Browse Source

k8s_fedora: Move rp_filter=1 for calico up

follow up of: I828cec27968ffe0961011e34a66e0eef3e567c91

Move set of sysctl.conf up as it does need to
depend on NetworkManager configuration.

upstream docs:
Cluster nodes must have rp_filter set to strict (1).
https://github.com/projectcalico/calico/blob/master/v3.9/getting-started/kubernetes/installation/migration-from-flannel.md

story: 2006441
task: 36564

Change-Id: I8a6e970a8ea3d1d3424eab05f1617509cf27d52b
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
(cherry picked from commit bb747ac5e79d3734422d9561c52dc85213f2e22b)
(cherry picked from commit 4807e64772b4364e849cb98c458e2a9f0a5dd926)
tags/7.2.0^0
Spyros Trigazis Bharat Kunwar 5 months ago
parent
commit
1df886df52
2 changed files with 4 additions and 0 deletions
  1. +2
    -0
      magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
  2. +2
    -0
      magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh

+ 2
- 0
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh View File

@@ -26,6 +26,8 @@ mkdir -p /etc/cni/net.d/
_addtl_mounts=',{"type":"bind","source":"/opt/cni","destination":"/opt/cni","options":["bind","rw","slave","mode=777"]},{"type":"bind","source":"/var/lib/docker","destination":"/var/lib/docker","options":["bind","rw","slave","mode=755"]}'

if [ "$NETWORK_DRIVER" = "calico" ]; then
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
sysctl -p
if [ "`systemctl status NetworkManager.service | grep -o "Active: active"`" = "Active: active" ]; then
CALICO_NM=/etc/NetworkManager/conf.d/calico.conf
[ -f ${CALICO_NM} ] || {


+ 2
- 0
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh View File

@@ -26,6 +26,8 @@ mkdir -p /etc/cni/net.d/
_addtl_mounts=',{"type":"bind","source":"/opt/cni","destination":"/opt/cni","options":["bind","rw","slave","mode=777"]},{"type":"bind","source":"/var/lib/docker","destination":"/var/lib/docker","options":["bind","rw","slave","mode=755"]}'

if [ "$NETWORK_DRIVER" = "calico" ]; then
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
sysctl -p
if [ "`systemctl status NetworkManager.service | grep -o "Active: active"`" = "Active: active" ]; then
CALICO_NM=/etc/NetworkManager/conf.d/calico.conf
[ -f ${CALICO_NM} ] || {


Loading…
Cancel
Save