diff options
| author |   Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-11-14 17:26:43 +0100 |
|---|---|---|
| committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2018-11-16 13:07:23 +0000 |
| commit | ed525238b75e0cc5dc652dcac4330d02e66a6c8b (patch) | |
| tree | 0a42b6de5547070a90f0284326cb238a90574bed | |
| parent | 86c0ba63236b96fbf38370280d85a23290b19680 (diff) | |
[ha] kvm: Disable ip_forward
kvm nodes should not try to route traffic. This also silences some
bogus 'martian packet' warnings about prx public VIP reaching br-ex.
Change-Id: I608a561d292be3042d20fcbe48b2f5c816c4e8bf
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
(cherry picked from commit 83e62e848c607dfa6fa7be52a34ede8a4572500e)
| -rw-r--r-- | mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 index b7b7dbb14..6b344efac 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 @@ -40,6 +40,8 @@ parameters: boot_options: - spectre_v2=off - nopti + sysctl: + net.ipv4.ip_forward: 0 libvirt: server: service: libvirtd |