Merge "Neutron: add support to use legacy iptables"
This commit is contained in:
commit
ec57047f9e
|
@ -7,4 +7,15 @@ if [[ $(stat -c %a /var/log/kolla/neutron) != "755" ]]; then
|
|||
chmod 755 /var/log/kolla/neutron
|
||||
fi
|
||||
|
||||
# set legacy iptables to allow kernels not supporting iptables-nft
|
||||
if /usr/bin/update-alternatives --query iptables; then
|
||||
if [[ $KOLLA_LEGACY_IPTABLES == "true" ]]; then
|
||||
sudo /usr/bin/update-alternatives --set iptables /usr/sbin/iptables-legacy
|
||||
sudo /usr/bin/update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
|
||||
else
|
||||
sudo /usr/bin/update-alternatives --auto iptables
|
||||
sudo /usr/bin/update-alternatives --auto ip6tables
|
||||
fi
|
||||
fi
|
||||
|
||||
. /usr/local/bin/kolla_neutron_extend_start
|
||||
|
|
|
@ -1,2 +1,6 @@
|
|||
neutron ALL = (root) NOPASSWD: /var/lib/kolla/venv/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
|
||||
neutron ALL = (root) NOPASSWD: /var/lib/kolla/venv/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --set iptables /usr/sbin/iptables-legacy
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --auto iptables
|
||||
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --auto ip6tables
|
||||
|
|
Loading…
Reference in New Issue