diff options
author | sareti <siva_teja.areti@nokia.com> | 2017-07-14 14:55:36 -0400 |
---|---|---|
committer | sareti <siva_teja.areti@nokia.com> | 2017-07-24 15:00:29 -0400 |
commit | bdfb4ef54b71c9f89fc7466f802b4b2647dde873 (patch) | |
tree | bed21669c19dfe68cbeecc23a24cf518b120069c /roles/nuage_node | |
parent | bc97ca2b93d7fb8487a409fafd99397aa21e0e64 (diff) | |
download | openshift-bdfb4ef54b71c9f89fc7466f802b4b2647dde873.tar.gz openshift-bdfb4ef54b71c9f89fc7466f802b4b2647dde873.tar.bz2 openshift-bdfb4ef54b71c9f89fc7466f802b4b2647dde873.tar.xz openshift-bdfb4ef54b71c9f89fc7466f802b4b2647dde873.zip |
Nuage changes to support IPTables kube-proxy in OpenShift
changing the conditional to negation of pod network address rather than using host address
Diffstat (limited to 'roles/nuage_node')
-rw-r--r-- | roles/nuage_node/tasks/iptables.yml | 6 | ||||
-rw-r--r-- | roles/nuage_node/tasks/main.yaml | 4 |
2 files changed, 10 insertions, 0 deletions
diff --git a/roles/nuage_node/tasks/iptables.yml b/roles/nuage_node/tasks/iptables.yml index 847c8395d..95ee8643a 100644 --- a/roles/nuage_node/tasks/iptables.yml +++ b/roles/nuage_node/tasks/iptables.yml @@ -15,3 +15,9 @@ when: "'nuage-underlay-overlay' not in iptablesrules.stdout" notify: - save iptable rules + +- name: Allow docker daemon traffic from underlay to overlay + command: /sbin/iptables -t nat -A POSTROUTING ! -s {{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }} -o svc-pat-tap -j MASQUERADE -m comment --comment "nuage-docker-underlay-overlay" + when: "'nuage-docker-underlay-overlay' not in iptablesrules.stdout" + notify: + - save iptable rules diff --git a/roles/nuage_node/tasks/main.yaml b/roles/nuage_node/tasks/main.yaml index 928f9e2e6..0036583da 100644 --- a/roles/nuage_node/tasks/main.yaml +++ b/roles/nuage_node/tasks/main.yaml @@ -11,6 +11,10 @@ become: yes lineinfile: dest={{ vrs_config }} regexp=^ACTIVE_CONTROLLER line='ACTIVE_CONTROLLER={{ vsc_active_ip }}' +- name: Set the K8S/OSE Cluster service CIDR + become: yes + lineinfile: dest={{ vrs_config }} regexp=^K8S_SERVICE_IPV4_SUBNET line='K8S_SERVICE_IPV4_SUBNET={{ k8s_cluster_service_cidr }}' + - name: Set the Standby Controller become: yes lineinfile: dest={{ vrs_config }} regexp=^STANDBY_CONTROLLER line='STANDBY_CONTROLLER={{ vsc_standby_ip }}' |