oci-oke-lb subnet pick-up change

[Charbel-Metrot]

Hello,

We are trying to change the default selected subnet for the load balancer in order to use a different existing public subnet instead of the pub_lb subnet.
and which parameter is the right one to do this change.

Alternatively, we would like to adjust the current NSG rules of the pub_lb subnet.
Is it done using the below variables?

` public_lb_allowed_ports = [80, 443, 15021]

allow_rules_public_lb = {
for p in local.public_lb_allowed_ports :

format("Allow ingress to port %v", p) => {
  protocol = local.tcp_protocol, port = p, source = "0.0.0.0/0", source_type = local.rule_type_cidr,
}

}
`

Thank you in advance for your help.

[robo-cap]

You can set the default subnet to be used for the OKE services using the subnet variable.

Once the cluster is created is not possible to change the default subnet used for the LoadBalancer type services.

If you intend to customize the subnet used for a service you can achieve this through annotation service.beta.kubernetes.io/oci-load-balancer-subnet1 as instructed here.

To whitelist ports on the LB NSG you can use the allow_rules_public_lb variable as in this example.