This allows the user to specify an existing VCN instead of it being created

bashsource.tf

@@ -1,6 +1,6 @@
 resource null_resource "build_source" {
   provisioner "local-exec" {
-    command = "echo \"export KUBECONFIG=${path.module}/generated/kubeconfig\" > source.sh "
+    command = "echo \"export KUBECONFIG=${path.root}/generated/kubeconfig\" > ${var.label_prefix}source.sh"
   }
 }
 
@@ -17,7 +17,7 @@ resource null_resource "etcd-ad1" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}etcdad1-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad1.instance_public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}etcdad1-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad1.instance_public_ips, count.index)}\"' >> source.sh"
   }
 }
 
@@ -34,7 +34,7 @@ resource null_resource "etcd-ad2" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}etcdad2-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad2.instance_public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}etcdad2-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad2.instance_public_ips, count.index)}\"' >> source.sh"
   }
 }
 
@@ -51,7 +51,7 @@ resource null_resource "etcd-ad3" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}etcad3-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad3.instance_public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}etcad3-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-etcd-ad3.instance_public_ips, count.index)}\"' >> source.sh"
   }
 }
 
@@ -71,7 +71,7 @@ resource null_resource "k8smaster-ad1" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}masterad1-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad1.public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}masterad1-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad1.public_ips, count.index)}\"' >> source.sh"
   }
 }
 
@@ -87,7 +87,7 @@ resource null_resource "k8smaster-ad2" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}masterad2-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad2.public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}masterad2-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad2.public_ips, count.index)}\"' >> source.sh"
   }
 }
 
@@ -104,23 +104,23 @@ resource null_resource "k8smaster-ad3" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}masterad3-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad3.public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}masterad3-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8smaster-ad3.public_ips, count.index)}\"' >> source.sh"
   }
 }
 
 resource null_resource "k8sworker-ad1" {
   count = "${var.k8sWorkerAd1Count}"
   depends_on = [
     "module.instances-k8sworker-ad1",
-  ] 
+  ]
 
   triggers {
     worker_id = "${element(module.instances-k8sworker-ad1.ids, count.index)}"
     build_source_id = "${null_resource.build_source.id}"
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}workerad1-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad1.public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}workerad1-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad1.public_ips, count.index)}\"' >> source.sh"
   }
 }
 
@@ -136,7 +136,7 @@ resource null_resource "k8sworker-ad2" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}workerad2-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad2.public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}workerad2-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad2.public_ips, count.index)}\"' >> source.sh"
   }
 }
 
@@ -153,7 +153,7 @@ resource null_resource "k8sworker-ad3" {
   }
 
   provisioner "local-exec" {
-    command = "echo 'alias ${var.label_prefix}workerad3-${count.index}=\"ssh -i ${path.module}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad3.public_ips, count.index)}\"' >> source.sh"
+    command = "echo 'alias ${var.label_prefix}workerad3-${count.index}=\"ssh -i ${path.root}/generated/instances_id_rsa opc@${element(module.instances-k8sworker-ad3.public_ips, count.index)}\"' >> source.sh"
   }
 }
 

docs/input-variables.md

@@ -112,6 +112,7 @@ The following input variables are used to configure the inbound security rules o
 name                                | default                 | description
 ------------------------------------|-------------------------|------------
 network_cidrs                       | See map in variables.tf | A CIDR notation IP range of the VCN and its subnets.
+network_subnet_dns                  | See map in variables.tf | A DNS label for each of the subnet in the VCN (Max 15 characters)
 etcd_cluster_ingress                | 10.0.0.0/16 (VCN only)  | A CIDR notation IP range that is allowed to access the etcd cluster. Must be a subset of the VCN CIDR.
 etcd_ssh_ingress                    | 10.0.0.0/16 (VCN only)  | A CIDR notation IP range that is allowed to SSH to etcd nodes. Must be a subset of the VCN CIDR.
 master_ssh_ingress                  | 10.0.0.0/16 (VCN only)  | A CIDR notation IP range that is allowed to access the master(s). Must be a subset of the VCN CIDR.

k8s-oci.tf

@@ -1,19 +1,4 @@
 
-locals {
-  master_lb_ip      = "${var.master_oci_lb_enabled == "true" ? element(concat(flatten(module.k8smaster-public-lb.ip_addresses), list("")), 0) : "127.0.0.1"}"
-  master_lb_address = "${format("https://%s:%s", local.master_lb_ip, var.master_oci_lb_enabled == "true" ? "443" : "6443")}"
-
-  reverse_proxy_clount_init = "${var.master_oci_lb_enabled == "true" ? "" : module.reverse-proxy.clount_init}"
-  reverse_proxy_setup       = "${var.master_oci_lb_enabled == "true" ? "" : module.reverse-proxy.setup}"
-
-  etcd_endpoints = "${var.etcd_lb_enabled == "true" ?
-    join(",",formatlist("http://%s:2379", module.etcd-lb.ip_addresses)) :
-    join(",",formatlist("http://%s:2379", compact(concat(
-      module.instances-etcd-ad1.private_ips, 
-      module.instances-etcd-ad2.private_ips, 
-      module.instances-etcd-ad3.private_ips)))) }"
-}
-
 ### CA and Cluster Certificates
 
 module "k8s-tls" {
@@ -31,10 +16,29 @@ module "k8s-tls" {
 ### Virtual Cloud Network
 
 module "vcn" {
+  create_vcn                              = "${var.vcn_id == "" ? 1 : 0}"
   source                                  = "./network/vcn"
   compartment_ocid                        = "${var.compartment_ocid}"
   label_prefix                            = "${var.label_prefix}"
+  vcn_dns_name                            = "${var.vcn_dns_name}"
+  vcn_cidr                                = "${var.vcn_cidr}"
+}
+
+
+module "subnets" {
+  source                                  = "./network/subnets"
+  compartment_ocid                        = "${var.compartment_ocid}"
+  label_prefix                            = "${var.label_prefix}"
   tenancy_ocid                            = "${var.tenancy_ocid}"
+
+  # Use a existing VCN and public route table and dhcp options
+  vcn_id                                  = "${var.vcn_id == "" ? join(" ",module.vcn.vcn_id) : var.vcn_id}"
+  dhcp_options_id                         = "${var.vcn_id == "" ? join(" ",module.vcn.dhcp_options_id) : var.dhcp_options_id}"
+  public_routetable_id                    = "${var.vcn_id == "" ? join(" ",module.vcn.public_routetable_id) : var.public_routetable_id}"
+  #vcn_id                                  = "${module.vcn.vcn_id}"
+  #dhcp_options_id                         = "${module.vcn.dhcp_options_id}"
+  #public_routetable_id                    = "${module.vcn.public_routetable_id}"
+
   vcn_dns_name                            = "${var.vcn_dns_name}"
   additional_etcd_security_lists_ids      = "${var.additional_etcd_security_lists_ids}"
   additional_k8smaster_security_lists_ids = "${var.additional_k8s_master_security_lists_ids}"
@@ -61,6 +65,7 @@ module "vcn" {
   master_nodeport_ingress                 = "${var.master_nodeport_ingress}"
   external_icmp_ingress                   = "${var.external_icmp_ingress}"
   internal_icmp_ingress                   = "${var.internal_icmp_ingress}"
+  network_subnet_dns                      = "${var.network_subnet_dns}"
 }
 
 module "oci-cloud-controller" {
@@ -77,14 +82,14 @@ module "oci-cloud-controller" {
   // var.cloud_controller_user_private_key_path has been provided but has an empty password
   cloud_controller_user_private_key_password = "${var.cloud_controller_user_private_key_path == "" ? var.private_key_password : var.cloud_controller_user_private_key_password}"
 
-  subnet1 = "${element(module.vcn.ccmlb_subnet_ad1_id,0)}"
-  subnet2 = "${element(module.vcn.ccmlb_subnet_ad2_id,0)}"
+  subnet1 = "${element(module.subnets.ccmlb_subnet_ad1_id,0)}"
+  subnet2 = "${element(module.subnets.ccmlb_subnet_ad2_id,0)}"
 }
 
 module "oci-flexvolume-driver" {
   source  = "./kubernetes/oci-flexvolume-driver"
   tenancy = "${var.tenancy_ocid}"
-  vcn     = "${module.vcn.id}"
+  vcn     = "${module.subnets.id}"
 
   flexvolume_driver_user_ocid             = "${var.flexvolume_driver_user_ocid == "" ? var.user_ocid : var.flexvolume_driver_user_ocid}"
   flexvolume_driver_user_fingerprint      = "${var.flexvolume_driver_user_fingerprint == "" ? var.fingerprint : var.flexvolume_driver_user_fingerprint}"
@@ -128,7 +133,7 @@ module "instances-etcd-ad1" {
   shape                       = "${var.etcdShape}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
   network_cidrs               = "${var.network_cidrs}"
-  subnet_id                   = "${module.vcn.etcd_subnet_ad1_id}"
+  subnet_id                   = "${module.subnets.etcd_subnet_ad1_id}"
   subnet_name                 = "etcdSubnetAD1"
   tenancy_ocid                = "${var.compartment_ocid}"
   etcd_docker_max_log_size    = "${var.etcd_docker_max_log_size}"
@@ -156,7 +161,7 @@ module "instances-etcd-ad2" {
   shape                       = "${var.etcdShape}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
   network_cidrs               = "${var.network_cidrs}"
-  subnet_id                   = "${module.vcn.etcd_subnet_ad2_id}"
+  subnet_id                   = "${module.subnets.etcd_subnet_ad2_id}"
   subnet_name                 = "etcdSubnetAD2"
   tenancy_ocid                = "${var.compartment_ocid}"
   etcd_docker_max_log_size    = "${var.etcd_docker_max_log_size}"
@@ -186,7 +191,7 @@ module "instances-etcd-ad3" {
   shape                       = "${var.etcdShape}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
   network_cidrs               = "${var.network_cidrs}"
-  subnet_id                   = "${module.vcn.etcd_subnet_ad3_id}"
+  subnet_id                   = "${module.subnets.etcd_subnet_ad3_id}"
   subnet_name                 = "etcdSubnetAD3"
   tenancy_ocid                = "${var.compartment_ocid}"
   etcd_docker_max_log_size    = "${var.etcd_docker_max_log_size}"
@@ -225,7 +230,7 @@ module "instances-k8smaster-ad1" {
   ssh_private_key             = "${module.k8s-tls.ssh_private_key}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
   network_cidrs               = "${var.network_cidrs}"
-  subnet_id                   = "${module.vcn.k8smaster_subnet_ad1_id}"
+  subnet_id                   = "${module.subnets.k8smaster_subnet_ad1_id}"
   subnet_name                 = "masterSubnetAD1"
   tenancy_ocid                = "${var.compartment_ocid}"
   cloud_controller_version    = "${var.cloud_controller_version}"
@@ -267,7 +272,7 @@ module "instances-k8smaster-ad2" {
   ssh_private_key             = "${module.k8s-tls.ssh_private_key}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
   network_cidrs               = "${var.network_cidrs}"
-  subnet_id                   = "${module.vcn.k8smaster_subnet_ad2_id}"
+  subnet_id                   = "${module.subnets.k8smaster_subnet_ad2_id}"
   subnet_name                 = "masterSubnetAD2"
   tenancy_ocid                = "${var.compartment_ocid}"
   cloud_controller_version    = "${var.cloud_controller_version}"
@@ -309,7 +314,7 @@ module "instances-k8smaster-ad3" {
   ssh_private_key             = "${module.k8s-tls.ssh_private_key}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
   network_cidrs               = "${var.network_cidrs}"
-  subnet_id                   = "${module.vcn.k8smaster_subnet_ad3_id}"
+  subnet_id                   = "${module.subnets.k8smaster_subnet_ad3_id}"
   subnet_name                 = "masterSubnetAD3"
   tenancy_ocid                = "${var.compartment_ocid}"
   cloud_controller_version    = "${var.cloud_controller_version}"
@@ -350,7 +355,7 @@ module "instances-k8sworker-ad1" {
   shape                       = "${var.k8sWorkerShape}"
   ssh_private_key             = "${module.k8s-tls.ssh_private_key}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
-  subnet_id                   = "${module.vcn.k8worker_subnet_ad1_id}"
+  subnet_id                   = "${module.subnets.k8worker_subnet_ad1_id}"
   tenancy_ocid                = "${var.compartment_ocid}"
   flexvolume_driver_version   = "${var.flexvolume_driver_version}"
   etcd_endpoints              = "${local.etcd_endpoints}"
@@ -387,7 +392,7 @@ module "instances-k8sworker-ad2" {
   shape                       = "${var.k8sWorkerShape}"
   ssh_private_key             = "${module.k8s-tls.ssh_private_key}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
-  subnet_id                   = "${module.vcn.k8worker_subnet_ad2_id}"
+  subnet_id                   = "${module.subnets.k8worker_subnet_ad2_id}"
   tenancy_ocid                = "${var.compartment_ocid}"
   flexvolume_driver_version   = "${var.flexvolume_driver_version}"
   etcd_endpoints              = "${local.etcd_endpoints}"
@@ -424,7 +429,7 @@ module "instances-k8sworker-ad3" {
   shape                       = "${var.k8sWorkerShape}"
   ssh_private_key             = "${module.k8s-tls.ssh_private_key}"
   ssh_public_key_openssh      = "${module.k8s-tls.ssh_public_key_openssh}"
-  subnet_id                   = "${module.vcn.k8worker_subnet_ad3_id}"
+  subnet_id                   = "${module.subnets.k8worker_subnet_ad3_id}"
   tenancy_ocid                = "${var.compartment_ocid}"
   flexvolume_driver_version   = "${var.flexvolume_driver_version}"
   etcd_endpoints              = "${local.etcd_endpoints}"
@@ -442,8 +447,8 @@ module "etcd-lb" {
   is_private       = "${var.etcd_lb_access == "private" ? "true": "false"}"
 
   # Handle case where var.etcd_lb_access=public, but var.control_plane_subnet_access=private
-  etcd_subnet_0_id     = "${var.etcd_lb_access == "private" ? module.vcn.etcd_subnet_ad1_id: coalesce(join(" ", module.vcn.public_subnet_ad1_id), join(" ", list(module.vcn.etcd_subnet_ad1_id)))}"
-  etcd_subnet_1_id     = "${var.etcd_lb_access == "private" ? "": coalesce(join(" ", module.vcn.public_subnet_ad2_id), join(" ", list(module.vcn.etcd_subnet_ad2_id)))}"
+  etcd_subnet_0_id     = "${var.etcd_lb_access == "private" ? module.subnets.etcd_subnet_ad1_id: coalesce(join(" ", module.subnets.public_subnet_ad1_id), join(" ", list(module.subnets.etcd_subnet_ad1_id)))}"
+  etcd_subnet_1_id     = "${var.etcd_lb_access == "private" ? "": coalesce(join(" ", module.subnets.public_subnet_ad2_id), join(" ", list(module.subnets.etcd_subnet_ad2_id)))}"
   etcd_ad1_private_ips = "${module.instances-etcd-ad1.private_ips}"
   etcd_ad2_private_ips = "${module.instances-etcd-ad2.private_ips}"
   etcd_ad3_private_ips = "${module.instances-etcd-ad3.private_ips}"
@@ -461,8 +466,8 @@ module "k8smaster-public-lb" {
   is_private            = "${var.k8s_master_lb_access == "private" ? "true": "false"}"
 
   # Handle case where var.k8s_master_lb_access=public, but var.control_plane_subnet_access=private
-  k8smaster_subnet_0_id     = "${var.k8s_master_lb_access == "private" ? module.vcn.k8smaster_subnet_ad1_id: coalesce(join(" ", module.vcn.public_subnet_ad1_id), join(" ", list(module.vcn.k8smaster_subnet_ad1_id)))}"
-  k8smaster_subnet_1_id     = "${var.k8s_master_lb_access == "private" ? "": coalesce(join(" ", module.vcn.public_subnet_ad2_id), join(" ", list(module.vcn.k8smaster_subnet_ad2_id)))}"
+  k8smaster_subnet_0_id     = "${var.k8s_master_lb_access == "private" ? module.subnets.k8smaster_subnet_ad1_id: coalesce(join(" ", module.subnets.public_subnet_ad1_id), join(" ", list(module.subnets.k8smaster_subnet_ad1_id)))}"
+  k8smaster_subnet_1_id     = "${var.k8s_master_lb_access == "private" ? "": coalesce(join(" ", module.subnets.public_subnet_ad2_id), join(" ", list(module.subnets.k8smaster_subnet_ad2_id)))}"
   k8smaster_ad1_private_ips = "${module.instances-k8smaster-ad1.private_ips}"
   k8smaster_ad2_private_ips = "${module.instances-k8smaster-ad2.private_ips}"
   k8smaster_ad3_private_ips = "${module.instances-k8smaster-ad3.private_ips}"
@@ -484,3 +489,20 @@ module "kubeconfig" {
   api_server_cert_pem        = "${module.k8s-tls.api_server_cert_pem}"
   k8s_master                 = "${var.master_oci_lb_enabled == "true" ? local.master_lb_address : format("https://%s:%s", element(coalescelist(module.instances-k8smaster-ad1.public_ips, module.instances-k8smaster-ad2.public_ips, module.instances-k8smaster-ad3.public_ips), 0), "443")}"
 }
+
+
+
+locals {
+  master_lb_ip      = "${var.master_oci_lb_enabled == "true" ? element(concat(flatten(module.k8smaster-public-lb.ip_addresses), list("")), 0) : "127.0.0.1"}"
+  master_lb_address = "${format("https://%s:%s", local.master_lb_ip, var.master_oci_lb_enabled == "true" ? "443" : "6443")}"
+
+  reverse_proxy_clount_init = "${var.master_oci_lb_enabled == "true" ? "" : module.reverse-proxy.clount_init}"
+  reverse_proxy_setup       = "${var.master_oci_lb_enabled == "true" ? "" : module.reverse-proxy.setup}"
+
+  etcd_endpoints = "${var.etcd_lb_enabled == "true" ?
+    join(",",formatlist("http://%s:2379", module.etcd-lb.ip_addresses)) :
+    join(",",formatlist("http://%s:2379", compact(concat(
+      module.instances-etcd-ad1.private_ips, 
+      module.instances-etcd-ad2.private_ips, 
+      module.instances-etcd-ad3.private_ips)))) }"
+}

network/vcn/outputs.tf → network/subnets/outputs.tf

@@ -1,5 +1,5 @@
 output "id" {
-  value = "${oci_core_virtual_network.CompleteVCN.id}"
+  value = "${var.vcn_id}"
 }
 
 output "etcd_subnet_ad1_id" {
@@ -104,10 +104,3 @@ output "control_plane_subnet_access" {
   value = "${var.control_plane_subnet_access}"
 }
 
-output "route_for_complete_id" {
-  value = "${oci_core_route_table.PublicRouteTable.id}"
-}
-
-output "dhcp_options_id" {
-  value = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
-}