Skip to content

Commit

Permalink
feat: update templates to specify control and worker shapes separately
Browse files Browse the repository at this point in the history 
While the users can specify the shapes independently we wanted our
defined templates to support this as well. It should make it easier
for our users to quickly define different shapes independent of each
other.
  • Loading branch information
@joekr
joekr committed Mar 9, 2022
1 parent d5f1495 commit 62174bc
Show file tree
Hide file tree
Showing 14 changed files with 92 additions and 84 deletions.
49 changes: 28 additions & 21 deletions docs/src/gs/create-workload-cluster.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,19 @@ Choose one of the available templates for to create your workload clusters from

The following Oracle Cloud Infrastructure (OCI) configuration parameters are available when creating a workload cluster on OCI:

| Parameter | Default Value | Description |
| ---------------------------- |---------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `OCI_COMPARTMENT_ID` | | The OCID of the compartment where the OCI resources are to be created |
| `OCI_IMAGE_ID` | | The OCID of the Compute Image (Oracle Linux or Ubuntu) with which to create the Kubernetes nodes |
| `OCI_SHAPE` | VM.Standard.E4.Flex | The shape of the Kubernetes nodes |
| `OCI_SHAPE_MEMORY_IN_GBS` | | The amount of memory to be allocated to the instances. If not provided it is automatically computed by compute API. |
| `OCI_SHAPE_OCPUS` | 1 | The number of OCPUs allocated to the instance |
| `OCI_SSH_KEY` | | The public SSH key to be added to the Kubernetes nodes. It can be used to login to the node and troubleshoot failures. |
| `OCI_PV_TRANSIT_ENCRYPTION` | true | [In-transit encryption](https://docs.oracle.com/en-us/iaas/Content/File/Tasks/intransitencryption.htm) provides a way to secure your data between instances and mounted file systems using TLS v.1.2 (Transport Layer Security) encryption. Only [some bare metal instances](https://docs.oracle.com/en-us/iaas/releasenotes/changes/60d602f5-abb3-4639-aa19-292a5744a808/) support In-transit encryption |
| Parameter | Default Value | Description |
|-------------------------------------------|---------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `OCI_COMPARTMENT_ID` | | The OCID of the compartment where the OCI resources are to be created |
| `OCI_IMAGE_ID` | | The OCID of the Compute Image (Oracle Linux or <br/>Ubuntu) with which to create the Kubernetes nodes. This same image is used for both the control plane and the worker nodes. Before picking an image look at the capabilities of the image. Some images only support certain shapes, but most official images should support most (if not all) shapes. https://docs.oracle.com/en-us/iaas/api/#/en/iaas/20160918/Shape/ListShapes |
| `OCI_CONTROL_PLANE_SHAPE` | VM.Standard.E4.Flex | The shape of the Kubernetes nodes |
| `OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS` | | The amount of memory to be allocated to the instances. If not provided it is automatically computed by compute API. |
| `OCI_CONTROL_PLANE_SHAPE_OCPUS` | 1 | The number of OCPUs allocated to the instance |
| `OCI_WORKER_SHAPE` | VM.Standard.E4.Flex | The shape of the Kubernetes worker nodes |
| `OCI_WORKER_SHAPE_MEMORY_IN_GBS` | | The amount of memory to be allocated to the <br/>instances. If <br/>not provided it is automatically computed by compute API for VMs, but you will need to set this if you want to use Bare Metal instances. |
| `OCI_WORKER_SHAPE_OCPUS` | 1 | The number of OCPUs allocated to the instance |
| `OCI_SSH_KEY` | | The public SSH key to be added to the Kubernetes nodes. It can be used to login to the node and troubleshoot failures. |
| `OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION` | true | [In-transit encryption](https://docs.oracle.<br/>com/en-us/iaas/Content/File/Tasks/intransitencryption.htm) provides a way to secure your data between instances and mounted file systems using TLS v.1.2 (Transport Layer Security) encryption. Only [some bare metal instances](https://docs.oracle.com/en-us/iaas/releasenotes/changes/60d602f5-abb3-4639-aa19-292a5744a808/) support In-transit encryption |
| `OCI_NODE_PV_TRANSIT_ENCRYPTION` | true | [In-transit encryption](https://docs.oracle.com/en-us/iaas/Content/File/Tasks/intransitencryption.htm) provides a way to secure your data between instances and mounted file systems using TLS v.1.2 (Transport Layer Security) encryption. Only [some bare metal instances](https://docs.oracle.com/en-us/iaas/releasenotes/changes/60d602f5-abb3-4639-aa19-292a5744a808/) support In-transit encryption |

The following Cluster API parameters are also available:

Expand All @@ -33,14 +37,14 @@ The following Cluster API parameters are also available:

## Create a new workload cluster on virtual instances using an Ubuntu custom image

Run the command below to create a Kubernetes cluster with 1 control plane node and 1 worker node:
Run the command below to create a Kubernetes cluster with 1 control plane node and 1 worker node. This will setup
both the control plane and the worker nodes using the default information defined in the
[Workload Cluster Parameters](#workload-cluster-parameters)
table:

```bash
OCI_COMPARTMENT_ID=<compartment-id> \
OCI_IMAGE_ID=<ubuntu-custom-image-id> \
OCI_SHAPE=VM.Standard.E4.Flex \
OCI_SHAPE_OCPUS=1 \
OCI_SHAPE_MEMORY_IN_GBS= \
OCI_SSH_KEY=<ssh-key> \
CONTROL_PLANE_MACHINE_COUNT=1 \
KUBERNETES_VERSION=v1.20.10 \
Expand All @@ -52,16 +56,22 @@ clusterctl generate cluster <cluster-name>\

## Create a new workload cluster on bare metal instances using an Ubuntu custom image

Note the addition of `OCI_PV_TRANSIT_ENCRYPTION=false` which is required for most BM shapes.
Note the addition of the `OCI_CONTROL_PLANE_SHAPE` variables, `OCI_WORKER_SHAPE` variables to change the shape
information from the `VM.Standard.E4.Flex` default. You will also need to set`OCI_PV_TRANSIT_ENCRYPTION=false` which is
required for most BM shapes.

```bash
OCI_COMPARTMENT_ID=<compartment-id> \
OCI_IMAGE_ID=<ubuntu-custom-image-id> \
OCI_SHAPE=BM.Standard2.52 \
OCI_SHAPE_OCPUS=52 \
OCI_SHAPE_MEMORY_IN_GBS= \
OCI_SSH_KEY=<ssh-key> \
OCI_PV_TRANSIT_ENCRYPTION=false \
OCI_CONTROL_PLANE_SHAPE=BM.Standard2.52 \
OCI_CONTROL_PLANE_SHAPE_OCPUS=52 \
OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS= \
OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION=false \
OCI_WORKER_SHAPE=BM.Standard2.52 \
OCI_WORKER_SHAPE_OCPUS=52 \
OCI_WORKER_SHAPE_MEMORY_IN_GBS= \
OCI_NODE_PV_TRANSIT_ENCRYPTION=false \
CONTROL_PLANE_MACHINE_COUNT=1 \
KUBERNETES_VERSION=v1.20.10 \
NAMESPACE=default \
Expand All @@ -75,9 +85,6 @@ clusterctl generate cluster <cluster-name>\
```bash
OCI_COMPARTMENT_ID=<compartment-id> \
OCI_IMAGE_ID=<oracle-linux-custom-image-id> \
OCI_SHAPE=VM.Standard.E4.Flex \
OCI_SHAPE_OCPUS=1 \
OCI_SHAPE_MEMORY_IN_GBS= \
OCI_SSH_KEY=<ssh-key> \
CONTROL_PLANE_MACHINE_COUNT=1 \
KUBERNETES_VERSION=v1.20.10 \
Expand Down
6 changes: 0 additions & 6 deletions docs/src/gs/create-workload-templates.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,6 @@ You can then reuse the `ConfigMap` to create your clusters. For example, to crea
```shell
OCI_COMPARTMENT_ID=<compartment-id> \
OCI_IMAGE_ID=<oracle-linux-custom-image-id> \
OCI_SHAPE=VM.Standard.E4.Flex \
OCI_SHAPE_OCPUS=1 \
OCI_SHAPE_MEMORY_IN_GBS= \
OCI_SSH_KEY=<ssh-key> \
CONTROL_PLANE_MACHINE_COUNT=1 \
KUBERNETES_VERSION=v1.20.10 \
Expand All @@ -38,9 +35,6 @@ Likewise, to create a workload cluster using Ubuntu:
```shell
OCI_COMPARTMENT_ID=<compartment-id> \
OCI_IMAGE_ID=<ubuntu-custom-image-id> \
OCI_SHAPE=VM.Standard.E4.Flex \
OCI_SHAPE_OCPUS=1 \
OCI_SHAPE_MEMORY_IN_GBS= \
OCI_SSH_KEY=<ssh-key> \
CONTROL_PLANE_MACHINE_COUNT=1 \
KUBERNETES_VERSION=v1.20.10 \
Expand Down
9 changes: 6 additions & 3 deletions scripts/ci-conformance.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,12 @@ export TAG="${defaultTag:-dev}"
export GINKGO_NODES=3

export OCI_SSH_KEY="${OCI_SSH_KEY:-""}"
export OCI_SHAPE="${OCI_SHAPE:-"VM.Standard.E3.Flex"}"
export OCI_SHAPE_OCPUS="${OCI_SHAPE_OCPUS:-"1"}"
export OCI_SHAPE_MEMORY_IN_GBS="${OCI_SHAPE_MEMORY_IN_GBS:-"16"}"
export OCI_CONTROL_PLANE_SHAPE="${OCI_CONTROL_PLANE_SHAPE:-"VM.Standard.E3.Flex"}"
export OCI_CONTROL_PLANE_SHAPE_OCPUS="${OCI_CONTROL_PLANE_SHAPE_OCPUS:-"1"}"
export OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS="${OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS:-"16"}"
export OCI_WORKER_SHAPE="${OCI_WORKER_SHAPE:-"VM.Standard.E3.Flex"}"
export OCI_WORKER_SHAPE_OCPUS="${OCI_WORKER_SHAPE_OCPUS:-"1"}"
export OCI_WORKER_SHAPE_MEMORY_IN_GBS="${OCI_WORKER_SHAPE_MEMORY_IN_GBS:-"16"}"
export KIND_EXPERIMENTAL_DOCKER_NETWORK="bridge"

# Generate SSH key.
Expand Down
9 changes: 6 additions & 3 deletions scripts/ci-e2e.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,12 @@ export TAG="${defaultTag:-dev}"
export GINKGO_NODES=3

export OCI_SSH_KEY="${OCI_SSH_KEY:-""}"
export OCI_SHAPE="${OCI_SHAPE:-"VM.Standard.E3.Flex"}"
export OCI_SHAPE_OCPUS="${OCI_SHAPE_OCPUS:-"1"}"
export OCI_SHAPE_MEMORY_IN_GBS="${OCI_SHAPE_MEMORY_IN_GBS:-"16"}"
export OCI_CONTROL_PLANE_SHAPE="${OCI_CONTROL_PLANE_SHAPE:-"VM.Standard.E3.Flex"}"
export OCI_CONTROL_PLANE_SHAPE_OCPUS="${OCI_CONTROL_PLANE_SHAPE_OCPUS:-"1"}"
export OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS="${OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS:-"16"}"
export OCI_WORKER_SHAPE="${OCI_WORKER_SHAPE:-"VM.Standard.E3.Flex"}"
export OCI_WORKER_SHAPE_OCPUS="${OCI_WORKER_SHAPE_OCPUS:-"1"}"
export OCI_WORKER_SHAPE_MEMORY_IN_GBS="${OCI_WORKER_SHAPE_MEMORY_IN_GBS:-"16"}"
export KIND_EXPERIMENTAL_DOCKER_NETWORK="bridge"

# Generate SSH key.
Expand Down
16 changes: 8 additions & 8 deletions templates/cluster-template-antrea.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -294,13 +294,13 @@ spec:
spec:
imageId: "${OCI_IMAGE_ID}"
compartmentId: "${OCI_COMPARTMENT_ID}"
shape: "${OCI_SHAPE}"
shape: "${OCI_CONTROL_PLANE_SHAPE=VM.Standard.E4.Flex}"
shapeConfig:
ocpus: "${OCI_SHAPE_OCPUS}"
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
ocpus: "${OCI_CONTROL_PLANE_SHAPE_OCPUS=1}"
memoryInGBs: "${OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS=16}"
metadata:
ssh_authorized_keys: "${OCI_SSH_KEY}"
isPvEncryptionInTransitEnabled: ${OCI_PV_TRANSIT_ENCRYPTION=true}
isPvEncryptionInTransitEnabled: ${OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION=true}
---
apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: OCIMachineTemplate
Expand All @@ -311,13 +311,13 @@ spec:
spec:
imageId: "${OCI_IMAGE_ID}"
compartmentId: "${OCI_COMPARTMENT_ID}"
shape: "${OCI_SHAPE}"
shape: "${OCI_WORKER_SHAPE=VM.Standard.E4.Flex}"
shapeConfig:
ocpus: "${OCI_SHAPE_OCPUS}"
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
ocpus: "${OCI_WORKER_SHAPE_OCPUS=1}"
memoryInGBs: "${OCI_WORKER_SHAPE_MEMORY_IN_GBS=16}"
metadata:
ssh_authorized_keys: "${OCI_SSH_KEY}"
isPvEncryptionInTransitEnabled: ${OCI_PV_TRANSIT_ENCRYPTION=true}
isPvEncryptionInTransitEnabled: ${OCI_NODE_PV_TRANSIT_ENCRYPTION=true}
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
kind: KubeadmConfigTemplate
Expand Down
14 changes: 8 additions & 6 deletions templates/cluster-template-arm-free-tier.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,14 +102,15 @@ spec:
spec:
imageId: "${OCI_IMAGE_ID}"
compartmentId: "${OCI_COMPARTMENT_ID}"
shape: "${OCI_SHAPE}"
shape: "${OCI_CONTROL_PLANE_SHAPE=VM.Standard.E4.Flex}"
networkDetails:
assignPublicIp: true
shapeConfig:
ocpus: "${OCI_SHAPE_OCPUS}"
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
ocpus: "${OCI_CONTROL_PLANE_SHAPE_OCPUS=1}"
memoryInGBs: "${OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS=16}"
metadata:
ssh_authorized_keys: "${OCI_SSH_KEY}"
IsPvEncryptionInTransitEnabled: ${OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION=true}
---
apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: OCIMachineTemplate
Expand All @@ -120,14 +121,15 @@ spec:
spec:
imageId: "${OCI_IMAGE_ID}"
compartmentId: "${OCI_COMPARTMENT_ID}"
shape: "${OCI_SHAPE}"
shape: "${OCI_WORKER_SHAPE=VM.Standard.E4.Flex}"
networkDetails:
assignPublicIp: true
shapeConfig:
ocpus: "${OCI_SHAPE_OCPUS}"
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
ocpus: "${OCI_WORKER_SHAPE_OCPUS=1}"
memoryInGBs: "${OCI_WORKER_SHAPE_MEMORY_IN_GBS=16}"
metadata:
ssh_authorized_keys: "${OCI_SSH_KEY}"
IsPvEncryptionInTransitEnabled: ${OCI_NODE_PV_TRANSIT_ENCRYPTION=true}
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
kind: KubeadmConfigTemplate
Expand Down
16 changes: 8 additions & 8 deletions templates/cluster-template-failure-domain-spread.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,13 +80,13 @@ spec:
spec:
imageId: "${OCI_IMAGE_ID}"
compartmentId: "${OCI_COMPARTMENT_ID}"
shape: "${OCI_SHAPE}"
shape: "${OCI_CONTROL_PLANE_SHAPE=VM.Standard.E4.Flex}"
shapeConfig:
ocpus: "${OCI_SHAPE_OCPUS}"
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
ocpus: "${OCI_CONTROL_PLANE_SHAPE_OCPUS=1}"
memoryInGBs: "${OCI_CONTROL_PLANE_SHAPE_MEMORY_IN_GBS=16}"
metadata:
ssh_authorized_keys: "${OCI_SSH_KEY}"
isPvEncryptionInTransitEnabled: ${OCI_PV_TRANSIT_ENCRYPTION=true}
isPvEncryptionInTransitEnabled: ${OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION=true}
---
apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: OCIMachineTemplate
Expand All @@ -97,13 +97,13 @@ spec:
spec:
imageId: "${OCI_IMAGE_ID}"
compartmentId: "${OCI_COMPARTMENT_ID}"
shape: "${OCI_SHAPE}"
shape: "${OCI_WORKER_SHAPE=VM.Standard.E4.Flex}"
shapeConfig:
ocpus: "${OCI_SHAPE_OCPUS}"
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
ocpus: "${OCI_WORKER_SHAPE_OCPUS=1}"
memoryInGBs: "${OCI_WORKER_SHAPE_MEMORY_IN_GBS=16}"
metadata:
ssh_authorized_keys: "${OCI_SSH_KEY}"
isPvEncryptionInTransitEnabled: ${OCI_PV_TRANSIT_ENCRYPTION=true}
isPvEncryptionInTransitEnabled: ${OCI_NODE_PV_TRANSIT_ENCRYPTION=true}
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
kind: KubeadmConfigTemplate
Expand Down

0 comments on commit 62174bc

Please sign in to comment.