From 7ee6cdec11e11d909f62575995a56e8cb0ea6d3f Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Mon, 9 Dec 2019 12:29:06 +0900
Subject: [PATCH] Make pcsd listen on PacemakerNetwork/PacemakerRemoteNetwork

Configure bind address for pcsd so that it listens on a specific
network instead of all available networks.

Closes-Bug: #1856626
Depends-on: https://review.opendev.org/#/c/700287
Change-Id: Icc78fb96b28cd7a036d958ba78b2075e7c241207
(cherry picked from commit 3056f25bd1763a773a1acbab0f465d0f5bf5b778)
---
 deployment/pacemaker/pacemaker-baremetal-puppet.yaml        | 6 ++++++
 deployment/pacemaker/pacemaker-remote-baremetal-puppet.yaml | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/deployment/pacemaker/pacemaker-baremetal-puppet.yaml b/deployment/pacemaker/pacemaker-baremetal-puppet.yaml
index 63c2a06274..7f719df8cc 100644
--- a/deployment/pacemaker/pacemaker-baremetal-puppet.yaml
+++ b/deployment/pacemaker/pacemaker-baremetal-puppet.yaml
@@ -144,6 +144,12 @@ outputs:
                   - {get_param: PcsdPassword}
                   - {get_param: [DefaultPasswords, pcsd_password]}
           tripleo::profile::base::pacemaker::remote_authkey: {get_param: PacemakerRemoteAuthkey}
+          tripleo::profile::base::pacemaker::pcsd_bind_addr:
+            str_replace:
+              template:
+                "%{hiera('$NETWORK')}"
+              params:
+                $NETWORK: {get_param: [ServiceNetMap, PacemakerNetwork]}
         -
           if:
           - pcmk_tls_priorities_empty
diff --git a/deployment/pacemaker/pacemaker-remote-baremetal-puppet.yaml b/deployment/pacemaker/pacemaker-remote-baremetal-puppet.yaml
index 4e1f512065..ee73a46e32 100644
--- a/deployment/pacemaker/pacemaker-remote-baremetal-puppet.yaml
+++ b/deployment/pacemaker/pacemaker-remote-baremetal-puppet.yaml
@@ -100,6 +100,12 @@ outputs:
         tripleo::fencing::deep_compare: true
         enable_fencing: {get_param: EnableFencing}
         tripleo::profile::base::pacemaker_remote::remote_authkey: {get_param: PacemakerRemoteAuthkey}
+        tripleo::profile::base::pacemaker_remote::pcsd_bind_addr:
+          str_replace:
+            template:
+              "%{hiera('$NETWORK')}"
+            params:
+              $NETWORK: {get_param: [ServiceNetMap, PacemakerRemoteNetwork]}
         pacemaker::corosync::manage_fw: false
         hacluster_pwd:
           yaql: