Creating a Worker Load Balancer Subnet (Flannel Overlay)
On Compute Cloud@Customer, part of configuring OKE requires creating a security list and a worker load balancer subnet.
Create the following resources in the order listed:
Create a Worker Load Balancer Security List
Create a security list and a worker load balancer subnet. To create a security list, use the instructions in Creating a Security List. For Terraform input, see Example Terraform Scripts for Network Resources (Flannel Overlay).
This security list defines traffic, such as applications, that's allowed to contact the worker load balancer.
For this example, use the following input for the worker load balancer subnet security list. These sources and destinations are examples; adjust these for your applications.
When you create an external load balancer for your containerized applications (see Exposing Containerized Applications), remember to add that load balancer service front-end port to this security list.
| Compute Cloud@Customer Console property | CLI property | 
|---|---|
| 
 | 
 | 
| Two ingress security rules: | Two ingress security rules: 
 | 
| Ingress Rule 1 
 | Ingress Rule 1 
 | 
| Ingress Rule 2 
 | Ingress Rule 2 
 | 
Create the Worker Load Balancer Subnet
To create a subnet, use the instructions in Creating a Subnet For Terraform input, see Example Terraform Scripts for Network Resources (Flannel Overlay).
For this example, use the following input to create the worker load balancer subnet. Use the OCID of the VCN that was created in Creating a VCN (Flannel Overlay). Create the worker load balancer subnet in the same compartment where you created the VCN.
Create either a private or a public worker load balancer subnet. Create a public worker load balancer subnet to use with a public cluster. Create a private worker load balancer subnet to expose applications in a private cluster.
| Compute Cloud@Customer Console property | CLI property | 
|---|---|
| 
 | 
 | 
The difference in the following private subnet is the VCN private route table is used instead of the public route table.
| Compute Cloud@Customer Console property | CLI property | 
|---|---|
| 
 | 
 | 
What's Next: