Skip to content

Commit

Permalink
Merge pull request #1 from oracle-quickstart/bugfix/lb-sec-lists
Browse files Browse the repository at this point in the history 
fix issue on lb sec-lists
  • Loading branch information
@streamnsight
streamnsight authored Mar 9, 2023
2 parents 7947ece + 7f256f2 commit b622110
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 11 deletions.
17 changes: 8 additions & 9 deletions network.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,7 @@
locals {
subnet_cidrs = cidrsubnets(var.vcn_cidr, 12, 8, 4, 4, 4) # API + 1 LB + 3 node pools
api_subnet_cidr = element(local.subnet_cidrs, 0)
public_lb_subnet_cidr = element(local.subnet_cidrs, 1)
lb_subnets_cidrs = element(local.subnet_cidrs, 2) # [for k, v in zipmap(slice(local.subnet_cidrs, 1, 3), [var.allow_deploy_public_lb, var.allow_deploy_private_lb]) : k if v]
lb_subnet_cidr = element(local.subnet_cidrs, 1)
node_pool_subnets_cidrs = slice(local.subnet_cidrs, 2, 5)
ADs = data.oci_identity_availability_domains.ADs.availability_domains.*.name
}
Expand Down Expand Up @@ -337,7 +336,7 @@ resource "oci_core_security_list" "oke_nodepool_lb_comm_sec_list" {
description = "TCP to LBs"
protocol = "6"
destination_type = "CIDR_BLOCK"
destination = local.lb_subnets_cidrs
destination = local.lb_subnet_cidr
stateless = false
# }
}
Expand All @@ -348,7 +347,7 @@ resource "oci_core_security_list" "oke_nodepool_lb_comm_sec_list" {
# content {
description = "TCP from LBs"
protocol = "6"
source = local.lb_subnets_cidrs
source = local.lb_subnet_cidr
stateless = false
# }
}
Expand All @@ -371,18 +370,18 @@ resource "oci_core_subnet" "oke_api_endpoint_subnet" {
defined_tags = var.vcn_tags
}

resource "oci_core_subnet" "oke_public_lb_subnet" {
count = (var.use_existing_vcn && !var.allow_deploy_public_lb) ? 0 : 1
cidr_block = local.public_lb_subnet_cidr
resource "oci_core_subnet" "oke_lb_subnet" {
count = (var.use_existing_vcn) ? 0 : 1
cidr_block = local.lb_subnet_cidr
compartment_id = var.vcn_compartment_id
availability_domain = null
vcn_id = oci_core_vcn.oke_vcn[0].id
dns_label = "lb"
display_name = "Services Public LBs Subnet"
display_name = "Services LBs Subnet"

security_list_ids = [oci_core_vcn.oke_vcn[0].default_security_list_id]
route_table_id = oci_core_route_table.oke_rt_via_igw[0].id
prohibit_public_ip_on_vnic = false
prohibit_public_ip_on_vnic = !var.allow_deploy_public_lb
defined_tags = var.vcn_tags
}

Expand Down
2 changes: 1 addition & 1 deletion oke_cluster.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ resource "oci_containerengine_cluster" "oci_oke_cluster" {

options {
# service_lb_subnet_ids = var.use_existing_vcn ? [for k, v in zipmap([var.public_lb_subnet, var.private_lb_subnet], [var.allow_deploy_public_lb, var.allow_deploy_private_lb]) : k if v] : [for k, v in zipmap([oci_core_subnet.oke_public_lb_subnet[0].id, oci_core_subnet.oke_private_lb_subnet[0].id], [var.allow_deploy_public_lb, var.allow_deploy_private_lb]) : k if v]
service_lb_subnet_ids = var.allow_deploy_public_lb ? (var.use_existing_vcn ? [var.public_lb_subnet] : [oci_core_subnet.oke_public_lb_subnet[0].id]) : []
service_lb_subnet_ids = var.use_existing_vcn ? [var.public_lb_subnet] : [oci_core_subnet.oke_lb_subnet[0].id]

add_ons {
is_kubernetes_dashboard_enabled = var.cluster_options_add_ons_is_kubernetes_dashboard_enabled
Expand Down
2 changes: 1 addition & 1 deletion oke_node_pools.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ resource "oci_containerengine_node_pool" "oci_oke_node_pool" {
cluster_id = oci_containerengine_cluster.oci_oke_cluster.id
compartment_id = var.cluster_compartment_id
kubernetes_version = var.kubernetes_version != "" ? var.kubernetes_version : reverse(data.oci_containerengine_cluster_option.cluster_options.kubernetes_versions)[0]
name = "${local.node_pools[count.index]["node_shape"]} Node Pool"
name = "${local.node_pools[count.index]["node_shape"]}_Node_Pool"
node_shape = local.node_pools[count.index]["node_shape"]

# initial_node_labels {
Expand Down

0 comments on commit b622110

Please sign in to comment.