Skip to content

Commit 674d84b

Browse files
joekrjoekr
authored
feat: update templates to specify control and worker shapes separately (#19)
While the users can specify the shapes independently we wanted our defined templates to support this as well. It should make it easier for our users to quickly define different shapes independent of each other.
1 parent 56f54e0 commit 674d84b

File tree

14 files changed

+101
-105
lines changed

14 files changed

+101
-105
lines changed

docs/src/gs/create-workload-cluster.md

Lines changed: 45 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -2,66 +2,80 @@
22

33
## Workload Cluster Templates
44

5-
Choose one of the available templates for to create your workload clusters from the [latest released artifacts][latest-release]. Each workload cluster template can be further configured with the parameters below.
5+
Choose one of the available templates for to create your workload clusters from the
6+
[latest released artifacts][latest-release]. Each workload cluster template can be
7+
further configured with the parameters below.
68

79
## Workload Cluster Parameters
810

9-
The following Oracle Cloud Infrastructure (OCI) configuration parameters are available when creating a workload cluster on OCI:
11+
The following Oracle Cloud Infrastructure (OCI) configuration parameters are available
12+
when creating a workload cluster on OCI using one of our predefined templates:
1013

11-
| Parameter | Default Value | Description |
12-
| ---------------------------- |---------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
13-
| `OCI_COMPARTMENT_ID` | | The OCID of the compartment where the OCI resources are to be created |
14-
| `OCI_IMAGE_ID` | | The OCID of the Compute Image (Oracle Linux or Ubuntu) with which to create the Kubernetes nodes |
15-
| `OCI_SHAPE` | VM.Standard.E4.Flex | The shape of the Kubernetes nodes |
16-
| `OCI_SHAPE_MEMORY_IN_GBS` | | The amount of memory to be allocated to the instances. If not provided it is automatically computed by compute API. |
17-
| `OCI_SHAPE_OCPUS` | 1 | The number of OCPUs allocated to the instance |
18-
| `OCI_SSH_KEY` | | The public SSH key to be added to the Kubernetes nodes. It can be used to login to the node and troubleshoot failures. |
19-
| `OCI_PV_TRANSIT_ENCRYPTION` | true | [In-transit encryption](https://docs.oracle.com/en-us/iaas/Content/File/Tasks/intransitencryption.htm) provides a way to secure your data between instances and mounted file systems using TLS v.1.2 (Transport Layer Security) encryption. Only [some bare metal instances](https://docs.oracle.com/en-us/iaas/releasenotes/changes/60d602f5-abb3-4639-aa19-292a5744a808/) support In-transit encryption |
14+
| Parameter | Default Value | Description |
15+
|-------------------------------------------|---------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
16+
| `OCI_COMPARTMENT_ID` | | The OCID of the compartment in which to create the required compute, storage and network resources. |
17+
| `OCI_IMAGE_ID` | | The OCID of the image for the kubernetes nodes. This same image is used for both the control plane and the worker nodes. |
18+
| `OCI_CONTROL_PLANE_MACHINE_TYPE` | VM.Standard.E4.Flex | The [shape](https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm) of the Kubernetes control plane machine. |
19+
| `OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS` | 1 | The number of OCPUs allocated to the control plane instance. |
20+
| `OCI_NODE_MACHINE_TYPE` | VM.Standard.E4.Flex | The [shape](https://docs.oracle.com/en-us/iaas/Content/Compute/References/computeshapes.htm) of the Kubernetes worker machine. |
21+
| `OCI_NODE_MACHINE_TYPE_OCPUS` | 1 | The number of OCPUs allocated to the worker instance. |
22+
| `OCI_SSH_KEY` | | The public SSH key to be added to the Kubernetes nodes. It can be used to login to the node and troubleshoot failures. |
23+
| `OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION` | true | Enables [in-flight Transport Layer Security (TLS) 1.2 encryption](https://docs.oracle.com/en-us/iaas/Content/File/Tasks/intransitencryption.htm) of data between control plane nodes and their associated block storage devices. |
24+
| `OCI_NODE_PV_TRANSIT_ENCRYPTION` | true | Enables [in-flight Transport Layer Security (TLS) 1.2 encryption](https://docs.oracle.com/en-us/iaas/Content/File/Tasks/intransitencryption.htm) of data between worker nodes and their associated block storage devices. |
25+
26+
*NOTE* Only specific [bare metal shapes](https://docs.oracle.com/en-us/iaas/releasenotes/changes/60d602f5-abb3-4639-aa19-292a5744a808/)
27+
support in-transit encryption. If an unsupported shape is specified, the deployment will fail completely.
28+
29+
*NOTE:* Using the predefined templates the machine's memory size is automatically allocated based on the chosen shape
30+
and OCPU count.
2031

2132
The following Cluster API parameters are also available:
2233

23-
| Parameter | Default Value | Description |
24-
| ---------------------------- | ---------------------- | ----------- |
25-
| `CLUSTER_NAME` | | The name of the workload cluster to create |
26-
| `CONTROL_PLANE_MACHINE_COUNT` | 1 | The number of control plane machines for the workload cluster.|
27-
| `KUBERNETES_VERSION` | | The Kubernetes version to use for the workload cluster. If unspecified, the value from OS environment variables or the .cluster-api/clusterctl.yaml config file will be used. |
28-
| `NAMESPACE` | | The namespace to use for the workload cluster. If unspecified, the current namespace will be used |
29-
| `POD_CIDR` | 1 | The CIDR range for the Kubernetes POD network. |
30-
| `SERVICE_CIDR` | | The CIDR for the Kubernetes services network. |
31-
| `SERVICE_DOMAIN` | | |
32-
| `WORKER_MACHINE_COUNT` | | The number of worker machines for the workload cluster. |
34+
| Parameter | Default Value | Description |
35+
|-------------------------------|----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
36+
| `CLUSTER_NAME` | | The name of the workload cluster to create. |
37+
| `CONTROL_PLANE_MACHINE_COUNT` | 1 | The number of control plane machines for the workload cluster. |
38+
| `KUBERNETES_VERSION` | | The Kubernetes version installed on the workload cluster nodes. If this environement variable is not configured, the version must be specifed in the `.cluster-api/clusterctl.yaml` file |
39+
| `NAMESPACE` | | The namespace for the workload cluster. If not specified, the current namespace is used. |
40+
| `POD_CIDR` | 192.168.0.0/16 | CIDR range of the Kubernetes pod-to-pod network. |
41+
| `SERVICE_CIDR` | 10.128.0.0/12 | CIDR range of the Kubernetes pod-to-services network. |
42+
| `NODE_MACHINE_COUNT` | | The number of worker machines for the workload cluster. |
3343

3444
## Create a new workload cluster on virtual instances using an Ubuntu custom image
3545

36-
Run the command below to create a Kubernetes cluster with 1 control plane node and 1 worker node:
46+
The following command will create a workload cluster comprising a single
47+
control plane node and single worker node using the default values as specified in the preceding
48+
[Workload Cluster Parameters](#workload-cluster-parameters) table:
3749

3850
```bash
3951
OCI_COMPARTMENT_ID=<compartment-id> \
4052
OCI_IMAGE_ID=<ubuntu-custom-image-id> \
41-
OCI_SHAPE=VM.Standard.E4.Flex \
42-
OCI_SHAPE_OCPUS=1 \
43-
OCI_SHAPE_MEMORY_IN_GBS= \
4453
OCI_SSH_KEY=<ssh-key> \
4554
CONTROL_PLANE_MACHINE_COUNT=1 \
4655
KUBERNETES_VERSION=v1.20.10 \
4756
NAMESPACE=default \
48-
WORKER_MACHINE_COUNT=1 \
57+
NODE_MACHINE_COUNT=1 \
4958
clusterctl generate cluster <cluster-name>\
5059
--from cluster-template.yaml | kubectl apply -f -
5160
```
5261

5362
## Create a new workload cluster on bare metal instances using an Ubuntu custom image
5463

55-
Note the addition of `OCI_PV_TRANSIT_ENCRYPTION=false` which is required for most BM shapes.
64+
The following command uses the `OCI_CONTROL_PLANE_MACHINE_TYPE` and `OCI_NODE_MACHINE_TYPE`
65+
parameters to specify bare metal shapes instead of using CAPOCI's default virtual
66+
instance shape. The `OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION` and `OCI_NODE_PV_TRANSIT_ENCRYPTION`
67+
parameters disable encryption of data in flight between the bare metal instance and the block storage resources.
5668

5769
```bash
5870
OCI_COMPARTMENT_ID=<compartment-id> \
5971
OCI_IMAGE_ID=<ubuntu-custom-image-id> \
60-
OCI_SHAPE=BM.Standard2.52 \
61-
OCI_SHAPE_OCPUS=52 \
62-
OCI_SHAPE_MEMORY_IN_GBS= \
6372
OCI_SSH_KEY=<ssh-key> \
64-
OCI_PV_TRANSIT_ENCRYPTION=false \
73+
OCI_CONTROL_PLANE_MACHINE_TYPE=BM.Standard2.52 \
74+
OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS=52 \
75+
OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION=false \
76+
OCI_NODE_MACHINE_TYPE=BM.Standard2.52 \
77+
OCI_NODE_MACHINE_TYPE_OCPUS=52 \
78+
OCI_NODE_PV_TRANSIT_ENCRYPTION=false \
6579
CONTROL_PLANE_MACHINE_COUNT=1 \
6680
KUBERNETES_VERSION=v1.20.10 \
6781
NAMESPACE=default \
@@ -75,9 +89,6 @@ clusterctl generate cluster <cluster-name>\
7589
```bash
7690
OCI_COMPARTMENT_ID=<compartment-id> \
7791
OCI_IMAGE_ID=<oracle-linux-custom-image-id> \
78-
OCI_SHAPE=VM.Standard.E4.Flex \
79-
OCI_SHAPE_OCPUS=1 \
80-
OCI_SHAPE_MEMORY_IN_GBS= \
8192
OCI_SSH_KEY=<ssh-key> \
8293
CONTROL_PLANE_MACHINE_COUNT=1 \
8394
KUBERNETES_VERSION=v1.20.10 \

docs/src/gs/create-workload-templates.md

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -21,9 +21,6 @@ You can then reuse the `ConfigMap` to create your clusters. For example, to crea
2121
```shell
2222
OCI_COMPARTMENT_ID=<compartment-id> \
2323
OCI_IMAGE_ID=<oracle-linux-custom-image-id> \
24-
OCI_SHAPE=VM.Standard.E4.Flex \
25-
OCI_SHAPE_OCPUS=1 \
26-
OCI_SHAPE_MEMORY_IN_GBS= \
2724
OCI_SSH_KEY=<ssh-key> \
2825
CONTROL_PLANE_MACHINE_COUNT=1 \
2926
KUBERNETES_VERSION=v1.20.10 \
@@ -38,9 +35,6 @@ Likewise, to create a workload cluster using Ubuntu:
3835
```shell
3936
OCI_COMPARTMENT_ID=<compartment-id> \
4037
OCI_IMAGE_ID=<ubuntu-custom-image-id> \
41-
OCI_SHAPE=VM.Standard.E4.Flex \
42-
OCI_SHAPE_OCPUS=1 \
43-
OCI_SHAPE_MEMORY_IN_GBS= \
4438
OCI_SSH_KEY=<ssh-key> \
4539
CONTROL_PLANE_MACHINE_COUNT=1 \
4640
KUBERNETES_VERSION=v1.20.10 \

scripts/ci-conformance.sh

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,9 +27,10 @@ export TAG="${defaultTag:-dev}"
2727
export GINKGO_NODES=3
2828

2929
export OCI_SSH_KEY="${OCI_SSH_KEY:-""}"
30-
export OCI_SHAPE="${OCI_SHAPE:-"VM.Standard.E3.Flex"}"
31-
export OCI_SHAPE_OCPUS="${OCI_SHAPE_OCPUS:-"1"}"
32-
export OCI_SHAPE_MEMORY_IN_GBS="${OCI_SHAPE_MEMORY_IN_GBS:-"16"}"
30+
export OCI_CONTROL_PLANE_MACHINE_TYPE="${OCI_CONTROL_PLANE_MACHINE_TYPE:-"VM.Standard.E3.Flex"}"
31+
export OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS="${OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS:-"1"}"
32+
export OCI_NODE_MACHINE_TYPE="${OCI_NODE_MACHINE_TYPE:-"VM.Standard.E3.Flex"}"
33+
export OCI_NODE_MACHINE_TYPE_OCPUS="${OCI_NODE_MACHINE_TYPE_OCPUS:-"1"}"
3334
export KIND_EXPERIMENTAL_DOCKER_NETWORK="bridge"
3435

3536
# Generate SSH key.

scripts/ci-e2e.sh

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,9 +31,10 @@ export TAG="${defaultTag:-dev}"
3131
export GINKGO_NODES=3
3232

3333
export OCI_SSH_KEY="${OCI_SSH_KEY:-""}"
34-
export OCI_SHAPE="${OCI_SHAPE:-"VM.Standard.E3.Flex"}"
35-
export OCI_SHAPE_OCPUS="${OCI_SHAPE_OCPUS:-"1"}"
36-
export OCI_SHAPE_MEMORY_IN_GBS="${OCI_SHAPE_MEMORY_IN_GBS:-"16"}"
34+
export OCI_CONTROL_PLANE_MACHINE_TYPE="${OCI_CONTROL_PLANE_MACHINE_TYPE:-"VM.Standard.E3.Flex"}"
35+
export OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS="${OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS:-"1"}"
36+
export OCI_NODE_MACHINE_TYPE="${OCI_NODE_MACHINE_TYPE:-"VM.Standard.E3.Flex"}"
37+
export OCI_NODE_MACHINE_TYPE_OCPUS="${OCI_NODE_MACHINE_TYPE_OCPUS:-"1"}"
3738
export KIND_EXPERIMENTAL_DOCKER_NETWORK="bridge"
3839

3940
# Generate SSH key.

templates/cluster-template-antrea.yaml

Lines changed: 7 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -294,13 +294,12 @@ spec:
294294
spec:
295295
imageId: "${OCI_IMAGE_ID}"
296296
compartmentId: "${OCI_COMPARTMENT_ID}"
297-
shape: "${OCI_SHAPE}"
297+
shape: "${OCI_CONTROL_PLANE_MACHINE_TYPE=VM.Standard.E4.Flex}"
298298
shapeConfig:
299-
ocpus: "${OCI_SHAPE_OCPUS}"
300-
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
299+
ocpus: "${OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS=1}"
301300
metadata:
302301
ssh_authorized_keys: "${OCI_SSH_KEY}"
303-
isPvEncryptionInTransitEnabled: ${OCI_PV_TRANSIT_ENCRYPTION=true}
302+
isPvEncryptionInTransitEnabled: ${OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION=true}
304303
---
305304
apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
306305
kind: OCIMachineTemplate
@@ -311,13 +310,12 @@ spec:
311310
spec:
312311
imageId: "${OCI_IMAGE_ID}"
313312
compartmentId: "${OCI_COMPARTMENT_ID}"
314-
shape: "${OCI_SHAPE}"
313+
shape: "${OCI_NODE_MACHINE_TYPE=VM.Standard.E4.Flex}"
315314
shapeConfig:
316-
ocpus: "${OCI_SHAPE_OCPUS}"
317-
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
315+
ocpus: "${OCI_NODE_MACHINE_TYPE_OCPUS=1}"
318316
metadata:
319317
ssh_authorized_keys: "${OCI_SSH_KEY}"
320-
isPvEncryptionInTransitEnabled: ${OCI_PV_TRANSIT_ENCRYPTION=true}
318+
isPvEncryptionInTransitEnabled: ${OCI_NODE_PV_TRANSIT_ENCRYPTION=true}
321319
---
322320
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
323321
kind: KubeadmConfigTemplate
@@ -338,7 +336,7 @@ metadata:
338336
name: "${CLUSTER_NAME}-md-0"
339337
spec:
340338
clusterName: "${CLUSTER_NAME}"
341-
replicas: ${WORKER_MACHINE_COUNT}
339+
replicas: ${NODE_MACHINE_COUNT}
342340
selector:
343341
matchLabels:
344342
template:

templates/cluster-template-arm-free-tier.yaml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -102,14 +102,14 @@ spec:
102102
spec:
103103
imageId: "${OCI_IMAGE_ID}"
104104
compartmentId: "${OCI_COMPARTMENT_ID}"
105-
shape: "${OCI_SHAPE}"
105+
shape: "${OCI_CONTROL_PLANE_MACHINE_TYPE=VM.Standard.E4.Flex}"
106106
networkDetails:
107107
assignPublicIp: true
108108
shapeConfig:
109-
ocpus: "${OCI_SHAPE_OCPUS}"
110-
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
109+
ocpus: "${OCI_CONTROL_PLANE_MACHINE_TYPE_OCPUS=1}"
111110
metadata:
112111
ssh_authorized_keys: "${OCI_SSH_KEY}"
112+
IsPvEncryptionInTransitEnabled: ${OCI_CONTROL_PLANE_PV_TRANSIT_ENCRYPTION=true}
113113
---
114114
apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
115115
kind: OCIMachineTemplate
@@ -120,14 +120,14 @@ spec:
120120
spec:
121121
imageId: "${OCI_IMAGE_ID}"
122122
compartmentId: "${OCI_COMPARTMENT_ID}"
123-
shape: "${OCI_SHAPE}"
123+
shape: "${OCI_NODE_MACHINE_TYPE=VM.Standard.E4.Flex}"
124124
networkDetails:
125125
assignPublicIp: true
126126
shapeConfig:
127-
ocpus: "${OCI_SHAPE_OCPUS}"
128-
memoryInGBs: "${OCI_SHAPE_MEMORY_IN_GBS}"
127+
ocpus: "${OCI_NODE_MACHINE_TYPE_OCPUS=1}"
129128
metadata:
130129
ssh_authorized_keys: "${OCI_SSH_KEY}"
130+
IsPvEncryptionInTransitEnabled: ${OCI_NODE_PV_TRANSIT_ENCRYPTION=true}
131131
---
132132
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
133133
kind: KubeadmConfigTemplate
@@ -151,7 +151,7 @@ metadata:
151151
name: "${CLUSTER_NAME}-md-0"
152152
spec:
153153
clusterName: "${CLUSTER_NAME}"
154-
replicas: ${WORKER_MACHINE_COUNT}
154+
replicas: ${NODE_MACHINE_COUNT}
155155
selector:
156156
matchLabels:
157157
template:

0 commit comments

Comments
 (0)