Anyone with a trial account for Oracle Cloud can use Oracle Cloud Infrastructure (OCI) to get herself a three-node Kubernetes Cluster instance, running on Oracle’s managed Kubernetes Engine Cloud Service called OKE. Unfortunately, the default resource limits on the trial account are such that the creation of the cluster will initially fail with “Cluster Create Failed: LimitExceeded: The cluster limit for this tenancy has been exceeded.”; only after submitting a Service Request with Oracle Support – which takes between 12 and 96 hours to be processed – will the account be extended to allow the creation of the K8S cluster.
In this article, I will show the process of submitting that support request – to ensure you this is the proper procedure (as strange as it seems) and to show how that actually works.
Note: I have written before about how to get going with OKE in my article First steps with Oracle Kubernetes Engine–the managed Kubernetes Cloud Service. Most of that article is still valid – but the additional step of the Service Request is now added. The Oracle Tutorial Creating a Cluster with Oracle Cloud Infrastructure Container Engine for Kubernetes and Deploying a Sample App also shows most of the steps – but not the submission of the Service Request.
I will shortly publish an article on how to prepare your OCI tenancy for a Kubernetes cluster instance using the OCI CLI and a series of scripted steps – which makes life so much easier than having to go through all the manual steps described in these two resources. Until then, you will have to manually create the Compartment, a User, the VCN, five subnets, two route tables, an internet gateway, two security lists, DHCP options. Once that is done, you can create the cluster – or at least make that first attempt.
From the menu shown on the left side of the screen (you may have to decrease the font size to actually see all menu options) select Developer Services | Container Clusters (OKE). I do not understand why the name Kubernetes is not used – container cluster sounds a bit vague.
In the page that appears, click on the Create Cluster button.
You can fill out the cluster details:
And more details:
And finally press the Create button. But now you are in for an unpleasant surprise if you are in a fresh Oracle Cloud trial account tenancy in which you may not even have touched any resource at all:
Bang, your cluster creation failed. Because you exceeded some limit. Not sure which one. Silly, how after not using anything in the trial account, the very first action brings you to this failure. It feels like the end of the road for my OKE experiements.
Fortunately, it does not have to be. By submitting an SR (service request) with Oracle Cloud Support, I can get this mysterious limit removed or at least extended and then continue on my journey.
As instructed in the documentation (Service Limits) I log in to Oracle Support at http://support.oracle.com/ with an account associated with the same email id as my Oracle Cloud user (this is important otherwise I cannot create the required service request type):
And switch to Oracle Cloud Support.
Here I click on Create Service Request.
The Service Type is Oracle Cloud Infrastructure, the problem type is Limit Increase. I provide the tenancy id and the names of the availability domains. I presume that the service/resource to be increased is the Compute Service.
As Problem Summary and Description I have entered:
I want to create OKE instance on OCI; failed with: Cluster Create Failed: LimitExceeded:
In OCI Console I attempted to create an OKE Cluster – after configuring all network resources. Creation failed with:
Cluster Create Failed: LimitExceeded: The cluster limit for this tenancy has been exceeded.
This happened in a brand new trial account where no resources had been used at all
After pressing Next I get to the Submission page where I press Submit. The SR is now submitted.
After a short time, I receive a notification from Oracle Support – and now the wait begins.
After 20 hours, I ask for an update, to find out if the limit increase will take much longer. Whether it has helped or not I do not know, but a little later, I received another notification email
Apparently the magic limit was extended and I should now be good to go with my OKE instance.
I have tried to find out which limit was extended – in the Service Limits page:
And it would appear that the number of OCPUS per AD has been increased:
Let’s now try to create that OKE instance:
and some more – including a node pool consisting of the three worker nodes:
And finally, press the Create button again:
And this time – no error message. Sweet victory.
The creation is in progress:
And after a fairly short while (two minutes tops), the creation is done:
Drill down to inspect the cluster details:
At this point, I can start using this cluster instance, as described in this article: First steps with Oracle Kubernetes Engine–the managed Kubernetes Cloud Service, typically by downloading a kubeconfig file and using kubectl.
Generate kubeconfig file
Assuming access to the OCI CLI tool, we can continue to generate the kubeconfig file. The OCI Console contains the page with details on the k8s-1 cluster. Press the Access Kubeconfig button. A popup opens, with the instructions to generate the kubeconfig file – unfortunately not yet to simply download the kubeconfig file.
Execute these two steps on the node from which I will run kubectl:
- mkdir -p $HOME/.kube
- cd $HOME/.kube
- oci ce cluster create-kubeconfig –cluster-id ocid1.cluster.oc1.iad.aaaaaaaaae3dmnrsmm4wgodfmvs –file – > kubeconfig
Now I have the desired kubeconfig file.
Set the environment variable KUBECONFIG to refer to this file:
And start interacting with kubectl:
I have also copied the kubeconfig file to my Windows laptop and started the proxy:
Using the URL http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login I can now access the dashboard for my fresh OKE instance:
Documentation on Service Limits and Service Requests: https://docs.cloud.oracle.com/iaas/Content/General/Concepts/servicelimits.htm?TocPath=Services|Service%20Essentials|_____5
Instructions on setting up the Ingress Controller on OKE: https://github.com/luisw19/orders-microservice-soaring-clouds-sequel/tree/master/oke-ingress