Merge pull request #2 from junior/zero-four-zero

Zero four zero

README.md

@@ -6,12 +6,13 @@
 
 # Oracle Container Engine for Kubernetes ([OKE][oke]) Base stack
 
-![Stack Release](https://img.shields.io/github/v/release/oracle-quickstart/oke-base.svg)
-![Stack Build](https://img.shields.io/github/workflow/status/oracle-quickstart/oke-base/Generate%20stacks%20and%20publish%20release?label=stack&logo=oracle&logoColor=red)
+[![Stack Release](https://img.shields.io/github/v/release/oracle-quickstart/oke-base.svg)](https://github.com/oracle-quickstart/oke-base/releases)
+[![Stack Build](https://img.shields.io/github/workflow/status/oracle-quickstart/oke-base/Generate%20stacks%20and%20publish%20release?label=stack&logo=oracle&logoColor=red)][magic_oke_stack]
 ![AquaSec TFSec](https://img.shields.io/github/workflow/status/oracle-quickstart/oke-base/tfsec?label=tfsec&logo=aqua)
 ![Terraform](https://img.shields.io/badge/terraform->%3D%201.1-%235835CC.svg?logo=terraform)
 ![Stack License](https://img.shields.io/github/license/oracle-quickstart/oke-base)
 ![Stack Downloads](https://img.shields.io/github/downloads/oracle-quickstart/oke-base/total?logo=terraform)
+[![GitHub issues](https://img.shields.io/github/issues/oracle-quickstart/oke-base.svg)](https://github.com/oracle-quickstart/oke-base/issues)
 
 This repo contains a Terraform Module for how to deploy Oracle Container Engine for [Kubernetes][kubernetes_101] ([OKE][oke]) cluster on Oracle Cloud Infrastructure ([OCI][oci]). This module is designed to be used with the [OCI Resource Manager][oci_rm] to deploy a cluster in a single step. The module can also be used with the [OCI Terraform Provider][oci_tf_provider] to deploy a cluster using local or CloudShell Terraform cli.
 

VERSION

@@ -1 +1 @@
-0.3.0
+0.4.0

module-oke.tf

@@ -94,6 +94,8 @@ module "oke_node_pool" {
   node_pool_node_shape_config_memory_in_gbs = each.value.node_pool_node_shape_config_memory_in_gbs
   existent_oke_nodepool_id_for_autoscaler   = each.value.existent_oke_nodepool_id_for_autoscaler
   public_ssh_key                            = local.workers_public_ssh_key
+  image_operating_system                    = each.value.image_operating_system
+  image_operating_system_version            = each.value.image_operating_system_version
 
   # OKE Network Details
   oke_vcn_nodes_subnet_ocid = module.oke.oke_vcn_nodes_subnet_ocid
@@ -104,15 +106,17 @@ module "oke_node_pool" {
 locals {
   node_pools = [
     {
-      node_pool_name                            = var.node_pool_name != "" ? var.node_pool_name : "pool1" # Must be unique
-      node_pool_min_nodes                       = var.cluster_autoscaler_enabled ? var.cluster_autoscaler_min_nodes_1 : var.num_pool_workers
+      node_pool_name                            = var.node_pool_name_1 != "" ? var.node_pool_name_1 : "pool1" # Must be unique
+      node_pool_min_nodes                       = var.cluster_autoscaler_enabled ? var.cluster_autoscaler_min_nodes_1 : var.num_pool_workers_1
       node_pool_max_nodes                       = var.cluster_autoscaler_max_nodes_1
       node_k8s_version                          = var.k8s_version # TODO: Allow to set different version for each node pool
-      node_pool_shape                           = var.node_pool_instance_shape.instanceShape
-      node_pool_node_shape_config_ocpus         = var.node_pool_instance_shape.ocpus
-      node_pool_node_shape_config_memory_in_gbs = var.node_pool_instance_shape.memory
-      node_pool_boot_volume_size_in_gbs         = var.node_pool_boot_volume_size_in_gbs
+      node_pool_shape                           = var.node_pool_instance_shape_1.instanceShape
+      node_pool_node_shape_config_ocpus         = var.node_pool_instance_shape_1.ocpus
+      node_pool_node_shape_config_memory_in_gbs = var.node_pool_instance_shape_1.memory
+      node_pool_boot_volume_size_in_gbs         = var.node_pool_boot_volume_size_in_gbs_1
       existent_oke_nodepool_id_for_autoscaler   = var.existent_oke_nodepool_id_for_autoscaler_1
+      image_operating_system                    = var.image_operating_system_1
+      image_operating_system_version            = var.image_operating_system_version_1
     },
   ]
 }
@@ -215,21 +219,22 @@ variable "existent_oke_nodepool_id_for_autoscaler_1" {
 }
 
 ## OKE Node Pool Details
-variable "node_pool_name" {
-  default     = "pool1"
-  description = "Name of the node pool"
-}
 variable "k8s_version" {
   default     = "Latest"
   description = "Kubernetes version installed on your Control Plane and worker nodes. If not version select, will use the latest available."
 }
-variable "num_pool_workers" {
+### Node Pool 1
+variable "node_pool_name_1" {
+  default     = "pool1"
+  description = "Name of the node pool"
+}
+variable "num_pool_workers_1" {
   default     = 3
   description = "The number of worker nodes in the node pool. If select Cluster Autoscaler, will assume the minimum number of nodes configured"
 }
 
-# ocpus and memory are only used if flex shape is selected
-variable "node_pool_instance_shape" {
+#### ocpus and memory are only used if flex shape is selected
+variable "node_pool_instance_shape_1" {
   type = map(any)
   default = {
     "instanceShape" = "VM.Standard.E4.Flex"
@@ -238,15 +243,15 @@ variable "node_pool_instance_shape" {
   }
   description = "A shape is a template that determines the number of OCPUs, amount of memory, and other resources allocated to a newly created instance for the Worker Node. Select at least 2 OCPUs and 16GB of memory if using Flex shapes"
 }
-variable "node_pool_boot_volume_size_in_gbs" {
+variable "node_pool_boot_volume_size_in_gbs_1" {
   default     = "60"
   description = "Specify a custom boot volume size (in GB)"
 }
-variable "image_operating_system" {
+variable "image_operating_system_1" {
   default     = "Oracle Linux"
   description = "The OS/image installed on all nodes in the node pool."
 }
-variable "image_operating_system_version" {
+variable "image_operating_system_version_1" {
   default     = "8"
   description = "The OS/image version installed on all nodes in the node pool."
 }

modules/new-subnet-from-oke-vcn/providers.tf

@@ -7,8 +7,8 @@ terraform {
   required_providers {
     oci = {
       source  = "oracle/oci"
-      version = ">= 4.88.1"
-      # https://registry.terraform.io/providers/oracle/oci/4.88.1
+      version = "~> 4"
+      # https://registry.terraform.io/providers/oracle/oci/
     }
   }
 }

modules/new-subnet-from-oke-vcn/security-lists.tf

@@ -33,7 +33,7 @@ resource "oci_core_security_list" "extra_subnet_security_list" {
     stateless        = false
   }
 
-  count = var.create_new_oke_cluster ? 1 : 0
+  count = var.create_new_subnet ? 1 : 0
 }
 
 locals {

modules/new-subnet-from-oke-vcn/subnet.tf

@@ -6,13 +6,15 @@ resource "oci_core_subnet" "extra_subnet" {
   cidr_block                 = lookup(var.network_cidrs, "EXTRA-SUBNET-REGIONAL-CIDR")
   compartment_id             = var.oke_vcn_compartment_ocid
   display_name               = "${local.subnet_name_normalized}-subnet-${local.deploy_id}"
-  dns_label                  = "${local.subnet_name_normalized}${local.deploy_id}"
+  dns_label                  = "${local.subnet_name_for_dns}${local.deploy_id}"
   vcn_id                     = var.oke_vcn_ocid
   prohibit_public_ip_on_vnic = true
   route_table_id             = oci_core_route_table.extra_subnet_route_table[0].id
-  dhcp_options_id            = var.oke_vcn_default_dhcp_id
+  dhcp_options_id            = var.oke_vcn_default_dhcp_ocid
   security_list_ids          = [oci_core_security_list.extra_subnet_security_list[0].id]
   freeform_tags              = var.freeform_deployment_tags
+
+  count = var.create_new_subnet ? 1 : 0
 }
 
 resource "oci_core_route_table" "extra_subnet_route_table" {
@@ -25,6 +27,8 @@ resource "oci_core_route_table" "extra_subnet_route_table" {
     description       = "Traffic to/from internet"
     destination       = lookup(var.network_cidrs, "ALL-CIDR")
     destination_type  = "CIDR_BLOCK"
-    network_entity_id = oci_core_internet_gateway.oke_internet_gateway[0].id
+    network_entity_id = var.oke_vcn_internet_gateway_ocid
   }
+
+  count = var.create_new_subnet ? 1 : 0
 }

modules/new-subnet-from-oke-vcn/variables.tf

@@ -2,6 +2,11 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 # 
 
+variable "create_new_subnet" {
+  default     = false
+  description = "Create a new node pool if true or use an existing one if false"
+}
+
 variable "network_cidrs" {
   type = map(string)
 
@@ -35,7 +40,14 @@ variable "subnet_name" {
   description = "Subnet Name"
 }
 
+# Deployment Details + Freeform Tags
+variable "freeform_deployment_tags" {
+  description = "Tags to be added to the resources"
+}
+
 # Subnet Name Locals
 locals {
+  subnet_name_for_dns    = substr(lower(replace(var.subnet_name, "/\\W|_|\\s/", "")), 0, 6)
   subnet_name_normalized = substr(replace(lower(var.subnet_name), " ", "-"), 0, 6)
+  deploy_id              = var.freeform_deployment_tags.DeploymentID
 }

modules/oke-cluster-autoscaler/main.tf

@@ -33,19 +33,21 @@ resource "kubernetes_service_account" "cluster_autoscaler_sa" {
 
   count = local.cluster_autoscaler_enabled ? 1 : 0
 }
-# resource "kubernetes_secret" "cluster_autoscaler_sa_secret" {
-#   metadata {
-#     name      = "cluster-autoscaler-token-secret"
-#     namespace = "kube-system"
-#     annotations = {
-#       "kubernetes.io/service-account.name"      = "cluster-autoscaler"
-#       "kubernetes.io/service-account.namespace" = "kube-system"
-#     }
-#   }
-#   type = "kubernetes.io/service-account-token"
+resource "kubernetes_secret" "cluster_autoscaler_sa_secret" {
+  metadata {
+    name      = "cluster-autoscaler-token-secret"
+    namespace = "kube-system"
+    annotations = {
+      "kubernetes.io/service-account.name"      = "cluster-autoscaler"
+      "kubernetes.io/service-account.namespace" = "kube-system"
+    }
+  }
+  type = "kubernetes.io/service-account-token"
 
-#   count = local.cluster_autoscaler_enabled ? 1 : 0
-# }
+  depends_on = [kubernetes_service_account.cluster_autoscaler_sa]
+
+  count = local.cluster_autoscaler_enabled ? 1 : 0
+}
 resource "kubernetes_cluster_role" "cluster_autoscaler_cr" {
   metadata {
     name = "cluster-autoscaler"
@@ -103,7 +105,7 @@ resource "kubernetes_cluster_role" "cluster_autoscaler_cr" {
   }
   rule {
     api_groups = ["storage.k8s.io"]
-    resources  = ["storageclasses", "csinodes", "csidrivers"]
+    resources  = ["storageclasses", "csinodes", "csidrivers", "csistoragecapacities"]
     verbs      = ["watch", "list", "get"]
   }
   rule {

modules/oke-cluster-autoscaler/variables.tf

@@ -22,12 +22,8 @@ variable "oke_node_pools" {
   type = list(any)
 
   default     = []
-  description = "Node pools (id, min_nodes, max_nodes) to use with Cluster Autoscaler"
+  description = "Node pools (id, min_nodes, max_nodes, k8s_version) to use with Cluster Autoscaler"
 }
-# variable "k8s_version" {
-#   default     = "Latest"
-#   description = "Kubernetes version installed on your worker nodes"
-# }
 
 # OCI Provider
 variable "region" {}

modules/oke/variables.tf

@@ -141,10 +141,10 @@ variable "show_advanced" {
 
 # App Name Locals
 locals {
-  app_name_normalized = substr(replace(lower(var.freeform_deployment_tags.AppName), " ", "-"), 0, 6)
   app_name            = var.freeform_deployment_tags.AppName
   deploy_id           = var.freeform_deployment_tags.DeploymentID
-  app_name_for_db     = regex("[[:alnum:]]{1,10}", local.app_name)
+  app_name_normalized = substr(replace(lower(var.freeform_deployment_tags.AppName), " ", "-"), 0, 6)
+  app_name_for_dns    = substr(lower(replace(var.freeform_deployment_tags.AppName, "/\\W|_|\\s/", "")), 0, 6)
 }
 
 # OKE Compartment