I am not sure if you have noticed that, but in March 2021 Kubernetes clusters have been significantly redefined within OCI. I mean now Container Engine for Kubernetes is VCN-native by default. You can read about it here. VCN-native K8S clusters are completely integrated with your Virtual Cloud Network (VCN). It also means you can make them private or public. K8S worker nodes, as well as load balancers, are already part of the VCN; The new thing in this setup is that you can now add the Kubernetes API endpoint to the VCN as well. The documentation clearly explains 4 possible scenarios that you can implement. In essence, you can have different mixes of public vs private elements of OKE configuration. In the video below I am focusing my attention on a fully private use-case where all three parts of Kubernetes are deployed in private subnets, so we will have Private Kubernetes API Endpoint, Private Worker Nodes, and Private Load Balancers. The deployment of this configuration will be done automatically with the usage of Terraform and Resource Manager. If you want to do the same in your tenancy I am really encouraging you to download the code repository from here. I hope it will be tasty. The video is long but believe me. It is good to watch it all, up to the end.
Martin, The Cook.