01 Comprehensive Blog on Oracle Kubernetes Engine – getting started


Oracle Cloud Infrastructure Container Engine for Kubernetes is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Use Container Engine for Kubernetes (sometimes abbreviated to just OKE) when your development team wants to reliably build, deploy, and manage cloud-native applications. You specify the compute resources that your applications require, and Container Engine for Kubernetes provisions them on Oracle Cloud Infrastructure in an existing OCI tenancy.

Container Engine for Kubernetes uses Kubernetes – the open-source system for automating deployment, scaling, and management of containerized applications across clusters of hosts. Kubernetes groups the containers that make up an application into logical units (called pods) for easy management and discovery. Container Engine for Kubernetes uses versions of Kubernetes certified as conformant by the Cloud Native Computing Foundation (CNCF).

You can access Container Engine for Kubernetes to define and create Kubernetes clusters using the Console and the REST API. You can access the clusters you create using the Kubernetes command line (kubectl), the Kubernetes Dashboard, and the Kubernetes API.

Container Engine for Kubernetes is integrated with Oracle Cloud Infrastructure Identity and Access Management (IAM), which provides easy authentication with native Oracle Cloud Infrastructure identity functionality.

Access OCI Compute from my Services Dashboard

Please click on Compute from Services and NOT Compute Classic

Create User, Policies assign Roles

login to My Services cloud dashboard -> Compute for Oracle Cloud Infrastructure , Select Users Menu and Create User

Create User , Create/Reset Password

Add user to Administrator group

Create the following Policy

Select Identity -> Policies

Under ROOT compartment create following policy

name :oke-service

policy: allow service OKE to manage all-resources in tenancy

name: administrator-team-oke-policy

policy: allow group Administrators to manage cluster-family in tenancy

name: admin-dev-team

policy: allow group Administrators to inspect subnets in tenancy

logout and login as new user we just created

Typical login URL will be as shown below




Use NON SSO login on the right side


Reset Password on 1st login

Access Container Clusters 

Check if the “Create Cluster” button is Enabled without any Error Message

if there are no Errors – we are good to start working on Oracle Kubernetes Engine

Expected Errors

If you are using SSO based Login on the left side please expect the following Errors in OKE

  1. Cluster Create Button is Disabled 
  2. Access Denied

Failed to load repos: 403 Forbidden - {"errors":[{"code":"ACCESS_DENIED",
"message":"User UserId(ocid1.saml2idp.oc1..aaaaaaaaok6475gp6osl3ek24
darebpa4iwqfdfl2ut5rd66a3fchtpquaiq/[email protected]) 
cannot ListDockerRepositories on resource sometenant/","detail":{}}]}
NEXT >> 02 Configure Network Resources for Oracle Kubernetes Engine