Browse Source

k8s_fedora: Set rp_filter=1 for calico

upstream docs:
Cluster nodes must have rp_filter set to strict (1).
https://github.com/projectcalico/calico/blob/master/v3.9/getting-started/kubernetes/installation/migration-from-flannel.md

story: 2006441
task: 36564

Change-Id: I828cec27968ffe0961011e34a66e0eef3e567c91
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
changes/44/681244/4
Spyros Trigazis 1 week ago
parent
commit
3a38cfb2ef

+ 6
- 1
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh View File

@@ -1,6 +1,9 @@
1
-#!/bin/sh -x
1
+#!/bin/bash
2 2
 
3
+set +x
3 4
 . /etc/sysconfig/heat-params
5
+set -x
6
+set -e
4 7
 
5 8
 echo "configuring kubernetes (master)"
6 9
 
@@ -39,6 +42,8 @@ unmanaged-devices=interface-name:cali*;interface-name:tunl*
39 42
 EOF
40 43
 }
41 44
         systemctl restart NetworkManager
45
+        echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
46
+        $ssh_cmd sysctl -p
42 47
     fi
43 48
 fi
44 49
 

+ 4
- 1
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh View File

@@ -1,8 +1,9 @@
1
-#!/bin/sh
1
+#!/bin/bash
2 2
 
3 3
 set +x
4 4
 . /etc/sysconfig/heat-params
5 5
 set -x
6
+set -e
6 7
 
7 8
 ssh_cmd="ssh -F /srv/magnum/.ssh/config root@localhost"
8 9
 
@@ -41,6 +42,8 @@ unmanaged-devices=interface-name:cali*;interface-name:tunl*
41 42
 EOF
42 43
 }
43 44
         $ssh_cmd systemctl restart NetworkManager
45
+        echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
46
+        $ssh_cmd sysctl -p
44 47
     fi
45 48
 fi
46 49
 

Loading…
Cancel
Save