Connect to a MOSK cluster¶
Note
The Container Cloud web UI communicates with Keycloak to authenticate users. Keycloak is exposed using HTTPS with self-signed TLS certificates that are not trusted by web browsers.
To use your own TLS certificates for Keycloak, refer to Configure TLS certificates for cluster applications.
After you deploy a MOSK management or managed cluster, connect to the cluster to verify the availability and status of the nodes as described below.
To connect to a MOSK cluster:
Log in to the Container Cloud web UI with the
m:kaas:namespace@operator
orm:kaas:namespace@writer
permissions.Switch to the required project using the Switch Project action icon located on top of the main left-side navigation panel.
In the Clusters tab, click the required cluster name. The cluster page with the Machines list opens.
Verify the status of the manager nodes. Once the first manager node is deployed and has the Ready status, the Download Kubeconfig option for the cluster being deployed becomes active.
Open the Clusters tab.
Click the More action icon in the last column of the required cluster and select Download Kubeconfig:
Enter your user password.
Not recommended. Select Offline Token to generate an offline IAM token. Otherwise, for security reasons, the
kubeconfig
token expires every 30 minutes of the Container Cloud API idle time and you have to downloadkubeconfig
again with a newly generated token.Click Download.
Verify the availability of the managed cluster machines:
Export the
kubeconfig
parameters to your local machine with access to kubectl. For example:export KUBECONFIG=~/Downloads/kubeconfig-test-cluster.yml
Obtain the list of available machines:
kubectl get nodes -o wide
The system response must contain the details of the nodes in the
READY
status.
To connect to a management cluster:
Log in to a local machine where your management cluster
kubeconfig
is located and wherekubectl
is installed.Note
The management cluster
kubeconfig
is created during the last stage of the management cluster bootstrap.Obtain the list of available management cluster machines:
kubectl get nodes -o wide
The system response must contain the details of the nodes in the
READY
status.