Giters

oracle-terraform-modules / terraform-oci-oke

The Terraform OKE Module Installer for Oracle Cloud Infrastructure provides a Terraform module that provisions the necessary resources for Oracle Container Engine.

Home Page:https://oracle-terraform-modules.github.io/terraform-oci-oke/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

oci-oke-lb subnet pick-up change

Charbel-Metrot opened this issue · comments

commented

Hello,

We are trying to change the default selected subnet for the load balancer in order to use a different existing public subnet instead of the pub_lb subnet.
and which parameter is the right one to do this change.

Alternatively, we would like to adjust the current NSG rules of the pub_lb subnet.
Is it done using the below variables?

` public_lb_allowed_ports = [80, 443, 15021]

allow_rules_public_lb = {
for p in local.public_lb_allowed_ports :

format("Allow ingress to port %v", p) => {
  protocol = local.tcp_protocol, port = p, source = "0.0.0.0/0", source_type = local.rule_type_cidr,
}

}
`

Thank you in advance for your help.

commented

You can set the default subnet to be used for the OKE services using the subnet variable.

Once the cluster is created is not possible to change the default subnet used for the LoadBalancer type services.

If you intend to customize the subnet used for a service you can achieve this through annotation service.beta.kubernetes.io/oci-load-balancer-subnet1 as instructed here.

To whitelist ports on the LB NSG you can use the allow_rules_public_lb variable as in this example.