richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5347 Commits
29 Branches
81 Tags
147 MiB
Tree: e489e70031
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e489e70031'
${ noResults }
kubespray/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.y...

90 lines
3.8 KiB
Raw Normal View History

OCI Cloud Provider Update (#4186) * OCI subnet AD 2 is not required for CCM >= 0.7.0 Reorganize OCI provider to generate configuration, rather than pull Add pull secret option to OCI cloud provider * Updated oci example to document new parameters
5 years ago
Cloud provider support for OCI (Oracle Cloud Infrastructure) Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
OCI Cloud Provider Update (#4186) * OCI subnet AD 2 is not required for CCM >= 0.7.0 Reorganize OCI provider to generate configuration, rather than pull Add pull secret option to OCI cloud provider * Updated oci example to document new parameters
5 years ago
Cloud provider support for OCI (Oracle Cloud Infrastructure) Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
Add .editorconfig file (#6307)
4 years ago
Cloud provider support for OCI (Oracle Cloud Infrastructure) Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
Add .editorconfig file (#6307)
4 years ago
Cloud provider support for OCI (Oracle Cloud Infrastructure) Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
Add .editorconfig file (#6307)
4 years ago
Cloud provider support for OCI (Oracle Cloud Infrastructure) Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
OCI Cloud Provider Update (#4186) * OCI subnet AD 2 is not required for CCM >= 0.7.0 Reorganize OCI provider to generate configuration, rather than pull Add pull secret option to OCI cloud provider * Updated oci example to document new parameters
5 years ago
Cloud provider support for OCI (Oracle Cloud Infrastructure) Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
OCI Cloud Provider Update (#4186) * OCI subnet AD 2 is not required for CCM >= 0.7.0 Reorganize OCI provider to generate configuration, rather than pull Add pull secret option to OCI cloud provider * Updated oci example to document new parameters
5 years ago
Cloud provider support for OCI (Oracle Cloud Infrastructure) Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
Add new OCI cloud controls
6 years ago
Replace iteritems() to items() in Jinja2 templates (#4437) The iteritems() dictionary's method has been removed in Python3. Using this method in Jinja2 templates limits the execution to Python2 which will be deprecated in 2020[1]. This change replaces that method for the items() method as it's suggested in the official website[2]. [1] https://pythonclock.org/ [2] https://docs.ansible.com/ansible/latest/user_guide/playbooks_python_version.html#dict-iteritems
5 years ago
Add new OCI cloud controls
6 years ago
Add .editorconfig file (#6307)
4 years ago
Add new OCI cloud controls
6 years ago
Add .editorconfig file (#6307)
4 years ago
Add new OCI cloud controls
6 years ago
Add .editorconfig file (#6307)
4 years ago
Add new OCI cloud controls
6 years ago
Add .editorconfig file (#6307)
4 years ago
Add new OCI cloud controls
6 years ago
  1. {% macro private_key() %}{{ oci_private_key }}{% endmacro %}
  3. {% if oci_use_instance_principals %}
  4. # (https://docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/callingservicesfrominstances.htm).
  5. # Ensure you have setup the following OCI policies and your kubernetes nodes are running within them
  6. # allow dynamic-group [your dynamic group name] to read instance-family in compartment [your compartment name]
  7. # allow dynamic-group [your dynamic group name] to use virtual-network-family in compartment [your compartment name]
  8. # allow dynamic-group [your dynamic group name] to manage load-balancers in compartment [your compartment name]
  9. useInstancePrincipals: true
  10. {% else %}
  11. useInstancePrincipals: false
  12. {% endif %}
  14. auth:
  16. {% if oci_use_instance_principals %}
  17. # This key is put here too for backwards compatibility
  18. useInstancePrincipals: true
  19. {% else %}
  20. useInstancePrincipals: false
  22. region: {{ oci_region_id }}
  23. tenancy: {{ oci_tenancy_id }}
  24. user: {{ oci_user_id }}
  25. key: |
  26. {{ oci_private_key }}
  28. {% if oci_private_key_passphrase is defined %}
  29. passphrase: {{ oci_private_key_passphrase }}
  30. {% endif %}
  33. fingerprint: {{ oci_user_fingerprint }}
  34. {% endif %}
  36. # compartment configures Compartment within which the cluster resides.
  37. compartment: {{ oci_compartment_id }}
  39. # vcn configures the Virtual Cloud Network (VCN) within which the cluster resides.
  40. vcn: {{ oci_vnc_id }}
  42. loadBalancer:
  43. # subnet1 configures one of two subnets to which load balancers will be added.
  44. # OCI load balancers require two subnets to ensure high availability.
  45. subnet1: {{ oci_subnet1_id }}
  46. {% if oci_subnet2_id is defined %}
  47. # subnet2 configures the second of two subnets to which load balancers will be
  48. # added. OCI load balancers require two subnets to ensure high availability.
  49. subnet2: {{ oci_subnet2_id }}
  50. {% endif %}
  51. # SecurityListManagementMode configures how security lists are managed by the CCM.
  52. # "All" (default): Manage all required security list rules for load balancer services.
  53. # "Frontend": Manage only security list rules for ingress to the load
  54. # balancer. Requires that the user has setup a rule that
  55. # allows inbound traffic to the appropriate ports for kube
  56. # proxy health port, node port ranges, and health check port ranges.
  57. # E.g. 10.82.0.0/16 30000-32000.
  58. # "None": Disables all security list management. Requires that the
  59. # user has setup a rule that allows inbound traffic to the
  60. # appropriate ports for kube proxy health port, node port
  61. # ranges, and health check port ranges. E.g. 10.82.0.0/16 30000-32000.
  62. # Additionally requires the user to mange rules to allow
  63. # inbound traffic to load balancers.
  64. securityListManagementMode: {{ oci_security_list_management }}
  66. {% if oci_security_lists is defined and oci_security_lists|length > 0 %}
  67. # Optional specification of which security lists to modify per subnet. This does not apply if security list management is off.
  68. securityLists:
  69. {% for subnet_ocid, list_ocid in oci_security_lists.items() %}
  70. {{ subnet_ocid }}: {{ list_ocid }}
  71. {% endfor %}
  72. {% endif %}
  74. {% if oci_rate_limit is defined and oci_rate_limit|length > 0 %}
  75. # Optional rate limit controls for accessing OCI API
  76. rateLimiter:
  77. {% if oci_rate_limit.rate_limit_qps_read %}
  78. rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }}
  79. {% endif %}
  80. {% if oci_rate_limit.rate_limit_qps_write %}
  81. rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }}
  82. {% endif %}
  83. {% if oci_rate_limit.rate_limit_bucket_read %}
  84. rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }}
  85. {% endif %}
  86. {% if oci_rate_limit.rate_limit_bucket_write %}
  87. rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
  88. {% endif %}
  89. {% endif %}