Bug 1415046 - [3.1] Installer should persist net.ipv4.ip_forward
Summary: [3.1] Installer should persist net.ipv4.ip_forward
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.1.0
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: ---
: 3.1.1
Assignee: Scott Dodson
QA Contact: Wenkai Shi
URL:
Whiteboard:
Depends On: 1372388 1415067 1477716
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-20 05:44 UTC by Jaspreet Kaur
Modified: 2017-08-02 17:02 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Network Manager resets the net.ipv4.ip_forward parameter Consequence: OpenShift loses certain functionality. Fix: The installer sets the sysctl parameter on the system level now. Result: Network manager restarts no longer interfere with the installation process.
Clone Of: 1372388
Environment:
Last Closed: 2017-04-19 20:17:11 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Comment 4 Scott Dodson 2017-01-20 16:06:19 UTC
Workaround is to run the following

echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -w net.ipv4.ip_forward=1

Comment 6 Tim Bielawa 2017-03-16 18:24:22 UTC
The commit(s) that persist the sysctl parameter are present in the 1.2, 1.3, 1.4, 1.5, and master branches

I have checked where the original fix for this has propagated to. The original commit was in the master branch:

> https://github.com/openshift/openshift-ansible/commit/2ce9018ece4dffe10ecc355adffa6fd2782619d7

and was backported into the 1.{3,4,5} branches:

> $ git branch --contains=2ce9018ece4dffe10ecc355adffa6fd2782619d7 | grep -E '(release|master)'            
> * master
>   release-1.3
>   release-1.4
>   release-1.5

And later backported to the 3.2 branch (I forgot to cherry-pick so it got a new hash):

> https://github.com/openshift/openshift-ansible/commit/2ecf5f2305e0389a9c971a67cc1768d3bd3c60f5

> $ git branch --contains=2ecf5f2305e0389a9c971a67cc1768d3bd3c60f5 | grep -E '(release|master)'
>   release-1.2

I could not locate a release-1.1 branch in the openshift-ansible repository. I will consult with sdodson as to what we should do about this whole matter.

Comment 7 Tim Bielawa 2017-03-16 18:34:51 UTC
Scott pointed me at the branch. Whoops.

New PR is open to backport this to 1.1

https://github.com/openshift/openshift-ansible/pull/3686

Comment 8 Tim Bielawa 2017-03-16 18:37:55 UTC
Merged

Comment 10 Wenkai Shi 2017-03-17 06:23:14 UTC
(In reply to Tim Bielawa from comment #8)
> Merged

Could you please help to build a 3.1 errata puddle? Then I can verify this. Thank you!

Comment 11 Tim Bielawa 2017-03-17 16:14:17 UTC
(In reply to Wenkai Shi from comment #10)
> (In reply to Tim Bielawa from comment #8)
> > Merged
> 
> Could you please help to build a 3.1 errata puddle? Then I can verify this.
> Thank you!

I'm not certain how to do that but I'm pinging Scott again to see if maybe he can help.

Comment 13 Wenkai Shi 2017-03-22 02:31:47 UTC
(In reply to Tim Bielawa from comment #11)
> (In reply to Wenkai Shi from comment #10)
> > (In reply to Tim Bielawa from comment #8)
> > > Merged
> > 
> > Could you please help to build a 3.1 errata puddle? Then I can verify this.
> > Thank you!
> 
> I'm not certain how to do that but I'm pinging Scott again to see if maybe
> he can help.

I can not find a 3.1 errata puddle to verify this. Could you please help me to build a new puddle?

Comment 14 Wenkai Shi 2017-03-22 02:57:56 UTC
(In reply to Tim Bielawa from comment #11)
> (In reply to Wenkai Shi from comment #10)
> > (In reply to Tim Bielawa from comment #8)
> > > Merged
> > 
> > Could you please help to build a 3.1 errata puddle? Then I can verify this.
> > Thank you!
> 
> I'm not certain how to do that but I'm pinging Scott again to see if maybe
> he can help.

Sorry for last comment... change the status to modified, and will verify this when the status change to ON_QA.

Comment 17 Wenkai Shi 2017-03-31 06:27:24 UTC
Verified with version openshift-ansible-3.0.99-1.git.0.d5976c8.el7aos.noarch.

Setup an env, after installation, check the current IP forwarding status on node:
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
# grep net.ipv4.ip_forward /etc/sysctl.conf
net.ipv4.ip_forward=1

Then reboot and check the IP forwarding status:
# systemctl reboot
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1


Note You need to log in before you can comment on or make changes to this bug.