From acf08419bc4a4076ecb24b79c3c5ef52825eeb6b Mon Sep 17 00:00:00 2001
From: Michele Baldessari <michele@acksyn.org>
Date: Tue, 27 Oct 2020 16:38:44 +0100
Subject: [PATCH] Make memcache also listen to localhost

Currently memcache only listens to the internal_api IP. We want to
make it listen to both localhost and internal_api IP because in the
future some services on some roles may want to just use the localhost
memcached instance instead of the using multiple memcached servers
over the network as it is the case currently.

As suggested by Takashi we check the ip version in MemcachedNetwork
in order to decide if we should listen to ::1 or 127.0.0.1

Change-Id: I6ea989ae546ef344a9b3d2dd6c86a49822efc6e2
---
 .../memcached/memcached-container-puppet.yaml | 32 +++++++++++++------
 1 file changed, 22 insertions(+), 10 deletions(-)

diff --git a/deployment/memcached/memcached-container-puppet.yaml b/deployment/memcached/memcached-container-puppet.yaml
index dce17197b5..d501998e02 100644
--- a/deployment/memcached/memcached-container-puppet.yaml
+++ b/deployment/memcached/memcached-container-puppet.yaml
@@ -75,6 +75,10 @@ conditions:
       - equals: [{get_param: MemcachedDebug}, 'true']
       - equals: [{get_param: MemcachedDebug}, 'True']
       - equals: [{get_param: Debug}, true]
+  is_ipv6:
+    equals:
+      - {get_param: [ServiceData, net_ip_version_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+      - 6
 
 resources:
 
@@ -121,17 +125,25 @@ outputs:
             # internal_api_uri -> [IP]
             # internal_api_subnet - > IP/CIDR
             memcached::listen_ip:
-              str_replace:
-                template:
-                  "%{hiera('$NETWORK')}"
-                params:
-                  $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
+              - if:
+                - is_ipv6
+                - '::1'
+                - '127.0.0.1'
+              - str_replace:
+                  template:
+                    "%{hiera('$NETWORK')}"
+                  params:
+                    $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
             memcached::listen_ip_uri:
-              str_replace:
-                template:
-                  "%{hiera('$NETWORK_uri')}"
-                params:
-                  $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
+              - if:
+                - is_ipv6
+                - '::1'
+                - '127.0.0.1'
+              - str_replace:
+                  template:
+                    "%{hiera('$NETWORK_uri')}"
+                  params:
+                    $NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
             memcached::max_memory: {get_param: MemcachedMaxMemory}
             # https://access.redhat.com/security/cve/cve-2018-1000115
             # Only accept TCP to avoid spoofed traffic amplification DoS on UDP.