Kubernetes cluster add-on lifecycle management

March 20, 2023 | 5 minute read
Mickey Boxell
Product Management
Text Size 100%:

We’re excited to introduce cluster add-on lifecycle management to Oracle Container Engine for Kubernetes (OKE). This new functionality gives you the opportunity to offload the management of common cluster operational software to Oracle. It also provides customers with advanced use cases the flexibility to customize these add-ons or fully opt out of default Kubernetes operational software to bring equivalent software.

What are add-ons?

When we say add-ons, we’re referring to operational tools and features used to support and extend the functionality of Kubernetes environments. This area includes software essential to the proper functioning of a cluster, such as CoreDNS, kube-proxy, and a container network interface (CNI) like Flannel or Oracle Cloud Infrastructure (OCI) Native Pod Networking. It also includes a growing portfolio of optional add-on software used to extend core Kubernetes functionality and improve cluster manageability and performance, such as the Kubernetes Dashboard, Oracle Database Operator, Oracle Weblogic Operator, and more.

Simplicity and lower management overhead

The goal of this feature is twofold. The first goal is to make it easier for our customers to install common operational tools and offload the management of those tools to Oracle. We recognize that Kubernetes isn’t a simple system to operate. Many of our users prefer to offload the responsibility of ownership of as many components as possible to a trusted provider. Given that preference, we identified common operational software used by our customers that we could own. This ownership starts from building the container images and manifests and extends to configuring the add-ons and keeping them updated over time. We hope that this feature makes a material difference to removing operational toil for our users.

Flexibility and control

The second goal is to enable the complex use cases of our advanced users. Add-on lifecycle management gives users more levers to pull when it comes to configuration of cluster software. You can choose to disable or opt out of using a specific add-on altogether. For example, you can choose to disable the OCI Native Pod Networking CNI and bring your own alternative CNI, such as Calico. Users with specific compliance or audit requirements can choose to pin to an add-on version and control when their add-on is updated. Customers who use Oracle-provided software can choose to have it fully managed by Oracle, including automatic updates.

Each add-on comes with a set of customizable options. For example, CoreDNS, a general purpose authoritative domain name system (DNS) server commonly found in Kubernetes environments comes with the option to bring your own Kubernetes ConfigMap, with a Corefile section that defines CoreDNS behavior. This Corefile configuration includes several CoreDNS plugins with different DNS functions to extend the basic functionality. These supported customizations allow you to tailor your add-ons to your specific use cases while still benefitting from lifecycle management by Oracle.

How to use add-ons

As with all OKE features, you can configure add-ons through various surfaces, including our Console, API, CLI, SDK, Terraform, and more. In the Oracle Cloud Console, you can configure add-ons either during cluster creation process or after you create your cluster. To configure add-ons during cluster creation in the Console, click Show advanced options on the first page of the custom cluster creation flow, scroll down to the Configure cluster add-ons panel, and click the add-on you want to customize.

A screenshot of the Create cluster (custom) page showing show to deploy add-ons at cluster creation.
The custom cluster creation page showing show to deploy add-ons at cluster creation time


For example, in the following image, I clicked the Kubernetes dashboard add-on, which opened a panel that allowed me to choose whether I want to enable or disable the add-on. Enabling the add-on deploys the Kubernetes dashboard as a pod to my cluster. The same panel also allows you to choose to have Oracle automatically manage the life cycle of the add-on, including updating the add-on as new versions are released over time, or to pin your add-on version and meet internal security and compliance requirements.

Each add-on comes with several configuration options, some of which are common to all add-ons, while others are add-on specific. For the Kubernetes dashboard, you can specify the number of replicas you want to make of the Kubernetes dashboard pod and use node selectors and tolerations to control onto which nodes Kubernetes schedules a given add-on.

A screenshot of the Edit Kubernetes dashboard panel showing how to configure the Kubernetes dashboard add-on.
The Edit Kubernetes dashboard panel showing how to configure the Kubernetes dashboard add-on


After you create your clusters, you can view your deployed add-ons by navigating to the Add-ons tab on the Clusters details page. Here, you can see a list of deployed add-ons, whether they’re automatically updated, the status, and the add-on version.

A screenshot of the Add-ons tab showing the deployed add-ons.
The Add-ons tab showing the deployed add-ons


You can also configure add-ons after you create a cluster. To do so, click Manage add-ons. This selection opens a panel showing all available add-ons. Clicking into an add-on gives you the ability to update the configuration. To apply the updates, click Save changes. To track the changes in real time, navigate to the Work requests tab and click on the appropriate work request.

A screenshot of the Add-ons panel showing how to configure add-ons deployed to your cluster.
The Add-ons panel showing how to configure add-ons deployed to your cluster

More control and simpler operation

The new add-on lifecycle management feature gives customers both greater control over and the ability to offload the management of operational tools and features commonly used with Kubernetes environments. We hope that this feature enables you to offload operational risk and the burden of managing ancillary software and that it provides our sophisticated customers with the control and flexibility to support your advanced use cases. 

Want to learn more?



Mickey Boxell

Product Management

Product Manager on the Oracle Containers and Kubernetes Services team.

Previous Post

OKE Workload Identity: Greater control of access

Rishi Johari | 6 min read

Next Post

OKE virtual nodes deliver a serverless Kubernetes experience

Greg Verstraeten | 7 min read