Set sysctl values

A few sysctl values are required for networking to work. All of them
are documented at docs.openstack.org and while some of them are the
defaults on systems, they should be explicitly set since networking
will break without them set.

Change-Id: I4507eb2602e52eeab61bdceea4c94b1c35696a7d
Closes-Bug: #1482794

ansible/roles/neutron/tasks/config.yml

@@ -1,4 +1,15 @@
 ---
+- name: Allowing IP forwarding on network node
+  sysctl: name="net.ipv4.ip_forward" value=1 sysctl_set=yes
+  when: inventory_hostname in groups['neutron-agents']
+
+- name: Disabling reverse path filter on network node
+  sysctl: name="net.ipv4.{{ item }}.rp_filter" value=0 sysctl_set=yes
+  with_items:
+    - "all"
+    - "default"
+  when: inventory_hostname in groups['neutron-agents']
+
 - include: ../../config.yml
   vars:
     service_name: "neutron-server"

ansible/roles/nova/tasks/config.yml

@@ -1,4 +1,18 @@
 ---
+- name: Disabling netfilter for bridges
+  sysctl: name="net.ipv4.bridge-nf-call-{{ item }}" value=1 sysctl_set=yes
+  with_items:
+    - "iptables"
+    - "ip6tables"
+  when: inventory_hostname in groups['compute']
+
+- name: Disabling reverse path filter on compute node
+  sysctl: name="net.ipv4.{{ item }}.rp_filter" value=0 sysctl_set=yes
+  with_items:
+    - "all"
+    - "default"
+  when: inventory_hostname in groups['neutron-agents']
+
 - include: ../../config.yml
   vars:
     service_name: "nova-api"