feat: added support for using public endpoints in kubeconfig

Signed-off-by: Ali Mukadam <ali.mukadam@oracle.com>

Author: hyder

docs/src/multi/pub-ep.md

@@ -191,19 +191,6 @@ terraform apply
 The operator host is created in the admin region only.
 ```
 
-## Configure connectivity with Remote Peering Connection
-
-1. In OCI console, select your admin region and navigate to Networking > Dynamic Routing Gateway. Click on the admin drg.
-2. Under Resources, click on Remote Peering Connections Attachments.
-3. Under Remote Peering Connections, click on the Remote Peering Connection.
-4. Copy the RPC OCID (in the right column). Do not mistake the RPC OCID for the DRG OCID which is also shown on the left.
-5. If your managed cluster is in another region, select the managed cluster's region. This will change the OCI Console page to Networking > Dynamic Routing Gateway.
-6. Repeat steps 2-3. 
-7. Click on "Establish Connection".
-8. Select the region of the Admin cluster.
-9. Paste the RPC OCID you copied from Step 4 and click on "Establish Connection".
-10. Wait for the Remote Peering to be established.
-
 ## Setting up kubeconfig
 
 You will now generate the installation script.

main.tf

@@ -79,6 +79,8 @@ module "verrazzano" {
 
   ssh_private_key_path = var.ssh_private_key_path
 
+  oke_control_plane = var.oke_control_plane
+
   verrazzano_version = var.verrazzano_version
 
   install_verrazzano = var.install_verrazzano

modules/verrazzano/contexts.tf

@@ -2,8 +2,8 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
 resource "null_resource" "set_contexts" {
-  for_each = local.all_clusters
-
+  # for_each = local.all_clusters
+  for_each = local.managed_clusters
   connection {
     host        = var.operator_ip
     private_key = file(var.ssh_private_key_path)

modules/verrazzano/scripts/generate_kubeconfig.template.sh

@@ -2,4 +2,4 @@
 # Copyright (c) 2023 Oracle Corporation and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
-oci ce cluster create-kubeconfig --cluster-id ${cluster-id} --file $HOME/.kube/config  --region ${region} --token-version 2.0.0 --kube-endpoint PRIVATE_ENDPOINT
+oci ce cluster create-kubeconfig --cluster-id ${cluster-id} --file $HOME/.kube/config  --region ${region} --token-version 2.0.0 --kube-endpoint ${endpoint}

modules/verrazzano/templates.tf

@@ -8,9 +8,10 @@ locals {
     c => templatefile("${path.module}/scripts/generate_kubeconfig.template.sh",
       {
         cluster-id = lookup(var.cluster_ids, c)
+        endpoint   = var.oke_control_plane == "public" ? "PUBLIC_ENDPOINT" : "PRIVATE_ENDPOINT"
         region     = c == "admin" ? local.admin_region : lookup(local.regions, c)
-      }
-    )
+      } 
+    ) if (c != "admin")
   }
 
   set_credentials_templates = {
@@ -21,7 +22,7 @@ locals {
         cluster-id-11 = substr(lookup(var.cluster_ids, c), (length(lookup(var.cluster_ids, c)) - 11), length(lookup(var.cluster_ids, c)))
         region        = c == "admin" ? local.admin_region : lookup(local.regions, c)
       }
-    )
+    ) if (c != "admin")
   }
 
   set_alias_templates = {
@@ -31,7 +32,7 @@ locals {
         cluster       = c
         cluster-id-11 = substr(lookup(var.cluster_ids, c), (length(lookup(var.cluster_ids, c)) - 11), length(lookup(var.cluster_ids, c)))
       }
-    )
+    ) if (c != "admin")
   }
 
   setup_vz_env_template = templatefile("${path.module}/scripts/setup_vz_env.template.sh", {})

modules/verrazzano/variables.tf

@@ -12,6 +12,10 @@ variable "ssh_private_key_path" {
   type = string
 }
 
+variable "oke_control_plane" {
+  type        = string
+}
+
 variable "install_verrazzano" {
   type = bool
 }