Skip to content

Commit e43521a

Browse files
abdosiAbhishek Dosi
abdosi
and
Abhishek Dosi
committed
[Multi-Asic] Fix for multi-asic where we should allow docker local (#5364)
communication on docker eth0 ip . Without this TCP Connection to Redis does not happen in namespace. Signed-off-by: Abhishek Dosi <abdosi@abdosi-ubuntu-vm0.nwp1qucpfg5ejooejenqshkj3e.cx.internal.cloudapp.net> Co-authored-by: Abhishek Dosi <abdosi@abdosi-ubuntu-vm0.nwp1qucpfg5ejooejenqshkj3e.cx.internal.cloudapp.net>
1 parent 05e5807 commit e43521a

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

files/image_config/caclmgrd/caclmgrd

+4
Original file line numberDiff line numberDiff line change
@@ -182,6 +182,10 @@ class ControlPlaneAclManager(daemon_base.DaemonBase):
182182
allow_internal_docker_ip_cmds = []
183183

184184
if namespace:
185+
# For namespace docker allow local communication on docker management ip for all proto
186+
allow_internal_docker_ip_cmds.append(self.iptables_cmd_ns_prefix[namespace] + "iptables -A INPUT -s {} -d {} -j ACCEPT".format
187+
(self.namespace_docker_mgmt_ip[namespace], self.namespace_docker_mgmt_ip[namespace]))
188+
185189
# For namespace docker allow all tcp/udp traffic from host docker bridge to its eth0 management ip
186190
allow_internal_docker_ip_cmds.append(self.iptables_cmd_ns_prefix[namespace] + "iptables -A INPUT -p tcp -s {} -d {} -j ACCEPT".format
187191
(self.namespace_mgmt_ip, self.namespace_docker_mgmt_ip[namespace]))

0 commit comments

Comments
 (0)