Terraform Oracle Kubernetes Engine (OKE) cluster module

Terraform module to provision Oracle Cloud Infrastructure (OCI) Kubernetes (OKE) cluster with dynamic nodepool creation.

Table of contents

• Requirements
• Mdodules
• Usage
• Inputs

Requirements

Name	Version
terraform	>= 1.2.0
kubernetes	~> 2.23
oci	~> 5.16

Modules

Name	Source	Version
k8s-cluster	./modules/k8s-cluster	n/a
nodepool	./modules/nodepool	n/a
virtual-nodepool	./modules/virtual-nodepool	n/a

Usage

module "terraform-oci-oke" {
    source = "github.com/avaloqcloud/terraform-oci-oke"
}

File provider.tf content example:

terraform {
  
  required_version = ">= 1.2.0"

  required_providers {
    oci = {
      source = "oracle/oci"
      version = "~> 5.16"
    }
    kubernetes = {
      source  = "hashicorp/kubernetes"
      version = "~> 2.23"
    }
  }
}

Inputs

Name	Description	Type	Default	Required
cluster_kubernetes_version	n/a	string	"v1.27.2"	no
cluster_name	The name of oke cluster.	string	"oke"	no
cluster_type	The cluster type. See Working with Enhanced Clusters and Basic Clusters for more information.	string	"basic"	no
cni_type	The CNI for the cluster: FLANNEL_OVERLAY or OCI_VCN_IP_NATIVE	string	"OCI_VCN_IP_NATIVE"	no
compartment_id	n/a	string	n/a	yes
control_plane_subnet_id	The id of the regional subnet in which to place the Cluster endpoint.	string	n/a	yes
is_public_ip_enabled	Whether the Kubernetes control plane endpoint should be allocated a public IP address to enable access over public internet.	bool	false	no
loadbalancer_subnet_id	The ids of the subnets used for Kubernetes services load balancers.	string	n/a	yes
node_type	The type of the node pool: Managed or Virtual	string	"Managed"	no
nodepool	n/a	map(object({ node_pool_name = string, image_id = string, node_shape = string, availabilitydomain = string, worker_subnet_id = string, faultdomain = list(string), size = number, node_nsg_ids: [], pod_nsg_ids: [], max_pods_per_node = number, pod_subnet_id = string, memory = number, ocpus = number, ssh_public_key = string, pod_configuration_shape = string }))	{ "nodepool": { "availabilitydomain": "Wfog:EU-ZURICH-1-AD-1", "faultdomain": [ "FAULT-DOMAIN-1", "FAULT-DOMAIN-2", "FAULT-DOMAIN-3" ], "image_id": "", "max_pods_per_node": 67, "memory": 32, "node_pool_name": "managed-nodepool", "node_shape": "VM.Standard.E3.Flex", "ocpus": 4, "pod_configuration_shape": "Pod.Standard.E3.Flex", "pod_subnet_id": "", "size": 2, "node_nsg_ids": [], "pod_nsg_ids": [], "ssh_public_key": "", "worker_subnet_id": "" } }	no
pods_cidr	The CIDR range used for IP addresses by the pods. A /16 CIDR is generally sufficient. This CIDR should not overlap with any subnet range in the VCN (it can also be outside the VCN CIDR range). Ignored when cni_type = 'npn'.	string	"10.244.0.0/16"	no
services_cidr	The CIDR range used within the cluster by Kubernetes services (ClusterIPs). This CIDR should not overlap with the VCN CIDR range.	string	"10.96.0.0/16"	no
vcn_id	The id of the virtual cloud network (VCN) in which to create the cluster.	string	n/a	yes
virtual-nodepool	n/a	map(object({ node_pool_name = string, availabilitydomain = string, worker_subnet_id = string, faultdomain = list(string), size = number, node_nsg_ids: [], pod_nsg_ids: [], pod_subnet_id = string, pod_configuration_shape = string }))	{ "virtual-nodepool": { "availabilitydomain": "Wfog:EU-ZURICH-1-AD-1", "faultdomain": [ "FAULT-DOMAIN-1", "FAULT-DOMAIN-2", "FAULT-DOMAIN-3" ], "node_pool_name": "virtual-nodepool", "pod_configuration_shape": "Pod.Standard.E3.Flex", "pod_subnet_id": "", "size": 2, "node_nsg_ids": [], "pod_nsg_ids": [], "worker_subnet_id": "" } }	no
kms_key_id	The OCID of the KMS key to be used as the master encryption key for Kubernetes secret encryption.	string	""	no
add_network_security_group	Enable to add network security group	bool	false	no
network_security_group_id	A list of the OCIDs of the network security groups (NSGs) to apply to the cluster endpoint.	set(string)	[]	no