Releases: oracle-quickstart/oci-openshift
v1.4.3
Bug Fixes
1. Fix for installation failures on BM.Standard.E5/E6 shapes with VLAN networking (Issue #78)
- Add butane configs for master and worker nodes to configure MTU=9000
- Update Makefile to generate MachineConfig from butane files
- Include new manifest in dynamic_custom_manifest for auto-deployment
- Fixes OVN-Kubernetes failures
Contributors
What's Changed
- Release v1.4.3 by @dfoster-oracle in #79
Full Changelog: v1.4.2...v1.4.3
Contributors
Assets 10
v1.4.2
Changes and Improvements
1. Increase default resources (RAM and boot volume size) for Compute nodes
- The updated values will cause the automatic node role assignment process during Agent-based installations (or when node roles are otherwise not explicitly assigned) to properly assign node roles to control-plane and compute instances when using the default values.
- compute_memory increased from 16 GB to 32 GB
- compute_boot_size increased from 100 GB to 300 GB
2. Include VolumeSnapshotClass for Block Volumes with other OCI CSI manifests
Bug Fixes
1. Fix OCI_REGION_METADATA retrieval
- Retrieve regionInfo from the instance metadata URL (http://169.254.169.254/opc/v2/instance/regionInfo) no longer fails when run on hosts without access to the IMDS endpoint
Documentation Updates
- The README for OpenShift Virtualization has been updated to reflect the latest status and installation procedures
- Added versions (e.g. v1.4.2) to the stack schemas
Contributors & Attribution
What's Changed
- Release v1.4.2 by @dfoster-oracle in #77
Full Changelog: v1.4.1...v1.4.2
Contributors
Assets 10
v1.4.1
Changes
1. Fix for CSI driver deployment in DRCC/Alloy restricted regions
- Retrieve regionInfo from the instance metadata URL (http://169.254.169.254/opc/v2/instance/regionInfo) and pass it to the CSI driver with the
OCI_REGION_METADATAenvironment variable. This will ensure the OCI SDK recognizes the region and uses the correct endpoint domain (e.g. psn-pco.it) instead of defaulting to oraclecloud.com.- Owner: @jiayzhon
Documentation
- Minor README updates
Contributors & Attribution
What's Changed
- Release v1.4.1 by @dfoster-oracle in #76
Full Changelog: v1.4.0...v1.4.1
Contributors
Assets 10
v1.4.0
Features & Enhancements
1. Bring Your Own Network (BYON)
- Users can now select existing network resources (VCN, subnets, gateways, etc.) when creating a new cluster, enabling "Bring Your Own Network" capability via the
use_existing_networkoption. Previously, the stack only allowed creation of new network resources for each cluster. With BYON, customers have finer control and flexibility in cluster networking.- Owner: @vinayak-oci
2. Agent-Based Installation (ABI): Advanced Configurations & Disconnected Support
- Added new configuration options for Agent-based Installer (ABI), especially for disconnected. New output with pre-configured
install-config.yamlandagent-config.yaml, to be used in conjunction with existingdynamic_custom_manifest. The create-cluster stack now supports creating a webserver for disconnected ABI to host the cluster installation process and the rootfs file for the instances.- Owners: @jiayzhon , @dfoster-oracle
- Credit: @DavidCampbellAtOracle
3. GA: RWX Support & OCI CSI Driver v1.32.0
- Made OCI CSI driver v1.32.0 the default. This version provides RWX support for Raw Block Volumes. CCM and CSI drivers now auto-tag Load Balancers and Block Volumes using initial defined tags (openshift-resource-infra).
- Owner: @dfoster-oracle
4. OpenShift Virtualization Support
- The OCI CSI driver supports OpenShift Virtualization with RWX Raw Block Volumes, and a version with Ultra High Performance Block Volumes (v1.32.0-UHP). Additional information can be found in
docs/openshift-virtualization.md.- Owners: @dfoster-oracle, @vinayak-oci
5. Load Balancer Update: API LB Backend Set
- Added
api-intbackend set to API load balancer, resolving issues encountered when adding nodes.- Owner: @dfoster-oracle
- Credit: @adriengentil
6. Oracle Cloud Agent (OCA) integration & plugins (beta)
- OCA, running on launched instances with limited functionality, can now manage multiple essential plugins such as instance monitoring (pushing host metrics to OCI Monitoring), support for Ultra High-Performance block storage, RDMA setup for GPU clusters, and more.
- Owner: @handerajat
7. Internal: Manifests Repository Cleanup
- Removed committed checksums from version control and cleaned up condensed manifests from the
custom_manifestsdirectory and related documentation.- Owner: @dfoster-oracle
Documentation Updates
- Added
docs/for visibility. - Major READMEs and Oracle public documentation updated to reflect new BYON networking, Agent-based installation enhancements, and CSI capabilities.
Contributors & Attribution
- @vinayak-oci
- @dfoster-oracle
- @jiayzhon
- @handerajat
- @nikhisin3001
- @adriengentil
- @DavidCampbellAtOracle
What's Changed
- Release v1.4.0 preview by @dfoster-oracle in #75
Full Changelog: v1.3.0...v1.4.0
Contributors
Assets 10
v1.3.0
Features & Enhancements
1. Replace overloaded "enable_private_dns" variable with individual configuration options for public or private DNS, and public or private load balancers
Setting "enable_private_dns" to true would create a private DNS zone and make the api_apps load balancer private. Some users require more granular control over the DNS zones created and the publicity of load balancers. Now, users can create public or private DNS zones independently, and set the publicity of the api or *.apps load balancers separate from DNS options. We're also adding a new output "etc_hosts_entry" which customers can use to update their /etc/hosts file to reach load balancers where the hostnames for the cluster are unresolvable.
2. Separation of API and *.apps Load Balancers
Users have many reasons to create separate Load Balancers for API and Ingress (*.apps) traffic forincluding Security Isolation, Network Performance and Scalability, and Compliance and Access Control. Thanks to a contribution from a member of the Red Hat team, this is now possible. See Pull Request #67 for more details. Thank you @aygarg-rh!
3. Red Hat OpenShift Virtualization (LA) updates
Support for Red Hat OpenShift Virtualization on Oracle Cloud Infrastructure has been available under Limited Availability for some time, and we've been working with Red Hat Virtualization team to improve our offerings based on Red Hat and customer feedback. This update enables the usage of Ultra-High Performance volumes in conjunction with OpenShift Virtualization to greatly improve volume performance during Virtual Machine Image imports and exports. A new "oci-bv-uhp" StorageClass is available, as well as an updated version of our RWX-enabled CSI driver to also enable UHP Raw Block Volume creation and attachment. To facilitate the usage of this new driver, we're adding a new "Advanced Configurations" section to our Terraform schema that allows the selection of which CSI driver version to install. Instructions can be found here
As this feature is in LA, some limitations and issues may occur — please contact the team to report feedback.
4. Addition of "Deploy to Oracle" button to some documentation to facilitate RMS creation
The "Deploy to Oracle" button can be configured to take you to the RMS creation screen and import Terraform from our Release page. We've added buttons for each stack to terraform-stacks/README.md that you can quickly use to navigate to RMS and import the latest version of each stack. These buttons will be added to our other public documentation where appropriate.
Bug Fixes
1. Make Fault Domain distribution of instances configurable
Addresses an issue where instances were being created in Fault Domains that did not have the requested shape (GPU BM) available. Uncheck the default option for Compute or Control Plane instances to instead let OCI Compute Service schedule instances where appropriate.
What's Changed
- Docs updates according to OGHO requirements by @LesiaChaban in #69
- ramangla tc-38077-update-readme by @ramangla in #72
- v1.3.0 by @dfoster-oracle in #71
New Contributors
- @LesiaChaban made their first contribution in #69
- @ramangla made their first contribution in #72
Full Changelog: v1.2.1...v1.3.0
Contributors
Assets 10
v1.2.1
Patch Updates
1. Separated LoadBalancers for API and *.apps Traffic
Updated the Terraform code to provision distinct LoadBalancers for the OpenShift API and Ingress (*.apps) endpoints. This improves security isolation, scalability, and access control by separating control-plane and application traffic. The compute, DNS, and load balancer modules were modified accordingly, along with updates to both create-cluster and add-nodes stacks to ensure correct backend associations for new nodes.
v1.2.0
Enhancements
1. Cluster Networking Configuration
Reconfigured the default networking setup to support OpenShift clusters with both VM and Bare Metal nodes. The stack now reserves two subnets during initial installation: one for iSCSI traffic (private_subnet_bare_metal) and one for general cluster traffic (private_subnet_opc). This enables consistent VNIC assignments and allows adding VM or Bare Metal nodes to an existing cluster without additional network changes. Image creation logic has also been updated to support the required launch modes for each instance type.
2. Tag Namespace Validation
Added validation to ensure the tag namespace used for OpenShift clusters follows the expected format required by the platform. This helps the underlying infrastructure correctly identify and manage OpenShift resources during installation. Descriptions have also been updated to guide users in providing a valid namespace.
3. Default Shape Compatibility Alignment
Updated the default compute shape from VM.Standard.E4.Flex to VM.Standard.E5.Flex to align with current platform support and ensure successful resource provisioning.
v1.1.1
Bug Fixes
1. Tags created in non-home regions
There was an issue related to tag creation behavior in non-home regions. This fix resolves the problem where defined tags were not being created correctly in regions outside the tenancy's home region and allows for tag creation in all regions.
What's Changed
- release-v1.1.0 minor fix by @nikhisin3001 in #59
- Fix add nodes stack by @nikhisin3001 in #60
- add missing doc link to RWX-LA readme by @dfoster-oracle in #61
- release v1.1.1 by @nikhisin3001 in #62
Full Changelog: v1.1.0...v1.1.1
Contributors
Assets 6
v1.1.0
New Features
1. Tagging Workflow Introduced Prior to Cluster Deployment
A new tagging structure has been introduced to ensure consistent resource attribution across OpenShift deployments. Before launching any new OpenShift clusters, users must now run the create-resource-attribution-tags stack to predefine the required tags. This change improves governance, tracking, and lifecycle management of OpenShift resources in OCI.
Important: You must run the create-resource-attribution-tags stack before running any other stacks. This stack creates a tagNamespace and associated defined-tags (openshift-tags and openshift-resource) that are essential for all subsequent stacks to function correctly. Skipping this step may cause failures or unexpected behavior. You can skip this step if the tagNamespace and its associated defined-tags already exist.
2. Red Hat OpenShift Virtualization Now in Limited Availability (LA) on OCI
Initial support for Red Hat OpenShift Virtualization on Oracle Cloud Infrastructure is now available under Limited Availability. This enables customers to run virtual machine workloads alongside containers within the same OpenShift environment. As this feature is in LA, some limitations and issues may occur — please contact the team to report feedback. Link
3. Support for Both Multi-AD and Single-AD Cluster Deployments
The Terraform stack now supports more flexible deployment options across Availability Domains. Users can now deploy OpenShift clusters in either a single AD or multi-AD setup, improving high availability and alignment with varied customer infrastructure needs.
Enhancements
1. Support for OpenShift on OCI Bare Metal GPU Shapes in Limited Availability (LA)
Enhancements have been made to the Terraform stack to support launching OpenShift clusters on OCI Bare Metal instances with GPU shapes. This update includes refining shape-matching logic to ensure GPU-capable nodes are properly identified and provisioned. The shapes supported are A100 and H100. As this feature is in LA, some limitations and issues may occur — please contact the team to report feedback.
Fixes
1. Bug Fix: Incorrect pod-security.kubernetes.io/enforce-version Label Value
Addressed an issue where the pod-security.kubernetes.io/enforce-version label was present but set to an incorrect value in certain namespaces. This could cause unexpected behavior with Kubernetes Pod Security Admission (PSA) policies. The label value is now correctly set during cluster provisioning to ensure proper enforcement and compliance with security standards.
v1.0.0
What's Changed
- Upgraded OCI CCM and CSI driver versions to v1.30
- Adds support for using Bare Metal instances as OpenShift cluster nodes
- Adds support for provisioning Raw Block Volumes (no filesystem)
- Major Terraform refactor
- Instead of one infrastructure.tf file that can only create a cluster, we now have the terraform-stacks directory which contains individual Terraform stacks intended to be used with RMS:
- add-nodes
- create-cluster
- create-tags
- Use shared_modules across all Terraform stacks
- Packaging of stacks into versioned and distributable zip files
- Instead of one infrastructure.tf file that can only create a cluster, we now have the terraform-stacks directory which contains individual Terraform stacks intended to be used with RMS:
- Terraform improvements
- Instances are now distributed across Availability and Fault Domains if available
- create-cluster stack can be used for a connected Agent-based installation
- Stacks now output a dynamic_custom_manifest which contains all custom manifests necessary for OpenShift installation, pre-formatted with OCI CCM and CSI secrets, and condensed into a single manifest for easy uploading/pasting
- New custom manifests
- All necessary custom manifests are now formatted and output by the Terraform stacks
- oci-eval-user-data.yml executes scipts uploaded during instance creation
- iscsi-oci-configure-secondary-nic.sh evaluates and configures the instance network settings for iSCSI boot volumes (Bare Metal)
- cluster-network.yml modifies the default cluster Network subnet to avoid conflicts with iSCSI boot volumes in OCP 4.17+
- Versioned OCI CCM and CSI manifests
- Add support for updating CCM and CSI drivers on an existing cluster