v4.1.1

What's Changed

• fix: File provisioner path ~ changed to /home/opc by @karthicgit in #451
• fix: Change default Kubernetes version to v1.21.5 by @karthicgit in #453

Full Changelog: v4.1.0...v4.1.1

v4.1.0

What's Changed

• feat: added OPA Gatekeeper by @karthicgit in #439
• updated the operator version to 3.0.1 from 3.0.0 to disable OSMS by @KSN2510 in #444
• feat: added support for new OCI regions: Milan, Stockholm, Abu Dhabi and Vinhedo by @snafuz in #441
• feat: upgraded olcne package so we can have latest version of kubectl by @hyder in #446

New Contributors

• @KSN2510 made their first contribution in #444

Full Changelog: v4.0.4...v4.1.0

v4.0.4

What's Changed

• fix: added 1 additional rule to allow egress traffic for load balancer health checks to work by @snafuz in #438

New Contributors

• @snafuz made their first contribution in #438

Full Changelog: v4.0.3...v4.0.4

v4.0.3

What's Changed

• others: added example for automated Verrazzano installation. Closes #435 by @hyder in https://github.com/oracle-terraform-modules/terraform-oci-oke/pull/437/files
• feat: enhancements to token_helper for kubectl. Closes #429 by @hyder in #432
• fix: Created bin directory in /home/opc before moving token_helper script there. by @hyder in #437

Full Changelog: v4.0.2...v4.0.3

v4.0.2

What's Changed

• others: added 3rd party attributions by @hyder in #428
• fix: added 1 additional rule to allow control plane to be accessed by specified list of cidr blocks by @hyder in #431

Full Changelog: v4.0.1...v4.0.2

v4.0.1

4.0.1

Changes

• added home provider argument in remote module usage example (#421)

New Features

• Added Marseille, Singapore and Jerusalem as supported regions (#423)

v4.0.0

4.0.0

Breaking changes

• Set minimum version to Terraform 1.0.0
• Removed base module and use vcn, bastion and operator modules directly
• Renamed and standardized all control variables
• Removed deprecated template provider dependencies
• Made bastion and operator modules conditional
• Removed identity parameters in between modules to improve reusability
• Renamed okenetwork submodule to network
• Created a new submodule (extensions) and moved all scripts and extra things there
• Moved dynamic group and policy for kms into oke module
• Added a 30s delay between policy creation for kms and cluster creation to allow for global propagation
• Added a home provider in oke module for dynamic group and policy creation
• Changed from security list to NSGs for better flexibility and security (#398)

Changes

• Changed default Kubernetes version to v1.20.11 and removed v1.16.8, v1.17.9 from docs.
• Added support for GPU and ARM shapes (#302)
• VCN module upgraded to VCN 3.0.0. This allows supporting multiple cidr blocks (#360)
• Bastion and operator sub-modules upgraded to 3.0.0 (#183)
• kubeconfig on operator always uses PRIVATE_ENDPOINT (#358)
• Documented providers in quickstart (#355)
• Renamed tags to freeform_tags in line with other modules (#364)
• Added validation on some variables (#370)

New Features

• Added OCI Bastion Service as option to access operator or control plane
• Added support for reserved public IP address for NAT gateway (#311)
• Added LPGs for hub and spoke deployment model (#295)
• Allow access to operator via OCI Bastion service (#352)
• Added support for using NSGs for cluster endpoint (#343)
• Added option to disable worker node access to Internet. Users can only pull images from OCIR (#331)
• Added ability to specify api and private ssh keys using heredoc format with a variable (#375)

Bug fixes

• Added home region to update dynamic group script for cases when actual region is different from tenancy home region (#347)
• Added 1 missing rule for operator to access control plane (#349)
• Added security list for OCI Bastion service to access the control plane (#408)
• Updated topology diagrams to show correct traffic flow (#412)
• Changed bastion type to STANDARD to avoid destruction (#409)

Known issues

• Enabling WAF has to be done in 2 stages:
  • Create the cluster along with the VCN and other resources without WAF enabled by setting enable_waf=false
  • Subsequently enable WAF by setting enable_waf=true

v4.0.0-RC1

Breaking changes

• Set minimum version to Terraform 1.0.0
• Removed base module and use vcn, bastion and operator modules directly
• Renamed and standardized all control variables
• Removed deprecated template provider dependencies
• Made bastion and operator modules conditional
• Removed identity parameters in between modules to improve reusability
• Renamed okenetwork submodule to network
• Created a new submodule (extensions) and moved all scripts and extra things there
• Moved dynamic group and policy for kms into oke module
• Added a 30s delay between policy creation for kms and cluster creation to allow for global propagation
• Added a home provider in oke module for dynamic group and policy creation
• Changed from security list to NSGs for better flexibility

Changes

• Changed default Kubernetes version to v1.20.8 and removed v1.16.8, v1.17.9 from docs.
• Added support for GPU and ARM shapes (#302)
• VCN module upgraded to VCN 3.0.0. This allows supporting multiple cidr blocks (#360)
• Bastion and operator sub-modules upgraded to 3.0.0 (#183)
• kubeconfig on operator always uses PRIVATE_ENDPOINT (#358)
• Documented providers in quickstart (#355)
• Renamed tags to freeform_tags in line with other modules (#364)
• Added validation on some variables (#370)

New Features

• Added OCI Bastion Service as option to access operator or control plane
• Added support for reserved public IP address for NAT gateway (#311)
• Added LPGs for hub and spoke deployment model (#295)
• Allow access to operator via OCI Bastion service (#352)
• Added support for using NSGs for cluster endpoint (#343)
• Added option to disable worker node access to Internet. Users can only pull images from OCIR (#331)
• Added ability to specify api and private ssh keys using heredoc format with a variable (#375)

Bug fixes

• Added home region to update dynamic group script for cases when actual region is different from tenancy home region (#347)
• Added 1 missing rule for operator to access control plane (#349)

Known issues

• Enabling WAF has to be done in 2 stages:
  • Create the cluster along with the VCN and other resources without WAF enabled by setting enable_waf=false
  • Subsequently enable WAF by setting enable_waf=true

v4.0.0-BETA.5

Changes

• Upgraded bastion and operator modules to v3.0.0
• Added a home region parameter to simplify home provider initialization

v4.0.0-BETA.4

Changes

• Refactored modules: renamed okenetwork to network, created new submodule (extensions)
• Renamed tags to freeform_tags
• Added validation on some variables
• Updated documentation and some more variables renaming
• Secret creation changes
• Added private ssh key as variable