Initial support for IPv6

[macgreagoir]

Adds support for IPv6, but without requiring IPv6.

There are some known issues that should not break, or be broken by, this
commit:

• Manual is the only supportable provider for IPv6
• RFC 6761 (6.3), expecting localhost to resolve to both the IPv4 and
  IPv6 loopback addresses, is not always satisfied in Ubuntu builds
  (lp:1644009), but
• Ubuntu adds both IPv4 and IPv6 loopback addresses regardless of the
  version specified for lo in ENI, so loopback will resolve to a usable
  loopback address in any case
• Code to be revised when these issues are resolved in Ubuntu are
  commented with TODO(macgreagoir) IPv6. ...
• A bug around enabled-ha using existing machines (lp:1642618)
  requires a work-around for HA

QA steps:

• IPv4, simply bootstrap as usual
• IPv6
  • Build a machine with a working IPv6 address (which may require something like an IPv6 tunnel from Hurricane Electric) and no IPv4 addresses apart from loopback. (Feel welcome to contact me about this directly.)
  • Deploy to this machine with the manual provider
• The expected result is a working environment in both IP version cases (noting the HA bug with the manual provider)

[macgreagoir]

!!retry!!

[jameinel]

I have a couple of small tweaks, but I think the overall changes of switching to 'localhost' from '127.0.0.1' is all good.

I'm a little concerned still about machineLocal=true, and what actual addresses are getting filtered by the 'ip.IP4() == nil' check.

[jameinel]

This is just to improve the error messages, right?

[macgreagoir]

It is, aye. It's something I added for clarity in my own testing and thought was worth keeping.

[jameinel]

What do we do with the other IPv6 addresses?
Would it be more obvious if we did:

if ip.To6() != nil && ip.IsLinkLocalUnicast() ?

I almost wonder if for now we'd want to break this up into:

if ip.IP6() != nil {
if ip.IsLinkLocalUnicast() {
logger.Debugf("skipping observed IPv6 link-local...")
} else {
logger.Debugf("including ipv6 address %s")
}
}

[macgreagoir]

The net package doesn't have a direct check for IPv6, that I can see. To4() will tell us that we have a valid 4-byte representation, therefore an IPv4 address, but To16() can return a valid 16-byte address of either version, hence the use in this case filter out link-local but allow usable IPv6 addresses.

I could add our own checks for non-link-local IPv6 addresses to filter, but this does seem like code to maintain where we needn't. What do you think?

[jameinel]

Should this be a new section, rather than just adding to this scenario?

I feel like we should handle IPv4-only loopback as well, shouldn't we?

[macgreagoir]

I'm not sure this is still a likely use case. I see both versions everywhere.

[jameinel]

can you use a local variable so that the meaning of this makes more sense? When I read it at a glance it looks like we are only selecting IPv4 addresses.

allowMachineLocal := network.HostPortWithIPv4Address(hostPorts)

return network.SelectMongoHostPortsByScope(hostPorts, allowMachineLocal)

I'm still not 100% sold on using machine local. This feels more like "if we don't have a cloud-local then maybe we can fall back to localhost".
Given its the address we are putting into the replicaSet, it seems like it can't ever be right to give a link local address if you are ever actually in a peer group.

[macgreagoir]

I'm inclined to agree with you about the original, and continuing IPv4, behaviour. Falling back to loopback/localhost can seem like a bad idea for the replicaset config, though it doesn't cause a problem if HA is never enabled.

Can I suggest that this is machine-local question is a separate bug to be considered outside this change, as a new behaviour?

[macgreagoir]

Local variable done.

[jameinel]

The name sounds like it is returning a HostPort, maybe:

HostPortsHaveIPv4Address()

Not sure what name, but something that makes it clearer the function is returning a boolean.

[macgreagoir]

Done.

[jameinel]

This feels a bit chatty, might be better as Tracef.

[macgreagoir]

Done.

[jameinel]

Does this have anything to do with IPv6 or is it just a drive by that you encountered. Should we be tagging a bug about this so people can know where/when it was fixed?

[macgreagoir]

Fair call :-) I really don't like drive-by changes myself.

PR juju/juju#6624

[bz2]

!!retry!!

[macgreagoir]

!!retry!!

[bz2]

!!retry!!

[macgreagoir]

$$merge$$

[jujubot]

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

[jujubot]

Build failed: Tests failed
build url: http://juju-ci.vapour.ws:8080/job/github-merge-juju/9727

[macgreagoir]

@bz2 Thanks for the manual stop :-) I'll $$merge$$ with squash now.

[jujubot]

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju