All templates for Gentoo, SUSE are removed. An old pre-systemd
template for debian/ubuntu is removed. And memcached.conf template
for redhat is renamed for consistency.
Change-Id: I1ac948e0244a5eb1036049bba970cfaf8cba3f8e
Keystone is experiencing memecached timeouts during tempest tests in
CI, and the memcached log is in excess of 20Mbytes. There will be a lot
of write pressure on this log during tempest tests and this patch reduces
the debug log level in an attempt to increase test reliability.
Change-Id: I7db0eb361fc6f09ce64690be2018bf8ed8204e0c
https://access.redhat.com/security/cve/cve-2018-1000115
Restrict Memcached to only work on TCP.
The configuration only binds memcached on localhost but in case it
changes, we'll prevent DDoS amplification attacks.
Change-Id: Ifc16c8a3229f5fc0f3651e714627b526e4338cfe
Closes-Bug: #1755063
This change lowers the default log level for memcached. currently with the
setting at -vv we're noticing a large spike in logs generated which could
fill up block devices on high traffic systems.
Change-Id: I3378f4cce3a082060f4b202034b48975040a79fe
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit updates the memcached_server role to work on Trusty,
Xenial, and CentOS 7.
NOTES:
1. This role no longer creates the memcache user since both Ubuntu and
CentOS already install a suitable user
2. We have temporarily disabled testing of the log file since CentOS and
Xenial do not log to file
3. On Ubuntu we drop ulimits into /etc/defaults/memcached, we need to
figure out how to do the equivalent on CentOS
4. We update tasks/memcached_config.yml to use the correct memcached
user in limits.conf, however neither these limits or the ones in
templates/memcached.debian.j2 actually seem to be taking effect.
More work in an additional review will need to be done to clean this
all up.
Implements: blueprint multi-platform-host
Change-Id: I4c32f3d60939615c5d0c6fb202e96aacb35ab9b4
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>