Cloud provider support for OCI (Oracle Cloud Infrastructure)

Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>

roles/kubernetes/master/templates/kubeadm-config.v1alpha1.yaml.j2

@@ -16,7 +16,7 @@ networking:
   serviceSubnet: {{ kube_service_addresses }}
   podSubnet: {{ kube_pods_subnet }}
 kubernetesVersion: {{ kube_version }}
-{% if cloud_provider is defined and cloud_provider != "gce" %}
+{% if cloud_provider is defined and cloud_provider not in ["gce", "oci"] %}
 cloudProvider: {{ cloud_provider }}
 {% endif %}
 {% if kube_proxy_mode == 'ipvs' and kube_version | version_compare('v1.10', '<') %}

roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2

@@ -48,6 +48,8 @@ spec:
     - --cloud-config={{ kube_config_dir }}/cloud_config
 {% elif cloud_provider is defined and cloud_provider in ["aws", "external"] %}
     - --cloud-provider={{cloud_provider}}
+{% elif cloud_provider is defined and cloud_provider == "oci" %}
+    - --cloud_provider=external
 {% endif %}
 {% if kube_network_plugin is defined and kube_network_plugin == 'cloud' %}
     - --configure-cloud-routes=true

roles/kubernetes/node/templates/kubelet.kubeadm.env.j2

@@ -93,8 +93,10 @@ KUBELET_NETWORK_PLUGIN="--hairpin-mode=promiscuous-bridge --network-plugin=kuben
 KUBE_ALLOW_PRIV="--allow-privileged=true"
 {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }} --cloud-config={{ kube_config_dir }}/cloud_config"
-{% elif cloud_provider is defined and cloud_provider == "aws" %}
+{% elif cloud_provider is defined and cloud_provider in ["aws", "external"] %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }}"
+{% elif cloud_provider is defined and cloud_provider == "oci" %}
+KUBELET_CLOUDPROVIDER="--cloud-provider=external"
 {% else %}
 KUBELET_CLOUDPROVIDER=""
 {% endif %}

roles/kubernetes/node/templates/kubelet.standard.env.j2

@@ -114,8 +114,10 @@ KUBELET_VOLUME_PLUGIN="--volume-plugin-dir={{ kubelet_flexvolumes_plugins_dir }}
 KUBE_ALLOW_PRIV="--allow-privileged=true"
 {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }} --cloud-config={{ kube_config_dir }}/cloud_config"
-{% elif cloud_provider is defined and cloud_provider == "aws" %}
+{% elif cloud_provider is defined and cloud_provider in ["aws", "external"] %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }}"
+{% elif cloud_provider is defined and cloud_provider == "oci" %}
+KUBELET_CLOUDPROVIDER="--cloud-provider=external"
 {% else %}
 KUBELET_CLOUDPROVIDER=""
 {% endif %}

roles/kubernetes/preinstall/tasks/main.yml

@@ -73,10 +73,10 @@
 
 - name: check cloud_provider value
   fail:
-    msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', or external"
+    msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', 'oci', or external"
   when:
     - cloud_provider is defined
-    - cloud_provider not in ['generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', 'external']
+    - cloud_provider not in ['generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere', 'oci', 'external']
   tags:
     - cloud-provider
     - facts

roles/kubernetes/preinstall/tasks/verify-settings.yml

@@ -92,6 +92,12 @@
   when: dashboard_enabled
   ignore_errors: "{{ ignore_assert_errors }}"
 
+- name: Stop if RBAC is not enabled when OCI cloud controller is enabled
+  assert:
+    that: rbac_enabled
+  when: cloud_provider is defined and cloud_provider == "oci"
+  ignore_errors: "{{ ignore_assert_errors }}"
+
 - name: Stop if RBAC and anonymous-auth are not enabled when insecure port is disabled
   assert:
     that: rbac_enabled and kube_api_anonymous_auth