Add support for compute-cluster

docs/src/guide/cluster.md

@@ -12,6 +12,7 @@ The OKE parameters concern mainly the following:
 * number of node pools and their respective size of the cluster
 * services and pods cidr blocks
 * whether to use encryption
+* whether you want to enable [dual-stack](https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/conteng_ipv4-and-ipv6.htm): IPv4 & IPv6 
 
 ```admonish notice
  If you need to change the default services and pods' CIDRs, note the following:

docs/src/guide/network_subnets.md

@@ -27,6 +27,12 @@ Subnets are created for core components managed within the module, namely:
 {{#include ../../../examples/network/vars-network-subnets-create-cidr.auto.tfvars:4:}}
 ```
 
+## Create new subnets with IPv4 and IPv6 (CIDR notation)
+
+```javascript
+{{#include ../../../examples/network/vars-network-subnets-create-cidr-ipv4-and-ipv6.tfvars:4:}}
+```
+
 ## Use existing subnets
 
 ```javascript

examples/cluster-addons/vars-cluster-addons.auto.tfvars

@@ -4,12 +4,12 @@
 cluster_addons = {
   "CertManager" = {
     remove_addon_resources_on_delete = true
-    override_existing = true           # Default is false if not specified
+    override_existing                = true # Default is false if not specified
     # The list of supported configurations for the cluster addons is here: https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengconfiguringclusteraddons-configurationarguments.htm#contengconfiguringclusteraddons-configurationarguments_CertificateManager
     configurations = [
       {
-        key          = "numOfReplicas"
-        value        = "1"
+        key   = "numOfReplicas"
+        value = "1"
       }
     ]
   }
@@ -20,7 +20,7 @@ cluster_addons = {
   # Prevent Flannel pods from being scheduled using a non-existing label as nodeSelector
   "Flannel" = {
     remove_addon_resources_on_delete = true
-    override_existing = true # Override the existing configuration with this one, if Flannel addon in already enabled
+    override_existing                = true # Override the existing configuration with this one, if Flannel addon in already enabled
     configurations = [
       {
         key   = "nodeSelectors"
@@ -31,7 +31,7 @@ cluster_addons = {
   # Prevent Kube-Proxy pods from being scheduled using a non-existing label as nodeSelector
   "KubeProxy" = {
     remove_addon_resources_on_delete = true
-    override_existing = true # Override the existing configuration with this one, if KubeProxy addon in already enabled
+    override_existing                = true # Override the existing configuration with this one, if KubeProxy addon in already enabled
     configurations = [
       {
         key   = "nodeSelectors"

examples/cluster/vars-cluster-basic.auto.tfvars

@@ -1,5 +1,5 @@
-# Copyright (c) 2017, 2023 Oracle Corporation and/or its affiliates.
+# Copyright (c) 2017, 2025 Oracle Corporation and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
 cluster_name       = "oke-example"
-kubernetes_version = "v1.31.1"
+kubernetes_version = "v1.32.1"

examples/cluster/vars-cluster-enhanced.auto.tfvars

@@ -1,4 +1,4 @@
-# Copyright (c) 2017, 2023 Oracle Corporation and/or its affiliates.
+# Copyright (c) 2017, 2025 Oracle Corporation and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
 create_cluster                    = true // *true/false
@@ -7,9 +7,10 @@ cluster_kms_key_id                = null
 cluster_name                      = "oke"
 cluster_type                      = "enhanced" // *basic/enhanced
 cni_type                          = "flannel"  // *flannel/npn
-assign_public_ip_to_control_plane = true // true/*false
+assign_public_ip_to_control_plane = true       // true/*false
 image_signing_keys                = []
-kubernetes_version                = "v1.31.1"
+kubernetes_version                = "v1.32.1"
 pods_cidr                         = "10.244.0.0/16"
 services_cidr                     = "10.96.0.0/16"
 use_signed_images                 = false // true/*false
+enable_ipv6                       = false //true/*false

examples/extensions/vars-extensions-service-account.auto.tfvars

@@ -2,26 +2,26 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
 create_service_account = true
-service_accounts       = {
+service_accounts = {
   # Example to create a cluster role binding using a cluster role.
   example_cluster_role_binding = {
-    sa_name = "sa1"
-    sa_namespace = "kube-system"
-    sa_cluster_role = "cluster-admin"
+    sa_name                 = "sa1"
+    sa_namespace            = "kube-system"
+    sa_cluster_role         = "cluster-admin"
     sa_cluster_role_binding = "sa1-crb"
   }
   # Example to create a role binding using a cluster role.
   example_role_binding = {
-    sa_name = "sa2"
-    sa_namespace = "default"
+    sa_name         = "sa2"
+    sa_namespace    = "default"
     sa_cluster_role = "cluster-admin"
     sa_role_binding = "sa1-rb"
   }
   # Example to create a role binding using a role, the role needs to exist within the namespace.
   example_role_binding = {
-    sa_name = "sa3"
-    sa_namespace = "kube-system"
-    sa_role = "system:controller:token-cleaner"
+    sa_name         = "sa3"
+    sa_namespace    = "kube-system"
+    sa_role         = "system:controller:token-cleaner"
     sa_role_binding = "sa3-rb"
   }
 }

examples/istio-mc/README.md

@@ -51,7 +51,7 @@ clusters = {
 5. Configure additional parameters if necessary:
 
 ```
-kubernetes_version = "v1.28.2"
+kubernetes_version = "v1.32.1"
 
 cluster_type = "basic"
 

examples/istio-mc/terraform.tfvars.example

@@ -23,7 +23,7 @@ clusters = {
   c2 = { region = "melbourne", vcn = "10.2.0.0/16", pods = "10.202.0.0/16", services = "10.102.0.0/16", enabled = true }
 }
 
-kubernetes_version = "v1.28.2"
+kubernetes_version = "v1.32.1"
 
 cluster_type = "basic"
 

examples/istio-mc/variables.tf

@@ -61,7 +61,7 @@ variable "clusters" {
 }
 
 variable "kubernetes_version" {
-  default     = "v1.30.1"
+  default     = "v1.32.1"
   description = "The version of Kubernetes to use."
   type        = string
 }

examples/network/vars-network.auto.tfvars

@@ -12,6 +12,7 @@ vcn_id                   = null            # Ignored if create_vcn = true
 vcn_cidrs                = ["10.0.0.0/16"] # Ignored if create_vcn = false
 vcn_dns_label            = "oke"           # Ignored if create_vcn = false
 vcn_name                 = "oke"           # Ignored if create_vcn = false
+enable_ipv6              = false           # true/*false
 
 # Subnets
 subnets = {
@@ -74,7 +75,8 @@ drg_display_name = "drg"
 drg_id           = null
 
 # Routing
-ig_route_table_id = null # Optional ID of existing internet gateway route table
+ig_route_table_id   = null # Optional ID of existing internet gateway route table
+internet_gateway_id = null # Optional ID of existing internet gateway
 internet_gateway_route_rules = [
   #   {
   #     destination       = "192.168.0.0/16" # Route Rule Destination CIDR
@@ -84,6 +86,9 @@ internet_gateway_route_rules = [
   #   },
 ]
 
+igw_ngw_mixed_route_id = null # Optional ID of existing mixed route table NAT GW for IPv4 and Internet GW for IPv6
+
+nat_gateway_id           = null # Optional ID of existing NAT gateway
 nat_gateway_public_ip_id = "none"
 nat_route_table_id       = null # Optional ID of existing NAT gateway route table
 nat_gateway_route_rules = [

examples/rms/oke-cluster-only/variables-cluster.tf

@@ -25,7 +25,7 @@ variable "services_cidr" {
   default = "10.96.0.0/16"
   type    = string
 }
-variable "kubernetes_version" { default = "v1.26.2" }
+variable "kubernetes_version" { default = "v1.32.1" }
 
 variable "cluster_kms_vault_id" {
   default = null

examples/rms/oke-workers-only/variables.tf

@@ -32,7 +32,7 @@ variable "cluster_id" {
 }
 variable "cni_type" { default = "Flannel" }
 variable "kubernetes_version" {
-  default = "v1.26.2"
+  default = "v1.32.1"
   type    = string
 }
 

examples/workers/vars-workers-instance.auto.tfvars

@@ -18,6 +18,6 @@ worker_pools = {
     description = "Self-managed Instance With Bursting",
     mode        = "instance",
     size        = 1,
-    burst       = "BASELINE_1_8",   # Valid values BASELINE_1_8,BASELINE_1_2
+    burst       = "BASELINE_1_8", # Valid values BASELINE_1_8,BASELINE_1_2
   },
 }

examples/workers/vars-workers-instancepool.auto.tfvars

@@ -18,19 +18,19 @@ worker_pools = {
     description = "Self-managed Instance Pool With Bursting",
     mode        = "instance-pool",
     size        = 1,
-    burst       = "BASELINE_1_8",   # Valid values BASELINE_1_8,BASELINE_1_2
+    burst       = "BASELINE_1_8", # Valid values BASELINE_1_8,BASELINE_1_2
   },
   oke-vm-instance-pool-with-block-volume = {
-    description = "Self-managed Instance Pool with block volume",
-    mode        = "instance-pool",
-    size        = 1,
-    disable_block_volume = false,
+    description              = "Self-managed Instance Pool with block volume",
+    mode                     = "instance-pool",
+    size                     = 1,
+    disable_block_volume     = false,
     block_volume_size_in_gbs = 60,
   },
   oke-vm-instance-pool-without-block-volume = {
-    description = "Self-managed Instance Pool without block volume",
-    mode        = "instance-pool",
-    size        = 1,
+    description          = "Self-managed Instance Pool without block volume",
+    mode                 = "instance-pool",
+    size                 = 1,
     disable_block_volume = true,
   },
 }

module-cluster.tf

@@ -60,6 +60,7 @@ module "cluster" {
   vcn_id                            = local.vcn_id
   cni_type                          = var.cni_type
   control_plane_is_public           = var.control_plane_is_public
+  enable_ipv6                       = var.enable_ipv6
   assign_public_ip_to_control_plane = var.assign_public_ip_to_control_plane
   control_plane_nsg_ids             = compact(flatten([var.control_plane_nsg_ids, try(module.network.control_plane_nsg_id, null)]))
   control_plane_subnet_id           = try(module.network.control_plane_subnet_id, "") # safe destroy; validated in submodule
@@ -70,6 +71,7 @@ module "cluster" {
     : try(module.network.int_lb_subnet_id, "")
   )
 
+
   # Cluster
   cluster_kms_key_id = var.cluster_kms_key_id
   cluster_name       = local.cluster_name

module-extensions.tf

@@ -2,26 +2,26 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
 locals {
-  cluster_private_endpoint = ( var.create_cluster ? 
-    coalesce(split(":", lookup(one(module.cluster[*].endpoints), "private_endpoint", ""))...) : 
-    ( length(local.existing_cluster_endpoints) > 0 ?
-      coalesce(split(":", lookup(local.existing_cluster_endpoints, "private_endpoint", ""))...):
+  cluster_private_endpoint = (var.create_cluster ?
+    coalesce(split(":", lookup(one(module.cluster[*].endpoints), "private_endpoint", ""))...) :
+    (length(local.existing_cluster_endpoints) > 0 ?
+      coalesce(split(":", lookup(local.existing_cluster_endpoints, "private_endpoint", ""))...) :
       null
     )
   )
 }
 
 module "extensions" {
-  source   = "./modules/extensions"
-  depends_on = [ module.network ]
-  count    = alltrue([var.create_cluster, local.operator_enabled]) ? 1 : 0
-  region   = var.region
-  state_id = local.state_id
+  source     = "./modules/extensions"
+  depends_on = [module.network]
+  count      = alltrue([var.create_cluster, local.operator_enabled]) ? 1 : 0
+  region     = var.region
+  state_id   = local.state_id
 
   # Cluster
-  kubernetes_version  = var.kubernetes_version
-  expected_node_count = local.worker_count_expected
-  worker_pools        = one(module.workers[*].worker_pools)
+  kubernetes_version       = var.kubernetes_version
+  expected_node_count      = local.worker_count_expected
+  worker_pools             = one(module.workers[*].worker_pools)
   cluster_private_endpoint = local.cluster_private_endpoint
 
   # Bastion/operator connection
@@ -120,6 +120,6 @@ module "extensions" {
   mpi_operator_version        = var.mpi_operator_version
 
   # Service Account
-  create_service_account               = var.create_service_account
-  service_accounts                     = var.service_accounts
+  create_service_account = var.create_service_account
+  service_accounts       = var.service_accounts
 }

module-iam.tf

@@ -80,6 +80,9 @@ module "iam_cluster_prerequisites" {
   autoscaler_compartments = []
   worker_compartments     = []
 
+  enable_ipv6            = false
+  network_compartment_id = var.network_compartment_id
+
   providers = {
     oci.home = oci.home
   }
@@ -113,6 +116,9 @@ module "iam" {
   autoscaler_compartments = local.autoscaler_compartments
   worker_compartments     = local.worker_compartments
 
+  enable_ipv6            = var.enable_ipv6
+  network_compartment_id = var.network_compartment_id
+
   providers = {
     oci.home = oci.home
   }
@@ -125,15 +131,15 @@ output "availability_domains" {
 
 output "dynamic_group_ids" {
   description = "Cluster IAM dynamic group IDs"
-  value       = concat(
+  value = concat(
     coalesce(module.iam_cluster_prerequisites.dynamic_group_ids, []),
     coalesce(module.iam.dynamic_group_ids, [])
   )
 }
 
 output "policy_statements" {
   description = "Cluster IAM policy statements"
-  value       = concat(
+  value = concat(
     coalesce(module.iam_cluster_prerequisites.policy_statements, []),
     coalesce(module.iam.policy_statements, [])
   )