From ef34f5fe7d226d41140a7b2698804ca4aba9148a Mon Sep 17 00:00:00 2001
From: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
Date: Mon, 24 Jan 2022 09:47:57 +0200
Subject: [PATCH] [calico] switch default iptables backend detection to Auto
 (#8429)

---
 inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml     | 2 +-
 roles/network_plugin/calico/defaults/main.yml                  | 2 +-
 .../files/packet_almalinux8-calico-nodelocaldns-secondary.yml  | 3 ---
 tests/files/packet_almalinux8-calico.yml                       | 3 ---
 tests/files/packet_almalinux8-crio.yml                         | 3 ---
 tests/files/packet_almalinux8-docker.yml                       | 3 ---
 6 files changed, 2 insertions(+), 14 deletions(-)

diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
index 4228c2bf2..bb0327d0d 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
@@ -59,7 +59,7 @@
 # calico_datastore: "kdd"
 
 # Choose Calico iptables backend: "Legacy", "Auto" or "NFT"
-# calico_iptables_backend: "Legacy"
+# calico_iptables_backend: "Auto"
 
 # Use typha (only with kdd)
 # typha_enabled: false
diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml
index 4b0ca6669..0f365751a 100644
--- a/roles/network_plugin/calico/defaults/main.yml
+++ b/roles/network_plugin/calico/defaults/main.yml
@@ -78,7 +78,7 @@ calico_healthhost: "localhost"
 calico_iptables_lock_timeout_secs: 10
 
 # Choose Calico iptables backend: "Legacy", "Auto" or "NFT" (FELIX_IPTABLESBACKEND)
-calico_iptables_backend: "Legacy"
+calico_iptables_backend: "Auto"
 
 # Calico Wireguard support
 calico_wireguard_enabled: false
diff --git a/tests/files/packet_almalinux8-calico-nodelocaldns-secondary.yml b/tests/files/packet_almalinux8-calico-nodelocaldns-secondary.yml
index 8224b4f14..52ef86984 100644
--- a/tests/files/packet_almalinux8-calico-nodelocaldns-secondary.yml
+++ b/tests/files/packet_almalinux8-calico-nodelocaldns-secondary.yml
@@ -7,6 +7,3 @@ vm_memory: 3072Mi
 # Kubespray settings
 enable_nodelocaldns_secondary: true
 loadbalancer_apiserver_type: haproxy
-
-# required
-calico_iptables_backend: "Auto"
diff --git a/tests/files/packet_almalinux8-calico.yml b/tests/files/packet_almalinux8-calico.yml
index fd2ba06dd..809df9e79 100644
--- a/tests/files/packet_almalinux8-calico.yml
+++ b/tests/files/packet_almalinux8-calico.yml
@@ -9,6 +9,3 @@ metrics_server_enabled: true
 dashboard_namespace: "kube-dashboard"
 dashboard_enabled: true
 loadbalancer_apiserver_type: haproxy
-
-# required
-calico_iptables_backend: "Auto"
diff --git a/tests/files/packet_almalinux8-crio.yml b/tests/files/packet_almalinux8-crio.yml
index ca46f744d..35fa00979 100644
--- a/tests/files/packet_almalinux8-crio.yml
+++ b/tests/files/packet_almalinux8-crio.yml
@@ -6,6 +6,3 @@ mode: default
 # Kubespray settings
 container_manager: crio
 auto_renew_certificates: true
-
-# required
-calico_iptables_backend: "Auto"
diff --git a/tests/files/packet_almalinux8-docker.yml b/tests/files/packet_almalinux8-docker.yml
index 9e60c2b8f..bcc69cd53 100644
--- a/tests/files/packet_almalinux8-docker.yml
+++ b/tests/files/packet_almalinux8-docker.yml
@@ -4,9 +4,6 @@ cloud_image: almalinux-8
 mode: default
 vm_memory: 3072Mi
 
-# required
-calico_iptables_backend: "Auto"
-
 # Use docker
 container_manager: docker
 etcd_deployment_type: docker
-- 
GitLab