From 3ff6a2e7ff985a8cfa1be6f72642019a605f0a84 Mon Sep 17 00:00:00 2001
From: Florian Ruynat <florian234@hotmail.com>
Date: Mon, 27 Apr 2020 09:03:39 +0200
Subject: [PATCH] Update default (erroneous) backend value for calico (#6031)

---
 inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml | 4 ++--
 roles/network_plugin/calico/defaults/main.yml              | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
index 5e0d7d76d..9dfaabbb4 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
@@ -31,8 +31,8 @@
 # Choose data store type for calico: "etcd" or "kdd" (kubernetes datastore)
 # calico_datastore: "etcd"
 
-# Choose Calico iptables backend: "Iptables" or "NFT"
-# calico_iptables_backend: "Iptables"
+# Choose Calico iptables backend: "Legacy", "Auto" or "NFT"
+# calico_iptables_backend: "Legacy"
 
 # Use typha (only with kdd)
 # typha_enabled: false
diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml
index 8f0e985cb..b8ed03393 100644
--- a/roles/network_plugin/calico/defaults/main.yml
+++ b/roles/network_plugin/calico/defaults/main.yml
@@ -56,8 +56,8 @@ calico_healthhost: "localhost"
 # Configure time in seconds that calico will wait for the iptables lock
 calico_iptables_lock_timeout_secs: 10
 
-# Choose Calico iptables backend: "Iptables" or "NFT" (FELIX_IPTABLESBACKEND)
-calico_iptables_backend: "Iptables"
+# Choose Calico iptables backend: "Legacy", "Auto" or "NFT" (FELIX_IPTABLESBACKEND)
+calico_iptables_backend: "Legacy"
 
 # If you want to use non default IP_AUTODETECTION_METHOD for calico node set this option to one of:
 # * can-reach=DESTINATION