Remove checksum checks/fill, they are not needed any longer

We currently run the agents on bare metal so the workaround for
checksums is no longer necessary.

The checksum fill option, was useful a long time ago, but at this point
its just some lovely technical debt that we carry around like an old
dirty security blanket. This change sets us free from the sins of our
past.

This is a combined backport of https://review.openstack.org/593090
and https://review.openstack.org/591882 which were squashed into
https://review.openstack.org/590778.

Change-Id: I9a8cfd33ad43e50584819b84172d7ba84532f695

etc/network/interfaces.d/aio_interfaces.cfg

@@ -1,8 +1,8 @@
 ## The default networking requires several bridges. These bridges were named to be informative
 ## however they can be named what ever you like and is adaptable to any network infrastructure
-## environment. This file serves as an example of how to setup basic networking and was ONLY 
+## environment. This file serves as an example of how to setup basic networking and was ONLY
 ## built for the purpose of being an example and used expressly in the building of an ALL IN
-## ONE development environment. 
+## ONE development environment.
 
 auto br-mgmt
 iface br-mgmt inet static
@@ -24,9 +24,6 @@ iface br-vxlan inet static
     address 172.29.240.100
     netmask 255.255.252.0
     offload-sg off
-    # To ensure ssh checksum is correct
-    up /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
-    down /sbin/iptables -D POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
     # To provide internet connectivity to instances
     up /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
     down /sbin/iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

tests/roles/bootstrap-host/defaults/main.yml

@@ -204,9 +204,6 @@ bridge_vlan_state_change_scripts: |
   pre-up ip link set eth12 up
   post-down ip link del br-vlan-veth || true
 bridge_iptables_rules: |
-  # To ensure ssh checksum is correct
-  up /sbin/iptables -A POSTROUTING -t mangle -p tcp -o {{ bootstrap_host_public_interface }} -j CHECKSUM --checksum-fill
-  down /sbin/iptables -D POSTROUTING -t mangle -p tcp -o {{ bootstrap_host_public_interface }} -j CHECKSUM --checksum-fill
   # To provide internet connectivity to instances
   up /sbin/iptables -t nat -A POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE
   down /sbin/iptables -t nat -D POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE

tests/roles/bootstrap-host/tasks/prepare_networking.yml

@@ -213,7 +213,6 @@
             RemainAfterExit: yes
         service_type: oneshot
         execstarts:
-          - "-/sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill"
           - "-/sbin/iptables -t nat -A POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE"
           - "-/sbin/ethtool -K bond0 gso off sg off tso off tx off"
           - "-/sbin/ethtool -K bond1 gso off sg off tso off tx off"
@@ -233,7 +232,6 @@
           - "-/bin/ip link set br-lbaas-veth up"
           - "-/sbin/ethtool -K eth14 gso off sg off tso off tx off"
         execstops:
-          - "/sbin/iptables -D POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill"
           - "/sbin/iptables -t nat -D POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE"
         enabled: yes
         state: started

tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2

@@ -29,9 +29,6 @@ galera_innodb_log_buffer_size: 4M
 galera_wsrep_provider_options:
  - { option: "gcache.size", value: "4M" }
 
-## Neutron settings
-neutron_metadata_checksum_fix: True
-
 ### Set workers for all services to optimise memory usage
 
 ## Repo