Code Review / fuel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 86c0ba6)
[ha] kvm: Disable ip_forward 75/65175/1
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>
Wed, 14 Nov 2018 16:26:43 +0000 (17:26 +0100)
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>
Fri, 16 Nov 2018 13:07:23 +0000 (13:07 +0000)
kvm nodes should not try to route traffic. This also silences some
bogus 'martian packet' warnings about prx public VIP reaching br-ex.

Change-Id: I608a561d292be3042d20fcbe48b2f5c816c4e8bf
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
(cherry picked from commit 83e62e848c607dfa6fa7be52a34ede8a4572500e)

mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 patch | blob | history

diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
index b7b7dbb..6b344ef 100644 (file)
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
@@ -40,6 +40,8 @@ parameters:
         boot_options:
           - spectre_v2=off
           - nopti
+        sysctl:
+          net.ipv4.ip_forward: 0
   libvirt:
     server:
       service: libvirtd