OUD: How to Create a Kubernetes Cluster in OCI with an OUD Installation
(Doc ID 2783935.1)
Last updated on OCTOBER 31, 2024
Applies to:
Oracle Unified Directory - Version 12.2.1.4.0 and laterInformation in this document applies to any platform.
Goal
Create a Kubernetes Cluster with 12.2.1.4.x OUD in OCI Using the Quick Cluster option
References:
Creating a Kubernetes Cluster
Using the Console to create a Cluster with Default Settings in the 'Quick Create' workflow
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| Log into Oracle Cloud Console |
| Check Resource Limits, Quotas and Usage for a Specific Region |
| Check Group Membership and Group Policies |
| Create Compartment (optional, but recommended) |
| Create the Kubernetes Cluster |
| Viewing the Kubernetes Cluster Configuration After Cluster Creation |
| Accessing the Cluster Using Cloud Shell and Local Access |
| Cloud Shell Access (for a K8S Cluster configured with a Public Endpoint) |
| Verify Kubernetes Cluster with a Public Endpoint Configuration |
| To ssh to the worker nodes (in the Public Subnet) from Cloud Shell |
| Local Access |
| Error "NotAuthenticated...401" After Running 'oci ce cluster create-kubeconfig ...' Command in a Local Terminal |
| To scp to the worker nodes (in the Public Subnet) from a local terminal |
| To ssh to the worker nodes (in the Public Subnet) from a local terminal |
| Create the Bastion Host (for Configurations with Worker Nodes and/or Kubernetes API Endpoint in a Private Subnet) |
| A - Create Bastion Security Lists |
| B - Create Bastion Route Table |
| C - Create the Bastion Subnet |
| D - Configure Node Subnet with Bastion Private Security List |
| E - Install / Configure - OCI Compute Instance Bastion Host |
| Bastion Host Test - Examples with and without VPN |
| -- Example - Using Cloud Shell (Public Endpoint configuration only) -- |
| -- Example - Using Local ssh to connect to the bastion host (with VPN, example from Mac) -- |
| Configure the Bastion Host to Proxy Jump to the Nodes in a Private Subnet |
| Examples using Proxy Jump against the Bastion Host to Connect to the Worker Nodes |
| -- ssh Example - |
| -- rsync Example - for the OUD Patch -- |
| -- scp Example - for the OUDSM Patch -- |
| Example Using Proxy Jump When Going through the VPN |
| Installing kubectl, oci, git, and (optionally) docker (on the Bastion Host) When the Private Endpoint is Configured |
| -- Installing oci and kubectl to Run the kubectl Command -- |
| -- (Optional) Installing docker on the Bastion Host to Upload OUD Images to the OCI Repository (OCIR) -- |
| -- Installing git to Retrieve the OUD Deployment Scripts -- |
| Clone the FMW Deployment scripts (to the Cloud Shell environment or Bastion Host) using git |
| - Test - Add a namespace with an OUD yaml script - |
| - Test - Add secrets with an OUD yaml script - |
| Configuring / Using the Persistent Volume Claim - OCI File System (Shared Storage Among Worker Nodes) |
| - Create a Shared File System in OCI |
| - Configure the Shared File System (on each worker node) |
| - Reconfigure the Mount Target Disk Space and Available Inodes |
| - Create the Persistent Volume & Persistent Volume Claim |
| Using the OCI Repository (OCIR) to Create Pods |
| Test pushing the OUD docker image from a node into the new OCI Repository |
| Test Creating OUD Pod with Image in the OCI Repository using Shared File Storage on Nodes |
| Example Using curl against the pod created with the image in the OCI Repository - Worker Nodes in Public Subnet |
| Ingress Security Rules - Public Subnet |
| Example - curl using Cloud Shell |
| Example - curl Using the Local Terminal (with & without VPN) |
| Configuring / Using the Persistent Volume Claim - OCI Block Storage |
| Create the yaml file with the Persistent Volume Claim configuration |
| Viewing the new PVC Block Volume in the Oracle Cloud Console |
| Return the patches for OUD using 'opatch' with kubectl |
| Using the Kubernetes Dashboard |
| Upgrading the Kubernetes Version in OCI |