From e6b3325120a0ff333ebaea2db2d64e07d5011248 Mon Sep 17 00:00:00 2001
From: Spyros Trigazis <spyridon.trigazis@cern.ch>
Date: Fri, 22 Feb 2019 09:14:10 +0100
Subject: [PATCH] Add reno for flannel reboot fix

Change [0] fixed the issue of reseting iptables on node reboot
when flannel was configured which made pods lose connectivity.

[0] I7f6200a4966fda1cc701749bf1f37ddc492390c5

Change-Id: I07771f2c4711b0b86a53610517abdc3dad270574
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
---
 .../notes/flannel-reboot-fix-f1382818daed4fa8.yaml         | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 releasenotes/notes/flannel-reboot-fix-f1382818daed4fa8.yaml

diff --git a/releasenotes/notes/flannel-reboot-fix-f1382818daed4fa8.yaml b/releasenotes/notes/flannel-reboot-fix-f1382818daed4fa8.yaml
new file mode 100644
index 0000000000..5764102dc9
--- /dev/null
+++ b/releasenotes/notes/flannel-reboot-fix-f1382818daed4fa8.yaml
@@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    Add iptables -P FORWARD ACCEPT unit. On node reboot, kubelet and kube-proxy
+    set iptables -P FORWARD DROP which doesn't work with flannel in the way we
+    use it.  Add a systemd unit to set the rule to ACCEPT after flannel,
+    docker, kubelet, kube-proxy.