Connect to a Docker Enterprise Container Cloud cluster

Connect to a Docker Enterprise Container Cloud cluster

After you deploy a Docker Enterprise (DE) Container Cloud management or managed cluster, connect to the cluster to verify the availability and status of the nodes as described below.

This section also describes how to SSH to a node of a cluster where Bastion host is used for SSH access. For example, on the OpenStack-based management cluster or AWS-based management and managed clusters.

To connect to a managed cluster:

  1. Log in to the DE Container Cloud web UI with the writer permissions.

  2. Switch to the required project using the Switch Project action icon located on top of the main left-side navigation panel.

  3. In the Clusters tab, click the required cluster name. The cluster page with the Machines list opens.

  4. Verify the status of the manager nodes. Once the first manager node is deployed and has the Ready status, the Download Kubeconfig option for the cluster being deployed becomes active.

  5. Open the Clusters tab.

  6. Click the More action icon in the last column of the required cluster and select Download Kubeconfig:

    1. Enter your user password.

    2. Not recommended. Select Offline Token to generate an offline IAM token. Otherwise, for security reasons, the kubeconfig token expires every 30 minutes of the DE Container Cloud API idle time and you have to download kubeconfig again with a newly generated token.

    3. Click Download.

  7. Verify the availability of the managed cluster machines:

    1. Export the kubeconfig parameters to your local machine with access to kubectl. For example:

      export KUBECONFIG=~/Downloads/kubeconfig-test-cluster.yml
      
    2. Obtain the list of available DE Container Cloud machines:

      kubectl get nodes -o wide
      

      The system response must contain the details of the nodes in the READY status.

To connect to a management cluster:

  1. Log in to a local machine where your management cluster kubeconfig is located and where kubectl is installed.

    Note

    The management cluster kubeconfig is created during the last stage of the management cluster bootstrap.

  2. Obtain the list of available management cluster machines:

    kubectl get nodes -o wide
    

    The system response must contain the details of the nodes in the READY status.

To SSH to a DE Container Cloud cluster node if Bastion is used:

  1. Obtain kubeconfig of the management or managed cluster as described in the procedures above.

  2. Obtain the internal IP address of a node you require access to:

    kubectl get nodes -o wide
    
  3. Obtain the Bastion public IP:

    kubectl get cluster -o jsonpath='{.status.providerStatus.bastion.publicIp}' \
    -n <project_name> <cluster_name>
    
  4. Run the following command:

    ssh -i <private_key> ubuntu@<node_internal_ip> -o "proxycommand ssh -W %h:%p \
    -i <private_key> ubuntu@<bastion_public_ip>"
    

    Substitute the parameters enclosed in angle brackets with the corresponding values of your cluster obtained in previous steps. The <private_key> for a management cluster is located at ~/.ssh/openstack_tmp. For a managed cluster, this is the SSH Key that you added in the DE Container Cloud web UI before the managed cluster creation.