Finalize the bootstrap¶
Run the bootstrap script:
In case of deployment issues, refer to Troubleshooting. If the script fails for an unknown reason:
Run the cleanup script:
Rerun the bootstrap script.
If the bootstrap fails on the Connecting to bootstrap cluster step with the unable to initialize Tiller in bootstrap cluster: failed to establish connection with tiller error, refer to the known issue 16873 to identify possible root cause of the issue and apply the workaround, if applicable.
When the bootstrap is complete, collect and save the following management cluster details in a secure location:
kubeconfigfile located in the same directory as the bootstrap script. This file contains the admin credentials for the management cluster.
ssh_keyfor access to the management cluster nodes that is located in the same directory as the bootstrap script.
If the initial version of your Container Cloud management cluster was earlier than 2.6.0,
openstack_tmpand is located at
The URL for the Container Cloud web UI.
To create users with permissions required for accessing the Container Cloud web UI, see Create initial users after a management cluster bootstrap.
The StackLight endpoints. For details, see Access StackLight web UIs.
The Keycloak URL that the system outputs when the bootstrap completes. The admin password for Keycloak is located in
kaas-bootstrap/passwords.ymlalong with other IAM passwords.
The Container Cloud web UI and StackLight endpoints are available through Transport Layer Security (TLS) and communicate with Keycloak to authenticate users. Keycloak is exposed using HTTPS and self-signed TLS certificates that are not trusted by web browsers.
To use your own TLS certificates for Keycloak, refer to Configure TLS certificates for management cluster applications.
When the bootstrap is complete, the bootstrap cluster resources are freed up.