allow HAProxy to bind to a non-local IP address

This is needed since HAProxy will be running on each of our
load-balancer nodes, yet keepalived will ensure that our virtual IP
address exists on only one of our load-balancer nodes at any given time.

Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>

manifests/loadbalancer.pp

@@ -395,4 +395,10 @@ class cloud::loadbalancer(
     }
   }
 
+  # Allow HAProxy to bind to a non-local IP address
+  $haproxy_sysctl_settings = {
+    'net.ipv4.ip_nonlocal_bind' => { value => 1 }
+  }
+  create_resources(sysctl::value,$haproxy_sysctl_settings)
+
 }

spec/classes/cloud_loadbalancer_spec.rb

@@ -73,6 +73,12 @@ describe 'cloud::loadbalancer' do
       should contain_class('keepalived')
     end # configure keepalived server
 
+    it 'configure sysctl to allow HAproxy to bind to a non-local IP address' do
+      should contain_exec('exec_sysctl_net.ipv4.ip_nonlocal_bind').with_command(
+        'sysctl -w net.ipv4.ip_nonlocal_bind=1'
+      )
+    end
+
     context 'configure an internal VIP' do
       before do
         params.merge!(:keepalived_internal_ipvs => ['192.168.0.1'])