Create and manage Kubernetes clusters on Oracle Cloud Infrastructure with Cluster API

March 11, 2022 | 4 minute read
Paul Jenkins
Senior Principal Product Manager
Text Size 100%:

We’re pleased to announce Oracle Cloud Infrastructure (OCI) support for Cluster API. Cluster API is a Kubernetes subproject focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters.

Kubernetes is a complex system that relies on many components being configured correctly to have a working cluster and many organizations choose to use a fully managed Kubernetes service, such as Oracle Container Engine for Kubernetes (OKE), to avoid this complexity. However, managing the lifecycle of creating, scaling, upgrading, and deleting multiple clusters is complicated, and different clouds give different experiences. Cluster API (CAPI) reduces the complexity and effort of managing multiple Kubernetes clusters by providing Kubernetes-style APIs and patterns to automate cluster lifecycle management across multiple clouds and on-premises.

With CAPI, Kubernetes cluster administrators get the following key benefits:

  • More control of configuration and software installed in clusters

  • Standardized approach to manage clusters across multiple clouds and on-premises

  • Lifecycle control of both managed and self-hosted Kubernetes clusters

  • Reuse existing ecosystem components rather than duplication of functionality

Cluster API overview

Cluster API uses a management cluster as a control point to manage the lifecycle of workload clusters that it provisions through a Cluster API provider for the target platform.

A graphic depicting the architecture for using Cluster API.

A Cluster API management cluster is created by installing Cluster API on an existing Kubernetes cluster. This cluster can run on a local laptop, virtual machine (VM), on-premises, or in the cloud. The management cluster then manages the lifecycle of workload clusters on a target infrastructure using a Cluster API Provider for that infrastructure. This process abstracts the infrastructure platform-specific requirements, such as security and networking, and exposes a common set of declarative APIs, providing a consistent experience across different target infrastructures. To enable OCI as a target infrastructure, we’ve created a Cluster API Provider for OCI (CAPOCI).


The following high-level example creates a local Cluster API Management cluster and then deploy a workload cluster on OCI. Detailed instructions and prerequisites are detailed on the cluster-api-provider-oci GitHub repository and documentation. The process assumes that you have installed all the required software and configured the required OCI authentication.

First, you need a running Kubernetes cluster. For testing purposes, you can use kind to create a local cluster.

kind create cluster
kubectl config set-context kind-kind

Next, make this cluster a Cluster API management cluster for OCI with the following command:

clusterctl init --infrastructure oci

Create a Workload cluster on OCI.

clusterctl generate cluster oci-cluster | kubectl apply -f -

Several variables and arguments allow you to control virtually all aspects of the cluster, such as Kubernetes version, Compute shape, and numbers for the control plane nodes to the network configuration, security lists, and more. CAPOCI uses templates to create a default infrastructure that gives public access to the Kubernetes API and runs the control plane and workload instances in private subnets. You can customize these templates or override arguments in the command.

Now that we have a running workload cluster on OCI, we can use clusterctl to get the kubeconfig for the workload cluster:

clusterctl get kubeconfig oci-cluster > oci-cluster.kubeconfig

The final step is to install a container network interface (CNI) provider. Calico and Antrea are currently tested.

kubectl --kubeconfig=oci-cluster.kubeconfig apply -f \

We now have a CAPOCI-managed Kubernetes cluster running on OCI. For details of how to configure the cluster to run OCI load balancers and access storage, see the cluster-api-provider-oci GitHub documentation.


Cluster API reduces the complexity of creating and operating Kubernetes clusters on OCI. By using a common and declarative approach, Kubernetes cluster administrators can create templates that match their exact cluster requirements, while managing the lifecycle of these clusters in the cloud, on-premises, or both.

“Kubernetes Cluster API provider for OCI (CAPOCI) is a great step to building immutable clusters,” says Oz Kologlu, head of engineering at Container Exchange Services in Sydney, Australia. “It drastically simplifies the whole process of managing the cluster lifecycle: Launch new clusters, deploy, verify and move our workloads to a new cluster, and delete the obsolete clusters. It also provides great deal of freedom to developers who can have their own Kubernetes clusters, run experiments, test new code or ideas, even in the control plane, and tear down when they’re done.”

For more details, check the following documentation:

If you’re interested in contributing to these projects, access the following GitHub repos:

Get started with CAPOCI and Oracle Cloud Infrastructure today with our Oracle Cloud Free Tier.

Paul Jenkins

Senior Principal Product Manager

Paul is a Senior Principal Product Manager in the Oracle Cloud Iinfrastructure Cloud Native Services team.

Previous Post

Oracle enhances the OCI Cloud Adoption Framework, releases the enterprise scale baseline landing zone, and offers more options for multicloud strategies

Farouk Khan | 5 min read

Next Post

Oracle Cloud Infrastructure Speech GA announcement

Guy Michaeli | 3 min read