1. Introduction
Hello! We are a writer team from Definer Inc.
In this issue, you are wondering how to create a k8s cluster in Oracle Cloud with Terraform.
Let's take a look at the actual screens and resources to explain in detail.
2. Purpose/Use Cases
This article will utilize the technologies Terraform and Kubernetes for the purpose of building k8s on Oracle with Terraform.
It is a collection of information and practices that you can use as a reference when you want to build microservices on Oracle using IaC in IT.
3. Assumption
First, let us review the following terms as a prerequisite.
・What is k8s?
k8s, short for Kubernetes, is an open source container orchestration tool for managing container scaling and operations. It was originally developed by Google.
K8s enables automation of container deployment processes, clustering of docker container hosts, and scaling and redundancy of containers.
・What is Oracle Cloud?
Oracle Cloud is a public cloud service provided by Oracle Corporation that covers a full range of cloud services from IaaS to PaaS and SaaS.
There is also a service called Cloud@Customer that places the cloud environment in the customer's data center.
By using Cloud@Customer, you can build a cloud environment within your network.
・What is Container Engine for Kubernetes?
Container Engine for Kubernetes is a container orchestration service using k8s provided by Oracle Cloud.
・What is Terraform?
Terraform is an Infrastructure as Code (IaC) service provided by HashiCorp.
IaC is a method of managing infrastructure construction by coding it.
Terraform uses the AWS SDK, which is written in the GO language.
One of the features of Terraform is its multi-cloud support, including AWS, Azure, and GCP.
4. Building a Kubernetes cluster with Terraform
Now, let's start building a Kubernetes cluster on Oracle Cloud with Terraform.
(1) Prepare OCI credentials
Obtain OCI API credentials (such as a user's private key and public key) to authenticate Terraform with your OCI tenancy. Make sure you have the necessary IAM permissions to create resources like virtual machines, networks, and load balancers.
(2) Configure the Terraform file
Use the following code that specifies k8s.
The file name is main.tf or anything you want.
In this file, we will define our VCN, subnet, k8s cluster and k8s node pool resources.
# Configure the OCI provider
provider "oci" {
tenancy_ocid = "<TENANCY_OCID>"
user_ocid = "<USER_OCID>"
fingerprint = "<USER_FINGERPRINT>"
private_key_path = "<PRIVATE_KEY_PATH>"
region = "<REGION>"
disable_auto_retries = true
}
# Define the virtual network
resource "oci_core_vcn" "my_network" {
cidr_blocks = "10.0.0.0/16"
compartment_id = "<COMPARTMENT_OCID>"
display_name = "my-network"
dns_label = "my-network"
}
# Define the subnet
resource "oci_core_subnet" "my_subnet" {
cidr_block = "10.0.0.0/24"
vcn_id = oci_core_vcn.my_network.id
availability_domain = "<AVAILABILITY_DOMAIN>"
compartment_id = "<COMPARTMENT_OCID>"
}
# Define the Kubernetes cluster
resource "oci_containerengine_cluster" "oke-cluster" {
# Required
compartment_id = "<COMPARTMENT_OCID>"
kubernetes_version = "v1.21.5"
name = "test-k8s-cluster"
vcn_id = oci_core_vcn.my_network.id
# Optional
options {
kubernetes_network_config {
pods_cidr = "10.244.0.0/16"
services_cidr = "10.96.0.0/16"
}
service_lb_subnet_ids = [oci_core_subnet.my_subnet.id]
}
}
# Define K8S nodepool
resource "oci_containerengine_node_pool" "oke-node-pool" {
cluster_id = oci_containerengine_cluster.oke-cluster.id
compartment_id = "<COMPARTMENT_OCID>"
kubernetes_version = "v1.21.5"
name = "pooltest"
node_config_details{
placement_configs{
availability_domain = "<AVAILABILITY_DOMAIN>"
subnet_id = oci_core_subnet.my_subnet.id
}
size = 1
}
node_shape = "VM.Standard2.1"
node_source_details {
image_id = "<IMAGE_ID>"
source_type = "image"
}
}
Fist, configure your Oracle provider in provider "oci" block.The disable_auto_retries parameter is set to true, which disables automatic retrying of API requests.
Prepare VCN specified CIDR block (
Then, create a subnet within the VCN (
VCN and its subnet is where we put the K8S cluster in.
In "oci_containerengine_cluster" block:
- Within the
- The
The "
- The
- Within
- The node_source_details block specifies the source image for the nodes in the pool.
Replace the placeholders (<TENANCY_OCID>, <USER_OCID>, <USER_FINGERPRINT>, <PRIVATE_KEY_PATH>, <REGION>, <COMPARTMENT_OCID>, <IMAGE_ID> and <AVAILABILITY_DOMAIN>) with your actual values. Ensure you have appropriate values for your network configuration.
(3) Executing Terraform
Initialize with the "terraform init" command, and create resources with "terraform plan" and "terraform apply".
We have confirmed that k8s has been created on oracle cloud. Once the cluster is provisioned, you can access it using the OCI CLI or any Kubernetes client tools like `kubectl`. You may need to configure `kubectl` to point to the generated kubeconfig file, which Terraform saves by default in the current directory as `kubeconfig`.
Prepare VCN specified CIDR block (
cidr_blocks = "10.0.0.0/16"
) or you can specific yourself.Then, create a subnet within the VCN (
cidr_block = "10.0.0.0/24"
) or you can specific yourself. The subnet is associated with a specific availability domain (availability_domain
) and is located within the VCN defined above (vcn_id = oci_core_vcn.my_network.id
).VCN and its subnet is where we put the K8S cluster in.
In "oci_containerengine_cluster" block:
- Within the
options
block, the kubernetes_network_config
specifies the CIDR blocks for pods and services in the cluster.- The
service_lb_subnet_ids
specifies the subnet ID(s) to be used for the Kubernetes service load balancer.The "
oci_containerengine_node_pool"
resource block defines a node pool within the Kubernetes cluster:- The
node_config_details
block contains details about the nodes in the pool.- Within
node_config_details
, placement_configs
specifies the availability domain and subnet ID where the nodes will be placed.- The node_source_details block specifies the source image for the nodes in the pool.
Replace the placeholders (<TENANCY_OCID>, <USER_OCID>, <USER_FINGERPRINT>, <PRIVATE_KEY_PATH>, <REGION>, <COMPARTMENT_OCID>, <IMAGE_ID> and <AVAILABILITY_DOMAIN>) with your actual values. Ensure you have appropriate values for your network configuration.
(3) Executing Terraform
Initialize with the "terraform init" command, and create resources with "terraform plan" and "terraform apply".
We have confirmed that k8s has been created on oracle cloud. Once the cluster is provisioned, you can access it using the OCI CLI or any Kubernetes client tools like `kubectl`. You may need to configure `kubectl` to point to the generated kubeconfig file, which Terraform saves by default in the current directory as `kubeconfig`.
# Initialize Terraform
terraform init
# Apply the Terraform configuration
terraform plan
terraform apply
5. Cited/Referenced Articles
6. About the proprietary solution "PrismScaler"
・PrismScaler is a web service that enables the construction of multi-cloud infrastructures such as AWS, Azure, and GCP in just three steps, without requiring development and operation.
・PrismScaler is a web service that enables multi-cloud infrastructure construction such as AWS, Azure, GCP, etc. in just 3 steps without development and operation.
・The solution is designed for a wide range of usage scenarios such as cloud infrastructure construction/cloud migration, cloud maintenance and operation, and cost optimization, and can easily realize more than several hundred high-quality general-purpose cloud infrastructures by appropriately combining IaaS and PaaS.
7. Contact us
This article provides useful introductory information free of charge. For consultation and inquiries, please contact "Definer Inc".
8. Regarding Definer
・Definer Inc. provides one-stop solutions from upstream to downstream of IT.
・We are committed to providing integrated support for advanced IT technologies such as AI and cloud IT infrastructure, from consulting to requirement definition/design development/implementation, and maintenance and operation.
・We are committed to providing integrated support for advanced IT technologies such as AI and cloud IT infrastructure, from consulting to requirement definition, design development, implementation, maintenance, and operation.
・PrismScaler is a high-quality, rapid, "auto-configuration," "auto-monitoring," "problem detection," and "configuration visualization" for multi-cloud/IT infrastructure such as AWS, Azure, and GCP.