Add support to configure pcsd bind address

Add support to configure pcsd bind address so that we can
make pcsd listen on specific address instead of all interfaces
on the node.

Related-Bug: #1856626
Change-Id: I14d44d983259b4b9fb56173a8d538b3400644805

manifests/corosync.pp

@@ -79,6 +79,10 @@
 #   (optional) Enable pcsd debugging
 #   Defaults to false
 #
+# [*pcsd_bind_addr*]
+#   (optional) List of IP addresses pcsd should bind to
+#   Defaults to undef
+#
 # [*tls_priorities*]
 #   (optional) Sets PCMK_tls_priorities in /etc/sysconfig/pacemaker when set
 #   Defaults to undef
@@ -126,6 +130,7 @@ class pacemaker::corosync(
   $enable_sbd              = false,
   $sbd_watchdog_timeout    = '10',
   $pcsd_debug              = false,
+  $pcsd_bind_addr          = undef,
   $tls_priorities          = undef,
 ) inherits pacemaker {
   include ::pacemaker::params
@@ -178,6 +183,29 @@ class pacemaker::corosync(
       before  => Service['pcsd'],
       notify  => Service['pcsd'],
     }
+
+    if $pcsd_bind_addr != undef {
+      file_line { 'pcsd_bind_addr':
+        path    => $::pacemaker::pcsd_sysconfig,
+        line    => "PCSD_BIND_ADDR='${pcsd_bind_addr}'",
+        match   => '^PCSD_BIND_ADDR=',
+        require => Class['::pacemaker::install'],
+        before  => Service['pcsd'],
+        notify  => Service['pcsd'],
+      }
+    }
+    else {
+      file_line { 'pcsd_bind_addr':
+        ensure            => absent,
+        path              => $::pacemaker::pcsd_sysconfig,
+        match             => '^PCSD_BIND_ADDR=*',
+        require           => Class['::pacemaker::install'],
+        before            => Service['pcsd'],
+        notify            => Service['pcsd'],
+        match_for_absence => true,
+      }
+    }
+
     if $tls_priorities != undef {
       file_line { 'tls_priorities':
         path    => $::pacemaker::pcmk_sysconfig,

manifests/remote.pp

@@ -36,6 +36,10 @@
 #   (optional) Enable pcsd debugging
 #   Defaults to false
 #
+# [*pcsd_bind_addr*]
+#   (optional) List of IP addresses pcsd should bind to
+#   Defaults to undef
+#
 # [*tls_priorities*]
 #   (optional) Sets PCMK_tls_priorities in /etc/sysconfig/pacemaker when set
 #   Defaults to undef
@@ -47,6 +51,7 @@ class pacemaker::remote (
   $pcs_password    = undef,
   $manage_fw       = true,
   $pcsd_debug      = false,
+  $pcsd_bind_addr  = undef,
   $tls_priorities  = undef,
 ) {
   include ::pacemaker::params
@@ -69,6 +74,7 @@ class pacemaker::remote (
         provider => 'ip6tables',
       }
     }
+
     $pcsd_debug_str = bool2str($pcsd_debug)
     file_line { 'pcsd_debug_ini':
       path    => $::pacemaker::params::pcsd_sysconfig,
@@ -78,6 +84,29 @@ class pacemaker::remote (
       before  => Service['pcsd'],
       notify  => Service['pcsd'],
     }
+
+    if $pcsd_bind_addr != undef {
+      file_line { 'pcsd_bind_addr':
+        path    => $::pacemaker::pcsd_sysconfig,
+        line    => "PCSD_BIND_ADDR='${pcsd_bind_addr}'",
+        match   => '^PCSD_BIND_ADDR=',
+        require => Class['::pacemaker::install'],
+        before  => Service['pcsd'],
+        notify  => Service['pcsd'],
+      }
+    }
+    else {
+      file_line { 'pcsd_bind_addr':
+        ensure            => absent,
+        path              => $::pacemaker::params::pcsd_sysconfig,
+        match             => '^PCSD_BIND_ADDR=*',
+        require           => Class['::pacemaker::install'],
+        before            => Service['pcsd'],
+        notify            => Service['pcsd'],
+        match_for_absence => true,
+      }
+    }
+
     if $tls_priorities != undef {
       file_line { 'tls_priorities':
         path    => $::pacemaker::pcmk_sysconfig,
@@ -87,6 +116,7 @@ class pacemaker::remote (
         before  => Service['pcsd'],
       }
     }
+
     user { $pcs_user:
       password => pw_hash($pcs_password, 'SHA-512', fqdn_rand_string(10)),
       groups   => 'haclient',

releasenotes/notes/pcsd_bind_addr-2e4c6da53262f72a.yaml

@@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Add support to configure bind address for pcsd.