Set bridge-nf-call-arptables

This commit sets net.bridge.bridge-nf-call-arptables=1, which was found to be required for a containerized neutron deployment. Story: 2004520 Task: 28789 Change-Id: I0163535ed6bac7e775a63dfa3d54727c60f4208d Signed-off-by: Joseph Richard <joseph.richard@windriver.com>
2019-01-08 11:41:07 -05:00 · 2019-01-08 11:41:07 -05:00 · f2a734a5f1
parent 5dcff4e616
commit f2a734a5f1
1 changed files with 11 additions and 0 deletions
--- a/puppet-manifests/src/modules/platform/manifests/sysctl.pp
+++ b/puppet-manifests/src/modules/platform/manifests/sysctl.pp
@ -18,6 +18,17 @@ class platform::sysctl
    value => '8',
  }

+  # Enable br_netfilter (required to allow setting bridge-nf-call-arptables)
+  exec { 'modprobe br_netfilter':
+    path    => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ],
+    command => 'modprobe br_netfilter',
+  }
+
+  # Set bridge-nf-call-arptables for containerized neutron
+  -> sysctl::value { 'net.bridge.bridge-nf-call-arptables':
+    value => '1',
+  }
+
  # Tuning options for low latency compute
  if $low_latency {
    # Increase VM stat interval