My Oracle Support Banner

OUD: How to Create Kubernetes Cluster in OCI with an OUD Installation (Doc ID 2783935.1)

Last updated on JUNE 28, 2021

Applies to:

Oracle Unified Directory - Version 12.2.1.4.0 and later
Information in this document applies to any platform.

Goal

 Create a Kubernetes Cluster with 12.2.1.4.x OUD in OCI Using the Quick Cluster option

References: 
Creating a Kubernetes Cluster
Using the Console to create a Cluster with Default Settings in the 'Quick Create' workflow

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
 Log into Oracle Cloud Console
 Check Resource Limits, Quotas and Usage for a Specific Region
 Check Group Membership and Group Policies
 Create Compartment (optional, but recommended)
 Create the Kubernetes Cluster
 Viewing the Kubernetes Cluster Configuration After Cluster Creation
 Accessing the Cluster Using Cloud Shell and Local Access
 Cloud Shell Access (for a K8S Cluster configured with a Public Endpoint)
 Verify Kubernetes Cluster with a Public Endpoint Configuration
 To ssh to the worker nodes (in the Public Subnet) from Cloud Shell
 Local Access
 Error "NotAuthenticated...401" After Running 'oci ce cluster create-kubeconfig ...' Command in a Local Terminal
 To scp to the worker nodes (in the Public Subnet) from a local terminal
 To ssh to the worker nodes (in the Public Subnet) from a local terminal
 Create the Bastion Host (for Configurations with Worker Nodes and/or Kubernetes API Endpoint in a Private Subnet)
 A - Create Bastion Security Lists
 B - Create Bastion Route Table
 C - Create the Bastion Subnet
 D - Configure Node Subnet with Bastion Private Security List
 E - Install / Configure - OCI Compute Instance Bastion Host
 Bastion Host Test - Examples with and without VPN
 Configure the Bastion Host to Proxy Jump to the Nodes in a Private Subnet
 Examples using Proxy Jump against the Bastion Host to Connect to the Worker Nodes
 -- ssh Example -
 -- rsync Example - for the OUD Patch --
 - When the Private Endpoint is Configured - Installing kubectl, oci, git, and (optionally) docker (on the Bastion Host)
 -- Installing oci and kubectl to Run the kubectl Command --
 -- (Optional) Installing docker on the Bastion Host to Upload OUD Images to the OCI Repository (OCIR) --
 -- Installing git to Retrieve the OUD Deployment Scripts --
 Clone the FMW Deployment scripts (to the Cloud Shell environment or Bastion Host) using git
 - Test - Add a namespace with an OUD yaml script -
 - Test - Add secrets with an OUD yaml script -
 Configuring / Using the Persistent Volume Claim - OCI File System (Shared Storage Among Worker Nodes)
 - Create a Shared File System in OCI
 - Configure the Shared File System (on each worker node)
 - Reconfigure the Mount Target Disk Space and Available Inodes
 - Create the Persistent Volume & Persistent Volume Claim
 Using the OCI Repository (OCIR) to Create Pods
 Test pushing the OUD docker image from a node into the new OCI Repository
 Test Creating OUD Pod with Image in the OCI Repository using Shared File Storage on Nodes
 Example Using curl against the pod created with the image in the OCI Repository - Worker Nodes in Public Subnet
 Ingress Security Rules - Public Subnet
 Example - curl using Cloud Shell
 Example - curl Using the Local Terminal (with & without VPN)
 Configuring / Using the Persistent Volume Claim - OCI Block Storage
 Create the yaml file with the Persistent Volume Claim configuration
 Viewing the new PVC Block Volume in the Oracle Cloud Console
 Return the patches for OUD using 'opatch' with kubectl
 Using the Kubernetes Dashboard
 Upgrading the Kubernetes Version in OCI

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.