Re: [Rdo-list] Why is a bug fixed in RHOS/RHEL but not in Rawhide?

On Thu, Dec 18, 2014 at 12:19:10PM +0100, Kashyap Chamarthy wrote:

> > The bug still happens in a freshly created Rawhide VM that just runs > > 'packstack --allinone'. Any idea who/what it is that adds > > net.bridge.bridge-nf-call-* rules into /etc/sysctl.conf? > > Looking up Bugzilla, seems like it's needed to get Neutron networking > security groups working correctly, this is the bug > > https://bugzilla.redhat.com/show_bug.cgi?id=981144 -- need to set > net.bridge.bridge-nf-call-iptables=1 for --allinone installation > > which says > > For the single node deployment with "packstack --allinone", > following kernel parms should be set so that the security group > works correctly. > > net.bridge.bridge-nf-call-ip6tables = 1 > net.bridge.bridge-nf-call-iptables = 1 > net.bridge.bridge-nf-call-arptables = 1 I believe the underlying problem is that 'br_netfilter' (a kernel module) is not getting loaded. This module is what creates /proc/sys/net/bridge/bridge-nf-* files. If I load the module manually before running packstack then I can get around this problem. There are a few possibilities here: - Because I'm starting from @Core (ie. a minimal package set), it could be that some other program that would normally be installed and which would load this module is not installed. ie. A missing dependency. - Something in Rawhide previously loaded/required this module, but now doesn't. - Something specific to aarch64 (this one seems unlikely). On a similar topic, here is a another bug which causes me some concern about the state of RDO in Rawhide: https://bugzilla.redhat.com/show_bug.cgi?id=1175472