If it is not loaded, then we see the following errors:
Failed to reload sysctl:
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-ip6tables: No such file or directory
Loading the br_netfilter module resolves this issue.
Typically we do not see this since installing Docker and configuring it
to manage iptables rules causes the br_netfilter module to be loaded.
There are good reasons [1] to disable Docker's iptables management
however, in which case we are likely to hit this issue.
This change loads the br_netfilter module in the nova-cell role for
compute hosts.
Reviewed: https:/ /review. opendev. org/740650 /git.openstack. org/cgit/ openstack/ kolla-ansible/ commit/ ?id=29b6bc128eb cb3dd446fd9869e a2358d2fa5314d
Committed: https:/
Submitter: Zuul
Branch: stable/stein
commit 29b6bc128ebcb3d d446fd9869ea235 8d2fa5314d
Author: Mark Goddard <email address hidden>
Date: Wed Jul 8 10:51:17 2020 +0100
Load br_netfilter module in nova-cell role
The nova-cell role sets the following sysctls on compute hosts, which
require the br_netfilter kernel module to be loaded:
If it is not loaded, then we see the following errors:
Failed to reload sysctl: net/bridge/ bridge- nf-call- iptables: No such file or directory net/bridge/ bridge- nf-call- ip6tables: No such file or directory
sysctl: cannot stat /proc/sys/
sysctl: cannot stat /proc/sys/
Loading the br_netfilter module resolves this issue.
Typically we do not see this since installing Docker and configuring it
to manage iptables rules causes the br_netfilter module to be loaded.
There are good reasons [1] to disable Docker's iptables management
however, in which case we are likely to hit this issue.
This change loads the br_netfilter module in the nova-cell role for
compute hosts.
[1] https:/ /bugs.launchpad .net/kolla- ansible/ +bug/1849275
Co-Authored-By: Dincer Celik <email address hidden>
Closes-Bug: #1886796
Change-Id: Id52668ba8dab46 0ad4c33fad430fc 8611e70825e 5ef80248ca821b3 f34e73bf24)
(cherry picked from commit 2f91be9f391f3aa