From f2a734a5f1d07603cde45dab675000688e87890a Mon Sep 17 00:00:00 2001
From: Joseph Richard <joseph.richard@windriver.com>
Date: Tue, 8 Jan 2019 11:41:07 -0500
Subject: [PATCH] Set bridge-nf-call-arptables

This commit sets net.bridge.bridge-nf-call-arptables=1, which was
found to be required for a containerized neutron deployment.

Story: 2004520
Task: 28789
Change-Id: I0163535ed6bac7e775a63dfa3d54727c60f4208d
Signed-off-by: Joseph Richard <joseph.richard@windriver.com>
---
 .../src/modules/platform/manifests/sysctl.pp          | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/puppet-manifests/src/modules/platform/manifests/sysctl.pp b/puppet-manifests/src/modules/platform/manifests/sysctl.pp
index c4e8279015..17ef9f76b0 100644
--- a/puppet-manifests/src/modules/platform/manifests/sysctl.pp
+++ b/puppet-manifests/src/modules/platform/manifests/sysctl.pp
@@ -18,6 +18,17 @@ class platform::sysctl
     value => '8',
   }
 
+  # Enable br_netfilter (required to allow setting bridge-nf-call-arptables)
+  exec { 'modprobe br_netfilter':
+    path    => [ '/usr/bin', '/usr/sbin', '/usr/local/bin', '/etc', '/sbin', '/bin' ],
+    command => 'modprobe br_netfilter',
+  }
+
+  # Set bridge-nf-call-arptables for containerized neutron
+  -> sysctl::value { 'net.bridge.bridge-nf-call-arptables':
+    value => '1',
+  }
+
   # Tuning options for low latency compute
   if $low_latency {
     # Increase VM stat interval