aboutsummaryrefslogtreecommitdiffstats
path: root/mcp
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-11-14 17:26:43 +0100
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-11-14 17:28:04 +0100
commit83e62e848c607dfa6fa7be52a34ede8a4572500e (patch)
treef64178c4a6867ea7c61f2764a9e396378b749b52 /mcp
parent107c270af5d07302f73fd07f68c167acde2180f9 (diff)
[ha] kvm: Disable ip_forward
kvm nodes should not try to route traffic. This also silences some bogus 'martian packet' warnings about prx public VIP reaching br-ex. Change-Id: I608a561d292be3042d20fcbe48b2f5c816c4e8bf Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'mcp')
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j22
1 files changed, 2 insertions, 0 deletions
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
index b7b7dbb14..6b344efac 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
@@ -40,6 +40,8 @@ parameters:
boot_options:
- spectre_v2=off
- nopti
+ sysctl:
+ net.ipv4.ip_forward: 0
libvirt:
server:
service: libvirtd