From 95111e6ca86e80fbf0f2b5d166bc7f5b230b4154 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Mon, 9 Dec 2019 12:16:31 +0900
Subject: [PATCH] Add support to configure pcsd bind address

Add support to configure pcsd bind address so that we can
make pcsd listen on specific address instead of all interfaces
on the node.

Related-Bug: #1856626
Depends-on: https://review.opendev.org/697942
Change-Id: I442b190b6fa429ee3a81fd2ea84ada6ed9bca7d2
(cherry picked from commit b5ee4bacacd3b63d98b7cf37d526c460f8113dcb)
---
 manifests/profile/base/pacemaker.pp        | 6 ++++++
 manifests/profile/base/pacemaker_remote.pp | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/manifests/profile/base/pacemaker.pp b/manifests/profile/base/pacemaker.pp
index bb6f2a855..bdff833da 100644
--- a/manifests/profile/base/pacemaker.pp
+++ b/manifests/profile/base/pacemaker.pp
@@ -85,6 +85,10 @@
 #  (Optional) Boolean driving the Instance HA controlplane configuration
 #  Defaults to false
 #
+# [*pcsd_bind_addr*]
+#   (Optional) List of IP addresses pcsd should bind to
+#   Defaults to undef
+#
 # [*tls_priorities*]
 #   (optional) Sets PCMK_tls_priorities in /etc/sysconfig/pacemaker when set
 #   Defaults to hiera('tripleo::pacemaker::tls_priorities', undef)
@@ -106,6 +110,7 @@ class tripleo::profile::base::pacemaker (
   $encryption                = true,
   $resource_op_defaults      = undef,
   $enable_instanceha         = hiera('tripleo::instanceha', false),
+  $pcsd_bind_addr            = undef,
   $tls_priorities            = hiera('tripleo::pacemaker::tls_priorities', undef),
 ) {
 
@@ -172,6 +177,7 @@ class tripleo::profile::base::pacemaker (
       cluster_setup_extras => $cluster_setup_extras,
       remote_authkey       => $remote_authkey,
       cluster_members_addr => $pacemaker_node_ips_real,
+      pcsd_bind_addr       => $pcsd_bind_addr,
       tls_priorities       => $tls_priorities,
     }
     if str2bool(hiera('docker_enabled', false)) {
diff --git a/manifests/profile/base/pacemaker_remote.pp b/manifests/profile/base/pacemaker_remote.pp
index 63e30bb02..1488f4f0f 100644
--- a/manifests/profile/base/pacemaker_remote.pp
+++ b/manifests/profile/base/pacemaker_remote.pp
@@ -40,6 +40,10 @@
 #   (Optional) Whether or not to manage stonith devices for nodes
 #   Defaults to hiera('enable_fencing', false)
 #
+# [*pcsd_bind_addr*]
+#   (Optional) List of IP addresses pcsd should bind to
+#   Defaults to undef
+#
 # [*tls_priorities*]
 #   (optional) Sets PCMK_tls_priorities in /etc/sysconfig/pacemaker when set
 #   Defaults to hiera('tripleo::pacemaker::tls_priorities', undef)
@@ -55,6 +59,7 @@ class tripleo::profile::base::pacemaker_remote (
   $pcs_user       = 'hacluster',
   $pcs_password   = hiera('hacluster_pwd', undef),
   $enable_fencing = hiera('enable_fencing', false),
+  $pcsd_bind_addr = undef,
   $tls_priorities = hiera('tripleo::pacemaker::tls_priorities', undef),
   $step           = Integer(hiera('step')),
 ) {
@@ -66,6 +71,7 @@ class tripleo::profile::base::pacemaker_remote (
     pcs_password   => $pcs_password,
     remote_authkey => $remote_authkey,
     use_pcsd       => true,
+    pcsd_bind_addr => pcsd_bind_addr,
     tls_priorities => $tls_priorities,
   }
   if str2bool(hiera('docker_enabled', false)) {