Configure your environment#

To use Rackspace KaaS, review the following sections:


Rackspace KaaS enables you to run Kubernetes workloads on top of an Amazon EKS or a Rackspace Private Cloud Powered by OpenStack or Red Hat. Rackspace deployment engineers deploy all the underlying infrastructure for you.

Before you begin using Rackspace KaaS, you must have the following items on your client machine:

  • kubectl: An official Kubernetes command-line client. All the examples in this guide use kubectl.
  • Docker Community Edition: Required to execute examples described in this guide.

Resource limits#

Rackspace KaaS custom builds clusters to the customer’s specifications.

The minimum Kubernetes cluster configuration, with three worker nodes, includes the following elements:

Kubernetes worker nodes:

  • vCPU: 4
  • RAM: 8 GB
  • Local storage: 40 GB of local storage

Private Docker registry:

  • Database: 10 GB


The private Docker registry database stores metadata for Docker images. Rackspace KaaS stores the actual Docker images in an object storage system, such as Ceph™ RADOS Gateway (RGW), OpenStack Swift, AWS S3, or another compatible object store that you deploy as part of your cloud.

If you need to resize your cluster, contact your Rackspace representative and request additional resources.

Access your Kubernetes cluster with kubectl#

To access your Kubernetes cluster, log in to the Kubernetes Access Manager(KAM) with your identity credentials, and get a kubeconfig file to use with kubectl commands. Complete the following steps to access your cluster with kubectl:

  1. Access KAM.
  2. Enter your Identity Provider credentials.
  3. Select the group to use when getting credentials.
  4. Save the kubeconfig file locally.
  5. If you are using EKS, add the AWS credentials.
  6. Configure kubectl to use your newly created kubeconfig file.

See the list of Rackspace KaaS dashboards at Access the Rackspace KaaS dashboards.

To use KAM to get your credentials and configure a kubeconfig file, see Access KAM and Authentication.

Configure application metrics monitoring#

Rackspace KaaS provides an easy to use and configure Prometheus cloud monitoring solution that visualizes alerts and metrics through Grafana dashboards. You can configure Prometheus to collect metrics from your Kubernetes applications through a Kubernetes Custom Resource Definition (CRD) called a ServiceMonitor. You can define the ServiceMonitor in a simple yaml file and apply this file to your configuration by using kubectl. Then, configure a Grafana alert notification channel of choice as described in the Grafana documentation. Rackspace KaaS supports the following Grafana notifications types:

  • Slack
  • PagerDuty
  • Webhook

To configure application metrics monitoring, complete the following steps:

  1. Create a yaml configuration file similar to the following example:

    kind: ServiceMonitor
      name: your-application
      namespace: rackspace-monitoring
      monitor: rackspace-prometheus # This label enables the
      managed prometheus resource can detect the service.
          some-label: <that-will-match-your-application-service>
        - the-namespace-where-your-application-lives # needs to be the namespace
          the app got deployed to
      - port: the-name-of-the-port-that-exposes-your-metrics-endpoint
  2. Save the file as service-monitor.yaml.

  3. Apply the following configuration:

    $ kubectl apply -f service-monitor.yaml
  4. Configure Grafana alert notifications for your application as described in the Grafana documentation.

For more information about using Prometheus and Grafana with Rackspace KaaS, see Monitoring.

Access the Rackspace KaaS dashboards#

Rackspace KaaS enables you to access the managed services user interface by using your web browser. KAM provides authentication for all of the dashboards. For more informations, see Integrated Authentication.

To access the dashboards, you need the following information:

  • Your Kubernetes cluster name
  • Your Kubernetes cluster domain name
  • Your Identity Provider username or email and password

For example, if your cluster name is test and the domain name is, the URL to access the Kubernetes UI would be

The following table lists the customer-facing dashboards.

Managed service URL
KAM https://kam.<cluster-name>.<domain-name>/graph
Prometheus Monitoring https://prometheus.<cluster-name>.<domain-name>/graph
Grafana Dashboard https://grafana.<cluster-name>.<domain-name>
Logging https://kibana.<cluster-name>.<domain-name>
Private registry https://registry.<cluster-name>.<domain-name>

Access deployment URLs#

During the deployment and lifecycle management of a Kubernetes cluster, Rackspace KaaS might need to access specific websites to acquire software artifacts.

The following table lists the URLs that Kubernetes nodes and virtual machines must be able to access:

List of URLs for deployment#
URL Port Protocol Description
* 443 TCP Amazon CloudFront® data 443 TCP Google Cloud Platform 443 TCP CoreOS data 443 TCP Docker software 443 TCP Elasticsearch Docker registry 443 TCP Elasticsearch Docker registry authentication 443 TCP Alpine Linux Security database 443 TCP Alpine Linux Security database 443 TCP Google container registry 443 TCP Docker Hub registry 443 TCP Kubernetes Google Cloud registry 443 TCP Ubuntu operating system data 443 TCP Oracle® Linux security feed 443 TCP Rackspace monitoring API 443 TCP CoreOS updates 443 TCP registry 443 TCP registry 443 TCP Red Hat Enterprise Linux security feed 443 TCP Docker registry data 443 TCP NPM Registry package data 443 TCP Debian security feed 443 TCP Ruby gems data feed (stored in Amazon S3) 443 TCP Debian security feed 443 TCP Rackspace cloud monitoring packages 443 TCP NVD database 443 TCP Google Cloud Storage API data 443 TCP CoreOS updates

See also

For more information, see the following documents: