Trust error creating cluster via magnum cli

[millingw]

I'm trying to create a kubernetes cluster in our jade project using the openstack magnum command line. I'm able to create a small cluster via the Horizon GUI, but when I try to repeat the process via the openstack command line, I get the following error:

"Failed to create trustee or trust for Cluster: bac872b4-cd97-4ea3-b2eb-d3a038bd4c8c"

I'm using the following invocation:

openstack coe cluster create malcolm_k8s --cluster-template kubernetes-1-29-jammy --node-count 2 --master-count 1 --keypair gaia_jade_test_malcolm -os-cloud somerville-jade --flavor medium --master-flavor medium --master-lb-enabled --fixed-network somerville-jade-20240319-bootstrap-network

[GregBlow]

This may be a problem with the application credential being used being too limited in permissions.

To get around this there are two possible solutions (both of which involve generating a new application credential):

1) Generate from Project > API Access

this will create an application credential that requires password to authenticated, so requires a local account and thus isn't immediately applicable, but might be preferred.

2) Generate from Identity > Application credentials

This requires setting the new application credential to be unrestricted, which is marked as dangerous

Should be safe to use, but if you feel uncomfortable with it, let us know and we'll start the process of provisioning you a local account.

[millingw]

Thanks, using an unrestricted application credential with the magnum cli appears to let me bring up a new cluster. Unrestricted credential is fine for the moment

[tms-epcc]

@GregBlow says close