...
We assume you have an existing parent domain i.e. example.com hosted on the same account as the cluster that we going to create in the coming section and you wish to access the cluster environment through the hostname. Terraform will create a subdomain in format
<cluster_name>.<domain>.cluster name: uepe-oke
domain: example.com
final domain: uepe-oke.example.com
In addition, we also assume terraform is allowed to add a NS (NameServer) record to the parent domain. This is to allow DNS delegation from the parent domain to subdomain.
Please note that in case your parent domain is not under the same account or your parent domain is hosted in another cloud provider, then you must set
auto_create_ns_recordto false in the terraform template to disable subdomain NS record auto creation in parent domain.The service hostname that created by Usage Engine Private Edition will be accessible in format
<service_name>.<cluster_name>.<domain>i.e. desktop-online.uepe-oke.example.com.Terraform needs to persist the state of your provisioned infrastructure, by default the state file is stored locally on the computer that terraform is executed from. However if you have multiple person working on the infrastructure then it is recommended to store the state file on remote persistent such as Object Storage, see https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformUsingObjectStore.htm for more information.
We use the OCI File System service (NFS) as the default persistent storage for data needs to be persisted.
We use the OCI Managed PostgreSQL service for Usage Engine Private Edition database.
User Principle is used through out the entire installation. User must get ready with the private key file locally. User may create and download the private key via OCI console, through Profile | My Profile | API keys | Add API key.
...
terraform.tfvars | Where to get the value from? |
|---|---|
| In the OCI management console, this is listed on |
| Fingerprint only available after user created the API keys. Refer to In the OCI management console, this is listed on |
| In the OCI management console, this is listed on |
| The full path to your private key file’s filename. To create and download your private key, go to |
| The region in which you will install your cluster. (for example |
| A name for your cluster. Cluster names must start with a lowercase letter followed by up to 39 lowercase letters, numbers or hyphens. They can't end with a hyphen. The cluster name must be unique in the project. |
| Your existing domain name. In the OCI management console, this is the DNS name that is listed on page The service hostname that created by Usage Engine Private Edition will be accessible in format |
| version for kubernetes in alpha numeric string (for example “ |
| Number of cluster nodes in numeric (for example “ |
| Availability domain name for the cluster. (for example |
| Choose a secure password for the system database administrator. Minimum 10 characters. |
| Database version in numeric string (for example “ |
| OCID of the image to be used for worker node instance creation. To find out available image under your compartment, use command |
| Boolean flag to enable cloud SQL database resource creation. |
| Boolean flag to enable file storage resource creation. It is false by default. Set to true if persistent file storage is needed. |
| Boolean flag to enable subdomain NS record auto creation in parent domain. In case your parent domain is not under the same compartment or your parent domain is hosted in another cloud provider, then you must set it to false. |
Example:
| Code Block | ||
|---|---|---|
| ||
# ____ _____ _____ _____ _ _ _____ ____ _____ # / ___|| ____|_ _| |_ _| | | | ____/ ___|| ____|_ # \___ \| _| | | | | | |_| | _| \___ \| _| (_) # ___) | |___ | | | | | _ | |___ ___) | |___ _ # |____/|_____| |_| |_| |_| |_|_____|____/|_____(_) # The below values must be set explicitly in order for the setup to work correctly. tenancy_ocid = "ocid1.tenancy.oc1..aaaaaaaamnl7f7t2yrlas2si7b5hpo6t23dqi6mjo3eot6ijl2nqcog5h6ha" fingerprint = "7d:67:b3:9d:a3:8f:6d:37:f3:e9:7d:e5:45:ec:df:56" user_ocid = "ocid1.user.oc1..aaaaaaaauhk3uhiryg7sw2xjmvf45zasduqwr2cium53gmdxwipe4iqdrfuq" private_key_path = "/Users/kamheng.choy/Downloads/kamheng.choy@digitalroute.com_2024-04-07T10_07_56.490Z.pem" # Deployment compartment compartment_ocid = "ocid1.compartment.oc1..aaaaaaaa56wmblidgvvicamsqkf7sqcqu5yxdhvu3wlvomzgonhflcrv6kcq" # region region = "eu-frankfurt-1" # Name of the cluster, it must be unique in the project. cluster_name = "test-uepe-cluster-1" # Domain DNS name # We'll create a subdomain zone from parent domain, the final domain will be in format "<cluster_name>.<domain>". # Please note that if this domain is hosted on another OCI project or other cloud provider, then you must # set auto_create_ns_record = false and manually add the subdomain NS record to the parent domain. # auto_create_ns_record = false domain = "stratus.oci.digitalroute.net" # Admin user password to the database db_password = "Password123$" # _______ _______ _ _ __ _ ____ _ _____ # |_ _\ \ / / ____| / \ | |/ / / \ | __ )| | | ____|_ # | | \ \ /\ / /| _| / _ \ | ' / / _ \ | _ \| | | _| (_) # | | \ V V / | |___ / ___ \| . \ / ___ \| |_) | |___| |___ _ # |_| \_/\_/ |_____/_/ \_\_|\_\/_/ \_\____/|_____|_____(_) # The below sections are the default values, tweak them to your needs. # Kubernetes version kubernetes_version = "v1.29.1" # Number of nodes per cluster oke_num_nodes = 3 # Worker node machine type node_pool_shape = "VM.Standard.E4.Flex" oke_availability_domain = "Vafx:EU-FRANKFURT-1-AD-1" oke_image_id = "ocid1.image.oc1.eu-frankfurt-1.aaaaaaaapwbqurbd2hpmj2at354r3dkok4o4644am4hwgdagoekpcaon7shq" # IP CIDR range allocate to the control plane vcn_cidr_blocks = "10.0.0.0/16" # Network file system (NFS) persistent storage fss_enabled = true filestore_availability_domain = "Vafx:EU-FRANKFURT-1-AD-1" # Cloud SQL database db_enabled = true # DB instance type db_instance_shape = "PostgreSQL.VM.Standard.E4.Flex.4.64GB" # DB version db_version = "14" |
...