Add support to configure pcsd bind address

Add support to configure pcsd bind address so that we can make pcsd listen on specific address instead of all interfaces on the node. Related-Bug: #1856626 Depends-on: https://review.opendev.org/#/c/697942 Depends-On: https://review.opendev.org/700250 Change-Id: I442b190b6fa429ee3a81fd2ea84ada6ed9bca7d2
2019-12-09 12:16:31 +09:00 · 2019-12-09 12:16:31 +09:00 · b5ee4bacac
parent 950caffea8
commit b5ee4bacac
2 changed files with 12 additions and 0 deletions
--- a/manifests/profile/base/pacemaker.pp
+++ b/manifests/profile/base/pacemaker.pp
@ -85,6 +85,10 @@
 #  (Optional) Boolean driving the Instance HA controlplane configuration
 #  Defaults to false
 #
+# [*pcsd_bind_addr*]
+#   (Optional) List of IP addresses pcsd should bind to
+#   Defaults to undef
+#
 # [*tls_priorities*]
 #   (optional) Sets PCMK_tls_priorities in /etc/sysconfig/pacemaker when set
 #   Defaults to hiera('tripleo::pacemaker::tls_priorities', undef)
@ -106,6 +110,7 @@ class tripleo::profile::base::pacemaker (
  $encryption                = true,
  $resource_op_defaults      = undef,
  $enable_instanceha         = hiera('tripleo::instanceha', false),
+  $pcsd_bind_addr            = undef,
  $tls_priorities            = hiera('tripleo::pacemaker::tls_priorities', undef),
 ) {

@ -172,6 +177,7 @@ class tripleo::profile::base::pacemaker (
      cluster_setup_extras => $cluster_setup_extras,
      remote_authkey       => $remote_authkey,
      cluster_members_addr => $pacemaker_node_ips_real,
+      pcsd_bind_addr       => $pcsd_bind_addr,
      tls_priorities       => $tls_priorities,
    }
    if str2bool(hiera('docker_enabled', false)) {
--- a/manifests/profile/base/pacemaker_remote.pp
+++ b/manifests/profile/base/pacemaker_remote.pp
@ -40,6 +40,10 @@
 #   (Optional) Whether or not to manage stonith devices for nodes
 #   Defaults to hiera('enable_fencing', false)
 #
+# [*pcsd_bind_addr*]
+#   (Optional) List of IP addresses pcsd should bind to
+#   Defaults to undef
+#
 # [*tls_priorities*]
 #   (optional) Sets PCMK_tls_priorities in /etc/sysconfig/pacemaker when set
 #   Defaults to hiera('tripleo::pacemaker::tls_priorities', undef)
@ -55,6 +59,7 @@ class tripleo::profile::base::pacemaker_remote (
  $pcs_user       = 'hacluster',
  $pcs_password   = hiera('hacluster_pwd', undef),
  $enable_fencing = hiera('enable_fencing', false),
+  $pcsd_bind_addr = undef,
  $tls_priorities = hiera('tripleo::pacemaker::tls_priorities', undef),
  $step           = Integer(hiera('step')),
 ) {
@ -66,6 +71,7 @@ class tripleo::profile::base::pacemaker_remote (
    pcs_password   => $pcs_password,
    remote_authkey => $remote_authkey,
    use_pcsd       => true,
+    pcsd_bind_addr => pcsd_bind_addr,
    tls_priorities => $tls_priorities,
  }
  if str2bool(hiera('docker_enabled', false)) {