k8s_fedora: Move rp_filter=1 for calico up
follow up of: I828cec27968ffe0961011e34a66e0eef3e567c91 Move set of sysctl.conf up as it does need to depend on NetworkManager configuration. upstream docs: Cluster nodes must have rp_filter set to strict (1). https://github.com/projectcalico/calico/blob/master/v3.9/getting-started/kubernetes/installation/migration-from-flannel.md story: 2006441 task: 36564 Change-Id: I8a6e970a8ea3d1d3424eab05f1617509cf27d52b Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
This commit is contained in:
parent
70ef1bf70b
commit
bb747ac5e7
@ -31,6 +31,8 @@ $ssh_cmd mkdir -p /etc/cni/net.d/
|
||||
_addtl_mounts=',{"type":"bind","source":"/opt/cni","destination":"/opt/cni","options":["bind","rw","slave","mode=777"]},{"type":"bind","source":"/var/lib/docker","destination":"/var/lib/docker","options":["bind","rw","slave","mode=755"]}'
|
||||
|
||||
if [ "$NETWORK_DRIVER" = "calico" ]; then
|
||||
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
|
||||
$ssh_cmd sysctl -p
|
||||
if [ "`systemctl status NetworkManager.service | grep -o "Active: active"`" = "Active: active" ]; then
|
||||
CALICO_NM=/etc/NetworkManager/conf.d/calico.conf
|
||||
[ -f ${CALICO_NM} ] || {
|
||||
@ -42,8 +44,6 @@ unmanaged-devices=interface-name:cali*;interface-name:tunl*
|
||||
EOF
|
||||
}
|
||||
systemctl restart NetworkManager
|
||||
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
|
||||
$ssh_cmd sysctl -p
|
||||
fi
|
||||
fi
|
||||
|
||||
|
@ -31,6 +31,8 @@ $ssh_cmd mkdir -p /etc/cni/net.d/
|
||||
_addtl_mounts=',{"type":"bind","source":"/opt/cni","destination":"/opt/cni","options":["bind","rw","slave","mode=777"]},{"type":"bind","source":"/var/lib/docker","destination":"/var/lib/docker","options":["bind","rw","slave","mode=755"]}'
|
||||
|
||||
if [ "$NETWORK_DRIVER" = "calico" ]; then
|
||||
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
|
||||
$ssh_cmd sysctl -p
|
||||
if [ "$($ssh_cmd systemctl status NetworkManager.service | grep -o "Active: active")" = "Active: active" ]; then
|
||||
CALICO_NM=/etc/NetworkManager/conf.d/calico.conf
|
||||
[ -f ${CALICO_NM} ] || {
|
||||
@ -42,8 +44,6 @@ unmanaged-devices=interface-name:cali*;interface-name:tunl*
|
||||
EOF
|
||||
}
|
||||
$ssh_cmd systemctl restart NetworkManager
|
||||
echo "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.conf
|
||||
$ssh_cmd sysctl -p
|
||||
fi
|
||||
fi
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user