Browse Source

k8s_fedora: Set rp_filter=1 for calico

upstream docs:
Cluster nodes must have rp_filter set to strict (1).
https://github.com/projectcalico/calico/blob/master/v3.9/getting-started/kubernetes/installation/migration-from-flannel.md

story: 2006441
task: 36564

Change-Id: I828cec27968ffe0961011e34a66e0eef3e567c91
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
changes/44/681244/4
Spyros Trigazis 3 years ago committed by Spyros Trigazis
parent
commit
3a38cfb2ef
  1. 7
      magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
  2. 5
      magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh

7
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh

@ -1,6 +1,9 @@
#!/bin/sh -x
#!/bin/bash
set +x
. /etc/sysconfig/heat-params
set -x
set -e
echo "configuring kubernetes (master)"
@ -39,6 +42,8 @@ unmanaged-devices=interface-name:cali*;interface-name:tunl*
EOF
}
systemctl restart NetworkManager
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
$ssh_cmd sysctl -p
fi
fi

5
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh

@ -1,8 +1,9 @@
#!/bin/sh
#!/bin/bash
set +x
. /etc/sysconfig/heat-params
set -x
set -e
ssh_cmd="ssh -F /srv/magnum/.ssh/config root@localhost"
@ -41,6 +42,8 @@ unmanaged-devices=interface-name:cali*;interface-name:tunl*
EOF
}
$ssh_cmd systemctl restart NetworkManager
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
$ssh_cmd sysctl -p
fi
fi

Loading…
Cancel
Save