Make memcache also listen to localhost

Currently memcache only listens to the internal_api IP. We want to make it listen to both localhost and internal_api IP because in the future some services on some roles may want to just use the localhost memcached instance instead of the using multiple memcached servers over the network as it is the case currently. As suggested by Takashi we check the ip version in MemcachedNetwork in order to decide if we should listen to ::1 or 127.0.0.1 Change-Id: I6ea989ae546ef344a9b3d2dd6c86a49822efc6e2
2020-10-27 16:38:44 +01:00 · 2020-10-27 16:38:44 +01:00 · acf08419bc
commit acf08419bc
parent 55c16307ca
1 changed files with 22 additions and 10 deletions
--- a/deployment/memcached/memcached-container-puppet.yaml
+++ b/deployment/memcached/memcached-container-puppet.yaml
@ -75,6 +75,10 @@ conditions:
      - equals: [{get_param: MemcachedDebug}, 'true']
      - equals: [{get_param: MemcachedDebug}, 'True']
      - equals: [{get_param: Debug}, true]
+  is_ipv6:
+    equals:
+      - {get_param: [ServiceData, net_ip_version_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+      - 6

 resources:

@ -121,17 +125,25 @@ outputs:
            # internal_api_uri -> [IP]
            # internal_api_subnet - > IP/CIDR
            memcached::listen_ip:
-              str_replace:
-                template:
-                  "%{hiera('$NETWORK')}"
-                params:
-                  $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
+              - if:
+                - is_ipv6
+                - '::1'
+                - '127.0.0.1'
+              - str_replace:
+                  template:
+                    "%{hiera('$NETWORK')}"
+                  params:
+                    $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
            memcached::listen_ip_uri:
-              str_replace:
-                template:
-                  "%{hiera('$NETWORK_uri')}"
-                params:
-                  $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
+              - if:
+                - is_ipv6
+                - '::1'
+                - '127.0.0.1'
+              - str_replace:
+                  template:
+                    "%{hiera('$NETWORK_uri')}"
+                  params:
+                    $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
            memcached::max_memory: {get_param: MemcachedMaxMemory}
            # https://access.redhat.com/security/cve/cve-2018-1000115
            # Only accept TCP to avoid spoofed traffic amplification DoS on UDP.