From a1fc00082c5a1f7f902cc6a98c9036db04dea6a4 Mon Sep 17 00:00:00 2001 From: kginon Date: Tue, 24 Feb 2026 20:28:56 +0200 Subject: [PATCH] cephadm: fix HAProxy/RGW IPv6 failure (ip_nonlocal_bind) Fixes: https://tracker.ceph.com/issues/56660 Signed-off-by: Kobi Ginon --- src/cephadm/cephadmlib/daemons/ingress.py | 2 ++ src/cephadm/tests/test_ingress.py | 14 ++++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/src/cephadm/cephadmlib/daemons/ingress.py b/src/cephadm/cephadmlib/daemons/ingress.py index 645654b59c83..612f37298799 100644 --- a/src/cephadm/cephadmlib/daemons/ingress.py +++ b/src/cephadm/cephadmlib/daemons/ingress.py @@ -127,6 +127,7 @@ class HAproxy(ContainerDaemonForm): '# IP forwarding and non-local bind', 'net.ipv4.ip_forward = 1', 'net.ipv4.ip_nonlocal_bind = 1', + 'net.ipv6.ip_nonlocal_bind = 1', ] def container(self, ctx: CephadmContext) -> CephContainer: @@ -247,6 +248,7 @@ class Keepalived(ContainerDaemonForm): '# IP forwarding and non-local bind', 'net.ipv4.ip_forward = 1', 'net.ipv4.ip_nonlocal_bind = 1', + 'net.ipv6.ip_nonlocal_bind = 1', ] def uid_gid(self, ctx: CephadmContext) -> Tuple[int, int]: diff --git a/src/cephadm/tests/test_ingress.py b/src/cephadm/tests/test_ingress.py index 7f23f64f51fc..9c71bd4761f2 100644 --- a/src/cephadm/tests/test_ingress.py +++ b/src/cephadm/tests/test_ingress.py @@ -184,7 +184,12 @@ def test_haproxy_get_sysctl_settings(): SAMPLE_HAPROXY_IMAGE, ) ss = hap.get_sysctl_settings() - assert len(ss) == 3 + assert ss == [ + '# IP forwarding and non-local bind', + 'net.ipv4.ip_forward = 1', + 'net.ipv4.ip_nonlocal_bind = 1', + 'net.ipv6.ip_nonlocal_bind = 1', + ] @pytest.mark.parametrize( @@ -347,4 +352,9 @@ def test_keepalived_get_sysctl_settings(): SAMPLE_KEEPALIVED_IMAGE, ) ss = kad.get_sysctl_settings() - assert len(ss) == 3 + assert ss == [ + '# IP forwarding and non-local bind', + 'net.ipv4.ip_forward = 1', + 'net.ipv4.ip_nonlocal_bind = 1', + 'net.ipv6.ip_nonlocal_bind = 1', + ] -- 2.47.3