Puppet Class: profile::idp::memcached

Defined in:
modules/profile/manifests/idp/memcached.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • ensure (Wmflib::Ensure) (defaults to: lookup('profile::idp::memcached::ensure'))
  • idp_nodes (Array[Stdlib::Host]) (defaults to: lookup('profile::idp::memcached::idp_nodes'))
  • mcrouter_cluster (String[1]) (defaults to: lookup('profile::idp::memcached::mcrouter_cluster'))
  • enable_tls (Boolean) (defaults to: lookup('profile::idp::memcached::enable_tls'))
  • ssl_cert (Stdlib::Unixpath) (defaults to: lookup('profile::idp::memcached::ssl_cert'))
  • ssl_key (Stdlib::Unixpath) (defaults to: lookup('profile::idp::memcached::ssl_key')) 


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'modules/profile/manifests/idp/memcached.pp', line 2

class profile::idp::memcached (
    Wmflib::Ensure      $ensure           = lookup('profile::idp::memcached::ensure'),
    Array[Stdlib::Host] $idp_nodes        = lookup('profile::idp::memcached::idp_nodes'),
    String[1]           $mcrouter_cluster = lookup('profile::idp::memcached::mcrouter_cluster'),
    Boolean             $enable_tls       = lookup('profile::idp::memcached::enable_tls'),
    Stdlib::Unixpath    $ssl_cert         = lookup('profile::idp::memcached::ssl_cert'),
    Stdlib::Unixpath    $ssl_key          = lookup('profile::idp::memcached::ssl_key'),
) {
    class { 'memcached':
        enable_16  => debian::codename::eq('buster'),
        enable_tls => $enable_tls,
        ssl_cert   => $ssl_cert,
        ssl_key    => $ssl_key,
    }
    class { 'profile::prometheus::memcached_exporter': }

    $servers = $idp_nodes.map |Stdlib::Host $host| {
        ($host == $facts['fqdn']) ? {
            true    => "127.0.0.1:${memcached::port}:ascii:plain",
            default => "${host.ipresolve}:${memcached::port}:ascii:ssl",
        }
    }
    $pools = {$mcrouter_cluster => {'servers' => $servers}}
    $routes = [{
        'aliases' => [ "/${::site}/${mcrouter_cluster}/" ],
        'route'   => {
            'type'               => 'OperationSelectorRoute',
            'default_policy'     => "AllSyncRoute|Pool|${mcrouter_cluster}",
            'operation_policies' => {
                'get'    => "LatestRoute|Pool|${mcrouter_cluster}",
                'add'    => "AllSyncRoute|Pool|${mcrouter_cluster}",
                'delete' => "AllSyncRoute|Pool|${mcrouter_cluster}",
                'set'    => "AllSyncRoute|Pool|${mcrouter_cluster}",
            },
        },
    }]

    class {'mcrouter':
        ensure  => $ensure,
        region  => $::site,
        cluster => $mcrouter_cluster,
        pools   => $pools,
        routes  => $routes,
    }
    class {'profile::prometheus::mcrouter_exporter':
        mcrouter_port => $mcrouter::port,
    }

    firewall::service {'memcached':
        ensure  => $ensure,
        proto   => 'tcp',
        notrack => true,
        port    => $memcached::port,
        srange  => $apereo_cas::idp_nodes,
    }
}