrorIsNil)
 
-	// Wait for Instances to be called.
-	select {
-	case <-testGetter.instancesc:
-	case <-time.After(testing.LongWait):
-		c.Fatal("Instances() not called")
+	defer workertest.CleanKill(c, aggregator)
+
+	// Set up a couple tests we can launch.
+	var wg sync.WaitGroup
+	checkInfo := func(id instance.Id) {
+		defer wg.Done()
+		info, err := aggregator.instanceInfo(id)
+		c.Check(err.Error(), gc.Equals, "instanceInfo call aborted")
+		c.Check(info.status.Message, gc.Equals, "")
 	}
 
-	// Now we know the request is being handled - kill the aggregator.
+	// Launch a couple tests.
+	wg.Add(2)
+	go checkInfo("foo2")
+
+	// Advance the clock and kill the worker.
+	waitAlarms(c, clock, 1)
+	clock.Advance(delay - time.Nanosecond)
 	aggregator.Kill()
-	done := make(chan error)
-	go func() {
-		done <- aggregator.Wait()
-	}()
 
-	// The aggregator should stop.
-	select {
-	case err := <-done:
-		c.Assert(err, jc.ErrorIsNil)
-	case <-time.After(testing.LongWait):
-		c.Fatal("aggregator didn't stop")
-	}
-}
+	go checkInfo("foo3")
 
-type batchingInstanceGetter struct {
-	sync.RWMutex
-	testInstanceGetter
-	wg         sync.WaitGroup
-	aggregator *aggregator
-	totalCount int
-	batchSize  int
-	started    int
-}
+	// Make sure we're dead.
+	workertest.CheckKilled(c, aggregator)
+	wg.Wait()
+
+	// Make sure we have no ids, since we're dead.
+	c.Assert(len(testGetter.ids), gc.DeepEquals, 0)
+
+	// Ensure we called instances once and have no errors there.
+	c.Assert(testGetter.err, jc.ErrorIsNil)
+	c.Assert(testGetter.counter, gc.DeepEquals, int32(0))
 
-func (g *batchingInstanceGetter) Instances(ids []instance.Id) ([]instance.Instance, error) {
-	insts, err := g.testInstanceGetter.Instances(ids)
-	g.startRequests()
-	return insts, err
 }
 
-func (g *batchingInstanceGetter) startRequests() {
-	n := g.totalCount - g.started
-	if n > g.batchSize {
-		n = g.batchSize
+// Test that having sent/advanced/received one batch, you can
+// send/advance/receive again and that works, too.
+func (s *aggregateSuite) TestMultipleBatches(c *gc.C) {
+	// Setup some local variables.
+	testGetter := new(testInstanceGetter)
+	clock := testing.NewClock(time.Now())
+	delay := time.Second
+	cfg := aggregatorConfig{
+		Clock:   clock,
+		Delay:   delay,
+		Environ: testGetter,
+	}
+
+	testGetter.newTestInstance("foo2", "not foobar", []string{"192.168.1.2"})
+	testGetter.newTestInstance("foo3", "ok-ish", []string{"192.168.1.3"})
+
+	aggregator, err := newAggregator(cfg)
+	c.Check(err, jc.ErrorIsNil)
+
+	// Ensure the worker is killed and cleaned up if the test exits early.
+	defer workertest.CleanKill(c, aggregator)
+
+	// Create a checker we can launch as goroutines
+	var wg sync.WaitGroup
+	checkInfo := func(id instance.Id, expectStatus string) {
+		defer wg.Done()
+		info, err := aggregator.instanceInfo(id)
+		c.Check(err, jc.ErrorIsNil)
+		c.Check(info.status.Message, gc.Equals, expectStatus)
 	}
-	for i := 0; i < n; i++ {
-		g.startRequest()
+
+	// Launch and wait for these
+	wg.Add(2)
+	go checkInfo("foo2", "not foobar")
+	go checkInfo("foo3", "ok-ish")
+
+	// Unwind the testing clock to let our requests through.
+	waitAlarms(c, clock, 2)
+	clock.Advance(delay)
+
+	// Check we're still alive
+	workertest.CheckAlive(c, aggregator)
+
+	// Wait until the checkers pass
+	// TODO(redir): These could block forever, we should make the effort to be
+	// robust here per http://reviews.vapour.ws/r/4885/
+	wg.Wait()
+
+	// Ensure we got our list back with the expected length.
+	c.Assert(len(testGetter.ids), gc.DeepEquals, 2)
+
+	// And then a second batch
+	testGetter.newTestInstance("foo4", "spam", []string{"192.168.1.4"})
+	testGetter.newTestInstance("foo5", "eggs", []string{"192.168.1.5"})
+
+	// Launch and wait for this second batch
+	wg.Add(2)
+	go checkInfo("foo4", "spam")
+	go checkInfo("foo5", "eggs")
+
+	for i := 0; i < 2; i++ {
+		// Unwind again to let our next batch through.
+		<-clock.Alarms()
 	}
+	// // Advance the clock again.
+	clock.Advance(delay)
+
+	// Check we're still alive
+	workertest.CheckAlive(c, aggregator)
+
+	// Wait until the checkers pass
+	wg.Wait()
+
+	// Shutdown the worker.
+	workertest.CleanKill(c, aggregator)
+
+	// Ensure we got our list back with the correct length
+	c.Assert(len(testGetter.ids), gc.DeepEquals, 2)
+
+	// Ensure we called instances once and have no errors there.
+	c.Assert(testGetter.err, jc.ErrorIsNil)
+	c.Assert(testGetter.counter, gc.Equals, int32(2))
 }
 
-func (g *batchingInstanceGetter) startRequest() {
-	g.started++
+// Test that things behave as expected when env.Instances errors.
+func (s *aggregateSuite) TestInstancesErrors(c *gc.C) {
+	// Setup local variables.
+	testGetter := new(testInstanceGetter)
+	clock := testing.NewClock(time.Now())
+	delay := time.Millisecond
+	cfg := aggregatorConfig{
+		Clock:   clock,
+		Delay:   delay,
+		Environ: testGetter,
+	}
+
+	testGetter.newTestInstance("foo", "foobar", []string{"192.168.1.2"})
+	testGetter.err = environs.ErrNoInstances
+	aggregator, err := newAggregator(cfg)
+	c.Check(err, jc.ErrorIsNil)
+
+	defer workertest.CleanKill(c, aggregator)
+
+	// Launch test in a goroutine and wait for it.
+	var wg sync.WaitGroup
+	wg.Add(1)
 	go func() {
-		g.RLock()
-		defer g.RUnlock()
-		_, err := g.aggregator.instanceInfo("foo")
-		if err != nil {
-			panic(err)
-		}
-		g.wg.Done()
+		defer wg.Done()
+		_, err = aggregator.instanceInfo("foo")
+		c.Assert(err, gc.Equals, environs.ErrNoInstances)
 	}()
-}
 
-func (s *aggregateSuite) TestBatching(c *gc.C) {
-	s.PatchValue(&gatherTime, 10*time.Millisecond)
-	var testGetter batchingInstanceGetter
-	testGetter.Lock()
-	testGetter.aggregator = newAggregator(&testGetter)
-	// We only need to inform the system about 1 instance, because all the
-	// requests are for the same instance.
-	testGetter.newTestInstance("foo", "foobar", []string{"127.0.0.1", "192.168.1.1"})
-	testGetter.totalCount = 100
-	testGetter.batchSize = 10
-	testGetter.wg.Add(testGetter.totalCount)
-	// startRequest will trigger one request, which ends up calling
-	// Instances, which will turn around and trigger batchSize requests,
-	// which should get aggregated into a single call to Instances, which
-	// then should trigger another round of batchSize requests.
-	testGetter.startRequest()
-	testGetter.Unlock()
-	testGetter.wg.Wait()
-	c.Assert(testGetter.counter, gc.Equals, int32(testGetter.totalCount/testGetter.batchSize)+1)
-}
+	// Unwind to let our request through.
+	waitAlarms(c, clock, 1)
+	clock.Advance(delay)
 
-func (s *aggregateSuite) TestError(c *gc.C) {
-	testGetter := new(testInstanceGetter)
-	ourError := fmt.Errorf("Some error")
-	testGetter.err = ourError
+	wg.Wait()
 
-	aggregator := newAggregator(testGetter)
+	// Kill the worker so we know there is no race checking the erroringTestGetter.
+	workertest.CleanKill(c, aggregator)
 
-	_, err := aggregator.instanceInfo("foo")
-	c.Assert(err, gc.Equals, ourError)
+	c.Assert(testGetter.err, gc.Equals, environs.ErrNoInstances)
+	c.Assert(testGetter.counter, gc.Equals, int32(1))
 }
 
-func (s *aggregateSuite) TestPartialErrResponse(c *gc.C) {
+func (s *aggregateSuite) TestPartialInstanceErrors(c *gc.C) {
 	testGetter := new(testInstanceGetter)
+	clock := testing.NewClock(time.Now())
+	delay := time.Second
+
+	cfg := aggregatorConfig{
+		Clock:   clock,
+		Delay:   delay,
+		Environ: testGetter,
+	}
+
 	testGetter.err = environs.ErrPartialInstances
+	testGetter.newTestInstance("foo", "not foobar", []string{"192.168.1.2"})
 
-	aggregator := newAggregator(testGetter)
-	_, err := aggregator.instanceInfo("foo")
+	aggregator, err := newAggregator(cfg)
+	c.Check(err, jc.ErrorIsNil)
 
-	c.Assert(err, gc.ErrorMatches, "instance foo not found")
-	c.Assert(err, jc.Satisfies, errors.IsNotFound)
-}
+	// Ensure the worker is killed and cleaned up if the test exits early.
+	defer workertest.CleanKill(c, aggregator)
 
-func (s *aggregateSuite) TestAddressesError(c *gc.C) {
-	testGetter := new(testInstanceGetter)
-	instance1 := testGetter.newTestInstance("foo", "foobar", []string{"127.0.0.1", "192.168.1.1"})
-	ourError := fmt.Errorf("gotcha")
-	instance1.err = ourError
+	// // Create a checker we can launch as goroutines
+	var wg sync.WaitGroup
+	checkInfo := func(id instance.Id, expectStatus string, expectedError error) {
+		defer wg.Done()
+		info, err := aggregator.instanceInfo(id)
+		if expectedError == nil {
+			c.Check(err, jc.ErrorIsNil)
+		} else {
+			c.Check(err.Error(), gc.Equals, expectedError.Error())
+		}
+		c.Check(info.status.Message, gc.Equals, expectStatus)
+	}
 
-	aggregator := newAggregator(testGetter)
-	_, err := aggregator.instanceInfo("foo")
-	c.Assert(err, gc.Equals, ourError)
-}
+	// Launch and wait for these
+	wg.Add(2)
+	go checkInfo("foo", "not foobar", nil)
+	go checkInfo("foo2", "", errors.New("instance foo2 not found"))
 
-func (s *aggregateSuite) TestKillAndWait(c *gc.C) {
-	testGetter := new(testInstanceGetter)
-	aggregator := newAggregator(testGetter)
-	aggregator.Kill()
-	err := aggregator.Wait()
-	c.Assert(err, jc.ErrorIsNil)
+	// Unwind the testing clock to let our requests through.
+	waitAlarms(c, clock, 2)
+	clock.Advance(delay)
+
+	// Check we're still alive.
+	workertest.CheckAlive(c, aggregator)
+
+	// Wait until the checkers pass.
+	wg.Wait()
+
+	// Now kill the worker so we don't risk a race in the following assertions.
+	workertest.CleanKill(c, aggregator)
+
+	// Ensure we got our list back with the correct length.
+	c.Assert(len(testGetter.ids), gc.Equals, 2)
+
+	// Ensure we called instances once.
+	// TODO(redir): all this stuff is really crying out to be, e.g.
+	// testGetter.CheckOneCall(c, "foo", "foo2") per
+	// http://reviews.vapour.ws/r/4885/
+	c.Assert(testGetter.counter, gc.Equals, int32(1))
+}
+
+func waitAlarms(c *gc.C, clock *testing.Clock, count int) {
+	timeout := time.After(testing.LongWait)
+	for i := 0; i < count; i++ {
+		select {
+		case <-clock.Alarms():
+		case <-timeout:
+			c.Fatalf("timed out waiting for %dth alarm set", i)
+		}
+	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,9 +13,9 @@
 	"sync/atomic"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/instance"
@@ -340,7 +340,7 @@
 
 // This is stubbed out for testing.
 var MachineStatus = func(m *testMachine) (params.StatusResult, error) {
-	return params.StatusResult{Status: m.status}, nil
+	return params.StatusResult{Status: m.status.String()}, nil
 }
 
 func (m *testMachine) Status() (params.StatusResult, error) {
@@ -354,7 +354,7 @@
 func (m *testMachine) InstanceStatus() (params.StatusResult, error) {
 	m.mu.Lock()
 	defer m.mu.Unlock()
-	return params.StatusResult{Status: status.Status(m.instStatus)}, nil
+	return params.StatusResult{Status: m.instStatus.String()}, nil
 }
 
 func (m *testMachine) SetInstanceStatus(machineStatus status.Status, info string, data map[string]interface{}) error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,10 @@
 package instancepoller
 
 import (
+	"time"
+
 	"github.com/juju/errors"
+	"github.com/juju/utils/clock"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/instancepoller"
@@ -16,10 +19,16 @@
 // ManifoldConfig describes the resources used by the instancepoller worker.
 type ManifoldConfig struct {
 	APICallerName string
+	ClockName     string
+	Delay         time.Duration
 	EnvironName   string
 }
 
 func (config ManifoldConfig) start(context dependency.Context) (worker.Worker, error) {
+	var clock clock.Clock
+	if err := context.Get(config.ClockName, &clock); err != nil {
+		return nil, errors.Trace(err)
+	}
 	var environ environs.Environ
 	if err := context.Get(config.EnvironName, &environ); err != nil {
 		return nil, errors.Trace(err)
@@ -32,6 +41,8 @@
 	facade := instancepoller.NewAPI(apiCaller)
 
 	w, err := NewWorker(Config{
+		Clock:   clock,
+		Delay:   config.Delay,
 		Facade:  facade,
 		Environ: environ,
 	})
@@ -44,7 +55,11 @@
 // Manifold returns a Manifold that encapsulates the instancepoller worker.
 func Manifold(config ManifoldConfig) dependency.Manifold {
 	return dependency.Manifold{
-		Inputs: []string{config.APICallerName, config.EnvironName},
-		Start:  config.start,
+		Inputs: []string{
+			config.APICallerName,
+			config.EnvironName,
+			config.ClockName,
+		},
+		Start: config.start,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/updater.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/updater.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/updater.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/updater.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/instance"
@@ -124,17 +124,13 @@
 			// We don't know about the machine - start
 			// a goroutine to deal with it.
 			m, err := p.context.getMachine(tag)
-			if params.IsCodeNotFound(err) {
-				logger.Warningf("watcher gave notification of non-existent machine %q", tag.Id())
-				continue
-			}
 			if err != nil {
-				return err
+				return errors.Trace(err)
 			}
 			// We don't poll manual machines.
 			isManual, err := m.IsManual()
 			if err != nil {
-				return err
+				return errors.Trace(err)
 			}
 			if isManual {
 				continue
@@ -190,7 +186,8 @@
 				if statusInfo, err := m.Status(); err != nil {
 					logger.Warningf("cannot get current machine status for machine %v: %v", m.Id(), err)
 				} else {
-					machineStatus = statusInfo.Status
+					// TODO(perrito666) add status validation.
+					machineStatus = status.Status(statusInfo.Status)
 				}
 			}
 			// the extra condition below (checking allocating/pending) is here to improve user experience
@@ -252,8 +249,9 @@
 		logger.Warningf("cannot get current instance status for machine %v: %v", m.Id(), err)
 		instInfo.status = instance.InstanceStatus{status.StatusUnknown, ""}
 	} else {
+		// TODO(perrito666) add status validation.
 		currentInstStatus := instance.InstanceStatus{
-			Status:  instStat.Status,
+			Status:  status.Status(instStat.Status),
 			Message: instStat.Info,
 		}
 		if instInfo.status != currentInstStatus {
@@ -286,10 +284,10 @@
 
 	ca0 := make([]network.Address, len(a0))
 	copy(ca0, a0)
-	network.SortAddresses(ca0, true)
+	network.SortAddresses(ca0)
 	ca1 := make([]network.Address, len(a1))
 	copy(ca1, a1)
-	network.SortAddresses(ca1, true)
+	network.SortAddresses(ca1)
 
 	for i := range ca0 {
 		if ca0[i] != ca1[i] {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/updater_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/updater_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/updater_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/updater_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/status"
@@ -97,7 +97,7 @@
 		// Signal that we're in Status.
 		waitStatus <- struct{}{}
 		return params.StatusResult{
-			Status: status.StatusPending,
+			Status: status.StatusPending.String(),
 			Info:   "",
 			Data:   map[string]interface{}{},
 			Since:  nil,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,22 +4,32 @@
 package instancepoller
 
 import (
+	"time"
+
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/instancepoller"
-	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/catacomb"
 )
 
 type Config struct {
+	Clock   clock.Clock
+	Delay   time.Duration
 	Facade  *instancepoller.API
-	Environ environs.Environ
+	Environ InstanceGetter
 }
 
 func (config Config) Validate() error {
+	if config.Clock == nil {
+		return errors.NotValidf("nil clock.Clock")
+	}
+	if config.Delay == 0 {
+		return errors.NotValidf("zero Delay")
+	}
 	if config.Facade == nil {
 		return errors.NotValidf("nil Facade")
 	}
@@ -66,13 +76,22 @@
 }
 
 func (u *updaterWorker) loop() (err error) {
-	u.aggregator = newAggregator(u.config.Environ)
+	u.aggregator, err = newAggregator(
+		aggregatorConfig{
+			Clock:   u.config.Clock,
+			Delay:   u.config.Delay,
+			Environ: u.config.Environ,
+		},
+	)
+	if err != nil {
+		return errors.Trace(err)
+	}
 	if err := u.catacomb.Add(u.aggregator); err != nil {
 		return errors.Trace(err)
 	}
 	watcher, err := u.config.Facade.WatchModelMachines()
 	if err != nil {
-		return err
+		return errors.Trace(err)
 	}
 	if err := u.catacomb.Add(watcher); err != nil {
 		return errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/instancepoller/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/instancepoller/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,10 @@
 	"reflect"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apiinstancepoller "github.com/juju/juju/api/instancepoller"
@@ -53,12 +54,16 @@
 	// Most functionality is already tested in detail - we
 	// just need to test that things are wired together
 	// correctly.
+
+	// TODO(redir): per fwereade these should be in the worker config.
 	s.PatchValue(&ShortPoll, 10*time.Millisecond)
 	s.PatchValue(&LongPoll, 10*time.Millisecond)
-	s.PatchValue(&gatherTime, 10*time.Millisecond)
+
 	machines, insts := s.setupScenario(c)
 	s.State.StartSync()
 	w, err := NewWorker(Config{
+		Delay:   time.Millisecond * 10,
+		Clock:   clock.WallClock,
 		Facade:  s.api,
 		Environ: s.Environ,
 	})
@@ -96,7 +101,7 @@
 			}
 			instanceStatus, err := m.InstanceStatus()
 			c.Logf("instance message is: %q", instanceStatus.Info)
-			c.Assert(instanceStatus.Status, gc.Equals, status.StatusPending)
+			c.Assert(instanceStatus.Status, gc.Equals, status.StatusPending.String())
 			stm, err := s.State.Machine(m.Id())
 			c.Assert(err, jc.ErrorIsNil)
 			return len(stm.Addresses()) == 0
@@ -123,7 +128,7 @@
 			}
 			// Machines in second half still have no addresses, nor status.
 			instanceStatus, err := m.InstanceStatus()
-			c.Assert(instanceStatus.Status, gc.Equals, status.StatusPending)
+			c.Assert(instanceStatus.Status, gc.Equals, status.StatusPending.String())
 			stm, err := s.State.Machine(m.Id())
 			c.Assert(err, jc.ErrorIsNil)
 			return len(stm.Addresses()) == 0
@@ -180,7 +185,7 @@
 		apiMachine, err := s.api.Machine(names.NewMachineTag(m.Id()))
 		c.Assert(err, jc.ErrorIsNil)
 		machines = append(machines, apiMachine)
-		inst, _ := testing.AssertStartInstance(c, s.Environ, m.Id())
+		inst, _ := testing.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), m.Id())
 		insts = append(insts, inst)
 	}
 	// Associate the odd-numbered machines with an instance.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,14 +6,9 @@
 import (
 	stdtesting "testing"
 
-	"github.com/juju/testing"
-
 	gc "gopkg.in/check.v1"
 )
 
 func TestPackage(t *stdtesting.T) {
-	if testing.RaceEnabled {
-		t.Skip("skipping package under -race, see LP 1518806")
-	}
 	gc.TestingT(t)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/tracker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/tracker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/tracker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/tracker.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/core/leadership"
@@ -17,12 +17,12 @@
 var logger = loggo.GetLogger("juju.worker.leadership")
 
 type Tracker struct {
-	tomb        tomb.Tomb
-	claimer     leadership.Claimer
-	unitName    string
-	serviceName string
-	duration    time.Duration
-	isMinion    bool
+	tomb            tomb.Tomb
+	claimer         leadership.Claimer
+	unitName        string
+	applicationName string
+	duration        time.Duration
+	isMinion        bool
 
 	claimLease        chan struct{}
 	renewLease        <-chan time.Time
@@ -43,10 +43,10 @@
 // a network connection).
 func NewTracker(tag names.UnitTag, claimer leadership.Claimer, duration time.Duration) *Tracker {
 	unitName := tag.Id()
-	serviceName, _ := names.UnitService(unitName)
+	serviceName, _ := names.UnitApplication(unitName)
 	t := &Tracker{
 		unitName:          unitName,
-		serviceName:       serviceName,
+		applicationName:   serviceName,
 		claimer:           claimer,
 		duration:          duration,
 		claimTickets:      make(chan chan bool),
@@ -93,9 +93,9 @@
 	return t.tomb.Wait()
 }
 
-// ServiceName is part of the leadership.Tracker interface.
-func (t *Tracker) ServiceName() string {
-	return t.serviceName
+// ApplicationName is part of the leadership.Tracker interface.
+func (t *Tracker) ApplicationName() string {
+	return t.applicationName
 }
 
 // ClaimDuration is part of the leadership.Tracker interface.
@@ -119,7 +119,7 @@
 }
 
 func (t *Tracker) loop() error {
-	logger.Debugf("%s making initial claim for %s leadership", t.unitName, t.serviceName)
+	logger.Debugf("%s making initial claim for %s leadership", t.unitName, t.applicationName)
 	if err := t.refresh(); err != nil {
 		return errors.Trace(err)
 	}
@@ -128,29 +128,29 @@
 		case <-t.tomb.Dying():
 			return tomb.ErrDying
 		case <-t.claimLease:
-			logger.Debugf("%s claiming lease for %s leadership", t.unitName, t.serviceName)
+			logger.Debugf("%s claiming lease for %s leadership", t.unitName, t.applicationName)
 			t.claimLease = nil
 			if err := t.refresh(); err != nil {
 				return errors.Trace(err)
 			}
 		case <-t.renewLease:
-			logger.Debugf("%s renewing lease for %s leadership", t.unitName, t.serviceName)
+			logger.Debugf("%s renewing lease for %s leadership", t.unitName, t.applicationName)
 			t.renewLease = nil
 			if err := t.refresh(); err != nil {
 				return errors.Trace(err)
 			}
 		case ticketCh := <-t.claimTickets:
-			logger.Debugf("%s got claim request for %s leadership", t.unitName, t.serviceName)
+			logger.Debugf("%s got claim request for %s leadership", t.unitName, t.applicationName)
 			if err := t.resolveClaim(ticketCh); err != nil {
 				return errors.Trace(err)
 			}
 		case ticketCh := <-t.waitLeaderTickets:
-			logger.Debugf("%s got wait request for %s leadership", t.unitName, t.serviceName)
+			logger.Debugf("%s got wait request for %s leadership", t.unitName, t.applicationName)
 			if err := t.resolveWaitLeader(ticketCh); err != nil {
 				return errors.Trace(err)
 			}
 		case ticketCh := <-t.waitMinionTickets:
-			logger.Debugf("%s got wait request for %s leadership loss", t.unitName, t.serviceName)
+			logger.Debugf("%s got wait request for %s leadership loss", t.unitName, t.applicationName)
 			if err := t.resolveWaitMinion(ticketCh); err != nil {
 				return errors.Trace(err)
 			}
@@ -161,11 +161,11 @@
 // refresh makes a leadership request, and updates Tracker state to conform to
 // latest known reality.
 func (t *Tracker) refresh() error {
-	logger.Debugf("checking %s for %s leadership", t.unitName, t.serviceName)
+	logger.Debugf("checking %s for %s leadership", t.unitName, t.applicationName)
 	leaseDuration := 2 * t.duration
 	// TODO(fwereade): 2016-03-17 lp:1558657
 	untilTime := time.Now().Add(leaseDuration)
-	err := t.claimer.ClaimLeadership(t.serviceName, t.unitName, leaseDuration)
+	err := t.claimer.ClaimLeadership(t.applicationName, t.unitName, leaseDuration)
 	switch {
 	case err == nil:
 		return t.setLeader(untilTime)
@@ -177,16 +177,16 @@
 
 // setLeader arranges for lease renewal.
 func (t *Tracker) setLeader(untilTime time.Time) error {
-	logger.Debugf("%s confirmed for %s leadership until %s", t.unitName, t.serviceName, untilTime)
+	logger.Debugf("%s confirmed for %s leadership until %s", t.unitName, t.applicationName, untilTime)
 	renewTime := untilTime.Add(-t.duration)
-	logger.Infof("%s will renew %s leadership at %s", t.unitName, t.serviceName, renewTime)
+	logger.Infof("%s will renew %s leadership at %s", t.unitName, t.applicationName, renewTime)
 	t.isMinion = false
 	t.claimLease = nil
 	// TODO(fwereade): 2016-03-17 lp:1558657
 	t.renewLease = time.After(renewTime.Sub(time.Now()))
 
 	for len(t.waitingLeader) > 0 {
-		logger.Debugf("notifying %s ticket of impending %s leadership", t.unitName, t.serviceName)
+		logger.Debugf("notifying %s ticket of impending %s leadership", t.unitName, t.applicationName)
 		var ticketCh chan bool
 		ticketCh, t.waitingLeader = t.waitingLeader[0], t.waitingLeader[1:]
 		defer close(ticketCh)
@@ -199,17 +199,17 @@
 
 // setMinion arranges for lease acquisition when there's an opportunity.
 func (t *Tracker) setMinion() error {
-	logger.Infof("%s leadership for %s denied", t.serviceName, t.unitName)
+	logger.Infof("%s leadership for %s denied", t.applicationName, t.unitName)
 	t.isMinion = true
 	t.renewLease = nil
 	if t.claimLease == nil {
 		t.claimLease = make(chan struct{})
 		go func() {
 			defer close(t.claimLease)
-			logger.Debugf("%s waiting for %s leadership release", t.unitName, t.serviceName)
-			err := t.claimer.BlockUntilLeadershipReleased(t.serviceName)
+			logger.Debugf("%s waiting for %s leadership release", t.unitName, t.applicationName)
+			err := t.claimer.BlockUntilLeadershipReleased(t.applicationName)
 			if err != nil {
-				logger.Warningf("error while %s waiting for %s leadership release: %v", t.unitName, t.serviceName, err)
+				logger.Debugf("error while %s waiting for %s leadership release: %v", t.unitName, t.applicationName, err)
 			}
 			// We don't need to do anything else with the error, because we just
 			// close the claimLease channel and trigger a leadership claim on the
@@ -221,7 +221,7 @@
 	}
 
 	for len(t.waitingMinion) > 0 {
-		logger.Debugf("notifying %s ticket of impending loss of %s leadership", t.unitName, t.serviceName)
+		logger.Debugf("notifying %s ticket of impending loss of %s leadership", t.unitName, t.applicationName)
 		var ticketCh chan bool
 		ticketCh, t.waitingMinion = t.waitingMinion[0], t.waitingMinion[1:]
 		defer close(ticketCh)
@@ -240,13 +240,13 @@
 		case <-t.tomb.Dying():
 			return false, errors.Trace(tomb.ErrDying)
 		case <-t.renewLease:
-			logger.Debugf("%s renewing lease for %s leadership", t.unitName, t.serviceName)
+			logger.Debugf("%s renewing lease for %s leadership", t.unitName, t.applicationName)
 			t.renewLease = nil
 			if err := t.refresh(); err != nil {
 				return false, errors.Trace(err)
 			}
 		default:
-			logger.Debugf("%s still has %s leadership", t.unitName, t.serviceName)
+			logger.Debugf("%s still has %s leadership", t.unitName, t.applicationName)
 		}
 	}
 	return !t.isMinion, nil
@@ -255,15 +255,15 @@
 // resolveClaim will send true on the supplied channel if leadership can be
 // successfully verified, and will always close it whether or not it sent.
 func (t *Tracker) resolveClaim(ticketCh chan bool) error {
-	logger.Debugf("resolving %s leadership ticket for %s...", t.serviceName, t.unitName)
+	logger.Debugf("resolving %s leadership ticket for %s...", t.applicationName, t.unitName)
 	defer close(ticketCh)
 	if leader, err := t.isLeader(); err != nil {
 		return errors.Trace(err)
 	} else if !leader {
-		logger.Debugf("%s is not %s leader", t.unitName, t.serviceName)
+		logger.Debugf("%s is not %s leader", t.unitName, t.applicationName)
 		return nil
 	}
-	logger.Debugf("confirming %s leadership for %s", t.serviceName, t.unitName)
+	logger.Debugf("confirming %s leadership for %s", t.applicationName, t.unitName)
 	return t.sendTrue(ticketCh)
 }
 
@@ -283,11 +283,11 @@
 	if leader, err := t.isLeader(); err != nil {
 		return errors.Trace(err)
 	} else if leader {
-		logger.Debugf("reporting %s leadership for %s", t.serviceName, t.unitName)
+		logger.Debugf("reporting %s leadership for %s", t.applicationName, t.unitName)
 		return t.sendTrue(ticketCh)
 	}
 
-	logger.Debugf("waiting for %s to attain %s leadership", t.unitName, t.serviceName)
+	logger.Debugf("waiting for %s to attain %s leadership", t.unitName, t.applicationName)
 	t.waitingLeader = append(t.waitingLeader, ticketCh)
 	dontClose = true
 	return nil
@@ -306,11 +306,11 @@
 	if leader, err := t.isLeader(); err != nil {
 		return errors.Trace(err)
 	} else if leader {
-		logger.Debugf("waiting for %s to lose %s leadership", t.unitName, t.serviceName)
+		logger.Debugf("waiting for %s to lose %s leadership", t.unitName, t.applicationName)
 		t.waitingMinion = append(t.waitingMinion, ticketCh)
 		dontClose = true
 	} else {
-		logger.Debugf("reporting %s leadership loss for %s", t.serviceName, t.unitName)
+		logger.Debugf("reporting %s leadership loss for %s", t.applicationName, t.unitName)
 	}
 	return nil
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/tracker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/tracker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/leadership/tracker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/leadership/tracker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	coreleadership "github.com/juju/juju/core/leadership"
 	coretesting "github.com/juju/juju/testing"
@@ -64,10 +64,10 @@
 	}
 }
 
-func (s *TrackerSuite) TestServiceName(c *gc.C) {
+func (s *TrackerSuite) TestApplicationName(c *gc.C) {
 	tracker := leadership.NewTracker(s.unitTag, s.claimer, trackerDuration)
 	defer assertStop(c, tracker)
-	c.Assert(tracker.ServiceName(), gc.Equals, "led-service")
+	c.Assert(tracker.ApplicationName(), gc.Equals, "led-service")
 }
 
 func (s *TrackerSuite) TestOnLeaderSuccess(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/core/life"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
@@ -54,7 +54,7 @@
 	return dependency.Manifold{
 		Inputs: []string{config.APICallerName},
 		Start:  config.start,
-		Output: util.FlagOutput,
+		Output: engine.FlagOutput,
 		Filter: config.Filter,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,13 +5,13 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/core/life"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
@@ -44,7 +44,7 @@
 func (*ManifoldSuite) TestOutputBadWorker(c *gc.C) {
 	manifold := lifeflag.Manifold(lifeflag.ManifoldConfig{})
 	worker := struct{ worker.Worker }{}
-	var flag util.Flag
+	var flag engine.Flag
 	err := manifold.Output(worker, &flag)
 	c.Check(err, gc.ErrorMatches, "expected in to implement Flag; got a .*")
 }
@@ -60,7 +60,7 @@
 func (*ManifoldSuite) TestOutputSuccess(c *gc.C) {
 	manifold := lifeflag.Manifold(lifeflag.ManifoldConfig{})
 	worker := &lifeflag.Worker{}
-	var flag util.Flag
+	var flag engine.Flag
 	err := manifold.Output(worker, &flag)
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(flag, gc.Equals, worker)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,8 +4,8 @@
 package lifeflag_test
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/testing"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/core/life"
 	"github.com/juju/juju/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/lifeflag"
 	"github.com/juju/juju/core/life"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/lifeflag/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/lifeflag/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	apilifeflag "github.com/juju/juju/api/lifeflag"
 	"github.com/juju/juju/core/life"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/logforwarder.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/logforwarder.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/logforwarder.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/logforwarder.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,262 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logforwarder
+
+import (
+	"io"
+	"sync"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"launchpad.net/tomb"
+
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/logfwd"
+	"github.com/juju/juju/worker/catacomb"
+)
+
+var logger = loggo.GetLogger("juju.worker.logforwarder")
+
+// LogStream streams log entries from a log source (e.g. the Juju controller).
+type LogStream interface {
+	// Next returns the next batch of log records from the stream.
+	Next() ([]logfwd.Record, error)
+}
+
+// LogStreamFn is a function that opens a log stream.
+type LogStreamFn func(_ base.APICaller, _ params.LogStreamConfig, controllerUUID string) (LogStream, error)
+
+// SendCloser is responsible for sending log records to a log sink.
+type SendCloser interface {
+	sender
+	io.Closer
+}
+
+type sender interface {
+	// Send sends the records to its log sink. It is also responsible
+	// for notifying the controller that record was forwarded.
+	Send([]logfwd.Record) error
+}
+
+// TODO(ericsnow) It is likely that eventually we will want to support
+// multiplexing to multiple senders, each in its own goroutine (or worker).
+
+// LogForwarder is a worker that forwards log records from a source
+// to a sender.
+type LogForwarder struct {
+	catacomb  catacomb.Catacomb
+	args      OpenLogForwarderArgs
+	enabledCh chan bool
+	mu        sync.Mutex
+	enabled   bool
+}
+
+// OpenLogForwarderArgs holds the info needed to open a LogForwarder.
+type OpenLogForwarderArgs struct {
+	// AllModels indicates that the tracker is handling all models.
+	AllModels bool
+
+	// ControllerUUID identifies the controller.
+	ControllerUUID string
+
+	// LogForwardConfig is the API used to access log forwarding config.
+	LogForwardConfig LogForwardConfig
+
+	// Caller is the API caller that will be used.
+	Caller base.APICaller
+
+	// Name is the name given to the log sink.
+	Name string
+
+	// OpenSink is the function that opens the underlying log sink that
+	// will be wrapped.
+	OpenSink LogSinkFn
+
+	// OpenLogStream is the function that will be used to for the
+	// log stream.
+	OpenLogStream LogStreamFn
+}
+
+// processNewConfig acts on a new syslog forward config change.
+func (lf *LogForwarder) processNewConfig(currentSender SendCloser) (SendCloser, error) {
+	lf.mu.Lock()
+	defer lf.mu.Unlock()
+
+	closeExisting := func() error {
+		lf.enabled = false
+		// If we are already sending, close the current sender.
+		if currentSender != nil {
+			return currentSender.Close()
+		}
+		return nil
+	}
+
+	// Get the new config and set up log forwarding if enabled.
+	cfg, ok, err := lf.args.LogForwardConfig.LogForwardConfig()
+	if err != nil {
+		closeExisting()
+		return nil, errors.Trace(err)
+	}
+	if !ok || !cfg.Enabled {
+		logger.Infof("config change - log forwarding not enabled")
+		return nil, closeExisting()
+	}
+	// If the config is not valid, we don't want to exit with an error
+	// and bounce the worker; we'll just log the issue and wait for another
+	// config change to come through.
+	// We'll continue sending using the current sink.
+	if err := cfg.Validate(); err != nil {
+		logger.Errorf("invalid log forward config change: %v", err)
+		return currentSender, nil
+	}
+
+	// Shutdown the existing sink since we need to now create a new one.
+	if err := closeExisting(); err != nil {
+		return nil, errors.Trace(err)
+	}
+	sink, err := OpenTrackingSink(TrackingSinkArgs{
+		Name:      lf.args.Name,
+		AllModels: lf.args.AllModels,
+		Config:    cfg,
+		Caller:    lf.args.Caller,
+		OpenSink:  lf.args.OpenSink,
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	lf.enabledCh <- true
+	return sink, nil
+}
+
+// waitForEnabled returns true if streaming is enabled.
+// Otherwise if blocks and waits for enabled to be true.
+func (lf *LogForwarder) waitForEnabled() (bool, error) {
+	lf.mu.Lock()
+	enabled := lf.enabled
+	lf.mu.Unlock()
+	if enabled {
+		return true, nil
+	}
+
+	select {
+	case <-lf.catacomb.Dying():
+		return false, tomb.ErrDying
+	case enabled = <-lf.enabledCh:
+	}
+	lf.mu.Lock()
+	defer lf.mu.Unlock()
+
+	if !lf.enabled && enabled {
+		logger.Infof("log forward enabled, starting to stream logs to syslog sink")
+	}
+	lf.enabled = enabled
+	return enabled, nil
+}
+
+// NewLogForwarder returns a worker that forwards logs received from
+// the stream to the sender.
+func NewLogForwarder(args OpenLogForwarderArgs) (*LogForwarder, error) {
+	lf := &LogForwarder{
+		args:      args,
+		enabledCh: make(chan bool, 1),
+	}
+	err := catacomb.Invoke(catacomb.Plan{
+		Site: &lf.catacomb,
+		Work: func() error {
+			return errors.Trace(lf.loop())
+		},
+	})
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return lf, nil
+}
+
+func (lf *LogForwarder) loop() error {
+	configWatcher, err := lf.args.LogForwardConfig.WatchForLogForwardConfigChanges()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if err := lf.catacomb.Add(configWatcher); err != nil {
+		return errors.Trace(err)
+	}
+
+	records := make(chan []logfwd.Record)
+	var stream LogStream
+	go func() {
+		for {
+			enabled, err := lf.waitForEnabled()
+			if err == tomb.ErrDying {
+				return
+			}
+			if !enabled {
+				continue
+			}
+			// Lazily create log streamer if needed.
+			if stream == nil {
+				streamCfg := params.LogStreamConfig{
+					AllModels: lf.args.AllModels,
+					Sink:      lf.args.Name,
+					// TODO(wallyworld) - this should be configurable via lf.args.LogForwardConfig
+					MaxLookbackRecords: 100,
+				}
+				stream, err = lf.args.OpenLogStream(lf.args.Caller, streamCfg, lf.args.ControllerUUID)
+				if err != nil {
+					lf.catacomb.Kill(errors.Annotate(err, "creating log stream"))
+					break
+				}
+
+			}
+			rec, err := stream.Next()
+			if err != nil {
+				lf.catacomb.Kill(errors.Annotate(err, "getting next log record"))
+				break
+			}
+			select {
+			case <-lf.catacomb.Dying():
+				return
+			case records <- rec: // Wait until the last one is sent.
+			}
+		}
+	}()
+
+	var sender SendCloser
+	defer func() {
+		if sender != nil {
+			sender.Close()
+		}
+	}()
+
+	for {
+		select {
+		case <-lf.catacomb.Dying():
+			return lf.catacomb.ErrDying()
+		case _, ok := <-configWatcher.Changes():
+			if !ok {
+				return errors.New("syslog configuration watcher closed")
+			}
+			if sender, err = lf.processNewConfig(sender); err != nil {
+				return errors.Trace(err)
+			}
+		case rec := <-records:
+			if sender == nil {
+				continue
+			}
+			if err := sender.Send(rec); err != nil {
+				return errors.Trace(err)
+			}
+		}
+	}
+}
+
+// Kill implements Worker.Kill()
+func (lf *LogForwarder) Kill() {
+	lf.catacomb.Kill(nil)
+}
+
+// Wait implements Worker.Wait()
+func (lf *LogForwarder) Wait() error {
+	return lf.catacomb.Wait()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/logforwarder_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/logforwarder_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/logforwarder_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/logforwarder_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,365 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logforwarder_test
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/logfwd"
+	"github.com/juju/juju/logfwd/syslog"
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/version"
+	"github.com/juju/juju/watcher"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/logforwarder"
+	"github.com/juju/juju/worker/workertest"
+)
+
+type LogForwarderSuite struct {
+	testing.IsolationSuite
+
+	stub   *testing.Stub
+	stream *stubStream
+	sender *stubSender
+	rec    logfwd.Record
+}
+
+var _ = gc.Suite(&LogForwarderSuite{})
+
+func (s *LogForwarderSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+
+	s.stub = &testing.Stub{}
+	s.stream = newStubStream(s.stub)
+	s.sender = newStubSender(s.stub)
+	s.rec = logfwd.Record{
+		Origin: logfwd.Origin{
+			ControllerUUID: "feebdaed-2f18-4fd2-967d-db9663db7bea",
+			ModelUUID:      "deadbeef-2f18-4fd2-967d-db9663db7bea",
+			Hostname:       "machine-99.deadbeef-2f18-4fd2-967d-db9663db7bea",
+			Type:           logfwd.OriginTypeMachine,
+			Name:           "99",
+			Software: logfwd.Software{
+				PrivateEnterpriseNumber: 28978,
+				Name:    "jujud-machine-agent",
+				Version: version.Current,
+			},
+		},
+		ID:        10,
+		Timestamp: time.Now(),
+		Level:     loggo.INFO,
+		Location: logfwd.SourceLocation{
+			Module:   "api.logstream.test",
+			Filename: "test.go",
+			Line:     42,
+		},
+		Message: "send to 10.0.0.1",
+	}
+}
+
+func (s *LogForwarderSuite) checkNext(c *gc.C, rec logfwd.Record) {
+	s.stream.waitBeforeNext(c)
+	s.stream.waitAfterNext(c)
+	s.sender.waitAfterSend(c)
+	s.stub.CheckCallNames(c, "Next", "Send")
+	s.stub.CheckCall(c, 1, "Send", []logfwd.Record{rec})
+	s.stub.ResetCalls()
+}
+
+func (s *LogForwarderSuite) checkClose(c *gc.C, lf worker.Worker, expected error) {
+	go func() {
+		s.sender.waitBeforeClose(c)
+	}()
+	var err error
+	if expected == nil {
+		workertest.CleanKill(c, lf)
+	} else {
+		err = workertest.CheckKill(c, lf)
+	}
+	c.Check(errors.Cause(err), gc.Equals, expected)
+	s.stub.CheckCallNames(c, "Close")
+}
+
+type mockLogForwardConfig struct {
+	enabled bool
+	host    string
+	changes chan struct{}
+}
+
+type mockWatcher struct {
+	watcher.NotifyWatcher
+	changes chan struct{}
+}
+
+func (m *mockWatcher) Changes() watcher.NotifyChannel {
+	return m.changes
+}
+
+func (*mockWatcher) Kill() {
+}
+
+func (*mockWatcher) Wait() error {
+	return nil
+}
+
+type mockCaller struct {
+	base.APICaller
+}
+
+func (*mockCaller) APICall(objType string, version int, id, request string, params, response interface{}) error {
+	return nil
+}
+
+func (*mockCaller) BestFacadeVersion(facade string) int {
+	return 0
+}
+
+func (c *mockLogForwardConfig) WatchForLogForwardConfigChanges() (watcher.NotifyWatcher, error) {
+	c.changes = make(chan struct{}, 1)
+	c.changes <- struct{}{}
+	return &mockWatcher{
+		changes: c.changes,
+	}, nil
+}
+
+func (c *mockLogForwardConfig) LogForwardConfig() (*syslog.RawConfig, bool, error) {
+	return &syslog.RawConfig{
+		Enabled:    c.enabled,
+		Host:       c.host,
+		CACert:     coretesting.CACert,
+		ClientCert: coretesting.ServerCert,
+		ClientKey:  coretesting.ServerKey,
+	}, true, nil
+}
+
+func (s *LogForwarderSuite) newLogForwarderArgs(c *gc.C, stream logforwarder.LogStream, sender *stubSender) logforwarder.OpenLogForwarderArgs {
+	api := &mockLogForwardConfig{
+		enabled: stream != nil,
+		host:    "10.0.0.1",
+	}
+	return s.newLogForwarderArgsWithAPI(c, api, stream, sender)
+}
+
+func (s *LogForwarderSuite) newLogForwarderArgsWithAPI(c *gc.C, configAPI logforwarder.LogForwardConfig, stream logforwarder.LogStream, sender *stubSender) logforwarder.OpenLogForwarderArgs {
+	return logforwarder.OpenLogForwarderArgs{
+		Caller:           &mockCaller{},
+		LogForwardConfig: configAPI,
+		AllModels:        true,
+		ControllerUUID:   "feebdaed-2f18-4fd2-967d-db9663db7bea",
+		OpenSink: func(cfg *syslog.RawConfig) (*logforwarder.LogSink, error) {
+			sender.host = cfg.Host
+			sink := &logforwarder.LogSink{
+				sender,
+			}
+			return sink, nil
+		},
+		OpenLogStream: func(_ base.APICaller, _ params.LogStreamConfig, controllerUUID string) (logforwarder.LogStream, error) {
+			c.Assert(controllerUUID, gc.Equals, "feebdaed-2f18-4fd2-967d-db9663db7bea")
+			return stream, nil
+		},
+	}
+}
+
+func (s *LogForwarderSuite) TestOne(c *gc.C) {
+	s.stream.setRecords(c, []logfwd.Record{
+		s.rec,
+	})
+
+	lf, err := logforwarder.NewLogForwarder(s.newLogForwarderArgs(c, s.stream, s.sender))
+	c.Assert(err, jc.ErrorIsNil)
+	defer s.checkClose(c, lf, nil)
+
+	s.checkNext(c, s.rec)
+}
+
+func (s *LogForwarderSuite) TestConfigChange(c *gc.C) {
+	rec2 := s.rec
+	rec2.ID = 11
+	s.stream.setRecords(c, []logfwd.Record{
+		s.rec,
+		rec2,
+	})
+
+	api := &mockLogForwardConfig{
+		enabled: true,
+		host:    "10.0.0.1",
+	}
+	lf, err := logforwarder.NewLogForwarder(s.newLogForwarderArgsWithAPI(c, api, s.stream, s.sender))
+	c.Assert(err, jc.ErrorIsNil)
+	defer s.checkClose(c, lf, nil)
+
+	s.checkNext(c, s.rec)
+
+	api.host = "10.0.0.2"
+	api.changes <- struct{}{}
+	s.sender.waitBeforeClose(c)
+	s.stream.waitBeforeNext(c)
+	s.stream.waitAfterNext(c)
+	s.sender.waitAfterSend(c)
+	s.stub.CheckCallNames(c, "Close", "Next", "Send")
+	rec2.Message = "send to 10.0.0.2"
+	s.stub.CheckCall(c, 2, "Send", []logfwd.Record{rec2})
+	s.stub.ResetCalls()
+}
+
+func (s *LogForwarderSuite) TestNotEnabled(c *gc.C) {
+	lf, err := logforwarder.NewLogForwarder(s.newLogForwarderArgs(c, nil, s.sender))
+	c.Assert(err, jc.ErrorIsNil)
+	workertest.CleanKill(c, lf)
+}
+
+func (s *LogForwarderSuite) TestStreamError(c *gc.C) {
+	failure := errors.New("<failure>")
+	s.stub.SetErrors(nil, nil, failure)
+	s.stream.setRecords(c, []logfwd.Record{
+		s.rec,
+	})
+	lf, err := logforwarder.NewLogForwarder(s.newLogForwarderArgs(c, s.stream, s.sender))
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.checkNext(c, s.rec)
+	s.stream.waitBeforeNext(c)
+	s.stream.waitAfterNext(c)
+	s.stub.CheckCallNames(c, "Next")
+	s.stub.ResetCalls()
+	s.checkClose(c, lf, failure)
+}
+
+func (s *LogForwarderSuite) TestSenderError(c *gc.C) {
+	failure := errors.New("<failure>")
+	s.stub.SetErrors(nil, nil, nil, failure)
+	rec2 := s.rec
+	rec2.ID = 11
+	s.stream.setRecords(c, []logfwd.Record{
+		s.rec,
+		rec2,
+	})
+	lf, err := logforwarder.NewLogForwarder(s.newLogForwarderArgs(c, s.stream, s.sender))
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.checkNext(c, s.rec)
+	s.checkNext(c, rec2)
+	s.checkClose(c, lf, failure)
+}
+
+type stubStream struct {
+	stub *testing.Stub
+
+	waitCh     chan struct{}
+	ReturnNext <-chan logfwd.Record
+}
+
+func newStubStream(stub *testing.Stub) *stubStream {
+	return &stubStream{
+		stub:   stub,
+		waitCh: make(chan struct{}),
+	}
+}
+
+func (s *stubStream) setRecords(c *gc.C, recs []logfwd.Record) {
+	recCh := make(chan logfwd.Record)
+	go func() {
+		for _, rec := range recs {
+			select {
+			case recCh <- rec:
+			case <-time.After(coretesting.LongWait):
+				c.Error("timed out waiting for records on the channel")
+			}
+
+		}
+	}()
+	s.ReturnNext = recCh
+}
+
+func (s *stubStream) waitBeforeNext(c *gc.C) {
+	select {
+	case <-s.waitCh:
+	case <-time.After(coretesting.LongWait):
+		c.Error("timed out waiting")
+	}
+}
+
+func (s *stubStream) waitAfterNext(c *gc.C) {
+	select {
+	case <-s.waitCh:
+	case <-time.After(coretesting.LongWait):
+		c.Error("timed out waiting")
+	}
+}
+
+func (s *stubStream) Next() ([]logfwd.Record, error) {
+	s.waitCh <- struct{}{}
+	s.stub.AddCall("Next")
+	s.waitCh <- struct{}{}
+	if err := s.stub.NextErr(); err != nil {
+		return []logfwd.Record{}, errors.Trace(err)
+	}
+
+	rec := <-s.ReturnNext
+	return []logfwd.Record{rec}, nil
+}
+
+type stubSender struct {
+	stub *testing.Stub
+
+	host        string
+	waitSendCh  chan struct{}
+	waitCloseCh chan struct{}
+}
+
+func newStubSender(stub *testing.Stub) *stubSender {
+	return &stubSender{
+		stub:        stub,
+		waitSendCh:  make(chan struct{}),
+		waitCloseCh: make(chan struct{}),
+	}
+}
+
+func (s *stubSender) waitAfterSend(c *gc.C) {
+	select {
+	case <-s.waitSendCh:
+	case <-time.After(coretesting.LongWait):
+		c.Error("timed out waiting")
+	}
+}
+
+func (s *stubSender) waitBeforeClose(c *gc.C) {
+	select {
+	case <-s.waitCloseCh:
+	case <-time.After(coretesting.LongWait):
+		c.Error("timed out waiting")
+	}
+}
+
+func (s *stubSender) Send(records []logfwd.Record) error {
+	for i, rec := range records {
+		rec.Message = "send to " + s.host
+		records[i] = rec
+	}
+	s.stub.AddCall("Send", records)
+	s.waitSendCh <- struct{}{}
+	if err := s.stub.NextErr(); err != nil {
+		return errors.Trace(err)
+	}
+
+	return nil
+}
+
+func (s *stubSender) Close() error {
+	s.waitCloseCh <- struct{}{}
+	s.stub.AddCall("Close")
+	if err := s.stub.NextErr(); err != nil {
+		return errors.Trace(err)
+	}
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/manifold.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logforwarder
+
+import (
+	"github.com/juju/errors"
+
+	apiagent "github.com/juju/juju/api/agent"
+	"github.com/juju/juju/api/base"
+	"github.com/juju/juju/api/logstream"
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/dependency"
+)
+
+// ManifoldConfig defines the names of the manifolds on which a
+// Manifold will depend.
+type ManifoldConfig struct {
+	// These are the dependency resource names.
+	StateName     string
+	APICallerName string
+
+	// Sinks are the named functions that opens the underlying log sinks
+	// to which log records will be forwarded.
+	Sinks []LogSinkSpec
+
+	// OpenLogStream is the function that will be used to for the
+	// log stream.
+	OpenLogStream LogStreamFn
+
+	// OpenLogForwarder opens each log forwarder that will be used.
+	OpenLogForwarder func(OpenLogForwarderArgs) (*LogForwarder, error)
+}
+
+// Manifold returns a dependency manifold that runs a log forwarding
+// worker, using the resource names defined in the supplied config.
+func Manifold(config ManifoldConfig) dependency.Manifold {
+	openLogStream := config.OpenLogStream
+	if openLogStream == nil {
+		openLogStream = func(caller base.APICaller, cfg params.LogStreamConfig, controllerUUID string) (LogStream, error) {
+			return logstream.Open(caller, cfg, controllerUUID)
+		}
+	}
+
+	openForwarder := config.OpenLogForwarder
+	if openForwarder == nil {
+		openForwarder = NewLogForwarder
+	}
+
+	return dependency.Manifold{
+		Inputs: []string{
+			config.StateName, // ...just to force it to run only on the controller.
+			config.APICallerName,
+		},
+		Start: func(context dependency.Context) (worker.Worker, error) {
+			var apiCaller base.APICaller
+			if err := context.Get(config.APICallerName, &apiCaller); err != nil {
+				return nil, errors.Trace(err)
+			}
+
+			agentFacade := apiagent.NewState(apiCaller)
+			controllerCfg, err := agentFacade.ControllerConfig()
+			if err != nil {
+				return nil, errors.Annotate(err, "cannot read controller config")
+			}
+
+			orchestrator, err := newOrchestratorForController(OrchestratorArgs{
+				ControllerUUID:   controllerCfg.ControllerUUID(),
+				LogForwardConfig: agentFacade,
+				Caller:           apiCaller,
+				Sinks:            config.Sinks,
+				OpenLogStream:    openLogStream,
+				OpenLogForwarder: openForwarder,
+			})
+			return orchestrator, errors.Annotate(err, "creating log forwarding orchestrator")
+		},
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/orchestrator.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/orchestrator.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/orchestrator.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/orchestrator.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,59 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logforwarder
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/api/base"
+)
+
+type orchestrator struct {
+	*LogForwarder // For now its just a single forwarder.
+}
+
+// OrchestratorArgs holds the info needed to open a log forwarding
+// orchestration worker.
+type OrchestratorArgs struct {
+	// ControllerUUID is the UUID of the controller for which we will forward logs.
+	ControllerUUID string
+
+	// LogForwardConfig is the API used to access log forward config.
+	LogForwardConfig LogForwardConfig
+
+	// Caller is the API caller that will be used.
+	Caller base.APICaller
+
+	// Sinks are the named functions that open the underlying log sinks
+	// to which log records will be forwarded.
+	Sinks []LogSinkSpec
+
+	// OpenLogStream is the function that will be used to for the
+	// log stream.
+	OpenLogStream LogStreamFn
+
+	// OpenLogForwarder opens each log forwarder that will be used.
+	OpenLogForwarder func(OpenLogForwarderArgs) (*LogForwarder, error)
+}
+
+func newOrchestratorForController(args OrchestratorArgs) (*orchestrator, error) {
+	// For now we work with only 1 forwarder. Later we can have a proper
+	// orchestrator that spawns a sub-worker for each log sink.
+	if len(args.Sinks) == 0 {
+		return nil, nil
+	}
+	if len(args.Sinks) > 1 {
+		return nil, errors.Errorf("multiple log forwarding targets not supported (yet)")
+	}
+	lf, err := args.OpenLogForwarder(OpenLogForwarderArgs{
+		AllModels:        true,
+		ControllerUUID:   args.ControllerUUID,
+		LogForwardConfig: args.LogForwardConfig,
+		Caller:           args.Caller,
+		Name:             args.Sinks[0].Name,
+		OpenSink:         args.Sinks[0].OpenFn,
+		OpenLogStream:    args.OpenLogStream,
+	})
+	return &orchestrator{lf}, errors.Annotate(err, "opening log forwarder")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logforwarder_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/sink.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/sink.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/sink.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/sink.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,35 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logforwarder
+
+import (
+	"github.com/juju/juju/logfwd/syslog"
+	"github.com/juju/juju/watcher"
+)
+
+// LogForwardConfig provides access to the log forwarding config for a model.
+type LogForwardConfig interface {
+	// WatchForLogForwardConfigChanges return a NotifyWatcher waiting for the
+	// log forward configuration to change.
+	WatchForLogForwardConfigChanges() (watcher.NotifyWatcher, error)
+
+	// LogForwardConfig returns the current log forward configuration.
+	LogForwardConfig() (*syslog.RawConfig, bool, error)
+}
+
+type LogSinkSpec struct {
+	// Name is the name of the log sink.
+	Name string
+
+	// OpenFn is a function that opens a log sink.
+	OpenFn LogSinkFn
+}
+
+// LogSinkFn is a function that opens a log sink.
+type LogSinkFn func(cfg *syslog.RawConfig) (*LogSink, error)
+
+// LogSink is a single log sink, to which log records may be sent.
+type LogSink struct {
+	SendCloser
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/sinks/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/sinks/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/sinks/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/sinks/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package sinks_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/sinks/syslog.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/sinks/syslog.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/sinks/syslog.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/sinks/syslog.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,44 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package sinks
+
+import (
+	"github.com/juju/errors"
+
+	"github.com/juju/juju/logfwd"
+	"github.com/juju/juju/logfwd/syslog"
+	"github.com/juju/juju/worker/logforwarder"
+)
+
+// OpenSyslog returns a sink used to receive log messages to be forwarded.
+func OpenSyslog(cfg *syslog.RawConfig) (*logforwarder.LogSink, error) {
+	if !cfg.Enabled {
+		return nil, errors.New("log forwarding not enabled")
+	}
+	client, err := syslog.Open(*cfg)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	if client == nil {
+		// TODO(axw) we should be returning an error
+		// which we interpret up the stack.
+		return &logforwarder.LogSink{
+			SendCloser: emptySendCloser{},
+		}, nil
+	}
+	sink := &logforwarder.LogSink{
+		SendCloser: client,
+	}
+	return sink, nil
+}
+
+type emptySendCloser struct{}
+
+func (emptySendCloser) Send([]logfwd.Record) error {
+	return nil
+}
+
+func (emptySendCloser) Close() error {
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/tracker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/tracker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logforwarder/tracker.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logforwarder/tracker.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,116 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package logforwarder
+
+import (
+	"github.com/juju/errors"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/api/base"
+	logfwdapi "github.com/juju/juju/api/logfwd"
+	"github.com/juju/juju/logfwd"
+	"github.com/juju/juju/logfwd/syslog"
+)
+
+// TrackingSinkArgs holds the args to OpenTrackingSender.
+type TrackingSinkArgs struct {
+	// AllModels indicates that the tracker is handling all models.
+	AllModels bool
+
+	// Config is the logging config that will be used.
+	Config *syslog.RawConfig
+
+	// Caller is the API caller that will be used.
+	Caller base.APICaller
+
+	// Name is the name given to the log sink.
+	Name string
+
+	// OpenSink is the function that opens the underlying log sink that
+	// will be wrapped.
+	OpenSink LogSinkFn
+}
+
+// OpenTrackingSink opens a log record sender to use with a worker.
+// The sender also tracks records that were successfully sent.
+func OpenTrackingSink(args TrackingSinkArgs) (*LogSink, error) {
+	sink, err := args.OpenSink(args.Config)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	return &LogSink{
+		&trackingSender{
+			SendCloser: sink,
+			tracker:    newLastSentTracker(args.Name, args.Caller),
+		},
+	}, nil
+}
+
+type trackingSender struct {
+	SendCloser
+	tracker   *lastSentTracker
+	allModels bool
+}
+
+// Send implements Sender.
+func (s *trackingSender) Send(records []logfwd.Record) error {
+	if err := s.SendCloser.Send(records); err != nil {
+		return errors.Trace(err)
+	}
+	if err := s.tracker.setLastSent(s.allModels, records); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+type lastSentTracker struct {
+	sink   string
+	client *logfwdapi.LastSentClient
+}
+
+func newLastSentTracker(sink string, caller base.APICaller) *lastSentTracker {
+	client := logfwdapi.NewLastSentClient(func(name string) logfwdapi.FacadeCaller {
+		return base.NewFacadeCaller(caller, name)
+	})
+	return &lastSentTracker{
+		sink:   sink,
+		client: client,
+	}
+}
+
+func (lst lastSentTracker) setLastSent(allModels bool, records []logfwd.Record) error {
+	// The records are received and sent in order, so we only need to
+	// call SetLastSent for the last record.
+	if len(records) == 0 {
+		return nil
+	}
+	rec := records[len(records)-1]
+	model := rec.Origin.ModelUUID
+	if allModels {
+		model = ""
+	}
+	var modelTag names.ModelTag
+	if model != "" {
+		if !names.IsValidModel(model) {
+			return errors.Errorf("bad model UUID %q", model)
+		}
+		modelTag = names.NewModelTag(model)
+	}
+	results, err := lst.client.SetLastSent([]logfwdapi.LastSentInfo{{
+		LastSentID: logfwdapi.LastSentID{
+			Model: modelTag,
+			Sink:  lst.sink,
+		},
+		RecordID:        rec.ID,
+		RecordTimestamp: rec.Timestamp,
+	}})
+	if err != nil {
+		return errors.Trace(err)
+	}
+	if err := results[0].Error; err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logger/logger_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logger/logger_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logger/logger_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logger/logger_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apilogger "github.com/juju/juju/api/logger"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logger/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logger/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logger/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logger/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,23 +7,23 @@
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/logger"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a
 // Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs a logger
 // worker, using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
-// newWorker trivially wraps NewLogger to specialise a util.AgentApiManifold.
+// newWorker trivially wraps NewLogger to specialise a engine.AgentApiManifold.
 var newWorker = func(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
 	currentConfig := a.CurrentConfig()
 	loggerFacade := logger.NewState(apiCaller)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/logsender"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
@@ -21,10 +21,10 @@
 // Manifold returns a dependency manifold that runs a logger
 // worker, using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.ApiManifoldConfig{
+	typedConfig := engine.ApiManifoldConfig{
 		APICallerName: config.APICallerName,
 	}
-	return util.ApiManifold(typedConfig, config.newWorker)
+	return engine.ApiManifold(typedConfig, config.newWorker)
 }
 
 func (config ManifoldConfig) newWorker(apiCaller base.APICaller) (worker.Worker, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package logsender_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,7 +32,7 @@
 					Time:     rec.Time,
 					Module:   rec.Module,
 					Location: rec.Location,
-					Level:    rec.Level,
+					Level:    rec.Level.String(),
 					Message:  rec.Message,
 				})
 				if err != nil {
@@ -57,7 +57,7 @@
 					err := logWriter.WriteLog(&params.LogRecord{
 						Time:    rec.Time,
 						Module:  loggerName,
-						Level:   loggo.WARNING,
+						Level:   loggo.WARNING.String(),
 						Message: fmt.Sprintf("%d log messages dropped due to lack of API connectivity", rec.DroppedAfter),
 					})
 					if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/logsender/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/logsender/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"time"
 
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 
 	"github.com/juju/juju/api"
@@ -18,6 +18,7 @@
 	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/testing"
 	"github.com/juju/juju/testing/factory"
+	"github.com/juju/juju/version"
 	"github.com/juju/juju/worker/logsender"
 )
 
@@ -76,7 +77,7 @@
 	// database.
 	var expectedDocs []bson.M
 	for i := 0; i < logCount; i++ {
-		ts := time.Now().Truncate(time.Millisecond)
+		ts := time.Now()
 		location := fmt.Sprintf("loc%d", i)
 		message := fmt.Sprintf("%d", i)
 
@@ -89,8 +90,9 @@
 		}
 
 		expectedDocs = append(expectedDocs, bson.M{
-			"t": ts,
+			"t": ts.UnixNano(),
 			"e": s.State.ModelUUID(),
+			"r": version.Current.String(),
 			"n": s.machineTag.String(),
 			"m": "logsender-test",
 			"l": location,
@@ -131,7 +133,7 @@
 
 	// Send a log record which indicates some messages after it were
 	// dropped.
-	ts := time.Now().Truncate(time.Millisecond)
+	ts := time.Now()
 	logsCh <- &logsender.LogRecord{
 		Time:         ts,
 		Module:       "aaa",
@@ -171,8 +173,9 @@
 	c.Assert(docs[0]["x"], gc.Equals, "message0")
 	delete(docs[1], "_id")
 	c.Assert(docs[1], gc.DeepEquals, bson.M{
-		"t": ts, // Should share timestamp with previous message.
+		"t": ts.UnixNano(), // Should share timestamp with previous message.
 		"e": s.State.ModelUUID(),
+		"r": version.Current.String(),
 		"n": s.machineTag.String(),
 		"m": "juju.worker.logsender",
 		"l": "",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/fixture_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/fixture_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/fixture_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/fixture_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,8 +12,8 @@
 	"github.com/juju/juju/watcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/workertest"
-	"github.com/juju/names"
 	"github.com/juju/testing"
+	"gopkg.in/juju/names.v2"
 )
 
 var actionNotFoundErr = errors.New("action not found")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"github.com/juju/errors"
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // ManifoldConfig describes the dependencies of a machine action runner.
@@ -23,7 +23,7 @@
 	NewWorker func(WorkerConfig) (worker.Worker, error)
 }
 
-// start is used by util.AgentApiManifold to create a StartFunc.
+// start is used by engine.AgentApiManifold to create a StartFunc.
 func (config ManifoldConfig) start(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
 	machineTag, ok := a.CurrentConfig().Tag().(names.MachineTag)
 	if !ok {
@@ -39,9 +39,9 @@
 
 // Manifold returns a dependency.Manifold as configured.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig{
+	typedConfig := engine.AgentApiManifoldConfig{
 		AgentName:     config.AgentName,
 		APICallerName: config.APICallerName,
 	}
-	return util.AgentApiManifold(typedConfig, config.start)
+	return engine.AgentApiManifold(typedConfig, config.start)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 	"github.com/juju/juju/watcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 var logger = loggo.GetLogger("juju.worker.machineactions")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machineactions/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machineactions/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/worker/machineactions"
 	"github.com/juju/juju/worker/workertest"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 )
 
 type WorkerSuite struct {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,6 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package machinelock
-
-var CreateLock = &createLock
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/manifold.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,44 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package machinelock
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	cmdutil "github.com/juju/juju/cmd/jujud/util"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-)
-
-// createLock exists to be patched out in export_test.go
-var createLock = cmdutil.HookExecutionLock
-
-// ManifoldConfig specifies the names a machinelock manifold should use to
-// address its dependencies.
-type ManifoldConfig util.AgentManifoldConfig
-
-// Manifold returns a dependency.Manifold that governs the construction of
-// and access to a machine-wide lock intended to prevent various operations
-// from running concurrently and interfering with one another. Examples (are
-// not limited to): hook executions, package installation, synchronisation
-// of reboots.
-// Clients can access the lock by passing a **fslock.Lock into the out param
-// of their dependency.Context's Get method.
-func Manifold(config ManifoldConfig) dependency.Manifold {
-	manifold := util.AgentManifold(util.AgentManifoldConfig(config), newWorker)
-	manifold.Output = util.ValueWorkerOutput
-	return manifold
-}
-
-// newWorker creates a degenerate worker that provides access to an fslock.
-func newWorker(a agent.Agent) (worker.Worker, error) {
-	dataDir := a.CurrentConfig().DataDir()
-	lock, err := createLock(dataDir)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return util.NewValueWorker(lock)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/manifold_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,137 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package machinelock_test
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/fslock"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	dt "github.com/juju/juju/worker/dependency/testing"
-	"github.com/juju/juju/worker/machinelock"
-)
-
-type ManifoldSuite struct {
-	testing.IsolationSuite
-	testing.Stub
-	manifold dependency.Manifold
-	context  dependency.Context
-	lock     *fslock.Lock
-}
-
-var _ = gc.Suite(&ManifoldSuite{})
-
-func (s *ManifoldSuite) SetUpTest(c *gc.C) {
-	s.IsolationSuite.SetUpTest(c)
-	s.Stub = testing.Stub{}
-	s.manifold = machinelock.Manifold(machinelock.ManifoldConfig{
-		AgentName: "agent-name",
-	})
-	s.context = dt.StubContext(nil, map[string]interface{}{
-		"agent-name": &dummyAgent{},
-	})
-
-	lock, err := fslock.NewLock(c.MkDir(), "test-lock", fslock.Defaults())
-	c.Assert(err, jc.ErrorIsNil)
-	s.lock = lock
-	s.PatchValue(machinelock.CreateLock, func(dataDir string) (*fslock.Lock, error) {
-		s.AddCall("createLock", dataDir)
-		if err := s.NextErr(); err != nil {
-			return nil, err
-		}
-		return s.lock, nil
-	})
-}
-
-func (s *ManifoldSuite) TestInputs(c *gc.C) {
-	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{"agent-name"})
-}
-
-func (s *ManifoldSuite) TestStartMissingAgent(c *gc.C) {
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name": dependency.ErrMissing,
-	})
-	worker, err := s.manifold.Start(context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.Equals, dependency.ErrMissing)
-	s.CheckCalls(c, nil)
-}
-
-func (s *ManifoldSuite) TestStartError(c *gc.C) {
-	s.SetErrors(errors.New("no lock for you"))
-	worker, err := s.manifold.Start(s.context)
-	c.Check(worker, gc.IsNil)
-	c.Check(err, gc.ErrorMatches, "no lock for you")
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "createLock",
-		Args:     []interface{}{"/path/to/data/dir"},
-	}})
-}
-
-func (s *ManifoldSuite) setupWorkerTest(c *gc.C) worker.Worker {
-	worker, err := s.manifold.Start(s.context)
-	c.Check(err, jc.ErrorIsNil)
-	s.AddCleanup(func(c *gc.C) {
-		worker.Kill()
-		err := worker.Wait()
-		c.Check(err, jc.ErrorIsNil)
-	})
-	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "createLock",
-		Args:     []interface{}{"/path/to/data/dir"},
-	}})
-	return worker
-}
-
-func (s *ManifoldSuite) TestStartSuccess(c *gc.C) {
-	s.setupWorkerTest(c)
-}
-
-func (s *ManifoldSuite) TestOutputSuccess(c *gc.C) {
-	worker := s.setupWorkerTest(c)
-	var lock *fslock.Lock
-	err := s.manifold.Output(worker, &lock)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(lock, gc.Equals, s.lock)
-}
-
-func (s *ManifoldSuite) TestOutputBadWorker(c *gc.C) {
-	var lock *fslock.Lock
-	err := s.manifold.Output(&dummyWorker{}, &lock)
-	c.Check(err, gc.ErrorMatches, "in should be a \\*valueWorker; is .*")
-	c.Check(lock, gc.IsNil)
-}
-
-func (s *ManifoldSuite) TestOutputBadTarget(c *gc.C) {
-	worker := s.setupWorkerTest(c)
-	var lock int
-	err := s.manifold.Output(worker, &lock)
-	c.Check(err, gc.ErrorMatches, "cannot output into \\*int")
-	c.Check(lock, gc.Equals, 0)
-}
-
-type dummyAgent struct {
-	agent.Agent
-}
-
-func (_ dummyAgent) CurrentConfig() agent.Config {
-	return &dummyAgentConfig{}
-}
-
-type dummyAgentConfig struct {
-	agent.Config
-}
-
-func (_ dummyAgentConfig) DataDir() string {
-	return "/path/to/data/dir"
-}
-
-type dummyWorker struct {
-	worker.Worker
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machinelock/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machinelock/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package machinelock_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/machiner.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/machiner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/machiner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/machiner.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common/networkingcommon"
 	"github.com/juju/juju/apiserver/params"
@@ -137,8 +137,8 @@
 	if len(hostAddresses) == 0 {
 		return nil
 	}
-	// Filter out any LXC bridge addresses.
-	hostAddresses = network.FilterLXCAddresses(hostAddresses)
+	// Filter out any LXC or LXD bridge addresses.
+	hostAddresses = network.FilterBridgeAddresses(hostAddresses)
 	logger.Infof("setting addresses for %v to %q", tag, hostAddresses)
 	return m.SetMachineAddresses(hostAddresses)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/machiner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/machiner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/machiner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/machiner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,10 +11,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apimachiner "github.com/juju/juju/api/machiner"
@@ -456,11 +456,21 @@
 		return addrs, nil
 	})
 	s.PatchValue(&network.InterfaceByNameAddrs, func(name string) ([]net.Addr, error) {
-		c.Assert(name, gc.Equals, "foobar")
-		return []net.Addr{
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
-			&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
-		}, nil
+		if name == "foobar" {
+			// The addresses on the LXC bridge
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 1)},
+				&net.IPAddr{IP: net.IPv4(10, 0, 3, 4)},
+			}, nil
+		} else if name == network.DefaultLXDBridge {
+			// The addresses on the LXD bridge
+			return []net.Addr{
+				&net.IPAddr{IP: net.IPv4(10, 0, 4, 1)},
+				&net.IPAddr{IP: net.IPv4(10, 0, 4, 4)},
+			}, nil
+		}
+		c.Fatalf("unknown bridge in testing: %v", name)
+		return nil, nil
 	})
 	s.PatchValue(&network.LXCNetDefaultConfig, lxcFakeNetConfig)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,24 +10,24 @@
 	apiagent "github.com/juju/juju/api/agent"
 	"github.com/juju/juju/api/base"
 	apimachiner "github.com/juju/juju/api/machiner"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a
 // Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs a machiner worker, using
 // the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
-// newWorker non-trivially wraps NewMachiner to specialise a util.AgentApiManifold.
+// newWorker non-trivially wraps NewMachiner to specialise a engine.AgentApiManifold.
 //
 // TODO(waigani) This function is currently covered by functional tests
 // under the machine agent. Add unit tests once infrastructure to do so is
@@ -42,12 +42,12 @@
 	//
 	// (With their own facades.)
 	agentFacade := apiagent.NewState(apiCaller)
-	envConfig, err := agentFacade.ModelConfig()
+	modelConfig, err := agentFacade.ModelConfig()
 	if err != nil {
 		return nil, errors.Errorf("cannot read environment config: %v", err)
 	}
 
-	ignoreMachineAddresses, _ := envConfig.IgnoreMachineAddresses()
+	ignoreMachineAddresses, _ := modelConfig.IgnoreMachineAddresses()
 	// Containers only have machine addresses, so we can't ignore them.
 	tag := currentConfig.Tag()
 	if names.IsContainerMachine(tag.Id()) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,8 +4,8 @@
 package machiner_test
 
 import (
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/network"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/state.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/machiner/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/machiner/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/machiner"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/connected_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/connected_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/connected_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/connected_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/fslock"
 	gc "gopkg.in/check.v1"
 
 	coretesting "github.com/juju/juju/testing"
@@ -24,7 +23,6 @@
 	stub *testing.Stub
 
 	dataDir  string
-	lock     *fslock.Lock
 	msClient *stubMeterStatusClient
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/isolated_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/isolated_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/isolated_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/isolated_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,6 @@
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
-	"github.com/juju/utils/fslock"
 	gc "gopkg.in/check.v1"
 
 	coretesting "github.com/juju/juju/testing"
@@ -31,9 +30,7 @@
 	stub *testing.Stub
 
 	dataDir string
-	lock    *fslock.Lock
-
-	clk *coretesting.Clock
+	clk     *coretesting.Clock
 
 	hookRan         chan struct{}
 	triggersCreated chan struct{}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,9 +10,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
-	"github.com/juju/utils/fslock"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
@@ -30,8 +29,9 @@
 	AgentName       string
 	APICallerName   string
 	MachineLockName string
+	Clock           clock.Clock
 
-	NewHookRunner           func(names.UnitTag, *fslock.Lock, agent.Config) HookRunner
+	NewHookRunner           func(names.UnitTag, string, agent.Config, clock.Clock) HookRunner
 	NewMeterStatusAPIClient func(base.APICaller, names.UnitTag) meterstatus.MeterStatusClient
 
 	NewConnectedStatusWorker func(ConnectedConfig) (worker.Worker, error)
@@ -44,9 +44,14 @@
 		Inputs: []string{
 			config.AgentName,
 			config.APICallerName,
-			config.MachineLockName,
 		},
 		Start: func(context dependency.Context) (worker.Worker, error) {
+			if config.Clock == nil {
+				return nil, errors.NotValidf("missing Clock")
+			}
+			if config.MachineLockName == "" {
+				return nil, errors.NotValidf("missing MachineLockName")
+			}
 			return newStatusWorker(config, context)
 		},
 	}
@@ -58,11 +63,6 @@
 		return nil, err
 	}
 
-	var machineLock *fslock.Lock
-	if err := context.Get(config.MachineLockName, &machineLock); err != nil {
-		return nil, err
-	}
-
 	tag := agent.CurrentConfig().Tag()
 	unitTag, ok := tag.(names.UnitTag)
 	if !ok {
@@ -71,7 +71,7 @@
 
 	agentConfig := agent.CurrentConfig()
 	stateFile := NewStateFile(path.Join(agentConfig.DataDir(), "meter-status.yaml"))
-	runner := config.NewHookRunner(unitTag, machineLock, agentConfig)
+	runner := config.NewHookRunner(unitTag, config.MachineLockName, agentConfig, config.Clock)
 
 	// If we don't have a valid APICaller, start a meter status
 	// worker that works without an API connection.
@@ -82,7 +82,7 @@
 		cfg := IsolatedConfig{
 			Runner:           runner,
 			StateFile:        stateFile,
-			Clock:            clock.WallClock,
+			Clock:            config.Clock,
 			AmberGracePeriod: defaultAmberGracePeriod,
 			RedGracePeriod:   defaultRedGracePeriod,
 			TriggerFactory:   GetTriggers,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,11 +7,11 @@
 	"sync"
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/fslock"
+	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
@@ -47,6 +47,7 @@
 		AgentName:               "agent-name",
 		APICallerName:           "apicaller-name",
 		MachineLockName:         "machine-lock-name",
+		Clock:                   coretesting.NewClock(time.Now()),
 		NewHookRunner:           meterstatus.NewHookRunner,
 		NewMeterStatusAPIClient: msapi.NewClient,
 
@@ -56,21 +57,16 @@
 	s.manifold = meterstatus.Manifold(s.manifoldConfig)
 	s.dataDir = c.MkDir()
 
-	locksDir := c.MkDir()
-	lock, err := fslock.NewLock(locksDir, "machine-lock", fslock.Defaults())
-	c.Assert(err, jc.ErrorIsNil)
-
 	s.resources = dt.StubResources{
-		"agent-name":        dt.StubResource{Output: &dummyAgent{dataDir: s.dataDir}},
-		"apicaller-name":    dt.StubResource{Output: &dummyAPICaller{}},
-		"machine-lock-name": dt.StubResource{Output: lock},
+		"agent-name":     dt.StubResource{Output: &dummyAgent{dataDir: s.dataDir}},
+		"apicaller-name": dt.StubResource{Output: &dummyAPICaller{}},
 	}
 }
 
 // TestInputs ensures the collect manifold has the expected defined inputs.
 func (s *ManifoldSuite) TestInputs(c *gc.C) {
 	c.Check(s.manifold.Inputs, jc.DeepEquals, []string{
-		"agent-name", "apicaller-name", "machine-lock-name",
+		"agent-name", "apicaller-name",
 	})
 }
 
@@ -78,7 +74,7 @@
 // resource dependency.
 func (s *ManifoldSuite) TestStartMissingDeps(c *gc.C) {
 	for _, missingDep := range []string{
-		"agent-name", "machine-lock-name",
+		"agent-name",
 	} {
 		testResources := dt.StubResources{}
 		for k, v := range s.resources {
@@ -110,7 +106,7 @@
 	newMSClient := func(_ base.APICaller, _ names.UnitTag) msapi.MeterStatusClient {
 		return s.msClient
 	}
-	newHookRunner := func(_ names.UnitTag, _ *fslock.Lock, _ agent.Config) meterstatus.HookRunner {
+	newHookRunner := func(_ names.UnitTag, _ string, _ agent.Config, _ clock.Clock) meterstatus.HookRunner {
 		return &stubRunner{stub: s.stub}
 	}
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/runner.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/runner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/meterstatus/runner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/meterstatus/runner.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,13 +4,13 @@
 package meterstatus
 
 import (
-	"fmt"
+	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
-	"github.com/juju/utils/fslock"
+	"github.com/juju/mutex"
+	"github.com/juju/utils/clock"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
-	"launchpad.net/tomb"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/worker/uniter"
@@ -24,40 +24,35 @@
 
 // hookRunner implements functionality for running a hook.
 type hookRunner struct {
-	machineLock *fslock.Lock
-	config      agent.Config
-	tag         names.UnitTag
+	machineLockName string
+	config          agent.Config
+	tag             names.UnitTag
+	clock           clock.Clock
 }
 
-func NewHookRunner(tag names.UnitTag, lock *fslock.Lock, config agent.Config) HookRunner {
+func NewHookRunner(tag names.UnitTag, lockName string, config agent.Config, clock clock.Clock) HookRunner {
 	return &hookRunner{
-		tag:         tag,
-		machineLock: lock,
-		config:      config,
+		tag:             tag,
+		machineLockName: lockName,
+		config:          config,
+		clock:           clock,
 	}
 }
 
 // acquireExecutionLock acquires the machine-level execution lock and returns a function to be used
 // to unlock it.
-func (w *hookRunner) acquireExecutionLock(interrupt <-chan struct{}) (func() error, error) {
-	message := "running meter-status-changed hook"
-	logger.Tracef("lock: %v", message)
-	checkTomb := func() error {
-		select {
-		case <-interrupt:
-			return tomb.ErrDying
-		default:
-			return nil
-		}
+func (w *hookRunner) acquireExecutionLock(interrupt <-chan struct{}) (mutex.Releaser, error) {
+	spec := mutex.Spec{
+		Name:   w.machineLockName,
+		Clock:  w.clock,
+		Delay:  250 * time.Millisecond,
+		Cancel: interrupt,
 	}
-	message = fmt.Sprintf("%s: %s", w.tag.String(), message)
-	if err := w.machineLock.LockWithFunc(message, checkTomb); err != nil {
-		return nil, err
+	releaser, err := mutex.Acquire(spec)
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
-	return func() error {
-		logger.Tracef("unlock: %v", message)
-		return w.machineLock.Unlock()
-	}, nil
+	return releaser, nil
 }
 
 func (w *hookRunner) RunHook(code, info string, interrupt <-chan struct{}) (runErr error) {
@@ -69,15 +64,10 @@
 		"JUJU_METER_INFO":   info,
 	})
 	r := runner.NewRunner(ctx, paths)
-	unlock, err := w.acquireExecutionLock(interrupt)
+	releaser, err := w.acquireExecutionLock(interrupt)
 	if err != nil {
 		return errors.Annotate(err, "failed to acquire machine lock")
 	}
-	defer func() {
-		unlockErr := unlock()
-		if unlockErr != nil {
-			logger.Criticalf("hook run resulted in error %v; unlock failure error: %v", runErr, unlockErr)
-		}
-	}()
+	defer releaser.Release()
 	return r.RunHook(string(hooks.MeterStatusChanged))
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/handler.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/handler.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/handler.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/handler.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,17 +9,19 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
-	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
+	"github.com/juju/juju/agent"
+	"github.com/juju/juju/worker/fortress"
 	"github.com/juju/juju/worker/metrics/spool"
+	"github.com/juju/juju/worker/uniter"
 )
 
 // handlerConfig stores configuration values for the socketListener.
 type handlerConfig struct {
+	charmdir       fortress.Guest
+	agent          agent.Agent
 	unitTag        names.UnitTag
-	charmURL       *corecharm.URL
-	validMetrics   map[string]corecharm.Metric
 	metricsFactory spool.MetricFactory
 	runner         *hookRunner
 }
@@ -34,23 +36,36 @@
 
 // Handle triggers the collect-metrics hook and writes collected metrics
 // to the specified connection.
-func (l *handler) Handle(c net.Conn) (err error) {
-	defer func() {
-		if err != nil {
-			fmt.Fprintf(c, "%v\n", err.Error())
-		} else {
-			fmt.Fprintf(c, "ok\n")
-		}
-		c.Close()
-	}()
+func (l *handler) Handle(c net.Conn, abort <-chan struct{}) error {
+	defer c.Close()
+
 	// TODO(fwereade): 2016-03-17 lp:1558657
-	err = c.SetDeadline(time.Now().Add(spool.DefaultTimeout))
+	err := c.SetDeadline(time.Now().Add(spool.DefaultTimeout))
 	if err != nil {
 		return errors.Annotate(err, "failed to set the deadline")
 	}
+
+	err = l.config.charmdir.Visit(func() error {
+		return l.do(c)
+	}, abort)
+	if err != nil {
+		fmt.Fprintf(c, "error: %v\n", err.Error())
+	} else {
+		fmt.Fprintf(c, "ok\n")
+	}
+	return errors.Trace(err)
+}
+
+func (l *handler) do(c net.Conn) error {
+	paths := uniter.NewWorkerPaths(l.config.agent.CurrentConfig().DataDir(), l.config.unitTag, "metrics-collect")
+	charmURL, validMetrics, err := readCharm(l.config.unitTag, paths)
+	if err != nil {
+		return errors.Trace(err)
+	}
+
 	recorder, err := l.config.metricsFactory.Recorder(
-		l.config.validMetrics,
-		l.config.charmURL.String(),
+		validMetrics,
+		charmURL.String(),
 		l.config.unitTag.String(),
 	)
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/handler_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/handler_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/handler_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/handler_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,11 +10,11 @@
 	"strings"
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/worker/dependency"
@@ -22,6 +22,7 @@
 	"github.com/juju/juju/worker/metrics/collect"
 	"github.com/juju/juju/worker/metrics/spool"
 	"github.com/juju/juju/worker/uniter/runner/context"
+	"github.com/juju/juju/worker/workertest"
 )
 
 type handlerSuite struct {
@@ -33,6 +34,7 @@
 	resources      dt.StubResources
 	recorder       *dummyRecorder
 	listener       *mockListener
+	mockReadCharm  *mockReadCharm
 }
 
 var _ = gc.Suite(&handlerSuite{})
@@ -88,15 +90,8 @@
 			}, nil
 		},
 	)
-	s.PatchValue(collect.ReadCharm,
-		func(_ names.UnitTag, _ context.Paths) (*corecharm.URL, map[string]corecharm.Metric, error) {
-			return corecharm.MustParseURL("local:trusty/metered-1"),
-				map[string]corecharm.Metric{
-					"pings":      corecharm.Metric{Description: "test metric", Type: corecharm.MetricTypeAbsolute},
-					"juju-units": corecharm.Metric{},
-				}, nil
-		},
-	)
+	s.mockReadCharm = &mockReadCharm{}
+	s.PatchValue(collect.ReadCharm, s.mockReadCharm.ReadCharm)
 	s.listener = &mockListener{}
 	s.PatchValue(collect.NewSocketListener, collect.NewSocketListenerFnc(s.listener))
 }
@@ -106,9 +101,7 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(worker, gc.NotNil)
 	c.Assert(s.listener.Calls(), gc.HasLen, 0)
-	worker.Kill()
-	err = worker.Wait()
-	c.Assert(err, jc.ErrorIsNil)
+	workertest.CleanKill(c, worker)
 	s.listener.CheckCall(c, 0, "Stop")
 }
 
@@ -120,16 +113,32 @@
 
 	conn, err := s.listener.trigger()
 	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(conn.Calls(), gc.HasLen, 3)
-	conn.CheckCall(c, 2, "Close")
+	conn.CheckCallNames(c, "SetDeadline", "Write", "Close")
 
 	responseString := strings.Trim(string(conn.data), " \n\t")
 	c.Assert(responseString, gc.Equals, "ok")
 	c.Assert(s.recorder.batches, gc.HasLen, 1)
 
-	worker.Kill()
-	err = worker.Wait()
+	workertest.CleanKill(c, worker)
+	s.listener.CheckCall(c, 0, "Stop")
+}
+
+func (s *handlerSuite) TestReadCharmCalledOnEachTrigger(c *gc.C) {
+	worker, err := s.manifold.Start(s.resources.Context())
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(worker, gc.NotNil)
+	c.Assert(s.listener.Calls(), gc.HasLen, 0)
+
+	_, err = s.listener.trigger()
+	c.Assert(err, jc.ErrorIsNil)
+	_, err = s.listener.trigger()
 	c.Assert(err, jc.ErrorIsNil)
+
+	s.PatchValue(collect.ReadCharm, s.mockReadCharm.ReadCharm)
+	workertest.CleanKill(c, worker)
+
+	// Expect 3 calls to ReadCharm, one on start and one per handler call
+	s.mockReadCharm.CheckCallNames(c, "ReadCharm", "ReadCharm", "ReadCharm")
 	s.listener.CheckCall(c, 0, "Stop")
 }
 
@@ -143,16 +152,14 @@
 
 	conn, err := s.listener.trigger()
 	c.Assert(err, gc.ErrorMatches, "failed to collect metrics: error adding 'juju-units' metric: well, this is embarassing")
-	c.Assert(conn.Calls(), gc.HasLen, 3)
-	conn.CheckCall(c, 2, "Close")
+	conn.CheckCallNames(c, "SetDeadline", "Write", "Close")
 
 	responseString := strings.Trim(string(conn.data), " \n\t")
-	c.Assert(responseString, gc.Matches, ".*well, this is embarassing")
+	//c.Assert(responseString, gc.Matches, ".*well, this is embarassing")
+	c.Assert(responseString, gc.Equals, `error: failed to collect metrics: error adding 'juju-units' metric: well, this is embarassing`)
 	c.Assert(s.recorder.batches, gc.HasLen, 0)
 
-	worker.Kill()
-	err = worker.Wait()
-	c.Assert(err, jc.ErrorIsNil)
+	workertest.CleanKill(c, worker)
 	s.listener.CheckCall(c, 0, "Stop")
 }
 
@@ -163,7 +170,8 @@
 
 func (l *mockListener) trigger() (*mockConnection, error) {
 	conn := &mockConnection{}
-	err := l.handler.Handle(conn)
+	dying := make(chan struct{})
+	err := l.handler.Handle(conn, dying)
 	if err != nil {
 		return conn, err
 	}
@@ -195,7 +203,8 @@
 // Write implements the net.Conn interface.
 func (c *mockConnection) Write(data []byte) (int, error) {
 	c.AddCall("Write", data)
-	c.data = data
+	c.data = make([]byte, len(data))
+	copy(c.data, data)
 	return len(data), nil
 }
 
@@ -214,3 +223,16 @@
 func (f *mockMetricFactory) Recorder(metrics map[string]corecharm.Metric, charmURL, unitTag string) (spool.MetricRecorder, error) {
 	return f.recorder, nil
 }
+
+type mockReadCharm struct {
+	testing.Stub
+}
+
+func (m *mockReadCharm) ReadCharm(unitTag names.UnitTag, paths context.Paths) (*corecharm.URL, map[string]corecharm.Metric, error) {
+	m.MethodCall(m, "ReadCharm", unitTag, paths)
+	return corecharm.MustParseURL("local:trusty/metered-1"),
+		map[string]corecharm.Metric{
+			"pings":      corecharm.Metric{Description: "test metric", Type: corecharm.MetricTypeAbsolute},
+			"juju-units": corecharm.Metric{},
+		}, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,10 +15,10 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/os"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/worker"
@@ -156,11 +156,12 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
+
 	if len(validMetrics) > 0 && charmURL.Schema == "local" {
 		h := newHandler(handlerConfig{
+			charmdir:       charmdir,
+			agent:          agent,
 			unitTag:        unitTag,
-			charmURL:       charmURL,
-			validMetrics:   validMetrics,
 			metricsFactory: metricFactory,
 			runner:         runner,
 		})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/collect/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/collect/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,11 +9,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	coretesting "github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,7 +8,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"os"
 	"path/filepath"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/httprequest"
 	"github.com/juju/juju/agent"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/sender.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/sender.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/sender.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/sender.go	2016-07-18 19:45:44.000000000 +0000
@@ -75,7 +75,7 @@
 
 // Handle sends metrics from the spool directory to the
 // controller.
-func (s *sender) Handle(c net.Conn) (err error) {
+func (s *sender) Handle(c net.Conn, _ <-chan struct{}) (err error) {
 	defer func() {
 		if err != nil {
 			fmt.Fprintf(c, "%v\n", err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/sender_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/sender_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/sender/sender_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/sender/sender_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -86,7 +86,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	conn := &mockConnection{data: []byte(fmt.Sprintf("%v\n", tmpDir))}
-	err = metricSender.Handle(conn)
+	ch := make(chan struct{})
+	err = metricSender.Handle(conn, ch)
 	c.Assert(err, jc.ErrorIsNil)
 
 	c.Assert(apiSender.batches, gc.HasLen, 1)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/listener.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/listener.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/listener.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/listener.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,7 +21,7 @@
 
 // ConnectionHandler defines the method needed to handle socket connections.
 type ConnectionHandler interface {
-	Handle(net.Conn) error
+	Handle(net.Conn, <-chan struct{}) error
 }
 
 type socketListener struct {
@@ -63,7 +63,9 @@
 			return errors.Trace(err)
 		}
 		go func() {
-			if err := l.handler.Handle(conn); err != nil {
+			err := l.handler.Handle(conn, l.t.Dying())
+			if err != nil {
+				// log the error and continue
 				logger.Errorf("request handling failed: %v", err)
 			}
 		}()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/listener_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/listener_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/listener_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/listener_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -65,7 +65,7 @@
 }
 
 // Handle implements the spool.ConnectionHandler interface.
-func (h *mockHandler) Handle(c net.Conn) error {
+func (h *mockHandler) Handle(c net.Conn, _ <-chan struct{}) error {
 	defer c.Close()
 	h.AddCall("Handle")
 	fmt.Fprintf(c, "Hello socket.")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,7 +16,7 @@
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/agent"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
@@ -78,12 +78,12 @@
 
 // ManifoldConfig specifies names a spooldirectory manifold should use to
 // address its dependencies.
-type ManifoldConfig util.AgentManifoldConfig
+type ManifoldConfig engine.AgentManifoldConfig
 
 // Manifold returns a dependency.Manifold that extracts the metrics
 // spool directory path from the agent.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	manifold := util.AgentManifold(util.AgentManifoldConfig(config), newWorker)
+	manifold := engine.AgentManifold(engine.AgentManifoldConfig(config), newWorker)
 	manifold.Output = outputFunc
 	return manifold
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/metrics_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/metrics_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metrics/spool/metrics_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metrics/spool/metrics_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"runtime"
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/worker/metrics/spool"
 	"github.com/juju/juju/worker/uniter/runner/jujuc"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/cleanup.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/cleanup.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/cleanup.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/cleanup.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,17 +12,12 @@
 	"github.com/juju/juju/worker"
 )
 
-var (
-	cleanupLogger = loggo.GetLogger("juju.worker.metricworker.cleanup")
-	notify        chan string
-)
+var cleanupLogger = loggo.GetLogger("juju.worker.metricworker.cleanup")
 
-const (
-	cleanupPeriod = time.Hour
-)
+const cleanupPeriod = time.Hour
 
 // NewCleanup creates a new periodic worker that calls the CleanupOldMetrics api.
-func NewCleanup(client metricsmanager.MetricsManagerClient) worker.Worker {
+func newCleanup(client metricsmanager.MetricsManagerClient, notify chan string) worker.Worker {
 	f := func(stopCh <-chan struct{}) error {
 		err := client.CleanupOldMetrics()
 		if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/cleanup_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/cleanup_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/cleanup_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/cleanup_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,8 +12,7 @@
 	"github.com/juju/juju/worker/metricworker"
 )
 
-type CleanupSuite struct {
-}
+type CleanupSuite struct{}
 
 var _ = gc.Suite(&CleanupSuite{})
 
@@ -21,11 +20,9 @@
 // After a single run of the cleanup worker it expects the
 // old one to be deleted
 func (s *CleanupSuite) TestCleaner(c *gc.C) {
-	notify := make(chan string)
-	cleanup := metricworker.PatchNotificationChannel(notify)
-	defer cleanup()
-	client := &mockClient{}
-	worker := metricworker.NewCleanup(client)
+	notify := make(chan string, 1)
+	var client mockClient
+	worker := metricworker.NewCleanup(&client, notify)
 	defer worker.Kill()
 	select {
 	case <-notify:
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,12 +3,8 @@
 
 package metricworker
 
-import (
-	"github.com/juju/testing"
+var (
+	NewCleanup        = newCleanup
+	NewSender         = newSender
+	NewMetricsManager = newMetricsManager
 )
-
-// PatchNotificationChannel sets the notify channel which can be used
-// in tests to know that a particular worker has called its work function.
-func PatchNotificationChannel(n chan string) func() {
-	return testing.PatchValue(&notify, n)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,18 +8,18 @@
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/metricsmanager"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig describes the resources used by metrics workers.
-type ManifoldConfig util.ApiManifoldConfig
+type ManifoldConfig engine.ApiManifoldConfig
 
 // Manifold returns a Manifold that encapsulates various metrics workers.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	return util.ApiManifold(
-		util.ApiManifoldConfig(config),
+	return engine.ApiManifold(
+		engine.ApiManifoldConfig(config),
 		manifoldStart,
 	)
 }
@@ -30,7 +30,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	w, err := NewMetricsManager(client)
+	w, err := newMetricsManager(client, nil)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/metricmanager.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/metricmanager.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/metricmanager.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/metricmanager.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 )
 
 // NewMetricsManager creates a runner that will run the metricsmanagement workers.
-func NewMetricsManager(client metricsmanager.MetricsManagerClient) (worker.Runner, error) {
+func newMetricsManager(client metricsmanager.MetricsManagerClient, notify chan string) (worker.Runner, error) {
 	// TODO(fwereade): break this out into separate manifolds (with their own facades).
 
 	// Periodic workers automatically retry so none should return an error. If they do
@@ -23,16 +23,18 @@
 	moreImportant := func(error, error) bool {
 		return false
 	}
+
 	runner := worker.NewRunner(isFatal, moreImportant, worker.RestartDelay)
 	err := runner.StartWorker("sender", func() (worker.Worker, error) {
-		return NewSender(client), nil
+		return newSender(client, notify), nil
 	})
 
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
+
 	err = runner.StartWorker("cleanup", func() (worker.Worker, error) {
-		return NewCleanup(client), nil
+		return newCleanup(client, notify), nil
 	})
 	if err != nil {
 		return nil, errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/metricmanager_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/metricmanager_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/metricmanager_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/metricmanager_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,10 +19,8 @@
 
 func (s *MetricManagerSuite) TestRunner(c *gc.C) {
 	notify := make(chan string, 2)
-	cleanup := metricworker.PatchNotificationChannel(notify)
-	defer cleanup()
-	client := &mockClient{}
-	_, err := metricworker.NewMetricsManager(client)
+	var client mockClient
+	_, err := metricworker.NewMetricsManager(&client, notify)
 	c.Assert(err, jc.ErrorIsNil)
 	expectedCalls := map[string]bool{}
 	for i := 0; i < 2; i++ {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/sender.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/sender.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/sender.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/sender.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,17 +12,13 @@
 	"github.com/juju/juju/worker"
 )
 
-var (
-	senderLogger = loggo.GetLogger("juju.worker.metricworker.sender")
-)
+var senderLogger = loggo.GetLogger("juju.worker.metricworker.sender")
 
-const (
-	senderPeriod = 5 * time.Minute
-)
+const senderPeriod = 5 * time.Minute
 
 // NewSender creates a new periodic worker that sends metrics
 // to a collection service.
-func NewSender(client metricsmanager.MetricsManagerClient) worker.Worker {
+func newSender(client metricsmanager.MetricsManagerClient, notify chan string) worker.Worker {
 	f := func(stopCh <-chan struct{}) error {
 		err := client.SendMetrics()
 		if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/sender_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/sender_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/metricworker/sender_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/metricworker/sender_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,29 +9,20 @@
 
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/juju/testing"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/worker/metricworker"
 )
 
-type SenderSuite struct {
-	testing.JujuConnSuite
-}
+type SenderSuite struct{}
 
 var _ = gc.Suite(&SenderSuite{})
 
-func (s *SenderSuite) SetUpTest(c *gc.C) {
-	s.JujuConnSuite.SetUpTest(c)
-}
-
 // TestSend create 2 metrics, one sent and one not sent.
 // It confirms that one metric is sent.
 func (s *SenderSuite) TestSender(c *gc.C) {
-	notify := make(chan string)
-	cleanup := metricworker.PatchNotificationChannel(notify)
-	defer cleanup()
-	client := &mockClient{}
-	worker := metricworker.NewSender(client)
+	notify := make(chan string, 1)
+	var client mockClient
+	worker := metricworker.NewSender(&client, notify)
 	select {
 	case <-notify:
 	case <-time.After(coretesting.LongWait):
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationflag/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationflag/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationflag/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationflag/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"github.com/juju/errors"
 
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
@@ -72,7 +72,7 @@
 	return dependency.Manifold{
 		Inputs: []string{config.APICallerName},
 		Start:  config.start,
-		Output: util.FlagOutput,
+		Output: engine.FlagOutput,
 		Filter: bounceErrChanged,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationflag/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationflag/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationflag/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationflag/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	gc "gopkg.in/check.v1"
 
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 	dt "github.com/juju/juju/worker/dependency/testing"
@@ -31,7 +31,7 @@
 func (*ManifoldSuite) TestOutputBadWorker(c *gc.C) {
 	manifold := migrationflag.Manifold(migrationflag.ManifoldConfig{})
 	in := &struct{ worker.Worker }{}
-	var out util.Flag
+	var out engine.Flag
 	err := manifold.Output(in, &out)
 	c.Check(err, gc.ErrorMatches, "expected in to implement Flag; got a .*")
 }
@@ -47,7 +47,7 @@
 func (*ManifoldSuite) TestOutputBadInput(c *gc.C) {
 	manifold := migrationflag.Manifold(migrationflag.ManifoldConfig{})
 	in := &migrationflag.Worker{}
-	var out util.Flag
+	var out engine.Flag
 	err := manifold.Output(in, &out)
 	c.Check(err, jc.ErrorIsNil)
 	c.Check(out, gc.Equals, in)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationflag/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationflag/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationflag/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationflag/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/core/migration"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationmaster/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationmaster/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationmaster/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationmaster/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	masterapi "github.com/juju/juju/api/migrationmaster"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationminion/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationminion/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/migrationminion/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/migrationminion/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package migrationminion_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/minunitsworker/minunitsworker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/minunitsworker/minunitsworker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/minunitsworker/minunitsworker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/minunitsworker/minunitsworker.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 
 var logger = loggo.GetLogger("juju.worker.minunitsworker")
 
-// MinUnitsWorker ensures the minimum number of units for services is respected.
+// MinUnitsWorker ensures the minimum number of units for applications is respected.
 type MinUnitsWorker struct {
 	st *state.State
 }
@@ -31,7 +31,7 @@
 }
 
 func (mu *MinUnitsWorker) handleOneService(serviceName string) error {
-	service, err := mu.st.Service(serviceName)
+	service, err := mu.st.Application(serviceName)
 	if err != nil {
 		return err
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/minunitsworker/minunitsworker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/minunitsworker/minunitsworker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/minunitsworker/minunitsworker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/minunitsworker/minunitsworker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,7 +36,7 @@
 	_, err = wordpress.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 
-	// Set up minimum units for services.
+	// Set up minimum units for applications.
 	err = wordpress.SetMinUnits(3)
 	c.Assert(err, jc.ErrorIsNil)
 	err = mysql.SetMinUnits(2)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/noopworker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/noopworker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/noopworker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/noopworker.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package worker
 
 func NewNoOpWorker() Worker {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/peergrouper/publish.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/peergrouper/publish.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/peergrouper/publish.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/peergrouper/publish.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,18 +17,14 @@
 }
 
 type publisher struct {
-	st         apiHostPortsSetter
-	preferIPv6 bool
+	st apiHostPortsSetter
 
 	mu             sync.Mutex
 	lastAPIServers [][]network.HostPort
 }
 
-func newPublisher(st apiHostPortsSetter, preferIPv6 bool) *publisher {
-	return &publisher{
-		st:         st,
-		preferIPv6: preferIPv6,
-	}
+func newPublisher(st apiHostPortsSetter) *publisher {
+	return &publisher{st: st}
 }
 
 func (pub *publisher) publishAPIServers(apiServers [][]network.HostPort, instanceIds []instance.Id) error {
@@ -41,7 +37,7 @@
 	sortedAPIServers := make([][]network.HostPort, len(apiServers))
 	for i, hostPorts := range apiServers {
 		sortedAPIServers[i] = append([]network.HostPort{}, hostPorts...)
-		network.SortHostPorts(sortedAPIServers[i], pub.preferIPv6)
+		network.SortHostPorts(sortedAPIServers[i])
 	}
 	if apiServersEqual(sortedAPIServers, pub.lastAPIServers) {
 		logger.Debugf("API host ports have not changed")
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/peergrouper/publish_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/peergrouper/publish_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/peergrouper/publish_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/peergrouper/publish_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,7 +30,7 @@
 
 func (s *publishSuite) TestPublisherSetsAPIHostPortsOnce(c *gc.C) {
 	var mock mockAPIHostPortsSetter
-	statePublish := newPublisher(&mock, false)
+	statePublish := newPublisher(&mock)
 
 	hostPorts1 := network.NewHostPorts(1234, "testing1.invalid", "127.0.0.1")
 	hostPorts2 := network.NewHostPorts(1234, "testing2.invalid", "127.0.0.2")
@@ -58,9 +58,9 @@
 	ipV4First := network.NewHostPorts(1234, "testing1.invalid", "127.0.0.1", "::1")
 	ipV6First := network.NewHostPorts(1234, "testing1.invalid", "::1", "127.0.0.1")
 
-	check := func(preferIPv6 bool, publish, expect []network.HostPort) {
+	check := func(publish, expect []network.HostPort) {
 		var mock mockAPIHostPortsSetter
-		statePublish := newPublisher(&mock, preferIPv6)
+		statePublish := newPublisher(&mock)
 		for i := 0; i < 2; i++ {
 			err := statePublish.publishAPIServers([][]network.HostPort{publish}, nil)
 			c.Assert(err, jc.ErrorIsNil)
@@ -69,19 +69,13 @@
 		c.Assert(mock.apiHostPorts, gc.DeepEquals, [][]network.HostPort{expect})
 	}
 
-	check(false, ipV6First, ipV4First)
-	check(false, ipV4First, ipV4First)
-	check(true, ipV4First, ipV6First)
-	check(true, ipV6First, ipV6First)
+	check(ipV6First, ipV4First)
+	check(ipV4First, ipV4First)
 }
 
 func (s *publishSuite) TestPublisherRejectsNoServers(c *gc.C) {
-	check := func(preferIPv6 bool) {
-		var mock mockAPIHostPortsSetter
-		statePublish := newPublisher(&mock, preferIPv6)
-		err := statePublish.PublishAPIServers(nil, nil)
-		c.Assert(err, gc.ErrorMatches, "no api servers specified")
-	}
-	check(false)
-	check(true)
+	var mock mockAPIHostPortsSetter
+	statePublish := newPublisher(&mock)
+	err := statePublish.PublishAPIServers(nil, nil)
+	c.Assert(err, gc.ErrorMatches, "no api servers specified")
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/peergrouper/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/peergrouper/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/peergrouper/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/peergrouper/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -109,7 +109,7 @@
 // New returns a new worker that maintains the mongo replica set
 // with respect to the given state.
 func New(st *state.State) (worker.Worker, error) {
-	cfg, err := st.ModelConfig()
+	cfg, err := st.ControllerConfig()
 	if err != nil {
 		return nil, err
 	}
@@ -119,7 +119,7 @@
 		apiPort:   cfg.APIPort(),
 	}
 	supportsSpaces := networkingcommon.SupportsSpaces(shim) == nil
-	return newWorker(shim, newPublisher(st, cfg.PreferIPv6()), supportsSpaces)
+	return newWorker(shim, newPublisher(st), supportsSpaces)
 }
 
 func newWorker(st stateInterface, pub publisherInterface, supportsSpaces bool) (worker.Worker, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/broker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/broker.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/broker.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,155 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package provisioner
+
+import (
+	"github.com/juju/errors"
+	"github.com/juju/loggo"
+	"github.com/juju/utils/arch"
+	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/container"
+	"github.com/juju/juju/instance"
+	"github.com/juju/juju/network"
+	"github.com/juju/juju/tools"
+)
+
+type APICalls interface {
+	ContainerConfig() (params.ContainerConfig, error)
+	PrepareContainerInterfaceInfo(names.MachineTag) ([]network.InterfaceInfo, error)
+	GetContainerInterfaceInfo(names.MachineTag) ([]network.InterfaceInfo, error)
+	ReleaseContainerAddresses(names.MachineTag) error
+}
+
+type hostArchToolsFinder struct {
+	f ToolsFinder
+}
+
+// FindTools is defined on the ToolsFinder interface.
+func (h hostArchToolsFinder) FindTools(v version.Number, series, _ string) (tools.List, error) {
+	// Override the arch constraint with the arch of the host.
+	return h.f.FindTools(v, series, arch.HostArch())
+}
+
+// resolvConf is the full path to the resolv.conf file on the local
+// system. Defined here so it can be overriden for testing.
+var resolvConf = "/etc/resolv.conf"
+
+func prepareOrGetContainerInterfaceInfo(
+	api APICalls,
+	machineID string,
+	bridgeDevice string,
+	allocateOrMaintain bool,
+	startingNetworkInfo []network.InterfaceInfo,
+	log loggo.Logger,
+) ([]network.InterfaceInfo, error) {
+	maintain := !allocateOrMaintain
+
+	if maintain {
+		log.Debugf("not running maintenance for machine %q", machineID)
+		return nil, nil
+	}
+
+	log.Debugf("using multi-bridge networking for container %q", machineID)
+
+	containerTag := names.NewMachineTag(machineID)
+	preparedInfo, err := api.PrepareContainerInterfaceInfo(containerTag)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	log.Tracef("PrepareContainerInterfaceInfo returned %+v", preparedInfo)
+
+	return preparedInfo, nil
+}
+
+// finishNetworkConfig populates the ParentInterfaceName, DNSServers, and
+// DNSSearchDomains fields on each element, when they are not set. The given
+// bridgeDevice is used for ParentInterfaceName, while the DNS config is
+// discovered using network.ParseResolvConf(). If interfaces has zero length,
+// container.FallbackInterfaceInfo() is used as fallback.
+func finishNetworkConfig(bridgeDevice string, interfaces []network.InterfaceInfo) ([]network.InterfaceInfo, error) {
+	haveNameservers, haveSearchDomains := false, false
+	if len(interfaces) == 0 {
+		// Use the fallback network config as a last resort.
+		interfaces = container.FallbackInterfaceInfo()
+	}
+
+	results := make([]network.InterfaceInfo, len(interfaces))
+	for i, info := range interfaces {
+		if info.ParentInterfaceName == "" {
+			info.ParentInterfaceName = bridgeDevice
+		}
+
+		if len(info.DNSServers) > 0 {
+			haveNameservers = true
+		}
+
+		if len(info.DNSSearchDomains) > 0 {
+			haveSearchDomains = true
+		}
+		results[i] = info
+	}
+
+	if !haveNameservers || !haveSearchDomains {
+		logger.Warningf("incomplete DNS config found, discovering host's DNS config")
+		dnsConfig, err := network.ParseResolvConf(resolvConf)
+		if err != nil {
+			return nil, errors.Trace(err)
+		}
+
+		// Since the result is sorted, the first entry is the primary NIC. Also,
+		// results always contains at least one element.
+		results[0].DNSServers = dnsConfig.Nameservers
+		results[0].DNSSearchDomains = dnsConfig.SearchDomains
+		logger.Debugf(
+			"setting DNS servers %+v and domains %+v on container interface %q",
+			results[0].DNSServers, results[0].DNSSearchDomains, results[0].InterfaceName,
+		)
+	}
+
+	return results, nil
+}
+
+func releaseContainerAddresses(
+	api APICalls,
+	instanceID instance.Id,
+	namespace instance.Namespace,
+	log loggo.Logger,
+) {
+	containerTag, err := namespace.MachineTag(string(instanceID))
+	if err != nil {
+		// Not a reason to cause StopInstances to fail though..
+		log.Warningf("unexpected container tag %q: %v", instanceID, err)
+		return
+	}
+	err = api.ReleaseContainerAddresses(containerTag)
+	switch {
+	case err == nil:
+		log.Infof("released all addresses for container %q", containerTag.Id())
+	case errors.IsNotSupported(err):
+		log.Warningf("not releasing all addresses for container %q: %v", containerTag.Id(), err)
+	default:
+		log.Warningf(
+			"unexpected error trying to release container %q addreses: %v",
+			containerTag.Id(), err,
+		)
+	}
+}
+
+// matchHostArchTools filters the given list of tools to the host architecture.
+func matchHostArchTools(allTools tools.List) (tools.List, error) {
+	arch := arch.HostArch()
+	archTools, err := allTools.Match(tools.Filter{Arch: arch})
+	if err == tools.ErrNoMatches {
+		return nil, errors.Errorf(
+			"need tools for arch %s, only found %s",
+			arch, allTools.Arches(),
+		)
+	} else if err != nil {
+		return nil, errors.Trace(err)
+	}
+	return archTools, nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/broker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/broker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/broker_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/broker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,191 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package provisioner_test
+
+import (
+	"io/ioutil"
+	"net"
+	"path/filepath"
+
+	gitjujutesting "github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	"github.com/juju/utils/arch"
+	"github.com/juju/version"
+	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
+
+	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cloudconfig/instancecfg"
+	"github.com/juju/juju/constraints"
+	"github.com/juju/juju/environs"
+	"github.com/juju/juju/instance"
+	instancetest "github.com/juju/juju/instance/testing"
+	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/network"
+	"github.com/juju/juju/status"
+	coretesting "github.com/juju/juju/testing"
+	coretools "github.com/juju/juju/tools"
+	"github.com/juju/juju/worker/provisioner"
+)
+
+type fakeAddr struct{ value string }
+
+func (f *fakeAddr) Network() string { return "net" }
+func (f *fakeAddr) String() string {
+	if f.value != "" {
+		return f.value
+	}
+	return "fakeAddr"
+}
+
+var _ net.Addr = (*fakeAddr)(nil)
+
+type fakeAPI struct {
+	*gitjujutesting.Stub
+
+	fakeContainerConfig params.ContainerConfig
+	fakeInterfaceInfo   network.InterfaceInfo
+}
+
+var _ provisioner.APICalls = (*fakeAPI)(nil)
+
+var fakeInterfaceInfo network.InterfaceInfo = network.InterfaceInfo{
+	DeviceIndex:    0,
+	MACAddress:     "aa:bb:cc:dd:ee:ff",
+	CIDR:           "0.1.2.0/24",
+	InterfaceName:  "dummy0",
+	Address:        network.NewAddress("0.1.2.3"),
+	GatewayAddress: network.NewAddress("0.1.2.1"),
+	// Explicitly set only DNSServers, but not DNSSearchDomains to test this is
+	// detected and the latter populated by parsing the fake resolv.conf created
+	// by patchResolvConf(). See LP bug http://pad.lv/1575940 for more info.
+	DNSServers:       network.NewAddresses("ns1.dummy"),
+	DNSSearchDomains: nil,
+}
+
+var fakeContainerConfig = params.ContainerConfig{
+	UpdateBehavior:          &params.UpdateBehavior{true, true},
+	ProviderType:            "fake",
+	AuthorizedKeys:          coretesting.FakeAuthKeys,
+	SSLHostnameVerification: true,
+}
+
+func NewFakeAPI() *fakeAPI {
+	return &fakeAPI{
+		Stub:                &gitjujutesting.Stub{},
+		fakeContainerConfig: fakeContainerConfig,
+		fakeInterfaceInfo:   fakeInterfaceInfo,
+	}
+}
+
+func (f *fakeAPI) ContainerConfig() (params.ContainerConfig, error) {
+	f.MethodCall(f, "ContainerConfig")
+	if err := f.NextErr(); err != nil {
+		return params.ContainerConfig{}, err
+	}
+	return f.fakeContainerConfig, nil
+}
+
+func (f *fakeAPI) PrepareContainerInterfaceInfo(tag names.MachineTag) ([]network.InterfaceInfo, error) {
+	f.MethodCall(f, "PrepareContainerInterfaceInfo", tag)
+	if err := f.NextErr(); err != nil {
+		return nil, err
+	}
+	return []network.InterfaceInfo{f.fakeInterfaceInfo}, nil
+}
+
+func (f *fakeAPI) GetContainerInterfaceInfo(tag names.MachineTag) ([]network.InterfaceInfo, error) {
+	f.MethodCall(f, "GetContainerInterfaceInfo", tag)
+	if err := f.NextErr(); err != nil {
+		return nil, err
+	}
+	return []network.InterfaceInfo{f.fakeInterfaceInfo}, nil
+}
+
+func (f *fakeAPI) ReleaseContainerAddresses(tag names.MachineTag) error {
+	f.MethodCall(f, "ReleaseContainerAddresses", tag)
+	if err := f.NextErr(); err != nil {
+		return err
+	}
+	return nil
+}
+
+type patcher interface {
+	PatchValue(destination, source interface{})
+}
+
+func patchResolvConf(s patcher, c *gc.C) {
+	const fakeConf = `
+nameserver ns1.dummy
+search dummy invalid
+nameserver ns2.dummy
+`
+
+	fakeResolvConf := filepath.Join(c.MkDir(), "fakeresolv.conf")
+	err := ioutil.WriteFile(fakeResolvConf, []byte(fakeConf), 0644)
+	c.Assert(err, jc.ErrorIsNil)
+	s.PatchValue(provisioner.ResolvConf, fakeResolvConf)
+}
+
+func instancesFromResults(results ...*environs.StartInstanceResult) []instance.Instance {
+	instances := make([]instance.Instance, len(results))
+	for i := range results {
+		instances[i] = results[i].Instance
+	}
+	return instances
+}
+
+func assertInstancesStarted(c *gc.C, broker environs.InstanceBroker, results ...*environs.StartInstanceResult) {
+	allInstances, err := broker.AllInstances()
+	c.Assert(err, jc.ErrorIsNil)
+	instancetest.MatchInstances(c, allInstances, instancesFromResults(results...)...)
+}
+
+func makeInstanceConfig(c *gc.C, s patcher, machineId string) *instancecfg.InstanceConfig {
+	machineNonce := "fake-nonce"
+	// To isolate the tests from the host's architecture, we override it here.
+	s.PatchValue(&arch.HostArch, func() string { return arch.AMD64 })
+	apiInfo := jujutesting.FakeAPIInfo(machineId)
+	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, "released", "quantal", true, apiInfo)
+	c.Assert(err, jc.ErrorIsNil)
+	return instanceConfig
+}
+
+func makePossibleTools() coretools.List {
+	return coretools.List{&coretools.Tools{
+		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
+		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
+	}, {
+		// non-host-arch tools should be filtered out by StartInstance
+		Version: version.MustParseBinary("2.3.4-quantal-arm64"),
+		URL:     "http://tools.testing.invalid/2.3.4-quantal-arm64.tgz",
+	}}
+}
+
+func makeNoOpStatusCallback() func(settableStatus status.Status, info string, data map[string]interface{}) error {
+	return func(_ status.Status, _ string, _ map[string]interface{}) error {
+		return nil
+	}
+}
+
+func callStartInstance(c *gc.C, s patcher, broker environs.InstanceBroker, machineId string) *environs.StartInstanceResult {
+	result, err := broker.StartInstance(environs.StartInstanceParams{
+		Constraints:    constraints.Value{},
+		Tools:          makePossibleTools(),
+		InstanceConfig: makeInstanceConfig(c, s, machineId),
+		StatusCallback: makeNoOpStatusCallback(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	return result
+}
+
+func callMaintainInstance(c *gc.C, s patcher, broker environs.InstanceBroker, machineId string) {
+	err := broker.MaintainInstance(environs.StartInstanceParams{
+		Constraints:    constraints.Value{},
+		Tools:          makePossibleTools(),
+		InstanceConfig: makeInstanceConfig(c, s, machineId),
+		StatusCallback: makeNoOpStatusCallback(),
+	})
+	c.Assert(err, jc.ErrorIsNil)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/container_initialisation.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/container_initialisation.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/container_initialisation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/container_initialisation.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,20 +5,18 @@
 
 import (
 	"fmt"
-	"strconv"
 	"sync/atomic"
+	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/utils"
-	"github.com/juju/utils/exec"
-	"github.com/juju/utils/fslock"
+	"github.com/juju/mutex"
+	"github.com/juju/utils/clock"
 
 	"github.com/juju/juju/agent"
 	apiprovisioner "github.com/juju/juju/api/provisioner"
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/container/kvm"
-	"github.com/juju/juju/container/lxc"
 	"github.com/juju/juju/container/lxd"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
@@ -31,16 +29,13 @@
 // are created on the given machine. It will set up the machine to be able
 // to create containers and start a suitable provisioner.
 type ContainerSetup struct {
-	runner                worker.Runner
-	supportedContainers   []instance.ContainerType
-	imageURLGetter        container.ImageURLGetter
-	provisioner           *apiprovisioner.State
-	machine               *apiprovisioner.Machine
-	config                agent.Config
-	initLock              *fslock.Lock
-	addressableContainers bool
-	enableNAT             bool
-	lxcDefaultMTU         int
+	runner              worker.Runner
+	supportedContainers []instance.ContainerType
+	imageURLGetter      container.ImageURLGetter
+	provisioner         *apiprovisioner.State
+	machine             *apiprovisioner.Machine
+	config              agent.Config
+	initLockName        string
 
 	// Save the workerName so the worker thread can be stopped.
 	workerName string
@@ -61,7 +56,7 @@
 	Machine             *apiprovisioner.Machine
 	Provisioner         *apiprovisioner.State
 	Config              agent.Config
-	InitLock            *fslock.Lock
+	InitLockName        string
 }
 
 // NewContainerSetupHandler returns a StringsWatchHandler which is notified when
@@ -75,7 +70,7 @@
 		provisioner:         params.Provisioner,
 		config:              params.Config,
 		workerName:          params.WorkerName,
-		initLock:            params.InitLock,
+		initLockName:        params.InitLockName,
 	}
 }
 
@@ -97,7 +92,7 @@
 // Handle is called whenever containers change on the machine being watched.
 // Machines start out with no containers so the first time Handle is called,
 // it will be because a container has been added.
-func (cs *ContainerSetup) Handle(_ <-chan struct{}, containerIds []string) (resultError error) {
+func (cs *ContainerSetup) Handle(abort <-chan struct{}, containerIds []string) (resultError error) {
 	// Consume the initial watcher event.
 	if len(containerIds) == 0 {
 		return nil
@@ -110,7 +105,7 @@
 		if atomic.LoadInt32(cs.setupDone[containerType]) != 0 {
 			continue
 		}
-		if err := cs.initialiseAndStartProvisioner(containerType); err != nil {
+		if err := cs.initialiseAndStartProvisioner(abort, containerType); err != nil {
 			logger.Errorf("starting container provisioner for %v: %v", containerType, err)
 			// Just because dealing with one type of container fails, we won't exit the entire
 			// function because we still want to try and start other container types. So we
@@ -123,7 +118,7 @@
 	return resultError
 }
 
-func (cs *ContainerSetup) initialiseAndStartProvisioner(containerType instance.ContainerType) (resultError error) {
+func (cs *ContainerSetup) initialiseAndStartProvisioner(abort <-chan struct{}, containerType instance.ContainerType) (resultError error) {
 	// Flag that this container type has been handled.
 	atomic.StoreInt32(cs.setupDone[containerType], 1)
 
@@ -148,69 +143,28 @@
 	if err != nil {
 		return errors.Annotate(err, "initialising container infrastructure on host machine")
 	}
-	if err := cs.runInitialiser(containerType, initialiser); err != nil {
+	if err := cs.runInitialiser(abort, containerType, initialiser); err != nil {
 		return errors.Annotate(err, "setting up container dependencies on host machine")
 	}
 	return StartProvisioner(cs.runner, containerType, cs.provisioner, cs.config, broker, toolsFinder)
 }
 
-const etcDefaultLXCNet = `
-# Modified by Juju to enable addressable LXC containers.
-USE_LXC_BRIDGE="true"
-LXC_BRIDGE="lxcbr0"
-LXC_ADDR="10.0.3.1"
-LXC_NETMASK="255.255.255.0"
-LXC_NETWORK="10.0.3.0/24"
-LXC_DHCP_RANGE="10.0.3.2,10.0.3.254,infinite"
-LXC_DHCP_MAX="253"
-`
-
-var etcDefaultLXCNetPath = "/etc/default/lxc-net"
-
-// maybeOverrideDefaultLXCNet writes a modified version of
-// /etc/default/lxc-net file on the host before installing the lxc
-// package, if we're about to start an addressable LXC container. This
-// is needed to guarantee stable statically assigned IP addresses for
-// the container. See also runInitialiser.
-func maybeOverrideDefaultLXCNet(containerType instance.ContainerType, addressable bool) error {
-	if containerType != instance.LXC || !addressable {
-		// Nothing to do.
-		return nil
-	}
-
-	err := utils.AtomicWriteFile(etcDefaultLXCNetPath, []byte(etcDefaultLXCNet), 0644)
-	if err != nil {
-		return errors.Annotatef(err, "cannot write %q", etcDefaultLXCNetPath)
-	}
-	return nil
-}
-
 // runInitialiser runs the container initialiser with the initialisation hook held.
-func (cs *ContainerSetup) runInitialiser(containerType instance.ContainerType, initialiser container.Initialiser) error {
+func (cs *ContainerSetup) runInitialiser(abort <-chan struct{}, containerType instance.ContainerType, initialiser container.Initialiser) error {
 	logger.Debugf("running initialiser for %s containers", containerType)
-	if err := cs.initLock.Lock(fmt.Sprintf("initialise-%s", containerType)); err != nil {
-		return errors.Annotate(err, "failed to acquire initialization lock")
+	spec := mutex.Spec{
+		Name:  cs.initLockName,
+		Clock: clock.WallClock,
+		// If we don't get the lock straigh away, there is no point trying multiple
+		// times per second for an operation that is likelty to ake multiple seconds.
+		Delay:  time.Second,
+		Cancel: abort,
 	}
-	defer cs.initLock.Unlock()
-
-	// Only tweak default LXC network config when address allocation
-	// feature flag is enabled.
-	if environs.AddressAllocationEnabled(cs.config.Value(agent.ProviderType)) {
-		// In order to guarantee stable statically assigned IP addresses
-		// for LXC containers, we need to install a custom version of
-		// /etc/default/lxc-net before we install the lxc package. The
-		// custom version of lxc-net is almost the same as the original,
-		// but the defined LXC_DHCP_RANGE (used by dnsmasq to give away
-		// 10.0.3.x addresses to containers bound to lxcbr0) has infinite
-		// lease time. This is necessary, because with the default lease
-		// time of 1h, dhclient running inside each container will request
-		// a renewal from dnsmasq and replace our statically configured IP
-		// address within an hour after starting the container.
-		err := maybeOverrideDefaultLXCNet(containerType, cs.addressableContainers)
-		if err != nil {
-			return errors.Trace(err)
-		}
+	releaser, err := mutex.Acquire(spec)
+	if err != nil {
+		return errors.Annotate(err, "failed to acquire initialization lock")
 	}
+	defer releaser.Release()
 
 	if err := initialiser.Initialise(); err != nil {
 		return errors.Trace(err)
@@ -246,64 +200,13 @@
 		return nil, nil, nil, err
 	}
 
-	// Override default MTU for LXC NICs, if needed.
-	if mtu := managerConfig.PopValue(container.ConfigLXCDefaultMTU); mtu != "" {
-		value, err := strconv.Atoi(mtu)
-		if err != nil {
-			return nil, nil, nil, errors.Trace(err)
-		}
-		logger.Infof("setting MTU to %v for all LXC containers' interfaces", value)
-		cs.lxcDefaultMTU = value
-	}
-
-	// Enable IP forwarding and ARP proxying if needed.
-	if ipfwd := managerConfig.PopValue(container.ConfigIPForwarding); ipfwd != "" {
-		if err := setIPAndARPForwarding(true); err != nil {
-			return nil, nil, nil, errors.Trace(err)
-		}
-		cs.addressableContainers = true
-		logger.Infof("enabled IP forwarding and ARP proxying for containers")
-	}
-
-	// Enable NAT if needed.
-	if nat := managerConfig.PopValue(container.ConfigEnableNAT); nat != "" {
-		cs.enableNAT = true
-		logger.Infof("enabling NAT for containers")
-	}
-
 	switch containerType {
-	case instance.LXC:
-		series, err := cs.machine.Series()
-		if err != nil {
-			return nil, nil, nil, err
-		}
-
-		initialiser = lxc.NewContainerInitialiser(series)
-		broker, err = NewLxcBroker(
-			cs.provisioner,
-			cs.config,
-			managerConfig,
-			cs.imageURLGetter,
-			cs.enableNAT,
-			cs.lxcDefaultMTU,
-		)
-		if err != nil {
-			return nil, nil, nil, err
-		}
-
-		// LXC containers must have the same architecture as the host.
-		// We should call through to the finder since the version of
-		// tools running on the host may not match, but we want to
-		// override the arch constraint with the arch of the host.
-		toolsFinder = hostArchToolsFinder{toolsFinder}
-
 	case instance.KVM:
 		initialiser = kvm.NewContainerInitialiser()
 		broker, err = NewKvmBroker(
 			cs.provisioner,
 			cs.config,
 			managerConfig,
-			cs.enableNAT,
 		)
 		if err != nil {
 			logger.Errorf("failed to create new kvm broker")
@@ -316,7 +219,6 @@
 		}
 
 		initialiser = lxd.NewContainerInitialiser(series)
-		namespace := maybeGetManagerConfigNamespaces(managerConfig)
 		manager, err := lxd.NewContainerManager(managerConfig)
 		if err != nil {
 			return nil, nil, nil, err
@@ -325,8 +227,6 @@
 			cs.provisioner,
 			manager,
 			cs.config,
-			namespace,
-			cs.enableNAT,
 		)
 		if err != nil {
 			logger.Errorf("failed to create new lxd broker")
@@ -349,28 +249,14 @@
 		params.ContainerManagerConfigParams{Type: containerType},
 	)
 	if err != nil {
-		return nil, err
-	}
-	// If a namespace is specified, that should instead be used as the config name.
-	if namespace := agentConfig.Value(agent.Namespace); namespace != "" {
-		managerConfigResult.ManagerConfig[container.ConfigName] = namespace
+		return nil, errors.Trace(err)
 	}
 	managerConfig := container.ManagerConfig(managerConfigResult.ManagerConfig)
-
 	return managerConfig, nil
 }
 
 // Override for testing.
-var (
-	StartProvisioner = startProvisionerWorker
-
-	sysctlConfig = "/etc/sysctl.conf"
-)
-
-const (
-	ipForwardSysctlKey = "net.ipv4.ip_forward"
-	arpProxySysctlKey  = "net.ipv4.conf.all.proxy_arp"
-)
+var StartProvisioner = startProvisionerWorker
 
 // startProvisionerWorker kicks off a provisioner task responsible for creating containers
 // of the specified type on the machine.
@@ -395,46 +281,3 @@
 		return w, nil
 	})
 }
-
-// setIPAndARPForwarding enables or disables IP and ARP forwarding on
-// the machine. This is needed when the machine needs to host
-// addressable containers.
-var setIPAndARPForwarding = func(enabled bool) error {
-	val := "0"
-	if enabled {
-		val = "1"
-	}
-
-	runCmds := func(keyAndVal string) (err error) {
-
-		defer errors.DeferredAnnotatef(&err, "cannot set %s", keyAndVal)
-
-		commands := []string{
-			// Change it immediately:
-			fmt.Sprintf("sysctl -w %s", keyAndVal),
-
-			// Change it also on next boot:
-			fmt.Sprintf("echo '%s' | tee -a %s", keyAndVal, sysctlConfig),
-		}
-		for _, cmd := range commands {
-			result, err := exec.RunCommands(exec.RunParams{Commands: cmd})
-			if err != nil {
-				return errors.Trace(err)
-			}
-			logger.Debugf(
-				"command %q returned: code: %d, stdout: %q, stderr: %q",
-				cmd, result.Code, string(result.Stdout), string(result.Stderr),
-			)
-			if result.Code != 0 {
-				return errors.Errorf("unexpected exit code %d", result.Code)
-			}
-		}
-		return nil
-	}
-
-	err := runCmds(fmt.Sprintf("%s=%s", ipForwardSysctlKey, val))
-	if err != nil {
-		return err
-	}
-	return runCmds(fmt.Sprintf("%s=%s", arpProxySysctlKey, val))
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/container_initialisation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/container_initialisation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/container_initialisation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/container_initialisation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,33 +6,29 @@
 import (
 	"fmt"
 	"io/ioutil"
-	"os"
 	"os/exec"
-	"path/filepath"
 	"runtime"
 	"sync/atomic"
+	"time"
 
-	"github.com/juju/names"
+	"github.com/juju/mutex"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
-	"github.com/juju/utils/featureflag"
-	"github.com/juju/utils/fslock"
+	"github.com/juju/utils/clock"
 	jujuos "github.com/juju/utils/os"
 	"github.com/juju/utils/packaging/manager"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apiprovisioner "github.com/juju/juju/api/provisioner"
 	"github.com/juju/juju/container"
 	containertesting "github.com/juju/juju/container/testing"
 	"github.com/juju/juju/environs"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/juju/osenv"
-	"github.com/juju/juju/provider/dummy"
 	"github.com/juju/juju/state"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/tools"
@@ -47,10 +43,8 @@
 	p           provisioner.Provisioner
 	agentConfig agent.ConfigSetter
 	// Record the apt commands issued as part of container initialisation
-	aptCmdChan  <-chan *exec.Cmd
-	initLockDir string
-	initLock    *fslock.Lock
-	fakeLXCNet  string
+	aptCmdChan <-chan *exec.Cmd
+	lockName   string
 }
 
 var _ = gc.Suite(&ContainerSetupSuite{})
@@ -85,16 +79,7 @@
 	var err error
 	s.p, err = provisioner.NewEnvironProvisioner(s.provisioner, s.agentConfig)
 	c.Assert(err, jc.ErrorIsNil)
-
-	// Create a new container initialisation lock.
-	s.initLockDir = c.MkDir()
-	initLock, err := fslock.NewLock(s.initLockDir, "container-init", fslock.Defaults())
-	c.Assert(err, jc.ErrorIsNil)
-	s.initLock = initLock
-
-	// Patch to isolate the test from the host machine.
-	s.fakeLXCNet = filepath.Join(c.MkDir(), "lxc-net")
-	s.PatchValue(provisioner.EtcDefaultLXCNetPath, s.fakeLXCNet)
+	s.lockName = "provisioner-test"
 }
 
 func (s *ContainerSetupSuite) TearDownTest(c *gc.C) {
@@ -123,7 +108,7 @@
 		Machine:             machine,
 		Provisioner:         pr,
 		Config:              cfg,
-		InitLock:            s.initLock,
+		InitLockName:        s.lockName,
 	}
 	handler := provisioner.NewContainerSetupHandler(params)
 	runner.StartWorker(watcherName, func() (worker.Worker, error) {
@@ -174,15 +159,18 @@
 
 	s.createContainer(c, host, ctype)
 	// Consume the apt command used to initialise the container.
-	<-s.aptCmdChan
-
+	select {
+	case <-s.aptCmdChan:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("took too long to get command from channel")
+	}
 	// the container worker should have created the provisioner
 	c.Assert(atomic.LoadUint32(&provisionerStarted) > 0, jc.IsTrue)
 }
 
 func (s *ContainerSetupSuite) TestContainerProvisionerStarted(c *gc.C) {
 	// Specifically ignore LXD here, if present in instance.ContainerTypes.
-	containerTypes := []instance.ContainerType{instance.LXC, instance.KVM}
+	containerTypes := []instance.ContainerType{instance.KVM}
 	for _, ctype := range containerTypes {
 		// create a machine to host the container.
 		m, err := s.BackingState.AddOneMachine(state.MachineTemplate{
@@ -204,13 +192,6 @@
 	}
 }
 
-func (s *ContainerSetupSuite) TestLxcContainerUsesConstraintsArch(c *gc.C) {
-	// LXC should override the architecture in constraints with the
-	// host's architecture.
-	s.PatchValue(&arch.HostArch, func() string { return arch.PPC64EL })
-	s.testContainerConstraintsArch(c, instance.LXC, arch.PPC64EL)
-}
-
 func (s *ContainerSetupSuite) TestKvmContainerUsesHostArch(c *gc.C) {
 	// KVM should do what it's told, and use the architecture in
 	// constraints.
@@ -258,53 +239,19 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	s.createContainer(c, m, containerType)
-	<-s.aptCmdChan
-	c.Assert(atomic.LoadUint32(&called) > 0, jc.IsTrue)
-}
-
-func (s *ContainerSetupSuite) TestLxcContainerUsesImageURL(c *gc.C) {
-	// create a machine to host the container.
-	m, err := s.BackingState.AddOneMachine(state.MachineTemplate{
-		Series:      series.LatestLts(),
-		Jobs:        []state.MachineJob{state.JobHostUnits},
-		Constraints: s.defaultConstraints,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	err = m.SetSupportedContainers([]instance.ContainerType{instance.LXC, instance.KVM})
-	c.Assert(err, jc.ErrorIsNil)
-	current := version.Binary{
-		Number: jujuversion.Current,
-		Arch:   arch.HostArch(),
-		Series: series.HostSeries(),
+	select {
+	case <-s.aptCmdChan:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("took too long to get command from channel")
 	}
-	err = m.SetAgentVersion(current)
-	c.Assert(err, jc.ErrorIsNil)
-
-	brokerCalled := false
-	newlxcbroker := func(api provisioner.APICalls, agentConfig agent.Config, managerConfig container.ManagerConfig,
-		imageURLGetter container.ImageURLGetter, enableNAT bool, defaultMTU int) (environs.InstanceBroker, error) {
-		imageURL, err := imageURLGetter.ImageURL(instance.LXC, "trusty", "amd64")
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(imageURL, gc.Equals, "imageURL")
-		c.Assert(imageURLGetter.CACert(), gc.DeepEquals, []byte("cert"))
-		brokerCalled = true
-		return nil, fmt.Errorf("lxc broker error")
-	}
-	s.PatchValue(&provisioner.NewLxcBroker, newlxcbroker)
-	s.createContainer(c, m, instance.LXC)
-	c.Assert(brokerCalled, jc.IsTrue)
+	c.Assert(atomic.LoadUint32(&called) > 0, jc.IsTrue)
 }
 
 func (s *ContainerSetupSuite) TestContainerManagerConfigName(c *gc.C) {
 	pr := s.st.Provisioner()
-	expect := func(expect string) {
-		cfg, err := provisioner.ContainerManagerConfig(instance.KVM, pr, s.agentConfig)
-		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(cfg[container.ConfigName], gc.Equals, expect)
-	}
-	expect("juju")
-	s.agentConfig.SetValue(agent.Namespace, "any-old-thing")
-	expect("any-old-thing")
+	cfg, err := provisioner.ContainerManagerConfig(instance.KVM, pr, s.agentConfig)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(cfg[container.ConfigModelUUID], gc.Equals, coretesting.ModelTag.Id())
 }
 
 type ContainerInstance struct {
@@ -312,7 +259,7 @@
 	packages [][]string
 }
 
-func (s *ContainerSetupSuite) assertContainerInitialised(c *gc.C, cont ContainerInstance, addressable bool) {
+func (s *ContainerSetupSuite) assertContainerInitialised(c *gc.C, cont ContainerInstance) {
 	// A noop worker callback.
 	startProvisionerWorker := func(runner worker.Runner, containerType instance.ContainerType,
 		pr *apiprovisioner.State, cfg agent.Config, broker environs.InstanceBroker,
@@ -346,7 +293,7 @@
 		Constraints: s.defaultConstraints,
 	})
 	c.Assert(err, jc.ErrorIsNil)
-	err = m.SetSupportedContainers([]instance.ContainerType{instance.LXC, instance.KVM})
+	err = m.SetSupportedContainers([]instance.ContainerType{instance.LXD, instance.KVM})
 	c.Assert(err, jc.ErrorIsNil)
 	current := version.Binary{
 		Number: jujuversion.Current,
@@ -356,29 +303,16 @@
 	err = m.SetAgentVersion(current)
 	c.Assert(err, jc.ErrorIsNil)
 
-	// Before starting /etc/default/lxc-net should be missing.
-	c.Assert(s.fakeLXCNet, jc.DoesNotExist)
-
 	s.createContainer(c, m, cont.ctype)
 
-	// Only feature-flagged addressable containers modify lxc-net.
-	if addressable {
-		// After initialisation starts, but before running the
-		// initializer, lxc-net should be created if cont.ctype is LXC, as the
-		// dummy provider supports static address allocation by default.
-		if cont.ctype == instance.LXC {
-			AssertFileContains(c, s.fakeLXCNet, provisioner.EtcDefaultLXCNet)
-			defer os.Remove(s.fakeLXCNet)
-		} else {
-			c.Assert(s.fakeLXCNet, jc.DoesNotExist)
-		}
-	}
-
 	for _, pack := range cont.packages {
-		cmd := <-s.aptCmdChan
-
-		expected := append(expected_initial, pack...)
-		c.Assert(cmd.Args, gc.DeepEquals, expected)
+		select {
+		case cmd := <-s.aptCmdChan:
+			expected := append(expected_initial, pack...)
+			c.Assert(cmd.Args, gc.DeepEquals, expected)
+		case <-time.After(coretesting.LongWait):
+			c.Fatalf("took too long to get command from channel")
+		}
 	}
 }
 
@@ -387,11 +321,20 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	for _, test := range cont {
-		s.assertContainerInitialised(c, test, false)
+		s.assertContainerInitialised(c, test)
 	}
 }
 
 func (s *ContainerSetupSuite) TestContainerInitLockError(c *gc.C) {
+	spec := mutex.Spec{
+		Name:  s.lockName,
+		Clock: clock.WallClock,
+		Delay: coretesting.ShortWait,
+	}
+	releaser, err := mutex.Acquire(spec)
+	c.Assert(err, jc.ErrorIsNil)
+	defer releaser.Release()
+
 	m, err := s.BackingState.AddOneMachine(state.MachineTemplate{
 		Series:      series.LatestLts(),
 		Jobs:        []state.MachineJob{state.JobHostUnits},
@@ -406,8 +349,6 @@
 	err = m.SetAgentVersion(current)
 	c.Assert(err, jc.ErrorIsNil)
 
-	err = os.RemoveAll(s.initLockDir)
-	c.Assert(err, jc.ErrorIsNil)
 	handler, runner := s.setupContainerWorker(c, m.Tag().(names.MachineTag))
 	runner.Kill()
 	err = runner.Wait()
@@ -415,38 +356,13 @@
 
 	_, err = handler.SetUp()
 	c.Assert(err, jc.ErrorIsNil)
-	err = handler.Handle(nil, []string{"0/lxc/0"})
+	abort := make(chan struct{})
+	close(abort)
+	err = handler.Handle(abort, []string{"0/lxd/0"})
 	c.Assert(err, gc.ErrorMatches, ".*failed to acquire initialization lock:.*")
 
 }
 
-func (s *ContainerSetupSuite) TestMaybeOverrideDefaultLXCNet(c *gc.C) {
-	for i, test := range []struct {
-		ctype          instance.ContainerType
-		addressable    bool
-		expectOverride bool
-	}{
-		{instance.KVM, false, false},
-		{instance.KVM, true, false},
-		{instance.LXC, false, false},
-		{instance.LXC, true, true}, // the only case when we override; also last
-	} {
-		c.Logf(
-			"test %d: ctype: %q, addressable: %v -> expectOverride: %v",
-			i, test.ctype, test.addressable, test.expectOverride,
-		)
-		err := provisioner.MaybeOverrideDefaultLXCNet(test.ctype, test.addressable)
-		if !c.Check(err, jc.ErrorIsNil) {
-			continue
-		}
-		if !test.expectOverride {
-			c.Check(s.fakeLXCNet, jc.DoesNotExist)
-		} else {
-			AssertFileContains(c, s.fakeLXCNet, provisioner.EtcDefaultLXCNet)
-		}
-	}
-}
-
 func AssertFileContains(c *gc.C, filename string, expectedContent ...string) {
 	// TODO(dimitern): We should put this in juju/testing repo and
 	// replace all similar checks with it.
@@ -467,99 +383,12 @@
 	}
 }
 
-type SetIPAndARPForwardingSuite struct {
-	coretesting.BaseSuite
-}
-
-func (s *SetIPAndARPForwardingSuite) SetUpSuite(c *gc.C) {
-	if runtime.GOOS == "windows" {
-		c.Skip("bug 1403084: Skipping for now")
-	}
-	s.BaseSuite.SetUpSuite(c)
-}
-
-var _ = gc.Suite(&SetIPAndARPForwardingSuite{})
-
-func (s *SetIPAndARPForwardingSuite) TestSuccess(c *gc.C) {
-	// NOTE: Because PatchExecutableAsEchoArgs does not allow us to
-	// assert on earlier invocations of the same binary (each run
-	// overwrites the last args used), we only check sysctl was called
-	// for the second key (arpProxySysctlKey). We do check the config
-	// contains both though.
-	fakeConfig := filepath.Join(c.MkDir(), "sysctl.conf")
-	testing.PatchExecutableAsEchoArgs(c, s, "sysctl")
-	s.PatchValue(provisioner.SysctlConfig, fakeConfig)
-
-	err := provisioner.SetIPAndARPForwarding(true)
-	c.Assert(err, jc.ErrorIsNil)
-	expectConf := fmt.Sprintf(
-		"%s=1\n%s=1",
-		provisioner.IPForwardSysctlKey,
-		provisioner.ARPProxySysctlKey,
-	)
-	AssertFileContains(c, fakeConfig, expectConf)
-	expectKeyVal := fmt.Sprintf("%s=1", provisioner.IPForwardSysctlKey)
-	testing.AssertEchoArgs(c, "sysctl", "-w", expectKeyVal)
-	expectKeyVal = fmt.Sprintf("%s=1", provisioner.ARPProxySysctlKey)
-	testing.AssertEchoArgs(c, "sysctl", "-w", expectKeyVal)
-
-	err = provisioner.SetIPAndARPForwarding(false)
-	c.Assert(err, jc.ErrorIsNil)
-	expectConf = fmt.Sprintf(
-		"%s=0\n%s=0",
-		provisioner.IPForwardSysctlKey,
-		provisioner.ARPProxySysctlKey,
-	)
-	AssertFileContains(c, fakeConfig, expectConf)
-	expectKeyVal = fmt.Sprintf("%s=0", provisioner.IPForwardSysctlKey)
-	testing.AssertEchoArgs(c, "sysctl", "-w", expectKeyVal)
-	expectKeyVal = fmt.Sprintf("%s=0", provisioner.ARPProxySysctlKey)
-	testing.AssertEchoArgs(c, "sysctl", "-w", expectKeyVal)
-}
-
-func (s *SetIPAndARPForwardingSuite) TestFailure(c *gc.C) {
-	fakeConfig := filepath.Join(c.MkDir(), "sysctl.conf")
-	testing.PatchExecutableThrowError(c, s, "sysctl", 123)
-	s.PatchValue(provisioner.SysctlConfig, fakeConfig)
-	expectKeyVal := fmt.Sprintf("%s=1", provisioner.IPForwardSysctlKey)
-
-	err := provisioner.SetIPAndARPForwarding(true)
-	c.Assert(err, gc.ErrorMatches, fmt.Sprintf(
-		`cannot set %s: unexpected exit code 123`, expectKeyVal),
-	)
-	_, err = os.Stat(fakeConfig)
-	c.Assert(err, jc.Satisfies, os.IsNotExist)
-}
-
 type toolsFinderFunc func(v version.Number, series string, arch string) (tools.List, error)
 
 func (t toolsFinderFunc) FindTools(v version.Number, series string, arch string) (tools.List, error) {
 	return t(v, series, arch)
 }
 
-// AddressableContainerSetupSuite only contains tests depending on the
-// address allocation feature flag being enabled.
-type AddressableContainerSetupSuite struct {
-	ContainerSetupSuite
-}
-
-var _ = gc.Suite(&AddressableContainerSetupSuite{})
-
-func (s *AddressableContainerSetupSuite) enableFeatureFlag() {
-	s.SetFeatureFlags(feature.AddressAllocation)
-	featureflag.SetFlagsFromEnvironment(osenv.JujuFeatureFlagEnvKey)
-}
-
-func (s *AddressableContainerSetupSuite) TestContainerInitialised(c *gc.C) {
-	cont, err := getContainerInstance()
-	c.Assert(err, jc.ErrorIsNil)
-
-	for _, test := range cont {
-		s.enableFeatureFlag()
-		s.assertContainerInitialised(c, test, true)
-	}
-}
-
 func getContainerInstance() (cont []ContainerInstance, err error) {
 	current_os, err := series.GetOSFromSeries(series.HostSeries())
 	if err != nil {
@@ -569,10 +398,6 @@
 	switch current_os {
 	case jujuos.CentOS:
 		cont = []ContainerInstance{
-			{instance.LXC, [][]string{
-				{"lxc"},
-				{"cloud-image-utils"},
-			}},
 			{instance.KVM, [][]string{
 				{"uvtool-libvirt"},
 				{"uvtool"},
@@ -580,10 +405,6 @@
 		}
 	default:
 		cont = []ContainerInstance{
-			{instance.LXC, [][]string{
-				{"--target-release", "precise-updates/cloud-tools", "lxc"},
-				{"--target-release", "precise-updates/cloud-tools", "cloud-image-utils"},
-			}},
 			{instance.KVM, [][]string{
 				{"uvtool-libvirt"},
 				{"uvtool"},
@@ -593,48 +414,3 @@
 
 	return cont, nil
 }
-
-// LXCDefaultMTUSuite only contains tests depending on the
-// lxc-default-mtu environment setting being set explicitly.
-type LXCDefaultMTUSuite struct {
-	ContainerSetupSuite
-}
-
-var _ = gc.Suite(&LXCDefaultMTUSuite{})
-
-func (s *LXCDefaultMTUSuite) SetUpTest(c *gc.C) {
-	// Explicitly set lxc-default-mtu before JujuConnSuite constructs
-	// the environment, as the setting is immutable.
-	s.DummyConfig = dummy.SampleConfig()
-	s.DummyConfig["lxc-default-mtu"] = 9000
-	s.ContainerSetupSuite.SetUpTest(c)
-}
-
-func (s *LXCDefaultMTUSuite) TestDefaultMTUPropagatedToNewLXCBroker(c *gc.C) {
-	// create a machine to host the container.
-	m, err := s.BackingState.AddOneMachine(state.MachineTemplate{
-		Series:      series.LatestLts(),
-		Jobs:        []state.MachineJob{state.JobHostUnits},
-		Constraints: s.defaultConstraints,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	err = m.SetSupportedContainers([]instance.ContainerType{instance.LXC, instance.KVM})
-	c.Assert(err, jc.ErrorIsNil)
-	current := version.Binary{
-		Number: jujuversion.Current,
-		Arch:   arch.HostArch(),
-		Series: series.HostSeries(),
-	}
-	err = m.SetAgentVersion(current)
-	c.Assert(err, jc.ErrorIsNil)
-
-	brokerCalled := false
-	newlxcbroker := func(api provisioner.APICalls, agentConfig agent.Config, managerConfig container.ManagerConfig, imageURLGetter container.ImageURLGetter, enableNAT bool, defaultMTU int) (environs.InstanceBroker, error) {
-		brokerCalled = true
-		c.Assert(defaultMTU, gc.Equals, 9000)
-		return nil, fmt.Errorf("lxc broker error")
-	}
-	s.PatchValue(&provisioner.NewLxcBroker, newlxcbroker)
-	s.createContainer(c, m, instance.LXC)
-	c.Assert(brokerCalled, jc.IsTrue)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,7 @@
 package provisioner
 
 import (
-	"reflect"
-
 	"github.com/juju/juju/environs/config"
-	"github.com/juju/juju/network"
 	"github.com/juju/juju/watcher"
 )
 
@@ -29,73 +26,11 @@
 }
 
 var (
-	ContainerManagerConfig     = containerManagerConfig
-	GetToolsFinder             = &getToolsFinder
-	SysctlConfig               = &sysctlConfig
-	ResolvConf                 = &resolvConf
-	LocalDNSServers            = localDNSServers
-	MustParseTemplate          = mustParseTemplate
-	RunTemplateCommand         = runTemplateCommand
-	IptablesRules              = &iptablesRules
-	NetInterfaceByName         = &netInterfaceByName
-	NetInterfaces              = &netInterfaces
-	InterfaceAddrs             = &interfaceAddrs
-	DiscoverPrimaryNIC         = discoverPrimaryNIC
-	ConfigureContainerNetwork  = configureContainerNetwork
-	MaybeOverrideDefaultLXCNet = maybeOverrideDefaultLXCNet
-	EtcDefaultLXCNetPath       = &etcDefaultLXCNetPath
-	EtcDefaultLXCNet           = etcDefaultLXCNet
-	RetryStrategyDelay         = &retryStrategyDelay
-	RetryStrategyCount         = &retryStrategyCount
-)
-
-const (
-	IPForwardSysctlKey = ipForwardSysctlKey
-	ARPProxySysctlKey  = arpProxySysctlKey
+	ContainerManagerConfig = containerManagerConfig
+	GetToolsFinder         = &getToolsFinder
+	ResolvConf             = &resolvConf
+	RetryStrategyDelay     = &retryStrategyDelay
+	RetryStrategyCount     = &retryStrategyCount
 )
 
-// SetIPAndARPForwarding calls the internal setIPAndARPForwarding and
-// then restores the mocked one.
-var SetIPAndARPForwarding func(bool) error
-
-// SetupRoutesAndIPTables calls the internal setupRoutesAndIPTables
-// and the restores the mocked one.
-var SetupRoutesAndIPTables func(string, network.Address, string, []network.InterfaceInfo, bool) error
-
-func init() {
-	// In order to isolate the host machine from the running tests,
-	// but also allow calling the original setIPAndARPForwarding and
-	// setupRoutesAndIPTables funcs to test them, we need a litte bit
-	// of reflect magic, mostly borrowed from the juju/testing
-	// pacakge.
-	newSetIPAndARPForwardingValue := reflect.ValueOf(&setIPAndARPForwarding).Elem()
-	newSetupRoutesAndIPTablesValue := reflect.ValueOf(&setupRoutesAndIPTables).Elem()
-	oldSetIPAndARPForwardingValue := reflect.New(newSetIPAndARPForwardingValue.Type()).Elem()
-	oldSetupRoutesAndIPTablesValue := reflect.New(newSetupRoutesAndIPTablesValue.Type()).Elem()
-	oldSetIPAndARPForwardingValue.Set(newSetIPAndARPForwardingValue)
-	oldSetupRoutesAndIPTablesValue.Set(newSetupRoutesAndIPTablesValue)
-	mockSetIPAndARPForwardingValue := reflect.ValueOf(
-		func(bool) error { return nil },
-	)
-	mockSetupRoutesAndIPTablesValue := reflect.ValueOf(
-		func(string, network.Address, string, []network.InterfaceInfo, bool) error { return nil },
-	)
-	switchValues := func(newValue, oldValue reflect.Value) {
-		newValue.Set(oldValue)
-	}
-	switchValues(newSetIPAndARPForwardingValue, mockSetIPAndARPForwardingValue)
-	switchValues(newSetupRoutesAndIPTablesValue, mockSetupRoutesAndIPTablesValue)
-
-	SetIPAndARPForwarding = func(v bool) error {
-		switchValues(newSetIPAndARPForwardingValue, oldSetIPAndARPForwardingValue)
-		defer switchValues(newSetIPAndARPForwardingValue, mockSetIPAndARPForwardingValue)
-		return setIPAndARPForwarding(v)
-	}
-	SetupRoutesAndIPTables = func(nic string, addr network.Address, bridge string, ifinfo []network.InterfaceInfo, enableNAT bool) error {
-		switchValues(newSetupRoutesAndIPTablesValue, oldSetupRoutesAndIPTablesValue)
-		defer switchValues(newSetupRoutesAndIPTablesValue, mockSetupRoutesAndIPTablesValue)
-		return setupRoutesAndIPTables(nic, addr, bridge, ifinfo, enableNAT)
-	}
-}
-
 var ClassifyMachine = classifyMachine
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/kvm-broker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/kvm-broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/kvm-broker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/kvm-broker.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,34 +17,26 @@
 
 var kvmLogger = loggo.GetLogger("juju.provisioner.kvm")
 
-var _ environs.InstanceBroker = (*kvmBroker)(nil)
-
 func NewKvmBroker(
 	api APICalls,
 	agentConfig agent.Config,
 	managerConfig container.ManagerConfig,
-	enableNAT bool,
 ) (environs.InstanceBroker, error) {
-	namespace := maybeGetManagerConfigNamespaces(managerConfig)
 	manager, err := kvm.NewContainerManager(managerConfig)
 	if err != nil {
 		return nil, err
 	}
 	return &kvmBroker{
 		manager:     manager,
-		namespace:   namespace,
 		api:         api,
 		agentConfig: agentConfig,
-		enableNAT:   enableNAT,
 	}, nil
 }
 
 type kvmBroker struct {
 	manager     container.Manager
-	namespace   string
 	api         APICalls
 	agentConfig agent.Config
-	enableNAT   bool
 }
 
 // StartInstance is specified in the Broker interface.
@@ -72,10 +64,8 @@
 		machineId,
 		bridgeDevice,
 		true, // allocate if possible, do not maintain existing.
-		broker.enableNAT,
 		args.NetworkInfo,
 		kvmLogger,
-		config.ProviderType,
 	)
 	if err != nil {
 		// It's not fatal (yet) if we couldn't pre-allocate addresses for the
@@ -85,8 +75,12 @@
 		args.NetworkInfo = preparedInfo
 	}
 
-	// Unlike with LXC, we don't override the default MTU to use.
 	network := container.BridgeNetworkConfig(bridgeDevice, 0, args.NetworkInfo)
+	interfaces, err := finishNetworkConfig(bridgeDevice, args.NetworkInfo)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	network.Interfaces = interfaces
 
 	// The provisioner worker will provide all tools it knows about
 	// (after applying explicitly specified constraints), which may
@@ -114,7 +108,6 @@
 		config.Proxy,
 		config.AptProxy,
 		config.AptMirror,
-		config.PreferIPv6,
 		config.EnableOSRefreshUpdate,
 		config.EnableOSUpgrade,
 	); err != nil {
@@ -125,7 +118,10 @@
 	storageConfig := &container.StorageConfig{
 		AllowMount: true,
 	}
-	inst, hardware, err := broker.manager.CreateContainer(args.InstanceConfig, series, network, storageConfig, args.StatusCallback)
+	inst, hardware, err := broker.manager.CreateContainer(
+		args.InstanceConfig, args.Constraints,
+		series, network, storageConfig, args.StatusCallback,
+	)
 	if err != nil {
 		kvmLogger.Errorf("failed to start container: %v", err)
 		return nil, err
@@ -134,15 +130,13 @@
 	return &environs.StartInstanceResult{
 		Instance:    inst,
 		Hardware:    hardware,
-		NetworkInfo: network.Interfaces,
+		NetworkInfo: interfaces,
 	}, nil
 }
 
 // MaintainInstance ensures the container's host has the required iptables and
 // routing rules to make the container visible to both the host and other
-// machines on the same subnet. This is important mostly when address allocation
-// feature flag is enabled, as otherwise we don't create additional iptables
-// rules or routes.
+// machines on the same subnet.
 func (broker *kvmBroker) MaintainInstance(args environs.StartInstanceParams) error {
 	machineID := args.InstanceConfig.MachineId
 
@@ -158,10 +152,8 @@
 		machineID,
 		bridgeDevice,
 		false, // maintain, do not allocate.
-		broker.enableNAT,
 		args.NetworkInfo,
 		kvmLogger,
-		broker.agentConfig.Value(agent.ProviderType),
 	)
 	return err
 }
@@ -175,8 +167,7 @@
 			kvmLogger.Errorf("container did not stop: %v", err)
 			return err
 		}
-		providerType := broker.agentConfig.Value(agent.ProviderType)
-		maybeReleaseContainerAddresses(broker.api, id, broker.namespace, kvmLogger, providerType)
+		releaseContainerAddresses(broker.api, id, broker.manager.Namespace(), kvmLogger)
 	}
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/kvm-broker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/kvm-broker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/kvm-broker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/kvm-broker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,37 +5,27 @@
 
 import (
 	"fmt"
-	"io/ioutil"
-	"net"
 	"path/filepath"
 	"runtime"
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
-	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
-	"github.com/juju/juju/cloudconfig/instancecfg"
-	"github.com/juju/juju/constraints"
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/container/kvm/mock"
 	kvmtesting "github.com/juju/juju/container/kvm/testing"
 	"github.com/juju/juju/environs"
-	"github.com/juju/juju/feature"
 	"github.com/juju/juju/instance"
-	instancetest "github.com/juju/juju/instance/testing"
-	jujutesting "github.com/juju/juju/juju/testing"
 	"github.com/juju/juju/network"
 	"github.com/juju/juju/state"
-	"github.com/juju/juju/status"
 	coretesting "github.com/juju/juju/testing"
-	coretools "github.com/juju/juju/tools"
 	jujuversion "github.com/juju/juju/version"
 	"github.com/juju/juju/worker/provisioner"
 )
@@ -96,204 +86,127 @@
 		})
 	c.Assert(err, jc.ErrorIsNil)
 	s.api = NewFakeAPI()
-	managerConfig := container.ManagerConfig{container.ConfigName: "juju"}
-	s.broker, err = provisioner.NewKvmBroker(s.api, s.agentConfig, managerConfig, false)
+	managerConfig := container.ManagerConfig{container.ConfigModelUUID: coretesting.ModelTag.Id()}
+	s.broker, err = provisioner.NewKvmBroker(s.api, s.agentConfig, managerConfig)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *kvmBrokerSuite) instanceConfig(c *gc.C, machineId string) *instancecfg.InstanceConfig {
-	machineNonce := "fake-nonce"
-	// To isolate the tests from the host's architecture, we override it here.
-	s.PatchValue(&arch.HostArch, func() string { return arch.AMD64 })
-	stateInfo := jujutesting.FakeStateInfo(machineId)
-	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, "released", "quantal", "", true, stateInfo, apiInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	return instanceConfig
-}
-
-func (s *kvmBrokerSuite) startInstance(c *gc.C, machineId string) instance.Instance {
-	instanceConfig := s.instanceConfig(c, machineId)
-	cons := constraints.Value{}
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}, {
-		// non-host-arch tools should be filtered out by StartInstance
-		Version: version.MustParseBinary("2.3.4-quantal-arm64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-arm64.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-	result, err := s.broker.StartInstance(environs.StartInstanceParams{
-		Constraints:    cons,
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		StatusCallback: callback,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	return result.Instance
+func (s *kvmBrokerSuite) startInstance(c *gc.C, machineId string) *environs.StartInstanceResult {
+	return callStartInstance(c, s, s.broker, machineId)
 }
 
 func (s *kvmBrokerSuite) maintainInstance(c *gc.C, machineId string) {
-	machineNonce := "fake-nonce"
-	stateInfo := jujutesting.FakeStateInfo(machineId)
-	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, "released", "quantal", "", true, stateInfo, apiInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	cons := constraints.Value{}
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-	err = s.broker.MaintainInstance(environs.StartInstanceParams{
-		Constraints:    cons,
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		StatusCallback: callback,
-	})
-	c.Assert(err, jc.ErrorIsNil)
+	callMaintainInstance(c, s, s.broker, machineId)
 }
 
 func (s *kvmBrokerSuite) TestStartInstance(c *gc.C) {
 	machineId := "1/kvm/0"
-	s.SetFeatureFlags(feature.AddressAllocation)
-	kvm := s.startInstance(c, machineId)
+	result := s.startInstance(c, machineId)
 	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
 		FuncName: "ContainerConfig",
 	}, {
 		FuncName: "PrepareContainerInterfaceInfo",
 		Args:     []interface{}{names.NewMachineTag("1-kvm-0")},
 	}})
-	c.Assert(kvm.Id(), gc.Equals, instance.Id("juju-machine-1-kvm-0"))
-	s.assertInstances(c, kvm)
-}
-
-func (s *kvmBrokerSuite) TestStartInstanceAddressAllocationDisabled(c *gc.C) {
-	machineId := "1/kvm/0"
-	kvm := s.startInstance(c, machineId)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "ContainerConfig",
-	}, {
-		FuncName: "PrepareContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-kvm-0")},
-	}})
-	c.Assert(kvm.Id(), gc.Equals, instance.Id("juju-machine-1-kvm-0"))
-	s.assertInstances(c, kvm)
-}
-
-func (s *kvmBrokerSuite) TestMaintainInstance(c *gc.C) {
-	machineId := "1/kvm/0"
-	s.SetFeatureFlags(feature.AddressAllocation)
-	kvm := s.startInstance(c, machineId)
-	s.api.ResetCalls()
-
-	s.maintainInstance(c, machineId)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "GetContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-kvm-0")},
-	}})
-	c.Assert(kvm.Id(), gc.Equals, instance.Id("juju-machine-1-kvm-0"))
-	s.assertInstances(c, kvm)
+	c.Assert(result.Instance.Id(), gc.Equals, instance.Id("juju-06f00d-1-kvm-0"))
+	s.assertResults(c, result)
 }
 
-func (s *kvmBrokerSuite) TestMaintainInstanceAddressAllocationDisabled(c *gc.C) {
+func (s *kvmBrokerSuite) TestMaintainInstanceAddress(c *gc.C) {
 	machineId := "1/kvm/0"
-	kvm := s.startInstance(c, machineId)
+	result := s.startInstance(c, machineId)
 	s.api.ResetCalls()
 
 	s.maintainInstance(c, machineId)
 	s.api.CheckCalls(c, []gitjujutesting.StubCall{})
-	c.Assert(kvm.Id(), gc.Equals, instance.Id("juju-machine-1-kvm-0"))
-	s.assertInstances(c, kvm)
+	c.Assert(result.Instance.Id(), gc.Equals, instance.Id("juju-06f00d-1-kvm-0"))
+	s.assertResults(c, result)
 }
 
 func (s *kvmBrokerSuite) TestStopInstance(c *gc.C) {
-	kvm0 := s.startInstance(c, "1/kvm/0")
-	kvm1 := s.startInstance(c, "1/kvm/1")
-	kvm2 := s.startInstance(c, "1/kvm/2")
+	result0 := s.startInstance(c, "1/kvm/0")
+	result1 := s.startInstance(c, "1/kvm/1")
+	result2 := s.startInstance(c, "1/kvm/2")
 
-	err := s.broker.StopInstances(kvm0.Id())
+	err := s.broker.StopInstances(result0.Instance.Id())
 	c.Assert(err, jc.ErrorIsNil)
-	s.assertInstances(c, kvm1, kvm2)
-	c.Assert(s.kvmContainerDir(kvm0), jc.DoesNotExist)
-	c.Assert(s.kvmRemovedContainerDir(kvm0), jc.IsDirectory)
+	s.assertResults(c, result1, result2)
+	c.Assert(s.kvmContainerDir(result0), jc.DoesNotExist)
+	c.Assert(s.kvmRemovedContainerDir(result0), jc.IsDirectory)
 
-	err = s.broker.StopInstances(kvm1.Id(), kvm2.Id())
+	err = s.broker.StopInstances(result1.Instance.Id(), result2.Instance.Id())
 	c.Assert(err, jc.ErrorIsNil)
-	s.assertInstances(c)
+	s.assertNoResults(c)
 }
 
 func (s *kvmBrokerSuite) TestAllInstances(c *gc.C) {
-	kvm0 := s.startInstance(c, "1/kvm/0")
-	kvm1 := s.startInstance(c, "1/kvm/1")
-	s.assertInstances(c, kvm0, kvm1)
+	result0 := s.startInstance(c, "1/kvm/0")
+	result1 := s.startInstance(c, "1/kvm/1")
+	s.assertResults(c, result0, result1)
 
-	err := s.broker.StopInstances(kvm1.Id())
+	err := s.broker.StopInstances(result1.Instance.Id())
 	c.Assert(err, jc.ErrorIsNil)
-	kvm2 := s.startInstance(c, "1/kvm/2")
-	s.assertInstances(c, kvm0, kvm2)
+	result2 := s.startInstance(c, "1/kvm/2")
+	s.assertResults(c, result0, result2)
 }
 
-func (s *kvmBrokerSuite) assertInstances(c *gc.C, inst ...instance.Instance) {
-	results, err := s.broker.AllInstances()
-	c.Assert(err, jc.ErrorIsNil)
-	instancetest.MatchInstances(c, results, inst...)
+func (s *kvmBrokerSuite) assertResults(c *gc.C, results ...*environs.StartInstanceResult) {
+	assertInstancesStarted(c, s.broker, results...)
+}
+
+func (s *kvmBrokerSuite) assertNoResults(c *gc.C) {
+	s.assertResults(c)
 }
 
-func (s *kvmBrokerSuite) kvmContainerDir(inst instance.Instance) string {
+func (s *kvmBrokerSuite) kvmContainerDir(result *environs.StartInstanceResult) string {
+	inst := result.Instance
 	return filepath.Join(s.ContainerDir, string(inst.Id()))
 }
 
-func (s *kvmBrokerSuite) kvmRemovedContainerDir(inst instance.Instance) string {
+func (s *kvmBrokerSuite) kvmRemovedContainerDir(result *environs.StartInstanceResult) string {
+	inst := result.Instance
 	return filepath.Join(s.RemovedDir, string(inst.Id()))
 }
 
 func (s *kvmBrokerSuite) TestStartInstancePopulatesNetworkInfo(c *gc.C) {
-	s.SetFeatureFlags(feature.AddressAllocation)
-	s.PatchValue(provisioner.InterfaceAddrs, func(i *net.Interface) ([]net.Addr, error) {
-		return []net.Addr{&fakeAddr{"0.1.2.1/24"}}, nil
-	})
-	fakeResolvConf := filepath.Join(c.MkDir(), "resolv.conf")
-	err := ioutil.WriteFile(fakeResolvConf, []byte("nameserver ns1.dummy\n"), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	s.PatchValue(provisioner.ResolvConf, fakeResolvConf)
+	patchResolvConf(s, c)
 
-	instanceConfig := s.instanceConfig(c, "42")
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-	result, err := s.broker.StartInstance(environs.StartInstanceParams{
-		Constraints:    constraints.Value{},
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		StatusCallback: callback,
-	})
-	c.Assert(err, jc.ErrorIsNil)
+	result := s.startInstance(c, "1/kvm/42")
 	c.Assert(result.NetworkInfo, gc.HasLen, 1)
 	iface := result.NetworkInfo[0]
-	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(iface, jc.DeepEquals, network.InterfaceInfo{
-		DeviceIndex:      0,
-		CIDR:             "0.1.2.0/24",
-		ConfigType:       network.ConfigStatic,
-		InterfaceName:    "eth0", // generated from the device index.
-		DNSServers:       network.NewAddresses("ns1.dummy"),
-		DNSSearchDomains: []string{""},
-		MACAddress:       "aa:bb:cc:dd:ee:ff",
-		Address:          network.NewAddress("0.1.2.3"),
-		GatewayAddress:   network.NewAddress("0.1.2.1"),
+		DeviceIndex:         0,
+		CIDR:                "0.1.2.0/24",
+		InterfaceName:       "dummy0",
+		ParentInterfaceName: "virbr0",
+		MACAddress:          "aa:bb:cc:dd:ee:ff",
+		Address:             network.NewAddress("0.1.2.3"),
+		GatewayAddress:      network.NewAddress("0.1.2.1"),
+		DNSServers:          network.NewAddresses("ns1.dummy", "ns2.dummy"),
+		DNSSearchDomains:    []string{"dummy", "invalid"},
 	})
 }
 
+func (s *kvmBrokerSuite) TestStartInstancePopulatesFallbackNetworkInfo(c *gc.C) {
+	patchResolvConf(s, c)
+
+	s.api.SetErrors(
+		nil, // ContainerConfig succeeds
+		errors.NotSupportedf("container address allocation"),
+	)
+	result := s.startInstance(c, "1/kvm/2")
+
+	c.Assert(result.NetworkInfo, jc.DeepEquals, []network.InterfaceInfo{{
+		DeviceIndex:         0,
+		InterfaceName:       "eth0",
+		InterfaceType:       network.EthernetInterface,
+		ConfigType:          network.ConfigDHCP,
+		ParentInterfaceName: "virbr0",
+		DNSServers:          network.NewAddresses("ns1.dummy", "ns2.dummy"),
+		DNSSearchDomains:    []string{"dummy", "invalid"},
+	}})
+}
+
 type kvmProvisionerSuite struct {
 	CommonProvisionerSuite
 	kvmSuite
@@ -368,8 +281,8 @@
 func (s *kvmProvisionerSuite) newKvmProvisioner(c *gc.C) provisioner.Provisioner {
 	machineTag := names.NewMachineTag("0")
 	agentConfig := s.AgentConfigForTag(c, machineTag)
-	managerConfig := container.ManagerConfig{container.ConfigName: "juju"}
-	broker, err := provisioner.NewKvmBroker(s.provisioner, agentConfig, managerConfig, false)
+	managerConfig := container.ManagerConfig{container.ConfigModelUUID: coretesting.ModelTag.Id()}
+	broker, err := provisioner.NewKvmBroker(s.provisioner, agentConfig, managerConfig)
 	c.Assert(err, jc.ErrorIsNil)
 	toolsFinder := (*provisioner.GetToolsFinder)(s.provisioner)
 	w, err := provisioner.NewContainerProvisioner(instance.KVM, s.provisioner, agentConfig, broker, toolsFinder)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxc-broker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxc-broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxc-broker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxc-broker.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,747 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package provisioner
-
-import (
-	"bufio"
-	"bytes"
-	"fmt"
-	"net"
-	"os"
-	"strings"
-	"text/template"
-
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-	"github.com/juju/names"
-	"github.com/juju/utils/arch"
-	"github.com/juju/utils/exec"
-	"github.com/juju/version"
-
-	"github.com/juju/juju/agent"
-	apiprovisioner "github.com/juju/juju/api/provisioner"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cloudconfig/instancecfg"
-	"github.com/juju/juju/container"
-	"github.com/juju/juju/container/lxc"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/instance"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/tools"
-)
-
-var lxcLogger = loggo.GetLogger("juju.provisioner.lxc")
-
-var _ environs.InstanceBroker = (*lxcBroker)(nil)
-
-type APICalls interface {
-	ContainerConfig() (params.ContainerConfig, error)
-	PrepareContainerInterfaceInfo(names.MachineTag) ([]network.InterfaceInfo, error)
-	GetContainerInterfaceInfo(names.MachineTag) ([]network.InterfaceInfo, error)
-	ReleaseContainerAddresses(names.MachineTag) error
-}
-
-var _ APICalls = (*apiprovisioner.State)(nil)
-
-// Override for testing.
-var NewLxcBroker = newLxcBroker
-
-func newLxcBroker(api APICalls,
-	agentConfig agent.Config,
-	managerConfig container.ManagerConfig,
-	imageURLGetter container.ImageURLGetter,
-	enableNAT bool,
-	defaultMTU int,
-) (environs.InstanceBroker, error) {
-	namespace := maybeGetManagerConfigNamespaces(managerConfig)
-	manager, err := lxc.NewContainerManager(managerConfig, imageURLGetter)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return &lxcBroker{
-		manager:     manager,
-		namespace:   namespace,
-		api:         api,
-		agentConfig: agentConfig,
-		enableNAT:   enableNAT,
-		defaultMTU:  defaultMTU,
-	}, nil
-}
-
-type lxcBroker struct {
-	manager     container.Manager
-	namespace   string
-	api         APICalls
-	agentConfig agent.Config
-	enableNAT   bool
-	defaultMTU  int
-}
-
-// StartInstance is specified in the Broker interface.
-func (broker *lxcBroker) StartInstance(args environs.StartInstanceParams) (*environs.StartInstanceResult, error) {
-	// TODO: refactor common code out of the container brokers.
-	machineId := args.InstanceConfig.MachineId
-	lxcLogger.Infof("starting lxc container for machineId: %s", machineId)
-
-	// Default to using the host network until we can configure.
-	bridgeDevice := broker.agentConfig.Value(agent.LxcBridge)
-	if bridgeDevice == "" {
-		bridgeDevice = container.DefaultLxcBridge
-	}
-
-	config, err := broker.api.ContainerConfig()
-	if err != nil {
-		lxcLogger.Errorf("failed to get container config: %v", err)
-		return nil, err
-	}
-
-	preparedInfo, err := prepareOrGetContainerInterfaceInfo(
-		broker.api,
-		machineId,
-		bridgeDevice,
-		true, // allocate if possible, do not maintain existing.
-		broker.enableNAT,
-		args.NetworkInfo,
-		lxcLogger,
-		config.ProviderType,
-	)
-	if err != nil {
-		// It's not fatal (yet) if we couldn't pre-allocate addresses for the
-		// container.
-		logger.Warningf("failed to prepare container %q network config: %v", machineId, err)
-	} else {
-		args.NetworkInfo = preparedInfo
-
-	}
-	network := container.BridgeNetworkConfig(bridgeDevice, broker.defaultMTU, args.NetworkInfo)
-
-	// The provisioner worker will provide all tools it knows about
-	// (after applying explicitly specified constraints), which may
-	// include tools for architectures other than the host's. We
-	// must constrain to the host's architecture for LXC.
-	archTools, err := matchHostArchTools(args.Tools)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	series := archTools.OneSeries()
-	args.InstanceConfig.MachineContainerType = instance.LXC
-	if err := args.InstanceConfig.SetTools(archTools); err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	storageConfig := &container.StorageConfig{
-		AllowMount: config.AllowLXCLoopMounts,
-	}
-
-	if err := instancecfg.PopulateInstanceConfig(
-		args.InstanceConfig,
-		config.ProviderType,
-		config.AuthorizedKeys,
-		config.SSLHostnameVerification,
-		config.Proxy,
-		config.AptProxy,
-		config.AptMirror,
-		config.PreferIPv6,
-		config.EnableOSRefreshUpdate,
-		config.EnableOSUpgrade,
-	); err != nil {
-		lxcLogger.Errorf("failed to populate machine config: %v", err)
-		return nil, err
-	}
-
-	inst, hardware, err := broker.manager.CreateContainer(args.InstanceConfig, series, network, storageConfig, args.StatusCallback)
-	if err != nil {
-		lxcLogger.Errorf("failed to start container: %v", err)
-		return nil, err
-	}
-	lxcLogger.Infof("started lxc container for machineId: %s, %s, %s", machineId, inst.Id(), hardware.String())
-	return &environs.StartInstanceResult{
-		Instance:    inst,
-		Hardware:    hardware,
-		NetworkInfo: network.Interfaces,
-	}, nil
-}
-
-// MaintainInstance ensures the container's host has the required iptables and
-// routing rules to make the container visible to both the host and other
-// machines on the same subnet. This is important mostly when address allocation
-// feature flag is enabled, as otherwise we don't create additional iptables
-// rules or routes.
-func (broker *lxcBroker) MaintainInstance(args environs.StartInstanceParams) error {
-	machineID := args.InstanceConfig.MachineId
-
-	// Default to using the host network until we can configure.
-	bridgeDevice := broker.agentConfig.Value(agent.LxcBridge)
-	if bridgeDevice == "" {
-		bridgeDevice = container.DefaultLxcBridge
-	}
-
-	// There's no InterfaceInfo we expect to get below.
-	_, err := prepareOrGetContainerInterfaceInfo(
-		broker.api,
-		machineID,
-		bridgeDevice,
-		false, // maintain, do not allocate.
-		broker.enableNAT,
-		args.NetworkInfo,
-		lxcLogger,
-		broker.agentConfig.Value(agent.ProviderType),
-	)
-	return err
-}
-
-// StopInstances shuts down the given instances.
-func (broker *lxcBroker) StopInstances(ids ...instance.Id) error {
-	// TODO: potentially parallelise.
-	for _, id := range ids {
-		lxcLogger.Infof("stopping lxc container for instance: %s", id)
-		if err := broker.manager.DestroyContainer(id); err != nil {
-			lxcLogger.Errorf("container did not stop: %v", err)
-			return err
-		}
-		providerType := broker.agentConfig.Value(agent.ProviderType)
-		maybeReleaseContainerAddresses(broker.api, id, broker.namespace, lxcLogger, providerType)
-	}
-	return nil
-}
-
-// AllInstances only returns running containers.
-func (broker *lxcBroker) AllInstances() (result []instance.Instance, err error) {
-	return broker.manager.ListContainers()
-}
-
-type hostArchToolsFinder struct {
-	f ToolsFinder
-}
-
-// FindTools is defined on the ToolsFinder interface.
-func (h hostArchToolsFinder) FindTools(v version.Number, series, _ string) (tools.List, error) {
-	// Override the arch constraint with the arch of the host.
-	return h.f.FindTools(v, series, arch.HostArch())
-}
-
-// resolvConf is the full path to the resolv.conf file on the local
-// system. Defined here so it can be overriden for testing.
-var resolvConf = "/etc/resolv.conf"
-
-// localDNSServers parses the /etc/resolv.conf file (if available) and
-// extracts all nameservers addresses, and the default search domain
-// and returns them.
-func localDNSServers() ([]network.Address, string, error) {
-	file, err := os.Open(resolvConf)
-	if os.IsNotExist(err) {
-		return nil, "", nil
-	} else if err != nil {
-		return nil, "", errors.Annotatef(err, "cannot open %q", resolvConf)
-	}
-	defer file.Close()
-
-	var addresses []network.Address
-	var searchDomain string
-	scanner := bufio.NewScanner(file)
-	for scanner.Scan() {
-		line := strings.TrimSpace(scanner.Text())
-		if strings.HasPrefix(line, "#") {
-			// Skip comments.
-			continue
-		}
-		if strings.HasPrefix(line, "nameserver") {
-			address := strings.TrimPrefix(line, "nameserver")
-			// Drop comments after the address, if any.
-			if strings.Contains(address, "#") {
-				address = address[:strings.Index(address, "#")]
-			}
-			address = strings.TrimSpace(address)
-			addresses = append(addresses, network.NewAddress(address))
-		}
-		if strings.HasPrefix(line, "search") {
-			searchDomain = strings.TrimPrefix(line, "search")
-			// Drop comments after the domain, if any.
-			if strings.Contains(searchDomain, "#") {
-				searchDomain = searchDomain[:strings.Index(searchDomain, "#")]
-			}
-			searchDomain = strings.TrimSpace(searchDomain)
-		}
-	}
-
-	if err := scanner.Err(); err != nil {
-		return nil, "", errors.Annotatef(err, "cannot read DNS servers from %q", resolvConf)
-	}
-	return addresses, searchDomain, nil
-}
-
-// ipRouteAdd is the command template to add a static route for
-// .ContainerIP using the .HostBridge device (usually lxcbr0 or virbr0).
-var ipRouteAdd = mustParseTemplate("ipRouteAdd", `
-ip route add {{.ContainerIP}} dev {{.HostBridge}}`[1:])
-
-type IptablesRule struct {
-	Table string
-	Chain string
-	Rule  string
-}
-
-var skipSNATRule = IptablesRule{
-	// For EC2, to get internet access we need traffic to appear with
-	// source address matching the container's host. For internal
-	// traffic we want to keep the container IP because it is used
-	// by some services. This rule sits above the SNAT rule, which
-	// changes the source address of traffic to the container host IP
-	// address, skipping this modification if the traffic destination
-	// is inside the EC2 VPC.
-	"nat",
-	"POSTROUTING",
-	"-d {{.SubnetCIDR}} -o {{.HostIF}} -j RETURN",
-}
-
-var iptablesRules = map[string]IptablesRule{
-	// iptablesCheckSNAT is the command template to verify if a SNAT
-	// rule already exists for the host NIC named .HostIF (usually
-	// eth0) and source address .HostIP (usually eth0's address). We
-	// need to check whether the rule exists because we only want to
-	// add it once. Exit code 0 means the rule exists, 1 means it
-	// doesn't.
-	"iptablesSNAT": {
-		"nat",
-		"POSTROUTING",
-		"-o {{.HostIF}} -j SNAT --to-source {{.HostIP}}",
-	}, "iptablesForwardOut": {
-		// Ensure that we have ACCEPT rules that apply to the containers that
-		// we are creating so any DROP rules added by libvirt while setting
-		// up virbr0 further down the chain don't disrupt wanted traffic.
-		"filter",
-		"FORWARD",
-		"-d {{.ContainerCIDR}} -o {{.HostBridge}} -j ACCEPT",
-	}, "iptablesForwardIn": {
-		"filter",
-		"FORWARD",
-		"-s {{.ContainerCIDR}} -i {{.HostBridge}} -j ACCEPT",
-	}}
-
-// mustParseTemplate works like template.Parse, but panics on error.
-func mustParseTemplate(name, source string) *template.Template {
-	templ, err := template.New(name).Parse(source)
-	if err != nil {
-		panic(err.Error())
-	}
-	return templ
-}
-
-// mustExecTemplate works like template.Parse followed by template.Execute,
-// but panics on error.
-func mustExecTemplate(name, tmpl string, data interface{}) string {
-	t := mustParseTemplate(name, tmpl)
-	var buf bytes.Buffer
-	if err := t.Execute(&buf, data); err != nil {
-		panic(err.Error())
-	}
-	return buf.String()
-}
-
-// runTemplateCommand executes the given template with the given data,
-// which generates a command to execute. If exitNonZeroOK is true, no
-// error is returned if the exit code is not 0, otherwise an error is
-// returned.
-func runTemplateCommand(t *template.Template, exitNonZeroOK bool, data interface{}) (
-	exitCode int, err error,
-) {
-	// Clone the template to ensure the original won't be changed.
-	cloned, err := t.Clone()
-	if err != nil {
-		return -1, errors.Annotatef(err, "cannot clone command template %q", t.Name())
-	}
-	var buf bytes.Buffer
-	if err := cloned.Execute(&buf, data); err != nil {
-		return -1, errors.Annotatef(err, "cannot execute command template %q", t.Name())
-	}
-	command := buf.String()
-	logger.Debugf("running command %q", command)
-	result, err := exec.RunCommands(exec.RunParams{Commands: command})
-	if err != nil {
-		return -1, errors.Annotatef(err, "cannot run command %q", command)
-	}
-	exitCode = result.Code
-	stdout := string(result.Stdout)
-	stderr := string(result.Stderr)
-	logger.Debugf(
-		"command %q returned code=%d, stdout=%q, stderr=%q",
-		command, exitCode, stdout, stderr,
-	)
-	if exitCode != 0 {
-		if exitNonZeroOK {
-			return exitCode, nil
-		}
-		return exitCode, errors.Errorf(
-			"command %q failed with exit code %d",
-			command, exitCode,
-		)
-	}
-	return 0, nil
-}
-
-// setupRoutesAndIPTables sets up on the host machine the needed
-// iptables rules and static routes for an addressable container.
-var setupRoutesAndIPTables = func(
-	primaryNIC string,
-	primaryAddr network.Address,
-	bridgeName string,
-	ifaceInfo []network.InterfaceInfo,
-	enableNAT bool,
-) error {
-
-	if primaryNIC == "" || primaryAddr.Value == "" || bridgeName == "" || len(ifaceInfo) == 0 {
-		return errors.Errorf("primaryNIC, primaryAddr, bridgeName, and ifaceInfo must be all set")
-	}
-
-	for _, iface := range ifaceInfo {
-		containerIP := iface.Address.Value
-		if containerIP == "" {
-			return errors.Errorf("container IP %q must be set", containerIP)
-		}
-		data := struct {
-			HostIF        string
-			HostIP        string
-			HostBridge    string
-			ContainerIP   string
-			ContainerCIDR string
-			SubnetCIDR    string
-		}{primaryNIC, primaryAddr.Value, bridgeName, containerIP, iface.CIDR, iface.CIDR}
-
-		var addRuleIfDoesNotExist = func(name string, rule IptablesRule) error {
-			check := mustExecTemplate("rule", "iptables -t {{.Table}} -C {{.Chain}} {{.Rule}}", rule)
-			t := mustParseTemplate(name+"Check", check)
-
-			code, err := runTemplateCommand(t, true, data)
-			if err != nil {
-				return errors.Trace(err)
-			}
-			switch code {
-			case 0:
-			// Rule does exist. Do nothing
-			case 1:
-				// Rule does not exist, add it. We insert the rule at the top of the list so it precedes any
-				// REJECT rules.
-				action := mustExecTemplate("action", "iptables -t {{.Table}} -I {{.Chain}} 1 {{.Rule}}", rule)
-				t = mustParseTemplate(name+"Add", action)
-				_, err = runTemplateCommand(t, false, data)
-				if err != nil {
-					return errors.Trace(err)
-				}
-			default:
-				// Unexpected code - better report it.
-				return errors.Errorf("iptables failed with unexpected exit code %d", code)
-			}
-			return nil
-		}
-
-		for name, rule := range iptablesRules {
-			if !enableNAT && name == "iptablesSNAT" {
-				// Do not add the SNAT rule if we shouldn't enable
-				// NAT.
-				continue
-			}
-			if err := addRuleIfDoesNotExist(name, rule); err != nil {
-				return err
-			}
-		}
-
-		// TODO(dooferlad): subnets should be a list of subnets in the EC2 VPC and
-		// should be empty for MAAS. See bug http://pad.lv/1443942
-		if enableNAT {
-			// Only add the following hack to allow AWS egress traffic
-			// for hosted containers to work.
-			subnets := []string{data.HostIP + "/16"}
-			for _, subnet := range subnets {
-				data.SubnetCIDR = subnet
-				if err := addRuleIfDoesNotExist("skipSNAT", skipSNATRule); err != nil {
-					return err
-				}
-			}
-		}
-
-		code, err := runTemplateCommand(ipRouteAdd, false, data)
-		// Ignore errors if the exit code was 2, which signals that the route was not added
-		// because it already exists.
-		if code != 2 && err != nil {
-			return errors.Trace(err)
-		}
-		if code == 2 {
-			logger.Tracef("route already exists - not added")
-		} else {
-			logger.Tracef("route added: container uses host network interface")
-		}
-	}
-	logger.Infof("successfully configured iptables and routes for container interfaces")
-
-	return nil
-}
-
-var (
-	netInterfaceByName = net.InterfaceByName
-	netInterfaces      = net.Interfaces
-	interfaceAddrs     = (*net.Interface).Addrs
-)
-
-func discoverPrimaryNIC() (string, network.Address, error) {
-	interfaces, err := netInterfaces()
-	if err != nil {
-		return "", network.Address{}, errors.Annotatef(err, "cannot get network interfaces")
-	}
-	logger.Tracef("trying to discover primary network interface")
-	for _, iface := range interfaces {
-		if iface.Flags&net.FlagLoopback != 0 {
-			// Skip the loopback.
-			logger.Tracef("not using loopback interface %q", iface.Name)
-			continue
-		}
-		if iface.Flags&net.FlagUp != 0 {
-			// Possibly the primary, but ensure it has an address as
-			// well.
-			logger.Tracef("verifying interface %q has addresses", iface.Name)
-			addrs, err := interfaceAddrs(&iface)
-			if err != nil {
-				return "", network.Address{}, errors.Annotatef(err, "cannot get %q addresses", iface.Name)
-			}
-			if len(addrs) > 0 {
-				// We found it.
-				// Check if it's an IP or a CIDR.
-				addr := addrs[0].String()
-				ip := net.ParseIP(addr)
-				if ip == nil {
-					// Try a CIDR.
-					ip, _, err = net.ParseCIDR(addr)
-					if err != nil {
-						return "", network.Address{}, errors.Annotatef(err, "cannot parse address %q", addr)
-					}
-				}
-				addr = ip.String()
-
-				logger.Tracef("primary network interface is %q, address %q", iface.Name, addr)
-				return iface.Name, network.NewAddress(addr), nil
-			}
-		}
-	}
-	return "", network.Address{}, errors.Errorf("cannot detect the primary network interface")
-}
-
-// configureContainerNetworking tries to allocate a static IP address
-// for the given containerId using the provisioner API, when
-// allocateAddress is true. Otherwise it configures the container with
-// an already allocated address, when allocateAddress is false (e.g.
-// after a host reboot). If the API call fails, it's not critical -
-// just a warning, and it won't cause StartInstance to fail.
-func configureContainerNetwork(
-	containerId, bridgeDevice string,
-	apiFacade APICalls,
-	ifaceInfo []network.InterfaceInfo,
-	allocateAddress bool,
-	enableNAT bool,
-) (finalIfaceInfo []network.InterfaceInfo, err error) {
-	defer func() {
-		if err != nil {
-			logger.Warningf(
-				"failed configuring a static IP for container %q: %v",
-				containerId, err,
-			)
-		}
-	}()
-
-	if len(ifaceInfo) != 0 {
-		// When we already have interface info, don't overwrite it.
-		return nil, nil
-	}
-
-	var primaryNIC string
-	var primaryAddr network.Address
-	primaryNIC, primaryAddr, err = discoverPrimaryNIC()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-
-	if allocateAddress {
-		logger.Debugf("trying to allocate a static IP for container %q", containerId)
-		finalIfaceInfo, err = apiFacade.PrepareContainerInterfaceInfo(names.NewMachineTag(containerId))
-	} else {
-		logger.Debugf("getting allocated static IP for container %q", containerId)
-		finalIfaceInfo, err = apiFacade.GetContainerInterfaceInfo(names.NewMachineTag(containerId))
-	}
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	logger.Debugf("container interface info result %#v", finalIfaceInfo)
-
-	// Populate ConfigType and DNSServers as needed.
-	var dnsServers []network.Address
-	var searchDomain string
-	dnsServers, searchDomain, err = localDNSServers()
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	// Generate the final configuration for each container interface.
-	for i, _ := range finalIfaceInfo {
-		// Always start at the first device index and generate the
-		// interface name based on that. We need to do this otherwise
-		// the container will inherit the host's device index and
-		// interface name.
-		finalIfaceInfo[i].DeviceIndex = i
-		finalIfaceInfo[i].InterfaceName = fmt.Sprintf("eth%d", i)
-		finalIfaceInfo[i].ConfigType = network.ConfigStatic
-		finalIfaceInfo[i].DNSServers = dnsServers
-		finalIfaceInfo[i].DNSSearchDomains = []string{searchDomain}
-		finalIfaceInfo[i].GatewayAddress = primaryAddr
-	}
-	err = setupRoutesAndIPTables(
-		primaryNIC,
-		primaryAddr,
-		bridgeDevice,
-		finalIfaceInfo,
-		enableNAT,
-	)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return finalIfaceInfo, nil
-}
-
-func maybeGetManagerConfigNamespaces(managerConfig container.ManagerConfig) string {
-	if len(managerConfig) == 0 {
-		return ""
-	}
-	if namespace, ok := managerConfig[container.ConfigName]; ok {
-		return namespace
-	}
-	return ""
-}
-
-func prepareOrGetContainerInterfaceInfo(
-	api APICalls,
-	machineID string,
-	bridgeDevice string,
-	allocateOrMaintain bool,
-	enableNAT bool,
-	startingNetworkInfo []network.InterfaceInfo,
-	log loggo.Logger,
-	providerType string,
-) ([]network.InterfaceInfo, error) {
-	maintain := !allocateOrMaintain
-
-	if environs.AddressAllocationEnabled(providerType) {
-		if maintain {
-			log.Debugf("running maintenance for container %q", machineID)
-		} else {
-			log.Debugf("trying to allocate static IP for container %q", machineID)
-		}
-
-		allocatedInfo, err := configureContainerNetwork(
-			machineID,
-			bridgeDevice,
-			api,
-			startingNetworkInfo,
-			allocateOrMaintain,
-			enableNAT,
-		)
-		if err != nil && !maintain {
-			log.Infof("not allocating static IP for container %q: %v", machineID, err)
-		}
-		return allocatedInfo, err
-	}
-
-	if maintain {
-		log.Debugf("address allocation disabled: Not running maintenance for machine %q", machineID)
-		return nil, nil
-	}
-
-	log.Debugf("address allocation feature flag not enabled; using multi-bridge networking for container %q", machineID)
-
-	// In case we're running on MAAS 1.8+ with devices support, we'll still
-	// call PrepareContainerInterfaceInfo(), but we'll ignore a NotSupported
-	// error if we get it (which means we're not using MAAS 1.8+).
-	containerTag := names.NewMachineTag(machineID)
-	preparedInfo, err := api.PrepareContainerInterfaceInfo(containerTag)
-	if err != nil && errors.IsNotSupported(err) {
-		log.Warningf("new container %q not registered as device: not running on MAAS 1.8+", machineID)
-		return nil, nil
-	} else if err != nil {
-		return nil, errors.Trace(err)
-	}
-	log.Tracef("PrepareContainerInterfaceInfo returned %+v", preparedInfo)
-
-	dnsServersFound := false
-	for _, info := range preparedInfo {
-		if len(info.DNSServers) > 0 {
-			dnsServersFound = true
-			break
-		}
-	}
-	if !dnsServersFound {
-		logger.Warningf("no DNS settings found, discovering the host settings")
-		dnsServers, searchDomain, err := localDNSServers()
-		if err != nil {
-			return nil, errors.Trace(err)
-		}
-
-		// Since the result is sorted, the first entry is the primary NIC.
-		preparedInfo[0].DNSServers = dnsServers
-		preparedInfo[0].DNSSearchDomains = []string{searchDomain}
-		logger.Debugf(
-			"setting DNS servers %+v and domains %+v on container interface %q",
-			preparedInfo[0].DNSServers, preparedInfo[0].DNSSearchDomains, preparedInfo[0].InterfaceName,
-		)
-	}
-
-	return preparedInfo, nil
-}
-
-func maybeReleaseContainerAddresses(
-	api APICalls,
-	instanceID instance.Id,
-	namespace string,
-	log loggo.Logger,
-	providerType string,
-) {
-	if environs.AddressAllocationEnabled(providerType) {
-		// The addresser worker will take care of the addresses.
-		return
-	}
-	// If we're not using addressable containers, we might still have used MAAS
-	// 1.8+ device to register the container when provisioning. In that case we
-	// need to attempt releasing the device, but ignore a NotSupported error
-	// (when we're not using MAAS 1.8+).
-	namespacePrefix := fmt.Sprintf("%s-", namespace)
-	tagString := strings.TrimPrefix(string(instanceID), namespacePrefix)
-	containerTag, err := names.ParseMachineTag(tagString)
-	if err != nil {
-		// Not a reason to cause StopInstances to fail though..
-		log.Warningf("unexpected container tag %q: %v", instanceID, err)
-		return
-	}
-	err = api.ReleaseContainerAddresses(containerTag)
-	switch {
-	case err == nil:
-		log.Infof("released all addresses for container %q", containerTag.Id())
-	case errors.IsNotSupported(err):
-		log.Warningf("not releasing all addresses for container %q: %v", containerTag.Id(), err)
-	default:
-		log.Warningf(
-			"unexpected error trying to release container %q addreses: %v",
-			containerTag.Id(), err,
-		)
-	}
-}
-
-// matchHostArchTools filters the given list of tools to the host architecture.
-func matchHostArchTools(allTools tools.List) (tools.List, error) {
-	arch := arch.HostArch()
-	archTools, err := allTools.Match(tools.Filter{Arch: arch})
-	if err == tools.ErrNoMatches {
-		return nil, errors.Errorf(
-			"need tools for arch %s, only found %s",
-			arch, allTools.Arches(),
-		)
-	} else if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return archTools, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxc-broker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxc-broker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxc-broker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxc-broker_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,1281 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package provisioner_test
-
-import (
-	"bytes"
-	"fmt"
-	"io/ioutil"
-	"net"
-	"path/filepath"
-	"runtime"
-	"text/template"
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/names"
-	gitjujutesting "github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils/arch"
-	"github.com/juju/utils/series"
-	"github.com/juju/utils/set"
-	"github.com/juju/version"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cloudconfig/instancecfg"
-	"github.com/juju/juju/constraints"
-	"github.com/juju/juju/container"
-	"github.com/juju/juju/container/lxc/mock"
-	lxctesting "github.com/juju/juju/container/lxc/testing"
-	containertesting "github.com/juju/juju/container/testing"
-	"github.com/juju/juju/environs"
-	"github.com/juju/juju/environs/filestorage"
-	envtesting "github.com/juju/juju/environs/testing"
-	"github.com/juju/juju/environs/tools"
-	"github.com/juju/juju/feature"
-	"github.com/juju/juju/instance"
-	instancetest "github.com/juju/juju/instance/testing"
-	jujutesting "github.com/juju/juju/juju/testing"
-	"github.com/juju/juju/network"
-	"github.com/juju/juju/state"
-	"github.com/juju/juju/status"
-	"github.com/juju/juju/storage"
-	"github.com/juju/juju/storage/provider"
-	coretesting "github.com/juju/juju/testing"
-	coretools "github.com/juju/juju/tools"
-	jujuversion "github.com/juju/juju/version"
-	"github.com/juju/juju/worker/provisioner"
-)
-
-type lxcSuite struct {
-	lxctesting.TestSuite
-	events     chan mock.Event
-	eventsDone chan struct{}
-}
-
-type lxcBrokerSuite struct {
-	lxcSuite
-	broker      environs.InstanceBroker
-	agentConfig agent.ConfigSetterWriter
-	api         *fakeAPI
-}
-
-var _ = gc.Suite(&lxcBrokerSuite{})
-
-func (s *lxcSuite) SetUpTest(c *gc.C) {
-	s.TestSuite.SetUpTest(c)
-	if runtime.GOOS == "windows" {
-		c.Skip("Skipping lxc tests on windows")
-	}
-	s.events = make(chan mock.Event)
-	s.eventsDone = make(chan struct{})
-	go func() {
-		defer close(s.eventsDone)
-		for event := range s.events {
-			c.Output(3, fmt.Sprintf("lxc event: <%s, %s>", event.Action, event.InstanceId))
-		}
-	}()
-	s.TestSuite.ContainerFactory.AddListener(s.events)
-}
-
-func (s *lxcSuite) TearDownTest(c *gc.C) {
-	close(s.events)
-	<-s.eventsDone
-	s.TestSuite.TearDownTest(c)
-}
-
-func (s *lxcBrokerSuite) SetUpTest(c *gc.C) {
-	if runtime.GOOS == "windows" {
-		c.Skip("Skipping lxc tests on windows")
-	}
-	s.lxcSuite.SetUpTest(c)
-	var err error
-	s.agentConfig, err = agent.NewAgentConfig(
-		agent.AgentConfigParams{
-			Paths:             agent.NewPathsWithDefaults(agent.Paths{DataDir: "/not/used/here"}),
-			Tag:               names.NewMachineTag("1"),
-			UpgradedToVersion: jujuversion.Current,
-			Password:          "dummy-secret",
-			Nonce:             "nonce",
-			APIAddresses:      []string{"10.0.0.1:1234"},
-			CACert:            coretesting.CACert,
-			Model:             coretesting.ModelTag,
-		})
-	c.Assert(err, jc.ErrorIsNil)
-	managerConfig := container.ManagerConfig{
-		container.ConfigName: "juju",
-		"log-dir":            c.MkDir(),
-		"use-clone":          "false",
-	}
-	s.api = NewFakeAPI()
-	s.broker, err = provisioner.NewLxcBroker(s.api, s.agentConfig, managerConfig, nil, false, 0)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *lxcBrokerSuite) instanceConfig(c *gc.C, machineId string) *instancecfg.InstanceConfig {
-	machineNonce := "fake-nonce"
-	// To isolate the tests from the host's architecture, we override it here.
-	s.PatchValue(&arch.HostArch, func() string { return arch.AMD64 })
-	stateInfo := jujutesting.FakeStateInfo(machineId)
-	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, "released", "quantal", "", true, stateInfo, apiInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	// Ensure the <rootfs>/etc/network path exists.
-	containertesting.EnsureLXCRootFSEtcNetwork(c, "juju-"+names.NewMachineTag(machineId).String())
-	return instanceConfig
-}
-
-func (s *lxcBrokerSuite) startInstance(c *gc.C, machineId string, volumes []storage.VolumeParams) instance.Instance {
-	instanceConfig := s.instanceConfig(c, machineId)
-	cons := constraints.Value{}
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}, {
-		// non-host-arch tools should be filtered out by StartInstance
-		Version: version.MustParseBinary("2.3.4-quantal-arm64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-arm64.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-	result, err := s.broker.StartInstance(environs.StartInstanceParams{
-		Constraints:    cons,
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		Volumes:        volumes,
-		StatusCallback: callback,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	return result.Instance
-}
-
-func (s *lxcBrokerSuite) maintainInstance(c *gc.C, machineId string, volumes []storage.VolumeParams) {
-	instanceConfig := s.instanceConfig(c, machineId)
-	cons := constraints.Value{}
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-	err := s.broker.MaintainInstance(environs.StartInstanceParams{
-		Constraints:    cons,
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		Volumes:        volumes,
-		StatusCallback: callback,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *lxcBrokerSuite) assertDefaultStorageConfig(c *gc.C, lxc instance.Instance) {
-	config := filepath.Join(s.LxcDir, string(lxc.Id()), "config")
-	AssertFileContents(c, gc.Not(jc.Contains), config, "lxc.aa_profile = lxc-container-default-with-mounting")
-}
-
-func (s *lxcBrokerSuite) assertDefaultNetworkConfig(c *gc.C, lxc instance.Instance) {
-	lxc_conf := filepath.Join(s.ContainerDir, string(lxc.Id()), "lxc.conf")
-	expect := []string{
-		"lxc.network.type = veth",
-		"lxc.network.link = lxcbr0",
-	}
-	AssertFileContains(c, lxc_conf, expect...)
-}
-
-func (s *lxcBrokerSuite) TestStartInstance(c *gc.C) {
-	machineId := "1/lxc/0"
-	s.SetFeatureFlags(feature.AddressAllocation)
-	lxc := s.startInstance(c, machineId, nil)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "ContainerConfig",
-	}, {
-		FuncName: "PrepareContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-lxc-0")},
-	}})
-	c.Assert(lxc.Id(), gc.Equals, instance.Id("juju-machine-1-lxc-0"))
-	c.Assert(s.lxcContainerDir(lxc), jc.IsDirectory)
-	s.assertInstances(c, lxc)
-	s.assertDefaultNetworkConfig(c, lxc)
-	s.assertDefaultStorageConfig(c, lxc)
-}
-
-func (s *lxcBrokerSuite) TestStartInstanceAddressAllocationDisabled(c *gc.C) {
-	machineId := "1/lxc/0"
-	lxc := s.startInstance(c, machineId, nil)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "ContainerConfig",
-	}, {
-		FuncName: "PrepareContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-lxc-0")},
-	}})
-	c.Assert(lxc.Id(), gc.Equals, instance.Id("juju-machine-1-lxc-0"))
-	c.Assert(s.lxcContainerDir(lxc), jc.IsDirectory)
-	s.assertInstances(c, lxc)
-	s.assertDefaultNetworkConfig(c, lxc)
-	s.assertDefaultStorageConfig(c, lxc)
-}
-
-func (s *lxcBrokerSuite) TestMaintainInstance(c *gc.C) {
-	machineId := "1/lxc/0"
-	s.SetFeatureFlags(feature.AddressAllocation)
-	lxc := s.startInstance(c, machineId, nil)
-	s.api.ResetCalls()
-
-	s.maintainInstance(c, machineId, nil)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "GetContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-lxc-0")},
-	}})
-	c.Assert(lxc.Id(), gc.Equals, instance.Id("juju-machine-1-lxc-0"))
-	c.Assert(s.lxcContainerDir(lxc), jc.IsDirectory)
-	s.assertInstances(c, lxc)
-	s.assertDefaultNetworkConfig(c, lxc)
-	s.assertDefaultStorageConfig(c, lxc)
-}
-
-func (s *lxcBrokerSuite) TestMaintainInstanceAddressAllocationDisabled(c *gc.C) {
-	machineId := "1/lxc/0"
-	lxc := s.startInstance(c, machineId, nil)
-	s.api.ResetCalls()
-
-	s.maintainInstance(c, machineId, nil)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{})
-	c.Assert(lxc.Id(), gc.Equals, instance.Id("juju-machine-1-lxc-0"))
-	c.Assert(s.lxcContainerDir(lxc), jc.IsDirectory)
-	s.assertInstances(c, lxc)
-	s.assertDefaultNetworkConfig(c, lxc)
-	s.assertDefaultStorageConfig(c, lxc)
-}
-
-func (s *lxcBrokerSuite) TestStartInstanceWithStorage(c *gc.C) {
-	s.api.fakeContainerConfig.AllowLXCLoopMounts = true
-	s.SetFeatureFlags(feature.AddressAllocation)
-
-	machineId := "1/lxc/0"
-	lxc := s.startInstance(c, machineId, []storage.VolumeParams{{Provider: provider.LoopProviderType}})
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "ContainerConfig",
-	}, {
-		FuncName: "PrepareContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-lxc-0")},
-	}})
-	c.Assert(lxc.Id(), gc.Equals, instance.Id("juju-machine-1-lxc-0"))
-	c.Assert(s.lxcContainerDir(lxc), jc.IsDirectory)
-	s.assertInstances(c, lxc)
-	// Check storage config.
-	config := filepath.Join(s.LxcDir, string(lxc.Id()), "config")
-	AssertFileContents(c, jc.Contains, config, "lxc.aa_profile = lxc-container-default-with-mounting")
-}
-
-func (s *lxcBrokerSuite) TestStartInstanceLoopMountsDisallowed(c *gc.C) {
-	s.api.fakeContainerConfig.AllowLXCLoopMounts = false
-	s.SetFeatureFlags(feature.AddressAllocation)
-	machineId := "1/lxc/0"
-	lxc := s.startInstance(c, machineId, []storage.VolumeParams{{Provider: provider.LoopProviderType}})
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "ContainerConfig",
-	}, {
-		FuncName: "PrepareContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-lxc-0")},
-	}})
-	c.Assert(lxc.Id(), gc.Equals, instance.Id("juju-machine-1-lxc-0"))
-	c.Assert(s.lxcContainerDir(lxc), jc.IsDirectory)
-	s.assertInstances(c, lxc)
-	s.assertDefaultStorageConfig(c, lxc)
-}
-
-func (s *lxcBrokerSuite) TestStartInstanceHostArch(c *gc.C) {
-	instanceConfig := s.instanceConfig(c, "1/lxc/0")
-
-	// Patch the host's arch, so the LXC broker will filter tools.
-	s.PatchValue(&arch.HostArch, func() string { return arch.PPC64EL })
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}, {
-		Version: version.MustParseBinary("2.3.4-quantal-ppc64el"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-ppc64el.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-
-	_, err := s.broker.StartInstance(environs.StartInstanceParams{
-		Constraints:    constraints.Value{},
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		StatusCallback: callback,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(instanceConfig.AgentVersion().Arch, gc.Equals, arch.PPC64EL)
-}
-
-func (s *lxcBrokerSuite) TestStartInstanceToolsArchNotFound(c *gc.C) {
-	instanceConfig := s.instanceConfig(c, "1/lxc/0")
-
-	// Patch the host's arch, so the LXC broker will filter tools.
-	s.PatchValue(&arch.HostArch, func() string { return arch.PPC64EL })
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-
-	_, err := s.broker.StartInstance(environs.StartInstanceParams{
-		Constraints:    constraints.Value{},
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		StatusCallback: callback,
-	})
-	c.Assert(err, gc.ErrorMatches, "need tools for arch ppc64el, only found \\[amd64\\]")
-}
-
-func (s *lxcBrokerSuite) TestStartInstanceWithBridgeEnviron(c *gc.C) {
-	s.agentConfig.SetValue(agent.LxcBridge, "br0")
-	machineId := "1/lxc/0"
-	lxc := s.startInstance(c, machineId, nil)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "ContainerConfig",
-	}, {
-		FuncName: "PrepareContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("1-lxc-0")},
-	}})
-	c.Assert(lxc.Id(), gc.Equals, instance.Id("juju-machine-1-lxc-0"))
-	c.Assert(s.lxcContainerDir(lxc), jc.IsDirectory)
-	s.assertInstances(c, lxc)
-	// Uses default network config
-	lxc_conf := filepath.Join(s.ContainerDir, string(lxc.Id()), "lxc.conf")
-	expect := []string{
-		"lxc.network.type = veth",
-		"lxc.network.link = br0",
-	}
-	AssertFileContains(c, lxc_conf, expect...)
-}
-
-func (s *lxcBrokerSuite) startInstancePopulatesNetworkInfo(c *gc.C) (*environs.StartInstanceResult, error) {
-	s.PatchValue(provisioner.InterfaceAddrs, func(i *net.Interface) ([]net.Addr, error) {
-		return []net.Addr{&fakeAddr{"0.1.2.1/24"}}, nil
-	})
-	fakeResolvConf := filepath.Join(c.MkDir(), "resolv.conf")
-	err := ioutil.WriteFile(fakeResolvConf, []byte("nameserver ns1.dummy\nnameserver ns2.dummy\nsearch dummy\n"), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	s.PatchValue(provisioner.ResolvConf, fakeResolvConf)
-
-	instanceConfig := s.instanceConfig(c, "42")
-	possibleTools := coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}}
-	callback := func(settableStatus status.Status, info string, data map[string]interface{}) error {
-		return nil
-	}
-
-	return s.broker.StartInstance(environs.StartInstanceParams{
-		Constraints:    constraints.Value{},
-		Tools:          possibleTools,
-		InstanceConfig: instanceConfig,
-		StatusCallback: callback,
-	})
-}
-
-func (s *lxcBrokerSuite) TestStartInstancePopulatesNetworkInfoWithAddressAllocation(c *gc.C) {
-	s.SetFeatureFlags(feature.AddressAllocation)
-	result, err := s.startInstancePopulatesNetworkInfo(c)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.NetworkInfo, gc.HasLen, 1)
-	iface := result.NetworkInfo[0]
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(iface, jc.DeepEquals, network.InterfaceInfo{
-		DeviceIndex:      0,
-		CIDR:             "0.1.2.0/24",
-		ConfigType:       network.ConfigStatic,
-		InterfaceName:    "eth0", // generated from the device index.
-		DNSServers:       network.NewAddresses("ns1.dummy", "ns2.dummy"),
-		DNSSearchDomains: []string{"dummy"},
-		MACAddress:       "aa:bb:cc:dd:ee:ff",
-		Address:          network.NewAddress("0.1.2.3"),
-		GatewayAddress:   network.NewAddress("0.1.2.1"),
-	})
-}
-
-func (s *lxcBrokerSuite) TestStartInstancePopulatesNetworkInfoWithoutAddressAllocation(c *gc.C) {
-	s.SetFeatureFlags()
-	result, err := s.startInstancePopulatesNetworkInfo(c)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result.NetworkInfo, gc.HasLen, 1)
-	iface := result.NetworkInfo[0]
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(iface, jc.DeepEquals, network.InterfaceInfo{
-		DeviceIndex:      0,
-		CIDR:             "0.1.2.0/24",
-		InterfaceName:    "dummy0", // generated from the device index.
-		DNSServers:       network.NewAddresses("ns1.dummy", "ns2.dummy"),
-		DNSSearchDomains: []string{"dummy"},
-		MACAddress:       "aa:bb:cc:dd:ee:ff",
-		Address:          network.NewAddress("0.1.2.3"),
-		GatewayAddress:   network.NewAddress("0.1.2.1"),
-	})
-}
-
-func (s *lxcBrokerSuite) TestStopInstance(c *gc.C) {
-	lxc0 := s.startInstance(c, "1/lxc/0", nil)
-	lxc1 := s.startInstance(c, "1/lxc/1", nil)
-	lxc2 := s.startInstance(c, "1/lxc/2", nil)
-
-	s.assertInstances(c, lxc0, lxc1, lxc2)
-	err := s.broker.StopInstances(lxc0.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertInstances(c, lxc1, lxc2)
-	c.Assert(s.lxcContainerDir(lxc0), jc.DoesNotExist)
-	c.Assert(s.lxcRemovedContainerDir(lxc0), jc.IsDirectory)
-
-	err = s.broker.StopInstances(lxc1.Id(), lxc2.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	s.assertInstances(c)
-}
-
-func (s *lxcBrokerSuite) TestAllInstances(c *gc.C) {
-	lxc0 := s.startInstance(c, "1/lxc/0", nil)
-	lxc1 := s.startInstance(c, "1/lxc/1", nil)
-	s.assertInstances(c, lxc0, lxc1)
-
-	err := s.broker.StopInstances(lxc1.Id())
-	c.Assert(err, jc.ErrorIsNil)
-	lxc2 := s.startInstance(c, "1/lxc/2", nil)
-	s.assertInstances(c, lxc0, lxc2)
-}
-
-func (s *lxcBrokerSuite) assertInstances(c *gc.C, inst ...instance.Instance) {
-	results, err := s.broker.AllInstances()
-	c.Assert(err, jc.ErrorIsNil)
-	instancetest.MatchInstances(c, results, inst...)
-}
-
-func (s *lxcBrokerSuite) lxcContainerDir(inst instance.Instance) string {
-	return filepath.Join(s.ContainerDir, string(inst.Id()))
-}
-
-func (s *lxcBrokerSuite) lxcRemovedContainerDir(inst instance.Instance) string {
-	return filepath.Join(s.RemovedDir, string(inst.Id()))
-}
-
-func (s *lxcBrokerSuite) TestLocalDNSServers(c *gc.C) {
-	fakeConf := filepath.Join(c.MkDir(), "resolv.conf")
-	s.PatchValue(provisioner.ResolvConf, fakeConf)
-
-	// If config is missing, that's OK.
-	dnses, dnsSearch, err := provisioner.LocalDNSServers()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dnses, gc.HasLen, 0)
-	c.Assert(dnsSearch, gc.Equals, "")
-
-	// Enter some data in fakeConf.
-	data := `
- anything else is ignored
-  # comments are ignored
-  nameserver  0.1.2.3  # that's parsed
-search  foo.baz # comment ignored
-# nameserver 42.42.42.42 - ignored as well
-nameserver 8.8.8.8
-nameserver example.com # comment after is ok
-`
-	err = ioutil.WriteFile(fakeConf, []byte(data), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-
-	dnses, dnsSearch, err = provisioner.LocalDNSServers()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(dnses, jc.DeepEquals, network.NewAddresses(
-		"0.1.2.3", "8.8.8.8", "example.com",
-	))
-	c.Assert(dnsSearch, gc.Equals, "foo.baz")
-}
-
-func (s *lxcBrokerSuite) TestMustParseTemplate(c *gc.C) {
-	f := func() { provisioner.MustParseTemplate("", "{{invalid}") }
-	c.Assert(f, gc.PanicMatches, `template: :1: function "invalid" not defined`)
-
-	tmpl := provisioner.MustParseTemplate("name", "X={{.X}}")
-	c.Assert(tmpl, gc.NotNil)
-	c.Assert(tmpl.Name(), gc.Equals, "name")
-
-	var buf bytes.Buffer
-	err := tmpl.Execute(&buf, struct{ X string }{"42"})
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(buf.String(), gc.Equals, "X=42")
-}
-
-func (s *lxcBrokerSuite) TestRunTemplateCommand(c *gc.C) {
-	for i, test := range []struct {
-		source        string
-		exitNonZeroOK bool
-		data          interface{}
-		exitCode      int
-		expectErr     string
-	}{{
-		source:        "echo {{.Name}}",
-		exitNonZeroOK: false,
-		data:          struct{ Name string }{"foo"},
-		exitCode:      0,
-	}, {
-		source:        "exit {{.Code}}",
-		exitNonZeroOK: false,
-		data:          struct{ Code int }{123},
-		exitCode:      123,
-		expectErr:     `command "exit 123" failed with exit code 123`,
-	}, {
-		source:        "exit {{.Code}}",
-		exitNonZeroOK: true,
-		data:          struct{ Code int }{56},
-		exitCode:      56,
-	}, {
-		source:        "exit 42",
-		exitNonZeroOK: true,
-		exitCode:      42,
-	}, {
-		source:        "some-invalid-command",
-		exitNonZeroOK: false,
-		exitCode:      127, // returned by bash.
-		expectErr:     `command "some-invalid-command" failed with exit code 127`,
-	}} {
-		c.Logf("test %d: %q -> %d", i, test.source, test.exitCode)
-		t, err := template.New(fmt.Sprintf("test %d", i)).Parse(test.source)
-		if !c.Check(err, jc.ErrorIsNil, gc.Commentf("parsing %q", test.source)) {
-			continue
-		}
-		exitCode, err := provisioner.RunTemplateCommand(t, test.exitNonZeroOK, test.data)
-		if test.expectErr != "" {
-			c.Check(err, gc.ErrorMatches, test.expectErr)
-		} else {
-			c.Check(err, jc.ErrorIsNil)
-		}
-		c.Check(exitCode, gc.Equals, test.exitCode)
-	}
-}
-
-func (s *lxcBrokerSuite) TestSetupRoutesAndIPTablesInvalidArgs(c *gc.C) {
-	// Isolate the test from the host machine.
-	gitjujutesting.PatchExecutableThrowError(c, s, "iptables", 42)
-	gitjujutesting.PatchExecutableThrowError(c, s, "ip", 123)
-
-	// Check that all the arguments are verified to be non-empty.
-	expectStartupErr := "primaryNIC, primaryAddr, bridgeName, and ifaceInfo must be all set"
-	emptyIfaceInfo := []network.InterfaceInfo{}
-	for i, test := range []struct {
-		about       string
-		primaryNIC  string
-		primaryAddr network.Address
-		bridgeName  string
-		ifaceInfo   []network.InterfaceInfo
-		expectErr   string
-	}{{
-		about:       "all empty",
-		primaryNIC:  "",
-		primaryAddr: network.Address{},
-		bridgeName:  "",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but primaryNIC empty",
-		primaryNIC:  "nic",
-		primaryAddr: network.Address{},
-		bridgeName:  "",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but primaryAddr empty",
-		primaryNIC:  "",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but bridgeName empty",
-		primaryNIC:  "",
-		primaryAddr: network.Address{},
-		bridgeName:  "bridge",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but primaryNIC and bridgeName empty",
-		primaryNIC:  "nic",
-		primaryAddr: network.Address{},
-		bridgeName:  "bridge",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but primaryNIC and primaryAddr empty",
-		primaryNIC:  "nic",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but primaryAddr and bridgeName empty",
-		primaryNIC:  "",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "bridge",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all set except ifaceInfo",
-		primaryNIC:  "nic",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "bridge",
-		ifaceInfo:   nil,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all empty (ifaceInfo set but empty)",
-		primaryNIC:  "",
-		primaryAddr: network.Address{},
-		bridgeName:  "",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but primaryNIC empty (ifaceInfo set but empty)",
-		primaryNIC:  "nic",
-		primaryAddr: network.Address{},
-		bridgeName:  "",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but primaryAddr empty (ifaceInfo set but empty)",
-		primaryNIC:  "",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all but bridgeName empty (ifaceInfo set but empty)",
-		primaryNIC:  "",
-		primaryAddr: network.Address{},
-		bridgeName:  "bridge",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "just primaryAddr is empty and ifaceInfo set but empty",
-		primaryNIC:  "nic",
-		primaryAddr: network.Address{},
-		bridgeName:  "bridge",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "just bridgeName is empty and ifaceInfo set but empty",
-		primaryNIC:  "nic",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "just primaryNIC is empty and ifaceInfo set but empty",
-		primaryNIC:  "",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "bridge",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all set except ifaceInfo, which is set but empty",
-		primaryNIC:  "nic",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "bridge",
-		ifaceInfo:   emptyIfaceInfo,
-		expectErr:   expectStartupErr,
-	}, {
-		about:       "all set, but ifaceInfo has empty Address",
-		primaryNIC:  "nic",
-		primaryAddr: network.NewAddress("0.1.2.1"),
-		bridgeName:  "bridge",
-		// No Address set.
-		ifaceInfo: []network.InterfaceInfo{{DeviceIndex: 0}},
-		expectErr: `container IP "" must be set`,
-	}} {
-		c.Logf("test %d: %s", i, test.about)
-		err := provisioner.SetupRoutesAndIPTables(
-			test.primaryNIC,
-			test.primaryAddr,
-			test.bridgeName,
-			test.ifaceInfo,
-			false, // TODO(dimitern): Untested.
-		)
-		c.Check(err, gc.ErrorMatches, test.expectErr)
-	}
-}
-
-func (s *lxcBrokerSuite) TestSetupRoutesAndIPTablesIPTablesCheckError(c *gc.C) {
-	// Isolate the test from the host machine.
-	gitjujutesting.PatchExecutableThrowError(c, s, "iptables", 42)
-	gitjujutesting.PatchExecutableThrowError(c, s, "ip", 123)
-
-	ifaceInfo := []network.InterfaceInfo{{
-		Address: network.NewAddress("0.1.2.3"),
-	}}
-
-	addr := network.NewAddress("0.1.2.1")
-	err := provisioner.SetupRoutesAndIPTables("nic", addr, "bridge", ifaceInfo, false)
-	c.Assert(err, gc.ErrorMatches, "iptables failed with unexpected exit code 42")
-}
-
-func (s *lxcBrokerSuite) TestSetupRoutesAndIPTablesIPTablesAddError(c *gc.C) {
-	// Isolate the test from the host machine. Patch iptables with a
-	// script which returns code=1 for the check but fails when adding
-	// the rule.
-	script := `if [[ "$3" == "-C" ]]; then exit 1; else exit 42; fi`
-	gitjujutesting.PatchExecutable(c, s, "iptables", script)
-	gitjujutesting.PatchExecutableThrowError(c, s, "ip", 123)
-
-	fakeptablesRules := map[string]provisioner.IptablesRule{
-		"IPTablesSNAT": {
-			"nat",
-			"POSTROUTING",
-			"{{.HostIF}} {{.HostIP}}",
-		},
-	}
-	s.PatchValue(provisioner.IptablesRules, fakeptablesRules)
-
-	ifaceInfo := []network.InterfaceInfo{{
-		Address: network.NewAddress("0.1.2.3"),
-	}}
-
-	addr := network.NewAddress("0.1.2.1")
-	err := provisioner.SetupRoutesAndIPTables("nic", addr, "bridge", ifaceInfo, false)
-	c.Assert(err, gc.ErrorMatches, `command "iptables -t nat -I .*" failed with exit code 42`)
-}
-
-func (s *lxcBrokerSuite) TestSetupRoutesAndIPTablesIPRouteError(c *gc.C) {
-	// Isolate the test from the host machine.
-	// Returning code=0 from iptables means we won't add a rule.
-	gitjujutesting.PatchExecutableThrowError(c, s, "iptables", 0)
-	gitjujutesting.PatchExecutableThrowError(c, s, "ip", 123)
-
-	ifaceInfo := []network.InterfaceInfo{{
-		Address: network.NewAddress("0.1.2.3"),
-	}}
-
-	addr := network.NewAddress("0.1.2.1")
-	err := provisioner.SetupRoutesAndIPTables("nic", addr, "bridge", ifaceInfo, false)
-	c.Assert(err, gc.ErrorMatches,
-		`command "ip route add 0.1.2.3 dev bridge" failed with exit code 123`,
-	)
-}
-
-func (s *lxcBrokerSuite) TestSetupRoutesAndIPTablesAddsRuleIfMissing(c *gc.C) {
-	// Isolate the test from the host machine. Because PatchExecutable
-	// does not allow us to assert on subsequent executions of the
-	// same binary, we need to replace the iptables commands with
-	// separate ones. The check returns code=1 to trigger calling
-	// add.
-	fakeptablesRules := map[string]provisioner.IptablesRule{
-		"IPTablesSNAT": {
-			"nat",
-			"POSTROUTING",
-			"{{.HostIF}} {{.HostIP}}",
-		},
-	}
-	s.PatchValue(provisioner.IptablesRules, fakeptablesRules)
-
-	gitjujutesting.PatchExecutableAsEchoArgs(c, s, "iptables", 1, 0)
-	gitjujutesting.PatchExecutableAsEchoArgs(c, s, "ip")
-
-	ifaceInfo := []network.InterfaceInfo{{
-		Address: network.NewAddress("0.1.2.3"),
-	}}
-
-	addr := network.NewAddress("0.1.2.1")
-	err := provisioner.SetupRoutesAndIPTables("nic", addr, "bridge", ifaceInfo, false)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// Now verify the expected commands - since check returns 1, add
-	// will be called before ip route add.
-
-	gitjujutesting.AssertEchoArgs(c, "iptables", "-t", "nat", "-C", "POSTROUTING", "nic", "0.1.2.1")
-	gitjujutesting.AssertEchoArgs(c, "iptables", "-t", "nat", "-I", "POSTROUTING", "1", "nic", "0.1.2.1")
-	gitjujutesting.AssertEchoArgs(c, "ip", "route", "add", "0.1.2.3", "dev", "bridge")
-}
-
-func (s *lxcBrokerSuite) patchNetInterfaceByName(c *gc.C, interfaceName string) {
-	s.PatchValue(provisioner.NetInterfaceByName, func(name string) (*net.Interface, error) {
-		if interfaceName != name {
-			return nil, errors.New("no such network interface")
-		}
-		return &net.Interface{
-			Index: 0,
-			Name:  name,
-			Flags: net.FlagUp,
-		}, nil
-	})
-}
-
-func (s *lxcBrokerSuite) patchNetInterfaceByNameAddrs(c *gc.C, interfaceName string, fakeAddrs ...string) {
-	addrs := make([]net.Addr, len(fakeAddrs))
-
-	for i, a := range fakeAddrs {
-		addrs[i] = &fakeAddr{a}
-	}
-
-	s.PatchValue(provisioner.InterfaceAddrs, func(i *net.Interface) ([]net.Addr, error) {
-		c.Assert(i.Name, gc.Matches, interfaceName)
-		return addrs, nil
-	})
-}
-
-func (s *lxcBrokerSuite) TestDiscoverPrimaryNICNetInterfacesError(c *gc.C) {
-	s.PatchValue(provisioner.NetInterfaces, func() ([]net.Interface, error) {
-		return nil, errors.New("boom!")
-	})
-
-	nic, addr, err := provisioner.DiscoverPrimaryNIC()
-	c.Assert(err, gc.ErrorMatches, "cannot get network interfaces: boom!")
-	c.Assert(nic, gc.Equals, "")
-	c.Assert(addr, jc.DeepEquals, network.Address{})
-}
-
-func (s *lxcBrokerSuite) TestDiscoverPrimaryNICInterfaceAddrsError(c *gc.C) {
-	s.PatchValue(provisioner.NetInterfaces, func() ([]net.Interface, error) {
-		return []net.Interface{{
-			Index: 0,
-			Name:  "fake",
-			Flags: net.FlagUp,
-		}}, nil
-	})
-	s.PatchValue(provisioner.InterfaceAddrs, func(i *net.Interface) ([]net.Addr, error) {
-		return nil, errors.New("boom!")
-	})
-
-	nic, addr, err := provisioner.DiscoverPrimaryNIC()
-	c.Assert(err, gc.ErrorMatches, `cannot get "fake" addresses: boom!`)
-	c.Assert(nic, gc.Equals, "")
-	c.Assert(addr, jc.DeepEquals, network.Address{})
-}
-
-func (s *lxcBrokerSuite) TestDiscoverPrimaryNICInvalidAddr(c *gc.C) {
-	s.PatchValue(provisioner.NetInterfaces, func() ([]net.Interface, error) {
-		return []net.Interface{{
-			Index: 0,
-			Name:  "fake",
-			Flags: net.FlagUp,
-		}}, nil
-	})
-	s.PatchValue(provisioner.InterfaceAddrs, func(i *net.Interface) ([]net.Addr, error) {
-		return []net.Addr{&fakeAddr{}}, nil
-	})
-
-	nic, addr, err := provisioner.DiscoverPrimaryNIC()
-	c.Assert(err, gc.ErrorMatches, `cannot parse address "fakeAddr": invalid CIDR address: fakeAddr`)
-	c.Assert(nic, gc.Equals, "")
-	c.Assert(addr, jc.DeepEquals, network.Address{})
-}
-
-func (s *lxcBrokerSuite) TestDiscoverPrimaryNICInterfaceNotFound(c *gc.C) {
-	s.PatchValue(provisioner.NetInterfaces, func() ([]net.Interface, error) {
-		return nil, nil
-	})
-
-	nic, addr, err := provisioner.DiscoverPrimaryNIC()
-	c.Assert(err, gc.ErrorMatches, "cannot detect the primary network interface")
-	c.Assert(nic, gc.Equals, "")
-	c.Assert(addr, jc.DeepEquals, network.Address{})
-}
-
-type fakeAddr struct{ value string }
-
-func (f *fakeAddr) Network() string { return "net" }
-func (f *fakeAddr) String() string {
-	if f.value != "" {
-		return f.value
-	}
-	return "fakeAddr"
-}
-
-var _ net.Addr = (*fakeAddr)(nil)
-
-func (s *lxcBrokerSuite) TestDiscoverPrimaryNICSuccess(c *gc.C) {
-	s.PatchValue(provisioner.NetInterfaces, func() ([]net.Interface, error) {
-		return []net.Interface{{
-			Index: 0,
-			Name:  "lo",
-			Flags: net.FlagUp | net.FlagLoopback, // up but loopback - ignored.
-		}, {
-			Index: 1,
-			Name:  "if0",
-			Flags: net.FlagPointToPoint, // not up - ignored.
-		}, {
-			Index: 2,
-			Name:  "if1",
-			Flags: net.FlagUp, // up but no addresses - ignored.
-		}, {
-			Index: 3,
-			Name:  "if2",
-			Flags: net.FlagUp, // up and has addresses - returned.
-		}}, nil
-	})
-	s.PatchValue(provisioner.InterfaceAddrs, func(i *net.Interface) ([]net.Addr, error) {
-		// We should be called only for the last two NICs. The first
-		// one (if1) won't have addresses, only the last one (if2).
-		c.Assert(i, gc.NotNil)
-		c.Assert(i.Name, gc.Matches, "if[12]")
-		if i.Name == "if2" {
-			return []net.Addr{&fakeAddr{"0.1.2.3/24"}}, nil
-		}
-		// For if1 we return no addresses.
-		return nil, nil
-	})
-
-	nic, addr, err := provisioner.DiscoverPrimaryNIC()
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(nic, gc.Equals, "if2")
-	c.Assert(addr, jc.DeepEquals, network.NewAddress("0.1.2.3"))
-}
-
-func (s *lxcBrokerSuite) TestConfigureContainerNetwork(c *gc.C) {
-	// All the pieces used by this func are separately tested, we just
-	// test the integration between them.
-	s.PatchValue(provisioner.NetInterfaces, func() ([]net.Interface, error) {
-		return []net.Interface{{
-			Index: 0,
-			Name:  "fake0",
-			Flags: net.FlagUp,
-		}}, nil
-	})
-	s.PatchValue(provisioner.InterfaceAddrs, func(i *net.Interface) ([]net.Addr, error) {
-		return []net.Addr{&fakeAddr{"0.1.2.1/24"}}, nil
-	})
-	fakeResolvConf := filepath.Join(c.MkDir(), "resolv.conf")
-	err := ioutil.WriteFile(fakeResolvConf, []byte("nameserver ns1.dummy\n"), 0644)
-	c.Assert(err, jc.ErrorIsNil)
-	s.PatchValue(provisioner.ResolvConf, fakeResolvConf)
-
-	// When ifaceInfo is not empty it shouldn't do anything and both
-	// the error and the result are nil.
-	ifaceInfo := []network.InterfaceInfo{{DeviceIndex: 0}}
-	// First call as if we are configuring the container for the first time
-	result, err := provisioner.ConfigureContainerNetwork("42", "bridge", s.api, ifaceInfo, true, false)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, gc.IsNil)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{})
-
-	// Next call as if the container has already been configured.
-	s.api.ResetCalls()
-	result, err = provisioner.ConfigureContainerNetwork("42", "bridge", s.api, ifaceInfo, false, false)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, gc.IsNil)
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{})
-
-	// Call as if the container already has a network configuration, but doesn't.
-	s.api.ResetCalls()
-	s.api.SetErrors(errors.NotProvisionedf("machine-42 has no network provisioning info"))
-	ifaceInfo = []network.InterfaceInfo{}
-	result, err = provisioner.ConfigureContainerNetwork("42", "bridge", s.api, ifaceInfo, false, false)
-	c.Assert(err, gc.ErrorMatches, "machine-42 has no network provisioning info not provisioned")
-	c.Assert(result, jc.DeepEquals, []network.InterfaceInfo{})
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "GetContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("42")},
-	}})
-
-	// When it's not empty, result should be populated as expected.
-	s.api.ResetCalls()
-	result, err = provisioner.ConfigureContainerNetwork("42", "bridge", s.api, ifaceInfo, false, false)
-
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, gc.HasLen, 1)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, jc.DeepEquals, []network.InterfaceInfo{{
-		DeviceIndex:      0,
-		CIDR:             "0.1.2.0/24",
-		ConfigType:       network.ConfigStatic,
-		InterfaceName:    "eth0", // generated from the device index.
-		MACAddress:       "aa:bb:cc:dd:ee:ff",
-		DNSServers:       network.NewAddresses("ns1.dummy"),
-		DNSSearchDomains: []string{""},
-		Address:          network.NewAddress("0.1.2.3"),
-		GatewayAddress:   network.NewAddress("0.1.2.1"),
-	}})
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "GetContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("42")},
-	}})
-
-	s.api.ResetCalls()
-	result, err = provisioner.ConfigureContainerNetwork("42", "bridge", s.api, ifaceInfo, false, false)
-	c.Assert(result, gc.HasLen, 1)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(result, jc.DeepEquals, []network.InterfaceInfo{{
-		DeviceIndex:      0,
-		CIDR:             "0.1.2.0/24",
-		ConfigType:       network.ConfigStatic,
-		InterfaceName:    "eth0", // generated from the device index.
-		MACAddress:       "aa:bb:cc:dd:ee:ff",
-		DNSServers:       network.NewAddresses("ns1.dummy"),
-		DNSSearchDomains: []string{""},
-		Address:          network.NewAddress("0.1.2.3"),
-		GatewayAddress:   network.NewAddress("0.1.2.1"),
-	}})
-
-	s.api.CheckCalls(c, []gitjujutesting.StubCall{{
-		FuncName: "GetContainerInterfaceInfo",
-		Args:     []interface{}{names.NewMachineTag("42")},
-	}})
-}
-
-type lxcProvisionerSuite struct {
-	CommonProvisionerSuite
-	lxcSuite
-	events chan mock.Event
-}
-
-var _ = gc.Suite(&lxcProvisionerSuite{})
-
-func (s *lxcProvisionerSuite) SetUpSuite(c *gc.C) {
-	if runtime.GOOS == "windows" {
-		c.Skip("Skipping lxc tests on windows")
-	}
-	s.CommonProvisionerSuite.SetUpSuite(c)
-	s.lxcSuite.SetUpSuite(c)
-}
-
-func (s *lxcProvisionerSuite) TearDownSuite(c *gc.C) {
-	s.lxcSuite.TearDownSuite(c)
-	s.CommonProvisionerSuite.TearDownSuite(c)
-}
-
-func (s *lxcProvisionerSuite) SetUpTest(c *gc.C) {
-	s.CommonProvisionerSuite.SetUpTest(c)
-	s.lxcSuite.SetUpTest(c)
-
-	s.events = make(chan mock.Event, 25)
-	s.ContainerFactory.AddListener(s.events)
-}
-
-func (s *lxcProvisionerSuite) expectStarted(c *gc.C, machine *state.Machine) string {
-	// This check in particular leads to tests just hanging
-	// indefinitely quite often on i386.
-	coretesting.SkipIfI386(c, "lp:1425569")
-
-	var event mock.Event
-	s.State.StartSync()
-	select {
-	case event = <-s.events:
-		c.Assert(event.Action, gc.Equals, mock.Created)
-		argsSet := set.NewStrings(event.TemplateArgs...)
-		c.Assert(argsSet.Contains("imageURL"), jc.IsTrue)
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timeout while waiting the mock container to get created")
-	}
-
-	select {
-	case event = <-s.events:
-		c.Assert(event.Action, gc.Equals, mock.Started)
-		err := machine.Refresh()
-		c.Assert(err, jc.ErrorIsNil)
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timeout while waiting the mock container to start")
-	}
-
-	s.waitInstanceId(c, machine, instance.Id(event.InstanceId))
-	return event.InstanceId
-}
-
-func (s *lxcProvisionerSuite) expectStopped(c *gc.C, instId string) {
-	// This check in particular leads to tests just hanging
-	// indefinitely quite often on i386.
-	coretesting.SkipIfI386(c, "lp:1425569")
-
-	s.State.StartSync()
-	select {
-	case event := <-s.events:
-		c.Assert(event.Action, gc.Equals, mock.Stopped)
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timeout while waiting the mock container to stop")
-	}
-
-	select {
-	case event := <-s.events:
-		c.Assert(event.Action, gc.Equals, mock.Destroyed)
-		c.Assert(event.InstanceId, gc.Equals, instId)
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("timeout while waiting the mock container to get destroyed")
-	}
-}
-
-func (s *lxcProvisionerSuite) expectNoEvents(c *gc.C) {
-	select {
-	case event := <-s.events:
-		c.Fatalf("unexpected event %#v", event)
-	case <-time.After(coretesting.ShortWait):
-		return
-	}
-}
-
-func (s *lxcProvisionerSuite) TearDownTest(c *gc.C) {
-	close(s.events)
-	s.lxcSuite.TearDownTest(c)
-	s.CommonProvisionerSuite.TearDownTest(c)
-}
-
-func (s *lxcProvisionerSuite) newLxcProvisioner(c *gc.C) provisioner.Provisioner {
-	parentMachineTag := names.NewMachineTag("0")
-	agentConfig := s.AgentConfigForTag(c, parentMachineTag)
-	managerConfig := container.ManagerConfig{
-		container.ConfigName: "juju",
-		"log-dir":            c.MkDir(),
-		"use-clone":          "false",
-	}
-	broker, err := provisioner.NewLxcBroker(s.provisioner, agentConfig, managerConfig, &containertesting.MockURLGetter{}, false, 0)
-	c.Assert(err, jc.ErrorIsNil)
-	toolsFinder := (*provisioner.GetToolsFinder)(s.provisioner)
-	w, err := provisioner.NewContainerProvisioner(instance.LXC, s.provisioner, agentConfig, broker, toolsFinder)
-	c.Assert(err, jc.ErrorIsNil)
-	return w
-}
-
-func (s *lxcProvisionerSuite) TestProvisionerStartStop(c *gc.C) {
-	p := s.newLxcProvisioner(c)
-	stop(c, p)
-}
-
-func (s *lxcProvisionerSuite) TestDoesNotStartEnvironMachines(c *gc.C) {
-	p := s.newLxcProvisioner(c)
-	defer stop(c, p)
-
-	// Check that an instance is not provisioned when the machine is created.
-	_, err := s.State.AddMachine(series.LatestLts(), state.JobHostUnits)
-	c.Assert(err, jc.ErrorIsNil)
-
-	s.expectNoEvents(c)
-}
-
-func (s *lxcProvisionerSuite) TestDoesNotHaveRetryWatcher(c *gc.C) {
-	p := s.newLxcProvisioner(c)
-	defer stop(c, p)
-
-	w, err := provisioner.GetRetryWatcher(p)
-	c.Assert(w, gc.IsNil)
-	c.Assert(err, jc.Satisfies, errors.IsNotImplemented)
-}
-
-func (s *lxcProvisionerSuite) addContainer(c *gc.C) *state.Machine {
-	template := state.MachineTemplate{
-		Series: series.LatestLts(),
-		Jobs:   []state.MachineJob{state.JobHostUnits},
-	}
-	container, err := s.State.AddMachineInsideMachine(template, "0", instance.LXC)
-	c.Assert(err, jc.ErrorIsNil)
-	return container
-}
-
-func (s *lxcProvisionerSuite) maybeUploadTools(c *gc.C) {
-	// The default series tools are already uploaded
-	// for amd64 in the base suite.
-	if arch.HostArch() == arch.AMD64 {
-		return
-	}
-
-	storageDir := c.MkDir()
-	s.CommonProvisionerSuite.PatchValue(&tools.DefaultBaseURL, storageDir)
-	stor, err := filestorage.NewFileStorageWriter(storageDir)
-	c.Assert(err, jc.ErrorIsNil)
-
-	defaultTools := version.Binary{
-		Number: jujuversion.Current,
-		Arch:   arch.HostArch(),
-		Series: series.LatestLts(),
-	}
-
-	envtesting.AssertUploadFakeToolsVersions(c, stor, "devel", "devel", defaultTools)
-	envtesting.AssertUploadFakeToolsVersions(c, stor, "released", "released", defaultTools)
-}
-
-func (s *lxcProvisionerSuite) TestContainerStartedAndStopped(c *gc.C) {
-	coretesting.SkipIfI386(c, "lp:1425569")
-	s.maybeUploadTools(c)
-
-	p := s.newLxcProvisioner(c)
-	defer stop(c, p)
-
-	container := s.addContainer(c)
-	name := "juju-" + container.Tag().String()
-	containertesting.EnsureLXCRootFSEtcNetwork(c, name)
-	instId := s.expectStarted(c, container)
-
-	// ...and removed, along with the machine, when the machine is Dead.
-	c.Assert(container.EnsureDead(), gc.IsNil)
-	s.expectStopped(c, instId)
-	s.waitRemoved(c, container)
-}
-
-func (s *lxcProvisionerSuite) TestLXCProvisionerObservesConfigChanges(c *gc.C) {
-	p := s.newLxcProvisioner(c)
-	defer stop(c, p)
-	s.assertProvisionerObservesConfigChanges(c, p)
-}
-
-type fakeAPI struct {
-	*gitjujutesting.Stub
-
-	fakeContainerConfig params.ContainerConfig
-	fakeInterfaceInfo   network.InterfaceInfo
-}
-
-var _ provisioner.APICalls = (*fakeAPI)(nil)
-
-var fakeInterfaceInfo network.InterfaceInfo = network.InterfaceInfo{
-	DeviceIndex:    0,
-	MACAddress:     "aa:bb:cc:dd:ee:ff",
-	CIDR:           "0.1.2.0/24",
-	InterfaceName:  "dummy0",
-	Address:        network.NewAddress("0.1.2.3"),
-	GatewayAddress: network.NewAddress("0.1.2.1"),
-}
-
-var fakeContainerConfig = params.ContainerConfig{
-	UpdateBehavior:          &params.UpdateBehavior{true, true},
-	ProviderType:            "fake",
-	AuthorizedKeys:          coretesting.FakeAuthKeys,
-	SSLHostnameVerification: true,
-}
-
-func NewFakeAPI() *fakeAPI {
-	return &fakeAPI{
-		Stub:                &gitjujutesting.Stub{},
-		fakeContainerConfig: fakeContainerConfig,
-		fakeInterfaceInfo:   fakeInterfaceInfo,
-	}
-}
-
-func (f *fakeAPI) ContainerConfig() (params.ContainerConfig, error) {
-	f.MethodCall(f, "ContainerConfig")
-	if err := f.NextErr(); err != nil {
-		return params.ContainerConfig{}, err
-	}
-	return f.fakeContainerConfig, nil
-}
-
-func (f *fakeAPI) PrepareContainerInterfaceInfo(tag names.MachineTag) ([]network.InterfaceInfo, error) {
-	f.MethodCall(f, "PrepareContainerInterfaceInfo", tag)
-	if err := f.NextErr(); err != nil {
-		return nil, err
-	}
-	return []network.InterfaceInfo{f.fakeInterfaceInfo}, nil
-}
-
-func (f *fakeAPI) GetContainerInterfaceInfo(tag names.MachineTag) ([]network.InterfaceInfo, error) {
-	f.MethodCall(f, "GetContainerInterfaceInfo", tag)
-	if err := f.NextErr(); err != nil {
-		return nil, err
-	}
-	return []network.InterfaceInfo{f.fakeInterfaceInfo}, nil
-}
-
-func (f *fakeAPI) ReleaseContainerAddresses(tag names.MachineTag) error {
-	f.MethodCall(f, "ReleaseContainerAddresses", tag)
-	if err := f.NextErr(); err != nil {
-		return err
-	}
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxd-broker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxd-broker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxd-broker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxd-broker.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,42 +12,34 @@
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
-	"github.com/juju/juju/tools/lxdclient"
+	"github.com/juju/juju/network"
 )
 
 var lxdLogger = loggo.GetLogger("juju.provisioner.lxd")
 
-var _ environs.InstanceBroker = (*lxdBroker)(nil)
-
-func NewLxdBroker(
+var NewLxdBroker = func(
 	api APICalls,
 	manager container.Manager,
 	agentConfig agent.Config,
-	namespace string,
-	enableNAT bool,
 ) (environs.InstanceBroker, error) {
 	return &lxdBroker{
 		manager:     manager,
-		namespace:   namespace,
 		api:         api,
 		agentConfig: agentConfig,
-		enableNAT:   enableNAT,
 	}, nil
 }
 
 type lxdBroker struct {
 	manager     container.Manager
-	namespace   string
 	api         APICalls
 	agentConfig agent.Config
-	enableNAT   bool
 }
 
 func (broker *lxdBroker) StartInstance(args environs.StartInstanceParams) (*environs.StartInstanceResult, error) {
 	machineId := args.InstanceConfig.MachineId
 	bridgeDevice := broker.agentConfig.Value(agent.LxdBridge)
 	if bridgeDevice == "" {
-		bridgeDevice = lxdclient.DefaultLXDBridge
+		bridgeDevice = network.DefaultLXDBridge
 	}
 
 	config, err := broker.api.ContainerConfig()
@@ -61,10 +53,8 @@
 		machineId,
 		bridgeDevice,
 		true, // allocate if possible, do not maintain existing.
-		broker.enableNAT,
 		args.NetworkInfo,
 		lxdLogger,
-		config.ProviderType,
 	)
 	if err != nil {
 		// It's not fatal (yet) if we couldn't pre-allocate addresses for the
@@ -75,6 +65,11 @@
 	}
 
 	network := container.BridgeNetworkConfig(bridgeDevice, 0, args.NetworkInfo)
+	interfaces, err := finishNetworkConfig(bridgeDevice, args.NetworkInfo)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	network.Interfaces = interfaces
 
 	// The provisioner worker will provide all tools it knows about
 	// (after applying explicitly specified constraints), which may
@@ -99,7 +94,6 @@
 		config.Proxy,
 		config.AptProxy,
 		config.AptMirror,
-		config.PreferIPv6,
 		config.EnableOSRefreshUpdate,
 		config.EnableOSUpgrade,
 	); err != nil {
@@ -108,7 +102,10 @@
 	}
 
 	storageConfig := &container.StorageConfig{}
-	inst, hardware, err := broker.manager.CreateContainer(args.InstanceConfig, series, network, storageConfig, args.StatusCallback)
+	inst, hardware, err := broker.manager.CreateContainer(
+		args.InstanceConfig, args.Constraints,
+		series, network, storageConfig, args.StatusCallback,
+	)
 	if err != nil {
 		return nil, err
 	}
@@ -116,7 +113,7 @@
 	return &environs.StartInstanceResult{
 		Instance:    inst,
 		Hardware:    hardware,
-		NetworkInfo: network.Interfaces,
+		NetworkInfo: interfaces,
 	}, nil
 }
 
@@ -128,8 +125,7 @@
 			lxdLogger.Errorf("container did not stop: %v", err)
 			return err
 		}
-		providerType := broker.agentConfig.Value(agent.ProviderType)
-		maybeReleaseContainerAddresses(broker.api, id, broker.namespace, lxdLogger, providerType)
+		releaseContainerAddresses(broker.api, id, broker.manager.Namespace(), lxdLogger)
 	}
 	return nil
 }
@@ -141,16 +137,14 @@
 
 // MaintainInstance ensures the container's host has the required iptables and
 // routing rules to make the container visible to both the host and other
-// machines on the same subnet. This is important mostly when address allocation
-// feature flag is enabled, as otherwise we don't create additional iptables
-// rules or routes.
+// machines on the same subnet.
 func (broker *lxdBroker) MaintainInstance(args environs.StartInstanceParams) error {
 	machineID := args.InstanceConfig.MachineId
 
 	// Default to using the host network until we can configure.
 	bridgeDevice := broker.agentConfig.Value(agent.LxdBridge)
 	if bridgeDevice == "" {
-		bridgeDevice = lxdclient.DefaultLXDBridge
+		bridgeDevice = network.DefaultLXDBridge
 	}
 
 	// There's no InterfaceInfo we expect to get below.
@@ -159,10 +153,8 @@
 		machineID,
 		bridgeDevice,
 		false, // maintain, do not allocate.
-		broker.enableNAT,
 		args.NetworkInfo,
 		lxdLogger,
-		broker.agentConfig.Value(agent.ProviderType),
 	)
 	return err
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxd-broker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxd-broker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/lxd-broker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/lxd-broker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,12 +6,13 @@
 import (
 	"runtime"
 
-	"github.com/juju/names"
+	"github.com/juju/errors"
 	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/arch"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/cloudconfig/instancecfg"
@@ -19,7 +20,7 @@
 	"github.com/juju/juju/container"
 	"github.com/juju/juju/environs"
 	"github.com/juju/juju/instance"
-	jujutesting "github.com/juju/juju/juju/testing"
+	"github.com/juju/juju/network"
 	coretesting "github.com/juju/juju/testing"
 	coretools "github.com/juju/juju/tools"
 	jujuversion "github.com/juju/juju/version"
@@ -28,11 +29,10 @@
 
 type lxdBrokerSuite struct {
 	coretesting.BaseSuite
-	broker        environs.InstanceBroker
-	agentConfig   agent.ConfigSetterWriter
-	api           *fakeAPI
-	manager       *fakeContainerManager
-	possibleTools coretools.List
+	broker      environs.InstanceBroker
+	agentConfig agent.ConfigSetterWriter
+	api         *fakeAPI
+	manager     *fakeContainerManager
 }
 
 var _ = gc.Suite(&lxdBrokerSuite{})
@@ -46,15 +46,6 @@
 	// To isolate the tests from the host's architecture, we override it here.
 	s.PatchValue(&arch.HostArch, func() string { return arch.AMD64 })
 
-	s.possibleTools = coretools.List{&coretools.Tools{
-		Version: version.MustParseBinary("2.3.4-quantal-amd64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-amd64.tgz",
-	}, {
-		// non-host-arch tools should be filtered out by StartInstance
-		Version: version.MustParseBinary("2.3.4-quantal-arm64"),
-		URL:     "http://tools.testing.invalid/2.3.4-quantal-arm64.tgz",
-	}}
-
 	var err error
 	s.agentConfig, err = agent.NewAgentConfig(
 		agent.AgentConfigParams{
@@ -70,29 +61,12 @@
 	c.Assert(err, jc.ErrorIsNil)
 	s.api = NewFakeAPI()
 	s.manager = &fakeContainerManager{}
-	s.broker, err = provisioner.NewLxdBroker(s.api, s.manager, s.agentConfig, "namespace", true)
+	s.broker, err = provisioner.NewLxdBroker(s.api, s.manager, s.agentConfig)
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func (s *lxdBrokerSuite) instanceConfig(c *gc.C, machineId string) *instancecfg.InstanceConfig {
-	machineNonce := "fake-nonce"
-	stateInfo := jujutesting.FakeStateInfo(machineId)
-	apiInfo := jujutesting.FakeAPIInfo(machineId)
-	instanceConfig, err := instancecfg.NewInstanceConfig(machineId, machineNonce, "released", "quantal", "", true, stateInfo, apiInfo)
-	c.Assert(err, jc.ErrorIsNil)
-	return instanceConfig
-}
-
-func (s *lxdBrokerSuite) startInstance(c *gc.C, machineId string) instance.Instance {
-	instanceConfig := s.instanceConfig(c, machineId)
-	cons := constraints.Value{}
-	result, err := s.broker.StartInstance(environs.StartInstanceParams{
-		Constraints:    cons,
-		Tools:          s.possibleTools,
-		InstanceConfig: instanceConfig,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-	return result.Instance
+func (s *lxdBrokerSuite) startInstance(c *gc.C, machineId string) *environs.StartInstanceResult {
+	return callStartInstance(c, s, s.broker, machineId)
 }
 
 func (s *lxdBrokerSuite) TestStartInstance(c *gc.C) {
@@ -112,6 +86,45 @@
 	c.Assert(instanceConfig.ToolsList().Arches(), jc.DeepEquals, []string{"amd64"})
 }
 
+func (s *lxdBrokerSuite) TestStartInstancePopulatesNetworkInfo(c *gc.C) {
+	patchResolvConf(s, c)
+
+	result := s.startInstance(c, "1/lxd/0")
+	c.Assert(result.NetworkInfo, gc.HasLen, 1)
+	iface := result.NetworkInfo[0]
+	c.Assert(iface, jc.DeepEquals, network.InterfaceInfo{
+		DeviceIndex:         0,
+		CIDR:                "0.1.2.0/24",
+		InterfaceName:       "dummy0",
+		ParentInterfaceName: "lxdbr0",
+		MACAddress:          "aa:bb:cc:dd:ee:ff",
+		Address:             network.NewAddress("0.1.2.3"),
+		GatewayAddress:      network.NewAddress("0.1.2.1"),
+		DNSServers:          network.NewAddresses("ns1.dummy", "ns2.dummy"),
+		DNSSearchDomains:    []string{"dummy", "invalid"},
+	})
+}
+
+func (s *lxdBrokerSuite) TestStartInstancePopulatesFallbackNetworkInfo(c *gc.C) {
+	patchResolvConf(s, c)
+
+	s.api.SetErrors(
+		nil, // ContainerConfig succeeds
+		errors.NotSupportedf("container address allocation"),
+	)
+	result := s.startInstance(c, "1/lxd/0")
+
+	c.Assert(result.NetworkInfo, jc.DeepEquals, []network.InterfaceInfo{{
+		DeviceIndex:         0,
+		InterfaceName:       "eth0",
+		InterfaceType:       network.EthernetInterface,
+		ConfigType:          network.ConfigDHCP,
+		ParentInterfaceName: "lxdbr0",
+		DNSServers:          network.NewAddresses("ns1.dummy", "ns2.dummy"),
+		DNSSearchDomains:    []string{"dummy", "invalid"},
+	}})
+}
+
 func (s *lxdBrokerSuite) TestStartInstanceNoHostArchTools(c *gc.C) {
 	_, err := s.broker.StartInstance(environs.StartInstanceParams{
 		Tools: coretools.List{{
@@ -119,7 +132,7 @@
 			Version: version.MustParseBinary("2.3.4-quantal-arm64"),
 			URL:     "http://tools.testing.invalid/2.3.4-quantal-arm64.tgz",
 		}},
-		InstanceConfig: s.instanceConfig(c, "1/lxd/0"),
+		InstanceConfig: makeInstanceConfig(c, s, "1/lxd/0"),
 	})
 	c.Assert(err, gc.ErrorMatches, `need tools for arch amd64, only found \[arm64\]`)
 }
@@ -129,12 +142,13 @@
 }
 
 func (m *fakeContainerManager) CreateContainer(instanceConfig *instancecfg.InstanceConfig,
+	cons constraints.Value,
 	series string,
 	network *container.NetworkConfig,
 	storage *container.StorageConfig,
 	callback container.StatusCallback,
 ) (instance.Instance, *instance.HardwareCharacteristics, error) {
-	m.MethodCall(m, "CreateContainer", instanceConfig, series, network, storage, callback)
+	m.MethodCall(m, "CreateContainer", instanceConfig, cons, series, network, storage, callback)
 	return nil, nil, m.NextErr()
 }
 
@@ -148,6 +162,11 @@
 	return nil, m.NextErr()
 }
 
+func (m *fakeContainerManager) Namespace() instance.Namespace {
+	ns, _ := instance.NewNamespace(coretesting.ModelTag.Id())
+	return ns
+}
+
 func (m *fakeContainerManager) IsInitialized() bool {
 	m.MethodCall(m, "IsInitialized")
 	m.PopNoErr()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/provisioner.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/provisioner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/provisioner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/provisioner.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apiprovisioner "github.com/juju/juju/api/provisioner"
@@ -138,16 +138,22 @@
 		errors.Errorf("expected names.MachineTag, got %T", tag)
 	}
 
-	envCfg, err := p.st.ModelConfig()
+	modelCfg, err := p.st.ModelConfig()
 	if err != nil {
 		return nil, errors.Annotate(err, "could not retrieve the model config.")
 	}
 
+	controllerCfg, err := p.st.ControllerConfig()
+	if err != nil {
+		return nil, errors.Annotate(err, "could not retrieve the controller config.")
+	}
+
 	secureServerConnection := false
 	if info, ok := p.agentConfig.StateServingInfo(); ok {
 		secureServerConnection = info.CAPrivateKey != ""
 	}
 	task, err := NewProvisionerTask(
+		controllerCfg.ControllerUUID(),
 		machineTag,
 		harvestMode,
 		p.st,
@@ -156,7 +162,7 @@
 		retryWatcher,
 		p.broker,
 		auth,
-		envCfg.ImageStream(),
+		modelCfg.ImageStream(),
 		secureServerConnection,
 		RetryStrategy{retryDelay: retryStrategyDelay, retryCount: retryStrategyCount},
 	)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/provisioner_task.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/provisioner_task.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/provisioner_task.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/provisioner_task.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,12 +5,11 @@
 
 import (
 	"fmt"
-	"regexp"
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 
 	apiprovisioner "github.com/juju/juju/api/provisioner"
 	"github.com/juju/juju/apiserver/common/networkingcommon"
@@ -24,6 +23,8 @@
 	"github.com/juju/juju/environs/simplestreams"
 	"github.com/juju/juju/instance"
 	"github.com/juju/juju/network"
+	"github.com/juju/juju/state"
+	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/status"
 	"github.com/juju/juju/storage"
 	coretools "github.com/juju/juju/tools"
@@ -61,6 +62,7 @@
 var _ ToolsFinder = (*apiprovisioner.State)(nil)
 
 func NewProvisionerTask(
+	controllerUUID string,
 	machineTag names.MachineTag,
 	harvestMode config.HarvestMode,
 	machineGetter MachineGetter,
@@ -81,6 +83,7 @@
 		workers = append(workers, retryWatcher)
 	}
 	task := &provisionerTask{
+		controllerUUID:             controllerUUID,
 		machineTag:                 machineTag,
 		machineGetter:              machineGetter,
 		toolsFinder:                toolsFinder,
@@ -107,6 +110,7 @@
 }
 
 type provisionerTask struct {
+	controllerUUID             string
 	machineTag                 names.MachineTag
 	machineGetter              MachineGetter
 	toolsFinder                ToolsFinder
@@ -387,7 +391,8 @@
 	case params.Dead:
 		return Dead, nil
 	}
-	if instId, err := machine.InstanceId(); err != nil {
+	instId, err := machine.InstanceId()
+	if err != nil {
 		if !params.IsCodeNotProvisioned(err) {
 			return None, errors.Annotatef(err, "failed to load machine id:%s, details:%v", machine.Id(), machine)
 		}
@@ -400,17 +405,12 @@
 			logger.Infof("found machine pending provisioning id:%s, details:%v", machine.Id(), machine)
 			return Pending, nil
 		}
-	} else {
-		logger.Infof("machine %s already started as instance %q", machine.Id(), instId)
-		if err != nil {
-			logger.Infof("Error fetching provisioning info")
-		} else {
-			isLxc := regexp.MustCompile(`\d+/lxc/\d+`)
-			isKvm := regexp.MustCompile(`\d+/kvm/\d+`)
-			if isLxc.MatchString(machine.Id()) || isKvm.MatchString(machine.Id()) {
-				return Maintain, nil
-			}
-		}
+		return None, nil
+	}
+	logger.Infof("machine %s already started as instance %q", machine.Id(), instId)
+
+	if state.ContainerTypeFromId(machine.Id()) != "" {
+		return Maintain, nil
 	}
 	return None, nil
 }
@@ -499,24 +499,44 @@
 		return nil, errors.Annotate(err, "failed to generate a nonce for machine "+machine.Id())
 	}
 
-	publicKey, err := simplestreams.UserPublicSigningKey()
-	if err != nil {
-		return nil, err
-	}
 	nonce := fmt.Sprintf("%s:%s", task.machineTag, uuid)
-	return instancecfg.NewInstanceConfig(
+	instanceConfig, err := instancecfg.NewInstanceConfig(
 		machine.Id(),
 		nonce,
 		task.imageStream,
 		pInfo.Series,
-		publicKey,
 		task.secureServerConnection,
-		stateInfo,
 		apiInfo,
 	)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	instanceConfig.Tags = pInfo.Tags
+	if len(pInfo.Jobs) > 0 {
+		instanceConfig.Jobs = pInfo.Jobs
+	}
+
+	if multiwatcher.AnyJobNeedsState(instanceConfig.Jobs...) {
+		publicKey, err := simplestreams.UserPublicSigningKey()
+		if err != nil {
+			return nil, err
+		}
+		instanceConfig.Controller = &instancecfg.ControllerConfig{
+			PublicImageSigningKey: publicKey,
+			MongoInfo:             stateInfo,
+		}
+		instanceConfig.Controller.Config = make(map[string]interface{})
+		for k, v := range pInfo.ControllerConfig {
+			instanceConfig.Controller.Config[k] = v
+		}
+	}
+
+	return instanceConfig, nil
 }
 
 func constructStartInstanceParams(
+	controllerUUID string,
 	machine *apiprovisioner.Machine,
 	instanceConfig *instancecfg.InstanceConfig,
 	provisioningInfo *params.ProvisioningInfo,
@@ -589,6 +609,7 @@
 	}
 
 	return environs.StartInstanceParams{
+		ControllerUUID:    controllerUUID,
 		Constraints:       provisioningInfo.Constraints,
 		Tools:             possibleTools,
 		InstanceConfig:    instanceConfig,
@@ -645,6 +666,7 @@
 		}
 
 		startInstanceParams, err := constructStartInstanceParams(
+			task.controllerUUID,
 			m,
 			instanceCfg,
 			pInfo,
@@ -745,13 +767,6 @@
 	provInfo *params.ProvisioningInfo,
 	instanceConfig *instancecfg.InstanceConfig,
 ) *provisioningInfo {
-
-	instanceConfig.Tags = provInfo.Tags
-
-	if len(provInfo.Jobs) > 0 {
-		instanceConfig.Jobs = provInfo.Jobs
-	}
-
 	return &provisioningInfo{
 		Constraints:    provInfo.Constraints,
 		Series:         provInfo.Series,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/provisioner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/provisioner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/provisioner/provisioner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/provisioner/provisioner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,6 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
@@ -18,6 +17,7 @@
 	"github.com/juju/utils/set"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
@@ -192,7 +192,7 @@
 }
 
 func (s *CommonProvisionerSuite) startUnknownInstance(c *gc.C, id string) instance.Instance {
-	instance, _ := testing.AssertStartInstance(c, s.Environ, id)
+	instance, _ := testing.AssertStartInstance(c, s.Environ, s.ControllerConfig.ControllerUUID(), id)
 	select {
 	case o := <-s.op:
 		switch o := o.(type) {
@@ -738,7 +738,7 @@
 	s.checkNoOperations(c)
 }
 
-func (s *ProvisionerSuite) TestProvisioningDoesNotOccurForLXC(c *gc.C) {
+func (s *ProvisionerSuite) TestProvisioningDoesNotOccurForLXD(c *gc.C) {
 	p := s.newEnvironProvisioner(c)
 	defer stop(c, p)
 
@@ -752,7 +752,7 @@
 		Series: series.LatestLts(),
 		Jobs:   []state.MachineJob{state.JobHostUnits},
 	}
-	container, err := s.State.AddMachineInsideMachine(template, m.Id(), instance.LXC)
+	container, err := s.State.AddMachineInsideMachine(template, m.Id(), instance.LXD)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// the PA should not attempt to create it
@@ -932,7 +932,7 @@
 		c.Assert(classification, gc.Equals, t.classification)
 	}
 
-	machineIds := []string{"0/lxc/0", "0/kvm/0", "0"}
+	machineIds := []string{"0/kvm/0", "0"}
 	for _, id := range machineIds {
 		tests := machineClassificationTests
 		if id == "0" {
@@ -957,16 +957,13 @@
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Add 1 subnet into space1, and 2 into space2.
-	// Only the first subnet of space2 has AllocatableIPLow|High set.
 	// Each subnet is in a matching zone (e.g "subnet-#" in "zone#").
 	testing.AddSubnetsWithTemplate(c, s.State, 3, state.SubnetInfo{
-		CIDR:              "10.10.{{.}}.0/24",
-		ProviderId:        "subnet-{{.}}",
-		AllocatableIPLow:  "{{if (eq . 1)}}10.10.{{.}}.5{{end}}",
-		AllocatableIPHigh: "{{if (eq . 1)}}10.10.{{.}}.254{{end}}",
-		AvailabilityZone:  "zone{{.}}",
-		SpaceName:         "{{if (eq . 0)}}space1{{else}}space2{{end}}",
-		VLANTag:           42,
+		CIDR:             "10.10.{{.}}.0/24",
+		ProviderId:       "subnet-{{.}}",
+		AvailabilityZone: "zone{{.}}",
+		SpaceName:        "{{if (eq . 0)}}space1{{else}}space2{{end}}",
+		VLANTag:          42,
 	})
 
 	// Add and provision a machine with spaces specified.
@@ -1234,6 +1231,7 @@
 	retryStrategy := provisioner.NewRetryStrategy(0*time.Second, 0)
 
 	w, err := provisioner.NewProvisionerTask(
+		s.ControllerConfig.ControllerUUID(),
 		names.NewMachineTag("0"),
 		harvestingMethod,
 		machineGetter,
@@ -1375,7 +1373,14 @@
 			case <-thatsAllFolks:
 				return
 			case <-time.After(coretesting.ShortWait):
-				err := m3.SetStatus(status.StatusError, "info", map[string]interface{}{"transient": true})
+				now := time.Now()
+				sInfo := status.StatusInfo{
+					Status:  status.StatusError,
+					Message: "info",
+					Data:    map[string]interface{}{"transient": true},
+					Since:   &now,
+				}
+				err := m3.SetStatus(sInfo)
 				c.Assert(err, jc.ErrorIsNil)
 			}
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/proxyupdater/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/proxyupdater/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/proxyupdater/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/proxyupdater/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,24 +5,24 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/proxyupdater"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs a proxy updater worker,
 // using the api connection resource named in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
 // newWorker is not currently tested; it should eventually replace New as the
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/proxyupdater/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/proxyupdater/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/proxyupdater/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/proxyupdater/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,16 +4,16 @@
 package proxyupdater_test
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
+	"github.com/juju/juju/cmd/jujud/agent/engine/enginetest"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/proxyupdater"
 	proxyup "github.com/juju/juju/worker/proxyupdater"
-	workertesting "github.com/juju/juju/worker/testing"
 )
 
 type ManifoldSuite struct {
@@ -34,8 +34,8 @@
 }
 
 func (s *ManifoldSuite) TestMachineShouldWrite(c *gc.C) {
-	config := proxyup.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := proxyup.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		proxyup.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		nil)
@@ -44,8 +44,8 @@
 }
 
 func (s *ManifoldSuite) TestMachineShouldntWrite(c *gc.C) {
-	config := proxyup.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := proxyup.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		proxyup.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		nil)
@@ -54,8 +54,8 @@
 }
 
 func (s *ManifoldSuite) TestUnit(c *gc.C) {
-	config := proxyup.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := proxyup.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		proxyup.Manifold(config),
 		&fakeAgent{tag: names.NewUnitTag("foo/0")},
 		nil)
@@ -64,8 +64,8 @@
 }
 
 func (s *ManifoldSuite) TestNonAgent(c *gc.C) {
-	config := proxyup.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := proxyup.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		proxyup.Manifold(config),
 		&fakeAgent{tag: names.NewUserTag("foo")},
 		nil)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/reboot/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/reboot/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/reboot/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/reboot/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,31 +5,56 @@
 
 import (
 	"github.com/juju/errors"
+	"github.com/juju/utils/clock"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	cmdutil "github.com/juju/juju/cmd/jujud/util"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig struct {
+	AgentName       string
+	APICallerName   string
+	MachineLockName string
+	Clock           clock.Clock
+}
 
 // Manifold returns a dependency manifold that runs a reboot worker,
 // using the resource names defined in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	return dependency.Manifold{
+		Inputs: []string{
+			config.AgentName,
+			config.APICallerName,
+		},
+		Start: func(context dependency.Context) (worker.Worker, error) {
+			var agent agent.Agent
+			if err := context.Get(config.AgentName, &agent); err != nil {
+				return nil, err
+			}
+			var apiCaller base.APICaller
+			if err := context.Get(config.APICallerName, &apiCaller); err != nil {
+				return nil, err
+			}
+			if config.Clock == nil {
+				return nil, errors.NotValidf("missing Clock")
+			}
+			if config.MachineLockName == "" {
+				return nil, errors.NotValidf("missing MachineLockName")
+			}
+			return newWorker(agent, apiCaller, config.MachineLockName, config.Clock)
+		},
+	}
 }
 
-// newWorker trivially wraps NewReboot for use in a util.AgentApiManifold.
+// newWorker starts a new reboot worker.
 //
 // TODO(mjs) - It's not tested at the moment, because the scaffolding
 // necessary is too unwieldy/distracting to introduce at this point.
-func newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
+func newWorker(a agent.Agent, apiCaller base.APICaller, machineLockName string, clock clock.Clock) (worker.Worker, error) {
 	apiConn, ok := apiCaller.(api.Connection)
 	if !ok {
 		return nil, errors.New("unable to obtain api.Connection")
@@ -38,11 +63,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	lock, err := cmdutil.HookExecutionLock(cmdutil.DataDir)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	w, err := NewReboot(rebootState, a.CurrentConfig(), lock)
+	w, err := NewReboot(rebootState, a.CurrentConfig(), machineLockName, clock)
 	if err != nil {
 		return nil, errors.Annotate(err, "cannot start reboot worker")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/reboot/reboot.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/reboot/reboot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/reboot/reboot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/reboot/reboot.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,10 +1,16 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot
 
 import (
+	"time"
+
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
-	"github.com/juju/utils/fslock"
+	"github.com/juju/mutex"
+	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/agent"
@@ -16,29 +22,29 @@
 
 var logger = loggo.GetLogger("juju.worker.reboot")
 
-const RebootMessage = "preparing for reboot"
-
 // The reboot worker listens for changes to the reboot flag and
 // exists with worker.ErrRebootMachine if the machine should reboot or
 // with worker.ErrShutdownMachine if it should shutdown. This will be picked
 // up by the machine agent as a fatal error and will do the
 // right thing (reboot or shutdown)
 type Reboot struct {
-	tomb        tomb.Tomb
-	st          reboot.State
-	tag         names.MachineTag
-	machineLock *fslock.Lock
+	tomb            tomb.Tomb
+	st              reboot.State
+	tag             names.MachineTag
+	machineLockName string
+	clock           clock.Clock
 }
 
-func NewReboot(st reboot.State, agentConfig agent.Config, machineLock *fslock.Lock) (worker.Worker, error) {
+func NewReboot(st reboot.State, agentConfig agent.Config, machineLockName string, clock clock.Clock) (worker.Worker, error) {
 	tag, ok := agentConfig.Tag().(names.MachineTag)
 	if !ok {
 		return nil, errors.Errorf("Expected names.MachineTag, got %T: %v", agentConfig.Tag(), agentConfig.Tag())
 	}
 	r := &Reboot{
-		st:          st,
-		tag:         tag,
-		machineLock: machineLock,
+		st:              st,
+		tag:             tag,
+		machineLockName: machineLockName,
+		clock:           clock,
 	}
 	w, err := watcher.NewNotifyWorker(watcher.NotifyConfig{
 		Handler: r,
@@ -46,24 +52,7 @@
 	return w, errors.Trace(err)
 }
 
-func (r *Reboot) checkForRebootState() error {
-	if r.machineLock.IsLocked() == false {
-		return nil
-	}
-
-	if r.machineLock.Message() == RebootMessage {
-		// Not a lock held by the machne agent in order to reboot
-		if err := r.machineLock.BreakLock(); err != nil {
-			return errors.Trace(err)
-		}
-	}
-	return nil
-}
-
 func (r *Reboot) SetUp() (watcher.NotifyWatcher, error) {
-	if err := r.checkForRebootState(); err != nil {
-		return nil, errors.Trace(err)
-	}
 	watcher, err := r.st.WatchForRebootEvent()
 	return watcher, errors.Trace(err)
 }
@@ -74,15 +63,29 @@
 		return errors.Trace(err)
 	}
 	logger.Debugf("Reboot worker got action: %v", rAction)
+	// NOTE: Here we explicitly avoid stopping on the abort channel as we are
+	// wanting to make sure that we grab the lock and return an error
+	// sufficiently heavyweight to get the agent to restart.
+	spec := mutex.Spec{
+		Name:  r.machineLockName,
+		Clock: r.clock,
+		Delay: 250 * time.Millisecond,
+	}
+
 	switch rAction {
 	case params.ShouldReboot:
-		r.machineLock.Lock(RebootMessage)
+		if _, err := mutex.Acquire(spec); err != nil {
+			return errors.Trace(err)
+		}
 		return worker.ErrRebootMachine
 	case params.ShouldShutdown:
-		r.machineLock.Lock(RebootMessage)
+		if _, err := mutex.Acquire(spec); err != nil {
+			return errors.Trace(err)
+		}
 		return worker.ErrShutdownMachine
+	default:
+		return nil
 	}
-	return nil
 }
 
 func (r *Reboot) TearDown() error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/reboot/reboot_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/reboot/reboot_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/reboot/reboot_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/reboot/reboot_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,11 +1,15 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package reboot_test
 
 import (
 	stdtesting "testing"
+	"time"
 
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
-	"github.com/juju/utils/fslock"
+	"github.com/juju/utils/clock"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
 
@@ -39,8 +43,8 @@
 	ct            *state.Machine
 	ctRebootState apireboot.State
 
-	lock       *fslock.Lock
-	lockReboot *fslock.Lock
+	lockName string
+	clock    clock.Clock
 }
 
 var _ = gc.Suite(&rebootSuite{})
@@ -74,9 +78,8 @@
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(s.ctRebootState, gc.NotNil)
 
-	lock, err := fslock.NewLock(c.MkDir(), "fake", fslock.Defaults())
-	c.Assert(err, jc.ErrorIsNil)
-	s.lock = lock
+	s.lockName = "reboot-test"
+	s.clock = &fakeClock{delay: time.Millisecond}
 }
 
 func (s *rebootSuite) TearDownTest(c *gc.C) {
@@ -84,14 +87,14 @@
 }
 
 func (s *rebootSuite) TestStartStop(c *gc.C) {
-	worker, err := reboot.NewReboot(s.rebootState, s.AgentConfigForTag(c, s.machine.Tag()), s.lock)
+	worker, err := reboot.NewReboot(s.rebootState, s.AgentConfigForTag(c, s.machine.Tag()), s.lockName, s.clock)
 	c.Assert(err, jc.ErrorIsNil)
 	worker.Kill()
 	c.Assert(worker.Wait(), gc.IsNil)
 }
 
 func (s *rebootSuite) TestWorkerCatchesRebootEvent(c *gc.C) {
-	wrk, err := reboot.NewReboot(s.rebootState, s.AgentConfigForTag(c, s.machine.Tag()), s.lock)
+	wrk, err := reboot.NewReboot(s.rebootState, s.AgentConfigForTag(c, s.machine.Tag()), s.lockName, s.clock)
 	c.Assert(err, jc.ErrorIsNil)
 	err = s.rebootState.RequestReboot()
 	c.Assert(err, jc.ErrorIsNil)
@@ -99,20 +102,18 @@
 }
 
 func (s *rebootSuite) TestContainerCatchesParentFlag(c *gc.C) {
-	wrk, err := reboot.NewReboot(s.ctRebootState, s.AgentConfigForTag(c, s.ct.Tag()), s.lock)
+	wrk, err := reboot.NewReboot(s.ctRebootState, s.AgentConfigForTag(c, s.ct.Tag()), s.lockName, s.clock)
 	c.Assert(err, jc.ErrorIsNil)
 	err = s.rebootState.RequestReboot()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(wrk.Wait(), gc.Equals, worker.ErrShutdownMachine)
 }
 
-func (s *rebootSuite) TestCleanupIsDoneOnBoot(c *gc.C) {
-	s.lock.Lock(reboot.RebootMessage)
-
-	wrk, err := reboot.NewReboot(s.rebootState, s.AgentConfigForTag(c, s.machine.Tag()), s.lock)
-	c.Assert(err, jc.ErrorIsNil)
-	wrk.Kill()
-	c.Assert(wrk.Wait(), gc.IsNil)
+type fakeClock struct {
+	clock.Clock
+	delay time.Duration
+}
 
-	c.Assert(s.lock.IsLocked(), jc.IsFalse)
+func (f *fakeClock) After(time.Duration) <-chan time.Time {
+	return time.After(f.delay)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/resumer/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/resumer/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/resumer/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/resumer/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,26 +5,26 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apiagent "github.com/juju/juju/api/agent"
 	"github.com/juju/juju/api/base"
 	apiresumer "github.com/juju/juju/api/resumer"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs a resumer worker,
 // using the api connection resource named in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
 func newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/resumer/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/resumer/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/resumer/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/resumer/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,20 +4,20 @@
 package resumer_test
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	apiagent "github.com/juju/juju/api/agent"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/jujud/agent/engine/enginetest"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 	resumer "github.com/juju/juju/worker/resumer"
-	workertesting "github.com/juju/juju/worker/testing"
 )
 
 type ManifoldSuite struct {
@@ -38,8 +38,8 @@
 }
 
 func (s *ManifoldSuite) TestMachine(c *gc.C) {
-	config := resumer.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := resumer.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		resumer.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		&fakeAPIConn{machineJob: multiwatcher.JobManageModel})
@@ -48,8 +48,8 @@
 }
 
 func (s *ManifoldSuite) TestMachineNonManagerErrors(c *gc.C) {
-	config := resumer.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := resumer.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		resumer.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		&fakeAPIConn{machineJob: multiwatcher.JobHostUnits})
@@ -58,8 +58,8 @@
 }
 
 func (s *ManifoldSuite) TestUnitErrors(c *gc.C) {
-	config := resumer.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := resumer.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		resumer.Manifold(config),
 		&fakeAgent{tag: names.NewUnitTag("foo/0")},
 		&fakeAPIConn{})
@@ -68,8 +68,8 @@
 }
 
 func (s *ManifoldSuite) TestNonAgentErrors(c *gc.C) {
-	config := resumer.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := resumer.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		resumer.Manifold(config),
 		&fakeAgent{tag: names.NewUserTag("foo")},
 		&fakeAPIConn{})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/fixture_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/fixture_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/fixture_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/fixture_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	coretesting "github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/apiserver/params"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
@@ -26,11 +26,11 @@
 // Manifold returns a dependency manifold that runs a hook retry strategy worker,
 // using the agent name and the api connection resources named in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig{
+	typedConfig := engine.AgentApiManifoldConfig{
 		AgentName:     config.AgentName,
 		APICallerName: config.APICallerName,
 	}
-	manifold := util.AgentApiManifold(typedConfig, config.start)
+	manifold := engine.AgentApiManifold(typedConfig, config.start)
 	manifold.Output = config.output
 	return manifold
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/retrystrategy/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/retrystrategy/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/watcher"
 	"github.com/juju/juju/worker"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // Facade defines the capabilities required by the worker from the API.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/runner.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/runner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/runner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/runner.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,26 +7,13 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/loggo"
 	"launchpad.net/tomb"
 )
 
-var logger = loggo.GetLogger("juju.worker")
-
 // RestartDelay holds the length of time that a worker
 // will wait between exiting and restarting.
 const RestartDelay = 3 * time.Second
 
-// Worker is implemented by a running worker.
-type Worker interface {
-	// Kill asks the worker to stop without necessarily
-	// waiting for it to do so.
-	Kill()
-	// Wait waits for the worker to exit and returns any
-	// error encountered when it was running.
-	Wait() error
-}
-
 // Runner is implemented by instances capable of starting and stopping workers.
 type Runner interface {
 	Worker
@@ -133,12 +120,6 @@
 	runner.tomb.Kill(nil)
 }
 
-// Stop kills the given worker and waits for it to exit.
-func Stop(worker Worker) error {
-	worker.Kill()
-	return worker.Wait()
-}
-
 type workerInfo struct {
 	start        func() (Worker, error)
 	worker       Worker
@@ -281,44 +262,3 @@
 	logger.Infof("stopped %q, err: %v", id, err)
 	runner.donec <- doneInfo{id, err}
 }
-
-// Workers is an order-preserving registry of worker factory functions.
-type Workers struct {
-	ids   []string
-	funcs map[string]func() (Worker, error)
-}
-
-// NewWorkers returns a new Workers.
-func NewWorkers() Workers {
-	return Workers{
-		funcs: make(map[string]func() (Worker, error)),
-	}
-}
-
-// IDs returns the list of registered worker IDs.
-func (r Workers) IDs() []string {
-	ids := make([]string, len(r.ids))
-	copy(ids, r.ids)
-	return ids
-}
-
-// Add registered the factory function for the identified worker.
-func (r *Workers) Add(id string, newWorker func() (Worker, error)) error {
-	if _, ok := r.funcs[id]; ok {
-		return errors.Errorf("worker %q already registered", id)
-	}
-	r.funcs[id] = newWorker
-	r.ids = append(r.ids, id)
-	return nil
-}
-
-// Start starts all the registered workers under the given runner.
-func (r *Workers) Start(runner Runner) error {
-	for _, id := range r.ids {
-		newWorker := r.funcs[id]
-		if err := runner.StartWorker(id, newWorker); err != nil {
-			return errors.Annotatef(err, "worker %q failed to start", id)
-		}
-	}
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/runner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/runner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/runner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/runner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,30 +5,24 @@
 
 import (
 	"fmt"
-	"sort"
 	"sync/atomic"
 	"time"
 
 	"github.com/juju/errors"
-	gitjujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/testing"
 	"github.com/juju/juju/worker"
-	workertesting "github.com/juju/juju/worker/testing"
 )
 
-var (
-	_ = gc.Suite(&runnerSuite{})
-	_ = gc.Suite(&workersSuite{})
-)
-
-type runnerSuite struct {
+type RunnerSuite struct {
 	testing.BaseSuite
 }
 
+var _ = gc.Suite(&RunnerSuite{})
+
 func noneFatal(error) bool {
 	return false
 }
@@ -41,7 +35,7 @@
 	return false
 }
 
-func (*runnerSuite) TestOneWorkerStart(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerStart(c *gc.C) {
 	runner := worker.NewRunner(noneFatal, noImportance, time.Millisecond)
 	starter := newTestWorkerStarter()
 	err := runner.StartWorker("id", testWorkerStart(starter))
@@ -52,7 +46,7 @@
 	starter.assertStarted(c, false)
 }
 
-func (*runnerSuite) TestOneWorkerFinish(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerFinish(c *gc.C) {
 	runner := worker.NewRunner(noneFatal, noImportance, time.Millisecond)
 	starter := newTestWorkerStarter()
 	err := runner.StartWorker("id", testWorkerStart(starter))
@@ -66,7 +60,7 @@
 	c.Assert(worker.Stop(runner), gc.IsNil)
 }
 
-func (*runnerSuite) TestOneWorkerRestart(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerRestart(c *gc.C) {
 	runner := worker.NewRunner(noneFatal, noImportance, time.Millisecond)
 	starter := newTestWorkerStarter()
 	err := runner.StartWorker("id", testWorkerStart(starter))
@@ -84,7 +78,7 @@
 	starter.assertStarted(c, false)
 }
 
-func (*runnerSuite) TestOneWorkerStartFatalError(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerStartFatalError(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, time.Millisecond)
 	starter := newTestWorkerStarter()
 	starter.startErr = errors.New("cannot start test task")
@@ -94,7 +88,7 @@
 	c.Assert(err, gc.Equals, starter.startErr)
 }
 
-func (*runnerSuite) TestOneWorkerDieFatalError(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerDieFatalError(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, time.Millisecond)
 	starter := newTestWorkerStarter()
 	err := runner.StartWorker("id", testWorkerStart(starter))
@@ -107,7 +101,7 @@
 	starter.assertStarted(c, false)
 }
 
-func (*runnerSuite) TestOneWorkerStartStop(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerStartStop(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, time.Millisecond)
 	starter := newTestWorkerStarter()
 	err := runner.StartWorker("id", testWorkerStart(starter))
@@ -119,7 +113,7 @@
 	c.Assert(worker.Stop(runner), gc.IsNil)
 }
 
-func (*runnerSuite) TestOneWorkerStopFatalError(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerStopFatalError(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, time.Millisecond)
 	starter := newTestWorkerStarter()
 	starter.stopErr = errors.New("stop error")
@@ -132,7 +126,7 @@
 	c.Assert(err, gc.Equals, starter.stopErr)
 }
 
-func (*runnerSuite) TestOneWorkerStartWhenStopping(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerStartWhenStopping(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, 3*time.Second)
 	starter := newTestWorkerStarter()
 	starter.stopWait = make(chan struct{})
@@ -158,7 +152,7 @@
 	c.Assert(worker.Stop(runner), gc.IsNil)
 }
 
-func (*runnerSuite) TestOneWorkerRestartDelay(c *gc.C) {
+func (*RunnerSuite) TestOneWorkerRestartDelay(c *gc.C) {
 	const delay = 100 * time.Millisecond
 	runner := worker.NewRunner(noneFatal, noImportance, delay)
 	starter := newTestWorkerStarter()
@@ -182,7 +176,7 @@
 	return fmt.Sprintf("error with importance %d", e)
 }
 
-func (*runnerSuite) TestErrorImportance(c *gc.C) {
+func (*RunnerSuite) TestErrorImportance(c *gc.C) {
 	moreImportant := func(err0, err1 error) bool {
 		return err0.(errorLevel) > err1.(errorLevel)
 	}
@@ -200,19 +194,19 @@
 	c.Assert(err, gc.Equals, errorLevel(9))
 }
 
-func (*runnerSuite) TestStartWorkerWhenDead(c *gc.C) {
+func (*RunnerSuite) TestStartWorkerWhenDead(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, time.Millisecond)
 	c.Assert(worker.Stop(runner), gc.IsNil)
 	c.Assert(runner.StartWorker("foo", nil), gc.Equals, worker.ErrDead)
 }
 
-func (*runnerSuite) TestStopWorkerWhenDead(c *gc.C) {
+func (*RunnerSuite) TestStopWorkerWhenDead(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, time.Millisecond)
 	c.Assert(worker.Stop(runner), gc.IsNil)
 	c.Assert(runner.StopWorker("foo"), gc.Equals, worker.ErrDead)
 }
 
-func (*runnerSuite) TestAllWorkersStoppedWhenOneDiesWithFatalError(c *gc.C) {
+func (*RunnerSuite) TestAllWorkersStoppedWhenOneDiesWithFatalError(c *gc.C) {
 	runner := worker.NewRunner(allFatal, noImportance, time.Millisecond)
 	var starters []*testWorkerStarter
 	for i := 0; i < 10; i++ {
@@ -233,7 +227,7 @@
 	}
 }
 
-func (*runnerSuite) TestFatalErrorWhileStarting(c *gc.C) {
+func (*RunnerSuite) TestFatalErrorWhileStarting(c *gc.C) {
 	// Original deadlock problem that this tests for:
 	// A worker dies with fatal error while another worker
 	// is inside start(). runWorker can't send startInfo on startedc.
@@ -270,7 +264,7 @@
 	c.Assert(err, gc.Equals, fatalStarter.startErr)
 }
 
-func (*runnerSuite) TestFatalErrorWhileSelfStartWorker(c *gc.C) {
+func (*RunnerSuite) TestFatalErrorWhileSelfStartWorker(c *gc.C) {
 	// Original deadlock problem that this tests for:
 	// A worker tries to call StartWorker in its start function
 	// at the same time another worker dies with a fatal error.
@@ -353,7 +347,7 @@
 	select {
 	case isStarted := <-starter.startNotify:
 		c.Assert(isStarted, gc.Equals, started)
-	case <-time.After(1 * time.Second):
+	case <-time.After(testing.LongWait):
 		c.Fatalf("timed out waiting for start notification")
 	}
 }
@@ -419,92 +413,3 @@
 		panic(fmt.Errorf("unexpected start count %d; expected 0", count))
 	}
 }
-
-type workersSuite struct {
-	testing.BaseSuite
-
-	calls []string
-	stub  *gitjujutesting.Stub
-}
-
-func (s *workersSuite) SetUpTest(c *gc.C) {
-	s.BaseSuite.SetUpTest(c)
-
-	s.stub = &gitjujutesting.Stub{}
-	s.calls = nil
-}
-
-func (s *workersSuite) newWorkerFunc(id string) func() (worker.Worker, error) {
-	return func() (worker.Worker, error) {
-		s.calls = append(s.calls, id)
-		return nil, nil
-	}
-}
-
-func (*workersSuite) TestIDsOkay(c *gc.C) {
-	newWorker := func() (worker.Worker, error) { return nil, nil }
-
-	workers := worker.NewWorkers()
-	err := workers.Add("spam", newWorker)
-	c.Assert(err, jc.ErrorIsNil)
-	err = workers.Add("eggs", newWorker)
-	c.Assert(err, jc.ErrorIsNil)
-	ids := workers.IDs()
-
-	c.Check(ids, jc.DeepEquals, []string{"spam", "eggs"})
-}
-
-func (*workersSuite) TestIDsEmpty(c *gc.C) {
-	workers := worker.NewWorkers()
-	ids := workers.IDs()
-
-	c.Check(ids, gc.HasLen, 0)
-}
-
-func (*workersSuite) TestAddAlreadyRegistered(c *gc.C) {
-	newWorker := func() (worker.Worker, error) { return nil, nil }
-
-	workers := worker.NewWorkers()
-	err := workers.Add("spam", newWorker)
-	c.Assert(err, jc.ErrorIsNil)
-	err = workers.Add("spam", newWorker)
-
-	c.Check(err, gc.ErrorMatches, `.*already registered.*`)
-}
-
-func (s *workersSuite) TestStartOkay(c *gc.C) {
-	runner := workertesting.NewStubRunner(s.stub)
-	runner.CallWhenStarted = true
-
-	workers := worker.NewWorkers()
-	expected := []string{"spam", "eggs", "ham"}
-	for _, id := range expected {
-		err := workers.Add(id, s.newWorkerFunc(id))
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	err := workers.Start(runner)
-	c.Assert(err, jc.ErrorIsNil)
-
-	// We would use s.stub.CheckCalls if functions could be compared...
-	runner.CheckCallIDs(c, "StartWorker", expected...)
-	sort.Strings(s.calls)
-	sort.Strings(expected)
-	c.Check(s.calls, jc.DeepEquals, expected)
-}
-
-func (s *workersSuite) TestStartError(c *gc.C) {
-	runner := workertesting.NewStubRunner(s.stub)
-	failure := errors.Errorf("<failed>")
-	s.stub.SetErrors(nil, failure)
-
-	workers := worker.NewWorkers()
-	expected := []string{"spam", "eggs", "ham"}
-	for _, id := range expected {
-		err := workers.Add(id, s.newWorkerFunc(id))
-		c.Assert(err, jc.ErrorIsNil)
-	}
-	err := workers.Start(runner)
-
-	s.stub.CheckCallNames(c, "StartWorker", "StartWorker")
-	c.Check(errors.Cause(err), gc.Equals, failure)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/fixture_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/fixture_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/fixture_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/fixture_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,106 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"time"
-
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/juju/watcher"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/servicescaler"
-	"github.com/juju/juju/worker/workertest"
-)
-
-// fixture is used to test the operation of a servicescaler worker.
-type fixture struct {
-	testing.Stub
-}
-
-func newFixture(c *gc.C, callErrors ...error) *fixture {
-	fix := &fixture{}
-	fix.SetErrors(callErrors...)
-	return fix
-}
-
-// Run will create a servicescaler worker; start recording the calls
-// it makes; and pass it to the supplied test func, which will be invoked
-// on a new goroutine. If Run returns, it is safe to inspect the recorded
-// calls via the embedded testing.Stub.
-func (fix *fixture) Run(c *gc.C, test func(worker.Worker)) {
-	stubFacade := newFacade(&fix.Stub)
-	scaler, err := servicescaler.New(servicescaler.Config{
-		Facade: stubFacade,
-	})
-	c.Assert(err, jc.ErrorIsNil)
-
-	done := make(chan struct{})
-	go func() {
-		defer close(done)
-		defer worker.Stop(scaler)
-		test(scaler)
-	}()
-	select {
-	case <-done:
-	case <-time.After(coretesting.LongWait):
-		c.Fatalf("test func timed out")
-	}
-}
-
-// stubFacade implements servicescaler.Facade and records calls to its
-// interface methods.
-type stubFacade struct {
-	stub    *testing.Stub
-	watcher *stubWatcher
-}
-
-func newFacade(stub *testing.Stub) *stubFacade {
-	return &stubFacade{
-		stub:    stub,
-		watcher: newStubWatcher(),
-	}
-}
-
-// Watch is part of the servicescaler.Facade interface.
-func (facade *stubFacade) Watch() (watcher.StringsWatcher, error) {
-	facade.stub.AddCall("Watch")
-	err := facade.stub.NextErr()
-	if err != nil {
-		return nil, err
-	}
-	return facade.watcher, nil
-}
-
-// Rescale is part of the servicescaler.Facade interface.
-func (facade *stubFacade) Rescale(serviceNames []string) error {
-	facade.stub.AddCall("Rescale", serviceNames)
-	return facade.stub.NextErr()
-}
-
-// stubWatcher implements watcher.StringsWatcher and supplied canned
-// data over the Changes() channel.
-type stubWatcher struct {
-	worker.Worker
-	changes chan []string
-}
-
-func newStubWatcher() *stubWatcher {
-	changes := make(chan []string, 3)
-	changes <- []string{"expected", "first"}
-	changes <- []string{"expected", "second"}
-	changes <- []string{"unexpected?"}
-	return &stubWatcher{
-		Worker:  workertest.NewErrorWorker(nil),
-		changes: changes,
-	}
-}
-
-// Changes is part of the watcher.StringsWatcher interface.
-func (stubWatcher *stubWatcher) Changes() watcher.StringsChannel {
-	return stubWatcher.changes
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/manifold.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,40 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-)
-
-// ManifoldConfig holds dependencies and configuration for a
-// servicescaler worker.
-type ManifoldConfig struct {
-	APICallerName string
-	NewFacade     func(base.APICaller) (Facade, error)
-	NewWorker     func(Config) (worker.Worker, error)
-}
-
-// start is a method on ManifoldConfig because that feels a bit cleaner
-// than closing over config in Manifold.
-func (config ManifoldConfig) start(apiCaller base.APICaller) (worker.Worker, error) {
-	facade, err := config.NewFacade(apiCaller)
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return config.NewWorker(Config{
-		Facade: facade,
-	})
-}
-
-// Manifold returns a dependency.Manifold that runs a servicescaler worker.
-func Manifold(config ManifoldConfig) dependency.Manifold {
-	return util.ApiManifold(
-		util.ApiManifoldConfig{config.APICallerName},
-		config.start,
-	)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/manifold_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,120 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	dt "github.com/juju/juju/worker/dependency/testing"
-	"github.com/juju/juju/worker/servicescaler"
-)
-
-type ManifoldSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&ManifoldSuite{})
-
-func (s *ManifoldSuite) TestInputs(c *gc.C) {
-	manifold := servicescaler.Manifold(servicescaler.ManifoldConfig{
-		APICallerName: "washington the terrible",
-	})
-	c.Check(manifold.Inputs, jc.DeepEquals, []string{"washington the terrible"})
-}
-
-func (s *ManifoldSuite) TestOutput(c *gc.C) {
-	manifold := servicescaler.Manifold(servicescaler.ManifoldConfig{})
-	c.Check(manifold.Output, gc.IsNil)
-}
-
-func (s *ManifoldSuite) TestStartMissingAPICaller(c *gc.C) {
-	manifold := servicescaler.Manifold(servicescaler.ManifoldConfig{
-		APICallerName: "api-caller",
-	})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"api-caller": dependency.ErrMissing,
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(errors.Cause(err), gc.Equals, dependency.ErrMissing)
-	c.Check(worker, gc.IsNil)
-}
-
-func (s *ManifoldSuite) TestStartFacadeError(c *gc.C) {
-	expectCaller := &fakeCaller{}
-	manifold := servicescaler.Manifold(servicescaler.ManifoldConfig{
-		APICallerName: "api-caller",
-		NewFacade: func(apiCaller base.APICaller) (servicescaler.Facade, error) {
-			c.Check(apiCaller, gc.Equals, expectCaller)
-			return nil, errors.New("blort")
-		},
-	})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"api-caller": expectCaller,
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(err, gc.ErrorMatches, "blort")
-	c.Check(worker, gc.IsNil)
-}
-
-func (s *ManifoldSuite) TestStartWorkerError(c *gc.C) {
-	expectFacade := &fakeFacade{}
-	manifold := servicescaler.Manifold(servicescaler.ManifoldConfig{
-		APICallerName: "api-caller",
-		NewFacade: func(_ base.APICaller) (servicescaler.Facade, error) {
-			return expectFacade, nil
-		},
-		NewWorker: func(config servicescaler.Config) (worker.Worker, error) {
-			c.Check(config.Validate(), jc.ErrorIsNil)
-			c.Check(config.Facade, gc.Equals, expectFacade)
-			return nil, errors.New("splot")
-		},
-	})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"api-caller": &fakeCaller{},
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(err, gc.ErrorMatches, "splot")
-	c.Check(worker, gc.IsNil)
-}
-
-func (s *ManifoldSuite) TestSuccess(c *gc.C) {
-	expectWorker := &fakeWorker{}
-	manifold := servicescaler.Manifold(servicescaler.ManifoldConfig{
-		APICallerName: "api-caller",
-		NewFacade: func(_ base.APICaller) (servicescaler.Facade, error) {
-			return &fakeFacade{}, nil
-		},
-		NewWorker: func(_ servicescaler.Config) (worker.Worker, error) {
-			return expectWorker, nil
-		},
-	})
-	context := dt.StubContext(nil, map[string]interface{}{
-		"api-caller": &fakeCaller{},
-	})
-
-	worker, err := manifold.Start(context)
-	c.Check(err, jc.ErrorIsNil)
-	c.Check(worker, gc.Equals, expectWorker)
-}
-
-type fakeCaller struct {
-	base.APICaller
-}
-
-type fakeFacade struct {
-	servicescaler.Facade
-}
-
-type fakeWorker struct {
-	worker.Worker
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/package_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/shim.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/shim.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,19 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler
-
-import (
-	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/api/servicescaler"
-	"github.com/juju/juju/api/watcher"
-)
-
-// NewFacade creates a Facade from a base.APICaller.
-// It's a sensible value for ManifoldConfig.NewFacade.
-func NewFacade(apiCaller base.APICaller) (Facade, error) {
-	return servicescaler.NewAPI(
-		apiCaller,
-		watcher.NewStringsWatcher,
-	), nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/worker.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,70 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler
-
-import (
-	"github.com/juju/errors"
-
-	"github.com/juju/juju/watcher"
-	"github.com/juju/juju/worker"
-)
-
-// Facade defines the capabilities required by the worker.
-type Facade interface {
-
-	// Watch returns a StringsWatcher reporting names of
-	// services which may have insufficient units.
-	Watch() (watcher.StringsWatcher, error)
-
-	// Rescale scales up any named service observed to be
-	// running too few units.
-	Rescale(services []string) error
-}
-
-// Config defines a worker's dependencies.
-type Config struct {
-	Facade Facade
-}
-
-// Validate returns an error if the config can't be expected
-// to run a functional worker.
-func (config Config) Validate() error {
-	if config.Facade == nil {
-		return errors.NotValidf("nil Facade")
-	}
-	return nil
-}
-
-// New returns a worker that will attempt to rescale any
-// services that might be undersized.
-func New(config Config) (worker.Worker, error) {
-	if err := config.Validate(); err != nil {
-		return nil, errors.Trace(err)
-	}
-	swConfig := watcher.StringsConfig{
-		Handler: &handler{config},
-	}
-	return watcher.NewStringsWorker(swConfig)
-}
-
-// handler implements watcher.StringsHandler, backed by the
-// configured facade.
-type handler struct {
-	config Config
-}
-
-// SetUp is part of the watcher.StringsHandler interface.
-func (handler *handler) SetUp() (watcher.StringsWatcher, error) {
-	return handler.config.Facade.Watch()
-}
-
-// Handle is part of the watcher.StringsHandler interface.
-func (handler *handler) Handle(_ <-chan struct{}, services []string) error {
-	return handler.config.Facade.Rescale(services)
-}
-
-// TearDown is part of the watcher.StringsHandler interface.
-func (handler *handler) TearDown() error {
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/servicescaler/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/servicescaler/worker_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,61 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package servicescaler_test
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/servicescaler"
-)
-
-type WorkerSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&WorkerSuite{})
-
-func (s *WorkerSuite) TestValidate(c *gc.C) {
-	config := servicescaler.Config{}
-	check := func(err error) {
-		c.Check(err, gc.ErrorMatches, "nil Facade not valid")
-		c.Check(err, jc.Satisfies, errors.IsNotValid)
-	}
-
-	err := config.Validate()
-	check(err)
-
-	worker, err := servicescaler.New(config)
-	check(err)
-	c.Check(worker, gc.IsNil)
-}
-
-func (s *WorkerSuite) TestWatchError(c *gc.C) {
-	fix := newFixture(c, errors.New("zap ouch"))
-	fix.Run(c, func(worker worker.Worker) {
-		err := worker.Wait()
-		c.Check(err, gc.ErrorMatches, "zap ouch")
-	})
-	fix.CheckCallNames(c, "Watch")
-}
-
-func (s *WorkerSuite) TestRescaleThenError(c *gc.C) {
-	fix := newFixture(c, nil, nil, errors.New("pew squish"))
-	fix.Run(c, func(worker worker.Worker) {
-		err := worker.Wait()
-		c.Check(err, gc.ErrorMatches, "pew squish")
-	})
-	fix.CheckCalls(c, []testing.StubCall{{
-		FuncName: "Watch",
-	}, {
-		FuncName: "Rescale",
-		Args:     []interface{}{[]string{"expected", "first"}},
-	}, {
-		FuncName: "Rescale",
-		Args:     []interface{}{[]string{"expected", "second"}},
-	}})
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/fixture_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/fixture_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/fixture_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/fixture_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,11 +9,11 @@
 	"github.com/juju/errors"
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 )
 
 // ManifoldConfig holds the information necessary to run a FlagWorker in
@@ -66,7 +66,7 @@
 }
 
 // Manifold returns a dependency.Manifold that will run a FlagWorker and
-// expose it to clients as a util.Flag resource.
+// expose it to clients as a engine.Flag resource.
 func Manifold(config ManifoldConfig) dependency.Manifold {
 	return dependency.Manifold{
 		Inputs: []string{
@@ -75,6 +75,6 @@
 			config.AgentName,
 		},
 		Start:  config.start,
-		Output: util.FlagOutput,
+		Output: engine.FlagOutput,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,13 +7,13 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
@@ -39,7 +39,7 @@
 
 func (s *ManifoldSuite) TestOutputBadWorker(c *gc.C) {
 	manifold := singular.Manifold(singular.ManifoldConfig{})
-	var out util.Flag
+	var out engine.Flag
 	err := manifold.Output(&fakeWorker{}, &out)
 	c.Check(err, gc.ErrorMatches, `expected in to implement Flag; got a .*`)
 	c.Check(out, gc.IsNil)
@@ -60,7 +60,7 @@
 	manifold := singular.Manifold(singular.ManifoldConfig{})
 	fix := newFixture(c)
 	fix.Run(c, func(flag *singular.FlagWorker, _ *coretesting.Clock, _ func()) {
-		var out util.Flag
+		var out engine.Flag
 		err := manifold.Output(flag, &out)
 		c.Check(err, jc.ErrorIsNil)
 		c.Check(out, gc.Equals, flag)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/shim.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/shim.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/singular/shim.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/singular/shim.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/singular"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/stateconfigwatcher/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/stateconfigwatcher/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/stateconfigwatcher/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/stateconfigwatcher/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/voyeur"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/agent"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/stateconfigwatcher/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/stateconfigwatcher/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/stateconfigwatcher/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/stateconfigwatcher/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"sync"
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	"github.com/juju/utils/voyeur"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	coreagent "github.com/juju/juju/agent"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/statushistorypruner/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/statushistorypruner/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/statushistorypruner/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/statushistorypruner/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,9 +17,10 @@
 // ManifoldConfig describes the resources and configuration on which the
 // statushistorypruner worker depends.
 type ManifoldConfig struct {
-	APICallerName    string
-	MaxLogsPerEntity uint
-	PruneInterval    time.Duration
+	APICallerName  string
+	MaxHistoryTime time.Duration
+	MaxHistoryMB   uint
+	PruneInterval  time.Duration
 	// TODO(fwereade): 2016-03-17 lp:1558657
 	NewTimer worker.NewTimerFunc
 }
@@ -36,10 +37,11 @@
 
 			facade := statushistory.NewFacade(apiCaller)
 			prunerConfig := Config{
-				Facade:           facade,
-				MaxLogsPerEntity: config.MaxLogsPerEntity,
-				PruneInterval:    config.PruneInterval,
-				NewTimer:         config.NewTimer,
+				Facade:         facade,
+				MaxHistoryTime: config.MaxHistoryTime,
+				MaxHistoryMB:   config.MaxHistoryMB,
+				PruneInterval:  config.PruneInterval,
+				NewTimer:       config.NewTimer,
 			}
 			w, err := New(prunerConfig)
 			if err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/statushistorypruner/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/statushistorypruner/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/statushistorypruner/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/statushistorypruner/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,23 +11,17 @@
 	"github.com/juju/juju/worker"
 )
 
-// HistoryPrunerParams specifies how history logs should be prunned.
-type HistoryPrunerParams struct {
-	// TODO(perrito666) We might want to have some sort of limitation of the collection size too.
-	MaxLogsPerEntity int
-	PruneInterval    time.Duration
-}
-
 // Facade represents an API that implements status history pruning.
 type Facade interface {
-	Prune(int) error
+	Prune(time.Duration, int) error
 }
 
 // Config holds all necessary attributes to start a pruner worker.
 type Config struct {
-	Facade           Facade
-	MaxLogsPerEntity uint
-	PruneInterval    time.Duration
+	Facade         Facade
+	MaxHistoryTime time.Duration
+	MaxHistoryMB   uint
+	PruneInterval  time.Duration
 	// TODO(fwereade): 2016-03-17 lp:1558657
 	NewTimer worker.NewTimerFunc
 }
@@ -41,6 +35,12 @@
 	if c.NewTimer == nil {
 		return errors.New("missing Timer")
 	}
+	// TODO(perrito666) this assumes out of band knowledge of how filter
+	// values are treated, expand config to support the "dont use this filter"
+	// case as an explicit statement.
+	if c.MaxHistoryMB <= 0 && c.MaxHistoryTime <= 0 {
+		return errors.New("missing prune criteria, no size or date limit provided")
+	}
 	return nil
 }
 
@@ -50,7 +50,7 @@
 		return nil, errors.Trace(err)
 	}
 	doPruning := func(stop <-chan struct{}) error {
-		err := conf.Facade.Prune(int(conf.MaxLogsPerEntity))
+		err := conf.Facade.Prune(conf.MaxHistoryTime, int(conf.MaxHistoryMB))
 		if err != nil {
 			return errors.Trace(err)
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/statushistorypruner/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/statushistorypruner/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/statushistorypruner/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/statushistorypruner/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,10 +32,11 @@
 	}
 	facade := newFakeFacade()
 	conf := statushistorypruner.Config{
-		Facade:           facade,
-		MaxLogsPerEntity: 3,
-		PruneInterval:    coretesting.ShortWait,
-		NewTimer:         fakeTimerFunc,
+		Facade:         facade,
+		MaxHistoryTime: 1 * time.Second,
+		MaxHistoryMB:   3,
+		PruneInterval:  coretesting.ShortWait,
+		NewTimer:       fakeTimerFunc,
 	}
 
 	pruner, err := statushistorypruner.New(conf)
@@ -47,13 +48,13 @@
 	err = fakeTimer.fire()
 	c.Check(err, jc.ErrorIsNil)
 
-	var passedLogs int
+	var passedMB int
 	select {
-	case passedLogs = <-facade.passedMaxLogs:
+	case passedMB = <-facade.passedMaxHistoryMB:
 	case <-time.After(coretesting.LongWait):
 		c.Fatal("timed out waiting for passed logs to pruner")
 	}
-	c.Assert(passedLogs, gc.Equals, 3)
+	c.Assert(passedMB, gc.Equals, 3)
 
 	// Reset will have been called with the actual PruneInterval
 	var period time.Duration
@@ -76,10 +77,11 @@
 	}
 	facade := newFakeFacade()
 	conf := statushistorypruner.Config{
-		Facade:           facade,
-		MaxLogsPerEntity: 3,
-		PruneInterval:    coretesting.ShortWait,
-		NewTimer:         fakeTimerFunc,
+		Facade:         facade,
+		MaxHistoryTime: 1 * time.Second,
+		MaxHistoryMB:   3,
+		PruneInterval:  coretesting.ShortWait,
+		NewTimer:       fakeTimerFunc,
 	}
 
 	pruner, err := statushistorypruner.New(conf)
@@ -89,7 +91,7 @@
 	})
 
 	select {
-	case <-facade.passedMaxLogs:
+	case <-facade.passedMaxHistoryMB:
 		c.Fatal("called before firing timer.")
 	case <-time.After(coretesting.LongWait):
 	}
@@ -129,19 +131,21 @@
 }
 
 type fakeFacade struct {
-	passedMaxLogs chan int
+	passedMaxHistoryMB chan int
 }
 
 func newFakeFacade() *fakeFacade {
 	return &fakeFacade{
-		passedMaxLogs: make(chan int, 1),
+		passedMaxHistoryMB: make(chan int, 1),
 	}
 }
 
 // Prune implements Facade
-func (f *fakeFacade) Prune(maxLogs int) error {
+func (f *fakeFacade) Prune(_ time.Duration, maxHistoryMB int) error {
+	// TODO(perrito666) either make this send its actual args, or just use
+	// a stub and drop the unnecessary channel malarkey entirely
 	select {
-	case f.passedMaxLogs <- maxLogs:
+	case f.passedMaxHistoryMB <- maxHistoryMB:
 	case <-time.After(coretesting.LongWait):
 		return errors.New("timed out waiting for facade call Prune to run")
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/blockdevices.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/blockdevices.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/blockdevices.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/blockdevices.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/common.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/common.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/common.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/common.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/config.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/config.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 )
 
 // Config holds configuration and dependencies for a storageprovisioner worker.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/config_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/config_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,11 +5,11 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/worker/storageprovisioner"
@@ -36,7 +36,7 @@
 }
 
 func (s *ConfigSuite) TestInvalidScope(c *gc.C) {
-	s.config.Scope = names.NewServiceTag("boo")
+	s.config.Scope = names.NewApplicationTag("boo")
 	s.checkNotValid(c, ".* Scope not valid")
 }
 
@@ -100,7 +100,7 @@
 
 func validMachineConfig() storageprovisioner.Config {
 	config := almostValidConfig()
-	config.Scope = names.NewMachineTag("123/lxc/7")
+	config.Scope = names.NewMachineTag("123/lxd/7")
 	config.StorageDir = "storage-dir"
 	return config
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/filesystem_events.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/filesystem_events.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/filesystem_events.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/filesystem_events.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/filesystem_ops.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/filesystem_ops.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/filesystem_ops.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/filesystem_ops.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
@@ -43,7 +43,7 @@
 			}
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    filesystemParams[i].Tag.String(),
-				Status: status.StatusError,
+				Status: status.StatusError.String(),
 				Info:   err.Error(),
 			})
 			logger.Debugf(
@@ -62,7 +62,7 @@
 		for i, result := range results {
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    filesystemParams[i].Tag.String(),
-				Status: status.StatusAttaching,
+				Status: status.StatusAttaching.String(),
 			})
 			entityStatus := &statuses[len(statuses)-1]
 			if result.Error != nil {
@@ -73,7 +73,7 @@
 				// that we will retry. When we distinguish between
 				// transient and permanent errors, we will set the
 				// status to "error" for permanent errors.
-				entityStatus.Status = status.StatusPending
+				entityStatus.Status = status.StatusPending.String()
 				entityStatus.Info = result.Error.Error()
 				logger.Debugf(
 					"failed to create %s: %v",
@@ -147,7 +147,7 @@
 			p := filesystemAttachmentParams[i]
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    p.Filesystem.String(),
-				Status: status.StatusAttached,
+				Status: status.StatusAttached.String(),
 			})
 			entityStatus := &statuses[len(statuses)-1]
 			if result.Error != nil {
@@ -162,7 +162,7 @@
 				// indicate that we will retry. When we distinguish
 				// between transient and permanent errors, we will
 				// set the status to "error" for permanent errors.
-				entityStatus.Status = status.StatusAttaching
+				entityStatus.Status = status.StatusAttaching.String()
 				entityStatus.Info = result.Error.Error()
 				logger.Debugf(
 					"failed to attach %s to %s: %v",
@@ -213,7 +213,7 @@
 			}
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    filesystemParams[i].Tag.String(),
-				Status: status.StatusError,
+				Status: status.StatusError.String(),
 				Info:   err.Error(),
 			})
 			logger.Debugf(
@@ -247,7 +247,7 @@
 			reschedule = append(reschedule, ops[tag])
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    tag.String(),
-				Status: status.StatusDestroying,
+				Status: status.StatusDestroying.String(),
 				Info:   err.Error(),
 			})
 		}
@@ -293,7 +293,7 @@
 				// attachment, we'll have to check if
 				// there are any other attachments
 				// before saying the status "detached".
-				Status: status.StatusDetached,
+				Status: status.StatusDetached.String(),
 			})
 			id := params.MachineStorageId{
 				MachineTag:    p.Machine.String(),
@@ -302,7 +302,7 @@
 			entityStatus := &statuses[len(statuses)-1]
 			if err != nil {
 				reschedule = append(reschedule, ops[id])
-				entityStatus.Status = status.StatusDetaching
+				entityStatus.Status = status.StatusDetaching.String()
 				entityStatus.Info = err.Error()
 				logger.Debugf(
 					"failed to detach %s from %s: %v",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/machines.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/machines.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/machines.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/machines.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,13 +7,13 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/storageprovisioner"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
@@ -61,9 +61,9 @@
 
 // MachineManifold returns a dependency.Manifold that runs a storage provisioner.
 func MachineManifold(config MachineManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig{
+	typedConfig := engine.AgentApiManifoldConfig{
 		AgentName:     config.AgentName,
 		APICallerName: config.APICallerName,
 	}
-	return util.AgentApiManifold(typedConfig, config.newWorker)
+	return engine.AgentApiManifold(typedConfig, config.newWorker)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/manifold_machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,21 +6,21 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
 	apiagent "github.com/juju/juju/api/agent"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/jujud/agent/engine/enginetest"
 	"github.com/juju/juju/state/multiwatcher"
 	coretesting "github.com/juju/juju/testing"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 	"github.com/juju/juju/worker/storageprovisioner"
-	workertesting "github.com/juju/juju/worker/testing"
 )
 
 type MachineManifoldSuite struct {
@@ -42,7 +42,7 @@
 			return nil, nil
 		},
 	)
-	config := workertesting.AgentApiManifoldTestConfig()
+	config := enginetest.AgentApiManifoldTestConfig()
 	s.config = storageprovisioner.MachineManifoldConfig{
 		AgentName:     config.AgentName,
 		APICallerName: config.APICallerName,
@@ -51,7 +51,7 @@
 }
 
 func (s *MachineManifoldSuite) TestMachine(c *gc.C) {
-	_, err := workertesting.RunAgentApiManifold(
+	_, err := enginetest.RunAgentApiManifold(
 		storageprovisioner.MachineManifold(s.config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		&fakeAPIConn{})
@@ -61,7 +61,7 @@
 
 func (s *MachineManifoldSuite) TestMissingClock(c *gc.C) {
 	s.config.Clock = nil
-	_, err := workertesting.RunAgentApiManifold(
+	_, err := enginetest.RunAgentApiManifold(
 		storageprovisioner.MachineManifold(s.config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		&fakeAPIConn{})
@@ -70,7 +70,7 @@
 }
 
 func (s *MachineManifoldSuite) TestUnit(c *gc.C) {
-	_, err := workertesting.RunAgentApiManifold(
+	_, err := enginetest.RunAgentApiManifold(
 		storageprovisioner.MachineManifold(s.config),
 		&fakeAgent{tag: names.NewUnitTag("foo/0")},
 		&fakeAPIConn{})
@@ -79,7 +79,7 @@
 }
 
 func (s *MachineManifoldSuite) TestNonAgent(c *gc.C) {
-	_, err := workertesting.RunAgentApiManifold(
+	_, err := enginetest.RunAgentApiManifold(
 		storageprovisioner.MachineManifold(s.config),
 		&fakeAgent{tag: names.NewUserTag("foo")},
 		&fakeAPIConn{})
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/manifold_model.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/manifold_model.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/manifold_model.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/manifold_model.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/storageprovisioner"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	gitjujutesting "github.com/juju/testing"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/common"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,8 +29,8 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/storageprovisioner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,10 +7,10 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/clock"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
@@ -38,7 +38,6 @@
 	s.AddCleanup(func(*gc.C) {
 		registry.RegisterProvider("dummy", nil)
 	})
-
 	s.managedFilesystemSource = nil
 	s.PatchValue(
 		storageprovisioner.NewManagedFilesystemSource,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/volume_events.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/volume_events.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/volume_events.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/volume_events.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/instance"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/volume_ops.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/volume_ops.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/storageprovisioner/volume_ops.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/storageprovisioner/volume_ops.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/environs/config"
@@ -39,7 +39,7 @@
 			}
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    volumeParams[i].Tag.String(),
-				Status: status.StatusError,
+				Status: status.StatusError.String(),
 				Info:   err.Error(),
 			})
 			logger.Debugf(
@@ -58,7 +58,7 @@
 		for i, result := range results {
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    volumeParams[i].Tag.String(),
-				Status: status.StatusAttaching,
+				Status: status.StatusAttaching.String(),
 			})
 			entityStatus := &statuses[len(statuses)-1]
 			if result.Error != nil {
@@ -69,7 +69,7 @@
 				// that we will retry. When we distinguish between
 				// transient and permanent errors, we will set the
 				// status to "error" for permanent errors.
-				entityStatus.Status = status.StatusPending
+				entityStatus.Status = status.StatusPending.String()
 				entityStatus.Info = result.Error.Error()
 				logger.Debugf(
 					"failed to create %s: %v",
@@ -80,7 +80,7 @@
 			}
 			volumes = append(volumes, *result.Volume)
 			if result.VolumeAttachment != nil {
-				entityStatus.Status = status.StatusAttached
+				entityStatus.Status = status.StatusAttached.String()
 				volumeAttachments = append(volumeAttachments, *result.VolumeAttachment)
 			}
 		}
@@ -148,7 +148,7 @@
 			p := volumeAttachmentParams[i]
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    p.Volume.String(),
-				Status: status.StatusAttached,
+				Status: status.StatusAttached.String(),
 			})
 			entityStatus := &statuses[len(statuses)-1]
 			if result.Error != nil {
@@ -163,7 +163,7 @@
 				// indicate that we will retry. When we distinguish
 				// between transient and permanent errors, we will
 				// set the status to "error" for permanent errors.
-				entityStatus.Status = status.StatusAttaching
+				entityStatus.Status = status.StatusAttaching.String()
 				entityStatus.Info = result.Error.Error()
 				logger.Debugf(
 					"failed to attach %s to %s: %v",
@@ -213,7 +213,7 @@
 			}
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    volumeParams[i].Tag.String(),
-				Status: status.StatusError,
+				Status: status.StatusError.String(),
 				Info:   err.Error(),
 			})
 			logger.Debugf(
@@ -247,7 +247,7 @@
 			reschedule = append(reschedule, ops[tag])
 			statuses = append(statuses, params.EntityStatusArgs{
 				Tag:    tag.String(),
-				Status: status.StatusDestroying,
+				Status: status.StatusDestroying.String(),
 				Info:   err.Error(),
 			})
 		}
@@ -290,7 +290,7 @@
 				// attachment, we'll have to check if
 				// there are any other attachments
 				// before saying the status "detached".
-				Status: status.StatusDetached,
+				Status: status.StatusDetached.String(),
 			})
 			id := params.MachineStorageId{
 				MachineTag:    p.Machine.String(),
@@ -299,7 +299,7 @@
 			entityStatus := &statuses[len(statuses)-1]
 			if err != nil {
 				reschedule = append(reschedule, ops[id])
-				entityStatus.Status = status.StatusDetaching
+				entityStatus.Status = status.StatusDetaching.String()
 				entityStatus.Info = err.Error()
 				logger.Debugf(
 					"failed to detach %s from %s: %v",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/terminationworker/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/terminationworker/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/terminationworker/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/terminationworker/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,30 +30,30 @@
 // TerminationSignal signal, and then exits
 // with worker.ErrTerminateAgent.
 func NewWorker() worker.Worker {
-	u := &terminationWorker{}
+	var w terminationWorker
+	c := make(chan os.Signal, 1)
+	signal.Notify(c, TerminationSignal)
 	go func() {
-		defer u.tomb.Done()
-		u.tomb.Kill(u.loop())
+		defer w.tomb.Done()
+		defer signal.Stop(c)
+		w.tomb.Kill(w.loop(c))
 	}()
-	return u
+	return &w
 }
 
-func (u *terminationWorker) Kill() {
-	u.tomb.Kill(nil)
+func (w *terminationWorker) Kill() {
+	w.tomb.Kill(nil)
 }
 
-func (u *terminationWorker) Wait() error {
-	return u.tomb.Wait()
+func (w *terminationWorker) Wait() error {
+	return w.tomb.Wait()
 }
 
-func (u *terminationWorker) loop() (err error) {
-	c := make(chan os.Signal, 1)
-	signal.Notify(c, TerminationSignal)
-	defer signal.Stop(c)
+func (w *terminationWorker) loop(c <-chan os.Signal) (err error) {
 	select {
 	case <-c:
 		return worker.ErrTerminateAgent
-	case <-u.tomb.Dying():
+	case <-w.tomb.Dying():
 		return tomb.ErrDying
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/terminationworker/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/terminationworker/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/terminationworker/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/terminationworker/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,43 +5,28 @@
 
 import (
 	"os"
-	"os/signal"
 	"runtime"
-	stdtesting "testing"
+	"testing"
 
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
-	"github.com/juju/juju/testing"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/terminationworker"
 )
 
-func TestPackage(t *stdtesting.T) {
+func TestPackage(t *testing.T) {
 	gc.TestingT(t)
 }
 
 var _ = gc.Suite(&TerminationWorkerSuite{})
 
 type TerminationWorkerSuite struct {
-	testing.BaseSuite
 	// c is a channel that will wait for the termination
 	// signal, to prevent signals terminating the process.
 	c chan os.Signal
 }
 
-func (s *TerminationWorkerSuite) SetUpTest(c *gc.C) {
-	s.BaseSuite.SetUpTest(c)
-	s.c = make(chan os.Signal, 1)
-	signal.Notify(s.c, terminationworker.TerminationSignal)
-}
-
-func (s *TerminationWorkerSuite) TearDownTest(c *gc.C) {
-	signal.Stop(s.c)
-	close(s.c)
-	s.BaseSuite.TearDownTest(c)
-}
-
 func (s *TerminationWorkerSuite) TestStartStop(c *gc.C) {
 	w := terminationworker.NewWorker()
 	w.Kill()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/testing/agentapi.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/testing/agentapi.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/testing/agentapi.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/testing/agentapi.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,54 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package testing
-
-import (
-	"github.com/juju/juju/agent"
-	"github.com/juju/juju/api/base"
-	basetesting "github.com/juju/juju/api/base/testing"
-	"github.com/juju/juju/cmd/jujud/agent/util"
-	"github.com/juju/juju/worker"
-	"github.com/juju/juju/worker/dependency"
-	dt "github.com/juju/juju/worker/dependency/testing"
-)
-
-// AgentApiManifoldTestConfig returns a AgentApiManifoldConfig
-// suitable for use with RunAgentApiManifold.
-func AgentApiManifoldTestConfig() util.AgentApiManifoldConfig {
-	return util.AgentApiManifoldConfig{
-		AgentName:     "agent-name",
-		APICallerName: "api-caller-name",
-	}
-}
-
-// RunAgentApiManifold is useful for testing manifolds based on
-// AgentApiManifold. It takes the manifold, sets up the resources
-// required to successfully pass AgentApiManifold's checks and then
-// runs the manifold start func.
-//
-// An agent and apiCaller may be optionally provided. If they are nil,
-// dummy barely-good-enough defaults will be used (these dummies are
-// fine not actually used for much).
-func RunAgentApiManifold(
-	manifold dependency.Manifold, agent agent.Agent, apiCaller base.APICaller,
-) (worker.Worker, error) {
-	if agent == nil {
-		agent = new(dummyAgent)
-	}
-	if apiCaller == nil {
-		apiCaller = basetesting.APICallerFunc(
-			func(string, int, string, string, interface{}, interface{}) error {
-				return nil
-			})
-	}
-	context := dt.StubContext(nil, map[string]interface{}{
-		"agent-name":      agent,
-		"api-caller-name": apiCaller,
-	})
-	return manifold.Start(context)
-}
-
-type dummyAgent struct {
-	agent.Agent
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/testing/runner.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/testing/runner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/testing/runner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/testing/runner.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,103 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package testing
-
-import (
-	"sort"
-
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/juju/worker"
-)
-
-var _ worker.Runner = (*StubRunner)(nil)
-
-var runnerMethodNames = []string{
-	"StartWorker",
-	"StopWorker",
-}
-
-// StubRunner is a testing stub for worker.Runner.
-type StubRunner struct {
-	worker.Worker
-	// Stub is the underlying testing stub.
-	Stub *testing.Stub
-	// CallWhenStarted indicates that the newWorker func should be
-	// called when StartWorker is called.
-	CallWhenStarted bool
-}
-
-// NewStubRunner returns a new StubRunner.
-func NewStubRunner(stub *testing.Stub) *StubRunner {
-	return &StubRunner{
-		Worker: NewStubWorker(stub),
-		Stub:   stub,
-	}
-}
-
-func (r *StubRunner) validMethodName(funcName string) bool {
-	for _, knownName := range runnerMethodNames {
-		if funcName == knownName {
-			return true
-		}
-	}
-	return false
-}
-
-func (r *StubRunner) checkCallIDs(c *gc.C, methName string, skipMismatch bool, expected []string) {
-	var ids []string
-	for _, call := range r.Stub.Calls() {
-		if !r.validMethodName(call.FuncName) {
-			c.Logf("invalid called func name %q (must be one of %#v)", call.FuncName, runnerMethodNames)
-			c.FailNow()
-		}
-		if methName != "" {
-			if skipMismatch && call.FuncName != methName {
-				continue
-			}
-			c.Check(call.FuncName, gc.Equals, methName)
-		}
-		ids = append(ids, call.Args[0].(string))
-	}
-	sort.Strings(ids)
-	sort.Strings(expected)
-	c.Check(ids, jc.DeepEquals, expected)
-}
-
-// CheckCallIDs verifies that the worker IDs in all calls match the
-// provided ones. If a method name is provided as well then all calls must
-// have that method name.
-func (r *StubRunner) CheckCallIDs(c *gc.C, methName string, expected ...string) {
-	r.checkCallIDs(c, methName, false, expected)
-}
-
-// StartWorker implements worker.Runner.
-func (r *StubRunner) StartWorker(id string, newWorker func() (worker.Worker, error)) error {
-	r.Stub.AddCall("StartWorker", id, newWorker)
-	if err := r.Stub.NextErr(); err != nil {
-		return errors.Trace(err)
-	}
-
-	if r.CallWhenStarted {
-		// TODO(ericsnow) Save the workers?
-		if _, err := newWorker(); err != nil {
-			return errors.Trace(err)
-		}
-	}
-	return nil
-}
-
-// StopWorker implements worker.Runner.
-func (r *StubRunner) StopWorker(id string) error {
-	r.Stub.AddCall("StopWorker", id)
-	if err := r.Stub.NextErr(); err != nil {
-		return errors.Trace(err)
-	}
-
-	// Do nothing.
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/testing/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/testing/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/testing/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/testing/worker.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,45 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package testing
-
-import (
-	"github.com/juju/errors"
-	"github.com/juju/testing"
-
-	"github.com/juju/juju/worker"
-)
-
-var _ worker.Worker = (*StubWorker)(nil)
-
-// StubWorker is a testing stub for worker.Worker.
-type StubWorker struct {
-	// Stub is the underlying testing stub.
-	Stub *testing.Stub
-}
-
-// NewStubWorker returns a new StubWorker.
-func NewStubWorker(stub *testing.Stub) *StubWorker {
-	return &StubWorker{
-		Stub: stub,
-	}
-}
-
-// Kill implements worker.Worker.
-func (w *StubWorker) Kill() {
-	w.Stub.AddCall("Kill")
-	w.Stub.NextErr()
-
-	// Do nothing.
-}
-
-// Wait implements worker.Worker.
-func (w *StubWorker) Wait() error {
-	w.Stub.AddCall("Wait")
-	if err := w.Stub.NextErr(); err != nil {
-		return errors.Trace(err)
-	}
-
-	// Do nothing.
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/toolsversionchecker/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/toolsversionchecker/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/toolsversionchecker/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/toolsversionchecker/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,21 +12,21 @@
 	apiagent "github.com/juju/juju/api/agent"
 	"github.com/juju/juju/api/agenttools"
 	"github.com/juju/juju/api/base"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // ManifoldConfig defines the names of the manifolds on which a Manifold will depend.
-type ManifoldConfig util.AgentApiManifoldConfig
+type ManifoldConfig engine.AgentApiManifoldConfig
 
 // Manifold returns a dependency manifold that runs a toolsversionchecker worker,
 // using the api connection resource named in the supplied config.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	typedConfig := util.AgentApiManifoldConfig(config)
-	return util.AgentApiManifold(typedConfig, newWorker)
+	typedConfig := engine.AgentApiManifoldConfig(config)
+	return engine.AgentApiManifold(typedConfig, newWorker)
 }
 
 func newWorker(a agent.Agent, apiCaller base.APICaller) (worker.Worker, error) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/toolsversionchecker/manifold_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/toolsversionchecker/manifold_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/toolsversionchecker/manifold_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/toolsversionchecker/manifold_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,18 +4,18 @@
 package toolsversionchecker_test
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/apiserver/params"
+	"github.com/juju/juju/cmd/jujud/agent/engine/enginetest"
 	"github.com/juju/juju/state/multiwatcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
-	workertesting "github.com/juju/juju/worker/testing"
 	"github.com/juju/juju/worker/toolsversionchecker"
 )
 
@@ -37,8 +37,8 @@
 }
 
 func (s *ManifoldSuite) TestMachine(c *gc.C) {
-	config := toolsversionchecker.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := toolsversionchecker.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		toolsversionchecker.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		mockAPICaller(multiwatcher.JobManageModel))
@@ -47,8 +47,8 @@
 }
 
 func (s *ManifoldSuite) TestMachineNotModelManagerErrors(c *gc.C) {
-	config := toolsversionchecker.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := toolsversionchecker.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		toolsversionchecker.Manifold(config),
 		&fakeAgent{tag: names.NewMachineTag("42")},
 		mockAPICaller(multiwatcher.JobHostUnits))
@@ -57,8 +57,8 @@
 }
 
 func (s *ManifoldSuite) TestNonMachineAgent(c *gc.C) {
-	config := toolsversionchecker.ManifoldConfig(workertesting.AgentApiManifoldTestConfig())
-	_, err := workertesting.RunAgentApiManifold(
+	config := toolsversionchecker.ManifoldConfig(enginetest.AgentApiManifoldTestConfig())
+	_, err := enginetest.RunAgentApiManifold(
 		toolsversionchecker.Manifold(config),
 		&fakeAgent{tag: names.NewUnitTag("foo/0")},
 		mockAPICaller(""))
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/unitassigner/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/unitassigner/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/unitassigner/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/unitassigner/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,18 +8,18 @@
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/unitassigner"
-	"github.com/juju/juju/cmd/jujud/agent/util"
+	"github.com/juju/juju/cmd/jujud/agent/engine"
 	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/dependency"
 )
 
 // ManifoldConfig describes the resources used by a unitassigner worker.
-type ManifoldConfig util.ApiManifoldConfig
+type ManifoldConfig engine.ApiManifoldConfig
 
 // Manifold returns a Manifold that runs a unitassigner worker.
 func Manifold(config ManifoldConfig) dependency.Manifold {
-	return util.ApiManifold(
-		util.ApiManifoldConfig(config),
+	return engine.ApiManifold(
+		engine.ApiManifoldConfig(config),
 		manifoldStart,
 	)
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/unitassigner/unitassigner.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/unitassigner/unitassigner.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/unitassigner/unitassigner.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/unitassigner/unitassigner.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"github.com/juju/juju/watcher"
 	"github.com/juju/juju/worker"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 var logger = loggo.GetLogger("juju.worker.unitassigner")
@@ -77,7 +77,7 @@
 		for unit, err := range failures {
 			args.Entities[x] = params.EntityStatusArgs{
 				Tag:    unit,
-				Status: status.StatusError,
+				Status: status.StatusError.String(),
 				Info:   err.Error(),
 			}
 			x++
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/unitassigner/unitassigner_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/unitassigner/unitassigner_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/unitassigner/unitassigner_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/unitassigner/unitassigner_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,9 +6,9 @@
 import (
 	"errors"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/status"
@@ -63,7 +63,7 @@
 	c.Assert(entities, gc.HasLen, 1)
 	c.Assert(entities[0], gc.DeepEquals, params.EntityStatusArgs{
 		Tag:    "unit-foo-0",
-		Status: status.StatusError,
+		Status: status.StatusError.String(),
 		Info:   e.Error(),
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/hook/hook.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/hook/hook.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/hook/hook.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/hook/hook.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 )
 
 // TODO(fwereade): move these definitions to juju/charm/hooks.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
-	"github.com/juju/utils/fslock"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
@@ -26,6 +25,7 @@
 	AgentName             string
 	APICallerName         string
 	MachineLockName       string
+	Clock                 clock.Clock
 	LeadershipTrackerName string
 	CharmDirName          string
 	HookRetryStrategyName string
@@ -39,11 +39,16 @@
 			config.AgentName,
 			config.APICallerName,
 			config.LeadershipTrackerName,
-			config.MachineLockName,
 			config.CharmDirName,
 			config.HookRetryStrategyName,
 		},
 		Start: func(context dependency.Context) (worker.Worker, error) {
+			if config.Clock == nil {
+				return nil, errors.NotValidf("missing Clock")
+			}
+			if config.MachineLockName == "" {
+				return nil, errors.NotValidf("missing MachineLockName")
+			}
 
 			// Collect all required resources.
 			var agent agent.Agent
@@ -57,10 +62,6 @@
 				// leader-deposed hook -- but that's not done yet.
 				return nil, err
 			}
-			var machineLock *fslock.Lock
-			if err := context.Get(config.MachineLockName, &machineLock); err != nil {
-				return nil, err
-			}
 			var leadershipTracker leadership.Tracker
 			if err := context.Get(config.LeadershipTrackerName, &leadershipTracker); err != nil {
 				return nil, err
@@ -77,9 +78,10 @@
 
 			downloader := api.NewCharmDownloader(apiConn.Client())
 
+			manifoldConfig := config
 			// Configure and start the uniter.
-			config := agent.CurrentConfig()
-			tag := config.Tag()
+			agentConfig := agent.CurrentConfig()
+			tag := agentConfig.Tag()
 			unitTag, ok := tag.(names.UnitTag)
 			if !ok {
 				return nil, errors.Errorf("expected a unit tag, got %v", tag)
@@ -89,14 +91,14 @@
 				UniterFacade:         uniterFacade,
 				UnitTag:              unitTag,
 				LeadershipTracker:    leadershipTracker,
-				DataDir:              config.DataDir(),
+				DataDir:              agentConfig.DataDir(),
 				Downloader:           downloader,
-				MachineLock:          machineLock,
+				MachineLockName:      manifoldConfig.MachineLockName,
 				CharmDirGuard:        charmDirGuard,
 				UpdateStatusSignal:   NewUpdateStatusTimer(),
 				HookRetryStrategy:    hookRetryStrategy,
 				NewOperationExecutor: operation.NewExecutor,
-				Clock:                clock.WallClock,
+				Clock:                manifoldConfig.Clock,
 			})
 			if err != nil {
 				return nil, errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package uniter_test
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/worker/uniter/hook"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/op_callbacks.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/op_callbacks.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/op_callbacks.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/op_callbacks.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/status"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/deploy.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/deploy.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/deploy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/deploy.go	2016-07-18 19:45:44.000000000 +0000
@@ -72,7 +72,7 @@
 	// write out local state referencing the charm url (by returning the new
 	// State to the Executor, below), we have to register our interest in that
 	// charm on the controller. If we neglected to do so, the operation could
-	// race with a new service-charm-url change on the controller, and lead to
+	// race with a new application-charm-url change on the controller, and lead to
 	// failures on resume in which we try to obtain archive info for a charm that
 	// has already been removed from the controller.
 	if err := d.callbacks.SetCurrentCharm(d.charmURL); err != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/executor.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/executor.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/executor.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/executor.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,6 +7,7 @@
 	"fmt"
 
 	"github.com/juju/errors"
+	"github.com/juju/mutex"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
 )
 
@@ -28,14 +29,14 @@
 type executor struct {
 	file               *StateFile
 	state              *State
-	acquireMachineLock func(string) (func() error, error)
+	acquireMachineLock func() (mutex.Releaser, error)
 }
 
 // NewExecutor returns an Executor which takes its starting state from the
 // supplied path, and records state changes there. If no state file exists,
 // the executor's starting state will include a queued Install hook, for
 // the charm identified by the supplied func.
-func NewExecutor(stateFilePath string, getInstallCharm func() (*corecharm.URL, error), acquireLock func(string) (func() error, error)) (Executor, error) {
+func NewExecutor(stateFilePath string, getInstallCharm func() (*corecharm.URL, error), acquireLock func() (mutex.Releaser, error)) (Executor, error) {
 	file := NewStateFile(stateFilePath)
 	state, err := file.Read()
 	if err == ErrNoStateFile {
@@ -68,21 +69,11 @@
 	logger.Debugf("running operation %v", op)
 
 	if op.NeedsGlobalMachineLock() {
-		unlock, err := x.acquireMachineLock(fmt.Sprintf("executing operation: %s", op.String()))
+		releaser, err := x.acquireMachineLock()
 		if err != nil {
 			return errors.Annotate(err, "could not acquire lock")
 		}
-		// There is nothing theoretically stopping us from unlocking
-		// between execute and commit, but since we're not looking for the
-		// efficiency provided by that right now, we prefer to keep the logic
-		// simple. This could be changed in the future.
-		defer func() {
-			unlockErr := unlock()
-			if unlockErr != nil {
-				logger.Errorf("operation failed with error %v; error overriden by unlock failure error", runErr)
-				runErr = unlockErr
-			}
-		}()
+		defer releaser.Release()
 	}
 
 	switch err := x.do(op, stepPrepare); errors.Cause(err) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/executor_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/executor_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/executor_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/executor_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,6 +7,7 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
+	"github.com/juju/mutex"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	ft "github.com/juju/testing/filetesting"
@@ -29,7 +30,7 @@
 	return nil, errors.New("lol!")
 }
 
-func failAcquireLock(string) (func() error, error) {
+func failAcquireLock() (mutex.Releaser, error) {
 	return nil, errors.New("wat")
 }
 
@@ -325,8 +326,7 @@
 	c.Assert(executor.State(), gc.DeepEquals, *op.commit.newState)
 }
 
-func (s *ExecutorSuite) initLockTest(c *gc.C, lockFunc func(string) (func() error, error)) operation.Executor {
-
+func (s *ExecutorSuite) initLockTest(c *gc.C, lockFunc func() (mutex.Releaser, error)) operation.Executor {
 	initialState := justInstalledState()
 	statePath := filepath.Join(c.MkDir(), "state")
 	err := operation.NewStateFile(statePath).Write(&initialState)
@@ -346,7 +346,7 @@
 	}
 
 	mockLock := &mockLockFunc{op: op}
-	lockFunc := mockLock.newSucceedingLockUnlockSucceeds()
+	lockFunc := mockLock.newSucceedingLock()
 	executor := s.initLockTest(c, lockFunc)
 
 	err := executor.Run(op)
@@ -360,52 +360,6 @@
 	c.Assert(mockLock.stepsCalledOnUnlock, gc.DeepEquals, expectedStepsOnUnlock)
 }
 
-func (s *ExecutorSuite) TestLockSucceedsStepsCalledUnlockFails(c *gc.C) {
-	op := &mockOperation{
-		needsLock: true,
-		prepare:   newStep(nil, nil),
-		execute:   newStep(nil, nil),
-		commit:    newStep(nil, nil),
-	}
-
-	mockLock := &mockLockFunc{op: op}
-	lockFunc := mockLock.newSucceedingLockUnlockFails()
-	executor := s.initLockTest(c, lockFunc)
-
-	err := executor.Run(op)
-	c.Assert(err, gc.ErrorMatches, "but why")
-
-	c.Assert(mockLock.calledLock, jc.IsTrue)
-	c.Assert(mockLock.calledUnlock, jc.IsTrue)
-	c.Assert(mockLock.noStepsCalledOnLock, jc.IsTrue)
-
-	expectedStepsOnUnlock := []bool{true, true, true}
-	c.Assert(mockLock.stepsCalledOnUnlock, gc.DeepEquals, expectedStepsOnUnlock)
-}
-
-func (s *ExecutorSuite) TestOpFailsUnlockFailsUnlockErrPropagated(c *gc.C) {
-	op := &mockOperation{
-		needsLock: true,
-		prepare:   newStep(nil, errors.New("kerblooie")),
-		execute:   newStep(nil, nil),
-		commit:    newStep(nil, nil),
-	}
-
-	mockLock := &mockLockFunc{op: op}
-	lockFunc := mockLock.newSucceedingLockUnlockFails()
-	executor := s.initLockTest(c, lockFunc)
-
-	err := executor.Run(op)
-	c.Assert(err, gc.ErrorMatches, "but why")
-
-	c.Assert(mockLock.calledLock, jc.IsTrue)
-	c.Assert(mockLock.calledUnlock, jc.IsTrue)
-	c.Assert(mockLock.noStepsCalledOnLock, jc.IsTrue)
-
-	expectedStepsOnUnlock := []bool{true, false, false}
-	c.Assert(mockLock.stepsCalledOnUnlock, gc.DeepEquals, expectedStepsOnUnlock)
-}
-
 func (s *ExecutorSuite) TestLockFailsOpsStepsNotCalled(c *gc.C) {
 	op := &mockOperation{
 		needsLock: true,
@@ -432,7 +386,7 @@
 
 func (s *ExecutorSuite) testLockUnlocksOnError(c *gc.C, op *mockOperation) (error, *mockLockFunc) {
 	mockLock := &mockLockFunc{op: op}
-	lockFunc := mockLock.newSucceedingLockUnlockSucceeds()
+	lockFunc := mockLock.newSucceedingLock()
 	executor := s.initLockTest(c, lockFunc)
 
 	err := executor.Run(op)
@@ -498,45 +452,38 @@
 	calledLock          bool
 	calledUnlock        bool
 	op                  *mockOperation
+	onRelease           func()
+}
+
+func (mock *mockLockFunc) Release() {
+	mock.onRelease()
 }
 
-func (mock *mockLockFunc) newFailingLock() func(string) (func() error, error) {
-	return func(string) (func() error, error) {
+func (mock *mockLockFunc) newFailingLock() func() (mutex.Releaser, error) {
+	return func() (mutex.Releaser, error) {
 		mock.noStepsCalledOnLock = mock.op.prepare.called == false &&
 			mock.op.commit.called == false
 		return nil, errors.New("wat")
 	}
-
 }
 
-func (mock *mockLockFunc) newSucceedingLock(unlockFails bool) func(string) (func() error, error) {
-	return func(string) (func() error, error) {
+func (mock *mockLockFunc) newSucceedingLock() func() (mutex.Releaser, error) {
+	return func() (mutex.Releaser, error) {
 		mock.calledLock = true
 		// Ensure that when we lock no operation has been called
 		mock.noStepsCalledOnLock = mock.op.prepare.called == false &&
 			mock.op.commit.called == false
-		return func() error {
+		mock.onRelease = func() {
 			// Record steps called when unlocking
 			mock.stepsCalledOnUnlock = []bool{mock.op.prepare.called,
 				mock.op.execute.called,
 				mock.op.commit.called}
 			mock.calledUnlock = true
-			if unlockFails {
-				return errors.New("but why")
-			}
-			return nil
-		}, nil
+		}
+		return mock, nil
 	}
 }
 
-func (mock *mockLockFunc) newSucceedingLockUnlockFails() func(string) (func() error, error) {
-	return mock.newSucceedingLock(true)
-}
-
-func (mock *mockLockFunc) newSucceedingLockUnlockSucceeds() func(string) (func() error, error) {
-	return mock.newSucceedingLock(false)
-}
-
 type mockStep struct {
 	gotState operation.State
 	newState *operation.State
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/factory.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/factory.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/factory.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/factory.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/worker/uniter/charm"
 	"github.com/juju/juju/worker/uniter/hook"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/interface.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/interface.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/interface.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/interface.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,9 +5,9 @@
 
 import (
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	utilexec "github.com/juju/utils/exec"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/worker/uniter/charm"
 	"github.com/juju/juju/worker/uniter/hook"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/state_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/state_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/operation/state_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/operation/state_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -20,7 +20,7 @@
 
 var _ = gc.Suite(&StateFileSuite{})
 
-var stcurl = charm.MustParseURL("cs:quantal/service-name-123")
+var stcurl = charm.MustParseURL("cs:quantal/application-name-123")
 var relhook = &hook.Info{
 	Kind:       hooks.RelationJoined,
 	RemoteUnit: "some-thing/123",
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/paths.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/paths.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/paths.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/paths.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,8 +8,8 @@
 	"fmt"
 	"path/filepath"
 
-	"github.com/juju/names"
 	"github.com/juju/utils/os"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent/tools"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/paths_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/paths_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/paths_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/paths_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,11 +6,11 @@
 import (
 	"path/filepath"
 
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/os"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/worker/uniter"
 )
@@ -32,16 +32,16 @@
 	s.PatchValue(&os.HostOS, func() os.OSType { return os.Windows })
 
 	dataDir := c.MkDir()
-	unitTag := names.NewUnitTag("some-service/323")
+	unitTag := names.NewUnitTag("some-application/323")
 	paths := uniter.NewPaths(dataDir, unitTag)
 
 	relData := relPathFunc(dataDir)
-	relAgent := relPathFunc(relData("agents", "unit-some-service-323"))
+	relAgent := relPathFunc(relData("agents", "unit-some-application-323"))
 	c.Assert(paths, jc.DeepEquals, uniter.Paths{
-		ToolsDir: relData("tools/unit-some-service-323"),
+		ToolsDir: relData("tools/unit-some-application-323"),
 		Runtime: uniter.RuntimePaths{
-			JujuRunSocket:     `\\.\pipe\unit-some-service-323-run`,
-			JujucServerSocket: `\\.\pipe\unit-some-service-323-agent`,
+			JujuRunSocket:     `\\.\pipe\unit-some-application-323-run`,
+			JujucServerSocket: `\\.\pipe\unit-some-application-323-agent`,
 		},
 		State: uniter.StatePaths{
 			BaseDir:         relAgent(),
@@ -60,17 +60,17 @@
 	s.PatchValue(&os.HostOS, func() os.OSType { return os.Windows })
 
 	dataDir := c.MkDir()
-	unitTag := names.NewUnitTag("some-service/323")
+	unitTag := names.NewUnitTag("some-application/323")
 	worker := "some-worker"
 	paths := uniter.NewWorkerPaths(dataDir, unitTag, worker)
 
 	relData := relPathFunc(dataDir)
-	relAgent := relPathFunc(relData("agents", "unit-some-service-323"))
+	relAgent := relPathFunc(relData("agents", "unit-some-application-323"))
 	c.Assert(paths, jc.DeepEquals, uniter.Paths{
-		ToolsDir: relData("tools/unit-some-service-323"),
+		ToolsDir: relData("tools/unit-some-application-323"),
 		Runtime: uniter.RuntimePaths{
-			JujuRunSocket:     `\\.\pipe\unit-some-service-323-some-worker-run`,
-			JujucServerSocket: `\\.\pipe\unit-some-service-323-some-worker-agent`,
+			JujuRunSocket:     `\\.\pipe\unit-some-application-323-some-worker-run`,
+			JujucServerSocket: `\\.\pipe\unit-some-application-323-some-worker-agent`,
 		},
 		State: uniter.StatePaths{
 			BaseDir:         relAgent(),
@@ -89,13 +89,13 @@
 	s.PatchValue(&os.HostOS, func() os.OSType { return os.Unknown })
 
 	dataDir := c.MkDir()
-	unitTag := names.NewUnitTag("some-service/323")
+	unitTag := names.NewUnitTag("some-application/323")
 	paths := uniter.NewPaths(dataDir, unitTag)
 
 	relData := relPathFunc(dataDir)
-	relAgent := relPathFunc(relData("agents", "unit-some-service-323"))
+	relAgent := relPathFunc(relData("agents", "unit-some-application-323"))
 	c.Assert(paths, jc.DeepEquals, uniter.Paths{
-		ToolsDir: relData("tools/unit-some-service-323"),
+		ToolsDir: relData("tools/unit-some-application-323"),
 		Runtime: uniter.RuntimePaths{
 			JujuRunSocket:     relAgent("run.socket"),
 			JujucServerSocket: "@" + relAgent("agent.socket"),
@@ -117,14 +117,14 @@
 	s.PatchValue(&os.HostOS, func() os.OSType { return os.Unknown })
 
 	dataDir := c.MkDir()
-	unitTag := names.NewUnitTag("some-service/323")
+	unitTag := names.NewUnitTag("some-application/323")
 	worker := "worker-id"
 	paths := uniter.NewWorkerPaths(dataDir, unitTag, worker)
 
 	relData := relPathFunc(dataDir)
-	relAgent := relPathFunc(relData("agents", "unit-some-service-323"))
+	relAgent := relPathFunc(relData("agents", "unit-some-application-323"))
 	c.Assert(paths, jc.DeepEquals, uniter.Paths{
-		ToolsDir: relData("tools/unit-some-service-323"),
+		ToolsDir: relData("tools/unit-some-application-323"),
 		Runtime: uniter.RuntimePaths{
 			JujuRunSocket:     relAgent(worker + "-run.socket"),
 			JujucServerSocket: "@" + relAgent(worker+"-agent.socket"),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/relation/relationer_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/relation/relationer_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/relation/relationer_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/relation/relationer_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,12 +9,12 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	ft "github.com/juju/testing/filetesting"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apiuniter "github.com/juju/juju/api/uniter"
@@ -29,7 +29,7 @@
 type RelationerSuite struct {
 	jujutesting.JujuConnSuite
 	hooks   chan hook.Info
-	svc     *state.Service
+	app     *state.Application
 	rel     *state.Relation
 	dir     *relation.StateDir
 	dirPath string
@@ -44,9 +44,9 @@
 func (s *RelationerSuite) SetUpTest(c *gc.C) {
 	s.JujuConnSuite.SetUpTest(c)
 	var err error
-	s.svc = s.AddTestingService(c, "u", s.AddTestingCharm(c, "riak"))
+	s.app = s.AddTestingService(c, "u", s.AddTestingCharm(c, "riak"))
 	c.Assert(err, jc.ErrorIsNil)
-	rels, err := s.svc.Relations()
+	rels, err := s.app.Relations()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(rels, gc.HasLen, 1)
 	s.rel = rels[0]
@@ -74,7 +74,7 @@
 }
 
 func (s *RelationerSuite) AddRelationUnit(c *gc.C, name string) (*state.RelationUnit, *state.Unit) {
-	u, err := s.svc.AddUnit()
+	u, err := s.app.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	c.Assert(u.Name(), gc.Equals, name)
 	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/relation/relations.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/relation/relations.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/relation/relations.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/relation/relations.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 import (
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/relation/relations_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/relation/relations_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/relation/relations_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/relation/relations_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,12 +10,12 @@
 	"sync/atomic"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	apitesting "github.com/juju/juju/api/base/testing"
 	"github.com/juju/juju/api/uniter"
@@ -78,7 +78,7 @@
 			c.Check(index < len(apiCalls), jc.IsTrue)
 			call := apiCalls[index]
 			c.Logf("request %d, %s", index, request)
-			c.Check(version, gc.Equals, 3)
+			c.Check(version, gc.Equals, 4)
 			c.Check(id, gc.Equals, "")
 			c.Check(request, gc.Equals, call.request)
 			c.Check(arg, jc.DeepEquals, call.args)
@@ -155,8 +155,8 @@
 				Key:  "wordpress:db mysql:db",
 				Life: params.Alive,
 				Endpoint: multiwatcher.Endpoint{
-					ServiceName: "wordpress",
-					Relation:    charm.Relation{Name: "mysql", Role: charm.RoleProvider, Interface: "db"},
+					ApplicationName: "wordpress",
+					Relation:        multiwatcher.CharmRelation{Name: "mysql", Role: string(charm.RoleProvider), Interface: "db"},
 				}},
 		},
 	}
@@ -220,8 +220,8 @@
 				Key:  "wordpress:db mysql:db",
 				Life: params.Alive,
 				Endpoint: multiwatcher.Endpoint{
-					ServiceName: "wordpress",
-					Relation:    charm.Relation{Name: "mysql", Role: charm.RoleRequirer, Interface: "db", Scope: "global"},
+					ApplicationName: "wordpress",
+					Relation:        multiwatcher.CharmRelation{Name: "mysql", Role: string(charm.RoleRequirer), Interface: "db", Scope: "global"},
 				}},
 		},
 	}
@@ -478,8 +478,8 @@
 				Key:  "wordpress:juju-info juju-info:juju-info",
 				Life: params.Alive,
 				Endpoint: multiwatcher.Endpoint{
-					ServiceName: "wordpress",
-					Relation:    charm.Relation{Name: "juju-info", Role: charm.RoleProvider, Interface: "juju-info", Scope: "global"},
+					ApplicationName: "wordpress",
+					Relation:        multiwatcher.CharmRelation{Name: "juju-info", Role: string(charm.RoleProvider), Interface: "juju-info", Scope: "global"},
 				}},
 		},
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"sync"
 
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/core/leadership"
@@ -205,7 +205,7 @@
 	return u.resolved, nil
 }
 
-func (u *mockUnit) Service() (remotestate.Service, error) {
+func (u *mockUnit) Application() (remotestate.Application, error) {
 	return &u.service, nil
 }
 
@@ -234,7 +234,7 @@
 }
 
 type mockService struct {
-	tag                   names.ServiceTag
+	tag                   names.ApplicationTag
 	life                  params.Life
 	curl                  *charm.URL
 	charmModifiedVersion  int
@@ -260,7 +260,7 @@
 	return nil
 }
 
-func (s *mockService) Tag() names.ServiceTag {
+func (s *mockService) Tag() names.ApplicationTag {
 	return s.tag
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/snapshot.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/snapshot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/snapshot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/snapshot.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,8 +4,8 @@
 package remotestate
 
 import (
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 )
@@ -54,7 +54,7 @@
 	Leader bool
 
 	// LeaderSettingsVersion is the last published
-	// version of the leader settings for the service.
+	// version of the leader settings for the application.
 	LeaderSettingsVersion int
 
 	// UpdateStatusVersion increments each time an
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/state.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,8 +4,8 @@
 package remotestate
 
 import (
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
@@ -25,7 +25,7 @@
 	Life() params.Life
 	Refresh() error
 	Resolved() (params.ResolvedMode, error)
-	Service() (Service, error)
+	Application() (Application, error)
 	Tag() names.UnitTag
 	Watch() (watcher.NotifyWatcher, error)
 	WatchAddresses() (watcher.NotifyWatcher, error)
@@ -34,7 +34,7 @@
 	WatchActionNotifications() (watcher.StringsWatcher, error)
 }
 
-type Service interface {
+type Application interface {
 	// CharmModifiedVersion returns a revision number for the charm that
 	// increments whenever the charm or a resource for the charm changes.
 	CharmModifiedVersion() (int, error)
@@ -45,7 +45,7 @@
 	// Refresh syncs this value with the api server.
 	Refresh() error
 	// Tag returns the tag for this service.
-	Tag() names.ServiceTag
+	Tag() names.ApplicationTag
 	// Watch returns a watcher that fires when this service changes.
 	Watch() (watcher.NotifyWatcher, error)
 	// WatchLeadershipSettings returns a watcher that fires when the leadership
@@ -74,7 +74,7 @@
 }
 
 type apiService struct {
-	*uniter.Service
+	*uniter.Application
 }
 
 type apiRelation struct {
@@ -91,7 +91,7 @@
 	return apiUnit{u}, err
 }
 
-func (u apiUnit) Service() (Service, error) {
-	s, err := u.Unit.Service()
+func (u apiUnit) Application() (Application, error) {
+	s, err := u.Unit.Application()
 	return apiService{s}, err
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/storagewatcher.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/storagewatcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/storagewatcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/storagewatcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/watcher"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/watcher.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/watcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/watcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/watcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,7 +9,7 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/core/leadership"
@@ -26,7 +26,7 @@
 type RemoteStateWatcher struct {
 	st                        State
 	unit                      Unit
-	service                   Service
+	service                   Application
 	relations                 map[names.RelationTag]*relationUnitsWatcher
 	relationUnitsChanges      chan relationUnitsChange
 	storageAttachmentWatchers map[names.StorageTag]*storageAttachmentWatcher
@@ -162,7 +162,7 @@
 	if w.unit, err = w.st.Unit(unitTag); err != nil {
 		return errors.Trace(err)
 	}
-	w.service, err = w.unit.Service()
+	w.service, err = w.unit.Application()
 	if err != nil {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/watcher_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/watcher_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/remotestate/watcher_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/remotestate/watcher_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 import (
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/testing"
@@ -39,7 +39,7 @@
 			tag:  names.NewUnitTag("mysql/0"),
 			life: params.Alive,
 			service: mockService{
-				tag:                   names.NewServiceTag("mysql"),
+				tag:                   names.NewApplicationTag("mysql"),
 				life:                  params.Alive,
 				curl:                  charm.MustParseURL("cs:trusty/mysql"),
 				charmModifiedVersion:  5,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/resolver_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/resolver_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/resolver_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/resolver_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,12 +5,12 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/worker/uniter"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/action.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/action.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/action.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/action.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package context
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // ActionData contains the tag, parameters, and results of an Action.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,9 +9,9 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
@@ -285,11 +285,11 @@
 
 	// TODO(fwereade) 23-10-2014 bug 1384572
 	// Nothing here should ever be getting the environ config directly.
-	environConfig, err := f.state.ModelConfig()
+	modelConfig, err := f.state.ModelConfig()
 	if err != nil {
 		return err
 	}
-	ctx.proxySettings = environConfig.ProxySettings()
+	ctx.proxySettings = modelConfig.ProxySettings()
 
 	// Calling these last, because there's a potential race: they're not guaranteed
 	// to be set in time to be needed for a hook. If they're not, we just leave them
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/contextfactory_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,13 +8,13 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/fs"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/core/leadership"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/context.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/context.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/context.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/context.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,10 +13,10 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
 	"github.com/juju/utils/proxy"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/base"
 	"github.com/juju/juju/api/uniter"
@@ -299,25 +299,25 @@
 	return ctx.status, nil
 }
 
-// ServiceStatus returns the status for the service and all the units on
+// ApplicationStatus returns the status for the application and all the units on
 // the service to which this context unit belongs, only if this unit is
 // the leader.
-func (ctx *HookContext) ServiceStatus() (jujuc.ServiceStatusInfo, error) {
+func (ctx *HookContext) ApplicationStatus() (jujuc.ApplicationStatusInfo, error) {
 	var err error
 	isLeader, err := ctx.IsLeader()
 	if err != nil {
-		return jujuc.ServiceStatusInfo{}, errors.Annotatef(err, "cannot determine leadership")
+		return jujuc.ApplicationStatusInfo{}, errors.Annotatef(err, "cannot determine leadership")
 	}
 	if !isLeader {
-		return jujuc.ServiceStatusInfo{}, ErrIsNotLeader
+		return jujuc.ApplicationStatusInfo{}, ErrIsNotLeader
 	}
-	service, err := ctx.unit.Service()
+	service, err := ctx.unit.Application()
 	if err != nil {
-		return jujuc.ServiceStatusInfo{}, errors.Trace(err)
+		return jujuc.ApplicationStatusInfo{}, errors.Trace(err)
 	}
 	status, err := service.Status(ctx.unit.Name())
 	if err != nil {
-		return jujuc.ServiceStatusInfo{}, errors.Trace(err)
+		return jujuc.ApplicationStatusInfo{}, errors.Trace(err)
 	}
 	us := make([]jujuc.StatusInfo, len(status.Units))
 	i := 0
@@ -330,12 +330,12 @@
 		}
 		i++
 	}
-	return jujuc.ServiceStatusInfo{
-		Service: jujuc.StatusInfo{
+	return jujuc.ApplicationStatusInfo{
+		Application: jujuc.StatusInfo{
 			Tag:    service.Tag().String(),
-			Status: string(status.Service.Status),
-			Info:   status.Service.Info,
-			Data:   status.Service.Data,
+			Status: string(status.Application.Status),
+			Info:   status.Application.Info,
+			Data:   status.Application.Data,
 		},
 		Units: us,
 	}, nil
@@ -352,10 +352,10 @@
 	)
 }
 
-// SetServiceStatus will set the given status to the service to which this
+// SetApplicationStatus will set the given status to the service to which this
 // unit's belong, only if this unit is the leader.
-func (ctx *HookContext) SetServiceStatus(serviceStatus jujuc.StatusInfo) error {
-	logger.Tracef("[SERVICE-STATUS] %s: %s", serviceStatus.Status, serviceStatus.Info)
+func (ctx *HookContext) SetApplicationStatus(serviceStatus jujuc.StatusInfo) error {
+	logger.Tracef("[APPLICATION-STATUS] %s: %s", serviceStatus.Status, serviceStatus.Info)
 	isLeader, err := ctx.IsLeader()
 	if err != nil {
 		return errors.Annotatef(err, "cannot determine leadership")
@@ -364,7 +364,7 @@
 		return ErrIsNotLeader
 	}
 
-	service, err := ctx.unit.Service()
+	service, err := ctx.unit.Application()
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -791,3 +791,40 @@
 func (ctx *HookContext) NetworkConfig(bindingName string) ([]params.NetworkConfig, error) {
 	return ctx.unit.NetworkConfig(bindingName)
 }
+
+// UnitWorkloadVersion returns the version of the workload reported by
+// the current unit.
+func (ctx *HookContext) UnitWorkloadVersion() (string, error) {
+	var results params.StringResults
+	args := params.Entities{
+		Entities: []params.Entity{{Tag: ctx.unit.Tag().String()}},
+	}
+	err := ctx.state.Facade().FacadeCall("WorkloadVersion", args, &results)
+	if err != nil {
+		return "", err
+	}
+	if len(results.Results) != 1 {
+		return "", fmt.Errorf("expected 1 result, got %d", len(results.Results))
+	}
+	result := results.Results[0]
+	if result.Error != nil {
+		return "", result.Error
+	}
+	return result.Result, nil
+}
+
+// SetUnitWorkloadVersion sets the current unit's workload version to
+// the specified value.
+func (ctx *HookContext) SetUnitWorkloadVersion(version string) error {
+	var result params.ErrorResults
+	args := params.EntityWorkloadVersions{
+		Entities: []params.EntityWorkloadVersion{
+			{Tag: ctx.unit.Tag().String(), WorkloadVersion: version},
+		},
+	}
+	err := ctx.state.Facade().FacadeCall("SetWorkloadVersion", args, &result)
+	if err != nil {
+		return err
+	}
+	return result.OneError()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/context_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/context_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/context_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/context_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -135,6 +135,21 @@
 	c.Assert(ctx.(runner.Context).HasExecutionSetUnitStatus(), jc.IsTrue)
 }
 
+func (s *InterfaceSuite) TestGetSetWorkloadVersion(c *gc.C) {
+	ctx := s.GetContext(c, -1, "")
+	// No workload version set yet.
+	result, err := ctx.UnitWorkloadVersion()
+	c.Assert(result, gc.Equals, "")
+	c.Assert(err, jc.ErrorIsNil)
+
+	err = ctx.SetUnitWorkloadVersion("Pipey")
+	c.Assert(err, jc.ErrorIsNil)
+
+	result, err = ctx.UnitWorkloadVersion()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(result, gc.Equals, "Pipey")
+}
+
 func (s *InterfaceSuite) TestUnitStatusCaching(c *gc.C) {
 	ctx := s.GetContext(c, -1, "")
 	unitStatus, err := ctx.UnitStatus()
@@ -143,7 +158,13 @@
 	c.Check(unitStatus.Data, gc.DeepEquals, map[string]interface{}{})
 
 	// Change remote state.
-	err = s.unit.SetStatus(status.StatusActive, "it works", nil)
+	now := time.Now()
+	sInfo := status.StatusInfo{
+		Status:  status.StatusActive,
+		Message: "it works",
+		Since:   &now,
+	}
+	err = s.unit.SetStatus(sInfo)
 	c.Assert(err, jc.ErrorIsNil)
 
 	// Local view is unchanged.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/env_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/env_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/env_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/env_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,12 +9,12 @@
 	"runtime"
 	"sort"
 
-	"github.com/juju/names"
 	envtesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/keyvalues"
 	"github.com/juju/utils/proxy"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/worker/uniter/runner/context"
 	jujuos "github.com/juju/utils/os"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,10 +5,10 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/clock"
 	"github.com/juju/utils/proxy"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/leader.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/leader.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/leader.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/leader.go	2016-07-18 19:45:44.000000000 +0000
@@ -30,9 +30,9 @@
 }
 
 type leadershipContext struct {
-	accessor    LeadershipSettingsAccessor
-	tracker     leadership.Tracker
-	serviceName string
+	accessor        LeadershipSettingsAccessor
+	tracker         leadership.Tracker
+	applicationName string
 
 	isMinion bool
 	settings map[string]string
@@ -40,9 +40,9 @@
 
 func NewLeadershipContext(accessor LeadershipSettingsAccessor, tracker leadership.Tracker) LeadershipContext {
 	return &leadershipContext{
-		accessor:    accessor,
-		tracker:     tracker,
-		serviceName: tracker.ServiceName(),
+		accessor:        accessor,
+		tracker:         tracker,
+		applicationName: tracker.ApplicationName(),
 	}
 }
 
@@ -77,7 +77,7 @@
 		// as merged by the server. But we don't need to get them again right now;
 		// the charm may not need to ask again before the hook finishes.
 		ctx.settings = nil
-		err = ctx.accessor.Merge(ctx.serviceName, settings)
+		err = ctx.accessor.Merge(ctx.applicationName, settings)
 	}
 	return errors.Annotate(err, "cannot write settings")
 }
@@ -86,7 +86,7 @@
 func (ctx *leadershipContext) LeaderSettings() (map[string]string, error) {
 	if ctx.settings == nil {
 		var err error
-		ctx.settings, err = ctx.accessor.Read(ctx.serviceName)
+		ctx.settings, err = ctx.accessor.Read(ctx.applicationName)
 		if err != nil {
 			return nil, errors.Annotate(err, "cannot read settings")
 		}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/leader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/leader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/leader_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/leader_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,7 +33,7 @@
 		serviceName: "led-service",
 	}
 	s.CheckCalls(c, []testing.StubCall{{
-		FuncName: "ServiceName",
+		FuncName: "ApplicationName",
 	}}, func() {
 		s.context = context.NewLeadershipContext(s.accessor, s.tracker)
 	})
@@ -307,8 +307,8 @@
 	results     []StubTicket
 }
 
-func (stub *StubTracker) ServiceName() string {
-	stub.MethodCall(stub, "ServiceName")
+func (stub *StubTracker) ApplicationName() string {
+	stub.MethodCall(stub, "ApplicationName")
 	return stub.serviceName
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/ports.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/ports.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/ports.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/ports.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/network"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/ports_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/ports_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/ports_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/ports_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package context_test
 
 import (
-	"github.com/juju/names"
 	envtesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/network"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/relation_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/relation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/relation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/relation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,10 +4,10 @@
 package context_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	apiuniter "github.com/juju/juju/api/uniter"
@@ -19,7 +19,7 @@
 
 type ContextRelationSuite struct {
 	testing.JujuConnSuite
-	svc *state.Service
+	svc *state.Application
 	rel *state.Relation
 	ru  *state.RelationUnit
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/unitStorage_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/unitStorage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/unitStorage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/unitStorage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,11 +4,11 @@
 package context_test
 
 import (
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/provider/ec2"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/context/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/context/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,13 +8,13 @@
 	"strings"
 	"time"
 
-	"github.com/juju/names"
 	jujutesting "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/proxy"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/block"
@@ -39,7 +39,7 @@
 // methods should not be added to this type, because they'll get run repeatedly.
 type HookContextSuite struct {
 	testing.JujuConnSuite
-	service  *state.Service
+	service  *state.Application
 	unit     *state.Unit
 	machine  *state.Machine
 	relch    *state.Charm
@@ -128,7 +128,7 @@
 	)
 }
 
-func (s *HookContextSuite) addUnit(c *gc.C, svc *state.Service) *state.Unit {
+func (s *HookContextSuite) addUnit(c *gc.C, svc *state.Application) *state.Unit {
 	unit, err := svc.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	if s.machine != nil {
@@ -152,7 +152,7 @@
 	return unit
 }
 
-func (s *HookContextSuite) AddUnit(c *gc.C, svc *state.Service) *state.Unit {
+func (s *HookContextSuite) AddUnit(c *gc.C, svc *state.Application) *state.Unit {
 	unit := s.addUnit(c, svc)
 	name := strings.Replace(unit.Name(), "/", "-", 1)
 	privateAddr := network.NewScopedAddress(name+".testing.invalid", network.ScopeCloudLocal)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/debug/common.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/debug/common.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/debug/common.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/debug/common.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"fmt"
 	"path/filepath"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 const defaultFlockDir = "/tmp"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/factory.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/factory.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/factory.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/factory.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/factory_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/factory_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/factory_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/factory_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,11 +9,11 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/state"
 	"github.com/juju/juju/testing"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,54 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package jujuc
+
+import (
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+)
+
+type applicationVersionSetCommand struct {
+	cmd.CommandBase
+	ctx Context
+
+	version string
+}
+
+// NewApplicationVersionSetCommand creates an application-version-set command.
+func NewApplicationVersionSetCommand(ctx Context) (cmd.Command, error) {
+	cmd := &applicationVersionSetCommand{ctx: ctx}
+	return cmd, nil
+}
+
+// Info is part of the cmd.Command interface.
+func (c *applicationVersionSetCommand) Info() *cmd.Info {
+	doc := `
+application-version-set tells Juju which version of the application
+software is running. This could be a package version number or some
+other useful identifier, such as a Git hash, that indicates the
+version of the deployed software. (It shouldn't be confused with the
+charm revision.) The version set will be displayed in "juju status"
+output for the application.
+`
+	return &cmd.Info{
+		Name:    "application-version-set",
+		Args:    "<new-version>",
+		Purpose: "specify which version of the application is deployed",
+		Doc:     doc,
+	}
+}
+
+// Init is part of the cmd.Command interface.
+func (c *applicationVersionSetCommand) Init(args []string) error {
+	if len(args) < 1 {
+		return errors.New("no version specified")
+	}
+	c.version = args[0]
+	return cmd.CheckEmpty(args[1:])
+}
+
+// Run is part of the cmd.Command interface.
+func (c *applicationVersionSetCommand) Run(ctx *cmd.Context) error {
+	return c.ctx.SetUnitWorkloadVersion(c.version)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/application-version-set_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,85 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package jujuc_test
+
+import (
+	"github.com/juju/cmd"
+	"github.com/juju/errors"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/juju/testing"
+	"github.com/juju/juju/worker/uniter/runner/jujuc"
+)
+
+type ApplicationVersionSetSuite struct {
+	ContextSuite
+}
+
+var _ = gc.Suite(&ApplicationVersionSetSuite{})
+
+func (s *ApplicationVersionSetSuite) createCommand(c *gc.C, err error) (*Context, cmd.Command) {
+	hctx := s.GetHookContext(c, -1, "")
+	s.Stub.SetErrors(err)
+
+	com, err := jujuc.NewCommand(hctx, cmdString("application-version-set"))
+	c.Assert(err, jc.ErrorIsNil)
+	return hctx, com
+}
+
+func (s *ApplicationVersionSetSuite) TestApplicationVersionSetNoArguments(c *gc.C) {
+	hctx, com := s.createCommand(c, nil)
+	ctx := testing.Context(c)
+	code := cmd.Main(com, ctx, nil)
+	c.Check(code, gc.Equals, 2)
+	c.Check(bufferString(ctx.Stdout), gc.Equals, "")
+	c.Check(bufferString(ctx.Stderr), gc.Equals, "error: no version specified\n")
+	c.Check(hctx.info.Version.WorkloadVersion, gc.Equals, "")
+}
+
+func (s *ApplicationVersionSetSuite) TestApplicationVersionSetWithArguments(c *gc.C) {
+	hctx, com := s.createCommand(c, nil)
+	ctx := testing.Context(c)
+	code := cmd.Main(com, ctx, []string{"dia de los muertos"})
+	c.Check(code, gc.Equals, 0)
+	c.Check(bufferString(ctx.Stdout), gc.Equals, "")
+	c.Check(bufferString(ctx.Stderr), gc.Equals, "")
+	c.Check(hctx.info.Version.WorkloadVersion, gc.Equals, "dia de los muertos")
+}
+
+func (s *ApplicationVersionSetSuite) TestApplicationVersionSetError(c *gc.C) {
+	hctx, com := s.createCommand(c, errors.New("uh oh spaghettio"))
+	ctx := testing.Context(c)
+	code := cmd.Main(com, ctx, []string{"cannae"})
+	c.Check(code, gc.Equals, 1)
+	c.Check(bufferString(ctx.Stdout), gc.Equals, "")
+	c.Check(bufferString(ctx.Stderr), gc.Equals, "error: uh oh spaghettio\n")
+	c.Check(hctx.info.Version.WorkloadVersion, gc.Equals, "")
+}
+
+func (s *ApplicationVersionSetSuite) TestHelp(c *gc.C) {
+
+	var helpTemplate = `
+Usage: application-version-set <new-version>
+
+Summary:
+specify which version of the application is deployed
+
+Details:
+application-version-set tells Juju which version of the application
+software is running. This could be a package version number or some
+other useful identifier, such as a Git hash, that indicates the
+version of the deployed software. (It shouldn't be confused with the
+charm revision.) The version set will be displayed in "juju status"
+output for the application.
+`[1:]
+
+	_, com := s.createCommand(c, nil)
+	ctx := testing.Context(c)
+	code := cmd.Main(com, ctx, []string{"--help"})
+	c.Check(code, gc.Equals, 0)
+
+	c.Check(bufferString(ctx.Stdout), gc.Equals, helpTemplate)
+	c.Check(bufferString(ctx.Stderr), gc.Equals, "")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/context.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/context.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/context.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/context.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/network"
@@ -52,6 +52,7 @@
 	ContextStorage
 	ContextComponents
 	ContextRelations
+	ContextVersion
 }
 
 // UnitHookContext is the context for a unit hook.
@@ -115,12 +116,12 @@
 	// SetUnitStatus updates the unit's status.
 	SetUnitStatus(StatusInfo) error
 
-	// ServiceStatus returns the executing unit's service status
+	// ApplicationStatus returns the executing unit's service status
 	// (including all units).
-	ServiceStatus() (ServiceStatusInfo, error)
+	ApplicationStatus() (ApplicationStatusInfo, error)
 
-	// SetServiceStatus updates the status for the unit's service.
-	SetServiceStatus(StatusInfo) error
+	// SetApplicationStatus updates the status for the unit's service.
+	SetApplicationStatus(StatusInfo) error
 }
 
 // ContextInstance is the part of a hook context related to the unit's instance.
@@ -287,6 +288,18 @@
 	Location() string
 }
 
+// ContextVersion expresses the parts of a hook context related to
+// reporting workload versions.
+type ContextVersion interface {
+
+	// UnitWorkloadVersion returns the currently set workload version for
+	// the unit.
+	UnitWorkloadVersion() (string, error)
+
+	// SetUnitWorkloadVersion updates the workload version for the unit.
+	SetUnitWorkloadVersion(string) error
+}
+
 // Settings is implemented by types that manipulate unit settings.
 type Settings interface {
 	Map() params.Settings
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/reboot.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/reboot.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/reboot.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/reboot.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package jujuc
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/restricted.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/restricted.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/restricted.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/restricted.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/network"
@@ -31,13 +31,13 @@
 // SetUnitStatus implements jujuc.Context.
 func (*RestrictedContext) SetUnitStatus(StatusInfo) error { return ErrRestrictedContext }
 
-// ServiceStatus implements jujuc.Context.
-func (*RestrictedContext) ServiceStatus() (ServiceStatusInfo, error) {
-	return ServiceStatusInfo{}, ErrRestrictedContext
+// ApplicationStatus implements jujuc.Context.
+func (*RestrictedContext) ApplicationStatus() (ApplicationStatusInfo, error) {
+	return ApplicationStatusInfo{}, ErrRestrictedContext
 }
 
-// SetServiceStatus implements jujuc.Context.
-func (*RestrictedContext) SetServiceStatus(StatusInfo) error { return ErrRestrictedContext }
+// SetApplicationStatus implements jujuc.Context.
+func (*RestrictedContext) SetApplicationStatus(StatusInfo) error { return ErrRestrictedContext }
 
 // AvailabilityZone implements jujuc.Context.
 func (*RestrictedContext) AvailabilityZone() (string, error) { return "", ErrRestrictedContext }
@@ -137,3 +137,13 @@
 func (*RestrictedContext) Component(string) (ContextComponent, error) {
 	return nil, ErrRestrictedContext
 }
+
+// UnitWorkloadVersion implements jujuc.Context.
+func (*RestrictedContext) UnitWorkloadVersion() (string, error) {
+	return "", ErrRestrictedContext
+}
+
+// SetUnitWorkloadVersion implements jujuc.Context.
+func (*RestrictedContext) SetUnitWorkloadVersion(string) error {
+	return ErrRestrictedContext
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/server.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/server.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/server.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/server.go	2016-07-18 19:45:44.000000000 +0000
@@ -43,24 +43,25 @@
 
 // baseCommands maps Command names to creators.
 var baseCommands = map[string]creator{
-	"close-port" + cmdSuffix:    NewClosePortCommand,
-	"config-get" + cmdSuffix:    NewConfigGetCommand,
-	"juju-log" + cmdSuffix:      NewJujuLogCommand,
-	"open-port" + cmdSuffix:     NewOpenPortCommand,
-	"opened-ports" + cmdSuffix:  NewOpenedPortsCommand,
-	"relation-get" + cmdSuffix:  NewRelationGetCommand,
-	"action-get" + cmdSuffix:    NewActionGetCommand,
-	"action-set" + cmdSuffix:    NewActionSetCommand,
-	"action-fail" + cmdSuffix:   NewActionFailCommand,
-	"relation-ids" + cmdSuffix:  NewRelationIdsCommand,
-	"relation-list" + cmdSuffix: NewRelationListCommand,
-	"relation-set" + cmdSuffix:  NewRelationSetCommand,
-	"unit-get" + cmdSuffix:      NewUnitGetCommand,
-	"add-metric" + cmdSuffix:    NewAddMetricCommand,
-	"juju-reboot" + cmdSuffix:   NewJujuRebootCommand,
-	"status-get" + cmdSuffix:    NewStatusGetCommand,
-	"status-set" + cmdSuffix:    NewStatusSetCommand,
-	"network-get" + cmdSuffix:   NewNetworkGetCommand,
+	"close-port" + cmdSuffix:              NewClosePortCommand,
+	"config-get" + cmdSuffix:              NewConfigGetCommand,
+	"juju-log" + cmdSuffix:                NewJujuLogCommand,
+	"open-port" + cmdSuffix:               NewOpenPortCommand,
+	"opened-ports" + cmdSuffix:            NewOpenedPortsCommand,
+	"relation-get" + cmdSuffix:            NewRelationGetCommand,
+	"action-get" + cmdSuffix:              NewActionGetCommand,
+	"action-set" + cmdSuffix:              NewActionSetCommand,
+	"action-fail" + cmdSuffix:             NewActionFailCommand,
+	"relation-ids" + cmdSuffix:            NewRelationIdsCommand,
+	"relation-list" + cmdSuffix:           NewRelationListCommand,
+	"relation-set" + cmdSuffix:            NewRelationSetCommand,
+	"unit-get" + cmdSuffix:                NewUnitGetCommand,
+	"add-metric" + cmdSuffix:              NewAddMetricCommand,
+	"juju-reboot" + cmdSuffix:             NewJujuRebootCommand,
+	"status-get" + cmdSuffix:              NewStatusGetCommand,
+	"status-set" + cmdSuffix:              NewStatusSetCommand,
+	"network-get" + cmdSuffix:             NewNetworkGetCommand,
+	"application-version-set" + cmdSuffix: NewApplicationVersionSetCommand,
 }
 
 var storageCommands = map[string]creator{
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,7 +31,7 @@
 `
 	return &cmd.Info{
 		Name:    "status-get",
-		Args:    "[--include-data] [--service]",
+		Args:    "[--include-data] [--application]",
 		Purpose: "print status information",
 		Doc:     doc,
 	}
@@ -40,7 +40,7 @@
 func (c *StatusGetCommand) SetFlags(f *gnuflag.FlagSet) {
 	c.out.AddFlags(f, "smart", cmd.DefaultFormatters)
 	f.BoolVar(&c.includeData, "include-data", false, "print all status data")
-	f.BoolVar(&c.serviceWide, "service", false, "print status for all units of this service if this unit is the leader")
+	f.BoolVar(&c.serviceWide, "application", false, "print status for all units of this application if this unit is the leader")
 }
 
 func (c *StatusGetCommand) Init(args []string) error {
@@ -55,10 +55,10 @@
 	Data   map[string]interface{}
 }
 
-// ServiceStatusInfo holds StatusInfo for a Service and all its Units.
-type ServiceStatusInfo struct {
-	Service StatusInfo
-	Units   []StatusInfo
+// ApplicationStatusInfo holds StatusInfo for an Application and all its Units.
+type ApplicationStatusInfo struct {
+	Application StatusInfo
+	Units       []StatusInfo
 }
 
 func toDetails(info StatusInfo, includeData bool) map[string]interface{} {
@@ -75,8 +75,8 @@
 	return details
 }
 
-func (c *StatusGetCommand) ServiceStatus(ctx *cmd.Context) error {
-	serviceStatus, err := c.ctx.ServiceStatus()
+func (c *StatusGetCommand) ApplicationStatus(ctx *cmd.Context) error {
+	serviceStatus, err := c.ctx.ApplicationStatus()
 	if err != nil {
 		if errors.IsNotImplemented(err) {
 			return c.out.Write(ctx, status.StatusUnknown)
@@ -84,17 +84,17 @@
 		return errors.Annotatef(err, "finding service status")
 	}
 	if !c.includeData && c.out.Name() == "smart" {
-		return c.out.Write(ctx, serviceStatus.Service.Status)
+		return c.out.Write(ctx, serviceStatus.Application.Status)
 	}
 	statusDetails := make(map[string]interface{})
-	details := toDetails(serviceStatus.Service, c.includeData)
+	details := toDetails(serviceStatus.Application, c.includeData)
 
 	units := make(map[string]interface{}, len(serviceStatus.Units))
 	for _, unit := range serviceStatus.Units {
 		units[unit.Tag] = toDetails(unit, c.includeData)
 	}
 	details["units"] = units
-	statusDetails["service-status"] = details
+	statusDetails["application-status"] = details
 	c.out.Write(ctx, statusDetails)
 
 	return nil
@@ -105,7 +105,7 @@
 	var err error
 
 	if c.serviceWide {
-		return c.ServiceStatus(ctx)
+		return c.ApplicationStatus(ctx)
 	}
 
 	unitStatus, err := c.ctx.UnitStatus()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-get_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -54,7 +54,7 @@
 }
 
 func setFakeServiceStatus(ctx *Context) {
-	ctx.info.Status.SetServiceStatus(
+	ctx.info.Status.SetApplicationStatus(
 		jujuc.StatusInfo{
 			Status: "active",
 			Info:   "this is a service status",
@@ -104,20 +104,20 @@
 	code := cmd.Main(com, ctx, []string{"--help"})
 	c.Assert(code, gc.Equals, 0)
 	expectedHelp := "" +
-		"Usage: status-get [options] [--include-data] [--service]\n" +
+		"Usage: status-get [options] [--include-data] [--application]\n" +
 		"\n" +
 		"Summary:\n" +
 		"print status information\n" +
 		"\n" +
 		"Options:\n" +
+		"--application  (= false)\n" +
+		"    print status for all units of this application if this unit is the leader\n" +
 		"--format  (= smart)\n" +
 		"    Specify output format (json|smart|yaml)\n" +
 		"--include-data  (= false)\n" +
 		"    print all status data\n" +
 		"-o, --output (= \"\")\n" +
 		"    Specify an output file\n" +
-		"--service  (= false)\n" +
-		"    print status for all units of this service if this unit is the leader\n" +
 		"\n" +
 		"Details:\n" +
 		"By default, only the status value is printed.\n" +
@@ -147,7 +147,7 @@
 
 func (s *statusGetSuite) TestServiceStatus(c *gc.C) {
 	expected := map[string]interface{}{
-		"service-status": map[interface{}]interface{}{
+		"application-status": map[interface{}]interface{}{
 			"status-data": map[interface{}]interface{}{},
 			"units": map[interface{}]interface{}{
 				"": map[interface{}]interface{}{
@@ -164,7 +164,7 @@
 	com, err := jujuc.NewCommand(hctx, cmdString("status-get"))
 	c.Assert(err, jc.ErrorIsNil)
 	ctx := testing.Context(c)
-	code := cmd.Main(com, ctx, []string{"--format", "json", "--include-data", "--service"})
+	code := cmd.Main(com, ctx, []string{"--format", "json", "--include-data", "--application"})
 	c.Assert(code, gc.Equals, 0)
 
 	var out map[string]interface{}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set.go	2016-07-18 19:45:44.000000000 +0000
@@ -47,7 +47,8 @@
 }
 
 func (c *StatusSetCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.service, "service", false, "set this status for the service to which the unit belongs if the unit is the leader")
+	f.BoolVar(&c.service, "application", false, "set this status for the application to which the unit belongs if the unit is the leader")
+	f.BoolVar(&c.service, "service", false, "set this status for the application to which the unit belongs if the unit is the leader")
 }
 
 func (c *StatusSetCommand) Init(args []string) error {
@@ -78,7 +79,7 @@
 		Info:   c.message,
 	}
 	if c.service {
-		return c.ctx.SetServiceStatus(statusInfo)
+		return c.ctx.SetApplicationStatus(statusInfo)
 	}
 	return c.ctx.SetUnitStatus(statusInfo)
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/status-set_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -58,8 +58,8 @@
 		"set status information\n" +
 		"\n" +
 		"Options:\n" +
-		"--service  (= false)\n" +
-		"    set this status for the service to which the unit belongs if the unit is the leader\n" +
+		"--service, --application  (= false)\n" +
+		"    set this status for the application to which the unit belongs if the unit is the leader\n" +
 		"\n" +
 		"Details:\n" +
 		"Sets the workload status of the charm. Message is optional.\n" +
@@ -93,8 +93,9 @@
 
 func (s *statusSetSuite) TestServiceStatus(c *gc.C) {
 	for i, args := range [][]string{
+		[]string{"--application", "maintenance", "doing some work"},
+		[]string{"--application", "active", ""},
 		[]string{"--service", "maintenance", "doing some work"},
-		[]string{"--service", "active", ""},
 	} {
 		c.Logf("test %d: %#v", i, args)
 		hctx := s.GetStatusHookContext(c)
@@ -105,10 +106,10 @@
 		c.Assert(code, gc.Equals, 0)
 		c.Assert(bufferString(ctx.Stderr), gc.Equals, "")
 		c.Assert(bufferString(ctx.Stdout), gc.Equals, "")
-		status, err := hctx.ServiceStatus()
+		status, err := hctx.ApplicationStatus()
 		c.Assert(err, jc.ErrorIsNil)
-		c.Assert(status.Service.Status, gc.Equals, args[1])
-		c.Assert(status.Service.Info, gc.Equals, args[2])
+		c.Assert(status.Application.Status, gc.Equals, args[1])
+		c.Assert(status.Application.Info, gc.Equals, args[2])
 		c.Assert(status.Units, jc.DeepEquals, []jujuc.StatusInfo{})
 
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-get.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-get.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-get.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-get.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 )
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-list.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-list.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-list.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/storage-list.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/gnuflag"
 )
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/context.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/context.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/context.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/context.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,6 +22,7 @@
 	Relations
 	RelationHook
 	ActionHook
+	Version
 }
 
 // Context returns a Context that wraps the info.
@@ -61,6 +62,7 @@
 	ContextRelations
 	ContextRelationHook
 	ContextActionHook
+	ContextVersion
 }
 
 // NewContext builds a jujuc.Context test double.
@@ -88,5 +90,7 @@
 	ctx.ContextRelationHook.info = &info.RelationHook
 	ctx.ContextActionHook.stub = stub
 	ctx.ContextActionHook.info = &info.ActionHook
+	ctx.ContextVersion.stub = stub
+	ctx.ContextVersion.info = &info.Version
 	return &ctx
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/status.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/status.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/status.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/status.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,15 +11,15 @@
 
 // Status  holds the values for the hook context.
 type Status struct {
-	UnitStatus    jujuc.StatusInfo
-	ServiceStatus jujuc.ServiceStatusInfo
+	UnitStatus        jujuc.StatusInfo
+	ApplicationStatus jujuc.ApplicationStatusInfo
 }
 
-// SetServiceStatus builds a service status and sets it on the Status.
-func (s *Status) SetServiceStatus(service jujuc.StatusInfo, units []jujuc.StatusInfo) {
-	s.ServiceStatus = jujuc.ServiceStatusInfo{
-		Service: service,
-		Units:   units,
+// SetApplicationStatus builds a service status and sets it on the Status.
+func (s *Status) SetApplicationStatus(service jujuc.StatusInfo, units []jujuc.StatusInfo) {
+	s.ApplicationStatus = jujuc.ApplicationStatusInfo{
+		Application: service,
+		Units:       units,
 	}
 }
 
@@ -50,23 +50,23 @@
 	return nil
 }
 
-// ServiceStatus implements jujuc.ContextStatus.
-func (c *ContextStatus) ServiceStatus() (jujuc.ServiceStatusInfo, error) {
-	c.stub.AddCall("ServiceStatus")
+// ApplicationStatus implements jujuc.ContextStatus.
+func (c *ContextStatus) ApplicationStatus() (jujuc.ApplicationStatusInfo, error) {
+	c.stub.AddCall("ApplicationStatus")
 	if err := c.stub.NextErr(); err != nil {
-		return jujuc.ServiceStatusInfo{}, errors.Trace(err)
+		return jujuc.ApplicationStatusInfo{}, errors.Trace(err)
 	}
 
-	return c.info.ServiceStatus, nil
+	return c.info.ApplicationStatus, nil
 }
 
-// SetServiceStatus implements jujuc.ContextStatus.
-func (c *ContextStatus) SetServiceStatus(status jujuc.StatusInfo) error {
-	c.stub.AddCall("SetServiceStatus", status)
+// SetApplicationStatus implements jujuc.ContextStatus.
+func (c *ContextStatus) SetApplicationStatus(status jujuc.StatusInfo) error {
+	c.stub.AddCall("SetApplicationStatus", status)
 	if err := c.stub.NextErr(); err != nil {
 		return errors.Trace(err)
 	}
 
-	c.info.SetServiceStatus(status, nil)
+	c.info.SetApplicationStatus(status, nil)
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storageattachment.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storageattachment.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storageattachment.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storageattachment.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package testing
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storage.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 	"fmt"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	"github.com/juju/utils/set"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/storage"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/version.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/version.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/version.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/jujuc/testing/version.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,38 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package testing
+
+import (
+	"github.com/juju/errors"
+)
+
+// Version holds values for the hook context.
+type Version struct {
+	WorkloadVersion string
+}
+
+// ContextVersion is a test double for jujuc.ContextVersion.
+type ContextVersion struct {
+	contextBase
+	info *Version
+}
+
+// UnitWorkloadVersion implements jujuc.ContextVersion.
+func (c *ContextVersion) UnitWorkloadVersion() (string, error) {
+	c.stub.AddCall("UnitWorkloadVersion")
+	if err := c.stub.NextErr(); err != nil {
+		return "", errors.Trace(err)
+	}
+	return c.info.WorkloadVersion, nil
+}
+
+// SetUnitWorkloadVersion implements jujuc.ContextVersion.
+func (c *ContextVersion) SetUnitWorkloadVersion(version string) error {
+	c.stub.AddCall("SetUnitWorkloadVersion", version)
+	if err := c.stub.NextErr(); err != nil {
+		return errors.Trace(err)
+	}
+	c.info.WorkloadVersion = version
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/process_nix_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/process_nix_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/process_nix_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/process_nix_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 // +build !windows
 
 package runner_test
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/process_windows_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/process_windows_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/process_windows_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/process_windows_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,7 @@
+// Copyright 2014 Canonical Ltd.
+// Copyright 2014 Cloudbase Solutions SRL
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package runner_test
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/testing/utils.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/testing/utils.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/testing/utils.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/testing/utils.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,9 @@
 	"runtime"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/core/leadership"
 	"github.com/juju/juju/storage"
@@ -121,6 +121,6 @@
 	leadership.Tracker
 }
 
-func (FakeTracker) ServiceName() string {
-	return "service-name"
+func (FakeTracker) ApplicationName() string {
+	return "application-name"
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/runner/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/runner/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,11 +11,11 @@
 	"strings"
 	"time"
 
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/fs"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api"
 	"github.com/juju/juju/api/uniter"
@@ -42,7 +42,7 @@
 	membership     map[int][]string
 
 	st      api.Connection
-	service *state.Service
+	service *state.Application
 	machine *state.Machine
 	unit    *state.Unit
 	uniter  *uniter.State
@@ -136,7 +136,7 @@
 	s.apiRelunits[rel.Id()] = apiRelUnit
 }
 
-func (s *ContextSuite) AddUnit(c *gc.C, svc *state.Service) *state.Unit {
+func (s *ContextSuite) AddUnit(c *gc.C, svc *state.Application) *state.Unit {
 	unit, err := svc.AddUnit()
 	c.Assert(err, jc.ErrorIsNil)
 	if s.machine != nil {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/attachments.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/attachments.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/attachments.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/attachments.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,9 +11,9 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils/set"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/storage"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/attachments_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/attachments_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/attachments_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/attachments_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,11 +8,11 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	corestorage "github.com/juju/juju/storage"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/context.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/context.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/context.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/context.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package storage
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/storage"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/export_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,7 +4,7 @@
 package storage
 
 import (
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/worker/uniter/hook"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/mock_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/mock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/mock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/mock_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,7 +6,7 @@
 import (
 	"fmt"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/worker/uniter/hook"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/resolver.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/resolver.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/resolver.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/resolver.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,8 +5,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/storage"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/state.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/state.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/state.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/state.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,9 +10,9 @@
 	"strings"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/worker/uniter/hook"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/state_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/state_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/storage/state_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/storage/state_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,10 +9,10 @@
 	"path/filepath"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable/hooks"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/testing"
 	"github.com/juju/juju/worker/uniter/hook"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/uniter.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/uniter.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/uniter.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/uniter.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,18 +6,17 @@
 import (
 	"fmt"
 	"os"
-	"strings"
 	"sync"
 	"time"
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"github.com/juju/mutex"
 	"github.com/juju/utils"
 	"github.com/juju/utils/clock"
 	"github.com/juju/utils/exec"
-	"github.com/juju/utils/fslock"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/api/uniter"
 	"github.com/juju/juju/apiserver/params"
@@ -79,7 +78,7 @@
 	leadershipTracker leadership.Tracker
 	charmDirGuard     fortress.Guard
 
-	hookLock *fslock.Lock
+	hookLockName string
 
 	// TODO(axw) move the runListener and run-command code outside of the
 	// uniter, and introduce a separate worker. Each worker would feed
@@ -111,7 +110,7 @@
 	LeadershipTracker    leadership.Tracker
 	DataDir              string
 	Downloader           charm.Downloader
-	MachineLock          *fslock.Lock
+	MachineLockName      string
 	CharmDirGuard        fortress.Guard
 	UpdateStatusSignal   func() <-chan time.Time
 	HookRetryStrategy    params.RetryStrategy
@@ -123,7 +122,7 @@
 	Observer UniterExecutionObserver
 }
 
-type NewExecutorFunc func(string, func() (*corecharm.URL, error), func(string) (func() error, error)) (operation.Executor, error)
+type NewExecutorFunc func(string, func() (*corecharm.URL, error), func() (mutex.Releaser, error)) (operation.Executor, error)
 
 // NewUniter creates a new Uniter which will install, run, and upgrade
 // a charm on behalf of the unit with the given unitTag, by executing
@@ -132,7 +131,7 @@
 	u := &Uniter{
 		st:                   uniterParams.UniterFacade,
 		paths:                NewPaths(uniterParams.DataDir, uniterParams.UnitTag),
-		hookLock:             uniterParams.MachineLock,
+		hookLockName:         uniterParams.MachineLockName,
 		leadershipTracker:    uniterParams.LeadershipTracker,
 		charmDirGuard:        uniterParams.CharmDirGuard,
 		updateStatusAt:       uniterParams.UpdateStatusSignal,
@@ -148,10 +147,7 @@
 			return u.loop(uniterParams.UnitTag)
 		},
 	})
-	if err != nil {
-		return nil, errors.Trace(err)
-	}
-	return u, nil
+	return u, errors.Trace(err)
 }
 
 func (u *Uniter) loop(unitTag names.UnitTag) (err error) {
@@ -159,7 +155,7 @@
 		if err == worker.ErrTerminateAgent {
 			return err
 		}
-		return fmt.Errorf("failed to initialize uniter for %q: %v", unitTag, err)
+		return errors.Annotatef(err, "failed to initialize uniter for %q", unitTag)
 	}
 	logger.Infof("unit %q started", u.unit)
 
@@ -185,7 +181,7 @@
 			return errors.Trace(err)
 		}
 		charmURL = curl
-		svc, err := u.unit.Service()
+		svc, err := u.unit.Application()
 		if err != nil {
 			return errors.Trace(err)
 		}
@@ -390,21 +386,6 @@
 	}
 }
 
-func (u *Uniter) setupLocks() (err error) {
-	if message := u.hookLock.Message(); u.hookLock.IsLocked() && message != "" {
-		// Look to see if it was us that held the lock before.  If it was, we
-		// should be safe enough to break it, as it is likely that we died
-		// before unlocking, and have been restarted by the init system.
-		parts := strings.SplitN(message, ":", 2)
-		if len(parts) > 1 && parts[0] == u.unit.Name() {
-			if err := u.hookLock.BreakLock(); err != nil {
-				return err
-			}
-		}
-	}
-	return nil
-}
-
 func (u *Uniter) init(unitTag names.UnitTag) (err error) {
 	u.unit, err = u.st.Unit(unitTag)
 	if err != nil {
@@ -417,9 +398,6 @@
 		// and inescapable, whereas this one is not.
 		return worker.ErrTerminateAgent
 	}
-	if err = u.setupLocks(); err != nil {
-		return err
-	}
 	if err := jujuc.EnsureSymlinks(u.paths.ToolsDir); err != nil {
 		return err
 	}
@@ -516,7 +494,7 @@
 
 func (u *Uniter) getServiceCharmURL() (*corecharm.URL, error) {
 	// TODO(fwereade): pretty sure there's no reason to make 2 API calls here.
-	service, err := u.st.Service(u.unit.ServiceTag())
+	service, err := u.st.Application(u.unit.ApplicationTag())
 	if err != nil {
 		return nil, err
 	}
@@ -534,26 +512,20 @@
 // acquireExecutionLock acquires the machine-level execution lock, and
 // returns a func that must be called to unlock it. It's used by operation.Executor
 // when running operations that execute external code.
-func (u *Uniter) acquireExecutionLock(message string) (func() error, error) {
-	logger.Debugf("lock: %v", message)
+func (u *Uniter) acquireExecutionLock() (mutex.Releaser, error) {
 	// We want to make sure we don't block forever when locking, but take the
 	// Uniter's catacomb into account.
-	checkCatacomb := func() error {
-		select {
-		case <-u.catacomb.Dying():
-			return u.catacomb.ErrDying()
-		default:
-			return nil
-		}
+	spec := mutex.Spec{
+		Name:   u.hookLockName,
+		Clock:  u.clock,
+		Delay:  250 * time.Millisecond,
+		Cancel: u.catacomb.Dying(),
 	}
-	message = fmt.Sprintf("%s: %s", u.unit.Name(), message)
-	if err := u.hookLock.LockWithFunc(message, checkCatacomb); err != nil {
-		return nil, err
+	releaser, err := mutex.Acquire(spec)
+	if err != nil {
+		return nil, errors.Trace(err)
 	}
-	return func() error {
-		logger.Debugf("unlock: %v", message)
-		return u.hookLock.Unlock()
-	}, nil
+	return releaser, nil
 }
 
 func (u *Uniter) reportHookError(hookInfo hook.Info) error {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/uniter_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/uniter_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/uniter_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/uniter_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,6 +16,7 @@
 	"time"
 
 	"github.com/juju/errors"
+	"github.com/juju/mutex"
 	jc "github.com/juju/testing/checkers"
 	ft "github.com/juju/testing/filetesting"
 	"github.com/juju/utils/clock"
@@ -60,7 +61,7 @@
 	err := os.MkdirAll(toolsDir, 0755)
 	c.Assert(err, jc.ErrorIsNil)
 	// TODO(fwereade) GAAAAAAAAAAAAAAAAAH this is LUDICROUS.
-	cmd := exec.Command("go", "build", "github.com/juju/juju/cmd/jujud")
+	cmd := exec.Command(jujudBuildArgs[0], jujudBuildArgs[1:]...)
 	cmd.Dir = toolsDir
 	out, err := cmd.CombinedOutput()
 	c.Logf(string(out))
@@ -429,23 +430,19 @@
 }
 
 func (s *UniterSuite) TestUniterHookSynchronisation(c *gc.C) {
+	var lock hookLock
 	s.runUniterTests(c, []uniterTest{
 		ut(
 			"verify config change hook not run while lock held",
 			quickStart{},
-			acquireHookSyncLock{},
+			lock.acquire(),
 			changeConfig{"blog-title": "Goodness Gracious Me"},
 			waitHooks{},
-			releaseHookSyncLock,
+			lock.release(),
 			waitHooks{"config-changed"},
 		), ut(
-			"verify held lock by this unit is broken",
-			acquireHookSyncLock{"u/0:fake"},
-			quickStart{},
-			verifyHookSyncLockUnlocked,
-		), ut(
 			"verify held lock by another unit is not broken",
-			acquireHookSyncLock{"u/1:fake"},
+			lock.acquire(),
 			// Can't use quickstart as it has a built in waitHooks.
 			createCharm{},
 			serveCharm{},
@@ -454,8 +451,7 @@
 			startUniter{},
 			waitAddresses{},
 			waitHooks{},
-			verifyHookSyncLockLocked,
-			releaseHookSyncLock,
+			lock.release(),
 			waitUnitAgent{status: status.StatusIdle},
 			waitHooks{"install", "leader-elected", "config-changed", "start"},
 		),
@@ -2140,7 +2136,7 @@
 }
 
 func (s *UniterSuite) TestOperationErrorReported(c *gc.C) {
-	executorFunc := func(stateFilePath string, getInstallCharm func() (*corecharm.URL, error), acquireLock func(string) (func() error, error)) (operation.Executor, error) {
+	executorFunc := func(stateFilePath string, getInstallCharm func() (*corecharm.URL, error), acquireLock func() (mutex.Releaser, error)) (operation.Executor, error) {
 		e, err := operation.NewExecutor(stateFilePath, getInstallCharm, acquireLock)
 		c.Assert(err, jc.ErrorIsNil)
 		return &mockExecutor{e}, nil
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade123.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade123.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade123.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade123.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,56 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package uniter
-
-import (
-	"os"
-
-	"github.com/juju/names"
-	"github.com/juju/utils"
-	"gopkg.in/juju/charm.v6-unstable/hooks"
-
-	"github.com/juju/juju/worker/uniter/operation"
-)
-
-func AddStoppedFieldToUniterState(tag names.UnitTag, dataDir string) error {
-	logger.Tracef("entering upgrade step AddStoppedFieldToUniterState")
-	defer logger.Tracef("leaving upgrade step AddStoppedFieldToUniterState")
-
-	opsFile := getUniterStateFile(dataDir, tag)
-	state, err := readUnsafe(opsFile)
-	switch err {
-	case nil:
-		return performUpgrade(opsFile, state)
-	case operation.ErrNoStateFile:
-		logger.Debugf("no uniter state file found for unit %s, skipping uniter upgrade step", tag)
-		return nil
-	default:
-		return err
-	}
-}
-
-func getUniterStateFile(dataDir string, tag names.UnitTag) string {
-	paths := NewPaths(dataDir, tag)
-	return paths.State.OperationsFile
-}
-
-func performUpgrade(opsFile string, state *operation.State) error {
-	statefile := operation.NewStateFile(opsFile)
-	if state.Kind == operation.Continue && state.Hook != nil && state.Hook.Kind == hooks.Stop {
-		state.Stopped = true
-		state.Hook = nil
-		return statefile.Write(state)
-	}
-	return nil
-}
-
-func readUnsafe(opsfile string) (*operation.State, error) {
-	var st operation.State
-	if err := utils.ReadYaml(opsfile, &st); err != nil {
-		if os.IsNotExist(err) {
-			return nil, operation.ErrNoStateFile
-		}
-	}
-	return &st, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade123_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade123_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade123_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade123_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,191 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package uniter_test
-
-import (
-	"os"
-	"path/filepath"
-
-	"github.com/juju/names"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charm.v6-unstable/hooks"
-
-	"github.com/juju/juju/worker/uniter"
-	"github.com/juju/juju/worker/uniter/hook"
-	"github.com/juju/juju/worker/uniter/operation"
-)
-
-type upgradeStateContextSuite struct {
-	datadir         string
-	unitTag         names.UnitTag
-	uniterStateFile string
-	statefile       *operation.StateFile
-}
-
-var _ = gc.Suite(&upgradeStateContextSuite{})
-
-func (s *upgradeStateContextSuite) SetUpTest(c *gc.C) {
-	s.datadir = c.MkDir()
-	s.statefile = nil
-	s.initializeContext(c, names.NewUnitTag("mysql/0"))
-}
-
-func (s *upgradeStateContextSuite) TestContextUpgradeWithUnitTag(c *gc.C) {
-	given, expectUpgrade :=
-		&oldState{
-			Kind: operation.Continue,
-			Step: operation.Pending,
-			Hook: &hook.Info{
-				Kind: hooks.Stop,
-			}},
-		&operation.State{
-			Kind:    operation.Continue,
-			Step:    operation.Pending,
-			Stopped: true}
-
-	s.confirmUpgrade(c, given, expectUpgrade)
-}
-
-func (s *upgradeStateContextSuite) TestUpgradeNoStopHookNoChange(c *gc.C) {
-	given, expectNoChange := &oldState{
-		Kind: operation.Continue,
-		Step: operation.Pending,
-	}, &operation.State{
-		Kind: operation.Continue,
-		Step: operation.Pending,
-	}
-
-	s.confirmUpgrade(c, given, expectNoChange)
-}
-
-func (s *upgradeStateContextSuite) TestUpgradeRunHookNoChange(c *gc.C) {
-	given, expectNoChange := &oldState{
-		Kind: operation.RunHook,
-		Step: operation.Pending,
-		Hook: &hook.Info{
-			Kind: hooks.Stop,
-		},
-	}, &operation.State{
-		Kind: operation.RunHook,
-		Step: operation.Pending,
-		Hook: &hook.Info{
-			Kind: hooks.Stop,
-		},
-	}
-
-	s.confirmUpgrade(c, given, expectNoChange)
-}
-
-func (s *upgradeStateContextSuite) TestUpgradeInstallOpNoChange(c *gc.C) {
-	given, expectNoChange := &oldState{
-		Kind:     operation.Install,
-		Step:     operation.Pending,
-		CharmURL: &charm.URL{},
-	}, &operation.State{
-		Kind:     operation.Install,
-		Step:     operation.Pending,
-		CharmURL: &charm.URL{},
-	}
-
-	s.confirmUpgrade(c, given, expectNoChange)
-}
-
-func (s *upgradeStateContextSuite) TestUpgradeUpgradeOpNoChange(c *gc.C) {
-	given, expectNoChange := &oldState{
-		Kind:     operation.Upgrade,
-		Step:     operation.Pending,
-		CharmURL: &charm.URL{},
-	}, &operation.State{
-		Kind:     operation.Upgrade,
-		Step:     operation.Pending,
-		CharmURL: &charm.URL{},
-	}
-
-	s.confirmUpgrade(c, given, expectNoChange)
-}
-
-func (s *upgradeStateContextSuite) TestUpgradeIdempotent(c *gc.C) {
-	given, expectUpgrade :=
-		&oldState{
-			Kind: operation.Continue,
-			Step: operation.Pending,
-			Hook: &hook.Info{
-				Kind: hooks.Stop,
-			}},
-		&operation.State{
-			Kind:    operation.Continue,
-			Step:    operation.Pending,
-			Stopped: true}
-
-	s.confirmUpgradeIdempotent(c, given, expectUpgrade)
-}
-
-func (s *upgradeStateContextSuite) TestUpgradeMissingStateFile(c *gc.C) {
-	s.confirmUniterStateFileMissing(c)
-	s.confirmUpgradeNoErrors(c)
-	s.confirmUniterStateFileMissing(c)
-}
-
-func (s *upgradeStateContextSuite) confirmUpgrade(c *gc.C, given *oldState, expect *operation.State) {
-	s.writeOldState(c, given)
-
-	s.confirmUpgradeNoErrors(c)
-	s.confirmUniterStateFileMatches(c, expect)
-}
-
-func (s *upgradeStateContextSuite) confirmUpgradeIdempotent(c *gc.C, given *oldState, expect *operation.State) {
-	s.writeOldState(c, given)
-
-	s.confirmUpgradeNoErrors(c)
-	s.confirmUniterStateFileMatches(c, expect)
-
-	s.confirmUpgradeNoErrors(c)
-	s.confirmUniterStateFileMatches(c, expect)
-}
-
-func (s *upgradeStateContextSuite) writeOldState(c *gc.C, state *oldState) {
-	err := utils.WriteYaml(s.uniterStateFile, state)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *upgradeStateContextSuite) readState(c *gc.C) *operation.State {
-	state, err := s.statefile.Read()
-	c.Assert(err, jc.ErrorIsNil)
-	return state
-}
-
-func (s *upgradeStateContextSuite) confirmUpgradeNoErrors(c *gc.C) {
-	err := uniter.AddStoppedFieldToUniterState(s.unitTag, s.datadir)
-	c.Assert(err, jc.ErrorIsNil)
-}
-
-func (s *upgradeStateContextSuite) confirmUniterStateFileMatches(c *gc.C, expect *operation.State) {
-	after := s.readState(c)
-	c.Assert(after, jc.DeepEquals, expect)
-}
-
-func (s *upgradeStateContextSuite) confirmUniterStateFileMissing(c *gc.C) {
-	_, err := s.statefile.Read()
-	c.Assert(err, gc.ErrorMatches, "uniter state file does not exist")
-}
-
-func (s *upgradeStateContextSuite) initializeContext(c *gc.C, utag names.UnitTag) {
-	paths := uniter.NewPaths(s.datadir, utag)
-	s.uniterStateFile = paths.State.OperationsFile
-	s.statefile = operation.NewStateFile(s.uniterStateFile)
-	c.Assert(os.MkdirAll(filepath.Dir(s.uniterStateFile), 0755), gc.IsNil)
-	s.unitTag = utag
-}
-
-// oldState is a surrogate type to imitate the relevant parts of the
-// pre-1.23 operation.State struct.
-type oldState struct {
-	Kind     operation.Kind `yaml:"op"`
-	Step     operation.Step `yaml:"opstep"`
-	Hook     *hook.Info     `yaml:"hook,omitempty"`
-	CharmURL *charm.URL     `yaml:"charm,omitempty"`
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade126.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade126.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade126.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade126.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,46 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package uniter
-
-import (
-	"github.com/juju/names"
-	"gopkg.in/juju/charm.v6-unstable/hooks"
-
-	"github.com/juju/juju/worker/uniter/operation"
-)
-
-// AddInstalledToUniterState sets the Installed boolean in state to true
-// if the charm has been installed. The only occasion where this is not
-// true is if we are currently installing.
-func AddInstalledToUniterState(tag names.UnitTag, dataDir string) error {
-	logger.Tracef("entering upgrade step AddInstalledToUniterState")
-	defer logger.Tracef("leaving upgrade step AddInstalledToUniterState")
-
-	opsFile := getUniterStateFile(dataDir, tag)
-	state, err := readUnsafe(opsFile)
-	switch err {
-	case nil:
-		return addInstalled(opsFile, state)
-	case operation.ErrNoStateFile:
-		logger.Warningf("no uniter state file found for unit %s, skipping uniter upgrade step", tag)
-		return nil
-	default:
-		return err
-	}
-}
-
-func addInstalled(opsFile string, state *operation.State) error {
-	statefile := operation.NewStateFile(opsFile)
-	if state.Kind == operation.Install {
-		return nil
-	}
-	if state.Kind == operation.RunHook && state.Hook.Kind == hooks.Install {
-		return nil
-	}
-	if !state.Installed {
-		state.Installed = true
-		return statefile.Write(state)
-	}
-	return nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade126_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade126_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/upgrade126_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/upgrade126_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,58 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the AGPLv3, see LICENCE file for details.
-
-package uniter_test
-
-import (
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charm.v6-unstable/hooks"
-
-	"github.com/juju/juju/worker/uniter"
-	"github.com/juju/juju/worker/uniter/hook"
-	"github.com/juju/juju/worker/uniter/operation"
-)
-
-func (s *upgradeStateContextSuite) TestInstalledBooleanFalseIfInstalling(c *gc.C) {
-	oldState := &operation.State{
-		Kind:     operation.Install,
-		Step:     operation.Pending,
-		CharmURL: charm.MustParseURL("local:quantal/charm"),
-	}
-	err := s.statefile.Write(oldState)
-	c.Assert(err, jc.ErrorIsNil)
-	err = uniter.AddInstalledToUniterState(s.unitTag, s.datadir)
-	c.Assert(err, jc.ErrorIsNil)
-	newState := s.readState(c)
-	c.Assert(newState.Installed, gc.Equals, false)
-}
-
-func (s *upgradeStateContextSuite) TestInstalledBooleanFalseIfRunHookInstalling(c *gc.C) {
-	oldState := &operation.State{
-		Kind: operation.RunHook,
-		Step: operation.Pending,
-		Hook: &hook.Info{
-			Kind: hooks.Install,
-		},
-	}
-	err := s.statefile.Write(oldState)
-	c.Assert(err, jc.ErrorIsNil)
-	err = uniter.AddInstalledToUniterState(s.unitTag, s.datadir)
-	c.Assert(err, jc.ErrorIsNil)
-	newState := s.readState(c)
-	c.Assert(newState.Installed, gc.Equals, false)
-}
-
-func (s *upgradeStateContextSuite) TestInstalledBooleanTrueIfInstalled(c *gc.C) {
-	oldState := &operation.State{
-		Kind: operation.Continue,
-		Step: operation.Pending,
-	}
-	err := s.statefile.Write(oldState)
-	c.Assert(err, jc.ErrorIsNil)
-	err = uniter.AddInstalledToUniterState(s.unitTag, s.datadir)
-	c.Assert(err, jc.ErrorIsNil)
-	newState := s.readState(c)
-	c.Assert(newState.Installed, gc.Equals, true)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/util_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/util_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,17 +18,17 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"github.com/juju/mutex"
 	gt "github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	ft "github.com/juju/testing/filetesting"
 	"github.com/juju/utils"
 	"github.com/juju/utils/clock"
 	utilexec "github.com/juju/utils/exec"
-	"github.com/juju/utils/fslock"
 	"github.com/juju/utils/proxy"
 	gc "gopkg.in/check.v1"
 	corecharm "gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/names.v2"
 	goyaml "gopkg.in/yaml.v2"
 
 	"github.com/juju/juju/api"
@@ -93,10 +93,10 @@
 	charms                 map[string][]byte
 	hooks                  []string
 	sch                    *state.Charm
-	svc                    *state.Service
+	svc                    *state.Application
 	unit                   *state.Unit
 	uniter                 *uniter.Uniter
-	relatedSvc             *state.Service
+	relatedSvc             *state.Application
 	relation               *state.Relation
 	relationUnits          map[string]*state.RelationUnit
 	subordinate            *state.Unit
@@ -461,6 +461,10 @@
 	}
 }
 
+func hookExecutionLockName() string {
+	return "uniter-hook-execution-test"
+}
+
 type startUniter struct {
 	unitTag         string
 	newExecutorFunc uniter.NewExecutorFunc
@@ -481,9 +485,6 @@
 		panic(err.Error())
 	}
 	downloader := api.NewCharmDownloader(ctx.apiConn.Client())
-	locksDir := filepath.Join(ctx.dataDir, "locks")
-	lock, err := fslock.NewLock(locksDir, "uniter-hook-execution", fslock.Defaults())
-	c.Assert(err, jc.ErrorIsNil)
 	operationExecutor := operation.NewExecutor
 	if s.newExecutorFunc != nil {
 		operationExecutor = s.newExecutorFunc
@@ -496,7 +497,7 @@
 		CharmDirGuard:        ctx.charmDirGuard,
 		DataDir:              ctx.dataDir,
 		Downloader:           downloader,
-		MachineLock:          lock,
+		MachineLockName:      hookExecutionLockName(),
 		UpdateStatusSignal:   ctx.updateStatusHookTicker.ReturnTimer,
 		NewOperationExecutor: operationExecutor,
 		Observer:             ctx,
@@ -794,13 +795,13 @@
 		c.Fatalf("ran more hooks than expected")
 	}
 	waitExecutionLockReleased := func() {
-		lock := createHookLock(c, ctx.dataDir)
-		if err := lock.LockWithTimeout(worstCase, "waiting for lock"); err != nil {
+		spec := hookLockSpec()
+		spec.Timeout = worstCase
+		releaser, err := mutex.Acquire(spec)
+		if err != nil {
 			c.Fatalf("failed to acquire execution lock: %v", err)
 		}
-		if err := lock.Unlock(); err != nil {
-			c.Fatalf("failed to release execution lock: %v", err)
-		}
+		releaser.Release()
 	}
 	if match {
 		if len(s) > 0 {
@@ -993,12 +994,12 @@
 type pushResource struct{}
 
 func (s pushResource) step(c *gc.C, ctx *context) {
-	opened := resourcetesting.NewResource(c, &gt.Stub{}, "data", ctx.unit.ServiceName(), "the bytes")
+	opened := resourcetesting.NewResource(c, &gt.Stub{}, "data", ctx.unit.ApplicationName(), "the bytes")
 
 	res, err := ctx.st.Resources()
 	c.Assert(err, jc.ErrorIsNil)
 	_, err = res.SetResource(
-		ctx.unit.ServiceName(),
+		ctx.unit.ApplicationName(),
 		opened.Username,
 		opened.Resource.Resource,
 		opened.ReadCloser,
@@ -1061,7 +1062,13 @@
 			// to reset the error status, we can avoid a race in which a subsequent
 			// fixUpgradeError lands just before the restarting uniter retries the
 			// upgrade; and thus puts us in an unexpected state for future steps.
-			err := ctx.unit.SetAgentStatus(status.StatusIdle, "", nil)
+			now := time.Now()
+			sInfo := status.StatusInfo{
+				Status:  status.StatusIdle,
+				Message: "",
+				Since:   &now,
+			}
+			err := ctx.unit.SetAgentStatus(sInfo)
 			c.Check(err, jc.ErrorIsNil)
 		}},
 		startUniter{},
@@ -1183,7 +1190,7 @@
 }
 
 func (s addSubordinateRelation) step(c *gc.C, ctx *context) {
-	if _, err := ctx.st.Service("logging"); errors.IsNotFound(err) {
+	if _, err := ctx.st.Application("logging"); errors.IsNotFound(err) {
 		ctx.s.AddTestingService(c, "logging", ctx.s.AddTestingCharm(c, "logging"))
 	}
 	eps, err := ctx.st.InferEndpoints("logging", "u:"+s.ifce)
@@ -1366,40 +1373,41 @@
 	c.Assert(err, jc.ErrorIsNil)
 }
 
-func createHookLock(c *gc.C, dataDir string) *fslock.Lock {
-	lockDir := filepath.Join(dataDir, "locks")
-	lock, err := fslock.NewLock(lockDir, "uniter-hook-execution", fslock.Defaults())
-	c.Assert(err, jc.ErrorIsNil)
-	return lock
+type hookLock struct {
+	releaser mutex.Releaser
 }
 
-type acquireHookSyncLock struct {
-	message string
+type hookStep struct {
+	stepFunc func(*gc.C, *context)
 }
 
-func (s acquireHookSyncLock) step(c *gc.C, ctx *context) {
-	lock := createHookLock(c, ctx.dataDir)
-	c.Assert(lock.IsLocked(), jc.IsFalse)
-	err := lock.Lock(s.message)
-	c.Assert(err, jc.ErrorIsNil)
+func (h *hookStep) step(c *gc.C, ctx *context) {
+	h.stepFunc(c, ctx)
 }
 
-var releaseHookSyncLock = custom{func(c *gc.C, ctx *context) {
-	lock := createHookLock(c, ctx.dataDir)
-	// Force the release.
-	err := lock.BreakLock()
-	c.Assert(err, jc.ErrorIsNil)
-}}
+func hookLockSpec() mutex.Spec {
+	return mutex.Spec{
+		Name:  hookExecutionLockName(),
+		Clock: clock.WallClock,
+		Delay: coretesting.ShortWait,
+	}
+}
 
-var verifyHookSyncLockUnlocked = custom{func(c *gc.C, ctx *context) {
-	lock := createHookLock(c, ctx.dataDir)
-	c.Assert(lock.IsLocked(), jc.IsFalse)
-}}
+func (h *hookLock) acquire() *hookStep {
+	return &hookStep{stepFunc: func(c *gc.C, ctx *context) {
+		releaser, err := mutex.Acquire(hookLockSpec())
+		c.Assert(err, jc.ErrorIsNil)
+		h.releaser = releaser
+	}}
+}
 
-var verifyHookSyncLockLocked = custom{func(c *gc.C, ctx *context) {
-	lock := createHookLock(c, ctx.dataDir)
-	c.Assert(lock.IsLocked(), jc.IsTrue)
-}}
+func (h *hookLock) release() *hookStep {
+	return &hookStep{stepFunc: func(c *gc.C, ctx *context) {
+		c.Assert(h.releaser, gc.NotNil)
+		h.releaser.Release()
+		h.releaser = nil
+	}}
+}
 
 type setProxySettings proxy.Settings
 
@@ -1515,7 +1523,7 @@
 	waiting  []chan struct{}
 }
 
-func (mock *mockLeaderTracker) ServiceName() string {
+func (mock *mockLeaderTracker) ApplicationName() string {
 	return mock.ctx.svc.Name()
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/util_unix_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/util_unix_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/util_unix_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/util_unix_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,10 +13,12 @@
 	gc "gopkg.in/check.v1"
 )
 
-// Command suffix for the hooks
-var cmdSuffix = ""
-
 var (
+	jujudBuildArgs = []string{"go", "build", "github.com/juju/juju/cmd/jujud"}
+
+	// Command suffix for the hooks
+	cmdSuffix = ""
+
 	// Variables for changed hooks. These are used in uniter_test
 	appendConfigChanged            = "config-get --format yaml --output config.out"
 	uniterRelationsCustomizeScript = "relation-ids db > relations.out && chmod 644 relations.out"
@@ -109,6 +111,7 @@
 		return echoUnitNameToFileHelper(testDir, name)
 	}
 
+	lock := &hookLock{}
 	s.runUniterTests(c, []uniterTest{
 		ut(
 			"run commands: model",
@@ -164,10 +167,10 @@
 		), ut(
 			"run commands: waits for lock",
 			quickStart{},
-			acquireHookSyncLock{},
+			lock.acquire(),
 			asyncRunCommands{echoUnitNameToFile("wait.output")},
 			verifyNoFile{testFile("wait.output")},
-			releaseHookSyncLock,
+			lock.release(),
 			verifyFile{testFile("wait.output"), "juju run u/0\n"},
 			waitContextWaitGroup{},
 		),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/util_windows_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/util_windows_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/uniter/util_windows_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/uniter/util_windows_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,10 +13,16 @@
 	gc "gopkg.in/check.v1"
 )
 
-// Command suffix for the hooks
-var cmdSuffix = ".cmd"
-
 var (
+	// We use -ldflags -X main.FLAGSFROMENVIRONMENT=true to toggle a
+	// variable that will force windows to read flags from the environment
+	// instead of the registry.
+	// If this gets removed FLAGSFROMENVIRONMENT should also be abolished.
+	jujudBuildArgs = []string{"go", "build", "-ldflags", "-X main.FLAGSFROMENVIRONMENT=true", "github.com/juju/juju/cmd/jujud"}
+
+	// Command suffix for the hooks
+	cmdSuffix = ".cmd"
+
 	// Variables for changed hooks. These are used in uniter_test
 	appendConfigChanged            = "config-get.exe --format yaml --output config.out"
 	uniterRelationsCustomizeScript = "relation-ids.exe db > relations.out"
@@ -98,6 +104,7 @@
 		return echoUnitNameToFileHelper(testDir, name)
 	}
 
+	var lock hookLock
 	s.runUniterTests(c, []uniterTest{
 		ut(
 			"run commands: model",
@@ -152,10 +159,10 @@
 		), ut(
 			"run commands: waits for lock",
 			quickStart{},
-			acquireHookSyncLock{},
+			lock.acquire(),
 			asyncRunCommands{echoUnitNameToFile("wait.output")},
 			verifyNoFile{testFile("wait.output")},
-			releaseHookSyncLock,
+			lock.release(),
 			verifyFile{testFile("wait.output"), "juju run u/0\r\n"},
 			waitContextWaitGroup{},
 		),
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgrader/upgrader.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgrader/upgrader.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgrader/upgrader.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgrader/upgrader.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,11 +10,11 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	"github.com/juju/version"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	agenttools "github.com/juju/juju/agent/tools"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgrader/upgrader_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgrader/upgrader_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgrader/upgrader_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgrader/upgrader_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,6 @@
 	"time"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
@@ -19,6 +18,7 @@
 	"github.com/juju/utils/symlink"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	agenttools "github.com/juju/juju/agent/tools"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgradesteps/manifold.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgradesteps/manifold.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgradesteps/manifold.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgradesteps/manifold.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,7 +5,7 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	"github.com/juju/juju/api"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgradesteps/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgradesteps/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgradesteps/worker.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgradesteps/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,8 +9,8 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 	"launchpad.net/tomb"
 
 	"github.com/juju/juju/agent"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgradesteps/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgradesteps/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/upgradesteps/worker_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/upgradesteps/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,12 +9,12 @@
 
 	"github.com/juju/errors"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
 	"github.com/juju/utils/arch"
 	"github.com/juju/utils/series"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/juju/agent"
 	cmdutil "github.com/juju/juju/cmd/jujud/util"
@@ -30,6 +30,7 @@
 	"github.com/juju/juju/testing/factory"
 	"github.com/juju/juju/upgrades"
 	jujuversion "github.com/juju/juju/version"
+	"github.com/juju/juju/worker"
 	"github.com/juju/juju/worker/gate"
 	"github.com/juju/version"
 )
@@ -461,7 +462,9 @@
 	c.Assert(err, jc.ErrorIsNil)
 	pinger, err := machine.SetAgentPresence()
 	c.Assert(err, jc.ErrorIsNil)
-	s.AddCleanup(func(c *gc.C) { pinger.Stop() })
+	s.AddCleanup(func(c *gc.C) {
+		c.Assert(worker.Stop(pinger), jc.ErrorIsNil)
+	})
 }
 
 // Return a version the same as the current software version, but with
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/worker.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/worker.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/worker.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/worker.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,48 @@
+// Copyright 2012-2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package worker
+
+import (
+	"github.com/juju/loggo"
+)
+
+var logger = loggo.GetLogger("juju.worker")
+
+// Worker describes any type whose validity and/or activity is bounded
+// in time. Most frequently, they will represent the duration of some
+// task or tasks running on internal goroutines, but it's possible and
+// rational to use them to represent any resource that might become
+// invalid.
+//
+// Worker implementations must be goroutine-safe.
+type Worker interface {
+
+	// Kill asks the worker to stop and returns immediately.
+	Kill()
+
+	// Wait waits for the worker to complete and returns any
+	// error encountered when it was running or stopping.
+	Wait() error
+}
+
+// Stop kills the given Worker and waits for it to complete.
+func Stop(worker Worker) error {
+	worker.Kill()
+	return worker.Wait()
+}
+
+// Dead returns a channel that will be closed when the supplied
+// Worker has completed.
+//
+// Don't be too casual about calling Dead -- for example, in a
+// standard select loop, `case <-worker.Dead(w):` will create
+// one new goroutine per iteration, which is... untidy.
+func Dead(worker Worker) <-chan struct{} {
+	dead := make(chan struct{})
+	go func() {
+		defer close(dead)
+		worker.Wait()
+	}()
+	return dead
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/workertest/fake_watcher.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/workertest/fake_watcher.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/workertest/fake_watcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/workertest/fake_watcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,3 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
 package workertest
 
 import (
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/worker/worker_test.go juju-core-2.0~beta12/src/github.com/juju/juju/worker/worker_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/worker/worker_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/worker/worker_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,106 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package worker_test
+
+import (
+	"time"
+
+	"github.com/juju/errors"
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	coretesting "github.com/juju/juju/testing"
+	"github.com/juju/juju/worker"
+	"github.com/juju/juju/worker/workertest"
+)
+
+type WorkerSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&WorkerSuite{})
+
+func (*WorkerSuite) TestStopReturnsNoError(c *gc.C) {
+	w := workertest.NewDeadWorker(nil)
+
+	err := worker.Stop(w)
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (*WorkerSuite) TestStopReturnsError(c *gc.C) {
+	w := workertest.NewDeadWorker(errors.New("pow"))
+
+	err := worker.Stop(w)
+	c.Check(err, gc.ErrorMatches, "pow")
+}
+
+func (*WorkerSuite) TestStopKills(c *gc.C) {
+	w := workertest.NewErrorWorker(nil)
+	defer workertest.CleanKill(c, w)
+
+	worker.Stop(w)
+	workertest.CheckKilled(c, w)
+}
+
+func (*WorkerSuite) TestStopWaits(c *gc.C) {
+	w := workertest.NewForeverWorker(nil)
+	defer workertest.CheckKilled(c, w)
+	defer w.ReallyKill()
+
+	done := make(chan struct{})
+	go func() {
+		defer close(done)
+		worker.Stop(w)
+	}()
+
+	select {
+	case <-time.After(coretesting.ShortWait):
+	case <-done:
+		c.Fatalf("Stop returned early")
+	}
+
+	w.ReallyKill()
+
+	select {
+	case <-done:
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("Stop never returned")
+	}
+}
+
+func (*WorkerSuite) TestDeadAlready(c *gc.C) {
+	w := workertest.NewDeadWorker(nil)
+
+	select {
+	case _, ok := <-worker.Dead(w):
+		c.Check(ok, jc.IsFalse)
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("Dead never sent")
+	}
+}
+
+func (*WorkerSuite) TestDeadWaits(c *gc.C) {
+	w := workertest.NewErrorWorker(nil)
+	defer workertest.CleanKill(c, w)
+
+	dead := worker.Dead(w)
+	select {
+	case <-time.After(coretesting.ShortWait):
+	case _, ok := <-dead:
+		if !ok {
+			c.Fatalf("Dead closed early")
+		} else {
+			c.Fatalf("Dead sent unexpectedly")
+		}
+	}
+
+	w.Kill()
+	select {
+	case _, ok := <-dead:
+		c.Check(ok, jc.IsFalse)
+	case <-time.After(coretesting.LongWait):
+		c.Fatalf("Dead never closed")
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/wrench/wrench.go juju-core-2.0~beta12/src/github.com/juju/juju/wrench/wrench.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/wrench/wrench.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/wrench/wrench.go	2016-07-18 19:45:44.000000000 +0000
@@ -71,7 +71,7 @@
 	for lines.Scan() {
 		line := strings.TrimSpace(lines.Text())
 		if line == feature {
-			logger.Warningf("wrench for %s/%s is active", category, feature)
+			logger.Debugf("wrench for %s/%s is active", category, feature)
 			return true
 		}
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/juju/wrench/wrench_test.go juju-core-2.0~beta12/src/github.com/juju/juju/wrench/wrench_test.go
--- juju-core-2.0~beta7/src/github.com/juju/juju/wrench/wrench_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/juju/wrench/wrench_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -174,7 +174,7 @@
 
 func (s *wrenchSuite) AssertActivationLogged(c *gc.C) {
 	c.Assert(s.logWriter.Log(), jc.LogMatches, []jc.SimpleMessage{
-		{loggo.WARNING, `wrench for foo/bar is active`}})
+		{loggo.DEBUG, `wrench for foo/bar is active`}})
 }
 
 func (s *wrenchSuite) AssertNothingLogged(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/doc.go juju-core-2.0~beta12/src/github.com/juju/mutex/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,17 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+/*
+package mutex provides a named machine level mutex shareable between processes.
+[godoc-link-here]
+
+Mutexes have names, and the a mutex with the same name can only be locked by one
+instance of the mutex at a time, even across process boundaries.
+
+If a process dies while the mutex is held, the mutex is automatically released.
+
+The linux implementation uses abstract domain sockets, windows uses a named
+semaphore, and other platforms use flock on a temp file.
+
+*/
+package mutex
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/errors.go juju-core-2.0~beta12/src/github.com/juju/mutex/errors.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/errors.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/errors.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package mutex
+
+import (
+	"github.com/juju/errors"
+)
+
+var (
+	ErrTimeout   = errors.New("timeout acquiring mutex")
+	ErrCancelled = errors.New("cancelled acquiring mutex")
+	errLocked    = errors.New("alredy locked")
+)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/LICENSE juju-core-2.0~beta12/src/github.com/juju/mutex/LICENSE
--- juju-core-2.0~beta7/src/github.com/juju/mutex/LICENSE	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,191 @@
+All files in this repository are licensed as follows. If you contribute
+to this repository, it is assumed that you license your contribution
+under the same license unless you state otherwise.
+
+All files Copyright (C) 2015 Canonical Ltd. unless otherwise specified in the file.
+
+This software is licensed under the LGPLv3, included below.
+
+As a special exception to the GNU Lesser General Public License version 3
+("LGPL3"), the copyright holders of this Library give you permission to
+convey to a third party a Combined Work that links statically or dynamically
+to this Library without providing any Minimal Corresponding Source or
+Minimal Application Code as set out in 4d or providing the installation
+information set out in section 4e, provided that you comply with the other
+provisions of LGPL3 and provided that you meet, for the Application the
+terms and conditions of the license(s) which apply to the Application.
+
+Except as stated in this special exception, the provisions of LGPL3 will
+continue to comply in full to this Library. If you modify this Library, you
+may apply this exception to your version of this Library, but you are not
+obliged to do so. If you do not wish to do so, delete this exception
+statement from your version. This exception does not (and cannot) modify any
+license terms which apply to the Application, with which you must still
+comply.
+
+
+                   GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+  This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+  0. Additional Definitions.
+
+  As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+  "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+  An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+  A "Combined Work" is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+  The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+  The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+  1. Exception to Section 3 of the GNU GPL.
+
+  You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+  2. Conveying Modified Versions.
+
+  If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+   a) under this License, provided that you make a good faith effort to
+   ensure that, in the event an Application does not supply the
+   function or data, the facility still operates, and performs
+   whatever part of its purpose remains meaningful, or
+
+   b) under the GNU GPL, with none of the additional permissions of
+   this License applicable to that copy.
+
+  3. Object Code Incorporating Material from Library Header Files.
+
+  The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+   a) Give prominent notice with each copy of the object code that the
+   Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the object code with a copy of the GNU GPL and this license
+   document.
+
+  4. Combined Works.
+
+  You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+   a) Give prominent notice with each copy of the Combined Work that
+   the Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
+   document.
+
+   c) For a Combined Work that displays copyright notices during
+   execution, include the copyright notice for the Library among
+   these notices, as well as a reference directing the user to the
+   copies of the GNU GPL and this license document.
+
+   d) Do one of the following:
+
+       0) Convey the Minimal Corresponding Source under the terms of this
+       License, and the Corresponding Application Code in a form
+       suitable for, and under terms that permit, the user to
+       recombine or relink the Application with a modified version of
+       the Linked Version to produce a modified Combined Work, in the
+       manner specified by section 6 of the GNU GPL for conveying
+       Corresponding Source.
+
+       1) Use a suitable shared library mechanism for linking with the
+       Library.  A suitable mechanism is one that (a) uses at run time
+       a copy of the Library already present on the user's computer
+       system, and (b) will operate properly with a modified version
+       of the Library that is interface-compatible with the Linked
+       Version.
+
+   e) Provide Installation Information, but only if you would otherwise
+   be required to provide such information under section 6 of the
+   GNU GPL, and only to the extent that such information is
+   necessary to install and execute a modified version of the
+   Combined Work produced by recombining or relinking the
+   Application with a modified version of the Linked Version. (If
+   you use option 4d0, the Installation Information must accompany
+   the Minimal Corresponding Source and Corresponding Application
+   Code. If you use option 4d1, you must provide the Installation
+   Information in the manner specified by section 6 of the GNU GPL
+   for conveying Corresponding Source.)
+
+  5. Combined Libraries.
+
+  You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+   a) Accompany the combined library with a copy of the same work based
+   on the Library, uncombined with any other library facilities,
+   conveyed under the terms of this License.
+
+   b) Give prominent notice with the combined library that part of it
+   is a work based on the Library, and explaining where to find the
+   accompanying uncombined form of the same work.
+
+  6. Revised Versions of the GNU Lesser General Public License.
+
+  The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+  Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+  If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/Makefile juju-core-2.0~beta12/src/github.com/juju/mutex/Makefile
--- juju-core-2.0~beta7/src/github.com/juju/mutex/Makefile	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/Makefile	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,11 @@
+default: check
+
+check:
+	go test
+
+docs:
+	godoc2md github.com/juju/mutex > README.md
+	sed -i 's|\[godoc-link-here\]|[![GoDoc](https://godoc.org/github.com/juju/mutex?status.svg)](https://godoc.org/github.com/juju/mutex)|' README.md 
+
+
+.PHONY: default check docs
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_flock.go juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_flock.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_flock.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_flock.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,54 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+// +build !windows,!linux
+
+package mutex
+
+import (
+	"os"
+	"path/filepath"
+	"sync"
+	"syscall"
+
+	"github.com/juju/errors"
+)
+
+type mutex struct {
+	fd int
+	mu sync.Mutex
+}
+
+func acquire(name string) (Releaser, error) {
+	flockName := filepath.Join(os.TempDir(), "juju-"+name)
+	fd, err := syscall.Open(flockName, syscall.O_CREAT|syscall.O_RDONLY, 0600)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	err = syscall.Flock(fd, syscall.LOCK_EX|syscall.LOCK_NB)
+	if err != nil {
+		syscall.Close(fd)
+
+		if err == syscall.EWOULDBLOCK {
+			return nil, errLocked
+		}
+		return nil, errors.Trace(err)
+	}
+
+	return &mutex{fd: fd}, nil
+}
+
+// Release implements Releaser.
+func (m *mutex) Release() {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	if m.fd == 0 {
+		return
+	}
+	err := syscall.Close(m.fd)
+	if err != nil {
+		panic(err)
+	}
+	m.fd = 0
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/mutex.go juju-core-2.0~beta12/src/github.com/juju/mutex/mutex.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/mutex.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/mutex.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,99 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package mutex
+
+import (
+	"regexp"
+	"time"
+
+	"github.com/juju/errors"
+)
+
+var (
+	validName = regexp.MustCompile("^[a-zA-Z][a-zA-Z0-9-]*$")
+)
+
+// Releaser defines the Release method that is the only thing that can be done
+// to a acquired mutex.
+type Releaser interface {
+	// Release releases the mutex. Release may be called multiple times, but
+	// only the first call will release this instance of the mutex. Release is
+	// unable to release the mutex successfully it will call panic to forcibly
+	// release the mutex.
+	Release()
+}
+
+// Clock provides an interface for dealing with clocks.
+type Clock interface {
+	// After waits for the duration to elapse and then sends the
+	// current time on the returned channel.
+	After(time.Duration) <-chan time.Time
+}
+
+// Spec defines the name of the mutex and behaviour of the Acquire function.
+type Spec struct {
+	// Name is required, and must start with a letter and contain at most
+	// 40 letters, numbers or dashes.
+	Name string
+	// Clock must be provided and is exposed for testing purposes.
+	Clock Clock
+	// Delay defines how often to check for lock acquisition. The implementation
+	// calls all fail fast, so acquisition requires polling.
+	Delay time.Duration
+	// Timeout allows the caller to specify how long to wait.
+	Timeout time.Duration
+	// Cancel if signalled will cause the Acquire method to return with ErrCancelled.
+	Cancel <-chan struct{}
+}
+
+// Acquire will attempt to acquire the named mutex. If the Timout value is
+// hit, ErrTimeout is returned. If the Cancel channel is signalled,
+// ErrCancelled is returned.
+func Acquire(spec Spec) (Releaser, error) {
+	if err := spec.Validate(); err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	var timeout <-chan time.Time
+	if spec.Timeout > 0 {
+		timeout = spec.Clock.After(spec.Timeout)
+	}
+
+	for {
+		impl, err := acquire(spec.Name)
+		if err == nil {
+			return impl, nil
+		} else if err != errLocked {
+			return nil, errors.Trace(err)
+		}
+		select {
+		case <-timeout:
+			return nil, ErrTimeout
+		case <-spec.Cancel:
+			return nil, ErrCancelled
+		case <-spec.Clock.After(spec.Delay):
+			// no-op, continue and try again
+		}
+	}
+}
+
+// Validate checks the attributes of Spec for validity.
+func (s *Spec) Validate() error {
+	if len(s.Name) > 40 {
+		return errors.NotValidf("Name longer than 40 characters")
+	}
+	if !validName.MatchString(s.Name) {
+		return errors.NotValidf("Name %q", s.Name)
+	}
+	if s.Clock == nil {
+		return errors.NotValidf("missing Clock")
+	}
+	if s.Delay <= 0 {
+		return errors.NotValidf("non positive Delay")
+	}
+	if s.Timeout < 0 {
+		return errors.NotValidf("negative Timeout")
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_linux.go juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_linux.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_linux.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_linux.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,47 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+// +build linux
+
+package mutex
+
+import (
+	"net"
+	"path/filepath"
+	"sync"
+
+	"github.com/juju/errors"
+)
+
+const prefix = "@/var/lib/juju/mutex-"
+
+type mutex struct {
+	socket *net.UnixListener
+	mu     sync.Mutex
+}
+
+func acquire(name string) (Releaser, error) {
+	path := filepath.Join(prefix, name)
+	addr, err := net.ResolveUnixAddr("unix", path)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+	l, err := net.ListenUnix("unix", addr)
+	if err != nil {
+		return nil, errLocked
+	}
+	return &mutex{socket: l}, nil
+}
+
+// Release implements Releaser.
+func (m *mutex) Release() {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	if m.socket == nil {
+		return
+	}
+	if err := m.socket.Close(); err != nil {
+		panic(err)
+	}
+	m.socket = nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_test.go juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_test.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,385 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package mutex_test
+
+import (
+	"bufio"
+	"fmt"
+	"net"
+	"os"
+	"os/exec"
+	"runtime"
+	"sync"
+	"sync/atomic"
+	"testing"
+	"time"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/mutex"
+)
+
+const (
+	shortWait = 10 * time.Millisecond
+	longWait  = 10 * shortWait
+	appWait   = 5 * time.Second
+)
+
+type mutexSuite struct{}
+
+var _ = gc.Suite(&mutexSuite{})
+
+func (s *mutexSuite) TestSpecValidity(c *gc.C) {
+	for i, test := range []struct {
+		spec mutex.Spec
+		err  string
+	}{{
+		spec: mutex.Spec{Name: "", Clock: &fakeClock{}, Delay: time.Millisecond},
+		err:  `Name "" not valid`,
+	}, {
+		spec: mutex.Spec{Name: "42", Clock: &fakeClock{}, Delay: time.Millisecond},
+		err:  `Name "42" not valid`,
+	}, {
+		spec: mutex.Spec{Name: "a", Clock: &fakeClock{}, Delay: time.Millisecond},
+	}, {
+		spec: mutex.Spec{Name: "a very very long name that is over the length limit", Clock: &fakeClock{}, Delay: time.Millisecond},
+		err:  `Name longer than 40 characters not valid`,
+	}, {
+		spec: mutex.Spec{Name: "test-42", Clock: &fakeClock{}, Delay: time.Millisecond},
+	}, {
+		spec: mutex.Spec{Name: "with a space", Clock: &fakeClock{}, Delay: time.Millisecond},
+		err:  `Name "with a space" not valid`,
+	}, {
+		spec: mutex.Spec{Name: "test-42", Delay: time.Millisecond},
+		err:  `missing Clock not valid`,
+	}, {
+		spec: mutex.Spec{Name: "test-42", Clock: &fakeClock{}},
+		err:  `non positive Delay not valid`,
+	}, {
+		spec: mutex.Spec{Name: "test-42", Clock: &fakeClock{}, Delay: -time.Second},
+		err:  `non positive Delay not valid`,
+	}, {
+		spec: mutex.Spec{Name: "test-42", Clock: &fakeClock{}, Delay: time.Millisecond, Timeout: -time.Second},
+		err:  `negative Timeout not valid`,
+	}} {
+		c.Logf("test %d", i+1)
+		err := test.spec.Validate()
+		if test.err == "" {
+			c.Check(err, jc.ErrorIsNil)
+		} else {
+			c.Check(err, gc.ErrorMatches, test.err)
+		}
+	}
+}
+
+func (s *mutexSuite) spec() mutex.Spec {
+	// On the off chance there are multiple tests running, we shouldn't
+	// clash on the lock name.
+	return mutex.Spec{
+		Name:  fmt.Sprintf("testing-%d", os.Getpid()),
+		Clock: &fakeClock{time.Millisecond},
+		Delay: 10 * time.Second,
+	}
+}
+
+func (s *mutexSuite) TestLockNoContention(c *gc.C) {
+	r, err := mutex.Acquire(s.spec())
+	c.Assert(err, jc.ErrorIsNil)
+	r.Release()
+}
+
+func (s *mutexSuite) TestLockContentionWithinProcessTimeout(c *gc.C) {
+	spec := s.spec()
+	spec.Timeout = time.Millisecond
+
+	r, err := mutex.Acquire(spec)
+	c.Assert(err, jc.ErrorIsNil)
+	defer r.Release()
+
+	second, err := mutex.Acquire(spec)
+	c.Assert(second, gc.IsNil)
+	c.Assert(err, gc.Equals, mutex.ErrTimeout)
+}
+
+func (s *mutexSuite) TestLockContentionWithinProcessCancel(c *gc.C) {
+	cancel := make(chan struct{})
+	done := make(chan struct{})
+
+	spec := s.spec()
+	spec.Cancel = cancel
+
+	r, err := mutex.Acquire(spec)
+	c.Assert(err, jc.ErrorIsNil)
+	defer r.Release()
+
+	go func() {
+		second, err := mutex.Acquire(spec)
+		c.Check(second, gc.IsNil)
+		c.Check(err, gc.Equals, mutex.ErrCancelled)
+		close(done)
+	}()
+
+	close(cancel)
+	<-done
+}
+
+func (s *mutexSuite) TestSecondReleaseFine(c *gc.C) {
+	r, err := mutex.Acquire(s.spec())
+	c.Assert(err, jc.ErrorIsNil)
+	r.Release()
+	r.Release()
+}
+
+func (s *mutexSuite) TestDifferentNamesDontBlock(c *gc.C) {
+	spec1 := s.spec()
+	spec2 := spec1
+	spec2.Name = fmt.Sprintf("other-%d", os.Getpid())
+
+	r1, err := mutex.Acquire(spec1)
+	c.Assert(err, jc.ErrorIsNil)
+	defer r1.Release()
+
+	r2, err := mutex.Acquire(spec2)
+	c.Assert(err, jc.ErrorIsNil)
+	defer r2.Release()
+}
+
+func (s *mutexSuite) TestLockBlocks(c *gc.C) {
+	kill := make(chan struct{})
+	spec := s.spec()
+	// this will block until the other process has the lock.
+	remote := LockFromAnotherProc(c, spec.Name, kill, true, true)
+
+	started := make(chan struct{})
+	acquired := make(chan struct{})
+	done := make(chan struct{})
+	go func() {
+		close(started)
+		r, err := mutex.Acquire(spec)
+		if c.Check(err, gc.IsNil) {
+			close(acquired)
+			r.Release()
+		}
+		close(done)
+	}()
+
+	select {
+	case <-started:
+		// good, goroutine started.
+	case <-time.After(shortWait * 2):
+		c.Fatalf("timeout waiting for goroutine to start")
+	}
+
+	// Waiting for something not to happen is inherently hard...
+	select {
+	case <-acquired:
+		c.Fatalf("Unexpected lock acquisition")
+	case <-time.After(shortWait * 2):
+		// all good.
+	}
+	close(kill)
+	<-done
+	<-remote
+}
+
+func (s *mutexSuite) TestProcessReleasesWhenDead(c *gc.C) {
+	spec := s.spec()
+	kill := make(chan struct{})
+
+	// this will block until the other process has the lock.
+	remote := LockFromAnotherProc(c, spec.Name, kill, false, false)
+
+	started := make(chan struct{})
+	acquired := make(chan struct{})
+	done := make(chan struct{})
+	go func() {
+		close(started)
+		r, err := mutex.Acquire(spec)
+		if c.Check(err, gc.IsNil) {
+			close(acquired)
+			r.Release()
+		}
+		close(done)
+	}()
+
+	select {
+	case <-started:
+		// good, goroutine started.
+	case <-time.After(shortWait * 2):
+		c.Fatalf("timeout waiting for goroutine to start")
+	}
+
+	close(kill)
+
+	select {
+	case <-acquired:
+		// all good.
+	case <-time.After(appWait):
+		c.Fatalf("timout waiting for mutex to be acquired")
+	}
+	<-done
+	<-remote
+}
+
+func (s *mutexSuite) TestStress(c *gc.C) {
+	const lockAttempts = 200
+	const concurrentLocks = 10
+
+	var counter = new(int64)
+	// Use atomics to update lockState to make sure the lock isn't held by
+	// someone else. A value of 1 means locked, 0 means unlocked.
+	var lockState = new(int32)
+
+	var wg sync.WaitGroup
+
+	spec := s.spec()
+	var stress = func() {
+		defer wg.Done()
+		for i := 0; i < lockAttempts; i++ {
+			r, err := mutex.Acquire(spec)
+			if !c.Check(err, jc.ErrorIsNil) {
+				return
+			}
+			state := atomic.AddInt32(lockState, 1)
+			if !c.Check(state, gc.Equals, int32(1)) {
+				return
+			}
+			// Tell the go routine scheduler to give a slice to someone else
+			// while we have this locked.
+			runtime.Gosched()
+			// need to decrement prior to unlock to avoid the race of someone
+			// else grabbing the lock before we decrement the state.
+			atomic.AddInt32(lockState, -1)
+			r.Release()
+			// increment the general counter
+			atomic.AddInt64(counter, 1)
+		}
+	}
+
+	for i := 0; i < concurrentLocks; i++ {
+		wg.Add(1)
+		go stress()
+	}
+	wg.Wait()
+	c.Assert(*counter, gc.Equals, int64(lockAttempts*concurrentLocks))
+}
+
+// LockFromAnotherProc will launch a process and block until that process has
+// created the lock file.  If we time out waiting for the other process to take
+// the lock, this function will fail the current test.
+func LockFromAnotherProc(c *gc.C, name string, kill chan struct{}, wait, unlock bool) (done chan struct{}) {
+	listener, err := net.Listen("tcp", "localhost:0")
+	c.Assert(err, jc.ErrorIsNil)
+	defer listener.Close()
+
+	cmd := exec.Command(os.Args[0], "-test.run", "TestLockFromOtherProcess")
+	cmd.Env = append(
+		// We must preserve os.Environ() on Windows,
+		// or the subprocess will fail in weird and
+		// wonderful ways.
+		os.Environ(),
+		"MUTEX_TEST_HELPER_WANTED=1",
+		"MUTEX_TEST_HELPER_NAME="+name,
+		"MUTEX_TEST_HELPER_ADDR="+listener.Addr().String(),
+		"MUTEX_TEST_HELPER_WAIT="+fmt.Sprint(unlock),
+		"MUTEX_TEST_HELPER_UNLOCK="+fmt.Sprint(unlock),
+	)
+	stderr, err := cmd.StderrPipe()
+	c.Assert(err, jc.ErrorIsNil)
+	go func() {
+		// Read off the pipe and spit it into the logs
+		reader := bufio.NewReader(stderr)
+		for line, err := reader.ReadString('\n'); err != nil; line, err = reader.ReadString('\n') {
+			if line != "" {
+				c.Logf(line)
+			}
+		}
+	}()
+	if err := cmd.Start(); err != nil {
+		c.Fatalf("error starting other proc: %v", err)
+	}
+
+	done = make(chan struct{})
+
+	go func() {
+		cmd.Wait()
+		close(done)
+	}()
+
+	go func() {
+		select {
+		case <-kill:
+			// this may fail, but there's not much we can do about it
+			_ = cmd.Process.Kill()
+		case <-done:
+		}
+	}()
+
+	haveLock := make(chan struct{})
+	go func() {
+		conn, err := listener.Accept()
+		if c.Check(err, jc.ErrorIsNil) {
+			// Just close it, the signal is enough.
+			conn.Close()
+			close(haveLock)
+		}
+	}()
+	select {
+	case <-done:
+		c.Fatalf("other process failed before acquiring lock")
+	case <-haveLock:
+		// all good
+	case <-time.After(appWait):
+		c.Fatalf("other process failed to acquire lock")
+	}
+
+	return done
+}
+
+func TestLockFromOtherProcess(t *testing.T) {
+	if os.Getenv("MUTEX_TEST_HELPER_WANTED") == "" {
+		return
+	}
+
+	name := os.Getenv("MUTEX_TEST_HELPER_NAME")
+	unlock := os.Getenv("MUTEX_TEST_HELPER_UNLOCK") == "true"
+	wait := os.Getenv("MUTEX_TEST_HELPER_WAIT") == "true"
+	spec := mutex.Spec{
+		Name:  name,
+		Clock: &fakeClock{shortWait},
+		Delay: shortWait,
+	}
+
+	r, err := mutex.Acquire(spec)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "error acquiring mutex %q: %v", name, err)
+		os.Exit(1)
+	}
+	// Connect to the first process to let it know we have the connection.
+	addr := os.Getenv("MUTEX_TEST_HELPER_ADDR")
+	_, err = net.Dial("tcp", addr)
+	// We don't care about the connection because the server will just close the
+	// connection anyway.
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "error notifying primary process: %v", err)
+		os.Exit(1)
+	}
+
+	if wait {
+		time.Sleep(longWait)
+	}
+	if unlock {
+		r.Release()
+	}
+	os.Exit(0)
+}
+
+type fakeClock struct {
+	delay time.Duration
+}
+
+func (f *fakeClock) After(time.Duration) <-chan time.Time {
+	return time.After(f.delay)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_windows.go juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_windows.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/mutex_windows.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/mutex_windows.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,124 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+// +build windows
+
+package mutex
+
+import (
+	"sync"
+	"syscall"
+	"unsafe"
+
+	"github.com/juju/errors"
+)
+
+var (
+	modkernel32             = syscall.NewLazyDLL("kernel32.dll")
+	procCreateSemaphore     = modkernel32.NewProc("CreateSemaphoreW")
+	procReleaseSemaphore    = modkernel32.NewProc("ReleaseSemaphore")
+	procCloseHandle         = modkernel32.NewProc("CloseHandle")
+	procWaitForSingleObject = modkernel32.NewProc("WaitForSingleObject")
+)
+
+const (
+	ERROR_ALREADY_EXISTS = 183
+
+	WAIT_TIMEOUT = 0x00000102
+)
+
+type mutex struct {
+	handle syscall.Handle
+	mu     sync.Mutex
+}
+
+func acquire(name string) (Releaser, error) {
+	handle, err := createSemaphore("juju-" + name)
+	if err != nil {
+		return nil, err
+	}
+	return &mutex{handle: handle}, nil
+}
+
+// Release implements Releaser.
+func (m *mutex) Release() {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	if m.handle == syscall.InvalidHandle {
+		return
+	}
+	if err := releaseSemaphone(m.handle); err != nil {
+		panic(err)
+	}
+	if err := closeHandle(m.handle); err != nil {
+		panic(err)
+	}
+	m.handle = syscall.InvalidHandle
+}
+
+func createSemaphore(name string) (syscall.Handle, error) {
+	var handle syscall.Handle
+	defaultAttributes := 0
+	initialCount := 0
+	maxCount := 1
+	semName, err := syscall.UTF16PtrFromString(name)
+	if err != nil {
+		return handle, errors.Trace(err)
+	}
+
+	result, _, errno := syscall.Syscall6(procCreateSemaphore.Addr(), 4, uintptr(defaultAttributes), uintptr(initialCount), uintptr(maxCount), uintptr(unsafe.Pointer(semName)), 0, 0)
+	if result == 0 {
+		if errno != 0 {
+			return handle, errno
+		}
+		return handle, syscall.EINVAL
+	}
+	handle = syscall.Handle(result)
+	if errno == ERROR_ALREADY_EXISTS {
+		if err := waitForSingleObject(handle); err != nil {
+			// Close the handle and return.
+			closeHandle(handle)
+			return handle, err
+		}
+	}
+	return handle, nil
+}
+
+func releaseSemaphone(handle syscall.Handle) error {
+	result, _, errno := syscall.Syscall(procReleaseSemaphore.Addr(), 3, uintptr(handle), uintptr(1), 0)
+	if result == 0 {
+		if errno != 0 {
+			return errno
+		}
+		return syscall.EINVAL
+	}
+	return nil
+}
+
+func waitForSingleObject(handle syscall.Handle) error {
+	noWait := 0
+	result, _, errno := syscall.Syscall(procWaitForSingleObject.Addr(), 2, uintptr(handle), uintptr(noWait), 0)
+
+	switch result {
+	case 0:
+		return nil
+	case WAIT_TIMEOUT:
+		return errLocked
+	default:
+		if errno != 0 {
+			return errno
+		}
+		return syscall.EINVAL
+	}
+}
+
+func closeHandle(handle syscall.Handle) error {
+	result, _, errno := syscall.Syscall(procCloseHandle.Addr(), 1, uintptr(handle), 0, 0)
+	if result == 0 {
+		if errno != 0 {
+			return errno
+		}
+		return syscall.EINVAL
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/package_test.go juju-core-2.0~beta12/src/github.com/juju/mutex/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/mutex/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package mutex_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func Test(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/mutex/README.md juju-core-2.0~beta12/src/github.com/juju/mutex/README.md
--- juju-core-2.0~beta7/src/github.com/juju/mutex/README.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/mutex/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,125 @@
+
+# mutex
+    import "github.com/juju/mutex"
+
+package mutex provides a named machine level mutex shareable between processes.
+[![GoDoc](https://godoc.org/github.com/juju/mutex?status.svg)](https://godoc.org/github.com/juju/mutex)
+
+Mutexes have names, and the a mutex with the same name can only be locked by one
+instance of the mutex at a time, even across process boundaries.
+
+If a process dies while the mutex is held, the mutex is automatically released.
+
+The linux implementation uses abstract domain sockets, windows uses a named
+semaphore, and other platforms use flock on a temp file.
+
+
+
+
+
+## Variables
+``` go
+var (
+    ErrTimeout   = errors.New("timeout acquiring mutex")
+    ErrCancelled = errors.New("cancelled acquiring mutex")
+)
+```
+
+
+## type Clock
+``` go
+type Clock interface {
+    // After waits for the duration to elapse and then sends the
+    // current time on the returned channel.
+    After(time.Duration) <-chan time.Time
+}
+```
+Clock provides an interface for dealing with clocks.
+
+
+
+
+
+
+
+
+
+
+
+## type Releaser
+``` go
+type Releaser interface {
+    // Release releases the mutex. Release may be called multiple times, but
+    // only the first call will release this instance of the mutex. Release is
+    // unable to release the mutex successfully it will call panic to forcibly
+    // release the mutex.
+    Release()
+}
+```
+Releaser defines the Release method that is the only thing that can be done
+to a acquired mutex.
+
+
+
+
+
+
+
+
+
+### func Acquire
+``` go
+func Acquire(spec Spec) (Releaser, error)
+```
+Acquire will attempt to acquire the named mutex. If the Timout value is
+hit, ErrTimeout is returned. If the Cancel channel is signalled,
+ErrCancelled is returned.
+
+
+
+
+## type Spec
+``` go
+type Spec struct {
+    // Name is required, and must start with a letter and contain at most
+    // 40 letters, numbers or dashes.
+    Name string
+    // Clock must be provided and is exposed for testing purposes.
+    Clock Clock
+    // Delay defines how often to check for lock acquisition. The implementation
+    // calls all fail fast, so acquisition requires polling.
+    Delay time.Duration
+    // Timeout allows the caller to specify how long to wait.
+    Timeout time.Duration
+    // Cancel if signalled will cause the Acquire method to return with ErrCancelled.
+    Cancel <-chan struct{}
+}
+```
+Spec defines the name of the mutex and behaviour of the Acquire function.
+
+
+
+
+
+
+
+
+
+
+
+### func (\*Spec) Validate
+``` go
+func (s *Spec) Validate() error
+```
+Validate checks the attributes of Spec for validity.
+
+
+
+
+
+
+
+
+
+- - -
+Generated by [godoc2md](http://godoc.org/github.com/davecheney/godoc2md)
\ No newline at end of file
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/action.go juju-core-2.0~beta12/src/github.com/juju/names/action.go
--- juju-core-2.0~beta7/src/github.com/juju/names/action.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/action.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-
-	"github.com/juju/errors"
-	"github.com/juju/utils"
-)
-
-const ActionTagKind = "action"
-
-type ActionTag struct {
-	// Tags that are serialized need to have fields exported.
-	ID utils.UUID
-}
-
-// NewActionTag returns the tag of an action with the given id (UUID).
-func NewActionTag(id string) ActionTag {
-	uuid, err := utils.UUIDFromString(id)
-	if err != nil {
-		panic(err)
-	}
-	return ActionTag{ID: uuid}
-}
-
-// ParseActionTag parses an action tag string.
-func ParseActionTag(actionTag string) (ActionTag, error) {
-	tag, err := ParseTag(actionTag)
-	if err != nil {
-		return ActionTag{}, err
-	}
-	at, ok := tag.(ActionTag)
-	if !ok {
-		return ActionTag{}, invalidTagError(actionTag, ActionTagKind)
-	}
-	return at, nil
-}
-
-func (t ActionTag) String() string { return t.Kind() + "-" + t.Id() }
-func (t ActionTag) Kind() string   { return ActionTagKind }
-func (t ActionTag) Id() string     { return t.ID.String() }
-
-// IsValidAction returns whether id is a valid action id (UUID).
-func IsValidAction(id string) bool {
-	return utils.IsValidUUIDString(id)
-}
-
-// ActionReceiverTag returns an ActionReceiver Tag from a
-// machine or unit name.
-func ActionReceiverTag(name string) (Tag, error) {
-	if IsValidUnit(name) {
-		return NewUnitTag(name), nil
-	}
-	if IsValidService(name) {
-		// TODO(jcw4) enable when leader elections complete
-		//return NewServiceTag(name), nil
-	}
-	if IsValidMachine(name) {
-		return NewMachineTag(name), nil
-	}
-	return nil, fmt.Errorf("invalid actionreceiver name %q", name)
-}
-
-// ActionReceiverFrom Tag returns an ActionReceiver tag from
-// a machine or unit tag.
-func ActionReceiverFromTag(tag string) (Tag, error) {
-	unitTag, err := ParseUnitTag(tag)
-	if err == nil {
-		return unitTag, nil
-	}
-	machineTag, err := ParseMachineTag(tag)
-	if err == nil {
-		return machineTag, nil
-	}
-	return nil, errors.Errorf("invalid actionreceiver tag %q", tag)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/action_test.go juju-core-2.0~beta12/src/github.com/juju/names/action_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/action_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/action_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,88 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-	jc "github.com/juju/testing/checkers"
-)
-
-type actionSuite struct{}
-
-var _ = gc.Suite(&actionSuite{})
-
-var parseActionTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{
-	{tag: "", err: names.InvalidTagError("", "")},
-	{tag: "action-f47ac10b-58cc-4372-a567-0e02b2c3d479", expected: names.NewActionTag("f47ac10b-58cc-4372-a567-0e02b2c3d479")},
-	{tag: "action-012345678", err: names.InvalidTagError("action-012345678", "action")},
-	{tag: "action-1234567", err: names.InvalidTagError("action-1234567", "action")},
-	{tag: "bob", err: names.InvalidTagError("bob", "")},
-	{tag: "service-ned", err: names.InvalidTagError("service-ned", names.ActionTagKind)}}
-
-func (s *actionSuite) TestParseActionTag(c *gc.C) {
-	for i, t := range parseActionTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseActionTag(t.tag)
-		if t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(err, jc.ErrorIsNil)
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
-
-func (s *actionSuite) TestActionReceiverTag(c *gc.C) {
-	testCases := []struct {
-		name     string
-		expected names.Tag
-		err      string
-	}{
-		{name: "mysql", err: `invalid actionreceiver name "mysql"`},
-		{name: "mysql/3", expected: names.NewUnitTag("mysql/3")},
-		{name: "3", expected: names.NewMachineTag("3")},
-	}
-
-	for _, tcase := range testCases {
-		tag, err := names.ActionReceiverTag(tcase.name)
-		if tcase.err != "" {
-			c.Check(err, gc.ErrorMatches, tcase.err)
-			c.Check(tag, gc.IsNil)
-			continue
-		}
-		c.Check(err, jc.ErrorIsNil)
-		c.Check(tag, gc.FitsTypeOf, tcase.expected)
-		c.Check(tag, gc.Equals, tcase.expected)
-	}
-
-}
-
-func (s *actionSuite) TestActionReceiverFromTag(c *gc.C) {
-	for i, test := range []struct {
-		name     string
-		expected names.Tag
-		err      string
-	}{
-		{name: "rambleon", err: `invalid actionreceiver tag "rambleon"`},
-		{name: "unit-mysql-2", expected: names.NewUnitTag("mysql/2")},
-		{name: "machine-13", expected: names.NewMachineTag("13")},
-	} {
-		c.Logf("test %d", i)
-		tag, err := names.ActionReceiverFromTag(test.name)
-		if test.err != "" {
-			c.Check(err, gc.ErrorMatches, test.err)
-			c.Check(tag, gc.IsNil)
-			continue
-		}
-		c.Check(tag, gc.Equals, test.expected)
-		c.Check(err, jc.ErrorIsNil)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/charm.go juju-core-2.0~beta12/src/github.com/juju/names/charm.go
--- juju-core-2.0~beta7/src/github.com/juju/names/charm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/charm.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,88 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-)
-
-// CharmTagKind specifies charm tag kind
-const CharmTagKind = "charm"
-
-// Valid charm url is of the form
-// schema:~user/series/name-revision
-// where
-//     schema    is optional and can be either "local" or "cs".
-//               When not supplied, "cs" is implied.
-//     user      is optional and is only applicable for "cs" schema
-//     series    is optional and is a valid series name
-//     name      is mandatory and is the name of the charm
-//     revision  is optional and can be -1 if revision is unset
-
-var (
-	// SeriesSnippet is a regular expression representing series
-	SeriesSnippet = "[a-z]+([a-z0-9]+)?"
-
-	// CharmNameSnippet is a regular expression representing charm name
-	CharmNameSnippet = "[a-z][a-z0-9]*(-[a-z0-9]*[a-z][a-z0-9]*)*"
-
-	localSchemaSnippet      = "local:"
-	charmStoreSchemaSnippet = "cs:(~" + validUserPart + "/)?"
-	revisionSnippet         = "(-1|0|[1-9][0-9]*)"
-
-	validCharmRegEx = regexp.MustCompile("^(" +
-		localSchemaSnippet + "|" +
-		charmStoreSchemaSnippet + ")?(" +
-		SeriesSnippet + "/)?" +
-		CharmNameSnippet + "(-" +
-		revisionSnippet + ")?$")
-)
-
-// CharmTag represents tag for charm
-// using charm's URL
-type CharmTag struct {
-	url string
-}
-
-// String satisfies Tag interface.
-// Produces string representation of charm tag.
-func (t CharmTag) String() string { return t.Kind() + "-" + t.Id() }
-
-// Kind satisfies Tag interface.
-// Returns Charm tag kind.
-func (t CharmTag) Kind() string { return CharmTagKind }
-
-// Id satisfies Tag interface.
-// Returns charm URL.
-func (t CharmTag) Id() string { return t.url }
-
-// NewCharmTag returns the tag for the charm with the given url.
-// It will panic if the given charm url is not valid.
-func NewCharmTag(charmURL string) CharmTag {
-	if !IsValidCharm(charmURL) {
-		panic(fmt.Sprintf("%q is not a valid charm name", charmURL))
-	}
-	return CharmTag{url: charmURL}
-}
-
-var emptyTag = CharmTag{}
-
-// ParseCharmTag parses a charm tag string.
-func ParseCharmTag(charmTag string) (CharmTag, error) {
-	tag, err := ParseTag(charmTag)
-	if err != nil {
-		return emptyTag, err
-	}
-	ct, ok := tag.(CharmTag)
-	if !ok {
-		return emptyTag, invalidTagError(charmTag, CharmTagKind)
-	}
-	return ct, nil
-}
-
-// IsValidCharm returns whether name is a valid charm url.
-func IsValidCharm(url string) bool {
-	return validCharmRegEx.MatchString(url)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/charm_test.go juju-core-2.0~beta12/src/github.com/juju/names/charm_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/charm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/charm_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,94 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type charmSuite struct{}
-
-var _ = gc.Suite(&charmSuite{})
-
-var validCharmURLs = []string{"charm",
-	"local:charm",
-	"local:charm--1",
-	"local:charm-1",
-	"local:series/charm",
-	"local:series/charm-3",
-	"local:series/charm-0",
-	"cs:~user/charm",
-	"cs:~user/charm-1",
-	"cs:~user/series/charm",
-	"cs:~user/series/charm-1",
-	"cs:series/charm",
-	"cs:series/charm-3",
-	"cs:series/charm-0",
-	"cs:charm",
-	"cs:charm--1",
-	"cs:charm-1",
-	"charm",
-	"charm-1",
-	"series/charm",
-	"series/charm-1",
-}
-
-func (s *charmSuite) TestValidCharmURLs(c *gc.C) {
-	for _, url := range validCharmURLs {
-		c.Logf("Processing tag %q", url)
-		c.Assert(names.IsValidCharm(url), jc.IsTrue)
-	}
-}
-
-func (s *charmSuite) TestInvalidCharmURLs(c *gc.C) {
-	invalidURLs := []string{"",
-		"local:~user/charm",          // false: user on local
-		"local:~user/series/charm",   // false: user on local
-		"local:~user/series/charm-1", // false: user on local
-		"local:charm--2",             // false: only -1 is a valid negative revision
-		"blah:charm-2",               // false: invalid schema
-		"local:series/charm-01",      // false: revision is funny
-	}
-	for _, url := range invalidURLs {
-		c.Logf("Processing tag %q", url)
-		c.Assert(names.IsValidCharm(url), jc.IsFalse)
-	}
-}
-
-func (s *charmSuite) TestParseCharmTagValid(c *gc.C) {
-	for _, tag := range validCharmURLs {
-		c.Logf("Processing tag %q", tag)
-		s.assertParseCharmTagValid(c, fmt.Sprintf("charm-%v", tag), names.NewCharmTag(tag))
-	}
-}
-
-func (s *charmSuite) TestParseCharmTagInvalid(c *gc.C) {
-	invalidTags := []string{"",
-		"blah",
-		"charm-blah/0",
-		"charm",
-		"user-blah",
-	}
-	for _, aTag := range invalidTags {
-		c.Logf("Processing tag %q", aTag)
-		s.assertParseCharmTagInvalid(c, aTag)
-	}
-}
-
-func (s *charmSuite) assertParseCharmTagValid(c *gc.C, tag string, expected names.Tag) {
-	got, err := names.ParseCharmTag(tag)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Check(got, gc.FitsTypeOf, expected)
-	c.Check(got, gc.Equals, expected)
-}
-
-func (s *charmSuite) assertParseCharmTagInvalid(c *gc.C, tag string) {
-	_, err := names.ParseCharmTag(tag)
-	c.Check(err, gc.ErrorMatches, fmt.Sprintf(".*%q is not a valid.*", tag))
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/environ.go juju-core-2.0~beta12/src/github.com/juju/names/environ.go
--- juju-core-2.0~beta7/src/github.com/juju/names/environ.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/environ.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,38 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-// EnvironTagKind is DEPRECATED: model tags are used instead.
-const EnvironTagKind = "environment"
-
-type EnvironTag struct {
-	uuid string
-}
-
-// NewEnvironTag returns the tag of an environment with the given environment UUID.
-func NewEnvironTag(uuid string) EnvironTag {
-	return EnvironTag{uuid: uuid}
-}
-
-// ParseEnvironTag parses an environ tag string.
-func ParseEnvironTag(environTag string) (EnvironTag, error) {
-	tag, err := ParseTag(environTag)
-	if err != nil {
-		return EnvironTag{}, err
-	}
-	et, ok := tag.(EnvironTag)
-	if !ok {
-		return EnvironTag{}, invalidTagError(environTag, EnvironTagKind)
-	}
-	return et, nil
-}
-
-func (t EnvironTag) String() string { return t.Kind() + "-" + t.Id() }
-func (t EnvironTag) Kind() string   { return EnvironTagKind }
-func (t EnvironTag) Id() string     { return t.uuid }
-
-// IsValidEnvironment returns whether id is a valid environment UUID.
-func IsValidEnvironment(id string) bool {
-	return validUUID.MatchString(id)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/environ_test.go juju-core-2.0~beta12/src/github.com/juju/names/environ_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/environ_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/environ_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,49 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type environSuite struct{}
-
-var _ = gc.Suite(&environSuite{})
-
-var parseEnvironTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "environment-f47ac10b-58cc-4372-a567-0e02b2c3d479",
-	expected: names.NewEnvironTag("f47ac10b-58cc-4372-a567-0e02b2c3d479"),
-}, {
-	tag: "dave",
-	err: names.InvalidTagError("dave", ""),
-	//}, {
-	// TODO(dfc) passes, but should not
-	//	tag: "environment-",
-	//	err: names.InvalidTagError("environment", ""),
-}, {
-	tag: "service-dave",
-	err: names.InvalidTagError("service-dave", names.EnvironTagKind),
-}}
-
-func (s *environSuite) TestParseEnvironTag(c *gc.C) {
-	for i, t := range parseEnvironTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseEnvironTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/equality_test.go juju-core-2.0~beta12/src/github.com/juju/names/equality_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/equality_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/equality_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,44 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-)
-
-var tagEqualityTests = []struct {
-	expected Tag
-	want     Tag
-}{
-	{NewMachineTag("0"), MachineTag{id: "0"}},
-	{NewMachineTag("10/lxc/1"), MachineTag{id: "10-lxc-1"}},
-	{NewUnitTag("mysql/1"), UnitTag{name: "mysql-1"}},
-	{NewServiceTag("ceph"), ServiceTag{Name: "ceph"}},
-	{NewRelationTag("wordpress:haproxy"), RelationTag{key: "wordpress.haproxy"}},
-	{NewEnvironTag("deadbeef-0123-4567-89ab-feedfacebeef"), EnvironTag{uuid: "deadbeef-0123-4567-89ab-feedfacebeef"}},
-	{NewUserTag("admin"), UserTag{name: "admin"}},
-	{NewUserTag("admin@local"), UserTag{name: "admin", domain: "local"}},
-	{NewUserTag("admin@foobar"), UserTag{name: "admin", domain: "foobar"}},
-	{NewNetworkTag("eth0"), NetworkTag{name: "eth0"}},
-	{NewActionTag("01234567-aaaa-4bbb-8ccc-012345678901"), ActionTag{ID: stringToUUID("01234567-aaaa-4bbb-8ccc-012345678901")}},
-}
-
-type equalitySuite struct{}
-
-var _ = gc.Suite(&equalitySuite{})
-
-func (s *equalitySuite) TestTagEquality(c *gc.C) {
-	for _, tt := range tagEqualityTests {
-		c.Check(tt.want, gc.Equals, tt.expected)
-	}
-}
-
-func stringToUUID(id string) utils.UUID {
-	uuid, err := utils.UUIDFromString(id)
-	if err != nil {
-		panic(err)
-	}
-	return uuid
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/example_test.go juju-core-2.0~beta12/src/github.com/juju/names/example_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/example_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/example_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,19 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import "fmt"
-
-func ExampleParseTag() {
-	tag, err := ParseTag("user-100")
-	if err != nil {
-		panic(err)
-	}
-	switch tag := tag.(type) {
-	case UserTag:
-		fmt.Printf("User tag, id: %s\n", tag.Id())
-	default:
-		fmt.Printf("Unknown tag, type %T\n", tag)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/export_test.go juju-core-2.0~beta12/src/github.com/juju/names/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,6 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-var InvalidTagError = invalidTagError
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/filesystem.go juju-core-2.0~beta12/src/github.com/juju/names/filesystem.go
--- juju-core-2.0~beta7/src/github.com/juju/names/filesystem.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/filesystem.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,76 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-	"strings"
-)
-
-const FilesystemTagKind = "filesystem"
-
-// Filesystems may be bound to a machine, meaning that the filesystem cannot
-// exist without that machine. We encode this in the tag.
-var validFilesystem = regexp.MustCompile("^(" + MachineSnippet + "/)?" + NumberSnippet + "$")
-
-type FilesystemTag struct {
-	id string
-}
-
-func (t FilesystemTag) String() string { return t.Kind() + "-" + t.id }
-func (t FilesystemTag) Kind() string   { return FilesystemTagKind }
-func (t FilesystemTag) Id() string     { return filesystemTagSuffixToId(t.id) }
-
-// NewFilesystemTag returns the tag for the filesystem with the given name.
-// It will panic if the given filesystem name is not valid.
-func NewFilesystemTag(id string) FilesystemTag {
-	tag, ok := tagFromFilesystemId(id)
-	if !ok {
-		panic(fmt.Sprintf("%q is not a valid filesystem id", id))
-	}
-	return tag
-}
-
-// ParseFilesystemTag parses a filesystem tag string.
-func ParseFilesystemTag(filesystemTag string) (FilesystemTag, error) {
-	tag, err := ParseTag(filesystemTag)
-	if err != nil {
-		return FilesystemTag{}, err
-	}
-	fstag, ok := tag.(FilesystemTag)
-	if !ok {
-		return FilesystemTag{}, invalidTagError(filesystemTag, FilesystemTagKind)
-	}
-	return fstag, nil
-}
-
-// IsValidFilesystem returns whether id is a valid filesystem id.
-func IsValidFilesystem(id string) bool {
-	return validFilesystem.MatchString(id)
-}
-
-// FilesystemMachine returns the machine component of the filesystem
-// tag, and a boolean indicating whether or not there is a
-// machine component.
-func FilesystemMachine(tag FilesystemTag) (MachineTag, bool) {
-	id := tag.Id()
-	pos := strings.LastIndex(id, "/")
-	if pos == -1 {
-		return MachineTag{}, false
-	}
-	return NewMachineTag(id[:pos]), true
-}
-
-func tagFromFilesystemId(id string) (FilesystemTag, bool) {
-	if !IsValidFilesystem(id) {
-		return FilesystemTag{}, false
-	}
-	id = strings.Replace(id, "/", "-", -1)
-	return FilesystemTag{id}, true
-}
-
-func filesystemTagSuffixToId(s string) string {
-	return strings.Replace(s, "-", "/", -1)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/filesystem_test.go juju-core-2.0~beta12/src/github.com/juju/names/filesystem_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/filesystem_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/filesystem_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,81 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type filesystemSuite struct{}
-
-var _ = gc.Suite(&filesystemSuite{})
-
-func (s *filesystemSuite) TestFilesystemTag(c *gc.C) {
-	c.Assert(names.NewFilesystemTag("1").String(), gc.Equals, "filesystem-1")
-}
-
-func (s *filesystemSuite) TestFilesystemIdValidity(c *gc.C) {
-	assertFilesystemIdValid(c, "0")
-	assertFilesystemIdValid(c, "0/lxc/0/0")
-	assertFilesystemIdValid(c, "1000")
-	assertFilesystemIdInvalid(c, "-1")
-	assertFilesystemIdInvalid(c, "")
-	assertFilesystemIdInvalid(c, "one")
-	assertFilesystemIdInvalid(c, "#")
-	assertFilesystemIdInvalid(c, "0/0/0") // 0/0 is not a valid machine ID
-}
-
-func (s *filesystemSuite) TestParseFilesystemTag(c *gc.C) {
-	assertParseFilesystemTag(c, "filesystem-0", names.NewFilesystemTag("0"))
-	assertParseFilesystemTag(c, "filesystem-88", names.NewFilesystemTag("88"))
-	assertParseFilesystemTag(c, "filesystem-0-lxc-0-88", names.NewFilesystemTag("0/lxc/0/88"))
-	assertParseFilesystemTagInvalid(c, "", names.InvalidTagError("", ""))
-	assertParseFilesystemTagInvalid(c, "one", names.InvalidTagError("one", ""))
-	assertParseFilesystemTagInvalid(c, "filesystem-", names.InvalidTagError("filesystem-", names.FilesystemTagKind))
-	assertParseFilesystemTagInvalid(c, "machine-0", names.InvalidTagError("machine-0", names.FilesystemTagKind))
-}
-
-func (s *filesystemSuite) TestFilesystemMachine(c *gc.C) {
-	assertFilesystemMachine(c, "0/0", names.NewMachineTag("0"))
-	assertFilesystemMachine(c, "0/lxc/0/0", names.NewMachineTag("0/lxc/0"))
-	assertFilesystemNoMachine(c, "0")
-}
-
-func assertFilesystemMachine(c *gc.C, id string, expect names.MachineTag) {
-	t, ok := names.FilesystemMachine(names.NewFilesystemTag(id))
-	c.Assert(ok, gc.Equals, true)
-	c.Assert(t, gc.Equals, expect)
-}
-
-func assertFilesystemNoMachine(c *gc.C, id string) {
-	_, ok := names.FilesystemMachine(names.NewFilesystemTag(id))
-	c.Assert(ok, gc.Equals, false)
-}
-
-func assertFilesystemIdValid(c *gc.C, name string) {
-	c.Assert(names.IsValidFilesystem(name), gc.Equals, true)
-	names.NewFilesystemTag(name)
-}
-
-func assertFilesystemIdInvalid(c *gc.C, name string) {
-	c.Assert(names.IsValidFilesystem(name), gc.Equals, false)
-	testFilesystemTag := func() { names.NewFilesystemTag(name) }
-	expect := fmt.Sprintf("%q is not a valid filesystem id", name)
-	c.Assert(testFilesystemTag, gc.PanicMatches, expect)
-}
-
-func assertParseFilesystemTag(c *gc.C, tag string, expect names.FilesystemTag) {
-	t, err := names.ParseFilesystemTag(tag)
-	c.Assert(err, gc.IsNil)
-	c.Assert(t, gc.Equals, expect)
-}
-
-func assertParseFilesystemTagInvalid(c *gc.C, tag string, expect error) {
-	_, err := names.ParseFilesystemTag(tag)
-	c.Assert(err, gc.ErrorMatches, expect.Error())
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/ipaddress.go juju-core-2.0~beta12/src/github.com/juju/names/ipaddress.go
--- juju-core-2.0~beta7/src/github.com/juju/names/ipaddress.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/ipaddress.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,46 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"github.com/juju/utils"
-)
-
-const IPAddressTagKind = "ipaddress"
-
-// IsValidIPAddress returns whether id is a valid IP address ID.
-// Here it simply is checked if it is a valid UUID.
-func IsValidIPAddress(id string) bool {
-	return utils.IsValidUUIDString(id)
-}
-
-type IPAddressTag struct {
-	id utils.UUID
-}
-
-func (t IPAddressTag) String() string { return t.Kind() + "-" + t.id.String() }
-func (t IPAddressTag) Kind() string   { return IPAddressTagKind }
-func (t IPAddressTag) Id() string     { return t.id.String() }
-
-// NewIPAddressTag returns the tag for the IP address with the given ID (UUID).
-func NewIPAddressTag(id string) IPAddressTag {
-	uuid, err := utils.UUIDFromString(id)
-	if err != nil {
-		panic(err)
-	}
-	return IPAddressTag{id: uuid}
-}
-
-// ParseIPAddressTag parses an IP address tag string.
-func ParseIPAddressTag(ipAddressTag string) (IPAddressTag, error) {
-	tag, err := ParseTag(ipAddressTag)
-	if err != nil {
-		return IPAddressTag{}, err
-	}
-	ipat, ok := tag.(IPAddressTag)
-	if !ok {
-		return IPAddressTag{}, invalidTagError(ipAddressTag, IPAddressTagKind)
-	}
-	return ipat, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/ipaddress_test.go juju-core-2.0~beta12/src/github.com/juju/names/ipaddress_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/ipaddress_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/ipaddress_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,55 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type ipAddressSuite struct{}
-
-var _ = gc.Suite(&ipAddressSuite{})
-
-func (s *ipAddressSuite) TestNewIPAddressTag(c *gc.C) {
-	uuid := utils.MustNewUUID()
-	tag := names.NewIPAddressTag(uuid.String())
-	parsed, err := names.ParseIPAddressTag(tag.String())
-	c.Assert(err, gc.IsNil)
-	c.Assert(parsed.Kind(), gc.Equals, names.IPAddressTagKind)
-	c.Assert(parsed.Id(), gc.Equals, uuid.String())
-	c.Assert(parsed.String(), gc.Equals, names.IPAddressTagKind+"-"+uuid.String())
-
-	f := func() {
-		tag = names.NewIPAddressTag("42")
-	}
-	c.Assert(f, gc.PanicMatches, `invalid UUID: "42"`)
-}
-
-var parseIPAddressTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{
-	{tag: "", err: names.InvalidTagError("", "")},
-	{tag: "ipaddress-42424242-1111-2222-3333-0123456789ab", expected: names.NewIPAddressTag("42424242-1111-2222-3333-0123456789ab")},
-	{tag: "ipaddress-012345678", err: names.InvalidTagError("ipaddress-012345678", names.IPAddressTagKind)},
-	{tag: "ipaddress-42", err: names.InvalidTagError("ipaddress-42", names.IPAddressTagKind)},
-	{tag: "foobar", err: names.InvalidTagError("foobar", "")},
-	{tag: "space-yadda", err: names.InvalidTagError("space-yadda", names.IPAddressTagKind)}}
-
-func (s *ipAddressSuite) TestParseIPAddressTag(c *gc.C) {
-	for i, t := range parseIPAddressTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseIPAddressTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/LICENSE juju-core-2.0~beta12/src/github.com/juju/names/LICENSE
--- juju-core-2.0~beta7/src/github.com/juju/names/LICENSE	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/LICENSE	1970-01-01 00:00:00.000000000 +0000
@@ -1,191 +0,0 @@
-All files in this repository are licensed as follows. If you contribute
-to this repository, it is assumed that you license your contribution
-under the same license unless you state otherwise.
-
-All files Copyright (C) 2015 Canonical Ltd. unless otherwise specified in the file.
-
-This software is licensed under the LGPLv3, included below.
-
-As a special exception to the GNU Lesser General Public License version 3
-("LGPL3"), the copyright holders of this Library give you permission to
-convey to a third party a Combined Work that links statically or dynamically
-to this Library without providing any Minimal Corresponding Source or
-Minimal Application Code as set out in 4d or providing the installation
-information set out in section 4e, provided that you comply with the other
-provisions of LGPL3 and provided that you meet, for the Application the
-terms and conditions of the license(s) which apply to the Application.
-
-Except as stated in this special exception, the provisions of LGPL3 will
-continue to comply in full to this Library. If you modify this Library, you
-may apply this exception to your version of this Library, but you are not
-obliged to do so. If you do not wish to do so, delete this exception
-statement from your version. This exception does not (and cannot) modify any
-license terms which apply to the Application, with which you must still
-comply.
-
-
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/machine.go juju-core-2.0~beta12/src/github.com/juju/names/machine.go
--- juju-core-2.0~beta7/src/github.com/juju/names/machine.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/machine.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,60 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"regexp"
-	"strings"
-)
-
-const MachineTagKind = "machine"
-
-const (
-	ContainerTypeSnippet = "[a-z]+"
-	ContainerSnippet     = "/" + ContainerTypeSnippet + "/" + NumberSnippet + ""
-	MachineSnippet       = NumberSnippet + "(?:" + ContainerSnippet + ")*"
-)
-
-var validMachine = regexp.MustCompile("^" + MachineSnippet + "$")
-
-// IsValidMachine returns whether id is a valid machine id.
-func IsValidMachine(id string) bool {
-	return validMachine.MatchString(id)
-}
-
-// IsContainerMachine returns whether id is a valid container machine id.
-func IsContainerMachine(id string) bool {
-	return validMachine.MatchString(id) && strings.Contains(id, "/")
-}
-
-type MachineTag struct {
-	id string
-}
-
-func (t MachineTag) String() string { return t.Kind() + "-" + t.id }
-func (t MachineTag) Kind() string   { return MachineTagKind }
-func (t MachineTag) Id() string     { return machineTagSuffixToId(t.id) }
-
-// NewMachineTag returns the tag for the machine with the given id.
-func NewMachineTag(id string) MachineTag {
-	id = strings.Replace(id, "/", "-", -1)
-	return MachineTag{id: id}
-}
-
-// ParseMachineTag parses a machine tag string.
-func ParseMachineTag(machineTag string) (MachineTag, error) {
-	tag, err := ParseTag(machineTag)
-	if err != nil {
-		return MachineTag{}, err
-	}
-	mt, ok := tag.(MachineTag)
-	if !ok {
-		return MachineTag{}, invalidTagError(machineTag, MachineTagKind)
-	}
-	return mt, nil
-}
-
-func machineTagSuffixToId(s string) string {
-	return strings.Replace(s, "-", "/", -1)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/machine_test.go juju-core-2.0~beta12/src/github.com/juju/names/machine_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/machine_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/machine_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,96 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	stdtesting "testing"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type machineSuite struct{}
-
-var _ = gc.Suite(&machineSuite{})
-
-func Test(t *stdtesting.T) {
-	gc.TestingT(t)
-}
-
-func (s *machineSuite) TestMachineTag(c *gc.C) {
-	c.Assert(names.NewMachineTag("10").String(), gc.Equals, "machine-10")
-	// Check a container id.
-	c.Assert(names.NewMachineTag("10/lxc/1").String(), gc.Equals, "machine-10-lxc-1")
-}
-
-var machineIdTests = []struct {
-	pattern   string
-	valid     bool
-	container bool
-}{
-	{pattern: "42", valid: true},
-	{pattern: "042", valid: false},
-	{pattern: "0", valid: true},
-	{pattern: "foo", valid: false},
-	{pattern: "/", valid: false},
-	{pattern: "55/", valid: false},
-	{pattern: "1/foo", valid: false},
-	{pattern: "2/foo/", valid: false},
-	{pattern: "3/lxc/42", valid: true, container: true},
-	{pattern: "3/lxc-nodash/42", valid: false},
-	{pattern: "0/lxc/00", valid: false},
-	{pattern: "0/lxc/0/", valid: false},
-	{pattern: "03/lxc/42", valid: false},
-	{pattern: "3/lxc/042", valid: false},
-	{pattern: "4/foo/bar", valid: false},
-	{pattern: "5/lxc/42/foo", valid: false},
-	{pattern: "6/lxc/42/kvm/0", valid: true, container: true},
-	{pattern: "06/lxc/42/kvm/0", valid: false},
-	{pattern: "6/lxc/042/kvm/0", valid: false},
-	{pattern: "6/lxc/42/kvm/00", valid: false},
-	{pattern: "06/lxc/042/kvm/00", valid: false},
-}
-
-func (s *machineSuite) TestMachineIdFormats(c *gc.C) {
-	for i, test := range machineIdTests {
-		c.Logf("test %d: %q", i, test.pattern)
-		c.Assert(names.IsValidMachine(test.pattern), gc.Equals, test.valid)
-		c.Assert(names.IsContainerMachine(test.pattern), gc.Equals, test.container)
-	}
-}
-
-var parseMachineTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "machine-0",
-	expected: names.NewMachineTag("0"),
-}, {
-	tag: "machine-one",
-	err: names.InvalidTagError("machine-one", names.MachineTagKind),
-}, {
-	tag: "dave",
-	err: names.InvalidTagError("dave", ""),
-}, {
-	tag: "user-one",
-	err: names.InvalidTagError("user-one", names.MachineTagKind),
-}}
-
-func (s *machineSuite) TestParseMachineTag(c *gc.C) {
-	for i, t := range parseMachineTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseMachineTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/model.go juju-core-2.0~beta12/src/github.com/juju/names/model.go
--- juju-core-2.0~beta7/src/github.com/juju/names/model.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/model.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,44 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"regexp"
-)
-
-const ModelTagKind = "model"
-
-// ModelTag represents a tag used to describe a model.
-type ModelTag struct {
-	uuid string
-}
-
-var validUUID = regexp.MustCompile(`[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}`)
-
-// NewModelTag returns the tag of an model with the given model UUID.
-func NewModelTag(uuid string) ModelTag {
-	return ModelTag{uuid: uuid}
-}
-
-// ParseModelTag parses an environ tag string.
-func ParseModelTag(modelTag string) (ModelTag, error) {
-	tag, err := ParseTag(modelTag)
-	if err != nil {
-		return ModelTag{}, err
-	}
-	et, ok := tag.(ModelTag)
-	if !ok {
-		return ModelTag{}, invalidTagError(modelTag, ModelTagKind)
-	}
-	return et, nil
-}
-
-func (t ModelTag) String() string { return t.Kind() + "-" + t.Id() }
-func (t ModelTag) Kind() string   { return ModelTagKind }
-func (t ModelTag) Id() string     { return t.uuid }
-
-// IsValidModel returns whether id is a valid model UUID.
-func IsValidModel(id string) bool {
-	return validUUID.MatchString(id)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/model_test.go juju-core-2.0~beta12/src/github.com/juju/names/model_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/model_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/model_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,49 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type modelSuite struct{}
-
-var _ = gc.Suite(&modelSuite{})
-
-var parseModelTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "model-f47ac10b-58cc-4372-a567-0e02b2c3d479",
-	expected: names.NewModelTag("f47ac10b-58cc-4372-a567-0e02b2c3d479"),
-}, {
-	tag: "dave",
-	err: names.InvalidTagError("dave", ""),
-	//}, {
-	// TODO(dfc) passes, but should not
-	//	tag: "model-",
-	//	err: names.InvalidTagError("model", ""),
-}, {
-	tag: "service-dave",
-	err: names.InvalidTagError("service-dave", names.ModelTagKind),
-}}
-
-func (s *modelSuite) TestParseModelTag(c *gc.C) {
-	for i, t := range parseModelTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseModelTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/network.go juju-core-2.0~beta12/src/github.com/juju/names/network.go
--- juju-core-2.0~beta7/src/github.com/juju/names/network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/network.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,51 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-)
-
-const NetworkTagKind = "network"
-
-const (
-	NetworkSnippet = "(?:[a-zA-Z0-9_-]+)"
-)
-
-var validNetwork = regexp.MustCompile("^" + NetworkSnippet + "$")
-
-// IsValidNetwork reports whether name is a valid network name.
-func IsValidNetwork(name string) bool {
-	return validNetwork.MatchString(name)
-}
-
-type NetworkTag struct {
-	name string
-}
-
-func (t NetworkTag) String() string { return t.Kind() + "-" + t.Id() }
-func (t NetworkTag) Kind() string   { return NetworkTagKind }
-func (t NetworkTag) Id() string     { return t.name }
-
-// NewNetworkTag returns the tag of a network with the given name.
-func NewNetworkTag(name string) NetworkTag {
-	if !IsValidNetwork(name) {
-		panic(fmt.Sprintf("%q is not a valid network name", name))
-	}
-	return NetworkTag{name: name}
-}
-
-// ParseNetworkTag parses a network tag string.
-func ParseNetworkTag(networkTag string) (NetworkTag, error) {
-	tag, err := ParseTag(networkTag)
-	if err != nil {
-		return NetworkTag{}, err
-	}
-	nt, ok := tag.(NetworkTag)
-	if !ok {
-		return NetworkTag{}, invalidTagError(networkTag, NetworkTagKind)
-	}
-	return nt, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/network_test.go juju-core-2.0~beta12/src/github.com/juju/names/network_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/network_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/network_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,90 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-	"regexp"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type networkSuite struct{}
-
-var _ = gc.Suite(&networkSuite{})
-
-var networkNameTests = []struct {
-	pattern string
-	valid   bool
-}{
-	{pattern: "", valid: false},
-	{pattern: "eth0", valid: true},
-	{pattern: "-my-net-", valid: true},
-	{pattern: "42", valid: true},
-	{pattern: "%not", valid: false},
-	{pattern: "$PATH", valid: false},
-	{pattern: "but-this-works", valid: true},
-	{pattern: "----", valid: true},
-	{pattern: "oh--no", valid: true},
-	{pattern: "777", valid: true},
-	{pattern: "is-it-", valid: true},
-	{pattern: "also_not", valid: true},
-	{pattern: "a--", valid: true},
-	{pattern: "foo-2", valid: true},
-	{pattern: "MAAS_n3t-w0rK-", valid: true},
-}
-
-func (s *networkSuite) TestNetworkNames(c *gc.C) {
-	for i, test := range networkNameTests {
-		c.Logf("test %d: %q", i, test.pattern)
-		c.Check(names.IsValidNetwork(test.pattern), gc.Equals, test.valid)
-		if test.valid {
-			expectTag := fmt.Sprintf("%s-%s", names.NetworkTagKind, test.pattern)
-			c.Check(names.NewNetworkTag(test.pattern).String(), gc.Equals, expectTag)
-		} else {
-			expectErr := fmt.Sprintf("%q is not a valid network name", test.pattern)
-			testNetworkTag := func() { names.NewNetworkTag(test.pattern) }
-			c.Check(testNetworkTag, gc.PanicMatches, regexp.QuoteMeta(expectErr))
-		}
-	}
-}
-
-var parseNetworkTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "network-dave",
-	expected: names.NewNetworkTag("dave"),
-}, {
-	tag: "dave",
-	err: names.InvalidTagError("dave", ""),
-}, {
-	tag: "network-dave/0",
-	err: names.InvalidTagError("network-dave/0", names.NetworkTagKind),
-}, {
-	tag: "network",
-	err: names.InvalidTagError("network", ""),
-}, {
-	tag: "user-dave",
-	err: names.InvalidTagError("user-dave", names.NetworkTagKind),
-}}
-
-func (s *networkSuite) TestParseNetworkTag(c *gc.C) {
-	for i, t := range parseNetworkTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseNetworkTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/payload.go juju-core-2.0~beta12/src/github.com/juju/names/payload.go
--- juju-core-2.0~beta7/src/github.com/juju/names/payload.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/payload.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,62 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"github.com/juju/utils"
-)
-
-const (
-	// PayloadTagKind is used as the prefix for the string
-	// representation of payload tags.
-	PayloadTagKind = "payload"
-)
-
-// IsValidPayload returns whether id is a valid Juju ID for
-// a charm payload. The ID must be a valid UUID.
-func IsValidPayload(id string) bool {
-	return utils.IsValidUUIDString(id)
-}
-
-// PayloadTag represents a charm payload.
-type PayloadTag struct {
-	id string
-}
-
-// NewPayloadTag returns the tag for a charm's payload with the given id.
-func NewPayloadTag(id string) PayloadTag {
-	return PayloadTag{
-		id: id,
-	}
-}
-
-// ParsePayloadTag parses a payload tag string.
-// So ParsePayloadTag(tag.String()) === tag.
-func ParsePayloadTag(tag string) (PayloadTag, error) {
-	t, err := ParseTag(tag)
-	if err != nil {
-		return PayloadTag{}, err
-	}
-	pt, ok := t.(PayloadTag)
-	if !ok {
-		return PayloadTag{}, invalidTagError(tag, PayloadTagKind)
-	}
-	return pt, nil
-}
-
-// Kind implements Tag.
-func (t PayloadTag) Kind() string {
-	return PayloadTagKind
-}
-
-// Id implements Tag.Id. It always returns the same ID with which
-// it was created. So NewPayloadTag(x).Id() == x for all valid x.
-func (t PayloadTag) Id() string {
-	return t.id
-}
-
-// String implements Tag.
-func (t PayloadTag) String() string {
-	return tagString(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/payload_test.go juju-core-2.0~beta12/src/github.com/juju/names/payload_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/payload_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/payload_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,89 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-var _ = gc.Suite(&payloadSuite{})
-
-type payloadSuite struct{}
-
-type payloadTest struct {
-	input string
-}
-
-func checkPayload(c *gc.C, id string, tag names.PayloadTag) {
-	c.Check(tag.Kind(), gc.Equals, names.PayloadTagKind)
-	c.Check(tag.Id(), gc.Equals, id)
-	c.Check(tag.String(), gc.Equals, names.PayloadTagKind+"-"+id)
-}
-
-func (s *payloadSuite) TestPayloadTag(c *gc.C) {
-	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
-	tag := names.NewPayloadTag(id)
-
-	c.Check(tag.Kind(), gc.Equals, names.PayloadTagKind)
-	c.Check(tag.Id(), gc.Equals, id)
-	c.Check(tag.String(), gc.Equals, names.PayloadTagKind+"-"+id)
-}
-
-func (s *payloadSuite) TestIsValidPayload(c *gc.C) {
-	for i, test := range []struct {
-		id     string
-		expect bool
-	}{
-		{"", false},
-		{"spam", false},
-
-		{"f47ac10b-58cc-4372-a567-0e02b2c3d479", true},
-	} {
-		c.Logf("test %d: %s", i, test.id)
-		ok := names.IsValidPayload(test.id)
-
-		c.Check(ok, gc.Equals, test.expect)
-	}
-}
-
-func (s *payloadSuite) TestParsePayloadTag(c *gc.C) {
-	for i, test := range []struct {
-		tag      string
-		expected names.Tag
-		err      error
-	}{{
-		tag: "",
-		err: names.InvalidTagError("", ""),
-	}, {
-		tag: "payload-",
-		err: names.InvalidTagError("payload-", names.PayloadTagKind),
-	}, {
-		tag: "payload-spam",
-		err: names.InvalidTagError("payload-spam", names.PayloadTagKind),
-	}, {
-		tag:      "payload-f47ac10b-58cc-4372-a567-0e02b2c3d479",
-		expected: names.NewPayloadTag("f47ac10b-58cc-4372-a567-0e02b2c3d479"),
-	}, {
-		tag: "f47ac10b-58cc-4372-a567-0e02b2c3d479",
-		err: names.InvalidTagError("f47ac10b-58cc-4372-a567-0e02b2c3d479", ""),
-	}, {
-		tag: "unit-f47ac10b-58cc-4372-a567-0e02b2c3d479",
-		err: names.InvalidTagError("unit-f47ac10b-58cc-4372-a567-0e02b2c3d479", names.UnitTagKind),
-	}, {
-		tag: "action-f47ac10b-58cc-4372-a567-0e02b2c3d479",
-		err: names.InvalidTagError("action-f47ac10b-58cc-4372-a567-0e02b2c3d479", names.PayloadTagKind),
-	}} {
-		c.Logf("test %d: %s", i, test.tag)
-		got, err := names.ParsePayloadTag(test.tag)
-		if test.err != nil {
-			c.Check(err, jc.DeepEquals, test.err)
-		} else {
-			c.Check(err, jc.ErrorIsNil)
-			c.Check(got, jc.DeepEquals, test.expected)
-		}
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/README.md juju-core-2.0~beta12/src/github.com/juju/names/README.md
--- juju-core-2.0~beta7/src/github.com/juju/names/README.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/README.md	1970-01-01 00:00:00.000000000 +0000
@@ -1,4 +0,0 @@
-juju/names
-============
-
-This package provides helpers for handling Juju entity names.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/relation.go juju-core-2.0~beta12/src/github.com/juju/names/relation.go
--- juju-core-2.0~beta7/src/github.com/juju/names/relation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/relation.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,67 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-	"strings"
-)
-
-const RelationTagKind = "relation"
-
-const RelationSnippet = "[a-z][a-z0-9]*(?:[_-][a-z0-9]+)*"
-
-// Relation keys have the format "service1:relName1 service2:relName2".
-// Except the peer relations, which have the format "service:relName"
-// Relation tags have the format "relation-service1.rel1#service2.rel2".
-// For peer relations, the format is "relation-service.rel"
-
-var (
-	validRelation     = regexp.MustCompile("^" + ServiceSnippet + ":" + RelationSnippet + " " + ServiceSnippet + ":" + RelationSnippet + "$")
-	validPeerRelation = regexp.MustCompile("^" + ServiceSnippet + ":" + RelationSnippet + "$")
-)
-
-// IsValidRelation returns whether key is a valid relation key.
-func IsValidRelation(key string) bool {
-	return validRelation.MatchString(key) || validPeerRelation.MatchString(key)
-}
-
-type RelationTag struct {
-	key string
-}
-
-func (t RelationTag) String() string { return t.Kind() + "-" + t.key }
-func (t RelationTag) Kind() string   { return RelationTagKind }
-func (t RelationTag) Id() string     { return relationTagSuffixToKey(t.key) }
-
-// NewRelationTag returns the tag for the relation with the given key.
-func NewRelationTag(relationKey string) RelationTag {
-	if !IsValidRelation(relationKey) {
-		panic(fmt.Sprintf("%q is not a valid relation key", relationKey))
-	}
-	// Replace both ":" with "." and the " " with "#".
-	relationKey = strings.Replace(relationKey, ":", ".", 2)
-	relationKey = strings.Replace(relationKey, " ", "#", 1)
-	return RelationTag{key: relationKey}
-}
-
-// ParseRelationTag parses a relation tag string.
-func ParseRelationTag(relationTag string) (RelationTag, error) {
-	tag, err := ParseTag(relationTag)
-	if err != nil {
-		return RelationTag{}, err
-	}
-	rt, ok := tag.(RelationTag)
-	if !ok {
-		return RelationTag{}, invalidTagError(relationTag, RelationTagKind)
-	}
-	return rt, nil
-}
-
-func relationTagSuffixToKey(s string) string {
-	// Replace both "." with ":" and the "#" with " ".
-	s = strings.Replace(s, ".", ":", 2)
-	return strings.Replace(s, "#", " ", 1)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/relation_test.go juju-core-2.0~beta12/src/github.com/juju/names/relation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/relation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/relation_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,95 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type relationSuite struct{}
-
-var _ = gc.Suite(&relationSuite{})
-
-var relationNameTests = []struct {
-	pattern string
-	valid   bool
-}{
-	{pattern: "", valid: false},
-	{pattern: "0foo", valid: false},
-	{pattern: "foo", valid: true},
-	{pattern: "f1-boo", valid: true},
-	{pattern: "f-o-o", valid: true},
-	{pattern: "-foo", valid: false},
-	{pattern: "fo#o", valid: false},
-	{pattern: "foo-42", valid: true},
-	{pattern: "FooBar", valid: false},
-	{pattern: "foo42-bar1", valid: true},
-	{pattern: "42", valid: false},
-	{pattern: "0", valid: false},
-	{pattern: "%not", valid: false},
-	{pattern: "42also-not", valid: false},
-	{pattern: "042", valid: false},
-	{pattern: "0x42", valid: false},
-	{pattern: "foo_42", valid: true},
-	{pattern: "_foo", valid: false},
-	{pattern: "!foo", valid: false},
-	{pattern: "foo_bar-baz_boo", valid: true},
-	{pattern: "foo bar", valid: false},
-	{pattern: "foo-_", valid: false},
-	{pattern: "foo-", valid: false},
-	{pattern: "foo_-a", valid: false},
-	{pattern: "foo_", valid: false},
-}
-
-func (s *relationSuite) TestRelationKeyFormats(c *gc.C) {
-	// In order to test all possible combinations, we need
-	// to use the relationNameTests and serviceNameTests
-	// twice to construct all possible keys.
-	for i, testRel := range relationNameTests {
-		for j, testSvc := range serviceNameTests {
-			peerKey := testSvc.pattern + ":" + testRel.pattern
-			key := peerKey + " " + peerKey
-			isValid := testSvc.valid && testRel.valid
-			c.Logf("test %d: %q -> valid: %v", i*len(serviceNameTests)+j, key, isValid)
-			c.Assert(names.IsValidRelation(key), gc.Equals, isValid)
-			c.Assert(names.IsValidRelation(peerKey), gc.Equals, isValid)
-		}
-	}
-}
-
-var parseRelationTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "relation-wordpress:db mysql:db",
-	expected: names.NewRelationTag("wordpress:db mysql:db"),
-}, {
-	tag:      "relation-wordpress:mysql",
-	expected: names.NewRelationTag("wordpress:mysql"),
-}, {
-	tag: "dave",
-	err: names.InvalidTagError("dave", ""),
-}, {
-	tag: "service-dave",
-	err: names.InvalidTagError("service-dave", names.RelationTagKind),
-}}
-
-func (s *relationSuite) TestParseRelationTag(c *gc.C) {
-	for i, t := range parseRelationTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseRelationTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/service.go juju-core-2.0~beta12/src/github.com/juju/names/service.go
--- juju-core-2.0~beta7/src/github.com/juju/names/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/service.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,48 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"regexp"
-)
-
-const ServiceTagKind = "service"
-
-const (
-	ServiceSnippet = "(?:[a-z][a-z0-9]*(?:-[a-z0-9]*[a-z][a-z0-9]*)*)"
-	NumberSnippet  = "(?:0|[1-9][0-9]*)"
-)
-
-var validService = regexp.MustCompile("^" + ServiceSnippet + "$")
-
-// IsValidService returns whether name is a valid service name.
-func IsValidService(name string) bool {
-	return validService.MatchString(name)
-}
-
-type ServiceTag struct {
-	Name string
-}
-
-func (t ServiceTag) String() string { return t.Kind() + "-" + t.Id() }
-func (t ServiceTag) Kind() string   { return ServiceTagKind }
-func (t ServiceTag) Id() string     { return t.Name }
-
-// NewServiceTag returns the tag for the service with the given name.
-func NewServiceTag(serviceName string) ServiceTag {
-	return ServiceTag{Name: serviceName}
-}
-
-// ParseServiceTag parses a service tag string.
-func ParseServiceTag(serviceTag string) (ServiceTag, error) {
-	tag, err := ParseTag(serviceTag)
-	if err != nil {
-		return ServiceTag{}, err
-	}
-	st, ok := tag.(ServiceTag)
-	if !ok {
-		return ServiceTag{}, invalidTagError(serviceTag, ServiceTagKind)
-	}
-	return st, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/service_test.go juju-core-2.0~beta12/src/github.com/juju/names/service_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/service_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,89 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type serviceSuite struct{}
-
-var _ = gc.Suite(&serviceSuite{})
-
-var serviceNameTests = []struct {
-	pattern string
-	valid   bool
-}{
-	{pattern: "", valid: false},
-	{pattern: "wordpress", valid: true},
-	{pattern: "foo42", valid: true},
-	{pattern: "doing55in54", valid: true},
-	{pattern: "%not", valid: false},
-	{pattern: "42also-not", valid: false},
-	{pattern: "but-this-works", valid: true},
-	{pattern: "so-42-far-not-good", valid: false},
-	{pattern: "foo/42", valid: false},
-	{pattern: "is-it-", valid: false},
-	{pattern: "broken2-", valid: false},
-	{pattern: "foo2", valid: true},
-	{pattern: "foo-2", valid: false},
-}
-
-func (s *serviceSuite) TestServiceNameFormats(c *gc.C) {
-	assertService := func(s string, expect bool) {
-		c.Assert(names.IsValidService(s), gc.Equals, expect)
-		// Check that anything that is considered a valid service name
-		// is also (in)valid if a(n) (in)valid unit designator is added
-		// to it.
-		c.Assert(names.IsValidUnit(s+"/0"), gc.Equals, expect)
-		c.Assert(names.IsValidUnit(s+"/99"), gc.Equals, expect)
-		c.Assert(names.IsValidUnit(s+"/-1"), gc.Equals, false)
-		c.Assert(names.IsValidUnit(s+"/blah"), gc.Equals, false)
-		c.Assert(names.IsValidUnit(s+"/"), gc.Equals, false)
-	}
-
-	for i, test := range serviceNameTests {
-		c.Logf("test %d: %q", i, test.pattern)
-		assertService(test.pattern, test.valid)
-	}
-}
-
-var parseServiceTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "service-dave",
-	expected: names.NewServiceTag("dave"),
-}, {
-	tag: "dave",
-	err: names.InvalidTagError("dave", ""),
-}, {
-	tag: "service-dave/0",
-	err: names.InvalidTagError("service-dave/0", names.ServiceTagKind),
-}, {
-	tag: "service",
-	err: names.InvalidTagError("service", ""),
-}, {
-	tag: "user-dave",
-	err: names.InvalidTagError("user-dave", names.ServiceTagKind),
-}}
-
-func (s *serviceSuite) TestParseServiceTag(c *gc.C) {
-	for i, t := range parseServiceTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseServiceTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/snippet_test.go juju-core-2.0~beta12/src/github.com/juju/names/snippet_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/snippet_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/snippet_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,33 +0,0 @@
-package names
-
-import (
-	"strings"
-
-	gc "gopkg.in/check.v1"
-)
-
-var snippets = []struct {
-	name    string
-	snippet string
-}{
-	{"ContainerTypeSnippet", ContainerTypeSnippet},
-	{"ContainerSnippet", ContainerSnippet},
-	{"MachineSnippet", MachineSnippet},
-	{"NumberSnippet", NumberSnippet},
-	{"ServiceSnippet", ServiceSnippet},
-	{"RelationSnippet", RelationSnippet},
-}
-
-type snippetSuite struct{}
-
-var _ = gc.Suite(&snippetSuite{})
-
-func (s *equalitySuite) TestSnippetsContainNoCapturingGroups(c *gc.C) {
-	for _, test := range snippets {
-		for i, ch := range test.snippet {
-			if ch == '(' && !strings.HasPrefix(test.snippet[i:], "(?:") {
-				c.Errorf("%s (%q) contains capturing group", test.name, test.snippet)
-			}
-		}
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/space.go juju-core-2.0~beta12/src/github.com/juju/names/space.go
--- juju-core-2.0~beta7/src/github.com/juju/names/space.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/space.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,50 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-)
-
-const (
-	SpaceTagKind = "space"
-	SpaceSnippet = "(?:[a-z0-9]+(?:-[a-z0-9]+)*)"
-)
-
-var validSpace = regexp.MustCompile("^" + SpaceSnippet + "$")
-
-// IsValidSpace reports whether name is a valid space name.
-func IsValidSpace(name string) bool {
-	return validSpace.MatchString(name)
-}
-
-type SpaceTag struct {
-	name string
-}
-
-func (t SpaceTag) String() string { return t.Kind() + "-" + t.Id() }
-func (t SpaceTag) Kind() string   { return SpaceTagKind }
-func (t SpaceTag) Id() string     { return t.name }
-
-// NewSpaceTag returns the tag of a space with the given name.
-func NewSpaceTag(name string) SpaceTag {
-	if !IsValidSpace(name) {
-		panic(fmt.Sprintf("%q is not a valid space name", name))
-	}
-	return SpaceTag{name: name}
-}
-
-// ParseSpaceTag parses a space tag string.
-func ParseSpaceTag(spaceTag string) (SpaceTag, error) {
-	tag, err := ParseTag(spaceTag)
-	if err != nil {
-		return SpaceTag{}, err
-	}
-	nt, ok := tag.(SpaceTag)
-	if !ok {
-		return SpaceTag{}, invalidTagError(spaceTag, SpaceTagKind)
-	}
-	return nt, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/space_test.go juju-core-2.0~beta12/src/github.com/juju/names/space_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/space_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/space_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,80 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-	"regexp"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type spaceSuite struct{}
-
-var _ = gc.Suite(&spaceSuite{})
-
-var spaceNameTests = []struct {
-	pattern string
-	valid   bool
-}{
-	{pattern: "", valid: false},
-	{pattern: "eth0", valid: true},
-	{pattern: "-my-net-", valid: false},
-	{pattern: "42", valid: true},
-	{pattern: "%not", valid: false},
-	{pattern: "$PATH", valid: false},
-	{pattern: "but-this-works", valid: true},
-	{pattern: "----", valid: false},
-	{pattern: "oh--no", valid: false},
-	{pattern: "777", valid: true},
-	{pattern: "is-it-", valid: false},
-	{pattern: "also_not", valid: false},
-	{pattern: "a--", valid: false},
-	{pattern: "foo-2", valid: true},
-}
-
-func (s *spaceSuite) TestSpaceNames(c *gc.C) {
-	for i, test := range spaceNameTests {
-		c.Logf("test %d: %q", i, test.pattern)
-		c.Check(names.IsValidSpace(test.pattern), gc.Equals, test.valid)
-		if test.valid {
-			expectTag := fmt.Sprintf("%s-%s", names.SpaceTagKind, test.pattern)
-			c.Check(names.NewSpaceTag(test.pattern).String(), gc.Equals, expectTag)
-		} else {
-			expectErr := fmt.Sprintf("%q is not a valid space name", test.pattern)
-			testTag := func() { names.NewSpaceTag(test.pattern) }
-			c.Check(testTag, gc.PanicMatches, regexp.QuoteMeta(expectErr))
-		}
-	}
-}
-
-var parseSpaceTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "space-1",
-	expected: names.NewSpaceTag("1"),
-}, {
-	tag: "-space1",
-	err: names.InvalidTagError("-space1", ""),
-}}
-
-func (s *spaceSuite) TestParseSpaceTag(c *gc.C) {
-	for i, t := range parseSpaceTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseSpaceTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/storage.go juju-core-2.0~beta12/src/github.com/juju/names/storage.go
--- juju-core-2.0~beta7/src/github.com/juju/names/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/storage.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,86 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-	"strings"
-)
-
-const (
-	StorageTagKind = "storage"
-
-	// StorageNameSnippet is the regular expression that describes valid
-	// storage names (without the storage instance sequence number).
-	StorageNameSnippet = "(?:[a-z][a-z0-9]*(?:-[a-z0-9]*[a-z][a-z0-9]*)*)"
-)
-
-var validStorage = regexp.MustCompile("^(" + StorageNameSnippet + ")/" + NumberSnippet + "$")
-
-type StorageTag struct {
-	id string
-}
-
-func (t StorageTag) String() string { return t.Kind() + "-" + t.id }
-func (t StorageTag) Kind() string   { return StorageTagKind }
-func (t StorageTag) Id() string     { return storageTagSuffixToId(t.id) }
-
-// NewStorageTag returns the tag for the storage instance with the given ID.
-// It will panic if the given string is not a valid storage instance Id.
-func NewStorageTag(id string) StorageTag {
-	tag, ok := tagFromStorageId(id)
-	if !ok {
-		panic(fmt.Sprintf("%q is not a valid storage instance ID", id))
-	}
-	return tag
-}
-
-// ParseStorageTag parses a storage tag string.
-func ParseStorageTag(s string) (StorageTag, error) {
-	tag, err := ParseTag(s)
-	if err != nil {
-		return StorageTag{}, err
-	}
-	st, ok := tag.(StorageTag)
-	if !ok {
-		return StorageTag{}, invalidTagError(s, StorageTagKind)
-	}
-	return st, nil
-}
-
-// IsValidStorage returns whether id is a valid storage instance ID.
-func IsValidStorage(id string) bool {
-	return validStorage.MatchString(id)
-}
-
-// StorageName returns the storage name from a storage instance ID.
-// StorageName returns an error if "id" is not a valid storage
-// instance ID.
-func StorageName(id string) (string, error) {
-	s := validStorage.FindStringSubmatch(id)
-	if s == nil {
-		return "", fmt.Errorf("%q is not a valid storage instance ID", id)
-	}
-	return s[1], nil
-}
-
-func tagFromStorageId(id string) (StorageTag, bool) {
-	// replace only the last "/" with "-".
-	i := strings.LastIndex(id, "/")
-	if i <= 0 || !IsValidStorage(id) {
-		return StorageTag{}, false
-	}
-	id = id[:i] + "-" + id[i+1:]
-	return StorageTag{id}, true
-}
-
-func storageTagSuffixToId(s string) string {
-	// Replace only the last "-" with "/", as it is valid for storage
-	// names to contain hyphens.
-	if i := strings.LastIndex(s, "-"); i > 0 {
-		s = s[:i] + "/" + s[i+1:]
-	}
-	return s
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/storage_test.go juju-core-2.0~beta12/src/github.com/juju/names/storage_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/storage_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type storageSuite struct{}
-
-var _ = gc.Suite(&storageSuite{})
-
-func (s *storageSuite) TestStorageTag(c *gc.C) {
-	c.Assert(names.NewStorageTag("store/1").String(), gc.Equals, "storage-store-1")
-}
-
-func (s *storageSuite) TestStorageNameValidity(c *gc.C) {
-	assertStorageIdValid(c, "shared-fs/0")
-	assertStorageIdValid(c, "db-dir/1000")
-	assertStorageIdInvalid(c, "store/-1")
-	assertStorageIdInvalid(c, "store-1")
-	assertStorageIdInvalid(c, "")
-	assertStorageIdInvalid(c, "store")
-	assertStorageIdInvalid(c, "store/#")
-}
-
-func (s *storageSuite) TestParseStorageTag(c *gc.C) {
-	assertParseStorageTag(c, "storage-shared-fs-0", names.NewStorageTag("shared-fs/0"))
-	assertParseStorageTag(c, "storage-store-88", names.NewStorageTag("store/88"))
-	assertParseStorageTagInvalid(c, "", names.InvalidTagError("", ""))
-	assertParseStorageTagInvalid(c, "one", names.InvalidTagError("one", ""))
-	assertParseStorageTagInvalid(c, "storage-", names.InvalidTagError("storage-", names.StorageTagKind))
-	assertParseStorageTagInvalid(c, "machine-0", names.InvalidTagError("machine-0", names.StorageTagKind))
-}
-
-func (s *serviceSuite) TestStorageName(c *gc.C) {
-	assertStorageNameValid(c, "shared-fs/0", "shared-fs")
-	assertStorageNameInvalid(c, "storage-shared-fs-0")
-}
-
-func assertStorageIdValid(c *gc.C, name string) {
-	c.Assert(names.IsValidStorage(name), gc.Equals, true)
-	names.NewStorageTag(name)
-}
-
-func assertStorageIdInvalid(c *gc.C, name string) {
-	c.Assert(names.IsValidStorage(name), gc.Equals, false)
-	testStorageTag := func() { names.NewStorageTag(name) }
-	expect := fmt.Sprintf("%q is not a valid storage instance ID", name)
-	c.Assert(testStorageTag, gc.PanicMatches, expect)
-}
-
-func assertStorageNameValid(c *gc.C, id, expect string) {
-	name, err := names.StorageName(id)
-	c.Assert(err, gc.IsNil)
-	c.Assert(name, gc.Equals, expect)
-}
-
-func assertStorageNameInvalid(c *gc.C, id string) {
-	_, err := names.StorageName(id)
-	expect := fmt.Sprintf("%q is not a valid storage instance ID", id)
-	c.Assert(err, gc.ErrorMatches, expect)
-}
-
-func assertParseStorageTag(c *gc.C, tag string, expect names.StorageTag) {
-	t, err := names.ParseStorageTag(tag)
-	c.Assert(err, gc.IsNil)
-	c.Assert(t, gc.Equals, expect)
-}
-
-func assertParseStorageTagInvalid(c *gc.C, tag string, expect error) {
-	_, err := names.ParseStorageTag(tag)
-	c.Assert(err, gc.ErrorMatches, expect.Error())
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/subnet.go juju-core-2.0~beta12/src/github.com/juju/names/subnet.go
--- juju-core-2.0~beta7/src/github.com/juju/names/subnet.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/subnet.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,49 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"net"
-)
-
-const SubnetTagKind = "subnet"
-
-// IsValidSubnet returns whether cidr is a valid subnet CIDR.
-func IsValidSubnet(cidr string) bool {
-	_, ipNet, err := net.ParseCIDR(cidr)
-	if err == nil && ipNet.String() == cidr {
-		return true
-	}
-	return false
-}
-
-type SubnetTag struct {
-	cidr string
-}
-
-func (t SubnetTag) String() string { return t.Kind() + "-" + t.cidr }
-func (t SubnetTag) Kind() string   { return SubnetTagKind }
-func (t SubnetTag) Id() string     { return t.cidr }
-
-// NewSubnetTag returns the tag for subnet with the given CIDR.
-func NewSubnetTag(cidr string) SubnetTag {
-	if !IsValidSubnet(cidr) {
-		panic(fmt.Sprintf("%s is not a valid subnet CIDR", cidr))
-	}
-	return SubnetTag{cidr: cidr}
-}
-
-// ParseSubnetTag parses a subnet tag string.
-func ParseSubnetTag(subnetTag string) (SubnetTag, error) {
-	tag, err := ParseTag(subnetTag)
-	if err != nil {
-		return SubnetTag{}, err
-	}
-	subt, ok := tag.(SubnetTag)
-	if !ok {
-		return SubnetTag{}, invalidTagError(subnetTag, SubnetTagKind)
-	}
-	return subt, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/subnet_test.go juju-core-2.0~beta12/src/github.com/juju/names/subnet_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/subnet_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/subnet_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,78 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type subnetSuite struct{}
-
-var _ = gc.Suite(&subnetSuite{})
-
-func (s *subnetSuite) TestNewSubnetTag(c *gc.C) {
-	cidr := "10.20.0.0/16"
-	tag := names.NewSubnetTag(cidr)
-	parsed, err := names.ParseSubnetTag(tag.String())
-	c.Assert(err, gc.IsNil)
-	c.Assert(parsed.Kind(), gc.Equals, names.SubnetTagKind)
-	c.Assert(parsed.Id(), gc.Equals, cidr)
-	c.Assert(parsed.String(), gc.Equals, names.SubnetTagKind+"-"+cidr)
-
-	f := func() {
-		tag = names.NewSubnetTag("foo")
-	}
-	c.Assert(f, gc.PanicMatches, "foo is not a valid subnet CIDR")
-}
-
-var parseSubnetTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "subnet-10.20.0.0/16",
-	expected: names.NewSubnetTag("10.20.0.0/16"),
-}, {
-	tag:      "subnet-2001:db8::/32",
-	expected: names.NewSubnetTag("2001:db8::/32"),
-}, {
-	tag: "subnet-fe80::3%zone1/10",
-	err: names.InvalidTagError("subnet-fe80::3%zone1/10", names.SubnetTagKind),
-}, {
-	tag: "subnet-10.20.30.40/16",
-	err: names.InvalidTagError("subnet-10.20.30.40/16", names.SubnetTagKind),
-}, {
-	tag: "subnet-2001:db8::123/32",
-	err: names.InvalidTagError("subnet-2001:db8::123/32", names.SubnetTagKind),
-}, {
-	tag: "subnet-foo",
-	err: names.InvalidTagError("subnet-foo", names.SubnetTagKind),
-}, {
-	tag: "subnet-",
-	err: names.InvalidTagError("subnet-", names.SubnetTagKind),
-}, {
-	tag: "foobar",
-	err: names.InvalidTagError("foobar", ""),
-}, {
-	tag: "unit-foo-0",
-	err: names.InvalidTagError("unit-foo-0", names.SubnetTagKind),
-}}
-
-func (s *subnetSuite) TestParseSubnetTag(c *gc.C) {
-	for i, t := range parseSubnetTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseSubnetTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/tag.go juju-core-2.0~beta12/src/github.com/juju/names/tag.go
--- juju-core-2.0~beta7/src/github.com/juju/names/tag.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/tag.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,200 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/juju/utils"
-)
-
-// A Tag tags things that are taggable. Its purpose is to uniquely
-// identify some resource and provide a consistent representation of
-// that identity in both a human-readable and a machine-friendly format.
-// The latter benefits use of the tag in over-the-wire transmission
-// (e.g. in HTTP RPC calls) and in filename paths. The human-readable
-// tag "name" is available through the Id method. The machine-friendly
-// representation is provided by the String method.
-//
-// The ParseTag function may be used to build a tag from the machine-
-// formatted string. As well each kind of tag has its own Parse* method.
-// Each kind also has a New* method (e.g. NewMachineTag) which produces
-// a tag from the human-readable tag "ID".
-//
-// In the context of juju, the API *must* use tags to represent the
-// various juju entities. This contrasts with user-facing code, where
-// tags *must not* be used. Internal to juju the use of tags is a
-// judgement call based on the situation.
-type Tag interface {
-	// Kind returns the kind of the tag.
-	// This method is for legacy compatibility, callers should
-	// use equality or type assertions to verify the Kind, or type
-	// of a Tag.
-	Kind() string
-
-	// Id returns an identifier for this Tag.
-	// The contents and format of the identifier are specific
-	// to the implementer of the Tag.
-	Id() string
-
-	fmt.Stringer // all Tags should be able to print themselves
-}
-
-// tagString returns the canonical string representation of a tag.
-// It round-trips with splitTag().
-func tagString(tag Tag) string {
-	return tag.Kind() + "-" + tag.Id()
-}
-
-// TagKind returns one of the *TagKind constants for the given tag, or
-// an error if none matches.
-func TagKind(tag string) (string, error) {
-	i := strings.Index(tag, "-")
-	if i <= 0 || !validKinds(tag[:i]) {
-		return "", fmt.Errorf("%q is not a valid tag", tag)
-	}
-	return tag[:i], nil
-}
-
-func validKinds(kind string) bool {
-	switch kind {
-	case UnitTagKind, MachineTagKind, ServiceTagKind, EnvironTagKind, UserTagKind,
-		RelationTagKind, NetworkTagKind, ActionTagKind, VolumeTagKind,
-		CharmTagKind, StorageTagKind, FilesystemTagKind, IPAddressTagKind,
-		SpaceTagKind, SubnetTagKind, PayloadTagKind, ModelTagKind:
-		return true
-	}
-	return false
-}
-
-func splitTag(tag string) (string, string, error) {
-	kind, err := TagKind(tag)
-	if err != nil {
-		return "", "", err
-	}
-	return kind, tag[len(kind)+1:], nil
-}
-
-// ParseTag parses a string representation into a Tag.
-func ParseTag(tag string) (Tag, error) {
-	kind, id, err := splitTag(tag)
-	if err != nil {
-		return nil, invalidTagError(tag, "")
-	}
-	switch kind {
-	case UnitTagKind:
-		id = unitTagSuffixToId(id)
-		if !IsValidUnit(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewUnitTag(id), nil
-	case MachineTagKind:
-		id = machineTagSuffixToId(id)
-		if !IsValidMachine(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewMachineTag(id), nil
-	case ServiceTagKind:
-		if !IsValidService(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewServiceTag(id), nil
-	case UserTagKind:
-		if !IsValidUser(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewUserTag(id), nil
-	case EnvironTagKind:
-		if !IsValidEnvironment(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewEnvironTag(id), nil
-	case ModelTagKind:
-		if !IsValidModel(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewModelTag(id), nil
-	case RelationTagKind:
-		id = relationTagSuffixToKey(id)
-		if !IsValidRelation(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewRelationTag(id), nil
-	case NetworkTagKind:
-		if !IsValidNetwork(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewNetworkTag(id), nil
-	case ActionTagKind:
-		if !IsValidAction(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewActionTag(id), nil
-	case VolumeTagKind:
-		id = volumeTagSuffixToId(id)
-		if !IsValidVolume(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewVolumeTag(id), nil
-	case CharmTagKind:
-		if !IsValidCharm(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewCharmTag(id), nil
-	case StorageTagKind:
-		id = storageTagSuffixToId(id)
-		if !IsValidStorage(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewStorageTag(id), nil
-	case FilesystemTagKind:
-		id = filesystemTagSuffixToId(id)
-		if !IsValidFilesystem(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewFilesystemTag(id), nil
-	case IPAddressTagKind:
-		uuid, err := utils.UUIDFromString(id)
-		if err != nil {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewIPAddressTag(uuid.String()), nil
-	case SubnetTagKind:
-		if !IsValidSubnet(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewSubnetTag(id), nil
-	case SpaceTagKind:
-		if !IsValidSpace(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewSpaceTag(id), nil
-	case PayloadTagKind:
-		if !IsValidPayload(id) {
-			return nil, invalidTagError(tag, kind)
-		}
-		return NewPayloadTag(id), nil
-	default:
-		return nil, invalidTagError(tag, "")
-	}
-}
-
-func invalidTagError(tag, kind string) error {
-	if kind != "" {
-		return fmt.Errorf("%q is not a valid %s tag", tag, kind)
-	}
-	return fmt.Errorf("%q is not a valid tag", tag)
-}
-
-// ReadableString returns a human-readable string from the tag passed in.
-// It currently supports unit and machine tags. Support for additional types
-// can be added in as needed.
-func ReadableString(tag Tag) string {
-	if tag == nil {
-		return ""
-	}
-
-	return tag.Kind() + " " + tag.Id()
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/tag_test.go juju-core-2.0~beta12/src/github.com/juju/names/tag_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/tag_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/tag_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,308 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type tagSuite struct{}
-
-var _ = gc.Suite(&tagSuite{})
-
-var tagKindTests = []struct {
-	tag  string
-	kind string
-	err  string
-}{
-	{tag: "unit-wordpress-42", kind: names.UnitTagKind},
-	{tag: "machine-42", kind: names.MachineTagKind},
-	{tag: "service-foo", kind: names.ServiceTagKind},
-	{tag: "environment-42", kind: names.EnvironTagKind},
-	{tag: "model-42", kind: names.ModelTagKind},
-	{tag: "user-admin", kind: names.UserTagKind},
-	{tag: "relation-service1.rel1#other-svc.other-rel2", kind: names.RelationTagKind},
-	{tag: "relation-service.peerRelation", kind: names.RelationTagKind},
-	{tag: "foo", err: `"foo" is not a valid tag`},
-	{tag: "unit", err: `"unit" is not a valid tag`},
-	{tag: "network", err: `"network" is not a valid tag`},
-	{tag: "network-42", kind: names.NetworkTagKind},
-	{tag: "ab01cd23-0123-4edc-9a8b-fedcba987654", err: `"ab01cd23-0123-4edc-9a8b-fedcba987654" is not a valid tag`},
-	{tag: "action-ab01cd23-0123-4edc-9a8b-fedcba987654", kind: names.ActionTagKind},
-	{tag: "volume-0", kind: names.VolumeTagKind},
-	{tag: "storage-data-0", kind: names.StorageTagKind},
-	{tag: "filesystem-0", kind: names.FilesystemTagKind},
-	{tag: "ipaddress", err: `"ipaddress" is not a valid tag`},
-	{tag: "ipaddress-42424242-1111-2222-3333-0123456789ab", kind: names.IPAddressTagKind},
-	{tag: "subnet", err: `"subnet" is not a valid tag`},
-	{tag: "subnet-10.20.0.0/16", kind: names.SubnetTagKind},
-	{tag: "subnet-2001:db8::/32", kind: names.SubnetTagKind},
-	{tag: "space", err: `"space" is not a valid tag`},
-	{tag: "space-42", kind: names.SpaceTagKind},
-}
-
-func (*tagSuite) TestTagKind(c *gc.C) {
-	for i, test := range tagKindTests {
-		c.Logf("test %d: %q -> %q", i, test.tag, test.kind)
-		kind, err := names.TagKind(test.tag)
-		if test.err == "" {
-			c.Assert(test.kind, gc.Equals, kind)
-			c.Assert(err, gc.IsNil)
-		} else {
-			c.Assert(kind, gc.Equals, "")
-			c.Assert(err, gc.ErrorMatches, test.err)
-		}
-	}
-}
-
-var parseTagTests = []struct {
-	tag        string
-	expectKind string
-	expectType interface{}
-	resultId   string
-	resultErr  string
-}{{
-	tag:        "machine-10",
-	expectKind: names.MachineTagKind,
-	expectType: names.MachineTag{},
-	resultId:   "10",
-}, {
-	tag:        "machine-10-lxc-1",
-	expectKind: names.MachineTagKind,
-	expectType: names.MachineTag{},
-	resultId:   "10/lxc/1",
-}, {
-	tag:        "machine-#",
-	expectKind: names.MachineTagKind,
-	expectType: names.MachineTag{},
-	resultErr:  `"machine-#" is not a valid machine tag`,
-}, {
-	tag:        "unit-wordpress-0",
-	expectKind: names.UnitTagKind,
-	expectType: names.UnitTag{},
-	resultId:   "wordpress/0",
-}, {
-	tag:        "unit-rabbitmq-server-0",
-	expectKind: names.UnitTagKind,
-	expectType: names.UnitTag{},
-	resultId:   "rabbitmq-server/0",
-}, {
-	tag:        "unit-#",
-	expectKind: names.UnitTagKind,
-	expectType: names.UnitTag{},
-	resultErr:  `"unit-#" is not a valid unit tag`,
-}, {
-	tag:        "service-wordpress",
-	expectKind: names.ServiceTagKind,
-	expectType: names.ServiceTag{},
-	resultId:   "wordpress",
-}, {
-	tag:        "service-#",
-	expectKind: names.ServiceTagKind,
-	expectType: names.ServiceTag{},
-	resultErr:  `"service-#" is not a valid service tag`,
-}, {
-	tag:        "environment-f47ac10b-58cc-4372-a567-0e02b2c3d479",
-	expectKind: names.EnvironTagKind,
-	expectType: names.EnvironTag{},
-	resultId:   "f47ac10b-58cc-4372-a567-0e02b2c3d479",
-}, {
-	tag:        "model-f47ac10b-58cc-4372-a567-0e02b2c3d479",
-	expectKind: names.ModelTagKind,
-	expectType: names.ModelTag{},
-	resultId:   "f47ac10b-58cc-4372-a567-0e02b2c3d479",
-}, {
-	tag:        "relation-my-svc1.myrel1#other-svc.other-rel2",
-	expectKind: names.RelationTagKind,
-	expectType: names.RelationTag{},
-	resultId:   "my-svc1:myrel1 other-svc:other-rel2",
-}, {
-	tag:        "relation-riak.ring",
-	expectKind: names.RelationTagKind,
-	expectType: names.RelationTag{},
-	resultId:   "riak:ring",
-}, {
-	tag:        "environment-/",
-	expectKind: names.EnvironTagKind,
-	expectType: names.EnvironTag{},
-	resultErr:  `"environment-/" is not a valid environment tag`,
-}, {
-	tag:        "model-/",
-	expectKind: names.ModelTagKind,
-	expectType: names.ModelTag{},
-	resultErr:  `"model-/" is not a valid model tag`,
-}, {
-	tag:        "user-foo",
-	expectKind: names.UserTagKind,
-	expectType: names.UserTag{},
-	resultId:   "foo",
-}, {
-	tag:        "user-foo@local",
-	expectKind: names.UserTagKind,
-	expectType: names.UserTag{},
-	resultId:   "foo@local",
-}, {
-	tag:        "user-/",
-	expectKind: names.UserTagKind,
-	expectType: names.UserTag{},
-	resultErr:  `"user-/" is not a valid user tag`,
-}, {
-	tag:        "network-",
-	expectKind: names.NetworkTagKind,
-	expectType: names.NetworkTag{},
-	resultErr:  `"network-" is not a valid network tag`,
-}, {
-	tag:        "network-mynet1",
-	expectKind: names.NetworkTagKind,
-	expectType: names.NetworkTag{},
-	resultId:   "mynet1",
-}, {
-	tag:        "action-00000000-abcd",
-	expectKind: names.ActionTagKind,
-	expectType: names.ActionTag{},
-	resultErr:  `"action-00000000-abcd" is not a valid action tag`,
-}, {
-	tag:        "action-00000033",
-	expectKind: names.ActionTagKind,
-	expectType: names.ActionTag{},
-	resultErr:  `"action-00000033" is not a valid action tag`,
-}, {
-	tag:        "action-abedaf33-3212-4fde-aeca-87356432deca",
-	expectKind: names.ActionTagKind,
-	expectType: names.ActionTag{},
-	resultId:   "abedaf33-3212-4fde-aeca-87356432deca",
-}, {
-	tag:        "volume-2",
-	expectKind: names.VolumeTagKind,
-	expectType: names.VolumeTag{},
-	resultId:   "2",
-}, {
-	tag:        "filesystem-3",
-	expectKind: names.FilesystemTagKind,
-	expectType: names.FilesystemTag{},
-	resultId:   "3",
-}, {
-	tag:        "storage-block-storage-0",
-	expectKind: names.StorageTagKind,
-	expectType: names.StorageTag{},
-	resultId:   "block-storage/0",
-}, {
-	tag:       "foo",
-	resultErr: `"foo" is not a valid tag`,
-}, {
-	tag:       "ipaddress-",
-	resultErr: `"ipaddress-" is not a valid ipaddress tag`,
-}, {
-	tag:        "ipaddress-42424242-1111-2222-3333-0123456789ab",
-	expectKind: names.IPAddressTagKind,
-	expectType: names.IPAddressTag{},
-	resultId:   "42424242-1111-2222-3333-0123456789ab",
-}, {
-	tag:       "subnet-",
-	resultErr: `"subnet-" is not a valid subnet tag`,
-}, {
-	tag:        "subnet-10.20.0.0/16",
-	expectKind: names.SubnetTagKind,
-	expectType: names.SubnetTag{},
-	resultId:   "10.20.0.0/16",
-}, {
-	tag:        "subnet-2001:db8::/32",
-	expectKind: names.SubnetTagKind,
-	expectType: names.SubnetTag{},
-	resultId:   "2001:db8::/32",
-}, {
-	tag:       "space-",
-	resultErr: `"space-" is not a valid space tag`,
-}, {
-	tag:        "space-myspace1",
-	expectKind: names.SpaceTagKind,
-	expectType: names.SpaceTag{},
-	resultId:   "myspace1",
-}}
-
-var makeTag = map[string]func(string) names.Tag{
-	names.MachineTagKind:    func(tag string) names.Tag { return names.NewMachineTag(tag) },
-	names.UnitTagKind:       func(tag string) names.Tag { return names.NewUnitTag(tag) },
-	names.ServiceTagKind:    func(tag string) names.Tag { return names.NewServiceTag(tag) },
-	names.RelationTagKind:   func(tag string) names.Tag { return names.NewRelationTag(tag) },
-	names.EnvironTagKind:    func(tag string) names.Tag { return names.NewEnvironTag(tag) },
-	names.ModelTagKind:      func(tag string) names.Tag { return names.NewModelTag(tag) },
-	names.UserTagKind:       func(tag string) names.Tag { return names.NewUserTag(tag) },
-	names.NetworkTagKind:    func(tag string) names.Tag { return names.NewNetworkTag(tag) },
-	names.ActionTagKind:     func(tag string) names.Tag { return names.NewActionTag(tag) },
-	names.VolumeTagKind:     func(tag string) names.Tag { return names.NewVolumeTag(tag) },
-	names.FilesystemTagKind: func(tag string) names.Tag { return names.NewFilesystemTag(tag) },
-	names.StorageTagKind:    func(tag string) names.Tag { return names.NewStorageTag(tag) },
-	names.IPAddressTagKind:  func(tag string) names.Tag { return names.NewIPAddressTag(tag) },
-	names.SubnetTagKind:     func(tag string) names.Tag { return names.NewSubnetTag(tag) },
-	names.SpaceTagKind:      func(tag string) names.Tag { return names.NewSpaceTag(tag) },
-}
-
-func (*tagSuite) TestParseTag(c *gc.C) {
-	for i, test := range parseTagTests {
-		c.Logf("test %d: %q expectKind %q", i, test.tag, test.expectKind)
-		tag, err := names.ParseTag(test.tag)
-		if test.resultErr != "" {
-			c.Assert(err, gc.ErrorMatches, test.resultErr)
-			c.Assert(tag, gc.IsNil)
-
-			// If the tag has a valid kind which matches the
-			// expected kind, test that using an empty
-			// expectKind does not change the error message.
-			if tagKind, err := names.TagKind(test.tag); err == nil && tagKind == test.expectKind {
-				tag, err := names.ParseTag(test.tag)
-				c.Assert(err, gc.ErrorMatches, test.resultErr)
-				c.Assert(tag, gc.IsNil)
-			}
-		} else {
-			c.Assert(err, gc.IsNil)
-			kind, id := tag.Kind(), tag.Id()
-			c.Assert(err, gc.IsNil)
-			c.Assert(id, gc.Equals, test.resultId)
-			if test.expectKind != "" {
-				c.Assert(kind, gc.Equals, test.expectKind)
-			} else {
-				expectKind, err := names.TagKind(test.tag)
-				c.Assert(err, gc.IsNil)
-				c.Assert(kind, gc.Equals, expectKind) // will be removed in the next branch
-				c.Assert(tag, gc.FitsTypeOf, test.expectType)
-			}
-			// Check that it's reversible.
-			if f := makeTag[kind]; f != nil {
-				reversed := f(id).String()
-				c.Assert(reversed, gc.Equals, test.tag)
-			}
-			// Check that it parses ok without an expectKind.
-			tag, err := names.ParseTag(test.tag)
-			c.Assert(err, gc.IsNil)
-			c.Assert(tag, gc.FitsTypeOf, test.expectType)
-			c.Assert(tag.Kind(), gc.Equals, test.expectKind) // will be removed in the next branch
-			c.Assert(tag.Id(), gc.Equals, id)
-		}
-	}
-}
-
-func (*tagSuite) TestReadableString(c *gc.C) {
-	var readableStringTests = []struct {
-		tag    names.Tag
-		result string
-	}{{
-		tag:    nil,
-		result: "",
-	}, {
-		tag:    names.NewMachineTag("0"),
-		result: "machine 0",
-	}, {
-		tag:    names.NewUnitTag("wordpress/2"),
-		result: "unit wordpress/2",
-	}}
-
-	for i, test := range readableStringTests {
-		c.Logf("test %d: expected result %q", i, test.result)
-		resultStr := names.ReadableString(test.tag)
-		c.Assert(resultStr, gc.Equals, test.result)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/unit.go juju-core-2.0~beta12/src/github.com/juju/names/unit.go
--- juju-core-2.0~beta7/src/github.com/juju/names/unit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/unit.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,79 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-	"strings"
-)
-
-const UnitTagKind = "unit"
-
-var validUnit = regexp.MustCompile("^(" + ServiceSnippet + ")/" + NumberSnippet + "$")
-
-type UnitTag struct {
-	name string
-}
-
-func (t UnitTag) String() string { return t.Kind() + "-" + t.name }
-func (t UnitTag) Kind() string   { return UnitTagKind }
-func (t UnitTag) Id() string     { return unitTagSuffixToId(t.name) }
-
-// NewUnitTag returns the tag for the unit with the given name.
-// It will panic if the given unit name is not valid.
-func NewUnitTag(unitName string) UnitTag {
-	tag, ok := tagFromUnitName(unitName)
-	if !ok {
-		panic(fmt.Sprintf("%q is not a valid unit name", unitName))
-	}
-	return tag
-}
-
-// ParseUnitTag parses a unit tag string.
-func ParseUnitTag(unitTag string) (UnitTag, error) {
-	tag, err := ParseTag(unitTag)
-	if err != nil {
-		return UnitTag{}, err
-	}
-	ut, ok := tag.(UnitTag)
-	if !ok {
-		return UnitTag{}, invalidTagError(unitTag, UnitTagKind)
-	}
-	return ut, nil
-}
-
-// IsValidUnit returns whether name is a valid unit name.
-func IsValidUnit(name string) bool {
-	return validUnit.MatchString(name)
-}
-
-// UnitService returns the name of the service that the unit is
-// associated with. It returns an error if unitName is not a valid unit name.
-func UnitService(unitName string) (string, error) {
-	s := validUnit.FindStringSubmatch(unitName)
-	if s == nil {
-		return "", fmt.Errorf("%q is not a valid unit name", unitName)
-	}
-	return s[1], nil
-}
-
-func tagFromUnitName(unitName string) (UnitTag, bool) {
-	// Replace only the last "/" with "-".
-	i := strings.LastIndex(unitName, "/")
-	if i <= 0 || !IsValidUnit(unitName) {
-		return UnitTag{}, false
-	}
-	unitName = unitName[:i] + "-" + unitName[i+1:]
-	return UnitTag{name: unitName}, true
-}
-
-func unitTagSuffixToId(s string) string {
-	// Replace only the last "-" with "/", as it is valid for service
-	// names to contain hyphens.
-	if i := strings.LastIndex(s, "-"); i > 0 {
-		s = s[:i] + "/" + s[i+1:]
-	}
-	return s
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/unit_test.go juju-core-2.0~beta12/src/github.com/juju/names/unit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/unit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/unit_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,104 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type unitSuite struct{}
-
-var _ = gc.Suite(&unitSuite{})
-
-func (s *unitSuite) TestUnitTag(c *gc.C) {
-	c.Assert(names.NewUnitTag("wordpress/2").String(), gc.Equals, "unit-wordpress-2")
-}
-
-var unitNameTests = []struct {
-	pattern string
-	valid   bool
-	service string
-}{
-	{pattern: "wordpress/42", valid: true, service: "wordpress"},
-	{pattern: "rabbitmq-server/123", valid: true, service: "rabbitmq-server"},
-	{pattern: "foo", valid: false},
-	{pattern: "foo/", valid: false},
-	{pattern: "bar/foo", valid: false},
-	{pattern: "20/20", valid: false},
-	{pattern: "foo-55", valid: false},
-	{pattern: "foo-bar/123", valid: true, service: "foo-bar"},
-	{pattern: "foo-bar/123/", valid: false},
-	{pattern: "foo-bar/123-not", valid: false},
-}
-
-func (s *unitSuite) TestUnitNameFormats(c *gc.C) {
-	for i, test := range unitNameTests {
-		c.Logf("test %d: %q", i, test.pattern)
-		c.Assert(names.IsValidUnit(test.pattern), gc.Equals, test.valid)
-	}
-}
-
-func (s *unitSuite) TestInvalidUnitTagFormats(c *gc.C) {
-	for i, test := range unitNameTests {
-		if !test.valid {
-			c.Logf("test %d: %q", i, test.pattern)
-			expect := fmt.Sprintf("%q is not a valid unit name", test.pattern)
-			testUnitTag := func() { names.NewUnitTag(test.pattern) }
-			c.Assert(testUnitTag, gc.PanicMatches, expect)
-		}
-	}
-}
-
-func (s *serviceSuite) TestUnitService(c *gc.C) {
-	for i, test := range unitNameTests {
-		c.Logf("test %d: %q", i, test.pattern)
-		if !test.valid {
-			expect := fmt.Sprintf("%q is not a valid unit name", test.pattern)
-			_, err := names.UnitService(test.pattern)
-			c.Assert(err, gc.ErrorMatches, expect)
-		} else {
-			result, err := names.UnitService(test.pattern)
-			c.Assert(err, gc.IsNil)
-			c.Assert(result, gc.Equals, test.service)
-		}
-	}
-}
-
-var parseUnitTagTests = []struct {
-	tag      string
-	expected names.Tag
-	err      error
-}{{
-	tag: "",
-	err: names.InvalidTagError("", ""),
-}, {
-	tag:      "unit-dave/0",
-	expected: names.NewUnitTag("dave/0"),
-}, {
-	tag: "dave",
-	err: names.InvalidTagError("dave", ""),
-}, {
-	tag: "unit-dave",
-	err: names.InvalidTagError("unit-dave", names.UnitTagKind), // not a valid unit name either
-}, {
-	tag: "service-dave",
-	err: names.InvalidTagError("service-dave", names.UnitTagKind),
-}}
-
-func (s *unitSuite) TestParseUnitTag(c *gc.C) {
-	for i, t := range parseUnitTagTests {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseUnitTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/user.go juju-core-2.0~beta12/src/github.com/juju/names/user.go
--- juju-core-2.0~beta7/src/github.com/juju/names/user.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/user.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,137 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-)
-
-const (
-	UserTagKind     = "user"
-	LocalUserDomain = "local"
-)
-
-var (
-	// TODO this does not allow single character usernames or
-	// domains. Is that deliberate?
-	// https://github.com/juju/names/issues/54
-	validUserPart = "[a-zA-Z0-9][a-zA-Z0-9.+-]*[a-zA-Z0-9]"
-	validName     = regexp.MustCompile(fmt.Sprintf("^(?P<name>%s)(?:@(?P<domain>%s))?$", validUserPart, validUserPart))
-	validUserName = regexp.MustCompile("^" + validUserPart + "$")
-)
-
-// IsValidUser returns whether id is a valid user id.
-// Valid users may or may not be qualified with an
-// @domain suffix. Examples of valid users include
-// bob, bob@local, bob@somewhere-else, 0-a-f@123.
-func IsValidUser(id string) bool {
-	return validName.MatchString(id)
-}
-
-// IsValidUserName returns whether the given
-// name is a valid name part of a user. That is,
-// usernames with a domain suffix will return
-// false.
-func IsValidUserName(name string) bool {
-	return validUserName.MatchString(name)
-}
-
-// IsValidUserDomain returns whether the given user
-// domain is valid.
-func IsValidUserDomain(domain string) bool {
-	return validUserName.MatchString(domain)
-}
-
-// UserTag represents a user that may be stored locally
-// or associated with some external domain.
-type UserTag struct {
-	name   string
-	domain string
-}
-
-func (t UserTag) Kind() string   { return UserTagKind }
-func (t UserTag) String() string { return UserTagKind + "-" + t.Id() }
-
-// Id implements Tag.Id. It always returns the same id that it was
-// created with, so NewUserTag(x).Id() == x for all valid users x. This
-// means that local users might or might not have an @local domain in
-// their id.
-func (t UserTag) Id() string {
-	if t.domain == "" {
-		return t.name
-	}
-	return t.name + "@" + t.domain
-}
-
-// Name returns the name part of the user name
-// without its associated domain.
-func (t UserTag) Name() string { return t.name }
-
-// Canonical returns the user name and its domain in canonical form.
-// Specifically, user tags in the local domain will always return an
-// @local prefix, regardless of the id the user was created with. This
-// is the only difference from the Id method.
-func (t UserTag) Canonical() string {
-	return t.name + "@" + t.Domain()
-}
-
-// IsLocal returns true if the tag represents a local user.
-func (t UserTag) IsLocal() bool {
-	return t.Domain() == LocalUserDomain
-}
-
-// Domain returns the user domain. Users in the local database
-// are from the LocalDomain. Other users are considered 'remote' users.
-func (t UserTag) Domain() string {
-	if t.domain == "" {
-		return LocalUserDomain
-	}
-	return t.domain
-}
-
-// WithDomain returns a copy of the user tag with the
-// domain changed to the given argument.
-// The domain must satisfy IsValidUserDomain
-// or this function will panic.
-func (t UserTag) WithDomain(domain string) UserTag {
-	if !IsValidUserDomain(domain) {
-		panic(fmt.Sprintf("invalid user domain %q", domain))
-	}
-	return UserTag{
-		name:   t.name,
-		domain: domain,
-	}
-}
-
-// NewUserTag returns the tag for the user with the given name.
-// It panics if the user name does not satisfy IsValidUser.
-func NewUserTag(userName string) UserTag {
-	parts := validName.FindStringSubmatch(userName)
-	if len(parts) != 3 {
-		panic(fmt.Sprintf("invalid user tag %q", userName))
-	}
-	return UserTag{name: parts[1], domain: parts[2]}
-}
-
-// NewLocalUserTag returns the tag for a local user with the given name.
-func NewLocalUserTag(name string) UserTag {
-	if !IsValidUserName(name) {
-		panic(fmt.Sprintf("invalid user name %q", name))
-	}
-	return UserTag{name: name, domain: LocalUserDomain}
-}
-
-// ParseUserTag parses a user tag string.
-func ParseUserTag(tag string) (UserTag, error) {
-	t, err := ParseTag(tag)
-	if err != nil {
-		return UserTag{}, err
-	}
-	ut, ok := t.(UserTag)
-	if !ok {
-		return UserTag{}, invalidTagError(tag, UserTagKind)
-	}
-	return ut, nil
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/user_test.go juju-core-2.0~beta12/src/github.com/juju/names/user_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/user_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/user_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,241 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type userSuite struct{}
-
-var _ = gc.Suite(&userSuite{})
-
-func (s *userSuite) TestUserTag(c *gc.C) {
-	for i, t := range []struct {
-		input    string
-		string   string
-		name     string
-		domain   string
-		username string
-	}{
-		{
-			input:    "bob",
-			string:   "user-bob",
-			name:     "bob",
-			domain:   names.LocalUserDomain,
-			username: "bob@local",
-		}, {
-			input:    "bob@local",
-			string:   "user-bob@local",
-			name:     "bob",
-			domain:   names.LocalUserDomain,
-			username: "bob@local",
-		}, {
-			input:    "bob@foo",
-			string:   "user-bob@foo",
-			name:     "bob",
-			domain:   "foo",
-			username: "bob@foo",
-		},
-	} {
-		c.Logf("test %d: %s", i, t.input)
-		userTag := names.NewUserTag(t.input)
-		c.Check(userTag.String(), gc.Equals, t.string)
-		c.Check(userTag.Id(), gc.Equals, t.input)
-		c.Check(userTag.Name(), gc.Equals, t.name)
-		c.Check(userTag.Domain(), gc.Equals, t.domain)
-		c.Check(userTag.IsLocal(), gc.Equals, t.domain == names.LocalUserDomain)
-		c.Check(userTag.Canonical(), gc.Equals, t.username)
-	}
-}
-
-var withDomainTests = []struct {
-	id       string
-	domain   string
-	expectId string
-}{{
-	id:       "bob",
-	domain:   names.LocalUserDomain,
-	expectId: "bob@local",
-}, {
-	id:       "bob@local",
-	domain:   "foo",
-	expectId: "bob@foo",
-}, {
-	id:     "bob@local",
-	domain: "",
-}, {
-	id:       "bob@foo",
-	domain:   names.LocalUserDomain,
-	expectId: "bob@local",
-}, {
-	id:     "bob",
-	domain: "@foo",
-}}
-
-func (s *userSuite) TestWithDomain(c *gc.C) {
-	for i, test := range withDomainTests {
-		c.Logf("test %d: id %q; domain %q", i, test.id, test.domain)
-		tag := names.NewUserTag(test.id)
-		if test.expectId == "" {
-			c.Assert(func() {
-				tag.WithDomain(test.domain)
-			}, gc.PanicMatches, fmt.Sprintf("invalid user domain %q", test.domain))
-		} else {
-			c.Assert(tag.WithDomain(test.domain).Id(), gc.Equals, test.expectId)
-		}
-	}
-}
-
-func (s *userSuite) TestIsValidUser(c *gc.C) {
-	for i, t := range []struct {
-		string string
-		expect bool
-	}{
-		{"", false},
-		{"bob", true},
-		{"Bob", true},
-		{"bOB", true},
-		{"b^b", false},
-		{"bob1", true},
-		{"bob-1", true},
-		{"bob+1", true},
-		{"bob+", false},
-		{"+bob", false},
-		{"bob.1", true},
-		{"1bob", true},
-		{"1-bob", true},
-		{"1+bob", true},
-		{"1.bob", true},
-		{"jim.bob+99-1.", false},
-		{"a", false},
-		{"0foo", true},
-		{"foo bar", false},
-		{"bar{}", false},
-		{"bar+foo", true},
-		{"bar_foo", false},
-		{"bar!", false},
-		{"bar^", false},
-		{"bar*", false},
-		{"foo=bar", false},
-		{"foo?", false},
-		{"[bar]", false},
-		{"'foo'", false},
-		{"%bar", false},
-		{"&bar", false},
-		{"#1foo", false},
-		{"bar@ram.u", true},
-		{"bar@", false},
-		{"@local", false},
-		{"not/valid", false},
-	} {
-		c.Logf("test %d: %s", i, t.string)
-		c.Assert(names.IsValidUser(t.string), gc.Equals, t.expect, gc.Commentf("%s", t.string))
-	}
-}
-
-func (s *userSuite) TestIsValidUserNameOrDomain(c *gc.C) {
-	for i, t := range []struct {
-		string string
-		expect bool
-	}{
-		{"", false},
-		{"bob", true},
-		{"Bob", true},
-		{"bOB", true},
-		{"b^b", false},
-		{"bob1", true},
-		{"bob-1", true},
-		{"bob+1", true},
-		{"bob+", false},
-		{"+bob", false},
-		{"bob.1", true},
-		{"1bob", true},
-		{"1-bob", true},
-		{"1+bob", true},
-		{"1.bob", true},
-		{"jim.bob+99-1.", false},
-		{"a", false},
-		{"0foo", true},
-		{"foo bar", false},
-		{"bar{}", false},
-		{"bar+foo", true},
-		{"bar_foo", false},
-		{"bar!", false},
-		{"bar^", false},
-		{"bar*", false},
-		{"foo=bar", false},
-		{"foo?", false},
-		{"[bar]", false},
-		{"'foo'", false},
-		{"%bar", false},
-		{"&bar", false},
-		{"#1foo", false},
-		{"bar@ram.u", false},
-		{"bar@local", false},
-		{"bar@ubuntuone", false},
-		{"bar@", false},
-		{"@local", false},
-		{"not/valid", false},
-	} {
-		c.Logf("test %d: %s", i, t.string)
-		c.Assert(names.IsValidUserName(t.string), gc.Equals, t.expect, gc.Commentf("%s", t.string))
-		c.Assert(names.IsValidUserDomain(t.string), gc.Equals, t.expect, gc.Commentf("%s", t.string))
-	}
-}
-
-func (s *userSuite) TestParseUserTag(c *gc.C) {
-	for i, t := range []struct {
-		tag      string
-		expected names.Tag
-		err      error
-	}{{
-		tag: "",
-		err: names.InvalidTagError("", ""),
-	}, {
-		tag:      "user-dave",
-		expected: names.NewUserTag("dave"),
-	}, {
-		tag:      "user-dave@local",
-		expected: names.NewUserTag("dave@local"),
-	}, {
-		tag:      "user-dave@foobar",
-		expected: names.NewUserTag("dave@foobar"),
-	}, {
-		tag: "dave",
-		err: names.InvalidTagError("dave", ""),
-	}, {
-		tag: "unit-dave",
-		err: names.InvalidTagError("unit-dave", names.UnitTagKind), // not a valid unit name either
-	}, {
-		tag: "service-dave",
-		err: names.InvalidTagError("service-dave", names.UserTagKind),
-	}} {
-		c.Logf("test %d: %s", i, t.tag)
-		got, err := names.ParseUserTag(t.tag)
-		if err != nil || t.err != nil {
-			c.Check(err, gc.DeepEquals, t.err)
-			continue
-		}
-		c.Check(got, gc.FitsTypeOf, t.expected)
-		c.Check(got, gc.Equals, t.expected)
-	}
-}
-
-func (s *userSuite) TestNewLocalUserTag(c *gc.C) {
-	user := names.NewLocalUserTag("bob")
-	c.Assert(user.Canonical(), gc.Equals, "bob@local")
-	c.Assert(user.Name(), gc.Equals, "bob")
-	c.Assert(user.Domain(), gc.Equals, "local")
-	c.Assert(user.IsLocal(), gc.Equals, true)
-	c.Assert(user.String(), gc.Equals, "user-bob@local")
-
-	c.Assert(func() { names.NewLocalUserTag("bob@local") }, gc.PanicMatches, `invalid user name "bob@local"`)
-	c.Assert(func() { names.NewLocalUserTag("") }, gc.PanicMatches, `invalid user name ""`)
-	c.Assert(func() { names.NewLocalUserTag("!@#") }, gc.PanicMatches, `invalid user name "!@#"`)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/volume.go juju-core-2.0~beta12/src/github.com/juju/names/volume.go
--- juju-core-2.0~beta7/src/github.com/juju/names/volume.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/volume.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,76 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names
-
-import (
-	"fmt"
-	"regexp"
-	"strings"
-)
-
-const VolumeTagKind = "volume"
-
-// Volumes may be bound to a machine, meaning that the volume cannot
-// exist without that machine. We encode this in the tag to allow
-var validVolume = regexp.MustCompile("^(" + MachineSnippet + "/)?" + NumberSnippet + "$")
-
-type VolumeTag struct {
-	id string
-}
-
-func (t VolumeTag) String() string { return t.Kind() + "-" + t.id }
-func (t VolumeTag) Kind() string   { return VolumeTagKind }
-func (t VolumeTag) Id() string     { return volumeTagSuffixToId(t.id) }
-
-// NewVolumeTag returns the tag for the volume with the given ID.
-// It will panic if the given volume ID is not valid.
-func NewVolumeTag(id string) VolumeTag {
-	tag, ok := tagFromVolumeId(id)
-	if !ok {
-		panic(fmt.Sprintf("%q is not a valid volume ID", id))
-	}
-	return tag
-}
-
-// ParseVolumeTag parses a volume tag string.
-func ParseVolumeTag(volumeTag string) (VolumeTag, error) {
-	tag, err := ParseTag(volumeTag)
-	if err != nil {
-		return VolumeTag{}, err
-	}
-	dt, ok := tag.(VolumeTag)
-	if !ok {
-		return VolumeTag{}, invalidTagError(volumeTag, VolumeTagKind)
-	}
-	return dt, nil
-}
-
-// IsValidVolume returns whether id is a valid volume ID.
-func IsValidVolume(id string) bool {
-	return validVolume.MatchString(id)
-}
-
-// VolumeMachine returns the machine component of the volume
-// tag, and a boolean indicating whether or not there is a
-// machine component.
-func VolumeMachine(tag VolumeTag) (MachineTag, bool) {
-	id := tag.Id()
-	pos := strings.LastIndex(id, "/")
-	if pos == -1 {
-		return MachineTag{}, false
-	}
-	return NewMachineTag(id[:pos]), true
-}
-
-func tagFromVolumeId(id string) (VolumeTag, bool) {
-	if !IsValidVolume(id) {
-		return VolumeTag{}, false
-	}
-	id = strings.Replace(id, "/", "-", -1)
-	return VolumeTag{id}, true
-}
-
-func volumeTagSuffixToId(s string) string {
-	return strings.Replace(s, "-", "/", -1)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/names/volume_test.go juju-core-2.0~beta12/src/github.com/juju/names/volume_test.go
--- juju-core-2.0~beta7/src/github.com/juju/names/volume_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/names/volume_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,81 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package names_test
-
-import (
-	"fmt"
-
-	gc "gopkg.in/check.v1"
-
-	"github.com/juju/names"
-)
-
-type volumeSuite struct{}
-
-var _ = gc.Suite(&volumeSuite{})
-
-func (s *volumeSuite) TestVolumeTag(c *gc.C) {
-	c.Assert(names.NewVolumeTag("1").String(), gc.Equals, "volume-1")
-}
-
-func (s *volumeSuite) TestVolumeNameValidity(c *gc.C) {
-	assertVolumeNameValid(c, "0")
-	assertVolumeNameValid(c, "0/lxc/0/0")
-	assertVolumeNameValid(c, "1000")
-	assertVolumeNameInvalid(c, "-1")
-	assertVolumeNameInvalid(c, "")
-	assertVolumeNameInvalid(c, "one")
-	assertVolumeNameInvalid(c, "#")
-	assertVolumeNameInvalid(c, "0/0/0") // 0/0 is not a valid machine ID
-}
-
-func (s *volumeSuite) TestParseVolumeTag(c *gc.C) {
-	assertParseVolumeTag(c, "volume-0", names.NewVolumeTag("0"))
-	assertParseVolumeTag(c, "volume-88", names.NewVolumeTag("88"))
-	assertParseVolumeTag(c, "volume-0-lxc-0-88", names.NewVolumeTag("0/lxc/0/88"))
-	assertParseVolumeTagInvalid(c, "", names.InvalidTagError("", ""))
-	assertParseVolumeTagInvalid(c, "one", names.InvalidTagError("one", ""))
-	assertParseVolumeTagInvalid(c, "volume-", names.InvalidTagError("volume-", names.VolumeTagKind))
-	assertParseVolumeTagInvalid(c, "machine-0", names.InvalidTagError("machine-0", names.VolumeTagKind))
-}
-
-func (s *volumeSuite) TestVolumeMachine(c *gc.C) {
-	assertVolumeMachine(c, "0/0", names.NewMachineTag("0"))
-	assertVolumeMachine(c, "0/lxc/0/0", names.NewMachineTag("0/lxc/0"))
-	assertVolumeNoMachine(c, "0")
-}
-
-func assertVolumeMachine(c *gc.C, id string, expect names.MachineTag) {
-	t, ok := names.VolumeMachine(names.NewVolumeTag(id))
-	c.Assert(ok, gc.Equals, true)
-	c.Assert(t, gc.Equals, expect)
-}
-
-func assertVolumeNoMachine(c *gc.C, id string) {
-	_, ok := names.VolumeMachine(names.NewVolumeTag(id))
-	c.Assert(ok, gc.Equals, false)
-}
-
-func assertVolumeNameValid(c *gc.C, name string) {
-	c.Assert(names.IsValidVolume(name), gc.Equals, true)
-	names.NewVolumeTag(name)
-}
-
-func assertVolumeNameInvalid(c *gc.C, name string) {
-	c.Assert(names.IsValidVolume(name), gc.Equals, false)
-	testVolumeTag := func() { names.NewVolumeTag(name) }
-	expect := fmt.Sprintf("%q is not a valid volume ID", name)
-	c.Assert(testVolumeTag, gc.PanicMatches, expect)
-}
-
-func assertParseVolumeTag(c *gc.C, tag string, expect names.VolumeTag) {
-	t, err := names.ParseVolumeTag(tag)
-	c.Assert(err, gc.IsNil)
-	c.Assert(t, gc.Equals, expect)
-}
-
-func assertParseVolumeTagInvalid(c *gc.C, tag string, expect error) {
-	_, err := names.ParseVolumeTag(tag)
-	c.Assert(err, gc.ErrorMatches, expect.Error())
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/ratelimit/LICENSE juju-core-2.0~beta12/src/github.com/juju/ratelimit/LICENSE
--- juju-core-2.0~beta7/src/github.com/juju/ratelimit/LICENSE	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/ratelimit/LICENSE	1970-01-01 00:00:00.000000000 +0000
@@ -1,191 +0,0 @@
-All files in this repository are licensed as follows. If you contribute
-to this repository, it is assumed that you license your contribution
-under the same license unless you state otherwise.
-
-All files Copyright (C) 2015 Canonical Ltd. unless otherwise specified in the file.
-
-This software is licensed under the LGPLv3, included below.
-
-As a special exception to the GNU Lesser General Public License version 3
-("LGPL3"), the copyright holders of this Library give you permission to
-convey to a third party a Combined Work that links statically or dynamically
-to this Library without providing any Minimal Corresponding Source or
-Minimal Application Code as set out in 4d or providing the installation
-information set out in section 4e, provided that you comply with the other
-provisions of LGPL3 and provided that you meet, for the Application the
-terms and conditions of the license(s) which apply to the Application.
-
-Except as stated in this special exception, the provisions of LGPL3 will
-continue to comply in full to this Library. If you modify this Library, you
-may apply this exception to your version of this Library, but you are not
-obliged to do so. If you do not wish to do so, delete this exception
-statement from your version. This exception does not (and cannot) modify any
-license terms which apply to the Application, with which you must still
-comply.
-
-
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/ratelimit/ratelimit.go juju-core-2.0~beta12/src/github.com/juju/ratelimit/ratelimit.go
--- juju-core-2.0~beta7/src/github.com/juju/ratelimit/ratelimit.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/ratelimit/ratelimit.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,226 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3 with static-linking exception.
-// See LICENCE file for details.
-
-// The ratelimit package provides an efficient token bucket implementation.
-// See http://en.wikipedia.org/wiki/Token_bucket.
-package ratelimit
-
-import (
-	"strconv"
-	"sync"
-	"time"
-)
-
-// Bucket represents a token bucket that fills at a predetermined rate.
-// Methods on Bucket may be called concurrently.
-type Bucket struct {
-	startTime    time.Time
-	capacity     int64
-	quantum      int64
-	fillInterval time.Duration
-
-	// The mutex guards the fields following it.
-	mu sync.Mutex
-
-	// avail holds the number of available tokens
-	// in the bucket, as of availTick ticks from startTime.
-	// It will be negative when there are consumers
-	// waiting for tokens.
-	avail     int64
-	availTick int64
-}
-
-// NewBucket returns a new token bucket that fills at the
-// rate of one token every fillInterval, up to the given
-// maximum capacity. Both arguments must be
-// positive. The bucket is initially full.
-func NewBucket(fillInterval time.Duration, capacity int64) *Bucket {
-	return NewBucketWithQuantum(fillInterval, capacity, 1)
-}
-
-// rateMargin specifes the allowed variance of actual
-// rate from specified rate. 1% seems reasonable.
-const rateMargin = 0.01
-
-// NewBucketWithRate returns a token bucket that fills the bucket
-// at the rate of rate tokens per second up to the given
-// maximum capacity. Because of limited clock resolution,
-// at high rates, the actual rate may be up to 1% different from the
-// specified rate.
-func NewBucketWithRate(rate float64, capacity int64) *Bucket {
-	for quantum := int64(1); quantum < 1<<50; quantum = nextQuantum(quantum) {
-		fillInterval := time.Duration(1e9 * float64(quantum) / rate)
-		if fillInterval <= 0 {
-			continue
-		}
-		tb := NewBucketWithQuantum(fillInterval, capacity, quantum)
-		if diff := abs(tb.Rate() - rate); diff/rate <= rateMargin {
-			return tb
-		}
-	}
-	panic("cannot find suitable quantum for " + strconv.FormatFloat(rate, 'g', -1, 64))
-}
-
-// nextQuantum returns the next quantum to try after q.
-// We grow the quantum exponentially, but slowly, so we
-// get a good fit in the lower numbers.
-func nextQuantum(q int64) int64 {
-	q1 := q * 11 / 10
-	if q1 == q {
-		q1++
-	}
-	return q1
-}
-
-// NewBucketWithQuantum is similar to NewBucket, but allows
-// the specification of the quantum size - quantum tokens
-// are added every fillInterval.
-func NewBucketWithQuantum(fillInterval time.Duration, capacity, quantum int64) *Bucket {
-	if fillInterval <= 0 {
-		panic("token bucket fill interval is not > 0")
-	}
-	if capacity <= 0 {
-		panic("token bucket capacity is not > 0")
-	}
-	if quantum <= 0 {
-		panic("token bucket quantum is not > 0")
-	}
-	return &Bucket{
-		startTime:    time.Now(),
-		capacity:     capacity,
-		quantum:      quantum,
-		avail:        capacity,
-		fillInterval: fillInterval,
-	}
-}
-
-// Wait takes count tokens from the bucket, waiting until they are
-// available.
-func (tb *Bucket) Wait(count int64) {
-	if d := tb.Take(count); d > 0 {
-		time.Sleep(d)
-	}
-}
-
-// WaitMaxDuration is like Wait except that it will
-// only take tokens from the bucket if it needs to wait
-// for no greater than maxWait. It reports whether
-// any tokens have been removed from the bucket
-// If no tokens have been removed, it returns immediately.
-func (tb *Bucket) WaitMaxDuration(count int64, maxWait time.Duration) bool {
-	d, ok := tb.TakeMaxDuration(count, maxWait)
-	if d > 0 {
-		time.Sleep(d)
-	}
-	return ok
-}
-
-const infinityDuration time.Duration = 0x7fffffffffffffff
-
-// Take takes count tokens from the bucket without blocking. It returns
-// the time that the caller should wait until the tokens are actually
-// available.
-//
-// Note that if the request is irrevocable - there is no way to return
-// tokens to the bucket once this method commits us to taking them.
-func (tb *Bucket) Take(count int64) time.Duration {
-	d, _ := tb.take(time.Now(), count, infinityDuration)
-	return d
-}
-
-// TakeMaxDuration is like Take, except that
-// it will only take tokens from the bucket if the wait
-// time for the tokens is no greater than maxWait.
-//
-// If it would take longer than maxWait for the tokens
-// to become available, it does nothing and reports false,
-// otherwise it returns the time that the caller should
-// wait until the tokens are actually available, and reports
-// true.
-func (tb *Bucket) TakeMaxDuration(count int64, maxWait time.Duration) (time.Duration, bool) {
-	return tb.take(time.Now(), count, maxWait)
-}
-
-// TakeAvailable takes up to count immediately available tokens from the
-// bucket. It returns the number of tokens removed, or zero if there are
-// no available tokens. It does not block.
-func (tb *Bucket) TakeAvailable(count int64) int64 {
-	return tb.takeAvailable(time.Now(), count)
-}
-
-// takeAvailable is the internal version of TakeAvailable - it takes the
-// current time as an argument to enable easy testing.
-func (tb *Bucket) takeAvailable(now time.Time, count int64) int64 {
-	if count <= 0 {
-		return 0
-	}
-	tb.mu.Lock()
-	defer tb.mu.Unlock()
-
-	tb.adjust(now)
-	if tb.avail <= 0 {
-		return 0
-	}
-	if count > tb.avail {
-		count = tb.avail
-	}
-	tb.avail -= count
-	return count
-}
-
-// Rate returns the fill rate of the bucket, in tokens per second.
-func (tb *Bucket) Rate() float64 {
-	return 1e9 * float64(tb.quantum) / float64(tb.fillInterval)
-}
-
-// take is the internal version of Take - it takes the current time as
-// an argument to enable easy testing.
-func (tb *Bucket) take(now time.Time, count int64, maxWait time.Duration) (time.Duration, bool) {
-	if count <= 0 {
-		return 0, true
-	}
-	tb.mu.Lock()
-	defer tb.mu.Unlock()
-
-	currentTick := tb.adjust(now)
-	avail := tb.avail - count
-	if avail >= 0 {
-		tb.avail = avail
-		return 0, true
-	}
-	// Round up the missing tokens to the nearest multiple
-	// of quantum - the tokens won't be available until
-	// that tick.
-	endTick := currentTick + (-avail+tb.quantum-1)/tb.quantum
-	endTime := tb.startTime.Add(time.Duration(endTick) * tb.fillInterval)
-	waitTime := endTime.Sub(now)
-	if waitTime > maxWait {
-		return 0, false
-	}
-	tb.avail = avail
-	return waitTime, true
-}
-
-// adjust adjusts the current bucket capacity based on the current time.
-// It returns the current tick.
-func (tb *Bucket) adjust(now time.Time) (currentTick int64) {
-	currentTick = int64(now.Sub(tb.startTime) / tb.fillInterval)
-
-	if tb.avail >= tb.capacity {
-		return
-	}
-	tb.avail += (currentTick - tb.availTick) * tb.quantum
-	if tb.avail > tb.capacity {
-		tb.avail = tb.capacity
-	}
-	tb.availTick = currentTick
-	return
-}
-
-func abs(f float64) float64 {
-	if f < 0 {
-		return -f
-	}
-	return f
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/ratelimit/ratelimit_test.go juju-core-2.0~beta12/src/github.com/juju/ratelimit/ratelimit_test.go
--- juju-core-2.0~beta7/src/github.com/juju/ratelimit/ratelimit_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/ratelimit/ratelimit_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,328 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3 with static-linking exception.
-// See LICENCE file for details.
-
-package ratelimit
-
-import (
-	gc "launchpad.net/gocheck"
-
-	"testing"
-	"time"
-)
-
-func TestPackage(t *testing.T) {
-	gc.TestingT(t)
-}
-
-type rateLimitSuite struct{}
-
-var _ = gc.Suite(rateLimitSuite{})
-
-type takeReq struct {
-	time       time.Duration
-	count      int64
-	expectWait time.Duration
-}
-
-var takeTests = []struct {
-	about        string
-	fillInterval time.Duration
-	capacity     int64
-	reqs         []takeReq
-}{{
-	about:        "serial requests",
-	fillInterval: 250 * time.Millisecond,
-	capacity:     10,
-	reqs: []takeReq{{
-		time:       0,
-		count:      0,
-		expectWait: 0,
-	}, {
-		time:       0,
-		count:      10,
-		expectWait: 0,
-	}, {
-		time:       0,
-		count:      1,
-		expectWait: 250 * time.Millisecond,
-	}, {
-		time:       250 * time.Millisecond,
-		count:      1,
-		expectWait: 250 * time.Millisecond,
-	}},
-}, {
-	about:        "concurrent requests",
-	fillInterval: 250 * time.Millisecond,
-	capacity:     10,
-	reqs: []takeReq{{
-		time:       0,
-		count:      10,
-		expectWait: 0,
-	}, {
-		time:       0,
-		count:      2,
-		expectWait: 500 * time.Millisecond,
-	}, {
-		time:       0,
-		count:      2,
-		expectWait: 1000 * time.Millisecond,
-	}, {
-		time:       0,
-		count:      1,
-		expectWait: 1250 * time.Millisecond,
-	}},
-}, {
-	about:        "more than capacity",
-	fillInterval: 1 * time.Millisecond,
-	capacity:     10,
-	reqs: []takeReq{{
-		time:       0,
-		count:      10,
-		expectWait: 0,
-	}, {
-		time:       20 * time.Millisecond,
-		count:      15,
-		expectWait: 5 * time.Millisecond,
-	}},
-}, {
-	about:        "sub-quantum time",
-	fillInterval: 10 * time.Millisecond,
-	capacity:     10,
-	reqs: []takeReq{{
-		time:       0,
-		count:      10,
-		expectWait: 0,
-	}, {
-		time:       7 * time.Millisecond,
-		count:      1,
-		expectWait: 3 * time.Millisecond,
-	}, {
-		time:       8 * time.Millisecond,
-		count:      1,
-		expectWait: 12 * time.Millisecond,
-	}},
-}, {
-	about:        "within capacity",
-	fillInterval: 10 * time.Millisecond,
-	capacity:     5,
-	reqs: []takeReq{{
-		time:       0,
-		count:      5,
-		expectWait: 0,
-	}, {
-		time:       60 * time.Millisecond,
-		count:      5,
-		expectWait: 0,
-	}, {
-		time:       60 * time.Millisecond,
-		count:      1,
-		expectWait: 10 * time.Millisecond,
-	}, {
-		time:       80 * time.Millisecond,
-		count:      2,
-		expectWait: 10 * time.Millisecond,
-	}},
-}}
-
-func (rateLimitSuite) TestTake(c *gc.C) {
-	for i, test := range takeTests {
-		tb := NewBucket(test.fillInterval, test.capacity)
-		for j, req := range test.reqs {
-			d, ok := tb.take(tb.startTime.Add(req.time), req.count, infinityDuration)
-			c.Assert(ok, gc.Equals, true)
-			if d != req.expectWait {
-				c.Fatalf("test %d.%d, %s, got %v want %v", i, j, test.about, d, req.expectWait)
-			}
-		}
-	}
-}
-
-func (rateLimitSuite) TestTakeMaxDuration(c *gc.C) {
-	for i, test := range takeTests {
-		tb := NewBucket(test.fillInterval, test.capacity)
-		for j, req := range test.reqs {
-			if req.expectWait > 0 {
-				d, ok := tb.take(tb.startTime.Add(req.time), req.count, req.expectWait-1)
-				c.Assert(ok, gc.Equals, false)
-				c.Assert(d, gc.Equals, time.Duration(0))
-			}
-			d, ok := tb.take(tb.startTime.Add(req.time), req.count, req.expectWait)
-			c.Assert(ok, gc.Equals, true)
-			if d != req.expectWait {
-				c.Fatalf("test %d.%d, %s, got %v want %v", i, j, test.about, d, req.expectWait)
-			}
-		}
-	}
-}
-
-type takeAvailableReq struct {
-	time   time.Duration
-	count  int64
-	expect int64
-}
-
-var takeAvailableTests = []struct {
-	about        string
-	fillInterval time.Duration
-	capacity     int64
-	reqs         []takeAvailableReq
-}{{
-	about:        "serial requests",
-	fillInterval: 250 * time.Millisecond,
-	capacity:     10,
-	reqs: []takeAvailableReq{{
-		time:   0,
-		count:  0,
-		expect: 0,
-	}, {
-		time:   0,
-		count:  10,
-		expect: 10,
-	}, {
-		time:   0,
-		count:  1,
-		expect: 0,
-	}, {
-		time:   250 * time.Millisecond,
-		count:  1,
-		expect: 1,
-	}},
-}, {
-	about:        "concurrent requests",
-	fillInterval: 250 * time.Millisecond,
-	capacity:     10,
-	reqs: []takeAvailableReq{{
-		time:   0,
-		count:  5,
-		expect: 5,
-	}, {
-		time:   0,
-		count:  2,
-		expect: 2,
-	}, {
-		time:   0,
-		count:  5,
-		expect: 3,
-	}, {
-		time:   0,
-		count:  1,
-		expect: 0,
-	}},
-}, {
-	about:        "more than capacity",
-	fillInterval: 1 * time.Millisecond,
-	capacity:     10,
-	reqs: []takeAvailableReq{{
-		time:   0,
-		count:  10,
-		expect: 10,
-	}, {
-		time:   20 * time.Millisecond,
-		count:  15,
-		expect: 10,
-	}},
-}, {
-	about:        "within capacity",
-	fillInterval: 10 * time.Millisecond,
-	capacity:     5,
-	reqs: []takeAvailableReq{{
-		time:   0,
-		count:  5,
-		expect: 5,
-	}, {
-		time:   60 * time.Millisecond,
-		count:  5,
-		expect: 5,
-	}, {
-		time:   70 * time.Millisecond,
-		count:  1,
-		expect: 1,
-	}},
-}}
-
-func (rateLimitSuite) TestTakeAvailable(c *gc.C) {
-	for i, test := range takeAvailableTests {
-		tb := NewBucket(test.fillInterval, test.capacity)
-		for j, req := range test.reqs {
-			d := tb.takeAvailable(tb.startTime.Add(req.time), req.count)
-			if d != req.expect {
-				c.Fatalf("test %d.%d, %s, got %v want %v", i, j, test.about, d, req.expect)
-			}
-		}
-	}
-}
-
-func (rateLimitSuite) TestPanics(c *gc.C) {
-	c.Assert(func() { NewBucket(0, 1) }, gc.PanicMatches, "token bucket fill interval is not > 0")
-	c.Assert(func() { NewBucket(-2, 1) }, gc.PanicMatches, "token bucket fill interval is not > 0")
-	c.Assert(func() { NewBucket(1, 0) }, gc.PanicMatches, "token bucket capacity is not > 0")
-	c.Assert(func() { NewBucket(1, -2) }, gc.PanicMatches, "token bucket capacity is not > 0")
-}
-
-func isCloseTo(x, y, tolerance float64) bool {
-	return abs(x-y)/y < tolerance
-}
-
-func (rateLimitSuite) TestRate(c *gc.C) {
-	tb := NewBucket(1, 1)
-	if !isCloseTo(tb.Rate(), 1e9, 0.00001) {
-		c.Fatalf("got %v want 1e9", tb.Rate())
-	}
-	tb = NewBucket(2*time.Second, 1)
-	if !isCloseTo(tb.Rate(), 0.5, 0.00001) {
-		c.Fatalf("got %v want 0.5", tb.Rate())
-	}
-	tb = NewBucketWithQuantum(100*time.Millisecond, 1, 5)
-	if !isCloseTo(tb.Rate(), 50, 0.00001) {
-		c.Fatalf("got %v want 50", tb.Rate())
-	}
-}
-
-func checkRate(c *gc.C, rate float64) {
-	tb := NewBucketWithRate(rate, 1<<62)
-	if !isCloseTo(tb.Rate(), rate, rateMargin) {
-		c.Fatalf("got %g want %v", tb.Rate(), rate)
-	}
-	d, ok := tb.take(tb.startTime, 1<<62, infinityDuration)
-	c.Assert(ok, gc.Equals, true)
-	c.Assert(d, gc.Equals, time.Duration(0))
-
-	// Check that the actual rate is as expected by
-	// asking for a not-quite multiple of the bucket's
-	// quantum and checking that the wait time
-	// correct.
-	d, ok = tb.take(tb.startTime, tb.quantum*2-tb.quantum/2, infinityDuration)
-	c.Assert(ok, gc.Equals, true)
-	expectTime := 1e9 * float64(tb.quantum) * 2 / rate
-	if !isCloseTo(float64(d), expectTime, rateMargin) {
-		c.Fatalf("rate %g: got %g want %v", rate, float64(d), expectTime)
-	}
-}
-
-func (rateLimitSuite) TestNewWithRate(c *gc.C) {
-	for rate := float64(1); rate < 1e6; rate += 7 {
-		checkRate(c, rate)
-	}
-	for _, rate := range []float64{
-		1024 * 1024 * 1024,
-		1e-5,
-		0.9e-5,
-		0.5,
-		0.9,
-		0.9e8,
-		3e12,
-		4e18,
-	} {
-		checkRate(c, rate)
-		checkRate(c, rate/3)
-		checkRate(c, rate*1.3)
-	}
-}
-
-func BenchmarkWait(b *testing.B) {
-	tb := NewBucket(1, 16*1024)
-	for i := b.N - 1; i >= 0; i-- {
-		tb.Wait(1)
-	}
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/ratelimit/reader.go juju-core-2.0~beta12/src/github.com/juju/ratelimit/reader.go
--- juju-core-2.0~beta7/src/github.com/juju/ratelimit/reader.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/ratelimit/reader.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,51 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3 with static-linking exception.
-// See LICENCE file for details.
-
-package ratelimit
-
-import "io"
-
-type reader struct {
-	r      io.Reader
-	bucket *Bucket
-}
-
-// Reader returns a reader that is rate limited by
-// the given token bucket. Each token in the bucket
-// represents one byte.
-func Reader(r io.Reader, bucket *Bucket) io.Reader {
-	return &reader{
-		r:      r,
-		bucket: bucket,
-	}
-}
-
-func (r *reader) Read(buf []byte) (int, error) {
-	n, err := r.r.Read(buf)
-	if n <= 0 {
-		return n, err
-	}
-	r.bucket.Wait(int64(n))
-	return n, err
-}
-
-type writer struct {
-	w      io.Writer
-	bucket *Bucket
-}
-
-// Writer returns a reader that is rate limited by
-// the given token bucket. Each token in the bucket
-// represents one byte.
-func Writer(w io.Writer, bucket *Bucket) io.Writer {
-	return &writer{
-		w:      w,
-		bucket: bucket,
-	}
-}
-
-func (w *writer) Write(buf []byte) (int, error) {
-	w.bucket.Wait(int64(len(buf)))
-	return w.w.Write(buf)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/ratelimit/README.md juju-core-2.0~beta12/src/github.com/juju/ratelimit/README.md
--- juju-core-2.0~beta7/src/github.com/juju/ratelimit/README.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/ratelimit/README.md	1970-01-01 00:00:00.000000000 +0000
@@ -1,117 +0,0 @@
-# ratelimit
---
-    import "github.com/juju/ratelimit"
-
-The ratelimit package provides an efficient token bucket implementation. See
-http://en.wikipedia.org/wiki/Token_bucket.
-
-## Usage
-
-#### func  Reader
-
-```go
-func Reader(r io.Reader, bucket *Bucket) io.Reader
-```
-Reader returns a reader that is rate limited by the given token bucket. Each
-token in the bucket represents one byte.
-
-#### func  Writer
-
-```go
-func Writer(w io.Writer, bucket *Bucket) io.Writer
-```
-Writer returns a reader that is rate limited by the given token bucket. Each
-token in the bucket represents one byte.
-
-#### type Bucket
-
-```go
-type Bucket struct {
-}
-```
-
-Bucket represents a token bucket that fills at a predetermined rate. Methods on
-Bucket may be called concurrently.
-
-#### func  NewBucket
-
-```go
-func NewBucket(fillInterval time.Duration, capacity int64) *Bucket
-```
-NewBucket returns a new token bucket that fills at the rate of one token every
-fillInterval, up to the given maximum capacity. Both arguments must be positive.
-The bucket is initially full.
-
-#### func  NewBucketWithQuantum
-
-```go
-func NewBucketWithQuantum(fillInterval time.Duration, capacity, quantum int64) *Bucket
-```
-NewBucketWithQuantum is similar to NewBucket, but allows the specification of
-the quantum size - quantum tokens are added every fillInterval.
-
-#### func  NewBucketWithRate
-
-```go
-func NewBucketWithRate(rate float64, capacity int64) *Bucket
-```
-NewBucketWithRate returns a token bucket that fills the bucket at the rate of
-rate tokens per second up to the given maximum capacity. Because of limited
-clock resolution, at high rates, the actual rate may be up to 1% different from
-the specified rate.
-
-#### func (*Bucket) Rate
-
-```go
-func (tb *Bucket) Rate() float64
-```
-Rate returns the fill rate of the bucket, in tokens per second.
-
-#### func (*Bucket) Take
-
-```go
-func (tb *Bucket) Take(count int64) time.Duration
-```
-Take takes count tokens from the bucket without blocking. It returns the time
-that the caller should wait until the tokens are actually available.
-
-Note that if the request is irrevocable - there is no way to return tokens to
-the bucket once this method commits us to taking them.
-
-#### func (*Bucket) TakeAvailable
-
-```go
-func (tb *Bucket) TakeAvailable(count int64) int64
-```
-TakeAvailable takes up to count immediately available tokens from the bucket. It
-returns the number of tokens removed, or zero if there are no available tokens.
-It does not block.
-
-#### func (*Bucket) TakeMaxDuration
-
-```go
-func (tb *Bucket) TakeMaxDuration(count int64, maxWait time.Duration) (time.Duration, bool)
-```
-TakeMaxDuration is like Take, except that it will only take tokens from the
-bucket if the wait time for the tokens is no greater than maxWait.
-
-If it would take longer than maxWait for the tokens to become available, it does
-nothing and reports false, otherwise it returns the time that the caller should
-wait until the tokens are actually available, and reports true.
-
-#### func (*Bucket) Wait
-
-```go
-func (tb *Bucket) Wait(count int64)
-```
-Wait takes count tokens from the bucket, waiting until they are available.
-
-#### func (*Bucket) WaitMaxDuration
-
-```go
-func (tb *Bucket) WaitMaxDuration(count int64, maxWait time.Duration) bool
-```
-WaitMaxDuration is like Wait except that it will only take tokens from the
-bucket if it needs to wait for no greater than maxWait. It reports whether any
-tokens have been removed from the bucket If no tokens have been removed, it
-returns immediately.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/doc.go juju-core-2.0~beta12/src/github.com/juju/rfc/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+// The rfc package contains implementations of various industry
+// standards, e.g. protocol specifications in IETF RFCs.
+package rfc
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/LICENSE juju-core-2.0~beta12/src/github.com/juju/rfc/LICENSE
--- juju-core-2.0~beta7/src/github.com/juju/rfc/LICENSE	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,191 @@
+All files in this repository are licensed as follows. If you contribute
+to this repository, it is assumed that you license your contribution
+under the same license unless you state otherwise.
+
+All files Copyright (C) 2015 Canonical Ltd. unless otherwise specified in the file.
+
+This software is licensed under the LGPLv3, included below.
+
+As a special exception to the GNU Lesser General Public License version 3
+("LGPL3"), the copyright holders of this Library give you permission to
+convey to a third party a Combined Work that links statically or dynamically
+to this Library without providing any Minimal Corresponding Source or
+Minimal Application Code as set out in 4d or providing the installation
+information set out in section 4e, provided that you comply with the other
+provisions of LGPL3 and provided that you meet, for the Application the
+terms and conditions of the license(s) which apply to the Application.
+
+Except as stated in this special exception, the provisions of LGPL3 will
+continue to comply in full to this Library. If you modify this Library, you
+may apply this exception to your version of this Library, but you are not
+obliged to do so. If you do not wish to do so, delete this exception
+statement from your version. This exception does not (and cannot) modify any
+license terms which apply to the Application, with which you must still
+comply.
+
+
+                   GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+  This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+  0. Additional Definitions.
+
+  As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+  "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+  An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+  A "Combined Work" is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+  The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+  The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+  1. Exception to Section 3 of the GNU GPL.
+
+  You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+  2. Conveying Modified Versions.
+
+  If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+   a) under this License, provided that you make a good faith effort to
+   ensure that, in the event an Application does not supply the
+   function or data, the facility still operates, and performs
+   whatever part of its purpose remains meaningful, or
+
+   b) under the GNU GPL, with none of the additional permissions of
+   this License applicable to that copy.
+
+  3. Object Code Incorporating Material from Library Header Files.
+
+  The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+   a) Give prominent notice with each copy of the object code that the
+   Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the object code with a copy of the GNU GPL and this license
+   document.
+
+  4. Combined Works.
+
+  You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+   a) Give prominent notice with each copy of the Combined Work that
+   the Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
+   document.
+
+   c) For a Combined Work that displays copyright notices during
+   execution, include the copyright notice for the Library among
+   these notices, as well as a reference directing the user to the
+   copies of the GNU GPL and this license document.
+
+   d) Do one of the following:
+
+       0) Convey the Minimal Corresponding Source under the terms of this
+       License, and the Corresponding Application Code in a form
+       suitable for, and under terms that permit, the user to
+       recombine or relink the Application with a modified version of
+       the Linked Version to produce a modified Combined Work, in the
+       manner specified by section 6 of the GNU GPL for conveying
+       Corresponding Source.
+
+       1) Use a suitable shared library mechanism for linking with the
+       Library.  A suitable mechanism is one that (a) uses at run time
+       a copy of the Library already present on the user's computer
+       system, and (b) will operate properly with a modified version
+       of the Library that is interface-compatible with the Linked
+       Version.
+
+   e) Provide Installation Information, but only if you would otherwise
+   be required to provide such information under section 6 of the
+   GNU GPL, and only to the extent that such information is
+   necessary to install and execute a modified version of the
+   Combined Work produced by recombining or relinking the
+   Application with a modified version of the Linked Version. (If
+   you use option 4d0, the Installation Information must accompany
+   the Minimal Corresponding Source and Corresponding Application
+   Code. If you use option 4d1, you must provide the Installation
+   Information in the manner specified by section 6 of the GNU GPL
+   for conveying Corresponding Source.)
+
+  5. Combined Libraries.
+
+  You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+   a) Accompany the combined library with a copy of the same work based
+   on the Library, uncombined with any other library facilities,
+   conveyed under the terms of this License.
+
+   b) Give prominent notice with the combined library that part of it
+   is a work based on the Library, and explaining where to find the
+   accompanying uncombined form of the same work.
+
+  6. Revised Versions of the GNU Lesser General Public License.
+
+  The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+  Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+  If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/README.md juju-core-2.0~beta12/src/github.com/juju/rfc/README.md
--- juju-core-2.0~beta7/src/github.com/juju/rfc/README.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,5 @@
+juju/rfc
+============
+
+This package provides Go implementations of some IETF RFCs, as well as
+of other standards.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/client.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/client.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/client.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/client.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,137 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424
+
+import (
+	"crypto/tls"
+	"io"
+	"net"
+	"time"
+
+	"github.com/juju/errors"
+)
+
+const (
+	defaultSyslogTLSPort = "6514"
+)
+
+// Conn is the subset of net.Conn needed for a syslog client.
+type Conn interface {
+	io.Closer
+
+	// Write writes the message to the connection.
+	Write([]byte) (int, error)
+
+	// SetWriteDeadline sets the absolute time after which any write
+	// to the connection will time out.
+	SetWriteDeadline(time.Time) error
+}
+
+// DialFunc is a function that may be used to open a network connection.
+type DialFunc func(network, address string) (Conn, error)
+
+func dialTimeoutFunc(timeout time.Duration) DialFunc {
+	return func(network, address string) (Conn, error) {
+		return net.DialTimeout(network, address, timeout)
+	}
+}
+
+// TLSDialFunc returns a dial function that opens a TLS connection. If
+// the address passed to the returned func does not include a port then
+// the default syslog TLS port (6514) will be used.
+func TLSDialFunc(cfg *tls.Config, timeout time.Duration) (DialFunc, error) {
+	dial := func(network, address string) (Conn, error) {
+		if _, _, err := net.SplitHostPort(address); err != nil {
+			address = net.JoinHostPort(address, defaultSyslogTLSPort)
+		}
+		dialer := &net.Dialer{Timeout: timeout}
+		conn, err := tls.DialWithDialer(dialer, network, address, cfg)
+		if err != nil {
+			return nil, errors.Annotate(err, "dialing TLS")
+		}
+		return conn, nil
+	}
+	return dial, nil
+}
+
+// ClientConfig is the configuration for a syslog client.
+type ClientConfig struct {
+	// MaxSize is the maximum allowed size for syslog messages sent
+	// by the client. If not set then there is no maximum.
+	MaxSize int
+
+	// SendTImeout is the timeout that is used for each sent message.
+	SendTimeout time.Duration
+}
+
+// Client is a wrapper around a network connection to which syslog
+// messages will be sent.
+type Client struct {
+	maxSize int
+	timeout time.Duration
+	conn    Conn
+}
+
+// Open opens a syslog client to the given host address. If no dial
+// func is provided then net.Dial is used.
+func Open(host string, cfg ClientConfig, dial DialFunc) (*Client, error) {
+	if dial == nil {
+		dial = func(n, a string) (Conn, error) { return net.Dial(n, a) }
+	}
+	conn, err := dial("tcp", host)
+	if err != nil {
+		return nil, errors.Trace(err)
+	}
+
+	client := &Client{
+		maxSize: cfg.MaxSize,
+		timeout: cfg.SendTimeout,
+		conn:    conn,
+	}
+	return client, nil
+}
+
+// Close closes the client's underlying connection.
+func (client Client) Close() error {
+	err := client.conn.Close()
+	return errors.Trace(err)
+}
+
+// Send sends the syslog message over the client's connection.
+func (client Client) Send(msg Message) error {
+	data := client.serialize(msg)
+	if err := client.send(data); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
+
+func (client Client) serialize(msg Message) []byte {
+	msgStr := msg.String()
+	if client.maxSize > 0 && len(msgStr) > client.maxSize {
+		msgStr = msgStr[:client.maxSize]
+	}
+
+	switch client.conn.(type) {
+	case *net.TCPConn, *tls.Conn:
+		msgStr += "\n"
+	case *net.UDPConn:
+		// For now do nothing.
+	}
+	return []byte(msgStr)
+}
+
+func (client Client) send(msg []byte) error {
+	if client.timeout > 0 {
+		deadline := time.Now().Add(client.timeout)
+		if err := client.conn.SetWriteDeadline(deadline); err != nil {
+			return errors.Trace(err)
+		}
+	}
+
+	if _, err := client.conn.Write(msg); err != nil {
+		return errors.Trace(err)
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/client_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/client_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/client_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/client_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,128 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"time"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type ClientSuite struct {
+	testing.IsolationSuite
+
+	stub       *testing.Stub
+	conn       *stubConn
+	returnDial rfc5424.Conn
+}
+
+var _ = gc.Suite(&ClientSuite{})
+
+func (s *ClientSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+
+	s.stub = &testing.Stub{}
+	s.conn = &stubConn{stub: s.stub}
+	s.returnDial = s.conn
+}
+
+func (s *ClientSuite) dial(network, address string) (rfc5424.Conn, error) {
+	s.stub.AddCall("dial", network, address)
+	if err := s.stub.NextErr(); err != nil {
+		return nil, err
+	}
+
+	return s.returnDial, nil
+}
+
+func (s *ClientSuite) TestOpen(c *gc.C) {
+	var cfg rfc5424.ClientConfig
+
+	_, err := rfc5424.Open("a.b.c:1234", cfg, s.dial)
+
+	c.Check(err, jc.ErrorIsNil)
+	s.stub.CheckCallNames(c, "dial")
+	s.stub.CheckCall(c, 0, "dial", "tcp", "a.b.c:1234")
+}
+
+func (s *ClientSuite) TestClose(c *gc.C) {
+	var cfg rfc5424.ClientConfig
+	client, err := rfc5424.Open("a.b.c:1234", cfg, s.dial)
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.ResetCalls()
+
+	err = client.Close()
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "Close")
+}
+
+func (s *ClientSuite) TestSend(c *gc.C) {
+	cfg := rfc5424.ClientConfig{
+		MaxSize:     8192,
+		SendTimeout: 10 * time.Minute,
+	}
+	client, err := rfc5424.Open("a.b.c:1234", cfg, s.dial)
+	c.Assert(err, jc.ErrorIsNil)
+	s.stub.ResetCalls()
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 123).UTC()},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			newStubElement(&testing.Stub{}, "spam", "x=y"),
+		},
+		Msg: "a message",
+	}
+
+	err = client.Send(msg)
+	c.Assert(err, jc.ErrorIsNil)
+
+	s.stub.CheckCallNames(c, "SetWriteDeadline", "Write")
+}
+
+type stubConn struct {
+	stub *testing.Stub
+
+	ReturnWrite int
+}
+
+func (s *stubConn) Close() error {
+	s.stub.AddCall("Close")
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (s *stubConn) Write(data []byte) (int, error) {
+	s.stub.AddCall("Write", string(data))
+	if err := s.stub.NextErr(); err != nil {
+		return 0, err
+	}
+
+	return s.ReturnWrite, nil
+}
+
+func (s *stubConn) SetWriteDeadline(d time.Time) error {
+	s.stub.AddCall("SetWriteDeadline", d)
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/doc.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,7 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+// The rfc5424 package holds an implementation of a RFC 5424 syslog
+// client along with types and functions that facilitate complying
+// with the RFC.
+package rfc5424
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-appname_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-appname_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-appname_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-appname_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,76 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"strings"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type AppNameSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&AppNameSuite{})
+
+func (s *AppNameSuite) TestStringOkay(c *gc.C) {
+	appName := rfc5424.AppName("spam")
+
+	str := appName.String()
+
+	c.Check(str, gc.Equals, "spam")
+}
+
+func (s *AppNameSuite) TestStringZeroValue(c *gc.C) {
+	var appName rfc5424.AppName
+
+	str := appName.String()
+
+	c.Check(str, gc.Equals, "-")
+}
+
+func (s *AppNameSuite) TestValidateOkay(c *gc.C) {
+	appName := rfc5424.AppName("spam")
+
+	err := appName.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *AppNameSuite) TestValidateZeroValue(c *gc.C) {
+	var appName rfc5424.AppName
+
+	err := appName.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *AppNameSuite) TestValidateReserved(c *gc.C) {
+	appName := rfc5424.AppName("-")
+
+	err := appName.Validate()
+
+	c.Check(err, gc.ErrorMatches, `"-" is reserved`)
+}
+
+func (s *AppNameSuite) TestValidateBadASCII(c *gc.C) {
+	appName := rfc5424.AppName("spam\x09eggs")
+
+	err := appName.Validate()
+
+	c.Check(err, gc.ErrorMatches, `must be printable US ASCII \(\\x09 at pos 4\)`)
+}
+
+func (s *AppNameSuite) TestValidateTooBig(c *gc.C) {
+	appName := rfc5424.AppName(strings.Repeat("x", 49))
+
+	err := appName.Validate()
+
+	c.Check(err, gc.ErrorMatches, `too big \(max 48\)`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,231 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424
+
+import (
+	"fmt"
+	"net"
+	"time"
+)
+
+// ProtocolVersion is the syslog protocol version implemented in
+// this package.
+const ProtocolVersion = 1
+
+// Message holds a single RFC-5424 log record.
+//
+// See https://tools.ietf.org/html/rfc5424#section-6.
+type Message struct {
+	Header
+	StructuredData
+
+	// Msg is the record's UTF-8 message string.
+	Msg string
+}
+
+// String returns the RFC 5424 representation of the log record.
+func (m Message) String() string {
+	if m.Msg == "" {
+		return fmt.Sprintf("%s %s", m.Header, m.StructuredData)
+	}
+	return fmt.Sprintf("%s %s %s", m.Header, m.StructuredData, m.Msg)
+}
+
+// Validate ensures that the record is correct.
+func (m Message) Validate() error {
+	if err := m.Header.Validate(); err != nil {
+		return fmt.Errorf("bad Header: %v", err)
+	}
+	if err := m.StructuredData.Validate(); err != nil {
+		return fmt.Errorf("bad StructuredData: %v", err)
+	}
+	if err := validateUTF8(m.Msg); err != nil {
+		return fmt.Errorf("bad Msg: %v", err)
+	}
+	return nil
+}
+
+// Header holds the header portion of the log record.
+type Header struct {
+	Priority
+
+	// Timestamp indicates when the record was originally created.
+	Timestamp Timestamp
+
+	// Hostname identifies the machine that originally sent the
+	// syslog message.
+	Hostname Hostname
+
+	// AppName identifies the device or application that originated
+	// the syslog message.
+	AppName AppName
+
+	// ProcID is a value that is included in the message, having no
+	// interoperable meaning, except that a change in the value
+	// indicates there has been a discontinuity in syslog reporting.
+	// The field does not have any specific syntax or semantics; the
+	// value is implementation-dependent and/or operator-assigned.
+	ProcID ProcID
+
+	// MsgID identifies the type of message. Messages with the same
+	// MsgID should reflect events with the same semantics. The MSGID
+	// itself is a string without further semantics. It is intended
+	// for filtering messages on a relay or collector.
+	MsgID MsgID
+}
+
+// String returns an RFC 5424 representation of the header.
+func (h Header) String() string {
+	return fmt.Sprintf("%s%d %s %s %s %s %s", h.Priority, ProtocolVersion, h.Timestamp, h.Hostname, h.AppName, h.ProcID, h.MsgID)
+}
+
+// Validate ensures that the header is correct.
+func (h Header) Validate() error {
+	if err := h.Priority.Validate(); err != nil {
+		return fmt.Errorf("bad Priority: %v", err)
+	}
+	if err := h.Hostname.Validate(); err != nil {
+		return fmt.Errorf("bad Hostname: %v", err)
+	}
+	if err := h.AppName.Validate(); err != nil {
+		return fmt.Errorf("bad AppName: %v", err)
+	}
+	if err := h.ProcID.Validate(); err != nil {
+		return fmt.Errorf("bad ProcID: %v", err)
+	}
+	if err := h.MsgID.Validate(); err != nil {
+		return fmt.Errorf("bad MsgID: %v", err)
+	}
+	return nil
+}
+
+// Timestamp is an RFC 5424 timestamp.
+type Timestamp struct {
+	time.Time
+}
+
+// String returns the RFC 5424 representation of the timestamp. In
+// particular, this is RFC 3339 with some restrictions and a special
+// case of "-" for the zero value.
+func (t Timestamp) String() string { // essentially RFC 3339
+	if t.IsZero() {
+		return "-"
+	}
+	return t.Format(time.RFC3339Nano)
+}
+
+var zeroIP net.IP
+
+// Hostname hold the different possible values for an RFC 5424 value.
+// The first non-empty field is the one that gets used.
+type Hostname struct {
+	// FQDN is a fully-qualified domain name.
+	//
+	// See RFC 1034.
+	FQDN string
+
+	// StaticIP is a statically-assigned IP address.
+	//
+	// See RFC 1035 or 4291-2.2.
+	StaticIP net.IP
+
+	// Hostname is an unqualified host name.
+	Hostname string
+
+	// DyanmicIP is a dynamically-assigned IP address.
+	//
+	// See RFC 1035 or 4291-2.2.
+	DynamicIP net.IP
+}
+
+// String is the RFC 5424 representation of the hostname.
+func (h Hostname) String() string {
+	switch {
+	case h.FQDN != "":
+		return h.FQDN
+	case !h.StaticIP.Equal(zeroIP):
+		return h.StaticIP.String()
+	case h.Hostname != "":
+		return h.Hostname
+	case !h.DynamicIP.Equal(zeroIP):
+		return h.DynamicIP.String()
+	default:
+		return "-"
+	}
+}
+
+// Validate ensures that the hostname is correct.
+func (h Hostname) Validate() error {
+	switch {
+	case h.FQDN != "":
+		// TODO(ericsnow) finish
+	case !h.StaticIP.Equal(zeroIP):
+		// TODO(ericsnow) finish
+	case h.Hostname != "":
+		// TODO(ericsnow) finish
+	case !h.DynamicIP.Equal(zeroIP):
+		// TODO(ericsnow) finish
+	default:
+		return nil
+	}
+
+	return validatePrintUSASCII(h.String(), 255)
+}
+
+// AppName is the name of the originating app or device.
+type AppName string
+
+// String is the RFC 5424 representation of the app name.
+func (an AppName) String() string {
+	if len(an) == 0 {
+		return "-"
+	}
+	return string(an)
+}
+
+// Validate ensures the that app name is correct.
+func (an AppName) Validate() error {
+	if an == "-" {
+		return fmt.Errorf(`"-" is reserved`)
+	}
+	return validatePrintUSASCII(string(an), 48)
+}
+
+// ProcID identifies a group of syslog messages.
+type ProcID string
+
+// String is the RFC representation of the proc ID.
+func (pid ProcID) String() string {
+	if len(pid) == 0 {
+		return "-"
+	}
+	return string(pid)
+}
+
+// Validate ensures that the proc ID is correct.
+func (pid ProcID) Validate() error {
+	if pid == "-" {
+		return fmt.Errorf(`"-" is reserved`)
+	}
+	return validatePrintUSASCII(string(pid), 128)
+}
+
+// MsgID identifies a syslog message type.
+type MsgID string
+
+// String is the RFC representation of the message ID.
+func (mid MsgID) String() string {
+	if len(mid) == 0 {
+		return "-"
+	}
+	return string(mid)
+}
+
+// Validate ensures that the message ID is correct.
+func (mid MsgID) Validate() error {
+	if mid == "-" {
+		return fmt.Errorf(`"-" is reserved`)
+	}
+	return validatePrintUSASCII(string(mid), 32)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-header_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-header_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-header_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-header_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,180 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"time"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type HeaderSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&HeaderSuite{})
+
+func (s *HeaderSuite) TestStringFull(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.SeverityWarning,
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{time.Unix(54321, 123).UTC()},
+		Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+		AppName:   "an-app",
+		ProcID:    "119",
+		MsgID:     "xyz...",
+	}
+
+	str := header.String()
+
+	c.Check(str, gc.Equals, "<28>1 1970-01-01T15:05:21.000000123Z a.b.org an-app 119 xyz...")
+}
+
+func (s *HeaderSuite) TestStringZeroValue(c *gc.C) {
+	var header rfc5424.Header
+
+	str := header.String()
+
+	c.Check(str, gc.Equals, "<8>1 - - - - -")
+}
+
+func (s *HeaderSuite) TestValidateOkay(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.SeverityWarning,
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+		Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+		AppName:   "an-app",
+		ProcID:    "119",
+		MsgID:     "xyz...",
+	}
+
+	err := header.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HeaderSuite) TestValidateZeroValue(c *gc.C) {
+	var header rfc5424.Header
+
+	err := header.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HeaderSuite) TestValidateBadPriority(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.Severity(-1),
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+		Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+		AppName:   "an-app",
+		ProcID:    "119",
+		MsgID:     "xyz...",
+	}
+
+	err := header.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Priority: bad Severity: severity -1 not recognized`)
+}
+
+func (s *HeaderSuite) TestValidateEmptyTimestamp(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.SeverityWarning,
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{},
+		Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+		AppName:   "an-app",
+		ProcID:    "119",
+		MsgID:     "xyz...",
+	}
+
+	err := header.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HeaderSuite) TestValidateBadHostname(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.SeverityWarning,
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+		Hostname:  rfc5424.Hostname{FQDN: "\x09.b.org"},
+		AppName:   "an-app",
+		ProcID:    "119",
+		MsgID:     "xyz...",
+	}
+
+	err := header.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Hostname: must be printable US ASCII \(\\x09 at pos 0\)`)
+}
+
+func (s *HeaderSuite) TestValidateBadAppName(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.SeverityWarning,
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+		Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+		AppName:   "\x09",
+		ProcID:    "119",
+		MsgID:     "xyz...",
+	}
+
+	err := header.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad AppName: must be printable US ASCII \(\\x09 at pos 0\)`)
+}
+
+func (s *HeaderSuite) TestValidateBadProcID(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.SeverityWarning,
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+		Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+		AppName:   "an-app",
+		ProcID:    "\x09",
+		MsgID:     "xyz...",
+	}
+
+	err := header.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad ProcID: must be printable US ASCII \(\\x09 at pos 0\)`)
+}
+
+func (s *HeaderSuite) TestValidateBadMsgID(c *gc.C) {
+	header := rfc5424.Header{
+		Priority: rfc5424.Priority{
+			Severity: rfc5424.SeverityWarning,
+			Facility: rfc5424.FacilityDaemon,
+		},
+		Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+		Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+		AppName:   "an-app",
+		ProcID:    "119",
+		MsgID:     "\x09",
+	}
+
+	err := header.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad MsgID: must be printable US ASCII \(\\x09 at pos 0\)`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-hostname_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-hostname_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-hostname_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-hostname_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,143 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"net"
+	"strings"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type HostnameSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&HostnameSuite{})
+
+func (s *HostnameSuite) TestStringFQDN(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		FQDN:      "a.b.org",
+		StaticIP:  net.ParseIP("10.3.2.1"),
+		Hostname:  "a",
+		DynamicIP: net.ParseIP("2001:4860:0:2001::68"),
+	}
+
+	str := hostname.String()
+
+	c.Check(str, gc.Equals, "a.b.org")
+}
+
+func (s *HostnameSuite) TestStringStaticIP(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		StaticIP:  net.ParseIP("10.3.2.1"),
+		Hostname:  "a",
+		DynamicIP: net.ParseIP("2001:4860:0:2001::68"),
+	}
+
+	str := hostname.String()
+
+	c.Check(str, gc.Equals, "10.3.2.1")
+}
+
+func (s *HostnameSuite) TestStringHostname(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		Hostname:  "a",
+		DynamicIP: net.ParseIP("2001:4860:0:2001::68"),
+	}
+
+	str := hostname.String()
+
+	c.Check(str, gc.Equals, "a")
+}
+
+func (s *HostnameSuite) TestStringDynamicIP(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		DynamicIP: net.ParseIP("2001:4860:0:2001::68"),
+	}
+
+	str := hostname.String()
+
+	c.Check(str, gc.Equals, "2001:4860:0:2001::68")
+}
+
+func (s *HostnameSuite) TestStringZeroValue(c *gc.C) {
+	var hostname rfc5424.Hostname
+
+	str := hostname.String()
+
+	c.Check(str, gc.Equals, "-")
+}
+
+func (s *HostnameSuite) TestValidateFQDNOkay(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		FQDN: "a.b.org",
+	}
+
+	err := hostname.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HostnameSuite) TestValidateStaticIPOkay(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		StaticIP: net.ParseIP("10.3.2.1"),
+	}
+
+	err := hostname.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HostnameSuite) TestValidateHostnameOkay(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		Hostname: "a",
+	}
+
+	err := hostname.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HostnameSuite) TestValidateDynamicIPOkay(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		DynamicIP: net.ParseIP("2001:4860:0:2001::68"),
+	}
+
+	err := hostname.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HostnameSuite) TestValidateZeroValue(c *gc.C) {
+	var hostname rfc5424.Hostname
+
+	err := hostname.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *HostnameSuite) TestValidateBadASCII(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		Hostname: "\x09",
+	}
+
+	err := hostname.Validate()
+
+	c.Check(err, gc.ErrorMatches, `must be printable US ASCII \(\\x09 at pos 0\)`)
+}
+
+func (s *HostnameSuite) TestValidateTooBig(c *gc.C) {
+	hostname := rfc5424.Hostname{
+		Hostname: strings.Repeat("x", 256),
+	}
+
+	err := hostname.Validate()
+
+	c.Check(err, gc.ErrorMatches, `too big \(max 255\)`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-msgid_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-msgid_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-msgid_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-msgid_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,76 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"strings"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type MsgIDSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&MsgIDSuite{})
+
+func (s *MsgIDSuite) TestStringOkay(c *gc.C) {
+	msgID := rfc5424.MsgID("spam")
+
+	str := msgID.String()
+
+	c.Check(str, gc.Equals, "spam")
+}
+
+func (s *MsgIDSuite) TestStringZeroValue(c *gc.C) {
+	var msgID rfc5424.MsgID
+
+	str := msgID.String()
+
+	c.Check(str, gc.Equals, "-")
+}
+
+func (s *MsgIDSuite) TestValidateOkay(c *gc.C) {
+	msgID := rfc5424.MsgID("spam")
+
+	err := msgID.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *MsgIDSuite) TestValidateZeroValue(c *gc.C) {
+	var msgID rfc5424.MsgID
+
+	err := msgID.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *MsgIDSuite) TestValidateReserved(c *gc.C) {
+	msgID := rfc5424.MsgID("-")
+
+	err := msgID.Validate()
+
+	c.Check(err, gc.ErrorMatches, `"-" is reserved`)
+}
+
+func (s *MsgIDSuite) TestValidateBadASCII(c *gc.C) {
+	msgID := rfc5424.MsgID("spam\x09eggs")
+
+	err := msgID.Validate()
+
+	c.Check(err, gc.ErrorMatches, `must be printable US ASCII \(\\x09 at pos 4\)`)
+}
+
+func (s *MsgIDSuite) TestValidateTooBig(c *gc.C) {
+	msgID := rfc5424.MsgID(strings.Repeat("x", 33))
+
+	err := msgID.Validate()
+
+	c.Check(err, gc.ErrorMatches, `too big \(max 32\)`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-procid_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-procid_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-procid_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-procid_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,76 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"strings"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type ProcIDSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&ProcIDSuite{})
+
+func (s *ProcIDSuite) TestStringOkay(c *gc.C) {
+	procID := rfc5424.ProcID("spam")
+
+	str := procID.String()
+
+	c.Check(str, gc.Equals, "spam")
+}
+
+func (s *ProcIDSuite) TestStringZeroValue(c *gc.C) {
+	var procID rfc5424.ProcID
+
+	str := procID.String()
+
+	c.Check(str, gc.Equals, "-")
+}
+
+func (s *ProcIDSuite) TestValidateOkay(c *gc.C) {
+	procID := rfc5424.ProcID("spam")
+
+	err := procID.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *ProcIDSuite) TestValidateZeroValue(c *gc.C) {
+	var procID rfc5424.ProcID
+
+	err := procID.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *ProcIDSuite) TestValidateReserved(c *gc.C) {
+	procID := rfc5424.ProcID("-")
+
+	err := procID.Validate()
+
+	c.Check(err, gc.ErrorMatches, `"-" is reserved`)
+}
+
+func (s *ProcIDSuite) TestValidateBadASCII(c *gc.C) {
+	procID := rfc5424.ProcID("spam\x09eggs")
+
+	err := procID.Validate()
+
+	c.Check(err, gc.ErrorMatches, `must be printable US ASCII \(\\x09 at pos 4\)`)
+}
+
+func (s *ProcIDSuite) TestValidateTooBig(c *gc.C) {
+	procID := rfc5424.ProcID(strings.Repeat("x", 129))
+
+	err := procID.Validate()
+
+	c.Check(err, gc.ErrorMatches, `too big \(max 128\)`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,188 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type MessageSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&MessageSuite{})
+
+func (s *MessageSuite) TestStringFull(c *gc.C) {
+	stub := &testing.Stub{}
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 123).UTC()},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			newStubElement(stub, "spam", "x=y"),
+		},
+		Msg: "a message",
+	}
+
+	str := msg.String()
+
+	c.Check(str, gc.Equals, `<28>1 1970-01-01T15:05:21.000000123Z a.b.org an-app 119 xyz... [spam x="y"] a message`)
+}
+
+func (s *MessageSuite) TestStringZeroValue(c *gc.C) {
+	var msg rfc5424.Message
+
+	str := msg.String()
+
+	c.Check(str, gc.Equals, "<8>1 - - - - - -")
+}
+
+func (s *MessageSuite) TestValidateOkay(c *gc.C) {
+	stub := &testing.Stub{}
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			newStubElement(stub, "spam", "x=y"),
+		},
+		Msg: "a message",
+	}
+
+	err := msg.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *MessageSuite) TestValidateZeroValue(c *gc.C) {
+	var msg rfc5424.Message
+
+	err := msg.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *MessageSuite) TestValidateBadHeader(c *gc.C) {
+	stub := &testing.Stub{}
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.Severity(-1),
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			newStubElement(stub, "spam", "x=y"),
+		},
+		Msg: "a message",
+	}
+
+	err := msg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Header: bad Priority: bad Severity: severity -1 not recognized`)
+}
+
+func (s *MessageSuite) TestValidateBadStructuredData(c *gc.C) {
+	stub := &testing.Stub{}
+	stub.SetErrors(fmt.Errorf("<invalid>"))
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			newStubElement(stub, "spam", "x=y"),
+		},
+		Msg: "a message",
+	}
+
+	err := msg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad StructuredData: element 0 not valid: <invalid>`)
+}
+
+func (s *MessageSuite) TestValidateEmptyMessage(c *gc.C) {
+	stub := &testing.Stub{}
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			newStubElement(stub, "spam", "x=y"),
+		},
+		Msg: "",
+	}
+
+	err := msg.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *MessageSuite) TestValidateBadMessage(c *gc.C) {
+	stub := &testing.Stub{}
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 0)},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			newStubElement(stub, "spam", "x=y"),
+		},
+		Msg: invalidUTF8,
+	}
+
+	err := msg.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Msg: invalid UTF-8`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-timestamp_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-timestamp_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/message-timestamp_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/message-timestamp_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,51 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"time"
+
+	"github.com/juju/testing"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type TimestampSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&TimestampSuite{})
+
+func (s *TimestampSuite) TestStringOkay(c *gc.C) {
+	ts := rfc5424.Timestamp{time.Unix(54321, 123).UTC()}
+
+	str := ts.String()
+
+	c.Check(str, gc.Equals, "1970-01-01T15:05:21.000000123Z")
+}
+
+func (s *TimestampSuite) TestStringNoNano(c *gc.C) {
+	ts := rfc5424.Timestamp{time.Unix(54321, 0).UTC()}
+
+	str := ts.String()
+
+	c.Check(str, gc.Equals, "1970-01-01T15:05:21Z")
+}
+
+func (s *TimestampSuite) TestStringTimezone(c *gc.C) {
+	ts := rfc5424.Timestamp{time.Unix(54321, 123).In(time.FixedZone("MST", -7*60*60))}
+
+	str := ts.String()
+
+	c.Check(str, gc.Equals, "1970-01-01T08:05:21.000000123-07:00")
+}
+
+func (s *TimestampSuite) TestStringZeroValue(c *gc.C) {
+	var ts rfc5424.Timestamp
+
+	str := ts.String()
+
+	c.Check(str, gc.Equals, "-")
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/package_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority-facility_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority-facility_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority-facility_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority-facility_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,90 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"fmt"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type FacilitySuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&FacilitySuite{})
+
+func (s *FacilitySuite) TestString(c *gc.C) {
+}
+
+func (s *FacilitySuite) TestValidateSupported(c *gc.C) {
+	facilities := []rfc5424.Facility{
+		rfc5424.FacilityKern,
+		rfc5424.FacilityUser,
+		rfc5424.FacilityMail,
+		rfc5424.FacilityDaemon,
+		rfc5424.FacilityAuth,
+		rfc5424.FacilitySyslog,
+		rfc5424.FacilityLPR,
+		rfc5424.FacilityNews,
+		rfc5424.FacilityUUCP,
+		rfc5424.FacilityCron,
+		rfc5424.FacilityAuthpriv,
+		rfc5424.FacilityFTP,
+		rfc5424.FacilityNTP,
+		rfc5424.FacilityLocal0,
+		rfc5424.FacilityLocal1,
+		rfc5424.FacilityLocal2,
+		rfc5424.FacilityLocal3,
+		rfc5424.FacilityLocal4,
+		rfc5424.FacilityLocal5,
+		rfc5424.FacilityLocal6,
+		rfc5424.FacilityLocal7,
+	}
+	for i, fac := range facilities {
+		c.Logf("trying #%d: %s", i, fac)
+
+		err := fac.Validate()
+
+		c.Check(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *FacilitySuite) TestValidateHidden(c *gc.C) {
+	facilities := []rfc5424.Facility{
+		rfc5424.Facility(14),
+		rfc5424.Facility(15),
+		rfc5424.Facility(16),
+	}
+	for i, fac := range facilities {
+		c.Logf("trying #%d: %s", i, fac)
+
+		err := fac.Validate()
+
+		c.Check(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *FacilitySuite) TestValidateZeroValue(c *gc.C) {
+	var fac rfc5424.Facility
+
+	err := fac.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *FacilitySuite) TestValidateUnsupported(c *gc.C) {
+	for i, val := range []int{-1, 25, 1000} {
+		c.Logf("trying #%d: %d", i, val)
+		fac := rfc5424.Facility(val)
+
+		err := fac.Validate()
+
+		c.Check(err, gc.ErrorMatches, fmt.Sprintf(`facility %d not recognized`, val))
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,228 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424
+
+import (
+	"fmt"
+)
+
+// These are the supported logging severity levels.
+const (
+	SeverityEmergency Severity = iota
+	SeverityAlert
+	SeverityCrit
+	SeverityError
+	SeverityWarning
+	SeverityNotice
+	SeverityInformational
+	SeverityDebug
+
+	severityTooLarge
+)
+
+// These are the supported logging facilities.
+const (
+	facilityDefault Facility = iota
+
+	FacilityKern
+	FacilityUser // default
+	FacilityMail
+	FacilityDaemon
+	FacilityAuth
+	FacilitySyslog
+	FacilityLPR
+	FacilityNews
+	FacilityUUCP
+	FacilityCron
+	FacilityAuthpriv
+	FacilityFTP
+	FacilityNTP
+
+	facilityLogAudit
+	facilityLogAlert
+	facilityCron2
+
+	FacilityLocal0
+	FacilityLocal1
+	FacilityLocal2
+	FacilityLocal3
+	FacilityLocal4
+	FacilityLocal5
+	FacilityLocal6
+	FacilityLocal7
+
+	facilityTooLarge
+)
+
+// Priority identifies the importance of a log record.
+type Priority struct {
+	// Severity is the criticality of the log record.
+	Severity Severity
+
+	// Facility is the system component for which the log record
+	// was created.
+	Facility Facility
+}
+
+// ParsePriority converts a priority string back into a Priority.
+func ParsePriority(str string) (Priority, error) {
+	var code int
+	if _, err := fmt.Sscanf(str, "<%d>", &code); err != nil {
+		return Priority{}, err
+	}
+	p := decodePriority(code)
+	return p, p.Validate()
+}
+
+// String returns the RFC 5424 representation of the priority.
+func (p Priority) String() string {
+	return fmt.Sprintf("<%d>", p.encode())
+}
+
+func (p Priority) encode() int {
+	return p.Facility.encode()<<3 + p.Severity.encode()
+}
+
+func decodePriority(code int) Priority {
+	return Priority{
+		Severity: decodeSeverity(code & 0x07),
+		Facility: decodeFacility(code >> 3),
+	}
+}
+
+// Validated ensures that the priority is correct.
+func (p Priority) Validate() error {
+	if err := p.Severity.Validate(); err != nil {
+		return fmt.Errorf("bad Severity: %v", err)
+	}
+	if err := p.Facility.Validate(); err != nil {
+		return fmt.Errorf("bad Facility: %v", err)
+	}
+	return nil
+}
+
+// Severity is the criticality of the log record.
+type Severity int
+
+func (s Severity) encode() int {
+	return int(s)
+}
+
+func decodeSeverity(code int) Severity {
+	// The relationship between the code and the Severity's actual
+	// underlying value is an implementation detail that we hide here.
+	// It so happens that currently each Severity matches its code
+	// exactly.
+	return Severity(code)
+}
+
+// String returns the name of the severity.
+func (s Severity) String() string {
+	switch s {
+	case SeverityEmergency:
+		return "EMERGENCY"
+	case SeverityAlert:
+		return "ALERT"
+	case SeverityCrit:
+		return "CRIT"
+	case SeverityError:
+		return "ERROR"
+	case SeverityWarning:
+		return "WARNING"
+	case SeverityNotice:
+		return "NOTICE"
+	case SeverityInformational:
+		return "INFO"
+	case SeverityDebug:
+		return "DEBUG"
+	default:
+		return fmt.Sprintf("Severity %d", int(s))
+	}
+}
+
+// Validate ensures that the severity is correct. This will fail only
+// in cases where an unsupported int is converted into a Severity.
+func (s Severity) Validate() error {
+	if s < 0 || s >= severityTooLarge {
+		return fmt.Errorf("severity %d not recognized", s)
+	}
+	return nil
+}
+
+// Facility is the system component for which the log record
+// was created.
+type Facility int
+
+// String returns the name of the facility.
+func (f Facility) String() string {
+	if f == facilityDefault {
+		f = FacilityUser
+	}
+	switch f {
+	case FacilityKern:
+		return "KERN"
+	case FacilityUser:
+		return "USER"
+	case FacilityMail:
+		return "MAIL"
+	case FacilityDaemon:
+		return "DAEMON"
+	case FacilityAuth:
+		return "AUTH"
+	case FacilitySyslog:
+		return "SYSLOG"
+	case FacilityLPR:
+		return "LPR"
+	case FacilityNews:
+		return "NEWS"
+	case FacilityUUCP:
+		return "UUCP"
+	case FacilityCron:
+		return "CRON"
+	case FacilityAuthpriv:
+		return "AUTHPRIV"
+	case FacilityFTP:
+		return "FTP"
+	case FacilityLocal0:
+		return "LOCAL0"
+	case FacilityLocal1:
+		return "LOCAL1"
+	case FacilityLocal2:
+		return "LOCAL2"
+	case FacilityLocal3:
+		return "LOCAL3"
+	case FacilityLocal4:
+		return "LOCAL4"
+	case FacilityLocal5:
+		return "LOCAL5"
+	case FacilityLocal6:
+		return "LOCAL6"
+	case FacilityLocal7:
+		return "LOCAL7"
+	default:
+		return fmt.Sprintf("Facility %d", int(f))
+	}
+}
+
+func (f Facility) encode() int {
+	if f == facilityDefault {
+		f = FacilityUser
+	}
+	return int(f) - 1
+}
+
+func decodeFacility(code int) Facility {
+	return Facility(code + 1)
+}
+
+// Validate ensures that the facility is correct.
+func (f Facility) Validate() error {
+	if f == facilityDefault {
+		return nil
+	}
+	if f < 0 || f >= facilityTooLarge {
+		return fmt.Errorf("facility %d not recognized", f)
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority-severity_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority-severity_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority-severity_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority-severity_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,62 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"fmt"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type SeveritySuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&SeveritySuite{})
+
+func (s *SeveritySuite) TestString(c *gc.C) {
+}
+
+func (s *SeveritySuite) TestValidateSupported(c *gc.C) {
+	severities := []rfc5424.Severity{
+		rfc5424.SeverityEmergency,
+		rfc5424.SeverityAlert,
+		rfc5424.SeverityCrit,
+		rfc5424.SeverityError,
+		rfc5424.SeverityWarning,
+		rfc5424.SeverityNotice,
+		rfc5424.SeverityInformational,
+		rfc5424.SeverityDebug,
+	}
+	for i, sev := range severities {
+		c.Logf("trying #%d: %s", i, sev)
+
+		err := sev.Validate()
+
+		c.Check(err, jc.ErrorIsNil)
+	}
+}
+
+func (s *SeveritySuite) TestValidateZeroValue(c *gc.C) {
+	var sev rfc5424.Severity
+
+	err := sev.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *SeveritySuite) TestValidateUnsupported(c *gc.C) {
+	for i, val := range []int{-1, 8, 1000} {
+		c.Logf("trying #%d: %d", i, val)
+		sev := rfc5424.Severity(val)
+
+		err := sev.Validate()
+
+		c.Check(err, gc.ErrorMatches, fmt.Sprintf(`severity %d not recognized`, val))
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/priority_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/priority_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,130 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type PrioritySuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&PrioritySuite{})
+
+func (s *PrioritySuite) TestParsePriority(c *gc.C) {
+	p, err := rfc5424.ParsePriority("<28>")
+	c.Assert(err, jc.ErrorIsNil)
+
+	c.Check(p, jc.DeepEquals, rfc5424.Priority{
+		Severity: rfc5424.SeverityWarning,
+		Facility: rfc5424.FacilityDaemon,
+	})
+}
+
+func (s *PrioritySuite) TestStringFull(c *gc.C) {
+	pr := rfc5424.Priority{
+		Severity: rfc5424.SeverityWarning,
+		Facility: rfc5424.FacilityDaemon,
+	}
+
+	str := pr.String()
+
+	c.Check(str, gc.Equals, "<28>") // 3<<3 + 4
+}
+
+func (s *PrioritySuite) TestStringZeroValue(c *gc.C) {
+	var pr rfc5424.Priority
+
+	str := pr.String()
+
+	c.Check(str, gc.Equals, "<8>") // 1<<3 + 0
+}
+
+func (s *PrioritySuite) TestStringDefaultSeverity(c *gc.C) {
+	pr := rfc5424.Priority{
+		Facility: rfc5424.FacilityDaemon,
+	}
+
+	str := pr.String()
+
+	c.Check(str, gc.Equals, "<24>") // 3<<3 + 0
+}
+
+func (s *PrioritySuite) TestStringDefaultFacility(c *gc.C) {
+	pr := rfc5424.Priority{
+		Severity: rfc5424.SeverityWarning,
+	}
+
+	str := pr.String()
+
+	c.Check(str, gc.Equals, "<12>") // 1<<3 + 4
+}
+
+func (s *PrioritySuite) TestStringKernDebug(c *gc.C) {
+	pr := rfc5424.Priority{
+		Severity: rfc5424.SeverityDebug,
+		Facility: rfc5424.FacilityKern,
+	}
+
+	str := pr.String()
+
+	c.Check(str, gc.Equals, "<7>") // 0<<3 + 7
+}
+
+func (s *PrioritySuite) TestStringKernEmergency(c *gc.C) {
+	pr := rfc5424.Priority{
+		Severity: rfc5424.SeverityEmergency,
+		Facility: rfc5424.FacilityKern,
+	}
+
+	str := pr.String()
+
+	c.Check(str, gc.Equals, "<0>") // 0<<3 + 0
+}
+
+func (s *PrioritySuite) TestValidateOkay(c *gc.C) {
+	pr := rfc5424.Priority{
+		Severity: rfc5424.SeverityWarning,
+		Facility: rfc5424.FacilityDaemon,
+	}
+
+	err := pr.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *PrioritySuite) TestValidateZeroValue(c *gc.C) {
+	var pr rfc5424.Priority
+
+	err := pr.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *PrioritySuite) TestValidateBadSeverity(c *gc.C) {
+	pr := rfc5424.Priority{
+		Severity: -1,
+		Facility: rfc5424.FacilityDaemon,
+	}
+
+	err := pr.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Severity: severity -1 not recognized`)
+}
+
+func (s *PrioritySuite) TestValidateBadFacility(c *gc.C) {
+	pr := rfc5424.Priority{
+		Severity: rfc5424.SeverityWarning,
+		Facility: -1,
+	}
+
+	err := pr.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Facility: facility -1 not recognized`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/doc.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,5 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+// Package rc5424test provides utilities for testing RFC 5424.
+package rfc5424test
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/package_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424test_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/server.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/server.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/server.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/server.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,149 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424test
+
+import (
+	"bufio"
+	"crypto/tls"
+	"fmt"
+	"net"
+	"sync"
+)
+
+// Handler defines an interface for handling RFC5424 messages.
+type Handler interface {
+	HandleSyslog(Message Message)
+}
+
+// HandlerFunc is a Handler that is implemented as a function.
+type HandlerFunc func(Message)
+
+func (f HandlerFunc) HandleSyslog(m Message) {
+	f(m)
+}
+
+// Message contains the content and origin address of an RFC5424 message.
+type Message struct {
+	RemoteAddr string
+	Message    string
+}
+
+// Server is a server for testing the receipt of RFC5424 messages.
+type Server struct {
+	Listener net.Listener
+	TLS      *tls.Config
+	handler  Handler
+
+	mu       sync.Mutex
+	wg       sync.WaitGroup
+	listener net.Listener // Listener, or Listener wrapped with TLS
+	closed   bool
+	conns    []net.Conn
+}
+
+// NewServer creates a new Server which will invoke the given Handler
+// for received messages. The server will listen for connections on
+// localhost, on an ephemeral port. The listening address can be
+// obtained by inspecting the Server's Listener field.
+//
+// The Server returned will not listen for connections until Start
+// is called.
+func NewServer(handler Handler) *Server {
+	l, err := net.Listen("tcp", "127.0.0.1:0")
+	if err != nil {
+		panic(fmt.Sprintf("NewServer: %v", err))
+	}
+	return &Server{Listener: l, handler: handler}
+}
+
+// Start starts the server listening for client connections.
+func (s *Server) Start() {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if s.closed {
+		panic("Start: server already closed")
+	}
+	if s.listener != nil {
+		panic("Start: server already started")
+	}
+	s.listener = s.Listener
+	s.goServe()
+}
+
+// StartTLS starts the server listening for client connections
+// using TLS.
+func (s *Server) StartTLS() {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if s.closed {
+		panic("StartTLS: server already closed")
+	}
+	if s.listener != nil {
+		panic("StartTLS: server already started")
+	}
+	if s.TLS == nil || len(s.TLS.Certificates) == 0 {
+		panic("no certificates specified")
+	}
+	s.listener = tls.NewListener(s.Listener, s.TLS)
+	s.goServe()
+}
+
+// Close closes any client connections, and stops the server from accepting
+// any new ones.
+func (s *Server) Close() {
+	s.mu.Lock()
+	defer s.wg.Wait()
+	defer s.mu.Unlock()
+	if !s.closed {
+		s.closed = true
+		if s.listener != nil {
+			s.listener.Close()
+			for _, conn := range s.conns {
+				conn.Close()
+			}
+		}
+	}
+}
+
+func (s *Server) goServe() {
+	s.wg.Add(1)
+	go func() {
+		defer s.wg.Done()
+		s.serve()
+	}()
+}
+
+func (s *Server) serve() {
+	defer s.listener.Close()
+	for {
+		conn, err := s.listener.Accept()
+		if err != nil {
+			return
+		}
+		s.wg.Add(1)
+		go func() {
+			defer s.wg.Done()
+			defer conn.Close()
+			s.mu.Lock()
+			if !s.closed {
+				s.conns = append(s.conns, conn)
+				defer s.serveConn(conn)
+			}
+			s.mu.Unlock()
+		}()
+	}
+}
+
+func (s *Server) serveConn(conn net.Conn) {
+	remoteAddr := conn.RemoteAddr().String()
+	scanner := bufio.NewScanner(conn)
+	for scanner.Scan() {
+		text := scanner.Text()
+		message := Message{
+			RemoteAddr: remoteAddr,
+			Message:    text,
+		}
+		s.handler.HandleSyslog(message)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/server_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/server_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/rfc5424test/server_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/rfc5424test/server_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,100 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424test_test
+
+import (
+	"net"
+	"time"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+	"github.com/juju/rfc/rfc5424/rfc5424test"
+)
+
+type ServerSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&ServerSuite{})
+
+func (s *ServerSuite) SetUpTest(c *gc.C) {
+	s.IsolationSuite.SetUpTest(c)
+}
+
+func (s *ServerSuite) TestSend(c *gc.C) {
+	received := make(chan rfc5424test.Message, 1)
+	server := rfc5424test.NewServer(rfc5424test.HandlerFunc(func(msg rfc5424test.Message) {
+		received <- msg
+	}))
+	server.Start()
+	defer server.Close()
+
+	cfg := rfc5424.ClientConfig{
+		MaxSize:     8192,
+		SendTimeout: time.Minute,
+	}
+	var clientAddr net.Addr
+	netDial := func(network, address string) (rfc5424.Conn, error) {
+		conn, err := net.Dial(network, address)
+		clientAddr = conn.LocalAddr()
+		return conn, err
+	}
+	client, err := rfc5424.Open(server.Listener.Addr().String(), cfg, netDial)
+	c.Assert(err, jc.ErrorIsNil)
+
+	msg := rfc5424.Message{
+		Header: rfc5424.Header{
+			Priority: rfc5424.Priority{
+				Severity: rfc5424.SeverityWarning,
+				Facility: rfc5424.FacilityDaemon,
+			},
+			Timestamp: rfc5424.Timestamp{time.Unix(54321, 123).UTC()},
+			Hostname:  rfc5424.Hostname{FQDN: "a.b.org"},
+			AppName:   "an-app",
+			ProcID:    "119",
+			MsgID:     "xyz...",
+		},
+		StructuredData: rfc5424.StructuredData{
+			fakeStructuredDataElement{"sde0"},
+			fakeStructuredDataElement{"sde1"},
+		},
+		Msg: "a message",
+	}
+
+	err = client.Send(msg)
+	c.Assert(err, jc.ErrorIsNil)
+	err = client.Close()
+	c.Assert(err, jc.ErrorIsNil)
+
+	select {
+	case msg, ok := <-received:
+		c.Assert(ok, jc.IsTrue)
+		c.Assert(msg.RemoteAddr, gc.Equals, clientAddr.String())
+		c.Assert(msg.Message, gc.Equals, `<28>1 1970-01-01T15:05:21.000000123Z a.b.org an-app 119 xyz... [sde0 abc="123" def="456"][sde1 abc="123" def="456"] a message`)
+	case <-time.After(10 * time.Second):
+		c.Fatal("timed out waiting for message")
+	}
+}
+
+type fakeStructuredDataElement struct {
+	id rfc5424.StructuredDataName
+}
+
+func (f fakeStructuredDataElement) ID() rfc5424.StructuredDataName {
+	return f.id
+}
+
+func (fakeStructuredDataElement) Params() []rfc5424.StructuredDataParam {
+	return []rfc5424.StructuredDataParam{
+		{"abc", "123"},
+		{"def", "456"},
+	}
+}
+
+func (fakeStructuredDataElement) Validate() error {
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/doc.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/doc.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/doc.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,6 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+// The sdelements package holds the implementations of the different
+// RFC 5424 structured data elements.
+package sdelements
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/origin.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/origin.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/origin.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/origin.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,156 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package sdelements
+
+import (
+	"fmt"
+	"net"
+	"reflect"
+	"strings"
+	"unicode/utf8"
+
+	"github.com/juju/version"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+const (
+	originSoftwareMax = 48 // UTF-8 characters
+	originVersionMax  = 32 // UTF-8 characters
+)
+
+// Origin is an IANA-registered structured data element that provides
+// extra information about where a log message came from.
+//
+// See https://tools.ietf.org/html/rfc5424#section-7.2.
+type Origin struct {
+	// IPs lists extra IP addresses (in addition to the hostname).
+	IPs []net.IP // RFC 1035/4291
+
+	// EnterpriseID is the IANA-registered PEN (or sub-code) associated
+	// with the identified software.
+	EnterpriseID OriginEnterpriseID // RFC 2578
+
+	// SoftwareName identifies the software that originated the record.
+	SoftwareName string
+
+	// SoftwareVersion is the software's version.
+	SoftwareVersion version.Number
+}
+
+// ID returns the SD-ID for this element.
+func (origin Origin) ID() rfc5424.StructuredDataName {
+	return "origin"
+}
+
+// Params returns the []SD-PARAM for this element.
+func (origin Origin) Params() []rfc5424.StructuredDataParam {
+	var params []rfc5424.StructuredDataParam
+
+	for _, ip := range origin.IPs {
+		params = append(params, rfc5424.StructuredDataParam{
+			Name:  "ip",
+			Value: rfc5424.StructuredDataParamValue(ip.String()),
+		})
+	}
+
+	enterpriseID := origin.EnterpriseID.String()
+	if enterpriseID != "" {
+		params = append(params, rfc5424.StructuredDataParam{
+			Name:  "enterpriseID",
+			Value: rfc5424.StructuredDataParamValue(enterpriseID),
+		})
+	}
+
+	if origin.SoftwareName != "" {
+		params = append(params, rfc5424.StructuredDataParam{
+			Name:  "sofware",
+			Value: rfc5424.StructuredDataParamValue(origin.SoftwareName),
+		})
+	}
+
+	if origin.SoftwareVersion != version.Zero {
+		params = append(params, rfc5424.StructuredDataParam{
+			Name:  "swVersion",
+			Value: rfc5424.StructuredDataParamValue(origin.SoftwareVersion.String()),
+		})
+	}
+
+	return params
+}
+
+// Validate ensures that the element is correct.
+func (origin Origin) Validate() error {
+	// Any IPs is fine.
+
+	if origin.EnterpriseID.isZero() {
+		if origin.SoftwareName != "" {
+			return fmt.Errorf("empty EnterpriseID")
+		}
+	} else {
+		if err := origin.EnterpriseID.Validate(); err != nil {
+			return fmt.Errorf("bad EnterpriseID: %v", err)
+		}
+	}
+
+	if origin.SoftwareName == "" {
+		if origin.SoftwareVersion == version.Zero {
+			return fmt.Errorf("empty SoftwareName")
+		}
+	} else {
+		size := utf8.RuneCountInString(origin.SoftwareName)
+		if size > originSoftwareMax {
+			return fmt.Errorf("SoftwareName too big (%d UTF-8 > %d max)", size, originSoftwareMax)
+		}
+	}
+
+	if origin.SoftwareVersion != version.Zero {
+		size := utf8.RuneCountInString(origin.SoftwareVersion.String())
+		if size > originVersionMax {
+			return fmt.Errorf("SoftwareVersion too big (%d UTF-8 > %d max)", size, originVersionMax)
+		}
+	}
+
+	return nil
+}
+
+// OriginEnterpriseID is the PEN (or subtree) for the origin software.
+type OriginEnterpriseID struct {
+	// Number is the PEN.
+	Number PrivateEnterpriseNumber
+
+	// SubTree is the path on the subtree from the PEN. The sub-tree
+	// should be registered with the IANA.
+	SubTree []int
+}
+
+func (eid OriginEnterpriseID) isZero() bool {
+	var zeroValue OriginEnterpriseID
+	return reflect.DeepEqual(eid, zeroValue)
+}
+
+func (eid OriginEnterpriseID) path() []string {
+	path := make([]string, len(eid.SubTree)+1)
+	path[0] = eid.Number.String()
+	for i := len(eid.SubTree) - 1; i > 1; i-- {
+		path = append(path, fmt.Sprint(eid.SubTree[i]))
+	}
+	return path
+}
+
+// String returns the string representation of the ID.
+func (eid OriginEnterpriseID) String() string {
+	return strings.Join(eid.path(), ".")
+}
+
+// Validate ensures that the ID is correct.
+func (eid OriginEnterpriseID) Validate() error {
+	for i, num := range eid.SubTree {
+		if num <= 0 {
+			fmt.Errorf("Subtree[%d] must be positive integer", i)
+		}
+	}
+
+	return eid.Number.Validate()
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/package_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/package_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,14 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package sdelements_test
+
+import (
+	"testing"
+
+	gc "gopkg.in/check.v1"
+)
+
+func TestAll(t *testing.T) {
+	gc.TestingT(t)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/private.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/private.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/sdelements/private.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/sdelements/private.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,91 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package sdelements
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+// Private is a custom structured data element associated with an
+// IANA-registered Private Enterprise Number.
+//
+// See https://tools.ietf.org/html/rfc5424#section-6.3.1 and
+// http://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml.
+type Private struct {
+	// Name is the custom name for this SD element, relative to PEN.
+	Name rfc5424.StructuredDataName
+
+	// PEN is the IANA-registered Private Enterprise Number, with an
+	// implicit SMI Network Management code prefixed by
+	// "iso.org.dod.internet.private.enterprise".
+	PEN PrivateEnterpriseNumber
+
+	// Data is the multi-set of data items associated with this SD
+	// element. The PEN's org should ensure that the format is
+	// sufficiently well-communicated.
+	Data []rfc5424.StructuredDataParam
+}
+
+// ID returns the SD-ID for this element.
+func (sde Private) ID() rfc5424.StructuredDataName {
+	return rfc5424.StructuredDataName(fmt.Sprintf("%s@%s", sde.Name, sde.PEN))
+}
+
+// Params returns the []SD-PARAM for this element.
+func (sde Private) Params() []rfc5424.StructuredDataParam {
+	params := make([]rfc5424.StructuredDataParam, len(sde.Data))
+	copy(params, sde.Data)
+	return params
+}
+
+// Validate ensures that the element is correct.
+func (sde Private) Validate() error {
+	if sde.Name == "" {
+		return fmt.Errorf("empty Name")
+	}
+	if strings.Contains(string(sde.Name), "@") {
+		return fmt.Errorf(`invalid char in %q`, sde.Name)
+	}
+	if err := sde.Name.Validate(); err != nil {
+		return fmt.Errorf("invalid Name %q: %v", sde.Name, err)
+	}
+
+	if sde.PEN <= 0 {
+		return fmt.Errorf("empty PEN")
+	}
+	if err := sde.PEN.Validate(); err != nil {
+		return fmt.Errorf("invalid PEN %q: %v", sde.PEN, err)
+	}
+
+	for i, param := range sde.Data {
+		if err := param.Validate(); err != nil {
+			return fmt.Errorf("param %d not valid: %v", i, err)
+		}
+	}
+
+	// TODO(ericsnow) ensure PEN matches origin.EnterpriseID (if any)
+	return nil
+}
+
+// PrivateEnterpriseNumber is an IANA-registered positive integer that
+// publicly identifies a specific organization.
+//
+// See http://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml.
+type PrivateEnterpriseNumber int
+
+// String returns the string representation of the PEN.
+func (pen PrivateEnterpriseNumber) String() string {
+	return fmt.Sprint(int(pen))
+}
+
+// Validate ensures that the number is correct.
+func (pen PrivateEnterpriseNumber) Validate() error {
+	if pen <= 0 { // 0 is reserved
+		fmt.Errorf("must be positive integer")
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,146 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424
+
+import (
+	"fmt"
+	"strings"
+)
+
+// StructuredData holds the structured data of a log record, if any.
+type StructuredData []StructuredDataElement
+
+// String returns the RFC 5424 representation of the structured data.
+func (sd StructuredData) String() string {
+	if len(sd) == 0 {
+		return "-"
+	}
+
+	elems := make([]string, len(sd))
+	for i, elem := range sd {
+		elems[i] = structuredDataElementString(elem)
+	}
+	return strings.Join(elems, "")
+}
+
+// Validate ensures that the structured data is correct.
+func (sd StructuredData) Validate() error {
+	for i, elem := range sd {
+		if err := structuredDataElementValidate(elem); err != nil {
+			return fmt.Errorf("element %d not valid: %v", i, err)
+		}
+	}
+	return nil
+}
+
+// StructuredDataElement, AKA "SD-ELEMENT", provides the functionality
+// that StructuredData needs from each of its elements.
+type StructuredDataElement interface {
+	// ID returns the "SD-ID" for the element.
+	ID() StructuredDataName
+
+	// Params returns all the elements items (if any), in order.
+	Params() []StructuredDataParam
+
+	// Validate ensures that the element is correct.
+	Validate() error
+}
+
+func structuredDataElementString(sde StructuredDataElement) string {
+	params := sde.Params()
+	if len(params) == 0 {
+		return fmt.Sprintf("[%s]", sde.ID())
+	}
+
+	paramStrs := make([]string, len(params))
+	for i, param := range params {
+		paramStrs[i] = param.String()
+	}
+	return fmt.Sprintf("[%s %s]", sde.ID(), strings.Join(paramStrs, " "))
+}
+
+func structuredDataElementValidate(sde StructuredDataElement) error {
+	if err := sde.Validate(); err != nil {
+		return err
+	}
+
+	id := sde.ID()
+	if id == "" {
+		return fmt.Errorf("empty ID")
+	}
+	if err := id.Validate(); err != nil {
+		return fmt.Errorf("invalid ID %q: %v", id, err)
+	}
+
+	for i, param := range sde.Params() {
+		if err := param.Validate(); err != nil {
+			return fmt.Errorf("param %d not valid: %v", i, err)
+		}
+	}
+
+	return nil
+}
+
+// StructuredDataName is a single name used in an element or its params.
+type StructuredDataName string
+
+// Validate ensures that the name is correct.
+func (sdn StructuredDataName) Validate() error {
+	if sdn == "" {
+		return fmt.Errorf("empty name")
+	}
+	if strings.ContainsAny(string(sdn), `= ]"`) {
+		return fmt.Errorf(`invalid character`)
+	}
+	return validatePrintUSASCII(string(sdn), 32)
+}
+
+// StructuredDataParam, AKA "SD-PARAM", is a single item in an element's list.
+type StructuredDataParam struct {
+	// Name identifies the item relative to an element. Note that an
+	// element may have more than one item with the same name.
+	Name StructuredDataName
+
+	// Value is the value associated with the item.
+	Value StructuredDataParamValue
+}
+
+// String returns the RFC 5424 representation of the item.
+func (sdp StructuredDataParam) String() string {
+	return fmt.Sprintf("%s=%q", sdp.Name, sdp.Value)
+}
+
+// Validated ensures that the item is correct.
+func (sdp StructuredDataParam) Validate() error {
+	if sdp.Name == "" {
+		return fmt.Errorf("empty Name")
+	}
+	if err := sdp.Name.Validate(); err != nil {
+		return fmt.Errorf("bad Name %q: %v", sdp.Name, err)
+	}
+
+	if err := sdp.Value.Validate(); err != nil {
+		return fmt.Errorf("bad Value for %q (%s): %v", sdp.Name, sdp.Value, err)
+	}
+
+	return nil
+}
+
+// StructuredDataParamValue is the value of a single element item.
+type StructuredDataParamValue string // RFC 3629
+
+// String returns the RFC 5424 representation of the value. In
+// particular, it escapes \, ", and ].
+func (sdv StructuredDataParamValue) String() string {
+	str := string(sdv)
+	for _, char := range []string{`\`, `"`, `]`} {
+		str = strings.Replace(str, char, `\`+char, -1)
+	}
+	return str
+}
+
+// Validate ensures that the value is correct.
+func (sdv StructuredDataParamValue) Validate() error {
+	return validateUTF8(string(sdv))
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata-name_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata-name_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata-name_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata-name_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,63 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"strings"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type StructuredDataNameSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&StructuredDataNameSuite{})
+
+func (s *StructuredDataNameSuite) TestValidateOkay(c *gc.C) {
+	name := rfc5424.StructuredDataName("spam")
+
+	err := name.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataNameSuite) TestValidateZeroValue(c *gc.C) {
+	var name rfc5424.StructuredDataName
+
+	err := name.Validate()
+
+	c.Check(err, gc.ErrorMatches, `empty name`)
+}
+
+func (s *StructuredDataNameSuite) TestValidateUnsupportedChar(c *gc.C) {
+	for i, char := range []string{"=", " ", "]", `"`} {
+		c.Logf("trying #%d: %q", i, char)
+		name := rfc5424.StructuredDataName("spam" + char)
+
+		err := name.Validate()
+
+		c.Check(err, gc.ErrorMatches, `invalid character`)
+	}
+}
+
+func (s *StructuredDataNameSuite) TestValidateBadASCII(c *gc.C) {
+	name := rfc5424.StructuredDataName("\x09")
+
+	err := name.Validate()
+
+	c.Check(err, gc.ErrorMatches, `must be printable US ASCII \(\\x09 at pos 0\)`)
+}
+
+func (s *StructuredDataNameSuite) TestValidateTooBig(c *gc.C) {
+	name := rfc5424.StructuredDataName(strings.Repeat("x", 33))
+
+	err := name.Validate()
+
+	c.Check(err, gc.ErrorMatches, `too big \(max 32\)`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata-param_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata-param_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata-param_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata-param_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,124 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type StructuredDataParamSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&StructuredDataParamSuite{})
+
+func (s *StructuredDataParamSuite) TestStringFull(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "spam",
+		Value: "a value",
+	}
+
+	str := param.String()
+
+	c.Check(str, gc.Equals, `spam="a value"`)
+}
+
+func (s *StructuredDataParamSuite) TestStringZeroValue(c *gc.C) {
+	var param rfc5424.StructuredDataParam
+
+	str := param.String()
+
+	c.Check(str, gc.Equals, `=""`)
+}
+
+func (s *StructuredDataParamSuite) TestStringEmptyName(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "",
+		Value: "a value",
+	}
+
+	str := param.String()
+
+	c.Check(str, gc.Equals, `="a value"`)
+}
+
+func (s *StructuredDataParamSuite) TestStringEmptyValue(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "spam",
+		Value: "",
+	}
+
+	str := param.String()
+
+	c.Check(str, gc.Equals, `spam=""`)
+}
+
+func (s *StructuredDataParamSuite) TestValidateOkay(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "spam",
+		Value: "a value",
+	}
+
+	err := param.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataParamSuite) TestValidateZeroValue(c *gc.C) {
+	var param rfc5424.StructuredDataParam
+
+	err := param.Validate()
+
+	c.Check(err, gc.NotNil)
+}
+
+func (s *StructuredDataParamSuite) TestValidateEmptyName(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "",
+		Value: "a value",
+	}
+
+	err := param.Validate()
+
+	c.Check(err, gc.ErrorMatches, `empty Name`)
+}
+
+func (s *StructuredDataParamSuite) TestValidateBadName(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "spam=",
+		Value: "a value",
+	}
+
+	err := param.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Name "spam=": invalid character`)
+}
+
+func (s *StructuredDataParamSuite) TestValidateEmptyValue(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "spam",
+		Value: "",
+	}
+
+	err := param.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataParamSuite) TestValidateBadValue(c *gc.C) {
+	param := rfc5424.StructuredDataParam{
+		Name:  "spam",
+		Value: invalidUTF8,
+	}
+
+	err := param.Validate()
+
+	c.Check(err, gc.ErrorMatches, `bad Value for "spam" (.*): invalid UTF-8`)
+}
+
+const invalidUTF8 = "\xc3\x28"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,211 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type StructuredDataSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&StructuredDataSuite{})
+
+func (s *StructuredDataSuite) TestStringOne(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "x=y"),
+	}
+
+	str := sd.String()
+
+	c.Check(str, gc.Equals, `[spam x="y"]`)
+}
+
+func (s *StructuredDataSuite) TestStringMultiple(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "question=???"),
+		newStubElement(stub, "eggs", "foo=bar"),
+		newStubElement(stub, "spam", "answer=42"),
+		newStubElement(stub, "ham", "foo=baz & bam"),
+	}
+
+	str := sd.String()
+
+	c.Check(str, gc.Equals, `[spam question="???"][eggs foo="bar"][spam answer="42"][ham foo="baz & bam"]`)
+}
+
+func (s *StructuredDataSuite) TestStringZeroValue(c *gc.C) {
+	var sd rfc5424.StructuredData
+
+	str := sd.String()
+
+	c.Check(str, gc.Equals, "-")
+}
+
+func (s *StructuredDataSuite) TestStringNoID(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "", "x=y"),
+	}
+
+	str := sd.String()
+
+	c.Check(str, gc.Equals, `[ x="y"]`)
+}
+
+func (s *StructuredDataSuite) TestStringNoParams(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam"),
+	}
+
+	str := sd.String()
+
+	c.Check(str, gc.Equals, `[spam]`)
+}
+
+func (s *StructuredDataSuite) TestStringMultipleParams(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "x=y", "w=z"),
+	}
+
+	str := sd.String()
+
+	c.Check(str, gc.Equals, `[spam x="y" w="z"]`)
+}
+
+func (s *StructuredDataSuite) TestValidateOne(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "x=y"),
+	}
+
+	err := sd.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataSuite) TestValidateMultiple(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "question=???"),
+		newStubElement(stub, "eggs", "foo=bar"),
+		newStubElement(stub, "spam", "answer=42"),
+		newStubElement(stub, "ham", "foo=baz & bam"),
+	}
+
+	err := sd.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataSuite) TestValidateZeroValue(c *gc.C) {
+	var sd rfc5424.StructuredData
+
+	err := sd.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataSuite) TestValidateBadElementInvalid(c *gc.C) {
+	stub := &testing.Stub{}
+	failure := fmt.Errorf("<invalid>")
+	stub.SetErrors(failure)
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "x=y"),
+	}
+
+	err := sd.Validate()
+
+	c.Check(err, gc.ErrorMatches, `element 0 not valid: <invalid>`)
+}
+
+func (s *StructuredDataSuite) TestValidateBadElementEmptyID(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "", "x=y"),
+	}
+
+	err := sd.Validate()
+
+	c.Check(err, gc.ErrorMatches, `element 0 not valid: empty ID`)
+}
+
+func (s *StructuredDataSuite) TestValidateBadElementBadID(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "x=y"),
+		newStubElement(stub, "=eggs", "foo=bar"),
+	}
+
+	err := sd.Validate()
+
+	c.Check(err, gc.ErrorMatches, `element 1 not valid: invalid ID "=eggs": invalid character`)
+}
+
+func (s *StructuredDataSuite) TestValidateBadElementBadParam(c *gc.C) {
+	stub := &testing.Stub{}
+	sd := rfc5424.StructuredData{
+		newStubElement(stub, "spam", "foo=", "=y"),
+	}
+
+	err := sd.Validate()
+
+	c.Check(err, gc.ErrorMatches, `element 0 not valid: param 1 not valid: empty Name`)
+}
+
+type stubElement struct {
+	stub *testing.Stub
+
+	ReturnID     rfc5424.StructuredDataName
+	ReturnParams []rfc5424.StructuredDataParam
+}
+
+func newStubElement(stub *testing.Stub, id string, paramStrs ...string) *stubElement {
+	params := make([]rfc5424.StructuredDataParam, len(paramStrs))
+	for i, str := range paramStrs {
+		parts := strings.SplitN(str, "=", 2)
+		params[i].Name = rfc5424.StructuredDataName(parts[0])
+		params[i].Value = rfc5424.StructuredDataParamValue(parts[1])
+	}
+
+	return &stubElement{
+		stub:         stub,
+		ReturnID:     rfc5424.StructuredDataName(id),
+		ReturnParams: params,
+	}
+}
+func (s *stubElement) ID() rfc5424.StructuredDataName {
+	s.stub.AddCall("ID")
+	s.stub.NextErr() // pop one off
+
+	return s.ReturnID
+}
+
+func (s *stubElement) Params() []rfc5424.StructuredDataParam {
+	s.stub.AddCall("Params")
+	s.stub.NextErr() // pop one off
+
+	return s.ReturnParams
+}
+
+func (s *stubElement) Validate() error {
+	s.stub.AddCall("Validate")
+	if err := s.stub.NextErr(); err != nil {
+		return err
+	}
+
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata-value_test.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata-value_test.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/structureddata-value_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/structureddata-value_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,69 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424_test
+
+import (
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/rfc/rfc5424"
+)
+
+type StructuredDataParamValueSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&StructuredDataParamValueSuite{})
+
+func (s *StructuredDataParamValueSuite) TestStringOkay(c *gc.C) {
+	val := rfc5424.StructuredDataParamValue("a value")
+
+	str := val.String()
+
+	c.Check(str, gc.Equals, "a value")
+}
+
+func (s *StructuredDataParamValueSuite) TestStringZeroValue(c *gc.C) {
+	var val rfc5424.StructuredDataParamValue
+
+	str := val.String()
+
+	c.Check(str, gc.Equals, "")
+}
+
+func (s *StructuredDataParamValueSuite) TestStringEscaped(c *gc.C) {
+	for i, char := range []string{`"`, `\`, "]"} {
+		c.Logf("trying #%d: %q", i, char)
+		val := rfc5424.StructuredDataParamValue("a value" + char)
+
+		str := val.String()
+
+		c.Check(str, gc.Equals, `a value\`+char)
+	}
+}
+
+func (s *StructuredDataParamValueSuite) TestValidateOkay(c *gc.C) {
+	val := rfc5424.StructuredDataParamValue("a value")
+
+	err := val.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataParamValueSuite) TestValidateZeroValue(c *gc.C) {
+	var val rfc5424.StructuredDataParamValue
+
+	err := val.Validate()
+
+	c.Check(err, jc.ErrorIsNil)
+}
+
+func (s *StructuredDataParamValueSuite) TestValidateBadUTF8(c *gc.C) {
+	val := rfc5424.StructuredDataParamValue(invalidUTF8)
+
+	err := val.Validate()
+
+	c.Check(err, gc.ErrorMatches, `invalid UTF-8`)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/util.go juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/util.go
--- juju-core-2.0~beta7/src/github.com/juju/rfc/rfc5424/util.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/rfc/rfc5424/util.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,32 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package rfc5424
+
+import (
+	"fmt"
+	"unicode/utf8"
+)
+
+func validatePrintUSASCII(val string, size int) error { // RFC 5234
+	if len(val) > size {
+		return fmt.Errorf("too big (max %d)", size)
+	}
+	for i, c := range val {
+		if c < 33 || c > 126 {
+			return fmt.Errorf("must be printable US ASCII (\\x%02x at pos %d)", c, i)
+		}
+	}
+	return nil
+}
+
+func validateUTF8(val string) error {
+	for len(val) > 0 {
+		r, size := utf8.DecodeRuneInString(val)
+		if r == utf8.RuneError {
+			return fmt.Errorf("invalid UTF-8")
+		}
+		val = val[size:]
+	}
+	return nil
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/api/budget/api.go juju-core-2.0~beta12/src/github.com/juju/romulus/api/budget/api.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/api/budget/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/api/budget/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -100,9 +100,9 @@
 // UpdateAllocation updates the allocation associated with the specified service with new limit.
 func (c *client) UpdateAllocation(model, service, limit string) (string, error) {
 	create := wireformat.UpdateAllocationRequest{
-		Limit:   limit,
-		Model:   model,
-		Service: service,
+		Limit:       limit,
+		Model:       model,
+		Application: service,
 	}
 	var response string
 	err := c.doRequest(create, &response)
@@ -110,10 +110,10 @@
 }
 
 // DeleteAllocation deletes the allocation associated with the specified service.
-func (c *client) DeleteAllocation(model, service string) (string, error) {
+func (c *client) DeleteAllocation(model, application string) (string, error) {
 	create := wireformat.DeleteAllocationRequest{
-		Model:   model,
-		Service: service,
+		Model:       model,
+		Application: application,
 	}
 	var response string
 	err := c.doRequest(create, &response)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/api/terms/api.go juju-core-2.0~beta12/src/github.com/juju/romulus/api/terms/api.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/api/terms/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/api/terms/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,6 +12,7 @@
 	"io/ioutil"
 	"net/http"
 	"net/url"
+	"os"
 	"time"
 
 	"github.com/juju/errors"
@@ -113,13 +114,21 @@
 	return c, nil
 }
 
+func getBaseURL() string {
+	baseURL := BaseURL
+	if termsURL := os.Getenv("JUJU_TERMS"); termsURL != "" {
+		baseURL = termsURL
+	}
+	return baseURL
+}
+
 // GetUnsignedTerms returns the default plan for the specified charm.
 func (c *client) GetUnsignedTerms(p *CheckAgreementsRequest) ([]GetTermsResponse, error) {
 	values := url.Values{}
 	for _, t := range p.Terms {
 		values.Add("Terms", t)
 	}
-	u := fmt.Sprintf("%s/agreement?%s", BaseURL, values.Encode())
+	u := fmt.Sprintf("%s/agreement?%s", getBaseURL(), values.Encode())
 	req, err := http.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -148,7 +157,7 @@
 
 // SaveAgreements saves a user agreement to the specificed terms document.
 func (c *client) SaveAgreement(p *SaveAgreements) (*SaveAgreementResponses, error) {
-	u := fmt.Sprintf("%s/agreement", BaseURL)
+	u := fmt.Sprintf("%s/agreement", getBaseURL())
 	req, err := http.NewRequest("POST", u, nil)
 	if err != nil {
 		return nil, errors.Trace(err)
@@ -181,7 +190,7 @@
 
 // GetUsersAgreements returns all agreements the user has made.
 func (c *client) GetUsersAgreements() ([]AgreementResponse, error) {
-	u := fmt.Sprintf("%s/agreements", BaseURL)
+	u := fmt.Sprintf("%s/agreements", getBaseURL())
 	req, err := http.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, errors.Trace(err)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/api/terms/api_test.go juju-core-2.0~beta12/src/github.com/juju/romulus/api/terms/api_test.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/api/terms/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/api/terms/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	stdtesting "testing"
 	"time"
 
+	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
@@ -127,12 +128,86 @@
 	c.Assert(err, gc.ErrorMatches, "failed to get unsigned terms: Not Found: something failed")
 }
 
+func (s *apiSuite) TestSignedAgreementsEnvTermsURL(c *gc.C) {
+	cleanup := testing.PatchEnvironment("JUJU_TERMS", "http://example.com")
+	defer cleanup()
+
+	t := time.Now().UTC()
+	s.httpClient.status = http.StatusOK
+	s.httpClient.SetBody(c, []terms.AgreementResponse{
+		{
+			User:      "test-user",
+			Term:      "hello-world-terms",
+			Revision:  1,
+			CreatedOn: t,
+		},
+		{
+			User:      "test-user",
+			Term:      "hello-universe-terms",
+			Revision:  42,
+			CreatedOn: t,
+		},
+	})
+	_, err := s.client.GetUsersAgreements()
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.httpClient.Calls(), gc.HasLen, 1)
+	s.httpClient.CheckCall(c, 0, "Do", "http://example.com/agreements")
+}
+
+func (s *apiSuite) TestUnsignedTermsEnvTermsURL(c *gc.C) {
+	cleanup := testing.PatchEnvironment("JUJU_TERMS", "http://example.com")
+	defer cleanup()
+
+	s.httpClient.status = http.StatusOK
+	s.httpClient.SetBody(c, []terms.GetTermsResponse{
+		{
+			Name:     "hello-world-terms",
+			Revision: 1,
+			Content:  "terms doc content",
+		},
+		{
+			Name:     "hello-universe-terms",
+			Revision: 1,
+			Content:  "universal terms doc content",
+		},
+	})
+	_, err := s.client.GetUnsignedTerms(&terms.CheckAgreementsRequest{
+		Terms: []string{
+			"hello-world-terms/1",
+			"hello-universe-terms/1",
+		},
+	})
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.httpClient.Calls(), gc.HasLen, 1)
+	s.httpClient.CheckCall(c, 0, "Do", "http://example.com/agreement?Terms=hello-world-terms%2F1&Terms=hello-universe-terms%2F1")
+	s.httpClient.ResetCalls()
+}
+
+func (s *apiSuite) TestSaveAgreementEnvTermsURL(c *gc.C) {
+	cleanup := testing.PatchEnvironment("JUJU_TERMS", "http://example.com")
+	defer cleanup()
+
+	s.httpClient.status = http.StatusOK
+	s.httpClient.SetBody(c, terms.SaveAgreementResponses{})
+	p1 := &terms.SaveAgreements{
+		Agreements: []terms.SaveAgreement{{
+			TermName:     "hello-world-terms",
+			TermRevision: 1,
+		}}}
+	_, err := s.client.SaveAgreement(p1)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(s.httpClient.Calls(), gc.HasLen, 1)
+	s.httpClient.CheckCall(c, 0, "DoWithBody", "http://example.com/agreement")
+}
+
 type mockHttpClient struct {
+	testing.Stub
 	status int
 	body   []byte
 }
 
 func (m *mockHttpClient) Do(req *http.Request) (*http.Response, error) {
+	m.AddCall("Do", req.URL.String())
 	return &http.Response{
 		Status:     http.StatusText(m.status),
 		StatusCode: m.status,
@@ -144,6 +219,7 @@
 }
 
 func (m *mockHttpClient) DoWithBody(req *http.Request, body io.ReadSeeker) (*http.Response, error) {
+	m.AddCall("DoWithBody", req.URL.String())
 	return &http.Response{
 		Status:     http.StatusText(m.status),
 		StatusCode: m.status,
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/agree/agree.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/agree/agree.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/agree/agree.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/agree/agree.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,14 +33,15 @@
 Once you have agreed to terms, you will not be prompted to view them again.
 
 Examples:
+    # Displays terms for somePlan revision 1 and prompts for agreement.
+    juju agree somePlan/1
 
- juju agree somePlan/1
-     Displays terms for somePlan revision 1 and prompts for agreement.
- juju agree somePlan/1 otherPlan/2
-     Displays the terms for revision 1 of somePlan, revision 2 of otherPlan,
-     and prompts for agreement.
- juju agree somePlan/1 otherPlan/2 --yes
-     Agrees to the terms without prompting.
+    # Displays the terms for revision 1 of somePlan, revision 2 of otherPlan,
+    # and prompts for agreement.
+    juju agree somePlan/1 otherPlan/2
+
+    # Agrees to the terms without prompting.
+    juju agree somePlan/1 otherPlan/2 --yes
 `
 
 // NewAgreeCommand returns a new command that can be
@@ -66,7 +67,7 @@
 
 // SetFlags implements Command.SetFlags.
 func (c *agreeCommand) SetFlags(f *gnuflag.FlagSet) {
-	f.BoolVar(&c.SkipTermContent, "yes", false, "agree to terms non interactively")
+	f.BoolVar(&c.SkipTermContent, "yes", false, "Agree to terms non interactively")
 	c.out.AddFlags(f, "json", cmd.DefaultFormatters)
 }
 
@@ -75,7 +76,7 @@
 	return &cmd.Info{
 		Name:    "agree",
 		Args:    "<term>",
-		Purpose: "agree to terms",
+		Purpose: "Agree to terms.",
 		Doc:     agreeDoc,
 	}
 }
@@ -222,6 +223,7 @@
 	}
 	buffer := bytes.NewReader([]byte(output))
 	less := exec.Command("less")
+	less.Args = []string{"less", "-P", "Press 'q' to quit after you've read the terms."}
 	less.Stdout = ctx.Stdout
 	less.Stdin = buffer
 	err := less.Run()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/allocate/allocate.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/allocate/allocate.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/allocate/allocate.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/allocate/allocate.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,9 +8,12 @@
 	"regexp"
 	"strings"
 
+	"launchpad.net/gnuflag"
+
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
 	"github.com/juju/juju/cmd/modelcmd"
+	"github.com/juju/utils"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 
 	api "github.com/juju/romulus/api/budget"
@@ -20,11 +23,11 @@
 
 type allocateCommand struct {
 	modelcmd.ModelCommandBase
-	api      apiClient
-	Budget   string
-	Model    string
-	Services []string
-	Limit    string
+	api       apiClient
+	Budget    string
+	ModelUUID string
+	Services  []string
+	Limit     string
 }
 
 // NewAllocateCommand returns a new allocateCommand
@@ -33,24 +36,33 @@
 }
 
 const doc = `
-Allocate budget for the specified services, replacing any prior allocations
-made for the specified services.
-
-Usage:
-
- juju allocate <budget>:<value> <service> [<service2> ...]
+Allocate budget for the specified applications, replacing any prior allocations
+made for the specified applications.
 
-Example:
+Examples:
+    # Assigns application "db" to an allocation on budget "somebudget" with
+    # the limit "42".
+    juju allocate somebudget:42 db
+
+    # Application names assume the current selected model, unless otherwise
+    # specified with:
+    juju allocate -m [<controller name:]<model name> ...
 
- juju allocate somebudget:42 db
-     Assigns service "db" to an allocation on budget "somebudget" with the limit "42".
+    # Models may also be referenced by UUID when necessary:
+     juju allocate --model-uuid <uuid> ...
 `
 
+// SetFlags implements cmd.Command.SetFlags.
+func (c *allocateCommand) SetFlags(f *gnuflag.FlagSet) {
+	f.StringVar(&c.ModelUUID, "model-uuid", "", "Model UUID of allocation")
+}
+
 // Info implements cmd.Command.Info.
 func (c *allocateCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "allocate",
-		Purpose: "allocate budget to services",
+		Args:    "<budget>:<value> <application> [<application2> ...]",
+		Purpose: "Allocate budget to applications.",
 		Doc:     doc,
 	}
 }
@@ -58,17 +70,23 @@
 // Init implements cmd.Command.Init.
 func (c *allocateCommand) Init(args []string) error {
 	if len(args) < 2 {
-		return errors.New("budget and service name required")
+		return errors.New("budget and application name required")
 	}
 	budgetWithLimit := args[0]
 	var err error
 	c.Budget, c.Limit, err = parseBudgetWithLimit(budgetWithLimit)
 	if err != nil {
-		return err
+		return errors.Annotate(err, `expected args in the form "budget:limit [application ...]"`)
 	}
-	c.Model, err = c.modelUUID()
-	if err != nil {
-		return err
+	if c.ModelUUID == "" {
+		c.ModelUUID, err = c.modelUUID()
+		if err != nil {
+			return err
+		}
+	} else {
+		if !utils.IsValidUUIDString(c.ModelUUID) {
+			return errors.NotValidf("model UUID %q", c.ModelUUID)
+		}
 	}
 
 	c.Services = args[1:]
@@ -85,7 +103,7 @@
 	if err != nil {
 		return errors.Annotate(err, "failed to create an api client")
 	}
-	resp, err := api.CreateAllocation(c.Budget, c.Limit, c.Model, c.Services)
+	resp, err := api.CreateAllocation(c.Budget, c.Limit, c.ModelUUID, c.Services)
 	if err != nil {
 		return errors.Annotate(err, "failed to create allocation")
 	}
@@ -94,7 +112,7 @@
 }
 
 func (c *allocateCommand) modelUUID() (string, error) {
-	model, err := c.ClientStore().ModelByName(c.ControllerName(), c.AccountName(), c.ModelName())
+	model, err := c.ClientStore().ModelByName(c.ControllerName(), c.ModelName())
 	if err != nil {
 		return "", errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/allocate/allocate_test.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/allocate/allocate_test.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/allocate/allocate_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/allocate/allocate_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,24 +32,17 @@
 		Controllers: map[string]jujuclient.ControllerDetails{
 			"controller": {},
 		},
-		Models: map[string]jujuclient.ControllerAccountModels{
+		Models: map[string]*jujuclient.ControllerModels{
 			"controller": {
-				AccountModels: map[string]*jujuclient.AccountModels{
-					"admin@local": {
-						Models: map[string]jujuclient.ModelDetails{
-							"model": {"model-uuid"},
-						},
-						CurrentModel: "model",
-					},
+				Models: map[string]jujuclient.ModelDetails{
+					"model": {"model-uuid"},
 				},
+				CurrentModel: "model",
 			},
 		},
-		Accounts: map[string]*jujuclient.ControllerAccounts{
+		Accounts: map[string]jujuclient.AccountDetails{
 			"controller": {
-				Accounts: map[string]jujuclient.AccountDetails{
-					"admin@local": {},
-				},
-				CurrentAccount: "admin@local",
+				User: "admin@local",
 			},
 		},
 	}
@@ -86,6 +79,13 @@
 	s.mockAPI.CheckCall(c, 0, "CreateAllocation", "name", "0", "model-uuid", []string{"db"})
 }
 
+func (s *allocateSuite) TestAllocateModelUUID(c *gc.C) {
+	s.mockAPI.resp = "allocation updated"
+	_, err := s.run(c, "name:0", "--model-uuid", "30f7a9f2-220d-4268-b336-35e7daacae79", "db")
+	c.Assert(err, jc.ErrorIsNil)
+	s.mockAPI.CheckCall(c, 0, "CreateAllocation", "name", "0", "30f7a9f2-220d-4268-b336-35e7daacae79", []string{"db"})
+}
+
 func (s *allocateSuite) TestAllocateErrors(c *gc.C) {
 	tests := []struct {
 		about         string
@@ -94,27 +94,35 @@
 	}{{
 		about:         "no args",
 		args:          []string{},
-		expectedError: "budget and service name required",
+		expectedError: "budget and application name required",
 	}, {
 		about:         "budget without allocation limit",
 		args:          []string{"name", "db"},
-		expectedError: "invalid budget specification, expecting <budget>:<limit>",
+		expectedError: `expected args in the form "budget:limit \[application ...\]": invalid budget specification, expecting <budget>:<limit>`,
 	}, {
-		about:         "service not specified",
+		about:         "application not specified",
 		args:          []string{"name:100"},
-		expectedError: "budget and service name required",
+		expectedError: "budget and application name required",
 	}, {
 		about:         "negative allocation limit",
 		args:          []string{"name:-100", "db"},
-		expectedError: "invalid budget specification, expecting <budget>:<limit>",
+		expectedError: `expected args in the form "budget:limit \[application ...\]": invalid budget specification, expecting <budget>:<limit>`,
 	}, {
 		about:         "non-numeric allocation limit",
 		args:          []string{"name:abcd", "db"},
-		expectedError: "invalid budget specification, expecting <budget>:<limit>",
+		expectedError: `expected args in the form "budget:limit \[application ...\]": invalid budget specification, expecting <budget>:<limit>`,
 	}, {
 		about:         "empty allocation limit",
 		args:          []string{"name:", "db"},
-		expectedError: "invalid budget specification, expecting <budget>:<limit>",
+		expectedError: `expected args in the form "budget:limit \[application ...\]": invalid budget specification, expecting <budget>:<limit>`,
+	}, {
+		about:         "invalid model UUID",
+		args:          []string{"--model-uuid", "nope", "name:100", "db"},
+		expectedError: `model UUID "nope" not valid`,
+	}, {
+		about:         "arguments in wrong order",
+		args:          []string{"name:", "db:50"},
+		expectedError: `expected args in the form "budget:limit \[application ...\]": invalid budget specification, expecting <budget>:<limit>`,
 	}}
 	for i, test := range tests {
 		c.Logf("test %d: %s", i, test.about)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/commands/commands.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/commands/commands.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/commands/commands.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/commands/commands.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,13 +39,13 @@
 
 	}
 	register(agree.NewAgreeCommand())
+	register(listagreements.NewListAgreementsCommand())
 	register(allocate.NewAllocateCommand())
-	register(createbudget.NewCreateBudgetCommand())
 	register(listbudgets.NewListBudgetsCommand())
+	register(createbudget.NewCreateBudgetCommand())
 	register(listplans.NewListPlansCommand())
 	register(setbudget.NewSetBudgetCommand())
 	register(setplan.NewSetPlanCommand())
 	register(showbudget.NewShowBudgetCommand())
 	register(updateallocation.NewUpdateAllocationCommand())
-	register(listagreements.NewListAgreementsCommand())
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/commands/commands_test.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/commands/commands_test.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/commands/commands_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/commands/commands_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,14 +33,14 @@
 	commands.RegisterAll(m)
 	c.Assert(m.commands, gc.DeepEquals, []string{
 		"agree",
+		"agreements",
 		"allocate",
+		"budgets",
 		"create-budget",
-		"list-budgets",
-		"list-plans",
+		"plans",
 		"set-budget",
 		"set-plan",
 		"show-budget",
 		"update-allocation",
-		"list-agreements",
 	})
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/createbudget/createbudget.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/createbudget/createbudget.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/createbudget/createbudget.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/createbudget/createbudget.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,16 +29,16 @@
 const doc = `
 Create a new budget with monthly limit.
 
-Example:
- juju create-budget qa 42
-     Creates a budget named 'qa' with a limit of 42.
+Examples:
+    # Creates a budget named 'qa' with a limit of 42.
+    juju create-budget qa 42
 `
 
 // Info implements cmd.Command.Info.
 func (c *createBudgetCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "create-budget",
-		Purpose: "create a new budget",
+		Purpose: "Create a new budget.",
 		Doc:     doc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/listagreements/listagreements.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/listagreements/listagreements.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/listagreements/listagreements.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/listagreements/listagreements.go	2016-07-18 19:45:44.000000000 +0000
@@ -28,7 +28,7 @@
 }
 
 const listAgreementsDoc = `
-list-agreements is used to list terms the user has agreed to.
+List terms the user has agreed to.
 `
 
 // NewListAgreementsCommand returns a new command that can be
@@ -62,9 +62,10 @@
 // Info implements Command.Info.
 func (c *listAgreementsCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-agreements",
-		Purpose: "list user's agreements",
+		Name:    "agreements",
+		Purpose: "List user's agreements.",
 		Doc:     listAgreementsDoc,
+		Aliases: []string{"list-agreements"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/listbudgets/list-budgets.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/listbudgets/list-budgets.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/listbudgets/list-budgets.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/listbudgets/list-budgets.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,16 +32,17 @@
 const listBudgetsDoc = `
 List the available budgets.
 
-Example:
- juju list-budgets
+Examples:
+    juju budgets
 `
 
 // Info implements cmd.Command.Info.
 func (c *listBudgetsCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-budgets",
-		Purpose: "list budgets",
+		Name:    "budgets",
+		Purpose: "List budgets.",
 		Doc:     listBudgetsDoc,
+		Aliases: []string{"list-budgets"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/listplans/list_plans.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/listplans/list_plans.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/listplans/list_plans.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/listplans/list_plans.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,8 +39,8 @@
 const listPlansDoc = `
 List plans available for the specified charm.
 
-Example:
- juju list-plans cs:webapp
+Examples:
+    juju plans cs:webapp
 `
 
 // ListPlansCommand retrieves plans that are available for the specified charm
@@ -63,10 +63,11 @@
 // Info implements Command.Info.
 func (c *ListPlansCommand) Info() *cmd.Info {
 	return &cmd.Info{
-		Name:    "list-plans",
+		Name:    "plans",
 		Args:    "",
-		Purpose: "list plans",
+		Purpose: "List plans.",
 		Doc:     listPlansDoc,
+		Aliases: []string{"list-plans"},
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/setbudget/setbudget.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/setbudget/setbudget.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/setbudget/setbudget.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/setbudget/setbudget.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,16 +29,17 @@
 const doc = `
 Set the monthly budget limit.
 
-Example:
- juju set-budget personal 96
-     Sets the monthly limit for budget named 'personal' to 96.
+Examples:
+    # Sets the monthly limit for budget named 'personal' to 96.
+    juju set-budget personal 96
 `
 
 // Info implements cmd.Command.Info.
 func (c *setBudgetCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "set-budget",
-		Purpose: "set the budget limit",
+		Args:    "<budget name> <value>",
+		Purpose: "Set the budget limit.",
 		Doc:     doc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/setplan/set_plan.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/setplan/set_plan.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/setplan/set_plan.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/setplan/set_plan.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,9 +11,9 @@
 
 	"github.com/juju/cmd"
 	"github.com/juju/errors"
-	"github.com/juju/juju/api/service"
+	"github.com/juju/juju/api/application"
 	"github.com/juju/juju/cmd/modelcmd"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon.v1"
 
 	api "github.com/juju/romulus/api/plan"
@@ -23,8 +23,8 @@
 // the comand uses to create an authorization macaroon.
 type authorizationClient interface {
 	// Authorize returns the authorization macaroon for the specified environment,
-	// charm url, service name and plan.
-	Authorize(environmentUUID, charmURL, serviceName, plan string, visitWebPage func(*url.URL) error) (*macaroon.Macaroon, error)
+	// charm url, application name and plan.
+	Authorize(environmentUUID, charmURL, applicationName, plan string, visitWebPage func(*url.URL) error) (*macaroon.Macaroon, error)
 }
 
 var newAuthorizationClient = func(options ...api.ClientOption) (authorizationClient, error) {
@@ -32,38 +32,34 @@
 }
 
 // NewSetPlanCommand returns a new command that is used to set metric credentials for a
-// deployed service.
+// deployed application.
 func NewSetPlanCommand() cmd.Command {
 	return modelcmd.Wrap(&setPlanCommand{})
 }
 
 // setPlanCommand is a command-line tool for setting
-// Service.MetricCredential for development & demonstration purposes.
+// Application.MetricCredential for development & demonstration purposes.
 type setPlanCommand struct {
 	modelcmd.ModelCommandBase
 
-	Service string
-	Plan    string
+	Application string
+	Plan        string
 }
 
 // Info implements cmd.Command.
 func (c *setPlanCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "set-plan",
-		Args:    "<service name> <plan>",
-		Purpose: "set the plan for a service",
+		Args:    "<application name> <plan>",
+		Purpose: "Set the plan for an application.",
 		Doc: `
-Set the plan for the deployed service, effective immediately.
+Set the plan for the deployed application, effective immediately.
 
-The specified plan name must be a valid plan that is offered for this particular charm. Use "juju list-plans <charm>" for more information.
-	
-Usage:
+The specified plan name must be a valid plan that is offered for this
+particular charm. Use "juju list-plans <charm>" for more information.
 
- juju set-plan [options] <service name> <plan name>
-
-Example:
-
- juju set-plan myapp example/uptime
+Examples:
+    juju set-plan myapp example/uptime
 `,
 	}
 }
@@ -71,23 +67,23 @@
 // Init implements cmd.Command.
 func (c *setPlanCommand) Init(args []string) error {
 	if len(args) < 2 {
-		return errors.New("need to specify service name and plan url")
+		return errors.New("need to specify application name and plan url")
 	}
 
-	serviceName := args[0]
-	if !names.IsValidService(serviceName) {
-		return errors.Errorf("invalid service name %q", serviceName)
+	applicationName := args[0]
+	if !names.IsValidApplication(applicationName) {
+		return errors.Errorf("invalid application name %q", applicationName)
 	}
 
 	c.Plan = args[1]
-	c.Service = serviceName
+	c.Application = applicationName
 
 	return c.ModelCommandBase.Init(args[2:])
 }
 
-func (c *setPlanCommand) requestMetricCredentials(client *service.Client, ctx *cmd.Context) ([]byte, error) {
+func (c *setPlanCommand) requestMetricCredentials(client *application.Client, ctx *cmd.Context) ([]byte, error) {
 	envUUID := client.ModelUUID()
-	charmURL, err := client.GetCharmURL(c.Service)
+	charmURL, err := client.GetCharmURL(c.Application)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -100,7 +96,7 @@
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	m, err := authClient.Authorize(envUUID, charmURL.String(), c.Service, c.Plan, hc.VisitWebPage)
+	m, err := authClient.Authorize(envUUID, charmURL.String(), c.Application, c.Plan, hc.VisitWebPage)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
@@ -114,12 +110,12 @@
 	if err != nil {
 		return errors.Trace(err)
 	}
-	client := service.NewClient(root)
+	client := application.NewClient(root)
 	credentials, err := c.requestMetricCredentials(client, ctx)
 	if err != nil {
 		return errors.Trace(err)
 	}
-	err = client.SetMetricCredentials(c.Service, credentials)
+	err = client.SetMetricCredentials(c.Application, credentials)
 	if err != nil {
 		return errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/setplan/set_plan_test.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/setplan/set_plan_test.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/setplan/set_plan_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/setplan/set_plan_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -66,16 +66,16 @@
 
 func (s setPlanCommandSuite) TestSetPlanCommand(c *gc.C) {
 	tests := []struct {
-		about    string
-		plan     string
-		service  string
-		err      string
-		apiErr   error
-		apiCalls []testing.StubCall
+		about       string
+		plan        string
+		application string
+		err         string
+		apiErr      error
+		apiCalls    []testing.StubCall
 	}{{
-		about:   "all is well",
-		plan:    "bob/default",
-		service: "mysql",
+		about:       "all is well",
+		plan:        "bob/default",
+		application: "mysql",
 		apiCalls: []testing.StubCall{{
 			FuncName: "Authorize",
 			Args: []interface{}{
@@ -85,21 +85,21 @@
 			},
 		}},
 	}, {
-		about:   "invalid service name",
-		plan:    "bob/default",
-		service: "mysql-0",
-		err:     "invalid service name \"mysql-0\"",
+		about:       "invalid application name",
+		plan:        "bob/default",
+		application: "mysql-0",
+		err:         "invalid application name \"mysql-0\"",
 	}, {
-		about:   "unknown service",
-		plan:    "bob/default",
-		service: "wordpress",
-		err:     "service \"wordpress\" not found.*",
+		about:       "unknown application",
+		plan:        "bob/default",
+		application: "wordpress",
+		err:         "application \"wordpress\" not found.*",
 	}, {
-		about:   "unknown service",
-		plan:    "bob/default",
-		service: "mysql",
-		apiErr:  errors.New("some strange error"),
-		err:     "some strange error",
+		about:       "unknown application",
+		plan:        "bob/default",
+		application: "mysql",
+		apiErr:      errors.New("some strange error"),
+		err:         "some strange error",
 	},
 	}
 	for i, test := range tests {
@@ -108,15 +108,15 @@
 		if test.apiErr != nil {
 			s.mockAPI.SetErrors(test.apiErr)
 		}
-		_, err := cmdtesting.RunCommand(c, setplan.NewSetPlanCommand(), test.service, test.plan)
+		_, err := cmdtesting.RunCommand(c, setplan.NewSetPlanCommand(), test.application, test.plan)
 		if test.err == "" {
 			c.Assert(err, jc.ErrorIsNil)
 			c.Assert(s.mockAPI.Calls(), gc.HasLen, 1)
 			s.mockAPI.CheckCalls(c, test.apiCalls)
 
-			svc, err := s.State.Service("mysql")
+			app, err := s.State.Application("mysql")
 			c.Assert(err, jc.ErrorIsNil)
-			svcMacaroon := svc.MetricCredentials()
+			svcMacaroon := app.MetricCredentials()
 			data, err := json.Marshal(macaroon.Slice{s.mockAPI.macaroon})
 			c.Assert(err, jc.ErrorIsNil)
 			c.Assert(svcMacaroon, gc.DeepEquals, data)
@@ -129,7 +129,7 @@
 
 func (s *setPlanCommandSuite) TestNoArgs(c *gc.C) {
 	_, err := cmdtesting.RunCommand(c, setplan.NewSetPlanCommand())
-	c.Assert(err, gc.ErrorMatches, "need to specify service name and plan url")
+	c.Assert(err, gc.ErrorMatches, "need to specify application name and plan url")
 }
 
 func newMockAPI() (*mockapi, error) {
@@ -156,19 +156,19 @@
 	macaroon *macaroon.Macaroon
 }
 
-func (m *mockapi) Authorize(environmentUUID, charmURL, serviceName, plan string, visitWebPage func(*url.URL) error) (*macaroon.Macaroon, error) {
+func (m *mockapi) Authorize(modelUUID, charmURL, applicationName, plan string, visitWebPage func(*url.URL) error) (*macaroon.Macaroon, error) {
 	err := m.NextErr()
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
-	m.AddCall("Authorize", environmentUUID, charmURL, serviceName)
+	m.AddCall("Authorize", modelUUID, charmURL, applicationName)
 	macaroon, err := m.service.NewMacaroon(
 		"",
 		nil,
 		[]checkers.Caveat{
-			checkers.DeclaredCaveat("environment", environmentUUID),
+			checkers.DeclaredCaveat("environment", modelUUID),
 			checkers.DeclaredCaveat("charm", charmURL),
-			checkers.DeclaredCaveat("service", serviceName),
+			checkers.DeclaredCaveat("service", applicationName),
 			checkers.DeclaredCaveat("plan", plan),
 		},
 	)
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/showbudget/show_budget.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/showbudget/show_budget.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/showbudget/show_budget.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/showbudget/show_budget.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,7 +13,7 @@
 	"github.com/juju/juju/apiserver/params"
 	"github.com/juju/juju/cmd/modelcmd"
 	"github.com/juju/loggo"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 	"launchpad.net/gnuflag"
 
@@ -39,15 +39,16 @@
 const showBudgetDoc = `
 Display budget usage information.
 
-Example:
- juju show-budget personal
+Examples:
+    juju show-budget personal
 `
 
 // Info implements cmd.Command.Info.
 func (c *showBudgetCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "show-budget",
-		Purpose: "show budget usage",
+		Args:    "<budget>",
+		Purpose: "Show details about a budget.",
 		Doc:     showBudgetDoc,
 	}
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/showbudget/show_budget_test.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/showbudget/show_budget_test.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/showbudget/show_budget_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/showbudget/show_budget_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,10 +8,10 @@
 	"github.com/juju/errors"
 	"github.com/juju/juju/apiserver/params"
 	coretesting "github.com/juju/juju/testing"
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/romulus/cmd/showbudget"
 	"github.com/juju/romulus/wireformat/budget"
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/updateallocation/updateallocation.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/updateallocation/updateallocation.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/updateallocation/updateallocation.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/updateallocation/updateallocation.go	2016-07-18 19:45:44.000000000 +0000
@@ -41,18 +41,19 @@
 }
 
 const doc = `
-Updates an existing allocation on a service.
+Updates an existing allocation on an application.
 
-Example:
- juju update-allocation wordpress 10
-     Sets the allocation for the wordpress service to 10.
+Examples:
+    # Sets the allocation for the wordpress application to 10.
+    juju update-allocation wordpress 10
 `
 
 // Info implements cmd.Command.Info.
 func (c *updateAllocationCommand) Info() *cmd.Info {
 	return &cmd.Info{
 		Name:    "update-allocation",
-		Purpose: "update an allocation",
+		Args:    "<application> <value>",
+		Purpose: "Update an allocation.",
 		Doc:     doc,
 	}
 }
@@ -60,7 +61,7 @@
 // Init implements cmd.Command.Init.
 func (c *updateAllocationCommand) Init(args []string) error {
 	if len(args) < 2 {
-		return errors.New("service and value required")
+		return errors.New("application and value required")
 	}
 	c.Name, c.Value = args[0], args[1]
 	if _, err := strconv.ParseInt(c.Value, 10, 32); err != nil {
@@ -70,7 +71,7 @@
 }
 
 func (c *updateAllocationCommand) modelUUID() (string, error) {
-	model, err := c.ClientStore().ModelByName(c.ControllerName(), c.AccountName(), c.ModelName())
+	model, err := c.ClientStore().ModelByName(c.ControllerName(), c.ModelName())
 	if err != nil {
 		return "", errors.Trace(err)
 	}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/updateallocation/updateallocation_test.go juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/updateallocation/updateallocation_test.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/cmd/updateallocation/updateallocation_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/cmd/updateallocation/updateallocation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,24 +32,17 @@
 		Controllers: map[string]jujuclient.ControllerDetails{
 			"controller": {},
 		},
-		Models: map[string]jujuclient.ControllerAccountModels{
+		Models: map[string]*jujuclient.ControllerModels{
 			"controller": {
-				AccountModels: map[string]*jujuclient.AccountModels{
-					"admin@local": {
-						Models: map[string]jujuclient.ModelDetails{
-							"model": {"model-uuid"},
-						},
-						CurrentModel: "model",
-					},
+				Models: map[string]jujuclient.ModelDetails{
+					"model": {"model-uuid"},
 				},
+				CurrentModel: "model",
 			},
 		},
-		Accounts: map[string]*jujuclient.ControllerAccounts{
+		Accounts: map[string]jujuclient.AccountDetails{
 			"controller": {
-				Accounts: map[string]jujuclient.AccountDetails{
-					"admin@local": {},
-				},
-				CurrentAccount: "admin@local",
+				User: "admin@local",
 			},
 		},
 	}
@@ -93,12 +86,12 @@
 		{
 			about:         "value is missing",
 			args:          []string{"name"},
-			expectedError: "service and value required",
+			expectedError: "application and value required",
 		},
 		{
 			about:         "no args",
 			args:          []string{},
-			expectedError: "service and value required",
+			expectedError: "application and value required",
 		},
 	}
 	for i, test := range tests {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/dependencies.tsv juju-core-2.0~beta12/src/github.com/juju/romulus/dependencies.tsv
--- juju-core-2.0~beta7/src/github.com/juju/romulus/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -1,47 +1,50 @@
-github.com/bmizerany/pat	git	48be7df2c27e1cec821a3284a683ce6ef90d9052	2014-04-29T04:34:05Z
-github.com/coreos/go-systemd	git	2d21675230a81a503f4363f4aa3490af06d52bb8	2015-01-26T19:09:17Z
+github.com/bmizerany/pat	git	c068ca2f0aacee5ac3681d68e4d0a003b7d1fd2c	2016-02-17T10:32:42Z
+github.com/coreos/go-systemd	git	7b2428fec40033549c68f54e26e89e7ca9a9ce31	2016-02-02T21:14:25Z
 github.com/dustin/go-humanize	git	145fabdb1ab757076a70a886d092a3af27f66f4c	2014-12-28T07:11:48Z
-github.com/godbus/dbus	git	88765d85c0fdadcd98a54e30694fa4e4f5b51133	2015-01-22T18:02:51Z
+github.com/gabriel-samfira/sys	git	9ddc60d56b511544223adecea68da1e4f2153beb	2015-06-08T13:21:19Z
+github.com/godbus/dbus	git	32c6cc29c14570de4cf6d7e7737d68fb2d01ad15	2016-05-06T22:25:50Z
+github.com/gorilla/schema	git	08023a0215e7fc27a9aecd8b8c50913c40019478	2016-04-26T23:15:12Z
 github.com/gosuri/uitable	git	36ee7e946282a3fb1cfecd476ddc9b35d8847e42	2016-04-04T20:39:58Z
-github.com/juju/bundlechanges	git	a1fcaa2fc3b55305d064d16cb56bf87541efb8a4	2016-04-18T04:33:00Z
-github.com/juju/cmd	git	ca63dd8ba13f8fbbbe16a917696a7ce68cc3dc0b	2016-03-31T03:26:51Z
+github.com/juju/bundlechanges	git	8d99dd2a94d7b4fd975a152238d0e19d0c4a6cf1	2016-06-15T07:19:43Z
+github.com/juju/cmd	git	a11ae7a7436c133e799f025998cbbefd3f6eef7e	2016-06-01T03:55:01Z
 github.com/juju/errors	git	1b5e39b83d1835fa480e0c2ddefb040ee82d58b3	2015-09-16T12:56:42Z
 github.com/juju/go4	git	40d72ab9641a2a8c36a9c46a51e28367115c8e59	2016-02-22T16:32:58Z
 github.com/juju/gojsonpointer	git	afe8b77aa08f272b49e01b82de78510c11f61500	2015-02-04T19:46:29Z
 github.com/juju/gojsonreference	git	f0d24ac5ee330baa21721cdff56d45e4ee42628e	2015-02-04T19:46:33Z
 github.com/juju/gojsonschema	git	e1ad140384f254c82f89450d9a7c8dd38a632838	2015-03-12T17:00:16Z
 github.com/juju/httpprof	git	14bf14c307672fd2456bdbf35d19cf0ccd3cf565	2014-12-17T16:00:36Z
-github.com/juju/httprequest	git	89d547093c45e293599088cc63e805c6f1205dc0	2016-03-02T10:09:58Z
-github.com/juju/idmclient	git	1995850da11150fb9247e43c6089e54eaeaae44a	2016-04-01T13:35:05Z
-github.com/juju/juju	git	5f385be730d2fc3c9aafb0a45b640834754668fc	2016-04-18T19:59:54Z
+github.com/juju/httprequest	git	796aaafaf712f666df58d31a482c51233038bf9f	2016-05-03T15:03:27Z
+github.com/juju/idmclient	git	3dda079a75cccb85083d4c3877e638f5d6ab79c2	2016-05-26T05:00:34Z
+github.com/juju/juju	git	ef5ff9f3160a51e1964943532191df95644665d5	2016-07-14T10:19:34Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
-github.com/juju/names	git	8a0aa0963bbacdc790914892e9ff942e94d6f795	2016-03-30T15:05:33Z
+github.com/juju/mutex	git	59c26ee163447c5c57f63ff71610d433862013de	2016-06-17T01:09:07Z
 github.com/juju/persistent-cookiejar	git	e710b897c13ca52828ca2fc9769465186fd6d15c	2016-03-31T17:12:27Z
 github.com/juju/replicaset	git	fb7294cf57a1e2f08a57691f1246d129a87ab7e8	2015-05-08T02:21:43Z
-github.com/juju/retry	git	62c62032529169c7ec02fa48f93349604c345e1f	2015-10-29T02:48:21Z
-github.com/juju/schema	git	1e25943f8c6fd6815282d6f1ac87091d21e14e19	2016-03-01T11:16:46Z
-github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
+github.com/juju/rfc	git	ebdbbdb950cd039a531d15cdc2ac2cbd94f068ee	2016-07-11T02:42:13Z
+github.com/juju/schema	git	075de04f9b7d7580d60a1e12a0b3f50bb18e6998	2016-04-20T04:42:03Z
+github.com/juju/testing	git	ccf839b5a07a7a05009f8fa3ec41cd05fb2e0b08	2016-06-24T20:35:24Z
 github.com/juju/txn	git	99ec629d0066a4d73c54d8e021a7fc1dc07df614	2015-06-09T16:58:27Z
 github.com/juju/usso	git	68a59c96c178fbbad65926e7f93db50a2cd14f33	2016-04-01T10:44:24Z
-github.com/juju/utils	git	eb6cb958762135bb61aed1e0951f657c674d427f	2016-04-11T02:40:59Z
-github.com/juju/version	git	ef897ad7f130870348ce306f61332f5335355063	2015-11-27T20:34:00Z
+github.com/juju/utils	git	6219812829a3542c827c76cc75f416d4e6c94335	2016-07-08T10:00:56Z
+github.com/juju/version	git	4ae6172c00626779a5a462c3e3d22fc0e889431a	2016-06-03T19:49:58Z
 github.com/juju/webbrowser	git	54b8c57083b4afb7dc75da7f13e2967b2606a507	2016-03-09T14:36:29Z
 github.com/julienschmidt/httprouter	git	77a895ad01ebc98a4dc95d8355bc825ce80a56f6	2015-10-13T22:55:20Z
 github.com/mattn/go-runewidth	git	d96d1bd051f2bd9e7e43d602782b37b93b1b5666	2015-11-18T07:21:59Z
+github.com/rogpeppe/fastuuid	git	6724a57986aff9bff1a1770e9347036def7c89f6	2015-01-06T09:32:20Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
 golang.org/x/net	git	ea47fc708ee3e20177f3ca3716217c4ab75942cb	2015-08-29T23:03:18Z
 gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
 gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
 gopkg.in/juju/blobstore.v2	git	51fa6e26128d74e445c72d3a91af555151cc3654	2016-01-25T02:37:03Z
-gopkg.in/juju/charm.v6-unstable	git	728a5ea3ff1c1ae8b4c3ac4779c0027f693d1ca5	2016-04-08T11:12:17Z
-gopkg.in/juju/charmrepo.v2-unstable	git	c457416da598dffa665fc75aeb5c7265ff1273c0	2016-04-13T10:03:17Z
+gopkg.in/juju/charm.v6-unstable	git	8796be6021c9ecb20630950498ec515f7dd24575	2016-06-09T14:28:26Z
+gopkg.in/juju/charmrepo.v2-unstable	git	6e6733987fb03100f30e494cc1134351fe4a593b	2016-05-30T23:07:41Z
 gopkg.in/juju/environschema.v1	git	7359fc7857abe2b11b5b3e23811a9c64cb6b01e0	2015-11-04T11:58:10Z
-gopkg.in/macaroon-bakery.v1	git	fddb3dcd74806133259879d033fdfe92f9e67a8a	2016-04-01T12:14:21Z
+gopkg.in/juju/names.v2	git	5426d66579afd36fc63d809dd58806806c2f161f	2016-06-23T03:33:52Z
+gopkg.in/macaroon-bakery.v1	git	b097c9d99b2537efaf54492e08f7e148f956ba51	2016-05-24T09:38:11Z
 gopkg.in/macaroon.v1	git	ab3940c6c16510a850e1c2dd628b919f0f3f1464	2015-01-21T11:42:31Z
 gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
 gopkg.in/natefinch/lumberjack.v2	git	514cbda263a734ae8caac038dadf05f8f3f9f738	2016-01-25T11:17:49Z
-gopkg.in/natefinch/npipe.v2	git	e562d4ae5c2f838f9e7e406f7d9890d5b02467a9	2014-08-11T16:19:00Z
-gopkg.in/yaml.v1	git	9f9df34309c04878acc86042b16630b0f696e1de	2014-09-24T16:16:07Z
+gopkg.in/natefinch/npipe.v2	git	c1b8fa8bdccecb0b8db834ee0b92fdbcfa606dd6	2016-06-21T03:49:01Z
 gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
 launchpad.net/gnuflag	bzr	roger.peppe@canonical.com-20140716064605-pk32dnmfust02yab	13
 launchpad.net/tomb	bzr	gustavo@niemeyer.net-20140529072043-hzcrlnl3ygvg914q	18
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/wireformat/budget/requests.go juju-core-2.0~beta12/src/github.com/juju/romulus/wireformat/budget/requests.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/wireformat/budget/requests.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/wireformat/budget/requests.go	2016-07-18 19:45:44.000000000 +0000
@@ -108,9 +108,9 @@
 // UpdateAllocationRequest defines a request to update an allocation
 // associated with a service.
 type UpdateAllocationRequest struct {
-	Model   string `json:"-"`
-	Service string `json:"-"`
-	Limit   string `json:"limit"`
+	Model       string `json:"-"`
+	Application string `json:"-"`
+	Limit       string `json:"limit"`
 }
 
 // ContentType return the content-type header to be set for the request.
@@ -118,7 +118,7 @@
 
 // URL returns the URL for the request.
 func (r UpdateAllocationRequest) URL() string {
-	return fmt.Sprintf("%s/model/%s/service/%s/allocation", BaseURL, r.Model, r.Service)
+	return fmt.Sprintf("%s/model/%s/service/%s/allocation", BaseURL, r.Model, r.Application)
 }
 
 // Method returns the method for the request.
@@ -134,13 +134,13 @@
 // DeleteAllocationRequwest defines a request that removes an allocation associated
 // with a service.
 type DeleteAllocationRequest struct {
-	Model   string `json:"-"`
-	Service string `json:"-"`
+	Model       string `json:"-"`
+	Application string `json:"-"`
 }
 
 // URL returns the URL for the request.
 func (r DeleteAllocationRequest) URL() string {
-	return fmt.Sprintf("%s/model/%s/service/%s/allocation", BaseURL, r.Model, r.Service)
+	return fmt.Sprintf("%s/model/%s/service/%s/allocation", BaseURL, r.Model, r.Application)
 }
 
 // Method returns the method for the request.
diff -Nru juju-core-2.0~beta7/src/github.com/juju/romulus/wireformat/plan/entities.go juju-core-2.0~beta12/src/github.com/juju/romulus/wireformat/plan/entities.go
--- juju-core-2.0~beta7/src/github.com/juju/romulus/wireformat/plan/entities.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/romulus/wireformat/plan/entities.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,8 +7,8 @@
 
 import (
 	"github.com/juju/errors"
-	"github.com/juju/names"
 	"github.com/juju/utils"
+	"gopkg.in/juju/names.v2"
 )
 
 // Plan structure is used as a wire format to store information on ISV-created
@@ -36,7 +36,7 @@
 	if s.ServiceName == "" {
 		return errors.New("undefined service name")
 	}
-	if !names.IsValidService(s.ServiceName) {
+	if !names.IsValidApplication(s.ServiceName) {
 		return errors.Errorf("invalid service name: %q", s.ServiceName)
 	}
 	if s.CharmURL == "" {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/testing/checkers/codec.go juju-core-2.0~beta12/src/github.com/juju/testing/checkers/codec.go
--- juju-core-2.0~beta7/src/github.com/juju/testing/checkers/codec.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/testing/checkers/codec.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,7 @@
 	"fmt"
 
 	gc "gopkg.in/check.v1"
+	"gopkg.in/mgo.v2/bson"
 	"gopkg.in/yaml.v2"
 )
 
@@ -17,6 +18,17 @@
 	unmarshal func([]byte, interface{}) error
 }
 
+// BSONEquals defines a checker that checks whether a byte slice, when
+// unmarshaled as BSON, is equal to the given value. Rather than
+// unmarshaling into something of the expected body type, we reform
+// the expected body in BSON and back to interface{} so we can check
+// the whole content. Otherwise we lose information when unmarshaling.
+var BSONEquals = &codecEqualChecker{
+	name:      "BSONEquals",
+	marshal:   bson.Marshal,
+	unmarshal: bson.Unmarshal,
+}
+
 // JSONEquals defines a checker that checks whether a byte slice, when
 // unmarshaled as JSON, is equal to the given value.
 // Rather than unmarshaling into something of the expected
diff -Nru juju-core-2.0~beta7/src/github.com/juju/testing/cleanup.go juju-core-2.0~beta12/src/github.com/juju/testing/cleanup.go
--- juju-core-2.0~beta7/src/github.com/juju/testing/cleanup.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/testing/cleanup.go	2016-07-18 19:45:44.000000000 +0000
@@ -32,6 +32,7 @@
 
 func (s *CleanupSuite) TearDownSuite(c *gc.C) {
 	s.callStack(c, s.suiteStack)
+	s.suiteStack = nil
 	s.origSuite = nil
 	s.tornDown = true
 }
@@ -44,6 +45,7 @@
 
 func (s *CleanupSuite) TearDownTest(c *gc.C) {
 	s.callStack(c, s.testStack)
+	s.testStack = nil
 	s.inTest = false
 }
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/testing/mgo.go juju-core-2.0~beta12/src/github.com/juju/testing/mgo.go
--- juju-core-2.0~beta7/src/github.com/juju/testing/mgo.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/testing/mgo.go	2016-07-18 19:45:44.000000000 +0000
@@ -21,6 +21,7 @@
 	"runtime"
 	"strconv"
 	"strings"
+	"sync"
 	"testing"
 	"time"
 
@@ -28,8 +29,10 @@
 	"github.com/juju/loggo"
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils"
+	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
 )
 
 var (
@@ -39,6 +42,12 @@
 
 	// regular expression to match output of mongod
 	waitingForConnectionsRe = regexp.MustCompile(".*initandlisten.*waiting for connections.*")
+
+	// After version 3.2 we shouldn't use --nojournal - it makes the
+	// WiredTiger storage engine much slower.
+	// https://jira.mongodb.org/browse/SERVER-21198
+	useJournalMongoVersion = version.Number{Major: 3, Minor: 2}
+	mongoVersion           lazyMongoVersion
 )
 
 const (
@@ -84,9 +93,6 @@
 	// the mongod application
 	Params []string
 
-	// EnableJournal enables journaling.
-	EnableJournal bool
-
 	// EnableAuth enables authentication/authorization.
 	EnableAuth bool
 
@@ -207,6 +213,7 @@
 		"--nohttpinterface",
 		"--oplogSize", "10",
 		"--ipv6",
+		"--setParameter", "enableTestCommands=1",
 	}
 	if runtime.GOOS != "windows" {
 		mgoargs = append(mgoargs, "--nounixsocket")
@@ -217,15 +224,20 @@
 			"--keyFile", filepath.Join(inst.dir, "keyfile"),
 		)
 	}
-	if !inst.EnableJournal {
-		mgoargs = append(mgoargs, "--nojournal")
-	}
 	if inst.certs != nil {
 		mgoargs = append(mgoargs,
 			"--sslOnNormalPorts",
 			"--sslPEMKeyFile", filepath.Join(inst.dir, "server.pem"),
 			"--sslPEMKeyPassword", "ignored")
 	}
+	version, err := mongoVersion.Get()
+	if err != nil {
+		return err
+	}
+	if version.Compare(useJournalMongoVersion) == -1 {
+		mgoargs = append(mgoargs, "--nojournal")
+	}
+
 	if inst.Params != nil {
 		mgoargs = append(mgoargs, inst.Params...)
 	}
@@ -314,6 +326,58 @@
 	return "", err
 }
 
+// The mongod --version line starts with this prefix.
+const versionLinePrefix = "db version v"
+
+func detectMongoVersion() (version.Number, error) {
+	mongoPath, err := getMongod()
+	if err != nil {
+		return version.Zero, errors.Trace(err)
+	}
+	output, err := exec.Command(mongoPath, "--version").Output()
+	if err != nil {
+		return version.Zero, errors.Trace(err)
+	}
+	// Read the first line of the output with a scanner (to handle
+	// newlines in a cross-platform way).
+	scanner := bufio.NewScanner(bytes.NewReader(output))
+	versionLine := ""
+	if scanner.Scan() {
+		versionLine = scanner.Text()
+	}
+	if scanner.Err() != nil {
+		return version.Zero, errors.Trace(scanner.Err())
+	}
+	if !strings.HasPrefix(versionLine, versionLinePrefix) {
+		return version.Zero, errors.New("couldn't get mongod version - no version line")
+	}
+	ver, err := version.Parse(versionLine[len(versionLinePrefix):])
+	if err != nil {
+		return version.Zero, errors.Trace(err)
+	}
+	logger.Debugf("detected mongod version %v", ver)
+	return ver, nil
+}
+
+// lazyMongoVersion stores the mongod version once we've got it.
+type lazyMongoVersion struct {
+	sync.Mutex
+	version version.Number
+}
+
+func (v *lazyMongoVersion) Get() (version.Number, error) {
+	v.Lock()
+	defer v.Unlock()
+	if v.version == version.Zero {
+		ver, err := detectMongoVersion()
+		if err != nil {
+			return version.Zero, errors.Trace(err)
+		}
+		v.version = ver
+	}
+	return v.version, nil
+}
+
 func (inst *MgoInstance) kill(sig os.Signal) {
 	inst.server.Process.Signal(sig)
 	<-inst.exited
@@ -363,6 +427,12 @@
 	mgo.SetStats(true)
 	// Make tests that use password authentication faster.
 	utils.FastInsecureHash = true
+	mgo.ResetStats()
+	session, err := MgoServer.Dial()
+	c.Assert(err, jc.ErrorIsNil)
+	defer session.Close()
+	err = dropAll(session)
+	c.Assert(err, jc.ErrorIsNil)
 }
 
 // readUntilMatching reads lines from the given reader until the reader
@@ -408,6 +478,8 @@
 }
 
 func (s *MgoSuite) TearDownSuite(c *gc.C) {
+	err := MgoServer.Reset()
+	c.Assert(err, jc.ErrorIsNil)
 	utils.FastInsecureHash = false
 }
 
@@ -473,21 +545,87 @@
 	return &mgo.DialInfo{Addrs: addrs, Dial: dial, Timeout: mgoDialTimeout}
 }
 
+func clearDatabases(session *mgo.Session) error {
+	databases, err := session.DatabaseNames()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	for _, name := range databases {
+		err = clearCollections(session.DB(name))
+		if err != nil {
+			return errors.Trace(err)
+		}
+	}
+	return nil
+}
+
+func clearCollections(db *mgo.Database) error {
+	collectionNames, err := db.CollectionNames()
+	if err != nil {
+		return errors.Trace(err)
+	}
+	for _, name := range collectionNames {
+		if strings.HasPrefix(name, "system.") {
+			continue
+		}
+		collection := db.C(name)
+		clearFunc := clearNormalCollection
+		capped, err := isCapped(collection)
+		if err != nil {
+			return errors.Trace(err)
+		}
+		if capped {
+			clearFunc = clearCappedCollection
+		}
+		err = clearFunc(collection)
+		if err != nil {
+			return errors.Trace(err)
+		}
+	}
+	return nil
+}
+
+func isCapped(collection *mgo.Collection) (bool, error) {
+	result := bson.M{}
+	err := collection.Database.Run(bson.D{{"collstats", collection.Name}}, &result)
+	if err != nil {
+		return false, errors.Trace(err)
+	}
+	value, found := result["capped"]
+	if !found {
+		return false, nil
+	}
+	capped, ok := value.(bool)
+	if !ok {
+		return false, errors.Errorf("unexpected type for capped: %v", value)
+	}
+	return capped, nil
+}
+
+func clearNormalCollection(collection *mgo.Collection) error {
+	_, err := collection.RemoveAll(bson.M{})
+	return err
+}
+
+func clearCappedCollection(collection *mgo.Collection) error {
+	// This is a test command - relies on the enableTestCommands
+	// setting being passed to mongo at startup.
+	return collection.Database.Run(bson.D{{"emptycapped", collection.Name}}, nil)
+}
+
 func (s *MgoSuite) SetUpTest(c *gc.C) {
+	s.Session = nil
 	mgo.ResetStats()
-	var err error
-	s.Session, err = MgoServer.Dial()
+	session, err := MgoServer.Dial()
 	c.Assert(err, jc.ErrorIsNil)
-	dropAll(s.Session)
+	s.Session = session
 }
 
 // Reset deletes all content from the MongoDB server.
 func (inst *MgoInstance) Reset() error {
-	// If the server has already been destroyed for testing purposes,
-	// just start it again.
-	if inst.Addr() == "" {
-		err := inst.Start(inst.certs)
-		return errors.Annotatef(err, "inst.Start(%v) failed", inst.certs)
+	err := inst.EnsureRunning()
+	if err != nil {
+		return errors.Trace(err)
 	}
 	session, err := inst.Dial()
 	if err != nil {
@@ -495,7 +633,10 @@
 	}
 	defer session.Close()
 
-	dbnames, ok := resetAdminPasswordAndFetchDBNames(session)
+	dbnames, ok, err := resetAdminPasswordAndFetchDBNames(session)
+	if err != nil {
+		return errors.Trace(err)
+	}
 	if !ok {
 		// We restart it to regain access.  This should only
 		// happen when tests fail.
@@ -543,14 +684,14 @@
 // server is in when Reset is called. If the test has set a custom
 // password, we're out of luck, but if they are using
 // DefaultStatePassword, we can succeed.
-func resetAdminPasswordAndFetchDBNames(session *mgo.Session) ([]string, bool) {
+func resetAdminPasswordAndFetchDBNames(session *mgo.Session) ([]string, bool, error) {
 	// First try with no password
 	dbnames, err := session.DatabaseNames()
 	if err == nil {
-		return dbnames, true
+		return dbnames, true, nil
 	}
 	if !isUnauthorized(err) {
-		panic(err)
+		return nil, false, errors.Trace(err)
 	}
 	// Then try the two most likely passwords in turn.
 	for _, password := range []string{
@@ -559,22 +700,22 @@
 	} {
 		admin := session.DB("admin")
 		if err := admin.Login("admin", password); err != nil {
-			logger.Infof("failed to log in with password %q", password)
+			logger.Errorf("failed to log in with password %q", password)
 			continue
 		}
 		dbnames, err := session.DatabaseNames()
 		if err == nil {
 			if err := admin.RemoveUser("admin"); err != nil {
-				panic(err)
+				return nil, false, errors.Trace(err)
 			}
-			return dbnames, true
+			return dbnames, true, nil
 		}
 		if !isUnauthorized(err) {
-			panic(err)
+			return nil, false, errors.Trace(err)
 		}
 		logger.Infof("unauthorized access when getting database names; password %q", password)
 	}
-	return nil, false
+	return nil, false, errors.Trace(err)
 }
 
 // isUnauthorized is a copy of the same function in state/open.go.
@@ -595,10 +736,38 @@
 	return false
 }
 
+func (inst *MgoInstance) EnsureRunning() error {
+	// If the server has already been destroyed for testing purposes,
+	// just start it again.
+	if inst.Addr() == "" {
+		err := inst.Start(inst.certs)
+		return errors.Annotatef(err, "inst.Start(%v) failed", inst.certs)
+	}
+	return nil
+}
+
 func (s *MgoSuite) TearDownTest(c *gc.C) {
-	err := MgoServer.Reset()
+	if s.Session == nil {
+		c.Fatal("SetUpTest failed")
+	}
+
+	err := MgoServer.EnsureRunning()
+	c.Assert(err, jc.ErrorIsNil)
+
+	if err = s.Session.Ping(); err != nil {
+		// The test has killed the server - reconnect.
+		s.Session.Close()
+		s.Session, err = MgoServer.Dial()
+		c.Assert(err, jc.ErrorIsNil)
+	}
+
+	// Rather than dropping the databases (which is very slow in Mongo
+	// 3.2) we clear all of the collections.
+	err = clearDatabases(s.Session)
 	c.Assert(err, jc.ErrorIsNil)
 	s.Session.Close()
+	s.Session = nil
+
 	for i := 0; ; i++ {
 		stats := mgo.GetStats()
 		if stats.SocketsInUse == 0 && stats.SocketsAlive == 0 {
diff -Nru juju-core-2.0~beta7/src/github.com/juju/testing/tcpproxy.go juju-core-2.0~beta12/src/github.com/juju/testing/tcpproxy.go
--- juju-core-2.0~beta7/src/github.com/juju/testing/tcpproxy.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/testing/tcpproxy.go	2016-07-18 19:45:44.000000000 +0000
@@ -81,6 +81,16 @@
 	return nil
 }
 
+// CloseConns closes all the connections that are
+// currently active. The proxy itself remains active.
+func (p *TCPProxy) CloseConns() {
+	p.mu.Lock()
+	defer p.mu.Unlock()
+	for _, c := range p.conns {
+		c.Close()
+	}
+}
+
 // Addr returns the TCP address of the proxy. Dialing
 // this address will cause a connection to be made
 // to the remote address; any data written will be
@@ -91,6 +101,7 @@
 	// than the wildcard address.
 	return p.listener.Addr().String()
 }
+
 func (p *TCPProxy) isClosed() bool {
 	p.mu.Lock()
 	defer p.mu.Unlock()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/testing/tcpproxy_test.go juju-core-2.0~beta12/src/github.com/juju/testing/tcpproxy_test.go
--- juju-core-2.0~beta7/src/github.com/juju/testing/tcpproxy_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/testing/tcpproxy_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,20 +33,13 @@
 	conn, err := net.Dial("tcp", p.Addr())
 	c.Assert(err, gc.IsNil)
 	defer conn.Close()
-	txt := "hello, world\n"
-	fmt.Fprint(conn, txt)
 
-	buf := make([]byte, len(txt))
-	n, err := io.ReadFull(conn, buf)
-	c.Assert(err, gc.IsNil)
-	c.Assert(string(buf[0:n]), gc.Equals, txt)
+	assertEcho(c, conn)
 
 	// Close the connection and check that we see
 	// the connection closed for read.
 	conn.(*net.TCPConn).CloseWrite()
-	n, err = conn.Read(buf)
-	c.Assert(err, gc.Equals, io.EOF)
-	c.Assert(n, gc.Equals, 0)
+	assertEOF(c, conn)
 
 	// Make another connection and close the proxy,
 	// which should close down the proxy and cause us
@@ -56,8 +49,7 @@
 	defer conn.Close()
 
 	p.Close()
-	_, err = conn.Read(buf)
-	c.Assert(err, gc.Equals, io.EOF)
+	assertEOF(c, conn)
 
 	// Make sure that we cannot dial the proxy address either.
 	conn, err = net.Dial("tcp", p.Addr())
@@ -68,6 +60,51 @@
 	wg.Wait()
 }
 
+func (*tcpProxySuite) TestCloseConns(c *gc.C) {
+	var wg sync.WaitGroup
+
+	listener, err := net.Listen("tcp", "127.0.0.1:0")
+	c.Assert(err, gc.IsNil)
+	defer listener.Close()
+	wg.Add(1)
+	go tcpEcho(&wg, listener)
+
+	p := testing.NewTCPProxy(c, listener.Addr().String())
+	c.Assert(p.Addr(), gc.Not(gc.Equals), listener.Addr().String())
+
+	// Make a couple of connections through the proxy
+	// and test that they work.
+	conn1, err := net.Dial("tcp", p.Addr())
+	c.Assert(err, gc.IsNil)
+	defer conn1.Close()
+	assertEcho(c, conn1)
+
+	conn2, err := net.Dial("tcp", p.Addr())
+	c.Assert(err, gc.IsNil)
+	defer conn1.Close()
+	assertEcho(c, conn1)
+
+	p.CloseConns()
+
+	// Assert that both the connections have been broken.
+	assertEOF(c, conn1)
+	assertEOF(c, conn2)
+
+	// Check that we can still make a connection.
+	conn3, err := net.Dial("tcp", p.Addr())
+	c.Assert(err, gc.IsNil)
+	defer conn3.Close()
+	assertEcho(c, conn3)
+
+	// Close the proxy and check that the last connection goes.
+	p.Close()
+	assertEOF(c, conn3)
+
+	listener.Close()
+	// Make sure that all our connections have gone away too.
+	wg.Wait()
+}
+
 // tcpEcho listens on the given listener for TCP connections,
 // writes all traffic received back to the sender, and calls
 // wg.Done when all its goroutines have completed.
@@ -87,3 +124,19 @@
 		}()
 	}
 }
+
+func assertEcho(c *gc.C, conn net.Conn) {
+	txt := "hello, world\n"
+	fmt.Fprint(conn, txt)
+
+	buf := make([]byte, len(txt))
+	n, err := io.ReadFull(conn, buf)
+	c.Assert(err, gc.IsNil)
+	c.Assert(string(buf[0:n]), gc.Equals, txt)
+}
+
+func assertEOF(c *gc.C, r io.Reader) {
+	n, err := r.Read(make([]byte, 1))
+	c.Assert(err, gc.Equals, io.EOF)
+	c.Assert(n, gc.Equals, 0)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/dependencies.tsv juju-core-2.0~beta12/src/github.com/juju/utils/dependencies.tsv
--- juju-core-2.0~beta7/src/github.com/juju/utils/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -1,16 +1,16 @@
-github.com/juju/cmd	git	b1413672b3bcc049754fe66e9d21633c5071c86a	2015-10-22T20:49:08Z
+github.com/juju/cmd	git	ca63dd8ba13f8fbbbe16a917696a7ce68cc3dc0b	2016-03-31T03:26:51Z
 github.com/juju/errors	git	1b5e39b83d1835fa480e0c2ddefb040ee82d58b3	2015-09-16T12:56:42Z
 github.com/juju/httpprof	git	14bf14c307672fd2456bdbf35d19cf0ccd3cf565	2014-12-17T16:00:36Z
-github.com/juju/httprequest	git	1015665b66c26101695f2f51407b3b1e000176fd	2015-10-07T14:02:54Z
+github.com/juju/httprequest	git	89d547093c45e293599088cc63e805c6f1205dc0	2016-03-02T10:09:58Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
-github.com/juju/names	git	860f27da4816cee6ee62ed781f9060c78ab1c23e	2015-10-14T15:55:12Z
-github.com/juju/testing	git	ee18040b46bb1f8c93438383bd51ec77eb8c02ab	2016-01-12T21:04:04Z
-github.com/julienschmidt/httprouter	git	109e267447e95ad1bb48b758e40dd7453eb7b039	2015-09-05T17:25:33Z
+github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
+github.com/julienschmidt/httprouter	git	77a895ad01ebc98a4dc95d8355bc825ce80a56f6	2015-10-13T22:55:20Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
 golang.org/x/net	git	ea47fc708ee3e20177f3ca3716217c4ab75942cb	2015-08-29T23:03:18Z
-gopkg.in/check.v1	git	b3d3430320d4260e5fea99841af984b3badcea63	2015-06-26T10:50:28Z
+gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
 gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
+gopkg.in/juju/names.v2	git	e38bc90539f22af61a9c656d35068bd5f0a5b30a	2016-05-25T23:07:23Z
 gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
-gopkg.in/yaml.v2	git	7ad95dd0798a40da1ccdff6dff35fd177b5edf40	2015-06-24T10:29:02Z
+gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
 launchpad.net/gnuflag	bzr	roger.peppe@canonical.com-20140716064605-pk32dnmfust02yab	13
-launchpad.net/tomb	bzr	gustavo@niemeyer.net-20130531003818-70ikdgklbxopn8x4	17
+launchpad.net/tomb	bzr	gustavo@niemeyer.net-20140529072043-hzcrlnl3ygvg914q	18
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/fslock/export_test.go juju-core-2.0~beta12/src/github.com/juju/utils/fslock/export_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/fslock/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/fslock/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,18 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package fslock
-
-type OnDisk onDisk
-
-func IsAlive(lock *Lock, PID int) bool {
-	return lock.isAlive(PID)
-}
-
-func DeclareDead(lock *Lock) {
-	lock.declareDead()
-}
-
-func AliveFile(lock *Lock) string {
-	return lock.aliveFile(lock.PID)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/fslock/fslock.go juju-core-2.0~beta12/src/github.com/juju/utils/fslock/fslock.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/fslock/fslock.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/fslock/fslock.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,391 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-// Package fslock provides an on-disk mutex protecting a resource
-//
-// A lock is represented on disk by a directory of a particular name,
-// containing an information file.  Taking a lock is done by renaming a
-// temporary directory into place.  We use temporary directories because for
-// all filesystems we believe that exactly one attempt to claim the lock will
-// succeed and the others will fail.
-package fslock
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path"
-	"regexp"
-	"runtime"
-	"sync"
-	"time"
-
-	"github.com/juju/errors"
-	"github.com/juju/loggo"
-
-	"github.com/juju/utils"
-	"github.com/juju/utils/clock"
-	goyaml "gopkg.in/yaml.v2"
-)
-
-const (
-	// NameRegexp specifies the regular expression used to identify valid lock names.
-	NameRegexp   = "^[a-z]+[a-z0-9.-]*$"
-	heldFilename = "held"
-)
-
-var (
-	logger = loggo.GetLogger("juju.utils.fslock")
-
-	// ErrLockNotHeld is returned by Unlock if the lock file is not held by this lock
-	ErrLockNotHeld = errors.New("lock not held")
-	// ErrTimeout is returned by LockWithTimeout if the lock could not be obtained before the given deadline
-	ErrTimeout = errors.New("lock timeout exceeded")
-
-	validName = regexp.MustCompile(NameRegexp)
-)
-
-// LockConfig defines the configuration of the new lock. Sensible defaults can be
-// obtained from Defaults().
-type LockConfig struct {
-	// Clock is used to generate delays
-	Clock clock.Clock
-	// WaitDelay is how long to wait after trying to aquire a lock before trying again
-	WaitDelay time.Duration
-	// LividityTimeout is how old a lock can be without us considering its
-	// parent process dead.
-	LividityTimeout time.Duration
-	// ReadRetryTimeout is how long to wait after trying to examine a lock
-	// and not finding it before trying again.
-	ReadRetryTimeout time.Duration
-}
-
-// Defaults generates a LockConfig pre-filled with sensible defaults.
-func Defaults() LockConfig {
-	return LockConfig{
-		Clock:            clock.WallClock,
-		WaitDelay:        1 * time.Second,
-		LividityTimeout:  30 * time.Second,
-		ReadRetryTimeout: time.Millisecond * 10,
-	}
-}
-
-// Lock is a file system lock
-type Lock struct {
-	name                   string
-	parent                 string
-	clock                  clock.Clock
-	nonce                  string
-	PID                    int
-	stopWritingAliveFile   chan struct{}
-	createAliveFileRunning sync.WaitGroup
-	waitDelay              time.Duration
-	lividityTimeout        time.Duration
-	readRetryTimeout       time.Duration
-	sanityCheck            chan struct{}
-}
-
-type onDisk struct {
-	Nonce   string
-	PID     int
-	Message string
-}
-
-// NewLock returns a new lock with the given name within the given lock
-// directory, without acquiring it. The lock name must match the regular
-// expression defined by NameRegexp.
-func NewLock(lockDir, name string, cfg LockConfig) (*Lock, error) {
-	if !validName.MatchString(name) {
-		return nil, fmt.Errorf("Invalid lock name %q.  Names must match %q", name, NameRegexp)
-	}
-	uuid, err := utils.NewUUID()
-	if err != nil {
-		return nil, err
-	}
-	lock := &Lock{
-		name:                 name,
-		parent:               lockDir,
-		clock:                cfg.Clock,
-		nonce:                uuid.String(),
-		PID:                  os.Getpid(),
-		stopWritingAliveFile: make(chan struct{}, 1),
-		waitDelay:            cfg.WaitDelay,
-		lividityTimeout:      cfg.LividityTimeout,
-		readRetryTimeout:     cfg.ReadRetryTimeout,
-		sanityCheck:          make(chan struct{}),
-	}
-	// Ensure the parent exists.
-	if err := os.MkdirAll(lock.parent, 0755); err != nil {
-		return nil, err
-	}
-	// Ensure that an old alive file doesn't exist. RemoveAll doesn't raise
-	// an error if the target doesn't exist, so we don't expect any errors.
-	if err := os.RemoveAll(lock.aliveFile(lock.PID)); err != nil {
-		return nil, err
-	}
-
-	return lock, nil
-}
-
-func (lock *Lock) lockDir() string {
-	return path.Join(lock.parent, lock.name)
-}
-
-func (lock *Lock) heldFile() string {
-	return path.Join(lock.lockDir(), "held")
-}
-
-func (lock *Lock) aliveFile(PID int) string {
-	return path.Join(lock.lockDir(), fmt.Sprintf("alive.%d", PID))
-}
-
-// isAlive checks that the PID given is alive by looking to see if it is the
-// current process's PID or, if it isn't, for a file named alive.<PID>, which
-// has been updated in the last 30 seconds.
-func (lock *Lock) isAlive(PID int) bool {
-	if PID == lock.PID {
-		return true
-	}
-	for i := 0; i < 10; i++ {
-		aliveInfo, err := os.Lstat(lock.aliveFile(PID))
-		if err == nil {
-			return time.Now().Before(aliveInfo.ModTime().Add(lock.lividityTimeout))
-		}
-		time.Sleep(lock.readRetryTimeout)
-	}
-	return false
-}
-
-// createAliveFile kicks off a gorouteine that creates a proof of life file
-// and keeps its timestamp current.
-func (lock *Lock) createAliveFile() {
-	lock.createAliveFileRunning.Add(1)
-	close(lock.sanityCheck)
-	go func() {
-		defer lock.createAliveFileRunning.Done()
-
-		aliveFile := lock.aliveFile(lock.PID)
-		if err := ioutil.WriteFile(aliveFile, []byte{}, 644); err != nil {
-			return
-		}
-
-		for {
-			select {
-			case <-time.After(5 * lock.waitDelay):
-				now := time.Now()
-				if err := os.Chtimes(aliveFile, now, now); err != nil {
-					return
-				}
-			case <-lock.stopWritingAliveFile:
-				return
-			}
-		}
-	}()
-}
-
-func (lock *Lock) declareDead() {
-	select {
-	case lock.stopWritingAliveFile <- struct{}{}:
-	default:
-	}
-	lock.createAliveFileRunning.Wait()
-	lock.sanityCheck = make(chan struct{}) // refresh sanity check
-}
-
-// clean reads the lock and checks that it is valid. If the lock points to a running
-// juju process that is older than the lock file, the lock is left in place, else
-// the lock is removed.
-func (lock *Lock) clean() error {
-	// If a lock exists, see if it is stale
-	lockInfo, err := lock.readLock()
-	if err != nil {
-		return nil
-	}
-
-	if lock.isAlive(lockInfo.PID) {
-		// lock is current. Do nothing.
-		logger.Debugf("Lock alive")
-		return nil
-	}
-
-	logger.Debugf("Lock dead")
-	return lock.BreakLock()
-}
-
-// If message is set, it will write the message to the lock directory as the
-// lock is taken.
-func (lock *Lock) acquire(message string) (bool, error) {
-	// If the lockDir exists, then the lock is held by someone else.
-	_, err := os.Stat(lock.lockDir())
-	if err == nil {
-		return false, nil
-	}
-	if !os.IsNotExist(err) {
-		return false, err
-	}
-	// Create a temporary directory (in the parent dir), and then move it to
-	// the right name.  Using the same directory to make sure the directories
-	// are on the same filesystem.  Use a directory name starting with "." as
-	// it isn't a valid lock name.
-	tempLockName := fmt.Sprintf(".%s", lock.nonce)
-	tempDirName, err := ioutil.TempDir(lock.parent, tempLockName)
-	if err != nil {
-		return false, err // this shouldn't really fail...
-	}
-
-	// write lock into the temp dir
-	l := onDisk{
-		PID:     lock.PID,
-		Nonce:   lock.nonce,
-		Message: message,
-	}
-	lockInfo, err := goyaml.Marshal(&l)
-	if err != nil {
-		return false, err // this shouldn't fail either...
-	}
-	err = ioutil.WriteFile(path.Join(tempDirName, heldFilename), lockInfo, 0664)
-	if err != nil {
-		return false, err
-	}
-	// Now move the temp directory to the lock directory.
-	err = utils.ReplaceFile(tempDirName, lock.lockDir())
-	if err != nil {
-		// Any error on rename means we failed.
-		// Beaten to it, clean up temporary directory.
-		os.RemoveAll(tempDirName)
-		return false, nil
-	}
-	// We now have the lock.
-	lock.createAliveFile()
-	return true, nil
-}
-
-// lockLoop tries to acquire the lock. If the acquisition fails, the
-// continueFunc is run to see if the function should continue waiting.
-func (lock *Lock) lockLoop(message string, continueFunc func() error) error {
-	var heldMessage = ""
-	for {
-		acquired, err := lock.acquire(message)
-		if err != nil {
-			return err
-		}
-		if acquired {
-			return nil
-		}
-		if err = continueFunc(); err != nil {
-			return err
-		}
-		currMessage := lock.Message()
-		if currMessage != heldMessage {
-			logger.Infof("attempted lock failed %q, %s, currently held: %s", lock.name, message, currMessage)
-			heldMessage = currMessage
-		}
-		<-lock.clock.After(lock.waitDelay)
-	}
-}
-
-// Lock blocks until it is able to acquire the lock.  Since we are dealing
-// with sharing and locking using the filesystem, it is good behaviour to
-// provide a message that is saved with the lock.  This is output in debugging
-// information, and can be queried by any other Lock dealing with the same
-// lock name and lock directory.
-func (lock *Lock) Lock(message string) error {
-	lock.clean()
-	// The continueFunc is effectively a no-op, causing continual looping
-	// until the lock is acquired.
-	continueFunc := func() error { return nil }
-	return lock.lockLoop(message, continueFunc)
-}
-
-// LockWithTimeout tries to acquire the lock. If it cannot acquire the lock
-// within the given duration, it returns ErrTimeout.  See `Lock` for
-// information about the message.
-func (lock *Lock) LockWithTimeout(duration time.Duration, message string) error {
-	deadline := lock.clock.Now().Add(duration)
-	continueFunc := func() error {
-		if lock.clock.Now().After(deadline) {
-			return ErrTimeout
-		}
-		return nil
-	}
-	return lock.lockLoop(message, continueFunc)
-}
-
-// LockWithFunc blocks until it is able to acquire the lock.  If the lock is failed to
-// be acquired, the continueFunc is called prior to the sleeping.  If the
-// continueFunc returns an error, that error is returned from LockWithFunc.
-func (lock *Lock) LockWithFunc(message string, continueFunc func() error) error {
-	return lock.lockLoop(message, continueFunc)
-}
-
-func (lock *Lock) readLock() (lockInfo onDisk, err error) {
-	lockFile, err := ioutil.ReadFile(lock.heldFile())
-	if err != nil {
-		return lockInfo, err
-	}
-
-	err = goyaml.Unmarshal(lockFile, &lockInfo)
-	return lockInfo, err
-}
-
-// IsLockHeld returns whether the lock is currently held by the receiver.
-func (lock *Lock) IsLockHeld() bool {
-	lockInfo, err := lock.readLock()
-	if err != nil {
-		return false
-	}
-	return lockInfo.Nonce == lock.nonce
-}
-
-// Unlock releases a held lock.  If the lock is not held ErrLockNotHeld is
-// returned.
-func (lock *Lock) Unlock() error {
-	if !lock.IsLockHeld() {
-		return ErrLockNotHeld
-	}
-	// To ensure reasonable unlocking, we should rename to a temp name, and delete that.
-	lock.declareDead()
-	tempLockName := fmt.Sprintf(".%s.%s", lock.name, lock.nonce)
-	tempDirName := path.Join(lock.parent, tempLockName)
-	// Now move the lock directory to the temp directory to release the lock.
-	for i := 0; ; i++ {
-		err := utils.ReplaceFile(lock.lockDir(), tempDirName)
-		if err == nil {
-			break
-		}
-		if i == 100 {
-			logger.Debugf("Failed to replace lock, giving up: (%s)", err)
-			return err
-		}
-		logger.Debugf("Failed to replace lock, retrying: (%s)", err)
-		runtime.Gosched()
-	}
-	// And now cleanup.
-	if err := os.RemoveAll(tempDirName); err != nil {
-		logger.Debugf("Failed to remove lock: %s", err)
-		return err
-	}
-	return nil
-}
-
-// IsLocked returns true if the lock is currently held by anyone.
-func (lock *Lock) IsLocked() bool {
-	_, err := os.Stat(lock.heldFile())
-	return err == nil
-}
-
-// BreakLock forcibly breaks the lock that is currently being held.
-func (lock *Lock) BreakLock() error {
-	lock.declareDead()
-	return os.RemoveAll(lock.lockDir())
-}
-
-// Message returns the saved message, or the empty string if there is no
-// saved message.
-func (lock *Lock) Message() string {
-	lockInfo, err := lock.readLock()
-	if err != nil {
-		return ""
-	}
-	return lockInfo.Message
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/fslock/fslock_test.go juju-core-2.0~beta12/src/github.com/juju/utils/fslock/fslock_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/fslock/fslock_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/fslock/fslock_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,418 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package fslock_test
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path"
-	"runtime"
-	"sync/atomic"
-	"time"
-
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	"github.com/juju/utils"
-	gc "gopkg.in/check.v1"
-	"launchpad.net/tomb"
-
-	"github.com/juju/utils/clock"
-	"github.com/juju/utils/fslock"
-)
-
-const (
-	shortWait = 50 * time.Millisecond
-	longWait  = 10 * time.Second
-)
-
-type fslockSuite struct {
-	testing.CleanupSuite
-	testing.IsolationSuite
-	lockDelay  time.Duration
-	lockConfig fslock.LockConfig
-}
-
-var _ = gc.Suite(&fslockSuite{})
-
-type fastclock struct {
-	c *gc.C
-}
-
-func (*fastclock) Now() time.Time {
-	return time.Now()
-}
-
-func (f *fastclock) After(duration time.Duration) <-chan time.Time {
-	f.c.Check(duration, gc.Equals, fslock.Defaults().WaitDelay)
-	return time.After(time.Millisecond)
-}
-
-func (f *fastclock) AfterFunc(d time.Duration, af func()) clock.Timer {
-	return time.AfterFunc(d, af)
-}
-
-func (s *fslockSuite) SetUpTest(c *gc.C) {
-	s.lockConfig = fslock.Defaults()
-	s.lockConfig.Clock = &fastclock{c}
-}
-
-// This test also happens to test that locks can get created when the parent
-// lock directory doesn't exist.
-func (s *fslockSuite) TestValidNamesLockDir(c *gc.C) {
-
-	for _, name := range []string{
-		"a",
-		"longer",
-		"longer-with.special-characters",
-	} {
-		dir := c.MkDir()
-		_, err := fslock.NewLock(dir, name, s.lockConfig)
-		c.Assert(err, gc.IsNil)
-	}
-}
-
-func (s *fslockSuite) TestInvalidNames(c *gc.C) {
-
-	for _, name := range []string{
-		".start",
-		"-start",
-		"NoCapitals",
-		"no+plus",
-		"no/slash",
-		"no\\backslash",
-		"no$dollar",
-		"no:colon",
-	} {
-		dir := c.MkDir()
-		_, err := fslock.NewLock(dir, name, s.lockConfig)
-		c.Assert(err, gc.ErrorMatches, "Invalid lock name .*")
-	}
-}
-
-func (s *fslockSuite) TestNewLockWithExistingDir(c *gc.C) {
-	dir := c.MkDir()
-	err := os.MkdirAll(dir, 0755)
-	c.Assert(err, gc.IsNil)
-	_, err = fslock.NewLock(dir, "special", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-}
-
-func (s *fslockSuite) TestNewLockWithExistingFileInPlace(c *gc.C) {
-	dir := c.MkDir()
-	err := os.MkdirAll(dir, 0755)
-	c.Assert(err, gc.IsNil)
-	path := path.Join(dir, "locks")
-	err = ioutil.WriteFile(path, []byte("foo"), 0644)
-	c.Assert(err, gc.IsNil)
-	_, err = fslock.NewLock(path, "special", s.lockConfig)
-	c.Assert(err, gc.ErrorMatches, utils.MkdirFailErrRegexp)
-}
-
-func (s *fslockSuite) TestIsLockHeldBasics(c *gc.C) {
-	dir := c.MkDir()
-	lock, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.IsLockHeld(), gc.Equals, false)
-
-	err = lock.Lock("")
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.IsLockHeld(), gc.Equals, true)
-
-	err = lock.Unlock()
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.IsLockHeld(), gc.Equals, false)
-}
-
-func (s *fslockSuite) TestIsLockHeldTwoLocks(c *gc.C) {
-	dir := c.MkDir()
-	lock1, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	lock2, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock1.Lock("")
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock2.IsLockHeld(), gc.Equals, false)
-}
-
-func (s *fslockSuite) TestLockBlocks(c *gc.C) {
-
-	dir := c.MkDir()
-	lock1, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	lock2, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	acquired := make(chan struct{})
-	err = lock1.Lock("")
-	c.Assert(err, gc.IsNil)
-
-	go func() {
-		lock2.Lock("")
-		acquired <- struct{}{}
-		close(acquired)
-	}()
-
-	// Waiting for something not to happen is inherently hard...
-	select {
-	case <-acquired:
-		c.Fatalf("Unexpected lock acquisition")
-	case <-time.After(shortWait):
-		// all good
-	}
-
-	err = lock1.Unlock()
-	c.Assert(err, gc.IsNil)
-
-	select {
-	case <-acquired:
-		// all good
-	case <-time.After(longWait):
-		c.Fatalf("Expected lock acquisition")
-	}
-
-	c.Assert(lock2.IsLockHeld(), gc.Equals, true)
-}
-
-func (s *fslockSuite) TestLockWithTimeoutUnlocked(c *gc.C) {
-	dir := c.MkDir()
-	lock, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock.LockWithTimeout(shortWait, "")
-	c.Assert(err, gc.IsNil)
-}
-
-func (s *fslockSuite) TestLockWithTimeoutLocked(c *gc.C) {
-	dir := c.MkDir()
-	lock1, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	lock2, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock1.Lock("")
-	c.Assert(err, gc.IsNil)
-
-	err = lock2.LockWithTimeout(shortWait, "")
-	c.Assert(err, gc.Equals, fslock.ErrTimeout)
-}
-
-func (s *fslockSuite) TestUnlock(c *gc.C) {
-	dir := c.MkDir()
-	lock, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock.Unlock()
-	c.Assert(err, gc.Equals, fslock.ErrLockNotHeld)
-}
-
-func (s *fslockSuite) TestIsLocked(c *gc.C) {
-	dir := c.MkDir()
-	lock1, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	lock2, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock1.Lock("")
-	c.Assert(err, gc.IsNil)
-
-	c.Assert(lock1.IsLocked(), gc.Equals, true)
-	c.Assert(lock2.IsLocked(), gc.Equals, true)
-}
-
-func (s *fslockSuite) TestBreakLock(c *gc.C) {
-	dir := c.MkDir()
-	lock1, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	lock2, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock1.Lock("")
-	c.Assert(err, gc.IsNil)
-
-	err = lock2.BreakLock()
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock2.IsLocked(), gc.Equals, false)
-
-	// Normally locks are broken due to client crashes, not duration.
-	err = lock1.Unlock()
-	c.Assert(err, gc.Equals, fslock.ErrLockNotHeld)
-
-	// Breaking a non-existant isn't an error
-	err = lock2.BreakLock()
-	c.Assert(err, gc.IsNil)
-}
-
-func (s *fslockSuite) TestMessage(c *gc.C) {
-	dir := c.MkDir()
-	lock, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.Message(), gc.Equals, "")
-
-	err = lock.Lock("my message")
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.Message(), gc.Equals, "my message")
-
-	// Unlocking removes the message.
-	err = lock.Unlock()
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.Message(), gc.Equals, "")
-}
-
-func (s *fslockSuite) TestMessageAcrossLocks(c *gc.C) {
-	dir := c.MkDir()
-	lock1, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	lock2, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock1.Lock("very busy")
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock2.Message(), gc.Equals, "very busy")
-}
-
-func (s *fslockSuite) TestInitialMessageWhenLocking(c *gc.C) {
-	dir := c.MkDir()
-	lock, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-
-	err = lock.Lock("initial message")
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.Message(), gc.Equals, "initial message")
-
-	err = lock.Unlock()
-	c.Assert(err, gc.IsNil)
-
-	err = lock.LockWithTimeout(shortWait, "initial timeout message")
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.Message(), gc.Equals, "initial timeout message")
-}
-
-func (s *fslockSuite) TestStress(c *gc.C) {
-	const lockAttempts = 200
-	const concurrentLocks = 10
-
-	var counter = new(int64)
-	// Use atomics to update lockState to make sure the lock isn't held by
-	// someone else. A value of 1 means locked, 0 means unlocked.
-	var lockState = new(int32)
-	var done = make(chan struct{})
-	defer close(done)
-
-	dir := c.MkDir()
-
-	var stress = func(name string) {
-		defer func() { done <- struct{}{} }()
-		lock, err := fslock.NewLock(dir, "testing", s.lockConfig)
-		if err != nil {
-			c.Errorf("Failed to create a new lock")
-			return
-		}
-		for i := 0; i < lockAttempts; i++ {
-			err = lock.Lock(name)
-			c.Assert(err, gc.IsNil)
-			state := atomic.AddInt32(lockState, 1)
-			c.Assert(state, gc.Equals, int32(1))
-			// Tell the go routine scheduler to give a slice to someone else
-			// while we have this locked.
-			runtime.Gosched()
-			// need to decrement prior to unlock to avoid the race of someone
-			// else grabbing the lock before we decrement the state.
-			atomic.AddInt32(lockState, -1)
-			err = lock.Unlock()
-			c.Assert(err, gc.IsNil)
-			// increment the general counter
-			atomic.AddInt64(counter, 1)
-		}
-	}
-
-	for i := 0; i < concurrentLocks; i++ {
-		go stress(fmt.Sprintf("Lock %d", i))
-	}
-	for i := 0; i < concurrentLocks; i++ {
-		<-done
-	}
-	c.Assert(*counter, gc.Equals, int64(lockAttempts*concurrentLocks))
-}
-
-func (s *fslockSuite) TestTomb(c *gc.C) {
-	const timeToDie = 200 * time.Millisecond
-	die := tomb.Tomb{}
-
-	dir := c.MkDir()
-	lock, err := fslock.NewLock(dir, "testing", s.lockConfig)
-	c.Assert(err, gc.IsNil)
-	// Just use one lock, and try to lock it twice.
-	err = lock.Lock("very busy")
-	c.Assert(err, gc.IsNil)
-
-	checkTomb := func() error {
-		select {
-		case <-die.Dying():
-			return tomb.ErrDying
-		default:
-			// no-op to fall through to return.
-		}
-		return nil
-	}
-
-	go func() {
-		time.Sleep(timeToDie)
-		die.Killf("time to die")
-	}()
-
-	err = lock.LockWithFunc("won't happen", checkTomb)
-	c.Assert(err, gc.Equals, tomb.ErrDying)
-	c.Assert(lock.Message(), gc.Equals, "very busy")
-
-}
-
-func (s *fslockSuite) TestCleanStaleLock(c *gc.C) {
-	lock, lockFile, dir := newLockedLock(c, s.lockConfig)
-	c.Assert(fslock.IsAlive(lock, lock.PID), gc.Equals, true)
-	c.Assert(fslock.IsAlive(lock, 1), gc.Equals, false)
-
-	// Make a stale alive file, point the lock to it, then try to re-lock.
-	PID := 1
-	aliveFile := path.Join(dir, "testing", fmt.Sprintf("alive.%d", PID))
-	ioutil.WriteFile(aliveFile, []byte{}, 644)
-	oneHourAgo := time.Now().Add(-time.Hour)
-	os.Chtimes(aliveFile, oneHourAgo, oneHourAgo)
-	changeLockfilePID(c, lockFile, PID)
-	assertCanLock(c, lock)
-}
-
-func (s *fslockSuite) TestCleanNoMatchingProcess(c *gc.C) {
-	lock, lockFile, _ := newLockedLock(c, s.lockConfig)
-
-	// Change the PID to a process that doesn't exist.
-	changeLockfilePID(c, lockFile, 1)
-	assertCanLock(c, lock)
-}
-
-// TestProofOfLife checks that the alive file doesn't get older than 500ms. Normally
-// it can get older, but we crank up the refresh interval for testing.
-func (s *fslockSuite) TestProofOfLife(c *gc.C) {
-	s.lockConfig.WaitDelay = 20 * time.Millisecond
-	lock, _, dir := newLockedLock(c, s.lockConfig)
-	aliveFile := path.Join(dir, "testing", fmt.Sprintf("alive.%d", lock.PID))
-
-	tests := 0
-	for check := 0; check < 20; check++ {
-		aliveInfo, err := os.Lstat(aliveFile)
-		if err != nil {
-			// Typically this is file not existing. Whatever the reason, just retry
-			time.Sleep(50 * time.Millisecond)
-			continue
-		}
-
-		c.Assert(time.Now().Sub(aliveInfo.ModTime()), jc.DurationLessThan, 500*time.Millisecond)
-		tests++
-		time.Sleep(50 * time.Millisecond)
-	}
-
-	// Make sure we actually spotted an alive file and checked its time.
-	c.Assert(tests > 1, gc.Equals, true)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/fslock/package_test.go juju-core-2.0~beta12/src/github.com/juju/utils/fslock/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/fslock/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/fslock/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package fslock_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func Test(t *testing.T) {
-	gc.TestingT(t)
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/fslock/util_test.go juju-core-2.0~beta12/src/github.com/juju/utils/fslock/util_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/fslock/util_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/fslock/util_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,42 +0,0 @@
-// Copyright 2015 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package fslock_test
-
-import (
-	"io/ioutil"
-	"path"
-
-	gc "gopkg.in/check.v1"
-	goyaml "gopkg.in/yaml.v2"
-
-	"github.com/juju/utils/fslock"
-)
-
-func changeLockfilePID(c *gc.C, lockFile string, PID int) {
-	var l fslock.OnDisk
-	heldLock, err := ioutil.ReadFile(lockFile)
-	c.Assert(err, gc.IsNil)
-	err = goyaml.Unmarshal(heldLock, &l)
-	c.Assert(err, gc.IsNil)
-	l.PID = PID
-	heldLock, err = goyaml.Marshal(l)
-	c.Assert(err, gc.IsNil)
-	err = ioutil.WriteFile(lockFile, heldLock, 644)
-	c.Assert(err, gc.IsNil)
-}
-
-func assertCanLock(c *gc.C, lock *fslock.Lock) {
-	err := lock.Lock("")
-	c.Assert(err, gc.IsNil)
-	c.Assert(lock.IsLocked(), gc.Equals, true)
-}
-
-func newLockedLock(c *gc.C, cfg fslock.LockConfig) (lock *fslock.Lock, lockFile, aliveFile string) {
-	dir := c.MkDir()
-	lock, err := fslock.NewLock(dir, "testing", cfg)
-	c.Assert(err, gc.IsNil)
-	assertCanLock(c, lock)
-	lockFile = path.Join(dir, "testing", "held")
-	return lock, lockFile, dir
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/naturalsort.go juju-core-2.0~beta12/src/github.com/juju/utils/naturalsort.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/naturalsort.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/naturalsort.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,95 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package utils
+
+import (
+	"fmt"
+	"sort"
+	"strconv"
+	"unicode"
+)
+
+// SortStringsNaturally sorts strings according to their natural sort order.
+func SortStringsNaturally(s []string) []string {
+	sort.Sort(naturally(s))
+	return s
+}
+
+type naturally []string
+
+func (n naturally) Len() int {
+	return len(n)
+}
+
+func (n naturally) Swap(a, b int) {
+	n[a], n[b] = n[b], n[a]
+}
+
+// Less sorts by non-numeric prefix and numeric suffix
+// when one exists.
+func (n naturally) Less(a, b int) bool {
+	aVal := n[a]
+	bVal := n[b]
+
+	for {
+		// If bVal is empty, then aVal can't be less than it.
+		if bVal == "" {
+			return false
+		}
+		// If aVal is empty here, then is must be less than bVal.
+		if aVal == "" {
+			return true
+		}
+
+		aPrefix, aNumber, aRemainder := splitAtNumber(aVal)
+		bPrefix, bNumber, bRemainder := splitAtNumber(bVal)
+		if aPrefix != bPrefix {
+			return aPrefix < bPrefix
+		}
+		if aNumber != bNumber {
+			return aNumber < bNumber
+		}
+
+		// Everything is the same so far, try again with the remainer.
+		aVal = aRemainder
+		bVal = bRemainder
+	}
+}
+
+// splitAtNumber splits given string at the first digit, returning the
+// prefix before the number, the integer represented by the first
+// series of digits, and the remainder of the string after the first
+// series of digits. If no digits are present, the number is returned
+// as -1 and the remainder is empty.
+func splitAtNumber(str string) (string, int, string) {
+	i := indexOfDigit(str)
+	if i == -1 {
+		// no numbers
+		return str, -1, ""
+	}
+	j := i + indexOfNonDigit(str[i:])
+	n, err := strconv.Atoi(str[i:j])
+	if err != nil {
+		panic(fmt.Sprintf("parsing number %v: %v", str[i:j], err)) // should never happen
+	}
+	return str[:i], n, str[j:]
+}
+
+func indexOfDigit(str string) int {
+	for i, rune := range str {
+		if unicode.IsDigit(rune) {
+			return i
+		}
+	}
+	return -1
+}
+
+func indexOfNonDigit(str string) int {
+	for i, rune := range str {
+		if !unicode.IsDigit(rune) {
+			return i
+		}
+	}
+	return len(str)
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/naturalsort_test.go juju-core-2.0~beta12/src/github.com/juju/utils/naturalsort_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/naturalsort_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/naturalsort_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,147 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the AGPLv3, see LICENCE file for details.
+
+package utils_test
+
+import (
+	"math/rand"
+
+	gc "gopkg.in/check.v1"
+
+	"github.com/juju/testing"
+	"github.com/juju/utils"
+)
+
+type naturalSortSuite struct {
+	testing.IsolationSuite
+}
+
+var _ = gc.Suite(&naturalSortSuite{})
+
+func (s *naturalSortSuite) TestEmpty(c *gc.C) {
+	checkCorrectSort(c, []string{})
+}
+
+func (s *naturalSortSuite) TestAlpha(c *gc.C) {
+	checkCorrectSort(c, []string{"abc", "bac", "cba"})
+}
+
+func (s *naturalSortSuite) TestNumVsString(c *gc.C) {
+	checkCorrectSort(c, []string{"1", "a"})
+}
+
+func (s *naturalSortSuite) TestStringVsStringNum(c *gc.C) {
+	checkCorrectSort(c, []string{"a", "a1"})
+}
+
+func (s *naturalSortSuite) TestCommonPrefix(c *gc.C) {
+	checkCorrectSort(c, []string{"a1", "a1a", "a1b", "a2b", "a2c"})
+}
+
+func (s *naturalSortSuite) TestDifferentNumberLengths(c *gc.C) {
+	checkCorrectSort(c, []string{"a1a", "a2", "a22a", "a333", "a333a", "a333b"})
+}
+
+func (s *naturalSortSuite) TestZeroPadding(c *gc.C) {
+	checkCorrectSort(c, []string{"a1", "a002", "a3"})
+}
+
+func (s *naturalSortSuite) TestMixed(c *gc.C) {
+	checkCorrectSort(c, []string{"1a", "a1", "a1/1", "a10", "a100"})
+}
+
+func (s *naturalSortSuite) TestSeveralNumericParts(c *gc.C) {
+	checkCorrectSort(c, []string{
+		"x",
+		"x1",
+		"x1-g0",
+		"x1-g1",
+		"x1-g2",
+		"x1-g10",
+		"x2",
+		"x2-g0",
+		"x2-g2",
+		"x11-g0",
+		"x11-g0-0",
+		"x11-g0-1",
+		"x11-g0-10",
+		"x11-g0-11",
+		"x11-g0-20",
+		"x11-g0-100",
+		"x11-g10-1",
+		"x11-g10-10",
+		"xx1",
+		"xx10",
+	})
+}
+
+func (s *naturalSortSuite) TestUnitNameLike(c *gc.C) {
+	checkCorrectSort(c, []string{"a1/1", "a1/2", "a1/7", "a1/11", "a1/100"})
+}
+
+func (s *naturalSortSuite) TestMachineIdLike(c *gc.C) {
+	checkCorrectSort(c, []string{
+		"1",
+		"1/lxc/0",
+		"1/lxc/1",
+		"1/lxc/2",
+		"1/lxc/10",
+		"1/lxd/0",
+		"1/lxd/1",
+		"1/lxd/10",
+		"2",
+		"11",
+		"11/lxc/6",
+		"11/lxc/60",
+		"20",
+		"21",
+	})
+}
+
+func (s *naturalSortSuite) TestIPs(c *gc.C) {
+	checkCorrectSort(c, []string{
+		"1.1.10.122",
+		"001.001.010.123",
+		"001.002.010.123",
+		"100.001.010.123",
+		"100.1.10.124",
+		"100.2.10.124",
+	})
+}
+
+func checkCorrectSort(c *gc.C, expected []string) {
+	checkSort(c, expected, reverse)
+	for i := 0; i < 5; i++ {
+		checkSort(c, expected, shuffle)
+	}
+}
+
+func checkSort(c *gc.C, expected []string, xform func([]string)) {
+	input := copyStrSlice(expected)
+	xform(input)
+	origInput := copyStrSlice(input)
+	utils.SortStringsNaturally(input)
+	c.Check(input, gc.DeepEquals, expected, gc.Commentf("input was: %#v", origInput))
+}
+
+func copyStrSlice(in []string) []string {
+	out := make([]string, len(in))
+	copy(out, in)
+	return out
+}
+
+func shuffle(a []string) {
+	// See https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle#Modern_method
+	for i := len(a) - 1; i >= 1; i-- {
+		j := rand.Intn(i + 1)
+		a[i], a[j] = a[j], a[i]
+	}
+}
+
+func reverse(a []string) {
+	size := len(a)
+	for i := 0; i < size/2; i++ {
+		j := size - i - 1
+		a[i], a[j] = a[j], a[i]
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/packaging/config/functions_test.go juju-core-2.0~beta12/src/github.com/juju/utils/packaging/config/functions_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/packaging/config/functions_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/packaging/config/functions_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,9 +7,9 @@
 import (
 	"fmt"
 
+	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/packaging"
 	"github.com/juju/utils/packaging/config"
-	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 )
 
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/series/supportedseries.go juju-core-2.0~beta12/src/github.com/juju/utils/series/supportedseries.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/series/supportedseries.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/series/supportedseries.go	2016-07-18 19:45:44.000000000 +0000
@@ -271,22 +271,23 @@
 // the work to determine the latest lts series once.
 var latestLtsSeries string
 
-// LatestLts returns the LatestLtsSeries found in distro-info
+// LatestLts returns the Latest LTS Series found in distro-info
 func LatestLts() string {
-	seriesVersionsMutex.Lock()
-	defer seriesVersionsMutex.Unlock()
-	updateSeriesVersionsOnce()
-
 	if latestLtsSeries != "" {
 		return latestLtsSeries
 	}
 
+	seriesVersionsMutex.Lock()
+	defer seriesVersionsMutex.Unlock()
+	updateSeriesVersionsOnce()
+
 	var latest string
 	for k := range ubuntuLts {
 		if ubuntuSeries[k] > ubuntuSeries[latest] {
 			latest = k
 		}
 	}
+
 	latestLtsSeries = latest
 	return latest
 }
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/set/package_test.go juju-core-2.0~beta12/src/github.com/juju/utils/set/package_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/set/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/set/package_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,8 +6,8 @@
 import (
 	"testing"
 
-	"github.com/juju/names"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/utils/set"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/set/tags.go juju-core-2.0~beta12/src/github.com/juju/utils/set/tags.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/set/tags.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/set/tags.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,7 @@
 	"sort"
 
 	"github.com/juju/errors"
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 )
 
 // Tags represents the Set data structure, it implements tagSet
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/set/tags_test.go juju-core-2.0~beta12/src/github.com/juju/utils/set/tags_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/set/tags_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/set/tags_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,9 +4,9 @@
 package set_test
 
 import (
-	"github.com/juju/names"
 	"github.com/juju/testing"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/juju/names.v2"
 
 	"github.com/juju/utils/set"
 )
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/ssh/ssh.go juju-core-2.0~beta12/src/github.com/juju/utils/ssh/ssh.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/ssh/ssh.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/ssh/ssh.go	2016-07-18 19:45:44.000000000 +0000
@@ -18,6 +18,31 @@
 	je "github.com/juju/errors"
 )
 
+// StrictHostChecksOption defines the possible values taken by
+// Option.SetStrictHostKeyChecking().
+type StrictHostChecksOption int
+
+const (
+	// StrictHostChecksNo disables strict host key checking. This is
+	// the default.
+	StrictHostChecksNo StrictHostChecksOption = iota
+
+	// StrictHostChecksYes enabled strict host key checking
+	// enabled. Target hosts must appear in known_hosts file or
+	// connections will fail.
+	StrictHostChecksYes
+
+	// StrictHostChecksAsk will cause openssh to ask the user about
+	// hosts that don't appear in known_hosts file.
+	StrictHostChecksAsk
+
+	// StrictHostChecksUnset will prevent the addition of a
+	// StrictHostKeyChecking option to the openssh command line. The
+	// StrictHostKeyChecking setting from user's personal
+	// configuration will be used.
+	StrictHostChecksUnset
+)
+
 // Options is a client-implementation independent SSH options set.
 type Options struct {
 	// proxyCommand specifies the command to
@@ -36,9 +61,10 @@
 	// knownHostsFile is a path to a file in which to save the host's
 	// fingerprint.
 	knownHostsFile string
+
 	// strictHostKeyChecking sets that the host being connected to must
 	// exist in the known_hosts file, and with a matching public key.
-	strictHostKeyChecking bool
+	strictHostKeyChecking StrictHostChecksOption
 }
 
 // SetProxyCommand sets a command to execute to proxy traffic through.
@@ -68,9 +94,16 @@
 
 // EnableStrictHostKeyChecking requires that the host being connected
 // to must exist in the known_hosts file, and with a matching public
-// key.
+// key. See also SetStrictHostKeyChecking.
 func (o *Options) EnableStrictHostKeyChecking() {
-	o.strictHostKeyChecking = true
+	o.strictHostKeyChecking = StrictHostChecksYes
+}
+
+// SetStrictHostKeyChecking sets the desired host key checking
+// behaviour. It takes one of the StrictHostChecksOption constants.
+// See also EnableStrictHostKeyChecking.
+func (o *Options) SetStrictHostKeyChecking(value StrictHostChecksOption) {
+	o.strictHostKeyChecking = value
 }
 
 // AllowPasswordAuthentication allows the SSH
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/ssh/ssh_openssh.go juju-core-2.0~beta12/src/github.com/juju/utils/ssh/ssh_openssh.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/ssh/ssh_openssh.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/ssh/ssh_openssh.go	2016-07-18 19:45:44.000000000 +0000
@@ -68,10 +68,26 @@
 	}
 	var args []string
 
-	args = append(args, "-o", "StrictHostKeyChecking "+yesNo(options.strictHostKeyChecking))
+	var hostChecks string
+	switch options.strictHostKeyChecking {
+	case StrictHostChecksYes:
+		hostChecks = "yes"
+	case StrictHostChecksNo:
+		hostChecks = "no"
+	case StrictHostChecksAsk:
+		hostChecks = "ask"
+	default:
+		// StrictHostChecksUnset and invalid values are handled the
+		// same way (the option doesn't get included).
+	}
+	if hostChecks != "" {
+		args = append(args, "-o", "StrictHostKeyChecking "+hostChecks)
+	}
+
 	if len(options.proxyCommand) > 0 {
 		args = append(args, "-o", "ProxyCommand "+utils.CommandString(options.proxyCommand...))
 	}
+
 	if !options.passwordAuthAllowed {
 		args = append(args, "-o", "PasswordAuthentication no")
 	}
@@ -195,10 +211,3 @@
 	}
 	return c.Process.Kill()
 }
-
-func yesNo(v bool) string {
-	if v {
-		return "yes"
-	}
-	return "no"
-}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/ssh/ssh_test.go juju-core-2.0~beta12/src/github.com/juju/utils/ssh/ssh_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/ssh/ssh_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/ssh/ssh_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -131,6 +131,32 @@
 	)
 }
 
+func (s *SSHCommandSuite) TestSetStrictHostKeyChecking(c *gc.C) {
+	commandPattern := fmt.Sprintf("%s%%s -o PasswordAuthentication no -o ServerAliveInterval 30 localhost %s 123",
+		s.fakessh, echoCommand)
+
+	tests := []struct {
+		input    ssh.StrictHostChecksOption
+		expected string
+	}{
+		{ssh.StrictHostChecksNo, "no"},
+		{ssh.StrictHostChecksYes, "yes"},
+		{ssh.StrictHostChecksAsk, "ask"},
+		{ssh.StrictHostChecksUnset, ""},
+		{ssh.StrictHostChecksOption(999), ""},
+	}
+	for _, t := range tests {
+		var opts ssh.Options
+		opts.SetStrictHostKeyChecking(t.input)
+		expectedOpt := ""
+		if t.expected != "" {
+			expectedOpt = " -o StrictHostKeyChecking " + t.expected
+		}
+		s.assertCommandArgs(c, s.commandOptions([]string{echoCommand, "123"}, &opts),
+			fmt.Sprintf(commandPattern, expectedOpt))
+	}
+}
+
 func (s *SSHCommandSuite) TestCommandAllowPasswordAuthentication(c *gc.C) {
 	var opts ssh.Options
 	opts.AllowPasswordAuthentication()
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/tls_transport_go13.go juju-core-2.0~beta12/src/github.com/juju/utils/tls_transport_go13.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/tls_transport_go13.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/tls_transport_go13.go	2016-07-18 19:45:44.000000000 +0000
@@ -29,20 +29,23 @@
 }
 
 // knownGoodCipherSuites contains the list of secure cipher suites to use
-// with tls.Config.  This list currently differs from the list in crypto/tls by
-// excluding all RC4 implementations, due to known security vulnerabilities in
-// RC4 - CVE-2013-2566, CVE-2015-2808.  We also exclude ciphersuites which do
-// not provide forward secrecy.
+// with tls.Config. This list matches those that Go 1.6 implements from
+// https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations.
+//
+// https://tools.ietf.org/html/rfc7525#section-4.2 excludes RSA exchange completely
+// so we could be more strict if all our clients will support
+// TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256/384. Unfortunately Go's crypto library
+// is limited and doesn't support DHE-RSA-AES256-GCM-SHA384 and
+// DHE-RSA-AES256-SHA256, which are part of the recommended set.
+//
+// Unfortunately we can't drop the RSA algorithms because our servers aren't
+// generating ECDHE keys.
 var knownGoodCipherSuites = []uint16{
-	tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-	tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-	tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-	tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-	tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-	tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+	tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
 	tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+
 	tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-	tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+	tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
 }
 
 // SecureTLSConfig returns a tls.Config that conforms to Juju's security
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/yaml.go juju-core-2.0~beta12/src/github.com/juju/utils/yaml.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/yaml.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/yaml.go	2016-07-18 19:45:44.000000000 +0000
@@ -60,3 +60,48 @@
 	}
 	return yaml.Unmarshal(data, obj)
 }
+
+// ConformYAML ensures all keys of any nested maps are strings.  This is
+// necessary because YAML unmarshals map[interface{}]interface{} in nested
+// maps, which cannot be serialized by json or bson. Also, handle
+// []interface{}. cf. gopkg.in/juju/charm.v4/actions.go cleanse
+func ConformYAML(input interface{}) (interface{}, error) {
+	switch typedInput := input.(type) {
+
+	case map[string]interface{}:
+		newMap := make(map[string]interface{})
+		for key, value := range typedInput {
+			newValue, err := ConformYAML(value)
+			if err != nil {
+				return nil, err
+			}
+			newMap[key] = newValue
+		}
+		return newMap, nil
+
+	case map[interface{}]interface{}:
+		newMap := make(map[string]interface{})
+		for key, value := range typedInput {
+			typedKey, ok := key.(string)
+			if !ok {
+				return nil, errors.New("map keyed with non-string value")
+			}
+			newMap[typedKey] = value
+		}
+		return ConformYAML(newMap)
+
+	case []interface{}:
+		newSlice := make([]interface{}, len(typedInput))
+		for i, sliceValue := range typedInput {
+			newSliceValue, err := ConformYAML(sliceValue)
+			if err != nil {
+				return nil, errors.New("map keyed with non-string value")
+			}
+			newSlice[i] = newSliceValue
+		}
+		return newSlice, nil
+
+	default:
+		return input, nil
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/utils/yaml_test.go juju-core-2.0~beta12/src/github.com/juju/utils/yaml_test.go
--- juju-core-2.0~beta7/src/github.com/juju/utils/yaml_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/utils/yaml_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -8,6 +8,7 @@
 	"os"
 	"path/filepath"
 
+	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 )
 
@@ -83,3 +84,108 @@
 	err := WriteYaml(path, v)
 	c.Assert(err, gc.NotNil)
 }
+
+type ConformSuite struct{}
+
+var _ = gc.Suite(&ConformSuite{})
+
+func (s *ConformSuite) TestConformYAML(c *gc.C) {
+	var goodInterfaceTests = []struct {
+		description       string
+		inputInterface    interface{}
+		expectedInterface map[string]interface{}
+		expectedError     string
+	}{{
+		description: "An interface requiring no changes.",
+		inputInterface: map[string]interface{}{
+			"key1": "value1",
+			"key2": "value2",
+			"key3": map[string]interface{}{
+				"foo1": "val1",
+				"foo2": "val2"}},
+		expectedInterface: map[string]interface{}{
+			"key1": "value1",
+			"key2": "value2",
+			"key3": map[string]interface{}{
+				"foo1": "val1",
+				"foo2": "val2"}},
+	}, {
+		description: "Substitute a single inner map[i]i.",
+		inputInterface: map[string]interface{}{
+			"key1": "value1",
+			"key2": "value2",
+			"key3": map[interface{}]interface{}{
+				"foo1": "val1",
+				"foo2": "val2"}},
+		expectedInterface: map[string]interface{}{
+			"key1": "value1",
+			"key2": "value2",
+			"key3": map[string]interface{}{
+				"foo1": "val1",
+				"foo2": "val2"}},
+	}, {
+		description: "Substitute nested inner map[i]i.",
+		inputInterface: map[string]interface{}{
+			"key1a": "val1a",
+			"key2a": "val2a",
+			"key3a": map[interface{}]interface{}{
+				"key1b": "val1b",
+				"key2b": map[interface{}]interface{}{
+					"key1c": "val1c"}}},
+		expectedInterface: map[string]interface{}{
+			"key1a": "val1a",
+			"key2a": "val2a",
+			"key3a": map[string]interface{}{
+				"key1b": "val1b",
+				"key2b": map[string]interface{}{
+					"key1c": "val1c"}}},
+	}, {
+		description: "Substitute nested map[i]i within []i.",
+		inputInterface: map[string]interface{}{
+			"key1a": "val1a",
+			"key2a": []interface{}{5, "foo", map[string]interface{}{
+				"key1b": "val1b",
+				"key2b": map[interface{}]interface{}{
+					"key1c": "val1c"}}}},
+		expectedInterface: map[string]interface{}{
+			"key1a": "val1a",
+			"key2a": []interface{}{5, "foo", map[string]interface{}{
+				"key1b": "val1b",
+				"key2b": map[string]interface{}{
+					"key1c": "val1c"}}}},
+	}, {
+		description: "An inner map[interface{}]interface{} with an int key.",
+		inputInterface: map[string]interface{}{
+			"key1": "value1",
+			"key2": "value2",
+			"key3": map[interface{}]interface{}{
+				"foo1": "val1",
+				5:      "val2"}},
+		expectedError: "map keyed with non-string value",
+	}, {
+		description: "An inner []interface{} containing a map[i]i with an int key.",
+		inputInterface: map[string]interface{}{
+			"key1a": "val1b",
+			"key2a": "val2b",
+			"key3a": []interface{}{"foo1", 5, map[interface{}]interface{}{
+				"key1b": "val1b",
+				"key2b": map[interface{}]interface{}{
+					"key1c": "val1c",
+					5:       "val2c"}}}},
+		expectedError: "map keyed with non-string value",
+	}}
+
+	for i, test := range goodInterfaceTests {
+		c.Logf("test %d: %s", i, test.description)
+		input := test.inputInterface
+		cleansedInterfaceMap, err := ConformYAML(input)
+		if test.expectedError == "" {
+			if !c.Check(err, jc.ErrorIsNil) {
+				continue
+			}
+			c.Check(cleansedInterfaceMap, jc.DeepEquals, test.expectedInterface)
+		} else {
+			c.Check(err, gc.ErrorMatches, test.expectedError)
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/github.com/juju/version/version.go juju-core-2.0~beta12/src/github.com/juju/version/version.go
--- juju-core-2.0~beta7/src/github.com/juju/version/version.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/version/version.go	2016-07-18 19:45:44.000000000 +0000
@@ -100,8 +100,8 @@
 }
 
 var (
-	binaryPat = regexp.MustCompile(`^(\d{1,9})\.(\d{1,9})(\.|-(\w+))(\d{1,9})(\.\d{1,9})?-([^-]+)-([^-]+)$`)
-	numberPat = regexp.MustCompile(`^(\d{1,9})\.(\d{1,9})(\.|-(\w+))(\d{1,9})(\.\d{1,9})?$`)
+	binaryPat = regexp.MustCompile(`^(\d{1,9})\.(\d{1,9})(\.|-([a-z]+))(\d{1,9})(\.\d{1,9})?-([^-]+)-([^-]+)$`)
+	numberPat = regexp.MustCompile(`^(\d{1,9})\.(\d{1,9})(\.|-([a-z]+))(\d{1,9})(\.\d{1,9})?$`)
 )
 
 // MustParse parses a version and panics if it does
diff -Nru juju-core-2.0~beta7/src/github.com/juju/version/version_test.go juju-core-2.0~beta12/src/github.com/juju/version/version_test.go
--- juju-core-2.0~beta7/src/github.com/juju/version/version_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/juju/version/version_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -45,14 +45,10 @@
 		{"2.0.0.0", "2.0.0.0", 0},
 		{"2.0.0.1", "2.0.0.0", 1},
 		{"2.0.1.10", "2.0.0.0", 1},
-		{"2.0-_0", "2.0-00", 1},
-		{"2.0-_0", "2.0.0", -1},
-		{"2.0-_0", "2.0-alpha1.0", -1},
-		{"2.0-_0", "1.999.0", 1},
 	}
 
 	for i, test := range cmpTests {
-		c.Logf("test %d", i)
+		c.Logf("test %d: %q == %q", i, test.v1, test.v2)
 		v1, err := version.Parse(test.v1)
 		c.Assert(err, jc.ErrorIsNil)
 		v2, err := version.Parse(test.v2)
@@ -106,6 +102,9 @@
 	v:      "1.21-alpha1.1",
 	expect: version.Number{Major: 1, Minor: 21, Patch: 1, Tag: "alpha", Build: 1},
 }, {
+	v:      "1.21-alpha10",
+	expect: version.Number{Major: 1, Minor: 21, Patch: 10, Tag: "alpha"},
+}, {
 	v:      "1.21.0",
 	expect: version.Number{Major: 1, Minor: 21},
 }, {
@@ -126,11 +125,17 @@
 }, {
 	v:   "1.21-alpha-dev",
 	err: "invalid version.*",
+}, {
+	v:   "1.21-alpha_dev3",
+	err: "invalid version.*",
+}, {
+	v:   "1.21-alpha123dev3",
+	err: "invalid version.*",
 }}
 
 func (*suite) TestParse(c *gc.C) {
 	for i, test := range parseTests {
-		c.Logf("test %d", i)
+		c.Logf("test %d: %q", i, test.v)
 		got, err := version.Parse(test.v)
 		if test.err != "" {
 			c.Assert(err, gc.ErrorMatches, test.err)
@@ -188,7 +193,7 @@
 	}}
 
 	for i, test := range parseBinaryTests {
-		c.Logf("test 1: %d", i)
+		c.Logf("first test, %d: %q", i, test.v)
 		got, err := version.ParseBinary(test.v)
 		if test.err != "" {
 			c.Assert(err, gc.ErrorMatches, test.err)
@@ -199,7 +204,7 @@
 	}
 
 	for i, test := range parseTests {
-		c.Logf("test 2: %d", i)
+		c.Logf("second test, %d: %q", i, test.v)
 		v := test.v + "-trusty-amd64"
 		got, err := version.ParseBinary(v)
 		expect := version.Binary{
diff -Nru juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/LICENSE juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/LICENSE
--- juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/LICENSE	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,26 @@
+Copyright © 2014, Roger Peppe
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of this project nor the names of its contributors
+      may be used to endorse or promote products derived from this software
+      without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff -Nru juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/README.md juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/README.md
--- juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/README.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,50 @@
+# fastuuid
+--
+    import "github.com/rogpeppe/fastuuid"
+
+Package fastuuid provides fast UUID generation of 192 bit universally unique
+identifiers. It does not provide formatting or parsing of the identifiers (it is
+assumed that a simple hexadecimal or base64 representation is sufficient, for
+which adequate functionality exists elsewhere).
+
+Note that the generated UUIDs are not unguessable - each UUID generated from a
+Generator is adjacent to the previously generated UUID.
+
+It ignores RFC 4122.
+
+## Usage
+
+#### type Generator
+
+```go
+type Generator struct {
+}
+```
+
+Generator represents a UUID generator that generates UUIDs in sequence from a
+random starting point.
+
+#### func  MustNewGenerator
+
+```go
+func MustNewGenerator() *Generator
+```
+MustNewGenerator is like NewGenerator but panics on failure.
+
+#### func  NewGenerator
+
+```go
+func NewGenerator() (*Generator, error)
+```
+NewGenerator returns a new Generator. It can fail if the crypto/rand read fails.
+
+#### func (*Generator) Next
+
+```go
+func (g *Generator) Next() [24]byte
+```
+Next returns the next UUID from the generator. Only the first 8 bytes can differ
+from the previous UUID, so taking a slice of the first 16 bytes is sufficient to
+provide a somewhat less secure 128 bit UUID.
+
+It is OK to call this method concurrently.
diff -Nru juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/uuid.go juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/uuid.go
--- juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/uuid.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/uuid.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,66 @@
+// Package fastuuid provides fast UUID generation of 192 bit
+// universally unique identifiers. It does not provide
+// formatting or parsing of the identifiers (it is assumed
+// that a simple hexadecimal or base64 representation
+// is sufficient, for which adequate functionality exists elsewhere).
+//
+// Note that the generated UUIDs are not unguessable - each
+// UUID generated from a Generator is adjacent to the
+// previously generated UUID.
+//
+// It ignores RFC 4122.
+package fastuuid
+
+import (
+	"crypto/rand"
+	"encoding/binary"
+	"errors"
+	"sync/atomic"
+)
+
+// Generator represents a UUID generator that
+// generates UUIDs in sequence from a random starting
+// point.
+type Generator struct {
+	seed    [24]byte
+	counter uint64
+}
+
+// NewGenerator returns a new Generator.
+// It can fail if the crypto/rand read fails.
+func NewGenerator() (*Generator, error) {
+	var g Generator
+	_, err := rand.Read(g.seed[:])
+	if err != nil {
+		return nil, errors.New("cannot generate random seed: " + err.Error())
+	}
+	return &g, nil
+}
+
+// MustNewGenerator is like NewGenerator
+// but panics on failure.
+func MustNewGenerator() *Generator {
+	g, err := NewGenerator()
+	if err != nil {
+		panic(err)
+	}
+	return g
+}
+
+// Next returns the next UUID from the generator.
+// Only the first 8 bytes can differ from the previous
+// UUID, so taking a slice of the first 16 bytes
+// is sufficient to provide a somewhat less secure 128 bit UUID.
+//
+// It is OK to call this method concurrently.
+func (g *Generator) Next() [24]byte {
+	x := atomic.AddUint64(&g.counter, 1)
+	var counterBytes [8]byte
+	binary.LittleEndian.PutUint64(counterBytes[:], x)
+
+	uuid := g.seed
+	for i, b := range counterBytes {
+		uuid[i] ^= b
+	}
+	return uuid
+}
diff -Nru juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/uuid_test.go juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/uuid_test.go
--- juju-core-2.0~beta7/src/github.com/rogpeppe/fastuuid/uuid_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/github.com/rogpeppe/fastuuid/uuid_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,50 @@
+package fastuuid
+
+import (
+	"bytes"
+	"crypto/rand"
+	"testing"
+)
+
+func TestUUID(t *testing.T) {
+	var buf [24]byte
+	for i := range buf {
+		buf[i] = byte(i) + 1
+	}
+	oldReader := rand.Reader
+	rand.Reader = bytes.NewReader(buf[:])
+	g, err := NewGenerator()
+	rand.Reader = oldReader
+	if err != nil {
+		t.Fatalf("cannot make generator: %v", err)
+	}
+	uuid := g.Next()
+	buf[0] = 1 ^ 1
+	if uuid != buf {
+		t.Fatalf("unexpected UUID; got %x; want %x", uuid, buf)
+	}
+	uuid = g.Next()
+	buf[0] = 1 ^ 2
+	if uuid != buf {
+		t.Fatalf("unexpected next UUID; got %x; want %x", uuid, buf)
+	}
+}
+
+func TestUniqueness(t *testing.T) {
+	g := MustNewGenerator()
+	m := make(map[[24]byte]int)
+	for i := 0; i < 65537; i++ {
+		uuid := g.Next()
+		if old, ok := m[uuid]; ok {
+			t.Fatalf("non-unique uuid seq at %d, other %d", i, old)
+		}
+		m[uuid] = i
+	}
+}
+
+func BenchmarkNext(b *testing.B) {
+	g := MustNewGenerator()
+	for i := 0; i < b.N; i++ {
+		g.Next()
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/bundlepath_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/bundlepath_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/bundlepath_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/bundlepath_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charmrepo.v2-unstable"
 )
@@ -90,7 +90,7 @@
 func (s *bundlePathSuite) TestGetBundleLocalFile(c *gc.C) {
 	bundlePath := filepath.Join(c.MkDir(), "mybundle")
 	data := `
-services:
+applications:
   wordpress:
     charm: wordpress
     num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 // denied, an error with a cause satisfying IsAuthorizationError will be
 // returned. Note that these errors can also include errors returned by
 // httpbakery when it attempts to discharge macaroons.
-package csclient // import "gopkg.in/juju/charmrepo.v2-unstable/csclient"
+package csclient
 
 import (
 	"bytes"
@@ -28,7 +28,6 @@
 
 	"gopkg.in/errgo.v1"
 	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charm.v6-unstable/resource"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 	"gopkg.in/macaroon.v1"
 
@@ -218,10 +217,6 @@
 	if err := c.Get("/"+id.Path()+"/meta/resources", &result); err != nil {
 		return nil, errgo.NoteMask(err, "cannot get resource metadata from the charm store", isAPIError)
 	}
-	// Set all the Origin fields appropriately.
-	for i := range result {
-		result[i].Origin = resource.OriginStore.String()
-	}
 	return result, nil
 }
 
@@ -331,9 +326,13 @@
 }
 
 // ResourceMeta returns the metadata for the resource on charm id with the
-// given name and revision.
+// given name and revision. If the revision is negative, the latest version
+// of the resource will be returned.
 func (c *Client) ResourceMeta(id *charm.URL, name string, revision int) (params.Resource, error) {
-	path := fmt.Sprintf("/%s/meta/resources/%s/%d", id.Path(), name, revision)
+	path := fmt.Sprintf("/%s/meta/resources/%s", id.Path(), name)
+	if revision >= 0 {
+		path += fmt.Sprintf("/%d", revision)
+	}
 	var result params.Resource
 	if err := c.Get(path, &result); err != nil {
 		return result, errgo.NoteMask(err, fmt.Sprintf("cannot get %q", path), isAPIError)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_resources_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_resources_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_resources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_resources_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,156 +0,0 @@
-// Copyright 2016 Canonical Ltd.
-// Licensed under the LGPLv3, see LICENCE file for details.
-
-package csclient
-
-import (
-	"bytes"
-	"encoding/json"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"net/url"
-	"strings"
-
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/juju/charm.v6-unstable/resource"
-	"gopkg.in/macaroon-bakery.v1/httpbakery"
-	"gopkg.in/macaroon.v1"
-
-	"gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
-)
-
-type ResourceSuite struct{}
-
-var _ = gc.Suite(ResourceSuite{})
-
-func (ResourceSuite) TestUploadResource(c *gc.C) {
-	data := []byte("boo!")
-	reader := bytes.NewReader(data)
-
-	result := params.ResourceUploadResponse{Revision: 1}
-	b, err := json.Marshal(result)
-	c.Assert(err, jc.ErrorIsNil)
-
-	f := &fakeClient{
-		Stub: &testing.Stub{},
-		ReturnDoWithBody: &http.Response{
-			StatusCode:    200,
-			Body:          ioutil.NopCloser(bytes.NewReader(b)),
-			ContentLength: int64(len(b)),
-		},
-	}
-
-	client := Client{bclient: f}
-	id := charm.MustParseURL("cs:quantal/starsay")
-	rev, err := client.UploadResource(id, "resname", "data.zip", reader)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(rev, gc.Equals, 1)
-	f.CheckCallNames(c, "DoWithBody")
-	req := f.Calls()[0].Args[0].(*http.Request)
-	body := f.Calls()[0].Args[1].(io.ReadSeeker)
-
-	hash, size, err := readerHashAndSize(reader)
-	c.Assert(err, jc.ErrorIsNil)
-
-	c.Assert(req.URL.String(), gc.Equals, "/v5/quantal/starsay/resource/resname?hash="+hash+"&filename=data.zip")
-	c.Assert(req.ContentLength, gc.Equals, size)
-	c.Assert(body, gc.DeepEquals, reader)
-}
-
-func (ResourceSuite) TestGetResource(c *gc.C) {
-	data := []byte("boo!")
-	fp, err := resource.GenerateFingerprint(bytes.NewReader(data))
-	c.Assert(err, jc.ErrorIsNil)
-	body := ioutil.NopCloser(bytes.NewReader(data))
-
-	resp := &http.Response{
-		StatusCode: 200,
-		Body:       body,
-		Header: http.Header{
-			params.ContentHashHeader: []string{fp.String()},
-		},
-		ContentLength: int64(len(data)),
-	}
-
-	f := &fakeClient{
-		Stub:             &testing.Stub{},
-		ReturnDoWithBody: resp,
-	}
-
-	client := Client{bclient: f}
-	id := charm.MustParseURL("cs:quantal/starsay")
-	resdata, err := client.GetResource(id, "data", 1)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Check(resdata, gc.DeepEquals, ResourceData{
-		ReadCloser: body,
-		Hash:       fp.String(),
-		Size:       int64(len(data)),
-	})
-}
-
-func (ResourceSuite) TestResourceMeta(c *gc.C) {
-	data := "somedata"
-	fp, err := resource.GenerateFingerprint(strings.NewReader(data))
-	c.Assert(err, jc.ErrorIsNil)
-	result := params.Resource{
-		Name:        "data",
-		Type:        "file",
-		Origin:      "store",
-		Path:        "data.zip",
-		Description: "some zip file",
-		Revision:    1,
-		Fingerprint: fp.Bytes(),
-		Size:        int64(len(data)),
-	}
-
-	b, err := json.Marshal(result)
-	c.Assert(err, jc.ErrorIsNil)
-
-	f := &fakeClient{
-		Stub: &testing.Stub{},
-		ReturnDoWithBody: &http.Response{
-			StatusCode: 200,
-			Body:       ioutil.NopCloser(bytes.NewReader(b)),
-		},
-	}
-
-	client := Client{bclient: f}
-	id := charm.MustParseURL("cs:quantal/starsay")
-	resdata, err := client.ResourceMeta(id, "data", 1)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(resdata, gc.DeepEquals, result)
-}
-
-type InternalSuite struct{}
-
-var _ = gc.Suite(InternalSuite{})
-
-func (s InternalSuite) TestMacaroon(c *gc.C) {
-	var m macaroon.Macaroon
-	macs := macaroon.Slice{&m}
-	client := New(Params{
-		URL:  "https://foo.com",
-		Auth: macs,
-	})
-	u, err := url.Parse("https://foo.com")
-	c.Assert(err, jc.ErrorIsNil)
-	bc := client.bclient.(*httpbakery.Client)
-	cookies := bc.Jar.Cookies(u)
-	expected, err := httpbakery.NewCookie(macs)
-	c.Assert(err, jc.ErrorIsNil)
-	c.Assert(cookies, gc.DeepEquals, []*http.Cookie{expected})
-}
-
-type fakeClient struct {
-	*testing.Stub
-	ReturnDoWithBody *http.Response
-}
-
-func (f *fakeClient) DoWithBody(req *http.Request, r io.ReadSeeker) (*http.Response, error) {
-	f.AddCall("DoWithBody", req, r)
-	return f.ReturnDoWithBody, f.NextErr()
-}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/csclient_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -125,6 +125,35 @@
 	c.Assert(acquired, gc.Equals, true)
 }
 
+func (s *suite) TestNewWithAuth(c *gc.C) {
+	// First acquire the macaroon slice that we'll use for authorization.
+	var m macaroon.Macaroon
+	err := s.client.Get("/macaroon", &m)
+	c.Assert(err, gc.IsNil)
+	s.discharge = func(cond, arg string) ([]checkers.Caveat, error) {
+		return []checkers.Caveat{checkers.DeclaredCaveat("username", "bob")}, nil
+	}
+	ms, err := httpbakery.NewClient().DischargeAll(&m)
+	c.Assert(err, gc.IsNil)
+
+	client := csclient.New(csclient.Params{
+		URL:  s.srv.URL,
+		Auth: ms,
+	})
+
+	// Change the discharge function so that we refuse to discharge anything
+	// to make sure that we're actually using the creds above.
+	s.discharge = func(cond, arg string) ([]checkers.Caveat, error) {
+		return nil, errgo.Newf("no discharge")
+	}
+	err = client.UploadCharmWithRevision(
+		charm.MustParseURL("~bob/precise/wordpress-0"),
+		charmRepo.CharmDir("wordpress"),
+		42,
+	)
+	c.Assert(err, gc.IsNil)
+}
+
 func (s *suite) TestIsAuthorizationError(c *gc.C) {
 	bclient := httpbakery.NewClient()
 	client := csclient.New(csclient.Params{
@@ -1010,6 +1039,57 @@
 	}
 }
 
+func (s *suite) TestResourceMeta(c *gc.C) {
+	ch := charmtesting.NewCharmMeta(&charm.Meta{
+		Resources: map[string]resource.Meta{
+			"r1": {
+				Name:        "r1",
+				Path:        "foo.zip",
+				Description: "r1 description",
+			},
+		},
+	})
+	url := charm.MustParseURL("cs:~who/trusty/mysql")
+	url, err := s.client.UploadCharm(url, ch)
+	c.Assert(err, gc.IsNil)
+
+	r1content0 := "r1 content 0"
+	rev, err := s.client.UploadResource(url, "r1", "data.zip", strings.NewReader(r1content0))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(rev, gc.Equals, 0)
+
+	r1content1 := "r1 content 1"
+	rev, err = s.client.UploadResource(url, "r1", "data.zip", strings.NewReader(r1content1))
+	c.Assert(err, jc.ErrorIsNil)
+	c.Assert(rev, gc.Equals, 1)
+
+	// Try with a specified revision number.
+	r, err := s.client.ResourceMeta(url, "r1", 0)
+	c.Assert(err, gc.IsNil)
+	c.Assert(r, jc.DeepEquals, params.Resource{
+		Name:        "r1",
+		Type:        "file",
+		Path:        "foo.zip",
+		Description: "r1 description",
+		Revision:    0,
+		Fingerprint: resourceHash(r1content0),
+		Size:        int64(len(r1content0)),
+	})
+
+	// Try with a negative (latest revision) revision.
+	r, err = s.client.ResourceMeta(url, "r1", -1)
+	c.Assert(err, gc.IsNil)
+	c.Assert(r, jc.DeepEquals, params.Resource{
+		Name:        "r1",
+		Type:        "file",
+		Path:        "foo.zip",
+		Description: "r1 description",
+		Revision:    1,
+		Fingerprint: resourceHash(r1content1),
+		Size:        int64(len(r1content1)),
+	})
+}
+
 func badResponseClient(resp *http.Response, err error) *csclient.Client {
 	client := httpbakery.NewHTTPClient()
 	client.Transport = &cannedRoundTripper{
@@ -1620,7 +1700,6 @@
 		Name:        "r1",
 		Type:        "file",
 		Path:        "foo.zip",
-		Origin:      "store",
 		Description: "r1 description",
 		Revision:    0,
 		Fingerprint: resourceHash(r1content),
@@ -1629,7 +1708,6 @@
 		Name:        "r2",
 		Type:        "file",
 		Path:        "bar",
-		Origin:      "store",
 		Description: "r2 description",
 		Revision:    0,
 		Fingerprint: resourceHash(r2content),
@@ -1637,7 +1715,6 @@
 	}, {
 		Name:        "r3",
 		Type:        "file",
-		Origin:      "store",
 		Path:        "missing",
 		Description: "r3 description",
 		Revision:    -1,
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,6 @@
 		Type:        res.Type.String(),
 		Path:        res.Path,
 		Description: res.Description,
-		Origin:      res.Origin.String(),
 		Revision:    res.Revision,
 		Fingerprint: res.Fingerprint.Bytes(),
 		Size:        res.Size,
@@ -32,16 +31,13 @@
 		return res, errgo.Mask(err, errgo.Any)
 	}
 
-	origin, err := resource.ParseOrigin(apiInfo.Origin)
-	if err != nil {
-		return res, errgo.Mask(err, errgo.Any)
-	}
-
 	fp, err := deserializeFingerprint(apiInfo.Fingerprint)
 	if err != nil {
 		return res, errgo.Mask(err, errgo.Any)
 	}
 
+	// Charmstore doesn't set Origin, so we just default it to OriginStore.
+
 	res = resource.Resource{
 		Meta: resource.Meta{
 			Name:        apiInfo.Name,
@@ -49,7 +45,7 @@
 			Path:        apiInfo.Path,
 			Description: apiInfo.Description,
 		},
-		Origin:      origin,
+		Origin:      resource.OriginStore,
 		Revision:    apiInfo.Revision,
 		Fingerprint: fp,
 		Size:        apiInfo.Size,
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/helpers_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -44,7 +44,6 @@
 		Type:        "file",
 		Path:        "spam.tgz",
 		Description: "you need it",
-		Origin:      "upload",
 		Revision:    0,
 		Fingerprint: []byte(fingerprint),
 		Size:        10,
@@ -57,7 +56,6 @@
 		Type:        "file",
 		Path:        "spam.tgz",
 		Description: "you need it",
-		Origin:      "upload",
 		Revision:    0,
 		Fingerprint: []byte(fingerprint),
 		Size:        10,
@@ -73,7 +71,7 @@
 			Path:        "spam.tgz",
 			Description: "you need it",
 		},
-		Origin:      resource.OriginUpload,
+		Origin:      resource.OriginStore,
 		Revision:    0,
 		Fingerprint: fp,
 		Size:        10,
@@ -86,10 +84,9 @@
 
 func (HelpersSuite) TestAPI2ResourceBasic(c *gc.C) {
 	res, err := params.API2Resource(params.Resource{
-		Name:   "spam",
-		Type:   "file",
-		Path:   "spam.tgz",
-		Origin: "upload",
+		Name: "spam",
+		Type: "file",
+		Path: "spam.tgz",
 	})
 	c.Assert(err, jc.ErrorIsNil)
 
@@ -100,7 +97,7 @@
 			Path:        "spam.tgz",
 			Description: "",
 		},
-		Origin:      resource.OriginUpload,
+		Origin:      resource.OriginStore,
 		Revision:    0,
 		Fingerprint: resource.Fingerprint{},
 		Size:        0,
@@ -118,7 +115,6 @@
 		Path:        "spam.tgz",
 		Fingerprint: []byte(fingerprint),
 		Size:        20,
-		Origin:      "store",
 		Revision:    -1,
 	})
 
@@ -130,7 +126,6 @@
 		Name:        "spam",
 		Type:        "<bogus>",
 		Path:        "spam.tgz",
-		Origin:      "upload",
 		Revision:    0,
 		Fingerprint: []byte(fingerprint),
 		Size:        10,
@@ -139,26 +134,11 @@
 	c.Check(err, gc.ErrorMatches, `unsupported resource type "<bogus>"`)
 }
 
-func (HelpersSuite) TestAPI2ResourceBadOrigin(c *gc.C) {
-	_, err := params.API2Resource(params.Resource{
-		Name:        "spam",
-		Type:        "file",
-		Path:        "spam.tgz",
-		Origin:      "<bogus>",
-		Revision:    0,
-		Fingerprint: []byte(fingerprint),
-		Size:        10,
-	})
-
-	c.Check(err, gc.ErrorMatches, `unknown origin "<bogus>"`)
-}
-
 func (HelpersSuite) TestAPI2ResourceBadFingerprint(c *gc.C) {
 	_, err := params.API2Resource(params.Resource{
 		Name:        "spam",
 		Type:        "file",
 		Path:        "spam.tgz",
-		Origin:      "upload",
 		Revision:    0,
 		Fingerprint: []byte(fingerprint + "1"),
 		Size:        10,
@@ -172,7 +152,6 @@
 		Name:        "spam",
 		Type:        "file",
 		Path:        "spam.tgz",
-		Origin:      "upload",
 		Revision:    0,
 		Fingerprint: nil,
 		Size:        0,
@@ -185,7 +164,7 @@
 			Type: resource.TypeFile,
 			Path: "spam.tgz",
 		},
-		Origin:      resource.OriginUpload,
+		Origin:      resource.OriginStore,
 		Revision:    0,
 		Fingerprint: resource.Fingerprint{},
 		Size:        0,
@@ -201,7 +180,6 @@
 		Name:        "spam",
 		Type:        "file",
 		Path:        "spam.tgz",
-		Origin:      "upload",
 		Revision:    0,
 		Fingerprint: nil,
 		Size:        10,
@@ -215,7 +193,6 @@
 		Name:        "",
 		Type:        "file",
 		Path:        "spam.tgz",
-		Origin:      "upload",
 		Revision:    0,
 		Fingerprint: []byte(fingerprint),
 		Size:        10,
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/params.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/params.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/params.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/csclient/params/params.go	2016-07-18 19:45:44.000000000 +0000
@@ -246,6 +246,12 @@
 	Promulgated bool
 }
 
+// CanIngestResponse holds the result of an id/meta/can-ingest GET request.
+// See https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetacan-ingest
+type CanIngestResponse struct {
+	CanIngest bool
+}
+
 // PromulgateRequest holds the request of an id/promulgate PUT request.
 // See https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idpromulgate
 type PromulgateRequest struct {
@@ -312,10 +318,6 @@
 	// Description contains user-facing info about the resource.
 	Description string `json:",omitempty"`
 
-	// Origin is where the resource has come from.
-	// This is not set in the charmstore response.
-	Origin string `json: ",omitempty"`
-
 	// Revision is the revision, if applicable.
 	Revision int
 
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/dependencies.tsv juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/dependencies.tsv
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -6,30 +6,30 @@
 github.com/juju/gojsonschema	git	e1ad140384f254c82f89450d9a7c8dd38a632838	2015-03-12T17:00:16Z
 github.com/juju/httpprof	git	14bf14c307672fd2456bdbf35d19cf0ccd3cf565	2014-12-17T16:00:36Z
 github.com/juju/httprequest	git	89d547093c45e293599088cc63e805c6f1205dc0	2016-03-02T10:09:58Z
-github.com/juju/idmclient	git	812a86ff450af958df6665839d93590f27961b08	2016-03-16T15:15:55Z
+github.com/juju/idmclient	git	14c934ce857201e0338594a8936aecf976dd8526	2016-05-26T04:18:31Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
 github.com/juju/mempool	git	24974d6c264fe5a29716e7d56ea24c4bd904b7cc	2016-02-05T10:49:27Z
-github.com/juju/names	git	8a0aa0963bbacdc790914892e9ff942e94d6f795	2016-03-30T15:05:33Z
 github.com/juju/schema	git	1e25943f8c6fd6815282d6f1ac87091d21e14e19	2016-03-01T11:16:46Z
 github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
 github.com/juju/txn	git	99ec629d0066a4d73c54d8e021a7fc1dc07df614	2015-06-09T16:58:27Z
-github.com/juju/utils	git	eb6cb958762135bb61aed1e0951f657c674d427f	2016-04-11T02:40:59Z
+github.com/juju/utils	git	ffea6ead0c374583e876c8357c9db6e98bc71476	2016-05-26T02:52:51Z
 github.com/juju/version	git	ef897ad7f130870348ce306f61332f5335355063	2015-11-27T20:34:00Z
 github.com/juju/webbrowser	git	54b8c57083b4afb7dc75da7f13e2967b2606a507	2016-03-09T14:36:29Z
 github.com/juju/xml	git	eb759a627588d35166bc505fceb51b88500e291e	2015-04-13T13:11:21Z
 github.com/juju/zip	git	f6b1e93fa2e29a1d7d49b566b2b51efb060c982a	2016-02-05T10:52:21Z
 github.com/julienschmidt/httprouter	git	77a895ad01ebc98a4dc95d8355bc825ce80a56f6	2015-10-13T22:55:20Z
+github.com/rogpeppe/fastuuid	git	6724a57986aff9bff1a1770e9347036def7c89f6	2015-01-06T09:32:20Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
 golang.org/x/net	git	ea47fc708ee3e20177f3ca3716217c4ab75942cb	2015-08-29T23:03:18Z
 gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
 gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
-gopkg.in/juju/charm.v6-unstable	git	728a5ea3ff1c1ae8b4c3ac4779c0027f693d1ca5	2016-04-08T11:12:17Z
-gopkg.in/juju/charmstore.v5-unstable	git	745fa1ca2260cdc9dd5a6df6282da51776baa59f	2016-04-12T11:34:55Z
-gopkg.in/juju/jujusvg.v1	git	a60359df348ef2ca40ec3bcd58a01de54f05658e	2016-02-11T10:02:50Z
-gopkg.in/macaroon-bakery.v1	git	fddb3dcd74806133259879d033fdfe92f9e67a8a	2016-04-01T12:14:21Z
+gopkg.in/juju/charm.v6-unstable	git	503191ddf2590b15db9669c424660ed612d0a30a	2016-05-27T01:46:20Z
+gopkg.in/juju/charmstore.v5-unstable	git	2cb9f80553dddaae8c5e2161ea45f4be5d9afc00	2016-05-27T11:46:22Z
+gopkg.in/juju/jujusvg.v1	git	cc128825adce31ea13020d24e7b3302bac86a8c3	2016-05-30T22:53:36Z
+gopkg.in/juju/names.v2	git	e38bc90539f22af61a9c656d35068bd5f0a5b30a	2016-05-25T23:07:23Z
+gopkg.in/macaroon-bakery.v1	git	b097c9d99b2537efaf54492e08f7e148f956ba51	2016-05-24T09:38:11Z
 gopkg.in/macaroon.v1	git	ab3940c6c16510a850e1c2dd628b919f0f3f1464	2015-01-21T11:42:31Z
 gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
 gopkg.in/natefinch/lumberjack.v2	git	514cbda263a734ae8caac038dadf05f8f3f9f738	2016-01-25T11:17:49Z
-gopkg.in/yaml.v1	git	9f9df34309c04878acc86042b16630b0f696e1de	2014-09-24T16:16:07Z
 gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
 launchpad.net/tomb	bzr	gustavo@niemeyer.net-20140529072043-hzcrlnl3ygvg914q	18
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,6 +1,6 @@
 # This bundle has a bad relation, which will cause it to fail
 # its verification.
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 series: precise
-services:
+applications:
   mysql:
     charm: cs:precise/mysql
     constraints: mem=1G
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/local_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/local_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/local_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/local_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -104,6 +104,7 @@
 .* WARNING juju.charm.charmrepo failed to load charm at ".*/quantal/blah": .*
 .* WARNING juju.charm.charmrepo failed to load charm at ".*/quantal/blah.charm": .*
 .* WARNING juju.charm.charmrepo failed to load charm at ".*/quantal/upgrade2": .*
+.* line 1: cannot unmarshal.*
 `[1:])
 }
 
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate.go	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-package migratebundle // import "gopkg.in/juju/charmrepo.v2-unstable/migratebundle"
+package migratebundle
 
 import (
 	"fmt"
@@ -6,7 +6,7 @@
 
 	"gopkg.in/errgo.v1"
 	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 )
 
 // legacyBundle represents an old-style bundle.
@@ -60,6 +60,8 @@
 // - A relation clause with multiple targets is expanded
 // into multiple relation clauses.
 //
+// - "services" section is renamed to "applications"
+//
 // The isSubordinate argument is used to find out whether a charm is a subordinate.
 func Migrate(bundlesYAML []byte, isSubordinate func(id *charm.URL) (bool, error)) (map[string]*charm.BundleData, error) {
 	var bundles map[string]*legacyBundle
@@ -84,10 +86,10 @@
 
 func migrate(b *legacyBundle, isSubordinate func(id *charm.URL) (bool, error)) (*charm.BundleData, error) {
 	data := &charm.BundleData{
-		Services: make(map[string]*charm.ServiceSpec),
-		Series:   b.Series,
-		Machines: make(map[string]*charm.MachineSpec),
-		Tags:     b.Tags,
+		Applications: make(map[string]*charm.ApplicationSpec),
+		Series:       b.Series,
+		Machines:     make(map[string]*charm.MachineSpec),
+		Tags:         b.Tags,
 	}
 	for name, svc := range b.Services {
 		if svc == nil {
@@ -113,7 +115,7 @@
 				numUnits = 1
 			}
 		}
-		newSvc := &charm.ServiceSpec{
+		newApplication := &charm.ApplicationSpec{
 			Charm:       charmId,
 			NumUnits:    numUnits,
 			Expose:      svc.Expose,
@@ -138,9 +140,9 @@
 					data.Machines[place.Machine] = new(charm.MachineSpec)
 				}
 			}
-			newSvc.To = to
+			newApplication.To = to
 		}
-		data.Services[name] = newSvc
+		data.Applications[name] = newApplication
 	}
 	var err error
 	data.Relations, err = expandRelations(b.Relations)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/migratebundle/migrate_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -16,7 +16,7 @@
 	gc "gopkg.in/check.v1"
 	"gopkg.in/errgo.v1"
 	"gopkg.in/juju/charm.v6-unstable"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charmrepo.v2-unstable"
 )
@@ -119,7 +119,7 @@
 		"wordpress-simple": {
 			Series: "precise",
 			Tags:   []string{"foo", "bar"},
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm:    "cs:precise/wordpress-20",
 					NumUnits: 1,
@@ -165,7 +165,7 @@
 		|`,
 	expect: map[string]*charm.BundleData{
 		"wordpress-simple": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm:    "cs:precise/wordpress-20",
 					NumUnits: 1,
@@ -186,7 +186,7 @@
 	},
 	expect: map[string]*charm.BundleData{
 		"wordpress-simple": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm: "cs:precise/wordpress-20",
 				},
@@ -202,7 +202,7 @@
 		|`,
 	expect: map[string]*charm.BundleData{
 		"wordpress-simple": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm:    "wordpress",
 					NumUnits: 1,
@@ -232,7 +232,7 @@
 		|`,
 	expect: map[string]*charm.BundleData{
 		"wordpress": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress1": {
 					Charm:    "wordpress1",
 					NumUnits: 1,
@@ -273,7 +273,7 @@
 		|`,
 	expect: map[string]*charm.BundleData{
 		"wordpress": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm:    "wordpress",
 					To:       []string{"kvm:0"},
@@ -320,7 +320,7 @@
 	},
 	expect: map[string]*charm.BundleData{
 		"wordpress": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm:  "precise/wordpress",
 					Expose: true,
@@ -336,7 +336,7 @@
 			},
 		},
 		"base": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"logging": {
 					Charm: "precise/logging",
 				},
@@ -376,7 +376,7 @@
 	},
 	expect: map[string]*charm.BundleData{
 		"wordpress": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm:    "precise/wordpress",
 					NumUnits: 1,
@@ -415,7 +415,7 @@
 	`,
 	expect: map[string]*charm.BundleData{
 		"top": {
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm:    "cs:precise/wordpress",
 					NumUnits: 3,
@@ -495,7 +495,7 @@
 func checkBundleData(c *gc.C, bd *charm.BundleData) bool {
 	charms := make(map[string]charm.Charm)
 	ok := true
-	for _, svc := range bd.Services {
+	for _, svc := range bd.Applications {
 		id, err := charm.ParseURL(svc.Charm)
 		if err != nil {
 			ok = false
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,9 @@
 
 	"github.com/juju/testing/filetesting"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/errgo.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charm.v6-unstable/resource"
 	"gopkg.in/yaml.v2"
 )
 
@@ -276,3 +278,90 @@
 		}
 	}
 }
+
+// MetaWithSupportedSeries returns m with Series
+// set to series. If m is nil, new(charm.Meta)
+// will be used instead.
+func MetaWithSupportedSeries(m *charm.Meta, series ...string) *charm.Meta {
+	if m == nil {
+		m = new(charm.Meta)
+	}
+	m.Series = series
+	return m
+}
+
+// MetaWithRelations returns m with Provides and Requires set
+// to the given relations, where each relation
+// is specified as a white-space-separated
+// triple:
+//	role name interface
+// where role specifies the role of the interface
+// ("provides" or "requires"), name holds the relation
+// name and interface holds the interface relation type.
+//
+// If m is nil, new(charm.Meta) will be used instead.
+func MetaWithRelations(m *charm.Meta, relations ...string) *charm.Meta {
+	if m == nil {
+		m = new(charm.Meta)
+	}
+	provides := make(map[string]charm.Relation)
+	requires := make(map[string]charm.Relation)
+	for _, rel := range relations {
+		r, err := parseRelation(rel)
+		if err != nil {
+			panic(fmt.Errorf("bad relation %q", err))
+		}
+		if r.Role == charm.RoleProvider {
+			provides[r.Name] = r
+		} else {
+			requires[r.Name] = r
+		}
+	}
+	m.Provides = provides
+	m.Requires = requires
+	return m
+}
+
+func parseRelation(s string) (charm.Relation, error) {
+	fields := strings.Fields(s)
+	if len(fields) != 3 {
+		return charm.Relation{}, errgo.Newf("wrong field count")
+	}
+	r := charm.Relation{
+		Scope:     charm.ScopeGlobal,
+		Name:      fields[1],
+		Interface: fields[2],
+	}
+	switch fields[0] {
+	case "provides":
+		r.Role = charm.RoleProvider
+	case "requires":
+		r.Role = charm.RoleRequirer
+	default:
+		return charm.Relation{}, errgo.Newf("unknown role")
+	}
+	return r, nil
+}
+
+// MetaWithResources returns m with Resources set to a set of resources
+// with the given names. If m is nil, new(charm.Meta) will be used
+// instead.
+//
+// The path and description of the resources are derived from
+// the resource name by adding a "-file" and a " description"
+// suffix respectively.
+func MetaWithResources(m *charm.Meta, resources ...string) *charm.Meta {
+	if m == nil {
+		m = new(charm.Meta)
+	}
+	m.Resources = make(map[string]resource.Meta)
+	for _, name := range resources {
+		m.Resources[name] = resource.Meta{
+			Name:        name,
+			Type:        resource.TypeFile,
+			Path:        name + "-file",
+			Description: name + " description",
+		}
+	}
+	return m
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmrepo.v2-unstable/testing/testcharm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,6 +5,7 @@
 	"github.com/juju/testing/filetesting"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
+	"gopkg.in/juju/charm.v6-unstable/resource"
 
 	"gopkg.in/juju/charmrepo.v2-unstable/testing"
 )
@@ -180,3 +181,70 @@
 
 	}
 }
+
+func (*testCharmSuite) TestMetaWithRelations(c *gc.C) {
+	m := testing.MetaWithRelations(
+		nil,
+		"provides foo aninterface",
+		"provides bar another",
+		"requires blah more",
+		"requires a b",
+		"provides c d",
+	)
+	c.Assert(m, jc.DeepEquals, &charm.Meta{
+		Provides: map[string]charm.Relation{
+			"foo": {
+				Name:      "foo",
+				Scope:     charm.ScopeGlobal,
+				Interface: "aninterface",
+				Role:      charm.RoleProvider,
+			},
+			"bar": {
+				Name:      "bar",
+				Scope:     charm.ScopeGlobal,
+				Interface: "another",
+				Role:      charm.RoleProvider,
+			},
+			"c": {
+				Name:      "c",
+				Scope:     charm.ScopeGlobal,
+				Interface: "d",
+				Role:      charm.RoleProvider,
+			},
+		},
+		Requires: map[string]charm.Relation{
+			"blah": {
+				Name:      "blah",
+				Scope:     charm.ScopeGlobal,
+				Interface: "more",
+				Role:      charm.RoleRequirer,
+			},
+			"a": {
+				Name:      "a",
+				Scope:     charm.ScopeGlobal,
+				Interface: "b",
+				Role:      charm.RoleRequirer,
+			},
+		},
+	})
+}
+
+func (*testCharmSuite) TestMetaWithResources(c *gc.C) {
+	m := testing.MetaWithResources(nil, "one", "two")
+	c.Assert(m, jc.DeepEquals, &charm.Meta{
+		Resources: map[string]resource.Meta{
+			"one": {
+				Name:        "one",
+				Type:        resource.TypeFile,
+				Path:        "one-file",
+				Description: "one description",
+			},
+			"two": {
+				Name:        "two",
+				Type:        resource.TypeFile,
+				Path:        "two-file",
+				Description: "two description",
+			},
+		},
+	})
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/cmd/charmd/config.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/cmd/charmd/config.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/cmd/charmd/config.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/cmd/charmd/config.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -6,11 +6,10 @@
 #elasticsearch-addr: localhost:9200
 # For locally running services.
 #identity-public-key: CIdWcEUN+0OZnKW9KwruRQnQDY/qqzVdD30CijwiWCk=
-#identity-location: http://localhost:8081/v1/discharger
 #identity-api-url: http://localhost:8081
 # For production identity manager.
 identity-public-key: hmHaPgCC1UfuhYHUSX5+aihSAZesqpVdjRv0mgfIwjo=
-identity-location: https://api.jujucharms.com/identity/v1/discharger
+identity-api-url: https://api.jujucharms.com/identity
 # Agent credentials.
 #agent-username: charmstore@admin@idm
 #agent-key:
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/dependencies.tsv juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/dependencies.tsv
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -5,15 +5,15 @@
 github.com/juju/gojsonreference	git	f0d24ac5ee330baa21721cdff56d45e4ee42628e	2015-02-04T19:46:33Z
 github.com/juju/gojsonschema	git	e1ad140384f254c82f89450d9a7c8dd38a632838	2015-03-12T17:00:16Z
 github.com/juju/httpprof	git	14bf14c307672fd2456bdbf35d19cf0ccd3cf565	2014-12-17T16:00:36Z
-github.com/juju/httprequest	git	89d547093c45e293599088cc63e805c6f1205dc0	2016-03-02T10:09:58Z
-github.com/juju/idmclient	git	812a86ff450af958df6665839d93590f27961b08	2016-03-16T15:15:55Z
+github.com/juju/httprequest	git	3d72385a5c19cf70e983c8cb888769a2d9efe2ea	2016-04-20T11:37:53Z
+github.com/juju/idmclient	git	24249a7beddb83931417a6a761c29b1234c9cbac	2016-04-25T12:21:04Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
 github.com/juju/mempool	git	24974d6c264fe5a29716e7d56ea24c4bd904b7cc	2016-02-05T10:49:27Z
 github.com/juju/names	git	8a0aa0963bbacdc790914892e9ff942e94d6f795	2016-03-30T15:05:33Z
 github.com/juju/schema	git	1e25943f8c6fd6815282d6f1ac87091d21e14e19	2016-03-01T11:16:46Z
 github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
 github.com/juju/txn	git	99ec629d0066a4d73c54d8e021a7fc1dc07df614	2015-06-09T16:58:27Z
-github.com/juju/utils	git	55eebc909a9f5e1c0f595d3a52d4a050e40f71dc	2016-03-30T11:42:50Z
+github.com/juju/utils	git	53080499b3c86a913a57a3a8e2b31cfbb6fe5b1d	2016-04-26T09:38:41Z
 github.com/juju/version	git	ef897ad7f130870348ce306f61332f5335355063	2015-11-27T20:34:00Z
 github.com/juju/webbrowser	git	54b8c57083b4afb7dc75da7f13e2967b2606a507	2016-03-09T14:36:29Z
 github.com/juju/xml	git	eb759a627588d35166bc505fceb51b88500e291e	2015-04-13T13:11:21Z
@@ -24,9 +24,9 @@
 gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
 gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
 gopkg.in/juju/charm.v6-unstable	git	728a5ea3ff1c1ae8b4c3ac4779c0027f693d1ca5	2016-04-08T11:12:17Z
-gopkg.in/juju/charmrepo.v2-unstable	git	64555d419cf90c85525313e98102158c5e8074f4	2016-04-08T12:19:14Z
+gopkg.in/juju/charmrepo.v2-unstable	git	b1af69d31ef0112656f79a74a1f29381af1cc109	2016-04-19T12:03:30Z
 gopkg.in/juju/jujusvg.v1	git	a60359df348ef2ca40ec3bcd58a01de54f05658e	2016-02-11T10:02:50Z
-gopkg.in/macaroon-bakery.v1	git	6bce7a1e7399542cbafe16cbbb1dfe4591fcafe7	2016-03-16T08:34:47Z
+gopkg.in/macaroon-bakery.v1	git	2e7eb1fbcaaeddad5253ce652a57112adc7aa7db	2016-04-25T10:14:06Z
 gopkg.in/macaroon.v1	git	ab3940c6c16510a850e1c2dd628b919f0f3f1464	2015-01-21T11:42:31Z
 gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
 gopkg.in/natefinch/lumberjack.v2	git	514cbda263a734ae8caac038dadf05f8f3f9f738	2016-01-25T11:17:49Z
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/docs/API.md juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/docs/API.md
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/docs/API.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/docs/API.md	2016-07-18 19:45:44.000000000 +0000
@@ -281,7 +281,7 @@
 
 ```go
 type PromulgateRequest struct {
-	Promulgate bool
+	Promulgated bool
 }
 ```
 
@@ -826,7 +826,7 @@
 
 ```go
 type BundleData struct {
-        Services map[string] ServiceSpec
+        Applications map[string] ApplicationSpec
         Machines map[string] MachineSpec `json:",omitempty"`
         Series string                    `json:",omitempty"`
         Relations [][]string             `json:",omitempty"`
@@ -837,13 +837,13 @@
         Annotations map[string]string    `json:",omitempty"`
 }
 
-type ServiceSpec struct {
+type ApplicationSpec struct {
         Charm string
         NumUnits int
         To []string                      `json:",omitempty"`
 
         // Options holds the configuration values
-        // to apply to the new service. They should
+        // to apply to the new application. They should
         // be compatible with the charm configuration.
         Options map[string]interface{}   `json:",omitempty"`
         Annotations map[string]string    `json:",omitempty"`
@@ -855,7 +855,7 @@
 
 ```json
 {
-    "Services": {
+    "Applications": {
         "mediawiki": {
             "Charm": "cs:precise/mediawiki-10",
             "NumUnits": 1,
@@ -1444,6 +1444,26 @@
 }
 ```
 
+#### GET *id*/meta/can-ingest
+
+The `can-ingest` path reports whether the entity with the given ID is
+eligible for ingestion. When an entity is manually uploaded (via the /archive
+endpoint with the POST method), it becomes ineligible for ingestion.
+
+```go
+type CanIngestResponse struct {
+	CanIngest bool
+}
+```
+
+Example: `GET trusty/wordpress-42/meta/can-ingest`
+
+```json
+{
+	"CanIngest": false
+}
+```
+
 #### GET *id*/meta/stats
 
 <pre>
@@ -1787,6 +1807,13 @@
 []Resource
 ```
 
+#### GET *id*/meta/resources/*name*[/*revision*]
+
+This endpoint retrieves information on the resource with the given *name*
+associated with the charm *id* as a resource object (see above).
+
+If *revision* is omitted, information on the latest revision of the resource is returned.
+
 ### Resources
 
 #### POST *id*/resource/*name*?hash=*sha384*[&filename=*path*]
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/docs/bundles.md juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/docs/bundles.md
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/docs/bundles.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/docs/bundles.md	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
 ## Version 4 bundles
 
 Version 4 bundles are identical to version 3 bundles except for a few key
-differences: the `branch` attribute of the service spec is no longer supported,
+differences: the `branch` attribute of the application spec is no longer supported,
 they may contain a machine specification, and their deployment directives are
 different from version 3 bundles.
 
@@ -53,7 +53,7 @@
 
 ### Deployment directives
 
-Version 4 deployment directives (the `to` attribute on the service spec) is a
+Version 4 deployment directives (the `to` attribute on the application spec) is a
 YAML list of items following the format:
 
     (<containertype>:)?(<unit>|<machine>|new)
@@ -64,13 +64,13 @@
 unintended behavior.
 
 The second part (after the colon) specifies where the new unit should be placed;
-it may refer to a unit of another service specified in the bundle, a machine
+it may refer to a unit of another application specified in the bundle, a machine
 id specified in the machines section, or the special name "new" which specifies
 a newly created machine.
 
-A unit placement may be specified with a service name only, in which case its
+A unit placement may be specified with a application name only, in which case its
 unit number is assumed to be one more than the unit number of the previous unit
-in the list with the same service, or zero if there were none.
+in the list with the same application, or zero if there were none.
 
 If there are less elements in To than NumUnits, the last element is replicated
 to fill it. If there are no elements (or To is omitted), "new" is replicated.
@@ -80,7 +80,7 @@
     wordpress/0 wordpress/1 lxc:0 kvm:new
 
 specifies that the first two units get hulk-smashed onto the first two units of
-the wordpress service, the third unit gets allocated onto an lxc container on
+the wordpress application, the third unit gets allocated onto an lxc container on
 machine 0, and subsequent units get allocated on kvm containers on new machines.
 
 The above example is the same as this:
@@ -89,10 +89,10 @@
 
 Version 3 placement directives take the format:
 
-    ((<containertype>:)?<service>(=<unitnumber>)?|0)
+    ((<containertype>:)?<application>(=<unitnumber>)?|0)
 
 meaning that a machine cannot be specified beyond colocating (either through a
-container or hulk-smash) along with a specified unit of another service.
+container or hulk-smash) along with a specified unit of another application.
 Version 3 placement directives may be either a string of a single directive or a
 YAML list of directives in the above format.  The only machine that may be
 specified is machine 0, allowing colocation on the bootstrap node.
@@ -128,7 +128,7 @@
 
 ```yaml
 series: precise
-services:
+applications:
   # Automatically place
   nova-compute:
     charm: cs:precise/nova-compute
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/elasticsearch/elasticsearch.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/elasticsearch/elasticsearch.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/elasticsearch/elasticsearch.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/elasticsearch/elasticsearch.go	2016-07-18 19:45:44.000000000 +0000
@@ -337,14 +337,14 @@
 // marshaled as a json object and sent with the request. If v is non nil the response
 // body will be unmarshalled into the value it points to.
 func (db *Database) do(method, url string, body, v interface{}) error {
-	log.Debugf(">>> %s %s", method, url)
+	log.Tracef(">>> %s %s", method, url)
 	var r io.Reader
 	if body != nil {
 		b, err := json.Marshal(body)
 		if err != nil {
 			return errgo.Notef(err, "can not marshaling body")
 		}
-		log.Debugf(">>> %s", b)
+		log.Tracef(">>> %s", b)
 		r = bytes.NewReader(b)
 	}
 	req, err := http.NewRequest(method, url, r)
@@ -366,8 +366,8 @@
 		log.Debugf("*** %s", err)
 		return errgo.Notef(err, "cannot read response")
 	}
-	log.Debugf("<<< %s", resp.Status)
-	log.Debugf("<<< %s", b)
+	log.Tracef("<<< %s", resp.Status)
+	log.Tracef("<<< %s", b)
 	var eserr *ElasticSearchError
 	// TODO(mhilton) don't try to parse every response as an error.
 	if err = json.Unmarshal(b, &eserr); err != nil {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity.go	2016-07-18 19:45:44.000000000 +0000
@@ -665,8 +665,8 @@
 	// Use a map to de-duplicate the URL list: a bundle can include services
 	// deployed by the same charm.
 	urlMap := make(map[string]*charm.URL)
-	for _, service := range data.Services {
-		url, err := charm.ParseURL(service.Charm)
+	for _, application := range data.Applications {
+		url, err := charm.ParseURL(application.Charm)
 		if err != nil {
 			return nil, errgo.Mask(err)
 		}
@@ -689,8 +689,8 @@
 // bundleUnitCount returns the number of units created by the bundle.
 func bundleUnitCount(b *charm.BundleData) int {
 	count := 0
-	for _, service := range b.Services {
-		count += service.NumUnits
+	for _, application := range b.Applications {
+		count += application.NumUnits
 	}
 	return count
 }
@@ -699,14 +699,14 @@
 // that will be created or used by the bundle.
 func bundleMachineCount(b *charm.BundleData) int {
 	count := len(b.Machines)
-	for _, service := range b.Services {
+	for _, applications := range b.Applications {
 		// The default placement is "new".
 		placement := &charm.UnitPlacement{
 			Machine: "new",
 		}
 		// Check for "new" placements, which means a new machine
 		// must be added.
-		for _, location := range service.To {
+		for _, location := range applications.To {
 			var err error
 			placement, err = charm.ParsePlacement(location)
 			if err != nil {
@@ -723,7 +723,7 @@
 		// element is replicated. For this reason, if the last element is
 		// "new", we need to add more machines.
 		if placement != nil && placement.Machine == "new" {
-			count += service.NumUnits - len(service.To)
+			count += applications.NumUnits - len(applications.To)
 		}
 	}
 	return count
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/addentity_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -210,7 +210,7 @@
 	about: "bundle uploaded to charm URL",
 	url:   "~charmers/precise/foo-0",
 	upload: storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"foo": {
 				Charm: "foo",
 			},
@@ -259,19 +259,19 @@
 	about: "bundle refers to non-existent charm",
 	url:   "~charmers/bundle/foo-0",
 	upload: storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"foo": {
 				Charm: "bad-charm",
 			},
 		},
 	}),
-	expectError: regexp.QuoteMeta(`bundle verification failed: ["service \"foo\" refers to non-existent charm \"bad-charm\""]`),
+	expectError: regexp.QuoteMeta(`bundle verification failed: ["application \"foo\" refers to non-existent charm \"bad-charm\""]`),
 	expectCause: params.ErrInvalidEntity,
 }, {
 	about:       "bundle verification fails",
 	url:         "~charmers/bundle/foo-0",
 	upload:      storetesting.NewBundle(&charm.BundleData{}),
-	expectError: regexp.QuoteMeta(`bundle verification failed: ["at least one service must be specified"]`),
+	expectError: regexp.QuoteMeta(`bundle verification failed: ["at least one application must be specified"]`),
 	expectCause: params.ErrInvalidEntity,
 }, {
 	about:       "invalid zip format",
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/common_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/common_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,8 +39,8 @@
 }
 
 func addRequiredCharms(c *gc.C, store *Store, bundle charm.Bundle) {
-	for _, svc := range bundle.Data().Services {
-		u := charm.MustParseURL(svc.Charm)
+	for _, app := range bundle.Data().Applications {
+		u := charm.MustParseURL(app.Charm)
 		if _, err := store.FindBestEntity(u, params.NoChannel, nil); err == nil {
 			continue
 		}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/elasticsearch.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/elasticsearch.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/elasticsearch.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/elasticsearch.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	esMapping = mustParseJSON(esMappingJSON)
 )
 
-const esSettingsVersion = 8
+const esSettingsVersion = 9
 
 func mustParseJSON(s string) interface{} {
 	var j json.RawMessage
@@ -27,7 +27,7 @@
         "analysis": {
             "filter": {
                 "n3_20grams_filter": {
-                    "type":     "nGram",
+                    "type":     "edgeNGram",
                     "min_gram": 3,
                     "max_gram": 20
                 }
@@ -35,7 +35,7 @@
             "analyzer": {
                 "n3_20grams": {
                     "type":      "custom",
-                    "tokenizer": "standard",
+                    "tokenizer": "keyword",
                     "filter": [
                         "lowercase",
                         "n3_20grams_filter"
@@ -49,280 +49,271 @@
 
 const esMappingJSON = `
 {
-  "entity" : {
-    "dynamic" : "false",
-    "properties" : {
-      "URL" : {
-        "type" : "multi_field",
-        "fields" : {
-          "URL" : {
-            "type" : "string",
-            "index" : "not_analyzed",
-            "omit_norms" : true,
-            "index_options" : "docs"
-          },
-          "ngrams" : {
-            "type" : "string",
-            "analyzer" : "n3_20grams",
-            "include_in_all" : false
-          }
-        }
+  "entity": {
+    "dynamic": "false",
+    "properties": {
+      "URL": {
+        "type": "string",
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
       },
-      "PromulgatedURL" : {
-        "type" : "string",
+      "PromulgatedURL": {
+        "type": "string",
         "index": "not_analyzed",
-        "index_options" : "docs"
+        "index_options": "docs"
       },
-      "BaseURL" : {
-        "type" : "string",
+      "BaseURL": {
+        "type": "string",
         "index": "not_analyzed",
-        "index_options" : "docs"
-      },
-      "User" : {
-        "type" : "string",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
-      },
-      "Name" : {
-        "type" : "string",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
-      },
-      "Revision" : {
-        "type" : "integer",
-        "index" : "not_analyzed"
-      },
-      "Series" : {
-        "type" : "multi_field",
-        "fields" : {
-          "Series" : {
-            "type" : "string",
-            "index" : "not_analyzed",
-            "omit_norms" : true,
-            "index_options" : "docs"
-          },
-          "ngrams" : {
-            "type" : "string",
-            "analyzer" : "n3_20grams",
-            "include_in_all" : false
+        "index_options": "docs"
+      },
+      "User": {
+        "type": "string",
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
+      },
+      "Name": {
+        "type": "multi_field",
+        "fields": {
+          "Name": {
+            "type": "string",
+            "index": "not_analyzed",
+            "omit_norms": true,
+            "index_options": "docs"
+          },
+          "ngrams": {
+            "type": "string",
+            "index_analyzer": "n3_20grams",
+            "include_in_all": false
           }
         }
       },
+      "Revision": {
+        "type": "integer",
+        "index": "not_analyzed"
+      },
+      "Series": {
+        "type": "string",
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
+      },
       "TotalDownloads": {
         "type": "long"
       },
-      "BlobHash" : {
-        "type" : "string",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
-      },
-      "UploadTime" : {
-        "type" : "date",
-        "format" : "dateOptionalTime"
-      },
-      "CharmMeta" : {
-        "dynamic" : "false",
-        "properties" : {
-          "Name" : {
-            "type" : "multi_field",
-            "fields" : {
-              "Name" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "ngrams" : {
-                "type" : "string",
-                "analyzer" : "n3_20grams",
-                "include_in_all" : false
-              }
-            }
+      "BlobHash": {
+        "type": "string",
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
+      },
+      "UploadTime": {
+        "type": "date",
+        "format": "dateOptionalTime"
+      },
+      "CharmMeta": {
+        "dynamic": "false",
+        "properties": {
+          "Name": {
+            "type": "string"
           },
-          "Summary" : {
-            "type" : "string"
+          "Summary": {
+            "type": "string"
           },
-          "Description" : {
-            "type" : "string"
+          "Description": {
+            "type": "string"
           },
-          "Provides" : {
-            "dynamic" : "false",
-            "properties" : {
-              "Name" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Role" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Interface" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Scope" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
+          "Provides": {
+            "dynamic": "false",
+            "properties": {
+              "Name": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Role": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Interface": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Scope": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
               }
             }
           },
-          "Requires" : {
-            "dynamic" : "false",
-            "properties" : {
-              "Name" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Role" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Interface" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Scope" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
+          "Requires": {
+            "dynamic": "false",
+            "properties": {
+              "Name": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Role": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Interface": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Scope": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
               }
             }
           },
-          "Peers" : {
-            "dynamic" : "false",
-            "properties" : {
-              "Name" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Role" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Interface" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
-              },
-              "Scope" : {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
+          "Peers": {
+            "dynamic": "false",
+            "properties": {
+              "Name": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Role": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Interface": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "Scope": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
               }
             }
           },
-          "Categories" : {
-            "type" : "string",
-            "index" : "not_analyzed",
-            "omit_norms" : true,
-            "index_options" : "docs"
-          },
-          "Tags" : {
-            "type" : "string",
-            "index" : "not_analyzed",
-            "omit_norms" : true,
-            "index_options" : "docs"
+          "Categories": {
+            "type": "string",
+            "index": "not_analyzed",
+            "omit_norms": true,
+            "index_options": "docs"
+          },
+          "Tags": {
+            "type": "string",
+            "index": "not_analyzed",
+            "omit_norms": true,
+            "index_options": "docs"
           }
         }
       },
-      "charmactions" : {
-        "dynamic" : "false",
-        "properties" : {
-          "description" : {
-            "type" : "string"
-          },
-          "action_name" : {
-            "type" : "string",
-            "index" : "not_analyzed",
-            "omit_norms" : true,
-            "index_options" : "docs"
+      "charmactions": {
+        "dynamic": "false",
+        "properties": {
+          "description": {
+            "type": "string"
+          },
+          "action_name": {
+            "type": "string",
+            "index": "not_analyzed",
+            "omit_norms": true,
+            "index_options": "docs"
           }
         }
       },
-      "CharmProvidedInterfaces" : {
-        "type" : "string",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
-      },
-      "CharmRequiredInterfaces" : {
-        "type" : "string",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
+      "CharmProvidedInterfaces": {
+        "type": "string",
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
       },
-
-
-      "BundleData" : {
+      "CharmRequiredInterfaces": {
+        "type": "string",
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
+      },
+      "BundleData": {
         "type": "object",
         "dynamic": "false",
-        "properties" : {
-          "Services" : {
+        "properties": {
+          "Services": {
             "type": "object",
             "dynamic": "false",
             "properties": {
               "Charm": {
-                "type" : "string",
-                "index" : "not_analyzed",
-                "omit_norms" : true,
-                "index_options" : "docs"
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
               },
               "NumUnits": {
-                "type" : "integer",
+                "type": "integer",
                 "index": "not_analyzed"
               }
             }
           },
-          "Series" : {
-            "type" : "string"
+          "Applications": {
+            "type": "object",
+            "dynamic": "false",
+            "properties": {
+              "Charm": {
+                "type": "string",
+                "index": "not_analyzed",
+                "omit_norms": true,
+                "index_options": "docs"
+              },
+              "NumUnits": {
+                "type": "integer",
+                "index": "not_analyzed"
+              }
+            }
+          },
+          "Series": {
+            "type": "string"
           },
-          "Relations" : {
-            "type" : "string",
+          "Relations": {
+            "type": "string",
             "index": "not_analyzed"
           },
-         "Tags" : {
-            "type" : "string",
+          "Tags": {
+            "type": "string",
             "index": "not_analyzed",
-            "omit_norms" : true,
-            "index_options" : "docs"
+            "omit_norms": true,
+            "index_options": "docs"
           }
         }
       },
-      "BundleReadMe" : {
+      "BundleReadMe": {
         "type": "string",
         "index": "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
+        "omit_norms": true,
+        "index_options": "docs"
       },
       "BundleCharms": {
         "type": "string",
         "index": "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
+        "omit_norms": true,
+        "index_options": "docs"
       },
       "BundleMachineCount": {
         "type": "integer"
@@ -330,32 +321,29 @@
       "BundleUnitCount": {
         "type": "integer"
       },
-      "TotalDownloads": {
-        "type": "long"
-      },
       "Public": {
         "type": "boolean",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
       },
-      "ReadACLs" : {
-        "type" : "string",
+      "ReadACLs": {
+        "type": "string",
         "index": "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
+        "omit_norms": true,
+        "index_options": "docs"
       },
       "SingleSeries": {
         "type": "boolean",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
       },
       "AllSeries": {
         "type": "boolean",
-        "index" : "not_analyzed",
-        "omit_norms" : true,
-        "index_options" : "docs"
+        "index": "not_analyzed",
+        "omit_norms": true,
+        "index_options": "docs"
       }
     }
   }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_dump_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_dump_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_dump_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_dump_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -258,7 +258,7 @@
 		AuthPassword:      "password",
 		APIAddr:           fmt.Sprintf("localhost:%d", jujutesting.FindTCPPort()),
 		MaxMgoSessions:    10,
-		IdentityLocation:  "https://api.jujucharms.com/identity",
+		IdentityAPIURL:    "https://0.1.2.3/identity",
 		IdentityPublicKey: &bogusPublicKey,
 	})
 	if err != nil {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_integration_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_integration_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_integration_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/migrations_integration_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -60,7 +60,7 @@
 			id:            "~charmers/bundle/promulgatedbundle-0",
 			promulgatedId: "bundle/promulgatedbundle-0",
 			entity: storetesting.NewBundle(&charm.BundleData{
-				Services: map[string]*charm.ServiceSpec{
+				Applications: map[string]*charm.ApplicationSpec{
 					"promulgated": {
 						Charm: "promulgated",
 					},
@@ -69,7 +69,7 @@
 		}, {
 			id: "~charmers/bundle/nonpromulgatedbundle-0",
 			entity: storetesting.NewBundle(&charm.BundleData{
-				Services: map[string]*charm.ServiceSpec{
+				Applications: map[string]*charm.ApplicationSpec{
 					"promulgated": {
 						Charm: "promulgated",
 					},
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/resources_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/resources_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/resources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/resources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -176,7 +176,7 @@
 
 	id := MustParseResolvedURL("cs:~charmers/bundle/wordpress-simple-0")
 	b := storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "cs:utopic/wordpress-0",
 			},
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search.go	2016-07-18 19:45:44.000000000 +0000
@@ -546,21 +546,24 @@
 // queryFields provides a map of fields to weighting to use with the
 // elasticsearch query.
 func queryFields(sp SearchParams) map[string]float64 {
-	fields := map[string]float64{
-		"URL.ngrams":              8,
-		"CharmMeta.Categories":    5,
-		"CharmMeta.Tags":          5,
-		"BundleData.Tags":         5,
-		"Series.ngrams":           5,
-		"CharmProvidedInterfaces": 3,
-		"CharmRequiredInterfaces": 3,
-		"CharmMeta.Description":   1,
-		"BundleReadMe":            1,
-	}
+	var fields map[string]float64
 	if sp.AutoComplete {
-		fields["CharmMeta.Name.ngrams"] = 10
+		fields = map[string]float64{
+			"Name.ngrams": 10,
+		}
 	} else {
-		fields["CharmMeta.Name"] = 10
+		fields = map[string]float64{
+			"Name":                    10,
+			"User":                    7,
+			"CharmMeta.Categories":    5,
+			"CharmMeta.Tags":          5,
+			"BundleData.Tags":         5,
+			"Series":                  5,
+			"CharmProvidedInterfaces": 3,
+			"CharmRequiredInterfaces": 3,
+			"CharmMeta.Description":   1,
+			"BundleReadMe":            1,
+		}
 	}
 	return fields
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/search_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -47,7 +47,7 @@
 	c.Assert(err, gc.IsNil)
 	s.pool = pool
 	s.store = pool.Store()
-	s.addCharmsToStore(c)
+	s.addEntities(c)
 	c.Assert(err, gc.IsNil)
 }
 
@@ -79,41 +79,145 @@
 	}
 }
 
-var exportTestCharms = map[string]*mongodoc.Entity{
-	"wordpress": newEntity("cs:~charmers/precise/wordpress-23", 23),
-	"mysql":     newEntity("cs:~openstack-charmers/trusty/mysql-7", 7),
-	"varnish":   newEntity("cs:~foo/trusty/varnish-1", -1),
-	"riak":      newEntity("cs:~charmers/trusty/riak-67", 67),
-}
-
-var exportTestBundles = map[string]*mongodoc.Entity{
-	"wordpress-simple": newEntity("cs:~charmers/bundle/wordpress-simple-4", 4),
-}
-
-var charmDownloadCounts = map[string]int{
-	"wordpress":        0,
-	"wordpress-simple": 1,
-	"mysql":            3,
-	"varnish":          5,
+type searchEntity struct {
+	entity     *mongodoc.Entity
+	charmMeta  *charm.Meta
+	bundleData *charm.BundleData
+	acl        []string
+	downloads  int
+}
+
+var searchEntities = map[string]searchEntity{
+	"wordpress": searchEntity{
+		entity: newEntity("cs:~charmers/precise/wordpress-23", 23),
+		charmMeta: &charm.Meta{
+			Description: "blog",
+			Requires: map[string]charm.Relation{
+				"mysql": charm.Relation{
+					Name:      "mysql",
+					Interface: "mysql",
+					Scope:     charm.ScopeGlobal,
+				},
+			},
+			Categories: []string{"wordpress"},
+			Tags:       []string{"wordpressTAG"},
+		},
+		acl: []string{params.Everyone},
+	},
+	"mysql": searchEntity{
+		entity: newEntity("cs:~openstack-charmers/xenial/mysql-7", 7),
+		charmMeta: &charm.Meta{
+			Summary: "Database Engine",
+			Provides: map[string]charm.Relation{
+				"mysql": charm.Relation{
+					Name:      "mysql",
+					Interface: "mysql",
+					Scope:     charm.ScopeGlobal,
+				},
+			},
+			Categories: []string{"mysql"},
+			Tags:       []string{"mysqlTAG"},
+		},
+		acl:       []string{params.Everyone},
+		downloads: 3,
+	},
+	"varnish": searchEntity{
+		entity: newEntity("cs:~foo/xenial/varnish-1", -1),
+		charmMeta: &charm.Meta{
+			Summary:    "Database Engine",
+			Categories: []string{"varnish"},
+			Tags:       []string{"varnishTAG"},
+		},
+		acl:       []string{params.Everyone},
+		downloads: 5,
+	},
+	"riak": searchEntity{
+		entity: newEntity("cs:~charmers/xenial/riak-67", 67),
+		charmMeta: &charm.Meta{
+			Categories: []string{"riak"},
+			Tags:       []string{"riakTAG"},
+		},
+		acl: []string{"charmers"},
+	},
+	"wordpress-simple": searchEntity{
+		entity: newEntity("cs:~charmers/bundle/wordpress-simple-4", 4),
+		bundleData: &charm.BundleData{
+			Applications: map[string]*charm.ApplicationSpec{
+				"wordpress": &charm.ApplicationSpec{
+					Charm: "wordpress",
+				},
+			},
+			Tags: []string{"wordpress"},
+		},
+		acl:       []string{params.Everyone},
+		downloads: 1,
+	},
+	// Note: "squid-forwardproxy" shares a trigram "dpr" with "wordpress".
+	"squid-forwardproxy": searchEntity{
+		entity:    newEntity("cs:~charmers/wily/squid-forwardproxy-3", 3),
+		charmMeta: &charm.Meta{},
+		acl:       []string{params.Everyone},
+		downloads: 2,
+	},
+	// Note: "cloud-controller-worker-v2" shares a trigram "wor" with "wordpress".
+
+	"cloud-controller-worker-v2": searchEntity{
+		entity:    newEntity("cs:~cf-charmers/trusty/cloud-controller-worker-v2-7", -1),
+		charmMeta: &charm.Meta{},
+		acl:       []string{params.Everyone},
+		downloads: 4,
+	},
+}
+
+func (s *StoreSearchSuite) addEntities(c *gc.C) {
+	for _, ent := range searchEntities {
+		if ent.charmMeta == nil {
+			continue
+		}
+		addCharmForSearch(
+			c,
+			s.store,
+			EntityResolvedURL(ent.entity),
+			storetesting.NewCharm(ent.charmMeta),
+			ent.acl,
+			ent.downloads,
+		)
+	}
+	for _, ent := range searchEntities {
+		if ent.bundleData == nil {
+			continue
+		}
+		addBundleForSearch(
+			c,
+			s.store,
+			EntityResolvedURL(ent.entity),
+			storetesting.NewBundle(ent.bundleData),
+			ent.acl,
+			ent.downloads,
+		)
+	}
+	s.store.pool.statsCache.EvictAll()
+	err := s.store.syncSearch()
+	c.Assert(err, gc.IsNil)
 }
 
 func (s *StoreSearchSuite) TestSuccessfulExport(c *gc.C) {
 	s.store.pool.statsCache.EvictAll()
-	for name, ent := range exportTestCharms {
-		entity, err := s.store.FindEntity(EntityResolvedURL(ent), nil)
+	for _, ent := range searchEntities {
+		entity, err := s.store.FindEntity(EntityResolvedURL(ent.entity), nil)
 		c.Assert(err, gc.IsNil)
 		var actual json.RawMessage
 		err = s.store.ES.GetDocument(s.TestIndex, typeName, s.store.ES.getID(entity.URL), &actual)
 		c.Assert(err, gc.IsNil)
-		readACLs := []string{ent.URL.User, params.Everyone}
-		if ent.URL.Name == "riak" {
-			readACLs = []string{ent.URL.User}
+		series := entity.SupportedSeries
+		if ent.bundleData != nil {
+			series = []string{"bundle"}
 		}
 		doc := SearchDoc{
 			Entity:         entity,
-			TotalDownloads: int64(charmDownloadCounts[name]),
-			ReadACLs:       readACLs,
-			Series:         entity.SupportedSeries,
+			TotalDownloads: int64(ent.downloads),
+			ReadACLs:       ent.acl,
+			Series:         series,
 			AllSeries:      true,
 			SingleSeries:   true,
 		}
@@ -122,7 +226,7 @@
 }
 
 func (s *StoreSearchSuite) TestNoExportDeprecated(c *gc.C) {
-	charmArchive := storetesting.Charms.CharmDir("mysql")
+	charmArchive := storetesting.NewCharm(nil)
 	url := router.MustNewResolvedURL("cs:~charmers/saucy/mysql-4", -1)
 	addCharmForSearch(
 		c,
@@ -133,7 +237,7 @@
 		0,
 	)
 	var entity *mongodoc.Entity
-	err := s.store.DB.Entities().FindId("cs:~openstack-charmers/trusty/mysql-7").One(&entity)
+	err := s.store.DB.Entities().FindId("cs:~openstack-charmers/xenial/mysql-7").One(&entity)
 	c.Assert(err, gc.IsNil)
 	present, err := s.store.ES.HasDocument(s.TestIndex, typeName, s.store.ES.getID(entity.URL))
 	c.Assert(err, gc.IsNil)
@@ -147,7 +251,7 @@
 }
 
 func (s *StoreSearchSuite) TestExportOnlyLatest(c *gc.C) {
-	charmArchive := storetesting.Charms.CharmDir("wordpress")
+	charmArchive := storetesting.NewCharm(nil)
 	url := router.MustNewResolvedURL("cs:~charmers/precise/wordpress-24", -1)
 	addCharmForSearch(
 		c,
@@ -176,8 +280,8 @@
 }
 
 func (s *StoreSearchSuite) TestExportMultiSeriesCharmsCreateExpandedVersions(c *gc.C) {
-	charmArchive := storetesting.Charms.CharmDir("wordpress")
-	url := router.MustNewResolvedURL("cs:~charmers/trusty/juju-gui-24", -1)
+	charmArchive := storetesting.NewCharm(nil)
+	url := router.MustNewResolvedURL("cs:~charmers/xenial/juju-gui-24", -1)
 	addCharmForSearch(
 		c,
 		s.store,
@@ -186,7 +290,7 @@
 		[]string{"charmers"},
 		0,
 	)
-	charmArchive = storetesting.Charms.CharmDir("multi-series")
+	charmArchive = storetesting.NewCharm(storetesting.MetaWithSupportedSeries(nil, "trusty", "xenial", "utopic", "vivid", "wily"))
 	url = router.MustNewResolvedURL("cs:~charmers/juju-gui-25", -1)
 	addCharmForSearch(
 		c,
@@ -198,7 +302,7 @@
 	)
 	var expected, old *mongodoc.Entity
 	var actual json.RawMessage
-	err := s.store.DB.Entities().FindId("cs:~charmers/trusty/juju-gui-24").One(&old)
+	err := s.store.DB.Entities().FindId("cs:~charmers/xenial/juju-gui-24").One(&old)
 	c.Assert(err, gc.IsNil)
 	err = s.store.DB.Entities().FindId("cs:~charmers/juju-gui-25").One(&expected)
 	c.Assert(err, gc.IsNil)
@@ -238,52 +342,10 @@
 	c.Assert(string(actual), jc.JSONEquals, doc)
 }
 
-func (s *StoreSearchSuite) addCharmsToStore(c *gc.C) {
-	for name, ent := range exportTestCharms {
-		charmArchive := storetesting.Charms.CharmDir(name)
-		cats := strings.Split(name, "-")
-		charmArchive.Meta().Categories = cats
-		tags := make([]string, len(cats))
-		for i, s := range cats {
-			tags[i] = s + "TAG"
-		}
-		meta := charmArchive.Meta()
-		meta.Tags = tags
-		acl := []string{ent.URL.User}
-		if ent.URL.Name != "riak" {
-			acl = append(acl, params.Everyone)
-		}
-		addCharmForSearch(
-			c,
-			s.store,
-			EntityResolvedURL(ent),
-			storetesting.NewCharm(meta),
-			acl,
-			charmDownloadCounts[name],
-		)
-	}
-	for name, ent := range exportTestBundles {
-		bundleArchive := storetesting.Charms.BundleDir(name)
-		data := bundleArchive.Data()
-		data.Tags = strings.Split(name, "-")
-		addBundleForSearch(
-			c,
-			s.store,
-			EntityResolvedURL(ent),
-			storetesting.NewBundle(data),
-			[]string{ent.URL.User, params.Everyone},
-			charmDownloadCounts[name],
-		)
-	}
-	s.store.pool.statsCache.EvictAll()
-	err := s.store.syncSearch()
-	c.Assert(err, gc.IsNil)
-}
-
 var searchTests = []struct {
 	about     string
 	sp        SearchParams
-	results   []*mongodoc.Entity
+	results   Entities
 	totalDiff int // len(results) + totalDiff = expected total
 }{
 	{
@@ -291,20 +353,22 @@
 		sp: SearchParams{
 			Text: "wordpress",
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "blank text search",
 		sp: SearchParams{
 			Text: "",
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "autocomplete search",
@@ -312,11 +376,18 @@
 			Text:         "word",
 			AutoComplete: true,
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
+		about: "non-matching autocomplete search",
+		sp: SearchParams{
+			Text:         "worm",
+			AutoComplete: true,
+		},
+		results: Entities{},
+	}, {
 		about: "description filter search",
 		sp: SearchParams{
 			Text: "",
@@ -324,8 +395,8 @@
 				"description": {"blog"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
 		},
 	}, {
 		about: "name filter search",
@@ -335,8 +406,8 @@
 				"name": {"wordpress"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
 		},
 	}, {
 		about: "owner filter search",
@@ -346,8 +417,8 @@
 				"owner": {"foo"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["varnish"].entity,
 		},
 	}, {
 		about: "provides filter search",
@@ -357,8 +428,8 @@
 				"provides": {"mysql"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["mysql"],
+		results: Entities{
+			searchEntities["mysql"].entity,
 		},
 	}, {
 		about: "requires filter search",
@@ -368,20 +439,20 @@
 				"requires": {"mysql"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
 		},
 	}, {
 		about: "series filter search",
 		sp: SearchParams{
 			Text: "",
 			Filters: map[string][]string{
-				"series": {"trusty"},
+				"series": {"xenial"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
 		},
 	}, {
 		about: "summary filter search",
@@ -391,9 +462,9 @@
 				"summary": {"Database engine"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
 		},
 	}, {
 		about: "tags filter search",
@@ -403,9 +474,9 @@
 				"tags": {"wordpress"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "bundle type filter search",
@@ -415,8 +486,8 @@
 				"type": {"bundle"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "charm type filter search",
@@ -426,10 +497,12 @@
 				"type": {"charm"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
 		},
 	}, {
 		about: "charm & bundle type filter search",
@@ -439,11 +512,13 @@
 				"type": {"charm", "bundle"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "invalid filter search",
@@ -453,11 +528,13 @@
 				"no such filter": {"foo"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "valid & invalid filter search",
@@ -468,10 +545,12 @@
 				"type":           {"charm"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
 		},
 	}, {
 		about: "paginated search",
@@ -487,24 +566,28 @@
 		sp: SearchParams{
 			Groups: []string{"charmers"},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["riak"],
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["riak"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "admin search",
 		sp: SearchParams{
 			Admin: true,
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["riak"],
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["riak"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "charm tags filter search",
@@ -514,8 +597,8 @@
 				"tags": {"wordpressTAG"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
 		},
 	}, {
 		about: "blank owner filter search",
@@ -525,10 +608,11 @@
 				"owner": {""},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "promulgated search",
@@ -538,10 +622,11 @@
 				"promulgated": {"1"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about: "not promulgated search",
@@ -551,8 +636,9 @@
 				"promulgated": {"0"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["varnish"].entity,
 		},
 	}, {
 		about: "owner and promulgated filter search",
@@ -563,8 +649,8 @@
 				"owner":       {"openstack-charmers"},
 			},
 		},
-		results: []*mongodoc.Entity{
-			exportTestCharms["mysql"],
+		results: Entities{
+			searchEntities["mysql"].entity,
 		},
 	},
 }
@@ -575,15 +661,14 @@
 		c.Logf("test %d: %s", i, test.about)
 		res, err := s.store.Search(test.sp)
 		c.Assert(err, gc.IsNil)
-		c.Logf("results: %v", res.Results)
 		sort.Sort(resolvedURLsByString(res.Results))
 		sort.Sort(resolvedURLsByString(test.results))
-		c.Check(res.Results, jc.DeepEquals, test.results)
+		c.Check(Entities(res.Results), jc.DeepEquals, test.results)
 		c.Check(res.Total, gc.Equals, len(test.results)+test.totalDiff)
 	}
 }
 
-type resolvedURLsByString []*mongodoc.Entity
+type resolvedURLsByString Entities
 
 func (r resolvedURLsByString) Less(i, j int) bool {
 	return r[i].URL.String() < r[j].URL.String()
@@ -623,8 +708,8 @@
 }
 
 func (s *StoreSearchSuite) TestPromulgatedRank(c *gc.C) {
-	charmArchive := storetesting.Charms.CharmDir("varnish")
-	ent := newEntity("cs:~charmers/trusty/varnish-1", 1)
+	charmArchive := storetesting.NewCharm(nil)
+	ent := newEntity("cs:~charmers/xenial/varnish-1", 1)
 	addCharmForSearch(
 		c,
 		s.store,
@@ -641,10 +726,9 @@
 	}
 	res, err := s.store.Search(sp)
 	c.Assert(err, gc.IsNil)
-	c.Logf("results: %#v", res.Results)
-	c.Assert(res.Results, jc.DeepEquals, []*mongodoc.Entity{
+	c.Assert(Entities(res.Results), jc.DeepEquals, Entities{
 		ent,
-		exportTestCharms["varnish"],
+		searchEntities["varnish"].entity,
 	})
 }
 
@@ -653,78 +737,94 @@
 	tests := []struct {
 		about     string
 		sortQuery string
-		results   []*mongodoc.Entity
+		results   Entities
 	}{{
 		about:     "name ascending",
 		sortQuery: "name",
-		results: []*mongodoc.Entity{
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about:     "name descending",
 		sortQuery: "-name",
-		results: []*mongodoc.Entity{
-			exportTestBundles["wordpress-simple"],
-			exportTestCharms["wordpress"],
-			exportTestCharms["varnish"],
-			exportTestCharms["mysql"],
+		results: Entities{
+			searchEntities["wordpress-simple"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
 		},
 	}, {
 		about:     "series ascending",
 		sortQuery: "series,name",
-		results: []*mongodoc.Entity{
-			exportTestBundles["wordpress-simple"],
-			exportTestCharms["wordpress"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["wordpress-simple"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
 		},
 	}, {
 		about:     "series descending",
 		sortQuery: "-series,name",
-		results: []*mongodoc.Entity{
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
 		},
 	}, {
 		about:     "owner ascending",
 		sortQuery: "owner,name",
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
-			exportTestCharms["varnish"],
-			exportTestCharms["mysql"],
+		results: Entities{
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["mysql"].entity,
 		},
 	}, {
 		about:     "owner descending",
 		sortQuery: "-owner,name",
-		results: []*mongodoc.Entity{
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
+		results: Entities{
+			searchEntities["mysql"].entity,
+			searchEntities["varnish"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
 		},
 	}, {
 		about:     "downloads ascending",
 		sortQuery: "downloads",
-		results: []*mongodoc.Entity{
-			exportTestCharms["wordpress"],
-			exportTestBundles["wordpress-simple"],
-			exportTestCharms["mysql"],
-			exportTestCharms["varnish"],
+		results: Entities{
+			searchEntities["wordpress"].entity,
+			searchEntities["wordpress-simple"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["varnish"].entity,
 		},
 	}, {
 		about:     "downloads descending",
 		sortQuery: "-downloads",
-		results: []*mongodoc.Entity{
-			exportTestCharms["varnish"],
-			exportTestCharms["mysql"],
-			exportTestBundles["wordpress-simple"],
-			exportTestCharms["wordpress"],
+		results: Entities{
+			searchEntities["varnish"].entity,
+			searchEntities["cloud-controller-worker-v2"].entity,
+			searchEntities["mysql"].entity,
+			searchEntities["squid-forwardproxy"].entity,
+			searchEntities["wordpress-simple"].entity,
+			searchEntities["wordpress"].entity,
 		},
 	}}
 	for i, test := range tests {
@@ -734,7 +834,7 @@
 		c.Assert(err, gc.IsNil)
 		res, err := s.store.Search(sp)
 		c.Assert(err, gc.IsNil)
-		c.Assert(res.Results, jc.DeepEquals, test.results)
+		c.Assert(Entities(res.Results), jc.DeepEquals, test.results)
 		c.Assert(res.Total, gc.Equals, len(test.results))
 	}
 }
@@ -744,13 +844,13 @@
 	var sp SearchParams
 	res, err := s.store.Search(sp)
 	c.Assert(err, gc.IsNil)
-	c.Assert(res.Results, gc.HasLen, 4)
-	c.Logf("results: %#v", res.Results)
-	c.Assert(res.Results, jc.DeepEquals, []*mongodoc.Entity{
-		exportTestBundles["wordpress-simple"],
-		exportTestCharms["mysql"],
-		exportTestCharms["wordpress"],
-		exportTestCharms["varnish"],
+	c.Assert(Entities(res.Results), jc.DeepEquals, Entities{
+		searchEntities["wordpress-simple"].entity,
+		searchEntities["mysql"].entity,
+		searchEntities["wordpress"].entity,
+		searchEntities["squid-forwardproxy"].entity,
+		searchEntities["varnish"].entity,
+		searchEntities["cloud-controller-worker-v2"].entity,
 	})
 }
 
@@ -894,7 +994,7 @@
 }
 
 func (s *StoreSearchSuite) TestMultiSeriesCharmFiltersSeriesCorrectly(c *gc.C) {
-	charmArchive := storetesting.Charms.CharmDir("multi-series")
+	charmArchive := storetesting.NewCharm(storetesting.MetaWithSupportedSeries(nil, "trusty", "xenial", "utopic", "vivid", "wily"))
 	url := router.MustNewResolvedURL("cs:~charmers/juju-gui-25", -1)
 	addCharmForSearch(
 		c,
@@ -909,7 +1009,7 @@
 		series   string
 		notFound bool
 	}{{
-		series: "trusty",
+		series: "xenial",
 	}, {
 		series: "vivid",
 	}, {
@@ -935,7 +1035,7 @@
 }
 
 func (s *StoreSearchSuite) TestMultiSeriesCharmSortsSeriesCorrectly(c *gc.C) {
-	charmArchive := storetesting.Charms.CharmDir("multi-series")
+	charmArchive := storetesting.NewCharm(storetesting.MetaWithSupportedSeries(nil, "trusty", "xenial", "utopic", "vivid", "wily"))
 	url := router.MustNewResolvedURL("cs:~charmers/juju-gui-25", -1)
 	addCharmForSearch(
 		c,
@@ -950,10 +1050,12 @@
 	sp.ParseSortFields("-series", "owner")
 	res, err := s.store.Search(sp)
 	c.Assert(err, gc.IsNil)
-	c.Assert(res.Results, jc.DeepEquals, []*mongodoc.Entity{
-		newEntity("cs:~charmers/juju-gui-25", -1, "trusty", "utopic", "vivid", "wily"),
-		newEntity("cs:~foo/trusty/varnish-1", -1),
-		newEntity("cs:~openstack-charmers/trusty/mysql-7", 7),
+	c.Assert(Entities(res.Results), jc.DeepEquals, Entities{
+		newEntity("cs:~charmers/juju-gui-25", -1, "trusty", "xenial", "utopic", "vivid", "wily"),
+		newEntity("cs:~foo/xenial/varnish-1", -1),
+		newEntity("cs:~openstack-charmers/xenial/mysql-7", 7),
+		newEntity("cs:~charmers/wily/squid-forwardproxy-3", 3),
+		searchEntities["cloud-controller-worker-v2"].entity,
 		newEntity("cs:~charmers/precise/wordpress-23", 23),
 		newEntity("cs:~charmers/bundle/wordpress-simple-4", 4),
 	})
@@ -963,7 +1065,7 @@
 	ch := storetesting.NewCharm(&charm.Meta{
 		Name: "test",
 	})
-	id := router.MustNewResolvedURL("~test/trusty/test-0", -1)
+	id := router.MustNewResolvedURL("~test/xenial/test-0", -1)
 	err := s.store.AddCharmWithArchive(id, ch)
 	c.Assert(err, gc.IsNil)
 	err = s.store.SetPerms(&id.URL, "read", "test", params.Everyone)
@@ -999,7 +1101,7 @@
 	doc := SearchDoc{
 		Entity:       entity,
 		ReadACLs:     []string{"test", params.Everyone},
-		Series:       []string{"trusty"},
+		Series:       []string{"xenial"},
 		AllSeries:    true,
 		SingleSeries: true,
 	}
@@ -1037,3 +1139,17 @@
 	err = s.Publish(id, nil, params.StableChannel)
 	c.Assert(err, gc.IsNil)
 }
+
+type Entities []*mongodoc.Entity
+
+func (es Entities) GoString() string {
+	return es.String()
+}
+
+func (es Entities) String() string {
+	urls := make([]string, len(es))
+	for i, e := range es {
+		urls[i] = e.URL.String()
+	}
+	return "[" + strings.Join(urls, ", ") + "]"
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server.go	2016-07-18 19:45:44.000000000 +0000
@@ -40,12 +40,13 @@
 
 	// IdentityLocation holds the location of the third party authorization
 	// service to use when creating third party caveats,
-	// for example: http://api.jujucharms.com/identity/v1/discharger
-	// If it is empty, IdentityURL+"/v1/discharger" will be used.
+	// for example: http://api.jujucharms.com/identity
+	// If it is empty, IdentityAPIURL will be used.
 	IdentityLocation string
 
-	// TermsLocation holds the location of the third party
-	// terms service to use when creating third party caveats.
+	// TermsLocations holds the location of the
+	// terms service, which knows about user agreements to
+	// Terms and Conditions required by the charm.
 	TermsLocation string
 
 	// PublicKeyLocator holds a public key store.
@@ -96,11 +97,11 @@
 	if len(versions) == 0 {
 		return nil, errgo.Newf("charm store server must serve at least one version of the API")
 	}
-	config.IdentityLocation = strings.Trim(config.IdentityLocation, "/")
-	config.TermsLocation = strings.Trim(config.TermsLocation, "/")
-	config.IdentityAPIURL = strings.Trim(config.IdentityAPIURL, "/")
+	config.IdentityLocation = strings.TrimSuffix(config.IdentityLocation, "/")
+	config.TermsLocation = strings.TrimSuffix(config.TermsLocation, "/")
+	config.IdentityAPIURL = strings.TrimSuffix(config.IdentityAPIURL, "/")
 	if config.IdentityLocation == "" && config.IdentityAPIURL != "" {
-		config.IdentityLocation = config.IdentityAPIURL + "/v1/discharger"
+		config.IdentityLocation = config.IdentityAPIURL
 	}
 	logger.Infof("identity discharge location: %s", config.IdentityLocation)
 	logger.Infof("identity API location: %s", config.IdentityAPIURL)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/server_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,8 +14,9 @@
 )
 
 var serverParams = ServerParams{
-	AuthUsername: "test-user",
-	AuthPassword: "test-password",
+	AuthUsername:   "test-user",
+	AuthPassword:   "test-password",
+	IdentityAPIURL: "http://0.1.2.3",
 }
 
 type ServerSuite struct {
@@ -91,6 +92,12 @@
 }
 
 func (s *ServerSuite) TestNewServerWithConfig(c *gc.C) {
+
+	params := ServerParams{
+		AuthUsername:   "test-user",
+		AuthPassword:   "test-password",
+		IdentityAPIURL: "http://0.1.2.3/",
+	}
 	serveConfig := func(p *Pool, config ServerParams, _ string) HTTPCloseHandler {
 		return nopCloseHandler{
 			router.HandleJSON(func(_ http.Header, req *http.Request) (interface{}, error) {
@@ -98,19 +105,33 @@
 			}),
 		}
 	}
-	h, err := NewServer(s.Session.DB("foo"), nil, serverParams, map[string]NewAPIHandlerFunc{
+	h, err := NewServer(s.Session.DB("foo"), nil, params, map[string]NewAPIHandlerFunc{
 		"version1": serveConfig,
 	})
 	c.Assert(err, gc.IsNil)
 	defer h.Close()
+
+	// The IdentityLocation field is filled out from the IdentityAPIURL
+	// and the final slash is trimmed.
+
 	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
-		Handler:    h,
-		URL:        "/version1/some/path",
-		ExpectBody: serverParams,
+		Handler: h,
+		URL:     "/version1/some/path",
+		ExpectBody: ServerParams{
+			AuthUsername:     "test-user",
+			AuthPassword:     "test-password",
+			IdentityAPIURL:   "http://0.1.2.3",
+			IdentityLocation: "http://0.1.2.3",
+		},
 	})
 }
 
 func (s *ServerSuite) TestNewServerWithElasticSearch(c *gc.C) {
+	params := ServerParams{
+		AuthUsername:   "test-user",
+		AuthPassword:   "test-password",
+		IdentityAPIURL: "http://0.1.2.3",
+	}
 	serveConfig := func(p *Pool, config ServerParams, _ string) HTTPCloseHandler {
 		return nopCloseHandler{
 			router.HandleJSON(func(_ http.Header, req *http.Request) (interface{}, error) {
@@ -118,16 +139,21 @@
 			}),
 		}
 	}
-	h, err := NewServer(s.Session.DB("foo"), &SearchIndex{s.ES, s.TestIndex}, serverParams,
+	h, err := NewServer(s.Session.DB("foo"), &SearchIndex{s.ES, s.TestIndex}, params,
 		map[string]NewAPIHandlerFunc{
 			"version1": serveConfig,
 		})
 	c.Assert(err, gc.IsNil)
 	defer h.Close()
 	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
-		Handler:    h,
-		URL:        "/version1/some/path",
-		ExpectBody: serverParams,
+		Handler: h,
+		URL:     "/version1/some/path",
+		ExpectBody: ServerParams{
+			AuthUsername:     "test-user",
+			AuthPassword:     "test-password",
+			IdentityAPIURL:   "http://0.1.2.3",
+			IdentityLocation: "http://0.1.2.3",
+		},
 	})
 }
 
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store.go	2016-07-18 19:45:44.000000000 +0000
@@ -625,12 +625,14 @@
 	"lucid":   1000,
 	"precise": 1001,
 	"trusty":  1002,
+	"xenial":  1003,
 	"quantal": 1,
 	"raring":  2,
 	"saucy":   3,
 	"utopic":  4,
 	"vivid":   5,
 	"wily":    6,
+	"yakkety": 7,
 	// When we find a multi-series charm (no series) we
 	// will always choose it in preference to a series-specific
 	// charm
@@ -925,22 +927,7 @@
 		return errgo.Notef(err, "cannot promulgate base entity %q", base)
 	}
 
-	type result struct {
-		Series   string `bson:"_id"`
-		Revision int
-	}
-
-	// Find the latest revision in each series of entities with the promulgated base URL.
-	var latestOwned []result
-	err = s.DB.Entities().Pipe([]bson.D{
-		{{"$match", bson.D{{"baseurl", base}}}},
-		{{"$group", bson.D{{"_id", "$series"}, {"revision", bson.D{{"$max", "$revision"}}}}}},
-	}).All(&latestOwned)
-	if err != nil {
-		return errgo.Notef(err, "cannot find latest revision for promulgated URL")
-	}
-
-	// Find the latest revision in each series of the promulgated entitities
+	// Find the latest revision in each series of the promulgated entities
 	// with the same name as the base entity. Note that this works because:
 	//     1) promulgated URLs always have the same charm name as their
 	//     non-promulgated counterparts.
@@ -949,31 +936,96 @@
 	// select all entities with a matching promulgated URL name. Because of
 	// 2) we are sure that we are only updating all charms or the single
 	// bundle entity.
+
+	iter = s.DB.Entities().Find(bson.D{{
+		"promulgated-revision", bson.D{{"$gt", -1}},
+	}, {
+		"name", base.Name,
+	}}).Select(FieldSelector("promulgated-revision", "supportedseries", "series")).Iter()
+
 	latestPromulgated := make(map[string]int)
+	oldMultiSeries := false
+	var e mongodoc.Entity
+	for iter.Next(&e) {
+		oldMultiSeries = oldMultiSeries || e.Series == ""
+		entitySeries := e.SupportedSeries
+		if e.Series == "bundle" {
+			entitySeries = []string{"bundle"}
+		}
+		for _, series := range entitySeries {
+			if rev, ok := latestPromulgated[series]; !ok || rev < e.PromulgatedRevision {
+				latestPromulgated[series] = e.PromulgatedRevision
+			}
+		}
+	}
+	if err := iter.Err(); err != nil {
+		return errgo.Notef(err, "cannot close mgo iterator")
+	}
+
+	// Find the latest revision in each series of entities with the promulgated base URL.
+	// After this, latestOwned will have an entry for each series, with multi-series
+	// charms having an empty series.
+	type result struct {
+		URL             *charm.URL
+		Series          string `bson:"_id"`
+		SupportedSeries []string
+		Revision        int
+	}
+	latestOwned := make(map[string]result)
 	iter = s.DB.Entities().Pipe([]bson.D{
-		{{"$match", bson.D{{"name", base.Name}}}},
-		{{"$group", bson.D{{"_id", "$series"}, {"revision", bson.D{{"$max", "$promulgated-revision"}}}}}},
+		{{"$match", bson.D{{"baseurl", base}}}},
+		{{"$sort", bson.D{{"revision", 1}}}},
+		{{"$group", bson.D{
+			{"_id", "$series"},
+			{"url", bson.D{{"$last", "$_id"}}},
+			{"supportedseries", bson.D{{"$last", "$supportedseries"}}},
+			{"revision", bson.D{{"$last", "$revision"}}},
+		}}},
 	}).Iter()
-	var res result
-	for iter.Next(&res) {
-		latestPromulgated[res.Series] = res.Revision
+	var r result
+	for iter.Next(&r) {
+		latestOwned[r.Series] = r
 	}
-	if err := iter.Close(); err != nil {
+	if err := iter.Err(); err != nil {
 		return errgo.Notef(err, "cannot close mgo iterator")
 	}
 
-	// Update the newest entity in each series with a base URL that matches the newly promulgated
-	// base entity to have a promulgated URL, if it does not already have one.
+	// Delete all series we don't want to promulgate.
+	if _, ok := latestOwned[""]; ok || oldMultiSeries {
+		// The newly promulgated charm will be multi-series or
+		// there was previously a multi-series charm, so do not
+		// promulgate any single series charms.
+		for series, r := range latestOwned {
+			if series != "" {
+				logger.Infof("ignoring non-multi-series entity for promulgation %v", r.URL)
+				delete(latestOwned, series)
+			}
+		}
+	}
+
+	// Update the newest entity in each series with the new base URL to have a
+	// promulgated URL if it does not already have one.
 	for _, r := range latestOwned {
-		id := *base
-		id.Series = r.Series
-		id.Revision = r.Revision
-		pID := id
+		// Assign the entity a promulgated revision of one more than the maximum
+		// of the promulgated revision of any of the supported
+		// series.
+		entitySeries := r.SupportedSeries
+		if r.Series == "bundle" {
+			entitySeries = []string{"bundle"}
+		}
+		maxRev := -1
+		for _, series := range entitySeries {
+			if rev, ok := latestPromulgated[series]; ok && rev > maxRev {
+				maxRev = rev
+			}
+		}
+		pID := *r.URL
 		pID.User = ""
-		pID.Revision = latestPromulgated[r.Series] + 1
+		pID.Revision = maxRev + 1
+		logger.Infof("updating promulgation URL of %v to %v", r.URL, &pID)
 		err := s.DB.Entities().Update(
 			bson.D{
-				{"_id", &id},
+				{"_id", r.URL},
 				{"promulgated-revision", -1},
 			},
 			bson.D{
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/charmstore/store_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -483,7 +483,7 @@
 }{{
 	about: "no units",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm:    "cs:utopic/wordpress-0",
 				NumUnits: 0,
@@ -497,7 +497,7 @@
 }, {
 	about: "a single unit",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm:    "cs:trusty/wordpress-42",
 				NumUnits: 1,
@@ -512,7 +512,7 @@
 }, {
 	about: "multiple units",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm:    "cs:utopic/wordpress-1",
 				NumUnits: 1,
@@ -562,7 +562,7 @@
 }{{
 	about: "no machines",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:utopic/mysql-0",
 				NumUnits: 0,
@@ -576,7 +576,7 @@
 }, {
 	about: "a single machine (no placement)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -591,7 +591,7 @@
 }, {
 	about: "a single machine (machine placement)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -606,7 +606,7 @@
 }, {
 	about: "a single machine (hulk smash)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -626,7 +626,7 @@
 }, {
 	about: "a single machine (co-location)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -642,7 +642,7 @@
 }, {
 	about: "a single machine (containerization)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -667,7 +667,7 @@
 }, {
 	about: "multiple machines (no placement)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:utopic/mysql-1",
 				NumUnits: 1,
@@ -686,7 +686,7 @@
 }, {
 	about: "multiple machines (machine placement)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:utopic/mysql-1",
 				NumUnits: 2,
@@ -706,7 +706,7 @@
 }, {
 	about: "multiple machines (hulk smash)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -731,7 +731,7 @@
 }, {
 	about: "multiple machines (co-location)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 2,
@@ -747,7 +747,7 @@
 }, {
 	about: "multiple machines (containerization)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 2,
@@ -772,7 +772,7 @@
 }, {
 	about: "multiple machines (partial placement in a container)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -792,7 +792,7 @@
 }, {
 	about: "multiple machines (partial placement in a new machine)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 1,
@@ -812,7 +812,7 @@
 }, {
 	about: "multiple machines (partial placement with new machines)",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mysql": {
 				Charm:    "cs:trusty/mysql-42",
 				NumUnits: 3,
@@ -836,7 +836,7 @@
 }, {
 	about: "placement into container on new machine",
 	data: &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm:    "cs:trusty/wordpress-47",
 				NumUnits: 6,
@@ -1467,11 +1467,11 @@
 }{{
 	id: router.MustNewResolvedURL("~charmers/bundle/wordpress-simple-0", 0),
 	bundle: storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
-			"wordpress": &charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
+			"wordpress": &charm.ApplicationSpec{
 				Charm: "cs:wordpress",
 			},
-			"mysql": &charm.ServiceSpec{
+			"mysql": &charm.ApplicationSpec{
 				Charm: "cs:mysql",
 			},
 		},
@@ -1481,11 +1481,11 @@
 }, {
 	id: router.MustNewResolvedURL("~charmers/bundle/wordpress-simple-1", 1),
 	bundle: storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
-			"wordpress": &charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
+			"wordpress": &charm.ApplicationSpec{
 				Charm: "cs:wordpress",
 			},
-			"mysql": &charm.ServiceSpec{
+			"mysql": &charm.ApplicationSpec{
 				Charm: "cs:mysql",
 			},
 		},
@@ -1495,11 +1495,11 @@
 }, {
 	id: router.MustNewResolvedURL("~charmers/bundle/wordpress-simple-2", 2),
 	bundle: storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
-			"wordpress": &charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
+			"wordpress": &charm.ApplicationSpec{
 				Charm: "cs:wordpress",
 			},
-			"mysql": &charm.ServiceSpec{
+			"mysql": &charm.ApplicationSpec{
 				Charm: "cs:mysql",
 			},
 		},
@@ -1509,11 +1509,11 @@
 }, {
 	id: router.MustNewResolvedURL("~charmers/bundle/wordpress-simple-3", 3),
 	bundle: storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
-			"wordpress": &charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
+			"wordpress": &charm.ApplicationSpec{
 				Charm: "cs:wordpress",
 			},
-			"mysql": &charm.ServiceSpec{
+			"mysql": &charm.ApplicationSpec{
 				Charm: "cs:mysql",
 			},
 		},
@@ -2872,6 +2872,153 @@
 		baseEntity("~test-charmers/wordpress", true),
 	},
 }, {
+	about: "multi-series with old single series",
+	entities: []*mongodoc.Entity{
+		entity("~charmers/trusty/wordpress-0", "trusty/wordpress-2"),
+		entity("~charmers/precise/wordpress-0", "precise/wordpress-3"),
+		entity("~test-charmers/wordpress-0", "", "trusty", "precise", "xenial"),
+	},
+	baseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", true),
+		baseEntity("~test-charmers/wordpress", true),
+	},
+	url:        "~test-charmers/wordpress-0",
+	promulgate: true,
+	expectEntities: []*mongodoc.Entity{
+		entity("~charmers/trusty/wordpress-0", "trusty/wordpress-2"),
+		entity("~charmers/precise/wordpress-0", "precise/wordpress-3"),
+		entity("~test-charmers/wordpress-0", "wordpress-4", "trusty", "precise", "xenial"),
+	},
+	expectBaseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", false),
+		baseEntity("~test-charmers/wordpress", true),
+	},
+}, {
+	about: "multi-series with old multi-series",
+	entities: []*mongodoc.Entity{
+		entity("~charmers/trusty/wordpress-0", "trusty/wordpress-2"),
+		entity("~charmers/precise/wordpress-0", "precise/wordpress-3"),
+		entity("~charmers/wordpress-0", "wordpress-3", "trusty", "xenial"),
+		entity("~test-charmers/trusty/wordpress-0", ""),
+		entity("~test-charmers/precise/wordpress-3", ""),
+		entity("~test-charmers/wordpress-4", "", "precise", "xenial"),
+	},
+	baseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", true),
+		baseEntity("~test-charmers/wordpress", true),
+	},
+	url:        "~test-charmers/wordpress-0",
+	promulgate: true,
+	expectEntities: []*mongodoc.Entity{
+		entity("~charmers/trusty/wordpress-0", "trusty/wordpress-2"),
+		entity("~charmers/precise/wordpress-0", "precise/wordpress-3"),
+		entity("~charmers/wordpress-0", "wordpress-3", "trusty", "xenial"),
+		entity("~test-charmers/trusty/wordpress-0", ""),
+		entity("~test-charmers/precise/wordpress-3", ""),
+		entity("~test-charmers/wordpress-4", "wordpress-4", "precise", "xenial"),
+	},
+	expectBaseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", false),
+		baseEntity("~test-charmers/wordpress", true),
+	},
+}, {
+	about: "multi-series with different sets of supported series",
+	entities: []*mongodoc.Entity{
+		entity("~test-charmers/wordpress-0", "", "precise", "xenial"),
+		entity("~test-charmers/wordpress-1", "", "trusty", "xenial"),
+	},
+	baseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~test-charmers/wordpress", false),
+	},
+	url:        "~test-charmers/wordpress-0",
+	promulgate: true,
+	expectEntities: []*mongodoc.Entity{
+		entity("~test-charmers/wordpress-0", "", "precise", "xenial"),
+		entity("~test-charmers/wordpress-1", "wordpress-0", "trusty", "xenial"),
+	},
+	expectBaseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~test-charmers/wordpress", true),
+	},
+}, {
+	// The single-series entity doesn't get promulgated because it's a single series
+	// charm and we only promulgate single-series charms if the
+	// new charm has no multi-series entities.
+	about: "multi-series with different sets of supported series and previous multi-series",
+	entities: []*mongodoc.Entity{
+		entity("~charmers/precise/wordpress-5", "wordpress-5"),
+		entity("~charmers/wordpress-0", "wordpress-6", "precise", "xenial"),
+		entity("~charmers/wordpress-1", "wordpress-7", "trusty", "xenial"),
+		entity("~test-charmers/precise/wordpress-9", ""),
+		entity("~test-charmers/wordpress-0", "", "trusty"),
+		entity("~test-charmers/wordpress-1", "", "trusty", "xenial"),
+	},
+	baseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", true),
+		baseEntity("~test-charmers/wordpress", false),
+	},
+	url:        "~test-charmers/wordpress-1",
+	promulgate: true,
+	expectEntities: []*mongodoc.Entity{
+		entity("~charmers/precise/wordpress-5", "wordpress-5"),
+		entity("~charmers/wordpress-0", "wordpress-6", "precise", "xenial"),
+		entity("~charmers/wordpress-1", "wordpress-7", "trusty", "xenial"),
+		entity("~test-charmers/precise/wordpress-9", ""),
+		entity("~test-charmers/wordpress-0", "", "trusty"),
+		entity("~test-charmers/wordpress-1", "wordpress-8", "trusty", "xenial"),
+	},
+	expectBaseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", false),
+		baseEntity("~test-charmers/wordpress", true),
+	},
+}, {
+	// The non-multi-series charm should be left alone because
+	// we never move from multi-series to non-multi-series.
+	about: "old multi-series with new non-multi-series",
+	entities: []*mongodoc.Entity{
+		entity("~charmers/precise/wordpress-5", "wordpress-5"),
+		entity("~charmers/wordpress-1", "wordpress-7", "trusty", "xenial"),
+		entity("~test-charmers/precise/wordpress-9", ""),
+	},
+	baseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", true),
+		baseEntity("~test-charmers/wordpress", false),
+	},
+	url:        "~test-charmers/precise/wordpress-9",
+	promulgate: true,
+	expectEntities: []*mongodoc.Entity{
+		entity("~charmers/precise/wordpress-5", "wordpress-5"),
+		entity("~charmers/wordpress-1", "wordpress-7", "trusty", "xenial"),
+		entity("~test-charmers/precise/wordpress-9", ""),
+	},
+	expectBaseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", false),
+		baseEntity("~test-charmers/wordpress", true),
+	},
+}, {
+	about: "promulgate bundle",
+	entities: []*mongodoc.Entity{
+		entity("~charmers/bundle/wordpress-0", "bundle/wordpress-2"),
+		entity("~charmers/bundle/wordpress-1", "bundle/wordpress-3"),
+		entity("~test-charmers/bundle/wordpress-0", "bundle/wordpress-0"),
+		entity("~test-charmers/bundle/wordpress-1", ""),
+	},
+	baseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", true),
+		baseEntity("~test-charmers/wordpress", false),
+	},
+	url:        "~test-charmers/bundle/wordpress-1",
+	promulgate: true,
+	expectEntities: []*mongodoc.Entity{
+		entity("~charmers/bundle/wordpress-0", "bundle/wordpress-2"),
+		entity("~charmers/bundle/wordpress-1", "bundle/wordpress-3"),
+		entity("~test-charmers/bundle/wordpress-0", "bundle/wordpress-0"),
+		entity("~test-charmers/bundle/wordpress-1", "bundle/wordpress-4"),
+	},
+	expectBaseEntities: []*mongodoc.BaseEntity{
+		baseEntity("~charmers/wordpress", false),
+		baseEntity("~test-charmers/wordpress", true),
+	},
+}, {
 	about: "unpromulgate single promulgated charm ",
 	entities: []*mongodoc.Entity{
 		entity("~charmers/trusty/wordpress-0", "trusty/wordpress-0"),
@@ -2909,7 +3056,7 @@
 	store := s.newStore(c, false)
 	defer store.Close()
 	for i, test := range promulgateTests {
-		c.Logf("test %d. %s", i, test.about)
+		c.Logf("\ntest %d. %s", i, test.about)
 		url := router.MustNewResolvedURL(test.url, -1)
 		_, err := store.DB.Entities().RemoveAll(nil)
 		c.Assert(err, gc.IsNil)
@@ -2935,10 +3082,10 @@
 		n, err = store.DB.BaseEntities().Count()
 		c.Assert(err, gc.IsNil)
 		c.Assert(n, gc.Equals, len(test.expectBaseEntities))
-		for _, expectEntity := range test.expectEntities {
+		for i, expectEntity := range test.expectEntities {
 			entity, err := store.FindEntity(EntityResolvedURL(expectEntity), nil)
 			c.Assert(err, gc.IsNil)
-			c.Assert(entity, jc.DeepEquals, expectEntity)
+			c.Assert(entity, jc.DeepEquals, expectEntity, gc.Commentf("entity %d", i))
 		}
 		for _, expectBaseEntity := range test.expectBaseEntities {
 			baseEntity, err := store.FindBaseEntity(expectBaseEntity.URL, nil)
@@ -3819,15 +3966,16 @@
 	c.Assert(err, gc.ErrorMatches, "cannot index cs:~charmers/precise/wordpress-12 to ElasticSearch: .*")
 }
 
-func entity(url, purl string) *mongodoc.Entity {
+func entity(url, purl string, supportedSeries ...string) *mongodoc.Entity {
 	id := charm.MustParseURL(url)
 	var pid *charm.URL
 	if purl != "" {
 		pid = charm.MustParseURL(purl)
 	}
 	e := &mongodoc.Entity{
-		URL:            id,
-		PromulgatedURL: pid,
+		URL:             id,
+		PromulgatedURL:  pid,
+		SupportedSeries: supportedSeries,
 	}
 	denormalizeEntity(e)
 	return e
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/mongodoc/doc.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/mongodoc/doc.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/mongodoc/doc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/mongodoc/doc.go	2016-07-18 19:45:44.000000000 +0000
@@ -200,6 +200,12 @@
 	// set of resource names holding the currently published resource
 	// version for that channel and resource name.
 	ChannelResources map[params.Channel][]ResourceRevision
+
+	// NoIngest is set to true when a charm or bundle has been uploaded
+	// with a POST request. Since the ingester only uses PUT requests
+	// at present, this signifies that someone has taken over control from
+	// the ingester.
+	NoIngest bool `bson:",omitempty"`
 }
 
 // ResourceRevision specifies an association of a resource name to a
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/router/router.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/router/router.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/router/router.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/router/router.go	2016-07-18 19:45:44.000000000 +0000
@@ -226,7 +226,7 @@
 	// by nil elements.
 	ResolveURLs(ids []*charm.URL) ([]*ResolvedURL, error)
 
-	// The AuthorizeEntity function will be called to authorize requests
+	// AuthorizeEntity will be called to authorize requests
 	// to any BulkIncludeHandlers. All other handlers are expected
 	// to handle their own authorization.
 	AuthorizeEntity(id *ResolvedURL, req *http.Request) error
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/series/series.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/series/series.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/series/series.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/series/series.go	2016-07-18 19:45:44.000000000 +0000
@@ -36,7 +36,7 @@
 // Series contains the data charmstore knows about series names
 var Series = map[string]SeriesInfo{
 	// Bundle
-	"bundle": {false, "", true, 1.1255},
+	"bundle": {false, "", true, 1.1380},
 
 	// Ubuntu
 	"oneiric": {true, Ubuntu, false, 0},
@@ -46,9 +46,10 @@
 	"saucy":   {true, Ubuntu, false, 0},
 	"trusty":  {true, Ubuntu, true, 1.125},
 	"utopic":  {true, Ubuntu, false, 0},
-	"vivid":   {true, Ubuntu, true, 1.101},
+	"vivid":   {true, Ubuntu, false, 0},
 	"wily":    {true, Ubuntu, true, 1.102},
-	"xenial":  {true, Ubuntu, true, 1.103},
+	"xenial":  {true, Ubuntu, true, 1.1375},
+	"yakkety": {true, Ubuntu, true, 1.103},
 
 	// Windows
 	"win2012hvr2": {true, Windows, true, 1.1},
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm.go	2016-07-18 19:45:44.000000000 +0000
@@ -272,3 +272,23 @@
 	}
 	return m
 }
+
+// MetaWithCategories returns m with Categories set to categories. If m
+// is nil, new(charm.Meta) will be used instead.
+func MetaWithCategories(m *charm.Meta, categories ...string) *charm.Meta {
+	if m == nil {
+		m = new(charm.Meta)
+	}
+	m.Categories = categories
+	return m
+}
+
+// MetaWithTags returns m with Tags set to tags. If m is nil,
+// new(charm.Meta) will be used instead.
+func MetaWithTags(m *charm.Meta, tags ...string) *charm.Meta {
+	if m == nil {
+		m = new(charm.Meta)
+	}
+	m.Tags = tags
+	return m
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/bad/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/bad/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/bad/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/bad/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,6 +1,6 @@
 # This bundle has a bad relation, which will cause it to fail
 # its verification.
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/openstack/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/openstack/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/openstack/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/openstack/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 series: precise
-services:
+applications:
   mysql:
     charm: cs:precise/mysql
     constraints: mem=1G
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-simple/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-simple/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-simple/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-simple/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-with-logging/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-with-logging/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-with-logging/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/storetesting/charm-repo/bundle/wordpress-with-logging/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -140,6 +140,8 @@
 	delete(handlers.Meta, "published")
 	delete(handlers.Id, "resource")
 	delete(handlers.Meta, "resources")
+	delete(handlers.Meta, "resources/")
+	delete(handlers.Meta, "can-ingest")
 
 	h.Router = router.New(handlers, h)
 	return h
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -139,7 +139,7 @@
 	get:       entityFieldGetter("BundleData"),
 	checkURL:  newResolvedURL("cs:~charmers/bundle/wordpress-simple-42", 42),
 	assertCheckData: func(c *gc.C, data interface{}) {
-		c.Assert(data.(*charm.BundleData).Services["wordpress"].Charm, gc.Equals, "wordpress")
+		c.Assert(data.(*charm.BundleData).Applications["wordpress"].Charm, gc.Equals, "wordpress")
 	},
 }, {
 	name:      "bundle-unit-count",
@@ -1516,7 +1516,7 @@
 	url := newResolvedURL("~charmers/bundle/wordpress-simple-2", -1)
 	s.addPublicBundle(c, storetesting.NewBundle(&charm.BundleData{
 		Tags: []string{"foo", "bar"},
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "wordpress",
 			},
@@ -1534,7 +1534,7 @@
 	url := newResolvedURL("~charmers/bundle/wordpress-simple-2", 2)
 	s.addPublicBundle(c, storetesting.NewBundle(&charm.BundleData{
 		Tags: []string{"foo", "bar"},
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "wordpress",
 			},
@@ -2878,7 +2878,7 @@
 		ExpectStatus: http.StatusOK,
 		ExpectBody: params.WhoAmIResponse{
 			User:   "who",
-			Groups: []string{"foo", "bar"},
+			Groups: []string{"bar", "foo"},
 		},
 	})
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,6 +11,7 @@
 	"gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
 
 	"gopkg.in/juju/charmstore.v5-unstable/internal/router"
+	"gopkg.in/juju/charmstore.v5-unstable/internal/v5"
 )
 
 // serveArchive returns a handler for /archive that falls back to v5ServeArchive
@@ -26,8 +27,7 @@
 }
 
 func (h ReqHandler) serveGetArchive(id *router.ResolvedURL, w http.ResponseWriter, req *http.Request) error {
-	_, err := h.AuthorizeEntityAndTerms(req, []*router.ResolvedURL{id})
-	if err != nil {
+	if err := h.AuthorizeEntityForOp(id, req, v5.OpReadWithTerms); err != nil {
 		return errgo.Mask(err, errgo.Any)
 	}
 	blob, err := h.Store.OpenBlobPreV5(id)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/archive_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -718,9 +718,9 @@
 	// Here we exercise both bundle internal verification (bad relation) and
 	// validation with respect to charms (wordpress and mysql are missing).
 	expectErr := `bundle verification failed: [` +
-		`"relation [\"foo:db\" \"mysql:server\"] refers to service \"foo\" not defined in this bundle",` +
-		`"service \"mysql\" refers to non-existent charm \"mysql\"",` +
-		`"service \"wordpress\" refers to non-existent charm \"wordpress\""]`
+		`"relation [\"foo:db\" \"mysql:server\"] refers to application \"foo\" not defined in this bundle",` +
+		`"application \"mysql\" refers to non-existent charm \"mysql\"",` +
+		`"application \"wordpress\" refers to non-existent charm \"wordpress\""]`
 	s.assertCannotUpload(c, "~charmers/bundle/wordpress", f, http.StatusBadRequest, params.ErrInvalidEntity, expectErr)
 }
 
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/auth_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/auth_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/auth_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/auth_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -897,7 +897,7 @@
 	expectError: `verification failed: caveat "is-entity cs:~charmers/utopic/wordpress-42" not satisfied: operation on entity cs:utopic/wordpress-9 not allowed`,
 }, {
 	url:         "log",
-	expectError: `verification failed: caveat "is-entity cs:~charmers/utopic/wordpress-42" not satisfied: operation does not involve any of the allowed entities cs:~charmers/utopic/wordpress-42`,
+	expectError: `verification failed: caveat "is-entity cs:~charmers/utopic/wordpress-42" not satisfied: operation does not involve any entities`,
 }}
 
 func (s *authSuite) TestIsEntityCaveat(c *gc.C) {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/common_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/common_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,6 +26,7 @@
 	"gopkg.in/juju/charmstore.v5-unstable/internal/router"
 	"gopkg.in/juju/charmstore.v5-unstable/internal/storetesting"
 	"gopkg.in/juju/charmstore.v5-unstable/internal/v4"
+	"gopkg.in/juju/charmstore.v5-unstable/internal/v5"
 )
 
 var mgoLogger = loggo.GetLogger("mgo")
@@ -142,11 +143,15 @@
 
 // startServer creates a new charmstore server.
 func (s *commonSuite) startServer(c *gc.C) {
+	// Disable group caching.
+	s.PatchValue(&v5.PermCacheExpiry, time.Duration(0))
 	config := charmstore.ServerParams{
 		AuthUsername:     testUsername,
 		AuthPassword:     testPassword,
 		StatsCacheMaxAge: time.Nanosecond,
 		MaxMgoSessions:   s.maxMgoSessions,
+		AgentUsername:    "notused",
+		AgentKey:         new(bakery.KeyPair),
 	}
 	keyring := bakery.NewPublicKeyRing()
 	if s.enableIdentity {
@@ -262,7 +267,7 @@
 // addRequiredCharms adds any charms required by the given
 // bundle that are not already in the store.
 func (s *commonSuite) addRequiredCharms(c *gc.C, bundle charm.Bundle) {
-	for _, svc := range bundle.Data().Services {
+	for _, svc := range bundle.Data().Applications {
 		u := charm.MustParseURL(svc.Charm)
 		if _, err := s.store.FindBestEntity(u, params.StableChannel, nil); err == nil {
 			continue
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/content_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/content_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/content_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/content_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -65,7 +65,7 @@
 
 func (s *APISuite) TestServeDiagram(c *gc.C) {
 	bundle := storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "wordpress",
 				Annotations: map[string]string{
@@ -132,7 +132,7 @@
 func (s *APISuite) TestServeDiagramNoPosition(c *gc.C) {
 	bundle := storetesting.NewBundle(
 		&charm.BundleData{
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm: "wordpress",
 				},
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/relations_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/relations_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/relations_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/relations_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -627,17 +627,17 @@
 // to be included in the bundle.
 // For each URL, a corresponding service is automatically created.
 func relationTestingBundle(urls []string) charm.Bundle {
-	services := make(map[string]*charm.ServiceSpec, len(urls))
+	applications := make(map[string]*charm.ApplicationSpec, len(urls))
 	for i, url := range urls {
-		service := &charm.ServiceSpec{
+		application := &charm.ApplicationSpec{
 			Charm:    url,
 			NumUnits: 1,
 		}
-		services[fmt.Sprintf("service-%d", i)] = service
+		applications[fmt.Sprintf("application-%d", i)] = application
 	}
 	return storetesting.NewBundle(
 		&charm.BundleData{
-			Services: services,
+			Applications: applications,
 		})
 
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/search.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/search.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/search.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v4/search.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,14 +19,14 @@
 		return "", err
 	}
 	sp.ExpandedMultiSeries = true
-	auth, err := h.CheckRequest(req, nil, v5.OpOther)
+	auth, err := h.Authenticate(req)
 	if err != nil {
 		logger.Infof("authorization failed on search request, granting no privileges: %v", err)
 	}
 	sp.Admin = auth.Admin
 	if auth.Username != "" {
 		sp.Groups = append(sp.Groups, auth.Username)
-		groups, err := h.GroupsForUser(auth.Username)
+		groups, err := h.Handler.GroupsForUser(auth.Username)
 		if err != nil {
 			logger.Infof("cannot get groups for user %q, assuming no groups: %v", auth.Username, err)
 		}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api.go	2016-07-18 19:45:44.000000000 +0000
@@ -52,10 +52,11 @@
 	// with.
 	Pool *charmstore.Pool
 
-	config         charmstore.ServerParams
-	locator        bakery.PublicKeyLocator
-	identityClient *idmclient.Client
-	rootPath       string
+	config      charmstore.ServerParams
+	locator     bakery.PublicKeyLocator
+	groupCache  groupCache
+	permChecker permChecker
+	rootPath    string
 
 	// searchCache is a cache of search results keyed on the query
 	// parameters of the search. It should only be used for searches
@@ -94,17 +95,43 @@
 	reqHandlerCacheSize       = 50
 )
 
+// PermCacheExpiry holds the maximum length of time that permissions
+// and group membership information will be cached for.
+var PermCacheExpiry = time.Minute
+
+type permChecker interface {
+	Allow(username string, acl []string) (bool, error)
+}
+
+type groupCache interface {
+	Groups(username string) ([]string, error)
+}
+
 func New(pool *charmstore.Pool, config charmstore.ServerParams, rootPath string) *Handler {
+	var groupCache groupCache
+	var permChecker permChecker
+	if config.IdentityAPIURL != "" && config.AgentUsername != "" && config.AgentKey != nil {
+		logger.Infof("group membership enabled at %s; agent %s", config.IdentityAPIURL, config.AgentUsername)
+		identityClient := idmclient.New(idmclient.NewParams{
+			BaseURL: config.IdentityAPIURL,
+			Client:  agent.NewClient(config.AgentUsername, config.AgentKey),
+		})
+		gc := idmclient.NewGroupCache(identityClient, PermCacheExpiry)
+		groupCache = gc
+		permChecker = idmclient.NewPermCheckerWithCache(gc)
+	} else {
+		logger.Infof("group membership not enabled (no identity-api-url or agent-username)")
+		groupCache = noGroupCache{}
+		permChecker = noGroupsPermChecker{}
+	}
 	h := &Handler{
 		Pool:        pool,
 		config:      config,
 		rootPath:    rootPath,
 		searchCache: cache.New(config.SearchCacheMaxAge),
 		locator:     config.PublicKeyLocator,
-		identityClient: idmclient.New(idmclient.NewParams{
-			BaseURL: config.IdentityAPIURL,
-			Client:  agent.NewClient(config.AgentUsername, config.AgentKey),
-		}),
+		groupCache:  groupCache,
+		permChecker: permChecker,
 	}
 	return h
 }
@@ -225,7 +252,7 @@
 			"expand-id":   resolveId(authId(h.serveExpandId)),
 			"icon.svg":    resolveId(authId(h.serveIcon), "contents", "blobname"),
 			"publish":     resolveId(h.servePublish),
-			"promulgate":  resolveId(h.serveAdminPromulgate),
+			"promulgate":  resolveId(h.servePromulgate),
 			"readme":      resolveId(authId(h.serveReadMe), "contents", "blobname"),
 			"resource/":   resolveId(authId(h.serveResources), "charmmeta"),
 		},
@@ -273,7 +300,9 @@
 			"perm":             h.puttableBaseEntityHandler(h.metaPerm, h.putMetaPerm, "channelacls"),
 			"perm/":            h.puttableBaseEntityHandler(h.metaPermWithKey, h.putMetaPermWithKey, "channelacls"),
 			"promulgated":      h.baseEntityHandler(h.metaPromulgated, "promulgated"),
+			"can-ingest":       h.baseEntityHandler(h.metaCanIngest, "noingest"),
 			"resources":        h.EntityHandler(h.metaResources, "charmmeta"),
+			"resources/":       h.EntityHandler(h.metaResourcesSingle, "charmmeta"),
 			"revision-info":    router.SingleIncludeHandler(h.metaRevisionInfo),
 			"stats":            h.EntityHandler(h.metaStats),
 			"supported-series": h.EntityHandler(h.metaSupportedSeries, "supportedseries"),
@@ -307,6 +336,12 @@
 	rh.ServeHTTP(w, req)
 }
 
+// GroupsForUser returns all the groups that the given user
+// is a member of.
+func (h *Handler) GroupsForUser(username string) ([]string, error) {
+	return h.groupCache.Groups(username)
+}
+
 // ServeHTTP implements http.Handler by calling h.Router.ServeHTTP.
 func (h *ReqHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	h.Router.ServeHTTP(w, req)
@@ -551,7 +586,7 @@
 var errNotImplemented = errgo.Newf("method not implemented")
 
 // GET /debug
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-debug
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-debug
 func (h *ReqHandler) serveDebug(w http.ResponseWriter, req *http.Request) {
 	router.WriteError(w, errNotImplemented)
 }
@@ -584,7 +619,7 @@
 	// Collect all the expanded identifiers for each entity.
 	response := make([]params.ExpandedId, 0, len(docs))
 	for _, doc := range docs {
-		if err := h.AuthorizeEntity(charmstore.EntityResolvedURL(doc), req); err != nil {
+		if err := h.AuthorizeEntityForOp(charmstore.EntityResolvedURL(doc), req, OpReadWithNoTerms); err != nil {
 			continue
 		}
 		url := doc.PreferredURL(id.PromulgatedRevision != -1)
@@ -602,25 +637,25 @@
 }
 
 // GET id/meta/charm-metadata
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetacharm-metadata
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetacharm-metadata
 func (h *ReqHandler) metaCharmMetadata(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return entity.CharmMeta, nil
 }
 
 // GET id/meta/bundle-metadata
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetabundle-metadata
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetabundle-metadata
 func (h *ReqHandler) metaBundleMetadata(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return entity.BundleData, nil
 }
 
 // GET id/meta/bundle-unit-count
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetabundle-unit-count
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetabundle-unit-count
 func (h *ReqHandler) metaBundleUnitCount(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return bundleCount(entity.BundleUnitCount), nil
 }
 
 // GET id/meta/bundle-machine-count
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetabundle-machine-count
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetabundle-machine-count
 func (h *ReqHandler) metaBundleMachineCount(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return bundleCount(entity.BundleMachineCount), nil
 }
@@ -635,7 +670,7 @@
 }
 
 // GET id/meta/manifest
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetamanifest
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetamanifest
 func (h *ReqHandler) metaManifest(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	r, size, err := h.Store.BlobStore.Open(entity.BlobName)
 	if err != nil {
@@ -662,19 +697,19 @@
 }
 
 // GET id/meta/charm-actions
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetacharm-actions
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetacharm-actions
 func (h *ReqHandler) metaCharmActions(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return entity.CharmActions, nil
 }
 
 // GET id/meta/charm-config
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetacharm-config
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetacharm-config
 func (h *ReqHandler) metaCharmConfig(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return entity.CharmConfig, nil
 }
 
 // GET id/meta/terms
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaterms
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaterms
 func (h *ReqHandler) metaTerms(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	if entity.URL.Series == "bundle" {
 		return nil, nil
@@ -691,7 +726,7 @@
 }
 
 // GET id/meta/archive-size
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaarchive-size
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaarchive-size
 func (h *ReqHandler) metaArchiveSize(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return &params.ArchiveSizeResponse{
 		Size: entity.Size,
@@ -699,7 +734,7 @@
 }
 
 // GET id/meta/hash
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetahash
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetahash
 func (h *ReqHandler) metaHash(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return &params.HashResponse{
 		Sum: entity.BlobHash,
@@ -707,7 +742,7 @@
 }
 
 // GET id/meta/hash256
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetahash256
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetahash256
 func (h *ReqHandler) metaHash256(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return &params.HashResponse{
 		Sum: entity.BlobHash256,
@@ -715,7 +750,7 @@
 }
 
 // GET id/meta/tags
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetatags
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetatags
 func (h *ReqHandler) metaTags(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	var tags []string
 	switch {
@@ -733,7 +768,7 @@
 }
 
 // GET id/meta/stats/
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetastats
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetastats
 func (h *ReqHandler) metaStats(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 
 	// Retrieve the aggregated downloads count for the specific revision.
@@ -764,7 +799,7 @@
 }
 
 // GET id/meta/revision-info
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetarevision-info
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetarevision-info
 func (h *ReqHandler) metaRevisionInfo(id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	searchURL := id.PreferredURL()
 	searchURL.Revision = -1
@@ -780,7 +815,7 @@
 	for iter.Next() {
 		e := iter.Entity()
 		rurl := charmstore.EntityResolvedURL(e)
-		if err := h.AuthorizeEntity(rurl, req); err != nil {
+		if err := h.AuthorizeEntityForOp(rurl, req, OpReadWithNoTerms); err != nil {
 			// We're not authorized to see the entity, so leave it out.
 			// Note that the only time this will happen is when
 			// the original URL is promulgated and has a development channel,
@@ -802,7 +837,7 @@
 }
 
 // GET id/meta/id-user
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaid-user
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaid-user
 func (h *ReqHandler) metaIdUser(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return params.IdUserResponse{
 		User: id.PreferredURL().User,
@@ -818,7 +853,7 @@
 }
 
 // GET id/meta/id-series
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaid-series
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaid-series
 func (h *ReqHandler) metaIdSeries(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return params.IdSeriesResponse{
 		Series: id.PreferredURL().Series,
@@ -826,7 +861,7 @@
 }
 
 // GET id/meta/id
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaid
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaid
 func (h *ReqHandler) metaId(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	u := id.PreferredURL()
 	return params.IdResponse{
@@ -839,7 +874,7 @@
 }
 
 // GET id/meta/id-name
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaid-name
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaid-name
 func (h *ReqHandler) metaIdName(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return params.IdNameResponse{
 		Name: id.URL.Name,
@@ -847,7 +882,7 @@
 }
 
 // GET id/meta/id-revision
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaid-revision
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaid-revision
 func (h *ReqHandler) metaIdRevision(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return params.IdRevisionResponse{
 		Revision: id.PreferredURL().Revision,
@@ -855,7 +890,7 @@
 }
 
 // GET id/meta/supported-series
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetasupported-series
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetasupported-series
 func (h *ReqHandler) metaSupportedSeries(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	if entity.URL.Series == "bundle" {
 		return nil, nil
@@ -866,7 +901,7 @@
 }
 
 // GET id/meta/extra-info
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaextra-info
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaextra-info
 func (h *ReqHandler) metaExtraInfo(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	// The extra-info is stored in mongo as simple byte
 	// slices, so convert the values to json.RawMessages
@@ -880,7 +915,7 @@
 }
 
 // GET id/meta/extra-info/key
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaextra-infokey
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaextra-infokey
 func (h *ReqHandler) metaExtraInfoWithKey(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	path = strings.TrimPrefix(path, "/")
 	var data json.RawMessage = entity.ExtraInfo[path]
@@ -891,7 +926,7 @@
 }
 
 // PUT id/meta/extra-info
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idmetaextra-info
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idmetaextra-info
 func (h *ReqHandler) putMetaExtraInfo(id *router.ResolvedURL, path string, val *json.RawMessage, updater *router.FieldUpdater, req *http.Request) error {
 	var fields map[string]*json.RawMessage
 	if err := json.Unmarshal(*val, &fields); err != nil {
@@ -916,7 +951,7 @@
 var nullBytes = []byte("null")
 
 // PUT id/meta/extra-info/key
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idmetaextra-infokey
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idmetaextra-infokey
 func (h *ReqHandler) putMetaExtraInfoWithKey(id *router.ResolvedURL, path string, val *json.RawMessage, updater *router.FieldUpdater, req *http.Request) error {
 	key := strings.TrimPrefix(path, "/")
 	if err := checkExtraInfoKey(key, "extra-info"); err != nil {
@@ -933,7 +968,7 @@
 }
 
 // GET id/meta/common-info
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetacommon-info
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetacommon-info
 func (h *ReqHandler) metaCommonInfo(entity *mongodoc.BaseEntity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	// The common-info is stored in mongo as simple byte
 	// slices, so convert the values to json.RawMessages
@@ -947,7 +982,7 @@
 }
 
 // GET id/meta/common-info/key
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetacommon-infokey
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetacommon-infokey
 func (h *ReqHandler) metaCommonInfoWithKey(entity *mongodoc.BaseEntity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	path = strings.TrimPrefix(path, "/")
 	var data json.RawMessage = entity.CommonInfo[path]
@@ -958,7 +993,7 @@
 }
 
 // PUT id/meta/common-info
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idmetacommon-info
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idmetacommon-info
 func (h *ReqHandler) putMetaCommonInfo(id *router.ResolvedURL, path string, val *json.RawMessage, updater *router.FieldUpdater, req *http.Request) error {
 	var fields map[string]*json.RawMessage
 	if err := json.Unmarshal(*val, &fields); err != nil {
@@ -981,7 +1016,7 @@
 }
 
 // PUT id/meta/common-info/key
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idmetacommon-infokey
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idmetacommon-infokey
 func (h *ReqHandler) putMetaCommonInfoWithKey(id *router.ResolvedURL, path string, val *json.RawMessage, updater *router.FieldUpdater, req *http.Request) error {
 	key := strings.TrimPrefix(path, "/")
 	if err := checkExtraInfoKey(key, "common-info"); err != nil {
@@ -1005,7 +1040,7 @@
 }
 
 // GET id/meta/perm
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaperm
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaperm
 func (h *ReqHandler) metaPerm(entity *mongodoc.BaseEntity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	ch, err := h.entityChannel(id)
 	if err != nil {
@@ -1019,7 +1054,7 @@
 }
 
 // PUT id/meta/perm
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idmeta
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idmeta
 func (h *ReqHandler) putMetaPerm(id *router.ResolvedURL, path string, val *json.RawMessage, updater *router.FieldUpdater, req *http.Request) error {
 	var perms params.PermRequest
 	if err := json.Unmarshal(*val, &perms); err != nil {
@@ -1049,15 +1084,23 @@
 }
 
 // GET id/meta/promulgated
-// See https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetapromulgated
+// See https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetapromulgated
 func (h *ReqHandler) metaPromulgated(entity *mongodoc.BaseEntity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return params.PromulgatedResponse{
 		Promulgated: bool(entity.Promulgated),
 	}, nil
 }
 
+// GET id/meta/can-ingest
+// See https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetacan-ingest
+func (h *ReqHandler) metaCanIngest(entity *mongodoc.BaseEntity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
+	return params.CanIngestResponse{
+		CanIngest: !entity.NoIngest,
+	}, nil
+}
+
 // GET id/meta/perm/key
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetapermkey
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetapermkey
 func (h *ReqHandler) metaPermWithKey(entity *mongodoc.BaseEntity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	ch, err := h.entityChannel(id)
 	if err != nil {
@@ -1074,7 +1117,7 @@
 }
 
 // PUT id/meta/perm/key
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idmetapermkey
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idmetapermkey
 func (h *ReqHandler) putMetaPermWithKey(id *router.ResolvedURL, path string, val *json.RawMessage, updater *router.FieldUpdater, req *http.Request) error {
 	ch, err := h.entityChannel(id)
 	if err != nil {
@@ -1109,7 +1152,7 @@
 }
 
 // GET id/meta/published
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetapublished
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetapublished
 func (h *ReqHandler) metaPublished(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	baseEntity, err := h.Cache.BaseEntity(entity.URL, charmstore.FieldSelector("channelentities"))
 	if err != nil {
@@ -1141,7 +1184,7 @@
 }
 
 // GET id/meta/archive-upload-time
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idmetaarchive-upload-time
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaarchive-upload-time
 func (h *ReqHandler) metaArchiveUploadTime(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	return &params.ArchiveUploadTimeResponse{
 		UploadTime: entity.UploadTime.UTC(),
@@ -1149,7 +1192,7 @@
 }
 
 // GET changes/published[?limit=$count][&start=$fromdate][&stop=$todate]
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-changespublished
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-changespublished
 func (h *ReqHandler) serveChangesPublished(_ http.Header, r *http.Request) (interface{}, error) {
 	start, stop, err := parseDateRange(r.Form)
 	if err != nil {
@@ -1190,7 +1233,7 @@
 	for iter.Next() {
 		entity := iter.Entity()
 		// Ignore entities that aren't readable by the current user.
-		if err := h.AuthorizeEntity(charmstore.EntityResolvedURL(entity), r); err != nil {
+		if err := h.AuthorizeEntityForOp(charmstore.EntityResolvedURL(entity), r, OpReadWithNoTerms); err != nil {
 			continue
 		}
 		results = append(results, params.Published{
@@ -1210,25 +1253,29 @@
 }
 
 // GET /macaroon
-// See https://github.com/juju/charmstore/blob/v4/docs/API.md#get-macaroon
+// See https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-macaroon
+// Return a macaroon that will enable access to that can be checked by just
+// knowing the user's name.
 func (h *ReqHandler) serveMacaroon(_ http.Header, _ *http.Request) (interface{}, error) {
-	// will return a macaroon that will enable access to everything except archives
-	// of charms that require agreement to terms and conditions.
-	return h.newMacaroon([]checkers.Caveat{checkers.DenyCaveat(OpAccessCharmWithTerms)}...)
+	return h.newMacaroon(authnCheckableOps, nil, nil, false)
 }
 
 // GET /delegatable-macaroon
-// See https://github.com/juju/charmstore/blob/v4/docs/API.md#get-delegatable-macaroon
+// See https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-delegatable-macaroon
 func (h *ReqHandler) serveDelegatableMacaroon(_ http.Header, req *http.Request) (interface{}, error) {
 	values, err := url.ParseQuery(req.URL.RawQuery)
 	if err != nil {
 		return nil, errgo.Mask(err)
 	}
-	entityIds := values["id"]
+	idStrs := values["id"]
 	// No entity ids, so we provide a macaroon that's good for any entity that the
 	// user can access, as long as that entity doesn't have terms and conditions.
-	if len(entityIds) == 0 {
-		auth, err := h.authorize(req, []string{params.Everyone}, true, nil)
+	if len(idStrs) == 0 {
+		// Note that we require authorization even though we allow
+		// anyone to obtain a delegatable macaroon. This means
+		// that we will be able to add the declared caveats to
+		// the returned macaroon.
+		auth, err := h.Authenticate(req)
 		if err != nil {
 			return nil, errgo.Mask(err, errgo.Any)
 		}
@@ -1239,48 +1286,58 @@
 		m, err := h.Store.Bakery.NewMacaroon("", nil, []checkers.Caveat{
 			checkers.DeclaredCaveat(UsernameAttr, auth.Username),
 			checkers.TimeBeforeCaveat(time.Now().Add(DelegatableMacaroonExpiry)),
-			checkers.DenyCaveat(OpAccessCharmWithTerms),
+			checkers.AllowCaveat(authnCheckableOps...),
 		})
 		if err != nil {
 			return nil, errgo.Mask(err)
 		}
 		return m, nil
 	}
-	resolvedURLs := make([]*router.ResolvedURL, len(entityIds))
-	for i, id := range entityIds {
-		charmRef, err := charm.ParseURL(id)
+	urls := make([]*charm.URL, len(idStrs))
+	for i, idStr := range idStrs {
+		u, err := charm.ParseURL(idStr)
 		if err != nil {
-			return nil, errgo.WithCausef(err, params.ErrBadRequest, `bad "id" parameter`)
+			return nil, errgo.WithCausef(err, params.ErrBadRequest, `bad "id" parameter %q`, idStr)
 		}
-		resolvedURL, err := h.ResolveURL(charmRef)
-		if err != nil {
-			return nil, errgo.Mask(err)
+		urls[i] = u
+	}
+	ids, err := h.ResolveURLs(urls)
+	if err != nil {
+		return nil, errgo.Mask(err)
+	}
+	// ResolveURLs will return nil elements for any ids that aren't found.
+	for i, id := range ids {
+		if id == nil {
+			return nil, errgo.WithCausef(err, params.ErrNotFound, "%q not found", idStrs[i])
 		}
-		resolvedURLs[i] = resolvedURL
 	}
 
-	// Note that we require authorization even though we allow
-	// anyone to obtain a delegatable macaroon. This means
-	// that we will be able to add the declared caveats to
-	// the returned macaroon.
-	auth, err := h.AuthorizeEntityAndTerms(req, resolvedURLs)
+	auth, err := h.authorize(authorizeParams{
+		req:       req,
+		entityIds: ids,
+		// Note: we don't allow OpWrite here even though we could, because
+		// the current use-case for delegatable macaroon doesn't require it.
+		ops: []string{OpReadWithTerms, OpReadWithNoTerms},
+	})
 	if err != nil {
 		return nil, errgo.Mask(err, errgo.Any)
 	}
 	if auth.Username == "" {
-		return nil, errgo.WithCausef(nil, params.ErrForbidden, "delegatable macaroon is not obtainable using admin credentials")
+		if !auth.Admin {
+			return nil, errgo.WithCausef(nil, params.ErrForbidden, "delegatable macaroon cannot be obtained for public entities")
+		}
+		return nil, errgo.WithCausef(nil, params.ErrForbidden, "delegatable macaroon is not obtainable using admin credentials (admin %v)", auth.Admin)
 	}
 
-	resolvedURLstrings := make([]string, len(resolvedURLs))
-	for i, resolvedURL := range resolvedURLs {
-		resolvedURLstrings[i] = resolvedURL.URL.String()
-	}
+	// After this time, clients will be forced to renew the macaroon, even
+	// though it remains technically valid.
+	activeExpireTime := time.Now().Add(DelegatableMacaroonExpiry)
 
 	// TODO propagate expiry time from macaroons in request.
 	m, err := h.Store.Bakery.NewMacaroon("", nil, []checkers.Caveat{
 		checkers.DeclaredCaveat(UsernameAttr, auth.Username),
-		checkers.TimeBeforeCaveat(time.Now().Add(DelegatableMacaroonExpiry)),
-		checkers.Caveat{Condition: "is-entity " + strings.Join(resolvedURLstrings, " ")},
+		isEntityCaveat(ids),
+		activeTimeBeforeCaveat(activeExpireTime),
 	})
 	if err != nil {
 		return nil, errgo.Mask(err)
@@ -1289,16 +1346,16 @@
 }
 
 // GET /whoami
-// See https://github.com/juju/charmstore/blob/v4/docs/API.md#whoami
+// See https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#whoami
 func (h *ReqHandler) serveWhoAmI(_ http.Header, req *http.Request) (interface{}, error) {
-	auth, err := h.authorize(req, []string{params.Everyone}, true, nil)
+	auth, err := h.Authenticate(req)
 	if err != nil {
 		return nil, errgo.Mask(err, errgo.Any)
 	}
 	if auth.Admin {
 		return nil, errgo.WithCausef(nil, params.ErrForbidden, "admin credentials used")
 	}
-	groups, err := h.GroupsForUser(auth.Username)
+	groups, err := h.Handler.GroupsForUser(auth.Username)
 	if err != nil {
 		return nil, errgo.Mask(err, errgo.Any)
 	}
@@ -1309,9 +1366,19 @@
 }
 
 // PUT id/promulgate
-// See https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idpromulgate
-func (h *ReqHandler) serveAdminPromulgate(id *router.ResolvedURL, w http.ResponseWriter, req *http.Request) error {
-	if _, err := h.authorize(req, []string{PromulgatorsGroup}, false, id); err != nil {
+// See https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idpromulgate
+func (h *ReqHandler) servePromulgate(id *router.ResolvedURL, w http.ResponseWriter, req *http.Request) error {
+	// Note: the promulgator must be in the promulgators group but
+	// doesn't need write access to the entity.
+	if _, err := h.authorize(authorizeParams{
+		req: req,
+		acls: []mongodoc.ACL{{
+			Write: []string{PromulgatorsGroup},
+		}},
+		ops:              []string{OpWrite},
+		entityIds:        []*router.ResolvedURL{id},
+		ignoreEntityACLs: true,
+	}); err != nil {
 		return errgo.Mask(err, errgo.Any)
 	}
 	if req.Method != "PUT" {
@@ -1364,7 +1431,7 @@
 }
 
 // PUT id/publish
-// See https://github.com/juju/charmstore/blob/v4/docs/API.md#put-idpublish
+// See https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#put-idpublish
 func (h *ReqHandler) servePublish(id *router.ResolvedURL, w http.ResponseWriter, req *http.Request) error {
 	// Perform basic validation of the request.
 	if req.Method != "PUT" {
@@ -1395,11 +1462,19 @@
 	}
 
 	// Authorize the operation. Users must have write permissions on the ACLs
-	// on the channel being published to.
+	// on all the channels being published to.
+	acls := make([]mongodoc.ACL, 0, len(chans))
 	for _, c := range chans {
-		if _, err := h.authorize(req, baseEntity.ChannelACLs[c].Write, true, id); err != nil {
-			return errgo.Mask(err, errgo.Any)
-		}
+		acls = append(acls, baseEntity.ChannelACLs[c])
+	}
+	if _, err := h.authorize(authorizeParams{
+		req:              req,
+		acls:             acls,
+		entityIds:        []*router.ResolvedURL{id},
+		ignoreEntityACLs: true, // acls holds all the ACLs we care about.
+		ops:              []string{OpWrite},
+	}); err != nil {
+		return errgo.Mask(err, errgo.Any)
 	}
 
 	if err := h.Store.Publish(id, publish.Resources, chans...); err != nil {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/api_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -145,7 +145,7 @@
 	get:       entityFieldGetter("BundleData"),
 	checkURL:  newResolvedURL("cs:~charmers/bundle/wordpress-simple-42", 42),
 	assertCheckData: func(c *gc.C, data interface{}) {
-		c.Assert(data.(*charm.BundleData).Services["wordpress"].Charm, gc.Equals, "wordpress")
+		c.Assert(data.(*charm.BundleData).Applications["wordpress"].Charm, gc.Equals, "wordpress")
 	},
 }, {
 	name:      "bundle-unit-count",
@@ -500,6 +500,21 @@
 		c.Assert(data, gc.Equals, params.PromulgatedResponse{Promulgated: false})
 	},
 }, {
+	name: "can-ingest",
+	get: func(store *charmstore.Store, url *router.ResolvedURL) (interface{}, error) {
+		e, err := store.FindBaseEntity(&url.URL, nil)
+		if err != nil {
+			return nil, err
+		}
+		return params.CanIngestResponse{
+			CanIngest: !e.NoIngest,
+		}, nil
+	},
+	checkURL: newResolvedURL("cs:~bob/utopic/wordpress-2", -1),
+	assertCheckData: func(c *gc.C, data interface{}) {
+		c.Assert(data, gc.Equals, params.CanIngestResponse{CanIngest: true})
+	},
+}, {
 	name: "supported-series",
 	get: entityGetter(func(entity *mongodoc.Entity) interface{} {
 		if entity.URL.Series == "bundle" {
@@ -587,6 +602,34 @@
 		}})
 	},
 }, {
+	name: "resources/for-install",
+	get: func(store *charmstore.Store, url *router.ResolvedURL) (interface{}, error) {
+		if url.URL.Name != "starsay" {
+			return nil, nil
+		}
+		return &params.Resource{
+			Name:        "for-install",
+			Type:        "file",
+			Path:        "initial.tgz",
+			Description: "get things started",
+			Revision:    0,
+			Fingerprint: rawHash(hashOfString("for-install content")),
+			Size:        int64(len("for-install content")),
+		}, nil
+	},
+	checkURL: newResolvedURL("cs:~charmers/utopic/starsay-17", 17),
+	assertCheckData: func(c *gc.C, data interface{}) {
+		c.Assert(data, jc.DeepEquals, &params.Resource{
+			Name:        "for-install",
+			Type:        "file",
+			Path:        "initial.tgz",
+			Description: "get things started",
+			Revision:    0,
+			Fingerprint: rawHash(hashOfString("for-install content")),
+			Size:        int64(len("for-install content")),
+		})
+	},
+}, {
 	name: "published",
 	get: func(store *charmstore.Store, url *router.ResolvedURL) (interface{}, error) {
 		// All the entities published are in stable, not development,
@@ -817,7 +860,7 @@
 }, {
 	id: "~bob/bundle/mybundle-2",
 	entity: storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "~charmers/precise/wordpress",
 			},
@@ -1347,7 +1390,6 @@
 	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
 		Handler:      s.srv,
 		URL:          storeURL(id2 + "meta/terms"),
-		Method:       "GET",
 		ExpectStatus: http.StatusNotFound,
 		ExpectBody: params.Error{
 			Code:    params.ErrNotFound,
@@ -1363,7 +1405,6 @@
 	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
 		Handler:      s.srv,
 		URL:          storeURL(id.URL.Path() + "/meta/terms"),
-		Method:       "GET",
 		ExpectStatus: http.StatusNotFound,
 		ExpectBody: params.Error{
 			Code:    params.ErrMetadataNotFound,
@@ -1873,7 +1914,7 @@
 	url := newResolvedURL("~charmers/bundle/wordpress-simple-2", -1)
 	s.addPublicBundle(c, storetesting.NewBundle(&charm.BundleData{
 		Tags: []string{"foo", "bar"},
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "wordpress",
 			},
@@ -1891,7 +1932,7 @@
 	url := newResolvedURL("~charmers/bundle/wordpress-simple-2", 2)
 	s.addPublicBundle(c, storetesting.NewBundle(&charm.BundleData{
 		Tags: []string{"foo", "bar"},
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "wordpress",
 			},
@@ -3519,7 +3560,7 @@
 		ExpectStatus: http.StatusOK,
 		ExpectBody: params.WhoAmIResponse{
 			User:   "who",
-			Groups: []string{"foo", "bar"},
+			Groups: []string{"bar", "foo"},
 		},
 	})
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive.go	2016-07-18 19:45:44.000000000 +0000
@@ -27,13 +27,13 @@
 )
 
 // GET id/archive
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idarchive
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idarchive
 //
 // POST id/archive?hash=sha384hash
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#post-idarchive
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#post-idarchive
 //
 // DELETE id/archive
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#delete-idarchive
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#delete-idarchive
 //
 // PUT id/archive?hash=sha384hash
 // This is like POST except that it puts the archive to a known revision
@@ -56,6 +56,11 @@
 		// TODO: investigate using 100-Continue statuses to prevent
 		// unnecessary uploads.
 		defer io.Copy(ioutil.Discard, req.Body)
+
+		// Add "noingest" so that we don't need to fetch the base entity
+		// twice in the common case when uploading a charm.
+		h.Cache.AddBaseEntityFields(charmstore.FieldSelector("noingest"))
+
 		if err := h.authorizeUpload(id, req); err != nil {
 			return errgo.Mask(err, errgo.Any)
 		}
@@ -71,33 +76,37 @@
 	if id.User == "" {
 		return badRequestf(nil, "user not specified in entity upload URL %q", id)
 	}
-	baseEntity, err := h.Store.FindBaseEntity(id, charmstore.FieldSelector("channelacls"))
-	// Note that we pass a nil entity URL to authorizeWithPerms, because
+	baseEntity, err := h.Cache.BaseEntity(id, charmstore.FieldSelector("channelacls"))
+	if err != nil && errgo.Cause(err) != params.ErrNotFound {
+		return errgo.Notef(err, "cannot retrieve entity %q for authorization", id)
+	}
+	var acl mongodoc.ACL
+	if err == nil {
+		acl = baseEntity.ChannelACLs[params.UnpublishedChannel]
+	} else {
+		// The base entity does not currently exist, so we default to
+		// assuming write permissions for the entity user.
+		acl = mongodoc.ACL{
+			Write: []string{id.User},
+		}
+	}
+	// Note that we pass no entity ids to authorize, because
 	// we haven't got a resolved URL at this point. At some
 	// point in the future, we may want to be able to allow
 	// is-entity first-party caveats to be allowed when uploading
 	// at which point we will need to rethink this a little.
-	if err == nil {
-		acls := baseEntity.ChannelACLs[params.UnpublishedChannel]
-		if err := h.authorizeWithPerms(req, acls.Read, acls.Write, nil); err != nil {
-			return errgo.Mask(err, errgo.Any)
-		}
-		return nil
-	}
-	if errgo.Cause(err) != params.ErrNotFound {
-		return errgo.Notef(err, "cannot retrieve entity %q for authorization", id)
-	}
-	// The base entity does not currently exist, so we default to
-	// assuming write permissions for the entity user.
-	if err := h.authorizeWithPerms(req, nil, []string{id.User}, nil); err != nil {
+	if _, err := h.authorize(authorizeParams{
+		req:  req,
+		acls: []mongodoc.ACL{acl},
+		ops:  []string{OpWrite},
+	}); err != nil {
 		return errgo.Mask(err, errgo.Any)
 	}
 	return nil
 }
 
 func (h *ReqHandler) serveGetArchive(id *router.ResolvedURL, w http.ResponseWriter, req *http.Request) error {
-	_, err := h.AuthorizeEntityAndTerms(req, []*router.ResolvedURL{id})
-	if err != nil {
+	if err := h.AuthorizeEntityForOp(id, req, OpReadWithTerms); err != nil {
 		return errgo.Mask(err, errgo.Any)
 	}
 	blob, err := h.Store.OpenBlob(id)
@@ -193,6 +202,24 @@
 			errgo.Is(params.ErrInvalidEntity),
 		)
 	}
+	if ingesting, _ := router.ParseBool(req.Form.Get("ingest")); !ingesting {
+		// Find the base entity before trying to update its noingest status
+		// as if this isn't the first upload of the entity, the base entity
+		// will already be cached, so we won't need any more round trips
+		// to mongo than usual.
+		baseEntity, err := h.Cache.BaseEntity(&rid.URL, charmstore.FieldSelector("noingest"))
+		if err != nil || !baseEntity.NoIngest {
+			if err := h.Store.DB.BaseEntities().UpdateId(mongodoc.BaseURL(&rid.URL), bson.D{{
+				"$set", bson.D{{
+					"noingest", true,
+				}},
+			}}); err != nil {
+				// We can't update NoIngest status but that's probably no big deal
+				// so just log the error and move on.
+				logger.Errorf("cannot update NoIngest status of entity %v: %v", &rid.URL, err)
+			}
+		}
+	}
 	return httprequest.WriteJSON(w, http.StatusOK, &params.ArchiveUploadResponse{
 		Id:            &rid.URL,
 		PromulgatedId: rid.PromulgatedURL(),
@@ -286,7 +313,7 @@
 }
 
 // GET id/archive/path
-// https://github.com/juju/charmstore/blob/v4/docs/API.md#get-idarchivepath
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idarchivepath
 func (h *ReqHandler) serveArchiveFile(id *router.ResolvedURL, w http.ResponseWriter, req *http.Request) error {
 	blob, err := h.Store.OpenBlob(id)
 	if err != nil {
@@ -348,7 +375,7 @@
 // to give to a newly uploaded charm with the given id.
 // It returns -1 if the charm is not promulgated.
 func (h *ReqHandler) getNewPromulgatedRevision(id *charm.URL) (int, error) {
-	baseEntity, err := h.Store.FindBaseEntity(id, charmstore.FieldSelector("promulgated"))
+	baseEntity, err := h.Cache.BaseEntity(id, charmstore.FieldSelector("promulgated"))
 	if err != nil && errgo.Cause(err) != params.ErrNotFound {
 		return 0, errgo.Mask(err)
 	}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/archive_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -59,20 +59,21 @@
 	s.commonSuite.SetUpSuite(c)
 }
 
-func (s *ArchiveSuite) TestGetCharmWithTerms(c *gc.C) {
-	client := httpbakery.NewHTTPClient()
-
+func (s *ArchiveSuite) TestGetCharmWithTermsWhenTermsServiceNotConfigured(c *gc.C) {
 	id := newResolvedURL("cs:~charmers/precise/terms-0", -1)
 	s.addPublicCharm(c, storetesting.NewCharm(&charm.Meta{
 		Terms: []string{"terms-1/1", "terms-2/5"},
 	}), id)
 
-	rec := httptesting.DoRequest(c, httptesting.DoRequestParams{
-		Handler: s.srv,
-		URL:     storeURL("~charmers/precise/terms-0/archive"),
-		Do:      bakeryDo(client),
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler:      s.srv,
+		URL:          storeURL("~charmers/precise/terms-0/archive"),
+		ExpectStatus: http.StatusUnauthorized,
+		ExpectBody: params.Error{
+			Message: "charmstore not configured to serve charms with terms and conditions",
+			Code:    params.ErrUnauthorized,
+		},
 	})
-	c.Assert(rec.Code, gc.Equals, http.StatusUnauthorized)
 }
 
 func (s *ArchiveSuite) TestGet(c *gc.C) {
@@ -422,7 +423,7 @@
 		URL:     storeURL("~charmers/wordpress/archive?channel=unpublished"),
 		Do:      bakeryDo(nil),
 	})
-	c.Assert(rec.Code, gc.Equals, http.StatusOK)
+	c.Assert(rec.Code, gc.Equals, http.StatusOK, gc.Commentf("body: %s", rec.Body))
 	c.Assert(rec.Header().Get(params.EntityIdHeader), gc.Equals, "cs:~charmers/precise/wordpress-2")
 }
 
@@ -645,6 +646,66 @@
 	})
 }
 
+func (s *ArchiveSuite) TestPostEntityClearsCanIngest(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/juju-gui-0", -1)
+	s.assertUploadCharm(c, "PUT", id, "wordpress", nil)
+	s.setPublic(c, id)
+
+	// Sanity check that can-ingest is false after the initial PUT.
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL(id.URL.Path() + "/meta/can-ingest"),
+		ExpectBody: params.CanIngestResponse{
+			CanIngest: true,
+		},
+	})
+	id1 := *id
+	id1.URL.Revision = 1
+	s.assertUploadCharm(c, "POST", &id1, "mysql", nil)
+
+	// Uploading with POST should have set can-ingest to false.
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL(id.URL.Path() + "/meta/can-ingest"),
+		ExpectBody: params.CanIngestResponse{
+			CanIngest: false,
+		},
+	})
+}
+
+func (s *ArchiveSuite) TestPostEntityWithIngestDoesNotClearCanIngest(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/juju-gui-0", -1)
+	s.assertUploadCharm(c, "PUT", id, "wordpress", nil)
+	s.setPublic(c, id)
+
+	// Sanity check that can-ingest is false after the initial PUT.
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL(id.URL.Path() + "/meta/can-ingest"),
+		ExpectBody: params.CanIngestResponse{
+			CanIngest: true,
+		},
+	})
+	id1 := *id
+	id1.URL.Revision = 1
+	ch := storetesting.Charms.CharmArchive(c.MkDir(), "mysql")
+	s.assertUpload(c, uploadParams{
+		method:   "POST",
+		id:       &id1,
+		fileName: ch.Path,
+		ingest:   true,
+	})
+
+	// Uploading with POST but with the ingest flag should leave can-ingest as it is.
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL(id.URL.Path() + "/meta/can-ingest"),
+		ExpectBody: params.CanIngestResponse{
+			CanIngest: true,
+		},
+	})
+}
+
 func invalidZip() io.ReadSeeker {
 	return strings.NewReader("invalid zip content")
 }
@@ -758,9 +819,9 @@
 	// Here we exercise both bundle internal verification (bad relation) and
 	// validation with respect to charms (wordpress and mysql are missing).
 	expectErr := `bundle verification failed: [` +
-		`"relation [\"foo:db\" \"mysql:server\"] refers to service \"foo\" not defined in this bundle",` +
-		`"service \"mysql\" refers to non-existent charm \"mysql\"",` +
-		`"service \"wordpress\" refers to non-existent charm \"wordpress\""]`
+		`"relation [\"foo:db\" \"mysql:server\"] refers to application \"foo\" not defined in this bundle",` +
+		`"application \"mysql\" refers to non-existent charm \"mysql\"",` +
+		`"application \"wordpress\" refers to non-existent charm \"wordpress\""]`
 	s.assertCannotUpload(c, "~charmers/bundle/wordpress", f, http.StatusBadRequest, params.ErrInvalidEntity, expectErr)
 }
 
@@ -877,7 +938,12 @@
 // that the charm will be given when uploaded.
 func (s *commonArchiveSuite) assertUploadCharm(c *gc.C, method string, url *router.ResolvedURL, charmName string, chans []params.Channel) *charm.CharmArchive {
 	ch := storetesting.Charms.CharmArchive(c.MkDir(), charmName)
-	id, size := s.assertUpload(c, method, url, ch.Path, nil)
+	id, size := s.assertUpload(c, uploadParams{
+		method:   method,
+		id:       url,
+		fileName: ch.Path,
+		chans:    chans,
+	})
 	s.assertEntityInfo(c, entityInfo{
 		Id: id,
 		Meta: entityMetaInfo{
@@ -897,7 +963,11 @@
 	path := storetesting.Charms.BundleArchivePath(c.MkDir(), bundleName)
 	b, err := charm.ReadBundleArchive(path)
 	c.Assert(err, gc.IsNil)
-	id, size := s.assertUpload(c, method, url, path, nil)
+	id, size := s.assertUpload(c, uploadParams{
+		method:   method,
+		id:       url,
+		fileName: path,
+	})
 	s.assertEntityInfo(c, entityInfo{
 		Id: id,
 		Meta: entityMetaInfo{
@@ -908,8 +978,16 @@
 	)
 }
 
-func (s *commonArchiveSuite) assertUpload(c *gc.C, method string, url *router.ResolvedURL, fileName string, chans []params.Channel) (id *charm.URL, size int64) {
-	f, err := os.Open(fileName)
+type uploadParams struct {
+	method   string
+	id       *router.ResolvedURL
+	fileName string
+	chans    []params.Channel
+	ingest   bool
+}
+
+func (s *commonArchiveSuite) assertUpload(c *gc.C, p uploadParams) (id *charm.URL, size int64) {
+	f, err := os.Open(p.fileName)
 	c.Assert(err, gc.IsNil)
 	defer f.Close()
 
@@ -923,24 +1001,27 @@
 	_, err = f.Seek(0, 0)
 	c.Assert(err, gc.IsNil)
 
-	uploadURL := url.URL
-	if method == "POST" {
+	uploadURL := p.id.URL
+	if p.method == "POST" {
 		uploadURL.Revision = -1
 	}
 
 	path := fmt.Sprintf("%s/archive?hash=%s", uploadURL.Path(), hashSum)
-	for _, c := range chans {
+	for _, c := range p.chans {
 		path += fmt.Sprintf("&channel=%s", c)
 	}
-	expectId := uploadURL.WithRevision(url.URL.Revision)
-	expectedPromulgatedId := url.PromulgatedURL()
+	if p.ingest {
+		path += "&ingest=1"
+	}
+	expectId := uploadURL.WithRevision(p.id.URL.Revision)
+	expectedPromulgatedId := p.id.PromulgatedURL()
 	if expectedPromulgatedId != nil {
 		path += fmt.Sprintf("&promulgated=%s", expectedPromulgatedId.String())
 	}
 	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
 		Handler:       s.srv,
 		URL:           storeURL(path),
-		Method:        method,
+		Method:        p.method,
 		ContentLength: size,
 		Header: http.Header{
 			"Content-Type": {"application/zip"},
@@ -960,7 +1041,7 @@
 	expectChans := map[params.Channel]bool{
 		params.UnpublishedChannel: true,
 	}
-	for _, ch := range chans {
+	for _, ch := range p.chans {
 		expectChans[ch] = true
 	}
 
@@ -969,7 +1050,7 @@
 		params.DevelopmentChannel,
 		params.StableChannel,
 	} {
-		_, err := s.store.FindBestEntity(&url.URL, ch, nil)
+		_, err := s.store.FindBestEntity(&p.id.URL, ch, nil)
 		if expectChans[ch] {
 			c.Assert(err, gc.IsNil)
 		} else {
@@ -978,14 +1059,15 @@
 		}
 	}
 
-	entity, err := s.store.FindEntity(url, nil)
+	entity, err := s.store.FindEntity(p.id, nil)
 	c.Assert(err, gc.IsNil)
 	c.Assert(entity.BlobHash, gc.Equals, hashSum)
-	if url.URL.Series != "" {
+	if p.id.URL.Series != "" {
 		c.Assert(entity.BlobHash256, gc.Equals, hash256Sum)
 	}
-	c.Assert(entity.PromulgatedURL, gc.DeepEquals, url.PromulgatedURL())
-	c.Assert(entity.Development, gc.Equals, false)
+	c.Assert(entity.PromulgatedURL, gc.DeepEquals, p.id.PromulgatedURL())
+	c.Assert(entity.Development, gc.Equals, expectChans[params.DevelopmentChannel])
+	c.Assert(entity.Stable, gc.Equals, expectChans[params.StableChannel])
 
 	// Test that the expected entry has been created
 	// in the blob store.
@@ -1098,7 +1180,6 @@
 			Handler:      s.srv,
 			URL:          storeURL(test.path),
 			Do:           bakeryDo(nil),
-			Method:       "GET",
 			ExpectStatus: test.expectStatus,
 			ExpectBody: params.Error{
 				Message: test.expectMessage,
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth.go	2016-07-18 19:45:44.000000000 +0000
@@ -6,10 +6,10 @@
 import (
 	"encoding/base64"
 	"net/http"
+	"sort"
 	"strings"
 	"time"
 
-	idmparams "github.com/juju/idmclient/params"
 	"gopkg.in/errgo.v1"
 	"gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
 	"gopkg.in/macaroon-bakery.v1/bakery"
@@ -22,158 +22,287 @@
 	"gopkg.in/juju/charmstore.v5-unstable/internal/router"
 )
 
+const UsernameAttr = "username"
+
+// authorization conatains authorization information extracted from an HTTP request.
+// The zero value for a authorization contains no privileges.
+type authorization struct {
+	Admin    bool
+	Username string
+}
+
 const (
 	PromulgatorsGroup = "charmers"
 
-	// OpAccessCharmWithTerms indicates an operation of accessing the archive of
-	// a charm that requires agreement to certain terms and conditions.
-	OpAccessCharmWithTerms = "op-get-with-terms"
-
-	// OpOther indicates all other operations.
-	// This operation should not be added as part of a macaroon caveat.
-	OpOther = "op-other"
+	defaultMacaroonExpiry   = 24 * time.Hour
+	shortTermMacaroonExpiry = time.Minute
+)
+
+// These operations represent categories of operation by the user on
+// the charm store. All the operations should be
+// mutually distinct.
+const (
+	// OpReadWithNoTerms is the operation of reading an entity
+	// where either the entity has no associated terms and conditions
+	// or we don't need to agree to them to access the entity.
+	OpReadWithNoTerms = "read-no-terms"
+
+	// OpReadWithTerms is the operation of reading an entity
+	// where terms must be agreed to before contents
+	// are provided.
+	OpReadWithTerms = "read-with-terms"
 
-	defaultMacaroonExpiry = 24 * time.Hour
+	// OpWrite indicates an operation that changes something in the charmstore.
+	OpWrite = "write"
 )
 
-// authorize checks that the current user is authorized based on the provided
-// ACL and optional entity. If an authenticated user is required, authorize tries to retrieve the
-// current user in the following ways:
-// - by checking that the request's headers HTTP basic auth credentials match
-//   the superuser credentials stored in the API handler;
+// authnCheckableOps holds the set of operations that
+// can be authorized with just a username.
+var authnCheckableOps = []string{
+	OpReadWithNoTerms,
+	OpWrite,
+}
+
+// timeNow is defined as a variable so that it can be overridden in tests.
+var timeNow = time.Now
+
+// AuthorizeEntity is a convenience method that calls authorize to check
+// that the given request can access the entity with the given id to
+// perform all of the given operations. The operation will be chosen based
+// on the request method (OpReadNonArchive for non-mutating HTTP
+// methods; OpWrite for others).
+//
+// If the request fails because authorization is denied, a macaroon is
+// minted that will provide access when discharged, and returned as a
+// discharge-required error.
+//
+// This method implements router.Context.AuthorizeEntity.
+func (h *ReqHandler) AuthorizeEntity(id *router.ResolvedURL, req *http.Request) error {
+	var op string
+	switch req.Method {
+	case "GET", "HEAD", "OPTIONS":
+		op = OpReadWithNoTerms
+	default:
+		op = OpWrite
+	}
+	return h.AuthorizeEntityForOp(id, req, op)
+}
+
+// Authenticate is a convenience method that calls authorize to check
+// that that the given request is authenticated for some user.
+func (h *ReqHandler) Authenticate(req *http.Request) (authorization, error) {
+	return h.authorize(authorizeParams{
+		req: req,
+		acls: []mongodoc.ACL{{
+			Read: []string{params.Everyone},
+		}},
+		ops:           []string{OpReadWithNoTerms},
+		authnRequired: true,
+	})
+}
+
+// AuthorizeEntityForOp is a convenience method that calls authorize to check
+// that that the given request is authorized to perform the given operation
+// on the entity with the given id.
+func (h *ReqHandler) AuthorizeEntityForOp(id *router.ResolvedURL, req *http.Request, op string) error {
+	_, err := h.authorize(authorizeParams{
+		req:       req,
+		ops:       []string{op},
+		entityIds: []*router.ResolvedURL{id},
+	})
+	if err != nil {
+		return errgo.Mask(err, errgo.Any)
+	}
+	return nil
+}
+
+// authenticateAdmin checks that the given request has admin credentials.
+func (h *ReqHandler) authenticateAdmin(req *http.Request) error {
+	if _, err := h.authorize(authorizeParams{
+		req: req,
+		ops: []string{OpReadWithNoTerms},
+		// Provide an empty ACL, which means that only a request
+		// with admin credentials can be authorized.
+		acls: []mongodoc.ACL{{}},
+	}); err != nil {
+		return errgo.Mask(err, errgo.Any)
+	}
+	return nil
+}
+
+// authorizeParams holds parameters for an Authorize request.
+type authorizeParams struct {
+	// req holds the client HTTP request.
+	req *http.Request
+
+	// ops holds the operations to be performed.
+	// Authorize checks that all these operations are
+	// allowed.
+	ops []string
+
+	// acls holds optional additional ACLs to be checked. The request
+	// will only be authorized if the authenticated user
+	// is a member of the appropriate member of these ACLs
+	// and of the ACLs of all the entity ids (but see also
+	// ignoreEntityACLs).
+	acls []mongodoc.ACL
+
+	// entityIds holds the set of entity ids being accessed.
+	entityIds []*router.ResolvedURL
+
+	// ignoreEntityACLs holds whether ACLs on the above
+	// entityIds should be ignored. In this case, acls should
+	// hold the actual ACLs to check.
+	ignoreEntityACLs bool
+
+	// authnRequired holds whether the request should be
+	// authenticated even if the ACLs are open to everyone.
+	// This automatically applies to non-read requests.
+	authnRequired bool
+}
+
+// authorize checks that the current user is authorized to perform
+// the request specified in the given parameters. If an authenticated user
+// is required, authorize tries to retrieve the current user in the
+// following ways:
+//
+// - by checking that the request header's HTTP basic auth credentials match
+//   the auth credentials stored in the API handler;
+//
 // - by checking that there is a valid macaroon in the request's cookies.
 // A params.ErrUnauthorized error is returned if superuser credentials fail;
 // otherwise a macaroon is minted and a httpbakery discharge-required
 // error is returned holding the macaroon.
 //
 // This method also sets h.auth to the returned authorization info.
-func (h *ReqHandler) authorize(req *http.Request, acl []string, alwaysAuth bool, entityId *router.ResolvedURL) (authorization, error) {
+func (h *ReqHandler) authorize(p authorizeParams) (authorization, error) {
+	if len(p.ops) == 0 {
+		return authorization{}, errgo.Newf("no operation to be authorized")
+	}
 	// TODO this is logging statement is actually quite costly
 	// when we're dealing with requests that need to authorize
 	// many entities (e.g. charm-related). Consider removing
 	// it or making it dependent on context.
 	logger.Infof(
-		"authorize, auth location %q, acl %q, path: %q, method: %q, entity: %#v",
-		h.Handler.config.IdentityLocation,
-		acl,
-		req.URL.Path,
-		req.Method,
-		entityId)
-
-	if !alwaysAuth {
-		// No need to authenticate if the ACL is open to everyone.
-		for _, name := range acl {
-			if name == params.Everyone {
-				return authorization{}, nil
-			}
+		"authorize, ops %q, acls %q, path: %q, method: %q, entities: %v",
+		p.ops,
+		p.acls,
+		p.req.URL.Path,
+		p.req.Method,
+		p.entityIds,
+	)
+
+	set := newACLSet(len(p.entityIds) + 1)
+	if !p.ignoreEntityACLs {
+		if err := h.addEntitiesACLs(set, p.entityIds); err != nil {
+			return authorization{}, errgo.Mask(err)
 		}
 	}
-	entities := []*router.ResolvedURL{}
-	if entityId != nil {
-		entities = append(entities, entityId)
-	}
-	auth, verr := h.CheckRequest(req, entities, OpOther)
-	if verr == nil {
-		if err := h.checkACLMembership(auth, acl); err != nil {
-			return authorization{}, errgo.WithCausef(err, params.ErrUnauthorized, "")
-		}
-		h.auth = auth
-		return auth, nil
+	for _, acl := range p.acls {
+		set.add(acl)
 	}
-	if _, ok := errgo.Cause(verr).(*bakery.VerificationError); !ok {
-		return authorization{}, errgo.Mask(verr, errgo.Is(params.ErrUnauthorized))
+	if len(set.acls) == 0 {
+		return authorization{}, errgo.Newf("no ACLs or entities specified in authorization request")
 	}
 
-	// Macaroon verification failed: mint a new macaroon.
-	// We need to deny access for opAccessCharmWithTerms operations because they
-	// may require more specific checks that terms and conditions have been
-	// satisfied.
-	m, err := h.newMacaroon(checkers.DenyCaveat(OpAccessCharmWithTerms))
-	if err != nil {
-		return authorization{}, errgo.Notef(err, "cannot mint macaroon")
-	}
-
-	return authorization{}, h.newDischargeRequiredError(m, verr, req)
-}
-
-// AuthorizeEntityAndTerms is similar to the authorize method, but
-// in addition it also checks if the entity meta data specifies
-// and terms and conditions that the user needs to agree to. If so,
-// it will require the user to agree to those terms and conditions
-// by adding a third party caveat addressed to the terms service
-// requiring the user to have agreements to specified terms.
-func (h *ReqHandler) AuthorizeEntityAndTerms(req *http.Request, entityIds []*router.ResolvedURL) (authorization, error) {
-	logger.Infof(
-		"authorize entity and terms, auth location %q, terms location %q, path: %q, method: %q, entities: %#v",
-		h.Handler.config.IdentityLocation,
-		h.Handler.config.TermsLocation,
-		req.URL.Path,
-		req.Method,
-		entityIds)
-
-	if len(entityIds) == 0 {
-		return authorization{}, errgo.WithCausef(nil, params.ErrUnauthorized, "entity id not specified")
-	}
-
-	public, acls, requiredTerms, err := h.entityAuthInfo(entityIds)
+	newOps, requiredTerms, newAuthnRequired, err := h.verifyOps(p.ops, p.entityIds)
 	if err != nil {
 		return authorization{}, errgo.Mask(err)
 	}
-
-	// if all entities are open to everyone and non of the entities defines any Terms, then we return nil
-	if public {
-		return authorization{}, nil
-	}
+	p.ops = newOps
+	p.authnRequired = p.authnRequired || newAuthnRequired
 
 	if len(requiredTerms) > 0 && h.Handler.config.TermsLocation == "" {
 		return authorization{}, errgo.WithCausef(nil, params.ErrUnauthorized, "charmstore not configured to serve charms with terms and conditions")
 	}
 
-	operation := OpOther
-	if len(requiredTerms) > 0 {
-		operation = OpAccessCharmWithTerms
+	if !p.authnRequired && set.readPublic {
+		// No need to authenticate if the ACL is open to everyone and we're
+		// just trying to read something that won't require terms to be agreed to.
+		// TODO return Username: "everyone" here?
+		return authorization{}, nil
 	}
-
-	auth, verr := h.CheckRequest(req, entityIds, operation)
+	auth, verr := h.checkRequest(p)
 	if verr == nil {
-		for _, acl := range acls {
-			if err := h.checkACLMembership(auth, acl); err != nil {
-				return authorization{}, errgo.WithCausef(err, params.ErrUnauthorized, "")
-			}
+		// The request is OK. Now check that the user associated with
+		// the verified macaroons is part of the ACL.
+		if err := set.check(auth, p.ops, h.Handler.permChecker.Allow); err != nil {
+			return authorization{}, errgo.WithCausef(err, params.ErrUnauthorized, "")
 		}
 		h.auth = auth
 		return auth, nil
 	}
 	if _, ok := errgo.Cause(verr).(*bakery.VerificationError); !ok {
-		return authorization{}, errgo.Mask(verr, errgo.Is(params.ErrUnauthorized))
-	}
-
-	caveats := []checkers.Caveat{}
-	if len(requiredTerms) > 0 {
-		terms := []string{}
-		for term, _ := range requiredTerms {
-			terms = append(terms, term)
-		}
-		resolvedURLstrings := make([]string, len(entityIds))
-		for i, id := range entityIds {
-			resolvedURLstrings[i] = id.String()
-		}
-		caveats = append(caveats,
-			checkers.Caveat{Condition: "is-entity " + strings.Join(resolvedURLstrings, " ")},
-			checkers.Caveat{h.Handler.config.TermsLocation, "has-agreed " + strings.Join(terms, " ")},
-		)
+		return authorization{}, errgo.Mask(verr, errgo.Is(params.ErrUnauthorized), isDischargeRequiredError)
 	}
 
 	// Macaroon verification failed: mint a new macaroon.
-	m, err := h.newMacaroon(caveats...)
+
+	shortTerm := len(requiredTerms) > 0
+	grantOps := p.ops
+	if !shortTerm {
+		// If we're issuing a long-term macaroon, allow any operations
+		// that can be authorized with authentication only.
+		grantOps = authnCheckableOps
+	}
+	m, err := h.newMacaroon(grantOps, p.entityIds, requiredTerms, shortTerm)
 	if err != nil {
 		return authorization{}, errgo.Notef(err, "cannot mint macaroon")
 	}
-
-	return authorization{}, h.newDischargeRequiredError(m, verr, req)
+	return authorization{}, h.newDischargeRequiredError(m, verr, p.req, shortTerm)
 }
 
-func (h *ReqHandler) newDischargeRequiredError(m *macaroon.Macaroon, verr error, req *http.Request) error {
+// verifyOps verifies that all the given operations on the given entity ids
+// are valid and are appropriate. It returns the actually applicable
+// operations, changing OpReadWithTerms to OpReadWithNoTerms
+// if none of the entities require terms to be agreed.
+//
+// It also reports whether authentication should always be done.
+func (h *ReqHandler) verifyOps(ops []string, entityIds []*router.ResolvedURL) (actualOps []string, requiredTerms []string, authnRequired bool, err error) {
+	opsMap := make(map[string]bool)
+	opsChanged := false
+	for _, op := range ops {
+		switch op {
+		case OpReadWithTerms:
+			var err error
+			// Terms agreement might be required. Find out all the required terms
+			// so we can add them to the macaroon.
+			requiredTerms, err = h.entitiesRequiredTerms(entityIds)
+			if err != nil {
+				return nil, nil, false, errgo.Notef(err, "cannot acquire required terms for entities")
+			}
+			if len(requiredTerms) == 0 {
+				// There are no terms, so OpReadWithTerms is unnecessary.
+				opsMap[OpReadWithNoTerms] = true
+				opsChanged = true
+				break
+			}
+			authnRequired = true
+			opsMap[op] = true
+		case OpWrite:
+			authnRequired = true
+			opsMap[op] = true
+		case OpReadWithNoTerms:
+			opsMap[op] = true
+		default:
+			return nil, nil, false, errgo.Newf("unknown operation %q", op)
+		}
+	}
+	if !opsChanged {
+		return ops, requiredTerms, authnRequired, nil
+	}
+	actualOps = make([]string, 0, len(opsMap))
+	for op := range opsMap {
+		actualOps = append(actualOps, op)
+	}
+	return actualOps, requiredTerms, authnRequired, nil
+}
+
+// newDischargeRequiredError returns a discharge-required error that contains the
+// given macaroon, created because the given request failed with the given authorization
+// error. The shortTerm parameter specifies whether the macaroon has a short
+// expiry duration.
+func (h *ReqHandler) newDischargeRequiredError(m *macaroon.Macaroon, verr error, req *http.Request, shortTerm bool) error {
 	// Request that this macaroon be supplied for all requests
 	// to the whole handler. We use a relative path because
 	// the charm store is conventionally under an external
@@ -188,59 +317,45 @@
 		cookiePath = p
 	}
 	dischargeErr := httpbakery.NewDischargeRequiredErrorForRequest(m, cookiePath, verr, req)
-	dischargeErr.(*httpbakery.Error).Info.CookieNameSuffix = "authn"
+	cookieName := "authn"
+	if shortTerm {
+		// It's a short term authorization macaroon so use a different
+		// cookie name so  that we don't overrite the longer term authentication
+		// macaroon.
+		cookieName = "authz"
+	}
+	dischargeErr.(*httpbakery.Error).Info.CookieNameSuffix = cookieName
 	return dischargeErr
 }
 
-// entityAuthInfo returns authorization on the entities with the given ids.
-// If public is true, no authorization is required, otherwise acls holds
-// an entry for each id with the corresponding ACL for each entity,
-// and requiredTerms holds entries for all required terms.
-func (h *ReqHandler) entityAuthInfo(entityIds []*router.ResolvedURL) (public bool, acls [][]string, requiredTerms map[string]bool, err error) {
-	acls = make([][]string, len(entityIds))
-	requiredTerms = make(map[string]bool)
-	public = true
-	for i, entityId := range entityIds {
-		entity, err := h.Cache.Entity(&entityId.URL, charmstore.FieldSelector("charmmeta"))
-		if err != nil {
-			return false, nil, nil, errgo.Mask(err, errgo.Is(params.ErrNotFound))
-		}
-		acl, err := h.entityACLs(entityId)
-		if err != nil {
-			return false, nil, nil, errgo.Mask(err, errgo.Is(params.ErrNotFound))
-		}
-		acls[i] = acl.Read
+func isDischargeRequiredError(err error) bool {
+	if err, ok := errgo.Cause(err).(*httpbakery.Error); ok && err.Code == httpbakery.ErrDischargeRequired {
+		return true
+	}
+	return false
+}
 
-		if entity.CharmMeta == nil || len(entity.CharmMeta.Terms) == 0 {
-			// No need to authenticate if the ACL is open to everyone.
-			publicCharm := false
-			for _, name := range acls[i] {
-				if name == params.Everyone {
-					publicCharm = true
-					break
-				}
-			}
-			public = public && publicCharm
-		} else {
-			public = false
-			for _, term := range entity.CharmMeta.Terms {
-				requiredTerms[term] = true
-			}
+// addEntitiesACLs adds ACLs for all the given entities to the given ACL set.
+func (h *ReqHandler) addEntitiesACLs(set *aclSet, ids []*router.ResolvedURL) error {
+	for _, id := range ids {
+		acl, err := h.entityACLs(id)
+		if err != nil {
+			return errgo.Mask(err, errgo.Is(params.ErrNotFound))
 		}
+		set.add(acl)
 	}
-
-	return public, acls, requiredTerms, nil
+	return nil
 }
 
-// CheckRequest checks for any authorization tokens in the request and
-// returns any found as an authorization. If no suitable credentials are
-// found, or an error occurs, then a zero valued authorization is
-// returned. It also checks any first party caveats. If the entityId is
-// provided, it will be used to check any "is-entity" first party caveat.
-// In addition it adds a checker that checks if operation specified by
-// the operation parameters is allowed.
-func (h *ReqHandler) CheckRequest(req *http.Request, entityIds []*router.ResolvedURL, operation string) (authorization, error) {
-	user, passwd, err := parseCredentials(req)
+var errActiveTimeExpired = errgo.New("active time expired")
+
+// checkRequest checks whether the given HTTP request is authorized
+// with respect to the given authorization parameters.
+// If no suitable credentials are found, or an error occurs, then a zero
+// valued authorization is returned. It also checks any first party
+// caveats. It does not check ACLs.
+func (h *ReqHandler) checkRequest(p authorizeParams) (authorization, error) {
+	user, passwd, err := parseCredentials(p.req)
 	if err == nil {
 		if user != h.Handler.config.AuthUsername || passwd != h.Handler.config.AuthPassword {
 			return authorization{}, errgo.WithCausef(nil, params.ErrUnauthorized, "invalid user name or password")
@@ -251,62 +366,177 @@
 	if errgo.Cause(err) != errNoCreds || bk == nil || h.Handler.config.IdentityLocation == "" {
 		return authorization{}, errgo.WithCausef(err, params.ErrUnauthorized, "authentication failed")
 	}
-
-	attrMap, err := httpbakery.CheckRequest(bk, req, nil, checkers.New(
+	// active holds whether we're checking with active status.
+	// It's used by the active-time-before caveat checker.
+	active := true
+	reqCheckers := checkers.New(
+		isEntityChecker{p.entityIds},
+		checkers.OperationsChecker(p.ops),
 		checkers.CheckerFunc{
-			Condition_: "is-entity",
+			Condition_: condActiveTimeBefore,
 			Check_: func(_, args string) error {
-				return areAllowedEntities(entityIds, args)
+				t, err := time.Parse(time.RFC3339Nano, args)
+				if err != nil {
+					return errgo.Mask(err)
+				}
+				if !active || timeNow().Before(t) {
+					return nil
+				}
+				return errActiveTimeExpired
 			},
 		},
-		checkers.OperationChecker(operation),
-	))
+	)
+
+	attrMap, _, err := httpbakery.CheckRequestM(bk, p.req, nil, reqCheckers)
+	if err == nil {
+		// TODO check username is non-empty?
+		return authorization{
+			Admin:    false,
+			Username: attrMap[UsernameAttr],
+		}, nil
+	}
+	verr, ok := errgo.Cause(err).(*bakery.VerificationError)
+	if !ok || errgo.Cause(verr.Reason) != errActiveTimeExpired {
+		return authorization{}, errgo.Mask(err, errgo.Any)
+	}
+	// Set active to false and see if the macaroon can be used to self-renew.
+	active = false
+	_, ms, err := httpbakery.CheckRequestM(bk, p.req, nil, reqCheckers)
 	if err != nil {
 		return authorization{}, errgo.Mask(err, errgo.Any)
 	}
-
-	return authorization{
-		Admin:    false,
-		Username: attrMap[UsernameAttr],
-	}, nil
+	// The active time period of the macaroon has expired, but it's
+	// otherwise still valid. Mint another macaroon with a later expiration
+	// date but all other first party caveats the same.
+	newm, err := h.Store.Bakery.NewMacaroon("", nil, nil)
+	if err != nil {
+		return authorization{}, errgo.Notef(err, "cannot make renewed macaroon")
+	}
+	activeExpireTime := timeNow().Add(DelegatableMacaroonExpiry)
+	err = renewMacaroon(newm, ms, activeExpireTime)
+	if err != nil {
+		return authorization{}, errgo.Notef(err, "cannot renew macaroon")
+	}
+	return authorization{}, h.newDischargeRequiredError(newm, errgo.New("active lifetime expired; renew macaroon"), p.req, false)
 }
 
-// areAllowedEntities checks if all entityIds are in the allowedEntities list (space
-// separated).
-func areAllowedEntities(entityIds []*router.ResolvedURL, allowedEntities string) error {
-	allowedEntitiesMap := make(map[string]bool)
-	for _, curl := range strings.Fields(allowedEntities) {
-		allowedEntitiesMap[curl] = true
+// entityACLs calculates the ACLs for the specified entity. If the entity
+// has been published to the stable channel then the StableChannel ACLs will be
+// used; if the entity has been published to development, but not stable
+// then the DevelopmentChannel ACLs will be used; otherwise
+// the unpublished ACLs are used.
+func (h *ReqHandler) entityACLs(id *router.ResolvedURL) (mongodoc.ACL, error) {
+	ch, err := h.entityChannel(id)
+	if err != nil {
+		return mongodoc.ACL{}, errgo.Mask(err, errgo.Is(params.ErrNotFound))
 	}
-	if len(entityIds) == 0 {
-		return errgo.Newf("operation does not involve any of the allowed entities %v", allowedEntities)
+	baseEntity, err := h.Cache.BaseEntity(&id.URL, charmstore.FieldSelector("channelacls"))
+	if err != nil {
+		return mongodoc.ACL{}, errgo.Notef(err, "cannot retrieve base entity %q for authorization", id)
 	}
+	return baseEntity.ChannelACLs[ch], nil
+}
 
-	for _, entityId := range entityIds {
-		if allowedEntitiesMap[entityId.URL.String()] {
+// entitiesRequiredTerms returns the set of terms that the user must have
+// agreed to in order to access the entities with the given ids.
+func (h *ReqHandler) entitiesRequiredTerms(ids []*router.ResolvedURL) ([]string, error) {
+	found := make(map[string]bool)
+	var terms []string
+	for _, id := range ids {
+		if id.URL.Series == "bundle" {
+			// Bundles cannot have terms.
 			continue
 		}
-		purl := entityId.PromulgatedURL()
-		if purl != nil {
-			if allowedEntitiesMap[purl.String()] {
+		entity, err := h.Cache.Entity(&id.URL, charmstore.FieldSelector("charmmeta"))
+		if err != nil {
+			return nil, errgo.Mask(err, errgo.Is(params.ErrNotFound))
+		}
+		for _, term := range entity.CharmMeta.Terms {
+			if found[term] {
 				continue
 			}
+			terms = append(terms, term)
+			found[term] = true
 		}
-		return errgo.Newf("operation on entity %v not allowed", entityId)
+	}
+	sort.Strings(terms)
+	return terms, nil
+}
+
+// renewMacaroon renews the macaroons in the given slice by copying all
+// their first-party caveats onto newm, except for active-time-before,
+// which gets extended to the given new expiry time.
+func renewMacaroon(newm *macaroon.Macaroon, ms macaroon.Slice, newExpiry time.Time) error {
+	for _, m := range ms {
+		for _, c := range m.Caveats() {
+			if c.Location != "" {
+				// Ignore third party caveat.
+				continue
+			}
+			if strings.HasPrefix(c.Id, condActiveTimeBefore+" ") {
+				// Ignore any old active-time-before caveats.
+				continue
+			}
+			if err := newm.AddFirstPartyCaveat(c.Id); err != nil {
+				// Can't happen in fact, as the only failure
+				// mode is when the id is too big but we know
+				// it's small enough because it came from a macaroon.
+				return errgo.Mask(err)
+			}
+		}
+	}
+	if err := newm.AddFirstPartyCaveat(activeTimeBeforeCaveat(newExpiry).Condition); err != nil {
+		return errgo.Mask(err)
 	}
 	return nil
 }
 
-// AuthorizeEntity checks that the given HTTP request
-// can access the entity with the given id.
-func (h *ReqHandler) AuthorizeEntity(id *router.ResolvedURL, req *http.Request) error {
-	acls, err := h.entityACLs(id)
-	if err != nil {
-		return errgo.Mask(err, errgo.Is(params.ErrNotFound))
+func isEntityCaveat(ids []*router.ResolvedURL) checkers.Caveat {
+	idStrs := make([]string, len(ids))
+	for i, id := range ids {
+		idStrs[i] = id.String()
+	}
+	return checkers.Caveat{
+		Condition: "is-entity " + strings.Join(idStrs, " "),
 	}
-	return h.authorizeWithPerms(req, acls.Read, acls.Write, id)
 }
 
+// isEntityChecker implements the is-entity caveat checker.
+type isEntityChecker struct {
+	ids []*router.ResolvedURL
+}
+
+func (c isEntityChecker) Condition() string {
+	return "is-entity"
+}
+
+func (c isEntityChecker) Check(_, args string) error {
+	if len(c.ids) == 0 {
+		return errgo.Newf("operation does not involve any entities")
+	}
+	allowedIds := make(map[string]bool)
+	for _, idStr := range strings.Fields(args) {
+		allowedIds[idStr] = true
+	}
+	for _, id := range c.ids {
+		if allowedIds[id.URL.String()] {
+			continue
+		}
+		purl := id.PromulgatedURL()
+		if purl != nil && allowedIds[purl.String()] {
+			continue
+		}
+		return errgo.Newf("operation on entity %v not allowed", id)
+	}
+	return nil
+}
+
+// entityChannel returns the default channel that applies to
+// the entity with the given id. If the request has explictly
+// mentioned a channel, that channel is used; otherwise
+// a channel will be selected from the channels that the
+// entity has been published to: in order of preference,
+// stable, development and unpublished.
 func (h *ReqHandler) entityChannel(id *router.ResolvedURL) (params.Channel, error) {
 	if h.Store.Channel != params.NoChannel {
 		return h.Store.Channel, nil
@@ -330,92 +560,23 @@
 	return ch, nil
 }
 
-// entityACLs calculates the ACLs for the specified entity. If the entity
-// has been published to the stable channel then the StableChannel ACLs will be
-// used; if the entity has been published to development, but not stable
-// then the StableChannel ACLs will be used; otherwise
-// the unpublished ACLs are used.
-func (h *ReqHandler) entityACLs(id *router.ResolvedURL) (mongodoc.ACL, error) {
-	ch, err := h.entityChannel(id)
-	if err != nil {
-		return mongodoc.ACL{}, errgo.Mask(err, errgo.Is(params.ErrNotFound))
-	}
-	baseEntity, err := h.Cache.BaseEntity(&id.URL, charmstore.FieldSelector("channelacls"))
-	if err != nil {
-		return mongodoc.ACL{}, errgo.Notef(err, "cannot retrieve base entity %q for authorization", id)
-	}
-	return baseEntity.ChannelACLs[ch], nil
-}
-
-func (h *ReqHandler) authorizeWithPerms(req *http.Request, read, write []string, entityId *router.ResolvedURL) error {
-	alwaysAuth := false
-	var acl []string
-	switch req.Method {
-	case "DELETE", "PATCH", "POST", "PUT":
-		acl = write
-		// We always require authentication when making changes
-		// to the charm store so that auditing will work, even if the
-		// entity is public.
-		alwaysAuth = true
-	default:
-		acl = read
-	}
-	_, err := h.authorize(req, acl, alwaysAuth, entityId)
-	return err
-}
-
-const UsernameAttr = "username"
-
-// authorization conatains authorization information extracted from an HTTP request.
-// The zero value for a authorization contains no privileges.
-type authorization struct {
-	Admin    bool
-	Username string
-}
-
-// Groups for user fetches the list of groups to which the user belongs.
-func (h *ReqHandler) GroupsForUser(username string) ([]string, error) {
-	if h.Handler.config.IdentityAPIURL == "" {
-		logger.Debugf("IdentityAPIURL not configured, not retrieving groups for %s", username)
-		return nil, nil
-	}
-	// TODO cache groups for a user
-	groups, err := h.Handler.identityClient.UserGroups(&idmparams.UserGroupsRequest{Username: idmparams.Username(username)})
-	if err != nil {
-		return nil, errgo.Notef(err, "cannot get groups for %s", username)
-	}
-	return groups, nil
-}
-
-func (h *ReqHandler) checkACLMembership(auth authorization, acl []string) error {
-	if auth.Admin {
-		return nil
-	}
-	if auth.Username == "" {
-		return errgo.New("no username declared")
-	}
-	// First check if access is granted without querying for groups.
-	for _, name := range acl {
-		if name == auth.Username || name == params.Everyone {
-			return nil
-		}
-	}
-	groups, err := h.GroupsForUser(auth.Username)
-	if err != nil {
-		logger.Errorf("cannot get groups for %q: %v", auth.Username, err)
-		return errgo.Newf("access denied for user %q", auth.Username)
-	}
-	for _, name := range acl {
-		for _, g := range groups {
-			if g == name {
-				return nil
-			}
-		}
+// newMacaroon returns a new macaroon that allows only the given operations
+// and can only be satisified when the user has authenticated with the
+// identity manager and agreed to all the required terms.
+//
+// If shortTerm is true, the macaroon will be issued with a short lifespan.
+func (h *ReqHandler) newMacaroon(
+	allowedOps []string,
+	ids []*router.ResolvedURL,
+	requiredTerms []string,
+	shortTerm bool,
+) (*macaroon.Macaroon, error) {
+	expiry := defaultMacaroonExpiry
+	if shortTerm {
+		expiry = shortTermMacaroonExpiry
 	}
-	return errgo.Newf("access denied for user %q", auth.Username)
-}
 
-func (h *ReqHandler) newMacaroon(caveats ...checkers.Caveat) (*macaroon.Macaroon, error) {
+	caveats := make([]checkers.Caveat, 0, 5)
 	caveats = append(caveats,
 		checkers.NeedDeclaredCaveat(
 			checkers.Caveat{
@@ -424,11 +585,24 @@
 			},
 			UsernameAttr,
 		),
-		checkers.TimeBeforeCaveat(time.Now().Add(defaultMacaroonExpiry)),
+		checkers.AllowCaveat(allowedOps...),
+		checkers.TimeBeforeCaveat(timeNow().Add(expiry)),
 	)
-	// TODO generate different caveats depending on the requested operation
-	// and whether there's a charm id or not.
-	// Mint an appropriate macaroon and send it back to the client.
+	if len(requiredTerms) > 0 {
+		// Terms are required, which means that we must restrict
+		// the macaroon so it can only be used if those terms have
+		// been agreed to and with the provided entity ids.
+		//
+		// In this case, we also use a short term expiry time,
+		// because the macaroon is only of limited use.
+		caveats = append(caveats,
+			isEntityCaveat(ids),
+			checkers.Caveat{
+				Location:  h.Handler.config.TermsLocation,
+				Condition: "has-agreed " + strings.Join(requiredTerms, " "),
+			},
+		)
+	}
 	return h.Store.Bakery.NewMacaroon("", nil, caveats)
 }
 
@@ -457,3 +631,108 @@
 	}
 	return tokens[0], tokens[1], nil
 }
+
+const condActiveTimeBefore = "active-time-before"
+
+// activeTimeBeforeCaveat returns a caveat that will be satisfied
+// before the given time; after the given time, it will only
+// be satisfied if the macaroon is being renewed.
+func activeTimeBeforeCaveat(t time.Time) checkers.Caveat {
+	return checkers.Caveat{
+		Condition: condActiveTimeBefore + " " + t.UTC().Format(time.RFC3339Nano),
+	}
+}
+
+// aclSet represents a set of ACLs. A user is considered to be
+// a part of the set if the user is a member of each of the
+// set.acls elements.
+type aclSet struct {
+	readPublic  bool
+	writePublic bool
+	acls        []mongodoc.ACL
+}
+
+func newACLSet(cap int) *aclSet {
+	return &aclSet{
+		acls:        make([]mongodoc.ACL, 0, cap),
+		readPublic:  true,
+		writePublic: true,
+	}
+}
+
+func (s *aclSet) add(acl mongodoc.ACL) {
+	s.acls = append(s.acls, acl)
+	s.readPublic = s.readPublic && isPublicACL(acl.Read)
+	s.writePublic = s.writePublic && isPublicACL(acl.Write)
+}
+
+// check checks that the request with the given authorization
+// is allowed to perform all the given operations with respect
+// to all the ACLs in the set. It uses the allow function to check
+// individual ACL membership.
+func (s *aclSet) check(auth authorization, ops []string, allow func(user string, acl []string) (bool, error)) error {
+	if auth.Admin {
+		return nil
+	}
+	if auth.Username == "" {
+		return errgo.New("no username declared")
+	}
+	if len(s.acls) == 0 {
+		return errgo.New("no ACLs found to check")
+	}
+	logger.Infof("check username %q; ops %q; acls: %#v", auth.Username, ops, s.acls)
+	for _, acl := range s.acls {
+		for _, op := range ops {
+			// TODO could be slightly more efficient here
+			// because we'll do unnecessary calls to allow when
+			// several of the operations use the same set
+			// of ACLs.
+			ok, err := allow(auth.Username, aclForOp(acl, op))
+			if err != nil {
+				return errgo.Mask(err)
+			}
+			if !ok {
+				return errgo.Newf("access denied for user %q", auth.Username)
+			}
+			logger.Infof("%q allowed access through op %q, acl %q", auth.Username, op, aclForOp(acl, op))
+		}
+	}
+	return nil
+}
+
+func aclForOp(acls mongodoc.ACL, op string) []string {
+	switch op {
+	case OpReadWithTerms, OpReadWithNoTerms:
+		return acls.Read
+	case OpWrite:
+		return acls.Write
+	}
+	// Fail safe if we don't understand the operation.
+	return nil
+}
+
+func isPublicACL(acl []string) bool {
+	for _, u := range acl {
+		if u == params.Everyone {
+			return true
+		}
+	}
+	return false
+}
+
+type noGroupCache struct{}
+
+func (noGroupCache) Groups(username string) ([]string, error) {
+	return nil, nil
+}
+
+type noGroupsPermChecker struct{}
+
+func (noGroupsPermChecker) Allow(username string, acl []string) (bool, error) {
+	for _, name := range acl {
+		if name == username || name == params.Everyone {
+			return true, nil
+		}
+	}
+	return false, nil
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/auth_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,7 @@
 package v5_test // import "gopkg.in/juju/charmstore.v5-unstable/internal/v5"
 
 import (
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -25,6 +26,7 @@
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
 	"gopkg.in/macaroon.v1"
 
+	"gopkg.in/juju/charmstore.v5-unstable/internal/charmstore"
 	"gopkg.in/juju/charmstore.v5-unstable/internal/storetesting"
 	"gopkg.in/juju/charmstore.v5-unstable/internal/v5"
 )
@@ -169,29 +171,6 @@
 	return fmt.Errorf("unexpected interaction required")
 }
 
-// dischargedAuthCookie retrieves and discharges an authentication macaroon cookie. It adds the provided
-// first-party caveats before discharging the macaroon.
-func dischargedAuthCookie(c *gc.C, srv http.Handler, caveats ...string) *http.Cookie {
-	rec := httptesting.DoRequest(c, httptesting.DoRequestParams{
-		Handler: srv,
-		URL:     storeURL("macaroon"),
-		Method:  "GET",
-	})
-	var m macaroon.Macaroon
-	err := json.Unmarshal(rec.Body.Bytes(), &m)
-	c.Assert(err, gc.IsNil)
-	for _, cav := range caveats {
-		err := m.AddFirstPartyCaveat(cav)
-		c.Assert(err, gc.IsNil)
-	}
-	client := httpbakery.NewClient()
-	ms, err := client.DischargeAll(&m)
-	c.Assert(err, gc.IsNil)
-	macaroonCookie, err := httpbakery.NewCookie(ms)
-	c.Assert(err, gc.IsNil)
-	return macaroonCookie
-}
-
 type authSuite struct {
 	commonSuite
 }
@@ -388,14 +367,6 @@
 	},
 }}
 
-func dischargeForUser(username string) func(_, _ string) ([]checkers.Caveat, error) {
-	return func(_, _ string) ([]checkers.Caveat, error) {
-		return []checkers.Caveat{
-			checkers.DeclaredCaveat(v5.UsernameAttr, username),
-		}, nil
-	}
-}
-
 func (s *authSuite) TestReadAuthorization(c *gc.C) {
 	for i, test := range readAuthorizationTests {
 		c.Logf("test %d: %s", i, test.about)
@@ -897,7 +868,7 @@
 	expectError: `verification failed: caveat "is-entity cs:~charmers/utopic/wordpress-42" not satisfied: operation on entity cs:utopic/wordpress-9 not allowed`,
 }, {
 	url:         "log",
-	expectError: `verification failed: caveat "is-entity cs:~charmers/utopic/wordpress-42" not satisfied: operation does not involve any of the allowed entities cs:~charmers/utopic/wordpress-42`,
+	expectError: `verification failed: caveat "is-entity cs:~charmers/utopic/wordpress-42" not satisfied: operation does not involve any entities`,
 }}
 
 func (s *authSuite) TestIsEntityCaveat(c *gc.C) {
@@ -1055,64 +1026,284 @@
 	})
 }
 
-func (s *authSuite) TestGroupsForUserSuccess(c *gc.C) {
-	h := s.handler(c)
-	defer h.Close()
-	s.idM.groups = map[string][]string{
-		"bob": {"one", "two"},
-	}
-	groups, err := h.GroupsForUser("bob")
+func (s *authSuite) TestDelegatableMacaroonWithIds(c *gc.C) {
+	err := s.store.AddCharmWithArchive(newResolvedURL("~charmers/utopic/wordpress-1", 1), storetesting.NewCharm(nil))
+	c.Assert(err, gc.IsNil)
+	err = s.store.AddCharmWithArchive(newResolvedURL("~charmers/utopic/wordpress-2", 2), storetesting.NewCharm(nil))
+	c.Assert(err, gc.IsNil)
+	err = s.store.AddCharmWithArchive(newResolvedURL("~charmers/precise/mysql-1", 1), storetesting.NewCharm(nil))
 	c.Assert(err, gc.IsNil)
-	c.Assert(groups, jc.DeepEquals, []string{"one", "two"})
+
+	// Check that we can't acquire a delegatable macaroon if we
+	// don't already have permission.
+	s.doAsUser("bob", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			URL:          storeURL("delegatable-macaroon?channel=unpublished&id=wordpress"),
+			Do:           bakeryDo(nil),
+			ExpectStatus: http.StatusUnauthorized,
+			ExpectBody: params.Error{
+				Message: `unauthorized: access denied for user "bob"`,
+				Code:    params.ErrUnauthorized,
+			},
+		})
+	})
+
+	// Get a delegatable macaroon for "wordpress", which should
+	// tied to the latest revision.
+	var m *macaroon.Macaroon
+	s.doAsUser("charmers", func() {
+		m = s.getDelegatableMacaroon(c, params.UnpublishedChannel, "wordpress")
+	})
+
+	s.doAsUser("bob", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			URL:          storeURL("wordpress/meta/id-revision?channel=unpublished"),
+			Header:       macaroonHeader(nil, macaroon.Slice{m}),
+			ExpectStatus: http.StatusOK,
+			ExpectBody: params.IdRevisionResponse{
+				Revision: 2,
+			},
+		})
+		// Check that we can't use the macaroon to access a different revision
+		// from the original.
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			URL:          storeURL("utopic/wordpress-1/meta/id-revision?channel=unpublished"),
+			Do:           bakeryDo(nil),
+			Header:       macaroonHeader(nil, macaroon.Slice{m}),
+			ExpectStatus: http.StatusUnauthorized,
+			ExpectBody: params.Error{
+				Message: `unauthorized: access denied for user "bob"`,
+				Code:    params.ErrUnauthorized,
+			},
+		})
+
+		// ... and that we can't use it to access a different charm.
+		s.discharge = dischargeForUser("bob")
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			URL:          storeURL("precise/mysql/meta/id-revision?channel=unpublished"),
+			Do:           bakeryDo(nil),
+			Header:       macaroonHeader(nil, macaroon.Slice{m}),
+			ExpectStatus: http.StatusUnauthorized,
+			ExpectBody: params.Error{
+				Message: `unauthorized: access denied for user "bob"`,
+				Code:    params.ErrUnauthorized,
+			},
+		})
+	})
 }
 
-func (s *authSuite) TestGroupsForUserWithNoIdentity(c *gc.C) {
-	h := s.handler(c)
-	defer h.Close()
-	groups, err := h.GroupsForUser("someone")
-	c.Assert(err, gc.IsNil)
-	c.Assert(groups, gc.HasLen, 0)
-}
-
-func (s *authSuite) TestGroupsForUserWithInvalidIdentityURL(c *gc.C) {
-	s.PatchValue(&s.srvParams.IdentityAPIURL, ":::::")
-	h := s.handler(c)
-	defer h.Close()
-	groups, err := h.GroupsForUser("someone")
-	c.Assert(err, gc.ErrorMatches, `cannot get groups for someone: cannot parse ":::::": parse :::::: missing protocol scheme`)
-	c.Assert(groups, gc.HasLen, 0)
-}
-
-func (s *authSuite) TestGroupsForUserWithInvalidBody(c *gc.C) {
-	h := s.handler(c)
-	defer h.Close()
-	s.idM.body = "bad"
-	s.idM.contentType = "application/json"
-	groups, err := h.GroupsForUser("someone")
-	c.Assert(err, gc.ErrorMatches, `cannot get groups for someone: GET .*: invalid character 'b' looking for beginning of value`)
-	c.Assert(groups, gc.HasLen, 0)
-}
-
-func (s *authSuite) TestGroupsForUserWithErrorResponse(c *gc.C) {
-	h := s.handler(c)
-	defer h.Close()
-	s.idM.body = `{"message":"some error","code":"some code"}`
-	s.idM.status = http.StatusUnauthorized
-	s.idM.contentType = "application/json"
-	groups, err := h.GroupsForUser("someone")
-	c.Assert(err, gc.ErrorMatches, `cannot get groups for someone: GET .*: some error`)
-	c.Assert(groups, gc.HasLen, 0)
-}
-
-func (s *authSuite) TestGroupsForUserWithBadErrorResponse(c *gc.C) {
-	h := s.handler(c)
-	defer h.Close()
-	s.idM.body = `{"message":"some error"`
-	s.idM.status = http.StatusUnauthorized
-	s.idM.contentType = "application/json"
-	groups, err := h.GroupsForUser("someone")
-	c.Assert(err, gc.ErrorMatches, `cannot get groups for someone: GET .*: cannot unmarshal error response \(status 401 Unauthorized\): unexpected EOF`)
-	c.Assert(groups, gc.HasLen, 0)
+func (s *authSuite) TestRenewDelegatableMacaroonWithIds(c *gc.C) {
+	err := s.store.AddCharmWithArchive(newResolvedURL("~charmers/utopic/wordpress-1", 1), storetesting.NewCharm(nil))
+	c.Assert(err, gc.IsNil)
+
+	// Fake the current time so that we can easily test expiration times.
+	t0 := time.Now()
+	currentTime := t0
+	s.PatchValue(v5.TimeNow, func() time.Time {
+		return currentTime
+	})
+
+	var m *macaroon.Macaroon
+	s.doAsUser("charmers", func() {
+		m = s.getDelegatableMacaroon(c, params.UnpublishedChannel, "wordpress")
+	})
+
+	// Check that the delegatable macaroon works.
+	s.doAsUser("", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			URL:          storeURL("wordpress/meta/id-revision?channel=unpublished"),
+			Header:       macaroonHeader(nil, macaroon.Slice{m}),
+			ExpectStatus: http.StatusOK,
+			ExpectBody: params.IdRevisionResponse{
+				Revision: 1,
+			},
+		})
+	})
+
+	// If we try again after the active expiry time, we should get
+	// a discharge-required error.
+	currentTime = t0.Add(v5.DelegatableMacaroonExpiry + time.Second)
+
+	s.doAsUser("", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			URL:          storeURL("wordpress/meta/id-revision?channel=unpublished"),
+			Header:       macaroonHeader(nil, macaroon.Slice{m}),
+			ExpectStatus: http.StatusProxyAuthRequired,
+			ExpectBody: httptesting.BodyAsserter(func(c *gc.C, m json.RawMessage) {
+			}),
+		})
+	})
+
+	// Try with the bakery client - the macaroon should be automatically renewed
+	// and stored in the cookie jar.
+	client := httpbakery.NewHTTPClient()
+	s.doAsUser("", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler: s.srv,
+			Do:      bakeryDo(client),
+			URL:     storeURL("wordpress/meta/id-revision?channel=unpublished"),
+			Header:  macaroonHeader(nil, macaroon.Slice{m}),
+			ExpectBody: params.IdRevisionResponse{
+				Revision: 1,
+			},
+		})
+	})
+
+	// Try again without the original macaroon to check that we've
+	// actually acquired the renewed macaroon.
+	s.doAsUser("", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler: s.srv,
+			Do:      bakeryDo(client),
+			URL:     storeURL("wordpress/meta/id-revision?channel=unpublished"),
+			ExpectBody: params.IdRevisionResponse{
+				Revision: 1,
+			},
+		})
+	})
+	// Try again after the second expiry time, using the same cookie
+	// jar but not using the bakery client. We should get a discharge-denied error.
+	currentTime = currentTime.Add(v5.DelegatableMacaroonExpiry + time.Second)
+
+	client1 := httpbakery.NewHTTPClient()
+	client1.Jar = client.Jar
+	s.doAsUser("", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			Do:           client1.Do,
+			URL:          storeURL("wordpress/meta/id-revision?channel=unpublished"),
+			ExpectStatus: http.StatusProxyAuthRequired,
+			ExpectBody: httptesting.BodyAsserter(func(c *gc.C, m json.RawMessage) {
+			}),
+		})
+	})
+	// Check again that we can renew the macaroon.
+	s.doAsUser("", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler: s.srv,
+			Do:      bakeryDo(client),
+			URL:     storeURL("wordpress/meta/id-revision?channel=unpublished"),
+			ExpectBody: params.IdRevisionResponse{
+				Revision: 1,
+			},
+		})
+	})
+}
+
+func (s *authSuite) TestDelegatableMacaroonCannotBeUsedForWriting(c *gc.C) {
+	currentTime := time.Now()
+	s.PatchValue(v5.TimeNow, func() time.Time {
+		return currentTime
+	})
+
+	id := newResolvedURL("~charmers/utopic/wordpress-1", 1)
+	err := s.store.AddCharmWithArchive(id, storetesting.NewCharm(nil))
+	c.Assert(err, gc.IsNil)
+	err = s.store.SetPerms(&id.URL, "stable.read", "bob")
+	c.Assert(err, gc.IsNil)
+	err = s.store.Publish(id, nil, params.StableChannel)
+	c.Assert(err, gc.IsNil)
+
+	var m *macaroon.Macaroon
+	s.doAsUser("bob", func() {
+		m = s.getDelegatableMacaroon(c, params.StableChannel, "~charmers/utopic/wordpress-1")
+	})
+
+	s.doAsUser("", func() {
+		httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+			Handler:      s.srv,
+			Method:       "PUT",
+			URL:          storeURL("wordpress/meta/extra-info/foo"),
+			Header:       macaroonHeader(nil, macaroon.Slice{m}),
+			ExpectStatus: http.StatusUnauthorized,
+			ExpectBody: params.Error{
+				Code:    params.ErrUnauthorized,
+				Message: `unauthorized: access denied for user "bob"`,
+			},
+		})
+	})
+}
+
+func (s *authSuite) TestRenewMacaroon(c *gc.C) {
+	m, err := macaroon.New([]byte("key"), "id", "somewhere")
+	c.Assert(err, gc.IsNil)
+	m.AddFirstPartyCaveat("active-time-before xxx")
+	m.AddFirstPartyCaveat("hello")
+	m.AddThirdPartyCaveat([]byte("otherkey"), "x", "location")
+	m.AddFirstPartyCaveat("goodbye")
+	m.AddFirstPartyCaveat("active-time-before yyy")
+
+	newm, err := macaroon.New([]byte("otherkey"), "id2", "somewhere")
+	c.Assert(err, gc.IsNil)
+
+	expectTime := "2016-04-22T16:30:00Z"
+
+	expiry, err := time.Parse(time.RFC3339, expectTime)
+	c.Assert(err, gc.IsNil)
+
+	err = v5.RenewMacaroon(newm, macaroon.Slice{m}, expiry)
+	c.Assert(err, gc.IsNil)
+
+	// The new macaroon should have all the first party caveats
+	// from the original, omitting the third party caveats
+	// and with a new active-time-before caveat.
+	c.Assert(newm.Caveats(), jc.DeepEquals, []macaroon.Caveat{{
+		Id: "hello",
+	}, {
+		Id: "goodbye",
+	}, {
+		Id: "active-time-before " + expectTime,
+	}})
+}
+
+func (s *authSuite) TestNewServerWithIdentityLocationButNotIdentityAPIURL(c *gc.C) {
+	// If the IdentityAPIURL is empty but IdentityLocation is not, then
+	// we can discharge but not get groups.
+	config := s.srvParams
+	config.IdentityAPIURL = ""
+
+	db := s.Session.DB("charmstore")
+	srv, err := charmstore.NewServer(db, nil, config, map[string]charmstore.NewAPIHandlerFunc{"v5": v5.NewAPIHandler})
+	c.Assert(err, gc.IsNil)
+	defer srv.Close()
+
+	s.discharge = dischargeForUser("bob")
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: srv,
+		URL:     storeURL("whoami"),
+		Do:      bakeryDo(nil),
+		ExpectBody: params.WhoAmIResponse{
+			User: "bob",
+		},
+	})
+}
+
+// getDelegatableMacaroon acquires a delegatable macaroon good for
+// accessing the given URLs.
+func (s *authSuite) getDelegatableMacaroon(c *gc.C, ch params.Channel, urlStrs ...string) *macaroon.Macaroon {
+	var gotBody json.RawMessage
+	p := url.Values{
+		"id": urlStrs,
+	}
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL("delegatable-macaroon?channel=" + string(ch) + "&" + p.Encode()),
+		Do:      bakeryDo(nil),
+		ExpectBody: httptesting.BodyAsserter(func(c *gc.C, body json.RawMessage) {
+			gotBody = body
+		}),
+	})
+	c.Assert(gotBody, gc.NotNil)
+	var m macaroon.Macaroon
+	err := json.Unmarshal(gotBody, &m)
+	c.Assert(err, jc.ErrorIsNil)
+	return &m
 }
 
 type errorTransport string
@@ -1120,3 +1311,28 @@
 func (e errorTransport) RoundTrip(*http.Request) (*http.Response, error) {
 	return nil, errgo.New(string(e))
 }
+
+func dischargeForUser(username string) func(_, _ string) ([]checkers.Caveat, error) {
+	return func(_, _ string) ([]checkers.Caveat, error) {
+		return []checkers.Caveat{
+			checkers.DeclaredCaveat(v5.UsernameAttr, username),
+		}, nil
+	}
+}
+
+func noDischarge(_, _ string) ([]checkers.Caveat, error) {
+	return nil, errgo.New("no discharge")
+}
+
+func macaroonHeader(h http.Header, ms macaroon.Slice) http.Header {
+	if h == nil {
+		h = make(http.Header)
+	}
+	data, err := json.Marshal(ms)
+	if err != nil {
+		panic(err)
+	}
+	value := base64.StdEncoding.EncodeToString(data)
+	h.Add(httpbakery.MacaroonsHeader, value)
+	return h
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/common_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/common_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/common_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/common_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,7 +14,6 @@
 	"github.com/juju/testing/httptesting"
 	"github.com/julienschmidt/httprouter"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/errgo.v1"
 	"gopkg.in/juju/charm.v6-unstable"
 	"gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
 	"gopkg.in/macaroon-bakery.v1/bakery"
@@ -151,17 +150,19 @@
 
 // startServer creates a new charmstore server.
 func (s *commonSuite) startServer(c *gc.C) {
+	// Disable group caching.
+	s.PatchValue(&v5.PermCacheExpiry, time.Duration(0))
 	config := charmstore.ServerParams{
 		AuthUsername:     testUsername,
 		AuthPassword:     testPassword,
 		StatsCacheMaxAge: time.Nanosecond,
 		MaxMgoSessions:   s.maxMgoSessions,
+		AgentUsername:    "notused",
+		AgentKey:         new(bakery.KeyPair),
 	}
 	keyring := bakery.NewPublicKeyRing()
 	if s.enableIdentity {
-		s.discharge = func(_, _ string) ([]checkers.Caveat, error) {
-			return nil, errgo.New("no discharge")
-		}
+		s.discharge = noDischarge
 		discharger := bakerytest.NewDischarger(nil, func(_ *http.Request, cond string, arg string) ([]checkers.Caveat, error) {
 			return s.discharge(cond, arg)
 		})
@@ -171,11 +172,10 @@
 		c.Assert(err, gc.IsNil)
 		err = keyring.AddPublicKeyForLocation(discharger.Location(), true, pk)
 		c.Assert(err, gc.IsNil)
+		c.Logf("added public key for location %v", discharger.Location())
 	}
 	if s.enableTerms {
-		s.dischargeTerms = func(_, _ string) ([]checkers.Caveat, error) {
-			return nil, errgo.New("no discharge")
-		}
+		s.dischargeTerms = noDischarge
 		termsDischarger := bakerytest.NewDischarger(nil, func(_ *http.Request, cond string, arg string) ([]checkers.Caveat, error) {
 			return s.dischargeTerms(cond, arg)
 		})
@@ -328,7 +328,7 @@
 // addRequiredCharms adds any charms required by the given
 // bundle that are not already in the store.
 func (s *commonSuite) addRequiredCharms(c *gc.C, bundle charm.Bundle) {
-	for _, svc := range bundle.Data().Services {
+	for _, svc := range bundle.Data().Applications {
 		u := charm.MustParseURL(svc.Charm)
 		if _, err := s.store.FindBestEntity(u, params.StableChannel, nil); err == nil {
 			continue
@@ -436,9 +436,14 @@
 
 // doAsUser calls the given function, discharging any authorization
 // request as the given user name.
+// If user is empty, no discharge will be allowed.
 func (s *commonSuite) doAsUser(user string, f func()) {
 	old := s.discharge
-	s.discharge = dischargeForUser(user)
+	if user != "" {
+		s.discharge = dischargeForUser(user)
+	} else {
+		s.discharge = noDischarge
+	}
 	defer func() {
 		s.discharge = old
 	}()
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/content_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/content_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/content_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/content_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -66,7 +66,7 @@
 
 func (s *APISuite) TestServeDiagram(c *gc.C) {
 	bundle := storetesting.NewBundle(&charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"wordpress": {
 				Charm: "wordpress",
 				Annotations: map[string]string{
@@ -102,7 +102,7 @@
 	// Check that the output contains valid XML with an SVG tag,
 	// but don't check the details of the output so that this test doesn't
 	// break every time the jujusvg presentation changes.
-	// Also check that we get an image for each service containing the charm
+	// Also check that we get an image for each application containing the charm
 	// icon link.
 	assertXMLContains(c, rec.Body.Bytes(), map[string]func(xml.Token) bool{
 		"svg element":    isStartElementWithName("svg"),
@@ -121,7 +121,7 @@
 	// Check that the output contains valid XML with an SVG tag,
 	// but don't check the details of the output so that this test doesn't
 	// break every time the jujusvg presentation changes.
-	// Also check that we get an image for each service containing the charm
+	// Also check that we get an image for each application containing the charm
 	// icon link.
 	assertXMLContains(c, rec.Body.Bytes(), map[string]func(xml.Token) bool{
 		"svg element":    isStartElementWithName("svg"),
@@ -133,7 +133,7 @@
 func (s *APISuite) TestServeDiagramNoPosition(c *gc.C) {
 	bundle := storetesting.NewBundle(
 		&charm.BundleData{
-			Services: map[string]*charm.ServiceSpec{
+			Applications: map[string]*charm.ApplicationSpec{
 				"wordpress": {
 					Charm: "wordpress",
 				},
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/export_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/export_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,12 +4,12 @@
 package v5 // import "gopkg.in/juju/charmstore.v5-unstable/internal/v5"
 
 var (
-	ProcessIcon          = processIcon
-	ErrProbablyNotXML    = errProbablyNotXML
-	TestAddAuditCallback = &testAddAuditCallback
-	FromResourceDoc      = fromResourceDoc
-
+	ProcessIcon               = processIcon
+	ErrProbablyNotXML         = errProbablyNotXML
+	TestAddAuditCallback      = &testAddAuditCallback
+	FromResourceDoc           = fromResourceDoc
 	GetNewPromulgatedRevision = (*ReqHandler).getNewPromulgatedRevision
-
-	ResolveURL = resolveURL
+	ResolveURL                = resolveURL
+	RenewMacaroon             = renewMacaroon
+	TimeNow                   = &timeNow
 )
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/log.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/log.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/log.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/log.go	2016-07-18 19:45:44.000000000 +0000
@@ -23,8 +23,8 @@
 // POST /log
 // https://github.com/juju/charmstore/blob/v4/docs/API.md#post-log
 func (h *ReqHandler) serveLog(w http.ResponseWriter, req *http.Request) error {
-	if _, err := h.authorize(req, nil, true, nil); err != nil {
-		return err
+	if err := h.authenticateAdmin(req); err != nil {
+		return errgo.Mask(err, errgo.Any)
 	}
 	switch req.Method {
 	case "GET":
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/pprof.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/pprof.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/pprof.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/pprof.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,14 +13,14 @@
 
 type pprofHandler struct {
 	mux  *http.ServeMux
-	auth authorizer
+	auth adminAuthenticator
 }
 
-type authorizer interface {
-	authorize(req *http.Request, acl []string, alwaysAuth bool, entityId *router.ResolvedURL) (authorization, error)
+type adminAuthenticator interface {
+	authenticateAdmin(*http.Request) error
 }
 
-func newPprofHandler(auth authorizer) http.Handler {
+func newPprofHandler(auth adminAuthenticator) http.Handler {
 	mux := http.NewServeMux()
 	mux.HandleFunc("/cmdline", pprof.Cmdline)
 	mux.HandleFunc("/profile", pprof.Profile)
@@ -33,7 +33,7 @@
 }
 
 func (h *pprofHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	if _, err := h.auth.authorize(req, nil, true, nil); err != nil {
+	if err := h.auth.authenticateAdmin(req); err != nil {
 		router.WriteError(w, err)
 		return
 	}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/relations_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/relations_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/relations_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/relations_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -654,19 +654,19 @@
 // relationTestingBundle returns a bundle for use in relation
 // testing. The urls parameter holds a list of charm references
 // to be included in the bundle.
-// For each URL, a corresponding service is automatically created.
+// For each URL, a corresponding application is automatically created.
 func relationTestingBundle(urls []string) charm.Bundle {
-	services := make(map[string]*charm.ServiceSpec, len(urls))
+	applications := make(map[string]*charm.ApplicationSpec, len(urls))
 	for i, url := range urls {
-		service := &charm.ServiceSpec{
+		application := &charm.ApplicationSpec{
 			Charm:    url,
 			NumUnits: 1,
 		}
-		services[fmt.Sprintf("service-%d", i)] = service
+		applications[fmt.Sprintf("application-%d", i)] = application
 	}
 	return storetesting.NewBundle(
 		&charm.BundleData{
-			Services: services,
+			Applications: applications,
 		})
 
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources.go	2016-07-18 19:45:44.000000000 +0000
@@ -22,10 +22,10 @@
 )
 
 // POST id/resource/name
-// https://github.com/juju/charmstore/blob/v5/docs/API.md#post-idresourcesname
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#post-idresourcesname
 //
 // GET  id/resource/name[/revision]
-// https://github.com/juju/charmstore/blob/v5/docs/API.md#get-idresourcesnamerevision
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idresourcesnamerevision
 func (h *ReqHandler) serveResources(id *router.ResolvedURL, w http.ResponseWriter, req *http.Request) error {
 	// Resources are "published" using "POST id/publish" so we don't
 	// support PUT here.
@@ -113,31 +113,8 @@
 	})
 }
 
-func parseResourceId(path string) (mongodoc.ResourceRevision, error) {
-	i := strings.Index(path, "/")
-	if i == -1 {
-		return mongodoc.ResourceRevision{
-			Name:     path,
-			Revision: -1,
-		}, nil
-	}
-	revno, err := strconv.Atoi(path[i+1:])
-	if err != nil {
-		return mongodoc.ResourceRevision{}, errgo.Newf("malformed revision number")
-	}
-	return mongodoc.ResourceRevision{
-		Name:     path[0:i],
-		Revision: revno,
-	}, nil
-}
-
-func validResourceName(name string) bool {
-	// TODO we should probably be more restrictive than this.
-	return !strings.Contains(name, "/")
-}
-
 // GET id/meta/resource
-// https://github.com/juju/charmstore/blob/v5/docs/API.md#get-idmetaresources
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaresources
 func (h *ReqHandler) metaResources(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
 	if entity.URL.Series == "bundle" {
 		return nil, nil
@@ -161,11 +138,62 @@
 	return results, nil
 }
 
+// GET id/meta/resource/*name*[/*revision]
+// https://github.com/juju/charmstore/blob/v5-unstable/docs/API.md#get-idmetaresourcesnamerevision
+func (h *ReqHandler) metaResourcesSingle(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
+	data, err := h.metaResourcesSingle0(entity, id, path, flags, req)
+	if err != nil {
+		if errgo.Cause(err) == params.ErrNotFound {
+			logger.Infof("replacing not-found error on %s/meta/resources%s: %v (%#v)", id.URL.Path(), path, err, err)
+			// It's a not-found error; return nothing
+			// so that it's OK to use this in a bulk meta request.
+			return nil, nil
+		}
+		return nil, errgo.Mask(err)
+	}
+	return data, nil
+}
+
+func (h *ReqHandler) metaResourcesSingle0(entity *mongodoc.Entity, id *router.ResolvedURL, path string, flags url.Values, req *http.Request) (interface{}, error) {
+	if id.URL.Series == "bundle" {
+		return nil, nil
+	}
+	rid, err := parseResourceId(strings.TrimPrefix(path, "/"))
+	if err != nil {
+		return nil, errgo.WithCausef(err, params.ErrNotFound, "")
+	}
+	ch, err := h.entityChannel(id)
+	if err != nil {
+		return nil, errgo.Mask(err)
+	}
+	doc, err := h.Store.ResolveResource(id, rid.Name, rid.Revision, ch)
+	if err != nil {
+		if errgo.Cause(err) != params.ErrNotFound || rid.Revision != -1 {
+			return nil, errgo.Mask(err, errgo.Is(params.ErrNotFound))
+		}
+		// The resource wasn't found and we're not asking for a specific
+		// revision. If the resource actually exists in the charm metadata,
+		// return a placeholder document as would be returned by
+		// the /meta/resources (ListResources) endpoint.
+		if _, ok := entity.CharmMeta.Resources[rid.Name]; !ok {
+			return nil, errgo.Mask(err, errgo.Is(params.ErrNotFound))
+		}
+		doc = &mongodoc.Resource{
+			Name:     rid.Name,
+			Revision: -1,
+		}
+	}
+	result, err := fromResourceDoc(doc, entity.CharmMeta.Resources)
+	if err != nil {
+		return nil, errgo.Mask(err, errgo.Is(params.ErrNotFound))
+	}
+	return result, nil
+}
+
 func fromResourceDoc(doc *mongodoc.Resource, resources map[string]resource.Meta) (*params.Resource, error) {
 	meta, ok := resources[doc.Name]
 	if !ok {
-		// Should never happen.
-		return nil, errgo.Newf("resource %q returned by ListResources but not found in metadata", doc.Name)
+		return nil, errgo.WithCausef(nil, params.ErrNotFound, "resource %q not found in charm", doc.Name)
 	}
 	r := &params.Resource{
 		Name:        doc.Name,
@@ -189,3 +217,29 @@
 	r.Revision = doc.Revision
 	return r, nil
 }
+
+func parseResourceId(path string) (mongodoc.ResourceRevision, error) {
+	i := strings.Index(path, "/")
+	if i == -1 {
+		return mongodoc.ResourceRevision{
+			Name:     path,
+			Revision: -1,
+		}, nil
+	}
+	revno, err := strconv.Atoi(path[i+1:])
+	if err != nil {
+		return mongodoc.ResourceRevision{}, errgo.Newf("malformed revision number")
+	}
+	if revno < 0 {
+		return mongodoc.ResourceRevision{}, errgo.Newf("negative revision number")
+	}
+	return mongodoc.ResourceRevision{
+		Name:     path[0:i],
+		Revision: revno,
+	}, nil
+}
+
+func validResourceName(name string) bool {
+	// TODO we should probably be more restrictive than this.
+	return !strings.Contains(name, "/")
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/resources_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -400,7 +400,7 @@
 	assertCacheControl(c, resp.Header(), false)
 }
 
-func (s *ResourceSuite) TestEmptyListResource(c *gc.C) {
+func (s *ResourceSuite) TestMetaResourcesWithNoResources(c *gc.C) {
 	id := newResolvedURL("~charmers/precise/wordpress-0", 0)
 	s.addPublicCharmFromRepo(c, "wordpress", id)
 
@@ -412,7 +412,7 @@
 	})
 }
 
-func (s *ResourceSuite) TestListResource(c *gc.C) {
+func (s *ResourceSuite) TestMetaResources(c *gc.C) {
 	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
 	s.addPublicCharm(c, storetesting.NewCharm(storetesting.MetaWithResources(nil, "resource1", "resource2")), id)
 	s.uploadResource(c, id, "resource1", "resource1 content")
@@ -448,7 +448,7 @@
 	})
 }
 
-func (s *ResourceSuite) TestListResourceWithBundle(c *gc.C) {
+func (s *ResourceSuite) TestMetaResourcesWithBundle(c *gc.C) {
 	id := newResolvedURL("cs:~charmers/bundle/bundlelovin-10", 10)
 	s.addPublicBundleFromRepo(c, "wordpress-simple", id, true)
 	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
@@ -461,3 +461,160 @@
 		},
 	})
 }
+
+func (s *ResourceSuite) TestMetaResourcesSingleBadResourceId(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	s.addPublicCharm(c, storetesting.NewCharm(nil), id)
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler:      s.srv,
+		URL:          storeURL(id.URL.Path() + "/meta/resources/foo/bar"),
+		ExpectStatus: http.StatusNotFound,
+		ExpectBody: params.Error{
+			Code:    params.ErrMetadataNotFound,
+			Message: string(params.ErrMetadataNotFound),
+		},
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleResourceWithNegativeRevisionNumber(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	s.addPublicCharm(c, storetesting.NewCharm(nil), id)
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler:      s.srv,
+		URL:          storeURL(id.URL.Path() + "/meta/resources/foo/-2"),
+		ExpectStatus: http.StatusNotFound,
+		ExpectBody: params.Error{
+			Code:    params.ErrMetadataNotFound,
+			Message: string(params.ErrMetadataNotFound),
+		},
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleWithBundle(c *gc.C) {
+	id, _ := s.addPublicBundleFromRepo(c, "wordpress-simple", newResolvedURL("cs:~charmers/bundle/something-32", 32), true)
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler:      s.srv,
+		URL:          storeURL(id.URL.Path() + "/meta/resources/foo"),
+		ExpectStatus: http.StatusNotFound,
+		ExpectBody: params.Error{
+			Code:    params.ErrMetadataNotFound,
+			Message: string(params.ErrMetadataNotFound),
+		},
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleResourceNotInCharm(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	s.addPublicCharm(c, storetesting.NewCharm(nil), id)
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler:      s.srv,
+		URL:          storeURL(id.URL.Path() + "/meta/resources/foo"),
+		ExpectStatus: http.StatusNotFound,
+		ExpectBody: params.Error{
+			Code:    params.ErrMetadataNotFound,
+			Message: string(params.ErrMetadataNotFound),
+		},
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleResourceNotUploaded(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	meta := storetesting.MetaWithResources(nil, "someResource")
+	err := s.store.AddCharmWithArchive(id, storetesting.NewCharm(meta))
+	c.Assert(err, gc.IsNil)
+
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL(id.URL.Path() + "/meta/resources/someResource?channel=unpublished"),
+		ExpectBody: params.Resource{
+			Name:        "someResource",
+			Type:        "file",
+			Path:        "someResource-file",
+			Description: "someResource description",
+			Revision:    -1,
+		},
+		Do: s.bakeryDoAsUser(c, "charmers"),
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleResourceWithRevision(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	meta := storetesting.MetaWithResources(nil, "someResource")
+	s.addPublicCharm(c, storetesting.NewCharm(meta), id)
+
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL(id.URL.Path() + "/meta/resources/someResource/0"),
+		ExpectBody: params.Resource{
+			Name:        "someResource",
+			Type:        "file",
+			Path:        "someResource-file",
+			Description: "someResource description",
+			Revision:    0,
+			Fingerprint: rawHash(hashOfString("someResource content")),
+			Size:        int64(len("someResource content")),
+		},
+		Do: s.bakeryDoAsUser(c, "charmers"),
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleResourceWithRevisionNotFound(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	meta := storetesting.MetaWithResources(nil, "someResource")
+	s.addPublicCharm(c, storetesting.NewCharm(meta), id)
+
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler:      s.srv,
+		URL:          storeURL(id.URL.Path() + "/meta/resources/someResource/1"),
+		ExpectStatus: http.StatusNotFound,
+		ExpectBody: params.Error{
+			Code:    params.ErrMetadataNotFound,
+			Message: string(params.ErrMetadataNotFound),
+		},
+		Do: s.bakeryDoAsUser(c, "charmers"),
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleResourceWithRevisionNotInCharm(c *gc.C) {
+	id := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	meta := storetesting.MetaWithResources(nil, "someResource")
+	s.addPublicCharm(c, storetesting.NewCharm(meta), id)
+
+	s.uploadResource(c, id, "someResource", "a new version")
+
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler: s.srv,
+		URL:     storeURL(id.URL.Path() + "/meta/resources/someResource/1"),
+		ExpectBody: params.Resource{
+			Name:        "someResource",
+			Type:        "file",
+			Path:        "someResource-file",
+			Description: "someResource description",
+			Revision:    1,
+			Fingerprint: rawHash(hashOfString("a new version")),
+			Size:        int64(len("a new version")),
+		},
+		Do: s.bakeryDoAsUser(c, "charmers"),
+	})
+}
+
+func (s *ResourceSuite) TestMetaResourcesSingleResourceWithNameNotInCharm(c *gc.C) {
+	id0 := newResolvedURL("~charmers/precise/wordpress-0", -1)
+	meta := storetesting.MetaWithResources(nil, "someResource")
+	s.addPublicCharm(c, storetesting.NewCharm(meta), id0)
+
+	id1 := newResolvedURL("~charmers/precise/wordpress-1", -1)
+	meta = storetesting.MetaWithResources(nil, "otherResource")
+	s.addPublicCharm(c, storetesting.NewCharm(meta), id1)
+
+	httptesting.AssertJSONCall(c, httptesting.JSONCallParams{
+		Handler:      s.srv,
+		URL:          storeURL(id0.URL.Path() + "/meta/resources/otherResource/0"),
+		ExpectStatus: http.StatusNotFound,
+		ExpectBody: params.Error{
+			Code:    params.ErrMetadataNotFound,
+			Message: string(params.ErrMetadataNotFound),
+		},
+		Do: s.bakeryDoAsUser(c, "charmers"),
+	})
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/search.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/search.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/search.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/search.go	2016-07-18 19:45:44.000000000 +0000
@@ -26,14 +26,14 @@
 	if err != nil {
 		return "", err
 	}
-	auth, err := h.CheckRequest(req, nil, OpOther)
+	auth, err := h.Authenticate(req)
 	if err != nil {
 		logger.Infof("authorization failed on search request, granting no privileges: %v", err)
 	}
 	sp.Admin = auth.Admin
 	if auth.Username != "" {
 		sp.Groups = append(sp.Groups, auth.Username)
-		groups, err := h.GroupsForUser(auth.Username)
+		groups, err := h.Handler.GroupsForUser(auth.Username)
 		if err != nil {
 			logger.Infof("cannot get groups for user %q, assuming no groups: %v", auth.Username, err)
 		}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/stats.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/stats.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/stats.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/internal/v5/stats.go	2016-07-18 19:45:44.000000000 +0000
@@ -14,6 +14,7 @@
 	"gopkg.in/juju/charmrepo.v2-unstable/csclient/params"
 
 	"gopkg.in/juju/charmstore.v5-unstable/internal/charmstore"
+	"gopkg.in/juju/charmstore.v5-unstable/internal/mongodoc"
 )
 
 const dateFormat = "2006-01-02"
@@ -115,7 +116,13 @@
 // PUT stats/update
 // https://github.com/juju/charmstore/blob/v4/docs/API.md#put-statsupdate
 func (h *ReqHandler) serveStatsUpdate(w http.ResponseWriter, r *http.Request) error {
-	if _, err := h.authorize(r, []string{"statsupdate@cs"}, true, nil); err != nil {
+	if _, err := h.authorize(authorizeParams{
+		req: r,
+		acls: []mongodoc.ACL{{
+			Write: []string{"statsupdate@cs"},
+		}},
+		ops: []string{OpWrite},
+	}); err != nil {
 		return err
 	}
 	if r.Method != "PUT" {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/server.go juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/server.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charmstore.v5-unstable/server.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charmstore.v5-unstable/server.go	2016-07-18 19:45:44.000000000 +0000
@@ -59,8 +59,8 @@
 
 	// IdentityLocation holds the location of the third party authorization
 	// service to use when creating third party caveats,
-	// for example: http://api.jujucharms.com/identity/v1/discharger
-	// If it is empty, IdentityURL+"/v1/discharger" will be used.
+	// for example: http://api.jujucharms.com/identity
+	// If it is empty, IdentityAPIURL will be used.
 	IdentityLocation string
 
 	// TermsLocations holds the location of the
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/actions.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/actions.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/actions.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/actions.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,7 +12,7 @@
 
 	"github.com/juju/errors"
 	gjs "github.com/juju/gojsonschema"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 )
 
 var prohibitedSchemaKeys = map[string]bool{"$ref": true, "$schema": true}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/actions_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/actions_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/actions_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/actions_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -533,7 +533,7 @@
          default: foo.bz2
 `,
 
-		expectedError: "YAML error: line 6: mapping values are not allowed in this context",
+		expectedError: "yaml: line 6: mapping values are not allowed in this context",
 	}, {
 		description: "Malformed JSON-Schema: $schema element misplaced.",
 		yaml: `
@@ -547,7 +547,7 @@
          default: foo.bz2
 `,
 
-		expectedError: "YAML error: line 3: mapping values are not allowed in this context",
+		expectedError: "yaml: line 3: mapping values are not allowed in this context",
 	}, {
 		description: "Malformed Actions: hyphen at beginning of action name.",
 		yaml: `
@@ -655,7 +655,7 @@
       something-else: {}
    other-key: ["some", "values"],
 `,
-		expectedError: "YAML error: line 16: did not find expected key",
+		expectedError: "yaml: line 16: did not find expected key",
 	}}
 
 	for i, test := range badActionsYamlTests {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/bundledata.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/bundledata.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/bundledata.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/bundledata.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,6 +4,7 @@
 package charm
 
 import (
+	"encoding/json"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -14,16 +15,80 @@
 	"strconv"
 	"strings"
 
-	"github.com/juju/names"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/juju/names.v2"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/yaml.v2"
 )
 
+type noMethodsBundleData BundleData
+
+type legacyBundleData struct {
+	noMethodsBundleData `bson:",inline" yaml:",inline" json:",inline"`
+
+	// LegacyServices holds application entries for older bundle files
+	// that have not been migrated to use the new "application" terminology.
+	LegacyServices map[string]*ApplicationSpec `json:"services" yaml:"services" bson:"services"`
+}
+
+func (lbd *legacyBundleData) setBundleData(bd *BundleData) error {
+	if len(lbd.Applications) > 0 && len(lbd.LegacyServices) > 0 {
+		return fmt.Errorf("cannot specify both applications and services")
+	}
+	if len(lbd.LegacyServices) > 0 {
+		// We account for the fact that the YAML may contain a legacy entry
+		// for "services" instead of "applications".
+		lbd.Applications = lbd.LegacyServices
+		lbd.unmarshaledWithServices = true
+	}
+	*bd = BundleData(lbd.noMethodsBundleData)
+	return nil
+}
+
+// UnmarshalJSON implements the json.Unmarshaler interface.
+func (bd *BundleData) UnmarshalJSON(b []byte) error {
+	var bdc legacyBundleData
+	if err := json.Unmarshal(b, &bdc); err != nil {
+		return err
+	}
+	return bdc.setBundleData(bd)
+}
+
+// UnmarshalYAML implements the yaml.Unmarshaler interface.
+func (bd *BundleData) UnmarshalYAML(f func(interface{}) error) error {
+	var bdc legacyBundleData
+	if err := f(&bdc); err != nil {
+		return err
+	}
+	return bdc.setBundleData(bd)
+}
+
+// SetBSON implements the bson.Setter interface.
+func (bd *BundleData) SetBSON(raw bson.Raw) error {
+	// TODO(wallyworld) - bson deserialisation is not handling the inline directive,
+	// so we need to unmarshal the bundle data manually.
+	var b *noMethodsBundleData
+	if err := raw.Unmarshal(&b); err != nil {
+		return err
+	}
+	if b == nil {
+		return bson.SetZero
+	}
+
+	var bdc legacyBundleData
+	if err := raw.Unmarshal(&bdc); err != nil {
+		return err
+	}
+	// As per the above TODO, we manually set the inline data.
+	bdc.noMethodsBundleData = *b
+	return bdc.setBundleData(bd)
+}
+
 // BundleData holds the contents of the bundle.
 type BundleData struct {
-	// Services holds one entry for each service
+	// Applications holds one entry for each application
 	// that the bundle will create, indexed by
-	// the service name.
-	Services map[string]*ServiceSpec
+	// the application name.
+	Applications map[string]*ApplicationSpec `bson:"applications,omitempty" json:"applications,omitempty" yaml:"applications,omitempty"`
 
 	// Machines holds one entry for each machine referred to
 	// by unit placements. These will be mapped onto actual
@@ -37,13 +102,13 @@
 	Series string `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
 	// Relations holds a slice of 2-element slices,
-	// each specifying a relation between two services.
+	// each specifying a relation between two applications.
 	// Each two-element slice holds two endpoints,
 	// each specified as either colon-separated
-	// (service, relation) pair or just a service name.
+	// (application, relation) pair or just an application name.
 	// The relation is made between each. If the relation
 	// name is omitted, it will be inferred from the available
-	// relations defined in the services' charms.
+	// relations defined in the applications' charms.
 	Relations [][]string `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
 	// White listed set of tags to categorize bundles as we do charms.
@@ -51,6 +116,17 @@
 
 	// Short paragraph explaining what the bundle is useful for.
 	Description string `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
+
+	// unmarshaledWithServices holds whether the original marshaled data held a
+	// legacy "services" field rather than the "applications" field.
+	unmarshaledWithServices bool
+}
+
+// UnmarshaledWithServices reports whether the bundle data was
+// unmarshaled from a representation that used the legacy "services"
+// field rather than the "applications" field.
+func (d *BundleData) UnmarshaledWithServices() bool {
+	return d.unmarshaledWithServices
 }
 
 // MachineSpec represents a notional machine that will be mapped
@@ -61,11 +137,11 @@
 	Series      string            `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 }
 
-// ServiceSpec represents a single service that will
+// ApplicationSpec represents a single application that will
 // be deployed as part of the bundle.
-type ServiceSpec struct {
+type ApplicationSpec struct {
 	// Charm holds the charm URL of the charm to
-	// use for the given service.
+	// use for the given application.
 	Charm string
 
 	// Series is the series to use when deploying a local charm,
@@ -76,21 +152,21 @@
 	Series string `bson:",omitempty" yaml:",omitempty" json:",omitempty"`
 
 	// Resources is the set of resource revisions to deploy for the
-	// service. Bundles only support charm store resources and not ones
+	// application. Bundles only support charm store resources and not ones
 	// that were uploaded to the controller.
 	Resources map[string]int `bson:",omitempty" yaml:",omitempty" json:",omitempty"`
 
 	// NumUnits holds the number of units of the
-	// service that will be deployed.
+	// application that will be deployed.
 	//
-	// For a subordinate service, this actually represents
+	// For a subordinate application, this actually represents
 	// an arbitrary number of units depending on
-	// the service it is related to.
+	// the application it is related to.
 	NumUnits int `bson:",omitempty" yaml:"num_units,omitempty" json:",omitempty"`
 
 	// To may hold up to NumUnits members with
 	// each member specifying a desired placement
-	// for the respective unit of the service.
+	// for the respective unit of the application.
 	//
 	// In regular-expression-like notation, each
 	// element matches the following pattern:
@@ -105,15 +181,15 @@
 	//
 	// The second part (after the colon) specifies where
 	// the new unit should be placed - it may refer to
-	// a unit of another service specified in the bundle,
+	// a unit of another application specified in the bundle,
 	// a machine id specified in the machines section,
 	// or the special name "new" which specifies a newly
 	// created machine.
 	//
-	// A unit placement may be specified with a service name only,
+	// A unit placement may be specified with an application name only,
 	// in which case its unit number is assumed to
 	// be one more than the unit number of the previous
-	// unit in the list with the same service, or zero
+	// unit in the list with the same application, or zero
 	// if there were none.
 	//
 	// If there are less elements in To than NumUnits,
@@ -125,7 +201,7 @@
 	//     wordpress/0 wordpress/1 lxc:0 kvm:new
 	//
 	//  specifies that the first two units get hulk-smashed
-	//  onto the first two units of the wordpress service,
+	//  onto the first two units of the wordpress application,
 	//  the third unit gets allocated onto an lxc container
 	//  on machine 0, and subsequent units get allocated
 	//  on kvm containers on new machines.
@@ -135,25 +211,25 @@
 	//     wordpress wordpress lxc:0 kvm:new
 	To []string `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
-	// Expose holds whether the service must be exposed.
+	// Expose holds whether the application must be exposed.
 	Expose bool `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
 	// Options holds the configuration values
-	// to apply to the new service. They should
+	// to apply to the new application. They should
 	// be compatible with the charm configuration.
 	Options map[string]interface{} `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
 	// Annotations holds any annotations to apply to the
-	// service when deployed.
+	// application when deployed.
 	Annotations map[string]string `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
 	// Constraints holds the default constraints to apply
-	// when creating new machines for units of the service.
+	// when creating new machines for units of the application.
 	// This is ignored for units with explicit placement directives.
 	Constraints string `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
 	// Storage holds the constraints for storage to assign
-	// to units of the service.
+	// to units of the application.
 	Storage map[string]string `bson:",omitempty" json:",omitempty" yaml:",omitempty"`
 
 	// EndpointBindings maps how endpoints are bound to spaces
@@ -225,8 +301,8 @@
 // RequiredCharms returns a sorted slice of all the charm URLs
 // required by the bundle.
 func (bd *BundleData) RequiredCharms() []string {
-	req := make([]string, 0, len(bd.Services))
-	for _, svc := range bd.Services {
+	req := make([]string, 0, len(bd.Applications))
+	for _, svc := range bd.Applications {
 		req = append(req, svc.Charm)
 	}
 	sort.Strings(req)
@@ -266,14 +342,14 @@
 // It verifies the following:
 //
 // - All defined machines are referred to by placement directives.
-// - All services referred to by placement directives are specified in the bundle.
-// - All services referred to by relations are specified in the bundle.
+// - All applications referred to by placement directives are specified in the bundle.
+// - All applications referred to by relations are specified in the bundle.
 // - All basic constraints are valid.
 // - All storage constraints are valid.
 //
 // If charms is not nil, it should hold a map with an entry for each
 // charm url returned by bd.RequiredCharms. The verification will then
-// also check that services are defined with valid charms,
+// also check that applications are defined with valid charms,
 // relations are correctly made and options are defined correctly.
 //
 // If the verification fails, Verify returns a *VerificationError describing
@@ -317,7 +393,7 @@
 		verifier.addErrorf("bundle declares an invalid series %q", bd.Series)
 	}
 	verifier.verifyMachines()
-	verifier.verifyServices()
+	verifier.verifyApplications()
 	verifier.verifyRelations()
 	verifier.verifyOptions()
 	verifier.verifyEndpointBindings()
@@ -354,12 +430,12 @@
 	}
 }
 
-func (verifier *bundleDataVerifier) verifyServices() {
-	if len(verifier.bd.Services) == 0 {
-		verifier.addErrorf("at least one service must be specified")
+func (verifier *bundleDataVerifier) verifyApplications() {
+	if len(verifier.bd.Applications) == 0 {
+		verifier.addErrorf("at least one application must be specified")
 		return
 	}
-	for name, svc := range verifier.bd.Services {
+	for name, svc := range verifier.bd.Applications {
 		if svc.Charm == "" {
 			verifier.addErrorf("empty charm path")
 		}
@@ -373,59 +449,59 @@
 			}
 			if _, err := os.Stat(charmPath); err != nil {
 				if os.IsNotExist(err) {
-					verifier.addErrorf("charm path in service %q does not exist: %v", name, charmPath)
+					verifier.addErrorf("charm path in application %q does not exist: %v", name, charmPath)
 				} else {
-					verifier.addErrorf("invalid charm path in service %q: %v", name, err)
+					verifier.addErrorf("invalid charm path in application %q: %v", name, err)
 				}
 			}
 		} else if curl, err = ParseURL(svc.Charm); err != nil {
-			verifier.addErrorf("invalid charm URL in service %q: %v", name, err)
+			verifier.addErrorf("invalid charm URL in application %q: %v", name, err)
 		}
 
 		// Check the series.
 		if curl != nil && curl.Series != "" && svc.Series != "" && curl.Series != svc.Series {
-			verifier.addErrorf("the charm URL for service %q has a series which does not match, please remove the series from the URL", name)
+			verifier.addErrorf("the charm URL for application %q has a series which does not match, please remove the series from the URL", name)
 		}
 		if svc.Series != "" && !IsValidSeries(svc.Series) {
-			verifier.addErrorf("service %q declares an invalid series %q", name, svc.Series)
+			verifier.addErrorf("application %q declares an invalid series %q", name, svc.Series)
 		}
 
 		if err := verifier.verifyConstraints(svc.Constraints); err != nil {
-			verifier.addErrorf("invalid constraints %q in service %q: %v", svc.Constraints, name, err)
+			verifier.addErrorf("invalid constraints %q in application %q: %v", svc.Constraints, name, err)
 		}
 		for storageName, storageConstraints := range svc.Storage {
 			if !validStorageName.MatchString(storageName) {
-				verifier.addErrorf("invalid storage name %q in service %q", storageName, name)
+				verifier.addErrorf("invalid storage name %q in application %q", storageName, name)
 			}
 			if err := verifier.verifyStorage(storageConstraints); err != nil {
-				verifier.addErrorf("invalid storage %q in service %q: %v", storageName, name, err)
+				verifier.addErrorf("invalid storage %q in application %q: %v", storageName, name, err)
 			}
 		}
 		if verifier.charms != nil {
 			if ch, ok := verifier.charms[svc.Charm]; ok {
 				if ch.Meta().Subordinate {
 					if len(svc.To) > 0 {
-						verifier.addErrorf("service %q is subordinate but specifies unit placement", name)
+						verifier.addErrorf("application %q is subordinate but specifies unit placement", name)
 					}
 					if svc.NumUnits > 0 {
-						verifier.addErrorf("service %q is subordinate but has non-zero num_units", name)
+						verifier.addErrorf("application %q is subordinate but has non-zero num_units", name)
 					}
 				}
 			} else {
-				verifier.addErrorf("service %q refers to non-existent charm %q", name, svc.Charm)
+				verifier.addErrorf("application %q refers to non-existent charm %q", name, svc.Charm)
 			}
 		}
 		for resName := range svc.Resources {
 			if resName == "" {
-				verifier.addErrorf("missing resource name on service %q", name)
+				verifier.addErrorf("missing resource name on application %q", name)
 			}
 			// We do not check the revisions because all values
 			// are allowed.
 		}
 		if svc.NumUnits < 0 {
-			verifier.addErrorf("negative number of units specified on service %q", name)
+			verifier.addErrorf("negative number of units specified on application %q", name)
 		} else if len(svc.To) > svc.NumUnits {
-			verifier.addErrorf("too many units specified in unit placement for service %q", name)
+			verifier.addErrorf("too many units specified in unit placement for application %q", name)
 		}
 		verifier.verifyPlacement(svc.To)
 	}
@@ -439,14 +515,14 @@
 			continue
 		}
 		switch {
-		case up.Service != "":
-			spec, ok := verifier.bd.Services[up.Service]
+		case up.Application != "":
+			spec, ok := verifier.bd.Applications[up.Application]
 			if !ok {
-				verifier.addErrorf("placement %q refers to a service not defined in this bundle", p)
+				verifier.addErrorf("placement %q refers to an application not defined in this bundle", p)
 				continue
 			}
 			if up.Unit >= 0 && up.Unit >= spec.NumUnits {
-				verifier.addErrorf("placement %q specifies a unit greater than the %d unit(s) started by the target service", p, spec.NumUnits)
+				verifier.addErrorf("placement %q specifies a unit greater than the %d unit(s) started by the target application", p, spec.NumUnits)
 			}
 		case up.Machine == "new":
 		default:
@@ -460,14 +536,14 @@
 	}
 }
 
-func (verifier *bundleDataVerifier) getCharmMetaForService(svcName string) (*Meta, error) {
-	svc, ok := verifier.bd.Services[svcName]
+func (verifier *bundleDataVerifier) getCharmMetaForApplication(appName string) (*Meta, error) {
+	svc, ok := verifier.bd.Applications[appName]
 	if !ok {
-		return nil, fmt.Errorf("service %q not found", svcName)
+		return nil, fmt.Errorf("application %q not found", appName)
 	}
 	ch, ok := verifier.charms[svc.Charm]
 	if !ok {
-		return nil, fmt.Errorf("charm %q from service %q not found", svc.Charm, svcName)
+		return nil, fmt.Errorf("charm %q from application %q not found", svc.Charm, appName)
 	}
 	return ch.Meta(), nil
 }
@@ -488,8 +564,8 @@
 				relParseErr = true
 				continue
 			}
-			if _, ok := verifier.bd.Services[ep.service]; !ok {
-				verifier.addErrorf("relation %q refers to service %q not defined in this bundle", relPair, ep.service)
+			if _, ok := verifier.bd.Applications[ep.application]; !ok {
+				verifier.addErrorf("relation %q refers to application %q not defined in this bundle", relPair, ep.application)
 			}
 			epPair[i] = ep
 		}
@@ -498,13 +574,13 @@
 			// bother checking further.
 			continue
 		}
-		if epPair[0].service == epPair[1].service {
-			verifier.addErrorf("relation %q relates a service to itself", relPair)
+		if epPair[0].application == epPair[1].application {
+			verifier.addErrorf("relation %q relates an application to itself", relPair)
 		}
 		// Resolve endpoint relations if necessary and we have
 		// the necessary charm information.
 		if (epPair[0].relation == "" || epPair[1].relation == "") && verifier.charms != nil {
-			iep0, iep1, err := inferEndpoints(epPair[0], epPair[1], verifier.getCharmMetaForService)
+			iep0, iep1, err := inferEndpoints(epPair[0], epPair[1], verifier.getCharmMetaForApplication)
 			if err != nil {
 				verifier.addErrorf("cannot infer endpoint between %s and %s: %v", epPair[0], epPair[1], err)
 			} else {
@@ -535,9 +611,9 @@
 }
 
 func (verifier *bundleDataVerifier) verifyEndpointBindings() {
-	for name, svc := range verifier.bd.Services {
+	for name, svc := range verifier.bd.Applications {
 		charm, ok := verifier.charms[name]
-		// Only thest the ok path here because the !ok path is tested in verifyServices
+		// Only thest the ok path here because the !ok path is tested in verifyApplications
 		if !ok {
 			continue
 		}
@@ -549,7 +625,7 @@
 
 			if !(isInProvides || isInRequires || isInPeers || isInExtraBindings) {
 				verifier.addErrorf(
-					"service %q wants to bind endpoint %q to space %q, "+
+					"application %q wants to bind endpoint %q to space %q, "+
 						"but the endpoint is not defined by the charm",
 					name, endpoint, space)
 			}
@@ -571,8 +647,8 @@
 // symmetrical (provider to requirer) and shares
 // the same interface.
 func (verifier *bundleDataVerifier) verifyRelation(ep0, ep1 endpoint) {
-	svc0 := verifier.bd.Services[ep0.service]
-	svc1 := verifier.bd.Services[ep1.service]
+	svc0 := verifier.bd.Applications[ep0.application]
+	svc1 := verifier.bd.Applications[ep1.application]
 	if svc0 == nil || svc1 == nil || svc0 == svc1 {
 		// An error will be produced by verifyRelations for this case.
 		return
@@ -580,7 +656,7 @@
 	charm0 := verifier.charms[svc0.Charm]
 	charm1 := verifier.charms[svc1.Charm]
 	if charm0 == nil || charm1 == nil {
-		// An error will be produced by verifyServices for this case.
+		// An error will be produced by verifyApplications for this case.
 		return
 	}
 	relProv0, okProv0 := charm0.Meta().Provides[ep0.relation]
@@ -591,7 +667,7 @@
 	}
 	relReq0, okReq0 := charm0.Meta().Requires[ep0.relation]
 	if !okProv0 && !okReq0 {
-		verifier.addErrorf("charm %q used by service %q does not define relation %q", svc0.Charm, ep0.service, ep0.relation)
+		verifier.addErrorf("charm %q used by application %q does not define relation %q", svc0.Charm, ep0.application, ep0.relation)
 	}
 	relProv1, okProv1 := charm1.Meta().Provides[ep1.relation]
 	// The juju-info relation is provided implicitly by every
@@ -601,7 +677,7 @@
 	}
 	relReq1, okReq1 := charm1.Meta().Requires[ep1.relation]
 	if !okProv1 && !okReq1 {
-		verifier.addErrorf("charm %q used by service %q does not define relation %q", svc1.Charm, ep1.service, ep1.relation)
+		verifier.addErrorf("charm %q used by application %q does not define relation %q", svc1.Charm, ep1.application, ep1.relation)
 	}
 
 	var relProv, relReq Relation
@@ -634,79 +710,79 @@
 	if verifier.charms == nil {
 		return
 	}
-	for svcName, svc := range verifier.bd.Services {
+	for appName, svc := range verifier.bd.Applications {
 		charm := verifier.charms[svc.Charm]
 		if charm == nil {
-			// An error will be produced by verifyServices for this case.
+			// An error will be produced by verifyApplications for this case.
 			continue
 		}
 		config := charm.Config()
 		for name, value := range svc.Options {
 			opt, ok := config.Options[name]
 			if !ok {
-				verifier.addErrorf("cannot validate service %q: configuration option %q not found in charm %q", svcName, name, svc.Charm)
+				verifier.addErrorf("cannot validate application %q: configuration option %q not found in charm %q", appName, name, svc.Charm)
 				continue
 			}
 			_, err := opt.validate(name, value)
 			if err != nil {
-				verifier.addErrorf("cannot validate service %q: %v", svcName, err)
+				verifier.addErrorf("cannot validate application %q: %v", appName, err)
 			}
 		}
 	}
 }
 
-var validServiceRelation = regexp.MustCompile("^(" + names.ServiceSnippet + "):(" + names.RelationSnippet + ")$")
+var validApplicationRelation = regexp.MustCompile("^(" + names.ApplicationSnippet + "):(" + names.RelationSnippet + ")$")
 
 type endpoint struct {
-	service  string
-	relation string
+	application string
+	relation    string
 }
 
 func (ep endpoint) String() string {
 	if ep.relation == "" {
-		return ep.service
+		return ep.application
 	}
-	return fmt.Sprintf("%s:%s", ep.service, ep.relation)
+	return fmt.Sprintf("%s:%s", ep.application, ep.relation)
 }
 
 func (ep1 endpoint) less(ep2 endpoint) bool {
-	if ep1.service == ep2.service {
+	if ep1.application == ep2.application {
 		return ep1.relation < ep2.relation
 	}
-	return ep1.service < ep2.service
+	return ep1.application < ep2.application
 }
 
 func parseEndpoint(ep string) (endpoint, error) {
-	m := validServiceRelation.FindStringSubmatch(ep)
+	m := validApplicationRelation.FindStringSubmatch(ep)
 	if m != nil {
 		return endpoint{
-			service:  m[1],
-			relation: m[2],
+			application: m[1],
+			relation:    m[2],
 		}, nil
 	}
-	if !names.IsValidService(ep) {
+	if !names.IsValidApplication(ep) {
 		return endpoint{}, fmt.Errorf("invalid relation syntax %q", ep)
 	}
 	return endpoint{
-		service: ep,
+		application: ep,
 	}, nil
 }
 
 // endpointInfo holds information about one endpoint of a relation.
 type endpointInfo struct {
-	serviceName string
+	applicationName string
 	Relation
 }
 
 // String returns the unique identifier of the relation endpoint.
 func (ep endpointInfo) String() string {
-	return ep.serviceName + ":" + ep.Name
+	return ep.applicationName + ":" + ep.Name
 }
 
 // canRelateTo returns whether a relation may be established between ep
 // and other.
 func (ep endpointInfo) canRelateTo(other endpointInfo) bool {
-	return ep.serviceName != other.serviceName &&
+	return ep.applicationName != other.applicationName &&
 		ep.Interface == other.Interface &&
 		ep.Role != RolePeer &&
 		counterpartRole(ep.Role) == other.Role
@@ -715,8 +791,8 @@
 // endpoint returns the endpoint specifier for ep.
 func (ep endpointInfo) endpoint() endpoint {
 	return endpoint{
-		service:  ep.serviceName,
-		relation: ep.Name,
+		application: ep.applicationName,
+		relation:    ep.Name,
 	}
 }
 
@@ -740,14 +816,14 @@
 	ContainerType string
 
 	// Machine holds the numeric machine id, or "new",
-	// or empty if the placement specifies a service.
+	// or empty if the placement specifies an application.
 	Machine string
 
-	// Service holds the service name, or empty if
+	// application holds the application name, or empty if
 	// the placement specifies a machine.
-	Service string
+	Application string
 
-	// Unit holds the unit number of the service, or -1
+	// Unit holds the unit number of the application, or -1
 	// if unspecified.
 	Unit int
 }
@@ -755,7 +831,7 @@
 var snippetReplacer = strings.NewReplacer(
 	"container", names.ContainerTypeSnippet,
 	"number", names.NumberSnippet,
-	"service", names.ServiceSnippet,
+	"application", names.ApplicationSnippet,
 )
 
 // validPlacement holds regexp that matches valid placement requests. To
@@ -764,13 +840,13 @@
 // using snippetReplacer.
 var validPlacement = regexp.MustCompile(
 	snippetReplacer.Replace(
-		"^(?:(container):)?(?:(service)(?:/(number))?|(number))$",
+		"^(?:(container):)?(?:(application)(?:/(number))?|(number))$",
 	),
 )
 
 // ParsePlacement parses a unit placement directive, as
-// specified in the To clause of a service entry in the
-// services section of a bundle.
+// specified in the To clause of an application entry in the
+// applications section of a bundle.
 func ParsePlacement(p string) (*UnitPlacement, error) {
 	m := validPlacement.FindStringSubmatch(p)
 	if m == nil {
@@ -778,7 +854,7 @@
 	}
 	up := UnitPlacement{
 		ContainerType: m[1],
-		Service:       m[2],
+		Application:   m[2],
 		Machine:       m[4],
 	}
 	if unitStr := m[3]; unitStr != "" {
@@ -788,11 +864,11 @@
 	} else {
 		up.Unit = -1
 	}
-	if up.Service == "new" {
+	if up.Application == "new" {
 		if up.Unit != -1 {
 			return nil, fmt.Errorf("invalid placement syntax %q", p)
 		}
-		up.Machine, up.Service = "new", ""
+		up.Machine, up.Application = "new", ""
 	}
 	return &up, nil
 }
@@ -873,7 +949,7 @@
 // possibleEndpoints returns all the endpoints that the given endpoint spec
 // could refer to.
 func possibleEndpoints(epSpec endpoint, get func(svc string) (*Meta, error)) ([]endpointInfo, error) {
-	meta, err := get(epSpec.service)
+	meta, err := get(epSpec.application)
 	if err != nil {
 		return nil, err
 	}
@@ -882,8 +958,8 @@
 	add := func(r Relation) {
 		if epSpec.relation == "" || epSpec.relation == r.Name {
 			eps = append(eps, endpointInfo{
-				serviceName: epSpec.service,
-				Relation:    r,
+				applicationName: epSpec.application,
+				Relation:        r,
 			})
 		}
 	}
@@ -894,7 +970,7 @@
 	for _, r := range meta.Requires {
 		add(r)
 	}
-	// Every service implicitly provides a juju-info relation.
+	// Every application implicitly provides a juju-info relation.
 	add(Relation{
 		Name:      "juju-info",
 		Role:      RoleProvider,
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/bundledata_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/bundledata_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/bundledata_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/bundledata_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,6 +13,7 @@
 	"github.com/juju/testing"
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
+	"gopkg.in/mgo.v2/bson"
 
 	"gopkg.in/juju/charm.v6-unstable"
 )
@@ -25,7 +26,7 @@
 
 const mediawikiBundle = `
 series: precise
-services:
+applications:
     mediawiki:
         charm: "cs:precise/mediawiki-10"
         num_units: 1
@@ -50,11 +51,11 @@
         to: [0, mediawiki/0]
         options:
             "binlog-format": MIXED
-            "block-size": 5
+            "block-size": 5.3
             "dataset-size": "80%"
             flavor: distro
             "ha-bindiface": eth0
-            "ha-mcastport": 5411
+            "ha-mcastport": 5411.1
         annotations:
             "gui-x": 610
             "gui-y": 255
@@ -78,16 +79,17 @@
 `
 
 var parseTests = []struct {
-	about       string
-	data        string
-	expectedBD  *charm.BundleData
-	expectedErr string
+	about                         string
+	data                          string
+	expectedBD                    *charm.BundleData
+	expectedErr                   string
+	expectUnmarshaledWithServices bool
 }{{
 	about: "mediawiki",
 	data:  mediawikiBundle,
 	expectedBD: &charm.BundleData{
 		Series: "precise",
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"mediawiki": {
 				Charm:    "cs:precise/mediawiki-10",
 				NumUnits: 1,
@@ -118,11 +120,11 @@
 				To:       []string{"0", "mediawiki/0"},
 				Options: map[string]interface{}{
 					"binlog-format": "MIXED",
-					"block-size":    5,
+					"block-size":    5.3,
 					"dataset-size":  "80%",
 					"flavor":        "distro",
 					"ha-bindiface":  "eth0",
-					"ha-mcastport":  5411,
+					"ha-mcastport":  5411.1,
 				},
 				Annotations: map[string]string{
 					"gui-x": "610",
@@ -166,6 +168,49 @@
 			{"mysql:foo", "mediawiki:bar"},
 		},
 	},
+}, {
+	about: "legacy bundle with services instead of applications",
+	data: `
+services:
+    wordpress:
+        charm: wordpress
+    mysql:
+        charm: mysql
+        num_units: 1
+relations:
+    - ["wordpress:db", "mysql:db"]
+`,
+	expectedBD: &charm.BundleData{
+		Applications: map[string]*charm.ApplicationSpec{
+			"wordpress": {
+				Charm: "wordpress",
+			},
+			"mysql": {
+				Charm:    "mysql",
+				NumUnits: 1,
+			},
+		},
+		Relations: [][]string{
+			{"wordpress:db", "mysql:db"},
+		},
+	},
+	expectUnmarshaledWithServices: true,
+}, {
+	about: "bundle with services and applications",
+	data: `
+applications:
+    wordpress:
+        charm: wordpress
+services:
+    wordpress:
+        charm: wordpress
+    mysql:
+        charm: mysql
+        num_units: 1
+relations:
+    - ["wordpress:db", "mysql:db"]
+`,
+	expectedErr: ".*cannot specify both applications and services",
 }}
 
 func (*bundleDataSuite) TestParse(c *gc.C) {
@@ -177,14 +222,34 @@
 			continue
 		}
 		c.Assert(err, gc.IsNil)
+		c.Assert(bd.UnmarshaledWithServices(), gc.Equals, test.expectUnmarshaledWithServices)
+		bd.ClearUnmarshaledWithServices()
 		c.Assert(bd, jc.DeepEquals, test.expectedBD)
 	}
 }
 
+func (*bundleDataSuite) TestCodecRoundTrip(c *gc.C) {
+	for _, test := range parseTests {
+		if test.expectedErr != "" {
+			continue
+		}
+		// Check that for all the known codecs, we can
+		// round-trip the bundle data through them.
+		for _, codec := range codecs {
+			data, err := codec.Marshal(test.expectedBD)
+			c.Assert(err, gc.IsNil)
+			var bd charm.BundleData
+			err = codec.Unmarshal(data, &bd)
+			c.Assert(err, gc.IsNil)
+			c.Assert(&bd, jc.DeepEquals, test.expectedBD)
+		}
+	}
+}
+
 func (*bundleDataSuite) TestParseLocalWithSeries(c *gc.C) {
 	path := "internal/test-charm-repo/quanta/riak"
 	data := fmt.Sprintf(`
-        services:
+        applications:
             dummy:
                 charm: %s
                 series: xenial
@@ -193,7 +258,7 @@
 	bd, err := charm.ReadBundleData(strings.NewReader(data))
 	c.Assert(err, gc.IsNil)
 	c.Assert(bd, jc.DeepEquals, &charm.BundleData{
-		Services: map[string]*charm.ServiceSpec{
+		Applications: map[string]*charm.ApplicationSpec{
 			"dummy": {
 				Charm:    path,
 				Series:   "xenial",
@@ -202,6 +267,41 @@
 		}})
 }
 
+func (s *bundleDataSuite) TestUnmarshalWithServices(c *gc.C) {
+	obj := map[string]interface{}{
+		"services": map[string]interface{}{
+			"wordpress": map[string]interface{}{
+				"charm": "wordpress",
+			},
+		},
+	}
+	for i, codec := range codecs {
+		c.Logf("codec %d: %v", i, codec.Name)
+		data, err := codec.Marshal(obj)
+		c.Assert(err, gc.IsNil)
+		var bd charm.BundleData
+		err = codec.Unmarshal(data, &bd)
+		c.Assert(err, gc.IsNil)
+		c.Assert(bd.UnmarshaledWithServices(), gc.Equals, true)
+		bd.ClearUnmarshaledWithServices()
+		c.Assert(bd, jc.DeepEquals, charm.BundleData{
+			Applications: map[string]*charm.ApplicationSpec{"wordpress": {Charm: "wordpress"}}},
+		)
+	}
+}
+
+func (s *bundleDataSuite) TestBSONNilData(c *gc.C) {
+	bd := map[string]*charm.BundleData{
+		"test": nil,
+	}
+	data, err := bson.Marshal(bd)
+	c.Assert(err, jc.ErrorIsNil)
+	var result map[string]*charm.BundleData
+	err = bson.Unmarshal(data, &result)
+	c.Assert(err, gc.IsNil)
+	c.Assert(result["test"], gc.IsNil)
+}
+
 var verifyErrorsTests = []struct {
 	about  string
 	data   string
@@ -219,7 +319,7 @@
          series: 'bad series'
     bogus:
     3:
-services:
+applications:
     mediawiki:
         charm: "bogus:precise/mediawiki-10"
         num_units: -4
@@ -278,25 +378,25 @@
 `,
 	errors: []string{
 		`bundle declares an invalid series "9wrong"`,
-		`invalid storage name "no_underscores" in service "ceph"`,
-		`invalid storage "invalid-storage" in service "ceph-osd": bad storage constraint`,
+		`invalid storage name "no_underscores" in application "ceph"`,
+		`invalid storage "invalid-storage" in application "ceph-osd": bad storage constraint`,
 		`machine "3" is not referred to by a placement directive`,
 		`machine "bogus" is not referred to by a placement directive`,
 		`invalid machine id "bogus" found in machines`,
 		`invalid constraints "bad constraints" in machine "0": bad constraint`,
-		`invalid charm URL in service "mediawiki": charm or bundle URL has invalid schema: "bogus:precise/mediawiki-10"`,
-		`charm path in service "riak" does not exist: internal/test-charm-repo/bundle/somepath`,
-		`invalid constraints "bad constraints" in service "mysql": bad constraint`,
-		`negative number of units specified on service "mediawiki"`,
-		`missing resource name on service "mediawiki"`,
-		`the charm URL for service "postgres" has a series which does not match, please remove the series from the URL`,
-		`too many units specified in unit placement for service "mysql"`,
-		`placement "nowhere/3" refers to a service not defined in this bundle`,
-		`placement "mediawiki/0" specifies a unit greater than the -4 unit(s) started by the target service`,
+		`invalid charm URL in application "mediawiki": charm or bundle URL has invalid schema: "bogus:precise/mediawiki-10"`,
+		`charm path in application "riak" does not exist: internal/test-charm-repo/bundle/somepath`,
+		`invalid constraints "bad constraints" in application "mysql": bad constraint`,
+		`negative number of units specified on application "mediawiki"`,
+		`missing resource name on application "mediawiki"`,
+		`the charm URL for application "postgres" has a series which does not match, please remove the series from the URL`,
+		`too many units specified in unit placement for application "mysql"`,
+		`placement "nowhere/3" refers to an application not defined in this bundle`,
+		`placement "mediawiki/0" specifies a unit greater than the -4 unit(s) started by the target application`,
 		`placement "2" refers to a machine not defined in this bundle`,
 		`relation ["arble:bar"] has 1 endpoint(s), not 2`,
-		`relation ["arble:bar" "mediawiki:db"] refers to service "arble" not defined in this bundle`,
-		`relation ["mysql:foo" "mysql:bar"] relates a service to itself`,
+		`relation ["arble:bar" "mediawiki:db"] refers to application "arble" not defined in this bundle`,
+		`relation ["mysql:foo" "mysql:bar"] relates an application to itself`,
 		`relation ["mysql:db" "mediawiki:db"] is defined more than once`,
 		`invalid placement syntax "bad placement"`,
 		`invalid relation syntax "mediawiki/db"`,
@@ -369,7 +469,7 @@
 		"local:foo-45",
 	} {
 		c.Logf("test %d: %s", i, u)
-		bd.Services["mediawiki"].Charm = u
+		bd.Applications["mediawiki"].Charm = u
 		err := bd.Verify(nil, nil)
 		c.Check(err, gc.IsNil, gc.Commentf("charm url %q", u))
 	}
@@ -394,7 +494,7 @@
 		"./charm",
 	} {
 		c.Logf("test %d: %s", i, u)
-		bd.Services["mediawiki"].Charm = u
+		bd.Applications["mediawiki"].Charm = u
 		err := bd.VerifyLocal(bundleDir, nil, nil)
 		c.Check(err, gc.IsNil, gc.Commentf("charm url %q", u))
 	}
@@ -424,10 +524,10 @@
 
 func (s *bundleDataSuite) TestVerifyBundleWithUnknownEndpointBindingGiven(c *gc.C) {
 	err := s.testPrepareAndMutateBeforeVerifyWithCharms(c, func(bd *charm.BundleData) {
-		bd.Services["wordpress"].EndpointBindings["foo"] = "bar"
+		bd.Applications["wordpress"].EndpointBindings["foo"] = "bar"
 	})
 	c.Assert(err, gc.ErrorMatches,
-		`service "wordpress" wants to bind endpoint "foo" to space "bar", `+
+		`application "wordpress" wants to bind endpoint "foo" to space "bar", `+
 			`but the endpoint is not defined by the charm`,
 	)
 }
@@ -435,8 +535,8 @@
 func (s *bundleDataSuite) TestVerifyBundleWithExtraBindingsSuccess(c *gc.C) {
 	err := s.testPrepareAndMutateBeforeVerifyWithCharms(c, func(bd *charm.BundleData) {
 		// Both of these are specified in extra-bindings.
-		bd.Services["wordpress"].EndpointBindings["admin-api"] = "internal"
-		bd.Services["wordpress"].EndpointBindings["foo-bar"] = "test"
+		bd.Applications["wordpress"].EndpointBindings["admin-api"] = "internal"
+		bd.Applications["wordpress"].EndpointBindings["foo-bar"] = "test"
 	})
 	c.Assert(err, gc.IsNil)
 }
@@ -444,8 +544,8 @@
 func (s *bundleDataSuite) TestVerifyBundleWithRelationNameBindingSuccess(c *gc.C) {
 	err := s.testPrepareAndMutateBeforeVerifyWithCharms(c, func(bd *charm.BundleData) {
 		// Both of these are specified in as relations.
-		bd.Services["wordpress"].EndpointBindings["cache"] = "foo"
-		bd.Services["wordpress"].EndpointBindings["monitoring-port"] = "bar"
+		bd.Applications["wordpress"].EndpointBindings["cache"] = "foo"
+		bd.Applications["wordpress"].EndpointBindings["monitoring-port"] = "bar"
 	})
 	c.Assert(err, gc.IsNil)
 }
@@ -563,23 +663,23 @@
 	data:   mediawikiBundle,
 	charms: map[string]charm.Charm{},
 	errors: []string{
-		`service "mediawiki" refers to non-existent charm "cs:precise/mediawiki-10"`,
-		`service "mysql" refers to non-existent charm "cs:precise/mysql-28"`,
+		`application "mediawiki" refers to non-existent charm "cs:precise/mediawiki-10"`,
+		`application "mysql" refers to non-existent charm "cs:precise/mysql-28"`,
 	},
 }, {
 	about: "all present and correct",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
-    service2:
+    application2:
         charm: "test"
-    service3:
+    application3:
         charm: "test"
 relations:
-    - ["service1:prova", "service2:reqa"]
-    - ["service1:reqa", "service3:prova"]
-    - ["service3:provb", "service2:reqb"]
+    - ["application1:prova", "application2:reqa"]
+    - ["application1:reqa", "application3:prova"]
+    - ["application3:provb", "application2:reqb"]
 `,
 	charms: map[string]charm.Charm{
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
@@ -587,155 +687,155 @@
 }, {
 	about: "undefined relations",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
-    service2:
+    application2:
         charm: "test"
 relations:
-    - ["service1:prova", "service2:blah"]
-    - ["service1:blah", "service2:prova"]
+    - ["application1:prova", "application2:blah"]
+    - ["application1:blah", "application2:prova"]
 `,
 	charms: map[string]charm.Charm{
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`charm "test" used by service "service1" does not define relation "blah"`,
-		`charm "test" used by service "service2" does not define relation "blah"`,
+		`charm "test" used by application "application1" does not define relation "blah"`,
+		`charm "test" used by application "application2" does not define relation "blah"`,
 	},
 }, {
-	about: "undefined services",
+	about: "undefined applications",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
-    service2:
+    application2:
         charm: "test"
 relations:
-    - ["unknown:prova", "service2:blah"]
-    - ["service1:blah", "unknown:prova"]
+    - ["unknown:prova", "application2:blah"]
+    - ["application1:blah", "unknown:prova"]
 `,
 	charms: map[string]charm.Charm{
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`relation ["service1:blah" "unknown:prova"] refers to service "unknown" not defined in this bundle`,
-		`relation ["unknown:prova" "service2:blah"] refers to service "unknown" not defined in this bundle`,
+		`relation ["application1:blah" "unknown:prova"] refers to application "unknown" not defined in this bundle`,
+		`relation ["unknown:prova" "application2:blah"] refers to application "unknown" not defined in this bundle`,
 	},
 }, {
-	about: "equal services",
+	about: "equal applications",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
-    service2:
+    application2:
         charm: "test"
 relations:
-    - ["service2:prova", "service2:reqa"]
+    - ["application2:prova", "application2:reqa"]
 `,
 	charms: map[string]charm.Charm{
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`relation ["service2:prova" "service2:reqa"] relates a service to itself`,
+		`relation ["application2:prova" "application2:reqa"] relates an application to itself`,
 	},
 }, {
 	about: "provider to provider relation",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
-    service2:
+    application2:
         charm: "test"
 relations:
-    - ["service1:prova", "service2:prova"]
+    - ["application1:prova", "application2:prova"]
 `,
 	charms: map[string]charm.Charm{
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`relation "service1:prova" to "service2:prova" relates provider to provider`,
+		`relation "application1:prova" to "application2:prova" relates provider to provider`,
 	},
 }, {
 	about: "provider to provider relation",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
-    service2:
+    application2:
         charm: "test"
 relations:
-    - ["service1:reqa", "service2:reqa"]
+    - ["application1:reqa", "application2:reqa"]
 `,
 	charms: map[string]charm.Charm{
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`relation "service1:reqa" to "service2:reqa" relates requirer to requirer`,
+		`relation "application1:reqa" to "application2:reqa" relates requirer to requirer`,
 	},
 }, {
 	about: "interface mismatch",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
-    service2:
+    application2:
         charm: "test"
 relations:
-    - ["service1:reqa", "service2:provb"]
+    - ["application1:reqa", "application2:provb"]
 `,
 	charms: map[string]charm.Charm{
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`mismatched interface between "service2:provb" and "service1:reqa" ("b" vs "a")`,
+		`mismatched interface between "application2:provb" and "application1:reqa" ("b" vs "a")`,
 	},
 }, {
 	about: "different charms",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test1"
-    service2:
+    application2:
         charm: "test2"
 relations:
-    - ["service1:reqa", "service2:prova"]
+    - ["application1:reqa", "application2:prova"]
 `,
 	charms: map[string]charm.Charm{
 		"test1": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 		"test2": testCharm("test", ""),
 	},
 	errors: []string{
-		`charm "test2" used by service "service2" does not define relation "prova"`,
+		`charm "test2" used by application "application2" does not define relation "prova"`,
 	},
 }, {
 	about: "ambiguous relation",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test1"
-    service2:
+    application2:
         charm: "test2"
 relations:
-    - [service1, service2]
+    - [application1, application2]
 `,
 	charms: map[string]charm.Charm{
 		"test1": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 		"test2": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`cannot infer endpoint between service1 and service2: ambiguous relation: service1 service2 could refer to "service1:prova service2:reqa"; "service1:provb service2:reqb"; "service1:reqa service2:prova"; "service1:reqb service2:provb"`,
+		`cannot infer endpoint between application1 and application2: ambiguous relation: application1 application2 could refer to "application1:prova application2:reqa"; "application1:provb application2:reqb"; "application1:reqa application2:prova"; "application1:reqb application2:provb"`,
 	},
 }, {
 	about: "relation using juju-info",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "provider"
-    service2:
+    application2:
         charm: "requirer"
 relations:
-    - [service1, service2]
+    - [application1, application2]
 `,
 	charms: map[string]charm.Charm{
 		"provider": testCharm("provider", ""),
@@ -744,13 +844,13 @@
 }, {
 	about: "ambiguous when implicit relations taken into account",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "provider"
-    service2:
+    application2:
         charm: "requirer"
 relations:
-    - [service1, service2]
+    - [application1, application2]
 `,
 	charms: map[string]charm.Charm{
 		"provider": testCharm("provider", "provdb:db | "),
@@ -759,13 +859,13 @@
 }, {
 	about: "half of relation left open",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "provider"
-    service2:
+    application2:
         charm: "requirer"
 relations:
-    - ["service1:prova2", service2]
+    - ["application1:prova2", application2]
 `,
 	charms: map[string]charm.Charm{
 		"provider": testCharm("provider", "prova1:a prova2:a | "),
@@ -774,32 +874,32 @@
 }, {
 	about: "duplicate relation between open and fully-specified relations",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "provider"
-    service2:
+    application2:
         charm: "requirer"
 relations:
-    - ["service1:prova", "service2:reqa"]
-    - ["service1", "service2"]
+    - ["application1:prova", "application2:reqa"]
+    - ["application1", "application2"]
 `,
 	charms: map[string]charm.Charm{
 		"provider": testCharm("provider", "prova:a | "),
 		"requirer": testCharm("requirer", "| reqa:a"),
 	},
 	errors: []string{
-		`relation ["service1" "service2"] is defined more than once`,
+		`relation ["application1" "application2"] is defined more than once`,
 	},
 }, {
 	about: "configuration options specified",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
         options:
             title: "some title"
             skill-level: 245
-    service2:
+    application2:
         charm: "test"
         options:
             title: "another title"
@@ -810,13 +910,13 @@
 }, {
 	about: "invalid type for option",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
         options:
             title: "some title"
             skill-level: "too much"
-    service2:
+    application2:
         charm: "test"
         options:
             title: "another title"
@@ -825,13 +925,13 @@
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`cannot validate service "service1": option "skill-level" expected int, got "too much"`,
+		`cannot validate application "application1": option "skill-level" expected int, got "too much"`,
 	},
 }, {
 	about: "unknown option",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
         options:
             title: "some title"
@@ -841,18 +941,18 @@
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`cannot validate service "service1": configuration option "unknown-option" not found in charm "test"`,
+		`cannot validate application "application1": configuration option "unknown-option" not found in charm "test"`,
 	},
 }, {
 	about: "multiple config problems",
 	data: `
-services:
-    service1:
+applications:
+    application1:
         charm: "test"
         options:
             title: "some title"
             unknown-option: 2345
-    service2:
+    application2:
         charm: "test"
         options:
             title: 123
@@ -862,14 +962,14 @@
 		"test": testCharm("test", "prova:a provb:b | reqa:a reqb:b"),
 	},
 	errors: []string{
-		`cannot validate service "service1": configuration option "unknown-option" not found in charm "test"`,
-		`cannot validate service "service2": configuration option "another-unknown" not found in charm "test"`,
-		`cannot validate service "service2": option "title" expected string, got 123`,
+		`cannot validate application "application1": configuration option "unknown-option" not found in charm "test"`,
+		`cannot validate application "application2": configuration option "another-unknown" not found in charm "test"`,
+		`cannot validate application "application2": option "title" expected string, got 123`,
 	},
 }, {
 	about: "subordinate charm with more than zero units",
 	data: `
-services:
+applications:
     testsub:
         charm: "testsub"
         num_units: 1
@@ -878,12 +978,12 @@
 		"testsub": testCharm("test-sub", ""),
 	},
 	errors: []string{
-		`service "testsub" is subordinate but has non-zero num_units`,
+		`application "testsub" is subordinate but has non-zero num_units`,
 	},
 }, {
 	about: "subordinate charm with more than one unit",
 	data: `
-services:
+applications:
     testsub:
         charm: "testsub"
         num_units: 1
@@ -892,12 +992,12 @@
 		"testsub": testCharm("test-sub", ""),
 	},
 	errors: []string{
-		`service "testsub" is subordinate but has non-zero num_units`,
+		`application "testsub" is subordinate but has non-zero num_units`,
 	},
 }, {
 	about: "subordinate charm with to-clause",
 	data: `
-services:
+applications:
     testsub:
         charm: "testsub"
         to: [0]
@@ -908,13 +1008,13 @@
 		"testsub": testCharm("test-sub", ""),
 	},
 	errors: []string{
-		`service "testsub" is subordinate but specifies unit placement`,
-		`too many units specified in unit placement for service "testsub"`,
+		`application "testsub" is subordinate but specifies unit placement`,
+		`too many units specified in unit placement for application "testsub"`,
 	},
 }, {
 	about: "charm with unspecified units and more than one to: entry",
 	data: `
-services:
+applications:
     test:
         charm: "test"
         to: [0, 1]
@@ -923,7 +1023,7 @@
     1:
 `,
 	errors: []string{
-		`too many units specified in unit placement for service "test"`,
+		`too many units specified in unit placement for application "test"`,
 	},
 }}
 
@@ -939,17 +1039,17 @@
 	expect    *charm.UnitPlacement
 	expectErr string
 }{{
-	placement: "lxc:service/0",
+	placement: "lxc:application/0",
 	expect: &charm.UnitPlacement{
 		ContainerType: "lxc",
-		Service:       "service",
+		Application:   "application",
 		Unit:          0,
 	},
 }, {
-	placement: "lxc:service",
+	placement: "lxc:application",
 	expect: &charm.UnitPlacement{
 		ContainerType: "lxc",
-		Service:       "service",
+		Application:   "application",
 		Unit:          -1,
 	},
 }, {
@@ -967,22 +1067,22 @@
 		Unit:          -1,
 	},
 }, {
-	placement: "service/0",
+	placement: "application/0",
 	expect: &charm.UnitPlacement{
-		Service: "service",
-		Unit:    0,
+		Application: "application",
+		Unit:        0,
 	},
 }, {
-	placement: "service",
+	placement: "application",
 	expect: &charm.UnitPlacement{
-		Service: "service",
-		Unit:    -1,
+		Application: "application",
+		Unit:        -1,
 	},
 }, {
-	placement: "service45",
+	placement: "application45",
 	expect: &charm.UnitPlacement{
-		Service: "service45",
-		Unit:    -1,
+		Application: "application45",
+		Unit:        -1,
 	},
 }, {
 	placement: "99",
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/bundle_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/bundle_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/bundle_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/bundle_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -33,6 +33,14 @@
 	checkWordpressBundle(c, b, path)
 }
 
+func (*BundleSuite) TestReadBundleArchiveWithLegacyServices(c *gc.C) {
+	path := bundleDirPath(c, "wordpress-legacy")
+	b, err := charm.ReadBundle(path)
+	c.Assert(err, gc.IsNil)
+	c.Assert(b, gc.FitsTypeOf, (*charm.BundleDir)(nil))
+	checkWordpressBundle(c, b, path)
+}
+
 func checkWordpressBundle(c *gc.C, b charm.Bundle, path string) {
 	// Load the charms required by the bundle.
 	wordpressCharm := readCharmDir(c, "wordpress")
@@ -48,7 +56,7 @@
 	err := bd.VerifyWithCharms(verifyOk, nil, charms)
 	c.Assert(err, gc.IsNil)
 
-	c.Assert(bd.Services, jc.DeepEquals, map[string]*charm.ServiceSpec{
+	c.Assert(bd.Applications, jc.DeepEquals, map[string]*charm.ApplicationSpec{
 		"wordpress": {
 			Charm: "wordpress",
 		},
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmarchive.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmarchive.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmarchive.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmarchive.go	2016-07-18 19:45:44.000000000 +0000
@@ -122,7 +122,6 @@
 		if _, ok := err.(*noCharmArchiveFile); !ok {
 			return nil, err
 		}
-		b.revision = b.meta.OldRevision
 	} else {
 		_, err = fmt.Fscan(reader, &b.revision)
 		if err != nil {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmarchive_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmarchive_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmarchive_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmarchive_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,7 +17,7 @@
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/set"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charm.v6-unstable"
 )
@@ -292,14 +292,15 @@
 	archive := extCharmArchiveDir(c, charmDir)
 	c.Assert(archive.Revision(), gc.Equals, 0)
 
-	// Missing revision file with old revision in metadata
+	// Missing revision file with obsolete old revision in metadata;
+	// the revision is ignored.
 	file, err := os.OpenFile(filepath.Join(charmDir, "metadata.yaml"), os.O_WRONLY|os.O_APPEND, 0)
 	c.Assert(err, gc.IsNil)
 	_, err = file.Write([]byte("\nrevision: 1234\n"))
 	c.Assert(err, gc.IsNil)
 
 	archive = extCharmArchiveDir(c, charmDir)
-	c.Assert(archive.Revision(), gc.Equals, 1234)
+	c.Assert(archive.Revision(), gc.Equals, 0)
 
 	// Revision file with bad content
 	err = ioutil.WriteFile(revPath, []byte("garbage"), 0666)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmdir.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmdir.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmdir.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmdir.go	2016-07-18 19:45:44.000000000 +0000
@@ -85,8 +85,6 @@
 		if err != nil {
 			return nil, errors.New("invalid revision file")
 		}
-	} else {
-		dir.revision = dir.meta.OldRevision
 	}
 
 	return dir, nil
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmdir_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmdir_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charmdir_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charmdir_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -268,7 +268,8 @@
 	c.Assert(err, gc.IsNil)
 	c.Assert(dir.Revision(), gc.Equals, 0)
 
-	// Missing revision file with old revision in metadata
+	// Missing revision file with obsolete old revision in metadata ignores
+	// the old revision field.
 	file, err := os.OpenFile(filepath.Join(charmDir, "metadata.yaml"), os.O_WRONLY|os.O_APPEND, 0)
 	c.Assert(err, gc.IsNil)
 	_, err = file.Write([]byte("\nrevision: 1234\n"))
@@ -276,7 +277,7 @@
 
 	dir, err = charm.ReadCharmDir(charmDir)
 	c.Assert(err, gc.IsNil)
-	c.Assert(dir.Revision(), gc.Equals, 1234)
+	c.Assert(dir.Revision(), gc.Equals, 0)
 
 	// Revision file with bad content
 	err = ioutil.WriteFile(revPath, []byte("garbage"), 0666)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charm_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charm_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/charm_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/charm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/utils/fs"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charm.v6-unstable"
 )
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/config.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/config.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/config.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"strconv"
 
 	"github.com/juju/schema"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 )
 
 // Settings is a group of charm config option names and values. A Settings
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/config_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/config_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/config_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/config_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 
 	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charm.v6-unstable"
 )
@@ -29,11 +29,11 @@
 options:
   title:
     default: My Title
-    description: A descriptive title used for the service.
+    description: A descriptive title used for the application.
     type: string
   subtitle:
     default: ""
-    description: An optional subtitle used for the service.
+    description: An optional subtitle used for the application.
   outlook:
     description: No default outlook.
     # type defaults to string in python
@@ -58,12 +58,12 @@
 	c.Assert(s.config.Options, jc.DeepEquals, map[string]charm.Option{
 		"title": {
 			Default:     "My Title",
-			Description: "A descriptive title used for the service.",
+			Description: "A descriptive title used for the application.",
 			Type:        "string",
 		},
 		"subtitle": {
 			Default:     "",
-			Description: "An optional subtitle used for the service.",
+			Description: "An optional subtitle used for the application.",
 			Type:        "string",
 		},
 		"username": {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/dependencies.tsv juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/dependencies.tsv
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -1,15 +1,14 @@
-github.com/juju/errors	git	4567a5e69fd3130ca0d89f69478e7ac025b67452	2015-03-27T19:24:31Z
+github.com/juju/errors	git	1b5e39b83d1835fa480e0c2ddefb040ee82d58b3	2015-09-16T12:56:42Z
 github.com/juju/gojsonpointer	git	afe8b77aa08f272b49e01b82de78510c11f61500	2015-02-04T19:46:29Z
 github.com/juju/gojsonreference	git	f0d24ac5ee330baa21721cdff56d45e4ee42628e	2015-02-04T19:46:33Z
 github.com/juju/gojsonschema	git	e1ad140384f254c82f89450d9a7c8dd38a632838	2015-03-12T17:00:16Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
-github.com/juju/names	git	a6a253b0a94cc79e99a68d284b970ffce2a11ecd	2015-07-09T13:59:32Z
 github.com/juju/schema	git	1e25943f8c6fd6815282d6f1ac87091d21e14e19	2016-03-01T11:16:46Z
-github.com/juju/testing	git	ee18040b46bb1f8c93438383bd51ec77eb8c02ab	2016-01-12T21:04:04Z
-github.com/juju/utils	git	ef8480bcaabae506777530725c81d83a4de2fb06	2016-01-12T23:14:21Z
-github.com/juju/version	git	102b12db83e38cb2ce7003544092ea7b0ca59e92	2015-11-07T04:32:11Z
+github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
+github.com/juju/utils	git	ffea6ead0c374583e876c8357c9db6e98bc71476	2016-05-26T02:52:51Z
+github.com/juju/version	git	ef897ad7f130870348ce306f61332f5335355063	2015-11-27T20:34:00Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
-gopkg.in/check.v1	git	b3d3430320d4260e5fea99841af984b3badcea63	2015-06-26T10:50:28Z
-gopkg.in/mgo.v2	git	f4923a569136442e900b8cf5c1a706c0a8b0883c	2015-08-21T15:31:23Z
-gopkg.in/yaml.v1	git	9f9df34309c04878acc86042b16630b0f696e1de	2014-09-24T16:16:07Z
-gopkg.in/yaml.v2	git	53feefa2559fb8dfa8d81baad31be332c97d6c77	2015-09-24T14:23:14Z
+gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
+gopkg.in/juju/names.v2	git	e38bc90539f22af61a9c656d35068bd5f0a5b30a	2016-05-25T23:07:23Z
+gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
+gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/export_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/export_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -19,3 +19,7 @@
 func MissingSeriesError() error {
 	return missingSeriesError
 }
+
+func (bd *BundleData) ClearUnmarshaledWithServices() {
+	bd.unmarshaledWithServices = false
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/bad/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,6 +1,6 @@
 # This bundle has a bad relation, which will cause it to fail
 # its verification.
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/openstack/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 series: precise
-services:
+applications:
   mysql:
     charm: cs:precise/mysql
     constraints: mem=1G
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/bundle.yaml	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,8 @@
+services:
+    wordpress:
+        charm: wordpress
+    mysql:
+        charm: mysql
+        num_units: 1
+relations:
+    - ["wordpress:db", "mysql:server"]
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/README.md juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/README.md
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/README.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-legacy/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1 @@
+A dummy bundle
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-simple/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
     wordpress:
         charm: wordpress
     mysql:
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/bundle/wordpress-with-logging/bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
     wordpress:
         charm: wordpress
         num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/quantal/dummy/config.yaml juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/quantal/dummy/config.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/quantal/dummy/config.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/internal/test-charm-repo/quantal/dummy/config.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,5 +1,5 @@
 options:
-  title: {default: My Title, description: A descriptive title used for the service., type: string}
+  title: {default: My Title, description: A descriptive title used for the application., type: string}
   outlook: {description: No default outlook., type: string}
   username: {default: admin001, description: The name of the initial account (given admin permissions)., type: string}
   skill-level: {description: A number indicating skill., type: int}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/meta.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/meta.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/meta.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/meta.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
 	"github.com/juju/schema"
 	"github.com/juju/utils"
 	"github.com/juju/version"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charm.v6-unstable/hooks"
 	"gopkg.in/juju/charm.v6-unstable/resource"
@@ -68,7 +68,7 @@
 	Type StorageType `bson:"type"`
 
 	// Shared indicates that the storage is shared between all units of
-	// a service deployed from the charm. It is an error to attempt to
+	// an application deployed from the charm. It is an error to attempt to
 	// assign non-shareable storage to a "shared" storage requirement.
 	//
 	// Shared defaults to false.
@@ -190,8 +190,6 @@
 	Requires       map[string]Relation      `bson:"requires,omitempty" json:"Requires,omitempty"`
 	Peers          map[string]Relation      `bson:"peers,omitempty" json:"Peers,omitempty"`
 	ExtraBindings  map[string]ExtraBinding  `bson:"extra-bindings,omitempty" json:"ExtraBindings,omitempty"`
-	Format         int                      `bson:"format,omitempty" json:"Format,omitempty"`
-	OldRevision    int                      `bson:"oldrevision,omitempty" json:"OldRevision"` // Obsolete
 	Categories     []string                 `bson:"categories,omitempty" json:"Categories,omitempty"`
 	Tags           []string                 `bson:"tags,omitempty" json:"Tags,omitempty"`
 	Series         []string                 `bson:"series,omitempty" json:"SupportedSeries,omitempty"`
@@ -255,36 +253,46 @@
 
 // ReadMeta reads the content of a metadata.yaml file and returns
 // its representation.
-func ReadMeta(r io.Reader) (meta *Meta, err error) {
+func ReadMeta(r io.Reader) (*Meta, error) {
 	data, err := ioutil.ReadAll(r)
 	if err != nil {
-		return
+		return nil, err
+	}
+	var meta Meta
+	err = yaml.Unmarshal(data, &meta)
+	if err != nil {
+		return nil, err
 	}
+	return &meta, nil
+}
+
+func (meta *Meta) UnmarshalYAML(f func(interface{}) error) error {
 	raw := make(map[interface{}]interface{})
-	err = yaml.Unmarshal(data, raw)
+	err := f(&raw)
 	if err != nil {
-		return
+		return err
 	}
 	v, err := charmSchema.Coerce(raw, nil)
 	if err != nil {
-		return nil, errors.New("metadata: " + err.Error())
+		return errors.New("metadata: " + err.Error())
 	}
 
 	m := v.(map[string]interface{})
-	meta, err = parseMeta(m)
+	meta1, err := parseMeta(m)
 	if err != nil {
-		return nil, err
+		return err
 	}
 
-	if err := meta.Check(); err != nil {
-		return nil, err
+	if err := meta1.Check(); err != nil {
+		return err
 	}
 
 	// TODO(ericsnow) This line should be moved into parseMeta as soon
 	// as the terms code gets fixed.
-	meta.Terms = parseStringList(m["terms"])
+	meta1.Terms = parseStringList(m["terms"])
 
-	return meta, nil
+	*meta = *meta1
+	return nil
 }
 
 func parseMeta(m map[string]interface{}) (*Meta, error) {
@@ -303,16 +311,11 @@
 	if err != nil {
 		return nil, err
 	}
-	meta.Format = int(m["format"].(int64))
 	meta.Categories = parseStringList(m["categories"])
 	meta.Tags = parseStringList(m["tags"])
 	if subordinate := m["subordinate"]; subordinate != nil {
 		meta.Subordinate = subordinate.(bool)
 	}
-	if rev := m["revision"]; rev != nil {
-		// Obsolete
-		meta.OldRevision = int(m["revision"].(int64))
-	}
 	meta.Series = parseStringList(m["series"])
 	meta.Storage = parseStorage(m["storage"])
 	meta.PayloadClasses = parsePayloadClasses(m["payloads"])
@@ -395,12 +398,6 @@
 	return rs1
 }
 
-// GetYAML implements yaml.Getter.GetYAML (yaml.v1).
-func (m Meta) GetYAML() (tag string, value interface{}) {
-	v, _ := m.MarshalYAML()
-	return "", v
-}
-
 func marshaledRelations(relations map[string]Relation) map[string]marshaledRelation {
 	marshaled := make(map[string]marshaledRelation)
 	for name, relation := range relations {
@@ -411,7 +408,7 @@
 
 type marshaledRelation Relation
 
-func (r marshaledRelation) GetYAML() (tag string, value interface{}) {
+func (r marshaledRelation) MarshalYAML() (interface{}, error) {
 	// See calls to ifaceExpander in charmSchema.
 	noLimit := 1
 	if r.Role == RoleProvider {
@@ -420,7 +417,7 @@
 
 	if !r.Optional && r.Limit == noLimit && r.Scope == ScopeGlobal {
 		// All attributes are default, so use the simple string form of the relation.
-		return "", r.Interface
+		return r.Interface, nil
 	}
 	mr := struct {
 		Interface string        `yaml:"interface"`
@@ -437,7 +434,7 @@
 	if r.Scope != ScopeGlobal {
 		mr.Scope = r.Scope
 	}
-	return "", mr
+	return mr, nil
 }
 
 func marshaledExtraBindings(bindings map[string]ExtraBinding) map[string]interface{} {
@@ -810,7 +807,7 @@
 		"requires":         schema.StringMap(ifaceExpander(int64(1))),
 		"extra-bindings":   extraBindingsSchema,
 		"revision":         schema.Int(), // Obsolete
-		"format":           schema.Int(),
+		"format":           schema.Int(), // Obsolete
 		"subordinate":      schema.Bool(),
 		"categories":       schema.List(schema.String()),
 		"tags":             schema.List(schema.String()),
@@ -827,7 +824,7 @@
 		"peers":            schema.Omit,
 		"extra-bindings":   schema.Omit,
 		"revision":         schema.Omit,
-		"format":           1,
+		"format":           schema.Omit,
 		"subordinate":      schema.Omit,
 		"categories":       schema.Omit,
 		"tags":             schema.Omit,
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/meta_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/meta_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/meta_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/meta_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
 	jc "github.com/juju/testing/checkers"
 	"github.com/juju/version"
 	gc "gopkg.in/check.v1"
-	"gopkg.in/yaml.v1"
+	"gopkg.in/yaml.v2"
 	yamlv2 "gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charm.v6-unstable"
@@ -43,16 +43,15 @@
 	c.Assert(meta.Summary, gc.Equals, "That's a dummy charm.")
 	c.Assert(meta.Description, gc.Equals,
 		"This is a longer description which\npotentially contains multiple lines.\n")
-	c.Assert(meta.Format, gc.Equals, 1)
-	c.Assert(meta.OldRevision, gc.Equals, 0)
 	c.Assert(meta.Subordinate, gc.Equals, false)
 }
 
 func (s *MetaSuite) TestReadMetaVersion2(c *gc.C) {
+	// This checks that we can accept a charm with the
+	// obsolete "format" field, even though we ignore it.
 	meta, err := charm.ReadMeta(repoMeta(c, "format2"))
 	c.Assert(err, gc.IsNil)
 	c.Assert(meta.Name, gc.Equals, "format2")
-	c.Assert(meta.Format, gc.Equals, 2)
 	c.Assert(meta.Categories, gc.HasLen, 0)
 	c.Assert(meta.Terms, gc.HasLen, 0)
 }
@@ -561,37 +560,41 @@
 		Subordinate: true,
 		Provides: map[string]charm.Relation{
 			"qux": {
+				Name:      "qux",
+				Role:      charm.RoleProvider,
 				Interface: "quxx",
 				Optional:  true,
 				Limit:     42,
-				Scope:     "quxxx",
+				Scope:     charm.ScopeGlobal,
 			},
 		},
 		Requires: map[string]charm.Relation{
-			"qux": {
+			"frob": {
+				Name:      "frob",
+				Role:      charm.RoleRequirer,
 				Interface: "quxx",
 				Optional:  true,
 				Limit:     42,
-				Scope:     "quxxx",
+				Scope:     charm.ScopeContainer,
 			},
 		},
 		Peers: map[string]charm.Relation{
-			"qux": {
+			"arble": {
+				Name:      "arble",
+				Role:      charm.RolePeer,
 				Interface: "quxx",
 				Optional:  true,
 				Limit:     42,
-				Scope:     "quxxx",
+				Scope:     charm.ScopeGlobal,
 			},
 		},
 		ExtraBindings: map[string]charm.ExtraBinding{
-			"foo": {Name: "foo"},
-			"qux": {Name: "qux"},
+			"b1": {Name: "b1"},
+			"b2": {Name: "b2"},
 		},
-		Categories:  []string{"quxxxx", "quxxxxx"},
-		Tags:        []string{"openstack", "storage"},
-		Format:      10,
-		OldRevision: 11,
-		Terms:       []string{"test term 1", "test term 2"},
+		Categories: []string{"quxxxx", "quxxxxx"},
+		Tags:       []string{"openstack", "storage"},
+		Terms:      []string{"test term 1", "test term 2"},
 	}
 	for i, codec := range codecs {
 		c.Logf("codec %d", i)
@@ -600,7 +603,7 @@
 		var output charm.Meta
 		err = codec.Unmarshal(data, &output)
 		c.Assert(err, gc.IsNil)
-		c.Assert(input, jc.DeepEquals, output)
+		c.Assert(output, jc.DeepEquals, input, gc.Commentf("data: %q", data))
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/metrics.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/metrics.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/metrics.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/metrics.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,7 +10,7 @@
 	"strconv"
 	"strings"
 
-	goyaml "gopkg.in/yaml.v1"
+	goyaml "gopkg.in/yaml.v2"
 )
 
 // MetricType is used to identify metric types supported by juju.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/payloads.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/payloads.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/payloads.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/payloads.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,6 +7,7 @@
 	"fmt"
 
 	"github.com/juju/schema"
+	"gopkg.in/juju/names.v2"
 )
 
 var payloadClassSchema = schema.FieldMap(
@@ -60,8 +61,13 @@
 	if pc.Name == "" {
 		return fmt.Errorf("payload class missing name")
 	}
+	if !names.IsValidPayload(pc.Name) {
+		return fmt.Errorf("invalid payload class %q", pc.Name)
+	}
+
 	if pc.Type == "" {
 		return fmt.Errorf("payload class missing type")
 	}
+
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/payloads_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/payloads_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/payloads_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/payloads_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -76,6 +76,16 @@
 	c.Check(err, gc.ErrorMatches, `payload class missing name`)
 }
 
+func (s *payloadClassSuite) TestValidateBadName(c *gc.C) {
+	payloadClass := charm.PayloadClass{
+		Name: "my-###-payload",
+		Type: "docker",
+	}
+	err := payloadClass.Validate()
+
+	c.Check(err, gc.ErrorMatches, `invalid payload class "my-###-payload"`)
+}
+
 func (s *payloadClassSuite) TestValidateMissingType(c *gc.C) {
 	payloadClass := charm.PayloadClass{
 		Name: "my-payload",
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/resource/meta.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/resource/meta.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/resource/meta.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/resource/meta.go	2016-07-18 19:45:44.000000000 +0000
@@ -24,7 +24,7 @@
 	// Path is the relative path of the file or directory where the
 	// resource will be stored under the unit's data directory. The path
 	// is resolved against a subdirectory assigned to the resource. For
-	// example, given a service named "spam", a resource "eggs", and a
+	// example, given an application named "spam", a resource "eggs", and a
 	// path "eggs.tgz", the fully resolved storage path for the resource
 	// would be:
 	//   /var/lib/juju/agent/spam-0/resources/eggs/eggs.tgz
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/url.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/url.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/url.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/url.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,7 +11,7 @@
 	"strconv"
 	"strings"
 
-	"github.com/juju/names"
+	"gopkg.in/juju/names.v2"
 	"gopkg.in/mgo.v2/bson"
 )
 
@@ -369,6 +369,26 @@
 	if err != nil {
 		return err
 	}
+	*u = *url
+	return nil
+}
+
+// MarshalText implements encoding.TextMarshaler by
+// returning u.String()
+func (u *URL) MarshalText() ([]byte, error) {
+	if u == nil {
+		return nil, nil
+	}
+	return []byte(u.String()), nil
+}
+
+// UnmarshalText implements encoding.TestUnmarshaler by
+// parsing the data with ParseURL.
+func (u *URL) UnmarshalText(data []byte) error {
+	url, err := ParseURL(string(data))
+	if err != nil {
+		return err
+	}
 	*u = *url
 	return nil
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/url_test.go juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/url_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/charm.v6-unstable/url_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/charm.v6-unstable/url_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -11,6 +11,7 @@
 
 	gc "gopkg.in/check.v1"
 	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/yaml.v2"
 
 	"gopkg.in/juju/charm.v6-unstable"
 )
@@ -531,21 +532,28 @@
 }
 
 var codecs = []struct {
+	Name      string
 	Marshal   func(interface{}) ([]byte, error)
 	Unmarshal func([]byte, interface{}) error
 }{{
+	Name:      "bson",
 	Marshal:   bson.Marshal,
 	Unmarshal: bson.Unmarshal,
 }, {
+	Name:      "json",
 	Marshal:   json.Marshal,
 	Unmarshal: json.Unmarshal,
+}, {
+	Name:      "yaml",
+	Marshal:   yaml.Marshal,
+	Unmarshal: yaml.Unmarshal,
 }}
 
 func (s *URLSuite) TestURLCodecs(c *gc.C) {
 	for i, codec := range codecs {
-		c.Logf("codec %d", i)
+		c.Logf("codec %d: %v", i, codec.Name)
 		type doc struct {
-			URL *charm.URL
+			URL *charm.URL `json:",omitempty" bson:",omitempty" yaml:",omitempty"`
 		}
 		url := charm.MustParseURL("cs:series/name")
 		v0 := doc{url}
@@ -567,9 +575,10 @@
 
 		data, err = codec.Marshal(doc{})
 		c.Assert(err, gc.IsNil)
+		v = doc{}
 		err = codec.Unmarshal(data, &v)
 		c.Assert(err, gc.IsNil)
-		c.Assert(v.URL, gc.IsNil)
+		c.Assert(v.URL, gc.IsNil, gc.Commentf("data: %q", data))
 	}
 }
 
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/canvas.go juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/canvas.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/canvas.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/canvas.go	2016-07-18 19:45:44.000000000 +0000
@@ -13,30 +13,30 @@
 )
 
 const (
-	iconSize           = 96
-	serviceBlockSize   = 180
-	healthCircleRadius = 8
-	relationLineWidth  = 1
-	maxInt             = int(^uint(0) >> 1)
-	minInt             = -(maxInt - 1)
-	maxHeight          = 450
-	maxWidth           = 1000
+	iconSize             = 96
+	applicationBlockSize = 180
+	healthCircleRadius   = 8
+	relationLineWidth    = 1
+	maxInt               = int(^uint(0) >> 1)
+	minInt               = -(maxInt - 1)
+	maxHeight            = 450
+	maxWidth             = 1000
 
 	fontColor     = "#505050"
 	relationColor = "#a7a7a7"
 )
 
-// Canvas holds the parsed form of a bundle or environment.
+// Canvas holds the parsed form of a bundle or model.
 type Canvas struct {
-	services      []*service
-	relations     []*serviceRelation
+	applications  []*application
+	relations     []*applicationRelation
 	iconsRendered map[string]bool
 	iconIds       map[string]string
 }
 
-// service represents a service deployed to an environment and contains the
+// application represents a application deployed to a model and contains the
 // point of the top-left corner of the icon, icon URL, and additional metadata.
-type service struct {
+type application struct {
 	name      string
 	charmPath string
 	iconUrl   string
@@ -44,11 +44,11 @@
 	point     image.Point
 }
 
-// serviceRelation represents a relation created between two services.
-type serviceRelation struct {
-	name     string
-	serviceA *service
-	serviceB *service
+// applicationRelation represents a relation created between two applications.
+type applicationRelation struct {
+	name         string
+	applicationA *application
+	applicationB *application
 }
 
 // line represents a line segment with two endpoints.
@@ -57,7 +57,7 @@
 }
 
 // definition creates any necessary defs that can be used later in the SVG.
-func (s *service) definition(canvas *svg.SVG, iconsRendered map[string]bool, iconIds map[string]string) error {
+func (s *application) definition(canvas *svg.SVG, iconsRendered map[string]bool, iconIds map[string]string) error {
 	if len(s.iconSrc) == 0 || iconsRendered[s.charmPath] {
 		return nil
 	}
@@ -69,42 +69,31 @@
 	return processIcon(iconBuf, canvas.Writer, iconIds[s.charmPath])
 }
 
-// usage creates any necessary tags for actually using the service in the SVG.
-func (s *service) usage(canvas *svg.SVG, iconIds map[string]string) {
+// usage creates any necessary tags for actually using the application in the SVG.
+func (s *application) usage(canvas *svg.SVG, iconIds map[string]string) {
 	canvas.Group(fmt.Sprintf(`transform="translate(%d,%d)"`, s.point.X, s.point.Y))
 	defer canvas.Gend()
 	canvas.Title(s.name)
 	canvas.Circle(
-		serviceBlockSize/2,
-		serviceBlockSize/2,
-		serviceBlockSize/2,
-		`class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1"`)
-	canvas.Circle(
-		serviceBlockSize/2-iconSize/2+5, // for these two, add an offset to help
-		serviceBlockSize/2-iconSize/2+7, // hide the embossed border.
-		serviceBlockSize/4,
-		`id="service-icon-mask-`+s.name+`" fill="none"`)
-	canvas.ClipPath(`id="clip-` + s.name + `"`)
-	canvas.Use(
-		0,
-		0,
-		`#service-icon-mask-`+s.name)
-	canvas.ClipEnd()
+		applicationBlockSize/2,
+		applicationBlockSize/2,
+		applicationBlockSize/2,
+		`class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1"`)
 	if len(s.iconSrc) > 0 {
 		canvas.Use(
 			0,
 			0,
 			"#"+iconIds[s.charmPath],
-			fmt.Sprintf(`transform="translate(%d,%d)" width="%d" height="%d" clip-path="url(#clip-%s)"`, serviceBlockSize/2-iconSize/2, serviceBlockSize/2-iconSize/2, iconSize, iconSize, s.name),
+			fmt.Sprintf(`transform="translate(%d,%d)" width="%d" height="%d" clip-path="url(#clip-mask)"`, applicationBlockSize/2-iconSize/2, applicationBlockSize/2-iconSize/2, iconSize, iconSize),
 		)
 	} else {
 		canvas.Image(
-			serviceBlockSize/2-iconSize/2,
-			serviceBlockSize/2-iconSize/2,
+			applicationBlockSize/2-iconSize/2,
+			applicationBlockSize/2-iconSize/2,
 			iconSize,
 			iconSize,
 			s.iconUrl,
-			`clip-path="url(#clip-`+s.name+`)"`,
+			`clip-path="url(#clip-mask)"`,
 		)
 	}
 	name := s.name
@@ -113,29 +102,29 @@
 	}
 	canvas.Rect(
 		0,
-		serviceBlockSize-45,
-		serviceBlockSize,
+		applicationBlockSize-45,
+		applicationBlockSize,
 		32,
 		`rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)"`)
 	canvas.Text(
-		serviceBlockSize/2,
-		serviceBlockSize-23,
+		applicationBlockSize/2,
+		applicationBlockSize-23,
 		name,
 		`text-anchor="middle" style="font-weight:200"`)
 }
 
 // definition creates any necessary defs that can be used later in the SVG.
-func (r *serviceRelation) definition(canvas *svg.SVG) {
+func (r *applicationRelation) definition(canvas *svg.SVG) {
 }
 
 // usage creates any necessary tags for actually using the relation in the SVG.
-func (r *serviceRelation) usage(canvas *svg.SVG) {
+func (r *applicationRelation) usage(canvas *svg.SVG) {
 	canvas.Group()
 	defer canvas.Gend()
 	canvas.Title(r.name)
 	l := line{
-		p0: r.serviceA.point.Add(point(serviceBlockSize/2, serviceBlockSize/2)),
-		p1: r.serviceB.point.Add(point(serviceBlockSize/2, serviceBlockSize/2)),
+		p0: r.applicationA.point.Add(point(applicationBlockSize/2, applicationBlockSize/2)),
+		p1: r.applicationB.point.Add(point(applicationBlockSize/2, applicationBlockSize/2)),
 	}
 	canvas.Line(
 		l.p0.X,
@@ -151,13 +140,13 @@
 
 	deg := math.Atan2(float64(l.p0.Y-l.p1.Y), float64(l.p0.X-l.p1.X))
 	canvas.Circle(
-		int(float64(l.p0.X)-math.Cos(deg)*(serviceBlockSize/2)),
-		int(float64(l.p0.Y)-math.Sin(deg)*(serviceBlockSize/2)),
+		int(float64(l.p0.X)-math.Cos(deg)*(applicationBlockSize/2)),
+		int(float64(l.p0.Y)-math.Sin(deg)*(applicationBlockSize/2)),
 		4,
 		fmt.Sprintf(`fill=%q`, relationColor))
 	canvas.Circle(
-		int(float64(l.p1.X)+math.Cos(deg)*(serviceBlockSize/2)),
-		int(float64(l.p1.Y)+math.Sin(deg)*(serviceBlockSize/2)),
+		int(float64(l.p1.X)+math.Cos(deg)*(applicationBlockSize/2)),
+		int(float64(l.p1.Y)+math.Sin(deg)*(applicationBlockSize/2)),
 		4,
 		fmt.Sprintf(`fill=%q`, relationColor))
 }
@@ -174,13 +163,13 @@
 	return math.Sqrt(square(float64(dp.X)) + square(float64(dp.Y)))
 }
 
-// addService adds a new service to the canvas.
-func (c *Canvas) addService(s *service) {
-	c.services = append(c.services, s)
+// addApplication adds a new application to the canvas.
+func (c *Canvas) addApplication(s *application) {
+	c.applications = append(c.applications, s)
 }
 
 // addRelation adds a new relation to the canvas.
-func (c *Canvas) addRelation(r *serviceRelation) {
+func (c *Canvas) addRelation(r *applicationRelation) {
 	c.relations = append(c.relations, r)
 }
 
@@ -192,25 +181,25 @@
 	maxWidth := minInt
 	maxHeight := minInt
 
-	for _, service := range c.services {
-		if service.point.X < minWidth {
-			minWidth = service.point.X
+	for _, application := range c.applications {
+		if application.point.X < minWidth {
+			minWidth = application.point.X
 		}
-		if service.point.Y < minHeight {
-			minHeight = service.point.Y
+		if application.point.Y < minHeight {
+			minHeight = application.point.Y
 		}
-		if service.point.X > maxWidth {
-			maxWidth = service.point.X
+		if application.point.X > maxWidth {
+			maxWidth = application.point.X
 		}
-		if service.point.Y > maxHeight {
-			maxHeight = service.point.Y
+		if application.point.Y > maxHeight {
+			maxHeight = application.point.Y
 		}
 	}
-	for _, service := range c.services {
-		service.point = service.point.Sub(point(minWidth, minHeight))
+	for _, application := range c.applications {
+		application.point = application.point.Sub(point(minWidth, minHeight))
 	}
-	return abs(maxWidth-minWidth) + serviceBlockSize + 1,
-		abs(maxHeight-minHeight) + serviceBlockSize + 1
+	return abs(maxWidth-minWidth) + applicationBlockSize + 1,
+		abs(maxHeight-minHeight) + applicationBlockSize + 1
 }
 
 func (c *Canvas) definition(canvas *svg.SVG) {
@@ -223,12 +212,12 @@
 	io.WriteString(canvas.Writer, assets.RelationIconHealthy)
 	canvas.Gend()
 
-	// Service and relation specific defs.
+	// Application and relation specific defs.
 	for _, relation := range c.relations {
 		relation.definition(canvas)
 	}
-	for _, service := range c.services {
-		service.definition(canvas, c.iconsRendered, c.iconIds)
+	for _, application := range c.applications {
+		application.definition(canvas, c.iconsRendered, c.iconIds)
 	}
 }
 
@@ -240,18 +229,32 @@
 	}
 }
 
-func (c *Canvas) servicesGroup(canvas *svg.SVG) {
-	canvas.Gid("services")
+func (c *Canvas) applicationsGroup(canvas *svg.SVG) {
+	canvas.Gid("applications")
 	defer canvas.Gend()
-	for _, service := range c.services {
-		service.usage(canvas, c.iconIds)
+	for _, application := range c.applications {
+		application.usage(canvas, c.iconIds)
 	}
 }
 
+func (c *Canvas) iconClipPath(canvas *svg.SVG) {
+	canvas.Circle(
+		applicationBlockSize/2-iconSize/2+5, // for these two, add an offset to help
+		applicationBlockSize/2-iconSize/2+7, // hide the embossed border.
+		applicationBlockSize/4,
+		`id="application-icon-mask" fill="none"`)
+	canvas.ClipPath(`id="clip-mask"`)
+	defer canvas.ClipEnd()
+	canvas.Use(
+		0,
+		0,
+		`#application-icon-mask`)
+}
+
 // Marshal renders the SVG to the given io.Writer.
 func (c *Canvas) Marshal(w io.Writer) {
-	// Initialize maps for service icons, which are used both in definition
-	// and use methods for services.
+	// Initialize maps for application icons, which are used both in definition
+	// and use methods for applications.
 	c.iconsRendered = make(map[string]bool)
 	c.iconIds = make(map[string]string)
 
@@ -271,8 +274,9 @@
 	)
 	defer canvas.End()
 	c.definition(canvas)
+	c.iconClipPath(canvas)
 	c.relationsGroup(canvas)
-	c.servicesGroup(canvas)
+	c.applicationsGroup(canvas)
 }
 
 // abs returns the absolute value of a number.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/canvas_test.go juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/canvas_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/canvas_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/canvas_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -17,17 +17,17 @@
 
 var _ = gc.Suite(&CanvasSuite{})
 
-func (s *CanvasSuite) TestServiceRender(c *gc.C) {
-	// Ensure that the Service's definition and usage methods output the
+func (s *CanvasSuite) TestApplicationRender(c *gc.C) {
+	// Ensure that the Application's definition and usage methods output the
 	// proper SVG elements.
 	var tests = []struct {
-		about    string
-		service  service
-		expected string
+		about       string
+		application application
+		expected    string
 	}{
 		{
-			about: "Service without iconSrc, no def created",
-			service: service{
+			about: "Application without iconSrc, no def created",
+			application: application{
 				name: "foo",
 				point: image.Point{
 					X: 0,
@@ -37,19 +37,16 @@
 			},
 			expected: `<g transform="translate(0,0)" >
 <title>foo</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-foo" fill="none" />
-<clipPath id="clip-foo" ><use x="0" y="0" xlink:href="#service-icon-mask-foo" />
-</clipPath>
-<image x="42" y="42" width="96" height="96" xlink:href="foo" clip-path="url(#clip-foo)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<image x="42" y="42" width="96" height="96" xlink:href="foo" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >foo</text>
 </g>
 `,
 		},
 		{
-			about: "Service with iconSrc",
-			service: service{
+			about: "Application with iconSrc",
+			application: application{
 				name:      "bar",
 				charmPath: "bar",
 				point: image.Point{
@@ -60,19 +57,16 @@
 			},
 			expected: `<svg:svg xmlns:svg="http://www.w3.org/2000/svg" id="icon-1">bar</svg:svg><g transform="translate(0,0)" >
 <title>bar</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-bar" fill="none" />
-<clipPath id="clip-bar" ><use x="0" y="0" xlink:href="#service-icon-mask-bar" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-bar)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >bar</text>
 </g>
 `,
 		},
 		{
-			about: "Service with already def'd icon",
-			service: service{
+			about: "Application with already def'd icon",
+			application: application{
 				name:      "baz",
 				charmPath: "bar",
 				point: image.Point{
@@ -83,11 +77,8 @@
 			},
 			expected: `<g transform="translate(0,0)" >
 <title>baz</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-baz" fill="none" />
-<clipPath id="clip-baz" ><use x="0" y="0" xlink:href="#service-icon-mask-baz" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-baz)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >baz</text>
 </g>
@@ -100,8 +91,8 @@
 	for _, test := range tests {
 		var buf bytes.Buffer
 		svg := svg.New(&buf)
-		test.service.definition(svg, iconsRendered, iconIds)
-		test.service.usage(svg, iconIds)
+		test.application.definition(svg, iconsRendered, iconIds)
+		test.application.usage(svg, iconIds)
 		c.Log(test.about)
 		c.Log(buf.String())
 		c.Assert(buf.String(), gc.Equals, test.expected)
@@ -113,15 +104,15 @@
 	// proper SVG elements.
 	var buf bytes.Buffer
 	svg := svg.New(&buf)
-	relation := serviceRelation{
+	relation := applicationRelation{
 		name: "foo",
-		serviceA: &service{
+		applicationA: &application{
 			point: image.Point{
 				X: 0,
 				Y: 0,
 			},
 		},
-		serviceB: &service{
+		applicationB: &application{
 			point: image.Point{
 				X: 100,
 				Y: 100,
@@ -141,18 +132,31 @@
 `)
 }
 
+func (s *CanvasSuite) TestIconClipPath(c *gc.C) {
+	// Ensure that the icon ClipPath returns the correctly sizes clipping Circle
+	var buf bytes.Buffer
+	svg := svg.New(&buf)
+	canvas := Canvas{}
+	canvas.iconClipPath(svg)
+	c.Assert(buf.String(), gc.Equals,
+		`<circle cx="47" cy="49" r="45" id="application-icon-mask" fill="none" />
+<clipPath id="clip-mask" ><use x="0" y="0" xlink:href="#application-icon-mask" />
+</clipPath>
+`)
+}
+
 func (s *CanvasSuite) TestLayout(c *gc.C) {
-	// Ensure that the SVG is sized exactly around the positioned services.
+	// Ensure that the SVG is sized exactly around the positioned applications.
 	canvas := Canvas{}
-	canvas.addService(&service{
-		name: "service1",
+	canvas.addApplication(&application{
+		name: "application1",
 		point: image.Point{
 			X: 0,
 			Y: 0,
 		},
 	})
-	canvas.addService(&service{
-		name: "service2",
+	canvas.addApplication(&application{
+		name: "application2",
 		point: image.Point{
 			X: 100,
 			Y: 100,
@@ -161,22 +165,22 @@
 	width, height := canvas.layout()
 	c.Assert(width, gc.Equals, 281)
 	c.Assert(height, gc.Equals, 281)
-	canvas.addService(&service{
-		name: "service3",
+	canvas.addApplication(&application{
+		name: "application3",
 		point: image.Point{
 			X: -100,
 			Y: -100,
 		},
 	})
-	canvas.addService(&service{
-		name: "service4",
+	canvas.addApplication(&application{
+		name: "application4",
 		point: image.Point{
 			X: -100,
 			Y: 100,
 		},
 	})
-	canvas.addService(&service{
-		name: "service5",
+	canvas.addApplication(&application{
+		name: "application5",
 		point: image.Point{
 			X: 200,
 			Y: -100,
@@ -192,8 +196,8 @@
 	// to SVG.
 	var buf bytes.Buffer
 	canvas := Canvas{}
-	serviceA := &service{
-		name:      "service-a",
+	applicationA := &application{
+		name:      "application-a",
 		charmPath: "trusty/svc-a",
 		point: image.Point{
 			X: 0,
@@ -204,19 +208,19 @@
 				<circle cx="20" cy="20" r="20" style="fill:#000" />
 			</svg>`),
 	}
-	serviceB := &service{
-		name: "service-b",
+	applicationB := &application{
+		name: "application-b",
 		point: image.Point{
 			X: 100,
 			Y: 100,
 		},
 	}
-	canvas.addService(serviceA)
-	canvas.addService(serviceB)
-	canvas.addRelation(&serviceRelation{
-		name:     "relation",
-		serviceA: serviceA,
-		serviceB: serviceB,
+	canvas.addApplication(applicationA)
+	canvas.addApplication(applicationB)
+	canvas.addRelation(&applicationRelation{
+		name:         "relation",
+		applicationA: applicationA,
+		applicationB: applicationB,
 	})
 	canvas.Marshal(&buf)
 	c.Logf("%s", buf.Bytes())
@@ -233,8 +237,11 @@
 <svg xmlns="http://www.w3.org/2000/svg" class="blah" id="icon-1">
 &#x9;&#x9;&#x9;&#x9;<circle cx="20" cy="20" r="20" style="fill:#000"></circle>
 &#x9;&#x9;&#x9;</svg></defs>
+<circle cx="47" cy="49" r="45" id="application-icon-mask" fill="none" />
+<clipPath id="clip-mask" ><use x="0" y="0" xlink:href="#application-icon-mask" />
+</clipPath>
 <g id="relations">
-<g>
+<g >
 <title>relation</title>
 <line x1="90" y1="90" x2="190" y2="190" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="62.71, 16" />
 <use x="132" y="132" xlink:href="#healthCircle" />
@@ -242,26 +249,20 @@
 <circle cx="126" cy="126" r="4" fill="#a7a7a7" />
 </g>
 </g>
-<g id="services">
+<g id="applications">
 <g transform="translate(0,0)" >
-<title>service-a</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-service-a" fill="none" />
-<clipPath id="clip-service-a" ><use x="0" y="0" xlink:href="#service-icon-mask-service-a" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-service-a)" />
+<title>application-a</title>
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
-<text x="90" y="157" text-anchor="middle" style="font-weight:200" >service-a</text>
+<text x="90" y="157" text-anchor="middle" style="font-weight:200" >application-a</text>
 </g>
 <g transform="translate(100,100)" >
-<title>service-b</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-service-b" fill="none" />
-<clipPath id="clip-service-b" ><use x="0" y="0" xlink:href="#service-icon-mask-service-b" />
-</clipPath>
-<image x="42" y="42" width="96" height="96" xlink:href="" clip-path="url(#clip-service-b)" />
+<title>application-b</title>
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<image x="42" y="42" width="96" height="96" xlink:href="" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
-<text x="90" y="157" text-anchor="middle" style="font-weight:200" >service-b</text>
+<text x="90" y="157" text-anchor="middle" style="font-weight:200" >application-b</text>
 </g>
 </g>
 </svg>
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/dependencies.tsv juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/dependencies.tsv
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -4,16 +4,16 @@
 github.com/juju/gojsonreference	git	f0d24ac5ee330baa21721cdff56d45e4ee42628e	2015-02-04T19:46:33Z
 github.com/juju/gojsonschema	git	e1ad140384f254c82f89450d9a7c8dd38a632838	2015-03-12T17:00:16Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
-github.com/juju/names	git	e287fe4ae0dbda220cace3ed0e35cda4796c1aa3	2015-10-22T17:21:35Z
-github.com/juju/schema	git	afe1151cb49d1d7ed3c75592dfc6f38703f2e988	2015-08-07T07:58:08Z
-github.com/juju/testing	git	ad6f815f49f8209a27a3b7efb6d44876493e5939	2015-10-12T16:09:06Z
-github.com/juju/utils	git	f2db28cef935aba0a7207254fa5dba273e649d0e	2015-11-09T11:51:43Z
+github.com/juju/schema	git	1e25943f8c6fd6815282d6f1ac87091d21e14e19	2016-03-01T11:16:46Z
+github.com/juju/testing	git	162fafccebf20a4207ab93d63b986c230e3f4d2e	2016-04-04T09:43:17Z
+github.com/juju/utils	git	ffea6ead0c374583e876c8357c9db6e98bc71476	2016-05-26T02:52:51Z
+github.com/juju/version	git	ef897ad7f130870348ce306f61332f5335355063	2015-11-27T20:34:00Z
 github.com/juju/xml	git	eb759a627588d35166bc505fceb51b88500e291e	2015-04-13T13:11:21Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
-gopkg.in/check.v1	git	b3d3430320d4260e5fea99841af984b3badcea63	2015-06-26T10:50:28Z
+gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
 gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
-gopkg.in/juju/charm.v6-unstable	git	a3d228ef5292531219d17d47679b260580fba1a8	2015-11-19T07:39:58Z
+gopkg.in/juju/charm.v6-unstable	git	503191ddf2590b15db9669c424660ed612d0a30a	2016-05-27T01:46:20Z
+gopkg.in/juju/names.v2	git	e38bc90539f22af61a9c656d35068bd5f0a5b30a	2016-05-25T23:07:23Z
 gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
-gopkg.in/yaml.v1	git	9f9df34309c04878acc86042b16630b0f696e1de	2014-09-24T16:16:07Z
-gopkg.in/yaml.v2	git	7ad95dd0798a40da1ccdff6dff35fd177b5edf40	2015-06-24T10:29:02Z
+gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
 launchpad.net/tomb	bzr	gustavo@niemeyer.net-20140529072043-hzcrlnl3ygvg914q	18
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-missing-placement.yaml juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-missing-placement.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-missing-placement.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-missing-placement.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
   mongodb:
     charm: "cs:precise/mongodb-21"
     num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-no-placement.yaml juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-no-placement.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-no-placement.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/charmworld-no-placement.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
   mongodb:
     charm: "cs:precise/mongodb-21"
     num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/charmworld.yaml juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/charmworld.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/charmworld.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/charmworld.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
   mongodb:
     charm: "cs:precise/mongodb-21"
     num_units: 1
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/kubernetes-bundle.yaml juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/kubernetes-bundle.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/kubernetes-bundle.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/kubernetes-bundle.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
   "kubernetes-master":
     charm: cs:~kubernetes/trusty/kubernetes-master-5
     annotations:
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/mediawiki-scalable.yaml juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/mediawiki-scalable.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/mediawiki-scalable.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/mediawiki-scalable.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -1,4 +1,4 @@
-services:
+applications:
   haproxy:
     charm: cs:precise/haproxy-35
     num_units: 1
@@ -23,7 +23,7 @@
       monitoring_username: haproxy
       nagios_context: juju
       package_status: install
-      services: "- service_name: haproxy_service\n  service_host: \"0.0.0.0\"\n  service_port:
+      applications: "- service_name: haproxy_service\n  service_host: \"0.0.0.0\"\n  service_port:
         80\n  service_options: [balance leastconn]\n  server_options: maxconn 100\n"
       sysctl: ""
     annotations:
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/openstack.yaml juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/openstack.yaml
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/examples/openstack.yaml	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/examples/openstack.yaml	2016-07-18 19:45:44.000000000 +0000
@@ -97,7 +97,7 @@
 - - ceilometer:shared-db
   - mongodb:database
 series: trusty
-services:
+applications:
   ceilometer:
     annotations:
       gui-x: '1288.8744298356794'
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/iconfetcher.go juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/iconfetcher.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/iconfetcher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/iconfetcher.go	2016-07-18 19:45:44.000000000 +0000
@@ -35,10 +35,10 @@
 
 	// Build the map of icons.
 	icons := make(map[string][]byte)
-	for _, serviceData := range b.Services {
-		charmId, err := charm.ParseURL(serviceData.Charm)
+	for _, applicationData := range b.Applications {
+		charmId, err := charm.ParseURL(applicationData.Charm)
 		if err != nil {
-			return nil, errgo.Notef(err, "cannot parse charm %q", serviceData.Charm)
+			return nil, errgo.Notef(err, "cannot parse charm %q", applicationData.Charm)
 		}
 		path := charmId.Path()
 
@@ -94,10 +94,10 @@
 	icons := make(map[string][]byte)
 	alreadyFetched := make(map[string]bool)
 	run := parallel.NewRun(concurrency)
-	for _, serviceData := range b.Services {
-		charmId, err := charm.ParseURL(serviceData.Charm)
+	for _, applicationData := range b.Applications {
+		charmId, err := charm.ParseURL(applicationData.Charm)
 		if err != nil {
-			return nil, errgo.Notef(err, "cannot parse charm %q", serviceData.Charm)
+			return nil, errgo.Notef(err, "cannot parse charm %q", applicationData.Charm)
 		}
 		path := charmId.Path()
 		if alreadyFetched[path] {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/iconfetcher_test.go juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/iconfetcher_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/iconfetcher_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/iconfetcher_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -62,7 +62,7 @@
 	err = b.Verify(nil, nil)
 	c.Assert(err, gc.IsNil)
 	// Only one copy of precise/mongodb-21
-	b.Services["duplicateService"] = &charm.ServiceSpec{
+	b.Applications["duplicateApplication"] = &charm.ApplicationSpec{
 		Charm:    "cs:precise/mongodb-21",
 		NumUnits: 1,
 	}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/jujusvg.go juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/jujusvg.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/jujusvg.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/jujusvg.go	2016-07-18 19:45:44.000000000 +0000
@@ -39,62 +39,62 @@
 	if err := b.Verify(nil, nil); err != nil {
 		return nil, errgo.Notef(err, "cannot verify bundle")
 	}
-	// Go through all services in alphabetical order so that
+	// Go through all applications in alphabetical order so that
 	// we get consistent results.
-	serviceNames := make([]string, 0, len(b.Services))
-	for name := range b.Services {
-		serviceNames = append(serviceNames, name)
-	}
-	sort.Strings(serviceNames)
-	services := make(map[string]*service)
-	servicesNeedingPlacement := make(map[string]bool)
-	for _, name := range serviceNames {
-		serviceData := b.Services[name]
-		x, xerr := strconv.ParseFloat(serviceData.Annotations["gui-x"], 64)
-		y, yerr := strconv.ParseFloat(serviceData.Annotations["gui-y"], 64)
+	applicationNames := make([]string, 0, len(b.Applications))
+	for name := range b.Applications {
+		applicationNames = append(applicationNames, name)
+	}
+	sort.Strings(applicationNames)
+	applications := make(map[string]*application)
+	applicationsNeedingPlacement := make(map[string]bool)
+	for _, name := range applicationNames {
+		applicationData := b.Applications[name]
+		x, xerr := strconv.ParseFloat(applicationData.Annotations["gui-x"], 64)
+		y, yerr := strconv.ParseFloat(applicationData.Annotations["gui-y"], 64)
 		if xerr != nil || yerr != nil {
-			if serviceData.Annotations["gui-x"] == "" && serviceData.Annotations["gui-y"] == "" {
-				servicesNeedingPlacement[name] = true
+			if applicationData.Annotations["gui-x"] == "" && applicationData.Annotations["gui-y"] == "" {
+				applicationsNeedingPlacement[name] = true
 				x = 0
 				y = 0
 			} else {
-				return nil, errgo.Newf("service %q does not have a valid position", name)
+				return nil, errgo.Newf("application %q does not have a valid position", name)
 			}
 		}
-		charmID, err := charm.ParseURL(serviceData.Charm)
+		charmID, err := charm.ParseURL(applicationData.Charm)
 		if err != nil {
 			// cannot actually happen, as we've verified it.
-			return nil, errgo.Notef(err, "cannot parse charm %q", serviceData.Charm)
+			return nil, errgo.Notef(err, "cannot parse charm %q", applicationData.Charm)
 		}
 		icon := iconMap[charmID.Path()]
-		svc := &service{
+		svc := &application{
 			name:      name,
 			charmPath: charmID.Path(),
 			point:     image.Point{int(x), int(y)},
 			iconUrl:   iconURL(charmID),
 			iconSrc:   icon,
 		}
-		services[name] = svc
+		applications[name] = svc
 	}
-	padding := image.Point{int(math.Floor(serviceBlockSize * 1.5)), int(math.Floor(serviceBlockSize * 0.5))}
-	for name := range servicesNeedingPlacement {
+	padding := image.Point{int(math.Floor(applicationBlockSize * 1.5)), int(math.Floor(applicationBlockSize * 0.5))}
+	for name := range applicationsNeedingPlacement {
 		vertices := []image.Point{}
-		for n, svc := range services {
-			if !servicesNeedingPlacement[n] {
+		for n, svc := range applications {
+			if !applicationsNeedingPlacement[n] {
 				vertices = append(vertices, svc.point)
 			}
 		}
-		services[name].point = getPointOutside(vertices, padding)
-		servicesNeedingPlacement[name] = false
+		applications[name].point = getPointOutside(vertices, padding)
+		applicationsNeedingPlacement[name] = false
 	}
-	for _, name := range serviceNames {
-		canvas.addService(services[name])
+	for _, name := range applicationNames {
+		canvas.addApplication(applications[name])
 	}
 	for _, relation := range b.Relations {
-		canvas.addRelation(&serviceRelation{
-			name:     fmt.Sprintf("%s %s", relation[0], relation[1]),
-			serviceA: services[strings.Split(relation[0], ":")[0]],
-			serviceB: services[strings.Split(relation[1], ":")[0]],
+		canvas.addRelation(&applicationRelation{
+			name:         fmt.Sprintf("%s %s", relation[0], relation[1]),
+			applicationA: applications[strings.Split(relation[0], ":")[0]],
+			applicationB: applications[strings.Split(relation[1], ":")[0]],
 		})
 	}
 	return &canvas, nil
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/jujusvg_test.go juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/jujusvg_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/jujusvg.v1/jujusvg_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/jujusvg.v1/jujusvg_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,8 +10,6 @@
 
 	gc "gopkg.in/check.v1"
 	"gopkg.in/juju/charm.v6-unstable"
-
-	"gopkg.in/juju/jujusvg.v1/assets"
 )
 
 func Test(t *testing.T) { gc.TestingT(t) }
@@ -21,7 +19,7 @@
 var _ = gc.Suite(&newSuite{})
 
 var bundle = `
-services:
+applications:
   mongodb:
     charm: "cs:precise/mongodb-21"
     num_units: 1
@@ -91,7 +89,9 @@
      xmlns="http://www.w3.org/2000/svg"
      xmlns:xlink="http://www.w3.org/1999/xlink">
 <defs>
-<g id="healthCircle" transform="scale(1.1)" >`+assets.RelationIconHealthy+`
+<g id="healthCircle" transform="scale(1.1)" >
+
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16.000017 16.000017"><g transform="translate(-952 -156.362)"><path color="#000" overflow="visible" fill="none" d="M952 156.362h16v16h-16z"/><circle r="7.25" cy="164.362" cx="960" color="#000" overflow="visible" fill="#a7a7a7" stroke="#a7a7a7" stroke-width="1.5" stroke-dashoffset=".8"/><path style="line-height:125%;-inkscape-font-specification:Ubuntu;text-align:center" d="M963.8 161.286l-.066.057L959 165.49l-2.776-2.38-.84.948 3.616 3.804 5.5-5.787-.7-.79z" font-size="15" font-family="Ubuntu" letter-spacing="0" word-spacing="0" text-anchor="middle" fill="#fff"/></g></svg>
 </g>
 <svg:svg xmlns:svg="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="icon-1">
 &#x9;&#x9;&#x9;&#x9;&#x9;<svg:image width="96" height="96" xlink:href="http://0.1.2.3/~juju-jitsu/precise/charmworld-58.svg"></svg:image>
@@ -100,15 +100,18 @@
 &#x9;&#x9;&#x9;&#x9;</svg:svg><svg:svg xmlns:svg="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="icon-3">
 &#x9;&#x9;&#x9;&#x9;&#x9;<svg:image width="96" height="96" xlink:href="http://0.1.2.3/precise/mongodb-21.svg"></svg:image>
 &#x9;&#x9;&#x9;&#x9;</svg:svg></defs>
+<circle cx="47" cy="49" r="45" id="application-icon-mask" fill="none" />
+<clipPath id="clip-mask" ><use x="0" y="0" xlink:href="#application-icon-mask" />
+</clipPath>
 <g id="relations">
-<g>
+<g >
 <title>charmworld:essearch elasticsearch:essearch</title>
 <line x1="413" y1="90" x2="90" y2="347" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="198.38, 16" />
 <use x="243" y="210" xlink:href="#healthCircle" />
 <circle cx="342" cy="146" r="4" fill="#a7a7a7" />
 <circle cx="160" cy="290" r="4" fill="#a7a7a7" />
 </g>
-<g>
+<g >
 <title>charmworld:database mongodb:database</title>
 <line x1="413" y1="90" x2="540" y2="366" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="143.91, 16" />
 <use x="468" y="220" xlink:href="#healthCircle" />
@@ -116,34 +119,25 @@
 <circle cx="502" cy="284" r="4" fill="#a7a7a7" />
 </g>
 </g>
-<g id="services">
+<g id="applications">
 <g transform="translate(323,0)" >
 <title>charmworld</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-charmworld" fill="none" />
-<clipPath id="clip-charmworld" ><use x="0" y="0" xlink:href="#service-icon-mask-charmworld" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-charmworld)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >charmworld</text>
 </g>
 <g transform="translate(0,257)" >
 <title>elasticsearch</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-elasticsearch" fill="none" />
-<clipPath id="clip-elasticsearch" ><use x="0" y="0" xlink:href="#service-icon-mask-elasticsearch" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-2" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-elasticsearch)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-2" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >elasticsearch</text>
 </g>
 <g transform="translate(450,276)" >
 <title>mongodb</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-mongodb" fill="none" />
-<clipPath id="clip-mongodb" ><use x="0" y="0" xlink:href="#service-icon-mask-mongodb" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-3" transform="translate(42,42)"  width="96" height="96" clip-path="url(#clip-mongodb)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-3" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >mongodb</text>
 </g>
@@ -152,13 +146,13 @@
 `))
 }
 
-func (s *newSuite) TestNewFromBundleWithUnplacedService(c *gc.C) {
+func (s *newSuite) TestNewFromBundleWithUnplacedApplication(c *gc.C) {
 	b, err := charm.ReadBundleData(strings.NewReader(bundle))
 	c.Assert(err, gc.IsNil)
 	err = b.Verify(nil, nil)
 	c.Assert(err, gc.IsNil)
-	b.Services["charmworld"].Annotations["gui-x"] = ""
-	b.Services["charmworld"].Annotations["gui-y"] = ""
+	b.Applications["charmworld"].Annotations["gui-x"] = ""
+	b.Applications["charmworld"].Annotations["gui-y"] = ""
 
 	cvs, err := NewFromBundle(b, iconURL, nil)
 	c.Assert(err, gc.IsNil)
@@ -170,11 +164,13 @@
 <?xml version="1.0"?>
 <!-- Generated by SVGo -->
 <svg width="901" height="290"
-	 style="font-family:Ubuntu, sans-serif;" viewBox="0 0 901 290"
-	 xmlns="http://www.w3.org/2000/svg"
-	 xmlns:xlink="http://www.w3.org/1999/xlink">
+     style="font-family:Ubuntu, sans-serif;" viewBox="0 0 901 290"
+     xmlns="http://www.w3.org/2000/svg"
+     xmlns:xlink="http://www.w3.org/1999/xlink">
 <defs>
-<g id="healthCircle" transform="scale(1.1)" >`+assets.RelationIconHealthy+`
+<g id="healthCircle" transform="scale(1.1)" >
+
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16.000017 16.000017"><g transform="translate(-952 -156.362)"><path color="#000" overflow="visible" fill="none" d="M952 156.362h16v16h-16z"/><circle r="7.25" cy="164.362" cx="960" color="#000" overflow="visible" fill="#a7a7a7" stroke="#a7a7a7" stroke-width="1.5" stroke-dashoffset=".8"/><path style="line-height:125%;-inkscape-font-specification:Ubuntu;text-align:center" d="M963.8 161.286l-.066.057L959 165.49l-2.776-2.38-.84.948 3.616 3.804 5.5-5.787-.7-.79z" font-size="15" font-family="Ubuntu" letter-spacing="0" word-spacing="0" text-anchor="middle" fill="#fff"/></g></svg>
 </g>
 <svg:svg xmlns:svg="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="icon-1">
 &#x9;&#x9;&#x9;&#x9;&#x9;<svg:image width="96" height="96" xlink:href="http://0.1.2.3/~juju-jitsu/precise/charmworld-58.svg"></svg:image>
@@ -183,15 +179,18 @@
 &#x9;&#x9;&#x9;&#x9;</svg:svg><svg:svg xmlns:svg="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="icon-3">
 &#x9;&#x9;&#x9;&#x9;&#x9;<svg:image width="96" height="96" xlink:href="http://0.1.2.3/precise/mongodb-21.svg"></svg:image>
 &#x9;&#x9;&#x9;&#x9;</svg:svg></defs>
+<circle cx="47" cy="49" r="45" id="application-icon-mask" fill="none" />
+<clipPath id="clip-mask" ><use x="0" y="0" xlink:href="#application-icon-mask" />
+</clipPath>
 <g id="relations">
-<g>
+<g >
 <title>charmworld:essearch elasticsearch:essearch</title>
 <line x1="810" y1="199" x2="90" y2="90" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="356.10, 16" />
 <use x="442" y="136" xlink:href="#healthCircle" />
 <circle cx="721" cy="185" r="4" fill="#a7a7a7" />
 <circle cx="178" cy="103" r="4" fill="#a7a7a7" />
 </g>
-<g>
+<g >
 <title>charmworld:database mongodb:database</title>
 <line x1="810" y1="199" x2="540" y2="109" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="134.30, 16" />
 <use x="667" y="146" xlink:href="#healthCircle" />
@@ -199,34 +198,25 @@
 <circle cx="625" cy="137" r="4" fill="#a7a7a7" />
 </g>
 </g>
-<g id="services">
+<g id="applications">
 <g transform="translate(720,109)" >
 <title>charmworld</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-charmworld" fill="none" />
-<clipPath id="clip-charmworld" ><use x="0" y="0" xlink:href="#service-icon-mask-charmworld" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-charmworld)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >charmworld</text>
 </g>
 <g transform="translate(0,0)" >
 <title>elasticsearch</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-elasticsearch" fill="none" />
-<clipPath id="clip-elasticsearch" ><use x="0" y="0" xlink:href="#service-icon-mask-elasticsearch" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-2" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-elasticsearch)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-2" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >elasticsearch</text>
 </g>
 <g transform="translate(450,19)" >
 <title>mongodb</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-mongodb" fill="none" />
-<clipPath id="clip-mongodb" ><use x="0" y="0" xlink:href="#service-icon-mask-mongodb" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-3" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mongodb)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-3" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >mongodb</text>
 </g>
@@ -255,18 +245,23 @@
      xmlns="http://www.w3.org/2000/svg"
      xmlns:xlink="http://www.w3.org/1999/xlink">
 <defs>
-<g id="healthCircle" transform="scale(1.1)" >`+assets.RelationIconHealthy+`
+<g id="healthCircle" transform="scale(1.1)" >
+
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16.000017 16.000017"><g transform="translate(-952 -156.362)"><path color="#000" overflow="visible" fill="none" d="M952 156.362h16v16h-16z"/><circle r="7.25" cy="164.362" cx="960" color="#000" overflow="visible" fill="#a7a7a7" stroke="#a7a7a7" stroke-width="1.5" stroke-dashoffset=".8"/><path style="line-height:125%;-inkscape-font-specification:Ubuntu;text-align:center" d="M963.8 161.286l-.066.057L959 165.49l-2.776-2.38-.84.948 3.616 3.804 5.5-5.787-.7-.79z" font-size="15" font-family="Ubuntu" letter-spacing="0" word-spacing="0" text-anchor="middle" fill="#fff"/></g></svg>
 </g>
 </defs>
+<circle cx="47" cy="49" r="45" id="application-icon-mask" fill="none" />
+<clipPath id="clip-mask" ><use x="0" y="0" xlink:href="#application-icon-mask" />
+</clipPath>
 <g id="relations">
-<g>
+<g >
 <title>charmworld:essearch elasticsearch:essearch</title>
 <line x1="413" y1="90" x2="90" y2="347" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="198.38, 16" />
 <use x="243" y="210" xlink:href="#healthCircle" />
 <circle cx="342" cy="146" r="4" fill="#a7a7a7" />
 <circle cx="160" cy="290" r="4" fill="#a7a7a7" />
 </g>
-<g>
+<g >
 <title>charmworld:database mongodb:database</title>
 <line x1="413" y1="90" x2="540" y2="366" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="143.91, 16" />
 <use x="468" y="220" xlink:href="#healthCircle" />
@@ -274,34 +269,25 @@
 <circle cx="502" cy="284" r="4" fill="#a7a7a7" />
 </g>
 </g>
-<g id="services">
+<g id="applications">
 <g transform="translate(323,0)" >
 <title>charmworld</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-charmworld" fill="none" />
-<clipPath id="clip-charmworld" ><use x="0" y="0" xlink:href="#service-icon-mask-charmworld" />
-</clipPath>
-<image x="42" y="42" width="96" height="96" xlink:href="http://0.1.2.3/~juju-jitsu/precise/charmworld-58.svg" clip-path="url(#clip-charmworld)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<image x="42" y="42" width="96" height="96" xlink:href="http://0.1.2.3/~juju-jitsu/precise/charmworld-58.svg" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >charmworld</text>
 </g>
 <g transform="translate(0,257)" >
 <title>elasticsearch</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-elasticsearch" fill="none" />
-<clipPath id="clip-elasticsearch" ><use x="0" y="0" xlink:href="#service-icon-mask-elasticsearch" />
-</clipPath>
-<image x="42" y="42" width="96" height="96" xlink:href="http://0.1.2.3/~charming-devs/precise/elasticsearch-2.svg" clip-path="url(#clip-elasticsearch)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<image x="42" y="42" width="96" height="96" xlink:href="http://0.1.2.3/~charming-devs/precise/elasticsearch-2.svg" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >elasticsearch</text>
 </g>
 <g transform="translate(450,276)" >
 <title>mongodb</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-mongodb" fill="none" />
-<clipPath id="clip-mongodb" ><use x="0" y="0" xlink:href="#service-icon-mask-mongodb" />
-</clipPath>
-<image x="42" y="42" width="96" height="96" xlink:href="http://0.1.2.3/precise/mongodb-21.svg" clip-path="url(#clip-mongodb)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<image x="42" y="42" width="96" height="96" xlink:href="http://0.1.2.3/precise/mongodb-21.svg" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >mongodb</text>
 </g>
@@ -339,18 +325,23 @@
      xmlns="http://www.w3.org/2000/svg"
      xmlns:xlink="http://www.w3.org/1999/xlink">
 <defs>
-<g id="healthCircle" transform="scale(1.1)" >`+assets.RelationIconHealthy+`
+<g id="healthCircle" transform="scale(1.1)" >
+
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16.000017 16.000017"><g transform="translate(-952 -156.362)"><path color="#000" overflow="visible" fill="none" d="M952 156.362h16v16h-16z"/><circle r="7.25" cy="164.362" cx="960" color="#000" overflow="visible" fill="#a7a7a7" stroke="#a7a7a7" stroke-width="1.5" stroke-dashoffset=".8"/><path style="line-height:125%;-inkscape-font-specification:Ubuntu;text-align:center" d="M963.8 161.286l-.066.057L959 165.49l-2.776-2.38-.84.948 3.616 3.804 5.5-5.787-.7-.79z" font-size="15" font-family="Ubuntu" letter-spacing="0" word-spacing="0" text-anchor="middle" fill="#fff"/></g></svg>
 </g>
 <svg:svg xmlns:svg="http://www.w3.org/2000/svg" id="icon-1"></svg:svg><svg:svg xmlns:svg="http://www.w3.org/2000/svg" id="icon-2"></svg:svg><svg:svg xmlns:svg="http://www.w3.org/2000/svg" id="icon-3"></svg:svg></defs>
+<circle cx="47" cy="49" r="45" id="application-icon-mask" fill="none" />
+<clipPath id="clip-mask" ><use x="0" y="0" xlink:href="#application-icon-mask" />
+</clipPath>
 <g id="relations">
-<g>
+<g >
 <title>charmworld:essearch elasticsearch:essearch</title>
 <line x1="413" y1="90" x2="90" y2="347" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="198.38, 16" />
 <use x="243" y="210" xlink:href="#healthCircle" />
 <circle cx="342" cy="146" r="4" fill="#a7a7a7" />
 <circle cx="160" cy="290" r="4" fill="#a7a7a7" />
 </g>
-<g>
+<g >
 <title>charmworld:database mongodb:database</title>
 <line x1="413" y1="90" x2="540" y2="366" stroke="#a7a7a7" stroke-width="1px" stroke-dasharray="143.91, 16" />
 <use x="468" y="220" xlink:href="#healthCircle" />
@@ -358,34 +349,25 @@
 <circle cx="502" cy="284" r="4" fill="#a7a7a7" />
 </g>
 </g>
-<g id="services">
+<g id="applications">
 <g transform="translate(323,0)" >
 <title>charmworld</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-charmworld" fill="none" />
-<clipPath id="clip-charmworld" ><use x="0" y="0" xlink:href="#service-icon-mask-charmworld" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-charmworld)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-1" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >charmworld</text>
 </g>
 <g transform="translate(0,257)" >
 <title>elasticsearch</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-elasticsearch" fill="none" />
-<clipPath id="clip-elasticsearch" ><use x="0" y="0" xlink:href="#service-icon-mask-elasticsearch" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-2" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-elasticsearch)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-2" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >elasticsearch</text>
 </g>
 <g transform="translate(450,276)" >
 <title>mongodb</title>
-<circle cx="90" cy="90" r="90" class="service-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
-<circle cx="47" cy="49" r="45" id="service-icon-mask-mongodb" fill="none" />
-<clipPath id="clip-mongodb" ><use x="0" y="0" xlink:href="#service-icon-mask-mongodb" />
-</clipPath>
-<use x="0" y="0" xlink:href="#icon-3" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mongodb)" />
+<circle cx="90" cy="90" r="90" class="application-block" fill="#f5f5f5" stroke="#888" stroke-width="1" />
+<use x="0" y="0" xlink:href="#icon-3" transform="translate(42,42)" width="96" height="96" clip-path="url(#clip-mask)" />
 <rect x="0" y="135" width="180" height="32" rx="2" ry="2" fill="rgba(220, 220, 220, 0.8)" />
 <text x="90" y="157" text-anchor="middle" style="font-weight:200" >mongodb</text>
 </g>
@@ -409,7 +391,7 @@
 func (s *newSuite) TestWithBadBundle(c *gc.C) {
 	b, err := charm.ReadBundleData(strings.NewReader(bundle))
 	c.Assert(err, gc.IsNil)
-	b.Relations[0][0] = "evil-unknown-service"
+	b.Relations[0][0] = "evil-unknown-application"
 	cvs, err := NewFromBundle(b, iconURL, nil)
 	c.Assert(err, gc.ErrorMatches, "cannot verify bundle: .*")
 	c.Assert(cvs, gc.IsNil)
@@ -419,16 +401,16 @@
 	b, err := charm.ReadBundleData(strings.NewReader(bundle))
 	c.Assert(err, gc.IsNil)
 
-	b.Services["charmworld"].Annotations["gui-x"] = "bad"
+	b.Applications["charmworld"].Annotations["gui-x"] = "bad"
 	cvs, err := NewFromBundle(b, iconURL, nil)
-	c.Assert(err, gc.ErrorMatches, `service "charmworld" does not have a valid position`)
+	c.Assert(err, gc.ErrorMatches, `application "charmworld" does not have a valid position`)
 	c.Assert(cvs, gc.IsNil)
 
 	b, err = charm.ReadBundleData(strings.NewReader(bundle))
 	c.Assert(err, gc.IsNil)
 
-	b.Services["charmworld"].Annotations["gui-y"] = "bad"
+	b.Applications["charmworld"].Annotations["gui-y"] = "bad"
 	cvs, err = NewFromBundle(b, iconURL, nil)
-	c.Assert(err, gc.ErrorMatches, `service "charmworld" does not have a valid position`)
+	c.Assert(err, gc.ErrorMatches, `application "charmworld" does not have a valid position`)
 	c.Assert(cvs, gc.IsNil)
 }
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/action.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/action.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/action.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/action.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+
+	"github.com/juju/errors"
+	"github.com/juju/utils"
+)
+
+const ActionTagKind = "action"
+
+type ActionTag struct {
+	// Tags that are serialized need to have fields exported.
+	ID utils.UUID
+}
+
+// NewActionTag returns the tag of an action with the given id (UUID).
+func NewActionTag(id string) ActionTag {
+	uuid, err := utils.UUIDFromString(id)
+	if err != nil {
+		panic(err)
+	}
+	return ActionTag{ID: uuid}
+}
+
+// ParseActionTag parses an action tag string.
+func ParseActionTag(actionTag string) (ActionTag, error) {
+	tag, err := ParseTag(actionTag)
+	if err != nil {
+		return ActionTag{}, err
+	}
+	at, ok := tag.(ActionTag)
+	if !ok {
+		return ActionTag{}, invalidTagError(actionTag, ActionTagKind)
+	}
+	return at, nil
+}
+
+func (t ActionTag) String() string { return t.Kind() + "-" + t.Id() }
+func (t ActionTag) Kind() string   { return ActionTagKind }
+func (t ActionTag) Id() string     { return t.ID.String() }
+
+// IsValidAction returns whether id is a valid action id (UUID).
+func IsValidAction(id string) bool {
+	return utils.IsValidUUIDString(id)
+}
+
+// ActionReceiverTag returns an ActionReceiver Tag from a
+// machine or unit name.
+func ActionReceiverTag(name string) (Tag, error) {
+	if IsValidUnit(name) {
+		return NewUnitTag(name), nil
+	}
+	if IsValidApplication(name) {
+		// TODO(jcw4) enable when leader elections complete
+		//return NewApplicationTag(name), nil
+	}
+	if IsValidMachine(name) {
+		return NewMachineTag(name), nil
+	}
+	return nil, fmt.Errorf("invalid actionreceiver name %q", name)
+}
+
+// ActionReceiverFrom Tag returns an ActionReceiver tag from
+// a machine or unit tag.
+func ActionReceiverFromTag(tag string) (Tag, error) {
+	unitTag, err := ParseUnitTag(tag)
+	if err == nil {
+		return unitTag, nil
+	}
+	machineTag, err := ParseMachineTag(tag)
+	if err == nil {
+		return machineTag, nil
+	}
+	return nil, errors.Errorf("invalid actionreceiver tag %q", tag)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/action_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/action_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/action_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/action_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,88 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	jc "github.com/juju/testing/checkers"
+	"gopkg.in/juju/names.v2"
+)
+
+type actionSuite struct{}
+
+var _ = gc.Suite(&actionSuite{})
+
+var parseActionTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{
+	{tag: "", err: names.InvalidTagError("", "")},
+	{tag: "action-f47ac10b-58cc-4372-a567-0e02b2c3d479", expected: names.NewActionTag("f47ac10b-58cc-4372-a567-0e02b2c3d479")},
+	{tag: "action-012345678", err: names.InvalidTagError("action-012345678", "action")},
+	{tag: "action-1234567", err: names.InvalidTagError("action-1234567", "action")},
+	{tag: "bob", err: names.InvalidTagError("bob", "")},
+	{tag: "application-ned", err: names.InvalidTagError("application-ned", names.ActionTagKind)}}
+
+func (s *actionSuite) TestParseActionTag(c *gc.C) {
+	for i, t := range parseActionTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseActionTag(t.tag)
+		if t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(err, jc.ErrorIsNil)
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
+
+func (s *actionSuite) TestActionReceiverTag(c *gc.C) {
+	testCases := []struct {
+		name     string
+		expected names.Tag
+		err      string
+	}{
+		{name: "mysql", err: `invalid actionreceiver name "mysql"`},
+		{name: "mysql/3", expected: names.NewUnitTag("mysql/3")},
+		{name: "3", expected: names.NewMachineTag("3")},
+	}
+
+	for _, tcase := range testCases {
+		tag, err := names.ActionReceiverTag(tcase.name)
+		if tcase.err != "" {
+			c.Check(err, gc.ErrorMatches, tcase.err)
+			c.Check(tag, gc.IsNil)
+			continue
+		}
+		c.Check(err, jc.ErrorIsNil)
+		c.Check(tag, gc.FitsTypeOf, tcase.expected)
+		c.Check(tag, gc.Equals, tcase.expected)
+	}
+
+}
+
+func (s *actionSuite) TestActionReceiverFromTag(c *gc.C) {
+	for i, test := range []struct {
+		name     string
+		expected names.Tag
+		err      string
+	}{
+		{name: "rambleon", err: `invalid actionreceiver tag "rambleon"`},
+		{name: "unit-mysql-2", expected: names.NewUnitTag("mysql/2")},
+		{name: "machine-13", expected: names.NewMachineTag("13")},
+	} {
+		c.Logf("test %d", i)
+		tag, err := names.ActionReceiverFromTag(test.name)
+		if test.err != "" {
+			c.Check(err, gc.ErrorMatches, test.err)
+			c.Check(tag, gc.IsNil)
+			continue
+		}
+		c.Check(tag, gc.Equals, test.expected)
+		c.Check(err, jc.ErrorIsNil)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/application.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/application.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/application.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/application.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,48 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"regexp"
+)
+
+const ApplicationTagKind = "application"
+
+const (
+	ApplicationSnippet = "(?:[a-z][a-z0-9]*(?:-[a-z0-9]*[a-z][a-z0-9]*)*)"
+	NumberSnippet      = "(?:0|[1-9][0-9]*)"
+)
+
+var validApplication = regexp.MustCompile("^" + ApplicationSnippet + "$")
+
+// IsValidApplication returns whether name is a valid application name.
+func IsValidApplication(name string) bool {
+	return validApplication.MatchString(name)
+}
+
+type ApplicationTag struct {
+	Name string
+}
+
+func (t ApplicationTag) String() string { return t.Kind() + "-" + t.Id() }
+func (t ApplicationTag) Kind() string   { return ApplicationTagKind }
+func (t ApplicationTag) Id() string     { return t.Name }
+
+// NewApplicationTag returns the tag for the application with the given name.
+func NewApplicationTag(applicationName string) ApplicationTag {
+	return ApplicationTag{Name: applicationName}
+}
+
+// ParseApplicationTag parses a application tag string.
+func ParseApplicationTag(applicationTag string) (ApplicationTag, error) {
+	tag, err := ParseTag(applicationTag)
+	if err != nil {
+		return ApplicationTag{}, err
+	}
+	st, ok := tag.(ApplicationTag)
+	if !ok {
+		return ApplicationTag{}, invalidTagError(applicationTag, ApplicationTagKind)
+	}
+	return st, nil
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/application_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/application_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/application_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/application_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,89 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type applicationSuite struct{}
+
+var _ = gc.Suite(&applicationSuite{})
+
+var applicationNameTests = []struct {
+	pattern string
+	valid   bool
+}{
+	{pattern: "", valid: false},
+	{pattern: "wordpress", valid: true},
+	{pattern: "foo42", valid: true},
+	{pattern: "doing55in54", valid: true},
+	{pattern: "%not", valid: false},
+	{pattern: "42also-not", valid: false},
+	{pattern: "but-this-works", valid: true},
+	{pattern: "so-42-far-not-good", valid: false},
+	{pattern: "foo/42", valid: false},
+	{pattern: "is-it-", valid: false},
+	{pattern: "broken2-", valid: false},
+	{pattern: "foo2", valid: true},
+	{pattern: "foo-2", valid: false},
+}
+
+func (s *applicationSuite) TestApplicationNameFormats(c *gc.C) {
+	assertApplication := func(s string, expect bool) {
+		c.Assert(names.IsValidApplication(s), gc.Equals, expect)
+		// Check that anything that is considered a valid application name
+		// is also (in)valid if a(n) (in)valid unit designator is added
+		// to it.
+		c.Assert(names.IsValidUnit(s+"/0"), gc.Equals, expect)
+		c.Assert(names.IsValidUnit(s+"/99"), gc.Equals, expect)
+		c.Assert(names.IsValidUnit(s+"/-1"), gc.Equals, false)
+		c.Assert(names.IsValidUnit(s+"/blah"), gc.Equals, false)
+		c.Assert(names.IsValidUnit(s+"/"), gc.Equals, false)
+	}
+
+	for i, test := range applicationNameTests {
+		c.Logf("test %d: %q", i, test.pattern)
+		assertApplication(test.pattern, test.valid)
+	}
+}
+
+var parseApplicationTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "application-dave",
+	expected: names.NewApplicationTag("dave"),
+}, {
+	tag: "dave",
+	err: names.InvalidTagError("dave", ""),
+}, {
+	tag: "application-dave/0",
+	err: names.InvalidTagError("application-dave/0", names.ApplicationTagKind),
+}, {
+	tag: "application",
+	err: names.InvalidTagError("application", ""),
+}, {
+	tag: "user-dave",
+	err: names.InvalidTagError("user-dave", names.ApplicationTagKind),
+}}
+
+func (s *applicationSuite) TestParseApplicationTag(c *gc.C) {
+	for i, t := range parseApplicationTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseApplicationTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/charm.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/charm.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/charm.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/charm.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,88 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+)
+
+// CharmTagKind specifies charm tag kind
+const CharmTagKind = "charm"
+
+// Valid charm url is of the form
+// schema:~user/series/name-revision
+// where
+//     schema    is optional and can be either "local" or "cs".
+//               When not supplied, "cs" is implied.
+//     user      is optional and is only applicable for "cs" schema
+//     series    is optional and is a valid series name
+//     name      is mandatory and is the name of the charm
+//     revision  is optional and can be -1 if revision is unset
+
+var (
+	// SeriesSnippet is a regular expression representing series
+	SeriesSnippet = "[a-z]+([a-z0-9]+)?"
+
+	// CharmNameSnippet is a regular expression representing charm name
+	CharmNameSnippet = "[a-z][a-z0-9]*(-[a-z0-9]*[a-z][a-z0-9]*)*"
+
+	localSchemaSnippet      = "local:"
+	charmStoreSchemaSnippet = "cs:(~" + validUserPart + "/)?"
+	revisionSnippet         = "(-1|0|[1-9][0-9]*)"
+
+	validCharmRegEx = regexp.MustCompile("^(" +
+		localSchemaSnippet + "|" +
+		charmStoreSchemaSnippet + ")?(" +
+		SeriesSnippet + "/)?" +
+		CharmNameSnippet + "(-" +
+		revisionSnippet + ")?$")
+)
+
+// CharmTag represents tag for charm
+// using charm's URL
+type CharmTag struct {
+	url string
+}
+
+// String satisfies Tag interface.
+// Produces string representation of charm tag.
+func (t CharmTag) String() string { return t.Kind() + "-" + t.Id() }
+
+// Kind satisfies Tag interface.
+// Returns Charm tag kind.
+func (t CharmTag) Kind() string { return CharmTagKind }
+
+// Id satisfies Tag interface.
+// Returns charm URL.
+func (t CharmTag) Id() string { return t.url }
+
+// NewCharmTag returns the tag for the charm with the given url.
+// It will panic if the given charm url is not valid.
+func NewCharmTag(charmURL string) CharmTag {
+	if !IsValidCharm(charmURL) {
+		panic(fmt.Sprintf("%q is not a valid charm name", charmURL))
+	}
+	return CharmTag{url: charmURL}
+}
+
+var emptyTag = CharmTag{}
+
+// ParseCharmTag parses a charm tag string.
+func ParseCharmTag(charmTag string) (CharmTag, error) {
+	tag, err := ParseTag(charmTag)
+	if err != nil {
+		return emptyTag, err
+	}
+	ct, ok := tag.(CharmTag)
+	if !ok {
+		return emptyTag, invalidTagError(charmTag, CharmTagKind)
+	}
+	return ct, nil
+}
+
+// IsValidCharm returns whether name is a valid charm url.
+func IsValidCharm(url string) bool {
+	return validCharmRegEx.MatchString(url)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/charm_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/charm_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/charm_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/charm_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,94 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"fmt"
+
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type charmSuite struct{}
+
+var _ = gc.Suite(&charmSuite{})
+
+var validCharmURLs = []string{"charm",
+	"local:charm",
+	"local:charm--1",
+	"local:charm-1",
+	"local:series/charm",
+	"local:series/charm-3",
+	"local:series/charm-0",
+	"cs:~user/charm",
+	"cs:~user/charm-1",
+	"cs:~user/series/charm",
+	"cs:~user/series/charm-1",
+	"cs:series/charm",
+	"cs:series/charm-3",
+	"cs:series/charm-0",
+	"cs:charm",
+	"cs:charm--1",
+	"cs:charm-1",
+	"charm",
+	"charm-1",
+	"series/charm",
+	"series/charm-1",
+}
+
+func (s *charmSuite) TestValidCharmURLs(c *gc.C) {
+	for _, url := range validCharmURLs {
+		c.Logf("Processing tag %q", url)
+		c.Assert(names.IsValidCharm(url), jc.IsTrue)
+	}
+}
+
+func (s *charmSuite) TestInvalidCharmURLs(c *gc.C) {
+	invalidURLs := []string{"",
+		"local:~user/charm",          // false: user on local
+		"local:~user/series/charm",   // false: user on local
+		"local:~user/series/charm-1", // false: user on local
+		"local:charm--2",             // false: only -1 is a valid negative revision
+		"blah:charm-2",               // false: invalid schema
+		"local:series/charm-01",      // false: revision is funny
+	}
+	for _, url := range invalidURLs {
+		c.Logf("Processing tag %q", url)
+		c.Assert(names.IsValidCharm(url), jc.IsFalse)
+	}
+}
+
+func (s *charmSuite) TestParseCharmTagValid(c *gc.C) {
+	for _, tag := range validCharmURLs {
+		c.Logf("Processing tag %q", tag)
+		s.assertParseCharmTagValid(c, fmt.Sprintf("charm-%v", tag), names.NewCharmTag(tag))
+	}
+}
+
+func (s *charmSuite) TestParseCharmTagInvalid(c *gc.C) {
+	invalidTags := []string{"",
+		"blah",
+		"charm-blah/0",
+		"charm",
+		"user-blah",
+	}
+	for _, aTag := range invalidTags {
+		c.Logf("Processing tag %q", aTag)
+		s.assertParseCharmTagInvalid(c, aTag)
+	}
+}
+
+func (s *charmSuite) assertParseCharmTagValid(c *gc.C, tag string, expected names.Tag) {
+	got, err := names.ParseCharmTag(tag)
+	c.Assert(err, jc.ErrorIsNil)
+	c.Check(got, gc.FitsTypeOf, expected)
+	c.Check(got, gc.Equals, expected)
+}
+
+func (s *charmSuite) assertParseCharmTagInvalid(c *gc.C, tag string) {
+	_, err := names.ParseCharmTag(tag)
+	c.Check(err, gc.ErrorMatches, fmt.Sprintf(".*%q is not a valid.*", tag))
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/cloud.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/cloud.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/cloud.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/cloud.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,51 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+)
+
+const CloudTagKind = "cloud"
+
+var (
+	cloudSnippet = "[a-zA-Z0-9][a-zA-Z0-9.-]*"
+	validCloud   = regexp.MustCompile("^" + cloudSnippet + "$")
+)
+
+type CloudTag struct {
+	id string
+}
+
+func (t CloudTag) String() string { return t.Kind() + "-" + t.id }
+func (t CloudTag) Kind() string   { return CloudTagKind }
+func (t CloudTag) Id() string     { return t.id }
+
+// NewCloudTag returns the tag for the cloud with the given ID.
+// It will panic if the given cloud ID is not valid.
+func NewCloudTag(id string) CloudTag {
+	if !IsValidCloud(id) {
+		panic(fmt.Sprintf("%q is not a valid cloud ID", id))
+	}
+	return CloudTag{id}
+}
+
+// ParseCloudTag parses a cloud tag string.
+func ParseCloudTag(cloudTag string) (CloudTag, error) {
+	tag, err := ParseTag(cloudTag)
+	if err != nil {
+		return CloudTag{}, err
+	}
+	dt, ok := tag.(CloudTag)
+	if !ok {
+		return CloudTag{}, invalidTagError(cloudTag, CloudTagKind)
+	}
+	return dt, nil
+}
+
+// IsValidCloud returns whether id is a valid cloud ID.
+func IsValidCloud(id string) bool {
+	return validCloud.MatchString(id)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/cloud_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/cloud_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/cloud_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/cloud_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,105 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type cloudSuite struct{}
+
+var _ = gc.Suite(&cloudSuite{})
+
+func (s *cloudSuite) TestCloudTag(c *gc.C) {
+	for i, t := range []struct {
+		input  string
+		string string
+	}{
+		{
+			input:  "bob",
+			string: "cloud-bob",
+		},
+	} {
+		c.Logf("test %d: %s", i, t.input)
+		cloudTag := names.NewCloudTag(t.input)
+		c.Check(cloudTag.String(), gc.Equals, t.string)
+		c.Check(cloudTag.Id(), gc.Equals, t.input)
+	}
+}
+
+func (s *cloudSuite) TestIsValidCloud(c *gc.C) {
+	for i, t := range []struct {
+		string string
+		expect bool
+	}{
+		{"", false},
+		{"bob", true},
+		{"Bob", true},
+		{"bOB", true},
+		{"b^b", false},
+		{"bob1", true},
+		{"bob-1", true},
+		{"bob.1", true},
+		{"1bob", true},
+		{"1-bob", true},
+		{"1+bob", false},
+		{"1.bob", true},
+		{"a", true},
+		{"0foo", true},
+		{"foo bar", false},
+		{"bar{}", false},
+		{"bar+foo", false},
+		{"bar_foo", false},
+		{"bar!", false},
+		{"bar^", false},
+		{"bar*", false},
+		{"foo=bar", false},
+		{"foo?", false},
+		{"[bar]", false},
+		{"'foo'", false},
+		{"%bar", false},
+		{"&bar", false},
+		{"#1foo", false},
+		{"bar@", false},
+		{"@local", false},
+		{"not/valid", false},
+	} {
+		c.Logf("test %d: %s", i, t.string)
+		c.Assert(names.IsValidCloud(t.string), gc.Equals, t.expect, gc.Commentf("%s", t.string))
+	}
+}
+
+func (s *cloudSuite) TestParseCloudTag(c *gc.C) {
+	for i, t := range []struct {
+		tag      string
+		expected names.Tag
+		err      error
+	}{{
+		tag: "",
+		err: names.InvalidTagError("", ""),
+	}, {
+		tag:      "cloud-aws",
+		expected: names.NewCloudTag("aws"),
+	}, {
+		tag: "aws",
+		err: names.InvalidTagError("aws", ""),
+	}, {
+		tag: "unit-aws",
+		err: names.InvalidTagError("unit-aws", names.UnitTagKind), // not a valid unit name either
+	}, {
+		tag: "application-aws",
+		err: names.InvalidTagError("application-aws", names.CloudTagKind),
+	}} {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseCloudTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/environ.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/environ.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/environ.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/environ.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,38 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+// EnvironTagKind is DEPRECATED: model tags are used instead.
+const EnvironTagKind = "environment"
+
+type EnvironTag struct {
+	uuid string
+}
+
+// NewEnvironTag returns the tag of an environment with the given environment UUID.
+func NewEnvironTag(uuid string) EnvironTag {
+	return EnvironTag{uuid: uuid}
+}
+
+// ParseEnvironTag parses an environ tag string.
+func ParseEnvironTag(environTag string) (EnvironTag, error) {
+	tag, err := ParseTag(environTag)
+	if err != nil {
+		return EnvironTag{}, err
+	}
+	et, ok := tag.(EnvironTag)
+	if !ok {
+		return EnvironTag{}, invalidTagError(environTag, EnvironTagKind)
+	}
+	return et, nil
+}
+
+func (t EnvironTag) String() string { return t.Kind() + "-" + t.Id() }
+func (t EnvironTag) Kind() string   { return EnvironTagKind }
+func (t EnvironTag) Id() string     { return t.uuid }
+
+// IsValidEnvironment returns whether id is a valid environment UUID.
+func IsValidEnvironment(id string) bool {
+	return validUUID.MatchString(id)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/environ_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/environ_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/environ_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/environ_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,49 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type environSuite struct{}
+
+var _ = gc.Suite(&environSuite{})
+
+var parseEnvironTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "environment-f47ac10b-58cc-4372-a567-0e02b2c3d479",
+	expected: names.NewEnvironTag("f47ac10b-58cc-4372-a567-0e02b2c3d479"),
+}, {
+	tag: "dave",
+	err: names.InvalidTagError("dave", ""),
+	//}, {
+	// TODO(dfc) passes, but should not
+	//	tag: "environment-",
+	//	err: names.InvalidTagError("environment", ""),
+}, {
+	tag: "application-dave",
+	err: names.InvalidTagError("application-dave", names.EnvironTagKind),
+}}
+
+func (s *environSuite) TestParseEnvironTag(c *gc.C) {
+	for i, t := range parseEnvironTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseEnvironTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/equality_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/equality_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/equality_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/equality_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,43 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"github.com/juju/utils"
+	gc "gopkg.in/check.v1"
+)
+
+var tagEqualityTests = []struct {
+	expected Tag
+	want     Tag
+}{
+	{NewMachineTag("0"), MachineTag{id: "0"}},
+	{NewMachineTag("10/lxc/1"), MachineTag{id: "10-lxc-1"}},
+	{NewUnitTag("mysql/1"), UnitTag{name: "mysql-1"}},
+	{NewApplicationTag("ceph"), ApplicationTag{Name: "ceph"}},
+	{NewRelationTag("wordpress:haproxy"), RelationTag{key: "wordpress.haproxy"}},
+	{NewEnvironTag("deadbeef-0123-4567-89ab-feedfacebeef"), EnvironTag{uuid: "deadbeef-0123-4567-89ab-feedfacebeef"}},
+	{NewUserTag("admin"), UserTag{name: "admin"}},
+	{NewUserTag("admin@local"), UserTag{name: "admin", domain: "local"}},
+	{NewUserTag("admin@foobar"), UserTag{name: "admin", domain: "foobar"}},
+	{NewActionTag("01234567-aaaa-4bbb-8ccc-012345678901"), ActionTag{ID: stringToUUID("01234567-aaaa-4bbb-8ccc-012345678901")}},
+}
+
+type equalitySuite struct{}
+
+var _ = gc.Suite(&equalitySuite{})
+
+func (s *equalitySuite) TestTagEquality(c *gc.C) {
+	for _, tt := range tagEqualityTests {
+		c.Check(tt.want, gc.Equals, tt.expected)
+	}
+}
+
+func stringToUUID(id string) utils.UUID {
+	uuid, err := utils.UUIDFromString(id)
+	if err != nil {
+		panic(err)
+	}
+	return uuid
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/example_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/example_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/example_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/example_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,19 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import "fmt"
+
+func ExampleParseTag() {
+	tag, err := ParseTag("user-100")
+	if err != nil {
+		panic(err)
+	}
+	switch tag := tag.(type) {
+	case UserTag:
+		fmt.Printf("User tag, id: %s\n", tag.Id())
+	default:
+		fmt.Printf("Unknown tag, type %T\n", tag)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/export_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/export_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/export_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/export_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,6 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+var InvalidTagError = invalidTagError
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/filesystem.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/filesystem.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/filesystem.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/filesystem.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,76 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+)
+
+const FilesystemTagKind = "filesystem"
+
+// Filesystems may be bound to a machine, meaning that the filesystem cannot
+// exist without that machine. We encode this in the tag.
+var validFilesystem = regexp.MustCompile("^(" + MachineSnippet + "/)?" + NumberSnippet + "$")
+
+type FilesystemTag struct {
+	id string
+}
+
+func (t FilesystemTag) String() string { return t.Kind() + "-" + t.id }
+func (t FilesystemTag) Kind() string   { return FilesystemTagKind }
+func (t FilesystemTag) Id() string     { return filesystemTagSuffixToId(t.id) }
+
+// NewFilesystemTag returns the tag for the filesystem with the given name.
+// It will panic if the given filesystem name is not valid.
+func NewFilesystemTag(id string) FilesystemTag {
+	tag, ok := tagFromFilesystemId(id)
+	if !ok {
+		panic(fmt.Sprintf("%q is not a valid filesystem id", id))
+	}
+	return tag
+}
+
+// ParseFilesystemTag parses a filesystem tag string.
+func ParseFilesystemTag(filesystemTag string) (FilesystemTag, error) {
+	tag, err := ParseTag(filesystemTag)
+	if err != nil {
+		return FilesystemTag{}, err
+	}
+	fstag, ok := tag.(FilesystemTag)
+	if !ok {
+		return FilesystemTag{}, invalidTagError(filesystemTag, FilesystemTagKind)
+	}
+	return fstag, nil
+}
+
+// IsValidFilesystem returns whether id is a valid filesystem id.
+func IsValidFilesystem(id string) bool {
+	return validFilesystem.MatchString(id)
+}
+
+// FilesystemMachine returns the machine component of the filesystem
+// tag, and a boolean indicating whether or not there is a
+// machine component.
+func FilesystemMachine(tag FilesystemTag) (MachineTag, bool) {
+	id := tag.Id()
+	pos := strings.LastIndex(id, "/")
+	if pos == -1 {
+		return MachineTag{}, false
+	}
+	return NewMachineTag(id[:pos]), true
+}
+
+func tagFromFilesystemId(id string) (FilesystemTag, bool) {
+	if !IsValidFilesystem(id) {
+		return FilesystemTag{}, false
+	}
+	id = strings.Replace(id, "/", "-", -1)
+	return FilesystemTag{id}, true
+}
+
+func filesystemTagSuffixToId(s string) string {
+	return strings.Replace(s, "-", "/", -1)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/filesystem_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/filesystem_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/filesystem_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/filesystem_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,81 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"fmt"
+
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type filesystemSuite struct{}
+
+var _ = gc.Suite(&filesystemSuite{})
+
+func (s *filesystemSuite) TestFilesystemTag(c *gc.C) {
+	c.Assert(names.NewFilesystemTag("1").String(), gc.Equals, "filesystem-1")
+}
+
+func (s *filesystemSuite) TestFilesystemIdValidity(c *gc.C) {
+	assertFilesystemIdValid(c, "0")
+	assertFilesystemIdValid(c, "0/lxc/0/0")
+	assertFilesystemIdValid(c, "1000")
+	assertFilesystemIdInvalid(c, "-1")
+	assertFilesystemIdInvalid(c, "")
+	assertFilesystemIdInvalid(c, "one")
+	assertFilesystemIdInvalid(c, "#")
+	assertFilesystemIdInvalid(c, "0/0/0") // 0/0 is not a valid machine ID
+}
+
+func (s *filesystemSuite) TestParseFilesystemTag(c *gc.C) {
+	assertParseFilesystemTag(c, "filesystem-0", names.NewFilesystemTag("0"))
+	assertParseFilesystemTag(c, "filesystem-88", names.NewFilesystemTag("88"))
+	assertParseFilesystemTag(c, "filesystem-0-lxc-0-88", names.NewFilesystemTag("0/lxc/0/88"))
+	assertParseFilesystemTagInvalid(c, "", names.InvalidTagError("", ""))
+	assertParseFilesystemTagInvalid(c, "one", names.InvalidTagError("one", ""))
+	assertParseFilesystemTagInvalid(c, "filesystem-", names.InvalidTagError("filesystem-", names.FilesystemTagKind))
+	assertParseFilesystemTagInvalid(c, "machine-0", names.InvalidTagError("machine-0", names.FilesystemTagKind))
+}
+
+func (s *filesystemSuite) TestFilesystemMachine(c *gc.C) {
+	assertFilesystemMachine(c, "0/0", names.NewMachineTag("0"))
+	assertFilesystemMachine(c, "0/lxc/0/0", names.NewMachineTag("0/lxc/0"))
+	assertFilesystemNoMachine(c, "0")
+}
+
+func assertFilesystemMachine(c *gc.C, id string, expect names.MachineTag) {
+	t, ok := names.FilesystemMachine(names.NewFilesystemTag(id))
+	c.Assert(ok, gc.Equals, true)
+	c.Assert(t, gc.Equals, expect)
+}
+
+func assertFilesystemNoMachine(c *gc.C, id string) {
+	_, ok := names.FilesystemMachine(names.NewFilesystemTag(id))
+	c.Assert(ok, gc.Equals, false)
+}
+
+func assertFilesystemIdValid(c *gc.C, name string) {
+	c.Assert(names.IsValidFilesystem(name), gc.Equals, true)
+	names.NewFilesystemTag(name)
+}
+
+func assertFilesystemIdInvalid(c *gc.C, name string) {
+	c.Assert(names.IsValidFilesystem(name), gc.Equals, false)
+	testFilesystemTag := func() { names.NewFilesystemTag(name) }
+	expect := fmt.Sprintf("%q is not a valid filesystem id", name)
+	c.Assert(testFilesystemTag, gc.PanicMatches, expect)
+}
+
+func assertParseFilesystemTag(c *gc.C, tag string, expect names.FilesystemTag) {
+	t, err := names.ParseFilesystemTag(tag)
+	c.Assert(err, gc.IsNil)
+	c.Assert(t, gc.Equals, expect)
+}
+
+func assertParseFilesystemTagInvalid(c *gc.C, tag string, expect error) {
+	_, err := names.ParseFilesystemTag(tag)
+	c.Assert(err, gc.ErrorMatches, expect.Error())
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/ipaddress.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/ipaddress.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/ipaddress.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/ipaddress.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,46 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"github.com/juju/utils"
+)
+
+const IPAddressTagKind = "ipaddress"
+
+// IsValidIPAddress returns whether id is a valid IP address ID.
+// Here it simply is checked if it is a valid UUID.
+func IsValidIPAddress(id string) bool {
+	return utils.IsValidUUIDString(id)
+}
+
+type IPAddressTag struct {
+	id utils.UUID
+}
+
+func (t IPAddressTag) String() string { return t.Kind() + "-" + t.id.String() }
+func (t IPAddressTag) Kind() string   { return IPAddressTagKind }
+func (t IPAddressTag) Id() string     { return t.id.String() }
+
+// NewIPAddressTag returns the tag for the IP address with the given ID (UUID).
+func NewIPAddressTag(id string) IPAddressTag {
+	uuid, err := utils.UUIDFromString(id)
+	if err != nil {
+		panic(err)
+	}
+	return IPAddressTag{id: uuid}
+}
+
+// ParseIPAddressTag parses an IP address tag string.
+func ParseIPAddressTag(ipAddressTag string) (IPAddressTag, error) {
+	tag, err := ParseTag(ipAddressTag)
+	if err != nil {
+		return IPAddressTag{}, err
+	}
+	ipat, ok := tag.(IPAddressTag)
+	if !ok {
+		return IPAddressTag{}, invalidTagError(ipAddressTag, IPAddressTagKind)
+	}
+	return ipat, nil
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/ipaddress_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/ipaddress_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/ipaddress_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/ipaddress_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,55 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"github.com/juju/utils"
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type ipAddressSuite struct{}
+
+var _ = gc.Suite(&ipAddressSuite{})
+
+func (s *ipAddressSuite) TestNewIPAddressTag(c *gc.C) {
+	uuid := utils.MustNewUUID()
+	tag := names.NewIPAddressTag(uuid.String())
+	parsed, err := names.ParseIPAddressTag(tag.String())
+	c.Assert(err, gc.IsNil)
+	c.Assert(parsed.Kind(), gc.Equals, names.IPAddressTagKind)
+	c.Assert(parsed.Id(), gc.Equals, uuid.String())
+	c.Assert(parsed.String(), gc.Equals, names.IPAddressTagKind+"-"+uuid.String())
+
+	f := func() {
+		tag = names.NewIPAddressTag("42")
+	}
+	c.Assert(f, gc.PanicMatches, `invalid UUID: "42"`)
+}
+
+var parseIPAddressTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{
+	{tag: "", err: names.InvalidTagError("", "")},
+	{tag: "ipaddress-42424242-1111-2222-3333-0123456789ab", expected: names.NewIPAddressTag("42424242-1111-2222-3333-0123456789ab")},
+	{tag: "ipaddress-012345678", err: names.InvalidTagError("ipaddress-012345678", names.IPAddressTagKind)},
+	{tag: "ipaddress-42", err: names.InvalidTagError("ipaddress-42", names.IPAddressTagKind)},
+	{tag: "foobar", err: names.InvalidTagError("foobar", "")},
+	{tag: "space-yadda", err: names.InvalidTagError("space-yadda", names.IPAddressTagKind)}}
+
+func (s *ipAddressSuite) TestParseIPAddressTag(c *gc.C) {
+	for i, t := range parseIPAddressTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseIPAddressTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/LICENSE juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/LICENSE
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/LICENSE	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/LICENSE	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,191 @@
+All files in this repository are licensed as follows. If you contribute
+to this repository, it is assumed that you license your contribution
+under the same license unless you state otherwise.
+
+All files Copyright (C) 2015 Canonical Ltd. unless otherwise specified in the file.
+
+This software is licensed under the LGPLv3, included below.
+
+As a special exception to the GNU Lesser General Public License version 3
+("LGPL3"), the copyright holders of this Library give you permission to
+convey to a third party a Combined Work that links statically or dynamically
+to this Library without providing any Minimal Corresponding Source or
+Minimal Application Code as set out in 4d or providing the installation
+information set out in section 4e, provided that you comply with the other
+provisions of LGPL3 and provided that you meet, for the Application the
+terms and conditions of the license(s) which apply to the Application.
+
+Except as stated in this special exception, the provisions of LGPL3 will
+continue to comply in full to this Library. If you modify this Library, you
+may apply this exception to your version of this Library, but you are not
+obliged to do so. If you do not wish to do so, delete this exception
+statement from your version. This exception does not (and cannot) modify any
+license terms which apply to the Application, with which you must still
+comply.
+
+
+                   GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+  This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+  0. Additional Definitions.
+
+  As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+  "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+  An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+  A "Combined Work" is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+  The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+  The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+  1. Exception to Section 3 of the GNU GPL.
+
+  You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+  2. Conveying Modified Versions.
+
+  If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+   a) under this License, provided that you make a good faith effort to
+   ensure that, in the event an Application does not supply the
+   function or data, the facility still operates, and performs
+   whatever part of its purpose remains meaningful, or
+
+   b) under the GNU GPL, with none of the additional permissions of
+   this License applicable to that copy.
+
+  3. Object Code Incorporating Material from Library Header Files.
+
+  The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+   a) Give prominent notice with each copy of the object code that the
+   Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the object code with a copy of the GNU GPL and this license
+   document.
+
+  4. Combined Works.
+
+  You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+   a) Give prominent notice with each copy of the Combined Work that
+   the Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
+   document.
+
+   c) For a Combined Work that displays copyright notices during
+   execution, include the copyright notice for the Library among
+   these notices, as well as a reference directing the user to the
+   copies of the GNU GPL and this license document.
+
+   d) Do one of the following:
+
+       0) Convey the Minimal Corresponding Source under the terms of this
+       License, and the Corresponding Application Code in a form
+       suitable for, and under terms that permit, the user to
+       recombine or relink the Application with a modified version of
+       the Linked Version to produce a modified Combined Work, in the
+       manner specified by section 6 of the GNU GPL for conveying
+       Corresponding Source.
+
+       1) Use a suitable shared library mechanism for linking with the
+       Library.  A suitable mechanism is one that (a) uses at run time
+       a copy of the Library already present on the user's computer
+       system, and (b) will operate properly with a modified version
+       of the Library that is interface-compatible with the Linked
+       Version.
+
+   e) Provide Installation Information, but only if you would otherwise
+   be required to provide such information under section 6 of the
+   GNU GPL, and only to the extent that such information is
+   necessary to install and execute a modified version of the
+   Combined Work produced by recombining or relinking the
+   Application with a modified version of the Linked Version. (If
+   you use option 4d0, the Installation Information must accompany
+   the Minimal Corresponding Source and Corresponding Application
+   Code. If you use option 4d1, you must provide the Installation
+   Information in the manner specified by section 6 of the GNU GPL
+   for conveying Corresponding Source.)
+
+  5. Combined Libraries.
+
+  You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+   a) Accompany the combined library with a copy of the same work based
+   on the Library, uncombined with any other library facilities,
+   conveyed under the terms of this License.
+
+   b) Give prominent notice with the combined library that part of it
+   is a work based on the Library, and explaining where to find the
+   accompanying uncombined form of the same work.
+
+  6. Revised Versions of the GNU Lesser General Public License.
+
+  The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+  Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+  If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/machine.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/machine.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/machine.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/machine.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,60 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"regexp"
+	"strings"
+)
+
+const MachineTagKind = "machine"
+
+const (
+	ContainerTypeSnippet = "[a-z]+"
+	ContainerSnippet     = "/" + ContainerTypeSnippet + "/" + NumberSnippet + ""
+	MachineSnippet       = NumberSnippet + "(?:" + ContainerSnippet + ")*"
+)
+
+var validMachine = regexp.MustCompile("^" + MachineSnippet + "$")
+
+// IsValidMachine returns whether id is a valid machine id.
+func IsValidMachine(id string) bool {
+	return validMachine.MatchString(id)
+}
+
+// IsContainerMachine returns whether id is a valid container machine id.
+func IsContainerMachine(id string) bool {
+	return validMachine.MatchString(id) && strings.Contains(id, "/")
+}
+
+type MachineTag struct {
+	id string
+}
+
+func (t MachineTag) String() string { return t.Kind() + "-" + t.id }
+func (t MachineTag) Kind() string   { return MachineTagKind }
+func (t MachineTag) Id() string     { return machineTagSuffixToId(t.id) }
+
+// NewMachineTag returns the tag for the machine with the given id.
+func NewMachineTag(id string) MachineTag {
+	id = strings.Replace(id, "/", "-", -1)
+	return MachineTag{id: id}
+}
+
+// ParseMachineTag parses a machine tag string.
+func ParseMachineTag(machineTag string) (MachineTag, error) {
+	tag, err := ParseTag(machineTag)
+	if err != nil {
+		return MachineTag{}, err
+	}
+	mt, ok := tag.(MachineTag)
+	if !ok {
+		return MachineTag{}, invalidTagError(machineTag, MachineTagKind)
+	}
+	return mt, nil
+}
+
+func machineTagSuffixToId(s string) string {
+	return strings.Replace(s, "-", "/", -1)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/machine_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/machine_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/machine_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/machine_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,96 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	stdtesting "testing"
+
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type machineSuite struct{}
+
+var _ = gc.Suite(&machineSuite{})
+
+func Test(t *stdtesting.T) {
+	gc.TestingT(t)
+}
+
+func (s *machineSuite) TestMachineTag(c *gc.C) {
+	c.Assert(names.NewMachineTag("10").String(), gc.Equals, "machine-10")
+	// Check a container id.
+	c.Assert(names.NewMachineTag("10/lxc/1").String(), gc.Equals, "machine-10-lxc-1")
+}
+
+var machineIdTests = []struct {
+	pattern   string
+	valid     bool
+	container bool
+}{
+	{pattern: "42", valid: true},
+	{pattern: "042", valid: false},
+	{pattern: "0", valid: true},
+	{pattern: "foo", valid: false},
+	{pattern: "/", valid: false},
+	{pattern: "55/", valid: false},
+	{pattern: "1/foo", valid: false},
+	{pattern: "2/foo/", valid: false},
+	{pattern: "3/lxc/42", valid: true, container: true},
+	{pattern: "3/lxc-nodash/42", valid: false},
+	{pattern: "0/lxc/00", valid: false},
+	{pattern: "0/lxc/0/", valid: false},
+	{pattern: "03/lxc/42", valid: false},
+	{pattern: "3/lxc/042", valid: false},
+	{pattern: "4/foo/bar", valid: false},
+	{pattern: "5/lxc/42/foo", valid: false},
+	{pattern: "6/lxc/42/kvm/0", valid: true, container: true},
+	{pattern: "06/lxc/42/kvm/0", valid: false},
+	{pattern: "6/lxc/042/kvm/0", valid: false},
+	{pattern: "6/lxc/42/kvm/00", valid: false},
+	{pattern: "06/lxc/042/kvm/00", valid: false},
+}
+
+func (s *machineSuite) TestMachineIdFormats(c *gc.C) {
+	for i, test := range machineIdTests {
+		c.Logf("test %d: %q", i, test.pattern)
+		c.Assert(names.IsValidMachine(test.pattern), gc.Equals, test.valid)
+		c.Assert(names.IsContainerMachine(test.pattern), gc.Equals, test.container)
+	}
+}
+
+var parseMachineTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "machine-0",
+	expected: names.NewMachineTag("0"),
+}, {
+	tag: "machine-one",
+	err: names.InvalidTagError("machine-one", names.MachineTagKind),
+}, {
+	tag: "dave",
+	err: names.InvalidTagError("dave", ""),
+}, {
+	tag: "user-one",
+	err: names.InvalidTagError("user-one", names.MachineTagKind),
+}}
+
+func (s *machineSuite) TestParseMachineTag(c *gc.C) {
+	for i, t := range parseMachineTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseMachineTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/model.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/model.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/model.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/model.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,52 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"regexp"
+)
+
+const ModelTagKind = "model"
+
+// ModelTag represents a tag used to describe a model.
+type ModelTag struct {
+	uuid string
+}
+
+var validUUID = regexp.MustCompile(`[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}`)
+
+// Lowercase letters, digits and (non-leading) hyphens, as per LP:1568944 #5.
+var validModelName = regexp.MustCompile(`^[a-z0-9]+[a-z0-9-]*$`)
+
+// NewModelTag returns the tag of an model with the given model UUID.
+func NewModelTag(uuid string) ModelTag {
+	return ModelTag{uuid: uuid}
+}
+
+// ParseModelTag parses an environ tag string.
+func ParseModelTag(modelTag string) (ModelTag, error) {
+	tag, err := ParseTag(modelTag)
+	if err != nil {
+		return ModelTag{}, err
+	}
+	et, ok := tag.(ModelTag)
+	if !ok {
+		return ModelTag{}, invalidTagError(modelTag, ModelTagKind)
+	}
+	return et, nil
+}
+
+func (t ModelTag) String() string { return t.Kind() + "-" + t.Id() }
+func (t ModelTag) Kind() string   { return ModelTagKind }
+func (t ModelTag) Id() string     { return t.uuid }
+
+// IsValidModel returns whether id is a valid model UUID.
+func IsValidModel(id string) bool {
+	return validUUID.MatchString(id)
+}
+
+// IsValidModelName returns whether name is a valid string safe for a model name.
+func IsValidModelName(name string) bool {
+	return validModelName.MatchString(name)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/model_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/model_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/model_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/model_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,78 @@
+// Copyright 2016 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type modelSuite struct{}
+
+var _ = gc.Suite(&modelSuite{})
+
+var parseModelTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "model-f47ac10b-58cc-4372-a567-0e02b2c3d479",
+	expected: names.NewModelTag("f47ac10b-58cc-4372-a567-0e02b2c3d479"),
+}, {
+	tag: "dave",
+	err: names.InvalidTagError("dave", ""),
+	//}, {
+	// TODO(dfc) passes, but should not
+	//	tag: "model-",
+	//	err: names.InvalidTagError("model", ""),
+}, {
+	tag: "application-dave",
+	err: names.InvalidTagError("application-dave", names.ModelTagKind),
+}}
+
+func (s *modelSuite) TestParseModelTag(c *gc.C) {
+	for i, t := range parseModelTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseModelTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
+
+var modelNameTest = []struct {
+	test     string
+	name     string
+	expected bool
+}{{
+	test:     "Hyphenated true",
+	name:     "foo-bar",
+	expected: true,
+}, {
+	test:     "Whitespsce false",
+	name:     "foo bar",
+	expected: false,
+}, {
+	test:     "Capital false",
+	name:     "fooBar",
+	expected: false,
+}, {
+	test:     "At sign false",
+	name:     "foo@bar",
+	expected: false,
+}}
+
+func (s *modelSuite) TestModelName(c *gc.C) {
+	for i, t := range modelNameTest {
+		c.Logf("test %d: %q", i, t.name)
+		c.Check(names.IsValidModelName(t.name), gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/payload.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/payload.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/payload.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/payload.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,74 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"regexp"
+
+	"github.com/juju/utils"
+)
+
+const (
+	// PayloadTagKind is used as the prefix for the string
+	// representation of payload tags.
+	PayloadTagKind = "payload"
+
+	// This can be expanded later, as needed.
+	payloadClass = "([a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?)"
+)
+
+var validPayload = regexp.MustCompile("^" + payloadClass + "$")
+
+// IsValidPayload returns whether id is a valid Juju ID for
+// a charm payload. The ID must be a valid alpha-numeric (plus hyphens).
+func IsValidPayload(id string) bool {
+	return validPayload.MatchString(id)
+}
+
+// For compatibility with Juju 1.25, UUIDs are also supported.
+func isValidPayload(id string) bool {
+	return IsValidPayload(id) || utils.IsValidUUIDString(id)
+}
+
+// PayloadTag represents a charm payload.
+type PayloadTag struct {
+	id string
+}
+
+// NewPayloadTag returns the tag for a charm's payload with the given id.
+func NewPayloadTag(id string) PayloadTag {
+	return PayloadTag{
+		id: id,
+	}
+}
+
+// ParsePayloadTag parses a payload tag string.
+// So ParsePayloadTag(tag.String()) === tag.
+func ParsePayloadTag(tag string) (PayloadTag, error) {
+	t, err := ParseTag(tag)
+	if err != nil {
+		return PayloadTag{}, err
+	}
+	pt, ok := t.(PayloadTag)
+	if !ok {
+		return PayloadTag{}, invalidTagError(tag, PayloadTagKind)
+	}
+	return pt, nil
+}
+
+// Kind implements Tag.
+func (t PayloadTag) Kind() string {
+	return PayloadTagKind
+}
+
+// Id implements Tag.Id. It always returns the same ID with which
+// it was created. So NewPayloadTag(x).Id() == x for all valid x.
+func (t PayloadTag) Id() string {
+	return t.id
+}
+
+// String implements Tag.
+func (t PayloadTag) String() string {
+	return tagString(t)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/payload_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/payload_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/payload_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/payload_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,94 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	jc "github.com/juju/testing/checkers"
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+var _ = gc.Suite(&payloadSuite{})
+
+type payloadSuite struct{}
+
+type payloadTest struct {
+	input string
+}
+
+func checkPayload(c *gc.C, id string, tag names.PayloadTag) {
+	c.Check(tag.Kind(), gc.Equals, names.PayloadTagKind)
+	c.Check(tag.Id(), gc.Equals, id)
+	c.Check(tag.String(), gc.Equals, names.PayloadTagKind+"-"+id)
+}
+
+func (s *payloadSuite) TestPayloadTag(c *gc.C) {
+	id := "f47ac10b-58cc-4372-a567-0e02b2c3d479"
+	tag := names.NewPayloadTag(id)
+
+	c.Check(tag.Kind(), gc.Equals, names.PayloadTagKind)
+	c.Check(tag.Id(), gc.Equals, id)
+	c.Check(tag.String(), gc.Equals, names.PayloadTagKind+"-"+id)
+}
+
+func (s *payloadSuite) TestIsValidPayload(c *gc.C) {
+	for i, test := range []struct {
+		id     string
+		expect bool
+	}{
+		{"", false},
+		{"spam-", false},
+		{"spam", true},
+		{"spam-and-eggs", true},
+
+		{"f47ac10b-58cc-4372-a567-0e02b2c3d479", true},
+	} {
+		c.Logf("test %d: %s", i, test.id)
+		ok := names.IsValidPayload(test.id)
+
+		c.Check(ok, gc.Equals, test.expect)
+	}
+}
+
+func (s *payloadSuite) TestParsePayloadTag(c *gc.C) {
+	for i, test := range []struct {
+		tag      string
+		expected names.Tag
+		err      error
+	}{{
+		tag: "",
+		err: names.InvalidTagError("", ""),
+	}, {
+		tag: "payload-",
+		err: names.InvalidTagError("payload-", names.PayloadTagKind),
+	}, {
+		tag:      "payload-spam",
+		expected: names.NewPayloadTag("spam"),
+	}, {
+		tag:      "payload-f47ac10b-58cc-4372-a567-0e02b2c3d479",
+		expected: names.NewPayloadTag("f47ac10b-58cc-4372-a567-0e02b2c3d479"),
+	}, {
+		tag: "spam",
+		err: names.InvalidTagError("spam", ""),
+	}, {
+		tag: "f47ac10b-58cc-4372-a567-0e02b2c3d479",
+		err: names.InvalidTagError("f47ac10b-58cc-4372-a567-0e02b2c3d479", ""),
+	}, {
+		tag: "unit-f47ac10b-58cc-4372-a567-0e02b2c3d479",
+		err: names.InvalidTagError("unit-f47ac10b-58cc-4372-a567-0e02b2c3d479", names.UnitTagKind),
+	}, {
+		tag: "action-f47ac10b-58cc-4372-a567-0e02b2c3d479",
+		err: names.InvalidTagError("action-f47ac10b-58cc-4372-a567-0e02b2c3d479", names.PayloadTagKind),
+	}} {
+		c.Logf("test %d: %s", i, test.tag)
+		got, err := names.ParsePayloadTag(test.tag)
+		if test.err != nil {
+			c.Check(err, jc.DeepEquals, test.err)
+		} else {
+			c.Check(err, jc.ErrorIsNil)
+			c.Check(got, jc.DeepEquals, test.expected)
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/README.md juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/README.md
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/README.md	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,4 @@
+juju/names
+============
+
+This package provides helpers for handling Juju entity names.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/relation.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/relation.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/relation.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/relation.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,67 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+)
+
+const RelationTagKind = "relation"
+
+const RelationSnippet = "[a-z][a-z0-9]*(?:[_-][a-z0-9]+)*"
+
+// Relation keys have the format "application1:relName1 application2:relName2".
+// Except the peer relations, which have the format "application:relName"
+// Relation tags have the format "relation-application1.rel1#application2.rel2".
+// For peer relations, the format is "relation-application.rel"
+
+var (
+	validRelation     = regexp.MustCompile("^" + ApplicationSnippet + ":" + RelationSnippet + " " + ApplicationSnippet + ":" + RelationSnippet + "$")
+	validPeerRelation = regexp.MustCompile("^" + ApplicationSnippet + ":" + RelationSnippet + "$")
+)
+
+// IsValidRelation returns whether key is a valid relation key.
+func IsValidRelation(key string) bool {
+	return validRelation.MatchString(key) || validPeerRelation.MatchString(key)
+}
+
+type RelationTag struct {
+	key string
+}
+
+func (t RelationTag) String() string { return t.Kind() + "-" + t.key }
+func (t RelationTag) Kind() string   { return RelationTagKind }
+func (t RelationTag) Id() string     { return relationTagSuffixToKey(t.key) }
+
+// NewRelationTag returns the tag for the relation with the given key.
+func NewRelationTag(relationKey string) RelationTag {
+	if !IsValidRelation(relationKey) {
+		panic(fmt.Sprintf("%q is not a valid relation key", relationKey))
+	}
+	// Replace both ":" with "." and the " " with "#".
+	relationKey = strings.Replace(relationKey, ":", ".", 2)
+	relationKey = strings.Replace(relationKey, " ", "#", 1)
+	return RelationTag{key: relationKey}
+}
+
+// ParseRelationTag parses a relation tag string.
+func ParseRelationTag(relationTag string) (RelationTag, error) {
+	tag, err := ParseTag(relationTag)
+	if err != nil {
+		return RelationTag{}, err
+	}
+	rt, ok := tag.(RelationTag)
+	if !ok {
+		return RelationTag{}, invalidTagError(relationTag, RelationTagKind)
+	}
+	return rt, nil
+}
+
+func relationTagSuffixToKey(s string) string {
+	// Replace both "." with ":" and the "#" with " ".
+	s = strings.Replace(s, ".", ":", 2)
+	return strings.Replace(s, "#", " ", 1)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/relation_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/relation_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/relation_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/relation_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,95 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type relationSuite struct{}
+
+var _ = gc.Suite(&relationSuite{})
+
+var relationNameTests = []struct {
+	pattern string
+	valid   bool
+}{
+	{pattern: "", valid: false},
+	{pattern: "0foo", valid: false},
+	{pattern: "foo", valid: true},
+	{pattern: "f1-boo", valid: true},
+	{pattern: "f-o-o", valid: true},
+	{pattern: "-foo", valid: false},
+	{pattern: "fo#o", valid: false},
+	{pattern: "foo-42", valid: true},
+	{pattern: "FooBar", valid: false},
+	{pattern: "foo42-bar1", valid: true},
+	{pattern: "42", valid: false},
+	{pattern: "0", valid: false},
+	{pattern: "%not", valid: false},
+	{pattern: "42also-not", valid: false},
+	{pattern: "042", valid: false},
+	{pattern: "0x42", valid: false},
+	{pattern: "foo_42", valid: true},
+	{pattern: "_foo", valid: false},
+	{pattern: "!foo", valid: false},
+	{pattern: "foo_bar-baz_boo", valid: true},
+	{pattern: "foo bar", valid: false},
+	{pattern: "foo-_", valid: false},
+	{pattern: "foo-", valid: false},
+	{pattern: "foo_-a", valid: false},
+	{pattern: "foo_", valid: false},
+}
+
+func (s *relationSuite) TestRelationKeyFormats(c *gc.C) {
+	// In order to test all possible combinations, we need
+	// to use the relationNameTests and applicationNameTests
+	// twice to construct all possible keys.
+	for i, testRel := range relationNameTests {
+		for j, testSvc := range applicationNameTests {
+			peerKey := testSvc.pattern + ":" + testRel.pattern
+			key := peerKey + " " + peerKey
+			isValid := testSvc.valid && testRel.valid
+			c.Logf("test %d: %q -> valid: %v", i*len(applicationNameTests)+j, key, isValid)
+			c.Assert(names.IsValidRelation(key), gc.Equals, isValid)
+			c.Assert(names.IsValidRelation(peerKey), gc.Equals, isValid)
+		}
+	}
+}
+
+var parseRelationTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "relation-wordpress:db mysql:db",
+	expected: names.NewRelationTag("wordpress:db mysql:db"),
+}, {
+	tag:      "relation-wordpress:mysql",
+	expected: names.NewRelationTag("wordpress:mysql"),
+}, {
+	tag: "dave",
+	err: names.InvalidTagError("dave", ""),
+}, {
+	tag: "application-dave",
+	err: names.InvalidTagError("application-dave", names.RelationTagKind),
+}}
+
+func (s *relationSuite) TestParseRelationTag(c *gc.C) {
+	for i, t := range parseRelationTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseRelationTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/snippet_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/snippet_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/snippet_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/snippet_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,33 @@
+package names
+
+import (
+	"strings"
+
+	gc "gopkg.in/check.v1"
+)
+
+var snippets = []struct {
+	name    string
+	snippet string
+}{
+	{"ContainerTypeSnippet", ContainerTypeSnippet},
+	{"ContainerSnippet", ContainerSnippet},
+	{"MachineSnippet", MachineSnippet},
+	{"NumberSnippet", NumberSnippet},
+	{"ApplicationSnippet", ApplicationSnippet},
+	{"RelationSnippet", RelationSnippet},
+}
+
+type snippetSuite struct{}
+
+var _ = gc.Suite(&snippetSuite{})
+
+func (s *equalitySuite) TestSnippetsContainNoCapturingGroups(c *gc.C) {
+	for _, test := range snippets {
+		for i, ch := range test.snippet {
+			if ch == '(' && !strings.HasPrefix(test.snippet[i:], "(?:") {
+				c.Errorf("%s (%q) contains capturing group", test.name, test.snippet)
+			}
+		}
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/space.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/space.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/space.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/space.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,50 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+)
+
+const (
+	SpaceTagKind = "space"
+	SpaceSnippet = "(?:[a-z0-9]+(?:-[a-z0-9]+)*)"
+)
+
+var validSpace = regexp.MustCompile("^" + SpaceSnippet + "$")
+
+// IsValidSpace reports whether name is a valid space name.
+func IsValidSpace(name string) bool {
+	return validSpace.MatchString(name)
+}
+
+type SpaceTag struct {
+	name string
+}
+
+func (t SpaceTag) String() string { return t.Kind() + "-" + t.Id() }
+func (t SpaceTag) Kind() string   { return SpaceTagKind }
+func (t SpaceTag) Id() string     { return t.name }
+
+// NewSpaceTag returns the tag of a space with the given name.
+func NewSpaceTag(name string) SpaceTag {
+	if !IsValidSpace(name) {
+		panic(fmt.Sprintf("%q is not a valid space name", name))
+	}
+	return SpaceTag{name: name}
+}
+
+// ParseSpaceTag parses a space tag string.
+func ParseSpaceTag(spaceTag string) (SpaceTag, error) {
+	tag, err := ParseTag(spaceTag)
+	if err != nil {
+		return SpaceTag{}, err
+	}
+	nt, ok := tag.(SpaceTag)
+	if !ok {
+		return SpaceTag{}, invalidTagError(spaceTag, SpaceTagKind)
+	}
+	return nt, nil
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/space_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/space_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/space_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/space_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,80 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"fmt"
+	"regexp"
+
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type spaceSuite struct{}
+
+var _ = gc.Suite(&spaceSuite{})
+
+var spaceNameTests = []struct {
+	pattern string
+	valid   bool
+}{
+	{pattern: "", valid: false},
+	{pattern: "eth0", valid: true},
+	{pattern: "-my-net-", valid: false},
+	{pattern: "42", valid: true},
+	{pattern: "%not", valid: false},
+	{pattern: "$PATH", valid: false},
+	{pattern: "but-this-works", valid: true},
+	{pattern: "----", valid: false},
+	{pattern: "oh--no", valid: false},
+	{pattern: "777", valid: true},
+	{pattern: "is-it-", valid: false},
+	{pattern: "also_not", valid: false},
+	{pattern: "a--", valid: false},
+	{pattern: "foo-2", valid: true},
+}
+
+func (s *spaceSuite) TestSpaceNames(c *gc.C) {
+	for i, test := range spaceNameTests {
+		c.Logf("test %d: %q", i, test.pattern)
+		c.Check(names.IsValidSpace(test.pattern), gc.Equals, test.valid)
+		if test.valid {
+			expectTag := fmt.Sprintf("%s-%s", names.SpaceTagKind, test.pattern)
+			c.Check(names.NewSpaceTag(test.pattern).String(), gc.Equals, expectTag)
+		} else {
+			expectErr := fmt.Sprintf("%q is not a valid space name", test.pattern)
+			testTag := func() { names.NewSpaceTag(test.pattern) }
+			c.Check(testTag, gc.PanicMatches, regexp.QuoteMeta(expectErr))
+		}
+	}
+}
+
+var parseSpaceTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "space-1",
+	expected: names.NewSpaceTag("1"),
+}, {
+	tag: "-space1",
+	err: names.InvalidTagError("-space1", ""),
+}}
+
+func (s *spaceSuite) TestParseSpaceTag(c *gc.C) {
+	for i, t := range parseSpaceTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseSpaceTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/storage.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/storage.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/storage.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,86 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+)
+
+const (
+	StorageTagKind = "storage"
+
+	// StorageNameSnippet is the regular expression that describes valid
+	// storage names (without the storage instance sequence number).
+	StorageNameSnippet = "(?:[a-z][a-z0-9]*(?:-[a-z0-9]*[a-z][a-z0-9]*)*)"
+)
+
+var validStorage = regexp.MustCompile("^(" + StorageNameSnippet + ")/" + NumberSnippet + "$")
+
+type StorageTag struct {
+	id string
+}
+
+func (t StorageTag) String() string { return t.Kind() + "-" + t.id }
+func (t StorageTag) Kind() string   { return StorageTagKind }
+func (t StorageTag) Id() string     { return storageTagSuffixToId(t.id) }
+
+// NewStorageTag returns the tag for the storage instance with the given ID.
+// It will panic if the given string is not a valid storage instance Id.
+func NewStorageTag(id string) StorageTag {
+	tag, ok := tagFromStorageId(id)
+	if !ok {
+		panic(fmt.Sprintf("%q is not a valid storage instance ID", id))
+	}
+	return tag
+}
+
+// ParseStorageTag parses a storage tag string.
+func ParseStorageTag(s string) (StorageTag, error) {
+	tag, err := ParseTag(s)
+	if err != nil {
+		return StorageTag{}, err
+	}
+	st, ok := tag.(StorageTag)
+	if !ok {
+		return StorageTag{}, invalidTagError(s, StorageTagKind)
+	}
+	return st, nil
+}
+
+// IsValidStorage returns whether id is a valid storage instance ID.
+func IsValidStorage(id string) bool {
+	return validStorage.MatchString(id)
+}
+
+// StorageName returns the storage name from a storage instance ID.
+// StorageName returns an error if "id" is not a valid storage
+// instance ID.
+func StorageName(id string) (string, error) {
+	s := validStorage.FindStringSubmatch(id)
+	if s == nil {
+		return "", fmt.Errorf("%q is not a valid storage instance ID", id)
+	}
+	return s[1], nil
+}
+
+func tagFromStorageId(id string) (StorageTag, bool) {
+	// replace only the last "/" with "-".
+	i := strings.LastIndex(id, "/")
+	if i <= 0 || !IsValidStorage(id) {
+		return StorageTag{}, false
+	}
+	id = id[:i] + "-" + id[i+1:]
+	return StorageTag{id}, true
+}
+
+func storageTagSuffixToId(s string) string {
+	// Replace only the last "-" with "/", as it is valid for storage
+	// names to contain hyphens.
+	if i := strings.LastIndex(s, "-"); i > 0 {
+		s = s[:i] + "/" + s[i+1:]
+	}
+	return s
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/storage_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/storage_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/storage_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"fmt"
+
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type storageSuite struct{}
+
+var _ = gc.Suite(&storageSuite{})
+
+func (s *storageSuite) TestStorageTag(c *gc.C) {
+	c.Assert(names.NewStorageTag("store/1").String(), gc.Equals, "storage-store-1")
+}
+
+func (s *storageSuite) TestStorageNameValidity(c *gc.C) {
+	assertStorageIdValid(c, "shared-fs/0")
+	assertStorageIdValid(c, "db-dir/1000")
+	assertStorageIdInvalid(c, "store/-1")
+	assertStorageIdInvalid(c, "store-1")
+	assertStorageIdInvalid(c, "")
+	assertStorageIdInvalid(c, "store")
+	assertStorageIdInvalid(c, "store/#")
+}
+
+func (s *storageSuite) TestParseStorageTag(c *gc.C) {
+	assertParseStorageTag(c, "storage-shared-fs-0", names.NewStorageTag("shared-fs/0"))
+	assertParseStorageTag(c, "storage-store-88", names.NewStorageTag("store/88"))
+	assertParseStorageTagInvalid(c, "", names.InvalidTagError("", ""))
+	assertParseStorageTagInvalid(c, "one", names.InvalidTagError("one", ""))
+	assertParseStorageTagInvalid(c, "storage-", names.InvalidTagError("storage-", names.StorageTagKind))
+	assertParseStorageTagInvalid(c, "machine-0", names.InvalidTagError("machine-0", names.StorageTagKind))
+}
+
+func (s *applicationSuite) TestStorageName(c *gc.C) {
+	assertStorageNameValid(c, "shared-fs/0", "shared-fs")
+	assertStorageNameInvalid(c, "storage-shared-fs-0")
+}
+
+func assertStorageIdValid(c *gc.C, name string) {
+	c.Assert(names.IsValidStorage(name), gc.Equals, true)
+	names.NewStorageTag(name)
+}
+
+func assertStorageIdInvalid(c *gc.C, name string) {
+	c.Assert(names.IsValidStorage(name), gc.Equals, false)
+	testStorageTag := func() { names.NewStorageTag(name) }
+	expect := fmt.Sprintf("%q is not a valid storage instance ID", name)
+	c.Assert(testStorageTag, gc.PanicMatches, expect)
+}
+
+func assertStorageNameValid(c *gc.C, id, expect string) {
+	name, err := names.StorageName(id)
+	c.Assert(err, gc.IsNil)
+	c.Assert(name, gc.Equals, expect)
+}
+
+func assertStorageNameInvalid(c *gc.C, id string) {
+	_, err := names.StorageName(id)
+	expect := fmt.Sprintf("%q is not a valid storage instance ID", id)
+	c.Assert(err, gc.ErrorMatches, expect)
+}
+
+func assertParseStorageTag(c *gc.C, tag string, expect names.StorageTag) {
+	t, err := names.ParseStorageTag(tag)
+	c.Assert(err, gc.IsNil)
+	c.Assert(t, gc.Equals, expect)
+}
+
+func assertParseStorageTagInvalid(c *gc.C, tag string, expect error) {
+	_, err := names.ParseStorageTag(tag)
+	c.Assert(err, gc.ErrorMatches, expect.Error())
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/subnet.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/subnet.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/subnet.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/subnet.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,49 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"net"
+)
+
+const SubnetTagKind = "subnet"
+
+// IsValidSubnet returns whether cidr is a valid subnet CIDR.
+func IsValidSubnet(cidr string) bool {
+	_, ipNet, err := net.ParseCIDR(cidr)
+	if err == nil && ipNet.String() == cidr {
+		return true
+	}
+	return false
+}
+
+type SubnetTag struct {
+	cidr string
+}
+
+func (t SubnetTag) String() string { return t.Kind() + "-" + t.cidr }
+func (t SubnetTag) Kind() string   { return SubnetTagKind }
+func (t SubnetTag) Id() string     { return t.cidr }
+
+// NewSubnetTag returns the tag for subnet with the given CIDR.
+func NewSubnetTag(cidr string) SubnetTag {
+	if !IsValidSubnet(cidr) {
+		panic(fmt.Sprintf("%s is not a valid subnet CIDR", cidr))
+	}
+	return SubnetTag{cidr: cidr}
+}
+
+// ParseSubnetTag parses a subnet tag string.
+func ParseSubnetTag(subnetTag string) (SubnetTag, error) {
+	tag, err := ParseTag(subnetTag)
+	if err != nil {
+		return SubnetTag{}, err
+	}
+	subt, ok := tag.(SubnetTag)
+	if !ok {
+		return SubnetTag{}, invalidTagError(subnetTag, SubnetTagKind)
+	}
+	return subt, nil
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/subnet_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/subnet_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/subnet_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/subnet_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,78 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type subnetSuite struct{}
+
+var _ = gc.Suite(&subnetSuite{})
+
+func (s *subnetSuite) TestNewSubnetTag(c *gc.C) {
+	cidr := "10.20.0.0/16"
+	tag := names.NewSubnetTag(cidr)
+	parsed, err := names.ParseSubnetTag(tag.String())
+	c.Assert(err, gc.IsNil)
+	c.Assert(parsed.Kind(), gc.Equals, names.SubnetTagKind)
+	c.Assert(parsed.Id(), gc.Equals, cidr)
+	c.Assert(parsed.String(), gc.Equals, names.SubnetTagKind+"-"+cidr)
+
+	f := func() {
+		tag = names.NewSubnetTag("foo")
+	}
+	c.Assert(f, gc.PanicMatches, "foo is not a valid subnet CIDR")
+}
+
+var parseSubnetTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "subnet-10.20.0.0/16",
+	expected: names.NewSubnetTag("10.20.0.0/16"),
+}, {
+	tag:      "subnet-2001:db8::/32",
+	expected: names.NewSubnetTag("2001:db8::/32"),
+}, {
+	tag: "subnet-fe80::3%zone1/10",
+	err: names.InvalidTagError("subnet-fe80::3%zone1/10", names.SubnetTagKind),
+}, {
+	tag: "subnet-10.20.30.40/16",
+	err: names.InvalidTagError("subnet-10.20.30.40/16", names.SubnetTagKind),
+}, {
+	tag: "subnet-2001:db8::123/32",
+	err: names.InvalidTagError("subnet-2001:db8::123/32", names.SubnetTagKind),
+}, {
+	tag: "subnet-foo",
+	err: names.InvalidTagError("subnet-foo", names.SubnetTagKind),
+}, {
+	tag: "subnet-",
+	err: names.InvalidTagError("subnet-", names.SubnetTagKind),
+}, {
+	tag: "foobar",
+	err: names.InvalidTagError("foobar", ""),
+}, {
+	tag: "unit-foo-0",
+	err: names.InvalidTagError("unit-foo-0", names.SubnetTagKind),
+}}
+
+func (s *subnetSuite) TestParseSubnetTag(c *gc.C) {
+	for i, t := range parseSubnetTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseSubnetTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/tag.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/tag.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/tag.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/tag.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,200 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/juju/utils"
+)
+
+// A Tag tags things that are taggable. Its purpose is to uniquely
+// identify some resource and provide a consistent representation of
+// that identity in both a human-readable and a machine-friendly format.
+// The latter benefits use of the tag in over-the-wire transmission
+// (e.g. in HTTP RPC calls) and in filename paths. The human-readable
+// tag "name" is available through the Id method. The machine-friendly
+// representation is provided by the String method.
+//
+// The ParseTag function may be used to build a tag from the machine-
+// formatted string. As well each kind of tag has its own Parse* method.
+// Each kind also has a New* method (e.g. NewMachineTag) which produces
+// a tag from the human-readable tag "ID".
+//
+// In the context of juju, the API *must* use tags to represent the
+// various juju entities. This contrasts with user-facing code, where
+// tags *must not* be used. Internal to juju the use of tags is a
+// judgement call based on the situation.
+type Tag interface {
+	// Kind returns the kind of the tag.
+	// This method is for legacy compatibility, callers should
+	// use equality or type assertions to verify the Kind, or type
+	// of a Tag.
+	Kind() string
+
+	// Id returns an identifier for this Tag.
+	// The contents and format of the identifier are specific
+	// to the implementer of the Tag.
+	Id() string
+
+	fmt.Stringer // all Tags should be able to print themselves
+}
+
+// tagString returns the canonical string representation of a tag.
+// It round-trips with splitTag().
+func tagString(tag Tag) string {
+	return tag.Kind() + "-" + tag.Id()
+}
+
+// TagKind returns one of the *TagKind constants for the given tag, or
+// an error if none matches.
+func TagKind(tag string) (string, error) {
+	i := strings.Index(tag, "-")
+	if i <= 0 || !validKinds(tag[:i]) {
+		return "", fmt.Errorf("%q is not a valid tag", tag)
+	}
+	return tag[:i], nil
+}
+
+func validKinds(kind string) bool {
+	switch kind {
+	case UnitTagKind, MachineTagKind, ApplicationTagKind, EnvironTagKind, UserTagKind,
+		RelationTagKind, ActionTagKind, VolumeTagKind, CharmTagKind, StorageTagKind,
+		FilesystemTagKind, IPAddressTagKind, SpaceTagKind, SubnetTagKind,
+		PayloadTagKind, ModelTagKind, CloudTagKind:
+		return true
+	}
+	return false
+}
+
+func splitTag(tag string) (string, string, error) {
+	kind, err := TagKind(tag)
+	if err != nil {
+		return "", "", err
+	}
+	return kind, tag[len(kind)+1:], nil
+}
+
+// ParseTag parses a string representation into a Tag.
+func ParseTag(tag string) (Tag, error) {
+	kind, id, err := splitTag(tag)
+	if err != nil {
+		return nil, invalidTagError(tag, "")
+	}
+	switch kind {
+	case UnitTagKind:
+		id = unitTagSuffixToId(id)
+		if !IsValidUnit(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewUnitTag(id), nil
+	case MachineTagKind:
+		id = machineTagSuffixToId(id)
+		if !IsValidMachine(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewMachineTag(id), nil
+	case ApplicationTagKind:
+		if !IsValidApplication(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewApplicationTag(id), nil
+	case UserTagKind:
+		if !IsValidUser(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewUserTag(id), nil
+	case EnvironTagKind:
+		if !IsValidEnvironment(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewEnvironTag(id), nil
+	case ModelTagKind:
+		if !IsValidModel(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewModelTag(id), nil
+	case RelationTagKind:
+		id = relationTagSuffixToKey(id)
+		if !IsValidRelation(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewRelationTag(id), nil
+	case ActionTagKind:
+		if !IsValidAction(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewActionTag(id), nil
+	case VolumeTagKind:
+		id = volumeTagSuffixToId(id)
+		if !IsValidVolume(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewVolumeTag(id), nil
+	case CharmTagKind:
+		if !IsValidCharm(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewCharmTag(id), nil
+	case StorageTagKind:
+		id = storageTagSuffixToId(id)
+		if !IsValidStorage(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewStorageTag(id), nil
+	case FilesystemTagKind:
+		id = filesystemTagSuffixToId(id)
+		if !IsValidFilesystem(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewFilesystemTag(id), nil
+	case IPAddressTagKind:
+		uuid, err := utils.UUIDFromString(id)
+		if err != nil {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewIPAddressTag(uuid.String()), nil
+	case SubnetTagKind:
+		if !IsValidSubnet(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewSubnetTag(id), nil
+	case SpaceTagKind:
+		if !IsValidSpace(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewSpaceTag(id), nil
+	case PayloadTagKind:
+		if !isValidPayload(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewPayloadTag(id), nil
+	case CloudTagKind:
+		if !IsValidCloud(id) {
+			return nil, invalidTagError(tag, kind)
+		}
+		return NewCloudTag(id), nil
+	default:
+		return nil, invalidTagError(tag, "")
+	}
+}
+
+func invalidTagError(tag, kind string) error {
+	if kind != "" {
+		return fmt.Errorf("%q is not a valid %s tag", tag, kind)
+	}
+	return fmt.Errorf("%q is not a valid tag", tag)
+}
+
+// ReadableString returns a human-readable string from the tag passed in.
+// It currently supports unit and machine tags. Support for additional types
+// can be added in as needed.
+func ReadableString(tag Tag) string {
+	if tag == nil {
+		return ""
+	}
+
+	return tag.Kind() + " " + tag.Id()
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/tag_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/tag_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/tag_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/tag_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,298 @@
+// Copyright 2015 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type tagSuite struct{}
+
+var _ = gc.Suite(&tagSuite{})
+
+var tagKindTests = []struct {
+	tag  string
+	kind string
+	err  string
+}{
+	{tag: "unit-wordpress-42", kind: names.UnitTagKind},
+	{tag: "machine-42", kind: names.MachineTagKind},
+	{tag: "application-foo", kind: names.ApplicationTagKind},
+	{tag: "environment-42", kind: names.EnvironTagKind},
+	{tag: "model-42", kind: names.ModelTagKind},
+	{tag: "user-admin", kind: names.UserTagKind},
+	{tag: "relation-application1.rel1#other-svc.other-rel2", kind: names.RelationTagKind},
+	{tag: "relation-application.peerRelation", kind: names.RelationTagKind},
+	{tag: "foo", err: `"foo" is not a valid tag`},
+	{tag: "unit", err: `"unit" is not a valid tag`},
+	{tag: "network", err: `"network" is not a valid tag`},
+	{tag: "ab01cd23-0123-4edc-9a8b-fedcba987654", err: `"ab01cd23-0123-4edc-9a8b-fedcba987654" is not a valid tag`},
+	{tag: "action-ab01cd23-0123-4edc-9a8b-fedcba987654", kind: names.ActionTagKind},
+	{tag: "volume-0", kind: names.VolumeTagKind},
+	{tag: "storage-data-0", kind: names.StorageTagKind},
+	{tag: "filesystem-0", kind: names.FilesystemTagKind},
+	{tag: "ipaddress", err: `"ipaddress" is not a valid tag`},
+	{tag: "ipaddress-42424242-1111-2222-3333-0123456789ab", kind: names.IPAddressTagKind},
+	{tag: "subnet", err: `"subnet" is not a valid tag`},
+	{tag: "subnet-10.20.0.0/16", kind: names.SubnetTagKind},
+	{tag: "subnet-2001:db8::/32", kind: names.SubnetTagKind},
+	{tag: "space", err: `"space" is not a valid tag`},
+	{tag: "space-42", kind: names.SpaceTagKind},
+	{tag: "cloud", err: `"cloud" is not a valid tag`},
+	{tag: "cloud-aws", kind: names.CloudTagKind},
+}
+
+func (*tagSuite) TestTagKind(c *gc.C) {
+	for i, test := range tagKindTests {
+		c.Logf("test %d: %q -> %q", i, test.tag, test.kind)
+		kind, err := names.TagKind(test.tag)
+		if test.err == "" {
+			c.Assert(test.kind, gc.Equals, kind)
+			c.Assert(err, gc.IsNil)
+		} else {
+			c.Assert(kind, gc.Equals, "")
+			c.Assert(err, gc.ErrorMatches, test.err)
+		}
+	}
+}
+
+var parseTagTests = []struct {
+	tag        string
+	expectKind string
+	expectType interface{}
+	resultId   string
+	resultErr  string
+}{{
+	tag:        "machine-10",
+	expectKind: names.MachineTagKind,
+	expectType: names.MachineTag{},
+	resultId:   "10",
+}, {
+	tag:        "machine-10-lxc-1",
+	expectKind: names.MachineTagKind,
+	expectType: names.MachineTag{},
+	resultId:   "10/lxc/1",
+}, {
+	tag:        "machine-#",
+	expectKind: names.MachineTagKind,
+	expectType: names.MachineTag{},
+	resultErr:  `"machine-#" is not a valid machine tag`,
+}, {
+	tag:        "unit-wordpress-0",
+	expectKind: names.UnitTagKind,
+	expectType: names.UnitTag{},
+	resultId:   "wordpress/0",
+}, {
+	tag:        "unit-rabbitmq-server-0",
+	expectKind: names.UnitTagKind,
+	expectType: names.UnitTag{},
+	resultId:   "rabbitmq-server/0",
+}, {
+	tag:        "unit-#",
+	expectKind: names.UnitTagKind,
+	expectType: names.UnitTag{},
+	resultErr:  `"unit-#" is not a valid unit tag`,
+}, {
+	tag:        "application-wordpress",
+	expectKind: names.ApplicationTagKind,
+	expectType: names.ApplicationTag{},
+	resultId:   "wordpress",
+}, {
+	tag:        "application-#",
+	expectKind: names.ApplicationTagKind,
+	expectType: names.ApplicationTag{},
+	resultErr:  `"application-#" is not a valid application tag`,
+}, {
+	tag:        "environment-f47ac10b-58cc-4372-a567-0e02b2c3d479",
+	expectKind: names.EnvironTagKind,
+	expectType: names.EnvironTag{},
+	resultId:   "f47ac10b-58cc-4372-a567-0e02b2c3d479",
+}, {
+	tag:        "model-f47ac10b-58cc-4372-a567-0e02b2c3d479",
+	expectKind: names.ModelTagKind,
+	expectType: names.ModelTag{},
+	resultId:   "f47ac10b-58cc-4372-a567-0e02b2c3d479",
+}, {
+	tag:        "relation-my-svc1.myrel1#other-svc.other-rel2",
+	expectKind: names.RelationTagKind,
+	expectType: names.RelationTag{},
+	resultId:   "my-svc1:myrel1 other-svc:other-rel2",
+}, {
+	tag:        "relation-riak.ring",
+	expectKind: names.RelationTagKind,
+	expectType: names.RelationTag{},
+	resultId:   "riak:ring",
+}, {
+	tag:        "environment-/",
+	expectKind: names.EnvironTagKind,
+	expectType: names.EnvironTag{},
+	resultErr:  `"environment-/" is not a valid environment tag`,
+}, {
+	tag:        "model-/",
+	expectKind: names.ModelTagKind,
+	expectType: names.ModelTag{},
+	resultErr:  `"model-/" is not a valid model tag`,
+}, {
+	tag:        "user-foo",
+	expectKind: names.UserTagKind,
+	expectType: names.UserTag{},
+	resultId:   "foo",
+}, {
+	tag:        "user-foo@local",
+	expectKind: names.UserTagKind,
+	expectType: names.UserTag{},
+	resultId:   "foo@local",
+}, {
+	tag:        "user-/",
+	expectKind: names.UserTagKind,
+	expectType: names.UserTag{},
+	resultErr:  `"user-/" is not a valid user tag`,
+}, {
+	tag:        "action-00000000-abcd",
+	expectKind: names.ActionTagKind,
+	expectType: names.ActionTag{},
+	resultErr:  `"action-00000000-abcd" is not a valid action tag`,
+}, {
+	tag:        "action-00000033",
+	expectKind: names.ActionTagKind,
+	expectType: names.ActionTag{},
+	resultErr:  `"action-00000033" is not a valid action tag`,
+}, {
+	tag:        "action-abedaf33-3212-4fde-aeca-87356432deca",
+	expectKind: names.ActionTagKind,
+	expectType: names.ActionTag{},
+	resultId:   "abedaf33-3212-4fde-aeca-87356432deca",
+}, {
+	tag:        "volume-2",
+	expectKind: names.VolumeTagKind,
+	expectType: names.VolumeTag{},
+	resultId:   "2",
+}, {
+	tag:        "filesystem-3",
+	expectKind: names.FilesystemTagKind,
+	expectType: names.FilesystemTag{},
+	resultId:   "3",
+}, {
+	tag:        "storage-block-storage-0",
+	expectKind: names.StorageTagKind,
+	expectType: names.StorageTag{},
+	resultId:   "block-storage/0",
+}, {
+	tag:       "foo",
+	resultErr: `"foo" is not a valid tag`,
+}, {
+	tag:       "ipaddress-",
+	resultErr: `"ipaddress-" is not a valid ipaddress tag`,
+}, {
+	tag:        "ipaddress-42424242-1111-2222-3333-0123456789ab",
+	expectKind: names.IPAddressTagKind,
+	expectType: names.IPAddressTag{},
+	resultId:   "42424242-1111-2222-3333-0123456789ab",
+}, {
+	tag:       "subnet-",
+	resultErr: `"subnet-" is not a valid subnet tag`,
+}, {
+	tag:        "subnet-10.20.0.0/16",
+	expectKind: names.SubnetTagKind,
+	expectType: names.SubnetTag{},
+	resultId:   "10.20.0.0/16",
+}, {
+	tag:        "subnet-2001:db8::/32",
+	expectKind: names.SubnetTagKind,
+	expectType: names.SubnetTag{},
+	resultId:   "2001:db8::/32",
+}, {
+	tag:       "space-",
+	resultErr: `"space-" is not a valid space tag`,
+}, {
+	tag:        "space-myspace1",
+	expectKind: names.SpaceTagKind,
+	expectType: names.SpaceTag{},
+	resultId:   "myspace1",
+}}
+
+var makeTag = map[string]func(string) names.Tag{
+	names.MachineTagKind:     func(tag string) names.Tag { return names.NewMachineTag(tag) },
+	names.UnitTagKind:        func(tag string) names.Tag { return names.NewUnitTag(tag) },
+	names.ApplicationTagKind: func(tag string) names.Tag { return names.NewApplicationTag(tag) },
+	names.RelationTagKind:    func(tag string) names.Tag { return names.NewRelationTag(tag) },
+	names.EnvironTagKind:     func(tag string) names.Tag { return names.NewEnvironTag(tag) },
+	names.ModelTagKind:       func(tag string) names.Tag { return names.NewModelTag(tag) },
+	names.UserTagKind:        func(tag string) names.Tag { return names.NewUserTag(tag) },
+	names.ActionTagKind:      func(tag string) names.Tag { return names.NewActionTag(tag) },
+	names.VolumeTagKind:      func(tag string) names.Tag { return names.NewVolumeTag(tag) },
+	names.FilesystemTagKind:  func(tag string) names.Tag { return names.NewFilesystemTag(tag) },
+	names.StorageTagKind:     func(tag string) names.Tag { return names.NewStorageTag(tag) },
+	names.IPAddressTagKind:   func(tag string) names.Tag { return names.NewIPAddressTag(tag) },
+	names.SubnetTagKind:      func(tag string) names.Tag { return names.NewSubnetTag(tag) },
+	names.SpaceTagKind:       func(tag string) names.Tag { return names.NewSpaceTag(tag) },
+}
+
+func (*tagSuite) TestParseTag(c *gc.C) {
+	for i, test := range parseTagTests {
+		c.Logf("test %d: %q expectKind %q", i, test.tag, test.expectKind)
+		tag, err := names.ParseTag(test.tag)
+		if test.resultErr != "" {
+			c.Assert(err, gc.ErrorMatches, test.resultErr)
+			c.Assert(tag, gc.IsNil)
+
+			// If the tag has a valid kind which matches the
+			// expected kind, test that using an empty
+			// expectKind does not change the error message.
+			if tagKind, err := names.TagKind(test.tag); err == nil && tagKind == test.expectKind {
+				tag, err := names.ParseTag(test.tag)
+				c.Assert(err, gc.ErrorMatches, test.resultErr)
+				c.Assert(tag, gc.IsNil)
+			}
+		} else {
+			c.Assert(err, gc.IsNil)
+			kind, id := tag.Kind(), tag.Id()
+			c.Assert(err, gc.IsNil)
+			c.Assert(id, gc.Equals, test.resultId)
+			if test.expectKind != "" {
+				c.Assert(kind, gc.Equals, test.expectKind)
+			} else {
+				expectKind, err := names.TagKind(test.tag)
+				c.Assert(err, gc.IsNil)
+				c.Assert(kind, gc.Equals, expectKind) // will be removed in the next branch
+				c.Assert(tag, gc.FitsTypeOf, test.expectType)
+			}
+			// Check that it's reversible.
+			if f := makeTag[kind]; f != nil {
+				reversed := f(id).String()
+				c.Assert(reversed, gc.Equals, test.tag)
+			}
+			// Check that it parses ok without an expectKind.
+			tag, err := names.ParseTag(test.tag)
+			c.Assert(err, gc.IsNil)
+			c.Assert(tag, gc.FitsTypeOf, test.expectType)
+			c.Assert(tag.Kind(), gc.Equals, test.expectKind) // will be removed in the next branch
+			c.Assert(tag.Id(), gc.Equals, id)
+		}
+	}
+}
+
+func (*tagSuite) TestReadableString(c *gc.C) {
+	var readableStringTests = []struct {
+		tag    names.Tag
+		result string
+	}{{
+		tag:    nil,
+		result: "",
+	}, {
+		tag:    names.NewMachineTag("0"),
+		result: "machine 0",
+	}, {
+		tag:    names.NewUnitTag("wordpress/2"),
+		result: "unit wordpress/2",
+	}}
+
+	for i, test := range readableStringTests {
+		c.Logf("test %d: expected result %q", i, test.result)
+		resultStr := names.ReadableString(test.tag)
+		c.Assert(resultStr, gc.Equals, test.result)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/unit.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/unit.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/unit.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/unit.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,79 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+)
+
+const UnitTagKind = "unit"
+
+var validUnit = regexp.MustCompile("^(" + ApplicationSnippet + ")/" + NumberSnippet + "$")
+
+type UnitTag struct {
+	name string
+}
+
+func (t UnitTag) String() string { return t.Kind() + "-" + t.name }
+func (t UnitTag) Kind() string   { return UnitTagKind }
+func (t UnitTag) Id() string     { return unitTagSuffixToId(t.name) }
+
+// NewUnitTag returns the tag for the unit with the given name.
+// It will panic if the given unit name is not valid.
+func NewUnitTag(unitName string) UnitTag {
+	tag, ok := tagFromUnitName(unitName)
+	if !ok {
+		panic(fmt.Sprintf("%q is not a valid unit name", unitName))
+	}
+	return tag
+}
+
+// ParseUnitTag parses a unit tag string.
+func ParseUnitTag(unitTag string) (UnitTag, error) {
+	tag, err := ParseTag(unitTag)
+	if err != nil {
+		return UnitTag{}, err
+	}
+	ut, ok := tag.(UnitTag)
+	if !ok {
+		return UnitTag{}, invalidTagError(unitTag, UnitTagKind)
+	}
+	return ut, nil
+}
+
+// IsValidUnit returns whether name is a valid unit name.
+func IsValidUnit(name string) bool {
+	return validUnit.MatchString(name)
+}
+
+// UnitApplication returns the name of the application that the unit is
+// associated with. It returns an error if unitName is not a valid unit name.
+func UnitApplication(unitName string) (string, error) {
+	s := validUnit.FindStringSubmatch(unitName)
+	if s == nil {
+		return "", fmt.Errorf("%q is not a valid unit name", unitName)
+	}
+	return s[1], nil
+}
+
+func tagFromUnitName(unitName string) (UnitTag, bool) {
+	// Replace only the last "/" with "-".
+	i := strings.LastIndex(unitName, "/")
+	if i <= 0 || !IsValidUnit(unitName) {
+		return UnitTag{}, false
+	}
+	unitName = unitName[:i] + "-" + unitName[i+1:]
+	return UnitTag{name: unitName}, true
+}
+
+func unitTagSuffixToId(s string) string {
+	// Replace only the last "-" with "/", as it is valid for application
+	// names to contain hyphens.
+	if i := strings.LastIndex(s, "-"); i > 0 {
+		s = s[:i] + "/" + s[i+1:]
+	}
+	return s
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/unit_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/unit_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/unit_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/unit_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,104 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"fmt"
+
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type unitSuite struct{}
+
+var _ = gc.Suite(&unitSuite{})
+
+func (s *unitSuite) TestUnitTag(c *gc.C) {
+	c.Assert(names.NewUnitTag("wordpress/2").String(), gc.Equals, "unit-wordpress-2")
+}
+
+var unitNameTests = []struct {
+	pattern     string
+	valid       bool
+	application string
+}{
+	{pattern: "wordpress/42", valid: true, application: "wordpress"},
+	{pattern: "rabbitmq-server/123", valid: true, application: "rabbitmq-server"},
+	{pattern: "foo", valid: false},
+	{pattern: "foo/", valid: false},
+	{pattern: "bar/foo", valid: false},
+	{pattern: "20/20", valid: false},
+	{pattern: "foo-55", valid: false},
+	{pattern: "foo-bar/123", valid: true, application: "foo-bar"},
+	{pattern: "foo-bar/123/", valid: false},
+	{pattern: "foo-bar/123-not", valid: false},
+}
+
+func (s *unitSuite) TestUnitNameFormats(c *gc.C) {
+	for i, test := range unitNameTests {
+		c.Logf("test %d: %q", i, test.pattern)
+		c.Assert(names.IsValidUnit(test.pattern), gc.Equals, test.valid)
+	}
+}
+
+func (s *unitSuite) TestInvalidUnitTagFormats(c *gc.C) {
+	for i, test := range unitNameTests {
+		if !test.valid {
+			c.Logf("test %d: %q", i, test.pattern)
+			expect := fmt.Sprintf("%q is not a valid unit name", test.pattern)
+			testUnitTag := func() { names.NewUnitTag(test.pattern) }
+			c.Assert(testUnitTag, gc.PanicMatches, expect)
+		}
+	}
+}
+
+func (s *applicationSuite) TestUnitApplication(c *gc.C) {
+	for i, test := range unitNameTests {
+		c.Logf("test %d: %q", i, test.pattern)
+		if !test.valid {
+			expect := fmt.Sprintf("%q is not a valid unit name", test.pattern)
+			_, err := names.UnitApplication(test.pattern)
+			c.Assert(err, gc.ErrorMatches, expect)
+		} else {
+			result, err := names.UnitApplication(test.pattern)
+			c.Assert(err, gc.IsNil)
+			c.Assert(result, gc.Equals, test.application)
+		}
+	}
+}
+
+var parseUnitTagTests = []struct {
+	tag      string
+	expected names.Tag
+	err      error
+}{{
+	tag: "",
+	err: names.InvalidTagError("", ""),
+}, {
+	tag:      "unit-dave/0",
+	expected: names.NewUnitTag("dave/0"),
+}, {
+	tag: "dave",
+	err: names.InvalidTagError("dave", ""),
+}, {
+	tag: "unit-dave",
+	err: names.InvalidTagError("unit-dave", names.UnitTagKind), // not a valid unit name either
+}, {
+	tag: "application-dave",
+	err: names.InvalidTagError("application-dave", names.UnitTagKind),
+}}
+
+func (s *unitSuite) TestParseUnitTag(c *gc.C) {
+	for i, t := range parseUnitTagTests {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseUnitTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/user.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/user.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/user.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/user.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,137 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+)
+
+const (
+	UserTagKind     = "user"
+	LocalUserDomain = "local"
+)
+
+var (
+	// TODO this does not allow single character usernames or
+	// domains. Is that deliberate?
+	// https://github.com/juju/names/issues/54
+	validUserPart = "[a-zA-Z0-9][a-zA-Z0-9.+-]*[a-zA-Z0-9]"
+	validName     = regexp.MustCompile(fmt.Sprintf("^(?P<name>%s)(?:@(?P<domain>%s))?$", validUserPart, validUserPart))
+	validUserName = regexp.MustCompile("^" + validUserPart + "$")
+)
+
+// IsValidUser returns whether id is a valid user id.
+// Valid users may or may not be qualified with an
+// @domain suffix. Examples of valid users include
+// bob, bob@local, bob@somewhere-else, 0-a-f@123.
+func IsValidUser(id string) bool {
+	return validName.MatchString(id)
+}
+
+// IsValidUserName returns whether the given
+// name is a valid name part of a user. That is,
+// usernames with a domain suffix will return
+// false.
+func IsValidUserName(name string) bool {
+	return validUserName.MatchString(name)
+}
+
+// IsValidUserDomain returns whether the given user
+// domain is valid.
+func IsValidUserDomain(domain string) bool {
+	return validUserName.MatchString(domain)
+}
+
+// UserTag represents a user that may be stored locally
+// or associated with some external domain.
+type UserTag struct {
+	name   string
+	domain string
+}
+
+func (t UserTag) Kind() string   { return UserTagKind }
+func (t UserTag) String() string { return UserTagKind + "-" + t.Id() }
+
+// Id implements Tag.Id. It always returns the same id that it was
+// created with, so NewUserTag(x).Id() == x for all valid users x. This
+// means that local users might or might not have an @local domain in
+// their id.
+func (t UserTag) Id() string {
+	if t.domain == "" {
+		return t.name
+	}
+	return t.name + "@" + t.domain
+}
+
+// Name returns the name part of the user name
+// without its associated domain.
+func (t UserTag) Name() string { return t.name }
+
+// Canonical returns the user name and its domain in canonical form.
+// Specifically, user tags in the local domain will always return an
+// @local prefix, regardless of the id the user was created with. This
+// is the only difference from the Id method.
+func (t UserTag) Canonical() string {
+	return t.name + "@" + t.Domain()
+}
+
+// IsLocal returns true if the tag represents a local user.
+func (t UserTag) IsLocal() bool {
+	return t.Domain() == LocalUserDomain
+}
+
+// Domain returns the user domain. Users in the local database
+// are from the LocalDomain. Other users are considered 'remote' users.
+func (t UserTag) Domain() string {
+	if t.domain == "" {
+		return LocalUserDomain
+	}
+	return t.domain
+}
+
+// WithDomain returns a copy of the user tag with the
+// domain changed to the given argument.
+// The domain must satisfy IsValidUserDomain
+// or this function will panic.
+func (t UserTag) WithDomain(domain string) UserTag {
+	if !IsValidUserDomain(domain) {
+		panic(fmt.Sprintf("invalid user domain %q", domain))
+	}
+	return UserTag{
+		name:   t.name,
+		domain: domain,
+	}
+}
+
+// NewUserTag returns the tag for the user with the given name.
+// It panics if the user name does not satisfy IsValidUser.
+func NewUserTag(userName string) UserTag {
+	parts := validName.FindStringSubmatch(userName)
+	if len(parts) != 3 {
+		panic(fmt.Sprintf("invalid user tag %q", userName))
+	}
+	return UserTag{name: parts[1], domain: parts[2]}
+}
+
+// NewLocalUserTag returns the tag for a local user with the given name.
+func NewLocalUserTag(name string) UserTag {
+	if !IsValidUserName(name) {
+		panic(fmt.Sprintf("invalid user name %q", name))
+	}
+	return UserTag{name: name, domain: LocalUserDomain}
+}
+
+// ParseUserTag parses a user tag string.
+func ParseUserTag(tag string) (UserTag, error) {
+	t, err := ParseTag(tag)
+	if err != nil {
+		return UserTag{}, err
+	}
+	ut, ok := t.(UserTag)
+	if !ok {
+		return UserTag{}, invalidTagError(tag, UserTagKind)
+	}
+	return ut, nil
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/user_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/user_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/user_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/user_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,241 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"fmt"
+
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type userSuite struct{}
+
+var _ = gc.Suite(&userSuite{})
+
+func (s *userSuite) TestUserTag(c *gc.C) {
+	for i, t := range []struct {
+		input    string
+		string   string
+		name     string
+		domain   string
+		username string
+	}{
+		{
+			input:    "bob",
+			string:   "user-bob",
+			name:     "bob",
+			domain:   names.LocalUserDomain,
+			username: "bob@local",
+		}, {
+			input:    "bob@local",
+			string:   "user-bob@local",
+			name:     "bob",
+			domain:   names.LocalUserDomain,
+			username: "bob@local",
+		}, {
+			input:    "bob@foo",
+			string:   "user-bob@foo",
+			name:     "bob",
+			domain:   "foo",
+			username: "bob@foo",
+		},
+	} {
+		c.Logf("test %d: %s", i, t.input)
+		userTag := names.NewUserTag(t.input)
+		c.Check(userTag.String(), gc.Equals, t.string)
+		c.Check(userTag.Id(), gc.Equals, t.input)
+		c.Check(userTag.Name(), gc.Equals, t.name)
+		c.Check(userTag.Domain(), gc.Equals, t.domain)
+		c.Check(userTag.IsLocal(), gc.Equals, t.domain == names.LocalUserDomain)
+		c.Check(userTag.Canonical(), gc.Equals, t.username)
+	}
+}
+
+var withDomainTests = []struct {
+	id       string
+	domain   string
+	expectId string
+}{{
+	id:       "bob",
+	domain:   names.LocalUserDomain,
+	expectId: "bob@local",
+}, {
+	id:       "bob@local",
+	domain:   "foo",
+	expectId: "bob@foo",
+}, {
+	id:     "bob@local",
+	domain: "",
+}, {
+	id:       "bob@foo",
+	domain:   names.LocalUserDomain,
+	expectId: "bob@local",
+}, {
+	id:     "bob",
+	domain: "@foo",
+}}
+
+func (s *userSuite) TestWithDomain(c *gc.C) {
+	for i, test := range withDomainTests {
+		c.Logf("test %d: id %q; domain %q", i, test.id, test.domain)
+		tag := names.NewUserTag(test.id)
+		if test.expectId == "" {
+			c.Assert(func() {
+				tag.WithDomain(test.domain)
+			}, gc.PanicMatches, fmt.Sprintf("invalid user domain %q", test.domain))
+		} else {
+			c.Assert(tag.WithDomain(test.domain).Id(), gc.Equals, test.expectId)
+		}
+	}
+}
+
+func (s *userSuite) TestIsValidUser(c *gc.C) {
+	for i, t := range []struct {
+		string string
+		expect bool
+	}{
+		{"", false},
+		{"bob", true},
+		{"Bob", true},
+		{"bOB", true},
+		{"b^b", false},
+		{"bob1", true},
+		{"bob-1", true},
+		{"bob+1", true},
+		{"bob+", false},
+		{"+bob", false},
+		{"bob.1", true},
+		{"1bob", true},
+		{"1-bob", true},
+		{"1+bob", true},
+		{"1.bob", true},
+		{"jim.bob+99-1.", false},
+		{"a", false},
+		{"0foo", true},
+		{"foo bar", false},
+		{"bar{}", false},
+		{"bar+foo", true},
+		{"bar_foo", false},
+		{"bar!", false},
+		{"bar^", false},
+		{"bar*", false},
+		{"foo=bar", false},
+		{"foo?", false},
+		{"[bar]", false},
+		{"'foo'", false},
+		{"%bar", false},
+		{"&bar", false},
+		{"#1foo", false},
+		{"bar@ram.u", true},
+		{"bar@", false},
+		{"@local", false},
+		{"not/valid", false},
+	} {
+		c.Logf("test %d: %s", i, t.string)
+		c.Assert(names.IsValidUser(t.string), gc.Equals, t.expect, gc.Commentf("%s", t.string))
+	}
+}
+
+func (s *userSuite) TestIsValidUserNameOrDomain(c *gc.C) {
+	for i, t := range []struct {
+		string string
+		expect bool
+	}{
+		{"", false},
+		{"bob", true},
+		{"Bob", true},
+		{"bOB", true},
+		{"b^b", false},
+		{"bob1", true},
+		{"bob-1", true},
+		{"bob+1", true},
+		{"bob+", false},
+		{"+bob", false},
+		{"bob.1", true},
+		{"1bob", true},
+		{"1-bob", true},
+		{"1+bob", true},
+		{"1.bob", true},
+		{"jim.bob+99-1.", false},
+		{"a", false},
+		{"0foo", true},
+		{"foo bar", false},
+		{"bar{}", false},
+		{"bar+foo", true},
+		{"bar_foo", false},
+		{"bar!", false},
+		{"bar^", false},
+		{"bar*", false},
+		{"foo=bar", false},
+		{"foo?", false},
+		{"[bar]", false},
+		{"'foo'", false},
+		{"%bar", false},
+		{"&bar", false},
+		{"#1foo", false},
+		{"bar@ram.u", false},
+		{"bar@local", false},
+		{"bar@ubuntuone", false},
+		{"bar@", false},
+		{"@local", false},
+		{"not/valid", false},
+	} {
+		c.Logf("test %d: %s", i, t.string)
+		c.Assert(names.IsValidUserName(t.string), gc.Equals, t.expect, gc.Commentf("%s", t.string))
+		c.Assert(names.IsValidUserDomain(t.string), gc.Equals, t.expect, gc.Commentf("%s", t.string))
+	}
+}
+
+func (s *userSuite) TestParseUserTag(c *gc.C) {
+	for i, t := range []struct {
+		tag      string
+		expected names.Tag
+		err      error
+	}{{
+		tag: "",
+		err: names.InvalidTagError("", ""),
+	}, {
+		tag:      "user-dave",
+		expected: names.NewUserTag("dave"),
+	}, {
+		tag:      "user-dave@local",
+		expected: names.NewUserTag("dave@local"),
+	}, {
+		tag:      "user-dave@foobar",
+		expected: names.NewUserTag("dave@foobar"),
+	}, {
+		tag: "dave",
+		err: names.InvalidTagError("dave", ""),
+	}, {
+		tag: "unit-dave",
+		err: names.InvalidTagError("unit-dave", names.UnitTagKind), // not a valid unit name either
+	}, {
+		tag: "application-dave",
+		err: names.InvalidTagError("application-dave", names.UserTagKind),
+	}} {
+		c.Logf("test %d: %s", i, t.tag)
+		got, err := names.ParseUserTag(t.tag)
+		if err != nil || t.err != nil {
+			c.Check(err, gc.DeepEquals, t.err)
+			continue
+		}
+		c.Check(got, gc.FitsTypeOf, t.expected)
+		c.Check(got, gc.Equals, t.expected)
+	}
+}
+
+func (s *userSuite) TestNewLocalUserTag(c *gc.C) {
+	user := names.NewLocalUserTag("bob")
+	c.Assert(user.Canonical(), gc.Equals, "bob@local")
+	c.Assert(user.Name(), gc.Equals, "bob")
+	c.Assert(user.Domain(), gc.Equals, "local")
+	c.Assert(user.IsLocal(), gc.Equals, true)
+	c.Assert(user.String(), gc.Equals, "user-bob@local")
+
+	c.Assert(func() { names.NewLocalUserTag("bob@local") }, gc.PanicMatches, `invalid user name "bob@local"`)
+	c.Assert(func() { names.NewLocalUserTag("") }, gc.PanicMatches, `invalid user name ""`)
+	c.Assert(func() { names.NewLocalUserTag("!@#") }, gc.PanicMatches, `invalid user name "!@#"`)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/volume.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/volume.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/volume.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/volume.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,76 @@
+// Copyright 2014 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+)
+
+const VolumeTagKind = "volume"
+
+// Volumes may be bound to a machine, meaning that the volume cannot
+// exist without that machine. We encode this in the tag to allow
+var validVolume = regexp.MustCompile("^(" + MachineSnippet + "/)?" + NumberSnippet + "$")
+
+type VolumeTag struct {
+	id string
+}
+
+func (t VolumeTag) String() string { return t.Kind() + "-" + t.id }
+func (t VolumeTag) Kind() string   { return VolumeTagKind }
+func (t VolumeTag) Id() string     { return volumeTagSuffixToId(t.id) }
+
+// NewVolumeTag returns the tag for the volume with the given ID.
+// It will panic if the given volume ID is not valid.
+func NewVolumeTag(id string) VolumeTag {
+	tag, ok := tagFromVolumeId(id)
+	if !ok {
+		panic(fmt.Sprintf("%q is not a valid volume ID", id))
+	}
+	return tag
+}
+
+// ParseVolumeTag parses a volume tag string.
+func ParseVolumeTag(volumeTag string) (VolumeTag, error) {
+	tag, err := ParseTag(volumeTag)
+	if err != nil {
+		return VolumeTag{}, err
+	}
+	dt, ok := tag.(VolumeTag)
+	if !ok {
+		return VolumeTag{}, invalidTagError(volumeTag, VolumeTagKind)
+	}
+	return dt, nil
+}
+
+// IsValidVolume returns whether id is a valid volume ID.
+func IsValidVolume(id string) bool {
+	return validVolume.MatchString(id)
+}
+
+// VolumeMachine returns the machine component of the volume
+// tag, and a boolean indicating whether or not there is a
+// machine component.
+func VolumeMachine(tag VolumeTag) (MachineTag, bool) {
+	id := tag.Id()
+	pos := strings.LastIndex(id, "/")
+	if pos == -1 {
+		return MachineTag{}, false
+	}
+	return NewMachineTag(id[:pos]), true
+}
+
+func tagFromVolumeId(id string) (VolumeTag, bool) {
+	if !IsValidVolume(id) {
+		return VolumeTag{}, false
+	}
+	id = strings.Replace(id, "/", "-", -1)
+	return VolumeTag{id}, true
+}
+
+func volumeTagSuffixToId(s string) string {
+	return strings.Replace(s, "-", "/", -1)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/volume_test.go juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/volume_test.go
--- juju-core-2.0~beta7/src/gopkg.in/juju/names.v2/volume_test.go	1970-01-01 00:00:00.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/juju/names.v2/volume_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -0,0 +1,81 @@
+// Copyright 2013 Canonical Ltd.
+// Licensed under the LGPLv3, see LICENCE file for details.
+
+package names_test
+
+import (
+	"fmt"
+
+	gc "gopkg.in/check.v1"
+
+	"gopkg.in/juju/names.v2"
+)
+
+type volumeSuite struct{}
+
+var _ = gc.Suite(&volumeSuite{})
+
+func (s *volumeSuite) TestVolumeTag(c *gc.C) {
+	c.Assert(names.NewVolumeTag("1").String(), gc.Equals, "volume-1")
+}
+
+func (s *volumeSuite) TestVolumeNameValidity(c *gc.C) {
+	assertVolumeNameValid(c, "0")
+	assertVolumeNameValid(c, "0/lxc/0/0")
+	assertVolumeNameValid(c, "1000")
+	assertVolumeNameInvalid(c, "-1")
+	assertVolumeNameInvalid(c, "")
+	assertVolumeNameInvalid(c, "one")
+	assertVolumeNameInvalid(c, "#")
+	assertVolumeNameInvalid(c, "0/0/0") // 0/0 is not a valid machine ID
+}
+
+func (s *volumeSuite) TestParseVolumeTag(c *gc.C) {
+	assertParseVolumeTag(c, "volume-0", names.NewVolumeTag("0"))
+	assertParseVolumeTag(c, "volume-88", names.NewVolumeTag("88"))
+	assertParseVolumeTag(c, "volume-0-lxc-0-88", names.NewVolumeTag("0/lxc/0/88"))
+	assertParseVolumeTagInvalid(c, "", names.InvalidTagError("", ""))
+	assertParseVolumeTagInvalid(c, "one", names.InvalidTagError("one", ""))
+	assertParseVolumeTagInvalid(c, "volume-", names.InvalidTagError("volume-", names.VolumeTagKind))
+	assertParseVolumeTagInvalid(c, "machine-0", names.InvalidTagError("machine-0", names.VolumeTagKind))
+}
+
+func (s *volumeSuite) TestVolumeMachine(c *gc.C) {
+	assertVolumeMachine(c, "0/0", names.NewMachineTag("0"))
+	assertVolumeMachine(c, "0/lxc/0/0", names.NewMachineTag("0/lxc/0"))
+	assertVolumeNoMachine(c, "0")
+}
+
+func assertVolumeMachine(c *gc.C, id string, expect names.MachineTag) {
+	t, ok := names.VolumeMachine(names.NewVolumeTag(id))
+	c.Assert(ok, gc.Equals, true)
+	c.Assert(t, gc.Equals, expect)
+}
+
+func assertVolumeNoMachine(c *gc.C, id string) {
+	_, ok := names.VolumeMachine(names.NewVolumeTag(id))
+	c.Assert(ok, gc.Equals, false)
+}
+
+func assertVolumeNameValid(c *gc.C, name string) {
+	c.Assert(names.IsValidVolume(name), gc.Equals, true)
+	names.NewVolumeTag(name)
+}
+
+func assertVolumeNameInvalid(c *gc.C, name string) {
+	c.Assert(names.IsValidVolume(name), gc.Equals, false)
+	testVolumeTag := func() { names.NewVolumeTag(name) }
+	expect := fmt.Sprintf("%q is not a valid volume ID", name)
+	c.Assert(testVolumeTag, gc.PanicMatches, expect)
+}
+
+func assertParseVolumeTag(c *gc.C, tag string, expect names.VolumeTag) {
+	t, err := names.ParseVolumeTag(tag)
+	c.Assert(err, gc.IsNil)
+	c.Assert(t, gc.Equals, expect)
+}
+
+func assertParseVolumeTagInvalid(c *gc.C, tag string, expect error) {
+	_, err := names.ParseVolumeTag(tag)
+	c.Assert(err, gc.ErrorMatches, expect.Error())
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/mgostorage/storage_test.go juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/mgostorage/storage_test.go
--- juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/mgostorage/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/mgostorage/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -7,7 +7,6 @@
 	"github.com/juju/testing"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/macaroon.v1"
-	"gopkg.in/mgo.v2"
 
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
@@ -16,27 +15,20 @@
 
 type StorageSuite struct {
 	testing.MgoSuite
-	session *mgo.Session
-	store   bakery.Storage
+	store bakery.Storage
 }
 
 var _ = gc.Suite(&StorageSuite{})
 
 func (s *StorageSuite) SetUpTest(c *gc.C) {
 	s.MgoSuite.SetUpTest(c)
-	s.session = testing.MgoServer.MustDial()
 
-	store, err := mgostorage.New(s.session.DB("test").C("items"))
+	store, err := mgostorage.New(s.Session.DB("test").C("items"))
 	c.Assert(err, gc.IsNil)
 
 	s.store = store
 }
 
-func (s *StorageSuite) TearDownTest(c *gc.C) {
-	s.session.Close()
-	s.MgoSuite.TearDownTest(c)
-}
-
 func (s *StorageSuite) TestMgoStorage(c *gc.C) {
 	err := s.store.Put("foo", "bar")
 	c.Assert(err, gc.IsNil)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/service.go juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/service.go
--- juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/service.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/service.go	2016-07-18 19:45:44.000000000 +0000
@@ -10,6 +10,7 @@
 	"strings"
 
 	"github.com/juju/loggo"
+	"github.com/rogpeppe/fastuuid"
 	"gopkg.in/errgo.v1"
 	"gopkg.in/macaroon.v1"
 
@@ -18,11 +19,14 @@
 
 var logger = loggo.GetLogger("bakery")
 
+var uuidGen = fastuuid.MustNewGenerator()
+
 // Service represents a service which can use macaroons
 // to check authorization.
 type Service struct {
 	location string
 	store    storage
+	rkStore  RootKeyStorage
 	checker  FirstPartyChecker
 	encoder  *boxEncoder
 	key      *KeyPair
@@ -40,6 +44,12 @@
 	// an in-memory storage will be used.
 	Store Storage
 
+	// RootKeyStore is used to store macaroon root keys. If this
+	// is non-nil, it will be used in preference to Store and it
+	// will not be possible to specify non-empty macaroon ids and
+	// root keys when calling NewMacaroon.
+	RootKeyStore RootKeyStorage
+
 	// Key is the public key pair used by the service for
 	// third-party caveat encryption.
 	// It may be nil, in which case a new key pair
@@ -60,9 +70,13 @@
 	}
 	svc := &Service{
 		location: p.Location,
-		store:    storage{p.Store},
 		locator:  p.Locator,
 	}
+	if p.RootKeyStore != nil {
+		svc.rkStore = p.RootKeyStore
+	} else {
+		svc.store = storage{p.Store}
+	}
 
 	var err error
 	if p.Key == nil {
@@ -79,8 +93,29 @@
 	return svc, nil
 }
 
+// WithRootKeyStore returns a copy of service where macaroon creation and
+// lookup uses the given root key store to look up and create macaroon root
+// keys.
+//
+// When NewMacaroon is called on the returned Service,
+// it must always be called with an empty id and rootKey.
+func (svc *Service) WithRootKeyStore(store RootKeyStorage) *Service {
+	svc1 := *svc
+	svc1.rkStore = store
+	// Make sure the old store cannot be used.
+	svc1.store.store = nil
+	return &svc1
+}
+
 // Store returns the store used by the service.
+// If the service has a RootKeyStorage (there
+// was one specified in the parameters or the service
+// was created with WithRootKeyStorage), it
+// returns nil.
 func (svc *Service) Store() Storage {
+	if svc.rkStore != nil {
+		return nil
+	}
 	return svc.store.store
 }
 
@@ -108,7 +143,22 @@
 			Reason: fmt.Errorf("no macaroons in slice"),
 		}
 	}
-	item, err := svc.store.Get(ms[0].Id())
+	id := ms[0].Id()
+	if svc.rkStore != nil {
+		// We're using a RootKeyStore - hack off the
+		// uuid at the end of the id.
+		if i := strings.LastIndex(id, "-"); i >= 0 {
+			id = id[0:i]
+		}
+	}
+
+	var rootKey []byte
+	var err error
+	if svc.rkStore != nil {
+		rootKey, err = svc.rkStore.Get(id)
+	} else {
+		rootKey, err = svc.store.Get(id)
+	}
 	if err != nil {
 		if errgo.Cause(err) == ErrNotFound {
 			// If the macaroon was not found, it is probably
@@ -120,7 +170,7 @@
 		}
 		return errgo.Notef(err, "cannot get macaroon")
 	}
-	err = ms[0].Verify(item.RootKey, checker.CheckFirstPartyCaveat, ms[1:])
+	err = ms[0].Verify(rootKey, checker.CheckFirstPartyCaveat, ms[1:])
 	if err != nil {
 		return &VerificationError{
 			Reason: err,
@@ -190,38 +240,59 @@
 // TODO swap the first two arguments so that they're
 // in the same order as macaroon.New.
 func (svc *Service) NewMacaroon(id string, rootKey []byte, caveats []checkers.Caveat) (*macaroon.Macaroon, error) {
+	rootKey, id, err := svc.rootKey(rootKey, id)
+	if err != nil {
+		return nil, errgo.Mask(err)
+	}
+	m, err := macaroon.New(rootKey, id, svc.location)
+	if err != nil {
+		return nil, errgo.Notef(err, "cannot bake macaroon")
+	}
+	for _, cav := range caveats {
+		if err := svc.AddCaveat(m, cav); err != nil {
+			return nil, errgo.Notef(err, "cannot add caveat")
+		}
+	}
+	if svc.rkStore == nil {
+		if err := svc.store.Put(m.Id(), rootKey); err != nil {
+			return nil, errgo.Notef(err, "cannot save macaroon to store")
+		}
+	}
+	return m, nil
+}
+
+func (svc *Service) rootKey(rootKey []byte, id string) ([]byte, string, error) {
+	if svc.rkStore != nil {
+		if len(rootKey) > 0 || id != "" {
+			return nil, "", errgo.Newf("cannot choose root key or id when using RootKeyStore")
+		}
+		rootKey, id, err := svc.rkStore.RootKey()
+		if err != nil {
+			return nil, "", errgo.Mask(err)
+		}
+		// Add a UUID to the end of the id so that even
+		// though we may be re-using the same underlying
+		// id and root key, all minted macaroons will have
+		// unique ids.
+		uuid := uuidGen.Next()
+		id = fmt.Sprintf("%s-%x", id, uuid[0:16])
+		return rootKey, id, nil
+	}
 	if rootKey == nil {
 		newRootKey, err := randomBytes(24)
 		if err != nil {
-			return nil, fmt.Errorf("cannot generate root key for new macaroon: %v", err)
+			return nil, "", fmt.Errorf("cannot generate root key for new macaroon: %v", err)
 		}
 		rootKey = newRootKey
 	}
 	if id == "" {
 		idBytes, err := randomBytes(24)
 		if err != nil {
-			return nil, fmt.Errorf("cannot generate id for new macaroon: %v", err)
+			return nil, "", fmt.Errorf("cannot generate id for new macaroon: %v", err)
 		}
 		id = fmt.Sprintf("%x", idBytes)
 	}
-	m, err := macaroon.New(rootKey, id, svc.location)
-	if err != nil {
-		return nil, fmt.Errorf("cannot bake macaroon: %v", err)
-	}
-	for _, cav := range caveats {
-		if err := svc.AddCaveat(m, cav); err != nil {
-			return nil, errgo.Notef(err, "cannot add caveat")
-		}
-	}
-	// TODO look at the caveats for expiry time and associate
-	// that with the storage item so that the storage can
-	// garbage collect it at an appropriate time.
-	if err := svc.store.Put(m.Id(), &storageItem{
-		RootKey: rootKey,
-	}); err != nil {
-		return nil, fmt.Errorf("cannot save macaroon to store: %v", err)
-	}
-	return m, nil
+	return rootKey, id, nil
 }
 
 // LocalThirdPartyCaveat returns a third-party caveat that, when added
diff -Nru juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/service_test.go juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/service_test.go
--- juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/service_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/service_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -4,15 +4,18 @@
 	"encoding/json"
 	"fmt"
 
+	"github.com/juju/testing"
+	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 	"gopkg.in/macaroon.v1"
 
-	jc "github.com/juju/testing/checkers"
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
 )
 
-type ServiceSuite struct{}
+type ServiceSuite struct {
+	testing.CleanupSuite
+}
 
 var _ = gc.Suite(&ServiceSuite{})
 
@@ -425,6 +428,93 @@
 	}
 }
 
+func (s *ServiceSuite) TestNewMacaroonWithRootKeyStorage(c *gc.C) {
+	svc, err := bakery.NewService(bakery.NewServiceParams{
+		Location: "somewhere",
+	})
+	c.Assert(err, gc.IsNil)
+
+	store := bakery.NewMemRootKeyStorage()
+	key, id, err := store.RootKey()
+	c.Assert(err, gc.IsNil)
+
+	svc = svc.WithRootKeyStore(store)
+
+	m, err := svc.NewMacaroon("", nil, []checkers.Caveat{{
+		Location:  "",
+		Condition: "something",
+	}})
+	c.Assert(err, gc.IsNil)
+	c.Assert(m.Location(), gc.Equals, "somewhere")
+	id1 := m.Id()
+	c.Assert(id1, gc.Matches, id+"-[0-9a-f]{32}")
+
+	err = svc.Check(macaroon.Slice{m}, strcmpChecker("something"))
+	c.Assert(err, gc.IsNil)
+
+	// Check that it's really using the root key returned from
+	// the store.
+	err = m.Verify(key, func(string) error {
+		return nil
+	}, nil)
+	c.Assert(err, gc.IsNil)
+
+	// Create another one and check that it re-uses the
+	// same key but has a different id.
+	m, err = svc.NewMacaroon("", nil, []checkers.Caveat{{
+		Location:  "",
+		Condition: "something",
+	}})
+	c.Assert(err, gc.IsNil)
+	c.Assert(m.Location(), gc.Equals, "somewhere")
+	id2 := m.Id()
+	c.Assert(id2, gc.Matches, id+"-[0-9a-f]{32}")
+	c.Assert(id2, gc.Not(gc.Equals), id1)
+	err = m.Verify(key, func(string) error { return nil }, nil)
+	c.Assert(err, gc.IsNil)
+}
+
+func (s *ServiceSuite) TestNewMacaroonWithRootKeyStorageInParams(c *gc.C) {
+	store := bakery.NewMemRootKeyStorage()
+	_, id, err := store.RootKey()
+	c.Assert(err, gc.IsNil)
+
+	// Check that we can create a bakery with the root key store
+	// in its parameters too.
+	svc, err := bakery.NewService(bakery.NewServiceParams{
+		Location:     "elsewhere",
+		RootKeyStore: store,
+	})
+	c.Assert(err, gc.IsNil)
+
+	m, err := svc.NewMacaroon("", nil, nil)
+	c.Assert(err, gc.IsNil)
+	c.Assert(m.Id(), gc.Matches, id+"-[0-9a-f]{32}")
+
+	err = svc.Check(macaroon.Slice{m}, checkers.New())
+	c.Assert(err, gc.IsNil)
+}
+
+func (s *ServiceSuite) TestNewMacaroonWithExplicitIdAndRootKeyStorage(c *gc.C) {
+	store := bakery.NewMemRootKeyStorage()
+
+	// Check that we can create a bakery with the root key store
+	// in its parameters too.
+	svc, err := bakery.NewService(bakery.NewServiceParams{
+		Location:     "somewhere",
+		RootKeyStore: store,
+	})
+	c.Assert(err, gc.IsNil)
+
+	m, err := svc.NewMacaroon("someid", nil, nil)
+	c.Assert(err, gc.ErrorMatches, `cannot choose root key or id when using RootKeyStore`)
+	c.Assert(m, gc.IsNil)
+
+	m, err = svc.NewMacaroon("", []byte{1}, nil)
+	c.Assert(err, gc.ErrorMatches, `cannot choose root key or id when using RootKeyStore`)
+	c.Assert(m, gc.IsNil)
+}
+
 func newService(c *gc.C, location string, locator bakery.PublicKeyLocatorMap) *bakery.Service {
 	keyPair, err := bakery.GenerateKey()
 	c.Assert(err, gc.IsNil)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/storage.go juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/storage.go
--- juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/storage.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/storage.go	2016-07-18 19:45:44.000000000 +0000
@@ -9,6 +9,10 @@
 
 // Storage defines storage for macaroons.
 // Calling its methods concurrently is allowed.
+//
+// This type is the original storage interface supported
+// by the bakery and will eventually be deprecated
+// in favour of RootKeyStorage.
 type Storage interface {
 	// Put stores the item at the given location, overwriting
 	// any item that might already be there.
@@ -24,8 +28,68 @@
 	Del(location string) error
 }
 
+// RootKeyStorage defines defines storage for macaroon
+// root keys.
+type RootKeyStorage interface {
+	// Get returns the root key for the given id.
+	// If the item is not there, it returns ErrNotFound.
+	Get(id string) ([]byte, error)
+
+	// RootKey returns the root key to be used for making a new
+	// macaroon, and an id that can be used to look it up later with
+	// the Get method.
+	//
+	// Note that the root keys should remain available for as long
+	// as the macaroons using them are valid.
+	//
+	// Note that there is no need for it to return a new root key
+	// for every call - keys may be reused, although some key
+	// cycling is over time is advisable.
+	RootKey() (rootKey []byte, id string, err error)
+}
+
+// ErrNotFound is returned by Storage.Get implementations
+// to signal that an id has not been found.
 var ErrNotFound = errors.New("item not found")
 
+// NewMemRootKeyStorage returns an implementation of
+// RootKeyStorage that generates a single key and always
+// returns that from RootKey. The same id ("0") is always
+// used.
+func NewMemRootKeyStorage() RootKeyStorage {
+	return new(memRootKeyStorage)
+}
+
+type memRootKeyStorage struct {
+	mu  sync.Mutex
+	key []byte
+}
+
+// Get implements RootKeyStorage.Get.
+func (s *memRootKeyStorage) Get(id string) ([]byte, error) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if id != "0" || s.key == nil {
+		return nil, ErrNotFound
+	}
+	return s.key, nil
+}
+
+// RootKey implements RootKeyStorage.RootKey by
+//always returning the same root key.
+func (s *memRootKeyStorage) RootKey() (rootKey []byte, id string, err error) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if s.key == nil {
+		newKey, err := randomBytes(24)
+		if err != nil {
+			return nil, "", err
+		}
+		s.key = newKey
+	}
+	return s.key, "0", nil
+}
+
 // NewMemStorage returns an implementation of Storage
 // that stores all items in memory.
 func NewMemStorage() Storage {
@@ -70,13 +134,13 @@
 }
 
 // storage is a thin wrapper around Storage that
-// converts to and from StorageItems in its
+// converts to and from []byte root keys in its
 // Put and Get methods.
 type storage struct {
 	store Storage
 }
 
-func (s storage) Get(location string) (*storageItem, error) {
+func (s storage) Get(location string) ([]byte, error) {
 	itemStr, err := s.store.Get(location)
 	if err != nil {
 		return nil, err
@@ -85,10 +149,13 @@
 	if err := json.Unmarshal([]byte(itemStr), &item); err != nil {
 		return nil, fmt.Errorf("badly formatted item in store: %v", err)
 	}
-	return &item, nil
+	return item.RootKey, nil
 }
 
-func (s storage) Put(location string, item *storageItem) error {
+func (s storage) Put(location string, key []byte) error {
+	item := &storageItem{
+		RootKey: key,
+	}
 	data, err := json.Marshal(item)
 	if err != nil {
 		panic(fmt.Errorf("cannot marshal storage item: %v", err))
diff -Nru juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/storage_test.go juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/storage_test.go
--- juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakery/storage_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakery/storage_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,6 +3,7 @@
 import (
 	"fmt"
 
+	jc "github.com/juju/testing/checkers"
 	gc "gopkg.in/check.v1"
 
 	"gopkg.in/macaroon-bakery.v1/bakery"
@@ -60,3 +61,31 @@
 		<-done
 	}
 }
+
+func (*StorageSuite) TestMemRootKeyStorage(c *gc.C) {
+	store := bakery.NewMemRootKeyStorage()
+	key, err := store.Get("x")
+	c.Assert(err, gc.Equals, bakery.ErrNotFound)
+	c.Assert(key, gc.IsNil)
+
+	key, err = store.Get("0")
+	c.Assert(err, gc.Equals, bakery.ErrNotFound)
+	c.Assert(key, gc.IsNil)
+
+	key, id, err := store.RootKey()
+	c.Assert(err, gc.IsNil)
+	c.Assert(key, gc.HasLen, 24)
+	c.Assert(id, gc.Equals, "0")
+
+	key1, id1, err := store.RootKey()
+	c.Assert(err, gc.IsNil)
+	c.Assert(key1, jc.DeepEquals, key)
+	c.Assert(id1, gc.Equals, id)
+
+	key2, err := store.Get(id)
+	c.Assert(err, gc.IsNil)
+	c.Assert(key2, jc.DeepEquals, key)
+
+	_, err = store.Get("1")
+	c.Assert(err, gc.Equals, bakery.ErrNotFound)
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakerytest/bakerytest.go juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakerytest/bakerytest.go
--- juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/bakerytest/bakerytest.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/bakerytest/bakerytest.go	2016-07-18 19:45:44.000000000 +0000
@@ -12,6 +12,7 @@
 
 	"github.com/juju/httprequest"
 	"gopkg.in/errgo.v1"
+
 	"gopkg.in/macaroon-bakery.v1/bakery"
 	"gopkg.in/macaroon-bakery.v1/bakery/checkers"
 	"gopkg.in/macaroon-bakery.v1/httpbakery"
diff -Nru juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/dependencies.tsv juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/dependencies.tsv
--- juju-core-2.0~beta7/src/gopkg.in/macaroon-bakery.v1/dependencies.tsv	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/macaroon-bakery.v1/dependencies.tsv	2016-07-18 19:45:44.000000000 +0000
@@ -1,17 +1,17 @@
-github.com/juju/errors	git	4567a5e69fd3130ca0d89f69478e7ac025b67452	2015-03-27T19:24:31Z
-github.com/juju/httprequest	git	abb29cbb15079888950f7b9d73f77c4e4ac89042	2015-09-16T09:23:22Z
+github.com/juju/errors	git	1b5e39b83d1835fa480e0c2ddefb040ee82d58b3	2015-09-16T12:56:42Z
+github.com/juju/httprequest	git	796aaafaf712f666df58d31a482c51233038bf9f	2016-05-03T15:03:27Z
 github.com/juju/loggo	git	8477fc936adf0e382d680310047ca27e128a309a	2015-05-27T03:58:39Z
-github.com/juju/schema	git	afe1151cb49d1d7ed3c75592dfc6f38703f2e988	2015-08-07T07:58:08Z
-github.com/juju/testing	git	6e944d606b6efca96146fbda3e6a27f73313d867	2015-10-02T11:09:45Z
-github.com/juju/utils	git	c9d1b9e09eebb41c3bb2d762ea16f4d8abed6ce5	2015-09-02T22:36:51Z
+github.com/juju/schema	git	075de04f9b7d7580d60a1e12a0b3f50bb18e6998	2016-04-20T04:42:03Z
+github.com/juju/testing	git	b9cfe07211e464f16d78ca9304c503d636b8eefa	2016-05-19T00:49:35Z
+github.com/juju/utils	git	d5423ca3ec0b0cc8ccf093fab1365b1c9f93eb2d	2016-05-02T18:15:00Z
 github.com/juju/webbrowser	git	54b8c57083b4afb7dc75da7f13e2967b2606a507	2016-03-09T14:36:29Z
-github.com/julienschmidt/httprouter	git	109e267447e95ad1bb48b758e40dd7453eb7b039	2015-09-05T17:25:33Z
+github.com/julienschmidt/httprouter	git	77a895ad01ebc98a4dc95d8355bc825ce80a56f6	2015-10-13T22:55:20Z
+github.com/rogpeppe/fastuuid	git	6724a57986aff9bff1a1770e9347036def7c89f6	2015-01-06T09:32:20Z
 golang.org/x/crypto	git	aedad9a179ec1ea11b7064c57cbc6dc30d7724ec	2015-08-30T18:06:42Z
 golang.org/x/net	git	ea47fc708ee3e20177f3ca3716217c4ab75942cb	2015-08-29T23:03:18Z
-gopkg.in/check.v1	git	b3d3430320d4260e5fea99841af984b3badcea63	2015-06-26T10:50:28Z
-gopkg.in/errgo.v1	git	15098963088579c1cd9eb1a7da285831e548390b	2015-07-07T18:34:45Z
-gopkg.in/juju/environschema.v1	git	cfc85b8479122af20b9b5b5ac6a69d5248914e56	2015-10-09T10:58:43Z
+gopkg.in/check.v1	git	4f90aeace3a26ad7021961c297b22c42160c7b25	2016-01-05T16:49:36Z
+gopkg.in/errgo.v1	git	66cb46252b94c1f3d65646f54ee8043ab38d766c	2015-10-07T15:31:57Z
+gopkg.in/juju/environschema.v1	git	7359fc7857abe2b11b5b3e23811a9c64cb6b01e0	2015-11-04T11:58:10Z
 gopkg.in/macaroon.v1	git	ab3940c6c16510a850e1c2dd628b919f0f3f1464	2015-01-21T11:42:31Z
-gopkg.in/mgo.v2	git	f4923a569136442e900b8cf5c1a706c0a8b0883c	2015-08-21T15:31:23Z
-gopkg.in/yaml.v1	git	9f9df34309c04878acc86042b16630b0f696e1de	2014-09-24T16:16:07Z
-gopkg.in/yaml.v2	git	7ad95dd0798a40da1ccdff6dff35fd177b5edf40	2015-06-24T10:29:02Z
+gopkg.in/mgo.v2	git	4d04138ffef2791c479c0c8bbffc30b34081b8d9	2015-10-26T16:34:53Z
+gopkg.in/yaml.v2	git	a83829b6f1293c91addabc89d0571c246397bbf4	2016-03-01T20:40:22Z
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/bson.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/bson.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/bson.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/bson.go	2016-07-18 19:45:44.000000000 +0000
@@ -172,7 +172,7 @@
 func ObjectIdHex(s string) ObjectId {
 	d, err := hex.DecodeString(s)
 	if err != nil || len(d) != 12 {
-		panic(fmt.Sprintf("Invalid input to ObjectIdHex: %q", s))
+		panic(fmt.Sprintf("invalid input to ObjectIdHex: %q", s))
 	}
 	return ObjectId(d)
 }
@@ -201,7 +201,6 @@
 	return uint32((uint32(b[0]) << 0) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24))
 }
 
-
 // machineId stores machine id generated once and used in subsequent calls
 // to NewObjectId function.
 var machineId = readMachineId()
@@ -282,12 +281,35 @@
 		return nil
 	}
 	if len(data) != 26 || data[0] != '"' || data[25] != '"' {
-		return errors.New(fmt.Sprintf("Invalid ObjectId in JSON: %s", string(data)))
+		return errors.New(fmt.Sprintf("invalid ObjectId in JSON: %s", string(data)))
 	}
 	var buf [12]byte
 	_, err := hex.Decode(buf[:], data[1:25])
 	if err != nil {
-		return errors.New(fmt.Sprintf("Invalid ObjectId in JSON: %s (%s)", string(data), err))
+		return errors.New(fmt.Sprintf("invalid ObjectId in JSON: %s (%s)", string(data), err))
+	}
+	*id = ObjectId(string(buf[:]))
+	return nil
+}
+
+// MarshalText turns bson.ObjectId into an encoding.TextMarshaler.
+func (id ObjectId) MarshalText() ([]byte, error) {
+	return []byte(fmt.Sprintf("%x", string(id))), nil
+}
+
+// UnmarshalText turns *bson.ObjectId into an encoding.TextUnmarshaler.
+func (id *ObjectId) UnmarshalText(data []byte) error {
+	if len(data) == 1 && data[0] == ' ' || len(data) == 0 {
+		*id = ""
+		return nil
+	}
+	if len(data) != 24 {
+		return fmt.Errorf("invalid ObjectId: %s", data)
+	}
+	var buf [12]byte
+	_, err := hex.Decode(buf[:], data[:])
+	if err != nil {
+		return fmt.Errorf("invalid ObjectId: %s (%s)", data, err)
 	}
 	*id = ObjectId(string(buf[:]))
 	return nil
@@ -302,7 +324,7 @@
 // Calling this function with an invalid id will cause a runtime panic.
 func (id ObjectId) byteSlice(start, end int) []byte {
 	if len(id) != 12 {
-		panic(fmt.Sprintf("Invalid ObjectId: %q", string(id)))
+		panic(fmt.Sprintf("invalid ObjectId: %q", string(id)))
 	}
 	return []byte(string(id)[start:end])
 }
@@ -475,6 +497,7 @@
 
 // Unmarshal deserializes data from in into the out value.  The out value
 // must be a map, a pointer to a struct, or a pointer to a bson.D value.
+// In the case of struct values, only exported fields will be deserialized.
 // The lowercased field name is used as the key for each exported field,
 // but this behavior may be changed using the respective field tag.
 // The tag may also contain flags to tweak the marshalling behavior for
@@ -604,7 +627,7 @@
 	inlineMap := -1
 	for i := 0; i != n; i++ {
 		field := st.Field(i)
-		if field.PkgPath != "" {
+		if field.PkgPath != "" && !field.Anonymous {
 			continue // Private field
 		}
 
@@ -618,24 +641,6 @@
 			continue
 		}
 
-		// XXX Drop this after a few releases.
-		if s := strings.Index(tag, "/"); s >= 0 {
-			recommend := tag[:s]
-			for _, c := range tag[s+1:] {
-				switch c {
-				case 'c':
-					recommend += ",omitempty"
-				case 's':
-					recommend += ",minsize"
-				default:
-					msg := fmt.Sprintf("Unsupported flag %q in tag %q of type %s", string([]byte{uint8(c)}), tag, st)
-					panic(externalPanic(msg))
-				}
-			}
-			msg := fmt.Sprintf("Replace tag %q in field %s of type %s by %q", tag, field.Name, st, recommend)
-			panic(externalPanic(msg))
-		}
-
 		inline := false
 		fields := strings.Split(tag, ",")
 		if len(fields) > 1 {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/bson_test.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/bson_test.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/bson_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/bson_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -31,6 +31,7 @@
 	"encoding/binary"
 	"encoding/hex"
 	"encoding/json"
+	"encoding/xml"
 	"errors"
 	"net/url"
 	"reflect"
@@ -549,6 +550,10 @@
 	// Decode old binary without length. According to the spec, this shouldn't happen.
 	{bson.M{"_": []byte("old")},
 		"\x05_\x00\x03\x00\x00\x00\x02old"},
+
+	// Decode a doc within a doc in to a slice within a doc; shouldn't error
+	{&struct{ Foo []string }{},
+		"\x03\x66\x6f\x6f\x00\x05\x00\x00\x00\x00"},
 }
 
 func (s *S) TestUnmarshalOneWayItems(c *C) {
@@ -1048,6 +1053,13 @@
 type inlineBadKeyMap struct {
 	M map[int]int ",inline"
 }
+type inlineUnexported struct {
+	M          map[string]interface{} ",inline"
+	unexported         ",inline"
+}
+type unexported struct {
+	A int
+}
 
 type getterSetterD bson.D
 
@@ -1279,6 +1291,7 @@
 	{&inlineMapInt{A: 1, M: map[string]int{"b": 2}}, map[string]int{"a": 1, "b": 2}},
 	{&inlineMapInt{A: 1, M: nil}, map[string]int{"a": 1}},
 	{&inlineMapMyM{A: 1, M: MyM{"b": MyM{"c": 3}}}, map[string]interface{}{"a": 1, "b": map[string]interface{}{"c": 3}}},
+	{&inlineUnexported{M: map[string]interface{}{"b": 1}, unexported: unexported{A: 2}}, map[string]interface{}{"b": 1, "a": 2}},
 
 	// []byte <=> Binary
 	{&struct{ B []byte }{[]byte("abc")}, map[string]bson.Binary{"b": bson.Binary{Data: []byte("abc")}}},
@@ -1532,12 +1545,12 @@
 	unmarshal: true,
 }, {
 	json:      `{"Id":"4d88e15b60f486e428412dc9A"}`,
-	error:     `Invalid ObjectId in JSON: "4d88e15b60f486e428412dc9A"`,
+	error:     `invalid ObjectId in JSON: "4d88e15b60f486e428412dc9A"`,
 	marshal:   false,
 	unmarshal: true,
 }, {
 	json:      `{"Id":"4d88e15b60f486e428412dcZ"}`,
-	error:     `Invalid ObjectId in JSON: "4d88e15b60f486e428412dcZ" .*`,
+	error:     `invalid ObjectId in JSON: "4d88e15b60f486e428412dcZ" .*`,
 	marshal:   false,
 	unmarshal: true,
 }}
@@ -1622,6 +1635,123 @@
 		}
 	}
 }
+
+// --------------------------------------------------------------------------
+// ObjectId Text encoding.TextUnmarshaler.
+
+var textIdTests = []struct {
+	value     bson.ObjectId
+	text      string
+	marshal   bool
+	unmarshal bool
+	error     string
+}{{
+	value:     bson.ObjectIdHex("4d88e15b60f486e428412dc9"),
+	text:      "4d88e15b60f486e428412dc9",
+	marshal:   true,
+	unmarshal: true,
+}, {
+	text:      "",
+	marshal:   true,
+	unmarshal: true,
+}, {
+	text:      "4d88e15b60f486e428412dc9A",
+	marshal:   false,
+	unmarshal: true,
+	error:     `invalid ObjectId: 4d88e15b60f486e428412dc9A`,
+}, {
+	text:      "4d88e15b60f486e428412dcZ",
+	marshal:   false,
+	unmarshal: true,
+	error:     `invalid ObjectId: 4d88e15b60f486e428412dcZ .*`,
+}}
+
+func (s *S) TestObjectIdTextMarshaling(c *C) {
+	for _, test := range textIdTests {
+		if test.marshal {
+			data, err := test.value.MarshalText()
+			if test.error == "" {
+				c.Assert(err, IsNil)
+				c.Assert(string(data), Equals, test.text)
+			} else {
+				c.Assert(err, ErrorMatches, test.error)
+			}
+		}
+
+		if test.unmarshal {
+			err := test.value.UnmarshalText([]byte(test.text))
+			if test.error == "" {
+				c.Assert(err, IsNil)
+				if test.value != "" {
+					value := bson.ObjectIdHex(test.text)
+					c.Assert(value, DeepEquals, test.value)
+				}
+			} else {
+				c.Assert(err, ErrorMatches, test.error)
+			}
+		}
+	}
+}
+
+// --------------------------------------------------------------------------
+// ObjectId XML marshalling.
+
+type xmlType struct {
+	Id bson.ObjectId
+}
+
+var xmlIdTests = []struct {
+	value     xmlType
+	xml       string
+	marshal   bool
+	unmarshal bool
+	error     string
+}{{
+	value:     xmlType{Id: bson.ObjectIdHex("4d88e15b60f486e428412dc9")},
+	xml:       "<xmlType><Id>4d88e15b60f486e428412dc9</Id></xmlType>",
+	marshal:   true,
+	unmarshal: true,
+}, {
+	value:     xmlType{},
+	xml:       "<xmlType><Id></Id></xmlType>",
+	marshal:   true,
+	unmarshal: true,
+}, {
+	xml:       "<xmlType><Id>4d88e15b60f486e428412dc9A</Id></xmlType>",
+	marshal:   false,
+	unmarshal: true,
+	error:     `invalid ObjectId: 4d88e15b60f486e428412dc9A`,
+}, {
+	xml:       "<xmlType><Id>4d88e15b60f486e428412dcZ</Id></xmlType>",
+	marshal:   false,
+	unmarshal: true,
+	error:     `invalid ObjectId: 4d88e15b60f486e428412dcZ .*`,
+}}
+
+func (s *S) TestObjectIdXMLMarshaling(c *C) {
+	for _, test := range xmlIdTests {
+		if test.marshal {
+			data, err := xml.Marshal(&test.value)
+			if test.error == "" {
+				c.Assert(err, IsNil)
+				c.Assert(string(data), Equals, test.xml)
+			} else {
+				c.Assert(err, ErrorMatches, test.error)
+			}
+		}
+
+		if test.unmarshal {
+			var value xmlType
+			err := xml.Unmarshal([]byte(test.xml), &value)
+			if test.error == "" {
+				c.Assert(err, IsNil)
+				c.Assert(value, DeepEquals, test.value)
+			} else {
+				c.Assert(err, ErrorMatches, test.error)
+			}
+		}
+	}
+}
 
 // --------------------------------------------------------------------------
 // Some simple benchmarks.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/decode.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/decode.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/decode.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/decode.go	2016-07-18 19:45:44.000000000 +0000
@@ -460,6 +460,8 @@
 				out.Set(d.readDocElems(outt))
 			case typeRawDocElem:
 				out.Set(d.readRawDocElems(outt))
+			default:
+				d.readDocTo(blackHole)
 			}
 			return true
 		}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/encode.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/encode.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bson/encode.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bson/encode.go	2016-07-18 19:45:44.000000000 +0000
@@ -188,7 +188,7 @@
 			return v.Interface().(time.Time).IsZero()
 		}
 		for i := 0; i < v.NumField(); i++ {
-			if vt.Field(i).PkgPath != "" {
+			if vt.Field(i).PkgPath != "" && !vt.Field(i).Anonymous {
 				continue // Private field
 			}
 			if !isZero(v.Field(i)) {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bulk.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bulk.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bulk.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bulk.go	2016-07-18 19:45:44.000000000 +0000
@@ -2,6 +2,7 @@
 
 import (
 	"bytes"
+	"sort"
 
 	"gopkg.in/mgo.v2/bson"
 )
@@ -9,14 +10,22 @@
 // Bulk represents an operation that can be prepared with several
 // orthogonal changes before being delivered to the server.
 //
+// MongoDB servers older than version 2.6 do not have proper support for bulk
+// operations, so the driver attempts to map its API as much as possible into
+// the functionality that works. In particular, in those releases updates and
+// removals are sent individually, and inserts are sent in bulk but have
+// suboptimal error reporting compared to more recent versions of the server.
+// See the documentation of BulkErrorCase for details on that.
+//
 // Relevant documentation:
 //
 //   http://blog.mongodb.org/post/84922794768/mongodbs-new-bulk-api
 //
 type Bulk struct {
 	c       *Collection
-	ordered bool
+	opcount int
 	actions []bulkAction
+	ordered bool
 }
 
 type bulkOp int
@@ -25,22 +34,17 @@
 	bulkInsert bulkOp = iota + 1
 	bulkUpdate
 	bulkUpdateAll
+	bulkRemove
 )
 
 type bulkAction struct {
 	op   bulkOp
 	docs []interface{}
+	idxs []int
 }
 
 type bulkUpdateOp []interface{}
-
-// BulkError holds an error returned from running a Bulk operation.
-//
-// TODO: This is private for the moment, until we understand exactly how
-//       to report these multi-errors in a useful and convenient way.
-type bulkError struct {
-	errs []error
-}
+type bulkDeleteOp []interface{}
 
 // BulkResult holds the results for a bulk operation.
 type BulkResult struct {
@@ -53,25 +57,34 @@
 	private bool
 }
 
-func (e *bulkError) Error() string {
-	if len(e.errs) == 0 {
-		return "invalid bulkError instance: no errors"
-	}
-	if len(e.errs) == 1 {
-		return e.errs[0].Error()
-	}
-	msgs := make(map[string]bool)
-	for _, err := range e.errs {
-		msgs[err.Error()] = true
+// BulkError holds an error returned from running a Bulk operation.
+// Individual errors may be obtained and inspected via the Cases method.
+type BulkError struct {
+	ecases []BulkErrorCase
+}
+
+func (e *BulkError) Error() string {
+	if len(e.ecases) == 0 {
+		return "invalid BulkError instance: no errors"
+	}
+	if len(e.ecases) == 1 {
+		return e.ecases[0].Err.Error()
+	}
+	msgs := make([]string, 0, len(e.ecases))
+	seen := make(map[string]bool)
+	for _, ecase := range e.ecases {
+		msg := ecase.Err.Error()
+		if !seen[msg] {
+			seen[msg] = true
+			msgs = append(msgs, msg)
+		}
 	}
 	if len(msgs) == 1 {
-		for msg := range msgs {
-			return msg
-		}
+		return msgs[0]
 	}
 	var buf bytes.Buffer
 	buf.WriteString("multiple errors in bulk operation:\n")
-	for msg := range msgs {
+	for _, msg := range msgs {
 		buf.WriteString("  - ")
 		buf.WriteString(msg)
 		buf.WriteByte('\n')
@@ -79,10 +92,33 @@
 	return buf.String()
 }
 
-// Bulk returns a value to prepare the execution of a bulk operation.
+type bulkErrorCases []BulkErrorCase
+
+func (slice bulkErrorCases) Len() int           { return len(slice) }
+func (slice bulkErrorCases) Less(i, j int) bool { return slice[i].Index < slice[j].Index }
+func (slice bulkErrorCases) Swap(i, j int)      { slice[i], slice[j] = slice[j], slice[i] }
+
+// BulkErrorCase holds an individual error found while attempting a single change
+// within a bulk operation, and the position in which it was enqueued.
 //
-// WARNING: This API is still experimental.
+// MongoDB servers older than version 2.6 do not have proper support for bulk
+// operations, so the driver attempts to map its API as much as possible into
+// the functionality that works. In particular, only the last error is reported
+// for bulk inserts and without any positional information, so the Index
+// field is set to -1 in these cases.
+type BulkErrorCase struct {
+	Index int // Position of operation that failed, or -1 if unknown.
+	Err   error
+}
+
+// Cases returns all individual errors found while attempting the requested changes.
 //
+// See the documentation of BulkErrorCase for limitations in older MongoDB releases.
+func (e *BulkError) Cases() []BulkErrorCase {
+	return e.ecases
+}
+
+// Bulk returns a value to prepare the execution of a bulk operation.
 func (c *Collection) Bulk() *Bulk {
 	return &Bulk{c: c, ordered: true}
 }
@@ -96,27 +132,69 @@
 	b.ordered = false
 }
 
-func (b *Bulk) action(op bulkOp) *bulkAction {
+func (b *Bulk) action(op bulkOp, opcount int) *bulkAction {
+	var action *bulkAction
 	if len(b.actions) > 0 && b.actions[len(b.actions)-1].op == op {
-		return &b.actions[len(b.actions)-1]
-	}
-	if !b.ordered {
+		action = &b.actions[len(b.actions)-1]
+	} else if !b.ordered {
 		for i := range b.actions {
 			if b.actions[i].op == op {
-				return &b.actions[i]
+				action = &b.actions[i]
+				break
 			}
 		}
 	}
-	b.actions = append(b.actions, bulkAction{op: op})
-	return &b.actions[len(b.actions)-1]
+	if action == nil {
+		b.actions = append(b.actions, bulkAction{op: op})
+		action = &b.actions[len(b.actions)-1]
+	}
+	for i := 0; i < opcount; i++ {
+		action.idxs = append(action.idxs, b.opcount)
+		b.opcount++
+	}
+	return action
 }
 
 // Insert queues up the provided documents for insertion.
 func (b *Bulk) Insert(docs ...interface{}) {
-	action := b.action(bulkInsert)
+	action := b.action(bulkInsert, len(docs))
 	action.docs = append(action.docs, docs...)
 }
 
+// Remove queues up the provided selectors for removing matching documents.
+// Each selector will remove only a single matching document.
+func (b *Bulk) Remove(selectors ...interface{}) {
+	action := b.action(bulkRemove, len(selectors))
+	for _, selector := range selectors {
+		if selector == nil {
+			selector = bson.D{}
+		}
+		action.docs = append(action.docs, &deleteOp{
+			Collection: b.c.FullName,
+			Selector:   selector,
+			Flags:      1,
+			Limit:      1,
+		})
+	}
+}
+
+// RemoveAll queues up the provided selectors for removing all matching documents.
+// Each selector will remove all matching documents.
+func (b *Bulk) RemoveAll(selectors ...interface{}) {
+	action := b.action(bulkRemove, len(selectors))
+	for _, selector := range selectors {
+		if selector == nil {
+			selector = bson.D{}
+		}
+		action.docs = append(action.docs, &deleteOp{
+			Collection: b.c.FullName,
+			Selector:   selector,
+			Flags:      0,
+			Limit:      0,
+		})
+	}
+}
+
 // Update queues up the provided pairs of updating instructions.
 // The first element of each pair selects which documents must be
 // updated, and the second element defines how to update it.
@@ -125,7 +203,7 @@
 	if len(pairs)%2 != 0 {
 		panic("Bulk.Update requires an even number of parameters")
 	}
-	action := b.action(bulkUpdate)
+	action := b.action(bulkUpdate, len(pairs)/2)
 	for i := 0; i < len(pairs); i += 2 {
 		selector := pairs[i]
 		if selector == nil {
@@ -147,7 +225,7 @@
 	if len(pairs)%2 != 0 {
 		panic("Bulk.UpdateAll requires an even number of parameters")
 	}
-	action := b.action(bulkUpdate)
+	action := b.action(bulkUpdate, len(pairs)/2)
 	for i := 0; i < len(pairs); i += 2 {
 		selector := pairs[i]
 		if selector == nil {
@@ -171,7 +249,7 @@
 	if len(pairs)%2 != 0 {
 		panic("Bulk.Update requires an even number of parameters")
 	}
-	action := b.action(bulkUpdate)
+	action := b.action(bulkUpdate, len(pairs)/2)
 	for i := 0; i < len(pairs); i += 2 {
 		selector := pairs[i]
 		if selector == nil {
@@ -195,7 +273,7 @@
 // error only due to a limitation in the wire protocol.
 func (b *Bulk) Run() (*BulkResult, error) {
 	var result BulkResult
-	var berr bulkError
+	var berr BulkError
 	var failed bool
 	for i := range b.actions {
 		action := &b.actions[i]
@@ -205,6 +283,8 @@
 			ok = b.runInsert(action, &result, &berr)
 		case bulkUpdate:
 			ok = b.runUpdate(action, &result, &berr)
+		case bulkRemove:
+			ok = b.runRemove(action, &result, &berr)
 		default:
 			panic("unknown bulk operation")
 		}
@@ -216,42 +296,55 @@
 		}
 	}
 	if failed {
+		sort.Sort(bulkErrorCases(berr.ecases))
 		return nil, &berr
 	}
 	return &result, nil
 }
 
-func (b *Bulk) runInsert(action *bulkAction, result *BulkResult, berr *bulkError) bool {
+func (b *Bulk) runInsert(action *bulkAction, result *BulkResult, berr *BulkError) bool {
 	op := &insertOp{b.c.FullName, action.docs, 0}
 	if !b.ordered {
 		op.flags = 1 // ContinueOnError
 	}
 	lerr, err := b.c.writeOp(op, b.ordered)
-	return b.checkSuccess(berr, lerr, err)
+	return b.checkSuccess(action, berr, lerr, err)
 }
 
-func (b *Bulk) runUpdate(action *bulkAction, result *BulkResult, berr *bulkError) bool {
-	ok := true
-	for _, op := range action.docs {
-		lerr, err := b.c.writeOp(op, b.ordered)
-		if !b.checkSuccess(berr, lerr, err) {
-			ok = false
-			if b.ordered {
-				break
-			}
-		}
+func (b *Bulk) runUpdate(action *bulkAction, result *BulkResult, berr *BulkError) bool {
+	lerr, err := b.c.writeOp(bulkUpdateOp(action.docs), b.ordered)
+	if lerr != nil {
 		result.Matched += lerr.N
 		result.Modified += lerr.modified
 	}
-	return ok
+	return b.checkSuccess(action, berr, lerr, err)
 }
 
-func (b *Bulk) checkSuccess(berr *bulkError, lerr *LastError, err error) bool {
-	if lerr != nil && len(lerr.errors) > 0 {
-		berr.errs = append(berr.errs, lerr.errors...)
+func (b *Bulk) runRemove(action *bulkAction, result *BulkResult, berr *BulkError) bool {
+	lerr, err := b.c.writeOp(bulkDeleteOp(action.docs), b.ordered)
+	if lerr != nil {
+		result.Matched += lerr.N
+		result.Modified += lerr.modified
+	}
+	return b.checkSuccess(action, berr, lerr, err)
+}
+
+func (b *Bulk) checkSuccess(action *bulkAction, berr *BulkError, lerr *LastError, err error) bool {
+	if lerr != nil && len(lerr.ecases) > 0 {
+		for i := 0; i < len(lerr.ecases); i++ {
+			// Map back from the local error index into the visible one.
+			ecase := lerr.ecases[i]
+			idx := ecase.Index
+			if idx >= 0 {
+				idx = action.idxs[idx]
+			}
+			berr.ecases = append(berr.ecases, BulkErrorCase{idx, ecase.Err})
+		}
 		return false
 	} else if err != nil {
-		berr.errs = append(berr.errs, err)
+		for i := 0; i < len(action.idxs); i++ {
+			berr.ecases = append(berr.ecases, BulkErrorCase{action.idxs[i], err})
+		}
 		return false
 	}
 	return true
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bulk_test.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bulk_test.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/bulk_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/bulk_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -131,7 +131,7 @@
 	c.Assert(res.Id, Equals, 1500)
 }
 
-func (s *S) TestBulkError(c *C) {
+func (s *S) TestBulkErrorString(c *C) {
 	session, err := mgo.Dial("localhost:40001")
 	c.Assert(err, IsNil)
 	defer session.Close()
@@ -176,6 +176,118 @@
 	c.Assert(mgo.IsDup(err), Equals, false)
 }
 
+func (s *S) TestBulkErrorCases_2_6(c *C) {
+	if !s.versionAtLeast(2, 6) {
+		c.Skip("2.4- has poor bulk reporting")
+	}
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	coll := session.DB("mydb").C("mycoll")
+
+	bulk := coll.Bulk()
+	bulk.Unordered()
+
+	// There's a limit of 1000 operations per command, so
+	// this forces the more complex indexing logic to act.
+	for i := 0; i < 1010; i++ {
+		switch i {
+		case 3, 14:
+			bulk.Insert(M{"_id": "dupone"})
+		case 5, 106:
+			bulk.Update(M{"_id": i - 1}, M{"$set": M{"_id": 4}})
+		case 7, 1008:
+			bulk.Insert(M{"_id": "duptwo"})
+		default:
+			bulk.Insert(M{"_id": i})
+		}
+	}
+
+	_, err = bulk.Run()
+	ecases := err.(*mgo.BulkError).Cases()
+
+	c.Check(ecases[0].Err, ErrorMatches, ".*duplicate.*dupone.*")
+	c.Check(ecases[0].Index, Equals, 14)
+	c.Check(ecases[1].Err, ErrorMatches, ".*update.*_id.*")
+	c.Check(ecases[1].Index, Equals, 106)
+	c.Check(ecases[2].Err, ErrorMatches, ".*duplicate.*duptwo.*")
+	c.Check(ecases[2].Index, Equals, 1008)
+}
+
+func (s *S) TestBulkErrorCases_2_4(c *C) {
+	if s.versionAtLeast(2, 6) {
+		c.Skip("2.6+ has better reporting")
+	}
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	coll := session.DB("mydb").C("mycoll")
+
+	bulk := coll.Bulk()
+	bulk.Unordered()
+
+	// There's a limit of 1000 operations per command, so
+	// this forces the more complex indexing logic to act.
+	for i := 0; i < 1010; i++ {
+		switch i {
+		case 3, 14:
+			bulk.Insert(M{"_id": "dupone"})
+		case 5:
+			bulk.Update(M{"_id": i - 1}, M{"$set": M{"n": 4}})
+		case 106:
+			bulk.Update(M{"_id": i - 1}, M{"$bogus": M{"n": 4}})
+		case 7, 1008:
+			bulk.Insert(M{"_id": "duptwo"})
+		default:
+			bulk.Insert(M{"_id": i})
+		}
+	}
+
+	_, err = bulk.Run()
+	ecases := err.(*mgo.BulkError).Cases()
+
+	c.Check(ecases[0].Err, ErrorMatches, ".*duplicate.*duptwo.*")
+	c.Check(ecases[0].Index, Equals, -1)
+	c.Check(ecases[1].Err, ErrorMatches, `.*\$bogus.*`)
+	c.Check(ecases[1].Index, Equals, 106)
+}
+
+func (s *S) TestBulkErrorCasesOrdered(c *C) {
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	coll := session.DB("mydb").C("mycoll")
+
+	bulk := coll.Bulk()
+
+	// There's a limit of 1000 operations per command, so
+	// this forces the more complex indexing logic to act.
+	for i := 0; i < 20; i++ {
+		switch i {
+		case 3, 14:
+			bulk.Insert(M{"_id": "dupone"})
+		case 7, 17:
+			bulk.Insert(M{"_id": "duptwo"})
+		default:
+			bulk.Insert(M{"_id": i})
+		}
+	}
+
+	_, err = bulk.Run()
+	ecases := err.(*mgo.BulkError).Cases()
+
+	c.Check(ecases[0].Err, ErrorMatches, ".*duplicate.*dupone.*")
+	if s.versionAtLeast(2, 6) {
+		c.Check(ecases[0].Index, Equals, 14)
+	} else {
+		c.Check(ecases[0].Index, Equals, -1)
+	}
+	c.Check(ecases, HasLen, 1)
+}
+
 func (s *S) TestBulkUpdate(c *C) {
 	session, err := mgo.Dial("localhost:40001")
 	c.Assert(err, IsNil)
@@ -272,7 +384,7 @@
 
 	bulk := coll.Bulk()
 	bulk.UpdateAll(M{"n": 1}, M{"$set": M{"n": 10}})
-	bulk.UpdateAll(M{"n": 2}, M{"$set": M{"n": 2}})
+	bulk.UpdateAll(M{"n": 2}, M{"$set": M{"n": 2}})  // Won't change.
 	bulk.UpdateAll(M{"n": 5}, M{"$set": M{"n": 50}}) // Won't match.
 	bulk.UpdateAll(M{}, M{"$inc": M{"n": 1}}, M{"n": 11}, M{"$set": M{"n": 5}})
 	r, err := bulk.Run()
@@ -342,3 +454,51 @@
 	c.Assert(err, IsNil)
 	c.Assert(res, DeepEquals, []doc{{1}, {20}, {30}, {40}})
 }
+
+func (s *S) TestBulkRemove(c *C) {
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	coll := session.DB("mydb").C("mycoll")
+
+	err = coll.Insert(M{"n": 1}, M{"n": 2}, M{"n": 3}, M{"n": 4}, M{"n": 4})
+	c.Assert(err, IsNil)
+
+	bulk := coll.Bulk()
+	bulk.Remove(M{"n": 1})
+	bulk.Remove(M{"n": 2}, M{"n": 4})
+	r, err := bulk.Run()
+	c.Assert(err, IsNil)
+	c.Assert(r.Matched, Equals, 3)
+
+	type doc struct{ N int }
+	var res []doc
+	err = coll.Find(nil).Sort("n").All(&res)
+	c.Assert(err, IsNil)
+	c.Assert(res, DeepEquals, []doc{{3}, {4}})
+}
+
+func (s *S) TestBulkRemoveAll(c *C) {
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	coll := session.DB("mydb").C("mycoll")
+
+	err = coll.Insert(M{"n": 1}, M{"n": 2}, M{"n": 3}, M{"n": 4}, M{"n": 4})
+	c.Assert(err, IsNil)
+
+	bulk := coll.Bulk()
+	bulk.RemoveAll(M{"n": 1})
+	bulk.RemoveAll(M{"n": 2}, M{"n": 4})
+	r, err := bulk.Run()
+	c.Assert(err, IsNil)
+	c.Assert(r.Matched, Equals, 4)
+
+	type doc struct{ N int }
+	var res []doc
+	err = coll.Find(nil).Sort("n").All(&res)
+	c.Assert(err, IsNil)
+	c.Assert(res, DeepEquals, []doc{{3}})
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/cluster_test.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/cluster_test.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/cluster_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/cluster_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -877,9 +877,9 @@
 	defer session.Close()
 
 	stats := mgo.GetStats()
-	for stats.MasterConns+stats.SlaveConns != 3 {
+	for stats.SocketsAlive != 3 {
+		c.Logf("Waiting for all connections to be established (sockets alive currently %d)...", stats.SocketsAlive)
 		stats = mgo.GetStats()
-		c.Log("Waiting for all connections to be established...")
 		time.Sleep(5e8)
 	}
 
@@ -1240,25 +1240,42 @@
 	c.Assert(started.After(time.Now().Add(-time.Second)), Equals, true)
 }
 
-type OpCounters struct {
-	Insert  int
-	Query   int
-	Update  int
-	Delete  int
-	GetMore int
-	Command int
+func (s *S) countQueries(c *C, server string) (n int) {
+	defer func() { c.Logf("Queries for %q: %d", server, n) }()
+	session, err := mgo.Dial(server + "?connect=direct")
+	c.Assert(err, IsNil)
+	defer session.Close()
+	session.SetMode(mgo.Monotonic, true)
+	var result struct {
+		OpCounters struct {
+			Query int
+		}
+		Metrics struct {
+			Commands struct{ Find struct{ Total int } }
+		}
+	}
+	err = session.Run("serverStatus", &result)
+	c.Assert(err, IsNil)
+	if s.versionAtLeast(3, 2) {
+		return result.Metrics.Commands.Find.Total
+	}
+	return result.OpCounters.Query
 }
 
-func getOpCounters(server string) (c *OpCounters, err error) {
+func (s *S) countCommands(c *C, server, commandName string) (n int) {
+	defer func() { c.Logf("Queries for %q: %d", server, n) }()
 	session, err := mgo.Dial(server + "?connect=direct")
-	if err != nil {
-		return nil, err
-	}
+	c.Assert(err, IsNil)
 	defer session.Close()
 	session.SetMode(mgo.Monotonic, true)
-	result := struct{ OpCounters }{}
+	var result struct {
+		Metrics struct {
+			Commands map[string]struct{ Total int }
+		}
+	}
 	err = session.Run("serverStatus", &result)
-	return &result.OpCounters, err
+	c.Assert(err, IsNil)
+	return result.Metrics.Commands[commandName].Total
 }
 
 func (s *S) TestMonotonicSlaveOkFlagWithMongos(c *C) {
@@ -1277,48 +1294,70 @@
 	master := ssresult.Host
 	c.Assert(imresult.IsMaster, Equals, true, Commentf("%s is not the master", master))
 
-	// Collect op counters for everyone.
-	opc21a, err := getOpCounters("localhost:40021")
-	c.Assert(err, IsNil)
-	opc22a, err := getOpCounters("localhost:40022")
-	c.Assert(err, IsNil)
-	opc23a, err := getOpCounters("localhost:40023")
-	c.Assert(err, IsNil)
-
-	// Do a SlaveOk query through MongoS
+	// Ensure mongos is aware about the current topology.
+	s.Stop(":40201")
+	s.StartAll()
 
 	mongos, err := mgo.Dial("localhost:40202")
 	c.Assert(err, IsNil)
 	defer mongos.Close()
 
+	// Insert some data as otherwise 3.2+ doesn't seem to run the query at all.
+	err = mongos.DB("mydb").C("mycoll").Insert(bson.M{"n": 1})
+	c.Assert(err, IsNil)
+
+	// Wait until all servers see the data.
+	for _, addr := range []string{"localhost:40021", "localhost:40022", "localhost:40023"} {
+		session, err := mgo.Dial(addr + "?connect=direct")
+		c.Assert(err, IsNil)
+		defer session.Close()
+		session.SetMode(mgo.Monotonic, true)
+		for i := 300; i >= 0; i-- {
+			n, err := session.DB("mydb").C("mycoll").Find(nil).Count()
+			c.Assert(err, IsNil)
+			if n == 1 {
+				break
+			}
+			if i == 0 {
+				c.Fatalf("Inserted data never reached " + addr)
+			}
+			time.Sleep(100 * time.Millisecond)
+		}
+	}
+
+	// Collect op counters for everyone.
+	q21a := s.countQueries(c, "localhost:40021")
+	q22a := s.countQueries(c, "localhost:40022")
+	q23a := s.countQueries(c, "localhost:40023")
+
+	// Do a SlaveOk query through MongoS
+
 	mongos.SetMode(mgo.Monotonic, true)
 
 	coll := mongos.DB("mydb").C("mycoll")
-	result := &struct{}{}
+	var result struct{ N int }
 	for i := 0; i != 5; i++ {
-		err := coll.Find(nil).One(result)
-		c.Assert(err, Equals, mgo.ErrNotFound)
+		err = coll.Find(nil).One(&result)
+		c.Assert(err, IsNil)
+		c.Assert(result.N, Equals, 1)
 	}
 
 	// Collect op counters for everyone again.
-	opc21b, err := getOpCounters("localhost:40021")
-	c.Assert(err, IsNil)
-	opc22b, err := getOpCounters("localhost:40022")
-	c.Assert(err, IsNil)
-	opc23b, err := getOpCounters("localhost:40023")
-	c.Assert(err, IsNil)
+	q21b := s.countQueries(c, "localhost:40021")
+	q22b := s.countQueries(c, "localhost:40022")
+	q23b := s.countQueries(c, "localhost:40023")
 
 	var masterDelta, slaveDelta int
 	switch hostPort(master) {
 	case "40021":
-		masterDelta = opc21b.Query - opc21a.Query
-		slaveDelta = (opc22b.Query - opc22a.Query) + (opc23b.Query - opc23a.Query)
+		masterDelta = q21b - q21a
+		slaveDelta = (q22b - q22a) + (q23b - q23a)
 	case "40022":
-		masterDelta = opc22b.Query - opc22a.Query
-		slaveDelta = (opc21b.Query - opc21a.Query) + (opc23b.Query - opc23a.Query)
+		masterDelta = q22b - q22a
+		slaveDelta = (q21b - q21a) + (q23b - q23a)
 	case "40023":
-		masterDelta = opc23b.Query - opc23a.Query
-		slaveDelta = (opc21b.Query - opc21a.Query) + (opc22b.Query - opc22a.Query)
+		masterDelta = q23b - q23a
+		slaveDelta = (q21b - q21a) + (q22b - q22a)
 	default:
 		c.Fatal("Uh?")
 	}
@@ -1455,12 +1494,11 @@
 	defer session.Close()
 
 	stats := mgo.GetStats()
-	for stats.MasterConns+stats.SlaveConns != 3 {
+	for stats.SocketsAlive != 3 {
+		c.Logf("Waiting for all connections to be established (sockets alive currently %d)...", stats.SocketsAlive)
 		stats = mgo.GetStats()
-		c.Log("Waiting for all connections to be established...")
-		time.Sleep(500 * time.Millisecond)
+		time.Sleep(5e8)
 	}
-	c.Assert(stats.SocketsAlive, Equals, 3)
 
 	const poolLimit = 64
 	session.SetPoolLimit(poolLimit)
@@ -1857,12 +1895,9 @@
 	}
 
 	// Collect op counters for everyone.
-	opc21a, err := getOpCounters("localhost:40021")
-	c.Assert(err, IsNil)
-	opc22a, err := getOpCounters("localhost:40022")
-	c.Assert(err, IsNil)
-	opc23a, err := getOpCounters("localhost:40023")
-	c.Assert(err, IsNil)
+	q21a := s.countQueries(c, "localhost:40021")
+	q22a := s.countQueries(c, "localhost:40022")
+	q23a := s.countQueries(c, "localhost:40023")
 
 	// Do a SlaveOk query through MongoS
 	mongos, err := mgo.Dial("localhost:40202")
@@ -1889,27 +1924,55 @@
 	}
 
 	// Collect op counters for everyone again.
-	opc21b, err := getOpCounters("localhost:40021")
-	c.Assert(err, IsNil)
-	opc22b, err := getOpCounters("localhost:40022")
-	c.Assert(err, IsNil)
-	opc23b, err := getOpCounters("localhost:40023")
-	c.Assert(err, IsNil)
+	q21b := s.countQueries(c, "localhost:40021")
+	q22b := s.countQueries(c, "localhost:40022")
+	q23b := s.countQueries(c, "localhost:40023")
 
 	switch hostPort(master) {
 	case "40021":
-		c.Check(opc21b.Query-opc21a.Query, Equals, 0)
-		c.Check(opc22b.Query-opc22a.Query, Equals, 5)
-		c.Check(opc23b.Query-opc23a.Query, Equals, 7)
+		c.Check(q21b-q21a, Equals, 0)
+		c.Check(q22b-q22a, Equals, 5)
+		c.Check(q23b-q23a, Equals, 7)
 	case "40022":
-		c.Check(opc21b.Query-opc21a.Query, Equals, 5)
-		c.Check(opc22b.Query-opc22a.Query, Equals, 0)
-		c.Check(opc23b.Query-opc23a.Query, Equals, 7)
+		c.Check(q21b-q21a, Equals, 5)
+		c.Check(q22b-q22a, Equals, 0)
+		c.Check(q23b-q23a, Equals, 7)
 	case "40023":
-		c.Check(opc21b.Query-opc21a.Query, Equals, 5)
-		c.Check(opc22b.Query-opc22a.Query, Equals, 7)
-		c.Check(opc23b.Query-opc23a.Query, Equals, 0)
+		c.Check(q21b-q21a, Equals, 5)
+		c.Check(q22b-q22a, Equals, 7)
+		c.Check(q23b-q23a, Equals, 0)
 	default:
 		c.Fatal("Uh?")
 	}
 }
+
+func (s *S) TestDoNotFallbackToMonotonic(c *C) {
+	// There was a bug at some point that some functions were
+	// falling back to Monotonic mode. This test ensures all listIndexes
+	// commands go to the primary, as should happen since the session is
+	// in Strong mode.
+	if !s.versionAtLeast(3, 0) {
+		c.Skip("command-counting logic depends on 3.0+")
+	}
+
+	session, err := mgo.Dial("localhost:40012")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	for i := 0; i < 15; i++ {
+		q11a := s.countCommands(c, "localhost:40011", "listIndexes")
+		q12a := s.countCommands(c, "localhost:40012", "listIndexes")
+		q13a := s.countCommands(c, "localhost:40013", "listIndexes")
+
+		_, err := session.DB("local").C("system.indexes").Indexes()
+		c.Assert(err, IsNil)
+
+		q11b := s.countCommands(c, "localhost:40011", "listIndexes")
+		q12b := s.countCommands(c, "localhost:40012", "listIndexes")
+		q13b := s.countCommands(c, "localhost:40013", "listIndexes")
+
+		c.Assert(q11b, Equals, q11a+1)
+		c.Assert(q12b, Equals, q12a)
+		c.Assert(q13b, Equals, q13a)
+	}
+}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/dbtest/dbserver.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/dbtest/dbserver.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/dbtest/dbserver.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/dbtest/dbserver.go	2016-07-18 19:45:44.000000000 +0000
@@ -111,7 +111,7 @@
 	}
 	if dbs.server != nil {
 		dbs.tomb.Kill(nil)
-		dbs.server.Process.Kill()
+		dbs.server.Process.Signal(os.Interrupt)
 		select {
 		case <-dbs.tomb.Dead():
 		case <-time.After(5 * time.Second):
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/gridfs.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/gridfs.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/gridfs.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/gridfs.go	2016-07-18 19:45:44.000000000 +0000
@@ -528,11 +528,17 @@
 		}
 		file.doc.MD5 = hexsum
 		file.err = file.gfs.Files.Insert(file.doc)
-		file.gfs.Chunks.EnsureIndexKey("files_id", "n")
 	}
 	if file.err != nil {
 		file.gfs.Chunks.RemoveAll(bson.D{{"files_id", file.doc.Id}})
 	}
+	if file.err == nil {
+		index := Index{
+			Key:    []string{"files_id", "n"},
+			Unique: true,
+		}
+		file.err = file.gfs.Chunks.EnsureIndex(index)
+	}
 }
 
 // Abort cancels an in-progress write, preventing the file from being
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/server.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/server.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/server.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/server.go	2016-07-18 19:45:44.000000000 +0000
@@ -162,6 +162,11 @@
 		// Cannot do this because it lacks timeout support. :-(
 		//conn, err = net.DialTCP("tcp", nil, server.tcpaddr)
 		conn, err = net.DialTimeout("tcp", server.ResolvedAddr, timeout)
+		if tcpconn, ok := conn.(*net.TCPConn); ok {
+			tcpconn.SetKeepAlive(true)
+		} else if err == nil {
+			panic("internal error: obtained TCP connection is not a *net.TCPConn!?")
+		}
 	case dial.old != nil:
 		conn, err = dial.old(server.tcpaddr)
 	case dial.new != nil:
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/session.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/session.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/session.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/session.go	2016-07-18 19:45:44.000000000 +0000
@@ -63,6 +63,8 @@
 	Strong    Mode = 2 // Same as Primary.
 )
 
+// mgo.v3: Drop Strong mode, suffix all modes with "Mode".
+
 // When changing the Session type, check if newSession and copySession
 // need to be updated too.
 
@@ -73,21 +75,22 @@
 // multiple goroutines will cause them to share the same underlying socket.
 // See the documentation on Session.SetMode for more details.
 type Session struct {
-	m            sync.RWMutex
-	cluster_     *mongoCluster
-	slaveSocket  *mongoSocket
-	masterSocket *mongoSocket
-	slaveOk      bool
-	consistency  Mode
-	queryConfig  query
-	safeOp       *queryOp
-	syncTimeout  time.Duration
-	sockTimeout  time.Duration
-	defaultdb    string
-	sourcedb     string
-	dialCred     *Credential
-	creds        []Credential
-	poolLimit    int
+	m                sync.RWMutex
+	cluster_         *mongoCluster
+	slaveSocket      *mongoSocket
+	masterSocket     *mongoSocket
+	slaveOk          bool
+	consistency      Mode
+	queryConfig      query
+	safeOp           *queryOp
+	syncTimeout      time.Duration
+	sockTimeout      time.Duration
+	defaultdb        string
+	sourcedb         string
+	dialCred         *Credential
+	creds            []Credential
+	poolLimit        int
+	bypassValidation bool
 }
 
 type Database struct {
@@ -135,6 +138,7 @@
 	docsBeforeMore int
 	timeout        time.Duration
 	timedout       bool
+	findCmd        bool
 }
 
 var (
@@ -142,7 +146,10 @@
 	ErrCursor   = errors.New("invalid cursor")
 )
 
-const defaultPrefetch = 0.25
+const (
+	defaultPrefetch  = 0.25
+	maxUpsertRetries = 5
+)
 
 // Dial establishes a new session to the cluster identified by the given seed
 // server(s). The session will enable communication with all of the servers in
@@ -191,6 +198,19 @@
 //         must be relaxed to Monotonic or Eventual via SetMode.
 //
 //
+//     connect=replicaSet
+//
+//  	   Discover replica sets automatically. Default connection behavior.
+//
+//
+//     replicaSet=<setname>
+//
+//         If specified will prevent the obtained session from communicating
+//         with any server which is not part of a replica set with the given name.
+//         The default is to communicate with any server specified or discovered
+//         via the servers contacted.
+//
+//
 //     authSource=<db>
 //
 //         Informs the database used to establish credentials and privileges
@@ -209,6 +229,7 @@
 //        Defines the service name to use when authenticating with the GSSAPI
 //        mechanism. Defaults to "mongodb".
 //
+//
 //     maxPoolSize=<limit>
 //
 //        Defines the per-server socket pool limit. Defaults to 4096.
@@ -315,7 +336,7 @@
 	// Timeout is the amount of time to wait for a server to respond when
 	// first connecting and on follow up operations in the session. If
 	// timeout is zero, the call may block forever waiting for a connection
-	// to be established.
+	// to be established. Timeout does not affect logic in DialServer.
 	Timeout time.Duration
 
 	// FailFast will cause connection and query attempts to fail faster when
@@ -326,7 +347,7 @@
 	FailFast bool
 
 	// Database is the default database name used when the Session.DB method
-	// is called with an empty name, and is also used during the intial
+	// is called with an empty name, and is also used during the initial
 	// authentication if Source is unset.
 	Database string
 
@@ -1031,6 +1052,7 @@
 }
 
 // mgo.v3: Drop Minf and Maxf and transform Min and Max to floats.
+// mgo.v3: Drop DropDups as it's unsupported past 2.8.
 
 type indexKeyInfo struct {
 	name    string
@@ -1350,6 +1372,17 @@
 	return nil
 }
 
+// nonEventual returns a clone of session and ensures it is not Eventual.
+// This guarantees that the server that is used for queries may be reused
+// afterwards when a cursor is received.
+func (session *Session) nonEventual() *Session {
+	cloned := session.Clone()
+	if cloned.consistency == Eventual {
+		cloned.SetMode(Monotonic, false)
+	}
+	return cloned
+}
+
 // Indexes returns a list of all indexes for the collection.
 //
 // For example, this snippet would drop all available indexes:
@@ -1367,12 +1400,7 @@
 //
 // See the EnsureIndex method for more details on indexes.
 func (c *Collection) Indexes() (indexes []Index, err error) {
-	// Clone session and set it to Monotonic mode so that the server
-	// used for the query may be safely obtained afterwards, if
-	// necessary for iteration when a cursor is received.
-	session := c.Database.Session
-	cloned := session.Clone()
-	cloned.SetMode(Monotonic, false)
+	cloned := c.Database.Session.nonEventual()
 	defer cloned.Close()
 
 	batchSize := int(cloned.queryConfig.op.limit)
@@ -1380,12 +1408,7 @@
 	// Try with a command.
 	var result struct {
 		Indexes []bson.Raw
-
-		Cursor struct {
-			FirstBatch []bson.Raw "firstBatch"
-			NS         string
-			Id         int64
-		}
+		Cursor  cursorData
 	}
 	var iter *Iter
 	err = c.Database.With(cloned).Run(bson.D{{"listIndexes", c.Name}, {"cursor", bson.D{{"batchSize", batchSize}}}}, &result)
@@ -1675,6 +1698,24 @@
 	s.m.Unlock()
 }
 
+// SetBypassValidation sets whether the server should bypass the registered
+// validation expressions executed when documents are inserted or modified,
+// in the interest of preserving invariants in the collection being modified.
+// The default is to not bypass, and thus to perform the validation
+// expressions registered for modified collections.
+//
+// Document validation was introuced in MongoDB 3.2.
+//
+// Relevant documentation:
+//
+//   https://docs.mongodb.org/manual/release-notes/3.2/#bypass-validation
+//
+func (s *Session) SetBypassValidation(bypass bool) {
+	s.m.Lock()
+	s.bypassValidation = bypass
+	s.m.Unlock()
+}
+
 // SetBatch sets the default batch size used when fetching documents from the
 // database. It's possible to change this setting on a per-query basis as
 // well, using the Query.Batch method.
@@ -1716,8 +1757,8 @@
 	W        int    // Min # of servers to ack before success
 	WMode    string // Write mode for MongoDB 2.0+ (e.g. "majority")
 	WTimeout int    // Milliseconds to wait for W before timing out
-	FSync    bool   // Should servers sync to disk before returning success
-	J        bool   // Wait for next group commit if journaling; no effect otherwise
+	FSync    bool   // Sync via the journal if present, or via data files sync otherwise
+	J        bool   // Sync via the journal if present
 }
 
 // Safe returns the current safety mode for the session.
@@ -1761,10 +1802,18 @@
 // the links below for more details (note that MongoDB internally reuses the
 // "w" field name for WMode).
 //
-// If safe.FSync is true and journaling is disabled, the servers will be
-// forced to sync all files to disk immediately before returning. If the
-// same option is true but journaling is enabled, the server will instead
-// await for the next group commit before returning.
+// If safe.J is true, servers will block until write operations have been
+// committed to the journal. Cannot be used in combination with FSync. Prior
+// to MongoDB 2.6 this option was ignored if the server was running without
+// journaling. Starting with MongoDB 2.6 write operations will fail with an
+// exception if this option is used when the server is running without
+// journaling.
+//
+// If safe.FSync is true and the server is running without journaling, blocks
+// until the server has synced all data files to disk. If the server is running
+// with journaling, this acts the same as the J option, blocking until write
+// operations have been committed to the journal. Cannot be used in
+// combination with J.
 //
 // Since MongoDB 2.0.0, the safe.J option can also be used instead of FSync
 // to force the server to wait for a group commit in case journaling is
@@ -1973,7 +2022,11 @@
 
 // FsyncUnlock releases the server for writes. See FsyncLock for details.
 func (s *Session) FsyncUnlock() error {
-	return s.DB("admin").C("$cmd.sys.unlock").Find(nil).One(nil) // WTF?
+	err := s.Run(bson.D{{"fsyncUnlock", 1}}, nil)
+	if isNoCmd(err) {
+		err = s.DB("admin").C("$cmd.sys.unlock").Find(nil).One(nil) // WTF?
+	}
+	return err
 }
 
 // Find prepares a query using the provided document.  The document may be a
@@ -2028,18 +2081,12 @@
 	// used for the query may be safely obtained afterwards, if
 	// necessary for iteration when a cursor is received.
 	session := c.Database.Session
-	cloned := session.Clone()
-	cloned.SetMode(Monotonic, false)
+	cloned := session.nonEventual()
 	defer cloned.Close()
 
 	batchSize := int(cloned.queryConfig.op.limit)
 
-	var result struct {
-		Cursor struct {
-			FirstBatch []bson.Raw "firstBatch"
-			Id         int64
-		}
-	}
+	var result struct{ Cursor cursorData }
 
 	cmd := repairCmd{
 		RepairCursor: c.Name,
@@ -2113,20 +2160,13 @@
 	// Clone session and set it to Monotonic mode so that the server
 	// used for the query may be safely obtained afterwards, if
 	// necessary for iteration when a cursor is received.
-	cloned := p.session.Clone()
-	cloned.SetMode(Monotonic, false)
+	cloned := p.session.nonEventual()
 	defer cloned.Close()
 	c := p.collection.With(cloned)
 
 	var result struct {
-		// 2.4, no cursors.
-		Result []bson.Raw
-
-		// 2.6+, with cursors.
-		Cursor struct {
-			FirstBatch []bson.Raw "firstBatch"
-			Id         int64
-		}
+		Result []bson.Raw // 2.4, no cursors.
+		Cursor cursorData // 2.6+, with cursors.
 	}
 
 	cmd := pipeCmd{
@@ -2283,7 +2323,7 @@
 	UpsertedId      interface{} `bson:"upserted"`
 
 	modified int
-	errors   []error
+	ecases   []BulkErrorCase
 }
 
 func (err *LastError) Error() string {
@@ -2320,9 +2360,9 @@
 		return e.Code == 11000 || e.Code == 11001 || e.Code == 12582 || e.Code == 16460 && strings.Contains(e.Err, " E11000 ")
 	case *QueryError:
 		return e.Code == 11000 || e.Code == 11001 || e.Code == 12582
-	case *bulkError:
-		for _, ee := range e.errs {
-			if !IsDup(ee) {
+	case *BulkError:
+		for _, ecase := range e.ecases {
+			if !IsDup(ecase.Err) {
 				return false
 			}
 		}
@@ -2378,8 +2418,12 @@
 
 // ChangeInfo holds details about the outcome of an update operation.
 type ChangeInfo struct {
-	Updated    int         // Number of existing documents updated
+	// Updated reports the number of existing documents modified.
+	// Due to server limitations, this reports the same value as the Matched field when
+	// talking to MongoDB <= 2.4 and on Upsert and Apply (findAndModify) operations.
+	Updated    int
 	Removed    int         // Number of documents removed
+	Matched    int         // Number of documents matched but not necessarily changed
 	UpsertedId interface{} // Upserted _id field, when not explicitly provided
 }
 
@@ -2408,7 +2452,7 @@
 	}
 	lerr, err := c.writeOp(&op, true)
 	if err == nil && lerr != nil {
-		info = &ChangeInfo{Updated: lerr.N}
+		info = &ChangeInfo{Updated: lerr.modified, Matched: lerr.N}
 	}
 	return info, err
 }
@@ -2437,11 +2481,20 @@
 		Flags:      1,
 		Upsert:     true,
 	}
-	lerr, err := c.writeOp(&op, true)
+	var lerr *LastError
+	for i := 0; i < maxUpsertRetries; i++ {
+		lerr, err = c.writeOp(&op, true)
+		// Retry duplicate key errors on upserts.
+		// https://docs.mongodb.com/v3.2/reference/method/db.collection.update/#use-unique-indexes
+		if !IsDup(err) {
+			break
+		}
+	}
 	if err == nil && lerr != nil {
 		info = &ChangeInfo{}
 		if lerr.UpdatedExisting {
-			info.Updated = lerr.N
+			info.Matched = lerr.N
+			info.Updated = lerr.modified
 		} else {
 			info.UpsertedId = lerr.UpsertedId
 		}
@@ -2469,7 +2522,10 @@
 //     http://www.mongodb.org/display/DOCS/Removing
 //
 func (c *Collection) Remove(selector interface{}) error {
-	lerr, err := c.writeOp(&deleteOp{c.FullName, selector, 1}, true)
+	if selector == nil {
+		selector = bson.D{}
+	}
+	lerr, err := c.writeOp(&deleteOp{c.FullName, selector, 1, 1}, true)
 	if err == nil && lerr != nil && lerr.N == 0 {
 		return ErrNotFound
 	}
@@ -2495,9 +2551,12 @@
 //     http://www.mongodb.org/display/DOCS/Removing
 //
 func (c *Collection) RemoveAll(selector interface{}) (info *ChangeInfo, err error) {
-	lerr, err := c.writeOp(&deleteOp{c.FullName, selector, 0}, true)
+	if selector == nil {
+		selector = bson.D{}
+	}
+	lerr, err := c.writeOp(&deleteOp{c.FullName, selector, 0, 0}, true)
 	if err == nil && lerr != nil {
-		info = &ChangeInfo{Removed: lerr.N}
+		info = &ChangeInfo{Removed: lerr.N, Matched: lerr.N}
 	}
 	return info, err
 }
@@ -2537,6 +2596,28 @@
 	Capped   bool
 	MaxBytes int
 	MaxDocs  int
+
+	// Validator contains a validation expression that defines which
+	// documents should be considered valid for this collection.
+	Validator interface{}
+
+	// ValidationLevel may be set to "strict" (the default) to force
+	// MongoDB to validate all documents on inserts and updates, to
+	// "moderate" to apply the validation rules only to documents
+	// that already fulfill the validation criteria, or to "off" for
+	// disabling validation entirely.
+	ValidationLevel string
+
+	// ValidationAction determines how MongoDB handles documents that
+	// violate the validation rules. It may be set to "error" (the default)
+	// to reject inserts or updates that violate the rules, or to "warn"
+	// to log invalid operations but allow them to proceed.
+	ValidationAction string
+
+	// StorageEngine allows specifying collection options for the
+	// storage engine in use. The map keys must hold the storage engine
+	// name for which options are being specified.
+	StorageEngine interface{}
 }
 
 // Create explicitly creates the c collection with details of info.
@@ -2568,13 +2649,25 @@
 	if info.ForceIdIndex {
 		cmd = append(cmd, bson.DocElem{"autoIndexId", true})
 	}
+	if info.Validator != nil {
+		cmd = append(cmd, bson.DocElem{"validator", info.Validator})
+	}
+	if info.ValidationLevel != "" {
+		cmd = append(cmd, bson.DocElem{"validationLevel", info.ValidationLevel})
+	}
+	if info.ValidationAction != "" {
+		cmd = append(cmd, bson.DocElem{"validationAction", info.ValidationAction})
+	}
+	if info.StorageEngine != nil {
+		cmd = append(cmd, bson.DocElem{"storageEngine", info.StorageEngine})
+	}
 	return c.Database.Run(cmd, nil)
 }
 
 // Batch sets the batch size used when fetching documents from the database.
 // It's possible to change this setting on a per-session basis as well, using
 // the Batch method of Session.
-//
+
 // The default batch size is defined by the database itself.  As of this
 // writing, MongoDB will use an initial size of min(100 docs, 4MB) on the
 // first batch, and 4MB on remaining ones.
@@ -2741,6 +2834,8 @@
 	return iter.Close()
 }
 
+// TODO: Add Collection.Explain. See https://goo.gl/1MDlvz.
+
 // Hint will include an explicit "hint" in the query to force the server
 // to use a specified index, potentially improving performance in some
 // situations.  The provided parameters are the fields that compose the
@@ -2919,7 +3014,7 @@
 // unmarshalled into by gobson.  This function blocks until either a result
 // is available or an error happens.  For example:
 //
-//     err := collection.Find(bson.M{"a", 1}).One(&result)
+//     err := collection.Find(bson.M{"a": 1}).One(&result)
 //
 // In case the resulting document includes a field named $err or errmsg, which
 // are standard ways for MongoDB to return query errors, the returned err will
@@ -2940,9 +3035,12 @@
 	}
 	defer socket.Release()
 
-	session.prepareQuery(&op)
 	op.limit = -1
 
+	session.prepareQuery(&op)
+
+	expectFindReply := prepareFindOp(socket, &op, 1)
+
 	data, err := socket.SimpleQuery(&op)
 	if err != nil {
 		return err
@@ -2950,6 +3048,25 @@
 	if data == nil {
 		return ErrNotFound
 	}
+	if expectFindReply {
+		var findReply struct {
+			Ok     bool
+			Code   int
+			Errmsg string
+			Cursor cursorData
+		}
+		err = bson.Unmarshal(data, &findReply)
+		if err != nil {
+			return err
+		}
+		if !findReply.Ok && findReply.Errmsg != "" {
+			return &QueryError{Code: findReply.Code, Message: findReply.Errmsg}
+		}
+		if len(findReply.Cursor.FirstBatch) == 0 {
+			return ErrNotFound
+		}
+		data = findReply.Cursor.FirstBatch[0].Data
+	}
 	if result != nil {
 		err = bson.Unmarshal(data, result)
 		if err == nil {
@@ -2962,6 +3079,109 @@
 	return checkQueryError(op.collection, data)
 }
 
+// prepareFindOp translates op from being an old-style wire protocol query into
+// a new-style find command if that's supported by the MongoDB server (3.2+).
+// It returns whether to expect a find command result or not. Note op may be
+// translated into an explain command, in which case the function returns false.
+func prepareFindOp(socket *mongoSocket, op *queryOp, limit int32) bool {
+	if socket.ServerInfo().MaxWireVersion < 4 || op.collection == "admin.$cmd" {
+		return false
+	}
+
+	nameDot := strings.Index(op.collection, ".")
+	if nameDot < 0 {
+		panic("invalid query collection name: " + op.collection)
+	}
+
+	find := findCmd{
+		Collection:  op.collection[nameDot+1:],
+		Filter:      op.query,
+		Projection:  op.selector,
+		Sort:        op.options.OrderBy,
+		Skip:        op.skip,
+		Limit:       limit,
+		MaxTimeMS:   op.options.MaxTimeMS,
+		MaxScan:     op.options.MaxScan,
+		Hint:        op.options.Hint,
+		Comment:     op.options.Comment,
+		Snapshot:    op.options.Snapshot,
+		OplogReplay: op.flags&flagLogReplay != 0,
+	}
+	if op.limit < 0 {
+		find.BatchSize = -op.limit
+		find.SingleBatch = true
+	} else {
+		find.BatchSize = op.limit
+	}
+
+	explain := op.options.Explain
+
+	op.collection = op.collection[:nameDot] + ".$cmd"
+	op.query = &find
+	op.skip = 0
+	op.limit = -1
+	op.options = queryWrapper{}
+	op.hasOptions = false
+
+	if explain {
+		op.query = bson.D{{"explain", op.query}}
+		return false
+	}
+	return true
+}
+
+type cursorData struct {
+	FirstBatch []bson.Raw "firstBatch"
+	NextBatch  []bson.Raw "nextBatch"
+	NS         string
+	Id         int64
+}
+
+// findCmd holds the command used for performing queries on MongoDB 3.2+.
+//
+// Relevant documentation:
+//
+//     https://docs.mongodb.org/master/reference/command/find/#dbcmd.find
+//
+type findCmd struct {
+	Collection          string      `bson:"find"`
+	Filter              interface{} `bson:"filter,omitempty"`
+	Sort                interface{} `bson:"sort,omitempty"`
+	Projection          interface{} `bson:"projection,omitempty"`
+	Hint                interface{} `bson:"hint,omitempty"`
+	Skip                interface{} `bson:"skip,omitempty"`
+	Limit               int32       `bson:"limit,omitempty"`
+	BatchSize           int32       `bson:"batchSize,omitempty"`
+	SingleBatch         bool        `bson:"singleBatch,omitempty"`
+	Comment             string      `bson:"comment,omitempty"`
+	MaxScan             int         `bson:"maxScan,omitempty"`
+	MaxTimeMS           int         `bson:"maxTimeMS,omitempty"`
+	ReadConcern         interface{} `bson:"readConcern,omitempty"`
+	Max                 interface{} `bson:"max,omitempty"`
+	Min                 interface{} `bson:"min,omitempty"`
+	ReturnKey           bool        `bson:"returnKey,omitempty"`
+	ShowRecordId        bool        `bson:"showRecordId,omitempty"`
+	Snapshot            bool        `bson:"snapshot,omitempty"`
+	Tailable            bool        `bson:"tailable,omitempty"`
+	AwaitData           bool        `bson:"awaitData,omitempty"`
+	OplogReplay         bool        `bson:"oplogReplay,omitempty"`
+	NoCursorTimeout     bool        `bson:"noCursorTimeout,omitempty"`
+	AllowPartialResults bool        `bson:"allowPartialResults,omitempty"`
+}
+
+// getMoreCmd holds the command used for requesting more query results on MongoDB 3.2+.
+//
+// Relevant documentation:
+//
+//     https://docs.mongodb.org/master/reference/command/getMore/#dbcmd.getMore
+//
+type getMoreCmd struct {
+	CursorId   int64  `bson:"getMore"`
+	Collection string `bson:"collection"`
+	BatchSize  int32  `bson:"batchSize,omitempty"`
+	MaxTimeMS  int64  `bson:"maxTimeMS,omitempty"`
+}
+
 // run duplicates the behavior of collection.Find(query).One(&result)
 // as performed by Database.Run, specializing the logic for running
 // database commands on a given socket.
@@ -3067,9 +3287,7 @@
 	// Clone session and set it to Monotonic mode so that the server
 	// used for the query may be safely obtained afterwards, if
 	// necessary for iteration when a cursor is received.
-	session := db.Session
-	cloned := session.Clone()
-	cloned.SetMode(Monotonic, false)
+	cloned := db.Session.nonEventual()
 	defer cloned.Close()
 
 	batchSize := int(cloned.queryConfig.op.limit)
@@ -3077,12 +3295,7 @@
 	// Try with a command.
 	var result struct {
 		Collections []bson.Raw
-
-		Cursor struct {
-			FirstBatch []bson.Raw "firstBatch"
-			NS         string
-			Id         int64
-		}
+		Cursor      cursorData
 	}
 	err = db.With(cloned).Run(bson.D{{"listCollections", 1}, {"cursor", bson.D{{"batchSize", batchSize}}}}, &result)
 	if err == nil {
@@ -3174,23 +3387,29 @@
 	iter.op.replyFunc = iter.replyFunc()
 	iter.docsToReceive++
 
+	socket, err := session.acquireSocket(true)
+	if err != nil {
+		iter.err = err
+		return iter
+	}
+	defer socket.Release()
+
 	session.prepareQuery(&op)
 	op.replyFunc = iter.op.replyFunc
 
-	socket, err := session.acquireSocket(true)
+	if prepareFindOp(socket, &op, limit) {
+		iter.findCmd = true
+	}
+
+	iter.server = socket.Server()
+	err = socket.Query(&op)
 	if err != nil {
+		// Must lock as the query is already out and it may call replyFunc.
+		iter.m.Lock()
 		iter.err = err
-	} else {
-		iter.server = socket.Server()
-		err = socket.Query(&op)
-		if err != nil {
-			// Must lock as the query above may call replyFunc.
-			iter.m.Lock()
-			iter.err = err
-			iter.m.Unlock()
-		}
-		socket.Release()
+		iter.m.Unlock()
 	}
+
 	return iter
 }
 
@@ -3266,7 +3485,7 @@
 		iter.server = socket.Server()
 		err = socket.Query(&op)
 		if err != nil {
-			// Must lock as the query above may call replyFunc.
+			// Must lock as the query is already out and it may call replyFunc.
 			iter.m.Lock()
 			iter.err = err
 			iter.m.Unlock()
@@ -3604,12 +3823,39 @@
 			iter.op.limit = limit
 		}
 	}
-	if err := socket.Query(&iter.op); err != nil {
+	var op interface{}
+	if iter.findCmd {
+		op = iter.getMoreCmd()
+	} else {
+		op = &iter.op
+	}
+	if err := socket.Query(op); err != nil {
 		iter.docsToReceive--
 		iter.err = err
 	}
 }
 
+func (iter *Iter) getMoreCmd() *queryOp {
+	// TODO: Define the query statically in the Iter type, next to getMoreOp.
+	nameDot := strings.Index(iter.op.collection, ".")
+	if nameDot < 0 {
+		panic("invalid query collection name: " + iter.op.collection)
+	}
+
+	getMore := getMoreCmd{
+		CursorId:   iter.op.cursorId,
+		Collection: iter.op.collection[nameDot+1:],
+		BatchSize:  iter.op.limit,
+	}
+
+	var op queryOp
+	op.collection = iter.op.collection[:nameDot] + ".$cmd"
+	op.query = &getMore
+	op.limit = -1
+	op.replyFunc = iter.op.replyFunc
+	return &op
+}
+
 type countCmd struct {
 	Count string
 	Query interface{}
@@ -3973,8 +4219,17 @@
 	session.SetMode(Strong, false)
 
 	var doc valueResult
-	err = session.DB(dbname).Run(&cmd, &doc)
-	if err != nil {
+	for i := 0; i < maxUpsertRetries; i++ {
+		err = session.DB(dbname).Run(&cmd, &doc)
+
+		if err == nil {
+			break
+		}
+		if change.Upsert && IsDup(err) {
+			// Retry duplicate key errors on upserts.
+			// https://docs.mongodb.com/v3.2/reference/method/db.collection.update/#use-unique-indexes
+			continue
+		}
 		if qerr, ok := err.(*QueryError); ok && qerr.Message == "No matching object found" {
 			return nil, ErrNotFound
 		}
@@ -3993,8 +4248,10 @@
 	lerr := &doc.LastError
 	if lerr.UpdatedExisting {
 		info.Updated = lerr.N
+		info.Matched = lerr.N
 	} else if change.Remove {
 		info.Removed = lerr.N
+		info.Matched = lerr.N
 	} else if change.Upsert {
 		info.UpsertedId = lerr.UpsertedId
 	}
@@ -4011,7 +4268,7 @@
 	VersionArray   []int  `bson:"versionArray"` // On MongoDB 2.0+; assembled from Version otherwise
 	GitVersion     string `bson:"gitVersion"`
 	OpenSSLVersion string `bson:"OpenSSLVersion"`
-	SysInfo        string `bson:"sysInfo"`
+	SysInfo        string `bson:"sysInfo"` // Deprecated and empty on MongoDB 3.2+.
 	Bits           int
 	Debug          bool
 	MaxObjectSize  int `bson:"maxBsonObjectSize"`
@@ -4053,6 +4310,9 @@
 		// That information may be moved to another field if people need it.
 		info.GitVersion = info.GitVersion[:i]
 	}
+	if info.SysInfo == "deprecated" {
+		info.SysInfo = ""
+	}
 	return
 }
 
@@ -4168,6 +4428,38 @@
 			} else {
 				iter.err = ErrNotFound
 			}
+		} else if iter.findCmd {
+			debugf("Iter %p received reply document %d/%d (cursor=%d)", iter, docNum+1, int(op.replyDocs), op.cursorId)
+			var findReply struct {
+				Ok     bool
+				Code   int
+				Errmsg string
+				Cursor cursorData
+			}
+			if err := bson.Unmarshal(docData, &findReply); err != nil {
+				iter.err = err
+			} else if !findReply.Ok && findReply.Errmsg != "" {
+				iter.err = &QueryError{Code: findReply.Code, Message: findReply.Errmsg}
+			} else if len(findReply.Cursor.FirstBatch) == 0 && len(findReply.Cursor.NextBatch) == 0 {
+				iter.err = ErrNotFound
+			} else {
+				batch := findReply.Cursor.FirstBatch
+				if len(batch) == 0 {
+					batch = findReply.Cursor.NextBatch
+				}
+				rdocs := len(batch)
+				for _, raw := range batch {
+					iter.docData.Push(raw.Data)
+				}
+				iter.docsToReceive = 0
+				docsToProcess := iter.docData.Len()
+				if iter.limit == 0 || int32(docsToProcess) < iter.limit {
+					iter.docsBeforeMore = docsToProcess - int(iter.prefetch*float64(rdocs))
+				} else {
+					iter.docsBeforeMore = -1
+				}
+				iter.op.cursorId = findReply.Cursor.Id
+			}
 		} else {
 			rdocs := int(op.replyDocs)
 			if docNum == 0 {
@@ -4180,7 +4472,6 @@
 				}
 				iter.op.cursorId = op.cursorId
 			}
-			// XXX Handle errors and flags.
 			debugf("Iter %p received reply document %d/%d (cursor=%d)", iter, docNum+1, rdocs, op.cursorId)
 			iter.docData.Push(docData)
 		}
@@ -4212,12 +4503,12 @@
 	ErrMsg string
 }
 
-func (r *writeCmdResult) QueryErrors() []error {
-	var errs []error
-	for _, err := range r.Errors {
-		errs = append(errs, &QueryError{Code: err.Code, Message: err.ErrMsg})
+func (r *writeCmdResult) BulkErrorCases() []BulkErrorCase {
+	ecases := make([]BulkErrorCase, len(r.Errors))
+	for i, err := range r.Errors {
+		ecases[i] = BulkErrorCase{err.Index, &QueryError{Code: err.Code, Message: err.ErrMsg}}
 	}
-	return errs
+	return ecases
 }
 
 // writeOp runs the given modifying operation, potentially followed up
@@ -4234,12 +4525,14 @@
 
 	s.m.RLock()
 	safeOp := s.safeOp
+	bypassValidation := s.bypassValidation
 	s.m.RUnlock()
 
 	if socket.ServerInfo().MaxWireVersion >= 2 {
 		// Servers with a more recent write protocol benefit from write commands.
 		if op, ok := op.(*insertOp); ok && len(op.documents) > 1000 {
-			var errors []error
+			var lerr LastError
+
 			// Maximum batch size is 1000. Must split out in separate operations for compatibility.
 			all := op.documents
 			for i := 0; i < len(all); i += 1000 {
@@ -4248,35 +4541,59 @@
 					l = len(all)
 				}
 				op.documents = all[i:l]
-				lerr, err := c.writeOpCommand(socket, safeOp, op, ordered)
+				oplerr, err := c.writeOpCommand(socket, safeOp, op, ordered, bypassValidation)
+				lerr.N += oplerr.N
+				lerr.modified += oplerr.modified
 				if err != nil {
-					errors = append(errors, lerr.errors...)
+					for ei := range lerr.ecases {
+						oplerr.ecases[ei].Index += i
+					}
+					lerr.ecases = append(lerr.ecases, oplerr.ecases...)
 					if op.flags&1 == 0 {
-						return &LastError{errors: errors}, err
+						return &lerr, err
 					}
 				}
 			}
-			if len(errors) == 0 {
-				return nil, nil
+			if len(lerr.ecases) != 0 {
+				return &lerr, lerr.ecases[0].Err
 			}
-			return &LastError{errors: errors}, errors[0]
+			return &lerr, nil
 		}
-		return c.writeOpCommand(socket, safeOp, op, ordered)
+		return c.writeOpCommand(socket, safeOp, op, ordered, bypassValidation)
 	} else if updateOps, ok := op.(bulkUpdateOp); ok {
-		var errors []error
-		for _, updateOp := range updateOps {
-			lerr, err := c.writeOpQuery(socket, safeOp, updateOp, ordered)
+		var lerr LastError
+		for i, updateOp := range updateOps {
+			oplerr, err := c.writeOpQuery(socket, safeOp, updateOp, ordered)
+			lerr.N += oplerr.N
+			lerr.modified += oplerr.modified
+			if err != nil {
+				lerr.ecases = append(lerr.ecases, BulkErrorCase{i, err})
+				if ordered {
+					break
+				}
+			}
+		}
+		if len(lerr.ecases) != 0 {
+			return &lerr, lerr.ecases[0].Err
+		}
+		return &lerr, nil
+	} else if deleteOps, ok := op.(bulkDeleteOp); ok {
+		var lerr LastError
+		for i, deleteOp := range deleteOps {
+			oplerr, err := c.writeOpQuery(socket, safeOp, deleteOp, ordered)
+			lerr.N += oplerr.N
+			lerr.modified += oplerr.modified
 			if err != nil {
-				errors = append(errors, lerr.errors...)
+				lerr.ecases = append(lerr.ecases, BulkErrorCase{i, err})
 				if ordered {
-					return &LastError{errors: errors}, err
+					break
 				}
 			}
 		}
-		if len(errors) == 0 {
-			return nil, nil
+		if len(lerr.ecases) != 0 {
+			return &lerr, lerr.ecases[0].Err
 		}
-		return &LastError{errors: errors}, errors[0]
+		return &lerr, nil
 	}
 	return c.writeOpQuery(socket, safeOp, op, ordered)
 }
@@ -4316,12 +4633,18 @@
 	bson.Unmarshal(replyData, &result)
 	debugf("Result from writing query: %#v", result)
 	if result.Err != "" {
+		result.ecases = []BulkErrorCase{{Index: 0, Err: result}}
+		if insert, ok := op.(*insertOp); ok && len(insert.documents) > 1 {
+			result.ecases[0].Index = -1
+		}
 		return result, result
 	}
+	// With MongoDB <2.6 we don't know how many actually changed, so make it the same as matched.
+	result.modified = result.N
 	return result, nil
 }
 
-func (c *Collection) writeOpCommand(socket *mongoSocket, safeOp *queryOp, op interface{}, ordered bool) (lerr *LastError, err error) {
+func (c *Collection) writeOpCommand(socket *mongoSocket, safeOp *queryOp, op interface{}, ordered, bypassValidation bool) (lerr *LastError, err error) {
 	var writeConcern interface{}
 	if safeOp == nil {
 		writeConcern = bson.D{{"w", 0}}
@@ -4357,27 +4680,35 @@
 		}
 	case *deleteOp:
 		// http://docs.mongodb.org/manual/reference/command/delete
-		selector := op.selector
-		if selector == nil {
-			selector = bson.D{}
+		cmd = bson.D{
+			{"delete", c.Name},
+			{"deletes", []interface{}{op}},
+			{"writeConcern", writeConcern},
+			{"ordered", ordered},
 		}
+	case bulkDeleteOp:
+		// http://docs.mongodb.org/manual/reference/command/delete
 		cmd = bson.D{
 			{"delete", c.Name},
-			{"deletes", []bson.D{{{"q", selector}, {"limit", op.flags & 1}}}},
+			{"deletes", op},
 			{"writeConcern", writeConcern},
-			//{"ordered", <bool>},
+			{"ordered", ordered},
 		}
 	}
+	if bypassValidation {
+		cmd = append(cmd, bson.DocElem{"bypassDocumentValidation", true})
+	}
 
 	var result writeCmdResult
 	err = c.Database.run(socket, cmd, &result)
 	debugf("Write command result: %#v (err=%v)", result, err)
+	ecases := result.BulkErrorCases()
 	lerr = &LastError{
 		UpdatedExisting: result.N > 0 && len(result.Upserted) == 0,
 		N:               result.N,
 
 		modified: result.NModified,
-		errors:   result.QueryErrors(),
+		ecases:   ecases,
 	}
 	if len(result.Upserted) > 0 {
 		lerr.UpsertedId = result.Upserted[0].Id
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/session_test.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/session_test.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/session_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/session_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -146,6 +146,11 @@
 	c.Assert(err, IsNil)
 	c.Assert(result.A, Equals, 1)
 	c.Assert(result.B, Equals, 2)
+
+	err = coll.Find(M{"a": 1}).Sort("-b").One(&result)
+	c.Assert(err, IsNil)
+	c.Assert(result.A, Equals, 1)
+	c.Assert(result.B, Equals, 3)
 }
 
 func (s *S) TestInsertFindOneNil(c *C) {
@@ -446,13 +451,14 @@
 
 	ns := []int{40, 41, 42, 43, 44, 45, 46}
 	for _, n := range ns {
-		err := coll.Insert(M{"k": n, "n": n})
+		err := coll.Insert(bson.D{{"k", n}, {"n", n}})
 		c.Assert(err, IsNil)
 	}
 
-	info, err := coll.Upsert(M{"k": 42}, M{"k": 42, "n": 24})
+	info, err := coll.Upsert(M{"k": 42}, bson.D{{"k", 42}, {"n", 24}})
 	c.Assert(err, IsNil)
 	c.Assert(info.Updated, Equals, 1)
+	c.Assert(info.Matched, Equals, 1)
 	c.Assert(info.UpsertedId, IsNil)
 
 	result := M{}
@@ -460,10 +466,18 @@
 	c.Assert(err, IsNil)
 	c.Assert(result["n"], Equals, 24)
 
+	// Match but do not change.
+	info, err = coll.Upsert(M{"k": 42}, bson.D{{"k", 42}, {"n", 24}})
+	c.Assert(err, IsNil)
+	c.Assert(info.Updated, Equals, 1) // On 2.6+ this feels like a server mistake.
+	c.Assert(info.Matched, Equals, 1)
+	c.Assert(info.UpsertedId, IsNil)
+
 	// Insert with internally created id.
 	info, err = coll.Upsert(M{"k": 47}, M{"k": 47, "n": 47})
 	c.Assert(err, IsNil)
 	c.Assert(info.Updated, Equals, 0)
+	c.Assert(info.Matched, Equals, 0)
 	c.Assert(info.UpsertedId, NotNil)
 
 	err = coll.Find(M{"k": 47}).One(result)
@@ -479,6 +493,7 @@
 	info, err = coll.Upsert(M{"k": 48}, M{"k": 48, "n": 48, "_id": 48})
 	c.Assert(err, IsNil)
 	c.Assert(info.Updated, Equals, 0)
+	c.Assert(info.Matched, Equals, 0)
 	if s.versionAtLeast(2, 6) {
 		c.Assert(info.UpsertedId, Equals, 48)
 	} else {
@@ -540,14 +555,20 @@
 		c.Assert(err, IsNil)
 	}
 
-	// Don't actually modify the documents. Should still report 4 matching updates.
 	info, err := coll.UpdateAll(M{"k": M{"$gt": 42}}, M{"$unset": M{"missing": 1}})
 	c.Assert(err, IsNil)
-	c.Assert(info.Updated, Equals, 4)
+	if s.versionAtLeast(2, 6) {
+		c.Assert(info.Updated, Equals, 0)
+		c.Assert(info.Matched, Equals, 4)
+	} else {
+		c.Assert(info.Updated, Equals, 4)
+		c.Assert(info.Matched, Equals, 4)
+	}
 
 	info, err = coll.UpdateAll(M{"k": M{"$gt": 42}}, M{"$inc": M{"n": 1}})
 	c.Assert(err, IsNil)
 	c.Assert(info.Updated, Equals, 4)
+	c.Assert(info.Matched, Equals, 4)
 
 	result := make(M)
 	err = coll.Find(M{"k": 42}).One(result)
@@ -654,6 +675,7 @@
 	c.Assert(err, IsNil)
 	c.Assert(info.Updated, Equals, 0)
 	c.Assert(info.Removed, Equals, 4)
+	c.Assert(info.Matched, Equals, 4)
 	c.Assert(info.UpsertedId, IsNil)
 
 	result := &struct{ N int }{}
@@ -671,6 +693,7 @@
 	c.Assert(err, IsNil)
 	c.Assert(info.Updated, Equals, 0)
 	c.Assert(info.Removed, Equals, 3)
+	c.Assert(info.Matched, Equals, 3)
 	c.Assert(info.UpsertedId, IsNil)
 
 	n, err := coll.Find(nil).Count()
@@ -812,6 +835,76 @@
 	c.Assert(indexes, HasLen, 1)
 }
 
+func (s *S) TestCreateCollectionValidator(c *C) {
+	if !s.versionAtLeast(3, 2) {
+		c.Skip("validation depends on MongoDB 3.2+")
+	}
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	db := session.DB("mydb")
+	coll := db.C("mycoll")
+
+	// Test Validator.
+	info := &mgo.CollectionInfo{
+		Validator: M{"b": M{"$exists": true}},
+	}
+	err = coll.Create(info)
+	c.Assert(err, IsNil)
+	err = coll.Insert(M{"a": 1})
+	c.Assert(err, ErrorMatches, "Document failed validation")
+	err = coll.DropCollection()
+	c.Assert(err, IsNil)
+
+	// Test ValidatorAction.
+	info = &mgo.CollectionInfo{
+		Validator:        M{"b": M{"$exists": true}},
+		ValidationAction: "warn",
+	}
+	err = coll.Create(info)
+	c.Assert(err, IsNil)
+	err = coll.Insert(M{"a": 1})
+	c.Assert(err, IsNil)
+	err = coll.DropCollection()
+	c.Assert(err, IsNil)
+
+	// Test ValidationLevel.
+	info = &mgo.CollectionInfo{
+		Validator:       M{"a": M{"$exists": true}},
+		ValidationLevel: "moderate",
+	}
+	err = coll.Create(info)
+	err = coll.Insert(M{"a": 1})
+	c.Assert(err, IsNil)
+	err = db.Run(bson.D{{"collMod", "mycoll"}, {"validator", M{"b": M{"$exists": true}}}}, nil)
+	c.Assert(err, IsNil)
+	err = coll.Insert(M{"a": 2})
+	c.Assert(err, ErrorMatches, "Document failed validation")
+	err = coll.Update(M{"a": 1}, M{"c": 1})
+	c.Assert(err, IsNil)
+	err = coll.DropCollection()
+	c.Assert(err, IsNil)
+}
+
+func (s *S) TestCreateCollectionStorageEngine(c *C) {
+	if !s.versionAtLeast(3, 0) {
+		c.Skip("storageEngine option depends on MongoDB 3.0+")
+	}
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	db := session.DB("mydb")
+	coll := db.C("mycoll")
+
+	info := &mgo.CollectionInfo{
+		StorageEngine: M{"test": M{}},
+	}
+	err = coll.Create(info)
+	c.Assert(err, ErrorMatches, "test is not a registered storage engine for this server")
+}
+
 func (s *S) TestIsDupValues(c *C) {
 	c.Assert(mgo.IsDup(nil), Equals, false)
 	c.Assert(mgo.IsDup(&mgo.LastError{Code: 1}), Equals, false)
@@ -921,13 +1014,15 @@
 	c.Assert(err, IsNil)
 	c.Assert(result["n"], Equals, 42)
 	c.Assert(info.Updated, Equals, 1)
+	c.Assert(info.Matched, Equals, 1)
 	c.Assert(info.Removed, Equals, 0)
 	c.Assert(info.UpsertedId, IsNil)
 
 	// A nil result parameter should be acceptable.
 	info, err = coll.Find(M{"n": 43}).Apply(mgo.Change{Update: M{"$unset": M{"missing": 1}}}, nil)
 	c.Assert(err, IsNil)
-	c.Assert(info.Updated, Equals, 1)
+	c.Assert(info.Updated, Equals, 1) // On 2.6+ this feels like a server mistake.
+	c.Assert(info.Matched, Equals, 1)
 	c.Assert(info.Removed, Equals, 0)
 	c.Assert(info.UpsertedId, IsNil)
 
@@ -1202,7 +1297,13 @@
 	err = query.One(nil)
 	c.Assert(err, IsNil)
 
-	n, err := session.DB("mydb").C("system.profile").Find(bson.M{"query.$query.n": 41, "query.$comment": "some comment"}).Count()
+	commentField := "query.$comment"
+	nField := "query.$query.n"
+	if s.versionAtLeast(3, 2) {
+		commentField = "query.comment"
+		nField = "query.filter.n"
+	}
+	n, err := session.DB("mydb").C("system.profile").Find(bson.M{nField: 41, commentField: "some comment"}).Count()
 	c.Assert(err, IsNil)
 	c.Assert(n, Equals, 1)
 }
@@ -1221,6 +1322,20 @@
 	c.Assert(err == mgo.ErrNotFound, Equals, true)
 }
 
+func (s *S) TestFindIterNotFound(c *C) {
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	coll := session.DB("mydb").C("mycoll")
+
+	result := struct{ A, B int }{}
+	iter := coll.Find(M{"a": 1}).Iter()
+	ok := iter.Next(&result)
+	c.Assert(ok, Equals, false)
+	c.Assert(iter.Err(), IsNil)
+}
+
 func (s *S) TestFindNil(c *C) {
 	session, err := mgo.Dial("localhost:40001")
 	c.Assert(err, IsNil)
@@ -1275,7 +1390,7 @@
 	result := struct{ N int }{}
 	for i := 2; i < 7; i++ {
 		ok := iter.Next(&result)
-		c.Assert(ok, Equals, true)
+		c.Assert(ok, Equals, true, Commentf("err=%v", err))
 		c.Assert(result.N, Equals, ns[i])
 		if i == 1 {
 			stats := mgo.GetStats()
@@ -1292,7 +1407,12 @@
 	stats := mgo.GetStats()
 	c.Assert(stats.SentOps, Equals, 3)     // 1*QUERY_OP + 2*GET_MORE_OP
 	c.Assert(stats.ReceivedOps, Equals, 3) // and their REPLY_OPs.
-	c.Assert(stats.ReceivedDocs, Equals, 5)
+	if s.versionAtLeast(3, 2) {
+		// In 3.2+ responses come in batches inside the op reply docs.
+		c.Assert(stats.ReceivedDocs, Equals, 3)
+	} else {
+		c.Assert(stats.ReceivedDocs, Equals, 5)
+	}
 	c.Assert(stats.SocketsInUse, Equals, 0)
 }
 
@@ -1304,19 +1424,20 @@
 	coll := session.DB("mydb").C("mycoll")
 
 	for i := 40; i != 47; i++ {
-		coll.Insert(M{"n": i})
+		err := coll.Insert(M{"n": i})
+		c.Assert(err, IsNil)
 	}
 
 	query := coll.Find(M{}).Sort("n")
 
-	result1 := query.Skip(1).Iter()
-	result2 := query.Skip(2).Iter()
+	iter1 := query.Skip(1).Iter()
+	iter2 := query.Skip(2).Iter()
 
-	result := struct{ N int }{}
-	ok := result2.Next(&result)
+	var result struct{ N int }
+	ok := iter2.Next(&result)
 	c.Assert(ok, Equals, true)
 	c.Assert(result.N, Equals, 42)
-	ok = result1.Next(&result)
+	ok = iter1.Next(&result)
 	c.Assert(ok, Equals, true)
 	c.Assert(result.N, Equals, 41)
 }
@@ -1347,7 +1468,8 @@
 
 	ns := []int{40, 41, 42, 43, 44, 45, 46}
 	for _, n := range ns {
-		coll.Insert(M{"n": n})
+		err := coll.Insert(M{"n": n})
+		c.Assert(err, IsNil)
 	}
 
 	session.Refresh() // Release socket.
@@ -1371,9 +1493,16 @@
 	session.Refresh() // Release socket.
 
 	stats := mgo.GetStats()
-	c.Assert(stats.SentOps, Equals, 2)     // 1*QUERY_OP + 1*KILL_CURSORS_OP
-	c.Assert(stats.ReceivedOps, Equals, 1) // and its REPLY_OP
-	c.Assert(stats.ReceivedDocs, Equals, 3)
+	if s.versionAtLeast(3, 2) {
+		// Limit works properly in 3.2+, and results are batched in single doc.
+		c.Assert(stats.SentOps, Equals, 1)     // 1*QUERY_OP
+		c.Assert(stats.ReceivedOps, Equals, 1) // and its REPLY_OP
+		c.Assert(stats.ReceivedDocs, Equals, 1)
+	} else {
+		c.Assert(stats.SentOps, Equals, 2)     // 1*QUERY_OP + 1*KILL_CURSORS_OP
+		c.Assert(stats.ReceivedOps, Equals, 1) // and its REPLY_OP
+		c.Assert(stats.ReceivedDocs, Equals, 3)
+	}
 	c.Assert(stats.SocketsInUse, Equals, 0)
 }
 
@@ -1457,6 +1586,39 @@
 	c.Assert(iters, Equals, limit)
 }
 
+func (s *S) TestBatchSizeZeroGetMore(c *C) {
+	if *fast {
+		c.Skip("-fast")
+	}
+
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+	defer runtime.GOMAXPROCS(runtime.GOMAXPROCS(runtime.NumCPU()))
+
+	mgo.SetDebug(false)
+	coll := session.DB("mydb").C("mycoll")
+	words := strings.Split("foo bar baz", " ")
+	for i := 0; i < 5; i++ {
+		words = append(words, words...)
+	}
+	doc := bson.D{{"words", words}}
+	inserts := 10000
+	iters := 0
+	for i := 0; i < inserts; i++ {
+		err := coll.Insert(&doc)
+		c.Assert(err, IsNil)
+	}
+	iter := coll.Find(nil).Iter()
+	for iter.Next(&doc) {
+		if iters%100 == 0 {
+			c.Logf("Seen %d docments", iters)
+		}
+		iters++
+	}
+	c.Assert(iter.Close(), IsNil)
+}
+
 func serverCursorsOpen(session *mgo.Session) int {
 	var result struct {
 		Cursors struct {
@@ -1562,7 +1724,12 @@
 		c.Assert(result.N, Equals, ns[i])
 		if i == 3 {
 			stats := mgo.GetStats()
-			c.Assert(stats.ReceivedDocs, Equals, 2)
+			if s.versionAtLeast(3, 2) {
+				// In 3.2+ responses come in batches inside the op reply docs.
+				c.Assert(stats.ReceivedDocs, Equals, 1)
+			} else {
+				c.Assert(stats.ReceivedDocs, Equals, 2)
+			}
 		}
 	}
 
@@ -1573,9 +1740,18 @@
 	session.Refresh() // Release socket.
 
 	stats := mgo.GetStats()
-	c.Assert(stats.SentOps, Equals, 3)     // 1*QUERY_OP + 1*GET_MORE_OP + 1*KILL_CURSORS_OP
-	c.Assert(stats.ReceivedOps, Equals, 2) // and its REPLY_OPs
-	c.Assert(stats.ReceivedDocs, Equals, 3)
+	if s.versionAtLeast(3, 2) {
+		// In 3.2+ limit works properly even with multiple batches..
+		c.Assert(stats.SentOps, Equals, 2)     // 1*QUERY_OP + 1*GET_MORE_OP
+		c.Assert(stats.ReceivedOps, Equals, 2) // and its REPLY_OPs
+
+		// In 3.2+ responses come in batches inside the op reply docs.
+		c.Assert(stats.ReceivedDocs, Equals, 2)
+	} else {
+		c.Assert(stats.SentOps, Equals, 3)     // 1*QUERY_OP + 1*GET_MORE_OP + 1*KILL_CURSORS_OP
+		c.Assert(stats.ReceivedOps, Equals, 2) // and its REPLY_OPs
+		c.Assert(stats.ReceivedDocs, Equals, 3)
+	}
 	c.Assert(stats.SocketsInUse, Equals, 0)
 }
 
@@ -1613,7 +1789,12 @@
 		c.Assert(result.N, Equals, ns[i])
 		if i == 3 {
 			stats := mgo.GetStats()
-			c.Assert(stats.ReceivedDocs, Equals, 2)
+			if s.versionAtLeast(3, 2) {
+				// Find command in 3.2+ bundles batches in a single document.
+				c.Assert(stats.ReceivedDocs, Equals, 1)
+			} else {
+				c.Assert(stats.ReceivedDocs, Equals, 2)
+			}
 		}
 	}
 
@@ -1626,7 +1807,12 @@
 	stats := mgo.GetStats()
 	c.Assert(stats.SentOps, Equals, 3)     // 1*QUERY_OP + 2*GET_MORE_OP
 	c.Assert(stats.ReceivedOps, Equals, 3) // and its REPLY_OPs
-	c.Assert(stats.ReceivedDocs, Equals, 5)
+	if s.versionAtLeast(3, 2) {
+		// Find command in 3.2+ bundles batches in a single document.
+		c.Assert(stats.ReceivedDocs, Equals, 3)
+	} else {
+		c.Assert(stats.ReceivedDocs, Equals, 5)
+	}
 	c.Assert(stats.SocketsInUse, Equals, 0)
 }
 
@@ -1658,7 +1844,7 @@
 
 	mgo.ResetStats()
 
-	timeout := 3 * time.Second
+	timeout := 5 * time.Second
 
 	query := coll.Find(M{"n": M{"$gte": 42}}).Sort("$natural").Prefetch(0).Batch(2)
 	iter := query.Tail(timeout)
@@ -1680,39 +1866,35 @@
 	mgo.ResetStats()
 
 	// The following call to Next will block.
+	done := make(chan bool)
+	defer func() { <-done }()
 	go func() {
 		// The internal AwaitData timing of MongoDB is around 2 seconds,
 		// so this should force mgo to sleep at least once by itself to
 		// respect the requested timeout.
-		time.Sleep(timeout + 5e8*time.Nanosecond)
+		c.Logf("[GOROUTINE] Starting and sleeping...")
+		time.Sleep(timeout - 2*time.Second)
+		c.Logf("[GOROUTINE] Woke up...")
 		session := session.New()
-		defer session.Close()
-		coll := session.DB("mydb").C("mycoll")
-		coll.Insert(M{"n": 47})
+		c.Logf("[GOROUTINE] Session created and will insert...")
+		err := coll.Insert(M{"n": 47})
+		c.Logf("[GOROUTINE] Insert attempted, err=%v...", err)
+		session.Close()
+		c.Logf("[GOROUTINE] Session closed.")
+		c.Check(err, IsNil)
+		done <- true
 	}()
 
 	c.Log("Will wait for Next with N=47...")
 	ok := iter.Next(&result)
+	c.Log("Next unblocked...")
 	c.Assert(ok, Equals, true)
+
 	c.Assert(iter.Err(), IsNil)
 	c.Assert(iter.Timeout(), Equals, false)
 	c.Assert(result.N, Equals, 47)
 	c.Log("Got Next with N=47!")
 
-	// The following may break because it depends a bit on the internal
-	// timing used by MongoDB's AwaitData logic.  If it does, the problem
-	// will be observed as more GET_MORE_OPs than predicted:
-	// 1*QUERY for nonce + 1*GET_MORE_OP on Next + 1*GET_MORE_OP on Next after sleep +
-	// 1*INSERT_OP + 1*QUERY_OP for getLastError on insert of 47
-	stats := mgo.GetStats()
-	if s.versionAtLeast(2, 6) {
-		c.Assert(stats.SentOps, Equals, 4)
-	} else {
-		c.Assert(stats.SentOps, Equals, 5)
-	}
-	c.Assert(stats.ReceivedOps, Equals, 4)  // REPLY_OPs for 1*QUERY_OP for nonce + 2*GET_MORE_OPs + 1*QUERY_OP
-	c.Assert(stats.ReceivedDocs, Equals, 3) // nonce + N=47 result + getLastError response
-
 	c.Log("Will wait for a result which will never come...")
 
 	started := time.Now()
@@ -1892,20 +2074,6 @@
 	c.Assert(result.N, Equals, 47)
 	c.Log("Got Next with N=47!")
 
-	// The following may break because it depends a bit on the internal
-	// timing used by MongoDB's AwaitData logic.  If it does, the problem
-	// will be observed as more GET_MORE_OPs than predicted:
-	// 1*QUERY_OP for nonce + 1*GET_MORE_OP on Next +
-	// 1*INSERT_OP + 1*QUERY_OP for getLastError on insert of 47
-	stats := mgo.GetStats()
-	if s.versionAtLeast(2, 6) {
-		c.Assert(stats.SentOps, Equals, 3)
-	} else {
-		c.Assert(stats.SentOps, Equals, 4)
-	}
-	c.Assert(stats.ReceivedOps, Equals, 3)  // REPLY_OPs for 1*QUERY_OP for nonce + 1*GET_MORE_OPs and 1*QUERY_OP
-	c.Assert(stats.ReceivedDocs, Equals, 3) // nonce + N=47 result + getLastError response
-
 	c.Log("Will wait for a result which will never come...")
 
 	gotNext := make(chan bool)
@@ -2030,7 +2198,12 @@
 		c.Assert(result.N, Equals, ns[i])
 		if i == 1 {
 			stats := mgo.GetStats()
-			c.Assert(stats.ReceivedDocs, Equals, 2)
+			if s.versionAtLeast(3, 2) {
+				// Find command in 3.2+ bundles batches in a single document.
+				c.Assert(stats.ReceivedDocs, Equals, 1)
+			} else {
+				c.Assert(stats.ReceivedDocs, Equals, 2)
+			}
 		}
 		i++
 		return nil
@@ -2042,7 +2215,12 @@
 	stats := mgo.GetStats()
 	c.Assert(stats.SentOps, Equals, 3)     // 1*QUERY_OP + 2*GET_MORE_OP
 	c.Assert(stats.ReceivedOps, Equals, 3) // and their REPLY_OPs.
-	c.Assert(stats.ReceivedDocs, Equals, 5)
+	if s.versionAtLeast(3, 2) {
+		// Find command in 3.2+ bundles batches in a single document.
+		c.Assert(stats.ReceivedDocs, Equals, 3)
+	} else {
+		c.Assert(stats.ReceivedDocs, Equals, 5)
+	}
 	c.Assert(stats.SocketsInUse, Equals, 0)
 }
 
@@ -2072,6 +2250,12 @@
 		if i == 1 {
 			stats := mgo.GetStats()
 			c.Assert(stats.ReceivedDocs, Equals, 2)
+			if s.versionAtLeast(3, 2) {
+				// Find command in 3.2+ bundles batches in a single document.
+				c.Assert(stats.ReceivedDocs, Equals, 1)
+			} else {
+				c.Assert(stats.ReceivedDocs, Equals, 2)
+			}
 		}
 		i++
 		return nil
@@ -2083,7 +2267,12 @@
 	stats := mgo.GetStats()
 	c.Assert(stats.SentOps, Equals, 3)     // 1*QUERY_OP + 2*GET_MORE_OP
 	c.Assert(stats.ReceivedOps, Equals, 3) // and their REPLY_OPs.
-	c.Assert(stats.ReceivedDocs, Equals, 5)
+	if s.versionAtLeast(3, 2) {
+		// Find command in 3.2+ bundles batches in a single document.
+		c.Assert(stats.ReceivedDocs, Equals, 3)
+	} else {
+		c.Assert(stats.ReceivedDocs, Equals, 5)
+	}
 	c.Assert(stats.SocketsInUse, Equals, 0)
 }
 
@@ -2185,6 +2374,10 @@
 }
 
 func (s *S) TestFindIterSnapshot(c *C) {
+	if s.versionAtLeast(3, 2) {
+		c.Skip("Broken in 3.2: https://jira.mongodb.org/browse/SERVER-21403")
+	}
+
 	session, err := mgo.Dial("localhost:40001")
 	c.Assert(err, IsNil)
 	defer session.Close()
@@ -2343,6 +2536,7 @@
 	coll := session.DB("mydb").C("mycoll")
 
 	const total = 600
+	const batch = 100
 	mgo.SetDebug(false)
 	docs := make([]interface{}, total)
 	for i := 0; i != total; i++ {
@@ -2359,31 +2553,31 @@
 
 		switch testi {
 		case 0: // The default session value.
-			session.SetBatch(100)
+			session.SetBatch(batch)
 			iter = coll.Find(M{}).Iter()
 			beforeMore = 75
 
 		case 2: // Changing the session value.
-			session.SetBatch(100)
+			session.SetBatch(batch)
 			session.SetPrefetch(0.27)
 			iter = coll.Find(M{}).Iter()
 			beforeMore = 73
 
 		case 1: // Changing via query methods.
-			iter = coll.Find(M{}).Prefetch(0.27).Batch(100).Iter()
+			iter = coll.Find(M{}).Prefetch(0.27).Batch(batch).Iter()
 			beforeMore = 73
 
 		case 3: // With prefetch on first document.
-			iter = coll.Find(M{}).Prefetch(1.0).Batch(100).Iter()
+			iter = coll.Find(M{}).Prefetch(1.0).Batch(batch).Iter()
 			beforeMore = 0
 
 		case 4: // Without prefetch.
-			iter = coll.Find(M{}).Prefetch(0).Batch(100).Iter()
+			iter = coll.Find(M{}).Prefetch(0).Batch(batch).Iter()
 			beforeMore = 100
 		}
 
 		pings := 0
-		for batchi := 0; batchi < len(docs)/100-1; batchi++ {
+		for batchi := 0; batchi < len(docs)/batch-1; batchi++ {
 			c.Logf("Iterating over %d documents on batch %d", beforeMore, batchi)
 			var result struct{ N int }
 			for i := 0; i < beforeMore; i++ {
@@ -2397,7 +2591,12 @@
 			pings++
 
 			stats := mgo.GetStats()
-			c.Assert(stats.ReceivedDocs, Equals, (batchi+1)*100+pings)
+			if s.versionAtLeast(3, 2) {
+				// Find command in 3.2+ bundles batches in a single document.
+				c.Assert(stats.ReceivedDocs, Equals, (batchi+1)+pings)
+			} else {
+				c.Assert(stats.ReceivedDocs, Equals, (batchi+1)*batch+pings)
+			}
 
 			c.Logf("Iterating over one more document on batch %d", batchi)
 			ok := iter.Next(&result)
@@ -2408,7 +2607,12 @@
 			pings++
 
 			stats = mgo.GetStats()
-			c.Assert(stats.ReceivedDocs, Equals, (batchi+2)*100+pings)
+			if s.versionAtLeast(3, 2) {
+				// Find command in 3.2+ bundles batches in a single document.
+				c.Assert(stats.ReceivedDocs, Equals, (batchi+2)+pings)
+			} else {
+				c.Assert(stats.ReceivedDocs, Equals, (batchi+2)*batch+pings)
+			}
 		}
 	}
 }
@@ -2569,22 +2773,17 @@
 
 	coll := session.DB("mydb").C("mycoll")
 
-	result := struct {
-		Err string "$err"
-	}{}
-
-	err = coll.Find(M{"a": 1}).Select(M{"a": M{"b": 1}}).One(&result)
+	err = coll.Find(M{"a": 1}).Select(M{"a": M{"b": 1}}).One(nil)
 	c.Assert(err, ErrorMatches, ".*Unsupported projection option:.*")
 	c.Assert(err.(*mgo.QueryError).Message, Matches, ".*Unsupported projection option:.*")
-	if s.versionAtLeast(2, 6) {
-		// Oh, the dance of error codes. :-(
+	// Oh, the dance of error codes. :-(
+	if s.versionAtLeast(3, 2) {
+		c.Assert(err.(*mgo.QueryError).Code, Equals, 2)
+	} else if s.versionAtLeast(2, 6) {
 		c.Assert(err.(*mgo.QueryError).Code, Equals, 17287)
 	} else {
 		c.Assert(err.(*mgo.QueryError).Code, Equals, 13097)
 	}
-
-	// The result should be properly unmarshalled with QueryError
-	c.Assert(result.Err, Matches, ".*Unsupported projection option:.*")
 }
 
 func (s *S) TestQueryErrorNext(c *C) {
@@ -2594,28 +2793,24 @@
 
 	coll := session.DB("mydb").C("mycoll")
 
-	result := struct {
-		Err string "$err"
-	}{}
-
 	iter := coll.Find(M{"a": 1}).Select(M{"a": M{"b": 1}}).Iter()
 
+	var result struct{}
 	ok := iter.Next(&result)
 	c.Assert(ok, Equals, false)
 
 	err = iter.Close()
 	c.Assert(err, ErrorMatches, ".*Unsupported projection option:.*")
 	c.Assert(err.(*mgo.QueryError).Message, Matches, ".*Unsupported projection option:.*")
-	if s.versionAtLeast(2, 6) {
-		// Oh, the dance of error codes. :-(
+	// Oh, the dance of error codes. :-(
+	if s.versionAtLeast(3, 2) {
+		c.Assert(err.(*mgo.QueryError).Code, Equals, 2)
+	} else if s.versionAtLeast(2, 6) {
 		c.Assert(err.(*mgo.QueryError).Code, Equals, 17287)
 	} else {
 		c.Assert(err.(*mgo.QueryError).Code, Equals, 13097)
 	}
 	c.Assert(iter.Err(), Equals, err)
-
-	// The result should be properly unmarshalled with QueryError
-	c.Assert(result.Err, Matches, ".*Unsupported projection option:.*")
 }
 
 var indexTests = []struct {
@@ -2789,6 +2984,9 @@
 			delete(test.expected, "dropDups")
 			test.index.DropDups = false
 		}
+		if s.versionAtLeast(3, 2) && test.expected["textIndexVersion"] != nil {
+			test.expected["textIndexVersion"] = 3
+		}
 
 		c.Assert(obtained, DeepEquals, test.expected)
 
@@ -3474,7 +3672,13 @@
 
 	c.Assert(info.VersionArray, DeepEquals, v)
 	c.Assert(info.GitVersion, Matches, "[a-z0-9]+")
-	c.Assert(info.SysInfo, Matches, ".*[0-9:]+.*")
+
+	if s.versionAtLeast(3, 2) {
+		// It was deprecated in 3.2.
+		c.Assert(info.SysInfo, Equals, "")
+	} else {
+		c.Assert(info.SysInfo, Matches, ".*[0-9:]+.*")
+	}
 	if info.Bits != 32 && info.Bits != 64 {
 		c.Fatalf("info.Bits is %d", info.Bits)
 	}
@@ -3840,6 +4044,53 @@
 	c.Assert(iter.Err(), ErrorMatches, "my error")
 }
 
+func (s *S) TestBypassValidation(c *C) {
+	if !s.versionAtLeast(3, 2) {
+		c.Skip("validation supported on 3.2+")
+	}
+	session, err := mgo.Dial("localhost:40001")
+	c.Assert(err, IsNil)
+	defer session.Close()
+
+	coll := session.DB("mydb").C("mycoll")
+	err = coll.Insert(M{"n": 1})
+	c.Assert(err, IsNil)
+
+	err = coll.Database.Run(bson.D{
+		{"collMod", "mycoll"},
+		{"validator", M{"s": M{"$type": "string"}}},
+	}, nil)
+	c.Assert(err, IsNil)
+
+	err = coll.Insert(M{"n": 2})
+	c.Assert(err, ErrorMatches, "Document failed validation")
+
+	err = coll.Update(M{"n": 1}, M{"n": 10})
+	c.Assert(err, ErrorMatches, "Document failed validation")
+
+	session.SetBypassValidation(true)
+
+	err = coll.Insert(M{"n": 3})
+	c.Assert(err, IsNil)
+
+	err = coll.Update(M{"n": 3}, M{"n": 4})
+	c.Assert(err, IsNil)
+
+	// Ensure this still works. Shouldn't be affected.
+	err = coll.Remove(M{"n": 1})
+	c.Assert(err, IsNil)
+
+	var result struct{ N int }
+	var ns []int
+	iter := coll.Find(nil).Iter()
+	for iter.Next(&result) {
+		ns = append(ns, result.N)
+	}
+	c.Assert(iter.Err(), IsNil)
+	sort.Ints(ns)
+	c.Assert(ns, DeepEquals, []int{4})
+}
+
 // --------------------------------------------------------------------------
 // Some benchmarks that require a running database.
 
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/socket.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/socket.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/socket.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/socket.go	2016-07-18 19:45:44.000000000 +0000
@@ -162,9 +162,10 @@
 }
 
 type deleteOp struct {
-	collection string // "database.collection"
-	selector   interface{}
-	flags      uint32
+	Collection string      `bson:"-"` // "database.collection"
+	Selector   interface{} `bson:"q"`
+	Flags      uint32      `bson:"-"`
+	Limit      int         `bson:"limit"`
 }
 
 type killCursorsOp struct {
@@ -388,6 +389,11 @@
 
 	for _, op := range ops {
 		debugf("Socket %p to %s: serializing op: %#v", socket, socket.addr, op)
+		if qop, ok := op.(*queryOp); ok {
+			if cmd, ok := qop.query.(*findCmd); ok {
+				debugf("Socket %p to %s: find command: %#v", socket, socket.addr, cmd)
+			}
+		}
 		start := len(buf)
 		var replyFunc replyFunc
 		switch op := op.(type) {
@@ -449,10 +455,10 @@
 		case *deleteOp:
 			buf = addHeader(buf, 2006)
 			buf = addInt32(buf, 0) // Reserved
-			buf = addCString(buf, op.collection)
-			buf = addInt32(buf, int32(op.flags))
-			debugf("Socket %p to %s: serializing selector document: %#v", socket, socket.addr, op.selector)
-			buf, err = addBSON(buf, op.selector)
+			buf = addCString(buf, op.Collection)
+			buf = addInt32(buf, int32(op.Flags))
+			debugf("Socket %p to %s: serializing selector document: %#v", socket, socket.addr, op.Selector)
+			buf, err = addBSON(buf, op.Selector)
 			if err != nil {
 				return err
 			}
@@ -542,7 +548,6 @@
 	s := make([]byte, 4)
 	conn := socket.conn // No locking, conn never changes.
 	for {
-		// XXX Handle timeouts, , etc
 		err := fill(conn, p)
 		if err != nil {
 			socket.kill(err, true)
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/init.js juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/init.js
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/init.js	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/init.js	2016-07-18 19:45:44.000000000 +0000
@@ -58,14 +58,30 @@
         addrs.push("127.0.0.1:40003")
     }
     for (var i in addrs) {
+        print("Configuring auth for", addrs[i])
         var db = new Mongo(addrs[i]).getDB("admin")
         var v = db.serverBuildInfo().versionArray
+        var timedOut = false
         if (v < [2, 5]) {
             db.addUser("root", "rapadura")
         } else {
-            db.createUser({user: "root", pwd: "rapadura", roles: ["root"]})
+            try {
+                db.createUser({user: "root", pwd: "rapadura", roles: ["root"]})
+            } catch (err) {
+                // 3.2 consistently fails replication of creds on 40031 (config server) 
+                print("createUser command returned an error: " + err)
+                if (String(err).indexOf("timed out") >= 0) {
+                    timedOut = true;
+                }
+            }
+        }
+        for (var i = 0; i < 60; i++) {
+            var ok = db.auth("root", "rapadura")
+            if (ok || !timedOut) {
+                break
+            }
+            sleep(1000);
         }
-        db.auth("root", "rapadura")
         if (v >= [2, 6]) {
             db.createUser({user: "reader", pwd: "rapadura", roles: ["readAnyDatabase"]})
         } else if (v >= [2, 4]) {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/setup.sh juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/setup.sh
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/setup.sh	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/setup.sh	2016-07-18 19:45:44.000000000 +0000
@@ -15,7 +15,7 @@
     echo "Running supervisord..."
     supervisord || ( echo "Supervisord failed executing ($?)" && exit 1 )
     echo "Supervisord is up, starting $COUNT processes..."
-    for i in $(seq 10); do
+    for i in $(seq 30); do
         RUNNING=$(supervisorctl status | grep RUNNING | wc -l | tr -d ' ')
         echo "$RUNNING processes running..."
         if [ x$COUNT = x$RUNNING ]; then
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/supervisord.conf juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/supervisord.conf
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/supervisord.conf	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/supervisord.conf	2016-07-18 19:45:44.000000000 +0000
@@ -57,9 +57,12 @@
 
 [program:s1]
 command = mongos --configdb 127.0.0.1:40101 --bind_ip=127.0.0.1 --port 40201 --chunkSize 1
+startretries = 10
 
 [program:s2]
 command = mongos --configdb 127.0.0.1:40102 --bind_ip=127.0.0.1 --port 40202 --chunkSize 1
+startretries = 10
 
 [program:s3]
 command = mongos --configdb 127.0.0.1:40103 --bind_ip=127.0.0.1 --port 40203 --chunkSize 1 --keyFile=%(here)s/keyfile
+startretries = 10
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/wait.js juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/wait.js
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/testdb/wait.js	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/testdb/wait.js	2016-07-18 19:45:44.000000000 +0000
@@ -52,7 +52,7 @@
 
 var totalRSMembers = rs1cfg.members.length + rs2cfg.members.length + rs3cfg.members.length
 
-for (var i = 0; i != 60; i++) {
+for (var i = 0; i != 90; i++) {
     var count = countHealthy(rs1a) + countHealthy(rs2a) + countHealthy(rs3a)
     print("Replica sets have", count, "healthy nodes.")
     if (count == totalRSMembers) {
diff -Nru juju-core-2.0~beta7/src/gopkg.in/mgo.v2/txn/flusher.go juju-core-2.0~beta12/src/gopkg.in/mgo.v2/txn/flusher.go
--- juju-core-2.0~beta7/src/gopkg.in/mgo.v2/txn/flusher.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/mgo.v2/txn/flusher.go	2016-07-18 19:45:44.000000000 +0000
@@ -314,7 +314,7 @@
 			}
 		}
 
-		// The stash wasn't valid and tt got overwriten. Try again.
+		// The stash wasn't valid and tt got overwritten. Try again.
 		f.unstashToken(tt, dkey)
 		goto RetryDoc
 	}
diff -Nru juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/example_windows_test.go juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/example_windows_test.go
--- juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/example_windows_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/example_windows_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -3,8 +3,9 @@
 import (
 	"bufio"
 	"fmt"
-	"github.com/natefinch/npipe"
 	"net"
+
+	"gopkg.in/natefinch/npipe.v2"
 )
 
 // Use Dial to connect to a server and read messages from it.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/npipe_windows.go juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/npipe_windows.go
--- juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/npipe_windows.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/npipe_windows.go	2016-07-18 19:45:44.000000000 +0000
@@ -53,8 +53,9 @@
 
 	nmpwait_wait_forever = 0xFFFFFFFF
 
-	// this not-an-error that occurs if a client connects to the pipe between
+	// the two not-an-errors below occur if a client connects to the pipe between
 	// the server's CreateNamedPipe and ConnectNamedPipe calls.
+	error_no_data        syscall.Errno = 0xE8
 	error_pipe_connected syscall.Errno = 0x217
 	error_pipe_busy      syscall.Errno = 0xE7
 	error_sem_timeout    syscall.Errno = 0x79
@@ -232,6 +233,7 @@
 	if err != nil {
 		return nil, err
 	}
+
 	return &PipeListener{
 		addr:   PipeAddr(address),
 		handle: handle,
@@ -241,6 +243,8 @@
 // PipeListener is a named pipe listener. Clients should typically
 // use variables of type net.Listener instead of assuming named pipe.
 type PipeListener struct {
+	mu sync.Mutex
+
 	addr   PipeAddr
 	handle syscall.Handle
 	closed bool
@@ -251,14 +255,16 @@
 	// acceptOverlapped is set before waiting on a connection.
 	// If not waiting, it is nil.
 	acceptOverlapped *syscall.Overlapped
-	// acceptMutex protects the handle and overlapped structure.
-	acceptMutex sync.Mutex
 }
 
 // Accept implements the Accept method in the net.Listener interface; it
 // waits for the next call and returns a generic net.Conn.
 func (l *PipeListener) Accept() (net.Conn, error) {
 	c, err := l.AcceptPipe()
+	for err == error_no_data {
+		// Ignore clients that connect and immediately disconnect.
+		c, err = l.AcceptPipe()
+	}
 	if err != nil {
 		return nil, err
 	}
@@ -266,8 +272,17 @@
 }
 
 // AcceptPipe accepts the next incoming call and returns the new connection.
+// It might return an error if a client connected and immediately cancelled
+// the connection.
 func (l *PipeListener) AcceptPipe() (*PipeConn, error) {
-	if l == nil || l.addr == "" || l.closed {
+	if l == nil {
+		return nil, syscall.EINVAL
+	}
+
+	l.mu.Lock()
+	defer l.mu.Unlock()
+
+	if l.addr == "" || l.closed {
 		return nil, syscall.EINVAL
 	}
 
@@ -291,29 +306,33 @@
 		return nil, err
 	}
 	defer syscall.CloseHandle(overlapped.HEvent)
-	if err := connectNamedPipe(handle, overlapped); err != nil && err != error_pipe_connected {
-		if err == error_io_incomplete || err == syscall.ERROR_IO_PENDING {
-			l.acceptMutex.Lock()
-			l.acceptOverlapped = overlapped
-			l.acceptHandle = handle
-			l.acceptMutex.Unlock()
-			defer func() {
-				l.acceptMutex.Lock()
-				l.acceptOverlapped = nil
-				l.acceptHandle = 0
-				l.acceptMutex.Unlock()
-			}()
-
-			_, err = waitForCompletion(handle, overlapped)
-		}
-		if err == syscall.ERROR_OPERATION_ABORTED {
-			// Return error compatible to net.Listener.Accept() in case the
-			// listener was closed.
-			return nil, ErrClosed
-		}
-		if err != nil {
-			return nil, err
-		}
+	err = connectNamedPipe(handle, overlapped)
+	if err == nil || err == error_pipe_connected {
+		return &PipeConn{handle: handle, addr: l.addr}, nil
+	}
+
+	if err == error_io_incomplete || err == syscall.ERROR_IO_PENDING {
+		l.acceptOverlapped = overlapped
+		l.acceptHandle = handle
+		// unlock here so close can function correctly while we wait (we'll
+		// get relocked via the defer below, before the original defer
+		// unlock happens.)
+		l.mu.Unlock()
+		defer func() {
+			l.mu.Lock()
+			l.acceptOverlapped = nil
+			l.acceptHandle = 0
+			// unlock is via defer above.
+		}()
+		_, err = waitForCompletion(handle, overlapped)
+	}
+	if err == syscall.ERROR_OPERATION_ABORTED {
+		// Return error compatible to net.Listener.Accept() in case the
+		// listener was closed.
+		return nil, ErrClosed
+	}
+	if err != nil {
+		return nil, err
 	}
 	return &PipeConn{handle: handle, addr: l.addr}, nil
 }
@@ -321,6 +340,9 @@
 // Close stops listening on the address.
 // Already Accepted connections are not closed.
 func (l *PipeListener) Close() error {
+	l.mu.Lock()
+	defer l.mu.Unlock()
+
 	if l.closed {
 		return nil
 	}
@@ -336,8 +358,6 @@
 		}
 		l.handle = 0
 	}
-	l.acceptMutex.Lock()
-	defer l.acceptMutex.Unlock()
 	if l.acceptOverlapped != nil && l.acceptHandle != 0 {
 		// Cancel the pending IO. This call does not block, so it is safe
 		// to hold onto the mutex above.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/npipe_windows_test.go juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/npipe_windows_test.go
--- juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/npipe_windows_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/npipe_windows_test.go	2016-07-18 19:45:44.000000000 +0000
@@ -5,6 +5,7 @@
 	"crypto/rand"
 	"fmt"
 	"io"
+	"io/ioutil"
 	"net"
 	"net/rpc"
 	"os"
@@ -92,6 +93,51 @@
 	}
 }
 
+// TestPipeConnected tests whether we correctly handle clients connecting
+// and then closing the connection between creating and connecting the
+// pipe on the server side.
+func TestPipeConnected(t *testing.T) {
+	address := `\\.\pipe\TestPipeConnected`
+	ln, err := Listen(address)
+	if err != nil {
+		t.Fatalf("Listen(%q): %v", address, err)
+	}
+	defer ln.Close()
+
+	// Create a client connection and close it immediately.
+	clientConn, err := Dial(address)
+	if err != nil {
+		t.Fatalf("Error from dial: %v", err)
+	}
+	clientConn.Close()
+
+	content := "test"
+	go func() {
+		// Now create a real connection and send some data.
+		clientConn, err := Dial(address)
+		if err != nil {
+			t.Fatalf("Error from dial: %v", err)
+		}
+		if _, err := clientConn.Write([]byte(content)); err != nil {
+			t.Fatalf("Error writing to pipe: %v", err)
+		}
+		clientConn.Close()
+	}()
+
+	serverConn, err := ln.Accept()
+	if err != nil {
+		t.Fatalf("Error from accept: %v", err)
+	}
+	result, err := ioutil.ReadAll(serverConn)
+	if err != nil {
+		t.Fatalf("Error from ReadAll: %v", err)
+	}
+	if string(result) != content {
+		t.Fatalf("Got %s, expected: %s", string(result), content)
+	}
+	serverConn.Close()
+}
+
 // TestListenCloseListen tests whether Close() actually closes a named pipe properly.
 func TestListenCloseListen(t *testing.T) {
 	address := `\\.\pipe\TestListenCloseListen`
@@ -164,8 +210,11 @@
 	if err != nil {
 		t.Fatalf("Listen(%q): %v", address, err)
 	}
-	cancelled := make(chan struct{}, 0)
+
+	cancelled := make(chan struct{})
+	started := make(chan struct{})
 	go func() {
+		close(started)
 		conn, _ := ln.Accept()
 		if conn != nil {
 			t.Fatalf("Unexpected incoming connection: %v", conn)
@@ -173,6 +222,7 @@
 		}
 		cancelled <- struct{}{}
 	}()
+	<-started
 	// Close listener after 20ms. This should give the go routine enough time to be actually
 	// waiting for incoming connections inside ln.Accept().
 	time.AfterFunc(20*time.Millisecond, func() {
@@ -383,17 +433,15 @@
 	if err != nil {
 		t.Fatalf("Error listening on %q: %v", address, err)
 	}
-	defer ln.Close()
-	waitExit := make(chan bool)
+	waitExit := make(chan struct{})
 	defer func() {
 		ln.Close()
 		<-waitExit
 	}()
-	server := rpc.NewServer()
-	service := &RPCService{}
-	server.Register(service)
-	go server.Accept(ln)
+
 	go func() {
+		server := rpc.NewServer()
+		server.Register(&RPCService{})
 		for {
 			conn, err := ln.Accept()
 			if err != nil {
@@ -405,17 +453,16 @@
 			}
 			go server.ServeConn(conn)
 		}
-		waitExit <- true
+		close(waitExit)
 	}()
-	var conn *PipeConn
-	conn, err = Dial(address)
+	conn, err := Dial(address)
 	if err != nil {
 		t.Fatalf("Error dialing %q: %v", address, err)
 	}
 	client := rpc.NewClient(conn)
 	defer client.Close()
 	req := "dummy"
-	resp := ""
+	var resp string
 	if err = client.Call("RPCService.GetResponse", req, &resp); err != nil {
 		t.Fatalf("Error calling RPCService.GetResponse: %v", err)
 	}
@@ -460,34 +507,32 @@
 		convos := 5
 		clients := 10
 
-		done := make(chan bool)
-		quit := make(chan bool)
-
-		go aggregateDones(done, quit, clients)
+		wg := sync.WaitGroup{}
 
 		for x := 0; x < clients; x++ {
-			go startClient(address, done, convos, t)
+			wg.Add(1)
+			go startClient(address, &wg, convos, t)
 		}
 
 		go startServer(ln, convos, t)
 
 		select {
-		case <-quit:
+		case <-wait(&wg):
+		// good!
 		case <-time.After(time.Second):
-			t.Fatal("Failed to receive quit message after a reasonable timeout")
+			t.Fatal("Failed to finish after a reasonable timeout")
 		}
 	}
 }
 
-// aggregateDones simply aggregates messages from the done channel
-// until it sees total, and then sends a message on the quit channel
-func aggregateDones(done, quit chan bool, total int) {
-	dones := 0
-	for dones < total {
-		<-done
-		dones++
-	}
-	quit <- true
+// wait simply waits on the waitgroup and closes the returned channel when done.
+func wait(wg *sync.WaitGroup) <-chan struct{} {
+	done := make(chan struct{})
+	go func() {
+		wg.Wait()
+		close(done)
+	}()
+	return done
 }
 
 // startServer accepts connections and spawns goroutines to handle them
@@ -529,15 +574,17 @@
 // startClient waits on a pipe at the given address. It expects to write a message and then
 // read a message from the pipe, convos times, and then sends a message on the done
 // channel
-func startClient(address string, done chan bool, convos int, t *testing.T) {
+func startClient(address string, wg *sync.WaitGroup, convos int, t *testing.T) {
+	defer wg.Done()
 	c := make(chan *PipeConn)
 	go asyncdial(address, c, t)
 
 	var conn *PipeConn
 	select {
 	case conn = <-c:
-	case <-time.After(250 * time.Millisecond):
-		t.Fatal("Client timed out waiting for dial to resolve")
+	case <-time.After(time.Second):
+		// Yes this is a long timeout, but sometimes it really does take a long time.
+		t.Fatalf("Client timed out waiting for dial to resolve")
 	}
 	r := bufio.NewReader(conn)
 	for x := 0; x < convos; x++ {
@@ -557,7 +604,6 @@
 	if err := conn.Close(); err != nil {
 		t.Fatalf("Error closing client side of pipe %v", err)
 	}
-	done <- true
 }
 
 // asyncdial is a helper that dials and returns the connection on the given channel.
diff -Nru juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/README.md juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/README.md
--- juju-core-2.0~beta7/src/gopkg.in/natefinch/npipe.v2/README.md	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/gopkg.in/natefinch/npipe.v2/README.md	2016-07-18 19:45:44.000000000 +0000
@@ -305,4 +305,4 @@
 func (l *PipeListener) Close() error
 ```
 Close stops listening on the address.
-Already Accepted connections are not closed.
\ No newline at end of file
+Already Accepted connections are not closed.
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/config.go juju-core-2.0~beta12/src/launchpad.net/golxc/config.go
--- juju-core-2.0~beta7/src/launchpad.net/golxc/config.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/config.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,34 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see COPYING and COPYING.LESSER file for details.
-
-package golxc
-
-import (
-	"io/ioutil"
-	"regexp"
-)
-
-var (
-	confPath string         = "/etc/default/lxc"
-	addrRE   *regexp.Regexp = regexp.MustCompile(`\n\s*LXC_ADDR="(\d+.\d+.\d+.\d+)"`)
-	bridgeRE *regexp.Regexp = regexp.MustCompile(`\n\s*LXC_BRIDGE="(\w+)"`)
-)
-
-// ReadConf reads the LXC network address and bridge interface
-// out of the configuration file /etc/default/lxc.
-func ReadConf() (map[string]string, error) {
-	conf := make(map[string]string)
-	confData, err := ioutil.ReadFile(confPath)
-	if err != nil {
-		return nil, err
-	}
-	fetchValue := func(field string, re *regexp.Regexp) {
-		groups := re.FindStringSubmatch(string(confData))
-		if len(groups) == 2 {
-			conf[field] = groups[1]
-		}
-	}
-	fetchValue("address", addrRE)
-	fetchValue("bridge", bridgeRE)
-	return conf, nil
-}
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/COPYING juju-core-2.0~beta12/src/launchpad.net/golxc/COPYING
--- juju-core-2.0~beta7/src/launchpad.net/golxc/COPYING	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/COPYING	1970-01-01 00:00:00.000000000 +0000
@@ -1,674 +0,0 @@
-                    GNU GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
-  The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users.  We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors.  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
-  To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights.  Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received.  You must make sure that they, too, receive
-or can get the source code.  And you must show them these terms so they
-know their rights.
-
-  Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
-  For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software.  For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
-  Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so.  This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software.  The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable.  Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products.  If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
-  Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary.  To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                       TERMS AND CONDITIONS
-
-  0. Definitions.
-
-  "This License" refers to version 3 of the GNU General Public License.
-
-  "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
-  "The Program" refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as "you".  "Licensees" and
-"recipients" may be individuals or organizations.
-
-  To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy.  The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
-  A "covered work" means either the unmodified Program or a work based
-on the Program.
-
-  To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
-  To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
-  An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
-  1. Source Code.
-
-  The "source code" for a work means the preferred form of the work
-for making modifications to it.  "Object code" means any non-source
-form of a work.
-
-  A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
-  The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
-  The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
-  The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
-  The Corresponding Source for a work in source code form is that
-same work.
-
-  2. Basic Permissions.
-
-  All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
-  You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force.  You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright.  Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
-  Conveying under any other circumstances is permitted solely under
-the conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-
-  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-  No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
-  When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
-  4. Conveying Verbatim Copies.
-
-  You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
-  You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
-  5. Conveying Modified Source Versions.
-
-  You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
-    a) The work must carry prominent notices stating that you modified
-    it, and giving a relevant date.
-
-    b) The work must carry prominent notices stating that it is
-    released under this License and any conditions added under section
-    7.  This requirement modifies the requirement in section 4 to
-    "keep intact all notices".
-
-    c) You must license the entire work, as a whole, under this
-    License to anyone who comes into possession of a copy.  This
-    License will therefore apply, along with any applicable section 7
-    additional terms, to the whole of the work, and all its parts,
-    regardless of how they are packaged.  This License gives no
-    permission to license the work in any other way, but it does not
-    invalidate such permission if you have separately received it.
-
-    d) If the work has interactive user interfaces, each must display
-    Appropriate Legal Notices; however, if the Program has interactive
-    interfaces that do not display Appropriate Legal Notices, your
-    work need not make them do so.
-
-  A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
-  6. Conveying Non-Source Forms.
-
-  You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
-    a) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by the
-    Corresponding Source fixed on a durable physical medium
-    customarily used for software interchange.
-
-    b) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by a
-    written offer, valid for at least three years and valid for as
-    long as you offer spare parts or customer support for that product
-    model, to give anyone who possesses the object code either (1) a
-    copy of the Corresponding Source for all the software in the
-    product that is covered by this License, on a durable physical
-    medium customarily used for software interchange, for a price no
-    more than your reasonable cost of physically performing this
-    conveying of source, or (2) access to copy the
-    Corresponding Source from a network server at no charge.
-
-    c) Convey individual copies of the object code with a copy of the
-    written offer to provide the Corresponding Source.  This
-    alternative is allowed only occasionally and noncommercially, and
-    only if you received the object code with such an offer, in accord
-    with subsection 6b.
-
-    d) Convey the object code by offering access from a designated
-    place (gratis or for a charge), and offer equivalent access to the
-    Corresponding Source in the same way through the same place at no
-    further charge.  You need not require recipients to copy the
-    Corresponding Source along with the object code.  If the place to
-    copy the object code is a network server, the Corresponding Source
-    may be on a different server (operated by you or a third party)
-    that supports equivalent copying facilities, provided you maintain
-    clear directions next to the object code saying where to find the
-    Corresponding Source.  Regardless of what server hosts the
-    Corresponding Source, you remain obligated to ensure that it is
-    available for as long as needed to satisfy these requirements.
-
-    e) Convey the object code using peer-to-peer transmission, provided
-    you inform other peers where the object code and Corresponding
-    Source of the work are being offered to the general public at no
-    charge under subsection 6d.
-
-  A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
-  A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling.  In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage.  For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product.  A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
-  "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source.  The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
-  If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
-  The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed.  Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
-  Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
-  7. Additional Terms.
-
-  "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
-  When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
-  Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
-    a) Disclaiming warranty or limiting liability differently from the
-    terms of sections 15 and 16 of this License; or
-
-    b) Requiring preservation of specified reasonable legal notices or
-    author attributions in that material or in the Appropriate Legal
-    Notices displayed by works containing it; or
-
-    c) Prohibiting misrepresentation of the origin of that material, or
-    requiring that modified versions of such material be marked in
-    reasonable ways as different from the original version; or
-
-    d) Limiting the use for publicity purposes of names of licensors or
-    authors of the material; or
-
-    e) Declining to grant rights under trademark law for use of some
-    trade names, trademarks, or service marks; or
-
-    f) Requiring indemnification of licensors and authors of that
-    material by anyone who conveys the material (or modified versions of
-    it) with contractual assumptions of liability to the recipient, for
-    any liability that these contractual assumptions directly impose on
-    those licensors and authors.
-
-  All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
-  If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
-  Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
-  8. Termination.
-
-  You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
-  However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
-  Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
-  Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
-  9. Acceptance Not Required for Having Copies.
-
-  You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
-  10. Automatic Licensing of Downstream Recipients.
-
-  Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-
-  An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
-  You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
-  11. Patents.
-
-  A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's "contributor version".
-
-  A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
-  Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
-  In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
-  If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
-  If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
-  A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License.  You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
-  Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
-  12. No Surrender of Others' Freedom.
-
-  If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all.  For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
-  13. Use with the GNU Affero General Public License.
-
-  Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
-  14. Revised Versions of this License.
-
-  The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-  Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation.  If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
-  If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
-  Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
-  15. Disclaimer of Warranty.
-
-  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. Limitation of Liability.
-
-  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
-  17. Interpretation of Sections 15 and 16.
-
-  If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-Also add information on how to contact you by electronic and paper mail.
-
-  If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
-    <program>  Copyright (C) <year>  <name of author>
-    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
-  You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
-
-  The GNU General Public License does not permit incorporating your program
-into proprietary programs.  If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.  But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/COPYING.LESSER juju-core-2.0~beta12/src/launchpad.net/golxc/COPYING.LESSER
--- juju-core-2.0~beta7/src/launchpad.net/golxc/COPYING.LESSER	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/COPYING.LESSER	1970-01-01 00:00:00.000000000 +0000
@@ -1,165 +0,0 @@
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/export_test.go juju-core-2.0~beta12/src/launchpad.net/golxc/export_test.go
--- juju-core-2.0~beta7/src/launchpad.net/golxc/export_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/export_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,17 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see COPYING and COPYING.LESSER file for details.
-
-package golxc
-
-// ContainerHome returns the name of the container directory.
-func ContainerHome(c Container) string {
-	return c.(*container).containerHome()
-}
-
-// SetConfPath allows the manipulation of the LXC
-// default configuration file.
-func SetConfPath(cp string) string {
-	orig := confPath
-	confPath = cp
-	return orig
-}
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/golxc.go juju-core-2.0~beta12/src/launchpad.net/golxc/golxc.go
--- juju-core-2.0~beta7/src/launchpad.net/golxc/golxc.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/golxc.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,523 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see COPYING and COPYING.LESSER file for details.
-
-// golxc - Go package to interact with Linux Containers (LXC).
-//
-// https://launchpad.net/golxc/
-//
-package golxc
-
-import (
-	"fmt"
-	"os"
-	"os/exec"
-	"path"
-	"strconv"
-	"strings"
-
-	"github.com/juju/loggo"
-)
-
-var logger = loggo.GetLogger("golxc")
-
-// Error reports the failure of a LXC command.
-type Error struct {
-	Name   string
-	Err    error
-	Output []string
-}
-
-func (e Error) Error() string {
-	if e.Output == nil {
-		return fmt.Sprintf("error executing %q: %v", e.Name, e.Err)
-	}
-	if len(e.Output) == 1 {
-		return fmt.Sprintf("error executing %q: %v", e.Name, e.Output[0])
-	}
-	return fmt.Sprintf("error executing %q: %s", e.Name, strings.Join(e.Output, "; "))
-}
-
-// State represents a container state.
-type State string
-
-const (
-	StateUnknown  State = "UNKNOWN"
-	StateStopped  State = "STOPPED"
-	StateStarting State = "STARTING"
-	StateRunning  State = "RUNNING"
-	StateAborting State = "ABORTING"
-	StateStopping State = "STOPPING"
-)
-
-// LogLevel represents a container's log level.
-type LogLevel string
-
-const (
-	LogDebug    LogLevel = "DEBUG"
-	LogInfo     LogLevel = "INFO"
-	LogNotice   LogLevel = "NOTICE"
-	LogWarning  LogLevel = "WARN"
-	LogError    LogLevel = "ERROR"
-	LogCritical LogLevel = "CRIT"
-	LogFatal    LogLevel = "FATAL"
-)
-
-// Container represents a linux container instance and provides
-// operations to create, maintain and destroy the container.
-type Container interface {
-
-	// Name returns the name of the container.
-	Name() string
-
-	// Create creates a new container based on the given template.
-	// envArgs, if not nil, are assigned to the environment of the process, otherwise the
-	// environment of the current process is used.
-	Create(configFile, template string, extraArgs []string, templateArgs []string, envArgs []string) error
-
-	// Start runs the container as a daemon.
-	Start(configFile, consoleFile string) error
-
-	// Stop terminates the running container.
-	Stop() error
-
-	// Clone creates a copy of the container, giving the copy the specified name.
-	Clone(name string, extraArgs []string, templateArgs []string) (Container, error)
-
-	// Freeze freezes all the container's processes.
-	Freeze() error
-
-	// Unfreeze thaws all frozen container's processes.
-	Unfreeze() error
-
-	// Destroy stops and removes the container.
-	Destroy() error
-
-	// Wait waits for one of the specified container states.
-	Wait(states ...State) error
-
-	// Info returns the status and the process id of the container.
-	Info() (State, int, error)
-
-	// IsConstructed checks if the container image exists.
-	IsConstructed() bool
-
-	// IsRunning checks if the state of the container is 'RUNNING'.
-	IsRunning() bool
-
-	// String returns information about the container, like the name, state,
-	// and process id.
-	String() string
-
-	// LogFile returns the current filename used for the LogFile.
-	LogFile() string
-
-	// LogLevel returns the current logging level (only used if the
-	// LogFile is not "").
-	LogLevel() LogLevel
-
-	// SetLogFile sets both the LogFile and LogLevel.
-	SetLogFile(filename string, level LogLevel)
-}
-
-// ContainerFactory represents the methods used to create Containers.
-type ContainerFactory interface {
-	// New returns a container instance which can then be used for operations
-	// like Create(), Start(), Stop() or Destroy().
-	New(string) Container
-
-	// List returns all the existing containers on the system.
-	List() ([]Container, error)
-}
-
-// Factory provides the standard ContainerFactory.
-func Factory() ContainerFactory {
-	return &containerFactory{}
-}
-
-const DefaultLXCDir = "/var/lib/lxc"
-
-var ContainerDir = GetDefaultLXCContainerDir()
-
-type container struct {
-	name     string
-	logFile  string
-	logLevel LogLevel
-	// Newer LXC libraries can have containers in non-default locations. The
-	// containerDir is the directory that is the 'home' of this container.
-	containerDir string
-}
-
-type containerFactory struct{}
-
-func (*containerFactory) New(name string) Container {
-	return &container{
-		name:         name,
-		logLevel:     LogWarning,
-		containerDir: ContainerDir,
-	}
-}
-
-// List returns all the existing containers on the system.
-func (factory *containerFactory) List() ([]Container, error) {
-	out, err := run("lxc-ls", nil, "-1")
-	if err != nil {
-		return nil, err
-	}
-	names := nameSet(out)
-	containers := make([]Container, len(names))
-	for i, name := range names {
-		containers[i] = factory.New(name)
-	}
-	return containers, nil
-}
-
-// Name returns the name of the container.
-func (c *container) Name() string {
-	return c.name
-}
-
-// LogFile returns the current filename used for the LogFile.
-func (c *container) LogFile() string {
-	return c.logFile
-}
-
-// LogLevel returns the current logging level, this is only used if the
-// LogFile is not "".
-func (c *container) LogLevel() LogLevel {
-	return c.logLevel
-}
-
-// SetLogFile sets both the LogFile and LogLevel.
-func (c *container) SetLogFile(filename string, level LogLevel) {
-	c.logFile = filename
-	c.logLevel = level
-}
-
-// Create creates a new container based on the given template.
-func (c *container) Create(configFile, template string, extraArgs []string, templateArgs []string, envArgs []string) error {
-	if c.IsConstructed() {
-		return fmt.Errorf("container %q is already created", c.Name())
-	}
-	args := []string{
-		"-n", c.name,
-		"-t", template,
-	}
-
-	if configFile != "" {
-		args = append(args, "-f", configFile)
-	}
-	if len(extraArgs) != 0 {
-		args = append(args, extraArgs...)
-	}
-	if len(templateArgs) != 0 {
-		// Must be done in two steps due to current language implementation details.
-		args = append(args, "--")
-		args = append(args, templateArgs...)
-	}
-	_, err := run("lxc-create", envArgs, args...)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-// Start runs the container as a daemon.
-func (c *container) Start(configFile, consoleFile string) error {
-	if !c.IsConstructed() {
-		return fmt.Errorf("container %q is not yet created", c.name)
-	}
-	args := []string{
-		"--daemon",
-		"--name", c.name,
-	}
-	if configFile != "" {
-		args = append(args, "--rcfile", configFile)
-	}
-	if c.logFile != "" {
-		args = append(args, "--logfile", c.logFile, "--logpriority", string(c.logLevel))
-	}
-	startArgs := args
-	if consoleFile != "" {
-		startArgs = append(args, "--console-log", consoleFile)
-	}
-	_, err := run("lxc-start", nil, startArgs...)
-	// We may need to fallback to the older --console arg name.
-	if err != nil && consoleFile != "" {
-		startArgs = append(args, "--console", consoleFile)
-		_, err = run("lxc-start", nil, startArgs...)
-	}
-	if err != nil {
-		return err
-	}
-	if err := c.Wait(StateRunning, StateStopped); err != nil {
-		return err
-	}
-	if !c.IsRunning() {
-		return fmt.Errorf("container failed to start")
-	}
-	return nil
-}
-
-// Stop terminates the running container.
-func (c *container) Stop() error {
-	if !c.IsConstructed() {
-		return fmt.Errorf("container %q is not yet created", c.name)
-	}
-	// If the container is not running, we are done.
-	if !c.IsRunning() {
-		return nil
-	}
-	args := []string{
-		"--name", c.name,
-	}
-	if c.logFile != "" {
-		args = append(args, "--logfile", c.logFile, "--logpriority", string(c.logLevel))
-	}
-	_, err := run("lxc-stop", nil, args...)
-	if err != nil {
-		return err
-	}
-	return c.Wait(StateStopped)
-}
-
-// Clone creates a copy of the container, it gets the given name.
-func (c *container) Clone(name string, extraArgs []string, templateArgs []string) (Container, error) {
-	if !c.IsConstructed() {
-		return nil, fmt.Errorf("container %q is not yet created", c.name)
-	}
-	if c.IsRunning() {
-		return nil, fmt.Errorf("cannot clone a running container")
-	}
-	cc := &container{
-		name:         name,
-		logLevel:     c.logLevel,
-		containerDir: c.containerDir,
-	}
-	if cc.IsConstructed() {
-		return cc, nil
-	}
-	args := []string{
-		"-o", c.name,
-		"-n", name,
-	}
-	if len(extraArgs) != 0 {
-		args = append(args, extraArgs...)
-	}
-	if len(templateArgs) != 0 {
-		// Must be done in two steps due to current language implementation details.
-		args = append(args, "--")
-		args = append(args, templateArgs...)
-	}
-	_, err := run("lxc-clone", nil, args...)
-	if err != nil {
-		return nil, err
-	}
-	return cc, nil
-}
-
-// Freeze freezes all the container's processes.
-func (c *container) Freeze() error {
-	if !c.IsConstructed() {
-		return fmt.Errorf("container %q is not yet created", c.name)
-	}
-	if !c.IsRunning() {
-		return fmt.Errorf("container %q is not running", c.name)
-	}
-	args := []string{
-		"--name", c.name,
-	}
-	if c.logFile != "" {
-		args = append(args, "--logfile", c.logFile, "--logpriority", string(c.logLevel))
-	}
-	_, err := run("lxc-freeze", nil, args...)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-// Unfreeze thaws all frozen container's processes.
-func (c *container) Unfreeze() error {
-	if !c.IsConstructed() {
-		return fmt.Errorf("container %q is not yet created", c.name)
-	}
-	if c.IsRunning() {
-		return fmt.Errorf("container %q is not frozen", c.name)
-	}
-	args := []string{
-		"--name", c.name,
-	}
-	if c.logFile != "" {
-		args = append(args, "--logfile", c.logFile, "--logpriority", string(c.logLevel))
-	}
-	_, err := run("lxc-unfreeze", nil, args...)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-// Destroy stops and removes the container.
-func (c *container) Destroy() error {
-	if !c.IsConstructed() {
-		return fmt.Errorf("container %q is not yet created", c.name)
-	}
-	if err := c.Stop(); err != nil {
-		return err
-	}
-	_, err := run("lxc-destroy", nil, "-n", c.name)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-// Wait waits for one of the specified container states.
-func (c *container) Wait(states ...State) error {
-	if len(states) == 0 {
-		return fmt.Errorf("no states specified")
-	}
-	stateStrs := make([]string, len(states))
-	for i, state := range states {
-		stateStrs[i] = string(state)
-	}
-	waitStates := strings.Join(stateStrs, "|")
-	_, err := run("lxc-wait", nil, "--name", c.name, "--state", waitStates)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-// Info returns the status and the process id of the container.
-func (c *container) Info() (State, int, error) {
-	out, err := run("lxc-info", nil, "--name", c.name)
-	if err != nil {
-		return StateUnknown, -1, err
-	}
-	kv := keyValues(out, ": ")
-	state := State(kv["state"])
-	pid, err := strconv.Atoi(kv["pid"])
-	if err != nil {
-		return StateUnknown, -1, fmt.Errorf("cannot read the pid: %v", err)
-	}
-	return state, pid, nil
-}
-
-// IsConstructed checks if the container image exists.
-func (c *container) IsConstructed() bool {
-	fi, err := os.Stat(c.rootfs())
-	if err != nil {
-		return false
-	}
-	return fi.IsDir()
-}
-
-// IsRunning checks if the state of the container is 'RUNNING'.
-func (c *container) IsRunning() bool {
-	state, _, err := c.Info()
-	if err != nil {
-		return false
-	}
-	return state == StateRunning
-}
-
-// String returns information about the container.
-func (c *container) String() string {
-	state, pid, err := c.Info()
-	if err != nil {
-		return fmt.Sprintf("cannot retrieve container info for %q: %v", c.name, err)
-	}
-	return fmt.Sprintf("container %q (%s, pid %d)", c.name, state, pid)
-}
-
-// containerHome returns the name of the container directory.
-func (c *container) containerHome() string {
-	return path.Join(c.containerDir, c.name)
-}
-
-// rootfs returns the name of the directory containing the
-// root filesystem of the container.
-func (c *container) rootfs() string {
-	return path.Join(c.containerHome(), "rootfs")
-}
-
-// run executes the passed command and returns the out.
-func run(name string, env []string, args ...string) (string, error) {
-	logger := loggo.GetLogger(fmt.Sprintf("golxc.run.%s", name))
-	logger.Tracef("run: %s %v", name, args)
-	cmd := exec.Command(name, args...)
-	cmd.Env = env
-	// LXC tools do not use stdout and stderr in a predictable
-	// way; based on experimentation, the most convenient
-	// solution is to combine them and leave the client to
-	// determine sanity as best it can.
-	out, err := cmd.CombinedOutput()
-	result := string(out)
-	if err != nil {
-		logger.Tracef("run failed output: %s", result)
-		return "", runError(name, err, out)
-	}
-	logger.Tracef("run successful output: %s", result)
-	return result, nil
-}
-
-// runError creates an error if run fails.
-func runError(name string, err error, out []byte) error {
-	e := &Error{name, err, nil}
-	for _, l := range strings.Split(string(out), "\n") {
-		if strings.HasPrefix(l, name+": ") {
-			// LXC tools do not always print their output with
-			// the command name as prefix. The name is part of
-			// the error struct, so stip it from the output if
-			// printed.
-			l = l[len(name)+2:]
-		}
-		if l != "" {
-			e.Output = append(e.Output, l)
-		}
-	}
-	return e
-}
-
-// keyValues retrieves key/value pairs out of a command out.
-func keyValues(raw string, sep string) map[string]string {
-	kv := map[string]string{}
-	lines := strings.Split(raw, "\n")
-	for _, line := range lines {
-		parts := strings.SplitN(line, sep, 2)
-		if len(parts) == 2 {
-			kv[strings.ToLower(parts[0])] = strings.TrimSpace(parts[1])
-		}
-	}
-	return kv
-}
-
-// nameSet retrieves a set of names out of a command out.
-func nameSet(raw string) []string {
-	collector := map[string]struct{}{}
-	set := []string{}
-	lines := strings.Split(raw, "\n")
-	for _, line := range lines {
-		name := strings.TrimSpace(line)
-		if name != "" {
-			collector[name] = struct{}{}
-		}
-	}
-	for name := range collector {
-		set = append(set, name)
-	}
-	return set
-}
-
-// GetDefaultLXCContainerDir returns the current lxc.lxcpath value otherwise
-// the const DefaultLXCDir is returned.
-func GetDefaultLXCContainerDir() string {
-	result, err := run("lxc-config", nil, "lxc.lxcpath")
-
-	if err != nil {
-		return DefaultLXCDir
-	}
-
-	return strings.Replace(result, "\n", "", 1)
-}
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/golxc_test.go juju-core-2.0~beta12/src/launchpad.net/golxc/golxc_test.go
--- juju-core-2.0~beta7/src/launchpad.net/golxc/golxc_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/golxc_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,562 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see COPYING and COPYING.LESSER file for details.
-
-package golxc_test
-
-import (
-	"io/ioutil"
-	"os"
-	"os/user"
-	"path/filepath"
-
-	"github.com/juju/testing"
-	jc "github.com/juju/testing/checkers"
-	gc "gopkg.in/check.v1"
-
-	"launchpad.net/golxc"
-)
-
-var lxcfile = `# MIRROR to be used by ubuntu template at container creation:
-# Leaving it undefined is fine
-#MIRROR="http://archive.ubuntu.com/ubuntu"
-# or
-#MIRROR="http://<host-ip-addr>:3142/archive.ubuntu.com/ubuntu"
-
-# LXC_AUTO - whether or not to start containers symlinked under
-# /etc/lxc/auto
-LXC_AUTO="true"
-
-# Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your
-# containers.  Set to "false" if you'll use virbr0 or another existing
-# bridge, or mavlan to your host's NIC.
-USE_LXC_BRIDGE="true"
-
-# LXC_BRIDGE and LXC_ADDR are changed against original for
-# testing purposes.
-# LXC_BRIDGE="lxcbr1"
-LXC_BRIDGE="lxcbr9"
-# LXC_ADDR="10.0.1.1"
-LXC_ADDR="10.0.9.1"
-LXC_NETMASK="255.255.255.0"
-LXC_NETWORK="10.0.9.0/24"
-LXC_DHCP_RANGE="10.0.9.2,10.0.9.254"
-LXC_DHCP_MAX="253"
-# And for testing LXC_BRIDGE="lxcbr99" and LXC_ADDR="10.0.99.1".
-
-LXC_SHUTDOWN_TIMEOUT=120`
-
-var lxcconf = map[string]string{
-	"address": "10.0.9.1",
-	"bridge":  "lxcbr9",
-}
-
-type ConfigSuite struct{}
-
-var _ = gc.Suite(&ConfigSuite{})
-
-func (s *ConfigSuite) TestReadConf(c *gc.C) {
-	// Test reading the configuration.
-	cf := filepath.Join(c.MkDir(), "lxc-test")
-	c.Assert(ioutil.WriteFile(cf, []byte(lxcfile), 0555), gc.IsNil)
-
-	defer golxc.SetConfPath(golxc.SetConfPath(cf))
-
-	conf, err := golxc.ReadConf()
-	c.Assert(err, gc.IsNil)
-	c.Assert(conf, gc.DeepEquals, lxcconf)
-}
-
-func (s *ConfigSuite) TestReadNotExistingDefaultEnvironment(c *gc.C) {
-	// Test reading a not existing environment.
-	defer golxc.SetConfPath(golxc.SetConfPath(filepath.Join(c.MkDir(), "foo")))
-
-	_, err := golxc.ReadConf()
-	c.Assert(err, gc.ErrorMatches, "open .*: no such file or directory")
-}
-
-func (s *ConfigSuite) TestNetworkAttributes(c *gc.C) {
-	// Test reading the network attribute form an environment.
-	cf := filepath.Join(c.MkDir(), "lxc-test")
-	c.Assert(ioutil.WriteFile(cf, []byte(lxcfile), 0555), gc.IsNil)
-
-	defer golxc.SetConfPath(golxc.SetConfPath(cf))
-
-	addr, bridge, err := golxc.NetworkAttributes()
-	c.Assert(err, gc.IsNil)
-	c.Assert(addr, gc.Equals, "10.0.9.1")
-	c.Assert(bridge, gc.Equals, "lxcbr9")
-}
-
-type NetworkSuite struct{}
-
-var _ = gc.Suite(&NetworkSuite{})
-
-func (s *NetworkSuite) SetUpSuite(c *gc.C) {
-	u, err := user.Current()
-	c.Assert(err, gc.IsNil)
-	if u.Uid != "0" {
-		// Has to be run as root!
-		c.Skip("tests must run as root")
-	}
-}
-
-func (s *NetworkSuite) TestStartStopNetwork(c *gc.C) {
-	// Test starting and stoping of the LXC network.
-	initialRunning, err := golxc.IsNetworkRunning()
-	c.Assert(err, gc.IsNil)
-	defer func() {
-		if initialRunning {
-			c.Assert(golxc.StartNetwork(), gc.IsNil)
-		}
-	}()
-	c.Assert(golxc.StartNetwork(), gc.IsNil)
-	running, err := golxc.IsNetworkRunning()
-	c.Assert(err, gc.IsNil)
-	c.Assert(running, gc.Equals, true)
-	c.Assert(golxc.StopNetwork(), gc.IsNil)
-	running, err = golxc.IsNetworkRunning()
-	c.Assert(err, gc.IsNil)
-	c.Assert(running, gc.Equals, false)
-}
-
-func (s *NetworkSuite) TestNotExistingNetworkAttributes(c *gc.C) {
-	// Test reading of network attributes from a not existing environment.
-	defer golxc.SetConfPath(golxc.SetConfPath(filepath.Join(c.MkDir(), "foo")))
-
-	_, _, err := golxc.NetworkAttributes()
-	c.Assert(err, gc.ErrorMatches, "open .*: no such file or directory")
-}
-
-type LXCSuite struct {
-	factory golxc.ContainerFactory
-}
-
-var _ = gc.Suite(&LXCSuite{golxc.Factory()})
-
-func (s *LXCSuite) SetUpSuite(c *gc.C) {
-	u, err := user.Current()
-	c.Assert(err, gc.IsNil)
-	if u.Uid != "0" {
-		// Has to be run as root!
-		c.Skip("tests must run as root")
-	}
-}
-
-func (s *LXCSuite) createContainer(c *gc.C) golxc.Container {
-	container := s.factory.New("golxc")
-	c.Assert(container.IsConstructed(), gc.Equals, false)
-	err := container.Create("", "ubuntu", nil, nil, nil)
-	c.Assert(err, gc.IsNil)
-	c.Assert(container.IsConstructed(), gc.Equals, true)
-	return container
-}
-
-func (s *LXCSuite) TestCreateDestroy(c *gc.C) {
-	// Test clean creation and destroying of a container.
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	home := golxc.ContainerHome(lc)
-	_, err := os.Stat(home)
-	c.Assert(err, gc.ErrorMatches, "stat .*: no such file or directory")
-	err = lc.Create("", "ubuntu", nil, nil, nil)
-	c.Assert(err, gc.IsNil)
-	c.Assert(lc.IsConstructed(), gc.Equals, true)
-	defer func() {
-		err = lc.Destroy()
-		c.Assert(err, gc.IsNil)
-		_, err = os.Stat(home)
-		c.Assert(err, gc.ErrorMatches, "stat .*: no such file or directory")
-	}()
-	fi, err := os.Stat(golxc.ContainerHome(lc))
-	c.Assert(err, gc.IsNil)
-	c.Assert(fi.IsDir(), gc.Equals, true)
-}
-
-func (s *LXCSuite) TestCreateTwice(c *gc.C) {
-	// Test that a container cannot be created twice.
-	lc1 := s.createContainer(c)
-	c.Assert(lc1.IsConstructed(), gc.Equals, true)
-	defer func() {
-		c.Assert(lc1.Destroy(), gc.IsNil)
-	}()
-	lc2 := s.factory.New("golxc")
-	err := lc2.Create("", "ubuntu", nil, nil, nil)
-	c.Assert(err, gc.ErrorMatches, "container .* is already created")
-}
-
-func (s *LXCSuite) TestCreateIllegalTemplate(c *gc.C) {
-	// Test that a container creation fails correctly in
-	// case of an illegal template.
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	err := lc.Create("", "name-of-a-not-existing-template-for-golxc", nil, nil, nil)
-	c.Assert(err, gc.ErrorMatches, `error executing "lxc-create": .*bad template.*`)
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-}
-
-func (s *LXCSuite) TestDestroyNotCreated(c *gc.C) {
-	// Test that a non-existing container can't be destroyed.
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	err := lc.Destroy()
-	c.Assert(err, gc.ErrorMatches, "container .* is not yet created")
-}
-
-func contains(lcs []golxc.Container, lc golxc.Container) bool {
-	for _, clc := range lcs {
-		if clc.Name() == lc.Name() {
-			return true
-		}
-	}
-	return false
-}
-
-func (s *LXCSuite) TestList(c *gc.C) {
-	// Test the listing of created containers.
-	lcs, err := s.factory.List()
-	oldLen := len(lcs)
-	c.Assert(err, gc.IsNil)
-	c.Assert(oldLen >= 0, gc.Equals, true)
-	lc := s.createContainer(c)
-	defer func() {
-		c.Assert(lc.Destroy(), gc.IsNil)
-	}()
-	lcs, _ = s.factory.List()
-	newLen := len(lcs)
-	c.Assert(newLen == oldLen+1, gc.Equals, true)
-	c.Assert(contains(lcs, lc), gc.Equals, true)
-}
-
-func (s *LXCSuite) TestClone(c *gc.C) {
-	// Test the cloning of an existing container.
-	lc1 := s.createContainer(c)
-	defer func() {
-		c.Assert(lc1.Destroy(), gc.IsNil)
-	}()
-	lcs, _ := s.factory.List()
-	oldLen := len(lcs)
-	lc2, err := lc1.Clone("golxcclone", nil, nil)
-	c.Assert(err, gc.IsNil)
-	c.Assert(lc2.IsConstructed(), gc.Equals, true)
-	defer func() {
-		c.Assert(lc2.Destroy(), gc.IsNil)
-	}()
-	lcs, _ = s.factory.List()
-	newLen := len(lcs)
-	c.Assert(newLen == oldLen+1, gc.Equals, true)
-	c.Assert(contains(lcs, lc1), gc.Equals, true)
-	c.Assert(contains(lcs, lc2), gc.Equals, true)
-}
-
-func (s *LXCSuite) TestCloneNotCreated(c *gc.C) {
-	// Test the cloning of a non-existing container.
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	_, err := lc.Clone("golxcclone", nil, nil)
-	c.Assert(err, gc.ErrorMatches, "container .* is not yet created")
-}
-
-func (s *LXCSuite) TestStartStop(c *gc.C) {
-	// Test starting and stopping a container.
-	lc := s.createContainer(c)
-	defer func() {
-		c.Assert(lc.Destroy(), gc.IsNil)
-	}()
-	c.Assert(lc.Start("", ""), gc.IsNil)
-	c.Assert(lc.IsRunning(), gc.Equals, true)
-	c.Assert(lc.Stop(), gc.IsNil)
-	c.Assert(lc.IsRunning(), gc.Equals, false)
-}
-
-func (s *LXCSuite) TestStartNotCreated(c *gc.C) {
-	// Test that a non-existing container can't be started.
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	c.Assert(lc.Start("", ""), gc.ErrorMatches, "container .* is not yet created")
-}
-
-func (s *LXCSuite) TestStopNotRunning(c *gc.C) {
-	// Test that a not running container can't be stopped.
-	lc := s.createContainer(c)
-	defer func() {
-		c.Assert(lc.Destroy(), gc.IsNil)
-	}()
-	c.Assert(lc.Stop(), gc.IsNil)
-}
-
-func (s *LXCSuite) TestWait(c *gc.C) {
-	// Test waiting for one of a number of states of a container.
-	// ATTN: Using a not reached state blocks the test until timeout!
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	c.Assert(lc.Wait(), gc.ErrorMatches, "no states specified")
-	c.Assert(lc.Wait(golxc.StateStopped), gc.IsNil)
-	c.Assert(lc.Wait(golxc.StateStopped, golxc.StateRunning), gc.IsNil)
-	c.Assert(lc.Create("", "ubuntu", nil, nil, nil), gc.IsNil)
-	defer func() {
-		c.Assert(lc.Destroy(), gc.IsNil)
-	}()
-	go func() {
-		c.Assert(lc.Start("", ""), gc.IsNil)
-	}()
-	c.Assert(lc.Wait(golxc.StateRunning), gc.IsNil)
-}
-
-func (s *LXCSuite) TestFreezeUnfreeze(c *gc.C) {
-	// Test the freezing and unfreezing of a started container.
-	lc := s.createContainer(c)
-	defer func() {
-		c.Assert(lc.Destroy(), gc.IsNil)
-	}()
-	c.Assert(lc.Start("", ""), gc.IsNil)
-	defer func() {
-		c.Assert(lc.Stop(), gc.IsNil)
-	}()
-	c.Assert(lc.IsRunning(), gc.Equals, true)
-	c.Assert(lc.Freeze(), gc.IsNil)
-	c.Assert(lc.IsRunning(), gc.Equals, false)
-	c.Assert(lc.Unfreeze(), gc.IsNil)
-	c.Assert(lc.IsRunning(), gc.Equals, true)
-}
-
-func (s *LXCSuite) TestFreezeNotStarted(c *gc.C) {
-	// Test that a not running container can't be frozen.
-	lc := s.createContainer(c)
-	defer func() {
-		c.Assert(lc.Destroy(), gc.IsNil)
-	}()
-	c.Assert(lc.Freeze(), gc.ErrorMatches, "container .* is not running")
-}
-
-func (s *LXCSuite) TestFreezeNotCreated(c *gc.C) {
-	// Test that a non-existing container can't be frozen.
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	c.Assert(lc.Freeze(), gc.ErrorMatches, "container .* is not yet created")
-}
-
-func (s *LXCSuite) TestUnfreezeNotCreated(c *gc.C) {
-	// Test that a non-existing container can't be unfrozen.
-	lc := s.factory.New("golxc")
-	c.Assert(lc.IsConstructed(), gc.Equals, false)
-	c.Assert(lc.Unfreeze(), gc.ErrorMatches, "container .* is not yet created")
-}
-
-func (s *LXCSuite) TestUnfreezeNotFrozen(c *gc.C) {
-	// Test that a running container can't be unfrozen.
-	lc := s.createContainer(c)
-	defer func() {
-		c.Assert(lc.Destroy(), gc.IsNil)
-	}()
-	c.Assert(lc.Start("", ""), gc.IsNil)
-	defer func() {
-		c.Assert(lc.Stop(), gc.IsNil)
-	}()
-	c.Assert(lc.Unfreeze(), gc.ErrorMatches, "container .* is not frozen")
-}
-
-type commandArgs struct {
-	testing.IsolationSuite
-	originalPath string
-}
-
-var _ = gc.Suite(&commandArgs{})
-
-func (s *commandArgs) SetUpSuite(c *gc.C) {
-	// lxc-create requires the PATH to be set.
-	s.originalPath = os.Getenv("PATH")
-	s.IsolationSuite.SetUpSuite(c)
-}
-
-func (s *commandArgs) setupLxcStart(c *gc.C) {
-	dir := c.MkDir()
-	// Make the rootfs for the "test" container so it thinks it is created.
-	rootfs := filepath.Join(dir, "test", "rootfs")
-	err := os.MkdirAll(rootfs, 0755)
-	c.Assert(err, gc.IsNil)
-	c.Assert(rootfs, jc.IsDirectory)
-
-	s.PatchValue(&golxc.ContainerDir, dir)
-	s.PatchEnvironment("PATH", s.originalPath)
-	testing.PatchExecutableAsEchoArgs(c, s, "lxc-wait")
-	testing.PatchExecutableAsEchoArgs(c, s, "lxc-start")
-	info := "PID: 1234\nSTATE: RUNNING"
-	testing.PatchExecutable(c, s, "lxc-info", "#!/bin/sh\necho '"+info+"'\n")
-}
-
-func (s *commandArgs) TestStartArgs(c *gc.C) {
-	s.setupLxcStart(c)
-	factory := golxc.Factory()
-	container := factory.New("test")
-	err := container.Start("config-file", "console-log")
-	c.Assert(err, gc.IsNil)
-	testing.AssertEchoArgs(
-		c, "lxc-start",
-		"--daemon",
-		"--name", "test",
-		"--rcfile", "config-file",
-		"--console-log", "console-log")
-}
-
-func (s *commandArgs) TestStartArgsNoConsoleLog(c *gc.C) {
-	s.setupLxcStart(c)
-	factory := golxc.Factory()
-	container := factory.New("test")
-	err := container.Start("config-file", "")
-	c.Assert(err, gc.IsNil)
-	testing.AssertEchoArgs(
-		c, "lxc-start",
-		"--daemon",
-		"--name", "test",
-		"--rcfile", "config-file")
-}
-
-func (s *commandArgs) TestStartArgsFallback(c *gc.C) {
-	dir := c.MkDir()
-	// Make the rootfs for the "test" container so it thinks it is created.
-	rootfs := filepath.Join(dir, "test", "rootfs")
-	err := os.MkdirAll(rootfs, 0755)
-	c.Assert(err, gc.IsNil)
-	c.Assert(rootfs, jc.IsDirectory)
-
-	s.PatchValue(&golxc.ContainerDir, dir)
-	s.PatchEnvironment("PATH", s.originalPath)
-	testing.PatchExecutableAsEchoArgs(c, s, "lxc-wait")
-	EchoQuotedArgs := `
-name=` + "`basename $0`" + `
-argfile="$name.out"
-rm -f $argfile
-printf "%s" $name | tee -a $argfile
-for arg in "$@"; do
-  printf " \"%s\""  "$arg" | tee -a $argfile
-done
-printf "\n" | tee -a $argfile
-`
-	// Make lxc-start error if called with --console-log but succeed otherwise.
-	// On success, echo the args.
-	testing.PatchExecutable(
-		c, s, "lxc-start", "#!/bin/bash\nif [ $6 == '--console-log' ]; then\nexit 1\nelse\n"+EchoQuotedArgs+"fi")
-	info := "PID: 1234\nSTATE: RUNNING"
-	testing.PatchExecutable(c, s, "lxc-info", "#!/bin/sh\necho '"+info+"'\n")
-
-	factory := golxc.Factory()
-	container := factory.New("test")
-	err = container.Start("config-file", "console-log")
-	c.Assert(err, gc.IsNil)
-	testing.AssertEchoArgs(
-		c, "lxc-start",
-		"--daemon",
-		"--name", "test",
-		"--rcfile", "config-file",
-		"--console", "console-log")
-}
-
-func (s *commandArgs) TestCreateArgs(c *gc.C) {
-	s.PatchValue(&golxc.ContainerDir, c.MkDir())
-	s.PatchEnvironment("PATH", s.originalPath)
-	testing.PatchExecutableAsEchoArgs(c, s, "lxc-create")
-
-	factory := golxc.Factory()
-	container := factory.New("test")
-	err := container.Create(
-		"config-file", "template",
-		[]string{"extra-1", "extra-2"},
-		[]string{"template-1", "template-2"},
-		nil,
-	)
-	c.Assert(err, gc.IsNil)
-	testing.AssertEchoArgs(
-		c, "lxc-create",
-		"-n", "test",
-		"-t", "template",
-		"-f", "config-file",
-		"extra-1", "extra-2",
-		"--", "template-1", "template-2")
-}
-
-func (s *commandArgs) TestCreateWithEnv(c *gc.C) {
-	s.PatchValue(&golxc.ContainerDir, c.MkDir())
-	s.PatchEnvironment("PATH", s.originalPath)
-
-	EchoEnvHello := `#!/bin/bash
-name=` + "`basename $0`" + `
-argfile="$name.out"
-rm -f $argfile
-printf "%s" $name | tee -a $argfile
-printf " \"%s\""  "$HELLO" | tee -a $argfile
-if [ -n "$FOO" ]; then
-    printf " \"%s\""  "$FOO" | tee -a $argfile
-fi
-printf "\n" | tee -a $argfile
-`
-
-	testing.PatchExecutable(
-		c, s, "lxc-create", EchoEnvHello)
-	s.AddCleanup(func(*gc.C) {
-		os.Remove("lxc-create.out")
-	})
-
-	// Add an environment variable to the calling process
-	// to show that these don't get passed through.
-	s.PatchEnvironment("FOO", "BAR")
-	// Only the explicitly set env variables are propagated.
-	envArgs := []string{"HELLO=WORLD!"}
-	factory := golxc.Factory()
-	container := factory.New("test")
-	err := container.Create(
-		"config-file", "template",
-		[]string{"extra-1", "extra-2"},
-		[]string{"template-1", "template-2"},
-		envArgs,
-	)
-	c.Assert(err, gc.IsNil)
-	testing.AssertEchoArgs(c, "lxc-create", "WORLD!")
-}
-
-func (s *commandArgs) TestCloneArgs(c *gc.C) {
-	dir := c.MkDir()
-	s.PatchValue(&golxc.ContainerDir, dir)
-	s.PatchEnvironment("PATH", s.originalPath)
-	// Patch lxc-info too as clone checks to see if it is running.
-	testing.PatchExecutableAsEchoArgs(c, s, "lxc-info")
-	testing.PatchExecutableAsEchoArgs(c, s, "lxc-clone")
-
-	factory := golxc.Factory()
-	container := factory.New("test")
-	// Make the rootfs for the "test" container so it thinks it is created.
-	rootfs := filepath.Join(dir, "test", "rootfs")
-	err := os.MkdirAll(rootfs, 0755)
-	c.Assert(err, gc.IsNil)
-	c.Assert(rootfs, jc.IsDirectory)
-	c.Assert(container.IsConstructed(), jc.IsTrue)
-	clone, err := container.Clone(
-		"name",
-		[]string{"extra-1", "extra-2"},
-		[]string{"template-1", "template-2"},
-	)
-	c.Assert(err, gc.IsNil)
-	testing.AssertEchoArgs(
-		c, "lxc-clone",
-		"-o", "test",
-		"-n", "name",
-		"extra-1", "extra-2",
-		"--", "template-1", "template-2")
-	c.Assert(clone.Name(), gc.Equals, "name")
-}
-
-type UtilsSuite struct {
-	testing.IsolationSuite
-}
-
-var _ = gc.Suite(&UtilsSuite{})
-
-func (s *UtilsSuite) TestGetDefaultLXCContainerDirDefaultValue(c *gc.C) {
-	testing.PatchExecutable(c, s, "lxc-config", "#!/bin/sh\nexit -1\n")
-	c.Assert(golxc.GetDefaultLXCContainerDir(), gc.Equals, golxc.DefaultLXCDir)
-}
-
-func (s *UtilsSuite) TestGetDefaultLXCContainerDir(c *gc.C) {
-	const path = "/var/lib/non-standard-lxc"
-	testing.PatchExecutable(c, s, "lxc-config", "#!/bin/sh\necho '"+path+"'\n")
-	c.Assert(golxc.GetDefaultLXCContainerDir(), gc.Equals, path)
-}
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/golxc_test.sh juju-core-2.0~beta12/src/launchpad.net/golxc/golxc_test.sh
--- juju-core-2.0~beta7/src/launchpad.net/golxc/golxc_test.sh	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/golxc_test.sh	1970-01-01 00:00:00.000000000 +0000
@@ -1,8 +0,0 @@
-#!/bin/sh
-sudo sh -c "
-    export GOMAXPROCS=\"$GOMAXPROCS\"
-    export GOPATH=\"$GOPATH\"
-    export GOROOT=\"$GOROOT\"
-    export PATH=\"$PATH\"
-    go test $*
-"
\ No newline at end of file
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/LICENSE juju-core-2.0~beta12/src/launchpad.net/golxc/LICENSE
--- juju-core-2.0~beta7/src/launchpad.net/golxc/LICENSE	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/LICENSE	1970-01-01 00:00:00.000000000 +0000
@@ -1,15 +0,0 @@
-golxc - Go package to interact with Linux Containers (LXC).
-
-Copyright 2012-2013, Canonical Ltd.
-
-This program is free software: you can redistribute it and/or modify it under
-the terms of the GNU Lesser General Public License as published by the Free
-Software Foundation, either version 3 of the License, or (at your option) any
-later version.
-
-This program is distributed in the hope that it will be useful, but WITHOUT ANY
-WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
-
-See both COPYING and COPYING.LESSER for the full terms of the GNU Lesser
-General Public License.
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/network.go juju-core-2.0~beta12/src/launchpad.net/golxc/network.go
--- juju-core-2.0~beta7/src/launchpad.net/golxc/network.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/network.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,89 +0,0 @@
-// Copyright 2012, 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see COPYING and COPYING.LESSER file for details.
-
-package golxc
-
-import (
-	"fmt"
-	"strings"
-)
-
-const (
-	defaultAddr   = "10.0.3.1"
-	defaultBridge = "lxcbr0"
-)
-
-// StartNetwork starts the lxc network subsystem.
-func StartNetwork() error {
-	goal, _, err := networkStatus()
-	if err != nil {
-		return err
-	}
-	if goal != "start" {
-		_, err := run("start", nil, "lxc-net")
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// StopNetwork stops the lxc network subsystem.
-func StopNetwork() error {
-	goal, _, err := networkStatus()
-	if err != nil {
-		return err
-	}
-	if goal != "stop" {
-		_, err := run("stop", nil, "lxc-net")
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// IsNotworkRunning checks if the lxc network subsystem
-// is running.
-func IsNetworkRunning() (bool, error) {
-	_, status, err := networkStatus()
-	if err != nil {
-		return false, err
-	}
-	return status == "running", nil
-}
-
-// NetworkAttributes returns the lxc network attributes:
-// starting IP address and bridge name.
-func NetworkAttributes() (addr, bridge string, err error) {
-	config, err := ReadConf()
-	if err != nil {
-		return "", "", err
-	}
-	addr = config["address"]
-	if addr == "" {
-		addr = defaultAddr
-	}
-	bridge = config["bridge"]
-	if bridge == "" {
-		bridge = defaultBridge
-	}
-	return addr, bridge, nil
-}
-
-// networkStatus returns the status of the lxc network subsystem.
-func networkStatus() (goal, status string, err error) {
-	output, err := run("status", nil, "lxc-net")
-	if err != nil {
-		return "", "", err
-	}
-	fields := strings.Fields(output)
-	if len(fields) != 2 {
-		return "", "", fmt.Errorf("unexpected status output: %q", output)
-	}
-	fields = strings.Split(fields[1], "/")
-	if len(fields) != 2 {
-		return "", "", fmt.Errorf("unexpected status output: %q", output)
-	}
-	return fields[0], fields[1], nil
-}
diff -Nru juju-core-2.0~beta7/src/launchpad.net/golxc/package_test.go juju-core-2.0~beta12/src/launchpad.net/golxc/package_test.go
--- juju-core-2.0~beta7/src/launchpad.net/golxc/package_test.go	2016-05-17 20:01:14.000000000 +0000
+++ juju-core-2.0~beta12/src/launchpad.net/golxc/package_test.go	1970-01-01 00:00:00.000000000 +0000
@@ -1,14 +0,0 @@
-// Copyright 2013 Canonical Ltd.
-// Licensed under the LGPLv3, see COPYING and COPYING.LESSER file for details.
-
-package golxc_test
-
-import (
-	"testing"
-
-	gc "gopkg.in/check.v1"
-)
-
-func Test(t *testing.T) {
-	gc.TestingT(t)
-}