Merge "Neutron: add support to use legacy iptables"

2019-10-18 05:53:20 +00:00 · 2019-10-18 05:53:20 +00:00 · 5aa77e5457
commit 5aa77e5457
parent bcbcee90d0 e54edb55e4
3 changed files with 10 additions and 0 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -910,6 +910,9 @@ computes_need_external_bridge: "{{ enable_neutron_dvr | bool and neutron_compute
 # Default DNS resolvers for virtual networks
 neutron_dnsmasq_dns_servers: "1.1.1.1,8.8.8.8,8.8.4.4"

+# Set legacy iptables to allow kernels not supporting iptables-nft
+neutron_legacy_iptables: "no"
+
 #######################
 # Nova options
 #######################
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@ -30,6 +30,8 @@ neutron_services:
    image: "{{ neutron_openvswitch_agent_image_full }}"
    enabled: "{{ neutron_plugin_agent == 'openvswitch' and not enable_onos | bool }}"
    privileged: True
+    environment:
+      KOLLA_LEGACY_IPTABLES: "{{ neutron_legacy_iptables | bool | lower }}"
    host_in_groups: >-
      {{
      ( (inventory_hostname in groups['compute'] and nova_compute_virt_type != 'xenapi')
@ -67,6 +69,7 @@ neutron_services:
      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
      NEUTRON_BRIDGE: "br-ex"
      NEUTRON_INTERFACE: "{{ neutron_external_interface }}"
+      KOLLA_LEGACY_IPTABLES: "{{ neutron_legacy_iptables | bool | lower }}"
    host_in_groups: >-
      {{
      inventory_hostname in groups['compute']
@ -91,6 +94,8 @@ neutron_services:
    image: "{{ neutron_l3_agent_image_full }}"
    privileged: True
    enabled: "{{ neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] and not enable_opendaylight_l3 | bool and not enable_onos | bool }}"
+    environment:
+      KOLLA_LEGACY_IPTABLES: "{{ neutron_legacy_iptables | bool | lower }}"
    host_in_groups: >-
      {{
      inventory_hostname in groups['neutron-l3-agent']
--- a/ansible/roles/neutron/handlers/main.yml
+++ b/ansible/roles/neutron/handlers/main.yml
@ -25,6 +25,7 @@
    common_options: "{{ docker_common_options }}"
    name: "{{ service.container_name }}"
    image: "{{ service.image }}"
+    environment: "{{ service.environment }}"
    volumes: "{{ service.volumes|reject('equalto', '')|list }}"
    dimensions: "{{ service.dimensions }}"
    privileged: "{{ service.privileged | default(False) }}"
@ -107,6 +108,7 @@
    common_options: "{{ docker_common_options }}"
    name: "{{ service.container_name }}"
    image: "{{ service.image }}"
+    environment: "{{ service.environment }}"
    volumes: "{{ service.volumes|reject('equalto', '')|list }}"
    dimensions: "{{ service.dimensions }}"
    privileged: "{{ service.privileged | default(False) }}"