diff options
| author |   Dan Prince <dprince@redhat.com> | 2017-08-02 16:51:47 -0400 |
|---|---|---|
| committer |   Martin André <m.andre@redhat.com> | 2017-08-03 09:12:09 +0200 |
| commit | 7d13151a4465a951bbf50e14babe4ff720b3f2a7 (patch) | |
| tree | e8fb9433c87ffc98eedea255c09682f69589077e /spec/classes | |
| parent | 85f5cc23d41e0e0939425ffce3083d42d6d4187d (diff) | |
Configure dockerd with --iptables=false
This change defaults --iptables=false for dockerd to avoid
having Docker create its own FORWARD iptables rules. These
rules can interact with normal OS networking rules and disable
communications between hosts on reboot.
Change-Id: I875fa14f7d810c7f0aba3b3a1b04b60a19470f0f
Closes-bug: #1708279
Diffstat (limited to 'spec/classes')
| -rw-r--r-- | spec/classes/tripleo_profile_base_docker_spec.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/spec/classes/tripleo_profile_base_docker_spec.rb b/spec/classes/tripleo_profile_base_docker_spec.rb index dc5efa7..c3cf7c9 100644 --- a/spec/classes/tripleo_profile_base_docker_spec.rb +++ b/spec/classes/tripleo_profile_base_docker_spec.rb @@ -28,7 +28,7 @@ describe 'tripleo::profile::base::docker' do it { is_expected.to contain_service('docker') } it { is_expected.to contain_augeas('docker-sysconfig-options').with_changes([ - "set OPTIONS '\"--log-driver=journald --signature-verification=false\"'", + "set OPTIONS '\"--log-driver=journald --signature-verification=false --iptables=false\"'", ]) } end |