feat: first commit with single working cluster

Signed-off-by: Ali Mukadam <[email protected]>

.gitignore

@@ -0,0 +1,16 @@
+#  Local .terraform directories
+**/.terraform/*
+
+provider.tf
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# .tfvars files
+*.tfvars
+
+generated/**
+
+# visual code
+ **/.vscode/*

README.md

@@ -1 +1,56 @@
-# terraform-oci-verrazzano
+[terraform-oci-oke]: https://github.com/oracle-terraform-modules/terraform-oci-oke
+[verrazzano]: https://verrazzano.io
+
+# Installing Verrazzano on Oracle Container Engine for Kubernetes (OKE)
+
+This module automates the installation of [Verrazzano][verrazzano] on top of this [terraform-oci-oke][terraform-oci-oke].
+
+## Quick start
+
+### 1. Creating Providers
+
+You need to create 2 providers:
+* 1 provider for the region where your OKE cluster and other resources will be created
+* 1 provider for your tenancy's home region. This is required for conducting identity operations. 
+
+> **Note that your home region may not necessarily be the same as the region where you want to create the cluster.**
+
+### 2. Update Terraform values
+
+* Copy or rename the `terraform.tfvars.example` to `terraform.tfvars`
+
+```
+cp terraform.tfvars.example terraform.tfvars
+```
+
+* Enter or update the values to `terraform.tfvars`:
+
+```
+api_fingerprint      = ""
+api_private_key_path = ""
+verrazzano_regions = {
+  home  = "us-phoenix-1"
+  v8o   = "ap-sydney-1"
+}
+tenancy_id = ""
+user_id    = ""
+
+# general oci parameters
+compartment_id = ""
+label_prefix   = "dev"
+
+ssh_private_key_path = "~/.ssh/id_rsa"
+ssh_public_key_path = "~/.ssh/id_rsa.pub"
+```
+
+### 3. Run Terraform
+
+Run Terraform:
+
+. Run Terraform:
+
+```
+terraform init
+terraform plan
+terraform apply
+```

oke.tf

@@ -0,0 +1,66 @@
+module "oke" {
+  source  = "oracle-terraform-modules/oke/oci"
+  version = "4.0.3"
+
+  home_region = var.home_region
+  region      = var.region
+
+  tenancy_id = var.tenancy_id
+
+  # general oci parameters
+  compartment_id = var.compartment_id
+  label_prefix   = var.label_prefix
+
+  # ssh keys
+  ssh_private_key_path = var.ssh_private_key_path
+  ssh_public_key_path  = var.ssh_public_key_path
+
+  # networking
+  create_drg                   = var.verrazzano_type == "admin" || var.verrazzano_type == "managed" ? true : false
+  internet_gateway_route_rules = []
+  nat_gateway_route_rules      = []
+
+  vcn_cidrs     = var.vcn_cidrs
+  vcn_dns_label = var.vcn_dns_label
+  vcn_name      = var.vcn_name
+
+  # bastion host
+  create_bastion_host = var.verrazzano_type == "managed" ? false : true
+  upgrade_bastion     = false
+
+  # operator host
+  create_operator                    = var.verrazzano_type == "managed" ? false : true
+  enable_operator_instance_principal = true
+  upgrade_operator                   = false
+
+  # oke cluster options
+  cluster_name                = "${var.region}-${var.cluster_name}"
+  control_plane_type          = "private"
+  control_plane_allowed_cidrs = var.control_plane_allowed_cidrs
+  kubernetes_version          = var.kubernetes_version
+  pods_cidr                   = var.pods_cidr
+  services_cidr               = var.services_cidr
+
+  # node pools
+  node_pools = var.node_pools
+  node_pool_name_prefix = var.node_pool_name_prefix
+
+  # oke load balancers
+  load_balancers          = var.load_balancers
+  preferred_load_balancer = var.preferred_load_balancer
+
+  # oke internal load balancer
+  internal_lb_allowed_cidrs = var.internal_lb_allowed_cidrs
+  internal_lb_allowed_ports = var.internal_lb_allowed_ports
+
+  # oke public load balancer
+  public_lb_allowed_cidrs = var.public_lb_allowed_cidrs
+  public_lb_allowed_ports = var.public_lb_allowed_ports
+
+  # freeform_tags
+  freeform_tags = var.freeform_tags
+
+  providers = {
+    oci.home = oci.home
+  }
+}

resources/verrazzano.template.yaml

@@ -0,0 +1,6 @@
+  apiVersion: install.verrazzano.io/v1alpha1
+  kind: Verrazzano
+  metadata:
+    name: example-verrazzano
+  spec:
+    profile: dev

scripts/install_verrazzano.template.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+# Copyright 2017, 2021 Oracle Corporation and/or affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+echo "Installing Verrazzano"
+
+if [[ ${verrazzano_type} = "admin" ]]
+then
+  sed -i -e "s?profile: dev?profile: prod?g" verrazzano.yaml
+  echo "profile type set to prod for an admin cluster"
+elif [[ ${verrazzano_type} = "dev" ]]
+then
+  echo "profile type set to dev for a dev cluster"
+elif [[ ${verrazzano_type} = "managed" ]]
+then
+  sed -i -e "s?profile: dev?profile: managed?g" verrazzano.yaml
+  echo "profile type set to managed for a managed cluster"
+else
+  sed -i -e "s?profile: dev?profile: prod?g" verrazzano.yaml
+  echo "profile type set to prod for a custom cluster cluster"
+fi
+
+sed -i -e "s?example-verrazzano?${verrazzano_name}?g" verrazzano.yaml
+
+kubectl apply -f verrazzano.yaml

scripts/install_verrazzano_operator.template.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+# Copyright 2017, 2021 Oracle Corporation and/or affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+echo "Installing Verrazzano Enterprise Container Platform"
+
+kubectl apply -f https://github.com/verrazzano/verrazzano/releases/download/v${verrazzano_version}/operator.yaml
+
+kubectl -n verrazzano-install rollout status deployment/verrazzano-platform-operator
+

templates.tf

@@ -0,0 +1,22 @@
+# Copyright 2017, 2021 Oracle Corporation and/or affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+locals {
+  # scripting templates
+
+  install_verrazzano_operator_template = templatefile("${path.module}/scripts/install_verrazzano_operator.template.sh",
+    {
+      verrazzano_version = var.verrazzano_version
+    }
+  )
+
+  install_verrazzano_template = templatefile("${path.module}/scripts/install_verrazzano.template.sh",
+    {
+      verrazzano_name = var.verrazzano_name
+      verrazzano_type = var.verrazzano_type
+    }
+  )
+
+  verrazzano_profile_template = templatefile("${path.module}/resources/verrazzano.template.yaml",{})
+
+}

terraform.tfvars.example

@@ -0,0 +1,77 @@
+# Copyright (c) 2019, 2021 Oracle Corporation and/or affiliates.  All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+# provider identity parameters
+
+api_fingerprint = ""
+
+api_private_key_path = ""
+
+region = "us-phoenix-1"
+
+tenancy_id = ""
+
+user_id = ""
+
+# general oci parameters
+
+compartment_id = ""
+
+label_prefix = "dev"
+
+# network parameters
+
+availability_domain = 1
+
+bastion_access = ["anywhere"]
+
+ig_route_id = ""
+
+netnum = 30
+
+newbits = 14
+
+vcn_id = ""
+
+bastion_image_id = "Autonomous"
+
+bastion_os_version = "7.9"
+
+bastion_shape = {
+  shape="VM.Standard.E4.Flex",
+  ocpus=1,
+  memory=4,
+  boot_volume_size=50
+}
+
+bastion_state= "RUNNING"
+
+bastion_timezone = "Australia/Sydney"
+
+bastion_type = "public"
+
+ssh_public_key = ""
+
+ssh_public_key_path = ""
+
+upgrade_bastion = false
+
+# notification
+
+enable_bastion_notification = false
+
+bastion_notification_endpoint = ""
+
+bastion_notification_protocol = "EMAIL"
+
+bastion_notification_topic = "bastion"
+
+freeform_tags = {
+    access      = "public"
+    environment = "dev"
+    role        = "bastion"
+}
+
+verrazzano_name    = "v8o"
+verrazzano_type    = "dev"
+verrazzano_version = "1.0.3"