From a8c159098373768b839a916d2d095d90c3529605 Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
Date: Thu, 17 Aug 2023 12:49:02 +0200
Subject: [PATCH] Respect haproxy_bind_internal_lb_vip_* variables

At the moment we assume that haproxy should be fine listening on
internal_lb_vip_address, but in real life deployments these are FQDN
and in case of using DNS RR, this assumption is invalid.

We can be smarter and check if haproxy_bind_internal_lb_vip_* variables
are defined, and fallback to previous behaviour if not.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-haproxy_server/+/852039
Change-Id: Ic0b9646d566425878930eb88745e35f9e6cc2e11
---
 inventory/group_vars/galera_all.yml                  |  6 +++++-
 inventory/group_vars/neutron_all/haproxy_service.yml | 12 ++++++++++--
 inventory/group_vars/nova_all/haproxy_service.yml    |  6 +++++-
 inventory/group_vars/rabbitmq_all.yml                |  6 +++++-
 inventory/group_vars/repo_all.yml                    |  6 +++++-
 5 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/inventory/group_vars/galera_all.yml b/inventory/group_vars/galera_all.yml
index 1349203313..9a03082cb5 100644
--- a/inventory/group_vars/galera_all.yml
+++ b/inventory/group_vars/galera_all.yml
@@ -58,7 +58,11 @@ haproxy_galera_service:
   haproxy_service_name: galera
   haproxy_backend_nodes: "{{ (groups['galera_all'] | default([]))[:1] }}"  # list expected
   haproxy_backup_nodes: "{{ (groups['galera_all'] | default([]))[1:] }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
   haproxy_port: 3306
   haproxy_check_port: 9200
   haproxy_balance_type: tcp
diff --git a/inventory/group_vars/neutron_all/haproxy_service.yml b/inventory/group_vars/neutron_all/haproxy_service.yml
index 7dc094eaae..5e9cde038f 100644
--- a/inventory/group_vars/neutron_all/haproxy_service.yml
+++ b/inventory/group_vars/neutron_all/haproxy_service.yml
@@ -32,7 +32,11 @@ haproxy_neutron_server_service:
 haproxy_opendaylight_neutron_service:
   haproxy_service_name: opendaylight-neutron
   haproxy_backend_nodes: "{{ groups['neutron_server'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
   haproxy_port: 8180
   haproxy_balance_type: tcp
   haproxy_timeout_client: 5000s
@@ -43,7 +47,11 @@ haproxy_opendaylight_neutron_service:
 haproxy_opendaylight_websocket_service:
   haproxy_service_name: opendaylight-websocket
   haproxy_backend_nodes: "{{ groups['neutron_server'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
   haproxy_port: 8185
   haproxy_balance_type: tcp
   haproxy_timeout_client: 5000s
diff --git a/inventory/group_vars/nova_all/haproxy_service.yml b/inventory/group_vars/nova_all/haproxy_service.yml
index 9ce0828a35..ab28a346d9 100644
--- a/inventory/group_vars/nova_all/haproxy_service.yml
+++ b/inventory/group_vars/nova_all/haproxy_service.yml
@@ -24,7 +24,11 @@ haproxy_nova_metadata_allowlist_networks: "{{ haproxy_allowlist_networks }}"
 haproxy_nova_api_metadata_service:
   haproxy_service_name: nova_api_metadata
   haproxy_backend_nodes: "{{ groups['nova_api_metadata'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
   haproxy_port: 8775
   haproxy_ssl: "{{ haproxy_ssl_all_vips }}"
   haproxy_balance_type: http
diff --git a/inventory/group_vars/rabbitmq_all.yml b/inventory/group_vars/rabbitmq_all.yml
index 5611c3ca8b..8d94dc7a8b 100644
--- a/inventory/group_vars/rabbitmq_all.yml
+++ b/inventory/group_vars/rabbitmq_all.yml
@@ -41,7 +41,11 @@ haproxy_rabbitmq_service:
   haproxy_ssl: "{{ rabbitmq_management_ssl | bool }}"
   haproxy_backend_ssl: "{{ rabbitmq_management_ssl | bool }}"
   haproxy_backend_ca: False
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
   haproxy_port: "{{ (rabbitmq_management_ssl | bool) | ternary(15671, 15672) }}"
   haproxy_balance_type: http
   haproxy_backend_options:
diff --git a/inventory/group_vars/repo_all.yml b/inventory/group_vars/repo_all.yml
index cb2c34c037..49b9a615d9 100644
--- a/inventory/group_vars/repo_all.yml
+++ b/inventory/group_vars/repo_all.yml
@@ -34,7 +34,11 @@ openstack_repo_server_enable_glusterfs: True
 haproxy_repo_service:
   haproxy_service_name: repo_all
   haproxy_backend_nodes: "{{ groups['repo_all'] | default([]) }}"
-  haproxy_bind: "{{ [haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address)] }}"
+  haproxy_bind: >-
+    {{ [{
+          'address': haproxy_bind_internal_lb_vip_address | default(internal_lb_vip_address),
+          'interface': haproxy_bind_internal_lb_vip_interface | default('')
+    }] }}
   haproxy_port: 8181
   haproxy_ssl: "{{ haproxy_ssl_all_vips }}"
   haproxy_balance_type: http