feat: Added support for running kube-proxy in IPVS mode (#625)

Signed-off-by: Ali Mukadam <[email protected]>

Author: hyder

main.tf

@@ -264,6 +264,7 @@ module "oke" {
   admission_controller_options                            = var.admission_controller_options
 
   # oke node pool parameters
+  kubeproxy_mode                  = var.kubeproxy_mode
   max_pods_per_node               = var.max_pods_per_node
   node_pools                      = var.node_pools
   node_pool_name_prefix           = var.node_pool_name_prefix

modules/oke/nodepools.tf

@@ -23,7 +23,7 @@ resource "oci_containerengine_node_pool" "nodepools" {
     ## If placement_ads are specified, use them.
     ## Else, iterate over all ADs.
     ## If a single AD region is used, pick the only AD returned from the data source.
-    
+
     dynamic "placement_configs" {
       iterator = ad_iterator
       for_each = [for n in lookup(each.value, "placement_ads", local.ad_numbers) :
@@ -75,7 +75,8 @@ resource "oci_containerengine_node_pool" "nodepools" {
 
   # cloud-init
   node_metadata = {
-    user_data = var.cloudinit_nodepool_common == "" && lookup(var.cloudinit_nodepool, each.key, null) == null ? data.cloudinit_config.worker.rendered : lookup(var.cloudinit_nodepool, each.key, null) != null ? filebase64(lookup(var.cloudinit_nodepool, each.key, null)) : filebase64(var.cloudinit_nodepool_common)
+    oke-kubeproxy-proxy-mode = var.kubeproxy_mode
+    user_data                = var.cloudinit_nodepool_common == "" && lookup(var.cloudinit_nodepool, each.key, null) == null ? data.cloudinit_config.worker.rendered : lookup(var.cloudinit_nodepool, each.key, null) != null ? filebase64(lookup(var.cloudinit_nodepool, each.key, null)) : filebase64(var.cloudinit_nodepool_common)
   }
 
   # optimized OKE images
@@ -120,10 +121,10 @@ resource "oci_containerengine_node_pool" "nodepools" {
   lifecycle {
     ignore_changes = [
       kubernetes_version,
-      defined_tags, # automatic tagging after apply
-      node_metadata, # templated cloud-init
+      defined_tags,                             # automatic tagging after apply
+      node_metadata,                            # templated cloud-init
       node_config_details[0].placement_configs, # dynamic placement configs
-      node_source_details # dynamic image lookup
+      node_source_details                       # dynamic image lookup
     ]
   }
 

modules/oke/variables.tf

@@ -85,6 +85,8 @@ variable "admission_controller_options" {
   type = map(any)
 }
 
+variable "kubeproxy_mode" {}
+
 variable "max_pods_per_node" {
   type        = number
 }

terraform.tfvars.example

@@ -189,6 +189,7 @@ image_signing_keys = []
 # node pools
 check_node_active               = "all"
 enable_pv_encryption_in_transit = false
+kubeproxy_mode = "iptables"
 node_pools = {
   # Basic node pool
   #np1 = {

variables.tf

@@ -683,6 +683,16 @@ variable "cloudinit_nodepool_common" {
   default     = ""
 }
 
+variable "kubeproxy_mode" {
+  default     = "iptables"
+  description = "The mode in which to run kube-proxy."
+  type        = string
+
+  validation {
+    condition     = contains(["iptables", "ipvs"], var.kubeproxy_mode)
+    error_message = "Accepted values are iptables or ipvs."
+  }
+}
 variable "node_pools" {
   default = {}
   description = "Tuple of node pools. Each key maps to a node pool. Each value is a tuple of shape (string),ocpus(number) , node_pool_size(number) and boot_volume_size(number)"