Skip to content

Commit

Permalink
Merge pull request #19 from junior/5G-example
Browse files Browse the repository at this point in the history 
support to create extra subnets externally with oke
  • Loading branch information
@junior
junior authored Dec 2, 2022
2 parents 687ab9d + a8c89e5 commit 4af1e83
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 12 deletions.
2 changes: 1 addition & 1 deletion VERSION
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
0.8.6
0.8.7
15 changes: 9 additions & 6 deletions defaults.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ locals {
# node_pool_node_shape_config_memory_in_gbs = 1
# node_pool_boot_volume_size_in_gbs = "100"
# existent_oke_nodepool_id_for_autoscaler = null
# node_pool_alternative_subnet = null # Optional, name of previously created subnet
# image_operating_system = null
# image_operating_system_version = null
# extra_initial_node_labels = [{ key = "app.pixel/gpu", value = "true" }]
Expand All @@ -94,14 +95,16 @@ locals {
# {
# subnet_name = "opensearch_subnet"
# cidr_block = cidrsubnet(local.vcn_cidr_blocks[0], 8, 35) # e.g.: "10.20.35.0/24" = 254 usable IPs (10.20.35.0 - 10.20.35.255)
# display_name = "OCI OpenSearch Service subnet (${local.deploy_id})"
# dns_label = "opensearch${local.deploy_id}"
# display_name = "OCI OpenSearch Service subnet (${local.deploy_id})" # If null, is autogenerated
# dns_label = "opensearch${local.deploy_id}" # If null, disable dns label
# prohibit_public_ip_on_vnic = false
# prohibit_internet_ingress = false
# route_table_id = module.route_tables["public"].route_table_id
# dhcp_options_id = module.vcn.default_dhcp_options_id
# security_list_ids = [module.security_lists["opensearch_security_list"].security_list_id]
# ipv6cidr_block = null
# route_table_id = module.route_tables["public"].route_table_id # If null, the VCN's default route table is used
# alternative_route_table = null # Optional, Name of the previously created route table
# dhcp_options_id = module.vcn.default_dhcp_options_id # If null, the VCN's default set of DHCP options is used
# security_list_ids = [module.security_lists["opensearch_security_list"].security_list_id] # If null, the VCN's default security list is used
# alternative_security_list = null # Optional, Name of the previously created security list
# ipv6cidr_block = null # If null, no IPv6 CIDR block is assigned
# },
]
}
14 changes: 13 additions & 1 deletion main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,10 @@ module "oke_node_pool" {
cni_type = each.value.cni_type

# OKE Network Details
nodes_subnet_id = local.create_subnets ? module.subnets["oke_nodes_subnet"].subnet_id : var.existent_oke_nodes_subnet_ocid
# nodes_subnet_id = local.create_subnets ? module.subnets["oke_nodes_subnet"].subnet_id : var.existent_oke_nodes_subnet_ocid
nodes_subnet_id = (local.create_subnets ? (anytrue([(each.value.node_pool_alternative_subnet == ""), (each.value.node_pool_alternative_subnet == null)])
? module.subnets["oke_nodes_subnet"].subnet_id : module.subnets[each.value.node_pool_alternative_subnet].subnet_id)
: var.existent_oke_nodes_subnet_ocid)
vcn_native_pod_networking_subnet_ocid = each.value.cni_type == "OCI_VCN_IP_NATIVE" ? (local.create_subnets ? module.subnets["oke_pods_network_subnet"].subnet_id : var.existent_oke_vcn_native_pod_networking_subnet_ocid) : ""

# Encryption (OCI Vault/Key Management/KMS)
Expand All @@ -145,6 +148,7 @@ locals {
node_pool_node_shape_config_memory_in_gbs = var.node_pool_instance_shape_1.memory
node_pool_boot_volume_size_in_gbs = var.node_pool_boot_volume_size_in_gbs_1
existent_oke_nodepool_id_for_autoscaler = var.existent_oke_nodepool_id_for_autoscaler_1
node_pool_alternative_subnet = null
image_operating_system = var.image_operating_system_1
image_operating_system_version = var.image_operating_system_version_1
extra_initial_node_labels = var.extra_initial_node_labels_1
Expand Down Expand Up @@ -201,8 +205,10 @@ locals {
prohibit_public_ip_on_vnic = (var.cluster_endpoint_visibility == "Private") ? true : false
prohibit_internet_ingress = (var.cluster_endpoint_visibility == "Private") ? true : false
route_table_id = (var.cluster_endpoint_visibility == "Private") ? module.route_tables["private"].route_table_id : module.route_tables["public"].route_table_id
alternative_route_table = null
dhcp_options_id = module.vcn.default_dhcp_options_id
security_list_ids = [module.security_lists["oke_endpoint_security_list"].security_list_id]
alternative_security_list = null
ipv6cidr_block = null
},
{
Expand All @@ -213,8 +219,10 @@ locals {
prohibit_public_ip_on_vnic = (var.cluster_workers_visibility == "Private") ? true : false
prohibit_internet_ingress = (var.cluster_workers_visibility == "Private") ? true : false
route_table_id = (var.cluster_workers_visibility == "Private") ? module.route_tables["private"].route_table_id : module.route_tables["public"].route_table_id
alternative_route_table = null
dhcp_options_id = module.vcn.default_dhcp_options_id
security_list_ids = [module.security_lists["oke_nodes_security_list"].security_list_id]
alternative_security_list = null
ipv6cidr_block = null
},
{
Expand All @@ -225,8 +233,10 @@ locals {
prohibit_public_ip_on_vnic = (var.cluster_load_balancer_visibility == "Private") ? true : false
prohibit_internet_ingress = (var.cluster_load_balancer_visibility == "Private") ? true : false
route_table_id = (var.cluster_load_balancer_visibility == "Private") ? module.route_tables["private"].route_table_id : module.route_tables["public"].route_table_id
alternative_route_table = null
dhcp_options_id = module.vcn.default_dhcp_options_id
security_list_ids = [module.security_lists["oke_lb_security_list"].security_list_id]
alternative_security_list = null
ipv6cidr_block = null
}
]
Expand All @@ -239,8 +249,10 @@ locals {
prohibit_public_ip_on_vnic = (var.pods_network_visibility == "Private") ? true : false
prohibit_internet_ingress = (var.pods_network_visibility == "Private") ? true : false
route_table_id = (var.pods_network_visibility == "Private") ? module.route_tables["private"].route_table_id : module.route_tables["public"].route_table_id
alternative_route_table = null
dhcp_options_id = module.vcn.default_dhcp_options_id
security_list_ids = [module.security_lists["oke_pod_network_security_list"].security_list_id]
alternative_security_list = null
ipv6cidr_block = null
}] : []
subnet_bastion = []
Expand Down
12 changes: 8 additions & 4 deletions oci-networking.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,10 +64,14 @@ module "subnets" {
dns_label = each.value.dns_label # If null, is autogenerated
prohibit_public_ip_on_vnic = each.value.prohibit_public_ip_on_vnic
prohibit_internet_ingress = each.value.prohibit_internet_ingress
route_table_id = each.value.route_table_id # If null, the VCN's default route table is used
dhcp_options_id = each.value.dhcp_options_id # If null, the VCN's default set of DHCP options is used
security_list_ids = each.value.security_list_ids # If null, the VCN's default security list is used
ipv6cidr_block = each.value.ipv6cidr_block # If null, no IPv6 CIDR block is assigned
route_table_id = (anytrue([(each.value.alternative_route_table == ""), (each.value.alternative_route_table == null)])
? each.value.route_table_id
: module.route_tables[each.value.alternative_route_table].route_table_id) # If null, the VCN's default route table is used
dhcp_options_id = each.value.dhcp_options_id # If null, the VCN's default set of DHCP options is used
security_list_ids = (anytrue([(each.value.alternative_security_list == ""), (each.value.alternative_security_list == null)]) # If null, the VCN's default security list is used
? each.value.security_list_ids
: [module.security_lists[each.value.alternative_security_list].security_list_id])
ipv6cidr_block = each.value.ipv6cidr_block # If null, no IPv6 CIDR block is assigned
}

################################################################################
Expand Down

0 comments on commit 4af1e83

Please sign in to comment.