Merge "Switch to with items for sysctl"

ca6959ca · Jenkins · Gerrit Code Review · 25a33ca0 · 976c9c93 · ca6959ca
Commit ca6959ca authored 9 years ago by Jenkins Committed by Gerrit Code Review 9 years ago
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
 ---
- name: Allowing IP forwarding on network node
-  sysctl: name="net.ipv4.ip_forward" value=1 sysctl_set=yes
-  when:
-    - set_sysctl | bool
-    - inventory_hostname in groups['neutron-l3-agent']
-
- name: Disabling reverse path filter on network node
-  sysctl: name="net.ipv4.conf.{{ item }}.rp_filter" value=0 sysctl_set=yes
+- name: Setting sysctl values
+  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
  with_items:
-    - "all"
-    - "default"
+    - { name: "net.ipv4.ip_forward", value: 1}
+    - { name: "net.ipv4.conf.all.rp_filter", value: 0}
+    - { name: "net.ipv4.conf.default.rp_filter", value: 0}
  when:
    - set_sysctl | bool
    - inventory_hostname in groups['neutron-l3-agent']

--- a/ansible/roles/nova/tasks/config.yml
+++ b/ansible/roles/nova/tasks/config.yml
 ---
- name: Disabling netfilter for bridges
-  sysctl: name="net.bridge.bridge-nf-call-{{ item }}" value=1 sysctl_set=yes
+- name: Setting sysctl values
+  sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
  with_items:
-    - "iptables"
-    - "ip6tables"
-  when:
-    - set_sysctl | bool
-    - inventory_hostname in groups['compute']
-
- name: Disabling reverse path filter on compute node
-  sysctl: name="net.ipv4.conf.{{ item }}.rp_filter" value=0 sysctl_set=yes
-  with_items:
-    - "all"
-    - "default"
+    - { name: "net.bridge.bridge-nf-call-iptables", value: 1}
+    - { name: "net.bridge.bridge-nf-call-ip6tables", value: 1}
+    - { name: "net.ipv4.conf.all.rp_filter", value: 0}
+    - { name: "net.ipv4.conf.default.rp_filter", value: 0}
  when:
    - set_sysctl | bool
    - inventory_hostname in groups['compute']