OpenStack-Ansible

Bug #1532917
Comment #4

Comment 4 for bug 1532917

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-01-15: Fix merged to openstack-ansible (liberty)

Reviewed: https://review.openstack.org/267013
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=cb43901c5aaa3872fba5055c0f600a290cd267a4
Submitter: Jenkins
Branch: liberty

commit cb43901c5aaa3872fba5055c0f600a290cd267a4
Author: Michael Gugino <email address hidden>
Date: Wed Jan 13 11:31:41 2016 -0500

Add missing kernel module br_netfilter to openstack_hosts role

    The openstack_hosts role contains a list of several kernel
    modules which are necessary for the successful deployment of lxc
    containers. The role also applies certain kernel parameters via
    sysctl, including 3 parameters related to to the kernel module
    br_netfilter. These parameters are:

    - { key: 'net.bridge.bridge-nf-call-ip6tables', value: 0 }
    - { key: 'net.bridge.bridge-nf-call-iptables', value: 0 }
    - { key: 'net.bridge.bridge-nf-call-arptables', value: 0 }

The list of modules and parameters can be found in the file
openstack-ansible-openstack_hosts/defaults/main.yml

    A kernel change committed in version 3.17 disabled the module
    br_netfilter from being loaded automatically. The most recent release
    of Ubuntu 14.04 LTS utilizes kernel version 3.19. This results in
    the aforementioned parameters failing to apply successfully, as well
    as sysctl failing to properly parse /etc/sysctl.conf.

As a result, the task 'Adding new system tuning' fails.

    This change adds br_netfilter to the variable
    openstack_host_kernel_modules in
    openstack-ansible-openstack_hosts/defaults/main.yml to correct the bug
    introduced by a change in kernel behavior upstream.

    This change will allow the module br_netfilter to be loaded via
    modprobe, as well as inserted into /etc/modules. This will allow the
    aforementioned parameters to be applied correctly.

    The br_netfilter kernel module is only available for kernels above 3.18.
    This patch implements a check for the kernel version and only adds that
    module if the current kernel is at the correct version or above.

    This is a combined backport of:
    - https://review.openstack.org/266021
    - https://review.openstack.org/266530

Change-Id: Iab644667fe879e43b2e3c7d4c2c65cd15ca2c714
Closes-Bug: #1532917

Reviewed:  https://review.openstack.org/267013
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=cb43901c5aaa3872fba5055c0f600a290cd267a4
Submitter: Jenkins
Branch:    liberty

commit cb43901c5aaa3872fba5055c0f600a290cd267a4
Author: Michael Gugino <michael.gugino@walmart.com>
Date:   Wed Jan 13 11:31:41 2016 -0500

Add missing kernel module br_netfilter to openstack_hosts role
    
    The openstack_hosts role contains a list of several kernel
    modules which are necessary for the successful deployment of lxc
    containers.  The role also applies certain kernel parameters via
    sysctl, including 3 parameters related to to the kernel module
    br_netfilter.  These parameters are:
    
    - { key: 'net.bridge.bridge-nf-call-ip6tables', value: 0 }
    - { key: 'net.bridge.bridge-nf-call-iptables', value: 0 }
    - { key: 'net.bridge.bridge-nf-call-arptables', value: 0 }
    
    The list of modules and parameters can be found in the file
    openstack-ansible-openstack_hosts/defaults/main.yml
    
    A kernel change committed in version 3.17 disabled the module
    br_netfilter from being loaded automatically.  The most recent release
    of Ubuntu 14.04 LTS utilizes kernel version 3.19.  This results in
    the aforementioned parameters failing to apply successfully, as well
    as sysctl failing to properly parse /etc/sysctl.conf.
    
    As a result, the task 'Adding new system tuning' fails.
    
    This change adds br_netfilter to the variable
    openstack_host_kernel_modules in
    openstack-ansible-openstack_hosts/defaults/main.yml to correct the bug
    introduced by a change in kernel behavior upstream.
    
    This change will allow the module br_netfilter to be loaded via
    modprobe, as well as inserted into /etc/modules.  This will allow the
    aforementioned parameters to be applied correctly.
    
    The br_netfilter kernel module is only available for kernels above 3.18.
    This patch implements a check for the kernel version and only adds that
    module if the current kernel is at the correct version or above.
    
    This is a combined backport of:
    - https://review.openstack.org/266021
    - https://review.openstack.org/266530
    
    Change-Id: Iab644667fe879e43b2e3c7d4c2c65cd15ca2c714
    Closes-Bug: #1532917