Oracle Cloud Infrastructure
This page was last updated September 20, 2021.
Follow these instructions to prepare an Oracle Container Engine for Kubernetes (OKE) cluster for Istio.
Create an OKE cluster
To create an OKE cluster, you must either belong to the tenancy’s Administrator’s
group or a group to which a policy grants the CLUSTER_MANAGE
permission.
The simplest way to create an OKE cluster5 is to use the Quick Create Workflow6 available in the Oracle Cloud Infrastructure (OCI) console7. Other methods include the Custom Create Workflow8 and the Oracle Cloud Infrastructure (OCI) API9.
You can also create a cluster using the OCI CLI10 using the following example:
Parameter | Expected value |
---|---|
oke-cluster-name | A name to assign to your new OKE cluster |
kubernetes-version | A supported version of Kubernetes11 to deploy |
compartment-ocid | The OCID12 of an existing compartment12 |
vcn-ocid | The OCID12 of an existing virtual cloud network12 (VCN) |
Setting up local access to an OKE cluster
Install kubectl
13 and the OCI CLI10 (oci
) to access an OKE
cluster from your local machine.
Use the following OCI CLI command to create or update your kubeconfig
file to
include an oci
command that dynamically generates and inserts a short-lived
authentication token which allows kubectl
to access the cluster:
The supported values for kube-endpoint
are either PUBLIC_ENDPOINT
or PRIVATE_ENDPOINT
.
You may also need to configure an SSH tunnel via a bastion host14 to
access clusters that only have a private endpoint.
Replace cluster-ocid
with the OCID12 of the target OKE cluster.
Verify access to the cluster
Use the kubectl get nodes
command to verify kubectl
is able to connect to the
cluster:
You can now install Istio using istioctl
15,
Helm16, or manually.