Prepare the OpenStack configuration

  1. Log in to the OpenStack Horizon.

  2. In the Project section, select API Access.

  3. In the right-side drop-down menu Download OpenStack RC File, select OpenStack clouds.yaml File.

  4. Save the downloaded clouds.yaml file in the kaas-bootstrap folder created by the get_container_cloud.sh script.

  5. In clouds.yaml, add the password field with your OpenStack password under the clouds/openstack/auth section.

    Example:

    clouds:
      openstack:
        auth:
          auth_url: https://auth.openstack.example.com/v3
          username: your_username
          password: your_secret_password
          project_id: your_project_id
          user_domain_name: your_user_domain_name
        region_name: RegionOne
        interface: public
        identity_api_version: 3
    
  6. Available since Container Cloud 2.17.0. If you deploy Container Cloud on top of MOSK Victoria with Tungsten Fabric and use the default security group for newly created load balancers, add the following rules for Kubernetes API server endpoint, Container Cloud application endpoint, and for MKE web UI and API using the OpenStack CLI:

    • direction='ingress'

    • ethertype='IPv4'

    • protocol='tcp'

    • remote_ip_prefix='0.0.0.0/0'

    • port_range_max and port_range_min:

      • '443' for Kubernetes API and Container Cloud application endpoints

      • '6443' for MKE web UI and API

  7. Verify access to the target cloud endpoint from Docker. For example:

    docker run --rm alpine sh -c "apk add --no-cache curl; \
    curl https://auth.openstack.example.com/v3"
    

    The system output must contain no error records.