From 976c9c93c76677f3f891bae524f55345be311861 Mon Sep 17 00:00:00 2001
From: SamYaple <sam@yaple.net>
Date: Tue, 15 Mar 2016 13:54:41 +0000
Subject: [PATCH] Switch to with items for sysctl

This will give more info to the user about the specific values being
set and allows us to grow this list easier.

TrivialFix

Change-Id: Iaf22bf2c9f4ab294bec0cca17699d461852109ac
---
 ansible/roles/neutron/tasks/config.yml | 15 +++++----------
 ansible/roles/nova/tasks/config.yml    | 19 ++++++-------------
 2 files changed, 11 insertions(+), 23 deletions(-)

diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index f7c58baede..8f7d6d5e96 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -1,15 +1,10 @@
 ---
-- name: Allowing IP forwarding on network node
-  sysctl: name="net.ipv4.ip_forward" value=1 sysctl_set=yes
-  when:
-    - set_sysctl | bool
-    - inventory_hostname in groups['neutron-l3-agent']
-
-- name: Disabling reverse path filter on network node
-  sysctl: name="net.ipv4.conf.{{ item }}.rp_filter" value=0 sysctl_set=yes
+- name: Setting sysctl values
+  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
   with_items:
-    - "all"
-    - "default"
+    - { name: "net.ipv4.ip_forward", value: 1}
+    - { name: "net.ipv4.conf.all.rp_filter", value: 0}
+    - { name: "net.ipv4.conf.default.rp_filter", value: 0}
   when:
     - set_sysctl | bool
     - inventory_hostname in groups['neutron-l3-agent']
diff --git a/ansible/roles/nova/tasks/config.yml b/ansible/roles/nova/tasks/config.yml
index 468eb56824..cf701f8e17 100644
--- a/ansible/roles/nova/tasks/config.yml
+++ b/ansible/roles/nova/tasks/config.yml
@@ -1,18 +1,11 @@
 ---
-- name: Disabling netfilter for bridges
-  sysctl: name="net.bridge.bridge-nf-call-{{ item }}" value=1 sysctl_set=yes
+- name: Setting sysctl values
+  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
   with_items:
-    - "iptables"
-    - "ip6tables"
-  when:
-    - set_sysctl | bool
-    - inventory_hostname in groups['compute']
-
-- name: Disabling reverse path filter on compute node
-  sysctl: name="net.ipv4.conf.{{ item }}.rp_filter" value=0 sysctl_set=yes
-  with_items:
-    - "all"
-    - "default"
+    - { name: "net.bridge.bridge-nf-call-iptables", value: 1}
+    - { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
+    - { name: "net.ipv4.conf.all.rp_filter", value: 0}
+    - { name: "net.ipv4.conf.default.rp_filter", value: 0}
   when:
     - set_sysctl | bool
     - inventory_hostname in groups['compute']