Skip setting rp_filter by default

We don't do the best job with it and it's better to rely on users'
and distros' default policies than try to water those down.

Closes-Bug: #1837551
Change-Id: I72b13adef60900fc31f1293c516030026f004216

ansible/roles/neutron/defaults/main.yml

@@ -536,7 +536,7 @@ openstack_neutron_auth: "{{ openstack_auth }}"
 
 # Set to KOLLA_SKIP to skip setting these (even if set already - total ignore).
 # Set to KOLLA_UNSET to make Kolla unset these in the managed sysctl.conf file.
-neutron_l3_agent_host_rp_filter_mode: 0
+neutron_l3_agent_host_rp_filter_mode: KOLLA_SKIP
 neutron_l3_agent_host_ipv4_neigh_gc_thresh1: 128
 neutron_l3_agent_host_ipv4_neigh_gc_thresh2: 28672
 neutron_l3_agent_host_ipv4_neigh_gc_thresh3: 32768

ansible/roles/nova-cell/defaults/main.yml

@@ -421,7 +421,7 @@ openstack_nova_auth: "{{ openstack_auth }}"
 
 # Set to KOLLA_SKIP to skip setting these (even if set already - total ignore).
 # Set to KOLLA_UNSET to make Kolla unset these in the managed sysctl.conf file.
-nova_compute_host_rp_filter_mode: 0
+nova_compute_host_rp_filter_mode: KOLLA_SKIP
 
 nova_safety_upgrade: "no"
 

releasenotes/notes/bug-1837551-4237e2df8725ffc7.yaml

@@ -0,0 +1,13 @@
+---
+upgrade:
+  - |
+    ``rp_filter`` is no longer set by Kolla Ansible by default.
+    Users may wish to remove the related setting from
+    ``kolla_sysctl_conf_path`` (``/etc/sysctl.conf`` by default).
+deprecations:
+  - |
+    Setting ``rp_filter`` via Kolla Ansible is deprecated.
+fixes:
+  - |
+    Workarounds ``rp_filter`` setting issues by defaulting to skipping it.
+    `LP#1837551 <https://launchpad.net/bugs/1837551>`__