Fix memcached firewall condition
The conditions should have used map_merge, this simplifies them a lot, by passing a list to dport key. Change-Id: I15cb1f3bbc9e1be90265feab5bfed7f28c1cb1f3 Closes-Bug: #1918891 Co-authored-By: yatinkarel <ykarel@redhat.com>
This commit is contained in:
Grzegorz Grasza
parent
79ba15bf38
commit
2ee68bf9a7
|
|
@ -137,36 +137,25 @@ outputs:
|
|||
- {get_param: [ServiceNetMap, MemcachedNetwork]}
|
||||
template:
|
||||
'121 memcached <%net_cidr%>':
|
||||
dport: {get_param: MemcachedPort}
|
||||
dport:
|
||||
list_concat:
|
||||
- - {get_param: MemcachedPort}
|
||||
- if:
|
||||
- enable_non_tls_port
|
||||
- [11211]
|
||||
- []
|
||||
proto: 'tcp'
|
||||
source: <%net_cidr%>
|
||||
- '121 memcached':
|
||||
dport: {get_param: MemcachedPort}
|
||||
dport:
|
||||
list_concat:
|
||||
- - {get_param: MemcachedPort}
|
||||
- if:
|
||||
- enable_non_tls_port
|
||||
- [11211]
|
||||
- []
|
||||
proto: 'tcp'
|
||||
source: {get_param: MemcachedIpSubnet}
|
||||
if:
|
||||
- and: [memcached_network_unset, enable_non_tls_port]
|
||||
- map_merge:
|
||||
repeat:
|
||||
for_each:
|
||||
<%net_cidr%>:
|
||||
get_param:
|
||||
- ServiceData
|
||||
- net_cidr_map
|
||||
- {get_param: [ServiceNetMap, MemcachedNetwork]}
|
||||
template:
|
||||
'121 memcached <%net_cidr%>':
|
||||
dport: 11211
|
||||
proto: 'tcp'
|
||||
source: <%net_cidr%>
|
||||
- {}
|
||||
if:
|
||||
- and: [{not: memcached_network_unset}, enable_non_tls_port]
|
||||
- '121 memcached':
|
||||
dport: 11211
|
||||
proto: 'tcp'
|
||||
source: {get_param: MemcachedIpSubnet}
|
||||
- {}
|
||||
monitoring_subscription: {get_param: MonitoringSubscriptionMemcached}
|
||||
config_settings:
|
||||
map_merge:
|
||||
|
|
|
|||
Loading…
Reference in New Issue