From 884053aaa71c40b290aadef6c70416a8f98a6a32 Mon Sep 17 00:00:00 2001
From: Alex Yakovenko <aleksey.yakovenko@gmail.com>
Date: Tue, 18 Sep 2018 15:48:29 +0300
Subject: [PATCH] Make Felix healthhost configurable

---
 docs/calico.md                                           | 9 +++++++++
 roles/network_plugin/calico/defaults/main.yml            | 3 +++
 roles/network_plugin/calico/templates/calico-node.yml.j2 | 2 ++
 3 files changed, 14 insertions(+)

diff --git a/docs/calico.md b/docs/calico.md
index f6adaa662..414dc961a 100644
--- a/docs/calico.md
+++ b/docs/calico.md
@@ -164,6 +164,15 @@ To re-define default action please set the following variable in your inventory:
 calico_endpoint_to_host_action: "ACCEPT"
 ```
 
+##### Optional : Define address on which Felix will respond to health requests
+
+Since Calico 3.2.0, HealthCheck default behavior changed from listening on all interfaces to just listening on localhost.
+
+To re-define health host please set the following variable in your inventory:
+```
+calico_healthhost: "0.0.0.0"
+```
+
 Cloud providers configuration
 =============================
 
diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml
index a1c6f1d22..c43092b45 100644
--- a/roles/network_plugin/calico/defaults/main.yml
+++ b/roles/network_plugin/calico/defaults/main.yml
@@ -48,6 +48,9 @@ calico_upgrade_version: v1.0.5
 # see https://github.com/projectcalico/felix/blob/ab8799eaea66627e5db7717e62fca61fd9c08646/python/calico/felix/config.py#L198
 calico_node_ignorelooserpf: false
 
+# Define address on which Felix will respond to health requests
+calico_healthhost: "localhost"
+
 # If you want to use non default IP_AUTODETECTION_METHOD for calico node set this option to one of:
 # * can-reach=DESTINATION
 # * interface=INTERFACE-REGEX
diff --git a/roles/network_plugin/calico/templates/calico-node.yml.j2 b/roles/network_plugin/calico/templates/calico-node.yml.j2
index 09eeb6618..830c668bf 100644
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@@ -65,6 +65,8 @@ spec:
             # Set Felix endpoint to host default action to ACCEPT.
             - name: FELIX_DEFAULTENDPOINTTOHOSTACTION
               value: "{{ calico_endpoint_to_host_action|default('RETURN') }}"
+            - name: FELIX_HEALTHHOST
+              value: "{{ calico_healthhost }}"
 # should be set in etcd before deployment
 #            # Configure the IP Pool from which Pod IPs will be chosen.
 #            - name: CALICO_IPV4POOL_CIDR
-- 
GitLab