From 161c7e9fce4fb7078ac6eba11339f3bb616fd151 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Teo=20Klestrup=20R=C3=B6ijezon?= <teo@nullable.se>
Date: Wed, 23 Dec 2020 17:24:27 +0100
Subject: [PATCH] Blacklist Calico's VXLAN interface from NetworkManager
 (#7037)

See https://github.com/projectcalico/calico/issues/3271

Otherwise Calico can get into a fight with NM about who "owns" the vxlan.calico
interface, breaking all pod traffic.
---
 roles/network_plugin/calico/tasks/install.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml
index bcbf1873d..1d785436a 100644
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@@ -24,7 +24,7 @@
   copy:
     content: |
       [keyfile]
-      unmanaged-devices=interface-name:cali*;interface-name:tunl*
+      unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico
     dest: /etc/NetworkManager/conf.d/calico.conf
   when: nm_check.rc == 0
   notify: Calico | Reload NetworkManager