diff --git a/integration-tests/src/test/resources/oke/terraform/cluster.tf b/integration-tests/src/test/resources/oke/terraform/cluster.tf index 6d8bff82cc7..91a2f796b60 100755 --- a/integration-tests/src/test/resources/oke/terraform/cluster.tf +++ b/integration-tests/src/test/resources/oke/terraform/cluster.tf @@ -2,62 +2,103 @@ # Copyright (c) 2020, 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. */ -variable "cluster_kubernetes_version" { default = "v1.15.7" } -variable "cluster_name" { default = "tfTestCluster" } -variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { default = true } -variable "cluster_options_add_ons_is_tiller_enabled" { default = true } -variable "cluster_options_kubernetes_network_config_pods_cidr" { default = "10.1.0.0/16" } -variable "cluster_options_kubernetes_network_config_services_cidr" { default = "10.2.0.0/16" } -variable "node_pool_initial_node_labels_key" { default = "key" } -variable "node_pool_initial_node_labels_value" { default = "value" } -variable "node_pool_kubernetes_version" { default = "v1.11.5" } -variable "node_pool_name" { default = "tfTestCluster_workers" } -variable "node_pool_node_image_name" { default = "Oracle-Linux-7.6" } -variable "node_pool_node_shape" { default = "VM.Standard2.1" } -variable "node_pool_quantity_per_subnet" { default = 2 } -variable "node_pool_ssh_public_key" { } +variable "cluster_kubernetes_version" { + default = "v1.17.9" +} -data "oci_identity_availability_domains" "tfsample_availability_domains" { - compartment_id = "${var.compartment_ocid}" +variable "cluster_name" { + default = "tfTestCluster" +} + +variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { + default = true +} + +variable "cluster_options_add_ons_is_tiller_enabled" { + default = true +} + +variable "cluster_options_kubernetes_network_config_pods_cidr" { + default = "10.1.0.0/16" +} + +variable "cluster_options_kubernetes_network_config_services_cidr" { + default = "10.2.0.0/16" +} + +variable "node_pool_initial_node_labels_key" { + default = "key" +} + +variable "node_pool_initial_node_labels_value" { + default = "value" +} + +variable "node_pool_kubernetes_version" { + default = "v1.17.9" } +variable "node_pool_name" { + default = "tfTestCluster_workers" +} + +variable "node_pool_node_image_name" { + default = "Oracle-Linux-7.6" +} + +variable "node_pool_node_shape" { + default = "VM.Standard2.1" +} + +variable "node_pool_quantity_per_subnet" { + default = 2 +} + +variable "node_pool_ssh_public_key" { +} + +data "oci_identity_availability_domains" "tfsample_availability_domains" { + compartment_id = var.compartment_ocid +} resource "oci_containerengine_cluster" "tfsample_cluster" { #Required - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.cluster_kubernetes_version}" - name = "${var.cluster_name}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = var.compartment_ocid + kubernetes_version = var.cluster_kubernetes_version + name = var.cluster_name + vcn_id = oci_core_virtual_network.oke-vcn.id #Optional options { - service_lb_subnet_ids = ["${oci_core_subnet.oke-subnet-loadbalancer-1.id}", "${oci_core_subnet.oke-subnet-loadbalancer-2.id}"] + service_lb_subnet_ids = [oci_core_subnet.oke-subnet-loadbalancer-1.id, oci_core_subnet.oke-subnet-loadbalancer-2.id] #Optional add_ons { #Optional - is_kubernetes_dashboard_enabled = "${var.cluster_options_add_ons_is_kubernetes_dashboard_enabled}" - is_tiller_enabled = "${var.cluster_options_add_ons_is_tiller_enabled}" + is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled + is_tiller_enabled = var.cluster_options_add_ons_is_tiller_enabled } } } resource "oci_containerengine_node_pool" "tfsample_node_pool" { - #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster.id}" - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.node_pool_kubernetes_version}" - name = "${var.node_pool_name}" - node_image_name = "${var.node_pool_node_image_name}" - node_shape = "${var.node_pool_node_shape}" - #subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}","${oci_core_subnet.oke-subnet-worker-3.id}"] - subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}"] + #Required + cluster_id = oci_containerengine_cluster.tfsample_cluster.id + compartment_id = var.compartment_ocid + kubernetes_version = var.node_pool_kubernetes_version + name = var.node_pool_name + node_image_name = var.node_pool_node_image_name + node_shape = var.node_pool_node_shape + + #subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}","${oci_core_subnet.oke-subnet-worker-3.id}"] + subnet_ids = [oci_core_subnet.oke-subnet-worker-1.id, oci_core_subnet.oke-subnet-worker-2.id] - #Optional - quantity_per_subnet = "${var.node_pool_quantity_per_subnet}" - ssh_public_key = "${var.node_pool_ssh_public_key}" + #Optional + quantity_per_subnet = var.node_pool_quantity_per_subnet + ssh_public_key = var.node_pool_ssh_public_key } output "cluster_id" { - value = "${oci_containerengine_cluster.tfsample_cluster.id}" + value = oci_containerengine_cluster.tfsample_cluster.id } + diff --git a/integration-tests/src/test/resources/oke/terraform/export.tf b/integration-tests/src/test/resources/oke/terraform/export.tf index d99a7b0c892..823b53e3303 100755 --- a/integration-tests/src/test/resources/oke/terraform/export.tf +++ b/integration-tests/src/test/resources/oke/terraform/export.tf @@ -4,7 +4,8 @@ */ resource "oci_file_storage_export" "oketest_export" { #Required - export_set_id = "${oci_file_storage_export_set.oketest_export_set.id}" - file_system_id = "${oci_file_storage_file_system.oketest_fs.id}" + export_set_id = oci_file_storage_export_set.oketest_export_set.id + file_system_id = oci_file_storage_file_system.oketest_fs.id path = "/oketest" } + diff --git a/integration-tests/src/test/resources/oke/terraform/export_set.tf b/integration-tests/src/test/resources/oke/terraform/export_set.tf index f44a332df40..8992e692eba 100755 --- a/integration-tests/src/test/resources/oke/terraform/export_set.tf +++ b/integration-tests/src/test/resources/oke/terraform/export_set.tf @@ -5,5 +5,6 @@ resource "oci_file_storage_export_set" "oketest_export_set" { # Required - mount_target_id = "${oci_file_storage_mount_target.oketest_mount_target.id}" + mount_target_id = oci_file_storage_mount_target.oketest_mount_target.id } + diff --git a/integration-tests/src/test/resources/oke/terraform/file_system.tf b/integration-tests/src/test/resources/oke/terraform/file_system.tf index 471cc5c4461..bc2cadd1166 100755 --- a/integration-tests/src/test/resources/oke/terraform/file_system.tf +++ b/integration-tests/src/test/resources/oke/terraform/file_system.tf @@ -5,6 +5,7 @@ resource "oci_file_storage_file_system" "oketest_fs" { #Required - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" - compartment_id = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] + compartment_id = var.compartment_ocid } + diff --git a/integration-tests/src/test/resources/oke/terraform/kube_config.tf b/integration-tests/src/test/resources/oke/terraform/kube_config.tf index 8ac5f9d8c62..432166102b5 100755 --- a/integration-tests/src/test/resources/oke/terraform/kube_config.tf +++ b/integration-tests/src/test/resources/oke/terraform/kube_config.tf @@ -3,15 +3,21 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. */ -variable "cluster_kube_config_expiration" { default = 2592000 } -variable "cluster_kube_config_token_version" { default = "1.0.0" } +variable "cluster_kube_config_expiration" { + default = 2592000 +} + +variable "cluster_kube_config_token_version" { + default = "2.0.0" +} data "oci_containerengine_cluster_kube_config" "tfsample_cluster_kube_config" { #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster.id}" + cluster_id = oci_containerengine_cluster.tfsample_cluster.id } resource "local_file" "tfsample_cluster_kube_config_file" { - content = "${data.oci_containerengine_cluster_kube_config.tfsample_cluster_kube_config.content}" + content = data.oci_containerengine_cluster_kube_config.tfsample_cluster_kube_config.content filename = "${path.module}/${var.cluster_name}_kubeconfig" } + diff --git a/integration-tests/src/test/resources/oke/terraform/mount_target.tf b/integration-tests/src/test/resources/oke/terraform/mount_target.tf index 3fdb854a22f..fd92ada8b48 100755 --- a/integration-tests/src/test/resources/oke/terraform/mount_target.tf +++ b/integration-tests/src/test/resources/oke/terraform/mount_target.tf @@ -4,11 +4,12 @@ */ resource "oci_file_storage_mount_target" "oketest_mount_target" { #Required - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" - - compartment_id = "${var.compartment_ocid}" - subnet_id = "${oci_core_subnet.oke-subnet-worker-2.id}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] + + compartment_id = var.compartment_ocid + subnet_id = oci_core_subnet.oke-subnet-worker-2.id #Optional display_name = "${var.cluster_name}-mt" } + diff --git a/integration-tests/src/test/resources/oke/terraform/provider.tf b/integration-tests/src/test/resources/oke/terraform/provider.tf index de6d0093376..1807dcbccd1 100755 --- a/integration-tests/src/test/resources/oke/terraform/provider.tf +++ b/integration-tests/src/test/resources/oke/terraform/provider.tf @@ -5,17 +5,28 @@ */ // These variables would commonly be defined as environment variables or sourced in a .env file -variable "tenancy_ocid" {} -variable "user_ocid" {} -variable "fingerprint" {} -variable "private_key_path" {} -variable "region" { default = "us-phoenix-1" } +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { + default = "us-phoenix-1" +} provider "oci" { version = ">= 3.0.0" - region = "${var.region}" - tenancy_ocid = "${var.tenancy_ocid}" - user_ocid = "${var.user_ocid}" - fingerprint = "${var.fingerprint}" - private_key_path = "${var.private_key_path}" + region = var.region + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/cluster.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/cluster.tf index 9f12e30efad..5c061da3df0 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/cluster.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/cluster.tf @@ -2,104 +2,156 @@ # Copyright (c) 2020, 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. */ -variable "cluster_kubernetes_version" { default = "v1.15.7" } -variable "cluster_name1" { default = "tfTestCluster1" } -variable "cluster_name2" { default = "tfTestCluster2" } -variable "cluster_name" { default = "twoTestClusters" } -variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { default = true } -variable "cluster_options_add_ons_is_tiller_enabled" { default = true } -variable "cluster_options_kubernetes_network_config_pods_cidr" { default = "10.1.0.0/16" } -variable "cluster_options_kubernetes_network_config_services_cidr" { default = "10.2.0.0/16" } -variable "node_pool_initial_node_labels_key" { default = "key" } -variable "node_pool_initial_node_labels_value" { default = "value" } -variable "node_pool_kubernetes_version" { default = "v1.11.5" } -variable "node_pool_name1" { default = "tfTestCluster_workers1" } -variable "node_pool_name2" { default = "tfTestCluster_workers2" } -variable "node_pool_node_image_name" { default = "Oracle-Linux-7.6" } -variable "node_pool_node_shape" { default = "VM.Standard2.1" } -variable "node_pool_quantity_per_subnet" { default = 2 } -variable "node_pool_ssh_public_key" { } +variable "cluster_kubernetes_version" { + default = "v1.17.9" +} -data "oci_identity_availability_domains" "tfsample_availability_domains" { - compartment_id = "${var.compartment_ocid}" +variable "cluster_name1" { + default = "tfTestCluster1" +} + +variable "cluster_name2" { + default = "tfTestCluster2" +} + +variable "cluster_name" { + default = "twoTestClusters" } +variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { + default = true +} + +variable "cluster_options_add_ons_is_tiller_enabled" { + default = true +} + +variable "cluster_options_kubernetes_network_config_pods_cidr" { + default = "10.1.0.0/16" +} + +variable "cluster_options_kubernetes_network_config_services_cidr" { + default = "10.2.0.0/16" +} + +variable "node_pool_initial_node_labels_key" { + default = "key" +} + +variable "node_pool_initial_node_labels_value" { + default = "value" +} + +variable "node_pool_kubernetes_version" { + default = "v1.17.9" +} + +variable "node_pool_name1" { + default = "tfTestCluster_workers1" +} + +variable "node_pool_name2" { + default = "tfTestCluster_workers2" +} + +variable "node_pool_node_image_name" { + default = "Oracle-Linux-7.6" +} + +variable "node_pool_node_shape" { + default = "VM.Standard2.1" +} + +variable "node_pool_quantity_per_subnet" { + default = 2 +} + +variable "node_pool_ssh_public_key" { +} + +data "oci_identity_availability_domains" "tfsample_availability_domains" { + compartment_id = var.compartment_ocid +} resource "oci_containerengine_cluster" "tfsample_cluster1" { #Required - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.cluster_kubernetes_version}" - name = "${var.cluster_name1}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = var.compartment_ocid + kubernetes_version = var.cluster_kubernetes_version + name = var.cluster_name1 + vcn_id = oci_core_virtual_network.oke-vcn.id #Optional options { - service_lb_subnet_ids = ["${oci_core_subnet.oke-subnet-loadbalancer-1.id}", "${oci_core_subnet.oke-subnet-loadbalancer-2.id}"] + service_lb_subnet_ids = [oci_core_subnet.oke-subnet-loadbalancer-1.id, oci_core_subnet.oke-subnet-loadbalancer-2.id] #Optional add_ons { #Optional - is_kubernetes_dashboard_enabled = "${var.cluster_options_add_ons_is_kubernetes_dashboard_enabled}" - is_tiller_enabled = "${var.cluster_options_add_ons_is_tiller_enabled}" + is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled + is_tiller_enabled = var.cluster_options_add_ons_is_tiller_enabled } } } resource "oci_containerengine_cluster" "tfsample_cluster2" { #Required - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.cluster_kubernetes_version}" - name = "${var.cluster_name2}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = var.compartment_ocid + kubernetes_version = var.cluster_kubernetes_version + name = var.cluster_name2 + vcn_id = oci_core_virtual_network.oke-vcn.id #Optional options { - service_lb_subnet_ids = ["${oci_core_subnet.oke-subnet-loadbalancer-1.id}", "${oci_core_subnet.oke-subnet-loadbalancer-2.id}"] + service_lb_subnet_ids = [oci_core_subnet.oke-subnet-loadbalancer-1.id, oci_core_subnet.oke-subnet-loadbalancer-2.id] #Optional add_ons { #Optional - is_kubernetes_dashboard_enabled = "${var.cluster_options_add_ons_is_kubernetes_dashboard_enabled}" - is_tiller_enabled = "${var.cluster_options_add_ons_is_tiller_enabled}" + is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled + is_tiller_enabled = var.cluster_options_add_ons_is_tiller_enabled } } } resource "oci_containerengine_node_pool" "tfsample_node_pool1" { - #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster1.id}" - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.node_pool_kubernetes_version}" - name = "${var.node_pool_name1}" - node_image_name = "${var.node_pool_node_image_name}" - node_shape = "${var.node_pool_node_shape}" - #subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}","${oci_core_subnet.oke-subnet-worker-3.id}"] - subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}"] + #Required + cluster_id = oci_containerengine_cluster.tfsample_cluster1.id + compartment_id = var.compartment_ocid + kubernetes_version = var.node_pool_kubernetes_version + name = var.node_pool_name1 + node_image_name = var.node_pool_node_image_name + node_shape = var.node_pool_node_shape + + #subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}","${oci_core_subnet.oke-subnet-worker-3.id}"] + subnet_ids = [oci_core_subnet.oke-subnet-worker-1.id, oci_core_subnet.oke-subnet-worker-2.id] - #Optional - quantity_per_subnet = "${var.node_pool_quantity_per_subnet}" - ssh_public_key = "${var.node_pool_ssh_public_key}" + #Optional + quantity_per_subnet = var.node_pool_quantity_per_subnet + ssh_public_key = var.node_pool_ssh_public_key } resource "oci_containerengine_node_pool" "tfsample_node_pool2" { #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster2.id}" - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.node_pool_kubernetes_version}" - name = "${var.node_pool_name2}" - node_image_name = "${var.node_pool_node_image_name}" - node_shape = "${var.node_pool_node_shape}" + cluster_id = oci_containerengine_cluster.tfsample_cluster2.id + compartment_id = var.compartment_ocid + kubernetes_version = var.node_pool_kubernetes_version + name = var.node_pool_name2 + node_image_name = var.node_pool_node_image_name + node_shape = var.node_pool_node_shape + #subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}","${oci_core_subnet.oke-subnet-worker-3.id}"] - subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}"] + subnet_ids = [oci_core_subnet.oke-subnet-worker-1.id, oci_core_subnet.oke-subnet-worker-2.id] #Optional - quantity_per_subnet = "${var.node_pool_quantity_per_subnet}" - ssh_public_key = "${var.node_pool_ssh_public_key}" + quantity_per_subnet = var.node_pool_quantity_per_subnet + ssh_public_key = var.node_pool_ssh_public_key } output "cluster1_id" { - value = "${oci_containerengine_cluster.tfsample_cluster1.id}" + value = oci_containerengine_cluster.tfsample_cluster1.id } + output "cluster2_id" { - value = "${oci_containerengine_cluster.tfsample_cluster2.id}" + value = oci_containerengine_cluster.tfsample_cluster2.id } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/export.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/export.tf index d99a7b0c892..823b53e3303 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/export.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/export.tf @@ -4,7 +4,8 @@ */ resource "oci_file_storage_export" "oketest_export" { #Required - export_set_id = "${oci_file_storage_export_set.oketest_export_set.id}" - file_system_id = "${oci_file_storage_file_system.oketest_fs.id}" + export_set_id = oci_file_storage_export_set.oketest_export_set.id + file_system_id = oci_file_storage_file_system.oketest_fs.id path = "/oketest" } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/export_set.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/export_set.tf index f44a332df40..8992e692eba 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/export_set.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/export_set.tf @@ -5,5 +5,6 @@ resource "oci_file_storage_export_set" "oketest_export_set" { # Required - mount_target_id = "${oci_file_storage_mount_target.oketest_mount_target.id}" + mount_target_id = oci_file_storage_mount_target.oketest_mount_target.id } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/file_system.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/file_system.tf index 55ef75fe07a..52ca495536e 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/file_system.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/file_system.tf @@ -5,6 +5,7 @@ resource "oci_file_storage_file_system" "oketest_fs" { #Required - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" - compartment_id = "${var.compartment_ocid}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] + compartment_id = var.compartment_ocid } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/kube_config.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/kube_config.tf index 6647b025ef1..9ea31b328b7 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/kube_config.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/kube_config.tf @@ -3,25 +3,31 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. */ -variable "cluster_kube_config_expiration" { default = 2592000 } -variable "cluster_kube_config_token_version" { default = "1.0.0" } +variable "cluster_kube_config_expiration" { + default = 2592000 +} + +variable "cluster_kube_config_token_version" { + default = "2.0.0" +} data "oci_containerengine_cluster_kube_config" "tfsample_cluster1_kube_config" { #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster1.id}" + cluster_id = oci_containerengine_cluster.tfsample_cluster1.id } data "oci_containerengine_cluster_kube_config" "tfsample_cluster2_kube_config" { #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster2.id}" + cluster_id = oci_containerengine_cluster.tfsample_cluster2.id } - resource "local_file" "tfsample_cluster1_kube_config_file" { - content = "${data.oci_containerengine_cluster_kube_config.tfsample_cluster1_kube_config.content}" + content = data.oci_containerengine_cluster_kube_config.tfsample_cluster1_kube_config.content filename = "${path.module}/${var.cluster_name1}_kubeconfig" } + resource "local_file" "tfsample_cluster2_kube_config_file" { - content = "${data.oci_containerengine_cluster_kube_config.tfsample_cluster2_kube_config.content}" + content = data.oci_containerengine_cluster_kube_config.tfsample_cluster2_kube_config.content filename = "${path.module}/${var.cluster_name2}_kubeconfig" } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/mount_target.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/mount_target.tf index 5b5fe48551b..3c196b86acc 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/mount_target.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/mount_target.tf @@ -4,11 +4,12 @@ */ resource "oci_file_storage_mount_target" "oketest_mount_target" { #Required - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" - - compartment_id = "${var.compartment_ocid}" - subnet_id = "${oci_core_subnet.oke-subnet-worker-1.id}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] + + compartment_id = var.compartment_ocid + subnet_id = oci_core_subnet.oke-subnet-worker-1.id #Optional display_name = "${var.cluster_name}-mt" } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/provider.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/provider.tf index de6d0093376..1807dcbccd1 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/provider.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/provider.tf @@ -5,17 +5,28 @@ */ // These variables would commonly be defined as environment variables or sourced in a .env file -variable "tenancy_ocid" {} -variable "user_ocid" {} -variable "fingerprint" {} -variable "private_key_path" {} -variable "region" { default = "us-phoenix-1" } +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { + default = "us-phoenix-1" +} provider "oci" { version = ">= 3.0.0" - region = "${var.region}" - tenancy_ocid = "${var.tenancy_ocid}" - user_ocid = "${var.user_ocid}" - fingerprint = "${var.fingerprint}" - private_key_path = "${var.private_key_path}" + region = var.region + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/vcn.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/vcn.tf index b8c547ad74e..c605250e88d 100755 --- a/integration-tests/src/test/resources/oke/terraform/twoclusters/vcn.tf +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/vcn.tf @@ -4,10 +4,16 @@ */ // Compartment in which to create the cluster resources. -variable "compartment_name" {} -variable "compartment_ocid" {} +variable "compartment_name" { +} + +variable "compartment_ocid" { +} + +variable "vcn_cidr_prefix" { + default = "10.0" +} -variable vcn_cidr_prefix { default = "10.0" } variable "vcn_cidr" { default = "10.0.0.0/16" } @@ -20,9 +26,9 @@ variable "vcn_cidr" { * The creation of the vcn also creates the default route table, security list, and dhcp options. */ resource "oci_core_virtual_network" "oke-vcn" { - cidr_block = "${var.vcn_cidr}" + cidr_block = var.vcn_cidr dns_label = "${var.cluster_name}vcn" - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}_vcn" } @@ -30,9 +36,9 @@ resource "oci_core_virtual_network" "oke-vcn" { * An internet gateway is created in the relevant compartment attached to the created VCN. */ resource "oci_core_internet_gateway" "oke-igateway" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-igateway" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + vcn_id = oci_core_virtual_network.oke-vcn.id } /* @@ -41,12 +47,12 @@ resource "oci_core_internet_gateway" "oke-igateway" { */ resource "oci_core_default_route_table" "oke-default-route-table" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_route_table_id display_name = "${var.cluster_name}-default-route-table" route_rules { cidr_block = "0.0.0.0/0" - network_entity_id = "${oci_core_internet_gateway.oke-igateway.id}" + network_entity_id = oci_core_internet_gateway.oke-igateway.id } } @@ -54,7 +60,7 @@ resource "oci_core_default_route_table" "oke-default-route-table" { * Configures the default dhcp options object that was created along with the VCN. */ resource "oci_core_default_dhcp_options" "oke-default-dhcp-options" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id display_name = "${var.cluster_name}-default-dhcp-options" # required @@ -68,7 +74,7 @@ resource "oci_core_default_dhcp_options" "oke-default-dhcp-options" { * Configures the default security list. */ resource "oci_core_default_security_list" "oke-default-security-list" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_security_list_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_security_list_id display_name = "${var.cluster_name}-default-security-list" // allow outbound tcp traffic on all ports @@ -79,13 +85,13 @@ resource "oci_core_default_security_list" "oke-default-security-list" { // allow inbound ssh traffic ingress_security_rules { - protocol = "6" // tcp + protocol = "6" // tcp source = "0.0.0.0/0" stateless = false tcp_options { - "min" = 22 - "max" = 22 + min = 22 + max = 22 } } @@ -95,8 +101,8 @@ resource "oci_core_default_security_list" "oke-default-security-list" { source = "0.0.0.0/0" icmp_options { - "type" = 3 - "code" = 4 + type = 3 + code = 4 } } } @@ -110,190 +116,186 @@ resource "oci_core_default_security_list" "oke-default-security-list" { * - Conatins two ingress rules to allow SSH traffic from OCI Cluster service. */ resource "oci_core_security_list" "oke-worker-security-list" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-Workers-SecList" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - - egress_security_rules = [ - { - destination = "0.0.0.0/0" - protocol = "6" // outbound TCP to the internet - stateless = false - }, - { - destination = "${var.vcn_cidr_prefix}.10.0/24" - protocol = "all" - stateless = true - }, - { - destination = "${var.vcn_cidr_prefix}.11.0/24" - protocol = "all" - stateless = true - }, - { - destination = "${var.vcn_cidr_prefix}.12.0/24" - protocol = "all" - stateless = true - }, - { - protocol = "6" // tcp - destination = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 2048 - "max" = 2050 - } - } - }, - { - protocol = "6" // tcp - destination = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 111 - "max" = 111 - } - } - }, - { - protocol = "17" // udp - destination = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - udp_options { - source_port_range { - "min" = 111 - "max" = 111 - } - } - }, - ] - - ingress_security_rules = [ - { - # Intra VCN traffic - this lets the 3 subnets in teh 3 ADs tak to each other without restriction. - # These are stateless, so they need to be accompanied by stateless egress rules. - stateless = true - - protocol = "all" - source = "${var.vcn_cidr_prefix}.10.0/24" - }, - { - stateless = true - protocol = "all" - source = "${var.vcn_cidr_prefix}.11.0/24" - }, - { - stateless = true - protocol = "all" - source = "${var.vcn_cidr_prefix}.12.0/24" - }, - { - # ICMP - protocol = 1 - source = "0.0.0.0/0" - - icmp_options { - "type" = 3 - "code" = 4 + vcn_id = oci_core_virtual_network.oke-vcn.id + + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" // outbound TCP to the internet + stateless = false + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.10.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.11.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.12.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + protocol = "6" // tcp + destination = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 2048 + max = 2050 } - }, - { - # OCI Cluster service - protocol = "6" // tcp - source = "130.35.0.0/16" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 + } + } + egress_security_rules { + protocol = "6" // tcp + destination = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 111 + max = 111 } - }, - { - protocol = "6" // tcp - source = "138.1.0.0/17" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 + } + } + egress_security_rules { + protocol = "17" // udp + destination = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + udp_options { + source_port_range { + min = 111 + max = 111 } - }, + } + } + + ingress_security_rules { + # Intra VCN traffic - this lets the 3 subnets in teh 3 ADs tak to each other without restriction. + # These are stateless, so they need to be accompanied by stateless egress rules. + stateless = true + + protocol = "all" + source = "${var.vcn_cidr_prefix}.10.0/24" + } + ingress_security_rules { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.11.0/24" + } + ingress_security_rules { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.12.0/24" + } + ingress_security_rules { + # ICMP + protocol = 1 + source = "0.0.0.0/0" + + icmp_options { + type = 3 + code = 4 + } + } + ingress_security_rules { + # OCI Cluster service + protocol = "6" // tcp + source = "130.35.0.0/16" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "138.1.0.0/17" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { # NodePort ingress rules - { - protocol = "6" // tcp - source = "0.0.0.0/0" - stateless = true - - tcp_options { - "min" = 30000 - "max" = 32767 - } - }, - { - protocol = "6" // tcp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 2048 - "max" = 2050 - } - } - }, - { - protocol = "6" // tcp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 111 - "max" = 111 - } - } - }, - { - protocol = "17" // udp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - udp_options { - source_port_range { - "min" = 111 - "max" = 111 + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = true + + tcp_options { + min = 30000 + max = 32767 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 2048 + max = 2050 } + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 111 + max = 111 } - }, - { - protocol = "17" // udp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - udp_options { - source_port_range { - "min" = 2048 - "max" = 2048 + } + } + ingress_security_rules { + protocol = "17" // udp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + udp_options { + source_port_range { + min = 111 + max = 111 } + } + } + ingress_security_rules { + protocol = "17" // udp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + udp_options { + source_port_range { + min = 2048 + max = 2048 } - }, + } + } + ingress_security_rules { # SSH Stateful ingress rules - { - protocol = "6" // tcp - source = "0.0.0.0/0" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 - } - }, - ] + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } } /* @@ -301,25 +303,21 @@ resource "oci_core_security_list" "oke-worker-security-list" { * - Allows all TCP traffic in/out. */ resource "oci_core_security_list" "oke-lb-security-list" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-LoadBalancers-SecList" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - - egress_security_rules = [ - { - destination = "0.0.0.0/0" - protocol = "6" - stateless = true - }, - ] - - ingress_security_rules = [ - { - protocol = "6" - source = "0.0.0.0/0" - stateless = true - }, - ] + vcn_id = oci_core_virtual_network.oke-vcn.id + + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + stateless = true + } + + ingress_security_rules { + protocol = "6" + source = "0.0.0.0/0" + stateless = true + } } /* @@ -347,63 +345,63 @@ resource "oci_core_security_list" "oke-lb-security-list" { */ resource "oci_core_subnet" "oke-subnet-worker-1" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] cidr_block = "${var.vcn_cidr_prefix}.10.0/24" display_name = "${var.cluster_name}-WorkerSubnet01" dns_label = "workers01" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-worker-2" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] cidr_block = "${var.vcn_cidr_prefix}.11.0/24" display_name = "${var.cluster_name}-WorkerSubnet02" dns_label = "workers02" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-worker-3" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[2]["name"] cidr_block = "${var.vcn_cidr_prefix}.12.0/24" display_name = "${var.cluster_name}-WorkerSubnet03" dns_label = "workers03" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-loadbalancer-1" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] cidr_block = "${var.vcn_cidr_prefix}.20.0/24" display_name = "${var.cluster_name}-LB-Subnet01" dns_label = "lb01" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-lb-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-loadbalancer-2" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] cidr_block = "${var.vcn_cidr_prefix}.21.0/24" display_name = "${var.cluster_name}-LB-Subnet02" dns_label = "lb02" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-lb-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } /** @@ -411,85 +409,86 @@ resource "oci_core_subnet" "oke-subnet-loadbalancer-2" { * Using any compartment id in this tennancy should also work just as well. */ data "oci_identity_availability_domains" "ADs" { - compartment_id = "${var.tenancy_ocid}" + compartment_id = var.tenancy_ocid } /* * Query the compartment we created (or re-used) */ data "oci_identity_compartments" "oke-compartment" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid filter { name = "name" - values = ["${var.compartment_name}"] + values = [var.compartment_name] } } data "oci_core_virtual_networks" "oke-vcns" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id #Filter - display_name = "${oci_core_virtual_network.oke-vcn.display_name}" + display_name = oci_core_virtual_network.oke-vcn.display_name } data "oci_core_internet_gateways" "oke-igateways" { #Required - compartment_id = "${oci_core_internet_gateway.oke-igateway.compartment_id}" - vcn_id = "${oci_core_internet_gateway.oke-igateway.vcn_id}" + compartment_id = oci_core_internet_gateway.oke-igateway.compartment_id + vcn_id = oci_core_internet_gateway.oke-igateway.vcn_id } data "oci_core_route_tables" "oke_route_tables" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id + vcn_id = oci_core_virtual_network.oke-vcn.id } data "oci_core_dhcp_options" "oke_dhcp_options" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id + vcn_id = oci_core_virtual_network.oke-vcn.id } data "oci_core_security_lists" "oke_security_lists" { #Required - compartment_id = "${oci_core_security_list.oke-worker-security-list.compartment_id}" - vcn_id = "${oci_core_security_list.oke-worker-security-list.vcn_id}" + compartment_id = oci_core_security_list.oke-worker-security-list.compartment_id + vcn_id = oci_core_security_list.oke-worker-security-list.vcn_id } data "oci_core_subnets" "oke_subnets" { #Required - compartment_id = "${oci_core_subnet.oke-subnet-worker-1.compartment_id}" - vcn_id = "${oci_core_subnet.oke-subnet-worker-1.vcn_id}" + compartment_id = oci_core_subnet.oke-subnet-worker-1.compartment_id + vcn_id = oci_core_subnet.oke-subnet-worker-1.vcn_id } # Print out the VCN objects that were created. output "Compartments" { - value = "${data.oci_identity_compartments.oke-compartment.compartments}" + value = data.oci_identity_compartments.oke-compartment.compartments } output "VCN" { - value = "${data.oci_core_virtual_networks.oke-vcns.virtual_networks}" + value = data.oci_core_virtual_networks.oke-vcns.virtual_networks } output "InternetGateway" { - value = "${data.oci_core_internet_gateways.oke-igateways.gateways}" + value = data.oci_core_internet_gateways.oke-igateways.gateways } output "RouteTables" { - value = "${data.oci_core_route_tables.oke_route_tables.route_tables}" + value = data.oci_core_route_tables.oke_route_tables.route_tables } output "DHCPOptions" { - value = "${data.oci_core_dhcp_options.oke_dhcp_options.options}" + value = data.oci_core_dhcp_options.oke_dhcp_options.options } output "SecurityLists" { - value = "${data.oci_core_security_lists.oke_security_lists.security_lists}" + value = data.oci_core_security_lists.oke_security_lists.security_lists } output "Subnets" { - value = "${data.oci_core_subnets.oke_subnets.subnets}" + value = data.oci_core_subnets.oke_subnets.subnets } + diff --git a/integration-tests/src/test/resources/oke/terraform/twoclusters/versions.tf b/integration-tests/src/test/resources/oke/terraform/twoclusters/versions.tf new file mode 100644 index 00000000000..bdcdcc3861c --- /dev/null +++ b/integration-tests/src/test/resources/oke/terraform/twoclusters/versions.tf @@ -0,0 +1,8 @@ +/* + * Copyright (c) 2021, Oracle and/or its affiliates. + * Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +terraform { + required_version = ">= 0.12" +} diff --git a/integration-tests/src/test/resources/oke/terraform/vcn.tf b/integration-tests/src/test/resources/oke/terraform/vcn.tf index b8c547ad74e..c605250e88d 100755 --- a/integration-tests/src/test/resources/oke/terraform/vcn.tf +++ b/integration-tests/src/test/resources/oke/terraform/vcn.tf @@ -4,10 +4,16 @@ */ // Compartment in which to create the cluster resources. -variable "compartment_name" {} -variable "compartment_ocid" {} +variable "compartment_name" { +} + +variable "compartment_ocid" { +} + +variable "vcn_cidr_prefix" { + default = "10.0" +} -variable vcn_cidr_prefix { default = "10.0" } variable "vcn_cidr" { default = "10.0.0.0/16" } @@ -20,9 +26,9 @@ variable "vcn_cidr" { * The creation of the vcn also creates the default route table, security list, and dhcp options. */ resource "oci_core_virtual_network" "oke-vcn" { - cidr_block = "${var.vcn_cidr}" + cidr_block = var.vcn_cidr dns_label = "${var.cluster_name}vcn" - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}_vcn" } @@ -30,9 +36,9 @@ resource "oci_core_virtual_network" "oke-vcn" { * An internet gateway is created in the relevant compartment attached to the created VCN. */ resource "oci_core_internet_gateway" "oke-igateway" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-igateway" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + vcn_id = oci_core_virtual_network.oke-vcn.id } /* @@ -41,12 +47,12 @@ resource "oci_core_internet_gateway" "oke-igateway" { */ resource "oci_core_default_route_table" "oke-default-route-table" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_route_table_id display_name = "${var.cluster_name}-default-route-table" route_rules { cidr_block = "0.0.0.0/0" - network_entity_id = "${oci_core_internet_gateway.oke-igateway.id}" + network_entity_id = oci_core_internet_gateway.oke-igateway.id } } @@ -54,7 +60,7 @@ resource "oci_core_default_route_table" "oke-default-route-table" { * Configures the default dhcp options object that was created along with the VCN. */ resource "oci_core_default_dhcp_options" "oke-default-dhcp-options" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id display_name = "${var.cluster_name}-default-dhcp-options" # required @@ -68,7 +74,7 @@ resource "oci_core_default_dhcp_options" "oke-default-dhcp-options" { * Configures the default security list. */ resource "oci_core_default_security_list" "oke-default-security-list" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_security_list_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_security_list_id display_name = "${var.cluster_name}-default-security-list" // allow outbound tcp traffic on all ports @@ -79,13 +85,13 @@ resource "oci_core_default_security_list" "oke-default-security-list" { // allow inbound ssh traffic ingress_security_rules { - protocol = "6" // tcp + protocol = "6" // tcp source = "0.0.0.0/0" stateless = false tcp_options { - "min" = 22 - "max" = 22 + min = 22 + max = 22 } } @@ -95,8 +101,8 @@ resource "oci_core_default_security_list" "oke-default-security-list" { source = "0.0.0.0/0" icmp_options { - "type" = 3 - "code" = 4 + type = 3 + code = 4 } } } @@ -110,190 +116,186 @@ resource "oci_core_default_security_list" "oke-default-security-list" { * - Conatins two ingress rules to allow SSH traffic from OCI Cluster service. */ resource "oci_core_security_list" "oke-worker-security-list" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-Workers-SecList" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - - egress_security_rules = [ - { - destination = "0.0.0.0/0" - protocol = "6" // outbound TCP to the internet - stateless = false - }, - { - destination = "${var.vcn_cidr_prefix}.10.0/24" - protocol = "all" - stateless = true - }, - { - destination = "${var.vcn_cidr_prefix}.11.0/24" - protocol = "all" - stateless = true - }, - { - destination = "${var.vcn_cidr_prefix}.12.0/24" - protocol = "all" - stateless = true - }, - { - protocol = "6" // tcp - destination = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 2048 - "max" = 2050 - } - } - }, - { - protocol = "6" // tcp - destination = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 111 - "max" = 111 - } - } - }, - { - protocol = "17" // udp - destination = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - udp_options { - source_port_range { - "min" = 111 - "max" = 111 - } - } - }, - ] - - ingress_security_rules = [ - { - # Intra VCN traffic - this lets the 3 subnets in teh 3 ADs tak to each other without restriction. - # These are stateless, so they need to be accompanied by stateless egress rules. - stateless = true - - protocol = "all" - source = "${var.vcn_cidr_prefix}.10.0/24" - }, - { - stateless = true - protocol = "all" - source = "${var.vcn_cidr_prefix}.11.0/24" - }, - { - stateless = true - protocol = "all" - source = "${var.vcn_cidr_prefix}.12.0/24" - }, - { - # ICMP - protocol = 1 - source = "0.0.0.0/0" - - icmp_options { - "type" = 3 - "code" = 4 + vcn_id = oci_core_virtual_network.oke-vcn.id + + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" // outbound TCP to the internet + stateless = false + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.10.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.11.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.12.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + protocol = "6" // tcp + destination = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 2048 + max = 2050 } - }, - { - # OCI Cluster service - protocol = "6" // tcp - source = "130.35.0.0/16" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 + } + } + egress_security_rules { + protocol = "6" // tcp + destination = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 111 + max = 111 } - }, - { - protocol = "6" // tcp - source = "138.1.0.0/17" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 + } + } + egress_security_rules { + protocol = "17" // udp + destination = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + udp_options { + source_port_range { + min = 111 + max = 111 } - }, + } + } + + ingress_security_rules { + # Intra VCN traffic - this lets the 3 subnets in teh 3 ADs tak to each other without restriction. + # These are stateless, so they need to be accompanied by stateless egress rules. + stateless = true + + protocol = "all" + source = "${var.vcn_cidr_prefix}.10.0/24" + } + ingress_security_rules { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.11.0/24" + } + ingress_security_rules { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.12.0/24" + } + ingress_security_rules { + # ICMP + protocol = 1 + source = "0.0.0.0/0" + + icmp_options { + type = 3 + code = 4 + } + } + ingress_security_rules { + # OCI Cluster service + protocol = "6" // tcp + source = "130.35.0.0/16" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "138.1.0.0/17" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { # NodePort ingress rules - { - protocol = "6" // tcp - source = "0.0.0.0/0" - stateless = true - - tcp_options { - "min" = 30000 - "max" = 32767 - } - }, - { - protocol = "6" // tcp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 2048 - "max" = 2050 - } - } - }, - { - protocol = "6" // tcp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - tcp_options { - source_port_range { - "min" = 111 - "max" = 111 - } - } - }, - { - protocol = "17" // udp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - udp_options { - source_port_range { - "min" = 111 - "max" = 111 + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = true + + tcp_options { + min = 30000 + max = 32767 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 2048 + max = 2050 } + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + tcp_options { + source_port_range { + min = 111 + max = 111 } - }, - { - protocol = "17" // udp - source = "${var.vcn_cidr_prefix}.0.0/16" - stateless = true - - udp_options { - source_port_range { - "min" = 2048 - "max" = 2048 + } + } + ingress_security_rules { + protocol = "17" // udp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + udp_options { + source_port_range { + min = 111 + max = 111 } + } + } + ingress_security_rules { + protocol = "17" // udp + source = "${var.vcn_cidr_prefix}.0.0/16" + stateless = true + + udp_options { + source_port_range { + min = 2048 + max = 2048 } - }, + } + } + ingress_security_rules { # SSH Stateful ingress rules - { - protocol = "6" // tcp - source = "0.0.0.0/0" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 - } - }, - ] + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } } /* @@ -301,25 +303,21 @@ resource "oci_core_security_list" "oke-worker-security-list" { * - Allows all TCP traffic in/out. */ resource "oci_core_security_list" "oke-lb-security-list" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-LoadBalancers-SecList" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - - egress_security_rules = [ - { - destination = "0.0.0.0/0" - protocol = "6" - stateless = true - }, - ] - - ingress_security_rules = [ - { - protocol = "6" - source = "0.0.0.0/0" - stateless = true - }, - ] + vcn_id = oci_core_virtual_network.oke-vcn.id + + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + stateless = true + } + + ingress_security_rules { + protocol = "6" + source = "0.0.0.0/0" + stateless = true + } } /* @@ -347,63 +345,63 @@ resource "oci_core_security_list" "oke-lb-security-list" { */ resource "oci_core_subnet" "oke-subnet-worker-1" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] cidr_block = "${var.vcn_cidr_prefix}.10.0/24" display_name = "${var.cluster_name}-WorkerSubnet01" dns_label = "workers01" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-worker-2" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] cidr_block = "${var.vcn_cidr_prefix}.11.0/24" display_name = "${var.cluster_name}-WorkerSubnet02" dns_label = "workers02" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-worker-3" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[2]["name"] cidr_block = "${var.vcn_cidr_prefix}.12.0/24" display_name = "${var.cluster_name}-WorkerSubnet03" dns_label = "workers03" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-loadbalancer-1" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] cidr_block = "${var.vcn_cidr_prefix}.20.0/24" display_name = "${var.cluster_name}-LB-Subnet01" dns_label = "lb01" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-lb-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-loadbalancer-2" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] cidr_block = "${var.vcn_cidr_prefix}.21.0/24" display_name = "${var.cluster_name}-LB-Subnet02" dns_label = "lb02" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-lb-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } /** @@ -411,85 +409,86 @@ resource "oci_core_subnet" "oke-subnet-loadbalancer-2" { * Using any compartment id in this tennancy should also work just as well. */ data "oci_identity_availability_domains" "ADs" { - compartment_id = "${var.tenancy_ocid}" + compartment_id = var.tenancy_ocid } /* * Query the compartment we created (or re-used) */ data "oci_identity_compartments" "oke-compartment" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid filter { name = "name" - values = ["${var.compartment_name}"] + values = [var.compartment_name] } } data "oci_core_virtual_networks" "oke-vcns" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id #Filter - display_name = "${oci_core_virtual_network.oke-vcn.display_name}" + display_name = oci_core_virtual_network.oke-vcn.display_name } data "oci_core_internet_gateways" "oke-igateways" { #Required - compartment_id = "${oci_core_internet_gateway.oke-igateway.compartment_id}" - vcn_id = "${oci_core_internet_gateway.oke-igateway.vcn_id}" + compartment_id = oci_core_internet_gateway.oke-igateway.compartment_id + vcn_id = oci_core_internet_gateway.oke-igateway.vcn_id } data "oci_core_route_tables" "oke_route_tables" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id + vcn_id = oci_core_virtual_network.oke-vcn.id } data "oci_core_dhcp_options" "oke_dhcp_options" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id + vcn_id = oci_core_virtual_network.oke-vcn.id } data "oci_core_security_lists" "oke_security_lists" { #Required - compartment_id = "${oci_core_security_list.oke-worker-security-list.compartment_id}" - vcn_id = "${oci_core_security_list.oke-worker-security-list.vcn_id}" + compartment_id = oci_core_security_list.oke-worker-security-list.compartment_id + vcn_id = oci_core_security_list.oke-worker-security-list.vcn_id } data "oci_core_subnets" "oke_subnets" { #Required - compartment_id = "${oci_core_subnet.oke-subnet-worker-1.compartment_id}" - vcn_id = "${oci_core_subnet.oke-subnet-worker-1.vcn_id}" + compartment_id = oci_core_subnet.oke-subnet-worker-1.compartment_id + vcn_id = oci_core_subnet.oke-subnet-worker-1.vcn_id } # Print out the VCN objects that were created. output "Compartments" { - value = "${data.oci_identity_compartments.oke-compartment.compartments}" + value = data.oci_identity_compartments.oke-compartment.compartments } output "VCN" { - value = "${data.oci_core_virtual_networks.oke-vcns.virtual_networks}" + value = data.oci_core_virtual_networks.oke-vcns.virtual_networks } output "InternetGateway" { - value = "${data.oci_core_internet_gateways.oke-igateways.gateways}" + value = data.oci_core_internet_gateways.oke-igateways.gateways } output "RouteTables" { - value = "${data.oci_core_route_tables.oke_route_tables.route_tables}" + value = data.oci_core_route_tables.oke_route_tables.route_tables } output "DHCPOptions" { - value = "${data.oci_core_dhcp_options.oke_dhcp_options.options}" + value = data.oci_core_dhcp_options.oke_dhcp_options.options } output "SecurityLists" { - value = "${data.oci_core_security_lists.oke_security_lists.security_lists}" + value = data.oci_core_security_lists.oke_security_lists.security_lists } output "Subnets" { - value = "${data.oci_core_subnets.oke_subnets.subnets}" + value = data.oci_core_subnets.oke_subnets.subnets } + diff --git a/integration-tests/src/test/resources/oke/terraform/versions.tf b/integration-tests/src/test/resources/oke/terraform/versions.tf new file mode 100644 index 00000000000..bdcdcc3861c --- /dev/null +++ b/integration-tests/src/test/resources/oke/terraform/versions.tf @@ -0,0 +1,8 @@ +/* + * Copyright (c) 2021, Oracle and/or its affiliates. + * Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +terraform { + required_version = ">= 0.12" +} diff --git a/kubernetes/samples/scripts/terraform/cluster.tf b/kubernetes/samples/scripts/terraform/cluster.tf index f4acfbb272a..7d1c5ea700f 100644 --- a/kubernetes/samples/scripts/terraform/cluster.tf +++ b/kubernetes/samples/scripts/terraform/cluster.tf @@ -2,61 +2,101 @@ # Copyright (c) 2018, 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. */ -variable "cluster_kubernetes_version" { default = "v1.11.5" } -variable "cluster_name" { default = "tfTestCluster" } -variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { default = true } -variable "cluster_options_add_ons_is_tiller_enabled" { default = true } -variable "cluster_options_kubernetes_network_config_pods_cidr" { default = "10.1.0.0/16" } -variable "cluster_options_kubernetes_network_config_services_cidr" { default = "10.2.0.0/16" } -variable "node_pool_initial_node_labels_key" { default = "key" } -variable "node_pool_initial_node_labels_value" { default = "value" } -variable "node_pool_kubernetes_version" { default = "v1.11.5" } -variable "node_pool_name" { default = "tfTestCluster_workers" } -variable "node_pool_node_image_name" { default = "Oracle-Linux-7.4" } -variable "node_pool_node_shape" { default = "VM.Standard2.1" } -variable "node_pool_quantity_per_subnet" { default = 2 } -variable "node_pool_ssh_public_key" { } +variable "cluster_kubernetes_version" { + default = "v1.17.9" +} -data "oci_identity_availability_domains" "tfsample_availability_domains" { - compartment_id = "${var.compartment_ocid}" +variable "cluster_name" { + default = "tfTestCluster" +} + +variable "cluster_options_add_ons_is_kubernetes_dashboard_enabled" { + default = true +} + +variable "cluster_options_add_ons_is_tiller_enabled" { + default = true +} + +variable "cluster_options_kubernetes_network_config_pods_cidr" { + default = "10.1.0.0/16" } +variable "cluster_options_kubernetes_network_config_services_cidr" { + default = "10.2.0.0/16" +} + +variable "node_pool_initial_node_labels_key" { + default = "key" +} + +variable "node_pool_initial_node_labels_value" { + default = "value" +} + +variable "node_pool_kubernetes_version" { + default = "v1.17.9" +} + +variable "node_pool_name" { + default = "tfTestCluster_workers" +} + +variable "node_pool_node_image_name" { + default = "Oracle-Linux-7.4" +} + +variable "node_pool_node_shape" { + default = "VM.Standard2.1" +} + +variable "node_pool_quantity_per_subnet" { + default = 2 +} + +variable "node_pool_ssh_public_key" { +} + +data "oci_identity_availability_domains" "tfsample_availability_domains" { + compartment_id = var.compartment_ocid +} resource "oci_containerengine_cluster" "tfsample_cluster" { #Required - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.cluster_kubernetes_version}" - name = "${var.cluster_name}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = var.compartment_ocid + kubernetes_version = var.cluster_kubernetes_version + name = var.cluster_name + vcn_id = oci_core_virtual_network.oke-vcn.id #Optional options { - service_lb_subnet_ids = ["${oci_core_subnet.oke-subnet-loadbalancer-1.id}", "${oci_core_subnet.oke-subnet-loadbalancer-2.id}"] + service_lb_subnet_ids = [oci_core_subnet.oke-subnet-loadbalancer-1.id, oci_core_subnet.oke-subnet-loadbalancer-2.id] #Optional add_ons { #Optional - is_kubernetes_dashboard_enabled = "${var.cluster_options_add_ons_is_kubernetes_dashboard_enabled}" - is_tiller_enabled = "${var.cluster_options_add_ons_is_tiller_enabled}" + is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled + is_tiller_enabled = var.cluster_options_add_ons_is_tiller_enabled } } } resource "oci_containerengine_node_pool" "tfsample_node_pool" { - #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster.id}" - compartment_id = "${var.compartment_ocid}" - kubernetes_version = "${var.node_pool_kubernetes_version}" - name = "${var.node_pool_name}" - node_image_name = "${var.node_pool_node_image_name}" - node_shape = "${var.node_pool_node_shape}" - subnet_ids = ["${oci_core_subnet.oke-subnet-worker-1.id}", "${oci_core_subnet.oke-subnet-worker-2.id}","${oci_core_subnet.oke-subnet-worker-3.id}"] + #Required + cluster_id = oci_containerengine_cluster.tfsample_cluster.id + compartment_id = var.compartment_ocid + kubernetes_version = var.node_pool_kubernetes_version + name = var.node_pool_name + node_image_name = var.node_pool_node_image_name + node_shape = var.node_pool_node_shape + subnet_ids = [oci_core_subnet.oke-subnet-worker-1.id, oci_core_subnet.oke-subnet-worker-2.id, oci_core_subnet.oke-subnet-worker-3.id] - #Optional - quantity_per_subnet = "${var.node_pool_quantity_per_subnet}" - ssh_public_key = "${var.node_pool_ssh_public_key}" + #Optional + quantity_per_subnet = var.node_pool_quantity_per_subnet + ssh_public_key = var.node_pool_ssh_public_key } output "cluster_id" { - value = "${oci_containerengine_cluster.tfsample_cluster.id}" + value = oci_containerengine_cluster.tfsample_cluster.id } + diff --git a/kubernetes/samples/scripts/terraform/kube_config.tf b/kubernetes/samples/scripts/terraform/kube_config.tf index 834336a702f..d03d0cf422f 100644 --- a/kubernetes/samples/scripts/terraform/kube_config.tf +++ b/kubernetes/samples/scripts/terraform/kube_config.tf @@ -3,15 +3,21 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. */ -variable "cluster_kube_config_expiration" { default = 2592000 } -variable "cluster_kube_config_token_version" { default = "1.0.0" } +variable "cluster_kube_config_expiration" { + default = 2592000 +} + +variable "cluster_kube_config_token_version" { + default = "2.0.0" +} data "oci_containerengine_cluster_kube_config" "tfsample_cluster_kube_config" { #Required - cluster_id = "${oci_containerengine_cluster.tfsample_cluster.id}" + cluster_id = oci_containerengine_cluster.tfsample_cluster.id } resource "local_file" "tfsample_cluster_kube_config_file" { - content = "${data.oci_containerengine_cluster_kube_config.tfsample_cluster_kube_config.content}" + content = data.oci_containerengine_cluster_kube_config.tfsample_cluster_kube_config.content filename = "${path.module}/${var.cluster_name}_kubeconfig" } + diff --git a/kubernetes/samples/scripts/terraform/oke.create.sh b/kubernetes/samples/scripts/terraform/oke.create.sh index 520bcbdac5a..15b62e8e5d4 100755 --- a/kubernetes/samples/scripts/terraform/oke.create.sh +++ b/kubernetes/samples/scripts/terraform/oke.create.sh @@ -32,11 +32,11 @@ function setupTerraform () { mkdir ${terraformDir} cd ${terraformDir} if [[ "${OSTYPE}" == "darwin"* ]]; then - curl -O https://releases.hashicorp.com/terraform/0.11.10/terraform_0.11.10_darwin_amd64.zip - unzip terraform_0.11.10_darwin_amd64.zip + curl -O https://releases.hashicorp.com/terraform/0.11.15/terraform_0.12.31_darwin_amd64.zip + unzip terraform_0.12.31_darwin_amd64.zip elif [[ "${OSTYPE}" == "linux"* ]]; then - curl -LO --retry 3 https://releases.hashicorp.com/terraform/0.11.8/terraform_0.11.8_linux_amd64.zip - unzip -o terraform_0.11.8_linux_amd64.zip -d ${terraformDir} + curl -LO --retry 3 https://releases.hashicorp.com/terraform/0.12.31/terraform_0.12.31_linux_amd64.zip + unzip -o terraform_0.12.31_linux_amd64.zip -d ${terraformDir} else echo "Unsupported OS" fi diff --git a/kubernetes/samples/scripts/terraform/provider.tf b/kubernetes/samples/scripts/terraform/provider.tf index 2cb97755e6f..9db3e2ed1e3 100644 --- a/kubernetes/samples/scripts/terraform/provider.tf +++ b/kubernetes/samples/scripts/terraform/provider.tf @@ -5,17 +5,28 @@ */ // These variables would commonly be defined as environment variables or sourced in a .env file -variable "tenancy_ocid" {} -variable "user_ocid" {} -variable "fingerprint" {} -variable "private_key_path" {} -variable "region" { default = "us-phoenix-1" } +variable "tenancy_ocid" { +} + +variable "user_ocid" { +} + +variable "fingerprint" { +} + +variable "private_key_path" { +} + +variable "region" { + default = "us-phoenix-1" +} provider "oci" { version = ">= 3.0.0" - region = "${var.region}" - tenancy_ocid = "${var.tenancy_ocid}" - user_ocid = "${var.user_ocid}" - fingerprint = "${var.fingerprint}" - private_key_path = "${var.private_key_path}" + region = var.region + tenancy_ocid = var.tenancy_ocid + user_ocid = var.user_ocid + fingerprint = var.fingerprint + private_key_path = var.private_key_path } + diff --git a/kubernetes/samples/scripts/terraform/vcn.tf b/kubernetes/samples/scripts/terraform/vcn.tf index ea3d0c97e5f..3e66745126f 100644 --- a/kubernetes/samples/scripts/terraform/vcn.tf +++ b/kubernetes/samples/scripts/terraform/vcn.tf @@ -4,10 +4,16 @@ */ // Compartment in which to create the cluster resources. -variable "compartment_name" {} -variable "compartment_ocid" {} +variable "compartment_name" { +} + +variable "compartment_ocid" { +} + +variable "vcn_cidr_prefix" { + default = "10.0" +} -variable vcn_cidr_prefix { default = "10.0" } variable "vcn_cidr" { default = "10.0.0.0/16" } @@ -20,9 +26,9 @@ variable "vcn_cidr" { * The creation of the vcn also creates the default route table, security list, and dhcp options. */ resource "oci_core_virtual_network" "oke-vcn" { - cidr_block = "${var.vcn_cidr}" + cidr_block = var.vcn_cidr dns_label = "${var.cluster_name}vcn" - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}_vcn" } @@ -30,9 +36,9 @@ resource "oci_core_virtual_network" "oke-vcn" { * An internet gateway is created in the relevant compartment attached to the created VCN. */ resource "oci_core_internet_gateway" "oke-igateway" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-igateway" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + vcn_id = oci_core_virtual_network.oke-vcn.id } /* @@ -41,12 +47,12 @@ resource "oci_core_internet_gateway" "oke-igateway" { */ resource "oci_core_default_route_table" "oke-default-route-table" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_route_table_id display_name = "${var.cluster_name}-default-route-table" route_rules { cidr_block = "0.0.0.0/0" - network_entity_id = "${oci_core_internet_gateway.oke-igateway.id}" + network_entity_id = oci_core_internet_gateway.oke-igateway.id } } @@ -54,7 +60,7 @@ resource "oci_core_default_route_table" "oke-default-route-table" { * Configures the default dhcp options object that was created along with the VCN. */ resource "oci_core_default_dhcp_options" "oke-default-dhcp-options" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id display_name = "${var.cluster_name}-default-dhcp-options" # required @@ -68,7 +74,7 @@ resource "oci_core_default_dhcp_options" "oke-default-dhcp-options" { * Configures the default security list. */ resource "oci_core_default_security_list" "oke-default-security-list" { - manage_default_resource_id = "${oci_core_virtual_network.oke-vcn.default_security_list_id}" + manage_default_resource_id = oci_core_virtual_network.oke-vcn.default_security_list_id display_name = "${var.cluster_name}-default-security-list" // allow outbound tcp traffic on all ports @@ -79,13 +85,13 @@ resource "oci_core_default_security_list" "oke-default-security-list" { // allow inbound ssh traffic ingress_security_rules { - protocol = "6" // tcp + protocol = "6" // tcp source = "0.0.0.0/0" stateless = false tcp_options { - "min" = 22 - "max" = 22 + min = 22 + max = 22 } } @@ -95,8 +101,8 @@ resource "oci_core_default_security_list" "oke-default-security-list" { source = "0.0.0.0/0" icmp_options { - "type" = 3 - "code" = 4 + type = 3 + code = 4 } } } @@ -110,106 +116,102 @@ resource "oci_core_default_security_list" "oke-default-security-list" { * - Conatins two ingress rules to allow SSH traffic from OCI Cluster service. */ resource "oci_core_security_list" "oke-worker-security-list" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-Workers-SecList" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - - egress_security_rules = [ - { - destination = "0.0.0.0/0" - protocol = "6" // outbound TCP to the internet - stateless = false - }, - { - destination = "${var.vcn_cidr_prefix}.10.0/24" - protocol = "all" - stateless = true - }, - { - destination = "${var.vcn_cidr_prefix}.11.0/24" - protocol = "all" - stateless = true - }, - { - destination = "${var.vcn_cidr_prefix}.12.0/24" - protocol = "all" - stateless = true - }, - ] - - ingress_security_rules = [ - { - # Intra VCN traffic - this lets the 3 subnets in teh 3 ADs tak to each other without restriction. - # These are stateless, so they need to be accompanied by stateless egress rules. - stateless = true - - protocol = "all" - source = "${var.vcn_cidr_prefix}.10.0/24" - }, - { - stateless = true - protocol = "all" - source = "${var.vcn_cidr_prefix}.11.0/24" - }, - { - stateless = true - protocol = "all" - source = "${var.vcn_cidr_prefix}.12.0/24" - }, - { - # ICMP - protocol = 1 - source = "0.0.0.0/0" - - icmp_options { - "type" = 3 - "code" = 4 - } - }, - { - # OCI Cluster service - protocol = "6" // tcp - source = "130.35.0.0/16" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 - } - }, - { - protocol = "6" // tcp - source = "138.1.0.0/17" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 - } - }, + vcn_id = oci_core_virtual_network.oke-vcn.id + + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" // outbound TCP to the internet + stateless = false + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.10.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.11.0/24" + protocol = "all" + stateless = true + } + egress_security_rules { + destination = "${var.vcn_cidr_prefix}.12.0/24" + protocol = "all" + stateless = true + } + + ingress_security_rules { + # Intra VCN traffic - this lets the 3 subnets in teh 3 ADs tak to each other without restriction. + # These are stateless, so they need to be accompanied by stateless egress rules. + stateless = true + + protocol = "all" + source = "${var.vcn_cidr_prefix}.10.0/24" + } + ingress_security_rules { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.11.0/24" + } + ingress_security_rules { + stateless = true + protocol = "all" + source = "${var.vcn_cidr_prefix}.12.0/24" + } + ingress_security_rules { + # ICMP + protocol = 1 + source = "0.0.0.0/0" + + icmp_options { + type = 3 + code = 4 + } + } + ingress_security_rules { + # OCI Cluster service + protocol = "6" // tcp + source = "130.35.0.0/16" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { + protocol = "6" // tcp + source = "138.1.0.0/17" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } + ingress_security_rules { # NodePort ingress rules - { - protocol = "6" // tcp - source = "0.0.0.0/0" - stateless = true - - tcp_options { - "min" = 30000 - "max" = 32767 - } - }, + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = true + + tcp_options { + min = 30000 + max = 32767 + } + } + ingress_security_rules { # SSH Stateful ingress rules - { - protocol = "6" // tcp - source = "0.0.0.0/0" - stateless = false - - tcp_options { - "min" = 22 - "max" = 22 - } - }, - ] + protocol = "6" // tcp + source = "0.0.0.0/0" + stateless = false + + tcp_options { + min = 22 + max = 22 + } + } } /* @@ -217,25 +219,21 @@ resource "oci_core_security_list" "oke-worker-security-list" { * - Allows all TCP traffic in/out. */ resource "oci_core_security_list" "oke-lb-security-list" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid display_name = "${var.cluster_name}-LoadBalancers-SecList" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - - egress_security_rules = [ - { - destination = "0.0.0.0/0" - protocol = "6" - stateless = true - }, - ] - - ingress_security_rules = [ - { - protocol = "6" - source = "0.0.0.0/0" - stateless = true - }, - ] + vcn_id = oci_core_virtual_network.oke-vcn.id + + egress_security_rules { + destination = "0.0.0.0/0" + protocol = "6" + stateless = true + } + + ingress_security_rules { + protocol = "6" + source = "0.0.0.0/0" + stateless = true + } } /* @@ -263,63 +261,63 @@ resource "oci_core_security_list" "oke-lb-security-list" { */ resource "oci_core_subnet" "oke-subnet-worker-1" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] cidr_block = "${var.vcn_cidr_prefix}.10.0/24" display_name = "${var.cluster_name}-WorkerSubnet01" dns_label = "workers01" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-worker-2" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] cidr_block = "${var.vcn_cidr_prefix}.11.0/24" display_name = "${var.cluster_name}-WorkerSubnet02" dns_label = "workers02" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-worker-3" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[2]["name"] cidr_block = "${var.vcn_cidr_prefix}.12.0/24" display_name = "${var.cluster_name}-WorkerSubnet03" dns_label = "workers03" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-worker-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-worker-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-loadbalancer-1" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[0]["name"] cidr_block = "${var.vcn_cidr_prefix}.20.0/24" display_name = "${var.cluster_name}-LB-Subnet01" dns_label = "lb01" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-lb-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } resource "oci_core_subnet" "oke-subnet-loadbalancer-2" { - availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}" + availability_domain = data.oci_identity_availability_domains.ADs.availability_domains[1]["name"] cidr_block = "${var.vcn_cidr_prefix}.21.0/24" display_name = "${var.cluster_name}-LB-Subnet02" dns_label = "lb02" - compartment_id = "${var.compartment_ocid}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" - security_list_ids = ["${oci_core_security_list.oke-lb-security-list.id}"] - route_table_id = "${oci_core_virtual_network.oke-vcn.default_route_table_id}" - dhcp_options_id = "${oci_core_virtual_network.oke-vcn.default_dhcp_options_id}" + compartment_id = var.compartment_ocid + vcn_id = oci_core_virtual_network.oke-vcn.id + security_list_ids = [oci_core_security_list.oke-lb-security-list.id] + route_table_id = oci_core_virtual_network.oke-vcn.default_route_table_id + dhcp_options_id = oci_core_virtual_network.oke-vcn.default_dhcp_options_id } /** @@ -327,85 +325,86 @@ resource "oci_core_subnet" "oke-subnet-loadbalancer-2" { * Using any compartment id in this tennancy should also work just as well. */ data "oci_identity_availability_domains" "ADs" { - compartment_id = "${var.tenancy_ocid}" + compartment_id = var.tenancy_ocid } /* * Query the compartment we created (or re-used) */ data "oci_identity_compartments" "oke-compartment" { - compartment_id = "${var.compartment_ocid}" + compartment_id = var.compartment_ocid filter { name = "name" - values = ["${var.compartment_name}"] + values = [var.compartment_name] } } data "oci_core_virtual_networks" "oke-vcns" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id #Filter - display_name = "${oci_core_virtual_network.oke-vcn.display_name}" + display_name = oci_core_virtual_network.oke-vcn.display_name } data "oci_core_internet_gateways" "oke-igateways" { #Required - compartment_id = "${oci_core_internet_gateway.oke-igateway.compartment_id}" - vcn_id = "${oci_core_internet_gateway.oke-igateway.vcn_id}" + compartment_id = oci_core_internet_gateway.oke-igateway.compartment_id + vcn_id = oci_core_internet_gateway.oke-igateway.vcn_id } data "oci_core_route_tables" "oke_route_tables" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id + vcn_id = oci_core_virtual_network.oke-vcn.id } data "oci_core_dhcp_options" "oke_dhcp_options" { #Required - compartment_id = "${oci_core_virtual_network.oke-vcn.compartment_id}" - vcn_id = "${oci_core_virtual_network.oke-vcn.id}" + compartment_id = oci_core_virtual_network.oke-vcn.compartment_id + vcn_id = oci_core_virtual_network.oke-vcn.id } data "oci_core_security_lists" "oke_security_lists" { #Required - compartment_id = "${oci_core_security_list.oke-worker-security-list.compartment_id}" - vcn_id = "${oci_core_security_list.oke-worker-security-list.vcn_id}" + compartment_id = oci_core_security_list.oke-worker-security-list.compartment_id + vcn_id = oci_core_security_list.oke-worker-security-list.vcn_id } data "oci_core_subnets" "oke_subnets" { #Required - compartment_id = "${oci_core_subnet.oke-subnet-worker-1.compartment_id}" - vcn_id = "${oci_core_subnet.oke-subnet-worker-1.vcn_id}" + compartment_id = oci_core_subnet.oke-subnet-worker-1.compartment_id + vcn_id = oci_core_subnet.oke-subnet-worker-1.vcn_id } # Print out the VCN objects that were created. output "Compartments" { - value = "${data.oci_identity_compartments.oke-compartment.compartments}" + value = data.oci_identity_compartments.oke-compartment.compartments } output "VCN" { - value = "${data.oci_core_virtual_networks.oke-vcns.virtual_networks}" + value = data.oci_core_virtual_networks.oke-vcns.virtual_networks } output "InternetGateway" { - value = "${data.oci_core_internet_gateways.oke-igateways.gateways}" + value = data.oci_core_internet_gateways.oke-igateways.gateways } output "RouteTables" { - value = "${data.oci_core_route_tables.oke_route_tables.route_tables}" + value = data.oci_core_route_tables.oke_route_tables.route_tables } output "DHCPOptions" { - value = "${data.oci_core_dhcp_options.oke_dhcp_options.options}" + value = data.oci_core_dhcp_options.oke_dhcp_options.options } output "SecurityLists" { - value = "${data.oci_core_security_lists.oke_security_lists.security_lists}" + value = data.oci_core_security_lists.oke_security_lists.security_lists } output "Subnets" { - value = "${data.oci_core_subnets.oke_subnets.subnets}" + value = data.oci_core_subnets.oke_subnets.subnets } + diff --git a/kubernetes/samples/scripts/terraform/versions.tf b/kubernetes/samples/scripts/terraform/versions.tf new file mode 100644 index 00000000000..bdcdcc3861c --- /dev/null +++ b/kubernetes/samples/scripts/terraform/versions.tf @@ -0,0 +1,8 @@ +/* + * Copyright (c) 2021, Oracle and/or its affiliates. + * Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +terraform { + required_version = ">= 0.12" +}