From a08d82d94e59f6361345699df0f6bb991758489a Mon Sep 17 00:00:00 2001 From: zhengtianbao Date: Fri, 12 Nov 2021 21:06:46 -0600 Subject: [PATCH] calico add support for container ip forwarding setting (#8184) --- roles/network_plugin/calico/defaults/main.yml | 3 +++ roles/network_plugin/calico/templates/cni-calico.conflist.j2 | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml index ac1229c02..4b0ca6669 100644 --- a/roles/network_plugin/calico/defaults/main.yml +++ b/roles/network_plugin/calico/defaults/main.yml @@ -123,3 +123,6 @@ calico_bgp_listen_port: 179 # Calico FelixConfiguration options calico_felix_reporting_interval: 0s calico_felix_log_severity_screen: Info + +# Calico container settings +calico_allow_ip_forwarding: false diff --git a/roles/network_plugin/calico/templates/cni-calico.conflist.j2 b/roles/network_plugin/calico/templates/cni-calico.conflist.j2 index bc92f7009..acac05f51 100644 --- a/roles/network_plugin/calico/templates/cni-calico.conflist.j2 +++ b/roles/network_plugin/calico/templates/cni-calico.conflist.j2 @@ -38,6 +38,11 @@ "ipv4_pools": ["{{ calico_pool_cidr | default(kube_pods_subnet) }}"] }, {% endif %} +{% if calico_allow_ip_forwarding %} + "container_settings": { + "allow_ip_forwarding": true + }, +{% endif %} {% if (calico_feature_control is defined) and (calico_feature_control|length > 0) %} "feature_control": { {% for fc in calico_feature_control -%}