migration: Delete also SGRs for IPv6
IPv4 and IPv6 have different utility in iptables. This patch adds use of
ip6tables the same way as previously used iptables.
Change-Id: I1e8ef2749ac5705563e539a5e9f02c63347b5dbe
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
(cherry picked from commit d93cd7d0c0
)
This commit is contained in:
parent
bfcc39e660
commit
fe1cf1c9c3
|
@ -42,16 +42,21 @@
|
||||||
|
|
||||||
- name: Clean neutron datapath security groups from iptables
|
- name: Clean neutron datapath security groups from iptables
|
||||||
shell: |
|
shell: |
|
||||||
iptables-save > /tmp/iptables-before-cleanup
|
{{ iptables_exec }}-save > /tmp/iptables-before-cleanup
|
||||||
cat /tmp/iptables-before-cleanup | grep -v neutron-openvswi | \
|
cat /tmp/iptables-before-cleanup | grep -v neutron-openvswi | \
|
||||||
grep -v neutron-filter > /tmp/iptables-after-cleanup
|
grep -v neutron-filter > /tmp/iptables-after-cleanup
|
||||||
|
|
||||||
if ! cmp /tmp/iptables-before-cleanup /tmp/iptables-after-cleanup
|
if ! cmp /tmp/iptables-before-cleanup /tmp/iptables-after-cleanup
|
||||||
then
|
then
|
||||||
cat /tmp/iptables-after-cleanup | iptables-restore
|
cat /tmp/iptables-after-cleanup | {{ iptables_exec }}-restore
|
||||||
echo "Security groups cleaned"
|
echo "Security groups cleaned"
|
||||||
fi
|
fi
|
||||||
register: out
|
register: out
|
||||||
|
with_items:
|
||||||
|
- iptables
|
||||||
|
- ip6tables
|
||||||
|
loop_control:
|
||||||
|
loop_var: iptables_exec
|
||||||
changed_when: "'Security groups cleaned' in out.stdout"
|
changed_when: "'Security groups cleaned' in out.stdout"
|
||||||
|
|
||||||
- name: Cleanup neutron datapath resources
|
- name: Cleanup neutron datapath resources
|
||||||
|
|
Loading…
Reference in New Issue