Mirantis Container Cloud (MCC) becomes part of Mirantis OpenStack for Kubernetes (MOSK)!
Starting with MOSK 25.2, the MOSK documentation set covers all product layers, including MOSK management (formerly Container Cloud). This means everything you need is in one place. Some legacy names may remain in the code and documentation and will be updated in future releases. The separate Container Cloud documentation site will be retired, so please update your bookmarks for continued easy access to the latest content.
Set up a bootstrap cluster¶
The setup of a bootstrap cluster comprises preparation of the seed node, configuration of environment variables, acquisition of the MOSK license file, and execution of the bootstrap script.
To set up a bootstrap cluster:
Prepare the seed node:
Verify that the hardware allocated for the installation meets the minimal requirements described in Requirements.
Install basic Ubuntu 24.04 server using standard installation images of the operating system on the bare metal seed node.
Log in to the seed node that is running Ubuntu 24.04.
Configure the operating system and network:
Operating system and network configuration
Establish a virtual bridge using an IP address of the PXE network on the seed node. Use the following
netplan-based configuration file as an example:# cat /etc/netplan/config.yaml network: version: 2 renderer: networkd ethernets: ens3: dhcp4: false dhcp6: false bridges: br0: addresses: # Replace with IP address from PXE network to create a virtual bridge - 10.0.0.15/24 dhcp4: false dhcp6: false # Adjust for your environment gateway4: 10.0.0.1 interfaces: # Interface name may be different in your environment - ens3 nameservers: addresses: # Adjust for your environment - 8.8.8.8 parameters: forward-delay: 4 stp: false
Apply the new network configuration using
netplan:sudo netplan apply
Verify the new network configuration:
sudo apt update && sudo apt install -y bridge-utils sudo brctl show
Example of system response:
bridge name bridge id STP enabled interfaces br0 8000.fa163e72f146 no ens3
Verify that the interface connected to the PXE network belongs to the previously configured bridge.
Install the current Docker version available for Ubuntu 22.04:
sudo apt-get update sudo apt-get install docker.io
Verify that your logged
USERhas access to the Docker daemon:sudo usermod -aG docker $USER
Verify that the
br_netfilterkernel module is loaded:grep -q br_netfilter /proc/modules || sudo modprobe br_netfilter
Log out and log in again to the seed node to apply the changes.
Verify that Docker is configured correctly and has access to MOSK management CDN. For example:
docker run --rm alpine sh -c "apk add --no-cache curl; \ curl https://binary.mirantis.com"
The system output must contain a
jsonfile with no error messages. In case of errors, follow the steps provided in Troubleshoot the bootstrap node configuration.Note
If you require all Internet access to go through a proxy server for security and audit purposes, configure Docker proxy settings as described in the official Docker documentation.
To verify that Docker is configured correctly and has access to MOSK management CDN:
docker run --rm alpine sh -c "export http_proxy=http://<proxy_ip:proxy_port>; \ sed -i ‘s/https/http/g' /etc/apk/repositories; \ apk add --no-cache wget ; \ wget http://binary.mirantis.com; \ cat index.html
Verify that the seed node has direct access to the Baseboard Management Controller (BMC) of each bare metal host. All target hardware nodes must be in the
power offstate.For example, using the IPMI tool:
apt install ipmitool ipmitool -I lanplus -H 'IPMI IP' -U 'IPMI Login' -P 'IPMI password' \ chassis power status
Example of system response:
Chassis Power is off
Prepare the bootstrap script:
Download and run the MOSK management bootstrap script:
sudo apt-get update sudo apt-get install wget wget https://binary.mirantis.com/releases/get_container_cloud.sh chmod 0755 get_container_cloud.sh ./get_container_cloud.sh
Change the directory to the
kaas-bootstrapfolder created by the script.
Obtain a MOSK license file required for the bootstrap:
Obtain a MOSK license
Select from the following options:
Open the email from support@mirantis.com with the subject Mirantis OpenStack License File
In the Mirantis CloudCare Portal, open the Account or Cloud page
Download the License File and save it as
mirantis.licunder thekaas-bootstrapdirectory on the bootstrap node.Verify that
mirantis.liccontains the previously downloaded MOSK license by decoding the license JWT token, for example, using jwt.io.Example of a valid decoded MOSK license data with the mandatory
licensefield:{ "exp": 1652304773, "iat": 1636669973, "sub": "demo", "license": { "dev": false, "limits": { "clusters": 10, "workers_per_cluster": 10 }, "openstack": null } }
Warning
The MKE license does not apply to
mirantis.lic. For details about MKE license, see MKE documentation.Export mandatory parameters:
Bare metal network mandatory parameters
Export the following mandatory parameters using the commands and table below:
export KAAS_BM_ENABLED="true" # export KAAS_BM_PXE_IP="172.16.59.5" export KAAS_BM_PXE_MASK="24" export KAAS_BM_PXE_BRIDGE="br0"
Bare metal prerequisites data¶ Parameter
Description
Example value
KAAS_BM_PXE_IPThe provisioning IP address in the PXE network. This address will be assigned on the seed node to the interface defined by the
KAAS_BM_PXE_BRIDGEparameter described below. The PXE service of the bootstrap cluster uses this address to network boot bare metal hosts.172.16.59.5KAAS_BM_PXE_MASKThe PXE network address prefix length to be used with the
KAAS_BM_PXE_IPaddress when assigning it to the seed node interface.24KAAS_BM_PXE_BRIDGEThe PXE network bridge name that must match the name of the bridge created on the seed node during preparation of the system and network configuration described earlier in this procedure.
br0Optional. Configure proxy settings to bootstrap the cluster using proxy:
Proxy configuration
Add the following environment variables:
HTTP_PROXYHTTPS_PROXYNO_PROXYPROXY_CA_CERTIFICATE_PATH
Example snippet:
export HTTP_PROXY=http://proxy.example.com:3128 export HTTPS_PROXY=http://user:pass@proxy.example.com:3128 export NO_PROXY=172.18.10.0,registry.internal.lan export PROXY_CA_CERTIFICATE_PATH="/home/ubuntu/.mitmproxy/mitmproxy-ca-cert.cer"
The following formats of variables are accepted:
Proxy configuration data¶ Variable
Format
HTTP_PROXYHTTPS_PROXYhttp://proxy.example.com:port- for anonymous access.http://user:password@proxy.example.com:port- for restricted access.
NO_PROXYComma-separated list of IP addresses or domain names.
PROXY_CA_CERTIFICATE_PATHOptional. Absolute path to the proxy CA certificate for man-in-the-middle (MITM) proxies. Must be placed on the bootstrap node to be trusted. For details, see Install a CA certificate for a MITM proxy on a bootstrap node.
Warning
If you require Internet access to go through a MITM proxy, ensure that the proxy has streaming enabled as described in Enable streaming for MITM.
For implementation details, see Proxy support and cache of artifacts.
After the bootstrap cluster is set up, the
bootstrap-proxyobject is created with the provided proxy settings. You can use this object later for theClusterobject configuration.Deploy the bootstrap cluster:
./bootstrap.sh bootstrapv2Make sure that port 80 is open for
localhostto prevent security requirements for the seed node:Note
Kind uses port mapping for the master node.
telnet localhost 80
Example of a positive system response:
Connected to localhost.
Example of a negative system response:
telnet: connect to address ::1: Connection refused telnet: Unable to connect to remote host
To open port 80:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT