Make sure we bind the rabbit inter-cluster to a specific interface

Currently the inter-cluster communication port listens to all ip
addresses:
tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 25631/beam.smp

In order to limit it to listen only to the network assigned to rabbitmq
we need to add the following:
{kernel, [
    ...
    {inet_dist_use_interface, {172,17,0,16}},
    ...
  ]}

In order to do the conversion from an ip address to the Erlang
representation we add a function that takes a string and returns a
converted output. The (~400 randomly generated) IPv6/4 addresses at [1]
have been parsed both via erl's built-in inet:parse_address() function
and our ruby implementation. All converted ip addresses resulted in the
same output [2], [3]. The only difference is that Erlang's parse_address()
considers network ip addresses (e.g. 10.0.0.0) invalid whereas the ruby
function does not. This should not be a problem as the use case here is
to bind a service to a specific ip address on an interface and if
anything we likely prefer the less strict behaviour, given that at least
in theory it is perfectly valid for an interface to have a network
address assigned to it.

[1] http://acksyn.org/files/tripleo/ip-addresses.txt
[2] http://acksyn.org/files/tripleo/ip-addresses-ruby.txt
[3] http://acksyn.org/files/tripleo/ip-addresses-erl.txt
Change-Id: I211c75b9bab25c545bcc7f90f34edebc92bba788
Partial-Bug: #1645898

lib/puppet/parser/functions/ip_to_erl_format.rb

@@ -0,0 +1,31 @@
+require 'ipaddr'
+
+# Custom function to convert an IP4/6 address from a string to the
+# erlang inet kernel format.
+# For example from "172.17.0.16" to {172,17,0,16}
+# See http://erlang.org/doc/man/kernel_app.html and http://erlang.org/doc/man/inet.html
+# for more information.
+module Puppet::Parser::Functions
+  newfunction(:ip_to_erl_format, :type => :rvalue, :doc => "Convert an IP address to the erlang inet format.") do |arg|
+    if arg[0].class != String
+      raise Puppet::ParseError, "Syntax error: #{arg[0]} must be a String"
+    end
+    ip = IPAddr.new arg[0]
+    output = '{'
+    if ip.ipv6?
+      split_char = ':'
+      base = 16
+    else
+      split_char = '.'
+      base = 10
+    end
+    # to_string() prints the canonicalized form
+    ip.to_string().split(split_char).each {
+      |x| output += x.to_i(base).to_s + ','
+    }
+    # Remove the last spurious comma
+    output = output.chomp(',')
+    output += '}'
+    return output
+  end
+end

manifests/profile/base/rabbitmq.pp

@@ -34,6 +34,11 @@
 #   (Optional) RabbitMQ environment.
 #   Defaults to hiera('rabbitmq_environment').
 #
+# [*inet_dist_interface*]
+#   (Optional) Address to bind the inter-cluster interface
+#   to. It is the inet_dist_use_interface option in the kernel variables
+#   Defaults to hiera('rabbitmq::interface', undef).
+#
 # [*nodes*]
 #   (Optional) Array of host(s) for RabbitMQ nodes.
 #   Defaults to hiera('rabbitmq_node_names', []).
@@ -44,12 +49,13 @@
 #   Defaults to hiera('step')
 #
 class tripleo::profile::base::rabbitmq (
-  $config_variables = hiera('rabbitmq_config_variables'),
-  $environment      = hiera('rabbitmq_environment'),
-  $ipv6             = str2bool(hiera('rabbit_ipv6', false)),
-  $kernel_variables = hiera('rabbitmq_kernel_variables'),
-  $nodes            = hiera('rabbitmq_node_names', []),
-  $step             = hiera('step'),
+  $config_variables    = hiera('rabbitmq_config_variables'),
+  $environment         = hiera('rabbitmq_environment'),
+  $ipv6                = str2bool(hiera('rabbit_ipv6', false)),
+  $kernel_variables    = hiera('rabbitmq_kernel_variables'),
+  $inet_dist_interface = hiera('rabbitmq::interface', undef),
+  $nodes               = hiera('rabbitmq_node_names', []),
+  $step                = hiera('step'),
 ) {
   # IPv6 environment, necessary for RabbitMQ.
   if $ipv6 {
@@ -60,6 +66,14 @@ class tripleo::profile::base::rabbitmq (
   } else {
     $rabbit_env = $environment
   }
+  if $inet_dist_interface {
+    $real_kernel_variables = merge(
+      $kernel_variables,
+      { 'inet_dist_use_interface' => ip_to_erl_format($inet_dist_interface) },
+    )
+  } else {
+    $real_kernel_variables = $kernel_variables
+  }
 
   $manage_service = hiera('rabbitmq::service_manage', true)
   if $step >= 1 {
@@ -68,7 +82,7 @@ class tripleo::profile::base::rabbitmq (
       class { '::rabbitmq':
         config_cluster          => $manage_service,
         cluster_nodes           => $nodes,
-        config_kernel_variables => $kernel_variables,
+        config_kernel_variables => $real_kernel_variables,
         config_variables        => $config_variables,
         environment_variables   => $rabbit_env,
       }

spec/functions/ip_to_erl_format_spec.rb

@@ -0,0 +1,11 @@
+require 'spec_helper'
+require 'puppet'
+
+describe 'ip_to_erl_format' do
+  it { should run.with_params('192.168.2.1').and_return('{192,168,2,1}') }
+  it { should run.with_params('0.0.0.0').and_return('{0,0,0,0}') }
+  it { should run.with_params('5a40:79cf:8251:5dc5:1624:3c03:3c04:9ba8').and_return('{23104,31183,33361,24005,5668,15363,15364,39848}') }
+  it { should run.with_params('fe80::204:acff:fe17:bf38').and_return('{65152,0,0,0,516,44287,65047,48952}') }
+  it { should run.with_params('::1:2').and_return('{0,0,0,0,0,0,1,2}') }
+  it { should run.with_params('192.256.0.0').and_raise_error(IPAddr::InvalidAddressError) }
+end