Creating an OKE Control Plane Load Balancer Subnet
Create the following resources in the order listed:
-
Control plane load balancer security list
-
Control plane load balancer subnet
Create a Control Plane Load Balancer Security List
To create a security list, use the instructions in "Creating a Security List" in Controlling Traffic with Security Lists in the Oracle Private Cloud Appliance User Guide. For Terraform input, see Example Terraform Scripts for Network Resources.
The control plane load balancer accepts traffic on port 6443, which is also called
kubernetes_api_port
in this guide. Adjust this security
list to only accept connections from where you expect the network to run. Port 6443 must
accept connections from the cluster control plane instances and worker instances.
For this example, use the following input for the control plane load balancer subnet security list.
Compute Web UI property | OCI CLI property |
---|---|
|
|
Three ingress security rules: |
Three ingress security rules:
|
Ingress Rule 1:
|
Ingress Rule 1:
|
Ingress Rule 2:
|
Ingress Rule 2:
|
Ingress Rule 3:
|
Ingress Rule 3:
|
Create the Control Plane Load Balancer Subnet
To create a subnet, use the instructions in Creating a Subnet in the Oracle Private Cloud Appliance User Guide. For Terraform input, see Example Terraform Scripts for Network Resources.
For this example, use the following input to create the control plane load balancer subnet. Use the OCID of the VCN that was created in Creating an OKE VCN. Create the control plane load balancer subnet in the same compartment where you created the VCN.
Compute Web UI property | OCI CLI property |
---|---|
|
|