openstack/tripleo-heat-templates
Code Issues Proposed changes

Merge "Make memcache also listen to localhost"

Browse Source
This commit is contained in:
Zuul 2020-10-29 14:36:57 +00:00 committed by Gerrit Code Review
commit 5a96b94650
1 changed files with 22 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
deployment/memcached/memcached-container-puppet.yaml
View File

@ -75,6 +75,10 @@ conditions:
- equals: [{get_param: MemcachedDebug}, 'true'] - equals: [{get_param: MemcachedDebug}, 'true']
- equals: [{get_param: MemcachedDebug}, 'True'] - equals: [{get_param: MemcachedDebug}, 'True']
- equals: [{get_param: Debug}, true] - equals: [{get_param: Debug}, true]
is_ipv6:
equals:
- {get_param: [ServiceData, net_ip_version_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
- 6
resources: resources:
@ -121,17 +125,25 @@ outputs:
# internal_api_uri -> [IP] # internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR # internal_api_subnet - > IP/CIDR
memcached::listen_ip: memcached::listen_ip:
str_replace: - if:
template: - is_ipv6
"%{hiera('$NETWORK')}" - '::1'
params: - '127.0.0.1'
$NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]} - str_replace:
template:
"%{hiera('$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
memcached::listen_ip_uri: memcached::listen_ip_uri:
str_replace: - if:
template: - is_ipv6
"%{hiera('$NETWORK_uri')}" - '::1'
params: - '127.0.0.1'
$NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]} - str_replace:
template:
"%{hiera('$NETWORK_uri')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
memcached::max_memory: {get_param: MemcachedMaxMemory} memcached::max_memory: {get_param: MemcachedMaxMemory}
# https://access.redhat.com/security/cve/cve-2018-1000115 # https://access.redhat.com/security/cve/cve-2018-1000115
# Only accept TCP to avoid spoofed traffic amplification DoS on UDP. # Only accept TCP to avoid spoofed traffic amplification DoS on UDP.