From 1712ba11982e4371afe79bd5041bc092d7c5f88f Mon Sep 17 00:00:00 2001
From: Florian Ruynat <16313165+floryut@users.noreply.github.com>
Date: Thu, 10 Sep 2020 12:49:52 +0200
Subject: [PATCH] Add iptables_backend to weave options (#6639)

---
 inventory/sample/group_vars/k8s-cluster/k8s-net-weave.yml | 3 +++
 roles/network_plugin/weave/defaults/main.yml              | 3 +++
 roles/network_plugin/weave/templates/weave-net.yml.j2     | 4 ++++
 3 files changed, 10 insertions(+)

diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-net-weave.yml b/inventory/sample/group_vars/k8s-cluster/k8s-net-weave.yml
index f8c8bba33..ed6c3c08e 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-net-weave.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-net-weave.yml
@@ -53,6 +53,9 @@
 # only with Weave IPAM (default).
 # weave_no_masq_local: true
 
+# set to nft to use nftables backend for iptables (default is iptables)
+# weave_iptables_backend: iptables
+
 # Extra variables that passing to launch.sh, useful for enabling seed mode, see
 # https://www.weave.works/docs/net/latest/tasks/ipam/ipam/
 # weave_extra_args: ~
diff --git a/roles/network_plugin/weave/defaults/main.yml b/roles/network_plugin/weave/defaults/main.yml
index ee636e56f..b1c79a6db 100644
--- a/roles/network_plugin/weave/defaults/main.yml
+++ b/roles/network_plugin/weave/defaults/main.yml
@@ -53,6 +53,9 @@ weave_mtu: 1376
 # only with Weave IPAM (default).
 weave_no_masq_local: true
 
+# set to nft to use nftables backend for iptables (default is iptables)
+weave_iptables_backend: ~
+
 # Extra variables that passing to launch.sh, useful for enabling seed mode, see
 # https://www.weave.works/docs/net/latest/tasks/ipam/ipam/
 weave_extra_args: ~
diff --git a/roles/network_plugin/weave/templates/weave-net.yml.j2 b/roles/network_plugin/weave/templates/weave-net.yml.j2
index 28540bcfa..04bc8e431 100644
--- a/roles/network_plugin/weave/templates/weave-net.yml.j2
+++ b/roles/network_plugin/weave/templates/weave-net.yml.j2
@@ -163,6 +163,10 @@ items:
 {% if weave_status_addr %}
                 - name: WEAVE_STATUS_ADDR
                   value: "{{ weave_status_addr }}"
+{% endif %}
+{% if weave_iptables_backend %}
+                - name: IPTABLES_BACKEND
+                  value: "{{ weave_iptables_backend }}"
 {% endif %}
                 - name: WEAVE_MTU
                   value: "{{ weave_mtu | int }}"