Versions Compared

Old Version 3

changes.mady.by.user Wei Siong Siow

Saved on

compared with

New Version Current

changes.mady.by.user linda wong

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
ALLOW any-user to manage network-security-groups in compartment <compartment-name> Team-Stratus where request.principal.type = 'cluster'
ALLOW any-user to manage vcns in compartment <compartment-name> where request.principal.type = 'cluster'
ALLOW any-user to manage virtual-network-family in compartment <compartment-name> where request.principal.type = 'cluster'

...

Use the IngressClass resource to associate an Ingress resource with the OCI native ingress controller and the IngressClassParameters resource.

Define the resource in a .yaml file named ingress-class.yaml as in the example below:

...

Note!

Starting from version 1.4.0, OCI Native Ingress Controller will start configuring NSG associations and tags for LoadBalancers managed by it. For all LoadBalancers managed by NIC that have NSG associations, add the “oci-native-ingress.oraclecloud.com/network-security-group-ids” annotation in the corresponding IngressClass resource to ensure NIC will retain them on upgrade.

Define the resource in a .yaml file named ingress-class.yaml as in the example below:

Code Block
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: native-ic-ingress-class
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"
    oci-native-ingress.oraclecloud.com/id: <loadbalancer_ocid from terraform output>
    oci-native-ingress.oraclecloud.com/network-security-group-ids: <native_ingress_controller_nsg_ocid from terraform output>
    oci-native-ingress.oraclecloud.com/delete-protection-enabled: "true"
spec:
  controller: oci.oraclecloud.com/native-ingress-controller
  parameters:
    scope: Namespace
    namespace: uepe
    apiGroup: ingress.oraclecloud.com
    kind: ingressclassparameters
    name: native-ic-params

...