02 Configure Network Resources for Oracle Kubernetes Engine

Navigation Menu

1. Create Virtual Cloud Network 

VCN Name: okevcn
Select : CREATE VIRTUAL CLOUD NETWORK ONLY
CIDR Block : 10.0.0.0/16

2. Create Internet Gateway for the above VCN

Name the Internet Gateway as  gateway-0

3. Create Route Table

Route table name is routetable-0

Target Type : Internet Gateway and Select gateway-0

Destination CIDR Block: 0.0.0.0/0

click create / save

4. Create Security List

4A. Load Balancer Security List name it as “loadbalancers”
       Ingress CIDR 0.0.0.0/0 TCP
       Egress CIDR 0.0.0.0/0 TCP

  • In the Allow Rules for Ingress section, specify a new stateless ingress rule:
  • Stateless: Yes (checkbox selected).
  • Source CIDR: 0.0.0.0/0
  • IP Protocol: TCP
  • Source Port Range: All
  • Destination Port Range: All
  • In the Allow Rules for Egress section, specify a new stateless egress rule:
  • Stateless: Yes (checkbox selected).
  • Destination CIDR: 0.0.0.0/0
  • IP Protocol: TCP
  • Source Port Range: All
  • Destination Port Range: All

4B. Workers Security List name it as “workers”

Workers Security List

Ingress
Stateless Rules
Source: 10.0.10.0/24 IP Protocol: All Protocols
Source: 10.0.11.0/24 IP Protocol: All Protocols
Source: 10.0.12.0/24 IP Protocol: All Protocols

Stateful Rules
Source: 0.0.0.0/0 IP Protocol: ICMP
Type and Code: 3, 4
Allows: ICMP traffic for: 3, 4 
Source: 130.35.0.0/16 IP Protocol: TCP
Source Port Range: All
Destination Port Range: 22
Allows: TCP traffic for ports: 22 SSH Remote Login Protocol
Source: 138.1.0.0/17 IP Protocol: TCP
Source Port Range: All
Destination Port Range: 22
Allows: TCP traffic for ports: 22 SSH Remote Login Protocol
Source: 0.0.0.0/0 IP Protocol: TCP
Source Port Range: All
Destination Port Range: 22
Allows: TCP traffic for ports: 22 SSH Remote Login Protocol
Source: 0.0.0.0/0 IP Protocol: TCP
Source Port Range: All
Destination Port Range: 30000-32767
Allows: TCP traffic for ports: 30000-32767

Egress Rules
Stateless Rules
Destination: 10.0.10.0/24 IP Protocol: All Protocols
Allows: all traffic for all ports
Destination: 10.0.11.0/24 IP Protocol: All Protocols
Allows: all traffic for all ports
Destination: 10.0.12.0/24 IP Protocol: All Protocols
Allows: all traffic for all ports
Stateful Rules
Destination: 0.0.0.0/0 IP Protocol: All Protocols
Allows: all traffic for all ports

 Ingress SL for Loadbalancer

  Egress SL for Loadbalancer 

What Next >> 03 Creating 3 Worker Subnets and 2 Load Balancers

References

https://www.oracle.com/webfolder/technetwork/tutorials/obe/oci/oke-full/index.html