Bug 1493955
Summary: | iptables -I FORWARD -d 172.30.0.0/16 -i eth1 -j ACCEPT' is needed while using flannel for openshift deployment on openstack for pod to pod communication present on different nodes. | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Miheer Salunke <misalunk> |
Component: | Networking | Assignee: | Ivan Chavero <ichavero> |
Status: | CLOSED ERRATA | QA Contact: | Meng Bo <bmeng> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 3.5.0 | CC: | aos-bugs, bbennett, danw, eminguez, erich, ichavero, mlamouri |
Target Milestone: | --- | ||
Target Release: | 3.9.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-03-28 14:06:20 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1537105 | ||
Bug Blocks: |
Description
Miheer Salunke
2017-09-21 08:24:37 UTC
The rule: iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE was also needed Ivan, can you work with the installer team to see how we can get the above rules added to the ansible installer. Created WIP Pull Request https://github.com/openshift/openshift-ansible/pull/5853 *** Bug 1490820 has been marked as a duplicate of this bug. *** Tested with openshift-ansible-3.9.0-0.31.0.git.0.e0a0ad8.el7.noarch.rpm the following iptables rules are added -A POSTROUTING -o eth0 -m comment --comment "Allow external network access" -j MASQUERADE -A FORWARD -d 10.128.0.0/14 -i eth0 -m comment --comment "Pod to Pod communication" -j ACCEPT Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0489 |