Allow disabling of sysctl values

The main reason for this change is to allow the DinD stuff to work. It has limited use outside of that use case, but it may still be useful to others in the future. Change-Id: Ib3a4639cfb3fc0d378d33fc8b9ff8eb597f818ab Partially-Implements: blueprint multinode-gate
2015-11-05 03:27:57 +00:00 · 2015-11-05 03:27:57 +00:00 · 1efdf4574d
commit 1efdf4574d
parent 41f77da4db
4 changed files with 16 additions and 4 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -114,6 +114,9 @@ openstack_logging_debug: "False"

 openstack_region_name: "RegionOne"

+# Optionally allow Kolla to set sysctl values
+set_sysctl: "yes"
+
 # Valid options are [ novnc, spice ]
 nova_console: "novnc"

--- a/ansible/roles/haproxy/tasks/config.yml
+++ b/ansible/roles/haproxy/tasks/config.yml
@ -17,6 +17,7 @@

 - name: Allowing non-local IP binding
  sysctl: name="net.ipv4.ip_nonlocal_bind" value=1 sysctl_set=yes
+  when: set_sysctl | bool

 - name: Ensuring config directory exists
  file:
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@ -1,14 +1,18 @@
 ---
 - name: Allowing IP forwarding on network node
  sysctl: name="net.ipv4.ip_forward" value=1 sysctl_set=yes
-  when: inventory_hostname in groups['neutron-agents']
+  when:
+    - set_sysctl | bool
+    - inventory_hostname in groups['neutron-agents']

 - name: Disabling reverse path filter on network node
  sysctl: name="net.ipv4.conf.{{ item }}.rp_filter" value=0 sysctl_set=yes
  with_items:
    - "all"
    - "default"
-  when: inventory_hostname in groups['neutron-agents']
+  when:
+    - set_sysctl | bool
+    - inventory_hostname in groups['neutron-agents']

 - include: ../../config.yml
  vars:
--- a/ansible/roles/nova/tasks/config.yml
+++ b/ansible/roles/nova/tasks/config.yml
@ -4,14 +4,18 @@
  with_items:
    - "iptables"
    - "ip6tables"
-  when: inventory_hostname in groups['compute']
+  when:
+    - set_sysctl | bool
+    - inventory_hostname in groups['compute']

 - name: Disabling reverse path filter on compute node
  sysctl: name="net.ipv4.conf.{{ item }}.rp_filter" value=0 sysctl_set=yes
  with_items:
    - "all"
    - "default"
-  when: inventory_hostname in groups['neutron-agents']
+  when:
+    - set_sysctl | bool
+    - inventory_hostname in groups['neutron-agents']

 - include: ../../config.yml
  vars: