Networking customizations
Use a pre-existing VCN
The following OCIManagedCluster snippet can be used to to use a pre-existing VCN.
kind: OCIManagedCluster
spec:
compartmentId: "${OCI_COMPARTMENT_ID}"
networkSpec:
skipNetworkManagement: true
vcn:
id: "<vcn-id>"
networkSecurityGroup:
list:
- id: "<control-plane-endpoint-nsg-id>"
role: control-plane-endpoint
name: control-plane-endpoint
- id: "<worker-nsg-id>"
role: worker
name: worker
- id: "<pod-nsg-id>"
role: pod
name: pod
subnets:
- id: "<control-plane-endpoint-subnet-id>"
role: control-plane-endpoint
name: control-plane-endpoint
type: public
- id: "<worker-subnet-id>"
role: worker
name: worker
- id: "<pod-subnet-id>"
role: pod
name: pod
- id: "<service-lb-subnet-id>"
role: service-lb
name: service-lb
type: public
Use a pre-existing VCN, Subnet and Gatways, but the other networking components self managed
The following OCIManagedCluster example spec is given below
kind: OCIManagedCluster
spec:
compartmentId: "${OCI_COMPARTMENT_ID}"
networkSpec:
vcn:
skip: true
id: <Insert VCN OCID Here> // REQUIRED
networkSecurityGroup:
skip: false
internetGateway:
skip: true // REQUIRED
natGateway:
skip: true // REQUIRED
serviceGateway:
skip: true // REQUIRED
routeTable:
skip: true // REQUIRED
subnets:
- id: <Insert control Plane Subnet OCID Here> // REQUIRED
role: control-plane-endpoint
name: control-plane-endpoint
type: public
skip: true
- id: <Insert control Plane Subnet OCID Here> // REQUIRED
role: worker
name: worker
type: private
skip: true
- id: <Insert control Plane Subnet OCID Here> // REQUIRED
role: control-plane
name: control-plane
type: private
skip: true
- id: <Insert control Plane Subnet OCID Here> // REQUIRED
role: service-lb
name: service-lb
type: public
skip: true
Use flannel as CNI
Use the template cluster-template-managed-flannel.yaml as an example for using flannel as the CNI. The template
sets the correct parameters in the spec as well as create the proper security roles in the Network Security Group (NSG).