Merge pull request #35 from junior/v0.9.2-patch

V0.9.2 patch
oracle-quickstart · May 23, 2023 · 1cf79a6 · 1cf79a6
2 parents bf7fd57 + 6ead9da
commit 1cf79a6
Show file tree

Hide file tree

Showing 8 changed files with 139 additions and 47 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.9.1
+0.9.2
diff --git a/examples/basic-cluster/oke.tf b/examples/basic-cluster/oke.tf
@@ -28,7 +28,7 @@ module "oke-quickstart" {
   node_pool_initial_num_worker_nodes_1 = 3                                                                       # Minimum number of nodes in the node pool
   node_pool_max_num_worker_nodes_1     = 10                                                                      # Maximum number of nodes in the node pool
   node_pool_instance_shape_1           = { "instanceShape" = "VM.Standard.E4.Flex", "ocpus" = 2, "memory" = 64 } # If not using a Flex shape, ocpus and memory are ignored
-  node_pool_boot_volume_size_in_gbs_1  = 120
+  node_pool_boot_volume_size_in_gbs_1  = 60
 
   # VCN for OKE arguments
   vcn_cidr_blocks = "10.22.0.0/16"

diff --git a/examples/basic-cluster/providers.tf b/examples/basic-cluster/providers.tf
@@ -1,39 +1,79 @@
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-# 
-
-terraform {
-  required_version = ">= 1.1"
-  required_providers {
-    oci = {
-      source  = "oracle/oci"
-      version = "~> 4, < 5"
-      # https://registry.terraform.io/providers/oracle/oci/
-    }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = "~> 2"
-      # https://registry.terraform.io/providers/hashicorp/kubernetes/
-    }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "~> 2"
-      # https://registry.terraform.io/providers/hashicorp/helm/
-    }
-    tls = {
-      source  = "hashicorp/tls"
-      version = "~> 4"
-      # https://registry.terraform.io/providers/hashicorp/tls/
-    }
-    local = {
-      source  = "hashicorp/local"
-      version = "~> 2"
-      # https://registry.terraform.io/providers/hashicorp/local/
-    }
-    random = {
-      source  = "hashicorp/random"
-      version = "~> 3"
-      # https://registry.terraform.io/providers/hashicorp/random/
+#
+
+provider "oci" {
+  tenancy_ocid = var.tenancy_ocid
+  region       = var.region
+
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+}
+
+provider "oci" {
+  alias        = "home_region"
+  tenancy_ocid = var.tenancy_ocid
+  region       = local.home_region
+
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+}
+
+# New configuration to avoid Terraform Kubernetes provider interpolation. https://registry.terraform.io/providers/hashicorp/kubernetes/2.2.0/docs#stacking-with-managed-kubernetes-cluster-resources
+# Currently need to uncheck to refresh (--refresh=false) when destroying or else the terraform destroy will fail
+
+# https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengdownloadkubeconfigfile.htm#notes
+provider "kubernetes" {
+  host                   = local.cluster_endpoint
+  cluster_ca_certificate = local.cluster_ca_certificate
+  insecure               = local.external_private_endpoint
+  exec {
+    api_version = "client.authentication.k8s.io/v1beta1"
+    args        = ["ce", "cluster", "generate-token", "--cluster-id", local.cluster_id, "--region", local.cluster_region]
+    command     = "oci"
+  }
+}
+
+# https://docs.cloud.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengdownloadkubeconfigfile.htm#notes
+provider "helm" {
+  kubernetes {
+    host                   = local.cluster_endpoint
+    cluster_ca_certificate = local.cluster_ca_certificate
+    insecure               = local.external_private_endpoint
+    exec {
+      api_version = "client.authentication.k8s.io/v1beta1"
+      args        = ["ce", "cluster", "generate-token", "--cluster-id", local.cluster_id, "--region", local.cluster_region]
+      command     = "oci"
     }
   }
 }
+
+locals {
+  cluster_endpoint          = yamldecode(module.oke-quickstart.kubeconfig)["clusters"][0]["cluster"]["server"]
+  external_private_endpoint = false
+  # cluster_endpoint = (var.cluster_endpoint_visibility == "Private") ? (
+  #   "https://${module.oke.orm_private_endpoint_oke_api_ip_address}:6443") : (
+  # yamldecode(module.oke.kubeconfig)["clusters"][0]["cluster"]["server"])
+  # external_private_endpoint = (var.cluster_endpoint_visibility == "Private") ? true : false
+  cluster_ca_certificate = base64decode(yamldecode(module.oke-quickstart.kubeconfig)["clusters"][0]["cluster"]["certificate-authority-data"])
+  cluster_id             = yamldecode(module.oke-quickstart.kubeconfig)["users"][0]["user"]["exec"]["args"][4]
+  cluster_region         = yamldecode(module.oke-quickstart.kubeconfig)["users"][0]["user"]["exec"]["args"][6]
+}
+
+# Gets home and current regions
+data "oci_identity_tenancy" "tenant_details" {
+  tenancy_id = var.tenancy_ocid
+}
+data "oci_identity_regions" "home_region" {
+  filter {
+    name   = "key"
+    values = [data.oci_identity_tenancy.tenant_details.home_region_key]
+  }
+
+  count = var.home_region != "" ? 0 : 1
+}
+locals {
+  home_region = var.home_region != "" ? var.home_region : lookup(data.oci_identity_regions.home_region.0.regions.0, "name")
+}
diff --git a/examples/basic-cluster/versions.tf b/examples/basic-cluster/versions.tf
@@ -0,0 +1,40 @@
+# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+# 
+
+terraform {
+  required_version = ">= 1.1"
+  required_providers {
+    oci = {
+      source  = "oracle/oci"
+      version = "~> 4, < 5"
+      # https://registry.terraform.io/providers/oracle/oci/
+      configuration_aliases = [oci.home_region]
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2"
+      # https://registry.terraform.io/providers/hashicorp/kubernetes/
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 2"
+      # https://registry.terraform.io/providers/hashicorp/helm/
+    }
+    tls = {
+      source  = "hashicorp/tls"
+      version = "~> 4"
+      # https://registry.terraform.io/providers/hashicorp/tls/
+    }
+    local = {
+      source  = "hashicorp/local"
+      version = "~> 2"
+      # https://registry.terraform.io/providers/hashicorp/local/
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3"
+      # https://registry.terraform.io/providers/hashicorp/random/
+    }
+  }
+}
diff --git a/main.tf b/main.tf
@@ -117,6 +117,7 @@ module "oke_node_pools" {
   node_pool_shape                           = each.value.node_pool_shape
   node_pool_shape_specific_ad               = try(each.value.node_pool_shape_specific_ad, 0)
   node_pool_node_shape_config_ocpus         = try(each.value.node_pool_node_shape_config_ocpus, 4)
+  node_pool_boot_volume_size_in_gbs         = try(each.value.node_pool_boot_volume_size_in_gbs, 80)
   node_pool_node_shape_config_memory_in_gbs = try(each.value.node_pool_node_shape_config_memory_in_gbs, 48)
   existent_oke_nodepool_id_for_autoscaler   = try(each.value.existent_oke_nodepool_id_for_autoscaler, null)
   node_pool_autoscaler_enabled              = try(each.value.node_pool_autoscaler_enabled, true)

diff --git a/modules/oke-node-pool/main.tf b/modules/oke-node-pool/main.tf
@@ -30,7 +30,8 @@ resource "oci_containerengine_node_pool" "oke_node_pool" {
       pod_subnet_ids    = [var.vcn_native_pod_networking_subnet_ocid]
     }
     # nsg_ids       = []
-    size          = var.node_pool_min_nodes
+    size = var.node_pool_min_nodes
+    # is_pv_encryption_in_transit_enabled = var.node_pool_node_config_details_is_pv_encryption_in_transit_enabled
     kms_key_id    = var.oci_vault_key_id_oke_node_boot_volume != "" ? var.oci_vault_key_id_oke_node_boot_volume : null
     freeform_tags = var.worker_nodes_tags.freeformTags
     defined_tags  = var.worker_nodes_tags.definedTags
@@ -49,14 +50,22 @@ resource "oci_containerengine_node_pool" "oke_node_pool" {
     image_id                = lookup(data.oci_core_images.node_pool_images.images[0], "id")
     boot_volume_size_in_gbs = var.node_pool_boot_volume_size_in_gbs
   }
+
   # node_eviction_node_pool_settings {
-  #   eviction_grace_duration              = "PT1H"
-  #   is_force_delete_after_grace_duration = false
+  #   eviction_grace_duration = var.node_pool_node_eviction_node_pool_settings_eviction_grace_duration #PT60M
+  #   is_force_delete_after_grace_duration = var.node_pool_node_eviction_node_pool_settings_is_force_delete_after_grace_duration #false
   # }
+
   node_metadata = {
     user_data = anytrue([var.node_pool_oke_init_params != "", var.node_pool_cloud_init_parts != []]) ? data.cloudinit_config.nodes.rendered : null
   }
 
+  # node_pool_cycling_details {
+  #       is_node_cycling_enabled = var.node_pool_node_pool_cycling_details_is_node_cycling_enabled
+  #       maximum_surge = var.node_pool_node_pool_cycling_details_maximum_surge
+  #       maximum_unavailable = var.node_pool_node_pool_cycling_details_maximum_unavailable
+  # }
+
   initial_node_labels {
     key   = "name"
     value = var.node_pool_name

diff --git a/modules/oke-node-pool/variables.tf b/modules/oke-node-pool/variables.tf
@@ -1,6 +1,6 @@
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2022, 2023, Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-# 
+#
 
 # OKE Variables
 variable "oke_cluster_ocid" {

diff --git a/modules/oke/main.tf b/modules/oke/main.tf
@@ -1,16 +1,18 @@
-# Copyright (c) 2021, 2022, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2021-2023 Oracle and/or its affiliates. All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-# 
+#
+
+# File Version: 0.9.2
 
 resource "oci_containerengine_cluster" "oke_cluster" {
   compartment_id     = local.oke_compartment_ocid
   kubernetes_version = (var.k8s_version == "Latest") ? local.cluster_k8s_latest_version : var.k8s_version
   name               = "${local.app_name} (${local.deploy_id})"
   vcn_id             = var.vcn_id
   kms_key_id         = var.oci_vault_key_id_oke_secrets != "" ? var.oci_vault_key_id_oke_secrets : null
-  # type               = var.cluster_type
-  freeform_tags = var.cluster_tags.freeformTags
-  defined_tags  = var.cluster_tags.definedTags
+  type               = var.cluster_type
+  freeform_tags      = var.cluster_tags.freeformTags
+  defined_tags       = var.cluster_tags.definedTags
 
   endpoint_config {
     is_public_ip_enabled = (var.cluster_endpoint_visibility == "Private") ? false : true