From 3401a9bfd60dabd1906ecd5dbd162818b99a3a5d Mon Sep 17 00:00:00 2001
From: Bernard Landon <bernard@lndn.ch>
Date: Mon, 3 Jun 2024 17:53:55 +0200
Subject: [PATCH] cephadm/services/ingress: fixed keepalived config bug

In some special conditions, such as ingress service reconfiguration,
cepham would list the network IPs and pick the VIP as the unicast IP of the peer.
It would then generate buggy keepalived config causing service misbehavior.

Fixes: https://tracker.ceph.com/issues/66507
Signed-off-by: Bernard Landon <bernard@lndn.ch>
(cherry picked from commit 1513c0d1cf30fdab584be0aa979f5c4fe31a7a6d)
---
 src/pybind/mgr/cephadm/services/ingress.py    | 10 ++++++++--
 src/pybind/mgr/cephadm/tests/test_services.py |  7 +++++--
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/pybind/mgr/cephadm/services/ingress.py b/src/pybind/mgr/cephadm/services/ingress.py
index e46fab732ed..23639f75c73 100644
--- a/src/pybind/mgr/cephadm/services/ingress.py
+++ b/src/pybind/mgr/cephadm/services/ingress.py
@@ -260,7 +260,10 @@ class IngressService(CephService):
             for subnet, ifaces in self.mgr.cache.networks.get(host, {}).items():
                 if ifaces and ipaddress.ip_address(bare_ip) in ipaddress.ip_network(subnet):
                     interface = list(ifaces.keys())[0]
-                    host_ip = ifaces[interface][0]
+                    for ip_addr in ifaces[interface]:
+                        if ip_addr != str(bare_ip):
+                            host_ip = ip_addr
+                            break
                     logger.info(
                         f'{bare_ip} is in {subnet} on {host} interface {interface}'
                     )
@@ -270,7 +273,10 @@ class IngressService(CephService):
                 for subnet, ifaces in self.mgr.cache.networks.get(host, {}).items():
                     if subnet in spec.virtual_interface_networks:
                         interface = list(ifaces.keys())[0]
-                        host_ip = ifaces[interface][0]
+                        for ip_addr in ifaces[interface]:
+                            if ip_addr != str(bare_ip):
+                                host_ip = ip_addr
+                                break
                         logger.info(
                             f'{spec.virtual_ip} will be configured on {host} interface '
                             f'{interface} (which is in subnet {subnet})'
diff --git a/src/pybind/mgr/cephadm/tests/test_services.py b/src/pybind/mgr/cephadm/tests/test_services.py
index 1c152f31731..d5c314e4748 100644
--- a/src/pybind/mgr/cephadm/tests/test_services.py
+++ b/src/pybind/mgr/cephadm/tests/test_services.py
@@ -1846,7 +1846,10 @@ class TestIngressService:
         with with_host(cephadm_module, 'test', addr='1.2.3.7'):
             cephadm_module.cache.update_host_networks('test', {
                 '1.2.3.0/24': {
-                    'if0': ['1.2.3.4']
+                    'if0': [
+                        '1.2.3.4',  # simulate already assigned VIP
+                        '1.2.3.1',  # simulate interface IP
+                    ]
                 }
             })
 
@@ -1894,7 +1897,7 @@ class TestIngressService:
                                 'auth_type PASS\n      '
                                 'auth_pass 12345\n  '
                                 '}\n  '
-                                'unicast_src_ip 1.2.3.4\n  '
+                                'unicast_src_ip 1.2.3.1\n  '
                                 'unicast_peer {\n  '
                                 '}\n  '
                                 'virtual_ipaddress {\n    '
-- 
2.47.3