From 084b8439094b7ee725af55b06caf3ece368b1096 Mon Sep 17 00:00:00 2001
From: Aleksandr Didenko <adidenko@mirantis.com>
Date: Tue, 17 Mar 2015 17:55:20 +0200
Subject: [PATCH] Remove default routes via hapr-p/hapr-m in haproxy ns

We no longer need those default routes and iptables marking/nat,
since we have 'hapr-ns' interface and default route via it, which
provides connectivity to other networks from haproxy namespace.

Change-Id: I67dbbbb1dcd61a201b697029d84a54679cc61018
Closes-bug: #1433150
---
 .../modular/virtual_ips/virtual_ips.pp             | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/deployment/puppet/osnailyfacter/modular/virtual_ips/virtual_ips.pp b/deployment/puppet/osnailyfacter/modular/virtual_ips/virtual_ips.pp
index 342a69300e..fedfc303ba 100644
--- a/deployment/puppet/osnailyfacter/modular/virtual_ips/virtual_ips.pp
+++ b/deployment/puppet/osnailyfacter/modular/virtual_ips/virtual_ips.pp
@@ -22,13 +22,10 @@ $vips = { # Do not convert to ARRAY, It can't work in 2.7
       ns_veth              => "hapr-m",
       ip                   => hiera('management_vip'),
       cidr_netmask         => $vip_management_cidr_netmask,
-      gateway              => 'link',
-      gateway_metric       => '20',
+      gateway              => 'none',
+      gateway_metric       => '0',
       bridge               => $network_scheme['roles']['management'],
       other_networks       => $vip_mgmt_other_nets,
-      iptables_start_rules => "iptables -t mangle -I PREROUTING -i ${internal_int}-hapr -j MARK --set-mark 0x2b ; iptables -t nat -I POSTROUTING -m mark --mark 0x2b ! -o ${network_scheme['roles']['management']} -j MASQUERADE",
-      iptables_stop_rules  => "iptables -t mangle -D PREROUTING -i ${internal_int}-hapr -j MARK --set-mark 0x2b ; iptables -t nat -D POSTROUTING -m mark --mark 0x2b ! -o ${network_scheme['roles']['management']} -j MASQUERADE",
-      iptables_comment     => "masquerade-for-management-net",
       with_ping            => false,
       ping_host_list       => "",
     },
@@ -62,13 +59,10 @@ if $public_int {
       ns_veth              => 'hapr-p',
       ip                   => hiera('public_vip'),
       cidr_netmask         => $vip_public_cidr_netmask,
-      gateway              => 'link',
-      gateway_metric       => '10',
+      gateway              => 'none',
+      gateway_metric       => '0',
       bridge               => $network_scheme['roles']['ex'],
       other_networks       => $vip_publ_other_nets,
-      iptables_start_rules => "iptables -t mangle -I PREROUTING -i ${public_int}-hapr -j MARK --set-mark 0x2a ; iptables -t nat -I POSTROUTING -m mark --mark 0x2a ! -o ${network_scheme['roles']['ex']} -j MASQUERADE",
-      iptables_stop_rules  => "iptables -t mangle -D PREROUTING -i ${public_int}-hapr -j MARK --set-mark 0x2a ; iptables -t nat -D POSTROUTING -m mark --mark 0x2a ! -o ${network_scheme['roles']['ex']} -j MASQUERADE",
-      iptables_comment     => "masquerade-for-public-net",      
       tie_with_ping        => hiera('run_ping_checker', true),
       ping_host_list       => $network_scheme['endpoints']['br-ex']['gateway'],
     }