basic-cluster-with-existent-networking-example

Signed-off-by: junior <junior@users.noreply.github.com>

Author: junior

VERSION

@@ -1 +1 @@
-0.8.12
+0.8.15

defaults.tf

@@ -1,4 +1,4 @@
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2022-2023 Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 # 
 

examples/5G-NF-Infra/networking.tf

@@ -301,8 +301,8 @@ resource "oci_core_vnic_attachment" "vnic_attachment_5gc_signalling" {
     defined_tags  = {}
     freeform_tags = { "Network" : "5GC-Signalling" }
   }
-  display_name  = "5GC-Signalling vnic Attachment"
-  instance_id = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
+  display_name = "5GC-Signalling vnic Attachment"
+  instance_id  = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
 }
 resource "oci_core_vnic_attachment" "vnic_attachment_5gc_oam" {
   count = var.node_pool_initial_num_worker_nodes_1
@@ -313,8 +313,8 @@ resource "oci_core_vnic_attachment" "vnic_attachment_5gc_oam" {
     defined_tags  = {}
     freeform_tags = { "Network" : "5GC-OAM" }
   }
-  display_name  = "5GC-OAM vnic Attachment"
-  instance_id = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
+  display_name = "5GC-OAM vnic Attachment"
+  instance_id  = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
 
   depends_on = [oci_core_vnic_attachment.vnic_attachment_5gc_signalling]
 }
@@ -327,8 +327,8 @@ resource "oci_core_vnic_attachment" "vnic_attachment_5g_ran" {
     defined_tags  = {}
     freeform_tags = { "Network" : "5G RAN" }
   }
-  display_name  = "5G RAN vnic Attachment"
-  instance_id = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
+  display_name = "5G RAN vnic Attachment"
+  instance_id  = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
 
   depends_on = [oci_core_vnic_attachment.vnic_attachment_5gc_oam]
 }
@@ -341,8 +341,8 @@ resource "oci_core_vnic_attachment" "vnic_attachment_5g_legal_intercept" {
     defined_tags  = {}
     freeform_tags = { "Network" : "5G Legal Intercept" }
   }
-  display_name  = "5G Legal Intercept vnic Attachment"
-  instance_id = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
+  display_name = "5G Legal Intercept vnic Attachment"
+  instance_id  = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
 
   depends_on = [oci_core_vnic_attachment.vnic_attachment_5g_ran]
 }
@@ -355,8 +355,8 @@ resource "oci_core_vnic_attachment" "vnic_attachment_5g_epc" {
     defined_tags  = {}
     freeform_tags = { "Network" : "5G-EPC" }
   }
-  display_name  = "5G-EPC vnic Attachment"
-  instance_id = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
+  display_name = "5G-EPC vnic Attachment"
+  instance_id  = data.oci_containerengine_node_pool.node_pool_1.nodes[count.index].id
 
   depends_on = [oci_core_vnic_attachment.vnic_attachment_5g_legal_intercept]
 }

examples/basic-cluster/oke.tf

@@ -1,5 +1,9 @@
+# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+
 module "oke-quickstart" {
-  source = "github.com/oracle-quickstart/terraform-oci-oke-quickstart?ref=0.8.3"
+  source = "github.com/oracle-quickstart/terraform-oci-oke-quickstart?ref=0.8.15"
 
   # Oracle Cloud Infrastructure Tenancy and Compartment OCID
   tenancy_ocid     = var.tenancy_ocid
@@ -22,4 +26,4 @@ module "oke-quickstart" {
 
   # VCN for OKE arguments
   vcn_cidr_blocks = "10.22.0.0/16"
-}
+}

examples/basic-cluster/providers.tf

@@ -9,7 +9,6 @@ terraform {
       source  = "oracle/oci"
       version = "~> 4, < 5"
       # https://registry.terraform.io/providers/oracle/oci/
-      configuration_aliases = [oci.home_region, oci.current_region]
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"
@@ -38,65 +37,3 @@ terraform {
     }
   }
 }
-
-# provider "oci" {
-#   tenancy_ocid = var.tenancy_ocid
-#   region       = var.region
-# }
-
-# provider "oci" {
-#   alias        = "home_region"
-#   tenancy_ocid = var.tenancy_ocid
-#   region       = lookup(data.oci_identity_regions.home_region.regions[0], "name")
-
-#   user_ocid        = var.user_ocid
-#   fingerprint      = var.fingerprint
-#   private_key_path = var.private_key_path
-# }
-
-# provider "oci" {
-#   alias        = "current_region"
-#   tenancy_ocid = var.tenancy_ocid
-#   region       = var.region
-
-#   user_ocid        = var.user_ocid
-#   fingerprint      = var.fingerprint
-#   private_key_path = var.private_key_path
-# }
-
-# New configuration to avoid Terraform Kubernetes provider interpolation. https://registry.terraform.io/providers/hashicorp/kubernetes/2.2.0/docs#stacking-with-managed-kubernetes-cluster-resources
-# Currently need to uncheck to refresh (--refresh=false) when destroying or else the terraform destroy will fail
-
-# # https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengdownloadkubeconfigfile.htm#notes
-# provider "kubernetes" {
-#   host                   = local.cluster_endpoint
-#   cluster_ca_certificate = local.cluster_ca_certificate
-#   exec {
-#     api_version = "client.authentication.k8s.io/v1beta1"
-#     args        = ["ce", "cluster", "generate-token", "--cluster-id", local.cluster_id, "--region", local.cluster_region]
-#     command     = "oci"
-#   }
-# }
-
-# # https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengdownloadkubeconfigfile.htm#notes
-# provider "helm" {
-#   kubernetes {
-#     host                   = local.cluster_endpoint
-#     cluster_ca_certificate = local.cluster_ca_certificate
-#     exec {
-#       api_version = "client.authentication.k8s.io/v1beta1"
-#       args        = ["ce", "cluster", "generate-token", "--cluster-id", local.cluster_id, "--region", local.cluster_region]
-#       command     = "oci"
-#     }
-#   }
-# }
-
-# locals {
-#   # cluster_endpoint = (var.cluster_endpoint_visibility == "Private") ? (
-#   #   "https://${module.oke.orm_private_endpoint_oke_api_ip_address}:6443") : (
-#   # yamldecode(module.oke.kubeconfig)["clusters"][0]["cluster"]["server"])
-#   cluster_endpoint       = yamldecode(module.oke.kubeconfig)["clusters"][0]["cluster"]["server"]
-#   cluster_ca_certificate = base64decode(yamldecode(module.oke.kubeconfig)["clusters"][0]["cluster"]["certificate-authority-data"])
-#   cluster_id             = yamldecode(module.oke.kubeconfig)["users"][0]["user"]["exec"]["args"][4]
-#   cluster_region         = yamldecode(module.oke.kubeconfig)["users"][0]["user"]["exec"]["args"][6]
-# }

examples/basic-cluster/terraform.tfvars.example

@@ -0,0 +1,15 @@
+# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+# OCI authentication
+tenancy_ocid     = "ocid1.tenancy....."
+fingerprint      = "" # e.g.: "5f:53:..." or leave blank if using CloudShell
+user_ocid        = "" # e.g.: "ocid1.user..." or leave blank if using CloudShell
+private_key_path = "" # e.g.: "/users/user/.oci/oci_api_key.pem" or leave blank if using CloudShell
+
+# Deployment compartment
+compartment_ocid = "ocid1.compartment...."
+
+# region
+region = "us-ashburn-1"

examples/basic-cluster/variables.tf

@@ -1,3 +1,7 @@
+# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+
 # OCI Provider
 variable "tenancy_ocid" {}
 variable "compartment_ocid" {}

examples/basic-with-existing-network/oke.tf

@@ -0,0 +1,38 @@
+# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+
+module "oke-quickstart" {
+  source = "github.com/oracle-quickstart/terraform-oci-oke-quickstart?ref=0.8.15"
+
+  # Oracle Cloud Infrastructure Tenancy and Compartment OCID
+  tenancy_ocid     = var.tenancy_ocid
+  compartment_ocid = var.compartment_ocid
+  region           = var.region
+
+  # Note: Just few arguments are showing here to simplify the basic example. All other arguments are using default values.
+  # App Name to identify deployment. Used for naming resources.
+  app_name = "Basic with Existent Network"
+
+  # Freeform Tags + Defined Tags. Tags are applied to all resources.
+  tag_values = { "freeformTags" = { "Environment" = "Development", "DeploymentType" = "basic", "QuickstartExample" = "basic-with-existing-network" }, "definedTags" = {} }
+
+  # OKE Node Pool 1 arguments
+  node_pool_cni_type_1                 = "FLANNEL_OVERLAY" # Use "OCI_VCN_IP_NATIVE" for VCN Native PODs Network. If the node pool 1 uses the OCI_VCN_IP_NATIVE, the cluster will also be configured with same cni
+  cluster_autoscaler_enabled           = true
+  node_pool_initial_num_worker_nodes_1 = 3                                                                       # Minimum number of nodes in the node pool
+  node_pool_max_num_worker_nodes_1     = 10                                                                      # Maximum number of nodes in the node pool
+  node_pool_instance_shape_1           = { "instanceShape" = "VM.Standard.E4.Flex", "ocpus" = 2, "memory" = 64 } # If not using a Flex shape, ocpus and memory are ignored
+
+  # VCN for OKE arguments
+  create_new_vcn                = false
+  existent_vcn_ocid             = "ocid1.vcn.oc1.iad.amaaaaaadoggtjaat6nl5pla7kw52nbxpu73erej3nbd4shjhjczn2tfeadq"
+  existent_vcn_compartment_ocid = "" # Optional. Specify if want to create terraform to create the subnets and the VCN is in a different compartment than the OKE cluster
+
+  # Subnet for OKE arguments
+  create_subnets                                     = false
+  existent_oke_k8s_endpoint_subnet_ocid              = "ocid1.subnet.oc1.iad.aaaaaaaakwyp2rkytg3yepvx7qzytff7estok277lda7gjjso3k4wnz6dpoa"
+  existent_oke_nodes_subnet_ocid                     = "ocid1.subnet.oc1.iad.aaaaaaaack6edaxj6vxdxvbgw4ae232to3ou7rpfmv6lyscpbzcetjkeifiq"
+  existent_oke_load_balancer_subnet_ocid             = "ocid1.subnet.oc1.iad.aaaaaaaao6j4ixl23bcp6367he7l5qytuvmm74hrmg4ajiqyfzxowrbrx3pa"
+  existent_oke_vcn_native_pod_networking_subnet_ocid = ""
+}

examples/basic-with-existing-network/outputs.tf

@@ -0,0 +1,38 @@
+# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+
+# Deployment outputs
+output "deploy_id" {
+  value = module.oke-quickstart.deploy_id
+}
+
+# OKE Outputs
+output "comments" {
+  value = module.oke-quickstart.comments
+}
+output "deployed_oke_kubernetes_version" {
+  value = module.oke-quickstart.deployed_oke_kubernetes_version
+}
+output "deployed_to_region" {
+  value = module.oke-quickstart.deployed_to_region
+}
+output "kubeconfig" {
+  value     = module.oke-quickstart.kubeconfig
+  sensitive = true
+}
+output "kubeconfig_for_kubectl" {
+  value       = module.oke-quickstart.kubeconfig_for_kubectl
+  description = "If using Terraform locally, this command set KUBECONFIG environment variable to run kubectl locally"
+}
+output "dev" {
+  value = module.oke-quickstart.dev
+}
+### Important Security Notice ###
+# The private key generated by this resource will be stored unencrypted in your Terraform state file. 
+# Use of this resource for production deployments is not recommended. 
+# Instead, generate a private key file outside of Terraform and distribute it securely to the system where Terraform will be run.
+output "generated_private_key_pem" {
+  value     = module.oke-quickstart.generated_private_key_pem
+  sensitive = true
+}

examples/basic-with-existing-network/providers.tf

@@ -0,0 +1,39 @@
+# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+
+terraform {
+  required_version = ">= 1.1"
+  required_providers {
+    oci = {
+      source  = "oracle/oci"
+      version = "~> 4, < 5"
+      # https://registry.terraform.io/providers/oracle/oci/
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2"
+      # https://registry.terraform.io/providers/hashicorp/kubernetes/
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 2"
+      # https://registry.terraform.io/providers/hashicorp/helm/
+    }
+    tls = {
+      source  = "hashicorp/tls"
+      version = "~> 4"
+      # https://registry.terraform.io/providers/hashicorp/tls/
+    }
+    local = {
+      source  = "hashicorp/local"
+      version = "~> 2"
+      # https://registry.terraform.io/providers/hashicorp/local/
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3"
+      # https://registry.terraform.io/providers/hashicorp/random/
+    }
+  }
+}

examples/basic-with-existing-network/terraform.tfvars.example

@@ -0,0 +1,15 @@
+# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+# OCI authentication
+tenancy_ocid     = "ocid1.tenancy....."
+fingerprint      = "" # e.g.: "5f:53:..." or leave blank if using CloudShell
+user_ocid        = "" # e.g.: "ocid1.user..." or leave blank if using CloudShell
+private_key_path = "" # e.g.: "/users/user/.oci/oci_api_key.pem" or leave blank if using CloudShell
+
+# Deployment compartment
+compartment_ocid = "ocid1.compartment...."
+
+# region
+region = "us-ashburn-1"

examples/basic-with-existing-network/variables.tf

@@ -0,0 +1,13 @@
+# OCI Provider
+variable "tenancy_ocid" {}
+variable "compartment_ocid" {}
+variable "region" {}
+variable "user_ocid" {
+  default = ""
+}
+variable "fingerprint" {
+  default = ""
+}
+variable "private_key_path" {
+  default = ""
+}