Working with Enhanced Clusters and Basic Clusters
Find out about enhanced clusters and basic clusters, the differences between them, and how to create them using Container Engine for Kubernetes (OKE).
Enhanced clusters support all available features, including features not supported by basic clusters, enabling you to:
- Simplify node management through the use of virtual nodes. Virtual nodes reduce the burden of operating infrastructure by removing the need to manually scale, upgrade, or troubleshoot worker nodes. See Working with Virtual Nodes.
- Deploy and configure cluster add-ons in a more granular way. You can manage both essential add-ons (such as CoreDNS and kube-proxy), and also a growing portfolio of optional add-ons (such as the Kubernetes Dashboard). You can install or disable specific add-ons, select add-on versions, opt into and out of automatic updates by Oracle, and manage add-on specific customizations. Oracle manages the lifecycle of the add-ons, so you don't have to deploy the add-ons yourself. See Configuring Cluster Add-ons.
- Strengthen cluster security through the use of workload identity. Workload identity enables you to define OCI IAM policies that authorize specific pods to make OCI API calls, and access OCI resources. You scope the policies to the Kubernetes service account associated with application pods, allowing the applications running inside those pods to directly access the API based on the permissions provided by the policies. In addition, OCI Audit automatically tracks all API calls made by Kubernetes workloads running on the cluster. See Granting Workloads Access to OCI Resources.
- Provision more worker nodes in the cluster. With more worker nodes in a single cluster, you can deploy larger workloads on that cluster to achieve better resource utilization and lower operational overhead. And you have fewer, larger environments to secure, monitor, upgrade, and manage. For more information about the number of worker nodes supported on an enhanced cluster, see Container Engine for Kubernetes Limits. See also Considerations when Defining Enhanced Clusters with Large Numbers of Managed Nodes.
- Cycle nodes when updating or upgrading worker nodes. Node cycling enables you to automatically replace all existing worker nodes when you update a node pool's worker node properties, including when you upgrade worker nodes to a more recent Kubernetes version. Container Engine for Kubernetes automatically cordons, drains, and terminates existing worker nodes, and creates new worker nodes with the properties or Kubernetes version you specified. See Performing an In-Place Managed Node Kubernetes Upgrade by Cycling Nodes in an Existing Node Pool and Performing an In-Place Worker Node Update by Cycling Nodes in an Existing Node Pool.
- Define specialized compute instances and add them to a cluster as self-managed nodes. Using the Compute service to create compute instances enables you to add self-managed nodes to a cluster that are configured for specialized workloads. You can specify compute shape and image combinations for self-managed nodes that are not available for managed nodes and virtual nodes. See Working with Self-Managed Nodes.
- Rely on a financially-backed service level agreement (SLA) tied to Kubernetes API server uptime and availability. You receive compensation if Kubernetes API server uptime and availability degrades below the stated SLA. See Oracle Cloud Infrastructure Service Level Agreement (SLA).
Note that you cannot downgrade an enhanced cluster to a basic cluster.