From 8e4c5065a60551f918b4e3764dfd77aa691d48ac Mon Sep 17 00:00:00 2001
From: Michele Baldessari <michele@acksyn.org>
Date: Mon, 30 Nov 2020 21:05:05 +0100
Subject: [PATCH] Fix nic selection when no nic is specified

This is a way to reinstate change
https://review.opendev.org/c/openstack/puppet-tripleo/+/761833 which was
supposed to remove a workaround for VIP selection on IPv6. Turns out
the workaround is still needed because the resource-agent for IPaddr2
is still problematic with IPv6:
https://bugzilla.redhat.com/show_bug.cgi?id=1902851

With this change we still force a nic when using ipv6 except in the
case a user specifies the nic via the tripleo::pacemaker::force_nic
hiera key.

Tested this and I can correctly bind the VIPs as expected:
    tripleo::pacemaker::force_nic: lo
    force_vip_nic_overrides:
      redis_vip: vlan20
      ovn_dbs_vip: vlan20

[root@controller-2 ~]# grep -ir ovn_dbs_v /etc/puppet/hieradata/
/etc/puppet/hieradata/all_nodes.json:    "ovn_dbs_vip": "172.17.1.107",
/etc/puppet/hieradata/extraconfig.json:        "ovn_dbs_vip": "vlan20",
[root@controller-2 ~]# ip -o a |grep 17.1.107/32
10: vlan20    inet 172.17.1.107/32 brd 172.17.1.255 scope global vlan20\
    valid_lft forever preferred_lft forever

Change-Id: I14bfaf0060093811cddf0cdd9a130b91a3cd0477
(cherry picked from commit c47aa021f06ed201918c7bcf75cdbc073fe665b8)
---
 manifests/pacemaker/haproxy_with_vip.pp       | 12 +++++++-----
 manifests/profile/pacemaker/ovn_dbs_bundle.pp | 10 +++++++++-
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/manifests/pacemaker/haproxy_with_vip.pp b/manifests/pacemaker/haproxy_with_vip.pp
index df001c1fd..559701176 100644
--- a/manifests/pacemaker/haproxy_with_vip.pp
+++ b/manifests/pacemaker/haproxy_with_vip.pp
@@ -75,18 +75,20 @@ define tripleo::pacemaker::haproxy_with_vip(
     if !is_ip_addresses($ip_address) {
       fail("Haproxy VIP: ${ip_address} is not a proper IP address.")
     }
-    if $nic != undef {
-      $nic_real = $nic
-    } else {
-      $nic_real = ''
-    }
     if is_ipv6_address($ip_address) {
       $netmask        = '128'
+      $vip_nic        = interface_for_ip($ip_address)
       $ipv6_addrlabel = '99'
     } else {
       $netmask        = '32'
+      $vip_nic        = ''
       $ipv6_addrlabel = ''
     }
+    if $nic != undef {
+      $nic_real = $nic
+    } else {
+      $nic_real = $vip_nic
+    }
 
     $haproxy_in_container = hiera('haproxy_docker', false)
     $constraint_target_name = $haproxy_in_container ? {
diff --git a/manifests/profile/pacemaker/ovn_dbs_bundle.pp b/manifests/profile/pacemaker/ovn_dbs_bundle.pp
index 35876b040..028c8c7cf 100644
--- a/manifests/profile/pacemaker/ovn_dbs_bundle.pp
+++ b/manifests/profile/pacemaker/ovn_dbs_bundle.pp
@@ -324,16 +324,24 @@ monitor interval=30s role=Slave timeout=${dbs_timeout}s",
         if $ovn_separate_vip {
           if is_ipv6_address($ovn_dbs_vip) {
             $netmask        = '128'
+            $vip_nic        = interface_for_ip($ovn_dbs_vip)
             $ipv6_addrlabel = '99'
           } else {
             $netmask        = '32'
+            $vip_nic        = ''
             $ipv6_addrlabel = ''
           }
 
+          if $ovn_dbs_vip_nic != undef {
+            $nic_real = $ovn_dbs_vip_nic
+          } else {
+            $nic_real = $vip_nic
+          }
+
           pacemaker::resource::ip { "${ovndb_vip_resource_name}":
             ip_address     => $ovn_dbs_vip,
             cidr_netmask   => $netmask,
-            nic            => $ovn_dbs_vip_nic,
+            nic            => $nic_real,
             ipv6_addrlabel => $ipv6_addrlabel,
             location_rule  => $ovn_dbs_location_rule,
             meta_params    => "resource-stickiness=INFINITY ${meta_params}",