From f0c17319a9d48ec63e620c3510220fb88557a0c0 Mon Sep 17 00:00:00 2001
From: Numan Siddique <nusiddiq@redhat.com>
Date: Wed, 4 Oct 2017 19:21:00 +0530
Subject: ovn HA: Enable ip_nonlocal_bind sysctl flag

In the case of ovn HA, the ovsdb-server's running in the cluster
try to open a TCP socket on the VIP.

Closes-bug: #1720761
Change-Id: I6f762534350a3f96696c87ccd2d14545dccc8a0b
(cherry picked from commit a6483f39f9767c40e6823c7f28526441a436560a)
---
 manifests/profile/pacemaker/ovn_dbs_bundle.pp | 7 +++++++
 manifests/profile/pacemaker/ovn_northd.pp     | 6 ++++++
 2 files changed, 13 insertions(+)

diff --git a/manifests/profile/pacemaker/ovn_dbs_bundle.pp b/manifests/profile/pacemaker/ovn_dbs_bundle.pp
index 8c287b1..a0fe736 100644
--- a/manifests/profile/pacemaker/ovn_dbs_bundle.pp
+++ b/manifests/profile/pacemaker/ovn_dbs_bundle.pp
@@ -71,6 +71,13 @@ class tripleo::profile::pacemaker::ovn_dbs_bundle (
   }
 
   if $step >= 3 {
+
+    # Allow non local bind, because all the ovsdb-server's running in the
+    # cluster try to open a TCP socket on the VIP.
+    ensure_resource('sysctl::value',  'net.ipv4.ip_nonlocal_bind', {
+      'value'=> 1,
+    })
+
     if $pacemaker_master {
       $ovndb_servers_resource_name = 'ovndb_servers'
       $ovndb_servers_ocf_name      = 'ovn:ovndb-servers'
diff --git a/manifests/profile/pacemaker/ovn_northd.pp b/manifests/profile/pacemaker/ovn_northd.pp
index 4f39a7b..7b081b7 100644
--- a/manifests/profile/pacemaker/ovn_northd.pp
+++ b/manifests/profile/pacemaker/ovn_northd.pp
@@ -61,6 +61,12 @@ class tripleo::profile::pacemaker::ovn_northd (
       tries    => $pcs_tries,
       node     => $::hostname,
     }
+
+    # Allow non local bind, because all the ovsdb-server's running in the
+    # cluster try to open a TCP socket on the VIP.
+    ensure_resource('sysctl::value',  'net.ipv4.ip_nonlocal_bind', {
+      'value'=> 1,
+    })
   }
 
   if $step >= 3 and downcase($::hostname) == $pacemaker_master {
-- 
cgit 1.2.3-korg