Optional OKE cluster creation

Author: mloiseleur

Makefile

@@ -1,5 +1,5 @@
 release:
-	@cd proxy; zip -q ../proxy-stack.zip schema.yaml *.tf; cd ..
-	@cd hub; zip -q ../hub-stack.zip schema.yaml *.tf; cd ..
-	@cd hub-apim; zip -q ../hub-apim-stack.zip schema.yaml *.tf; cd ..
+	@bash release.sh proxy
+	@bash release.sh hub
+	@bash release.sh hub-apim
 	@ls -lh *.zip

README.md

@@ -1,6 +1,12 @@
 # oci-traefiklabs-stacks
 
-To launch it locally, you'll need to set those env. variables:
+To launch it locally, you'll need to go back to latest terraform version before license change:
+
+```sh
+sudo apt-get install terraform=1.5.7-1
+```
+
+and set those env. variables:
 
 ```sh
 export TF_VAR_user_ocid=

hub-apim/provider.tf

@@ -20,12 +20,24 @@ provider "oci" {
   region       = var.region
 }
 
+module "oke" {
+  source = "../oke"
+  count  = var.oke_cluster_create ? 1 : 0
+
+  tenancy_ocid     = var.tenancy_ocid
+  region           = var.region
+  oke_display_name = var.oke_cluster_name
+  providers = {
+    oci = oci
+  }
+}
+
 data "oci_containerengine_cluster" "target" {
-  cluster_id = var.oke_cluster_id
+  cluster_id = var.oke_cluster_create ? module.oke[0].cluster_id : var.oke_cluster_id
 }
 
 data "oci_containerengine_cluster_kube_config" "target" {
-  cluster_id = var.oke_cluster_id
+  cluster_id = data.oci_containerengine_cluster.target.id
 }
 
 locals {
@@ -42,8 +54,8 @@ provider "helm" {
     exec = {
       api_version = "client.authentication.k8s.io/v1beta1"
       command     = "docker"
-      # args        = ["run", "--rm", "-it", "-v", "/home/michel/.oci:/oracle/.oci", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
-      args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
+      # args        = ["run", "--rm", "-it", "-v", "/home/michel/.oci:/oracle/.oci", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", data.oci_containerengine_cluster.target.id, "--region", var.region]
+      args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", data.oci_containerengine_cluster.target.id, "--region", var.region]
     }
   }
 }
@@ -56,6 +68,6 @@ provider "kubernetes" {
     api_version = "client.authentication.k8s.io/v1beta1"
     command     = "docker"
     # args        = ["run", "--rm", "-it", "-v", "/home/michel/.oci:/oracle/.oci", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
-    args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
+    args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", data.oci_containerengine_cluster.target.id, "--region", var.region]
   }
 }

hub-apim/schema.yaml

@@ -34,9 +34,21 @@ variableGroups:
 
   - title: "OKE Configuration"
     variables:
-      - oke_cluster_id
+      - oke_cluster_create
       - oke_insecure
 
+  - title: "Create basic OKE"
+    variables:
+      - oke_cluster_name
+    visible: ${oke_cluster_create}
+
+  - title: "Use existing OKE"
+    variables:
+      - oke_cluster_id
+    visible:
+      not:
+        - ${oke_cluster_create}
+
   - title: "Chart Configuration"
     variables:
       - chart_create_namespace
@@ -69,10 +81,22 @@ variables:
 
   oke_cluster_id:
     type: string
-    required: true
     title: OKE Cluster ID
     description: The Oracle Cloud ID of the OKE cluster
 
+  oke_cluster_create:
+    type: boolean
+    title: Create basic OKE Cluster
+    description: 3 nodes (VM.Standard.E3.Flex) / 2 OCPU / 4 GB RAM / latest OKE version
+
+  oke_cluster_name:
+    type: string
+    title: Name of OKE Cluster to create
+    default: traefik-demo
+    minLength: 1
+    maxLength: 25
+    pattern: "^[a-z][a-zA-Z0-9-]+$"
+
   oke_insecure:
     type: boolean
     title: Allow insecure connection

hub-apim/variables.tf

@@ -1,7 +1,18 @@
 variable "tenancy_ocid" {}
 variable "region" {}
-variable "oke_cluster_id" {}
 
+variable "oke_cluster_id" {
+  type    = string
+  default = ""
+}
+variable "oke_cluster_name" {
+  type    = string
+  default = "traefik-demo"
+}
+variable "oke_cluster_create" {
+  type    = bool
+  default = false
+}
 variable "oke_insecure" {
   type    = bool
   default = false
@@ -10,20 +21,16 @@ variable "oke_insecure" {
 variable "chart_values" {
   type = string
 }
-
 variable "chart_hub_token" {
   type      = string
   sensitive = true
 }
-
 variable "chart_hub_version" {
   type = string
 }
-
 variable "chart_namespace" {
   type = string
 }
-
 variable "chart_create_namespace" {
   type = bool
   default = false

hub/provider.tf

@@ -20,12 +20,24 @@ provider "oci" {
   region       = var.region
 }
 
+module "oke" {
+  source = "../oke"
+  count  = var.oke_cluster_create ? 1 : 0
+
+  tenancy_ocid     = var.tenancy_ocid
+  region           = var.region
+  oke_display_name = var.oke_cluster_name
+  providers = {
+    oci = oci
+  }
+}
+
 data "oci_containerengine_cluster" "target" {
-  cluster_id = var.oke_cluster_id
+  cluster_id = var.oke_cluster_create ? module.oke[0].cluster_id : var.oke_cluster_id
 }
 
 data "oci_containerengine_cluster_kube_config" "target" {
-  cluster_id = var.oke_cluster_id
+  cluster_id = data.oci_containerengine_cluster.target.id
 }
 
 locals {
@@ -43,7 +55,7 @@ provider "helm" {
       api_version = "client.authentication.k8s.io/v1beta1"
       command     = "docker"
       # args        = ["run", "--rm", "-it", "-v", "/home/michel/.oci:/oracle/.oci", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
-      args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
+      args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", data.oci_containerengine_cluster.target.id, "--region", var.region]
     }
   }
 }
@@ -55,7 +67,7 @@ provider "kubernetes" {
   exec {
     api_version = "client.authentication.k8s.io/v1beta1"
     command     = "docker"
-    # args        = ["run", "--rm", "-it", "-v", "/home/michel/.oci:/oracle/.oci", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
-    args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", var.oke_cluster_id, "--region", var.region]
+    # args        = ["run", "--rm", "-it", "-v", "/home/michel/.oci:/oracle/.oci", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", data.oci_containerengine_cluster.target.id, "--region", var.region]
+    args = ["run", "--rm", "-t", "-u", "1101:1101", "-v", "/home/orm:/home/orm", "-e", "OCI_CLI_AUTH", "-e", "OCI_CLI_CONFIG_FILE", "-e", "OCI_CLI_CLOUD_SHELL", "-e", "OCI_CLI_USE_INSTANCE_METADATA_SERVICE", "ghcr.io/oracle/oci-cli", "ce", "cluster", "generate-token", "--cluster-id", data.oci_containerengine_cluster.target.id, "--region", var.region]
   }
 }

hub/schema.yaml

@@ -34,9 +34,21 @@ variableGroups:
 
   - title: "OKE Configuration"
     variables:
-      - oke_cluster_id
+      - oke_cluster_create
       - oke_insecure
 
+  - title: "Create basic OKE"
+    variables:
+      - oke_cluster_name
+    visible: ${oke_cluster_create}
+
+  - title: "Use existing OKE"
+    variables:
+      - oke_cluster_id
+    visible:
+      not:
+        - ${oke_cluster_create}
+
   - title: "Chart Configuration"
     variables:
       - chart_create_namespace
@@ -69,10 +81,22 @@ variables:
 
   oke_cluster_id:
     type: string
-    required: true
     title: OKE Cluster ID
     description: The Oracle Cloud ID of the OKE cluster
 
+  oke_cluster_create:
+    type: boolean
+    title: Create basic OKE Cluster
+    description: 3 nodes (VM.Standard.E3.Flex) / 2 OCPU / 4 GB RAM / latest OKE version
+
+  oke_cluster_name:
+    type: string
+    title: Name of OKE Cluster to create
+    default: traefik-demo
+    minLength: 1
+    maxLength: 25
+    pattern: "^[a-z][a-zA-Z0-9-]+$"
+
   oke_insecure:
     type: boolean
     title: Allow insecure connection

hub/variables.tf

@@ -1,7 +1,18 @@
 variable "tenancy_ocid" {}
 variable "region" {}
-variable "oke_cluster_id" {}
 
+variable "oke_cluster_id" {
+  type    = string
+  default = ""
+}
+variable "oke_cluster_name" {
+  type    = string
+  default = "traefik-demo"
+}
+variable "oke_cluster_create" {
+  type    = bool
+  default = false
+}
 variable "oke_insecure" {
   type    = bool
   default = false
@@ -10,7 +21,6 @@ variable "oke_insecure" {
 variable "chart_values" {
   type = string
 }
-
 variable "chart_hub_token" {
   type      = string
   sensitive = true