Prerequisites for OKE on Oracle Cloud
flowchart LR
subgraph Accounts["Cloud Accounts"]
OCI[OCI Account<br/>Always Free]
CF[Cloudflare<br/>DNS Zone]
GH[GitHub<br/>Repository]
end
subgraph Tools["Local Tools"]
TF[Terraform]
KU[kubectl]
SSH[SSH Client]
end
subgraph Cluster["OKE Cluster"]
OKE((Deployed<br/>Cluster))
end
OCI --> OKE
CF --> OKE
GH --> OKE
TF --> OKE
KU -.->|manage| OKE
Cloud Accounts
Section titled “Cloud Accounts”Oracle Cloud Infrastructure
Section titled “Oracle Cloud Infrastructure”An OCI account upgraded to Pay-As-You-Go (required for OKE, but resources stay within free tier limits) is required. You need availability for Ampere A1 Compute instances in your region. US-Ashburn-1 and EU-Frankfurt-1 typically have better availability.
Required credentials:
- Tenancy OCID
- User OCID
- API Key fingerprint
- Private key file (.pem)
Cloudflare
Section titled “Cloudflare”A domain managed by Cloudflare is required for DNS and TLS certificate automation. Create an API Token with Zone.DNS Edit permissions. This token is used by External DNS to create A records and by Cert Manager for HTTP-01 challenges.
GitHub
Section titled “GitHub”Fork this repository to your account. Create a Personal Access Token (Classic) with repo and read:packages scopes. This allows Argo CD to pull configuration from your private repository and pull container images from GHCR.
Local Tools
Section titled “Local Tools”Terraform
Section titled “Terraform”Version 1.5.0 or higher. Used to provision OCI infrastructure and generate Kubernetes manifests.
OCI CLI
Section titled “OCI CLI”Optional but recommended for validating credentials and checking service limits.
kubectl
Section titled “kubectl”Required for interacting with the cluster after deployment.
SSH Client
Section titled “SSH Client”Standard OpenSSH client, pre-installed on macOS and Linux.