Comments (4)
Alternatively, instead of allowing the user to override a single vcn_cidr variable and leaving it to Terraform to make sense of, we could define a combined map variable that contains the default values for all the CIDRs in the network - the VCN and all the subnets.
This would give the user complete control over the address space in the VCN, while still providing a sensible default e.g. :
variable "network_cidrs" {
type = "map"
default = {
VCN-CIDR = "10.0.0.0/16"
etcdSubnetAD1 = "10.0.20.0/24"
etcdSubnetAD2 = "10.0.21.0/24"
etcdSubnetAD3 = "10.0.21.0/24"
masterSubnetAD1 = "10.0.30.0/24"
masterSubnetAD2 = "10.0.31.0/24"
masterSubnetAD3 = "10.0.32.0/24"
workerSubnetAD1 = "10.0.40.0/24"
workerSubnetAD2 = "10.0.41.0/24"
workerSubnetAD3 = "10.0.42.0/24"
...
}
from terraform-kubernetes-installer.
This is probably trickier to implement than one might think at first blush since each subnet has its own CIDR block, which needs to be a subset of the VCN CIDR.
If we allow for arbitrary VCN CIDRs, each subnet will go from a known CIDR to having to dynamically calculate it by divide up the VCN's address range.
Not impossible, though ;)
from terraform-kubernetes-installer.
from terraform-kubernetes-installer.
FYI, this is would be the new default map:
variable "network_cidrs" {
type = "map"
default = {
VCN-CIDR = "10.0.0.0/16"
PublicSubnetAD1 = "10.0.10.0/24"
PublicSubnetAD2 = "10.0.11.0/24"
PublicSubnetAD3 = "10.0.12.0/24"
etcdSubnetAD1 = "10.0.20.0/24"
etcdSubnetAD2 = "10.0.21.0/24"
etcdSubnetAD3 = "10.0.22.0/24"
masterSubnetAD1 = "10.0.30.0/24"
masterSubnetAD2 = "10.0.31.0/24"
masterSubnetAD3 = "10.0.32.0/24"
workerSubnetAD1 = "10.0.40.0/24"
workerSubnetAD2 = "10.0.41.0/24"
workerSubnetAD3 = "10.0.42.0/24"
k8sCCMLBSubnetAD1 = "10.0.50.0/24"
k8sCCMLBSubnetAD2 = "10.0.51.0/24"
k8sCCMLBSubnetAD3 = "10.0.52.0/24"
}
}
The trick is that the address ranges (CIDRs) in the security lists, which are also defined in input variables, also need to mach this.
For example, if a user overrode network_cidrs
to something like:
variable "network_cidrs" {
type = "map"
default = {
VCN-CIDR = "192.168.0.0/16"
PublicSubnetAD1 = "192.168.10.0/24"
PublicSubnetAD2 = "192.168.11.0/24"
PublicSubnetAD3 = "192.168.12.0/24"
etcdSubnetAD1 = "192.168.20.0/24"
etcdSubnetAD2 = "192.168.21.0/24"
etcdSubnetAD3 = "192.168.22.0/24"
masterSubnetAD1 = "192.168.30.0/24"
masterSubnetAD2 = "192.168.31.0/24"
masterSubnetAD3 = "192.168.32.0/24"
workerSubnetAD1 = "192.168.40.0/24"
workerSubnetAD2 = "192.168.41.0/24"
workerSubnetAD3 = "192.168.42.0/24"
k8sCCMLBSubnetAD1 = "192.168.50.0/24"
k8sCCMLBSubnetAD2 = "192.168.51.0/24"
k8sCCMLBSubnetAD3 = "192.168.52.0/24"
}
}
Then, defaults like the following would become a problem unless the user was careful to override them e.g.
etcd_cluster_ingress = 10.0.0.0/16
worker_ssh_ingress = 10.0.0.0/16
from terraform-kubernetes-installer.
Related Issues (20)
- Allow creation of clusters with existing subnets, routes and security lists. HOT 1
- Enable (and configure) advanced auditing by default
- Question about updating existing cluster vs creating new one in new vcn HOT 8
- CI tests are failing with index out of range error when tests set master_oci_lb_enabled=false
- load balancers go into critical state when the instances are rebooted
- oci_core_images OCID lookup failing HOT 4
- Metadata size limit of 32000 bytes being hit. HOT 5
- Update the CCM version to latest
- pod cluster network does not work when number of worker nodes > 1
- Naming consistency. Map references to BMCS to OCI
- Document current limitations of the OCI Terraform installer
- module.instances-etcd-ad2.data.template_file.etcd-bootstrap: 1 error
- Kubernetes nodes(master and worker) NotReady HOT 2
- k8s worker freeze when launching several pods
- oci_load_balancer_listener reports invalid parameter HOT 3
- Error using master branch and oci provider 3.5 HOT 2
- Cluster does not provision successfully on Oracle-Linux-7.5-2018.10.16-0 HOT 5
- Error in creating vm
- centos HOT 1
- Deprecation warnings and fixes
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-kubernetes-installer.