OCI Cloud Provider Update (#4186)

* OCI subnet AD 2 is not required for CCM >= 0.7.0 Reorganize OCI provider to generate configuration, rather than pull Add pull secret option to OCI cloud provider * Updated oci example to document new parameters
2026-02-18 19:50:11 -03:30 · 2019-02-11 15:08:53 -05:00
parent befa8a6cbd
commit c41c1e771f
10 changed files with 241 additions and 61 deletions
--- a/roles/kubernetes-apps/cloud_controller/oci/tasks/credentials-check.yml
+++ b/roles/kubernetes-apps/cloud_controller/oci/tasks/credentials-check.yml
@@ -48,9 +48,11 @@
 - name: "OCI Cloud Controller | Credentials Check | oci_subnet2_id"
  fail:
    msg: "oci_subnet2_id is missing. Two subnets are required for load balancer high availability"
-  when: oci_subnet2_id is not defined or oci_subnet2_id == ""
+  when:
+  - oci_cloud_controller_version | version_compare('0.7.0', '<')
+  - oci_subnet2_id is not defined or oci_subnet2_id == ""

 - name: "OCI Cloud Controller | Credentials Check | oci_security_list_management"
  fail:
    msg: "oci_security_list_management is missing, or not defined correctly. Valid options are (All, Frontend, None)."
-  when: oci_security_list_management is not defined or oci_security_list_management not in ["All", "Frontend", "None"]
+  when: oci_security_list_management is not defined or oci_security_list_management not in ["All", "Frontend", "None"]
--- a/roles/kubernetes-apps/cloud_controller/oci/tasks/main.yml
+++ b/roles/kubernetes-apps/cloud_controller/oci/tasks/main.yml
@@ -3,51 +3,35 @@
 - include: credentials-check.yml
  tags: oci

- name: "OCI Cloud Controller | Generate Configuration"
+- name: "OCI Cloud Controller | Generate Cloud Provider Configuration"
  template:
    src: controller-manager-config.yml.j2
-    dest: /tmp/controller-manager-config.yml
-  register: controller_manager_config
+    dest: "{{ kube_config_dir }}/controller-manager-config.yml"
  when: inventory_hostname == groups['kube-master'][0]
  tags: oci

+- name: "OCI Cloud Controller | Slurp Configuration"
+  slurp:
+    src: "{{ kube_config_dir }}/controller-manager-config.yml"
+  register: controller_manager_config
+
 - name: "OCI Cloud Controller | Encode Configuration"
  set_fact:
-    controller_manager_config_base64: "{{ lookup('file', '/tmp/controller-manager-config.yml') | b64encode }}"
+    controller_manager_config_base64: "{{ controller_manager_config.content }}"
  when: inventory_hostname == groups['kube-master'][0]
  tags: oci

- name: "OCI Cloud Controller | Apply Configuration To Secret"
+- name: "OCI Cloud Controller | Generate Manifests"
  template:
-    src: cloud-provider.yml.j2
-    dest: /tmp/cloud-provider.yml
+    src: oci-cloud-provider.yml.j2
+    dest: "{{ kube_config_dir }}/oci-cloud-provider.yml"
  when: inventory_hostname == groups['kube-master'][0]
  tags: oci

- name: "OCI Cloud Controller | Apply Configuration"
+- name: "OCI Cloud Controller | Apply Manifests"
  kube:
    kubectl: "{{ bin_dir }}/kubectl"
-    filename: "/tmp/cloud-provider.yml"
-    state: latest
-  when: inventory_hostname == groups['kube-master'][0]
-  tags: oci
-
- name: "OCI Cloud Controller | Download Controller Manifest"
-  get_url:
-    url: "https://raw.githubusercontent.com/oracle/oci-cloud-controller-manager/{{oci_cloud_controller_version}}/manifests/oci-cloud-controller-manager.yaml"
-    dest: "/tmp/oci-cloud-controller-manager.yml"
-    force: yes
-  register: result
-  until: "'OK' in result.msg"
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  when: inventory_hostname == groups['kube-master'][0]
-  tags: oci
-
- name: "OCI Cloud Controller | Apply Controller Manifest"
-  kube:
-    kubectl: "{{ bin_dir }}/kubectl"
-    filename: "/tmp/oci-cloud-controller-manager.yml"
+    filename: "{{ kube_config_dir }}/oci-cloud-provider.yml"
    state: latest
  when: inventory_hostname == groups['kube-master'][0]
  tags: oci