Create project for Kubernetes
Create a Dedicated Tenant Project and User for Kubernetes​
Connect to admin console with SSH​
CLI: app project_create $PROJ_NAME $MGMT_NET $PUB_NET
info
The action will create a new user and a new project along with the private-k8s and private networks routing though $PUB_NET, as well as the default-k8s and default security groups within the project.
cc1> app project_create bigstack-k8s public public
creating app project: bigstack-k8s...
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
PLAY [openstack] **********************************************************************
TASK [Gathering Facts] ****************************************************************
ok: [localhost]
TASK [Gather information about management network] ************************************
ok: [localhost]
TASK [Gather information about management subnet] *************************************
ok: [localhost]
TASK [Show management subnet CIDR] ****************************************************
ok: [localhost] => {
"msg": "10.32.0.0/16"
}
TASK [openstack.cloud.project] ********************************************************
changed: [localhost]
TASK [openstack.cloud.quota] **********************************************************
changed: [localhost]
TASK [openstack.cloud.identity_user] **************************************************
[WARNING]: Module did not set no_log for update_password
changed: [localhost]
TASK [openstack.cloud.role_assignment] ************************************************
changed: [localhost]
TASK [openstack.cloud.role_assignment] ************************************************
changed: [localhost]
TASK [openstack.cloud.network] ********************************************************
changed: [localhost]
TASK [openstack.cloud.subnet] *********************************************************
changed: [localhost]
TASK [openstack.cloud.network] ********************************************************
changed: [localhost]
TASK [openstack.cloud.subnet] *********************************************************
changed: [localhost]
TASK [openstack.cloud.subnet] *********************************************************
skipping: [localhost]
TASK [openstack.cloud.router] *********************************************************
changed: [localhost]
TASK [openstack.cloud.router] *********************************************************
skipping: [localhost]
TASK [openstack.cloud.security_group] *************************************************
changed: [localhost]
TASK [openstack.cloud.security_group_rule] ********************************************
changed: [localhost]
TASK [openstack.cloud.security_group_rule] ********************************************
changed: [localhost] => (item=22)
changed: [localhost] => (item=80)
changed: [localhost] => (item=443)
changed: [localhost] => (item=2376)
changed: [localhost] => (item=6443)
TASK [openstack.cloud.security_group_rule] ********************************************
changed: [localhost] => (item=tcp)
changed: [localhost] => (item=udp)
PLAY RECAP ****************************************************************************
localhost : ok=18 changed=14 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0
app project created successfully
Add the new user to Keyclock​
See Create User (Single-Sign-On)