Nuage changes to support IPTables kube-proxy in OpenShift

changing the conditional to negation of pod network address rather than using host address

roles/nuage_node/tasks/iptables.yml

@@ -15,3 +15,9 @@
   when: "'nuage-underlay-overlay' not in iptablesrules.stdout"
   notify:
     - save iptable rules
+
+- name: Allow docker daemon traffic from underlay to overlay
+  command: /sbin/iptables -t nat -A POSTROUTING ! -s {{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }} -o svc-pat-tap -j MASQUERADE -m comment --comment "nuage-docker-underlay-overlay"
+  when: "'nuage-docker-underlay-overlay' not in iptablesrules.stdout"
+  notify:
+    - save iptable rules

roles/nuage_node/tasks/main.yaml

@@ -11,6 +11,10 @@
   become: yes
   lineinfile: dest={{ vrs_config }} regexp=^ACTIVE_CONTROLLER line='ACTIVE_CONTROLLER={{ vsc_active_ip }}'
 
+- name: Set the K8S/OSE Cluster service CIDR
+  become: yes
+  lineinfile: dest={{ vrs_config }} regexp=^K8S_SERVICE_IPV4_SUBNET line='K8S_SERVICE_IPV4_SUBNET={{ k8s_cluster_service_cidr }}'
+
 - name: Set the Standby Controller
   become: yes
   lineinfile: dest={{ vrs_config }} regexp=^STANDBY_CONTROLLER line='STANDBY_CONTROLLER={{ vsc_standby_ip }}'