Workaround for postgres job with ubuntu bionic

Adding a firewall rule as workaround to help TFTP traffic
necessary for Ironic to work with PXE on Ubuntu Bionic.
Inspired by https://review.openstack.org/643570
Thanks Harald!

Depends-On: https://review.openstack.org/642507

Change-Id: I314f7b436827c318c3ccec22eb85cf4d4ac695df
This commit is contained in:
Riccardo Pittau 2019-03-19 12:02:56 +01:00
parent 1027dbab51
commit da966c9873

View File

@ -2172,6 +2172,13 @@ function configure_iptables {
if [[ "${IRONIC_STORAGE_INTERFACE}" == "cinder" ]]; then if [[ "${IRONIC_STORAGE_INTERFACE}" == "cinder" ]]; then
sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $ISCSI_SERVICE_PORT -s $FLOATING_RANGE -j ACCEPT || true sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $ISCSI_SERVICE_PORT -s $FLOATING_RANGE -j ACCEPT || true
fi fi
# (rpittau) workaround to allow TFTP traffic on ubuntu bionic with conntrack helper disabled
local qrouter
qrouter=$(sudo ip netns list | grep qrouter | awk '{print $1;}')
if [[ ! -z "$qrouter" ]]; then
sudo ip netns exec $qrouter /sbin/iptables -A PREROUTING -t raw -p udp --dport 69 -j CT --helper tftp
fi
} }
function configure_tftpd { function configure_tftpd {