undercloud: enable KernelIpNonLocalBind
We need KernelIpNonLocalBind on the undercloud to bind non local ips
among other ip forward options. This sysctl parameter was managed by
instack-undercloud but never ported to the containerized undercloud.
We need the same sysctl parameters for parity with non containerized
undercloud.
Change-Id: Idd3d432b8f7eb573d94cd56be8e05614510ebddf
Related-Bug: #1774898
(cherry picked from 32ea5028fd
)
Conflicts:
environments/undercloud.yaml
This commit is contained in:
parent
1adbf7600e
commit
8c19bd04b4
|
@ -10,6 +10,7 @@ resource_registry:
|
||||||
parameter_defaults:
|
parameter_defaults:
|
||||||
# ensure we enable ip_forward before docker gets run
|
# ensure we enable ip_forward before docker gets run
|
||||||
KernelIpForward: 1
|
KernelIpForward: 1
|
||||||
|
KernelIpNonLocalBind: 1
|
||||||
EnablePackageInstall: true
|
EnablePackageInstall: true
|
||||||
StackAction: CREATE
|
StackAction: CREATE
|
||||||
SoftwareConfigTransport: POLL_SERVER_HEAT
|
SoftwareConfigTransport: POLL_SERVER_HEAT
|
||||||
|
|
|
@ -42,6 +42,10 @@ parameters:
|
||||||
default: 1
|
default: 1
|
||||||
description: Configures net.ipv4.ip_forward key
|
description: Configures net.ipv4.ip_forward key
|
||||||
type: number
|
type: number
|
||||||
|
KernelIpNonLocalBind:
|
||||||
|
default: 0
|
||||||
|
description: Configures net.ipv{4,6}.ip_nonlocal_bind key
|
||||||
|
type: number
|
||||||
NeighbourGcThreshold1:
|
NeighbourGcThreshold1:
|
||||||
default: 1024
|
default: 1024
|
||||||
description: Configures sysctl net.ipv4.neigh.default.gc_thresh1 value.
|
description: Configures sysctl net.ipv4.neigh.default.gc_thresh1 value.
|
||||||
|
@ -147,6 +151,10 @@ outputs:
|
||||||
# enable/disable ip forward for undercloud/docker
|
# enable/disable ip forward for undercloud/docker
|
||||||
net.ipv4.ip_forward:
|
net.ipv4.ip_forward:
|
||||||
value: {get_param: KernelIpForward}
|
value: {get_param: KernelIpForward}
|
||||||
|
net.ipv4.ip_nonlocal_bind:
|
||||||
|
value: {get_param: KernelIpNonLocalBind}
|
||||||
|
net.ipv6.ip_nonlocal_bind:
|
||||||
|
value: {get_param: KernelIpNonLocalBind}
|
||||||
# prevent neutron bridges from autoconfiguring ipv6 addresses
|
# prevent neutron bridges from autoconfiguring ipv6 addresses
|
||||||
net.ipv6.conf.all.accept_ra:
|
net.ipv6.conf.all.accept_ra:
|
||||||
value: 0
|
value: 0
|
||||||
|
|
Loading…
Reference in New Issue