Merge pull request #3184 from oracle/new_oci_controls
Add new OCI cloud controls
This commit is contained in:
commit
9b773185c3
4 changed files with 40 additions and 3 deletions
|
@ -8,8 +8,18 @@
|
||||||
#oci_vnc_id:
|
#oci_vnc_id:
|
||||||
#oci_subnet1_id:
|
#oci_subnet1_id:
|
||||||
#oci_subnet2_id:
|
#oci_subnet2_id:
|
||||||
## Overide these default behaviors if you wish
|
## Overide these default/optional behaviors if you wish
|
||||||
#oci_security_list_management: All
|
#oci_security_list_management: All
|
||||||
|
# If you would like the controller to manage specific lists per subnet. This is a mapping of subnet ocids to security list ocids. Below are examples.
|
||||||
|
#oci_security_lists:
|
||||||
|
#ocid1.subnet.oc1.phx.aaaaaaaasa53hlkzk6nzksqfccegk2qnkxmphkblst3riclzs4rhwg7rg57q: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q
|
||||||
|
#ocid1.subnet.oc1.phx.aaaaaaaahuxrgvs65iwdz7ekwgg3l5gyah7ww5klkwjcso74u3e4i64hvtvq: ocid1.securitylist.oc1.iad.aaaaaaaaqti5jsfvyw6ejahh7r4okb2xbtuiuguswhs746mtahn72r7adt7q
|
||||||
# If oci_use_instance_principals is true, you do not need to set the region, tenancy, user, key, passphrase, or fingerprint
|
# If oci_use_instance_principals is true, you do not need to set the region, tenancy, user, key, passphrase, or fingerprint
|
||||||
#oci_use_instance_principals: false
|
#oci_use_instance_principals: false
|
||||||
#oci_cloud_controller_version: 0.5.0
|
#oci_cloud_controller_version: 0.6.0
|
||||||
|
# If you would like to control OCI query rate limits for the controller
|
||||||
|
#oci_rate_limit:
|
||||||
|
#rate_limit_qps_read:
|
||||||
|
#rate_limit_qps_write:
|
||||||
|
#rate_limit_bucket_read:
|
||||||
|
#rate_limit_bucket_write:
|
||||||
|
|
|
@ -2,4 +2,4 @@
|
||||||
|
|
||||||
oci_security_list_management: All
|
oci_security_list_management: All
|
||||||
oci_use_instance_principals: false
|
oci_use_instance_principals: false
|
||||||
oci_cloud_controller_version: 0.5.0
|
oci_cloud_controller_version: 0.6.0
|
||||||
|
|
|
@ -28,6 +28,7 @@
|
||||||
kube:
|
kube:
|
||||||
kubectl: "{{ bin_dir }}/kubectl"
|
kubectl: "{{ bin_dir }}/kubectl"
|
||||||
filename: "/tmp/cloud-provider.yml"
|
filename: "/tmp/cloud-provider.yml"
|
||||||
|
state: latest
|
||||||
when: inventory_hostname == groups['kube-master'][0]
|
when: inventory_hostname == groups['kube-master'][0]
|
||||||
tags: oci
|
tags: oci
|
||||||
|
|
||||||
|
@ -47,5 +48,6 @@
|
||||||
kube:
|
kube:
|
||||||
kubectl: "{{ bin_dir }}/kubectl"
|
kubectl: "{{ bin_dir }}/kubectl"
|
||||||
filename: "/tmp/oci-cloud-controller-manager.yml"
|
filename: "/tmp/oci-cloud-controller-manager.yml"
|
||||||
|
state: latest
|
||||||
when: inventory_hostname == groups['kube-master'][0]
|
when: inventory_hostname == groups['kube-master'][0]
|
||||||
tags: oci
|
tags: oci
|
||||||
|
|
|
@ -54,3 +54,28 @@ loadBalancer:
|
||||||
# inbound traffic to load balancers.
|
# inbound traffic to load balancers.
|
||||||
securityListManagementMode: {{ oci_security_list_management }}
|
securityListManagementMode: {{ oci_security_list_management }}
|
||||||
|
|
||||||
|
{% if oci_security_lists is defined and oci_security_lists|length > 0 %}
|
||||||
|
# Optional specification of which security lists to modify per subnet. This does not apply if security list management is off.
|
||||||
|
securityLists:
|
||||||
|
{% for subnet_ocid, list_ocid in oci_security_lists.iteritems() %}
|
||||||
|
{{ subnet_ocid }}: {{ list_ocid }}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if oci_rate_limit is defined and oci_rate_limit|length > 0 %}
|
||||||
|
# Optional rate limit controls for accessing OCI API
|
||||||
|
rateLimiter:
|
||||||
|
{% if oci_rate_limit.rate_limit_qps_read %}
|
||||||
|
rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }}
|
||||||
|
{% endif %}
|
||||||
|
{% if oci_rate_limit.rate_limit_qps_write %}
|
||||||
|
rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }}
|
||||||
|
{% endif %}
|
||||||
|
{% if oci_rate_limit.rate_limit_bucket_read %}
|
||||||
|
rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }}
|
||||||
|
{% endif %}
|
||||||
|
{% if oci_rate_limit.rate_limit_bucket_write %}
|
||||||
|
rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
|
||||||
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue