Make iptables persistent after reboot

author Gulsum Atici <gulsum.atici@canonical.com>

Wed, 1 Feb 2023 08:15:52 +0000 (11:15 +0300)

committer beierlm <mark.beierl@canonical.com>

Fri, 3 Feb 2023 15:11:49 +0000 (16:11 +0100)
author Gulsum Atici <gulsum.atici@canonical.com>
Wed, 1 Feb 2023 08:15:52 +0000 (11:15 +0300)
committer beierlm <mark.beierl@canonical.com>
Fri, 3 Feb 2023 15:11:49 +0000 (16:11 +0100)
diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh

index 3160eb4..8c651e2 100755 (executable)
--- a/installers/full_install_osm.sh
+++ b/installers/full_install_osm.sh
@@ -823,8 +823,7 @@ function install_osm() {
      add_local_k8scluster
      track final_ops add_local_k8scluster_ok
  
-    echo -e "Fixup firewall so docker and LXD can share the host."
-    sudo iptables -I DOCKER-USER -j ACCEPT
+    arrange_docker_default_network_policy
  
      wget -q -O- https://osm-download.etsi.org/ftp/osm-13.0-thirteen/README2.txt &> /dev/null
      track end
@@ -887,6 +886,13 @@ function install_to_openstack() {
      return 0
  }
  
+function arrange_docker_default_network_policy() {
+    echo -e "Fixing firewall so docker and LXD can share the same host without affecting each other."
+    sudo iptables -I DOCKER-USER -j ACCEPT
+    sudo iptables-save | sudo tee /etc/iptables/rules.v4
+    sudo ip6tables-save | sudo tee /etc/iptables/rules.v6
+}
+
  function install_k8s_monitoring() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
      # install OSM monitoring
author	Gulsum Atici <gulsum.atici@canonical.com>
	Wed, 1 Feb 2023 08:15:52 +0000 (11:15 +0300)
committer	beierlm <mark.beierl@canonical.com>
	Fri, 3 Feb 2023 15:11:49 +0000 (16:11 +0100)