caf33be54b
While I8bb398e299aa68147004723a18d3a1ec459011e5 stopped setting the net.ipv4.ip_forward sysctl, this change explicitly removes the option from the Kolla sysctl config file. In the absence of another source for this sysctl, it should revert to the default of 0 after the next reboot. A deployer looking to more aggressively change the value may set neutron_l3_agent_host_ipv4_ip_forward to 0. Any deployments still relying on the previous value may set neutron_l3_agent_host_ipv4_ip_forward to 1. Related-Bug: #1945453 Change-Id: I9b39307ad8d6c51e215fe3d3bc56aab998d218ec
17 lines
778 B
YAML
17 lines
778 B
YAML
---
|
|
security:
|
|
- |
|
|
Explicitly removes the ``net.ipv4.ip_forward`` sysctl from
|
|
``/etc/sysctl.conf`` on hosts with Neutron L3 Agent. In the absence of
|
|
another source for this sysctl, it should revert to the default of 0 after
|
|
the next reboot. This is a follow up to a previous change which stopped
|
|
setting the sysctl, but leaves existing systems with the original value of
|
|
1 set.
|
|
|
|
A deployer looking to more aggressively change the value may set
|
|
``neutron_l3_agent_host_ipv4_ip_forward`` to 0 using a Yoga release of
|
|
Kolla Ansible. This option will be removed in future. Any deployments
|
|
still relying on the previous value may set
|
|
``neutron_l3_agent_host_ipv4_ip_forward`` to 1.
|
|
`LP#1945453 <https://launchpad.net/bugs/1945453>`__
|