feat: added support for configuring the cni of admin and managed clusters (#23)

Users can now choose between flannel and NPN for their clusters

Signed-off-by: Ali Mukadam <ali.mukadam@oracle.com>

Author: hyder

admin.tf

@@ -64,6 +64,7 @@ module "admin" {
 
   # oke cluster options
   cluster_name                = lookup(var.admin_region, "admin_name")
+  cni_type                    = var.preferred_cni
   control_plane_type          = var.oke_control_plane
   control_plane_allowed_cidrs = ["0.0.0.0/0"]
   kubernetes_version          = var.kubernetes_version
@@ -73,7 +74,7 @@ module "admin" {
 
   # node pools
   kubeproxy_mode = "ipvs"
-  node_pools = var.nodepools
+  node_pools     = var.nodepools
 
   cloudinit_nodepool_common = var.cloudinit_nodepool_common
 

docs/src/SUMMARY.md

@@ -14,6 +14,6 @@
   - [With Private Endpoints](./multi/pri-ep.md)
 - [Advanced Customizations](./advanced/advanced.md)
   - [Control plane](./advanced/controlplane.md)
-  - [Data plane]()
+  - [Data plane](./advanced/dataplane.md)
   - [DNS](./advanced/dns.md)
 - [Terraform Options](./terraformoptions.md)

docs/src/advanced/controlplane.md

@@ -8,4 +8,11 @@ On OCI, the Verrazzano Control Plane is front-ended by an OCI Load Balancer and
 2. shape: the load balancer shape can be configured including the bandwidth, security posture
 3. DNS: the domain used to access the control plane services
 
-Depending on the values you choose, your architecture and possibly other requirements, additional configuration may be necessary.
+Depending on the values you choose, your architecture and possibly other requirements, additional configuration may be necessary.
+
+The following parameters configures the Verrazzano control plane:
+
+| Parameter | Description | Default |
+| --------- | ----------- | ------- |
+| verrazzano_control_plane | Determines whether the load balancer used to access the control plane is public or private. | public | 
+| verrazzano_load_balancer | Determines the shape of the load balancer | <pre>verrazzano_load_balancer = {<br>  shape    = "10Mbps"<br>  flex_min = "50"<br>  flex_max = "100" <br>}</pre>|

docs/src/advanced/dataplane.md

@@ -0,0 +1,21 @@
+# Data plane
+
+The data plane is where the workload are run. This is usually done as part of the service mesh (Istio). 
+
+Istio usually has an ingress gateway that allows incoming traffic into the mesh.
+
+On OCI, the service mesh is front-ended by an OCI Load Balancer and Istio's ingress gateway.
+the ingress gateway is front-ended by an OCI Load Balancer. As such a number of configuration options are possible depending on the use case:
+
+1. access: the control plane can be made public or private. By default, it is public.
+2. shape: the load balancer shape can be configured including the bandwidth, security posture
+3. DNS: the domain used to access the control plane services
+
+Depending on the values you choose, your architecture and possibly other requirements, additional configuration may be necessary.
+
+The following parameters configures the Verrazzano control plane:
+
+| Parameter | Description | Default |
+| --------- | ----------- | ------- |
+| verrazzano_data_plane | Determines whether the load balancer used to access the control plane is public or private. | public | 
+| verrazzano_load_balancer | Determines the shape of the load balancer | <pre>verrazzano_load_balancer = {<br>  shape    = "10Mbps"<br>  flex_min = "50"<br>  flex_max = "100" <br>}</pre>|

modules/clusters/africa.tf

@@ -55,6 +55,7 @@
 #   # oke cluster options
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "johannesburg"
+#   cni_type                    = var.preferred_cni
 #   control_plane_type          = var.oke_control_plane
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version

modules/clusters/australia.tf

@@ -55,6 +55,7 @@ module "melbourne" {
   # oke cluster options
   allow_worker_ssh_access     = false
   cluster_name                = "melbourne"
+  cni_type                    = var.preferred_cni  
   control_plane_type          = var.oke_control_plane
   control_plane_allowed_cidrs = ["0.0.0.0/0"]
   kubernetes_version          = var.kubernetes_version
@@ -142,6 +143,7 @@ module "melbourne" {
 #   # oke cluster options
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "sydney"
+#   cni_type                    = var.preferred_cni
 #   control_plane_type          = var.oke_control_plane
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version

modules/clusters/brazil.tf

@@ -55,6 +55,7 @@
 #   # oke cluster options
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "saupaulo"
+#   cni_type                    = var.preferred_cni
 #   control_plane_type          = var.oke_control_plane
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
@@ -140,6 +141,7 @@
 #   # oke cluster options
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "vinhedo"
+#   cni_type                    = var.preferred_cni
 #   control_plane_type          = var.oke_control_plane
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version

modules/clusters/canada.tf

@@ -55,6 +55,7 @@
 #   # oke cluster options
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "toronto"
+#   cni_type                    = var.preferred_cni
 #   control_plane_type          = var.oke_control_plane
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
@@ -140,6 +141,7 @@
 #   # oke cluster options
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "montreal"
+#   cni_type                    = var.preferred_cni
 #   control_plane_type          = var.oke_control_plane
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version

modules/clusters/europe.tf

@@ -56,6 +56,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "frankfurt"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("frankfurt")), "pods")
@@ -142,6 +143,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "amsterdam"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("amsterdam")), "pods")
@@ -228,6 +230,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "madrid"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("madrid")), "pods")
@@ -313,6 +316,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "milan"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("milan")), "pods")
@@ -398,6 +402,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "stockholm"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("stockholm")), "pods")
@@ -483,6 +488,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "zurich"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("zurich")), "pods")

modules/clusters/france.tf

@@ -56,6 +56,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "paris"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("paris")), "pods")
@@ -141,6 +142,7 @@
 #   allow_worker_ssh_access     = false
 #   cluster_name                = "marseille"
 #   control_plane_type          = var.oke_control_plane
+#   cni_type                           = var.preferred_cni
 #   control_plane_allowed_cidrs = ["0.0.0.0/0"]
 #   kubernetes_version          = var.kubernetes_version
 #   pods_cidr                   = lookup(lookup(var.cidrs, lower("marseille")), "pods")