sous-chefs · bflad · Apr 12, 2014 · Apr 8, 2014 · Apr 8, 2014 · Apr 8, 2014
diff --git a/README.md b/README.md
@@ -98,6 +98,7 @@ image_cmd_timeout | image LWRP default cmd_timeout seconds | Fixnum | 300
 init_type | Init type for docker ("runit", "systemd", "sysv", or "upstart") | String | auto-detected (see attributes/default.rb)
 install_dir | Installation directory for docker binary | String | auto-detected (see attributes/default.rb)
 install_type | Installation type for docker ("binary", "package" or "source") | String | "package"
+ipv4_forward | Sysctl set net.ipv4.ip_forward to 1 | Boolean | true
 logfile | Set custom DOCKER_LOGFILE | String | nil
 options | Additional options to pass to docker. These could be flags like "-api-enable-cors". | String | nil
 pidfile | Set custom DOCKER_PIDFILE | String | nil

diff --git a/attributes/default.rb b/attributes/default.rb
@@ -73,6 +73,9 @@
 
 default['docker']['version'] = nil
 
+# IP forwarding
+default['docker']['ipv4_forward'] = true
+
 # Binary attributes
 default['docker']['binary']['version'] = node['docker']['version'] || 'latest'
 default['docker']['binary']['url'] = "http://get.docker.io/builds/#{node['kernel']['name']}/#{node['docker']['arch']}/docker-#{node['docker']['binary']['version']}"

diff --git a/recipes/default.rb b/recipes/default.rb
@@ -5,7 +5,7 @@
   package 'bsdtar'
   sysctl_param 'net.ipv4.ip_forward' do
     value 1
-    only_if { node['platform'] == 'debian' }
+    only_if { node['platform'] == 'debian' && node['docker']['ipv4_forward'] }
   end
 end
 

diff --git a/templates/default/docker.service.erb b/templates/default/docker.service.erb
@@ -14,7 +14,11 @@ Environment="HTTP_PROXY=<%= node['docker']['http_proxy'] %>"
 <% if node['docker']['tmpdir'] -%>
 Environment="TMPDIR=<%= node['docker']['tmpdir'] %>"
 <% end -%>
+<% if node['docker']['ipv4_forward'] -%>
 ExecStartPre=/usr/sbin/sysctl -w net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1
+<% else -%>
+ExecStartPre=/usr/sbin/sysctl -w net.ipv6.conf.all.forwarding=1
+<% end -%>
 ExecStart=<%= node['docker']['install_dir'] %>/docker -d<%= node['docker']['bind_socket'] ? " -H #{node['docker']['bind_socket']}" : '' %><%= node['docker']['bind_uri'] ? " -H #{node['docker']['bind_uri']}" : '' %><%= node['docker']['container_init_type'] ? ' -r=false' : '' %><%= node['docker']['options'] ? " #{node['docker']['options']}" : '' %><%= node['docker']['storage_driver'] ? " -s #{node['docker']['storage_driver']}" : '' %><%= node['docker']['exec_driver'] ? " -e #{node['docker']['exec_driver']}" : '' %><%= node['docker']['group'] ? " -G #{node['docker']['group']}" : '' %>
 Restart=on-failure
 

diff --git a/templates/default/docker.sysv.erb b/templates/default/docker.sysv.erb
@@ -39,7 +39,9 @@ prestart() {
 
     preexec="/sbin/sysctl"
     [ -x $preexec ] || exit 6
+    <% if node['docker']['ipv4_forward'] -%>
     $preexec -w net.ipv4.ip_forward=1 > /dev/null 2>&1
+    <% end -%>
     $preexec -w net.ipv6.conf.all.forwarding=1 > /dev/null 2>&1
 
 }