From 25db4eb0122595febf567d9bcc91b9ba3cce1a34 Mon Sep 17 00:00:00 2001
From: Ciprian Hacman <ciprian.hacman@sematext.com>
Date: Thu, 17 Dec 2020 14:15:38 +0200
Subject: [PATCH] Allow Calico to run on systems with loose reverse path
 forwarding

---
 upup/models/bindata.go                                         | 3 +++
 .../addons/networking.projectcalico.org/k8s-1.12.yaml.template | 3 +++
 upup/pkg/fi/cloudup/bootstrapchannelbuilder.go                 | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/upup/models/bindata.go b/upup/models/bindata.go
index fb61d6601c042..d06bb1a6ef164 100644
--- a/upup/models/bindata.go
+++ b/upup/models/bindata.go
@@ -33035,6 +33035,9 @@ spec:
             # Set Felix endpoint to host default action to ACCEPT.
             - name: FELIX_DEFAULTENDPOINTTOHOSTACTION
               value: "ACCEPT"
+            # Allow Felix to run on systems with loose reverse path forwarding (RPF)
+            - name: FELIX_IGNORELOOSERPF
+              value: "true"
             # Disable IPv6 on Kubernetes.
             - name: FELIX_IPV6SUPPORT
               value: "false"
diff --git a/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template b/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template
index 36426238bc97e..6443943382c4e 100644
--- a/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template
+++ b/upup/models/cloudup/resources/addons/networking.projectcalico.org/k8s-1.12.yaml.template
@@ -813,6 +813,9 @@ spec:
             # Set Felix endpoint to host default action to ACCEPT.
             - name: FELIX_DEFAULTENDPOINTTOHOSTACTION
               value: "ACCEPT"
+            # Allow Felix to run on systems with loose reverse path forwarding (RPF)
+            - name: FELIX_IGNORELOOSERPF
+              value: "true"
             # Disable IPv6 on Kubernetes.
             - name: FELIX_IPV6SUPPORT
               value: "false"
diff --git a/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go b/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go
index 972b75b060650..f128fec131643 100644
--- a/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go
+++ b/upup/pkg/fi/cloudup/bootstrapchannelbuilder.go
@@ -742,7 +742,7 @@ func (b *BootstrapChannelBuilder) buildAddons(c *fi.ModelBuilderContext) (*chann
 	if b.Cluster.Spec.Networking.Calico != nil {
 		key := "networking.projectcalico.org"
 		versions := map[string]string{
-			"k8s-1.12": "3.9.6-kops.1",
+			"k8s-1.12": "3.9.6-kops.2",
 			"k8s-1.16": "3.17.1-kops.1",
 		}