|
1 | | -# Externally managed infrastructure |
| 1 | +# Externally managed Cluster infrastructure |
2 | 2 |
|
3 | 3 | By default, Cluster API will create resources on Oracle Cloud Infrastructure (OCI) when instantiating a new workload cluster. However, it is possible to have Cluster API re-use an existing OCI infrastructure instead of creating a new one. The existing infrastructure could include: |
4 | 4 |
|
5 | 5 | 1. Virtual cloud networks (VCNs) |
6 | 6 | 1. Network load balancers used as Kubernetes API Endpoint |
7 | 7 |
|
| 8 | +## Example spec for externally managed VCN infrastructure |
| 9 | + |
| 10 | +CAPOCI can be used to create a cluster using existing VCN infrastructure. In this case, only the |
| 11 | +API Server Load Balancer will be managed by CAPOCI. |
| 12 | + |
| 13 | +Example spec is given below |
| 14 | + |
| 15 | +```yaml |
| 16 | +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 |
| 17 | +kind: OCICluster |
| 18 | +metadata: |
| 19 | + name: "${CLUSTER_NAME}" |
| 20 | +spec: |
| 21 | + compartmentId: "${OCI_COMPARTMENT_ID}" |
| 22 | + networkSpec: |
| 23 | + skipNetworkManagement: true |
| 24 | + vcn: |
| 25 | + id: <Insert VCN OCID Here> |
| 26 | + networkSecurityGroups: |
| 27 | + - id: <Insert Control Plane Endpoint NSG OCID Here> |
| 28 | + role: control-plane-endpoint |
| 29 | + name: control-plane-endpoint |
| 30 | + - id: <Insert Worker NSG OCID Here> |
| 31 | + role: worker |
| 32 | + name: worker |
| 33 | + - id: <Insert Control Plane NSG OCID Here> |
| 34 | + role: control-plane |
| 35 | + name: control-plane |
| 36 | + subnets: |
| 37 | + - id: <Insert Control Plane Endpoint Subnet OCID Here> |
| 38 | + role: control-plane-endpoint |
| 39 | + name: control-plane-endpoint |
| 40 | + - id: <Insert Worker Subnet OCID Here> |
| 41 | + role: worker |
| 42 | + name: worker |
| 43 | + - id: <Insert control Plane Subnet OCID Here> |
| 44 | + role: control-plane |
| 45 | + name: control-plane |
| 46 | +``` |
| 47 | +
|
| 48 | +In the above spec, note that name has to be mentioned for Subnet/NSG. This is so that Kubernetes |
| 49 | +can merge the list properly when there is an update. |
| 50 | +
|
| 51 | +## Example `OCICluster` Spec with external infrastructure |
| 52 | + |
8 | 53 | CAPOCI supports [externally managed cluster infrastructure](https://github.com/kubernetes-sigs/cluster-api/blob/10d89ceca938e4d3d94a1d1c2b60515bcdf39829/docs/proposals/20210203-externally-managed-cluster-infrastructure.md). |
9 | 54 |
|
10 | 55 | If the `OCICluster` resource includes a `cluster.x-k8s.io/managed-by` annotation, then the [controller will skip any reconciliation](https://cluster-api.sigs.k8s.io/developer/providers/cluster-infrastructure.html#normal-resource). |
11 | 56 |
|
12 | 57 | This is useful for scenarios where a different persona is managing the cluster infrastructure out-of-band while still wanting to use CAPOCI for automated machine management. |
13 | 58 |
|
14 | | -## Example `OCICluster` Spec with external infrastructure |
15 | | - |
16 | | -The following `OCICluster` Spec includes the mandatory fields to be specified for externally managed infrastructure to work properly. |
| 59 | +The following `OCICluster` Spec includes the mandatory fields to be specified for externally managed infrastructure to work properly. In this example neither the VCN nor the network load balancer will be managed by CAPOCI. |
17 | 60 |
|
18 | 61 | ```yaml |
19 | 62 | apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 |
@@ -87,3 +130,4 @@ curl -o -s -X PATCH -H "Accept: application/json, */*" \ |
87 | 130 | https://<management-plane-api-endpoint>/apis/infrastructure.cluster.x-k8s.io/v1beta1/namespaces/<cluster-namespace>/ociclusters/<cluster-name>/status \ |
88 | 131 | --data '{"status":{"ready":true,"failureDomains":{"1":{"attributes":{"AvailabilityDomain":"zkJl:US-ASHBURN-1-AD-1"},"controlPlane":true},"2":{"attributes":{"AvailabilityDomain":"zkJl:US-ASHBURN-1-AD-2"},"controlPlane":true},"3":{"attributes":{"AvailabilityDomain":"zkJl:US-ASHBURN-1-AD-3"}}}}}' |
89 | 132 | ``` |
| 133 | + |
0 commit comments