Stop iptables from being enabled by force
This change enables convergence in containers by removing iptables in a workaround as a result of upstream[1] efforts[2]. [1] https://review.rdoproject.org/r/9702 [2] https://review.rdoproject.org/r/9703 Change-Id: I8793cb8d1ee376d45e7521b8ff9434c704e05497
This commit is contained in:
parent
3abbcabe46
commit
766e9fba5c
7
files/default/neutron-enable-bridge-firewall.sh
Normal file
7
files/default/neutron-enable-bridge-firewall.sh
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# this script is intentionally reduced to an exit call to eliminate the
|
||||||
|
# automatic invocation of iptables.
|
||||||
|
# lp: https://bugs.launchpad.net/neutron/+bug/1622914
|
||||||
|
# bz: https://bugzilla.redhat.com/show_bug.cgi?id=1421022
|
||||||
|
exit 0
|
@ -73,6 +73,15 @@ template '/etc/neutron/rootwrap.conf' do
|
|||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
cookbook_file '/usr/bin/neutron-enable-bridge-firewall.sh' do
|
||||||
|
source 'neutron-enable-bridge-firewall.sh'
|
||||||
|
owner 'root'
|
||||||
|
group 'wheel'
|
||||||
|
mode '0755'
|
||||||
|
action :create
|
||||||
|
only_if { node['platform_family'] == 'redhat' }
|
||||||
|
end
|
||||||
|
|
||||||
if node['openstack']['mq']['service_type'] == 'rabbit'
|
if node['openstack']['mq']['service_type'] == 'rabbit'
|
||||||
node.default['openstack']['network']['conf_secrets']['DEFAULT']['transport_url'] = rabbit_transport_url 'network'
|
node.default['openstack']['network']['conf_secrets']['DEFAULT']['transport_url'] = rabbit_transport_url 'network'
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user