Add new OCI cloud controls

roles/kubernetes-apps/cloud_controller/oci/defaults/main.yml

@@ -2,4 +2,4 @@
 
 oci_security_list_management: All
 oci_use_instance_principals: false
-oci_cloud_controller_version: 0.5.0
+oci_cloud_controller_version: 0.6.0

roles/kubernetes-apps/cloud_controller/oci/tasks/main.yml

@@ -28,6 +28,7 @@
   kube:
     kubectl: "{{ bin_dir }}/kubectl"
     filename: "/tmp/cloud-provider.yml"
+    state: latest
   when: inventory_hostname == groups['kube-master'][0]
   tags: oci
 
@@ -47,5 +48,6 @@
   kube:
     kubectl: "{{ bin_dir }}/kubectl"
     filename: "/tmp/oci-cloud-controller-manager.yml"
+    state: latest
   when: inventory_hostname == groups['kube-master'][0]
   tags: oci

roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2

@@ -54,3 +54,28 @@ loadBalancer:
   #                    inbound traffic to load balancers.
   securityListManagementMode: {{ oci_security_list_management }}
 
+{% if oci_security_lists is defined and oci_security_lists|length > 0 %}
+  # Optional specification of which security lists to modify per subnet. This does not apply if security list management is off.
+  securityLists:
+{% for subnet_ocid, list_ocid in oci_security_lists.iteritems() %}
+    {{ subnet_ocid }}: {{ list_ocid }}
+{% endfor %}
+{% endif %}
+
+{% if oci_rate_limit is defined and oci_rate_limit|length > 0 %}
+# Optional rate limit controls for accessing OCI API
+rateLimiter:
+{% if oci_rate_limit.rate_limit_qps_read %}
+  rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }} 
+{% endif %}
+{% if oci_rate_limit.rate_limit_qps_write %}
+  rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }} 
+{% endif %}
+{% if oci_rate_limit.rate_limit_bucket_read %}
+  rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }} 
+{% endif %}
+{% if oci_rate_limit.rate_limit_bucket_write %}
+  rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }} 
+{% endif %}
+{% endif %}
+