Deploy the OKE Terraform Module

Prerequisites

• Required Keys and OCIDs
• Required IAM policies
• git, ssh client to run locally
• Terraform >= 1.2.0 to run locally

Provisioning from an OCI Resource Manager Stack

Network

Network resources configured for an OKE cluster.

The following resources may be created depending on provided configuration:

• core_vcn
• core_nat_gateway
• core_internet_gateway
• core_subnet
• core_instance (bastion)

Cluster

An OKE-managed Kubernetes cluster.

The following resources may be created depending on provided configuration:

• core_network_security_group
• core_network_security_group_security_rule
• core_instance (operator)
• containerengine_cluster

Node Pool

A standard OKE-managed pool of worker nodes with enhanced feature support.

Configured with mode = "node-pool" on a worker_pools entry, or with worker_pool_mode = "node-pool" to use as the default for all pools unless otherwise specified.

You can set the image_type attribute to one of the following values:

• oke (default)
• platform
• custom.

When the image_type is equal to oke or platform there is a high risk for the node-pool image to be updated on subsequent terraform apply executions because the module is using a datasource to fetch the latest images available.

To avoid this situation, you can set the image_type to custom and the image_id to the OCID of the image you want to use for the node-pool.

The following resources may be created depending on provided configuration:

• containerengine_node_pool

Virtual Node Pool

An OKE-managed Virtual Node Pool.

Configured with mode = "virtual-node-pool" on a worker_pools entry, or with worker_pool_mode = "virtual-node-pool" to use as the default for all pools unless otherwise specified.

The following resources may be created depending on provided configuration:

• containerengine_virtual_node_pool

Instance

A set of self-managed Compute Instances for custom user-provisioned worker nodes not managed by an OCI pool, but individually by Terraform.

Configured with mode = "instance" on a worker_pools entry, or with worker_pool_mode = "instance" to use as the default for all pools unless otherwise specified.

The following resources may be created depending on provided configuration:

• identity_dynamic_group (workers)
• identity_policy (JoinCluster)
• core_instance

Instance Pool

A self-managed Compute Instance Pool for custom user-provisioned worker nodes.

Configured with mode = "instance-pool" on a worker_pools entry, or with worker_pool_mode = "instance-pool" to use as the default for all pools unless otherwise specified.

The following resources may be created depending on provided configuration:

• identity_dynamic_group (workers)
• identity_policy (JoinCluster)
• core_instance_configuration
• core_instance_pool

Cluster Network

A self-managed HPC Cluster Network.

Configured with mode = "cluster-network" on a worker_pools entry, or with worker_pool_mode = "cluster-network" to use as the default for all pools unless otherwise specified.

The following resources may be created depending on provided configuration:

• identity_dynamic_group (workers)
• identity_policy (JoinCluster)
• core_instance_configuration
• core_cluster_network